From 56861a19a3466342ed8a489b417c3630c9d61fed Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 14 Jun 2019 15:13:24 -0700
Subject: Add changelog

---
 changelogs/unreleased/maintainers-can-create-subgroup.yml | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changelogs/unreleased/maintainers-can-create-subgroup.yml

diff --git a/changelogs/unreleased/maintainers-can-create-subgroup.yml b/changelogs/unreleased/maintainers-can-create-subgroup.yml
new file mode 100644
index 00000000000..b537862c8af
--- /dev/null
+++ b/changelogs/unreleased/maintainers-can-create-subgroup.yml
@@ -0,0 +1,5 @@
+---
+title: Maintainers can crete subgroups
+merge_request: 29718
+author: Fabio Papa
+type: changed
-- 
cgit v1.2.1


From 1f07faa95a60983e4623845f451e89a5b2c92bbe Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 14 Jun 2019 15:16:55 -0700
Subject: Add failing feature spec detailing a maintainer creating a subgroup

- Change the two existing feature examples that create a subgroup to
  elucidate that the owner is creating the subgroup

- Nest two more specs inside the 'subgroup support' context detailing
  what happens when a maintainer attempts to add a subgroup (one with
  subgroup support, and one without)
---
 spec/features/groups/show_spec.rb | 61 ++++++++++++++++++++++++++++++---------
 1 file changed, 48 insertions(+), 13 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 9671a4d8c49..2654d06cd8c 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -56,32 +56,67 @@ describe 'Group show page' do
   end
 
   context 'subgroup support' do
-    let(:user) { create(:user) }
+    let(:owner) { create(:user) }
+    let(:maintainer) { create(:user) }
 
     before do
-      group.add_owner(user)
-      sign_in(user)
+      group.add_owner(owner)
+      group.add_maintainer(maintainer)
     end
 
-    context 'when subgroups are supported', :js, :nested_groups do
+    context 'for owners' do
       before do
-        allow(Group).to receive(:supports_nested_objects?) { true }
-        visit path
+        sign_in(owner)
       end
 
-      it 'allows creating subgroups' do
-        expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+      context 'when subgroups are supported', :js, :nested_groups do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+        end
+      end
+
+      context 'when subgroups are not supported' do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+        end
       end
     end
 
-    context 'when subgroups are not supported' do
+    context 'for maintainers' do
       before do
-        allow(Group).to receive(:supports_nested_objects?) { false }
-        visit path
+        sign_in(maintainer)
+      end
+
+      context 'when subgroups are supported', :js, :nested_groups do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+        end
       end
 
-      it 'allows creating subgroups' do
-        expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+      context 'when subgroups are not supported' do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+        end
       end
     end
   end
-- 
cgit v1.2.1


From 3cc3cf978f60b1a0f2c627345deef6f5e82254a0 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 11:07:17 -0700
Subject: Add failing unit test specifying a maintainer creating a subgroup

---
 spec/services/groups/create_service_spec.rb                  |  9 +++++++++
 .../shared_contexts/policies/group_policy_shared_context.rb  | 12 ++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index c5ff6cdbacd..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,3 +1,4 @@
+# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -87,6 +88,14 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
+
+      context 'as maintainer' do
+        before do
+          group.add_maintainer(user)
+        end
+
+        it { is_expected.to be_persisted }
+      end
     end
   end
 
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index b4808ac0068..b4b09d3295f 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -23,6 +23,15 @@ RSpec.shared_context 'GroupPolicy context' do
       create_projects
       read_cluster create_cluster update_cluster admin_cluster add_cluster
     ]
+    [
+      :create_projects,
+      :read_cluster,
+      :create_cluster,
+      :update_cluster,
+      :admin_cluster,
+      :add_cluster,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+    ].compact
   end
   let(:owner_permissions) do
     [
@@ -30,8 +39,7 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+      :set_note_created_at
     ].compact
   end
 
-- 
cgit v1.2.1


From 66b18427755fcc771267a9e3ca87c6d58db4496d Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 12:23:56 -0700
Subject: Update the group policy to allow >= maintainer to create subgroups

All specs passing
---
 app/policies/group_policy.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index ea86858181d..d92bcded19d 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -109,7 +109,7 @@ class GroupPolicy < BasePolicy
     enable :read_nested_project_resources
   end
 
-  rule { owner & nested_groups_supported }.enable :create_subgroup
+  rule { maintainer & nested_groups_supported }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
-- 
cgit v1.2.1


From 60a4cdc2e2cdb0a2de061a36ac83ff53e703cb16 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 13:22:12 -0700
Subject: Modify API spec to expect a maintainer to be able to create subgroup

---
 spec/requests/api/groups_spec.rb                                     | 4 ++--
 spec/support/shared_contexts/policies/group_policy_shared_context.rb | 4 ----
 2 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index b4b09d3295f..a40d3087f6e 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,10 +19,6 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    %i[
-      create_projects
-      read_cluster create_cluster update_cluster admin_cluster add_cluster
-    ]
     [
       :create_projects,
       :read_cluster,
-- 
cgit v1.2.1


From a113c5caba4007ff132f6cba01658b9e4cfc64b6 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 18:15:56 +0000
Subject: Apply suggestion to
 changelogs/unreleased/maintainers-can-create-subgroup.yml

---
 changelogs/unreleased/maintainers-can-create-subgroup.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changelogs/unreleased/maintainers-can-create-subgroup.yml b/changelogs/unreleased/maintainers-can-create-subgroup.yml
index b537862c8af..180f0f7247f 100644
--- a/changelogs/unreleased/maintainers-can-create-subgroup.yml
+++ b/changelogs/unreleased/maintainers-can-create-subgroup.yml
@@ -1,5 +1,5 @@
 ---
-title: Maintainers can crete subgroups
+title: Maintainers can create subgroups
 merge_request: 29718
 author: Fabio Papa
 type: changed
-- 
cgit v1.2.1


From a3064967327f7bf3069f3903bd20120d2d3a9ed9 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 25 Jun 2019 21:59:10 -0700
Subject: Add examples specing the setting to choose who can create subgroups

This setting is at the group level only. The default is specified to
be maintainers and owners.

**Specs only**, all failing.
---
 spec/controllers/admin/groups_controller_spec.rb   |  6 ++
 spec/factories/groups.rb                           |  1 +
 spec/features/groups/group_settings_spec.rb        |  8 +++
 spec/models/group_spec.rb                          |  8 +++
 spec/policies/group_policy_spec.rb                 | 70 ++++++++++++++++++++++
 .../policies/group_policy_shared_context.rb        | 16 ++---
 6 files changed, 99 insertions(+), 10 deletions(-)

diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 509d8944e3a..df11321537f 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -68,5 +68,11 @@ describe Admin::GroupsController do
         post :update, params: { id: group.to_param, group: { project_creation_level: ::Gitlab::Access::NO_ONE_PROJECT_ACCESS } }
       end.to change { group.reload.project_creation_level }.to(::Gitlab::Access::NO_ONE_PROJECT_ACCESS)
     end
+
+    it 'updates the subgroup_creation_level successfully' do
+      expect do
+        post :update, params: { id: group.to_param, group: { subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS } }
+      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
   end
 end
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 18a0c2ec731..2f50fbfe2fa 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,6 +5,7 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
+    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/features/groups/group_settings_spec.rb b/spec/features/groups/group_settings_spec.rb
index 5cef5f0521f..95534d5a2ba 100644
--- a/spec/features/groups/group_settings_spec.rb
+++ b/spec/features/groups/group_settings_spec.rb
@@ -85,6 +85,14 @@ describe 'Edit group settings' do
     end
   end
 
+  describe 'subgroup creation level menu' do
+    it 'shows the selection menu' do
+      visit edit_group_path(group)
+
+      expect(page).to have_content('Allowed to create subgroups')
+    end
+  end
+  
   describe 'edit group avatar' do
     before do
       visit edit_group_path(group)
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index d7accbef6bd..426e2526a01 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -1023,4 +1023,12 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
+
+  describe 'subgroup_creation_level' do
+    it 'outputs the default one if it is nil' do
+      group = create(:group, subgroup_creation_level: nil)
+
+      expect(group.subgroup_creation_level).to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
+  end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 59f3a961d50..aed9a8e34ff 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -163,6 +163,18 @@ describe GroupPolicy do
         expect_allowed(*updated_owner_permissions)
       end
     end
+
+    context 'maintainer' do
+      let(:current_user) { maintainer }
+
+      it 'allows every maintainer permission except creating subgroups' do
+        create_subgroup_permission = [:create_subgroup]
+        updated_maintainer_permissions = maintainer_permissions - create_subgroup_permission
+
+        expect_disallowed(*create_subgroup_permission)
+        expect_allowed(*updated_maintainer_permissions)
+      end
+    end
   end
 
   describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do
@@ -461,6 +473,64 @@ describe GroupPolicy do
     end
   end
 
+  context "create_subgroup" do
+    context 'when group has subgroup creation level set to owner' do
+      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+
+      context 'reporter' do
+        let(:current_user) { reporter }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'developer' do
+        let(:current_user) { developer }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'maintainer' do
+        let(:current_user) { maintainer }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'owner' do
+        let(:current_user) { owner }
+
+        it { is_expected.to be_allowed(:create_subgroup) }
+      end
+    end
+
+    context 'when group has subgroup creation level set to maintainer' do
+      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+
+      context 'reporter' do
+        let(:current_user) { reporter }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'developer' do
+        let(:current_user) { developer }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'maintainer' do
+        let(:current_user) { maintainer }
+
+        it { is_expected.to be_allowed(:create_subgroup) }
+      end
+
+      context 'owner' do
+        let(:current_user) { owner }
+
+        it { is_expected.to be_allowed(:create_subgroup) }
+      end
+    end
+  end
+
   it_behaves_like 'clusterable policies' do
     let(:clusterable) { create(:group) }
     let(:cluster) do
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index a40d3087f6e..b4808ac0068 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,15 +19,10 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    [
-      :create_projects,
-      :read_cluster,
-      :create_cluster,
-      :update_cluster,
-      :admin_cluster,
-      :add_cluster,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
-    ].compact
+    %i[
+      create_projects
+      read_cluster create_cluster update_cluster admin_cluster add_cluster
+    ]
   end
   let(:owner_permissions) do
     [
@@ -35,7 +30,8 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at
+      :set_note_created_at,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
     ].compact
   end
 
-- 
cgit v1.2.1


From a1b9ace31ee0d9c602cb266e9bf94f2e37b14ce7 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:46:48 -0700
Subject: Reset group policy to only allow >= owners to create subgroups

---
 app/policies/group_policy.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index d92bcded19d..ea86858181d 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -109,7 +109,7 @@ class GroupPolicy < BasePolicy
     enable :read_nested_project_resources
   end
 
-  rule { maintainer & nested_groups_supported }.enable :create_subgroup
+  rule { owner & nested_groups_supported }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
-- 
cgit v1.2.1


From 521d4c76db6d18468bdee6d28d5dc408c7c7a09f Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 13:49:27 -0700
Subject: Add a subgroup_creation_level column to the namespaces table

---
 ...6175626_add_group_creation_level_to_namespaces.rb | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
new file mode 100644
index 00000000000..b0ea74d4765
--- /dev/null
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+  disable_ddl_transaction!
+  
+  def up
+    unless column_exists?(:namespaces, :subgroup_creation_level)
+      add_column_with_default(:namespaces, :subgroup_creation_level, :integer, default: 0)
+    end
+  end
+
+  def down
+    if column_exists?(:namespaces, :subgroup_creation_level)
+      remove_column(:namespaces, :subgroup_creation_level)
+    end
+  end
+end
-- 
cgit v1.2.1


From 58e4c7fea3a4ffcccac77290bd54f1b59475af0e Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 13:39:04 -0700
Subject: Add constants representing Owner and Maintainer group access levels

---
 lib/gitlab/access.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/gitlab/access.rb b/lib/gitlab/access.rb
index 6eb08f674c2..77076ead47a 100644
--- a/lib/gitlab/access.rb
+++ b/lib/gitlab/access.rb
@@ -29,6 +29,10 @@ module Gitlab
     MAINTAINER_PROJECT_ACCESS = 1
     DEVELOPER_MAINTAINER_PROJECT_ACCESS = 2
 
+    # Default subgroup creation level
+    OWNER_SUBGROUP_ACCESS = 0
+    MAINTAINER_SUBGROUP_ACCESS = 1
+
     class << self
       delegate :values, to: :options
 
-- 
cgit v1.2.1


From 5f9bc7992d042eebd425ae3e0a6a3f35b73a7804 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 13:45:58 -0700
Subject: Add subgroup_creation_level to the list of allowed group params

For both groups_controller and admin/groups_controller
---
 app/controllers/admin/groups_controller.rb | 3 ++-
 app/controllers/groups_controller.rb       | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/controllers/admin/groups_controller.rb b/app/controllers/admin/groups_controller.rb
index 15f7ef881c8..6317fa7c8d1 100644
--- a/app/controllers/admin/groups_controller.rb
+++ b/app/controllers/admin/groups_controller.rb
@@ -90,7 +90,8 @@ class Admin::GroupsController < Admin::ApplicationController
       :visibility_level,
       :require_two_factor_authentication,
       :two_factor_grace_period,
-      :project_creation_level
+      :project_creation_level,
+      :subgroup_creation_level
     ]
   end
 end
diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb
index e936d771502..6bb72476959 100644
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -188,7 +188,8 @@ class GroupsController < Groups::ApplicationController
       :chat_team_name,
       :require_two_factor_authentication,
       :two_factor_grace_period,
-      :project_creation_level
+      :project_creation_level,
+      :subgroup_creation_level
     ]
   end
 
-- 
cgit v1.2.1


From 50bd9ddf2ec67594eb8c28f2c8fb5b262be2c515 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:11:09 -0700
Subject: Add "allowed to create subgroups" dropdown to group settings form

---
 app/views/groups/settings/_permissions.html.haml             | 1 +
 app/views/groups/settings/_subgroup_creation_level.html.haml | 3 +++
 lib/gitlab/access.rb                                         | 7 +++++++
 3 files changed, 11 insertions(+)
 create mode 100644 app/views/groups/settings/_subgroup_creation_level.html.haml

diff --git a/app/views/groups/settings/_permissions.html.haml b/app/views/groups/settings/_permissions.html.haml
index 0a14830c666..b5562198984 100644
--- a/app/views/groups/settings/_permissions.html.haml
+++ b/app/views/groups/settings/_permissions.html.haml
@@ -19,6 +19,7 @@
 
     = render 'groups/settings/lfs', f: f
     = render 'groups/settings/project_creation_level', f: f, group: @group
+    = render 'groups/settings/subgroup_creation_level', f: f, group: @group
     = render 'groups/settings/two_factor_auth', f: f
     = render_if_exists 'groups/member_lock_setting', f: f, group: @group
 
diff --git a/app/views/groups/settings/_subgroup_creation_level.html.haml b/app/views/groups/settings/_subgroup_creation_level.html.haml
new file mode 100644
index 00000000000..f36ad192bad
--- /dev/null
+++ b/app/views/groups/settings/_subgroup_creation_level.html.haml
@@ -0,0 +1,3 @@
+.form-group
+  = f.label s_('SubgroupCreationLevel|Allowed to create subgroups'), class: 'label-bold'
+  = f.select :subgroup_creation_level, options_for_select(::Gitlab::Access.subgroup_creation_options, group.subgroup_creation_level), {}, class: 'form-control'
diff --git a/lib/gitlab/access.rb b/lib/gitlab/access.rb
index 77076ead47a..7ef9f7ef630 100644
--- a/lib/gitlab/access.rb
+++ b/lib/gitlab/access.rb
@@ -110,6 +110,13 @@ module Gitlab
       def project_creation_level_name(name)
         project_creation_options.key(name)
       end
+
+      def subgroup_creation_options
+        {
+          s_('SubgroupCreationlevel|Owners') => OWNER_SUBGROUP_ACCESS,
+          s_('SubgroupCreationlevel|Maintainers') => MAINTAINER_SUBGROUP_ACCESS
+        }
+      end
     end
 
     def human_access
-- 
cgit v1.2.1


From 7bf0ce2283334752bd88a8eb63aa16e5b4b33864 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:17:24 -0700
Subject: Make the group model return maintainer level when it is not set

---
 app/models/group.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/models/group.rb b/app/models/group.rb
index dbec211935d..f32312c6f43 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -418,6 +418,10 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
+  def subgroup_creation_level
+    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   private
 
   def update_two_factor_requirement
-- 
cgit v1.2.1


From 075a6328813ee3733e23254d8e7540b59ec789c0 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 15:53:46 -0700
Subject: Add policy to allow maintainers to create subgroups when enabled

---
 app/policies/group_policy.rb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index ea86858181d..bd1eb02ca1f 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -43,6 +43,10 @@ class GroupPolicy < BasePolicy
     @subject.project_creation_level == ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS
   end
 
+  condition(:maintainer_can_create_group) do
+    @subject.subgroup_creation_level == ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   rule { public_group }.policy do
     enable :read_group
     enable :read_list
@@ -110,6 +114,7 @@ class GroupPolicy < BasePolicy
   end
 
   rule { owner & nested_groups_supported }.enable :create_subgroup
+  rule { maintainer & maintainer_can_create_group & nested_groups_supported }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
-- 
cgit v1.2.1


From 9caf32698110f9c3b7a861db86b994ddab8308a7 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 08:35:09 -0700
Subject: Add feature examples specing maintainers creating subgroups

Both with subgroup_creation_level set to owners and to maintainers.
Also fixed the naming of some other examples in the same spec as they
were contradicting what they were actually performing in the test.
These examples were probably copy/pasted, and not renamed.
---
 spec/features/groups/show_spec.rb | 22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 2654d06cd8c..68fa3f4e817 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -86,7 +86,7 @@ describe 'Group show page' do
           visit path
         end
 
-        it 'allows creating subgroups' do
+        it 'does not allow creating subgroups' do
           expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
@@ -103,8 +103,22 @@ describe 'Group show page' do
           visit path
         end
 
-        it 'allows creating subgroups' do
-          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+        context 'when subgroup_creation_level is set to maintainer' do
+          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+          
+          it 'allows creating subgroups' do
+            visit path
+            expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+          end
+        end
+
+        context 'when subgroup_creation_level is set to owners' do
+          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+
+          it 'does not allow creating subgroups' do
+            visit path
+            expect(page).not_to have_css("li[data-text='New subgroup']", visible: false)
+          end
         end
       end
 
@@ -114,7 +128,7 @@ describe 'Group show page' do
           visit path
         end
 
-        it 'allows creating subgroups' do
+        it 'does not allow creating subgroups' do
           expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
-- 
cgit v1.2.1


From e1d0a30b57ea8c225e719670a6a89f48e413ce9d Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 09:22:10 -0700
Subject: Update schema

---
 db/schema.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/db/schema.rb b/db/schema.rb
index 4ed7c0cb248..29367551efb 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20190611161641) do
+ActiveRecord::Schema.define(version: 20190626175626) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -1442,6 +1442,7 @@ ActiveRecord::Schema.define(version: 20190611161641) do
     t.integer "project_creation_level"
     t.boolean "auto_devops_enabled"
     t.datetime_with_timezone "last_ci_minutes_notification_at"
+    t.integer "subgroup_creation_level", default: 0, null: false
     t.index ["created_at"], name: "index_namespaces_on_created_at", using: :btree
     t.index ["name", "parent_id"], name: "index_namespaces_on_name_and_parent_id", unique: true, using: :btree
     t.index ["name"], name: "index_namespaces_on_name_trigram", using: :gin, opclasses: {"name"=>"gin_trgm_ops"}
-- 
cgit v1.2.1


From 65d4843421c7bdc1b571f2b72f8db1a64cf0834f Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 13:31:47 -0700
Subject: Style rules; Revert some examples

---
 ...75626_add_group_creation_level_to_namespaces.rb |  7 +++++--
 spec/controllers/admin/groups_controller_spec.rb   |  9 ++++++--
 spec/features/groups/group_settings_spec.rb        |  2 +-
 spec/features/groups/show_spec.rb                  | 24 +++++++++++++++-------
 spec/models/group_spec.rb                          |  3 ++-
 spec/policies/group_policy_spec.rb                 | 21 ++++++++++++++-----
 spec/requests/api/groups_spec.rb                   |  4 ++--
 spec/services/groups/create_service_spec.rb        |  4 ++--
 8 files changed, 52 insertions(+), 22 deletions(-)

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index b0ea74d4765..eed0ba25f27 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -5,10 +5,13 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
 
   DOWNTIME = false
   disable_ddl_transaction!
-  
+
   def up
     unless column_exists?(:namespaces, :subgroup_creation_level)
-      add_column_with_default(:namespaces, :subgroup_creation_level, :integer, default: 0)
+      add_column_with_default(:namespaces,
+                              :subgroup_creation_level,
+                              :integer,
+                              default: 0)
     end
   end
 
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index df11321537f..72f389513f8 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,9 +70,14 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
+      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+
       expect do
-        post :update, params: { id: group.to_param, group: { subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS } }
-      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+        post :update,
+             params: { id: group.to_param,
+                       group: { subgroup_creation_level: MAINTAINER } }
+      end.to change { group.reload.subgroup_creation_level }
+               .to(MAINTAINER)
     end
   end
 end
diff --git a/spec/features/groups/group_settings_spec.rb b/spec/features/groups/group_settings_spec.rb
index 95534d5a2ba..676769c25fe 100644
--- a/spec/features/groups/group_settings_spec.rb
+++ b/spec/features/groups/group_settings_spec.rb
@@ -92,7 +92,7 @@ describe 'Edit group settings' do
       expect(page).to have_content('Allowed to create subgroups')
     end
   end
-  
+
   describe 'edit group avatar' do
     before do
       visit edit_group_path(group)
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 68fa3f4e817..163906010fa 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -76,7 +76,8 @@ describe 'Group show page' do
         end
 
         it 'allows creating subgroups' do
-          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+          expect(page)
+            .to have_css("li[data-text='New subgroup']", visible: false)
         end
       end
 
@@ -87,7 +88,8 @@ describe 'Group show page' do
         end
 
         it 'does not allow creating subgroups' do
-          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+          expect(page)
+            .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
     end
@@ -104,8 +106,11 @@ describe 'Group show page' do
         end
 
         context 'when subgroup_creation_level is set to maintainer' do
-          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
-          
+          let(:group) do
+            create(:group,
+                   subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+          end
+
           it 'allows creating subgroups' do
             visit path
             expect(page).to have_css("li[data-text='New subgroup']", visible: false)
@@ -113,11 +118,15 @@ describe 'Group show page' do
         end
 
         context 'when subgroup_creation_level is set to owners' do
-          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+          let(:group) do
+            create(:group,
+                   subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+          end
 
           it 'does not allow creating subgroups' do
             visit path
-            expect(page).not_to have_css("li[data-text='New subgroup']", visible: false)
+            expect(page)
+              .not_to have_css("li[data-text='New subgroup']", visible: false)
           end
         end
       end
@@ -129,7 +138,8 @@ describe 'Group show page' do
         end
 
         it 'does not allow creating subgroups' do
-          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+          expect(page)
+            .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
     end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 426e2526a01..2b85b281d33 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -1028,7 +1028,8 @@ describe Group do
     it 'outputs the default one if it is nil' do
       group = create(:group, subgroup_creation_level: nil)
 
-      expect(group.subgroup_creation_level).to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      expect(group.subgroup_creation_level)
+        .to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index aed9a8e34ff..da186f63eca 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -145,7 +145,8 @@ describe GroupPolicy do
 
       it 'allows every owner permission except creating subgroups' do
         create_subgroup_permission = [:create_subgroup]
-        updated_owner_permissions = owner_permissions - create_subgroup_permission
+        updated_owner_permissions =
+          owner_permissions - create_subgroup_permission
 
         expect_disallowed(*create_subgroup_permission)
         expect_allowed(*updated_owner_permissions)
@@ -157,7 +158,8 @@ describe GroupPolicy do
 
       it 'allows every owner permission except creating subgroups' do
         create_subgroup_permission = [:create_subgroup]
-        updated_owner_permissions = owner_permissions - create_subgroup_permission
+        updated_owner_permissions =
+          owner_permissions - create_subgroup_permission
 
         expect_disallowed(*create_subgroup_permission)
         expect_allowed(*updated_owner_permissions)
@@ -169,7 +171,8 @@ describe GroupPolicy do
 
       it 'allows every maintainer permission except creating subgroups' do
         create_subgroup_permission = [:create_subgroup]
-        updated_maintainer_permissions = maintainer_permissions - create_subgroup_permission
+        updated_maintainer_permissions =
+          maintainer_permissions - create_subgroup_permission
 
         expect_disallowed(*create_subgroup_permission)
         expect_allowed(*updated_maintainer_permissions)
@@ -475,7 +478,11 @@ describe GroupPolicy do
 
   context "create_subgroup" do
     context 'when group has subgroup creation level set to owner' do
-      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+      let(:group) do
+        create(
+          :group,
+          subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+      end
 
       context 'reporter' do
         let(:current_user) { reporter }
@@ -503,7 +510,11 @@ describe GroupPolicy do
     end
 
     context 'when group has subgroup creation level set to maintainer' do
-      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+      let(:group) do
+        create(
+          :group,
+          subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      end
 
       context 'reporter' do
         let(:current_user) { reporter }
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index 52d926d5484..c41408fba65 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'can create subgroups' do
+        it 'cannot create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(201)
+          expect(response).to have_gitlab_http_status(403)
         end
       end
     end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..267ad529d3b 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as maintainer' do
+      context 'as Owner' do
         before do
-          group.add_maintainer(user)
+          group.add_owner(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From 3a1d9ce3a1ed86eb169c48896d290b9bf9a91af9 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 14:06:50 -0700
Subject: Remove an example that is no longer necessary

---
 spec/models/group_spec.rb | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 2b85b281d33..d7accbef6bd 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -1023,13 +1023,4 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
-
-  describe 'subgroup_creation_level' do
-    it 'outputs the default one if it is nil' do
-      group = create(:group, subgroup_creation_level: nil)
-
-      expect(group.subgroup_creation_level)
-        .to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
-    end
-  end
 end
-- 
cgit v1.2.1


From d9c6efceda827de6fa0b23bd9b4940b7914d646b Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 16:12:54 -0700
Subject: Make maintainers the default setting for creating subgroups

---
 app/models/group.rb       | 10 ++++++----
 spec/models/group_spec.rb |  8 ++++++++
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index f32312c6f43..f8be5f33be8 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,6 +58,8 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
+  before_create :default_subgroup_creation_level_to_maintainers
+
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -418,10 +420,6 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
-  def subgroup_creation_level
-    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
-
   private
 
   def update_two_factor_requirement
@@ -451,4 +449,8 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
+
+  def default_subgroup_creation_level_to_maintainers
+    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
 end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index d7accbef6bd..3a5ae14ab46 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -1023,4 +1023,12 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
+
+  describe 'subgroup_creation_level' do
+    it 'defaults to maintainers' do
+      group = create (:group)
+
+      expect(group.subgroup_creation_level).to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
+  end
 end
-- 
cgit v1.2.1


From f21c03c8e27932d957086a1ec2465d468fb387da Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 30 Jun 2019 14:40:23 -0700
Subject: Make subgroup_creation_level default to maintainer at SQL level

- Migration updates existing groups to "owner", then sets default to
  "maintainer" so that new groups will default to that
- Update spec examples
---
 ...75626_add_group_creation_level_to_namespaces.rb |  1 +
 db/schema.rb                                       |  2 +-
 spec/controllers/admin/groups_controller_spec.rb   |  7 ++--
 spec/factories/groups.rb                           |  5 ++-
 spec/features/groups/show_spec.rb                  | 17 ++++++---
 spec/models/group_spec.rb                          |  5 +--
 spec/policies/group_policy_spec.rb                 | 43 ++++++++++++++++++----
 spec/requests/api/groups_spec.rb                   |  4 +-
 .../policies/group_policy_shared_context.rb        |  2 +-
 9 files changed, 61 insertions(+), 25 deletions(-)

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index eed0ba25f27..85ac89af46e 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -12,6 +12,7 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
                               :subgroup_creation_level,
                               :integer,
                               default: 0)
+      change_column_default(:namespaces, :subgroup_creation_level, 1)
     end
   end
 
diff --git a/db/schema.rb b/db/schema.rb
index 29367551efb..683ee685372 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1442,7 +1442,7 @@ ActiveRecord::Schema.define(version: 20190626175626) do
     t.integer "project_creation_level"
     t.boolean "auto_devops_enabled"
     t.datetime_with_timezone "last_ci_minutes_notification_at"
-    t.integer "subgroup_creation_level", default: 0, null: false
+    t.integer "subgroup_creation_level", default: 1, null: false
     t.index ["created_at"], name: "index_namespaces_on_created_at", using: :btree
     t.index ["name", "parent_id"], name: "index_namespaces_on_name_and_parent_id", unique: true, using: :btree
     t.index ["name"], name: "index_namespaces_on_name_trigram", using: :gin, opclasses: {"name"=>"gin_trgm_ops"}
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 72f389513f8..398f587bafe 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,14 +70,13 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
       expect do
         post :update,
              params: { id: group.to_param,
-                       group: { subgroup_creation_level: MAINTAINER } }
-      end.to change { group.reload.subgroup_creation_level }
-               .to(MAINTAINER)
+                       group: { subgroup_creation_level: OWNER } }
+      end.to change { group.reload.subgroup_creation_level }.to(OWNER)
     end
   end
 end
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 2f50fbfe2fa..b67ab955ffc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,7 +5,6 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
-    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
@@ -46,5 +45,9 @@ FactoryBot.define do
     trait :auto_devops_disabled do
       auto_devops_enabled false
     end
+
+    trait :owner_subgroup_creation_only do
+      subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
+    end
   end
 end
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 163906010fa..48ba9064327 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -72,10 +72,11 @@ describe 'Group show page' do
       context 'when subgroups are supported', :js, :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
         it 'allows creating subgroups' do
+          visit path
+
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -84,10 +85,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
@@ -102,10 +104,9 @@ describe 'Group show page' do
       context 'when subgroups are supported', :js, :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
-        context 'when subgroup_creation_level is set to maintainer' do
+        context 'when subgroup_creation_level is set to maintainers' do
           let(:group) do
             create(:group,
                    subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
@@ -113,7 +114,9 @@ describe 'Group show page' do
 
           it 'allows creating subgroups' do
             visit path
-            expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+
+            expect(page)
+              .to have_css("li[data-text='New subgroup']", visible: false)
           end
         end
 
@@ -125,6 +128,7 @@ describe 'Group show page' do
 
           it 'does not allow creating subgroups' do
             visit path
+
             expect(page)
               .not_to have_css("li[data-text='New subgroup']", visible: false)
           end
@@ -134,10 +138,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 3a5ae14ab46..12b3bfdf015 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -1026,9 +1026,8 @@ describe Group do
 
   describe 'subgroup_creation_level' do
     it 'defaults to maintainers' do
-      group = create (:group)
-
-      expect(group.subgroup_creation_level).to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      expect(group.subgroup_creation_level)
+        .to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index da186f63eca..7fba62d2aa8 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -98,12 +98,38 @@ describe GroupPolicy do
   context 'maintainer' do
     let(:current_user) { maintainer }
 
-    it do
-      expect_allowed(*guest_permissions)
-      expect_allowed(*reporter_permissions)
-      expect_allowed(*developer_permissions)
-      expect_allowed(*maintainer_permissions)
-      expect_disallowed(*owner_permissions)
+    context 'with subgroup_creation level set to maintainer' do
+      let(:group) { create(:group,
+                           :private,
+                           subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+
+      it do
+        allow(Group).to receive(:supports_nested_objects?).and_return(true)
+
+        create_subgroup_permission = [:create_subgroup]
+        updated_maintainer_permissions =
+          maintainer_permissions + create_subgroup_permission
+        updated_owner_permissions =
+          owner_permissions - create_subgroup_permission
+
+        expect_allowed(*guest_permissions)
+        expect_allowed(*reporter_permissions)
+        expect_allowed(*developer_permissions)
+        expect_allowed(*updated_maintainer_permissions)
+        expect_disallowed(*updated_owner_permissions)
+      end
+    end
+
+    context 'with subgroup_creation_level set to owner' do
+      it do
+        allow(Group).to receive(:supports_nested_objects?).and_return(true)
+
+        expect_allowed(*guest_permissions)
+        expect_allowed(*reporter_permissions)
+        expect_allowed(*developer_permissions)
+        expect_allowed(*maintainer_permissions)
+        expect_disallowed(*owner_permissions)
+      end
     end
   end
 
@@ -181,7 +207,10 @@ describe GroupPolicy do
   end
 
   describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do
-    let(:nested_group) { create(:group, :private, parent: group) }
+    let(:nested_group) { create(:group,
+                                :private,
+                                :owner_subgroup_creation_only,
+                                parent: group) }
 
     before do
       nested_group.add_guest(guest)
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index b4808ac0068..74389c4d82b 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -7,7 +7,7 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:maintainer) { create(:user) }
   let(:owner) { create(:user) }
   let(:admin) { create(:admin) }
-  let(:group) { create(:group, :private) }
+  let(:group) { create(:group, :private, :owner_subgroup_creation_only) }
 
   let(:guest_permissions) do
     %i[
-- 
cgit v1.2.1


From 8309221555347d537cef74aad83ede4afc855074 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:00:34 -0700
Subject: Remove AR hook to set the default subgroup_creation_level

---
 app/models/group.rb | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index f8be5f33be8..dbec211935d 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,8 +58,6 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
-  before_create :default_subgroup_creation_level_to_maintainers
-
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -449,8 +447,4 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
-
-  def default_subgroup_creation_level_to_maintainers
-    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
 end
-- 
cgit v1.2.1


From fe438d0287ead7f07d9281261b5b079fd11147be Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:17:26 -0700
Subject: Clean up the show_spec examples previously added

---
 spec/features/groups/show_spec.rb | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 48ba9064327..ef0e885ee5f 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -56,27 +56,28 @@ describe 'Group show page' do
   end
 
   context 'subgroup support' do
+    let(:restricted_group) { create(:group,
+                                    subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+    let(:relaxed_group) { create(:group,
+                                 subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
     let(:owner) { create(:user) }
     let(:maintainer) { create(:user) }
 
-    before do
-      group.add_owner(owner)
-      group.add_maintainer(maintainer)
-    end
-
     context 'for owners' do
+      let(:path) { group_path(restricted_group) }
+
       before do
+        restricted_group.add_owner(owner)
         sign_in(owner)
       end
 
       context 'when subgroups are supported', :js, :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
         end
 
         it 'allows creating subgroups' do
-          visit path
-
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -85,11 +86,10 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
         end
 
         it 'does not allow creating subgroups' do
-          visit path
-
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
@@ -107,30 +107,30 @@ describe 'Group show page' do
         end
 
         context 'when subgroup_creation_level is set to maintainers' do
-          let(:group) do
-            create(:group,
-                   subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+          before do
+            relaxed_group.add_maintainer(maintainer)
+            path = group_path(relaxed_group)
+            visit path
           end
 
           it 'allows creating subgroups' do
-            visit path
-
             expect(page)
               .to have_css("li[data-text='New subgroup']", visible: false)
           end
         end
 
         context 'when subgroup_creation_level is set to owners' do
-          let(:group) do
-            create(:group,
-                   subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+          before do
+            restricted_group.add_maintainer(maintainer)
           end
 
           it 'does not allow creating subgroups' do
+            path = group_path(restricted_group)
             visit path
 
             expect(page)
-              .not_to have_css("li[data-text='New subgroup']", visible: false)
+              .not_to have_selector("li[data-text='New subgroup']",
+                                    visible: false)
           end
         end
       end
-- 
cgit v1.2.1


From a5175d618c11a62c97f16e484fd26cb5bae8153d Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:55:00 -0700
Subject: Fix group creat_service_spec to contain maintainer context

---
 spec/services/groups/create_service_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index 267ad529d3b..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as Owner' do
+      context 'as maintainer' do
         before do
-          group.add_owner(user)
+          group.add_maintainer(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From ca6640d2b28e1ec1049576fe2ae4a954cc598988 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:56:02 -0700
Subject: Add descriptions to examples

---
 spec/policies/group_policy_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 7fba62d2aa8..020b51f776e 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -103,7 +103,7 @@ describe GroupPolicy do
                            :private,
                            subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
 
-      it do
+      it 'allows every maintainer permission plus creating subgroups' do
         allow(Group).to receive(:supports_nested_objects?).and_return(true)
 
         create_subgroup_permission = [:create_subgroup]
@@ -121,7 +121,7 @@ describe GroupPolicy do
     end
 
     context 'with subgroup_creation_level set to owner' do
-      it do
+      it 'allows every maintainer permission' do
         allow(Group).to receive(:supports_nested_objects?).and_return(true)
 
         expect_allowed(*guest_permissions)
-- 
cgit v1.2.1


From f72757f808fc818da6faa5ae38e2cbab56558e2d Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 14 Jun 2019 15:13:24 -0700
Subject: Add changelog

---
 changelogs/unreleased/maintainers-can-create-subgroup.yml | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changelogs/unreleased/maintainers-can-create-subgroup.yml

diff --git a/changelogs/unreleased/maintainers-can-create-subgroup.yml b/changelogs/unreleased/maintainers-can-create-subgroup.yml
new file mode 100644
index 00000000000..b537862c8af
--- /dev/null
+++ b/changelogs/unreleased/maintainers-can-create-subgroup.yml
@@ -0,0 +1,5 @@
+---
+title: Maintainers can crete subgroups
+merge_request: 29718
+author: Fabio Papa
+type: changed
-- 
cgit v1.2.1


From c32b477ed876950593c82f06a6ed9d8cea69c170 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 14 Jun 2019 15:16:55 -0700
Subject: Add failing feature spec detailing a maintainer creating a subgroup

- Change the two existing feature examples that create a subgroup to
  elucidate that the owner is creating the subgroup

- Nest two more specs inside the 'subgroup support' context detailing
  what happens when a maintainer attempts to add a subgroup (one with
  subgroup support, and one without)
---
 spec/features/groups/show_spec.rb | 61 ++++++++++++++++++++++++++++++---------
 1 file changed, 48 insertions(+), 13 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 9671a4d8c49..2654d06cd8c 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -56,32 +56,67 @@ describe 'Group show page' do
   end
 
   context 'subgroup support' do
-    let(:user) { create(:user) }
+    let(:owner) { create(:user) }
+    let(:maintainer) { create(:user) }
 
     before do
-      group.add_owner(user)
-      sign_in(user)
+      group.add_owner(owner)
+      group.add_maintainer(maintainer)
     end
 
-    context 'when subgroups are supported', :js, :nested_groups do
+    context 'for owners' do
       before do
-        allow(Group).to receive(:supports_nested_objects?) { true }
-        visit path
+        sign_in(owner)
       end
 
-      it 'allows creating subgroups' do
-        expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+      context 'when subgroups are supported', :js, :nested_groups do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+        end
+      end
+
+      context 'when subgroups are not supported' do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+        end
       end
     end
 
-    context 'when subgroups are not supported' do
+    context 'for maintainers' do
       before do
-        allow(Group).to receive(:supports_nested_objects?) { false }
-        visit path
+        sign_in(maintainer)
+      end
+
+      context 'when subgroups are supported', :js, :nested_groups do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+        end
       end
 
-      it 'allows creating subgroups' do
-        expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+      context 'when subgroups are not supported' do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+        end
       end
     end
   end
-- 
cgit v1.2.1


From 97404196e0d89a2a72d96c127c0d6b9e8e450822 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 11:07:17 -0700
Subject: Add failing unit test specifying a maintainer creating a subgroup

---
 spec/services/groups/create_service_spec.rb                  |  9 +++++++++
 .../shared_contexts/policies/group_policy_shared_context.rb  | 12 ++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index c5ff6cdbacd..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,3 +1,4 @@
+# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -87,6 +88,14 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
+
+      context 'as maintainer' do
+        before do
+          group.add_maintainer(user)
+        end
+
+        it { is_expected.to be_persisted }
+      end
     end
   end
 
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index b4808ac0068..b4b09d3295f 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -23,6 +23,15 @@ RSpec.shared_context 'GroupPolicy context' do
       create_projects
       read_cluster create_cluster update_cluster admin_cluster add_cluster
     ]
+    [
+      :create_projects,
+      :read_cluster,
+      :create_cluster,
+      :update_cluster,
+      :admin_cluster,
+      :add_cluster,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+    ].compact
   end
   let(:owner_permissions) do
     [
@@ -30,8 +39,7 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+      :set_note_created_at
     ].compact
   end
 
-- 
cgit v1.2.1


From eb27c2b164418da3ed75052657b364b740505b51 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 12:23:56 -0700
Subject: Update the group policy to allow >= maintainer to create subgroups

All specs passing
---
 app/policies/group_policy.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index ea86858181d..d92bcded19d 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -109,7 +109,7 @@ class GroupPolicy < BasePolicy
     enable :read_nested_project_resources
   end
 
-  rule { owner & nested_groups_supported }.enable :create_subgroup
+  rule { maintainer & nested_groups_supported }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
-- 
cgit v1.2.1


From e5f7ef0e77c5ab11f753347711088c8117b5b5dd Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 13:22:12 -0700
Subject: Modify API spec to expect a maintainer to be able to create subgroup

---
 spec/requests/api/groups_spec.rb                                     | 4 ++--
 spec/support/shared_contexts/policies/group_policy_shared_context.rb | 4 ----
 2 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index b4b09d3295f..a40d3087f6e 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,10 +19,6 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    %i[
-      create_projects
-      read_cluster create_cluster update_cluster admin_cluster add_cluster
-    ]
     [
       :create_projects,
       :read_cluster,
-- 
cgit v1.2.1


From 0239fb86ae4ca77ce93555ca60a09ba6abd61b7d Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 25 Jun 2019 21:59:10 -0700
Subject: Add examples specing the setting to choose who can create subgroups

This setting is at the group level only. The default is specified to
be maintainers and owners.

**Specs only**, all failing.
---
 spec/controllers/admin/groups_controller_spec.rb   |  6 ++
 spec/factories/groups.rb                           |  1 +
 spec/features/groups/group_settings_spec.rb        |  8 +++
 spec/models/group_spec.rb                          |  8 +++
 spec/policies/group_policy_spec.rb                 | 70 ++++++++++++++++++++++
 .../policies/group_policy_shared_context.rb        | 16 ++---
 6 files changed, 99 insertions(+), 10 deletions(-)

diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 509d8944e3a..df11321537f 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -68,5 +68,11 @@ describe Admin::GroupsController do
         post :update, params: { id: group.to_param, group: { project_creation_level: ::Gitlab::Access::NO_ONE_PROJECT_ACCESS } }
       end.to change { group.reload.project_creation_level }.to(::Gitlab::Access::NO_ONE_PROJECT_ACCESS)
     end
+
+    it 'updates the subgroup_creation_level successfully' do
+      expect do
+        post :update, params: { id: group.to_param, group: { subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS } }
+      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
   end
 end
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 18a0c2ec731..2f50fbfe2fa 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,6 +5,7 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
+    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/features/groups/group_settings_spec.rb b/spec/features/groups/group_settings_spec.rb
index 5cef5f0521f..95534d5a2ba 100644
--- a/spec/features/groups/group_settings_spec.rb
+++ b/spec/features/groups/group_settings_spec.rb
@@ -85,6 +85,14 @@ describe 'Edit group settings' do
     end
   end
 
+  describe 'subgroup creation level menu' do
+    it 'shows the selection menu' do
+      visit edit_group_path(group)
+
+      expect(page).to have_content('Allowed to create subgroups')
+    end
+  end
+  
   describe 'edit group avatar' do
     before do
       visit edit_group_path(group)
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 470ce65707d..fd40061dd3a 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -994,4 +994,12 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
+
+  describe 'subgroup_creation_level' do
+    it 'outputs the default one if it is nil' do
+      group = create(:group, subgroup_creation_level: nil)
+
+      expect(group.subgroup_creation_level).to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
+  end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 59f3a961d50..aed9a8e34ff 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -163,6 +163,18 @@ describe GroupPolicy do
         expect_allowed(*updated_owner_permissions)
       end
     end
+
+    context 'maintainer' do
+      let(:current_user) { maintainer }
+
+      it 'allows every maintainer permission except creating subgroups' do
+        create_subgroup_permission = [:create_subgroup]
+        updated_maintainer_permissions = maintainer_permissions - create_subgroup_permission
+
+        expect_disallowed(*create_subgroup_permission)
+        expect_allowed(*updated_maintainer_permissions)
+      end
+    end
   end
 
   describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do
@@ -461,6 +473,64 @@ describe GroupPolicy do
     end
   end
 
+  context "create_subgroup" do
+    context 'when group has subgroup creation level set to owner' do
+      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+
+      context 'reporter' do
+        let(:current_user) { reporter }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'developer' do
+        let(:current_user) { developer }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'maintainer' do
+        let(:current_user) { maintainer }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'owner' do
+        let(:current_user) { owner }
+
+        it { is_expected.to be_allowed(:create_subgroup) }
+      end
+    end
+
+    context 'when group has subgroup creation level set to maintainer' do
+      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+
+      context 'reporter' do
+        let(:current_user) { reporter }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'developer' do
+        let(:current_user) { developer }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'maintainer' do
+        let(:current_user) { maintainer }
+
+        it { is_expected.to be_allowed(:create_subgroup) }
+      end
+
+      context 'owner' do
+        let(:current_user) { owner }
+
+        it { is_expected.to be_allowed(:create_subgroup) }
+      end
+    end
+  end
+
   it_behaves_like 'clusterable policies' do
     let(:clusterable) { create(:group) }
     let(:cluster) do
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index a40d3087f6e..b4808ac0068 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,15 +19,10 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    [
-      :create_projects,
-      :read_cluster,
-      :create_cluster,
-      :update_cluster,
-      :admin_cluster,
-      :add_cluster,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
-    ].compact
+    %i[
+      create_projects
+      read_cluster create_cluster update_cluster admin_cluster add_cluster
+    ]
   end
   let(:owner_permissions) do
     [
@@ -35,7 +30,8 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at
+      :set_note_created_at,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
     ].compact
   end
 
-- 
cgit v1.2.1


From 58c627c2dbba1b2e1bd80d688a77872dc341caeb Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:46:48 -0700
Subject: Reset group policy to only allow >= owners to create subgroups

---
 app/policies/group_policy.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index d92bcded19d..ea86858181d 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -109,7 +109,7 @@ class GroupPolicy < BasePolicy
     enable :read_nested_project_resources
   end
 
-  rule { maintainer & nested_groups_supported }.enable :create_subgroup
+  rule { owner & nested_groups_supported }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
-- 
cgit v1.2.1


From e55c85af81e9002ac48e7f7ea8235edc559b09ed Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 13:49:27 -0700
Subject: Add a subgroup_creation_level column to the namespaces table

---
 ...6175626_add_group_creation_level_to_namespaces.rb | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
new file mode 100644
index 00000000000..b0ea74d4765
--- /dev/null
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+  disable_ddl_transaction!
+  
+  def up
+    unless column_exists?(:namespaces, :subgroup_creation_level)
+      add_column_with_default(:namespaces, :subgroup_creation_level, :integer, default: 0)
+    end
+  end
+
+  def down
+    if column_exists?(:namespaces, :subgroup_creation_level)
+      remove_column(:namespaces, :subgroup_creation_level)
+    end
+  end
+end
-- 
cgit v1.2.1


From 1dbcc55b10ebba2a71afa0071128139b2118e576 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 13:39:04 -0700
Subject: Add constants representing Owner and Maintainer group access levels

---
 lib/gitlab/access.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/gitlab/access.rb b/lib/gitlab/access.rb
index 6eb08f674c2..77076ead47a 100644
--- a/lib/gitlab/access.rb
+++ b/lib/gitlab/access.rb
@@ -29,6 +29,10 @@ module Gitlab
     MAINTAINER_PROJECT_ACCESS = 1
     DEVELOPER_MAINTAINER_PROJECT_ACCESS = 2
 
+    # Default subgroup creation level
+    OWNER_SUBGROUP_ACCESS = 0
+    MAINTAINER_SUBGROUP_ACCESS = 1
+
     class << self
       delegate :values, to: :options
 
-- 
cgit v1.2.1


From 3991a992f49ddd6abd1f0ca317bfd21b190b9422 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 13:45:58 -0700
Subject: Add subgroup_creation_level to the list of allowed group params

For both groups_controller and admin/groups_controller
---
 app/controllers/admin/groups_controller.rb | 3 ++-
 app/controllers/groups_controller.rb       | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/controllers/admin/groups_controller.rb b/app/controllers/admin/groups_controller.rb
index 15f7ef881c8..6317fa7c8d1 100644
--- a/app/controllers/admin/groups_controller.rb
+++ b/app/controllers/admin/groups_controller.rb
@@ -90,7 +90,8 @@ class Admin::GroupsController < Admin::ApplicationController
       :visibility_level,
       :require_two_factor_authentication,
       :two_factor_grace_period,
-      :project_creation_level
+      :project_creation_level,
+      :subgroup_creation_level
     ]
   end
 end
diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb
index 797833e3f91..aff418faae5 100644
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -192,7 +192,8 @@ class GroupsController < Groups::ApplicationController
       :chat_team_name,
       :require_two_factor_authentication,
       :two_factor_grace_period,
-      :project_creation_level
+      :project_creation_level,
+      :subgroup_creation_level
     ]
   end
 
-- 
cgit v1.2.1


From 26c6e75d9ef48217eef4ce9ce3b09642e5a73a28 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:11:09 -0700
Subject: Add "allowed to create subgroups" dropdown to group settings form

---
 app/views/groups/settings/_permissions.html.haml             | 1 +
 app/views/groups/settings/_subgroup_creation_level.html.haml | 3 +++
 lib/gitlab/access.rb                                         | 7 +++++++
 3 files changed, 11 insertions(+)
 create mode 100644 app/views/groups/settings/_subgroup_creation_level.html.haml

diff --git a/app/views/groups/settings/_permissions.html.haml b/app/views/groups/settings/_permissions.html.haml
index 0da1f1ba7f5..d3375e00bad 100644
--- a/app/views/groups/settings/_permissions.html.haml
+++ b/app/views/groups/settings/_permissions.html.haml
@@ -20,6 +20,7 @@
     = render_if_exists 'groups/settings/ip_restriction', f: f, group: @group
     = render 'groups/settings/lfs', f: f
     = render 'groups/settings/project_creation_level', f: f, group: @group
+    = render 'groups/settings/subgroup_creation_level', f: f, group: @group
     = render 'groups/settings/two_factor_auth', f: f
     = render_if_exists 'groups/member_lock_setting', f: f, group: @group
 
diff --git a/app/views/groups/settings/_subgroup_creation_level.html.haml b/app/views/groups/settings/_subgroup_creation_level.html.haml
new file mode 100644
index 00000000000..f36ad192bad
--- /dev/null
+++ b/app/views/groups/settings/_subgroup_creation_level.html.haml
@@ -0,0 +1,3 @@
+.form-group
+  = f.label s_('SubgroupCreationLevel|Allowed to create subgroups'), class: 'label-bold'
+  = f.select :subgroup_creation_level, options_for_select(::Gitlab::Access.subgroup_creation_options, group.subgroup_creation_level), {}, class: 'form-control'
diff --git a/lib/gitlab/access.rb b/lib/gitlab/access.rb
index 77076ead47a..7ef9f7ef630 100644
--- a/lib/gitlab/access.rb
+++ b/lib/gitlab/access.rb
@@ -110,6 +110,13 @@ module Gitlab
       def project_creation_level_name(name)
         project_creation_options.key(name)
       end
+
+      def subgroup_creation_options
+        {
+          s_('SubgroupCreationlevel|Owners') => OWNER_SUBGROUP_ACCESS,
+          s_('SubgroupCreationlevel|Maintainers') => MAINTAINER_SUBGROUP_ACCESS
+        }
+      end
     end
 
     def human_access
-- 
cgit v1.2.1


From d4b2ff2e2295d8a40b019c4c3bc1e9669c89ed82 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:17:24 -0700
Subject: Make the group model return maintainer level when it is not set

---
 app/models/group.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/models/group.rb b/app/models/group.rb
index 8e89c7ecfb1..44bc6c8288a 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -414,6 +414,10 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
+  def subgroup_creation_level
+    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   private
 
   def update_two_factor_requirement
-- 
cgit v1.2.1


From 6d6897219af7bb3bea66c012c33e2588248cecb8 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 15:53:46 -0700
Subject: Add policy to allow maintainers to create subgroups when enabled

---
 app/policies/group_policy.rb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index ea86858181d..bd1eb02ca1f 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -43,6 +43,10 @@ class GroupPolicy < BasePolicy
     @subject.project_creation_level == ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS
   end
 
+  condition(:maintainer_can_create_group) do
+    @subject.subgroup_creation_level == ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   rule { public_group }.policy do
     enable :read_group
     enable :read_list
@@ -110,6 +114,7 @@ class GroupPolicy < BasePolicy
   end
 
   rule { owner & nested_groups_supported }.enable :create_subgroup
+  rule { maintainer & maintainer_can_create_group & nested_groups_supported }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
-- 
cgit v1.2.1


From 9a6cf8338ab8a98d49cc1c0612b04bb5f746a146 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 18:15:56 +0000
Subject: Apply suggestion to
 changelogs/unreleased/maintainers-can-create-subgroup.yml

---
 changelogs/unreleased/maintainers-can-create-subgroup.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changelogs/unreleased/maintainers-can-create-subgroup.yml b/changelogs/unreleased/maintainers-can-create-subgroup.yml
index b537862c8af..180f0f7247f 100644
--- a/changelogs/unreleased/maintainers-can-create-subgroup.yml
+++ b/changelogs/unreleased/maintainers-can-create-subgroup.yml
@@ -1,5 +1,5 @@
 ---
-title: Maintainers can crete subgroups
+title: Maintainers can create subgroups
 merge_request: 29718
 author: Fabio Papa
 type: changed
-- 
cgit v1.2.1


From 6dd6f98143f29695e7e4c767149f3a99beac7573 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 08:35:09 -0700
Subject: Add feature examples specing maintainers creating subgroups

Both with subgroup_creation_level set to owners and to maintainers.
Also fixed the naming of some other examples in the same spec as they
were contradicting what they were actually performing in the test.
These examples were probably copy/pasted, and not renamed.
---
 spec/features/groups/show_spec.rb | 22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 2654d06cd8c..68fa3f4e817 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -86,7 +86,7 @@ describe 'Group show page' do
           visit path
         end
 
-        it 'allows creating subgroups' do
+        it 'does not allow creating subgroups' do
           expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
@@ -103,8 +103,22 @@ describe 'Group show page' do
           visit path
         end
 
-        it 'allows creating subgroups' do
-          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+        context 'when subgroup_creation_level is set to maintainer' do
+          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+          
+          it 'allows creating subgroups' do
+            visit path
+            expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+          end
+        end
+
+        context 'when subgroup_creation_level is set to owners' do
+          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+
+          it 'does not allow creating subgroups' do
+            visit path
+            expect(page).not_to have_css("li[data-text='New subgroup']", visible: false)
+          end
         end
       end
 
@@ -114,7 +128,7 @@ describe 'Group show page' do
           visit path
         end
 
-        it 'allows creating subgroups' do
+        it 'does not allow creating subgroups' do
           expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
-- 
cgit v1.2.1


From 582495df08c4e8ba5efb0b63a96741da9a0b1869 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 09:22:10 -0700
Subject: Update schema

---
 db/schema.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/db/schema.rb b/db/schema.rb
index 8876be1cb34..4b2bb95d413 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -2112,6 +2112,7 @@ ActiveRecord::Schema.define(version: 20190628145246) do
     t.integer "extra_shared_runners_minutes_limit"
     t.string "ldap_sync_status", default: "ready", null: false
     t.boolean "membership_lock", default: false
+    t.integer "subgroup_creation_level", default: 0, null: false
     t.index ["created_at"], name: "index_namespaces_on_created_at", using: :btree
     t.index ["custom_project_templates_group_id", "type"], name: "index_namespaces_on_custom_project_templates_group_id_and_type", where: "(custom_project_templates_group_id IS NOT NULL)", using: :btree
     t.index ["file_template_project_id"], name: "index_namespaces_on_file_template_project_id", using: :btree
-- 
cgit v1.2.1


From 9470dc25d8639499dafbbd366eda00b359cbd417 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 13:31:47 -0700
Subject: Style rules; Revert some examples

---
 ...75626_add_group_creation_level_to_namespaces.rb |  7 +++++--
 spec/controllers/admin/groups_controller_spec.rb   |  9 ++++++--
 spec/features/groups/group_settings_spec.rb        |  2 +-
 spec/features/groups/show_spec.rb                  | 24 +++++++++++++++-------
 spec/models/group_spec.rb                          |  3 ++-
 spec/policies/group_policy_spec.rb                 | 21 ++++++++++++++-----
 spec/requests/api/groups_spec.rb                   |  4 ++--
 spec/services/groups/create_service_spec.rb        |  4 ++--
 8 files changed, 52 insertions(+), 22 deletions(-)

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index b0ea74d4765..eed0ba25f27 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -5,10 +5,13 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
 
   DOWNTIME = false
   disable_ddl_transaction!
-  
+
   def up
     unless column_exists?(:namespaces, :subgroup_creation_level)
-      add_column_with_default(:namespaces, :subgroup_creation_level, :integer, default: 0)
+      add_column_with_default(:namespaces,
+                              :subgroup_creation_level,
+                              :integer,
+                              default: 0)
     end
   end
 
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index df11321537f..72f389513f8 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,9 +70,14 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
+      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+
       expect do
-        post :update, params: { id: group.to_param, group: { subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS } }
-      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+        post :update,
+             params: { id: group.to_param,
+                       group: { subgroup_creation_level: MAINTAINER } }
+      end.to change { group.reload.subgroup_creation_level }
+               .to(MAINTAINER)
     end
   end
 end
diff --git a/spec/features/groups/group_settings_spec.rb b/spec/features/groups/group_settings_spec.rb
index 95534d5a2ba..676769c25fe 100644
--- a/spec/features/groups/group_settings_spec.rb
+++ b/spec/features/groups/group_settings_spec.rb
@@ -92,7 +92,7 @@ describe 'Edit group settings' do
       expect(page).to have_content('Allowed to create subgroups')
     end
   end
-  
+
   describe 'edit group avatar' do
     before do
       visit edit_group_path(group)
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 68fa3f4e817..163906010fa 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -76,7 +76,8 @@ describe 'Group show page' do
         end
 
         it 'allows creating subgroups' do
-          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+          expect(page)
+            .to have_css("li[data-text='New subgroup']", visible: false)
         end
       end
 
@@ -87,7 +88,8 @@ describe 'Group show page' do
         end
 
         it 'does not allow creating subgroups' do
-          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+          expect(page)
+            .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
     end
@@ -104,8 +106,11 @@ describe 'Group show page' do
         end
 
         context 'when subgroup_creation_level is set to maintainer' do
-          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
-          
+          let(:group) do
+            create(:group,
+                   subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+          end
+
           it 'allows creating subgroups' do
             visit path
             expect(page).to have_css("li[data-text='New subgroup']", visible: false)
@@ -113,11 +118,15 @@ describe 'Group show page' do
         end
 
         context 'when subgroup_creation_level is set to owners' do
-          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+          let(:group) do
+            create(:group,
+                   subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+          end
 
           it 'does not allow creating subgroups' do
             visit path
-            expect(page).not_to have_css("li[data-text='New subgroup']", visible: false)
+            expect(page)
+              .not_to have_css("li[data-text='New subgroup']", visible: false)
           end
         end
       end
@@ -129,7 +138,8 @@ describe 'Group show page' do
         end
 
         it 'does not allow creating subgroups' do
-          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+          expect(page)
+            .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
     end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index fd40061dd3a..6627177ad61 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -999,7 +999,8 @@ describe Group do
     it 'outputs the default one if it is nil' do
       group = create(:group, subgroup_creation_level: nil)
 
-      expect(group.subgroup_creation_level).to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      expect(group.subgroup_creation_level)
+        .to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index aed9a8e34ff..da186f63eca 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -145,7 +145,8 @@ describe GroupPolicy do
 
       it 'allows every owner permission except creating subgroups' do
         create_subgroup_permission = [:create_subgroup]
-        updated_owner_permissions = owner_permissions - create_subgroup_permission
+        updated_owner_permissions =
+          owner_permissions - create_subgroup_permission
 
         expect_disallowed(*create_subgroup_permission)
         expect_allowed(*updated_owner_permissions)
@@ -157,7 +158,8 @@ describe GroupPolicy do
 
       it 'allows every owner permission except creating subgroups' do
         create_subgroup_permission = [:create_subgroup]
-        updated_owner_permissions = owner_permissions - create_subgroup_permission
+        updated_owner_permissions =
+          owner_permissions - create_subgroup_permission
 
         expect_disallowed(*create_subgroup_permission)
         expect_allowed(*updated_owner_permissions)
@@ -169,7 +171,8 @@ describe GroupPolicy do
 
       it 'allows every maintainer permission except creating subgroups' do
         create_subgroup_permission = [:create_subgroup]
-        updated_maintainer_permissions = maintainer_permissions - create_subgroup_permission
+        updated_maintainer_permissions =
+          maintainer_permissions - create_subgroup_permission
 
         expect_disallowed(*create_subgroup_permission)
         expect_allowed(*updated_maintainer_permissions)
@@ -475,7 +478,11 @@ describe GroupPolicy do
 
   context "create_subgroup" do
     context 'when group has subgroup creation level set to owner' do
-      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+      let(:group) do
+        create(
+          :group,
+          subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+      end
 
       context 'reporter' do
         let(:current_user) { reporter }
@@ -503,7 +510,11 @@ describe GroupPolicy do
     end
 
     context 'when group has subgroup creation level set to maintainer' do
-      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+      let(:group) do
+        create(
+          :group,
+          subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      end
 
       context 'reporter' do
         let(:current_user) { reporter }
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index 52d926d5484..c41408fba65 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'can create subgroups' do
+        it 'cannot create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(201)
+          expect(response).to have_gitlab_http_status(403)
         end
       end
     end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..267ad529d3b 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as maintainer' do
+      context 'as Owner' do
         before do
-          group.add_maintainer(user)
+          group.add_owner(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From 23c549d4a38efc15a54ff7cc57e38a9aefb632f8 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 14:06:50 -0700
Subject: Remove an example that is no longer necessary

---
 spec/models/group_spec.rb | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 6627177ad61..470ce65707d 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -994,13 +994,4 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
-
-  describe 'subgroup_creation_level' do
-    it 'outputs the default one if it is nil' do
-      group = create(:group, subgroup_creation_level: nil)
-
-      expect(group.subgroup_creation_level)
-        .to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
-    end
-  end
 end
-- 
cgit v1.2.1


From a781822664a4f9c8edffaa1d75fec856b13bbb1a Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 16:12:54 -0700
Subject: Make maintainers the default setting for creating subgroups

---
 app/models/group.rb       | 10 ++++++----
 spec/models/group_spec.rb |  8 ++++++++
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 44bc6c8288a..47e7bf34ec8 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,6 +58,8 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
+  before_create :default_subgroup_creation_level_to_maintainers
+
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -414,10 +416,6 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
-  def subgroup_creation_level
-    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
-
   private
 
   def update_two_factor_requirement
@@ -447,4 +445,8 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
+
+  def default_subgroup_creation_level_to_maintainers
+    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
 end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 470ce65707d..9ae18d7bab7 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -994,4 +994,12 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
+
+  describe 'subgroup_creation_level' do
+    it 'defaults to maintainers' do
+      group = create (:group)
+
+      expect(group.subgroup_creation_level).to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
+  end
 end
-- 
cgit v1.2.1


From e93df68a442486dc08887773c4e96b055f013c57 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 30 Jun 2019 14:40:23 -0700
Subject: Make subgroup_creation_level default to maintainer at SQL level

- Migration updates existing groups to "owner", then sets default to
  "maintainer" so that new groups will default to that
- Update spec examples
---
 ...75626_add_group_creation_level_to_namespaces.rb |  1 +
 db/schema.rb                                       |  2 +-
 spec/controllers/admin/groups_controller_spec.rb   |  7 ++--
 spec/factories/groups.rb                           |  5 ++-
 spec/features/groups/show_spec.rb                  | 17 ++++++---
 spec/models/group_spec.rb                          |  5 +--
 spec/policies/group_policy_spec.rb                 | 43 ++++++++++++++++++----
 spec/requests/api/groups_spec.rb                   |  4 +-
 .../policies/group_policy_shared_context.rb        |  2 +-
 9 files changed, 61 insertions(+), 25 deletions(-)

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index eed0ba25f27..85ac89af46e 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -12,6 +12,7 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
                               :subgroup_creation_level,
                               :integer,
                               default: 0)
+      change_column_default(:namespaces, :subgroup_creation_level, 1)
     end
   end
 
diff --git a/db/schema.rb b/db/schema.rb
index 4b2bb95d413..e777cc575c0 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -2112,7 +2112,7 @@ ActiveRecord::Schema.define(version: 20190628145246) do
     t.integer "extra_shared_runners_minutes_limit"
     t.string "ldap_sync_status", default: "ready", null: false
     t.boolean "membership_lock", default: false
-    t.integer "subgroup_creation_level", default: 0, null: false
+    t.integer "subgroup_creation_level", default: 1, null: false
     t.index ["created_at"], name: "index_namespaces_on_created_at", using: :btree
     t.index ["custom_project_templates_group_id", "type"], name: "index_namespaces_on_custom_project_templates_group_id_and_type", where: "(custom_project_templates_group_id IS NOT NULL)", using: :btree
     t.index ["file_template_project_id"], name: "index_namespaces_on_file_template_project_id", using: :btree
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 72f389513f8..398f587bafe 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,14 +70,13 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
       expect do
         post :update,
              params: { id: group.to_param,
-                       group: { subgroup_creation_level: MAINTAINER } }
-      end.to change { group.reload.subgroup_creation_level }
-               .to(MAINTAINER)
+                       group: { subgroup_creation_level: OWNER } }
+      end.to change { group.reload.subgroup_creation_level }.to(OWNER)
     end
   end
 end
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 2f50fbfe2fa..b67ab955ffc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,7 +5,6 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
-    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
@@ -46,5 +45,9 @@ FactoryBot.define do
     trait :auto_devops_disabled do
       auto_devops_enabled false
     end
+
+    trait :owner_subgroup_creation_only do
+      subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
+    end
   end
 end
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 163906010fa..48ba9064327 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -72,10 +72,11 @@ describe 'Group show page' do
       context 'when subgroups are supported', :js, :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
         it 'allows creating subgroups' do
+          visit path
+
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -84,10 +85,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
@@ -102,10 +104,9 @@ describe 'Group show page' do
       context 'when subgroups are supported', :js, :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
-        context 'when subgroup_creation_level is set to maintainer' do
+        context 'when subgroup_creation_level is set to maintainers' do
           let(:group) do
             create(:group,
                    subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
@@ -113,7 +114,9 @@ describe 'Group show page' do
 
           it 'allows creating subgroups' do
             visit path
-            expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+
+            expect(page)
+              .to have_css("li[data-text='New subgroup']", visible: false)
           end
         end
 
@@ -125,6 +128,7 @@ describe 'Group show page' do
 
           it 'does not allow creating subgroups' do
             visit path
+
             expect(page)
               .not_to have_css("li[data-text='New subgroup']", visible: false)
           end
@@ -134,10 +138,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 9ae18d7bab7..c7fb0f51075 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -997,9 +997,8 @@ describe Group do
 
   describe 'subgroup_creation_level' do
     it 'defaults to maintainers' do
-      group = create (:group)
-
-      expect(group.subgroup_creation_level).to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      expect(group.subgroup_creation_level)
+        .to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index da186f63eca..7fba62d2aa8 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -98,12 +98,38 @@ describe GroupPolicy do
   context 'maintainer' do
     let(:current_user) { maintainer }
 
-    it do
-      expect_allowed(*guest_permissions)
-      expect_allowed(*reporter_permissions)
-      expect_allowed(*developer_permissions)
-      expect_allowed(*maintainer_permissions)
-      expect_disallowed(*owner_permissions)
+    context 'with subgroup_creation level set to maintainer' do
+      let(:group) { create(:group,
+                           :private,
+                           subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+
+      it do
+        allow(Group).to receive(:supports_nested_objects?).and_return(true)
+
+        create_subgroup_permission = [:create_subgroup]
+        updated_maintainer_permissions =
+          maintainer_permissions + create_subgroup_permission
+        updated_owner_permissions =
+          owner_permissions - create_subgroup_permission
+
+        expect_allowed(*guest_permissions)
+        expect_allowed(*reporter_permissions)
+        expect_allowed(*developer_permissions)
+        expect_allowed(*updated_maintainer_permissions)
+        expect_disallowed(*updated_owner_permissions)
+      end
+    end
+
+    context 'with subgroup_creation_level set to owner' do
+      it do
+        allow(Group).to receive(:supports_nested_objects?).and_return(true)
+
+        expect_allowed(*guest_permissions)
+        expect_allowed(*reporter_permissions)
+        expect_allowed(*developer_permissions)
+        expect_allowed(*maintainer_permissions)
+        expect_disallowed(*owner_permissions)
+      end
     end
   end
 
@@ -181,7 +207,10 @@ describe GroupPolicy do
   end
 
   describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do
-    let(:nested_group) { create(:group, :private, parent: group) }
+    let(:nested_group) { create(:group,
+                                :private,
+                                :owner_subgroup_creation_only,
+                                parent: group) }
 
     before do
       nested_group.add_guest(guest)
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index b4808ac0068..74389c4d82b 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -7,7 +7,7 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:maintainer) { create(:user) }
   let(:owner) { create(:user) }
   let(:admin) { create(:admin) }
-  let(:group) { create(:group, :private) }
+  let(:group) { create(:group, :private, :owner_subgroup_creation_only) }
 
   let(:guest_permissions) do
     %i[
-- 
cgit v1.2.1


From 832a598cf05b70cdff2eb081cd02e410849c39e2 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:00:34 -0700
Subject: Remove AR hook to set the default subgroup_creation_level

---
 app/models/group.rb | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 47e7bf34ec8..8e89c7ecfb1 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,8 +58,6 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
-  before_create :default_subgroup_creation_level_to_maintainers
-
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -445,8 +443,4 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
-
-  def default_subgroup_creation_level_to_maintainers
-    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
 end
-- 
cgit v1.2.1


From 128b5e33dbd4729f25bd3146c967861e814be9e6 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:17:26 -0700
Subject: Clean up the show_spec examples previously added

---
 spec/features/groups/show_spec.rb | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 48ba9064327..ef0e885ee5f 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -56,27 +56,28 @@ describe 'Group show page' do
   end
 
   context 'subgroup support' do
+    let(:restricted_group) { create(:group,
+                                    subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+    let(:relaxed_group) { create(:group,
+                                 subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
     let(:owner) { create(:user) }
     let(:maintainer) { create(:user) }
 
-    before do
-      group.add_owner(owner)
-      group.add_maintainer(maintainer)
-    end
-
     context 'for owners' do
+      let(:path) { group_path(restricted_group) }
+
       before do
+        restricted_group.add_owner(owner)
         sign_in(owner)
       end
 
       context 'when subgroups are supported', :js, :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
         end
 
         it 'allows creating subgroups' do
-          visit path
-
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -85,11 +86,10 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
         end
 
         it 'does not allow creating subgroups' do
-          visit path
-
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
@@ -107,30 +107,30 @@ describe 'Group show page' do
         end
 
         context 'when subgroup_creation_level is set to maintainers' do
-          let(:group) do
-            create(:group,
-                   subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+          before do
+            relaxed_group.add_maintainer(maintainer)
+            path = group_path(relaxed_group)
+            visit path
           end
 
           it 'allows creating subgroups' do
-            visit path
-
             expect(page)
               .to have_css("li[data-text='New subgroup']", visible: false)
           end
         end
 
         context 'when subgroup_creation_level is set to owners' do
-          let(:group) do
-            create(:group,
-                   subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+          before do
+            restricted_group.add_maintainer(maintainer)
           end
 
           it 'does not allow creating subgroups' do
+            path = group_path(restricted_group)
             visit path
 
             expect(page)
-              .not_to have_css("li[data-text='New subgroup']", visible: false)
+              .not_to have_selector("li[data-text='New subgroup']",
+                                    visible: false)
           end
         end
       end
-- 
cgit v1.2.1


From 849e87e8d2c955d91f55c38911b20574c839035a Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:55:00 -0700
Subject: Fix group creat_service_spec to contain maintainer context

---
 spec/services/groups/create_service_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index 267ad529d3b..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as Owner' do
+      context 'as maintainer' do
         before do
-          group.add_owner(user)
+          group.add_maintainer(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From 71822fc5de60f073e6f43507b0419c6d52540c8d Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:56:02 -0700
Subject: Add descriptions to examples

---
 spec/policies/group_policy_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 7fba62d2aa8..020b51f776e 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -103,7 +103,7 @@ describe GroupPolicy do
                            :private,
                            subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
 
-      it do
+      it 'allows every maintainer permission plus creating subgroups' do
         allow(Group).to receive(:supports_nested_objects?).and_return(true)
 
         create_subgroup_permission = [:create_subgroup]
@@ -121,7 +121,7 @@ describe GroupPolicy do
     end
 
     context 'with subgroup_creation_level set to owner' do
-      it do
+      it 'allows every maintainer permission' do
         allow(Group).to receive(:supports_nested_objects?).and_return(true)
 
         expect_allowed(*guest_permissions)
-- 
cgit v1.2.1


From b0196e855a6c82ffa96b384e1063df77f2b42249 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 13:41:32 -0700
Subject: Apply changes recomended by merge request coach

---
 app/models/group.rb                                       |  4 ++++
 app/views/groups/_group_admin_settings.html.haml          |  6 ++++++
 ...190626175626_add_group_creation_level_to_namespaces.rb | 15 +++++----------
 db/schema.rb                                              |  2 +-
 spec/controllers/admin/groups_controller_spec.rb          |  6 ++----
 spec/features/admin/admin_groups_spec.rb                  |  9 +++++++++
 spec/features/groups/show_spec.rb                         |  4 ++--
 spec/services/groups/create_service_spec.rb               |  9 ---------
 8 files changed, 29 insertions(+), 26 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 8e89c7ecfb1..44bc6c8288a 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -414,6 +414,10 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
+  def subgroup_creation_level
+    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   private
 
   def update_two_factor_requirement
diff --git a/app/views/groups/_group_admin_settings.html.haml b/app/views/groups/_group_admin_settings.html.haml
index b8f632d11d3..733cb36cc3d 100644
--- a/app/views/groups/_group_admin_settings.html.haml
+++ b/app/views/groups/_group_admin_settings.html.haml
@@ -16,6 +16,12 @@
   .col-sm-10
     = f.select :project_creation_level, options_for_select(::Gitlab::Access.project_creation_options, @group.project_creation_level), {}, class: 'form-control'
 
+.form-group.row
+  .col-sm-2.col-form-label
+    = f.label s_('SubgroupCreationlevel|Allowed to create subgroups')
+  .col-sm-10
+    = f.select :subgroup_creation_level, options_for_select(::Gitlab::Access.subgroup_creation_options, @group.subgroup_creation_level), {}, class: 'form-control'
+
 .form-group.row
   .col-sm-2.col-form-label.pt-0
     = f.label :require_two_factor_authentication, 'Two-factor authentication'
diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index 85ac89af46e..867ec3b7c91 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -7,18 +7,13 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
   disable_ddl_transaction!
 
   def up
-    unless column_exists?(:namespaces, :subgroup_creation_level)
-      add_column_with_default(:namespaces,
-                              :subgroup_creation_level,
-                              :integer,
-                              default: 0)
-      change_column_default(:namespaces, :subgroup_creation_level, 1)
-    end
+    add_column(:namespaces, :subgroup_creation_level, :integer)
+    change_column_default(:namespaces,
+                          :subgroup_creation_level,
+                          ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
   end
 
   def down
-    if column_exists?(:namespaces, :subgroup_creation_level)
-      remove_column(:namespaces, :subgroup_creation_level)
-    end
+    remove_column(:namespaces, :subgroup_creation_level)
   end
 end
diff --git a/db/schema.rb b/db/schema.rb
index e777cc575c0..56f66b45595 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -2112,7 +2112,7 @@ ActiveRecord::Schema.define(version: 20190628145246) do
     t.integer "extra_shared_runners_minutes_limit"
     t.string "ldap_sync_status", default: "ready", null: false
     t.boolean "membership_lock", default: false
-    t.integer "subgroup_creation_level", default: 1, null: false
+    t.integer "subgroup_creation_level", default: 1
     t.index ["created_at"], name: "index_namespaces_on_created_at", using: :btree
     t.index ["custom_project_templates_group_id", "type"], name: "index_namespaces_on_custom_project_templates_group_id_and_type", where: "(custom_project_templates_group_id IS NOT NULL)", using: :btree
     t.index ["file_template_project_id"], name: "index_namespaces_on_file_template_project_id", using: :btree
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 398f587bafe..1123563c1e3 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,13 +70,11 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
-
       expect do
         post :update,
              params: { id: group.to_param,
-                       group: { subgroup_creation_level: OWNER } }
-      end.to change { group.reload.subgroup_creation_level }.to(OWNER)
+                       group: { subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS } }
+      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/features/admin/admin_groups_spec.rb b/spec/features/admin/admin_groups_spec.rb
index 735ca60f7da..35c384dd458 100644
--- a/spec/features/admin/admin_groups_spec.rb
+++ b/spec/features/admin/admin_groups_spec.rb
@@ -102,6 +102,15 @@ describe 'Admin Groups' do
       expect_selected_visibility(group.visibility_level)
     end
 
+    it 'shows the subgroup creation level dropdown populated with the group subgroup_creation_level value' do
+      group = create(:group, :private, :owner_subgroup_creation_only)
+
+      visit admin_group_edit_path(group)
+
+      expect(page).to have_select("group_subgroup_creation_level",
+                                  selected: ::Gitlab::Access.subgroup_creation_options.keys[group.subgroup_creation_level])
+    end
+
     it 'edit group path does not change group name', :js do
       group = create(:group, :private)
 
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index ef0e885ee5f..5096abadb79 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -71,7 +71,7 @@ describe 'Group show page' do
         sign_in(owner)
       end
 
-      context 'when subgroups are supported', :js, :nested_groups do
+      context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
           visit path
@@ -101,7 +101,7 @@ describe 'Group show page' do
         sign_in(maintainer)
       end
 
-      context 'when subgroups are supported', :js, :nested_groups do
+      context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
         end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..c5ff6cdbacd 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,4 +1,3 @@
-# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -88,14 +87,6 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
-
-      context 'as maintainer' do
-        before do
-          group.add_maintainer(user)
-        end
-
-        it { is_expected.to be_persisted }
-      end
     end
   end
 
-- 
cgit v1.2.1


From 142a39437eb76c957a984204bc79b0bf5db5be35 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 15:29:54 -0700
Subject: Adjust the documentation on subgroups

---
 doc/user/group/subgroups/index.md | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index 1c6cca049c5..e3f7539a9b6 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -75,13 +75,16 @@ structure.
 ## Creating a subgroup
 
 NOTE: **Note:**
-You must be an Owner of a group to create a subgroup. For
-more information check the [permissions table](../../permissions.md#group-members-permissions).
+In order to create a subgroup you must either be an Owner or a Maintainer of the
+group, depending on the group's setting. By default groups allow both Owners and
+Maintainers to create subgroups, but this can be changed by an Owner or
+Administrator to only allow Owners to create subgroups. For more information
+check the [permissions table](../../permissions.md#group-members-permissions).
 For a list of words that are not allowed to be used as group names see the
-[reserved names](../../reserved_names.md).
-Users can always create subgroups if they are explicitly added as an Owner to
-a parent group, even if group creation is disabled by an administrator in their
-settings.
+[reserved names](../../reserved_names.md).  Users can always create subgroups if
+they are explicitly added as an Owner (or Maintainer, if that setting is
+enabled) to a parent group, even if group creation is disabled by an
+administrator in their settings.
 
 To create a subgroup:
 
-- 
cgit v1.2.1


From 650b88fc41d51f3d313e74bb94cbd211ca54003b Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 15:39:43 -0700
Subject: Adjust the documentation on subgroup permissions

---
 doc/user/permissions.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 03abef9fc62..20b23b75cb9 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -209,13 +209,15 @@ group.
 | Create project in group                         |       |          | ✓         | ✓          | ✓     |
 | Create/edit/delete group milestones             |       |          | ✓         | ✓          | ✓     |
 | Enable/disable a dependency proxy **[PREMIUM]** |       |          | ✓         | ✓          | ✓     |
+| Create subgroup                                 |       |          |           | ✓*         | ✓     |
 | Edit group                                      |       |          |           |            | ✓     |
-| Create subgroup                                 |       |          |           |            | ✓     |
 | Manage group members                            |       |          |           |            | ✓     |
 | Remove group                                    |       |          |           |            | ✓     |
 | Delete group epic **[ULTIMATE]**                |       |          |           |            | ✓     |
 | View group Audit Events                         |       |          |           |            | ✓     |
 
+*Groups can be set to allow either Owners or Owners and maintainers to create subgroups
+
 ### Subgroup permissions
 
 When you add a member to a subgroup, they inherit the membership and
-- 
cgit v1.2.1


From 0f659a0da634bf61378766d6ec247cc49595becf Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 16:27:49 -0700
Subject: Fix some code style issues

---
 spec/features/groups/show_spec.rb  | 12 ++++++++----
 spec/policies/group_policy_spec.rb | 13 ++++++-------
 2 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 5096abadb79..f1501181432 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -56,10 +56,14 @@ describe 'Group show page' do
   end
 
   context 'subgroup support' do
-    let(:restricted_group) { create(:group,
-                                    subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
-    let(:relaxed_group) { create(:group,
-                                 subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+    let(:restricted_group) do
+      create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) 
+    end
+
+    let(:relaxed_group) do
+      create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) 
+    end
+
     let(:owner) { create(:user) }
     let(:maintainer) { create(:user) }
 
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 020b51f776e..dc3675a7b9e 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -99,9 +99,9 @@ describe GroupPolicy do
     let(:current_user) { maintainer }
 
     context 'with subgroup_creation level set to maintainer' do
-      let(:group) { create(:group,
-                           :private,
-                           subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+      let(:group) do
+        create(:group, :private, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      end
 
       it 'allows every maintainer permission plus creating subgroups' do
         allow(Group).to receive(:supports_nested_objects?).and_return(true)
@@ -207,10 +207,9 @@ describe GroupPolicy do
   end
 
   describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do
-    let(:nested_group) { create(:group,
-                                :private,
-                                :owner_subgroup_creation_only,
-                                parent: group) }
+    let(:nested_group) do
+      create(:group, :private, :owner_subgroup_creation_only, parent: group)
+    end
 
     before do
       nested_group.add_guest(guest)
-- 
cgit v1.2.1


From a0485e75005e7930acba832089d830744d6cbb14 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 2 Jul 2019 08:38:38 -0700
Subject: Apply recomended changes from merge coach

---
 ...190626175626_add_group_creation_level_to_namespaces.rb |  1 -
 spec/features/admin/admin_groups_spec.rb                  |  3 +--
 spec/features/groups/show_spec.rb                         | 15 +++++++++------
 3 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index 867ec3b7c91..3b75c92e518 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -4,7 +4,6 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
   include Gitlab::Database::MigrationHelpers
 
   DOWNTIME = false
-  disable_ddl_transaction!
 
   def up
     add_column(:namespaces, :subgroup_creation_level, :integer)
diff --git a/spec/features/admin/admin_groups_spec.rb b/spec/features/admin/admin_groups_spec.rb
index 35c384dd458..c1ad73779c9 100644
--- a/spec/features/admin/admin_groups_spec.rb
+++ b/spec/features/admin/admin_groups_spec.rb
@@ -107,8 +107,7 @@ describe 'Admin Groups' do
 
       visit admin_group_edit_path(group)
 
-      expect(page).to have_select("group_subgroup_creation_level",
-                                  selected: ::Gitlab::Access.subgroup_creation_options.keys[group.subgroup_creation_level])
+      expect(page).to have_content('Allowed to create subgroups')
     end
 
     it 'edit group path does not change group name', :js do
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index f1501181432..bed998a0859 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -57,11 +57,11 @@ describe 'Group show page' do
 
   context 'subgroup support' do
     let(:restricted_group) do
-      create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) 
+      create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
     end
 
     let(:relaxed_group) do
-      create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) 
+      create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
 
     let(:owner) { create(:user) }
@@ -78,10 +78,11 @@ describe 'Group show page' do
       context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
         it 'allows creating subgroups' do
+          visit path
+
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -90,10 +91,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
@@ -113,11 +115,12 @@ describe 'Group show page' do
         context 'when subgroup_creation_level is set to maintainers' do
           before do
             relaxed_group.add_maintainer(maintainer)
-            path = group_path(relaxed_group)
-            visit path
           end
 
           it 'allows creating subgroups' do
+            path = group_path(relaxed_group)
+            visit path
+
             expect(page)
               .to have_css("li[data-text='New subgroup']", visible: false)
           end
-- 
cgit v1.2.1


From bab77650eae67d40ec4070597f83bcc1d406697a Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 14 Jun 2019 15:13:24 -0700
Subject: Add changelog

---
 changelogs/unreleased/maintainers-can-create-subgroup.yml | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changelogs/unreleased/maintainers-can-create-subgroup.yml

diff --git a/changelogs/unreleased/maintainers-can-create-subgroup.yml b/changelogs/unreleased/maintainers-can-create-subgroup.yml
new file mode 100644
index 00000000000..b537862c8af
--- /dev/null
+++ b/changelogs/unreleased/maintainers-can-create-subgroup.yml
@@ -0,0 +1,5 @@
+---
+title: Maintainers can crete subgroups
+merge_request: 29718
+author: Fabio Papa
+type: changed
-- 
cgit v1.2.1


From 467ed9d4e79b27557f6407ed4fd567473b83ab76 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 14 Jun 2019 15:16:55 -0700
Subject: Add failing feature spec detailing a maintainer creating a subgroup

- Change the two existing feature examples that create a subgroup to
  elucidate that the owner is creating the subgroup

- Nest two more specs inside the 'subgroup support' context detailing
  what happens when a maintainer attempts to add a subgroup (one with
  subgroup support, and one without)
---
 spec/features/groups/show_spec.rb | 61 ++++++++++++++++++++++++++++++---------
 1 file changed, 48 insertions(+), 13 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 9671a4d8c49..2654d06cd8c 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -56,32 +56,67 @@ describe 'Group show page' do
   end
 
   context 'subgroup support' do
-    let(:user) { create(:user) }
+    let(:owner) { create(:user) }
+    let(:maintainer) { create(:user) }
 
     before do
-      group.add_owner(user)
-      sign_in(user)
+      group.add_owner(owner)
+      group.add_maintainer(maintainer)
     end
 
-    context 'when subgroups are supported', :js, :nested_groups do
+    context 'for owners' do
       before do
-        allow(Group).to receive(:supports_nested_objects?) { true }
-        visit path
+        sign_in(owner)
       end
 
-      it 'allows creating subgroups' do
-        expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+      context 'when subgroups are supported', :js, :nested_groups do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+        end
+      end
+
+      context 'when subgroups are not supported' do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+        end
       end
     end
 
-    context 'when subgroups are not supported' do
+    context 'for maintainers' do
       before do
-        allow(Group).to receive(:supports_nested_objects?) { false }
-        visit path
+        sign_in(maintainer)
+      end
+
+      context 'when subgroups are supported', :js, :nested_groups do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+        end
       end
 
-      it 'allows creating subgroups' do
-        expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+      context 'when subgroups are not supported' do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+        end
       end
     end
   end
-- 
cgit v1.2.1


From 6d50040c9469d2b1b6c137897b5d7403f3e3b7d5 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 11:07:17 -0700
Subject: Add failing unit test specifying a maintainer creating a subgroup

---
 spec/services/groups/create_service_spec.rb                  |  9 +++++++++
 .../shared_contexts/policies/group_policy_shared_context.rb  | 12 ++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index c5ff6cdbacd..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,3 +1,4 @@
+# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -87,6 +88,14 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
+
+      context 'as maintainer' do
+        before do
+          group.add_maintainer(user)
+        end
+
+        it { is_expected.to be_persisted }
+      end
     end
   end
 
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index b4808ac0068..b4b09d3295f 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -23,6 +23,15 @@ RSpec.shared_context 'GroupPolicy context' do
       create_projects
       read_cluster create_cluster update_cluster admin_cluster add_cluster
     ]
+    [
+      :create_projects,
+      :read_cluster,
+      :create_cluster,
+      :update_cluster,
+      :admin_cluster,
+      :add_cluster,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+    ].compact
   end
   let(:owner_permissions) do
     [
@@ -30,8 +39,7 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+      :set_note_created_at
     ].compact
   end
 
-- 
cgit v1.2.1


From e520893b3450d6b9da4fbe74da943fbfcc24fedd Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 12:23:56 -0700
Subject: Update the group policy to allow >= maintainer to create subgroups

All specs passing
---
 app/policies/group_policy.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index ea86858181d..d92bcded19d 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -109,7 +109,7 @@ class GroupPolicy < BasePolicy
     enable :read_nested_project_resources
   end
 
-  rule { owner & nested_groups_supported }.enable :create_subgroup
+  rule { maintainer & nested_groups_supported }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
-- 
cgit v1.2.1


From 90abe7189177e9d6ecc41c3a3d77a3181904ae8e Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 13:22:12 -0700
Subject: Modify API spec to expect a maintainer to be able to create subgroup

---
 spec/requests/api/groups_spec.rb                                     | 4 ++--
 spec/support/shared_contexts/policies/group_policy_shared_context.rb | 4 ----
 2 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index b4b09d3295f..a40d3087f6e 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,10 +19,6 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    %i[
-      create_projects
-      read_cluster create_cluster update_cluster admin_cluster add_cluster
-    ]
     [
       :create_projects,
       :read_cluster,
-- 
cgit v1.2.1


From ae703dbc4a8cc58ee44a4f99e789636c867c7267 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 25 Jun 2019 21:59:10 -0700
Subject: Add examples specing the setting to choose who can create subgroups

This setting is at the group level only. The default is specified to
be maintainers and owners.

**Specs only**, all failing.
---
 spec/controllers/admin/groups_controller_spec.rb   |  6 ++
 spec/factories/groups.rb                           |  1 +
 spec/features/groups/group_settings_spec.rb        |  8 +++
 spec/models/group_spec.rb                          |  8 +++
 spec/policies/group_policy_spec.rb                 | 70 ++++++++++++++++++++++
 .../policies/group_policy_shared_context.rb        | 16 ++---
 6 files changed, 99 insertions(+), 10 deletions(-)

diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 509d8944e3a..df11321537f 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -68,5 +68,11 @@ describe Admin::GroupsController do
         post :update, params: { id: group.to_param, group: { project_creation_level: ::Gitlab::Access::NO_ONE_PROJECT_ACCESS } }
       end.to change { group.reload.project_creation_level }.to(::Gitlab::Access::NO_ONE_PROJECT_ACCESS)
     end
+
+    it 'updates the subgroup_creation_level successfully' do
+      expect do
+        post :update, params: { id: group.to_param, group: { subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS } }
+      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
   end
 end
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 18a0c2ec731..2f50fbfe2fa 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,6 +5,7 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
+    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/features/groups/group_settings_spec.rb b/spec/features/groups/group_settings_spec.rb
index 5cef5f0521f..95534d5a2ba 100644
--- a/spec/features/groups/group_settings_spec.rb
+++ b/spec/features/groups/group_settings_spec.rb
@@ -85,6 +85,14 @@ describe 'Edit group settings' do
     end
   end
 
+  describe 'subgroup creation level menu' do
+    it 'shows the selection menu' do
+      visit edit_group_path(group)
+
+      expect(page).to have_content('Allowed to create subgroups')
+    end
+  end
+  
   describe 'edit group avatar' do
     before do
       visit edit_group_path(group)
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 470ce65707d..fd40061dd3a 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -994,4 +994,12 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
+
+  describe 'subgroup_creation_level' do
+    it 'outputs the default one if it is nil' do
+      group = create(:group, subgroup_creation_level: nil)
+
+      expect(group.subgroup_creation_level).to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
+  end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 59f3a961d50..aed9a8e34ff 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -163,6 +163,18 @@ describe GroupPolicy do
         expect_allowed(*updated_owner_permissions)
       end
     end
+
+    context 'maintainer' do
+      let(:current_user) { maintainer }
+
+      it 'allows every maintainer permission except creating subgroups' do
+        create_subgroup_permission = [:create_subgroup]
+        updated_maintainer_permissions = maintainer_permissions - create_subgroup_permission
+
+        expect_disallowed(*create_subgroup_permission)
+        expect_allowed(*updated_maintainer_permissions)
+      end
+    end
   end
 
   describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do
@@ -461,6 +473,64 @@ describe GroupPolicy do
     end
   end
 
+  context "create_subgroup" do
+    context 'when group has subgroup creation level set to owner' do
+      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+
+      context 'reporter' do
+        let(:current_user) { reporter }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'developer' do
+        let(:current_user) { developer }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'maintainer' do
+        let(:current_user) { maintainer }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'owner' do
+        let(:current_user) { owner }
+
+        it { is_expected.to be_allowed(:create_subgroup) }
+      end
+    end
+
+    context 'when group has subgroup creation level set to maintainer' do
+      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+
+      context 'reporter' do
+        let(:current_user) { reporter }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'developer' do
+        let(:current_user) { developer }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'maintainer' do
+        let(:current_user) { maintainer }
+
+        it { is_expected.to be_allowed(:create_subgroup) }
+      end
+
+      context 'owner' do
+        let(:current_user) { owner }
+
+        it { is_expected.to be_allowed(:create_subgroup) }
+      end
+    end
+  end
+
   it_behaves_like 'clusterable policies' do
     let(:clusterable) { create(:group) }
     let(:cluster) do
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index a40d3087f6e..b4808ac0068 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,15 +19,10 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    [
-      :create_projects,
-      :read_cluster,
-      :create_cluster,
-      :update_cluster,
-      :admin_cluster,
-      :add_cluster,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
-    ].compact
+    %i[
+      create_projects
+      read_cluster create_cluster update_cluster admin_cluster add_cluster
+    ]
   end
   let(:owner_permissions) do
     [
@@ -35,7 +30,8 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at
+      :set_note_created_at,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
     ].compact
   end
 
-- 
cgit v1.2.1


From b6ce065f4b0476933845ba265e0fe92fb24d1e6e Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:46:48 -0700
Subject: Reset group policy to only allow >= owners to create subgroups

---
 app/policies/group_policy.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index d92bcded19d..ea86858181d 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -109,7 +109,7 @@ class GroupPolicy < BasePolicy
     enable :read_nested_project_resources
   end
 
-  rule { maintainer & nested_groups_supported }.enable :create_subgroup
+  rule { owner & nested_groups_supported }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
-- 
cgit v1.2.1


From 1f4d2ab096284187d92d00f40ebea4df961b2c8e Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 13:49:27 -0700
Subject: Add a subgroup_creation_level column to the namespaces table

---
 ...6175626_add_group_creation_level_to_namespaces.rb | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
new file mode 100644
index 00000000000..b0ea74d4765
--- /dev/null
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+  disable_ddl_transaction!
+  
+  def up
+    unless column_exists?(:namespaces, :subgroup_creation_level)
+      add_column_with_default(:namespaces, :subgroup_creation_level, :integer, default: 0)
+    end
+  end
+
+  def down
+    if column_exists?(:namespaces, :subgroup_creation_level)
+      remove_column(:namespaces, :subgroup_creation_level)
+    end
+  end
+end
-- 
cgit v1.2.1


From 83a7545554fc3ccd44cd6c6d620b860d1d4aeb08 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 13:39:04 -0700
Subject: Add constants representing Owner and Maintainer group access levels

---
 lib/gitlab/access.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/gitlab/access.rb b/lib/gitlab/access.rb
index 6eb08f674c2..77076ead47a 100644
--- a/lib/gitlab/access.rb
+++ b/lib/gitlab/access.rb
@@ -29,6 +29,10 @@ module Gitlab
     MAINTAINER_PROJECT_ACCESS = 1
     DEVELOPER_MAINTAINER_PROJECT_ACCESS = 2
 
+    # Default subgroup creation level
+    OWNER_SUBGROUP_ACCESS = 0
+    MAINTAINER_SUBGROUP_ACCESS = 1
+
     class << self
       delegate :values, to: :options
 
-- 
cgit v1.2.1


From 65e9fd31d5ca0e0e6eb2b44599f18c333a366a47 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 13:45:58 -0700
Subject: Add subgroup_creation_level to the list of allowed group params

For both groups_controller and admin/groups_controller
---
 app/controllers/admin/groups_controller.rb | 3 ++-
 app/controllers/groups_controller.rb       | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/controllers/admin/groups_controller.rb b/app/controllers/admin/groups_controller.rb
index 15f7ef881c8..6317fa7c8d1 100644
--- a/app/controllers/admin/groups_controller.rb
+++ b/app/controllers/admin/groups_controller.rb
@@ -90,7 +90,8 @@ class Admin::GroupsController < Admin::ApplicationController
       :visibility_level,
       :require_two_factor_authentication,
       :two_factor_grace_period,
-      :project_creation_level
+      :project_creation_level,
+      :subgroup_creation_level
     ]
   end
 end
diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb
index 797833e3f91..aff418faae5 100644
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -192,7 +192,8 @@ class GroupsController < Groups::ApplicationController
       :chat_team_name,
       :require_two_factor_authentication,
       :two_factor_grace_period,
-      :project_creation_level
+      :project_creation_level,
+      :subgroup_creation_level
     ]
   end
 
-- 
cgit v1.2.1


From 84c1455c5b26017ad28ad0f48433d8f41d8b95d3 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:11:09 -0700
Subject: Add "allowed to create subgroups" dropdown to group settings form

---
 app/views/groups/settings/_permissions.html.haml             | 1 +
 app/views/groups/settings/_subgroup_creation_level.html.haml | 3 +++
 lib/gitlab/access.rb                                         | 7 +++++++
 3 files changed, 11 insertions(+)
 create mode 100644 app/views/groups/settings/_subgroup_creation_level.html.haml

diff --git a/app/views/groups/settings/_permissions.html.haml b/app/views/groups/settings/_permissions.html.haml
index 0da1f1ba7f5..d3375e00bad 100644
--- a/app/views/groups/settings/_permissions.html.haml
+++ b/app/views/groups/settings/_permissions.html.haml
@@ -20,6 +20,7 @@
     = render_if_exists 'groups/settings/ip_restriction', f: f, group: @group
     = render 'groups/settings/lfs', f: f
     = render 'groups/settings/project_creation_level', f: f, group: @group
+    = render 'groups/settings/subgroup_creation_level', f: f, group: @group
     = render 'groups/settings/two_factor_auth', f: f
     = render_if_exists 'groups/member_lock_setting', f: f, group: @group
 
diff --git a/app/views/groups/settings/_subgroup_creation_level.html.haml b/app/views/groups/settings/_subgroup_creation_level.html.haml
new file mode 100644
index 00000000000..f36ad192bad
--- /dev/null
+++ b/app/views/groups/settings/_subgroup_creation_level.html.haml
@@ -0,0 +1,3 @@
+.form-group
+  = f.label s_('SubgroupCreationLevel|Allowed to create subgroups'), class: 'label-bold'
+  = f.select :subgroup_creation_level, options_for_select(::Gitlab::Access.subgroup_creation_options, group.subgroup_creation_level), {}, class: 'form-control'
diff --git a/lib/gitlab/access.rb b/lib/gitlab/access.rb
index 77076ead47a..7ef9f7ef630 100644
--- a/lib/gitlab/access.rb
+++ b/lib/gitlab/access.rb
@@ -110,6 +110,13 @@ module Gitlab
       def project_creation_level_name(name)
         project_creation_options.key(name)
       end
+
+      def subgroup_creation_options
+        {
+          s_('SubgroupCreationlevel|Owners') => OWNER_SUBGROUP_ACCESS,
+          s_('SubgroupCreationlevel|Maintainers') => MAINTAINER_SUBGROUP_ACCESS
+        }
+      end
     end
 
     def human_access
-- 
cgit v1.2.1


From 6175ff7a9b6bc97929a0b81bfe70ff39eaffb58c Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:17:24 -0700
Subject: Make the group model return maintainer level when it is not set

---
 app/models/group.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/models/group.rb b/app/models/group.rb
index 8e89c7ecfb1..44bc6c8288a 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -414,6 +414,10 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
+  def subgroup_creation_level
+    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   private
 
   def update_two_factor_requirement
-- 
cgit v1.2.1


From 806088d72e9ec7b1d1ef97db43d76b248dd19186 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 15:53:46 -0700
Subject: Add policy to allow maintainers to create subgroups when enabled

---
 app/policies/group_policy.rb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index ea86858181d..bd1eb02ca1f 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -43,6 +43,10 @@ class GroupPolicy < BasePolicy
     @subject.project_creation_level == ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS
   end
 
+  condition(:maintainer_can_create_group) do
+    @subject.subgroup_creation_level == ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   rule { public_group }.policy do
     enable :read_group
     enable :read_list
@@ -110,6 +114,7 @@ class GroupPolicy < BasePolicy
   end
 
   rule { owner & nested_groups_supported }.enable :create_subgroup
+  rule { maintainer & maintainer_can_create_group & nested_groups_supported }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
-- 
cgit v1.2.1


From 7c7a94f2088ee2687bc21434371c6b27ae56bd1b Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 18:15:56 +0000
Subject: Apply suggestion to
 changelogs/unreleased/maintainers-can-create-subgroup.yml

---
 changelogs/unreleased/maintainers-can-create-subgroup.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changelogs/unreleased/maintainers-can-create-subgroup.yml b/changelogs/unreleased/maintainers-can-create-subgroup.yml
index b537862c8af..180f0f7247f 100644
--- a/changelogs/unreleased/maintainers-can-create-subgroup.yml
+++ b/changelogs/unreleased/maintainers-can-create-subgroup.yml
@@ -1,5 +1,5 @@
 ---
-title: Maintainers can crete subgroups
+title: Maintainers can create subgroups
 merge_request: 29718
 author: Fabio Papa
 type: changed
-- 
cgit v1.2.1


From 770e3de7d613d2c87c33bbc993ca5cec1eda4635 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 08:35:09 -0700
Subject: Add feature examples specing maintainers creating subgroups

Both with subgroup_creation_level set to owners and to maintainers.
Also fixed the naming of some other examples in the same spec as they
were contradicting what they were actually performing in the test.
These examples were probably copy/pasted, and not renamed.
---
 spec/features/groups/show_spec.rb | 22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 2654d06cd8c..68fa3f4e817 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -86,7 +86,7 @@ describe 'Group show page' do
           visit path
         end
 
-        it 'allows creating subgroups' do
+        it 'does not allow creating subgroups' do
           expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
@@ -103,8 +103,22 @@ describe 'Group show page' do
           visit path
         end
 
-        it 'allows creating subgroups' do
-          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+        context 'when subgroup_creation_level is set to maintainer' do
+          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+          
+          it 'allows creating subgroups' do
+            visit path
+            expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+          end
+        end
+
+        context 'when subgroup_creation_level is set to owners' do
+          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+
+          it 'does not allow creating subgroups' do
+            visit path
+            expect(page).not_to have_css("li[data-text='New subgroup']", visible: false)
+          end
         end
       end
 
@@ -114,7 +128,7 @@ describe 'Group show page' do
           visit path
         end
 
-        it 'allows creating subgroups' do
+        it 'does not allow creating subgroups' do
           expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
-- 
cgit v1.2.1


From 8547d6d2b4840bca951d708b3f949f665b2760e5 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 09:22:10 -0700
Subject: Update schema

---
 db/schema.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/db/schema.rb b/db/schema.rb
index 7948f919c57..2c6f577c784 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -2112,6 +2112,7 @@ ActiveRecord::Schema.define(version: 20190628145246) do
     t.integer "extra_shared_runners_minutes_limit"
     t.string "ldap_sync_status", default: "ready", null: false
     t.boolean "membership_lock", default: false
+    t.integer "subgroup_creation_level", default: 0, null: false
     t.index ["created_at"], name: "index_namespaces_on_created_at", using: :btree
     t.index ["custom_project_templates_group_id", "type"], name: "index_namespaces_on_custom_project_templates_group_id_and_type", where: "(custom_project_templates_group_id IS NOT NULL)", using: :btree
     t.index ["file_template_project_id"], name: "index_namespaces_on_file_template_project_id", using: :btree
-- 
cgit v1.2.1


From ba836a046df0f805686f95cc73598db9211612e2 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 13:31:47 -0700
Subject: Style rules; Revert some examples

---
 ...75626_add_group_creation_level_to_namespaces.rb |  7 +++++--
 spec/controllers/admin/groups_controller_spec.rb   |  9 ++++++--
 spec/features/groups/group_settings_spec.rb        |  2 +-
 spec/features/groups/show_spec.rb                  | 24 +++++++++++++++-------
 spec/models/group_spec.rb                          |  3 ++-
 spec/policies/group_policy_spec.rb                 | 21 ++++++++++++++-----
 spec/requests/api/groups_spec.rb                   |  4 ++--
 spec/services/groups/create_service_spec.rb        |  4 ++--
 8 files changed, 52 insertions(+), 22 deletions(-)

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index b0ea74d4765..eed0ba25f27 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -5,10 +5,13 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
 
   DOWNTIME = false
   disable_ddl_transaction!
-  
+
   def up
     unless column_exists?(:namespaces, :subgroup_creation_level)
-      add_column_with_default(:namespaces, :subgroup_creation_level, :integer, default: 0)
+      add_column_with_default(:namespaces,
+                              :subgroup_creation_level,
+                              :integer,
+                              default: 0)
     end
   end
 
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index df11321537f..72f389513f8 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,9 +70,14 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
+      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+
       expect do
-        post :update, params: { id: group.to_param, group: { subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS } }
-      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+        post :update,
+             params: { id: group.to_param,
+                       group: { subgroup_creation_level: MAINTAINER } }
+      end.to change { group.reload.subgroup_creation_level }
+               .to(MAINTAINER)
     end
   end
 end
diff --git a/spec/features/groups/group_settings_spec.rb b/spec/features/groups/group_settings_spec.rb
index 95534d5a2ba..676769c25fe 100644
--- a/spec/features/groups/group_settings_spec.rb
+++ b/spec/features/groups/group_settings_spec.rb
@@ -92,7 +92,7 @@ describe 'Edit group settings' do
       expect(page).to have_content('Allowed to create subgroups')
     end
   end
-  
+
   describe 'edit group avatar' do
     before do
       visit edit_group_path(group)
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 68fa3f4e817..163906010fa 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -76,7 +76,8 @@ describe 'Group show page' do
         end
 
         it 'allows creating subgroups' do
-          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+          expect(page)
+            .to have_css("li[data-text='New subgroup']", visible: false)
         end
       end
 
@@ -87,7 +88,8 @@ describe 'Group show page' do
         end
 
         it 'does not allow creating subgroups' do
-          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+          expect(page)
+            .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
     end
@@ -104,8 +106,11 @@ describe 'Group show page' do
         end
 
         context 'when subgroup_creation_level is set to maintainer' do
-          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
-          
+          let(:group) do
+            create(:group,
+                   subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+          end
+
           it 'allows creating subgroups' do
             visit path
             expect(page).to have_css("li[data-text='New subgroup']", visible: false)
@@ -113,11 +118,15 @@ describe 'Group show page' do
         end
 
         context 'when subgroup_creation_level is set to owners' do
-          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+          let(:group) do
+            create(:group,
+                   subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+          end
 
           it 'does not allow creating subgroups' do
             visit path
-            expect(page).not_to have_css("li[data-text='New subgroup']", visible: false)
+            expect(page)
+              .not_to have_css("li[data-text='New subgroup']", visible: false)
           end
         end
       end
@@ -129,7 +138,8 @@ describe 'Group show page' do
         end
 
         it 'does not allow creating subgroups' do
-          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+          expect(page)
+            .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
     end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index fd40061dd3a..6627177ad61 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -999,7 +999,8 @@ describe Group do
     it 'outputs the default one if it is nil' do
       group = create(:group, subgroup_creation_level: nil)
 
-      expect(group.subgroup_creation_level).to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      expect(group.subgroup_creation_level)
+        .to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index aed9a8e34ff..da186f63eca 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -145,7 +145,8 @@ describe GroupPolicy do
 
       it 'allows every owner permission except creating subgroups' do
         create_subgroup_permission = [:create_subgroup]
-        updated_owner_permissions = owner_permissions - create_subgroup_permission
+        updated_owner_permissions =
+          owner_permissions - create_subgroup_permission
 
         expect_disallowed(*create_subgroup_permission)
         expect_allowed(*updated_owner_permissions)
@@ -157,7 +158,8 @@ describe GroupPolicy do
 
       it 'allows every owner permission except creating subgroups' do
         create_subgroup_permission = [:create_subgroup]
-        updated_owner_permissions = owner_permissions - create_subgroup_permission
+        updated_owner_permissions =
+          owner_permissions - create_subgroup_permission
 
         expect_disallowed(*create_subgroup_permission)
         expect_allowed(*updated_owner_permissions)
@@ -169,7 +171,8 @@ describe GroupPolicy do
 
       it 'allows every maintainer permission except creating subgroups' do
         create_subgroup_permission = [:create_subgroup]
-        updated_maintainer_permissions = maintainer_permissions - create_subgroup_permission
+        updated_maintainer_permissions =
+          maintainer_permissions - create_subgroup_permission
 
         expect_disallowed(*create_subgroup_permission)
         expect_allowed(*updated_maintainer_permissions)
@@ -475,7 +478,11 @@ describe GroupPolicy do
 
   context "create_subgroup" do
     context 'when group has subgroup creation level set to owner' do
-      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+      let(:group) do
+        create(
+          :group,
+          subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+      end
 
       context 'reporter' do
         let(:current_user) { reporter }
@@ -503,7 +510,11 @@ describe GroupPolicy do
     end
 
     context 'when group has subgroup creation level set to maintainer' do
-      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+      let(:group) do
+        create(
+          :group,
+          subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      end
 
       context 'reporter' do
         let(:current_user) { reporter }
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index 52d926d5484..c41408fba65 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'can create subgroups' do
+        it 'cannot create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(201)
+          expect(response).to have_gitlab_http_status(403)
         end
       end
     end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..267ad529d3b 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as maintainer' do
+      context 'as Owner' do
         before do
-          group.add_maintainer(user)
+          group.add_owner(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From 13d3123425d2575773550015240509e297c1177a Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 14:06:50 -0700
Subject: Remove an example that is no longer necessary

---
 spec/models/group_spec.rb | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 6627177ad61..470ce65707d 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -994,13 +994,4 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
-
-  describe 'subgroup_creation_level' do
-    it 'outputs the default one if it is nil' do
-      group = create(:group, subgroup_creation_level: nil)
-
-      expect(group.subgroup_creation_level)
-        .to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
-    end
-  end
 end
-- 
cgit v1.2.1


From 4601b2d17927ca80f2e93a0211bca809dd264b98 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 16:12:54 -0700
Subject: Make maintainers the default setting for creating subgroups

---
 app/models/group.rb       | 10 ++++++----
 spec/models/group_spec.rb |  8 ++++++++
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 44bc6c8288a..47e7bf34ec8 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,6 +58,8 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
+  before_create :default_subgroup_creation_level_to_maintainers
+
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -414,10 +416,6 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
-  def subgroup_creation_level
-    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
-
   private
 
   def update_two_factor_requirement
@@ -447,4 +445,8 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
+
+  def default_subgroup_creation_level_to_maintainers
+    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
 end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 470ce65707d..9ae18d7bab7 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -994,4 +994,12 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
+
+  describe 'subgroup_creation_level' do
+    it 'defaults to maintainers' do
+      group = create (:group)
+
+      expect(group.subgroup_creation_level).to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
+  end
 end
-- 
cgit v1.2.1


From 2497a1e1cf0f52347684552184a24bd246f7bcc8 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 30 Jun 2019 14:40:23 -0700
Subject: Make subgroup_creation_level default to maintainer at SQL level

- Migration updates existing groups to "owner", then sets default to
  "maintainer" so that new groups will default to that
- Update spec examples
---
 ...75626_add_group_creation_level_to_namespaces.rb |  1 +
 db/schema.rb                                       |  2 +-
 spec/controllers/admin/groups_controller_spec.rb   |  7 ++--
 spec/factories/groups.rb                           |  5 ++-
 spec/features/groups/show_spec.rb                  | 17 ++++++---
 spec/models/group_spec.rb                          |  5 +--
 spec/policies/group_policy_spec.rb                 | 43 ++++++++++++++++++----
 spec/requests/api/groups_spec.rb                   |  4 +-
 .../policies/group_policy_shared_context.rb        |  2 +-
 9 files changed, 61 insertions(+), 25 deletions(-)

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index eed0ba25f27..85ac89af46e 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -12,6 +12,7 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
                               :subgroup_creation_level,
                               :integer,
                               default: 0)
+      change_column_default(:namespaces, :subgroup_creation_level, 1)
     end
   end
 
diff --git a/db/schema.rb b/db/schema.rb
index 2c6f577c784..272f0fe747b 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -2112,7 +2112,7 @@ ActiveRecord::Schema.define(version: 20190628145246) do
     t.integer "extra_shared_runners_minutes_limit"
     t.string "ldap_sync_status", default: "ready", null: false
     t.boolean "membership_lock", default: false
-    t.integer "subgroup_creation_level", default: 0, null: false
+    t.integer "subgroup_creation_level", default: 1, null: false
     t.index ["created_at"], name: "index_namespaces_on_created_at", using: :btree
     t.index ["custom_project_templates_group_id", "type"], name: "index_namespaces_on_custom_project_templates_group_id_and_type", where: "(custom_project_templates_group_id IS NOT NULL)", using: :btree
     t.index ["file_template_project_id"], name: "index_namespaces_on_file_template_project_id", using: :btree
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 72f389513f8..398f587bafe 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,14 +70,13 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
       expect do
         post :update,
              params: { id: group.to_param,
-                       group: { subgroup_creation_level: MAINTAINER } }
-      end.to change { group.reload.subgroup_creation_level }
-               .to(MAINTAINER)
+                       group: { subgroup_creation_level: OWNER } }
+      end.to change { group.reload.subgroup_creation_level }.to(OWNER)
     end
   end
 end
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 2f50fbfe2fa..b67ab955ffc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,7 +5,6 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
-    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
@@ -46,5 +45,9 @@ FactoryBot.define do
     trait :auto_devops_disabled do
       auto_devops_enabled false
     end
+
+    trait :owner_subgroup_creation_only do
+      subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
+    end
   end
 end
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 163906010fa..48ba9064327 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -72,10 +72,11 @@ describe 'Group show page' do
       context 'when subgroups are supported', :js, :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
         it 'allows creating subgroups' do
+          visit path
+
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -84,10 +85,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
@@ -102,10 +104,9 @@ describe 'Group show page' do
       context 'when subgroups are supported', :js, :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
-        context 'when subgroup_creation_level is set to maintainer' do
+        context 'when subgroup_creation_level is set to maintainers' do
           let(:group) do
             create(:group,
                    subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
@@ -113,7 +114,9 @@ describe 'Group show page' do
 
           it 'allows creating subgroups' do
             visit path
-            expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+
+            expect(page)
+              .to have_css("li[data-text='New subgroup']", visible: false)
           end
         end
 
@@ -125,6 +128,7 @@ describe 'Group show page' do
 
           it 'does not allow creating subgroups' do
             visit path
+
             expect(page)
               .not_to have_css("li[data-text='New subgroup']", visible: false)
           end
@@ -134,10 +138,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 9ae18d7bab7..c7fb0f51075 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -997,9 +997,8 @@ describe Group do
 
   describe 'subgroup_creation_level' do
     it 'defaults to maintainers' do
-      group = create (:group)
-
-      expect(group.subgroup_creation_level).to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      expect(group.subgroup_creation_level)
+        .to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index da186f63eca..7fba62d2aa8 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -98,12 +98,38 @@ describe GroupPolicy do
   context 'maintainer' do
     let(:current_user) { maintainer }
 
-    it do
-      expect_allowed(*guest_permissions)
-      expect_allowed(*reporter_permissions)
-      expect_allowed(*developer_permissions)
-      expect_allowed(*maintainer_permissions)
-      expect_disallowed(*owner_permissions)
+    context 'with subgroup_creation level set to maintainer' do
+      let(:group) { create(:group,
+                           :private,
+                           subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+
+      it do
+        allow(Group).to receive(:supports_nested_objects?).and_return(true)
+
+        create_subgroup_permission = [:create_subgroup]
+        updated_maintainer_permissions =
+          maintainer_permissions + create_subgroup_permission
+        updated_owner_permissions =
+          owner_permissions - create_subgroup_permission
+
+        expect_allowed(*guest_permissions)
+        expect_allowed(*reporter_permissions)
+        expect_allowed(*developer_permissions)
+        expect_allowed(*updated_maintainer_permissions)
+        expect_disallowed(*updated_owner_permissions)
+      end
+    end
+
+    context 'with subgroup_creation_level set to owner' do
+      it do
+        allow(Group).to receive(:supports_nested_objects?).and_return(true)
+
+        expect_allowed(*guest_permissions)
+        expect_allowed(*reporter_permissions)
+        expect_allowed(*developer_permissions)
+        expect_allowed(*maintainer_permissions)
+        expect_disallowed(*owner_permissions)
+      end
     end
   end
 
@@ -181,7 +207,10 @@ describe GroupPolicy do
   end
 
   describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do
-    let(:nested_group) { create(:group, :private, parent: group) }
+    let(:nested_group) { create(:group,
+                                :private,
+                                :owner_subgroup_creation_only,
+                                parent: group) }
 
     before do
       nested_group.add_guest(guest)
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index b4808ac0068..74389c4d82b 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -7,7 +7,7 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:maintainer) { create(:user) }
   let(:owner) { create(:user) }
   let(:admin) { create(:admin) }
-  let(:group) { create(:group, :private) }
+  let(:group) { create(:group, :private, :owner_subgroup_creation_only) }
 
   let(:guest_permissions) do
     %i[
-- 
cgit v1.2.1


From c440275520cbe3863c7b70b3893d2013f04f3f70 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:00:34 -0700
Subject: Remove AR hook to set the default subgroup_creation_level

---
 app/models/group.rb | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 47e7bf34ec8..8e89c7ecfb1 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,8 +58,6 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
-  before_create :default_subgroup_creation_level_to_maintainers
-
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -445,8 +443,4 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
-
-  def default_subgroup_creation_level_to_maintainers
-    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
 end
-- 
cgit v1.2.1


From 6913cfa9aa9c9c4bda85c2c3a5c2e4c0bcdc1e48 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:17:26 -0700
Subject: Clean up the show_spec examples previously added

---
 spec/features/groups/show_spec.rb | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 48ba9064327..ef0e885ee5f 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -56,27 +56,28 @@ describe 'Group show page' do
   end
 
   context 'subgroup support' do
+    let(:restricted_group) { create(:group,
+                                    subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+    let(:relaxed_group) { create(:group,
+                                 subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
     let(:owner) { create(:user) }
     let(:maintainer) { create(:user) }
 
-    before do
-      group.add_owner(owner)
-      group.add_maintainer(maintainer)
-    end
-
     context 'for owners' do
+      let(:path) { group_path(restricted_group) }
+
       before do
+        restricted_group.add_owner(owner)
         sign_in(owner)
       end
 
       context 'when subgroups are supported', :js, :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
         end
 
         it 'allows creating subgroups' do
-          visit path
-
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -85,11 +86,10 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
         end
 
         it 'does not allow creating subgroups' do
-          visit path
-
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
@@ -107,30 +107,30 @@ describe 'Group show page' do
         end
 
         context 'when subgroup_creation_level is set to maintainers' do
-          let(:group) do
-            create(:group,
-                   subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+          before do
+            relaxed_group.add_maintainer(maintainer)
+            path = group_path(relaxed_group)
+            visit path
           end
 
           it 'allows creating subgroups' do
-            visit path
-
             expect(page)
               .to have_css("li[data-text='New subgroup']", visible: false)
           end
         end
 
         context 'when subgroup_creation_level is set to owners' do
-          let(:group) do
-            create(:group,
-                   subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+          before do
+            restricted_group.add_maintainer(maintainer)
           end
 
           it 'does not allow creating subgroups' do
+            path = group_path(restricted_group)
             visit path
 
             expect(page)
-              .not_to have_css("li[data-text='New subgroup']", visible: false)
+              .not_to have_selector("li[data-text='New subgroup']",
+                                    visible: false)
           end
         end
       end
-- 
cgit v1.2.1


From 6e56a915304603a3cc7716823c2d98f108707611 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:55:00 -0700
Subject: Fix group creat_service_spec to contain maintainer context

---
 spec/services/groups/create_service_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index 267ad529d3b..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as Owner' do
+      context 'as maintainer' do
         before do
-          group.add_owner(user)
+          group.add_maintainer(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From 3bb1539f24ed642971b16bd9dbb75d7cbb71b08a Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:56:02 -0700
Subject: Add descriptions to examples

---
 spec/policies/group_policy_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 7fba62d2aa8..020b51f776e 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -103,7 +103,7 @@ describe GroupPolicy do
                            :private,
                            subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
 
-      it do
+      it 'allows every maintainer permission plus creating subgroups' do
         allow(Group).to receive(:supports_nested_objects?).and_return(true)
 
         create_subgroup_permission = [:create_subgroup]
@@ -121,7 +121,7 @@ describe GroupPolicy do
     end
 
     context 'with subgroup_creation_level set to owner' do
-      it do
+      it 'allows every maintainer permission' do
         allow(Group).to receive(:supports_nested_objects?).and_return(true)
 
         expect_allowed(*guest_permissions)
-- 
cgit v1.2.1


From 0cacb35552e6c30f9cb03f17d1953063fc551aa5 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 13:41:32 -0700
Subject: Apply changes recomended by merge request coach

---
 app/models/group.rb                                       |  4 ++++
 app/views/groups/_group_admin_settings.html.haml          |  6 ++++++
 ...190626175626_add_group_creation_level_to_namespaces.rb | 15 +++++----------
 db/schema.rb                                              |  2 +-
 spec/controllers/admin/groups_controller_spec.rb          |  6 ++----
 spec/features/admin/admin_groups_spec.rb                  |  9 +++++++++
 spec/features/groups/show_spec.rb                         |  4 ++--
 spec/services/groups/create_service_spec.rb               |  9 ---------
 8 files changed, 29 insertions(+), 26 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 8e89c7ecfb1..44bc6c8288a 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -414,6 +414,10 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
+  def subgroup_creation_level
+    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   private
 
   def update_two_factor_requirement
diff --git a/app/views/groups/_group_admin_settings.html.haml b/app/views/groups/_group_admin_settings.html.haml
index b8f632d11d3..733cb36cc3d 100644
--- a/app/views/groups/_group_admin_settings.html.haml
+++ b/app/views/groups/_group_admin_settings.html.haml
@@ -16,6 +16,12 @@
   .col-sm-10
     = f.select :project_creation_level, options_for_select(::Gitlab::Access.project_creation_options, @group.project_creation_level), {}, class: 'form-control'
 
+.form-group.row
+  .col-sm-2.col-form-label
+    = f.label s_('SubgroupCreationlevel|Allowed to create subgroups')
+  .col-sm-10
+    = f.select :subgroup_creation_level, options_for_select(::Gitlab::Access.subgroup_creation_options, @group.subgroup_creation_level), {}, class: 'form-control'
+
 .form-group.row
   .col-sm-2.col-form-label.pt-0
     = f.label :require_two_factor_authentication, 'Two-factor authentication'
diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index 85ac89af46e..867ec3b7c91 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -7,18 +7,13 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
   disable_ddl_transaction!
 
   def up
-    unless column_exists?(:namespaces, :subgroup_creation_level)
-      add_column_with_default(:namespaces,
-                              :subgroup_creation_level,
-                              :integer,
-                              default: 0)
-      change_column_default(:namespaces, :subgroup_creation_level, 1)
-    end
+    add_column(:namespaces, :subgroup_creation_level, :integer)
+    change_column_default(:namespaces,
+                          :subgroup_creation_level,
+                          ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
   end
 
   def down
-    if column_exists?(:namespaces, :subgroup_creation_level)
-      remove_column(:namespaces, :subgroup_creation_level)
-    end
+    remove_column(:namespaces, :subgroup_creation_level)
   end
 end
diff --git a/db/schema.rb b/db/schema.rb
index 272f0fe747b..d121ad8b372 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -2112,7 +2112,7 @@ ActiveRecord::Schema.define(version: 20190628145246) do
     t.integer "extra_shared_runners_minutes_limit"
     t.string "ldap_sync_status", default: "ready", null: false
     t.boolean "membership_lock", default: false
-    t.integer "subgroup_creation_level", default: 1, null: false
+    t.integer "subgroup_creation_level", default: 1
     t.index ["created_at"], name: "index_namespaces_on_created_at", using: :btree
     t.index ["custom_project_templates_group_id", "type"], name: "index_namespaces_on_custom_project_templates_group_id_and_type", where: "(custom_project_templates_group_id IS NOT NULL)", using: :btree
     t.index ["file_template_project_id"], name: "index_namespaces_on_file_template_project_id", using: :btree
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 398f587bafe..1123563c1e3 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,13 +70,11 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
-
       expect do
         post :update,
              params: { id: group.to_param,
-                       group: { subgroup_creation_level: OWNER } }
-      end.to change { group.reload.subgroup_creation_level }.to(OWNER)
+                       group: { subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS } }
+      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/features/admin/admin_groups_spec.rb b/spec/features/admin/admin_groups_spec.rb
index 735ca60f7da..35c384dd458 100644
--- a/spec/features/admin/admin_groups_spec.rb
+++ b/spec/features/admin/admin_groups_spec.rb
@@ -102,6 +102,15 @@ describe 'Admin Groups' do
       expect_selected_visibility(group.visibility_level)
     end
 
+    it 'shows the subgroup creation level dropdown populated with the group subgroup_creation_level value' do
+      group = create(:group, :private, :owner_subgroup_creation_only)
+
+      visit admin_group_edit_path(group)
+
+      expect(page).to have_select("group_subgroup_creation_level",
+                                  selected: ::Gitlab::Access.subgroup_creation_options.keys[group.subgroup_creation_level])
+    end
+
     it 'edit group path does not change group name', :js do
       group = create(:group, :private)
 
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index ef0e885ee5f..5096abadb79 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -71,7 +71,7 @@ describe 'Group show page' do
         sign_in(owner)
       end
 
-      context 'when subgroups are supported', :js, :nested_groups do
+      context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
           visit path
@@ -101,7 +101,7 @@ describe 'Group show page' do
         sign_in(maintainer)
       end
 
-      context 'when subgroups are supported', :js, :nested_groups do
+      context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
         end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..c5ff6cdbacd 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,4 +1,3 @@
-# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -88,14 +87,6 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
-
-      context 'as maintainer' do
-        before do
-          group.add_maintainer(user)
-        end
-
-        it { is_expected.to be_persisted }
-      end
     end
   end
 
-- 
cgit v1.2.1


From 4834d9359334edd40bf44cbe6f9fc9d10ce7265e Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 11:07:17 -0700
Subject: Add failing unit test specifying a maintainer creating a subgroup

---
 spec/services/groups/create_service_spec.rb                  |  9 +++++++++
 .../shared_contexts/policies/group_policy_shared_context.rb  | 12 ++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index c5ff6cdbacd..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,3 +1,4 @@
+# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -87,6 +88,14 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
+
+      context 'as maintainer' do
+        before do
+          group.add_maintainer(user)
+        end
+
+        it { is_expected.to be_persisted }
+      end
     end
   end
 
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 74389c4d82b..d596317462a 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -23,6 +23,15 @@ RSpec.shared_context 'GroupPolicy context' do
       create_projects
       read_cluster create_cluster update_cluster admin_cluster add_cluster
     ]
+    [
+      :create_projects,
+      :read_cluster,
+      :create_cluster,
+      :update_cluster,
+      :admin_cluster,
+      :add_cluster,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+    ].compact
   end
   let(:owner_permissions) do
     [
@@ -30,8 +39,7 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+      :set_note_created_at
     ].compact
   end
 
-- 
cgit v1.2.1


From 4ab48e3374590e5300e86565bc47691c30316125 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 13:22:12 -0700
Subject: Modify API spec to expect a maintainer to be able to create subgroup

---
 spec/support/shared_contexts/policies/group_policy_shared_context.rb | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index d596317462a..5a55bbac788 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,10 +19,6 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    %i[
-      create_projects
-      read_cluster create_cluster update_cluster admin_cluster add_cluster
-    ]
     [
       :create_projects,
       :read_cluster,
-- 
cgit v1.2.1


From 1c68fd4ad4dc588440cf58e21be5c2c844e02648 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 15:29:54 -0700
Subject: Adjust the documentation on subgroups

---
 doc/user/group/subgroups/index.md | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index 1c6cca049c5..e3f7539a9b6 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -75,13 +75,16 @@ structure.
 ## Creating a subgroup
 
 NOTE: **Note:**
-You must be an Owner of a group to create a subgroup. For
-more information check the [permissions table](../../permissions.md#group-members-permissions).
+In order to create a subgroup you must either be an Owner or a Maintainer of the
+group, depending on the group's setting. By default groups allow both Owners and
+Maintainers to create subgroups, but this can be changed by an Owner or
+Administrator to only allow Owners to create subgroups. For more information
+check the [permissions table](../../permissions.md#group-members-permissions).
 For a list of words that are not allowed to be used as group names see the
-[reserved names](../../reserved_names.md).
-Users can always create subgroups if they are explicitly added as an Owner to
-a parent group, even if group creation is disabled by an administrator in their
-settings.
+[reserved names](../../reserved_names.md).  Users can always create subgroups if
+they are explicitly added as an Owner (or Maintainer, if that setting is
+enabled) to a parent group, even if group creation is disabled by an
+administrator in their settings.
 
 To create a subgroup:
 
-- 
cgit v1.2.1


From df5f65af715f310fc90e5d0e9311be29ca3f959f Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 15:39:43 -0700
Subject: Adjust the documentation on subgroup permissions

---
 doc/user/permissions.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 03abef9fc62..20b23b75cb9 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -209,13 +209,15 @@ group.
 | Create project in group                         |       |          | ✓         | ✓          | ✓     |
 | Create/edit/delete group milestones             |       |          | ✓         | ✓          | ✓     |
 | Enable/disable a dependency proxy **[PREMIUM]** |       |          | ✓         | ✓          | ✓     |
+| Create subgroup                                 |       |          |           | ✓*         | ✓     |
 | Edit group                                      |       |          |           |            | ✓     |
-| Create subgroup                                 |       |          |           |            | ✓     |
 | Manage group members                            |       |          |           |            | ✓     |
 | Remove group                                    |       |          |           |            | ✓     |
 | Delete group epic **[ULTIMATE]**                |       |          |           |            | ✓     |
 | View group Audit Events                         |       |          |           |            | ✓     |
 
+*Groups can be set to allow either Owners or Owners and maintainers to create subgroups
+
 ### Subgroup permissions
 
 When you add a member to a subgroup, they inherit the membership and
-- 
cgit v1.2.1


From df96ef8b9754998756afc06a507d708813e1d84b Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 16:27:49 -0700
Subject: Fix some code style issues

---
 spec/features/groups/show_spec.rb  | 12 ++++++++----
 spec/policies/group_policy_spec.rb | 13 ++++++-------
 2 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 5096abadb79..f1501181432 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -56,10 +56,14 @@ describe 'Group show page' do
   end
 
   context 'subgroup support' do
-    let(:restricted_group) { create(:group,
-                                    subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
-    let(:relaxed_group) { create(:group,
-                                 subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+    let(:restricted_group) do
+      create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) 
+    end
+
+    let(:relaxed_group) do
+      create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) 
+    end
+
     let(:owner) { create(:user) }
     let(:maintainer) { create(:user) }
 
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 020b51f776e..dc3675a7b9e 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -99,9 +99,9 @@ describe GroupPolicy do
     let(:current_user) { maintainer }
 
     context 'with subgroup_creation level set to maintainer' do
-      let(:group) { create(:group,
-                           :private,
-                           subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+      let(:group) do
+        create(:group, :private, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      end
 
       it 'allows every maintainer permission plus creating subgroups' do
         allow(Group).to receive(:supports_nested_objects?).and_return(true)
@@ -207,10 +207,9 @@ describe GroupPolicy do
   end
 
   describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do
-    let(:nested_group) { create(:group,
-                                :private,
-                                :owner_subgroup_creation_only,
-                                parent: group) }
+    let(:nested_group) do
+      create(:group, :private, :owner_subgroup_creation_only, parent: group)
+    end
 
     before do
       nested_group.add_guest(guest)
-- 
cgit v1.2.1


From 44fabdaade148caed637d0ea387830100eb15fbc Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 2 Jul 2019 08:38:38 -0700
Subject: Apply recomended changes from merge coach

---
 ...190626175626_add_group_creation_level_to_namespaces.rb |  1 -
 spec/features/admin/admin_groups_spec.rb                  |  3 +--
 spec/features/groups/show_spec.rb                         | 15 +++++++++------
 3 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index 867ec3b7c91..3b75c92e518 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -4,7 +4,6 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
   include Gitlab::Database::MigrationHelpers
 
   DOWNTIME = false
-  disable_ddl_transaction!
 
   def up
     add_column(:namespaces, :subgroup_creation_level, :integer)
diff --git a/spec/features/admin/admin_groups_spec.rb b/spec/features/admin/admin_groups_spec.rb
index 35c384dd458..c1ad73779c9 100644
--- a/spec/features/admin/admin_groups_spec.rb
+++ b/spec/features/admin/admin_groups_spec.rb
@@ -107,8 +107,7 @@ describe 'Admin Groups' do
 
       visit admin_group_edit_path(group)
 
-      expect(page).to have_select("group_subgroup_creation_level",
-                                  selected: ::Gitlab::Access.subgroup_creation_options.keys[group.subgroup_creation_level])
+      expect(page).to have_content('Allowed to create subgroups')
     end
 
     it 'edit group path does not change group name', :js do
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index f1501181432..bed998a0859 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -57,11 +57,11 @@ describe 'Group show page' do
 
   context 'subgroup support' do
     let(:restricted_group) do
-      create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) 
+      create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
     end
 
     let(:relaxed_group) do
-      create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) 
+      create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
 
     let(:owner) { create(:user) }
@@ -78,10 +78,11 @@ describe 'Group show page' do
       context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
         it 'allows creating subgroups' do
+          visit path
+
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -90,10 +91,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
@@ -113,11 +115,12 @@ describe 'Group show page' do
         context 'when subgroup_creation_level is set to maintainers' do
           before do
             relaxed_group.add_maintainer(maintainer)
-            path = group_path(relaxed_group)
-            visit path
           end
 
           it 'allows creating subgroups' do
+            path = group_path(relaxed_group)
+            visit path
+
             expect(page)
               .to have_css("li[data-text='New subgroup']", visible: false)
           end
-- 
cgit v1.2.1


From 9c8f5b7192986918322d23efc2acec7b189fd69b Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 3 Jul 2019 05:55:20 +0000
Subject: Apply suggestion to doc/user/group/subgroups/index.md

---
 doc/user/group/subgroups/index.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index e3f7539a9b6..fad7541bdc4 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -81,7 +81,9 @@ Maintainers to create subgroups, but this can be changed by an Owner or
 Administrator to only allow Owners to create subgroups. For more information
 check the [permissions table](../../permissions.md#group-members-permissions).
 For a list of words that are not allowed to be used as group names see the
-[reserved names](../../reserved_names.md).  Users can always create subgroups if
+[reserved names](../../reserved_names.md).
+
+Users can always create subgroups if
 they are explicitly added as an Owner (or Maintainer, if that setting is
 enabled) to a parent group, even if group creation is disabled by an
 administrator in their settings.
-- 
cgit v1.2.1


From 78e3a413b8d3779bfd462b4864ab3d9813344366 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 3 Jul 2019 05:55:49 +0000
Subject: Apply suggestion to doc/user/permissions.md

---
 doc/user/permissions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 20b23b75cb9..216e88d0113 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -209,7 +209,7 @@ group.
 | Create project in group                         |       |          | ✓         | ✓          | ✓     |
 | Create/edit/delete group milestones             |       |          | ✓         | ✓          | ✓     |
 | Enable/disable a dependency proxy **[PREMIUM]** |       |          | ✓         | ✓          | ✓     |
-| Create subgroup                                 |       |          |           | ✓*         | ✓     |
+| Create subgroup                                 |       |          |           | ✓ (1)        | ✓     |
 | Edit group                                      |       |          |           |            | ✓     |
 | Manage group members                            |       |          |           |            | ✓     |
 | Remove group                                    |       |          |           |            | ✓     |
-- 
cgit v1.2.1


From 43858b4badc786fc8254937e0cefad3798481d9f Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 3 Jul 2019 05:56:03 +0000
Subject: Apply suggestion to doc/user/permissions.md

---
 doc/user/permissions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 216e88d0113..190f8bc8cbc 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -216,7 +216,7 @@ group.
 | Delete group epic **[ULTIMATE]**                |       |          |           |            | ✓     |
 | View group Audit Events                         |       |          |           |            | ✓     |
 
-*Groups can be set to allow either Owners or Owners and maintainers to create subgroups
+- (1): Groups can be set to allow either Owners or Owners and maintainers to create subgroups
 
 ### Subgroup permissions
 
-- 
cgit v1.2.1


From cea16e03d639ea8ba32cba32c07a47d05220a363 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 3 Jul 2019 05:56:53 +0000
Subject: Apply suggestion to doc/user/group/subgroups/index.md

---
 doc/user/group/subgroups/index.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index fad7541bdc4..4e88ec5ee76 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -74,7 +74,6 @@ structure.
 
 ## Creating a subgroup
 
-NOTE: **Note:**
 In order to create a subgroup you must either be an Owner or a Maintainer of the
 group, depending on the group's setting. By default groups allow both Owners and
 Maintainers to create subgroups, but this can be changed by an Owner or
-- 
cgit v1.2.1


From e8e3fdf7c7f6d0696538ff5819c03d0ea5e9217b Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 3 Jul 2019 16:43:56 +0000
Subject: Update index.md

---
 doc/user/group/subgroups/index.md | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index 4e88ec5ee76..b9313ccdb1e 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -74,18 +74,19 @@ structure.
 
 ## Creating a subgroup
 
-In order to create a subgroup you must either be an Owner or a Maintainer of the
-group, depending on the group's setting. By default groups allow both Owners and
+To create a subgroup you must either be an Owner or a Maintainer of the group,
+depending on the group's setting. By default groups allow both Owners and
 Maintainers to create subgroups, but this can be changed by an Owner or
-Administrator to only allow Owners to create subgroups. For more information
-check the [permissions table](../../permissions.md#group-members-permissions).
-For a list of words that are not allowed to be used as group names see the
+Administrator to only allow Owners to create subgroups.
+
+For more information check the
+[permissions table](../../permissions.md#group-members-permissions). For a list
+of words that are not allowed to be used as group names see the
 [reserved names](../../reserved_names.md).
 
-Users can always create subgroups if
-they are explicitly added as an Owner (or Maintainer, if that setting is
-enabled) to a parent group, even if group creation is disabled by an
-administrator in their settings.
+Users can always create subgroups if they are explicitly added as an Owner (or
+Maintainer, if that setting is enabled) to a parent group, even if group
+creation is disabled by an administrator in their settings.
 
 To create a subgroup:
 
-- 
cgit v1.2.1

-- 
cgit v1.2.1


From c93ce836930a875452432ccc0c92733fb8adda29 Mon Sep 17 00:00:00 2001
From: manojmj <mmj@gitlab.com>
Date: Thu, 27 Jun 2019 14:44:01 +0530
Subject: Do not allow localhost url redirection in GitHub Integration

---
 .../unreleased/security-github-ssrf-redirect.yml   |  5 ++
 config/initializers/octokit.rb                     |  1 +
 lib/gitlab/github_import/client.rb                 |  4 +-
 lib/gitlab/legacy_github_import/client.rb          |  2 +-
 lib/gitlab/octokit/middleware.rb                   | 23 ++++++++
 spec/lib/gitlab/octokit/middleware_spec.rb         | 68 ++++++++++++++++++++++
 6 files changed, 100 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/unreleased/security-github-ssrf-redirect.yml
 create mode 100644 config/initializers/octokit.rb
 create mode 100644 lib/gitlab/octokit/middleware.rb
 create mode 100644 spec/lib/gitlab/octokit/middleware_spec.rb

diff --git a/changelogs/unreleased/security-github-ssrf-redirect.yml b/changelogs/unreleased/security-github-ssrf-redirect.yml
new file mode 100644
index 00000000000..36a36de3eb0
--- /dev/null
+++ b/changelogs/unreleased/security-github-ssrf-redirect.yml
@@ -0,0 +1,5 @@
+---
+title: Do not allow localhost url redirection in GitHub Integration
+merge_request:
+author:
+type: security
diff --git a/config/initializers/octokit.rb b/config/initializers/octokit.rb
new file mode 100644
index 00000000000..b3749258ec5
--- /dev/null
+++ b/config/initializers/octokit.rb
@@ -0,0 +1 @@
+Octokit.middleware.insert_after Octokit::Middleware::FollowRedirects, Gitlab::Octokit::Middleware
diff --git a/lib/gitlab/github_import/client.rb b/lib/gitlab/github_import/client.rb
index a61beafae0d..826b35d685c 100644
--- a/lib/gitlab/github_import/client.rb
+++ b/lib/gitlab/github_import/client.rb
@@ -40,7 +40,7 @@ module Gitlab
       #            otherwise hitting the rate limit will result in a thread
       #            being blocked in a `sleep()` call for up to an hour.
       def initialize(token, per_page: 100, parallel: true)
-        @octokit = Octokit::Client.new(
+        @octokit = ::Octokit::Client.new(
           access_token: token,
           per_page: per_page,
           api_endpoint: api_endpoint
@@ -139,7 +139,7 @@ module Gitlab
 
         begin
           yield
-        rescue Octokit::TooManyRequests
+        rescue ::Octokit::TooManyRequests
           raise_or_wait_for_rate_limit
 
           # This retry will only happen when running in sequential mode as we'll
diff --git a/lib/gitlab/legacy_github_import/client.rb b/lib/gitlab/legacy_github_import/client.rb
index bbdd094e33b..b23efd64dee 100644
--- a/lib/gitlab/legacy_github_import/client.rb
+++ b/lib/gitlab/legacy_github_import/client.rb
@@ -101,7 +101,7 @@ module Gitlab
       # GitHub Rate Limit API returns 404 when the rate limit is
       # disabled. In this case we just want to return gracefully
       # instead of spitting out an error.
-      rescue Octokit::NotFound
+      rescue ::Octokit::NotFound
         nil
       end
 
diff --git a/lib/gitlab/octokit/middleware.rb b/lib/gitlab/octokit/middleware.rb
new file mode 100644
index 00000000000..2f762957d1b
--- /dev/null
+++ b/lib/gitlab/octokit/middleware.rb
@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Octokit
+    class Middleware
+      def initialize(app)
+        @app = app
+      end
+
+      def call(env)
+        Gitlab::UrlBlocker.validate!(env[:url], { allow_localhost: allow_local_requests?, allow_local_network: allow_local_requests? })
+
+        @app.call(env)
+      end
+
+      private
+
+      def allow_local_requests?
+        Gitlab::CurrentSettings.allow_local_requests_from_hooks_and_services?
+      end
+    end
+  end
+end
diff --git a/spec/lib/gitlab/octokit/middleware_spec.rb b/spec/lib/gitlab/octokit/middleware_spec.rb
new file mode 100644
index 00000000000..7f2b523f5b7
--- /dev/null
+++ b/spec/lib/gitlab/octokit/middleware_spec.rb
@@ -0,0 +1,68 @@
+require 'spec_helper'
+
+describe Gitlab::Octokit::Middleware do
+  let(:app) { double(:app) }
+  let(:middleware) { described_class.new(app) }
+
+  shared_examples 'Public URL' do
+    it 'does not raise an error' do
+      expect(app).to receive(:call).with(env)
+
+      expect { middleware.call(env) }.not_to raise_error
+    end
+  end
+
+  shared_examples 'Local URL' do
+    it 'raises an error' do
+      expect { middleware.call(env) }.to raise_error(Gitlab::UrlBlocker::BlockedUrlError)
+    end
+  end
+
+  describe '#call' do
+    context 'when the URL is a public URL' do
+      let(:env) { { url: 'https://public-url.com' } }
+
+      it_behaves_like 'Public URL'
+    end
+
+    context 'when the URL is a localhost adresss' do
+      let(:env) { { url: 'http://127.0.0.1' } }
+
+      context 'when localhost requests are not allowed' do
+        before do
+          stub_application_setting(allow_local_requests_from_hooks_and_services: false)
+        end
+
+        it_behaves_like 'Local URL'
+      end
+
+      context 'when localhost requests are allowed' do
+        before do
+          stub_application_setting(allow_local_requests_from_hooks_and_services: true)
+        end
+
+        it_behaves_like 'Public URL'
+      end
+    end
+
+    context 'when the URL is a local network address' do
+      let(:env) { { url: 'http://172.16.0.0' } }
+
+      context 'when local network requests are not allowed' do
+        before do
+          stub_application_setting(allow_local_requests_from_hooks_and_services: false)
+        end
+
+        it_behaves_like 'Local URL'
+      end
+
+      context 'when local network requests are allowed' do
+        before do
+          stub_application_setting(allow_local_requests_from_hooks_and_services: true)
+        end
+
+        it_behaves_like 'Public URL'
+      end
+    end
+  end
+end
-- 
cgit v1.2.1


From 51fa8a5e778ff6909fd7f70fc8062bb33940a822 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 5 Jul 2019 14:52:06 +0000
Subject: Apply suggestion to doc/user/permissions.md

---
 doc/user/permissions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 190f8bc8cbc..10184de8784 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -216,7 +216,7 @@ group.
 | Delete group epic **[ULTIMATE]**                |       |          |           |            | ✓     |
 | View group Audit Events                         |       |          |           |            | ✓     |
 
-- (1): Groups can be set to allow either Owners or Owners and maintainers to create subgroups
+- (1): Groups can be set to allow either Owners or Owners and Maintainers to create subgroups
 
 ### Subgroup permissions
 
-- 
cgit v1.2.1


From 019caa8de59f0ca701d4f099a4068605b17e3b93 Mon Sep 17 00:00:00 2001
From: drew cimino <dcimino@gitlab.com>
Date: Fri, 28 Jun 2019 10:40:34 -0400
Subject: Use MergeRequest#source_project as permissions reference for
 MergeRequest#all_pipelines

MergeRequest#all_pipelines fetches Ci::Pipeline records from the source
project, so we should specifically check that project for permissions.
This was already happening for intra-project merge requests, but in the
event that the target and source projects both have private builds, we
should ensure that the project permissions are respected.
---
 .../merge_requests/application_controller.rb       |  2 +-
 .../projects/merge_requests_controller.rb          |  3 +-
 .../security-mr-pipeline-permissions.yml           |  5 ++
 .../projects/merge_requests_controller_spec.rb     | 98 +++++++++++++++++++++-
 4 files changed, 102 insertions(+), 6 deletions(-)
 create mode 100644 changelogs/unreleased/security-mr-pipeline-permissions.yml

diff --git a/app/controllers/projects/merge_requests/application_controller.rb b/app/controllers/projects/merge_requests/application_controller.rb
index dcc272aecff..006731c0e66 100644
--- a/app/controllers/projects/merge_requests/application_controller.rb
+++ b/app/controllers/projects/merge_requests/application_controller.rb
@@ -45,7 +45,7 @@ class Projects::MergeRequests::ApplicationController < Projects::ApplicationCont
 
   def set_pipeline_variables
     @pipelines =
-      if can?(current_user, :read_pipeline, @project)
+      if can?(current_user, :read_pipeline, @merge_request.source_project)
         @merge_request.all_pipelines
       else
         Ci::Pipeline.none
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index 7ee8e0ea8f8..7f87fc3792a 100644
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -82,7 +82,8 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
   end
 
   def pipelines
-    @pipelines = @merge_request.all_pipelines.page(params[:page]).per(30)
+    set_pipeline_variables
+    @pipelines = @pipelines.page(params[:page]).per(30)
 
     Gitlab::PollingInterval.set_header(response, interval: 10_000)
 
diff --git a/changelogs/unreleased/security-mr-pipeline-permissions.yml b/changelogs/unreleased/security-mr-pipeline-permissions.yml
new file mode 100644
index 00000000000..a317c93228c
--- /dev/null
+++ b/changelogs/unreleased/security-mr-pipeline-permissions.yml
@@ -0,0 +1,5 @@
+---
+title: Use source project as permissions reference for MergeRequestsController#pipelines
+merge_request:
+author:
+type: security
diff --git a/spec/controllers/projects/merge_requests_controller_spec.rb b/spec/controllers/projects/merge_requests_controller_spec.rb
index 0eca663a683..64a89205e2f 100644
--- a/spec/controllers/projects/merge_requests_controller_spec.rb
+++ b/spec/controllers/projects/merge_requests_controller_spec.rb
@@ -623,10 +623,100 @@ describe Projects::MergeRequestsController do
           format: :json
     end
 
-    it 'responds with serialized pipelines' do
-      expect(json_response['pipelines']).not_to be_empty
-      expect(json_response['count']['all']).to eq 1
-      expect(response).to include_pagination_headers
+    context 'with "enabled" builds on a public project' do
+      let(:project) { create(:project, :repository, :public) }
+
+      context 'for a project owner' do
+        it 'responds with serialized pipelines' do
+          expect(json_response['pipelines']).to be_present
+          expect(json_response['count']['all']).to eq(1)
+          expect(response).to include_pagination_headers
+        end
+      end
+
+      context 'for an unassociated user' do
+        let(:user) { create :user }
+
+        it 'responds with no pipelines' do
+          expect(json_response['pipelines']).to be_present
+          expect(json_response['count']['all']).to eq(1)
+          expect(response).to include_pagination_headers
+        end
+      end
+    end
+
+    context 'with private builds on a public project' do
+      let(:project) { create(:project, :repository, :public, :builds_private) }
+
+      context 'for a project owner' do
+        it 'responds with serialized pipelines' do
+          expect(json_response['pipelines']).to be_present
+          expect(json_response['count']['all']).to eq(1)
+          expect(response).to include_pagination_headers
+        end
+      end
+
+      context 'for an unassociated user' do
+        let(:user) { create :user }
+
+        it 'responds with no pipelines' do
+          expect(json_response['pipelines']).to be_empty
+          expect(json_response['count']['all']).to eq(0)
+          expect(response).to include_pagination_headers
+        end
+      end
+
+      context 'from a project fork' do
+        let(:fork_user)      { create :user }
+        let(:forked_project) { fork_project(project, fork_user, repository: true) } # Forked project carries over :builds_private
+        let(:merge_request)  { create(:merge_request_with_diffs, target_project: project, source_project: forked_project) }
+
+        context 'with private builds' do
+          context 'for the target project member' do
+            it 'does not respond with serialized pipelines' do
+              expect(json_response['pipelines']).to be_empty
+              expect(json_response['count']['all']).to eq(0)
+              expect(response).to include_pagination_headers
+            end
+          end
+
+          context 'for the source project member' do
+            let(:user) { fork_user }
+
+            it 'responds with serialized pipelines' do
+              expect(json_response['pipelines']).to be_present
+              expect(json_response['count']['all']).to eq(1)
+              expect(response).to include_pagination_headers
+            end
+          end
+        end
+
+        context 'with public builds' do
+          let(:forked_project) do
+            fork_project(project, fork_user, repository: true).tap do |new_project|
+              new_project.project_feature.update(builds_access_level: ProjectFeature::ENABLED)
+            end
+          end
+
+          context 'for the target project member' do
+            it 'does not respond with serialized pipelines' do
+              expect(json_response['pipelines']).to be_present
+              expect(json_response['count']['all']).to eq(1)
+              expect(response).to include_pagination_headers
+            end
+          end
+
+          context 'for the source project member' do
+            let(:user) { fork_user }
+
+            it 'responds with serialized pipelines' do
+              expect(json_response['pipelines']).to be_present
+              expect(json_response['count']['all']).to eq(1)
+              expect(response).to include_pagination_headers
+            end
+          end
+        end
+      end
     end
   end
 
-- 
cgit v1.2.1


From 11e2eb79f332f4fd5533b8e0b16ce5c7600b4833 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 5 Jul 2019 08:27:46 -0700
Subject: Fixed a failing test

---
 .../policies/group_policy_shared_context.rb              | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 5a55bbac788..599c912ce00 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,15 +19,10 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    [
-      :create_projects,
-      :read_cluster,
-      :create_cluster,
-      :update_cluster,
-      :admin_cluster,
-      :add_cluster,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
-    ].compact
+    %i[
+      create_projects read_cluster create_cluster update_cluster
+      admin_cluster add_cluster
+    ]
   end
   let(:owner_permissions) do
     [
@@ -35,7 +30,8 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at
+      :set_note_created_at,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
     ].compact
   end
 
-- 
cgit v1.2.1


From b7602279ab79cd69daf731bd160d7a00ff5fe2f0 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 14 Jun 2019 15:13:24 -0700
Subject: Add changelog

---
 changelogs/unreleased/maintainers-can-create-subgroup.yml | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changelogs/unreleased/maintainers-can-create-subgroup.yml

diff --git a/changelogs/unreleased/maintainers-can-create-subgroup.yml b/changelogs/unreleased/maintainers-can-create-subgroup.yml
new file mode 100644
index 00000000000..b537862c8af
--- /dev/null
+++ b/changelogs/unreleased/maintainers-can-create-subgroup.yml
@@ -0,0 +1,5 @@
+---
+title: Maintainers can crete subgroups
+merge_request: 29718
+author: Fabio Papa
+type: changed
-- 
cgit v1.2.1


From 976572489da756e410ba3b7d741d57e2e04aa9db Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 14 Jun 2019 15:16:55 -0700
Subject: Add failing feature spec detailing a maintainer creating a subgroup

- Change the two existing feature examples that create a subgroup to
  elucidate that the owner is creating the subgroup

- Nest two more specs inside the 'subgroup support' context detailing
  what happens when a maintainer attempts to add a subgroup (one with
  subgroup support, and one without)
---
 spec/features/groups/show_spec.rb | 61 ++++++++++++++++++++++++++++++---------
 1 file changed, 48 insertions(+), 13 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 9671a4d8c49..2654d06cd8c 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -56,32 +56,67 @@ describe 'Group show page' do
   end
 
   context 'subgroup support' do
-    let(:user) { create(:user) }
+    let(:owner) { create(:user) }
+    let(:maintainer) { create(:user) }
 
     before do
-      group.add_owner(user)
-      sign_in(user)
+      group.add_owner(owner)
+      group.add_maintainer(maintainer)
     end
 
-    context 'when subgroups are supported', :js, :nested_groups do
+    context 'for owners' do
       before do
-        allow(Group).to receive(:supports_nested_objects?) { true }
-        visit path
+        sign_in(owner)
       end
 
-      it 'allows creating subgroups' do
-        expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+      context 'when subgroups are supported', :js, :nested_groups do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+        end
+      end
+
+      context 'when subgroups are not supported' do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+        end
       end
     end
 
-    context 'when subgroups are not supported' do
+    context 'for maintainers' do
       before do
-        allow(Group).to receive(:supports_nested_objects?) { false }
-        visit path
+        sign_in(maintainer)
+      end
+
+      context 'when subgroups are supported', :js, :nested_groups do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+        end
       end
 
-      it 'allows creating subgroups' do
-        expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+      context 'when subgroups are not supported' do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+        end
       end
     end
   end
-- 
cgit v1.2.1


From f5957cf5f5fdb633ea5c7a6cc968667370951e45 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 11:07:17 -0700
Subject: Add failing unit test specifying a maintainer creating a subgroup

---
 spec/services/groups/create_service_spec.rb                  |  9 +++++++++
 .../shared_contexts/policies/group_policy_shared_context.rb  | 12 ++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index c5ff6cdbacd..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,3 +1,4 @@
+# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -87,6 +88,14 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
+
+      context 'as maintainer' do
+        before do
+          group.add_maintainer(user)
+        end
+
+        it { is_expected.to be_persisted }
+      end
     end
   end
 
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index b4808ac0068..b4b09d3295f 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -23,6 +23,15 @@ RSpec.shared_context 'GroupPolicy context' do
       create_projects
       read_cluster create_cluster update_cluster admin_cluster add_cluster
     ]
+    [
+      :create_projects,
+      :read_cluster,
+      :create_cluster,
+      :update_cluster,
+      :admin_cluster,
+      :add_cluster,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+    ].compact
   end
   let(:owner_permissions) do
     [
@@ -30,8 +39,7 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+      :set_note_created_at
     ].compact
   end
 
-- 
cgit v1.2.1


From cc80e306d571d8881d06d0d04831ddd0433fd518 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 12:23:56 -0700
Subject: Update the group policy to allow >= maintainer to create subgroups

All specs passing
---
 app/policies/group_policy.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index ea86858181d..d92bcded19d 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -109,7 +109,7 @@ class GroupPolicy < BasePolicy
     enable :read_nested_project_resources
   end
 
-  rule { owner & nested_groups_supported }.enable :create_subgroup
+  rule { maintainer & nested_groups_supported }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
-- 
cgit v1.2.1


From a664c1b7a825f9aab96a8dc92ef6f667ba7a8882 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 13:22:12 -0700
Subject: Modify API spec to expect a maintainer to be able to create subgroup

---
 spec/requests/api/groups_spec.rb                                     | 4 ++--
 spec/support/shared_contexts/policies/group_policy_shared_context.rb | 4 ----
 2 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index b4b09d3295f..a40d3087f6e 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,10 +19,6 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    %i[
-      create_projects
-      read_cluster create_cluster update_cluster admin_cluster add_cluster
-    ]
     [
       :create_projects,
       :read_cluster,
-- 
cgit v1.2.1


From c53d34b918954e83ef1ab12e578840899791f24e Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 25 Jun 2019 21:59:10 -0700
Subject: Add examples specing the setting to choose who can create subgroups

This setting is at the group level only. The default is specified to
be maintainers and owners.

**Specs only**, all failing.
---
 spec/controllers/admin/groups_controller_spec.rb   |  6 ++
 spec/factories/groups.rb                           |  1 +
 spec/features/groups/group_settings_spec.rb        |  8 +++
 spec/models/group_spec.rb                          |  8 +++
 spec/policies/group_policy_spec.rb                 | 70 ++++++++++++++++++++++
 .../policies/group_policy_shared_context.rb        | 16 ++---
 6 files changed, 99 insertions(+), 10 deletions(-)

diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 509d8944e3a..df11321537f 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -68,5 +68,11 @@ describe Admin::GroupsController do
         post :update, params: { id: group.to_param, group: { project_creation_level: ::Gitlab::Access::NO_ONE_PROJECT_ACCESS } }
       end.to change { group.reload.project_creation_level }.to(::Gitlab::Access::NO_ONE_PROJECT_ACCESS)
     end
+
+    it 'updates the subgroup_creation_level successfully' do
+      expect do
+        post :update, params: { id: group.to_param, group: { subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS } }
+      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
   end
 end
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 18a0c2ec731..2f50fbfe2fa 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,6 +5,7 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
+    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/features/groups/group_settings_spec.rb b/spec/features/groups/group_settings_spec.rb
index 5cef5f0521f..95534d5a2ba 100644
--- a/spec/features/groups/group_settings_spec.rb
+++ b/spec/features/groups/group_settings_spec.rb
@@ -85,6 +85,14 @@ describe 'Edit group settings' do
     end
   end
 
+  describe 'subgroup creation level menu' do
+    it 'shows the selection menu' do
+      visit edit_group_path(group)
+
+      expect(page).to have_content('Allowed to create subgroups')
+    end
+  end
+  
   describe 'edit group avatar' do
     before do
       visit edit_group_path(group)
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 470ce65707d..fd40061dd3a 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -994,4 +994,12 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
+
+  describe 'subgroup_creation_level' do
+    it 'outputs the default one if it is nil' do
+      group = create(:group, subgroup_creation_level: nil)
+
+      expect(group.subgroup_creation_level).to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
+  end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 59f3a961d50..aed9a8e34ff 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -163,6 +163,18 @@ describe GroupPolicy do
         expect_allowed(*updated_owner_permissions)
       end
     end
+
+    context 'maintainer' do
+      let(:current_user) { maintainer }
+
+      it 'allows every maintainer permission except creating subgroups' do
+        create_subgroup_permission = [:create_subgroup]
+        updated_maintainer_permissions = maintainer_permissions - create_subgroup_permission
+
+        expect_disallowed(*create_subgroup_permission)
+        expect_allowed(*updated_maintainer_permissions)
+      end
+    end
   end
 
   describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do
@@ -461,6 +473,64 @@ describe GroupPolicy do
     end
   end
 
+  context "create_subgroup" do
+    context 'when group has subgroup creation level set to owner' do
+      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+
+      context 'reporter' do
+        let(:current_user) { reporter }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'developer' do
+        let(:current_user) { developer }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'maintainer' do
+        let(:current_user) { maintainer }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'owner' do
+        let(:current_user) { owner }
+
+        it { is_expected.to be_allowed(:create_subgroup) }
+      end
+    end
+
+    context 'when group has subgroup creation level set to maintainer' do
+      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+
+      context 'reporter' do
+        let(:current_user) { reporter }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'developer' do
+        let(:current_user) { developer }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'maintainer' do
+        let(:current_user) { maintainer }
+
+        it { is_expected.to be_allowed(:create_subgroup) }
+      end
+
+      context 'owner' do
+        let(:current_user) { owner }
+
+        it { is_expected.to be_allowed(:create_subgroup) }
+      end
+    end
+  end
+
   it_behaves_like 'clusterable policies' do
     let(:clusterable) { create(:group) }
     let(:cluster) do
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index a40d3087f6e..b4808ac0068 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,15 +19,10 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    [
-      :create_projects,
-      :read_cluster,
-      :create_cluster,
-      :update_cluster,
-      :admin_cluster,
-      :add_cluster,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
-    ].compact
+    %i[
+      create_projects
+      read_cluster create_cluster update_cluster admin_cluster add_cluster
+    ]
   end
   let(:owner_permissions) do
     [
@@ -35,7 +30,8 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at
+      :set_note_created_at,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
     ].compact
   end
 
-- 
cgit v1.2.1


From 73fa819b793302b3cee1d06033ac8e94fa5b784b Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:46:48 -0700
Subject: Reset group policy to only allow >= owners to create subgroups

---
 app/policies/group_policy.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index d92bcded19d..ea86858181d 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -109,7 +109,7 @@ class GroupPolicy < BasePolicy
     enable :read_nested_project_resources
   end
 
-  rule { maintainer & nested_groups_supported }.enable :create_subgroup
+  rule { owner & nested_groups_supported }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
-- 
cgit v1.2.1


From 582ff9dbb6dc223163e1ba674cbc72f292520981 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 13:49:27 -0700
Subject: Add a subgroup_creation_level column to the namespaces table

---
 ...6175626_add_group_creation_level_to_namespaces.rb | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
new file mode 100644
index 00000000000..b0ea74d4765
--- /dev/null
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+  disable_ddl_transaction!
+  
+  def up
+    unless column_exists?(:namespaces, :subgroup_creation_level)
+      add_column_with_default(:namespaces, :subgroup_creation_level, :integer, default: 0)
+    end
+  end
+
+  def down
+    if column_exists?(:namespaces, :subgroup_creation_level)
+      remove_column(:namespaces, :subgroup_creation_level)
+    end
+  end
+end
-- 
cgit v1.2.1


From 3ae905d67d96cdff2e855b97ae44a617284c91dc Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 13:39:04 -0700
Subject: Add constants representing Owner and Maintainer group access levels

---
 lib/gitlab/access.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/gitlab/access.rb b/lib/gitlab/access.rb
index 6eb08f674c2..77076ead47a 100644
--- a/lib/gitlab/access.rb
+++ b/lib/gitlab/access.rb
@@ -29,6 +29,10 @@ module Gitlab
     MAINTAINER_PROJECT_ACCESS = 1
     DEVELOPER_MAINTAINER_PROJECT_ACCESS = 2
 
+    # Default subgroup creation level
+    OWNER_SUBGROUP_ACCESS = 0
+    MAINTAINER_SUBGROUP_ACCESS = 1
+
     class << self
       delegate :values, to: :options
 
-- 
cgit v1.2.1


From d37e8dd7cbec015d32c94ab88a51517e4c76d57f Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 13:45:58 -0700
Subject: Add subgroup_creation_level to the list of allowed group params

For both groups_controller and admin/groups_controller
---
 app/controllers/admin/groups_controller.rb | 3 ++-
 app/controllers/groups_controller.rb       | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/controllers/admin/groups_controller.rb b/app/controllers/admin/groups_controller.rb
index 15f7ef881c8..6317fa7c8d1 100644
--- a/app/controllers/admin/groups_controller.rb
+++ b/app/controllers/admin/groups_controller.rb
@@ -90,7 +90,8 @@ class Admin::GroupsController < Admin::ApplicationController
       :visibility_level,
       :require_two_factor_authentication,
       :two_factor_grace_period,
-      :project_creation_level
+      :project_creation_level,
+      :subgroup_creation_level
     ]
   end
 end
diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb
index 797833e3f91..aff418faae5 100644
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -192,7 +192,8 @@ class GroupsController < Groups::ApplicationController
       :chat_team_name,
       :require_two_factor_authentication,
       :two_factor_grace_period,
-      :project_creation_level
+      :project_creation_level,
+      :subgroup_creation_level
     ]
   end
 
-- 
cgit v1.2.1


From 0a2a6aae44c6d06bb8ebc24f5f94195ab43a5e92 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:11:09 -0700
Subject: Add "allowed to create subgroups" dropdown to group settings form

---
 app/views/groups/settings/_permissions.html.haml             | 1 +
 app/views/groups/settings/_subgroup_creation_level.html.haml | 3 +++
 lib/gitlab/access.rb                                         | 7 +++++++
 3 files changed, 11 insertions(+)
 create mode 100644 app/views/groups/settings/_subgroup_creation_level.html.haml

diff --git a/app/views/groups/settings/_permissions.html.haml b/app/views/groups/settings/_permissions.html.haml
index 0da1f1ba7f5..d3375e00bad 100644
--- a/app/views/groups/settings/_permissions.html.haml
+++ b/app/views/groups/settings/_permissions.html.haml
@@ -20,6 +20,7 @@
     = render_if_exists 'groups/settings/ip_restriction', f: f, group: @group
     = render 'groups/settings/lfs', f: f
     = render 'groups/settings/project_creation_level', f: f, group: @group
+    = render 'groups/settings/subgroup_creation_level', f: f, group: @group
     = render 'groups/settings/two_factor_auth', f: f
     = render_if_exists 'groups/member_lock_setting', f: f, group: @group
 
diff --git a/app/views/groups/settings/_subgroup_creation_level.html.haml b/app/views/groups/settings/_subgroup_creation_level.html.haml
new file mode 100644
index 00000000000..f36ad192bad
--- /dev/null
+++ b/app/views/groups/settings/_subgroup_creation_level.html.haml
@@ -0,0 +1,3 @@
+.form-group
+  = f.label s_('SubgroupCreationLevel|Allowed to create subgroups'), class: 'label-bold'
+  = f.select :subgroup_creation_level, options_for_select(::Gitlab::Access.subgroup_creation_options, group.subgroup_creation_level), {}, class: 'form-control'
diff --git a/lib/gitlab/access.rb b/lib/gitlab/access.rb
index 77076ead47a..7ef9f7ef630 100644
--- a/lib/gitlab/access.rb
+++ b/lib/gitlab/access.rb
@@ -110,6 +110,13 @@ module Gitlab
       def project_creation_level_name(name)
         project_creation_options.key(name)
       end
+
+      def subgroup_creation_options
+        {
+          s_('SubgroupCreationlevel|Owners') => OWNER_SUBGROUP_ACCESS,
+          s_('SubgroupCreationlevel|Maintainers') => MAINTAINER_SUBGROUP_ACCESS
+        }
+      end
     end
 
     def human_access
-- 
cgit v1.2.1


From 610b3fedafda079b33e37d39f3e0f3b71ab5ecab Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:17:24 -0700
Subject: Make the group model return maintainer level when it is not set

---
 app/models/group.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/models/group.rb b/app/models/group.rb
index 9520db1bc0a..3f80c1373f1 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -416,6 +416,10 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
+  def subgroup_creation_level
+    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   private
 
   def update_two_factor_requirement
-- 
cgit v1.2.1


From 843f06d3a8a76d144481c6d98f059ca7071d6db7 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 15:53:46 -0700
Subject: Add policy to allow maintainers to create subgroups when enabled

---
 app/policies/group_policy.rb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index ea86858181d..bd1eb02ca1f 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -43,6 +43,10 @@ class GroupPolicy < BasePolicy
     @subject.project_creation_level == ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS
   end
 
+  condition(:maintainer_can_create_group) do
+    @subject.subgroup_creation_level == ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   rule { public_group }.policy do
     enable :read_group
     enable :read_list
@@ -110,6 +114,7 @@ class GroupPolicy < BasePolicy
   end
 
   rule { owner & nested_groups_supported }.enable :create_subgroup
+  rule { maintainer & maintainer_can_create_group & nested_groups_supported }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
-- 
cgit v1.2.1


From 412c86b989cac27fec9e0b2f51c601db18977268 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 18:15:56 +0000
Subject: Apply suggestion to
 changelogs/unreleased/maintainers-can-create-subgroup.yml

---
 changelogs/unreleased/maintainers-can-create-subgroup.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changelogs/unreleased/maintainers-can-create-subgroup.yml b/changelogs/unreleased/maintainers-can-create-subgroup.yml
index b537862c8af..180f0f7247f 100644
--- a/changelogs/unreleased/maintainers-can-create-subgroup.yml
+++ b/changelogs/unreleased/maintainers-can-create-subgroup.yml
@@ -1,5 +1,5 @@
 ---
-title: Maintainers can crete subgroups
+title: Maintainers can create subgroups
 merge_request: 29718
 author: Fabio Papa
 type: changed
-- 
cgit v1.2.1


From 308769d19d46837980576bc7544f3b987b62c0f0 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 08:35:09 -0700
Subject: Add feature examples specing maintainers creating subgroups

Both with subgroup_creation_level set to owners and to maintainers.
Also fixed the naming of some other examples in the same spec as they
were contradicting what they were actually performing in the test.
These examples were probably copy/pasted, and not renamed.
---
 spec/features/groups/show_spec.rb | 22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 2654d06cd8c..68fa3f4e817 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -86,7 +86,7 @@ describe 'Group show page' do
           visit path
         end
 
-        it 'allows creating subgroups' do
+        it 'does not allow creating subgroups' do
           expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
@@ -103,8 +103,22 @@ describe 'Group show page' do
           visit path
         end
 
-        it 'allows creating subgroups' do
-          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+        context 'when subgroup_creation_level is set to maintainer' do
+          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+          
+          it 'allows creating subgroups' do
+            visit path
+            expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+          end
+        end
+
+        context 'when subgroup_creation_level is set to owners' do
+          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+
+          it 'does not allow creating subgroups' do
+            visit path
+            expect(page).not_to have_css("li[data-text='New subgroup']", visible: false)
+          end
         end
       end
 
@@ -114,7 +128,7 @@ describe 'Group show page' do
           visit path
         end
 
-        it 'allows creating subgroups' do
+        it 'does not allow creating subgroups' do
           expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
-- 
cgit v1.2.1


From 34f8469d572af9162760c2532e337dff4c865e77 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 09:22:10 -0700
Subject: Update schema

---
 db/schema.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/db/schema.rb b/db/schema.rb
index 9a8b64689bd..4b1b946a100 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -2117,6 +2117,7 @@ ActiveRecord::Schema.define(version: 20190703130053) do
     t.string "ldap_sync_status", default: "ready", null: false
     t.boolean "membership_lock", default: false
     t.integer "last_ci_minutes_usage_notification_level"
+    t.integer "subgroup_creation_level", default: 0, null: false
     t.index ["created_at"], name: "index_namespaces_on_created_at", using: :btree
     t.index ["custom_project_templates_group_id", "type"], name: "index_namespaces_on_custom_project_templates_group_id_and_type", where: "(custom_project_templates_group_id IS NOT NULL)", using: :btree
     t.index ["file_template_project_id"], name: "index_namespaces_on_file_template_project_id", using: :btree
-- 
cgit v1.2.1


From 2a7830f5abf329c7d68bd71efab25d6134832f1d Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 13:31:47 -0700
Subject: Style rules; Revert some examples

---
 ...75626_add_group_creation_level_to_namespaces.rb |  7 +++++--
 spec/controllers/admin/groups_controller_spec.rb   |  9 ++++++--
 spec/features/groups/group_settings_spec.rb        |  2 +-
 spec/features/groups/show_spec.rb                  | 24 +++++++++++++++-------
 spec/models/group_spec.rb                          |  3 ++-
 spec/policies/group_policy_spec.rb                 | 21 ++++++++++++++-----
 spec/requests/api/groups_spec.rb                   |  4 ++--
 spec/services/groups/create_service_spec.rb        |  4 ++--
 8 files changed, 52 insertions(+), 22 deletions(-)

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index b0ea74d4765..eed0ba25f27 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -5,10 +5,13 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
 
   DOWNTIME = false
   disable_ddl_transaction!
-  
+
   def up
     unless column_exists?(:namespaces, :subgroup_creation_level)
-      add_column_with_default(:namespaces, :subgroup_creation_level, :integer, default: 0)
+      add_column_with_default(:namespaces,
+                              :subgroup_creation_level,
+                              :integer,
+                              default: 0)
     end
   end
 
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index df11321537f..72f389513f8 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,9 +70,14 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
+      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+
       expect do
-        post :update, params: { id: group.to_param, group: { subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS } }
-      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+        post :update,
+             params: { id: group.to_param,
+                       group: { subgroup_creation_level: MAINTAINER } }
+      end.to change { group.reload.subgroup_creation_level }
+               .to(MAINTAINER)
     end
   end
 end
diff --git a/spec/features/groups/group_settings_spec.rb b/spec/features/groups/group_settings_spec.rb
index 95534d5a2ba..676769c25fe 100644
--- a/spec/features/groups/group_settings_spec.rb
+++ b/spec/features/groups/group_settings_spec.rb
@@ -92,7 +92,7 @@ describe 'Edit group settings' do
       expect(page).to have_content('Allowed to create subgroups')
     end
   end
-  
+
   describe 'edit group avatar' do
     before do
       visit edit_group_path(group)
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 68fa3f4e817..163906010fa 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -76,7 +76,8 @@ describe 'Group show page' do
         end
 
         it 'allows creating subgroups' do
-          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+          expect(page)
+            .to have_css("li[data-text='New subgroup']", visible: false)
         end
       end
 
@@ -87,7 +88,8 @@ describe 'Group show page' do
         end
 
         it 'does not allow creating subgroups' do
-          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+          expect(page)
+            .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
     end
@@ -104,8 +106,11 @@ describe 'Group show page' do
         end
 
         context 'when subgroup_creation_level is set to maintainer' do
-          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
-          
+          let(:group) do
+            create(:group,
+                   subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+          end
+
           it 'allows creating subgroups' do
             visit path
             expect(page).to have_css("li[data-text='New subgroup']", visible: false)
@@ -113,11 +118,15 @@ describe 'Group show page' do
         end
 
         context 'when subgroup_creation_level is set to owners' do
-          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+          let(:group) do
+            create(:group,
+                   subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+          end
 
           it 'does not allow creating subgroups' do
             visit path
-            expect(page).not_to have_css("li[data-text='New subgroup']", visible: false)
+            expect(page)
+              .not_to have_css("li[data-text='New subgroup']", visible: false)
           end
         end
       end
@@ -129,7 +138,8 @@ describe 'Group show page' do
         end
 
         it 'does not allow creating subgroups' do
-          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+          expect(page)
+            .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
     end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index fd40061dd3a..6627177ad61 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -999,7 +999,8 @@ describe Group do
     it 'outputs the default one if it is nil' do
       group = create(:group, subgroup_creation_level: nil)
 
-      expect(group.subgroup_creation_level).to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      expect(group.subgroup_creation_level)
+        .to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index aed9a8e34ff..da186f63eca 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -145,7 +145,8 @@ describe GroupPolicy do
 
       it 'allows every owner permission except creating subgroups' do
         create_subgroup_permission = [:create_subgroup]
-        updated_owner_permissions = owner_permissions - create_subgroup_permission
+        updated_owner_permissions =
+          owner_permissions - create_subgroup_permission
 
         expect_disallowed(*create_subgroup_permission)
         expect_allowed(*updated_owner_permissions)
@@ -157,7 +158,8 @@ describe GroupPolicy do
 
       it 'allows every owner permission except creating subgroups' do
         create_subgroup_permission = [:create_subgroup]
-        updated_owner_permissions = owner_permissions - create_subgroup_permission
+        updated_owner_permissions =
+          owner_permissions - create_subgroup_permission
 
         expect_disallowed(*create_subgroup_permission)
         expect_allowed(*updated_owner_permissions)
@@ -169,7 +171,8 @@ describe GroupPolicy do
 
       it 'allows every maintainer permission except creating subgroups' do
         create_subgroup_permission = [:create_subgroup]
-        updated_maintainer_permissions = maintainer_permissions - create_subgroup_permission
+        updated_maintainer_permissions =
+          maintainer_permissions - create_subgroup_permission
 
         expect_disallowed(*create_subgroup_permission)
         expect_allowed(*updated_maintainer_permissions)
@@ -475,7 +478,11 @@ describe GroupPolicy do
 
   context "create_subgroup" do
     context 'when group has subgroup creation level set to owner' do
-      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+      let(:group) do
+        create(
+          :group,
+          subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+      end
 
       context 'reporter' do
         let(:current_user) { reporter }
@@ -503,7 +510,11 @@ describe GroupPolicy do
     end
 
     context 'when group has subgroup creation level set to maintainer' do
-      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+      let(:group) do
+        create(
+          :group,
+          subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      end
 
       context 'reporter' do
         let(:current_user) { reporter }
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index 52d926d5484..c41408fba65 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'can create subgroups' do
+        it 'cannot create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(201)
+          expect(response).to have_gitlab_http_status(403)
         end
       end
     end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..267ad529d3b 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as maintainer' do
+      context 'as Owner' do
         before do
-          group.add_maintainer(user)
+          group.add_owner(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From 884bf503ef09fbcc80da1ced0ec46ac9d918ed66 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 14:06:50 -0700
Subject: Remove an example that is no longer necessary

---
 spec/models/group_spec.rb | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 6627177ad61..470ce65707d 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -994,13 +994,4 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
-
-  describe 'subgroup_creation_level' do
-    it 'outputs the default one if it is nil' do
-      group = create(:group, subgroup_creation_level: nil)
-
-      expect(group.subgroup_creation_level)
-        .to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
-    end
-  end
 end
-- 
cgit v1.2.1


From a743db19830c84c3dfe6e23f22578de3c70301ca Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 16:12:54 -0700
Subject: Make maintainers the default setting for creating subgroups

---
 app/models/group.rb       | 10 ++++++----
 spec/models/group_spec.rb |  8 ++++++++
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 3f80c1373f1..8f39c3a658f 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,6 +58,8 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
+  before_create :default_subgroup_creation_level_to_maintainers
+
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -416,10 +418,6 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
-  def subgroup_creation_level
-    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
-
   private
 
   def update_two_factor_requirement
@@ -449,4 +447,8 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
+
+  def default_subgroup_creation_level_to_maintainers
+    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
 end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 470ce65707d..9ae18d7bab7 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -994,4 +994,12 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
+
+  describe 'subgroup_creation_level' do
+    it 'defaults to maintainers' do
+      group = create (:group)
+
+      expect(group.subgroup_creation_level).to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
+  end
 end
-- 
cgit v1.2.1


From f7361e678cad995097730473973e612000f4bcf7 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 30 Jun 2019 14:40:23 -0700
Subject: Make subgroup_creation_level default to maintainer at SQL level

- Migration updates existing groups to "owner", then sets default to
  "maintainer" so that new groups will default to that
- Update spec examples
---
 ...75626_add_group_creation_level_to_namespaces.rb |  1 +
 spec/controllers/admin/groups_controller_spec.rb   |  7 ++--
 spec/factories/groups.rb                           |  5 ++-
 spec/features/groups/show_spec.rb                  | 17 ++++++---
 spec/models/group_spec.rb                          |  5 +--
 spec/policies/group_policy_spec.rb                 | 43 ++++++++++++++++++----
 spec/requests/api/groups_spec.rb                   |  4 +-
 .../policies/group_policy_shared_context.rb        |  2 +-
 8 files changed, 60 insertions(+), 24 deletions(-)

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index eed0ba25f27..85ac89af46e 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -12,6 +12,7 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
                               :subgroup_creation_level,
                               :integer,
                               default: 0)
+      change_column_default(:namespaces, :subgroup_creation_level, 1)
     end
   end
 
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 72f389513f8..398f587bafe 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,14 +70,13 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
       expect do
         post :update,
              params: { id: group.to_param,
-                       group: { subgroup_creation_level: MAINTAINER } }
-      end.to change { group.reload.subgroup_creation_level }
-               .to(MAINTAINER)
+                       group: { subgroup_creation_level: OWNER } }
+      end.to change { group.reload.subgroup_creation_level }.to(OWNER)
     end
   end
 end
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 2f50fbfe2fa..b67ab955ffc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,7 +5,6 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
-    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
@@ -46,5 +45,9 @@ FactoryBot.define do
     trait :auto_devops_disabled do
       auto_devops_enabled false
     end
+
+    trait :owner_subgroup_creation_only do
+      subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
+    end
   end
 end
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 163906010fa..48ba9064327 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -72,10 +72,11 @@ describe 'Group show page' do
       context 'when subgroups are supported', :js, :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
         it 'allows creating subgroups' do
+          visit path
+
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -84,10 +85,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
@@ -102,10 +104,9 @@ describe 'Group show page' do
       context 'when subgroups are supported', :js, :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
-        context 'when subgroup_creation_level is set to maintainer' do
+        context 'when subgroup_creation_level is set to maintainers' do
           let(:group) do
             create(:group,
                    subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
@@ -113,7 +114,9 @@ describe 'Group show page' do
 
           it 'allows creating subgroups' do
             visit path
-            expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+
+            expect(page)
+              .to have_css("li[data-text='New subgroup']", visible: false)
           end
         end
 
@@ -125,6 +128,7 @@ describe 'Group show page' do
 
           it 'does not allow creating subgroups' do
             visit path
+
             expect(page)
               .not_to have_css("li[data-text='New subgroup']", visible: false)
           end
@@ -134,10 +138,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 9ae18d7bab7..c7fb0f51075 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -997,9 +997,8 @@ describe Group do
 
   describe 'subgroup_creation_level' do
     it 'defaults to maintainers' do
-      group = create (:group)
-
-      expect(group.subgroup_creation_level).to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      expect(group.subgroup_creation_level)
+        .to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index da186f63eca..7fba62d2aa8 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -98,12 +98,38 @@ describe GroupPolicy do
   context 'maintainer' do
     let(:current_user) { maintainer }
 
-    it do
-      expect_allowed(*guest_permissions)
-      expect_allowed(*reporter_permissions)
-      expect_allowed(*developer_permissions)
-      expect_allowed(*maintainer_permissions)
-      expect_disallowed(*owner_permissions)
+    context 'with subgroup_creation level set to maintainer' do
+      let(:group) { create(:group,
+                           :private,
+                           subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+
+      it do
+        allow(Group).to receive(:supports_nested_objects?).and_return(true)
+
+        create_subgroup_permission = [:create_subgroup]
+        updated_maintainer_permissions =
+          maintainer_permissions + create_subgroup_permission
+        updated_owner_permissions =
+          owner_permissions - create_subgroup_permission
+
+        expect_allowed(*guest_permissions)
+        expect_allowed(*reporter_permissions)
+        expect_allowed(*developer_permissions)
+        expect_allowed(*updated_maintainer_permissions)
+        expect_disallowed(*updated_owner_permissions)
+      end
+    end
+
+    context 'with subgroup_creation_level set to owner' do
+      it do
+        allow(Group).to receive(:supports_nested_objects?).and_return(true)
+
+        expect_allowed(*guest_permissions)
+        expect_allowed(*reporter_permissions)
+        expect_allowed(*developer_permissions)
+        expect_allowed(*maintainer_permissions)
+        expect_disallowed(*owner_permissions)
+      end
     end
   end
 
@@ -181,7 +207,10 @@ describe GroupPolicy do
   end
 
   describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do
-    let(:nested_group) { create(:group, :private, parent: group) }
+    let(:nested_group) { create(:group,
+                                :private,
+                                :owner_subgroup_creation_only,
+                                parent: group) }
 
     before do
       nested_group.add_guest(guest)
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index b4808ac0068..74389c4d82b 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -7,7 +7,7 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:maintainer) { create(:user) }
   let(:owner) { create(:user) }
   let(:admin) { create(:admin) }
-  let(:group) { create(:group, :private) }
+  let(:group) { create(:group, :private, :owner_subgroup_creation_only) }
 
   let(:guest_permissions) do
     %i[
-- 
cgit v1.2.1


From c6284c4db82fdbfec177fe5366e71289d6041925 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:00:34 -0700
Subject: Remove AR hook to set the default subgroup_creation_level

---
 app/models/group.rb | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 8f39c3a658f..9520db1bc0a 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,8 +58,6 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
-  before_create :default_subgroup_creation_level_to_maintainers
-
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -447,8 +445,4 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
-
-  def default_subgroup_creation_level_to_maintainers
-    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
 end
-- 
cgit v1.2.1


From 85d1ef270a0b87784cf96955ef782c1a664b99c9 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:17:26 -0700
Subject: Clean up the show_spec examples previously added

---
 spec/features/groups/show_spec.rb | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 48ba9064327..ef0e885ee5f 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -56,27 +56,28 @@ describe 'Group show page' do
   end
 
   context 'subgroup support' do
+    let(:restricted_group) { create(:group,
+                                    subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+    let(:relaxed_group) { create(:group,
+                                 subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
     let(:owner) { create(:user) }
     let(:maintainer) { create(:user) }
 
-    before do
-      group.add_owner(owner)
-      group.add_maintainer(maintainer)
-    end
-
     context 'for owners' do
+      let(:path) { group_path(restricted_group) }
+
       before do
+        restricted_group.add_owner(owner)
         sign_in(owner)
       end
 
       context 'when subgroups are supported', :js, :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
         end
 
         it 'allows creating subgroups' do
-          visit path
-
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -85,11 +86,10 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
         end
 
         it 'does not allow creating subgroups' do
-          visit path
-
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
@@ -107,30 +107,30 @@ describe 'Group show page' do
         end
 
         context 'when subgroup_creation_level is set to maintainers' do
-          let(:group) do
-            create(:group,
-                   subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+          before do
+            relaxed_group.add_maintainer(maintainer)
+            path = group_path(relaxed_group)
+            visit path
           end
 
           it 'allows creating subgroups' do
-            visit path
-
             expect(page)
               .to have_css("li[data-text='New subgroup']", visible: false)
           end
         end
 
         context 'when subgroup_creation_level is set to owners' do
-          let(:group) do
-            create(:group,
-                   subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+          before do
+            restricted_group.add_maintainer(maintainer)
           end
 
           it 'does not allow creating subgroups' do
+            path = group_path(restricted_group)
             visit path
 
             expect(page)
-              .not_to have_css("li[data-text='New subgroup']", visible: false)
+              .not_to have_selector("li[data-text='New subgroup']",
+                                    visible: false)
           end
         end
       end
-- 
cgit v1.2.1


From 44a1812ec7dc8cf3a743ddac6d7e95c393f1b83b Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:55:00 -0700
Subject: Fix group creat_service_spec to contain maintainer context

---
 spec/services/groups/create_service_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index 267ad529d3b..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as Owner' do
+      context 'as maintainer' do
         before do
-          group.add_owner(user)
+          group.add_maintainer(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From 7de9a6781b9f7dbacd7c909f4b7361f663bb9eaa Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:56:02 -0700
Subject: Add descriptions to examples

---
 spec/policies/group_policy_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 7fba62d2aa8..020b51f776e 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -103,7 +103,7 @@ describe GroupPolicy do
                            :private,
                            subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
 
-      it do
+      it 'allows every maintainer permission plus creating subgroups' do
         allow(Group).to receive(:supports_nested_objects?).and_return(true)
 
         create_subgroup_permission = [:create_subgroup]
@@ -121,7 +121,7 @@ describe GroupPolicy do
     end
 
     context 'with subgroup_creation_level set to owner' do
-      it do
+      it 'allows every maintainer permission' do
         allow(Group).to receive(:supports_nested_objects?).and_return(true)
 
         expect_allowed(*guest_permissions)
-- 
cgit v1.2.1


From cd5259d5b17bf4caccbc246215903adc7ebab0e5 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 13:41:32 -0700
Subject: Apply changes recomended by merge request coach

---
 app/models/group.rb                                       |  4 ++++
 app/views/groups/_group_admin_settings.html.haml          |  6 ++++++
 ...190626175626_add_group_creation_level_to_namespaces.rb | 15 +++++----------
 db/schema.rb                                              |  2 +-
 spec/controllers/admin/groups_controller_spec.rb          |  6 ++----
 spec/features/admin/admin_groups_spec.rb                  |  9 +++++++++
 spec/features/groups/show_spec.rb                         |  4 ++--
 spec/services/groups/create_service_spec.rb               |  9 ---------
 8 files changed, 29 insertions(+), 26 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 9520db1bc0a..3f80c1373f1 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -416,6 +416,10 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
+  def subgroup_creation_level
+    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   private
 
   def update_two_factor_requirement
diff --git a/app/views/groups/_group_admin_settings.html.haml b/app/views/groups/_group_admin_settings.html.haml
index b8f632d11d3..733cb36cc3d 100644
--- a/app/views/groups/_group_admin_settings.html.haml
+++ b/app/views/groups/_group_admin_settings.html.haml
@@ -16,6 +16,12 @@
   .col-sm-10
     = f.select :project_creation_level, options_for_select(::Gitlab::Access.project_creation_options, @group.project_creation_level), {}, class: 'form-control'
 
+.form-group.row
+  .col-sm-2.col-form-label
+    = f.label s_('SubgroupCreationlevel|Allowed to create subgroups')
+  .col-sm-10
+    = f.select :subgroup_creation_level, options_for_select(::Gitlab::Access.subgroup_creation_options, @group.subgroup_creation_level), {}, class: 'form-control'
+
 .form-group.row
   .col-sm-2.col-form-label.pt-0
     = f.label :require_two_factor_authentication, 'Two-factor authentication'
diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index 85ac89af46e..867ec3b7c91 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -7,18 +7,13 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
   disable_ddl_transaction!
 
   def up
-    unless column_exists?(:namespaces, :subgroup_creation_level)
-      add_column_with_default(:namespaces,
-                              :subgroup_creation_level,
-                              :integer,
-                              default: 0)
-      change_column_default(:namespaces, :subgroup_creation_level, 1)
-    end
+    add_column(:namespaces, :subgroup_creation_level, :integer)
+    change_column_default(:namespaces,
+                          :subgroup_creation_level,
+                          ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
   end
 
   def down
-    if column_exists?(:namespaces, :subgroup_creation_level)
-      remove_column(:namespaces, :subgroup_creation_level)
-    end
+    remove_column(:namespaces, :subgroup_creation_level)
   end
 end
diff --git a/db/schema.rb b/db/schema.rb
index 4b1b946a100..8c085d64e27 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -2117,7 +2117,7 @@ ActiveRecord::Schema.define(version: 20190703130053) do
     t.string "ldap_sync_status", default: "ready", null: false
     t.boolean "membership_lock", default: false
     t.integer "last_ci_minutes_usage_notification_level"
-    t.integer "subgroup_creation_level", default: 0, null: false
+    t.integer "subgroup_creation_level", default: 1
     t.index ["created_at"], name: "index_namespaces_on_created_at", using: :btree
     t.index ["custom_project_templates_group_id", "type"], name: "index_namespaces_on_custom_project_templates_group_id_and_type", where: "(custom_project_templates_group_id IS NOT NULL)", using: :btree
     t.index ["file_template_project_id"], name: "index_namespaces_on_file_template_project_id", using: :btree
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 398f587bafe..1123563c1e3 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,13 +70,11 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
-
       expect do
         post :update,
              params: { id: group.to_param,
-                       group: { subgroup_creation_level: OWNER } }
-      end.to change { group.reload.subgroup_creation_level }.to(OWNER)
+                       group: { subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS } }
+      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/features/admin/admin_groups_spec.rb b/spec/features/admin/admin_groups_spec.rb
index 735ca60f7da..35c384dd458 100644
--- a/spec/features/admin/admin_groups_spec.rb
+++ b/spec/features/admin/admin_groups_spec.rb
@@ -102,6 +102,15 @@ describe 'Admin Groups' do
       expect_selected_visibility(group.visibility_level)
     end
 
+    it 'shows the subgroup creation level dropdown populated with the group subgroup_creation_level value' do
+      group = create(:group, :private, :owner_subgroup_creation_only)
+
+      visit admin_group_edit_path(group)
+
+      expect(page).to have_select("group_subgroup_creation_level",
+                                  selected: ::Gitlab::Access.subgroup_creation_options.keys[group.subgroup_creation_level])
+    end
+
     it 'edit group path does not change group name', :js do
       group = create(:group, :private)
 
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index ef0e885ee5f..5096abadb79 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -71,7 +71,7 @@ describe 'Group show page' do
         sign_in(owner)
       end
 
-      context 'when subgroups are supported', :js, :nested_groups do
+      context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
           visit path
@@ -101,7 +101,7 @@ describe 'Group show page' do
         sign_in(maintainer)
       end
 
-      context 'when subgroups are supported', :js, :nested_groups do
+      context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
         end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..c5ff6cdbacd 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,4 +1,3 @@
-# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -88,14 +87,6 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
-
-      context 'as maintainer' do
-        before do
-          group.add_maintainer(user)
-        end
-
-        it { is_expected.to be_persisted }
-      end
     end
   end
 
-- 
cgit v1.2.1


From de5c188e0911fb8f275f26a7551cd0bdbd84422d Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 11:07:17 -0700
Subject: Add failing unit test specifying a maintainer creating a subgroup

---
 spec/services/groups/create_service_spec.rb                  |  9 +++++++++
 .../shared_contexts/policies/group_policy_shared_context.rb  | 12 ++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index c5ff6cdbacd..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,3 +1,4 @@
+# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -87,6 +88,14 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
+
+      context 'as maintainer' do
+        before do
+          group.add_maintainer(user)
+        end
+
+        it { is_expected.to be_persisted }
+      end
     end
   end
 
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 74389c4d82b..d596317462a 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -23,6 +23,15 @@ RSpec.shared_context 'GroupPolicy context' do
       create_projects
       read_cluster create_cluster update_cluster admin_cluster add_cluster
     ]
+    [
+      :create_projects,
+      :read_cluster,
+      :create_cluster,
+      :update_cluster,
+      :admin_cluster,
+      :add_cluster,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+    ].compact
   end
   let(:owner_permissions) do
     [
@@ -30,8 +39,7 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+      :set_note_created_at
     ].compact
   end
 
-- 
cgit v1.2.1


From f6e7ffa7250299c1c0f9fc866eb78c5f746d58a6 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 13:22:12 -0700
Subject: Modify API spec to expect a maintainer to be able to create subgroup

---
 spec/support/shared_contexts/policies/group_policy_shared_context.rb | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index d596317462a..5a55bbac788 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,10 +19,6 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    %i[
-      create_projects
-      read_cluster create_cluster update_cluster admin_cluster add_cluster
-    ]
     [
       :create_projects,
       :read_cluster,
-- 
cgit v1.2.1


From fe47ec447fe125af43245c237c38c7da9775c5c0 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 15:29:54 -0700
Subject: Adjust the documentation on subgroups

---
 doc/user/group/subgroups/index.md | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index 1c6cca049c5..e3f7539a9b6 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -75,13 +75,16 @@ structure.
 ## Creating a subgroup
 
 NOTE: **Note:**
-You must be an Owner of a group to create a subgroup. For
-more information check the [permissions table](../../permissions.md#group-members-permissions).
+In order to create a subgroup you must either be an Owner or a Maintainer of the
+group, depending on the group's setting. By default groups allow both Owners and
+Maintainers to create subgroups, but this can be changed by an Owner or
+Administrator to only allow Owners to create subgroups. For more information
+check the [permissions table](../../permissions.md#group-members-permissions).
 For a list of words that are not allowed to be used as group names see the
-[reserved names](../../reserved_names.md).
-Users can always create subgroups if they are explicitly added as an Owner to
-a parent group, even if group creation is disabled by an administrator in their
-settings.
+[reserved names](../../reserved_names.md).  Users can always create subgroups if
+they are explicitly added as an Owner (or Maintainer, if that setting is
+enabled) to a parent group, even if group creation is disabled by an
+administrator in their settings.
 
 To create a subgroup:
 
-- 
cgit v1.2.1


From 58e4b654e98eabcfaf267f41ce42df04adbfcc10 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 15:39:43 -0700
Subject: Adjust the documentation on subgroup permissions

---
 doc/user/permissions.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 33fff0fed74..92635ae484b 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -209,13 +209,15 @@ group.
 | Create project in group                         |       |          | ✓         | ✓          | ✓     |
 | Create/edit/delete group milestones             |       |          | ✓         | ✓          | ✓     |
 | Enable/disable a dependency proxy **[PREMIUM]** |       |          | ✓         | ✓          | ✓     |
+| Create subgroup                                 |       |          |           | ✓*         | ✓     |
 | Edit group                                      |       |          |           |            | ✓     |
-| Create subgroup                                 |       |          |           |            | ✓     |
 | Manage group members                            |       |          |           |            | ✓     |
 | Remove group                                    |       |          |           |            | ✓     |
 | Delete group epic **[ULTIMATE]**                |       |          |           |            | ✓     |
 | View group Audit Events                         |       |          |           |            | ✓     |
 
+*Groups can be set to allow either Owners or Owners and maintainers to create subgroups
+
 ### Subgroup permissions
 
 When you add a member to a subgroup, they inherit the membership and
-- 
cgit v1.2.1


From a8165fec41f6343c296ec9bcc8f57a099f2da983 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 16:27:49 -0700
Subject: Fix some code style issues

---
 spec/features/groups/show_spec.rb  | 12 ++++++++----
 spec/policies/group_policy_spec.rb | 13 ++++++-------
 2 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 5096abadb79..f1501181432 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -56,10 +56,14 @@ describe 'Group show page' do
   end
 
   context 'subgroup support' do
-    let(:restricted_group) { create(:group,
-                                    subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
-    let(:relaxed_group) { create(:group,
-                                 subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+    let(:restricted_group) do
+      create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) 
+    end
+
+    let(:relaxed_group) do
+      create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) 
+    end
+
     let(:owner) { create(:user) }
     let(:maintainer) { create(:user) }
 
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 020b51f776e..dc3675a7b9e 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -99,9 +99,9 @@ describe GroupPolicy do
     let(:current_user) { maintainer }
 
     context 'with subgroup_creation level set to maintainer' do
-      let(:group) { create(:group,
-                           :private,
-                           subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+      let(:group) do
+        create(:group, :private, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      end
 
       it 'allows every maintainer permission plus creating subgroups' do
         allow(Group).to receive(:supports_nested_objects?).and_return(true)
@@ -207,10 +207,9 @@ describe GroupPolicy do
   end
 
   describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do
-    let(:nested_group) { create(:group,
-                                :private,
-                                :owner_subgroup_creation_only,
-                                parent: group) }
+    let(:nested_group) do
+      create(:group, :private, :owner_subgroup_creation_only, parent: group)
+    end
 
     before do
       nested_group.add_guest(guest)
-- 
cgit v1.2.1


From c822fdb9bfd73aa8e2189781e336b43344940023 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 2 Jul 2019 08:38:38 -0700
Subject: Apply recomended changes from merge coach

---
 ...190626175626_add_group_creation_level_to_namespaces.rb |  1 -
 spec/features/admin/admin_groups_spec.rb                  |  3 +--
 spec/features/groups/show_spec.rb                         | 15 +++++++++------
 3 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index 867ec3b7c91..3b75c92e518 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -4,7 +4,6 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
   include Gitlab::Database::MigrationHelpers
 
   DOWNTIME = false
-  disable_ddl_transaction!
 
   def up
     add_column(:namespaces, :subgroup_creation_level, :integer)
diff --git a/spec/features/admin/admin_groups_spec.rb b/spec/features/admin/admin_groups_spec.rb
index 35c384dd458..c1ad73779c9 100644
--- a/spec/features/admin/admin_groups_spec.rb
+++ b/spec/features/admin/admin_groups_spec.rb
@@ -107,8 +107,7 @@ describe 'Admin Groups' do
 
       visit admin_group_edit_path(group)
 
-      expect(page).to have_select("group_subgroup_creation_level",
-                                  selected: ::Gitlab::Access.subgroup_creation_options.keys[group.subgroup_creation_level])
+      expect(page).to have_content('Allowed to create subgroups')
     end
 
     it 'edit group path does not change group name', :js do
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index f1501181432..bed998a0859 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -57,11 +57,11 @@ describe 'Group show page' do
 
   context 'subgroup support' do
     let(:restricted_group) do
-      create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) 
+      create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
     end
 
     let(:relaxed_group) do
-      create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) 
+      create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
 
     let(:owner) { create(:user) }
@@ -78,10 +78,11 @@ describe 'Group show page' do
       context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
         it 'allows creating subgroups' do
+          visit path
+
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -90,10 +91,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
@@ -113,11 +115,12 @@ describe 'Group show page' do
         context 'when subgroup_creation_level is set to maintainers' do
           before do
             relaxed_group.add_maintainer(maintainer)
-            path = group_path(relaxed_group)
-            visit path
           end
 
           it 'allows creating subgroups' do
+            path = group_path(relaxed_group)
+            visit path
+
             expect(page)
               .to have_css("li[data-text='New subgroup']", visible: false)
           end
-- 
cgit v1.2.1


From b16e6b93c433b3e2e93118934b355480a50581df Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 25 Jun 2019 21:59:10 -0700
Subject: Add examples specing the setting to choose who can create subgroups

This setting is at the group level only. The default is specified to
be maintainers and owners.

**Specs only**, all failing.
---
 spec/factories/groups.rb                                 |  1 +
 .../policies/group_policy_shared_context.rb              | 16 ++++++----------
 2 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index b67ab955ffc..947392b4fbc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,6 +5,7 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
+    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 5a55bbac788..74389c4d82b 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,15 +19,10 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    [
-      :create_projects,
-      :read_cluster,
-      :create_cluster,
-      :update_cluster,
-      :admin_cluster,
-      :add_cluster,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
-    ].compact
+    %i[
+      create_projects
+      read_cluster create_cluster update_cluster admin_cluster add_cluster
+    ]
   end
   let(:owner_permissions) do
     [
@@ -35,7 +30,8 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at
+      :set_note_created_at,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
     ].compact
   end
 
-- 
cgit v1.2.1


From 6b9b0f150688e44cbaa27f97062a773963624a61 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 13:31:47 -0700
Subject: Style rules; Revert some examples

---
 spec/controllers/admin/groups_controller_spec.rb | 2 ++
 spec/requests/api/groups_spec.rb                 | 4 ++--
 spec/services/groups/create_service_spec.rb      | 4 ++--
 3 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 1123563c1e3..451367f58e1 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,6 +70,8 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
+      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+
       expect do
         post :update,
              params: { id: group.to_param,
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index 52d926d5484..c41408fba65 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'can create subgroups' do
+        it 'cannot create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(201)
+          expect(response).to have_gitlab_http_status(403)
         end
       end
     end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..267ad529d3b 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as maintainer' do
+      context 'as Owner' do
         before do
-          group.add_maintainer(user)
+          group.add_owner(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From 79d0f5d736d6dfb82fa00677994377dfd87a6f07 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 16:12:54 -0700
Subject: Make maintainers the default setting for creating subgroups

---
 app/models/group.rb | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 3f80c1373f1..8f39c3a658f 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,6 +58,8 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
+  before_create :default_subgroup_creation_level_to_maintainers
+
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -416,10 +418,6 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
-  def subgroup_creation_level
-    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
-
   private
 
   def update_two_factor_requirement
@@ -449,4 +447,8 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
+
+  def default_subgroup_creation_level_to_maintainers
+    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
 end
-- 
cgit v1.2.1


From 5c94c5592e8853df95f34ae522eebeeb51705012 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 30 Jun 2019 14:40:23 -0700
Subject: Make subgroup_creation_level default to maintainer at SQL level

- Migration updates existing groups to "owner", then sets default to
  "maintainer" so that new groups will default to that
- Update spec examples
---
 spec/controllers/admin/groups_controller_spec.rb | 2 +-
 spec/factories/groups.rb                         | 1 -
 spec/requests/api/groups_spec.rb                 | 4 ++--
 3 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 451367f58e1..34cd0b324b5 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,7 +70,7 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
       expect do
         post :update,
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 947392b4fbc..b67ab955ffc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,7 +5,6 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
-    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
-- 
cgit v1.2.1


From 4e427390feb4bf74ae91c84f18ab2ee38e917a51 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:00:34 -0700
Subject: Remove AR hook to set the default subgroup_creation_level

---
 app/models/group.rb | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 8f39c3a658f..9520db1bc0a 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,8 +58,6 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
-  before_create :default_subgroup_creation_level_to_maintainers
-
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -447,8 +445,4 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
-
-  def default_subgroup_creation_level_to_maintainers
-    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
 end
-- 
cgit v1.2.1


From a58d7be102f4cd78fbac0399698548e50275f573 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:17:26 -0700
Subject: Clean up the show_spec examples previously added

---
 spec/features/groups/show_spec.rb | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index bed998a0859..9cf5e7f9bb6 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -78,11 +78,10 @@ describe 'Group show page' do
       context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
         end
 
         it 'allows creating subgroups' do
-          visit path
-
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -91,11 +90,10 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
         end
 
         it 'does not allow creating subgroups' do
-          visit path
-
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
-- 
cgit v1.2.1


From f1fa1323afe37632ecd729b9c51d494381e79285 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:55:00 -0700
Subject: Fix group creat_service_spec to contain maintainer context

---
 spec/services/groups/create_service_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index 267ad529d3b..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as Owner' do
+      context 'as maintainer' do
         before do
-          group.add_owner(user)
+          group.add_maintainer(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From a79e48758d312eeacef2f3ae174010b574670eee Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 13:41:32 -0700
Subject: Apply changes recomended by merge request coach

---
 app/models/group.rb                              | 4 ++++
 spec/controllers/admin/groups_controller_spec.rb | 2 --
 spec/services/groups/create_service_spec.rb      | 9 ---------
 3 files changed, 4 insertions(+), 11 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 9520db1bc0a..3f80c1373f1 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -416,6 +416,10 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
+  def subgroup_creation_level
+    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   private
 
   def update_two_factor_requirement
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 34cd0b324b5..1123563c1e3 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,8 +70,6 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
-
       expect do
         post :update,
              params: { id: group.to_param,
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..c5ff6cdbacd 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,4 +1,3 @@
-# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -88,14 +87,6 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
-
-      context 'as maintainer' do
-        before do
-          group.add_maintainer(user)
-        end
-
-        it { is_expected.to be_persisted }
-      end
     end
   end
 
-- 
cgit v1.2.1


From c90fba28408ddc72e17b511b617b00e01f3269ba Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 11:07:17 -0700
Subject: Add failing unit test specifying a maintainer creating a subgroup

---
 spec/services/groups/create_service_spec.rb                  |  9 +++++++++
 .../shared_contexts/policies/group_policy_shared_context.rb  | 12 ++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index c5ff6cdbacd..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,3 +1,4 @@
+# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -87,6 +88,14 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
+
+      context 'as maintainer' do
+        before do
+          group.add_maintainer(user)
+        end
+
+        it { is_expected.to be_persisted }
+      end
     end
   end
 
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 74389c4d82b..d596317462a 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -23,6 +23,15 @@ RSpec.shared_context 'GroupPolicy context' do
       create_projects
       read_cluster create_cluster update_cluster admin_cluster add_cluster
     ]
+    [
+      :create_projects,
+      :read_cluster,
+      :create_cluster,
+      :update_cluster,
+      :admin_cluster,
+      :add_cluster,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+    ].compact
   end
   let(:owner_permissions) do
     [
@@ -30,8 +39,7 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+      :set_note_created_at
     ].compact
   end
 
-- 
cgit v1.2.1


From 22444c8d045f1c9eba8c467de0fb65e2ca684a8d Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 13:22:12 -0700
Subject: Modify API spec to expect a maintainer to be able to create subgroup

---
 spec/support/shared_contexts/policies/group_policy_shared_context.rb | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index d596317462a..5a55bbac788 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,10 +19,6 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    %i[
-      create_projects
-      read_cluster create_cluster update_cluster admin_cluster add_cluster
-    ]
     [
       :create_projects,
       :read_cluster,
-- 
cgit v1.2.1


From 8f0d0d59938b8e1ac48e6f02161eb1b6a134b8ec Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 25 Jun 2019 21:59:10 -0700
Subject: Add examples specing the setting to choose who can create subgroups

This setting is at the group level only. The default is specified to
be maintainers and owners.

**Specs only**, all failing.
---
 spec/factories/groups.rb                                 |  1 +
 spec/policies/group_policy_spec.rb                       |  8 ++++++++
 .../policies/group_policy_shared_context.rb              | 16 ++++++----------
 3 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index b67ab955ffc..947392b4fbc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,6 +5,7 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
+    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index dc3675a7b9e..893b686da43 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -506,11 +506,15 @@ describe GroupPolicy do
 
   context "create_subgroup" do
     context 'when group has subgroup creation level set to owner' do
+<<<<<<< HEAD
       let(:group) do
         create(
           :group,
           subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
       end
+=======
+      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+>>>>>>> Add examples specing the setting to choose who can create subgroups
 
       context 'reporter' do
         let(:current_user) { reporter }
@@ -538,11 +542,15 @@ describe GroupPolicy do
     end
 
     context 'when group has subgroup creation level set to maintainer' do
+<<<<<<< HEAD
       let(:group) do
         create(
           :group,
           subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
       end
+=======
+      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+>>>>>>> Add examples specing the setting to choose who can create subgroups
 
       context 'reporter' do
         let(:current_user) { reporter }
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 5a55bbac788..74389c4d82b 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,15 +19,10 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    [
-      :create_projects,
-      :read_cluster,
-      :create_cluster,
-      :update_cluster,
-      :admin_cluster,
-      :add_cluster,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
-    ].compact
+    %i[
+      create_projects
+      read_cluster create_cluster update_cluster admin_cluster add_cluster
+    ]
   end
   let(:owner_permissions) do
     [
@@ -35,7 +30,8 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at
+      :set_note_created_at,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
     ].compact
   end
 
-- 
cgit v1.2.1


From fed434e433063ce5bced7813cdae4ae3540535ca Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 13:31:47 -0700
Subject: Style rules; Revert some examples

---
 spec/controllers/admin/groups_controller_spec.rb | 7 +++++--
 spec/policies/group_policy_spec.rb               | 8 --------
 spec/requests/api/groups_spec.rb                 | 4 ++--
 spec/services/groups/create_service_spec.rb      | 4 ++--
 4 files changed, 9 insertions(+), 14 deletions(-)

diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 1123563c1e3..72f389513f8 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,11 +70,14 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
+      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+
       expect do
         post :update,
              params: { id: group.to_param,
-                       group: { subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS } }
-      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+                       group: { subgroup_creation_level: MAINTAINER } }
+      end.to change { group.reload.subgroup_creation_level }
+               .to(MAINTAINER)
     end
   end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 893b686da43..dc3675a7b9e 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -506,15 +506,11 @@ describe GroupPolicy do
 
   context "create_subgroup" do
     context 'when group has subgroup creation level set to owner' do
-<<<<<<< HEAD
       let(:group) do
         create(
           :group,
           subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
       end
-=======
-      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
->>>>>>> Add examples specing the setting to choose who can create subgroups
 
       context 'reporter' do
         let(:current_user) { reporter }
@@ -542,15 +538,11 @@ describe GroupPolicy do
     end
 
     context 'when group has subgroup creation level set to maintainer' do
-<<<<<<< HEAD
       let(:group) do
         create(
           :group,
           subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
       end
-=======
-      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
->>>>>>> Add examples specing the setting to choose who can create subgroups
 
       context 'reporter' do
         let(:current_user) { reporter }
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index 52d926d5484..c41408fba65 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'can create subgroups' do
+        it 'cannot create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(201)
+          expect(response).to have_gitlab_http_status(403)
         end
       end
     end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..267ad529d3b 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as maintainer' do
+      context 'as Owner' do
         before do
-          group.add_maintainer(user)
+          group.add_owner(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From 8b8172c1e4738fece547492dee6e3a7a61e8d50e Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 16:12:54 -0700
Subject: Make maintainers the default setting for creating subgroups

---
 app/models/group.rb | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 3f80c1373f1..8f39c3a658f 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,6 +58,8 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
+  before_create :default_subgroup_creation_level_to_maintainers
+
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -416,10 +418,6 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
-  def subgroup_creation_level
-    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
-
   private
 
   def update_two_factor_requirement
@@ -449,4 +447,8 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
+
+  def default_subgroup_creation_level_to_maintainers
+    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
 end
-- 
cgit v1.2.1


From a39a4e4509f5272bc5b4001cded198ebd7d98614 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 30 Jun 2019 14:40:23 -0700
Subject: Make subgroup_creation_level default to maintainer at SQL level

- Migration updates existing groups to "owner", then sets default to
  "maintainer" so that new groups will default to that
- Update spec examples
---
 spec/controllers/admin/groups_controller_spec.rb | 7 +++----
 spec/factories/groups.rb                         | 1 -
 spec/features/groups/show_spec.rb                | 6 ++++--
 spec/requests/api/groups_spec.rb                 | 4 ++--
 4 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 72f389513f8..398f587bafe 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,14 +70,13 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
       expect do
         post :update,
              params: { id: group.to_param,
-                       group: { subgroup_creation_level: MAINTAINER } }
-      end.to change { group.reload.subgroup_creation_level }
-               .to(MAINTAINER)
+                       group: { subgroup_creation_level: OWNER } }
+      end.to change { group.reload.subgroup_creation_level }.to(OWNER)
     end
   end
 end
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 947392b4fbc..b67ab955ffc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,7 +5,6 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
-    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 9cf5e7f9bb6..bed998a0859 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -78,10 +78,11 @@ describe 'Group show page' do
       context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
         it 'allows creating subgroups' do
+          visit path
+
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -90,10 +91,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
-- 
cgit v1.2.1


From 5015e23d6abcf2d3797e7dea76d3d3db9f3d6219 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:00:34 -0700
Subject: Remove AR hook to set the default subgroup_creation_level

---
 app/models/group.rb | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 8f39c3a658f..9520db1bc0a 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,8 +58,6 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
-  before_create :default_subgroup_creation_level_to_maintainers
-
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -447,8 +445,4 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
-
-  def default_subgroup_creation_level_to_maintainers
-    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
 end
-- 
cgit v1.2.1


From 2b96af35062dcc2492cfad7f6e6f6d6fd8f76ff6 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:17:26 -0700
Subject: Clean up the show_spec examples previously added

---
 spec/features/groups/show_spec.rb | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index bed998a0859..9cf5e7f9bb6 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -78,11 +78,10 @@ describe 'Group show page' do
       context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
         end
 
         it 'allows creating subgroups' do
-          visit path
-
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -91,11 +90,10 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
         end
 
         it 'does not allow creating subgroups' do
-          visit path
-
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
-- 
cgit v1.2.1


From b40d4ecdb992b9dad2f222e67e5ab54d8ed38e5d Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:55:00 -0700
Subject: Fix group creat_service_spec to contain maintainer context

---
 spec/services/groups/create_service_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index 267ad529d3b..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as Owner' do
+      context 'as maintainer' do
         before do
-          group.add_owner(user)
+          group.add_maintainer(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From 862b0289716bafa174dd765950f2854ac0419fc7 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 2 Jul 2019 08:38:38 -0700
Subject: Apply recomended changes from merge coach

---
 spec/features/groups/show_spec.rb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 9cf5e7f9bb6..bed998a0859 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -78,10 +78,11 @@ describe 'Group show page' do
       context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
         it 'allows creating subgroups' do
+          visit path
+
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -90,10 +91,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
-- 
cgit v1.2.1


From 1cc2f2786398461d6b68dff442c3f46c0d4eaa8d Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 3 Jul 2019 05:55:20 +0000
Subject: Apply suggestion to doc/user/group/subgroups/index.md

---
 doc/user/group/subgroups/index.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index e3f7539a9b6..fad7541bdc4 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -81,7 +81,9 @@ Maintainers to create subgroups, but this can be changed by an Owner or
 Administrator to only allow Owners to create subgroups. For more information
 check the [permissions table](../../permissions.md#group-members-permissions).
 For a list of words that are not allowed to be used as group names see the
-[reserved names](../../reserved_names.md).  Users can always create subgroups if
+[reserved names](../../reserved_names.md).
+
+Users can always create subgroups if
 they are explicitly added as an Owner (or Maintainer, if that setting is
 enabled) to a parent group, even if group creation is disabled by an
 administrator in their settings.
-- 
cgit v1.2.1


From d67a36f9b8ec3559bc7f531962c4d73a36155e8e Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 3 Jul 2019 05:55:49 +0000
Subject: Apply suggestion to doc/user/permissions.md

---
 doc/user/permissions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 92635ae484b..8ff778e7494 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -209,7 +209,7 @@ group.
 | Create project in group                         |       |          | ✓         | ✓          | ✓     |
 | Create/edit/delete group milestones             |       |          | ✓         | ✓          | ✓     |
 | Enable/disable a dependency proxy **[PREMIUM]** |       |          | ✓         | ✓          | ✓     |
-| Create subgroup                                 |       |          |           | ✓*         | ✓     |
+| Create subgroup                                 |       |          |           | ✓ (1)        | ✓     |
 | Edit group                                      |       |          |           |            | ✓     |
 | Manage group members                            |       |          |           |            | ✓     |
 | Remove group                                    |       |          |           |            | ✓     |
-- 
cgit v1.2.1


From e8497339eeedb4df0d1aea817874849c645cdc77 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 3 Jul 2019 05:56:03 +0000
Subject: Apply suggestion to doc/user/permissions.md

---
 doc/user/permissions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 8ff778e7494..c992f581a82 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -216,7 +216,7 @@ group.
 | Delete group epic **[ULTIMATE]**                |       |          |           |            | ✓     |
 | View group Audit Events                         |       |          |           |            | ✓     |
 
-*Groups can be set to allow either Owners or Owners and maintainers to create subgroups
+- (1): Groups can be set to allow either Owners or Owners and maintainers to create subgroups
 
 ### Subgroup permissions
 
-- 
cgit v1.2.1


From 8b70c1cf8ca82b3c4b34740c65734fc32e3e01ee Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 3 Jul 2019 05:56:53 +0000
Subject: Apply suggestion to doc/user/group/subgroups/index.md

---
 doc/user/group/subgroups/index.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index fad7541bdc4..4e88ec5ee76 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -74,7 +74,6 @@ structure.
 
 ## Creating a subgroup
 
-NOTE: **Note:**
 In order to create a subgroup you must either be an Owner or a Maintainer of the
 group, depending on the group's setting. By default groups allow both Owners and
 Maintainers to create subgroups, but this can be changed by an Owner or
-- 
cgit v1.2.1


From fa6504d6354fdabedd24589e7242ba457302aaa6 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 3 Jul 2019 16:43:56 +0000
Subject: Update index.md

---
 doc/user/group/subgroups/index.md | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index 4e88ec5ee76..b9313ccdb1e 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -74,18 +74,19 @@ structure.
 
 ## Creating a subgroup
 
-In order to create a subgroup you must either be an Owner or a Maintainer of the
-group, depending on the group's setting. By default groups allow both Owners and
+To create a subgroup you must either be an Owner or a Maintainer of the group,
+depending on the group's setting. By default groups allow both Owners and
 Maintainers to create subgroups, but this can be changed by an Owner or
-Administrator to only allow Owners to create subgroups. For more information
-check the [permissions table](../../permissions.md#group-members-permissions).
-For a list of words that are not allowed to be used as group names see the
+Administrator to only allow Owners to create subgroups.
+
+For more information check the
+[permissions table](../../permissions.md#group-members-permissions). For a list
+of words that are not allowed to be used as group names see the
 [reserved names](../../reserved_names.md).
 
-Users can always create subgroups if
-they are explicitly added as an Owner (or Maintainer, if that setting is
-enabled) to a parent group, even if group creation is disabled by an
-administrator in their settings.
+Users can always create subgroups if they are explicitly added as an Owner (or
+Maintainer, if that setting is enabled) to a parent group, even if group
+creation is disabled by an administrator in their settings.
 
 To create a subgroup:
 
-- 
cgit v1.2.1


From e9f9cc8937bc86b582424929fc8e961f003caf96 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 5 Jul 2019 14:52:06 +0000
Subject: Apply suggestion to doc/user/permissions.md

---
 doc/user/permissions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index c992f581a82..aac548020be 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -216,7 +216,7 @@ group.
 | Delete group epic **[ULTIMATE]**                |       |          |           |            | ✓     |
 | View group Audit Events                         |       |          |           |            | ✓     |
 
-- (1): Groups can be set to allow either Owners or Owners and maintainers to create subgroups
+- (1): Groups can be set to allow either Owners or Owners and Maintainers to create subgroups
 
 ### Subgroup permissions
 
-- 
cgit v1.2.1


From 476da097cdd1c866bdd84de050b05a9508f13c14 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 5 Jul 2019 12:43:58 -0700
Subject: Regenerate locale strings

---
 locale/gitlab.pot | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 78bf48d66fc..f8de4a5ac71 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -9994,6 +9994,18 @@ msgstr ""
 msgid "StorageSize|Unknown"
 msgstr ""
 
+msgid "SubgroupCreationLevel|Allowed to create subgroups"
+msgstr ""
+
+msgid "SubgroupCreationlevel|Allowed to create subgroups"
+msgstr ""
+
+msgid "SubgroupCreationlevel|Maintainers"
+msgstr ""
+
+msgid "SubgroupCreationlevel|Owners"
+msgstr ""
+
 msgid "Subgroups"
 msgstr ""
 
-- 
cgit v1.2.1


From a7821dd910fd385a66cfe6c840c37c7b11263410 Mon Sep 17 00:00:00 2001
From: Fabio Pitino <fpitino@gitlab.com>
Date: Fri, 28 Jun 2019 17:27:07 +0100
Subject: Drop feature to take ownership of a trigger token

Removing API and frontend interactions that allowed
users to take ownership of a trigger token.

Removed mentions from the documentation.
---
 app/controllers/projects/triggers_controller.rb    | 12 +--------
 app/views/projects/triggers/_trigger.html.haml     |  3 ---
 ...urity-remove-take-trigger-ownership-feature.yml |  5 ++++
 config/routes/project.rb                           |  6 +----
 doc/api/pipeline_triggers.md                       | 29 ----------------------
 doc/ci/triggers/README.md                          | 14 +----------
 doc/user/project/new_ci_build_permissions_model.md |  3 +--
 lib/api/triggers.rb                                | 21 ----------------
 locale/gitlab.pot                                  |  6 -----
 spec/features/triggers_spec.rb                     | 23 -----------------
 spec/requests/api/triggers_spec.rb                 | 28 ---------------------
 11 files changed, 9 insertions(+), 141 deletions(-)
 create mode 100644 changelogs/unreleased/security-remove-take-trigger-ownership-feature.yml

diff --git a/app/controllers/projects/triggers_controller.rb b/app/controllers/projects/triggers_controller.rb
index 284e119ca06..7159d0243a3 100644
--- a/app/controllers/projects/triggers_controller.rb
+++ b/app/controllers/projects/triggers_controller.rb
@@ -4,7 +4,7 @@ class Projects::TriggersController < Projects::ApplicationController
   before_action :authorize_admin_build!
   before_action :authorize_manage_trigger!, except: [:index, :create]
   before_action :authorize_admin_trigger!, only: [:edit, :update]
-  before_action :trigger, only: [:take_ownership, :edit, :update, :destroy]
+  before_action :trigger, only: [:edit, :update, :destroy]
 
   layout 'project_settings'
 
@@ -24,16 +24,6 @@ class Projects::TriggersController < Projects::ApplicationController
     redirect_to project_settings_ci_cd_path(@project, anchor: 'js-pipeline-triggers')
   end
 
-  def take_ownership
-    if trigger.update(owner: current_user)
-      flash[:notice] = _('Trigger was re-assigned.')
-    else
-      flash[:alert] = _('You could not take ownership of trigger.')
-    end
-
-    redirect_to project_settings_ci_cd_path(@project, anchor: 'js-pipeline-triggers')
-  end
-
   def edit
   end
 
diff --git a/app/views/projects/triggers/_trigger.html.haml b/app/views/projects/triggers/_trigger.html.haml
index 6f6f1e5e0c5..7367a96f8e4 100644
--- a/app/views/projects/triggers/_trigger.html.haml
+++ b/app/views/projects/triggers/_trigger.html.haml
@@ -30,10 +30,7 @@
       Never
 
   %td.text-right.trigger-actions
-    - take_ownership_confirmation = "By taking ownership you will bind this trigger to your user account. With this the trigger will have access to all your projects as if it was you. Are you sure?"
     - revoke_trigger_confirmation = "By revoking a trigger you will break any processes making use of it. Are you sure?"
-    - if trigger.owner != current_user && can?(current_user, :manage_trigger, trigger)
-      = link_to 'Take ownership', take_ownership_project_trigger_path(@project, trigger), data: { confirm: take_ownership_confirmation }, method: :post, class: "btn btn-default btn-sm btn-trigger-take-ownership"
     - if can?(current_user, :admin_trigger, trigger)
       = link_to edit_project_trigger_path(@project, trigger), method: :get, title: "Edit", class: "btn btn-default btn-sm" do
         %i.fa.fa-pencil
diff --git a/changelogs/unreleased/security-remove-take-trigger-ownership-feature.yml b/changelogs/unreleased/security-remove-take-trigger-ownership-feature.yml
new file mode 100644
index 00000000000..201f66e1f18
--- /dev/null
+++ b/changelogs/unreleased/security-remove-take-trigger-ownership-feature.yml
@@ -0,0 +1,5 @@
+---
+title: Drop feature to take ownership of trigger token.
+merge_request:
+author:
+type: security
diff --git a/config/routes/project.rb b/config/routes/project.rb
index c202463dadb..1f632765317 100644
--- a/config/routes/project.rb
+++ b/config/routes/project.rb
@@ -339,11 +339,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
 
       resource :variables, only: [:show, :update]
 
-      resources :triggers, only: [:index, :create, :edit, :update, :destroy] do
-        member do
-          post :take_ownership
-        end
-      end
+      resources :triggers, only: [:index, :create, :edit, :update, :destroy]
 
       resource :mirror, only: [:show, :update] do
         member do
diff --git a/doc/api/pipeline_triggers.md b/doc/api/pipeline_triggers.md
index 736312df116..e207ff8e98a 100644
--- a/doc/api/pipeline_triggers.md
+++ b/doc/api/pipeline_triggers.md
@@ -120,35 +120,6 @@ curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" --form descript
 }
 ```
 
-## Take ownership of a project trigger
-
-Update an owner of a project trigger.
-
-```
-POST /projects/:id/triggers/:trigger_id/take_ownership
-```
-
-| Attribute     | Type    | required | Description              |
-|---------------|---------|----------|--------------------------|
-| `id`          | integer/string | yes      | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user      |
-| `trigger_id`  | integer | yes      | The trigger id           |
-
-```
-curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/triggers/10/take_ownership"
-```
-
-```json
-{
-    "id": 10,
-    "description": "my trigger",
-    "created_at": "2016-01-07T09:53:58.235Z",
-    "last_used": null,
-    "token": "6d056f63e50fe6f8c5f8f4aa10edb7",
-    "updated_at": "2016-01-07T09:53:58.235Z",
-    "owner": null
-}
-```
-
 ## Remove a project trigger
 
 Remove a project's build trigger.
diff --git a/doc/ci/triggers/README.md b/doc/ci/triggers/README.md
index d1f9aa03b6b..2a382f18038 100644
--- a/doc/ci/triggers/README.md
+++ b/doc/ci/triggers/README.md
@@ -97,17 +97,6 @@ overview of the time the triggers were last used.
 
 ![Triggers page overview](img/triggers_page.png)
 
-## Taking ownership of a trigger
-
-> **Note**:
-GitLab 9.0 introduced a trigger ownership to solve permission problems.
-
-Each created trigger when run will impersonate their associated user including
-their access to projects and their project permissions.
-
-You can take ownership of existing triggers by clicking *Take ownership*.
-From now on the trigger will be run as you.
-
 ## Revoking a trigger
 
 You can revoke a trigger any time by going at your project's
@@ -282,8 +271,7 @@ Old triggers, created before GitLab 9.0 will be marked as legacy.
 
 Triggers with the legacy label do not have an associated user and only have
 access to the current project. They are considered deprecated and will be
-removed with one of the future versions of GitLab. You are advised to
-[take ownership](#taking-ownership-of-a-trigger) of any legacy triggers.
+removed with one of the future versions of GitLab. 
 
 [ee-2017]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2017
 [ee-2346]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2346
diff --git a/doc/user/project/new_ci_build_permissions_model.md b/doc/user/project/new_ci_build_permissions_model.md
index d35a8568394..5d7d9991091 100644
--- a/doc/user/project/new_ci_build_permissions_model.md
+++ b/doc/user/project/new_ci_build_permissions_model.md
@@ -92,8 +92,7 @@ to steal the tokens of other jobs.
 
 Since 9.0 [pipeline triggers][triggers] do support the new permission model.
 The new triggers do impersonate their associated user including their access
-to projects and their project permissions. To migrate trigger to use new permission
-model use **Take ownership**.
+to projects and their project permissions. 
 
 ## Before GitLab 8.12
 
diff --git a/lib/api/triggers.rb b/lib/api/triggers.rb
index 0e829c5699b..eeecc390256 100644
--- a/lib/api/triggers.rb
+++ b/lib/api/triggers.rb
@@ -112,27 +112,6 @@ module API
         end
       end
 
-      desc 'Take ownership of trigger' do
-        success Entities::Trigger
-      end
-      params do
-        requires :trigger_id, type: Integer, desc: 'The trigger ID'
-      end
-      post ':id/triggers/:trigger_id/take_ownership' do
-        authenticate!
-        authorize! :admin_build, user_project
-
-        trigger = user_project.triggers.find(params.delete(:trigger_id))
-        break not_found!('Trigger') unless trigger
-
-        if trigger.update(owner: current_user)
-          status :ok
-          present trigger, with: Entities::Trigger, current_user: current_user
-        else
-          render_validation_error!(trigger)
-        end
-      end
-
       desc 'Delete a trigger' do
         success Entities::Trigger
       end
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 9b6e8d8c8a4..47dca877c2f 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -11377,9 +11377,6 @@ msgstr ""
 msgid "Trigger was created successfully."
 msgstr ""
 
-msgid "Trigger was re-assigned."
-msgstr ""
-
 msgid "Trigger was successfully updated."
 msgstr ""
 
@@ -12321,9 +12318,6 @@ msgstr ""
 msgid "You could not create a new trigger."
 msgstr ""
 
-msgid "You could not take ownership of trigger."
-msgstr ""
-
 msgid "You do not have any subscriptions yet"
 msgstr ""
 
diff --git a/spec/features/triggers_spec.rb b/spec/features/triggers_spec.rb
index 919859c145a..41b640bb53a 100644
--- a/spec/features/triggers_spec.rb
+++ b/spec/features/triggers_spec.rb
@@ -81,29 +81,6 @@ describe 'Triggers', :js do
     end
   end
 
-  describe 'trigger "Take ownership" workflow' do
-    before do
-      create(:ci_trigger, owner: user2, project: @project, description: trigger_title)
-      visit project_settings_ci_cd_path(@project)
-    end
-
-    it 'button "Take ownership" has correct alert' do
-      expected_alert = 'By taking ownership you will bind this trigger to your user account. With this the trigger will have access to all your projects as if it was you. Are you sure?'
-      expect(page.find('a.btn-trigger-take-ownership')['data-confirm']).to eq expected_alert
-    end
-
-    it 'take trigger ownership' do
-      # See if "Take ownership" on trigger works post trigger creation
-      page.accept_confirm do
-        first(:link, "Take ownership").send_keys(:return)
-      end
-
-      expect(page.find('.flash-notice')).to have_content 'Trigger was re-assigned.'
-      expect(page.find('.triggers-list')).to have_content trigger_title
-      expect(page.find('.triggers-list .trigger-owner')).to have_content user.name
-    end
-  end
-
   describe 'trigger "Revoke" workflow' do
     before do
       create(:ci_trigger, owner: user2, project: @project, description: trigger_title)
diff --git a/spec/requests/api/triggers_spec.rb b/spec/requests/api/triggers_spec.rb
index f0f01e97f1d..8ea3d16a41f 100644
--- a/spec/requests/api/triggers_spec.rb
+++ b/spec/requests/api/triggers_spec.rb
@@ -270,34 +270,6 @@ describe API::Triggers do
     end
   end
 
-  describe 'POST /projects/:id/triggers/:trigger_id/take_ownership' do
-    context 'authenticated user with valid permissions' do
-      it 'updates owner' do
-        post api("/projects/#{project.id}/triggers/#{trigger.id}/take_ownership", user)
-
-        expect(response).to have_gitlab_http_status(200)
-        expect(json_response).to include('owner')
-        expect(trigger.reload.owner).to eq(user)
-      end
-    end
-
-    context 'authenticated user with invalid permissions' do
-      it 'does not update owner' do
-        post api("/projects/#{project.id}/triggers/#{trigger.id}/take_ownership", user2)
-
-        expect(response).to have_gitlab_http_status(403)
-      end
-    end
-
-    context 'unauthenticated user' do
-      it 'does not update owner' do
-        post api("/projects/#{project.id}/triggers/#{trigger.id}/take_ownership")
-
-        expect(response).to have_gitlab_http_status(401)
-      end
-    end
-  end
-
   describe 'DELETE /projects/:id/triggers/:trigger_id' do
     context 'authenticated user with valid permissions' do
       it 'deletes trigger' do
-- 
cgit v1.2.1


From 9b176c65159e4186f79eae2107af80e69132ba09 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 10 Jul 2019 12:27:12 -0700
Subject: Make Group#subgroup_creation_level return Owner if it is nil in DB

---
 app/models/group.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 3f80c1373f1..37f30552b39 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -417,7 +417,7 @@ class Group < Namespace
   end
 
   def subgroup_creation_level
-    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+    super || ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
   end
 
   private
-- 
cgit v1.2.1


From 1c42f748f8cac88692d3dca5470f74331e48b8d1 Mon Sep 17 00:00:00 2001
From: Fabio Pitino <fpitino@gitlab.com>
Date: Fri, 21 Jun 2019 17:56:03 +0100
Subject: Don't display badges when builds are restricted

Badges were leaked to unauthorized users even when Public Builds
project setting is disabled.

Added guard clause to the controller to check if user can read
build.
---
 app/controllers/projects/badges_controller.rb      |   3 +-
 ...ity-fix-badges-leaked-to-unauthorized-users.yml |   5 +
 .../controllers/projects/badges_controller_spec.rb | 124 ++++++++++++++++-----
 3 files changed, 101 insertions(+), 31 deletions(-)
 create mode 100644 changelogs/unreleased/security-fix-badges-leaked-to-unauthorized-users.yml

diff --git a/app/controllers/projects/badges_controller.rb b/app/controllers/projects/badges_controller.rb
index 09a384e89ab..66b51b17790 100644
--- a/app/controllers/projects/badges_controller.rb
+++ b/app/controllers/projects/badges_controller.rb
@@ -3,7 +3,8 @@
 class Projects::BadgesController < Projects::ApplicationController
   layout 'project_settings'
   before_action :authorize_admin_project!, only: [:index]
-  before_action :no_cache_headers, except: [:index]
+  before_action :no_cache_headers, only: [:pipeline, :coverage]
+  before_action :authorize_read_build!, only: [:pipeline, :coverage]
 
   def pipeline
     pipeline_status = Gitlab::Badge::Pipeline::Status
diff --git a/changelogs/unreleased/security-fix-badges-leaked-to-unauthorized-users.yml b/changelogs/unreleased/security-fix-badges-leaked-to-unauthorized-users.yml
new file mode 100644
index 00000000000..9526f3c559f
--- /dev/null
+++ b/changelogs/unreleased/security-fix-badges-leaked-to-unauthorized-users.yml
@@ -0,0 +1,5 @@
+---
+title: Show badges if pipelines are public otherwise default to project permissions.
+erge_request:
+author:
+type: security
diff --git a/spec/controllers/projects/badges_controller_spec.rb b/spec/controllers/projects/badges_controller_spec.rb
index 5ec8d8d41d7..4ae29ba7f54 100644
--- a/spec/controllers/projects/badges_controller_spec.rb
+++ b/spec/controllers/projects/badges_controller_spec.rb
@@ -7,51 +7,115 @@ describe Projects::BadgesController do
   let!(:pipeline) { create(:ci_empty_pipeline) }
   let(:user) { create(:user) }
 
-  before do
-    project.add_maintainer(user)
-    sign_in(user)
-  end
+  shared_examples 'a badge resource' do |badge_type|
+    context 'when pipelines are public' do
+      before do
+        project.update!(public_builds: true)
+      end
+
+      context 'when project is public' do
+        before do
+          project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
+        end
+
+        it "returns the #{badge_type} badge to unauthenticated users" do
+          get_badge(badge_type)
+
+          expect(response).to have_gitlab_http_status(:ok)
+        end
+      end
+
+      context 'when project is restricted' do
+        before do
+          project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
+          project.add_guest(user)
+          sign_in(user)
+        end
+
+        it "returns the #{badge_type} badge to guest users" do
+          get_badge(badge_type)
+
+          expect(response).to have_gitlab_http_status(:ok)
+        end
+      end
+    end
 
-  it 'requests the pipeline badge successfully' do
-    get_badge(:pipeline)
+    context 'format' do
+      before do
+        project.add_maintainer(user)
+        sign_in(user)
+      end
 
-    expect(response).to have_gitlab_http_status(:ok)
-  end
+      it 'renders the `flat` badge layout by default' do
+        get_badge(badge_type)
 
-  it 'requests the coverage badge successfully' do
-    get_badge(:coverage)
+        expect(response).to render_template('projects/badges/badge')
+      end
 
-    expect(response).to have_gitlab_http_status(:ok)
-  end
+      context 'when style param is set to `flat`' do
+        it 'renders the `flat` badge layout' do
+          get_badge(badge_type, 'flat')
 
-  it 'renders the `flat` badge layout by default' do
-    get_badge(:coverage)
+          expect(response).to render_template('projects/badges/badge')
+        end
+      end
 
-    expect(response).to render_template('projects/badges/badge')
-  end
+      context 'when style param is set to an invalid type' do
+        it 'renders the `flat` (default) badge layout' do
+          get_badge(badge_type, 'xxx')
+
+          expect(response).to render_template('projects/badges/badge')
+        end
+      end
 
-  context 'when style param is set to `flat`' do
-    it 'renders the `flat` badge layout' do
-      get_badge(:coverage, 'flat')
+      context 'when style param is set to `flat-square`' do
+        it 'renders the `flat-square` badge layout' do
+          get_badge(badge_type, 'flat-square')
 
-      expect(response).to render_template('projects/badges/badge')
+          expect(response).to render_template('projects/badges/badge_flat-square')
+        end
+      end
     end
-  end
 
-  context 'when style param is set to an invalid type' do
-    it 'renders the `flat` (default) badge layout' do
-      get_badge(:coverage, 'xxx')
+    context 'when pipelines are not public' do
+      before do
+        project.update!(public_builds: false)
+      end
 
-      expect(response).to render_template('projects/badges/badge')
+      context 'when project is public' do
+        before do
+          project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
+        end
+
+        it 'returns 404 to unauthenticated users' do
+          get_badge(badge_type)
+
+          expect(response).to have_gitlab_http_status(:not_found)
+        end
+      end
+
+      context 'when project is restricted to the user' do
+        before do
+          project.update!(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
+          project.add_guest(user)
+          sign_in(user)
+        end
+
+        it 'defaults to project permissions' do
+          get_badge(:coverage)
+
+          expect(response).to have_gitlab_http_status(:not_found)
+        end
+      end
     end
   end
 
-  context 'when style param is set to `flat-square`' do
-    it 'renders the `flat-square` badge layout' do
-      get_badge(:coverage, 'flat-square')
+  describe '#pipeline' do
+    it_behaves_like 'a badge resource', :pipeline
+  end
 
-      expect(response).to render_template('projects/badges/badge_flat-square')
-    end
+  describe '#coverage' do
+    it_behaves_like 'a badge resource', :coverage
   end
 
   def get_badge(badge, style = nil)
-- 
cgit v1.2.1


From 4f72293aaf36de46a0bd1615e7a4b2da92414be8 Mon Sep 17 00:00:00 2001
From: Mark Fletcher <mark@gitlab.com>
Date: Thu, 11 Jul 2019 14:15:34 +0100
Subject: Danger asks for throughput labels

---
 danger/metadata/Dangerfile | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/danger/metadata/Dangerfile b/danger/metadata/Dangerfile
index 1adca152736..f2d68e64eb6 100644
--- a/danger/metadata/Dangerfile
+++ b/danger/metadata/Dangerfile
@@ -1,5 +1,13 @@
 # rubocop:disable Style/SignalException
 
+THROUGHPUT_LABELS = [
+  'Community contribution',
+  'security',
+  'bug',
+  'feature',
+  'backstage'
+].freeze
+
 if gitlab.mr_body.size < 5
   fail "Please provide a proper merge request description."
 end
@@ -8,6 +16,10 @@ if gitlab.mr_labels.empty?
   fail "Please add labels to this merge request."
 end
 
+if (THROUGHPUT_LABELS & gitlab.mr_labels).empty?
+  warn 'Please add a [throughput label](https://about.gitlab.com/handbook/engineering/management/throughput/#implementation) to this merge request.'
+end
+
 unless gitlab.mr_json["assignee"]
   warn "This merge request does not have any assignee yet. Setting an assignee clarifies who needs to take action on the merge request at any given time."
 end
-- 
cgit v1.2.1


From dfe906209e2238b82c84c9fb435498cae2f3d43e Mon Sep 17 00:00:00 2001
From: Adam Hegyi <ahegyi@gitlab.com>
Date: Thu, 11 Jul 2019 06:48:50 +0200
Subject: Queries for Upload should be scoped by model

---
 app/controllers/concerns/uploads_actions.rb         |  2 +-
 app/uploaders/records_uploads.rb                    |  2 +-
 .../unreleased/security-60551-fix-upload-scope.yml  |  5 +++++
 spec/controllers/groups/uploads_controller_spec.rb  |  5 +++++
 .../controllers/projects/uploads_controller_spec.rb |  5 +++++
 .../controllers/uploads_actions_shared_examples.rb  | 10 ++++++++++
 spec/uploaders/records_uploads_spec.rb              | 21 +++++++++++++++++++++
 7 files changed, 48 insertions(+), 2 deletions(-)
 create mode 100644 changelogs/unreleased/security-60551-fix-upload-scope.yml

diff --git a/app/controllers/concerns/uploads_actions.rb b/app/controllers/concerns/uploads_actions.rb
index 59f6d3452a3..f5d35379e10 100644
--- a/app/controllers/concerns/uploads_actions.rb
+++ b/app/controllers/concerns/uploads_actions.rb
@@ -90,7 +90,7 @@ module UploadsActions
     return unless uploader = build_uploader
 
     upload_paths = uploader.upload_paths(params[:filename])
-    upload = Upload.find_by(uploader: uploader_class.to_s, path: upload_paths)
+    upload = Upload.find_by(model: model, uploader: uploader_class.to_s, path: upload_paths)
     upload&.build_uploader
   end
   # rubocop: enable CodeReuse/ActiveRecord
diff --git a/app/uploaders/records_uploads.rb b/app/uploaders/records_uploads.rb
index 00b51f92b12..d7a859ebd5f 100644
--- a/app/uploaders/records_uploads.rb
+++ b/app/uploaders/records_uploads.rb
@@ -35,7 +35,7 @@ module RecordsUploads
     end
 
     def readd_upload
-      uploads.where(path: upload_path).delete_all
+      uploads.where(model: model, path: upload_path).delete_all
       upload.delete if upload
 
       self.upload = build_upload.tap(&:save!)
diff --git a/changelogs/unreleased/security-60551-fix-upload-scope.yml b/changelogs/unreleased/security-60551-fix-upload-scope.yml
new file mode 100644
index 00000000000..7d7096833a7
--- /dev/null
+++ b/changelogs/unreleased/security-60551-fix-upload-scope.yml
@@ -0,0 +1,5 @@
+---
+title: Queries for Upload should be scoped by model
+merge_request:
+author:
+type: security
diff --git a/spec/controllers/groups/uploads_controller_spec.rb b/spec/controllers/groups/uploads_controller_spec.rb
index 0f99a957581..60342bf8e3d 100644
--- a/spec/controllers/groups/uploads_controller_spec.rb
+++ b/spec/controllers/groups/uploads_controller_spec.rb
@@ -10,6 +10,11 @@ describe Groups::UploadsController do
     { group_id: model }
   end
 
+  let(:other_model) { create(:group, :public) }
+  let(:other_params) do
+    { group_id: other_model }
+  end
+
   it_behaves_like 'handle uploads' do
     let(:uploader_class) { NamespaceFileUploader }
   end
diff --git a/spec/controllers/projects/uploads_controller_spec.rb b/spec/controllers/projects/uploads_controller_spec.rb
index 776c1270977..661ed9840b1 100644
--- a/spec/controllers/projects/uploads_controller_spec.rb
+++ b/spec/controllers/projects/uploads_controller_spec.rb
@@ -10,6 +10,11 @@ describe Projects::UploadsController do
     { namespace_id: model.namespace.to_param, project_id: model }
   end
 
+  let(:other_model) { create(:project, :public) }
+  let(:other_params) do
+    { namespace_id: other_model.namespace.to_param, project_id: other_model }
+  end
+
   it_behaves_like 'handle uploads'
 
   context 'when the URL the old style, without /-/system' do
diff --git a/spec/support/shared_examples/controllers/uploads_actions_shared_examples.rb b/spec/support/shared_examples/controllers/uploads_actions_shared_examples.rb
index 59708173716..9036838e50a 100644
--- a/spec/support/shared_examples/controllers/uploads_actions_shared_examples.rb
+++ b/spec/support/shared_examples/controllers/uploads_actions_shared_examples.rb
@@ -74,6 +74,16 @@ shared_examples 'handle uploads' do
       UploadService.new(model, jpg, uploader_class).execute
     end
 
+    context 'when accessing a specific upload via different model' do
+      it 'responds with status 404' do
+        params.merge!(other_params)
+
+        show_upload
+
+        expect(response).to have_gitlab_http_status(404)
+      end
+    end
+
     context "when the model is public" do
       before do
         model.update_attribute(:visibility_level, Gitlab::VisibilityLevel::PUBLIC)
diff --git a/spec/uploaders/records_uploads_spec.rb b/spec/uploaders/records_uploads_spec.rb
index 42352f9b9f8..6134137d2b7 100644
--- a/spec/uploaders/records_uploads_spec.rb
+++ b/spec/uploaders/records_uploads_spec.rb
@@ -85,6 +85,27 @@ describe RecordsUploads do
       expect { existing.reload }.to raise_error(ActiveRecord::RecordNotFound)
       expect(Upload.count).to eq(1)
     end
+
+    it 'does not affect other uploads with different model but the same path' do
+      project = create(:project)
+      other_project = create(:project)
+
+      uploader = RecordsUploadsExampleUploader.new(other_project)
+
+      upload_for_project = Upload.create!(
+        path: File.join('uploads', 'rails_sample.jpg'),
+        size: 512.kilobytes,
+        model: project,
+        uploader: uploader.class.to_s
+      )
+
+      uploader.store!(upload_fixture('rails_sample.jpg'))
+
+      upload_for_project_fresh = Upload.find(upload_for_project.id)
+
+      expect(upload_for_project).to eq(upload_for_project_fresh)
+      expect(Upload.count).to eq(2)
+    end
   end
 
   describe '#destroy_upload callback' do
-- 
cgit v1.2.1


From ff0654b0b46df4d143c3ec6bb4fa92da34745e44 Mon Sep 17 00:00:00 2001
From: John Cai <jcai@gitlab.com>
Date: Thu, 11 Jul 2019 09:53:38 -0700
Subject: Add unset_rugged rake task

Adds an unset_rugged rake task that unsets all rugged feature flags.
Also fixes the existing disable_rugged task to have it explicitly
disable feature flags instead of just unsetting them.
---
 lib/tasks/gitlab/features.rake | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/lib/tasks/gitlab/features.rake b/lib/tasks/gitlab/features.rake
index d88bcca0819..9cf568c07fe 100644
--- a/lib/tasks/gitlab/features.rake
+++ b/lib/tasks/gitlab/features.rake
@@ -10,14 +10,22 @@ namespace :gitlab do
       set_rugged_feature_flags(false)
       puts 'All Rugged feature flags were disabled.'
     end
+
+    task unset_rugged: :environment do
+      set_rugged_feature_flags(nil)
+      puts 'All Rugged feature flags were unset.'
+    end
   end
 
   def set_rugged_feature_flags(status)
     Gitlab::Git::RuggedImpl::Repository::FEATURE_FLAGS.each do |flag|
-      if status
-        Feature.enable(flag)
-      else
+      case status
+      when nil
         Feature.get(flag).remove
+      when true
+        Feature.enable(flag)
+      when false
+        Feature.disable(flag)
       end
     end
   end
-- 
cgit v1.2.1


From 43830eca33b6be5d59685be5c2f3270ed81bf751 Mon Sep 17 00:00:00 2001
From: Felipe Artur <felipefac@gmail.com>
Date: Wed, 10 Jul 2019 17:04:02 -0300
Subject: Do not show moved issue ids for user not authorized

Do not show moved issue id for users that cannot read issue
---
 app/serializers/issue_entity.rb                    |  7 ++++-
 .../unreleased/security-hide_moved_issue_id.yml    |  5 ++++
 spec/serializers/issue_entity_spec.rb              | 33 ++++++++++++++++++++++
 3 files changed, 44 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/security-hide_moved_issue_id.yml

diff --git a/app/serializers/issue_entity.rb b/app/serializers/issue_entity.rb
index 36e601f45c5..82139855760 100644
--- a/app/serializers/issue_entity.rb
+++ b/app/serializers/issue_entity.rb
@@ -16,9 +16,14 @@ class IssueEntity < IssuableEntity
   expose :discussion_locked
   expose :assignees, using: API::Entities::UserBasic
   expose :due_date
-  expose :moved_to_id
   expose :project_id
 
+  expose :moved_to_id do |issue|
+    if issue.moved_to_id.present? && can?(request.current_user, :read_issue, issue.moved_to)
+      issue.moved_to_id
+    end
+  end
+
   expose :web_url do |issue|
     project_issue_path(issue.project, issue)
   end
diff --git a/changelogs/unreleased/security-hide_moved_issue_id.yml b/changelogs/unreleased/security-hide_moved_issue_id.yml
new file mode 100644
index 00000000000..24353d797c9
--- /dev/null
+++ b/changelogs/unreleased/security-hide_moved_issue_id.yml
@@ -0,0 +1,5 @@
+---
+title: Do not show moved issue id for users that cannot read issue
+merge_request:
+author:
+type: security
diff --git a/spec/serializers/issue_entity_spec.rb b/spec/serializers/issue_entity_spec.rb
index caa3e41402b..0e05b3c84f4 100644
--- a/spec/serializers/issue_entity_spec.rb
+++ b/spec/serializers/issue_entity_spec.rb
@@ -17,4 +17,37 @@ describe IssueEntity do
   it 'has time estimation attributes' do
     expect(subject).to include(:time_estimate, :total_time_spent, :human_time_estimate, :human_total_time_spent)
   end
+
+  context 'when issue got moved' do
+    let(:public_project) { create(:project, :public) }
+    let(:member) { create(:user) }
+    let(:non_member) { create(:user) }
+    let(:issue) { create(:issue, project: public_project) }
+
+    before do
+      project.add_developer(member)
+      public_project.add_developer(member)
+      Issues::MoveService.new(public_project, member).execute(issue, project)
+    end
+
+    context 'when user cannot read target project' do
+      it 'does not return moved_to_id' do
+        request = double('request', current_user: non_member)
+
+        response = described_class.new(issue, request: request).as_json
+
+        expect(response[:moved_to_id]).to be_nil
+      end
+    end
+
+    context 'when user can read target project' do
+      it 'returns moved moved_to_id' do
+        request = double('request', current_user: member)
+
+        response = described_class.new(issue, request: request).as_json
+
+        expect(response[:moved_to_id]).to eq(issue.moved_to_id)
+      end
+    end
+  end
 end
-- 
cgit v1.2.1


From b9d43e27b294e0ac18421e4e0540ba2c5fd80d15 Mon Sep 17 00:00:00 2001
From: drew cimino <dcimino@gitlab.com>
Date: Tue, 25 Jun 2019 17:05:18 -0400
Subject: Added specs for Ci::Pipeline::Seed::Build

- #included? when only: and except: both match
---
 spec/lib/gitlab/ci/pipeline/seed/build_spec.rb | 57 ++++++++++++++++++++++----
 1 file changed, 49 insertions(+), 8 deletions(-)

diff --git a/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb b/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb
index 7991e2f48b5..633000ec8fe 100644
--- a/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb
@@ -3,14 +3,9 @@ require 'spec_helper'
 describe Gitlab::Ci::Pipeline::Seed::Build do
   let(:project) { create(:project, :repository) }
   let(:pipeline) { create(:ci_empty_pipeline, project: project) }
+  let(:attributes) { { name: 'rspec', ref: 'master' } }
 
-  let(:attributes) do
-    { name: 'rspec', ref: 'master' }
-  end
-
-  subject do
-    described_class.new(pipeline, attributes)
-  end
+  subject { described_class.new(pipeline, attributes) }
 
   describe '#attributes' do
     it 'returns hash attributes of a build' do
@@ -76,7 +71,7 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
     end
   end
 
-  describe 'applying only/except policies' do
+  describe 'applying job inclusion policies' do
     context 'when no branch policy is specified' do
       let(:attributes) { { name: 'rspec' } }
 
@@ -95,6 +90,12 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
 
         it { is_expected.to be_included }
       end
+
+      context 'with both only and except policies' do
+        let(:attributes) { { name: 'rspec', only: { refs: %w(deploy) }, except: { refs: %(deploy) } } }
+
+        it { is_expected.not_to be_included }
+      end
     end
 
     context 'when branch regexp policy does not match' do
@@ -109,6 +110,12 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
 
         it { is_expected.to be_included }
       end
+
+      context 'with both only and except policies' do
+        let(:attributes) { { name: 'rspec', only: { refs: %w(/^deploy$/) }, except: { refs: %w(/^deploy$/) } } }
+
+        it { is_expected.not_to be_included }
+      end
     end
 
     context 'when branch policy matches' do
@@ -123,6 +130,12 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
 
         it { is_expected.not_to be_included }
       end
+
+      context 'when using both only and except policies' do
+        let(:attributes) { { name: 'rspec', only: { refs: %w(deploy master) }, except: { refs: %w(deploy master) } } }
+
+        it { is_expected.not_to be_included }
+      end
     end
 
     context 'when keyword policy matches' do
@@ -137,6 +150,12 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
 
         it { is_expected.not_to be_included }
       end
+
+      context 'when using both only and except policies' do
+        let(:attributes) { { name: 'rspec', only: { refs: %w(branches) }, except: { refs: %(branches) } } }
+
+        it { is_expected.not_to be_included }
+      end
     end
 
     context 'when keyword policy does not match' do
@@ -151,6 +170,12 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
 
         it { is_expected.to be_included }
       end
+
+      context 'when using both only and except policies' do
+        let(:attributes) { { name: 'rspec', only: { refs: %(tags) }, except: { refs: %(tags) } } }
+
+        it { is_expected.not_to be_included }
+      end
     end
 
     context 'with source-keyword policy' do
@@ -239,6 +264,14 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
 
         it { is_expected.not_to be_included }
       end
+
+      context 'when using both only and except policies' do
+        let(:attributes) do
+          { name: 'rspec', only: { refs: ["branches@#{pipeline.project_full_path}"] }, except: { refs: ["branches@#{pipeline.project_full_path}"] } }
+        end
+
+        it { is_expected.not_to be_included }
+      end
     end
 
     context 'when repository path does not matches' do
@@ -257,6 +290,14 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
 
         it { is_expected.to be_included }
       end
+
+      context 'when using both only and except policies' do
+        let(:attributes) do
+          { name: 'rspec', only: { refs: ['branches@fork'] }, except: { refs: ['branches@fork'] } }
+        end
+
+        it { is_expected.not_to be_included }
+      end
     end
   end
 end
-- 
cgit v1.2.1


From 24941101483421f2661c040be0fb7612df40d375 Mon Sep 17 00:00:00 2001
From: drew cimino <dcimino@gitlab.com>
Date: Tue, 25 Jun 2019 18:46:28 -0400
Subject: Polish for Ci::Pipeline::Seed::Build specs

---
 spec/lib/gitlab/ci/pipeline/seed/build_spec.rb | 205 +++++++++++++++++--------
 1 file changed, 143 insertions(+), 62 deletions(-)

diff --git a/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb b/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb
index 633000ec8fe..e0bff638233 100644
--- a/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Seed::Build do
@@ -5,23 +7,24 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
   let(:pipeline) { create(:ci_empty_pipeline, project: project) }
   let(:attributes) { { name: 'rspec', ref: 'master' } }
 
-  subject { described_class.new(pipeline, attributes) }
+  let(:seed_build) { described_class.new(pipeline, attributes) }
 
   describe '#attributes' do
-    it 'returns hash attributes of a build' do
-      expect(subject.attributes).to be_a Hash
-      expect(subject.attributes)
-        .to include(:name, :project, :ref)
-    end
+    subject { seed_build.attributes }
+
+    it { is_expected.to be_a(Hash) }
+    it { is_expected.to include(:name, :project, :ref) }
   end
 
   describe '#bridge?' do
+    subject { seed_build.bridge? }
+
     context 'when job is a bridge' do
       let(:attributes) do
         { name: 'rspec', ref: 'master', options: { trigger: 'my/project' } }
       end
 
-      it { is_expected.to be_bridge }
+      it { is_expected.to be_truthy }
     end
 
     context 'when trigger definition is empty' do
@@ -29,20 +32,20 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
         { name: 'rspec', ref: 'master', options: { trigger: '' } }
       end
 
-      it { is_expected.not_to be_bridge }
+      it { is_expected.to be_falsey }
     end
 
     context 'when job is not a bridge' do
-      it { is_expected.not_to be_bridge }
+      it { is_expected.to be_falsey }
     end
   end
 
   describe '#to_resource' do
+    subject { seed_build.to_resource }
+
     context 'when job is not a bridge' do
-      it 'returns a valid build resource' do
-        expect(subject.to_resource).to be_a(::Ci::Build)
-        expect(subject.to_resource).to be_valid
-      end
+      it { is_expected.to be_a(::Ci::Build) }
+      it { is_expected.to be_valid }
     end
 
     context 'when job is a bridge' do
@@ -50,49 +53,57 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
         { name: 'rspec', ref: 'master', options: { trigger: 'my/project' } }
       end
 
-      it 'returns a valid bridge resource' do
-        expect(subject.to_resource).to be_a(::Ci::Bridge)
-        expect(subject.to_resource).to be_valid
-      end
+      it { is_expected.to be_a(::Ci::Bridge) }
+      it { is_expected.to be_valid }
     end
 
     it 'memoizes a resource object' do
-      build = subject.to_resource
-
-      expect(build.object_id).to eq subject.to_resource.object_id
+      expect(subject.object_id).to eq seed_build.to_resource.object_id
     end
 
     it 'can not be persisted without explicit assignment' do
-      build = subject.to_resource
-
       pipeline.save!
 
-      expect(build).not_to be_persisted
+      expect(subject).not_to be_persisted
     end
   end
 
   describe 'applying job inclusion policies' do
+    subject { seed_build }
+
     context 'when no branch policy is specified' do
-      let(:attributes) { { name: 'rspec' } }
+      let(:attributes) do
+        { name: 'rspec' }
+      end
 
       it { is_expected.to be_included }
     end
 
     context 'when branch policy does not match' do
       context 'when using only' do
-        let(:attributes) { { name: 'rspec', only: { refs: ['deploy'] } } }
+        let(:attributes) do
+          { name: 'rspec', only: { refs: ['deploy'] } }
+        end
 
         it { is_expected.not_to be_included }
       end
 
       context 'when using except' do
-        let(:attributes) { { name: 'rspec', except: { refs: ['deploy'] } } }
+        let(:attributes) do
+          { name: 'rspec', except: { refs: ['deploy'] } }
+        end
 
         it { is_expected.to be_included }
       end
 
       context 'with both only and except policies' do
-        let(:attributes) { { name: 'rspec', only: { refs: %w(deploy) }, except: { refs: %(deploy) } } }
+        let(:attributes) do
+          {
+            name: 'rspec',
+            only: { refs: %w[deploy] },
+            except: { refs: %w[deploy] }
+          }
+        end
 
         it { is_expected.not_to be_included }
       end
@@ -100,19 +111,29 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
 
     context 'when branch regexp policy does not match' do
       context 'when using only' do
-        let(:attributes) { { name: 'rspec', only: { refs: ['/^deploy$/'] } } }
+        let(:attributes) do
+          { name: 'rspec', only: { refs: %w[/^deploy$/] } }
+        end
 
         it { is_expected.not_to be_included }
       end
 
       context 'when using except' do
-        let(:attributes) { { name: 'rspec', except: { refs: ['/^deploy$/'] } } }
+        let(:attributes) do
+          { name: 'rspec', except: { refs: %w[/^deploy$/] } }
+        end
 
         it { is_expected.to be_included }
       end
 
       context 'with both only and except policies' do
-        let(:attributes) { { name: 'rspec', only: { refs: %w(/^deploy$/) }, except: { refs: %w(/^deploy$/) } } }
+        let(:attributes) do
+          {
+            name: 'rspec',
+            only: { refs: %w[/^deploy$/] },
+            except: { refs: %w[/^deploy$/] }
+          }
+        end
 
         it { is_expected.not_to be_included }
       end
@@ -120,19 +141,29 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
 
     context 'when branch policy matches' do
       context 'when using only' do
-        let(:attributes) { { name: 'rspec', only: { refs: %w[deploy master] } } }
+        let(:attributes) do
+          { name: 'rspec', only: { refs: %w[deploy master] } }
+        end
 
         it { is_expected.to be_included }
       end
 
       context 'when using except' do
-        let(:attributes) { { name: 'rspec', except: { refs: %w[deploy master] } } }
+        let(:attributes) do
+          { name: 'rspec', except: { refs: %w[deploy master] } }
+        end
 
         it { is_expected.not_to be_included }
       end
 
       context 'when using both only and except policies' do
-        let(:attributes) { { name: 'rspec', only: { refs: %w(deploy master) }, except: { refs: %w(deploy master) } } }
+        let(:attributes) do
+          {
+            name: 'rspec',
+            only: { refs: %w[deploy master] },
+            except: { refs: %w[deploy master] }
+          }
+        end
 
         it { is_expected.not_to be_included }
       end
@@ -140,19 +171,29 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
 
     context 'when keyword policy matches' do
       context 'when using only' do
-        let(:attributes) { { name: 'rspec', only: { refs: ['branches'] } } }
+        let(:attributes) do
+          { name: 'rspec', only: { refs: %w[branches] } }
+        end
 
         it { is_expected.to be_included }
       end
 
       context 'when using except' do
-        let(:attributes) { { name: 'rspec', except: { refs: ['branches'] } } }
+        let(:attributes) do
+          { name: 'rspec', except: { refs: %w[branches] } }
+        end
 
         it { is_expected.not_to be_included }
       end
 
       context 'when using both only and except policies' do
-        let(:attributes) { { name: 'rspec', only: { refs: %w(branches) }, except: { refs: %(branches) } } }
+        let(:attributes) do
+          {
+            name: 'rspec',
+            only: { refs: %w[branches] },
+            except: { refs: %w[branches] }
+          }
+        end
 
         it { is_expected.not_to be_included }
       end
@@ -160,19 +201,29 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
 
     context 'when keyword policy does not match' do
       context 'when using only' do
-        let(:attributes) { { name: 'rspec', only: { refs: ['tags'] } } }
+        let(:attributes) do
+          { name: 'rspec', only: { refs: %w[tags] } }
+        end
 
         it { is_expected.not_to be_included }
       end
 
       context 'when using except' do
-        let(:attributes) { { name: 'rspec', except: { refs: ['tags'] } } }
+        let(:attributes) do
+          { name: 'rspec', except: { refs: %w[tags] } }
+        end
 
         it { is_expected.to be_included }
       end
 
       context 'when using both only and except policies' do
-        let(:attributes) { { name: 'rspec', only: { refs: %(tags) }, except: { refs: %(tags) } } }
+        let(:attributes) do
+          {
+            name: 'rspec',
+            only: { refs: %w[tags] },
+            except: { refs: %w[tags] }
+          }
+        end
 
         it { is_expected.not_to be_included }
       end
@@ -181,35 +232,47 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
     context 'with source-keyword policy' do
       using RSpec::Parameterized
 
-      let(:pipeline) { build(:ci_empty_pipeline, ref: 'deploy', tag: false, source: source) }
+      let(:pipeline) do
+        create(:ci_empty_pipeline, ref: 'deploy', tag: false, source: source)
+      end
 
       context 'matches' do
         where(:keyword, :source) do
           [
-            %w(pushes push),
-            %w(web web),
-            %w(triggers trigger),
-            %w(schedules schedule),
-            %w(api api),
-            %w(external external)
+            %w[pushes push],
+            %w[web web],
+            %w[triggers trigger],
+            %w[schedules schedule],
+            %w[api api],
+            %w[external external]
           ]
         end
 
         with_them do
           context 'using an only policy' do
-            let(:attributes) { { name: 'rspec', only: { refs: [keyword] } } }
+            let(:attributes) do
+              { name: 'rspec', only: { refs: [keyword] } }
+            end
 
             it { is_expected.to be_included }
           end
 
           context 'using an except policy' do
-            let(:attributes) { { name: 'rspec', except: { refs: [keyword] } } }
+            let(:attributes) do
+              { name: 'rspec', except: { refs: [keyword] } }
+            end
 
             it { is_expected.not_to be_included }
           end
 
           context 'using both only and except policies' do
-            let(:attributes) { { name: 'rspec', only: { refs: [keyword] }, except: { refs: [keyword] } } }
+            let(:attributes) do
+              {
+                name: 'rspec',
+                only: { refs: [keyword] },
+                except: { refs: [keyword] }
+              }
+            end
 
             it { is_expected.not_to be_included }
           end
@@ -218,29 +281,39 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
 
       context 'non-matches' do
         where(:keyword, :source) do
-          %w(web trigger schedule api external).map { |source| ['pushes', source] } +
-          %w(push trigger schedule api external).map { |source| ['web', source] } +
-          %w(push web schedule api external).map { |source| ['triggers', source] } +
-          %w(push web trigger api external).map { |source| ['schedules', source] } +
-          %w(push web trigger schedule external).map { |source| ['api', source] } +
-          %w(push web trigger schedule api).map { |source| ['external', source] }
+          %w[web trigger schedule api external].map  { |source| ['pushes', source] } +
+          %w[push trigger schedule api external].map { |source| ['web', source] } +
+          %w[push web schedule api external].map { |source| ['triggers', source] } +
+          %w[push web trigger api external].map { |source| ['schedules', source] } +
+          %w[push web trigger schedule external].map { |source| ['api', source] } +
+          %w[push web trigger schedule api].map { |source| ['external', source] }
         end
 
         with_them do
           context 'using an only policy' do
-            let(:attributes) { { name: 'rspec', only: { refs: [keyword] } } }
+            let(:attributes) do
+              { name: 'rspec', only: { refs: [keyword] } }
+            end
 
             it { is_expected.not_to be_included }
           end
 
           context 'using an except policy' do
-            let(:attributes) { { name: 'rspec', except: { refs: [keyword] } } }
+            let(:attributes) do
+              { name: 'rspec', except: { refs: [keyword] } }
+            end
 
             it { is_expected.to be_included }
           end
 
           context 'using both only and except policies' do
-            let(:attributes) { { name: 'rspec', only: { refs: [keyword] }, except: { refs: [keyword] } } }
+            let(:attributes) do
+              {
+                name: 'rspec',
+                only: { refs: [keyword] },
+                except: { refs: [keyword] }
+              }
+            end
 
             it { is_expected.not_to be_included }
           end
@@ -267,7 +340,11 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
 
       context 'when using both only and except policies' do
         let(:attributes) do
-          { name: 'rspec', only: { refs: ["branches@#{pipeline.project_full_path}"] }, except: { refs: ["branches@#{pipeline.project_full_path}"] } }
+          {
+            name: 'rspec',
+            only: { refs: ["branches@#{pipeline.project_full_path}"] },
+            except: { refs: ["branches@#{pipeline.project_full_path}"] }
+          }
         end
 
         it { is_expected.not_to be_included }
@@ -277,7 +354,7 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
     context 'when repository path does not matches' do
       context 'when using only' do
         let(:attributes) do
-          { name: 'rspec', only: { refs: ['branches@fork'] } }
+          { name: 'rspec', only: { refs: %w[branches@fork] } }
         end
 
         it { is_expected.not_to be_included }
@@ -285,7 +362,7 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
 
       context 'when using except' do
         let(:attributes) do
-          { name: 'rspec', except: { refs: ['branches@fork'] } }
+          { name: 'rspec', except: { refs: %w[branches@fork] } }
         end
 
         it { is_expected.to be_included }
@@ -293,7 +370,11 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
 
       context 'when using both only and except policies' do
         let(:attributes) do
-          { name: 'rspec', only: { refs: ['branches@fork'] }, except: { refs: ['branches@fork'] } }
+          {
+            name: 'rspec',
+            only: { refs: %w[branches@fork] },
+            except: { refs: %w[branches@fork] }
+          }
         end
 
         it { is_expected.not_to be_included }
-- 
cgit v1.2.1


From 20ad0cb330ab972fd840c4e188d29f6caaa0e43e Mon Sep 17 00:00:00 2001
From: Matej Latin <mlatin@gitlab.com>
Date: Thu, 27 Jun 2019 11:23:08 +0000
Subject: Removes the warning style from the paragraph

In U2F device message, removes warning style
---
 app/views/u2f/_register.html.haml                                    | 2 +-
 .../unreleased/61776-fixing-the-U2F-warning-message-text-colour.yml  | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/61776-fixing-the-U2F-warning-message-text-colour.yml

diff --git a/app/views/u2f/_register.html.haml b/app/views/u2f/_register.html.haml
index f6724f72307..ef3835332a7 100644
--- a/app/views/u2f/_register.html.haml
+++ b/app/views/u2f/_register.html.haml
@@ -16,7 +16,7 @@
       .col-md-4
         %button#js-setup-u2f-device.btn.btn-info.btn-block{ disabled: true }= _("Set up new U2F device")
       .col-md-8
-        %p.text-warning= _("You need to register a two-factor authentication app before you can set up a U2F device.")
+        %p= _("You need to register a two-factor authentication app before you can set up a U2F device.")
 
 %script#js-register-u2f-in-progress{ type: "text/template" }
   %p= _("Trying to communicate with your device. Plug it in (if you haven't already) and press the button on the device now.")
diff --git a/changelogs/unreleased/61776-fixing-the-U2F-warning-message-text-colour.yml b/changelogs/unreleased/61776-fixing-the-U2F-warning-message-text-colour.yml
new file mode 100644
index 00000000000..988eb77db12
--- /dev/null
+++ b/changelogs/unreleased/61776-fixing-the-U2F-warning-message-text-colour.yml
@@ -0,0 +1,5 @@
+---
+title: Remove the warning style from the U2F device message in user settings > account
+merge_request: 30119
+author: matejlatin
+type: other
-- 
cgit v1.2.1


From a8a7d70558d02e86eab3767dff5ba0ad59225303 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 12 Jul 2019 10:48:38 -0700
Subject: Add a link from the permissions table to the subgroups/creating a
 subgroup section

---
 doc/user/permissions.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index d496bc39f9a..e9b61b9c995 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -209,14 +209,15 @@ group.
 | Create project in group                         |       |          | ✓         | ✓          | ✓     |
 | Create/edit/delete group milestones             |       |          | ✓         | ✓          | ✓     |
 | Enable/disable a dependency proxy **[PREMIUM]** |       |          | ✓         | ✓          | ✓     |
-| Create subgroup                                 |       |          |           | ✓ (1)        | ✓     |
+| Create subgroup                                 |       |          |           | ✓ (1)      | ✓     |
 | Edit group                                      |       |          |           |            | ✓     |
 | Manage group members                            |       |          |           |            | ✓     |
 | Remove group                                    |       |          |           |            | ✓     |
 | Delete group epic **(ULTIMATE)**                |       |          |           |            | ✓     |
 | View group Audit Events                         |       |          |           |            | ✓     |
 
-- (1): Groups can be set to allow either Owners or Owners and Maintainers to create subgroups
+- (1): Groups can be set to [allow either Owners or Owners and
+  Maintainers to create subgroups](group/subgroups/index.md#creating-a-subgroup)
 
 ### Subgroup permissions
 
-- 
cgit v1.2.1


From 3d171dc27163274b181fc0481065c681abae3186 Mon Sep 17 00:00:00 2001
From: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Date: Mon, 15 Jul 2019 09:26:18 +0300
Subject: Remove old ignore_column in AR models

Next models are affected:
* Project
* Namespace
* Issue
* Merge request
* CI Trigger
* CI Pipeline schedule

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
---
 app/models/ci/pipeline_schedule.rb | 3 ---
 app/models/ci/trigger.rb           | 3 ---
 app/models/issue.rb                | 3 ---
 app/models/merge_request.rb        | 5 -----
 app/models/namespace.rb            | 3 ---
 app/models/project.rb              | 3 ---
 6 files changed, 20 deletions(-)

diff --git a/app/models/ci/pipeline_schedule.rb b/app/models/ci/pipeline_schedule.rb
index ba8cea0cea9..42d4e86fe8d 100644
--- a/app/models/ci/pipeline_schedule.rb
+++ b/app/models/ci/pipeline_schedule.rb
@@ -4,11 +4,8 @@ module Ci
   class PipelineSchedule < ApplicationRecord
     extend Gitlab::Ci::Model
     include Importable
-    include IgnorableColumn
     include StripAttribute
 
-    ignore_column :deleted_at
-
     belongs_to :project
     belongs_to :owner, class_name: 'User'
     has_one :last_pipeline, -> { order(id: :desc) }, class_name: 'Ci::Pipeline'
diff --git a/app/models/ci/trigger.rb b/app/models/ci/trigger.rb
index 8927bb9bc18..c7bfb9900c4 100644
--- a/app/models/ci/trigger.rb
+++ b/app/models/ci/trigger.rb
@@ -3,11 +3,8 @@
 module Ci
   class Trigger < ApplicationRecord
     extend Gitlab::Ci::Model
-    include IgnorableColumn
     include Presentable
 
-    ignore_column :deleted_at
-
     belongs_to :project
     belongs_to :owner, class_name: "User"
 
diff --git a/app/models/issue.rb b/app/models/issue.rb
index 982a94315bd..12d30389910 100644
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -13,11 +13,8 @@ class Issue < ApplicationRecord
   include RelativePositioning
   include TimeTrackable
   include ThrottledTouch
-  include IgnorableColumn
   include LabelEventable
 
-  ignore_column :assignee_id, :branch_name, :deleted_at
-
   DueDateStruct                   = Struct.new(:title, :name).freeze
   NoDueDate                       = DueDateStruct.new('No Due Date', '0').freeze
   AnyDueDate                      = DueDateStruct.new('Any Due Date', '').freeze
diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb
index 53977748c30..34dca665852 100644
--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -7,7 +7,6 @@ class MergeRequest < ApplicationRecord
   include Noteable
   include Referable
   include Presentable
-  include IgnorableColumn
   include TimeTrackable
   include ManualInverseAssociation
   include EachBatch
@@ -24,10 +23,6 @@ class MergeRequest < ApplicationRecord
 
   SORTING_PREFERENCE_FIELD = :merge_requests_sort
 
-  ignore_column :locked_at,
-                :ref_fetched,
-                :deleted_at
-
   belongs_to :target_project, class_name: "Project"
   belongs_to :source_project, class_name: "Project"
   belongs_to :merge_user, class_name: "User"
diff --git a/app/models/namespace.rb b/app/models/namespace.rb
index 1d95590bac9..3ed4bf8e64a 100644
--- a/app/models/namespace.rb
+++ b/app/models/namespace.rb
@@ -8,13 +8,10 @@ class Namespace < ApplicationRecord
   include AfterCommitQueue
   include Storage::LegacyNamespace
   include Gitlab::SQL::Pattern
-  include IgnorableColumn
   include FeatureGate
   include FromUnion
   include Gitlab::Utils::StrongMemoize
 
-  ignore_column :deleted_at
-
   # Prevent users from creating unreasonably deep level of nesting.
   # The number 20 was taken based on maximum nesting level of
   # Android repo (15) + some extra backup.
diff --git a/app/models/project.rb b/app/models/project.rb
index f6f7d373f91..2906aca75fc 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -31,7 +31,6 @@ class Project < ApplicationRecord
   include FeatureGate
   include OptionallySearch
   include FromUnion
-  include IgnorableColumn
   extend Gitlab::Cache::RequestCache
 
   extend Gitlab::ConfigHelper
@@ -56,8 +55,6 @@ class Project < ApplicationRecord
   VALID_MIRROR_PORTS = [22, 80, 443].freeze
   VALID_MIRROR_PROTOCOLS = %w(http https ssh git).freeze
 
-  ignore_column :import_status, :import_jid, :import_error
-
   cache_markdown_field :description, pipeline: :description
 
   delegate :feature_available?, :builds_enabled?, :wiki_enabled?,
-- 
cgit v1.2.1


From f5c1cd489834e824c83f2ae909cd0dd41fb95dab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Francisco=20Javier=20L=C3=B3pez?= <fjlopez@gitlab.com>
Date: Tue, 2 Jul 2019 18:38:23 +0200
Subject: Fix Server Side Request Forgery mitigation bypass

When we can't resolve the hostname or it is invalid, we shouldn't
even perform the request. This fix also fixes the problem the
SSRF rebinding attack.

We can't stub feature flags outside example blocks. Nevertheless,
there are some actions that calls the UrlBlocker, that are performed
outside example blocks, ie: `set` instruction.

That's why we have to use some signalign mechanism outside the scope
of the specs.
---
 changelogs/unreleased/security-dns-ssrf-bypass.yml |  5 +++
 lib/gitlab/url_blocker.rb                          | 13 ++++++-
 spec/lib/gitlab/url_blocker_spec.rb                | 44 ++++++++++++++++------
 spec/spec_helper.rb                                |  1 +
 4 files changed, 49 insertions(+), 14 deletions(-)
 create mode 100644 changelogs/unreleased/security-dns-ssrf-bypass.yml

diff --git a/changelogs/unreleased/security-dns-ssrf-bypass.yml b/changelogs/unreleased/security-dns-ssrf-bypass.yml
new file mode 100644
index 00000000000..e48696ce5bd
--- /dev/null
+++ b/changelogs/unreleased/security-dns-ssrf-bypass.yml
@@ -0,0 +1,5 @@
+---
+title: Fix Server Side Request Forgery mitigation bypass
+merge_request:
+author:
+type: security
diff --git a/lib/gitlab/url_blocker.rb b/lib/gitlab/url_blocker.rb
index f6b2e2acf16..cc937cbb3cf 100644
--- a/lib/gitlab/url_blocker.rb
+++ b/lib/gitlab/url_blocker.rb
@@ -85,9 +85,9 @@ module Gitlab
       # we'll be making the request to the IP address, instead of using the hostname.
       def enforce_uri_hostname(addrs_info, uri, hostname, dns_rebind_protection)
         address = addrs_info.first
-        ip_address = address&.ip_address
+        ip_address = address.ip_address
 
-        return [uri, nil] unless dns_rebind_protection && ip_address && ip_address != hostname
+        return [uri, nil] unless dns_rebind_protection && ip_address != hostname
 
         uri = uri.dup
         uri.hostname = ip_address
@@ -111,6 +111,15 @@ module Gitlab
           addr.ipv6_v4mapped? ? addr.ipv6_to_ipv4 : addr
         end
       rescue SocketError
+        # In the test suite we use a lot of mocked urls that are either invalid or
+        # don't exist. In order to avoid modifying a ton of tests and factories
+        # we allow invalid urls unless the environment variable RSPEC_ALLOW_INVALID_URLS
+        # is not true
+        return if Rails.env.test? && ENV['RSPEC_ALLOW_INVALID_URLS'] == 'true'
+
+        # If the addr can't be resolved or the url is invalid (i.e http://1.1.1.1.1)
+        # we block the url
+        raise BlockedUrlError, "Host cannot be resolved or invalid"
       end
 
       def validate_local_request(address_info:, allow_localhost:, allow_local_network:)
diff --git a/spec/lib/gitlab/url_blocker_spec.rb b/spec/lib/gitlab/url_blocker_spec.rb
index f8b0cbfb6f6..0fab890978a 100644
--- a/spec/lib/gitlab/url_blocker_spec.rb
+++ b/spec/lib/gitlab/url_blocker_spec.rb
@@ -68,6 +68,16 @@ describe Gitlab::UrlBlocker do
           expect(uri).to eq(Addressable::URI.parse('https://example.org'))
           expect(hostname).to eq(nil)
         end
+
+        context 'when it cannot be resolved' do
+          let(:import_url) { 'http://foobar.x' }
+
+          it 'raises error' do
+            stub_env('RSPEC_ALLOW_INVALID_URLS', 'false')
+
+            expect { described_class.validate!(import_url) }.to raise_error(described_class::BlockedUrlError)
+          end
+        end
       end
 
       context 'when the URL hostname is an IP address' do
@@ -79,6 +89,16 @@ describe Gitlab::UrlBlocker do
           expect(uri).to eq(Addressable::URI.parse('https://93.184.216.34'))
           expect(hostname).to be(nil)
         end
+
+        context 'when it is invalid' do
+          let(:import_url) { 'http://1.1.1.1.1' }
+
+          it 'raises an error' do
+            stub_env('RSPEC_ALLOW_INVALID_URLS', 'false')
+
+            expect { described_class.validate!(import_url) }.to raise_error(described_class::BlockedUrlError)
+          end
+        end
       end
     end
   end
@@ -180,8 +200,6 @@ describe Gitlab::UrlBlocker do
     end
 
     it 'returns true for a non-alphanumeric hostname' do
-      stub_resolv
-
       aggregate_failures do
         expect(described_class).to be_blocked_url('ssh://-oProxyCommand=whoami/a')
 
@@ -300,10 +318,6 @@ describe Gitlab::UrlBlocker do
     end
 
     context 'when enforce_user is' do
-      before do
-        stub_resolv
-      end
-
       context 'false (default)' do
         it 'does not block urls with a non-alphanumeric username' do
           expect(described_class).not_to be_blocked_url('ssh://-oProxyCommand=whoami@example.com/a')
@@ -351,6 +365,18 @@ describe Gitlab::UrlBlocker do
         expect(described_class.blocked_url?('https://git‌lab.com/foo/foo.bar', ascii_only: true)).to be true
       end
     end
+
+    it 'blocks urls with invalid ip address' do
+      stub_env('RSPEC_ALLOW_INVALID_URLS', 'false')
+
+      expect(described_class).to be_blocked_url('http://8.8.8.8.8')
+    end
+
+    it 'blocks urls whose hostname cannot be resolved' do
+      stub_env('RSPEC_ALLOW_INVALID_URLS', 'false')
+
+      expect(described_class).to be_blocked_url('http://foobar.x')
+    end
   end
 
   describe '#validate_hostname' do
@@ -382,10 +408,4 @@ describe Gitlab::UrlBlocker do
       end
     end
   end
-
-  # Resolv does not support resolving UTF-8 domain names
-  # See https://bugs.ruby-lang.org/issues/4270
-  def stub_resolv
-    allow(Resolv).to receive(:getaddresses).and_return([])
-  end
 end
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 95e0d8858b9..089dbc09aa3 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -3,6 +3,7 @@ SimpleCovEnv.start!
 
 ENV["RAILS_ENV"] = 'test'
 ENV["IN_MEMORY_APPLICATION_SETTINGS"] = 'true'
+ENV["RSPEC_ALLOW_INVALID_URLS"] = 'true'
 
 require File.expand_path('../config/environment', __dir__)
 require 'rspec/rails'
-- 
cgit v1.2.1


From 25cc54cacd4eb8f997dba2290e9d09818bd6a269 Mon Sep 17 00:00:00 2001
From: Grzegorz Bizon <grzesiek.bizon@gmail.com>
Date: Mon, 15 Jul 2019 14:55:59 +0200
Subject: Deploy serverless apps with `gitlabktl`

---
 lib/gitlab/ci/templates/Serverless.gitlab-ci.yml | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/lib/gitlab/ci/templates/Serverless.gitlab-ci.yml b/lib/gitlab/ci/templates/Serverless.gitlab-ci.yml
index a3db2705bf6..280e75d46f5 100644
--- a/lib/gitlab/ci/templates/Serverless.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Serverless.gitlab-ci.yml
@@ -8,26 +8,23 @@ stages:
   - deploy
 
 .serverless:build:image:
-  stage: build
   image: registry.gitlab.com/gitlab-org/gitlabktl:latest
+  stage: build
   script: /usr/bin/gitlabktl app build
 
 .serverless:deploy:image:
+  image: registry.gitlab.com/gitlab-org/gitlabktl:latest
   stage: deploy
-  image: gcr.io/triggermesh/tm@sha256:3cfdd470a66b741004fb02354319d79f1598c70117ce79978d2e07e192bfb336  # v0.0.11
   environment: development
-  script:
-    - echo "$CI_REGISTRY_IMAGE"
-    - tm -n "$KUBE_NAMESPACE" --config "$KUBECONFIG" deploy service "$CI_PROJECT_NAME" --from-image "$CI_REGISTRY_IMAGE" --wait
+  script: /usr/bin/gitlabktl app deploy
 
 .serverless:build:functions:
-  stage: build
-  environment: development
   image: registry.gitlab.com/gitlab-org/gitlabktl:latest
+  stage: build
   script: /usr/bin/gitlabktl serverless build
 
 .serverless:deploy:functions:
+  image: registry.gitlab.com/gitlab-org/gitlabktl:latest
   stage: deploy
   environment: development
-  image: registry.gitlab.com/gitlab-org/gitlabktl:latest
   script: /usr/bin/gitlabktl serverless deploy
-- 
cgit v1.2.1


From beaa63530669d10c7244d187fa386144bc5da7eb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ma=C5=82gorzata=20Ksionek?= <mksionek@gitlab.com>
Date: Thu, 4 Jul 2019 16:42:31 +0200
Subject: Add class for group level analytics

Add specs for group level

Update entities

Update base classes

Add groups-centric changes

Update plan and review stage

Add summary classes

Add summary spec

Update specs files

Add to specs test cases for group

Add changelog entry

Add group serializer

Fix typo

Fix typo

Add fetching namespace in sql query

Update specs

Add rubocop fix

Add rubocop fix

Modify method to be in sync with code review

Add counting deploys from subgroup

To group summary stage

Add subgroups handling

In group stage summary

Add additional spec

Add additional specs

Add more precise inheritance

Add attr reader to group level

Fix rubocop offence

Fix problems with specs

Add cr remarks

Renaming median method and a lot of calls in specs

Move spec setup

Rename method in specs

Add code review remarks regarding module

Add proper module name
---
 app/models/cycle_analytics/base.rb                 | 27 -------
 app/models/cycle_analytics/base_methods.rb         | 27 +++++++
 app/models/cycle_analytics/group_level.rb          | 30 +++++++
 app/models/cycle_analytics/project_level.rb        |  5 +-
 app/serializers/analytics_issue_entity.rb          |  6 +-
 app/serializers/analytics_merge_request_entity.rb  |  2 +-
 app/serializers/analytics_stage_entity.rb          |  4 +-
 app/serializers/group_analytics_stage_entity.rb    | 16 ++++
 .../group_analytics_stage_serializer.rb            |  5 ++
 .../adjust-cycle-analytics-to-group-level.yml      |  5 ++
 lib/gitlab/cycle_analytics/base_event_fetcher.rb   | 21 +++--
 lib/gitlab/cycle_analytics/base_query.rb           | 14 +++-
 lib/gitlab/cycle_analytics/base_stage.rb           | 24 ++++--
 lib/gitlab/cycle_analytics/code_event_fetcher.rb   |  6 +-
 lib/gitlab/cycle_analytics/group_stage_summary.rb  | 24 ++++++
 lib/gitlab/cycle_analytics/issue_event_fetcher.rb  |  6 +-
 lib/gitlab/cycle_analytics/issue_helper.rb         |  3 +
 lib/gitlab/cycle_analytics/metrics_tables.rb       |  8 ++
 lib/gitlab/cycle_analytics/permissions.rb          |  2 +-
 lib/gitlab/cycle_analytics/plan_event_fetcher.rb   |  6 +-
 lib/gitlab/cycle_analytics/plan_helper.rb          | 13 ++-
 .../cycle_analytics/production_event_fetcher.rb    |  6 +-
 lib/gitlab/cycle_analytics/review_event_fetcher.rb |  6 +-
 lib/gitlab/cycle_analytics/summary/group/base.rb   | 24 ++++++
 lib/gitlab/cycle_analytics/summary/group/deploy.rb | 29 +++++++
 lib/gitlab/cycle_analytics/summary/group/issue.rb  | 25 ++++++
 .../cycle_analytics/base_event_fetcher_spec.rb     |  6 +-
 spec/lib/gitlab/cycle_analytics/code_stage_spec.rb | 94 +++++++++++++++++++---
 .../cycle_analytics/group_stage_summary_spec.rb    | 65 +++++++++++++++
 .../lib/gitlab/cycle_analytics/issue_stage_spec.rb | 75 +++++++++++++++--
 spec/lib/gitlab/cycle_analytics/plan_stage_spec.rb | 74 ++++++++++++++++-
 .../gitlab/cycle_analytics/review_stage_spec.rb    | 61 +++++++++++---
 .../gitlab/cycle_analytics/shared_event_spec.rb    |  2 +-
 .../gitlab/cycle_analytics/shared_stage_spec.rb    |  4 +-
 .../gitlab/cycle_analytics/staging_stage_spec.rb   | 64 ++++++++++++---
 spec/lib/gitlab/cycle_analytics/usage_data_spec.rb |  2 +-
 spec/models/cycle_analytics/code_spec.rb           |  4 +-
 spec/models/cycle_analytics/group_level_spec.rb    | 46 +++++++++++
 spec/models/cycle_analytics/issue_spec.rb          |  2 +-
 spec/models/cycle_analytics/plan_spec.rb           |  2 +-
 spec/models/cycle_analytics/production_spec.rb     |  4 +-
 spec/models/cycle_analytics/project_level_spec.rb  |  2 +-
 spec/models/cycle_analytics/review_spec.rb         |  2 +-
 spec/models/cycle_analytics/staging_spec.rb        |  4 +-
 spec/models/cycle_analytics/test_spec.rb           |  8 +-
 spec/serializers/analytics_issue_entity_spec.rb    |  6 +-
 .../serializers/analytics_issue_serializer_spec.rb |  6 +-
 .../analytics_merge_request_serializer_spec.rb     |  6 +-
 .../serializers/analytics_stage_serializer_spec.rb | 10 +--
 .../cycle_analytics_helpers/test_generation.rb     | 12 +--
 50 files changed, 768 insertions(+), 137 deletions(-)
 delete mode 100644 app/models/cycle_analytics/base.rb
 create mode 100644 app/models/cycle_analytics/base_methods.rb
 create mode 100644 app/models/cycle_analytics/group_level.rb
 create mode 100644 app/serializers/group_analytics_stage_entity.rb
 create mode 100644 app/serializers/group_analytics_stage_serializer.rb
 create mode 100644 changelogs/unreleased/adjust-cycle-analytics-to-group-level.yml
 create mode 100644 lib/gitlab/cycle_analytics/group_stage_summary.rb
 create mode 100644 lib/gitlab/cycle_analytics/summary/group/base.rb
 create mode 100644 lib/gitlab/cycle_analytics/summary/group/deploy.rb
 create mode 100644 lib/gitlab/cycle_analytics/summary/group/issue.rb
 create mode 100644 spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
 create mode 100644 spec/models/cycle_analytics/group_level_spec.rb

diff --git a/app/models/cycle_analytics/base.rb b/app/models/cycle_analytics/base.rb
deleted file mode 100644
index d7b28cd1b67..00000000000
--- a/app/models/cycle_analytics/base.rb
+++ /dev/null
@@ -1,27 +0,0 @@
-# frozen_string_literal: true
-
-module CycleAnalytics
-  class Base
-    STAGES = %i[issue plan code test review staging production].freeze
-
-    def all_medians_by_stage
-      STAGES.each_with_object({}) do |stage_name, medians_per_stage|
-        medians_per_stage[stage_name] = self[stage_name].median
-      end
-    end
-
-    def stats
-      @stats ||= STAGES.map do |stage_name|
-        self[stage_name].as_json
-      end
-    end
-
-    def no_stats?
-      stats.all? { |hash| hash[:value].nil? }
-    end
-
-    def [](stage_name)
-      Gitlab::CycleAnalytics::Stage[stage_name].new(project: @project, options: @options)
-    end
-  end
-end
diff --git a/app/models/cycle_analytics/base_methods.rb b/app/models/cycle_analytics/base_methods.rb
new file mode 100644
index 00000000000..1c2a0854769
--- /dev/null
+++ b/app/models/cycle_analytics/base_methods.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module CycleAnalytics
+  module BaseMethods
+    STAGES = %i[issue plan code test review staging production].freeze
+
+    def all_medians_by_stage
+      STAGES.each_with_object({}) do |stage_name, medians_per_stage|
+        medians_per_stage[stage_name] = self[stage_name].project_median
+      end
+    end
+
+    def stats
+      @stats ||= STAGES.map do |stage_name|
+        self[stage_name].as_json
+      end
+    end
+
+    def no_stats?
+      stats.all? { |hash| hash[:value].nil? }
+    end
+
+    def [](stage_name)
+      Gitlab::CycleAnalytics::Stage[stage_name].new(options: options)
+    end
+  end
+end
diff --git a/app/models/cycle_analytics/group_level.rb b/app/models/cycle_analytics/group_level.rb
new file mode 100644
index 00000000000..58bd2eb0d9a
--- /dev/null
+++ b/app/models/cycle_analytics/group_level.rb
@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module CycleAnalytics
+  class GroupLevel
+    include BaseMethods
+    attr_reader :options
+
+    def initialize(options:)
+      @options = options
+    end
+
+    def summary
+      @summary ||= ::Gitlab::CycleAnalytics::GroupStageSummary.new(options[:group],
+                                                              from: options[:from],
+                                                              current_user: options[:current_user]).data
+    end
+
+    def permissions(user: nil)
+      STAGES.each_with_object({}) do |stage, obj|
+        obj[stage] = true
+      end
+    end
+
+    def stats
+      @stats ||= STAGES.map do |stage_name|
+        self[stage_name].as_json(serializer: GroupAnalyticsStageSerializer)
+      end
+    end
+  end
+end
diff --git a/app/models/cycle_analytics/project_level.rb b/app/models/cycle_analytics/project_level.rb
index 22631cc7d41..abe1be11eae 100644
--- a/app/models/cycle_analytics/project_level.rb
+++ b/app/models/cycle_analytics/project_level.rb
@@ -1,12 +1,13 @@
 # frozen_string_literal: true
 
 module CycleAnalytics
-  class ProjectLevel < Base
+  class ProjectLevel
+    include BaseMethods
     attr_reader :project, :options
 
     def initialize(project, options:)
       @project = project
-      @options = options
+      @options = options.merge(project: project)
     end
 
     def summary
diff --git a/app/serializers/analytics_issue_entity.rb b/app/serializers/analytics_issue_entity.rb
index ab15bd0ac7a..29d4a6ae1d0 100644
--- a/app/serializers/analytics_issue_entity.rb
+++ b/app/serializers/analytics_issue_entity.rb
@@ -20,12 +20,12 @@ class AnalyticsIssueEntity < Grape::Entity
   end
 
   expose :url do |object|
-    url_to(:namespace_project_issue, id: object[:iid].to_s)
+    url_to(:namespace_project_issue, object)
   end
 
   private
 
-  def url_to(route, id)
-    public_send("#{route}_url", request.project.namespace, request.project, id) # rubocop:disable GitlabSecurity/PublicSend
+  def url_to(route, object)
+    public_send("#{route}_url", object[:path], object[:name], object[:iid].to_s) # rubocop:disable GitlabSecurity/PublicSend
   end
 end
diff --git a/app/serializers/analytics_merge_request_entity.rb b/app/serializers/analytics_merge_request_entity.rb
index b7134da9461..21d7eeb81b0 100644
--- a/app/serializers/analytics_merge_request_entity.rb
+++ b/app/serializers/analytics_merge_request_entity.rb
@@ -4,6 +4,6 @@ class AnalyticsMergeRequestEntity < AnalyticsIssueEntity
   expose :state
 
   expose :url do |object|
-    url_to(:namespace_project_merge_request, id: object[:iid].to_s)
+    url_to(:namespace_project_merge_request, object)
   end
 end
diff --git a/app/serializers/analytics_stage_entity.rb b/app/serializers/analytics_stage_entity.rb
index 8bc6da5aeeb..eb38b90fb18 100644
--- a/app/serializers/analytics_stage_entity.rb
+++ b/app/serializers/analytics_stage_entity.rb
@@ -8,9 +8,9 @@ class AnalyticsStageEntity < Grape::Entity
   expose :legend
   expose :description
 
-  expose :median, as: :value do |stage|
+  expose :project_median, as: :value do |stage|
     # median returns a BatchLoader instance which we first have to unwrap by using to_f
     # we use to_f to make sure results below 1 are presented to the end-user
-    stage.median.to_f.nonzero? ? distance_of_time_in_words(stage.median) : nil
+    stage.project_median.to_f.nonzero? ? distance_of_time_in_words(stage.project_median) : nil
   end
 end
diff --git a/app/serializers/group_analytics_stage_entity.rb b/app/serializers/group_analytics_stage_entity.rb
new file mode 100644
index 00000000000..019a3086f68
--- /dev/null
+++ b/app/serializers/group_analytics_stage_entity.rb
@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+class GroupAnalyticsStageEntity < Grape::Entity
+  include EntityDateHelper
+
+  expose :title
+  expose :name
+  expose :legend
+  expose :description
+
+  expose :group_median, as: :value do |stage|
+    # median returns a BatchLoader instance which we first have to unwrap by using to_f
+    # we use to_f to make sure results below 1 are presented to the end-user
+    stage.group_median.to_f.nonzero? ? distance_of_time_in_words(stage.group_median) : nil
+  end
+end
diff --git a/app/serializers/group_analytics_stage_serializer.rb b/app/serializers/group_analytics_stage_serializer.rb
new file mode 100644
index 00000000000..ec448dea602
--- /dev/null
+++ b/app/serializers/group_analytics_stage_serializer.rb
@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class GroupAnalyticsStageSerializer < BaseSerializer
+  entity GroupAnalyticsStageEntity
+end
diff --git a/changelogs/unreleased/adjust-cycle-analytics-to-group-level.yml b/changelogs/unreleased/adjust-cycle-analytics-to-group-level.yml
new file mode 100644
index 00000000000..49f558a6c9c
--- /dev/null
+++ b/changelogs/unreleased/adjust-cycle-analytics-to-group-level.yml
@@ -0,0 +1,5 @@
+---
+title: Adjust cycle analytics to group level
+merge_request: 30391
+author:
+type: added
diff --git a/lib/gitlab/cycle_analytics/base_event_fetcher.rb b/lib/gitlab/cycle_analytics/base_event_fetcher.rb
index 0cacef5b278..96aa799e864 100644
--- a/lib/gitlab/cycle_analytics/base_event_fetcher.rb
+++ b/lib/gitlab/cycle_analytics/base_event_fetcher.rb
@@ -5,12 +5,11 @@ module Gitlab
     class BaseEventFetcher
       include BaseQuery
 
-      attr_reader :projections, :query, :stage, :order, :project, :options
+      attr_reader :projections, :query, :stage, :order, :options
 
       MAX_EVENTS = 50
 
-      def initialize(project: nil, stage:, options:)
-        @project = project
+      def initialize(stage:, options:)
         @stage = stage
         @options = options
       end
@@ -68,11 +67,23 @@ module Gitlab
       end
 
       def allowed_ids_source
-        { project_id: project.id }
+        group ? { group_id: group.id, include_subgroups: true } : { project_id: project.id }
+      end
+
+      def serialization_context
+        {}
       end
 
       def projects
-        [project]
+        group ? Project.inside_path(group.full_path) : [project]
+      end
+
+      def group
+        @group ||= options.fetch(:group, nil)
+      end
+
+      def project
+        @project ||= options.fetch(:project, nil)
       end
     end
   end
diff --git a/lib/gitlab/cycle_analytics/base_query.rb b/lib/gitlab/cycle_analytics/base_query.rb
index 39fc1759cfc..9c98c0bfbf2 100644
--- a/lib/gitlab/cycle_analytics/base_query.rb
+++ b/lib/gitlab/cycle_analytics/base_query.rb
@@ -16,17 +16,25 @@ module Gitlab
       def stage_query(project_ids)
         query = mr_closing_issues_table.join(issue_table).on(issue_table[:id].eq(mr_closing_issues_table[:issue_id]))
           .join(issue_metrics_table).on(issue_table[:id].eq(issue_metrics_table[:issue_id]))
+          .join(projects_table).on(issue_table[:project_id].eq(projects_table[:id]))
+          .join(routes_table).on(projects_table[:namespace_id].eq(routes_table[:source_id]))
           .project(issue_table[:project_id].as("project_id"))
           .where(issue_table[:project_id].in(project_ids))
+          .where(routes_table[:source_type].eq('Namespace'))
           .where(issue_table[:created_at].gteq(options[:from]))
 
         # Load merge_requests
-        query = query.join(mr_table, Arel::Nodes::OuterJoin)
+
+        query = load_merge_requests(query)
+
+        query
+      end
+
+      def load_merge_requests(query)
+        query.join(mr_table, Arel::Nodes::OuterJoin)
           .on(mr_table[:id].eq(mr_closing_issues_table[:merge_request_id]))
           .join(mr_metrics_table)
           .on(mr_table[:id].eq(mr_metrics_table[:merge_request_id]))
-
-        query
       end
     end
   end
diff --git a/lib/gitlab/cycle_analytics/base_stage.rb b/lib/gitlab/cycle_analytics/base_stage.rb
index 98b86e54340..678a891e941 100644
--- a/lib/gitlab/cycle_analytics/base_stage.rb
+++ b/lib/gitlab/cycle_analytics/base_stage.rb
@@ -5,10 +5,9 @@ module Gitlab
     class BaseStage
       include BaseQuery
 
-      attr_reader :project, :options
+      attr_reader :options
 
-      def initialize(project: nil, options:)
-        @project = project
+      def initialize(options:)
         @options = options
       end
 
@@ -24,7 +23,7 @@ module Gitlab
         raise NotImplementedError.new("Expected #{self.name} to implement title")
       end
 
-      def median
+      def project_median
         return if project.nil?
 
         BatchLoader.for(project.id).batch(key: name) do |project_ids, loader|
@@ -42,6 +41,10 @@ module Gitlab
         end
       end
 
+      def group_median
+        median_query(projects.map(&:id))
+      end
+
       def median_query(project_ids)
         # Build a `SELECT` query. We find the first of the `end_time_attrs` that isn't `NULL` (call this end_time).
         # Next, we find the first of the start_time_attrs that isn't `NULL` (call this start_time).
@@ -67,8 +70,7 @@ module Gitlab
       private
 
       def event_fetcher
-        @event_fetcher ||= Gitlab::CycleAnalytics::EventFetcher[name].new(project: project,
-                                                                          stage: name,
+        @event_fetcher ||= Gitlab::CycleAnalytics::EventFetcher[name].new(stage: name,
                                                                           options: event_options)
       end
 
@@ -77,7 +79,15 @@ module Gitlab
       end
 
       def projects
-        [project]
+        group ? Project.inside_path(group.full_path) : [project]
+      end
+
+      def group
+        @group ||= options.fetch(:group, nil)
+      end
+
+      def project
+        @project ||= options.fetch(:project, nil)
       end
     end
   end
diff --git a/lib/gitlab/cycle_analytics/code_event_fetcher.rb b/lib/gitlab/cycle_analytics/code_event_fetcher.rb
index 9e7ca529579..1e4e9b9e02c 100644
--- a/lib/gitlab/cycle_analytics/code_event_fetcher.rb
+++ b/lib/gitlab/cycle_analytics/code_event_fetcher.rb
@@ -11,7 +11,9 @@ module Gitlab
                         mr_table[:id],
                         mr_table[:created_at],
                         mr_table[:state],
-                        mr_table[:author_id]]
+                        mr_table[:author_id],
+                        projects_table[:name],
+                        routes_table[:path]]
         @order = mr_table[:created_at]
 
         super(*args)
@@ -20,7 +22,7 @@ module Gitlab
       private
 
       def serialize(event)
-        AnalyticsMergeRequestSerializer.new(project: project).represent(event)
+        AnalyticsMergeRequestSerializer.new(serialization_context).represent(event)
       end
 
       def allowed_ids_finder_class
diff --git a/lib/gitlab/cycle_analytics/group_stage_summary.rb b/lib/gitlab/cycle_analytics/group_stage_summary.rb
new file mode 100644
index 00000000000..7b5c74e1a1b
--- /dev/null
+++ b/lib/gitlab/cycle_analytics/group_stage_summary.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module CycleAnalytics
+    class GroupStageSummary
+      def initialize(group, from:, current_user:)
+        @group = group
+        @from = from
+        @current_user = current_user
+      end
+
+      def data
+        [serialize(Summary::Group::Issue.new(group: @group, from: @from, current_user: @current_user)),
+         serialize(Summary::Group::Deploy.new(group: @group, from: @from))]
+      end
+
+      private
+
+      def serialize(summary_object)
+        AnalyticsSummarySerializer.new.represent(summary_object)
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/cycle_analytics/issue_event_fetcher.rb b/lib/gitlab/cycle_analytics/issue_event_fetcher.rb
index bb3520ae920..2d03e425a6a 100644
--- a/lib/gitlab/cycle_analytics/issue_event_fetcher.rb
+++ b/lib/gitlab/cycle_analytics/issue_event_fetcher.rb
@@ -10,7 +10,9 @@ module Gitlab
                         issue_table[:iid],
                         issue_table[:id],
                         issue_table[:created_at],
-                        issue_table[:author_id]]
+                        issue_table[:author_id],
+                        projects_table[:name],
+                        routes_table[:path]]
 
         super(*args)
       end
@@ -18,7 +20,7 @@ module Gitlab
       private
 
       def serialize(event)
-        AnalyticsIssueSerializer.new(project: project).represent(event)
+        AnalyticsIssueSerializer.new(serialization_context).represent(event)
       end
 
       def allowed_ids_finder_class
diff --git a/lib/gitlab/cycle_analytics/issue_helper.rb b/lib/gitlab/cycle_analytics/issue_helper.rb
index ac836b8bf0f..0fc4f1dd41a 100644
--- a/lib/gitlab/cycle_analytics/issue_helper.rb
+++ b/lib/gitlab/cycle_analytics/issue_helper.rb
@@ -5,8 +5,11 @@ module Gitlab
     module IssueHelper
       def stage_query(project_ids)
         query = issue_table.join(issue_metrics_table).on(issue_table[:id].eq(issue_metrics_table[:issue_id]))
+          .join(projects_table).on(issue_table[:project_id].eq(projects_table[:id]))
+          .join(routes_table).on(projects_table[:namespace_id].eq(routes_table[:source_id]))
           .project(issue_table[:project_id].as("project_id"))
           .where(issue_table[:project_id].in(project_ids))
+          .where(routes_table[:source_type].eq('Namespace'))
           .where(issue_table[:created_at].gteq(options[:from]))
           .where(issue_metrics_table[:first_added_to_board_at].not_eq(nil).or(issue_metrics_table[:first_associated_with_milestone_at].not_eq(nil)))
 
diff --git a/lib/gitlab/cycle_analytics/metrics_tables.rb b/lib/gitlab/cycle_analytics/metrics_tables.rb
index 3e0302d308d..015f7bfde24 100644
--- a/lib/gitlab/cycle_analytics/metrics_tables.rb
+++ b/lib/gitlab/cycle_analytics/metrics_tables.rb
@@ -35,6 +35,14 @@ module Gitlab
         User.arel_table
       end
 
+      def projects_table
+        Project.arel_table
+      end
+
+      def routes_table
+        Route.arel_table
+      end
+
       def build_table
         ::CommitStatus.arel_table
       end
diff --git a/lib/gitlab/cycle_analytics/permissions.rb b/lib/gitlab/cycle_analytics/permissions.rb
index 03ba98b4dfb..0da041f8950 100644
--- a/lib/gitlab/cycle_analytics/permissions.rb
+++ b/lib/gitlab/cycle_analytics/permissions.rb
@@ -23,7 +23,7 @@ module Gitlab
       end
 
       def get
-        ::CycleAnalytics::Base::STAGES.each do |stage|
+        ::CycleAnalytics::BaseMethods::STAGES.each do |stage|
           @stage_permission_hash[stage] = authorized_stage?(stage)
         end
 
diff --git a/lib/gitlab/cycle_analytics/plan_event_fetcher.rb b/lib/gitlab/cycle_analytics/plan_event_fetcher.rb
index 49a6b099f34..77cc358daa9 100644
--- a/lib/gitlab/cycle_analytics/plan_event_fetcher.rb
+++ b/lib/gitlab/cycle_analytics/plan_event_fetcher.rb
@@ -10,7 +10,9 @@ module Gitlab
                         issue_table[:iid],
                         issue_table[:id],
                         issue_table[:created_at],
-                        issue_table[:author_id]]
+                        issue_table[:author_id],
+                        projects_table[:name],
+                        routes_table[:path]]
 
         super(*args)
       end
@@ -18,7 +20,7 @@ module Gitlab
       private
 
       def serialize(event)
-        AnalyticsIssueSerializer.new(project: project).represent(event)
+        AnalyticsIssueSerializer.new(serialization_context).represent(event)
       end
 
       def allowed_ids_finder_class
diff --git a/lib/gitlab/cycle_analytics/plan_helper.rb b/lib/gitlab/cycle_analytics/plan_helper.rb
index ae578d45ad5..c3f742503a9 100644
--- a/lib/gitlab/cycle_analytics/plan_helper.rb
+++ b/lib/gitlab/cycle_analytics/plan_helper.rb
@@ -5,14 +5,21 @@ module Gitlab
     module PlanHelper
       def stage_query(project_ids)
         query = issue_table.join(issue_metrics_table).on(issue_table[:id].eq(issue_metrics_table[:issue_id]))
+          .join(projects_table).on(issue_table[:project_id].eq(projects_table[:id]))
+          .join(routes_table).on(projects_table[:namespace_id].eq(routes_table[:source_id]))
           .project(issue_table[:project_id].as("project_id"))
           .where(issue_table[:project_id].in(project_ids))
-          .where(issue_table[:created_at].gteq(options[:from]))
-          .where(issue_metrics_table[:first_added_to_board_at].not_eq(nil).or(issue_metrics_table[:first_associated_with_milestone_at].not_eq(nil)))
-          .where(issue_metrics_table[:first_mentioned_in_commit_at].not_eq(nil))
+          .where(routes_table[:source_type].eq('Namespace'))
+        query = add_conditions_to_query(query)
 
         query
       end
+
+      def add_conditions_to_query(query)
+        query.where(issue_table[:created_at].gteq(options[:from]))
+          .where(issue_metrics_table[:first_added_to_board_at].not_eq(nil).or(issue_metrics_table[:first_associated_with_milestone_at].not_eq(nil)))
+          .where(issue_metrics_table[:first_mentioned_in_commit_at].not_eq(nil))
+      end
     end
   end
 end
diff --git a/lib/gitlab/cycle_analytics/production_event_fetcher.rb b/lib/gitlab/cycle_analytics/production_event_fetcher.rb
index 949119d69a0..404b2460814 100644
--- a/lib/gitlab/cycle_analytics/production_event_fetcher.rb
+++ b/lib/gitlab/cycle_analytics/production_event_fetcher.rb
@@ -10,7 +10,9 @@ module Gitlab
                         issue_table[:iid],
                         issue_table[:id],
                         issue_table[:created_at],
-                        issue_table[:author_id]]
+                        issue_table[:author_id],
+                        projects_table[:name],
+                        routes_table[:path]]
 
         super(*args)
       end
@@ -18,7 +20,7 @@ module Gitlab
       private
 
       def serialize(event)
-        AnalyticsIssueSerializer.new(project: project).represent(event)
+        AnalyticsIssueSerializer.new(serialization_context).represent(event)
       end
 
       def allowed_ids_finder_class
diff --git a/lib/gitlab/cycle_analytics/review_event_fetcher.rb b/lib/gitlab/cycle_analytics/review_event_fetcher.rb
index d31736e755d..6acd12517fa 100644
--- a/lib/gitlab/cycle_analytics/review_event_fetcher.rb
+++ b/lib/gitlab/cycle_analytics/review_event_fetcher.rb
@@ -11,7 +11,9 @@ module Gitlab
                         mr_table[:id],
                         mr_table[:created_at],
                         mr_table[:state],
-                        mr_table[:author_id]]
+                        mr_table[:author_id],
+                        projects_table[:name],
+                        routes_table[:path]]
 
         super(*args)
       end
@@ -19,7 +21,7 @@ module Gitlab
       private
 
       def serialize(event)
-        AnalyticsMergeRequestSerializer.new(project: project).represent(event)
+        AnalyticsMergeRequestSerializer.new(serialization_context).represent(event)
       end
 
       def allowed_ids_finder_class
diff --git a/lib/gitlab/cycle_analytics/summary/group/base.rb b/lib/gitlab/cycle_analytics/summary/group/base.rb
new file mode 100644
index 00000000000..7f18b61d309
--- /dev/null
+++ b/lib/gitlab/cycle_analytics/summary/group/base.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module CycleAnalytics
+    module Summary
+      module Group
+        class Base
+          def initialize(group:, from:)
+            @group = group
+            @from = from
+          end
+
+          def title
+            raise NotImplementedError.new("Expected #{self.name} to implement title")
+          end
+
+          def value
+            raise NotImplementedError.new("Expected #{self.name} to implement value")
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/cycle_analytics/summary/group/deploy.rb b/lib/gitlab/cycle_analytics/summary/group/deploy.rb
new file mode 100644
index 00000000000..d8fcd8f2ce4
--- /dev/null
+++ b/lib/gitlab/cycle_analytics/summary/group/deploy.rb
@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module CycleAnalytics
+    module Summary
+      module Group
+        class Deploy < Group::Base
+          def title
+            n_('Deploy', 'Deploys', value)
+          end
+
+          def value
+            @value ||= Deployment.joins(:project)
+              .where(projects: { id: projects })
+              .where("deployments.created_at > ?", @from)
+              .success
+              .count
+          end
+
+          private
+
+          def projects
+            Project.inside_path(@group.full_path).ids
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/cycle_analytics/summary/group/issue.rb b/lib/gitlab/cycle_analytics/summary/group/issue.rb
new file mode 100644
index 00000000000..a5188056cb7
--- /dev/null
+++ b/lib/gitlab/cycle_analytics/summary/group/issue.rb
@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module CycleAnalytics
+    module Summary
+      module Group
+        class Issue < Group::Base
+          def initialize(group:, from:, current_user:)
+            @group = group
+            @from = from
+            @current_user = current_user
+          end
+
+          def title
+            n_('New Issue', 'New Issues', value)
+          end
+
+          def value
+            @value ||= IssuesFinder.new(@current_user, group_id: @group.id, include_subgroups: true).execute.created_after(@from).count
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/spec/lib/gitlab/cycle_analytics/base_event_fetcher_spec.rb b/spec/lib/gitlab/cycle_analytics/base_event_fetcher_spec.rb
index 8b07da11c5d..b7a64adc2ff 100644
--- a/spec/lib/gitlab/cycle_analytics/base_event_fetcher_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/base_event_fetcher_spec.rb
@@ -9,12 +9,12 @@ describe Gitlab::CycleAnalytics::BaseEventFetcher do
   let(:options) do
     { start_time_attrs: start_time_attrs,
       end_time_attrs: end_time_attrs,
-      from: 30.days.ago }
+      from: 30.days.ago,
+      project: project }
   end
 
   subject do
-    described_class.new(project: project,
-                        stage: :issue,
+    described_class.new(stage: :issue,
                         options: options).fetch
   end
 
diff --git a/spec/lib/gitlab/cycle_analytics/code_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/code_stage_spec.rb
index c738cc49c1f..68f73ba3c93 100644
--- a/spec/lib/gitlab/cycle_analytics/code_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/code_stage_spec.rb
@@ -5,31 +5,31 @@ describe Gitlab::CycleAnalytics::CodeStage do
   let(:stage_name) { :code }
 
   let(:project) { create(:project) }
-  let!(:issue_1) { create(:issue, project: project, created_at: 90.minutes.ago) }
-  let!(:issue_2) { create(:issue, project: project, created_at: 60.minutes.ago) }
-  let!(:issue_3) { create(:issue, project: project, created_at: 60.minutes.ago) }
-  let!(:mr_1) { create(:merge_request, source_project: project, created_at: 15.minutes.ago) }
-  let!(:mr_2) { create(:merge_request, source_project: project, created_at: 10.minutes.ago, source_branch: 'A') }
-  let!(:mr_3) { create(:merge_request, source_project: project, created_at: 10.minutes.ago, source_branch: 'B') }
-  let(:stage) { described_class.new(project: project, options: { from: 2.days.ago, current_user: project.creator }) }
+  let(:issue_1) { create(:issue, project: project, created_at: 90.minutes.ago) }
+  let(:issue_2) { create(:issue, project: project, created_at: 60.minutes.ago) }
+  let(:issue_3) { create(:issue, project: project, created_at: 60.minutes.ago) }
+  let(:mr_1) { create(:merge_request, source_project: project, created_at: 15.minutes.ago) }
+  let(:mr_2) { create(:merge_request, source_project: project, created_at: 10.minutes.ago, source_branch: 'A') }
+  let(:stage) { described_class.new(options: { from: 2.days.ago, current_user: project.creator, project: project }) }
 
   before do
     issue_1.metrics.update!(first_associated_with_milestone_at: 60.minutes.ago, first_mentioned_in_commit_at: 45.minutes.ago)
     issue_2.metrics.update!(first_added_to_board_at: 60.minutes.ago, first_mentioned_in_commit_at: 40.minutes.ago)
     issue_3.metrics.update!(first_added_to_board_at: 60.minutes.ago, first_mentioned_in_commit_at: 40.minutes.ago)
+    create(:merge_request, source_project: project, created_at: 10.minutes.ago, source_branch: 'B')
     create(:merge_requests_closing_issues, merge_request: mr_1, issue: issue_1)
     create(:merge_requests_closing_issues, merge_request: mr_2, issue: issue_2)
   end
 
   it_behaves_like 'base stage'
 
-  describe '#median' do
+  describe '#project_median' do
     around do |example|
       Timecop.freeze { example.run }
     end
 
     it 'counts median from issues with metrics' do
-      expect(stage.median).to eq(ISSUES_MEDIAN)
+      expect(stage.project_median).to eq(ISSUES_MEDIAN)
     end
   end
 
@@ -41,4 +41,80 @@ describe Gitlab::CycleAnalytics::CodeStage do
       expect(result.map { |event| event[:title] }).to contain_exactly(mr_1.title, mr_2.title)
     end
   end
+
+  context 'when group is given' do
+    let(:user) { create(:user) }
+    let(:group) { create(:group) }
+    let(:project_2) { create(:project, group: group) }
+    let(:project_3) { create(:project, group: group) }
+    let(:issue_2_1) { create(:issue, project: project_2, created_at: 90.minutes.ago) }
+    let(:issue_2_2) { create(:issue, project: project_3, created_at: 60.minutes.ago) }
+    let(:issue_2_3) { create(:issue, project: project_2, created_at: 60.minutes.ago) }
+    let(:mr_2_1) { create(:merge_request, source_project: project_2, created_at: 15.minutes.ago) }
+    let(:mr_2_2) { create(:merge_request, source_project: project_3, created_at: 10.minutes.ago, source_branch: 'A') }
+    let(:stage) { described_class.new(options: { from: 2.days.ago, current_user: user, group: group }) }
+
+    before do
+      group.add_owner(user)
+      issue_2_1.metrics.update!(first_associated_with_milestone_at: 60.minutes.ago, first_mentioned_in_commit_at: 45.minutes.ago)
+      issue_2_2.metrics.update!(first_added_to_board_at: 60.minutes.ago, first_mentioned_in_commit_at: 40.minutes.ago)
+      issue_2_3.metrics.update!(first_added_to_board_at: 60.minutes.ago, first_mentioned_in_commit_at: 40.minutes.ago)
+      create(:merge_requests_closing_issues, merge_request: mr_2_1, issue: issue_2_1)
+      create(:merge_requests_closing_issues, merge_request: mr_2_2, issue: issue_2_2)
+    end
+
+    describe '#group_median' do
+      around do |example|
+        Timecop.freeze { example.run }
+      end
+
+      it 'counts median from issues with metrics' do
+        expect(stage.group_median).to eq(ISSUES_MEDIAN)
+      end
+    end
+
+    describe '#events' do
+      it 'exposes merge requests that close issues' do
+        result = stage.events
+
+        expect(result.count).to eq(2)
+        expect(result.map { |event| event[:title] }).to contain_exactly(mr_2_1.title, mr_2_2.title)
+      end
+    end
+
+    context 'when subgroup is given' do
+      let(:subgroup) { create(:group, parent: group) }
+      let(:project_4) { create(:project, group: subgroup) }
+      let(:project_5) { create(:project, group: subgroup) }
+      let(:issue_3_1) { create(:issue, project: project_4, created_at: 90.minutes.ago) }
+      let(:issue_3_2) { create(:issue, project: project_5, created_at: 60.minutes.ago) }
+      let(:issue_3_3) { create(:issue, project: project_5, created_at: 60.minutes.ago) }
+      let(:mr_3_1) { create(:merge_request, source_project: project_4, created_at: 15.minutes.ago) }
+      let(:mr_3_2) { create(:merge_request, source_project: project_5, created_at: 10.minutes.ago, source_branch: 'A') }
+
+      before do
+        issue_3_1.metrics.update!(first_associated_with_milestone_at: 60.minutes.ago, first_mentioned_in_commit_at: 45.minutes.ago)
+        issue_3_2.metrics.update!(first_added_to_board_at: 60.minutes.ago, first_mentioned_in_commit_at: 40.minutes.ago)
+        issue_3_3.metrics.update!(first_added_to_board_at: 60.minutes.ago, first_mentioned_in_commit_at: 40.minutes.ago)
+        create(:merge_requests_closing_issues, merge_request: mr_3_1, issue: issue_3_1)
+        create(:merge_requests_closing_issues, merge_request: mr_3_2, issue: issue_3_2)
+      end
+
+      describe '#events' do
+        it 'exposes merge requests that close issues' do
+          result = stage.events
+
+          expect(result.count).to eq(4)
+          expect(result.map { |event| event[:title] }).to contain_exactly(mr_2_1.title, mr_2_2.title, mr_3_1.title, mr_3_2.title)
+        end
+
+        it 'exposes merge requests that close issues with full path for subgroup' do
+          result = stage.events
+
+          expect(result.count).to eq(4)
+          expect(result.find { |event| event[:title] == mr_3_1.title }[:url]).to include("#{subgroup.full_path}")
+        end
+      end
+    end
+  end
 end
diff --git a/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb b/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
new file mode 100644
index 00000000000..8e552b23283
--- /dev/null
+++ b/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+require 'spec_helper'
+
+describe Gitlab::CycleAnalytics::GroupStageSummary do
+  let(:group) { create(:group) }
+  let(:project) { create(:project, :repository, namespace: group) }
+  let(:project_2) { create(:project, :repository, namespace: group) }
+  let(:from) { 1.day.ago }
+  let(:user) { create(:user, :admin) }
+  subject { described_class.new(group, from: Time.now, current_user: user).data }
+
+  describe "#new_issues" do
+    it "finds the number of issues created after the 'from date'" do
+      Timecop.freeze(5.days.ago) { create(:issue, project: project) }
+      Timecop.freeze(5.days.ago) { create(:issue, project: project_2) }
+      Timecop.freeze(5.days.from_now) { create(:issue, project: project) }
+      Timecop.freeze(5.days.from_now) { create(:issue, project: project_2) }
+
+      expect(subject.first[:value]).to eq(2)
+    end
+
+    it "doesn't find issues from other projects" do
+      Timecop.freeze(5.days.from_now) { create(:issue, project: create(:project, namespace: create(:group))) }
+      Timecop.freeze(5.days.from_now) { create(:issue, project: project) }
+      Timecop.freeze(5.days.from_now) { create(:issue, project: project_2) }
+
+      expect(subject.first[:value]).to eq(2)
+    end
+
+    it "finds issues from subgroups" do
+      Timecop.freeze(5.days.from_now) { create(:issue, project: create(:project, namespace: create(:group, parent: group))) }
+      Timecop.freeze(5.days.from_now) { create(:issue, project: project) }
+      Timecop.freeze(5.days.from_now) { create(:issue, project: project_2) }
+
+      expect(subject.first[:value]).to eq(3)
+    end
+  end
+
+  describe "#deploys" do
+    it "finds the number of deploys made created after the 'from date'" do
+      Timecop.freeze(5.days.ago) { create(:deployment, :success, project: project) }
+      Timecop.freeze(5.days.from_now) { create(:deployment, :success, project: project) }
+      Timecop.freeze(5.days.ago) { create(:deployment, :success, project: project_2) }
+      Timecop.freeze(5.days.from_now) { create(:deployment, :success, project: project_2) }
+
+      expect(subject.second[:value]).to eq(2)
+    end
+
+    it "doesn't find deploys from other projects" do
+      Timecop.freeze(5.days.from_now) do
+        create(:deployment, :success, project: create(:project, :repository, namespace: create(:group)))
+      end
+
+      expect(subject.second[:value]).to eq(0)
+    end
+
+    it "finds deploys from subgroups" do
+      Timecop.freeze(5.days.from_now) do
+        create(:deployment, :success, project: create(:project, :repository, namespace: create(:group, parent: group)))
+      end
+
+      expect(subject.second[:value]).to eq(1)
+    end
+  end
+end
diff --git a/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb
index 3b6af9cbaed..64ac9df52b2 100644
--- a/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb
@@ -4,11 +4,11 @@ require 'lib/gitlab/cycle_analytics/shared_stage_spec'
 describe Gitlab::CycleAnalytics::IssueStage do
   let(:stage_name) { :issue }
   let(:project) { create(:project) }
-  let!(:issue_1) { create(:issue, project: project, created_at: 90.minutes.ago) }
-  let!(:issue_2) { create(:issue, project: project, created_at: 60.minutes.ago) }
-  let!(:issue_3) { create(:issue, project: project, created_at: 30.minutes.ago) }
+  let(:issue_1) { create(:issue, project: project, created_at: 90.minutes.ago) }
+  let(:issue_2) { create(:issue, project: project, created_at: 60.minutes.ago) }
+  let(:issue_3) { create(:issue, project: project, created_at: 30.minutes.ago) }
   let!(:issue_without_milestone) { create(:issue, project: project, created_at: 1.minute.ago) }
-  let(:stage) { described_class.new(project: project, options: { from: 2.days.ago, current_user: project.creator }) }
+  let(:stage) { described_class.new(options: { from: 2.days.ago, current_user: project.creator, project: project }) }
 
   before do
     issue_1.metrics.update!(first_associated_with_milestone_at: 60.minutes.ago )
@@ -24,7 +24,7 @@ describe Gitlab::CycleAnalytics::IssueStage do
     end
 
     it 'counts median from issues with metrics' do
-      expect(stage.median).to eq(ISSUES_MEDIAN)
+      expect(stage.project_median).to eq(ISSUES_MEDIAN)
     end
   end
 
@@ -36,4 +36,69 @@ describe Gitlab::CycleAnalytics::IssueStage do
       expect(result.map { |event| event[:title] }).to contain_exactly(issue_1.title, issue_2.title, issue_3.title)
     end
   end
+  context 'when group is given' do
+    let(:user) { create(:user) }
+    let(:group) { create(:group) }
+    let(:project_2) { create(:project, group: group) }
+    let(:project_3) { create(:project, group: group) }
+    let(:issue_2_1) { create(:issue, project: project_2, created_at: 90.minutes.ago) }
+    let(:issue_2_2) { create(:issue, project: project_3, created_at: 60.minutes.ago) }
+    let(:issue_2_3) { create(:issue, project: project_2, created_at: 60.minutes.ago) }
+    let(:stage) { described_class.new(options: { from: 2.days.ago, current_user: user, group: group }) }
+
+    before do
+      group.add_owner(user)
+      issue_2_1.metrics.update!(first_associated_with_milestone_at: 60.minutes.ago)
+      issue_2_2.metrics.update!(first_added_to_board_at: 30.minutes.ago)
+    end
+
+    describe '#group_median' do
+      around do |example|
+        Timecop.freeze { example.run }
+      end
+
+      it 'counts median from issues with metrics' do
+        expect(stage.group_median).to eq(ISSUES_MEDIAN)
+      end
+    end
+
+    describe '#events' do
+      it 'exposes merge requests that close issues' do
+        result = stage.events
+
+        expect(result.count).to eq(2)
+        expect(result.map { |event| event[:title] }).to contain_exactly(issue_2_1.title, issue_2_2.title)
+      end
+    end
+
+    context 'when subgroup is given' do
+      let(:subgroup) { create(:group, parent: group) }
+      let(:project_4) { create(:project, group: subgroup) }
+      let(:project_5) { create(:project, group: subgroup) }
+      let(:issue_3_1) { create(:issue, project: project_4, created_at: 90.minutes.ago) }
+      let(:issue_3_2) { create(:issue, project: project_5, created_at: 60.minutes.ago) }
+      let(:issue_3_3) { create(:issue, project: project_5, created_at: 60.minutes.ago) }
+
+      before do
+        issue_3_1.metrics.update!(first_associated_with_milestone_at: 60.minutes.ago)
+        issue_3_2.metrics.update!(first_added_to_board_at: 30.minutes.ago)
+      end
+
+      describe '#events' do
+        it 'exposes merge requests that close issues' do
+          result = stage.events
+
+          expect(result.count).to eq(4)
+          expect(result.map { |event| event[:title] }).to contain_exactly(issue_2_1.title, issue_2_2.title, issue_3_1.title, issue_3_2.title)
+        end
+
+        it 'exposes merge requests that close issues with full path for subgroup' do
+          result = stage.events
+
+          expect(result.count).to eq(4)
+          expect(result.find { |event| event[:title] == issue_3_1.title }[:url]).to include("#{subgroup.full_path}")
+        end
+      end
+    end
+  end
 end
diff --git a/spec/lib/gitlab/cycle_analytics/plan_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/plan_stage_spec.rb
index 506a8160412..55de6192af1 100644
--- a/spec/lib/gitlab/cycle_analytics/plan_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/plan_stage_spec.rb
@@ -8,7 +8,7 @@ describe Gitlab::CycleAnalytics::PlanStage do
   let!(:issue_2) { create(:issue, project: project, created_at: 60.minutes.ago) }
   let!(:issue_3) { create(:issue, project: project, created_at: 30.minutes.ago) }
   let!(:issue_without_milestone) { create(:issue, project: project, created_at: 1.minute.ago) }
-  let(:stage) { described_class.new(project: project, options: { from: 2.days.ago, current_user: project.creator }) }
+  let(:stage) { described_class.new(options: { from: 2.days.ago, current_user: project.creator, project: project }) }
 
   before do
     issue_1.metrics.update!(first_associated_with_milestone_at: 60.minutes.ago, first_mentioned_in_commit_at: 10.minutes.ago)
@@ -18,13 +18,13 @@ describe Gitlab::CycleAnalytics::PlanStage do
 
   it_behaves_like 'base stage'
 
-  describe '#median' do
+  describe '#project_median' do
     around do |example|
       Timecop.freeze { example.run }
     end
 
     it 'counts median from issues with metrics' do
-      expect(stage.median).to eq(ISSUES_MEDIAN)
+      expect(stage.project_median).to eq(ISSUES_MEDIAN)
     end
   end
 
@@ -36,4 +36,72 @@ describe Gitlab::CycleAnalytics::PlanStage do
       expect(result.map { |event| event[:title] }).to contain_exactly(issue_1.title, issue_2.title)
     end
   end
+
+  context 'when group is given' do
+    let(:user) { create(:user) }
+    let(:group) { create(:group) }
+    let(:project_2) { create(:project, group: group) }
+    let(:project_3) { create(:project, group: group) }
+    let(:issue_2_1) { create(:issue, project: project_2, created_at: 90.minutes.ago) }
+    let(:issue_2_2) { create(:issue, project: project_3, created_at: 60.minutes.ago) }
+    let(:issue_2_3) { create(:issue, project: project_2, created_at: 60.minutes.ago) }
+    let(:stage) { described_class.new(options: { from: 2.days.ago, current_user: user, group: group }) }
+
+    before do
+      group.add_owner(user)
+      issue_2_1.metrics.update!(first_associated_with_milestone_at: 60.minutes.ago, first_mentioned_in_commit_at: 10.minutes.ago)
+      issue_2_2.metrics.update!(first_added_to_board_at: 30.minutes.ago, first_mentioned_in_commit_at: 20.minutes.ago)
+      issue_2_3.metrics.update!(first_added_to_board_at: 15.minutes.ago)
+    end
+
+    describe '#group_median' do
+      around do |example|
+        Timecop.freeze { example.run }
+      end
+
+      it 'counts median from issues with metrics' do
+        expect(stage.group_median).to eq(ISSUES_MEDIAN)
+      end
+    end
+
+    describe '#events' do
+      it 'exposes merge requests that close issues' do
+        result = stage.events
+
+        expect(result.count).to eq(2)
+        expect(result.map { |event| event[:title] }).to contain_exactly(issue_2_1.title, issue_2_2.title)
+      end
+    end
+
+    context 'when subgroup is given' do
+      let(:subgroup) { create(:group, parent: group) }
+      let(:project_4) { create(:project, group: subgroup) }
+      let(:project_5) { create(:project, group: subgroup) }
+      let(:issue_3_1) { create(:issue, project: project_4, created_at: 90.minutes.ago) }
+      let(:issue_3_2) { create(:issue, project: project_5, created_at: 60.minutes.ago) }
+      let(:issue_3_3) { create(:issue, project: project_5, created_at: 60.minutes.ago) }
+
+      before do
+        issue_3_1.metrics.update!(first_associated_with_milestone_at: 60.minutes.ago, first_mentioned_in_commit_at: 10.minutes.ago)
+        issue_3_2.metrics.update!(first_added_to_board_at: 30.minutes.ago, first_mentioned_in_commit_at: 20.minutes.ago)
+        issue_3_3.metrics.update!(first_added_to_board_at: 15.minutes.ago)
+      end
+
+      describe '#events' do
+        it 'exposes merge requests that close issues' do
+          result = stage.events
+
+          expect(result.count).to eq(4)
+          expect(result.map { |event| event[:title] }).to contain_exactly(issue_2_1.title, issue_2_2.title, issue_3_1.title, issue_3_2.title)
+        end
+
+        it 'exposes merge requests that close issues with full path for subgroup' do
+          result = stage.events
+
+          expect(result.count).to eq(4)
+          expect(result.find { |event| event[:title] == issue_3_1.title }[:url]).to include("#{subgroup.full_path}")
+        end
+      end
+    end
+  end
 end
diff --git a/spec/lib/gitlab/cycle_analytics/review_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/review_stage_spec.rb
index f072a9644e8..9c7cb5811d0 100644
--- a/spec/lib/gitlab/cycle_analytics/review_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/review_stage_spec.rb
@@ -4,14 +4,14 @@ require 'lib/gitlab/cycle_analytics/shared_stage_spec'
 describe Gitlab::CycleAnalytics::ReviewStage do
   let(:stage_name) { :review }
   let(:project) { create(:project) }
-  let!(:issue_1) { create(:issue, project: project, created_at: 90.minutes.ago) }
-  let!(:issue_2) { create(:issue, project: project, created_at: 60.minutes.ago) }
-  let!(:issue_3) { create(:issue, project: project, created_at: 60.minutes.ago) }
-  let!(:mr_1) { create(:merge_request, :closed, source_project: project, created_at: 60.minutes.ago) }
-  let!(:mr_2) { create(:merge_request, :closed, source_project: project, created_at: 40.minutes.ago, source_branch: 'A') }
-  let!(:mr_3) { create(:merge_request, source_project: project, created_at: 10.minutes.ago, source_branch: 'B') }
+  let(:issue_1) { create(:issue, project: project, created_at: 90.minutes.ago) }
+  let(:issue_2) { create(:issue, project: project, created_at: 60.minutes.ago) }
+  let(:issue_3) { create(:issue, project: project, created_at: 60.minutes.ago) }
+  let(:mr_1) { create(:merge_request, :closed, source_project: project, created_at: 60.minutes.ago) }
+  let(:mr_2) { create(:merge_request, :closed, source_project: project, created_at: 40.minutes.ago, source_branch: 'A') }
+  let(:mr_3) { create(:merge_request, source_project: project, created_at: 10.minutes.ago, source_branch: 'B') }
   let!(:mr_4) { create(:merge_request, source_project: project, created_at: 10.minutes.ago, source_branch: 'C') }
-  let(:stage) { described_class.new(project: project, options: { from: 2.days.ago, current_user: project.creator }) }
+  let(:stage) { described_class.new(options: { from: 2.days.ago, current_user: project.creator, project: project }) }
 
   before do
     mr_1.metrics.update!(merged_at: 30.minutes.ago)
@@ -24,13 +24,13 @@ describe Gitlab::CycleAnalytics::ReviewStage do
 
   it_behaves_like 'base stage'
 
-  describe '#median' do
+  describe '#project_median' do
     around do |example|
       Timecop.freeze { example.run }
     end
 
     it 'counts median from issues with metrics' do
-      expect(stage.median).to eq(ISSUES_MEDIAN)
+      expect(stage.project_median).to eq(ISSUES_MEDIAN)
     end
   end
 
@@ -42,4 +42,47 @@ describe Gitlab::CycleAnalytics::ReviewStage do
       expect(result.map { |event| event[:title] }).to contain_exactly(mr_1.title, mr_2.title)
     end
   end
+  context 'when group is given' do
+    let(:user) { create(:user) }
+    let(:group) { create(:group) }
+    let(:project_2) { create(:project, group: group) }
+    let(:project_3) { create(:project, group: group) }
+    let(:issue_2_1) { create(:issue, project: project_2, created_at: 90.minutes.ago) }
+    let(:issue_2_2) { create(:issue, project: project_3, created_at: 60.minutes.ago) }
+    let(:issue_2_3) { create(:issue, project: project_2, created_at: 60.minutes.ago) }
+    let(:mr_2_1) { create(:merge_request, :closed, source_project: project_2, created_at: 60.minutes.ago) }
+    let(:mr_2_2) { create(:merge_request, :closed, source_project: project_3, created_at: 40.minutes.ago, source_branch: 'A') }
+    let(:mr_2_3) { create(:merge_request, source_project: project_2, created_at: 10.minutes.ago, source_branch: 'B') }
+    let!(:mr_2_4) { create(:merge_request, source_project: project_3, created_at: 10.minutes.ago, source_branch: 'C') }
+    let(:stage) { described_class.new(options: { from: 2.days.ago, current_user: user, group: group }) }
+
+    before do
+      group.add_owner(user)
+      mr_2_1.metrics.update!(merged_at: 30.minutes.ago)
+      mr_2_2.metrics.update!(merged_at: 10.minutes.ago)
+
+      create(:merge_requests_closing_issues, merge_request: mr_2_1, issue: issue_2_1)
+      create(:merge_requests_closing_issues, merge_request: mr_2_2, issue: issue_2_2)
+      create(:merge_requests_closing_issues, merge_request: mr_2_3, issue: issue_2_3)
+    end
+
+    describe '#group_median' do
+      around do |example|
+        Timecop.freeze { example.run }
+      end
+
+      it 'counts median from issues with metrics' do
+        expect(stage.group_median).to eq(ISSUES_MEDIAN)
+      end
+    end
+
+    describe '#events' do
+      it 'exposes merge requests that close issues' do
+        result = stage.events
+
+        expect(result.count).to eq(2)
+        expect(result.map { |event| event[:title] }).to contain_exactly(mr_2_1.title, mr_2_2.title)
+      end
+    end
+  end
 end
diff --git a/spec/lib/gitlab/cycle_analytics/shared_event_spec.rb b/spec/lib/gitlab/cycle_analytics/shared_event_spec.rb
index c22d27f60d6..b001a46001e 100644
--- a/spec/lib/gitlab/cycle_analytics/shared_event_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/shared_event_spec.rb
@@ -2,7 +2,7 @@ require 'spec_helper'
 
 shared_examples 'default query config' do
   let(:project) { create(:project) }
-  let(:event) { described_class.new(project: project, stage: stage_name, options: { from: 1.day.ago }) }
+  let(:event) { described_class.new(stage: stage_name, options: { from: 1.day.ago, project: project }) }
 
   it 'has the stage attribute' do
     expect(event.stage).not_to be_nil
diff --git a/spec/lib/gitlab/cycle_analytics/shared_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/shared_stage_spec.rb
index 1a4b572cc11..c146146723f 100644
--- a/spec/lib/gitlab/cycle_analytics/shared_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/shared_stage_spec.rb
@@ -3,10 +3,10 @@ require 'spec_helper'
 shared_examples 'base stage' do
   ISSUES_MEDIAN = 30.minutes.to_i
 
-  let(:stage) { described_class.new(project: double, options: {}) }
+  let(:stage) { described_class.new(options: { project: double }) }
 
   before do
-    allow(stage).to receive(:median).and_return(1.12)
+    allow(stage).to receive(:project_median).and_return(1.12)
     allow_any_instance_of(Gitlab::CycleAnalytics::BaseEventFetcher).to receive(:event_result).and_return({})
   end
 
diff --git a/spec/lib/gitlab/cycle_analytics/staging_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/staging_stage_spec.rb
index 17d5fbb9733..3e2d748396f 100644
--- a/spec/lib/gitlab/cycle_analytics/staging_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/staging_stage_spec.rb
@@ -5,16 +5,16 @@ describe Gitlab::CycleAnalytics::StagingStage do
   let(:stage_name) { :staging }
 
   let(:project) { create(:project) }
-  let!(:issue_1) { create(:issue, project: project, created_at: 90.minutes.ago) }
-  let!(:issue_2) { create(:issue, project: project, created_at: 60.minutes.ago) }
-  let!(:issue_3) { create(:issue, project: project, created_at: 60.minutes.ago) }
-  let!(:mr_1) { create(:merge_request, :closed, source_project: project, created_at: 60.minutes.ago) }
-  let!(:mr_2) { create(:merge_request, :closed, source_project: project, created_at: 40.minutes.ago, source_branch: 'A') }
-  let!(:mr_3) { create(:merge_request, source_project: project, created_at: 10.minutes.ago, source_branch: 'B') }
+  let(:issue_1) { create(:issue, project: project, created_at: 90.minutes.ago) }
+  let(:issue_2) { create(:issue, project: project, created_at: 60.minutes.ago) }
+  let(:issue_3) { create(:issue, project: project, created_at: 60.minutes.ago) }
+  let(:mr_1) { create(:merge_request, :closed, source_project: project, created_at: 60.minutes.ago) }
+  let(:mr_2) { create(:merge_request, :closed, source_project: project, created_at: 40.minutes.ago, source_branch: 'A') }
+  let(:mr_3) { create(:merge_request, source_project: project, created_at: 10.minutes.ago, source_branch: 'B') }
   let(:build_1) { create(:ci_build, project: project) }
   let(:build_2) { create(:ci_build, project: project) }
 
-  let(:stage) { described_class.new(project: project, options: { from: 2.days.ago, current_user: project.creator }) }
+  let(:stage) { described_class.new(options: { from: 2.days.ago, current_user: project.creator, project: project }) }
 
   before do
     mr_1.metrics.update!(merged_at: 80.minutes.ago, first_deployed_to_production_at: 50.minutes.ago, pipeline_id: build_1.commit_id)
@@ -28,13 +28,13 @@ describe Gitlab::CycleAnalytics::StagingStage do
 
   it_behaves_like 'base stage'
 
-  describe '#median' do
+  describe '#project_median' do
     around do |example|
       Timecop.freeze { example.run }
     end
 
     it 'counts median from issues with metrics' do
-      expect(stage.median).to eq(ISSUES_MEDIAN)
+      expect(stage.project_median).to eq(ISSUES_MEDIAN)
     end
   end
 
@@ -46,4 +46,50 @@ describe Gitlab::CycleAnalytics::StagingStage do
       expect(result.map { |event| event[:name] }).to contain_exactly(build_1.name, build_2.name)
     end
   end
+
+  context 'when group is given' do
+    let(:user) { create(:user) }
+    let(:group) { create(:group) }
+    let(:project_2) { create(:project, group: group) }
+    let(:project_3) { create(:project, group: group) }
+    let(:issue_2_1) { create(:issue, project: project_2, created_at: 90.minutes.ago) }
+    let(:issue_2_2) { create(:issue, project: project_3, created_at: 60.minutes.ago) }
+    let(:issue_2_3) { create(:issue, project: project_2, created_at: 60.minutes.ago) }
+    let(:mr_1) { create(:merge_request, :closed, source_project: project_2, created_at: 60.minutes.ago) }
+    let(:mr_2) { create(:merge_request, :closed, source_project: project_3, created_at: 40.minutes.ago, source_branch: 'A') }
+    let(:mr_3) { create(:merge_request, source_project: project_2, created_at: 10.minutes.ago, source_branch: 'B') }
+    let(:build_1) { create(:ci_build, project: project_2) }
+    let(:build_2) { create(:ci_build, project: project_3) }
+    let(:stage) { described_class.new(options: { from: 2.days.ago, current_user: user, group: group }) }
+
+    before do
+      group.add_owner(user)
+      mr_1.metrics.update!(merged_at: 80.minutes.ago, first_deployed_to_production_at: 50.minutes.ago, pipeline_id: build_1.commit_id)
+      mr_2.metrics.update!(merged_at: 60.minutes.ago, first_deployed_to_production_at: 30.minutes.ago, pipeline_id: build_2.commit_id)
+      mr_3.metrics.update!(merged_at: 10.minutes.ago, first_deployed_to_production_at: 3.days.ago, pipeline_id: create(:ci_build, project: project_2).commit_id)
+
+      create(:merge_requests_closing_issues, merge_request: mr_1, issue: issue_2_1)
+      create(:merge_requests_closing_issues, merge_request: mr_2, issue: issue_2_2)
+      create(:merge_requests_closing_issues, merge_request: mr_3, issue: issue_2_3)
+    end
+
+    describe '#group_median' do
+      around do |example|
+        Timecop.freeze { example.run }
+      end
+
+      it 'counts median from issues with metrics' do
+        expect(stage.group_median).to eq(ISSUES_MEDIAN)
+      end
+    end
+
+    describe '#events' do
+      it 'exposes merge requests that close issues' do
+        result = stage.events
+
+        expect(result.count).to eq(2)
+        expect(result.map { |event| event[:name] }).to contain_exactly(build_1.name, build_2.name)
+      end
+    end
+  end
 end
diff --git a/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb b/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb
index 8122e85a981..4ef33ff6e2b 100644
--- a/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb
@@ -34,7 +34,7 @@ describe Gitlab::CycleAnalytics::UsageData do
 
         expect(result).to have_key(:avg_cycle_analytics)
 
-        CycleAnalytics::Base::STAGES.each do |stage|
+        CycleAnalytics::BaseMethods::STAGES.each do |stage|
           expect(result[:avg_cycle_analytics]).to have_key(stage)
 
           stage_values    = result[:avg_cycle_analytics][stage]
diff --git a/spec/models/cycle_analytics/code_spec.rb b/spec/models/cycle_analytics/code_spec.rb
index db6e70973ae..808659552ff 100644
--- a/spec/models/cycle_analytics/code_spec.rb
+++ b/spec/models/cycle_analytics/code_spec.rb
@@ -38,7 +38,7 @@ describe 'CycleAnalytics#code' do
         merge_merge_requests_closing_issue(user, project, issue)
         deploy_master(user, project)
 
-        expect(subject[:code].median).to be_nil
+        expect(subject[:code].project_median).to be_nil
       end
     end
   end
@@ -68,7 +68,7 @@ describe 'CycleAnalytics#code' do
 
         merge_merge_requests_closing_issue(user, project, issue)
 
-        expect(subject[:code].median).to be_nil
+        expect(subject[:code].project_median).to be_nil
       end
     end
   end
diff --git a/spec/models/cycle_analytics/group_level_spec.rb b/spec/models/cycle_analytics/group_level_spec.rb
new file mode 100644
index 00000000000..70c370bc39d
--- /dev/null
+++ b/spec/models/cycle_analytics/group_level_spec.rb
@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe CycleAnalytics::GroupLevel do
+  let(:group) { create(:group)}
+  let(:project) { create(:project, :repository, namespace: group) }
+  let(:from_date) { 10.days.ago }
+  let(:user) { create(:user, :admin) }
+  let(:issue) { create(:issue, project: project, created_at: 2.days.ago) }
+  let(:milestone) { create(:milestone, project: project) }
+  let(:mr) { create_merge_request_closing_issue(user, project, issue, commit_message: "References #{issue.to_reference}") }
+  let(:pipeline) { create(:ci_empty_pipeline, status: 'created', project: project, ref: mr.source_branch, sha: mr.source_branch_sha, head_pipeline_of: mr) }
+
+  subject { described_class.new(options: { from: from_date, group: group, current_user: user }) }
+
+  describe '#permissions' do
+    it 'returns permissions' do
+      expect(subject.permissions.values.uniq).to eq([true])
+    end
+  end
+
+  describe '#stats' do
+    before do
+      allow_any_instance_of(Gitlab::ReferenceExtractor).to receive(:issues).and_return([issue])
+
+      create_cycle(user, project, issue, mr, milestone, pipeline)
+      deploy_master(user, project)
+    end
+
+    it 'returns medians for each stage for a specific group' do
+      expect(subject.no_stats?).to eq(false)
+    end
+  end
+
+  describe '#summary' do
+    before do
+      create_cycle(user, project, issue, mr, milestone, pipeline)
+      deploy_master(user, project)
+    end
+
+    it 'returns medians for each stage for a specific group' do
+      expect(subject.summary.map { |summary| summary[:value] }).to contain_exactly(1, 1)
+    end
+  end
+end
diff --git a/spec/models/cycle_analytics/issue_spec.rb b/spec/models/cycle_analytics/issue_spec.rb
index 4ccbdf29df6..8cdf83b1292 100644
--- a/spec/models/cycle_analytics/issue_spec.rb
+++ b/spec/models/cycle_analytics/issue_spec.rb
@@ -43,7 +43,7 @@ describe 'CycleAnalytics#issue' do
       create_merge_request_closing_issue(user, project, issue)
       merge_merge_requests_closing_issue(user, project, issue)
 
-      expect(subject[:issue].median).to be_nil
+      expect(subject[:issue].project_median).to be_nil
     end
   end
 end
diff --git a/spec/models/cycle_analytics/plan_spec.rb b/spec/models/cycle_analytics/plan_spec.rb
index c99c38e9cf3..28ad9bd194d 100644
--- a/spec/models/cycle_analytics/plan_spec.rb
+++ b/spec/models/cycle_analytics/plan_spec.rb
@@ -47,7 +47,7 @@ describe 'CycleAnalytics#plan' do
       create_merge_request_closing_issue(user, project, issue, source_branch: branch_name)
       merge_merge_requests_closing_issue(user, project, issue)
 
-      expect(subject[:issue].median).to be_nil
+      expect(subject[:issue].project_median).to be_nil
     end
   end
 end
diff --git a/spec/models/cycle_analytics/production_spec.rb b/spec/models/cycle_analytics/production_spec.rb
index ddd199362d1..613c1786540 100644
--- a/spec/models/cycle_analytics/production_spec.rb
+++ b/spec/models/cycle_analytics/production_spec.rb
@@ -41,7 +41,7 @@ describe 'CycleAnalytics#production' do
       MergeRequests::MergeService.new(project, user).execute(merge_request)
       deploy_master(user, project)
 
-      expect(subject[:production].median).to be_nil
+      expect(subject[:production].project_median).to be_nil
     end
   end
 
@@ -52,7 +52,7 @@ describe 'CycleAnalytics#production' do
       MergeRequests::MergeService.new(project, user).execute(merge_request)
       deploy_master(user, project, environment: 'staging')
 
-      expect(subject[:production].median).to be_nil
+      expect(subject[:production].project_median).to be_nil
     end
   end
 end
diff --git a/spec/models/cycle_analytics/project_level_spec.rb b/spec/models/cycle_analytics/project_level_spec.rb
index 77bd0bfeb9c..4de01b1c679 100644
--- a/spec/models/cycle_analytics/project_level_spec.rb
+++ b/spec/models/cycle_analytics/project_level_spec.rb
@@ -23,7 +23,7 @@ describe CycleAnalytics::ProjectLevel do
 
     it 'returns every median for each stage for a specific project' do
       values = described_class::STAGES.each_with_object({}) do |stage_name, hsh|
-        hsh[stage_name] = subject[stage_name].median.presence
+        hsh[stage_name] = subject[stage_name].project_median.presence
       end
 
       expect(subject.all_medians_by_stage).to eq(values)
diff --git a/spec/models/cycle_analytics/review_spec.rb b/spec/models/cycle_analytics/review_spec.rb
index 63c481ed465..ef88fd86340 100644
--- a/spec/models/cycle_analytics/review_spec.rb
+++ b/spec/models/cycle_analytics/review_spec.rb
@@ -28,7 +28,7 @@ describe 'CycleAnalytics#review' do
     it "returns nil" do
       MergeRequests::MergeService.new(project, user).execute(create(:merge_request))
 
-      expect(subject[:review].median).to be_nil
+      expect(subject[:review].project_median).to be_nil
     end
   end
 end
diff --git a/spec/models/cycle_analytics/staging_spec.rb b/spec/models/cycle_analytics/staging_spec.rb
index c134b97553f..571792559d8 100644
--- a/spec/models/cycle_analytics/staging_spec.rb
+++ b/spec/models/cycle_analytics/staging_spec.rb
@@ -45,7 +45,7 @@ describe 'CycleAnalytics#staging' do
       MergeRequests::MergeService.new(project, user).execute(merge_request)
       deploy_master(user, project)
 
-      expect(subject[:staging].median).to be_nil
+      expect(subject[:staging].project_median).to be_nil
     end
   end
 
@@ -56,7 +56,7 @@ describe 'CycleAnalytics#staging' do
       MergeRequests::MergeService.new(project, user).execute(merge_request)
       deploy_master(user, project, environment: 'staging')
 
-      expect(subject[:staging].median).to be_nil
+      expect(subject[:staging].project_median).to be_nil
     end
   end
 end
diff --git a/spec/models/cycle_analytics/test_spec.rb b/spec/models/cycle_analytics/test_spec.rb
index a6ea73b2699..7b3001d2bd8 100644
--- a/spec/models/cycle_analytics/test_spec.rb
+++ b/spec/models/cycle_analytics/test_spec.rb
@@ -36,7 +36,7 @@ describe 'CycleAnalytics#test' do
 
       merge_merge_requests_closing_issue(user, project, issue)
 
-      expect(subject[:test].median).to be_nil
+      expect(subject[:test].project_median).to be_nil
     end
   end
 
@@ -47,7 +47,7 @@ describe 'CycleAnalytics#test' do
       pipeline.run!
       pipeline.succeed!
 
-      expect(subject[:test].median).to be_nil
+      expect(subject[:test].project_median).to be_nil
     end
   end
 
@@ -62,7 +62,7 @@ describe 'CycleAnalytics#test' do
 
       merge_merge_requests_closing_issue(user, project, issue)
 
-      expect(subject[:test].median).to be_nil
+      expect(subject[:test].project_median).to be_nil
     end
   end
 
@@ -77,7 +77,7 @@ describe 'CycleAnalytics#test' do
 
       merge_merge_requests_closing_issue(user, project, issue)
 
-      expect(subject[:test].median).to be_nil
+      expect(subject[:test].project_median).to be_nil
     end
   end
 end
diff --git a/spec/serializers/analytics_issue_entity_spec.rb b/spec/serializers/analytics_issue_entity_spec.rb
index 89588b4df2b..dd5e43a4b62 100644
--- a/spec/serializers/analytics_issue_entity_spec.rb
+++ b/spec/serializers/analytics_issue_entity_spec.rb
@@ -9,12 +9,14 @@ describe AnalyticsIssueEntity do
       iid: "1",
       id: "1",
       created_at: "2016-11-12 15:04:02.948604",
-      author: user
+      author: user,
+      name: project.name,
+      path: project.namespace
     }
   end
 
   let(:project) { create(:project) }
-  let(:request) { EntityRequest.new(project: project, entity: :merge_request) }
+  let(:request) { EntityRequest.new(entity: :merge_request) }
 
   let(:entity) do
     described_class.new(entity_hash, request: request, project: project)
diff --git a/spec/serializers/analytics_issue_serializer_spec.rb b/spec/serializers/analytics_issue_serializer_spec.rb
index 5befc28f4fa..c9ffe1c5dad 100644
--- a/spec/serializers/analytics_issue_serializer_spec.rb
+++ b/spec/serializers/analytics_issue_serializer_spec.rb
@@ -3,7 +3,7 @@ require 'spec_helper'
 describe AnalyticsIssueSerializer do
   subject do
     described_class
-      .new(project: project, entity: :merge_request)
+      .new(entity: :merge_request)
       .represent(resource)
   end
 
@@ -16,7 +16,9 @@ describe AnalyticsIssueSerializer do
       iid: "1",
       id: "1",
       created_at: "2016-11-12 15:04:02.948604",
-      author: user
+      author: user,
+      name: project.name,
+      path: project.namespace
     }
   end
 
diff --git a/spec/serializers/analytics_merge_request_serializer_spec.rb b/spec/serializers/analytics_merge_request_serializer_spec.rb
index 62067cc0ef2..123d7d795ce 100644
--- a/spec/serializers/analytics_merge_request_serializer_spec.rb
+++ b/spec/serializers/analytics_merge_request_serializer_spec.rb
@@ -3,7 +3,7 @@ require 'spec_helper'
 describe AnalyticsMergeRequestSerializer do
   subject do
     described_class
-      .new(project: project, entity: :merge_request)
+      .new(entity: :merge_request)
       .represent(resource)
   end
 
@@ -17,7 +17,9 @@ describe AnalyticsMergeRequestSerializer do
       id: "1",
       state: 'open',
       created_at: "2016-11-12 15:04:02.948604",
-      author: user
+      author: user,
+      name: project.name,
+      path: project.namespace
     }
   end
 
diff --git a/spec/serializers/analytics_stage_serializer_spec.rb b/spec/serializers/analytics_stage_serializer_spec.rb
index 5b05c2f2ef3..86a796a2d94 100644
--- a/spec/serializers/analytics_stage_serializer_spec.rb
+++ b/spec/serializers/analytics_stage_serializer_spec.rb
@@ -6,11 +6,11 @@ describe AnalyticsStageSerializer do
   end
 
   let(:resource) do
-    Gitlab::CycleAnalytics::CodeStage.new(project: double, options: {})
+    Gitlab::CycleAnalytics::CodeStage.new(options: { project: double })
   end
 
   before do
-    allow_any_instance_of(Gitlab::CycleAnalytics::BaseStage).to receive(:median).and_return(1.12)
+    allow_any_instance_of(Gitlab::CycleAnalytics::BaseStage).to receive(:project_median).and_return(1.12)
     allow_any_instance_of(Gitlab::CycleAnalytics::BaseEventFetcher).to receive(:event_result).and_return({})
   end
 
@@ -24,7 +24,7 @@ describe AnalyticsStageSerializer do
 
   context 'when median is equal 0' do
     before do
-      allow_any_instance_of(Gitlab::CycleAnalytics::BaseStage).to receive(:median).and_return(0)
+      allow_any_instance_of(Gitlab::CycleAnalytics::BaseStage).to receive(:project_median).and_return(0)
     end
 
     it 'sets the value to nil' do
@@ -34,7 +34,7 @@ describe AnalyticsStageSerializer do
 
   context 'when median is below 1' do
     before do
-      allow_any_instance_of(Gitlab::CycleAnalytics::BaseStage).to receive(:median).and_return(0.12)
+      allow_any_instance_of(Gitlab::CycleAnalytics::BaseStage).to receive(:project_median).and_return(0.12)
     end
 
     it 'sets the value to equal to median' do
@@ -44,7 +44,7 @@ describe AnalyticsStageSerializer do
 
   context 'when median is above 1' do
     before do
-      allow_any_instance_of(Gitlab::CycleAnalytics::BaseStage).to receive(:median).and_return(60.12)
+      allow_any_instance_of(Gitlab::CycleAnalytics::BaseStage).to receive(:project_median).and_return(60.12)
     end
 
     it 'sets the value to equal to median' do
diff --git a/spec/support/cycle_analytics_helpers/test_generation.rb b/spec/support/cycle_analytics_helpers/test_generation.rb
index 19b32c84d81..be1c2bc3046 100644
--- a/spec/support/cycle_analytics_helpers/test_generation.rb
+++ b/spec/support/cycle_analytics_helpers/test_generation.rb
@@ -50,7 +50,7 @@ module CycleAnalyticsHelpers
               end
 
               median_time_difference = time_differences.sort[2]
-              expect(subject[phase].median).to be_within(5).of(median_time_difference)
+              expect(subject[phase].project_median).to be_within(5).of(median_time_difference)
             end
 
             context "when the data belongs to another project" do
@@ -80,7 +80,7 @@ module CycleAnalyticsHelpers
                 # Turn off the stub before checking assertions
                 allow(self).to receive(:project).and_call_original
 
-                expect(subject[phase].median).to be_nil
+                expect(subject[phase].project_median).to be_nil
               end
             end
 
@@ -103,7 +103,7 @@ module CycleAnalyticsHelpers
 
                 Timecop.freeze(end_time + 1.day) { post_fn[self, data] } if post_fn
 
-                expect(subject[phase].median).to be_nil
+                expect(subject[phase].project_median).to be_nil
               end
             end
           end
@@ -121,7 +121,7 @@ module CycleAnalyticsHelpers
 
               Timecop.freeze(end_time + 1.day) { post_fn[self, data] } if post_fn
 
-              expect(subject[phase].median).to be_nil
+              expect(subject[phase].project_median).to be_nil
             end
           end
         end
@@ -138,7 +138,7 @@ module CycleAnalyticsHelpers
 
               post_fn[self, data] if post_fn
 
-              expect(subject[phase].median).to be_nil
+              expect(subject[phase].project_median).to be_nil
             end
           end
         end
@@ -146,7 +146,7 @@ module CycleAnalyticsHelpers
 
       context "when none of the start / end conditions are matched" do
         it "returns nil" do
-          expect(subject[phase].median).to be_nil
+          expect(subject[phase].project_median).to be_nil
         end
       end
     end
-- 
cgit v1.2.1


From 382a13c015538783ca90b27362ad3c821644ef55 Mon Sep 17 00:00:00 2001
From: Ben Kochie <bjk@gitlab.com>
Date: Mon, 15 Jul 2019 14:27:35 +0200
Subject: Update example Prometheus scrape config

Use a full real-world example that is compatible with the omnibus
dashboards and follows Prometheus best practices.
---
 changelogs/unreleased/bjk-fix_prom_example.yml    |  5 +++
 doc/administration/monitoring/prometheus/index.md | 54 ++++++++++++++++++++---
 2 files changed, 52 insertions(+), 7 deletions(-)
 create mode 100644 changelogs/unreleased/bjk-fix_prom_example.yml

diff --git a/changelogs/unreleased/bjk-fix_prom_example.yml b/changelogs/unreleased/bjk-fix_prom_example.yml
new file mode 100644
index 00000000000..2f81bc6196b
--- /dev/null
+++ b/changelogs/unreleased/bjk-fix_prom_example.yml
@@ -0,0 +1,5 @@
+---
+title: Update example Prometheus scrape config
+merge_request: 30739
+author:
+type: other
diff --git a/doc/administration/monitoring/prometheus/index.md b/doc/administration/monitoring/prometheus/index.md
index 341ea3330d7..c8968c51393 100644
--- a/doc/administration/monitoring/prometheus/index.md
+++ b/doc/administration/monitoring/prometheus/index.md
@@ -134,17 +134,57 @@ To use an external Prometheus server:
 
    ```yaml
    scrape_configs:
-   - job_name: 'gitlab_exporters'
+   - job_name: nginx
      static_configs:
-     - targets: ['1.1.1.1:9168', '1.1.1.1:9236', '1.1.1.1:9236', '1.1.1.1:9100', '1.1.1.1:9121', '1.1.1.1:9187']
-
-   - job_name: 'gitlab_metrics'
-     metrics_path: /-/metrics
+     - targets:
+       - 1.1.1.1:8060
+   - job_name: redis
+     static_configs:
+     - targets:
+       - 1.1.1.1:9121
+   - job_name: postgres
+     static_configs:
+     - targets:
+       - 1.1.1.1:9187
+   - job_name: node
+     static_configs:
+     - targets:
+       - 1.1.1.1:9100
+   - job_name: gitlab-workhorse
+     static_configs:
+     - targets:
+       - 1.1.1.1:9229
+   - job_name: gitlab-rails
+     metrics_path: "/-/metrics"
+     static_configs:
+     - targets:
+       - 1.1.1.1:8080
+   - job_name: gitlab-sidekiq
+     static_configs:
+     - targets:
+       - 1.1.1.1:8082
+   - job_name: gitlab_monitor_database
+     metrics_path: "/database"
+     static_configs:
+     - targets:
+       - 1.1.1.1:9168
+   - job_name: gitlab_monitor_sidekiq
+     metrics_path: "/sidekiq"
+     static_configs:
+     - targets:
+       - 1.1.1.1:9168
+   - job_name: gitlab_monitor_process
+     metrics_path: "/process"
+     static_configs:
+     - targets:
+       - 1.1.1.1:9168
+   - job_name: gitaly
      static_configs:
-     - targets: ['1.1.1.1:443']
+     - targets:
+       - 1.1.1.1:9236
    ```
 
-1. Restart the Prometheus server.
+1. Reload the Prometheus server.
 
 ## Viewing performance metrics
 
-- 
cgit v1.2.1


From 70d74f4730d69d61b07362fbe953c37494a732ca Mon Sep 17 00:00:00 2001
From: Grzegorz Bizon <grzesiek.bizon@gmail.com>
Date: Mon, 15 Jul 2019 15:18:50 +0200
Subject: Update docs on serverless apps deployments

---
 doc/user/project/clusters/serverless/index.md | 37 ++++++++++++---------------
 1 file changed, 16 insertions(+), 21 deletions(-)

diff --git a/doc/user/project/clusters/serverless/index.md b/doc/user/project/clusters/serverless/index.md
index 14ee6303bf9..a32759c7bdc 100644
--- a/doc/user/project/clusters/serverless/index.md
+++ b/doc/user/project/clusters/serverless/index.md
@@ -41,8 +41,7 @@ To run Knative on Gitlab, you will need:
    external IP address or hostname for that domain.
 1. **`.gitlab-ci.yml`:** GitLab uses [Kaniko](https://github.com/GoogleContainerTools/kaniko)
    to build the application. We also use [gitlabktl](https://gitlab.com/gitlab-org/gitlabktl)
-   and [TriggerMesh CLI](https://github.com/triggermesh/tm) CLIs to simplify the
-   deployment of services and functions to Knative.
+   CLI to simplify the deployment of services and functions to Knative.
 1. **`serverless.yml`** (for [functions only](#deploying-functions)): When using serverless to deploy functions, the `serverless.yml` file
    will contain the information for all the functions being hosted in the repository as well as a reference to the
    runtime being used.
@@ -249,7 +248,7 @@ Explanation of the fields used above:
 
 | Parameter | Description |
 |-----------|-------------|
-| `name` | Indicates which provider is used to execute the `serverless.yml` file. In this case, the TriggerMesh `tm` CLI. |
+| `name` | Indicates which provider is used to execute the `serverless.yml` file. In this case, the TriggerMesh middleware. |
 | `environment` | Includes the environment variables to be passed as part of function execution for **all** functions in the file, where `FOO` is the variable name and `BAR` are he variable contents. You may replace this with you own variables. |
 
 ### `functions`
@@ -343,27 +342,23 @@ Go to the **CI/CD > Pipelines** and click on the pipeline that deployed your app
 The output will look like this:
 
 ```bash
-Running with gitlab-runner 11.5.0~beta.844.g96d88322 (96d88322)
-  on docker-auto-scale 72989761
-Using Docker executor with image gcr.io/triggermesh/tm@sha256:e3ee74db94d215bd297738d93577481f3e4db38013326c90d57f873df7ab41d5 ...
-Pulling docker image gcr.io/triggermesh/tm@sha256:e3ee74db94d215bd297738d93577481f3e4db38013326c90d57f873df7ab41d5 ...
-Using docker image sha256:6b3f6590a9b30bd7aafb9573f047d930c70066e43955b4beb18a1eee175f6de1 for gcr.io/triggermesh/tm@sha256:e3ee74db94d215bd297738d93577481f3e4db38013326c90d57f873df7ab41d5 ...
-Running on runner-72989761-project-4342902-concurrent-0 via runner-72989761-stg-srm-1541795796-27929c96...
-Cloning repository...
-Cloning into '/builds/danielgruesso/knative'...
-Checking out 8671ad20 as master...
-Skipping Git submodules setup
-$ echo "$CI_REGISTRY_IMAGE"
-registry.staging.gitlab.com/danielgruesso/knative
-$ tm -n "$KUBE_NAMESPACE" --config "$KUBECONFIG" deploy service "$CI_PROJECT_NAME" --from-image "$CI_REGISTRY_IMAGE" --wait
-Deployment started. Run "tm -n knative-4342902 describe service knative" to see the details
-Waiting for ready state.......
-Service domain: knative.knative-4342902.example.com
+Running with gitlab-runner 12.1.0-rc1 (6da35412)
+  on prm-com-gitlab-org ae3bfce3
+Using Docker executor with image registry.gitlab.com/gitlab-org/gitlabktl:latest ...
+Running on runner-ae3bfc-concurrent-0 via runner-ae3bfc ...
+Fetching changes...
+Authenticating with credentials from job payload (GitLab Registry)
+$ /usr/bin/gitlabktl application deploy
+Welcome to gitlabktl tool
+time="2019-07-15T10:51:07Z" level=info msg="deploying registry credentials"
+Creating app-hello function
+Waiting for app-hello ready state
+Service app-hello URL: http://app-hello.serverless.example.com
 Job succeeded
 ```
 
-The second to last line, labeled **Service domain** contains the URL for the deployment. Copy and paste the domain into your
-browser to see the app live.
+The second to last line, labeled **Service domain** contains the URL for the
+deployment. Copy and paste the domain into your browser to see the app live.
 
 ![knative app](img/knative-app.png)
 
-- 
cgit v1.2.1


From d2400a990822dc291382761753e3fc08250fc7f2 Mon Sep 17 00:00:00 2001
From: Grzegorz Bizon <grzesiek.bizon@gmail.com>
Date: Mon, 15 Jul 2019 15:20:10 +0200
Subject: Add changelog entry for serverless apps deployment

---
 .../unreleased/feature-gb-serverless-app-deployment-template.yml     | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changelogs/unreleased/feature-gb-serverless-app-deployment-template.yml

diff --git a/changelogs/unreleased/feature-gb-serverless-app-deployment-template.yml b/changelogs/unreleased/feature-gb-serverless-app-deployment-template.yml
new file mode 100644
index 00000000000..bd9001bd671
--- /dev/null
+++ b/changelogs/unreleased/feature-gb-serverless-app-deployment-template.yml
@@ -0,0 +1,5 @@
+---
+title: Deploy serverless apps with gitlabktl
+merge_request: 30740
+author:
+type: added
-- 
cgit v1.2.1


From 72cddf5a1f7e851864661ad97a611b1ef8d5563a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ma=C5=82gorzata=20Ksionek?= <mksionek@gitlab.com>
Date: Mon, 15 Jul 2019 16:22:15 +0200
Subject: Fix test stage specs

---
 spec/lib/gitlab/cycle_analytics/test_stage_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/lib/gitlab/cycle_analytics/test_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/test_stage_spec.rb
index 8633a63849f..41028c44a00 100644
--- a/spec/lib/gitlab/cycle_analytics/test_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/test_stage_spec.rb
@@ -4,7 +4,7 @@ require 'lib/gitlab/cycle_analytics/shared_stage_spec'
 describe Gitlab::CycleAnalytics::TestStage do
   let(:stage_name) { :test }
   let(:project) { create(:project) }
-  let(:stage) { described_class.new(project: project, options: { from: 2.days.ago, current_user: project.creator }) }
+  let(:stage) { described_class.new(options: { from: 2.days.ago, current_user: project.creator, project: project }) }
 
   it_behaves_like 'base stage'
 
@@ -36,7 +36,7 @@ describe Gitlab::CycleAnalytics::TestStage do
     end
 
     it 'counts median from issues with metrics' do
-      expect(stage.median).to eq(ISSUES_MEDIAN)
+      expect(stage.project_median).to eq(ISSUES_MEDIAN)
     end
   end
 end
-- 
cgit v1.2.1


From 1e3877a9c86a3651b12c2f01310e68599b15f8b8 Mon Sep 17 00:00:00 2001
From: Phil Hughes <me@iamphill.com>
Date: Wed, 10 Jul 2019 13:17:45 +0100
Subject: Added add to tree dropdown to Vue files breadcrumb

---
 .../repository/components/breadcrumbs.vue          | 186 +++++++++++++++++++++
 app/assets/javascripts/repository/index.js         |  50 ++++--
 .../queries/getPermissions.query.graphql           |   9 +
 app/helpers/tree_helper.rb                         |  32 ++++
 app/views/projects/_files.html.haml                |   3 +
 app/views/projects/tree/_tree_header.html.haml     |   2 +-
 locale/gitlab.pot                                  |   9 +
 .../repository/components/breadcrumbs_spec.js      |  20 ++-
 8 files changed, 296 insertions(+), 15 deletions(-)
 create mode 100644 app/assets/javascripts/repository/queries/getPermissions.query.graphql

diff --git a/app/assets/javascripts/repository/components/breadcrumbs.vue b/app/assets/javascripts/repository/components/breadcrumbs.vue
index 67963dc1923..afb58a60155 100644
--- a/app/assets/javascripts/repository/components/breadcrumbs.vue
+++ b/app/assets/javascripts/repository/components/breadcrumbs.vue
@@ -1,12 +1,41 @@
 <script>
+import { GlDropdown, GlDropdownDivider, GlDropdownHeader, GlDropdownItem } from '@gitlab/ui';
+import { __ } from '../../locale';
+import Icon from '../../vue_shared/components/icon.vue';
 import getRefMixin from '../mixins/get_ref';
 import getProjectShortPath from '../queries/getProjectShortPath.query.graphql';
+import getProjectPath from '../queries/getProjectPath.query.graphql';
+import getPermissions from '../queries/getPermissions.query.graphql';
+
+const ROW_TYPES = {
+  header: 'header',
+  divider: 'divider',
+};
 
 export default {
+  components: {
+    GlDropdown,
+    GlDropdownDivider,
+    GlDropdownHeader,
+    GlDropdownItem,
+    Icon,
+  },
   apollo: {
     projectShortPath: {
       query: getProjectShortPath,
     },
+    projectPath: {
+      query: getProjectPath,
+    },
+    userPermissions: {
+      query: getPermissions,
+      variables() {
+        return {
+          projectPath: this.projectPath,
+        };
+      },
+      update: data => data.project.userPermissions,
+    },
   },
   mixins: [getRefMixin],
   props: {
@@ -15,10 +44,52 @@ export default {
       required: false,
       default: '/',
     },
+    canCollaborate: {
+      type: Boolean,
+      required: false,
+      default: false,
+    },
+    canEditTree: {
+      type: Boolean,
+      required: false,
+      default: false,
+    },
+    newBranchPath: {
+      type: String,
+      required: false,
+      default: null,
+    },
+    newTagPath: {
+      type: String,
+      required: false,
+      default: null,
+    },
+    newBlobPath: {
+      type: String,
+      required: false,
+      default: null,
+    },
+    forkNewBlobPath: {
+      type: String,
+      required: false,
+      default: null,
+    },
+    forkNewDirectoryPath: {
+      type: String,
+      required: false,
+      default: null,
+    },
+    forkUploadBlobPath: {
+      type: String,
+      required: false,
+      default: null,
+    },
   },
   data() {
     return {
       projectShortPath: '',
+      projectPath: '',
+      userPermissions: {},
     };
   },
   computed: {
@@ -39,11 +110,112 @@ export default {
           [{ name: this.projectShortPath, path: '/', to: `/tree/${this.ref}/` }],
         );
     },
+    canCreateMrFromFork() {
+      return this.userPermissions.forkProject && this.userPermissions.createMergeRequestIn;
+    },
+    dropdownItems() {
+      const items = [];
+
+      if (this.canEditTree) {
+        items.push(
+          {
+            type: ROW_TYPES.header,
+            text: __('This directory'),
+          },
+          {
+            attrs: {
+              href: this.newBlobPath,
+              class: 'qa-new-file-option',
+            },
+            text: __('New file'),
+          },
+          {
+            attrs: {
+              href: '#modal-upload-blob',
+              'data-target': '#modal-upload-blob',
+              'data-toggle': 'modal',
+            },
+            text: __('Upload file'),
+          },
+          {
+            attrs: {
+              href: '#modal-create-new-dir',
+              'data-target': '#modal-create-new-dir',
+              'data-toggle': 'modal',
+            },
+            text: __('New directory'),
+          },
+        );
+      } else if (this.canCreateMrFromFork) {
+        items.push(
+          {
+            attrs: {
+              href: this.forkNewBlobPath,
+              'data-method': 'post',
+            },
+            text: __('New file'),
+          },
+          {
+            attrs: {
+              href: this.forkUploadBlobPath,
+              'data-method': 'post',
+            },
+            text: __('Upload file'),
+          },
+          {
+            attrs: {
+              href: this.forkNewDirectoryPath,
+              'data-method': 'post',
+            },
+            text: __('New directory'),
+          },
+        );
+      }
+
+      if (this.userPermissions.pushCode) {
+        items.push(
+          {
+            type: ROW_TYPES.divider,
+          },
+          {
+            type: ROW_TYPES.header,
+            text: __('This repository'),
+          },
+          {
+            attrs: {
+              href: this.newBranchPath,
+            },
+            text: __('New branch'),
+          },
+          {
+            attrs: {
+              href: this.newTagPath,
+            },
+            text: __('New tag'),
+          },
+        );
+      }
+
+      return items;
+    },
+    renderAddToTreeDropdown() {
+      return this.canCollaborate || this.canCreateMrFromFork;
+    },
   },
   methods: {
     isLast(i) {
       return i === this.pathLinks.length - 1;
     },
+    getComponent(type) {
+      switch (type) {
+        case ROW_TYPES.divider:
+          return 'gl-dropdown-divider';
+        case ROW_TYPES.header:
+          return 'gl-dropdown-header';
+        default:
+          return 'gl-dropdown-item';
+      }
+    },
   },
 };
 </script>
@@ -56,6 +228,20 @@ export default {
           {{ link.name }}
         </router-link>
       </li>
+      <li v-if="renderAddToTreeDropdown" class="breadcrumb-item">
+        <gl-dropdown toggle-class="add-to-tree qa-add-to-tree ml-1">
+          <template slot="button-content">
+            <span class="sr-only">{{ __('Add to tree') }}</span>
+            <icon name="plus" :size="16" class="float-left" />
+            <icon name="arrow-down" :size="16" class="float-left" />
+          </template>
+          <template v-for="(item, i) in dropdownItems">
+            <component :is="getComponent(item.type)" :key="i" v-bind="item.attrs">
+              {{ item.text }}
+            </component>
+          </template>
+        </gl-dropdown>
+      </li>
     </ol>
   </nav>
 </template>
diff --git a/app/assets/javascripts/repository/index.js b/app/assets/javascripts/repository/index.js
index ea051eaa414..f9727960040 100644
--- a/app/assets/javascripts/repository/index.js
+++ b/app/assets/javascripts/repository/index.js
@@ -5,6 +5,7 @@ import Breadcrumbs from './components/breadcrumbs.vue';
 import LastCommit from './components/last_commit.vue';
 import apolloProvider from './graphql';
 import { setTitle } from './utils/title';
+import { parseBoolean } from '../lib/utils/common_utils';
 
 export default function setupVueRepositoryList() {
   const el = document.getElementById('js-tree-list');
@@ -36,19 +37,42 @@ export default function setupVueRepositoryList() {
       .forEach(elem => elem.classList.toggle('hidden', !isRoot));
   });
 
-  // eslint-disable-next-line no-new
-  new Vue({
-    el: document.getElementById('js-repo-breadcrumb'),
-    router,
-    apolloProvider,
-    render(h) {
-      return h(Breadcrumbs, {
-        props: {
-          currentPath: this.$route.params.pathMatch,
-        },
-      });
-    },
-  });
+  const breadcrumbEl = document.getElementById('js-repo-breadcrumb');
+
+  if (breadcrumbEl) {
+    const {
+      canCollaborate,
+      canEditTree,
+      newBranchPath,
+      newTagPath,
+      newBlobPath,
+      forkNewBlobPath,
+      forkNewDirectoryPath,
+      forkUploadBlobPath,
+    } = breadcrumbEl.dataset;
+
+    // eslint-disable-next-line no-new
+    new Vue({
+      el: breadcrumbEl,
+      router,
+      apolloProvider,
+      render(h) {
+        return h(Breadcrumbs, {
+          props: {
+            currentPath: this.$route.params.pathMatch,
+            canCollaborate: parseBoolean(canCollaborate),
+            canEditTree: parseBoolean(canEditTree),
+            newBranchPath,
+            newTagPath,
+            newBlobPath,
+            forkNewBlobPath,
+            forkNewDirectoryPath,
+            forkUploadBlobPath,
+          },
+        });
+      },
+    });
+  }
 
   // eslint-disable-next-line no-new
   new Vue({
diff --git a/app/assets/javascripts/repository/queries/getPermissions.query.graphql b/app/assets/javascripts/repository/queries/getPermissions.query.graphql
new file mode 100644
index 00000000000..092fa44e2d0
--- /dev/null
+++ b/app/assets/javascripts/repository/queries/getPermissions.query.graphql
@@ -0,0 +1,9 @@
+query getPermissions($projectPath: ID!) {
+  project(fullPath: $projectPath) {
+    userPermissions {
+      pushCode
+      forkProject
+      createMergeRequestIn
+    }
+  }
+}
diff --git a/app/helpers/tree_helper.rb b/app/helpers/tree_helper.rb
index a3575462de0..bb1cdcb1b31 100644
--- a/app/helpers/tree_helper.rb
+++ b/app/helpers/tree_helper.rb
@@ -154,4 +154,36 @@ module TreeHelper
       "logs-path" => logs_path
     }
   end
+
+  def breadcrumb_data_attributes
+    attrs = {
+      can_collaborate: can_collaborate_with_project?(@project).to_s,
+      new_blob_path: project_new_blob_path(@project, @id),
+      new_branch_path: new_project_branch_path(@project),
+      new_tag_path: new_project_tag_path(@project),
+      can_edit_tree: can_edit_tree?.to_s
+    }
+
+    if can?(current_user, :fork_project, @project) && can?(current_user, :create_merge_request_in, @project)
+      continue_param = {
+        to: project_new_blob_path(@project, @id),
+        notice: edit_in_new_fork_notice,
+        notice_now: edit_in_new_fork_notice_now
+      }
+
+      attrs.merge!(
+        fork_new_blob_path: project_forks_path(@project, namespace_key: current_user.namespace.id, continue: continue_param),
+        fork_new_directory_path: project_forks_path(@project, namespace_key: current_user.namespace.id, continue: continue_param.merge({
+          to: request.fullpath,
+          notice: _("%{edit_in_new_fork_notice} Try to create a new directory again.") % { edit_in_new_fork_notice: edit_in_new_fork_notice }
+        })),
+        fork_upload_blob_path: project_forks_path(@project, namespace_key: current_user.namespace.id, continue: continue_param.merge({
+          to: request.fullpath,
+          notice: _("%{edit_in_new_fork_notice} Try to upload a file again.") % { edit_in_new_fork_notice: edit_in_new_fork_notice }
+        }))
+      )
+    end
+
+    attrs
+  end
 end
diff --git a/app/views/projects/_files.html.haml b/app/views/projects/_files.html.haml
index 6763513f9ae..95fdad125a7 100644
--- a/app/views/projects/_files.html.haml
+++ b/app/views/projects/_files.html.haml
@@ -20,6 +20,9 @@
 
   - if vue_file_list_enabled?
     #js-tree-list{ data: { project_path: @project.full_path, project_short_path: @project.path, ref: ref, full_name: @project.name_with_namespace } }
+    - if can_edit_tree?
+      = render 'projects/blob/upload', title: _('Upload New File'), placeholder: _('Upload New File'), button_title: _('Upload file'), form_path: project_create_blob_path(@project, @id), method: :post
+      = render 'projects/blob/new_dir'
     - if @tree.readme
       = render "projects/tree/readme", readme: @tree.readme
   - else
diff --git a/app/views/projects/tree/_tree_header.html.haml b/app/views/projects/tree/_tree_header.html.haml
index 1d0bc588c9c..41cd044a5b0 100644
--- a/app/views/projects/tree/_tree_header.html.haml
+++ b/app/views/projects/tree/_tree_header.html.haml
@@ -11,7 +11,7 @@
       - addtotree_toggle_attributes = { title: _("You can only add files when you are on a branch"), data: { container: 'body' }, class: 'disabled has-tooltip' }
 
   - if vue_file_list_enabled?
-    #js-repo-breadcrumb
+    #js-repo-breadcrumb{ data: breadcrumb_data_attributes }
   - else
     %ul.breadcrumb.repo-breadcrumb
       %li.breadcrumb-item
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index b1fe304e46f..8cd1c27ec56 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -138,9 +138,15 @@ msgstr[1] ""
 msgid "%{edit_in_new_fork_notice} Try to cherry-pick this commit again."
 msgstr ""
 
+msgid "%{edit_in_new_fork_notice} Try to create a new directory again."
+msgstr ""
+
 msgid "%{edit_in_new_fork_notice} Try to revert this commit again."
 msgstr ""
 
+msgid "%{edit_in_new_fork_notice} Try to upload a file again."
+msgstr ""
+
 msgid "%{filePath} deleted"
 msgstr ""
 
@@ -707,6 +713,9 @@ msgstr ""
 msgid "Add to review"
 msgstr ""
 
+msgid "Add to tree"
+msgstr ""
+
 msgid "Add user(s) to the group:"
 msgstr ""
 
diff --git a/spec/frontend/repository/components/breadcrumbs_spec.js b/spec/frontend/repository/components/breadcrumbs_spec.js
index 068fa317a87..707eae34793 100644
--- a/spec/frontend/repository/components/breadcrumbs_spec.js
+++ b/spec/frontend/repository/components/breadcrumbs_spec.js
@@ -1,12 +1,14 @@
 import { shallowMount, RouterLinkStub } from '@vue/test-utils';
+import { GlDropdown } from '@gitlab/ui';
 import Breadcrumbs from '~/repository/components/breadcrumbs.vue';
 
 let vm;
 
-function factory(currentPath) {
+function factory(currentPath, extraProps = {}) {
   vm = shallowMount(Breadcrumbs, {
     propsData: {
       currentPath,
+      ...extraProps,
     },
     stubs: {
       RouterLink: RouterLinkStub,
@@ -41,4 +43,20 @@ describe('Repository breadcrumbs component', () => {
         .attributes('aria-current'),
     ).toEqual('page');
   });
+
+  it('does not render add to tree dropdown when permissions are false', () => {
+    factory('/', { canCollaborate: false });
+
+    vm.setData({ userPermissions: { forkProject: false, createMergeRequestIn: false } });
+
+    expect(vm.find(GlDropdown).exists()).toBe(false);
+  });
+
+  it('renders add to tree dropdown when permissions are true', () => {
+    factory('/', { canCollaborate: true });
+
+    vm.setData({ userPermissions: { forkProject: true, createMergeRequestIn: true } });
+
+    expect(vm.find(GlDropdown).exists()).toBe(true);
+  });
 });
-- 
cgit v1.2.1


From a5ca1e488d350d48a42f757a765835dc1bf4663d Mon Sep 17 00:00:00 2001
From: Douglas Barbosa Alexandre <dbalexandre@gmail.com>
Date: Fri, 12 Jul 2019 16:52:55 -0300
Subject: Update current limitations for automatic background verification

---
 .../geo/disaster_recovery/background_verification.md    | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/doc/administration/geo/disaster_recovery/background_verification.md b/doc/administration/geo/disaster_recovery/background_verification.md
index 8eee9427b56..27866b7536e 100644
--- a/doc/administration/geo/disaster_recovery/background_verification.md
+++ b/doc/administration/geo/disaster_recovery/background_verification.md
@@ -171,14 +171,21 @@ If the **primary** and **secondary** nodes have a checksum verification mismatch
 
 ## Current limitations
 
-Until [issue #5064][ee-5064] is completed, background verification doesn't cover
-CI job artifacts and traces, LFS objects, or user uploads in file storage.
-Verify their integrity manually by following [these instructions][foreground-verification]
-on both nodes, and comparing the output between them.
+Automatic background verification doesn't cover attachments, LFS objects,
+job artifacts, and user uploads in file storage. You can keep track of the
+progress to include them in [ee-1430]. For now, you can verify their integrity
+manually by following [these instructions][foreground-verification] on both
+nodes, and comparing the output between them.
+
+In GitLab EE 12.1, Geo calculates checksums for attachments, LFS objects and
+archived traces on secondary nodes after the transfer, compares it with the
+stored checksums, and rejects transfers if mismatched. Please note that Geo
+currently does not support an automatic way to verify these data if they have
+been synced before GitLab EE 12.1.
 
 Data in object storage is **not verified**, as the object store is responsible
 for ensuring the integrity of the data.
 
 [reset-verification]: background_verification.md#reset-verification-for-projects-where-verification-has-failed
 [foreground-verification]: ../../raketasks/check.md
-[ee-5064]: https://gitlab.com/gitlab-org/gitlab-ee/issues/5064
+[ee-1430]: https://gitlab.com/groups/gitlab-org/-/epics/1430
-- 
cgit v1.2.1


From 9b4b4e74130839062932083c214589c67ccfea51 Mon Sep 17 00:00:00 2001
From: Sanad Liaquat <sliaquat@gitlab.com>
Date: Mon, 15 Jul 2019 22:32:43 +0500
Subject: Backport ee to ce

---
 qa/qa/page/project/sub_menus/common.rb | 6 +++++-
 qa/qa/resource/merge_request.rb        | 3 +++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/qa/qa/page/project/sub_menus/common.rb b/qa/qa/page/project/sub_menus/common.rb
index c94e1e85256..3c9e8085748 100644
--- a/qa/qa/page/project/sub_menus/common.rb
+++ b/qa/qa/page/project/sub_menus/common.rb
@@ -12,7 +12,11 @@ module QA
           end
 
           def within_submenu
-            within('.fly-out-list') do
+            if has_css?('.fly-out-list')
+              within('.fly-out-list') do
+                yield
+              end
+            else
               yield
             end
           end
diff --git a/qa/qa/resource/merge_request.rb b/qa/qa/resource/merge_request.rb
index 45cb317e0eb..7969de726e4 100644
--- a/qa/qa/resource/merge_request.rb
+++ b/qa/qa/resource/merge_request.rb
@@ -9,6 +9,7 @@ module QA
                     :description,
                     :source_branch,
                     :target_branch,
+                    :target_new_branch,
                     :assignee,
                     :milestone,
                     :labels,
@@ -27,6 +28,7 @@ module QA
         Repository::ProjectPush.fabricate! do |resource|
           resource.project = project
           resource.branch_name = 'master'
+          resource.new_branch = @target_new_branch
           resource.remote_branch = target_branch
         end
       end
@@ -52,6 +54,7 @@ module QA
         @labels = []
         @file_name = "added_file.txt"
         @file_content = "File Added"
+        @target_new_branch = true
       end
 
       def fabricate!
-- 
cgit v1.2.1


From 119be7ffd12d72b0871357330145efbacef4d4e6 Mon Sep 17 00:00:00 2001
From: ddavison <ddavison@gitlab.com>
Date: Mon, 15 Jul 2019 15:54:05 -0700
Subject: Refactor more common Page Objects to use data tags

Common usages within GitLab QA include login page, navbars and layouts
---
 app/views/devise/shared/_signup_box.html.haml     | 14 ++++++------
 app/views/doorkeeper/authorizations/new.html.haml |  2 +-
 qa/qa/page/main/oauth.rb                          |  4 ++--
 qa/qa/page/main/sign_up.rb                        | 26 +++++++++++------------
 4 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/app/views/devise/shared/_signup_box.html.haml b/app/views/devise/shared/_signup_box.html.haml
index 034273558bb..074edf645ba 100644
--- a/app/views/devise/shared/_signup_box.html.haml
+++ b/app/views/devise/shared/_signup_box.html.haml
@@ -7,26 +7,26 @@
         = render "devise/shared/error_messages", resource: resource
       .name.form-group
         = f.label :name, _('Full name'), class: 'label-bold'
-        = f.text_field :name, class: "form-control top qa-new-user-name js-block-emoji js-validate-length", :data => { :max_length => max_name_length, :max_length_message => s_("SignUp|Name is too long (maximum is %{max_length} characters).") % { max_length: max_name_length } }, required: true, title: _("This field is required.")
+        = f.text_field :name, class: "form-control top js-block-emoji js-validate-length", :data => { :max_length => max_name_length, :max_length_message => s_("SignUp|Name is too long (maximum is %{max_length} characters).") % { max_length: max_name_length }, :qa_selector => 'new_user_name_field' }, required: true, title: _("This field is required.")
       .username.form-group
         = f.label :username, class: 'label-bold'
-        = f.text_field :username, class: "form-control middle qa-new-user-username js-block-emoji js-validate-length js-validate-username", :data => { :max_length => max_username_length, :max_length_message => s_("SignUp|Username is too long (maximum is %{max_length} characters).") % { max_length: max_username_length } }, pattern: Gitlab::PathRegex::NAMESPACE_FORMAT_REGEX_JS, required: true, title: _("Please create a username with only alphanumeric characters.")
+        = f.text_field :username, class: "form-control middle js-block-emoji js-validate-length js-validate-username", :data => { :max_length => max_username_length, :max_length_message => s_("SignUp|Username is too long (maximum is %{max_length} characters).") % { max_length: max_username_length }, :qa_selector => 'new_user_username_field' }, pattern: Gitlab::PathRegex::NAMESPACE_FORMAT_REGEX_JS, required: true, title: _("Please create a username with only alphanumeric characters.")
         %p.validation-error.gl-field-error-ignore.field-validation.hide= _('Username is already taken.')
         %p.validation-success.gl-field-error-ignore.field-validation.hide= _('Username is available.')
         %p.validation-pending.gl-field-error-ignore.field-validation.hide= _('Checking username availability...')
       .form-group
         = f.label :email, class: 'label-bold'
-        = f.email_field :email, class: "form-control middle qa-new-user-email", required: true, title: _("Please provide a valid email address.")
+        = f.email_field :email, class: "form-control middle", data: { qa_selector: 'new_user_email_field' }, required: true, title: _("Please provide a valid email address.")
       .form-group
         = f.label :email_confirmation, class: 'label-bold'
-        = f.email_field :email_confirmation, class: "form-control middle qa-new-user-email-confirmation", required: true, title: _("Please retype the email address.")
+        = f.email_field :email_confirmation, class: "form-control middle", data: { qa_selector: 'new_user_email_confirmation_field' }, required: true, title: _("Please retype the email address.")
       .form-group.append-bottom-20#password-strength
         = f.label :password, class: 'label-bold'
-        = f.password_field :password, class: "form-control bottom qa-new-user-password", required: true, pattern: ".{#{@minimum_password_length},}", title: _("Minimum length is %{minimum_password_length} characters.") % { minimum_password_length: @minimum_password_length }
+        = f.password_field :password, class: "form-control bottom", data: { qa_selector: 'new_user_password_field' }, required: true, pattern: ".{#{@minimum_password_length},}", title: _("Minimum length is %{minimum_password_length} characters.") % { minimum_password_length: @minimum_password_length }
         %p.gl-field-hint.text-secondary= _('Minimum length is %{minimum_password_length} characters') % { minimum_password_length: @minimum_password_length }
       - if Gitlab::CurrentSettings.current_application_settings.enforce_terms?
         .form-group
-          = check_box_tag :terms_opt_in, '1', false, required: true, class: 'qa-new-user-accept-terms'
+          = check_box_tag :terms_opt_in, '1', false, required: true, data: { qa_selector: 'new_user_accept_terms_checkbox' }
           = label_tag :terms_opt_in do
             - terms_link = link_to s_("I accept the|Terms of Service and Privacy Policy"), terms_path, target: "_blank"
             - accept_terms_label = _("I accept the %{terms_link}") % { terms_link: terms_link }
@@ -36,4 +36,4 @@
       - if show_recaptcha_sign_up?
         = recaptcha_tags
       .submit-container
-        = f.submit _("Register"), class: "btn-register btn qa-new-user-register-button"
+        = f.submit _("Register"), class: "btn-register btn", data: { qa_selector: 'new_user_register_button' }
diff --git a/app/views/doorkeeper/authorizations/new.html.haml b/app/views/doorkeeper/authorizations/new.html.haml
index dae9a7acf6b..5d57337a568 100644
--- a/app/views/doorkeeper/authorizations/new.html.haml
+++ b/app/views/doorkeeper/authorizations/new.html.haml
@@ -46,4 +46,4 @@
             = hidden_field_tag :response_type, @pre_auth.response_type
             = hidden_field_tag :scope, @pre_auth.scope
             = hidden_field_tag :nonce, @pre_auth.nonce
-            = submit_tag _("Authorize"), class: "btn btn-success prepend-left-10"
+            = submit_tag _("Authorize"), class: "btn btn-success prepend-left-10", data: { qa_selector: 'authorization_button' }
diff --git a/qa/qa/page/main/oauth.rb b/qa/qa/page/main/oauth.rb
index 5f6ddb9a114..2b1a9ab2b6a 100644
--- a/qa/qa/page/main/oauth.rb
+++ b/qa/qa/page/main/oauth.rb
@@ -5,7 +5,7 @@ module QA
     module Main
       class OAuth < Page::Base
         view 'app/views/doorkeeper/authorizations/new.html.haml' do
-          element :authorization_button, 'submit_tag _("Authorize")' # rubocop:disable QA/ElementWithPattern
+          element :authorization_button
         end
 
         def needs_authorization?
@@ -13,7 +13,7 @@ module QA
         end
 
         def authorize!
-          click_button 'Authorize'
+          click_element :authorization_button
         end
       end
     end
diff --git a/qa/qa/page/main/sign_up.rb b/qa/qa/page/main/sign_up.rb
index 46a105003d0..c47d2ce9c74 100644
--- a/qa/qa/page/main/sign_up.rb
+++ b/qa/qa/page/main/sign_up.rb
@@ -5,28 +5,28 @@ module QA
     module Main
       class SignUp < Page::Base
         view 'app/views/devise/shared/_signup_box.html.haml' do
-          element :new_user_name
-          element :new_user_username
-          element :new_user_email
-          element :new_user_email_confirmation
-          element :new_user_password
+          element :new_user_name_field
+          element :new_user_username_field
+          element :new_user_email_field
+          element :new_user_email_confirmation_field
+          element :new_user_password_field
           element :new_user_register_button
-          element :new_user_accept_terms
+          element :new_user_accept_terms_checkbox
         end
 
         def sign_up!(user)
-          fill_element :new_user_name, user.name
-          fill_element :new_user_username, user.username
-          fill_element :new_user_email, user.email
-          fill_element :new_user_email_confirmation, user.email
-          fill_element :new_user_password, user.password
+          fill_element :new_user_name_field, user.name
+          fill_element :new_user_username_field, user.username
+          fill_element :new_user_email_field, user.email
+          fill_element :new_user_email_confirmation_field, user.email
+          fill_element :new_user_password_field, user.password
 
-          check_element :new_user_accept_terms if has_element?(:new_user_accept_terms)
+          check_element :new_user_accept_terms_checkbox if has_element?(:new_user_accept_terms_checkbox)
 
           signed_in = retry_until do
             click_element :new_user_register_button
 
-            Page::Main::Menu.act { has_personal_area? }
+            Page::Main::Menu.perform(&:has_personal_area?)
           end
 
           raise "Failed to register and sign in" unless signed_in
-- 
cgit v1.2.1


From 2a442ae7a89d5c6a683903043a171d40aed2dcb0 Mon Sep 17 00:00:00 2001
From: Woko <banbooliu@gmail.com>
Date: Tue, 16 Jul 2019 03:25:15 +0000
Subject: fix `register runner with services`

---
 doc/ci/docker/using_docker_images.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/ci/docker/using_docker_images.md b/doc/ci/docker/using_docker_images.md
index 90565efe196..f9dcd6417e0 100644
--- a/doc/ci/docker/using_docker_images.md
+++ b/doc/ci/docker/using_docker_images.md
@@ -35,8 +35,8 @@ sudo gitlab-runner register \
   --description "docker-ruby-2.1" \
   --executor "docker" \
   --docker-image ruby:2.1 \
-  --docker-postgres latest \
-  --docker-mysql latest
+  --docker-services postgres:latest \
+  --docker-services mysql:latest
 ```
 
 The registered runner will use the `ruby:2.1` Docker image and will run two
-- 
cgit v1.2.1


From adece6f7f947aae14b60226cdb8c835d5a3fa684 Mon Sep 17 00:00:00 2001
From: Heinrich Lee Yu <heinrich@gitlab.com>
Date: Tue, 16 Jul 2019 14:51:56 +0800
Subject: Change time tracking units feature release version

---
 doc/workflow/time_tracking.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/workflow/time_tracking.md b/doc/workflow/time_tracking.md
index 4286a3625a2..b55c6b2e3df 100644
--- a/doc/workflow/time_tracking.md
+++ b/doc/workflow/time_tracking.md
@@ -75,7 +75,7 @@ Default conversion rates are 1mo = 4w, 1w = 5d and 1d = 8h.
 
 ### Limit displayed units to hours
 
-> Introduced in GitLab 12.0.
+> Introduced in GitLab 12.1.
 
 The display of time units can be limited to hours through the option in **Admin Area > Settings > Preferences** under 'Localization'.
 
-- 
cgit v1.2.1


From dbc1544840a582ee509df017690ae3ff2666bc1b Mon Sep 17 00:00:00 2001
From: Phil Hughes <me@iamphill.com>
Date: Tue, 16 Jul 2019 11:02:37 +0100
Subject: Fixed create merge request button not enabling

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/64454
---
 .../javascripts/create_merge_request_dropdown.js   |  2 +-
 .../frontend/create_merge_request_dropdown_spec.js | 34 ++++++++++++++++++++++
 2 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/app/assets/javascripts/create_merge_request_dropdown.js b/app/assets/javascripts/create_merge_request_dropdown.js
index 052168bb21c..dce9c1a5410 100644
--- a/app/assets/javascripts/create_merge_request_dropdown.js
+++ b/app/assets/javascripts/create_merge_request_dropdown.js
@@ -182,7 +182,7 @@ export default class CreateMergeRequestDropdown {
   }
 
   enable() {
-    if (!canCreateConfidentialMergeRequest()) return;
+    if (isConfidentialIssue() && !canCreateConfidentialMergeRequest()) return;
 
     this.createMergeRequestButton.classList.remove('disabled');
     this.createMergeRequestButton.removeAttribute('disabled');
diff --git a/spec/frontend/create_merge_request_dropdown_spec.js b/spec/frontend/create_merge_request_dropdown_spec.js
index 6e41fdabdce..dcc6fa96d18 100644
--- a/spec/frontend/create_merge_request_dropdown_spec.js
+++ b/spec/frontend/create_merge_request_dropdown_spec.js
@@ -1,6 +1,7 @@
 import axios from '~/lib/utils/axios_utils';
 import MockAdapter from 'axios-mock-adapter';
 import CreateMergeRequestDropdown from '~/create_merge_request_dropdown';
+import confidentialState from '~/confidential_merge_request/state';
 import { TEST_HOST } from './helpers/test_constants';
 
 describe('CreateMergeRequestDropdown', () => {
@@ -66,4 +67,37 @@ describe('CreateMergeRequestDropdown', () => {
       );
     });
   });
+
+  describe('enable', () => {
+    beforeEach(() => {
+      dropdown.createMergeRequestButton.classList.add('disabled');
+    });
+
+    afterEach(() => {
+      confidentialState.selectedProject = {};
+    });
+
+    it('enables button when not confidential issue', () => {
+      dropdown.enable();
+
+      expect(dropdown.createMergeRequestButton.classList).not.toContain('disabled');
+    });
+
+    it('enables when can create confidential issue', () => {
+      document.querySelector('.js-create-mr').setAttribute('data-is-confidential', 'true');
+      confidentialState.selectedProject = { name: 'test' };
+
+      dropdown.enable();
+
+      expect(dropdown.createMergeRequestButton.classList).not.toContain('disabled');
+    });
+
+    it('does not enable when can not create confidential issue', () => {
+      document.querySelector('.js-create-mr').setAttribute('data-is-confidential', 'true');
+
+      dropdown.enable();
+
+      expect(dropdown.createMergeRequestButton.classList).toContain('disabled');
+    });
+  });
 });
-- 
cgit v1.2.1


From 1dde18f39424f6eaebe1777d0bfa35c5805178cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ma=C5=82gorzata=20Ksionek?= <mksionek@gitlab.com>
Date: Tue, 16 Jul 2019 11:38:19 +0200
Subject: Add code review remarks

Make specs more readable
---
 app/models/cycle_analytics/base_methods.rb         | 27 -------------------
 app/models/cycle_analytics/group_level.rb          |  2 +-
 app/models/cycle_analytics/level_base.rb           | 27 +++++++++++++++++++
 app/models/cycle_analytics/project_level.rb        |  2 +-
 lib/gitlab/cycle_analytics/permissions.rb          |  2 +-
 spec/lib/gitlab/cycle_analytics/code_stage_spec.rb | 30 ++++++++++------------
 .../cycle_analytics/group_stage_summary_spec.rb    |  1 +
 .../lib/gitlab/cycle_analytics/issue_stage_spec.rb | 22 ++++++++--------
 spec/lib/gitlab/cycle_analytics/plan_stage_spec.rb | 30 ++++++++++------------
 .../gitlab/cycle_analytics/review_stage_spec.rb    | 17 ++++++------
 .../gitlab/cycle_analytics/staging_stage_spec.rb   | 16 ++++++------
 spec/lib/gitlab/cycle_analytics/usage_data_spec.rb |  2 +-
 12 files changed, 87 insertions(+), 91 deletions(-)
 delete mode 100644 app/models/cycle_analytics/base_methods.rb
 create mode 100644 app/models/cycle_analytics/level_base.rb

diff --git a/app/models/cycle_analytics/base_methods.rb b/app/models/cycle_analytics/base_methods.rb
deleted file mode 100644
index 1c2a0854769..00000000000
--- a/app/models/cycle_analytics/base_methods.rb
+++ /dev/null
@@ -1,27 +0,0 @@
-# frozen_string_literal: true
-
-module CycleAnalytics
-  module BaseMethods
-    STAGES = %i[issue plan code test review staging production].freeze
-
-    def all_medians_by_stage
-      STAGES.each_with_object({}) do |stage_name, medians_per_stage|
-        medians_per_stage[stage_name] = self[stage_name].project_median
-      end
-    end
-
-    def stats
-      @stats ||= STAGES.map do |stage_name|
-        self[stage_name].as_json
-      end
-    end
-
-    def no_stats?
-      stats.all? { |hash| hash[:value].nil? }
-    end
-
-    def [](stage_name)
-      Gitlab::CycleAnalytics::Stage[stage_name].new(options: options)
-    end
-  end
-end
diff --git a/app/models/cycle_analytics/group_level.rb b/app/models/cycle_analytics/group_level.rb
index 58bd2eb0d9a..35efd8b8809 100644
--- a/app/models/cycle_analytics/group_level.rb
+++ b/app/models/cycle_analytics/group_level.rb
@@ -2,7 +2,7 @@
 
 module CycleAnalytics
   class GroupLevel
-    include BaseMethods
+    include LevelBase
     attr_reader :options
 
     def initialize(options:)
diff --git a/app/models/cycle_analytics/level_base.rb b/app/models/cycle_analytics/level_base.rb
new file mode 100644
index 00000000000..543349ebf8f
--- /dev/null
+++ b/app/models/cycle_analytics/level_base.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module CycleAnalytics
+  module LevelBase
+    STAGES = %i[issue plan code test review staging production].freeze
+
+    def all_medians_by_stage
+      STAGES.each_with_object({}) do |stage_name, medians_per_stage|
+        medians_per_stage[stage_name] = self[stage_name].project_median
+      end
+    end
+
+    def stats
+      @stats ||= STAGES.map do |stage_name|
+        self[stage_name].as_json
+      end
+    end
+
+    def no_stats?
+      stats.all? { |hash| hash[:value].nil? }
+    end
+
+    def [](stage_name)
+      Gitlab::CycleAnalytics::Stage[stage_name].new(options: options)
+    end
+  end
+end
diff --git a/app/models/cycle_analytics/project_level.rb b/app/models/cycle_analytics/project_level.rb
index abe1be11eae..4aa426c58a1 100644
--- a/app/models/cycle_analytics/project_level.rb
+++ b/app/models/cycle_analytics/project_level.rb
@@ -2,7 +2,7 @@
 
 module CycleAnalytics
   class ProjectLevel
-    include BaseMethods
+    include LevelBase
     attr_reader :project, :options
 
     def initialize(project, options:)
diff --git a/lib/gitlab/cycle_analytics/permissions.rb b/lib/gitlab/cycle_analytics/permissions.rb
index 0da041f8950..55214e6b896 100644
--- a/lib/gitlab/cycle_analytics/permissions.rb
+++ b/lib/gitlab/cycle_analytics/permissions.rb
@@ -23,7 +23,7 @@ module Gitlab
       end
 
       def get
-        ::CycleAnalytics::BaseMethods::STAGES.each do |stage|
+        ::CycleAnalytics::LevelBase::STAGES.each do |stage|
           @stage_permission_hash[stage] = authorized_stage?(stage)
         end
 
diff --git a/spec/lib/gitlab/cycle_analytics/code_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/code_stage_spec.rb
index 68f73ba3c93..933f3c7896e 100644
--- a/spec/lib/gitlab/cycle_analytics/code_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/code_stage_spec.rb
@@ -34,11 +34,11 @@ describe Gitlab::CycleAnalytics::CodeStage do
   end
 
   describe '#events' do
-    it 'exposes merge requests that closes issues' do
-      result = stage.events
+    subject { stage.events }
 
-      expect(result.count).to eq(2)
-      expect(result.map { |event| event[:title] }).to contain_exactly(mr_1.title, mr_2.title)
+    it 'exposes merge requests that closes issues' do
+      expect(subject.count).to eq(2)
+      expect(subject.map { |event| event[:title] }).to contain_exactly(mr_1.title, mr_2.title)
     end
   end
 
@@ -74,11 +74,11 @@ describe Gitlab::CycleAnalytics::CodeStage do
     end
 
     describe '#events' do
-      it 'exposes merge requests that close issues' do
-        result = stage.events
+      subject { stage.events }
 
-        expect(result.count).to eq(2)
-        expect(result.map { |event| event[:title] }).to contain_exactly(mr_2_1.title, mr_2_2.title)
+      it 'exposes merge requests that close issues' do
+        expect(subject.count).to eq(2)
+        expect(subject.map { |event| event[:title] }).to contain_exactly(mr_2_1.title, mr_2_2.title)
       end
     end
 
@@ -101,18 +101,16 @@ describe Gitlab::CycleAnalytics::CodeStage do
       end
 
       describe '#events' do
-        it 'exposes merge requests that close issues' do
-          result = stage.events
+        subject { stage.events }
 
-          expect(result.count).to eq(4)
-          expect(result.map { |event| event[:title] }).to contain_exactly(mr_2_1.title, mr_2_2.title, mr_3_1.title, mr_3_2.title)
+        it 'exposes merge requests that close issues' do
+          expect(subject.count).to eq(4)
+          expect(subject.map { |event| event[:title] }).to contain_exactly(mr_2_1.title, mr_2_2.title, mr_3_1.title, mr_3_2.title)
         end
 
         it 'exposes merge requests that close issues with full path for subgroup' do
-          result = stage.events
-
-          expect(result.count).to eq(4)
-          expect(result.find { |event| event[:title] == mr_3_1.title }[:url]).to include("#{subgroup.full_path}")
+          expect(subject.count).to eq(4)
+          expect(subject.find { |event| event[:title] == mr_3_1.title }[:url]).to include("#{subgroup.full_path}")
         end
       end
     end
diff --git a/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb b/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
index 8e552b23283..7e79c3f939c 100644
--- a/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
@@ -7,6 +7,7 @@ describe Gitlab::CycleAnalytics::GroupStageSummary do
   let(:project_2) { create(:project, :repository, namespace: group) }
   let(:from) { 1.day.ago }
   let(:user) { create(:user, :admin) }
+
   subject { described_class.new(group, from: Time.now, current_user: user).data }
 
   describe "#new_issues" do
diff --git a/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb
index 64ac9df52b2..ffd0b84cb57 100644
--- a/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb
@@ -63,11 +63,11 @@ describe Gitlab::CycleAnalytics::IssueStage do
     end
 
     describe '#events' do
-      it 'exposes merge requests that close issues' do
-        result = stage.events
+      subject { stage.events }
 
-        expect(result.count).to eq(2)
-        expect(result.map { |event| event[:title] }).to contain_exactly(issue_2_1.title, issue_2_2.title)
+      it 'exposes merge requests that close issues' do
+        expect(subject.count).to eq(2)
+        expect(subject.map { |event| event[:title] }).to contain_exactly(issue_2_1.title, issue_2_2.title)
       end
     end
 
@@ -85,18 +85,16 @@ describe Gitlab::CycleAnalytics::IssueStage do
       end
 
       describe '#events' do
-        it 'exposes merge requests that close issues' do
-          result = stage.events
+        subject { stage.events }
 
-          expect(result.count).to eq(4)
-          expect(result.map { |event| event[:title] }).to contain_exactly(issue_2_1.title, issue_2_2.title, issue_3_1.title, issue_3_2.title)
+        it 'exposes merge requests that close issues' do
+          expect(subject.count).to eq(4)
+          expect(subject.map { |event| event[:title] }).to contain_exactly(issue_2_1.title, issue_2_2.title, issue_3_1.title, issue_3_2.title)
         end
 
         it 'exposes merge requests that close issues with full path for subgroup' do
-          result = stage.events
-
-          expect(result.count).to eq(4)
-          expect(result.find { |event| event[:title] == issue_3_1.title }[:url]).to include("#{subgroup.full_path}")
+          expect(subject.count).to eq(4)
+          expect(subject.find { |event| event[:title] == issue_3_1.title }[:url]).to include("#{subgroup.full_path}")
         end
       end
     end
diff --git a/spec/lib/gitlab/cycle_analytics/plan_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/plan_stage_spec.rb
index 55de6192af1..3cd1320ca9c 100644
--- a/spec/lib/gitlab/cycle_analytics/plan_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/plan_stage_spec.rb
@@ -29,11 +29,11 @@ describe Gitlab::CycleAnalytics::PlanStage do
   end
 
   describe '#events' do
-    it 'exposes issues with metrics' do
-      result = stage.events
+    subject { stage.events }
 
-      expect(result.count).to eq(2)
-      expect(result.map { |event| event[:title] }).to contain_exactly(issue_1.title, issue_2.title)
+    it 'exposes issues with metrics' do
+      expect(subject.count).to eq(2)
+      expect(subject.map { |event| event[:title] }).to contain_exactly(issue_1.title, issue_2.title)
     end
   end
 
@@ -65,11 +65,11 @@ describe Gitlab::CycleAnalytics::PlanStage do
     end
 
     describe '#events' do
-      it 'exposes merge requests that close issues' do
-        result = stage.events
+      subject { stage.events }
 
-        expect(result.count).to eq(2)
-        expect(result.map { |event| event[:title] }).to contain_exactly(issue_2_1.title, issue_2_2.title)
+      it 'exposes merge requests that close issues' do
+        expect(subject.count).to eq(2)
+        expect(subject.map { |event| event[:title] }).to contain_exactly(issue_2_1.title, issue_2_2.title)
       end
     end
 
@@ -88,18 +88,16 @@ describe Gitlab::CycleAnalytics::PlanStage do
       end
 
       describe '#events' do
-        it 'exposes merge requests that close issues' do
-          result = stage.events
+        subject { stage.events }
 
-          expect(result.count).to eq(4)
-          expect(result.map { |event| event[:title] }).to contain_exactly(issue_2_1.title, issue_2_2.title, issue_3_1.title, issue_3_2.title)
+        it 'exposes merge requests that close issues' do
+          expect(subject.count).to eq(4)
+          expect(subject.map { |event| event[:title] }).to contain_exactly(issue_2_1.title, issue_2_2.title, issue_3_1.title, issue_3_2.title)
         end
 
         it 'exposes merge requests that close issues with full path for subgroup' do
-          result = stage.events
-
-          expect(result.count).to eq(4)
-          expect(result.find { |event| event[:title] == issue_3_1.title }[:url]).to include("#{subgroup.full_path}")
+          expect(subject.count).to eq(4)
+          expect(subject.find { |event| event[:title] == issue_3_1.title }[:url]).to include("#{subgroup.full_path}")
         end
       end
     end
diff --git a/spec/lib/gitlab/cycle_analytics/review_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/review_stage_spec.rb
index 9c7cb5811d0..6d14973c711 100644
--- a/spec/lib/gitlab/cycle_analytics/review_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/review_stage_spec.rb
@@ -35,13 +35,14 @@ describe Gitlab::CycleAnalytics::ReviewStage do
   end
 
   describe '#events' do
-    it 'exposes merge requests that close issues' do
-      result = stage.events
+    subject { stage.events }
 
-      expect(result.count).to eq(2)
-      expect(result.map { |event| event[:title] }).to contain_exactly(mr_1.title, mr_2.title)
+    it 'exposes merge requests that close issues' do
+      expect(subject.count).to eq(2)
+      expect(subject.map { |event| event[:title] }).to contain_exactly(mr_1.title, mr_2.title)
     end
   end
+
   context 'when group is given' do
     let(:user) { create(:user) }
     let(:group) { create(:group) }
@@ -77,11 +78,11 @@ describe Gitlab::CycleAnalytics::ReviewStage do
     end
 
     describe '#events' do
-      it 'exposes merge requests that close issues' do
-        result = stage.events
+      subject { stage.events }
 
-        expect(result.count).to eq(2)
-        expect(result.map { |event| event[:title] }).to contain_exactly(mr_2_1.title, mr_2_2.title)
+      it 'exposes merge requests that close issues' do
+        expect(subject.count).to eq(2)
+        expect(subject.map { |event| event[:title] }).to contain_exactly(mr_2_1.title, mr_2_2.title)
       end
     end
   end
diff --git a/spec/lib/gitlab/cycle_analytics/staging_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/staging_stage_spec.rb
index 3e2d748396f..9ca12cc448c 100644
--- a/spec/lib/gitlab/cycle_analytics/staging_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/staging_stage_spec.rb
@@ -39,11 +39,11 @@ describe Gitlab::CycleAnalytics::StagingStage do
   end
 
   describe '#events' do
-    it 'exposes builds connected to merge request' do
-      result = stage.events
+    subject { stage.events }
 
-      expect(result.count).to eq(2)
-      expect(result.map { |event| event[:name] }).to contain_exactly(build_1.name, build_2.name)
+    it 'exposes builds connected to merge request' do
+      expect(subject.count).to eq(2)
+      expect(subject.map { |event| event[:name] }).to contain_exactly(build_1.name, build_2.name)
     end
   end
 
@@ -84,11 +84,11 @@ describe Gitlab::CycleAnalytics::StagingStage do
     end
 
     describe '#events' do
-      it 'exposes merge requests that close issues' do
-        result = stage.events
+      subject { stage.events }
 
-        expect(result.count).to eq(2)
-        expect(result.map { |event| event[:name] }).to contain_exactly(build_1.name, build_2.name)
+      it 'exposes merge requests that close issues' do
+        expect(subject.count).to eq(2)
+        expect(subject.map { |event| event[:name] }).to contain_exactly(build_1.name, build_2.name)
       end
     end
   end
diff --git a/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb b/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb
index 4ef33ff6e2b..ad61bdeace7 100644
--- a/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb
@@ -34,7 +34,7 @@ describe Gitlab::CycleAnalytics::UsageData do
 
         expect(result).to have_key(:avg_cycle_analytics)
 
-        CycleAnalytics::BaseMethods::STAGES.each do |stage|
+        CycleAnalytics::LevelBase::STAGES.each do |stage|
           expect(result[:avg_cycle_analytics]).to have_key(stage)
 
           stage_values    = result[:avg_cycle_analytics][stage]
-- 
cgit v1.2.1


From e6c61c89527eb1a8f0f8affff5a76c81af656d8e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ma=C5=82gorzata=20Ksionek?= <mksionek@gitlab.com>
Date: Tue, 16 Jul 2019 12:28:08 +0200
Subject: Add timecop remarks

---
 .../cycle_analytics/group_stage_summary_spec.rb    | 84 ++++++++++++++--------
 1 file changed, 54 insertions(+), 30 deletions(-)

diff --git a/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb b/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
index 7e79c3f939c..6505fc714c4 100644
--- a/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
@@ -11,56 +11,80 @@ describe Gitlab::CycleAnalytics::GroupStageSummary do
   subject { described_class.new(group, from: Time.now, current_user: user).data }
 
   describe "#new_issues" do
-    it "finds the number of issues created after the 'from date'" do
-      Timecop.freeze(5.days.ago) { create(:issue, project: project) }
-      Timecop.freeze(5.days.ago) { create(:issue, project: project_2) }
-      Timecop.freeze(5.days.from_now) { create(:issue, project: project) }
-      Timecop.freeze(5.days.from_now) { create(:issue, project: project_2) }
+    context 'with from date' do
+      before do
+        Timecop.freeze(5.days.ago) { create(:issue, project: project) }
+        Timecop.freeze(5.days.ago) { create(:issue, project: project_2) }
+        Timecop.freeze(5.days.from_now) { create(:issue, project: project) }
+        Timecop.freeze(5.days.from_now) { create(:issue, project: project_2) }
+      end
 
-      expect(subject.first[:value]).to eq(2)
+      it "finds the number of issues created after it" do
+        expect(subject.first[:value]).to eq(2)
+      end
     end
 
-    it "doesn't find issues from other projects" do
-      Timecop.freeze(5.days.from_now) { create(:issue, project: create(:project, namespace: create(:group))) }
-      Timecop.freeze(5.days.from_now) { create(:issue, project: project) }
-      Timecop.freeze(5.days.from_now) { create(:issue, project: project_2) }
+    context 'with other projects' do
+      before do
+        Timecop.freeze(5.days.from_now) { create(:issue, project: create(:project, namespace: create(:group))) }
+        Timecop.freeze(5.days.from_now) { create(:issue, project: project) }
+        Timecop.freeze(5.days.from_now) { create(:issue, project: project_2) }
+      end
 
-      expect(subject.first[:value]).to eq(2)
+      it "doesn't find issues from them" do
+        expect(subject.first[:value]).to eq(2)
+      end
     end
 
-    it "finds issues from subgroups" do
-      Timecop.freeze(5.days.from_now) { create(:issue, project: create(:project, namespace: create(:group, parent: group))) }
-      Timecop.freeze(5.days.from_now) { create(:issue, project: project) }
-      Timecop.freeze(5.days.from_now) { create(:issue, project: project_2) }
+    context 'with subgroups' do
+      before do
+        Timecop.freeze(5.days.from_now) { create(:issue, project: create(:project, namespace: create(:group, parent: group))) }
+        Timecop.freeze(5.days.from_now) { create(:issue, project: project) }
+        Timecop.freeze(5.days.from_now) { create(:issue, project: project_2) }
+      end
 
-      expect(subject.first[:value]).to eq(3)
+      it "finds issues from them" do
+        expect(subject.first[:value]).to eq(3)
+      end
     end
   end
 
   describe "#deploys" do
-    it "finds the number of deploys made created after the 'from date'" do
-      Timecop.freeze(5.days.ago) { create(:deployment, :success, project: project) }
-      Timecop.freeze(5.days.from_now) { create(:deployment, :success, project: project) }
-      Timecop.freeze(5.days.ago) { create(:deployment, :success, project: project_2) }
-      Timecop.freeze(5.days.from_now) { create(:deployment, :success, project: project_2) }
+    context 'with from date' do
+      before do
+        Timecop.freeze(5.days.ago) { create(:deployment, :success, project: project) }
+        Timecop.freeze(5.days.from_now) { create(:deployment, :success, project: project) }
+        Timecop.freeze(5.days.ago) { create(:deployment, :success, project: project_2) }
+        Timecop.freeze(5.days.from_now) { create(:deployment, :success, project: project_2) }
+      end
 
-      expect(subject.second[:value]).to eq(2)
+      it "finds the number of deploys made created after it" do
+        expect(subject.second[:value]).to eq(2)
+      end
     end
 
-    it "doesn't find deploys from other projects" do
-      Timecop.freeze(5.days.from_now) do
-        create(:deployment, :success, project: create(:project, :repository, namespace: create(:group)))
+    context 'with other projects' do
+      before do
+        Timecop.freeze(5.days.from_now) do
+          create(:deployment, :success, project: create(:project, :repository, namespace: create(:group)))
+        end
       end
 
-      expect(subject.second[:value]).to eq(0)
+      it "doesn't find deploys from them" do
+        expect(subject.second[:value]).to eq(0)
+      end
     end
 
-    it "finds deploys from subgroups" do
-      Timecop.freeze(5.days.from_now) do
-        create(:deployment, :success, project: create(:project, :repository, namespace: create(:group, parent: group)))
+    context 'with subgroups' do
+      before do
+        Timecop.freeze(5.days.from_now) do
+          create(:deployment, :success, project: create(:project, :repository, namespace: create(:group, parent: group)))
+        end
       end
 
-      expect(subject.second[:value]).to eq(1)
+      it "finds deploys from them" do
+        expect(subject.second[:value]).to eq(1)
+      end
     end
   end
 end
-- 
cgit v1.2.1


From d5080eb5ffb0ffdb8133eee3039a4429c87a107d Mon Sep 17 00:00:00 2001
From: Toon Claes <toon@gitlab.com>
Date: Tue, 16 Jul 2019 14:07:42 +0200
Subject: Revert "Workaround for Rails 5, where LIMIT..."

This reverts commit 6823e7defb45dfd86d5258b40d6f82482d1ef451.

Originally implemented in
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/21839, but an
error was reported in
https://gitlab.com/gitlab-org/gitlab-ce/issues/51729 resulting in a
workaround introduced in
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/21879.

Now Rails 5.2 is used, this workaround no longer seems needed, so this
reverts it.
---
 lib/gitlab/database/subquery.rb | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/lib/gitlab/database/subquery.rb b/lib/gitlab/database/subquery.rb
index 10971d2b274..2a6f39c6a27 100644
--- a/lib/gitlab/database/subquery.rb
+++ b/lib/gitlab/database/subquery.rb
@@ -6,11 +6,7 @@ module Gitlab
       class << self
         def self_join(relation)
           t = relation.arel_table
-          # Work around a bug in Rails 5, where LIMIT causes trouble
-          # See https://gitlab.com/gitlab-org/gitlab-ce/issues/51729
-          r = relation.limit(nil).arel
-          r.take(relation.limit_value) if relation.limit_value
-          t2 = r.as('t2')
+          t2 = relation.arel.as('t2')
 
           relation.unscoped.joins(t.join(t2).on(t[:id].eq(t2[:id])).join_sources.first)
         end
-- 
cgit v1.2.1


From f219b744336364ff316cbddb1b097539ebec27bc Mon Sep 17 00:00:00 2001
From: Donald Cook <dcook@gitlab.com>
Date: Tue, 16 Jul 2019 12:44:15 +0000
Subject: CE backport: Removed non-decimal event values

Snowplow only accepts decimals for value
This MR removes sending of value implicitly with the value attribute
---
 app/views/devise/shared/_tabs_normal.html.haml                     | 2 +-
 app/views/layouts/_search.html.haml                                | 2 +-
 app/views/layouts/header/_default.html.haml                        | 2 +-
 app/views/layouts/header/_new_dropdown.haml                        | 2 +-
 app/views/layouts/nav/_dashboard.html.haml                         | 4 ++--
 app/views/projects/_new_project_fields.html.haml                   | 4 ++--
 app/views/projects/issues/import_csv/_modal.html.haml              | 2 +-
 app/views/projects/new.html.haml                                   | 6 +++---
 app/views/projects/project_templates/_built_in_templates.html.haml | 4 ++--
 app/views/shared/_visibility_radios.html.haml                      | 2 +-
 doc/development/fe_guide/event_tracking.md                         | 2 +-
 11 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/app/views/devise/shared/_tabs_normal.html.haml b/app/views/devise/shared/_tabs_normal.html.haml
index 4cd03be572f..ab8c22532fd 100644
--- a/app/views/devise/shared/_tabs_normal.html.haml
+++ b/app/views/devise/shared/_tabs_normal.html.haml
@@ -3,4 +3,4 @@
     %a.nav-link.qa-sign-in-tab.active{ href: '#login-pane', data: { toggle: 'tab' }, role: 'tab' } Sign in
   - if allow_signup?
     %li.nav-item{ role: 'presentation' }
-      %a.nav-link.qa-register-tab{ href: '#register-pane', data: { track_label: 'sign_in_register', track_property: 'sign_in', track_event: 'click_button', track_value: 'register', toggle: 'tab' }, role: 'tab' } Register
+      %a.nav-link.qa-register-tab{ href: '#register-pane', data: { track_label: 'sign_in_register', track_property: '', track_event: 'click_button', track_value: '', toggle: 'tab' }, role: 'tab' } Register
diff --git a/app/views/layouts/_search.html.haml b/app/views/layouts/_search.html.haml
index a5f57f5893c..c62dce880c0 100644
--- a/app/views/layouts/_search.html.haml
+++ b/app/views/layouts/_search.html.haml
@@ -2,7 +2,7 @@
   - group_data_attrs = { group_path: j(@group.path), name: j(@group.name), issues_path: issues_group_path(@group), mr_path: merge_requests_group_path(@group) }
 - if @project && @project.persisted?
   - project_data_attrs = { project_path: j(@project.path), name: j(@project.name), issues_path: project_issues_path(@project), mr_path: project_merge_requests_path(@project), issues_disabled: !@project.issues_enabled? }
-.search.search-form{ data: { track_label: "navbar_search", track_event: "activate_form_input" } }
+.search.search-form{ data: { track_label: "navbar_search", track_event: "activate_form_input", track_value: "" } }
   = form_tag search_path, method: :get, class: 'form-inline' do |f|
     .search-input-container
       .search-input-wrap
diff --git a/app/views/layouts/header/_default.html.haml b/app/views/layouts/header/_default.html.haml
index fc2dea25c77..89f99472270 100644
--- a/app/views/layouts/header/_default.html.haml
+++ b/app/views/layouts/header/_default.html.haml
@@ -64,7 +64,7 @@
             .dropdown-menu.dropdown-menu-right
               = render 'layouts/header/help_dropdown'
           - if header_link?(:user_dropdown)
-            %li.nav-item.header-user.dropdown{ data: { track_label: "profile_dropdown", track_event: "click_dropdown", qa_selector: 'user_menu' } }
+            %li.nav-item.header-user.dropdown{ data: { track_label: "profile_dropdown", track_event: "click_dropdown", track_value: "", qa_selector: 'user_menu' } }
               = link_to current_user, class: user_dropdown_class, data: { toggle: "dropdown" } do
                 = image_tag avatar_icon_for_user(current_user, 23), width: 23, height: 23, class: "header-user-avatar qa-user-avatar"
                 = sprite_icon('angle-down', css_class: 'caret-down')
diff --git a/app/views/layouts/header/_new_dropdown.haml b/app/views/layouts/header/_new_dropdown.haml
index 1d7a501e5c2..e28efb09be5 100644
--- a/app/views/layouts/header/_new_dropdown.haml
+++ b/app/views/layouts/header/_new_dropdown.haml
@@ -1,4 +1,4 @@
-%li.header-new.dropdown{ data: { track_label: "new_dropdown", track_event: "click_dropdown" } }
+%li.header-new.dropdown{ data: { track_label: "new_dropdown", track_event: "click_dropdown", track_value: "" } }
   = link_to new_project_path, class: "header-new-dropdown-toggle has-tooltip qa-new-menu-toggle", id: "js-onboarding-new-project-link", title: _("New..."), ref: 'tooltip', aria: { label: _("New...") }, data: { toggle: 'dropdown', placement: 'bottom', container: 'body', display: 'static' } do
     = sprite_icon('plus-square', size: 16)
     = sprite_icon('angle-down', css_class: 'caret-down')
diff --git a/app/views/layouts/nav/_dashboard.html.haml b/app/views/layouts/nav/_dashboard.html.haml
index 54028dc8554..cbe713b7468 100644
--- a/app/views/layouts/nav/_dashboard.html.haml
+++ b/app/views/layouts/nav/_dashboard.html.haml
@@ -2,7 +2,7 @@
 -# https://gitlab.com/gitlab-org/gitlab-ce/issues/49713 for more information.
 %ul.list-unstyled.navbar-sub-nav
   - if dashboard_nav_link?(:projects)
-    = nav_link(path: ['root#index', 'projects#trending', 'projects#starred', 'dashboard/projects#index'], html_options: { id: 'nav-projects-dropdown', class: "home dropdown header-projects qa-projects-dropdown", data: { track_label: "projects_dropdown", track_event: "click_dropdown" } }) do
+    = nav_link(path: ['root#index', 'projects#trending', 'projects#starred', 'dashboard/projects#index'], html_options: { id: 'nav-projects-dropdown', class: "home dropdown header-projects qa-projects-dropdown", data: { track_label: "projects_dropdown", track_event: "click_dropdown", track_value: "" } }) do
       %button.btn{ type: 'button', data: { toggle: "dropdown" } }
         = _('Projects')
         = sprite_icon('angle-down', css_class: 'caret-down')
@@ -10,7 +10,7 @@
         = render "layouts/nav/projects_dropdown/show"
 
   - if dashboard_nav_link?(:groups)
-    = nav_link(controller: ['dashboard/groups', 'explore/groups'], html_options: { id: 'nav-groups-dropdown', class: "home dropdown header-groups qa-groups-dropdown", data: { track_label: "groups_dropdown", track_event: "click_dropdown" } }) do
+    = nav_link(controller: ['dashboard/groups', 'explore/groups'], html_options: { id: 'nav-groups-dropdown', class: "home dropdown header-groups qa-groups-dropdown", data: { track_label: "groups_dropdown", track_event: "click_dropdown", track_value: "" } }) do
       %button.btn{ type: 'button', data: { toggle: "dropdown" } }
         = _('Groups')
         = sprite_icon('angle-down', css_class: 'caret-down')
diff --git a/app/views/projects/_new_project_fields.html.haml b/app/views/projects/_new_project_fields.html.haml
index 7541737f79c..5d88be0925e 100644
--- a/app/views/projects/_new_project_fields.html.haml
+++ b/app/views/projects/_new_project_fields.html.haml
@@ -54,7 +54,7 @@
   .form-group.row.initialize-with-readme-setting
     %div{ :class => "col-sm-12" }
       .form-check
-        = check_box_tag 'project[initialize_with_readme]', '1', false, class: 'form-check-input qa-initialize-with-readme-checkbox', data: { track_label: "#{track_label}", track_event: "activate_form_input", track_property: "init_with_readme" }
+        = check_box_tag 'project[initialize_with_readme]', '1', false, class: 'form-check-input qa-initialize-with-readme-checkbox', data: { track_label: "#{track_label}", track_event: "activate_form_input", track_property: "init_with_readme", track_value: "" }
         = label_tag 'project[initialize_with_readme]', class: 'form-check-label' do
           .option-title
             %strong= s_('ProjectsNew|Initialize repository with a README')
@@ -62,4 +62,4 @@
             = s_('ProjectsNew|Allows you to immediately clone this project’s repository. Skip this if you plan to push up an existing repository.')
 
 = f.submit _('Create project'), class: "btn btn-success project-submit", data: { track_label: "#{track_label}", track_event: "click_button", track_property: "create_project", track_value: "" }
-= link_to _('Cancel'), dashboard_projects_path, class: 'btn btn-cancel', data: { track_label: "#{track_label}", track_event: "click_button", track_property: "cancel" }
+= link_to _('Cancel'), dashboard_projects_path, class: 'btn btn-cancel', data: { track_label: "#{track_label}", track_event: "click_button", track_property: "cancel", track_value: "" }
diff --git a/app/views/projects/issues/import_csv/_modal.html.haml b/app/views/projects/issues/import_csv/_modal.html.haml
index 86bc54786ad..fe4a4236896 100644
--- a/app/views/projects/issues/import_csv/_modal.html.haml
+++ b/app/views/projects/issues/import_csv/_modal.html.haml
@@ -20,5 +20,5 @@
               = _('It must have a header row and at least two columns: the first column is the issue title and the second column is the issue description. The separator is automatically detected.')
               = _('The maximum file size allowed is %{size}.') % { size: number_to_human_size(Gitlab::CurrentSettings.max_attachment_size.megabytes) }
         .modal-footer
-          %button{ type: 'submit', class: 'btn btn-success', title: _('Import issues'), data: { track_label: "export_issues_csv", track_event: "click_button"} }
+          %button{ type: 'submit', class: 'btn btn-success', title: _('Import issues'), data: { track_label: "export_issues_csv", track_event: "click_button", track_value: ""} }
             = _('Import issues')
diff --git a/app/views/projects/new.html.haml b/app/views/projects/new.html.haml
index 6eb7a124a5d..fabe636b05c 100644
--- a/app/views/projects/new.html.haml
+++ b/app/views/projects/new.html.haml
@@ -32,15 +32,15 @@
     .col-lg-9.js-toggle-container
       %ul.nav.nav-tabs.nav-links.gitlab-tabs{ role: 'tablist' }
         %li.nav-item{ role: 'presentation' }
-          %a.nav-link.active{ href: '#blank-project-pane', id: 'blank-project-tab', data: { toggle: 'tab', track_label: 'blank_project', track_event: "click_tab" }, role: 'tab' }
+          %a.nav-link.active{ href: '#blank-project-pane', id: 'blank-project-tab', data: { toggle: 'tab', track_label: 'blank_project', track_event: "click_tab", track_value: "" }, role: 'tab' }
             %span.d-none.d-sm-block= s_('ProjectsNew|Blank project')
             %span.d-block.d-sm-none= s_('ProjectsNew|Blank')
         %li.nav-item{ role: 'presentation' }
-          %a.nav-link{ href: '#create-from-template-pane', id: 'create-from-template-tab', data: { toggle: 'tab', track_label: 'create_from_template', track_event: "click_tab" }, role: 'tab' }
+          %a.nav-link{ href: '#create-from-template-pane', id: 'create-from-template-tab', data: { toggle: 'tab', track_label: 'create_from_template', track_event: "click_tab", track_value: "" }, role: 'tab' }
             %span.d-none.d-sm-block.qa-project-create-from-template-tab= s_('ProjectsNew|Create from template')
             %span.d-block.d-sm-none= s_('ProjectsNew|Template')
         %li.nav-item{ role: 'presentation' }
-          %a.nav-link{ href: '#import-project-pane', id: 'import-project-tab', data: { toggle: 'tab', track_label: 'import_project', track_event: "click_tab" }, role: 'tab' }
+          %a.nav-link{ href: '#import-project-pane', id: 'import-project-tab', data: { toggle: 'tab', track_label: 'import_project', track_event: "click_tab", track_value: "" }, role: 'tab' }
             %span.d-none.d-sm-block= s_('ProjectsNew|Import project')
             %span.d-block.d-sm-none= s_('ProjectsNew|Import')
         = render_if_exists 'projects/new_ci_cd_only_project_tab', active_tab: active_tab
diff --git a/app/views/projects/project_templates/_built_in_templates.html.haml b/app/views/projects/project_templates/_built_in_templates.html.haml
index 6159f1c3542..d1c09e83fd3 100644
--- a/app/views/projects/project_templates/_built_in_templates.html.haml
+++ b/app/views/projects/project_templates/_built_in_templates.html.haml
@@ -9,9 +9,9 @@
       .text-muted
         = template.description
     .controls.d-flex.align-items-center
-      %a.btn.btn-default.append-right-10{ href: template.preview, rel: 'noopener noreferrer', target: '_blank', data: { track_label: "create_from_template", track_property: "template_preview", track_event: "click_button", track_value: template.name } }
+      %a.btn.btn-default.append-right-10{ href: template.preview, rel: 'noopener noreferrer', target: '_blank', data: { track_label: "template_preview", track_property: template.name, track_event: "click_button", track_value: "" } }
         = _("Preview")
       %label.btn.btn-success.template-button.choose-template.append-bottom-0{ for: template.name }
-        %input{ type: "radio", autocomplete: "off", name: "project[template_name]", id: template.name, value: template.name, data: { track_label: "create_from_template", track_property: "template_use", track_event: "click_button" } }
+        %input{ type: "radio", autocomplete: "off", name: "project[template_name]", id: template.name, value: template.name, data: { track_label: "template_use", track_property: template.name, track_event: "click_button", track_value: "" } }
         %span
           = _("Use template")
diff --git a/app/views/shared/_visibility_radios.html.haml b/app/views/shared/_visibility_radios.html.haml
index 342fdb20d41..82ffdc9cd13 100644
--- a/app/views/shared/_visibility_radios.html.haml
+++ b/app/views/shared/_visibility_radios.html.haml
@@ -4,7 +4,7 @@
   - next if disallowed || restricted
 
   .form-check
-    = form.radio_button model_method, level, checked: (selected_level == level), class: 'form-check-input', data: { track_label: "blank_project", track_event: "activate_form_input", track_property: "#{model_method}", track_value: "#{level}" }
+    = form.radio_button model_method, level, checked: (selected_level == level), class: 'form-check-input', data: { track_label: "blank_project", track_event: "activate_form_input", track_property: "#{model_method}_#{level}", track_value: "" }
     = form.label "#{model_method}_#{level}", class: 'form-check-label' do
       = visibility_level_icon(level)
       .option-title
diff --git a/doc/development/fe_guide/event_tracking.md b/doc/development/fe_guide/event_tracking.md
index 6ab3fa4acf3..716f6ad7f92 100644
--- a/doc/development/fe_guide/event_tracking.md
+++ b/doc/development/fe_guide/event_tracking.md
@@ -47,7 +47,7 @@ There's a more convenient solution to this problem. When working with HAML templ
 Below is an example of `data-track-*` attributes assigned to a button in HAML:
 
 ```ruby
-%button.btn{ data: { track_label: "create_from_template", track_property: "template_preview", track_event: "click_button", track_value: "my-template" } }
+%button.btn{ data: { track_label: "template_preview", track_property: "my-template", track_event: "click_button", track_value: "" } }
 ```
 
 By calling `bindTrackableContainer('.my-container')`, click handlers get bound to all elements located in `.my-container` provided that they have the necessary `data-track-*` attributes assigned to them.
-- 
cgit v1.2.1


From 96454b0fb632e3129876456f3f190ada8caf144e Mon Sep 17 00:00:00 2001
From: Tetiana Chupryna <tchupryna@gitlab.com>
Date: Tue, 16 Jul 2019 13:06:09 +0000
Subject: Docs Dependencies API

---
 doc/api/README.md       |  1 +
 doc/api/dependencies.md | 50 +++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 51 insertions(+)
 create mode 100644 doc/api/dependencies.md

diff --git a/doc/api/README.md b/doc/api/README.md
index 9d90677e2bb..8e60d1c61df 100644
--- a/doc/api/README.md
+++ b/doc/api/README.md
@@ -29,6 +29,7 @@ The following API resources are available in the project context:
 | [Commits](commits.md)                                               | `/projects/:id/repository/commits`, `/projects/:id/statuses`                                                                                                                                          |
 | [Container Registry](container_registry.md)                         | `/projects/:id/registry/repositories`                                                                                                                                                                 |
 | [Custom attributes](custom_attributes.md)                           | `/projects/:id/custom_attributes` (also available for groups and users)                                                                                                                               |
+| [Dependencies](dependencies.md) **[ULTIMATE]**                      | `/projects/:id/dependencies`
 | [Deploy keys](deploy_keys.md)                                       | `/projects/:id/deploy_keys` (also available standalone)                                                                                                                                               |
 | [Deployments](deployments.md)                                       | `/projects/:id/deployments`                                                                                                                                                                           |
 | [Discussions](discussions.md) (threaded comments)                   | `/projects/:id/issues/.../discussions`, `/projects/:id/snippets/.../discussions`, `/projects/:id/merge_requests/.../discussions`, `/projects/:id/commits/.../discussions` (also available for groups) |
diff --git a/doc/api/dependencies.md b/doc/api/dependencies.md
new file mode 100644
index 00000000000..ed5ebdade19
--- /dev/null
+++ b/doc/api/dependencies.md
@@ -0,0 +1,50 @@
+# Dependencies API **(ULTIMATE)**
+
+CAUTION: **Caution:**
+This API is in an alpha stage and considered unstable.
+The response payload may be subject to change or breakage
+across GitLab releases.
+
+Every call to this endpoint requires authentication. To perform this call, user should be authorized to read 
+[Project Security Dashboard](../user/application_security/security_dashboard/index.md#project-security-dashboard). 
+
+## List project dependencies
+
+Get a list of project dependencies. This API partially mirroring 
+[Dependency List](../user/application_security/dependency_scanning/index.md#dependency-list) feature.
+This list can be generated only for [languages and package managers](../user/application_security/dependency_scanning/index.md#supported-languages-and-package-managers)
+supported by Gemnasium. 
+
+```
+GET /projects/:id/dependencies
+GET /projects/:id/vulnerabilities?package_manger=maven
+GET /projects/:id/vulnerabilities?package_manger=yarn,bundler
+```
+
+| Attribute     | Type           | Required | Description                                                                                                                                                                 |
+| ------------- | -------------- | -------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `id`          | integer/string | yes      | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding).                                                            |
+| `package_manager` | string array   | no       | Returns dependencies belonging to specified package manager. Valid values: `bundler`, `composer`, `maven`, `npm`, `pip` or `yarn`.                                   |
+
+```bash
+curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/4/dependencies
+```
+
+Example response:
+
+```json
+[
+  {
+    "name": "rails",
+    "version": "5.0.1",
+    "package_manager": "bundler",
+    "dependency_file_path": "Gemfile.lock"
+  },
+  {
+      "name": "hanami",
+      "version": "1.3.1",
+      "package_manager": "bundler",
+      "dependency_file_path": "Gemfile.lock"
+    }
+]
+```
-- 
cgit v1.2.1


From 556d213cbc8b2ce44fd4d7fafde0a28804d3ae29 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Francisco=20Javier=20L=C3=B3pez?= <fjlopez@gitlab.com>
Date: Tue, 16 Jul 2019 13:12:37 +0000
Subject: Refactored WebIdeCommitsCount class

We're adding more redis base counters to the web ide and other
classes. We're refactoring this class in other to use the logic
in other places.
---
 lib/api/commits.rb                                 |  2 +-
 lib/gitlab/usage_data.rb                           |  2 +-
 lib/gitlab/usage_data_counters/redis_counter.rb    | 19 ++++++++
 .../usage_data_counters/web_ide_commits_counter.rb | 13 ++++++
 lib/gitlab/web_ide_commits_counter.rb              | 17 -------
 .../usage_data_counters/redis_counter_spec.rb      | 54 ++++++++++++++++++++++
 spec/lib/gitlab/web_ide_commits_counter_spec.rb    | 19 --------
 spec/requests/api/commits_spec.rb                  |  2 +-
 8 files changed, 89 insertions(+), 39 deletions(-)
 create mode 100644 lib/gitlab/usage_data_counters/redis_counter.rb
 create mode 100644 lib/gitlab/usage_data_counters/web_ide_commits_counter.rb
 delete mode 100644 lib/gitlab/web_ide_commits_counter.rb
 create mode 100644 spec/lib/gitlab/usage_data_counters/redis_counter_spec.rb
 delete mode 100644 spec/lib/gitlab/web_ide_commits_counter_spec.rb

diff --git a/lib/api/commits.rb b/lib/api/commits.rb
index eebded87ebc..c414ad75d9d 100644
--- a/lib/api/commits.rb
+++ b/lib/api/commits.rb
@@ -126,7 +126,7 @@ module API
         if result[:status] == :success
           commit_detail = user_project.repository.commit(result[:result])
 
-          Gitlab::WebIdeCommitsCounter.increment if find_user_from_warden
+          Gitlab::UsageDataCounters::WebIdeCommitsCounter.increment if find_user_from_warden
 
           present commit_detail, with: Entities::CommitDetail, stats: params[:stats]
         else
diff --git a/lib/gitlab/usage_data.rb b/lib/gitlab/usage_data.rb
index 0180fe7fa71..055e01a9399 100644
--- a/lib/gitlab/usage_data.rb
+++ b/lib/gitlab/usage_data.rb
@@ -130,7 +130,7 @@ module Gitlab
 
       def usage_counters
         {
-          web_ide_commits: Gitlab::WebIdeCommitsCounter.total_count
+          web_ide_commits: Gitlab::UsageDataCounters::WebIdeCommitsCounter.total_count
         }
       end
 
diff --git a/lib/gitlab/usage_data_counters/redis_counter.rb b/lib/gitlab/usage_data_counters/redis_counter.rb
new file mode 100644
index 00000000000..123b8e1bef1
--- /dev/null
+++ b/lib/gitlab/usage_data_counters/redis_counter.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module UsageDataCounters
+    module RedisCounter
+      def increment
+        Gitlab::Redis::SharedState.with { |redis| redis.incr(redis_counter_key) }
+      end
+
+      def total_count
+        Gitlab::Redis::SharedState.with { |redis| redis.get(redis_counter_key).to_i }
+      end
+
+      def redis_counter_key
+        raise NotImplementedError
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/usage_data_counters/web_ide_commits_counter.rb b/lib/gitlab/usage_data_counters/web_ide_commits_counter.rb
new file mode 100644
index 00000000000..62236fa07a3
--- /dev/null
+++ b/lib/gitlab/usage_data_counters/web_ide_commits_counter.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module UsageDataCounters
+    class WebIdeCommitsCounter
+      extend RedisCounter
+
+      def self.redis_counter_key
+        'WEB_IDE_COMMITS_COUNT'
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/web_ide_commits_counter.rb b/lib/gitlab/web_ide_commits_counter.rb
deleted file mode 100644
index 1cd9b5295b9..00000000000
--- a/lib/gitlab/web_ide_commits_counter.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-# frozen_string_literal: true
-
-module Gitlab
-  module WebIdeCommitsCounter
-    WEB_IDE_COMMITS_KEY = "WEB_IDE_COMMITS_COUNT".freeze
-
-    class << self
-      def increment
-        Gitlab::Redis::SharedState.with { |redis| redis.incr(WEB_IDE_COMMITS_KEY) }
-      end
-
-      def total_count
-        Gitlab::Redis::SharedState.with { |redis| redis.get(WEB_IDE_COMMITS_KEY).to_i }
-      end
-    end
-  end
-end
diff --git a/spec/lib/gitlab/usage_data_counters/redis_counter_spec.rb b/spec/lib/gitlab/usage_data_counters/redis_counter_spec.rb
new file mode 100644
index 00000000000..38b4c22e186
--- /dev/null
+++ b/spec/lib/gitlab/usage_data_counters/redis_counter_spec.rb
@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::UsageDataCounters::RedisCounter, :clean_gitlab_redis_shared_state do
+  context 'when redis_key is not defined' do
+    subject do
+      Class.new.extend(described_class)
+    end
+
+    describe '.increment' do
+      it 'raises a NotImplementedError exception' do
+        expect { subject.increment}.to raise_error(NotImplementedError)
+      end
+    end
+
+    describe '.total_count' do
+      it 'raises a NotImplementedError exception' do
+        expect { subject.total_count}.to raise_error(NotImplementedError)
+      end
+    end
+  end
+
+  context 'when redis_key is defined' do
+    subject do
+      counter_module = described_class
+
+      Class.new do
+        extend counter_module
+
+        def self.redis_counter_key
+          'foo_redis_key'
+        end
+      end
+    end
+
+    describe '.increment' do
+      it 'increments the web ide commits counter by 1' do
+        expect do
+          subject.increment
+        end.to change { subject.total_count }.from(0).to(1)
+      end
+    end
+
+    describe '.total_count' do
+      it 'returns the total amount of web ide commits' do
+        subject.increment
+        subject.increment
+
+        expect(subject.total_count).to eq(2)
+      end
+    end
+  end
+end
diff --git a/spec/lib/gitlab/web_ide_commits_counter_spec.rb b/spec/lib/gitlab/web_ide_commits_counter_spec.rb
deleted file mode 100644
index c51889a1c63..00000000000
--- a/spec/lib/gitlab/web_ide_commits_counter_spec.rb
+++ /dev/null
@@ -1,19 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe Gitlab::WebIdeCommitsCounter, :clean_gitlab_redis_shared_state do
-  describe '.increment' do
-    it 'increments the web ide commits counter by 1' do
-      expect do
-        described_class.increment
-      end.to change { described_class.total_count }.from(0).to(1)
-    end
-  end
-
-  describe '.total_count' do
-    it 'returns the total amount of web ide commits' do
-      expect(described_class.total_count).to eq(0)
-    end
-  end
-end
diff --git a/spec/requests/api/commits_spec.rb b/spec/requests/api/commits_spec.rb
index 3df5d9412f8..204e378f7be 100644
--- a/spec/requests/api/commits_spec.rb
+++ b/spec/requests/api/commits_spec.rb
@@ -281,7 +281,7 @@ describe API::Commits do
       end
 
       it 'does not increment the usage counters using access token authentication' do
-        expect(::Gitlab::WebIdeCommitsCounter).not_to receive(:increment)
+        expect(::Gitlab::UsageDataCounters::WebIdeCommitsCounter).not_to receive(:increment)
 
         post api(url, user), params: valid_c_params
       end
-- 
cgit v1.2.1


From 0f9a5087fcdb6cdbe1f7cef24c5fbb361755a2e3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Muhamed=20Huseinba=C5=A1i=C4=87?= <mhuseinbasic@gitlab.com>
Date: Tue, 16 Jul 2019 13:52:04 +0000
Subject: Note in the docs about possibility of disabling Auto DevOps at
 group-level for self-managed instances

---
 doc/topics/autodevops/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md
index 6dfe42f68cf..f9ad952aaad 100644
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -222,7 +222,7 @@ full use of Auto DevOps are available. If this is your fist time, we recommend y
 [quick start guide](quick_start_guide.md).
 
 GitLab.com users can enable/disable Auto DevOps at the project-level only. Self-managed users
-can enable/disable Auto DevOps at either the project-level or instance-level.
+can enable/disable Auto DevOps at the project-level, group-level or instance-level.
 
 ### Enabling/disabling Auto DevOps at the instance-level (Administrators only)
 
-- 
cgit v1.2.1


From 1ebef4aae55adb5e17a76b92aea74467e49130bf Mon Sep 17 00:00:00 2001
From: Patrick Derichs <pderichs@gitlab.com>
Date: Fri, 5 Jul 2019 12:50:20 +0200
Subject: Add result to MoveService#execute_multiple

It adds  a hash response which includes
the count, success state and the moved
issues itself so the caller has additional
information about the result of the
process.
---
 app/controllers/boards/issues_controller.rb       |  7 ++--
 app/services/boards/issues/move_service.rb        | 39 +++++++++++++++++++----
 spec/controllers/boards/issues_controller_spec.rb | 13 ++++++--
 spec/services/boards/issues/move_service_spec.rb  |  4 +--
 4 files changed, 47 insertions(+), 16 deletions(-)

diff --git a/app/controllers/boards/issues_controller.rb b/app/controllers/boards/issues_controller.rb
index 353a9806fd1..90528f75ffd 100644
--- a/app/controllers/boards/issues_controller.rb
+++ b/app/controllers/boards/issues_controller.rb
@@ -58,11 +58,8 @@ module Boards
       service = Boards::Issues::MoveService.new(board_parent, current_user, move_params(true))
 
       issues = Issue.find(params[:ids])
-      if service.execute_multiple(issues)
-        head :ok
-      else
-        head :unprocessable_entity
-      end
+
+      render json: service.execute_multiple(issues)
     end
 
     def update
diff --git a/app/services/boards/issues/move_service.rb b/app/services/boards/issues/move_service.rb
index 755d723b9a0..00ce27db7c8 100644
--- a/app/services/boards/issues/move_service.rb
+++ b/app/services/boards/issues/move_service.rb
@@ -11,26 +11,51 @@ module Boards
       end
 
       def execute_multiple(issues)
-        return false if issues.empty?
+        return execute_multiple_empty_result if issues.empty?
 
+        handled_issues = []
         last_inserted_issue_id = nil
-        issues.map do |issue|
+        count = issues.each.inject(0) do |moved_count, issue|
           issue_modification_params = issue_params(issue)
-          next if issue_modification_params.empty?
+          next moved_count if issue_modification_params.empty?
 
           if last_inserted_issue_id
-            issue_modification_params[:move_between_ids] = move_between_ids({ move_after_id: nil, move_before_id: last_inserted_issue_id })
+            issue_modification_params[:move_between_ids] = move_below(last_inserted_issue_id)
           end
 
           last_inserted_issue_id = issue.id
-          move_single_issue(issue, issue_modification_params)
-        end.all?
+          handled_issue = move_single_issue(issue, issue_modification_params)
+          handled_issues << present_issue_entity(handled_issue) if handled_issue
+          handled_issue && handled_issue.valid? ? moved_count + 1 : moved_count
+        end
+
+        {
+          count: count,
+          success: count == issues.size,
+          issues: handled_issues
+        }
       end
 
       private
 
+      def present_issue_entity(issue)
+        ::API::Entities::Issue.represent(issue)
+      end
+
+      def execute_multiple_empty_result
+        @execute_multiple_empty_result ||= {
+          count: 0,
+          success: false,
+          issues: []
+        }
+      end
+
+      def move_below(id)
+        move_between_ids({ move_after_id: nil, move_before_id: id })
+      end
+
       def move_single_issue(issue, issue_modification_params)
-        return false unless can?(current_user, :update_issue, issue)
+        return unless can?(current_user, :update_issue, issue)
 
         update(issue, issue_modification_params)
       end
diff --git a/spec/controllers/boards/issues_controller_spec.rb b/spec/controllers/boards/issues_controller_spec.rb
index 246d6f9e0f9..f8a25d814ed 100644
--- a/spec/controllers/boards/issues_controller_spec.rb
+++ b/spec/controllers/boards/issues_controller_spec.rb
@@ -160,7 +160,7 @@ describe Boards::IssuesController do
       end
     end
 
-    describe 'PUT move_multiple' do
+    describe 'PUT bulk_move' do
       let(:todo) { create(:group_label, group: group, name: 'Todo') }
       let(:development) { create(:group_label, group: group, name: 'Development') }
       let(:user) { create(:group_member, :maintainer, user: create(:user), group: group ).user }
@@ -200,12 +200,21 @@ describe Boards::IssuesController do
           put :bulk_move, params: move_issues_params
           expect(response).to have_gitlab_http_status(expected_status)
 
+          if expected_status == 200
+            expect(json_response).to include(
+              'count' => move_issues_params[:ids].size,
+              'success' => true
+            )
+
+            expect(json_response['issues'].pluck('id')).to include(*move_issues_params[:ids])
+          end
+
           list_issues user: requesting_user, board: board, list: list2
           expect(response).to have_gitlab_http_status(200)
 
           expect(response).to match_response_schema('entities/issue_boards')
 
-          responded_issues = json_response['issues']
+          responded_issues = JSON.parse(response.body)['issues']
           expect(responded_issues.length).to eq expected_issue_count
 
           ids_in_order = responded_issues.pluck('id')
diff --git a/spec/services/boards/issues/move_service_spec.rb b/spec/services/boards/issues/move_service_spec.rb
index 1bfb5602df2..cf84ec8fd4c 100644
--- a/spec/services/boards/issues/move_service_spec.rb
+++ b/spec/services/boards/issues/move_service_spec.rb
@@ -68,8 +68,8 @@ describe Boards::Issues::MoveService do
         project.add_developer(user)
       end
 
-      it 'returns false if list of issues is empty' do
-        expect(described_class.new(group, user, params).execute_multiple([])).to eq(false)
+      it 'returns the expected result if list of issues is empty' do
+        expect(described_class.new(group, user, params).execute_multiple([])).to eq({ count: 0, success: false, issues: [] })
       end
 
       context 'moving multiple issues' do
-- 
cgit v1.2.1


From 52bdcdff20127b09b5f088138b899c9ad6a1048b Mon Sep 17 00:00:00 2001
From: Patrick Derichs <pderichs@gitlab.com>
Date: Tue, 16 Jul 2019 14:55:59 +0200
Subject: Use match_array instead of include

---
 spec/controllers/boards/issues_controller_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/controllers/boards/issues_controller_spec.rb b/spec/controllers/boards/issues_controller_spec.rb
index f8a25d814ed..2f0a8f93bd5 100644
--- a/spec/controllers/boards/issues_controller_spec.rb
+++ b/spec/controllers/boards/issues_controller_spec.rb
@@ -206,7 +206,7 @@ describe Boards::IssuesController do
               'success' => true
             )
 
-            expect(json_response['issues'].pluck('id')).to include(*move_issues_params[:ids])
+            expect(json_response['issues'].pluck('id')).to match_array(move_issues_params[:ids])
           end
 
           list_issues user: requesting_user, board: board, list: list2
-- 
cgit v1.2.1


From ca089d91f6313b32a6381aef36583e83869f4017 Mon Sep 17 00:00:00 2001
From: Patrick Derichs <pderichs@gitlab.com>
Date: Tue, 16 Jul 2019 16:17:37 +0200
Subject: Modified spec so a second call to json_response is avoided

---
 spec/controllers/boards/issues_controller_spec.rb | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/spec/controllers/boards/issues_controller_spec.rb b/spec/controllers/boards/issues_controller_spec.rb
index 2f0a8f93bd5..0db58fbefc1 100644
--- a/spec/controllers/boards/issues_controller_spec.rb
+++ b/spec/controllers/boards/issues_controller_spec.rb
@@ -196,7 +196,7 @@ describe Boards::IssuesController do
           sign_in(signed_in_user)
         end
 
-        it 'moves issues as expected' do
+        it 'responds as expected' do
           put :bulk_move, params: move_issues_params
           expect(response).to have_gitlab_http_status(expected_status)
 
@@ -208,13 +208,18 @@ describe Boards::IssuesController do
 
             expect(json_response['issues'].pluck('id')).to match_array(move_issues_params[:ids])
           end
+        end
+
+        it 'moves issues as expected' do
+          put :bulk_move, params: move_issues_params
+          expect(response).to have_gitlab_http_status(expected_status)
 
           list_issues user: requesting_user, board: board, list: list2
           expect(response).to have_gitlab_http_status(200)
 
           expect(response).to match_response_schema('entities/issue_boards')
 
-          responded_issues = JSON.parse(response.body)['issues']
+          responded_issues = json_response['issues']
           expect(responded_issues.length).to eq expected_issue_count
 
           ids_in_order = responded_issues.pluck('id')
-- 
cgit v1.2.1


From 81f1028801c81369e10c251d422592f959cf35a8 Mon Sep 17 00:00:00 2001
From: Brett Walker <bwalker@gitlab.com>
Date: Tue, 16 Jul 2019 09:20:53 -0500
Subject: Default manual_sorting feature flag to on

---
 app/controllers/groups_controller.rb               | 2 +-
 app/controllers/projects/issues_controller.rb      | 2 +-
 app/views/shared/issuable/_sort_dropdown.html.haml | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb
index dbddee47997..c2517ddc10a 100644
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -8,7 +8,7 @@ class GroupsController < Groups::ApplicationController
   include RecordUserLastActivity
 
   before_action do
-    push_frontend_feature_flag(:manual_sorting)
+    push_frontend_feature_flag(:manual_sorting, default_enabled: true)
   end
 
   respond_to :html
diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb
index 228de8bc6f3..db7ca7ef0d7 100644
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -11,7 +11,7 @@ class Projects::IssuesController < Projects::ApplicationController
   include RecordUserLastActivity
 
   before_action do
-    push_frontend_feature_flag(:manual_sorting)
+    push_frontend_feature_flag(:manual_sorting, default_enabled: true)
   end
 
   def issue_except_actions
diff --git a/app/views/shared/issuable/_sort_dropdown.html.haml b/app/views/shared/issuable/_sort_dropdown.html.haml
index 403e001bfe8..df0523595f5 100644
--- a/app/views/shared/issuable/_sort_dropdown.html.haml
+++ b/app/views/shared/issuable/_sort_dropdown.html.haml
@@ -1,7 +1,7 @@
 - sort_value = @sort
 - sort_title = issuable_sort_option_title(sort_value)
 - viewing_issues = controller.controller_name == 'issues' || controller.action_name == 'issues'
-- manual_sorting = viewing_issues && controller.controller_name != 'dashboard' && Feature.enabled?(:manual_sorting)
+- manual_sorting = viewing_issues && controller.controller_name != 'dashboard' && Feature.enabled?(:manual_sorting, default_enabled: true)
 
 .dropdown.inline.prepend-left-10.issue-sort-dropdown
   .btn-group{ role: 'group' }
-- 
cgit v1.2.1


From 1f34c37de05480724b8e0915384d9bae96a67db9 Mon Sep 17 00:00:00 2001
From: Greg Myers <gmyers@gitlab.com>
Date: Tue, 16 Jul 2019 14:35:50 +0000
Subject: Fix rake db:migrate:status typo in docs

---
 doc/administration/raketasks/maintenance.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/administration/raketasks/maintenance.md b/doc/administration/raketasks/maintenance.md
index b3aa09abd1c..8d0b5b42515 100644
--- a/doc/administration/raketasks/maintenance.md
+++ b/doc/administration/raketasks/maintenance.md
@@ -257,7 +257,7 @@ sudo gitlab-rake gitlab:exclusive_lease:clear[project_housekeeping:4]
 To check the status of migrations, you can use the following rake task:
 
 ```bash
-sudo gitlab-rake db:migrations:status
+sudo gitlab-rake db:migrate:status
 ```
 
 This will output a table with a `Status` of `up` or `down` for 
-- 
cgit v1.2.1


From d589a4e8e1e54eb3810cc2c29649f34a632fd3e5 Mon Sep 17 00:00:00 2001
From: drew cimino <dcimino@gitlab.com>
Date: Tue, 16 Jul 2019 11:43:08 -0400
Subject: Build instead of create

---
 spec/lib/gitlab/ci/pipeline/seed/build_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb b/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb
index e0bff638233..46ea0d7554b 100644
--- a/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb
@@ -233,7 +233,7 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
       using RSpec::Parameterized
 
       let(:pipeline) do
-        create(:ci_empty_pipeline, ref: 'deploy', tag: false, source: source)
+        build(:ci_empty_pipeline, ref: 'deploy', tag: false, source: source)
       end
 
       context 'matches' do
-- 
cgit v1.2.1


From 41b77136eec455c13357566ff959382a50bc4043 Mon Sep 17 00:00:00 2001
From: Annabel Dunstone Gray <annabel.m.gray@gmail.com>
Date: Tue, 16 Jul 2019 16:03:29 +0000
Subject: Revert "Merge branch '61145-fix-button-dimensions' into 'master'"

This reverts merge request !28545
---
 app/assets/stylesheets/framework/animations.scss   |   2 +-
 app/assets/stylesheets/framework/buttons.scss      | 128 +++++++++------------
 app/assets/stylesheets/framework/dropdowns.scss    |  17 ++-
 app/assets/stylesheets/framework/variables.scss    |   4 -
 app/assets/stylesheets/pages/commits.scss          |   4 +-
 app/assets/stylesheets/pages/issuable.scss         |   4 +
 app/assets/stylesheets/pages/issues.scss           |   1 +
 app/assets/stylesheets/pages/note_form.scss        |   1 +
 app/assets/stylesheets/pages/projects.scss         |   3 +-
 app/assets/stylesheets/pages/tree.scss             |   2 +-
 app/helpers/dropdowns_helper.rb                    |   2 +-
 .../projects/issues/import_csv/_button.html.haml   |   2 +-
 app/views/shared/issuable/_feed_buttons.html.haml  |   8 +-
 .../unreleased/61145-fix-button-dimensions.yml     |   5 -
 spec/support/features/rss_shared_examples.rb       |   4 +-
 15 files changed, 89 insertions(+), 98 deletions(-)
 delete mode 100644 changelogs/unreleased/61145-fix-button-dimensions.yml

diff --git a/app/assets/stylesheets/framework/animations.scss b/app/assets/stylesheets/framework/animations.scss
index 6bc5632365f..6f5a2e561af 100644
--- a/app/assets/stylesheets/framework/animations.scss
+++ b/app/assets/stylesheets/framework/animations.scss
@@ -104,7 +104,7 @@
 }
 
 .btn {
-  @include transition(border-color);
+  @include transition(background-color, border-color, color, box-shadow);
 }
 
 .dropdown-menu-toggle,
diff --git a/app/assets/stylesheets/framework/buttons.scss b/app/assets/stylesheets/framework/buttons.scss
index e0b6da31261..767832e242c 100644
--- a/app/assets/stylesheets/framework/buttons.scss
+++ b/app/assets/stylesheets/framework/buttons.scss
@@ -24,11 +24,12 @@
   border-radius: $border-radius-default;
   font-size: $gl-font-size;
   font-weight: $gl-font-weight-normal;
-  padding: $gl-bordered-btn-vert-padding $gl-bordered-btn-horz-padding;
+  padding: $gl-vert-padding $gl-btn-padding;
 
   &:focus,
   &:active {
     background-color: $btn-active-gray;
+    box-shadow: $gl-btn-active-background;
   }
 }
 
@@ -49,89 +50,77 @@
     color: $text;
   }
 
-  &:not(:disabled):not(.disabled) {
-    &:hover {
-      box-shadow: inset 0 0 0 1px $hover-border, 0 2px 2px 0 $gl-btn-hover-shadow-light;
-    }
+  &:hover,
+  &:focus {
+    background-color: $hover-background;
+    border-color: $hover-border;
+    color: $hover-text;
 
-    &:focus {
-      box-shadow: inset 0 0 0 1px $hover-border, 0 0 4px 1px $blue-300;
+    > .icon {
+      color: $hover-text;
     }
+  }
 
-    &:hover,
-    &:focus {
-      background-color: $hover-background;
-      border-color: $hover-border;
-      color: $hover-text;
+  &:focus {
+    box-shadow: 0 0 4px 1px $blue-300;
+  }
 
-      > .icon {
-        color: $hover-text;
-      }
-    }
+  &:active {
+    background-color: $active-background;
+    border-color: $active-border;
+    box-shadow: inset 0 2px 4px 0 rgba($black, 0.2);
+    color: $active-text;
 
-    &:active,
-    &:active:focus {
-      background-color: $active-background;
-      border-color: $active-border;
-      box-shadow: inset 0 0 0 1px $hover-border, inset 0 2px 4px 0 rgba($black, 0.2);
+    > .icon {
       color: $active-text;
+    }
 
-      > .icon {
-        color: $active-text;
-      }
+    &:focus {
+      box-shadow: inset 0 2px 4px 0 rgba($black, 0.2);
     }
   }
 }
 
-@mixin btn-color($light, $border-light, $normal, $border-normal, $dark, $border-dark, $color, $hover-shadow-color: $gl-btn-hover-shadow-dark) {
+@mixin btn-color($light, $border-light, $normal, $border-normal, $dark, $border-dark, $color) {
   background-color: $light;
   border-color: $border-light;
   color: $color;
 
-  &:not(:disabled):not(.disabled) {
-    &:hover {
-      box-shadow: inset 0 0 0 1px $border-normal, 0 2px 2px 0 $hover-shadow-color;
-    }
-
-    &:focus {
-      box-shadow: inset 0 0 0 1px $border-normal, 0 0 4px 1px $blue-300;
-    }
+  &:hover,
+  &:focus {
+    background-color: $normal;
+    border-color: $border-normal;
+    color: $color;
+  }
 
-    &:hover,
-    &:focus {
-      background-color: $normal;
-      border-color: $border-normal;
-      color: $color;
-    }
+  &:active,
+  &.active {
+    box-shadow: $gl-btn-active-background;
 
-    &:active,
-    &.active {
-      box-shadow: inset 0 2px 4px 0 $gl-btn-hover-shadow-dark;
-      background-color: $dark;
-      border-color: $border-dark;
-      color: $color;
-    }
+    background-color: $dark;
+    border-color: $border-dark;
+    color: $color;
   }
 }
 
 @mixin btn-green {
-  @include btn-color($green-500, $green-600, $green-500, $green-700, $green-600, $green-800, $white-light);
+  @include btn-color($green-500, $green-600, $green-600, $green-700, $green-700, $green-800, $white-light);
 }
 
 @mixin btn-blue {
-  @include btn-color($blue-500, $blue-600, $blue-500, $blue-700, $blue-600, $blue-800, $white-light);
+  @include btn-color($blue-500, $blue-600, $blue-600, $blue-700, $blue-700, $blue-800, $white-light);
 }
 
 @mixin btn-orange {
-  @include btn-color($orange-500, $orange-600, $orange-500, $orange-700, $orange-600, $orange-800, $white-light);
+  @include btn-color($orange-500, $orange-600, $orange-600, $orange-700, $orange-700, $orange-800, $white-light);
 }
 
 @mixin btn-red {
-  @include btn-color($red-500, $red-600, $red-500, $red-700, $red-600, $red-800, $white-light);
+  @include btn-color($red-500, $red-600, $red-600, $red-700, $red-700, $red-800, $white-light);
 }
 
 @mixin btn-white {
-  @include btn-color($white-light, $gray-400, $gray-200, $gray-400, $gl-gray-200, $gray-500, $gl-text-color, $gl-btn-hover-shadow-light);
+  @include btn-color($white-light, $border-color, $white-normal, $border-white-normal, $white-dark, $border-gray-dark, $gl-text-color);
 }
 
 @mixin btn-with-margin {
@@ -160,20 +149,21 @@
 
   color: $gl-text-color;
   white-space: nowrap;
-  line-height: $gl-btn-line-height;
 
   &:focus:active {
     outline: 0;
   }
 
-  &.btn-xs {
-    font-size: $gl-btn-xs-font-size;
-    line-height: $gl-btn-xs-line-height;
+  &.btn-sm {
+    padding: 4px 10px;
+    font-size: $gl-btn-small-font-size;
+    line-height: $gl-btn-small-line-height;
   }
 
-  &.btn-sm,
   &.btn-xs {
-    padding: 3px $gl-bordered-btn-vert-padding;
+    padding: 2px $gl-btn-padding;
+    font-size: $gl-btn-xs-font-size;
+    line-height: $gl-btn-xs-line-height;
   }
 
   &.btn-success,
@@ -249,7 +239,7 @@
 
   &.dropdown-toggle {
     .fa-caret-down {
-      margin: 0;
+      margin-left: 3px;
     }
   }
 
@@ -282,7 +272,10 @@
   }
 
   svg {
-    @include btn-svg;
+    height: 15px;
+    width: 15px;
+    position: relative;
+    top: 2px;
   }
 
   svg,
@@ -337,12 +330,6 @@
   &.btn-grouped {
     @include btn-with-margin;
   }
-
-  .btn {
-    border-radius: $border-radius-default;
-    font-size: $gl-font-size;
-    line-height: $gl-btn-line-height;
-  }
 }
 
 .btn-clipboard {
@@ -500,25 +487,18 @@
   &:active,
   &:focus {
     color: $gl-text-color-secondary;
-    border: 1px solid $border-gray-normal-dashed;
     background-color: $white-normal;
   }
 }
 
-.btn-svg {
-  padding: $gl-bordered-btn-vert-padding;
-
-  svg {
-    @include btn-svg;
-    display: block;
-  }
+.btn-svg svg {
+  @include btn-svg;
 }
 
 // All disabled buttons, regardless of color, type, etc
 %disabled {
   background-color: $gray-light !important;
   border-color: $gray-200 !important;
-  box-shadow: none;
   color: $gl-text-color-disabled !important;
   opacity: 1 !important;
   cursor: default !important;
diff --git a/app/assets/stylesheets/framework/dropdowns.scss b/app/assets/stylesheets/framework/dropdowns.scss
index 05afcecca05..29f63e9578d 100644
--- a/app/assets/stylesheets/framework/dropdowns.scss
+++ b/app/assets/stylesheets/framework/dropdowns.scss
@@ -8,6 +8,12 @@
   }
 }
 
+@mixin chevron-active {
+  .fa-chevron-down {
+    color: $gray-darkest;
+  }
+}
+
 @mixin set-visible {
   transform: translateY(0);
   display: block;
@@ -43,6 +49,7 @@
 
   .dropdown-toggle,
   .dropdown-menu-toggle {
+    @include chevron-active;
     border-color: $gray-darkest;
   }
 
@@ -58,12 +65,12 @@
 
 .dropdown-toggle,
 .confidential-merge-request-fork-group .dropdown-toggle {
-  padding: $gl-bordered-btn-vert-padding $gl-bordered-btn-horz-padding;
+  padding: 6px 8px 6px 10px;
   background-color: $white-light;
   color: $gl-text-color;
   font-size: 14px;
-  line-height: $gl-btn-line-height;
   text-align: left;
+  border: 1px solid $border-color;
   border-radius: $border-radius-base;
   white-space: nowrap;
 
@@ -96,6 +103,10 @@
     padding-right: 25px;
   }
 
+  .fa {
+    color: $gray-darkest;
+  }
+
   .fa-chevron-down {
     font-size: $dropdown-chevron-size;
     position: relative;
@@ -104,10 +115,12 @@
   }
 
   &:hover {
+    @include chevron-active;
     border-color: $gray-darkest;
   }
 
   &:focus:active {
+    @include chevron-active;
     border-color: $dropdown-toggle-active-border-color;
     outline: 0;
   }
diff --git a/app/assets/stylesheets/framework/variables.scss b/app/assets/stylesheets/framework/variables.scss
index 047a9799c3f..c108f45622f 100644
--- a/app/assets/stylesheets/framework/variables.scss
+++ b/app/assets/stylesheets/framework/variables.scss
@@ -405,8 +405,6 @@ $tanuki-yellow: #fca326;
  */
 $green-500-focus: rgba($green-500, 0.4);
 $gl-btn-active-background: rgba(0, 0, 0, 0.16);
-$gl-btn-hover-shadow-dark: rgba($black, 0.2);
-$gl-btn-hover-shadow-light: rgba($black, 0.1);
 $gl-btn-active-gradient: inset 0 2px 3px $gl-btn-active-background;
 
 /*
@@ -483,8 +481,6 @@ $gl-btn-padding: 10px;
 $gl-btn-line-height: 16px;
 $gl-btn-vert-padding: 8px;
 $gl-btn-horz-padding: 12px;
-$gl-bordered-btn-vert-padding: $gl-btn-vert-padding - 1px;
-$gl-bordered-btn-horz-padding: $gl-btn-horz-padding - 1px;
 $gl-btn-small-font-size: 13px;
 $gl-btn-small-line-height: 18px;
 $gl-btn-xs-font-size: 13px;
diff --git a/app/assets/stylesheets/pages/commits.scss b/app/assets/stylesheets/pages/commits.scss
index 3d11aa58871..0b0a4e50146 100644
--- a/app/assets/stylesheets/pages/commits.scss
+++ b/app/assets/stylesheets/pages/commits.scss
@@ -214,10 +214,10 @@
 
   .label,
   .btn {
-    padding: $gl-bordered-btn-vert-padding $gl-bordered-btn-horz-padding;
+    padding: $gl-vert-padding $gl-btn-padding;
     border: 1px $border-color solid;
     font-size: $gl-font-size;
-    line-height: $gl-btn-line-height;
+    line-height: $line-height-base;
     border-radius: 0;
     display: flex;
     align-items: center;
diff --git a/app/assets/stylesheets/pages/issuable.scss b/app/assets/stylesheets/pages/issuable.scss
index 66ea70e79da..6a0127eb51c 100644
--- a/app/assets/stylesheets/pages/issuable.scss
+++ b/app/assets/stylesheets/pages/issuable.scss
@@ -929,6 +929,10 @@
       margin: 0;
     }
   }
+
+  .dropdown-toggle > .icon {
+    margin: 0 3px;
+  }
 }
 
 .right-sidebar-collapsed {
diff --git a/app/assets/stylesheets/pages/issues.scss b/app/assets/stylesheets/pages/issues.scss
index e51ca44476c..8359a60ec9f 100644
--- a/app/assets/stylesheets/pages/issues.scss
+++ b/app/assets/stylesheets/pages/issues.scss
@@ -267,6 +267,7 @@ ul.related-merge-requests > li {
     .fa-caret-down {
       pointer-events: none;
       color: inherit;
+      margin-left: 0;
     }
   }
 }
diff --git a/app/assets/stylesheets/pages/note_form.scss b/app/assets/stylesheets/pages/note_form.scss
index 1d57a4a4784..c6bac33e888 100644
--- a/app/assets/stylesheets/pages/note_form.scss
+++ b/app/assets/stylesheets/pages/note_form.scss
@@ -417,6 +417,7 @@ table {
 
     i {
       color: $white-light;
+      padding-right: 2px;
       margin-top: 2px;
     }
 
diff --git a/app/assets/stylesheets/pages/projects.scss b/app/assets/stylesheets/pages/projects.scss
index 09a576c11cb..e453f4a2264 100644
--- a/app/assets/stylesheets/pages/projects.scss
+++ b/app/assets/stylesheets/pages/projects.scss
@@ -429,7 +429,7 @@
   padding: 0;
   background: transparent;
   border: 0;
-  line-height: 2;
+  line-height: 34px;
   margin: 0;
 
   > li + li::before {
@@ -792,6 +792,7 @@
 
     .btn {
       margin-top: $gl-padding;
+      padding: $gl-btn-vert-padding $gl-btn-padding;
       line-height: $gl-btn-line-height;
 
       .icon {
diff --git a/app/assets/stylesheets/pages/tree.scss b/app/assets/stylesheets/pages/tree.scss
index 5c732ab0d1f..5664f46484e 100644
--- a/app/assets/stylesheets/pages/tree.scss
+++ b/app/assets/stylesheets/pages/tree.scss
@@ -90,7 +90,7 @@
 
   .add-to-tree {
     vertical-align: top;
-    padding: $gl-bordered-btn-vert-padding;
+    padding: 8px;
 
     svg {
       top: 0;
diff --git a/app/helpers/dropdowns_helper.rb b/app/helpers/dropdowns_helper.rb
index fd94f07cc2c..64c5fae7d96 100644
--- a/app/helpers/dropdowns_helper.rb
+++ b/app/helpers/dropdowns_helper.rb
@@ -46,7 +46,7 @@ module DropdownsHelper
 
   def dropdown_toggle(toggle_text, data_attr, options = {})
     default_label = data_attr[:default_label]
-    content_tag(:button, disabled: options[:disabled], class: "dropdown-menu-toggle btn #{options[:toggle_class] if options.key?(:toggle_class)}", id: (options[:id] if options.key?(:id)), type: "button", data: data_attr) do
+    content_tag(:button, disabled: options[:disabled], class: "dropdown-menu-toggle #{options[:toggle_class] if options.key?(:toggle_class)}", id: (options[:id] if options.key?(:id)), type: "button", data: data_attr) do
       output = content_tag(:span, toggle_text, class: "dropdown-toggle-text #{'is-default' if toggle_text == default_label}")
       output << icon('chevron-down')
       output.html_safe
diff --git a/app/views/projects/issues/import_csv/_button.html.haml b/app/views/projects/issues/import_csv/_button.html.haml
index 8442a53ed61..acc2c50294f 100644
--- a/app/views/projects/issues/import_csv/_button.html.haml
+++ b/app/views/projects/issues/import_csv/_button.html.haml
@@ -1,6 +1,6 @@
 - type = local_assigns.fetch(:type, :icon)
 
-%button.csv-import-button.btn.btn-svg{ title: _('Import CSV'), class: ('has-tooltip' if type == :icon),
+%button.csv-import-button.btn{ title: _('Import CSV'), class: ('has-tooltip' if type == :icon),
   data: { toggle: 'modal', target: '.issues-import-modal' } }
   - if type == :icon
     = sprite_icon('upload')
diff --git a/app/views/shared/issuable/_feed_buttons.html.haml b/app/views/shared/issuable/_feed_buttons.html.haml
index c9506a3295c..83f60fa6fe2 100644
--- a/app/views/shared/issuable/_feed_buttons.html.haml
+++ b/app/views/shared/issuable/_feed_buttons.html.haml
@@ -1,4 +1,4 @@
-= link_to safe_params.merge(rss_url_options), class: 'btn btn-svg has-tooltip js-rss-button', data: { container: 'body' }, title: _('Subscribe to RSS feed') do
-  = sprite_icon('rss')
-= link_to safe_params.merge(calendar_url_options), class: 'btn btn-svg has-tooltip', data: { container: 'body' }, title: _('Subscribe to calendar') do
-  = sprite_icon('calendar')
+= link_to safe_params.merge(rss_url_options), class: 'btn has-tooltip', data: { container: 'body' }, title: _('Subscribe to RSS feed') do
+  = icon('rss')
+= link_to safe_params.merge(calendar_url_options), class: 'btn has-tooltip', data: { container: 'body' }, title: _('Subscribe to calendar') do
+  = custom_icon('icon_calendar')
diff --git a/changelogs/unreleased/61145-fix-button-dimensions.yml b/changelogs/unreleased/61145-fix-button-dimensions.yml
deleted file mode 100644
index 8f209ceaa8e..00000000000
--- a/changelogs/unreleased/61145-fix-button-dimensions.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Updating button dimensions according to design spec
-merge_request: 28545
-author:
-type: fixed
diff --git a/spec/support/features/rss_shared_examples.rb b/spec/support/features/rss_shared_examples.rb
index 02d310a9afa..0de92aedba5 100644
--- a/spec/support/features/rss_shared_examples.rb
+++ b/spec/support/features/rss_shared_examples.rb
@@ -6,7 +6,7 @@ end
 
 shared_examples "it has an RSS button with current_user's feed token" do
   it "shows the RSS button with current_user's feed token" do
-    expect(page).to have_css("a:has(.fa-rss)[href*='feed_token=#{user.feed_token}'], .js-rss-button[href*='feed_token=#{user.feed_token}']")
+    expect(page).to have_css("a:has(.fa-rss)[href*='feed_token=#{user.feed_token}']")
   end
 end
 
@@ -18,6 +18,6 @@ end
 
 shared_examples "it has an RSS button without a feed token" do
   it "shows the RSS button without a feed token" do
-    expect(page).to have_css("a:has(.fa-rss):not([href*='feed_token']), .js-rss-button:not([href*='feed_token'])")
+    expect(page).to have_css("a:has(.fa-rss):not([href*='feed_token'])")
   end
 end
-- 
cgit v1.2.1


From bd31c4be0d7cfcb0c2cc887a66c313c592ce8e88 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Cunha?= <j.a.cunha@gmail.com>
Date: Tue, 16 Jul 2019 16:11:10 +0000
Subject: Enable GitLabb runner to be uninstalled from cluster

- Set as uninstallable app
- Update docs
- Adjust specs
---
 app/models/clusters/applications/runner.rb         | 15 +++++-----
 app/models/clusters/concerns/application_core.rb   | 10 +++++++
 app/models/clusters/concerns/application_status.rb | 24 +++++++++-------
 .../check_uninstall_progress_service.rb            |  1 +
 ...66-kubernetes-applications-uninstall-runner.yml |  5 ++++
 doc/user/clusters/applications.md                  |  3 +-
 spec/models/clusters/applications/runner_spec.rb   | 33 +++++++++++++++++++++-
 .../check_uninstall_progress_service_spec.rb       |  8 +++++-
 8 files changed, 79 insertions(+), 20 deletions(-)
 create mode 100644 changelogs/unreleased/60666-kubernetes-applications-uninstall-runner.yml

diff --git a/app/models/clusters/applications/runner.rb b/app/models/clusters/applications/runner.rb
index f0256ff4d41..6ae8c3bd7f3 100644
--- a/app/models/clusters/applications/runner.rb
+++ b/app/models/clusters/applications/runner.rb
@@ -29,13 +29,6 @@ module Clusters
         content_values.to_yaml
       end
 
-      # Need to investigate if pipelines run by this runner will stop upon the
-      # executor pod stopping
-      # I.e.run a pipeline, and uninstall runner while pipeline is running
-      def allowed_to_uninstall?
-        false
-      end
-
       def install_command
         Gitlab::Kubernetes::Helm::InstallCommand.new(
           name: name,
@@ -47,6 +40,14 @@ module Clusters
         )
       end
 
+      def prepare_uninstall
+        runner&.update!(active: false)
+      end
+
+      def post_uninstall
+        runner.destroy!
+      end
+
       private
 
       def ensure_runner
diff --git a/app/models/clusters/concerns/application_core.rb b/app/models/clusters/concerns/application_core.rb
index 4514498b84b..803a65726d3 100644
--- a/app/models/clusters/concerns/application_core.rb
+++ b/app/models/clusters/concerns/application_core.rb
@@ -46,6 +46,16 @@ module Clusters
             command.version = version
           end
         end
+
+        def prepare_uninstall
+          # Override if your application needs any action before
+          # being uninstalled by Helm
+        end
+
+        def post_uninstall
+          # Override if your application needs any action after
+          # being uninstalled by Helm
+        end
       end
     end
   end
diff --git a/app/models/clusters/concerns/application_status.rb b/app/models/clusters/concerns/application_status.rb
index 54a3dda6d75..342d766f723 100644
--- a/app/models/clusters/concerns/application_status.rb
+++ b/app/models/clusters/concerns/application_status.rb
@@ -59,29 +59,33 @@ module Clusters
             transition [:scheduled] => :uninstalling
           end
 
-          before_transition any => [:scheduled] do |app_status, _|
-            app_status.status_reason = nil
+          before_transition any => [:scheduled] do |application, _|
+            application.status_reason = nil
           end
 
-          before_transition any => [:errored] do |app_status, transition|
+          before_transition any => [:errored] do |application, transition|
             status_reason = transition.args.first
-            app_status.status_reason = status_reason if status_reason
+            application.status_reason = status_reason if status_reason
           end
 
-          before_transition any => [:updating] do |app_status, _|
-            app_status.status_reason = nil
+          before_transition any => [:updating] do |application, _|
+            application.status_reason = nil
           end
 
-          before_transition any => [:update_errored, :uninstall_errored] do |app_status, transition|
+          before_transition any => [:update_errored, :uninstall_errored] do |application, transition|
             status_reason = transition.args.first
-            app_status.status_reason = status_reason if status_reason
+            application.status_reason = status_reason if status_reason
           end
 
-          before_transition any => [:installed, :updated] do |app_status, _|
+          before_transition any => [:installed, :updated] do |application, _|
             # When installing any application we are also performing an update
             # of tiller (see Gitlab::Kubernetes::Helm::ClientCommand) so
             # therefore we need to reflect that in the database.
-            app_status.cluster.application_helm.update!(version: Gitlab::Kubernetes::Helm::HELM_VERSION)
+            application.cluster.application_helm.update!(version: Gitlab::Kubernetes::Helm::HELM_VERSION)
+          end
+
+          after_transition any => [:uninstalling], :use_transactions => false do |application, _|
+            application.prepare_uninstall
           end
         end
       end
diff --git a/app/services/clusters/applications/check_uninstall_progress_service.rb b/app/services/clusters/applications/check_uninstall_progress_service.rb
index 8786d295d6a..e51d84ef052 100644
--- a/app/services/clusters/applications/check_uninstall_progress_service.rb
+++ b/app/services/clusters/applications/check_uninstall_progress_service.rb
@@ -23,6 +23,7 @@ module Clusters
       private
 
       def on_success
+        app.post_uninstall
         app.destroy!
       rescue StandardError => e
         app.make_errored!(_('Application uninstalled but failed to destroy: %{error_message}') % { error_message: e.message })
diff --git a/changelogs/unreleased/60666-kubernetes-applications-uninstall-runner.yml b/changelogs/unreleased/60666-kubernetes-applications-uninstall-runner.yml
new file mode 100644
index 00000000000..3632c8eec20
--- /dev/null
+++ b/changelogs/unreleased/60666-kubernetes-applications-uninstall-runner.yml
@@ -0,0 +1,5 @@
+---
+title: Allow GitLab Runner to be uninstalled from the UI
+merge_request: 30176
+author:
+type: added
diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md
index 2246ea8ed5a..67c21bd7639 100644
--- a/doc/user/clusters/applications.md
+++ b/doc/user/clusters/applications.md
@@ -251,6 +251,7 @@ The applications below can be uninstalled.
 
 | Application | GitLab version | Notes |
 | ----------- | -------------- | ----- |
+| GitLab Runner  | 12.2+         | Any running pipelines will be canceled. |
 | Ingress  | 12.1+         | The associated load balancer and IP will be deleted and cannot be restored. Furthermore, it can only be uninstalled if JupyterHub is not installed. |
 | JupyterHub  | 12.1+         | All data not committed to GitLab will be deleted and cannot be restored. |
 | Prometheus  | 11.11+         | All data will be deleted and cannot be restored. |
@@ -278,7 +279,7 @@ Error: remote error: tls: bad certificate
 To avoid installation errors:
 
 - Before starting the installation of applications, make sure that time is synchronized
-  between your GitLab server and your Kubernetes cluster.
+between your GitLab server and your Kubernetes cluster.
 - Ensure certificates are not out of sync. When installing applications, GitLab expects a new cluster with no previous installation of Helm.
 
   You can confirm that the certificates match via `kubectl`:
diff --git a/spec/models/clusters/applications/runner_spec.rb b/spec/models/clusters/applications/runner_spec.rb
index 4f0cd0efe9c..4abe45a2152 100644
--- a/spec/models/clusters/applications/runner_spec.rb
+++ b/spec/models/clusters/applications/runner_spec.rb
@@ -18,7 +18,7 @@ describe Clusters::Applications::Runner do
 
     subject { gitlab_runner.can_uninstall? }
 
-    it { is_expected.to be_falsey }
+    it { is_expected.to be_truthy }
   end
 
   describe '#install_command' do
@@ -156,4 +156,35 @@ describe Clusters::Applications::Runner do
       end
     end
   end
+
+  describe '#prepare_uninstall' do
+    it 'pauses associated runner' do
+      active_runner = create(:ci_runner, contacted_at: 1.second.ago)
+
+      expect(active_runner.status).to eq(:online)
+
+      application_runner = create(:clusters_applications_runner, :scheduled, runner: active_runner)
+      application_runner.prepare_uninstall
+
+      expect(active_runner.status).to eq(:paused)
+    end
+  end
+
+  describe '#make_uninstalling!' do
+    subject { create(:clusters_applications_runner, :scheduled, runner: ci_runner) }
+
+    it 'calls prepare_uninstall' do
+      expect_any_instance_of(described_class).to receive(:prepare_uninstall).and_call_original
+
+      subject.make_uninstalling!
+    end
+  end
+
+  describe '#post_uninstall' do
+    it 'destroys its runner' do
+      application_runner = create(:clusters_applications_runner, :scheduled, runner: ci_runner)
+
+      expect { application_runner.post_uninstall }.to change { Ci::Runner.count }.by(-1)
+    end
+  end
 end
diff --git a/spec/services/clusters/applications/check_uninstall_progress_service_spec.rb b/spec/services/clusters/applications/check_uninstall_progress_service_spec.rb
index 9ab83d913f5..a948b442441 100644
--- a/spec/services/clusters/applications/check_uninstall_progress_service_spec.rb
+++ b/spec/services/clusters/applications/check_uninstall_progress_service_spec.rb
@@ -41,7 +41,7 @@ describe Clusters::Applications::CheckUninstallProgressService do
     end
   end
 
-  context 'when application is installing' do
+  context 'when application is uninstalling' do
     RESCHEDULE_PHASES.each { |phase| it_behaves_like 'a not yet terminated installation', phase }
 
     context 'when installation POD succeeded' do
@@ -56,6 +56,12 @@ describe Clusters::Applications::CheckUninstallProgressService do
         service.execute
       end
 
+      it 'runs application post_uninstall' do
+        expect(application).to receive(:post_uninstall).and_call_original
+
+        service.execute
+      end
+
       it 'destroys the application' do
         expect(worker_class).not_to receive(:perform_in)
 
-- 
cgit v1.2.1


From 18535eb411887ac8283cc24b8ed1e384d3aabcc1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ma=C5=82gorzata=20Ksionek?= <mksionek@gitlab.com>
Date: Tue, 16 Jul 2019 17:17:21 +0200
Subject: Add code review remarks

Change small things for better readability
---
 app/models/cycle_analytics/group_level.rb          | 11 +++---
 app/serializers/group_analytics_stage_entity.rb    |  2 +-
 lib/gitlab/cycle_analytics/summary/group/issue.rb  |  2 +-
 .../cycle_analytics/group_stage_summary_spec.rb    | 46 +++++++++++-----------
 spec/models/cycle_analytics/group_level_spec.rb    |  4 +-
 5 files changed, 32 insertions(+), 33 deletions(-)

diff --git a/app/models/cycle_analytics/group_level.rb b/app/models/cycle_analytics/group_level.rb
index 35efd8b8809..508cde0ca00 100644
--- a/app/models/cycle_analytics/group_level.rb
+++ b/app/models/cycle_analytics/group_level.rb
@@ -3,19 +3,20 @@
 module CycleAnalytics
   class GroupLevel
     include LevelBase
-    attr_reader :options
+    attr_reader :options, :group
 
-    def initialize(options:)
-      @options = options
+    def initialize(group:, options:)
+      @group = group
+      @options = options.merge(group: group)
     end
 
     def summary
-      @summary ||= ::Gitlab::CycleAnalytics::GroupStageSummary.new(options[:group],
+      @summary ||= ::Gitlab::CycleAnalytics::GroupStageSummary.new(group,
                                                               from: options[:from],
                                                               current_user: options[:current_user]).data
     end
 
-    def permissions(user: nil)
+    def permissions(*)
       STAGES.each_with_object({}) do |stage, obj|
         obj[stage] = true
       end
diff --git a/app/serializers/group_analytics_stage_entity.rb b/app/serializers/group_analytics_stage_entity.rb
index 019a3086f68..81be20e7dd8 100644
--- a/app/serializers/group_analytics_stage_entity.rb
+++ b/app/serializers/group_analytics_stage_entity.rb
@@ -9,7 +9,7 @@ class GroupAnalyticsStageEntity < Grape::Entity
   expose :description
 
   expose :group_median, as: :value do |stage|
-    # median returns a BatchLoader instance which we first have to unwrap by using to_f
+    # group_median returns a BatchLoader instance which we first have to unwrap by using to_f
     # we use to_f to make sure results below 1 are presented to the end-user
     stage.group_median.to_f.nonzero? ? distance_of_time_in_words(stage.group_median) : nil
   end
diff --git a/lib/gitlab/cycle_analytics/summary/group/issue.rb b/lib/gitlab/cycle_analytics/summary/group/issue.rb
index a5188056cb7..70073e6d843 100644
--- a/lib/gitlab/cycle_analytics/summary/group/issue.rb
+++ b/lib/gitlab/cycle_analytics/summary/group/issue.rb
@@ -16,7 +16,7 @@ module Gitlab
           end
 
           def value
-            @value ||= IssuesFinder.new(@current_user, group_id: @group.id, include_subgroups: true).execute.created_after(@from).count
+            @value ||= IssuesFinder.new(@current_user, group_id: @group.id, include_subgroups: true, created_after: @from).execute.count
           end
         end
       end
diff --git a/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb b/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
index 6505fc714c4..eea4f33ccb8 100644
--- a/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
@@ -22,6 +22,16 @@ describe Gitlab::CycleAnalytics::GroupStageSummary do
       it "finds the number of issues created after it" do
         expect(subject.first[:value]).to eq(2)
       end
+
+      context 'with subgroups' do
+        before do
+          Timecop.freeze(5.days.from_now) { create(:issue, project: create(:project, namespace: create(:group, parent: group))) }
+        end
+
+        it "finds issues from them" do
+          expect(subject.first[:value]).to eq(3)
+        end
+      end
     end
 
     context 'with other projects' do
@@ -35,18 +45,6 @@ describe Gitlab::CycleAnalytics::GroupStageSummary do
         expect(subject.first[:value]).to eq(2)
       end
     end
-
-    context 'with subgroups' do
-      before do
-        Timecop.freeze(5.days.from_now) { create(:issue, project: create(:project, namespace: create(:group, parent: group))) }
-        Timecop.freeze(5.days.from_now) { create(:issue, project: project) }
-        Timecop.freeze(5.days.from_now) { create(:issue, project: project_2) }
-      end
-
-      it "finds issues from them" do
-        expect(subject.first[:value]).to eq(3)
-      end
-    end
   end
 
   describe "#deploys" do
@@ -61,29 +59,29 @@ describe Gitlab::CycleAnalytics::GroupStageSummary do
       it "finds the number of deploys made created after it" do
         expect(subject.second[:value]).to eq(2)
       end
-    end
 
-    context 'with other projects' do
-      before do
-        Timecop.freeze(5.days.from_now) do
-          create(:deployment, :success, project: create(:project, :repository, namespace: create(:group)))
+      context 'with subgroups' do
+        before do
+          Timecop.freeze(5.days.from_now) do
+            create(:deployment, :success, project: create(:project, :repository, namespace: create(:group, parent: group)))
+          end
         end
-      end
 
-      it "doesn't find deploys from them" do
-        expect(subject.second[:value]).to eq(0)
+        it "finds deploys from them" do
+          expect(subject.second[:value]).to eq(3)
+        end
       end
     end
 
-    context 'with subgroups' do
+    context 'with other projects' do
       before do
         Timecop.freeze(5.days.from_now) do
-          create(:deployment, :success, project: create(:project, :repository, namespace: create(:group, parent: group)))
+          create(:deployment, :success, project: create(:project, :repository, namespace: create(:group)))
         end
       end
 
-      it "finds deploys from them" do
-        expect(subject.second[:value]).to eq(1)
+      it "doesn't find deploys from them" do
+        expect(subject.second[:value]).to eq(0)
       end
     end
   end
diff --git a/spec/models/cycle_analytics/group_level_spec.rb b/spec/models/cycle_analytics/group_level_spec.rb
index 70c370bc39d..154c1b9c0f8 100644
--- a/spec/models/cycle_analytics/group_level_spec.rb
+++ b/spec/models/cycle_analytics/group_level_spec.rb
@@ -12,10 +12,10 @@ describe CycleAnalytics::GroupLevel do
   let(:mr) { create_merge_request_closing_issue(user, project, issue, commit_message: "References #{issue.to_reference}") }
   let(:pipeline) { create(:ci_empty_pipeline, status: 'created', project: project, ref: mr.source_branch, sha: mr.source_branch_sha, head_pipeline_of: mr) }
 
-  subject { described_class.new(options: { from: from_date, group: group, current_user: user }) }
+  subject { described_class.new(group: group, options: { from: from_date, current_user: user }) }
 
   describe '#permissions' do
-    it 'returns permissions' do
+    it 'returns true for all stages' do
       expect(subject.permissions.values.uniq).to eq([true])
     end
   end
-- 
cgit v1.2.1


From 196dfd1243d5b5cf9786ff5019049104f7c22c7a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ma=C5=82gorzata=20Ksionek?= <mksionek@gitlab.com>
Date: Tue, 16 Jul 2019 18:03:13 +0200
Subject: Remove changelog entry

---
 changelogs/unreleased/adjust-cycle-analytics-to-group-level.yml | 5 -----
 1 file changed, 5 deletions(-)
 delete mode 100644 changelogs/unreleased/adjust-cycle-analytics-to-group-level.yml

diff --git a/changelogs/unreleased/adjust-cycle-analytics-to-group-level.yml b/changelogs/unreleased/adjust-cycle-analytics-to-group-level.yml
deleted file mode 100644
index 49f558a6c9c..00000000000
--- a/changelogs/unreleased/adjust-cycle-analytics-to-group-level.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Adjust cycle analytics to group level
-merge_request: 30391
-author:
-type: added
-- 
cgit v1.2.1


From 2549d2f08ab1e1c8c1436896e1db15655a112c62 Mon Sep 17 00:00:00 2001
From: Achilleas Pipinellis <axil@gitlab.com>
Date: Tue, 16 Jul 2019 16:51:31 +0000
Subject: Do not fail danger if suggestion commit msg > 72

We have another rule that requires squash enabled
when suggestions are applied. No need to fail the
ones that are more than 72 characters long since
they will be squashed anyway.
---
 danger/commit_messages/Dangerfile | 23 +++++++++++++----------
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/danger/commit_messages/Dangerfile b/danger/commit_messages/Dangerfile
index ec494635f02..0c675cc4c9c 100644
--- a/danger/commit_messages/Dangerfile
+++ b/danger/commit_messages/Dangerfile
@@ -88,6 +88,19 @@ def lint_commit(commit) # rubocop:disable Metrics/AbcSize
   # We ignore revert commits as they are well structured by Git already
   return false if commit.message.start_with?('Revert "')
 
+  # Fail if a suggestion commit is used and squash is not enabled
+  if commit.message.start_with?('Apply suggestion to')
+    if gitlab.mr_json['squash']
+      return false
+    else
+      fail_commit(
+        commit,
+        'If you are applying suggestions, enable squash in the merge request and re-run the failed job'
+      )
+      return true
+    end
+  end
+
   failures = false
   subject, separator, details = commit.message.split("\n", 3)
 
@@ -114,16 +127,6 @@ def lint_commit(commit) # rubocop:disable Metrics/AbcSize
     )
   end
 
-  # Fail if a suggestion commit is used and squash is not enabled
-  if commit.message.start_with?('Apply suggestion to') && !gitlab.mr_json['squash']
-    fail_commit(
-      commit,
-      'If you are applying suggestions, squash needs to be enabled in the merge request'
-    )
-
-    failures = true
-  end
-
   unless subject_starts_with_capital?(subject)
     fail_commit(commit, 'The commit subject must start with a capital letter')
     failures = true
-- 
cgit v1.2.1


From f6888b9b608deb2f36a2198466cd279e1a6f2520 Mon Sep 17 00:00:00 2001
From: Achilleas Pipinellis <axil@gitlab.com>
Date: Tue, 16 Jul 2019 19:54:14 +0300
Subject: Document all the available DAST variables

---
 doc/user/application_security/dast/index.md | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md
index a0a917c5ebd..4b98dd73d76 100644
--- a/doc/user/application_security/dast/index.md
+++ b/doc/user/application_security/dast/index.md
@@ -162,6 +162,28 @@ As the DAST job belongs to a separate `dast` stage that runs after all
 [default stages](../../../ci/yaml/README.md#stages),
 don't forget to add `stage: dast` when you override the template job definition.
 
+## Available variables
+
+DAST can be [configured](#customizing-the-dast-settings) using environment variables.
+Since it's a wrapper around the ZAP scanning scripts
+([baseline](https://github.com/zaproxy/zaproxy/wiki/ZAP-Baseline-Scan)
+or [full](https://github.com/zaproxy/zaproxy/wiki/ZAP-Full-Scan) scan), it
+accepts all arguments those scripts recognize (the arguments are the same).
+The choice of the scan type depends on the `DAST_FULL_SCAN_ENABLED` environment
+variable value.
+
+| Environment variable        | Required   | Description                                                                    |
+|-----------------------------| ----------|--------------------------------------------------------------------------------|
+| `DAST_WEBSITE`  | yes | The URL of the website to scan. |
+| `DAST_AUTH_URL` | no | The authentication URL of the website to scan. |
+| `DAST_USERNAME` | no | The username to authenticate to in the website. |
+| `DAST_PASSWORD` | no | The password to authenticate to in the website. |
+| `DAST_USERNAME_FIELD` | no | The name of username field at the sign-in HTML form. |
+| `DAST_PASSWORD_FIELD` | no | The name of password field at the sign-in HTML form. |
+| `DAST_AUTH_EXCLUDE_URLS` | no | The URLs to skip during the authenticated scan; comma-separated, no spaces in between. |
+| `DAST_TARGET_AVAILABILITY_TIMEOUT` | no | Time limit in seconds to wait for target availability. Scan is attempted nevertheless if it runs out. Integer. Defaults to `60`. |
+| `DAST_FULL_SCAN_ENABLED` | no | Switches the tool to execute [ZAP Full Scan](https://github.com/zaproxy/zaproxy/wiki/ZAP-Full-Scan) instead of [ZAP Baseline Scan](https://github.com/zaproxy/zaproxy/wiki/ZAP-Baseline-Scan). Boolean. `true`, `True`, or `1` are considered as true value, otherwise false. Defaults to `false`. |
+
 ## Security Dashboard
 
 The Security Dashboard is a good place to get an overview of all the security
-- 
cgit v1.2.1


From f5dd35617925b427a7006777c19eabc4e9be82cb Mon Sep 17 00:00:00 2001
From: Sarah Yasonik <syasonik@gitlab.com>
Date: Tue, 16 Jul 2019 17:07:47 +0000
Subject: Update weight/priority definitions in prometheus dashboard docs

---
 doc/user/project/integrations/prometheus.md | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/doc/user/project/integrations/prometheus.md b/doc/user/project/integrations/prometheus.md
index eb223bf06bc..72f12972596 100644
--- a/doc/user/project/integrations/prometheus.md
+++ b/doc/user/project/integrations/prometheus.md
@@ -145,7 +145,6 @@ To configure a custom dashboard:
 
    ```yaml
    dashboard: 'Dashboard Title'
-   priority: 2
    panel_groups:
      - group: 'Group Title'
        panels:
@@ -178,7 +177,6 @@ The following tables outline the details of expected properties.
 | Property | Type | Required | Description |
 | ------ | ------ | ------ | ------ |
 | `dashboard` | string | yes | Heading for the dashboard. Only one dashboard should be defined per file. |
-| `priority` | number | no, default to definition order | Order to appear in dashboard dropdown. Lower number means higher priority, which will be higher in the dropdown. Numbers do not need to be consecutive. |
 | `panel_groups` | array | yes | The panel groups which should be on the dashboard. |
 
 **Panel group (`panel_groups`) properties:**
@@ -186,7 +184,7 @@ The following tables outline the details of expected properties.
 | Property | Type | Required | Description |
 | ------ | ------ | ------ | ------ |
 | `group` | string | required | Heading for the panel group. |
-| `priority` | number | optional, defaults to order in file | Order to appear on the dashboard. Lower number means higher priority, which will be higher on the page. Numbers do not need to be consecutive. |
+| `priority` | number | optional, defaults to order in file | Order to appear on the dashboard. Higher number means higher priority, which will be higher on the page. Numbers do not need to be consecutive. |
 | `panels` | array | required | The panels which should be in the panel group. |
 
 **Panel (`panels`) properties:**
-- 
cgit v1.2.1


From 7a796c76c2357411e6f3a564cda92031550cb989 Mon Sep 17 00:00:00 2001
From: Jarek Ostrowski <jostrowski@gitlab.com>
Date: Tue, 16 Jul 2019 17:31:12 +0000
Subject: Align merge request icons and text

Align icons left
Align text left
Adjust padding to be consistent
Make icons same 24 size
Add changelog mr number
Add right margin to widget status container
Add left margin inside widget icon container
Prepend left padding for error message
Only give button left margin, some have buttons
Prettify
Adjust test summary icons
Prettify
Fix empty line before lint
Remove author
Switch to use gl-padding
Use utility classes instead
Prettify
Change loading icon size to md
Update summary_row.vue
---
 .../reports/components/issue_status_icon.vue       |  2 +-
 .../javascripts/reports/components/report_item.vue |  9 +++++---
 .../reports/components/report_section.vue          |  4 ++--
 .../javascripts/reports/components/summary_row.vue | 14 +++++++----
 .../components/mr_widget_icon.vue                  |  2 +-
 .../components/mr_widget_pipeline.vue              | 10 ++++----
 .../components/mr_widget_status_icon.vue           |  4 ++--
 .../components/states/commits_header.vue           |  2 +-
 .../components/states/nothing_to_merge.vue         |  4 +++-
 app/assets/stylesheets/framework/icons.scss        |  3 ---
 app/assets/stylesheets/pages/merge_requests.scss   | 27 ++++++++++++++--------
 app/assets/stylesheets/pages/pipelines.scss        |  4 ++--
 app/assets/stylesheets/pages/reports.scss          |  9 +++-----
 changelogs/unreleased/61613-spacing-mr-widgets.yml |  5 ++++
 14 files changed, 58 insertions(+), 41 deletions(-)
 create mode 100644 changelogs/unreleased/61613-spacing-mr-widgets.yml

diff --git a/app/assets/javascripts/reports/components/issue_status_icon.vue b/app/assets/javascripts/reports/components/issue_status_icon.vue
index 04fba43b2f3..386653b9444 100644
--- a/app/assets/javascripts/reports/components/issue_status_icon.vue
+++ b/app/assets/javascripts/reports/components/issue_status_icon.vue
@@ -16,7 +16,7 @@ export default {
     statusIconSize: {
       type: Number,
       required: false,
-      default: 32,
+      default: 24,
     },
   },
   computed: {
diff --git a/app/assets/javascripts/reports/components/report_item.vue b/app/assets/javascripts/reports/components/report_item.vue
index 2be9c37b00a..d477fafd3f5 100644
--- a/app/assets/javascripts/reports/components/report_item.vue
+++ b/app/assets/javascripts/reports/components/report_item.vue
@@ -27,7 +27,7 @@ export default {
     statusIconSize: {
       type: Number,
       required: false,
-      default: 32,
+      default: 24,
     },
     isNew: {
       type: Boolean,
@@ -43,12 +43,15 @@ export default {
 };
 </script>
 <template>
-  <li :class="{ 'is-dismissed': issue.isDismissed }" class="report-block-list-issue">
+  <li
+    :class="{ 'is-dismissed': issue.isDismissed }"
+    class="report-block-list-issue justify-content-center align-items-center"
+  >
     <issue-status-icon
       v-if="showReportSectionStatusIcon"
       :status="status"
       :status-icon-size="statusIconSize"
-      class="append-right-5"
+      class="append-right-default"
     />
 
     <component :is="component" v-if="component" :issue="issue" :status="status" :is-new="isNew" />
diff --git a/app/assets/javascripts/reports/components/report_section.vue b/app/assets/javascripts/reports/components/report_section.vue
index 3d576caaf8f..9bc3e6388e3 100644
--- a/app/assets/javascripts/reports/components/report_section.vue
+++ b/app/assets/javascripts/reports/components/report_section.vue
@@ -165,8 +165,8 @@ export default {
 <template>
   <section class="media-section">
     <div class="media">
-      <status-icon :status="statusIconName" />
-      <div class="media-body d-flex flex-align-self-center">
+      <status-icon :status="statusIconName" :size="24" />
+      <div class="media-body d-flex flex-align-self-center prepend-left-default">
         <span class="js-code-text code-text">
           {{ headerText }}
           <slot :name="slotName"></slot>
diff --git a/app/assets/javascripts/reports/components/summary_row.vue b/app/assets/javascripts/reports/components/summary_row.vue
index 97a68531d29..1caf52431e2 100644
--- a/app/assets/javascripts/reports/components/summary_row.vue
+++ b/app/assets/javascripts/reports/components/summary_row.vue
@@ -44,10 +44,16 @@ export default {
 };
 </script>
 <template>
-  <div class="report-block-list-issue report-block-list-issue-parent">
-    <div class="report-block-list-icon append-right-10 prepend-left-5">
-      <gl-loading-icon v-if="statusIcon === 'loading'" css-class="report-block-list-loading-icon" />
-      <ci-icon v-else :status="iconStatus" />
+  <div
+    class="report-block-list-issue report-block-list-issue-parent justify-content-center align-items-center"
+  >
+    <div class="report-block-list-icon append-right-default">
+      <gl-loading-icon
+        v-if="statusIcon === 'loading'"
+        css-class="report-block-list-loading-icon"
+        size="md"
+      />
+      <ci-icon v-else :status="iconStatus" :size="24" />
     </div>
 
     <div class="report-block-list-issue-description">
diff --git a/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_icon.vue b/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_icon.vue
index 4b57693e8f1..57d4d8b7ae6 100644
--- a/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_icon.vue
+++ b/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_icon.vue
@@ -14,6 +14,6 @@ export default {
 
 <template>
   <div class="circle-icon-container append-right-default align-self-start align-self-lg-center">
-    <icon :name="name" />
+    <icon :name="name" :size="24" />
   </div>
 </template>
diff --git a/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_pipeline.vue b/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_pipeline.vue
index f5fa68308bc..40c095aa954 100644
--- a/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_pipeline.vue
+++ b/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_pipeline.vue
@@ -96,16 +96,14 @@ export default {
 <template>
   <div class="ci-widget media js-ci-widget">
     <template v-if="!hasPipeline || hasCIError">
-      <div
-        class="add-border ci-status-icon ci-status-icon-failed ci-error js-ci-error append-right-default"
-      >
-        <icon :size="32" name="status_failed_borderless" />
+      <div class="add-border ci-status-icon ci-status-icon-failed ci-error js-ci-error">
+        <icon :size="24" name="status_failed_borderless" />
       </div>
-      <div class="media-body" v-html="errorText"></div>
+      <div class="media-body prepend-left-default" v-html="errorText"></div>
     </template>
     <template v-else-if="hasPipeline">
       <a :href="status.details_path" class="align-self-start append-right-default">
-        <ci-icon :status="status" :size="32" :borderless="true" class="add-border" />
+        <ci-icon :status="status" :size="24" :borderless="true" class="add-border" />
       </a>
       <div class="ci-widget-container d-flex">
         <div class="ci-widget-content">
diff --git a/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_status_icon.vue b/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_status_icon.vue
index 392eb6fb425..8dbd9e52cfe 100644
--- a/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_status_icon.vue
+++ b/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_status_icon.vue
@@ -32,8 +32,8 @@ export default {
 };
 </script>
 <template>
-  <div class="space-children d-flex append-right-10 widget-status-icon">
-    <div v-if="isLoading" class="mr-widget-icon"><gl-loading-icon size="md" /></div>
+  <div class="d-flex widget-status-icon">
+    <div v-if="isLoading" class="mr-widget-icon"><gl-loading-icon size="sm" /></div>
 
     <ci-icon v-else :status="statusObj" :size="24" />
 
diff --git a/app/assets/javascripts/vue_merge_request_widget/components/states/commits_header.vue b/app/assets/javascripts/vue_merge_request_widget/components/states/commits_header.vue
index 0312b147b62..01524f4b650 100644
--- a/app/assets/javascripts/vue_merge_request_widget/components/states/commits_header.vue
+++ b/app/assets/javascripts/vue_merge_request_widget/components/states/commits_header.vue
@@ -83,7 +83,7 @@ export default {
       <gl-button
         :aria-label="ariaLabel"
         variant="blank"
-        class="commit-edit-toggle square s24 mr-2"
+        class="commit-edit-toggle square s24 append-right-default"
         @click.stop="toggle()"
       >
         <icon :name="collapseIcon" :size="16" />
diff --git a/app/assets/javascripts/vue_merge_request_widget/components/states/nothing_to_merge.vue b/app/assets/javascripts/vue_merge_request_widget/components/states/nothing_to_merge.vue
index 7312b31c01c..4d7d49398eb 100644
--- a/app/assets/javascripts/vue_merge_request_widget/components/states/nothing_to_merge.vue
+++ b/app/assets/javascripts/vue_merge_request_widget/components/states/nothing_to_merge.vue
@@ -18,7 +18,9 @@ export default {
 <template>
   <div class="mr-widget-body mr-widget-empty-state">
     <div class="row">
-      <div class="artwork col-md-5 order-md-last col-12 text-center">
+      <div
+        class="artwork col-md-5 order-md-last col-12 text-center d-flex justify-content-center align-items-center"
+      >
         <span v-html="emptyStateSVG"></span>
       </div>
       <div class="text col-md-7 order-md-first col-12">
diff --git a/app/assets/stylesheets/framework/icons.scss b/app/assets/stylesheets/framework/icons.scss
index 1be5ef276fd..7332c4981d2 100644
--- a/app/assets/stylesheets/framework/icons.scss
+++ b/app/assets/stylesheets/framework/icons.scss
@@ -88,8 +88,5 @@
   display: flex;
   align-items: center;
   justify-content: center;
-  border: $border-size solid $gray-400;
-  border-radius: 50%;
-  padding: $gl-padding-8 - $border-size;
   color: $gray-700;
 }
diff --git a/app/assets/stylesheets/pages/merge_requests.scss b/app/assets/stylesheets/pages/merge_requests.scss
index 3917937f4af..2780afa11fa 100644
--- a/app/assets/stylesheets/pages/merge_requests.scss
+++ b/app/assets/stylesheets/pages/merge_requests.scss
@@ -10,8 +10,8 @@
     float: left;
   }
 
-  > *:not(:last-child) {
-    margin-right: 10px;
+  > *:not(:first-child) {
+    margin-left: 10px;
   }
 }
 
@@ -69,7 +69,7 @@
     content: '';
     border-left: 1px solid $gray-200;
     position: absolute;
-    left: 32px;
+    left: 28px;
     top: -17px;
     height: 16px;
   }
@@ -114,7 +114,7 @@
       padding: $gl-padding;
 
       @include media-breakpoint-up(md) {
-        padding-left: $gl-padding-50;
+        padding-left: $gl-padding-8 * 7;
       }
     }
   }
@@ -264,6 +264,10 @@
 
   .widget-status-icon {
     align-self: flex-start;
+
+    button {
+      margin-left: $gl-padding;
+    }
   }
 
   .mr-widget-body {
@@ -271,8 +275,8 @@
 
     @include clearfix;
 
-    &.media > *:first-child {
-      margin-right: 10px;
+    button {
+      margin-left: $gl-padding;
     }
 
     .approve-btn {
@@ -312,6 +316,7 @@
     .bold {
       font-weight: $gl-font-weight-bold;
       color: $gl-gray-light;
+      margin-left: 10px;
     }
 
     .state-label {
@@ -377,9 +382,13 @@
 
     &.mr-widget-empty-state {
       line-height: 20px;
+      padding: $gl-padding;
 
       .artwork {
-        margin-bottom: $gl-padding;
+
+        @include media-breakpoint-down(md) {
+          margin-bottom: $gl-padding;
+        }
       }
 
       .text {
@@ -395,7 +404,7 @@
   }
 
   .mr-widget-help {
-    padding: 10px 16px 10px $gl-padding-50;
+    padding: 10px 16px 10px ($gl-padding-8 * 7);
     font-style: italic;
   }
 
@@ -913,7 +922,7 @@
   .media-body {
     min-width: 0;
     font-size: 12px;
-    margin-left: 48px;
+    margin-left: 40px;
   }
 
   &:not(:last-child) {
diff --git a/app/assets/stylesheets/pages/pipelines.scss b/app/assets/stylesheets/pages/pipelines.scss
index aa6bbc8e473..ff4fa8aacdc 100644
--- a/app/assets/stylesheets/pages/pipelines.scss
+++ b/app/assets/stylesheets/pages/pipelines.scss
@@ -588,8 +588,8 @@
     }
 
     .ci-status-icon svg {
-      height: 20px;
-      width: 20px;
+      height: 24px;
+      width: 24px;
     }
 
     .dropdown-menu-toggle {
diff --git a/app/assets/stylesheets/pages/reports.scss b/app/assets/stylesheets/pages/reports.scss
index 94da72622af..85e9f303dde 100644
--- a/app/assets/stylesheets/pages/reports.scss
+++ b/app/assets/stylesheets/pages/reports.scss
@@ -57,7 +57,7 @@
 
 .report-block-container {
   border-top: 1px solid $border-color;
-  padding: $gl-padding-top;
+  padding: $gl-padding - 2;
   background-color: $gray-light;
 
   // Clean MR widget CSS
@@ -96,17 +96,14 @@
 
   .ci-status-icon {
     svg {
-      width: 16px;
-      height: 16px;
-      left: -2px;
+      width: 24px;
+      height: 24px;
     }
   }
 }
 
 .report-block-list-issue {
   display: flex;
-  align-items: flex-start;
-  align-content: flex-start;
 }
 
 .is-dismissed .report-block-list-issue-description,
diff --git a/changelogs/unreleased/61613-spacing-mr-widgets.yml b/changelogs/unreleased/61613-spacing-mr-widgets.yml
new file mode 100644
index 00000000000..7d37ef8da2e
--- /dev/null
+++ b/changelogs/unreleased/61613-spacing-mr-widgets.yml
@@ -0,0 +1,5 @@
+---
+title: Left align mr widget icons and text
+merge_request: 28561
+author: 
+type: fixed
-- 
cgit v1.2.1


From 1419eaf6c77bb46c723309957cae540aad5b75f1 Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Tue, 16 Jul 2019 12:56:05 -0500
Subject: Resolve docs lint failure in users/clusters/applications.md

---
 doc/user/clusters/applications.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md
index 67c21bd7639..6956086c382 100644
--- a/doc/user/clusters/applications.md
+++ b/doc/user/clusters/applications.md
@@ -279,7 +279,7 @@ Error: remote error: tls: bad certificate
 To avoid installation errors:
 
 - Before starting the installation of applications, make sure that time is synchronized
-between your GitLab server and your Kubernetes cluster.
+  between your GitLab server and your Kubernetes cluster.
 - Ensure certificates are not out of sync. When installing applications, GitLab expects a new cluster with no previous installation of Helm.
 
   You can confirm that the certificates match via `kubectl`:
-- 
cgit v1.2.1


From 355330dd1ea6f13f1049b1be044ec1ecf51ba658 Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Tue, 16 Jul 2019 11:42:48 -0500
Subject: Add EE-only class instrumentation

---
 config/initializers/zz_metrics.rb | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/config/initializers/zz_metrics.rb b/config/initializers/zz_metrics.rb
index 5aa6f73c5c5..5a062559c29 100644
--- a/config/initializers/zz_metrics.rb
+++ b/config/initializers/zz_metrics.rb
@@ -6,6 +6,7 @@
 # that we can stub it for testing, as it is only called when metrics are
 # enabled.
 #
+# rubocop:disable Metrics/AbcSize
 def instrument_classes(instrumentation)
   instrumentation.instrument_instance_methods(Gitlab::Shell)
 
@@ -86,12 +87,42 @@ def instrument_classes(instrumentation)
   instrumentation.instrument_methods(Gitlab::Highlight)
   instrumentation.instrument_instance_methods(Gitlab::Highlight)
 
+  Gitlab.ee do
+    instrumentation.instrument_methods(Elasticsearch::Git::Repository)
+    instrumentation.instrument_instance_methods(Elasticsearch::Git::Repository)
+
+    instrumentation.instrument_instance_methods(Search::GlobalService)
+    instrumentation.instrument_instance_methods(Search::ProjectService)
+
+    instrumentation.instrument_instance_methods(Gitlab::Elastic::SearchResults)
+    instrumentation.instrument_instance_methods(Gitlab::Elastic::ProjectSearchResults)
+    instrumentation.instrument_instance_methods(Gitlab::Elastic::Indexer)
+    instrumentation.instrument_instance_methods(Gitlab::Elastic::SnippetSearchResults)
+    instrumentation.instrument_methods(Gitlab::Elastic::Helper)
+
+    instrumentation.instrument_instance_methods(Elastic::ApplicationSearch)
+    instrumentation.instrument_instance_methods(Elastic::IssuesSearch)
+    instrumentation.instrument_instance_methods(Elastic::MergeRequestsSearch)
+    instrumentation.instrument_instance_methods(Elastic::MilestonesSearch)
+    instrumentation.instrument_instance_methods(Elastic::NotesSearch)
+    instrumentation.instrument_instance_methods(Elastic::ProjectsSearch)
+    instrumentation.instrument_instance_methods(Elastic::RepositoriesSearch)
+    instrumentation.instrument_instance_methods(Elastic::SnippetsSearch)
+    instrumentation.instrument_instance_methods(Elastic::WikiRepositoriesSearch)
+
+    instrumentation.instrument_instance_methods(Gitlab::BitbucketImport::Importer)
+    instrumentation.instrument_instance_methods(Bitbucket::Connection)
+
+    instrumentation.instrument_instance_methods(Geo::RepositorySyncWorker)
+  end
+
   # This is a Rails scope so we have to instrument it manually.
   instrumentation.instrument_method(Project, :visible_to_user)
 
   # Needed for https://gitlab.com/gitlab-org/gitlab-ce/issues/30224#note_32306159
   instrumentation.instrument_instance_method(MergeRequestDiff, :load_commits)
 end
+# rubocop:enable Metrics/AbcSize
 
 # With prometheus enabled by default this breaks all specs
 # that stubs methods using `any_instance_of` for the models reloaded here.
-- 
cgit v1.2.1


From c290eca1c1f59a59c052a66e06cd29aaefdb8cb0 Mon Sep 17 00:00:00 2001
From: Sarah Yasonik <syasonik@gitlab.com>
Date: Tue, 16 Jul 2019 18:53:03 +0000
Subject: Refactor EnvironmentsController#metrics_dashboard endpoint

---
 .../projects/environments_controller.rb            |  16 +-
 .../projects/environments_controller_spec.rb       | 199 +++++++++++++--------
 2 files changed, 137 insertions(+), 78 deletions(-)

diff --git a/app/controllers/projects/environments_controller.rb b/app/controllers/projects/environments_controller.rb
index 1bca52106fa..ccd54b369fa 100644
--- a/app/controllers/projects/environments_controller.rb
+++ b/app/controllers/projects/environments_controller.rb
@@ -160,20 +160,22 @@ class Projects::EnvironmentsController < Projects::ApplicationController
   end
 
   def metrics_dashboard
-    return render_403 unless Feature.enabled?(:environment_metrics_use_prometheus_endpoint, project)
-
-    if Feature.enabled?(:environment_metrics_show_multiple_dashboards, project)
+    if Feature.enabled?(:gfm_embedded_metrics, project) && params[:embedded]
       result = dashboard_finder.find(
         project,
         current_user,
         environment,
-        dashboard_path: params[:dashboard],
         embedded: params[:embedded]
       )
+    elsif Feature.enabled?(:environment_metrics_show_multiple_dashboards, project)
+      result = dashboard_finder.find(
+        project,
+        current_user,
+        environment,
+        dashboard_path: params[:dashboard]
+      )
 
-      unless params[:embedded]
-        result[:all_dashboards] = dashboard_finder.find_all_paths(project)
-      end
+      result[:all_dashboards] = dashboard_finder.find_all_paths(project)
     else
       result = dashboard_finder.find(project, current_user, environment)
     end
diff --git a/spec/controllers/projects/environments_controller_spec.rb b/spec/controllers/projects/environments_controller_spec.rb
index 4c2c6160c62..ebbbebf1bc0 100644
--- a/spec/controllers/projects/environments_controller_spec.rb
+++ b/spec/controllers/projects/environments_controller_spec.rb
@@ -3,6 +3,8 @@
 require 'spec_helper'
 
 describe Projects::EnvironmentsController do
+  include MetricsDashboardHelpers
+
   set(:user) { create(:user) }
   set(:project) { create(:project) }
 
@@ -445,131 +447,186 @@ describe Projects::EnvironmentsController do
     end
   end
 
-  describe 'metrics_dashboard' do
-    context 'when prometheus endpoint is disabled' do
-      before do
-        stub_feature_flags(environment_metrics_use_prometheus_endpoint: false)
-      end
+  describe 'GET #metrics_dashboard' do
+    shared_examples_for 'correctly formatted response' do |status_code|
+      it 'returns a json object with the correct keys' do
+        get :metrics_dashboard, params: environment_params(dashboard_params)
 
-      it 'responds with status code 403' do
-        get :metrics_dashboard, params: environment_params(format: :json)
+        # Exlcude `all_dashboards` to handle separately.
+        found_keys = json_response.keys - ['all_dashboards']
 
-        expect(response).to have_gitlab_http_status(:forbidden)
+        expect(response).to have_gitlab_http_status(status_code)
+        expect(found_keys).to contain_exactly(*expected_keys)
       end
     end
 
-    shared_examples_for '200 response' do |contains_all_dashboards: false|
+    shared_examples_for '200 response' do
       let(:expected_keys) { %w(dashboard status) }
 
-      before do
-        expected_keys << 'all_dashboards' if contains_all_dashboards
-      end
-
-      it 'returns a json representation of the environment dashboard' do
-        get :metrics_dashboard, params: environment_params(dashboard_params)
-
-        expect(response).to have_gitlab_http_status(:ok)
-        expect(json_response.keys).to contain_exactly(*expected_keys)
-        expect(json_response['dashboard']).to be_an_instance_of(Hash)
-      end
+      it_behaves_like 'correctly formatted response', :ok
     end
 
-    shared_examples_for 'error response' do |status_code, contains_all_dashboards: false|
+    shared_examples_for 'error response' do |status_code|
       let(:expected_keys) { %w(message status) }
 
-      before do
-        expected_keys << 'all_dashboards' if contains_all_dashboards
-      end
+      it_behaves_like 'correctly formatted response', status_code
+    end
 
-      it 'returns an error response' do
+    shared_examples_for 'includes all dashboards' do
+      it 'includes info for all findable dashboard' do
         get :metrics_dashboard, params: environment_params(dashboard_params)
 
-        expect(response).to have_gitlab_http_status(status_code)
-        expect(json_response.keys).to contain_exactly(*expected_keys)
+        expect(json_response).to have_key('all_dashboards')
+        expect(json_response['all_dashboards']).to be_an_instance_of(Array)
+        expect(json_response['all_dashboards']).to all( include('path', 'default', 'display_name') )
       end
     end
 
-    shared_examples_for 'has all dashboards' do
-      it 'includes an index of all available dashboards' do
+    shared_examples_for 'the default dashboard' do
+      all_dashboards = Feature.enabled?(:environment_metrics_show_multiple_dashboards)
+
+      it_behaves_like '200 response'
+      it_behaves_like 'includes all dashboards' if all_dashboards
+
+      it 'is the default dashboard' do
         get :metrics_dashboard, params: environment_params(dashboard_params)
 
-        expect(json_response.keys).to include('all_dashboards')
-        expect(json_response['all_dashboards']).to be_an_instance_of(Array)
-        expect(json_response['all_dashboards']).to all( include('path', 'default') )
+        expect(json_response['dashboard']['dashboard']).to eq('Environment metrics')
       end
     end
 
-    context 'when multiple dashboards is disabled' do
-      before do
-        stub_feature_flags(environment_metrics_show_multiple_dashboards: false)
-      end
+    shared_examples_for 'the specified dashboard' do |expected_dashboard|
+      it_behaves_like '200 response'
+      it_behaves_like 'includes all dashboards'
 
-      let(:dashboard_params) { { format: :json } }
+      it 'has the correct name' do
+        get :metrics_dashboard, params: environment_params(dashboard_params)
 
-      it_behaves_like '200 response'
+        dashboard_name = json_response['dashboard']['dashboard']
 
-      context 'when the dashboard could not be provided' do
+        # 'Environment metrics' is the default dashboard.
+        expect(dashboard_name).not_to eq('Environment metrics')
+        expect(dashboard_name).to eq(expected_dashboard)
+      end
+
+      context 'when the dashboard cannot not be processed' do
         before do
           allow(YAML).to receive(:safe_load).and_return({})
         end
 
         it_behaves_like 'error response', :unprocessable_entity
       end
-
-      context 'when a dashboard param is specified' do
-        let(:dashboard_params) { { format: :json, dashboard: '.gitlab/dashboards/not_there_dashboard.yml' } }
-
-        it_behaves_like '200 response'
-      end
     end
 
-    context 'when multiple dashboards is enabled' do
-      let(:dashboard_params) { { format: :json } }
+    shared_examples_for 'the default dynamic dashboard' do
+      it_behaves_like '200 response'
 
-      it_behaves_like '200 response', contains_all_dashboards: true
-      it_behaves_like 'has all dashboards'
+      it 'contains only the Memory and CPU charts' do
+        get :metrics_dashboard, params: environment_params(dashboard_params)
 
-      context 'when a dashboard could not be provided' do
-        before do
-          allow(YAML).to receive(:safe_load).and_return({})
-        end
+        dashboard = json_response['dashboard']
+        panel_group = dashboard['panel_groups'].first
+        titles = panel_group['panels'].map { |panel| panel['title'] }
 
-        it_behaves_like 'error response', :unprocessable_entity, contains_all_dashboards: true
-        it_behaves_like 'has all dashboards'
+        expect(dashboard['dashboard']).to be_nil
+        expect(dashboard['panel_groups'].length).to eq 1
+        expect(panel_group['group']).to be_nil
+        expect(titles).to eq ['Memory Usage (Total)', 'Core Usage (Total)']
       end
+    end
 
-      context 'when a dashboard param is specified' do
-        let(:dashboard_params) { { format: :json, dashboard: '.gitlab/dashboards/test.yml' } }
+    shared_examples_for 'dashboard can be specified' do
+      context 'when dashboard is specified' do
+        let(:dashboard_path) { '.gitlab/dashboards/test.yml' }
+        let(:dashboard_params) { { format: :json, dashboard: dashboard_path } }
+
+        it_behaves_like 'error response', :not_found
 
-        context 'when the dashboard is available' do
+        context 'when the project dashboard is available' do
           let(:dashboard_yml) { fixture_file('lib/gitlab/metrics/dashboard/sample_dashboard.yml') }
-          let(:dashboard_file) { { '.gitlab/dashboards/test.yml' => dashboard_yml } }
-          let(:project) { create(:project, :custom_repo, files: dashboard_file) }
+          let(:project) { project_with_dashboard(dashboard_path, dashboard_yml) }
           let(:environment) { create(:environment, name: 'production', project: project) }
 
-          it_behaves_like '200 response', contains_all_dashboards: true
-          it_behaves_like 'has all dashboards'
+          it_behaves_like 'the specified dashboard', 'Test Dashboard'
         end
 
-        context 'when the dashboard does not exist' do
-          it_behaves_like 'error response', :not_found, contains_all_dashboards: true
-          it_behaves_like 'has all dashboards'
+        context 'when the specified dashboard is the default dashboard' do
+          let(:dashboard_path) { Gitlab::Metrics::Dashboard::SystemDashboardService::SYSTEM_DASHBOARD_PATH }
+
+          it_behaves_like 'the default dashboard'
         end
       end
+    end
 
-      context 'when the dashboard is intended for embedding' do
+    shared_examples_for 'dashboard can be embedded' do
+      context 'when the embedded flag is included' do
         let(:dashboard_params) { { format: :json, embedded: true } }
 
-        it_behaves_like '200 response'
+        it_behaves_like 'the default dynamic dashboard'
 
-        context 'when a dashboard path is provided' do
-          let(:dashboard_params) { { format: :json, dashboard: '.gitlab/dashboards/test.yml', embedded: true } }
+        context 'when the dashboard is specified' do
+          let(:dashboard_params) { { format: :json, embedded: true, dashboard: '.gitlab/dashboards/fake.yml' } }
 
-          # The dashboard path should simple be ignored.
-          it_behaves_like '200 response'
+          # The dashboard param should be ignored.
+          it_behaves_like 'the default dynamic dashboard'
         end
       end
     end
+
+    shared_examples_for 'dashboard cannot be specified' do
+      context 'when dashboard is specified' do
+        let(:dashboard_params) { { format: :json, dashboard: '.gitlab/dashboards/test.yml' } }
+
+        it_behaves_like 'the default dashboard'
+      end
+    end
+
+    shared_examples_for 'dashboard cannot be embedded' do
+      context 'when the embedded flag is included' do
+        let(:dashboard_params) { { format: :json, embedded: true } }
+
+        it_behaves_like 'the default dashboard'
+      end
+    end
+
+    let(:dashboard_params) { { format: :json } }
+
+    it_behaves_like 'the default dashboard'
+    it_behaves_like 'dashboard can be specified'
+    it_behaves_like 'dashboard can be embedded'
+
+    context 'when multiple dashboards is enabled and embedding metrics is disabled' do
+      before do
+        stub_feature_flags(gfm_embedded_metrics: false)
+      end
+
+      it_behaves_like 'the default dashboard'
+      it_behaves_like 'dashboard can be specified'
+      it_behaves_like 'dashboard cannot be embedded'
+    end
+
+    context 'when multiple dashboards is disabled and embedding metrics is enabled' do
+      before do
+        stub_feature_flags(environment_metrics_show_multiple_dashboards: false)
+      end
+
+      it_behaves_like 'the default dashboard'
+      it_behaves_like 'dashboard cannot be specified'
+      it_behaves_like 'dashboard can be embedded'
+    end
+
+    context 'when multiple dashboards and embedding metrics are disabled' do
+      before do
+        stub_feature_flags(
+          environment_metrics_show_multiple_dashboards: false,
+          gfm_embedded_metrics: false
+        )
+      end
+
+      it_behaves_like 'the default dashboard'
+      it_behaves_like 'dashboard cannot be specified'
+      it_behaves_like 'dashboard cannot be embedded'
+    end
   end
 
   describe 'GET #search' do
-- 
cgit v1.2.1


From 0d84010d1c374fe3cfdbc3b067e4502e56b6a8b3 Mon Sep 17 00:00:00 2001
From: Reuben Pereira <rpereira@gitlab.com>
Date: Tue, 16 Jul 2019 19:20:43 +0000
Subject: Don't use transactions and exceptions

Instead return error objects.
---
 app/models/concerns/stepable.rb                    |  35 ++++
 .../self_monitoring/project/create_service.rb      | 132 ++++++++++++++
 config/gitlab.yml.example                          |  13 ++
 spec/models/concerns/stepable_spec.rb              | 111 ++++++++++++
 .../self_monitoring/project/create_service_spec.rb | 201 +++++++++++++++++++++
 5 files changed, 492 insertions(+)
 create mode 100644 app/models/concerns/stepable.rb
 create mode 100644 app/services/self_monitoring/project/create_service.rb
 create mode 100644 spec/models/concerns/stepable_spec.rb
 create mode 100644 spec/services/self_monitoring/project/create_service_spec.rb

diff --git a/app/models/concerns/stepable.rb b/app/models/concerns/stepable.rb
new file mode 100644
index 00000000000..d00a049a004
--- /dev/null
+++ b/app/models/concerns/stepable.rb
@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+module Stepable
+  extend ActiveSupport::Concern
+
+  def steps
+    self.class._all_steps
+  end
+
+  def execute_steps
+    initial_result = {}
+
+    steps.inject(initial_result) do |previous_result, callback|
+      result = method(callback).call
+
+      if result[:status] == :error
+        result[:failed_step] = callback
+
+        break result
+      end
+
+      previous_result.merge(result)
+    end
+  end
+
+  class_methods do
+    def _all_steps
+      @_all_steps ||= []
+    end
+
+    def steps(*methods)
+      _all_steps.concat methods
+    end
+  end
+end
diff --git a/app/services/self_monitoring/project/create_service.rb b/app/services/self_monitoring/project/create_service.rb
new file mode 100644
index 00000000000..e5ef8c15456
--- /dev/null
+++ b/app/services/self_monitoring/project/create_service.rb
@@ -0,0 +1,132 @@
+# frozen_string_literal: true
+
+module SelfMonitoring
+  module Project
+    class CreateService < ::BaseService
+      include Stepable
+
+      DEFAULT_VISIBILITY_LEVEL = Gitlab::VisibilityLevel::INTERNAL
+      DEFAULT_NAME = 'GitLab Instance Administration'
+      DEFAULT_DESCRIPTION = <<~HEREDOC
+        This project is automatically generated and will be used to help monitor this GitLab instance.
+      HEREDOC
+
+      steps :validate_admins,
+        :create_project,
+        :add_project_members,
+        :add_prometheus_manual_configuration
+
+      def initialize
+        super(nil)
+      end
+
+      def execute
+        execute_steps
+      end
+
+      private
+
+      def validate_admins
+        unless instance_admins.any?
+          log_error('No active admin user found')
+          return error('No active admin user found')
+        end
+
+        success
+      end
+
+      def create_project
+        admin_user = project_owner
+        @project = ::Projects::CreateService.new(admin_user, create_project_params).execute
+
+        if project.persisted?
+          success(project: project)
+        else
+          log_error("Could not create self-monitoring project. Errors: #{project.errors.full_messages}")
+          error('Could not create project')
+        end
+      end
+
+      def add_project_members
+        members = project.add_users(project_maintainers, Gitlab::Access::MAINTAINER)
+        errors = members.flat_map { |member| member.errors.full_messages }
+
+        if errors.any?
+          log_error("Could not add admins as members to self-monitoring project. Errors: #{errors}")
+          error('Could not add admins as members')
+        else
+          success
+        end
+      end
+
+      def add_prometheus_manual_configuration
+        return success unless prometheus_enabled?
+        return success unless prometheus_listen_address.present?
+
+        # TODO: Currently, adding the internal prometheus server as a manual configuration
+        # is only possible if the setting to allow webhooks and services to connect
+        # to local network is on.
+        # https://gitlab.com/gitlab-org/gitlab-ce/issues/44496 will add
+        # a whitelist that will allow connections to certain ips on the local network.
+
+        service = project.find_or_initialize_service('prometheus')
+
+        unless service.update(prometheus_service_attributes)
+          log_error("Could not save prometheus manual configuration for self-monitoring project. Errors: #{service.errors.full_messages}")
+          return error('Could not save prometheus manual configuration')
+        end
+
+        success
+      end
+
+      def prometheus_enabled?
+        Gitlab.config.prometheus.enable
+      rescue Settingslogic::MissingSetting
+        false
+      end
+
+      def prometheus_listen_address
+        Gitlab.config.prometheus.listen_address
+      rescue Settingslogic::MissingSetting
+      end
+
+      def instance_admins
+        @instance_admins ||= User.admins.active
+      end
+
+      def project_owner
+        instance_admins.first
+      end
+
+      def project_maintainers
+        # Exclude the first so that the project_owner is not added again as a member.
+        instance_admins - [project_owner]
+      end
+
+      def create_project_params
+        {
+          initialize_with_readme: true,
+          visibility_level: DEFAULT_VISIBILITY_LEVEL,
+          name: DEFAULT_NAME,
+          description: DEFAULT_DESCRIPTION
+        }
+      end
+
+      def internal_prometheus_listen_address_uri
+        if prometheus_listen_address.starts_with?('http')
+          prometheus_listen_address
+        else
+          'http://' + prometheus_listen_address
+        end
+      end
+
+      def prometheus_service_attributes
+        {
+          api_url: internal_prometheus_listen_address_uri,
+          manual_configuration: true,
+          active: true
+        }
+      end
+    end
+  end
+end
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index 334c241bcaa..0e78980350f 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -952,6 +952,16 @@ production: &base
     #  address: localhost
     #  port: 3807
 
+  ## Prometheus settings
+  # Do not modify these settings here. They should be modified in /etc/gitlab/gitlab.rb
+  # if you installed GitLab via Omnibus.
+  # If you installed from source, you need to install and configure Prometheus
+  # yourself, and then update the values here.
+  # https://docs.gitlab.com/ee/administration/monitoring/prometheus/
+  prometheus:
+    # enable: true
+    # listen_address: 'localhost:9090'
+
   #
   # 5. Extra customization
   # ==========================
@@ -1158,6 +1168,9 @@ test:
         user_filter: ''
         group_base: 'ou=groups,dc=example,dc=com'
         admin_group: ''
+  prometheus:
+    enable: true
+    listen_address: 'localhost:9090'
 
 staging:
   <<: *base
diff --git a/spec/models/concerns/stepable_spec.rb b/spec/models/concerns/stepable_spec.rb
new file mode 100644
index 00000000000..5685de6a9bf
--- /dev/null
+++ b/spec/models/concerns/stepable_spec.rb
@@ -0,0 +1,111 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Stepable do
+  let(:described_class) do
+    Class.new do
+      include Stepable
+
+      steps :method1, :method2, :method3
+
+      def execute
+        execute_steps
+      end
+
+      private
+
+      def method1
+        { status: :success }
+      end
+
+      def method2
+        return { status: :error } unless @pass
+
+        { status: :success, variable1: 'var1' }
+      end
+
+      def method3
+        { status: :success, variable2: 'var2' }
+      end
+    end
+  end
+
+  let(:prepended_module) do
+    Module.new do
+      extend ActiveSupport::Concern
+
+      prepended do
+        steps :appended_method1
+      end
+
+      private
+
+      def appended_method1
+        { status: :success }
+      end
+    end
+  end
+
+  before do
+    described_class.prepend(prepended_module)
+  end
+
+  it 'stops after the first error' do
+    expect(subject).not_to receive(:method3)
+    expect(subject).not_to receive(:appended_method1)
+
+    expect(subject.execute).to eq(
+      status: :error,
+      failed_step: :method2
+    )
+  end
+
+  context 'when all methods return success' do
+    before do
+      subject.instance_variable_set(:@pass, true)
+    end
+
+    it 'calls all methods in order' do
+      expect(subject).to receive(:method1).and_call_original.ordered
+      expect(subject).to receive(:method2).and_call_original.ordered
+      expect(subject).to receive(:method3).and_call_original.ordered
+      expect(subject).to receive(:appended_method1).and_call_original.ordered
+
+      subject.execute
+    end
+
+    it 'merges variables returned by all steps' do
+      expect(subject.execute).to eq(
+        status: :success,
+        variable1: 'var1',
+        variable2: 'var2'
+      )
+    end
+  end
+
+  context 'with multiple stepable classes' do
+    let(:other_class) do
+      Class.new do
+        include Stepable
+
+        steps :other_method1, :other_method2
+
+        private
+
+        def other_method1
+          { status: :success }
+        end
+
+        def other_method2
+          { status: :success }
+        end
+      end
+    end
+
+    it 'does not leak steps' do
+      expect(other_class.new.steps).to contain_exactly(:other_method1, :other_method2)
+      expect(subject.steps).to contain_exactly(:method1, :method2, :method3, :appended_method1)
+    end
+  end
+end
diff --git a/spec/services/self_monitoring/project/create_service_spec.rb b/spec/services/self_monitoring/project/create_service_spec.rb
new file mode 100644
index 00000000000..d11e27c6d52
--- /dev/null
+++ b/spec/services/self_monitoring/project/create_service_spec.rb
@@ -0,0 +1,201 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe SelfMonitoring::Project::CreateService do
+  describe '#execute' do
+    let(:result) { subject.execute }
+
+    let(:prometheus_settings) do
+      OpenStruct.new(
+        enable: true,
+        listen_address: 'localhost:9090'
+      )
+    end
+
+    before do
+      allow(Gitlab.config).to receive(:prometheus).and_return(prometheus_settings)
+    end
+
+    context 'without admin users' do
+      it 'returns error' do
+        expect(subject).to receive(:log_error).and_call_original
+        expect(result).to eq(
+          status: :error,
+          message: 'No active admin user found',
+          failed_step: :validate_admins
+        )
+      end
+    end
+
+    context 'with admin users' do
+      let(:project) { result[:project] }
+
+      let!(:user) { create(:user, :admin) }
+
+      before do
+        allow(ApplicationSetting)
+          .to receive(:current)
+          .and_return(
+            ApplicationSetting.build_from_defaults(allow_local_requests_from_hooks_and_services: true)
+          )
+      end
+
+      shared_examples 'has prometheus service' do |listen_address|
+        it do
+          expect(result[:status]).to eq(:success)
+
+          prometheus = project.prometheus_service
+          expect(prometheus).not_to eq(nil)
+          expect(prometheus.api_url).to eq(listen_address)
+          expect(prometheus.active).to eq(true)
+          expect(prometheus.manual_configuration).to eq(true)
+        end
+      end
+
+      it_behaves_like 'has prometheus service', 'http://localhost:9090'
+
+      it 'creates project with internal visibility' do
+        expect(result[:status]).to eq(:success)
+        expect(project.visibility_level).to eq(Gitlab::VisibilityLevel::INTERNAL)
+        expect(project).to be_persisted
+      end
+
+      it 'creates project with internal visibility even when internal visibility is restricted' do
+        stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::INTERNAL])
+
+        expect(result[:status]).to eq(:success)
+        expect(project.visibility_level).to eq(Gitlab::VisibilityLevel::INTERNAL)
+        expect(project).to be_persisted
+      end
+
+      it 'creates project with correct name and description' do
+        expect(result[:status]).to eq(:success)
+        expect(project.name).to eq(described_class::DEFAULT_NAME)
+        expect(project.description).to eq(described_class::DEFAULT_DESCRIPTION)
+      end
+
+      it 'adds all admins as maintainers' do
+        admin1 = create(:user, :admin)
+        admin2 = create(:user, :admin)
+        create(:user)
+
+        expect(result[:status]).to eq(:success)
+        expect(project.owner).to eq(user)
+        expect(project.members.collect(&:user)).to contain_exactly(user, admin1, admin2)
+        expect(project.members.collect(&:access_level)).to contain_exactly(
+          Gitlab::Access::MAINTAINER,
+          Gitlab::Access::MAINTAINER,
+          Gitlab::Access::MAINTAINER
+        )
+      end
+
+      # This should pass when https://gitlab.com/gitlab-org/gitlab-ce/issues/44496
+      # is complete and the prometheus listen address is added to the whitelist.
+      # context 'when local requests from hooks and services are not allowed' do
+      #   before do
+      #     allow(ApplicationSetting)
+      #       .to receive(:current)
+      #       .and_return(
+      #         ApplicationSetting.build_from_defaults(allow_local_requests_from_hooks_and_services: false)
+      #       )
+      #   end
+
+      #   it_behaves_like 'has prometheus service', 'http://localhost:9090'
+      # end
+
+      context 'with non default prometheus address' do
+        before do
+          prometheus_settings.listen_address = 'https://localhost:9090'
+        end
+
+        it_behaves_like 'has prometheus service', 'https://localhost:9090'
+      end
+
+      context 'when prometheus setting is not present in gitlab.yml' do
+        before do
+          allow(Gitlab.config).to receive(:prometheus).and_raise(Settingslogic::MissingSetting)
+        end
+
+        it 'does not fail' do
+          expect(result).to include(status: :success)
+          expect(project.prometheus_service).to be_nil
+        end
+      end
+
+      context 'when prometheus setting is disabled in gitlab.yml' do
+        before do
+          prometheus_settings.enable = false
+        end
+
+        it 'does not configure prometheus' do
+          expect(result).to include(status: :success)
+          expect(project.prometheus_service).to be_nil
+        end
+      end
+
+      context 'when prometheus listen address is blank in gitlab.yml' do
+        before do
+          prometheus_settings.listen_address = ''
+        end
+
+        it 'does not configure prometheus' do
+          expect(result).to include(status: :success)
+          expect(project.prometheus_service).to be_nil
+        end
+      end
+
+      context 'when project cannot be created' do
+        let(:project) { build(:project) }
+
+        before do
+          project.errors.add(:base, "Test error")
+
+          expect_next_instance_of(::Projects::CreateService) do |project_create_service|
+            expect(project_create_service).to receive(:execute)
+              .and_return(project)
+          end
+        end
+
+        it 'returns error' do
+          expect(subject).to receive(:log_error).and_call_original
+          expect(result).to eq({
+            status: :error,
+            message: 'Could not create project',
+            failed_step: :create_project
+          })
+        end
+      end
+
+      context 'when user cannot be added to project' do
+        before do
+          subject.instance_variable_set(:@instance_admins, [user, build(:user, :admin)])
+        end
+
+        it 'returns error' do
+          expect(subject).to receive(:log_error).and_call_original
+          expect(result).to eq({
+            status: :error,
+            message: 'Could not add admins as members',
+            failed_step: :add_project_members
+          })
+        end
+      end
+
+      context 'when prometheus manual configuration cannot be saved' do
+        before do
+          prometheus_settings.listen_address = 'httpinvalid://localhost:9090'
+        end
+
+        it 'returns error' do
+          expect(subject).to receive(:log_error).and_call_original
+          expect(result).to eq(
+            status: :error,
+            message: 'Could not save prometheus manual configuration',
+            failed_step: :add_prometheus_manual_configuration
+          )
+        end
+      end
+    end
+  end
+end
-- 
cgit v1.2.1


From ce40c12849c8977e285962f8752cd78ac64c92ea Mon Sep 17 00:00:00 2001
From: manojmj <mmj@gitlab.com>
Date: Tue, 16 Jul 2019 14:52:40 +0530
Subject: CE: Read and write User "Admin notes" via API

This change adds the ability to read and
write admin notes for a user via the
USER API
---
 doc/api/users.md                | 24 +++++++++++++++++++++---
 lib/api/users.rb                |  8 ++++----
 spec/requests/api/users_spec.rb |  8 ++++++++
 3 files changed, 33 insertions(+), 7 deletions(-)

diff --git a/doc/api/users.md b/doc/api/users.md
index 213d1865aca..1a7af38dc6e 100644
--- a/doc/api/users.md
+++ b/doc/api/users.md
@@ -147,6 +147,21 @@ GET /users
 ]
 ```
 
+Users on GitLab [Starter, Bronze, or higher](https://about.gitlab.com/pricing/) will also see the `shared_runners_minutes_limit`, `extra_shared_runners_minutes_limit`, and `note` parameters.
+
+```json
+[
+  {
+    "id": 1,
+    ...
+    "shared_runners_minutes_limit": 133,
+    "extra_shared_runners_minutes_limit": 133,
+    "note": "DMCA Request: 2018-11-05 | DMCA Violation | Abuse | https://gitlab.zendesk.com/agent/tickets/123"
+    ...
+  }
+]
+```
+
 Users on GitLab [Silver or higher](https://about.gitlab.com/pricing/) will also see
 the `group_saml` provider option:
 
@@ -284,14 +299,15 @@ Example Responses:
 ```
 
 Users on GitLab [Starter, Bronze, or higher](https://about.gitlab.com/pricing/) will also see
-the `shared_runners_minutes_limit` and `extra_shared_runners_minutes_limit` parameters.
+the `shared_runners_minutes_limit`, `extra_shared_runners_minutes_limit`, and `note` parameters.
 
 ```json
 {
   "id": 1,
   "username": "john_smith",
   "shared_runners_minutes_limit": 133,
-  "extra_shared_runners_minutes_limit": 133
+  "extra_shared_runners_minutes_limit": 133,
+  "note": "DMCA Request: 2018-11-05 | DMCA Violation | Abuse | https://gitlab.zendesk.com/agent/tickets/123"
   ...
 }
 ```
@@ -304,7 +320,8 @@ see the `group_saml` option:
   "id": 1,
   "username": "john_smith",
   "shared_runners_minutes_limit": 133,
-  "extra_shared_runners_minutes_limit": 133
+  "extra_shared_runners_minutes_limit": 133,
+  "note": "DMCA Request: 2018-11-05 | DMCA Violation | Abuse | https://gitlab.zendesk.com/agent/tickets/123"
   "identities": [
     {"provider": "github", "extern_uid": "2435223452345"},
     {"provider": "bitbucket", "extern_uid": "john.smith"},
@@ -399,6 +416,7 @@ Parameters:
 - `private_profile` (optional)     - User's profile is private - true or false
 - `shared_runners_minutes_limit` (optional)       - Pipeline minutes quota for this user **(STARTER)**
 - `extra_shared_runners_minutes_limit` (optional) - Extra pipeline minutes quota for this user **(STARTER)**
+- `note` (optional) - Admin notes for this user **(STARTER)**
 
 On password update, user will be forced to change it upon next login.
 Note, at the moment this method does only return a `404` error,
diff --git a/lib/api/users.rb b/lib/api/users.rb
index 41418aa216c..e145bfdc96a 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -148,7 +148,7 @@ module API
       end
 
       desc 'Create a user. Available only for admins.' do
-        success Entities::UserPublic
+        success Entities::UserWithAdmin
       end
       params do
         requires :email, type: String, desc: 'The email of the user'
@@ -168,7 +168,7 @@ module API
         user = ::Users::CreateService.new(current_user, params).execute(skip_authorization: true)
 
         if user.persisted?
-          present user, with: Entities::UserPublic, current_user: current_user
+          present user, with: Entities::UserWithAdmin, current_user: current_user
         else
           conflict!('Email has already been taken') if User
             .by_any_email(user.email.downcase)
@@ -183,7 +183,7 @@ module API
       end
 
       desc 'Update a user. Available only for admins.' do
-        success Entities::UserPublic
+        success Entities::UserWithAdmin
       end
       params do
         requires :id, type: Integer, desc: 'The ID of the user'
@@ -215,7 +215,7 @@ module API
         result = ::Users::UpdateService.new(current_user, user_params.merge(user: user)).execute
 
         if result[:status] == :success
-          present user, with: Entities::UserPublic, current_user: current_user
+          present user, with: Entities::UserWithAdmin, current_user: current_user
         else
           render_validation_error!(user)
         end
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb
index 46925daf40a..387efd882e5 100644
--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -448,6 +448,7 @@ describe API::Users do
 
     it "returns 201 Created on success" do
       post api("/users", admin), params: attributes_for(:user, projects_limit: 3)
+      expect(response).to match_response_schema('public_api/v4/user/admin')
       expect(response).to have_gitlab_http_status(201)
     end
 
@@ -643,6 +644,13 @@ describe API::Users do
   describe "PUT /users/:id" do
     let!(:admin_user) { create(:admin) }
 
+    it "returns 200 OK on success" do
+      put api("/users/#{user.id}", admin), params: { bio: 'new test bio' }
+
+      expect(response).to match_response_schema('public_api/v4/user/admin')
+      expect(response).to have_gitlab_http_status(200)
+    end
+
     it "updates user with new bio" do
       put api("/users/#{user.id}", admin), params: { bio: 'new test bio' }
 
-- 
cgit v1.2.1


From cea7ba513c6d623ef921fba07910e98cca71435b Mon Sep 17 00:00:00 2001
From: Sarah Yasonik <syasonik@gitlab.com>
Date: Tue, 16 Jul 2019 20:19:08 +0000
Subject: Rename Redactor classes to ReferenceRedactor

---
 config/initializers/zz_metrics.rb                  |   2 +-
 lib/banzai/filter/redactor_filter.rb               |  32 ----
 lib/banzai/filter/reference_redactor_filter.rb     |  32 ++++
 lib/banzai/object_renderer.rb                      |   2 +-
 lib/banzai/pipeline/post_process_pipeline.rb       |   2 +-
 lib/banzai/redactor.rb                             | 131 -------------
 lib/banzai/reference_redactor.rb                   | 131 +++++++++++++
 lib/banzai/renderer.rb                             |   2 +-
 spec/lib/banzai/filter/redactor_filter_spec.rb     | 205 ---------------------
 .../filter/reference_redactor_filter_spec.rb       | 205 +++++++++++++++++++++
 spec/lib/banzai/object_renderer_spec.rb            |   8 +-
 spec/lib/banzai/redactor_spec.rb                   | 182 ------------------
 spec/lib/banzai/reference_redactor_spec.rb         | 182 ++++++++++++++++++
 13 files changed, 558 insertions(+), 558 deletions(-)
 delete mode 100644 lib/banzai/filter/redactor_filter.rb
 create mode 100644 lib/banzai/filter/reference_redactor_filter.rb
 delete mode 100644 lib/banzai/redactor.rb
 create mode 100644 lib/banzai/reference_redactor.rb
 delete mode 100644 spec/lib/banzai/filter/redactor_filter_spec.rb
 create mode 100644 spec/lib/banzai/filter/reference_redactor_filter_spec.rb
 delete mode 100644 spec/lib/banzai/redactor_spec.rb
 create mode 100644 spec/lib/banzai/reference_redactor_spec.rb

diff --git a/config/initializers/zz_metrics.rb b/config/initializers/zz_metrics.rb
index 5aa6f73c5c5..4f309094447 100644
--- a/config/initializers/zz_metrics.rb
+++ b/config/initializers/zz_metrics.rb
@@ -53,7 +53,7 @@ def instrument_classes(instrumentation)
   instrumentation.instrument_methods(Banzai::Querying)
 
   instrumentation.instrument_instance_methods(Banzai::ObjectRenderer)
-  instrumentation.instrument_instance_methods(Banzai::Redactor)
+  instrumentation.instrument_instance_methods(Banzai::ReferenceRedactor)
 
   [Issuable, Mentionable, Participable].each do |klass|
     instrumentation.instrument_instance_methods(klass)
diff --git a/lib/banzai/filter/redactor_filter.rb b/lib/banzai/filter/redactor_filter.rb
deleted file mode 100644
index 1f091f594f8..00000000000
--- a/lib/banzai/filter/redactor_filter.rb
+++ /dev/null
@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-module Banzai
-  module Filter
-    # HTML filter that removes references to records that the current user does
-    # not have permission to view.
-    #
-    # Expected to be run in its own post-processing pipeline.
-    #
-    class RedactorFilter < HTML::Pipeline::Filter
-      def call
-        unless context[:skip_redaction]
-          context = RenderContext.new(project, current_user)
-
-          Redactor.new(context).redact([doc])
-        end
-
-        doc
-      end
-
-      private
-
-      def current_user
-        context[:current_user]
-      end
-
-      def project
-        context[:project]
-      end
-    end
-  end
-end
diff --git a/lib/banzai/filter/reference_redactor_filter.rb b/lib/banzai/filter/reference_redactor_filter.rb
new file mode 100644
index 00000000000..485d3fd5fc7
--- /dev/null
+++ b/lib/banzai/filter/reference_redactor_filter.rb
@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+module Banzai
+  module Filter
+    # HTML filter that removes references to records that the current user does
+    # not have permission to view.
+    #
+    # Expected to be run in its own post-processing pipeline.
+    #
+    class ReferenceRedactorFilter < HTML::Pipeline::Filter
+      def call
+        unless context[:skip_redaction]
+          context = RenderContext.new(project, current_user)
+
+          ReferenceRedactor.new(context).redact([doc])
+        end
+
+        doc
+      end
+
+      private
+
+      def current_user
+        context[:current_user]
+      end
+
+      def project
+        context[:project]
+      end
+    end
+  end
+end
diff --git a/lib/banzai/object_renderer.rb b/lib/banzai/object_renderer.rb
index 75661ffa233..d6d29f4bfab 100644
--- a/lib/banzai/object_renderer.rb
+++ b/lib/banzai/object_renderer.rb
@@ -72,7 +72,7 @@ module Banzai
     #
     # Returns an Array containing the redacted documents.
     def redact_documents(documents)
-      redactor = Redactor.new(context)
+      redactor = ReferenceRedactor.new(context)
 
       redactor.redact(documents)
     end
diff --git a/lib/banzai/pipeline/post_process_pipeline.rb b/lib/banzai/pipeline/post_process_pipeline.rb
index 5c199453638..54af26b41be 100644
--- a/lib/banzai/pipeline/post_process_pipeline.rb
+++ b/lib/banzai/pipeline/post_process_pipeline.rb
@@ -12,7 +12,7 @@ module Banzai
 
       def self.internal_link_filters
         [
-          Filter::RedactorFilter,
+          Filter::ReferenceRedactorFilter,
           Filter::InlineMetricsRedactorFilter,
           Filter::RelativeLinkFilter,
           Filter::IssuableStateFilter,
diff --git a/lib/banzai/redactor.rb b/lib/banzai/redactor.rb
deleted file mode 100644
index c2da7fec7cc..00000000000
--- a/lib/banzai/redactor.rb
+++ /dev/null
@@ -1,131 +0,0 @@
-# frozen_string_literal: true
-
-module Banzai
-  # Class for removing Markdown references a certain user is not allowed to
-  # view.
-  class Redactor
-    attr_reader :context
-
-    # context - An instance of `Banzai::RenderContext`.
-    def initialize(context)
-      @context = context
-    end
-
-    def user
-      context.current_user
-    end
-
-    # Redacts the references in the given Array of documents.
-    #
-    # This method modifies the given documents in-place.
-    #
-    # documents - A list of HTML documents containing references to redact.
-    #
-    # Returns the documents passed as the first argument.
-    def redact(documents)
-      redact_cross_project_references(documents) unless can_read_cross_project?
-
-      all_document_nodes = document_nodes(documents)
-      redact_document_nodes(all_document_nodes)
-    end
-
-    # Redacts the given node documents
-    #
-    # data - An Array of a Hashes mapping an HTML document to nodes to redact.
-    def redact_document_nodes(all_document_nodes)
-      all_nodes = all_document_nodes.map { |x| x[:nodes] }.flatten
-      visible = nodes_visible_to_user(all_nodes)
-      metadata = []
-
-      all_document_nodes.each do |entry|
-        nodes_for_document = entry[:nodes]
-
-        doc_data = {
-          document:                entry[:document],
-          total_reference_count:   nodes_for_document.count,
-          visible_reference_count: nodes_for_document.count
-        }
-
-        metadata << doc_data
-
-        nodes_for_document.each do |node|
-          next if visible.include?(node)
-
-          doc_data[:visible_reference_count] -= 1
-          redacted_content = redacted_node_content(node)
-          node.replace(redacted_content)
-        end
-      end
-
-      metadata
-    end
-
-    # Return redacted content of given node as either the original link (<a> tag),
-    # the original content (text), or the inner HTML of the node.
-    #
-    def redacted_node_content(node)
-      original_content = node.attr('data-original')
-      link_reference = node.attr('data-link-reference')
-
-      # Build the raw <a> tag just with a link as href and content if
-      # it's originally a link pattern. We shouldn't return a plain text href.
-      original_link =
-        if link_reference == 'true'
-          href = node.attr('href')
-          content = original_content
-
-          %(<a href="#{href}">#{content}</a>)
-        end
-
-      # The reference should be replaced by the original link's content,
-      # which is not always the same as the rendered one.
-      original_link || original_content || node.inner_html
-    end
-
-    def redact_cross_project_references(documents)
-      extractor = Banzai::IssuableExtractor.new(context)
-      issuables = extractor.extract(documents)
-
-      issuables.each do |node, issuable|
-        next if issuable.project == context.project_for_node(node)
-
-        node['class'] = node['class'].gsub('has-tooltip', '')
-        node['title'] = nil
-      end
-    end
-
-    # Returns the nodes visible to the current user.
-    #
-    # nodes - The input nodes to check.
-    #
-    # Returns a new Array containing the visible nodes.
-    def nodes_visible_to_user(nodes)
-      per_type = Hash.new { |h, k| h[k] = [] }
-      visible = Set.new
-
-      nodes.each do |node|
-        per_type[node.attr('data-reference-type')] << node
-      end
-
-      per_type.each do |type, nodes|
-        parser = Banzai::ReferenceParser[type].new(context)
-
-        visible.merge(parser.nodes_visible_to_user(user, nodes))
-      end
-
-      visible
-    end
-
-    def document_nodes(documents)
-      documents.map do |document|
-        { document: document, nodes: Querying.css(document, 'a.gfm[data-reference-type]') }
-      end
-    end
-
-    private
-
-    def can_read_cross_project?
-      Ability.allowed?(user, :read_cross_project)
-    end
-  end
-end
diff --git a/lib/banzai/reference_redactor.rb b/lib/banzai/reference_redactor.rb
new file mode 100644
index 00000000000..eb5c35da375
--- /dev/null
+++ b/lib/banzai/reference_redactor.rb
@@ -0,0 +1,131 @@
+# frozen_string_literal: true
+
+module Banzai
+  # Class for removing Markdown references a certain user is not allowed to
+  # view.
+  class ReferenceRedactor
+    attr_reader :context
+
+    # context - An instance of `Banzai::RenderContext`.
+    def initialize(context)
+      @context = context
+    end
+
+    def user
+      context.current_user
+    end
+
+    # Redacts the references in the given Array of documents.
+    #
+    # This method modifies the given documents in-place.
+    #
+    # documents - A list of HTML documents containing references to redact.
+    #
+    # Returns the documents passed as the first argument.
+    def redact(documents)
+      redact_cross_project_references(documents) unless can_read_cross_project?
+
+      all_document_nodes = document_nodes(documents)
+      redact_document_nodes(all_document_nodes)
+    end
+
+    # Redacts the given node documents
+    #
+    # data - An Array of a Hashes mapping an HTML document to nodes to redact.
+    def redact_document_nodes(all_document_nodes)
+      all_nodes = all_document_nodes.map { |x| x[:nodes] }.flatten
+      visible = nodes_visible_to_user(all_nodes)
+      metadata = []
+
+      all_document_nodes.each do |entry|
+        nodes_for_document = entry[:nodes]
+
+        doc_data = {
+          document:                entry[:document],
+          total_reference_count:   nodes_for_document.count,
+          visible_reference_count: nodes_for_document.count
+        }
+
+        metadata << doc_data
+
+        nodes_for_document.each do |node|
+          next if visible.include?(node)
+
+          doc_data[:visible_reference_count] -= 1
+          redacted_content = redacted_node_content(node)
+          node.replace(redacted_content)
+        end
+      end
+
+      metadata
+    end
+
+    # Return redacted content of given node as either the original link (<a> tag),
+    # the original content (text), or the inner HTML of the node.
+    #
+    def redacted_node_content(node)
+      original_content = node.attr('data-original')
+      link_reference = node.attr('data-link-reference')
+
+      # Build the raw <a> tag just with a link as href and content if
+      # it's originally a link pattern. We shouldn't return a plain text href.
+      original_link =
+        if link_reference == 'true'
+          href = node.attr('href')
+          content = original_content
+
+          %(<a href="#{href}">#{content}</a>)
+        end
+
+      # The reference should be replaced by the original link's content,
+      # which is not always the same as the rendered one.
+      original_link || original_content || node.inner_html
+    end
+
+    def redact_cross_project_references(documents)
+      extractor = Banzai::IssuableExtractor.new(context)
+      issuables = extractor.extract(documents)
+
+      issuables.each do |node, issuable|
+        next if issuable.project == context.project_for_node(node)
+
+        node['class'] = node['class'].gsub('has-tooltip', '')
+        node['title'] = nil
+      end
+    end
+
+    # Returns the nodes visible to the current user.
+    #
+    # nodes - The input nodes to check.
+    #
+    # Returns a new Array containing the visible nodes.
+    def nodes_visible_to_user(nodes)
+      per_type = Hash.new { |h, k| h[k] = [] }
+      visible = Set.new
+
+      nodes.each do |node|
+        per_type[node.attr('data-reference-type')] << node
+      end
+
+      per_type.each do |type, nodes|
+        parser = Banzai::ReferenceParser[type].new(context)
+
+        visible.merge(parser.nodes_visible_to_user(user, nodes))
+      end
+
+      visible
+    end
+
+    def document_nodes(documents)
+      documents.map do |document|
+        { document: document, nodes: Querying.css(document, 'a.gfm[data-reference-type]') }
+      end
+    end
+
+    private
+
+    def can_read_cross_project?
+      Ability.allowed?(user, :read_cross_project)
+    end
+  end
+end
diff --git a/lib/banzai/renderer.rb b/lib/banzai/renderer.rb
index 81f32ef5bcf..3cb9ec21e8f 100644
--- a/lib/banzai/renderer.rb
+++ b/lib/banzai/renderer.rb
@@ -134,7 +134,7 @@ module Banzai
     #
     # This method is used to perform state-dependent changes to a String of
     # HTML, such as removing references that the current user doesn't have
-    # permission to make (`RedactorFilter`).
+    # permission to make (`ReferenceRedactorFilter`).
     #
     # html     - String to process
     # context  - Hash of options to customize output
diff --git a/spec/lib/banzai/filter/redactor_filter_spec.rb b/spec/lib/banzai/filter/redactor_filter_spec.rb
deleted file mode 100644
index 919825a6102..00000000000
--- a/spec/lib/banzai/filter/redactor_filter_spec.rb
+++ /dev/null
@@ -1,205 +0,0 @@
-require 'spec_helper'
-
-describe Banzai::Filter::RedactorFilter do
-  include ActionView::Helpers::UrlHelper
-  include FilterSpecHelper
-
-  it 'ignores non-GFM links' do
-    html = %(See <a href="https://google.com/">Google</a>)
-    doc = filter(html, current_user: build(:user))
-
-    expect(doc.css('a').length).to eq 1
-  end
-
-  def reference_link(data)
-    link_to('text', '', class: 'gfm', data: data)
-  end
-
-  it 'skips when the skip_redaction flag is set' do
-    user = create(:user)
-    project = create(:project)
-
-    link = reference_link(project: project.id, reference_type: 'test')
-    doc = filter(link, current_user: user, skip_redaction: true)
-
-    expect(doc.css('a').length).to eq 1
-  end
-
-  context 'with data-project' do
-    let(:parser_class) do
-      Class.new(Banzai::ReferenceParser::BaseParser) do
-        self.reference_type = :test
-      end
-    end
-
-    before do
-      allow(Banzai::ReferenceParser).to receive(:[])
-        .with('test')
-        .and_return(parser_class)
-    end
-
-    context 'valid projects' do
-      before do
-        allow_any_instance_of(Banzai::ReferenceParser::BaseParser).to receive(:can_read_reference?).and_return(true)
-      end
-
-      it 'allows permitted Project references' do
-        user = create(:user)
-        project = create(:project)
-        project.add_maintainer(user)
-
-        link = reference_link(project: project.id, reference_type: 'test')
-        doc = filter(link, current_user: user)
-
-        expect(doc.css('a').length).to eq 1
-      end
-    end
-
-    context 'invalid projects' do
-      before do
-        allow_any_instance_of(Banzai::ReferenceParser::BaseParser).to receive(:can_read_reference?).and_return(false)
-      end
-
-      it 'removes unpermitted references' do
-        user = create(:user)
-        project = create(:project)
-
-        link = reference_link(project: project.id, reference_type: 'test')
-        doc = filter(link, current_user: user)
-
-        expect(doc.css('a').length).to eq 0
-      end
-
-      it 'handles invalid references' do
-        link = reference_link(project: 12345, reference_type: 'test')
-
-        expect { filter(link) }.not_to raise_error
-      end
-    end
-  end
-
-  context 'with data-issue' do
-    context 'for confidential issues' do
-      it 'removes references for non project members' do
-        non_member = create(:user)
-        project = create(:project, :public)
-        issue = create(:issue, :confidential, project: project)
-
-        link = reference_link(project: project.id, issue: issue.id, reference_type: 'issue')
-        doc = filter(link, current_user: non_member)
-
-        expect(doc.css('a').length).to eq 0
-      end
-
-      it 'removes references for project members with guest role' do
-        member = create(:user)
-        project = create(:project, :public)
-        project.add_guest(member)
-        issue = create(:issue, :confidential, project: project)
-
-        link = reference_link(project: project.id, issue: issue.id, reference_type: 'issue')
-        doc = filter(link, current_user: member)
-
-        expect(doc.css('a').length).to eq 0
-      end
-
-      it 'allows references for author' do
-        author = create(:user)
-        project = create(:project, :public)
-        issue = create(:issue, :confidential, project: project, author: author)
-
-        link = reference_link(project: project.id, issue: issue.id, reference_type: 'issue')
-        doc = filter(link, current_user: author)
-
-        expect(doc.css('a').length).to eq 1
-      end
-
-      it 'allows references for assignee' do
-        assignee = create(:user)
-        project = create(:project, :public)
-        issue = create(:issue, :confidential, project: project, assignees: [assignee])
-
-        link = reference_link(project: project.id, issue: issue.id, reference_type: 'issue')
-        doc = filter(link, current_user: assignee)
-
-        expect(doc.css('a').length).to eq 1
-      end
-
-      it 'allows references for project members' do
-        member = create(:user)
-        project = create(:project, :public)
-        project.add_developer(member)
-        issue = create(:issue, :confidential, project: project)
-
-        link = reference_link(project: project.id, issue: issue.id, reference_type: 'issue')
-        doc = filter(link, current_user: member)
-
-        expect(doc.css('a').length).to eq 1
-      end
-
-      it 'allows references for admin' do
-        admin = create(:admin)
-        project = create(:project, :public)
-        issue = create(:issue, :confidential, project: project)
-
-        link = reference_link(project: project.id, issue: issue.id, reference_type: 'issue')
-        doc = filter(link, current_user: admin)
-
-        expect(doc.css('a').length).to eq 1
-      end
-    end
-
-    it 'allows references for non confidential issues' do
-      user = create(:user)
-      project = create(:project, :public)
-      issue = create(:issue, project: project)
-
-      link = reference_link(project: project.id, issue: issue.id, reference_type: 'issue')
-      doc = filter(link, current_user: user)
-
-      expect(doc.css('a').length).to eq 1
-    end
-  end
-
-  context "for user references" do
-    context 'with data-group' do
-      it 'removes unpermitted Group references' do
-        user = create(:user)
-        group = create(:group, :private)
-
-        link = reference_link(group: group.id, reference_type: 'user')
-        doc = filter(link, current_user: user)
-
-        expect(doc.css('a').length).to eq 0
-      end
-
-      it 'allows permitted Group references' do
-        user = create(:user)
-        group = create(:group, :private)
-        group.add_developer(user)
-
-        link = reference_link(group: group.id, reference_type: 'user')
-        doc = filter(link, current_user: user)
-
-        expect(doc.css('a').length).to eq 1
-      end
-
-      it 'handles invalid Group references' do
-        link = reference_link(group: 12345, reference_type: 'user')
-
-        expect { filter(link) }.not_to raise_error
-      end
-    end
-
-    context 'with data-user' do
-      it 'allows any User reference' do
-        user = create(:user)
-
-        link = reference_link(user: user.id, reference_type: 'user')
-        doc = filter(link)
-
-        expect(doc.css('a').length).to eq 1
-      end
-    end
-  end
-end
diff --git a/spec/lib/banzai/filter/reference_redactor_filter_spec.rb b/spec/lib/banzai/filter/reference_redactor_filter_spec.rb
new file mode 100644
index 00000000000..e87440895e0
--- /dev/null
+++ b/spec/lib/banzai/filter/reference_redactor_filter_spec.rb
@@ -0,0 +1,205 @@
+require 'spec_helper'
+
+describe Banzai::Filter::ReferenceRedactorFilter do
+  include ActionView::Helpers::UrlHelper
+  include FilterSpecHelper
+
+  it 'ignores non-GFM links' do
+    html = %(See <a href="https://google.com/">Google</a>)
+    doc = filter(html, current_user: build(:user))
+
+    expect(doc.css('a').length).to eq 1
+  end
+
+  def reference_link(data)
+    link_to('text', '', class: 'gfm', data: data)
+  end
+
+  it 'skips when the skip_redaction flag is set' do
+    user = create(:user)
+    project = create(:project)
+
+    link = reference_link(project: project.id, reference_type: 'test')
+    doc = filter(link, current_user: user, skip_redaction: true)
+
+    expect(doc.css('a').length).to eq 1
+  end
+
+  context 'with data-project' do
+    let(:parser_class) do
+      Class.new(Banzai::ReferenceParser::BaseParser) do
+        self.reference_type = :test
+      end
+    end
+
+    before do
+      allow(Banzai::ReferenceParser).to receive(:[])
+        .with('test')
+        .and_return(parser_class)
+    end
+
+    context 'valid projects' do
+      before do
+        allow_any_instance_of(Banzai::ReferenceParser::BaseParser).to receive(:can_read_reference?).and_return(true)
+      end
+
+      it 'allows permitted Project references' do
+        user = create(:user)
+        project = create(:project)
+        project.add_maintainer(user)
+
+        link = reference_link(project: project.id, reference_type: 'test')
+        doc = filter(link, current_user: user)
+
+        expect(doc.css('a').length).to eq 1
+      end
+    end
+
+    context 'invalid projects' do
+      before do
+        allow_any_instance_of(Banzai::ReferenceParser::BaseParser).to receive(:can_read_reference?).and_return(false)
+      end
+
+      it 'removes unpermitted references' do
+        user = create(:user)
+        project = create(:project)
+
+        link = reference_link(project: project.id, reference_type: 'test')
+        doc = filter(link, current_user: user)
+
+        expect(doc.css('a').length).to eq 0
+      end
+
+      it 'handles invalid references' do
+        link = reference_link(project: 12345, reference_type: 'test')
+
+        expect { filter(link) }.not_to raise_error
+      end
+    end
+  end
+
+  context 'with data-issue' do
+    context 'for confidential issues' do
+      it 'removes references for non project members' do
+        non_member = create(:user)
+        project = create(:project, :public)
+        issue = create(:issue, :confidential, project: project)
+
+        link = reference_link(project: project.id, issue: issue.id, reference_type: 'issue')
+        doc = filter(link, current_user: non_member)
+
+        expect(doc.css('a').length).to eq 0
+      end
+
+      it 'removes references for project members with guest role' do
+        member = create(:user)
+        project = create(:project, :public)
+        project.add_guest(member)
+        issue = create(:issue, :confidential, project: project)
+
+        link = reference_link(project: project.id, issue: issue.id, reference_type: 'issue')
+        doc = filter(link, current_user: member)
+
+        expect(doc.css('a').length).to eq 0
+      end
+
+      it 'allows references for author' do
+        author = create(:user)
+        project = create(:project, :public)
+        issue = create(:issue, :confidential, project: project, author: author)
+
+        link = reference_link(project: project.id, issue: issue.id, reference_type: 'issue')
+        doc = filter(link, current_user: author)
+
+        expect(doc.css('a').length).to eq 1
+      end
+
+      it 'allows references for assignee' do
+        assignee = create(:user)
+        project = create(:project, :public)
+        issue = create(:issue, :confidential, project: project, assignees: [assignee])
+
+        link = reference_link(project: project.id, issue: issue.id, reference_type: 'issue')
+        doc = filter(link, current_user: assignee)
+
+        expect(doc.css('a').length).to eq 1
+      end
+
+      it 'allows references for project members' do
+        member = create(:user)
+        project = create(:project, :public)
+        project.add_developer(member)
+        issue = create(:issue, :confidential, project: project)
+
+        link = reference_link(project: project.id, issue: issue.id, reference_type: 'issue')
+        doc = filter(link, current_user: member)
+
+        expect(doc.css('a').length).to eq 1
+      end
+
+      it 'allows references for admin' do
+        admin = create(:admin)
+        project = create(:project, :public)
+        issue = create(:issue, :confidential, project: project)
+
+        link = reference_link(project: project.id, issue: issue.id, reference_type: 'issue')
+        doc = filter(link, current_user: admin)
+
+        expect(doc.css('a').length).to eq 1
+      end
+    end
+
+    it 'allows references for non confidential issues' do
+      user = create(:user)
+      project = create(:project, :public)
+      issue = create(:issue, project: project)
+
+      link = reference_link(project: project.id, issue: issue.id, reference_type: 'issue')
+      doc = filter(link, current_user: user)
+
+      expect(doc.css('a').length).to eq 1
+    end
+  end
+
+  context "for user references" do
+    context 'with data-group' do
+      it 'removes unpermitted Group references' do
+        user = create(:user)
+        group = create(:group, :private)
+
+        link = reference_link(group: group.id, reference_type: 'user')
+        doc = filter(link, current_user: user)
+
+        expect(doc.css('a').length).to eq 0
+      end
+
+      it 'allows permitted Group references' do
+        user = create(:user)
+        group = create(:group, :private)
+        group.add_developer(user)
+
+        link = reference_link(group: group.id, reference_type: 'user')
+        doc = filter(link, current_user: user)
+
+        expect(doc.css('a').length).to eq 1
+      end
+
+      it 'handles invalid Group references' do
+        link = reference_link(group: 12345, reference_type: 'user')
+
+        expect { filter(link) }.not_to raise_error
+      end
+    end
+
+    context 'with data-user' do
+      it 'allows any User reference' do
+        user = create(:user)
+
+        link = reference_link(user: user.id, reference_type: 'user')
+        doc = filter(link)
+
+        expect(doc.css('a').length).to eq 1
+      end
+    end
+  end
+end
diff --git a/spec/lib/banzai/object_renderer_spec.rb b/spec/lib/banzai/object_renderer_spec.rb
index 7b855251a74..e3e6e22568c 100644
--- a/spec/lib/banzai/object_renderer_spec.rb
+++ b/spec/lib/banzai/object_renderer_spec.rb
@@ -22,8 +22,8 @@ describe Banzai::ObjectRenderer do
         expect(object.user_visible_reference_count).to eq 0
       end
 
-      it 'calls Banzai::Redactor to perform redaction' do
-        expect_any_instance_of(Banzai::Redactor).to receive(:redact).and_call_original
+      it 'calls Banzai::ReferenceRedactor to perform redaction' do
+        expect_any_instance_of(Banzai::ReferenceRedactor).to receive(:redact).and_call_original
 
         renderer.render([object], :note)
       end
@@ -82,8 +82,8 @@ describe Banzai::ObjectRenderer do
         expect(cacheless_thing.redacted_title_html).to eq("Merge branch 'branch-merged' into 'master'")
       end
 
-      it 'calls Banzai::Redactor to perform redaction' do
-        expect_any_instance_of(Banzai::Redactor).to receive(:redact).and_call_original
+      it 'calls Banzai::ReferenceRedactor to perform redaction' do
+        expect_any_instance_of(Banzai::ReferenceRedactor).to receive(:redact).and_call_original
 
         renderer.render([cacheless_thing], :title)
       end
diff --git a/spec/lib/banzai/redactor_spec.rb b/spec/lib/banzai/redactor_spec.rb
deleted file mode 100644
index 718649e0e10..00000000000
--- a/spec/lib/banzai/redactor_spec.rb
+++ /dev/null
@@ -1,182 +0,0 @@
-require 'spec_helper'
-
-describe Banzai::Redactor do
-  let(:user) { create(:user) }
-  let(:project) { build(:project) }
-  let(:redactor) { described_class.new(Banzai::RenderContext.new(project, user)) }
-
-  describe '#redact' do
-    context 'when reference not visible to user' do
-      before do
-        expect(redactor).to receive(:nodes_visible_to_user).and_return([])
-      end
-
-      it 'redacts an array of documents' do
-        doc1 = Nokogiri::HTML
-               .fragment('<a class="gfm" href="https://www.gitlab.com" data-reference-type="issue">foo</a>')
-
-        doc2 = Nokogiri::HTML
-               .fragment('<a class="gfm" href="https://www.gitlab.com" data-reference-type="issue">bar</a>')
-
-        redacted_data = redactor.redact([doc1, doc2])
-
-        expect(redacted_data.map { |data| data[:document] }).to eq([doc1, doc2])
-        expect(redacted_data.map { |data| data[:visible_reference_count] }).to eq([0, 0])
-        expect(doc1.to_html).to eq('foo')
-        expect(doc2.to_html).to eq('bar')
-      end
-
-      it 'replaces redacted reference with inner HTML' do
-        doc = Nokogiri::HTML.fragment("<a class='gfm' href='https://www.gitlab.com' data-reference-type='issue'>foo</a>")
-        redactor.redact([doc])
-        expect(doc.to_html).to eq('foo')
-      end
-
-      context 'when data-original attribute provided' do
-        let(:original_content) { '<code>foo</code>' }
-        it 'replaces redacted reference with original content' do
-          doc = Nokogiri::HTML.fragment("<a class='gfm' href='https://www.gitlab.com' data-reference-type='issue' data-original='#{original_content}'>bar</a>")
-          redactor.redact([doc])
-          expect(doc.to_html).to eq(original_content)
-        end
-
-        it 'does not replace redacted reference with original content if href is given' do
-          html = "<a href='https://www.gitlab.com' data-link-reference='true' class='gfm' data-reference-type='issue' data-reference-type='issue' data-original='Marge'>Marge</a>"
-          doc = Nokogiri::HTML.fragment(html)
-          redactor.redact([doc])
-          expect(doc.to_html).to eq('<a href="https://www.gitlab.com">Marge</a>')
-        end
-
-        it 'uses the original content as the link content if given' do
-          html = "<a href='https://www.gitlab.com' data-link-reference='true' class='gfm' data-reference-type='issue' data-reference-type='issue' data-original='Homer'>Marge</a>"
-          doc = Nokogiri::HTML.fragment(html)
-          redactor.redact([doc])
-          expect(doc.to_html).to eq('<a href="https://www.gitlab.com">Homer</a>')
-        end
-      end
-    end
-
-    context 'when project is in pending delete' do
-      let!(:issue) { create(:issue, project: project) }
-      let(:redactor) { described_class.new(Banzai::RenderContext.new(project, user)) }
-
-      before do
-        project.update(pending_delete: true)
-      end
-
-      it 'redacts an issue attached' do
-        doc = Nokogiri::HTML.fragment("<a class='gfm' href='https://www.gitlab.com' data-reference-type='issue' data-issue='#{issue.id}'>foo</a>")
-
-        redactor.redact([doc])
-
-        expect(doc.to_html).to eq('foo')
-      end
-
-      it 'redacts an external issue' do
-        doc = Nokogiri::HTML.fragment("<a class='gfm' href='https://www.gitlab.com' data-reference-type='issue' data-external-issue='#{issue.id}' data-project='#{project.id}'>foo</a>")
-
-        redactor.redact([doc])
-
-        expect(doc.to_html).to eq('foo')
-      end
-    end
-
-    context 'when reference visible to user' do
-      it 'does not redact an array of documents' do
-        doc1_html = '<a class="gfm" data-reference-type="issue">foo</a>'
-        doc1 = Nokogiri::HTML.fragment(doc1_html)
-
-        doc2_html = '<a class="gfm" data-reference-type="issue">bar</a>'
-        doc2 = Nokogiri::HTML.fragment(doc2_html)
-
-        nodes = redactor.document_nodes([doc1, doc2]).map { |x| x[:nodes] }
-        expect(redactor).to receive(:nodes_visible_to_user).and_return(nodes.flatten)
-
-        redacted_data = redactor.redact([doc1, doc2])
-
-        expect(redacted_data.map { |data| data[:document] }).to eq([doc1, doc2])
-        expect(redacted_data.map { |data| data[:visible_reference_count] }).to eq([1, 1])
-        expect(doc1.to_html).to eq(doc1_html)
-        expect(doc2.to_html).to eq(doc2_html)
-      end
-    end
-  end
-
-  context 'when the user cannot read cross project' do
-    include ActionView::Helpers::UrlHelper
-    let(:project) { create(:project) }
-    let(:other_project) { create(:project, :public) }
-
-    def create_link(issuable)
-      type = issuable.class.name.underscore.downcase
-      link_to(issuable.to_reference, '',
-              class: 'gfm has-tooltip',
-              title: issuable.title,
-              data: {
-                reference_type: type,
-                "#{type}": issuable.id
-              })
-    end
-
-    before do
-      project.add_developer(user)
-
-      allow(Ability).to receive(:allowed?).and_call_original
-      allow(Ability).to receive(:allowed?).with(user, :read_cross_project, :global) { false }
-      allow(Ability).to receive(:allowed?).with(user, :read_cross_project) { false }
-    end
-
-    it 'skips links to issues within the same project' do
-      issue = create(:issue, project: project)
-      link = create_link(issue)
-      doc = Nokogiri::HTML.fragment(link)
-
-      redactor.redact([doc])
-      result = doc.css('a').last
-
-      expect(result['class']).to include('has-tooltip')
-      expect(result['title']).to eq(issue.title)
-    end
-
-    it 'removes info from a cross project reference' do
-      issue = create(:issue, project: other_project)
-      link = create_link(issue)
-      doc = Nokogiri::HTML.fragment(link)
-
-      redactor.redact([doc])
-      result = doc.css('a').last
-
-      expect(result['class']).not_to include('has-tooltip')
-      expect(result['title']).to be_empty
-    end
-  end
-
-  describe '#redact_nodes' do
-    it 'redacts an Array of nodes' do
-      doc = Nokogiri::HTML.fragment('<a href="foo">foo</a>')
-      node = doc.children[0]
-
-      expect(redactor).to receive(:nodes_visible_to_user)
-        .with([node])
-        .and_return(Set.new)
-
-      redactor.redact_document_nodes([{ document: doc, nodes: [node] }])
-
-      expect(doc.to_html).to eq('foo')
-    end
-  end
-
-  describe '#nodes_visible_to_user' do
-    it 'returns a Set containing the visible nodes' do
-      doc = Nokogiri::HTML.fragment('<a data-reference-type="issue"></a>')
-      node = doc.children[0]
-
-      expect_any_instance_of(Banzai::ReferenceParser::IssueParser)
-        .to receive(:nodes_visible_to_user)
-        .with(user, [node])
-        .and_return([node])
-
-      expect(redactor.nodes_visible_to_user([node])).to eq(Set.new([node]))
-    end
-  end
-end
diff --git a/spec/lib/banzai/reference_redactor_spec.rb b/spec/lib/banzai/reference_redactor_spec.rb
new file mode 100644
index 00000000000..a3b47c4d826
--- /dev/null
+++ b/spec/lib/banzai/reference_redactor_spec.rb
@@ -0,0 +1,182 @@
+require 'spec_helper'
+
+describe Banzai::ReferenceRedactor do
+  let(:user) { create(:user) }
+  let(:project) { build(:project) }
+  let(:redactor) { described_class.new(Banzai::RenderContext.new(project, user)) }
+
+  describe '#redact' do
+    context 'when reference not visible to user' do
+      before do
+        expect(redactor).to receive(:nodes_visible_to_user).and_return([])
+      end
+
+      it 'redacts an array of documents' do
+        doc1 = Nokogiri::HTML
+               .fragment('<a class="gfm" href="https://www.gitlab.com" data-reference-type="issue">foo</a>')
+
+        doc2 = Nokogiri::HTML
+               .fragment('<a class="gfm" href="https://www.gitlab.com" data-reference-type="issue">bar</a>')
+
+        redacted_data = redactor.redact([doc1, doc2])
+
+        expect(redacted_data.map { |data| data[:document] }).to eq([doc1, doc2])
+        expect(redacted_data.map { |data| data[:visible_reference_count] }).to eq([0, 0])
+        expect(doc1.to_html).to eq('foo')
+        expect(doc2.to_html).to eq('bar')
+      end
+
+      it 'replaces redacted reference with inner HTML' do
+        doc = Nokogiri::HTML.fragment("<a class='gfm' href='https://www.gitlab.com' data-reference-type='issue'>foo</a>")
+        redactor.redact([doc])
+        expect(doc.to_html).to eq('foo')
+      end
+
+      context 'when data-original attribute provided' do
+        let(:original_content) { '<code>foo</code>' }
+        it 'replaces redacted reference with original content' do
+          doc = Nokogiri::HTML.fragment("<a class='gfm' href='https://www.gitlab.com' data-reference-type='issue' data-original='#{original_content}'>bar</a>")
+          redactor.redact([doc])
+          expect(doc.to_html).to eq(original_content)
+        end
+
+        it 'does not replace redacted reference with original content if href is given' do
+          html = "<a href='https://www.gitlab.com' data-link-reference='true' class='gfm' data-reference-type='issue' data-reference-type='issue' data-original='Marge'>Marge</a>"
+          doc = Nokogiri::HTML.fragment(html)
+          redactor.redact([doc])
+          expect(doc.to_html).to eq('<a href="https://www.gitlab.com">Marge</a>')
+        end
+
+        it 'uses the original content as the link content if given' do
+          html = "<a href='https://www.gitlab.com' data-link-reference='true' class='gfm' data-reference-type='issue' data-reference-type='issue' data-original='Homer'>Marge</a>"
+          doc = Nokogiri::HTML.fragment(html)
+          redactor.redact([doc])
+          expect(doc.to_html).to eq('<a href="https://www.gitlab.com">Homer</a>')
+        end
+      end
+    end
+
+    context 'when project is in pending delete' do
+      let!(:issue) { create(:issue, project: project) }
+      let(:redactor) { described_class.new(Banzai::RenderContext.new(project, user)) }
+
+      before do
+        project.update(pending_delete: true)
+      end
+
+      it 'redacts an issue attached' do
+        doc = Nokogiri::HTML.fragment("<a class='gfm' href='https://www.gitlab.com' data-reference-type='issue' data-issue='#{issue.id}'>foo</a>")
+
+        redactor.redact([doc])
+
+        expect(doc.to_html).to eq('foo')
+      end
+
+      it 'redacts an external issue' do
+        doc = Nokogiri::HTML.fragment("<a class='gfm' href='https://www.gitlab.com' data-reference-type='issue' data-external-issue='#{issue.id}' data-project='#{project.id}'>foo</a>")
+
+        redactor.redact([doc])
+
+        expect(doc.to_html).to eq('foo')
+      end
+    end
+
+    context 'when reference visible to user' do
+      it 'does not redact an array of documents' do
+        doc1_html = '<a class="gfm" data-reference-type="issue">foo</a>'
+        doc1 = Nokogiri::HTML.fragment(doc1_html)
+
+        doc2_html = '<a class="gfm" data-reference-type="issue">bar</a>'
+        doc2 = Nokogiri::HTML.fragment(doc2_html)
+
+        nodes = redactor.document_nodes([doc1, doc2]).map { |x| x[:nodes] }
+        expect(redactor).to receive(:nodes_visible_to_user).and_return(nodes.flatten)
+
+        redacted_data = redactor.redact([doc1, doc2])
+
+        expect(redacted_data.map { |data| data[:document] }).to eq([doc1, doc2])
+        expect(redacted_data.map { |data| data[:visible_reference_count] }).to eq([1, 1])
+        expect(doc1.to_html).to eq(doc1_html)
+        expect(doc2.to_html).to eq(doc2_html)
+      end
+    end
+  end
+
+  context 'when the user cannot read cross project' do
+    include ActionView::Helpers::UrlHelper
+    let(:project) { create(:project) }
+    let(:other_project) { create(:project, :public) }
+
+    def create_link(issuable)
+      type = issuable.class.name.underscore.downcase
+      link_to(issuable.to_reference, '',
+              class: 'gfm has-tooltip',
+              title: issuable.title,
+              data: {
+                reference_type: type,
+                "#{type}": issuable.id
+              })
+    end
+
+    before do
+      project.add_developer(user)
+
+      allow(Ability).to receive(:allowed?).and_call_original
+      allow(Ability).to receive(:allowed?).with(user, :read_cross_project, :global) { false }
+      allow(Ability).to receive(:allowed?).with(user, :read_cross_project) { false }
+    end
+
+    it 'skips links to issues within the same project' do
+      issue = create(:issue, project: project)
+      link = create_link(issue)
+      doc = Nokogiri::HTML.fragment(link)
+
+      redactor.redact([doc])
+      result = doc.css('a').last
+
+      expect(result['class']).to include('has-tooltip')
+      expect(result['title']).to eq(issue.title)
+    end
+
+    it 'removes info from a cross project reference' do
+      issue = create(:issue, project: other_project)
+      link = create_link(issue)
+      doc = Nokogiri::HTML.fragment(link)
+
+      redactor.redact([doc])
+      result = doc.css('a').last
+
+      expect(result['class']).not_to include('has-tooltip')
+      expect(result['title']).to be_empty
+    end
+  end
+
+  describe '#redact_nodes' do
+    it 'redacts an Array of nodes' do
+      doc = Nokogiri::HTML.fragment('<a href="foo">foo</a>')
+      node = doc.children[0]
+
+      expect(redactor).to receive(:nodes_visible_to_user)
+        .with([node])
+        .and_return(Set.new)
+
+      redactor.redact_document_nodes([{ document: doc, nodes: [node] }])
+
+      expect(doc.to_html).to eq('foo')
+    end
+  end
+
+  describe '#nodes_visible_to_user' do
+    it 'returns a Set containing the visible nodes' do
+      doc = Nokogiri::HTML.fragment('<a data-reference-type="issue"></a>')
+      node = doc.children[0]
+
+      expect_any_instance_of(Banzai::ReferenceParser::IssueParser)
+        .to receive(:nodes_visible_to_user)
+        .with(user, [node])
+        .and_return([node])
+
+      expect(redactor.nodes_visible_to_user([node])).to eq(Set.new([node]))
+    end
+  end
+end
-- 
cgit v1.2.1


From 8765d537373679ccbb219ee400c277384972c742 Mon Sep 17 00:00:00 2001
From: John Cai <jcai@gitlab.com>
Date: Wed, 10 Jul 2019 14:36:49 -0700
Subject: Wrap rugged calls with access disk block

Whenever we use the rugged implementation, we are going straight to disk
so we want to bypass the disk access check.
---
 lib/gitlab/git/rugged_impl/blob.rb                 |  2 +-
 lib/gitlab/git/rugged_impl/commit.rb               |  6 +++---
 lib/gitlab/git/rugged_impl/repository.rb           |  2 +-
 lib/gitlab/git/rugged_impl/tree.rb                 |  2 +-
 lib/gitlab/git/rugged_impl/use_rugged.rb           |  6 ++++++
 lib/gitlab/gitaly_client.rb                        | 25 +++++++++++-----------
 .../cache/ci/project_pipeline_status_spec.rb       |  1 -
 spec/lib/gitlab/git/rugged_impl/use_rugged_spec.rb |  3 +--
 spec/spec_helper.rb                                |  2 ++
 9 files changed, 27 insertions(+), 22 deletions(-)

diff --git a/lib/gitlab/git/rugged_impl/blob.rb b/lib/gitlab/git/rugged_impl/blob.rb
index 86c9f33d82a..9aea736527b 100644
--- a/lib/gitlab/git/rugged_impl/blob.rb
+++ b/lib/gitlab/git/rugged_impl/blob.rb
@@ -16,7 +16,7 @@ module Gitlab
           override :tree_entry
           def tree_entry(repository, sha, path, limit)
             if use_rugged?(repository, :rugged_tree_entry)
-              rugged_tree_entry(repository, sha, path, limit)
+              wrap_rugged_call { rugged_tree_entry(repository, sha, path, limit) }
             else
               super
             end
diff --git a/lib/gitlab/git/rugged_impl/commit.rb b/lib/gitlab/git/rugged_impl/commit.rb
index 971a33b2e99..29ae9bdd851 100644
--- a/lib/gitlab/git/rugged_impl/commit.rb
+++ b/lib/gitlab/git/rugged_impl/commit.rb
@@ -36,7 +36,7 @@ module Gitlab
           override :find_commit
           def find_commit(repo, commit_id)
             if use_rugged?(repo, :rugged_find_commit)
-              rugged_find(repo, commit_id)
+              wrap_rugged_call { rugged_find(repo, commit_id) }
             else
               super
             end
@@ -45,7 +45,7 @@ module Gitlab
           override :batch_by_oid
           def batch_by_oid(repo, oids)
             if use_rugged?(repo, :rugged_list_commits_by_oid)
-              rugged_batch_by_oid(repo, oids)
+              wrap_rugged_call { rugged_batch_by_oid(repo, oids) }
             else
               super
             end
@@ -68,7 +68,7 @@ module Gitlab
         override :commit_tree_entry
         def commit_tree_entry(path)
           if use_rugged?(@repository, :rugged_commit_tree_entry)
-            rugged_tree_entry(path)
+            wrap_rugged_call { rugged_tree_entry(path) }
           else
             super
           end
diff --git a/lib/gitlab/git/rugged_impl/repository.rb b/lib/gitlab/git/rugged_impl/repository.rb
index 9268abdfed9..7bed553393c 100644
--- a/lib/gitlab/git/rugged_impl/repository.rb
+++ b/lib/gitlab/git/rugged_impl/repository.rb
@@ -48,7 +48,7 @@ module Gitlab
         override :ancestor?
         def ancestor?(from, to)
           if use_rugged?(self, :rugged_commit_is_ancestor)
-            rugged_is_ancestor?(from, to)
+            wrap_rugged_call { rugged_is_ancestor?(from, to) }
           else
             super
           end
diff --git a/lib/gitlab/git/rugged_impl/tree.rb b/lib/gitlab/git/rugged_impl/tree.rb
index f3721a3f1b7..479c5f9d8b7 100644
--- a/lib/gitlab/git/rugged_impl/tree.rb
+++ b/lib/gitlab/git/rugged_impl/tree.rb
@@ -16,7 +16,7 @@ module Gitlab
           override :tree_entries
           def tree_entries(repository, sha, path, recursive)
             if use_rugged?(repository, :rugged_tree_entries)
-              tree_entries_with_flat_path_from_rugged(repository, sha, path, recursive)
+              wrap_rugged_call { tree_entries_with_flat_path_from_rugged(repository, sha, path, recursive) }
             else
               super
             end
diff --git a/lib/gitlab/git/rugged_impl/use_rugged.rb b/lib/gitlab/git/rugged_impl/use_rugged.rb
index 99091b03cd1..902fa3c7822 100644
--- a/lib/gitlab/git/rugged_impl/use_rugged.rb
+++ b/lib/gitlab/git/rugged_impl/use_rugged.rb
@@ -10,6 +10,12 @@ module Gitlab
 
           Gitlab::GitalyClient.can_use_disk?(repo.storage)
         end
+
+        def wrap_rugged_call(&block)
+          Gitlab::GitalyClient::StorageSettings.allow_disk_access do
+            yield
+          end
+        end
       end
     end
   end
diff --git a/lib/gitlab/gitaly_client.rb b/lib/gitlab/gitaly_client.rb
index 091351e5cb2..3cafa49ec51 100644
--- a/lib/gitlab/gitaly_client.rb
+++ b/lib/gitlab/gitaly_client.rb
@@ -388,21 +388,20 @@ module Gitlab
     end
 
     def self.can_use_disk?(storage)
-      false
-      # cached_value = MUTEX.synchronize do
-      #   @can_use_disk ||= {}
-      #   @can_use_disk[storage]
-      # end
+      cached_value = MUTEX.synchronize do
+        @can_use_disk ||= {}
+        @can_use_disk[storage]
+      end
 
-      # return cached_value unless cached_value.nil?
+      return cached_value if cached_value.present?
 
-      # gitaly_filesystem_id = filesystem_id(storage)
-      # direct_filesystem_id = filesystem_id_from_disk(storage)
+      gitaly_filesystem_id = filesystem_id(storage)
+      direct_filesystem_id = filesystem_id_from_disk(storage)
 
-      # MUTEX.synchronize do
-      #   @can_use_disk[storage] = gitaly_filesystem_id.present? &&
-      #     gitaly_filesystem_id == direct_filesystem_id
-      # end
+      MUTEX.synchronize do
+        @can_use_disk[storage] = gitaly_filesystem_id.present? &&
+          gitaly_filesystem_id == direct_filesystem_id
+      end
     end
 
     def self.filesystem_id(storage)
@@ -415,7 +414,7 @@ module Gitlab
       metadata_file = File.read(storage_metadata_file_path(storage))
       metadata_hash = JSON.parse(metadata_file)
       metadata_hash['gitaly_filesystem_id']
-    rescue Errno::ENOENT, JSON::ParserError
+    rescue Errno::ENOENT, Errno::ACCESS, JSON::ParserError
       nil
     end
 
diff --git a/spec/lib/gitlab/cache/ci/project_pipeline_status_spec.rb b/spec/lib/gitlab/cache/ci/project_pipeline_status_spec.rb
index 972dd7e0d2b..483c5ea9cff 100644
--- a/spec/lib/gitlab/cache/ci/project_pipeline_status_spec.rb
+++ b/spec/lib/gitlab/cache/ci/project_pipeline_status_spec.rb
@@ -26,7 +26,6 @@ describe Gitlab::Cache::Ci::ProjectPipelineStatus, :clean_gitlab_redis_cache do
       end
 
       it 'loads 10 projects without hitting Gitaly call limit', :request_store do
-        allow(Gitlab::GitalyClient).to receive(:can_access_disk?).and_return(false)
         projects = Gitlab::GitalyClient.allow_n_plus_1_calls do
           (1..10).map { create(:project, :repository) }
         end
diff --git a/spec/lib/gitlab/git/rugged_impl/use_rugged_spec.rb b/spec/lib/gitlab/git/rugged_impl/use_rugged_spec.rb
index e7ef9d08f80..e437647c258 100644
--- a/spec/lib/gitlab/git/rugged_impl/use_rugged_spec.rb
+++ b/spec/lib/gitlab/git/rugged_impl/use_rugged_spec.rb
@@ -21,6 +21,7 @@ describe Gitlab::Git::RuggedImpl::UseRugged, :seed_helper do
   end
 
   before do
+    allow(Gitlab::GitalyClient).to receive(:can_use_disk?).and_call_original
     Gitlab::GitalyClient.instance_variable_set(:@can_use_disk, {})
   end
 
@@ -30,7 +31,6 @@ describe Gitlab::Git::RuggedImpl::UseRugged, :seed_helper do
     end
 
     it 'returns true when gitaly matches disk' do
-      pending('temporary disabled because of https://gitlab.com/gitlab-org/gitlab-ce/issues/64338')
       expect(subject.use_rugged?(repository, feature_flag_name)).to be true
     end
 
@@ -49,7 +49,6 @@ describe Gitlab::Git::RuggedImpl::UseRugged, :seed_helper do
     end
 
     it "doesn't lead to a second rpc call because gitaly client should use the cached value" do
-      pending('temporary disabled because of https://gitlab.com/gitlab-org/gitlab-ce/issues/64338')
       expect(subject.use_rugged?(repository, feature_flag_name)).to be true
 
       expect(Gitlab::GitalyClient).not_to receive(:filesystem_id)
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 95e0d8858b9..978158192d9 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -134,6 +134,8 @@ RSpec.configure do |config|
       allow(Feature).to receive(:enabled?).with(flag).and_return(enabled)
     end
 
+    allow(Gitlab::GitalyClient).to receive(:can_use_disk?).and_return(enabled)
+
     # The following can be removed when we remove the staged rollout strategy
     # and we can just enable it using instance wide settings
     # (ie. ApplicationSetting#auto_devops_enabled)
-- 
cgit v1.2.1


From 6ff16f4bd0c229125e137cc5ce02f3faccbd20be Mon Sep 17 00:00:00 2001
From: blunceford <blunceford@gitlab.com>
Date: Tue, 16 Jul 2019 15:33:35 -0600
Subject: Fix bug with closed milestones in dashboard

---
 app/models/dashboard_group_milestone.rb            |  3 +--
 .../dashboard/milestones_controller_spec.rb        | 22 ++++++++++++++++++++++
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/app/models/dashboard_group_milestone.rb b/app/models/dashboard_group_milestone.rb
index 74aa04ab7d0..ec52f1ed370 100644
--- a/app/models/dashboard_group_milestone.rb
+++ b/app/models/dashboard_group_milestone.rb
@@ -15,8 +15,7 @@ class DashboardGroupMilestone < GlobalMilestone
     milestones = Milestone.of_groups(groups.select(:id))
              .reorder_by_due_date_asc
              .order_by_name_asc
-             .active
     milestones = milestones.search_title(params[:search_title]) if params[:search_title].present?
-    milestones.map { |m| new(m) }
+    Milestone.filter_by_state(milestones, params[:state]).map { |m| new(m) }
   end
 end
diff --git a/spec/controllers/dashboard/milestones_controller_spec.rb b/spec/controllers/dashboard/milestones_controller_spec.rb
index 4de537ae6f8..010d6ba477d 100644
--- a/spec/controllers/dashboard/milestones_controller_spec.rb
+++ b/spec/controllers/dashboard/milestones_controller_spec.rb
@@ -59,6 +59,18 @@ describe Dashboard::MilestonesController do
       expect(json_response.map { |i| i["group_name"] }.compact).to match_array(group.name)
     end
 
+    it 'returns closed group and project milestones to which the user belongs' do
+      closed_group_milestone = create(:milestone, group: group, state: 'closed')
+      closed_project_milestone = create(:milestone, project: project, state: 'closed')
+
+      get :index, params: { state: 'closed' }, format: :json
+
+      expect(response).to have_gitlab_http_status(200)
+      expect(json_response.size).to eq(2)
+      expect(json_response.map { |i| i["name"] }).to match_array([closed_group_milestone.name, closed_project_milestone.name])
+      expect(json_response.map { |i| i["group_name"] }.compact).to match_array(group.name)
+    end
+
     it 'searches legacy project milestones by title when search_title is given' do
       project_milestone = create(:milestone, title: 'Project milestone title', project: project)
 
@@ -84,6 +96,16 @@ describe Dashboard::MilestonesController do
       expect(response.body).to include("Closed\n<span class=\"badge badge-pill\">0</span>")
     end
 
+    it 'shows counts of closed group and project milestones to which the user belongs to' do
+      closed_group_milestone = create(:milestone, group: group, state: 'closed')
+      closed_project_milestone = create(:milestone, project: project, state: 'closed')
+
+      get :index
+
+      expect(response.body).to include("Open\n<span class=\"badge badge-pill\">2</span>")
+      expect(response.body).to include("Closed\n<span class=\"badge badge-pill\">2</span>")
+    end
+
     context 'external authorization' do
       subject { get :index }
 
-- 
cgit v1.2.1


From 9d5ce415cc1f541e810c1b3961bd1a01d25a4f68 Mon Sep 17 00:00:00 2001
From: Annabel Dunstone Gray <annabel.m.gray@gmail.com>
Date: Tue, 16 Jul 2019 21:49:04 +0000
Subject: Revert "Merge branch 'button-bug-fixes' into 'master'"

This reverts merge request !30678
---
 app/assets/stylesheets/pages/projects.scss | 2 +-
 changelogs/unreleased/button-bug-fixes.yml | 5 -----
 2 files changed, 1 insertion(+), 6 deletions(-)
 delete mode 100644 changelogs/unreleased/button-bug-fixes.yml

diff --git a/app/assets/stylesheets/pages/projects.scss b/app/assets/stylesheets/pages/projects.scss
index e453f4a2264..c80beceae52 100644
--- a/app/assets/stylesheets/pages/projects.scss
+++ b/app/assets/stylesheets/pages/projects.scss
@@ -303,7 +303,7 @@
 
     .count-badge-count,
     .count-badge-button {
-      border: 1px solid $gray-400;
+      border: 1px solid $border-color;
       line-height: 1;
     }
 
diff --git a/changelogs/unreleased/button-bug-fixes.yml b/changelogs/unreleased/button-bug-fixes.yml
deleted file mode 100644
index b63bfdf24ad..00000000000
--- a/changelogs/unreleased/button-bug-fixes.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix Project Badge Button Styles
-merge_request: 30678
-author:
-type: fixed
-- 
cgit v1.2.1


From baa2d078a570653f73f54635318d009e43b93df8 Mon Sep 17 00:00:00 2001
From: blunceford <blunceford@gitlab.com>
Date: Tue, 16 Jul 2019 15:54:45 -0600
Subject: Added changelog entry for fix

---
 changelogs/unreleased/group-milestones-dashboard-blunceford.yml | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changelogs/unreleased/group-milestones-dashboard-blunceford.yml

diff --git a/changelogs/unreleased/group-milestones-dashboard-blunceford.yml b/changelogs/unreleased/group-milestones-dashboard-blunceford.yml
new file mode 100644
index 00000000000..e3ae94e9601
--- /dev/null
+++ b/changelogs/unreleased/group-milestones-dashboard-blunceford.yml
@@ -0,0 +1,5 @@
+---
+title: Fix bug in dashboard display of closed milestones
+merge_request: 30820
+author: blunceford
+type: fixed
-- 
cgit v1.2.1


From d87c6b634e8d138a4fc6f94df1b517e63ea32db0 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Tue, 16 Jul 2019 10:07:07 -0700
Subject: Bump fog-aws to v3.5.2

This will make it possible for Oracle Cloud to work with S3 by disabling
Signature V4 streaming (https://github.com/fog/fog-aws/issues/523).

Full CHANGELOG:
https://github.com/fog/fog-aws/blob/master/CHANGELOG.md

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/63041
---
 Gemfile                                   | 2 +-
 Gemfile.lock                              | 4 ++--
 changelogs/unreleased/sh-bump-fog-aws.yml | 5 +++++
 3 files changed, 8 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/unreleased/sh-bump-fog-aws.yml

diff --git a/Gemfile b/Gemfile
index 7845e9d57fa..8bffc2a973d 100644
--- a/Gemfile
+++ b/Gemfile
@@ -100,7 +100,7 @@ gem 'carrierwave', '~> 1.3'
 gem 'mini_magick'
 
 # for backups
-gem 'fog-aws', '~> 3.3'
+gem 'fog-aws', '~> 3.5'
 # Locked until fog-google resolves https://github.com/fog/fog-google/issues/421.
 # Also see config/initializers/fog_core_patch.rb.
 gem 'fog-core', '= 2.1.0'
diff --git a/Gemfile.lock b/Gemfile.lock
index beded888ffd..60939ae918c 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -253,7 +253,7 @@ GEM
       fog-json
       ipaddress (~> 0.8)
       xml-simple (~> 1.1)
-    fog-aws (3.3.0)
+    fog-aws (3.5.2)
       fog-core (~> 2.1)
       fog-json (~> 1.1)
       fog-xml (~> 0.1)
@@ -1105,7 +1105,7 @@ DEPENDENCIES
   flipper-active_support_cache_store (~> 0.13.0)
   flowdock (~> 0.7)
   fog-aliyun (~> 0.3)
-  fog-aws (~> 3.3)
+  fog-aws (~> 3.5)
   fog-core (= 2.1.0)
   fog-google (~> 1.8)
   fog-local (~> 0.6)
diff --git a/changelogs/unreleased/sh-bump-fog-aws.yml b/changelogs/unreleased/sh-bump-fog-aws.yml
new file mode 100644
index 00000000000..a936b81ff02
--- /dev/null
+++ b/changelogs/unreleased/sh-bump-fog-aws.yml
@@ -0,0 +1,5 @@
+---
+title: Bump fog-aws to v3.5.2
+merge_request: 30803
+author:
+type: fixed
-- 
cgit v1.2.1


From e7648b04ca1d7ae231a5e80cd6b0fa295d023a9b Mon Sep 17 00:00:00 2001
From: Artur Trzop <arturtrzop@gmail.com>
Date: Wed, 17 Jul 2019 00:31:22 +0000
Subject: Add 3rd party parallel tools section to docs

---
 doc/ci/examples/README.md | 1 +
 doc/ci/yaml/README.md     | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/doc/ci/examples/README.md b/doc/ci/examples/README.md
index 5a302392c54..9295dcfd4e0 100644
--- a/doc/ci/examples/README.md
+++ b/doc/ci/examples/README.md
@@ -37,6 +37,7 @@ The following table lists examples with step-by-step tutorials that are containe
 | Python on Heroku            | [Test and deploy a Python application with GitLab CI/CD](test-and-deploy-python-application-to-heroku.md).                 |
 | Ruby on Heroku              | [Test and deploy a Ruby application with GitLab CI/CD](test-and-deploy-ruby-application-to-heroku.md).                     |
 | Scala on Heroku             | [Test and deploy a Scala application to Heroku](test-scala-application.md).                                                |
+| Parallel testing Ruby & JS  | [GitLab CI parallel jobs testing for Ruby & JavaScript projects](https://docs.knapsackpro.com/2019/how-to-run-parallel-jobs-for-rspec-tests-on-gitlab-ci-pipeline-and-speed-up-ruby-javascript-testing). |
 
 ### Contributing examples
 
diff --git a/doc/ci/yaml/README.md b/doc/ci/yaml/README.md
index b1b193701c3..001f951ebb8 100644
--- a/doc/ci/yaml/README.md
+++ b/doc/ci/yaml/README.md
@@ -1779,6 +1779,10 @@ test:
   parallel: 5
 ```
 
+TIP: **Tip:**
+Parallelize tests suites across parallel jobs.
+Different languages have different tools to facilitate this.
+
 ### `trigger` **(PREMIUM)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/8997) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.8.
-- 
cgit v1.2.1


From 443aad5f1c5c6aa61b92f68a22b96a38c72aaffa Mon Sep 17 00:00:00 2001
From: Marcia Ramos <marcia@gitlab.com>
Date: Wed, 17 Jul 2019 00:39:22 +0000
Subject: Docs: update Cloudflare's redirect method for Pages

---
 .../custom_domains_ssl_tls_certification/index.md   | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md b/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md
index 6c0d3e9e9d3..219e141d72e 100644
--- a/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md
+++ b/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md
@@ -179,15 +179,26 @@ From that page, you can view, add, and remove them.
 
 ### Redirecting `www.domain.com` to `domain.com` with Cloudflare
 
-If you use Cloudflare, you can redirect `www` to `domain.com` without adding both
-`www.domain.com` and `domain.com` to GitLab. This happens due to a [Cloudflare feature that creates
-a 301 redirect as a "page rule"](https://gitlab.com/gitlab-org/gitlab-ce/issues/48848#note_87314849) for redirecting `www.domain.com` to `domain.com`. In this case,
-you can use the following setup:
+If you use Cloudflare, you can redirect `www` to `domain.com`
+without adding both `www.domain.com` and `domain.com` to GitLab.
+
+To do so, you can use Cloudflare's page rules associated to a
+CNAME record to redirect `www.domain.com` to `domain.com`. You
+can use the following setup:
 
 1. In Cloudflare, create a DNS `A` record pointing `domain.com` to `35.185.44.232`.
-1. In GitLab, add the domain to GitLab Pages.
+1. In GitLab, add the domain to GitLab Pages and get the verification code.
 1. In Cloudflare, create a DNS `TXT` record to verify your domain.
+1. In GitLab, verify your domain.
 1. In Cloudflare, create a DNS `CNAME` record pointing `www` to `domain.com`.
+1. In Cloudflare, add a Page Rule pointing `www.domain,com` to `domain.com`:
+    - Navigate to your domain's dashboard and click **Page Rules**
+      on the top nav.
+    - Click **Create Page Rule**.
+    - Enter the domain `www.domain.com` and click **+ Add a Setting**.
+    - From the dropdown menu, choose **Forwarding URL**, then select the
+      status code **301 - Permanent Redirect**.
+    - Enter the destination URL `https://domain.com`.
 
 ## Adding an SSL/TLS certificate to Pages
 
-- 
cgit v1.2.1


From 5c97713bcd5b8db4332b4702d0fc6524d02f4a74 Mon Sep 17 00:00:00 2001
From: Fabien Catteau <fcatteau@gitlab.com>
Date: Wed, 17 Jul 2019 00:59:03 +0000
Subject: Propagate PIP index URL

Propagate PIP_INDEX_URL, PIP_EXTRA_INDEX_URL
to the dependency-scanning Docker image
to support Python projects depending on custom
Pypi registries. These variables will be consumed
by the gemnasium-python analyzer.
---
 doc/user/application_security/dependency_scanning/index.md         | 2 ++
 lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md
index 0dd0fd3f136..09bd306363c 100644
--- a/doc/user/application_security/dependency_scanning/index.md
+++ b/doc/user/application_security/dependency_scanning/index.md
@@ -149,6 +149,8 @@ using environment variables.
 | `DS_DOCKER_CLIENT_NEGOTIATION_TIMEOUT`  | Time limit for Docker client negotiation. Timeouts are parsed using Go's [`ParseDuration`](https://golang.org/pkg/time/#ParseDuration). Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`. For example, `300ms`, `1.5h`, or `2h45m`. |
 | `DS_PULL_ANALYZER_IMAGE_TIMEOUT`        | Time limit when pulling the image of an analyzer. Timeouts are parsed using Go's [`ParseDuration`](https://golang.org/pkg/time/#ParseDuration). Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`. For example, `300ms`, `1.5h`, or `2h45m`. |
 | `DS_RUN_ANALYZER_TIMEOUT`               | Time limit when running an analyzer. Timeouts are parsed using Go's [`ParseDuration`](https://golang.org/pkg/time/#ParseDuration). Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`. For example, `300ms`, `1.5h`, or `2h45m`. |
+| `PIP_INDEX_URL`                         | Base URL of Python Package Index (default https://pypi.org/simple). |
+| `PIP_EXTRA_INDEX_URL`                   | Array of [extra URLs](https://pip.pypa.io/en/stable/reference/pip_install/#cmdoption-extra-index-url) of package indexes to use in addition to `PIP_INDEX_URL`. Comma separated. |
 
 ## Reports JSON format
 
diff --git a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
index f176771775e..89eccce69f6 100644
--- a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
@@ -41,6 +41,8 @@ dependency_scanning:
           DS_PULL_ANALYZER_IMAGE_TIMEOUT \
           DS_RUN_ANALYZER_TIMEOUT \
           DS_PYTHON_VERSION \
+          PIP_INDEX_URL \
+          PIP_EXTRA_INDEX_URL \
         ) \
         --volume "$PWD:/code" \
         --volume /var/run/docker.sock:/var/run/docker.sock \
-- 
cgit v1.2.1


From 55ab098eb1a778e794de8afb2773645405a11a7b Mon Sep 17 00:00:00 2001
From: Elliot Rushton <erushton@gitlab.com>
Date: Wed, 17 Jul 2019 04:19:00 +0000
Subject: Add tip about stripping ANSI color codes

---
 doc/user/project/pipelines/settings.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/doc/user/project/pipelines/settings.md b/doc/user/project/pipelines/settings.md
index e60da6a3e59..df82daa3da3 100644
--- a/doc/user/project/pipelines/settings.md
+++ b/doc/user/project/pipelines/settings.md
@@ -89,6 +89,22 @@ in the jobs table.
 A few examples of known coverage tools for a variety of languages can be found
 in the pipelines settings page.
 
+### Removing color codes
+
+Some test coverage tools output with ANSI color codes that won't be
+parsed correctly by the regular expression and will cause coverage 
+parsing to fail. 
+
+If your coverage tool doesn't provide an option to disable color
+codes in the output, you can pipe the output of the coverage tool through a 
+small one line script that will strip the color codes off.
+
+For example:
+
+```bash
+lein cloverage | perl -pe 's/\e\[?.*?[\@-~]//g'
+```
+
 ## Visibility of pipelines
 
 Access to pipelines and job details (including output of logs and artifacts)
-- 
cgit v1.2.1


From e4fe6868d86f3093e5682470511a14536bde8d71 Mon Sep 17 00:00:00 2001
From: Russell Dickenson <rdickenson@gitlab.com>
Date: Wed, 17 Jul 2019 05:33:52 +0000
Subject: Documented autocomplete characters

- Added a table listing all autocomplete
  characters.
- Added a link to the autocomplete characters
  docs, from the Projects feature list.
- Added an example of how autocomplete would behave
  for `Users and groups`, including two screenshots.
---
 doc/user/project/autocomplete_characters.md        |  48 +++++++++++++++++++++
 .../img/autocomplete_characters_example1_v12_0.png | Bin 0 -> 17510 bytes
 .../img/autocomplete_characters_example2_v12_0.png | Bin 0 -> 14623 bytes
 doc/user/project/index.md                          |   3 ++
 4 files changed, 51 insertions(+)
 create mode 100644 doc/user/project/autocomplete_characters.md
 create mode 100755 doc/user/project/img/autocomplete_characters_example1_v12_0.png
 create mode 100755 doc/user/project/img/autocomplete_characters_example2_v12_0.png

diff --git a/doc/user/project/autocomplete_characters.md b/doc/user/project/autocomplete_characters.md
new file mode 100644
index 00000000000..9ebf7f821a1
--- /dev/null
+++ b/doc/user/project/autocomplete_characters.md
@@ -0,0 +1,48 @@
+# Autocomplete characters
+
+The autocomplete characters provide a quick way of entering field values into
+Markdown fields. When you start typing a word in a Markdown field with one of
+the following characters, GitLab progressively autocompletes against a set of
+matching values. The string matching is not case sensitive.
+
+| Character | Autocompletes |
+| :-------- | :------------ |
+| `~`       | Labels |
+| `%`       | Milestones |
+| `@`       | Users and groups |
+| `#`       | Issues |
+| `!`       | Merge requests |
+| `&`       | Epics |
+| `$`       | Snippets |
+| `:`       | Emoji |
+| `/`       | Quick Actions |
+
+Up to 5 of the most relevant matches are displayed in a popup list. When you
+select an item from the list, the value is entered in the field. The more
+characters you enter, the more precise the matches are.
+
+Autocomplete characters are useful when combined with [Quick Actions](quick_actions.md).
+
+## Example
+
+Assume your GitLab instance includes the following users:
+
+| Username        | Name |
+| :-------------- | :--- |
+| alessandra      | Rosy Grant |
+| lawrence.white  | Kelsey Kerluke |
+| leanna          | Rosemarie Rogahn |
+| logan_gutkowski | Lee Wuckert |
+| shelba          | Josefine Haley |
+
+In an Issue comment, entering `@l` results in the following popup list
+appearing. Note that user `shelba` is not included, because the list includes
+only the 5 users most relevant to the Issue.
+
+![Popup list which includes users whose username or name contains the letter `l`](img/autocomplete_characters_example1_v12_0.png)
+
+If you continue to type, `@le`, the popup list changes to the following. The
+popup now only includes users where `le` appears in their username, or a word in
+their name.
+
+![Popup list which includes users whose username or name contains the string `le`](img/autocomplete_characters_example2_v12_0.png)
diff --git a/doc/user/project/img/autocomplete_characters_example1_v12_0.png b/doc/user/project/img/autocomplete_characters_example1_v12_0.png
new file mode 100755
index 00000000000..9c6fa923b80
Binary files /dev/null and b/doc/user/project/img/autocomplete_characters_example1_v12_0.png differ
diff --git a/doc/user/project/img/autocomplete_characters_example2_v12_0.png b/doc/user/project/img/autocomplete_characters_example2_v12_0.png
new file mode 100755
index 00000000000..b2e8a782a0b
Binary files /dev/null and b/doc/user/project/img/autocomplete_characters_example2_v12_0.png differ
diff --git a/doc/user/project/index.md b/doc/user/project/index.md
index 0ffa69b6b78..7307c5b8991 100644
--- a/doc/user/project/index.md
+++ b/doc/user/project/index.md
@@ -52,6 +52,9 @@ When you create a project in GitLab, you'll have access to a large number of
   templates for issue and merge request description fields for your project
 - [Slash commands (quick actions)](quick_actions.md): Textual shortcuts for
   common actions on issues or merge requests
+- [Autocomplete characters](autocomplete_characters.md): Autocomplete
+  references to users, groups, issues, merge requests, and other GitLab
+  elements.
 - [Web IDE](web_ide/index.md)
 
 **GitLab CI/CD:**
-- 
cgit v1.2.1


From 34c6f2723c3bc44aba1d9d886522fdfe8db6a9f6 Mon Sep 17 00:00:00 2001
From: Guillaume Grossetie <ggrossetie@gmail.com>
Date: Wed, 10 Jul 2019 10:30:10 +0200
Subject: Preserve footnote link ids

---
 ...4645-asciidoctor-preserve-footnote-link-ids.yml |  5 +++
 lib/banzai/filter/ascii_doc_sanitization_filter.rb | 33 +++++++++++---
 spec/lib/gitlab/asciidoc_spec.rb                   | 50 ++++++++++++++++++++++
 3 files changed, 83 insertions(+), 5 deletions(-)
 create mode 100644 changelogs/unreleased/64645-asciidoctor-preserve-footnote-link-ids.yml

diff --git a/changelogs/unreleased/64645-asciidoctor-preserve-footnote-link-ids.yml b/changelogs/unreleased/64645-asciidoctor-preserve-footnote-link-ids.yml
new file mode 100644
index 00000000000..5427a035478
--- /dev/null
+++ b/changelogs/unreleased/64645-asciidoctor-preserve-footnote-link-ids.yml
@@ -0,0 +1,5 @@
+---
+title: "Preserve footnote link ids in Asciidoctor"
+merge_request: 30790
+author: Guillaume Grossetie
+type: added
\ No newline at end of file
diff --git a/lib/banzai/filter/ascii_doc_sanitization_filter.rb b/lib/banzai/filter/ascii_doc_sanitization_filter.rb
index d8d63075752..9105e86ad04 100644
--- a/lib/banzai/filter/ascii_doc_sanitization_filter.rb
+++ b/lib/banzai/filter/ascii_doc_sanitization_filter.rb
@@ -8,12 +8,18 @@ module Banzai
     class AsciiDocSanitizationFilter < Banzai::Filter::BaseSanitizationFilter
       # Section anchor link pattern
       SECTION_LINK_REF_PATTERN = /\A#{Gitlab::Asciidoc::DEFAULT_ADOC_ATTRS['idprefix']}(:?[[:alnum:]]|-|_)+\z/.freeze
+      SECTION_HEADINGS = %w(h2 h3 h4 h5 h6).freeze
+
+      # Footnote link patterns
+      FOOTNOTE_LINK_ID_PATTERNS = {
+        a: /\A_footnoteref_\d+\z/,
+        div: /\A_footnotedef_\d+\z/
+      }.freeze
 
       # Classes used by Asciidoctor to style components
       ADMONITION_CLASSES = %w(fa icon-note icon-tip icon-warning icon-caution icon-important).freeze
       CALLOUT_CLASSES = ['conum'].freeze
       CHECKLIST_CLASSES = %w(fa fa-check-square-o fa-square-o).freeze
-
       LIST_CLASSES = %w(checklist none no-bullet unnumbered unstyled).freeze
 
       ELEMENT_CLASSES_WHITELIST = {
@@ -26,8 +32,6 @@ module Banzai
         a: ['anchor'].freeze
       }.freeze
 
-      ALLOWED_HEADERS = %w(h2 h3 h4 h5 h6).freeze
-
       def customize_whitelist(whitelist)
         # Allow marks
         whitelist[:elements].push('mark')
@@ -44,20 +48,39 @@ module Banzai
         whitelist[:transformers].push(self.class.remove_element_classes)
 
         # Allow `id` in heading elements for section anchors
-        ALLOWED_HEADERS.each do |header|
+        SECTION_HEADINGS.each do |header|
           whitelist[:attributes][header] = %w(id)
         end
         whitelist[:transformers].push(self.class.remove_non_heading_ids)
 
+        # Allow `id` in footnote elements
+        FOOTNOTE_LINK_ID_PATTERNS.keys.each do |element|
+          whitelist[:attributes][element.to_s].push('id')
+        end
+        whitelist[:transformers].push(self.class.remove_non_footnote_ids)
+
         whitelist
       end
 
       class << self
+        def remove_non_footnote_ids
+          lambda do |env|
+            node = env[:node]
+
+            return unless (pattern = FOOTNOTE_LINK_ID_PATTERNS[node.name.to_sym])
+            return unless node.has_attribute?('id')
+
+            return if node['id'] =~ pattern
+
+            node.remove_attribute('id')
+          end
+        end
+
         def remove_non_heading_ids
           lambda do |env|
             node = env[:node]
 
-            return unless ALLOWED_HEADERS.any?(node.name)
+            return unless SECTION_HEADINGS.any?(node.name)
             return unless node.has_attribute?('id')
 
             return if node['id'] =~ SECTION_LINK_REF_PATTERN
diff --git a/spec/lib/gitlab/asciidoc_spec.rb b/spec/lib/gitlab/asciidoc_spec.rb
index 5293732ead1..cbd4a509a55 100644
--- a/spec/lib/gitlab/asciidoc_spec.rb
+++ b/spec/lib/gitlab/asciidoc_spec.rb
@@ -110,6 +110,56 @@ module Gitlab
 
           expect(render(input, context)).to include(output.strip)
         end
+
+        it 'removes non footnote def ids' do
+          input = <<~ADOC
+            ++++
+            <div id="def">Footnote definition</div>
+            ++++
+          ADOC
+
+          output = <<~HTML
+            <div>Footnote definition</div>
+          HTML
+
+          expect(render(input, context)).to include(output.strip)
+        end
+
+        it 'removes non footnote ref ids' do
+          input = <<~ADOC
+            ++++
+            <a id="ref">Footnote reference</a>
+            ++++
+          ADOC
+
+          output = <<~HTML
+            <a>Footnote reference</a>
+          HTML
+
+          expect(render(input, context)).to include(output.strip)
+        end
+      end
+
+      context 'with footnotes' do
+        it 'preserves ids and links' do
+          input = <<~ADOC
+            This paragraph has a footnote.footnote:[This is the text of the footnote.]
+          ADOC
+
+          output = <<~HTML
+           <div>
+           <p>This paragraph has a footnote.<sup>[<a id="_footnoteref_1" href="#_footnotedef_1" title="View footnote.">1</a>]</sup></p>
+           </div>
+           <div>
+           <hr>
+           <div id="_footnotedef_1">
+           <a href="#_footnoteref_1">1</a>. This is the text of the footnote.
+           </div>
+           </div>
+          HTML
+
+          expect(render(input, context)).to include(output.strip)
+        end
       end
 
       context 'with section anchors' do
-- 
cgit v1.2.1


From f8afb3805cf8cd12085c0e93bc6dad111afbd9c2 Mon Sep 17 00:00:00 2001
From: Rajendra kadam <rajendrakadam249@gmail.com>
Date: Wed, 17 Jul 2019 06:41:26 +0000
Subject: Fetch latest link in the description for zoom link, add more tests
 and remove frontend spec unnecessary tests

---
 .../javascripts/issue_show/components/app.vue      |  7 ++-
 .../issue_show/components/pinned_links.vue         | 31 +++----------
 app/helpers/issuables_helper.rb                    |  4 ++
 changelogs/unreleased/issue-zoom-url.yml           |  5 +++
 lib/gitlab/zoom_link_extractor.rb                  | 21 +++++++++
 .../issue_show/components/pinned_links_spec.js     | 52 ++--------------------
 spec/helpers/issuables_helper_spec.rb              | 41 +++++++++++++++++
 spec/lib/gitlab/zoom_link_extractor_spec.rb        | 24 ++++++++++
 8 files changed, 110 insertions(+), 75 deletions(-)
 create mode 100644 changelogs/unreleased/issue-zoom-url.yml
 create mode 100644 lib/gitlab/zoom_link_extractor.rb
 create mode 100644 spec/lib/gitlab/zoom_link_extractor_spec.rb

diff --git a/app/assets/javascripts/issue_show/components/app.vue b/app/assets/javascripts/issue_show/components/app.vue
index de2a9664cde..9ca38d6bbfa 100644
--- a/app/assets/javascripts/issue_show/components/app.vue
+++ b/app/assets/javascripts/issue_show/components/app.vue
@@ -55,6 +55,11 @@ export default {
       required: false,
       default: true,
     },
+    zoomMeetingUrl: {
+      type: String,
+      required: false,
+      default: null,
+    },
     issuableRef: {
       type: String,
       required: true,
@@ -342,7 +347,7 @@ export default {
         :title-text="state.titleText"
         :show-inline-edit-button="showInlineEditButton"
       />
-      <pinned-links :description-html="state.descriptionHtml" />
+      <pinned-links :zoom-meeting-url="zoomMeetingUrl" />
       <description-component
         v-if="state.descriptionHtml"
         :can-update="canUpdate"
diff --git a/app/assets/javascripts/issue_show/components/pinned_links.vue b/app/assets/javascripts/issue_show/components/pinned_links.vue
index 7a54b26bc2b..965e8a3d751 100644
--- a/app/assets/javascripts/issue_show/components/pinned_links.vue
+++ b/app/assets/javascripts/issue_show/components/pinned_links.vue
@@ -8,40 +8,19 @@ export default {
     GlLink,
   },
   props: {
-    descriptionHtml: {
+    zoomMeetingUrl: {
       type: String,
-      required: true,
-    },
-  },
-  computed: {
-    linksInDescription() {
-      const el = document.createElement('div');
-      el.innerHTML = this.descriptionHtml;
-      return [...el.querySelectorAll('a')].map(a => a.href);
-    },
-    // Detect links matching the following formats:
-    // Zoom Start links: https://zoom.us/s/<meeting-id>
-    // Zoom Join links: https://zoom.us/j/<meeting-id>
-    // Personal Zoom links: https://zoom.us/my/<meeting-id>
-    // Vanity Zoom links: https://gitlab.zoom.us/j/<meeting-id> (also /s and /my)
-    zoomHref() {
-      const zoomRegex = /^https:\/\/([\w\d-]+\.)?zoom\.us\/(s|j|my)\/.+/;
-      return this.linksInDescription.reduce((acc, currentLink) => {
-        let lastLink = acc;
-        if (zoomRegex.test(currentLink)) {
-          lastLink = currentLink;
-        }
-        return lastLink;
-      }, '');
+      required: false,
+      default: null,
     },
   },
 };
 </script>
 
 <template>
-  <div v-if="zoomHref" class="border-bottom mb-3 mt-n2">
+  <div v-if="zoomMeetingUrl" class="border-bottom mb-3 mt-n2">
     <gl-link
-      :href="zoomHref"
+      :href="zoomMeetingUrl"
       target="_blank"
       class="btn btn-inverted btn-secondary btn-sm text-dark mb-3"
     >
diff --git a/app/helpers/issuables_helper.rb b/app/helpers/issuables_helper.rb
index 67685ba4e1d..e2e007eee50 100644
--- a/app/helpers/issuables_helper.rb
+++ b/app/helpers/issuables_helper.rb
@@ -282,6 +282,10 @@ module IssuablesHelper
 
     data[:hasClosingMergeRequest] = issuable.merge_requests_count(current_user) != 0 if issuable.is_a?(Issue)
 
+    zoom_links = Gitlab::ZoomLinkExtractor.new(issuable.description).links
+
+    data[:zoomMeetingUrl] = zoom_links.last if zoom_links.any?
+
     if parent.is_a?(Group)
       data[:groupPath] = parent.path
     else
diff --git a/changelogs/unreleased/issue-zoom-url.yml b/changelogs/unreleased/issue-zoom-url.yml
new file mode 100644
index 00000000000..e0bd5478192
--- /dev/null
+++ b/changelogs/unreleased/issue-zoom-url.yml
@@ -0,0 +1,5 @@
+---
+title: Extract zoom link from issue and pass to frontend
+merge_request: 29910
+author: raju249
+type: added
diff --git a/lib/gitlab/zoom_link_extractor.rb b/lib/gitlab/zoom_link_extractor.rb
new file mode 100644
index 00000000000..d9994898a08
--- /dev/null
+++ b/lib/gitlab/zoom_link_extractor.rb
@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+# Detect links matching the following formats:
+# Zoom Start links: https://zoom.us/s/<meeting-id>
+# Zoom Join links: https://zoom.us/j/<meeting-id>
+# Personal Zoom links: https://zoom.us/my/<meeting-id>
+# Vanity Zoom links: https://gitlab.zoom.us/j/<meeting-id> (also /s and /my)
+
+module Gitlab
+  class ZoomLinkExtractor
+    ZOOM_REGEXP = %r{https://(?:[\w-]+\.)?zoom\.us/(?:s|j|my)/\S+}.freeze
+
+    def initialize(text)
+      @text = text.to_s
+    end
+
+    def links
+      @text.scan(ZOOM_REGEXP)
+    end
+  end
+end
diff --git a/spec/frontend/issue_show/components/pinned_links_spec.js b/spec/frontend/issue_show/components/pinned_links_spec.js
index 50041667a61..77da3390918 100644
--- a/spec/frontend/issue_show/components/pinned_links_spec.js
+++ b/spec/frontend/issue_show/components/pinned_links_spec.js
@@ -5,10 +5,6 @@ import PinnedLinks from '~/issue_show/components/pinned_links.vue';
 const localVue = createLocalVue();
 
 const plainZoomUrl = 'https://zoom.us/j/123456789';
-const vanityZoomUrl = 'https://gitlab.zoom.us/j/123456789';
-const startZoomUrl = 'https://zoom.us/s/123456789';
-const personalZoomUrl = 'https://zoom.us/my/hunter-zoloman';
-const randomUrl = 'https://zoom.us.com';
 
 describe('PinnedLinks', () => {
   let wrapper;
@@ -27,7 +23,7 @@ describe('PinnedLinks', () => {
       localVue,
       sync: false,
       propsData: {
-        descriptionHtml: '',
+        zoomMeetingUrl: null,
         ...props,
       },
     });
@@ -35,55 +31,15 @@ describe('PinnedLinks', () => {
 
   it('displays Zoom link', () => {
     createComponent({
-      descriptionHtml: `<a href="${plainZoomUrl}">Zoom</a>`,
+      zoomMeetingUrl: `<a href="${plainZoomUrl}">Zoom</a>`,
     });
 
     expect(link.text).toBe('Join Zoom meeting');
   });
 
-  it('detects plain Zoom link', () => {
+  it('does not render if there are no links', () => {
     createComponent({
-      descriptionHtml: `<a href="${plainZoomUrl}">Zoom</a>`,
-    });
-
-    expect(link.href).toBe(plainZoomUrl);
-  });
-
-  it('detects vanity Zoom link', () => {
-    createComponent({
-      descriptionHtml: `<a href="${vanityZoomUrl}">Zoom</a>`,
-    });
-
-    expect(link.href).toBe(vanityZoomUrl);
-  });
-
-  it('detects Zoom start meeting link', () => {
-    createComponent({
-      descriptionHtml: `<a href="${startZoomUrl}">Zoom</a>`,
-    });
-
-    expect(link.href).toBe(startZoomUrl);
-  });
-
-  it('detects personal Zoom room link', () => {
-    createComponent({
-      descriptionHtml: `<a href="${personalZoomUrl}">Zoom</a>`,
-    });
-
-    expect(link.href).toBe(personalZoomUrl);
-  });
-
-  it('only renders final Zoom link in description', () => {
-    createComponent({
-      descriptionHtml: `<a href="${plainZoomUrl}">Zoom</a><a href="${vanityZoomUrl}">Zoom</a>`,
-    });
-
-    expect(link.href).toBe(vanityZoomUrl);
-  });
-
-  it('does not render for other links', () => {
-    createComponent({
-      descriptionHtml: `<a href="${randomUrl}">Some other link</a>`,
+      zoomMeetingUrl: null,
     });
 
     expect(wrapper.find(GlLink).exists()).toBe(false);
diff --git a/spec/helpers/issuables_helper_spec.rb b/spec/helpers/issuables_helper_spec.rb
index 1d1446eaa30..3c8179460ac 100644
--- a/spec/helpers/issuables_helper_spec.rb
+++ b/spec/helpers/issuables_helper_spec.rb
@@ -202,5 +202,46 @@ describe IssuablesHelper do
       }
       expect(helper.issuable_initial_data(issue)).to match(hash_including(expected_data))
     end
+
+    describe '#zoomMeetingUrl in issue' do
+      let(:issue) { create(:issue, author: user, description: description) }
+
+      before do
+        assign(:project, issue.project)
+      end
+
+      context 'no zoom links in the issue description' do
+        let(:description) { 'issue text' }
+
+        it 'does not set zoomMeetingUrl' do
+          expect(helper.issuable_initial_data(issue))
+              .not_to include(:zoomMeetingUrl)
+        end
+      end
+
+      context 'no zoom links in the issue description if it has link but not a zoom link' do
+        let(:description) { 'issue text https://stackoverflow.com/questions/22' }
+
+        it 'does not set zoomMeetingUrl' do
+          expect(helper.issuable_initial_data(issue))
+              .not_to include(:zoomMeetingUrl)
+        end
+      end
+
+      context 'with two zoom links in description' do
+        let(:description) do
+          <<~TEXT
+            issue text and
+            zoom call on https://zoom.us/j/123456789 this url
+            and new zoom url https://zoom.us/s/lastone and some more text
+          TEXT
+        end
+
+        it 'sets zoomMeetingUrl value to the last url' do
+          expect(helper.issuable_initial_data(issue))
+            .to include(zoomMeetingUrl: 'https://zoom.us/s/lastone')
+        end
+      end
+    end
   end
 end
diff --git a/spec/lib/gitlab/zoom_link_extractor_spec.rb b/spec/lib/gitlab/zoom_link_extractor_spec.rb
new file mode 100644
index 00000000000..52387fc3688
--- /dev/null
+++ b/spec/lib/gitlab/zoom_link_extractor_spec.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::ZoomLinkExtractor do
+  describe "#links" do
+    using RSpec::Parameterized::TableSyntax
+
+    where(:text, :links) do
+      'issue text https://zoom.us/j/123 and https://zoom.us/s/1123433' | %w[https://zoom.us/j/123 https://zoom.us/s/1123433]
+      'https://zoom.us/j/1123433 issue text' | %w[https://zoom.us/j/1123433]
+      'issue https://zoom.us/my/1123433 text' | %w[https://zoom.us/my/1123433]
+      'issue https://gitlab.com and https://gitlab.zoom.us/s/1123433' | %w[https://gitlab.zoom.us/s/1123433]
+      'https://gitlab.zoom.us/j/1123433' | %w[https://gitlab.zoom.us/j/1123433]
+      'https://gitlab.zoom.us/my/1123433' | %w[https://gitlab.zoom.us/my/1123433]
+    end
+
+    with_them do
+      subject { described_class.new(text).links }
+
+      it { is_expected.to eq(links) }
+    end
+  end
+end
-- 
cgit v1.2.1


From 3e935e56c4b634f84b2ceea3841b620a2556ad09 Mon Sep 17 00:00:00 2001
From: Sanad Liaquat <sliaquat@gitlab.com>
Date: Wed, 17 Jul 2019 11:52:32 +0500
Subject: CE port of EE branch qa-staging-61-fix-ee-project-templates-spec

---
 qa/qa/page/component/select2.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/qa/qa/page/component/select2.rb b/qa/qa/page/component/select2.rb
index 85d4abcde9b..d05c44d22b2 100644
--- a/qa/qa/page/component/select2.rb
+++ b/qa/qa/page/component/select2.rb
@@ -8,6 +8,10 @@ module QA
           find('.select2-result-label', text: item_text, match: :prefer_exact).click
         end
 
+        def current_selection
+          find('.select2-chosen').text
+        end
+
         def clear_current_selection_if_present
           if has_css?('a > abbr.select2-search-choice-close', wait: 1.0)
             find('a > abbr.select2-search-choice-close').click
-- 
cgit v1.2.1


From 7aa1d17475e677fc47af450d033a781cfe505aa6 Mon Sep 17 00:00:00 2001
From: Imre Farkas <ifarkas@gitlab.com>
Date: Wed, 17 Jul 2019 07:20:17 +0000
Subject: CE port of "Move external authorization service API management to EE"

EE MR: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/14598
---
 lib/api/entities.rb                 |  1 -
 lib/api/helpers/projects_helpers.rb |  5 ++--
 lib/api/projects.rb                 |  4 ++-
 spec/requests/api/projects_spec.rb  | 49 -------------------------------------
 4 files changed, 6 insertions(+), 53 deletions(-)

diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 0a9515f1dd2..494da770279 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -294,7 +294,6 @@ module API
       expose :statistics, using: 'API::Entities::ProjectStatistics', if: -> (project, options) {
         options[:statistics] && Ability.allowed?(options[:current_user], :read_statistics, project)
       }
-      expose :external_authorization_classification_label
       expose :auto_devops_enabled?, as: :auto_devops_enabled
       expose :auto_devops_deploy_strategy do |project, options|
         project.auto_devops.nil? ? 'continuous' : project.auto_devops.deploy_strategy
diff --git a/lib/api/helpers/projects_helpers.rb b/lib/api/helpers/projects_helpers.rb
index 0e21a7a66fd..833e3b9ebaf 100644
--- a/lib/api/helpers/projects_helpers.rb
+++ b/lib/api/helpers/projects_helpers.rb
@@ -42,7 +42,6 @@ module API
         optional :printing_merge_request_link_enabled, type: Boolean, desc: 'Show link to create/view merge request when pushing from the command line'
         optional :merge_method, type: String, values: %w(ff rebase_merge merge), desc: 'The merge method used when merging merge requests'
         optional :initialize_with_readme, type: Boolean, desc: "Initialize a project with a README.md"
-        optional :external_authorization_classification_label, type: String, desc: 'The classification label for the project'
         optional :ci_default_git_depth, type: Integer, desc: 'Default number of revisions for shallow cloning'
         optional :auto_devops_enabled, type: Boolean, desc: 'Flag indication if Auto DevOps is enabled'
         optional :auto_devops_deploy_strategy, type: String, values: %w(continuous manual timed_incremental), desc: 'Auto Deploy strategy'
@@ -94,7 +93,6 @@ module API
           :visibility,
           :wiki_access_level,
           :avatar,
-          :external_authorization_classification_label,
 
           # TODO: remove in API v5, replaced by *_access_level
           :issues_enabled,
@@ -105,6 +103,9 @@ module API
           :snippets_enabled
         ]
       end
+
+      def filter_attributes_using_license!(attrs)
+      end
     end
   end
 end
diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index a7d62014509..0923d31f5ff 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -145,6 +145,7 @@ module API
       post do
         attrs = declared_params(include_missing: false)
         attrs = translate_params_for_compatibility(attrs)
+        filter_attributes_using_license!(attrs)
         project = ::Projects::CreateService.new(current_user, attrs).execute
 
         if project.saved?
@@ -179,6 +180,7 @@ module API
 
         attrs = declared_params(include_missing: false)
         attrs = translate_params_for_compatibility(attrs)
+        filter_attributes_using_license!(attrs)
         project = ::Projects::CreateService.new(user, attrs).execute
 
         if project.saved?
@@ -292,7 +294,7 @@ module API
         authorize! :change_visibility_level, user_project if attrs[:visibility].present?
 
         attrs = translate_params_for_compatibility(attrs)
-
+        filter_attributes_using_license!(attrs)
         verify_update_project_attrs!(user_project, attrs)
 
         result = ::Projects::UpdateService.new(user_project, current_user, attrs).execute
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index a2aae257352..fee300e9d7a 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -46,8 +46,6 @@ shared_examples 'languages and percentages JSON response' do
 end
 
 describe API::Projects do
-  include ExternalAuthorizationServiceHelpers
-
   let(:user) { create(:user) }
   let(:user2) { create(:user) }
   let(:user3) { create(:user) }
@@ -1425,39 +1423,6 @@ describe API::Projects do
         end
       end
     end
-
-    context 'with external authorization' do
-      let(:project) do
-        create(:project,
-               namespace: user.namespace,
-               external_authorization_classification_label: 'the-label')
-      end
-
-      context 'when the user has access to the project' do
-        before do
-          external_service_allow_access(user, project)
-        end
-
-        it 'includes the label in the response' do
-          get api("/projects/#{project.id}", user)
-
-          expect(response).to have_gitlab_http_status(200)
-          expect(json_response['external_authorization_classification_label']).to eq('the-label')
-        end
-      end
-
-      context 'when the external service denies access' do
-        before do
-          external_service_deny_access(user, project)
-        end
-
-        it 'returns a 404' do
-          get api("/projects/#{project.id}", user)
-
-          expect(response).to have_gitlab_http_status(404)
-        end
-      end
-    end
   end
 
   describe 'GET /projects/:id/users' do
@@ -2061,20 +2026,6 @@ describe API::Projects do
         expect(response).to have_gitlab_http_status(403)
       end
     end
-
-    context 'when updating external classification' do
-      before do
-        enable_external_authorization_service_check
-      end
-
-      it 'updates the classification label' do
-        put(api("/projects/#{project.id}", user), params: { external_authorization_classification_label: 'new label' })
-
-        expect(response).to have_gitlab_http_status(200)
-
-        expect(project.reload.external_authorization_classification_label).to eq('new label')
-      end
-    end
   end
 
   describe 'POST /projects/:id/archive' do
-- 
cgit v1.2.1


From 90aafe78aeddf77a82ddf5efce8139cc29c7e52f Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Wed, 17 Jul 2019 11:37:34 +1200
Subject: Removes clusters_cte feature flag

This has been enabled on production without issue

https://gitlab.com/gitlab-org/gitlab-ce/issues/64259
---
 app/models/concerns/deployment_platform.rb       | 23 +----------------------
 spec/models/concerns/deployment_platform_spec.rb | 18 +-----------------
 2 files changed, 2 insertions(+), 39 deletions(-)

diff --git a/app/models/concerns/deployment_platform.rb b/app/models/concerns/deployment_platform.rb
index 8f28c897eb6..e1a8725e728 100644
--- a/app/models/concerns/deployment_platform.rb
+++ b/app/models/concerns/deployment_platform.rb
@@ -12,19 +12,10 @@ module DeploymentPlatform
   private
 
   def find_deployment_platform(environment)
-    find_platform_kubernetes(environment) ||
+    find_platform_kubernetes_with_cte(environment) ||
       find_instance_cluster_platform_kubernetes(environment: environment)
   end
 
-  def find_platform_kubernetes(environment)
-    if Feature.enabled?(:clusters_cte)
-      find_platform_kubernetes_with_cte(environment)
-    else
-      find_cluster_platform_kubernetes(environment: environment) ||
-        find_group_cluster_platform_kubernetes(environment: environment)
-    end
-  end
-
   # EE would override this and utilize environment argument
   def find_platform_kubernetes_with_cte(_environment)
     Clusters::ClustersHierarchy.new(self).base_and_ancestors
@@ -32,18 +23,6 @@ module DeploymentPlatform
       .first&.platform_kubernetes
   end
 
-  # EE would override this and utilize environment argument
-  def find_cluster_platform_kubernetes(environment: nil)
-    clusters.enabled.default_environment
-      .last&.platform_kubernetes
-  end
-
-  # EE would override this and utilize environment argument
-  def find_group_cluster_platform_kubernetes(environment: nil)
-    Clusters::Cluster.enabled.default_environment.ancestor_clusters_for_clusterable(self)
-      .first&.platform_kubernetes
-  end
-
   # EE would override this and utilize environment argument
   def find_instance_cluster_platform_kubernetes(environment: nil)
     Clusters::Instance.new.clusters.enabled.default_environment
diff --git a/spec/models/concerns/deployment_platform_spec.rb b/spec/models/concerns/deployment_platform_spec.rb
index e2fc8a5d127..2378f400540 100644
--- a/spec/models/concerns/deployment_platform_spec.rb
+++ b/spec/models/concerns/deployment_platform_spec.rb
@@ -5,7 +5,7 @@ require 'rails_helper'
 describe DeploymentPlatform do
   let(:project) { create(:project) }
 
-  shared_examples '#deployment_platform' do
+  describe '#deployment_platform' do
     subject { project.deployment_platform }
 
     context 'with no Kubernetes configuration on CI/CD, no Kubernetes Service' do
@@ -84,20 +84,4 @@ describe DeploymentPlatform do
       end
     end
   end
-
-  context 'legacy implementation' do
-    before do
-      stub_feature_flags(clusters_cte: false)
-    end
-
-    include_examples '#deployment_platform'
-  end
-
-  context 'CTE implementation' do
-    before do
-      stub_feature_flags(clusters_cte: true)
-    end
-
-    include_examples '#deployment_platform'
-  end
 end
-- 
cgit v1.2.1


From 0aea28c093069f12bdb4d740217cfb1d396b6af8 Mon Sep 17 00:00:00 2001
From: Filipa Lacerda <filipa@gitlab.com>
Date: Wed, 17 Jul 2019 11:09:51 +0100
Subject: Removes EE differences for modal issues board

---
 app/assets/javascripts/boards/components/modal/footer.vue | 3 ++-
 app/assets/javascripts/boards/mixins/modal_footer.js      | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)
 create mode 100644 app/assets/javascripts/boards/mixins/modal_footer.js

diff --git a/app/assets/javascripts/boards/components/modal/footer.vue b/app/assets/javascripts/boards/components/modal/footer.vue
index eea0fb71c1a..5f100c617a0 100644
--- a/app/assets/javascripts/boards/components/modal/footer.vue
+++ b/app/assets/javascripts/boards/components/modal/footer.vue
@@ -1,4 +1,5 @@
 <script>
+import footerEEMixin from 'ee_else_ce/boards/mixins/modal_footer';
 import Flash from '../../../flash';
 import { __, n__ } from '../../../locale';
 import ListsDropdown from './lists_dropdown.vue';
@@ -10,7 +11,7 @@ export default {
   components: {
     ListsDropdown,
   },
-  mixins: [modalMixin],
+  mixins: [modalMixin, footerEEMixin],
   data() {
     return {
       modal: ModalStore.store,
diff --git a/app/assets/javascripts/boards/mixins/modal_footer.js b/app/assets/javascripts/boards/mixins/modal_footer.js
new file mode 100644
index 00000000000..ff8b4c56321
--- /dev/null
+++ b/app/assets/javascripts/boards/mixins/modal_footer.js
@@ -0,0 +1 @@
+export default {};
-- 
cgit v1.2.1


From 8e6af8c59ff1d22bc32e3d2ef44da5399bc23727 Mon Sep 17 00:00:00 2001
From: George Koltsov <gkoltsov@gitlab.com>
Date: Wed, 17 Jul 2019 11:16:37 +0100
Subject: Add better error message MembersMapper#ensure_default_member!

More details in: https://gitlab.com/gitlab-org/gitlab-ce/issues/64377
---
 lib/gitlab/import_export/members_mapper.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/gitlab/import_export/members_mapper.rb b/lib/gitlab/import_export/members_mapper.rb
index a154de5419e..d0e30b246ef 100644
--- a/lib/gitlab/import_export/members_mapper.rb
+++ b/lib/gitlab/import_export/members_mapper.rb
@@ -50,6 +50,8 @@ module Gitlab
         @project.project_members.destroy_all # rubocop: disable DestroyAll
 
         ProjectMember.create!(user: @user, access_level: ProjectMember::MAINTAINER, source_id: @project.id, importing: true)
+      rescue => e
+        raise e, ['Error adding importer user to project members', e.message].join('. ')
       end
 
       def add_team_member(member, existing_user = nil)
-- 
cgit v1.2.1


From f463a2d95b657cf9470053eeb3d12d236e3febb4 Mon Sep 17 00:00:00 2001
From: Imre Farkas <ifarkas@gitlab.com>
Date: Wed, 17 Jul 2019 11:07:26 +0000
Subject: Do Redis lookup in batches in ActiveSession.sessions_from_ids

By doing smaller mget calls to Redis, it can better schedule the
workload. Currently a single mget with a lot of keys can keep Redis busy
for long, while nothing in its queue gets processed.
---
 app/models/active_session.rb                            | 12 ++++++++----
 changelogs/unreleased/64315-mget_sessions_in_chunks.yml |  5 +++++
 spec/models/active_session_spec.rb                      | 13 +++++++++++++
 3 files changed, 26 insertions(+), 4 deletions(-)
 create mode 100644 changelogs/unreleased/64315-mget_sessions_in_chunks.yml

diff --git a/app/models/active_session.rb b/app/models/active_session.rb
index f355b02c428..345767179eb 100644
--- a/app/models/active_session.rb
+++ b/app/models/active_session.rb
@@ -3,6 +3,8 @@
 class ActiveSession
   include ActiveModel::Model
 
+  SESSION_BATCH_SIZE = 200
+
   attr_accessor :created_at, :updated_at,
     :session_id, :ip_address,
     :browser, :os, :device_name, :device_type,
@@ -106,10 +108,12 @@ class ActiveSession
     Gitlab::Redis::SharedState.with do |redis|
       session_keys = session_ids.map { |session_id| "#{Gitlab::Redis::SharedState::SESSION_NAMESPACE}:#{session_id}" }
 
-      redis.mget(session_keys).compact.map do |raw_session|
-        # rubocop:disable Security/MarshalLoad
-        Marshal.load(raw_session)
-        # rubocop:enable Security/MarshalLoad
+      session_keys.each_slice(SESSION_BATCH_SIZE).flat_map do |session_keys_batch|
+        redis.mget(session_keys_batch).compact.map do |raw_session|
+          # rubocop:disable Security/MarshalLoad
+          Marshal.load(raw_session)
+          # rubocop:enable Security/MarshalLoad
+        end
       end
     end
   end
diff --git a/changelogs/unreleased/64315-mget_sessions_in_chunks.yml b/changelogs/unreleased/64315-mget_sessions_in_chunks.yml
new file mode 100644
index 00000000000..d50d86726e2
--- /dev/null
+++ b/changelogs/unreleased/64315-mget_sessions_in_chunks.yml
@@ -0,0 +1,5 @@
+---
+title: Do Redis lookup in batches in ActiveSession.sessions_from_ids
+merge_request: 30561
+author:
+type: performance
diff --git a/spec/models/active_session_spec.rb b/spec/models/active_session_spec.rb
index 2762eaeccd3..09c2878663a 100644
--- a/spec/models/active_session_spec.rb
+++ b/spec/models/active_session_spec.rb
@@ -132,6 +132,19 @@ RSpec.describe ActiveSession, :clean_gitlab_redis_shared_state do
 
       expect(ActiveSession.sessions_from_ids([])).to eq([])
     end
+
+    it 'uses redis lookup in batches' do
+      stub_const('ActiveSession::SESSION_BATCH_SIZE', 1)
+
+      redis = double(:redis)
+      expect(Gitlab::Redis::SharedState).to receive(:with).and_yield(redis)
+
+      sessions = ['session-a', 'session-b']
+      mget_responses = sessions.map { |session| [Marshal.dump(session)]}
+      expect(redis).to receive(:mget).twice.and_return(*mget_responses)
+
+      expect(ActiveSession.sessions_from_ids([1, 2])).to eql(sessions)
+    end
   end
 
   describe '.set' do
-- 
cgit v1.2.1


From 0bd54eb43626c008a36958e42019f0dfea794dde Mon Sep 17 00:00:00 2001
From: George Koltsov <gkoltsov@gitlab.com>
Date: Wed, 17 Jul 2019 12:16:54 +0100
Subject: Add MembersMapper#ensure_default_user! spec

---
 spec/lib/gitlab/import_export/members_mapper_spec.rb | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/spec/lib/gitlab/import_export/members_mapper_spec.rb b/spec/lib/gitlab/import_export/members_mapper_spec.rb
index b95b5dfe791..a9e8431acba 100644
--- a/spec/lib/gitlab/import_export/members_mapper_spec.rb
+++ b/spec/lib/gitlab/import_export/members_mapper_spec.rb
@@ -154,5 +154,15 @@ describe Gitlab::ImportExport::MembersMapper do
         expect(members_mapper.map[exported_user_id]).to eq(user2.id)
       end
     end
+
+    context 'when importer mapping fails' do
+      let(:exception_message) { 'Something went wrong' }
+
+      it 'includes importer specific error message' do
+        expect(ProjectMember).to receive(:create!).and_raise(StandardError.new(exception_message))
+
+        expect { members_mapper.map }.to raise_error(StandardError, "Error adding importer user to project members. #{exception_message}")
+      end
+    end
   end
 end
-- 
cgit v1.2.1


From 8256d4075db4ee2d00897f21d34b78f092571f2c Mon Sep 17 00:00:00 2001
From: Christian Couder <chriscool@tuxfamily.org>
Date: Sun, 14 Jul 2019 20:19:13 +0200
Subject: Support rm src branch on merge w/ push option

MergeRequests::PushOptionsHandlerService has been updated to allow
creating and updating merge requests with the
`remove_source_branch` set using git push options.

To create a new merge request and set it to remove the source branch
when it is merged:

  git push -u origin -o merge_request.create \
    -o merge_request.remove_source_branch

To update an existing merge request and set it to remove the source
branch when it is merged:

  git push -u origin -o merge_request.remove_source_branch

Issue https://gitlab.com/gitlab-org/gitlab-ce/issues/64320
---
 .../merge_requests/push_options_handler_service.rb |  8 +++
 changelogs/unreleased/rm-src-branch.yml            |  5 ++
 doc/user/project/merge_requests/index.md           | 14 ++++
 lib/gitlab/push_options.rb                         |  7 +-
 .../push_options_handler_service_spec.rb           | 76 ++++++++++++++++++++++
 5 files changed, 109 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/rm-src-branch.yml

diff --git a/app/services/merge_requests/push_options_handler_service.rb b/app/services/merge_requests/push_options_handler_service.rb
index a24163331e8..7ca8e1d76a3 100644
--- a/app/services/merge_requests/push_options_handler_service.rb
+++ b/app/services/merge_requests/push_options_handler_service.rb
@@ -133,6 +133,10 @@ module MergeRequests
         )
       end
 
+      if push_options.key?(:remove_source_branch)
+        params[:force_remove_source_branch] = push_options[:remove_source_branch]
+      end
+
       params
     end
 
@@ -146,6 +150,10 @@ module MergeRequests
         )
       end
 
+      if push_options.key?(:remove_source_branch)
+        params[:force_remove_source_branch] = push_options[:remove_source_branch]
+      end
+
       if push_options.key?(:target)
         params[:target_branch] = push_options[:target]
       end
diff --git a/changelogs/unreleased/rm-src-branch.yml b/changelogs/unreleased/rm-src-branch.yml
new file mode 100644
index 00000000000..03b91d0c7db
--- /dev/null
+++ b/changelogs/unreleased/rm-src-branch.yml
@@ -0,0 +1,5 @@
+---
+title: Support remove source branch on merge w/ push options
+merge_request: 30728
+author:
+type: added
diff --git a/doc/user/project/merge_requests/index.md b/doc/user/project/merge_requests/index.md
index f593046fa8b..485ce9c351f 100644
--- a/doc/user/project/merge_requests/index.md
+++ b/doc/user/project/merge_requests/index.md
@@ -285,6 +285,7 @@ as pushing changes:
 - Create a new merge request for the pushed branch.
 - Set the target of the merge request to a particular branch.
 - Set the merge request to merge when its pipeline succeeds.
+- Set the merge request to remove the source branch when it's merged.
 
 ### Create a new merge request using git push options
 
@@ -328,6 +329,19 @@ pipeline succeeds at the same time using a `-o` flag per push option:
 git push -o merge_request.create -o merge_request.merge_when_pipeline_succeeds
 ```
 
+### Set removing the source branch using git push options
+
+To set an existing merge request to remove the source branch when the
+merge request is merged, the
+`merge_request.remove_source_branch` push option can be used:
+
+```sh
+git push -o merge_request.remove_source_branch
+```
+
+You can also use this push option in addition to the
+`merge_request.create` push option.
+
 ## Find the merge request that introduced a change
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/2383) in GitLab 10.5.
diff --git a/lib/gitlab/push_options.rb b/lib/gitlab/push_options.rb
index 3137676ba4b..b96590af08e 100644
--- a/lib/gitlab/push_options.rb
+++ b/lib/gitlab/push_options.rb
@@ -4,7 +4,12 @@ module Gitlab
   class PushOptions
     VALID_OPTIONS = HashWithIndifferentAccess.new({
       merge_request: {
-        keys: [:create, :merge_when_pipeline_succeeds, :target]
+        keys: [
+          :create,
+          :merge_when_pipeline_succeeds,
+          :remove_source_branch,
+          :target
+        ]
       },
       ci: {
         keys: [:skip]
diff --git a/spec/services/merge_requests/push_options_handler_service_spec.rb b/spec/services/merge_requests/push_options_handler_service_spec.rb
index 54b9c6dae38..ac40cf02c48 100644
--- a/spec/services/merge_requests/push_options_handler_service_spec.rb
+++ b/spec/services/merge_requests/push_options_handler_service_spec.rb
@@ -90,6 +90,16 @@ describe MergeRequests::PushOptionsHandlerService do
     end
   end
 
+  shared_examples_for 'a service that can remove the source branch when it is merged' do
+    subject(:last_mr) { MergeRequest.last }
+
+    it 'returns true to force_remove_source_branch?' do
+      service.execute
+
+      expect(last_mr.force_remove_source_branch?).to eq(true)
+    end
+  end
+
   shared_examples_for 'a service that does not create a merge request' do
     it do
       expect { service.execute }.not_to change { MergeRequest.count }
@@ -208,6 +218,72 @@ describe MergeRequests::PushOptionsHandlerService do
     end
   end
 
+  describe '`remove_source_branch` push option' do
+    let(:push_options) { { remove_source_branch: true } }
+
+    context 'with a new branch' do
+      let(:changes) { new_branch_changes }
+
+      it_behaves_like 'a service that does not create a merge request'
+
+      it 'adds an error to the service' do
+        error = "A merge_request.create push option is required to create a merge request for branch #{source_branch}"
+
+        service.execute
+
+        expect(service.errors).to include(error)
+      end
+
+      context 'when coupled with the `create` push option' do
+        let(:push_options) { { create: true, remove_source_branch: true } }
+
+        it_behaves_like 'a service that can create a merge request'
+        it_behaves_like 'a service that can remove the source branch when it is merged'
+      end
+    end
+
+    context 'with an existing branch but no open MR' do
+      let(:changes) { existing_branch_changes }
+
+      it_behaves_like 'a service that does not create a merge request'
+
+      it 'adds an error to the service' do
+        error = "A merge_request.create push option is required to create a merge request for branch #{source_branch}"
+
+        service.execute
+
+        expect(service.errors).to include(error)
+      end
+
+      context 'when coupled with the `create` push option' do
+        let(:push_options) { { create: true, remove_source_branch: true } }
+
+        it_behaves_like 'a service that can create a merge request'
+        it_behaves_like 'a service that can remove the source branch when it is merged'
+      end
+    end
+
+    context 'with an existing branch that has a merge request open' do
+      let(:changes) { existing_branch_changes }
+      let!(:merge_request) { create(:merge_request, source_project: project, source_branch: source_branch)}
+
+      it_behaves_like 'a service that does not create a merge request'
+      it_behaves_like 'a service that can remove the source branch when it is merged'
+    end
+
+    context 'with a deleted branch' do
+      let(:changes) { deleted_branch_changes }
+
+      it_behaves_like 'a service that does nothing'
+    end
+
+    context 'with the project default branch' do
+      let(:changes) { default_branch_changes }
+
+      it_behaves_like 'a service that does nothing'
+    end
+  end
+
   describe '`target` push option' do
     let(:push_options) { { target: target_branch } }
 
-- 
cgit v1.2.1


From 0d98f1bba2caf7ee5056510781c61db030551a66 Mon Sep 17 00:00:00 2001
From: Christian Couder <chriscool@tuxfamily.org>
Date: Wed, 17 Jul 2019 09:19:16 +0200
Subject: Refactor create_params and update_params

Let's move shared code between create_params and update_params
into a new base_params.

update_params becomes very thin, but it still may be clearer that
the params are being shared if we have a method called
base_params, rather than have create_params merge in
update_params.
---
 .../merge_requests/push_options_handler_service.rb | 42 ++++++++++------------
 1 file changed, 19 insertions(+), 23 deletions(-)

diff --git a/app/services/merge_requests/push_options_handler_service.rb b/app/services/merge_requests/push_options_handler_service.rb
index 7ca8e1d76a3..6d70b5106c7 100644
--- a/app/services/merge_requests/push_options_handler_service.rb
+++ b/app/services/merge_requests/push_options_handler_service.rb
@@ -117,14 +117,8 @@ module MergeRequests
       collect_errors_from_merge_request(merge_request) unless merge_request.valid?
     end
 
-    def create_params(branch)
-      params = {
-        assignees: [current_user],
-        source_branch: branch,
-        source_project: project,
-        target_branch: push_options[:target] || target_project.default_branch,
-        target_project: target_project
-      }
+    def base_params
+      params = {}
 
       if push_options.key?(:merge_when_pipeline_succeeds)
         params.merge!(
@@ -137,30 +131,32 @@ module MergeRequests
         params[:force_remove_source_branch] = push_options[:remove_source_branch]
       end
 
+      if push_options.key?(:target)
+        params[:target_branch] = push_options[:target]
+      end
+
       params
     end
 
-    def update_params
-      params = {}
-
-      if push_options.key?(:merge_when_pipeline_succeeds)
-        params.merge!(
-          merge_when_pipeline_succeeds: push_options[:merge_when_pipeline_succeeds],
-          merge_user: current_user
-        )
-      end
+    def create_params(branch)
+      params = base_params
 
-      if push_options.key?(:remove_source_branch)
-        params[:force_remove_source_branch] = push_options[:remove_source_branch]
-      end
+      params.merge!(
+        assignees: [current_user],
+        source_branch: branch,
+        source_project: project,
+        target_project: target_project
+      )
 
-      if push_options.key?(:target)
-        params[:target_branch] = push_options[:target]
-      end
+      params[:target_branch] ||= target_project.default_branch
 
       params
     end
 
+    def update_params
+      base_params
+    end
+
     def collect_errors_from_merge_request(merge_request)
       merge_request.errors.full_messages.each do |error|
         errors << error
-- 
cgit v1.2.1


From 6c27c0d394b70be4f2a2e0fa047f6844199c2661 Mon Sep 17 00:00:00 2001
From: Bob Van Landuyt <bob@vanlanduyt.co>
Date: Fri, 12 Jul 2019 11:10:54 +0200
Subject: Filter params in MR build service

Reusing the existing `IssuableBaseService#filter_params` which uses
the policies to determine what params a user can set, and which values
it can be set to.

This also removed the need for the seperate call to
`IssuableBaseService#ensure_milestone_available`.

The `Issues::BuildService` does not suffer from this because it limits
the params that are assignable to the `title`, `description` and
`milestone_id`.
---
 app/services/merge_requests/build_service.rb       | 28 ++++++++---
 .../unreleased/security-bvl-filter-mr-params.yml   |  5 ++
 ...ess_private_project_info_through_new_mr_spec.rb | 56 ++++++++++++++++++++++
 ...ccess_private_repository_through_new_mr_spec.rb | 37 --------------
 spec/services/merge_requests/build_service_spec.rb | 37 +++++++++++++-
 5 files changed, 119 insertions(+), 44 deletions(-)
 create mode 100644 changelogs/unreleased/security-bvl-filter-mr-params.yml
 create mode 100644 spec/features/merge_request/user_tries_to_access_private_project_info_through_new_mr_spec.rb
 delete mode 100644 spec/features/merge_request/user_tries_to_access_private_repository_through_new_mr_spec.rb

diff --git a/app/services/merge_requests/build_service.rb b/app/services/merge_requests/build_service.rb
index 109c964e577..b28f80939ae 100644
--- a/app/services/merge_requests/build_service.rb
+++ b/app/services/merge_requests/build_service.rb
@@ -11,15 +11,18 @@ module MergeRequests
       # https://gitlab.com/gitlab-org/gitlab-ce/issues/53658
       merge_quick_actions_into_params!(merge_request, only: [:target_branch])
       merge_request.merge_params['force_remove_source_branch'] = params.delete(:force_remove_source_branch) if params.has_key?(:force_remove_source_branch)
-      merge_request.assign_attributes(params)
 
+      # Assign the projects first so we can use policies for `filter_params`
       merge_request.author = current_user
+      merge_request.source_project = find_source_project
+      merge_request.target_project = find_target_project
+
+      filter_params(merge_request)
+      merge_request.assign_attributes(params.to_h.compact)
+
       merge_request.compare_commits = []
-      merge_request.source_project  = find_source_project
-      merge_request.target_project  = find_target_project
-      merge_request.target_branch   = find_target_branch
-      merge_request.can_be_created  = projects_and_branches_valid?
-      ensure_milestone_available(merge_request)
+      merge_request.target_branch = find_target_branch
+      merge_request.can_be_created = projects_and_branches_valid?
 
       # compare branches only if branches are valid, otherwise
       # compare_branches may raise an error
@@ -50,12 +53,14 @@ module MergeRequests
              to: :merge_request
 
     def find_source_project
+      source_project = project_from_params(:source_project)
       return source_project if source_project.present? && can?(current_user, :create_merge_request_from, source_project)
 
       project
     end
 
     def find_target_project
+      target_project = project_from_params(:target_project)
       return target_project if target_project.present? && can?(current_user, :create_merge_request_in, target_project)
 
       target_project = project.default_merge_request_target
@@ -65,6 +70,17 @@ module MergeRequests
       project
     end
 
+    def project_from_params(param_name)
+      project_from_params = params.delete(param_name)
+
+      id_param_name = :"#{param_name}_id"
+      if project_from_params.nil? && params[id_param_name]
+        project_from_params = Project.find_by_id(params.delete(id_param_name))
+      end
+
+      project_from_params
+    end
+
     def find_target_branch
       target_branch || target_project.default_branch
     end
diff --git a/changelogs/unreleased/security-bvl-filter-mr-params.yml b/changelogs/unreleased/security-bvl-filter-mr-params.yml
new file mode 100644
index 00000000000..4433ec73b7c
--- /dev/null
+++ b/changelogs/unreleased/security-bvl-filter-mr-params.yml
@@ -0,0 +1,5 @@
+---
+title: Filter merge request params on the new merge request page
+merge_request:
+author:
+type: security
diff --git a/spec/features/merge_request/user_tries_to_access_private_project_info_through_new_mr_spec.rb b/spec/features/merge_request/user_tries_to_access_private_project_info_through_new_mr_spec.rb
new file mode 100644
index 00000000000..1ebe9e2e409
--- /dev/null
+++ b/spec/features/merge_request/user_tries_to_access_private_project_info_through_new_mr_spec.rb
@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'Merge Request > User tries to access private project information through the new mr page' do
+  let(:current_user) { create(:user) }
+  let(:private_project) do
+    create(:project, :public, :repository,
+           path: 'nothing-to-see-here',
+           name: 'nothing to see here',
+           repository_access_level: ProjectFeature::PRIVATE)
+  end
+  let(:owned_project) do
+    create(:project, :public, :repository,
+           namespace: current_user.namespace,
+           creator: current_user)
+  end
+
+  context 'when the user enters the querystring info for the other project' do
+    let(:mr_path) do
+      project_new_merge_request_diffs_path(
+        owned_project,
+        merge_request: {
+          source_project_id: private_project.id,
+          source_branch: 'feature'
+        }
+      )
+    end
+
+    before do
+      sign_in current_user
+      visit mr_path
+    end
+
+    it "does not mention the project the user can't see the repo of" do
+      expect(page).not_to have_content('nothing-to-see-here')
+    end
+
+    context 'when the user enters label information from the private project in the querystring' do
+      let(:inaccessible_label) { create(:label, project: private_project) }
+      let(:mr_path) do
+        project_new_merge_request_path(
+          owned_project,
+          merge_request: {
+            label_ids: [inaccessible_label.id],
+            source_branch: 'feature'
+          }
+        )
+      end
+
+      it 'does not expose the label name' do
+        expect(page).not_to have_content(inaccessible_label.name)
+      end
+    end
+  end
+end
diff --git a/spec/features/merge_request/user_tries_to_access_private_repository_through_new_mr_spec.rb b/spec/features/merge_request/user_tries_to_access_private_repository_through_new_mr_spec.rb
deleted file mode 100644
index 9318b5f1ebb..00000000000
--- a/spec/features/merge_request/user_tries_to_access_private_repository_through_new_mr_spec.rb
+++ /dev/null
@@ -1,37 +0,0 @@
-require 'spec_helper'
-
-describe 'Merge Request > Tries to access private repo of public project' do
-  let(:current_user) { create(:user) }
-  let(:private_project) do
-    create(:project, :public, :repository,
-           path: 'nothing-to-see-here',
-           name: 'nothing to see here',
-           repository_access_level: ProjectFeature::PRIVATE)
-  end
-  let(:owned_project) do
-    create(:project, :public, :repository,
-           namespace: current_user.namespace,
-           creator: current_user)
-  end
-
-  context 'when the user enters the querystring info for the other project' do
-    let(:mr_path) do
-      project_new_merge_request_diffs_path(
-        owned_project,
-        merge_request: {
-          source_project_id: private_project.id,
-          source_branch: 'feature'
-        }
-      )
-    end
-
-    before do
-      sign_in current_user
-      visit mr_path
-    end
-
-    it "does not mention the project the user can't see the repo of" do
-      expect(page).not_to have_content('nothing-to-see-here')
-    end
-  end
-end
diff --git a/spec/services/merge_requests/build_service_spec.rb b/spec/services/merge_requests/build_service_spec.rb
index 5c3b209086c..f18239f6d39 100644
--- a/spec/services/merge_requests/build_service_spec.rb
+++ b/spec/services/merge_requests/build_service_spec.rb
@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-
 require 'spec_helper'
 
 describe MergeRequests::BuildService do
@@ -225,6 +224,11 @@ describe MergeRequests::BuildService do
             let(:label_ids) { [label2.id] }
             let(:milestone_id) { milestone2.id }
 
+            before do
+              # Guests are not able to assign labels or milestones to an issue
+              project.add_developer(user)
+            end
+
             it 'assigns milestone_id and label_ids instead of issue labels and milestone' do
               expect(merge_request.milestone).to eq(milestone2)
               expect(merge_request.labels).to match_array([label2])
@@ -479,4 +483,35 @@ describe MergeRequests::BuildService do
       end
     end
   end
+
+  context 'when assigning labels' do
+    let(:label_ids) { [create(:label, project: project).id] }
+
+    context 'for members with less than developer access' do
+      it 'is not allowed' do
+        expect(merge_request.label_ids).to be_empty
+      end
+    end
+
+    context 'for users allowed to assign labels' do
+      before do
+        project.add_developer(user)
+      end
+
+      context 'for labels in the project' do
+        it 'is allowed for developers' do
+          expect(merge_request.label_ids).to contain_exactly(*label_ids)
+        end
+      end
+
+      context 'for unrelated labels' do
+        let(:project_label) { create(:label, project: project) }
+        let(:label_ids) { [create(:label).id, project_label.id] }
+
+        it 'only assigns related labels' do
+          expect(merge_request.label_ids).to contain_exactly(project_label.id)
+        end
+      end
+    end
+  end
 end
-- 
cgit v1.2.1


From 4e814c257b74ac78a50f54ec57b1e1c7f78d43b7 Mon Sep 17 00:00:00 2001
From: Gaetan Semet <gaetan.semet@renault.com>
Date: Mon, 15 Jul 2019 14:47:47 +0200
Subject: Multiple pipeline support for Build status

This allows user to specify the pipeline ID
when several pipelines has been triggered
on the same branch and commit.

Signed-off-by: Gaetan Semet <gaetan.semet@renault.com>
---
 changelogs/unreleased/21671-multiple-pipeline-status-api.yml | 5 +++++
 doc/api/commits.md                                           | 1 +
 lib/api/commit_statuses.rb                                   | 7 ++++++-
 3 files changed, 12 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/21671-multiple-pipeline-status-api.yml

diff --git a/changelogs/unreleased/21671-multiple-pipeline-status-api.yml b/changelogs/unreleased/21671-multiple-pipeline-status-api.yml
new file mode 100644
index 00000000000..f87366803e2
--- /dev/null
+++ b/changelogs/unreleased/21671-multiple-pipeline-status-api.yml
@@ -0,0 +1,5 @@
+---
+title: Multiple pipeline support for Commit status
+merge_request: 21671
+author: Gaetan Semet
+type: changed
diff --git a/doc/api/commits.md b/doc/api/commits.md
index 6eb4c47415f..a6264897e5e 100644
--- a/doc/api/commits.md
+++ b/doc/api/commits.md
@@ -581,6 +581,7 @@ POST /projects/:id/statuses/:sha
 | `target_url` |  string  | no  | The target URL to associate with this status
 | `description` | string  | no  | The short description of the status
 | `coverage` | float  | no    | The total code coverage
+| `pipeline_id` |  integer  | no  | The id of the pipeline to set status. Use in case of several pipeline on same sha.
 
 ```bash
 curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/17/statuses/18f3e63d05582537db6d183d9d557be09e1f90c8?state=success"
diff --git a/lib/api/commit_statuses.rb b/lib/api/commit_statuses.rb
index 08b4f8db8b0..61cf929bcdc 100644
--- a/lib/api/commit_statuses.rb
+++ b/lib/api/commit_statuses.rb
@@ -52,6 +52,7 @@ module API
         optional :name,        type: String,  desc: 'A string label to differentiate this status from the status of other systems. Default: "default"'
         optional :context,     type: String,  desc: 'A string label to differentiate this status from the status of other systems. Default: "default"'
         optional :coverage,    type: Float,   desc: 'The total code coverage'
+        optional :pipeline_id, type: Integer, desc: 'An existing pipeline id, when multiple pipelines on the same commit sha have been triggered'
       end
       # rubocop: disable CodeReuse/ActiveRecord
       post ':id/statuses/:sha' do
@@ -72,8 +73,12 @@ module API
         not_found! 'References for commit' unless ref
 
         name = params[:name] || params[:context] || 'default'
+        pipeline = if params[:pipeline_id]
+                     @project.ci_pipelines.find_by(id: params[:pipeline_id])
+                   else
+                     @project.pipeline_for(ref, commit.sha)
+                   end
 
-        pipeline = @project.pipeline_for(ref, commit.sha)
         unless pipeline
           pipeline = @project.ci_pipelines.create!(
             source: :external,
-- 
cgit v1.2.1


From 6796dcf27715f9a149387bb80e7a359208602f1f Mon Sep 17 00:00:00 2001
From: Vladimir Shushlin <vshushlin@gitlab.com>
Date: Wed, 17 Jul 2019 12:56:58 +0000
Subject: Fix wrong pages access level default

- Set access level in before_validation hook
- Add post migration for updating existing project_features
---
 app/models/project_feature.rb                      |   2 +
 .../20190703185326_fix_wrong_pages_access_level.rb |  28 +++++
 ..._project_features_pages_access_level_default.rb |  12 ++
 db/schema.rb                                       |   4 +-
 .../background_migration/fix_pages_access_level.rb | 128 +++++++++++++++++++++
 .../fix_wrong_pages_access_level_spec.rb           |  97 ++++++++++++++++
 spec/models/project_feature_spec.rb                |  28 +++++
 spec/support/helpers/stub_configuration.rb         |   4 +
 8 files changed, 301 insertions(+), 2 deletions(-)
 create mode 100644 db/post_migrate/20190703185326_fix_wrong_pages_access_level.rb
 create mode 100644 db/post_migrate/20190715114644_drop_project_features_pages_access_level_default.rb
 create mode 100644 lib/gitlab/background_migration/fix_pages_access_level.rb
 create mode 100644 spec/migrations/fix_wrong_pages_access_level_spec.rb

diff --git a/app/models/project_feature.rb b/app/models/project_feature.rb
index 7ff06655de0..78e82955342 100644
--- a/app/models/project_feature.rb
+++ b/app/models/project_feature.rb
@@ -86,6 +86,8 @@ class ProjectFeature < ApplicationRecord
   default_value_for :wiki_access_level,           value: ENABLED, allows_nil: false
   default_value_for :repository_access_level,     value: ENABLED, allows_nil: false
 
+  default_value_for(:pages_access_level, allows_nil: false) { |feature| feature.project&.public? ? ENABLED : PRIVATE }
+
   def feature_available?(feature, user)
     # This feature might not be behind a feature flag at all, so default to true
     return false unless ::Feature.enabled?(feature, user, default_enabled: true)
diff --git a/db/post_migrate/20190703185326_fix_wrong_pages_access_level.rb b/db/post_migrate/20190703185326_fix_wrong_pages_access_level.rb
new file mode 100644
index 00000000000..e5981956cf5
--- /dev/null
+++ b/db/post_migrate/20190703185326_fix_wrong_pages_access_level.rb
@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+class FixWrongPagesAccessLevel < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  MIGRATION = 'FixPagesAccessLevel'
+  BATCH_SIZE = 20_000
+  BATCH_TIME = 2.minutes
+
+  disable_ddl_transaction!
+
+  class ProjectFeature < ActiveRecord::Base
+    include ::EachBatch
+
+    self.table_name = 'project_features'
+    self.inheritance_column = :_type_disabled
+  end
+
+  def up
+    queue_background_migration_jobs_by_range_at_intervals(
+      ProjectFeature,
+      MIGRATION,
+      BATCH_TIME,
+      batch_size: BATCH_SIZE)
+  end
+end
diff --git a/db/post_migrate/20190715114644_drop_project_features_pages_access_level_default.rb b/db/post_migrate/20190715114644_drop_project_features_pages_access_level_default.rb
new file mode 100644
index 00000000000..2fb0aa0f460
--- /dev/null
+++ b/db/post_migrate/20190715114644_drop_project_features_pages_access_level_default.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class DropProjectFeaturesPagesAccessLevelDefault < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+  ENABLED_VALUE = 20
+
+  def change
+    change_column_default :project_features, :pages_access_level, from: ENABLED_VALUE, to: nil
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 644ca1fe970..f752211f2ec 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2019_07_03_130053) do
+ActiveRecord::Schema.define(version: 2019_07_15_114644) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "pg_trgm"
@@ -2507,7 +2507,7 @@ ActiveRecord::Schema.define(version: 2019_07_03_130053) do
     t.datetime "created_at"
     t.datetime "updated_at"
     t.integer "repository_access_level", default: 20, null: false
-    t.integer "pages_access_level", default: 20, null: false
+    t.integer "pages_access_level", null: false
     t.index ["project_id"], name: "index_project_features_on_project_id", unique: true, using: :btree
   end
 
diff --git a/lib/gitlab/background_migration/fix_pages_access_level.rb b/lib/gitlab/background_migration/fix_pages_access_level.rb
new file mode 100644
index 00000000000..0d49f3dd8c5
--- /dev/null
+++ b/lib/gitlab/background_migration/fix_pages_access_level.rb
@@ -0,0 +1,128 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module BackgroundMigration
+    # corrects stored pages access level on db depending on project visibility
+    class FixPagesAccessLevel
+      # Copy routable here to avoid relying on application logic
+      module Routable
+        def build_full_path
+          if parent && path
+            parent.build_full_path + '/' + path
+          else
+            path
+          end
+        end
+      end
+
+      # Namespace
+      class Namespace < ApplicationRecord
+        self.table_name = 'namespaces'
+        self.inheritance_column = :_type_disabled
+
+        include Routable
+
+        belongs_to :parent, class_name: "Namespace"
+      end
+
+      # Project
+      class Project < ActiveRecord::Base
+        self.table_name = 'projects'
+        self.inheritance_column = :_type_disabled
+
+        include Routable
+
+        belongs_to :namespace
+        alias_method :parent, :namespace
+        alias_attribute :parent_id, :namespace_id
+
+        PRIVATE = 0
+        INTERNAL = 10
+        PUBLIC = 20
+
+        def pages_deployed?
+          Dir.exist?(public_pages_path)
+        end
+
+        def public_pages_path
+          File.join(pages_path, 'public')
+        end
+
+        def pages_path
+          # TODO: when we migrate Pages to work with new storage types, change here to use disk_path
+          File.join(Settings.pages.path, build_full_path)
+        end
+      end
+
+      # ProjectFeature
+      class ProjectFeature < ActiveRecord::Base
+        include ::EachBatch
+
+        self.table_name = 'project_features'
+
+        belongs_to :project
+
+        PRIVATE = 10
+        ENABLED = 20
+        PUBLIC  = 30
+      end
+
+      def perform(start_id, stop_id)
+        fix_public_access_level(start_id, stop_id)
+
+        make_internal_projects_public(start_id, stop_id)
+
+        fix_private_access_level(start_id, stop_id)
+      end
+
+      private
+
+      def access_control_is_enabled
+        @access_control_is_enabled = Gitlab.config.pages.access_control
+      end
+
+      # Public projects are allowed to have only enabled pages_access_level
+      # which is equivalent to public
+      def fix_public_access_level(start_id, stop_id)
+        project_features(start_id, stop_id, ProjectFeature::PUBLIC, Project::PUBLIC).each_batch do |features|
+          features.update_all(pages_access_level: ProjectFeature::ENABLED)
+        end
+      end
+
+      # If access control is disabled and project has pages deployed
+      # project will become unavailable when access control will become enabled
+      # we make these projects public to avoid negative surprise to user
+      def make_internal_projects_public(start_id, stop_id)
+        return if access_control_is_enabled
+
+        project_features(start_id, stop_id, ProjectFeature::ENABLED, Project::INTERNAL).find_each do |project_feature|
+          next unless project_feature.project.pages_deployed?
+
+          project_feature.update(pages_access_level: ProjectFeature::PUBLIC)
+        end
+      end
+
+      # Private projects are not allowed to have enabled access level, only `private` and `public`
+      # If access control is enabled, these projects currently behave as if the have `private` pages_access_level
+      # if access control is disabled, these projects currently behave as if the have `public` pages_access_level
+      # so we preserve this behaviour for projects with pages already deployed
+      # for project without pages we always set `private` access_level
+      def fix_private_access_level(start_id, stop_id)
+        project_features(start_id, stop_id, ProjectFeature::ENABLED, Project::PRIVATE).find_each do |project_feature|
+          if access_control_is_enabled
+            project_feature.update!(pages_access_level: ProjectFeature::PRIVATE)
+          else
+            fixed_access_level = project_feature.project.pages_deployed? ? ProjectFeature::PUBLIC : ProjectFeature::PRIVATE
+            project_feature.update!(pages_access_level: fixed_access_level)
+          end
+        end
+      end
+
+      def project_features(start_id, stop_id, pages_access_level, project_visibility_level)
+        ProjectFeature.where(id: start_id..stop_id).joins(:project)
+          .where(pages_access_level: pages_access_level)
+          .where(projects: { visibility_level: project_visibility_level })
+      end
+    end
+  end
+end
diff --git a/spec/migrations/fix_wrong_pages_access_level_spec.rb b/spec/migrations/fix_wrong_pages_access_level_spec.rb
new file mode 100644
index 00000000000..75ac5d919b2
--- /dev/null
+++ b/spec/migrations/fix_wrong_pages_access_level_spec.rb
@@ -0,0 +1,97 @@
+require 'spec_helper'
+require Rails.root.join('db', 'post_migrate', '20190703185326_fix_wrong_pages_access_level.rb')
+
+describe FixWrongPagesAccessLevel, :migration, :sidekiq, schema: 20190628185004 do
+  using RSpec::Parameterized::TableSyntax
+
+  let(:migration_class) { described_class::MIGRATION }
+  let(:migration_name)  { migration_class.to_s.demodulize }
+
+  project_class = ::Gitlab::BackgroundMigration::FixPagesAccessLevel::Project
+  feature_class = ::Gitlab::BackgroundMigration::FixPagesAccessLevel::ProjectFeature
+
+  let(:namespaces_table) { table(:namespaces) }
+  let(:projects_table) { table(:projects) }
+  let(:features_table) { table(:project_features) }
+
+  let(:subgroup) do
+    root_group = namespaces_table.create(path: "group", name: "group")
+    namespaces_table.create!(path: "subgroup", name: "group", parent_id: root_group.id)
+  end
+
+  def create_project_feature(path, project_visibility, pages_access_level)
+    project = projects_table.create!(path: path, visibility_level: project_visibility,
+                                     namespace_id: subgroup.id)
+    features_table.create!(project_id: project.id, pages_access_level: pages_access_level)
+  end
+
+  it 'correctly schedules background migrations' do
+    Sidekiq::Testing.fake! do
+      Timecop.freeze do
+        first_id = create_project_feature("project1", project_class::PRIVATE, feature_class::PRIVATE).id
+        last_id = create_project_feature("project2", project_class::PRIVATE, feature_class::PUBLIC).id
+
+        migrate!
+
+        expect(migration_name).to be_scheduled_delayed_migration(2.minutes, first_id, last_id)
+        expect(BackgroundMigrationWorker.jobs.size).to eq(1)
+      end
+    end
+  end
+
+  def expect_migration
+    expect do
+      perform_enqueued_jobs do
+        migrate!
+      end
+    end
+  end
+
+  where(:project_visibility, :pages_access_level, :access_control_is_enabled,
+        :pages_deployed, :resulting_pages_access_level) do
+    # update settings for public projects regardless of access_control being enabled
+    project_class::PUBLIC | feature_class::PUBLIC | true | true  | feature_class::ENABLED
+    project_class::PUBLIC | feature_class::PUBLIC | false | true | feature_class::ENABLED
+    # don't update public level for private and internal projects
+    project_class::PRIVATE | feature_class::PUBLIC  | true | true | feature_class::PUBLIC
+    project_class::INTERNAL | feature_class::PUBLIC | true | true | feature_class::PUBLIC
+
+    # if access control is disabled but pages are deployed we make them public
+    project_class::INTERNAL | feature_class::ENABLED | false | true  | feature_class::PUBLIC
+    # don't change anything if one of the conditions is not satisfied
+    project_class::INTERNAL | feature_class::ENABLED | true  | true  | feature_class::ENABLED
+    project_class::INTERNAL | feature_class::ENABLED | true  | false | feature_class::ENABLED
+
+    # private projects
+    # if access control is enabled update pages_access_level to private regardless of deployment
+    project_class::PRIVATE | feature_class::ENABLED | true  | true  | feature_class::PRIVATE
+    project_class::PRIVATE | feature_class::ENABLED | true  | false | feature_class::PRIVATE
+    # if access control is disabled and pages are deployed update pages_access_level to public
+    project_class::PRIVATE | feature_class::ENABLED | false | true  | feature_class::PUBLIC
+    # if access control is disabled but pages aren't deployed update pages_access_level to private
+    project_class::PRIVATE | feature_class::ENABLED | false | false | feature_class::PRIVATE
+  end
+
+  with_them do
+    let!(:project_feature) do
+      create_project_feature("projectpath", project_visibility, pages_access_level)
+    end
+
+    before do
+      tested_path = File.join(Settings.pages.path, "group/subgroup/projectpath", "public")
+      allow(Dir).to receive(:exist?).with(tested_path).and_return(pages_deployed)
+
+      stub_pages_setting(access_control: access_control_is_enabled)
+    end
+
+    it "sets proper pages_access_level" do
+      expect(project_feature.reload.pages_access_level).to eq(pages_access_level)
+
+      perform_enqueued_jobs do
+        migrate!
+      end
+
+      expect(project_feature.reload.pages_access_level).to eq(resulting_pages_access_level)
+    end
+  end
+end
diff --git a/spec/models/project_feature_spec.rb b/spec/models/project_feature_spec.rb
index 50c9d5968ac..31e55bf6be6 100644
--- a/spec/models/project_feature_spec.rb
+++ b/spec/models/project_feature_spec.rb
@@ -150,4 +150,32 @@ describe ProjectFeature do
       end
     end
   end
+
+  describe 'default pages access level' do
+    subject { project.project_feature.pages_access_level }
+
+    before do
+      # project factory overrides all values in project_feature after creation
+      project.project_feature.destroy!
+      project.build_project_feature.save!
+    end
+
+    context 'when new project is private' do
+      let(:project) { create(:project, :private) }
+
+      it { is_expected.to eq(ProjectFeature::PRIVATE) }
+    end
+
+    context 'when new project is internal' do
+      let(:project) { create(:project, :internal) }
+
+      it { is_expected.to eq(ProjectFeature::PRIVATE) }
+    end
+
+    context 'when new project is public' do
+      let(:project) { create(:project, :public) }
+
+      it { is_expected.to eq(ProjectFeature::ENABLED) }
+    end
+  end
 end
diff --git a/spec/support/helpers/stub_configuration.rb b/spec/support/helpers/stub_configuration.rb
index c372a3f0e49..049702be1f6 100644
--- a/spec/support/helpers/stub_configuration.rb
+++ b/spec/support/helpers/stub_configuration.rb
@@ -65,6 +65,10 @@ module StubConfiguration
     allow(Gitlab.config.artifacts).to receive_messages(to_settings(messages))
   end
 
+  def stub_pages_setting(messages)
+    allow(Gitlab.config.pages).to receive_messages(to_settings(messages))
+  end
+
   def stub_storage_settings(messages)
     messages.deep_stringify_keys!
 
-- 
cgit v1.2.1


From db782d184010b14858e3de8400531f841ee474e7 Mon Sep 17 00:00:00 2001
From: Vladimir Shushlin <vshushlin@gitlab.com>
Date: Wed, 17 Jul 2019 13:00:46 +0000
Subject: Add docs for Let's Encrypt integration

* Add deprecation warning to old integration
* Add user docs
* Add admin docs
---
 app/views/projects/pages_domains/_form.html.haml   |   2 +-
 .../pages/img/lets_encrypt_integration_v12_1.png   | Bin 0 -> 98409 bytes
 doc/administration/pages/index.md                  |  17 ++++++
 .../img/lets_encrypt_integration_v12_1.png         | Bin 0 -> 35040 bytes
 .../custom_domains_ssl_tls_certification/index.md  |  11 +++-
 .../lets_encrypt_integration.md                    |  68 +++++++++++++++++++++
 doc/user/project/pages/index.md                    |   2 +-
 .../project/pages/lets_encrypt_for_gitlab_pages.md |  11 +++-
 8 files changed, 105 insertions(+), 6 deletions(-)
 create mode 100644 doc/administration/pages/img/lets_encrypt_integration_v12_1.png
 create mode 100644 doc/user/project/pages/custom_domains_ssl_tls_certification/img/lets_encrypt_integration_v12_1.png
 create mode 100644 doc/user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md

diff --git a/app/views/projects/pages_domains/_form.html.haml b/app/views/projects/pages_domains/_form.html.haml
index 0e5c65a2f72..4aa1e574d93 100644
--- a/app/views/projects/pages_domains/_form.html.haml
+++ b/app/views/projects/pages_domains/_form.html.haml
@@ -33,7 +33,7 @@
             = sprite_icon("status_success_borderless", size: 16, css_class: "toggle-icon-svg toggle-status-checked")
             = sprite_icon("status_failed_borderless", size: 16, css_class: "toggle-icon-svg toggle-status-unchecked")
         %p.text-secondary.mt-3
-          - docs_link_url = help_page_path("user/project/pages/lets_encrypt_for_gitlab_pages.md", anchor: "lets-encrypt-for-gitlab-pages")
+          - docs_link_url = help_page_path("user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md")
           - docs_link_start = "<a href=\"%{docs_link_url}\" target=\"_blank\" rel=\"noopener noreferrer\" class=\"text-nowrap\">".html_safe % { docs_link_url: docs_link_url }
           - docs_link_end = "</a>".html_safe
           = _("Let's Encrypt is a free, automated, and open certificate authority (CA) that gives digital certificates in order to enable HTTPS (SSL/TLS) for websites. Learn more about Let's Encrypt configuration by following the %{docs_link_start}documentation on GitLab Pages%{docs_link_end}.").html_safe % { docs_link_url: docs_link_url, docs_link_start: docs_link_start, docs_link_end: docs_link_end }
diff --git a/doc/administration/pages/img/lets_encrypt_integration_v12_1.png b/doc/administration/pages/img/lets_encrypt_integration_v12_1.png
new file mode 100644
index 00000000000..5ab63074e12
Binary files /dev/null and b/doc/administration/pages/img/lets_encrypt_integration_v12_1.png differ
diff --git a/doc/administration/pages/index.md b/doc/administration/pages/index.md
index 3cabe8eb16e..774e7056845 100644
--- a/doc/administration/pages/index.md
+++ b/doc/administration/pages/index.md
@@ -265,6 +265,23 @@ verification requirement. Navigate to `Admin area ➔ Settings` and uncheck
 **Require users to prove ownership of custom domains** in the Pages section.
 This setting is enabled by default.
 
+### Let's Encrypt integration
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/28996) in GitLab 12.1.
+
+[GitLab Pages' Let's Encrypt integration](../../user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md)
+allows users to add Let's Encrypt SSL certificates for GitLab Pages
+sites served under a custom domain.
+
+To enable it, you'll need to:
+
+1. Choose an email on which you will recieve notifications about expiring domains.
+1. Navigate to your instance's **Admin Area > Settings > Preferences** and expand **Pages** settings.
+1. Enter the email for receiving notifications and accept Let's Encrypt's Terms of Service as shown below.
+1. Click **Save changes**.
+
+![Let's Encrypt settings](img/lets_encrypt_integration_v12_1.png)
+
 ### Access control
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/33422) in GitLab 11.5.
diff --git a/doc/user/project/pages/custom_domains_ssl_tls_certification/img/lets_encrypt_integration_v12_1.png b/doc/user/project/pages/custom_domains_ssl_tls_certification/img/lets_encrypt_integration_v12_1.png
new file mode 100644
index 00000000000..2e825e84d92
Binary files /dev/null and b/doc/user/project/pages/custom_domains_ssl_tls_certification/img/lets_encrypt_integration_v12_1.png differ
diff --git a/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md b/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md
index 219e141d72e..54ecc42d2b9 100644
--- a/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md
+++ b/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md
@@ -204,6 +204,14 @@ can use the following setup:
 
 Read this document for an [overview on SSL/TLS certification](ssl_tls_concepts.md).
 
+To secure your custom domain with GitLab Pages you can opt by:
+
+- Using the [Let's Encrypt integration with GitLab Pages](lets_encrypt_integration.md),
+  which automatically obtains and renews SSL certificates
+  for your Pages domains.
+- Manually adding SSL/TLS certificates to GitLab Pages websites
+  by following the steps below.
+
 ### Requirements
 
 - A GitLab Pages website up and running accessible via a custom domain.
@@ -255,6 +263,7 @@ To enable this setting:
 1. Navigate to your project's **Settings > Pages**.
 1. Tick the checkbox **Force HTTPS (requires valid certificates)**.
 
+
 <!-- ## Troubleshooting
 
 Include any troubleshooting steps that you can foresee. If you know beforehand what issues
@@ -265,4 +274,4 @@ questions that you know someone might ask.
 
 Each scenario can be a third-level heading, e.g. `### Getting error message X`.
 If you have none to add when creating a doc, leave this section in place
-but commented out to help encourage others to add to it in the future. -->
\ No newline at end of file
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md b/doc/user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md
new file mode 100644
index 00000000000..7675a5dd9d4
--- /dev/null
+++ b/doc/user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md
@@ -0,0 +1,68 @@
+---
+type: reference
+description: "Automatic Let's Encrypt SSL certificates for GitLab Pages."
+---
+
+# GitLab Pages integration with Let's Encrypt
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/28996) in GitLab 12.1.
+
+The GitLab Pages integration with Let's Encrypt (LE) allows you
+to use LE certificates for your Pages website with custom domains
+without the hassle of having to issue and update them yourself;
+GitLab does it for you, out-of-the-box.
+
+[Let's Encrypt](https://letsencrypt.org) is a free, automated, and
+open source Certificate Authority.
+
+## Requirements
+
+Before you can enable automatic provisioning of a SSL certificate for your domain, make sure you have:
+
+- Created a [project](../getting_started_part_two.md) in GitLab
+  containing your website's source code.
+- Acquired a domain (`example.com`) and added a [DNS entry](index.md)
+  pointing it to your Pages website.
+- [Added your domain to your Pages project](index.md#1-add-a-custom-domain-to-pages)
+  and verified your ownership.
+- Have your website up and running, accessible through your custom domain.
+
+NOTE: **Note:**
+GitLab's Let's Encrypt integration is enabled and available on GitLab.com.
+For **self-managed** GitLab instances, make sure your administrator has
+[enabled it](../../../../administration/pages/index.md#lets-encrypt-integration).
+
+## Enabling Let's Encrypt integration for your custom domain
+
+Once you've met the requirements, to enable Let's Encrypt integration:
+
+1. Navigate to your project's **Settings > Pages**.
+1. Find your domain and click **Details**.
+1. Click **Edit** in the top-right corner.
+1. Enable Let's Encrypt integration by switching **Automatic certificate management using Let's Encrypt**:
+
+    ![Enable Let's Encrypt](img/lets_encrypt_integration_v12_1.png)
+
+1. Click **Save changes**.
+
+Once enabled, GitLab will obtain a LE certificate and add it to the
+associated Pages domain. It will be also renewed automatically by GitLab.
+
+> **Notes:**
+>
+> - Issuing the certificate and updating Pages configuration
+>   **can take up to an hour**.
+> - If you already have SSL certificate in domain settings it
+>   will continue to work until it will be replaced by Let's Encrypt's certificate.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/project/pages/index.md b/doc/user/project/pages/index.md
index e9d2e9a0059..25944b029d7 100644
--- a/doc/user/project/pages/index.md
+++ b/doc/user/project/pages/index.md
@@ -143,8 +143,8 @@ To learn more about configuration options for GitLab Pages, read the following:
 | [Exploring GitLab Pages](introduction.md) | Requirements, technical aspects, specific GitLab CI's configuration options, Access Control, custom 404 pages, limitations, FAQ. |
 |---+---|
 | [Custom domains and SSL/TLS Certificates](custom_domains_ssl_tls_certification/index.md) | How to add custom domains and subdomains to your website, configure DNS records and SSL/TLS certificates. |
+| [Let's Encrypt integration](custom_domains_ssl_tls_certification/lets_encrypt_integration.md) | Secure your Pages sites with Let's Encrypt certificates automatically obtained and renewed by GitLab. |
 | [CloudFlare certificates](https://about.gitlab.com/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/) | Secure your Pages site with CloudFlare certificates. |
-| [Let's Encrypt certificates](lets_encrypt_for_gitlab_pages.md) | Secure your Pages site with Let's Encrypt certificates. |
 |---+---|
 | [Static vs dynamic websites](https://about.gitlab.com/2016/06/03/ssg-overview-gitlab-pages-part-1-dynamic-x-static/) | A conceptual overview on static versus dynamic sites. |
 | [Modern static site generators](https://about.gitlab.com/2016/06/10/ssg-overview-gitlab-pages-part-2/) | A conceptual overview on SSGs. |
diff --git a/doc/user/project/pages/lets_encrypt_for_gitlab_pages.md b/doc/user/project/pages/lets_encrypt_for_gitlab_pages.md
index cc129f90b7a..1338c7e58f5 100644
--- a/doc/user/project/pages/lets_encrypt_for_gitlab_pages.md
+++ b/doc/user/project/pages/lets_encrypt_for_gitlab_pages.md
@@ -1,10 +1,15 @@
 ---
-description: "How to secure GitLab Pages websites with Let's Encrypt."
+description: "How to secure GitLab Pages websites with Let's Encrypt (manual process, deprecated)."
 type: howto
-last_updated: 2019-06-04
+last_updated: 2019-07-15
 ---
 
-# Let's Encrypt for GitLab Pages
+# Let's Encrypt for GitLab Pages (manual process, deprecated)
+
+CAUTION: **Warning:**
+This method is still valid but was **deprecated** in favor of the
+[Let's Encrypt integration](custom_domains_ssl_tls_certification/lets_encrypt_integration.md)
+introduced in GitLab 12.1.
 
 If you have a GitLab Pages website served under your own domain,
 you might want to secure it with a SSL/TSL certificate.
-- 
cgit v1.2.1


From 0f46886880e46344856ede52dd3b500e4d6737ac Mon Sep 17 00:00:00 2001
From: Igor <idrozdov@gitlab.com>
Date: Wed, 17 Jul 2019 13:06:19 +0000
Subject: Added submodule links to Submodule type in GraphQL API

This is part of migration of Folder View to Vue
---
 .../repository/components/table/index.vue          |  1 +
 .../repository/components/table/row.vue            |  7 ++++-
 .../repository/queries/getFiles.query.graphql      |  2 ++
 app/graphql/types/tree/submodule_type.rb           |  3 ++
 app/graphql/types/tree/tree_type.rb                |  4 ++-
 app/helpers/submodule_helper.rb                    | 12 +++++---
 app/serializers/diff_file_base_entity.rb           | 11 ++++---
 app/serializers/diffs_entity.rb                    |  5 +++-
 app/serializers/discussion_serializer.rb           | 14 +++++++++
 app/serializers/submodule_entity.rb                | 25 ----------------
 lib/gitlab/git/repository.rb                       | 22 ++++++++++++--
 .../graphql/representation/submodule_tree_entry.rb | 34 ++++++++++++++++++++++
 lib/gitlab/submodule_links.rb                      | 26 +++++++++++++++++
 .../repository/components/table/row_spec.js        | 16 +++++++++-
 spec/graphql/types/tree/submodule_type_spec.rb     |  2 +-
 spec/lib/gitlab/git/repository_spec.rb             | 16 ++++++++++
 .../representation/submodule_tree_entry_spec.rb    | 30 +++++++++++++++++++
 spec/serializers/diff_file_base_entity_spec.rb     | 26 +++++++++++++++++
 18 files changed, 213 insertions(+), 43 deletions(-)
 delete mode 100644 app/serializers/submodule_entity.rb
 create mode 100644 lib/gitlab/graphql/representation/submodule_tree_entry.rb
 create mode 100644 lib/gitlab/submodule_links.rb
 create mode 100644 spec/lib/gitlab/graphql/representation/submodule_tree_entry_spec.rb
 create mode 100644 spec/serializers/diff_file_base_entity_spec.rb

diff --git a/app/assets/javascripts/repository/components/table/index.vue b/app/assets/javascripts/repository/components/table/index.vue
index 0d9e992e596..610c7e8d99e 100644
--- a/app/assets/javascripts/repository/components/table/index.vue
+++ b/app/assets/javascripts/repository/components/table/index.vue
@@ -137,6 +137,7 @@ export default {
               :path="entry.flatPath"
               :type="entry.type"
               :url="entry.webUrl"
+              :submodule-tree-url="entry.treeUrl"
               :lfs-oid="entry.lfsOid"
             />
           </template>
diff --git a/app/assets/javascripts/repository/components/table/row.vue b/app/assets/javascripts/repository/components/table/row.vue
index 3e060e9ecb6..6029460d975 100644
--- a/app/assets/javascripts/repository/components/table/row.vue
+++ b/app/assets/javascripts/repository/components/table/row.vue
@@ -62,6 +62,11 @@ export default {
       required: false,
       default: null,
     },
+    submoduleTreeUrl: {
+      type: String,
+      required: false,
+      default: null,
+    },
   },
   data() {
     return {
@@ -112,7 +117,7 @@ export default {
       </component>
       <gl-badge v-if="lfsOid" variant="default" class="label-lfs ml-1">LFS</gl-badge>
       <template v-if="isSubmodule">
-        @ <gl-link href="#" class="commit-sha">{{ shortSha }}</gl-link>
+        @ <gl-link :href="submoduleTreeUrl" class="commit-sha">{{ shortSha }}</gl-link>
       </template>
     </td>
     <td class="d-none d-sm-table-cell tree-commit">
diff --git a/app/assets/javascripts/repository/queries/getFiles.query.graphql b/app/assets/javascripts/repository/queries/getFiles.query.graphql
index 4c24fc4087f..b3cc0878cad 100644
--- a/app/assets/javascripts/repository/queries/getFiles.query.graphql
+++ b/app/assets/javascripts/repository/queries/getFiles.query.graphql
@@ -35,6 +35,8 @@ query getFiles(
           edges {
             node {
               ...TreeEntry
+              webUrl
+              treeUrl
             }
           }
           pageInfo {
diff --git a/app/graphql/types/tree/submodule_type.rb b/app/graphql/types/tree/submodule_type.rb
index 8cb1e04f5ba..2b47e5c0161 100644
--- a/app/graphql/types/tree/submodule_type.rb
+++ b/app/graphql/types/tree/submodule_type.rb
@@ -7,6 +7,9 @@ module Types
       implements Types::Tree::EntryType
 
       graphql_name 'Submodule'
+
+      field :web_url, type: GraphQL::STRING_TYPE, null: true
+      field :tree_url, type: GraphQL::STRING_TYPE, null: true
     end
     # rubocop: enable Graphql/AuthorizeTypes
   end
diff --git a/app/graphql/types/tree/tree_type.rb b/app/graphql/types/tree/tree_type.rb
index fbdc1597461..99f2a6c0235 100644
--- a/app/graphql/types/tree/tree_type.rb
+++ b/app/graphql/types/tree/tree_type.rb
@@ -15,7 +15,9 @@ module Types
         Gitlab::Graphql::Representation::TreeEntry.decorate(obj.trees, obj.repository)
       end
 
-      field :submodules, Types::Tree::SubmoduleType.connection_type, null: false, calls_gitaly: true
+      field :submodules, Types::Tree::SubmoduleType.connection_type, null: false, calls_gitaly: true, resolve: -> (obj, args, ctx) do
+        Gitlab::Graphql::Representation::SubmoduleTreeEntry.decorate(obj.submodules, obj)
+      end
 
       field :blobs, Types::Tree::BlobType.connection_type, null: false, calls_gitaly: true, resolve: -> (obj, args, ctx) do
         Gitlab::Graphql::Representation::TreeEntry.decorate(obj.blobs, obj.repository)
diff --git a/app/helpers/submodule_helper.rb b/app/helpers/submodule_helper.rb
index 164c69ca50b..35e04b0ced3 100644
--- a/app/helpers/submodule_helper.rb
+++ b/app/helpers/submodule_helper.rb
@@ -9,6 +9,10 @@ module SubmoduleHelper
   def submodule_links(submodule_item, ref = nil, repository = @repository)
     url = repository.submodule_url_for(ref, submodule_item.path)
 
+    submodule_links_for_url(submodule_item.id, url, repository)
+  end
+
+  def submodule_links_for_url(submodule_item_id, url, repository)
     if url == '.' || url == './'
       url = File.join(Gitlab.config.gitlab.url, repository.project.full_path)
     end
@@ -31,13 +35,13 @@ module SubmoduleHelper
 
       if self_url?(url, namespace, project)
         [namespace_project_path(namespace, project),
-         namespace_project_tree_path(namespace, project, submodule_item.id)]
+         namespace_project_tree_path(namespace, project, submodule_item_id)]
       elsif relative_self_url?(url)
-        relative_self_links(url, submodule_item.id, repository.project)
+        relative_self_links(url, submodule_item_id, repository.project)
       elsif github_dot_com_url?(url)
-        standard_links('github.com', namespace, project, submodule_item.id)
+        standard_links('github.com', namespace, project, submodule_item_id)
       elsif gitlab_dot_com_url?(url)
-        standard_links('gitlab.com', namespace, project, submodule_item.id)
+        standard_links('gitlab.com', namespace, project, submodule_item_id)
       else
         [sanitize_submodule_url(url), nil]
       end
diff --git a/app/serializers/diff_file_base_entity.rb b/app/serializers/diff_file_base_entity.rb
index d8630165e49..ee68b4b98e0 100644
--- a/app/serializers/diff_file_base_entity.rb
+++ b/app/serializers/diff_file_base_entity.rb
@@ -3,7 +3,6 @@
 class DiffFileBaseEntity < Grape::Entity
   include RequestAwareEntity
   include BlobHelper
-  include SubmoduleHelper
   include DiffHelper
   include TreeHelper
   include ChecksCollaboration
@@ -12,12 +11,12 @@ class DiffFileBaseEntity < Grape::Entity
   expose :content_sha
   expose :submodule?, as: :submodule
 
-  expose :submodule_link do |diff_file|
-    memoized_submodule_links(diff_file).first
+  expose :submodule_link do |diff_file, options|
+    memoized_submodule_links(diff_file, options).first
   end
 
   expose :submodule_tree_url do |diff_file|
-    memoized_submodule_links(diff_file).last
+    memoized_submodule_links(diff_file, options).last
   end
 
   expose :edit_path, if: -> (_, options) { options[:merge_request] } do |diff_file|
@@ -92,10 +91,10 @@ class DiffFileBaseEntity < Grape::Entity
 
   private
 
-  def memoized_submodule_links(diff_file)
+  def memoized_submodule_links(diff_file, options)
     strong_memoize(:submodule_links) do
       if diff_file.submodule?
-        submodule_links(diff_file.blob, diff_file.content_sha, diff_file.repository)
+        options[:submodule_links].for(diff_file.blob, diff_file.content_sha)
       else
         []
       end
diff --git a/app/serializers/diffs_entity.rb b/app/serializers/diffs_entity.rb
index b51e4a7e6d0..1763fe5b6ab 100644
--- a/app/serializers/diffs_entity.rb
+++ b/app/serializers/diffs_entity.rb
@@ -64,7 +64,10 @@ class DiffsEntity < Grape::Entity
     merge_request_path(merge_request, format: :diff)
   end
 
-  expose :diff_files, using: DiffFileEntity
+  expose :diff_files do |diffs, options|
+    submodule_links = Gitlab::SubmoduleLinks.new(merge_request.project.repository)
+    DiffFileEntity.represent(diffs.diff_files, options.merge(submodule_links: submodule_links))
+  end
 
   expose :merge_request_diffs, using: MergeRequestDiffEntity, if: -> (_, options) { options[:merge_request_diffs]&.any? } do |diffs|
     options[:merge_request_diffs]
diff --git a/app/serializers/discussion_serializer.rb b/app/serializers/discussion_serializer.rb
index 5be40e74175..8bb7e93c033 100644
--- a/app/serializers/discussion_serializer.rb
+++ b/app/serializers/discussion_serializer.rb
@@ -2,4 +2,18 @@
 
 class DiscussionSerializer < BaseSerializer
   entity DiscussionEntity
+
+  def represent(resource, opts = {}, entity_class = nil)
+    super(resource, with_additional_opts(opts), entity_class)
+  end
+
+  private
+
+  def with_additional_opts(opts)
+    additional_opts = {
+      submodule_links: Gitlab::SubmoduleLinks.new(@request.project.repository)
+    }
+
+    opts.merge(additional_opts)
+  end
 end
diff --git a/app/serializers/submodule_entity.rb b/app/serializers/submodule_entity.rb
deleted file mode 100644
index e475a4f301f..00000000000
--- a/app/serializers/submodule_entity.rb
+++ /dev/null
@@ -1,25 +0,0 @@
-# frozen_string_literal: true
-
-class SubmoduleEntity < Grape::Entity
-  include RequestAwareEntity
-
-  expose :id, :path, :name, :mode
-
-  expose :icon do |blob|
-    'archive'
-  end
-
-  expose :url do |blob|
-    submodule_links(blob, request).first
-  end
-
-  expose :tree_url do |blob|
-    submodule_links(blob, request).last
-  end
-
-  private
-
-  def submodule_links(blob, request)
-    @submodule_links ||= SubmoduleHelper.submodule_links(blob, request.ref, request.repository)
-  end
-end
diff --git a/lib/gitlab/git/repository.rb b/lib/gitlab/git/repository.rb
index b7b7578cef9..a7d9ba51277 100644
--- a/lib/gitlab/git/repository.rb
+++ b/lib/gitlab/git/repository.rb
@@ -464,6 +464,18 @@ module Gitlab
         end
       end
 
+      # Returns path to url mappings for submodules
+      #
+      # Ex.
+      #   @repository.submodule_urls_for('master')
+      #   # => { 'rack' => 'git@localhost:rack.git' }
+      #
+      def submodule_urls_for(ref)
+        wrapped_gitaly_errors do
+          gitaly_submodule_urls_for(ref)
+        end
+      end
+
       # Return total commits count accessible from passed ref
       def commit_count(ref)
         wrapped_gitaly_errors do
@@ -1059,12 +1071,16 @@ module Gitlab
 
         return unless commit_object && commit_object.type == :COMMIT
 
+        urls = gitaly_submodule_urls_for(ref)
+        urls && urls[path]
+      end
+
+      def gitaly_submodule_urls_for(ref)
         gitmodules = gitaly_commit_client.tree_entry(ref, '.gitmodules', Gitlab::Git::Blob::MAX_DATA_DISPLAY_SIZE)
         return unless gitmodules
 
-        found_module = GitmodulesParser.new(gitmodules.data).parse[path]
-
-        found_module && found_module['url']
+        submodules = GitmodulesParser.new(gitmodules.data).parse
+        submodules.transform_values { |submodule| submodule['url'] }
       end
 
       # Returns true if the given ref name exists
diff --git a/lib/gitlab/graphql/representation/submodule_tree_entry.rb b/lib/gitlab/graphql/representation/submodule_tree_entry.rb
new file mode 100644
index 00000000000..65716dff75d
--- /dev/null
+++ b/lib/gitlab/graphql/representation/submodule_tree_entry.rb
@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Graphql
+    module Representation
+      class SubmoduleTreeEntry < SimpleDelegator
+        class << self
+          def decorate(submodules, tree)
+            repository = tree.repository
+            submodule_links = Gitlab::SubmoduleLinks.new(repository)
+
+            submodules.map do |submodule|
+              self.new(submodule, submodule_links.for(submodule, tree.sha))
+            end
+          end
+        end
+
+        def initialize(submodule, submodule_links)
+          @submodule_links = submodule_links
+
+          super(submodule)
+        end
+
+        def web_url
+          @submodule_links.first
+        end
+
+        def tree_url
+          @submodule_links.last
+        end
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/submodule_links.rb b/lib/gitlab/submodule_links.rb
new file mode 100644
index 00000000000..a6c0369d864
--- /dev/null
+++ b/lib/gitlab/submodule_links.rb
@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+module Gitlab
+  class SubmoduleLinks
+    include Gitlab::Utils::StrongMemoize
+
+    def initialize(repository)
+      @repository = repository
+    end
+
+    def for(submodule, sha)
+      submodule_url = submodule_url_for(sha)[submodule.path]
+      SubmoduleHelper.submodule_links_for_url(submodule.id, submodule_url, repository)
+    end
+
+    private
+
+    attr_reader :repository
+
+    def submodule_url_for(sha)
+      strong_memoize(:"submodule_links_for_#{sha}") do
+        repository.submodule_urls_for(sha)
+      end
+    end
+  end
+end
diff --git a/spec/frontend/repository/components/table/row_spec.js b/spec/frontend/repository/components/table/row_spec.js
index c566057ad3f..e539c560975 100644
--- a/spec/frontend/repository/components/table/row_spec.js
+++ b/spec/frontend/repository/components/table/row_spec.js
@@ -1,5 +1,5 @@
 import { shallowMount, RouterLinkStub } from '@vue/test-utils';
-import { GlBadge } from '@gitlab/ui';
+import { GlBadge, GlLink } from '@gitlab/ui';
 import { visitUrl } from '~/lib/utils/url_utility';
 import TableRow from '~/repository/components/table/row.vue';
 
@@ -142,4 +142,18 @@ describe('Repository table row component', () => {
 
     expect(vm.find(GlBadge).exists()).toBe(true);
   });
+
+  it('renders commit and web links with href for submodule', () => {
+    factory({
+      id: '1',
+      path: 'test',
+      type: 'commit',
+      url: 'https://test.com',
+      submoduleTreeUrl: 'https://test.com/commit',
+      currentPath: '/',
+    });
+
+    expect(vm.find('a').attributes('href')).toEqual('https://test.com');
+    expect(vm.find(GlLink).attributes('href')).toEqual('https://test.com/commit');
+  });
 });
diff --git a/spec/graphql/types/tree/submodule_type_spec.rb b/spec/graphql/types/tree/submodule_type_spec.rb
index bdb3149b41c..768eccba68c 100644
--- a/spec/graphql/types/tree/submodule_type_spec.rb
+++ b/spec/graphql/types/tree/submodule_type_spec.rb
@@ -5,5 +5,5 @@ require 'spec_helper'
 describe Types::Tree::SubmoduleType do
   it { expect(described_class.graphql_name).to eq('Submodule') }
 
-  it { expect(described_class).to have_graphql_fields(:id, :name, :type, :path, :flat_path) }
+  it { expect(described_class).to have_graphql_fields(:id, :name, :type, :path, :flat_path, :web_url, :tree_url) }
 end
diff --git a/spec/lib/gitlab/git/repository_spec.rb b/spec/lib/gitlab/git/repository_spec.rb
index a28b95e5bff..41b898df112 100644
--- a/spec/lib/gitlab/git/repository_spec.rb
+++ b/spec/lib/gitlab/git/repository_spec.rb
@@ -256,6 +256,22 @@ describe Gitlab::Git::Repository, :seed_helper do
     end
   end
 
+  describe '#submodule_urls_for' do
+    let(:ref) { 'master' }
+
+    it 'returns url mappings for submodules' do
+      urls = repository.submodule_urls_for(ref)
+
+      expect(urls).to eq({
+        "deeper/nested/six" => "git://github.com/randx/six.git",
+               "gitlab-grack" => "https://gitlab.com/gitlab-org/gitlab-grack.git",
+       "gitlab-shell" => "https://github.com/gitlabhq/gitlab-shell.git",
+        "nested/six" => "git://github.com/randx/six.git",
+        "six" => "git://github.com/randx/six.git"
+      })
+    end
+  end
+
   describe '#commit_count' do
     it { expect(repository.commit_count("master")).to eq(25) }
     it { expect(repository.commit_count("feature")).to eq(9) }
diff --git a/spec/lib/gitlab/graphql/representation/submodule_tree_entry_spec.rb b/spec/lib/gitlab/graphql/representation/submodule_tree_entry_spec.rb
new file mode 100644
index 00000000000..28056a6085d
--- /dev/null
+++ b/spec/lib/gitlab/graphql/representation/submodule_tree_entry_spec.rb
@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::Graphql::Representation::SubmoduleTreeEntry do
+  let(:project) { create(:project, :repository) }
+  let(:repository) { project.repository }
+
+  describe '.decorate' do
+    let(:submodules) { repository.tree.submodules }
+
+    it 'returns array of SubmoduleTreeEntry' do
+      entries = described_class.decorate(submodules, repository.tree)
+
+      expect(entries.first).to be_a(described_class)
+
+      expect(entries.map(&:web_url)).to contain_exactly(
+        "https://gitlab.com/gitlab-org/gitlab-grack",
+        "https://github.com/gitlabhq/gitlab-shell",
+        "https://github.com/randx/six"
+      )
+
+      expect(entries.map(&:tree_url)).to contain_exactly(
+        "https://gitlab.com/gitlab-org/gitlab-grack/tree/645f6c4c82fd3f5e06f67134450a570b795e55a6",
+        "https://github.com/gitlabhq/gitlab-shell/tree/79bceae69cb5750d6567b223597999bfa91cb3b9",
+        "https://github.com/randx/six/tree/409f37c4f05865e4fb208c771485f211a22c4c2d"
+      )
+    end
+  end
+end
diff --git a/spec/serializers/diff_file_base_entity_spec.rb b/spec/serializers/diff_file_base_entity_spec.rb
new file mode 100644
index 00000000000..68c5c665ed6
--- /dev/null
+++ b/spec/serializers/diff_file_base_entity_spec.rb
@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe DiffFileBaseEntity do
+  let(:project) { create(:project, :repository) }
+  let(:repository) { project.repository }
+
+  context 'diff for a changed submodule' do
+    let(:commit_sha_with_changed_submodule) do
+      "cfe32cf61b73a0d5e9f13e774abde7ff789b1660"
+    end
+    let(:commit) { project.commit(commit_sha_with_changed_submodule) }
+    let(:diff_file) { commit.diffs.diff_files.to_a.last }
+    let(:options) { { request: {}, submodule_links: Gitlab::SubmoduleLinks.new(repository) } }
+    let(:entity) { described_class.new(diff_file, options).as_json }
+
+    it do
+      expect(entity[:submodule]).to eq(true)
+      expect(entity[:submodule_link]).to eq("https://github.com/randx/six")
+      expect(entity[:submodule_tree_url]).to eq(
+        "https://github.com/randx/six/tree/409f37c4f05865e4fb208c771485f211a22c4c2d"
+      )
+    end
+  end
+end
-- 
cgit v1.2.1


From a1bee1a09d529007c4ff11ab55d355b51f352ed8 Mon Sep 17 00:00:00 2001
From: Desiree Chevalier <dchevalier@gitlab.com>
Date: Fri, 7 Jun 2019 08:46:48 -0400
Subject: Generate parallel spec reports

Creates reports for parallel specs and collates them into a single
HTML report and displays results on the merge request.
---
 .gitlab/ci/review.gitlab-ci.yml | 33 +++++++++++++++-
 qa/Gemfile                      |  1 +
 qa/Gemfile.lock                 |  3 ++
 scripts/merge-html-reports      | 84 +++++++++++++++++++++++++++++++++++++++++
 4 files changed, 120 insertions(+), 1 deletion(-)
 create mode 100755 scripts/merge-html-reports

diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml
index ce019de213b..41d52c4e095 100644
--- a/.gitlab/ci/review.gitlab-ci.yml
+++ b/.gitlab/ci/review.gitlab-ci.yml
@@ -174,7 +174,38 @@ review-qa-all:
   script:
     - export KNAPSACK_REPORT_PATH=knapsack/${CI_PROJECT_NAME}/review-qa-all_master_report.json
     - export KNAPSACK_TEST_FILE_PATTERN=qa/specs/features/**/*_spec.rb
-    - gitlab-qa Test::Instance::Any "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}"
+    - gitlab-qa Test::Instance::Any "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}" -- --format RspecJunitFormatter --out tmp/rspec-${CI_JOB_ID}.xml --format html --out tmp/rspec.htm --color --format documentation
+
+parallel-spec-reports:
+  extends: .dedicated-runner
+  dependencies:
+    - review-qa-all
+  image: ruby:2.6-alpine
+  services: []
+  before_script: []
+  variables:
+    SETUP_DB: "false"
+    NEW_PARALLEL_SPECS_REPORT: qa/report-new.html
+    BASE_ARTIFACT_URL: "${CI_PROJECT_URL}/-/jobs/${CI_JOB_ID}/artifacts/file/qa/"
+  stage: post-test
+  allow_failure: true
+  when: manual
+  retry: 0
+  artifacts:
+    when: always
+    paths:
+      - qa/report-new.html
+      - qa/gitlab-qa-run-*
+    reports:
+      junit: qa/gitlab-qa-run-*/**/rspec-*.xml
+  script:
+    - apk add --update build-base libxml2-dev libxslt-dev && rm -rf /var/cache/apk/*
+    - gem install nokogiri
+    - cd qa/gitlab-qa-run-*/gitlab-*
+    - ARTIFACT_DIRS=$(pwd |rev| awk -F / '{print $1,$2}' | rev | sed s_\ _/_)
+    - cd ../../..
+    - '[[ -f $NEW_PARALLEL_SPECS_REPORT ]] || echo "{}" > ${NEW_PARALLEL_SPECS_REPORT}'
+    - scripts/merge-html-reports ${NEW_PARALLEL_SPECS_REPORT} ${BASE_ARTIFACT_URL}${ARTIFACT_DIRS} qa/gitlab-qa-run-*/**/rspec.htm
 
 .review-performance-base: &review-performance-base
   <<: *review-qa-base
diff --git a/qa/Gemfile b/qa/Gemfile
index c46be8a0362..53e7cc497e2 100644
--- a/qa/Gemfile
+++ b/qa/Gemfile
@@ -10,6 +10,7 @@ gem 'selenium-webdriver', '~> 3.12'
 gem 'airborne', '~> 0.2.13'
 gem 'nokogiri', '~> 1.10.3'
 gem 'rspec-retry', '~> 0.6.1'
+gem 'rspec_junit_formatter', '~> 0.4.1'
 gem 'faker', '~> 1.6', '>= 1.6.6'
 gem 'knapsack', '~> 1.17'
 gem 'parallel_tests', '~> 2.29'
diff --git a/qa/Gemfile.lock b/qa/Gemfile.lock
index 73aabf2c6ad..7d19366f83b 100644
--- a/qa/Gemfile.lock
+++ b/qa/Gemfile.lock
@@ -87,6 +87,8 @@ GEM
     rspec-retry (0.6.1)
       rspec-core (> 3.3)
     rspec-support (3.7.0)
+    rspec_junit_formatter (0.4.1)
+      rspec-core (>= 2, < 4, != 2.12.0)
     rubyzip (1.2.2)
     selenium-webdriver (3.141.0)
       childprocess (~> 0.5)
@@ -116,6 +118,7 @@ DEPENDENCIES
   rake (~> 12.3.0)
   rspec (~> 3.7)
   rspec-retry (~> 0.6.1)
+  rspec_junit_formatter (~> 0.4.1) 
   selenium-webdriver (~> 3.12)
 
 BUNDLED WITH
diff --git a/scripts/merge-html-reports b/scripts/merge-html-reports
new file mode 100755
index 00000000000..7d1e15186c8
--- /dev/null
+++ b/scripts/merge-html-reports
@@ -0,0 +1,84 @@
+#!/usr/bin/env ruby
+
+require 'nokogiri'
+
+main_report_file = ARGV.shift
+unless main_report_file
+  puts 'usage: merge-html-reports <main-report> <base-artifact-url> [parallel reports...]'
+  exit 1
+end
+
+base_artifact_url = ARGV.shift
+unless base_artifact_url
+  puts 'usage: merge-html-reports <main-report> <base-artifact-url> [parallel reports...]'
+  exit 1
+end
+
+# Create the base report with empty body tag
+new_report = Nokogiri::HTML.parse(File.read(ARGV[0]))
+new_report.at_css('body').remove
+empty_body = Nokogiri::XML::Node.new('body', new_report)
+new_report.at_css('head').add_next_sibling(empty_body)
+
+ARGV.each do |report_file|
+  report = Nokogiri::HTML.parse(File.read(report_file))
+
+  report.css('a').each do |link|
+    link_suffix = link['href'].slice(19..-1)
+    link['href'] = base_artifact_url + link_suffix
+  end
+
+  header = report.css('div #rspec-header')
+  tests = report.css('dt[id^="example_group_"]')
+
+  tests.each do |test|
+    title = test.parent
+    group = title.parent
+    script = title.css('script')
+
+    if script.inner_html.include? 'makeYellow'
+      test.remove_class('passed')
+      test.add_class('not_implemented')
+
+      group.remove_class('passed')
+      group.add_class('not_implemented')
+      header.add_class('not_implemented')
+
+      script.remove
+      test.next_sibling.remove
+      test.next_sibling.remove
+
+    elsif script.inner_html.include? 'makeRed'
+      test.remove_class('passed')
+      test.add_class('failed')
+
+      group.remove_class('passed')
+      group.add_class('failed')
+      header.add_class('failed')
+
+      script.remove
+      test.next_sibling.remove
+      test.next_sibling.remove
+    end
+  end
+
+  duration = report.at_css('p#duration')
+  totals = report.at_css('p#totals')
+
+  duration_script = report.css('div.results script')[-2]
+  totals_script = report.css('div.results script')[-1]
+
+  duration_text = duration_script.text.slice(49..-3)
+  totals_text = totals_script.text.slice(47..-3)
+
+  duration.inner_html = duration_text
+  totals.inner_html = totals_text
+
+  duration_script.remove
+  totals_script.remove
+
+  # Add the new result after the last one to keep the test order
+  new_report.css('body')[-1].add_next_sibling(report.at_css('body'))
+end
+
+File.write(main_report_file, new_report)
-- 
cgit v1.2.1


From 926e16e5d16ff5bfc52c21a98f0266e5939274c5 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Wed, 17 Jul 2019 07:15:01 -0700
Subject: Document how to make Oracle Cloud S3 work

Related issues:

* https://github.com/fog/fog-aws/issues/523
* https://gitlab.com/gitlab-org/gitlab-ce/issues/63041
---
 doc/administration/job_artifacts.md       |  1 +
 doc/administration/merge_request_diffs.md |  1 +
 doc/administration/uploads.md             | 17 +++++++++++++++++
 doc/workflow/lfs/lfs_administration.md    |  1 +
 4 files changed, 20 insertions(+)

diff --git a/doc/administration/job_artifacts.md b/doc/administration/job_artifacts.md
index 5490a59ceac..2b624f8de77 100644
--- a/doc/administration/job_artifacts.md
+++ b/doc/administration/job_artifacts.md
@@ -115,6 +115,7 @@ The connection settings match those provided by [Fog](https://github.com/fog), a
 | `aws_access_key_id` | AWS credentials, or compatible | |
 | `aws_secret_access_key` | AWS credentials, or compatible | |
 | `aws_signature_version` | AWS signature version to use. 2 or 4 are valid options. Digital Ocean Spaces and other providers may need 2. | 4 |
+| `enable_signature_v4_streaming` | Set to true to enable HTTP chunked transfers with AWS v4 signatures (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html). Oracle Cloud S3 needs this to be false | true
 | `region` | AWS region | us-east-1 |
 | `host` | S3 compatible host for when not using AWS, e.g. `localhost` or `storage.example.com` | s3.amazonaws.com |
 | `endpoint` | Can be used when configuring an S3 compatible service such as [Minio](https://www.minio.io), by entering a URL such as `http://127.0.0.1:9000` | (optional) |
diff --git a/doc/administration/merge_request_diffs.md b/doc/administration/merge_request_diffs.md
index 99cd9051778..0b065082ded 100644
--- a/doc/administration/merge_request_diffs.md
+++ b/doc/administration/merge_request_diffs.md
@@ -90,6 +90,7 @@ The connection settings match those provided by [Fog](https://github.com/fog), a
 | `aws_access_key_id` | AWS credentials, or compatible | |
 | `aws_secret_access_key` | AWS credentials, or compatible | |
 | `aws_signature_version` | AWS signature version to use. 2 or 4 are valid options. Digital Ocean Spaces and other providers may need 2. | 4 |
+| `enable_signature_v4_streaming` | Set to true to enable HTTP chunked transfers with AWS v4 signatures (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html). Oracle Cloud S3 needs this to be false | true
 | `region` | AWS region | us-east-1 |
 | `host` | S3 compatible host for when not using AWS, e.g. `localhost` or `storage.example.com` | s3.amazonaws.com |
 | `endpoint` | Can be used when configuring an S3 compatible service such as [Minio](https://www.minio.io), by entering a URL such as `http://127.0.0.1:9000` | (optional) |
diff --git a/doc/administration/uploads.md b/doc/administration/uploads.md
index 51e267c865e..99f1c386183 100644
--- a/doc/administration/uploads.md
+++ b/doc/administration/uploads.md
@@ -78,6 +78,7 @@ The connection settings match those provided by [Fog](https://github.com/fog), a
 | `aws_access_key_id` | AWS credentials, or compatible | |
 | `aws_secret_access_key` | AWS credentials, or compatible | |
 | `aws_signature_version` | AWS signature version to use. 2 or 4 are valid options. Digital Ocean Spaces and other providers may need 2. | 4 |
+| `enable_signature_v4_streaming` | Set to true to enable HTTP chunked transfers with AWS v4 signatures (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html). Oracle Cloud S3 needs this to be false | true
 | `region` | AWS region | us-east-1 |
 | `host` | S3 compatible host for when not using AWS, e.g. `localhost` or `storage.example.com` | s3.amazonaws.com |
 | `endpoint` | Can be used when configuring an S3 compatible service such as [Minio](https://www.minio.io), by entering a URL such as `http://127.0.0.1:9000` | (optional) |
@@ -140,6 +141,22 @@ _The uploads are stored by default in
 1. Save the file and [restart GitLab][] for the changes to take effect.
 1. Migrate any existing local uploads to the object storage using [`gitlab:uploads:migrate` rake task](raketasks/uploads/migrate.md).
 
+### Oracle Cloud S3 connection settings
+
+Note that Oracle Cloud S3 must be sure to use the following settings:
+
+| Setting | Value |
+|---------|-------|
+| `enable_signature_v4_streaming` | false |
+| `path_style` | true |
+
+If `enable_signature_v4_streaming` is set to `true`, you may see the
+following error:
+
+```
+STREAMING-AWS4-HMAC-SHA256-PAYLOAD is not supported
+```
+
 ### OpenStack compatible connection settings
 
 The connection settings match those provided by [Fog](https://github.com/fog), and are as follows:
diff --git a/doc/workflow/lfs/lfs_administration.md b/doc/workflow/lfs/lfs_administration.md
index 55183408a10..3160b0c4deb 100644
--- a/doc/workflow/lfs/lfs_administration.md
+++ b/doc/workflow/lfs/lfs_administration.md
@@ -91,6 +91,7 @@ Here is a configuration example with S3.
 | `aws_access_key_id` | AWS credentials, or compatible | `ABC123DEF456` |
 | `aws_secret_access_key` | AWS credentials, or compatible | `ABC123DEF456ABC123DEF456ABC123DEF456` |
 | `aws_signature_version` | AWS signature version to use. 2 or 4 are valid options. Digital Ocean Spaces and other providers may need 2. | 4 |
+| `enable_signature_v4_streaming` | Set to true to enable HTTP chunked transfers with AWS v4 signatures (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html). Oracle Cloud S3 needs this to be false | true
 | `region` | AWS region | us-east-1 |
 | `host` | S3 compatible host for when not using AWS, e.g. `localhost` or `storage.example.com` | s3.amazonaws.com |
 | `endpoint` | Can be used when configuring an S3 compatible service such as [Minio](https://www.minio.io), by entering a URL such as `http://127.0.0.1:9000` | (optional) |
-- 
cgit v1.2.1


From 8ba48310af448d5e03601dc153cff1d66609280b Mon Sep 17 00:00:00 2001
From: Ammar Alakkad <aalakkad@gitlab.com>
Date: Wed, 17 Jul 2019 14:18:12 +0000
Subject: Resolve "Label picker: Line break on long label titles"

---
 app/assets/javascripts/labels_select.js                              | 3 ++-
 app/assets/stylesheets/pages/labels.scss                             | 4 ++++
 .../48771-label-picker-line-break-on-long-label-titles.yml           | 5 +++++
 spec/features/issues/bulk_assignment_labels_spec.rb                  | 2 +-
 4 files changed, 12 insertions(+), 2 deletions(-)
 create mode 100644 changelogs/unreleased/48771-label-picker-line-break-on-long-label-titles.yml

diff --git a/app/assets/javascripts/labels_select.js b/app/assets/javascripts/labels_select.js
index bea43430edc..f50a6e3b19d 100644
--- a/app/assets/javascripts/labels_select.js
+++ b/app/assets/javascripts/labels_select.js
@@ -311,7 +311,8 @@ export default class LabelsSelect {
 
           // We need to identify which items are actually labels
           if (label.id) {
-            selectedClass.push('label-item');
+            const selectedLayoutClasses = ['d-flex', 'flex-row', 'text-break-word'];
+            selectedClass.push('label-item', ...selectedLayoutClasses);
             linkEl.dataset.labelId = label.id;
           }
 
diff --git a/app/assets/stylesheets/pages/labels.scss b/app/assets/stylesheets/pages/labels.scss
index 11e8a32389f..7d5e185834b 100644
--- a/app/assets/stylesheets/pages/labels.scss
+++ b/app/assets/stylesheets/pages/labels.scss
@@ -30,6 +30,10 @@
   .dropdown-content {
     max-height: 135px;
   }
+
+  .dropdown-label-box {
+    flex: 0 0 auto;
+  }
 }
 
 .dropdown-new-label {
diff --git a/changelogs/unreleased/48771-label-picker-line-break-on-long-label-titles.yml b/changelogs/unreleased/48771-label-picker-line-break-on-long-label-titles.yml
new file mode 100644
index 00000000000..e598247b5d8
--- /dev/null
+++ b/changelogs/unreleased/48771-label-picker-line-break-on-long-label-titles.yml
@@ -0,0 +1,5 @@
+---
+title: 'Resolve Label picker: Line break on long label titles'
+merge_request: 30610
+author: 
+type: fixed
diff --git a/spec/features/issues/bulk_assignment_labels_spec.rb b/spec/features/issues/bulk_assignment_labels_spec.rb
index 06cb2e36334..7be5961af09 100644
--- a/spec/features/issues/bulk_assignment_labels_spec.rb
+++ b/spec/features/issues/bulk_assignment_labels_spec.rb
@@ -381,7 +381,7 @@ describe 'Issues > Labels bulk assignment' do
       if unmark
         items.map do |item|
           # Make sure we are unmarking the item no matter the state it has currently
-          click_link item until find('a', text: item)[:class] == 'label-item'
+          click_link item until find('a', text: item)[:class].include? 'label-item'
         end
       end
     end
-- 
cgit v1.2.1


From 77a98c36399c7ac7425b73038e325b411eec0685 Mon Sep 17 00:00:00 2001
From: blunceford <blunceford@gitlab.com>
Date: Wed, 17 Jul 2019 10:34:42 -0600
Subject: Cleaned up tests for group milestones

---
 .../controllers/dashboard/milestones_controller_spec.rb | 17 +++--------------
 1 file changed, 3 insertions(+), 14 deletions(-)

diff --git a/spec/controllers/dashboard/milestones_controller_spec.rb b/spec/controllers/dashboard/milestones_controller_spec.rb
index 010d6ba477d..67939aa4e6a 100644
--- a/spec/controllers/dashboard/milestones_controller_spec.rb
+++ b/spec/controllers/dashboard/milestones_controller_spec.rb
@@ -47,6 +47,8 @@ describe Dashboard::MilestonesController do
   describe "#index" do
     let(:public_group) { create(:group, :public) }
     let!(:public_milestone) { create(:milestone, group: public_group) }
+    let!(:closed_group_milestone) { create(:milestone, group: group, state: 'closed') }
+    let!(:closed_project_milestone) { create(:milestone, project: project, state: 'closed') }
 
     render_views
 
@@ -60,9 +62,6 @@ describe Dashboard::MilestonesController do
     end
 
     it 'returns closed group and project milestones to which the user belongs' do
-      closed_group_milestone = create(:milestone, group: group, state: 'closed')
-      closed_project_milestone = create(:milestone, project: project, state: 'closed')
-
       get :index, params: { state: 'closed' }, format: :json
 
       expect(response).to have_gitlab_http_status(200)
@@ -89,17 +88,7 @@ describe Dashboard::MilestonesController do
       expect(response.body).not_to include(project_milestone.title)
     end
 
-    it 'shows counts of group and project milestones to which the user belongs to' do
-      get :index
-
-      expect(response.body).to include("Open\n<span class=\"badge badge-pill\">2</span>")
-      expect(response.body).to include("Closed\n<span class=\"badge badge-pill\">0</span>")
-    end
-
-    it 'shows counts of closed group and project milestones to which the user belongs to' do
-      closed_group_milestone = create(:milestone, group: group, state: 'closed')
-      closed_project_milestone = create(:milestone, project: project, state: 'closed')
-
+    it 'shows counts of open and closed group and project milestones to which the user belongs to' do
       get :index
 
       expect(response.body).to include("Open\n<span class=\"badge badge-pill\">2</span>")
-- 
cgit v1.2.1


From 7b18f3a022e34b8599cf509a0cc9263c1b97c0f7 Mon Sep 17 00:00:00 2001
From: mtmail <mtmail@gmx.net>
Date: Wed, 17 Jul 2019 16:57:56 +0000
Subject: typo

---
 doc/ci/caching/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/ci/caching/index.md b/doc/ci/caching/index.md
index 9a5a3624c73..5b2c3a8765c 100644
--- a/doc/ci/caching/index.md
+++ b/doc/ci/caching/index.md
@@ -8,7 +8,7 @@ GitLab CI/CD provides a caching mechanism that can be used to save time
 when your jobs are running.
 
 Caching is about speeding the time a job is executed by reusing the same
-content of a previous job. It can be particularly useful when your are
+content of a previous job. It can be particularly useful when you are
 developing software that depends on other libraries which are fetched via the
 internet during build time.
 
-- 
cgit v1.2.1


From 1b9dbef3fd2e90cb094b1228a00e8e8d6ee800da Mon Sep 17 00:00:00 2001
From: Lucas Charles <me@lucascharles.me>
Date: Wed, 17 Jul 2019 17:43:35 +0000
Subject: Add rule_type to approval_project_rules

Adds migration to introduce non-regular rule_types to
approval_project_rules
---
 .../9928ee-add-rule_type-to-approval-project-rules.yml  |  5 +++++
 ...709204413_add_rule_type_to_approval_project_rules.rb | 17 +++++++++++++++++
 ...229_add_index_to_approval_project_rules_rule_type.rb | 17 +++++++++++++++++
 db/schema.rb                                            |  2 ++
 4 files changed, 41 insertions(+)
 create mode 100644 changelogs/unreleased/9928ee-add-rule_type-to-approval-project-rules.yml
 create mode 100644 db/migrate/20190709204413_add_rule_type_to_approval_project_rules.rb
 create mode 100644 db/migrate/20190710151229_add_index_to_approval_project_rules_rule_type.rb

diff --git a/changelogs/unreleased/9928ee-add-rule_type-to-approval-project-rules.yml b/changelogs/unreleased/9928ee-add-rule_type-to-approval-project-rules.yml
new file mode 100644
index 00000000000..698ecebb971
--- /dev/null
+++ b/changelogs/unreleased/9928ee-add-rule_type-to-approval-project-rules.yml
@@ -0,0 +1,5 @@
+---
+title: Add migration for adding rule_type to approval_project_rules
+merge_request: 30575
+author:
+type: added
diff --git a/db/migrate/20190709204413_add_rule_type_to_approval_project_rules.rb b/db/migrate/20190709204413_add_rule_type_to_approval_project_rules.rb
new file mode 100644
index 00000000000..87a228c9bf9
--- /dev/null
+++ b/db/migrate/20190709204413_add_rule_type_to_approval_project_rules.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class AddRuleTypeToApprovalProjectRules < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_column_with_default :approval_project_rules, :rule_type, :integer, limit: 2, default: 0, allow_null: false
+  end
+
+  def down
+    remove_column :approval_project_rules, :rule_type
+  end
+end
diff --git a/db/migrate/20190710151229_add_index_to_approval_project_rules_rule_type.rb b/db/migrate/20190710151229_add_index_to_approval_project_rules_rule_type.rb
new file mode 100644
index 00000000000..64123c53c4a
--- /dev/null
+++ b/db/migrate/20190710151229_add_index_to_approval_project_rules_rule_type.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class AddIndexToApprovalProjectRulesRuleType < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_concurrent_index :approval_project_rules, :rule_type
+  end
+
+  def down
+    remove_concurrent_index :approval_project_rules, :rule_type
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index f752211f2ec..a5079d3a5bc 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -282,7 +282,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "project_id", null: false
     t.integer "approvals_required", limit: 2, default: 0, null: false
     t.string "name", null: false
+    t.integer "rule_type", limit: 2, default: 0, null: false
     t.index ["project_id"], name: "index_approval_project_rules_on_project_id", using: :btree
+    t.index ["rule_type"], name: "index_approval_project_rules_on_rule_type", using: :btree
   end
 
   create_table "approval_project_rules_groups", force: :cascade do |t|
-- 
cgit v1.2.1


From e424fcedcc5cbe9cd96b74b057f243161db6e2e9 Mon Sep 17 00:00:00 2001
From: Martin Hanzel <mhanzel@gitlab.com>
Date: Wed, 17 Jul 2019 17:47:19 +0000
Subject: Add docs about auto-injected Jest mocks

---
 doc/development/testing_guide/frontend_testing.md | 28 +++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/doc/development/testing_guide/frontend_testing.md b/doc/development/testing_guide/frontend_testing.md
index bb44cc595e9..c909745b1ab 100644
--- a/doc/development/testing_guide/frontend_testing.md
+++ b/doc/development/testing_guide/frontend_testing.md
@@ -79,6 +79,34 @@ describe('Component', () => {
 
 Remember that the performance of each test depends on the environment.
 
+### Manual module mocks
+Jest supports [manual module mocks](https://jestjs.io/docs/en/manual-mocks) by placing a mock in a `__mocks__/` directory next to the source module. **Don't do this.** We want to keep all of our test-related code in one place (the `spec/` folder), and the logic that Jest uses to apply mocks from `__mocks__/` is rather inconsistent.
+
+Instead, our test runner detects manual mocks from `spec/frontend/mocks/`. Any mock placed here is automatically picked up and injected whenever you import its source module.
+
+- Files in `spec/frontend/mocks/ce` will mock the corresponding CE module from `app/assets/javascripts`, mirroring the source module's path.
+    - Example: `spec/frontend/mocks/ce/lib/utils/axios_utils` will mock the module `~/lib/utils/axios_utils`.
+- Files in `spec/frontend/mocks/node` will mock NPM packages of the same name or path.
+- We don't support mocking EE modules yet.
+
+If a mock is found for which a source module doesn't exist, the test suite will fail. 'Virtual' mocks, or mocks that don't have a 1-to-1 association with a source module, are not supported yet.
+
+#### Writing a mock
+Create a JS module in the appropriate place in `spec/frontend/mocks/`. That's it. It will automatically mock its source package in all tests.
+
+Make sure that your mock's export has the same format as the mocked module. So, if you're mocking a CommonJS module, you'll need to use `module.exports` instead of the ES6 `export`.
+
+It might be useful for a mock to expose a property that indicates if the mock was loaded. This way, tests can assert the presence of a mock without calling any logic and causing side-effects. The `~/lib/utils/axios_utils` module mock has such a property, `isMock`, that is `true` in the mock and undefined in the original class. Jest's mock functions also have a `mock` property that you can test.
+
+#### Bypassing mocks
+If you ever need to import the original module in your tests, use [`jest.requireActual()`](https://jestjs.io/docs/en/jest-object#jestrequireactualmodulename) (or `jest.requireActual().default` for the default export). The `jest.mock()` and `jest.unmock()` won't have an effect on modules that have a manual mock, because mocks are imported and cached before any tests are run.
+
+#### Keep mocks light
+Global mocks introduce magic and can affect how modules are imported in your tests. Try to keep them as light as possible and dependency-free. A global mock should be useful for any unit test. For example, the `axios_utils` and `jquery` module mocks throw an error when an HTTP request is attempted, since this is useful behaviour in &gt;99% of tests.
+
+When in doubt, construct mocks in your test file using [`jest.mock()`](https://jestjs.io/docs/en/jest-object#jestmockmodulename-factory-options), [`jest.spyOn()`](https://jestjs.io/docs/en/jest-object#jestspyonobject-methodname), etc.
+
+
 ## Karma test suite
 
 GitLab uses the [Karma][karma] test runner with [Jasmine] as its test
-- 
cgit v1.2.1


From eb45cb8c99f4232da90c26b307eff35c926d1975 Mon Sep 17 00:00:00 2001
From: Martin Hanzel <mhanzel@gitlab.com>
Date: Wed, 17 Jul 2019 17:47:39 +0000
Subject: Mockify jquery and axios packages

Moved the block that fails tests on unmocked axios requests from
test_setup to its own mock, and added a jQuery mock that fails
tests if they use unmocked $.ajax().
---
 package.json                                       |   1 +
 spec/frontend/mocks/ce/lib/utils/axios_utils.js    |  15 +++
 spec/frontend/mocks/mocks_helper.js                |  60 +++++++++
 spec/frontend/mocks/mocks_helper_spec.js           | 147 +++++++++++++++++++++
 spec/frontend/mocks/node/jquery.js                 |  13 ++
 spec/frontend/mocks_spec.js                        |  13 ++
 .../components/external_dashboard_spec.js          |   5 +-
 spec/frontend/test_setup.js                        |  16 +--
 yarn.lock                                          |  13 ++
 9 files changed, 269 insertions(+), 14 deletions(-)
 create mode 100644 spec/frontend/mocks/ce/lib/utils/axios_utils.js
 create mode 100644 spec/frontend/mocks/mocks_helper.js
 create mode 100644 spec/frontend/mocks/mocks_helper_spec.js
 create mode 100644 spec/frontend/mocks/node/jquery.js
 create mode 100644 spec/frontend/mocks_spec.js

diff --git a/package.json b/package.json
index 44aa850860e..4ba9a0d9a1b 100644
--- a/package.json
+++ b/package.json
@@ -191,6 +191,7 @@
     "pixelmatch": "^4.0.2",
     "postcss": "^7.0.14",
     "prettier": "1.18.2",
+    "readdir-enhanced": "^2.2.4",
     "stylelint": "^9.10.1",
     "stylelint-config-recommended": "^2.1.0",
     "stylelint-scss": "^3.5.4",
diff --git a/spec/frontend/mocks/ce/lib/utils/axios_utils.js b/spec/frontend/mocks/ce/lib/utils/axios_utils.js
new file mode 100644
index 00000000000..b4065626b09
--- /dev/null
+++ b/spec/frontend/mocks/ce/lib/utils/axios_utils.js
@@ -0,0 +1,15 @@
+const axios = jest.requireActual('~/lib/utils/axios_utils').default;
+
+axios.isMock = true;
+
+// Fail tests for unmocked requests
+axios.defaults.adapter = config => {
+  const message =
+    `Unexpected unmocked request: ${JSON.stringify(config, null, 2)}\n` +
+    'Consider using the `axios-mock-adapter` in tests.';
+  const error = new Error(message);
+  error.config = config;
+  throw error;
+};
+
+export default axios;
diff --git a/spec/frontend/mocks/mocks_helper.js b/spec/frontend/mocks/mocks_helper.js
new file mode 100644
index 00000000000..21c032cd3c9
--- /dev/null
+++ b/spec/frontend/mocks/mocks_helper.js
@@ -0,0 +1,60 @@
+/**
+ * @module
+ *
+ * This module implements auto-injected manual mocks that are cleaner than Jest's approach.
+ *
+ * See https://docs.gitlab.com/ee/development/testing_guide/frontend_testing.html
+ */
+
+import fs from 'fs';
+import path from 'path';
+
+import readdir from 'readdir-enhanced';
+
+const MAX_DEPTH = 20;
+const prefixMap = [
+  // E.g. the mock ce/foo/bar maps to require path ~/foo/bar
+  { mocksRoot: 'ce', requirePrefix: '~' },
+  // { mocksRoot: 'ee', requirePrefix: 'ee' }, // We'll deal with EE-specific mocks later
+  { mocksRoot: 'node', requirePrefix: '' },
+  // { mocksRoot: 'virtual', requirePrefix: '' }, // We'll deal with virtual mocks later
+];
+
+const mockFileFilter = stats => stats.isFile() && stats.path.endsWith('.js');
+
+const getMockFiles = root => readdir.sync(root, { deep: MAX_DEPTH, filter: mockFileFilter });
+
+// Function that performs setting a mock. This has to be overridden by the unit test, because
+// jest.setMock can't be overwritten across files.
+// Use require() because jest.setMock expects the CommonJS exports object
+const defaultSetMock = (srcPath, mockPath) =>
+  jest.mock(srcPath, () => jest.requireActual(mockPath));
+
+// eslint-disable-next-line import/prefer-default-export
+export const setupManualMocks = function setupManualMocks(setMock = defaultSetMock) {
+  prefixMap.forEach(({ mocksRoot, requirePrefix }) => {
+    const mocksRootAbsolute = path.join(__dirname, mocksRoot);
+    if (!fs.existsSync(mocksRootAbsolute)) {
+      return;
+    }
+
+    getMockFiles(path.join(__dirname, mocksRoot)).forEach(mockPath => {
+      const mockPathNoExt = mockPath.substring(0, mockPath.length - path.extname(mockPath).length);
+      const sourcePath = path.join(requirePrefix, mockPathNoExt);
+      const mockPathRelative = `./${path.join(mocksRoot, mockPathNoExt)}`;
+
+      try {
+        setMock(sourcePath, mockPathRelative);
+      } catch (e) {
+        if (e.message.includes('Could not locate module')) {
+          // The corresponding mocked module doesn't exist. Raise a better error.
+          // Eventualy, we may support virtual mocks (mocks whose path doesn't directly correspond
+          // to a module, like with the `ee_else_ce` prefix).
+          throw new Error(
+            `A manual mock was defined for module ${sourcePath}, but the module doesn't exist!`,
+          );
+        }
+      }
+    });
+  });
+};
diff --git a/spec/frontend/mocks/mocks_helper_spec.js b/spec/frontend/mocks/mocks_helper_spec.js
new file mode 100644
index 00000000000..34be110a7e3
--- /dev/null
+++ b/spec/frontend/mocks/mocks_helper_spec.js
@@ -0,0 +1,147 @@
+/* eslint-disable global-require, promise/catch-or-return */
+
+import path from 'path';
+
+import axios from '~/lib/utils/axios_utils';
+
+const absPath = path.join.bind(null, __dirname);
+
+jest.mock('fs');
+jest.mock('readdir-enhanced');
+
+describe('mocks_helper.js', () => {
+  let setupManualMocks;
+  const setMock = jest.fn().mockName('setMock');
+  let fs;
+  let readdir;
+
+  beforeAll(() => {
+    jest.resetModules();
+    jest.setMock = jest.fn().mockName('jest.setMock');
+    fs = require('fs');
+    readdir = require('readdir-enhanced');
+
+    // We need to provide setupManualMocks with a mock function that pretends to do the setup of
+    // the mock. This is because we can't mock jest.setMock across files.
+    setupManualMocks = () => require('./mocks_helper').setupManualMocks(setMock);
+  });
+
+  afterEach(() => {
+    fs.existsSync.mockReset();
+    readdir.sync.mockReset();
+    setMock.mockReset();
+  });
+
+  it('enumerates through mock file roots', () => {
+    setupManualMocks();
+    expect(fs.existsSync).toHaveBeenCalledTimes(2);
+    expect(fs.existsSync).toHaveBeenNthCalledWith(1, absPath('ce'));
+    expect(fs.existsSync).toHaveBeenNthCalledWith(2, absPath('node'));
+
+    expect(readdir.sync).toHaveBeenCalledTimes(0);
+  });
+
+  it("doesn't traverse the directory tree infinitely", () => {
+    fs.existsSync.mockReturnValue(true);
+    readdir.sync.mockReturnValue([]);
+    setupManualMocks();
+
+    readdir.mock.calls.forEach(call => {
+      expect(call[1].deep).toBeLessThan(100);
+    });
+  });
+
+  it('sets up mocks for CE (the ~/ prefix)', () => {
+    fs.existsSync.mockImplementation(root => root.endsWith('ce'));
+    readdir.sync.mockReturnValue(['root.js', 'lib/utils/util.js']);
+    setupManualMocks();
+
+    expect(readdir.sync).toHaveBeenCalledTimes(1);
+    expect(readdir.sync.mock.calls[0][0]).toBe(absPath('ce'));
+
+    expect(setMock).toHaveBeenCalledTimes(2);
+    expect(setMock).toHaveBeenNthCalledWith(1, '~/root', './ce/root');
+    expect(setMock).toHaveBeenNthCalledWith(2, '~/lib/utils/util', './ce/lib/utils/util');
+  });
+
+  it('sets up mocks for node_modules', () => {
+    fs.existsSync.mockImplementation(root => root.endsWith('node'));
+    readdir.sync.mockReturnValue(['jquery', '@babel/core']);
+    setupManualMocks();
+
+    expect(readdir.sync).toHaveBeenCalledTimes(1);
+    expect(readdir.sync.mock.calls[0][0]).toBe(absPath('node'));
+
+    expect(setMock).toHaveBeenCalledTimes(2);
+    expect(setMock).toHaveBeenNthCalledWith(1, 'jquery', './node/jquery');
+    expect(setMock).toHaveBeenNthCalledWith(2, '@babel/core', './node/@babel/core');
+  });
+
+  it('sets up mocks for all roots', () => {
+    const files = {
+      [absPath('ce')]: ['root', 'lib/utils/util'],
+      [absPath('node')]: ['jquery', '@babel/core'],
+    };
+
+    fs.existsSync.mockReturnValue(true);
+    readdir.sync.mockImplementation(root => files[root]);
+    setupManualMocks();
+
+    expect(readdir.sync).toHaveBeenCalledTimes(2);
+    expect(readdir.sync.mock.calls[0][0]).toBe(absPath('ce'));
+    expect(readdir.sync.mock.calls[1][0]).toBe(absPath('node'));
+
+    expect(setMock).toHaveBeenCalledTimes(4);
+    expect(setMock).toHaveBeenNthCalledWith(1, '~/root', './ce/root');
+    expect(setMock).toHaveBeenNthCalledWith(2, '~/lib/utils/util', './ce/lib/utils/util');
+    expect(setMock).toHaveBeenNthCalledWith(3, 'jquery', './node/jquery');
+    expect(setMock).toHaveBeenNthCalledWith(4, '@babel/core', './node/@babel/core');
+  });
+
+  it('fails when given a virtual mock', () => {
+    fs.existsSync.mockImplementation(p => p.endsWith('ce'));
+    readdir.sync.mockReturnValue(['virtual', 'shouldntBeImported']);
+    setMock.mockImplementation(() => {
+      throw new Error('Could not locate module');
+    });
+
+    expect(setupManualMocks).toThrow(
+      new Error("A manual mock was defined for module ~/virtual, but the module doesn't exist!"),
+    );
+
+    expect(readdir.sync).toHaveBeenCalledTimes(1);
+    expect(readdir.sync.mock.calls[0][0]).toBe(absPath('ce'));
+  });
+
+  describe('auto-injection', () => {
+    it('handles ambiguous paths', () => {
+      jest.isolateModules(() => {
+        const axios2 = require('../../../app/assets/javascripts/lib/utils/axios_utils').default;
+        expect(axios2.isMock).toBe(true);
+      });
+    });
+
+    it('survives jest.isolateModules()', done => {
+      jest.isolateModules(() => {
+        const axios2 = require('~/lib/utils/axios_utils').default;
+        expect(axios2.get('http://gitlab.com'))
+          .rejects.toThrow('Unexpected unmocked request')
+          .then(done);
+      });
+    });
+
+    it('can be unmocked and remocked', () => {
+      jest.dontMock('~/lib/utils/axios_utils');
+      jest.resetModules();
+      const axios2 = require('~/lib/utils/axios_utils').default;
+      expect(axios2).not.toBe(axios);
+      expect(axios2.isMock).toBeUndefined();
+
+      jest.doMock('~/lib/utils/axios_utils');
+      jest.resetModules();
+      const axios3 = require('~/lib/utils/axios_utils').default;
+      expect(axios3).not.toBe(axios2);
+      expect(axios3.isMock).toBe(true);
+    });
+  });
+});
diff --git a/spec/frontend/mocks/node/jquery.js b/spec/frontend/mocks/node/jquery.js
new file mode 100644
index 00000000000..34a25772f67
--- /dev/null
+++ b/spec/frontend/mocks/node/jquery.js
@@ -0,0 +1,13 @@
+/* eslint-disable import/no-commonjs */
+
+const $ = jest.requireActual('jquery');
+
+// Fail tests for unmocked requests
+$.ajax = () => {
+  throw new Error(
+    'Unexpected unmocked jQuery.ajax() call! Make sure to mock jQuery.ajax() in tests.',
+  );
+};
+
+// jquery is not an ES6 module
+module.exports = $;
diff --git a/spec/frontend/mocks_spec.js b/spec/frontend/mocks_spec.js
new file mode 100644
index 00000000000..2d2324120fd
--- /dev/null
+++ b/spec/frontend/mocks_spec.js
@@ -0,0 +1,13 @@
+import $ from 'jquery';
+import axios from '~/lib/utils/axios_utils';
+
+describe('Mock auto-injection', () => {
+  describe('mocks', () => {
+    it('~/lib/utils/axios_utils', () =>
+      expect(axios.get('http://gitlab.com')).rejects.toThrow('Unexpected unmocked request'));
+
+    it('jQuery.ajax()', () => {
+      expect($.ajax).toThrow('Unexpected unmocked');
+    });
+  });
+});
diff --git a/spec/frontend/operation_settings/components/external_dashboard_spec.js b/spec/frontend/operation_settings/components/external_dashboard_spec.js
index a881de8fbfe..39d7c19e731 100644
--- a/spec/frontend/operation_settings/components/external_dashboard_spec.js
+++ b/spec/frontend/operation_settings/components/external_dashboard_spec.js
@@ -7,7 +7,6 @@ import { refreshCurrentPage } from '~/lib/utils/url_utility';
 import createFlash from '~/flash';
 import { TEST_HOST } from 'helpers/test_constants';
 
-jest.mock('~/lib/utils/axios_utils');
 jest.mock('~/lib/utils/url_utility');
 jest.mock('~/flash');
 
@@ -32,6 +31,10 @@ describe('operation settings external dashboard component', () => {
     wrapper = shallow ? shallowMount(...config) : mount(...config);
   };
 
+  beforeEach(() => {
+    jest.spyOn(axios, 'patch').mockImplementation();
+  });
+
   afterEach(() => {
     if (wrapper.destroy) {
       wrapper.destroy();
diff --git a/spec/frontend/test_setup.js b/spec/frontend/test_setup.js
index 15cf18700ed..634c78ec029 100644
--- a/spec/frontend/test_setup.js
+++ b/spec/frontend/test_setup.js
@@ -2,10 +2,10 @@ import Vue from 'vue';
 import * as jqueryMatchers from 'custom-jquery-matchers';
 import $ from 'jquery';
 import Translate from '~/vue_shared/translate';
-import axios from '~/lib/utils/axios_utils';
 import { config as testUtilsConfig } from '@vue/test-utils';
 import { initializeTestTimeout } from './helpers/timeout';
 import { loadHTMLFixture, setHTMLFixture } from './helpers/fixtures';
+import { setupManualMocks } from './mocks/mocks_helper';
 
 // Expose jQuery so specs using jQuery plugins can be imported nicely.
 // Here is an issue to explore better alternatives:
@@ -14,6 +14,8 @@ window.jQuery = $;
 
 process.on('unhandledRejection', global.promiseRejectionHandler);
 
+setupManualMocks();
+
 afterEach(() =>
   // give Promises a bit more time so they fail the right test
   new Promise(setImmediate).then(() => {
@@ -24,18 +26,6 @@ afterEach(() =>
 
 initializeTestTimeout(process.env.CI ? 5000 : 500);
 
-// fail tests for unmocked requests
-beforeEach(done => {
-  axios.defaults.adapter = config => {
-    const error = new Error(`Unexpected unmocked request: ${JSON.stringify(config, null, 2)}`);
-    error.config = config;
-    done.fail(error);
-    return Promise.reject(error);
-  };
-
-  done();
-});
-
 Vue.config.devtools = false;
 Vue.config.productionTip = false;
 
diff --git a/yarn.lock b/yarn.lock
index eaa029281d6..a0fbdfd4541 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -4919,6 +4919,11 @@ glob-to-regexp@^0.3.0:
   resolved "https://registry.yarnpkg.com/glob-to-regexp/-/glob-to-regexp-0.3.0.tgz#8c5a1494d2066c570cc3bfe4496175acc4d502ab"
   integrity sha1-jFoUlNIGbFcMw7/kSWF1rMTVAqs=
 
+glob-to-regexp@^0.4.0:
+  version "0.4.1"
+  resolved "https://registry.yarnpkg.com/glob-to-regexp/-/glob-to-regexp-0.4.1.tgz#c75297087c851b9a578bd217dd59a92f59fe546e"
+  integrity sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw==
+
 "glob@5 - 7", glob@^7.0.0, glob@^7.0.3, glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@~7.1.1:
   version "7.1.4"
   resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.4.tgz#aa608a2f6c577ad357e1ae5a5c26d9a8d1969255"
@@ -9099,6 +9104,14 @@ readable-stream@~2.0.6:
     string_decoder "~0.10.x"
     util-deprecate "~1.0.1"
 
+readdir-enhanced@^2.2.4:
+  version "2.2.4"
+  resolved "https://registry.yarnpkg.com/readdir-enhanced/-/readdir-enhanced-2.2.4.tgz#773fb8a8de5f645fb13d9403746d490d4facb3e6"
+  integrity sha512-JQD83C9gAs5B5j2j40qLn/K83HhR8po3bUonebNeuJQUZbbn7q1HxL9kQuPBtxoXkaUpbtEmpFBw5kzyYnnJDA==
+  dependencies:
+    call-me-maybe "^1.0.1"
+    glob-to-regexp "^0.4.0"
+
 readdirp@^2.0.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-2.1.0.tgz#4ed0ad060df3073300c48440373f72d1cc642d78"
-- 
cgit v1.2.1


From a7e16ee20893bbc7f31fb0eb3cdd3018ace9acda Mon Sep 17 00:00:00 2001
From: Dan Davison <ddavison@gitlab.com>
Date: Wed, 17 Jul 2019 19:30:00 +0000
Subject: Add documentation surrounding [data-qa-selector]

Documentation was lacking for the [data-qa-selector]
method of defining methods vs .qa-selector method.
---
 .../testing_guide/end_to_end/page_objects.md       | 38 +++++++++++++++++-----
 .../testing_guide/end_to_end/quick_start_guide.md  | 33 +++++++++----------
 2 files changed, 45 insertions(+), 26 deletions(-)

diff --git a/doc/development/testing_guide/end_to_end/page_objects.md b/doc/development/testing_guide/end_to_end/page_objects.md
index 05cb03eb4bd..29ad49403fe 100644
--- a/doc/development/testing_guide/end_to_end/page_objects.md
+++ b/doc/development/testing_guide/end_to_end/page_objects.md
@@ -92,20 +92,25 @@ end
 The `view` DSL method will correspond to the rails View, partial, or vue component that renders the elements.
 
 The `element` DSL method in turn declares an element for which a corresponding
-`qa-element-name-dasherized` CSS class will need to be added to the view file.
+`data-qa-selector=element_name_snaked` data attribute will need to be added to the view file.
 
 You can also define a value (String or Regexp) to match to the actual view
 code but **this is deprecated** in favor of the above method for two reasons:
 
 - Consistency: there is only one way to define an element
-- Separation of concerns: QA uses dedicated CSS classes instead of reusing code
+- Separation of concerns: QA uses dedicated `data-qa-*` attributes instead of reusing code
   or classes used by other components (e.g. `js-*` classes etc.)
 
 ```ruby
 view 'app/views/my/view.html.haml' do
-  # Implicitly require `.qa-logout-button` CSS class to be present in the view
+
+  ### Good ###
+ 
+  # Implicitly require the CSS selector `[data-qa-selector="logout_button"]` to be present in the view
   element :logout_button
 
+  ### Bad ###
+
   ## This is deprecated and forbidden by the `QA/ElementWithPattern` RuboCop cop.
   # Require `f.submit "Sign in"` to be present in `my/view.html.haml
   element :my_button, 'f.submit "Sign in"' # rubocop:disable QA/ElementWithPattern
@@ -129,24 +134,39 @@ view 'app/views/my/view.html.haml' do
 end
 ```
 
-To add these elements to the view, you must change the rails View, partial, or vue component by adding a `qa-element-descriptor` class
+To add these elements to the view, you must change the rails View, partial, or vue component by adding a `data-qa-selector` attribute
 for each element defined.
 
-In our case, `qa-login-field`, `qa-password-field` and `qa-sign-in-button`
+In our case, `data-qa-selector="login_field"`, `data-qa-selector="password_field"` and `data-qa-selector="sign_in_button"`
 
 **app/views/my/view.html.haml**
 
 ```haml
-= f.text_field :login, class: "form-control top qa-login-field", autofocus: "autofocus", autocapitalize: "off", autocorrect: "off", required: true, title: "This field is required."
-= f.password_field :password, class: "form-control bottom qa-password-field", required: true, title: "This field is required."
-= f.submit "Sign in", class: "btn btn-success qa-sign-in-button"
+= f.text_field :login, class: "form-control top", autofocus: "autofocus", autocapitalize: "off", autocorrect: "off", required: true, title: "This field is required.", data: { qa_selector: 'login_field' }
+= f.password_field :password, class: "form-control bottom", required: true, title: "This field is required.", data: { qa_selector: 'password_field' }
+= f.submit "Sign in", class: "btn btn-success", data: { qa_selector: 'sign_in_button' }
 ```
 
 Things to note:
 
-- The CSS class must be `kebab-cased` (separated with hyphens "`-`")
+- The name of the element and the qa_selector must match and be snake_cased
 - If the element appears on the page unconditionally, add `required: true` to the element. See
   [Dynamic element validation](dynamic_element_validation.md)
+- You may see `.qa-selector` classes in existing Page Objects.  We should prefer the [`data-qa-selector`](#data-qa-selector-vs-qa-selector) 
+  method of definition over the `.qa-selector` CSS class
+
+
+### `data-qa-selector` vs `.qa-selector`
+
+> Introduced in GitLab 12.1
+
+There are two supported methods of defining elements within a view.
+
+1. `data-qa-selector` attribute
+1. `.qa-selector` class
+
+Any existing `.qa-selector` class should be considered deprecated
+and we should prefer the `data-qa-selector` method of definition.
 
 ## Running the test locally
 
diff --git a/doc/development/testing_guide/end_to_end/quick_start_guide.md b/doc/development/testing_guide/end_to_end/quick_start_guide.md
index efcfd44bc22..3bbf8feab39 100644
--- a/doc/development/testing_guide/end_to_end/quick_start_guide.md
+++ b/doc/development/testing_guide/end_to_end/quick_start_guide.md
@@ -101,7 +101,7 @@ it 'replaces an existing label if it has the same key' do
   page.find('#content-body').click
   page.refresh
 
-  labels_block = page.find('.qa-labels-block')
+  labels_block = page.find(%q([data-qa-selector="labels_block"]))
 
   expect(labels_block).to have_content('animal::dolphin')
   expect(labels_block).not_to have_content('animal::fox')
@@ -130,7 +130,7 @@ it 'keeps both scoped labels when adding a label with a different key' do
   page.find('#content-body').click
   page.refresh
 
-  labels_block = page.find('.qa-labels-block')
+  labels_block = page.find(%q([data-qa-selector="labels_block"]))
 
   expect(labels_block).to have_content('animal::fox')
   expect(labels_block).to have_content('plant::orchid')
@@ -139,7 +139,7 @@ it 'keeps both scoped labels when adding a label with a different key' do
 end
 ```
 
-> Note that elements are always located using CSS selectors, and a good practice is to add test-specific selectors (this is called adding testability to the application and we will talk more about it later.) For example, the `labels_block` element uses the selector `.qa-labels-block`, which was added specifically for testing purposes.
+> Note that elements are always located using CSS selectors, and a good practice is to add test-specific selectors (this is called "testability"). For example, the `labels_block` element uses the CSS selector [`data-qa-selector="labels_block"`](page_objects.md#data-qa-selector-vs-qa-selector), which was added specifically for testing purposes.
 
 Below are the steps that the test covers:
 
@@ -168,7 +168,7 @@ end
 it 'replaces an existing label if it has the same key' do
   select_label_and_refresh @new_label_same_scope
 
-  labels_block = page.find('.qa-labels-block')
+  labels_block = page.find(%q([data-qa-selector="labels_block"]))
 
   expect(labels_block).to have_content(@new_label_same_scope)
   expect(labels_block).not_to have_content(@initial_label)
@@ -179,7 +179,7 @@ end
 it 'keeps both scoped label when adding a label with a different key' do
   select_label_and_refresh @new_label_different_scope
 
-  labels_block = page.find('.qa-labels-block')
+  labels_block = page.find(%q([data-qa-selector="labels_block"]))
 
   expect(labels_blocks).to have_content(@new_label_different_scope)
   expect(labels_blocks).to have_content(@initial_label)
@@ -305,7 +305,7 @@ module QA
         it 'correctly applies scoped labels depending on if they are from the same or a different scope' do
           select_labels_and_refresh [@new_label_same_scope, @new_label_different_scope]
 
-          labels_block = page.all('.qa-labels-block')
+          labels_block = page.all(%q([data-qa-selector="labels_block"]))
 
           expect(labels_block).to have_content(@new_label_same_scope)
           expect(labels_block).to have_content(@new_label_different_scope)
@@ -552,37 +552,36 @@ The `text_of_labels_block` method is a simple method that returns the `:labels_b
 
 #### Updates in the view (*.html.haml) and `dropdowns_helper.rb` files
 
-Now let's change the view and the `dropdowns_helper` files to add the selectors that relate to the Page Object.
+Now let's change the view and the `dropdowns_helper` files to add the selectors that relate to the [Page Objects].
 
-In the [app/views/shared/issuable/_sidebar.html.haml](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/app/views/shared/issuable/_sidebar.html.haml) file, on [line 105 ](https://gitlab.com/gitlab-org/gitlab-ee/blob/84043fa72ca7f83ae9cde48ad670e6d5d16501a3/app/views/shared/issuable/_sidebar.html.haml#L105), add an extra class `qa-edit-link-labels`.
+In  [`app/views/shared/issuable/_sidebar.html.haml:105`](https://gitlab.com/gitlab-org/gitlab-ee/blob/7ca12defc7a965987b162a6ebef302f95dc8867f/app/views/shared/issuable/_sidebar.html.haml#L105), add a `data: { qa_selector: 'edit_link_labels' }` data attribute.
 
 The code should look like this:
 
 ```haml
-= link_to _('Edit'), '#', class: 'js-sidebar-dropdown-toggle edit-link float-right qa-edit-link-labels'
+= link_to _('Edit'), '#', class: 'js-sidebar-dropdown-toggle edit-link float-right', data: { qa_selector: 'edit_link_labels' }
 ```
 
-In the same file, on [line 121](https://gitlab.com/gitlab-org/gitlab-ee/blob/84043fa72ca7f83ae9cde48ad670e6d5d16501a3/app/views/shared/issuable/_sidebar.html.haml#L121), add an extra class `.qa-dropdown-menu-labels`.
+In the same file, on [line 121](https://gitlab.com/gitlab-org/gitlab-ee/blob/7ca12defc7a965987b162a6ebef302f95dc8867f/app/views/shared/issuable/_sidebar.html.haml#L121), add a `data: { qa_selector: 'dropdown_menu_labels' }` data attribute.
 
 The code should look like this:
 
 ```haml
-.dropdown-menu.dropdown-select.dropdown-menu-paging.dropdown-menu-labels.dropdown-menu-selectable.qa-dropdown-menu-labels
+.dropdown-menu.dropdown-select.dropdown-menu-paging.dropdown-menu-labels.dropdown-menu-selectable.dropdown-extended-height{ data: { qa_selector: 'dropdown_menu_labels' } }
 ```
 
-In the [`dropdowns_helper.rb`](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/app/helpers/dropdowns_helper.rb) file, on [line 94](https://gitlab.com/gitlab-org/gitlab-ee/blob/99e51a374f2c20bee0989cac802e4b5621f72714/app/helpers/dropdowns_helper.rb#L94), add an extra class `qa-dropdown-input-field`.
+In [`app/helpers/dropdowns_helper.rb:94`](https://gitlab.com/gitlab-org/gitlab-ee/blob/7ca12defc7a965987b162a6ebef302f95dc8867f/app/helpers/dropdowns_helper.rb#L94), add a `data: { qa_selector: 'dropdown_input_field' }` data attribute.
 
 The code should look like this:
 
 ```ruby
-filter_output = search_field_tag search_id, nil, class: "dropdown-input-field qa-dropdown-input-field", placeholder: placeholder, autocomplete: 'off'
+filter_output = search_field_tag search_id, nil, class: "dropdown-input-field", placeholder: placeholder, autocomplete: 'off', data: { qa_selector: 'dropdown_input_field' }
 ```
 
-> Classes starting with `qa-` are used for testing purposes only, and by defining such classes in the elements we add **testability** in the application.
+> `data-qa-*` data attributes and CSS classes starting with `qa-` are used solely for the purpose of QA and testing.
+> By defining these, we add **testability** to the application.
 
-> When defining a class like `qa-labels-block`, it is transformed into `:labels_block` for usage in the Page Objects. So, `qa-edit-link-labels` is transformed into `:edit_link_labels`, `qa-dropdown-menu-labels` is transformed into `:dropdown_menu_labels`, and `qa-dropdown-input-field` is transformed into `:dropdown_input_field`. Also, we use a [sanity test](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/qa/qa/page#how-did-we-solve-fragile-tests-problem) to check that defined elements have their respective `qa-` selectors in the specified views.
-
-> We did not define the `qa-labels-block` class in the `app/views/shared/issuable/_sidebar.html.haml` file because it was already there to be used.
+> When defining a data attribute like: `qa_selector: 'labels_block'`, it should match the element definition: `element :labels_block`. We use a [sanity test](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/qa/qa/page#how-did-we-solve-fragile-tests-problem) to check that defined elements have their respective selectors in the specified views.
 
 #### Updates in the `QA::Page::Base` class
 
-- 
cgit v1.2.1


From 0e62440722b14db14f54498d1fb3c389cbfe367f Mon Sep 17 00:00:00 2001
From: Vladimir Shushlin <vshushlin@gitlab.com>
Date: Wed, 17 Jul 2019 19:52:03 +0000
Subject: Fix factory default for pages_access_level

Pages access level currently depends on project visibilty
which is ignored by factory, this commit fixes that
---
 spec/factories/projects.rb                    | 4 +++-
 spec/services/projects/update_service_spec.rb | 4 ++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/spec/factories/projects.rb b/spec/factories/projects.rb
index 7d7738a30c8..0e8810b73a1 100644
--- a/spec/factories/projects.rb
+++ b/spec/factories/projects.rb
@@ -25,7 +25,9 @@ FactoryBot.define do
       issues_access_level ProjectFeature::ENABLED
       merge_requests_access_level ProjectFeature::ENABLED
       repository_access_level ProjectFeature::ENABLED
-      pages_access_level ProjectFeature::ENABLED
+      pages_access_level do
+        visibility_level == Gitlab::VisibilityLevel::PUBLIC ? ProjectFeature::ENABLED : ProjectFeature::PRIVATE
+      end
 
       # we can't assign the delegated `#ci_cd_settings` attributes directly, as the
       # `#ci_cd_settings` relation needs to be created first
diff --git a/spec/services/projects/update_service_spec.rb b/spec/services/projects/update_service_spec.rb
index 1dcfb739eb6..6bbaa410d56 100644
--- a/spec/services/projects/update_service_spec.rb
+++ b/spec/services/projects/update_service_spec.rb
@@ -347,13 +347,13 @@ describe Projects::UpdateService do
 
     context 'when updating #pages_access_level' do
       subject(:call_service) do
-        update_project(project, admin, project_feature_attributes: { pages_access_level: ProjectFeature::PRIVATE })
+        update_project(project, admin, project_feature_attributes: { pages_access_level: ProjectFeature::ENABLED })
       end
 
       it 'updates the attribute' do
         expect { call_service }
           .to change { project.project_feature.pages_access_level }
-          .to(ProjectFeature::PRIVATE)
+          .to(ProjectFeature::ENABLED)
       end
 
       it 'calls Projects::UpdatePagesConfigurationService' do
-- 
cgit v1.2.1


From 67b0c419be85639f246154c96f131a2c1b0622c5 Mon Sep 17 00:00:00 2001
From: Krasimir Angelov <kangelov@gitlab.com>
Date: Wed, 17 Jul 2019 20:08:58 +0000
Subject: Add tests for when deploy token usernames are not unique

Ensure correct behaviour when deploy tokens have the same username or
deploy token and user have the same username.
---
 spec/lib/gitlab/auth_spec.rb | 64 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)

diff --git a/spec/lib/gitlab/auth_spec.rb b/spec/lib/gitlab/auth_spec.rb
index d9c73cff01e..0403830f700 100644
--- a/spec/lib/gitlab/auth_spec.rb
+++ b/spec/lib/gitlab/auth_spec.rb
@@ -297,6 +297,70 @@ describe Gitlab::Auth do
       let(:project) { create(:project) }
       let(:auth_failure) { Gitlab::Auth::Result.new(nil, nil) }
 
+      context 'when deploy token and user have the same username' do
+        let(:username) { 'normal_user' }
+        let(:user) { create(:user, username: username, password: 'my-secret') }
+        let(:deploy_token) { create(:deploy_token, username: username, read_registry: false, projects: [project]) }
+
+        before do
+          expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: username)
+        end
+
+        it 'succeeds for the token' do
+          auth_success = Gitlab::Auth::Result.new(deploy_token, project, :deploy_token, [:download_code])
+
+          expect(gl_auth.find_for_git_client(username, deploy_token.token, project: project, ip: 'ip'))
+            .to eq(auth_success)
+        end
+
+        it 'succeeds for the user' do
+          auth_success = Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities)
+
+          expect(gl_auth.find_for_git_client(username, 'my-secret', project: project, ip: 'ip'))
+            .to eq(auth_success)
+        end
+      end
+
+      context 'when deploy tokens have the same username' do
+        context 'and belong to the same project' do
+          let!(:read_registry) { create(:deploy_token, username: 'deployer', read_repository: false, projects: [project]) }
+          let!(:read_repository) { create(:deploy_token, username: read_registry.username, read_registry: false, projects: [project]) }
+
+          it 'succeeds for the right token' do
+            auth_success = Gitlab::Auth::Result.new(read_repository, project, :deploy_token, [:download_code])
+
+            expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: 'deployer')
+            expect(gl_auth.find_for_git_client('deployer', read_repository.token, project: project, ip: 'ip'))
+              .to eq(auth_success)
+          end
+
+          it 'fails for the wrong token' do
+            expect(gl_auth).to receive(:rate_limit!).with('ip', success: false, login: 'deployer')
+            expect(gl_auth.find_for_git_client('deployer', read_registry.token, project: project, ip: 'ip'))
+              .to eq(auth_failure)
+          end
+        end
+
+        context 'and belong to different projects' do
+          let!(:read_registry) { create(:deploy_token, username: 'deployer', read_repository: false, projects: [create(:project)]) }
+          let!(:read_repository) { create(:deploy_token, username: read_registry.username, read_registry: false, projects: [project]) }
+
+          it 'succeeds for the right token' do
+            auth_success = Gitlab::Auth::Result.new(read_repository, project, :deploy_token, [:download_code])
+
+            expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: 'deployer')
+            expect(gl_auth.find_for_git_client('deployer', read_repository.token, project: project, ip: 'ip'))
+              .to eq(auth_success)
+          end
+
+          it 'fails for the wrong token' do
+            expect(gl_auth).to receive(:rate_limit!).with('ip', success: false, login: 'deployer')
+            expect(gl_auth.find_for_git_client('deployer', read_registry.token, project: project, ip: 'ip'))
+              .to eq(auth_failure)
+          end
+        end
+      end
+
       context 'when the deploy token has read_repository as scope' do
         let(:deploy_token) { create(:deploy_token, read_registry: false, projects: [project]) }
         let(:login) { deploy_token.username }
-- 
cgit v1.2.1


From ac0bc49b568406fb5a0e4a40230902795eb419e3 Mon Sep 17 00:00:00 2001
From: Matt Nguyen <mnguyen@gitlab.com>
Date: Wed, 17 Jul 2019 20:13:54 +0000
Subject: Update note section with CTA to whitepaper

---
 doc/user/application_security/dast/index.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md
index a0a917c5ebd..7bf3888f45e 100644
--- a/doc/user/application_security/dast/index.md
+++ b/doc/user/application_security/dast/index.md
@@ -3,6 +3,11 @@
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/4348)
 in [GitLab Ultimate](https://about.gitlab.com/pricing/) 10.4.
 
+NOTE: **4 of the top 6 attacks were application based.**
+Download our whitepaper,
+["A Seismic Shift in Application Security"](https://about.gitlab.com/resources/whitepaper-seismic-shift-application-security/)
+to learn how to protect your organization.
+
 Running [static checks](../sast/index.md) on your code is the first step to detect
 vulnerabilities that can put the security of your code at risk. Yet, once
 deployed, your application is exposed to a new category of possible attacks,
-- 
cgit v1.2.1


From 1810feae966e0074b7156148eb40587766a7ec32 Mon Sep 17 00:00:00 2001
From: Samantha Ming <sming@gitlab.com>
Date: Mon, 15 Jul 2019 14:46:06 -0700
Subject: Remove duplicate buttons

---
 .../notes/components/discussion_actions.vue        | 25 ++++++++++------------
 .../unreleased/64160-fix-duplicate-buttons.yml     |  5 +++++
 ...lves_diff_notes_and_discussions_resolve_spec.rb |  6 +++---
 3 files changed, 19 insertions(+), 17 deletions(-)
 create mode 100644 changelogs/unreleased/64160-fix-duplicate-buttons.yml

diff --git a/app/assets/javascripts/notes/components/discussion_actions.vue b/app/assets/javascripts/notes/components/discussion_actions.vue
index f4570c1292c..7aa8580d794 100644
--- a/app/assets/javascripts/notes/components/discussion_actions.vue
+++ b/app/assets/javascripts/notes/components/discussion_actions.vue
@@ -39,30 +39,27 @@ export default {
 </script>
 
 <template>
-  <div class="discussion-with-resolve-btn">
+  <div class="discussion-with-resolve-btn clearfix">
     <reply-placeholder
       :button-text="s__('MergeRequests|Reply...')"
       class="qa-discussion-reply"
       @onClick="$emit('showReplyForm')"
     />
-    <resolve-discussion-button
-      v-if="discussion.resolvable"
-      :is-resolving="isResolving"
-      :button-title="resolveButtonTitle"
-      @onClick="$emit('resolve')"
-    />
-    <div v-if="discussion.resolvable" class="btn-group discussion-actions ml-sm-2" role="group">
-      <resolve-with-issue-button v-if="resolveWithIssuePath" :url="resolveWithIssuePath" />
-      <jump-to-next-discussion-button
-        v-if="shouldShowJumpToNextDiscussion"
-        @onClick="$emit('jumpToNextDiscussion')"
-      />
+
+    <div class="btn-group discussion-actions" role="group">
+      <div class="btn-group">
+        <resolve-discussion-button
+          v-if="discussion.resolvable"
+          :is-resolving="isResolving"
+          :button-title="resolveButtonTitle"
+          @onClick="$emit('resolve')"
+        />
+      </div>
       <resolve-with-issue-button
         v-if="discussion.resolvable && resolveWithIssuePath"
         :url="resolveWithIssuePath"
       />
     </div>
-
     <div
       v-if="discussion.resolvable && shouldShowJumpToNextDiscussion"
       class="btn-group discussion-actions ml-sm-2"
diff --git a/changelogs/unreleased/64160-fix-duplicate-buttons.yml b/changelogs/unreleased/64160-fix-duplicate-buttons.yml
new file mode 100644
index 00000000000..12416a611ed
--- /dev/null
+++ b/changelogs/unreleased/64160-fix-duplicate-buttons.yml
@@ -0,0 +1,5 @@
+---
+title: Remove duplicate buttons in diff discussion
+merge_request: 30757
+author:
+type: fixed
diff --git a/spec/features/merge_request/user_resolves_diff_notes_and_discussions_resolve_spec.rb b/spec/features/merge_request/user_resolves_diff_notes_and_discussions_resolve_spec.rb
index 10fe60cb075..3e72b2ce71f 100644
--- a/spec/features/merge_request/user_resolves_diff_notes_and_discussions_resolve_spec.rb
+++ b/spec/features/merge_request/user_resolves_diff_notes_and_discussions_resolve_spec.rb
@@ -362,14 +362,14 @@ describe 'Merge request > User resolves diff notes and threads', :js do
         end
       end
 
-      it 'shows jump to next thread button except on last thread' do
+      it 'shows jump to next discussion button on all discussions' do
         wait_for_requests
 
         all_discussion_replies = page.all('.discussion-reply-holder')
 
         expect(all_discussion_replies.count).to eq(2)
-        expect(all_discussion_replies.first.all('.discussion-next-btn').count).to eq(2)
-        expect(all_discussion_replies.last.all('.discussion-next-btn').count).to eq(2)
+        expect(all_discussion_replies.first.all('.discussion-next-btn').count).to eq(1)
+        expect(all_discussion_replies.last.all('.discussion-next-btn').count).to eq(1)
       end
 
       it 'displays next thread even if hidden' do
-- 
cgit v1.2.1


From 7e87990ecd8d1c1ac0a7a32661552a44c95b89d0 Mon Sep 17 00:00:00 2001
From: Winnie Hellmann <winnie@gitlab.com>
Date: Wed, 17 Jul 2019 20:42:33 +0000
Subject: Move boards switcher partial

(cherry picked from commit a82e4d57a6fbba840a8a944e372b80866a1e48cc)
---
 .../javascripts/boards/components/board_form.vue   | 216 +++++++++++++
 .../boards/components/boards_selector.vue          | 334 +++++++++++++++++++++
 app/assets/javascripts/boards/index.js             |   2 +-
 .../boards/mount_multiple_boards_switcher.js       |  37 ++-
 app/views/shared/boards/_switcher.html.haml        |  16 +
 app/views/shared/issuable/_search_bar.html.haml    |   2 +-
 .../unreleased/winh-multiple-issueboards-core.yml  |   5 +
 locale/gitlab.pot                                  |  18 ++
 .../boards/components/board_form_spec.js           |  56 ++++
 .../boards/components/boards_selector_spec.js      | 205 +++++++++++++
 10 files changed, 887 insertions(+), 4 deletions(-)
 create mode 100644 app/assets/javascripts/boards/components/board_form.vue
 create mode 100644 app/assets/javascripts/boards/components/boards_selector.vue
 create mode 100644 app/views/shared/boards/_switcher.html.haml
 create mode 100644 changelogs/unreleased/winh-multiple-issueboards-core.yml
 create mode 100644 spec/javascripts/boards/components/board_form_spec.js
 create mode 100644 spec/javascripts/boards/components/boards_selector_spec.js

diff --git a/app/assets/javascripts/boards/components/board_form.vue b/app/assets/javascripts/boards/components/board_form.vue
new file mode 100644
index 00000000000..6754abf4019
--- /dev/null
+++ b/app/assets/javascripts/boards/components/board_form.vue
@@ -0,0 +1,216 @@
+<script>
+import Flash from '~/flash';
+import DeprecatedModal from '~/vue_shared/components/deprecated_modal.vue';
+import { visitUrl } from '~/lib/utils/url_utility';
+import boardsStore from '~/boards/stores/boards_store';
+
+const boardDefaults = {
+  id: false,
+  name: '',
+  labels: [],
+  milestone_id: undefined,
+  assignee: {},
+  assignee_id: undefined,
+  weight: null,
+};
+
+export default {
+  components: {
+    BoardScope: () => import('ee_component/boards/components/board_scope.vue'),
+    DeprecatedModal,
+  },
+  props: {
+    canAdminBoard: {
+      type: Boolean,
+      required: true,
+    },
+    milestonePath: {
+      type: String,
+      required: true,
+    },
+    labelsPath: {
+      type: String,
+      required: true,
+    },
+    scopedIssueBoardFeatureEnabled: {
+      type: Boolean,
+      required: false,
+      default: false,
+    },
+    projectId: {
+      type: Number,
+      required: false,
+      default: 0,
+    },
+    groupId: {
+      type: Number,
+      required: false,
+      default: 0,
+    },
+    weights: {
+      type: Array,
+      required: false,
+      default: () => [],
+    },
+    enableScopedLabels: {
+      type: Boolean,
+      required: false,
+      default: false,
+    },
+    scopedLabelsDocumentationLink: {
+      type: String,
+      required: false,
+      default: '#',
+    },
+  },
+  data() {
+    return {
+      board: { ...boardDefaults, ...this.currentBoard },
+      currentBoard: boardsStore.state.currentBoard,
+      currentPage: boardsStore.state.currentPage,
+      isLoading: false,
+    };
+  },
+  computed: {
+    isNewForm() {
+      return this.currentPage === 'new';
+    },
+    isDeleteForm() {
+      return this.currentPage === 'delete';
+    },
+    isEditForm() {
+      return this.currentPage === 'edit';
+    },
+    isVisible() {
+      return this.currentPage !== '';
+    },
+    buttonText() {
+      if (this.isNewForm) {
+        return 'Create board';
+      }
+      if (this.isDeleteForm) {
+        return 'Delete';
+      }
+      return 'Save changes';
+    },
+    buttonKind() {
+      if (this.isNewForm) {
+        return 'success';
+      }
+      if (this.isDeleteForm) {
+        return 'danger';
+      }
+      return 'info';
+    },
+    title() {
+      if (this.isNewForm) {
+        return 'Create new board';
+      }
+      if (this.isDeleteForm) {
+        return 'Delete board';
+      }
+      if (this.readonly) {
+        return 'Board scope';
+      }
+      return 'Edit board';
+    },
+    readonly() {
+      return !this.canAdminBoard;
+    },
+    submitDisabled() {
+      return this.isLoading || this.board.name.length === 0;
+    },
+  },
+  mounted() {
+    this.resetFormState();
+    if (this.$refs.name) {
+      this.$refs.name.focus();
+    }
+  },
+  methods: {
+    submit() {
+      if (this.board.name.length === 0) return;
+      this.isLoading = true;
+      if (this.isDeleteForm) {
+        gl.boardService
+          .deleteBoard(this.currentBoard)
+          .then(() => {
+            visitUrl(boardsStore.rootPath);
+          })
+          .catch(() => {
+            Flash('Failed to delete board. Please try again.');
+            this.isLoading = false;
+          });
+      } else {
+        gl.boardService
+          .createBoard(this.board)
+          .then(resp => resp.data)
+          .then(data => {
+            visitUrl(data.board_path);
+          })
+          .catch(() => {
+            Flash('Unable to save your changes. Please try again.');
+            this.isLoading = false;
+          });
+      }
+    },
+    cancel() {
+      boardsStore.showPage('');
+    },
+    resetFormState() {
+      if (this.isNewForm) {
+        // Clear the form when we open the "New board" modal
+        this.board = { ...boardDefaults };
+      } else if (this.currentBoard && Object.keys(this.currentBoard).length) {
+        this.board = { ...boardDefaults, ...this.currentBoard };
+      }
+    },
+  },
+};
+</script>
+
+<template>
+  <deprecated-modal
+    v-show="isVisible"
+    :hide-footer="readonly"
+    :title="title"
+    :primary-button-label="buttonText"
+    :kind="buttonKind"
+    :submit-disabled="submitDisabled"
+    modal-dialog-class="board-config-modal"
+    @cancel="cancel"
+    @submit="submit"
+  >
+    <template slot="body">
+      <p v-if="isDeleteForm">Are you sure you want to delete this board?</p>
+      <form v-else class="js-board-config-modal" @submit.prevent>
+        <div v-if="!readonly" class="append-bottom-20">
+          <label class="form-section-title label-bold" for="board-new-name"> Board name </label>
+          <input
+            id="board-new-name"
+            ref="name"
+            v-model="board.name"
+            class="form-control"
+            type="text"
+            placeholder="Enter board name"
+            @keyup.enter="submit"
+          />
+        </div>
+
+        <board-scope
+          v-if="scopedIssueBoardFeatureEnabled"
+          :collapse-scope="isNewForm"
+          :board="board"
+          :can-admin-board="canAdminBoard"
+          :milestone-path="milestonePath"
+          :labels-path="labelsPath"
+          :scoped-labels-documentation-link="scopedLabelsDocumentationLink"
+          :enable-scoped-labels="enableScopedLabels"
+          :project-id="projectId"
+          :group-id="groupId"
+          :weights="weights"
+        />
+      </form>
+    </template>
+  </deprecated-modal>
+</template>
diff --git a/app/assets/javascripts/boards/components/boards_selector.vue b/app/assets/javascripts/boards/components/boards_selector.vue
new file mode 100644
index 00000000000..b05de4538f2
--- /dev/null
+++ b/app/assets/javascripts/boards/components/boards_selector.vue
@@ -0,0 +1,334 @@
+<script>
+import { throttle } from 'underscore';
+import {
+  GlLoadingIcon,
+  GlSearchBoxByType,
+  GlDropdown,
+  GlDropdownDivider,
+  GlDropdownHeader,
+  GlDropdownItem,
+} from '@gitlab/ui';
+
+import Icon from '~/vue_shared/components/icon.vue';
+import httpStatusCodes from '~/lib/utils/http_status';
+import boardsStore from '../stores/boards_store';
+import BoardForm from './board_form.vue';
+
+const MIN_BOARDS_TO_VIEW_RECENT = 10;
+
+export default {
+  name: 'BoardsSelector',
+  components: {
+    Icon,
+    BoardForm,
+    GlLoadingIcon,
+    GlSearchBoxByType,
+    GlDropdown,
+    GlDropdownDivider,
+    GlDropdownHeader,
+    GlDropdownItem,
+  },
+  props: {
+    currentBoard: {
+      type: Object,
+      required: true,
+    },
+    milestonePath: {
+      type: String,
+      required: true,
+    },
+    throttleDuration: {
+      type: Number,
+      default: 200,
+    },
+    boardBaseUrl: {
+      type: String,
+      required: true,
+    },
+    hasMissingBoards: {
+      type: Boolean,
+      required: true,
+    },
+    canAdminBoard: {
+      type: Boolean,
+      required: true,
+    },
+    multipleIssueBoardsAvailable: {
+      type: Boolean,
+      required: true,
+    },
+    labelsPath: {
+      type: String,
+      required: true,
+    },
+    projectId: {
+      type: Number,
+      required: true,
+    },
+    groupId: {
+      type: Number,
+      required: true,
+    },
+    scopedIssueBoardFeatureEnabled: {
+      type: Boolean,
+      required: true,
+    },
+    weights: {
+      type: Array,
+      required: true,
+    },
+    enabledScopedLabels: {
+      type: Boolean,
+      required: false,
+      default: false,
+    },
+    scopedLabelsDocumentationLink: {
+      type: String,
+      required: false,
+      default: '#',
+    },
+  },
+  data() {
+    return {
+      loading: true,
+      hasScrollFade: false,
+      scrollFadeInitialized: false,
+      boards: [],
+      recentBoards: [],
+      state: boardsStore.state,
+      throttledSetScrollFade: throttle(this.setScrollFade, this.throttleDuration),
+      contentClientHeight: 0,
+      maxPosition: 0,
+      store: boardsStore,
+      filterTerm: '',
+    };
+  },
+  computed: {
+    currentPage() {
+      return this.state.currentPage;
+    },
+    filteredBoards() {
+      return this.boards.filter(board =>
+        board.name.toLowerCase().includes(this.filterTerm.toLowerCase()),
+      );
+    },
+    reload: {
+      get() {
+        return this.state.reload;
+      },
+      set(newValue) {
+        this.state.reload = newValue;
+      },
+    },
+    board() {
+      return this.state.currentBoard;
+    },
+    showDelete() {
+      return this.boards.length > 1;
+    },
+    scrollFadeClass() {
+      return {
+        'fade-out': !this.hasScrollFade,
+      };
+    },
+    showRecentSection() {
+      return (
+        this.recentBoards.length &&
+        this.boards.length > MIN_BOARDS_TO_VIEW_RECENT &&
+        !this.filterTerm.length
+      );
+    },
+  },
+  watch: {
+    filteredBoards() {
+      this.scrollFadeInitialized = false;
+      this.$nextTick(this.setScrollFade);
+    },
+    reload() {
+      if (this.reload) {
+        this.boards = [];
+        this.recentBoards = [];
+        this.loading = true;
+        this.reload = false;
+
+        this.loadBoards(false);
+      }
+    },
+  },
+  created() {
+    boardsStore.setCurrentBoard(this.currentBoard);
+  },
+  methods: {
+    showPage(page) {
+      boardsStore.showPage(page);
+    },
+    loadBoards(toggleDropdown = true) {
+      if (toggleDropdown && this.boards.length > 0) {
+        return;
+      }
+
+      const recentBoardsPromise = new Promise((resolve, reject) =>
+        gl.boardService
+          .recentBoards()
+          .then(resolve)
+          .catch(err => {
+            /**
+             *  If user is unauthorized we'd still want to resolve the
+             *  request to display all boards.
+             */
+            if (err.response.status === httpStatusCodes.UNAUTHORIZED) {
+              resolve({ data: [] }); // recent boards are empty
+              return;
+            }
+            reject(err);
+          }),
+      );
+
+      Promise.all([gl.boardService.allBoards(), recentBoardsPromise])
+        .then(([allBoards, recentBoards]) => [allBoards.data, recentBoards.data])
+        .then(([allBoardsJson, recentBoardsJson]) => {
+          this.loading = false;
+          this.boards = allBoardsJson;
+          this.recentBoards = recentBoardsJson;
+        })
+        .then(() => this.$nextTick()) // Wait for boards list in DOM
+        .then(() => {
+          this.setScrollFade();
+        })
+        .catch(() => {
+          this.loading = false;
+        });
+    },
+    isScrolledUp() {
+      const { content } = this.$refs;
+      const currentPosition = this.contentClientHeight + content.scrollTop;
+
+      return content && currentPosition < this.maxPosition;
+    },
+    initScrollFade() {
+      this.scrollFadeInitialized = true;
+
+      const { content } = this.$refs;
+
+      this.contentClientHeight = content.clientHeight;
+      this.maxPosition = content.scrollHeight;
+    },
+    setScrollFade() {
+      if (!this.scrollFadeInitialized) this.initScrollFade();
+
+      this.hasScrollFade = this.isScrolledUp();
+    },
+  },
+};
+</script>
+
+<template>
+  <div class="boards-switcher js-boards-selector append-right-10">
+    <span class="boards-selector-wrapper js-boards-selector-wrapper">
+      <gl-dropdown
+        toggle-class="dropdown-menu-toggle js-dropdown-toggle"
+        menu-class="flex-column dropdown-extended-height"
+        :text="board.name"
+        @show="loadBoards"
+      >
+        <div>
+          <div class="dropdown-title mb-0" @mousedown.prevent>
+            {{ s__('IssueBoards|Switch board') }}
+          </div>
+        </div>
+
+        <gl-dropdown-header class="mt-0">
+          <gl-search-box-by-type ref="searchBox" v-model="filterTerm" />
+        </gl-dropdown-header>
+
+        <div
+          v-if="!loading"
+          ref="content"
+          class="dropdown-content flex-fill"
+          @scroll.passive="throttledSetScrollFade"
+        >
+          <gl-dropdown-item
+            v-show="filteredBoards.length === 0"
+            class="no-pointer-events text-secondary"
+          >
+            {{ s__('IssueBoards|No matching boards found') }}
+          </gl-dropdown-item>
+
+          <h6 v-if="showRecentSection" class="dropdown-bold-header my-0">
+            {{ __('Recent') }}
+          </h6>
+
+          <template v-if="showRecentSection">
+            <gl-dropdown-item
+              v-for="recentBoard in recentBoards"
+              :key="`recent-${recentBoard.id}`"
+              class="js-dropdown-item"
+              :href="`${boardBaseUrl}/${recentBoard.id}`"
+            >
+              {{ recentBoard.name }}
+            </gl-dropdown-item>
+          </template>
+
+          <hr v-if="showRecentSection" class="my-1" />
+
+          <h6 v-if="showRecentSection" class="dropdown-bold-header my-0">
+            {{ __('All') }}
+          </h6>
+
+          <gl-dropdown-item
+            v-for="otherBoard in filteredBoards"
+            :key="otherBoard.id"
+            class="js-dropdown-item"
+            :href="`${boardBaseUrl}/${otherBoard.id}`"
+          >
+            {{ otherBoard.name }}
+          </gl-dropdown-item>
+          <gl-dropdown-item v-if="hasMissingBoards" class="small unclickable">
+            {{
+              s__(
+                'IssueBoards|Some of your boards are hidden, activate a license to see them again.',
+              )
+            }}
+          </gl-dropdown-item>
+        </div>
+
+        <div
+          v-show="filteredBoards.length > 0"
+          class="dropdown-content-faded-mask"
+          :class="scrollFadeClass"
+        ></div>
+
+        <gl-loading-icon v-if="loading" />
+
+        <div v-if="canAdminBoard">
+          <gl-dropdown-divider />
+
+          <gl-dropdown-item v-if="multipleIssueBoardsAvailable" @click.prevent="showPage('new')">
+            {{ s__('IssueBoards|Create new board') }}
+          </gl-dropdown-item>
+
+          <gl-dropdown-item
+            v-if="showDelete"
+            class="text-danger"
+            @click.prevent="showPage('delete')"
+          >
+            {{ s__('IssueBoards|Delete board') }}
+          </gl-dropdown-item>
+        </div>
+      </gl-dropdown>
+
+      <board-form
+        v-if="currentPage"
+        :milestone-path="milestonePath"
+        :labels-path="labelsPath"
+        :project-id="projectId"
+        :group-id="groupId"
+        :can-admin-board="canAdminBoard"
+        :scoped-issue-board-feature-enabled="scopedIssueBoardFeatureEnabled"
+        :weights="weights"
+        :enable-scoped-labels="enabledScopedLabels"
+        :scoped-labels-documentation-link="scopedLabelsDocumentationLink"
+      />
+    </span>
+  </div>
+</template>
diff --git a/app/assets/javascripts/boards/index.js b/app/assets/javascripts/boards/index.js
index d6a5372b22d..f5a617a85ad 100644
--- a/app/assets/javascripts/boards/index.js
+++ b/app/assets/javascripts/boards/index.js
@@ -1,7 +1,6 @@
 import $ from 'jquery';
 import Vue from 'vue';
 
-import mountMultipleBoardsSwitcher from 'ee_else_ce/boards/mount_multiple_boards_switcher';
 import Flash from '~/flash';
 import { __ } from '~/locale';
 import './models/label';
@@ -31,6 +30,7 @@ import {
 } from '~/lib/utils/common_utils';
 import boardConfigToggle from 'ee_else_ce/boards/config_toggle';
 import toggleFocusMode from 'ee_else_ce/boards/toggle_focus';
+import mountMultipleBoardsSwitcher from './mount_multiple_boards_switcher';
 
 let issueBoardsApp;
 
diff --git a/app/assets/javascripts/boards/mount_multiple_boards_switcher.js b/app/assets/javascripts/boards/mount_multiple_boards_switcher.js
index bdb14a7f2f2..8d22f009784 100644
--- a/app/assets/javascripts/boards/mount_multiple_boards_switcher.js
+++ b/app/assets/javascripts/boards/mount_multiple_boards_switcher.js
@@ -1,2 +1,35 @@
-// this will be moved from EE to CE as part of https://gitlab.com/gitlab-org/gitlab-ce/issues/53811
-export default () => {};
+import Vue from 'vue';
+import { parseBoolean } from '~/lib/utils/common_utils';
+import BoardsSelector from '~/boards/components/boards_selector.vue';
+
+export default () => {
+  const boardsSwitcherElement = document.getElementById('js-multiple-boards-switcher');
+  return new Vue({
+    el: boardsSwitcherElement,
+    components: {
+      BoardsSelector,
+    },
+    data() {
+      const { dataset } = boardsSwitcherElement;
+
+      const boardsSelectorProps = {
+        ...dataset,
+        currentBoard: JSON.parse(dataset.currentBoard),
+        hasMissingBoards: parseBoolean(dataset.hasMissingBoards),
+        canAdminBoard: parseBoolean(dataset.canAdminBoard),
+        multipleIssueBoardsAvailable: parseBoolean(dataset.multipleIssueBoardsAvailable),
+        projectId: Number(dataset.projectId),
+        groupId: Number(dataset.groupId),
+        scopedIssueBoardFeatureEnabled: parseBoolean(dataset.scopedIssueBoardFeatureEnabled),
+        weights: JSON.parse(dataset.weights),
+      };
+
+      return { boardsSelectorProps };
+    },
+    render(createElement) {
+      return createElement(BoardsSelector, {
+        props: this.boardsSelectorProps,
+      });
+    },
+  });
+};
diff --git a/app/views/shared/boards/_switcher.html.haml b/app/views/shared/boards/_switcher.html.haml
new file mode 100644
index 00000000000..79118630762
--- /dev/null
+++ b/app/views/shared/boards/_switcher.html.haml
@@ -0,0 +1,16 @@
+- parent = board.parent
+- milestone_filter_opts = { format: :json }
+- milestone_filter_opts = milestone_filter_opts.merge(only_group_milestones: true) if board.group_board?
+- weights = Gitlab.ee? ? ([Issue::WEIGHT_ANY] + Issue.weight_options) : []
+
+#js-multiple-boards-switcher.inline.boards-switcher{ data: { current_board: current_board_json.to_json,
+    milestone_path: milestones_filter_path(milestone_filter_opts),
+    board_base_url: board_base_url,
+    has_missing_boards: (!multiple_boards_available? && current_board_parent.boards.size > 1).to_s,
+    can_admin_board: can?(current_user, :admin_board, parent).to_s,
+    multiple_issue_boards_available: parent.multiple_issue_boards_available?.to_s,
+    labels_path: labels_filter_path_with_defaults(only_group_labels: true, include_descendant_groups: true),
+    project_id: @project&.id,
+    group_id: @group&.id,
+    scoped_issue_board_feature_enabled: Gitlab.ee? && parent.feature_available?(:scoped_issue_board) ? 'true' : 'false',
+    weights: weights.to_json } }
diff --git a/app/views/shared/issuable/_search_bar.html.haml b/app/views/shared/issuable/_search_bar.html.haml
index a97ac5e2a2d..e253413929a 100644
--- a/app/views/shared/issuable/_search_bar.html.haml
+++ b/app/views/shared/issuable/_search_bar.html.haml
@@ -6,7 +6,7 @@
 .issues-filters{ class: ("w-100" if type == :boards_modal) }
   .issues-details-filters.filtered-search-block.d-flex.flex-column.flex-md-row{ class: block_css_class, "v-pre" => type == :boards_modal }
     - if type == :boards
-      = render_if_exists "shared/boards/switcher", board: board
+      = render "shared/boards/switcher", board: board
     = form_tag page_filter_path, method: :get, class: 'filter-form js-filter-form w-100' do
       - if params[:search].present?
         = hidden_field_tag :search, params[:search]
diff --git a/changelogs/unreleased/winh-multiple-issueboards-core.yml b/changelogs/unreleased/winh-multiple-issueboards-core.yml
new file mode 100644
index 00000000000..c45e420c133
--- /dev/null
+++ b/changelogs/unreleased/winh-multiple-issueboards-core.yml
@@ -0,0 +1,5 @@
+---
+title: Move multiple issue boards to core
+merge_request: 30503
+author:
+type: changed
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 5e8d1ac206a..7b742660a4c 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -5717,6 +5717,21 @@ msgstr ""
 msgid "IssueBoards|Boards"
 msgstr ""
 
+msgid "IssueBoards|Create new board"
+msgstr ""
+
+msgid "IssueBoards|Delete board"
+msgstr ""
+
+msgid "IssueBoards|No matching boards found"
+msgstr ""
+
+msgid "IssueBoards|Some of your boards are hidden, activate a license to see them again."
+msgstr ""
+
+msgid "IssueBoards|Switch board"
+msgstr ""
+
 msgid "IssueTracker|Bugzilla issue tracker"
 msgstr ""
 
@@ -8698,6 +8713,9 @@ msgstr ""
 msgid "Receive notifications about your own activity"
 msgstr ""
 
+msgid "Recent"
+msgstr ""
+
 msgid "Recent Project Activity"
 msgstr ""
 
diff --git a/spec/javascripts/boards/components/board_form_spec.js b/spec/javascripts/boards/components/board_form_spec.js
new file mode 100644
index 00000000000..e9014156a98
--- /dev/null
+++ b/spec/javascripts/boards/components/board_form_spec.js
@@ -0,0 +1,56 @@
+import $ from 'jquery';
+import Vue from 'vue';
+import boardsStore from '~/boards/stores/boards_store';
+import boardForm from '~/boards/components/board_form.vue';
+import mountComponent from 'spec/helpers/vue_mount_component_helper';
+
+describe('board_form.vue', () => {
+  const props = {
+    canAdminBoard: false,
+    labelsPath: `${gl.TEST_HOST}/labels/path`,
+    milestonePath: `${gl.TEST_HOST}/milestone/path`,
+  };
+  let vm;
+
+  beforeEach(() => {
+    spyOn($, 'ajax');
+    boardsStore.state.currentPage = 'edit';
+    const Component = Vue.extend(boardForm);
+    vm = mountComponent(Component, props);
+  });
+
+  afterEach(() => {
+    vm.$destroy();
+  });
+
+  describe('methods', () => {
+    describe('cancel', () => {
+      it('resets currentPage', done => {
+        vm.cancel();
+
+        Vue.nextTick()
+          .then(() => {
+            expect(boardsStore.state.currentPage).toBe('');
+          })
+          .then(done)
+          .catch(done.fail);
+      });
+    });
+  });
+
+  describe('buttons', () => {
+    it('cancel button triggers cancel()', done => {
+      spyOn(vm, 'cancel');
+
+      Vue.nextTick()
+        .then(() => {
+          const cancelButton = vm.$el.querySelector('button[data-dismiss="modal"]');
+          cancelButton.click();
+
+          expect(vm.cancel).toHaveBeenCalled();
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+  });
+});
diff --git a/spec/javascripts/boards/components/boards_selector_spec.js b/spec/javascripts/boards/components/boards_selector_spec.js
new file mode 100644
index 00000000000..504bc51778c
--- /dev/null
+++ b/spec/javascripts/boards/components/boards_selector_spec.js
@@ -0,0 +1,205 @@
+import Vue from 'vue';
+import BoardService from '~/boards/services/board_service';
+import BoardsSelector from '~/boards/components/boards_selector.vue';
+import mountComponent from 'spec/helpers/vue_mount_component_helper';
+import { TEST_HOST } from 'spec/test_constants';
+import boardsStore from '~/boards/stores/boards_store';
+
+const throttleDuration = 1;
+
+function boardGenerator(n) {
+  return new Array(n).fill().map((board, id) => {
+    const name = `board${id}`;
+
+    return {
+      id,
+      name,
+    };
+  });
+}
+
+describe('BoardsSelector', () => {
+  let vm;
+  let allBoardsResponse;
+  let recentBoardsResponse;
+  let fillSearchBox;
+  const boards = boardGenerator(20);
+  const recentBoards = boardGenerator(5);
+
+  beforeEach(done => {
+    setFixtures('<div class="js-boards-selector"></div>');
+    window.gl = window.gl || {};
+
+    boardsStore.setEndpoints({
+      boardsEndpoint: '',
+      recentBoardsEndpoint: '',
+      listsEndpoint: '',
+      bulkUpdatePath: '',
+      boardId: '',
+    });
+    window.gl.boardService = new BoardService();
+
+    allBoardsResponse = Promise.resolve({
+      data: boards,
+    });
+    recentBoardsResponse = Promise.resolve({
+      data: recentBoards,
+    });
+
+    spyOn(BoardService.prototype, 'allBoards').and.returnValue(allBoardsResponse);
+    spyOn(BoardService.prototype, 'recentBoards').and.returnValue(recentBoardsResponse);
+
+    const Component = Vue.extend(BoardsSelector);
+    vm = mountComponent(
+      Component,
+      {
+        throttleDuration,
+        currentBoard: {
+          id: 1,
+          name: 'Development',
+          milestone_id: null,
+          weight: null,
+          assignee_id: null,
+          labels: [],
+        },
+        milestonePath: `${TEST_HOST}/milestone/path`,
+        boardBaseUrl: `${TEST_HOST}/board/base/url`,
+        hasMissingBoards: false,
+        canAdminBoard: true,
+        multipleIssueBoardsAvailable: true,
+        labelsPath: `${TEST_HOST}/labels/path`,
+        projectId: 42,
+        groupId: 19,
+        scopedIssueBoardFeatureEnabled: true,
+        weights: [],
+      },
+      document.querySelector('.js-boards-selector'),
+    );
+
+    vm.$el.querySelector('.js-dropdown-toggle').click();
+
+    Promise.all([allBoardsResponse, recentBoardsResponse])
+      .then(() => vm.$nextTick())
+      .then(done)
+      .catch(done.fail);
+
+    fillSearchBox = filterTerm => {
+      const { searchBox } = vm.$refs;
+      const searchBoxInput = searchBox.$el.querySelector('input');
+      searchBoxInput.value = filterTerm;
+      searchBoxInput.dispatchEvent(new Event('input'));
+    };
+  });
+
+  afterEach(() => {
+    vm.$destroy();
+    window.gl.boardService = undefined;
+  });
+
+  describe('filtering', () => {
+    it('shows all boards without filtering', done => {
+      vm.$nextTick()
+        .then(() => {
+          const dropdownItem = vm.$el.querySelectorAll('.js-dropdown-item');
+
+          expect(dropdownItem.length).toBe(boards.length + recentBoards.length);
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+
+    it('shows only matching boards when filtering', done => {
+      const filterTerm = 'board1';
+      const expectedCount = boards.filter(board => board.name.includes(filterTerm)).length;
+
+      fillSearchBox(filterTerm);
+
+      vm.$nextTick()
+        .then(() => {
+          const dropdownItems = vm.$el.querySelectorAll('.js-dropdown-item');
+
+          expect(dropdownItems.length).toBe(expectedCount);
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+
+    it('shows message if there are no matching boards', done => {
+      fillSearchBox('does not exist');
+
+      vm.$nextTick()
+        .then(() => {
+          const dropdownItems = vm.$el.querySelectorAll('.js-dropdown-item');
+
+          expect(dropdownItems.length).toBe(0);
+          expect(vm.$el).toContainText('No matching boards found');
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+  });
+
+  describe('recent boards section', () => {
+    it('shows only when boards are greater than 10', done => {
+      vm.$nextTick()
+        .then(() => {
+          const headerEls = vm.$el.querySelectorAll('.dropdown-bold-header');
+
+          const expectedCount = 2; // Recent + All
+
+          expect(expectedCount).toBe(headerEls.length);
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+
+    it('does not show when boards are less than 10', done => {
+      spyOn(vm, 'initScrollFade');
+      spyOn(vm, 'setScrollFade');
+
+      vm.$nextTick()
+        .then(() => {
+          vm.boards = vm.boards.slice(0, 5);
+        })
+        .then(vm.$nextTick)
+        .then(() => {
+          const headerEls = vm.$el.querySelectorAll('.dropdown-bold-header');
+          const expectedCount = 0;
+
+          expect(expectedCount).toBe(headerEls.length);
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+
+    it('does not show when recentBoards api returns empty array', done => {
+      vm.$nextTick()
+        .then(() => {
+          vm.recentBoards = [];
+        })
+        .then(vm.$nextTick)
+        .then(() => {
+          const headerEls = vm.$el.querySelectorAll('.dropdown-bold-header');
+          const expectedCount = 0;
+
+          expect(expectedCount).toBe(headerEls.length);
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+
+    it('does not show when search is active', done => {
+      fillSearchBox('Random string');
+
+      vm.$nextTick()
+        .then(() => {
+          const headerEls = vm.$el.querySelectorAll('.dropdown-bold-header');
+          const expectedCount = 0;
+
+          expect(expectedCount).toBe(headerEls.length);
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+  });
+});
-- 
cgit v1.2.1


From 9dd59df6991b9d82bcbb95bf406194aab8ecf743 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Wed, 17 Jul 2019 12:33:49 -0700
Subject: Fix inconsistency in Redis performance bar stats

peek-redis resets its counters at the start of an ActionController
notification (`start_processing.action_controller`), which causes it to
miss some Redis queries that precede it, such as the database load
balancer and Rack Attack queries. This produces inconsistencies in the
performance bar between the number of calls and their durations with the
actual calls in the detailed view.

We fix this by getting rid of peek-redis in favor of consolidating all
logic into the `RedisDetailed` view, which tracks Redis queries using
`RequestStore`. This has the nice property of removing thread-specific
counters as well.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/64707
---
 Gemfile                                    |   1 -
 Gemfile.lock                               |   6 --
 config/initializers/peek.rb                |   2 +-
 lib/peek/views/redis.rb                    |  86 ------------------------
 lib/peek/views/redis_detailed.rb           | 104 +++++++++++++++++++++++++++++
 spec/lib/peek/views/redis_detailed_spec.rb |  25 ++++---
 6 files changed, 119 insertions(+), 105 deletions(-)
 delete mode 100644 lib/peek/views/redis.rb
 create mode 100644 lib/peek/views/redis_detailed.rb

diff --git a/Gemfile b/Gemfile
index 8bffc2a973d..de1f44642f2 100644
--- a/Gemfile
+++ b/Gemfile
@@ -299,7 +299,6 @@ gem 'peek-gc', '~> 0.0.2'
 gem 'peek-mysql2', '~> 1.2.0', group: :mysql
 gem 'peek-pg', '~> 1.3.0', group: :postgres
 gem 'peek-rblineprof', '~> 0.2.0'
-gem 'peek-redis', '~> 1.2.0'
 
 # Memory benchmarks
 gem 'derailed_benchmarks', require: false
diff --git a/Gemfile.lock b/Gemfile.lock
index 60939ae918c..2bcc3527de4 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -76,7 +76,6 @@ GEM
     asciidoctor-plantuml (0.0.9)
       asciidoctor (>= 1.5.6, < 3.0.0)
     ast (2.4.0)
-    atomic (1.1.99)
     attr_encrypted (3.1.0)
       encryptor (~> 3.0.0)
     attr_required (1.0.1)
@@ -658,10 +657,6 @@ GEM
     peek-rblineprof (0.2.0)
       peek
       rblineprof
-    peek-redis (1.2.0)
-      atomic (>= 1.0.0)
-      peek
-      redis
     pg (1.1.4)
     po_to_json (1.0.1)
       json (>= 1.6.0)
@@ -1199,7 +1194,6 @@ DEPENDENCIES
   peek-mysql2 (~> 1.2.0)
   peek-pg (~> 1.3.0)
   peek-rblineprof (~> 0.2.0)
-  peek-redis (~> 1.2.0)
   pg (~> 1.1)
   premailer-rails (~> 1.9.7)
   prometheus-client-mmap (~> 0.9.8)
diff --git a/config/initializers/peek.rb b/config/initializers/peek.rb
index d492b60705d..2aec32e878c 100644
--- a/config/initializers/peek.rb
+++ b/config/initializers/peek.rb
@@ -29,7 +29,7 @@ end
 Peek.into PEEK_DB_VIEW
 Peek.into Peek::Views::Gitaly
 Peek.into Peek::Views::Rblineprof
-Peek.into Peek::Views::Redis
+Peek.into Peek::Views::RedisDetailed
 Peek.into Peek::Views::GC
 Peek.into Peek::Views::Tracing if Labkit::Tracing.tracing_url_enabled?
 
diff --git a/lib/peek/views/redis.rb b/lib/peek/views/redis.rb
deleted file mode 100644
index 73de8672fa4..00000000000
--- a/lib/peek/views/redis.rb
+++ /dev/null
@@ -1,86 +0,0 @@
-# frozen_string_literal: true
-
-require 'redis'
-require 'peek-redis'
-
-module Gitlab
-  module Peek
-    module RedisInstrumented
-      def call(*args, &block)
-        start = Time.now
-        super(*args, &block)
-      ensure
-        duration = (Time.now - start)
-        add_call_details(duration, args)
-      end
-
-      private
-
-      def add_call_details(duration, args)
-        # redis-rb passes an array (e.g. [:get, key])
-        return unless args.length == 1
-
-        detail_store << {
-          cmd: args.first,
-          duration: duration,
-          backtrace: Gitlab::Profiler.clean_backtrace(caller)
-        }
-      end
-
-      def detail_store
-        ::Gitlab::SafeRequestStore['redis_call_details'] ||= []
-      end
-    end
-  end
-end
-
-module Peek
-  module Views
-    module RedisDetailed
-      REDACTED_MARKER = "<redacted>"
-
-      def results
-        super.merge(details: details)
-      end
-
-      def details
-        detail_store
-          .sort { |a, b| b[:duration] <=> a[:duration] }
-          .map(&method(:format_call_details))
-      end
-
-      def detail_store
-        ::Gitlab::SafeRequestStore['redis_call_details'] ||= []
-      end
-
-      def format_call_details(call)
-        call.merge(cmd: format_command(call[:cmd]),
-                   duration: (call[:duration] * 1000).round(3))
-      end
-
-      def format_command(cmd)
-        if cmd.length >= 2 && cmd.first =~ /^auth$/i
-          cmd[-1] = REDACTED_MARKER
-        # Scrub out the value of the SET calls to avoid binary
-        # data or large data from spilling into the view
-        elsif cmd.length >= 3 && cmd.first =~ /set/i
-          cmd[2..-1] = REDACTED_MARKER
-        end
-
-        cmd.join(' ')
-      end
-    end
-  end
-end
-
-class Redis::Client
-  prepend Gitlab::Peek::RedisInstrumented
-end
-
-module Peek
-  module Views
-    class Redis < View
-      prepend Peek::Views::RedisDetailed
-    end
-  end
-end
diff --git a/lib/peek/views/redis_detailed.rb b/lib/peek/views/redis_detailed.rb
new file mode 100644
index 00000000000..12760c9b75e
--- /dev/null
+++ b/lib/peek/views/redis_detailed.rb
@@ -0,0 +1,104 @@
+# frozen_string_literal: true
+
+require 'redis'
+
+module Gitlab
+  module Peek
+    module RedisInstrumented
+      def call(*args, &block)
+        start = Time.now
+        super(*args, &block)
+      ensure
+        duration = (Time.now - start)
+        add_call_details(duration, args)
+      end
+
+      private
+
+      def add_call_details(duration, args)
+        # redis-rb passes an array (e.g. [:get, key])
+        return unless args.length == 1
+
+        detail_store << {
+          cmd: args.first,
+          duration: duration,
+          backtrace: Gitlab::Profiler.clean_backtrace(caller)
+        }
+      end
+
+      def detail_store
+        ::Gitlab::SafeRequestStore['redis_call_details'] ||= []
+      end
+    end
+  end
+end
+
+module Peek
+  module Views
+    class RedisDetailed < View
+      REDACTED_MARKER = "<redacted>"
+
+      def key
+        'redis'
+      end
+
+      def results
+        {
+          calls: calls,
+          duration: formatted_duration,
+          details: details
+        }
+      end
+
+      def detail_store
+        ::Gitlab::SafeRequestStore['redis_call_details'] ||= []
+      end
+
+      private
+
+      def formatted_duration
+        ms = duration * 1000
+        if ms >= 1000
+          "%.2fms" % ms
+        else
+          "%.0fms" % ms
+        end
+      end
+
+      def duration
+        detail_store.map { |entry| entry[:duration] }.sum # rubocop:disable CodeReuse/ActiveRecord
+      end
+
+      def calls
+        detail_store.count
+      end
+
+      def details
+        detail_store
+          .sort { |a, b| b[:duration] <=> a[:duration] }
+          .map(&method(:format_call_details))
+      end
+
+      def format_call_details(call)
+        call.merge(cmd: format_command(call[:cmd]),
+                   duration: (call[:duration] * 1000).round(3))
+      end
+
+      def format_command(cmd)
+        if cmd.length >= 2 && cmd.first =~ /^auth$/i
+          cmd[-1] = REDACTED_MARKER
+        # Scrub out the value of the SET calls to avoid binary
+        # data or large data from spilling into the view
+        elsif cmd.length >= 3 && cmd.first =~ /set/i
+          cmd[2..-1] = REDACTED_MARKER
+        end
+
+        cmd.join(' ')
+      end
+    end
+  end
+end
+
+class Redis::Client
+  prepend Gitlab::Peek::RedisInstrumented
+end
diff --git a/spec/lib/peek/views/redis_detailed_spec.rb b/spec/lib/peek/views/redis_detailed_spec.rb
index da13b6df53b..61096e6c69e 100644
--- a/spec/lib/peek/views/redis_detailed_spec.rb
+++ b/spec/lib/peek/views/redis_detailed_spec.rb
@@ -2,14 +2,8 @@
 
 require 'spec_helper'
 
-describe Peek::Views::RedisDetailed do
-  let(:redis_detailed_class) do
-    Class.new do
-      include Peek::Views::RedisDetailed
-    end
-  end
-
-  subject { redis_detailed_class.new }
+describe Peek::Views::RedisDetailed, :request_store do
+  subject { described_class.new }
 
   using RSpec::Parameterized::TableSyntax
 
@@ -22,15 +16,24 @@ describe Peek::Views::RedisDetailed do
   end
 
   with_them do
-    it 'scrubs Redis commands', :request_store do
+    it 'scrubs Redis commands' do
       subject.detail_store << { cmd: cmd, duration: 1.second }
 
-      expect(subject.details.count).to eq(1)
-      expect(subject.details.first)
+      expect(subject.results[:details].count).to eq(1)
+      expect(subject.results[:details].first)
         .to eq({
                  cmd: expected,
                  duration: 1000
                })
     end
   end
+
+  it 'returns aggregated results' do
+    subject.detail_store << { cmd: [:get, 'test'], duration: 0.001 }
+    subject.detail_store << { cmd: [:get, 'test'], duration: 1.second }
+
+    expect(subject.results[:calls]).to eq(2)
+    expect(subject.results[:duration]).to eq('1001.00ms')
+    expect(subject.results[:details].count).to eq(2)
+  end
 end
-- 
cgit v1.2.1


From bcd2458076512ad80c6e470d9434618f27dfec3c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Francisco=20Javier=20L=C3=B3pez?= <fjlopez@gitlab.com>
Date: Wed, 17 Jul 2019 23:45:35 +0000
Subject: Refactor RedisCounter and WebIdeCommitsCounter

This MR refactor RedisCounter and WebIdeCommitsCounter
to be reused by other components.
---
 lib/api/commits.rb                                 |  2 +-
 lib/gitlab/usage_data.rb                           |  2 +-
 lib/gitlab/usage_data_counters/redis_counter.rb    |  8 +---
 .../usage_data_counters/web_ide_commits_counter.rb | 13 ------
 lib/gitlab/usage_data_counters/web_ide_counter.rb  | 21 +++++++++
 .../usage_data_counters/redis_counter_spec.rb      | 54 ----------------------
 .../usage_data_counters/web_ide_counter_spec.rb    | 21 +++++++++
 spec/requests/api/commits_spec.rb                  |  2 +-
 8 files changed, 47 insertions(+), 76 deletions(-)
 delete mode 100644 lib/gitlab/usage_data_counters/web_ide_commits_counter.rb
 create mode 100644 lib/gitlab/usage_data_counters/web_ide_counter.rb
 delete mode 100644 spec/lib/gitlab/usage_data_counters/redis_counter_spec.rb
 create mode 100644 spec/lib/gitlab/usage_data_counters/web_ide_counter_spec.rb

diff --git a/lib/api/commits.rb b/lib/api/commits.rb
index c414ad75d9d..fe910d46f6c 100644
--- a/lib/api/commits.rb
+++ b/lib/api/commits.rb
@@ -126,7 +126,7 @@ module API
         if result[:status] == :success
           commit_detail = user_project.repository.commit(result[:result])
 
-          Gitlab::UsageDataCounters::WebIdeCommitsCounter.increment if find_user_from_warden
+          Gitlab::UsageDataCounters::WebIdeCounter.increment_commits_count if find_user_from_warden
 
           present commit_detail, with: Entities::CommitDetail, stats: params[:stats]
         else
diff --git a/lib/gitlab/usage_data.rb b/lib/gitlab/usage_data.rb
index 055e01a9399..7572c0bdbfd 100644
--- a/lib/gitlab/usage_data.rb
+++ b/lib/gitlab/usage_data.rb
@@ -130,7 +130,7 @@ module Gitlab
 
       def usage_counters
         {
-          web_ide_commits: Gitlab::UsageDataCounters::WebIdeCommitsCounter.total_count
+          web_ide_commits: Gitlab::UsageDataCounters::WebIdeCounter.total_commits_count
         }
       end
 
diff --git a/lib/gitlab/usage_data_counters/redis_counter.rb b/lib/gitlab/usage_data_counters/redis_counter.rb
index 123b8e1bef1..d10871f704c 100644
--- a/lib/gitlab/usage_data_counters/redis_counter.rb
+++ b/lib/gitlab/usage_data_counters/redis_counter.rb
@@ -3,17 +3,13 @@
 module Gitlab
   module UsageDataCounters
     module RedisCounter
-      def increment
+      def increment(redis_counter_key)
         Gitlab::Redis::SharedState.with { |redis| redis.incr(redis_counter_key) }
       end
 
-      def total_count
+      def total_count(redis_counter_key)
         Gitlab::Redis::SharedState.with { |redis| redis.get(redis_counter_key).to_i }
       end
-
-      def redis_counter_key
-        raise NotImplementedError
-      end
     end
   end
 end
diff --git a/lib/gitlab/usage_data_counters/web_ide_commits_counter.rb b/lib/gitlab/usage_data_counters/web_ide_commits_counter.rb
deleted file mode 100644
index 62236fa07a3..00000000000
--- a/lib/gitlab/usage_data_counters/web_ide_commits_counter.rb
+++ /dev/null
@@ -1,13 +0,0 @@
-# frozen_string_literal: true
-
-module Gitlab
-  module UsageDataCounters
-    class WebIdeCommitsCounter
-      extend RedisCounter
-
-      def self.redis_counter_key
-        'WEB_IDE_COMMITS_COUNT'
-      end
-    end
-  end
-end
diff --git a/lib/gitlab/usage_data_counters/web_ide_counter.rb b/lib/gitlab/usage_data_counters/web_ide_counter.rb
new file mode 100644
index 00000000000..6fbffb94c58
--- /dev/null
+++ b/lib/gitlab/usage_data_counters/web_ide_counter.rb
@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module UsageDataCounters
+    class WebIdeCounter
+      extend RedisCounter
+
+      COMMITS_COUNT_KEY = 'WEB_IDE_COMMITS_COUNT'
+
+      class << self
+        def increment_commits_count
+          increment(COMMITS_COUNT_KEY)
+        end
+
+        def total_commits_count
+          total_count(COMMITS_COUNT_KEY)
+        end
+      end
+    end
+  end
+end
diff --git a/spec/lib/gitlab/usage_data_counters/redis_counter_spec.rb b/spec/lib/gitlab/usage_data_counters/redis_counter_spec.rb
deleted file mode 100644
index 38b4c22e186..00000000000
--- a/spec/lib/gitlab/usage_data_counters/redis_counter_spec.rb
+++ /dev/null
@@ -1,54 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe Gitlab::UsageDataCounters::RedisCounter, :clean_gitlab_redis_shared_state do
-  context 'when redis_key is not defined' do
-    subject do
-      Class.new.extend(described_class)
-    end
-
-    describe '.increment' do
-      it 'raises a NotImplementedError exception' do
-        expect { subject.increment}.to raise_error(NotImplementedError)
-      end
-    end
-
-    describe '.total_count' do
-      it 'raises a NotImplementedError exception' do
-        expect { subject.total_count}.to raise_error(NotImplementedError)
-      end
-    end
-  end
-
-  context 'when redis_key is defined' do
-    subject do
-      counter_module = described_class
-
-      Class.new do
-        extend counter_module
-
-        def self.redis_counter_key
-          'foo_redis_key'
-        end
-      end
-    end
-
-    describe '.increment' do
-      it 'increments the web ide commits counter by 1' do
-        expect do
-          subject.increment
-        end.to change { subject.total_count }.from(0).to(1)
-      end
-    end
-
-    describe '.total_count' do
-      it 'returns the total amount of web ide commits' do
-        subject.increment
-        subject.increment
-
-        expect(subject.total_count).to eq(2)
-      end
-    end
-  end
-end
diff --git a/spec/lib/gitlab/usage_data_counters/web_ide_counter_spec.rb b/spec/lib/gitlab/usage_data_counters/web_ide_counter_spec.rb
new file mode 100644
index 00000000000..fa0cf15e1b2
--- /dev/null
+++ b/spec/lib/gitlab/usage_data_counters/web_ide_counter_spec.rb
@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::UsageDataCounters::WebIdeCounter, :clean_gitlab_redis_shared_state do
+  describe '.increment_commits_count' do
+    it 'increments the web ide commits counter by 1' do
+      expect do
+        described_class.increment_commits_count
+      end.to change { described_class.total_commits_count }.by(1)
+    end
+  end
+
+  describe '.total_commits_count' do
+    it 'returns the total amount of web ide commits' do
+      2.times { described_class.increment_commits_count }
+
+      expect(described_class.total_commits_count).to eq(2)
+    end
+  end
+end
diff --git a/spec/requests/api/commits_spec.rb b/spec/requests/api/commits_spec.rb
index 204e378f7be..45da5391bc8 100644
--- a/spec/requests/api/commits_spec.rb
+++ b/spec/requests/api/commits_spec.rb
@@ -281,7 +281,7 @@ describe API::Commits do
       end
 
       it 'does not increment the usage counters using access token authentication' do
-        expect(::Gitlab::UsageDataCounters::WebIdeCommitsCounter).not_to receive(:increment)
+        expect(::Gitlab::UsageDataCounters::WebIdeCounter).not_to receive(:increment_commits_count)
 
         post api(url, user), params: valid_c_params
       end
-- 
cgit v1.2.1


From 746f54787799ee5ea8595a8730d363bfd250ffab Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Thu, 18 Jul 2019 01:15:58 +0000
Subject: Fix unordered list spacing

Correct the spacing of unordered markdown lists
in docs, to maintain standards of documentation.
---
 doc/administration/repository_checks.md            |   4 +-
 doc/development/code_review.md                     |  32 +++---
 doc/development/database_debugging.md              |  34 +++----
 doc/development/diffs.md                           |   2 +-
 .../documentation/feature-change-workflow.md       |  30 +++---
 doc/development/fe_guide/icons.md                  |  16 +--
 doc/development/file_storage.md                    |   4 +-
 doc/development/geo.md                             |  26 ++---
 doc/development/git_object_deduplication.md        | 110 ++++++++++-----------
 doc/development/new_fe_guide/style/javascript.md   |   5 +-
 doc/development/testing_guide/review_apps.md       |   8 +-
 doc/gitlab-basics/create-project.md                |  32 +++---
 doc/university/training/topics/getting_started.md  |  19 ++--
 13 files changed, 161 insertions(+), 161 deletions(-)

diff --git a/doc/administration/repository_checks.md b/doc/administration/repository_checks.md
index 7cf8f20a9dc..05a7cb006a3 100644
--- a/doc/administration/repository_checks.md
+++ b/doc/administration/repository_checks.md
@@ -33,8 +33,8 @@ in `repocheck.log`:
 
 - in the [admin panel](logs.md#repochecklog)
 - or on disk, see:
-    - `/var/log/gitlab/gitlab-rails` for Omnibus installations
-    - `/home/git/gitlab/log` for installations from source
+  - `/var/log/gitlab/gitlab-rails` for Omnibus installations
+  - `/home/git/gitlab/log` for installations from source
 
 If for some reason the periodic repository check caused a lot of false
 alarms you can choose to clear *all* repository check states by
diff --git a/doc/development/code_review.md b/doc/development/code_review.md
index 35ce6b8cbe4..e9c8b193309 100644
--- a/doc/development/code_review.md
+++ b/doc/development/code_review.md
@@ -45,9 +45,9 @@ page, with these behaviours:
 
 1. It will not pick people whose [GitLab status](../user/profile/index.md#current-status)
    contains the string 'OOO'.
-2. [Trainee maintainers](https://about.gitlab.com/handbook/engineering/workflow/code-review/#trainee-maintainer)
+1. [Trainee maintainers](https://about.gitlab.com/handbook/engineering/workflow/code-review/#trainee-maintainer)
    are three times as likely to be picked as other reviewers.
-3. It always picks the same reviewers and maintainers for the same
+1. It always picks the same reviewers and maintainers for the same
    branch name (unless their OOO status changes, as in point 1). It
    removes leading `ce-` and `ee-`, and trailing `-ce` and `-ee`, so
    that it can be stable for backport branches.
@@ -58,20 +58,20 @@ As described in the section on the responsibility of the maintainer below, you
 are recommended to get your merge request approved and merged by maintainer(s)
 from teams other than your own.
 
-   1. If your merge request includes backend changes [^1], it must be
-      **approved by a [backend maintainer](https://about.gitlab.com/handbook/engineering/projects/#gitlab-ce_maintainers_backend)**.
-   1. If your merge request includes database migrations or changes to expensive queries [^2], it must be
-      **approved by a [database maintainer](https://about.gitlab.com/handbook/engineering/projects/#gitlab-ce_maintainers_database)**.
-   1. If your merge request includes frontend changes [^1], it must be
-      **approved by a [frontend maintainer](https://about.gitlab.com/handbook/engineering/projects/#gitlab-ce_maintainers_frontend)**.
-   1. If your merge request includes UX changes [^1], it must be
-      **approved by a [UX team member][team]**.
-   1. If your merge request includes adding a new JavaScript library [^1], it must be
-      **approved by a [frontend lead][team]**.
-   1. If your merge request includes adding a new UI/UX paradigm [^1], it must be
-      **approved by a [UX lead][team]**.
-   1. If your merge request includes a new dependency or a filesystem change, it must be
-      **approved by a [Distribution team member][team]**. See how to work with the [Distribution team](https://about.gitlab.com/handbook/engineering/dev-backend/distribution/) for more details.
+1. If your merge request includes backend changes [^1], it must be
+   **approved by a [backend maintainer](https://about.gitlab.com/handbook/engineering/projects/#gitlab-ce_maintainers_backend)**.
+1. If your merge request includes database migrations or changes to expensive queries [^2], it must be
+   **approved by a [database maintainer](https://about.gitlab.com/handbook/engineering/projects/#gitlab-ce_maintainers_database)**.
+1. If your merge request includes frontend changes [^1], it must be
+   **approved by a [frontend maintainer](https://about.gitlab.com/handbook/engineering/projects/#gitlab-ce_maintainers_frontend)**.
+1. If your merge request includes UX changes [^1], it must be
+   **approved by a [UX team member][team]**.
+1. If your merge request includes adding a new JavaScript library [^1], it must be
+   **approved by a [frontend lead][team]**.
+1. If your merge request includes adding a new UI/UX paradigm [^1], it must be
+   **approved by a [UX lead][team]**.
+1. If your merge request includes a new dependency or a filesystem change, it must be
+   **approved by a [Distribution team member][team]**. See how to work with the [Distribution team](https://about.gitlab.com/handbook/engineering/dev-backend/distribution/) for more details.
 
 #### Security requirements
 
diff --git a/doc/development/database_debugging.md b/doc/development/database_debugging.md
index 0311eda1ff1..eb3b227473b 100644
--- a/doc/development/database_debugging.md
+++ b/doc/development/database_debugging.md
@@ -9,31 +9,31 @@ An easy first step is to search for your error in Slack or google "GitLab (my er
 
 Available `RAILS_ENV`
 
- - `production` (generally not for your main GDK db, but you may need this for e.g. omnibus)
- - `development` (this is your main GDK db)
- - `test` (used for tests like rspec)
+- `production` (generally not for your main GDK db, but you may need this for e.g. omnibus)
+- `development` (this is your main GDK db)
+- `test` (used for tests like rspec)
 
 ## Nuke everything and start over
 
 If you just want to delete everything and start over with an empty DB (~1 minute):
 
- - `bundle exec rake db:reset RAILS_ENV=development`
+- `bundle exec rake db:reset RAILS_ENV=development`
 
 If you just want to delete everything and start over with dummy data (~40 minutes). This also does `db:reset` and runs DB-specific migrations:
 
- - `bundle exec rake dev:setup RAILS_ENV=development`
+- `bundle exec rake dev:setup RAILS_ENV=development`
 
 If your test DB is giving you problems, it is safe to nuke it because it doesn't contain important data:
 
- - `bundle exec rake db:reset RAILS_ENV=test`
+- `bundle exec rake db:reset RAILS_ENV=test`
 
 ## Migration wrangling
 
- - `bundle exec rake db:migrate RAILS_ENV=development`: Execute any pending migrations that you may have picked up from a MR
- - `bundle exec rake db:migrate:status RAILS_ENV=development`: Check if all migrations are `up` or `down`
- - `bundle exec rake db:migrate:down VERSION=20170926203418 RAILS_ENV=development`: Tear down a migration
- - `bundle exec rake db:migrate:up VERSION=20170926203418 RAILS_ENV=development`: Set up a migration
- - `bundle exec rake db:migrate:redo VERSION=20170926203418 RAILS_ENV=development`: Re-run a specific migration
+- `bundle exec rake db:migrate RAILS_ENV=development`: Execute any pending migrations that you may have picked up from a MR
+- `bundle exec rake db:migrate:status RAILS_ENV=development`: Check if all migrations are `up` or `down`
+- `bundle exec rake db:migrate:down VERSION=20170926203418 RAILS_ENV=development`: Tear down a migration
+- `bundle exec rake db:migrate:up VERSION=20170926203418 RAILS_ENV=development`: Set up a migration
+- `bundle exec rake db:migrate:redo VERSION=20170926203418 RAILS_ENV=development`: Re-run a specific migration
 
 ## Manually access the database
 
@@ -45,12 +45,12 @@ bundle exec rails dbconsole RAILS_ENV=development
 bundle exec rails db RAILS_ENV=development
 ```
 
- - `\q`: Quit/exit
- - `\dt`: List all tables
- - `\d+ issues`: List columns for `issues` table
- - `CREATE TABLE board_labels();`: Create a table called `board_labels`
- - `SELECT * FROM schema_migrations WHERE version = '20170926203418';`: Check if a migration was run
- - `DELETE FROM schema_migrations WHERE version = '20170926203418';`: Manually remove a migration
+- `\q`: Quit/exit
+- `\dt`: List all tables
+- `\d+ issues`: List columns for `issues` table
+- `CREATE TABLE board_labels();`: Create a table called `board_labels`
+- `SELECT * FROM schema_migrations WHERE version = '20170926203418';`: Check if a migration was run
+- `DELETE FROM schema_migrations WHERE version = '20170926203418';`: Manually remove a migration
 
 ## FAQ
 
diff --git a/doc/development/diffs.md b/doc/development/diffs.md
index 5655398c886..ac0b8555360 100644
--- a/doc/development/diffs.md
+++ b/doc/development/diffs.md
@@ -133,4 +133,4 @@ File diff will be suppressed (technically different from collapsed, but behaves
 Diff Viewers, which can be found on `models/diff_viewer/*` are classes used to map metadata about each type of Diff File. It has information
 whether it's a binary, which partial should be used to render it or which File extensions this class accounts for.
 
-`DiffViewer::Base` validates _blobs_ (old and new versions) content, extension and file type in order to check if it can be rendered.
\ No newline at end of file
+`DiffViewer::Base` validates _blobs_ (old and new versions) content, extension and file type in order to check if it can be rendered.
diff --git a/doc/development/documentation/feature-change-workflow.md b/doc/development/documentation/feature-change-workflow.md
index ca29353ecbe..ac93ada5a4b 100644
--- a/doc/development/documentation/feature-change-workflow.md
+++ b/doc/development/documentation/feature-change-workflow.md
@@ -121,27 +121,27 @@ All reviewers can help ensure accuracy, clarity, completeness, and adherence to
 
 - **Prior to merging**, documentation changes committed by the developer must be reviewed by:
 
-   1. **The code reviewer** for the MR, to confirm accuracy, clarity, and completeness.
-   1. Optionally: Others involved in the work, such as other devs or the PM.
-   1. Optionally: The technical writer for the DevOps stage. If not prior to merging, the technical writer will review after the merge.
-      This helps us ensure that the developer has time to merge good content by the freeze, and that it can be further refined by the release, if needed.
-      - To decide whether to request this review before the merge, consider the amount of time left before the code freeze, the size of the change,
-        and your degree of confidence in having users of an RC use your docs as written.
-      - Pre-merge tech writer reviews should be most common when the code is complete well in advance of the freeze and/or for larger documentation changes.
-      - You can request a review and if there is not sufficient time to complete it prior to the freeze,
-        the maintainer can merge the current doc changes (if complete) and create a follow-up doc review issue.
-      - The technical writer can also help decide what docs to merge before the freeze and whether to work on further changes in a follow up MR.
-      - **To request a pre-merge technical writer review**, assign the writer listed for the applicable [DevOps stage](https://about.gitlab.com/handbook/product/categories/#devops-stages).
-      - **To request a post-merge technical writer review**, [create an issue for one using the Doc Review template](https://gitlab.com/gitlab-org/gitlab-ce/issues/new?issuable_template=Doc%20Review) and link it from the MR that makes the doc change.
-   1. **The maintainer** who is assigned to merge the MR, to verify clarity, completeness, and quality, to the best of their ability.
+  1. **The code reviewer** for the MR, to confirm accuracy, clarity, and completeness.
+  1. Optionally: Others involved in the work, such as other devs or the PM.
+  1. Optionally: The technical writer for the DevOps stage. If not prior to merging, the technical writer will review after the merge.
+     This helps us ensure that the developer has time to merge good content by the freeze, and that it can be further refined by the release, if needed.
+     - To decide whether to request this review before the merge, consider the amount of time left before the code freeze, the size of the change,
+       and your degree of confidence in having users of an RC use your docs as written.
+     - Pre-merge tech writer reviews should be most common when the code is complete well in advance of the freeze and/or for larger documentation changes.
+     - You can request a review and if there is not sufficient time to complete it prior to the freeze,
+       the maintainer can merge the current doc changes (if complete) and create a follow-up doc review issue.
+     - The technical writer can also help decide what docs to merge before the freeze and whether to work on further changes in a follow up MR.
+     - **To request a pre-merge technical writer review**, assign the writer listed for the applicable [DevOps stage](https://about.gitlab.com/handbook/product/categories/#devops-stages).
+     - **To request a post-merge technical writer review**, [create an issue for one using the Doc Review template](https://gitlab.com/gitlab-org/gitlab-ce/issues/new?issuable_template=Doc%20Review) and link it from the MR that makes the doc change.
+  1. **The maintainer** who is assigned to merge the MR, to verify clarity, completeness, and quality, to the best of their ability.
 
 - Upon merging, if a technical writer review has not been performed and there is not yet a linked issue for a follow-up review, the maintainer should [create an issue using the Doc Review template](https://gitlab.com/gitlab-org/gitlab-ce/issues/new?issuable_template=Doc%20Review), link it from the MR, and
   mention the original MR author in the new issue. Alternatively, the maintainer can ask the MR author to create and link this issue before the MR is merged.
 
 - After merging, documentation changes are reviewed by:
 
-   1. The technical writer--**if** their review was not performed prior to the merge.
-   2. Optionally: by the PM (for accuracy and to ensure it's consistent with the vision for how the product will be used).
+  1. The technical writer -- **if** their review was not performed prior to the merge.
+  1. Optionally: by the PM (for accuracy and to ensure it's consistent with the vision for how the product will be used).
       Any party can raise the item to the PM for review at any point: the dev, the technical writer, or the PM, who can request/plan a review at the outset.
 
 ### Technical Writer role
diff --git a/doc/development/fe_guide/icons.md b/doc/development/fe_guide/icons.md
index 533e2001300..4f687d8642e 100644
--- a/doc/development/fe_guide/icons.md
+++ b/doc/development/fe_guide/icons.md
@@ -21,10 +21,10 @@ To use a sprite Icon in HAML or Rails we use a specific helper function :
 sprite_icon(icon_name, size: nil, css_class: '')
 ```
 
--   **icon_name** Use the icon_name that you can find in the SVG Sprite
-    ([Overview is available here][svg-preview]).
--   **size (optional)** Use one of the following sizes : 16, 24, 32, 48, 72 (this will be translated into a `s16` class)
--   **css_class (optional)** If you want to add additional css classes
+- **icon_name** Use the icon_name that you can find in the SVG Sprite
+  ([Overview is available here][svg-preview]).
+- **size (optional)** Use one of the following sizes : 16, 24, 32, 48, 72 (this will be translated into a `s16` class)
+- **css_class (optional)** If you want to add additional css classes
 
 **Example**
 
@@ -65,10 +65,10 @@ export default {
 </template>
 ```
 
--   **name** Name of the Icon in the SVG Sprite  ([Overview is available here][svg-preview]).
--   **size (optional)** Number value for the size which is then mapped to a specific CSS class
-    (Available Sizes: 8, 12, 16, 18, 24, 32, 48, 72 are mapped to `sXX` css classes)
--   **css-classes (optional)** Additional CSS Classes to add to the svg tag.
+- **name** Name of the Icon in the SVG Sprite  ([Overview is available here][svg-preview]).
+- **size (optional)** Number value for the size which is then mapped to a specific CSS class
+  (Available Sizes: 8, 12, 16, 18, 24, 32, 48, 72 are mapped to `sXX` css classes)
+- **css-classes (optional)** Additional CSS Classes to add to the svg tag.
 
 ### Usage in HTML/JS
 
diff --git a/doc/development/file_storage.md b/doc/development/file_storage.md
index 02874d18a30..475d1c1611e 100644
--- a/doc/development/file_storage.md
+++ b/doc/development/file_storage.md
@@ -92,8 +92,8 @@ in your uploader, you need to either 1) include `RecordsUpload::Concern` and pre
 
 The `CarrierWave::Uploader#store_dir` is overridden to
 
- - `GitlabUploader.base_dir` + `GitlabUploader.dynamic_segment` when the store is LOCAL
- - `GitlabUploader.dynamic_segment` when the store is REMOTE (the bucket name is used to namespace)
+- `GitlabUploader.base_dir` + `GitlabUploader.dynamic_segment` when the store is LOCAL
+- `GitlabUploader.dynamic_segment` when the store is REMOTE (the bucket name is used to namespace)
 
 ### Using `ObjectStorage::Extension::RecordsUploads`
 
diff --git a/doc/development/geo.md b/doc/development/geo.md
index 685d4e44ad3..24f16eae9fa 100644
--- a/doc/development/geo.md
+++ b/doc/development/geo.md
@@ -341,9 +341,9 @@ not used, so sessions etc. aren't shared between nodes.
 GitLab can optionally use Object Storage to store data it would
 otherwise store on disk. These things can be:
 
- - LFS Objects
- - CI Job Artifacts
- - Uploads
+- LFS Objects
+- CI Job Artifacts
+- Uploads
 
 Objects that are stored in object storage, are not handled by Geo. Geo
 ignores items in object storage. Either:
@@ -412,15 +412,15 @@ The Geo **primary** stores events in the `geo_event_log` table. Each
 entry in the log contains a specific type of event. These type of
 events include:
 
- - Repository Deleted event
- - Repository Renamed event
- - Repositories Changed event
- - Repository Created event
- - Hashed Storage Migrated event
- - Lfs Object Deleted event
- - Hashed Storage Attachments event
- - Job Artifact Deleted event
- - Upload Deleted event
+- Repository Deleted event
+- Repository Renamed event
+- Repositories Changed event
+- Repository Created event
+- Hashed Storage Migrated event
+- Lfs Object Deleted event
+- Hashed Storage Attachments event
+- Job Artifact Deleted event
+- Upload Deleted event
 
 ### Geo Log Cursor
 
@@ -526,4 +526,4 @@ old method:
 
 - Replication is synchronous and we preserve the order of events.
 - Replication of the events happen at the same time as the changes in the
-   database.
+  database.
diff --git a/doc/development/git_object_deduplication.md b/doc/development/git_object_deduplication.md
index c103a4527ff..5ce59891afa 100644
--- a/doc/development/git_object_deduplication.md
+++ b/doc/development/git_object_deduplication.md
@@ -79,11 +79,11 @@ at the Rails application level in SQL.
 In conclusion, we need three things for effective object deduplication
 across a collection of GitLab project repositories at the Git level:
 
-1.  A pool repository must exist.
-2.  The participating project repositories must be linked to the pool
-    repository via their respective `objects/info/alternates` files.
-3.  The pool repository must contain Git object data common to the
-    participating project repositories.
+1. A pool repository must exist.
+1. The participating project repositories must be linked to the pool
+   repository via their respective `objects/info/alternates` files.
+1. The pool repository must contain Git object data common to the
+   participating project repositories.
 
 ### Deduplication factor
 
@@ -105,71 +105,71 @@ With pool repositories we made a fresh start. These live in their own
 `pool_repositories` SQL table. The relations between these two tables
 are as follows:
 
--   a `Project` belongs to at most one `PoolRepository`
-    (`project.pool_repository`)
--   as an automatic consequence of the above, a `PoolRepository` has
-    many `Project`s
--   a `PoolRepository` has exactly one "source `Project`"
-    (`pool.source_project`)
+- a `Project` belongs to at most one `PoolRepository`
+  (`project.pool_repository`)
+- as an automatic consequence of the above, a `PoolRepository` has
+  many `Project`s
+- a `PoolRepository` has exactly one "source `Project`"
+  (`pool.source_project`)
 
 > TODO Fix invalid SQL data for pools created prior to GitLab 11.11
 > <https://gitlab.com/gitlab-org/gitaly/issues/1653>.
 
 ### Assumptions
 
--   All repositories in a pool must use [hashed
-    storage](../administration/repository_storage_types.md). This is so
-    that we don't have to ever worry about updating paths in
-    `object/info/alternates` files.
--   All repositories in a pool must be on the same Gitaly storage shard.
-    The Git alternates mechanism relies on direct disk access across
-    multiple repositories, and we can only assume direct disk access to
-    be possible within a Gitaly storage shard.
--   The only two ways to remove a member project from a pool are (1) to
-    delete the project or (2) to move the project to another Gitaly
-    storage shard.
+- All repositories in a pool must use [hashed
+  storage](../administration/repository_storage_types.md). This is so
+  that we don't have to ever worry about updating paths in
+  `object/info/alternates` files.
+- All repositories in a pool must be on the same Gitaly storage shard.
+  The Git alternates mechanism relies on direct disk access across
+  multiple repositories, and we can only assume direct disk access to
+  be possible within a Gitaly storage shard.
+- The only two ways to remove a member project from a pool are (1) to
+  delete the project or (2) to move the project to another Gitaly
+  storage shard.
 
 ### Creating pools and pool memberships
 
--   When a pool gets created, it must have a source project. The initial
-    contents of the pool repository are a Git clone of the source
-    project repository.
--   The occasion for creating a pool is when an existing eligible
-    (public, hashed storage, non-forked) GitLab project gets forked and
-    this project does not belong to a pool repository yet. The fork
-    parent project becomes the source project of the new pool, and both
-    the fork parent and the fork child project become members of the new
-    pool.
--   Once project A has become the source project of a pool, all future
-    eligible forks of A will become pool members.
--   If the fork source is itself a fork, the resulting repository will
-    neither join the repository nor will a new pool repository be
-    seeded.
-
-    eg:
-
-    Suppose fork A is part of a pool repository, any forks created off
-    of fork A *will not* be a part of the pool repository that fork A is
-    a part of.
-
-    Suppose B is a fork of A, and A does not belong to an object pool.
-    Now C gets created as a fork of B. C will not be part of a pool
-    repository.
+- When a pool gets created, it must have a source project. The initial
+  contents of the pool repository are a Git clone of the source
+  project repository.
+- The occasion for creating a pool is when an existing eligible
+  (public, hashed storage, non-forked) GitLab project gets forked and
+  this project does not belong to a pool repository yet. The fork
+  parent project becomes the source project of the new pool, and both
+  the fork parent and the fork child project become members of the new
+  pool.
+- Once project A has become the source project of a pool, all future
+  eligible forks of A will become pool members.
+- If the fork source is itself a fork, the resulting repository will
+  neither join the repository nor will a new pool repository be
+  seeded.
+
+  eg:
+
+  Suppose fork A is part of a pool repository, any forks created off
+  of fork A *will not* be a part of the pool repository that fork A is
+  a part of.
+
+  Suppose B is a fork of A, and A does not belong to an object pool.
+  Now C gets created as a fork of B. C will not be part of a pool
+  repository.
 
 > TODO should forks of forks be deduplicated?
 > <https://gitlab.com/gitlab-org/gitaly/issues/1532>
 
 ### Consequences
 
--   If a normal Project participating in a pool gets moved to another
-    Gitaly storage shard, its "belongs to PoolRepository" relation will
-    be broken. Because of the way moving repositories between shard is
-    implemented, we will automatically get a fresh self-contained copy
-    of the project's repository on the new storage shard.
--   If the source project of a pool gets moved to another Gitaly storage
-    shard or is deleted the "source project" relation is not broken.
-    However, as of GitLab 12.0 a pool will not fetch from a source
-    unless the source is on the same Gitaly shard.
+- If a normal Project participating in a pool gets moved to another
+  Gitaly storage shard, its "belongs to PoolRepository" relation will
+  be broken. Because of the way moving repositories between shard is
+  implemented, we will automatically get a fresh self-contained copy
+  of the project's repository on the new storage shard.
+- If the source project of a pool gets moved to another Gitaly storage
+  shard or is deleted the "source project" relation is not broken.
+  However, as of GitLab 12.0 a pool will not fetch from a source
+  unless the source is on the same Gitaly shard.
 
 ## Consistency between the SQL pool relation and Gitaly
 
diff --git a/doc/development/new_fe_guide/style/javascript.md b/doc/development/new_fe_guide/style/javascript.md
index 3019eaa089c..802ebd12d92 100644
--- a/doc/development/new_fe_guide/style/javascript.md
+++ b/doc/development/new_fe_guide/style/javascript.md
@@ -71,7 +71,6 @@ class myClass {
 }
 const instance = new myClass();
 instance.makeRequest();
-
 ```
 
 ## Avoid classes to handle DOM events
@@ -189,8 +188,8 @@ disabled due to legacy compatibility reasons but they are in the process of bein
 Do not disable specific ESLint rules. Due to technical debt, you may disable the following
 rules only if you are invoking/instantiating existing code modules.
 
-  - [no-new](http://eslint.org/docs/rules/no-new)
-  - [class-method-use-this](http://eslint.org/docs/rules/class-methods-use-this)
+- [no-new](http://eslint.org/docs/rules/no-new)
+- [class-method-use-this](http://eslint.org/docs/rules/class-methods-use-this)
 
 > Note: Disable these rules on a per line basis. This makes it easier to refactor
   in the future. E.g. use `eslint-disable-next-line` or `eslint-disable-line`.
diff --git a/doc/development/testing_guide/review_apps.md b/doc/development/testing_guide/review_apps.md
index ae40d628717..96761622cfe 100644
--- a/doc/development/testing_guide/review_apps.md
+++ b/doc/development/testing_guide/review_apps.md
@@ -137,8 +137,8 @@ secure note named **gitlab-{ce,ee} Review App's root password**.
 
 ### Run a Rails console
 
-1. [Filter Workloads by your Review App slug](https://console.cloud.google.com/kubernetes/workload?project=gitlab-review-apps)
-  , e.g. `review-qa-raise-e-12chm0`.
+1. [Filter Workloads by your Review App slug](https://console.cloud.google.com/kubernetes/workload?project=gitlab-review-apps),
+   e.g. `review-qa-raise-e-12chm0`.
 1. Find and open the `task-runner` Deployment, e.g. `review-qa-raise-e-12chm0-task-runner`.
 1. Click on the Pod in the "Managed pods" section, e.g. `review-qa-raise-e-12chm0-task-runner-d5455cc8-2lsvz`.
 1. Click on the `KUBECTL` dropdown, then `Exec` -> `task-runner`.
@@ -196,7 +196,7 @@ For the record, the debugging steps to find out this issue were:
 1. `kubectl describe pod <pod name>` & confirm exact error message
 1. Web search for exact error message, following rabbit hole to [a relevant kubernetes bug report](https://github.com/kubernetes/kubernetes/issues/57345)
 1. Access the node over SSH via the GCP console (**Computer Engine > VM
-  instances** then click the "SSH" button for the node where the `dns-gitlab-review-app-external-dns` pod runs)
+   instances** then click the "SSH" button for the node where the `dns-gitlab-review-app-external-dns` pod runs)
 1. In the node: `systemctl --version` => systemd 232
 1. Gather some more information:
    - `mount | grep kube | wc -l` => e.g. 290
@@ -211,7 +211,7 @@ For the record, the debugging steps to find out this issue were:
 To resolve the problem, we needed to (forcibly) drain some nodes:
 
 1. Try a normal drain on the node where the `dns-gitlab-review-app-external-dns`
-  pod runs so that Kubernetes automatically move it to another node: `kubectl drain NODE_NAME`
+   pod runs so that Kubernetes automatically move it to another node: `kubectl drain NODE_NAME`
 1. If that doesn't work, you can also perform a forcible "drain" the node by removing all pods: `kubectl delete pods --field-selector=spec.nodeName=NODE_NAME`
 1. In the node:
    - Perform `systemctl daemon-reload` to remove the dead/inactive units
diff --git a/doc/gitlab-basics/create-project.md b/doc/gitlab-basics/create-project.md
index ccba72f0ef8..2caf7dbbc7a 100644
--- a/doc/gitlab-basics/create-project.md
+++ b/doc/gitlab-basics/create-project.md
@@ -23,18 +23,18 @@ To create a project in GitLab:
 To create a new blank project on the **New project** page:
 
 1. On the **Blank project** tab, provide the following information:
-    - The name of your project in the **Project name** field. You can't use
-      special characters, but you can use spaces, hyphens, underscores or even
-      emoji.
-    - The **Project description (optional)** field enables you to enter a
-      description for your project's dashboard, which will help others
-      understand what your project is about. Though it's not required, it's a good
-      idea to fill this in.
-    - Changing the **Visibility Level** modifies the project's
-      [viewing and access rights](../public_access/public_access.md) for users.
-    - Selecting the **Initialize repository with a README** option creates a
-      README file so that the Git repository is initialized, has a default branch, and
-      can be cloned.
+   - The name of your project in the **Project name** field. You can't use
+     special characters, but you can use spaces, hyphens, underscores or even
+     emoji.
+   - The **Project description (optional)** field enables you to enter a
+     description for your project's dashboard, which will help others
+     understand what your project is about. Though it's not required, it's a good
+     idea to fill this in.
+   - Changing the **Visibility Level** modifies the project's
+     [viewing and access rights](../public_access/public_access.md) for users.
+   - Selecting the **Initialize repository with a README** option creates a
+     README file so that the Git repository is initialized, has a default branch, and
+     can be cloned.
 1. Click **Create project**.
 
 ## Project templates
@@ -60,8 +60,8 @@ To use a built-in template on the **New project** page:
 
 1. On the **Create from template** tab, select the **Built-in** tab.
 1. From the list of available built-in templates, click the:
-    - **Preview** button to look at the template source itself.
-    - **Use template** button to start creating the project.
+   - **Preview** button to look at the template source itself.
+   - **Use template** button to start creating the project.
 1. Finish creating the project by filling out the project's details. The process is the same as for
    using a [blank project](#blank-projects).
 
@@ -83,8 +83,8 @@ To use a custom project template on the **New project** page:
 
 1. On the **Create from template** tab, select the **Instance** tab or the **Group** tab.
 1. From the list of available custom templates, click the:
-    - **Preview** button to look at the template source itself.
-    - **Use template** button to start creating the project.
+   - **Preview** button to look at the template source itself.
+   - **Use template** button to start creating the project.
 1. Finish creating the project by filling out the project's details. The process is the same as for
    using a [blank project](#blank-projects).
 
diff --git a/doc/university/training/topics/getting_started.md b/doc/university/training/topics/getting_started.md
index 08027c5d15b..e8ff7916590 100644
--- a/doc/university/training/topics/getting_started.md
+++ b/doc/university/training/topics/getting_started.md
@@ -8,14 +8,15 @@ comments: false
 
 - Create a new repository by instantiating it through:
 
-    ```bash
-    git init
-    ```
+  ```bash
+  git init
+  ```
+
 - Copy an existing project by cloning the repository through:
 
-    ```bash
-    git clone <url>
-    ```
+  ```bash
+  git clone <url>
+  ```
 
 ## Central Repos
 
@@ -23,9 +24,9 @@ comments: false
 - Bare repositories don't allow file editing or committing changes.
 - Create a bare repo with:
 
-    ```bash
-    git init --bare project-name.git
-    ```
+  ```bash
+  git init --bare project-name.git
+  ```
 
 ## Instantiate workflow with clone
 
-- 
cgit v1.2.1


From feb571a1ddf41826b339bf5dd1984561622998bb Mon Sep 17 00:00:00 2001
From: Imre Farkas <ifarkas@gitlab.com>
Date: Thu, 18 Jul 2019 01:19:46 +0000
Subject: Doc for "Move external authorization service API management to EE"

---
 doc/api/projects.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/api/projects.md b/doc/api/projects.md
index 781192fb92e..ba7e28c279b 100644
--- a/doc/api/projects.md
+++ b/doc/api/projects.md
@@ -799,7 +799,7 @@ POST /projects/user/:user_id
 | `auto_devops_deploy_strategy` | string | no | Auto Deploy strategy (`continuous`, `manual` or `timed_incremental`) |
 | `repository_storage` | string | no | Which storage shard the repository is on. Available only to admins |
 | `approvals_before_merge` | integer | no | **(STARTER)** How many approvers should approve merge requests by default |
-| `external_authorization_classification_label` | string | no | **(CORE ONLY)** The classification label for the project |
+| `external_authorization_classification_label` | string | no | **(PREMIUM)** The classification label for the project |
 | `mirror` | boolean | no | **(STARTER)** Enables pull mirroring in a project |
 | `mirror_trigger_builds` | boolean | no | **(STARTER)** Pull mirroring triggers builds |
 
@@ -856,7 +856,7 @@ PUT /projects/:id
 | `auto_devops_deploy_strategy` | string | no | Auto Deploy strategy (`continuous`, `manual` or `timed_incremental`) |
 | `repository_storage` | string | no | Which storage shard the repository is on. Available only to admins |
 | `approvals_before_merge` | integer | no | **(STARTER)** How many approvers should approve merge request by default |
-| `external_authorization_classification_label` | string | no | **(CORE ONLY)** The classification label for the project |
+| `external_authorization_classification_label` | string | no | **(PREMIUM)** The classification label for the project |
 | `mirror` | boolean | no | **(STARTER)** Enables pull mirroring in a project |
 | `mirror_user_id` | integer | no | **(STARTER)** User responsible for all the activity surrounding a pull mirror event |
 | `mirror_trigger_builds` | boolean | no | **(STARTER)** Pull mirroring triggers builds |
-- 
cgit v1.2.1


From 739f50c3b571d3566f9f21769357010f0989b19c Mon Sep 17 00:00:00 2001
From: Victor Zagorodny <vzagorodny@gitlab.com>
Date: Thu, 18 Jul 2019 01:46:46 +0000
Subject: Go guide: be more explicit on testing frameworks + diffing test
 results

---
 doc/development/go_guide/index.md | 37 +++++++++++++++++++++++++++++++++++--
 1 file changed, 35 insertions(+), 2 deletions(-)

diff --git a/doc/development/go_guide/index.md b/doc/development/go_guide/index.md
index f09339eb3a4..f827d240bf6 100644
--- a/doc/development/go_guide/index.md
+++ b/doc/development/go_guide/index.md
@@ -129,17 +129,50 @@ deploy a new pod, migrating the data automatically.
 
 ## Testing
 
+### Testing frameworks
+
 We should not use any specific library or framework for testing, as the
 [standard library](https://golang.org/pkg/) provides already everything to get
-started. For example, some external dependencies might be worth considering in
-case we decide to use a specific library or framework:
+started. If there is a need for more sophisticated testing tools, the following
+external dependencies might be worth considering in case we decide to use a specific
+library or framework:
 
 - [Testify](https://github.com/stretchr/testify)
 - [httpexpect](https://github.com/gavv/httpexpect)
 
+### Subtests
+
 Use [subtests](https://blog.golang.org/subtests) whenever possible to improve
 code readability and test output.
 
+### Better output in tests
+
+When comparing expected and actual values in tests, use
+[testify/require.Equal](https://godoc.org/github.com/stretchr/testify/require#Equal),
+[testify/require.EqualError](https://godoc.org/github.com/stretchr/testify/require#EqualError),
+[testify/require.EqualValues](https://godoc.org/github.com/stretchr/testify/require#EqualValues),
+and others to improve readability when comparing structs, errors,
+large portions of text, or JSON documents:
+
+```go
+type TestData struct {
+    // ...
+}
+
+func FuncUnderTest() TestData {
+    // ...
+}
+
+func Test(t *testing.T) {
+    t.Run("FuncUnderTest", func(t *testing.T) {
+        want := TestData{}
+        got := FuncUnderTest()
+
+        require.Equal(t, want, got) // note that expected value comes first, then comes the actual one ("diff" semantics)
+    })
+}
+```
+
 ### Benchmarks
 
 Programs handling a lot of IO or complex operations should always include
-- 
cgit v1.2.1


From 97076881516edd0523841e679f8252928dedc167 Mon Sep 17 00:00:00 2001
From: Mark Lapierre <mlapierre@gitlab.com>
Date: Thu, 18 Jul 2019 04:20:54 +0000
Subject: Unquarantine object storage test

--compat mode in Minio is now enabled so this test should pass
See https://gitlab.com/gitlab-org/gitlab-qa/merge_requests/260
---
 qa/qa/specs/features/browser_ui/2_plan/issue/create_issue_spec.rb | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/create_issue_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/create_issue_spec.rb
index 1eea3efec7f..dc04e7c22a9 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/create_issue_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/create_issue_spec.rb
@@ -13,8 +13,7 @@ module QA
         expect(page).to have_content(issue_title)
       end
 
-      # Failure issue: https://gitlab.com/gitlab-org/quality/nightly/issues/101
-      context 'when using attachments in comments', :object_storage, :quarantine do
+      context 'when using attachments in comments', :object_storage do
         let(:file_to_attach) do
           File.absolute_path(File.join('spec', 'fixtures', 'banana_sample.gif'))
         end
-- 
cgit v1.2.1


From a9707e8cf70487a52efbe43ffe72c9e995f5cdea Mon Sep 17 00:00:00 2001
From: George Thomas <iamgeorgethomas@gmail.com>
Date: Wed, 27 Feb 2019 13:11:14 +0530
Subject: Rewrite `if:` argument in before_action and alike when `only:` is
 also used

Closes #55564
This is first discovered in #54739 (comment 122609857) that if both if: and only:
are used in a before_action or after_action or alike, if: is completely ignored.
---
 app/controllers/projects/snippets_controller.rb                  | 3 ++-
 app/controllers/projects/wikis_controller.rb                     | 3 ++-
 app/controllers/projects_controller.rb                           | 8 +++++---
 app/controllers/registrations_controller.rb                      | 3 +--
 app/controllers/sessions_controller.rb                           | 7 +++----
 app/controllers/snippets_controller.rb                           | 3 ++-
 changelogs/unreleased/55564-remove-if-in-before-after-action.yml | 5 +++++
 7 files changed, 20 insertions(+), 12 deletions(-)
 create mode 100644 changelogs/unreleased/55564-remove-if-in-before-after-action.yml

diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb
index 255f1f3569a..59f948959d6 100644
--- a/app/controllers/projects/snippets_controller.rb
+++ b/app/controllers/projects/snippets_controller.rb
@@ -7,7 +7,8 @@ class Projects::SnippetsController < Projects::ApplicationController
   include SnippetsActions
   include RendersBlob
 
-  skip_before_action :verify_authenticity_token, only: [:show], if: :js_request?
+  skip_before_action :verify_authenticity_token,
+    if: -> { action_name == 'show' && js_request? }
 
   before_action :check_snippets_available!
   before_action :snippet, only: [:show, :edit, :destroy, :update, :raw, :toggle_award_emoji, :mark_as_spam]
diff --git a/app/controllers/projects/wikis_controller.rb b/app/controllers/projects/wikis_controller.rb
index fa5bdbc7d49..b0998d7f3be 100644
--- a/app/controllers/projects/wikis_controller.rb
+++ b/app/controllers/projects/wikis_controller.rb
@@ -10,7 +10,8 @@ class Projects::WikisController < Projects::ApplicationController
   before_action :authorize_admin_wiki!, only: :destroy
   before_action :load_project_wiki
   before_action :load_page, only: [:show, :edit, :update, :history, :destroy]
-  before_action :valid_encoding?, only: [:show, :edit, :update], if: :load_page
+  before_action :valid_encoding?,
+    if: -> { %w[show edit update].include?(action_name) && load_page }
   before_action only: [:edit, :update], unless: :valid_encoding? do
     redirect_to(project_wiki_path(@project, @page))
   end
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
index feefc7f8137..37ffd28bf9e 100644
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -18,9 +18,11 @@ class ProjectsController < Projects::ApplicationController
   before_action :redirect_git_extension, only: [:show]
   before_action :project, except: [:index, :new, :create, :resolve]
   before_action :repository, except: [:index, :new, :create, :resolve]
-  before_action :assign_ref_vars, only: [:show], if: :repo_exists?
-  before_action :tree, only: [:show], if: [:repo_exists?, :project_view_files?]
-  before_action :lfs_blob_ids, only: [:show], if: [:repo_exists?, :project_view_files?]
+  before_action :assign_ref_vars, if: -> { action_name == 'show' && repo_exists? }
+  before_action :tree,
+    if: -> { action_name == 'show' && repo_exists? && project_view_files? }
+  before_action :lfs_blob_ids,
+    if: -> { action_name == 'show' && repo_exists? && project_view_files? }
   before_action :project_export_enabled, only: [:export, :download_export, :remove_export, :generate_new_export]
   before_action :present_project, only: [:edit]
   before_action :authorize_download_code!, only: [:refs]
diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb
index b2b151bbcf0..638934694e0 100644
--- a/app/controllers/registrations_controller.rb
+++ b/app/controllers/registrations_controller.rb
@@ -8,8 +8,7 @@ class RegistrationsController < Devise::RegistrationsController
   prepend_before_action :check_captcha, only: :create
   before_action :whitelist_query_limiting, only: [:destroy]
   before_action :ensure_terms_accepted,
-                if: -> { Gitlab::CurrentSettings.current_application_settings.enforce_terms? },
-                only: [:create]
+    if: -> { action_name == 'create' && Gitlab::CurrentSettings.current_application_settings.enforce_terms? }
 
   def new
     redirect_to(new_user_session_path)
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index a841859621e..7604b31467a 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -13,18 +13,17 @@ class SessionsController < Devise::SessionsController
 
   prepend_before_action :check_initial_setup, only: [:new]
   prepend_before_action :authenticate_with_two_factor,
-    if: :two_factor_enabled?, only: [:create]
+    if: -> { action_name == 'create' && two_factor_enabled? }
   prepend_before_action :check_captcha, only: [:create]
   prepend_before_action :store_redirect_uri, only: [:new]
   prepend_before_action :ldap_servers, only: [:new, :create]
   prepend_before_action :require_no_authentication_without_flash, only: [:new, :create]
-  prepend_before_action :ensure_password_authentication_enabled!, if: :password_based_login?, only: [:create]
+  prepend_before_action :ensure_password_authentication_enabled!, if: -> { action_name == 'create' && password_based_login? }
 
   before_action :auto_sign_in_with_provider, only: [:new]
   before_action :load_recaptcha
 
-  after_action :log_failed_login, only: [:new], if: :failed_login?
-
+  after_action :log_failed_login, if: -> { action_name == 'new' && failed_login? }
   helper_method :captcha_enabled?
 
   CAPTCHA_HEADER = 'X-GitLab-Show-Login-Captcha'.freeze
diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb
index fad036b8df8..869655e9550 100644
--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -8,7 +8,8 @@ class SnippetsController < ApplicationController
   include RendersBlob
   include PreviewMarkdown
 
-  skip_before_action :verify_authenticity_token, only: [:show], if: :js_request?
+  skip_before_action :verify_authenticity_token,
+    if: -> { action_name == 'show' && js_request? }
 
   before_action :snippet, only: [:show, :edit, :destroy, :update, :raw]
 
diff --git a/changelogs/unreleased/55564-remove-if-in-before-after-action.yml b/changelogs/unreleased/55564-remove-if-in-before-after-action.yml
new file mode 100644
index 00000000000..a787faa8a9c
--- /dev/null
+++ b/changelogs/unreleased/55564-remove-if-in-before-after-action.yml
@@ -0,0 +1,5 @@
+---
+title: Rewrite `if:` argument in before_action and alike when `only:` is also used
+merge_request: 24412
+author: George Thomas @thegeorgeous
+type: other
-- 
cgit v1.2.1


From 9599936cb2b62724668d3c708d346c7c44894442 Mon Sep 17 00:00:00 2001
From: Dan Davison <ddavison@gitlab.com>
Date: Thu, 18 Jul 2019 05:25:07 +0000
Subject: Refactor all existing usages of .act

Replace any occurance of .act with the
preferred method .perform
---
 qa/qa/page/main/login.rb                                     |  6 +++---
 .../browser_ui/1_manage/group/transfer_project_spec.rb       |  2 +-
 .../specs/features/browser_ui/1_manage/login/log_in_spec.rb  |  2 +-
 .../1_manage/login/log_into_gitlab_via_ldap_spec.rb          |  2 +-
 .../1_manage/login/login_via_instance_wide_saml_sso_spec.rb  |  4 ++--
 .../browser_ui/1_manage/project/create_project_spec.rb       |  2 +-
 .../browser_ui/1_manage/project/import_github_repo_spec.rb   | 12 ++++++------
 .../features/browser_ui/2_plan/issue/comment_issue_spec.rb   |  2 +-
 .../features/browser_ui/2_plan/issue/create_issue_spec.rb    |  4 ++--
 .../browser_ui/2_plan/issue/filter_issue_comments_spec.rb    |  2 +-
 .../browser_ui/3_create/repository/add_ssh_key_spec.rb       |  6 +++---
 .../repository/create_edit_delete_file_via_web_spec.rb       |  4 ++--
 .../3_create/repository/push_protected_branch_spec.rb        |  2 +-
 .../browser_ui/4_verify/runner/register_runner_spec.rb       |  2 +-
 .../6_release/deploy_token/add_deploy_token_spec.rb          |  2 +-
 .../mattermost/create_group_with_mattermost_team_spec.rb     |  4 ++--
 16 files changed, 29 insertions(+), 29 deletions(-)

diff --git a/qa/qa/page/main/login.rb b/qa/qa/page/main/login.rb
index 8970eeb6678..ffce3b72275 100644
--- a/qa/qa/page/main/login.rb
+++ b/qa/qa/page/main/login.rb
@@ -44,7 +44,7 @@ module QA
 
         def sign_in_using_credentials(user = nil)
           # Don't try to log-in if we're already logged-in
-          return if Page::Main::Menu.act { has_personal_area?(wait: 0) }
+          return if Page::Main::Menu.perform { |menu| menu.has_personal_area?(wait: 0) }
 
           using_wait_time 0 do
             set_initial_password_if_present
@@ -58,7 +58,7 @@ module QA
             end
           end
 
-          Page::Main::Menu.act { has_personal_area? }
+          Page::Main::Menu.perform(&:has_personal_area?)
         end
 
         def sign_in_using_admin_credentials
@@ -73,7 +73,7 @@ module QA
             sign_in_using_gitlab_credentials(admin)
           end
 
-          Page::Main::Menu.act { has_personal_area? }
+          Page::Main::Menu.perform(&:has_personal_area?)
         end
 
         def self.path
diff --git a/qa/qa/specs/features/browser_ui/1_manage/group/transfer_project_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/group/transfer_project_spec.rb
index 2363836d5e3..c9acd7df776 100644
--- a/qa/qa/specs/features/browser_ui/1_manage/group/transfer_project_spec.rb
+++ b/qa/qa/specs/features/browser_ui/1_manage/group/transfer_project_spec.rb
@@ -5,7 +5,7 @@ module QA
     describe 'Project transfer between groups' do
       it 'user transfers a project between groups' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.act { sign_in_using_credentials }
+        Page::Main::Login.perform(&:sign_in_using_credentials)
 
         source_group = Resource::Group.fabricate_via_api! do |group|
           group.path = 'source-group'
diff --git a/qa/qa/specs/features/browser_ui/1_manage/login/log_in_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/login/log_in_spec.rb
index 09d1d3fe76e..6556c28ccab 100644
--- a/qa/qa/specs/features/browser_ui/1_manage/login/log_in_spec.rb
+++ b/qa/qa/specs/features/browser_ui/1_manage/login/log_in_spec.rb
@@ -5,7 +5,7 @@ module QA
     describe 'basic user login' do
       it 'user logs in using basic credentials and logs out' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.act { sign_in_using_credentials }
+        Page::Main::Login.perform(&:sign_in_using_credentials)
 
         Page::Main::Menu.perform do |menu|
           expect(menu).to have_personal_area
diff --git a/qa/qa/specs/features/browser_ui/1_manage/login/log_into_gitlab_via_ldap_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/login/log_into_gitlab_via_ldap_spec.rb
index 72dde4e5bd8..10cd8470a8f 100644
--- a/qa/qa/specs/features/browser_ui/1_manage/login/log_into_gitlab_via_ldap_spec.rb
+++ b/qa/qa/specs/features/browser_ui/1_manage/login/log_into_gitlab_via_ldap_spec.rb
@@ -5,7 +5,7 @@ module QA
     describe 'LDAP login' do
       it 'user logs into GitLab using LDAP credentials' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.act { sign_in_using_credentials }
+        Page::Main::Login.perform(&:sign_in_using_credentials)
 
         Page::Main::Menu.perform do |menu|
           expect(menu).to have_personal_area
diff --git a/qa/qa/specs/features/browser_ui/1_manage/login/login_via_instance_wide_saml_sso_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/login/login_via_instance_wide_saml_sso_spec.rb
index 87f0e9030d2..101143399f6 100644
--- a/qa/qa/specs/features/browser_ui/1_manage/login/login_via_instance_wide_saml_sso_spec.rb
+++ b/qa/qa/specs/features/browser_ui/1_manage/login/login_via_instance_wide_saml_sso_spec.rb
@@ -6,9 +6,9 @@ module QA
       it 'User logs in to gitlab with SAML SSO' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
 
-        Page::Main::Login.act { sign_in_with_saml }
+        Page::Main::Login.perform(&:sign_in_with_saml)
 
-        Vendor::SAMLIdp::Page::Login.act { login }
+        Vendor::SAMLIdp::Page::Login.perform(&:login)
 
         expect(page).to have_content('Welcome to GitLab')
       end
diff --git a/qa/qa/specs/features/browser_ui/1_manage/project/create_project_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/project/create_project_spec.rb
index 6632c2977ef..fbe857dc2a5 100644
--- a/qa/qa/specs/features/browser_ui/1_manage/project/create_project_spec.rb
+++ b/qa/qa/specs/features/browser_ui/1_manage/project/create_project_spec.rb
@@ -5,7 +5,7 @@ module QA
     describe 'Project creation' do
       it 'user creates a new project' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.act { sign_in_using_credentials }
+        Page::Main::Login.perform(&:sign_in_using_credentials)
 
         created_project = Resource::Project.fabricate_via_browser_ui! do |project|
           project.name = 'awesome-project'
diff --git a/qa/qa/specs/features/browser_ui/1_manage/project/import_github_repo_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/project/import_github_repo_spec.rb
index a9eafd61a91..4f8c46cbd5f 100644
--- a/qa/qa/specs/features/browser_ui/1_manage/project/import_github_repo_spec.rb
+++ b/qa/qa/specs/features/browser_ui/1_manage/project/import_github_repo_spec.rb
@@ -24,16 +24,16 @@ module QA
 
       it 'user imports a GitHub repo' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.act { sign_in_using_credentials }
+        Page::Main::Login.perform(&:sign_in_using_credentials)
 
         imported_project # import the project
 
-        Page::Main::Menu.act { go_to_projects }
+        Page::Main::Menu.perform(&:go_to_projects)
         Page::Dashboard::Projects.perform do |dashboard|
           dashboard.go_to_project(imported_project.name)
         end
 
-        Page::Project::Show.act { wait_for_import }
+        Page::Project::Show.perform(&:wait_for_import)
 
         verify_repository_import
         verify_issues_import
@@ -50,7 +50,7 @@ module QA
 
       def verify_issues_import
         QA::Support::Retrier.retry_on_exception do
-          Page::Project::Menu.act { click_issues }
+          Page::Project::Menu.perform(&:click_issues)
           expect(page).to have_content('This is a sample issue')
 
           click_link 'This is a sample issue'
@@ -73,7 +73,7 @@ module QA
       end
 
       def verify_merge_requests_import
-        Page::Project::Menu.act { click_merge_requests }
+        Page::Project::Menu.perform(&:click_merge_requests)
         expect(page).to have_content('Improve README.md')
 
         click_link 'Improve README.md'
@@ -108,7 +108,7 @@ module QA
       end
 
       def verify_wiki_import
-        Page::Project::Menu.act { click_wiki }
+        Page::Project::Menu.perform(&:click_wiki)
 
         expect(page).to have_content('Welcome to the test-project wiki!')
       end
diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/comment_issue_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/comment_issue_spec.rb
index a62a51b11f4..2e71ecb5718 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/comment_issue_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/comment_issue_spec.rb
@@ -5,7 +5,7 @@ module QA
     describe 'Issue comments' do
       it 'user comments on an issue and edits the comment' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.act { sign_in_using_credentials }
+        Page::Main::Login.perform(&:sign_in_using_credentials)
 
         issue = Resource::Issue.fabricate_via_api! do |issue|
           issue.title = 'issue title'
diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/create_issue_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/create_issue_spec.rb
index dc04e7c22a9..342f65593f6 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/create_issue_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/create_issue_spec.rb
@@ -8,7 +8,7 @@ module QA
       it 'user creates an issue' do
         create_issue
 
-        Page::Project::Menu.act { click_issues }
+        Page::Project::Menu.perform(&:click_issues)
 
         expect(page).to have_content(issue_title)
       end
@@ -39,7 +39,7 @@ module QA
 
       def create_issue
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.act { sign_in_using_credentials }
+        Page::Main::Login.perform(&:sign_in_using_credentials)
 
         Resource::Issue.fabricate_via_browser_ui! do |issue|
           issue.title = issue_title
diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/filter_issue_comments_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/filter_issue_comments_spec.rb
index 301836f5ce8..af9514008f9 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/filter_issue_comments_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/filter_issue_comments_spec.rb
@@ -7,7 +7,7 @@ module QA
 
       it 'user filters comments and activities in an issue' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.act { sign_in_using_credentials }
+        Page::Main::Login.perform(&:sign_in_using_credentials)
 
         issue = Resource::Issue.fabricate_via_api! do |issue|
           issue.title = issue_title
diff --git a/qa/qa/specs/features/browser_ui/3_create/repository/add_ssh_key_spec.rb b/qa/qa/specs/features/browser_ui/3_create/repository/add_ssh_key_spec.rb
index f41240b7605..56a7a04e840 100644
--- a/qa/qa/specs/features/browser_ui/3_create/repository/add_ssh_key_spec.rb
+++ b/qa/qa/specs/features/browser_ui/3_create/repository/add_ssh_key_spec.rb
@@ -7,7 +7,7 @@ module QA
 
       it 'user adds and then removes an SSH key', :smoke do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.act { sign_in_using_credentials }
+        Page::Main::Login.perform(&:sign_in_using_credentials)
 
         key = Resource::SSHKey.fabricate! do |resource|
           resource.title = key_title
@@ -16,8 +16,8 @@ module QA
         expect(page).to have_content("Title: #{key_title}")
         expect(page).to have_content(key.fingerprint)
 
-        Page::Main::Menu.act { click_settings_link }
-        Page::Profile::Menu.act { click_ssh_keys }
+        Page::Main::Menu.perform(&:click_settings_link)
+        Page::Profile::Menu.perform(&:click_ssh_keys)
 
         Page::Profile::SSHKeys.perform do |ssh_keys|
           ssh_keys.remove_key(key_title)
diff --git a/qa/qa/specs/features/browser_ui/3_create/repository/create_edit_delete_file_via_web_spec.rb b/qa/qa/specs/features/browser_ui/3_create/repository/create_edit_delete_file_via_web_spec.rb
index d345fbfe995..51a1c19f0f7 100644
--- a/qa/qa/specs/features/browser_ui/3_create/repository/create_edit_delete_file_via_web_spec.rb
+++ b/qa/qa/specs/features/browser_ui/3_create/repository/create_edit_delete_file_via_web_spec.rb
@@ -5,7 +5,7 @@ module QA
     describe 'Files management' do
       it 'user creates, edits and deletes a file via the Web' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.act { sign_in_using_credentials }
+        Page::Main::Login.perform(&:sign_in_using_credentials)
 
         # Create
         file_name = 'QA Test - File name'
@@ -27,7 +27,7 @@ module QA
         updated_file_content = 'QA Test - Updated file content'
         commit_message_for_update = 'QA Test - Update file'
 
-        Page::File::Show.act { click_edit }
+        Page::File::Show.perform(&:click_edit)
 
         Page::File::Form.act do
           remove_content
diff --git a/qa/qa/specs/features/browser_ui/3_create/repository/push_protected_branch_spec.rb b/qa/qa/specs/features/browser_ui/3_create/repository/push_protected_branch_spec.rb
index 6aebd04af03..e159e517cbb 100644
--- a/qa/qa/specs/features/browser_ui/3_create/repository/push_protected_branch_spec.rb
+++ b/qa/qa/specs/features/browser_ui/3_create/repository/push_protected_branch_spec.rb
@@ -13,7 +13,7 @@ module QA
 
       before do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.act { sign_in_using_credentials }
+        Page::Main::Login.perform(&:sign_in_using_credentials)
       end
 
       after do
diff --git a/qa/qa/specs/features/browser_ui/4_verify/runner/register_runner_spec.rb b/qa/qa/specs/features/browser_ui/4_verify/runner/register_runner_spec.rb
index 3af7db751e7..33744236dd4 100644
--- a/qa/qa/specs/features/browser_ui/4_verify/runner/register_runner_spec.rb
+++ b/qa/qa/specs/features/browser_ui/4_verify/runner/register_runner_spec.rb
@@ -11,7 +11,7 @@ module QA
 
       it 'user registers a new specific runner' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.act { sign_in_using_credentials }
+        Page::Main::Login.perform(&:sign_in_using_credentials)
 
         Resource::Runner.fabricate! do |runner|
           runner.name = executor
diff --git a/qa/qa/specs/features/browser_ui/6_release/deploy_token/add_deploy_token_spec.rb b/qa/qa/specs/features/browser_ui/6_release/deploy_token/add_deploy_token_spec.rb
index 791dc62e32f..ec0c45652fd 100644
--- a/qa/qa/specs/features/browser_ui/6_release/deploy_token/add_deploy_token_spec.rb
+++ b/qa/qa/specs/features/browser_ui/6_release/deploy_token/add_deploy_token_spec.rb
@@ -5,7 +5,7 @@ module QA
     describe 'Deploy token creation' do
       it 'user adds a deploy token' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.act { sign_in_using_credentials }
+        Page::Main::Login.perform(&:sign_in_using_credentials)
 
         deploy_token_name = 'deploy token name'
         one_week_from_now = Date.today + 7
diff --git a/qa/qa/specs/features/browser_ui/7_configure/mattermost/create_group_with_mattermost_team_spec.rb b/qa/qa/specs/features/browser_ui/7_configure/mattermost/create_group_with_mattermost_team_spec.rb
index 8383dcdb983..94d20106de4 100644
--- a/qa/qa/specs/features/browser_ui/7_configure/mattermost/create_group_with_mattermost_team_spec.rb
+++ b/qa/qa/specs/features/browser_ui/7_configure/mattermost/create_group_with_mattermost_team_spec.rb
@@ -5,8 +5,8 @@ module QA
     describe 'Mattermost support' do
       it 'user creates a group with a mattermost team' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.act { sign_in_using_credentials }
-        Page::Main::Menu.act { go_to_groups }
+        Page::Main::Login.perform(&:sign_in_using_credentials)
+        Page::Main::Menu.perform(&:go_to_groups)
 
         Page::Dashboard::Groups.perform do |page|
           page.click_new_group
-- 
cgit v1.2.1


From 7c91a466db66725ae1d1facee3954f9424deea27 Mon Sep 17 00:00:00 2001
From: Dietrich Stein <dstein@gitlab.com>
Date: Thu, 18 Jul 2019 06:03:29 +0000
Subject: Perform more redactions in Redis performance bar traces

HMSET and AUTH commands were not properly redacted. This commit
does that and adds a test.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/64309
---
 app/views/projects/pipelines/charts.html.haml       |  7 ++-----
 app/views/projects/pipelines/charts/_overall.haml   | 21 ++++++---------------
 .../pipelines/charts/_pipeline_statistics.haml      | 14 ++++++++++++++
 app/views/projects/pipelines/charts/_pipelines.haml |  2 +-
 changelogs/unreleased/ds-charts-whitespace.yml      |  5 +++++
 5 files changed, 28 insertions(+), 21 deletions(-)
 create mode 100644 app/views/projects/pipelines/charts/_pipeline_statistics.haml
 create mode 100644 changelogs/unreleased/ds-charts-whitespace.yml

diff --git a/app/views/projects/pipelines/charts.html.haml b/app/views/projects/pipelines/charts.html.haml
index 4d1d078661d..6b4110e07d2 100644
--- a/app/views/projects/pipelines/charts.html.haml
+++ b/app/views/projects/pipelines/charts.html.haml
@@ -2,12 +2,9 @@
 - page_title _('CI / CD Charts')
 
 %div{ class: container_class }
+
   #charts.ci-charts
-    .row
-      .col-md-6
-        = render 'projects/pipelines/charts/overall'
-      .col-md-6
-        = render 'projects/pipelines/charts/pipeline_times'
+    = render 'projects/pipelines/charts/overall'
 
     %hr
     = render 'projects/pipelines/charts/pipelines'
diff --git a/app/views/projects/pipelines/charts/_overall.haml b/app/views/projects/pipelines/charts/_overall.haml
index 66786c7ff59..651f9217455 100644
--- a/app/views/projects/pipelines/charts/_overall.haml
+++ b/app/views/projects/pipelines/charts/_overall.haml
@@ -1,15 +1,6 @@
-%h4= s_("PipelineCharts|Overall statistics")
-%ul
-  %li
-    = s_("PipelineCharts|Total:")
-    %strong= n_("1 pipeline", "%d pipelines", @counts[:total]) % @counts[:total]
-  %li
-    = s_("PipelineCharts|Successful:")
-    %strong= n_("1 pipeline", "%d pipelines", @counts[:success]) % @counts[:success]
-  %li
-    = s_("PipelineCharts|Failed:")
-    %strong= n_("1 pipeline", "%d pipelines", @counts[:failed]) % @counts[:failed]
-  %li
-    = s_("PipelineCharts|Success ratio:")
-    %strong
-      #{success_ratio(@counts)}%
+%h4.mt-4.mb-4= s_("PipelineCharts|Overall statistics")
+.row
+  .col-md-6
+    = render 'projects/pipelines/charts/pipeline_statistics'
+  .col-md-6
+    = render 'projects/pipelines/charts/pipeline_times'
diff --git a/app/views/projects/pipelines/charts/_pipeline_statistics.haml b/app/views/projects/pipelines/charts/_pipeline_statistics.haml
new file mode 100644
index 00000000000..b323e290ed4
--- /dev/null
+++ b/app/views/projects/pipelines/charts/_pipeline_statistics.haml
@@ -0,0 +1,14 @@
+%ul
+  %li
+    = s_("PipelineCharts|Total:")
+    %strong= n_("1 pipeline", "%d pipelines", @counts[:total]) % @counts[:total]
+  %li
+    = s_("PipelineCharts|Successful:")
+    %strong= n_("1 pipeline", "%d pipelines", @counts[:success]) % @counts[:success]
+  %li
+    = s_("PipelineCharts|Failed:")
+    %strong= n_("1 pipeline", "%d pipelines", @counts[:failed]) % @counts[:failed]
+  %li
+    = s_("PipelineCharts|Success ratio:")
+    %strong
+      #{success_ratio(@counts)}%
diff --git a/app/views/projects/pipelines/charts/_pipelines.haml b/app/views/projects/pipelines/charts/_pipelines.haml
index 47f1f074210..afff9e82e45 100644
--- a/app/views/projects/pipelines/charts/_pipelines.haml
+++ b/app/views/projects/pipelines/charts/_pipelines.haml
@@ -1,4 +1,4 @@
-%h4= _("Pipelines charts")
+%h4.mt-4.mb-4= _("Pipelines charts")
 %p
   &nbsp;
   %span.legend-success
diff --git a/changelogs/unreleased/ds-charts-whitespace.yml b/changelogs/unreleased/ds-charts-whitespace.yml
new file mode 100644
index 00000000000..210261764a2
--- /dev/null
+++ b/changelogs/unreleased/ds-charts-whitespace.yml
@@ -0,0 +1,5 @@
+---
+title: Improves section header whitespace on the CI/CD Charts page
+merge_request: 30531
+author:
+type: fixed
-- 
cgit v1.2.1


From 06eb3d091d6f7fdba6559dc323098a1882a4acb4 Mon Sep 17 00:00:00 2001
From: Clement Ho <408677-ClemMakesApps@users.noreply.gitlab.com>
Date: Thu, 18 Jul 2019 06:04:12 +0000
Subject: Localize updated text on projects list page

---
 app/views/shared/projects/_project.html.haml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/views/shared/projects/_project.html.haml b/app/views/shared/projects/_project.html.haml
index 71bd9320593..6cdd5026d52 100644
--- a/app/views/shared/projects/_project.html.haml
+++ b/app/views/shared/projects/_project.html.haml
@@ -89,4 +89,4 @@
             %span.icon-wrapper.pipeline-status
               = render 'ci/status/icon', status: project.commit.last_pipeline.detailed_status(current_user), type: 'commit', tooltip_placement: 'top', path: pipeline_path
         .updated-note
-          %span Updated #{updated_tooltip}
+          %span _('Updated') #{updated_tooltip}
-- 
cgit v1.2.1


From f8cecafb07792bcaf9d7ffa85766c3b33c1dd252 Mon Sep 17 00:00:00 2001
From: Markus Koller <mkoller@gitlab.com>
Date: Thu, 13 Jun 2019 12:44:41 +0200
Subject: Add start_sha to commits API

When passing start_branch on committing from the WebIDE, it's possible
that the branch has changed since editing started, which results in the
change being applied on top of the latest commit in the branch and
overwriting the new changes.

By passing the start_sha instead we can make sure that the change is
applied on top of the commit which the user started editing from.
---
 app/services/commits/create_service.rb             |  18 +-
 app/services/files/multi_service.rb                |   1 +
 .../add-support-for-start-sha-to-commits-api.yml   |   5 +
 doc/api/commits.md                                 |   9 +-
 lib/api/commits.rb                                 |  14 +-
 lib/gitlab/git.rb                                  |   5 +
 lib/gitlab/git/repository.rb                       |   4 +-
 lib/gitlab/gitaly_client/operation_service.rb      |   9 +-
 spec/lib/gitlab/git_spec.rb                        |  20 ++
 spec/requests/api/commits_spec.rb                  | 203 ++++++++++++++++-----
 spec/services/submodules/update_service_spec.rb    |   2 +-
 spec/spec_helper.rb                                |   1 +
 spec/support/helpers/expect_request_with_status.rb |  11 ++
 13 files changed, 240 insertions(+), 62 deletions(-)
 create mode 100644 changelogs/unreleased/add-support-for-start-sha-to-commits-api.yml
 create mode 100644 spec/support/helpers/expect_request_with_status.rb

diff --git a/app/services/commits/create_service.rb b/app/services/commits/create_service.rb
index bb34a3d3352..f3be68f9602 100644
--- a/app/services/commits/create_service.rb
+++ b/app/services/commits/create_service.rb
@@ -10,6 +10,7 @@ module Commits
 
       @start_project = params[:start_project] || @project
       @start_branch = params[:start_branch]
+      @start_sha = params[:start_sha]
       @branch_name = params[:branch_name]
       @force = params[:force] || false
     end
@@ -40,7 +41,7 @@ module Commits
     end
 
     def different_branch?
-      @start_branch != @branch_name || @start_project != @project
+      @start_project != @project || @start_branch != @branch_name || @start_sha.present?
     end
 
     def force?
@@ -49,6 +50,7 @@ module Commits
 
     def validate!
       validate_permissions!
+      validate_start_sha!
       validate_on_branch!
       validate_branch_existence!
 
@@ -63,7 +65,21 @@ module Commits
       end
     end
 
+    def validate_start_sha!
+      return unless @start_sha
+
+      if @start_branch
+        raise_error("You can't pass both start_branch and start_sha")
+      elsif !Gitlab::Git.commit_id?(@start_sha)
+        raise_error("Invalid start_sha '#{@start_sha}'")
+      elsif !@start_project.repository.commit(@start_sha)
+        raise_error("Cannot find start_sha '#{@start_sha}'")
+      end
+    end
+
     def validate_on_branch!
+      return unless @start_branch
+
       if !@start_project.empty_repo? && !@start_project.repository.branch_exists?(@start_branch)
         raise_error('You can only create or edit files when you are on a branch')
       end
diff --git a/app/services/files/multi_service.rb b/app/services/files/multi_service.rb
index d8c4e5bc5e8..65af4dd5a28 100644
--- a/app/services/files/multi_service.rb
+++ b/app/services/files/multi_service.rb
@@ -47,6 +47,7 @@ module Files
         author_name: @author_name,
         start_project: @start_project,
         start_branch_name: @start_branch,
+        start_sha: @start_sha,
         force: force?
       )
     rescue ArgumentError => e
diff --git a/changelogs/unreleased/add-support-for-start-sha-to-commits-api.yml b/changelogs/unreleased/add-support-for-start-sha-to-commits-api.yml
new file mode 100644
index 00000000000..f810c2c5ada
--- /dev/null
+++ b/changelogs/unreleased/add-support-for-start-sha-to-commits-api.yml
@@ -0,0 +1,5 @@
+---
+title: Add support for start_sha to commits API
+merge_request: 29598
+author:
+type: changed
diff --git a/doc/api/commits.md b/doc/api/commits.md
index 6eb4c47415f..1a835c0a872 100644
--- a/doc/api/commits.md
+++ b/doc/api/commits.md
@@ -72,15 +72,16 @@ POST /projects/:id/repository/commits
 | Attribute | Type | Required | Description |
 | --------- | ---- | -------- | ----------- |
 | `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) |
-| `branch` | string | yes | Name of the branch to commit into. To create a new branch, also provide `start_branch`. |
+| `branch` | string | yes | Name of the branch to commit into. To create a new branch, also provide either `start_branch` or `start_sha`, and optionally `start_project`. |
 | `commit_message` | string | yes | Commit message |
-| `start_branch` | string | no | Name of the branch to start the new commit from |
-| `start_project` | integer/string | no | The project ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) to start the commit from. Defaults to the value of `id`. |
+| `start_branch` | string | no | Name of the branch to start the new branch from |
+| `start_sha` | string | no | SHA of the commit to start the new branch from |
+| `start_project` | integer/string | no | The project ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) to start the new branch from. Defaults to the value of `id`. |
 | `actions[]` | array | yes | An array of action hashes to commit as a batch. See the next table for what attributes it can take. |
 | `author_email` | string | no | Specify the commit author's email address |
 | `author_name` | string | no | Specify the commit author's name |
 | `stats` | boolean | no | Include commit stats. Default is true |
-| `force` | boolean | no | When `true` overwrites the target branch with a new commit based on the `start_branch` |
+| `force` | boolean | no | When `true` overwrites the target branch with a new commit based on the `start_branch` or `start_sha` |
 
 | `actions[]` Attribute | Type | Required | Description |
 | --------------------- | ---- | -------- | ----------- |
diff --git a/lib/api/commits.rb b/lib/api/commits.rb
index c414ad75d9d..0aeb9584641 100644
--- a/lib/api/commits.rb
+++ b/lib/api/commits.rb
@@ -76,7 +76,7 @@ module API
         detail 'This feature was introduced in GitLab 8.13'
       end
       params do
-        requires :branch, type: String, desc: 'Name of the branch to commit into. To create a new branch, also provide `start_branch`.', allow_blank: false
+        requires :branch, type: String, desc: 'Name of the branch to commit into. To create a new branch, also provide either `start_branch` or `start_sha`, and optionally `start_project`.', allow_blank: false
         requires :commit_message, type: String, desc: 'Commit message'
         requires :actions, type: Array, desc: 'Actions to perform in commit' do
           requires :action, type: String, desc: 'The action to perform, `create`, `delete`, `move`, `update`, `chmod`', values: %w[create update move delete chmod].freeze
@@ -98,12 +98,16 @@ module API
             requires :execute_filemode, type: Boolean, desc: 'When `true/false` enables/disables the execute flag on the file.'
           end
         end
-        optional :start_branch, type: String, desc: 'Name of the branch to start the new commit from'
-        optional :start_project, types: [Integer, String], desc: 'The ID or path of the project to start the commit from'
+
+        optional :start_branch, type: String, desc: 'Name of the branch to start the new branch from'
+        optional :start_sha, type: String, desc: 'SHA of the commit to start the new branch from'
+        mutually_exclusive :start_branch, :start_sha
+
+        optional :start_project, types: [Integer, String], desc: 'The ID or path of the project to start the new branch from'
         optional :author_email, type: String, desc: 'Author email for commit'
         optional :author_name, type: String, desc: 'Author name for commit'
         optional :stats, type: Boolean, default: true, desc: 'Include commit stats'
-        optional :force, type: Boolean, default: false, desc: 'When `true` overwrites the target branch with a new commit based on the `start_branch`'
+        optional :force, type: Boolean, default: false, desc: 'When `true` overwrites the target branch with a new commit based on the `start_branch` or `start_sha`'
       end
       post ':id/repository/commits' do
         if params[:start_project]
@@ -118,7 +122,7 @@ module API
 
         attrs = declared_params
         attrs[:branch_name] = attrs.delete(:branch)
-        attrs[:start_branch] ||= attrs[:branch_name]
+        attrs[:start_branch] ||= attrs[:branch_name] unless attrs[:start_sha]
         attrs[:start_project] = start_project if start_project
 
         result = ::Files::MultiService.new(user_project, current_user, attrs).execute
diff --git a/lib/gitlab/git.rb b/lib/gitlab/git.rb
index 44a62586a23..df9f33baec2 100644
--- a/lib/gitlab/git.rb
+++ b/lib/gitlab/git.rb
@@ -9,6 +9,7 @@ module Gitlab
     # https://github.com/git/git/blob/3ad8b5bf26362ac67c9020bf8c30eee54a84f56d/cache.h#L1011-L1012
     EMPTY_TREE_ID = '4b825dc642cb6eb9a060e54bf8d69288fbee4904'.freeze
     BLANK_SHA = ('0' * 40).freeze
+    COMMIT_ID = /\A[0-9a-f]{40}\z/.freeze
     TAG_REF_PREFIX = "refs/tags/".freeze
     BRANCH_REF_PREFIX = "refs/heads/".freeze
 
@@ -65,6 +66,10 @@ module Gitlab
         ref == BLANK_SHA
       end
 
+      def commit_id?(ref)
+        COMMIT_ID.match?(ref)
+      end
+
       def version
         Gitlab::Git::Version.git_version
       end
diff --git a/lib/gitlab/git/repository.rb b/lib/gitlab/git/repository.rb
index a7d9ba51277..6e8aa5d578e 100644
--- a/lib/gitlab/git/repository.rb
+++ b/lib/gitlab/git/repository.rb
@@ -873,13 +873,13 @@ module Gitlab
       def multi_action(
         user, branch_name:, message:, actions:,
         author_email: nil, author_name: nil,
-        start_branch_name: nil, start_repository: self,
+        start_branch_name: nil, start_sha: nil, start_repository: self,
         force: false)
 
         wrapped_gitaly_errors do
           gitaly_operation_client.user_commit_files(user, branch_name,
               message, actions, author_email, author_name,
-              start_branch_name, start_repository, force)
+              start_branch_name, start_repository, force, start_sha)
         end
       end
       # rubocop:enable Metrics/ParameterLists
diff --git a/lib/gitlab/gitaly_client/operation_service.rb b/lib/gitlab/gitaly_client/operation_service.rb
index 783c2ff0915..33ca428a942 100644
--- a/lib/gitlab/gitaly_client/operation_service.rb
+++ b/lib/gitlab/gitaly_client/operation_service.rb
@@ -325,11 +325,11 @@ module Gitlab
       # rubocop:disable Metrics/ParameterLists
       def user_commit_files(
         user, branch_name, commit_message, actions, author_email, author_name,
-        start_branch_name, start_repository, force = false)
+        start_branch_name, start_repository, force = false, start_sha = nil)
         req_enum = Enumerator.new do |y|
           header = user_commit_files_request_header(user, branch_name,
           commit_message, actions, author_email, author_name,
-          start_branch_name, start_repository, force)
+          start_branch_name, start_repository, force, start_sha)
 
           y.yield Gitaly::UserCommitFilesRequest.new(header: header)
 
@@ -445,7 +445,7 @@ module Gitlab
       # rubocop:disable Metrics/ParameterLists
       def user_commit_files_request_header(
         user, branch_name, commit_message, actions, author_email, author_name,
-        start_branch_name, start_repository, force)
+        start_branch_name, start_repository, force, start_sha)
 
         Gitaly::UserCommitFilesRequestHeader.new(
           repository: @gitaly_repo,
@@ -456,7 +456,8 @@ module Gitlab
           commit_author_email: encode_binary(author_email),
           start_branch_name: encode_binary(start_branch_name),
           start_repository: start_repository.gitaly_repository,
-          force: force
+          force: force,
+          start_sha: encode_binary(start_sha)
         )
       end
       # rubocop:enable Metrics/ParameterLists
diff --git a/spec/lib/gitlab/git_spec.rb b/spec/lib/gitlab/git_spec.rb
index ce15057dd7d..6515be85ae3 100644
--- a/spec/lib/gitlab/git_spec.rb
+++ b/spec/lib/gitlab/git_spec.rb
@@ -39,6 +39,26 @@ describe Gitlab::Git do
     end
   end
 
+  describe '.commit_id?' do
+    using RSpec::Parameterized::TableSyntax
+
+    where(:sha, :result) do
+      ''                                         | false
+      'foobar'                                   | false
+      '4b825dc'                                  | false
+      'zzz25dc642cb6eb9a060e54bf8d69288fbee4904' | false
+
+      '4b825dc642cb6eb9a060e54bf8d69288fbee4904' | true
+      Gitlab::Git::BLANK_SHA                     | true
+    end
+
+    with_them do
+      it 'returns the expected result' do
+        expect(described_class.commit_id?(sha)).to eq(result)
+      end
+    end
+  end
+
   describe '.shas_eql?' do
     using RSpec::Parameterized::TableSyntax
 
diff --git a/spec/requests/api/commits_spec.rb b/spec/requests/api/commits_spec.rb
index 204e378f7be..311ef3ee99a 100644
--- a/spec/requests/api/commits_spec.rb
+++ b/spec/requests/api/commits_spec.rb
@@ -320,67 +320,132 @@ describe API::Commits do
         end
       end
 
-      context 'when the API user is a guest' do
+      context 'when committing to a new branch' do
         def last_commit_id(project, branch_name)
           project.repository.find_branch(branch_name)&.dereferenced_target&.id
         end
 
-        let(:public_project) { create(:project, :public, :repository) }
-        let!(:url) { "/projects/#{public_project.id}/repository/commits" }
-        let(:guest) { create(:user).tap { |u| public_project.add_guest(u) } }
+        before do
+          valid_c_params[:start_branch] = 'master'
+          valid_c_params[:branch] = 'patch'
+        end
 
-        it 'returns a 403' do
-          post api(url, guest), params: valid_c_params
+        context 'when the API user is a guest' do
+          let(:public_project) { create(:project, :public, :repository) }
+          let(:url) { "/projects/#{public_project.id}/repository/commits" }
+          let(:guest) { create(:user).tap { |u| public_project.add_guest(u) } }
 
-          expect(response).to have_gitlab_http_status(403)
-        end
+          it 'returns a 403' do
+            post api(url, guest), params: valid_c_params
 
-        context 'when start_project is provided' do
-          context 'when posting to a forked project the user owns' do
-            let!(:forked_project) { fork_project(public_project, guest, namespace: guest.namespace, repository: true) }
-            let!(:url) { "/projects/#{forked_project.id}/repository/commits" }
+            expect(response).to have_gitlab_http_status(403)
+          end
 
-            before do
-              valid_c_params[:start_branch]  = "master"
-              valid_c_params[:branch]        = "patch"
-            end
+          context 'when start_project is provided' do
+            context 'when posting to a forked project the user owns' do
+              let(:forked_project) { fork_project(public_project, guest, namespace: guest.namespace, repository: true) }
+              let(:url) { "/projects/#{forked_project.id}/repository/commits" }
+
+              context 'identified by Integer (id)' do
+                before do
+                  valid_c_params[:start_project] = public_project.id
+                end
+
+                it 'adds a new commit to forked_project and returns a 201' do
+                  expect_request_with_status(201) { post api(url, guest), params: valid_c_params }
+                    .to change { last_commit_id(forked_project, valid_c_params[:branch]) }
+                    .and not_change { last_commit_id(public_project, valid_c_params[:start_branch]) }
+                end
+              end
 
-            context 'identified by Integer (id)' do
-              before do
-                valid_c_params[:start_project] = public_project.id
+              context 'identified by String (full_path)' do
+                before do
+                  valid_c_params[:start_project] = public_project.full_path
+                end
+
+                it 'adds a new commit to forked_project and returns a 201' do
+                  expect_request_with_status(201) { post api(url, guest), params: valid_c_params }
+                    .to change { last_commit_id(forked_project, valid_c_params[:branch]) }
+                    .and not_change { last_commit_id(public_project, valid_c_params[:start_branch]) }
+                end
               end
 
-              it 'adds a new commit to forked_project and returns a 201' do
-                expect { post api(url, guest), params: valid_c_params }
-                  .to change { last_commit_id(forked_project, valid_c_params[:branch]) }
-                  .and not_change { last_commit_id(public_project, valid_c_params[:start_branch]) }
+              context 'when branch already exists' do
+                before do
+                  valid_c_params.delete(:start_branch)
+                  valid_c_params[:branch] = 'master'
+                  valid_c_params[:start_project] = public_project.id
+                end
+
+                it 'returns a 400' do
+                  post api(url, guest), params: valid_c_params
+
+                  expect(response).to have_gitlab_http_status(400)
+                  expect(json_response['message']).to eq("A branch called 'master' already exists. Switch to that branch in order to make changes")
+                end
+
+                context 'when force is set to true' do
+                  before do
+                    valid_c_params[:force] = true
+                  end
+
+                  it 'adds a new commit to forked_project and returns a 201' do
+                    expect_request_with_status(201) { post api(url, guest), params: valid_c_params }
+                      .to change { last_commit_id(forked_project, valid_c_params[:branch]) }
+                      .and not_change { last_commit_id(public_project, valid_c_params[:branch]) }
+                  end
+                end
+              end
+
+              context 'when start_sha is also provided' do
+                let(:forked_project) { fork_project(public_project, guest, namespace: guest.namespace, repository: false) }
+                let(:start_sha) { public_project.repository.commit.parent.sha }
+
+                before do
+                  # initialize an empty repository to force fetching from the original project
+                  forked_project.repository.create_if_not_exists
 
-                expect(response).to have_gitlab_http_status(201)
+                  valid_c_params[:start_project] = public_project.id
+                  valid_c_params[:start_sha] = start_sha
+                  valid_c_params.delete(:start_branch)
+                end
+
+                it 'fetches the start_sha from the original project to use as parent commit and returns a 201' do
+                  expect_request_with_status(201) { post api(url, guest), params: valid_c_params }
+                    .to change { last_commit_id(forked_project, valid_c_params[:branch]) }
+                    .and not_change { last_commit_id(forked_project, 'master') }
+
+                  last_commit = forked_project.repository.find_branch(valid_c_params[:branch]).dereferenced_target
+                  expect(last_commit.parent_id).to eq(start_sha)
+                end
               end
             end
 
-            context 'identified by String (full_path)' do
+            context 'when the target project is not part of the fork network of start_project' do
+              let(:unrelated_project) { create(:project, :public, :repository, creator: guest) }
+              let(:url) { "/projects/#{unrelated_project.id}/repository/commits" }
+
               before do
-                valid_c_params[:start_project] = public_project.full_path
+                valid_c_params[:start_branch] = 'master'
+                valid_c_params[:branch] = 'patch'
+                valid_c_params[:start_project] = public_project.id
               end
 
-              it 'adds a new commit to forked_project and returns a 201' do
-                expect { post api(url, guest), params: valid_c_params }
-                  .to change { last_commit_id(forked_project, valid_c_params[:branch]) }
-                  .and not_change { last_commit_id(public_project, valid_c_params[:start_branch]) }
+              it 'returns a 403' do
+                post api(url, guest), params: valid_c_params
 
-                expect(response).to have_gitlab_http_status(201)
+                expect(response).to have_gitlab_http_status(403)
               end
             end
           end
 
-          context 'when the target project is not part of the fork network of start_project' do
-            let(:unrelated_project) { create(:project, :public, :repository, creator: guest) }
-            let!(:url) { "/projects/#{unrelated_project.id}/repository/commits" }
+          context 'when posting to a forked project the user does not have write access' do
+            let(:forked_project) { fork_project(public_project, user, namespace: user.namespace, repository: true) }
+            let(:url) { "/projects/#{forked_project.id}/repository/commits" }
 
             before do
-              valid_c_params[:start_branch]  = "master"
-              valid_c_params[:branch]        = "patch"
+              valid_c_params[:start_branch] = 'master'
+              valid_c_params[:branch] = 'patch'
               valid_c_params[:start_project] = public_project.id
             end
 
@@ -392,20 +457,68 @@ describe API::Commits do
           end
         end
 
-        context 'when posting to a forked project the user does not have write access' do
-          let!(:forked_project) { fork_project(public_project, user, namespace: user.namespace, repository: true) }
-          let!(:url) { "/projects/#{forked_project.id}/repository/commits" }
+        context 'when start_sha is provided' do
+          let(:start_sha) { project.repository.commit.parent.sha }
 
           before do
-            valid_c_params[:start_branch]  = "master"
-            valid_c_params[:branch]        = "patch"
-            valid_c_params[:start_project] = public_project.id
+            valid_c_params[:start_sha] = start_sha
+            valid_c_params.delete(:start_branch)
           end
 
-          it 'returns a 403' do
-            post api(url, guest), params: valid_c_params
+          it 'returns a 400 if start_branch is also provided' do
+            valid_c_params[:start_branch] = 'master'
+            post api(url, user), params: valid_c_params
 
-            expect(response).to have_gitlab_http_status(403)
+            expect(response).to have_gitlab_http_status(400)
+            expect(json_response['error']).to eq('start_branch, start_sha are mutually exclusive')
+          end
+
+          it 'returns a 400 if branch already exists' do
+            valid_c_params[:branch] = 'master'
+            post api(url, user), params: valid_c_params
+
+            expect(response).to have_gitlab_http_status(400)
+            expect(json_response['message']).to eq("A branch called 'master' already exists. Switch to that branch in order to make changes")
+          end
+
+          it 'returns a 400 if start_sha does not exist' do
+            valid_c_params[:start_sha] = '1' * 40
+            post api(url, user), params: valid_c_params
+
+            expect(response).to have_gitlab_http_status(400)
+            expect(json_response['message']).to eq("Cannot find start_sha '#{valid_c_params[:start_sha]}'")
+          end
+
+          it 'returns a 400 if start_sha is not a full SHA' do
+            valid_c_params[:start_sha] = start_sha.slice(0, 7)
+            post api(url, user), params: valid_c_params
+
+            expect(response).to have_gitlab_http_status(400)
+            expect(json_response['message']).to eq("Invalid start_sha '#{valid_c_params[:start_sha]}'")
+          end
+
+          it 'uses the start_sha as parent commit and returns a 201' do
+            expect_request_with_status(201) { post api(url, user), params: valid_c_params }
+              .to change { last_commit_id(project, valid_c_params[:branch]) }
+              .and not_change { last_commit_id(project, 'master') }
+
+            last_commit = project.repository.find_branch(valid_c_params[:branch]).dereferenced_target
+            expect(last_commit.parent_id).to eq(start_sha)
+          end
+
+          context 'when force is set to true and branch already exists' do
+            before do
+              valid_c_params[:force] = true
+              valid_c_params[:branch] = 'master'
+            end
+
+            it 'uses the start_sha as parent commit and returns a 201' do
+              expect_request_with_status(201) { post api(url, user), params: valid_c_params }
+                .to change { last_commit_id(project, valid_c_params[:branch]) }
+
+              last_commit = project.repository.find_branch(valid_c_params[:branch]).dereferenced_target
+              expect(last_commit.parent_id).to eq(start_sha)
+            end
           end
         end
       end
diff --git a/spec/services/submodules/update_service_spec.rb b/spec/services/submodules/update_service_spec.rb
index cf92350c1b2..47b31d4bcbf 100644
--- a/spec/services/submodules/update_service_spec.rb
+++ b/spec/services/submodules/update_service_spec.rb
@@ -142,7 +142,7 @@ describe Submodules::UpdateService do
             let(:branch_name) { nil }
 
             it_behaves_like 'returns error result' do
-              let(:error_message) { 'You can only create or edit files when you are on a branch' }
+              let(:error_message) { 'Invalid parameters' }
             end
           end
 
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 95e0d8858b9..fb9e3b295f8 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -104,6 +104,7 @@ RSpec.configure do |config|
   config.include Rails.application.routes.url_helpers, type: :routing
   config.include PolicyHelpers, type: :policy
   config.include MemoryUsageHelper
+  config.include ExpectRequestWithStatus, type: :request
 
   if ENV['CI']
     # This includes the first try, i.e. tests will be run 4 times before failing.
diff --git a/spec/support/helpers/expect_request_with_status.rb b/spec/support/helpers/expect_request_with_status.rb
new file mode 100644
index 00000000000..0469a94e336
--- /dev/null
+++ b/spec/support/helpers/expect_request_with_status.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module ExpectRequestWithStatus
+  def expect_request_with_status(status)
+    expect do
+      yield
+
+      expect(response).to have_gitlab_http_status(status)
+    end
+  end
+end
-- 
cgit v1.2.1


From d4cc92db09a0c765556882943b7508075a0ab0e2 Mon Sep 17 00:00:00 2001
From: Paul Slaughter <pslaughter@gitlab.com>
Date: Wed, 26 Jun 2019 09:07:56 -0500
Subject: FE remove create branch call in IDE commit

Previously `start_sha` was intercepted on the frontend to create the
correct branch in a separate API call. Now that the commits API supports
the `start_sha` parameter directly this workaround is not needed
anymore.
---
 app/assets/javascripts/ide/services/index.js       |  8 +-----
 app/assets/javascripts/ide/stores/utils.js         |  2 +-
 spec/frontend/ide/services/index_spec.js           | 32 +++-------------------
 .../ide/stores/modules/commit/actions_spec.js      |  2 +-
 4 files changed, 7 insertions(+), 37 deletions(-)

diff --git a/app/assets/javascripts/ide/services/index.js b/app/assets/javascripts/ide/services/index.js
index 840761f68db..ba33b6826d6 100644
--- a/app/assets/javascripts/ide/services/index.js
+++ b/app/assets/javascripts/ide/services/index.js
@@ -56,13 +56,7 @@ export default {
     return Api.branchSingle(projectId, currentBranchId);
   },
   commit(projectId, payload) {
-    // Currently the `commit` endpoint does not support `start_sha` so we
-    // have to make the request in the FE. This is not ideal and will be
-    // resolved soon. https://gitlab.com/gitlab-org/gitlab-ce/issues/59023
-    const { branch, start_sha: ref } = payload;
-    const branchPromise = ref ? Api.createBranch(projectId, { ref, branch }) : Promise.resolve();
-
-    return branchPromise.then(() => Api.commitMultiple(projectId, payload));
+    return Api.commitMultiple(projectId, payload);
   },
   getFiles(projectUrl, branchId) {
     const url = `${projectUrl}/files/${branchId}`;
diff --git a/app/assets/javascripts/ide/stores/utils.js b/app/assets/javascripts/ide/stores/utils.js
index 01f78a29cf6..04470064c1f 100644
--- a/app/assets/javascripts/ide/stores/utils.js
+++ b/app/assets/javascripts/ide/stores/utils.js
@@ -155,7 +155,7 @@ export const createCommitPayload = ({
     last_commit_id:
       newBranch || f.deleted || f.prevPath || f.replaces ? undefined : f.lastCommitSha,
   })),
-  start_sha: newBranch ? rootGetters.lastCommit.short_id : undefined,
+  start_sha: newBranch ? rootGetters.lastCommit.id : undefined,
 });
 
 export const createNewMergeRequestUrl = (projectUrl, source, target) =>
diff --git a/spec/frontend/ide/services/index_spec.js b/spec/frontend/ide/services/index_spec.js
index 499fa8fc012..3d5ed4b5c0c 100644
--- a/spec/frontend/ide/services/index_spec.js
+++ b/spec/frontend/ide/services/index_spec.js
@@ -16,40 +16,16 @@ describe('IDE services', () => {
         branch: TEST_BRANCH,
         commit_message: 'Hello world',
         actions: [],
-        start_sha: undefined,
+        start_sha: TEST_COMMIT_SHA,
       };
 
-      Api.createBranch.mockReturnValue(Promise.resolve());
       Api.commitMultiple.mockReturnValue(Promise.resolve());
     });
 
-    describe.each`
-      startSha           | shouldCreateBranch
-      ${undefined}       | ${false}
-      ${TEST_COMMIT_SHA} | ${true}
-    `('when start_sha is $startSha', ({ startSha, shouldCreateBranch }) => {
-      beforeEach(() => {
-        payload.start_sha = startSha;
+    it('should commit', () => {
+      services.commit(TEST_PROJECT_ID, payload);
 
-        return services.commit(TEST_PROJECT_ID, payload);
-      });
-
-      if (shouldCreateBranch) {
-        it('should create branch', () => {
-          expect(Api.createBranch).toHaveBeenCalledWith(TEST_PROJECT_ID, {
-            ref: TEST_COMMIT_SHA,
-            branch: TEST_BRANCH,
-          });
-        });
-      } else {
-        it('should not create branch', () => {
-          expect(Api.createBranch).not.toHaveBeenCalled();
-        });
-      }
-
-      it('should commit', () => {
-        expect(Api.commitMultiple).toHaveBeenCalledWith(TEST_PROJECT_ID, payload);
-      });
+      expect(Api.commitMultiple).toHaveBeenCalledWith(TEST_PROJECT_ID, payload);
     });
   });
 });
diff --git a/spec/javascripts/ide/stores/modules/commit/actions_spec.js b/spec/javascripts/ide/stores/modules/commit/actions_spec.js
index 8a3c132972e..590af53b3f2 100644
--- a/spec/javascripts/ide/stores/modules/commit/actions_spec.js
+++ b/spec/javascripts/ide/stores/modules/commit/actions_spec.js
@@ -245,7 +245,7 @@ describe('IDE commit module actions', () => {
           master: {
             workingReference: '1',
             commit: {
-              short_id: TEST_COMMIT_SHA,
+              id: TEST_COMMIT_SHA,
             },
           },
         },
-- 
cgit v1.2.1


From 0f585d0de89cfee5054e002fe6421c38b3f8e8ce Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.parent@gmail.com>
Date: Thu, 18 Jul 2019 10:13:15 +0200
Subject: API: Allow changing only ci_default_git_depth

---
 changelogs/unreleased/ci_default_git_depth_only.yml | 5 +++++
 lib/api/helpers/projects_helpers.rb                 | 1 +
 2 files changed, 6 insertions(+)
 create mode 100644 changelogs/unreleased/ci_default_git_depth_only.yml

diff --git a/changelogs/unreleased/ci_default_git_depth_only.yml b/changelogs/unreleased/ci_default_git_depth_only.yml
new file mode 100644
index 00000000000..928e2fe3ec4
--- /dev/null
+++ b/changelogs/unreleased/ci_default_git_depth_only.yml
@@ -0,0 +1,5 @@
+---
+title: 'API: Allow changing only ci_default_git_depth'
+merge_request: 30888
+author: Mathieu Parent
+type: fixed
diff --git a/lib/api/helpers/projects_helpers.rb b/lib/api/helpers/projects_helpers.rb
index 833e3b9ebaf..51b7cf05c8f 100644
--- a/lib/api/helpers/projects_helpers.rb
+++ b/lib/api/helpers/projects_helpers.rb
@@ -71,6 +71,7 @@ module API
           :build_timeout,
           :builds_access_level,
           :ci_config_path,
+          :ci_default_git_depth,
           :container_registry_enabled,
           :default_branch,
           :description,
-- 
cgit v1.2.1


From 40fd2977c51f2f4f51d63ba790fb5fa2acfd866d Mon Sep 17 00:00:00 2001
From: Dennis Tang <750946-dennis@users.noreply.gitlab.com>
Date: Thu, 18 Jul 2019 08:55:04 +0000
Subject: Ensure visibility icons in group/project listings are grey

- Project listing icons now use the `text-secondary` class
- Group listing icons now use the `text-secondary` class
  - Unnecessary CSS was removed from groups.scss as a result
---
 app/assets/javascripts/groups/components/group_item.vue              | 2 +-
 app/assets/stylesheets/pages/groups.scss                             | 4 ----
 app/views/shared/projects/_project.html.haml                         | 2 +-
 .../64700-fix-the-color-of-the-visibility-icon-on-project-lists.yml  | 5 +++++
 4 files changed, 7 insertions(+), 6 deletions(-)
 create mode 100644 changelogs/unreleased/64700-fix-the-color-of-the-visibility-icon-on-project-lists.yml

diff --git a/app/assets/javascripts/groups/components/group_item.vue b/app/assets/javascripts/groups/components/group_item.vue
index 9909f437fc8..830385941d8 100644
--- a/app/assets/javascripts/groups/components/group_item.vue
+++ b/app/assets/javascripts/groups/components/group_item.vue
@@ -129,7 +129,7 @@ export default {
             <item-stats-value
               :icon-name="visibilityIcon"
               :title="visibilityTooltip"
-              css-class="item-visibility d-inline-flex align-items-center prepend-top-8 append-right-4"
+              css-class="item-visibility d-inline-flex align-items-center prepend-top-8 append-right-4 text-secondary"
             />
             <span v-if="group.permission" class="user-access-role prepend-top-8">
               {{ group.permission }}
diff --git a/app/assets/stylesheets/pages/groups.scss b/app/assets/stylesheets/pages/groups.scss
index cff2e274390..1502cf18440 100644
--- a/app/assets/stylesheets/pages/groups.scss
+++ b/app/assets/stylesheets/pages/groups.scss
@@ -412,10 +412,6 @@ table.pipeline-project-metrics tr td {
       font-size: $gl-font-size-large;
     }
 
-    .item-visibility {
-      color: $gl-text-color-secondary;
-    }
-
     @include media-breakpoint-down(md) {
       .title {
         font-size: $gl-font-size;
diff --git a/app/views/shared/projects/_project.html.haml b/app/views/shared/projects/_project.html.haml
index 6cdd5026d52..04f72420fe1 100644
--- a/app/views/shared/projects/_project.html.haml
+++ b/app/views/shared/projects/_project.html.haml
@@ -37,7 +37,7 @@
                 %span.project-name<
                   = project.name
 
-          %span.metadata-info.visibility-icon.append-right-10.prepend-top-8.has-tooltip{ data: { container: 'body', placement: 'top' }, title: visibility_icon_description(project) }
+          %span.metadata-info.visibility-icon.append-right-10.prepend-top-8.text-secondary.has-tooltip{ data: { container: 'body', placement: 'top' }, title: visibility_icon_description(project) }
             = visibility_level_icon(project.visibility_level, fw: true)
 
           - if explore_projects_tab? && project.repository.license
diff --git a/changelogs/unreleased/64700-fix-the-color-of-the-visibility-icon-on-project-lists.yml b/changelogs/unreleased/64700-fix-the-color-of-the-visibility-icon-on-project-lists.yml
new file mode 100644
index 00000000000..0d2fbaf01ed
--- /dev/null
+++ b/changelogs/unreleased/64700-fix-the-color-of-the-visibility-icon-on-project-lists.yml
@@ -0,0 +1,5 @@
+---
+title: Ensure visibility icons in group/project listings are grey
+merge_request: 30858
+author:
+type: fixed
-- 
cgit v1.2.1


From 9af90e8162aaaff5af313a4c5b951c847bf00bf9 Mon Sep 17 00:00:00 2001
From: Winnie Hellmann <winnie@gitlab.com>
Date: Thu, 18 Jul 2019 09:11:37 +0000
Subject: Set correct file mode for autocomplete images

---
 .../project/img/autocomplete_characters_example1_v12_0.png  | Bin
 .../project/img/autocomplete_characters_example2_v12_0.png  | Bin
 2 files changed, 0 insertions(+), 0 deletions(-)
 mode change 100755 => 100644 doc/user/project/img/autocomplete_characters_example1_v12_0.png
 mode change 100755 => 100644 doc/user/project/img/autocomplete_characters_example2_v12_0.png

diff --git a/doc/user/project/img/autocomplete_characters_example1_v12_0.png b/doc/user/project/img/autocomplete_characters_example1_v12_0.png
old mode 100755
new mode 100644
diff --git a/doc/user/project/img/autocomplete_characters_example2_v12_0.png b/doc/user/project/img/autocomplete_characters_example2_v12_0.png
old mode 100755
new mode 100644
-- 
cgit v1.2.1


From 4d4d003451aca23a4e050bdda45b2dffa50f440a Mon Sep 17 00:00:00 2001
From: Heinrich Lee Yu <heinrich@gitlab.com>
Date: Thu, 11 Jul 2019 18:21:28 +0800
Subject: Upload new knapsack report instead of merging

---
 .gitlab/ci/test-metadata.gitlab-ci.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitlab/ci/test-metadata.gitlab-ci.yml b/.gitlab/ci/test-metadata.gitlab-ci.yml
index 2454ea85652..b5201f97366 100644
--- a/.gitlab/ci/test-metadata.gitlab-ci.yml
+++ b/.gitlab/ci/test-metadata.gitlab-ci.yml
@@ -39,6 +39,7 @@ update-tests-metadata:
     policy: push
   script:
     - retry gem install fog-aws mime-types activesupport rspec_profiling postgres-copy --no-document
+    - echo "{}" > ${KNAPSACK_RSPEC_SUITE_REPORT_PATH}'
     - scripts/merge-reports ${KNAPSACK_RSPEC_SUITE_REPORT_PATH} knapsack/${CI_PROJECT_NAME}/rspec_*_pg_node_*.json
     - '[[ -z ${TESTS_METADATA_S3_BUCKET} ]] || scripts/sync-reports put $TESTS_METADATA_S3_BUCKET $KNAPSACK_RSPEC_SUITE_REPORT_PATH'
     - rm -f knapsack/${CI_PROJECT_NAME}/*_node_*.json
-- 
cgit v1.2.1


From f7f7c3016252a09acd68c822c8950848e313ce8a Mon Sep 17 00:00:00 2001
From: Ben Kochie <bjk@gitlab.com>
Date: Wed, 17 Jul 2019 14:50:37 +0200
Subject: Update usage ping cron behavior

* Splay the start by sleeping up to one minute.
* Adjust sideikiq retries to try up to approximately three hours.
* Randomize the minute fully within the hour.
* Psudo-randomize the day of the week based on the instance UUID.
---
 app/workers/gitlab_usage_ping_worker.rb  |  6 ++++++
 changelogs/unreleased/bjk-usage_ping.yml |  5 +++++
 config/settings.rb                       | 14 +++++++++-----
 3 files changed, 20 insertions(+), 5 deletions(-)
 create mode 100644 changelogs/unreleased/bjk-usage_ping.yml

diff --git a/app/workers/gitlab_usage_ping_worker.rb b/app/workers/gitlab_usage_ping_worker.rb
index b75e724ca98..a5e22f88a3b 100644
--- a/app/workers/gitlab_usage_ping_worker.rb
+++ b/app/workers/gitlab_usage_ping_worker.rb
@@ -6,10 +6,16 @@ class GitlabUsagePingWorker
   include ApplicationWorker
   include CronjobQueue
 
+  # Retry for up to approximately three hours then give up.
+  sidekiq_options retry: 10, dead: false
+
   def perform
     # Multiple Sidekiq workers could run this. We should only do this at most once a day.
     return unless try_obtain_lease
 
+    # Splay the request over a minute to avoid thundering herd problems.
+    sleep(rand(0.0..60.0).round(3))
+
     SubmitUsagePingService.new.execute
   end
 
diff --git a/changelogs/unreleased/bjk-usage_ping.yml b/changelogs/unreleased/bjk-usage_ping.yml
new file mode 100644
index 00000000000..dee6c1ad291
--- /dev/null
+++ b/changelogs/unreleased/bjk-usage_ping.yml
@@ -0,0 +1,5 @@
+---
+title: Update usage ping cron behavior
+merge_request: 30842
+author:
+type: performance
diff --git a/config/settings.rb b/config/settings.rb
index da459afcce2..8756c120645 100644
--- a/config/settings.rb
+++ b/config/settings.rb
@@ -1,4 +1,5 @@
 require 'settingslogic'
+require 'digest/md5'
 
 # We can not use `Rails.root` here, as this file might be loaded without the
 # full Rails environment being loaded. We can not use `require_relative` either,
@@ -170,14 +171,17 @@ class Settings < Settingslogic
       URI.parse(url_without_path).host
     end
 
-    # Runs every minute in a random ten-minute period on Sundays, to balance the
-    # load on the server receiving these pings. The usage ping is safe to run
-    # multiple times because of a 24 hour exclusive lock.
+    # Runs at a random time of day on a consistent day of the week based on
+    # the instance UUID. This is to balance the load on the service receiving
+    # these pings. The sidekiq job handles temporary http failures.
     def cron_for_usage_ping
       hour = rand(24)
-      minute = rand(6)
+      minute = rand(60)
+      # Set a default UUID for the case when the UUID hasn't been initialized.
+      uuid = Gitlab::CurrentSettings.uuid || 'uuid-not-set'
+      day_of_week = Digest::MD5.hexdigest(uuid).to_i(16) % 7
 
-      "#{minute}0-#{minute}9 #{hour} * * 0"
+      "#{minute} #{hour} * * #{day_of_week}"
     end
   end
 end
-- 
cgit v1.2.1


From 79c7eae39ab2b41ce4678b9640f5b393b7a291b2 Mon Sep 17 00:00:00 2001
From: Markus Koller <mkoller@gitlab.com>
Date: Thu, 18 Jul 2019 11:55:40 +0200
Subject: Fix broken handling for outdated test repos

The call to init had the side effect of starting another Gitaly process,
and didn't actually correctly delete the test repositories.
---
 spec/support/helpers/test_env.rb | 13 +------------
 1 file changed, 1 insertion(+), 12 deletions(-)

diff --git a/spec/support/helpers/test_env.rb b/spec/support/helpers/test_env.rb
index 893b10ea752..16938da50cc 100644
--- a/spec/support/helpers/test_env.rb
+++ b/spec/support/helpers/test_env.rb
@@ -141,14 +141,6 @@ module TestEnv
     FileUtils.mkdir_p(artifacts_path)
   end
 
-  def clean_gitlab_test_path
-    Dir[TMP_TEST_PATH].each do |entry|
-      unless test_dirs.include?(File.basename(entry))
-        FileUtils.rm_rf(entry)
-      end
-    end
-  end
-
   def setup_gitlab_shell
     component_timed_setup('GitLab Shell',
       install_dir: Gitlab.config.gitlab_shell.path,
@@ -368,10 +360,7 @@ module TestEnv
     # Try to reset without fetching to avoid using the network.
     unless reset.call
       raise 'Could not fetch test seed repository.' unless system(*%W(#{Gitlab.config.git.bin_path} -C #{repo_path} fetch origin))
-
-      # Before we used Git clone's --mirror option, bare repos could end up
-      # with missing refs, clearing them and retrying should fix the issue.
-      clean_gitlab_test_path && init unless reset.call
+      raise "Could not update test seed repository, please delete #{repo_path} and try again" unless reset.call
     end
   end
 
-- 
cgit v1.2.1


From 09e9f7d4fc2bd9f88d013e67d5a4ff19642cbd80 Mon Sep 17 00:00:00 2001
From: Patrick Bajao <ebajao@gitlab.com>
Date: Thu, 18 Jul 2019 11:39:22 +0000
Subject: Doc: resolving confidential issues in private fork

Add a section in Confidential Issues documentation with information
about the "Create confidential merge request" button/dropdown and how
it can help in resolving confidential issues.
---
 doc/user/project/issues/confidential_issues.md     |  46 +++++++++++++++++++++
 .../img/confidential_mr_branch_dropdown_v12_1.png  | Bin 0 -> 121644 bytes
 .../issues/img/confidential_mr_dropdown_v12_1.png  | Bin 0 -> 128156 bytes
 doc/user/project/merge_requests/index.md           |   5 +++
 4 files changed, 51 insertions(+)
 create mode 100644 doc/user/project/issues/img/confidential_mr_branch_dropdown_v12_1.png
 create mode 100644 doc/user/project/issues/img/confidential_mr_dropdown_v12_1.png

diff --git a/doc/user/project/issues/confidential_issues.md b/doc/user/project/issues/confidential_issues.md
index 2c755e0fb4d..c10ef564f0d 100644
--- a/doc/user/project/issues/confidential_issues.md
+++ b/doc/user/project/issues/confidential_issues.md
@@ -77,3 +77,49 @@ project's search results respectively.
 | Maintainer access | Guest access |
 | :-----------: | :----------: |
 | ![Confidential issues search master](img/confidential_issues_search_master.png) | ![Confidential issues search guest](img/confidential_issues_search_guest.png) |
+
+## Merge Requests for Confidential Issues
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/58583) in GitLab 12.1.
+
+To help prevent confidential information being leaked from a public project
+in the process of resolving a confidential issue, confidential issues can be
+resolved by creating a merge request from a private fork.
+
+The merge request created will target the default branch of the private fork,
+not the default branch of the public upstream project. This prevents the merge
+request, branch, and commits entering the public repository, and revealing
+confidential information prematurely. When the confidential commits are ready
+to be made public, this can be done by opening a merge request from the private
+fork to the public upstream project.
+
+TIP: **Best practice:**
+If you create a long-lived private fork in the same group or in a sub-group of
+the original upstream, all the users with Developer membership to the public
+project will also have the same permissions in the private project. This way,
+all the Developers, who have access to view confidential issues, will have a
+streamlined workflow for fixing them.
+
+### How it works
+
+On a confidential issue, a **Create confidential merge request** button is
+available. Clicking on it will open a dropdown where you can choose to
+**Create confidential merge request and branch** or **Create branch**:
+
+| Create confidential merge request | Create branch |
+| :-------------------------------: | :-----------: |
+| ![Create Confidential Merge Request Dropdown](img/confidential_mr_dropdown_v12_1.png) | ![Create Confidential Branch Dropdown](img/confidential_mr_branch_dropdown_v12_1.png) |
+
+The **Project** dropdown includes the list of private forks the user is a member
+of as at least a Developer and merge requests are enabled.
+
+Whenever the **Branch name** and **Source (branch or tag)** fields change, the
+availability of the target or source branch will be checked. Both branches should
+be available in the private fork selected.
+
+By clicking the **Create confidential merge request** button, GitLab will create
+the branch and merge request in the private fork. When you choose
+**Create branch**, GitLab will only create the branch.
+
+Once the branch is created in the private fork, developers can now push code to
+that branch to fix the confidential issue.
diff --git a/doc/user/project/issues/img/confidential_mr_branch_dropdown_v12_1.png b/doc/user/project/issues/img/confidential_mr_branch_dropdown_v12_1.png
new file mode 100644
index 00000000000..7c24226a6c4
Binary files /dev/null and b/doc/user/project/issues/img/confidential_mr_branch_dropdown_v12_1.png differ
diff --git a/doc/user/project/issues/img/confidential_mr_dropdown_v12_1.png b/doc/user/project/issues/img/confidential_mr_dropdown_v12_1.png
new file mode 100644
index 00000000000..d6d391c6dd9
Binary files /dev/null and b/doc/user/project/issues/img/confidential_mr_dropdown_v12_1.png differ
diff --git a/doc/user/project/merge_requests/index.md b/doc/user/project/merge_requests/index.md
index f593046fa8b..a4cda65bf6b 100644
--- a/doc/user/project/merge_requests/index.md
+++ b/doc/user/project/merge_requests/index.md
@@ -365,6 +365,11 @@ have been marked as a **Work In Progress**.
 
 [Learn more about setting a merge request as "Work In Progress".](work_in_progress_merge_requests.md)
 
+## Merge Requests for Confidential Issues
+
+Create [merge requests to resolve confidential issues](../issues/confidential_issues.md#merge-requests-for-confidential-issues)
+for preventing leakage or early release of sentive data through regular merge requests.
+
 ## Merge request approvals **(STARTER)**
 
 > Included in [GitLab Starter][products].
-- 
cgit v1.2.1


From b45f0708785c91f1750e5adbfb02640a2d583500 Mon Sep 17 00:00:00 2001
From: Victor Zagorodny <vzagorodny@gitlab.com>
Date: Thu, 18 Jul 2019 11:40:48 +0000
Subject: [CE backport] Parse and store multiple security reports of the same
 category

---
 .../security-reports/deprecated/gl-sast-report.json  | 20 ++++++++++++++++++++
 .../security-reports/master/gl-sast-report.json      | 20 ++++++++++++++++++++
 2 files changed, 40 insertions(+)

diff --git a/spec/fixtures/security-reports/deprecated/gl-sast-report.json b/spec/fixtures/security-reports/deprecated/gl-sast-report.json
index a85b9be8b5f..2f7e47281e2 100644
--- a/spec/fixtures/security-reports/deprecated/gl-sast-report.json
+++ b/spec/fixtures/security-reports/deprecated/gl-sast-report.json
@@ -837,6 +837,11 @@
       "start_line": 4
     },
     "identifiers": [
+      {
+        "type": "flawfinder_func_name",
+        "name": "Flawfinder - char",
+        "value": "char"
+      },
       {
         "type": "cwe",
         "name": "CWE-119",
@@ -869,6 +874,11 @@
       "start_line": 8
     },
     "identifiers": [
+      {
+        "type": "flawfinder_func_name",
+        "name": "Flawfinder - fopen",
+        "value": "fopen"
+      },
       {
         "type": "cwe",
         "name": "CWE-362",
@@ -896,6 +906,11 @@
       "start_line": 6
     },
     "identifiers": [
+      {
+        "type": "flawfinder_func_name",
+        "name": "Flawfinder - char",
+        "value": "char"
+      },
       {
         "type": "cwe",
         "name": "CWE-119",
@@ -929,6 +944,11 @@
       "start_line": 7
     },
     "identifiers": [
+      {
+        "type": "flawfinder_func_name",
+        "name": "Flawfinder - strcpy",
+        "value": "strcpy"
+      },
       {
         "type": "cwe",
         "name": "CWE-120",
diff --git a/spec/fixtures/security-reports/master/gl-sast-report.json b/spec/fixtures/security-reports/master/gl-sast-report.json
index 4bef3d22f70..345e1e9f83a 100644
--- a/spec/fixtures/security-reports/master/gl-sast-report.json
+++ b/spec/fixtures/security-reports/master/gl-sast-report.json
@@ -839,6 +839,11 @@
         "start_line": 4
       },
       "identifiers": [
+        {
+          "type": "flawfinder_func_name",
+          "name": "Flawfinder - char",
+          "value": "char"
+        },
         {
           "type": "cwe",
           "name": "CWE-119",
@@ -871,6 +876,11 @@
         "start_line": 8
       },
       "identifiers": [
+        {
+          "type": "flawfinder_func_name",
+          "name": "Flawfinder - fopen",
+          "value": "fopen"
+        },
         {
           "type": "cwe",
           "name": "CWE-362",
@@ -898,6 +908,11 @@
         "start_line": 6
       },
       "identifiers": [
+        {
+          "type": "flawfinder_func_name",
+          "name": "Flawfinder - char",
+          "value": "char"
+        },
         {
           "type": "cwe",
           "name": "CWE-119",
@@ -931,6 +946,11 @@
         "start_line": 7
       },
       "identifiers": [
+        {
+          "type": "flawfinder_func_name",
+          "name": "Flawfinder - strcpy",
+          "value": "strcpy"
+        },
         {
           "type": "cwe",
           "name": "CWE-120",
-- 
cgit v1.2.1


From c5783cb59d8a2d91333e6f9527802944594686de Mon Sep 17 00:00:00 2001
From: Dan Davison <ddavison@gitlab.com>
Date: Thu, 18 Jul 2019 11:57:26 +0000
Subject: Refactor common Page Objects to use data tags

Common usages within GitLab QA include Login Page,
navigation bars and layouts
---
 app/views/devise/passwords/edit.html.haml                 | 6 +++---
 app/views/devise/sessions/_new_ldap.html.haml             | 6 +++---
 app/views/devise/shared/_tabs_ldap.html.haml              | 6 +++---
 app/views/devise/shared/_tabs_normal.html.haml            | 4 ++--
 app/views/layouts/header/_current_user_dropdown.html.haml | 4 ++--
 qa/qa/page/main/login.rb                                  | 4 ++--
 qa/qa/page/main/menu.rb                                   | 2 +-
 7 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/app/views/devise/passwords/edit.html.haml b/app/views/devise/passwords/edit.html.haml
index 09ea7716a47..fee87c6324c 100644
--- a/app/views/devise/passwords/edit.html.haml
+++ b/app/views/devise/passwords/edit.html.haml
@@ -7,12 +7,12 @@
       = f.hidden_field :reset_password_token
       .form-group
         = f.label 'New password', for: "user_password"
-        = f.password_field :password, class: "form-control top qa-password-field", required: true, title: 'This field is required'
+        = f.password_field :password, class: "form-control top", required: true, title: 'This field is required', data: { qa_selector: 'password_field'}
       .form-group
         = f.label 'Confirm new password', for: "user_password_confirmation"
-        = f.password_field :password_confirmation, class: "form-control bottom qa-password-confirmation", title: 'This field is required', required: true
+        = f.password_field :password_confirmation, class: "form-control bottom", title: 'This field is required', data: { qa_selector: 'password_confirmation_field' }, required: true
       .clearfix
-        = f.submit "Change your password", class: "btn btn-primary qa-change-password-button"
+        = f.submit "Change your password", class: "btn btn-primary", data: { qa_selector: 'change_password_button' }
 
 .clearfix.prepend-top-20
   %p
diff --git a/app/views/devise/sessions/_new_ldap.html.haml b/app/views/devise/sessions/_new_ldap.html.haml
index f856773526d..a8e34b6da9c 100644
--- a/app/views/devise/sessions/_new_ldap.html.haml
+++ b/app/views/devise/sessions/_new_ldap.html.haml
@@ -3,13 +3,13 @@
 = form_tag(omniauth_callback_path(:user, server['provider_name']), id: 'new_ldap_user', class: "gl-show-field-errors") do
   .form-group
     = label_tag :username, "#{server['label']} Username"
-    = text_field_tag :username, nil, { class: "form-control top qa-username-field", title: "This field is required.", autofocus: "autofocus", required: true }
+    = text_field_tag :username, nil, { class: "form-control top", title: "This field is required.", autofocus: "autofocus", data: { qa_selector:  'username_field' } required: true }
   .form-group
     = label_tag :password
-    = password_field_tag :password, nil, { class: "form-control bottom qa-password-field", title: "This field is required.", required: true }
+    = password_field_tag :password, nil, { class: "form-control bottom", title: "This field is required.", data: { qa_selector: 'password_field' }required: true }
   - if devise_mapping.rememberable?
     .remember-me
       %label{ for: "remember_me" }
         = check_box_tag :remember_me, '1', false, id: 'remember_me'
         %span Remember me
-  = submit_tag "Sign in", class: "btn-success btn qa-sign-in-button"
+  = submit_tag "Sign in", class: "btn-success btn", data: { qa_selector: 'sign_in_button' }
diff --git a/app/views/devise/shared/_tabs_ldap.html.haml b/app/views/devise/shared/_tabs_ldap.html.haml
index b1a9470cf1c..db54c166a53 100644
--- a/app/views/devise/shared/_tabs_ldap.html.haml
+++ b/app/views/devise/shared/_tabs_ldap.html.haml
@@ -5,13 +5,13 @@
   = render_if_exists "devise/shared/kerberos_tab"
   - @ldap_servers.each_with_index do |server, i|
     %li.nav-item
-      = link_to server['label'], "##{server['provider_name']}", class: "nav-link #{active_when(i.zero? && form_based_auth_provider_has_active_class?(:ldapmain))} qa-ldap-tab", 'data-toggle' => 'tab'
+      = link_to server['label'], "##{server['provider_name']}", class: "nav-link #{active_when(i.zero? && form_based_auth_provider_has_active_class?(:ldapmain))}", data: { toggle: 'tab', qa_selector: 'ldap_tab' }
 
   = render_if_exists 'devise/shared/tab_smartcard'
 
   - if password_authentication_enabled_for_web?
     %li.nav-item
-      = link_to 'Standard', '#login-pane', class: 'nav-link qa-standard-tab', 'data-toggle' => 'tab'
+      = link_to 'Standard', '#login-pane', class: 'nav-link', data: { toggle: 'tab', qa_selector: 'standard_tab' }
   - if allow_signup?
     %li.nav-item
-      = link_to 'Register', '#register-pane', class: 'nav-link qa-register-tab', 'data-toggle' => 'tab'
+      = link_to 'Register', '#register-pane', class: 'nav-link', data: { toggle: 'tab', qa_selector: 'register_tab' }
diff --git a/app/views/devise/shared/_tabs_normal.html.haml b/app/views/devise/shared/_tabs_normal.html.haml
index ab8c22532fd..b6a1b8805ee 100644
--- a/app/views/devise/shared/_tabs_normal.html.haml
+++ b/app/views/devise/shared/_tabs_normal.html.haml
@@ -1,6 +1,6 @@
 %ul.nav-links.new-session-tabs.nav-tabs.nav{ role: 'tablist' }
   %li.nav-item{ role: 'presentation' }
-    %a.nav-link.qa-sign-in-tab.active{ href: '#login-pane', data: { toggle: 'tab' }, role: 'tab' } Sign in
+    %a.nav-link.active{ href: '#login-pane', data: { toggle: 'tab', qa_selector: 'sign_in_tab' }, role: 'tab' } Sign in
   - if allow_signup?
     %li.nav-item{ role: 'presentation' }
-      %a.nav-link.qa-register-tab{ href: '#register-pane', data: { track_label: 'sign_in_register', track_property: '', track_event: 'click_button', track_value: '', toggle: 'tab' }, role: 'tab' } Register
+      %a.nav-link{ href: '#register-pane', data: { track_label: 'sign_in_register', track_property: '', track_event: 'click_button', track_value: '', toggle: 'tab', qa_selector: 'register_tab' }, role: 'tab' } Register
diff --git a/app/views/layouts/header/_current_user_dropdown.html.haml b/app/views/layouts/header/_current_user_dropdown.html.haml
index 45fc39dbbdb..808290afcad 100644
--- a/app/views/layouts/header/_current_user_dropdown.html.haml
+++ b/app/views/layouts/header/_current_user_dropdown.html.haml
@@ -20,8 +20,8 @@
       = link_to s_("CurrentUser|Profile"), current_user, class: 'profile-link', data: { user: current_user.username }
   - if current_user_menu?(:settings)
     %li
-      = link_to s_("CurrentUser|Settings"), profile_path
+      = link_to s_("CurrentUser|Settings"), profile_path, data: { qa_selector: 'settings_link' }
   - if current_user_menu?(:sign_out)
     %li.divider
     %li
-      = link_to _("Sign out"), destroy_user_session_path, class: "sign-out-link qa-sign-out-link"
+      = link_to _("Sign out"), destroy_user_session_path, class: "sign-out-link", data: { qa_selector: 'sign_out_link' }
diff --git a/qa/qa/page/main/login.rb b/qa/qa/page/main/login.rb
index ffce3b72275..c2b0482d789 100644
--- a/qa/qa/page/main/login.rb
+++ b/qa/qa/page/main/login.rb
@@ -6,7 +6,7 @@ module QA
       class Login < Page::Base
         view 'app/views/devise/passwords/edit.html.haml' do
           element :password_field
-          element :password_confirmation
+          element :password_confirmation_field
           element :change_password_button
         end
 
@@ -154,7 +154,7 @@ module QA
           return unless has_content?('Change your password')
 
           fill_element :password_field, Runtime::User.password
-          fill_element :password_confirmation, Runtime::User.password
+          fill_element :password_confirmation_field, Runtime::User.password
           click_element :change_password_button
         end
       end
diff --git a/qa/qa/page/main/menu.rb b/qa/qa/page/main/menu.rb
index c98d85d7911..d86d554356e 100644
--- a/qa/qa/page/main/menu.rb
+++ b/qa/qa/page/main/menu.rb
@@ -6,7 +6,7 @@ module QA
       class Menu < Page::Base
         view 'app/views/layouts/header/_current_user_dropdown.html.haml' do
           element :sign_out_link
-          element :settings_link, 'link_to s_("CurrentUser|Settings")' # rubocop:disable QA/ElementWithPattern
+          element :settings_link
         end
 
         view 'app/views/layouts/header/_default.html.haml' do
-- 
cgit v1.2.1


From 24369b49dca3045a6193246c1a96f76aeb9e61e8 Mon Sep 17 00:00:00 2001
From: Walmyr Lima <walmyr@gitlab.com>
Date: Thu, 18 Jul 2019 14:40:37 +0200
Subject: Better scope end-to-end test

Move test pre-conditions to before block, and leave only the test
steps and verifications in the it block.
---
 .../specs/features/browser_ui/2_plan/issue/issue_suggestions_spec.rb  | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/issue_suggestions_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/issue_suggestions_spec.rb
index 24dcb32f63f..694a3ffb54b 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/issue_suggestions_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/issue_suggestions_spec.rb
@@ -5,7 +5,7 @@ module QA
     describe 'issue suggestions' do
       let(:issue_title) { 'Issue Lists are awesome' }
 
-      it 'user sees issue suggestions when creating a new issue' do
+      before do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
         Page::Main::Login.perform(&:sign_in_using_credentials)
 
@@ -20,7 +20,9 @@ module QA
         end
 
         project.visit!
+      end
 
+      it 'user sees issue suggestions when creating a new issue' do
         Page::Project::Show.perform(&:go_to_new_issue)
         Page::Project::Issue::New.perform do |new_issue_page|
           new_issue_page.add_title("issue")
-- 
cgit v1.2.1


From c74164167a6e9c8a5da5beb6c3266586837797d0 Mon Sep 17 00:00:00 2001
From: Walmyr Lima <walmyr@gitlab.com>
Date: Thu, 18 Jul 2019 14:52:21 +0200
Subject: Better scope end-to-end test

Move test pre-conditions to before block, remove unnecessary
expectation, and leave only the test steps and verifications
in the it block.
---
 .../features/browser_ui/2_plan/issue/filter_issue_comments_spec.rb  | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/filter_issue_comments_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/filter_issue_comments_spec.rb
index af9514008f9..6f5b6893248 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/filter_issue_comments_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/filter_issue_comments_spec.rb
@@ -5,7 +5,7 @@ module QA
     describe 'filter issue comments activities' do
       let(:issue_title) { 'issue title' }
 
-      it 'user filters comments and activities in an issue' do
+      before do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
         Page::Main::Login.perform(&:sign_in_using_credentials)
 
@@ -14,9 +14,9 @@ module QA
         end
 
         issue.visit!
+      end
 
-        expect(page).to have_content(issue_title)
-
+      it 'user filters comments and activities in an issue' do
         Page::Project::Issue::Show.perform do |show_page|
           my_own_comment = "My own comment"
           made_the_issue_confidential = "made the issue confidential"
-- 
cgit v1.2.1


From 10e51ac5f7087bb9cbc495fc15195994fb8763e4 Mon Sep 17 00:00:00 2001
From: Qingyu Zhao <qzhao@gitlab.com>
Date: Thu, 27 Jun 2019 23:42:14 +1000
Subject: Add profile mode to extend request profiling

Extend the support for "X-Profile-Token: <token>" to have an additional
header that defines type of profile we are looking for, like:
  X-Profile-Mode: execution
  X-Profile-Mode: memory
---
 .../admin/requests_profiles_controller.rb          |   8 +-
 app/views/admin/requests_profiles/index.html.haml  |   3 +-
 config/routes/admin.rb                             |   2 +-
 .../performance/img/request_profile_result.png     | Bin 3216 -> 33920 bytes
 .../monitoring/performance/request_profiling.md    |   4 +-
 lib/gitlab/request_profiler/middleware.rb          |  62 ++++++++++++-
 lib/gitlab/request_profiler/profile.rb             |  25 +++--
 .../admin/requests_profiles_controller_spec.rb     |  63 +++++++++----
 .../features/admin/admin_requests_profiles_spec.rb | 103 ++++++++++++++++-----
 spec/requests/request_profiler_spec.rb             |  20 +++-
 10 files changed, 221 insertions(+), 69 deletions(-)

diff --git a/app/controllers/admin/requests_profiles_controller.rb b/app/controllers/admin/requests_profiles_controller.rb
index 89d4c4f18d9..1d14812186a 100644
--- a/app/controllers/admin/requests_profiles_controller.rb
+++ b/app/controllers/admin/requests_profiles_controller.rb
@@ -10,10 +10,10 @@ class Admin::RequestsProfilesController < Admin::ApplicationController
     clean_name = Rack::Utils.clean_path_info(params[:name])
     profile    = Gitlab::RequestProfiler::Profile.find(clean_name)
 
-    if profile
-      render html: profile.content.html_safe
-    else
-      redirect_to admin_requests_profiles_path, alert: 'Profile not found'
+    unless profile && profile.content_type
+      return redirect_to admin_requests_profiles_path, alert: 'Profile not found'
     end
+
+    send_file profile.file_path, type: "#{profile.content_type}; charset=utf-8", disposition: 'inline'
   end
 end
diff --git a/app/views/admin/requests_profiles/index.html.haml b/app/views/admin/requests_profiles/index.html.haml
index adfc67d66d0..86bfeef580c 100644
--- a/app/views/admin/requests_profiles/index.html.haml
+++ b/app/views/admin/requests_profiles/index.html.haml
@@ -19,7 +19,8 @@
           %ul.content-list
             - profiles.each do |profile|
               %li
-                = link_to profile.time.to_s(:long), admin_requests_profile_path(profile)
+                = link_to profile.time.to_s(:long) + ' ' + profile.profile_mode.capitalize,
+                  admin_requests_profile_path(profile)
   - else
     %p
       No profiles found
diff --git a/config/routes/admin.rb b/config/routes/admin.rb
index f609739d9fd..6f9a5552564 100644
--- a/config/routes/admin.rb
+++ b/config/routes/admin.rb
@@ -73,7 +73,7 @@ namespace :admin do
   resource :background_jobs, controller: 'background_jobs', only: [:show]
 
   resource :system_info, controller: 'system_info', only: [:show]
-  resources :requests_profiles, only: [:index, :show], param: :name, constraints: { name: /.+\.html/ }
+  resources :requests_profiles, only: [:index, :show], param: :name, constraints: { name: /.+\.(html|txt)/ }
 
   resources :projects, only: [:index]
 
diff --git a/doc/administration/monitoring/performance/img/request_profile_result.png b/doc/administration/monitoring/performance/img/request_profile_result.png
index 1b06e240fa0..3b34f207974 100644
Binary files a/doc/administration/monitoring/performance/img/request_profile_result.png and b/doc/administration/monitoring/performance/img/request_profile_result.png differ
diff --git a/doc/administration/monitoring/performance/request_profiling.md b/doc/administration/monitoring/performance/request_profiling.md
index 726882fbb87..9f671e0db11 100644
--- a/doc/administration/monitoring/performance/request_profiling.md
+++ b/doc/administration/monitoring/performance/request_profiling.md
@@ -5,9 +5,9 @@
 1. Grab the profiling token from **Monitoring > Requests Profiles** admin page
   (highlighted in a blue in the image below).
   ![Profile token](img/request_profiling_token.png)
-1. Pass the header `X-Profile-Token: <token>` to the request you want to profile. You can use:
+1. Pass the header `X-Profile-Token: <token>` and `X-Profile-Mode: <mode>`(where <mode> can be `execution` or `memory`) to the request you want to profile. You can use:
     - Browser extensions. For example, [ModHeader](https://chrome.google.com/webstore/detail/modheader/idgpnmonknjnojddfkpgkljpfnnfcklj) Chrome extension.
-    - `curl`. For example, `curl --header 'X-Profile-Token: <token>' https://gitlab.example.com/group/project`.
+    - `curl`. For example, `curl --header 'X-Profile-Token: <token>' --header 'X-Profile-Mode: <mode>' https://gitlab.example.com/group/project`.
 1. Once request is finished (which will take a little longer than usual), you can
   view the profiling output from **Monitoring > Requests Profiles** admin page.
   ![Profiling output](img/request_profile_result.png)
diff --git a/lib/gitlab/request_profiler/middleware.rb b/lib/gitlab/request_profiler/middleware.rb
index 7615f6f443b..99958d7a211 100644
--- a/lib/gitlab/request_profiler/middleware.rb
+++ b/lib/gitlab/request_profiler/middleware.rb
@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require 'ruby-prof'
+require 'memory_profiler'
 
 module Gitlab
   module RequestProfiler
@@ -28,22 +29,73 @@ module Gitlab
       end
 
       def call_with_profiling(env)
+        case env['HTTP_X_PROFILE_MODE']
+        when 'execution', nil
+          call_with_call_stack_profiling(env)
+        when 'memory'
+          call_with_memory_profiling(env)
+        else
+          raise ActionController::BadRequest, invalid_profile_mode(env)
+        end
+      end
+
+      def invalid_profile_mode(env)
+        <<~HEREDOC
+          Invalid X-Profile-Mode: #{env['HTTP_X_PROFILE_MODE']}.
+          Supported profile mode request header:
+            - X-Profile-Mode: execution
+            - X-Profile-Mode: memory
+        HEREDOC
+      end
+
+      def call_with_call_stack_profiling(env)
         ret = nil
-        result = RubyProf::Profile.profile do
+        report = RubyProf::Profile.profile do
           ret = catch(:warden) do
             @app.call(env)
           end
         end
 
-        printer   = RubyProf::CallStackPrinter.new(result)
-        file_name = "#{env['PATH_INFO'].tr('/', '|')}_#{Time.current.to_i}.html"
+        generate_report(env, 'execution', 'html') do |file|
+          printer = RubyProf::CallStackPrinter.new(report)
+          printer.print(file)
+        end
+
+        handle_request_ret(ret)
+      end
+
+      def call_with_memory_profiling(env)
+        ret = nil
+        report = MemoryProfiler.report do
+          ret = catch(:warden) do
+            @app.call(env)
+          end
+        end
+
+        generate_report(env, 'memory', 'txt') do |file|
+          report.pretty_print(to_file: file)
+        end
+
+        handle_request_ret(ret)
+      end
+
+      def generate_report(env, report_type, extension)
+        file_name = "#{env['PATH_INFO'].tr('/', '|')}_#{Time.current.to_i}"\
+                    "_#{report_type}.#{extension}"
         file_path = "#{PROFILES_DIR}/#{file_name}"
 
         FileUtils.mkdir_p(PROFILES_DIR)
-        File.open(file_path, 'wb') do |file|
-          printer.print(file)
+
+        begin
+          File.open(file_path, 'wb') do |file|
+            yield(file)
+          end
+        rescue
+          FileUtils.rm(file_path)
         end
+      end
 
+      def handle_request_ret(ret)
         if ret.is_a?(Array)
           ret
         else
diff --git a/lib/gitlab/request_profiler/profile.rb b/lib/gitlab/request_profiler/profile.rb
index 46996ef8c51..74f2ec1d083 100644
--- a/lib/gitlab/request_profiler/profile.rb
+++ b/lib/gitlab/request_profiler/profile.rb
@@ -3,28 +3,26 @@
 module Gitlab
   module RequestProfiler
     class Profile
-      attr_reader :name, :time, :request_path
+      attr_reader :name, :time, :file_path, :request_path, :profile_mode, :type
 
       alias_method :to_param, :name
 
       def self.all
-        Dir["#{PROFILES_DIR}/*.html"].map do |path|
+        Dir["#{PROFILES_DIR}/*.{html,txt}"].map do |path|
           new(File.basename(path))
         end
       end
 
       def self.find(name)
-        name_dup = name.dup
-        name_dup << '.html' unless name.end_with?('.html')
-
-        file_path = "#{PROFILES_DIR}/#{name_dup}"
+        file_path = File.join(PROFILES_DIR, name)
         return unless File.exist?(file_path)
 
-        new(name_dup)
+        new(name)
       end
 
       def initialize(name)
         @name = name
+        @file_path = File.join(PROFILES_DIR, name)
 
         set_attributes
       end
@@ -33,12 +31,23 @@ module Gitlab
         File.read("#{PROFILES_DIR}/#{name}")
       end
 
+      def content_type
+        case type
+        when 'html'
+          'text/html'
+        when 'txt'
+          'text/plain'
+        end
+      end
+
       private
 
       def set_attributes
-        _, path, timestamp = name.split(/(.*)_(\d+)\.html$/)
+        _, path, timestamp, profile_mode, type = name.split(/(.*)_(\d+)_(.*)\.(html|txt)$/)
         @request_path      = path.tr('|', '/')
         @time              = Time.at(timestamp.to_i).utc
+        @profile_mode      = profile_mode
+        @type              = type
       end
     end
   end
diff --git a/spec/controllers/admin/requests_profiles_controller_spec.rb b/spec/controllers/admin/requests_profiles_controller_spec.rb
index 10850cb4603..289bb58c5a8 100644
--- a/spec/controllers/admin/requests_profiles_controller_spec.rb
+++ b/spec/controllers/admin/requests_profiles_controller_spec.rb
@@ -10,38 +10,63 @@ describe Admin::RequestsProfilesController do
   end
 
   describe '#show' do
-    let(:basename) { "profile_#{Time.now.to_i}.html" }
     let(:tmpdir) { Dir.mktmpdir('profiler-test') }
     let(:test_file) { File.join(tmpdir, basename) }
-    let(:profile) { Gitlab::RequestProfiler::Profile.new(basename) }
-    let(:sample_data) do
-      <<~HTML
-        <!DOCTYPE html>
-        <html>
-        <body>
-        <h1>My First Heading</h1>
-        <p>My first paragraph.</p>
-        </body>
-        </html>
-      HTML
+
+    subject do
+      get :show, params: { name: basename }
     end
 
     before do
       stub_const('Gitlab::RequestProfiler::PROFILES_DIR', tmpdir)
-      output = File.open(test_file, 'w')
-      output.write(sample_data)
-      output.close
+      File.write(test_file, sample_data)
     end
 
     after do
       File.unlink(test_file)
     end
 
-    it 'loads an HTML profile' do
-      get :show, params: { name: basename }
+    context 'when loading HTML profile' do
+      let(:basename) { "profile_#{Time.now.to_i}_execution.html" }
+
+      let(:sample_data) do
+        '<html> <body> <h1>Heading</h1> <p>paragraph.</p> </body> </html>'
+      end
+
+      it 'renders the data' do
+        subject
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(response.body).to eq(sample_data)
+      end
+    end
+
+    context 'when loading TXT profile' do
+      let(:basename) { "profile_#{Time.now.to_i}_memory.txt" }
+
+      let(:sample_data) do
+        <<~TXT
+          Total allocated: 112096396 bytes (1080431 objects)
+          Total retained:  10312598 bytes (53567 objects)
+        TXT
+      end
+
+      it 'renders the data' do
+        subject
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(response.body).to eq(sample_data)
+      end
+    end
+
+    context 'when loading PDF profile' do
+      let(:basename) { "profile_#{Time.now.to_i}_anything.pdf" }
+
+      let(:sample_data) { 'mocked pdf content' }
 
-      expect(response).to have_gitlab_http_status(200)
-      expect(response.body).to eq(sample_data)
+      it 'fails to render the data' do
+        expect { subject }.to raise_error(ActionController::UrlGenerationError, /No route matches.*unmatched constraints:/)
+      end
     end
   end
 end
diff --git a/spec/features/admin/admin_requests_profiles_spec.rb b/spec/features/admin/admin_requests_profiles_spec.rb
index 2503fc9067d..a962af4952b 100644
--- a/spec/features/admin/admin_requests_profiles_spec.rb
+++ b/spec/features/admin/admin_requests_profiles_spec.rb
@@ -19,42 +19,97 @@ describe 'Admin::RequestsProfilesController' do
       expect(page).to have_content("X-Profile-Token: #{Gitlab::RequestProfiler.profile_token}")
     end
 
-    it 'lists all available profiles' do
-      time1 = 1.hour.ago
-      time2 = 2.hours.ago
-      time3 = 3.hours.ago
-      profile1 = "|gitlab-org|gitlab-ce_#{time1.to_i}.html"
-      profile2 = "|gitlab-org|gitlab-ce_#{time2.to_i}.html"
-      profile3 = "|gitlab-com|infrastructure_#{time3.to_i}.html"
-
-      FileUtils.touch("#{Gitlab::RequestProfiler::PROFILES_DIR}/#{profile1}")
-      FileUtils.touch("#{Gitlab::RequestProfiler::PROFILES_DIR}/#{profile2}")
-      FileUtils.touch("#{Gitlab::RequestProfiler::PROFILES_DIR}/#{profile3}")
-
-      visit admin_requests_profiles_path
+    context 'when having multiple profiles' do
+      let(:time1) { 1.hour.ago }
+      let(:time2) { 2.hours.ago }
+
+      let(:profiles) do
+        [
+          {
+            request_path: '/gitlab-org/gitlab-ce',
+            name: "|gitlab-org|gitlab-ce_#{time1.to_i}_execution.html",
+            created: time1,
+            profile_mode: 'Execution'
+          },
+          {
+            request_path: '/gitlab-org/gitlab-ce',
+            name: "|gitlab-org|gitlab-ce_#{time2.to_i}_execution.html",
+            created: time2,
+            profile_mode: 'Execution'
+          },
+          {
+            request_path: '/gitlab-org/gitlab-ce',
+            name: "|gitlab-org|gitlab-ce_#{time1.to_i}_memory.html",
+            created: time1,
+            profile_mode: 'Memory'
+          },
+          {
+            request_path: '/gitlab-org/gitlab-ce',
+            name: "|gitlab-org|gitlab-ce_#{time2.to_i}_memory.html",
+            created: time2,
+            profile_mode: 'Memory'
+          },
+          {
+            request_path: '/gitlab-org/infrastructure',
+            name: "|gitlab-org|infrastructure_#{time1.to_i}_execution.html",
+            created: time1,
+            profile_mode: 'Execution'
+          },
+          {
+            request_path: '/gitlab-org/infrastructure',
+            name: "|gitlab-org|infrastructure_#{time2.to_i}_memory.html",
+            created: time2,
+            profile_mode: 'Memory'
+          }
+        ]
+      end
 
-      within('.card', text: '/gitlab-org/gitlab-ce') do
-        expect(page).to have_selector("a[href='#{admin_requests_profile_path(profile1)}']", text: time1.to_s(:long))
-        expect(page).to have_selector("a[href='#{admin_requests_profile_path(profile2)}']", text: time2.to_s(:long))
+      before do
+        profiles.each do |profile|
+          FileUtils.touch(File.join(Gitlab::RequestProfiler::PROFILES_DIR, profile[:name]))
+        end
       end
 
-      within('.card', text: '/gitlab-com/infrastructure') do
-        expect(page).to have_selector("a[href='#{admin_requests_profile_path(profile3)}']", text: time3.to_s(:long))
+      it 'lists all available profiles' do
+        visit admin_requests_profiles_path
+
+        profiles.each do |profile|
+          within('.card', text: profile[:request_path]) do
+            expect(page).to have_selector(
+              "a[href='#{admin_requests_profile_path(profile[:name])}']",
+              text: "#{profile[:created].to_s(:long)} #{profile[:profile_mode]}")
+          end
+        end
       end
     end
   end
 
   describe 'GET /admin/requests_profiles/:profile' do
     context 'when a profile exists' do
-      it 'displays the content of the profile' do
-        content = 'This is a request profile'
-        profile = "|gitlab-org|gitlab-ce_#{Time.now.to_i}.html"
-
+      before do
         File.write("#{Gitlab::RequestProfiler::PROFILES_DIR}/#{profile}", content)
+      end
+
+      context 'when is valid call stack profile' do
+        let(:content) { 'This is a call stack request profile' }
+        let(:profile) { "|gitlab-org|gitlab-ce_#{Time.now.to_i}_execution.html" }
+
+        it 'displays the content' do
+          visit admin_requests_profile_path(profile)
+
+          expect(page).to have_content(content)
+        end
+      end
+
+      context 'when is valid memory profile' do
+        let(:content) { 'This is a memory request profile' }
+        let(:profile) { "|gitlab-org|gitlab-ce_#{Time.now.to_i}_memory.txt" }
 
-        visit admin_requests_profile_path(profile)
+        it 'displays the content' do
+          visit admin_requests_profile_path(profile)
 
-        expect(page).to have_content(content)
+          expect(page).to have_content(content)
+        end
       end
     end
 
diff --git a/spec/requests/request_profiler_spec.rb b/spec/requests/request_profiler_spec.rb
index 75b22b1879b..851affbcf88 100644
--- a/spec/requests/request_profiler_spec.rb
+++ b/spec/requests/request_profiler_spec.rb
@@ -3,13 +3,18 @@ require 'spec_helper'
 describe 'Request Profiler' do
   let(:user) { create(:user) }
 
-  shared_examples 'profiling a request' do
+  shared_examples 'profiling a request' do |profile_type, extension|
     before do
       allow(Rails).to receive(:cache).and_return(ActiveSupport::Cache::MemoryStore.new)
       allow(RubyProf::Profile).to receive(:profile) do |&blk|
         blk.call
         RubyProf::Profile.new
       end
+      allow(MemoryProfiler).to receive(:report) do |&blk|
+        blk.call
+        MemoryProfiler.start
+        MemoryProfiler.stop
+      end
     end
 
     it 'creates a profile of the request' do
@@ -18,10 +23,11 @@ describe 'Request Profiler' do
       path    = "/#{project.full_path}"
 
       Timecop.freeze(time) do
-        get path, params: {}, headers: { 'X-Profile-Token' => Gitlab::RequestProfiler.profile_token }
+        get path, params: {}, headers: { 'X-Profile-Token' => Gitlab::RequestProfiler.profile_token, 'X-Profile-Mode' => profile_type }
       end
 
-      profile_path = "#{Gitlab.config.shared.path}/tmp/requests_profiles/#{path.tr('/', '|')}_#{time.to_i}.html"
+      profile_type = 'execution' if profile_type.nil?
+      profile_path = "#{Gitlab.config.shared.path}/tmp/requests_profiles/#{path.tr('/', '|')}_#{time.to_i}_#{profile_type}.#{extension}"
       expect(File.exist?(profile_path)).to be true
     end
 
@@ -35,10 +41,14 @@ describe 'Request Profiler' do
       login_as(user)
     end
 
-    include_examples 'profiling a request'
+    include_examples 'profiling a request', 'execution', 'html'
+    include_examples 'profiling a request', nil, 'html'
+    include_examples 'profiling a request', 'memory', 'txt'
   end
 
   context "when user is not logged-in" do
-    include_examples 'profiling a request'
+    include_examples 'profiling a request', 'execution', 'html'
+    include_examples 'profiling a request', nil, 'html'
+    include_examples 'profiling a request', 'memory', 'txt'
   end
 end
-- 
cgit v1.2.1


From 6911c3435a61a34047a69d9eb92fc03ad2f4843c Mon Sep 17 00:00:00 2001
From: Natalia Tepluhina <ntepluhina@gitlab.com>
Date: Thu, 18 Jul 2019 13:16:18 +0000
Subject: Resolve "Tooltips on note timestamps not showing for issues"

---
 package.json                                       |  2 +-
 .../discussion_jump_to_next_button_spec.js         |  5 ++---
 .../markdown/suggestion_diff_header_spec.js        |  5 ++++-
 .../components/note_actions/reply_button_spec.js   |  5 ++---
 yarn.lock                                          | 25 +++++++++++-----------
 5 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/package.json b/package.json
index 4ba9a0d9a1b..aebb52dd07c 100644
--- a/package.json
+++ b/package.json
@@ -38,7 +38,7 @@
     "@babel/preset-env": "^7.4.4",
     "@gitlab/csslab": "^1.9.0",
     "@gitlab/svgs": "^1.67.0",
-    "@gitlab/ui": "^5.6.0",
+    "@gitlab/ui": "^5.7.0",
     "apollo-cache-inmemory": "^1.5.1",
     "apollo-client": "^2.5.1",
     "apollo-link": "^1.2.11",
diff --git a/spec/frontend/notes/components/discussion_jump_to_next_button_spec.js b/spec/frontend/notes/components/discussion_jump_to_next_button_spec.js
index 989b0458481..fd439ba46bd 100644
--- a/spec/frontend/notes/components/discussion_jump_to_next_button_spec.js
+++ b/spec/frontend/notes/components/discussion_jump_to_next_button_spec.js
@@ -23,8 +23,7 @@ describe('JumpToNextDiscussionButton', () => {
 
     button.trigger('click');
 
-    expect(wrapper.emitted()).toEqual({
-      onClick: [[]],
-    });
+    expect(wrapper.emitted().onClick).toBeTruthy();
+    expect(wrapper.emitted().onClick.length).toBe(1);
   });
 });
diff --git a/spec/frontend/vue_shared/components/markdown/suggestion_diff_header_spec.js b/spec/frontend/vue_shared/components/markdown/suggestion_diff_header_spec.js
index 3b6f67457ad..d69b4c7c162 100644
--- a/spec/frontend/vue_shared/components/markdown/suggestion_diff_header_spec.js
+++ b/spec/frontend/vue_shared/components/markdown/suggestion_diff_header_spec.js
@@ -73,7 +73,10 @@ describe('Suggestion Diff component', () => {
     });
 
     it('emits apply', () => {
-      expect(wrapper.emittedByOrder()).toEqual([{ name: 'apply', args: [expect.any(Function)] }]);
+      expect(wrapper.emittedByOrder()).toContainEqual({
+        name: 'apply',
+        args: [expect.any(Function)],
+      });
     });
 
     it('hides apply button', () => {
diff --git a/spec/javascripts/notes/components/note_actions/reply_button_spec.js b/spec/javascripts/notes/components/note_actions/reply_button_spec.js
index 11fb89808d9..003773d07ea 100644
--- a/spec/javascripts/notes/components/note_actions/reply_button_spec.js
+++ b/spec/javascripts/notes/components/note_actions/reply_button_spec.js
@@ -25,8 +25,7 @@ describe('ReplyButton', () => {
 
     button.trigger('click');
 
-    expect(wrapper.emitted()).toEqual({
-      startReplying: [[]],
-    });
+    expect(wrapper.emitted().startReplying).toBeTruthy();
+    expect(wrapper.emitted().startReplying.length).toBe(1);
   });
 });
diff --git a/yarn.lock b/yarn.lock
index a0fbdfd4541..c0c1887a9d1 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -705,21 +705,21 @@
   resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-1.67.0.tgz#c7b94eca13b99fd3aaa737fb6dcc0abc41d3c579"
   integrity sha512-hJOmWEs6RkjzyKkb1vc9wwKGZIBIP0coHkxu/KgOoxhBVudpGk4CH7xJ6UuB2TKpb0SEh5CC1CzRZfBYaFhsaA==
 
-"@gitlab/ui@^5.6.0":
-  version "5.6.0"
-  resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-5.6.0.tgz#6b5408050229e2135359f3fce5d0de7718326a0d"
-  integrity sha512-EohpACc5OCK8pOWgwB7/QZUcg3tA9k863ku6Ik9NxaRSKt/JIpQ8RI4wCr4UmqhejZLQMD9VZHLUmc9Sf3Mk9w==
+"@gitlab/ui@^5.7.0":
+  version "5.7.0"
+  resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-5.7.0.tgz#2ce6b431de262f09b2e1dbe77b047d6e8e1ca41d"
+  integrity sha512-zOPFNrCGyZrgqa8OXNhtfRg4aQ6pRCpIV2+alq3/4jllYb3HHHH+jIk/ejLrvNe8+fk7LRNSvJEvuInRLqBbEg==
   dependencies:
     "@babel/standalone" "^7.0.0"
     "@gitlab/vue-toasted" "^1.2.1"
     bootstrap "4.3.1"
-    bootstrap-vue "^2.0.0-rc.24"
+    bootstrap-vue "^2.0.0-rc.26"
     copy-to-clipboard "^3.0.8"
     core-js "^2.6.9"
     echarts "^4.2.0-rc.2"
     highlight.js "^9.13.1"
     js-beautify "^1.8.8"
-    lodash "^4.17.11"
+    lodash "^4.17.14"
     url-search-params-polyfill "^5.0.0"
     vue "^2.6.10"
     vue-loader "^15.4.2"
@@ -1921,14 +1921,13 @@ bonjour@^3.5.0:
     multicast-dns "^6.0.1"
     multicast-dns-service-types "^1.1.0"
 
-bootstrap-vue@^2.0.0-rc.24:
-  version "2.0.0-rc.24"
-  resolved "https://registry.yarnpkg.com/bootstrap-vue/-/bootstrap-vue-2.0.0-rc.24.tgz#8ea5bbcd19e0f9b4f87ed4d9ba72abaa35231f32"
-  integrity sha512-8rA/I9tOvpNVIuMKD3rdlrUqgVdPEw4vPI0X8OeFJcG2hHvCHeZDF7FmWqxSeehIrUHGDV17HlTGSuP/v1Sp5g==
+bootstrap-vue@^2.0.0-rc.26:
+  version "2.0.0-rc.26"
+  resolved "https://registry.yarnpkg.com/bootstrap-vue/-/bootstrap-vue-2.0.0-rc.26.tgz#2b8b9116a452584ae20ba8310d143635bc9e1375"
+  integrity sha512-AzN+IRTmfR9rLFWNGt+v2XPmQjZiAlH4x5z2kStA3UoJ5LR91K34iZ8apaa6isDo+DfWDcwH4q7OwHM+VNxWwg==
   dependencies:
     "@nuxt/opencollective" "^0.2.2"
     bootstrap "^4.3.1"
-    core-js ">=2.6.5 <3.0.0"
     popper.js "^1.15.0"
     portal-vue "^2.1.5"
     vue-functional-data-merge "^3.1.0"
@@ -2827,7 +2826,7 @@ core-js@3.0.1:
   resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.0.1.tgz#1343182634298f7f38622f95e73f54e48ddf4738"
   integrity sha512-sco40rF+2KlE0ROMvydjkrVMMG1vYilP2ALoRXcYR4obqbYIuV3Bg+51GEDW+HF8n7NRA+iaA4qD0nD9lo9mew==
 
-"core-js@>=2.6.5 <3.0.0", core-js@^2.2.0, core-js@^2.6.9:
+core-js@^2.2.0, core-js@^2.6.9:
   version "2.6.9"
   resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.6.9.tgz#6b4b214620c834152e179323727fc19741b084f2"
   integrity sha512-HOpZf6eXmnl7la+cUdMnLvUxKNqLUzJvgIziQ0DiF3JwSImNphIqdGqzj6hIKyX04MmV0poclQ7+wjWvxQyR2A==
@@ -7016,7 +7015,7 @@ lodash.upperfirst@4.3.1:
   resolved "https://registry.yarnpkg.com/lodash.upperfirst/-/lodash.upperfirst-4.3.1.tgz#1365edf431480481ef0d1c68957a5ed99d49f7ce"
   integrity sha1-E2Xt9DFIBIHvDRxolXpe2Z1J984=
 
-lodash@^4.0.0, lodash@^4.13.1, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.4, lodash@^4.17.5, lodash@^4.5.0, lodash@~4.17.10:
+lodash@^4.0.0, lodash@^4.13.1, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.14, lodash@^4.17.4, lodash@^4.17.5, lodash@^4.5.0, lodash@~4.17.10:
   version "4.17.14"
   resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.14.tgz#9ce487ae66c96254fe20b599f21b6816028078ba"
   integrity sha512-mmKYbW3GLuJeX+iGP+Y7Gp1AiGHGbXHCOh/jZmrawMmsE7MS4znI3RL2FsjbqOyMayHInjOeykW7PEajUk1/xw==
-- 
cgit v1.2.1


From 854f7eff12e6eeb44edbe8972c63459dabdb4112 Mon Sep 17 00:00:00 2001
From: Walmyr Lima <walmyr@gitlab.com>
Date: Thu, 18 Jul 2019 15:18:29 +0200
Subject: Better scope end-to-end test

Move test pre-conditions to before block, and leave only the test
steps and verifications in the it block.
---
 qa/qa/specs/features/browser_ui/2_plan/issue/comment_issue_spec.rb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/comment_issue_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/comment_issue_spec.rb
index 2e71ecb5718..78919561a89 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/comment_issue_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/comment_issue_spec.rb
@@ -3,7 +3,7 @@
 module QA
   context 'Plan' do
     describe 'Issue comments' do
-      it 'user comments on an issue and edits the comment' do
+      before do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
         Page::Main::Login.perform(&:sign_in_using_credentials)
 
@@ -11,7 +11,9 @@ module QA
           issue.title = 'issue title'
         end
         issue.visit!
+      end
 
+      it 'user comments on an issue and edits the comment' do
         Page::Project::Issue::Show.perform do |issue_show_page|
           first_version_of_comment = 'First version of the comment'
           second_version_of_comment = 'Second version of the comment'
-- 
cgit v1.2.1


From 1136c0c8e98d4f0d3fb4f50219657cabe0d45c99 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Wed, 17 Jul 2019 16:34:27 -0700
Subject: Add Rugged calls and duration to API and Rails logs

This adds `rugged_duration_ms` and `rugged_calls` fields to
`api_json.log` and `production_json.log`. This will make it easier to
identify performance issues caused by excessive I/O.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/64676
---
 changelogs/unreleased/sh-add-rugged-logs.yml    |  5 +++++
 config/initializers/lograge.rb                  |  7 ++++++
 lib/gitlab/git/rugged_impl/use_rugged.rb        | 13 ++++++++++-
 lib/gitlab/grape_logging/loggers/perf_logger.rb | 19 ++++++++++++++++
 lib/gitlab/rugged_instrumentation.rb            | 30 +++++++++++++++++++++++++
 scripts/lint-rugged                             |  7 +++++-
 spec/lib/gitlab/rugged_instrumentation_spec.rb  | 27 ++++++++++++++++++++++
 7 files changed, 106 insertions(+), 2 deletions(-)
 create mode 100644 changelogs/unreleased/sh-add-rugged-logs.yml
 create mode 100644 lib/gitlab/rugged_instrumentation.rb
 create mode 100644 spec/lib/gitlab/rugged_instrumentation_spec.rb

diff --git a/changelogs/unreleased/sh-add-rugged-logs.yml b/changelogs/unreleased/sh-add-rugged-logs.yml
new file mode 100644
index 00000000000..1f464dd92ff
--- /dev/null
+++ b/changelogs/unreleased/sh-add-rugged-logs.yml
@@ -0,0 +1,5 @@
+---
+title: Add Rugged calls and duration to API and Rails logs
+merge_request: 30871
+author:
+type: other
diff --git a/config/initializers/lograge.rb b/config/initializers/lograge.rb
index fbec28186eb..3d84b4e44ce 100644
--- a/config/initializers/lograge.rb
+++ b/config/initializers/lograge.rb
@@ -34,6 +34,13 @@ unless Sidekiq.server?
         payload[:gitaly_duration] = Gitlab::GitalyClient.query_time_ms
       end
 
+      rugged_calls = Gitlab::RuggedInstrumentation.query_count
+
+      if rugged_calls > 0
+        payload[:rugged_calls] = rugged_calls
+        payload[:rugged_duration_ms] = Gitlab::RuggedInstrumentation.query_time_ms
+      end
+
       payload[:response] = event.payload[:response] if event.payload[:response]
       payload[Labkit::Correlation::CorrelationId::LOG_KEY] = Labkit::Correlation::CorrelationId.current_id
 
diff --git a/lib/gitlab/git/rugged_impl/use_rugged.rb b/lib/gitlab/git/rugged_impl/use_rugged.rb
index 902fa3c7822..badf943e39c 100644
--- a/lib/gitlab/git/rugged_impl/use_rugged.rb
+++ b/lib/gitlab/git/rugged_impl/use_rugged.rb
@@ -13,7 +13,18 @@ module Gitlab
 
         def wrap_rugged_call(&block)
           Gitlab::GitalyClient::StorageSettings.allow_disk_access do
-            yield
+            start = Gitlab::Metrics::System.monotonic_time
+
+            result = yield
+
+            duration = Gitlab::Metrics::System.monotonic_time - start
+
+            if Gitlab::RuggedInstrumentation.active?
+              Gitlab::RuggedInstrumentation.increment_query_count
+              Gitlab::RuggedInstrumentation.query_time += duration
+            end
+
+            result
           end
         end
       end
diff --git a/lib/gitlab/grape_logging/loggers/perf_logger.rb b/lib/gitlab/grape_logging/loggers/perf_logger.rb
index 18ea3a8d2f3..7e86b35a215 100644
--- a/lib/gitlab/grape_logging/loggers/perf_logger.rb
+++ b/lib/gitlab/grape_logging/loggers/perf_logger.rb
@@ -6,11 +6,30 @@ module Gitlab
     module Loggers
       class PerfLogger < ::GrapeLogging::Loggers::Base
         def parameters(_, _)
+          gitaly_data.merge(rugged_data)
+        end
+
+        def gitaly_data
+          gitaly_calls = Gitlab::GitalyClient.get_request_count
+
+          return {} if gitaly_calls.zero?
+
           {
             gitaly_calls: Gitlab::GitalyClient.get_request_count,
             gitaly_duration: Gitlab::GitalyClient.query_time_ms
           }
         end
+
+        def rugged_data
+          rugged_calls = Gitlab::RuggedInstrumentation.query_count
+
+          return {} if rugged_calls.zero?
+
+          {
+            rugged_calls: rugged_calls,
+            rugged_duration_ms: Gitlab::RuggedInstrumentation.query_time_ms
+          }
+        end
       end
     end
   end
diff --git a/lib/gitlab/rugged_instrumentation.rb b/lib/gitlab/rugged_instrumentation.rb
new file mode 100644
index 00000000000..70c06e8b308
--- /dev/null
+++ b/lib/gitlab/rugged_instrumentation.rb
@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module RuggedInstrumentation
+    def self.query_time
+      SafeRequestStore[:rugged_query_time] ||= 0
+    end
+
+    def self.query_time=(duration)
+      SafeRequestStore[:rugged_query_time] = duration
+    end
+
+    def self.query_time_ms
+      (self.query_time * 1000).round(2)
+    end
+
+    def self.query_count
+      SafeRequestStore[:rugged_call_count] ||= 0
+    end
+
+    def self.increment_query_count
+      SafeRequestStore[:rugged_call_count] ||= 0
+      SafeRequestStore[:rugged_call_count] += 1
+    end
+
+    def self.active?
+      Gitlab::SafeRequestStore.active?
+    end
+  end
+end
diff --git a/scripts/lint-rugged b/scripts/lint-rugged
index 9466c62a415..e1605b4501b 100755
--- a/scripts/lint-rugged
+++ b/scripts/lint-rugged
@@ -10,7 +10,12 @@ ALLOWED = [
   # Reverted Rugged calls due to Gitaly atop NFS performance
   # See https://docs.gitlab.com/ee/development/gitaly.html#legacy-rugged-code.
   'lib/gitlab/git/rugged_impl/',
-  'lib/gitlab/gitaly_client/storage_settings.rb'
+  'lib/gitlab/gitaly_client/storage_settings.rb',
+
+  # Needed for logging
+  'config/initializers/lograge.rb',
+  'lib/gitlab/grape_logging/loggers/perf_logger.rb',
+  'lib/gitlab/rugged_instrumentation.rb'
 ].freeze
 
 rugged_lines = IO.popen(%w[git grep -i -n rugged -- app config lib], &:read).lines
diff --git a/spec/lib/gitlab/rugged_instrumentation_spec.rb b/spec/lib/gitlab/rugged_instrumentation_spec.rb
new file mode 100644
index 00000000000..4dcc8ae514a
--- /dev/null
+++ b/spec/lib/gitlab/rugged_instrumentation_spec.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::RuggedInstrumentation, :request_store do
+  subject { described_class }
+
+  describe '.query_time' do
+    it 'increments query times' do
+      subject.query_time += 0.451
+      subject.query_time += 0.322
+
+      expect(subject.query_time).to be_within(0.001).of(0.773)
+      expect(subject.query_time_ms).to eq(773.0)
+    end
+  end
+
+  context '.increment_query_count' do
+    it 'tracks query counts' do
+      expect(subject.query_count).to eq(0)
+
+      2.times { subject.increment_query_count }
+
+      expect(subject.query_count).to eq(2)
+    end
+  end
+end
-- 
cgit v1.2.1


From 22e2917b18f9e0544d807a047117b06311f7083b Mon Sep 17 00:00:00 2001
From: Aleksei Lipniagov <alipniagov@gitlab.com>
Date: Thu, 18 Jul 2019 13:54:11 +0000
Subject: Fix pid providing for Prometheus

Use relative worker identifier for metrics (instead of Process.pid) and
identify when Unicorn/Puma/Sidekiq is used.
Previously, it was assumed that all metrics are gathered from Unicorn
due to hardcoded implementation which was incorrect.
---
 config/initializers/7_prometheus_metrics.rb |  3 +-
 lib/prometheus/pid_provider.rb              | 42 +++++++++++++++
 spec/lib/prometheus/pid_provider_spec.rb    | 79 +++++++++++++++++++++++++++++
 3 files changed, 122 insertions(+), 2 deletions(-)
 create mode 100644 lib/prometheus/pid_provider.rb
 create mode 100644 spec/lib/prometheus/pid_provider_spec.rb

diff --git a/config/initializers/7_prometheus_metrics.rb b/config/initializers/7_prometheus_metrics.rb
index 53c3eac3c74..3f2691dde95 100644
--- a/config/initializers/7_prometheus_metrics.rb
+++ b/config/initializers/7_prometheus_metrics.rb
@@ -1,5 +1,4 @@
 require 'prometheus/client'
-require 'prometheus/client/support/unicorn'
 
 # Keep separate directories for separate processes
 def prometheus_default_multiproc_dir
@@ -23,7 +22,7 @@ Prometheus::Client.configure do |config|
 
   config.multiprocess_files_dir = ENV['prometheus_multiproc_dir'] || prometheus_default_multiproc_dir
 
-  config.pid_provider = Prometheus::Client::Support::Unicorn.method(:worker_pid_provider)
+  config.pid_provider = Prometheus::PidProvider.method(:worker_id)
 end
 
 Gitlab::Application.configure do |config|
diff --git a/lib/prometheus/pid_provider.rb b/lib/prometheus/pid_provider.rb
new file mode 100644
index 00000000000..c92522c73c5
--- /dev/null
+++ b/lib/prometheus/pid_provider.rb
@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+require 'prometheus/client/support/unicorn'
+
+module Prometheus
+  module PidProvider
+    extend self
+
+    def worker_id
+      if Sidekiq.server?
+        'sidekiq'
+      elsif defined?(Unicorn::Worker)
+        "unicorn_#{unicorn_worker_id}"
+      elsif defined?(::Puma)
+        "puma_#{puma_worker_id}"
+      else
+        "process_#{Process.pid}"
+      end
+    end
+
+    private
+
+    # This is not fully accurate as we don't really know if the nil returned
+    # is actually means we're on master or not.
+    # Follow up issue was created to address this problem and
+    # to introduce more structrured approach to a current process discovery:
+    # https://gitlab.com/gitlab-org/gitlab-ce/issues/64740
+    def unicorn_worker_id
+      ::Prometheus::Client::Support::Unicorn.worker_id || 'master'
+    end
+
+    # See the comment for #unicorn_worker_id
+    def puma_worker_id
+      match = process_name.match(/cluster worker ([0-9]+):/)
+      match ? match[1] : 'master'
+    end
+
+    def process_name
+      $0
+    end
+  end
+end
diff --git a/spec/lib/prometheus/pid_provider_spec.rb b/spec/lib/prometheus/pid_provider_spec.rb
new file mode 100644
index 00000000000..e7d500612b1
--- /dev/null
+++ b/spec/lib/prometheus/pid_provider_spec.rb
@@ -0,0 +1,79 @@
+# frozen_string_literal: true
+
+require 'fast_spec_helper'
+
+describe Prometheus::PidProvider do
+  describe '.worker_id' do
+    subject { described_class.worker_id }
+
+    let(:sidekiq_module) { Module.new }
+
+    before do
+      allow(sidekiq_module).to receive(:server?).and_return(false)
+      stub_const('Sidekiq', sidekiq_module)
+    end
+
+    context 'when running in Sidekiq server mode' do
+      before do
+        expect(Sidekiq).to receive(:server?).and_return(true)
+      end
+
+      it { is_expected.to eq 'sidekiq' }
+    end
+
+    context 'when running in Unicorn mode' do
+      before do
+        stub_const('Unicorn::Worker', Class.new)
+        hide_const('Puma')
+      end
+
+      context 'when `Prometheus::Client::Support::Unicorn` provides worker_id' do
+        before do
+          expect(::Prometheus::Client::Support::Unicorn).to receive(:worker_id).and_return(1)
+        end
+
+        it { is_expected.to eq 'unicorn_1' }
+      end
+
+      context 'when no worker_id is provided from `Prometheus::Client::Support::Unicorn`' do
+        before do
+          expect(::Prometheus::Client::Support::Unicorn).to receive(:worker_id).and_return(nil)
+        end
+
+        it { is_expected.to eq 'unicorn_master' }
+      end
+    end
+
+    context 'when running in Puma mode' do
+      before do
+        stub_const('Puma', Module.new)
+        hide_const('Unicorn::Worker')
+      end
+
+      context 'when cluster worker id is specified in process name' do
+        before do
+          expect(described_class).to receive(:process_name).and_return('puma: cluster worker 1: 17483 [gitlab-puma-worker]')
+        end
+
+        it { is_expected.to eq 'puma_1' }
+      end
+
+      context 'when no worker id is specified in process name' do
+        before do
+          expect(described_class).to receive(:process_name).and_return('bin/puma')
+        end
+
+        it { is_expected.to eq 'puma_master' }
+      end
+    end
+
+    context 'when running in unknown mode' do
+      before do
+        hide_const('Puma')
+        hide_const('Unicorn::Worker')
+      end
+
+      it { is_expected.to eq "process_#{Process.pid}" }
+    end
+  end
+end
-- 
cgit v1.2.1


From 622e20766c6e7762e621c386dea7d3b45d4930b1 Mon Sep 17 00:00:00 2001
From: blunceford <blunceford@gitlab.com>
Date: Thu, 18 Jul 2019 09:28:11 -0600
Subject: Removed name from changelog entry

---
 changelogs/unreleased/group-milestones-dashboard-blunceford.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changelogs/unreleased/group-milestones-dashboard-blunceford.yml b/changelogs/unreleased/group-milestones-dashboard-blunceford.yml
index e3ae94e9601..a6ded27cb8c 100644
--- a/changelogs/unreleased/group-milestones-dashboard-blunceford.yml
+++ b/changelogs/unreleased/group-milestones-dashboard-blunceford.yml
@@ -1,5 +1,5 @@
 ---
 title: Fix bug in dashboard display of closed milestones
 merge_request: 30820
-author: blunceford
+author:
 type: fixed
-- 
cgit v1.2.1


From c424ce52c9e89391dfc36337fb3dbbd812ad0749 Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Thu, 18 Jul 2019 10:26:32 -0500
Subject: Ensure haml-lint checks Syntax

Also ensures we check Syntax with RuboCop, which is different.
---
 .haml-lint.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.haml-lint.yml b/.haml-lint.yml
index 0412b24a48c..399fa9656a0 100644
--- a/.haml-lint.yml
+++ b/.haml-lint.yml
@@ -118,7 +118,6 @@ linters:
       - Lint/ParenthesesAsGroupedExpression
       - Lint/RedundantWithIndex
       - Lint/SafeNavigationConsistency
-      - Lint/Syntax
       - Metrics/BlockNesting
       - Naming/VariableName
       - Performance/RedundantMatch
@@ -155,6 +154,9 @@ linters:
     enabled: true
     style: space
 
+  Syntax:
+    enabled: true
+
   Indentation:
     enabled: true
     character: space  # or tab
-- 
cgit v1.2.1


From f76669a10e916b294c9c1e5c197009c11e185005 Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Thu, 18 Jul 2019 10:27:13 -0500
Subject: Fix haml-lint RuboCop error in admin/users/index

---
 app/views/admin/users/index.html.haml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/views/admin/users/index.html.haml b/app/views/admin/users/index.html.haml
index c3d5ce0fe70..6fc7ec1bb6f 100644
--- a/app/views/admin/users/index.html.haml
+++ b/app/views/admin/users/index.html.haml
@@ -52,7 +52,7 @@
           = icon("search", class: "search-icon")
           = button_tag s_('AdminUsers|Search users') if Rails.env.test?
         .dropdown.user-sort-dropdown
-          - toggle_text = if @sort.present? then users_sort_options_hash[@sort] else sort_title_name end
+          - toggle_text = @sort.present? ? users_sort_options_hash[@sort] : sort_title_name
           = dropdown_toggle(toggle_text, { toggle: 'dropdown' })
           %ul.dropdown-menu.dropdown-menu-right
             %li.dropdown-header
-- 
cgit v1.2.1


From 41e2be78b58f63d5637ea97093118ab0fb5fdcd5 Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Thu, 18 Jul 2019 10:27:57 -0500
Subject: Fix syntax errors in devise/sessions/_new_ldap

---
 app/views/devise/sessions/_new_ldap.html.haml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/views/devise/sessions/_new_ldap.html.haml b/app/views/devise/sessions/_new_ldap.html.haml
index a8e34b6da9c..31c4bb0e33e 100644
--- a/app/views/devise/sessions/_new_ldap.html.haml
+++ b/app/views/devise/sessions/_new_ldap.html.haml
@@ -3,10 +3,10 @@
 = form_tag(omniauth_callback_path(:user, server['provider_name']), id: 'new_ldap_user', class: "gl-show-field-errors") do
   .form-group
     = label_tag :username, "#{server['label']} Username"
-    = text_field_tag :username, nil, { class: "form-control top", title: "This field is required.", autofocus: "autofocus", data: { qa_selector:  'username_field' } required: true }
+    = text_field_tag :username, nil, { class: "form-control top", title: "This field is required.", autofocus: "autofocus", data: { qa_selector: 'username_field' }, required: true }
   .form-group
     = label_tag :password
-    = password_field_tag :password, nil, { class: "form-control bottom", title: "This field is required.", data: { qa_selector: 'password_field' }required: true }
+    = password_field_tag :password, nil, { class: "form-control bottom", title: "This field is required.", data: { qa_selector: 'password_field' }, required: true }
   - if devise_mapping.rememberable?
     .remember-me
       %label{ for: "remember_me" }
-- 
cgit v1.2.1


From eda789c3c2504ecb4a60e8caeeaec7940d66e85b Mon Sep 17 00:00:00 2001
From: Alex Kalderimis <akalderimis@gitlab.com>
Date: Thu, 18 Jul 2019 15:47:01 +0000
Subject: Improves add_timestamps_with_timezone helper

This improves the `add_timestamps_with_timezone` helper by allowing the
column names to be configured. This has the advantage that unnecessary
columns can be avoided, saving space.

A helper for removing the columns is also provided, to be used in the
`down` method of migrations.
---
 lib/gitlab/database/migration_helpers.rb           | 71 +++++++++++++++++---
 spec/lib/gitlab/database/migration_helpers_spec.rb | 77 +++++++++++++++++++++-
 2 files changed, 135 insertions(+), 13 deletions(-)

diff --git a/lib/gitlab/database/migration_helpers.rb b/lib/gitlab/database/migration_helpers.rb
index 0c5f33e1b2a..2ae807697bc 100644
--- a/lib/gitlab/database/migration_helpers.rb
+++ b/lib/gitlab/database/migration_helpers.rb
@@ -6,31 +6,45 @@ module Gitlab
       BACKGROUND_MIGRATION_BATCH_SIZE = 1000 # Number of rows to process per job
       BACKGROUND_MIGRATION_JOB_BUFFER_SIZE = 1000 # Number of jobs to bulk queue at a time
 
+      PERMITTED_TIMESTAMP_COLUMNS = %i[created_at updated_at deleted_at].to_set.freeze
+      DEFAULT_TIMESTAMP_COLUMNS = %i[created_at updated_at].freeze
+
       # Adds `created_at` and `updated_at` columns with timezone information.
       #
       # This method is an improved version of Rails' built-in method `add_timestamps`.
       #
+      # By default, adds `created_at` and `updated_at` columns, but these can be specified as:
+      #
+      #   add_timestamps_with_timezone(:my_table, columns: [:created_at, :deleted_at])
+      #
+      # This allows you to create just the timestamps you need, saving space.
+      #
       # Available options are:
-      # default - The default value for the column.
-      # null - When set to `true` the column will allow NULL values.
+      #  :default - The default value for the column.
+      #  :null - When set to `true` the column will allow NULL values.
       #        The default is to not allow NULL values.
+      #  :columns - the column names to create. Must be one
+      #             of `Gitlab::Database::MigrationHelpers::PERMITTED_TIMESTAMP_COLUMNS`.
+      #             Default value: `DEFAULT_TIMESTAMP_COLUMNS`
+      #
+      # All options are optional.
       def add_timestamps_with_timezone(table_name, options = {})
         options[:null] = false if options[:null].nil?
+        columns = options.fetch(:columns, DEFAULT_TIMESTAMP_COLUMNS)
+        default_value = options[:default]
 
-        [:created_at, :updated_at].each do |column_name|
-          if options[:default] && transaction_open?
-            raise '`add_timestamps_with_timezone` with default value cannot be run inside a transaction. ' \
-              'You can disable transactions by calling `disable_ddl_transaction!` ' \
-              'in the body of your migration class'
-          end
+        validate_not_in_transaction!(:add_timestamps_with_timezone, 'with default value') if default_value
+
+        columns.each do |column_name|
+          validate_timestamp_column_name!(column_name)
 
           # If default value is presented, use `add_column_with_default` method instead.
-          if options[:default]
+          if default_value
             add_column_with_default(
               table_name,
               column_name,
               :datetime_with_timezone,
-              default: options[:default],
+              default: default_value,
               allow_null: options[:null]
             )
           else
@@ -39,6 +53,21 @@ module Gitlab
         end
       end
 
+      # To be used in the `#down` method of migrations that
+      # use `#add_timestamps_with_timezone`.
+      #
+      # Available options are:
+      #  :columns - the column names to remove. Must be one
+      #             Default value: `DEFAULT_TIMESTAMP_COLUMNS`
+      #
+      # All options are optional.
+      def remove_timestamps(table_name, options = {})
+        columns = options.fetch(:columns, DEFAULT_TIMESTAMP_COLUMNS)
+        columns.each do |column_name|
+          remove_column(table_name, column_name)
+        end
+      end
+
       # Creates a new index, concurrently when supported
       #
       # On PostgreSQL this method creates an index concurrently, on MySQL this
@@ -1098,6 +1127,28 @@ into similar problems in the future (e.g. when new tables are created).
       def mysql_compatible_index_length
         Gitlab::Database.mysql? ? 20 : nil
       end
+
+      private
+
+      def validate_timestamp_column_name!(column_name)
+        return if PERMITTED_TIMESTAMP_COLUMNS.member?(column_name)
+
+        raise <<~MESSAGE
+          Illegal timestamp column name! Got #{column_name}.
+          Must be one of: #{PERMITTED_TIMESTAMP_COLUMNS.to_a}
+        MESSAGE
+      end
+
+      def validate_not_in_transaction!(method_name, modifier = nil)
+        return unless transaction_open?
+
+        raise <<~ERROR
+          #{["`#{method_name}`", modifier].compact.join(' ')} cannot be run inside a transaction.
+
+          You can disable transactions by calling `disable_ddl_transaction!` in the body of
+          your migration class
+        ERROR
+      end
     end
   end
 end
diff --git a/spec/lib/gitlab/database/migration_helpers_spec.rb b/spec/lib/gitlab/database/migration_helpers_spec.rb
index 7409572288c..dd0033bbc14 100644
--- a/spec/lib/gitlab/database/migration_helpers_spec.rb
+++ b/spec/lib/gitlab/database/migration_helpers_spec.rb
@@ -9,9 +9,27 @@ describe Gitlab::Database::MigrationHelpers do
     allow(model).to receive(:puts)
   end
 
+  describe '#remove_timestamps' do
+    it 'can remove the default timestamps' do
+      Gitlab::Database::MigrationHelpers::DEFAULT_TIMESTAMP_COLUMNS.each do |column_name|
+        expect(model).to receive(:remove_column).with(:foo, column_name)
+      end
+
+      model.remove_timestamps(:foo)
+    end
+
+    it 'can remove custom timestamps' do
+      expect(model).to receive(:remove_column).with(:foo, :bar)
+
+      model.remove_timestamps(:foo, columns: [:bar])
+    end
+  end
+
   describe '#add_timestamps_with_timezone' do
+    let(:in_transaction) { false }
+
     before do
-      allow(model).to receive(:transaction_open?).and_return(false)
+      allow(model).to receive(:transaction_open?).and_return(in_transaction)
     end
 
     context 'using PostgreSQL' do
@@ -21,11 +39,64 @@ describe Gitlab::Database::MigrationHelpers do
       end
 
       it 'adds "created_at" and "updated_at" fields with the "datetime_with_timezone" data type' do
-        expect(model).to receive(:add_column).with(:foo, :created_at, :datetime_with_timezone, { null: false })
-        expect(model).to receive(:add_column).with(:foo, :updated_at, :datetime_with_timezone, { null: false })
+        Gitlab::Database::MigrationHelpers::DEFAULT_TIMESTAMP_COLUMNS.each do |column_name|
+          expect(model).to receive(:add_column).with(:foo, column_name, :datetime_with_timezone, { null: false })
+        end
 
         model.add_timestamps_with_timezone(:foo)
       end
+
+      it 'can disable the NOT NULL constraint' do
+        Gitlab::Database::MigrationHelpers::DEFAULT_TIMESTAMP_COLUMNS.each do |column_name|
+          expect(model).to receive(:add_column).with(:foo, column_name, :datetime_with_timezone, { null: true })
+        end
+
+        model.add_timestamps_with_timezone(:foo, null: true)
+      end
+
+      it 'can add just one column' do
+        expect(model).to receive(:add_column).with(:foo, :created_at, :datetime_with_timezone, anything)
+        expect(model).not_to receive(:add_column).with(:foo, :updated_at, :datetime_with_timezone, anything)
+
+        model.add_timestamps_with_timezone(:foo, columns: [:created_at])
+      end
+
+      it 'can add choice of acceptable columns' do
+        expect(model).to receive(:add_column).with(:foo, :created_at, :datetime_with_timezone, anything)
+        expect(model).to receive(:add_column).with(:foo, :deleted_at, :datetime_with_timezone, anything)
+        expect(model).not_to receive(:add_column).with(:foo, :updated_at, :datetime_with_timezone, anything)
+
+        model.add_timestamps_with_timezone(:foo, columns: [:created_at, :deleted_at])
+      end
+
+      it 'cannot add unacceptable column names' do
+        expect do
+          model.add_timestamps_with_timezone(:foo, columns: [:bar])
+        end.to raise_error %r/Illegal timestamp column name/
+      end
+
+      context 'in a transaction' do
+        let(:in_transaction) { true }
+
+        before do
+          allow(model).to receive(:add_column).with(any_args).and_call_original
+          allow(model).to receive(:add_column)
+            .with(:foo, anything, :datetime_with_timezone, anything)
+            .and_return(nil)
+        end
+
+        it 'cannot add a default value' do
+          expect do
+            model.add_timestamps_with_timezone(:foo, default: :i_cause_an_error)
+          end.to raise_error %r/add_timestamps_with_timezone/
+        end
+
+        it 'can add columns without defaults' do
+          expect do
+            model.add_timestamps_with_timezone(:foo)
+          end.not_to raise_error
+        end
+      end
     end
 
     context 'using MySQL' do
-- 
cgit v1.2.1


From 6383f71b325cca58b897a41d876dea46aab88cd1 Mon Sep 17 00:00:00 2001
From: Brett Walker <bwalker@gitlab.com>
Date: Thu, 18 Jul 2019 11:50:05 -0500
Subject: Use issuable_path to allow support of epics

---
 app/views/shared/_issuable_meta_data.html.haml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/views/shared/_issuable_meta_data.html.haml b/app/views/shared/_issuable_meta_data.html.haml
index 71b13a5d741..7807371285c 100644
--- a/app/views/shared/_issuable_meta_data.html.haml
+++ b/app/views/shared/_issuable_meta_data.html.haml
@@ -1,7 +1,7 @@
 - note_count         = @issuable_meta_data[issuable.id].user_notes_count
 - issue_votes        = @issuable_meta_data[issuable.id]
 - upvotes, downvotes = issue_votes.upvotes, issue_votes.downvotes
-- issuable_url       = @collection_type == "Issue" ? issue_path(issuable, anchor: 'notes') : merge_request_path(issuable, anchor: 'notes')
+- issuable_path      = issuable_path(issuable, anchor: 'notes')
 - issuable_mr        = @issuable_meta_data[issuable.id].merge_requests_count(current_user)
 
 - if issuable_mr > 0
@@ -20,6 +20,6 @@
     = downvotes
 
 %li.issuable-comments.d-none.d-sm-block
-  = link_to issuable_url, class: ['has-tooltip', ('no-comments' if note_count.zero?)], title: _('Comments') do
+  = link_to issuable_path, class: ['has-tooltip', ('no-comments' if note_count.zero?)], title: _('Comments') do
     = icon('comments')
     = note_count
-- 
cgit v1.2.1


From 3bded603974e7cd22e90be9911ba0fc08ca26b94 Mon Sep 17 00:00:00 2001
From: Walmyr Lima <walmyr@gitlab.com>
Date: Thu, 18 Jul 2019 18:50:58 +0200
Subject: Refactor check mentions for xss test

The refactor consists in:
- Better scopping preconditions and the test definition
- Removing a variable that was being used in a single palce, and
use the string directly instead.
---
 .../browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb        | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
index 5eceeb9661c..afddbff75bd 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
@@ -3,9 +3,7 @@
 module QA
   context 'Plan' do
     describe 'check xss occurence in @mentions in issues' do
-      let(:issue_title) { 'issue title' }
-
-      it 'user mentions a user in comment' do
+      before do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
         Page::Main::Login.perform(&:sign_in_using_credentials)
 
@@ -25,11 +23,13 @@ module QA
         end
 
         issue = Resource::Issue.fabricate_via_api! do |issue|
-          issue.title = issue_title
+          issue.title = 'issue title'
           issue.project = project
         end
         issue.visit!
+      end
 
+      it 'user mentions a user in comment' do
         Page::Project::Issue::Show.perform do |show_page|
           show_page.select_all_activities_filter
           show_page.comment('cc-ing you here @eve')
-- 
cgit v1.2.1


From dc14c91d065d869b77b0ec0db47b8b36c96f15be Mon Sep 17 00:00:00 2001
From: Andrew Newdigate <andrew@gitlab.com>
Date: Tue, 16 Jul 2019 22:10:44 +0200
Subject: Adds chaos endpoints to Sidekiq

This allows the chaos endpoints to be invoked in Sidekiq so that this
environment can be tested for resilience.
---
 app/controllers/chaos_controller.rb        |  54 +++++-------
 app/workers/all_queues.yml                 |   6 ++
 app/workers/chaos/cpu_spin_worker.rb       |  12 +++
 app/workers/chaos/db_spin_worker.rb        |  12 +++
 app/workers/chaos/kill_worker.rb           |  12 +++
 app/workers/chaos/leak_mem_worker.rb       |  12 +++
 app/workers/chaos/sleep_worker.rb          |  12 +++
 app/workers/concerns/chaos_queue.rb        |   9 ++
 changelogs/unreleased/an-sidekiq-chaos.yml |   5 ++
 config/routes.rb                           |   2 +-
 config/sidekiq_queues.yml                  |   1 +
 doc/development/chaos_endpoints.md         |  31 +++++--
 lib/gitlab/chaos.rb                        |  49 +++++++++++
 spec/controllers/chaos_controller_spec.rb  | 127 +++++++++++++++++++++++++++++
 14 files changed, 302 insertions(+), 42 deletions(-)
 create mode 100644 app/workers/chaos/cpu_spin_worker.rb
 create mode 100644 app/workers/chaos/db_spin_worker.rb
 create mode 100644 app/workers/chaos/kill_worker.rb
 create mode 100644 app/workers/chaos/leak_mem_worker.rb
 create mode 100644 app/workers/chaos/sleep_worker.rb
 create mode 100644 app/workers/concerns/chaos_queue.rb
 create mode 100644 changelogs/unreleased/an-sidekiq-chaos.yml
 create mode 100644 lib/gitlab/chaos.rb
 create mode 100644 spec/controllers/chaos_controller_spec.rb

diff --git a/app/controllers/chaos_controller.rb b/app/controllers/chaos_controller.rb
index 2985da35d83..ac008165c16 100644
--- a/app/controllers/chaos_controller.rb
+++ b/app/controllers/chaos_controller.rb
@@ -1,57 +1,38 @@
 # frozen_string_literal: true
 
 class ChaosController < ActionController::Base
-  before_action :validate_chaos_secret, unless: :development?
-  before_action :request_start_time
+  before_action :validate_chaos_secret, unless: :development_or_test?
 
   def leakmem
-    retainer = []
-    # Add `n` 1mb chunks of memory to the retainer array
-    memory_mb.times { retainer << "x" * 1.megabyte }
-
-    Kernel.sleep(duration_left)
-
-    render plain: "OK"
+    do_chaos :leak_mem, Chaos::LeakMemWorker, memory_mb, duration_s
   end
 
   def cpu_spin
-    rand while Time.now < expected_end_time
-
-    render plain: "OK"
+    do_chaos :cpu_spin, Chaos::CpuSpinWorker, duration_s
   end
 
   def db_spin
-    while Time.now < expected_end_time
-      ActiveRecord::Base.connection.execute("SELECT 1")
-
-      end_interval_time = Time.now + [duration_s, interval_s].min
-      rand while Time.now < end_interval_time
-    end
+    do_chaos :db_spin, Chaos::DbSpinWorker, duration_s, interval_s
   end
 
   def sleep
-    Kernel.sleep(duration_left)
-
-    render plain: "OK"
+    do_chaos :sleep, Chaos::SleepWorker, duration_s
   end
 
   def kill
-    Process.kill("KILL", Process.pid)
+    do_chaos :kill, Chaos::KillWorker
   end
 
   private
 
-  def request_start_time
-    @start_time ||= Time.now
-  end
-
-  def expected_end_time
-    request_start_time + duration_s
-  end
+  def do_chaos(method, worker, *args)
+    if async
+      worker.perform_async(*args)
+    else
+      Gitlab::Chaos.public_send(method, *args) # rubocop: disable GitlabSecurity/PublicSend
+    end
 
-  def duration_left
-    # returns 0 if over time
-    [expected_end_time - Time.now, 0].max
+    render plain: "OK"
   end
 
   def validate_chaos_secret
@@ -91,7 +72,12 @@ class ChaosController < ActionController::Base
     memory_mb.to_i
   end
 
-  def development?
-    Rails.env.development?
+  def async
+    async = params[:async] || false
+    Gitlab::Utils.to_boolean(async)
+  end
+
+  def development_or_test?
+    Rails.env.development? || Rails.env.test?
   end
 end
diff --git a/app/workers/all_queues.yml b/app/workers/all_queues.yml
index 3d34bfc05c7..991a177018e 100644
--- a/app/workers/all_queues.yml
+++ b/app/workers/all_queues.yml
@@ -3,6 +3,12 @@
 
 - auto_merge:auto_merge_process
 
+- chaos:chaos_cpu_spin
+- chaos:chaos_db_spin
+- chaos:chaos_kill
+- chaos:chaos_leak_mem
+- chaos:chaos_sleep
+
 - cronjob:admin_email
 - cronjob:expire_build_artifacts
 - cronjob:gitlab_usage_ping
diff --git a/app/workers/chaos/cpu_spin_worker.rb b/app/workers/chaos/cpu_spin_worker.rb
new file mode 100644
index 00000000000..43a32c3274f
--- /dev/null
+++ b/app/workers/chaos/cpu_spin_worker.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Chaos
+  class CpuSpinWorker
+    include ApplicationWorker
+    include ChaosQueue
+
+    def perform(duration_s)
+      Gitlab::Chaos.cpu_spin(duration_s)
+    end
+  end
+end
diff --git a/app/workers/chaos/db_spin_worker.rb b/app/workers/chaos/db_spin_worker.rb
new file mode 100644
index 00000000000..217ddabbcb6
--- /dev/null
+++ b/app/workers/chaos/db_spin_worker.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Chaos
+  class DbSpinWorker
+    include ApplicationWorker
+    include ChaosQueue
+
+    def perform(duration_s, interval_s)
+      Gitlab::Chaos.db_spin(duration_s, interval_s)
+    end
+  end
+end
diff --git a/app/workers/chaos/kill_worker.rb b/app/workers/chaos/kill_worker.rb
new file mode 100644
index 00000000000..bbad53c9b86
--- /dev/null
+++ b/app/workers/chaos/kill_worker.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Chaos
+  class KillWorker
+    include ApplicationWorker
+    include ChaosQueue
+
+    def perform
+      Gitlab::Chaos.kill
+    end
+  end
+end
diff --git a/app/workers/chaos/leak_mem_worker.rb b/app/workers/chaos/leak_mem_worker.rb
new file mode 100644
index 00000000000..0caa99e0de9
--- /dev/null
+++ b/app/workers/chaos/leak_mem_worker.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Chaos
+  class LeakMemWorker
+    include ApplicationWorker
+    include ChaosQueue
+
+    def perform(memory_mb, duration_s)
+      Gitlab::Chaos.leak_mem(memory_mb, duration_s)
+    end
+  end
+end
diff --git a/app/workers/chaos/sleep_worker.rb b/app/workers/chaos/sleep_worker.rb
new file mode 100644
index 00000000000..7c724c4cb4e
--- /dev/null
+++ b/app/workers/chaos/sleep_worker.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module Chaos
+  class SleepWorker
+    include ApplicationWorker
+    include ChaosQueue
+
+    def perform(duration_s)
+      Gitlab::Chaos.sleep(duration_s)
+    end
+  end
+end
diff --git a/app/workers/concerns/chaos_queue.rb b/app/workers/concerns/chaos_queue.rb
new file mode 100644
index 00000000000..e406509d12d
--- /dev/null
+++ b/app/workers/concerns/chaos_queue.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+#
+module ChaosQueue
+  extend ActiveSupport::Concern
+
+  included do
+    queue_namespace :chaos
+  end
+end
diff --git a/changelogs/unreleased/an-sidekiq-chaos.yml b/changelogs/unreleased/an-sidekiq-chaos.yml
new file mode 100644
index 00000000000..cede35c95cc
--- /dev/null
+++ b/changelogs/unreleased/an-sidekiq-chaos.yml
@@ -0,0 +1,5 @@
+---
+title: Adds chaos endpoints to Sidekiq
+merge_request: 30814
+author:
+type: other
diff --git a/config/routes.rb b/config/routes.rb
index 641807203bf..459f2b22bf0 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -116,7 +116,7 @@ Rails.application.routes.draw do
       end
     end
 
-    if ENV['GITLAB_CHAOS_SECRET'] || Rails.env.development?
+    if ENV['GITLAB_CHAOS_SECRET'] || Rails.env.development? || Rails.env.test?
       resource :chaos, only: [] do
         get :leakmem
         get :cpu_spin
diff --git a/config/sidekiq_queues.yml b/config/sidekiq_queues.yml
index 80791795390..c7586aa1e38 100644
--- a/config/sidekiq_queues.yml
+++ b/config/sidekiq_queues.yml
@@ -95,6 +95,7 @@
   - [update_project_statistics, 1]
   - [phabricator_import_import_tasks, 1]
   - [update_namespace_statistics, 1]
+  - [chaos, 2]
 
   # EE-specific queues
   - [ldap_group_sync, 2]
diff --git a/doc/development/chaos_endpoints.md b/doc/development/chaos_endpoints.md
index b3406275937..eb6dde2d24e 100644
--- a/doc/development/chaos_endpoints.md
+++ b/doc/development/chaos_endpoints.md
@@ -36,6 +36,10 @@ Replace `secret` with your own secret token.
 
 Once you have enabled the chaos endpoints and restarted the application, you can start testing using the endpoints.
 
+By default, when invoking a chaos endpoint, the web worker process which receives the request will handle it. This means, for example, that if the Kill
+operation is invoked, the Puma or Unicorn worker process handling the request will be killed. To test these operations in Sidekiq, the `async` parameter on
+each endpoint can be set to `true`. This will run the chaos process in a Sidekiq worker.
+
 ## Memory leaks
 
 To simulate a memory leak in your application, use the `/-/chaos/leakmem` endpoint.
@@ -47,12 +51,14 @@ The memory is not retained after the request finishes. Once the request has comp
 GET /-/chaos/leakmem
 GET /-/chaos/leakmem?memory_mb=1024
 GET /-/chaos/leakmem?memory_mb=1024&duration_s=50
+GET /-/chaos/leakmem?memory_mb=1024&duration_s=50&async=true
 ```
 
-| Attribute    | Type    | Required | Description                                                                        |
-| ------------ | ------- | -------- | ---------------------------------------------------------------------------------- |
-| `memory_mb`  | integer | no       | How much memory, in MB, should be leaked. Defaults to 100MB.                       |
+| Attribute    | Type    | Required | Description                                                                          |
+| ------------ | ------- | -------- | ------------------------------------------------------------------------------------ |
+| `memory_mb`  | integer | no       | How much memory, in MB, should be leaked. Defaults to 100MB.                         |
 | `duration_s` | integer | no       | Minimum duration_s, in seconds, that the memory should be retained. Defaults to 30s. |
+| `async`      | boolean | no       | Set to true to leak memory in a Sidekiq background worker process                    |
 
 ```bash
 curl http://localhost:3000/-/chaos/leakmem?memory_mb=1024&duration_s=10 --header 'X-Chaos-Secret: secret'
@@ -69,11 +75,13 @@ If you're using Unicorn, this is done by killing the worker process.
 ```
 GET /-/chaos/cpu_spin
 GET /-/chaos/cpu_spin?duration_s=50
+GET /-/chaos/cpu_spin?duration_s=50&async=true
 ```
 
 | Attribute    | Type    | Required | Description                                                           |
 | ------------ | ------- | -------- | --------------------------------------------------------------------- |
 | `duration_s` | integer | no       | Duration, in seconds, that the core will be utilised. Defaults to 30s |
+| `async`      | boolean | no       | Set to true to consume CPU in a Sidekiq background worker process     |
 
 ```bash
 curl http://localhost:3000/-/chaos/cpu_spin?duration_s=60 --header 'X-Chaos-Secret: secret'
@@ -91,12 +99,14 @@ If you're using Unicorn, this is done by killing the worker process.
 ```
 GET /-/chaos/db_spin
 GET /-/chaos/db_spin?duration_s=50
+GET /-/chaos/db_spin?duration_s=50&async=true
 ```
 
-| Attribute    | Type    | Required | Description                                                           |
-| ------------ | ------- | -------- | --------------------------------------------------------------------- |
-| `interval_s` | float   | no       | Interval, in seconds, for every DB request. Defaults to 1s            |
-| `duration_s` | integer | no       | Duration, in seconds, that the core will be utilised. Defaults to 30s |
+| Attribute    | Type    | Required | Description                                                                 |
+| ------------ | ------- | -------- | --------------------------------------------------------------------------- |
+| `interval_s` | float   | no       | Interval, in seconds, for every DB request. Defaults to 1s                  |
+| `duration_s` | integer | no       | Duration, in seconds, that the core will be utilised. Defaults to 30s       |
+| `async`      | boolean | no       | Set to true to perform the operation in a Sidekiq background worker process |
 
 ```bash
 curl http://localhost:3000/-/chaos/db_spin?interval_s=1&duration_s=60 --header 'X-Chaos-Secret: secret'
@@ -112,11 +122,13 @@ As with the CPU Spin endpoint, this may lead to your request timing out if durat
 ```
 GET /-/chaos/sleep
 GET /-/chaos/sleep?duration_s=50
+GET /-/chaos/sleep?duration_s=50&async=true
 ```
 
 | Attribute    | Type    | Required | Description                                                            |
 | ------------ | ------- | -------- | ---------------------------------------------------------------------- |
 | `duration_s` | integer | no       | Duration, in seconds, that the request will sleep for. Defaults to 30s |
+| `async`      | boolean | no       | Set to true to sleep in a Sidekiq background worker process            |
 
 ```bash
 curl http://localhost:3000/-/chaos/sleep?duration_s=60 --header 'X-Chaos-Secret: secret'
@@ -132,8 +144,13 @@ Since this endpoint uses the `KILL` signal, the worker is not given a chance to
 
 ```
 GET /-/chaos/kill
+GET /-/chaos/kill?async=true
 ```
 
+| Attribute    | Type    | Required | Description                                                            |
+| ------------ | ------- | -------- | ---------------------------------------------------------------------- |
+| `async`      | boolean | no       | Set to true to kill a Sidekiq background worker process                |
+
 ```bash
 curl http://localhost:3000/-/chaos/kill --header 'X-Chaos-Secret: secret'
 curl http://localhost:3000/-/chaos/kill?token=secret
diff --git a/lib/gitlab/chaos.rb b/lib/gitlab/chaos.rb
new file mode 100644
index 00000000000..4f47cdef971
--- /dev/null
+++ b/lib/gitlab/chaos.rb
@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+module Gitlab
+  # Chaos methods for GitLab.
+  # See https://docs.gitlab.com/ee/development/chaos_endpoints.html for more details.
+  class Chaos
+    # leak_mem will retain the specified amount of memory and sleep.
+    # On return, the memory will be released.
+    def self.leak_mem(memory_mb, duration_s)
+      start_time = Time.now
+
+      retainer = []
+      # Add `n` 1mb chunks of memory to the retainer array
+      memory_mb.times { retainer << "x" * 1.megabyte }
+
+      duration_left = [start_time + duration_s - Time.now, 0].max
+      Kernel.sleep(duration_left)
+    end
+
+    # cpu_spin will consume all CPU on a single core for the specified duration
+    def self.cpu_spin(duration_s)
+      expected_end_time = Time.now + duration_s
+
+      rand while Time.now < expected_end_time
+    end
+
+    # db_spin will query the database in a tight loop for the specified duration
+    def self.db_spin(duration_s, interval_s)
+      expected_end_time = Time.now + duration_s
+
+      while Time.now < expected_end_time
+        ActiveRecord::Base.connection.execute("SELECT 1")
+
+        end_interval_time = Time.now + [duration_s, interval_s].min
+        rand while Time.now < end_interval_time
+      end
+    end
+
+    # sleep will sleep for the specified duration
+    def self.sleep(duration_s)
+      Kernel.sleep(duration_s)
+    end
+
+    # Kill will send a SIGKILL signal to the current process
+    def self.kill
+      Process.kill("KILL", Process.pid)
+    end
+  end
+end
diff --git a/spec/controllers/chaos_controller_spec.rb b/spec/controllers/chaos_controller_spec.rb
new file mode 100644
index 00000000000..bafd4a70862
--- /dev/null
+++ b/spec/controllers/chaos_controller_spec.rb
@@ -0,0 +1,127 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe ChaosController do
+  describe '#leakmem' do
+    it 'calls synchronously' do
+      expect(Gitlab::Chaos).to receive(:leak_mem).with(100, 30.seconds)
+
+      get :leakmem
+
+      expect(response).to have_gitlab_http_status(200)
+    end
+
+    it 'call synchronously with params' do
+      expect(Gitlab::Chaos).to receive(:leak_mem).with(1, 2.seconds)
+
+      get :leakmem, params: { memory_mb: 1, duration_s: 2 }
+
+      expect(response).to have_gitlab_http_status(200)
+    end
+
+    it 'calls asynchronously' do
+      expect(Chaos::LeakMemWorker).to receive(:perform_async).with(100, 30.seconds)
+
+      get :leakmem, params: { async: 1 }
+
+      expect(response).to have_gitlab_http_status(200)
+    end
+  end
+
+  describe '#cpu_spin' do
+    it 'calls synchronously' do
+      expect(Gitlab::Chaos).to receive(:cpu_spin).with(30.seconds)
+
+      get :cpu_spin
+
+      expect(response).to have_gitlab_http_status(200)
+    end
+
+    it 'calls synchronously with params' do
+      expect(Gitlab::Chaos).to receive(:cpu_spin).with(3.seconds)
+
+      get :cpu_spin, params: { duration_s: 3 }
+
+      expect(response).to have_gitlab_http_status(200)
+    end
+
+    it 'calls asynchronously' do
+      expect(Chaos::CpuSpinWorker).to receive(:perform_async).with(30.seconds)
+
+      get :cpu_spin, params: { async: 1 }
+
+      expect(response).to have_gitlab_http_status(200)
+    end
+  end
+
+  describe '#db_spin' do
+    it 'calls synchronously' do
+      expect(Gitlab::Chaos).to receive(:db_spin).with(30.seconds, 1.second)
+
+      get :db_spin
+
+      expect(response).to have_gitlab_http_status(200)
+    end
+
+    it 'calls synchronously with params' do
+      expect(Gitlab::Chaos).to receive(:db_spin).with(4.seconds, 5.seconds)
+
+      get :db_spin, params: { duration_s: 4, interval_s: 5 }
+
+      expect(response).to have_gitlab_http_status(200)
+    end
+
+    it 'calls asynchronously' do
+      expect(Chaos::DbSpinWorker).to receive(:perform_async).with(30.seconds, 1.second)
+
+      get :db_spin, params: { async: 1 }
+
+      expect(response).to have_gitlab_http_status(200)
+    end
+  end
+
+  describe '#sleep' do
+    it 'calls synchronously' do
+      expect(Gitlab::Chaos).to receive(:sleep).with(30.seconds)
+
+      get :sleep
+
+      expect(response).to have_gitlab_http_status(200)
+    end
+
+    it 'calls synchronously with params' do
+      expect(Gitlab::Chaos).to receive(:sleep).with(5.seconds)
+
+      get :sleep, params: { duration_s: 5 }
+
+      expect(response).to have_gitlab_http_status(200)
+    end
+
+    it 'calls asynchronously' do
+      expect(Chaos::SleepWorker).to receive(:perform_async).with(30.seconds)
+
+      get :sleep, params: { async: 1 }
+
+      expect(response).to have_gitlab_http_status(200)
+    end
+  end
+
+  describe '#kill' do
+    it 'calls synchronously' do
+      expect(Gitlab::Chaos).to receive(:kill).with(no_args)
+
+      get :kill
+
+      expect(response).to have_gitlab_http_status(200)
+    end
+
+    it 'calls asynchronously' do
+      expect(Chaos::KillWorker).to receive(:perform_async).with(no_args)
+
+      get :kill, params: { async: 1 }
+
+      expect(response).to have_gitlab_http_status(200)
+    end
+  end
+end
-- 
cgit v1.2.1


From 4b7cf4a54e95316a582d8df4211674d67b7cf1e2 Mon Sep 17 00:00:00 2001
From: Eugenia Grieff <egrieff@gitlab.com>
Date: Thu, 18 Jul 2019 18:52:10 +0000
Subject: CE port for milestones should not be set on epics issue promotion

---
 app/models/concerns/issuable.rb                    |  7 +++++++
 app/services/issuable/clone/attributes_rewriter.rb |  2 ++
 spec/models/concerns/issuable_spec.rb              | 21 +++++++++++++++++++++
 3 files changed, 30 insertions(+)

diff --git a/app/models/concerns/issuable.rb b/app/models/concerns/issuable.rb
index 952de92cae1..e60b6497cb7 100644
--- a/app/models/concerns/issuable.rb
+++ b/app/models/concerns/issuable.rb
@@ -427,4 +427,11 @@ module Issuable
   def wipless_title_changed(old_title)
     old_title != title
   end
+
+  ##
+  # Overridden on EE module
+  #
+  def supports_milestone?
+    respond_to?(:milestone_id)
+  end
 end
diff --git a/app/services/issuable/clone/attributes_rewriter.rb b/app/services/issuable/clone/attributes_rewriter.rb
index 0300cc0d8d3..3c061d35558 100644
--- a/app/services/issuable/clone/attributes_rewriter.rb
+++ b/app/services/issuable/clone/attributes_rewriter.rb
@@ -17,6 +17,8 @@ module Issuable
       private
 
       def cloneable_milestone
+        return unless new_entity.supports_milestone?
+
         title = original_entity.milestone&.title
         return unless title
 
diff --git a/spec/models/concerns/issuable_spec.rb b/spec/models/concerns/issuable_spec.rb
index 68224a56515..e19da41c3fe 100644
--- a/spec/models/concerns/issuable_spec.rb
+++ b/spec/models/concerns/issuable_spec.rb
@@ -774,4 +774,25 @@ describe Issuable do
       end
     end
   end
+
+  describe '#supports_milestone?' do
+    let(:group)   { create(:group) }
+    let(:project) { create(:project, group: group) }
+
+    context "for issues" do
+      let(:issue) { build(:issue, project: project) }
+
+      it 'returns true' do
+        expect(issue.supports_milestone?).to be_truthy
+      end
+    end
+
+    context "for merge requests" do
+      let(:merge_request) { build(:merge_request, target_project: project, source_project: project) }
+
+      it 'returns true' do
+        expect(merge_request.supports_milestone?).to be_truthy
+      end
+    end
+  end
 end
-- 
cgit v1.2.1


From 0604390a111d6d3410d93a69cbc321a934b21f41 Mon Sep 17 00:00:00 2001
From: Dan Davison <ddavison@gitlab.com>
Date: Thu, 18 Jul 2019 19:21:02 +0000
Subject: Fix QA documentation to refer to perform method

The documentation referred to the .act method
This MR changes this to refer to the preferred
.perform method
---
 doc/development/testing_guide/end_to_end/page_objects.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/development/testing_guide/end_to_end/page_objects.md b/doc/development/testing_guide/end_to_end/page_objects.md
index 29ad49403fe..52957d1a1ab 100644
--- a/doc/development/testing_guide/end_to_end/page_objects.md
+++ b/doc/development/testing_guide/end_to_end/page_objects.md
@@ -27,7 +27,7 @@ When someone later changes `t.text_field :login` in the view associated with
 this page to `t.text_field :username` it will generate a different field
 identifier, what would effectively break all tests.
 
-Because we are using `Page::Main::Login.act { sign_in_using_credentials }`
+Because we are using `Page::Main::Login.perform(&:sign_in_using_credentials)`
 everywhere, when we want to sign into GitLab, the page object is the single
 source of truth, and we will need to update `fill_in :user_login`
 to `fill_in :user_username` only in a one place.
-- 
cgit v1.2.1


From 58ecf27f1dbb38d449f6633116aee7b2479c8a77 Mon Sep 17 00:00:00 2001
From: Winnie Hellmann <winnie@gitlab.com>
Date: Thu, 18 Jul 2019 20:27:35 +0000
Subject: Add issue link to disabled JUnit reports

---
 .gitlab/ci/frontend.gitlab-ci.yml | 2 ++
 .gitlab/ci/rails.gitlab-ci.yml    | 1 +
 2 files changed, 3 insertions(+)

diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml
index 45a6a177943..22999a9d6b4 100644
--- a/.gitlab/ci/frontend.gitlab-ci.yml
+++ b/.gitlab/ci/frontend.gitlab-ci.yml
@@ -168,6 +168,7 @@ karma:
     paths:
       - chrome_debug.log
       - coverage-javascript/
+# see https://gitlab.com/gitlab-org/gitlab-ce/issues/64756
 #    reports:
 #      junit: junit_karma.xml
 
@@ -191,6 +192,7 @@ jest:
     paths:
       - coverage-frontend/
       - junit_jest.xml
+# see https://gitlab.com/gitlab-org/gitlab-ce/issues/64756
 #    reports:
 #      junit: junit_jest.xml
   cache:
diff --git a/.gitlab/ci/rails.gitlab-ci.yml b/.gitlab/ci/rails.gitlab-ci.yml
index c7a51beeee5..d0b1f1ab98f 100644
--- a/.gitlab/ci/rails.gitlab-ci.yml
+++ b/.gitlab/ci/rails.gitlab-ci.yml
@@ -80,6 +80,7 @@
       - rspec_profiling/
       - tmp/capybara/
       - tmp/memory_test/
+# see https://gitlab.com/gitlab-org/gitlab-ce/issues/64756
 #    reports:
 #      junit: junit_rspec.xml
 
-- 
cgit v1.2.1


From 88bf3fe8b4c07d38b331fc1d72487ba2b351395c Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Wed, 17 Jul 2019 11:32:04 +1200
Subject: Adds cluster_for_group factory for convienence

Also means we don't have to resort to an update statement to set parent
for child groups who also have clusters.

This is much shorter than

```
create(:cluster, :provided_by_gcp, :group, groups: [group])
```
---
 spec/factories/clusters/clusters.rb              |  2 ++
 spec/models/concerns/deployment_platform_spec.rb | 10 ++++------
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/spec/factories/clusters/clusters.rb b/spec/factories/clusters/clusters.rb
index ab332fc238b..171f5256d2b 100644
--- a/spec/factories/clusters/clusters.rb
+++ b/spec/factories/clusters/clusters.rb
@@ -5,6 +5,8 @@ FactoryBot.define do
     cluster_type :project_type
     managed true
 
+    factory :cluster_for_group, traits: [:provided_by_gcp, :group]
+
     trait :instance do
       cluster_type { Clusters::Cluster.cluster_types[:instance_type] }
     end
diff --git a/spec/models/concerns/deployment_platform_spec.rb b/spec/models/concerns/deployment_platform_spec.rb
index 2378f400540..c4f9f62ece5 100644
--- a/spec/models/concerns/deployment_platform_spec.rb
+++ b/spec/models/concerns/deployment_platform_spec.rb
@@ -46,12 +46,11 @@ describe DeploymentPlatform do
       end
 
       context 'when child group has configured kubernetes cluster', :nested_groups do
-        let!(:child_group1_cluster) { create(:cluster, :provided_by_gcp, :group) }
-        let(:child_group1) { child_group1_cluster.group }
+        let(:child_group1) { create(:group, parent: group) }
+        let!(:child_group1_cluster) { create(:cluster_for_group, groups: [child_group1]) }
 
         before do
           project.update!(group: child_group1)
-          child_group1.update!(parent: group)
         end
 
         it 'returns the Kubernetes platform for the child group' do
@@ -59,11 +58,10 @@ describe DeploymentPlatform do
         end
 
         context 'deeply nested group' do
-          let!(:child_group2_cluster) { create(:cluster, :provided_by_gcp, :group) }
-          let(:child_group2) { child_group2_cluster.group }
+          let(:child_group2) { create(:group, parent: child_group1) }
+          let!(:child_group2_cluster) { create(:cluster_for_group, groups: [child_group2]) }
 
           before do
-            child_group2.update!(parent: child_group1)
             project.update!(group: child_group2)
           end
 
-- 
cgit v1.2.1


From 5e0a288e7f26431e6f5795b174ed4cdf2d619bc9 Mon Sep 17 00:00:00 2001
From: Mike Greiling <mike@pixelcog.com>
Date: Wed, 17 Jul 2019 17:15:53 -0500
Subject: Resolve annoying deprecation warnings

DEPRECATION WARNING: The success? predicate is deprecated and will be
removed in Rails 6.0. Please use successful? ...
---
 spec/javascripts/fixtures/abuse_reports.rb        |  2 +-
 spec/javascripts/fixtures/admin_users.rb          |  2 +-
 spec/javascripts/fixtures/application_settings.rb |  2 +-
 spec/javascripts/fixtures/autocomplete_sources.rb |  2 +-
 spec/javascripts/fixtures/blob.rb                 |  2 +-
 spec/javascripts/fixtures/boards.rb               |  2 +-
 spec/javascripts/fixtures/branches.rb             |  2 +-
 spec/javascripts/fixtures/clusters.rb             |  2 +-
 spec/javascripts/fixtures/commit.rb               |  2 +-
 spec/javascripts/fixtures/deploy_keys.rb          |  2 +-
 spec/javascripts/fixtures/groups.rb               |  4 ++--
 spec/javascripts/fixtures/issues.rb               |  6 +++---
 spec/javascripts/fixtures/jobs.rb                 |  4 ++--
 spec/javascripts/fixtures/labels.rb               |  4 ++--
 spec/javascripts/fixtures/merge_requests.rb       |  2 +-
 spec/javascripts/fixtures/merge_requests_diffs.rb |  2 +-
 spec/javascripts/fixtures/pipeline_schedules.rb   |  4 ++--
 spec/javascripts/fixtures/pipelines.rb            |  2 +-
 spec/javascripts/fixtures/projects.rb             | 10 +++++-----
 spec/javascripts/fixtures/prometheus_service.rb   |  2 +-
 spec/javascripts/fixtures/search.rb               |  2 +-
 spec/javascripts/fixtures/services.rb             |  2 +-
 spec/javascripts/fixtures/sessions.rb             |  2 +-
 spec/javascripts/fixtures/snippet.rb              |  2 +-
 spec/javascripts/fixtures/todos.rb                |  4 ++--
 spec/javascripts/fixtures/u2f.rb                  |  4 ++--
 26 files changed, 38 insertions(+), 38 deletions(-)

diff --git a/spec/javascripts/fixtures/abuse_reports.rb b/spec/javascripts/fixtures/abuse_reports.rb
index e0aaecf626a..21356390cae 100644
--- a/spec/javascripts/fixtures/abuse_reports.rb
+++ b/spec/javascripts/fixtures/abuse_reports.rb
@@ -21,6 +21,6 @@ describe Admin::AbuseReportsController, '(JavaScript fixtures)', type: :controll
   it 'abuse_reports/abuse_reports_list.html' do
     get :index
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/admin_users.rb b/spec/javascripts/fixtures/admin_users.rb
index 22a5de66577..0209594dadc 100644
--- a/spec/javascripts/fixtures/admin_users.rb
+++ b/spec/javascripts/fixtures/admin_users.rb
@@ -23,6 +23,6 @@ describe Admin::UsersController, '(JavaScript fixtures)', type: :controller do
 
     get :new
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/application_settings.rb b/spec/javascripts/fixtures/application_settings.rb
index d4651fa6ece..38a060580c1 100644
--- a/spec/javascripts/fixtures/application_settings.rb
+++ b/spec/javascripts/fixtures/application_settings.rb
@@ -28,6 +28,6 @@ describe Admin::ApplicationSettingsController, '(JavaScript fixtures)', type: :c
 
     get :show
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/autocomplete_sources.rb b/spec/javascripts/fixtures/autocomplete_sources.rb
index b20a0159d7d..9e04328e2b9 100644
--- a/spec/javascripts/fixtures/autocomplete_sources.rb
+++ b/spec/javascripts/fixtures/autocomplete_sources.rb
@@ -34,6 +34,6 @@ describe Projects::AutocompleteSourcesController, '(JavaScript fixtures)', type:
             type_id: issue.id
         }
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/blob.rb b/spec/javascripts/fixtures/blob.rb
index 07670552cd5..ce5030efbf8 100644
--- a/spec/javascripts/fixtures/blob.rb
+++ b/spec/javascripts/fixtures/blob.rb
@@ -29,6 +29,6 @@ describe Projects::BlobController, '(JavaScript fixtures)', type: :controller do
       id: 'add-ipython-files/files/ipython/basic.ipynb'
     })
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/boards.rb b/spec/javascripts/fixtures/boards.rb
index 5835721d3d5..f257d80390f 100644
--- a/spec/javascripts/fixtures/boards.rb
+++ b/spec/javascripts/fixtures/boards.rb
@@ -23,6 +23,6 @@ describe Projects::BoardsController, '(JavaScript fixtures)', type: :controller
       project_id: project
     })
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/branches.rb b/spec/javascripts/fixtures/branches.rb
index 204aa9b7c7a..197fe42c52a 100644
--- a/spec/javascripts/fixtures/branches.rb
+++ b/spec/javascripts/fixtures/branches.rb
@@ -27,6 +27,6 @@ describe Projects::BranchesController, '(JavaScript fixtures)', type: :controlle
       project_id: project
     }
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/clusters.rb b/spec/javascripts/fixtures/clusters.rb
index 1076404e0e3..f15ef010807 100644
--- a/spec/javascripts/fixtures/clusters.rb
+++ b/spec/javascripts/fixtures/clusters.rb
@@ -29,6 +29,6 @@ describe Projects::ClustersController, '(JavaScript fixtures)', type: :controlle
       id: cluster
     }
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/commit.rb b/spec/javascripts/fixtures/commit.rb
index ff9a4bc1adc..a328c455356 100644
--- a/spec/javascripts/fixtures/commit.rb
+++ b/spec/javascripts/fixtures/commit.rb
@@ -28,6 +28,6 @@ describe Projects::CommitController, '(JavaScript fixtures)', type: :controller
 
     get :show, params: params
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/deploy_keys.rb b/spec/javascripts/fixtures/deploy_keys.rb
index 38eab853da2..fca233c6f59 100644
--- a/spec/javascripts/fixtures/deploy_keys.rb
+++ b/spec/javascripts/fixtures/deploy_keys.rb
@@ -38,6 +38,6 @@ describe Projects::DeployKeysController, '(JavaScript fixtures)', type: :control
       project_id: project
     }, format: :json
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/groups.rb b/spec/javascripts/fixtures/groups.rb
index 4d0afc3ce1a..c1bb2d43332 100644
--- a/spec/javascripts/fixtures/groups.rb
+++ b/spec/javascripts/fixtures/groups.rb
@@ -21,7 +21,7 @@ describe 'Groups (JavaScript fixtures)', type: :controller do
     it 'groups/edit.html' do
       get :edit, params: { id: group }
 
-      expect(response).to be_success
+      expect(response).to be_successful
     end
   end
 
@@ -29,7 +29,7 @@ describe 'Groups (JavaScript fixtures)', type: :controller do
     it 'groups/ci_cd_settings.html' do
       get :show, params: { group_id: group }
 
-      expect(response).to be_success
+      expect(response).to be_successful
     end
   end
 end
diff --git a/spec/javascripts/fixtures/issues.rb b/spec/javascripts/fixtures/issues.rb
index d8d77f767de..b5eb38e0023 100644
--- a/spec/javascripts/fixtures/issues.rb
+++ b/spec/javascripts/fixtures/issues.rb
@@ -48,7 +48,7 @@ describe Projects::IssuesController, '(JavaScript fixtures)', type: :controller
       project_id: project
     }
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 
   private
@@ -60,7 +60,7 @@ describe Projects::IssuesController, '(JavaScript fixtures)', type: :controller
       id: issue.to_param
     }
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
 
@@ -117,6 +117,6 @@ describe API::Issues, '(JavaScript fixtures)', type: :request do
 
     get_related_merge_requests(project.id, issue.iid, user)
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/jobs.rb b/spec/javascripts/fixtures/jobs.rb
index 46ccd6f8c8a..a3a7759c85b 100644
--- a/spec/javascripts/fixtures/jobs.rb
+++ b/spec/javascripts/fixtures/jobs.rb
@@ -39,7 +39,7 @@ describe Projects::JobsController, '(JavaScript fixtures)', type: :controller do
       id: build_with_artifacts.to_param
     }
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 
   it 'jobs/delayed.json' do
@@ -49,6 +49,6 @@ describe Projects::JobsController, '(JavaScript fixtures)', type: :controller do
       id: delayed_job.to_param
     }, format: :json
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/labels.rb b/spec/javascripts/fixtures/labels.rb
index 4d1b7317274..a312287970f 100644
--- a/spec/javascripts/fixtures/labels.rb
+++ b/spec/javascripts/fixtures/labels.rb
@@ -35,7 +35,7 @@ describe 'Labels (JavaScript fixtures)' do
         group_id: group
       }, format: 'json'
 
-      expect(response).to be_success
+      expect(response).to be_successful
     end
   end
 
@@ -52,7 +52,7 @@ describe 'Labels (JavaScript fixtures)' do
         project_id: project
       }, format: 'json'
 
-      expect(response).to be_success
+      expect(response).to be_successful
     end
   end
 end
diff --git a/spec/javascripts/fixtures/merge_requests.rb b/spec/javascripts/fixtures/merge_requests.rb
index 05860be2291..88706e96676 100644
--- a/spec/javascripts/fixtures/merge_requests.rb
+++ b/spec/javascripts/fixtures/merge_requests.rb
@@ -129,6 +129,6 @@ describe Projects::MergeRequestsController, '(JavaScript fixtures)', type: :cont
       id: merge_request.to_param
     }, format: :html
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/merge_requests_diffs.rb b/spec/javascripts/fixtures/merge_requests_diffs.rb
index 03b9b713fd8..61c694e430f 100644
--- a/spec/javascripts/fixtures/merge_requests_diffs.rb
+++ b/spec/javascripts/fixtures/merge_requests_diffs.rb
@@ -65,6 +65,6 @@ describe Projects::MergeRequests::DiffsController, '(JavaScript fixtures)', type
       **extra_params
     }, format: :json
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/pipeline_schedules.rb b/spec/javascripts/fixtures/pipeline_schedules.rb
index aecd56e6198..a70091a3919 100644
--- a/spec/javascripts/fixtures/pipeline_schedules.rb
+++ b/spec/javascripts/fixtures/pipeline_schedules.rb
@@ -28,7 +28,7 @@ describe Projects::PipelineSchedulesController, '(JavaScript fixtures)', type: :
       id: pipeline_schedule.id
     }
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 
   it 'pipeline_schedules/edit_with_variables.html' do
@@ -38,6 +38,6 @@ describe Projects::PipelineSchedulesController, '(JavaScript fixtures)', type: :
       id: pipeline_schedule_populated.id
     }
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/pipelines.rb b/spec/javascripts/fixtures/pipelines.rb
index 6b6b0eefab9..ed57eb0aa80 100644
--- a/spec/javascripts/fixtures/pipelines.rb
+++ b/spec/javascripts/fixtures/pipelines.rb
@@ -29,6 +29,6 @@ describe Projects::PipelinesController, '(JavaScript fixtures)', type: :controll
       project_id: project
     }, format: :json
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/projects.rb b/spec/javascripts/fixtures/projects.rb
index 94c59207898..91e3b65215a 100644
--- a/spec/javascripts/fixtures/projects.rb
+++ b/spec/javascripts/fixtures/projects.rb
@@ -34,7 +34,7 @@ describe 'Projects (JavaScript fixtures)', type: :controller do
         id: project
       }
 
-      expect(response).to be_success
+      expect(response).to be_successful
     end
 
     it 'projects/overview.html' do
@@ -43,7 +43,7 @@ describe 'Projects (JavaScript fixtures)', type: :controller do
         id: project_with_repo
       }
 
-      expect(response).to be_success
+      expect(response).to be_successful
     end
 
     it 'projects/edit.html' do
@@ -52,7 +52,7 @@ describe 'Projects (JavaScript fixtures)', type: :controller do
         id: project
       }
 
-      expect(response).to be_success
+      expect(response).to be_successful
     end
   end
 
@@ -63,7 +63,7 @@ describe 'Projects (JavaScript fixtures)', type: :controller do
         project_id: project
       }
 
-      expect(response).to be_success
+      expect(response).to be_successful
     end
 
     it 'projects/ci_cd_settings_with_variables.html' do
@@ -75,7 +75,7 @@ describe 'Projects (JavaScript fixtures)', type: :controller do
         project_id: project_variable_populated
       }
 
-      expect(response).to be_success
+      expect(response).to be_successful
     end
   end
 end
diff --git a/spec/javascripts/fixtures/prometheus_service.rb b/spec/javascripts/fixtures/prometheus_service.rb
index f3171fdd97b..93ee81120d7 100644
--- a/spec/javascripts/fixtures/prometheus_service.rb
+++ b/spec/javascripts/fixtures/prometheus_service.rb
@@ -29,6 +29,6 @@ describe Projects::ServicesController, '(JavaScript fixtures)', type: :controlle
       id: service.to_param
     }
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/search.rb b/spec/javascripts/fixtures/search.rb
index 22fc546d761..c26c6998ae9 100644
--- a/spec/javascripts/fixtures/search.rb
+++ b/spec/javascripts/fixtures/search.rb
@@ -12,6 +12,6 @@ describe SearchController, '(JavaScript fixtures)', type: :controller do
   it 'search/show.html' do
     get :show
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/services.rb b/spec/javascripts/fixtures/services.rb
index 2237702ccca..ee1e088f158 100644
--- a/spec/javascripts/fixtures/services.rb
+++ b/spec/javascripts/fixtures/services.rb
@@ -29,6 +29,6 @@ describe Projects::ServicesController, '(JavaScript fixtures)', type: :controlle
       id: service.to_param
     }
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/sessions.rb b/spec/javascripts/fixtures/sessions.rb
index 92b74c01c89..18574ea06b5 100644
--- a/spec/javascripts/fixtures/sessions.rb
+++ b/spec/javascripts/fixtures/sessions.rb
@@ -19,7 +19,7 @@ describe 'Sessions (JavaScript fixtures)' do
     it 'sessions/new.html' do
       get :new
 
-      expect(response).to be_success
+      expect(response).to be_successful
     end
   end
 end
diff --git a/spec/javascripts/fixtures/snippet.rb b/spec/javascripts/fixtures/snippet.rb
index ace84b14eb7..23bcdb47ac6 100644
--- a/spec/javascripts/fixtures/snippet.rb
+++ b/spec/javascripts/fixtures/snippet.rb
@@ -28,6 +28,6 @@ describe SnippetsController, '(JavaScript fixtures)', type: :controller do
 
     get(:show, params: { id: snippet.to_param })
 
-    expect(response).to be_success
+    expect(response).to be_successful
   end
 end
diff --git a/spec/javascripts/fixtures/todos.rb b/spec/javascripts/fixtures/todos.rb
index d0c8a6eca01..a7c183d2414 100644
--- a/spec/javascripts/fixtures/todos.rb
+++ b/spec/javascripts/fixtures/todos.rb
@@ -29,7 +29,7 @@ describe 'Todos (JavaScript fixtures)' do
     it 'todos/todos.html' do
       get :index
 
-      expect(response).to be_success
+      expect(response).to be_successful
     end
   end
 
@@ -48,7 +48,7 @@ describe 'Todos (JavaScript fixtures)' do
         issuable_id: issue_2.id
       }, format: 'json'
 
-      expect(response).to be_success
+      expect(response).to be_successful
     end
   end
 end
diff --git a/spec/javascripts/fixtures/u2f.rb b/spec/javascripts/fixtures/u2f.rb
index f52832b6efb..8ecbc0390cd 100644
--- a/spec/javascripts/fixtures/u2f.rb
+++ b/spec/javascripts/fixtures/u2f.rb
@@ -23,7 +23,7 @@ context 'U2F' do
 
       post :create, params: { user: { login: user.username, password: user.password } }
 
-      expect(response).to be_success
+      expect(response).to be_successful
     end
   end
 
@@ -38,7 +38,7 @@ context 'U2F' do
     it 'u2f/register.html' do
       get :show
 
-      expect(response).to be_success
+      expect(response).to be_successful
     end
   end
 end
-- 
cgit v1.2.1


From 4c2e44801f6e8860c718b34d953ff402158eb9bc Mon Sep 17 00:00:00 2001
From: Elliot Rushton <erushton@gitlab.com>
Date: Sat, 2 Mar 2019 00:40:49 +0000
Subject: Update lint.md to provide the correct path for the API

---
 doc/api/lint.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/api/lint.md b/doc/api/lint.md
index b9b49f3df27..79f5e629c7f 100644
--- a/doc/api/lint.md
+++ b/doc/api/lint.md
@@ -5,7 +5,7 @@
 Checks if your `.gitlab-ci.yml` file is valid.
 
 ```
-POST /lint
+POST /ci/lint
 ```
 
 | Attribute  | Type    | Required | Description |
-- 
cgit v1.2.1


From b20405ebc2352fe0e460d35bee7dffc334b13501 Mon Sep 17 00:00:00 2001
From: Luke Duncalfe <lduncalfe@eml.cc>
Date: Mon, 8 Jul 2019 16:39:53 +1200
Subject: Add documentation for Design Management feature

https://gitlab.com/gitlab-org/gitlab-ce/issues/64243
---
 doc/user/permissions.md                            |   2 +
 doc/user/project/issues/design_management.md       |  58 +++++++++++++++++++++
 .../project/issues/img/design_management_v12_2.png | Bin 0 -> 344504 bytes
 doc/user/project/issues/index.md                   |   6 +++
 4 files changed, 66 insertions(+)
 create mode 100644 doc/user/project/issues/design_management.md
 create mode 100644 doc/user/project/issues/img/design_management_v12_2.png

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 619cf34b5c3..238f95378b2 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -47,6 +47,7 @@ The following table depicts the various user permission levels in a project.
 | View approved/blacklisted licenses **(ULTIMATE)** | ✓       | ✓          | ✓           | ✓        | ✓      |
 | View license management reports **(ULTIMATE)**    | ✓ (*1*) | ✓          | ✓           | ✓        | ✓      |
 | View Security reports **(ULTIMATE)**              | ✓ (*1*) | ✓          | ✓           | ✓        | ✓      |
+| View [Design Management](project/issues/design_management.md) pages **(PREMIUM)** | ✓ (*1*) | ✓          | ✓           | ✓        | ✓      |
 | View project code                                 | ✓ (*1*) | ✓          | ✓           | ✓        | ✓      |
 | Pull project code                                 | ✓ (*1*) | ✓          | ✓           | ✓        | ✓      |
 | View GitLab Pages protected by [access control](project/pages/introduction.md#gitlab-pages-access-control-core-only) | ✓       | ✓          | ✓           | ✓        | ✓      |
@@ -74,6 +75,7 @@ The following table depicts the various user permission levels in a project.
 | View Error Tracking list                          |         | ✓          | ✓           | ✓        | ✓      |
 | Pull from [Maven repository](project/packages/maven_repository.md) or [NPM registry](project/packages/npm_registry.md) **(PREMIUM)** |         | ✓          | ✓           | ✓        | ✓      |
 | Publish to [Maven repository](project/packages/maven_repository.md) or [NPM registry](project/packages/npm_registry.md) **(PREMIUM)** |         |            | ✓           | ✓        | ✓      ||
+| Upload [Design Management](project/issues/design_management.md) files **(PREMIUM)** |         |            | ✓           | ✓        | ✓      |
 | Create new branches                               |         |            | ✓           | ✓        | ✓      |
 | Push to non-protected branches                    |         |            | ✓           | ✓        | ✓      |
 | Force push to non-protected branches              |         |            | ✓           | ✓        | ✓      |
diff --git a/doc/user/project/issues/design_management.md b/doc/user/project/issues/design_management.md
new file mode 100644
index 00000000000..2327fa84998
--- /dev/null
+++ b/doc/user/project/issues/design_management.md
@@ -0,0 +1,58 @@
+# Design Management **(PREMIUM)**
+
+> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/660) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.2.
+
+CAUTION: **Warning:**
+This an __alpha__ feature and is subject to change at any time without
+prior notice.
+
+## Overview
+
+Design Management allows you to upload design assets (wireframes, mockups, etc.)
+to GitLab issues and keep them stored in one single place, accessed by the Design
+Management's page within an issue, giving product designers, product managers, and engineers a
+way to collaborate on designs over one single source of truth.
+
+You can easily share mock-ups of designs with your team, or visual regressions can be easily
+viewed and addressed.
+
+<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
+For an overview, see the video [Design Management (GitLab 12.2)](https://www.youtube.com/watch?v=CCMtCqdK_aM).
+
+## Requirements
+
+Design Management requires
+[Large File Storage (LFS)](../../../workflow/lfs/manage_large_binaries_with_git_lfs.md)
+to be enabled:
+
+- For GitLab.com, LFS is already enabled.
+- For self-managed instances, a GitLab administrator must have
+  [enabled LFS globally](../../../workflow/lfs/lfs_administration.md).
+- For both GitLab.com and self-managed instances: LFS must be enabled for the project itself.
+  If enabled globally, LFS will be enabled by default to all projects. To enable LFS on the
+  project level, navigate to your project's **Settings > General**, expand **Visibility, project features, permissions**
+  and enable **Git Large File Storage**.
+
+## Limitations
+
+- Files uploaded must have a file extension of either `png`, `jpg`, `jpeg`, `gif`, `bmp`, `tiff` or `ico`. The [`svg` extension is not yet supported](https://gitlab.com/gitlab-org/gitlab-ee/issues/12771).
+- [Designs cannot yet be deleted](https://gitlab.com/gitlab-org/gitlab-ee/issues/11089).
+- Design Management is [not yet supported in the project export](https://gitlab.com/gitlab-org/gitlab-ee/issues/11090).
+
+## The Design Management page
+
+Navigate to the **Design Management** page from any issue by clicking the **Designs** tab:
+
+![Designs tab](img/design_management_v12_2.png)
+
+## Adding designs
+
+To upload design images, click the **Upload Designs** button and select images to upload.
+
+Designs with the same filename as an existing uploaded design will create a new version
+of the design, and will replace the previous version.
+
+## Viewing designs
+
+Images on the Design Management page can be enlarged by clicking on them.
+
diff --git a/doc/user/project/issues/img/design_management_v12_2.png b/doc/user/project/issues/img/design_management_v12_2.png
new file mode 100644
index 00000000000..6da747a3f21
Binary files /dev/null and b/doc/user/project/issues/img/design_management_v12_2.png differ
diff --git a/doc/user/project/issues/index.md b/doc/user/project/issues/index.md
index e917697e973..3decea9ceaa 100644
--- a/doc/user/project/issues/index.md
+++ b/doc/user/project/issues/index.md
@@ -119,6 +119,12 @@ associated label or assignee will change to match that of the new column. The en
 board can also be filtered to only include issues from a certain milestone or an overarching
 label.
 
+### Design Management **(PREMIUM)**
+
+With [Design Management](design_management.md), you can upload design
+assets to issues and view them all together to easily share and
+collaborate with your team.
+
 ### Epics **(ULTIMATE)**
 
 [Epics](../../group/epics/index.md) let you manage your portfolio of projects more
-- 
cgit v1.2.1


From 808ae2afca9bd4f51688fa6e63d81dc856d8fd30 Mon Sep 17 00:00:00 2001
From: Brett Walker <bwalker@gitlab.com>
Date: Thu, 18 Jul 2019 22:57:47 +0000
Subject: Create documentation for the manual sorting / re-ordering capability

---
 doc/user/project/issue_board.md                |  4 ++++
 doc/user/project/issues/index.md               |  3 ++-
 doc/user/project/issues/sorting_issue_lists.md | 30 ++++++++++++++++++++++++++
 3 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 doc/user/project/issues/sorting_issue_lists.md

diff --git a/doc/user/project/issue_board.md b/doc/user/project/issue_board.md
index 3eb5581912a..422e4b71424 100644
--- a/doc/user/project/issue_board.md
+++ b/doc/user/project/issue_board.md
@@ -386,6 +386,10 @@ a given board inside your GitLab instance, any time those two issues are subsequ
 loaded in any board in the same instance (could be a different project board or a different group board, for example),
 that ordering will be maintained.
 
+This ordering also affects [issue lists](issues/sorting_issue_lists.md).
+Changing the order in an issue board changes the ordering in an issue list,
+and vice versa.
+
 ### Filtering issues
 
 You should be able to use the filters on top of your Issue Board to show only
diff --git a/doc/user/project/issues/index.md b/doc/user/project/issues/index.md
index e917697e973..6509c7908e5 100644
--- a/doc/user/project/issues/index.md
+++ b/doc/user/project/issues/index.md
@@ -104,7 +104,8 @@ view, you can also make certain changes [in bulk](../bulk_editing.md) to the dis
 For more information, see the [Issue Data and Actions](issue_data_and_actions.md) page
 for a rundown of all the fields and information in an issue.
 
-For sorting by issue priority, see [Label Priority](../labels.md#label-priority).
+You can sort a list of issues several ways, including by issue creation date, milestone due date,
+etc. For more information, see the [Sorting and Ordering Issue Lists](sorting_issue_lists.md) page.
 
 ### Issue boards
 
diff --git a/doc/user/project/issues/sorting_issue_lists.md b/doc/user/project/issues/sorting_issue_lists.md
new file mode 100644
index 00000000000..ba120783430
--- /dev/null
+++ b/doc/user/project/issues/sorting_issue_lists.md
@@ -0,0 +1,30 @@
+# Sorting and Ordering Issue Lists
+
+You can sort a list of issues several ways, including by issue creation date, milestone due date,
+etc. The available sorting options can change based on the context of the list.
+For sorting by issue priority, see [Label Priority](../labels.md#label-priority).
+
+In group and project issue lists, it is also possible to order issues manually,
+similar to [issue boards](../issue_board.md#issue-ordering-in-a-list).
+
+## Manual sorting
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/62178) in GitLab 12.1.
+
+When you select **Manual** sorting, you can change
+the order by dragging and dropping the issues. The changed order will persist. Everyone who visits the same list will see the reordered list, with some exceptions.
+
+Each issue is assigned a relative order value, representing its relative
+order with respect to the other issues in the list. When you drag-and-drop reorder 
+an issue, its relative order value changes accordingly.
+
+In addition, any time that issue appears in a manually sorted list,
+the updated relative order value will be used for the ordering.  This means that
+if issue `A` is drag-and-drop reordered to be above issue `B` by any user in
+a given list inside your GitLab instance, any time those two issues are subsequently
+loaded in any list in the same instance (could be a different project issue list or a 
+different group issue list, for example), that ordering will be maintained.
+
+This ordering also affects [issue boards](../issue_board.md#issue-ordering-in-a-list).
+Changing the order in an issue list changes the ordering in an issue board,
+and vice versa.
-- 
cgit v1.2.1


From d8c18bb964e42cea2337f95c59c0a382b9f91a12 Mon Sep 17 00:00:00 2001
From: Eugenia Grieff <egrieff@gitlab.com>
Date: Thu, 18 Jul 2019 23:29:58 +0000
Subject: Add documentation page for bulk editing group issue milestones

- Add new page to group docs for bulk editing issues
- Add link to new section to group index
- Amend bulk editing page at a project level to remove issues from note
---
 doc/user/group/bulk_editing/img/bulk-editing.png | Bin 0 -> 100007 bytes
 doc/user/group/bulk_editing/index.md             |  22 ++++++++++++++++++++++
 doc/user/group/index.md                          |   4 ++++
 doc/user/project/bulk_editing.md                 |  23 +++++++++++++++--------
 4 files changed, 41 insertions(+), 8 deletions(-)
 create mode 100644 doc/user/group/bulk_editing/img/bulk-editing.png
 create mode 100644 doc/user/group/bulk_editing/index.md

diff --git a/doc/user/group/bulk_editing/img/bulk-editing.png b/doc/user/group/bulk_editing/img/bulk-editing.png
new file mode 100644
index 00000000000..d08503dc312
Binary files /dev/null and b/doc/user/group/bulk_editing/img/bulk-editing.png differ
diff --git a/doc/user/group/bulk_editing/index.md b/doc/user/group/bulk_editing/index.md
new file mode 100644
index 00000000000..117a46da0ea
--- /dev/null
+++ b/doc/user/group/bulk_editing/index.md
@@ -0,0 +1,22 @@
+# Bulk editing issue milestones **(PREMIUM)**
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/7249) in
+[GitLab Ultimate](https://about.gitlab.com/pricing/) 12.1.
+
+NOTE: **Note:**
+A permission level of `Reporter` or higher is required in order to manage issues.
+
+Milestones can be updated simultaneously across multiple issues by using the bulk editing feature.
+
+![Bulk editing](img/bulk-editing.png)
+
+To bulk update group issue milestones:
+
+1. Navigate to the issues list.
+1. Click **Edit issues**.
+    - This will open a sidebar on the right-hand side of your screen where an editable field
+  for milestones will be displayed.
+    - Checkboxes will also appear beside each issue.
+1. Check the checkbox beside each issue to be edited.
+1. Select the desired milestone from the sidebar.
+1. Click **Update all**.
diff --git a/doc/user/group/index.md b/doc/user/group/index.md
index db348c678eb..7597105f36f 100644
--- a/doc/user/group/index.md
+++ b/doc/user/group/index.md
@@ -78,6 +78,10 @@ Issues and merge requests are part of projects. For a given group, you can view
 [issues](../project/issues/index.md#issues-list) and [merge requests](../project/merge_requests/index.md#merge-requests-per-group) across all projects in that group,
 together in a single list view.
 
+### Bulk editing issues
+
+For details, see [bulk editing issues](../group/bulk_editing/index.md).
+
 ## Create a new group
 
 > For a list of words that are not allowed to be used as group names see the
diff --git a/doc/user/project/bulk_editing.md b/doc/user/project/bulk_editing.md
index d0c7daf4692..1783f81df3a 100644
--- a/doc/user/project/bulk_editing.md
+++ b/doc/user/project/bulk_editing.md
@@ -13,13 +13,20 @@ by using the bulk editing feature.
 ![Bulk editing](img/bulk-editing.png)
 
 NOTE: **Note:**
-Bulk editing of issues and merge requests is only available at the project level.
+Bulk editing of merge requests is only available at the project level.
+For more details, see [bulk editing group issues](../group/bulk_editing/index.md).
 
-To update multiple project issues or merge requests at the same time, navigate to
-their respective lists and click **Edit issues** or **Edit merge requests** available
-in the tab bar. This will open a sidebar on the right-hand side of your screen
-where editable fields will be displayed. Checkboxes will also appear to the left-hand
-side of eachissue or merge request for you to select the items you want to update.
+To update multiple project issues or merge requests at the same time:
 
-Once you have selected all relevant items, choose the appropriate fields and their
-values from the sidebar and click **Update all** to apply your changes.
+1. Navigate to their respective list.
+
+1. Click **Edit issues** or **Edit merge requests**.
+
+    - This will open a sidebar on the right-hand side of your screen
+    where editable fields will be displayed.
+
+    - Checkboxes will also appear beside each issue or merge request.
+
+1. Check the checkboxes of each items to be edited.
+1. Choose the appropriate fields and their values from the sidebar.
+1. Click **Update all**.
-- 
cgit v1.2.1


From 663bac70c6a3db007c707eee8f59315a9a17c7ba Mon Sep 17 00:00:00 2001
From: Russell Dickenson <rdickenson@gitlab.com>
Date: Thu, 18 Jul 2019 23:50:19 +0000
Subject: Added mention of autocomplete characters

---
 doc/user/project/quick_actions.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/doc/user/project/quick_actions.md b/doc/user/project/quick_actions.md
index 948ac91a886..f81669a41c9 100644
--- a/doc/user/project/quick_actions.md
+++ b/doc/user/project/quick_actions.md
@@ -59,6 +59,12 @@ discussions, and descriptions:
 | `/create_merge_request <branch name>` | Create a new merge request starting from the current issue | ✓ | |
 | `/relate #issue1 #issue2`  | Mark issues as related **(STARTER)** | ✓     |               |
 
+## Autocomplete characters
+
+Many quick actions require a parameter, for example: username, milestone, and
+label. [Autocomplete characters](autocomplete_characters.md) can make it easier
+to enter a parameter, compared to selecting items from a list.
+
 ## Quick actions for commit messages
 
 The following quick actions are applicable for commit messages:
-- 
cgit v1.2.1


From 3e864ecb83c830de794239cc47a8827301622116 Mon Sep 17 00:00:00 2001
From: Russell Dickenson <rdickenson@gitlab.com>
Date: Thu, 18 Jul 2019 23:55:17 +0000
Subject: Added mention of Quick actions

---
 doc/user/project/issues/managing_issues.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/doc/user/project/issues/managing_issues.md b/doc/user/project/issues/managing_issues.md
index 709588959c1..e9b4e591384 100644
--- a/doc/user/project/issues/managing_issues.md
+++ b/doc/user/project/issues/managing_issues.md
@@ -7,7 +7,9 @@ you can do with issues.
 
 ## Create a new Issue
 
-When you create a new issue, you'll be prompted to fill in the [data and fields of the issue](issue_data_and_actions.md#parts-of-an-issue), as illustrated below.
+When you create a new issue, you'll be prompted to fill in the [data and fields of the issue](issue_data_and_actions.md#parts-of-an-issue), as illustrated below. If you know
+the values you want to assign to an issue, you can use the [Quick actions](../quick_actions.md)
+feature to input values, instead of selecting them from lists.
 
 ![New issue from the issues list](img/new_issue.png)
 
-- 
cgit v1.2.1


From e6c44d52a221bdb5034c20751a91e91b2d45406c Mon Sep 17 00:00:00 2001
From: Winnie Hellmann <winnie@gitlab.com>
Date: Fri, 19 Jul 2019 01:12:14 +0000
Subject: Remove gitlab:ui:visual job

---
 .gitlab/ci/frontend.gitlab-ci.yml | 31 -------------------------------
 1 file changed, 31 deletions(-)

diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml
index 22999a9d6b4..73d45d10b01 100644
--- a/.gitlab/ci/frontend.gitlab-ci.yml
+++ b/.gitlab/ci/frontend.gitlab-ci.yml
@@ -113,37 +113,6 @@ compile-assets pull-cache:
       - master@gitlab-org/gitlab-ee
       - /(^docs[\/-].*|.*-docs$)/
 
-gitlab:ui:visual:
-  extends: .dedicated-runner
-  before_script: []
-  allow_failure: true
-  dependencies:
-    - compile-assets
-    - compile-assets pull-cache
-  script:
-    # Remove node modules from GitLab that may conflict with gitlab-ui
-    - rm -r node_modules
-    - git clone https://gitlab.com/gitlab-org/gitlab-ui.git
-    - cp public/assets/application-*.css gitlab-ui/styles/application.css
-    - cd gitlab-ui
-    - yarn install
-    - CSS_URL=./application.css yarn test
-  only:
-    changes:
-      - app/assets/stylesheets/*.scss
-      - app/assets/stylesheets/**/*.scss
-      - app/assets/stylesheets/**/**/*.scss
-  except:
-    refs:
-      - /(^docs[\/-].*|.*-docs$)/
-      - master
-    variables:
-      - $CI_COMMIT_MESSAGE =~ /\[skip visual\]/i
-  artifacts:
-    paths:
-      - gitlab-ui/tests/__image_snapshots__/
-    when: always
-
 karma:
   extends: .dedicated-no-docs-pull-cache-job
   <<: *use-pg
-- 
cgit v1.2.1


From 41fc4d1e449dedbc417b3ee57ca9e1e8e77bd18c Mon Sep 17 00:00:00 2001
From: Tiger <twatson@gitlab.com>
Date: Wed, 10 Jul 2019 13:55:32 +1000
Subject: Introduce predictable environment slugs

If an environment slug is predictable given only the environment
name, we can use the environment slug earlier in the CI variable
evaluation process as we don't have to wait for the environment
record itself to be persisted.
---
 app/models/environment.rb                          | 47 +-----------------
 .../64295-predictable-environment-slugs.yml        |  5 ++
 lib/gitlab/slug/environment.rb                     | 58 ++++++++++++++++++++++
 spec/lib/gitlab/slug/environment_spec.rb           | 38 ++++++++++++++
 spec/models/environment_spec.rb                    | 26 ----------
 5 files changed, 103 insertions(+), 71 deletions(-)
 create mode 100644 changelogs/unreleased/64295-predictable-environment-slugs.yml
 create mode 100644 lib/gitlab/slug/environment.rb
 create mode 100644 spec/lib/gitlab/slug/environment_spec.rb

diff --git a/app/models/environment.rb b/app/models/environment.rb
index b8ee54c1696..392481ea0cc 100644
--- a/app/models/environment.rb
+++ b/app/models/environment.rb
@@ -4,11 +4,6 @@ class Environment < ApplicationRecord
   include Gitlab::Utils::StrongMemoize
   include ReactiveCaching
 
-  # Used to generate random suffixes for the slug
-  LETTERS = ('a'..'z').freeze
-  NUMBERS = ('0'..'9').freeze
-  SUFFIX_CHARS = LETTERS.to_a + NUMBERS.to_a
-
   belongs_to :project, required: true
 
   has_many :deployments, -> { success }, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
@@ -203,40 +198,6 @@ class Environment < ApplicationRecord
     super.presence || generate_slug
   end
 
-  # An environment name is not necessarily suitable for use in URLs, DNS
-  # or other third-party contexts, so provide a slugified version. A slug has
-  # the following properties:
-  #   * contains only lowercase letters (a-z), numbers (0-9), and '-'
-  #   * begins with a letter
-  #   * has a maximum length of 24 bytes (OpenShift limitation)
-  #   * cannot end with `-`
-  def generate_slug
-    # Lowercase letters and numbers only
-    slugified = +name.to_s.downcase.gsub(/[^a-z0-9]/, '-')
-
-    # Must start with a letter
-    slugified = 'env-' + slugified unless LETTERS.cover?(slugified[0])
-
-    # Repeated dashes are invalid (OpenShift limitation)
-    slugified.gsub!(/\-+/, '-')
-
-    # Maximum length: 24 characters (OpenShift limitation)
-    slugified = slugified[0..23]
-
-    # Cannot end with a dash (Kubernetes label limitation)
-    slugified.chop! if slugified.end_with?('-')
-
-    # Add a random suffix, shortening the current string if necessary, if it
-    # has been slugified. This ensures uniqueness.
-    if slugified != name
-      slugified = slugified[0..16]
-      slugified << '-' unless slugified.end_with?('-')
-      slugified << random_suffix
-    end
-
-    self.slug = slugified
-  end
-
   def external_url_for(path, commit_sha)
     return unless self.external_url
 
@@ -274,11 +235,7 @@ class Environment < ApplicationRecord
 
   private
 
-  # Slugifying a name may remove the uniqueness guarantee afforded by it being
-  # based on name (which must be unique). To compensate, we add a random
-  # 6-byte suffix in those circumstances. This is not *guaranteed* uniqueness,
-  # but the chance of collisions is vanishingly small
-  def random_suffix
-    (0..5).map { SUFFIX_CHARS.sample }.join
+  def generate_slug
+    self.slug = Gitlab::Slug::Environment.new(name).generate
   end
 end
diff --git a/changelogs/unreleased/64295-predictable-environment-slugs.yml b/changelogs/unreleased/64295-predictable-environment-slugs.yml
new file mode 100644
index 00000000000..de581b2b8e1
--- /dev/null
+++ b/changelogs/unreleased/64295-predictable-environment-slugs.yml
@@ -0,0 +1,5 @@
+---
+title: Use predictable environment slugs
+merge_request: 30551
+author:
+type: added
diff --git a/lib/gitlab/slug/environment.rb b/lib/gitlab/slug/environment.rb
new file mode 100644
index 00000000000..1b87d3bb626
--- /dev/null
+++ b/lib/gitlab/slug/environment.rb
@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+
+# An environment name is not necessarily suitable for use in URLs, DNS
+# or other third-party contexts, so provide a slugified version. A slug has
+# the following properties:
+#   * contains only lowercase letters (a-z), numbers (0-9), and '-'
+#   * begins with a letter
+#   * has a maximum length of 24 bytes (OpenShift limitation)
+#   * cannot end with `-`
+module Gitlab
+  module Slug
+    class Environment
+      attr_reader :name
+
+      def initialize(name)
+        @name = name
+      end
+
+      def generate
+        # Lowercase letters and numbers only
+        slugified = name.to_s.downcase.gsub(/[^a-z0-9]/, '-')
+
+        # Must start with a letter
+        slugified = 'env-' + slugified unless slugified.match?(/^[a-z]/)
+
+        # Repeated dashes are invalid (OpenShift limitation)
+        slugified.squeeze!('-')
+
+        slugified =
+          if slugified.size > 24 || slugified != name
+            # Maximum length: 24 characters (OpenShift limitation)
+            shorten_and_add_suffix(slugified)
+          else
+            # Cannot end with a dash (Kubernetes label limitation)
+            slugified.chomp('-')
+          end
+
+        slugified
+      end
+
+      private
+
+      def shorten_and_add_suffix(slug)
+        slug = slug[0..16]
+        slug << '-' unless slug.ends_with?('-')
+        slug << suffix
+      end
+
+      # Slugifying a name may remove the uniqueness guarantee afforded by it being
+      # based on name (which must be unique). To compensate, we add a predictable
+      # 6-byte suffix in those circumstances. This is not *guaranteed* uniqueness,
+      # but the chance of collisions is vanishingly small
+      def suffix
+        Digest::SHA2.hexdigest(name.to_s).to_i(16).to_s(36).last(6)
+      end
+    end
+  end
+end
diff --git a/spec/lib/gitlab/slug/environment_spec.rb b/spec/lib/gitlab/slug/environment_spec.rb
new file mode 100644
index 00000000000..7dc583a94b8
--- /dev/null
+++ b/spec/lib/gitlab/slug/environment_spec.rb
@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::Slug::Environment do
+  describe '#generate' do
+    {
+      "staging-12345678901234567" => "staging-123456789-q517sa",
+      "9-staging-123456789012345" => "env-9-staging-123-q517sa",
+      "staging-1234567890123456"  => "staging-1234567890123456",
+      "staging-1234567890123456-" => "staging-123456789-q517sa",
+      "production"                => "production",
+      "PRODUCTION"                => "production-q517sa",
+      "review/1-foo"              => "review-1-foo-q517sa",
+      "1-foo"                     => "env-1-foo-q517sa",
+      "1/foo"                     => "env-1-foo-q517sa",
+      "foo-"                      => "foo",
+      "foo--bar"                  => "foo-bar-q517sa",
+      "foo**bar"                  => "foo-bar-q517sa",
+      "*-foo"                     => "env-foo-q517sa",
+      "staging-12345678-"         => "staging-12345678",
+      "staging-12345678-01234567" => "staging-12345678-q517sa",
+      ""                          => "env-q517sa",
+      nil                         => "env-q517sa"
+    }.each do |name, matcher|
+      before do
+        # ('a' * 64).to_i(16).to_s(36).last(6) gives 'q517sa'
+        allow(Digest::SHA2).to receive(:hexdigest).with(name).and_return('a' * 64)
+      end
+
+      it "returns a slug matching #{matcher}, given #{name}" do
+        slug = described_class.new(name).generate
+
+        expect(slug).to match(/\A#{matcher}\z/)
+      end
+    end
+  end
+end
diff --git a/spec/models/environment_spec.rb b/spec/models/environment_spec.rb
index fe4d64818b4..ce0681c4331 100644
--- a/spec/models/environment_spec.rb
+++ b/spec/models/environment_spec.rb
@@ -762,32 +762,6 @@ describe Environment, :use_clean_rails_memory_store_caching do
     end
   end
 
-  describe '#generate_slug' do
-    SUFFIX = "-[a-z0-9]{6}".freeze
-    {
-      "staging-12345678901234567" => "staging-123456789" + SUFFIX,
-      "9-staging-123456789012345" => "env-9-staging-123" + SUFFIX,
-      "staging-1234567890123456"  => "staging-1234567890123456",
-      "production"                => "production",
-      "PRODUCTION"                => "production" + SUFFIX,
-      "review/1-foo"              => "review-1-foo" + SUFFIX,
-      "1-foo"                     => "env-1-foo" + SUFFIX,
-      "1/foo"                     => "env-1-foo" + SUFFIX,
-      "foo-"                      => "foo" + SUFFIX,
-      "foo--bar"                  => "foo-bar" + SUFFIX,
-      "foo**bar"                  => "foo-bar" + SUFFIX,
-      "*-foo"                     => "env-foo" + SUFFIX,
-      "staging-12345678-"         => "staging-12345678" + SUFFIX,
-      "staging-12345678-01234567" => "staging-12345678" + SUFFIX
-    }.each do |name, matcher|
-      it "returns a slug matching #{matcher}, given #{name}" do
-        slug = described_class.new(name: name).generate_slug
-
-        expect(slug).to match(/\A#{matcher}\z/)
-      end
-    end
-  end
-
   describe '#ref_path' do
     subject(:environment) do
       create(:environment, name: 'staging / review-1')
-- 
cgit v1.2.1


From 317c787ea8cef306e266d8c46e77bcc029ae45f8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Eduardo=20Mej=C3=ADa?= <eduar.mreyes@gmail.com>
Date: Fri, 19 Jul 2019 01:44:05 +0000
Subject: add stub to the boardsStore to spy on it and be able to use
 toHaveBeenCalledWith for the pre-defined labels test

---
 .../boards/components/board_blank_state.vue           | 11 +++++++----
 changelogs/unreleased/fe-delete-old-boardservice.yml  |  6 ++++++
 spec/javascripts/boards/board_blank_state_spec.js     | 19 ++++++++++++-------
 3 files changed, 25 insertions(+), 11 deletions(-)
 create mode 100644 changelogs/unreleased/fe-delete-old-boardservice.yml

diff --git a/app/assets/javascripts/boards/components/board_blank_state.vue b/app/assets/javascripts/boards/components/board_blank_state.vue
index d8b0b60c183..9f26337d153 100644
--- a/app/assets/javascripts/boards/components/board_blank_state.vue
+++ b/app/assets/javascripts/boards/components/board_blank_state.vue
@@ -1,6 +1,6 @@
 <script>
 import { __ } from '~/locale';
-/* global ListLabel */
+import ListLabel from '~/boards/models/label';
 import Cookies from 'js-cookie';
 import boardsStore from '../stores/boards_store';
 
@@ -30,13 +30,17 @@ export default {
       });
 
       // Save the labels
-      gl.boardService
+      boardsStore
         .generateDefaultLists()
         .then(res => res.data)
         .then(data => {
           data.forEach(listObj => {
             const list = boardsStore.findList('title', listObj.title);
 
+            if (!list) {
+              return;
+            }
+
             list.id = listObj.id;
             list.label.id = listObj.label.id;
             list.getIssues().catch(() => {
@@ -69,8 +73,7 @@ export default {
         <span
           :style="{ backgroundColor: label.color }"
           class="label-color position-relative d-inline-block rounded"
-        >
-        </span>
+        ></span>
         {{ label.title }}
       </li>
     </ul>
diff --git a/changelogs/unreleased/fe-delete-old-boardservice.yml b/changelogs/unreleased/fe-delete-old-boardservice.yml
new file mode 100644
index 00000000000..bb06bfe80d5
--- /dev/null
+++ b/changelogs/unreleased/fe-delete-old-boardservice.yml
@@ -0,0 +1,6 @@
+---
+title: Change BoardService in favor of boardsStore on board blank state of the component
+  board
+merge_request: 30546
+author: eduarmreyes
+type: other
diff --git a/spec/javascripts/boards/board_blank_state_spec.js b/spec/javascripts/boards/board_blank_state_spec.js
index 8e2a947b0dd..b64859ec32a 100644
--- a/spec/javascripts/boards/board_blank_state_spec.js
+++ b/spec/javascripts/boards/board_blank_state_spec.js
@@ -1,7 +1,6 @@
 import Vue from 'vue';
 import boardsStore from '~/boards/stores/boards_store';
 import BoardBlankState from '~/boards/components/board_blank_state.vue';
-import { mockBoardService } from './mock_data';
 
 describe('Boards blank state', () => {
   let vm;
@@ -11,9 +10,10 @@ describe('Boards blank state', () => {
     const Comp = Vue.extend(BoardBlankState);
 
     boardsStore.create();
-    gl.boardService = mockBoardService();
 
-    spyOn(gl.boardService, 'generateDefaultLists').and.callFake(
+    spyOn(boardsStore, 'addList').and.stub();
+    spyOn(boardsStore, 'removeList').and.stub();
+    spyOn(boardsStore, 'generateDefaultLists').and.callFake(
       () =>
         new Promise((resolve, reject) => {
           if (fail) {
@@ -71,9 +71,14 @@ describe('Boards blank state', () => {
     vm.$el.querySelector('.btn-success').click();
 
     setTimeout(() => {
-      expect(boardsStore.state.lists.length).toBe(2);
-      expect(boardsStore.state.lists[0].title).toEqual('To Do');
-      expect(boardsStore.state.lists[1].title).toEqual('Doing');
+      expect(boardsStore.addList).toHaveBeenCalledTimes(2);
+      expect(boardsStore.addList).toHaveBeenCalledWith(
+        jasmine.objectContaining({ title: 'To Do' }),
+      );
+
+      expect(boardsStore.addList).toHaveBeenCalledWith(
+        jasmine.objectContaining({ title: 'Doing' }),
+      );
 
       done();
     });
@@ -86,7 +91,7 @@ describe('Boards blank state', () => {
 
     setTimeout(() => {
       expect(boardsStore.welcomeIsHidden()).toBeFalsy();
-      expect(boardsStore.state.lists.length).toBe(1);
+      expect(boardsStore.removeList).toHaveBeenCalledWith(undefined, 'label');
 
       done();
     });
-- 
cgit v1.2.1


From 0923fbf75be44770b8ce01321cd304662e15d5d5 Mon Sep 17 00:00:00 2001
From: Achilleas Pipinellis <axil@gitlab.com>
Date: Fri, 19 Jul 2019 01:47:39 +0000
Subject: Clean up Gitaly admin docs

- Add missing path to Gitaly configuration
- Properly list steps for Gitaly configurations
- Move sections around
---
 doc/administration/gitaly/index.md | 670 ++++++++++++++++++++-----------------
 1 file changed, 359 insertions(+), 311 deletions(-)

diff --git a/doc/administration/gitaly/index.md b/doc/administration/gitaly/index.md
index 4407facfca9..0ef88a26ab9 100644
--- a/doc/administration/gitaly/index.md
+++ b/doc/administration/gitaly/index.md
@@ -2,45 +2,35 @@
 
 [Gitaly](https://gitlab.com/gitlab-org/gitaly) is the service that
 provides high-level RPC access to Git repositories. Without it, no other
-components can read or write Git data.
+components can read or write Git data. GitLab components that access Git
+repositories (gitlab-rails, gitlab-shell, gitlab-workhorse, etc.) act as clients
+to Gitaly. End users do not have direct access to Gitaly.
 
-GitLab components that access Git repositories (gitlab-rails,
-gitlab-shell, gitlab-workhorse) act as clients to Gitaly. End users do
-not have direct access to Gitaly.
+In the rest of this page, Gitaly server is referred to the standalone node that
+only runs Gitaly, and Gitaly client to the GitLab Rails node that runs all other
+processes except Gitaly.
 
 ## Configuring Gitaly
 
 The Gitaly service itself is configured via a TOML configuration file.
-This file is documented [in the gitaly
+This file is documented [in the Gitaly
 repository](https://gitlab.com/gitlab-org/gitaly/blob/master/doc/configuration/README.md).
 
-To change a Gitaly setting in Omnibus you can use
-`gitaly['my_setting']` in `/etc/gitlab/gitlab.rb`. Changes will be applied
-when you run `gitlab-ctl reconfigure`.
+In case you want to change some of its settings:
 
-```ruby
-gitaly['prometheus_listen_addr'] = 'localhost:9236'
-```
-
-To change a Gitaly setting in installations from source you can edit
-`/home/git/gitaly/config.toml`. Changes will be applied when you run
-`service gitlab restart`.
+**For Omnibus GitLab**
 
-```toml
-prometheus_listen_addr = "localhost:9236"
-```
+1. Edit `/etc/gitlab/gitlab.rb` and add or change the [Gitaly settings](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/1dd07197c7e5ae23626aad5a4a070a800b670380/files/gitlab-config-template/gitlab.rb.template#L1622-1676).
+1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure).
 
-## Client-side GRPC logs
+**For installations from source**
 
-Gitaly uses the [gRPC](https://grpc.io/) RPC framework. The Ruby gRPC
-client has its own log file which may contain useful information when
-you are seeing Gitaly errors. You can control the log level of the
-gRPC client with the `GRPC_LOG_LEVEL` environment variable. The
-default level is `WARN`.
+1. Edit `/home/git/gitaly/config.toml` and add or change the [Gitaly settings](https://gitlab.com/gitlab-org/gitaly/blob/master/config.toml.example).
+1. Save the file and [restart GitLab](../restart_gitlab.md#installations-from-source).
 
 ## Running Gitaly on its own server
 
-> This is an optional way to deploy Gitaly which can benefit GitLab
+This is an optional way to deploy Gitaly which can benefit GitLab
 installations that are larger than a single machine. Most
 installations will be better served with the default configuration
 used by Omnibus and the GitLab source installation guide.
@@ -53,76 +43,78 @@ But since 11.8 the indexer uses Gitaly for data access as well. NFS can still
 be leveraged for redudancy on block level of the Git data. But only has to
 be mounted on the Gitaly server.
 
-NOTE: **Note:** While Gitaly can be used as a replacement for NFS, we do not recommend
-using EFS as it may impact GitLab's performance. Please review the [relevant documentation](../high_availability/nfs.md#avoid-using-awss-elastic-file-system-efs)
+NOTE: **Note:** While Gitaly can be used as a replacement for NFS, it's not recommended
+to use EFS as it may impact GitLab's performance. Review the [relevant documentation](../high_availability/nfs.md#avoid-using-awss-elastic-file-system-efs)
 for more details.
 
 ### Network architecture
 
--   gitlab-rails shards repositories into "repository storages"
--   `gitlab-rails/config/gitlab.yml` contains a map from storage names to
-    (Gitaly address, Gitaly token) pairs
--   the `storage name` -\> `(Gitaly address, Gitaly token)` map in
-    `gitlab.yml` is the single source of truth for the Gitaly network
-    topology
--   a (Gitaly address, Gitaly token) corresponds to a Gitaly server
--   a Gitaly server hosts one or more storages
--   Gitaly addresses must be specified in such a way that they resolve
-    correctly for ALL Gitaly clients
--   Gitaly clients are: unicorn, sidekiq, gitlab-workhorse,
-    gitlab-shell, Elasticsearch Indexer, and Gitaly itself
--   special case: a Gitaly server must be able to make RPC calls **to
-    itself** via its own (Gitaly address, Gitaly token) pair as
-    specified in `gitlab-rails/config/gitlab.yml`
--   Gitaly servers must not be exposed to the public internet
-
-Gitaly network traffic is unencrypted by default, but supports
-[TLS](#tls-support). Authentication is done through a static token.
-
-NOTE: **Note:** Gitaly network traffic is unencrypted so we recommend a firewall to
-restrict access to your Gitaly server.
+The following list depicts what the network architecture of Gitaly is:
+
+- GitLab Rails shards repositories into [repository storages](../repository_storage_paths.md).
+- `/config/gitlab.yml` contains a map from storage names to
+  `(Gitaly address, Gitaly token)` pairs.
+- the `storage name` -\> `(Gitaly address, Gitaly token)` map in
+  `/config/gitlab.yml` is the single source of truth for the Gitaly network
+  topology.
+- A `(Gitaly address, Gitaly token)` corresponds to a Gitaly server.
+- A Gitaly server hosts one or more storages.
+- Gitaly addresses must be specified in such a way that they resolve
+  correctly for ALL Gitaly clients.
+- Gitaly clients are: Unicorn, Sidekiq, gitlab-workhorse,
+  gitlab-shell, Elasticsearch Indexer, and Gitaly itself.
+- A Gitaly server must be able to make RPC calls **to itself** via its own
+  `(Gitaly address, Gitaly token)` pair as specified in `/config/gitlab.yml`.
+- Gitaly servers must not be exposed to the public internet as Gitaly's network
+  traffic is unencrypted by default. The use of firewall is highly recommended
+  to restrict access to the Gitaly server. Another option is to
+  [use TLS](#tls-support).
+- Authentication is done through a static token which is shared among the Gitaly
+  and GitLab Rails nodes.
 
 Below we describe how to configure a Gitaly server at address
 `gitaly.internal:8075` with secret token `abc123secret`. We assume
 your GitLab installation has two repository storages, `default` and
 `storage1`.
 
-### Installation
+### 1. Installation
 
-First install Gitaly using either Omnibus or from source.
+First install Gitaly using either Omnibus GitLab or install it from source:
 
-Omnibus: [Download/install](https://about.gitlab.com/install/) the Omnibus GitLab
-package you want using **steps 1 and 2** from the GitLab downloads page but
-**_do not_** provide the `EXTERNAL_URL=` value.
+- For Omnibus GitLab: [Download/install](https://about.gitlab.com/install/) the Omnibus GitLab
+  package you want using **steps 1 and 2** from the GitLab downloads page but
+  **_do not_** provide the `EXTERNAL_URL=` value.
+- From source: [Install Gitaly](../../install/installation.md#install-gitaly).
 
-Source: [Install Gitaly](../../install/installation.md#install-gitaly)
+### 2. Client side token configuration
 
-### Client side token configuration
+Configure a token on the instance that runs the GitLab Rails application.
 
-Configure a token on the client side.
+**For Omnibus GitLab**
 
-Omnibus installations:
+1. On the client node(s), edit `/etc/gitlab/gitlab.rb`:
 
-```ruby
-# /etc/gitlab/gitlab.rb
-gitlab_rails['gitaly_token'] = 'abc123secret'
-```
+   ```ruby
+   gitlab_rails['gitaly_token'] = 'abc123secret'
+   ```
 
-Source installations:
+1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure).
 
-```yaml
-# /home/git/gitlab/config/gitlab.yml
-gitlab:
-  gitaly:
-    token: 'abc123secret'
-```
+**For installations from source**
+
+1. On the client node(s), edit `/home/git/gitlab/config/gitlab.yml`:
+
+   ```yaml
+   gitlab:
+     gitaly:
+       token: 'abc123secret'
+   ```
 
-You need to reconfigure (Omnibus) or restart (source) for these
-changes to be picked up.
+1. Save the file and [restart GitLab](../restart_gitlab.md#installations-from-source).
 
-### Gitaly server configuration
+### 3. Gitaly server configuration
 
-Next, on the Gitaly server, we need to configure storage paths, enable
+Next, on the Gitaly server, you need to configure storage paths, enable
 the network listener and configure the token.
 
 NOTE: **Note:** if you want to reduce the risk of downtime when you enable
@@ -137,88 +129,99 @@ the Gitaly server. The easiest way to accomplish this is to copy `/etc/gitlab/gi
 from an existing GitLab server to the Gitaly server. Without this shared secret,
 Git operations in GitLab will result in an API error.
 
-NOTE: **Note:** In most or all cases the storage paths below end in `/repositories` which is
-different than `path` in `git_data_dirs` of Omnibus installations. Check the
-directory layout on your Gitaly server to be sure.
-
-Omnibus installations:
-
-<!--
-updates to following example must also be made at
-https://gitlab.com/charts/gitlab/blob/master/doc/advanced/external-gitaly/external-omnibus-gitaly.md#configure-omnibus-gitlab
--->
-
-```ruby
-# /etc/gitlab/gitlab.rb
-
-# Avoid running unnecessary services on the Gitaly server
-postgresql['enable'] = false
-redis['enable'] = false
-nginx['enable'] = false
-prometheus['enable'] = false
-unicorn['enable'] = false
-sidekiq['enable'] = false
-gitlab_workhorse['enable'] = false
-
-# Prevent database connections during 'gitlab-ctl reconfigure'
-gitlab_rails['rake_cache_clear'] = false
-gitlab_rails['auto_migrate'] = false
-
-# Configure the gitlab-shell API callback URL. Without this, `git push` will
-# fail. This can be your 'front door' GitLab URL or an internal load
-# balancer.
-# Don't forget to copy `/etc/gitlab/gitlab-secrets.json` from web server to Gitaly server.
-gitlab_rails['internal_api_url'] = 'https://gitlab.example.com'
-
-# Make Gitaly accept connections on all network interfaces. You must use
-# firewalls to restrict access to this address/port.
-gitaly['listen_addr'] = "0.0.0.0:8075"
-gitaly['auth_token'] = 'abc123secret'
-
-gitaly['storage'] = [
-  { 'name' => 'default', 'path' => '/mnt/gitlab/default/repositories' },
-  { 'name' => 'storage1', 'path' => '/mnt/gitlab/storage1/repositories' },
-]
-
-# To use TLS for Gitaly you need to add
-gitaly['tls_listen_addr'] = "0.0.0.0:9999"
-gitaly['certificate_path'] = "path/to/cert.pem"
-gitaly['key_path'] = "path/to/key.pem"
-```
+NOTE: **Note:**
+In most or all cases, the storage paths below end in `/repositories` which is
+not that case with `path` in `git_data_dirs` of Omnibus GitLab installations.
+Check the directory layout on your Gitaly server to be sure.
 
-Source installations:
+**For Omnibus GitLab**
 
-```toml
-# /home/git/gitaly/config.toml
-listen_addr = '0.0.0.0:8075'
-tls_listen_addr = '0.0.0.0:9999'
+1. Edit `/etc/gitlab/gitlab.rb`:
 
-[tls]
-certificate_path = /path/to/cert.pem
-key_path = /path/to/key.pem
+   <!--
+   updates to following example must also be made at
+   https://gitlab.com/charts/gitlab/blob/master/doc/advanced/external-gitaly/external-omnibus-gitaly.md#configure-omnibus-gitlab
+   -->
 
-[auth]
-token = 'abc123secret'
+   ```ruby
+   # /etc/gitlab/gitlab.rb
 
-[[storage]]
-name = 'default'
-path = '/mnt/gitlab/default/repositories'
+   # Avoid running unnecessary services on the Gitaly server
+   postgresql['enable'] = false
+   redis['enable'] = false
+   nginx['enable'] = false
+   prometheus['enable'] = false
+   unicorn['enable'] = false
+   sidekiq['enable'] = false
+   gitlab_workhorse['enable'] = false
 
-[[storage]]
-name = 'storage1'
-path = '/mnt/gitlab/storage1/repositories'
-```
+   # Prevent database connections during 'gitlab-ctl reconfigure'
+   gitlab_rails['rake_cache_clear'] = false
+   gitlab_rails['auto_migrate'] = false
+
+   # Configure the gitlab-shell API callback URL. Without this, `git push` will
+   # fail. This can be your 'front door' GitLab URL or an internal load
+   # balancer.
+   # Don't forget to copy `/etc/gitlab/gitlab-secrets.json` from web server to Gitaly server.
+   gitlab_rails['internal_api_url'] = 'https://gitlab.example.com'
 
-Again, reconfigure (Omnibus) or restart (source).
+   # Make Gitaly accept connections on all network interfaces. You must use
+   # firewalls to restrict access to this address/port.
+   gitaly['listen_addr'] = "0.0.0.0:8075"
+   gitaly['auth_token'] = 'abc123secret'
 
-### Converting clients to use the Gitaly server
+   gitaly['storage'] = [
+     { 'name' => 'default' },
+     { 'name' => 'storage1' },
+   ]
 
-Now as the final step update the client machines to switch from using
-their local Gitaly service to the new Gitaly server you just
-configured. This is a risky step because if there is any sort of
-network, firewall, or name resolution problem preventing your GitLab
-server from reaching the Gitaly server then all Gitaly requests will
-fail.
+   # To use TLS for Gitaly you need to add
+   gitaly['tls_listen_addr'] = "0.0.0.0:9999"
+   gitaly['certificate_path'] = "path/to/cert.pem"
+   gitaly['key_path'] = "path/to/key.pem"
+   ```
+
+   NOTE: **Note:**
+   In some cases, you'll have to set `path` for `gitaly['storage']` in the
+   format `'path' => '/mnt/gitlab/<storage name>/repositories'`.
+
+1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure).
+
+**For installations from source**
+
+1. On the client node(s), edit `/home/git/gitaly/config.toml`:
+
+   ```toml
+   listen_addr = '0.0.0.0:8075'
+   tls_listen_addr = '0.0.0.0:9999'
+
+   [tls]
+   certificate_path = /path/to/cert.pem
+   key_path = /path/to/key.pem
+
+   [auth]
+   token = 'abc123secret'
+
+   [[storage]]
+   name = 'default'
+
+   [[storage]]
+   name = 'storage1'
+   ```
+
+   NOTE: **Note:**
+   In some cases, you'll have to set `path` for each `[[storage]]` in the
+   format `path = '/mnt/gitlab/<storage name>/repositories'`.
+
+1. Save the file and [restart GitLab](../restart_gitlab.md#installations-from-source).
+
+### 4. Converting clients to use the Gitaly server
+
+As the final step, you need to update the client machines to switch from using
+their local Gitaly service to the new Gitaly server you just configured. This
+is a risky step because if there is any sort of network, firewall, or name
+resolution problem preventing your GitLab server from reaching the Gitaly server,
+then all Gitaly requests will fail.
 
 Additionally, you need to
 [disable Rugged if previously manually enabled](../high_availability/nfs.md#improving-nfs-performance-with-gitlab).
@@ -227,41 +230,93 @@ We assume that your Gitaly server can be reached at
 `gitaly.internal:8075` from your GitLab server, and that Gitaly can read and
 write to `/mnt/gitlab/default` and `/mnt/gitlab/storage1` respectively.
 
-Omnibus installations:
+**For Omnibus GitLab**
 
-```ruby
-# /etc/gitlab/gitlab.rb
-git_data_dirs({
-  'default' => { 'gitaly_address' => 'tcp://gitaly.internal:8075' },
-  'storage1' => { 'gitaly_address' => 'tcp://gitaly.internal:8075' },
-})
+1. Edit `/etc/gitlab/gitlab.rb`:
 
-gitlab_rails['gitaly_token'] = 'abc123secret'
-```
+   ```ruby
+   git_data_dirs({
+     'default' => { 'gitaly_address' => 'tcp://gitaly.internal:8075' },
+     'storage1' => { 'gitaly_address' => 'tcp://gitaly.internal:8075' },
+   })
 
-Source installations:
-
-```yaml
-# /home/git/gitlab/config/gitlab.yml
-gitlab:
-  repositories:
-    storages:
-      default:
-        path: /mnt/gitlab/default/repositories
-        gitaly_address: tcp://gitaly.internal:8075
-      storage1:
-        path: /mnt/gitlab/storage1/repositories
-        gitaly_address: tcp://gitaly.internal:8075
-
-  gitaly:
-    token: 'abc123secret'
-```
+   gitlab_rails['gitaly_token'] = 'abc123secret'
+   ```
 
-Now reconfigure (Omnibus) or restart (source). When you tail the
-Gitaly logs on your Gitaly server (`sudo gitlab-ctl tail gitaly` or
-`tail -f /home/git/gitlab/log/gitaly.log`) you should see requests
-coming in. One sure way to trigger a Gitaly request is to clone a
-repository from your GitLab server over HTTP.
+   NOTE: **Note:**
+   In some cases, you'll have to set `path` for each `git_data_dirs` in the
+   format `'path' => '/mnt/gitlab/<storage name>'`.
+
+1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure).
+1. Tail the logs to see the requests:
+
+   ```sh
+   sudo gitlab-ctl tail gitaly
+   ```
+
+**For installations from source**
+
+1. Edit `/home/git/gitlab/config/gitlab.yml`:
+
+   ```yaml
+   gitlab:
+     repositories:
+       storages:
+         default:
+           gitaly_address: tcp://gitaly.internal:8075
+         storage1:
+           gitaly_address: tcp://gitaly.internal:8075
+
+     gitaly:
+       token: 'abc123secret'
+   ```
+
+   NOTE: **Note:**
+   In some cases, you'll have to set `path` for each of the `storages` in the
+   format `path: /mnt/gitlab/<storage name>/repositories`.
+
+1. Save the file and [restart GitLab](../restart_gitlab.md#installations-from-source).
+1. Tail the logs to see the requests:
+
+   ```sh
+   tail -f /home/git/gitlab/log/gitaly.log
+   ```
+
+When you tail the Gitaly logs on your Gitaly server you should see requests
+coming in. One sure way to trigger a Gitaly request is to clone a repository
+from your GitLab server over HTTP.
+
+### Disabling the Gitaly service in a cluster environment
+
+If you are running Gitaly [as a remote
+service](#running-gitaly-on-its-own-server) you may want to disable
+the local Gitaly service that runs on your GitLab server by default.
+Disabling Gitaly only makes sense when you run GitLab in a custom
+cluster configuration, where different services run on different
+machines. Disabling Gitaly on all machines in the cluster is not a
+valid configuration.
+
+To disable Gitaly on a client node:
+
+**For Omnibus GitLab**
+
+1. Edit `/etc/gitlab/gitlab.rb`:
+
+   ```ruby
+   gitaly['enable'] = false
+   ```
+
+1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure).
+
+**For installations from source**
+
+1. Edit `/etc/default/gitlab`:
+
+   ```shell
+   gitaly_enabled=false
+   ```
+
+1. Save the file and [restart GitLab](../restart_gitlab.md#installations-from-source).
 
 ## TLS support
 
@@ -271,168 +326,128 @@ Gitaly supports TLS encryption. To be able to communicate
 with a Gitaly instance that listens for secure connections you will need to use `tls://` url
 scheme in the `gitaly_address` of the corresponding storage entry in the GitLab configuration.
 
-The admin needs to bring their own certificate as we do not provide that automatically.
-The certificate to be used needs to be installed on all Gitaly nodes and on all client nodes that communicate with it following procedures described in [GitLab custom certificate configuration](https://docs.gitlab.com/omnibus/settings/ssl.html#install-custom-public-certificates).
+You will need to bring your own certificates as this isn't provided automatically.
+The certificate to be used needs to be installed on all Gitaly nodes and on all
+client nodes that communicate with it following the procedure described in
+[GitLab custom certificate configuration](https://docs.gitlab.com/omnibus/settings/ssl.html#install-custom-public-certificates).
 
-Note that it is possible to configure Gitaly servers with both an
+NOTE: **Note:**
+It is possible to configure Gitaly servers with both an
 unencrypted listening address `listen_addr` and an encrypted listening
 address `tls_listen_addr` at the same time. This allows you to do a
 gradual transition from unencrypted to encrypted traffic, if necessary.
 
-To observe what type of connections are actually being used in a
-production environment you can use the following Prometheus query:
-
-```
-sum(rate(gitaly_connections_total[5m])) by (type)
-```
+To configure Gitaly with TLS:
 
-### Example TLS configuration
+**For Omnibus GitLab**
 
-### Omnibus installations:
+1. On the client nodes, edit `/etc/gitlab/gitlab.rb`:
 
-#### On client nodes:
+   ```ruby
+   git_data_dirs({
+     'default' => { 'gitaly_address' => 'tls://gitaly.internal:9999' },
+     'storage1' => { 'gitaly_address' => 'tls://gitaly.internal:9999' },
+   })
 
-```ruby
-# /etc/gitlab/gitlab.rb
-git_data_dirs({
-  'default' => { 'gitaly_address' => 'tls://gitaly.internal:9999' },
-  'storage1' => { 'gitaly_address' => 'tls://gitaly.internal:9999' },
-})
+   gitlab_rails['gitaly_token'] = 'abc123secret'
+   ```
 
-gitlab_rails['gitaly_token'] = 'abc123secret'
-```
+1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure).
+1. On the Gitaly server nodes, edit `/etc/gitlab/gitlab.rb`:
 
-#### On Gitaly server nodes:
+   ```ruby
+   gitaly['tls_listen_addr'] = "0.0.0.0:9999"
+   gitaly['certificate_path'] = "path/to/cert.pem"
+   gitaly['key_path'] = "path/to/key.pem"
+  ```
 
-```ruby
-gitaly['tls_listen_addr'] = "0.0.0.0:9999"
-gitaly['certificate_path'] = "path/to/cert.pem"
-gitaly['key_path'] = "path/to/key.pem"
-```
+1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure).
 
-### Source installations:
+**For installations from source**
 
-#### On client nodes:
+1. On the client nodes, edit `/home/git/gitlab/config/gitlab.yml`:
 
-```yaml
-# /home/git/gitlab/config/gitlab.yml
-gitlab:
-  repositories:
-    storages:
-      default:
-        path: /mnt/gitlab/default/repositories
-        gitaly_address: tls://gitaly.internal:9999
-      storage1:
-        path: /mnt/gitlab/storage1/repositories
-        gitaly_address: tls://gitaly.internal:9999
+   ```yaml
+   gitlab:
+     repositories:
+       storages:
+         default:
+           gitaly_address: tls://gitaly.internal:9999
+         storage1:
+           gitaly_address: tls://gitaly.internal:9999
 
-  gitaly:
-    token: 'abc123secret'
-```
+     gitaly:
+       token: 'abc123secret'
+   ```
 
-#### On Gitaly server nodes:
+   NOTE: **Note:**
+   In some cases, you'll have to set `path` for each of the `storages` in the
+   format `path: /mnt/gitlab/<storage name>/repositories`.
 
-```toml
-# /home/git/gitaly/config.toml
-tls_listen_addr = '0.0.0.0:9999'
+1. Save the file and [restart GitLab](../restart_gitlab.md#installations-from-source).
+1. On the Gitaly server nodes, edit `/home/git/gitaly/config.toml`:
 
-[tls]
-certificate_path = '/path/to/cert.pem'
-key_path = '/path/to/key.pem'
-```
+   ```toml
+   tls_listen_addr = '0.0.0.0:9999'
 
-## Gitaly-ruby
+   [tls]
+   certificate_path = '/path/to/cert.pem'
+   key_path = '/path/to/key.pem'
+   ```
 
-Gitaly was developed to replace Ruby application code in gitlab-ce/ee.
-In order to save time and/or avoid the risk of rewriting existing
-application logic, in some cases we chose to copy some application code
-from gitlab-ce into Gitaly almost as-is. To be able to run that code, we
-made gitaly-ruby, which is a sidecar process for the main Gitaly Go
-process. Some examples of things that are implemented in gitaly-ruby are
-RPC's that deal with wiki's, and RPC's that create commits on behalf of
-a user, such as merge commits.
-
-### Number of gitaly-ruby workers
-
-Gitaly-ruby has much less capacity than Gitaly itself. If your Gitaly
-server has to handle a lot of request, the default setting of having
-just 1 active gitaly-ruby sidecar might not be enough. If you see
-ResourceExhausted errors from Gitaly it's very likely that you have not
-enough gitaly-ruby capacity.
-
-You can increase the number of gitaly-ruby processes on your Gitaly
-server with the following settings.
+1. Save the file and [restart GitLab](../restart_gitlab.md#installations-from-source).
 
-Omnibus:
+To observe what type of connections are actually being used in a
+production environment you can use the following Prometheus query:
 
-```ruby
-# /etc/gitlab/gitlab.rb
-# Default is 2 workers. The minimum is 2; 1 worker is always reserved as
-# a passive stand-by.
-gitaly['ruby_num_workers'] = 4
 ```
-
-Source:
-
-```toml
-# /home/git/gitaly/config.toml
-[gitaly-ruby]
-num_workers = 4
+sum(rate(gitaly_connections_total[5m])) by (type)
 ```
 
-### Observing gitaly-ruby traffic
-
-Gitaly-ruby is a somewhat hidden, internal implementation detail of
-Gitaly. There is not that much visibility into what goes on inside
-gitaly-ruby processes.
+## `gitaly-ruby`
 
-If you have Prometheus set up to scrape your Gitaly process, you can see
-request rates and error codes for individual RPC's in gitaly-ruby by
-querying `grpc_client_handled_total`. Strictly speaking this metric does
-not differentiate between gitaly-ruby and other RPC's, but in practice
-(as of GitLab 11.9), all gRPC calls made by Gitaly itself are internal
-calls from the main Gitaly process to one of its gitaly-ruby sidecars.
+Gitaly was developed to replace the Ruby application code in GitLab.
+In order to save time and/or avoid the risk of rewriting existing
+application logic, in some cases we chose to copy some application code
+from GitLab into Gitaly almost as-is. To be able to run that code,
+`gitaly-ruby` was created, which is a "sidecar" process for the main Gitaly Go
+process. Some examples of things that are implemented in `gitaly-ruby` are
+RPCs that deal with wikis, and RPCs that create commits on behalf of
+a user, such as merge commits.
 
-Assuming your `grpc_client_handled_total` counter only observes Gitaly,
-the following query shows you RPC's are (most likely) internally
-implemented as calls to gitaly-ruby.
+### Number of `gitaly-ruby` workers
 
-```
-sum(rate(grpc_client_handled_total[5m])) by (grpc_method) > 0
-```
+`gitaly-ruby` has much less capacity than Gitaly itself. If your Gitaly
+server has to handle a lot of requests, the default setting of having
+just one active `gitaly-ruby` sidecar might not be enough. If you see
+`ResourceExhausted` errors from Gitaly, it's very likely that you have not
+enough `gitaly-ruby` capacity.
 
-## Disabling or enabling the Gitaly service in a cluster environment
+You can increase the number of `gitaly-ruby` processes on your Gitaly
+server with the following settings.
 
-If you are running Gitaly [as a remote
-service](#running-gitaly-on-its-own-server) you may want to disable
-the local Gitaly service that runs on your GitLab server by default.
+**For Omnibus GitLab**
 
-> 'Disabling Gitaly' only makes sense when you run GitLab in a custom
-cluster configuration, where different services run on different
-machines. Disabling Gitaly on all machines in the cluster is not a
-valid configuration.
+1. Edit `/etc/gitlab/gitlab.rb`:
 
-If you are setting up a GitLab cluster where Gitaly does not need to
-run on all machines, you can disable the Gitaly service in your
-Omnibus installation, add the following line to `/etc/gitlab/gitlab.rb`:
+   ```ruby
+   # Default is 2 workers. The minimum is 2; 1 worker is always reserved as
+   # a passive stand-by.
+   gitaly['ruby_num_workers'] = 4
+   ```
 
-```ruby
-gitaly['enable'] = false
-```
+1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure).
 
-When you run `gitlab-ctl reconfigure` the Gitaly service will be
-disabled.
+**For installations from source**
 
-To disable the Gitaly service in a GitLab cluster where you installed
-GitLab from source, add the following to `/etc/default/gitlab` on the
-machine where you want to disable Gitaly.
+1. Edit `/home/git/gitaly/config.toml`:
 
-```shell
-gitaly_enabled=false
-```
+   ```toml
+   [gitaly-ruby]
+   num_workers = 4
+   ```
 
-When you run `service gitlab restart` Gitaly will be disabled on this
-particular machine.
+1. Save the file and [restart GitLab](../restart_gitlab.md#installations-from-source).
 
 ## Eliminating NFS altogether
 
@@ -440,19 +455,23 @@ If you are planning to use Gitaly without NFS for your storage needs
 and want to eliminate NFS from your environment altogether, there are
 a few things that you need to do:
 
- 1. Make sure the [`git` user home directory](https://docs.gitlab.com/omnibus/settings/configuration.html#moving-the-home-directory-for-a-user) is on local disk.
- 1. Configure [database lookup of SSH keys](../operations/fast_ssh_key_lookup.md)
- to eliminate the need for a shared authorized_keys file.
- 1. Configure [object storage for job artifacts](../job_artifacts.md#using-object-storage)
- including [live tracing](../job_traces.md#new-live-trace-architecture).
- 1. Configure [object storage for LFS objects](../../workflow/lfs/lfs_administration.md#storing-lfs-objects-in-remote-object-storage).
- 1. Configure [object storage for uploads](../uploads.md#using-object-storage-core-only).
-
-NOTE: **Note:** One current feature of GitLab still requires a shared directory (NFS): [GitLab Pages](../../user/project/pages/index.md).
+1. Make sure the [`git` user home directory](https://docs.gitlab.com/omnibus/settings/configuration.html#moving-the-home-directory-for-a-user) is on local disk.
+1. Configure [database lookup of SSH keys](../operations/fast_ssh_key_lookup.md)
+   to eliminate the need for a shared authorized_keys file.
+1. Configure [object storage for job artifacts](../job_artifacts.md#using-object-storage)
+   including [live tracing](../job_traces.md#new-live-trace-architecture).
+1. Configure [object storage for LFS objects](../../workflow/lfs/lfs_administration.md#storing-lfs-objects-in-remote-object-storage).
+1. Configure [object storage for uploads](../uploads.md#using-object-storage-core-only).
+
+NOTE: **Note:**
+One current feature of GitLab that still requires a shared directory (NFS) is
+[GitLab Pages](../../user/project/pages/index.md).
 There is [work in progress](https://gitlab.com/gitlab-org/gitlab-pages/issues/196)
 to eliminate the need for NFS to support GitLab Pages.
 
-## Troubleshooting Gitaly in production
+## Troubleshooting
+
+### `gitaly-debug`
 
 Since GitLab 11.6, Gitaly comes with a command-line tool called
 `gitaly-debug` that can be run on a Gitaly server to aid in
@@ -462,3 +481,32 @@ Git clone speed for a specific repository on the server.
 
 For an up to date list of sub-commands see [the gitaly-debug
 README](https://gitlab.com/gitlab-org/gitaly/blob/master/cmd/gitaly-debug/README.md).
+
+### Client side GRPC logs
+
+Gitaly uses the [gRPC](https://grpc.io/) RPC framework. The Ruby gRPC
+client has its own log file which may contain useful information when
+you are seeing Gitaly errors. You can control the log level of the
+gRPC client with the `GRPC_LOG_LEVEL` environment variable. The
+default level is `WARN`.
+
+### Observing `gitaly-ruby` traffic
+
+[`gitaly-ruby`](#gitaly-ruby) is an internal implementation detail of Gitaly,
+so, there's not that much visibility into what goes on inside
+`gitaly-ruby` processes.
+
+If you have Prometheus set up to scrape your Gitaly process, you can see
+request rates and error codes for individual RPCs in `gitaly-ruby` by
+querying `grpc_client_handled_total`. Strictly speaking, this metric does
+not differentiate between `gitaly-ruby` and other RPCs, but in practice
+(as of GitLab 11.9), all gRPC calls made by Gitaly itself are internal
+calls from the main Gitaly process to one of its `gitaly-ruby` sidecars.
+
+Assuming your `grpc_client_handled_total` counter only observes Gitaly,
+the following query shows you RPCs are (most likely) internally
+implemented as calls to `gitaly-ruby`:
+
+```
+sum(rate(grpc_client_handled_total[5m])) by (grpc_method) > 0
+```
-- 
cgit v1.2.1


From 07292383aacb2967fb20e8031389938a21ed86a1 Mon Sep 17 00:00:00 2001
From: Jose Ivan Vargas <jvargas@gitlab.com>
Date: Fri, 19 Jul 2019 02:10:13 +0000
Subject: Add documentation for panel types

This adds documentation on how to add
area and single stat panel types for the
monitoring dashboards using custom yml
files
---
 .../img/prometheus_dashboard_area_panel_type.png   | Bin 0 -> 65101 bytes
 ...prometheus_dashboard_single_stat_panel_type.png | Bin 0 -> 26781 bytes
 doc/user/project/integrations/prometheus.md        |  61 ++++++++++++++++++++-
 3 files changed, 60 insertions(+), 1 deletion(-)
 create mode 100644 doc/user/project/integrations/img/prometheus_dashboard_area_panel_type.png
 create mode 100644 doc/user/project/integrations/img/prometheus_dashboard_single_stat_panel_type.png

diff --git a/doc/user/project/integrations/img/prometheus_dashboard_area_panel_type.png b/doc/user/project/integrations/img/prometheus_dashboard_area_panel_type.png
new file mode 100644
index 00000000000..7260b11f07b
Binary files /dev/null and b/doc/user/project/integrations/img/prometheus_dashboard_area_panel_type.png differ
diff --git a/doc/user/project/integrations/img/prometheus_dashboard_single_stat_panel_type.png b/doc/user/project/integrations/img/prometheus_dashboard_single_stat_panel_type.png
new file mode 100644
index 00000000000..ce4c54f909d
Binary files /dev/null and b/doc/user/project/integrations/img/prometheus_dashboard_single_stat_panel_type.png differ
diff --git a/doc/user/project/integrations/prometheus.md b/doc/user/project/integrations/prometheus.md
index 72f12972596..61c30e0b0ef 100644
--- a/doc/user/project/integrations/prometheus.md
+++ b/doc/user/project/integrations/prometheus.md
@@ -191,7 +191,7 @@ The following tables outline the details of expected properties.
 
 | Property | Type | Required | Description |
 | ------ | ------ | ------ | ------- |
-| `type` | enum | no, defaults to `area-chart` | Specifies the chart type to use. Only `area-chart` is currently supported. |
+| `type` | enum | no, defaults to `area-chart` | Specifies the chart type to use. |
 | `title` | string | yes | Heading for the panel. |
 | `y_label` | string | no, but highly encouraged | Y-Axis label for the panel. |
 | `weight` | number | no, defaults to order in file | Order to appear within the grouping. Lower number means higher priority, which will be higher on the page. Numbers do not need to be consecutive. |
@@ -207,6 +207,65 @@ The following tables outline the details of expected properties.
 | `query` | string | yes if `query_range` is not defined | Defines the Prometheus query to be used to populate the chart/panel. If defined, the `query` endpoint of the [Prometheus API](https://prometheus.io/docs/prometheus/latest/querying/api/) will be utilized. |
 | `query_range` | string | yes if `query` is not defined | Defines the Prometheus query to be used to populate the chart/panel. If defined, the `query_range` endpoint of the [Prometheus API](https://prometheus.io/docs/prometheus/latest/querying/api/) will be utilized. |
 
+#### Panel types for dashboards
+
+The below panel types are supported in monitoring dashboards.
+
+##### Area
+
+To add an area panel type to a dashboard, look at the following sample dashboard file:
+
+```yaml
+dashboard: 'Dashboard Title'
+panel_groups:
+  - group: 'Group Title'
+    panels:
+      - type: area-chart
+        title: "Chart Title"
+        y_label: "Y-Axis"
+        metrics:
+          - id: 10
+            query_range: 'http_requests_total'
+            label: "Metric of Ages"
+            unit: "count"
+```
+
+Note the following properties:
+
+| Property | Type | Required | Description |
+| ------ | ------ | ------ | ------ |
+| type | string | no | Type of panel to be rendered. Optional for area panel types |
+| query_range | yes | required | For area panel types, you must use a [range query](https://prometheus.io/docs/prometheus/latest/querying/api/#range-queries) |
+
+![area panel type](img/prometheus_dashboard_area_panel_type.png)
+
+##### Single Stat
+
+To add a single stat panel type to a dashboard, look at the following sample dashboard file:
+
+```yaml
+dashboard: 'Dashboard Title'
+panel_groups:
+  - group: 'Group Title'
+    panels:
+      - title: "Single Stat"
+        type: "single-stat"
+        metrics:
+        - id: 10
+          query: 'max(go_memstats_alloc_bytes{job="prometheus"})'
+          unit: MB
+          label: "Total"
+```
+
+Note the following properties:
+
+| Property | Type | Required | Description |
+| ------ | ------ | ------ | ------ |
+| type | string | yes | Type of panel to be rendered. For single stat panel types, set to `single-stat` |
+| query | string | yes | For single stat panel types, you must use an [instant query](https://prometheus.io/docs/prometheus/latest/querying/api/#instant-queries) |
+
+![single stat panel type](img/prometheus_dashboard_single_stat_panel_type.png)
+
 ### Setting up alerts for Prometheus metrics **(ULTIMATE)**
 
 #### Managed Prometheus instances
-- 
cgit v1.2.1


From e204554057d0607c8a29a379b6cb8c75dbb60422 Mon Sep 17 00:00:00 2001
From: astrachan <alexander.strachan@asgks.net>
Date: Fri, 19 Jul 2019 12:15:23 +1000
Subject: Update root default email address to current value

---
 doc/security/reset_root_password.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/security/reset_root_password.md b/doc/security/reset_root_password.md
index 6a6c5262179..ec360e2d338 100644
--- a/doc/security/reset_root_password.md
+++ b/doc/security/reset_root_password.md
@@ -23,7 +23,7 @@ user = User.where(id: 1).first
 or
 
 ```bash
-user = User.find_by(email: 'admin@local.host')
+user = User.find_by(email: 'admin@example.com')
 ```
 
 Now you can change your password:
-- 
cgit v1.2.1


From 7da80b2d36adc30964423042e956ef880a2650f9 Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Fri, 19 Jul 2019 02:20:32 +0000
Subject: Update numbered lists for docs standards

Ensure that all numbered lists use only 1. and no other numbers.
Also ensure that numbered lists use proper spacing.
---
 doc/administration/auth/ldap-ee.md                 |  2 +-
 doc/administration/repository_storage_types.md     |  4 ++--
 doc/api/container_registry.md                      |  4 ++--
 .../end_to_end_testing_webdriverio/index.md        |  2 +-
 doc/development/code_review.md                     |  3 +--
 .../documentation/improvement-workflow.md          |  6 +++---
 doc/development/documentation/styleguide.md        | 10 ++++-----
 doc/development/fe_guide/frontend_faq.md           |  6 +++---
 doc/development/fe_guide/style_guide_js.md         |  4 ++--
 doc/development/fe_guide/style_guide_scss.md       |  2 +-
 doc/development/import_export.md                   |  4 ++--
 doc/development/licensed_feature_availability.md   |  6 +++---
 doc/development/performance.md                     |  8 ++++----
 doc/development/policies.md                        |  4 ++--
 .../testing_guide/end_to_end/quick_start_guide.md  | 24 +++++++++++-----------
 doc/integration/jenkins_deprecated.md              |  2 +-
 doc/integration/jira_development_panel.md          |  6 +++---
 doc/topics/autodevops/index.md                     |  4 ++--
 doc/user/application_security/index.md             |  6 +++---
 .../security_dashboard/index.md                    |  4 ++--
 doc/user/markdown.md                               | 14 +++++++------
 21 files changed, 63 insertions(+), 62 deletions(-)

diff --git a/doc/administration/auth/ldap-ee.md b/doc/administration/auth/ldap-ee.md
index 2f2ee8a27d3..1b7af2d945a 100644
--- a/doc/administration/auth/ldap-ee.md
+++ b/doc/administration/auth/ldap-ee.md
@@ -193,7 +193,7 @@ group, as opposed to the full DN.
 to lock down user abilities to invite new members to a group. When enabled following happens:
 
 1. Only administrator can manage memberships of any group including access levels.
-2. Users are not allowed to share project with other groups or invite members to a project created in a group.
+1. Users are not allowed to share project with other groups or invite members to a project created in a group.
 
 ## Adjusting LDAP user sync schedule
 
diff --git a/doc/administration/repository_storage_types.md b/doc/administration/repository_storage_types.md
index 9dea6074a3f..1669f8b128c 100644
--- a/doc/administration/repository_storage_types.md
+++ b/doc/administration/repository_storage_types.md
@@ -105,7 +105,7 @@ question.
 To start a migration, enable Hashed Storage for new projects:
 
 1. Go to **Admin > Settings > Repository** and expand the **Repository Storage** section.
-2. Select the **Use hashed storage paths for newly created and renamed projects** checkbox.
+1. Select the **Use hashed storage paths for newly created and renamed projects** checkbox.
 
 Check if the change breaks any existing integration you may have that
 either runs on the same machine as your repositories are located, or may login to that machine
@@ -133,7 +133,7 @@ Similar to the migration, to disable Hashed Storage for new
 projects:
 
 1. Go to **Admin > Settings > Repository** and expand the **Repository Storage** section.
-2. Uncheck the **Use hashed storage paths for newly created and renamed projects** checkbox.
+1. Uncheck the **Use hashed storage paths for newly created and renamed projects** checkbox.
 
 To schedule a complete rollback, see the
 [rake task documentation for storage rollback](raketasks/storage.md#rollback-from-hashed-storage-to-legacy-storage) for instructions.
diff --git a/doc/api/container_registry.md b/doc/api/container_registry.md
index 64ea15bca93..174b93a4f7a 100644
--- a/doc/api/container_registry.md
+++ b/doc/api/container_registry.md
@@ -193,13 +193,13 @@ Examples:
    curl --request DELETE --data 'name_regex=[0-9a-z]{40}' --data 'keep_n=5' --data 'older_than=2d' --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/registry/repositories/2/tags"
    ```
 
-2. Remove all tags, but keep always the latest 5:
+1. Remove all tags, but keep always the latest 5:
 
    ```bash
    curl --request DELETE --data 'name_regex=.*' --data 'keep_n=5' --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/registry/repositories/2/tags"
    ```
 
-3. Remove all tags that are older than 1 month:
+1. Remove all tags that are older than 1 month:
 
    ```bash
    curl --request DELETE --data 'name_regex=.*' --data 'older_than=1month' --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/registry/repositories/2/tags"
diff --git a/doc/ci/examples/end_to_end_testing_webdriverio/index.md b/doc/ci/examples/end_to_end_testing_webdriverio/index.md
index 38fcf05f519..38d0d86ffa2 100644
--- a/doc/ci/examples/end_to_end_testing_webdriverio/index.md
+++ b/doc/ci/examples/end_to_end_testing_webdriverio/index.md
@@ -143,7 +143,7 @@ Which brings us to the exciting part: how do we run this in GitLab CI/CD? There
 need to do for this:
 
 1. Set up [CI/CD jobs](../../yaml/README.md#introduction) that actually have a browser available.
-2. Update our WebdriverIO configuration to use those browsers to visit the review apps.
+1. Update our WebdriverIO configuration to use those browsers to visit the review apps.
 
 For the scope of this article, we've defined an additional [CI/CD stage](../../yaml/README.md#stages)
 `confidence-check` that is executed _after_ the stage that deploys the review app. It uses the `node:latest` [Docker
diff --git a/doc/development/code_review.md b/doc/development/code_review.md
index e9c8b193309..a9a46c62d38 100644
--- a/doc/development/code_review.md
+++ b/doc/development/code_review.md
@@ -341,8 +341,7 @@ Enterprise Edition instance. This has some implications:
       - [Background migrations](background_migrations.md) run in Sidekiq, and
         should only be done for migrations that would take an extreme amount of
         time at GitLab.com scale.
-1. **Sidekiq workers**
-   [cannot change in a backwards-incompatible way](sidekiq_style_guide.md#removing-or-renaming-queues):
+1. **Sidekiq workers** [cannot change in a backwards-incompatible way](sidekiq_style_guide.md#removing-or-renaming-queues):
    1. Sidekiq queues are not drained before a deploy happens, so there will be
       workers in the queue from the previous version of GitLab.
    1. If you need to change a method signature, try to do so across two releases,
diff --git a/doc/development/documentation/improvement-workflow.md b/doc/development/documentation/improvement-workflow.md
index a12c3d5ea7b..80fbd4b6427 100644
--- a/doc/development/documentation/improvement-workflow.md
+++ b/doc/development/documentation/improvement-workflow.md
@@ -52,9 +52,9 @@ To request a post-merge review, [create an issue for one using the Doc Review te
 **3. Maintainer**
 
 1. Review by assigned maintainer, who can always request/require the above reviews. Maintainer review can occur before or after a technical writer review.
-2. Ensure a release milestone of the format XX.Y is set. If the freeze for that release has begun, add the label `pick into <XX.Y>` unless this change is not required for the release. In that case, simply change the milestone.
-3. If EE and CE MRs exist, merge the EE MR first, then the CE MR.
-4. After merging, if there has not been a technical writer review and an issue for a follow-up review was not already created and linked from the MR, [create the issue using the Doc Review template](https://gitlab.com/gitlab-org/gitlab-ce/issues/new?issuable_template=Doc%20Review) and link it from the MR.
+1. Ensure a release milestone of the format XX.Y is set. If the freeze for that release has begun, add the label `pick into <XX.Y>` unless this change is not required for the release. In that case, simply change the milestone.
+1. If EE and CE MRs exist, merge the EE MR first, then the CE MR.
+1. After merging, if there has not been a technical writer review and an issue for a follow-up review was not already created and linked from the MR, [create the issue using the Doc Review template](https://gitlab.com/gitlab-org/gitlab-ce/issues/new?issuable_template=Doc%20Review) and link it from the MR.
 
 ## Other ways to help
 
diff --git a/doc/development/documentation/styleguide.md b/doc/development/documentation/styleguide.md
index 1ca965f8ae9..ccf1deefd91 100644
--- a/doc/development/documentation/styleguide.md
+++ b/doc/development/documentation/styleguide.md
@@ -44,9 +44,9 @@ Include any media types/sources if the content is relevant to readers. You can f
 In the software industry, it is a best practice to organize documentatioin in different types. For example, [Divio recommends](https://www.divio.com/blog/documentation/):
 
 1. Tutorials
-2. How-to guides
-3. Explanation
-4. Reference (for example, a glossary)
+1. How-to guides
+1. Explanation
+1. Reference (for example, a glossary)
 
 At GitLab, we have so many product changes in our monthly releases that we can't afford to continually update multiple types of information.
 If we have multiple types, the information will become outdated. Therefore, we have a [single template](structure.md) for documentation.
@@ -142,9 +142,9 @@ The table below shows what kind of documentation goes where.
 ### Working with directories and files
 
 1. When you create a new directory, always start with an `index.md` file.
-  Do not use another file name and **do not** create `README.md` files.
+   Do not use another file name and **do not** create `README.md` files.
 1. **Do not** use special characters and spaces, or capital letters in file names,
-  directory names, branch names, and anything that generates a path.
+   directory names, branch names, and anything that generates a path.
 1. When creating a new document and it has more than one word in its name,
    make sure to use underscores instead of spaces or dashes (`-`). For example,
    a proper naming would be `import_projects_from_github.md`. The same rule
diff --git a/doc/development/fe_guide/frontend_faq.md b/doc/development/fe_guide/frontend_faq.md
index e4225f2bc39..0d2aeffeac0 100644
--- a/doc/development/fe_guide/frontend_faq.md
+++ b/doc/development/fe_guide/frontend_faq.md
@@ -5,12 +5,12 @@
 1. **You talk about Frontend FAQ.**
    Please share links to it whenever applicable, so more eyes catch when content
    gets outdated.
-2. **Keep it short and simple.**
+1. **Keep it short and simple.**
    Whenever an answer needs more than two sentences it does not belong here.
-3. **Provide background when possible.**
+1. **Provide background when possible.**
    Linking to relevant source code, issue / epic, or other documentation helps
    to understand the answer.
-4. **If you see something, do something.**
+1. **If you see something, do something.**
    Please remove or update any content that is outdated as soon as you see it.
 
 ## FAQ
diff --git a/doc/development/fe_guide/style_guide_js.md b/doc/development/fe_guide/style_guide_js.md
index b50159c2b75..18ef754642d 100644
--- a/doc/development/fe_guide/style_guide_js.md
+++ b/doc/development/fe_guide/style_guide_js.md
@@ -548,7 +548,7 @@ Please check this [rules][eslint-plugin-vue-rules] for more documentation.
       <component @click="eventHandler"/>
     ```
 
-2. Shorthand `:` is preferable over `v-bind`
+1. Shorthand `:` is preferable over `v-bind`
 
     ```javascript
       // bad
@@ -558,7 +558,7 @@ Please check this [rules][eslint-plugin-vue-rules] for more documentation.
       <component :class="btn"/>
     ```
 
-3. Shorthand `#` is preferable over `v-slot`
+1. Shorthand `#` is preferable over `v-slot`
 
     ```javascript
       // bad
diff --git a/doc/development/fe_guide/style_guide_scss.md b/doc/development/fe_guide/style_guide_scss.md
index 5220c9eeea3..f895cfd36ac 100644
--- a/doc/development/fe_guide/style_guide_scss.md
+++ b/doc/development/fe_guide/style_guide_scss.md
@@ -35,7 +35,7 @@ New utility classes should be added to [`utilities.scss`](https://gitlab.com/git
 We recommend a "utility-first" approach.
 
 1. Start with utility classes.
-2. If composing utility classes into a component class removes code duplication and encapsulates a clear responsibility, do it.
+1. If composing utility classes into a component class removes code duplication and encapsulates a clear responsibility, do it.
 
 This encourages an organic growth of component classes and prevents the creation of one-off unreusable classes. Also, the kind of classes that emerge from "utility-first" tend to be design-centered (e.g. `.button`, `.alert`, `.card`) rather than domain-centered (e.g. `.security-report-widget`, `.commit-header-icon`).
 
diff --git a/doc/development/import_export.md b/doc/development/import_export.md
index 64c91f151c5..4c78c62f5f5 100644
--- a/doc/development/import_export.md
+++ b/doc/development/import_export.md
@@ -229,8 +229,8 @@ meaning that we want to bump the version up in the next version (or patch releas
 For example:
 
 1. Add rename to `RelationRenameService` in X.Y
-2. Remove it from `RelationRenameService` in X.Y + 1
-3. Bump Import/Export version in X.Y + 1
+1. Remove it from `RelationRenameService` in X.Y + 1
+1. Bump Import/Export version in X.Y + 1
 
 ```ruby
 module Gitlab
diff --git a/doc/development/licensed_feature_availability.md b/doc/development/licensed_feature_availability.md
index 80ec7b8c0cf..29e4ace157b 100644
--- a/doc/development/licensed_feature_availability.md
+++ b/doc/development/licensed_feature_availability.md
@@ -14,7 +14,7 @@ it should be restricted on namespace scope.
 1. Add the feature symbol on `EES_FEATURES`, `EEP_FEATURES` or `EEU_FEATURES` constants in
   `ee/app/models/license.rb`. Note on `ee/app/models/ee/namespace.rb` that _Bronze_ GitLab.com
   features maps to on-premise _EES_, _Silver_ to _EEP_ and _Gold_ to _EEU_.
-2. Check using:
+1. Check using:
 
 ```ruby
 project.feature_available?(:feature_symbol)
@@ -29,8 +29,8 @@ the instance license.
 
 1. Add the feature symbol on `EES_FEATURES`, `EEP_FEATURES` or `EEU_FEATURES` constants in
   `ee/app/models/license.rb`.
-2. Add the same feature symbol to `GLOBAL_FEATURES`
-3. Check using:
+1. Add the same feature symbol to `GLOBAL_FEATURES`
+1. Check using:
 
 ```ruby
 License.feature_available?(:feature_symbol)
diff --git a/doc/development/performance.md b/doc/development/performance.md
index 8b569a677b6..14b3f8204d2 100644
--- a/doc/development/performance.md
+++ b/doc/development/performance.md
@@ -267,7 +267,7 @@ piece of code is worth optimizing. The only two things you can do are:
 1. Think about what the code does, how it's used, how many times it's called and
    how much time is spent in it relative to the total execution time (e.g., the
    total time spent in a web request).
-2. Ask others (preferably in the form of an issue).
+1. Ask others (preferably in the form of an issue).
 
 Some examples of changes that aren't really important/worth the effort:
 
@@ -285,10 +285,10 @@ directly in a web request as much as possible. This has numerous benefits such
 as:
 
 1. An error won't prevent the request from completing.
-2. The process being slow won't affect the loading time of a page.
-3. In case of a failure it's easy to re-try the process (Sidekiq takes care of
+1. The process being slow won't affect the loading time of a page.
+1. In case of a failure it's easy to re-try the process (Sidekiq takes care of
    this automatically).
-4. By isolating the code from a web request it will hopefully be easier to test
+1. By isolating the code from a web request it will hopefully be easier to test
    and maintain.
 
 It's especially important to use Sidekiq as much as possible when dealing with
diff --git a/doc/development/policies.md b/doc/development/policies.md
index c4ac42bb40a..833b0acb13e 100644
--- a/doc/development/policies.md
+++ b/doc/development/policies.md
@@ -89,8 +89,8 @@ Each line represents a rule that was evaluated. There are a few things to note:
 
 1. The `-` or `+` symbol indicates whether the rule block was evaluated to be
    `false` or `true`, respectively.
-2. The number inside the brackets indicates the score.
-3. The last part of the line (e.g. `@john : Issue/1`) shows the username
+1. The number inside the brackets indicates the score.
+1. The last part of the line (e.g. `@john : Issue/1`) shows the username
    and subject for that rule.
 
 Here you can see that the first four rules were evaluated `false` for
diff --git a/doc/development/testing_guide/end_to_end/quick_start_guide.md b/doc/development/testing_guide/end_to_end/quick_start_guide.md
index 3bbf8feab39..14a169dcc1d 100644
--- a/doc/development/testing_guide/end_to_end/quick_start_guide.md
+++ b/doc/development/testing_guide/end_to_end/quick_start_guide.md
@@ -116,9 +116,9 @@ end
 Below are the steps that the test covers:
 
 1. The test finds the 'Edit' link for the labels and clicks on it.
-2. Then it fills in the 'Assign labels' input field with the value 'animal::dolphin' and press enters.
-3. Then it clicks in the content body to apply the label and refreshes the page.
-4. Finally, the expectations check that the previous scoped label was removed and that the new one was added.
+1. Then it fills in the 'Assign labels' input field with the value 'animal::dolphin' and press enters.
+1. Then it clicks in the content body to apply the label and refreshes the page.
+1. Finally, the expectations check that the previous scoped label was removed and that the new one was added.
 
 Let's now see how the second test case would look.
 
@@ -144,9 +144,9 @@ end
 Below are the steps that the test covers:
 
 1. The test finds the 'Edit' link for the labels and clicks on it.
-2. Then it fills in the 'Assign labels' input field with the value 'plant::orchid' and press enters.
-3. Then it clicks in the content body to apply the label and refreshes the page.
-4. Finally, the expectations check that both scoped labels are present.
+1. Then it fills in the 'Assign labels' input field with the value 'plant::orchid' and press enters.
+1. Then it clicks in the content body to apply the label and refreshes the page.
+1. Finally, the expectations check that both scoped labels are present.
 
 > Similar to the previous test, this one is also very straightforward, but there is some code duplication. Let's address it.
 
@@ -290,7 +290,7 @@ As already mentioned in the [best practices](best_practices.md) document, end-to
 Some improvements that we could make in our test suite to optimize its time to run are:
 
 1. Having a single test case (an `it` block) that exercises both scenarios to avoid "wasting" time in the tests' pre-conditions, instead of having two different test cases.
-2. Making the selection of labels more performant by allowing for the selection of more than one label in the same reusable method.
+1. Making the selection of labels more performant by allowing for the selection of more than one label in the same reusable method.
 
 Let's look at a suggestion that addresses the above points, one by one:
 
@@ -332,8 +332,8 @@ To address point 1, we changed the test implementation from two `it` blocks into
 > Notice that the implementation of the new and unique `it` block had to change a little bit. Below we describe in details what it does.
 
 1. It selects two scoped labels simultaneously, one from the same scope of the one already applied in the issue during the setup phase (in the `before` block), and another one from a different scope.
-2. It asserts that the correct labels are visible in the `labels_block`, and that the labels were correctly added and removed;
-3. Finally, the `select_label_and_refresh` method is changed to `select_labels_and_refresh`, which accepts an array of labels instead of a single label, and it iterates on them for faster label selection (this is what is used in step 1 explained above.)
+1. It asserts that the correct labels are visible in the `labels_block`, and that the labels were correctly added and removed;
+1. Finally, the `select_label_and_refresh` method is changed to `select_labels_and_refresh`, which accepts an array of labels instead of a single label, and it iterates on them for faster label selection (this is what is used in step 1 explained above.)
 
 ### 7. Resources
 
@@ -542,9 +542,9 @@ end
 Notice that we have not only moved the `select_labels_and_refresh` method, but we have also changed its implementation to:
 
 1. Click the `:edit_link_labels` element previously defined, instead of using `find('.block.labels .edit-link').click`
-2. Use `within_element(:dropdown_menu_labels, text: label)`, and inside of it, we call `send_keys_to_element(:dropdown_input_field, [label, :enter])`, which is a method that we will implement in the `QA::Page::Base` class to replace `find('.dropdown-menu-labels .dropdown-input-field').send_keys [label, :enter]`
-3. Use `click_body` after iterating on each label, instead of using `find('#content-body').click`
-4. Iterate on every label again, and then we use `has_element?(:labels_block, text: label)` after clicking the page body (which applies the labels), and before refreshing the page, to avoid test flakiness due to refreshing too fast.
+1. Use `within_element(:dropdown_menu_labels, text: label)`, and inside of it, we call `send_keys_to_element(:dropdown_input_field, [label, :enter])`, which is a method that we will implement in the `QA::Page::Base` class to replace `find('.dropdown-menu-labels .dropdown-input-field').send_keys [label, :enter]`
+1. Use `click_body` after iterating on each label, instead of using `find('#content-body').click`
+1. Iterate on every label again, and then we use `has_element?(:labels_block, text: label)` after clicking the page body (which applies the labels), and before refreshing the page, to avoid test flakiness due to refreshing too fast.
 
 ##### Details of `text_of_labels_block`
 
diff --git a/doc/integration/jenkins_deprecated.md b/doc/integration/jenkins_deprecated.md
index eae705c9637..bac89ae2dc6 100644
--- a/doc/integration/jenkins_deprecated.md
+++ b/doc/integration/jenkins_deprecated.md
@@ -19,7 +19,7 @@ Requirements:
 ## Jenkins
 
 1. Install [GitLab Hook plugin](https://wiki.jenkins.io/display/JENKINS/GitLab+Hook+Plugin)
-2. Set up jenkins project
+1. Set up jenkins project
 
 ![screen](img/jenkins_project.png)
 
diff --git a/doc/integration/jira_development_panel.md b/doc/integration/jira_development_panel.md
index 60c7bdabf93..5e906e5af16 100644
--- a/doc/integration/jira_development_panel.md
+++ b/doc/integration/jira_development_panel.md
@@ -59,7 +59,7 @@ There are no special requirements if you are using GitLab.com.
     ![GitLab Application setup](img/jira_dev_panel_gl_setup_1.png)
     - Check `api` in the Scopes section.
 
-2. Click `Save application`. You will see the generated 'Application Id' and 'Secret' values.
+1. Click `Save application`. You will see the generated 'Application Id' and 'Secret' values.
     Copy these values that you will use on the Jira configuration side.
 
 ## Jira Configuration
@@ -70,7 +70,7 @@ There are no special requirements if you are using GitLab.com.
 
     ![Jira DVCS from Dashboard](img/jira_dev_panel_jira_setup_1.png)
 
-2. Complete the form
+1. Complete the form
 
     Select GitHub Enterprise for the `Host` field.
 
@@ -92,7 +92,7 @@ There are no special requirements if you are using GitLab.com.
 
     Ensure that the rest of the checkboxes are checked.
 
-3. Click `Add` to complete and create the integration.
+1. Click `Add` to complete and create the integration.
 
     Jira takes up to a few minutes to know about (import behind the scenes) all the commits and branches
     for all the projects in the GitLab group you specified in the previous step. These are refreshed
diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md
index f9ad952aaad..7a92a672801 100644
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -789,11 +789,11 @@ To configure your application variables:
 1. Go to your project's **Settings > CI/CD**, then expand the section
    called **Variables**.
 
-2. Create a CI Variable, ensuring the key is prefixed with
+1. Create a CI Variable, ensuring the key is prefixed with
    `K8S_SECRET_`. For example, you can create a variable with key
 `K8S_SECRET_RAILS_MASTER_KEY`.
 
-3. Run an Auto Devops pipeline either by manually creating a new
+1. Run an Auto Devops pipeline either by manually creating a new
    pipeline or by pushing a code change to GitLab.
 
 Auto DevOps pipelines will take your application secret variables to
diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md
index 91e79f6c23b..56a4cbd26d2 100644
--- a/doc/user/application_security/index.md
+++ b/doc/user/application_security/index.md
@@ -115,9 +115,9 @@ generated by GitLab. To apply the fix:
 
 1. Click on the vulnerability.
 1. Download and review the patch file `remediation.patch`.
-2. Ensure your local project has the same commit checked out that was used to generate the patch.
-3. Run `git apply remediation.patch`.
-4. Verify and commit the changes to your branch.
+1. Ensure your local project has the same commit checked out that was used to generate the patch.
+1. Run `git apply remediation.patch`.
+1. Verify and commit the changes to your branch.
 
 ![Apply patch for dependency scanning](img/vulnerability_solution.png)
 
diff --git a/doc/user/application_security/security_dashboard/index.md b/doc/user/application_security/security_dashboard/index.md
index 3b01fe66e03..2a2385c00ae 100644
--- a/doc/user/application_security/security_dashboard/index.md
+++ b/doc/user/application_security/security_dashboard/index.md
@@ -26,8 +26,8 @@ To use the project or group security dashboard:
 
 1. At least one project inside a group must be configured with at least one of
    the [supported reports](#supported-reports).
-2. The configured jobs must use the [new `reports` syntax](../../../ci/yaml/README.md#artifactsreports).
-3. [GitLab Runner](https://docs.gitlab.com/runner/) 11.5 or newer must be used.
+1. The configured jobs must use the [new `reports` syntax](../../../ci/yaml/README.md#artifactsreports).
+1. [GitLab Runner](https://docs.gitlab.com/runner/) 11.5 or newer must be used.
    If you're using the shared Runners on GitLab.com, this is already the case.
 
 ## Project Security Dashboard
diff --git a/doc/user/markdown.md b/doc/user/markdown.md
index 96e74125801..37f3f21f539 100644
--- a/doc/user/markdown.md
+++ b/doc/user/markdown.md
@@ -1160,13 +1160,15 @@ Examples:
 + Or pluses
 ```
 
+<!-- The "2." and "4." in the example above are changed to "1." below, only to match the standards on docs.gitlab.com -->
+
 1. First ordered list item
-2. Another item
+1. Another item
    - Unordered sub-list.
 1. Actual numbers don't matter, just that it's a number
    1. Ordered sub-list
    1. Next ordered sub-list item
-4. And another item.
+1. And another item.
 
 * Unordered lists can use asterisks
 - Or minuses
@@ -1184,14 +1186,14 @@ Example:
 
    Second paragraph of first item.
 
-2. Another item
+1. Another item
 ```
 
 1. First ordered list item
 
    Second paragraph of first item.
 
-2. Another item
+1. Another item
 
 ---
 
@@ -1205,14 +1207,14 @@ Example:
 
   Paragraph of first item.
 
-2. Another item
+1. Another item
 ```
 
 1. First ordered list item
 
   Paragraph of first item.
 
-2. Another item
+1. Another item
 
 ### Superscripts / Subscripts
 
-- 
cgit v1.2.1


From 9ef196b7a7d51043c09c848699f7d393edf7af03 Mon Sep 17 00:00:00 2001
From: George Koltsov <koltsov.george@gmail.com>
Date: Fri, 19 Jul 2019 03:00:23 +0000
Subject: Set Private visibility for restricted Internal imported projects

With https://gitlab.com/gitlab-org/gitlab-ee/issues/12388 change going
live there is potential risk of breaking imports of 'Internal' projects.
This change makes sure if 'Internal' visibility level is restricted
all 'Internal' projects will be marked as 'Private'

See: https://gitlab.com/gitlab-org/gitlab-ce/issues/64311
---
 ...set-visibility-private-if-internal-restricted.yml |  5 +++++
 doc/user/project/settings/import_export.md           |  5 +++++
 lib/gitlab/import_export/project_tree_restorer.rb    |  1 +
 .../import_export/project_tree_restorer_spec.rb      | 20 ++++++++++++++++++++
 4 files changed, 31 insertions(+)
 create mode 100644 changelogs/unreleased/georgekoltsov-64311-set-visibility-private-if-internal-restricted.yml

diff --git a/changelogs/unreleased/georgekoltsov-64311-set-visibility-private-if-internal-restricted.yml b/changelogs/unreleased/georgekoltsov-64311-set-visibility-private-if-internal-restricted.yml
new file mode 100644
index 00000000000..18af16e5216
--- /dev/null
+++ b/changelogs/unreleased/georgekoltsov-64311-set-visibility-private-if-internal-restricted.yml
@@ -0,0 +1,5 @@
+---
+title: Set visibility level 'Private' for restricted 'Internal' imported projects when 'Internal' visibility setting is restricted in admin settings
+merge_request: 30522
+author:
+type: other
diff --git a/doc/user/project/settings/import_export.md b/doc/user/project/settings/import_export.md
index 7241df613eb..35d5320c0b1 100644
--- a/doc/user/project/settings/import_export.md
+++ b/doc/user/project/settings/import_export.md
@@ -116,3 +116,8 @@ For more details on the specific data persisted in a project export, see the
 
 1. Click on **Import project** to begin importing. Your newly imported project
    page will appear soon.
+
+NOTE: **Note:**
+If use of the `Internal` visibility level
+[is restricted](../../../public_access/public_access.md#restricting-the-use-of-public-or-internal-projects),
+all imported projects are given the visibility of `Private`.
diff --git a/lib/gitlab/import_export/project_tree_restorer.rb b/lib/gitlab/import_export/project_tree_restorer.rb
index dec99c23a2d..91fe4e5d074 100644
--- a/lib/gitlab/import_export/project_tree_restorer.rb
+++ b/lib/gitlab/import_export/project_tree_restorer.rb
@@ -130,6 +130,7 @@ module Gitlab
       def visibility_level
         level = override_params['visibility_level'] || json_params['visibility_level'] || @project.visibility_level
         level = @project.group.visibility_level if @project.group && level.to_i > @project.group.visibility_level
+        level = Gitlab::VisibilityLevel::PRIVATE if level == Gitlab::VisibilityLevel::INTERNAL && Gitlab::CurrentSettings.restricted_visibility_levels.include?(level)
 
         { 'visibility_level' => level }
       end
diff --git a/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb b/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb
index e6ce3f1bcea..3b7de185cf1 100644
--- a/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb
+++ b/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb
@@ -496,6 +496,18 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
       end
     end
 
+    context 'with restricted internal visibility' do
+      describe 'internal project' do
+        let(:visibility) { Gitlab::VisibilityLevel::INTERNAL }
+
+        it 'uses private visibility' do
+          stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::INTERNAL])
+
+          expect(restorer.restored_project.visibility_level).to eq(Gitlab::VisibilityLevel::PRIVATE)
+        end
+      end
+    end
+
     context 'with group visibility' do
       before do
         group = create(:group, visibility_level: group_visibility)
@@ -528,6 +540,14 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
         it 'uses the group visibility' do
           expect(restorer.restored_project.visibility_level).to eq(group_visibility)
         end
+
+        context 'with restricted internal visibility' do
+          it 'sets private visibility' do
+            stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::INTERNAL])
+
+            expect(restorer.restored_project.visibility_level).to eq(Gitlab::VisibilityLevel::PRIVATE)
+          end
+        end
       end
     end
   end
-- 
cgit v1.2.1


From df96b7c075ca7e59ed5c7b321290eb869a17e44c Mon Sep 17 00:00:00 2001
From: Oswaldo Ferreira <oswaldo@gitlab.com>
Date: Fri, 19 Jul 2019 03:04:09 +0000
Subject: Document interacting GitLab components and features

It's not uncommon that a single code change can reflect and
interact with multiple parts of GitLab codebase, making it
possible to break an existing feature.

This commit expands documentation in that regard for developers.
---
 doc/development/README.md                 |  1 +
 doc/development/interacting_components.md | 29 +++++++++++++++++++++++++++++
 2 files changed, 30 insertions(+)
 create mode 100644 doc/development/interacting_components.md

diff --git a/doc/development/README.md b/doc/development/README.md
index a74770ae383..4f16473e7e2 100644
--- a/doc/development/README.md
+++ b/doc/development/README.md
@@ -63,6 +63,7 @@ description: 'Learn how to contribute to GitLab.'
 - [Routing](routing.md)
 - [Repository mirroring](repository_mirroring.md)
 - [Git LFS](lfs.md)
+- [Developing against interacting components or features](interacting_components.md)
 
 ## Performance guides
 
diff --git a/doc/development/interacting_components.md b/doc/development/interacting_components.md
new file mode 100644
index 00000000000..74d52d808e2
--- /dev/null
+++ b/doc/development/interacting_components.md
@@ -0,0 +1,29 @@
+# Developing against interacting components or features
+
+It's not uncommon that a single code change can reflect and interact with multiple parts of GitLab
+codebase. Furthermore, an existing feature might have an underlying integration or behavior that
+might go unnoticed even by reviewers and maintainers.
+
+The goal of this section is to briefly list interacting pieces to think about
+when making _backend_ changes that might involve multiple features or [components](architecture.md#components).
+
+## Uploads
+
+GitLab supports uploads to [object storage]. That means every feature and 
+change that affects uploads should also be tested against [object storage], 
+which is _not_ enabled by default in [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit).
+
+When working on a related feature, make sure to enable and test it
+against [Minio](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/object_storage.md).
+
+See also [File Storage in GitLab](file_storage.md).
+
+## Merge requests
+
+### Forks
+
+GitLab supports a great amount of features for [merge requests](../user/project/merge_requests/index.md). One
+of them is the ability to create merge requests from and to [forks](../gitlab-basics/fork-project.md),
+which should also be highly considered and tested upon development phase.
+
+[object storage]: https://docs.gitlab.com/charts/advanced/external-object-storage/
-- 
cgit v1.2.1


From 390d527ddc60dd9c55e188515d39af3d56803492 Mon Sep 17 00:00:00 2001
From: Oswaldo Ferreira <oswaldo@gitlab.com>
Date: Fri, 19 Jul 2019 03:24:33 +0000
Subject: Add docs for GitLab.com subscription upgrades

---
 doc/subscriptions/index.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/doc/subscriptions/index.md b/doc/subscriptions/index.md
index 745a2253e84..68e62fff106 100644
--- a/doc/subscriptions/index.md
+++ b/doc/subscriptions/index.md
@@ -69,6 +69,14 @@ Once your GitLab.com account is linked, you can go to your [Subscriptions](https
 
 Please note that you need to be a group owner to associate a group to your subscription.
 
+### GitLab.com: Upgrade your subscription plan
+
+GitLab.com subscriptions can be upgraded directly through the [Subscriptions portal](https://customers.gitlab.com/subscriptions). 
+
+The Subscriptions portal provides an **Upgrade** button below each GitLab.com
+subscription, which will lead you to a simple
+checkout process.
+
 ### Confirm or upgrade your GitLab.com subscription details within GitLab
 
 To see the status of your GitLab.com subscription, you can click on the Billings
-- 
cgit v1.2.1


From ef0ea43053b8594e4a0298783224ab31b816a9b5 Mon Sep 17 00:00:00 2001
From: Kenny Johnston <2920426-kencjohnston@users.noreply.gitlab.com>
Date: Fri, 19 Jul 2019 03:25:25 +0000
Subject: Remove duplicate content about auto-devops customization

---
 doc/topics/autodevops/index.md | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md
index 7a92a672801..43ba98e5a31 100644
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -664,10 +664,6 @@ to the desired environment. See [Limiting environment scopes of variables](../..
 
 ### Customizing `.gitlab-ci.yml`
 
-Everything about Auto DevOps is customizable since the [Auto DevOps template]
-is just an example of a [`.gitlab-ci.yml`](../../ci/yaml/README.md) and uses
-only features that are available to any `.gitlab-ci.yml`.
-
 Auto DevOps is completely customizable because the [Auto DevOps template]:
 
 - Is just an implementation of a [`.gitlab-ci.yml`](../../ci/yaml/README.md) file.
-- 
cgit v1.2.1


From b02fa3ebffb81843d58ead32eaeb2b183a4f611e Mon Sep 17 00:00:00 2001
From: Russell Dickenson <rdickenson@gitlab.com>
Date: Fri, 19 Jul 2019 04:59:08 +0000
Subject: Remove duplicate word in Issues feature page

---
 doc/user/project/issues/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/project/issues/index.md b/doc/user/project/issues/index.md
index 6509c7908e5..6706e1c2e2b 100644
--- a/doc/user/project/issues/index.md
+++ b/doc/user/project/issues/index.md
@@ -89,7 +89,7 @@ Key actions for Issues include:
 ![Issue view](img/issues_main_view.png)
 
 On an issue's page, you can view [all aspects of the issue](issue_data_and_actions.md),
-and modify them if you you have the necessary [permissions](../../permissions.md).
+and modify them if you have the necessary [permissions](../../permissions.md).
 
 ### Issues list
 
-- 
cgit v1.2.1


From 4b7277d90e0ca8ce59754531edc8861714294aea Mon Sep 17 00:00:00 2001
From: Blair Lunceford <blunceford@gitlab.com>
Date: Fri, 19 Jul 2019 06:25:41 +0000
Subject: Added new ES rake task and troubleshooting step

---
 doc/integration/elasticsearch.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/doc/integration/elasticsearch.md b/doc/integration/elasticsearch.md
index 20caac4cb74..626bd259ed6 100644
--- a/doc/integration/elasticsearch.md
+++ b/doc/integration/elasticsearch.md
@@ -354,6 +354,8 @@ There are several rake tasks available to you via the command line:
   - Does the same thing as `sudo gitlab-rake gitlab:elastic:create_empty_index`
 - [sudo gitlab-rake gitlab:elastic:index_snippets](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/ee/lib/tasks/gitlab/elastic.rake)
   - Performs an Elasticsearch import that indexes the snippets data.
+- [sudo gitlab-rake gitlab:elastic:projects_not_indexed](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/ee/lib/tasks/gitlab/elastic.rake)
+  - Displays which projects are not indexed.
 
 ### Environment Variables
 
@@ -469,6 +471,10 @@ Here are some common pitfalls and how to overcome them:
 
   The more data present in your GitLab instance, the longer the indexing process takes.
 
+- **There are some projects that weren't indexed, but we don't know which ones**
+
+  You can run `sudo gitlab-rake gitlab:elastic:projects_not_indexed` to display projects that aren't indexed.
+
 - **No new data is added to the Elasticsearch index when I push code**
 
   When performing the initial indexing of blobs, we lock all projects until the project finishes indexing. It could
-- 
cgit v1.2.1


From afd39a8df0a78b3648656f8d899f605d51600b23 Mon Sep 17 00:00:00 2001
From: Mike Greiling <mike@pixelcog.com>
Date: Thu, 18 Jul 2019 13:46:46 -0500
Subject: Prefer an absolute path over cwd()

---
 spec/frontend/environment.js | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/spec/frontend/environment.js b/spec/frontend/environment.js
index a8c8688441d..8fd39201d39 100644
--- a/spec/frontend/environment.js
+++ b/spec/frontend/environment.js
@@ -1,8 +1,11 @@
 /* eslint-disable import/no-commonjs */
 
+const path = require('path');
 const { ErrorWithStack } = require('jest-util');
 const JSDOMEnvironment = require('jest-environment-jsdom');
 
+const ROOT_PATH = path.resolve(__dirname, '../..');
+
 class CustomEnvironment extends JSDOMEnvironment {
   constructor(config, context) {
     super(config, context);
@@ -35,9 +38,7 @@ class CustomEnvironment extends JSDOMEnvironment {
       this.rejectedPromises.push(error);
     };
 
-    this.global.fixturesBasePath = `${process.cwd()}/${
-      IS_EE ? 'ee/' : ''
-    }spec/javascripts/fixtures`;
+    this.global.fixturesBasePath = `${ROOT_PATH}/${IS_EE ? 'ee/' : ''}spec/javascripts/fixtures`;
 
     // Not yet supported by JSDOM: https://github.com/jsdom/jsdom/issues/317
     this.global.document.createRange = () => ({
-- 
cgit v1.2.1


From 37973465f5be9ef92d3186f5bbb9823619b1b4a2 Mon Sep 17 00:00:00 2001
From: Mike Greiling <mike@pixelcog.com>
Date: Wed, 17 Jul 2019 17:53:37 -0500
Subject: Don't kill the fixtures directory between tests

---
 spec/support/helpers/test_env.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/support/helpers/test_env.rb b/spec/support/helpers/test_env.rb
index 16938da50cc..71f86a4102d 100644
--- a/spec/support/helpers/test_env.rb
+++ b/spec/support/helpers/test_env.rb
@@ -130,7 +130,7 @@ module TestEnv
   # Keeps gitlab-shell and gitlab-test
   def clean_test_path
     Dir[TMP_TEST_PATH].each do |entry|
-      unless File.basename(entry) =~ /\A(gitaly|gitlab-(shell|test|test_bare|test-fork|test-fork_bare))\z/
+      unless File.basename(entry) =~ /\A(frontend|gitaly|gitlab-(shell|test|test_bare|test-fork|test-fork_bare))\z/
         FileUtils.rm_rf(entry)
       end
     end
-- 
cgit v1.2.1


From 25fa78e2f9205427274772ff620d59cc9162400c Mon Sep 17 00:00:00 2001
From: Mike Greiling <mike@pixelcog.com>
Date: Thu, 18 Jul 2019 15:03:48 -0500
Subject: Backport line changes from EE

EE-specific line changes were introduced in the following MR:
https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/12680

This change resolves most of them
---
 spec/javascripts/fixtures/projects.rb | 2 ++
 spec/support/helpers/test_env.rb      | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/spec/javascripts/fixtures/projects.rb b/spec/javascripts/fixtures/projects.rb
index 91e3b65215a..b6c29003e57 100644
--- a/spec/javascripts/fixtures/projects.rb
+++ b/spec/javascripts/fixtures/projects.rb
@@ -18,6 +18,8 @@ describe 'Projects (JavaScript fixtures)', type: :controller do
   end
 
   before do
+    stub_licensed_features(variable_environment_scope: true)
+
     project.add_maintainer(admin)
     sign_in(admin)
     allow(SecureRandom).to receive(:hex).and_return('securerandomhex:thereisnospoon')
diff --git a/spec/support/helpers/test_env.rb b/spec/support/helpers/test_env.rb
index 71f86a4102d..b062631b995 100644
--- a/spec/support/helpers/test_env.rb
+++ b/spec/support/helpers/test_env.rb
@@ -130,7 +130,7 @@ module TestEnv
   # Keeps gitlab-shell and gitlab-test
   def clean_test_path
     Dir[TMP_TEST_PATH].each do |entry|
-      unless File.basename(entry) =~ /\A(frontend|gitaly|gitlab-(shell|test|test_bare|test-fork|test-fork_bare))\z/
+      unless test_dirs.include?(File.basename(entry))
         FileUtils.rm_rf(entry)
       end
     end
@@ -316,6 +316,7 @@ module TestEnv
   # These are directories that should be preserved at cleanup time
   def test_dirs
     @test_dirs ||= %w[
+      frontend
       gitaly
       gitlab-shell
       gitlab-test
-- 
cgit v1.2.1


From faa17d526371a34325705b8de9594e4e9df03298 Mon Sep 17 00:00:00 2001
From: Mike Greiling <mike@pixelcog.com>
Date: Wed, 17 Jul 2019 17:17:37 -0500
Subject: Rename the karma:fixtures task

Introduces frontend:fixtures rake task to replace
karma:fixtures and update documentation and CI scripts
to match
---
 .gitlab/ci/frontend.gitlab-ci.yml                 |  2 +-
 doc/development/testing_guide/frontend_testing.md | 11 +++++++----
 lib/tasks/frontend.rake                           | 21 +++++++++++++++++++++
 lib/tasks/karma.rake                              | 11 ++---------
 spec/frontend/helpers/fixtures.js                 |  2 +-
 5 files changed, 32 insertions(+), 15 deletions(-)
 create mode 100644 lib/tasks/frontend.rake

diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml
index 22999a9d6b4..7695ce453ba 100644
--- a/.gitlab/ci/frontend.gitlab-ci.yml
+++ b/.gitlab/ci/frontend.gitlab-ci.yml
@@ -182,7 +182,7 @@ jest:
   script:
     - scripts/gitaly-test-spawn
     - date
-    - bundle exec rake karma:fixtures
+    - bundle exec rake frontend:fixtures
     - date
     - yarn jest --ci --coverage
   artifacts:
diff --git a/doc/development/testing_guide/frontend_testing.md b/doc/development/testing_guide/frontend_testing.md
index c909745b1ab..f16037e9e0a 100644
--- a/doc/development/testing_guide/frontend_testing.md
+++ b/doc/development/testing_guide/frontend_testing.md
@@ -80,18 +80,20 @@ describe('Component', () => {
 Remember that the performance of each test depends on the environment.
 
 ### Manual module mocks
+
 Jest supports [manual module mocks](https://jestjs.io/docs/en/manual-mocks) by placing a mock in a `__mocks__/` directory next to the source module. **Don't do this.** We want to keep all of our test-related code in one place (the `spec/` folder), and the logic that Jest uses to apply mocks from `__mocks__/` is rather inconsistent.
 
 Instead, our test runner detects manual mocks from `spec/frontend/mocks/`. Any mock placed here is automatically picked up and injected whenever you import its source module.
 
 - Files in `spec/frontend/mocks/ce` will mock the corresponding CE module from `app/assets/javascripts`, mirroring the source module's path.
-    - Example: `spec/frontend/mocks/ce/lib/utils/axios_utils` will mock the module `~/lib/utils/axios_utils`.
+  - Example: `spec/frontend/mocks/ce/lib/utils/axios_utils` will mock the module `~/lib/utils/axios_utils`.
 - Files in `spec/frontend/mocks/node` will mock NPM packages of the same name or path.
 - We don't support mocking EE modules yet.
 
 If a mock is found for which a source module doesn't exist, the test suite will fail. 'Virtual' mocks, or mocks that don't have a 1-to-1 association with a source module, are not supported yet.
 
 #### Writing a mock
+
 Create a JS module in the appropriate place in `spec/frontend/mocks/`. That's it. It will automatically mock its source package in all tests.
 
 Make sure that your mock's export has the same format as the mocked module. So, if you're mocking a CommonJS module, you'll need to use `module.exports` instead of the ES6 `export`.
@@ -99,14 +101,15 @@ Make sure that your mock's export has the same format as the mocked module. So,
 It might be useful for a mock to expose a property that indicates if the mock was loaded. This way, tests can assert the presence of a mock without calling any logic and causing side-effects. The `~/lib/utils/axios_utils` module mock has such a property, `isMock`, that is `true` in the mock and undefined in the original class. Jest's mock functions also have a `mock` property that you can test.
 
 #### Bypassing mocks
+
 If you ever need to import the original module in your tests, use [`jest.requireActual()`](https://jestjs.io/docs/en/jest-object#jestrequireactualmodulename) (or `jest.requireActual().default` for the default export). The `jest.mock()` and `jest.unmock()` won't have an effect on modules that have a manual mock, because mocks are imported and cached before any tests are run.
 
 #### Keep mocks light
+
 Global mocks introduce magic and can affect how modules are imported in your tests. Try to keep them as light as possible and dependency-free. A global mock should be useful for any unit test. For example, the `axios_utils` and `jquery` module mocks throw an error when an HTTP request is attempted, since this is useful behaviour in &gt;99% of tests.
 
 When in doubt, construct mocks in your test file using [`jest.mock()`](https://jestjs.io/docs/en/jest-object#jestmockmodulename-factory-options), [`jest.spyOn()`](https://jestjs.io/docs/en/jest-object#jestspyonobject-methodname), etc.
 
-
 ## Karma test suite
 
 GitLab uses the [Karma][karma] test runner with [Jasmine] as its test
@@ -462,7 +465,7 @@ See this [section][vue-test].
 
 For running the frontend tests, you need the following commands:
 
-- `rake karma:fixtures` (re-)generates [fixtures](#frontend-test-fixtures).
+- `rake frontend:fixtures` (re-)generates [fixtures](#frontend-test-fixtures).
 - `yarn test` executes the tests.
 
 As long as the fixtures don't change, `yarn test` is sufficient (and saves you some time).
@@ -548,7 +551,7 @@ HTML and JSON fixtures are generated from backend views and controllers using RS
 
 For each fixture, the content of the `response` variable is stored in the output file.
 This variable gets automagically set if the test is marked as `type: :request` or `type: :controller`.
-Fixtures are regenerated using the `bin/rake karma:fixtures` command but you can also generate them individually,
+Fixtures are regenerated using the `bin/rake frontend:fixtures` command but you can also generate them individually,
 for example `bin/rspec spec/javascripts/fixtures/merge_requests.rb`.
 When creating a new fixture, it often makes sense to take a look at the corresponding tests for the endpoint in `(ee/)spec/controllers/` or `(ee/)spec/requests/`.
 
diff --git a/lib/tasks/frontend.rake b/lib/tasks/frontend.rake
new file mode 100644
index 00000000000..e1f23bfa06e
--- /dev/null
+++ b/lib/tasks/frontend.rake
@@ -0,0 +1,21 @@
+unless Rails.env.production?
+  namespace :frontend do
+    desc 'GitLab | Frontend | Generate fixtures for JavaScript tests'
+    RSpec::Core::RakeTask.new(:fixtures, [:pattern]) do |t, args|
+      args.with_defaults(pattern: '{spec,ee/spec}/javascripts/fixtures/*.rb')
+      ENV['NO_KNAPSACK'] = 'true'
+      t.pattern = args[:pattern]
+      t.rspec_opts = '--format documentation'
+    end
+
+    desc 'GitLab | Frontend | Run JavaScript tests'
+    task tests: ['yarn:check'] do
+      sh "yarn test" do |ok, res|
+        abort('rake frontend:tests failed') unless ok
+      end
+    end
+  end
+
+  desc 'GitLab | Frontend | Shortcut for frontend:fixtures and frontend:tests'
+  task frontend: ['frontend:fixtures', 'frontend:tests']
+end
diff --git a/lib/tasks/karma.rake b/lib/tasks/karma.rake
index 2dc14183fa3..36590010406 100644
--- a/lib/tasks/karma.rake
+++ b/lib/tasks/karma.rake
@@ -1,15 +1,8 @@
 unless Rails.env.production?
   namespace :karma do
+    # alias exists for legacy reasons
     desc 'GitLab | Karma | Generate fixtures for JavaScript tests'
-    task fixtures: ['karma:rspec_fixtures']
-
-    desc 'GitLab | Karma | Generate fixtures using RSpec'
-    RSpec::Core::RakeTask.new(:rspec_fixtures, [:pattern]) do |t, args|
-      args.with_defaults(pattern: '{spec,ee/spec}/javascripts/fixtures/*.rb')
-      ENV['NO_KNAPSACK'] = 'true'
-      t.pattern = args[:pattern]
-      t.rspec_opts = '--format documentation'
-    end
+    task fixtures: ['frontend:fixtures']
 
     desc 'GitLab | Karma | Run JavaScript tests'
     task tests: ['yarn:check'] do
diff --git a/spec/frontend/helpers/fixtures.js b/spec/frontend/helpers/fixtures.js
index b77bcd6266e..09d91e963fd 100644
--- a/spec/frontend/helpers/fixtures.js
+++ b/spec/frontend/helpers/fixtures.js
@@ -9,7 +9,7 @@ export function getFixture(relativePath) {
     throw new ErrorWithStack(
       `Fixture file ${relativePath} does not exist.
 
-Did you run bin/rake karma:fixtures?`,
+Did you run bin/rake frontend:fixtures?`,
       getFixture,
     );
   }
-- 
cgit v1.2.1


From 89142f985deaff5cd60db0a95f05b646641f6f04 Mon Sep 17 00:00:00 2001
From: Mike Greiling <mike@pixelcog.com>
Date: Wed, 17 Jul 2019 17:47:33 -0500
Subject: Move frontend fixtures to tmp/tests

---
 config/karma.config.js                              | 10 ++++++++--
 spec/frontend/environment.js                        |  3 ++-
 spec/frontend/helpers/fixtures.js                   |  5 ++++-
 spec/javascripts/test_constants.js                  |  4 +---
 spec/support/helpers/javascript_fixtures_helpers.rb |  2 +-
 5 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/config/karma.config.js b/config/karma.config.js
index 2a5bf3581e0..4aaa773d6cc 100644
--- a/config/karma.config.js
+++ b/config/karma.config.js
@@ -107,7 +107,8 @@ if (specFilters.length) {
 module.exports = function(config) {
   process.env.TZ = 'Etc/UTC';
 
-  const fixturesPath = `${IS_EE ? 'ee/' : ''}spec/javascripts/fixtures`;
+  const fixturesPath = `tmp/tests/frontend/fixtures${IS_EE ? '-ee' : ''}`;
+  const staticFixturesPath = 'spec/javascripts/fixtures/static';
 
   const karmaConfig = {
     basePath: ROOT_PATH,
@@ -131,8 +132,13 @@ module.exports = function(config) {
     frameworks: ['jasmine'],
     files: [
       { pattern: 'spec/javascripts/test_bundle.js', watched: false },
-      { pattern: `${fixturesPath}/**/*@(.json|.html|.png|.bmpr|.pdf)`, included: false },
+      { pattern: `${fixturesPath}/**/*`, included: false },
+      { pattern: `${staticFixturesPath}/**/*`, included: false },
     ],
+    proxies: {
+      '/fixtures/': `/base/${fixturesPath}/`,
+      '/fixtures/static/': `/base/${staticFixturesPath}/`,
+    },
     preprocessors: {
       'spec/javascripts/**/*.js': ['webpack', 'sourcemap'],
       'ee/spec/javascripts/**/*.js': ['webpack', 'sourcemap'],
diff --git a/spec/frontend/environment.js b/spec/frontend/environment.js
index 8fd39201d39..3486d7769c1 100644
--- a/spec/frontend/environment.js
+++ b/spec/frontend/environment.js
@@ -38,7 +38,8 @@ class CustomEnvironment extends JSDOMEnvironment {
       this.rejectedPromises.push(error);
     };
 
-    this.global.fixturesBasePath = `${ROOT_PATH}/${IS_EE ? 'ee/' : ''}spec/javascripts/fixtures`;
+    this.global.fixturesBasePath = `${ROOT_PATH}/tmp/tests/frontend/fixtures${IS_EE ? '-ee' : ''}`;
+    this.global.staticFixturesBasePath = `${ROOT_PATH}/spec/javascripts/fixtures`;
 
     // Not yet supported by JSDOM: https://github.com/jsdom/jsdom/issues/317
     this.global.document.createRange = () => ({
diff --git a/spec/frontend/helpers/fixtures.js b/spec/frontend/helpers/fixtures.js
index 09d91e963fd..778196843db 100644
--- a/spec/frontend/helpers/fixtures.js
+++ b/spec/frontend/helpers/fixtures.js
@@ -4,7 +4,10 @@ import path from 'path';
 import { ErrorWithStack } from 'jest-util';
 
 export function getFixture(relativePath) {
-  const absolutePath = path.join(global.fixturesBasePath, relativePath);
+  const basePath = relativePath.startsWith('static/')
+    ? global.staticFixturesBasePath
+    : global.fixturesBasePath;
+  const absolutePath = path.join(basePath, relativePath);
   if (!fs.existsSync(absolutePath)) {
     throw new ErrorWithStack(
       `Fixture file ${relativePath} does not exist.
diff --git a/spec/javascripts/test_constants.js b/spec/javascripts/test_constants.js
index 77c206585fe..c97d47a6406 100644
--- a/spec/javascripts/test_constants.js
+++ b/spec/javascripts/test_constants.js
@@ -1,6 +1,4 @@
-export const FIXTURES_PATH = `/base/${
-  process.env.IS_GITLAB_EE ? 'ee/' : ''
-}spec/javascripts/fixtures`;
+export const FIXTURES_PATH = `/fixtures`;
 export const TEST_HOST = 'http://test.host';
 
 export const DUMMY_IMAGE_URL = `${FIXTURES_PATH}/static/images/one_white_pixel.png`;
diff --git a/spec/support/helpers/javascript_fixtures_helpers.rb b/spec/support/helpers/javascript_fixtures_helpers.rb
index cdd7724cc13..e9129bd263e 100644
--- a/spec/support/helpers/javascript_fixtures_helpers.rb
+++ b/spec/support/helpers/javascript_fixtures_helpers.rb
@@ -19,7 +19,7 @@ module JavaScriptFixturesHelpers
   end
 
   def fixture_root_path
-    (Gitlab.ee? ? 'ee/' : '') + 'spec/javascripts/fixtures'
+    'tmp/tests/frontend/fixtures' + (Gitlab.ee? ? '-ee' : '')
   end
 
   # Public: Removes all fixture files from given directory
-- 
cgit v1.2.1


From 1abe3e514f3fb1920862829cfc272ad7f73e714a Mon Sep 17 00:00:00 2001
From: Mike Greiling <mike@pixelcog.com>
Date: Thu, 18 Jul 2019 12:52:52 -0500
Subject: Save fixtures as pipeline artifacts

---
 .gitlab/ci/frontend.gitlab-ci.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml
index 7695ce453ba..e021820a538 100644
--- a/.gitlab/ci/frontend.gitlab-ci.yml
+++ b/.gitlab/ci/frontend.gitlab-ci.yml
@@ -168,6 +168,7 @@ karma:
     paths:
       - chrome_debug.log
       - coverage-javascript/
+      - tmp/tests/frontend/
 # see https://gitlab.com/gitlab-org/gitlab-ce/issues/64756
 #    reports:
 #      junit: junit_karma.xml
@@ -192,6 +193,7 @@ jest:
     paths:
       - coverage-frontend/
       - junit_jest.xml
+      - tmp/tests/frontend/
 # see https://gitlab.com/gitlab-org/gitlab-ce/issues/64756
 #    reports:
 #      junit: junit_jest.xml
-- 
cgit v1.2.1


From 97b8f85e03f0b6dcfc5d85b92323be979bd27b09 Mon Sep 17 00:00:00 2001
From: Mike Greiling <mike@pixelcog.com>
Date: Thu, 18 Jul 2019 14:11:09 -0500
Subject: Move frontend fixtures into spec/frontend

Moves every fixture source file from
spec/javascripts to spec/frontend
---
 .rubocop.yml                                       |   4 +-
 config/karma.config.js                             |   2 +-
 doc/development/testing_guide/frontend_testing.md  |  12 +-
 lib/tasks/frontend.rake                            |   2 +-
 spec/frontend/environment.js                       |   2 +-
 spec/frontend/fixtures/abuse_reports.rb            |  26 ++
 spec/frontend/fixtures/admin_users.rb              |  28 ++
 spec/frontend/fixtures/application_settings.rb     |  33 ++
 spec/frontend/fixtures/autocomplete_sources.rb     |  39 ++
 spec/frontend/fixtures/blob.rb                     |  34 ++
 spec/frontend/fixtures/boards.rb                   |  28 ++
 spec/frontend/fixtures/branches.rb                 |  32 ++
 spec/frontend/fixtures/clusters.rb                 |  34 ++
 spec/frontend/fixtures/commit.rb                   |  33 ++
 spec/frontend/fixtures/deploy_keys.rb              |  43 ++
 spec/frontend/fixtures/groups.rb                   |  35 ++
 spec/frontend/fixtures/issues.rb                   | 122 ++++++
 spec/frontend/fixtures/jobs.rb                     |  54 +++
 spec/frontend/fixtures/labels.rb                   |  58 +++
 spec/frontend/fixtures/merge_requests.rb           | 134 +++++++
 spec/frontend/fixtures/merge_requests_diffs.rb     |  69 ++++
 spec/frontend/fixtures/pipeline_schedules.rb       |  43 ++
 spec/frontend/fixtures/pipelines.rb                |  34 ++
 spec/frontend/fixtures/projects.rb                 |  83 ++++
 spec/frontend/fixtures/prometheus_service.rb       |  34 ++
 spec/frontend/fixtures/raw.rb                      |  39 ++
 spec/frontend/fixtures/search.rb                   |  17 +
 spec/frontend/fixtures/services.rb                 |  34 ++
 spec/frontend/fixtures/sessions.rb                 |  25 ++
 spec/frontend/fixtures/snippet.rb                  |  33 ++
 spec/frontend/fixtures/static/README.md            |   3 +
 .../fixtures/static/ajax_loading_spinner.html      |   3 +
 spec/frontend/fixtures/static/balsamiq_viewer.html |   1 +
 .../fixtures/static/create_item_dropdown.html      |  11 +
 .../fixtures/static/environments/table.html        |  15 +
 spec/frontend/fixtures/static/event_filter.html    |  44 ++
 spec/frontend/fixtures/static/gl_dropdown.html     |  26 ++
 spec/frontend/fixtures/static/gl_field_errors.html |  22 +
 spec/frontend/fixtures/static/images/green_box.png | Bin 0 -> 1306 bytes
 .../fixtures/static/images/one_white_pixel.png     | Bin 0 -> 68 bytes
 spec/frontend/fixtures/static/images/red_box.png   | Bin 0 -> 1305 bytes
 spec/frontend/fixtures/static/issuable_filter.html |   9 +
 .../fixtures/static/issue_sidebar_label.html       |  26 ++
 .../frontend/fixtures/static/line_highlighter.html | 107 +++++
 spec/frontend/fixtures/static/linked_tabs.html     |  20 +
 .../fixtures/static/merge_requests_show.html       |  15 +
 .../fixtures/static/mini_dropdown_graph.html       |  13 +
 spec/frontend/fixtures/static/notebook_viewer.html |   1 +
 .../fixtures/static/oauth_remember_me.html         |   6 +
 spec/frontend/fixtures/static/pdf_viewer.html      |   1 +
 spec/frontend/fixtures/static/pipeline_graph.html  |  24 ++
 spec/frontend/fixtures/static/pipelines.html       |   3 +
 .../static/project_select_combo_button.html        |   9 +
 spec/frontend/fixtures/static/projects.json        | 445 +++++++++++++++++++++
 .../fixtures/static/search_autocomplete.html       |  15 +
 spec/frontend/fixtures/static/signin_tabs.html     |   8 +
 spec/frontend/fixtures/static/sketch_viewer.html   |   3 +
 spec/frontend/fixtures/todos.rb                    |  54 +++
 spec/frontend/fixtures/u2f.rb                      |  44 ++
 spec/javascripts/fixtures/.gitignore               |   7 +-
 spec/javascripts/fixtures/abuse_reports.rb         |  26 --
 spec/javascripts/fixtures/admin_users.rb           |  28 --
 spec/javascripts/fixtures/application_settings.rb  |  33 --
 spec/javascripts/fixtures/autocomplete_sources.rb  |  39 --
 spec/javascripts/fixtures/blob.rb                  |  34 --
 spec/javascripts/fixtures/boards.rb                |  28 --
 spec/javascripts/fixtures/branches.rb              |  32 --
 spec/javascripts/fixtures/clusters.rb              |  34 --
 spec/javascripts/fixtures/commit.rb                |  33 --
 spec/javascripts/fixtures/deploy_keys.rb           |  43 --
 spec/javascripts/fixtures/groups.rb                |  35 --
 spec/javascripts/fixtures/issues.rb                | 122 ------
 spec/javascripts/fixtures/jobs.rb                  |  54 ---
 spec/javascripts/fixtures/labels.rb                |  58 ---
 spec/javascripts/fixtures/merge_requests.rb        | 134 -------
 spec/javascripts/fixtures/merge_requests_diffs.rb  |  70 ----
 spec/javascripts/fixtures/pipeline_schedules.rb    |  43 --
 spec/javascripts/fixtures/pipelines.rb             |  34 --
 spec/javascripts/fixtures/projects.rb              |  83 ----
 spec/javascripts/fixtures/prometheus_service.rb    |  34 --
 spec/javascripts/fixtures/raw.rb                   |  39 --
 spec/javascripts/fixtures/search.rb                |  17 -
 spec/javascripts/fixtures/services.rb              |  34 --
 spec/javascripts/fixtures/sessions.rb              |  25 --
 spec/javascripts/fixtures/snippet.rb               |  33 --
 spec/javascripts/fixtures/static/README.md         |   3 -
 .../fixtures/static/ajax_loading_spinner.html      |   3 -
 .../fixtures/static/balsamiq_viewer.html           |   1 -
 .../fixtures/static/create_item_dropdown.html      |  11 -
 .../fixtures/static/environments/table.html        |  15 -
 spec/javascripts/fixtures/static/event_filter.html |  44 --
 spec/javascripts/fixtures/static/gl_dropdown.html  |  26 --
 .../fixtures/static/gl_field_errors.html           |  22 -
 .../fixtures/static/images/green_box.png           | Bin 1306 -> 0 bytes
 .../fixtures/static/images/one_white_pixel.png     | Bin 68 -> 0 bytes
 .../javascripts/fixtures/static/images/red_box.png | Bin 1305 -> 0 bytes
 .../fixtures/static/issuable_filter.html           |   9 -
 .../fixtures/static/issue_sidebar_label.html       |  26 --
 .../fixtures/static/line_highlighter.html          | 107 -----
 spec/javascripts/fixtures/static/linked_tabs.html  |  20 -
 .../fixtures/static/merge_requests_show.html       |  15 -
 .../fixtures/static/mini_dropdown_graph.html       |  13 -
 .../fixtures/static/notebook_viewer.html           |   1 -
 .../fixtures/static/oauth_remember_me.html         |   6 -
 spec/javascripts/fixtures/static/pdf_viewer.html   |   1 -
 .../fixtures/static/pipeline_graph.html            |  24 --
 spec/javascripts/fixtures/static/pipelines.html    |   3 -
 .../static/project_select_combo_button.html        |   9 -
 spec/javascripts/fixtures/static/projects.json     | 445 ---------------------
 .../fixtures/static/search_autocomplete.html       |  15 -
 spec/javascripts/fixtures/static/signin_tabs.html  |   8 -
 .../javascripts/fixtures/static/sketch_viewer.html |   3 -
 spec/javascripts/fixtures/todos.rb                 |  54 ---
 spec/javascripts/fixtures/u2f.rb                   |  44 --
 114 files changed, 2085 insertions(+), 2089 deletions(-)
 create mode 100644 spec/frontend/fixtures/abuse_reports.rb
 create mode 100644 spec/frontend/fixtures/admin_users.rb
 create mode 100644 spec/frontend/fixtures/application_settings.rb
 create mode 100644 spec/frontend/fixtures/autocomplete_sources.rb
 create mode 100644 spec/frontend/fixtures/blob.rb
 create mode 100644 spec/frontend/fixtures/boards.rb
 create mode 100644 spec/frontend/fixtures/branches.rb
 create mode 100644 spec/frontend/fixtures/clusters.rb
 create mode 100644 spec/frontend/fixtures/commit.rb
 create mode 100644 spec/frontend/fixtures/deploy_keys.rb
 create mode 100644 spec/frontend/fixtures/groups.rb
 create mode 100644 spec/frontend/fixtures/issues.rb
 create mode 100644 spec/frontend/fixtures/jobs.rb
 create mode 100644 spec/frontend/fixtures/labels.rb
 create mode 100644 spec/frontend/fixtures/merge_requests.rb
 create mode 100644 spec/frontend/fixtures/merge_requests_diffs.rb
 create mode 100644 spec/frontend/fixtures/pipeline_schedules.rb
 create mode 100644 spec/frontend/fixtures/pipelines.rb
 create mode 100644 spec/frontend/fixtures/projects.rb
 create mode 100644 spec/frontend/fixtures/prometheus_service.rb
 create mode 100644 spec/frontend/fixtures/raw.rb
 create mode 100644 spec/frontend/fixtures/search.rb
 create mode 100644 spec/frontend/fixtures/services.rb
 create mode 100644 spec/frontend/fixtures/sessions.rb
 create mode 100644 spec/frontend/fixtures/snippet.rb
 create mode 100644 spec/frontend/fixtures/static/README.md
 create mode 100644 spec/frontend/fixtures/static/ajax_loading_spinner.html
 create mode 100644 spec/frontend/fixtures/static/balsamiq_viewer.html
 create mode 100644 spec/frontend/fixtures/static/create_item_dropdown.html
 create mode 100644 spec/frontend/fixtures/static/environments/table.html
 create mode 100644 spec/frontend/fixtures/static/event_filter.html
 create mode 100644 spec/frontend/fixtures/static/gl_dropdown.html
 create mode 100644 spec/frontend/fixtures/static/gl_field_errors.html
 create mode 100644 spec/frontend/fixtures/static/images/green_box.png
 create mode 100644 spec/frontend/fixtures/static/images/one_white_pixel.png
 create mode 100644 spec/frontend/fixtures/static/images/red_box.png
 create mode 100644 spec/frontend/fixtures/static/issuable_filter.html
 create mode 100644 spec/frontend/fixtures/static/issue_sidebar_label.html
 create mode 100644 spec/frontend/fixtures/static/line_highlighter.html
 create mode 100644 spec/frontend/fixtures/static/linked_tabs.html
 create mode 100644 spec/frontend/fixtures/static/merge_requests_show.html
 create mode 100644 spec/frontend/fixtures/static/mini_dropdown_graph.html
 create mode 100644 spec/frontend/fixtures/static/notebook_viewer.html
 create mode 100644 spec/frontend/fixtures/static/oauth_remember_me.html
 create mode 100644 spec/frontend/fixtures/static/pdf_viewer.html
 create mode 100644 spec/frontend/fixtures/static/pipeline_graph.html
 create mode 100644 spec/frontend/fixtures/static/pipelines.html
 create mode 100644 spec/frontend/fixtures/static/project_select_combo_button.html
 create mode 100644 spec/frontend/fixtures/static/projects.json
 create mode 100644 spec/frontend/fixtures/static/search_autocomplete.html
 create mode 100644 spec/frontend/fixtures/static/signin_tabs.html
 create mode 100644 spec/frontend/fixtures/static/sketch_viewer.html
 create mode 100644 spec/frontend/fixtures/todos.rb
 create mode 100644 spec/frontend/fixtures/u2f.rb
 delete mode 100644 spec/javascripts/fixtures/abuse_reports.rb
 delete mode 100644 spec/javascripts/fixtures/admin_users.rb
 delete mode 100644 spec/javascripts/fixtures/application_settings.rb
 delete mode 100644 spec/javascripts/fixtures/autocomplete_sources.rb
 delete mode 100644 spec/javascripts/fixtures/blob.rb
 delete mode 100644 spec/javascripts/fixtures/boards.rb
 delete mode 100644 spec/javascripts/fixtures/branches.rb
 delete mode 100644 spec/javascripts/fixtures/clusters.rb
 delete mode 100644 spec/javascripts/fixtures/commit.rb
 delete mode 100644 spec/javascripts/fixtures/deploy_keys.rb
 delete mode 100644 spec/javascripts/fixtures/groups.rb
 delete mode 100644 spec/javascripts/fixtures/issues.rb
 delete mode 100644 spec/javascripts/fixtures/jobs.rb
 delete mode 100644 spec/javascripts/fixtures/labels.rb
 delete mode 100644 spec/javascripts/fixtures/merge_requests.rb
 delete mode 100644 spec/javascripts/fixtures/merge_requests_diffs.rb
 delete mode 100644 spec/javascripts/fixtures/pipeline_schedules.rb
 delete mode 100644 spec/javascripts/fixtures/pipelines.rb
 delete mode 100644 spec/javascripts/fixtures/projects.rb
 delete mode 100644 spec/javascripts/fixtures/prometheus_service.rb
 delete mode 100644 spec/javascripts/fixtures/raw.rb
 delete mode 100644 spec/javascripts/fixtures/search.rb
 delete mode 100644 spec/javascripts/fixtures/services.rb
 delete mode 100644 spec/javascripts/fixtures/sessions.rb
 delete mode 100644 spec/javascripts/fixtures/snippet.rb
 delete mode 100644 spec/javascripts/fixtures/static/README.md
 delete mode 100644 spec/javascripts/fixtures/static/ajax_loading_spinner.html
 delete mode 100644 spec/javascripts/fixtures/static/balsamiq_viewer.html
 delete mode 100644 spec/javascripts/fixtures/static/create_item_dropdown.html
 delete mode 100644 spec/javascripts/fixtures/static/environments/table.html
 delete mode 100644 spec/javascripts/fixtures/static/event_filter.html
 delete mode 100644 spec/javascripts/fixtures/static/gl_dropdown.html
 delete mode 100644 spec/javascripts/fixtures/static/gl_field_errors.html
 delete mode 100644 spec/javascripts/fixtures/static/images/green_box.png
 delete mode 100644 spec/javascripts/fixtures/static/images/one_white_pixel.png
 delete mode 100644 spec/javascripts/fixtures/static/images/red_box.png
 delete mode 100644 spec/javascripts/fixtures/static/issuable_filter.html
 delete mode 100644 spec/javascripts/fixtures/static/issue_sidebar_label.html
 delete mode 100644 spec/javascripts/fixtures/static/line_highlighter.html
 delete mode 100644 spec/javascripts/fixtures/static/linked_tabs.html
 delete mode 100644 spec/javascripts/fixtures/static/merge_requests_show.html
 delete mode 100644 spec/javascripts/fixtures/static/mini_dropdown_graph.html
 delete mode 100644 spec/javascripts/fixtures/static/notebook_viewer.html
 delete mode 100644 spec/javascripts/fixtures/static/oauth_remember_me.html
 delete mode 100644 spec/javascripts/fixtures/static/pdf_viewer.html
 delete mode 100644 spec/javascripts/fixtures/static/pipeline_graph.html
 delete mode 100644 spec/javascripts/fixtures/static/pipelines.html
 delete mode 100644 spec/javascripts/fixtures/static/project_select_combo_button.html
 delete mode 100644 spec/javascripts/fixtures/static/projects.json
 delete mode 100644 spec/javascripts/fixtures/static/search_autocomplete.html
 delete mode 100644 spec/javascripts/fixtures/static/signin_tabs.html
 delete mode 100644 spec/javascripts/fixtures/static/sketch_viewer.html
 delete mode 100644 spec/javascripts/fixtures/todos.rb
 delete mode 100644 spec/javascripts/fixtures/u2f.rb

diff --git a/.rubocop.yml b/.rubocop.yml
index e5fe527e611..79e06439ac2 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -60,8 +60,8 @@ Style/FrozenStringLiteralComment:
 RSpec/FilePath:
   Exclude:
     - 'qa/**/*'
-    - 'spec/javascripts/fixtures/*'
-    - 'ee/spec/javascripts/fixtures/*'
+    - 'spec/frontend/fixtures/*'
+    - 'ee/spec/frontend/fixtures/*'
     - 'spec/requests/api/v3/*'
 
 Naming/FileName:
diff --git a/config/karma.config.js b/config/karma.config.js
index 4aaa773d6cc..97794225a3f 100644
--- a/config/karma.config.js
+++ b/config/karma.config.js
@@ -108,7 +108,7 @@ module.exports = function(config) {
   process.env.TZ = 'Etc/UTC';
 
   const fixturesPath = `tmp/tests/frontend/fixtures${IS_EE ? '-ee' : ''}`;
-  const staticFixturesPath = 'spec/javascripts/fixtures/static';
+  const staticFixturesPath = 'spec/frontend/fixtures/static';
 
   const karmaConfig = {
     basePath: ROOT_PATH,
diff --git a/doc/development/testing_guide/frontend_testing.md b/doc/development/testing_guide/frontend_testing.md
index f16037e9e0a..ff28c2ea5e2 100644
--- a/doc/development/testing_guide/frontend_testing.md
+++ b/doc/development/testing_guide/frontend_testing.md
@@ -518,8 +518,8 @@ Information on setting up and running RSpec integration tests with
 Code that is added to HAML templates (in `app/views/`) or makes Ajax requests to the backend has tests that require HTML or JSON from the backend.
 Fixtures for these tests are located at:
 
-- `spec/javascripts/fixtures/`, for running tests in CE.
-- `ee/spec/javascripts/fixtures/`, for running tests in EE.
+- `spec/frontend/fixtures/`, for running tests in CE.
+- `ee/spec/frontend/fixtures/`, for running tests in EE.
 
 Fixture files in:
 
@@ -530,7 +530,7 @@ The following are examples of tests that work for both Karma and Jest:
 
 ```javascript
 it('makes a request', () => {
-  const responseBody = getJSONFixture('some/fixture.json'); // loads spec/javascripts/fixtures/some/fixture.json
+  const responseBody = getJSONFixture('some/fixture.json'); // loads spec/frontend/fixtures/some/fixture.json
   axiosMock.onGet(endpoint).reply(200, responseBody);
 
   myButton.click();
@@ -539,7 +539,7 @@ it('makes a request', () => {
 });
 
 it('uses some HTML element', () => {
-  loadFixtures('some/page.html'); // loads spec/javascripts/fixtures/some/page.html and adds it to the DOM
+  loadFixtures('some/page.html'); // loads spec/frontend/fixtures/some/page.html and adds it to the DOM
 
   const element = document.getElementById('#my-id');
 
@@ -547,12 +547,12 @@ it('uses some HTML element', () => {
 });
 ```
 
-HTML and JSON fixtures are generated from backend views and controllers using RSpec (see `spec/javascripts/fixtures/*.rb`).
+HTML and JSON fixtures are generated from backend views and controllers using RSpec (see `spec/frontend/fixtures/*.rb`).
 
 For each fixture, the content of the `response` variable is stored in the output file.
 This variable gets automagically set if the test is marked as `type: :request` or `type: :controller`.
 Fixtures are regenerated using the `bin/rake frontend:fixtures` command but you can also generate them individually,
-for example `bin/rspec spec/javascripts/fixtures/merge_requests.rb`.
+for example `bin/rspec spec/frontend/fixtures/merge_requests.rb`.
 When creating a new fixture, it often makes sense to take a look at the corresponding tests for the endpoint in `(ee/)spec/controllers/` or `(ee/)spec/requests/`.
 
 ## Gotchas
diff --git a/lib/tasks/frontend.rake b/lib/tasks/frontend.rake
index e1f23bfa06e..1cac7520227 100644
--- a/lib/tasks/frontend.rake
+++ b/lib/tasks/frontend.rake
@@ -2,7 +2,7 @@ unless Rails.env.production?
   namespace :frontend do
     desc 'GitLab | Frontend | Generate fixtures for JavaScript tests'
     RSpec::Core::RakeTask.new(:fixtures, [:pattern]) do |t, args|
-      args.with_defaults(pattern: '{spec,ee/spec}/javascripts/fixtures/*.rb')
+      args.with_defaults(pattern: '{spec,ee/spec}/frontend/fixtures/*.rb')
       ENV['NO_KNAPSACK'] = 'true'
       t.pattern = args[:pattern]
       t.rspec_opts = '--format documentation'
diff --git a/spec/frontend/environment.js b/spec/frontend/environment.js
index 3486d7769c1..290c0e797cb 100644
--- a/spec/frontend/environment.js
+++ b/spec/frontend/environment.js
@@ -39,7 +39,7 @@ class CustomEnvironment extends JSDOMEnvironment {
     };
 
     this.global.fixturesBasePath = `${ROOT_PATH}/tmp/tests/frontend/fixtures${IS_EE ? '-ee' : ''}`;
-    this.global.staticFixturesBasePath = `${ROOT_PATH}/spec/javascripts/fixtures`;
+    this.global.staticFixturesBasePath = `${ROOT_PATH}/spec/frontend/fixtures`;
 
     // Not yet supported by JSDOM: https://github.com/jsdom/jsdom/issues/317
     this.global.document.createRange = () => ({
diff --git a/spec/frontend/fixtures/abuse_reports.rb b/spec/frontend/fixtures/abuse_reports.rb
new file mode 100644
index 00000000000..21356390cae
--- /dev/null
+++ b/spec/frontend/fixtures/abuse_reports.rb
@@ -0,0 +1,26 @@
+require 'spec_helper'
+
+describe Admin::AbuseReportsController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let!(:abuse_report) { create(:abuse_report) }
+  let!(:abuse_report_with_short_message) { create(:abuse_report, message: 'SHORT MESSAGE') }
+  let!(:abuse_report_with_long_message) { create(:abuse_report, message: "LONG MESSAGE\n" * 50) }
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('abuse_reports/')
+  end
+
+  before do
+    sign_in(admin)
+  end
+
+  it 'abuse_reports/abuse_reports_list.html' do
+    get :index
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/admin_users.rb b/spec/frontend/fixtures/admin_users.rb
new file mode 100644
index 00000000000..0209594dadc
--- /dev/null
+++ b/spec/frontend/fixtures/admin_users.rb
@@ -0,0 +1,28 @@
+require 'spec_helper'
+
+describe Admin::UsersController, '(JavaScript fixtures)', type: :controller do
+  include StubENV
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+
+  before do
+    stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
+    sign_in(admin)
+  end
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('admin/users')
+  end
+
+  it 'admin/users/new_with_internal_user_regex.html' do
+    stub_application_setting(user_default_external: true)
+    stub_application_setting(user_default_internal_regex: '^(?:(?!\.ext@).)*$\r?')
+
+    get :new
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/application_settings.rb b/spec/frontend/fixtures/application_settings.rb
new file mode 100644
index 00000000000..38a060580c1
--- /dev/null
+++ b/spec/frontend/fixtures/application_settings.rb
@@ -0,0 +1,33 @@
+require 'spec_helper'
+
+describe Admin::ApplicationSettingsController, '(JavaScript fixtures)', type: :controller do
+  include StubENV
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project_empty_repo, namespace: namespace, path: 'application-settings') }
+
+  before do
+    stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
+    sign_in(admin)
+  end
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('application_settings/')
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  it 'application_settings/accounts_and_limit.html' do
+    stub_application_setting(user_default_external: false)
+
+    get :show
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/autocomplete_sources.rb b/spec/frontend/fixtures/autocomplete_sources.rb
new file mode 100644
index 00000000000..9e04328e2b9
--- /dev/null
+++ b/spec/frontend/fixtures/autocomplete_sources.rb
@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Projects::AutocompleteSourcesController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  set(:admin) { create(:admin) }
+  set(:group) { create(:group, name: 'frontend-fixtures') }
+  set(:project) { create(:project, namespace: group, path: 'autocomplete-sources-project') }
+  set(:issue) { create(:issue, project: project) }
+
+  before(:all) do
+    clean_frontend_fixtures('autocomplete_sources/')
+  end
+
+  before do
+    sign_in(admin)
+  end
+
+  it 'autocomplete_sources/labels.json' do
+    issue.labels << create(:label, project: project, title: 'bug')
+    issue.labels << create(:label, project: project, title: 'critical')
+
+    create(:label, project: project, title: 'feature')
+    create(:label, project: project, title: 'documentation')
+
+    get :labels,
+        format: :json,
+        params: {
+            namespace_id: group.path,
+            project_id: project.path,
+            type: issue.class.name,
+            type_id: issue.id
+        }
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/blob.rb b/spec/frontend/fixtures/blob.rb
new file mode 100644
index 00000000000..ce5030efbf8
--- /dev/null
+++ b/spec/frontend/fixtures/blob.rb
@@ -0,0 +1,34 @@
+require 'spec_helper'
+
+describe Projects::BlobController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project, :repository, namespace: namespace, path: 'branches-project') }
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('blob/')
+  end
+
+  before do
+    sign_in(admin)
+    allow(SecureRandom).to receive(:hex).and_return('securerandomhex:thereisnospoon')
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  it 'blob/show.html' do
+    get(:show, params: {
+      namespace_id: project.namespace,
+      project_id: project,
+      id: 'add-ipython-files/files/ipython/basic.ipynb'
+    })
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/boards.rb b/spec/frontend/fixtures/boards.rb
new file mode 100644
index 00000000000..f257d80390f
--- /dev/null
+++ b/spec/frontend/fixtures/boards.rb
@@ -0,0 +1,28 @@
+require 'spec_helper'
+
+describe Projects::BoardsController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project, :repository, namespace: namespace, path: 'boards-project') }
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('boards/')
+  end
+
+  before do
+    sign_in(admin)
+  end
+
+  it 'boards/show.html' do
+    get(:index, params: {
+      namespace_id: project.namespace,
+      project_id: project
+    })
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/branches.rb b/spec/frontend/fixtures/branches.rb
new file mode 100644
index 00000000000..197fe42c52a
--- /dev/null
+++ b/spec/frontend/fixtures/branches.rb
@@ -0,0 +1,32 @@
+require 'spec_helper'
+
+describe Projects::BranchesController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project, :repository, namespace: namespace, path: 'branches-project') }
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('branches/')
+  end
+
+  before do
+    sign_in(admin)
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  it 'branches/new_branch.html' do
+    get :new, params: {
+      namespace_id: project.namespace.to_param,
+      project_id: project
+    }
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/clusters.rb b/spec/frontend/fixtures/clusters.rb
new file mode 100644
index 00000000000..f15ef010807
--- /dev/null
+++ b/spec/frontend/fixtures/clusters.rb
@@ -0,0 +1,34 @@
+require 'spec_helper'
+
+describe Projects::ClustersController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project, :repository, namespace: namespace) }
+  let(:cluster) { create(:cluster, :provided_by_gcp, projects: [project]) }
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('clusters/')
+  end
+
+  before do
+    sign_in(admin)
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  it 'clusters/show_cluster.html' do
+    get :show, params: {
+      namespace_id: project.namespace.to_param,
+      project_id: project,
+      id: cluster
+    }
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/commit.rb b/spec/frontend/fixtures/commit.rb
new file mode 100644
index 00000000000..a328c455356
--- /dev/null
+++ b/spec/frontend/fixtures/commit.rb
@@ -0,0 +1,33 @@
+require 'spec_helper'
+
+describe Projects::CommitController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  set(:project)  { create(:project, :repository) }
+  set(:user)     { create(:user) }
+  let(:commit)   { project.commit("master") }
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('commit/')
+  end
+
+  before do
+    project.add_maintainer(user)
+    sign_in(user)
+    allow(SecureRandom).to receive(:hex).and_return('securerandomhex:thereisnospoon')
+  end
+
+  it 'commit/show.html' do
+    params = {
+      namespace_id: project.namespace,
+      project_id: project,
+      id: commit.id
+    }
+
+    get :show, params: params
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/deploy_keys.rb b/spec/frontend/fixtures/deploy_keys.rb
new file mode 100644
index 00000000000..fca233c6f59
--- /dev/null
+++ b/spec/frontend/fixtures/deploy_keys.rb
@@ -0,0 +1,43 @@
+require 'spec_helper'
+
+describe Projects::DeployKeysController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project_empty_repo, namespace: namespace, path: 'todos-project') }
+  let(:project2) { create(:project, :internal)}
+  let(:project3) { create(:project, :internal)}
+  let(:project4) { create(:project, :internal)}
+
+  before(:all) do
+    clean_frontend_fixtures('deploy_keys/')
+  end
+
+  before do
+    sign_in(admin)
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  render_views
+
+  it 'deploy_keys/keys.json' do
+    create(:rsa_deploy_key_2048, public: true)
+    project_key = create(:deploy_key, key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCdMHEHyhRjbhEZVddFn6lTWdgEy5Q6Bz4nwGB76xWZI5YT/1WJOMEW+sL5zYd31kk7sd3FJ5L9ft8zWMWrr/iWXQikC2cqZK24H1xy+ZUmrRuJD4qGAaIVoyyzBL+avL+lF8J5lg6YSw8gwJY/lX64/vnJHUlWw2n5BF8IFOWhiw== dummy@gitlab.com')
+    internal_key = create(:deploy_key, key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDNd/UJWhPrpb+b/G5oL109y57yKuCxE+WUGJGYaj7WQKsYRJmLYh1mgjrl+KVyfsWpq4ylOxIfFSnN9xBBFN8mlb0Fma5DC7YsSsibJr3MZ19ZNBprwNcdogET7aW9I0In7Wu5f2KqI6e5W/spJHCy4JVxzVMUvk6Myab0LnJ2iQ== dummy@gitlab.com')
+    create(:deploy_keys_project, project: project, deploy_key: project_key)
+    create(:deploy_keys_project, project: project2, deploy_key: internal_key)
+    create(:deploy_keys_project, project: project3, deploy_key: project_key)
+    create(:deploy_keys_project, project: project4, deploy_key: project_key)
+
+    get :index, params: {
+      namespace_id: project.namespace.to_param,
+      project_id: project
+    }, format: :json
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/groups.rb b/spec/frontend/fixtures/groups.rb
new file mode 100644
index 00000000000..c1bb2d43332
--- /dev/null
+++ b/spec/frontend/fixtures/groups.rb
@@ -0,0 +1,35 @@
+require 'spec_helper'
+
+describe 'Groups (JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:group) { create(:group, name: 'frontend-fixtures-group', runners_token: 'runnerstoken:intabulasreferre')}
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('groups/')
+  end
+
+  before do
+    group.add_maintainer(admin)
+    sign_in(admin)
+  end
+
+  describe GroupsController, '(JavaScript fixtures)', type: :controller do
+    it 'groups/edit.html' do
+      get :edit, params: { id: group }
+
+      expect(response).to be_successful
+    end
+  end
+
+  describe Groups::Settings::CiCdController, '(JavaScript fixtures)', type: :controller do
+    it 'groups/ci_cd_settings.html' do
+      get :show, params: { group_id: group }
+
+      expect(response).to be_successful
+    end
+  end
+end
diff --git a/spec/frontend/fixtures/issues.rb b/spec/frontend/fixtures/issues.rb
new file mode 100644
index 00000000000..b5eb38e0023
--- /dev/null
+++ b/spec/frontend/fixtures/issues.rb
@@ -0,0 +1,122 @@
+require 'spec_helper'
+
+describe Projects::IssuesController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin, feed_token: 'feedtoken:coldfeed') }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project_empty_repo, namespace: namespace, path: 'issues-project') }
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('issues/')
+  end
+
+  before do
+    sign_in(admin)
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  it 'issues/open-issue.html' do
+    render_issue(create(:issue, project: project))
+  end
+
+  it 'issues/closed-issue.html' do
+    render_issue(create(:closed_issue, project: project))
+  end
+
+  it 'issues/issue-with-task-list.html' do
+    issue = create(:issue, project: project, description: '- [ ] Task List Item')
+    render_issue(issue)
+  end
+
+  it 'issues/issue_with_comment.html' do
+    issue = create(:issue, project: project)
+    create(:note, project: project, noteable: issue, note: '- [ ] Task List Item').save
+    render_issue(issue)
+  end
+
+  it 'issues/issue_list.html' do
+    create(:issue, project: project)
+
+    get :index, params: {
+      namespace_id: project.namespace.to_param,
+      project_id: project
+    }
+
+    expect(response).to be_successful
+  end
+
+  private
+
+  def render_issue(issue)
+    get :show, params: {
+      namespace_id: project.namespace.to_param,
+      project_id: project,
+      id: issue.to_param
+    }
+
+    expect(response).to be_successful
+  end
+end
+
+describe API::Issues, '(JavaScript fixtures)', type: :request do
+  include ApiHelpers
+  include JavaScriptFixturesHelpers
+
+  def get_related_merge_requests(project_id, issue_iid, user = nil)
+    get api("/projects/#{project_id}/issues/#{issue_iid}/related_merge_requests", user)
+  end
+
+  def create_referencing_mr(user, project, issue)
+    attributes = {
+      author: user,
+      source_project: project,
+      target_project: project,
+      source_branch: "master",
+      target_branch: "test",
+      assignee: user,
+      description: "See #{issue.to_reference}"
+    }
+    create(:merge_request, attributes).tap do |merge_request|
+      create(:note, :system, project: issue.project, noteable: issue, author: user, note: merge_request.to_reference(full: true))
+    end
+  end
+
+  it 'issues/related_merge_requests.json' do
+    user = create(:user)
+    project = create(:project, :public, creator_id: user.id, namespace: user.namespace)
+    issue_title = 'foo'
+    issue_description = 'closed'
+    milestone = create(:milestone, title: '1.0.0', project: project)
+    issue = create :issue,
+            author: user,
+            assignees: [user],
+            project: project,
+            milestone: milestone,
+            created_at: generate(:past_time),
+            updated_at: 1.hour.ago,
+            title: issue_title,
+            description: issue_description
+
+    project.add_reporter(user)
+    create_referencing_mr(user, project, issue)
+
+    create(:merge_request,
+           :simple,
+           author: user,
+           source_project: project,
+           target_project: project,
+           description: "Some description")
+    project2 = create(:project, :public, creator_id: user.id, namespace: user.namespace)
+    create_referencing_mr(user, project2, issue).update!(head_pipeline: create(:ci_pipeline))
+
+    get_related_merge_requests(project.id, issue.iid, user)
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/jobs.rb b/spec/frontend/fixtures/jobs.rb
new file mode 100644
index 00000000000..a3a7759c85b
--- /dev/null
+++ b/spec/frontend/fixtures/jobs.rb
@@ -0,0 +1,54 @@
+require 'spec_helper'
+
+describe Projects::JobsController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project, :repository, namespace: namespace, path: 'builds-project') }
+  let(:pipeline) { create(:ci_empty_pipeline, project: project, sha: project.commit.id) }
+  let!(:build_with_artifacts) { create(:ci_build, :success, :artifacts, :trace_artifact, pipeline: pipeline, stage: 'test', artifacts_expire_at: Time.now + 18.months) }
+  let!(:failed_build) { create(:ci_build, :failed, pipeline: pipeline, stage: 'build') }
+  let!(:pending_build) { create(:ci_build, :pending, pipeline: pipeline, stage: 'deploy') }
+  let!(:delayed_job) do
+    create(:ci_build, :scheduled,
+           pipeline: pipeline,
+           name: 'delayed job',
+           stage: 'test')
+  end
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('builds/')
+    clean_frontend_fixtures('jobs/')
+  end
+
+  before do
+    sign_in(admin)
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  it 'builds/build-with-artifacts.html' do
+    get :show, params: {
+      namespace_id: project.namespace.to_param,
+      project_id: project,
+      id: build_with_artifacts.to_param
+    }
+
+    expect(response).to be_successful
+  end
+
+  it 'jobs/delayed.json' do
+    get :show, params: {
+      namespace_id: project.namespace.to_param,
+      project_id: project,
+      id: delayed_job.to_param
+    }, format: :json
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/labels.rb b/spec/frontend/fixtures/labels.rb
new file mode 100644
index 00000000000..a312287970f
--- /dev/null
+++ b/spec/frontend/fixtures/labels.rb
@@ -0,0 +1,58 @@
+require 'spec_helper'
+
+describe 'Labels (JavaScript fixtures)' do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:group) { create(:group, name: 'frontend-fixtures-group' )}
+  let(:project) { create(:project_empty_repo, namespace: group, path: 'labels-project') }
+
+  let!(:project_label_bug) { create(:label, project: project, title: 'bug', color: '#FF0000') }
+  let!(:project_label_enhancement) { create(:label, project: project, title: 'enhancement', color: '#00FF00') }
+  let!(:project_label_feature) { create(:label, project: project, title: 'feature', color: '#0000FF') }
+
+  let!(:group_label_roses) { create(:group_label, group: group, title: 'roses', color: '#FF0000') }
+  let!(:groub_label_space) { create(:group_label, group: group, title: 'some space', color: '#FFFFFF') }
+  let!(:groub_label_violets) { create(:group_label, group: group, title: 'violets', color: '#0000FF') }
+
+  before(:all) do
+    clean_frontend_fixtures('labels/')
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  describe Groups::LabelsController, '(JavaScript fixtures)', type: :controller do
+    render_views
+
+    before do
+      sign_in(admin)
+    end
+
+    it 'labels/group_labels.json' do
+      get :index, params: {
+        group_id: group
+      }, format: 'json'
+
+      expect(response).to be_successful
+    end
+  end
+
+  describe Projects::LabelsController, '(JavaScript fixtures)', type: :controller do
+    render_views
+
+    before do
+      sign_in(admin)
+    end
+
+    it 'labels/project_labels.json' do
+      get :index, params: {
+        namespace_id: group,
+        project_id: project
+      }, format: 'json'
+
+      expect(response).to be_successful
+    end
+  end
+end
diff --git a/spec/frontend/fixtures/merge_requests.rb b/spec/frontend/fixtures/merge_requests.rb
new file mode 100644
index 00000000000..88706e96676
--- /dev/null
+++ b/spec/frontend/fixtures/merge_requests.rb
@@ -0,0 +1,134 @@
+require 'spec_helper'
+
+describe Projects::MergeRequestsController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project, :repository, namespace: namespace, path: 'merge-requests-project') }
+  let(:merge_request) { create(:merge_request, :with_diffs, source_project: project, target_project: project, description: '- [ ] Task List Item') }
+  let(:merged_merge_request) { create(:merge_request, :merged, source_project: project, target_project: project) }
+  let(:pipeline) do
+    create(
+      :ci_pipeline,
+      project: merge_request.source_project,
+      ref: merge_request.source_branch,
+      sha: merge_request.diff_head_sha
+    )
+  end
+  let(:path) { "files/ruby/popen.rb" }
+  let(:position) do
+    Gitlab::Diff::Position.new(
+      old_path: path,
+      new_path: path,
+      old_line: nil,
+      new_line: 14,
+      diff_refs: merge_request.diff_refs
+    )
+  end
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('merge_requests/')
+  end
+
+  before do
+    sign_in(admin)
+    allow(Discussion).to receive(:build_discussion_id).and_return(['discussionid:ceterumcenseo'])
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  it 'merge_requests/merge_request_of_current_user.html' do
+    merge_request.update(author: admin)
+
+    render_merge_request(merge_request)
+  end
+
+  it 'merge_requests/merge_request_with_task_list.html' do
+    create(:ci_build, :pending, pipeline: pipeline)
+
+    render_merge_request(merge_request)
+  end
+
+  it 'merge_requests/merged_merge_request.html' do
+    expect_next_instance_of(MergeRequest) do |merge_request|
+      allow(merge_request).to receive(:source_branch_exists?).and_return(true)
+      allow(merge_request).to receive(:can_remove_source_branch?).and_return(true)
+    end
+    render_merge_request(merged_merge_request)
+  end
+
+  it 'merge_requests/diff_comment.html' do
+    create(:diff_note_on_merge_request, project: project, author: admin, position: position, noteable: merge_request)
+    create(:note_on_merge_request, author: admin, project: project, noteable: merge_request)
+    render_merge_request(merge_request)
+  end
+
+  it 'merge_requests/merge_request_with_comment.html' do
+    create(:note_on_merge_request, author: admin, project: project, noteable: merge_request, note: '- [ ] Task List Item')
+    render_merge_request(merge_request)
+  end
+
+  it 'merge_requests/discussions.json' do
+    create(:diff_note_on_merge_request, project: project, author: admin, position: position, noteable: merge_request)
+    render_discussions_json(merge_request)
+  end
+
+  it 'merge_requests/diff_discussion.json' do
+    create(:diff_note_on_merge_request, project: project, author: admin, position: position, noteable: merge_request)
+    render_discussions_json(merge_request)
+  end
+
+  it 'merge_requests/resolved_diff_discussion.json' do
+    note = create(:discussion_note_on_merge_request, :resolved, project: project, author: admin, position: position, noteable: merge_request)
+    create(:system_note, project: project, author: admin, noteable: merge_request, discussion_id: note.discussion.id)
+
+    render_discussions_json(merge_request)
+  end
+
+  context 'with image diff' do
+    let(:merge_request2) { create(:merge_request_with_diffs, :with_image_diffs, source_project: project, title: "Added images") }
+    let(:image_path) { "files/images/ee_repo_logo.png" }
+    let(:image_position) do
+      Gitlab::Diff::Position.new(
+        old_path: image_path,
+        new_path: image_path,
+        width: 100,
+        height: 100,
+        x: 1,
+        y: 1,
+        position_type: "image",
+        diff_refs: merge_request2.diff_refs
+      )
+    end
+
+    it 'merge_requests/image_diff_discussion.json' do
+      create(:diff_note_on_merge_request, project: project, noteable: merge_request2, position: image_position)
+      render_discussions_json(merge_request2)
+    end
+  end
+
+  private
+
+  def render_discussions_json(merge_request)
+    get :discussions, params: {
+      namespace_id: project.namespace.to_param,
+      project_id: project,
+      id: merge_request.to_param
+    }, format: :json
+  end
+
+  def render_merge_request(merge_request)
+    get :show, params: {
+      namespace_id: project.namespace.to_param,
+      project_id: project,
+      id: merge_request.to_param
+    }, format: :html
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/merge_requests_diffs.rb b/spec/frontend/fixtures/merge_requests_diffs.rb
new file mode 100644
index 00000000000..b633a0495a6
--- /dev/null
+++ b/spec/frontend/fixtures/merge_requests_diffs.rb
@@ -0,0 +1,69 @@
+require 'spec_helper'
+
+describe Projects::MergeRequests::DiffsController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project, :repository, namespace: namespace, path: 'merge-requests-project') }
+  let(:merge_request) { create(:merge_request, :with_diffs, source_project: project, target_project: project, description: '- [ ] Task List Item') }
+  let(:path) { "files/ruby/popen.rb" }
+  let(:selected_commit) { merge_request.all_commits[0] }
+  let(:position) do
+    Gitlab::Diff::Position.new(
+      old_path: path,
+      new_path: path,
+      old_line: nil,
+      new_line: 14,
+      diff_refs: merge_request.diff_refs
+    )
+  end
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('merge_request_diffs/')
+  end
+
+  before do
+    sign_in(admin)
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  it 'merge_request_diffs/with_commit.json' do
+    # Create a user that matches the selected commit author
+    # This is so that the "author" information will be populated
+    create(:user, email: selected_commit.author_email, name: selected_commit.author_name)
+
+    render_merge_request(merge_request, commit_id: selected_commit.sha)
+  end
+
+  it 'merge_request_diffs/inline_changes_tab_with_comments.json' do
+    create(:diff_note_on_merge_request, project: project, author: admin, position: position, noteable: merge_request)
+    create(:note_on_merge_request, author: admin, project: project, noteable: merge_request)
+    render_merge_request(merge_request)
+  end
+
+  it 'merge_request_diffs/parallel_changes_tab_with_comments.json' do
+    create(:diff_note_on_merge_request, project: project, author: admin, position: position, noteable: merge_request)
+    create(:note_on_merge_request, author: admin, project: project, noteable: merge_request)
+    render_merge_request(merge_request, view: 'parallel')
+  end
+
+  private
+
+  def render_merge_request(merge_request, view: 'inline', **extra_params)
+    get :show, params: {
+      namespace_id: project.namespace.to_param,
+      project_id: project,
+      id: merge_request.to_param,
+      view: view,
+      **extra_params
+    }, format: :json
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/pipeline_schedules.rb b/spec/frontend/fixtures/pipeline_schedules.rb
new file mode 100644
index 00000000000..a70091a3919
--- /dev/null
+++ b/spec/frontend/fixtures/pipeline_schedules.rb
@@ -0,0 +1,43 @@
+require 'spec_helper'
+
+describe Projects::PipelineSchedulesController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project, :public, :repository) }
+  let!(:pipeline_schedule) { create(:ci_pipeline_schedule, project: project, owner: admin) }
+  let!(:pipeline_schedule_populated) { create(:ci_pipeline_schedule, project: project, owner: admin) }
+  let!(:pipeline_schedule_variable1) { create(:ci_pipeline_schedule_variable, key: 'foo', value: 'foovalue', pipeline_schedule: pipeline_schedule_populated) }
+  let!(:pipeline_schedule_variable2) { create(:ci_pipeline_schedule_variable, key: 'bar', value: 'barvalue', pipeline_schedule: pipeline_schedule_populated) }
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('pipeline_schedules/')
+  end
+
+  before do
+    sign_in(admin)
+  end
+
+  it 'pipeline_schedules/edit.html' do
+    get :edit, params: {
+      namespace_id: project.namespace.to_param,
+      project_id: project,
+      id: pipeline_schedule.id
+    }
+
+    expect(response).to be_successful
+  end
+
+  it 'pipeline_schedules/edit_with_variables.html' do
+    get :edit, params: {
+      namespace_id: project.namespace.to_param,
+      project_id: project,
+      id: pipeline_schedule_populated.id
+    }
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/pipelines.rb b/spec/frontend/fixtures/pipelines.rb
new file mode 100644
index 00000000000..ed57eb0aa80
--- /dev/null
+++ b/spec/frontend/fixtures/pipelines.rb
@@ -0,0 +1,34 @@
+require 'spec_helper'
+
+describe Projects::PipelinesController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project, :repository, namespace: namespace, path: 'pipelines-project') }
+  let(:commit) { create(:commit, project: project) }
+  let(:commit_without_author) { RepoHelpers.another_sample_commit }
+  let!(:user) { create(:user, developer_projects: [project], email: commit.author_email) }
+  let!(:pipeline) { create(:ci_pipeline, project: project, sha: commit.id, user: user) }
+  let!(:pipeline_without_author) { create(:ci_pipeline, project: project, sha: commit_without_author.id) }
+  let!(:pipeline_without_commit) { create(:ci_pipeline, project: project, sha: '0000') }
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('pipelines/')
+  end
+
+  before do
+    sign_in(admin)
+  end
+
+  it 'pipelines/pipelines.json' do
+    get :index, params: {
+      namespace_id: namespace,
+      project_id: project
+    }, format: :json
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/projects.rb b/spec/frontend/fixtures/projects.rb
new file mode 100644
index 00000000000..b6c29003e57
--- /dev/null
+++ b/spec/frontend/fixtures/projects.rb
@@ -0,0 +1,83 @@
+require 'spec_helper'
+
+describe 'Projects (JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  runners_token = 'runnerstoken:intabulasreferre'
+
+  let(:admin) { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project, namespace: namespace, path: 'builds-project', runners_token: runners_token) }
+  let(:project_with_repo) { create(:project, :repository, description: 'Code and stuff') }
+  let(:project_variable_populated) { create(:project, namespace: namespace, path: 'builds-project2', runners_token: runners_token) }
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('projects/')
+  end
+
+  before do
+    stub_licensed_features(variable_environment_scope: true)
+
+    project.add_maintainer(admin)
+    sign_in(admin)
+    allow(SecureRandom).to receive(:hex).and_return('securerandomhex:thereisnospoon')
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  describe ProjectsController, '(JavaScript fixtures)', type: :controller do
+    it 'projects/dashboard.html' do
+      get :show, params: {
+        namespace_id: project.namespace.to_param,
+        id: project
+      }
+
+      expect(response).to be_successful
+    end
+
+    it 'projects/overview.html' do
+      get :show, params: {
+        namespace_id: project_with_repo.namespace.to_param,
+        id: project_with_repo
+      }
+
+      expect(response).to be_successful
+    end
+
+    it 'projects/edit.html' do
+      get :edit, params: {
+        namespace_id: project.namespace.to_param,
+        id: project
+      }
+
+      expect(response).to be_successful
+    end
+  end
+
+  describe Projects::Settings::CiCdController, '(JavaScript fixtures)', type: :controller do
+    it 'projects/ci_cd_settings.html' do
+      get :show, params: {
+        namespace_id: project.namespace.to_param,
+        project_id: project
+      }
+
+      expect(response).to be_successful
+    end
+
+    it 'projects/ci_cd_settings_with_variables.html' do
+      create(:ci_variable, project: project_variable_populated)
+      create(:ci_variable, project: project_variable_populated)
+
+      get :show, params: {
+        namespace_id: project_variable_populated.namespace.to_param,
+        project_id: project_variable_populated
+      }
+
+      expect(response).to be_successful
+    end
+  end
+end
diff --git a/spec/frontend/fixtures/prometheus_service.rb b/spec/frontend/fixtures/prometheus_service.rb
new file mode 100644
index 00000000000..93ee81120d7
--- /dev/null
+++ b/spec/frontend/fixtures/prometheus_service.rb
@@ -0,0 +1,34 @@
+require 'spec_helper'
+
+describe Projects::ServicesController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin)     { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project)   { create(:project_empty_repo, namespace: namespace, path: 'services-project') }
+  let!(:service)  { create(:prometheus_service, project: project) }
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('services/prometheus')
+  end
+
+  before do
+    sign_in(admin)
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  it 'services/prometheus/prometheus_service.html' do
+    get :edit, params: {
+      namespace_id: namespace,
+      project_id: project,
+      id: service.to_param
+    }
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/raw.rb b/spec/frontend/fixtures/raw.rb
new file mode 100644
index 00000000000..801c80a0112
--- /dev/null
+++ b/spec/frontend/fixtures/raw.rb
@@ -0,0 +1,39 @@
+require 'spec_helper'
+
+describe 'Raw files', '(JavaScript fixtures)' do
+  include JavaScriptFixturesHelpers
+
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project, :repository, namespace: namespace, path: 'raw-project') }
+  let(:response) { @blob.data.force_encoding('UTF-8') }
+
+  before(:all) do
+    clean_frontend_fixtures('blob/balsamiq/')
+    clean_frontend_fixtures('blob/notebook/')
+    clean_frontend_fixtures('blob/pdf/')
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  it 'blob/balsamiq/test.bmpr' do
+    @blob = project.repository.blob_at('b89b56d79', 'files/images/balsamiq.bmpr')
+  end
+
+  it 'blob/notebook/basic.json' do
+    @blob = project.repository.blob_at('6d85bb69', 'files/ipython/basic.ipynb')
+  end
+
+  it 'blob/notebook/worksheets.json' do
+    @blob = project.repository.blob_at('6d85bb69', 'files/ipython/worksheets.ipynb')
+  end
+
+  it 'blob/notebook/math.json' do
+    @blob = project.repository.blob_at('93ee732', 'files/ipython/math.ipynb')
+  end
+
+  it 'blob/pdf/test.pdf' do
+    @blob = project.repository.blob_at('e774ebd33', 'files/pdf/test.pdf')
+  end
+end
diff --git a/spec/frontend/fixtures/search.rb b/spec/frontend/fixtures/search.rb
new file mode 100644
index 00000000000..c26c6998ae9
--- /dev/null
+++ b/spec/frontend/fixtures/search.rb
@@ -0,0 +1,17 @@
+require 'spec_helper'
+
+describe SearchController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('search/')
+  end
+
+  it 'search/show.html' do
+    get :show
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/services.rb b/spec/frontend/fixtures/services.rb
new file mode 100644
index 00000000000..ee1e088f158
--- /dev/null
+++ b/spec/frontend/fixtures/services.rb
@@ -0,0 +1,34 @@
+require 'spec_helper'
+
+describe Projects::ServicesController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin)     { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project)   { create(:project_empty_repo, namespace: namespace, path: 'services-project') }
+  let!(:service)  { create(:custom_issue_tracker_service, project: project, title: 'Custom Issue Tracker') }
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('services/')
+  end
+
+  before do
+    sign_in(admin)
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  it 'services/edit_service.html' do
+    get :edit, params: {
+      namespace_id: namespace,
+      project_id: project,
+      id: service.to_param
+    }
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/sessions.rb b/spec/frontend/fixtures/sessions.rb
new file mode 100644
index 00000000000..18574ea06b5
--- /dev/null
+++ b/spec/frontend/fixtures/sessions.rb
@@ -0,0 +1,25 @@
+require 'spec_helper'
+
+describe 'Sessions (JavaScript fixtures)' do
+  include JavaScriptFixturesHelpers
+
+  before(:all) do
+    clean_frontend_fixtures('sessions/')
+  end
+
+  describe SessionsController, '(JavaScript fixtures)', type: :controller do
+    include DeviseHelpers
+
+    render_views
+
+    before do
+      set_devise_mapping(context: @request)
+    end
+
+    it 'sessions/new.html' do
+      get :new
+
+      expect(response).to be_successful
+    end
+  end
+end
diff --git a/spec/frontend/fixtures/snippet.rb b/spec/frontend/fixtures/snippet.rb
new file mode 100644
index 00000000000..23bcdb47ac6
--- /dev/null
+++ b/spec/frontend/fixtures/snippet.rb
@@ -0,0 +1,33 @@
+require 'spec_helper'
+
+describe SnippetsController, '(JavaScript fixtures)', type: :controller do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project, :repository, namespace: namespace, path: 'branches-project') }
+  let(:snippet) { create(:personal_snippet, title: 'snippet.md', content: '# snippet', file_name: 'snippet.md', author: admin) }
+
+  render_views
+
+  before(:all) do
+    clean_frontend_fixtures('snippets/')
+  end
+
+  before do
+    sign_in(admin)
+    allow(Discussion).to receive(:build_discussion_id).and_return(['discussionid:ceterumcenseo'])
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  it 'snippets/show.html' do
+    create(:discussion_note_on_snippet, noteable: snippet, project: project, author: admin, note: '- [ ] Task List Item')
+
+    get(:show, params: { id: snippet.to_param })
+
+    expect(response).to be_successful
+  end
+end
diff --git a/spec/frontend/fixtures/static/README.md b/spec/frontend/fixtures/static/README.md
new file mode 100644
index 00000000000..011601d0df8
--- /dev/null
+++ b/spec/frontend/fixtures/static/README.md
@@ -0,0 +1,3 @@
+# Please do not add new files here!
+
+Instead use a Ruby file in the fixtures root directory (`spec/frontend/fixtures/`).
diff --git a/spec/frontend/fixtures/static/ajax_loading_spinner.html b/spec/frontend/fixtures/static/ajax_loading_spinner.html
new file mode 100644
index 00000000000..0e1ebb32b1c
--- /dev/null
+++ b/spec/frontend/fixtures/static/ajax_loading_spinner.html
@@ -0,0 +1,3 @@
+<a class="js-ajax-loading-spinner" data-remote href="http://goesnowhere.nothing/whereami">
+<i class="fa fa-trash-o"></i>
+</a>
diff --git a/spec/frontend/fixtures/static/balsamiq_viewer.html b/spec/frontend/fixtures/static/balsamiq_viewer.html
new file mode 100644
index 00000000000..cdd723d1a84
--- /dev/null
+++ b/spec/frontend/fixtures/static/balsamiq_viewer.html
@@ -0,0 +1 @@
+<div class="file-content balsamiq-viewer" data-endpoint="/test" id="js-balsamiq-viewer"></div>
diff --git a/spec/frontend/fixtures/static/create_item_dropdown.html b/spec/frontend/fixtures/static/create_item_dropdown.html
new file mode 100644
index 00000000000..d2d38370092
--- /dev/null
+++ b/spec/frontend/fixtures/static/create_item_dropdown.html
@@ -0,0 +1,11 @@
+<div class="js-create-item-dropdown-fixture-root">
+<input name="variable[environment]" type="hidden">
+<div class="dropdown "><button class="dropdown-menu-toggle js-dropdown-menu-toggle" type="button" data-toggle="dropdown"><span class="dropdown-toggle-text ">some label</span><i aria-hidden="true" data-hidden="true" class="fa fa-chevron-down"></i></button><div class="dropdown-menu dropdown-select dropdown-menu-selectable"><div class="dropdown-input"><input type="search" id="" class="dropdown-input-field" autocomplete="off" /><i aria-hidden="true" data-hidden="true" class="fa fa-search dropdown-input-search"></i><i aria-hidden="true" data-hidden="true" role="button" class="fa fa-times dropdown-input-clear js-dropdown-input-clear"></i></div><div class="dropdown-content js-dropdown-content"></div><div class="dropdown-footer"><ul class="dropdown-footer-list">
+<li>
+<button class="dropdown-create-new-item-button js-dropdown-create-new-item">
+Create wildcard
+<code></code>
+</button>
+</li>
+</ul>
+</div><div class="dropdown-loading"><i aria-hidden="true" data-hidden="true" class="fa fa-spinner fa-spin"></i></div></div></div></div>
diff --git a/spec/frontend/fixtures/static/environments/table.html b/spec/frontend/fixtures/static/environments/table.html
new file mode 100644
index 00000000000..417af564ff1
--- /dev/null
+++ b/spec/frontend/fixtures/static/environments/table.html
@@ -0,0 +1,15 @@
+<table>
+<thead>
+<tr>
+<th>Environment</th>
+<th>Last deployment</th>
+<th>Job</th>
+<th>Commit</th>
+<th></th>
+<th></th>
+</tr>
+</thead>
+<tbody>
+<tr id="environment-row"></tr>
+</tbody>
+</table>
diff --git a/spec/frontend/fixtures/static/event_filter.html b/spec/frontend/fixtures/static/event_filter.html
new file mode 100644
index 00000000000..8e9b6fb1b5c
--- /dev/null
+++ b/spec/frontend/fixtures/static/event_filter.html
@@ -0,0 +1,44 @@
+<ul class="nav-links event-filter scrolling-tabs nav nav-tabs">
+<li class="active">
+<a class="event-filter-link" href="/dashboard/activity" id="all_event_filter" title="Filter by all">
+<span>
+All
+</span>
+</a>
+</li>
+<li>
+<a class="event-filter-link" href="/dashboard/activity" id="push_event_filter" title="Filter by push events">
+<span>
+Push events
+</span>
+</a>
+</li>
+<li>
+<a class="event-filter-link" href="/dashboard/activity" id="merged_event_filter" title="Filter by merge events">
+<span>
+Merge events
+</span>
+</a>
+</li>
+<li>
+<a class="event-filter-link" href="/dashboard/activity" id="issue_event_filter" title="Filter by issue events">
+<span>
+Issue events
+</span>
+</a>
+</li>
+<li>
+<a class="event-filter-link" href="/dashboard/activity" id="comments_event_filter" title="Filter by comments">
+<span>
+Comments
+</span>
+</a>
+</li>
+<li>
+<a class="event-filter-link" href="/dashboard/activity" id="team_event_filter" title="Filter by team">
+<span>
+Team
+</span>
+</a>
+</li>
+</ul>
diff --git a/spec/frontend/fixtures/static/gl_dropdown.html b/spec/frontend/fixtures/static/gl_dropdown.html
new file mode 100644
index 00000000000..08f6738414e
--- /dev/null
+++ b/spec/frontend/fixtures/static/gl_dropdown.html
@@ -0,0 +1,26 @@
+<div>
+<div class="dropdown inline">
+<button class="dropdown-menu-toggle" data-toggle="dropdown" id="js-project-dropdown" type="button">
+<div class="dropdown-toggle-text">
+Projects
+</div>
+<i class="fa fa-chevron-down dropdown-toggle-caret js-projects-dropdown-toggle"></i>
+</button>
+<div class="dropdown-menu dropdown-select dropdown-menu-selectable">
+<div class="dropdown-title">
+<span>Go to project</span>
+<button aria="{:label=&gt;&quot;Close&quot;}" class="dropdown-title-button dropdown-menu-close">
+<i class="fa fa-times dropdown-menu-close-icon"></i>
+</button>
+</div>
+<div class="dropdown-input">
+<input class="dropdown-input-field" placeholder="Filter results" type="search">
+<i class="fa fa-search dropdown-input-search"></i>
+</div>
+<div class="dropdown-content"></div>
+<div class="dropdown-loading">
+<i class="fa fa-spinner fa-spin"></i>
+</div>
+</div>
+</div>
+</div>
diff --git a/spec/frontend/fixtures/static/gl_field_errors.html b/spec/frontend/fixtures/static/gl_field_errors.html
new file mode 100644
index 00000000000..f8470e02b7c
--- /dev/null
+++ b/spec/frontend/fixtures/static/gl_field_errors.html
@@ -0,0 +1,22 @@
+<form action="submit" class="gl-show-field-errors" method="post">
+<div class="form-group">
+<input class="required-text" required type="text">Text</input>
+</div>
+<div class="form-group">
+<input class="email" required title="Please provide a valid email address." type="email">Email</input>
+</div>
+<div class="form-group">
+<input class="password" required type="password">Password</input>
+</div>
+<div class="form-group">
+<input class="alphanumeric" pattern="[a-zA-Z0-9]" required type="text">Alphanumeric</input>
+</div>
+<div class="form-group">
+<input class="hidden" type="hidden">
+</div>
+<div class="form-group">
+<input class="custom gl-field-error-ignore" type="text">Custom, do not validate</input>
+</div>
+<div class="form-group"></div>
+<input class="submit" type="submit">Submit</input>
+</form>
diff --git a/spec/frontend/fixtures/static/images/green_box.png b/spec/frontend/fixtures/static/images/green_box.png
new file mode 100644
index 00000000000..cd1ff9f9ade
Binary files /dev/null and b/spec/frontend/fixtures/static/images/green_box.png differ
diff --git a/spec/frontend/fixtures/static/images/one_white_pixel.png b/spec/frontend/fixtures/static/images/one_white_pixel.png
new file mode 100644
index 00000000000..073fcf40a18
Binary files /dev/null and b/spec/frontend/fixtures/static/images/one_white_pixel.png differ
diff --git a/spec/frontend/fixtures/static/images/red_box.png b/spec/frontend/fixtures/static/images/red_box.png
new file mode 100644
index 00000000000..73b2927da0f
Binary files /dev/null and b/spec/frontend/fixtures/static/images/red_box.png differ
diff --git a/spec/frontend/fixtures/static/issuable_filter.html b/spec/frontend/fixtures/static/issuable_filter.html
new file mode 100644
index 00000000000..06b70fb43f1
--- /dev/null
+++ b/spec/frontend/fixtures/static/issuable_filter.html
@@ -0,0 +1,9 @@
+<form action="/user/project/issues?scope=all&amp;state=closed" class="js-filter-form">
+<input id="utf8" name="utf8" value="✓">
+<input id="check-all-issues" name="check-all-issues">
+<input id="search" name="search">
+<input id="author_id" name="author_id">
+<input id="assignee_id" name="assignee_id">
+<input id="milestone_title" name="milestone_title">
+<input id="label_name" name="label_name">
+</form>
diff --git a/spec/frontend/fixtures/static/issue_sidebar_label.html b/spec/frontend/fixtures/static/issue_sidebar_label.html
new file mode 100644
index 00000000000..ec8fb30f219
--- /dev/null
+++ b/spec/frontend/fixtures/static/issue_sidebar_label.html
@@ -0,0 +1,26 @@
+<div class="block labels">
+<div class="sidebar-collapsed-icon js-sidebar-labels-tooltip"></div>
+<div class="title hide-collapsed">
+<a class="edit-link float-right" href="#">
+Edit
+</a>
+</div>
+<div class="selectbox hide-collapsed" style="display: none;">
+<div class="dropdown">
+<button class="dropdown-menu-toggle js-label-select js-multiselect" data-ability-name="issue" data-field-name="issue[label_names][]" data-issue-update="/root/test/issues/2.json" data-labels="/root/test/labels.json" data-project-id="12" data-show-any="true" data-show-no="true" data-toggle="dropdown" type="button">
+<span class="dropdown-toggle-text">
+Label
+</span>
+<i class="fa fa-chevron-down"></i>
+</button>
+<div class="dropdown-menu dropdown-select dropdown-menu-paging dropdown-menu-labels dropdown-menu-selectable">
+<div class="dropdown-page-one">
+<div class="dropdown-content"></div>
+<div class="dropdown-loading">
+<i class="fa fa-spinner fa-spin"></i>
+</div>
+</div>
+</div>
+</div>
+</div>
+</div>
diff --git a/spec/frontend/fixtures/static/line_highlighter.html b/spec/frontend/fixtures/static/line_highlighter.html
new file mode 100644
index 00000000000..897a25d6760
--- /dev/null
+++ b/spec/frontend/fixtures/static/line_highlighter.html
@@ -0,0 +1,107 @@
+<div class="file-holder">
+<div class="file-content">
+<div class="line-numbers">
+<a data-line-number="1" href="#L1" id="L1">
+<i class="fa fa-link"></i>
+1
+</a>
+<a data-line-number="2" href="#L2" id="L2">
+<i class="fa fa-link"></i>
+2
+</a>
+<a data-line-number="3" href="#L3" id="L3">
+<i class="fa fa-link"></i>
+3
+</a>
+<a data-line-number="4" href="#L4" id="L4">
+<i class="fa fa-link"></i>
+4
+</a>
+<a data-line-number="5" href="#L5" id="L5">
+<i class="fa fa-link"></i>
+5
+</a>
+<a data-line-number="6" href="#L6" id="L6">
+<i class="fa fa-link"></i>
+6
+</a>
+<a data-line-number="7" href="#L7" id="L7">
+<i class="fa fa-link"></i>
+7
+</a>
+<a data-line-number="8" href="#L8" id="L8">
+<i class="fa fa-link"></i>
+8
+</a>
+<a data-line-number="9" href="#L9" id="L9">
+<i class="fa fa-link"></i>
+9
+</a>
+<a data-line-number="10" href="#L10" id="L10">
+<i class="fa fa-link"></i>
+10
+</a>
+<a data-line-number="11" href="#L11" id="L11">
+<i class="fa fa-link"></i>
+11
+</a>
+<a data-line-number="12" href="#L12" id="L12">
+<i class="fa fa-link"></i>
+12
+</a>
+<a data-line-number="13" href="#L13" id="L13">
+<i class="fa fa-link"></i>
+13
+</a>
+<a data-line-number="14" href="#L14" id="L14">
+<i class="fa fa-link"></i>
+14
+</a>
+<a data-line-number="15" href="#L15" id="L15">
+<i class="fa fa-link"></i>
+15
+</a>
+<a data-line-number="16" href="#L16" id="L16">
+<i class="fa fa-link"></i>
+16
+</a>
+<a data-line-number="17" href="#L17" id="L17">
+<i class="fa fa-link"></i>
+17
+</a>
+<a data-line-number="18" href="#L18" id="L18">
+<i class="fa fa-link"></i>
+18
+</a>
+<a data-line-number="19" href="#L19" id="L19">
+<i class="fa fa-link"></i>
+19
+</a>
+<a data-line-number="20" href="#L20" id="L20">
+<i class="fa fa-link"></i>
+20
+</a>
+<a data-line-number="21" href="#L21" id="L21">
+<i class="fa fa-link"></i>
+21
+</a>
+<a data-line-number="22" href="#L22" id="L22">
+<i class="fa fa-link"></i>
+22
+</a>
+<a data-line-number="23" href="#L23" id="L23">
+<i class="fa fa-link"></i>
+23
+</a>
+<a data-line-number="24" href="#L24" id="L24">
+<i class="fa fa-link"></i>
+24
+</a>
+<a data-line-number="25" href="#L25" id="L25">
+<i class="fa fa-link"></i>
+25
+</a>
+</div>
+<pre class="code highlight"><code><span class="line" id="LC1">Line 1</span><span class="line" id="LC2">Line 2</span><span class="line" id="LC3">Line 3</span><span class="line" id="LC4">Line 4</span><span class="line" id="LC5">Line 5</span><span class="line" id="LC6">Line 6</span><span class="line" id="LC7">Line 7</span><span class="line" id="LC8">Line 8</span><span class="line" id="LC9">Line 9</span><span class="line" id="LC10">Line 10</span><span class="line" id="LC11">Line 11</span><span class="line" id="LC12">Line 12</span><span class="line" id="LC13">Line 13</span><span class="line" id="LC14">Line 14</span><span class="line" id="LC15">Line 15</span><span class="line" id="LC16">Line 16</span><span class="line" id="LC17">Line 17</span><span class="line" id="LC18">Line 18</span><span class="line" id="LC19">Line 19</span><span class="line" id="LC20">Line 20</span><span class="line" id="LC21">Line 21</span><span class="line" id="LC22">Line 22</span><span class="line" id="LC23">Line 23</span><span class="line" id="LC24">Line 24</span><span class="line" id="LC25">Line 25</span></code></pre>
+</div>
+</div>
diff --git a/spec/frontend/fixtures/static/linked_tabs.html b/spec/frontend/fixtures/static/linked_tabs.html
new file mode 100644
index 00000000000..c25463bf1db
--- /dev/null
+++ b/spec/frontend/fixtures/static/linked_tabs.html
@@ -0,0 +1,20 @@
+<ul class="nav nav-tabs new-session-tabs linked-tabs">
+<li class="nav-item">
+<a class="nav-link" data-action="tab1" data-target="div#tab1" data-toggle="tab" href="foo/bar/1">
+Tab 1
+</a>
+</li>
+<li class="nav-item">
+<a class="nav-link" data-action="tab2" data-target="div#tab2" data-toggle="tab" href="foo/bar/1/context">
+Tab 2
+</a>
+</li>
+</ul>
+<div class="tab-content">
+<div class="tab-pane" id="tab1">
+Tab 1 Content
+</div>
+<div class="tab-pane" id="tab2">
+Tab 2 Content
+</div>
+</div>
diff --git a/spec/frontend/fixtures/static/merge_requests_show.html b/spec/frontend/fixtures/static/merge_requests_show.html
new file mode 100644
index 00000000000..87e36c9f315
--- /dev/null
+++ b/spec/frontend/fixtures/static/merge_requests_show.html
@@ -0,0 +1,15 @@
+<a class="btn-close"></a>
+<div class="detail-page-description">
+<div class="description js-task-list-container">
+<div class="md">
+<ul class="task-list">
+<li class="task-list-item">
+<input class="task-list-item-checkbox" type="checkbox">
+Task List Item
+</li>
+</ul>
+<textarea class="js-task-list-field">- [ ] Task List Item</textarea>
+</div>
+</div>
+</div>
+<form action="/foo" class="js-issuable-update"></form>
diff --git a/spec/frontend/fixtures/static/mini_dropdown_graph.html b/spec/frontend/fixtures/static/mini_dropdown_graph.html
new file mode 100644
index 00000000000..cd0b8dec3fc
--- /dev/null
+++ b/spec/frontend/fixtures/static/mini_dropdown_graph.html
@@ -0,0 +1,13 @@
+<div class="js-builds-dropdown-tests dropdown dropdown js-mini-pipeline-graph">
+<button class="js-builds-dropdown-button" data-toggle="dropdown" data-stage-endpoint="foobar">
+Dropdown
+</button>
+<ul class="dropdown-menu mini-pipeline-graph-dropdown-menu js-builds-dropdown-container">
+<li class="js-builds-dropdown-list scrollable-menu">
+<ul></ul>
+</li>
+<li class="js-builds-dropdown-loading hidden">
+<span class="fa fa-spinner"></span>
+</li>
+</ul>
+</div>
diff --git a/spec/frontend/fixtures/static/notebook_viewer.html b/spec/frontend/fixtures/static/notebook_viewer.html
new file mode 100644
index 00000000000..4bbb7bf1094
--- /dev/null
+++ b/spec/frontend/fixtures/static/notebook_viewer.html
@@ -0,0 +1 @@
+<div class="file-content" data-endpoint="/test" id="js-notebook-viewer"></div>
diff --git a/spec/frontend/fixtures/static/oauth_remember_me.html b/spec/frontend/fixtures/static/oauth_remember_me.html
new file mode 100644
index 00000000000..9ba1ffc72fe
--- /dev/null
+++ b/spec/frontend/fixtures/static/oauth_remember_me.html
@@ -0,0 +1,6 @@
+<div id="oauth-container">
+<input id="remember_me" type="checkbox">
+<a class="oauth-login twitter" href="http://example.com/"></a>
+<a class="oauth-login github" href="http://example.com/"></a>
+<a class="oauth-login facebook" href="http://example.com/?redirect_fragment=L1"></a>
+</div>
diff --git a/spec/frontend/fixtures/static/pdf_viewer.html b/spec/frontend/fixtures/static/pdf_viewer.html
new file mode 100644
index 00000000000..350d35a262f
--- /dev/null
+++ b/spec/frontend/fixtures/static/pdf_viewer.html
@@ -0,0 +1 @@
+<div class="file-content" data-endpoint="/test" id="js-pdf-viewer"></div>
diff --git a/spec/frontend/fixtures/static/pipeline_graph.html b/spec/frontend/fixtures/static/pipeline_graph.html
new file mode 100644
index 00000000000..422372bb7d5
--- /dev/null
+++ b/spec/frontend/fixtures/static/pipeline_graph.html
@@ -0,0 +1,24 @@
+<div class="pipeline-visualization js-pipeline-graph">
+<ul class="stage-column-list">
+<li class="stage-column">
+<div class="stage-name">
+<a href="/">
+Test
+<div class="builds-container">
+<ul>
+<li class="build">
+<div class="curve"></div>
+<a>
+<svg></svg>
+<div class="ci-status-text">
+stop_review
+</div>
+</a>
+</li>
+</ul>
+</div>
+</a>
+</div>
+</li>
+</ul>
+</div>
diff --git a/spec/frontend/fixtures/static/pipelines.html b/spec/frontend/fixtures/static/pipelines.html
new file mode 100644
index 00000000000..42333f94f2f
--- /dev/null
+++ b/spec/frontend/fixtures/static/pipelines.html
@@ -0,0 +1,3 @@
+<div>
+<div data-can-create-pipeline="true" data-ci-lint-path="foo" data-empty-state-svg-path="foo" data-endpoint="foo" data-error-state-svg-path="foo" data-has-ci="foo" data-help-auto-devops-path="foo" data-help-page-path="foo" data-new-pipeline-path="foo" data-reset-cache-path="foo" id="pipelines-list-vue"></div>
+</div>
diff --git a/spec/frontend/fixtures/static/project_select_combo_button.html b/spec/frontend/fixtures/static/project_select_combo_button.html
new file mode 100644
index 00000000000..50c826051c0
--- /dev/null
+++ b/spec/frontend/fixtures/static/project_select_combo_button.html
@@ -0,0 +1,9 @@
+<div class="project-item-select-holder">
+<input class="project-item-select" data-group-id="12345" data-relative-path="issues/new">
+<a class="new-project-item-link" data-label="New issue" data-type="issues" href="">
+<i class="fa fa-spinner spin"></i>
+</a>
+<a class="new-project-item-select-button">
+<i class="fa fa-caret-down"></i>
+</a>
+</div>
diff --git a/spec/frontend/fixtures/static/projects.json b/spec/frontend/fixtures/static/projects.json
new file mode 100644
index 00000000000..68a150f602a
--- /dev/null
+++ b/spec/frontend/fixtures/static/projects.json
@@ -0,0 +1,445 @@
+[{
+  "id": 9,
+  "description": "",
+  "default_branch": null,
+  "tag_list": [],
+  "public": true,
+  "archived": false,
+  "visibility_level": 20,
+  "ssh_url_to_repo": "phil@localhost:root/test.git",
+  "http_url_to_repo": "http://localhost:3000/root/test.git",
+  "web_url": "http://localhost:3000/root/test",
+  "owner": {
+    "name": "Administrator",
+    "username": "root",
+    "id": 1,
+    "state": "active",
+    "avatar_url": "https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80\u0026d=identicon",
+    "web_url": "http://localhost:3000/u/root"
+  },
+  "name": "test",
+  "name_with_namespace": "Administrator / test",
+  "path": "test",
+  "path_with_namespace": "root/test",
+  "issues_enabled": true,
+  "merge_requests_enabled": true,
+  "wiki_enabled": true,
+  "builds_enabled": true,
+  "snippets_enabled": false,
+  "created_at": "2016-01-14T19:08:05.364Z",
+  "last_activity_at": "2016-01-14T19:08:07.418Z",
+  "shared_runners_enabled": true,
+  "creator_id": 1,
+  "namespace": {
+    "id": 1,
+    "name": "root",
+    "path": "root",
+    "owner_id": 1,
+    "created_at": "2016-01-13T20:19:44.439Z",
+    "updated_at": "2016-01-13T20:19:44.439Z",
+    "description": "",
+    "avatar": null
+  },
+  "avatar_url": null,
+  "star_count": 0,
+  "forks_count": 0,
+  "only_allow_merge_if_pipeline_succeeds": false,
+  "open_issues_count": 0,
+  "permissions": {
+    "project_access": null,
+    "group_access": null
+  }
+}, {
+  "id": 8,
+  "description": "Voluptatem quae nulla eius numquam ullam voluptatibus quia modi.",
+  "default_branch": "master",
+  "tag_list": [],
+  "public": false,
+  "archived": false,
+  "visibility_level": 0,
+  "ssh_url_to_repo": "phil@localhost:h5bp/html5-boilerplate.git",
+  "http_url_to_repo": "http://localhost:3000/h5bp/html5-boilerplate.git",
+  "web_url": "http://localhost:3000/h5bp/html5-boilerplate",
+  "name": "Html5 Boilerplate",
+  "name_with_namespace": "H5bp / Html5 Boilerplate",
+  "path": "html5-boilerplate",
+  "path_with_namespace": "h5bp/html5-boilerplate",
+  "issues_enabled": true,
+  "merge_requests_enabled": true,
+  "wiki_enabled": true,
+  "builds_enabled": true,
+  "snippets_enabled": false,
+  "created_at": "2016-01-13T20:19:57.525Z",
+  "last_activity_at": "2016-01-13T20:27:57.280Z",
+  "shared_runners_enabled": true,
+  "creator_id": 1,
+  "namespace": {
+    "id": 5,
+    "name": "H5bp",
+    "path": "h5bp",
+    "owner_id": null,
+    "created_at": "2016-01-13T20:19:57.239Z",
+    "updated_at": "2016-01-13T20:19:57.239Z",
+    "description": "Tempore accusantium possimus aut libero.",
+    "avatar": {
+      "url": null
+    }
+  },
+  "avatar_url": null,
+  "star_count": 0,
+  "forks_count": 0,
+  "only_allow_merge_if_pipeline_succeeds": false,
+  "open_issues_count": 5,
+  "permissions": {
+    "project_access": {
+      "access_level": 10,
+      "notification_level": 3
+    },
+    "group_access": {
+      "access_level": 50,
+      "notification_level": 3
+    }
+  }
+}, {
+  "id": 7,
+  "description": "Modi odio mollitia dolorem qui.",
+  "default_branch": "master",
+  "tag_list": [],
+  "public": false,
+  "archived": false,
+  "visibility_level": 0,
+  "ssh_url_to_repo": "phil@localhost:twitter/typeahead-js.git",
+  "http_url_to_repo": "http://localhost:3000/twitter/typeahead-js.git",
+  "web_url": "http://localhost:3000/twitter/typeahead-js",
+  "name": "Typeahead.Js",
+  "name_with_namespace": "Twitter / Typeahead.Js",
+  "path": "typeahead-js",
+  "path_with_namespace": "twitter/typeahead-js",
+  "issues_enabled": true,
+  "merge_requests_enabled": true,
+  "wiki_enabled": true,
+  "builds_enabled": true,
+  "snippets_enabled": false,
+  "created_at": "2016-01-13T20:19:56.212Z",
+  "last_activity_at": "2016-01-13T20:27:51.496Z",
+  "shared_runners_enabled": true,
+  "creator_id": 1,
+  "namespace": {
+    "id": 4,
+    "name": "Twitter",
+    "path": "twitter",
+    "owner_id": null,
+    "created_at": "2016-01-13T20:19:54.480Z",
+    "updated_at": "2016-01-13T20:19:54.480Z",
+    "description": "Id voluptatem ipsa maiores omnis repudiandae et et.",
+    "avatar": {
+      "url": null
+    }
+  },
+  "avatar_url": null,
+  "star_count": 0,
+  "forks_count": 0,
+  "only_allow_merge_if_pipeline_succeeds": true,
+  "open_issues_count": 4,
+  "permissions": {
+    "project_access": null,
+    "group_access": {
+      "access_level": 10,
+      "notification_level": 3
+    }
+  }
+}, {
+  "id": 6,
+  "description": "Omnis asperiores ipsa et beatae quidem necessitatibus quia.",
+  "default_branch": "master",
+  "tag_list": [],
+  "public": true,
+  "archived": false,
+  "visibility_level": 20,
+  "ssh_url_to_repo": "phil@localhost:twitter/flight.git",
+  "http_url_to_repo": "http://localhost:3000/twitter/flight.git",
+  "web_url": "http://localhost:3000/twitter/flight",
+  "name": "Flight",
+  "name_with_namespace": "Twitter / Flight",
+  "path": "flight",
+  "path_with_namespace": "twitter/flight",
+  "issues_enabled": true,
+  "merge_requests_enabled": true,
+  "wiki_enabled": true,
+  "builds_enabled": true,
+  "snippets_enabled": false,
+  "created_at": "2016-01-13T20:19:54.754Z",
+  "last_activity_at": "2016-01-13T20:27:50.502Z",
+  "shared_runners_enabled": true,
+  "creator_id": 1,
+  "namespace": {
+    "id": 4,
+    "name": "Twitter",
+    "path": "twitter",
+    "owner_id": null,
+    "created_at": "2016-01-13T20:19:54.480Z",
+    "updated_at": "2016-01-13T20:19:54.480Z",
+    "description": "Id voluptatem ipsa maiores omnis repudiandae et et.",
+    "avatar": {
+      "url": null
+    }
+  },
+  "avatar_url": null,
+  "star_count": 0,
+  "forks_count": 0,
+  "only_allow_merge_if_pipeline_succeeds": true,
+  "open_issues_count": 4,
+  "permissions": {
+    "project_access": null,
+    "group_access": {
+      "access_level": 10,
+      "notification_level": 3
+    }
+  }
+}, {
+  "id": 5,
+  "description": "Voluptatem commodi voluptate placeat architecto beatae illum dolores fugiat.",
+  "default_branch": "master",
+  "tag_list": [],
+  "public": false,
+  "archived": false,
+  "visibility_level": 0,
+  "ssh_url_to_repo": "phil@localhost:gitlab-org/gitlab-test.git",
+  "http_url_to_repo": "http://localhost:3000/gitlab-org/gitlab-test.git",
+  "web_url": "http://localhost:3000/gitlab-org/gitlab-test",
+  "name": "Gitlab Test",
+  "name_with_namespace": "Gitlab Org / Gitlab Test",
+  "path": "gitlab-test",
+  "path_with_namespace": "gitlab-org/gitlab-test",
+  "issues_enabled": true,
+  "merge_requests_enabled": true,
+  "wiki_enabled": true,
+  "builds_enabled": true,
+  "snippets_enabled": false,
+  "created_at": "2016-01-13T20:19:53.202Z",
+  "last_activity_at": "2016-01-13T20:27:41.626Z",
+  "shared_runners_enabled": true,
+  "creator_id": 1,
+  "namespace": {
+    "id": 3,
+    "name": "Gitlab Org",
+    "path": "gitlab-org",
+    "owner_id": null,
+    "created_at": "2016-01-13T20:19:48.851Z",
+    "updated_at": "2016-01-13T20:19:48.851Z",
+    "description": "Magni mollitia quod quidem soluta nesciunt impedit.",
+    "avatar": {
+      "url": null
+    }
+  },
+  "avatar_url": null,
+  "star_count": 0,
+  "forks_count": 0,
+  "only_allow_merge_if_pipeline_succeeds": false,
+  "open_issues_count": 5,
+  "permissions": {
+    "project_access": null,
+    "group_access": {
+      "access_level": 50,
+      "notification_level": 3
+    }
+  }
+}, {
+  "id": 4,
+  "description": "Aut molestias quas est ut aperiam officia quod libero.",
+  "default_branch": "master",
+  "tag_list": [],
+  "public": true,
+  "archived": false,
+  "visibility_level": 20,
+  "ssh_url_to_repo": "phil@localhost:gitlab-org/gitlab-shell.git",
+  "http_url_to_repo": "http://localhost:3000/gitlab-org/gitlab-shell.git",
+  "web_url": "http://localhost:3000/gitlab-org/gitlab-shell",
+  "name": "Gitlab Shell",
+  "name_with_namespace": "Gitlab Org / Gitlab Shell",
+  "path": "gitlab-shell",
+  "path_with_namespace": "gitlab-org/gitlab-shell",
+  "issues_enabled": true,
+  "merge_requests_enabled": true,
+  "wiki_enabled": true,
+  "builds_enabled": true,
+  "snippets_enabled": false,
+  "created_at": "2016-01-13T20:19:51.882Z",
+  "last_activity_at": "2016-01-13T20:27:35.678Z",
+  "shared_runners_enabled": true,
+  "creator_id": 1,
+  "namespace": {
+    "id": 3,
+    "name": "Gitlab Org",
+    "path": "gitlab-org",
+    "owner_id": null,
+    "created_at": "2016-01-13T20:19:48.851Z",
+    "updated_at": "2016-01-13T20:19:48.851Z",
+    "description": "Magni mollitia quod quidem soluta nesciunt impedit.",
+    "avatar": {
+      "url": null
+    }
+  },
+  "avatar_url": null,
+  "star_count": 0,
+  "forks_count": 0,
+  "only_allow_merge_if_pipeline_succeeds": false,
+  "open_issues_count": 5,
+  "permissions": {
+    "project_access": {
+      "access_level": 20,
+      "notification_level": 3
+    },
+    "group_access": {
+      "access_level": 50,
+      "notification_level": 3
+    }
+  }
+}, {
+  "id": 3,
+  "description": "Excepturi molestiae quia repellendus omnis est illo illum eligendi.",
+  "default_branch": "master",
+  "tag_list": [],
+  "public": true,
+  "archived": false,
+  "visibility_level": 20,
+  "ssh_url_to_repo": "phil@localhost:gitlab-org/gitlab-ci.git",
+  "http_url_to_repo": "http://localhost:3000/gitlab-org/gitlab-ci.git",
+  "web_url": "http://localhost:3000/gitlab-org/gitlab-ci",
+  "name": "Gitlab Ci",
+  "name_with_namespace": "Gitlab Org / Gitlab Ci",
+  "path": "gitlab-ci",
+  "path_with_namespace": "gitlab-org/gitlab-ci",
+  "issues_enabled": true,
+  "merge_requests_enabled": true,
+  "wiki_enabled": true,
+  "builds_enabled": true,
+  "snippets_enabled": false,
+  "created_at": "2016-01-13T20:19:50.346Z",
+  "last_activity_at": "2016-01-13T20:27:30.115Z",
+  "shared_runners_enabled": true,
+  "creator_id": 1,
+  "namespace": {
+    "id": 3,
+    "name": "Gitlab Org",
+    "path": "gitlab-org",
+    "owner_id": null,
+    "created_at": "2016-01-13T20:19:48.851Z",
+    "updated_at": "2016-01-13T20:19:48.851Z",
+    "description": "Magni mollitia quod quidem soluta nesciunt impedit.",
+    "avatar": {
+      "url": null
+    }
+  },
+  "avatar_url": null,
+  "star_count": 0,
+  "forks_count": 0,
+  "only_allow_merge_if_pipeline_succeeds": false,
+  "open_issues_count": 3,
+  "permissions": {
+    "project_access": null,
+    "group_access": {
+      "access_level": 50,
+      "notification_level": 3
+    }
+  }
+}, {
+  "id": 2,
+  "description": "Adipisci quaerat dignissimos enim sed ipsam dolorem quia.",
+  "default_branch": "master",
+  "tag_list": [],
+  "public": false,
+  "archived": false,
+  "visibility_level": 10,
+  "ssh_url_to_repo": "phil@localhost:gitlab-org/gitlab-ce.git",
+  "http_url_to_repo": "http://localhost:3000/gitlab-org/gitlab-ce.git",
+  "web_url": "http://localhost:3000/gitlab-org/gitlab-ce",
+  "name": "Gitlab Ce",
+  "name_with_namespace": "Gitlab Org / Gitlab Ce",
+  "path": "gitlab-ce",
+  "path_with_namespace": "gitlab-org/gitlab-ce",
+  "issues_enabled": true,
+  "merge_requests_enabled": true,
+  "wiki_enabled": true,
+  "builds_enabled": true,
+  "snippets_enabled": false,
+  "created_at": "2016-01-13T20:19:49.065Z",
+  "last_activity_at": "2016-01-13T20:26:58.454Z",
+  "shared_runners_enabled": true,
+  "creator_id": 1,
+  "namespace": {
+    "id": 3,
+    "name": "Gitlab Org",
+    "path": "gitlab-org",
+    "owner_id": null,
+    "created_at": "2016-01-13T20:19:48.851Z",
+    "updated_at": "2016-01-13T20:19:48.851Z",
+    "description": "Magni mollitia quod quidem soluta nesciunt impedit.",
+    "avatar": {
+      "url": null
+    }
+  },
+  "avatar_url": null,
+  "star_count": 0,
+  "forks_count": 0,
+  "only_allow_merge_if_pipeline_succeeds": false,
+  "open_issues_count": 5,
+  "permissions": {
+    "project_access": {
+      "access_level": 30,
+      "notification_level": 3
+    },
+    "group_access": {
+      "access_level": 50,
+      "notification_level": 3
+    }
+  }
+}, {
+  "id": 1,
+  "description": "Vel voluptatem maxime saepe ex quia.",
+  "default_branch": "master",
+  "tag_list": [],
+  "public": false,
+  "archived": false,
+  "visibility_level": 0,
+  "ssh_url_to_repo": "phil@localhost:documentcloud/underscore.git",
+  "http_url_to_repo": "http://localhost:3000/documentcloud/underscore.git",
+  "web_url": "http://localhost:3000/documentcloud/underscore",
+  "name": "Underscore",
+  "name_with_namespace": "Documentcloud / Underscore",
+  "path": "underscore",
+  "path_with_namespace": "documentcloud/underscore",
+  "issues_enabled": true,
+  "merge_requests_enabled": true,
+  "wiki_enabled": true,
+  "builds_enabled": true,
+  "snippets_enabled": false,
+  "created_at": "2016-01-13T20:19:45.862Z",
+  "last_activity_at": "2016-01-13T20:25:03.106Z",
+  "shared_runners_enabled": true,
+  "creator_id": 1,
+  "namespace": {
+    "id": 2,
+    "name": "Documentcloud",
+    "path": "documentcloud",
+    "owner_id": null,
+    "created_at": "2016-01-13T20:19:44.464Z",
+    "updated_at": "2016-01-13T20:19:44.464Z",
+    "description": "Aut impedit perferendis fuga et ipsa repellat cupiditate et.",
+    "avatar": {
+      "url": null
+    }
+  },
+  "avatar_url": null,
+  "star_count": 0,
+  "forks_count": 0,
+  "only_allow_merge_if_pipeline_succeeds": false,
+  "open_issues_count": 5,
+  "permissions": {
+    "project_access": null,
+    "group_access": {
+      "access_level": 50,
+      "notification_level": 3
+    }
+  }
+}]
diff --git a/spec/frontend/fixtures/static/search_autocomplete.html b/spec/frontend/fixtures/static/search_autocomplete.html
new file mode 100644
index 00000000000..29db9020424
--- /dev/null
+++ b/spec/frontend/fixtures/static/search_autocomplete.html
@@ -0,0 +1,15 @@
+<div class="search search-form">
+<form class="form-inline">
+<div class="search-input-container">
+<div class="search-input-wrap">
+<div class="dropdown">
+<input class="search-input dropdown-menu-toggle" id="search">
+<div class="dropdown-menu dropdown-select">
+<div class="dropdown-content"></div>
+</div>
+</div>
+</div>
+</div>
+<input class="js-search-project-options" type="hidden">
+</form>
+</div>
diff --git a/spec/frontend/fixtures/static/signin_tabs.html b/spec/frontend/fixtures/static/signin_tabs.html
new file mode 100644
index 00000000000..7e66ab9394b
--- /dev/null
+++ b/spec/frontend/fixtures/static/signin_tabs.html
@@ -0,0 +1,8 @@
+<ul class="nav-links new-session-tabs">
+<li class="active">
+<a href="#ldap">LDAP</a>
+</li>
+<li>
+<a href="#login-pane">Standard</a>
+</li>
+</ul>
diff --git a/spec/frontend/fixtures/static/sketch_viewer.html b/spec/frontend/fixtures/static/sketch_viewer.html
new file mode 100644
index 00000000000..e25e554e568
--- /dev/null
+++ b/spec/frontend/fixtures/static/sketch_viewer.html
@@ -0,0 +1,3 @@
+<div class="file-content" data-endpoint="/test_sketch_file.sketch" id="js-sketch-viewer">
+<div class="js-loading-icon"></div>
+</div>
diff --git a/spec/frontend/fixtures/todos.rb b/spec/frontend/fixtures/todos.rb
new file mode 100644
index 00000000000..a7c183d2414
--- /dev/null
+++ b/spec/frontend/fixtures/todos.rb
@@ -0,0 +1,54 @@
+require 'spec_helper'
+
+describe 'Todos (JavaScript fixtures)' do
+  include JavaScriptFixturesHelpers
+
+  let(:admin) { create(:admin) }
+  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
+  let(:project) { create(:project_empty_repo, namespace: namespace, path: 'todos-project') }
+  let(:issue_1) { create(:issue, title: 'issue_1', project: project) }
+  let!(:todo_1) { create(:todo, user: admin, project: project, target: issue_1, created_at: 5.hours.ago) }
+  let(:issue_2) { create(:issue, title: 'issue_2', project: project) }
+  let!(:todo_2) { create(:todo, :done, user: admin, project: project, target: issue_2, created_at: 50.hours.ago) }
+
+  before(:all) do
+    clean_frontend_fixtures('todos/')
+  end
+
+  after do
+    remove_repository(project)
+  end
+
+  describe Dashboard::TodosController, '(JavaScript fixtures)', type: :controller do
+    render_views
+
+    before do
+      sign_in(admin)
+    end
+
+    it 'todos/todos.html' do
+      get :index
+
+      expect(response).to be_successful
+    end
+  end
+
+  describe Projects::TodosController, '(JavaScript fixtures)', type: :controller do
+    render_views
+
+    before do
+      sign_in(admin)
+    end
+
+    it 'todos/todos.json' do
+      post :create, params: {
+        namespace_id: namespace,
+        project_id: project,
+        issuable_type: 'issue',
+        issuable_id: issue_2.id
+      }, format: 'json'
+
+      expect(response).to be_successful
+    end
+  end
+end
diff --git a/spec/frontend/fixtures/u2f.rb b/spec/frontend/fixtures/u2f.rb
new file mode 100644
index 00000000000..8ecbc0390cd
--- /dev/null
+++ b/spec/frontend/fixtures/u2f.rb
@@ -0,0 +1,44 @@
+require 'spec_helper'
+
+context 'U2F' do
+  include JavaScriptFixturesHelpers
+
+  let(:user) { create(:user, :two_factor_via_u2f, otp_secret: 'otpsecret:coolkids') }
+
+  before(:all) do
+    clean_frontend_fixtures('u2f/')
+  end
+
+  describe SessionsController, '(JavaScript fixtures)', type: :controller do
+    include DeviseHelpers
+
+    render_views
+
+    before do
+      set_devise_mapping(context: @request)
+    end
+
+    it 'u2f/authenticate.html' do
+      allow(controller).to receive(:find_user).and_return(user)
+
+      post :create, params: { user: { login: user.username, password: user.password } }
+
+      expect(response).to be_successful
+    end
+  end
+
+  describe Profiles::TwoFactorAuthsController, '(JavaScript fixtures)', type: :controller do
+    render_views
+
+    before do
+      sign_in(user)
+      allow_any_instance_of(Profiles::TwoFactorAuthsController).to receive(:build_qr_code).and_return('qrcode:blackandwhitesquares')
+    end
+
+    it 'u2f/register.html' do
+      get :show
+
+      expect(response).to be_successful
+    end
+  end
+end
diff --git a/spec/javascripts/fixtures/.gitignore b/spec/javascripts/fixtures/.gitignore
index bed020f5b0a..d6b7ef32c84 100644
--- a/spec/javascripts/fixtures/.gitignore
+++ b/spec/javascripts/fixtures/.gitignore
@@ -1,5 +1,2 @@
-*.html.raw
-*.html
-*.json
-*.pdf
-*.bmpr
+*
+!.gitignore
diff --git a/spec/javascripts/fixtures/abuse_reports.rb b/spec/javascripts/fixtures/abuse_reports.rb
deleted file mode 100644
index 21356390cae..00000000000
--- a/spec/javascripts/fixtures/abuse_reports.rb
+++ /dev/null
@@ -1,26 +0,0 @@
-require 'spec_helper'
-
-describe Admin::AbuseReportsController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let!(:abuse_report) { create(:abuse_report) }
-  let!(:abuse_report_with_short_message) { create(:abuse_report, message: 'SHORT MESSAGE') }
-  let!(:abuse_report_with_long_message) { create(:abuse_report, message: "LONG MESSAGE\n" * 50) }
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('abuse_reports/')
-  end
-
-  before do
-    sign_in(admin)
-  end
-
-  it 'abuse_reports/abuse_reports_list.html' do
-    get :index
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/admin_users.rb b/spec/javascripts/fixtures/admin_users.rb
deleted file mode 100644
index 0209594dadc..00000000000
--- a/spec/javascripts/fixtures/admin_users.rb
+++ /dev/null
@@ -1,28 +0,0 @@
-require 'spec_helper'
-
-describe Admin::UsersController, '(JavaScript fixtures)', type: :controller do
-  include StubENV
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-
-  before do
-    stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
-    sign_in(admin)
-  end
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('admin/users')
-  end
-
-  it 'admin/users/new_with_internal_user_regex.html' do
-    stub_application_setting(user_default_external: true)
-    stub_application_setting(user_default_internal_regex: '^(?:(?!\.ext@).)*$\r?')
-
-    get :new
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/application_settings.rb b/spec/javascripts/fixtures/application_settings.rb
deleted file mode 100644
index 38a060580c1..00000000000
--- a/spec/javascripts/fixtures/application_settings.rb
+++ /dev/null
@@ -1,33 +0,0 @@
-require 'spec_helper'
-
-describe Admin::ApplicationSettingsController, '(JavaScript fixtures)', type: :controller do
-  include StubENV
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project_empty_repo, namespace: namespace, path: 'application-settings') }
-
-  before do
-    stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
-    sign_in(admin)
-  end
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('application_settings/')
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  it 'application_settings/accounts_and_limit.html' do
-    stub_application_setting(user_default_external: false)
-
-    get :show
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/autocomplete_sources.rb b/spec/javascripts/fixtures/autocomplete_sources.rb
deleted file mode 100644
index 9e04328e2b9..00000000000
--- a/spec/javascripts/fixtures/autocomplete_sources.rb
+++ /dev/null
@@ -1,39 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe Projects::AutocompleteSourcesController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  set(:admin) { create(:admin) }
-  set(:group) { create(:group, name: 'frontend-fixtures') }
-  set(:project) { create(:project, namespace: group, path: 'autocomplete-sources-project') }
-  set(:issue) { create(:issue, project: project) }
-
-  before(:all) do
-    clean_frontend_fixtures('autocomplete_sources/')
-  end
-
-  before do
-    sign_in(admin)
-  end
-
-  it 'autocomplete_sources/labels.json' do
-    issue.labels << create(:label, project: project, title: 'bug')
-    issue.labels << create(:label, project: project, title: 'critical')
-
-    create(:label, project: project, title: 'feature')
-    create(:label, project: project, title: 'documentation')
-
-    get :labels,
-        format: :json,
-        params: {
-            namespace_id: group.path,
-            project_id: project.path,
-            type: issue.class.name,
-            type_id: issue.id
-        }
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/blob.rb b/spec/javascripts/fixtures/blob.rb
deleted file mode 100644
index ce5030efbf8..00000000000
--- a/spec/javascripts/fixtures/blob.rb
+++ /dev/null
@@ -1,34 +0,0 @@
-require 'spec_helper'
-
-describe Projects::BlobController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project, :repository, namespace: namespace, path: 'branches-project') }
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('blob/')
-  end
-
-  before do
-    sign_in(admin)
-    allow(SecureRandom).to receive(:hex).and_return('securerandomhex:thereisnospoon')
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  it 'blob/show.html' do
-    get(:show, params: {
-      namespace_id: project.namespace,
-      project_id: project,
-      id: 'add-ipython-files/files/ipython/basic.ipynb'
-    })
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/boards.rb b/spec/javascripts/fixtures/boards.rb
deleted file mode 100644
index f257d80390f..00000000000
--- a/spec/javascripts/fixtures/boards.rb
+++ /dev/null
@@ -1,28 +0,0 @@
-require 'spec_helper'
-
-describe Projects::BoardsController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project, :repository, namespace: namespace, path: 'boards-project') }
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('boards/')
-  end
-
-  before do
-    sign_in(admin)
-  end
-
-  it 'boards/show.html' do
-    get(:index, params: {
-      namespace_id: project.namespace,
-      project_id: project
-    })
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/branches.rb b/spec/javascripts/fixtures/branches.rb
deleted file mode 100644
index 197fe42c52a..00000000000
--- a/spec/javascripts/fixtures/branches.rb
+++ /dev/null
@@ -1,32 +0,0 @@
-require 'spec_helper'
-
-describe Projects::BranchesController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project, :repository, namespace: namespace, path: 'branches-project') }
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('branches/')
-  end
-
-  before do
-    sign_in(admin)
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  it 'branches/new_branch.html' do
-    get :new, params: {
-      namespace_id: project.namespace.to_param,
-      project_id: project
-    }
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/clusters.rb b/spec/javascripts/fixtures/clusters.rb
deleted file mode 100644
index f15ef010807..00000000000
--- a/spec/javascripts/fixtures/clusters.rb
+++ /dev/null
@@ -1,34 +0,0 @@
-require 'spec_helper'
-
-describe Projects::ClustersController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project, :repository, namespace: namespace) }
-  let(:cluster) { create(:cluster, :provided_by_gcp, projects: [project]) }
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('clusters/')
-  end
-
-  before do
-    sign_in(admin)
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  it 'clusters/show_cluster.html' do
-    get :show, params: {
-      namespace_id: project.namespace.to_param,
-      project_id: project,
-      id: cluster
-    }
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/commit.rb b/spec/javascripts/fixtures/commit.rb
deleted file mode 100644
index a328c455356..00000000000
--- a/spec/javascripts/fixtures/commit.rb
+++ /dev/null
@@ -1,33 +0,0 @@
-require 'spec_helper'
-
-describe Projects::CommitController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  set(:project)  { create(:project, :repository) }
-  set(:user)     { create(:user) }
-  let(:commit)   { project.commit("master") }
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('commit/')
-  end
-
-  before do
-    project.add_maintainer(user)
-    sign_in(user)
-    allow(SecureRandom).to receive(:hex).and_return('securerandomhex:thereisnospoon')
-  end
-
-  it 'commit/show.html' do
-    params = {
-      namespace_id: project.namespace,
-      project_id: project,
-      id: commit.id
-    }
-
-    get :show, params: params
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/deploy_keys.rb b/spec/javascripts/fixtures/deploy_keys.rb
deleted file mode 100644
index fca233c6f59..00000000000
--- a/spec/javascripts/fixtures/deploy_keys.rb
+++ /dev/null
@@ -1,43 +0,0 @@
-require 'spec_helper'
-
-describe Projects::DeployKeysController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project_empty_repo, namespace: namespace, path: 'todos-project') }
-  let(:project2) { create(:project, :internal)}
-  let(:project3) { create(:project, :internal)}
-  let(:project4) { create(:project, :internal)}
-
-  before(:all) do
-    clean_frontend_fixtures('deploy_keys/')
-  end
-
-  before do
-    sign_in(admin)
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  render_views
-
-  it 'deploy_keys/keys.json' do
-    create(:rsa_deploy_key_2048, public: true)
-    project_key = create(:deploy_key, key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCdMHEHyhRjbhEZVddFn6lTWdgEy5Q6Bz4nwGB76xWZI5YT/1WJOMEW+sL5zYd31kk7sd3FJ5L9ft8zWMWrr/iWXQikC2cqZK24H1xy+ZUmrRuJD4qGAaIVoyyzBL+avL+lF8J5lg6YSw8gwJY/lX64/vnJHUlWw2n5BF8IFOWhiw== dummy@gitlab.com')
-    internal_key = create(:deploy_key, key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDNd/UJWhPrpb+b/G5oL109y57yKuCxE+WUGJGYaj7WQKsYRJmLYh1mgjrl+KVyfsWpq4ylOxIfFSnN9xBBFN8mlb0Fma5DC7YsSsibJr3MZ19ZNBprwNcdogET7aW9I0In7Wu5f2KqI6e5W/spJHCy4JVxzVMUvk6Myab0LnJ2iQ== dummy@gitlab.com')
-    create(:deploy_keys_project, project: project, deploy_key: project_key)
-    create(:deploy_keys_project, project: project2, deploy_key: internal_key)
-    create(:deploy_keys_project, project: project3, deploy_key: project_key)
-    create(:deploy_keys_project, project: project4, deploy_key: project_key)
-
-    get :index, params: {
-      namespace_id: project.namespace.to_param,
-      project_id: project
-    }, format: :json
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/groups.rb b/spec/javascripts/fixtures/groups.rb
deleted file mode 100644
index c1bb2d43332..00000000000
--- a/spec/javascripts/fixtures/groups.rb
+++ /dev/null
@@ -1,35 +0,0 @@
-require 'spec_helper'
-
-describe 'Groups (JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let(:group) { create(:group, name: 'frontend-fixtures-group', runners_token: 'runnerstoken:intabulasreferre')}
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('groups/')
-  end
-
-  before do
-    group.add_maintainer(admin)
-    sign_in(admin)
-  end
-
-  describe GroupsController, '(JavaScript fixtures)', type: :controller do
-    it 'groups/edit.html' do
-      get :edit, params: { id: group }
-
-      expect(response).to be_successful
-    end
-  end
-
-  describe Groups::Settings::CiCdController, '(JavaScript fixtures)', type: :controller do
-    it 'groups/ci_cd_settings.html' do
-      get :show, params: { group_id: group }
-
-      expect(response).to be_successful
-    end
-  end
-end
diff --git a/spec/javascripts/fixtures/issues.rb b/spec/javascripts/fixtures/issues.rb
deleted file mode 100644
index b5eb38e0023..00000000000
--- a/spec/javascripts/fixtures/issues.rb
+++ /dev/null
@@ -1,122 +0,0 @@
-require 'spec_helper'
-
-describe Projects::IssuesController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin, feed_token: 'feedtoken:coldfeed') }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project_empty_repo, namespace: namespace, path: 'issues-project') }
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('issues/')
-  end
-
-  before do
-    sign_in(admin)
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  it 'issues/open-issue.html' do
-    render_issue(create(:issue, project: project))
-  end
-
-  it 'issues/closed-issue.html' do
-    render_issue(create(:closed_issue, project: project))
-  end
-
-  it 'issues/issue-with-task-list.html' do
-    issue = create(:issue, project: project, description: '- [ ] Task List Item')
-    render_issue(issue)
-  end
-
-  it 'issues/issue_with_comment.html' do
-    issue = create(:issue, project: project)
-    create(:note, project: project, noteable: issue, note: '- [ ] Task List Item').save
-    render_issue(issue)
-  end
-
-  it 'issues/issue_list.html' do
-    create(:issue, project: project)
-
-    get :index, params: {
-      namespace_id: project.namespace.to_param,
-      project_id: project
-    }
-
-    expect(response).to be_successful
-  end
-
-  private
-
-  def render_issue(issue)
-    get :show, params: {
-      namespace_id: project.namespace.to_param,
-      project_id: project,
-      id: issue.to_param
-    }
-
-    expect(response).to be_successful
-  end
-end
-
-describe API::Issues, '(JavaScript fixtures)', type: :request do
-  include ApiHelpers
-  include JavaScriptFixturesHelpers
-
-  def get_related_merge_requests(project_id, issue_iid, user = nil)
-    get api("/projects/#{project_id}/issues/#{issue_iid}/related_merge_requests", user)
-  end
-
-  def create_referencing_mr(user, project, issue)
-    attributes = {
-      author: user,
-      source_project: project,
-      target_project: project,
-      source_branch: "master",
-      target_branch: "test",
-      assignee: user,
-      description: "See #{issue.to_reference}"
-    }
-    create(:merge_request, attributes).tap do |merge_request|
-      create(:note, :system, project: issue.project, noteable: issue, author: user, note: merge_request.to_reference(full: true))
-    end
-  end
-
-  it 'issues/related_merge_requests.json' do
-    user = create(:user)
-    project = create(:project, :public, creator_id: user.id, namespace: user.namespace)
-    issue_title = 'foo'
-    issue_description = 'closed'
-    milestone = create(:milestone, title: '1.0.0', project: project)
-    issue = create :issue,
-            author: user,
-            assignees: [user],
-            project: project,
-            milestone: milestone,
-            created_at: generate(:past_time),
-            updated_at: 1.hour.ago,
-            title: issue_title,
-            description: issue_description
-
-    project.add_reporter(user)
-    create_referencing_mr(user, project, issue)
-
-    create(:merge_request,
-           :simple,
-           author: user,
-           source_project: project,
-           target_project: project,
-           description: "Some description")
-    project2 = create(:project, :public, creator_id: user.id, namespace: user.namespace)
-    create_referencing_mr(user, project2, issue).update!(head_pipeline: create(:ci_pipeline))
-
-    get_related_merge_requests(project.id, issue.iid, user)
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/jobs.rb b/spec/javascripts/fixtures/jobs.rb
deleted file mode 100644
index a3a7759c85b..00000000000
--- a/spec/javascripts/fixtures/jobs.rb
+++ /dev/null
@@ -1,54 +0,0 @@
-require 'spec_helper'
-
-describe Projects::JobsController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project, :repository, namespace: namespace, path: 'builds-project') }
-  let(:pipeline) { create(:ci_empty_pipeline, project: project, sha: project.commit.id) }
-  let!(:build_with_artifacts) { create(:ci_build, :success, :artifacts, :trace_artifact, pipeline: pipeline, stage: 'test', artifacts_expire_at: Time.now + 18.months) }
-  let!(:failed_build) { create(:ci_build, :failed, pipeline: pipeline, stage: 'build') }
-  let!(:pending_build) { create(:ci_build, :pending, pipeline: pipeline, stage: 'deploy') }
-  let!(:delayed_job) do
-    create(:ci_build, :scheduled,
-           pipeline: pipeline,
-           name: 'delayed job',
-           stage: 'test')
-  end
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('builds/')
-    clean_frontend_fixtures('jobs/')
-  end
-
-  before do
-    sign_in(admin)
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  it 'builds/build-with-artifacts.html' do
-    get :show, params: {
-      namespace_id: project.namespace.to_param,
-      project_id: project,
-      id: build_with_artifacts.to_param
-    }
-
-    expect(response).to be_successful
-  end
-
-  it 'jobs/delayed.json' do
-    get :show, params: {
-      namespace_id: project.namespace.to_param,
-      project_id: project,
-      id: delayed_job.to_param
-    }, format: :json
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/labels.rb b/spec/javascripts/fixtures/labels.rb
deleted file mode 100644
index a312287970f..00000000000
--- a/spec/javascripts/fixtures/labels.rb
+++ /dev/null
@@ -1,58 +0,0 @@
-require 'spec_helper'
-
-describe 'Labels (JavaScript fixtures)' do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let(:group) { create(:group, name: 'frontend-fixtures-group' )}
-  let(:project) { create(:project_empty_repo, namespace: group, path: 'labels-project') }
-
-  let!(:project_label_bug) { create(:label, project: project, title: 'bug', color: '#FF0000') }
-  let!(:project_label_enhancement) { create(:label, project: project, title: 'enhancement', color: '#00FF00') }
-  let!(:project_label_feature) { create(:label, project: project, title: 'feature', color: '#0000FF') }
-
-  let!(:group_label_roses) { create(:group_label, group: group, title: 'roses', color: '#FF0000') }
-  let!(:groub_label_space) { create(:group_label, group: group, title: 'some space', color: '#FFFFFF') }
-  let!(:groub_label_violets) { create(:group_label, group: group, title: 'violets', color: '#0000FF') }
-
-  before(:all) do
-    clean_frontend_fixtures('labels/')
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  describe Groups::LabelsController, '(JavaScript fixtures)', type: :controller do
-    render_views
-
-    before do
-      sign_in(admin)
-    end
-
-    it 'labels/group_labels.json' do
-      get :index, params: {
-        group_id: group
-      }, format: 'json'
-
-      expect(response).to be_successful
-    end
-  end
-
-  describe Projects::LabelsController, '(JavaScript fixtures)', type: :controller do
-    render_views
-
-    before do
-      sign_in(admin)
-    end
-
-    it 'labels/project_labels.json' do
-      get :index, params: {
-        namespace_id: group,
-        project_id: project
-      }, format: 'json'
-
-      expect(response).to be_successful
-    end
-  end
-end
diff --git a/spec/javascripts/fixtures/merge_requests.rb b/spec/javascripts/fixtures/merge_requests.rb
deleted file mode 100644
index 88706e96676..00000000000
--- a/spec/javascripts/fixtures/merge_requests.rb
+++ /dev/null
@@ -1,134 +0,0 @@
-require 'spec_helper'
-
-describe Projects::MergeRequestsController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project, :repository, namespace: namespace, path: 'merge-requests-project') }
-  let(:merge_request) { create(:merge_request, :with_diffs, source_project: project, target_project: project, description: '- [ ] Task List Item') }
-  let(:merged_merge_request) { create(:merge_request, :merged, source_project: project, target_project: project) }
-  let(:pipeline) do
-    create(
-      :ci_pipeline,
-      project: merge_request.source_project,
-      ref: merge_request.source_branch,
-      sha: merge_request.diff_head_sha
-    )
-  end
-  let(:path) { "files/ruby/popen.rb" }
-  let(:position) do
-    Gitlab::Diff::Position.new(
-      old_path: path,
-      new_path: path,
-      old_line: nil,
-      new_line: 14,
-      diff_refs: merge_request.diff_refs
-    )
-  end
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('merge_requests/')
-  end
-
-  before do
-    sign_in(admin)
-    allow(Discussion).to receive(:build_discussion_id).and_return(['discussionid:ceterumcenseo'])
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  it 'merge_requests/merge_request_of_current_user.html' do
-    merge_request.update(author: admin)
-
-    render_merge_request(merge_request)
-  end
-
-  it 'merge_requests/merge_request_with_task_list.html' do
-    create(:ci_build, :pending, pipeline: pipeline)
-
-    render_merge_request(merge_request)
-  end
-
-  it 'merge_requests/merged_merge_request.html' do
-    expect_next_instance_of(MergeRequest) do |merge_request|
-      allow(merge_request).to receive(:source_branch_exists?).and_return(true)
-      allow(merge_request).to receive(:can_remove_source_branch?).and_return(true)
-    end
-    render_merge_request(merged_merge_request)
-  end
-
-  it 'merge_requests/diff_comment.html' do
-    create(:diff_note_on_merge_request, project: project, author: admin, position: position, noteable: merge_request)
-    create(:note_on_merge_request, author: admin, project: project, noteable: merge_request)
-    render_merge_request(merge_request)
-  end
-
-  it 'merge_requests/merge_request_with_comment.html' do
-    create(:note_on_merge_request, author: admin, project: project, noteable: merge_request, note: '- [ ] Task List Item')
-    render_merge_request(merge_request)
-  end
-
-  it 'merge_requests/discussions.json' do
-    create(:diff_note_on_merge_request, project: project, author: admin, position: position, noteable: merge_request)
-    render_discussions_json(merge_request)
-  end
-
-  it 'merge_requests/diff_discussion.json' do
-    create(:diff_note_on_merge_request, project: project, author: admin, position: position, noteable: merge_request)
-    render_discussions_json(merge_request)
-  end
-
-  it 'merge_requests/resolved_diff_discussion.json' do
-    note = create(:discussion_note_on_merge_request, :resolved, project: project, author: admin, position: position, noteable: merge_request)
-    create(:system_note, project: project, author: admin, noteable: merge_request, discussion_id: note.discussion.id)
-
-    render_discussions_json(merge_request)
-  end
-
-  context 'with image diff' do
-    let(:merge_request2) { create(:merge_request_with_diffs, :with_image_diffs, source_project: project, title: "Added images") }
-    let(:image_path) { "files/images/ee_repo_logo.png" }
-    let(:image_position) do
-      Gitlab::Diff::Position.new(
-        old_path: image_path,
-        new_path: image_path,
-        width: 100,
-        height: 100,
-        x: 1,
-        y: 1,
-        position_type: "image",
-        diff_refs: merge_request2.diff_refs
-      )
-    end
-
-    it 'merge_requests/image_diff_discussion.json' do
-      create(:diff_note_on_merge_request, project: project, noteable: merge_request2, position: image_position)
-      render_discussions_json(merge_request2)
-    end
-  end
-
-  private
-
-  def render_discussions_json(merge_request)
-    get :discussions, params: {
-      namespace_id: project.namespace.to_param,
-      project_id: project,
-      id: merge_request.to_param
-    }, format: :json
-  end
-
-  def render_merge_request(merge_request)
-    get :show, params: {
-      namespace_id: project.namespace.to_param,
-      project_id: project,
-      id: merge_request.to_param
-    }, format: :html
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/merge_requests_diffs.rb b/spec/javascripts/fixtures/merge_requests_diffs.rb
deleted file mode 100644
index 61c694e430f..00000000000
--- a/spec/javascripts/fixtures/merge_requests_diffs.rb
+++ /dev/null
@@ -1,70 +0,0 @@
-
-require 'spec_helper'
-
-describe Projects::MergeRequests::DiffsController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project, :repository, namespace: namespace, path: 'merge-requests-project') }
-  let(:merge_request) { create(:merge_request, :with_diffs, source_project: project, target_project: project, description: '- [ ] Task List Item') }
-  let(:path) { "files/ruby/popen.rb" }
-  let(:selected_commit) { merge_request.all_commits[0] }
-  let(:position) do
-    Gitlab::Diff::Position.new(
-      old_path: path,
-      new_path: path,
-      old_line: nil,
-      new_line: 14,
-      diff_refs: merge_request.diff_refs
-    )
-  end
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('merge_request_diffs/')
-  end
-
-  before do
-    sign_in(admin)
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  it 'merge_request_diffs/with_commit.json' do
-    # Create a user that matches the selected commit author
-    # This is so that the "author" information will be populated
-    create(:user, email: selected_commit.author_email, name: selected_commit.author_name)
-
-    render_merge_request(merge_request, commit_id: selected_commit.sha)
-  end
-
-  it 'merge_request_diffs/inline_changes_tab_with_comments.json' do
-    create(:diff_note_on_merge_request, project: project, author: admin, position: position, noteable: merge_request)
-    create(:note_on_merge_request, author: admin, project: project, noteable: merge_request)
-    render_merge_request(merge_request)
-  end
-
-  it 'merge_request_diffs/parallel_changes_tab_with_comments.json' do
-    create(:diff_note_on_merge_request, project: project, author: admin, position: position, noteable: merge_request)
-    create(:note_on_merge_request, author: admin, project: project, noteable: merge_request)
-    render_merge_request(merge_request, view: 'parallel')
-  end
-
-  private
-
-  def render_merge_request(merge_request, view: 'inline', **extra_params)
-    get :show, params: {
-      namespace_id: project.namespace.to_param,
-      project_id: project,
-      id: merge_request.to_param,
-      view: view,
-      **extra_params
-    }, format: :json
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/pipeline_schedules.rb b/spec/javascripts/fixtures/pipeline_schedules.rb
deleted file mode 100644
index a70091a3919..00000000000
--- a/spec/javascripts/fixtures/pipeline_schedules.rb
+++ /dev/null
@@ -1,43 +0,0 @@
-require 'spec_helper'
-
-describe Projects::PipelineSchedulesController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project, :public, :repository) }
-  let!(:pipeline_schedule) { create(:ci_pipeline_schedule, project: project, owner: admin) }
-  let!(:pipeline_schedule_populated) { create(:ci_pipeline_schedule, project: project, owner: admin) }
-  let!(:pipeline_schedule_variable1) { create(:ci_pipeline_schedule_variable, key: 'foo', value: 'foovalue', pipeline_schedule: pipeline_schedule_populated) }
-  let!(:pipeline_schedule_variable2) { create(:ci_pipeline_schedule_variable, key: 'bar', value: 'barvalue', pipeline_schedule: pipeline_schedule_populated) }
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('pipeline_schedules/')
-  end
-
-  before do
-    sign_in(admin)
-  end
-
-  it 'pipeline_schedules/edit.html' do
-    get :edit, params: {
-      namespace_id: project.namespace.to_param,
-      project_id: project,
-      id: pipeline_schedule.id
-    }
-
-    expect(response).to be_successful
-  end
-
-  it 'pipeline_schedules/edit_with_variables.html' do
-    get :edit, params: {
-      namespace_id: project.namespace.to_param,
-      project_id: project,
-      id: pipeline_schedule_populated.id
-    }
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/pipelines.rb b/spec/javascripts/fixtures/pipelines.rb
deleted file mode 100644
index ed57eb0aa80..00000000000
--- a/spec/javascripts/fixtures/pipelines.rb
+++ /dev/null
@@ -1,34 +0,0 @@
-require 'spec_helper'
-
-describe Projects::PipelinesController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project, :repository, namespace: namespace, path: 'pipelines-project') }
-  let(:commit) { create(:commit, project: project) }
-  let(:commit_without_author) { RepoHelpers.another_sample_commit }
-  let!(:user) { create(:user, developer_projects: [project], email: commit.author_email) }
-  let!(:pipeline) { create(:ci_pipeline, project: project, sha: commit.id, user: user) }
-  let!(:pipeline_without_author) { create(:ci_pipeline, project: project, sha: commit_without_author.id) }
-  let!(:pipeline_without_commit) { create(:ci_pipeline, project: project, sha: '0000') }
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('pipelines/')
-  end
-
-  before do
-    sign_in(admin)
-  end
-
-  it 'pipelines/pipelines.json' do
-    get :index, params: {
-      namespace_id: namespace,
-      project_id: project
-    }, format: :json
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/projects.rb b/spec/javascripts/fixtures/projects.rb
deleted file mode 100644
index b6c29003e57..00000000000
--- a/spec/javascripts/fixtures/projects.rb
+++ /dev/null
@@ -1,83 +0,0 @@
-require 'spec_helper'
-
-describe 'Projects (JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  runners_token = 'runnerstoken:intabulasreferre'
-
-  let(:admin) { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project, namespace: namespace, path: 'builds-project', runners_token: runners_token) }
-  let(:project_with_repo) { create(:project, :repository, description: 'Code and stuff') }
-  let(:project_variable_populated) { create(:project, namespace: namespace, path: 'builds-project2', runners_token: runners_token) }
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('projects/')
-  end
-
-  before do
-    stub_licensed_features(variable_environment_scope: true)
-
-    project.add_maintainer(admin)
-    sign_in(admin)
-    allow(SecureRandom).to receive(:hex).and_return('securerandomhex:thereisnospoon')
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  describe ProjectsController, '(JavaScript fixtures)', type: :controller do
-    it 'projects/dashboard.html' do
-      get :show, params: {
-        namespace_id: project.namespace.to_param,
-        id: project
-      }
-
-      expect(response).to be_successful
-    end
-
-    it 'projects/overview.html' do
-      get :show, params: {
-        namespace_id: project_with_repo.namespace.to_param,
-        id: project_with_repo
-      }
-
-      expect(response).to be_successful
-    end
-
-    it 'projects/edit.html' do
-      get :edit, params: {
-        namespace_id: project.namespace.to_param,
-        id: project
-      }
-
-      expect(response).to be_successful
-    end
-  end
-
-  describe Projects::Settings::CiCdController, '(JavaScript fixtures)', type: :controller do
-    it 'projects/ci_cd_settings.html' do
-      get :show, params: {
-        namespace_id: project.namespace.to_param,
-        project_id: project
-      }
-
-      expect(response).to be_successful
-    end
-
-    it 'projects/ci_cd_settings_with_variables.html' do
-      create(:ci_variable, project: project_variable_populated)
-      create(:ci_variable, project: project_variable_populated)
-
-      get :show, params: {
-        namespace_id: project_variable_populated.namespace.to_param,
-        project_id: project_variable_populated
-      }
-
-      expect(response).to be_successful
-    end
-  end
-end
diff --git a/spec/javascripts/fixtures/prometheus_service.rb b/spec/javascripts/fixtures/prometheus_service.rb
deleted file mode 100644
index 93ee81120d7..00000000000
--- a/spec/javascripts/fixtures/prometheus_service.rb
+++ /dev/null
@@ -1,34 +0,0 @@
-require 'spec_helper'
-
-describe Projects::ServicesController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin)     { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project)   { create(:project_empty_repo, namespace: namespace, path: 'services-project') }
-  let!(:service)  { create(:prometheus_service, project: project) }
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('services/prometheus')
-  end
-
-  before do
-    sign_in(admin)
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  it 'services/prometheus/prometheus_service.html' do
-    get :edit, params: {
-      namespace_id: namespace,
-      project_id: project,
-      id: service.to_param
-    }
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/raw.rb b/spec/javascripts/fixtures/raw.rb
deleted file mode 100644
index 801c80a0112..00000000000
--- a/spec/javascripts/fixtures/raw.rb
+++ /dev/null
@@ -1,39 +0,0 @@
-require 'spec_helper'
-
-describe 'Raw files', '(JavaScript fixtures)' do
-  include JavaScriptFixturesHelpers
-
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project, :repository, namespace: namespace, path: 'raw-project') }
-  let(:response) { @blob.data.force_encoding('UTF-8') }
-
-  before(:all) do
-    clean_frontend_fixtures('blob/balsamiq/')
-    clean_frontend_fixtures('blob/notebook/')
-    clean_frontend_fixtures('blob/pdf/')
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  it 'blob/balsamiq/test.bmpr' do
-    @blob = project.repository.blob_at('b89b56d79', 'files/images/balsamiq.bmpr')
-  end
-
-  it 'blob/notebook/basic.json' do
-    @blob = project.repository.blob_at('6d85bb69', 'files/ipython/basic.ipynb')
-  end
-
-  it 'blob/notebook/worksheets.json' do
-    @blob = project.repository.blob_at('6d85bb69', 'files/ipython/worksheets.ipynb')
-  end
-
-  it 'blob/notebook/math.json' do
-    @blob = project.repository.blob_at('93ee732', 'files/ipython/math.ipynb')
-  end
-
-  it 'blob/pdf/test.pdf' do
-    @blob = project.repository.blob_at('e774ebd33', 'files/pdf/test.pdf')
-  end
-end
diff --git a/spec/javascripts/fixtures/search.rb b/spec/javascripts/fixtures/search.rb
deleted file mode 100644
index c26c6998ae9..00000000000
--- a/spec/javascripts/fixtures/search.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-require 'spec_helper'
-
-describe SearchController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('search/')
-  end
-
-  it 'search/show.html' do
-    get :show
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/services.rb b/spec/javascripts/fixtures/services.rb
deleted file mode 100644
index ee1e088f158..00000000000
--- a/spec/javascripts/fixtures/services.rb
+++ /dev/null
@@ -1,34 +0,0 @@
-require 'spec_helper'
-
-describe Projects::ServicesController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin)     { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project)   { create(:project_empty_repo, namespace: namespace, path: 'services-project') }
-  let!(:service)  { create(:custom_issue_tracker_service, project: project, title: 'Custom Issue Tracker') }
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('services/')
-  end
-
-  before do
-    sign_in(admin)
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  it 'services/edit_service.html' do
-    get :edit, params: {
-      namespace_id: namespace,
-      project_id: project,
-      id: service.to_param
-    }
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/sessions.rb b/spec/javascripts/fixtures/sessions.rb
deleted file mode 100644
index 18574ea06b5..00000000000
--- a/spec/javascripts/fixtures/sessions.rb
+++ /dev/null
@@ -1,25 +0,0 @@
-require 'spec_helper'
-
-describe 'Sessions (JavaScript fixtures)' do
-  include JavaScriptFixturesHelpers
-
-  before(:all) do
-    clean_frontend_fixtures('sessions/')
-  end
-
-  describe SessionsController, '(JavaScript fixtures)', type: :controller do
-    include DeviseHelpers
-
-    render_views
-
-    before do
-      set_devise_mapping(context: @request)
-    end
-
-    it 'sessions/new.html' do
-      get :new
-
-      expect(response).to be_successful
-    end
-  end
-end
diff --git a/spec/javascripts/fixtures/snippet.rb b/spec/javascripts/fixtures/snippet.rb
deleted file mode 100644
index 23bcdb47ac6..00000000000
--- a/spec/javascripts/fixtures/snippet.rb
+++ /dev/null
@@ -1,33 +0,0 @@
-require 'spec_helper'
-
-describe SnippetsController, '(JavaScript fixtures)', type: :controller do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project, :repository, namespace: namespace, path: 'branches-project') }
-  let(:snippet) { create(:personal_snippet, title: 'snippet.md', content: '# snippet', file_name: 'snippet.md', author: admin) }
-
-  render_views
-
-  before(:all) do
-    clean_frontend_fixtures('snippets/')
-  end
-
-  before do
-    sign_in(admin)
-    allow(Discussion).to receive(:build_discussion_id).and_return(['discussionid:ceterumcenseo'])
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  it 'snippets/show.html' do
-    create(:discussion_note_on_snippet, noteable: snippet, project: project, author: admin, note: '- [ ] Task List Item')
-
-    get(:show, params: { id: snippet.to_param })
-
-    expect(response).to be_successful
-  end
-end
diff --git a/spec/javascripts/fixtures/static/README.md b/spec/javascripts/fixtures/static/README.md
deleted file mode 100644
index b5c2f8233bf..00000000000
--- a/spec/javascripts/fixtures/static/README.md
+++ /dev/null
@@ -1,3 +0,0 @@
-# Please do not add new files here!
-
-Instead use a Ruby file in the fixtures root directory (`spec/javascripts/fixtures/`).
diff --git a/spec/javascripts/fixtures/static/ajax_loading_spinner.html b/spec/javascripts/fixtures/static/ajax_loading_spinner.html
deleted file mode 100644
index 0e1ebb32b1c..00000000000
--- a/spec/javascripts/fixtures/static/ajax_loading_spinner.html
+++ /dev/null
@@ -1,3 +0,0 @@
-<a class="js-ajax-loading-spinner" data-remote href="http://goesnowhere.nothing/whereami">
-<i class="fa fa-trash-o"></i>
-</a>
diff --git a/spec/javascripts/fixtures/static/balsamiq_viewer.html b/spec/javascripts/fixtures/static/balsamiq_viewer.html
deleted file mode 100644
index cdd723d1a84..00000000000
--- a/spec/javascripts/fixtures/static/balsamiq_viewer.html
+++ /dev/null
@@ -1 +0,0 @@
-<div class="file-content balsamiq-viewer" data-endpoint="/test" id="js-balsamiq-viewer"></div>
diff --git a/spec/javascripts/fixtures/static/create_item_dropdown.html b/spec/javascripts/fixtures/static/create_item_dropdown.html
deleted file mode 100644
index d2d38370092..00000000000
--- a/spec/javascripts/fixtures/static/create_item_dropdown.html
+++ /dev/null
@@ -1,11 +0,0 @@
-<div class="js-create-item-dropdown-fixture-root">
-<input name="variable[environment]" type="hidden">
-<div class="dropdown "><button class="dropdown-menu-toggle js-dropdown-menu-toggle" type="button" data-toggle="dropdown"><span class="dropdown-toggle-text ">some label</span><i aria-hidden="true" data-hidden="true" class="fa fa-chevron-down"></i></button><div class="dropdown-menu dropdown-select dropdown-menu-selectable"><div class="dropdown-input"><input type="search" id="" class="dropdown-input-field" autocomplete="off" /><i aria-hidden="true" data-hidden="true" class="fa fa-search dropdown-input-search"></i><i aria-hidden="true" data-hidden="true" role="button" class="fa fa-times dropdown-input-clear js-dropdown-input-clear"></i></div><div class="dropdown-content js-dropdown-content"></div><div class="dropdown-footer"><ul class="dropdown-footer-list">
-<li>
-<button class="dropdown-create-new-item-button js-dropdown-create-new-item">
-Create wildcard
-<code></code>
-</button>
-</li>
-</ul>
-</div><div class="dropdown-loading"><i aria-hidden="true" data-hidden="true" class="fa fa-spinner fa-spin"></i></div></div></div></div>
diff --git a/spec/javascripts/fixtures/static/environments/table.html b/spec/javascripts/fixtures/static/environments/table.html
deleted file mode 100644
index 417af564ff1..00000000000
--- a/spec/javascripts/fixtures/static/environments/table.html
+++ /dev/null
@@ -1,15 +0,0 @@
-<table>
-<thead>
-<tr>
-<th>Environment</th>
-<th>Last deployment</th>
-<th>Job</th>
-<th>Commit</th>
-<th></th>
-<th></th>
-</tr>
-</thead>
-<tbody>
-<tr id="environment-row"></tr>
-</tbody>
-</table>
diff --git a/spec/javascripts/fixtures/static/event_filter.html b/spec/javascripts/fixtures/static/event_filter.html
deleted file mode 100644
index 8e9b6fb1b5c..00000000000
--- a/spec/javascripts/fixtures/static/event_filter.html
+++ /dev/null
@@ -1,44 +0,0 @@
-<ul class="nav-links event-filter scrolling-tabs nav nav-tabs">
-<li class="active">
-<a class="event-filter-link" href="/dashboard/activity" id="all_event_filter" title="Filter by all">
-<span>
-All
-</span>
-</a>
-</li>
-<li>
-<a class="event-filter-link" href="/dashboard/activity" id="push_event_filter" title="Filter by push events">
-<span>
-Push events
-</span>
-</a>
-</li>
-<li>
-<a class="event-filter-link" href="/dashboard/activity" id="merged_event_filter" title="Filter by merge events">
-<span>
-Merge events
-</span>
-</a>
-</li>
-<li>
-<a class="event-filter-link" href="/dashboard/activity" id="issue_event_filter" title="Filter by issue events">
-<span>
-Issue events
-</span>
-</a>
-</li>
-<li>
-<a class="event-filter-link" href="/dashboard/activity" id="comments_event_filter" title="Filter by comments">
-<span>
-Comments
-</span>
-</a>
-</li>
-<li>
-<a class="event-filter-link" href="/dashboard/activity" id="team_event_filter" title="Filter by team">
-<span>
-Team
-</span>
-</a>
-</li>
-</ul>
diff --git a/spec/javascripts/fixtures/static/gl_dropdown.html b/spec/javascripts/fixtures/static/gl_dropdown.html
deleted file mode 100644
index 08f6738414e..00000000000
--- a/spec/javascripts/fixtures/static/gl_dropdown.html
+++ /dev/null
@@ -1,26 +0,0 @@
-<div>
-<div class="dropdown inline">
-<button class="dropdown-menu-toggle" data-toggle="dropdown" id="js-project-dropdown" type="button">
-<div class="dropdown-toggle-text">
-Projects
-</div>
-<i class="fa fa-chevron-down dropdown-toggle-caret js-projects-dropdown-toggle"></i>
-</button>
-<div class="dropdown-menu dropdown-select dropdown-menu-selectable">
-<div class="dropdown-title">
-<span>Go to project</span>
-<button aria="{:label=&gt;&quot;Close&quot;}" class="dropdown-title-button dropdown-menu-close">
-<i class="fa fa-times dropdown-menu-close-icon"></i>
-</button>
-</div>
-<div class="dropdown-input">
-<input class="dropdown-input-field" placeholder="Filter results" type="search">
-<i class="fa fa-search dropdown-input-search"></i>
-</div>
-<div class="dropdown-content"></div>
-<div class="dropdown-loading">
-<i class="fa fa-spinner fa-spin"></i>
-</div>
-</div>
-</div>
-</div>
diff --git a/spec/javascripts/fixtures/static/gl_field_errors.html b/spec/javascripts/fixtures/static/gl_field_errors.html
deleted file mode 100644
index f8470e02b7c..00000000000
--- a/spec/javascripts/fixtures/static/gl_field_errors.html
+++ /dev/null
@@ -1,22 +0,0 @@
-<form action="submit" class="gl-show-field-errors" method="post">
-<div class="form-group">
-<input class="required-text" required type="text">Text</input>
-</div>
-<div class="form-group">
-<input class="email" required title="Please provide a valid email address." type="email">Email</input>
-</div>
-<div class="form-group">
-<input class="password" required type="password">Password</input>
-</div>
-<div class="form-group">
-<input class="alphanumeric" pattern="[a-zA-Z0-9]" required type="text">Alphanumeric</input>
-</div>
-<div class="form-group">
-<input class="hidden" type="hidden">
-</div>
-<div class="form-group">
-<input class="custom gl-field-error-ignore" type="text">Custom, do not validate</input>
-</div>
-<div class="form-group"></div>
-<input class="submit" type="submit">Submit</input>
-</form>
diff --git a/spec/javascripts/fixtures/static/images/green_box.png b/spec/javascripts/fixtures/static/images/green_box.png
deleted file mode 100644
index cd1ff9f9ade..00000000000
Binary files a/spec/javascripts/fixtures/static/images/green_box.png and /dev/null differ
diff --git a/spec/javascripts/fixtures/static/images/one_white_pixel.png b/spec/javascripts/fixtures/static/images/one_white_pixel.png
deleted file mode 100644
index 073fcf40a18..00000000000
Binary files a/spec/javascripts/fixtures/static/images/one_white_pixel.png and /dev/null differ
diff --git a/spec/javascripts/fixtures/static/images/red_box.png b/spec/javascripts/fixtures/static/images/red_box.png
deleted file mode 100644
index 73b2927da0f..00000000000
Binary files a/spec/javascripts/fixtures/static/images/red_box.png and /dev/null differ
diff --git a/spec/javascripts/fixtures/static/issuable_filter.html b/spec/javascripts/fixtures/static/issuable_filter.html
deleted file mode 100644
index 06b70fb43f1..00000000000
--- a/spec/javascripts/fixtures/static/issuable_filter.html
+++ /dev/null
@@ -1,9 +0,0 @@
-<form action="/user/project/issues?scope=all&amp;state=closed" class="js-filter-form">
-<input id="utf8" name="utf8" value="✓">
-<input id="check-all-issues" name="check-all-issues">
-<input id="search" name="search">
-<input id="author_id" name="author_id">
-<input id="assignee_id" name="assignee_id">
-<input id="milestone_title" name="milestone_title">
-<input id="label_name" name="label_name">
-</form>
diff --git a/spec/javascripts/fixtures/static/issue_sidebar_label.html b/spec/javascripts/fixtures/static/issue_sidebar_label.html
deleted file mode 100644
index ec8fb30f219..00000000000
--- a/spec/javascripts/fixtures/static/issue_sidebar_label.html
+++ /dev/null
@@ -1,26 +0,0 @@
-<div class="block labels">
-<div class="sidebar-collapsed-icon js-sidebar-labels-tooltip"></div>
-<div class="title hide-collapsed">
-<a class="edit-link float-right" href="#">
-Edit
-</a>
-</div>
-<div class="selectbox hide-collapsed" style="display: none;">
-<div class="dropdown">
-<button class="dropdown-menu-toggle js-label-select js-multiselect" data-ability-name="issue" data-field-name="issue[label_names][]" data-issue-update="/root/test/issues/2.json" data-labels="/root/test/labels.json" data-project-id="12" data-show-any="true" data-show-no="true" data-toggle="dropdown" type="button">
-<span class="dropdown-toggle-text">
-Label
-</span>
-<i class="fa fa-chevron-down"></i>
-</button>
-<div class="dropdown-menu dropdown-select dropdown-menu-paging dropdown-menu-labels dropdown-menu-selectable">
-<div class="dropdown-page-one">
-<div class="dropdown-content"></div>
-<div class="dropdown-loading">
-<i class="fa fa-spinner fa-spin"></i>
-</div>
-</div>
-</div>
-</div>
-</div>
-</div>
diff --git a/spec/javascripts/fixtures/static/line_highlighter.html b/spec/javascripts/fixtures/static/line_highlighter.html
deleted file mode 100644
index 897a25d6760..00000000000
--- a/spec/javascripts/fixtures/static/line_highlighter.html
+++ /dev/null
@@ -1,107 +0,0 @@
-<div class="file-holder">
-<div class="file-content">
-<div class="line-numbers">
-<a data-line-number="1" href="#L1" id="L1">
-<i class="fa fa-link"></i>
-1
-</a>
-<a data-line-number="2" href="#L2" id="L2">
-<i class="fa fa-link"></i>
-2
-</a>
-<a data-line-number="3" href="#L3" id="L3">
-<i class="fa fa-link"></i>
-3
-</a>
-<a data-line-number="4" href="#L4" id="L4">
-<i class="fa fa-link"></i>
-4
-</a>
-<a data-line-number="5" href="#L5" id="L5">
-<i class="fa fa-link"></i>
-5
-</a>
-<a data-line-number="6" href="#L6" id="L6">
-<i class="fa fa-link"></i>
-6
-</a>
-<a data-line-number="7" href="#L7" id="L7">
-<i class="fa fa-link"></i>
-7
-</a>
-<a data-line-number="8" href="#L8" id="L8">
-<i class="fa fa-link"></i>
-8
-</a>
-<a data-line-number="9" href="#L9" id="L9">
-<i class="fa fa-link"></i>
-9
-</a>
-<a data-line-number="10" href="#L10" id="L10">
-<i class="fa fa-link"></i>
-10
-</a>
-<a data-line-number="11" href="#L11" id="L11">
-<i class="fa fa-link"></i>
-11
-</a>
-<a data-line-number="12" href="#L12" id="L12">
-<i class="fa fa-link"></i>
-12
-</a>
-<a data-line-number="13" href="#L13" id="L13">
-<i class="fa fa-link"></i>
-13
-</a>
-<a data-line-number="14" href="#L14" id="L14">
-<i class="fa fa-link"></i>
-14
-</a>
-<a data-line-number="15" href="#L15" id="L15">
-<i class="fa fa-link"></i>
-15
-</a>
-<a data-line-number="16" href="#L16" id="L16">
-<i class="fa fa-link"></i>
-16
-</a>
-<a data-line-number="17" href="#L17" id="L17">
-<i class="fa fa-link"></i>
-17
-</a>
-<a data-line-number="18" href="#L18" id="L18">
-<i class="fa fa-link"></i>
-18
-</a>
-<a data-line-number="19" href="#L19" id="L19">
-<i class="fa fa-link"></i>
-19
-</a>
-<a data-line-number="20" href="#L20" id="L20">
-<i class="fa fa-link"></i>
-20
-</a>
-<a data-line-number="21" href="#L21" id="L21">
-<i class="fa fa-link"></i>
-21
-</a>
-<a data-line-number="22" href="#L22" id="L22">
-<i class="fa fa-link"></i>
-22
-</a>
-<a data-line-number="23" href="#L23" id="L23">
-<i class="fa fa-link"></i>
-23
-</a>
-<a data-line-number="24" href="#L24" id="L24">
-<i class="fa fa-link"></i>
-24
-</a>
-<a data-line-number="25" href="#L25" id="L25">
-<i class="fa fa-link"></i>
-25
-</a>
-</div>
-<pre class="code highlight"><code><span class="line" id="LC1">Line 1</span><span class="line" id="LC2">Line 2</span><span class="line" id="LC3">Line 3</span><span class="line" id="LC4">Line 4</span><span class="line" id="LC5">Line 5</span><span class="line" id="LC6">Line 6</span><span class="line" id="LC7">Line 7</span><span class="line" id="LC8">Line 8</span><span class="line" id="LC9">Line 9</span><span class="line" id="LC10">Line 10</span><span class="line" id="LC11">Line 11</span><span class="line" id="LC12">Line 12</span><span class="line" id="LC13">Line 13</span><span class="line" id="LC14">Line 14</span><span class="line" id="LC15">Line 15</span><span class="line" id="LC16">Line 16</span><span class="line" id="LC17">Line 17</span><span class="line" id="LC18">Line 18</span><span class="line" id="LC19">Line 19</span><span class="line" id="LC20">Line 20</span><span class="line" id="LC21">Line 21</span><span class="line" id="LC22">Line 22</span><span class="line" id="LC23">Line 23</span><span class="line" id="LC24">Line 24</span><span class="line" id="LC25">Line 25</span></code></pre>
-</div>
-</div>
diff --git a/spec/javascripts/fixtures/static/linked_tabs.html b/spec/javascripts/fixtures/static/linked_tabs.html
deleted file mode 100644
index c25463bf1db..00000000000
--- a/spec/javascripts/fixtures/static/linked_tabs.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<ul class="nav nav-tabs new-session-tabs linked-tabs">
-<li class="nav-item">
-<a class="nav-link" data-action="tab1" data-target="div#tab1" data-toggle="tab" href="foo/bar/1">
-Tab 1
-</a>
-</li>
-<li class="nav-item">
-<a class="nav-link" data-action="tab2" data-target="div#tab2" data-toggle="tab" href="foo/bar/1/context">
-Tab 2
-</a>
-</li>
-</ul>
-<div class="tab-content">
-<div class="tab-pane" id="tab1">
-Tab 1 Content
-</div>
-<div class="tab-pane" id="tab2">
-Tab 2 Content
-</div>
-</div>
diff --git a/spec/javascripts/fixtures/static/merge_requests_show.html b/spec/javascripts/fixtures/static/merge_requests_show.html
deleted file mode 100644
index 87e36c9f315..00000000000
--- a/spec/javascripts/fixtures/static/merge_requests_show.html
+++ /dev/null
@@ -1,15 +0,0 @@
-<a class="btn-close"></a>
-<div class="detail-page-description">
-<div class="description js-task-list-container">
-<div class="md">
-<ul class="task-list">
-<li class="task-list-item">
-<input class="task-list-item-checkbox" type="checkbox">
-Task List Item
-</li>
-</ul>
-<textarea class="js-task-list-field">- [ ] Task List Item</textarea>
-</div>
-</div>
-</div>
-<form action="/foo" class="js-issuable-update"></form>
diff --git a/spec/javascripts/fixtures/static/mini_dropdown_graph.html b/spec/javascripts/fixtures/static/mini_dropdown_graph.html
deleted file mode 100644
index cd0b8dec3fc..00000000000
--- a/spec/javascripts/fixtures/static/mini_dropdown_graph.html
+++ /dev/null
@@ -1,13 +0,0 @@
-<div class="js-builds-dropdown-tests dropdown dropdown js-mini-pipeline-graph">
-<button class="js-builds-dropdown-button" data-toggle="dropdown" data-stage-endpoint="foobar">
-Dropdown
-</button>
-<ul class="dropdown-menu mini-pipeline-graph-dropdown-menu js-builds-dropdown-container">
-<li class="js-builds-dropdown-list scrollable-menu">
-<ul></ul>
-</li>
-<li class="js-builds-dropdown-loading hidden">
-<span class="fa fa-spinner"></span>
-</li>
-</ul>
-</div>
diff --git a/spec/javascripts/fixtures/static/notebook_viewer.html b/spec/javascripts/fixtures/static/notebook_viewer.html
deleted file mode 100644
index 4bbb7bf1094..00000000000
--- a/spec/javascripts/fixtures/static/notebook_viewer.html
+++ /dev/null
@@ -1 +0,0 @@
-<div class="file-content" data-endpoint="/test" id="js-notebook-viewer"></div>
diff --git a/spec/javascripts/fixtures/static/oauth_remember_me.html b/spec/javascripts/fixtures/static/oauth_remember_me.html
deleted file mode 100644
index 9ba1ffc72fe..00000000000
--- a/spec/javascripts/fixtures/static/oauth_remember_me.html
+++ /dev/null
@@ -1,6 +0,0 @@
-<div id="oauth-container">
-<input id="remember_me" type="checkbox">
-<a class="oauth-login twitter" href="http://example.com/"></a>
-<a class="oauth-login github" href="http://example.com/"></a>
-<a class="oauth-login facebook" href="http://example.com/?redirect_fragment=L1"></a>
-</div>
diff --git a/spec/javascripts/fixtures/static/pdf_viewer.html b/spec/javascripts/fixtures/static/pdf_viewer.html
deleted file mode 100644
index 350d35a262f..00000000000
--- a/spec/javascripts/fixtures/static/pdf_viewer.html
+++ /dev/null
@@ -1 +0,0 @@
-<div class="file-content" data-endpoint="/test" id="js-pdf-viewer"></div>
diff --git a/spec/javascripts/fixtures/static/pipeline_graph.html b/spec/javascripts/fixtures/static/pipeline_graph.html
deleted file mode 100644
index 422372bb7d5..00000000000
--- a/spec/javascripts/fixtures/static/pipeline_graph.html
+++ /dev/null
@@ -1,24 +0,0 @@
-<div class="pipeline-visualization js-pipeline-graph">
-<ul class="stage-column-list">
-<li class="stage-column">
-<div class="stage-name">
-<a href="/">
-Test
-<div class="builds-container">
-<ul>
-<li class="build">
-<div class="curve"></div>
-<a>
-<svg></svg>
-<div class="ci-status-text">
-stop_review
-</div>
-</a>
-</li>
-</ul>
-</div>
-</a>
-</div>
-</li>
-</ul>
-</div>
diff --git a/spec/javascripts/fixtures/static/pipelines.html b/spec/javascripts/fixtures/static/pipelines.html
deleted file mode 100644
index 42333f94f2f..00000000000
--- a/spec/javascripts/fixtures/static/pipelines.html
+++ /dev/null
@@ -1,3 +0,0 @@
-<div>
-<div data-can-create-pipeline="true" data-ci-lint-path="foo" data-empty-state-svg-path="foo" data-endpoint="foo" data-error-state-svg-path="foo" data-has-ci="foo" data-help-auto-devops-path="foo" data-help-page-path="foo" data-new-pipeline-path="foo" data-reset-cache-path="foo" id="pipelines-list-vue"></div>
-</div>
diff --git a/spec/javascripts/fixtures/static/project_select_combo_button.html b/spec/javascripts/fixtures/static/project_select_combo_button.html
deleted file mode 100644
index 50c826051c0..00000000000
--- a/spec/javascripts/fixtures/static/project_select_combo_button.html
+++ /dev/null
@@ -1,9 +0,0 @@
-<div class="project-item-select-holder">
-<input class="project-item-select" data-group-id="12345" data-relative-path="issues/new">
-<a class="new-project-item-link" data-label="New issue" data-type="issues" href="">
-<i class="fa fa-spinner spin"></i>
-</a>
-<a class="new-project-item-select-button">
-<i class="fa fa-caret-down"></i>
-</a>
-</div>
diff --git a/spec/javascripts/fixtures/static/projects.json b/spec/javascripts/fixtures/static/projects.json
deleted file mode 100644
index 68a150f602a..00000000000
--- a/spec/javascripts/fixtures/static/projects.json
+++ /dev/null
@@ -1,445 +0,0 @@
-[{
-  "id": 9,
-  "description": "",
-  "default_branch": null,
-  "tag_list": [],
-  "public": true,
-  "archived": false,
-  "visibility_level": 20,
-  "ssh_url_to_repo": "phil@localhost:root/test.git",
-  "http_url_to_repo": "http://localhost:3000/root/test.git",
-  "web_url": "http://localhost:3000/root/test",
-  "owner": {
-    "name": "Administrator",
-    "username": "root",
-    "id": 1,
-    "state": "active",
-    "avatar_url": "https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80\u0026d=identicon",
-    "web_url": "http://localhost:3000/u/root"
-  },
-  "name": "test",
-  "name_with_namespace": "Administrator / test",
-  "path": "test",
-  "path_with_namespace": "root/test",
-  "issues_enabled": true,
-  "merge_requests_enabled": true,
-  "wiki_enabled": true,
-  "builds_enabled": true,
-  "snippets_enabled": false,
-  "created_at": "2016-01-14T19:08:05.364Z",
-  "last_activity_at": "2016-01-14T19:08:07.418Z",
-  "shared_runners_enabled": true,
-  "creator_id": 1,
-  "namespace": {
-    "id": 1,
-    "name": "root",
-    "path": "root",
-    "owner_id": 1,
-    "created_at": "2016-01-13T20:19:44.439Z",
-    "updated_at": "2016-01-13T20:19:44.439Z",
-    "description": "",
-    "avatar": null
-  },
-  "avatar_url": null,
-  "star_count": 0,
-  "forks_count": 0,
-  "only_allow_merge_if_pipeline_succeeds": false,
-  "open_issues_count": 0,
-  "permissions": {
-    "project_access": null,
-    "group_access": null
-  }
-}, {
-  "id": 8,
-  "description": "Voluptatem quae nulla eius numquam ullam voluptatibus quia modi.",
-  "default_branch": "master",
-  "tag_list": [],
-  "public": false,
-  "archived": false,
-  "visibility_level": 0,
-  "ssh_url_to_repo": "phil@localhost:h5bp/html5-boilerplate.git",
-  "http_url_to_repo": "http://localhost:3000/h5bp/html5-boilerplate.git",
-  "web_url": "http://localhost:3000/h5bp/html5-boilerplate",
-  "name": "Html5 Boilerplate",
-  "name_with_namespace": "H5bp / Html5 Boilerplate",
-  "path": "html5-boilerplate",
-  "path_with_namespace": "h5bp/html5-boilerplate",
-  "issues_enabled": true,
-  "merge_requests_enabled": true,
-  "wiki_enabled": true,
-  "builds_enabled": true,
-  "snippets_enabled": false,
-  "created_at": "2016-01-13T20:19:57.525Z",
-  "last_activity_at": "2016-01-13T20:27:57.280Z",
-  "shared_runners_enabled": true,
-  "creator_id": 1,
-  "namespace": {
-    "id": 5,
-    "name": "H5bp",
-    "path": "h5bp",
-    "owner_id": null,
-    "created_at": "2016-01-13T20:19:57.239Z",
-    "updated_at": "2016-01-13T20:19:57.239Z",
-    "description": "Tempore accusantium possimus aut libero.",
-    "avatar": {
-      "url": null
-    }
-  },
-  "avatar_url": null,
-  "star_count": 0,
-  "forks_count": 0,
-  "only_allow_merge_if_pipeline_succeeds": false,
-  "open_issues_count": 5,
-  "permissions": {
-    "project_access": {
-      "access_level": 10,
-      "notification_level": 3
-    },
-    "group_access": {
-      "access_level": 50,
-      "notification_level": 3
-    }
-  }
-}, {
-  "id": 7,
-  "description": "Modi odio mollitia dolorem qui.",
-  "default_branch": "master",
-  "tag_list": [],
-  "public": false,
-  "archived": false,
-  "visibility_level": 0,
-  "ssh_url_to_repo": "phil@localhost:twitter/typeahead-js.git",
-  "http_url_to_repo": "http://localhost:3000/twitter/typeahead-js.git",
-  "web_url": "http://localhost:3000/twitter/typeahead-js",
-  "name": "Typeahead.Js",
-  "name_with_namespace": "Twitter / Typeahead.Js",
-  "path": "typeahead-js",
-  "path_with_namespace": "twitter/typeahead-js",
-  "issues_enabled": true,
-  "merge_requests_enabled": true,
-  "wiki_enabled": true,
-  "builds_enabled": true,
-  "snippets_enabled": false,
-  "created_at": "2016-01-13T20:19:56.212Z",
-  "last_activity_at": "2016-01-13T20:27:51.496Z",
-  "shared_runners_enabled": true,
-  "creator_id": 1,
-  "namespace": {
-    "id": 4,
-    "name": "Twitter",
-    "path": "twitter",
-    "owner_id": null,
-    "created_at": "2016-01-13T20:19:54.480Z",
-    "updated_at": "2016-01-13T20:19:54.480Z",
-    "description": "Id voluptatem ipsa maiores omnis repudiandae et et.",
-    "avatar": {
-      "url": null
-    }
-  },
-  "avatar_url": null,
-  "star_count": 0,
-  "forks_count": 0,
-  "only_allow_merge_if_pipeline_succeeds": true,
-  "open_issues_count": 4,
-  "permissions": {
-    "project_access": null,
-    "group_access": {
-      "access_level": 10,
-      "notification_level": 3
-    }
-  }
-}, {
-  "id": 6,
-  "description": "Omnis asperiores ipsa et beatae quidem necessitatibus quia.",
-  "default_branch": "master",
-  "tag_list": [],
-  "public": true,
-  "archived": false,
-  "visibility_level": 20,
-  "ssh_url_to_repo": "phil@localhost:twitter/flight.git",
-  "http_url_to_repo": "http://localhost:3000/twitter/flight.git",
-  "web_url": "http://localhost:3000/twitter/flight",
-  "name": "Flight",
-  "name_with_namespace": "Twitter / Flight",
-  "path": "flight",
-  "path_with_namespace": "twitter/flight",
-  "issues_enabled": true,
-  "merge_requests_enabled": true,
-  "wiki_enabled": true,
-  "builds_enabled": true,
-  "snippets_enabled": false,
-  "created_at": "2016-01-13T20:19:54.754Z",
-  "last_activity_at": "2016-01-13T20:27:50.502Z",
-  "shared_runners_enabled": true,
-  "creator_id": 1,
-  "namespace": {
-    "id": 4,
-    "name": "Twitter",
-    "path": "twitter",
-    "owner_id": null,
-    "created_at": "2016-01-13T20:19:54.480Z",
-    "updated_at": "2016-01-13T20:19:54.480Z",
-    "description": "Id voluptatem ipsa maiores omnis repudiandae et et.",
-    "avatar": {
-      "url": null
-    }
-  },
-  "avatar_url": null,
-  "star_count": 0,
-  "forks_count": 0,
-  "only_allow_merge_if_pipeline_succeeds": true,
-  "open_issues_count": 4,
-  "permissions": {
-    "project_access": null,
-    "group_access": {
-      "access_level": 10,
-      "notification_level": 3
-    }
-  }
-}, {
-  "id": 5,
-  "description": "Voluptatem commodi voluptate placeat architecto beatae illum dolores fugiat.",
-  "default_branch": "master",
-  "tag_list": [],
-  "public": false,
-  "archived": false,
-  "visibility_level": 0,
-  "ssh_url_to_repo": "phil@localhost:gitlab-org/gitlab-test.git",
-  "http_url_to_repo": "http://localhost:3000/gitlab-org/gitlab-test.git",
-  "web_url": "http://localhost:3000/gitlab-org/gitlab-test",
-  "name": "Gitlab Test",
-  "name_with_namespace": "Gitlab Org / Gitlab Test",
-  "path": "gitlab-test",
-  "path_with_namespace": "gitlab-org/gitlab-test",
-  "issues_enabled": true,
-  "merge_requests_enabled": true,
-  "wiki_enabled": true,
-  "builds_enabled": true,
-  "snippets_enabled": false,
-  "created_at": "2016-01-13T20:19:53.202Z",
-  "last_activity_at": "2016-01-13T20:27:41.626Z",
-  "shared_runners_enabled": true,
-  "creator_id": 1,
-  "namespace": {
-    "id": 3,
-    "name": "Gitlab Org",
-    "path": "gitlab-org",
-    "owner_id": null,
-    "created_at": "2016-01-13T20:19:48.851Z",
-    "updated_at": "2016-01-13T20:19:48.851Z",
-    "description": "Magni mollitia quod quidem soluta nesciunt impedit.",
-    "avatar": {
-      "url": null
-    }
-  },
-  "avatar_url": null,
-  "star_count": 0,
-  "forks_count": 0,
-  "only_allow_merge_if_pipeline_succeeds": false,
-  "open_issues_count": 5,
-  "permissions": {
-    "project_access": null,
-    "group_access": {
-      "access_level": 50,
-      "notification_level": 3
-    }
-  }
-}, {
-  "id": 4,
-  "description": "Aut molestias quas est ut aperiam officia quod libero.",
-  "default_branch": "master",
-  "tag_list": [],
-  "public": true,
-  "archived": false,
-  "visibility_level": 20,
-  "ssh_url_to_repo": "phil@localhost:gitlab-org/gitlab-shell.git",
-  "http_url_to_repo": "http://localhost:3000/gitlab-org/gitlab-shell.git",
-  "web_url": "http://localhost:3000/gitlab-org/gitlab-shell",
-  "name": "Gitlab Shell",
-  "name_with_namespace": "Gitlab Org / Gitlab Shell",
-  "path": "gitlab-shell",
-  "path_with_namespace": "gitlab-org/gitlab-shell",
-  "issues_enabled": true,
-  "merge_requests_enabled": true,
-  "wiki_enabled": true,
-  "builds_enabled": true,
-  "snippets_enabled": false,
-  "created_at": "2016-01-13T20:19:51.882Z",
-  "last_activity_at": "2016-01-13T20:27:35.678Z",
-  "shared_runners_enabled": true,
-  "creator_id": 1,
-  "namespace": {
-    "id": 3,
-    "name": "Gitlab Org",
-    "path": "gitlab-org",
-    "owner_id": null,
-    "created_at": "2016-01-13T20:19:48.851Z",
-    "updated_at": "2016-01-13T20:19:48.851Z",
-    "description": "Magni mollitia quod quidem soluta nesciunt impedit.",
-    "avatar": {
-      "url": null
-    }
-  },
-  "avatar_url": null,
-  "star_count": 0,
-  "forks_count": 0,
-  "only_allow_merge_if_pipeline_succeeds": false,
-  "open_issues_count": 5,
-  "permissions": {
-    "project_access": {
-      "access_level": 20,
-      "notification_level": 3
-    },
-    "group_access": {
-      "access_level": 50,
-      "notification_level": 3
-    }
-  }
-}, {
-  "id": 3,
-  "description": "Excepturi molestiae quia repellendus omnis est illo illum eligendi.",
-  "default_branch": "master",
-  "tag_list": [],
-  "public": true,
-  "archived": false,
-  "visibility_level": 20,
-  "ssh_url_to_repo": "phil@localhost:gitlab-org/gitlab-ci.git",
-  "http_url_to_repo": "http://localhost:3000/gitlab-org/gitlab-ci.git",
-  "web_url": "http://localhost:3000/gitlab-org/gitlab-ci",
-  "name": "Gitlab Ci",
-  "name_with_namespace": "Gitlab Org / Gitlab Ci",
-  "path": "gitlab-ci",
-  "path_with_namespace": "gitlab-org/gitlab-ci",
-  "issues_enabled": true,
-  "merge_requests_enabled": true,
-  "wiki_enabled": true,
-  "builds_enabled": true,
-  "snippets_enabled": false,
-  "created_at": "2016-01-13T20:19:50.346Z",
-  "last_activity_at": "2016-01-13T20:27:30.115Z",
-  "shared_runners_enabled": true,
-  "creator_id": 1,
-  "namespace": {
-    "id": 3,
-    "name": "Gitlab Org",
-    "path": "gitlab-org",
-    "owner_id": null,
-    "created_at": "2016-01-13T20:19:48.851Z",
-    "updated_at": "2016-01-13T20:19:48.851Z",
-    "description": "Magni mollitia quod quidem soluta nesciunt impedit.",
-    "avatar": {
-      "url": null
-    }
-  },
-  "avatar_url": null,
-  "star_count": 0,
-  "forks_count": 0,
-  "only_allow_merge_if_pipeline_succeeds": false,
-  "open_issues_count": 3,
-  "permissions": {
-    "project_access": null,
-    "group_access": {
-      "access_level": 50,
-      "notification_level": 3
-    }
-  }
-}, {
-  "id": 2,
-  "description": "Adipisci quaerat dignissimos enim sed ipsam dolorem quia.",
-  "default_branch": "master",
-  "tag_list": [],
-  "public": false,
-  "archived": false,
-  "visibility_level": 10,
-  "ssh_url_to_repo": "phil@localhost:gitlab-org/gitlab-ce.git",
-  "http_url_to_repo": "http://localhost:3000/gitlab-org/gitlab-ce.git",
-  "web_url": "http://localhost:3000/gitlab-org/gitlab-ce",
-  "name": "Gitlab Ce",
-  "name_with_namespace": "Gitlab Org / Gitlab Ce",
-  "path": "gitlab-ce",
-  "path_with_namespace": "gitlab-org/gitlab-ce",
-  "issues_enabled": true,
-  "merge_requests_enabled": true,
-  "wiki_enabled": true,
-  "builds_enabled": true,
-  "snippets_enabled": false,
-  "created_at": "2016-01-13T20:19:49.065Z",
-  "last_activity_at": "2016-01-13T20:26:58.454Z",
-  "shared_runners_enabled": true,
-  "creator_id": 1,
-  "namespace": {
-    "id": 3,
-    "name": "Gitlab Org",
-    "path": "gitlab-org",
-    "owner_id": null,
-    "created_at": "2016-01-13T20:19:48.851Z",
-    "updated_at": "2016-01-13T20:19:48.851Z",
-    "description": "Magni mollitia quod quidem soluta nesciunt impedit.",
-    "avatar": {
-      "url": null
-    }
-  },
-  "avatar_url": null,
-  "star_count": 0,
-  "forks_count": 0,
-  "only_allow_merge_if_pipeline_succeeds": false,
-  "open_issues_count": 5,
-  "permissions": {
-    "project_access": {
-      "access_level": 30,
-      "notification_level": 3
-    },
-    "group_access": {
-      "access_level": 50,
-      "notification_level": 3
-    }
-  }
-}, {
-  "id": 1,
-  "description": "Vel voluptatem maxime saepe ex quia.",
-  "default_branch": "master",
-  "tag_list": [],
-  "public": false,
-  "archived": false,
-  "visibility_level": 0,
-  "ssh_url_to_repo": "phil@localhost:documentcloud/underscore.git",
-  "http_url_to_repo": "http://localhost:3000/documentcloud/underscore.git",
-  "web_url": "http://localhost:3000/documentcloud/underscore",
-  "name": "Underscore",
-  "name_with_namespace": "Documentcloud / Underscore",
-  "path": "underscore",
-  "path_with_namespace": "documentcloud/underscore",
-  "issues_enabled": true,
-  "merge_requests_enabled": true,
-  "wiki_enabled": true,
-  "builds_enabled": true,
-  "snippets_enabled": false,
-  "created_at": "2016-01-13T20:19:45.862Z",
-  "last_activity_at": "2016-01-13T20:25:03.106Z",
-  "shared_runners_enabled": true,
-  "creator_id": 1,
-  "namespace": {
-    "id": 2,
-    "name": "Documentcloud",
-    "path": "documentcloud",
-    "owner_id": null,
-    "created_at": "2016-01-13T20:19:44.464Z",
-    "updated_at": "2016-01-13T20:19:44.464Z",
-    "description": "Aut impedit perferendis fuga et ipsa repellat cupiditate et.",
-    "avatar": {
-      "url": null
-    }
-  },
-  "avatar_url": null,
-  "star_count": 0,
-  "forks_count": 0,
-  "only_allow_merge_if_pipeline_succeeds": false,
-  "open_issues_count": 5,
-  "permissions": {
-    "project_access": null,
-    "group_access": {
-      "access_level": 50,
-      "notification_level": 3
-    }
-  }
-}]
diff --git a/spec/javascripts/fixtures/static/search_autocomplete.html b/spec/javascripts/fixtures/static/search_autocomplete.html
deleted file mode 100644
index 29db9020424..00000000000
--- a/spec/javascripts/fixtures/static/search_autocomplete.html
+++ /dev/null
@@ -1,15 +0,0 @@
-<div class="search search-form">
-<form class="form-inline">
-<div class="search-input-container">
-<div class="search-input-wrap">
-<div class="dropdown">
-<input class="search-input dropdown-menu-toggle" id="search">
-<div class="dropdown-menu dropdown-select">
-<div class="dropdown-content"></div>
-</div>
-</div>
-</div>
-</div>
-<input class="js-search-project-options" type="hidden">
-</form>
-</div>
diff --git a/spec/javascripts/fixtures/static/signin_tabs.html b/spec/javascripts/fixtures/static/signin_tabs.html
deleted file mode 100644
index 7e66ab9394b..00000000000
--- a/spec/javascripts/fixtures/static/signin_tabs.html
+++ /dev/null
@@ -1,8 +0,0 @@
-<ul class="nav-links new-session-tabs">
-<li class="active">
-<a href="#ldap">LDAP</a>
-</li>
-<li>
-<a href="#login-pane">Standard</a>
-</li>
-</ul>
diff --git a/spec/javascripts/fixtures/static/sketch_viewer.html b/spec/javascripts/fixtures/static/sketch_viewer.html
deleted file mode 100644
index e25e554e568..00000000000
--- a/spec/javascripts/fixtures/static/sketch_viewer.html
+++ /dev/null
@@ -1,3 +0,0 @@
-<div class="file-content" data-endpoint="/test_sketch_file.sketch" id="js-sketch-viewer">
-<div class="js-loading-icon"></div>
-</div>
diff --git a/spec/javascripts/fixtures/todos.rb b/spec/javascripts/fixtures/todos.rb
deleted file mode 100644
index a7c183d2414..00000000000
--- a/spec/javascripts/fixtures/todos.rb
+++ /dev/null
@@ -1,54 +0,0 @@
-require 'spec_helper'
-
-describe 'Todos (JavaScript fixtures)' do
-  include JavaScriptFixturesHelpers
-
-  let(:admin) { create(:admin) }
-  let(:namespace) { create(:namespace, name: 'frontend-fixtures' )}
-  let(:project) { create(:project_empty_repo, namespace: namespace, path: 'todos-project') }
-  let(:issue_1) { create(:issue, title: 'issue_1', project: project) }
-  let!(:todo_1) { create(:todo, user: admin, project: project, target: issue_1, created_at: 5.hours.ago) }
-  let(:issue_2) { create(:issue, title: 'issue_2', project: project) }
-  let!(:todo_2) { create(:todo, :done, user: admin, project: project, target: issue_2, created_at: 50.hours.ago) }
-
-  before(:all) do
-    clean_frontend_fixtures('todos/')
-  end
-
-  after do
-    remove_repository(project)
-  end
-
-  describe Dashboard::TodosController, '(JavaScript fixtures)', type: :controller do
-    render_views
-
-    before do
-      sign_in(admin)
-    end
-
-    it 'todos/todos.html' do
-      get :index
-
-      expect(response).to be_successful
-    end
-  end
-
-  describe Projects::TodosController, '(JavaScript fixtures)', type: :controller do
-    render_views
-
-    before do
-      sign_in(admin)
-    end
-
-    it 'todos/todos.json' do
-      post :create, params: {
-        namespace_id: namespace,
-        project_id: project,
-        issuable_type: 'issue',
-        issuable_id: issue_2.id
-      }, format: 'json'
-
-      expect(response).to be_successful
-    end
-  end
-end
diff --git a/spec/javascripts/fixtures/u2f.rb b/spec/javascripts/fixtures/u2f.rb
deleted file mode 100644
index 8ecbc0390cd..00000000000
--- a/spec/javascripts/fixtures/u2f.rb
+++ /dev/null
@@ -1,44 +0,0 @@
-require 'spec_helper'
-
-context 'U2F' do
-  include JavaScriptFixturesHelpers
-
-  let(:user) { create(:user, :two_factor_via_u2f, otp_secret: 'otpsecret:coolkids') }
-
-  before(:all) do
-    clean_frontend_fixtures('u2f/')
-  end
-
-  describe SessionsController, '(JavaScript fixtures)', type: :controller do
-    include DeviseHelpers
-
-    render_views
-
-    before do
-      set_devise_mapping(context: @request)
-    end
-
-    it 'u2f/authenticate.html' do
-      allow(controller).to receive(:find_user).and_return(user)
-
-      post :create, params: { user: { login: user.username, password: user.password } }
-
-      expect(response).to be_successful
-    end
-  end
-
-  describe Profiles::TwoFactorAuthsController, '(JavaScript fixtures)', type: :controller do
-    render_views
-
-    before do
-      sign_in(user)
-      allow_any_instance_of(Profiles::TwoFactorAuthsController).to receive(:build_qr_code).and_return('qrcode:blackandwhitesquares')
-    end
-
-    it 'u2f/register.html' do
-      get :show
-
-      expect(response).to be_successful
-    end
-  end
-end
-- 
cgit v1.2.1


From 444a3627b6d469819f33e875dc194765d6b55b8e Mon Sep 17 00:00:00 2001
From: Mike Greiling <mike@pixelcog.com>
Date: Fri, 19 Jul 2019 02:40:21 -0500
Subject: Add missing static fixture

---
 .../fixtures/static/environments_logs.html         | 29 ++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 spec/frontend/fixtures/static/environments_logs.html

diff --git a/spec/frontend/fixtures/static/environments_logs.html b/spec/frontend/fixtures/static/environments_logs.html
new file mode 100644
index 00000000000..6179d3dbc23
--- /dev/null
+++ b/spec/frontend/fixtures/static/environments_logs.html
@@ -0,0 +1,29 @@
+<div class="js-kubernetes-logs" data-logs-path="/root/kubernetes-app/environments/1/logs">
+  <div class="build-page">
+    <div class="build-trace-container prepend-top-default">
+      <div class="top-bar js-top-bar">
+        <div class="truncated-info hidden-xs pull-left"></div>
+        <div class="dropdown prepend-left-10 js-pod-dropdown">
+          <button aria-expanded="false" class="dropdown-menu-toggle" data-toggle="dropdown" type="button">
+            <i class="fa fa-chevron-down"></i>
+          </button>
+          <div class="dropdown-menu dropdown-menu-selectable dropdown-menu-drop-up"></div>
+        </div>
+        <div class="controllers pull-right">
+          <div class="has-tooltip controllers-buttons" data-container="body" data-placement="top" title="Scroll to top">
+            <button class="js-scroll-up btn-scroll btn-transparent btn-blank" disabled type="button"></button>
+          </div>
+          <div class="has-tooltip controllers-buttons" data-container="body" data-placement="top" title="Scroll to bottom">
+            <button class="js-scroll-down btn-scroll btn-transparent btn-blank" disabled type="button"></button>
+          </div>
+          <div class="refresh-control pull-right">
+            <div class="has-tooltip controllers-buttons" data-container="body" data-placement="top" title="Refresh">
+              <button class="js-refresh-log btn-default btn-refresh" disabled type="button"></button>
+            </div>
+          </div>
+        </div>
+      </div>
+      <pre class="build-trace" id="build-trace"><code class="bash js-build-output"><div class="build-loader-animation js-build-refresh"></div></code></pre>
+    </div>
+  </div>
+</div>
-- 
cgit v1.2.1


From 5a2ecbfc36db24e3416023fba14e79dd9a002921 Mon Sep 17 00:00:00 2001
From: Filipa Lacerda <filipa@gitlab.com>
Date: Fri, 19 Jul 2019 07:53:11 +0000
Subject: Removes EE differences for issue boards

---
 app/assets/javascripts/boards/ee_functions.js |  7 +++++++
 app/assets/javascripts/boards/index.js        | 17 ++++++++++++++++-
 2 files changed, 23 insertions(+), 1 deletion(-)
 create mode 100644 app/assets/javascripts/boards/ee_functions.js

diff --git a/app/assets/javascripts/boards/ee_functions.js b/app/assets/javascripts/boards/ee_functions.js
new file mode 100644
index 00000000000..583270fcae5
--- /dev/null
+++ b/app/assets/javascripts/boards/ee_functions.js
@@ -0,0 +1,7 @@
+export const setPromotionState = () => {};
+
+export const setWeigthFetchingState = () => {};
+export const setEpicFetchingState = () => {};
+
+export const getMilestoneTitle = () => ({});
+export const getBoardsModalData = () => ({});
diff --git a/app/assets/javascripts/boards/index.js b/app/assets/javascripts/boards/index.js
index f5a617a85ad..3bded4a3258 100644
--- a/app/assets/javascripts/boards/index.js
+++ b/app/assets/javascripts/boards/index.js
@@ -30,6 +30,13 @@ import {
 } from '~/lib/utils/common_utils';
 import boardConfigToggle from 'ee_else_ce/boards/config_toggle';
 import toggleFocusMode from 'ee_else_ce/boards/toggle_focus';
+import {
+  setPromotionState,
+  setWeigthFetchingState,
+  setEpicFetchingState,
+  getMilestoneTitle,
+  getBoardsModalData,
+} from 'ee_else_ce/boards/ee_functions';
 import mountMultipleBoardsSwitcher from './mount_multiple_boards_switcher';
 
 let issueBoardsApp;
@@ -129,6 +136,7 @@ export default () => {
           });
 
           boardsStore.addBlankState();
+          setPromotionState(boardsStore);
           this.loading = false;
         })
         .catch(() => {
@@ -143,6 +151,8 @@ export default () => {
         const { sidebarInfoEndpoint } = newIssue;
         if (sidebarInfoEndpoint && newIssue.subscribed === undefined) {
           newIssue.setFetchingState('subscriptions', true);
+          setWeigthFetchingState(newIssue, true);
+          setEpicFetchingState(newIssue, true);
           BoardService.getIssueInfo(sidebarInfoEndpoint)
             .then(res => res.data)
             .then(data => {
@@ -157,6 +167,8 @@ export default () => {
               } = convertObjectPropsToCamelCase(data);
 
               newIssue.setFetchingState('subscriptions', false);
+              setWeigthFetchingState(newIssue, false);
+              setEpicFetchingState(newIssue, false);
               newIssue.updateData({
                 humanTimeSpent: humanTotalTimeSpent,
                 timeSpent: totalTimeSpent,
@@ -169,6 +181,7 @@ export default () => {
             })
             .catch(() => {
               newIssue.setFetchingState('subscriptions', false);
+              setWeigthFetchingState(newIssue, false);
               Flash(__('An error occurred while fetching sidebar data'));
             });
         }
@@ -203,6 +216,7 @@ export default () => {
     el: document.getElementById('js-add-list'),
     data: {
       filters: boardsStore.state.filters,
+      ...getMilestoneTitle($boardApp),
     },
     mounted() {
       initNewListDropdown();
@@ -222,6 +236,7 @@ export default () => {
         return {
           modal: ModalStore.store,
           store: boardsStore.state,
+          ...getBoardsModalData($boardApp),
           canAdminList: this.$options.el.hasAttribute('data-can-admin-list'),
         };
       },
@@ -285,6 +300,6 @@ export default () => {
     });
   }
 
-  toggleFocusMode(ModalStore, boardsStore);
+  toggleFocusMode(ModalStore, boardsStore, $boardApp);
   mountMultipleBoardsSwitcher();
 };
-- 
cgit v1.2.1


From 468daf5a9d220ebb5a60db62a9f203cc86bd65db Mon Sep 17 00:00:00 2001
From: Sanad Liaquat <sliaquat@gitlab.com>
Date: Fri, 19 Jul 2019 13:07:39 +0500
Subject: Quarantine failing spec

---
 .../browser_ui/3_create/merge_request/rebase_merge_request_spec.rb     | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/qa/qa/specs/features/browser_ui/3_create/merge_request/rebase_merge_request_spec.rb b/qa/qa/specs/features/browser_ui/3_create/merge_request/rebase_merge_request_spec.rb
index 7a36f9ea420..3ce291bf8bc 100644
--- a/qa/qa/specs/features/browser_ui/3_create/merge_request/rebase_merge_request_spec.rb
+++ b/qa/qa/specs/features/browser_ui/3_create/merge_request/rebase_merge_request_spec.rb
@@ -1,7 +1,8 @@
 # frozen_string_literal: true
 
 module QA
-  context 'Create' do
+  # Failure issue: https://gitlab.com/gitlab-org/quality/staging/issues/66
+  context 'Create', :quarantine do
     describe 'Merge request rebasing' do
       it 'user rebases source branch of merge request' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-- 
cgit v1.2.1


From b61c9341f006bb19c0c242a177dbc0fb5a7a53ef Mon Sep 17 00:00:00 2001
From: James Ramsay <jramsay@gitlab.com>
Date: Fri, 19 Jul 2019 09:29:24 +0000
Subject: Link Metrics Reports from merge request docs

---
 doc/user/project/merge_requests/index.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/doc/user/project/merge_requests/index.md b/doc/user/project/merge_requests/index.md
index a4cda65bf6b..8c28e24683f 100644
--- a/doc/user/project/merge_requests/index.md
+++ b/doc/user/project/merge_requests/index.md
@@ -391,6 +391,17 @@ can show the Code Climate report right in the merge request widget area.
 
 [Read more about Code Quality reports.](code_quality.md)
 
+## Metrics Reports **(PREMIUM)**
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/9788) in [GitLab Premium][products] 11.10.
+Requires GitLab Runner 11.10 and above.
+
+If you are using [GitLab CI][ci], you can configure your job to output custom
+metrics and GitLab will display the Metrics Report on the merge request so
+that it's fast and easy to identify changes to important metrics.
+
+[Read more about Metrics Report](../../../ci/metrics_reports.md).
+
 ## Browser Performance Testing **(PREMIUM)**
 
 > Introduced in [GitLab Premium][products] 10.3.
-- 
cgit v1.2.1


From 2c5b930b9530ff06be49481b115d5d27829d5ef5 Mon Sep 17 00:00:00 2001
From: Samantha Ming <sming@gitlab.com>
Date: Fri, 19 Jul 2019 09:37:06 +0000
Subject: Add endsWith to polyfill

---
 app/assets/javascripts/commons/polyfills.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/assets/javascripts/commons/polyfills.js b/app/assets/javascripts/commons/polyfills.js
index a4394ab7e92..7a6ad3dc771 100644
--- a/app/assets/javascripts/commons/polyfills.js
+++ b/app/assets/javascripts/commons/polyfills.js
@@ -13,6 +13,7 @@ import 'core-js/es/string/code-point-at';
 import 'core-js/es/string/from-code-point';
 import 'core-js/es/string/includes';
 import 'core-js/es/string/starts-with';
+import 'core-js/es/string/ends-with';
 import 'core-js/es/symbol';
 import 'core-js/es/map';
 import 'core-js/es/weak-map';
-- 
cgit v1.2.1


From ec7f5672dfe4606be08d14520bfc08e50c6fffb9 Mon Sep 17 00:00:00 2001
From: Shinya Maeda <shinya@gitlab.com>
Date: Fri, 19 Jul 2019 09:40:23 +0000
Subject: Documentations for parallel execution strategy for Merge Trains

This commit adds a documentation for parallel pipelines on merge
trains.

Fix typo
---
 .../pipelines_for_merged_results/index.md          |   9 ++---
 .../img/merge_train_position_v12_0.png             | Bin 0 -> 18121 bytes
 .../merge_trains/index.md                          |  39 ++++++++++++---------
 3 files changed, 27 insertions(+), 21 deletions(-)
 create mode 100644 doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_position_v12_0.png

diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/index.md b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/index.md
index a13857bee25..f63b17a9e5a 100644
--- a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/index.md
+++ b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/index.md
@@ -6,7 +6,6 @@ last_update: 2019-07-03
 # Pipelines for Merged Results **(PREMIUM)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/7380) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.10.
-> This feature is disabled by default until we resolve issues with [contention handling](https://gitlab.com/gitlab-org/gitlab-ee/issues/11222), but [can be enabled manually](#enabling-pipelines-for-merged-results).
 
 It's possible for your source and target branches to diverge, which can result
 in the scenario that source branch's pipeline was green, the target's pipeline was green,
@@ -25,8 +24,10 @@ new ref and a pipeline for this ref validates the result prior to merging.
 
 There are some cases where creating a combined ref is not possible or not wanted.
 For example, a source branch that has conflicts with the target branch
-or a merge request that is still in WIP status. In this case, the merge request pipeline falls back to a "detached" state
-and runs on the source branch ref as if it was a regular pipeline.
+or a merge request that is still in WIP status. In this case,
+GitLab doesn't create a merge commit and the pipeline runs on source branch, instead,
+which is a default behavior of [Pipelines for merge requests](../index.md)
+ i.e. `detached` label is shown to the pipelines.
 
 The detached state serves to warn you that you are working in a situation
 subjected to merge problems, and helps to highlight that you should
@@ -42,7 +43,7 @@ Pipelines for merged results require:
 In addition, pipelines for merged results have the following limitations:
 
 - Forking/cross-repo workflows are not currently supported. To follow progress,
-  see [#9713](https://gitlab.com/gitlab-org/gitlab-ee/issues/9713).
+  see [#11934](https://gitlab.com/gitlab-org/gitlab-ee/issues/11934).
 - This feature is not available for
   [fast forward merges](../../../user/project/merge_requests/fast_forward_merge.md) yet.
   To follow progress, see [#58226](https://gitlab.com/gitlab-org/gitlab-ce/issues/58226).
diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_position_v12_0.png b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_position_v12_0.png
new file mode 100644
index 00000000000..70916bc0e00
Binary files /dev/null and b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_position_v12_0.png differ
diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md
index 57358434c02..44cbcde264c 100644
--- a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md
+++ b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md
@@ -6,7 +6,6 @@ last_update: 2019-07-03
 # Merge Trains **(PREMIUM)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/9186) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.0.
-> This feature is disabled by default, but [can be enabled manually](#enabling-merge-trains).
 
 [Pipelines for merged results](../index.md#pipelines-for-merged-results-premium) introduces
 running a build on the result of the merged code prior to merging, as a way to keep master green.
@@ -33,35 +32,40 @@ Merge trains have the following requirements and limitations:
 - This feature requires that
   [pipelines for merged results](../index.md#pipelines-for-merged-results-premium) are
   **configured properly**.
-- Each merge train can generate a merge ref and run a pipeline **one at a time**.
-  We plan to make the pipelines for merged results
-  [run in parallel](https://gitlab.com/gitlab-org/gitlab-ee/issues/11222) in a
-  future release.
+- Each merge train can run a maximum of **four** pipelines in parallel.
+  If more than four merge requests are added to the merge train, the merge requests
+  will be queued until a slot in the merge train is free. There is no limit to the
+  number of merge requests that can be queued.
+- This feature does not support [squash and merge](../../../../user/project/merge_requests/squash_and_merge.md).
 
-## Enabling Merge Trains
-
-To enable merge trains at the project level:
-
-1. Visit your project's **Settings > General** and expand **Merge requests**.
-1. Check **Allow merge trains**.
-1. Click **Save changes** button.
-
-![Merge request pipeline config](img/merge_train_config_v12_0.png)
+<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
+Watch this video for a demonstration on [how parallel execution
+of Merge Trains can prevent commits from breaking the default
+branch](https://www.youtube.com/watch?v=D4qCqXgZkHQ).
 
 ## How to add a merge request to a merge train
 
 To add a merge request to a merge train:
 
-1. Click "Start/Add merge train" button in a merge request
+1. Visit a merge request.
+1. Click the **Start/Add to merge train** button.
 
 ![Start merge train](img/merge_train_start_v12_0.png)
 
 ## How to remove a merge request from a merge train
 
-1. Click "Remove from merge train" button in the merge request widget.
+1. Visit a merge request.
+1. Click the **Remove from merge train** button.
 
 ![Cancel merge train](img/merge_train_cancel_v12_0.png)
 
+## How to view a merge request's current position on the merge train
+
+After a merge request has been added to the merge train, the merge request's
+current position will be displayed under the pipeline widget:
+
+![Merge train position indicator](img/merge_train_position_v12_0.png)
+
 ## Start/Add to merge train when pipeline succeeds
 
 You can add a merge request to a merge train only when the latest pipeline in the
@@ -70,7 +74,8 @@ the merge request to a train because the current change of the merge request may
 be broken thus it could affect the following merge requests.
 
 In this case, you can schedule to add the merge request to a merge train **when the latest
-pipeline succeeds**. You can see the following button instead of the regular "Start/Add merge train"
+pipeline succeeds** (This pipeline is [Pipelines for merged results](../index.md), not Pipelines for merge train).
+You can see the following button instead of the regular **Start/Add to merge train**
 button while the latest pipeline is running.
 
 ![Add to merge train when pipeline succeeds](img/merge_train_start_when_pipeline_succeeds_v12_0.png)
-- 
cgit v1.2.1


From 1bc5a3e4bdb2198c10fcc292b787c12bb479c6fa Mon Sep 17 00:00:00 2001
From: Adam Hegyi <ahegyi@gitlab.com>
Date: Fri, 19 Jul 2019 09:53:19 +0000
Subject: Add a note about private_profile changes in 12.1

---
 doc/api/users.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/doc/api/users.md b/doc/api/users.md
index fdc84826680..b41fd106fc5 100644
--- a/doc/api/users.md
+++ b/doc/api/users.md
@@ -349,6 +349,9 @@ Note that `force_random_password` and `reset_password` take priority
 over `password`. In addition, `reset_password` and
 `force_random_password` can be used together.
 
+NOTE: **Note:**
+From [GitLab 12.1](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/29888/), `private_profile` will default to `false`.
+
 ```
 POST /users
 ```
-- 
cgit v1.2.1


From 01685eed7674ec841b4249b42f9b350f4a105e4a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Francisco=20Javier=20L=C3=B3pez?= <fjlopez@gitlab.com>
Date: Fri, 19 Jul 2019 11:11:27 +0000
Subject: Added Usage Data for some Web IDE actions

The actions tracked in the web IDE are:
- creation of commits
- creation of merge requests
- projects loaded
---
 app/assets/javascripts/ide/stores/utils.js         |  2 +-
 app/controllers/ide_controller.rb                  |  1 +
 .../merge_requests/creations_controller.rb         |  8 +++++
 .../creations/_new_compare.html.haml               |  2 ++
 .../merge_requests/creations/_new_submit.html.haml |  3 ++
 .../unreleased/fj-count-web-ide-merge-requests.yml |  5 +++
 lib/gitlab/usage_data.rb                           |  4 ++-
 lib/gitlab/usage_data_counters/web_ide_counter.rb  | 18 ++++++++++
 spec/controllers/ide_controller_spec.rb            | 17 +++++++++
 .../merge_requests/creations_controller_spec.rb    | 42 ++++++++++++++++++++++
 .../ide/stores/modules/commit/actions_spec.js      |  2 +-
 .../usage_data_counters/web_ide_counter_spec.rb    | 35 ++++++++++++------
 spec/lib/gitlab/usage_data_spec.rb                 | 10 ++++++
 13 files changed, 136 insertions(+), 13 deletions(-)
 create mode 100644 changelogs/unreleased/fj-count-web-ide-merge-requests.yml
 create mode 100644 spec/controllers/ide_controller_spec.rb

diff --git a/app/assets/javascripts/ide/stores/utils.js b/app/assets/javascripts/ide/stores/utils.js
index 04470064c1f..366314536c6 100644
--- a/app/assets/javascripts/ide/stores/utils.js
+++ b/app/assets/javascripts/ide/stores/utils.js
@@ -159,7 +159,7 @@ export const createCommitPayload = ({
 });
 
 export const createNewMergeRequestUrl = (projectUrl, source, target) =>
-  `${projectUrl}/merge_requests/new?merge_request[source_branch]=${source}&merge_request[target_branch]=${target}`;
+  `${projectUrl}/merge_requests/new?merge_request[source_branch]=${source}&merge_request[target_branch]=${target}&nav_source=webide`;
 
 const sortTreesByTypeAndName = (a, b) => {
   if (a.type === 'tree' && b.type === 'blob') {
diff --git a/app/controllers/ide_controller.rb b/app/controllers/ide_controller.rb
index eeeebe430a7..af1e6cc703b 100644
--- a/app/controllers/ide_controller.rb
+++ b/app/controllers/ide_controller.rb
@@ -4,5 +4,6 @@ class IdeController < ApplicationController
   layout 'fullscreen'
 
   def index
+    Gitlab::UsageDataCounters::WebIdeCounter.increment_views_count
   end
 end
diff --git a/app/controllers/projects/merge_requests/creations_controller.rb b/app/controllers/projects/merge_requests/creations_controller.rb
index 32cefe54613..6ac5bb90706 100644
--- a/app/controllers/projects/merge_requests/creations_controller.rb
+++ b/app/controllers/projects/merge_requests/creations_controller.rb
@@ -23,6 +23,8 @@ class Projects::MergeRequests::CreationsController < Projects::MergeRequests::Ap
     @merge_request = ::MergeRequests::CreateService.new(project, current_user, merge_request_params).execute
 
     if @merge_request.valid?
+      incr_count_webide_merge_request
+
       redirect_to(merge_request_path(@merge_request))
     else
       @source_project = @merge_request.source_project
@@ -135,4 +137,10 @@ class Projects::MergeRequests::CreationsController < Projects::MergeRequests::Ap
   def whitelist_query_limiting
     Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42384')
   end
+
+  def incr_count_webide_merge_request
+    return if params[:nav_source] != 'webide'
+
+    Gitlab::UsageDataCounters::WebIdeCounter.increment_merge_requests_count
+  end
 end
diff --git a/app/views/projects/merge_requests/creations/_new_compare.html.haml b/app/views/projects/merge_requests/creations/_new_compare.html.haml
index 11272a67f93..be01905dd35 100644
--- a/app/views/projects/merge_requests/creations/_new_compare.html.haml
+++ b/app/views/projects/merge_requests/creations/_new_compare.html.haml
@@ -2,6 +2,8 @@
   New Merge Request
 
 = form_for [@project.namespace.becomes(Namespace), @project, @merge_request], url: project_new_merge_request_path(@project), method: :get, html: { class: "merge-request-form js-requires-input" } do |f|
+  - if params[:nav_source].present?
+    = hidden_field_tag(:nav_source, params[:nav_source])
   .hide.alert.alert-danger.mr-compare-errors
   .js-merge-request-new-compare.row{ 'data-source-branch-url': project_new_merge_request_branch_from_path(@source_project), 'data-target-branch-url': project_new_merge_request_branch_to_path(@source_project) }
     .col-lg-6
diff --git a/app/views/projects/merge_requests/creations/_new_submit.html.haml b/app/views/projects/merge_requests/creations/_new_submit.html.haml
index 464f8fa65e9..543441b9479 100644
--- a/app/views/projects/merge_requests/creations/_new_submit.html.haml
+++ b/app/views/projects/merge_requests/creations/_new_submit.html.haml
@@ -17,6 +17,9 @@
   = f.hidden_field :target_project_id
   = f.hidden_field :target_branch, id: ''
 
+  - if params[:nav_source].present?
+    = hidden_field_tag(:nav_source, params[:nav_source])
+
 .mr-compare.merge-request.js-merge-request-new-submit{ 'data-mr-submit-action': "#{j params[:tab].presence || 'new'}" }
   - if @commits.empty?
     .commits-empty
diff --git a/changelogs/unreleased/fj-count-web-ide-merge-requests.yml b/changelogs/unreleased/fj-count-web-ide-merge-requests.yml
new file mode 100644
index 00000000000..adcd0af37e8
--- /dev/null
+++ b/changelogs/unreleased/fj-count-web-ide-merge-requests.yml
@@ -0,0 +1,5 @@
+---
+title: Add Web IDE Usage Ping for Create SMAU
+merge_request: 30800
+author:
+type: changed
diff --git a/lib/gitlab/usage_data.rb b/lib/gitlab/usage_data.rb
index 7572c0bdbfd..43072053e57 100644
--- a/lib/gitlab/usage_data.rb
+++ b/lib/gitlab/usage_data.rb
@@ -130,7 +130,9 @@ module Gitlab
 
       def usage_counters
         {
-          web_ide_commits: Gitlab::UsageDataCounters::WebIdeCounter.total_commits_count
+          web_ide_commits: Gitlab::UsageDataCounters::WebIdeCounter.total_commits_count,
+          web_ide_merge_requests: Gitlab::UsageDataCounters::WebIdeCounter.total_merge_requests_count,
+          web_ide_views: Gitlab::UsageDataCounters::WebIdeCounter.total_views_count
         }
       end
 
diff --git a/lib/gitlab/usage_data_counters/web_ide_counter.rb b/lib/gitlab/usage_data_counters/web_ide_counter.rb
index 6fbffb94c58..899ad0db9c0 100644
--- a/lib/gitlab/usage_data_counters/web_ide_counter.rb
+++ b/lib/gitlab/usage_data_counters/web_ide_counter.rb
@@ -6,6 +6,8 @@ module Gitlab
       extend RedisCounter
 
       COMMITS_COUNT_KEY = 'WEB_IDE_COMMITS_COUNT'
+      MERGE_REQUEST_COUNT_KEY = 'WEB_IDE_MERGE_REQUESTS_COUNT'
+      VIEWS_COUNT_KEY = 'WEB_IDE_VIEWS_COUNT'
 
       class << self
         def increment_commits_count
@@ -15,6 +17,22 @@ module Gitlab
         def total_commits_count
           total_count(COMMITS_COUNT_KEY)
         end
+
+        def increment_merge_requests_count
+          increment(MERGE_REQUEST_COUNT_KEY)
+        end
+
+        def total_merge_requests_count
+          total_count(MERGE_REQUEST_COUNT_KEY)
+        end
+
+        def increment_views_count
+          increment(VIEWS_COUNT_KEY)
+        end
+
+        def total_views_count
+          total_count(VIEWS_COUNT_KEY)
+        end
       end
     end
   end
diff --git a/spec/controllers/ide_controller_spec.rb b/spec/controllers/ide_controller_spec.rb
new file mode 100644
index 00000000000..0462f9520d5
--- /dev/null
+++ b/spec/controllers/ide_controller_spec.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe IdeController do
+  let(:user) { create(:user) }
+
+  before do
+    sign_in(user)
+  end
+
+  it 'increases the views counter' do
+    expect(Gitlab::UsageDataCounters::WebIdeCounter).to receive(:increment_views_count)
+
+    get :index
+  end
+end
diff --git a/spec/controllers/projects/merge_requests/creations_controller_spec.rb b/spec/controllers/projects/merge_requests/creations_controller_spec.rb
index 5fefad86ef3..3816e1c7a31 100644
--- a/spec/controllers/projects/merge_requests/creations_controller_spec.rb
+++ b/spec/controllers/projects/merge_requests/creations_controller_spec.rb
@@ -212,4 +212,46 @@ describe Projects::MergeRequests::CreationsController do
       expect(response).to have_gitlab_http_status(200)
     end
   end
+
+  describe 'POST create' do
+    let(:params) do
+      {
+        namespace_id: fork_project.namespace.to_param,
+        project_id: fork_project,
+        merge_request: {
+          title: 'Test merge request',
+          source_branch: 'remove-submodule',
+          target_branch: 'master'
+        }
+      }
+    end
+
+    it 'creates merge request' do
+      expect do
+        post_request(params)
+      end.to change { MergeRequest.count }.by(1)
+    end
+
+    context 'when the merge request is not created from the web ide' do
+      it 'counter is not increased' do
+        expect(Gitlab::UsageDataCounters::WebIdeCounter).not_to receive(:increment_merge_requests_count)
+
+        post_request(params)
+      end
+    end
+
+    context 'when the merge request is created from the web ide' do
+      let(:nav_source) { { nav_source: 'webide' } }
+
+      it 'counter is increased' do
+        expect(Gitlab::UsageDataCounters::WebIdeCounter).to receive(:increment_merge_requests_count)
+
+        post_request(params.merge(nav_source))
+      end
+    end
+
+    def post_request(merge_request_params)
+      post :create, params: merge_request_params
+    end
+  end
 end
diff --git a/spec/javascripts/ide/stores/modules/commit/actions_spec.js b/spec/javascripts/ide/stores/modules/commit/actions_spec.js
index 590af53b3f2..14d861f21d2 100644
--- a/spec/javascripts/ide/stores/modules/commit/actions_spec.js
+++ b/spec/javascripts/ide/stores/modules/commit/actions_spec.js
@@ -411,7 +411,7 @@ describe('IDE commit module actions', () => {
               expect(visitUrl).toHaveBeenCalledWith(
                 `webUrl/merge_requests/new?merge_request[source_branch]=${
                   store.getters['commit/placeholderBranchName']
-                }&merge_request[target_branch]=master`,
+                }&merge_request[target_branch]=master&nav_source=webide`,
               );
 
               done();
diff --git a/spec/lib/gitlab/usage_data_counters/web_ide_counter_spec.rb b/spec/lib/gitlab/usage_data_counters/web_ide_counter_spec.rb
index fa0cf15e1b2..b5e32d1875f 100644
--- a/spec/lib/gitlab/usage_data_counters/web_ide_counter_spec.rb
+++ b/spec/lib/gitlab/usage_data_counters/web_ide_counter_spec.rb
@@ -3,19 +3,34 @@
 require 'spec_helper'
 
 describe Gitlab::UsageDataCounters::WebIdeCounter, :clean_gitlab_redis_shared_state do
-  describe '.increment_commits_count' do
-    it 'increments the web ide commits counter by 1' do
-      expect do
-        described_class.increment_commits_count
-      end.to change { described_class.total_commits_count }.by(1)
+  shared_examples 'counter examples' do
+    it 'increments counter and return the total count' do
+      expect(described_class.public_send(total_counter_method)).to eq(0)
+
+      2.times { described_class.public_send(increment_counter_method) }
+
+      expect(described_class.public_send(total_counter_method)).to eq(2)
     end
   end
 
-  describe '.total_commits_count' do
-    it 'returns the total amount of web ide commits' do
-      2.times { described_class.increment_commits_count }
+  describe 'commits counter' do
+    let(:increment_counter_method) { :increment_commits_count }
+    let(:total_counter_method) { :total_commits_count }
 
-      expect(described_class.total_commits_count).to eq(2)
-    end
+    it_behaves_like 'counter examples'
+  end
+
+  describe 'merge requests counter' do
+    let(:increment_counter_method) { :increment_merge_requests_count }
+    let(:total_counter_method) { :total_merge_requests_count }
+
+    it_behaves_like 'counter examples'
+  end
+
+  describe 'views counter' do
+    let(:increment_counter_method) { :increment_views_count }
+    let(:total_counter_method) { :total_views_count }
+
+    it_behaves_like 'counter examples'
   end
 end
diff --git a/spec/lib/gitlab/usage_data_spec.rb b/spec/lib/gitlab/usage_data_spec.rb
index 90a534de202..270dd652c20 100644
--- a/spec/lib/gitlab/usage_data_spec.rb
+++ b/spec/lib/gitlab/usage_data_spec.rb
@@ -57,12 +57,22 @@ describe Gitlab::UsageData do
         gitaly
         database
         avg_cycle_analytics
+        web_ide_views
         web_ide_commits
+        web_ide_merge_requests
         influxdb_metrics_enabled
         prometheus_metrics_enabled
       ))
     end
 
+    it 'calls expected usage data methods' do
+      expect(Gitlab::UsageDataCounters::WebIdeCounter).to receive(:total_commits_count)
+      expect(Gitlab::UsageDataCounters::WebIdeCounter).to receive(:total_merge_requests_count)
+      expect(Gitlab::UsageDataCounters::WebIdeCounter).to receive(:total_views_count)
+
+      subject
+    end
+
     it "gathers usage counts" do
       expected_keys = %i(
         assignee_lists
-- 
cgit v1.2.1


From d375e834c91659416d5644eb4c008b00d4914ccb Mon Sep 17 00:00:00 2001
From: Walmyr Lima <walmyr@gitlab.com>
Date: Thu, 18 Jul 2019 17:13:02 +0200
Subject: Refactor collapse comments end-to-end test

To:
- Better separate scopes (pre-conditions on before, tests on it)
- Remove unnecessary expectation
- Replace other unnecessary expectations by page.assert_text
- Move variables closer to where they're used
---
 .../issue/collapse_comments_in_discussions_spec.rb | 23 +++++++++++-----------
 1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/collapse_comments_in_discussions_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/collapse_comments_in_discussions_spec.rb
index 2101311f065..e8fdffeeeab 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/collapse_comments_in_discussions_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/collapse_comments_in_discussions_spec.rb
@@ -3,31 +3,32 @@
 module QA
   context 'Plan' do
     describe 'collapse comments in issue discussions' do
-      let(:issue_title) { 'issue title' }
+      let(:my_first_reply) { 'My first reply' }
 
-      it 'user collapses reply for comments in an issue' do
+      before do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
         Page::Main::Login.perform(&:sign_in_using_credentials)
 
         issue = Resource::Issue.fabricate_via_api! do |issue|
-          issue.title = issue_title
+          issue.title = 'issue title'
         end
 
         issue.visit!
 
-        expect(page).to have_content(issue_title)
-
         Page::Project::Issue::Show.perform do |show_page|
-          my_first_discussion = "My first discussion"
-          my_first_reply = "My First Reply"
-          one_reply = "1 reply"
+          my_first_discussion = 'My first discussion'
 
           show_page.select_all_activities_filter
           show_page.start_discussion(my_first_discussion)
-          expect(show_page).to have_content(my_first_discussion)
-
+          page.assert_text(my_first_discussion)
           show_page.reply_to_discussion(my_first_reply)
-          expect(show_page).to have_content(my_first_reply)
+          page.assert_text(my_first_reply)
+        end
+      end
+
+      it 'user collapses and expands reply for comments in an issue' do
+        Page::Project::Issue::Show.perform do |show_page|
+          one_reply = "1 reply"
 
           show_page.collapse_replies
           expect(show_page).to have_content(one_reply)
-- 
cgit v1.2.1


From cd638abbbf86e3129112b4c4066c094061023118 Mon Sep 17 00:00:00 2001
From: Denys Mishunov <dmishunov@gitlab.com>
Date: Fri, 19 Jul 2019 13:18:31 +0200
Subject: Fixed regression for re-naming files in WebIDE

---
 .../javascripts/ide/stores/mutations/file.js       | 12 ++++---
 spec/javascripts/ide/stores/mutations/file_spec.js | 37 ++++++++++++++++++++++
 2 files changed, 45 insertions(+), 4 deletions(-)

diff --git a/app/assets/javascripts/ide/stores/mutations/file.js b/app/assets/javascripts/ide/stores/mutations/file.js
index a52f1e235ed..1442ea7dbfa 100644
--- a/app/assets/javascripts/ide/stores/mutations/file.js
+++ b/app/assets/javascripts/ide/stores/mutations/file.js
@@ -43,10 +43,14 @@ export default {
 
     [stateEntry, stagedFile, openFile, changedFile].forEach(f => {
       if (f) {
-        Object.assign(f, convertObjectPropsToCamelCase(data, { dropKeys: ['raw', 'baseRaw'] }), {
-          raw: (stateEntry && stateEntry.raw) || null,
-          baseRaw: null,
-        });
+        Object.assign(
+          f,
+          convertObjectPropsToCamelCase(data, { dropKeys: ['path', 'name', 'raw', 'baseRaw'] }),
+          {
+            raw: (stateEntry && stateEntry.raw) || null,
+            baseRaw: null,
+          },
+        );
       }
     });
   },
diff --git a/spec/javascripts/ide/stores/mutations/file_spec.js b/spec/javascripts/ide/stores/mutations/file_spec.js
index 7714f66c9a4..1b41c3c2548 100644
--- a/spec/javascripts/ide/stores/mutations/file_spec.js
+++ b/spec/javascripts/ide/stores/mutations/file_spec.js
@@ -103,6 +103,43 @@ describe('IDE store file mutations', () => {
       expect(localState.openFiles[0].rawPath).toEqual(rawPath);
       expect(localFile.rawPath).toEqual(rawPath);
     });
+
+    it('does not mutate certain props on the file', () => {
+      const path = 'New Path';
+      const name = 'New Name';
+      localFile.path = path;
+      localFile.name = name;
+
+      localState.stagedFiles = [localFile];
+      localState.changedFiles = [localFile];
+      localState.openFiles = [localFile];
+
+      mutations.SET_FILE_DATA(localState, {
+        data: {
+          path: 'Old Path',
+          name: 'Old Name',
+          raw: 'Old Raw',
+          base_raw: 'Old Base Raw',
+        },
+        file: localFile,
+      });
+
+      [
+        localState.stagedFiles[0],
+        localState.changedFiles[0],
+        localState.openFiles[0],
+        localFile,
+      ].forEach(f => {
+        expect(f).toEqual(
+          jasmine.objectContaining({
+            path,
+            name,
+            raw: null,
+            baseRaw: null,
+          }),
+        );
+      });
+    });
   });
 
   describe('SET_FILE_RAW_DATA', () => {
-- 
cgit v1.2.1


From 442f59917708d663b7dac36560dd174dc8fbc2d2 Mon Sep 17 00:00:00 2001
From: Ben Kochie <bjk@gitlab.com>
Date: Fri, 19 Jul 2019 13:34:04 +0000
Subject: Adjust redis cache metrics

* Remove `controller` and `action` labels from duration histogram.
* Create a new simple counter for `controller` and `action`.
* Adjust histogram buckets to observe smaller response times.
---
 changelogs/unreleased/bjk-64064_cache_metrics.yml         |  5 +++++
 .../monitoring/prometheus/gitlab_metrics.md               |  3 +++
 lib/gitlab/metrics/subscribers/rails_cache.rb             | 15 ++++++++++++---
 spec/lib/gitlab/metrics/subscribers/rails_cache_spec.rb   | 10 +++++++++-
 4 files changed, 29 insertions(+), 4 deletions(-)
 create mode 100644 changelogs/unreleased/bjk-64064_cache_metrics.yml

diff --git a/changelogs/unreleased/bjk-64064_cache_metrics.yml b/changelogs/unreleased/bjk-64064_cache_metrics.yml
new file mode 100644
index 00000000000..c9baff7cb7b
--- /dev/null
+++ b/changelogs/unreleased/bjk-64064_cache_metrics.yml
@@ -0,0 +1,5 @@
+---
+title: Adjust redis cache metrics
+merge_request: 30572
+author:
+type: changed
diff --git a/doc/administration/monitoring/prometheus/gitlab_metrics.md b/doc/administration/monitoring/prometheus/gitlab_metrics.md
index 89501f20d99..054fa547704 100644
--- a/doc/administration/monitoring/prometheus/gitlab_metrics.md
+++ b/doc/administration/monitoring/prometheus/gitlab_metrics.md
@@ -34,6 +34,9 @@ The following metrics are available:
 | filesystem_writable               | Gauge     | 9.4   | Whether or not the filesystem is writable |
 | filesystem_read_latency_seconds   | Gauge     | 9.4   | Read latency of a specific filesystem |
 | filesystem_readable               | Gauge     | 9.4   | Whether or not the filesystem is readable |
+| gitlab_cache_misses_total         | Counter   | 10.2  | Cache read miss |
+| gitlab_cache_operation_duration_seconds | Histogram   | 10.2  | Cache access time |
+| gitlab_cache_operations_total     | Counter   | 12.2  | Cache operations by controller/action |
 | http_requests_total               | Counter   | 9.4   | Rack request count |
 | http_request_duration_seconds     | Histogram | 9.4   | HTTP response time from rack middleware |
 | pipelines_created_total           | Counter   | 9.4   | Counter of pipelines created |
diff --git a/lib/gitlab/metrics/subscribers/rails_cache.rb b/lib/gitlab/metrics/subscribers/rails_cache.rb
index 01db507761b..2ee7144fe2f 100644
--- a/lib/gitlab/metrics/subscribers/rails_cache.rb
+++ b/lib/gitlab/metrics/subscribers/rails_cache.rb
@@ -50,7 +50,8 @@ module Gitlab
         def observe(key, duration)
           return unless current_transaction
 
-          metric_cache_operation_duration_seconds.observe(current_transaction.labels.merge({ operation: key }), duration / 1000.0)
+          metric_cache_operations_total.increment(current_transaction.labels.merge({ operation: key }))
+          metric_cache_operation_duration_seconds.observe({ operation: key }, duration / 1000.0)
           current_transaction.increment(:cache_duration, duration, false)
           current_transaction.increment(:cache_count, 1, false)
           current_transaction.increment("cache_#{key}_duration".to_sym, duration, false)
@@ -63,12 +64,20 @@ module Gitlab
           Transaction.current
         end
 
+        def metric_cache_operations_total
+          @metric_cache_operations_total ||= ::Gitlab::Metrics.counter(
+            :gitlab_cache_operations_total,
+            'Cache operations',
+            Transaction::BASE_LABELS
+          )
+        end
+
         def metric_cache_operation_duration_seconds
           @metric_cache_operation_duration_seconds ||= ::Gitlab::Metrics.histogram(
             :gitlab_cache_operation_duration_seconds,
             'Cache access time',
-            Transaction::BASE_LABELS.merge({ action: nil }),
-            [0.001, 0.01, 0.1, 1, 10]
+            {},
+            [0.00001, 0.0001, 0.001, 0.01, 0.1, 1.0]
           )
         end
 
diff --git a/spec/lib/gitlab/metrics/subscribers/rails_cache_spec.rb b/spec/lib/gitlab/metrics/subscribers/rails_cache_spec.rb
index 6795c1ab56b..e04056b3450 100644
--- a/spec/lib/gitlab/metrics/subscribers/rails_cache_spec.rb
+++ b/spec/lib/gitlab/metrics/subscribers/rails_cache_spec.rb
@@ -201,7 +201,15 @@ describe Gitlab::Metrics::Subscribers::RailsCache do
       it 'observes cache metric' do
         expect(subscriber.send(:metric_cache_operation_duration_seconds))
           .to receive(:observe)
-                .with(transaction.labels.merge(operation: :delete), event.duration / 1000.0)
+          .with({ operation: :delete }, event.duration / 1000.0)
+
+        subscriber.observe(:delete, event.duration)
+      end
+
+      it 'increments the operations total' do
+        expect(subscriber.send(:metric_cache_operations_total))
+          .to receive(:increment)
+          .with(transaction.labels.merge(operation: :delete))
 
         subscriber.observe(:delete, event.duration)
       end
-- 
cgit v1.2.1


From 4029d8b41c8c3263f9f4bb9d2c18838a9218978b Mon Sep 17 00:00:00 2001
From: Aleksei Lipniagov <alipniagov@gitlab.com>
Date: Fri, 19 Jul 2019 16:35:05 +0300
Subject: Get rid of `worker_label` in RubySampler

We have Prometheus::PidProvider which sets correct worker id for a
process, so such implementation of `worker_label` in the sampler is
obsolete.
---
 lib/gitlab/metrics/samplers/ruby_sampler.rb | 25 ++++++-------------------
 1 file changed, 6 insertions(+), 19 deletions(-)

diff --git a/lib/gitlab/metrics/samplers/ruby_sampler.rb b/lib/gitlab/metrics/samplers/ruby_sampler.rb
index eef802caabb..79f756c8f8a 100644
--- a/lib/gitlab/metrics/samplers/ruby_sampler.rb
+++ b/lib/gitlab/metrics/samplers/ruby_sampler.rb
@@ -7,7 +7,7 @@ module Gitlab
     module Samplers
       class RubySampler < BaseSampler
         def initialize(interval)
-          metrics[:process_start_time_seconds].set(labels.merge(worker_label), Time.now.to_i)
+          metrics[:process_start_time_seconds].set(labels, Time.now.to_i)
 
           super
         end
@@ -50,9 +50,9 @@ module Gitlab
         def sample
           start_time = System.monotonic_time
 
-          metrics[:file_descriptors].set(labels.merge(worker_label), System.file_descriptor_count)
-          metrics[:process_cpu_seconds_total].set(labels.merge(worker_label), ::Gitlab::Metrics::System.cpu_time)
-          metrics[:process_max_fds].set(labels.merge(worker_label), ::Gitlab::Metrics::System.max_open_file_descriptors)
+          metrics[:file_descriptors].set(labels, System.file_descriptor_count)
+          metrics[:process_cpu_seconds_total].set(labels, ::Gitlab::Metrics::System.cpu_time)
+          metrics[:process_max_fds].set(labels, ::Gitlab::Metrics::System.max_open_file_descriptors)
           set_memory_usage_metrics
           sample_gc
 
@@ -75,22 +75,9 @@ module Gitlab
 
         def set_memory_usage_metrics
           memory_usage = System.memory_usage
-          memory_labels = labels.merge(worker_label)
 
-          metrics[:memory_bytes].set(memory_labels, memory_usage)
-          metrics[:process_resident_memory_bytes].set(memory_labels, memory_usage)
-        end
-
-        def worker_label
-          return { worker: 'sidekiq' } if Sidekiq.server?
-          return {} unless defined?(Unicorn::Worker)
-
-          worker_no = ::Prometheus::Client::Support::Unicorn.worker_id
-          if worker_no
-            { worker: worker_no }
-          else
-            { worker: 'master' }
-          end
+          metrics[:memory_bytes].set(labels, memory_usage)
+          metrics[:process_resident_memory_bytes].set(labels, memory_usage)
         end
       end
     end
-- 
cgit v1.2.1


From 0d45894bc6dd18dec4cb69ac4fff3a940bab19e6 Mon Sep 17 00:00:00 2001
From: Walmyr Lima <walmyr@gitlab.com>
Date: Fri, 19 Jul 2019 16:06:21 +0200
Subject: Refactor create issue end-to-end test

This refactor:
- Moves the tests pre-conditions to a before blocks
- Creates an issue via the api for the second test to improve the
test suite performance
---
 .../browser_ui/2_plan/issue/create_issue_spec.rb   | 28 ++++++++++++----------
 1 file changed, 16 insertions(+), 12 deletions(-)

diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/create_issue_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/create_issue_spec.rb
index 342f65593f6..04ae4963d3a 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/create_issue_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/create_issue_spec.rb
@@ -5,8 +5,15 @@ module QA
     describe 'Issue creation' do
       let(:issue_title) { 'issue title' }
 
+      before do
+        Runtime::Browser.visit(:gitlab, Page::Main::Login)
+        Page::Main::Login.perform(&:sign_in_using_credentials)
+      end
+
       it 'user creates an issue' do
-        create_issue
+        Resource::Issue.fabricate_via_browser_ui! do |issue|
+          issue.title = issue_title
+        end
 
         Page::Project::Menu.perform(&:click_issues)
 
@@ -18,9 +25,15 @@ module QA
           File.absolute_path(File.join('spec', 'fixtures', 'banana_sample.gif'))
         end
 
-        it 'user comments on an issue with an attachment' do
-          create_issue
+        before do
+          issue = Resource::Issue.fabricate_via_api! do |issue|
+            issue.title = issue_title
+          end
+
+          issue.visit!
+        end
 
+        it 'user comments on an issue with an attachment' do
           Page::Project::Issue::Show.perform do |show|
             show.comment('See attached banana for scale', attachment: file_to_attach)
 
@@ -36,15 +49,6 @@ module QA
           end
         end
       end
-
-      def create_issue
-        Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.perform(&:sign_in_using_credentials)
-
-        Resource::Issue.fabricate_via_browser_ui! do |issue|
-          issue.title = issue_title
-        end
-      end
     end
   end
 end
-- 
cgit v1.2.1


From 033c1c0c3c8e15c120612c5e1671c253f37fec73 Mon Sep 17 00:00:00 2001
From: Sanad Liaquat <sliaquat@gitlab.com>
Date: Fri, 19 Jul 2019 19:23:43 +0500
Subject: Create user as admin

---
 .../browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
index afddbff75bd..1bcd80f27af 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
@@ -4,14 +4,24 @@ module QA
   context 'Plan' do
     describe 'check xss occurence in @mentions in issues' do
       before do
-        Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.perform(&:sign_in_using_credentials)
+        QA::Runtime::Env.personal_access_token = QA::Runtime::Env.admin_personal_access_token
+
+        unless QA::Runtime::Env.personal_access_token
+          Runtime::Browser.visit(:gitlab, Page::Main::Login)
+          Page::Main::Login.perform(&:sign_in_using_admin_credentials)
+        end
 
         user = Resource::User.fabricate_via_api! do |user|
           user.name = "eve <img src=x onerror=alert(2)&lt;img src=x onerror=alert(1)&gt;"
           user.password = "test1234"
         end
 
+        QA::Runtime::Env.personal_access_token = nil
+
+        Page::Main::Menu.perform(&:sign_out) if Page::Main::Menu.perform { |p| p.has_personal_area?(wait: 0) }
+
+        Page::Main::Login.perform(&:sign_in_using_credentials)
+
         project = Resource::Project.fabricate_via_api! do |resource|
           resource.name = 'xss-test-for-mentions-project'
         end
-- 
cgit v1.2.1


From 25777183b48765698c61467590a17301c2cce9ab Mon Sep 17 00:00:00 2001
From: Filipa Lacerda <filipa@gitlab.com>
Date: Fri, 19 Jul 2019 15:24:20 +0100
Subject: Centers loading icon in CI action

---
 app/assets/stylesheets/pages/pipelines.scss         | 5 +++++
 changelogs/unreleased/64265-center-loading-icon.yml | 5 +++++
 2 files changed, 10 insertions(+)
 create mode 100644 changelogs/unreleased/64265-center-loading-icon.yml

diff --git a/app/assets/stylesheets/pages/pipelines.scss b/app/assets/stylesheets/pages/pipelines.scss
index ff4fa8aacdc..5f4db37c317 100644
--- a/app/assets/stylesheets/pages/pipelines.scss
+++ b/app/assets/stylesheets/pages/pipelines.scss
@@ -695,6 +695,10 @@
         top: -1px;
       }
 
+      .spinner {
+        top: 2px;
+      }
+
       &.play {
         svg {
           left: 2px;
@@ -861,6 +865,7 @@ button.mini-pipeline-graph-dropdown-toggle {
         }
       }
 
+      .spinner,
       svg {
         width: $ci-action-dropdown-svg-size;
         height: $ci-action-dropdown-svg-size;
diff --git a/changelogs/unreleased/64265-center-loading-icon.yml b/changelogs/unreleased/64265-center-loading-icon.yml
new file mode 100644
index 00000000000..cd4253b63c6
--- /dev/null
+++ b/changelogs/unreleased/64265-center-loading-icon.yml
@@ -0,0 +1,5 @@
+---
+title: Center loading icon in CI action component
+merge_request:
+author:
+type: fixed
-- 
cgit v1.2.1


From 9c804111e7717c90249c88c8f96119043ffad378 Mon Sep 17 00:00:00 2001
From: Steve Azzopardi <sazzopardi@gitlab.com>
Date: Fri, 19 Jul 2019 08:53:53 +0200
Subject: Enable Junit reports

With https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/30254 Junit
reports were disabled. With
https://gitlab.com/gitlab-com/gl-infra/production/issues/928 and
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/30274 solved we
should enable them again.

closes https://gitlab.com/gitlab-org/gitlab-ce/issues/64756
---
 .gitlab/ci/frontend.gitlab-ci.yml | 10 ++++------
 .gitlab/ci/rails.gitlab-ci.yml    |  5 ++---
 2 files changed, 6 insertions(+), 9 deletions(-)

diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml
index b00d2f46088..6e3ecfc586e 100644
--- a/.gitlab/ci/frontend.gitlab-ci.yml
+++ b/.gitlab/ci/frontend.gitlab-ci.yml
@@ -138,9 +138,8 @@ karma:
       - chrome_debug.log
       - coverage-javascript/
       - tmp/tests/frontend/
-# see https://gitlab.com/gitlab-org/gitlab-ce/issues/64756
-#    reports:
-#      junit: junit_karma.xml
+    reports:
+      junit: junit_karma.xml
 
 jest:
   extends: .dedicated-no-docs-and-no-qa-pull-cache-job
@@ -163,9 +162,8 @@ jest:
       - coverage-frontend/
       - junit_jest.xml
       - tmp/tests/frontend/
-# see https://gitlab.com/gitlab-org/gitlab-ce/issues/64756
-#    reports:
-#      junit: junit_jest.xml
+    reports:
+      junit: junit_jest.xml
   cache:
     key: jest
     paths:
diff --git a/.gitlab/ci/rails.gitlab-ci.yml b/.gitlab/ci/rails.gitlab-ci.yml
index d0b1f1ab98f..1392768127b 100644
--- a/.gitlab/ci/rails.gitlab-ci.yml
+++ b/.gitlab/ci/rails.gitlab-ci.yml
@@ -80,9 +80,8 @@
       - rspec_profiling/
       - tmp/capybara/
       - tmp/memory_test/
-# see https://gitlab.com/gitlab-org/gitlab-ce/issues/64756
-#    reports:
-#      junit: junit_rspec.xml
+    reports:
+      junit: junit_rspec.xml
 
 .rspec-metadata-pg: &rspec-metadata-pg
   <<: *rspec-metadata
-- 
cgit v1.2.1


From 78b9586d1d39536141b6e3b015977b32434ed605 Mon Sep 17 00:00:00 2001
From: Steve Azzopardi <sazzopardi@gitlab.com>
Date: Fri, 19 Jul 2019 16:56:33 +0200
Subject: Update GitLab Runner Helm Chart to 0.7.0

---
 app/models/clusters/applications/runner.rb                         | 2 +-
 changelogs/unreleased/update-gitlab-runner-helm-chart-to-0-7-0.yml | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/update-gitlab-runner-helm-chart-to-0-7-0.yml

diff --git a/app/models/clusters/applications/runner.rb b/app/models/clusters/applications/runner.rb
index 6ae8c3bd7f3..6533b7a186e 100644
--- a/app/models/clusters/applications/runner.rb
+++ b/app/models/clusters/applications/runner.rb
@@ -3,7 +3,7 @@
 module Clusters
   module Applications
     class Runner < ApplicationRecord
-      VERSION = '0.6.0'.freeze
+      VERSION = '0.7.0'.freeze
 
       self.table_name = 'clusters_applications_runners'
 
diff --git a/changelogs/unreleased/update-gitlab-runner-helm-chart-to-0-7-0.yml b/changelogs/unreleased/update-gitlab-runner-helm-chart-to-0-7-0.yml
new file mode 100644
index 00000000000..ab1e7d77520
--- /dev/null
+++ b/changelogs/unreleased/update-gitlab-runner-helm-chart-to-0-7-0.yml
@@ -0,0 +1,5 @@
+---
+title: Update GitLab Runner Helm Chart to 0.7.0
+merge_request: 30950
+author:
+type: other
-- 
cgit v1.2.1


From 3d7ed053137c97e1d52ccf9d8bd285585b32ffc6 Mon Sep 17 00:00:00 2001
From: Sam Beckham <sbeckham@gitlab.com>
Date: Fri, 19 Jul 2019 16:58:28 +0000
Subject: Fixes the alignment on reports

- Removes a justify-center class that causes reports to centrally align
---
 app/assets/javascripts/reports/components/report_item.vue   | 2 +-
 app/assets/javascripts/reports/components/summary_row.vue   | 4 +---
 changelogs/unreleased/fix-alignment-on-security-reports.yml | 5 +++++
 3 files changed, 7 insertions(+), 4 deletions(-)
 create mode 100644 changelogs/unreleased/fix-alignment-on-security-reports.yml

diff --git a/app/assets/javascripts/reports/components/report_item.vue b/app/assets/javascripts/reports/components/report_item.vue
index d477fafd3f5..f3f7d2648a8 100644
--- a/app/assets/javascripts/reports/components/report_item.vue
+++ b/app/assets/javascripts/reports/components/report_item.vue
@@ -45,7 +45,7 @@ export default {
 <template>
   <li
     :class="{ 'is-dismissed': issue.isDismissed }"
-    class="report-block-list-issue justify-content-center align-items-center"
+    class="report-block-list-issue align-items-center"
   >
     <issue-status-icon
       v-if="showReportSectionStatusIcon"
diff --git a/app/assets/javascripts/reports/components/summary_row.vue b/app/assets/javascripts/reports/components/summary_row.vue
index 1caf52431e2..aba798e63d0 100644
--- a/app/assets/javascripts/reports/components/summary_row.vue
+++ b/app/assets/javascripts/reports/components/summary_row.vue
@@ -44,9 +44,7 @@ export default {
 };
 </script>
 <template>
-  <div
-    class="report-block-list-issue report-block-list-issue-parent justify-content-center align-items-center"
-  >
+  <div class="report-block-list-issue report-block-list-issue-parent align-items-center">
     <div class="report-block-list-icon append-right-default">
       <gl-loading-icon
         v-if="statusIcon === 'loading'"
diff --git a/changelogs/unreleased/fix-alignment-on-security-reports.yml b/changelogs/unreleased/fix-alignment-on-security-reports.yml
new file mode 100644
index 00000000000..5339b6d764d
--- /dev/null
+++ b/changelogs/unreleased/fix-alignment-on-security-reports.yml
@@ -0,0 +1,5 @@
+---
+title: Fixes alignment issues with reports
+merge_request: 30839
+author:
+type: fixed
-- 
cgit v1.2.1


From ec5ceae623fceff0a959c7d297970d37285532dc Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Fri, 19 Jul 2019 10:01:09 -0700
Subject: Fix Gitaly auto-detection caching

If `GitalyClient#can_use_disk?` returned `false`, it was never cached
properly and led to excessive number of Gitaly calls. Instead of using
`cached_value.present?`, we need to check `cached_value.nil?`.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/64802
---
 changelogs/unreleased/sh-fix-gitaly-server-info-cache.yml |  5 +++++
 lib/gitlab/gitaly_client.rb                               |  2 +-
 spec/lib/gitlab/gitaly_client_spec.rb                     | 13 +++++++++++++
 3 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/sh-fix-gitaly-server-info-cache.yml

diff --git a/changelogs/unreleased/sh-fix-gitaly-server-info-cache.yml b/changelogs/unreleased/sh-fix-gitaly-server-info-cache.yml
new file mode 100644
index 00000000000..ef8f6e25856
--- /dev/null
+++ b/changelogs/unreleased/sh-fix-gitaly-server-info-cache.yml
@@ -0,0 +1,5 @@
+---
+title: Fix Gitaly auto-detection caching
+merge_request: 30954
+author:
+type: performance
diff --git a/lib/gitlab/gitaly_client.rb b/lib/gitlab/gitaly_client.rb
index e7319a7b7f0..c98de722fe1 100644
--- a/lib/gitlab/gitaly_client.rb
+++ b/lib/gitlab/gitaly_client.rb
@@ -392,7 +392,7 @@ module Gitlab
         @can_use_disk[storage]
       end
 
-      return cached_value if cached_value.present?
+      return cached_value unless cached_value.nil?
 
       gitaly_filesystem_id = filesystem_id(storage)
       direct_filesystem_id = filesystem_id_from_disk(storage)
diff --git a/spec/lib/gitlab/gitaly_client_spec.rb b/spec/lib/gitlab/gitaly_client_spec.rb
index b8debee3b58..e1d24ae8977 100644
--- a/spec/lib/gitlab/gitaly_client_spec.rb
+++ b/spec/lib/gitlab/gitaly_client_spec.rb
@@ -119,6 +119,19 @@ describe Gitlab::GitalyClient do
     end
   end
 
+  describe '.can_use_disk?' do
+    it 'properly caches a false result' do
+      # spec_helper stubs this globally
+      allow(described_class).to receive(:can_use_disk?).and_call_original
+      expect(described_class).to receive(:filesystem_id).once
+      expect(described_class).to receive(:filesystem_id_from_disk).once
+
+      2.times do
+        described_class.can_use_disk?('unknown')
+      end
+    end
+  end
+
   describe '.connection_data' do
     it 'returns connection data' do
       address = 'tcp://localhost:9876'
-- 
cgit v1.2.1


From 351bc078ca079a95445b54f01a72c34cf5a946bb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Francisco=20Javier=20L=C3=B3pez?= <fjlopez@gitlab.com>
Date: Fri, 19 Jul 2019 17:04:33 +0000
Subject: Avoid increasing redis counters when usage_ping is disabled

---
 ...void-incresaing-usage-ping-when-not-enabled.yml |  5 ++++
 lib/gitlab/usage_data_counters/redis_counter.rb    |  2 ++
 .../usage_data_counters/redis_counter_spec.rb      | 33 ++++++++++++++++++++++
 3 files changed, 40 insertions(+)
 create mode 100644 changelogs/unreleased/fj-avoid-incresaing-usage-ping-when-not-enabled.yml
 create mode 100644 spec/lib/gitlab/usage_data_counters/redis_counter_spec.rb

diff --git a/changelogs/unreleased/fj-avoid-incresaing-usage-ping-when-not-enabled.yml b/changelogs/unreleased/fj-avoid-incresaing-usage-ping-when-not-enabled.yml
new file mode 100644
index 00000000000..f1077f2d56d
--- /dev/null
+++ b/changelogs/unreleased/fj-avoid-incresaing-usage-ping-when-not-enabled.yml
@@ -0,0 +1,5 @@
+---
+title: Avoid increasing redis counters when usage_ping is disabled
+merge_request: 30949
+author:
+type: changed
diff --git a/lib/gitlab/usage_data_counters/redis_counter.rb b/lib/gitlab/usage_data_counters/redis_counter.rb
index d10871f704c..75d5a75e3a4 100644
--- a/lib/gitlab/usage_data_counters/redis_counter.rb
+++ b/lib/gitlab/usage_data_counters/redis_counter.rb
@@ -4,6 +4,8 @@ module Gitlab
   module UsageDataCounters
     module RedisCounter
       def increment(redis_counter_key)
+        return unless Gitlab::CurrentSettings.usage_ping_enabled
+
         Gitlab::Redis::SharedState.with { |redis| redis.incr(redis_counter_key) }
       end
 
diff --git a/spec/lib/gitlab/usage_data_counters/redis_counter_spec.rb b/spec/lib/gitlab/usage_data_counters/redis_counter_spec.rb
new file mode 100644
index 00000000000..c34ac7867ab
--- /dev/null
+++ b/spec/lib/gitlab/usage_data_counters/redis_counter_spec.rb
@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::UsageDataCounters::RedisCounter, :clean_gitlab_redis_shared_state do
+  let(:redis_key) { 'foobar' }
+
+  subject { Class.new.extend(described_class) }
+
+  before do
+    stub_application_setting(usage_ping_enabled: setting_value)
+  end
+
+  context 'when usage_ping is disabled' do
+    let(:setting_value) { false }
+
+    it 'counter is not increased' do
+      expect do
+        subject.increment(redis_key)
+      end.not_to change { subject.total_count(redis_key) }
+    end
+  end
+
+  context 'when usage_ping is enabled' do
+    let(:setting_value) { true }
+
+    it 'counter is increased' do
+      expect do
+        subject.increment(redis_key)
+      end.to change { subject.total_count(redis_key) }.by(1)
+    end
+  end
+end
-- 
cgit v1.2.1


From 34a5f77e770765f278ade00a33ef846e2e1ce3d3 Mon Sep 17 00:00:00 2001
From: Toon Claes <toon@gitlab.com>
Date: Fri, 19 Jul 2019 17:33:48 +0000
Subject: Document database review process

See https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/6069
---
 .gitlab/CODEOWNERS                                 |   6 +-
 .../merge_request_templates/Database changes.md    |  13 +--
 danger/database/Dangerfile                         |  42 +++++----
 danger/roulette/Dangerfile                         |  15 +--
 doc/development/README.md                          |   1 +
 doc/development/code_review.md                     |   1 +
 .../contributing/merge_request_workflow.md         |   3 +-
 doc/development/database_review.md                 | 101 +++++++++++++++++++++
 lib/gitlab/danger/helper.rb                        |  26 ++++++
 spec/lib/gitlab/danger/helper_spec.rb              |  30 ++++++
 10 files changed, 196 insertions(+), 42 deletions(-)
 create mode 100644 doc/development/database_review.md

diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS
index b865b212ac0..13c8b4a8458 100644
--- a/.gitlab/CODEOWNERS
+++ b/.gitlab/CODEOWNERS
@@ -9,8 +9,12 @@
 app/assets/ @ClemMakesApps @fatihacet @filipa @iamphill @mikegreiling @timzallmann @kushalpandya @pslaughter
 *.scss @annabeldunstone @ClemMakesApps @fatihacet @filipa @iamphill @mikegreiling @timzallmann @kushalpandya @pslaughter
 
-# Someone from the database team should review changes in `db/`
+# Maintainers from the Database team should review changes in `db/`
 db/ @abrandl @NikolayS
+lib/gitlab/background_migration/ @abrandl @NikolayS
+lib/gitlab/database/ @abrandl @NikolayS
+lib/gitlab/sql/ @abrandl @NikolayS
+/ee/db/ @abrandl @NikolayS
 
 # Feature specific owners
 /ee/lib/gitlab/code_owners/ @reprazent
diff --git a/.gitlab/merge_request_templates/Database changes.md b/.gitlab/merge_request_templates/Database changes.md
index 3f457174492..2077997a0cb 100644
--- a/.gitlab/merge_request_templates/Database changes.md	
+++ b/.gitlab/merge_request_templates/Database changes.md	
@@ -39,20 +39,11 @@ When adding tables:
 
 - [ ] Ordered columns based on the [Ordering Table Columns](https://docs.gitlab.com/ee/development/ordering_table_columns.html#ordering-table-columns) guidelines
 - [ ] Added foreign keys to any columns pointing to data in other tables
-- [ ] Added indexes for fields that are used in statements such as WHERE, ORDER BY, GROUP BY, and JOINs
+- [ ] Added indexes for fields that are used in statements such as `WHERE`, `ORDER BY`, `GROUP BY`, and `JOIN`s
 
 When removing columns, tables, indexes or other structures:
 
 - [ ] Removed these in a post-deployment migration
 - [ ] Made sure the application no longer uses (or ignores) these structures
 
-## General checklist
-
-- [ ] [Changelog entry](https://docs.gitlab.com/ee/development/changelog.html) added, if necessary
-- [ ] [Documentation created/updated](https://docs.gitlab.com/ee/development/documentation/)
-- [ ] [Tests added for this feature/bug](https://docs.gitlab.com/ee/development/testing_guide/index.html)
-- [ ] Conforms to the [code review guidelines](https://docs.gitlab.com/ee/development/code_review.html)
-- [ ] Conforms to the [merge request performance guidelines](https://docs.gitlab.com/ee/development/merge_request_performance_guidelines.html)
-- [ ] Conforms to the [style guides](https://docs.gitlab.com/ee/development/contributing/style_guides.html)
-
-/label ~database
+/label ~database ~"database::review pending"
diff --git a/danger/database/Dangerfile b/danger/database/Dangerfile
index 083e95b8da7..3550cb7eabf 100644
--- a/danger/database/Dangerfile
+++ b/danger/database/Dangerfile
@@ -8,6 +8,21 @@ updated too (unless the migration isn't changing the DB schema
 and isn't the most recent one).
 MSG
 
+DB_MESSAGE = <<~MSG
+This merge request requires a database review. To make sure these
+changes are reviewed, take the following steps:
+
+1. Ensure the merge request has ~database and ~"database::review pending" labels.
+   If the merge request modifies database files, Danger will do this for you.
+1. Use the [Database changes checklist](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/.gitlab/merge_request_templates/Database%20changes.md)
+   template or add the appropriate items to the MR description.
+1. Assign and mention the database reviewer suggested by Reviewer Roulette.
+MSG
+
+DB_FILES_MESSAGE = <<~MSG
+The following files require a review from the Database team:
+MSG
+
 non_geo_db_schema_updated = !git.modified_files.grep(%r{\Adb/schema\.rb}).empty?
 geo_db_schema_updated = !git.modified_files.grep(%r{\Aee/db/geo/schema\.rb}).empty?
 
@@ -24,27 +39,18 @@ end
 
 db_paths_to_review = helper.changes_by_category[:database]
 
-unless db_paths_to_review.empty?
+if gitlab.mr_labels.include?('database') || db_paths_to_review.any?
   message 'This merge request adds or changes files that require a ' \
-    'review from the Database team.'
-
-  markdown(<<~MARKDOWN.strip)
-## Database Review
-
-The following files require a review from the Database team:
-
-* #{db_paths_to_review.map { |path| "`#{path}`" }.join("\n* ")}
+    'review from the [Database team](https://gitlab.com/groups/gl-database/-/group_members).'
 
-To make sure these changes are reviewed, take the following steps:
+  markdown(DB_MESSAGE)
+  markdown(DB_FILES_MESSAGE + helper.markdown_list(db_paths_to_review)) if db_paths_to_review.any?
 
-1. Edit your merge request, and add `gl-database` to the list of Group
-   approvers.
-1. Mention `@gl-database` in a separate comment, and explain what needs to be
-   reviewed by the team. Please don't mention the team until your changes are
-   ready for review.
-  MARKDOWN
+  database_labels = helper.missing_database_labels(gitlab.mr_labels)
 
-  unless gitlab.mr_labels.include?('database')
-    warn 'This merge request is missing the ~database label.'
+  if database_labels.any?
+    gitlab.api.update_merge_request(gitlab.mr_json['project_id'],
+                                        gitlab.mr_json['iid'],
+                                        labels: (gitlab.mr_labels + database_labels).join(','))
   end
 end
diff --git a/danger/roulette/Dangerfile b/danger/roulette/Dangerfile
index 6718e218233..19a5076778c 100644
--- a/danger/roulette/Dangerfile
+++ b/danger/roulette/Dangerfile
@@ -55,22 +55,15 @@ def spin_for_category(team, project, category, branch_name)
   "| #{helper.label_for_category(category)} | #{reviewer&.markdown_name || NO_REVIEWER} | #{maintainer&.markdown_name || NO_MAINTAINER} |"
 end
 
-def build_list(items)
-  list = items.map { |filename| "* `#{filename}`" }.join("\n")
-
-  if items.size > 10
-    "\n<details>\n\n#{list}\n\n</details>"
-  else
-    list
-  end
-end
-
 changes = helper.changes_by_category
 
 # Ignore any files that are known but uncategorized. Prompt for any unknown files
 changes.delete(:none)
 categories = changes.keys - [:unknown]
 
+# Ensure to spin for database reviewer/maintainer when ~database is applied (e.g. to review SQL queries)
+categories << :database if gitlab.mr_labels.include?('database') && !categories.include?(:database)
+
 # Single codebase MRs are reviewed using a slightly different process, so we
 # disable the review roulette for such MRs.
 # CSS Clean up MRs are reviewed using a slightly different process, so we
@@ -95,5 +88,5 @@ if changes.any? && !gitlab.mr_labels.include?('single codebase') && !gitlab.mr_l
 
   markdown(MESSAGE)
   markdown(CATEGORY_TABLE_HEADER + rows.join("\n")) unless rows.empty?
-  markdown(UNKNOWN_FILES_MESSAGE + build_list(unknown)) unless unknown.empty?
+  markdown(UNKNOWN_FILES_MESSAGE + helper.markdown_list(unknown)) unless unknown.empty?
 end
diff --git a/doc/development/README.md b/doc/development/README.md
index 4f16473e7e2..ea5d9e10e2c 100644
--- a/doc/development/README.md
+++ b/doc/development/README.md
@@ -17,6 +17,7 @@ description: 'Learn how to contribute to GitLab.'
 - [GitLab core team & GitLab Inc. contribution process](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/PROCESS.md)
 - [Generate a changelog entry with `bin/changelog`](changelog.md)
 - [Code review guidelines](code_review.md) for reviewing code and having code reviewed
+- [Database review guidelines](database_review.md) for reviewing database-related changes and complex SQL queries
 - [Automatic CE->EE merge](automatic_ce_ee_merge.md)
 - [Guidelines for implementing Enterprise Edition features](ee_features.md)
 - [Security process for developers](https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md#security-releases-critical-non-critical-as-a-developer)
diff --git a/doc/development/code_review.md b/doc/development/code_review.md
index a9a46c62d38..709cd0c806b 100644
--- a/doc/development/code_review.md
+++ b/doc/development/code_review.md
@@ -62,6 +62,7 @@ from teams other than your own.
    **approved by a [backend maintainer](https://about.gitlab.com/handbook/engineering/projects/#gitlab-ce_maintainers_backend)**.
 1. If your merge request includes database migrations or changes to expensive queries [^2], it must be
    **approved by a [database maintainer](https://about.gitlab.com/handbook/engineering/projects/#gitlab-ce_maintainers_database)**.
+   Read the [database review guidelines](database_review.md) for more details.
 1. If your merge request includes frontend changes [^1], it must be
    **approved by a [frontend maintainer](https://about.gitlab.com/handbook/engineering/projects/#gitlab-ce_maintainers_frontend)**.
 1. If your merge request includes UX changes [^1], it must be
diff --git a/doc/development/contributing/merge_request_workflow.md b/doc/development/contributing/merge_request_workflow.md
index 3325d3e074e..17328762c5b 100644
--- a/doc/development/contributing/merge_request_workflow.md
+++ b/doc/development/contributing/merge_request_workflow.md
@@ -103,7 +103,8 @@ If you would like quick feedback on your merge request feel free to mention some
 from the [core team](https://about.gitlab.com/community/core-team/) or one of the
 [merge request coaches](https://about.gitlab.com/team/). When having your code reviewed
 and when reviewing merge requests, please keep the [code review guidelines](../code_review.md)
-in mind.
+in mind. And if your code also makes changes to the database, or does expensive queries,
+check the [database review guidelines](../database_review.md).
 
 ### Keep it simple
 
diff --git a/doc/development/database_review.md b/doc/development/database_review.md
new file mode 100644
index 00000000000..1413c2f69fb
--- /dev/null
+++ b/doc/development/database_review.md
@@ -0,0 +1,101 @@
+# Database Review Guidelines
+
+This page is specific to database reviews. Please refer to our
+[code review guide](code_review.md) for broader advice and best
+practices for code review in general.
+
+## General process
+
+A database review is required for:
+
+- Changes that touch the database schema or perform data migrations,
+  including files in:
+  - `db/`
+  - `lib/gitlab/background_migration/`
+- Changes to the database tooling, e.g.:
+  - migration or ActiveRecord helpers in `lib/gitlab/database/`
+  - load balancing
+- Changes that produce SQL queries that are beyond the obvious. It is
+  generally up to the author of a merge request to decide whether or
+  not complex queries are being introduced and if they require a
+  database review.
+
+A database reviewer is expected to look out for obviously complex
+queries in the change and review those closer. If the author does not
+point out specific queries for review and there are no obviously
+complex queries, it is enough to concentrate on reviewing the
+migration only.
+
+It is preferable to review queries in SQL form and generally accepted
+to ask the author to translate any ActiveRecord queries in SQL form
+for review.
+
+### Roles and process
+
+A Merge Request author's role is to:
+
+- Decide whether a database review is needed.
+- If database review is needed, add the ~database label.
+- Use the [database changes](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/.gitlab/merge_request_templates/Database%20changes.md)
+  merge request template, or include the appropriate items in the MR description.
+
+A database **reviewer**'s role is to:
+
+- Perform a first-pass review on the MR and suggest improvements to the author.
+- Once satisfied, relabel the MR with ~"database::reviewed", approve it, and
+  reassign MR to the database **maintainer** suggested by Reviewer
+  Roulette.
+
+A database **maintainer**'s role is to:
+
+- Perform the final database review on the MR.
+- Discuss further improvements or other relevant changes with the
+  database reviewer and the MR author.
+- Finally approve the MR and relabel the MR with ~"database::approved"
+- Merge the MR if no other approvals are pending or pass it on to
+  other maintainers as required (frontend, backend, docs).
+
+### Distributing review workload
+
+Review workload is distributed using [reviewer roulette](code_review.md#reviewer-roulette)
+([example](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/25181#note_147551725)).
+The MR author should then co-assign the suggested database
+**reviewer**. When they give their sign-off, they will hand over to
+the suggested database **maintainer**.
+
+If reviewer roulette didn't suggest a database reviewer & maintainer,
+make sure you have applied the ~database label and rerun the
+`danger-review` CI job, or pick someone from the
+[`@gl-database` team](https://gitlab.com/groups/gl-database/-/group_members).
+
+### How to review for database
+
+- Check migrations
+  - Review relational modeling and design choices
+  - Review migrations follow [database migration style guide](migration_style_guide.md),
+    for example
+    - [Check ordering of columns](ordering_table_columns.md)
+    - [Check indexes are present for foreign keys](migration_style_guide.md#adding-foreign-key-constraints)
+  - Ensure that migrations execute in a transaction or only contain
+    concurrent index/foreign key helpers (with transactions disabled)
+  - Check consistency with `db/schema.rb` and that migrations are [reversible](migration_style_guide.md#reversibility)
+  - For data migrations, establish a time estimate for execution
+- Check post deploy migration
+  - Make sure we can expect post deploy migrations to finish within 1 hour max.
+- Check background migrations
+  - Review queries (for example, make sure batch sizes are fine)
+  - Establish a time estimate for execution
+- Query performance
+  - Check for any obviously complex queries and queries the author specifically
+    points out for review (if any)
+  - If not present yet, ask the author to provide SQL queries and query plans
+    (e.g. by using [chatops](understanding_explain_plans.md#chatops) or direct
+    database access)
+  - For given queries, review parameters regarding data distribution
+  - [Check query plans](understanding_explain_plans.md) and suggest improvements
+    to queries (changing the query, schema or adding indexes and similar)
+  - General guideline is for queries to come in below 100ms execution time
+  - If queries rely on prior migrations that are not present yet on production
+    (eg indexes, columns), you can use a [one-off instance from the restore
+    pipeline](https://ops.gitlab.net/gitlab-com/gl-infra/gitlab-restore/postgres-gprd)
+    in order to establish a proper testing environment.
diff --git a/lib/gitlab/danger/helper.rb b/lib/gitlab/danger/helper.rb
index 0fc145534bf..c0a12318990 100644
--- a/lib/gitlab/danger/helper.rb
+++ b/lib/gitlab/danger/helper.rb
@@ -46,6 +46,16 @@ module Gitlab
         ee? ? 'gitlab-ee' : 'gitlab-ce'
       end
 
+      def markdown_list(items)
+        list = items.map { |item| "* `#{item}`" }.join("\n")
+
+        if items.size > 10
+          "\n<details>\n\n#{list}\n\n</details>\n"
+        else
+          list
+        end
+      end
+
       # @return [Hash<String,Array<String>>]
       def changes_by_category
         all_changed_files.each_with_object(Hash.new { |h, k| h[k] = [] }) do |file, hash|
@@ -132,6 +142,22 @@ module Gitlab
       def new_teammates(usernames)
         usernames.map { |u| Gitlab::Danger::Teammate.new('username' => u) }
       end
+
+      def missing_database_labels(current_mr_labels)
+        labels = if has_database_scoped_labels?(current_mr_labels)
+                   ['database']
+                 else
+                   ['database', 'database::review pending']
+                 end
+
+        labels - current_mr_labels
+      end
+
+      private
+
+      def has_database_scoped_labels?(current_mr_labels)
+        current_mr_labels.any? { |label| label.start_with?('database::') }
+      end
     end
   end
 end
diff --git a/spec/lib/gitlab/danger/helper_spec.rb b/spec/lib/gitlab/danger/helper_spec.rb
index 92d90ac2fef..f11f68ab3c2 100644
--- a/spec/lib/gitlab/danger/helper_spec.rb
+++ b/spec/lib/gitlab/danger/helper_spec.rb
@@ -85,6 +85,20 @@ describe Gitlab::Danger::Helper do
     end
   end
 
+  describe '#markdown_list' do
+    it 'creates a markdown list of items' do
+      items = %w[a b]
+
+      expect(helper.markdown_list(items)).to eq("* `a`\n* `b`")
+    end
+
+    it 'wraps items in <details> when there are more than 10 items' do
+      items = ('a'..'k').to_a
+
+      expect(helper.markdown_list(items)).to match(%r{<details>[^<]+</details>})
+    end
+  end
+
   describe '#changes_by_category' do
     it 'categorizes changed files' do
       expect(fake_git).to receive(:added_files) { %w[foo foo.md foo.rb foo.js db/foo lib/gitlab/database/foo.rb qa/foo ee/changelogs/foo.yml] }
@@ -224,4 +238,20 @@ describe Gitlab::Danger::Helper do
       expect(teammates.map(&:username)).to eq(usernames)
     end
   end
+
+  describe '#missing_database_labels' do
+    subject { helper.missing_database_labels(current_mr_labels) }
+
+    context 'when current merge request has ~database::review pending' do
+      let(:current_mr_labels) { ['database::review pending', 'feature'] }
+
+      it { is_expected.to match_array(['database']) }
+    end
+
+    context 'when current merge request does not have ~database::review pending' do
+      let(:current_mr_labels) { ['feature'] }
+
+      it { is_expected.to match_array(['database', 'database::review pending']) }
+    end
+  end
 end
-- 
cgit v1.2.1


From b1694896ffd4dcf8bc54d19b5d513813e63d6121 Mon Sep 17 00:00:00 2001
From: Brett Walker <bwalker@gitlab.com>
Date: Fri, 19 Jul 2019 11:37:35 -0500
Subject: Properly identify task lists inside a blockquote

Updated the task list regex to understand blockquote
characters that can come before the task item marker
---
 app/models/concerns/taskable.rb                     |  3 ++-
 ...kbox-inside-blockquote-status-won-t-be-saved.yml |  5 +++++
 spec/services/task_list_toggle_service_spec.rb      | 17 +++++++++++++++++
 .../shared_examples/taskable_shared_examples.rb     | 21 +++++++++++++++++++++
 4 files changed, 45 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/64697-markdown-issues-checkbox-inside-blockquote-status-won-t-be-saved.yml

diff --git a/app/models/concerns/taskable.rb b/app/models/concerns/taskable.rb
index b42adad94ba..8b536a123fc 100644
--- a/app/models/concerns/taskable.rb
+++ b/app/models/concerns/taskable.rb
@@ -15,7 +15,8 @@ module Taskable
   INCOMPLETE_PATTERN = /(\[[\s]\])/.freeze
   ITEM_PATTERN       = %r{
     ^
-    \s*(?:[-+*]|(?:\d+\.)) # list prefix required - task item has to be always in a list
+    (?:(?:>\s{0,4})*)         # optional blockquote characters
+    \s*(?:[-+*]|(?:\d+\.))    # list prefix required - task item has to be always in a list
     \s+                       # whitespace prefix has to be always presented for a list item
     (\[\s\]|\[[xX]\])         # checkbox
     (\s.+)                    # followed by whitespace and some text.
diff --git a/changelogs/unreleased/64697-markdown-issues-checkbox-inside-blockquote-status-won-t-be-saved.yml b/changelogs/unreleased/64697-markdown-issues-checkbox-inside-blockquote-status-won-t-be-saved.yml
new file mode 100644
index 00000000000..00664d64050
--- /dev/null
+++ b/changelogs/unreleased/64697-markdown-issues-checkbox-inside-blockquote-status-won-t-be-saved.yml
@@ -0,0 +1,5 @@
+---
+title: Better support clickable tasklists inside blockquotes
+merge_request: 30952
+author:
+type: fixed
diff --git a/spec/services/task_list_toggle_service_spec.rb b/spec/services/task_list_toggle_service_spec.rb
index 9adaee6481b..a309951bbcb 100644
--- a/spec/services/task_list_toggle_service_spec.rb
+++ b/spec/services/task_list_toggle_service_spec.rb
@@ -114,6 +114,23 @@ describe TaskListToggleService do
     expect(toggler.execute).to be_falsey
   end
 
+  it 'properly handles tasks in a blockquote' do
+    markdown =
+      <<-EOT.strip_heredoc
+      > > * [ ] Task 1
+      > * [x] Task 2
+    EOT
+
+    markdown_html = Banzai::Pipeline::FullPipeline.call(markdown, project: nil)[:output].to_html
+    toggler = described_class.new(markdown, markdown_html,
+                                  toggle_as_checked: true,
+                                  line_source: '> > * [ ] Task 1', line_number: 1)
+
+    expect(toggler.execute).to be_truthy
+    expect(toggler.updated_markdown.lines[0]).to eq "> > * [x] Task 1\n"
+    expect(toggler.updated_markdown_html).to include('disabled checked> Task 1')
+  end
+
   it 'properly handles a GitLab blockquote' do
     markdown =
       <<-EOT.strip_heredoc
diff --git a/spec/support/shared_examples/taskable_shared_examples.rb b/spec/support/shared_examples/taskable_shared_examples.rb
index 4056ff06b84..4a1df1ce380 100644
--- a/spec/support/shared_examples/taskable_shared_examples.rb
+++ b/spec/support/shared_examples/taskable_shared_examples.rb
@@ -105,4 +105,25 @@ shared_examples 'a Taskable' do
       expect(subject.task_status_short).to match('1 task')
     end
   end
+
+  describe 'with tasks in blockquotes' do
+    before do
+      subject.description = <<-EOT.strip_heredoc
+        > - [ ] Task a
+        > > - [x] Task a.1
+
+        >>>
+        1. [ ] Task 1
+        1. [x] Task 2
+        >>>
+      EOT
+    end
+
+    it 'returns the correct task status' do
+      expect(subject.task_status).to match('2 of')
+      expect(subject.task_status).to match('4 tasks completed')
+      expect(subject.task_status_short).to match('2/')
+      expect(subject.task_status_short).to match('4 tasks')
+    end
+  end
 end
-- 
cgit v1.2.1


From 2116224b10749684dc1a0a4eb66ce89173d601cc Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 19 Jul 2019 18:21:19 +0000
Subject: Apply suggestion to doc/user/permissions.md

---
 doc/user/permissions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index e9b61b9c995..145f7a93426 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -208,7 +208,7 @@ group.
 | Manage group labels                             |       | ✓        | ✓         | ✓          | ✓     |
 | Create project in group                         |       |          | ✓         | ✓          | ✓     |
 | Create/edit/delete group milestones             |       |          | ✓         | ✓          | ✓     |
-| Enable/disable a dependency proxy **[PREMIUM]** |       |          | ✓         | ✓          | ✓     |
+| Enable/disable a dependency proxy **(PREMIUM)** |       |          | ✓         | ✓          | ✓     |
 | Create subgroup                                 |       |          |           | ✓ (1)      | ✓     |
 | Edit group                                      |       |          |           |            | ✓     |
 | Manage group members                            |       |          |           |            | ✓     |
-- 
cgit v1.2.1


From e8ace3fab1839578aa7bf8278dd701a17452f986 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 19 Jul 2019 18:22:09 +0000
Subject: Apply suggestion to doc/user/group/subgroups/index.md

---
 doc/user/group/subgroups/index.md | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index b9313ccdb1e..b31851aa151 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -74,10 +74,15 @@ structure.
 
 ## Creating a subgroup
 
-To create a subgroup you must either be an Owner or a Maintainer of the group,
-depending on the group's setting. By default groups allow both Owners and
-Maintainers to create subgroups, but this can be changed by an Owner or
-Administrator to only allow Owners to create subgroups.
+To create a subgroup you must either be an Owner or a Maintainer of the
+group, depending on the group's setting.
+
+By default, groups created in:
+
+- GitLab 12.2 or later allow both Owners and Maintainers to create subgroups.
+- GitLab 12.1 or earlier only allow Owners to create subgroups.
+
+This setting can be for any group by an Owner or Administrator.
 
 For more information check the
 [permissions table](../../permissions.md#group-members-permissions). For a list
-- 
cgit v1.2.1


From 7b958537fd4eb542770a851949bb8b9cdae193f1 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 14 Jun 2019 15:13:24 -0700
Subject: Add changelog

---
 changelogs/unreleased/maintainers-can-create-subgroup.yml | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changelogs/unreleased/maintainers-can-create-subgroup.yml

diff --git a/changelogs/unreleased/maintainers-can-create-subgroup.yml b/changelogs/unreleased/maintainers-can-create-subgroup.yml
new file mode 100644
index 00000000000..b537862c8af
--- /dev/null
+++ b/changelogs/unreleased/maintainers-can-create-subgroup.yml
@@ -0,0 +1,5 @@
+---
+title: Maintainers can crete subgroups
+merge_request: 29718
+author: Fabio Papa
+type: changed
-- 
cgit v1.2.1


From 3cbca3776c791819cbcc6890b7c8319f3b40e35f Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 14 Jun 2019 15:16:55 -0700
Subject: Add failing feature spec detailing a maintainer creating a subgroup

- Change the two existing feature examples that create a subgroup to
  elucidate that the owner is creating the subgroup

- Nest two more specs inside the 'subgroup support' context detailing
  what happens when a maintainer attempts to add a subgroup (one with
  subgroup support, and one without)
---
 spec/features/groups/show_spec.rb | 61 ++++++++++++++++++++++++++++++---------
 1 file changed, 48 insertions(+), 13 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 9671a4d8c49..2654d06cd8c 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -56,32 +56,67 @@ describe 'Group show page' do
   end
 
   context 'subgroup support' do
-    let(:user) { create(:user) }
+    let(:owner) { create(:user) }
+    let(:maintainer) { create(:user) }
 
     before do
-      group.add_owner(user)
-      sign_in(user)
+      group.add_owner(owner)
+      group.add_maintainer(maintainer)
     end
 
-    context 'when subgroups are supported', :js, :nested_groups do
+    context 'for owners' do
       before do
-        allow(Group).to receive(:supports_nested_objects?) { true }
-        visit path
+        sign_in(owner)
       end
 
-      it 'allows creating subgroups' do
-        expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+      context 'when subgroups are supported', :js, :nested_groups do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+        end
+      end
+
+      context 'when subgroups are not supported' do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+        end
       end
     end
 
-    context 'when subgroups are not supported' do
+    context 'for maintainers' do
       before do
-        allow(Group).to receive(:supports_nested_objects?) { false }
-        visit path
+        sign_in(maintainer)
+      end
+
+      context 'when subgroups are supported', :js, :nested_groups do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+        end
       end
 
-      it 'allows creating subgroups' do
-        expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+      context 'when subgroups are not supported' do
+        before do
+          allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
+        end
+
+        it 'allows creating subgroups' do
+          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+        end
       end
     end
   end
-- 
cgit v1.2.1


From bbb578b0627f86dd8014f228165f9197459ff3e0 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 11:07:17 -0700
Subject: Add failing unit test specifying a maintainer creating a subgroup

---
 spec/services/groups/create_service_spec.rb                  |  9 +++++++++
 .../shared_contexts/policies/group_policy_shared_context.rb  | 12 ++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index c5ff6cdbacd..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,3 +1,4 @@
+# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -87,6 +88,14 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
+
+      context 'as maintainer' do
+        before do
+          group.add_maintainer(user)
+        end
+
+        it { is_expected.to be_persisted }
+      end
     end
   end
 
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index b4808ac0068..b4b09d3295f 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -23,6 +23,15 @@ RSpec.shared_context 'GroupPolicy context' do
       create_projects
       read_cluster create_cluster update_cluster admin_cluster add_cluster
     ]
+    [
+      :create_projects,
+      :read_cluster,
+      :create_cluster,
+      :update_cluster,
+      :admin_cluster,
+      :add_cluster,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+    ].compact
   end
   let(:owner_permissions) do
     [
@@ -30,8 +39,7 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+      :set_note_created_at
     ].compact
   end
 
-- 
cgit v1.2.1


From 11f998d9f250bf63abdebc1e0934b39d62f349f6 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 12:23:56 -0700
Subject: Update the group policy to allow >= maintainer to create subgroups

All specs passing
---
 app/policies/group_policy.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index 9219283992f..9cb50c0f5fa 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -104,7 +104,7 @@ class GroupPolicy < BasePolicy
     enable :read_nested_project_resources
   end
 
-  rule { owner & nested_groups_supported }.enable :create_subgroup
+  rule { maintainer & nested_groups_supported }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
-- 
cgit v1.2.1


From e6e672f049aa887cc4765eb9dfd9f7ac320d5188 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 13:22:12 -0700
Subject: Modify API spec to expect a maintainer to be able to create subgroup

---
 spec/requests/api/groups_spec.rb                                     | 4 ++--
 spec/support/shared_contexts/policies/group_policy_shared_context.rb | 4 ----
 2 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index b4b09d3295f..a40d3087f6e 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,10 +19,6 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    %i[
-      create_projects
-      read_cluster create_cluster update_cluster admin_cluster add_cluster
-    ]
     [
       :create_projects,
       :read_cluster,
-- 
cgit v1.2.1


From 7d061212b12a400acfa9c8f34e022e352e77cb64 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 25 Jun 2019 21:59:10 -0700
Subject: Add examples specing the setting to choose who can create subgroups

This setting is at the group level only. The default is specified to
be maintainers and owners.

**Specs only**, all failing.
---
 spec/controllers/admin/groups_controller_spec.rb   |  6 ++
 spec/factories/groups.rb                           |  1 +
 spec/features/groups/group_settings_spec.rb        |  8 +++
 spec/models/group_spec.rb                          |  8 +++
 spec/policies/group_policy_spec.rb                 | 70 ++++++++++++++++++++++
 .../policies/group_policy_shared_context.rb        | 16 ++---
 6 files changed, 99 insertions(+), 10 deletions(-)

diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 509d8944e3a..df11321537f 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -68,5 +68,11 @@ describe Admin::GroupsController do
         post :update, params: { id: group.to_param, group: { project_creation_level: ::Gitlab::Access::NO_ONE_PROJECT_ACCESS } }
       end.to change { group.reload.project_creation_level }.to(::Gitlab::Access::NO_ONE_PROJECT_ACCESS)
     end
+
+    it 'updates the subgroup_creation_level successfully' do
+      expect do
+        post :update, params: { id: group.to_param, group: { subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS } }
+      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
   end
 end
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 18a0c2ec731..2f50fbfe2fa 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,6 +5,7 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
+    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/features/groups/group_settings_spec.rb b/spec/features/groups/group_settings_spec.rb
index 5cef5f0521f..95534d5a2ba 100644
--- a/spec/features/groups/group_settings_spec.rb
+++ b/spec/features/groups/group_settings_spec.rb
@@ -85,6 +85,14 @@ describe 'Edit group settings' do
     end
   end
 
+  describe 'subgroup creation level menu' do
+    it 'shows the selection menu' do
+      visit edit_group_path(group)
+
+      expect(page).to have_content('Allowed to create subgroups')
+    end
+  end
+  
   describe 'edit group avatar' do
     before do
       visit edit_group_path(group)
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 470ce65707d..fd40061dd3a 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -994,4 +994,12 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
+
+  describe 'subgroup_creation_level' do
+    it 'outputs the default one if it is nil' do
+      group = create(:group, subgroup_creation_level: nil)
+
+      expect(group.subgroup_creation_level).to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
+  end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 59f3a961d50..aed9a8e34ff 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -163,6 +163,18 @@ describe GroupPolicy do
         expect_allowed(*updated_owner_permissions)
       end
     end
+
+    context 'maintainer' do
+      let(:current_user) { maintainer }
+
+      it 'allows every maintainer permission except creating subgroups' do
+        create_subgroup_permission = [:create_subgroup]
+        updated_maintainer_permissions = maintainer_permissions - create_subgroup_permission
+
+        expect_disallowed(*create_subgroup_permission)
+        expect_allowed(*updated_maintainer_permissions)
+      end
+    end
   end
 
   describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do
@@ -461,6 +473,64 @@ describe GroupPolicy do
     end
   end
 
+  context "create_subgroup" do
+    context 'when group has subgroup creation level set to owner' do
+      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+
+      context 'reporter' do
+        let(:current_user) { reporter }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'developer' do
+        let(:current_user) { developer }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'maintainer' do
+        let(:current_user) { maintainer }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'owner' do
+        let(:current_user) { owner }
+
+        it { is_expected.to be_allowed(:create_subgroup) }
+      end
+    end
+
+    context 'when group has subgroup creation level set to maintainer' do
+      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+
+      context 'reporter' do
+        let(:current_user) { reporter }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'developer' do
+        let(:current_user) { developer }
+
+        it { is_expected.to be_disallowed(:create_subgroup) }
+      end
+
+      context 'maintainer' do
+        let(:current_user) { maintainer }
+
+        it { is_expected.to be_allowed(:create_subgroup) }
+      end
+
+      context 'owner' do
+        let(:current_user) { owner }
+
+        it { is_expected.to be_allowed(:create_subgroup) }
+      end
+    end
+  end
+
   it_behaves_like 'clusterable policies' do
     let(:clusterable) { create(:group) }
     let(:cluster) do
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index a40d3087f6e..b4808ac0068 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,15 +19,10 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    [
-      :create_projects,
-      :read_cluster,
-      :create_cluster,
-      :update_cluster,
-      :admin_cluster,
-      :add_cluster,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
-    ].compact
+    %i[
+      create_projects
+      read_cluster create_cluster update_cluster admin_cluster add_cluster
+    ]
   end
   let(:owner_permissions) do
     [
@@ -35,7 +30,8 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at
+      :set_note_created_at,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
     ].compact
   end
 
-- 
cgit v1.2.1


From faa8b69f2b6dd4d6d9117a9988d1232f94c418f1 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:46:48 -0700
Subject: Reset group policy to only allow >= owners to create subgroups

---
 app/policies/group_policy.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index 9cb50c0f5fa..9219283992f 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -104,7 +104,7 @@ class GroupPolicy < BasePolicy
     enable :read_nested_project_resources
   end
 
-  rule { maintainer & nested_groups_supported }.enable :create_subgroup
+  rule { owner & nested_groups_supported }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
-- 
cgit v1.2.1


From 1044930a527ef0db4e6e85b9b0d1d6b6ae00b268 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 13:49:27 -0700
Subject: Add a subgroup_creation_level column to the namespaces table

---
 ...6175626_add_group_creation_level_to_namespaces.rb | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
new file mode 100644
index 00000000000..b0ea74d4765
--- /dev/null
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+  disable_ddl_transaction!
+  
+  def up
+    unless column_exists?(:namespaces, :subgroup_creation_level)
+      add_column_with_default(:namespaces, :subgroup_creation_level, :integer, default: 0)
+    end
+  end
+
+  def down
+    if column_exists?(:namespaces, :subgroup_creation_level)
+      remove_column(:namespaces, :subgroup_creation_level)
+    end
+  end
+end
-- 
cgit v1.2.1


From 99e6c084368072b2628d6a53cf241a7e75da3662 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 13:39:04 -0700
Subject: Add constants representing Owner and Maintainer group access levels

---
 lib/gitlab/access.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/gitlab/access.rb b/lib/gitlab/access.rb
index 6eb08f674c2..77076ead47a 100644
--- a/lib/gitlab/access.rb
+++ b/lib/gitlab/access.rb
@@ -29,6 +29,10 @@ module Gitlab
     MAINTAINER_PROJECT_ACCESS = 1
     DEVELOPER_MAINTAINER_PROJECT_ACCESS = 2
 
+    # Default subgroup creation level
+    OWNER_SUBGROUP_ACCESS = 0
+    MAINTAINER_SUBGROUP_ACCESS = 1
+
     class << self
       delegate :values, to: :options
 
-- 
cgit v1.2.1


From d279cc5a7aaca55b6736b065e3b0c119a9a9959b Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 13:45:58 -0700
Subject: Add subgroup_creation_level to the list of allowed group params

For both groups_controller and admin/groups_controller
---
 app/controllers/admin/groups_controller.rb | 3 ++-
 app/controllers/groups_controller.rb       | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/controllers/admin/groups_controller.rb b/app/controllers/admin/groups_controller.rb
index 15f7ef881c8..6317fa7c8d1 100644
--- a/app/controllers/admin/groups_controller.rb
+++ b/app/controllers/admin/groups_controller.rb
@@ -90,7 +90,8 @@ class Admin::GroupsController < Admin::ApplicationController
       :visibility_level,
       :require_two_factor_authentication,
       :two_factor_grace_period,
-      :project_creation_level
+      :project_creation_level,
+      :subgroup_creation_level
     ]
   end
 end
diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb
index dbddee47997..0176962cf0a 100644
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -192,7 +192,8 @@ class GroupsController < Groups::ApplicationController
       :chat_team_name,
       :require_two_factor_authentication,
       :two_factor_grace_period,
-      :project_creation_level
+      :project_creation_level,
+      :subgroup_creation_level
     ]
   end
 
-- 
cgit v1.2.1


From 9dc5c2ef73682c7c6ff754fe983ac3a3eff11976 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:11:09 -0700
Subject: Add "allowed to create subgroups" dropdown to group settings form

---
 app/views/groups/settings/_permissions.html.haml             | 1 +
 app/views/groups/settings/_subgroup_creation_level.html.haml | 3 +++
 lib/gitlab/access.rb                                         | 7 +++++++
 3 files changed, 11 insertions(+)
 create mode 100644 app/views/groups/settings/_subgroup_creation_level.html.haml

diff --git a/app/views/groups/settings/_permissions.html.haml b/app/views/groups/settings/_permissions.html.haml
index 0da1f1ba7f5..d3375e00bad 100644
--- a/app/views/groups/settings/_permissions.html.haml
+++ b/app/views/groups/settings/_permissions.html.haml
@@ -20,6 +20,7 @@
     = render_if_exists 'groups/settings/ip_restriction', f: f, group: @group
     = render 'groups/settings/lfs', f: f
     = render 'groups/settings/project_creation_level', f: f, group: @group
+    = render 'groups/settings/subgroup_creation_level', f: f, group: @group
     = render 'groups/settings/two_factor_auth', f: f
     = render_if_exists 'groups/member_lock_setting', f: f, group: @group
 
diff --git a/app/views/groups/settings/_subgroup_creation_level.html.haml b/app/views/groups/settings/_subgroup_creation_level.html.haml
new file mode 100644
index 00000000000..f36ad192bad
--- /dev/null
+++ b/app/views/groups/settings/_subgroup_creation_level.html.haml
@@ -0,0 +1,3 @@
+.form-group
+  = f.label s_('SubgroupCreationLevel|Allowed to create subgroups'), class: 'label-bold'
+  = f.select :subgroup_creation_level, options_for_select(::Gitlab::Access.subgroup_creation_options, group.subgroup_creation_level), {}, class: 'form-control'
diff --git a/lib/gitlab/access.rb b/lib/gitlab/access.rb
index 77076ead47a..7ef9f7ef630 100644
--- a/lib/gitlab/access.rb
+++ b/lib/gitlab/access.rb
@@ -110,6 +110,13 @@ module Gitlab
       def project_creation_level_name(name)
         project_creation_options.key(name)
       end
+
+      def subgroup_creation_options
+        {
+          s_('SubgroupCreationlevel|Owners') => OWNER_SUBGROUP_ACCESS,
+          s_('SubgroupCreationlevel|Maintainers') => MAINTAINER_SUBGROUP_ACCESS
+        }
+      end
     end
 
     def human_access
-- 
cgit v1.2.1


From 130261c5e984ae022543e08cb7ba4a82b1594612 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:17:24 -0700
Subject: Make the group model return maintainer level when it is not set

---
 app/models/group.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/models/group.rb b/app/models/group.rb
index 9520db1bc0a..3f80c1373f1 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -416,6 +416,10 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
+  def subgroup_creation_level
+    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   private
 
   def update_two_factor_requirement
-- 
cgit v1.2.1


From c96b503bfa05e9f1db727d5f03b0bc562bc69c11 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 15:53:46 -0700
Subject: Add policy to allow maintainers to create subgroups when enabled

---
 app/policies/group_policy.rb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index 9219283992f..0add8bfad31 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -38,6 +38,10 @@ class GroupPolicy < BasePolicy
     @subject.project_creation_level == ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS
   end
 
+  condition(:maintainer_can_create_group) do
+    @subject.subgroup_creation_level == ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   rule { public_group }.policy do
     enable :read_group
     enable :read_list
@@ -105,6 +109,7 @@ class GroupPolicy < BasePolicy
   end
 
   rule { owner & nested_groups_supported }.enable :create_subgroup
+  rule { maintainer & maintainer_can_create_group & nested_groups_supported }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
-- 
cgit v1.2.1


From cd7d9ac120bb04547efffef72d6d5aca861e54a6 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 18:15:56 +0000
Subject: Apply suggestion to
 changelogs/unreleased/maintainers-can-create-subgroup.yml

---
 changelogs/unreleased/maintainers-can-create-subgroup.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changelogs/unreleased/maintainers-can-create-subgroup.yml b/changelogs/unreleased/maintainers-can-create-subgroup.yml
index b537862c8af..180f0f7247f 100644
--- a/changelogs/unreleased/maintainers-can-create-subgroup.yml
+++ b/changelogs/unreleased/maintainers-can-create-subgroup.yml
@@ -1,5 +1,5 @@
 ---
-title: Maintainers can crete subgroups
+title: Maintainers can create subgroups
 merge_request: 29718
 author: Fabio Papa
 type: changed
-- 
cgit v1.2.1


From cf9a22f62f54cc916fc0a4031e7f1c53b5e2e306 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 08:35:09 -0700
Subject: Add feature examples specing maintainers creating subgroups

Both with subgroup_creation_level set to owners and to maintainers.
Also fixed the naming of some other examples in the same spec as they
were contradicting what they were actually performing in the test.
These examples were probably copy/pasted, and not renamed.
---
 spec/features/groups/show_spec.rb | 22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 2654d06cd8c..68fa3f4e817 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -86,7 +86,7 @@ describe 'Group show page' do
           visit path
         end
 
-        it 'allows creating subgroups' do
+        it 'does not allow creating subgroups' do
           expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
@@ -103,8 +103,22 @@ describe 'Group show page' do
           visit path
         end
 
-        it 'allows creating subgroups' do
-          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+        context 'when subgroup_creation_level is set to maintainer' do
+          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+          
+          it 'allows creating subgroups' do
+            visit path
+            expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+          end
+        end
+
+        context 'when subgroup_creation_level is set to owners' do
+          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+
+          it 'does not allow creating subgroups' do
+            visit path
+            expect(page).not_to have_css("li[data-text='New subgroup']", visible: false)
+          end
         end
       end
 
@@ -114,7 +128,7 @@ describe 'Group show page' do
           visit path
         end
 
-        it 'allows creating subgroups' do
+        it 'does not allow creating subgroups' do
           expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
-- 
cgit v1.2.1


From ec802d6434230cdbdb487ef6febe6205886035f9 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 09:22:10 -0700
Subject: Update schema

---
 db/schema.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/db/schema.rb b/db/schema.rb
index a5079d3a5bc..0f5770e4eb1 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -2119,6 +2119,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "ldap_sync_status", default: "ready", null: false
     t.boolean "membership_lock", default: false
     t.integer "last_ci_minutes_usage_notification_level"
+    t.integer "subgroup_creation_level", default: 0, null: false
     t.index ["created_at"], name: "index_namespaces_on_created_at", using: :btree
     t.index ["custom_project_templates_group_id", "type"], name: "index_namespaces_on_custom_project_templates_group_id_and_type", where: "(custom_project_templates_group_id IS NOT NULL)", using: :btree
     t.index ["file_template_project_id"], name: "index_namespaces_on_file_template_project_id", using: :btree
-- 
cgit v1.2.1


From 13d9c5dda20095e8f5aaaa173ec2fcc4213ba7bb Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 13:31:47 -0700
Subject: Style rules; Revert some examples

---
 ...75626_add_group_creation_level_to_namespaces.rb |  7 +++++--
 spec/controllers/admin/groups_controller_spec.rb   |  9 ++++++--
 spec/features/groups/group_settings_spec.rb        |  2 +-
 spec/features/groups/show_spec.rb                  | 24 +++++++++++++++-------
 spec/models/group_spec.rb                          |  3 ++-
 spec/policies/group_policy_spec.rb                 | 21 ++++++++++++++-----
 spec/requests/api/groups_spec.rb                   |  4 ++--
 spec/services/groups/create_service_spec.rb        |  4 ++--
 8 files changed, 52 insertions(+), 22 deletions(-)

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index b0ea74d4765..eed0ba25f27 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -5,10 +5,13 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
 
   DOWNTIME = false
   disable_ddl_transaction!
-  
+
   def up
     unless column_exists?(:namespaces, :subgroup_creation_level)
-      add_column_with_default(:namespaces, :subgroup_creation_level, :integer, default: 0)
+      add_column_with_default(:namespaces,
+                              :subgroup_creation_level,
+                              :integer,
+                              default: 0)
     end
   end
 
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index df11321537f..72f389513f8 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,9 +70,14 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
+      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+
       expect do
-        post :update, params: { id: group.to_param, group: { subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS } }
-      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+        post :update,
+             params: { id: group.to_param,
+                       group: { subgroup_creation_level: MAINTAINER } }
+      end.to change { group.reload.subgroup_creation_level }
+               .to(MAINTAINER)
     end
   end
 end
diff --git a/spec/features/groups/group_settings_spec.rb b/spec/features/groups/group_settings_spec.rb
index 95534d5a2ba..676769c25fe 100644
--- a/spec/features/groups/group_settings_spec.rb
+++ b/spec/features/groups/group_settings_spec.rb
@@ -92,7 +92,7 @@ describe 'Edit group settings' do
       expect(page).to have_content('Allowed to create subgroups')
     end
   end
-  
+
   describe 'edit group avatar' do
     before do
       visit edit_group_path(group)
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 68fa3f4e817..163906010fa 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -76,7 +76,8 @@ describe 'Group show page' do
         end
 
         it 'allows creating subgroups' do
-          expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+          expect(page)
+            .to have_css("li[data-text='New subgroup']", visible: false)
         end
       end
 
@@ -87,7 +88,8 @@ describe 'Group show page' do
         end
 
         it 'does not allow creating subgroups' do
-          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+          expect(page)
+            .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
     end
@@ -104,8 +106,11 @@ describe 'Group show page' do
         end
 
         context 'when subgroup_creation_level is set to maintainer' do
-          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
-          
+          let(:group) do
+            create(:group,
+                   subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+          end
+
           it 'allows creating subgroups' do
             visit path
             expect(page).to have_css("li[data-text='New subgroup']", visible: false)
@@ -113,11 +118,15 @@ describe 'Group show page' do
         end
 
         context 'when subgroup_creation_level is set to owners' do
-          let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+          let(:group) do
+            create(:group,
+                   subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+          end
 
           it 'does not allow creating subgroups' do
             visit path
-            expect(page).not_to have_css("li[data-text='New subgroup']", visible: false)
+            expect(page)
+              .not_to have_css("li[data-text='New subgroup']", visible: false)
           end
         end
       end
@@ -129,7 +138,8 @@ describe 'Group show page' do
         end
 
         it 'does not allow creating subgroups' do
-          expect(page).not_to have_selector("li[data-text='New subgroup']", visible: false)
+          expect(page)
+            .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
       end
     end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index fd40061dd3a..6627177ad61 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -999,7 +999,8 @@ describe Group do
     it 'outputs the default one if it is nil' do
       group = create(:group, subgroup_creation_level: nil)
 
-      expect(group.subgroup_creation_level).to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      expect(group.subgroup_creation_level)
+        .to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index aed9a8e34ff..da186f63eca 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -145,7 +145,8 @@ describe GroupPolicy do
 
       it 'allows every owner permission except creating subgroups' do
         create_subgroup_permission = [:create_subgroup]
-        updated_owner_permissions = owner_permissions - create_subgroup_permission
+        updated_owner_permissions =
+          owner_permissions - create_subgroup_permission
 
         expect_disallowed(*create_subgroup_permission)
         expect_allowed(*updated_owner_permissions)
@@ -157,7 +158,8 @@ describe GroupPolicy do
 
       it 'allows every owner permission except creating subgroups' do
         create_subgroup_permission = [:create_subgroup]
-        updated_owner_permissions = owner_permissions - create_subgroup_permission
+        updated_owner_permissions =
+          owner_permissions - create_subgroup_permission
 
         expect_disallowed(*create_subgroup_permission)
         expect_allowed(*updated_owner_permissions)
@@ -169,7 +171,8 @@ describe GroupPolicy do
 
       it 'allows every maintainer permission except creating subgroups' do
         create_subgroup_permission = [:create_subgroup]
-        updated_maintainer_permissions = maintainer_permissions - create_subgroup_permission
+        updated_maintainer_permissions =
+          maintainer_permissions - create_subgroup_permission
 
         expect_disallowed(*create_subgroup_permission)
         expect_allowed(*updated_maintainer_permissions)
@@ -475,7 +478,11 @@ describe GroupPolicy do
 
   context "create_subgroup" do
     context 'when group has subgroup creation level set to owner' do
-      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+      let(:group) do
+        create(
+          :group,
+          subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+      end
 
       context 'reporter' do
         let(:current_user) { reporter }
@@ -503,7 +510,11 @@ describe GroupPolicy do
     end
 
     context 'when group has subgroup creation level set to maintainer' do
-      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+      let(:group) do
+        create(
+          :group,
+          subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      end
 
       context 'reporter' do
         let(:current_user) { reporter }
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index 52d926d5484..c41408fba65 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'can create subgroups' do
+        it 'cannot create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(201)
+          expect(response).to have_gitlab_http_status(403)
         end
       end
     end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..267ad529d3b 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as maintainer' do
+      context 'as Owner' do
         before do
-          group.add_maintainer(user)
+          group.add_owner(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From d32ed9297c5356393dc8a7644786a12078519496 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 14:06:50 -0700
Subject: Remove an example that is no longer necessary

---
 spec/models/group_spec.rb | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 6627177ad61..470ce65707d 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -994,13 +994,4 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
-
-  describe 'subgroup_creation_level' do
-    it 'outputs the default one if it is nil' do
-      group = create(:group, subgroup_creation_level: nil)
-
-      expect(group.subgroup_creation_level)
-        .to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
-    end
-  end
 end
-- 
cgit v1.2.1


From e962ffbc90b797cc9f1eb922e918c093dac7d4a1 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 16:12:54 -0700
Subject: Make maintainers the default setting for creating subgroups

---
 app/models/group.rb       | 10 ++++++----
 spec/models/group_spec.rb |  8 ++++++++
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 3f80c1373f1..8f39c3a658f 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,6 +58,8 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
+  before_create :default_subgroup_creation_level_to_maintainers
+
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -416,10 +418,6 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
-  def subgroup_creation_level
-    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
-
   private
 
   def update_two_factor_requirement
@@ -449,4 +447,8 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
+
+  def default_subgroup_creation_level_to_maintainers
+    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
 end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 470ce65707d..9ae18d7bab7 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -994,4 +994,12 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
+
+  describe 'subgroup_creation_level' do
+    it 'defaults to maintainers' do
+      group = create (:group)
+
+      expect(group.subgroup_creation_level).to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
+  end
 end
-- 
cgit v1.2.1


From 81662f7b9fae45689b9291427fd9b192ef88be4b Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 30 Jun 2019 14:40:23 -0700
Subject: Make subgroup_creation_level default to maintainer at SQL level

- Migration updates existing groups to "owner", then sets default to
  "maintainer" so that new groups will default to that
- Update spec examples
---
 ...75626_add_group_creation_level_to_namespaces.rb |  1 +
 spec/controllers/admin/groups_controller_spec.rb   |  7 ++--
 spec/factories/groups.rb                           |  5 ++-
 spec/features/groups/show_spec.rb                  | 17 ++++++---
 spec/models/group_spec.rb                          |  5 +--
 spec/policies/group_policy_spec.rb                 | 43 ++++++++++++++++++----
 spec/requests/api/groups_spec.rb                   |  4 +-
 .../policies/group_policy_shared_context.rb        |  2 +-
 8 files changed, 60 insertions(+), 24 deletions(-)

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index eed0ba25f27..85ac89af46e 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -12,6 +12,7 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
                               :subgroup_creation_level,
                               :integer,
                               default: 0)
+      change_column_default(:namespaces, :subgroup_creation_level, 1)
     end
   end
 
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 72f389513f8..398f587bafe 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,14 +70,13 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
       expect do
         post :update,
              params: { id: group.to_param,
-                       group: { subgroup_creation_level: MAINTAINER } }
-      end.to change { group.reload.subgroup_creation_level }
-               .to(MAINTAINER)
+                       group: { subgroup_creation_level: OWNER } }
+      end.to change { group.reload.subgroup_creation_level }.to(OWNER)
     end
   end
 end
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 2f50fbfe2fa..b67ab955ffc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,7 +5,6 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
-    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
@@ -46,5 +45,9 @@ FactoryBot.define do
     trait :auto_devops_disabled do
       auto_devops_enabled false
     end
+
+    trait :owner_subgroup_creation_only do
+      subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
+    end
   end
 end
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 163906010fa..48ba9064327 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -72,10 +72,11 @@ describe 'Group show page' do
       context 'when subgroups are supported', :js, :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
         it 'allows creating subgroups' do
+          visit path
+
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -84,10 +85,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
@@ -102,10 +104,9 @@ describe 'Group show page' do
       context 'when subgroups are supported', :js, :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
-        context 'when subgroup_creation_level is set to maintainer' do
+        context 'when subgroup_creation_level is set to maintainers' do
           let(:group) do
             create(:group,
                    subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
@@ -113,7 +114,9 @@ describe 'Group show page' do
 
           it 'allows creating subgroups' do
             visit path
-            expect(page).to have_css("li[data-text='New subgroup']", visible: false)
+
+            expect(page)
+              .to have_css("li[data-text='New subgroup']", visible: false)
           end
         end
 
@@ -125,6 +128,7 @@ describe 'Group show page' do
 
           it 'does not allow creating subgroups' do
             visit path
+
             expect(page)
               .not_to have_css("li[data-text='New subgroup']", visible: false)
           end
@@ -134,10 +138,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 9ae18d7bab7..c7fb0f51075 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -997,9 +997,8 @@ describe Group do
 
   describe 'subgroup_creation_level' do
     it 'defaults to maintainers' do
-      group = create (:group)
-
-      expect(group.subgroup_creation_level).to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      expect(group.subgroup_creation_level)
+        .to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index da186f63eca..7fba62d2aa8 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -98,12 +98,38 @@ describe GroupPolicy do
   context 'maintainer' do
     let(:current_user) { maintainer }
 
-    it do
-      expect_allowed(*guest_permissions)
-      expect_allowed(*reporter_permissions)
-      expect_allowed(*developer_permissions)
-      expect_allowed(*maintainer_permissions)
-      expect_disallowed(*owner_permissions)
+    context 'with subgroup_creation level set to maintainer' do
+      let(:group) { create(:group,
+                           :private,
+                           subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+
+      it do
+        allow(Group).to receive(:supports_nested_objects?).and_return(true)
+
+        create_subgroup_permission = [:create_subgroup]
+        updated_maintainer_permissions =
+          maintainer_permissions + create_subgroup_permission
+        updated_owner_permissions =
+          owner_permissions - create_subgroup_permission
+
+        expect_allowed(*guest_permissions)
+        expect_allowed(*reporter_permissions)
+        expect_allowed(*developer_permissions)
+        expect_allowed(*updated_maintainer_permissions)
+        expect_disallowed(*updated_owner_permissions)
+      end
+    end
+
+    context 'with subgroup_creation_level set to owner' do
+      it do
+        allow(Group).to receive(:supports_nested_objects?).and_return(true)
+
+        expect_allowed(*guest_permissions)
+        expect_allowed(*reporter_permissions)
+        expect_allowed(*developer_permissions)
+        expect_allowed(*maintainer_permissions)
+        expect_disallowed(*owner_permissions)
+      end
     end
   end
 
@@ -181,7 +207,10 @@ describe GroupPolicy do
   end
 
   describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do
-    let(:nested_group) { create(:group, :private, parent: group) }
+    let(:nested_group) { create(:group,
+                                :private,
+                                :owner_subgroup_creation_only,
+                                parent: group) }
 
     before do
       nested_group.add_guest(guest)
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index b4808ac0068..74389c4d82b 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -7,7 +7,7 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:maintainer) { create(:user) }
   let(:owner) { create(:user) }
   let(:admin) { create(:admin) }
-  let(:group) { create(:group, :private) }
+  let(:group) { create(:group, :private, :owner_subgroup_creation_only) }
 
   let(:guest_permissions) do
     %i[
-- 
cgit v1.2.1


From 42167779eaef30c7a63b57014b16b1c7d39122bf Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:00:34 -0700
Subject: Remove AR hook to set the default subgroup_creation_level

---
 app/models/group.rb | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 8f39c3a658f..9520db1bc0a 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,8 +58,6 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
-  before_create :default_subgroup_creation_level_to_maintainers
-
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -447,8 +445,4 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
-
-  def default_subgroup_creation_level_to_maintainers
-    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
 end
-- 
cgit v1.2.1


From 7848c4daeead7bf0ba79a9c82be59bfc349f1caa Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:17:26 -0700
Subject: Clean up the show_spec examples previously added

---
 spec/features/groups/show_spec.rb | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 48ba9064327..ef0e885ee5f 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -56,27 +56,28 @@ describe 'Group show page' do
   end
 
   context 'subgroup support' do
+    let(:restricted_group) { create(:group,
+                                    subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+    let(:relaxed_group) { create(:group,
+                                 subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
     let(:owner) { create(:user) }
     let(:maintainer) { create(:user) }
 
-    before do
-      group.add_owner(owner)
-      group.add_maintainer(maintainer)
-    end
-
     context 'for owners' do
+      let(:path) { group_path(restricted_group) }
+
       before do
+        restricted_group.add_owner(owner)
         sign_in(owner)
       end
 
       context 'when subgroups are supported', :js, :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
         end
 
         it 'allows creating subgroups' do
-          visit path
-
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -85,11 +86,10 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
         end
 
         it 'does not allow creating subgroups' do
-          visit path
-
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
@@ -107,30 +107,30 @@ describe 'Group show page' do
         end
 
         context 'when subgroup_creation_level is set to maintainers' do
-          let(:group) do
-            create(:group,
-                   subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+          before do
+            relaxed_group.add_maintainer(maintainer)
+            path = group_path(relaxed_group)
+            visit path
           end
 
           it 'allows creating subgroups' do
-            visit path
-
             expect(page)
               .to have_css("li[data-text='New subgroup']", visible: false)
           end
         end
 
         context 'when subgroup_creation_level is set to owners' do
-          let(:group) do
-            create(:group,
-                   subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+          before do
+            restricted_group.add_maintainer(maintainer)
           end
 
           it 'does not allow creating subgroups' do
+            path = group_path(restricted_group)
             visit path
 
             expect(page)
-              .not_to have_css("li[data-text='New subgroup']", visible: false)
+              .not_to have_selector("li[data-text='New subgroup']",
+                                    visible: false)
           end
         end
       end
-- 
cgit v1.2.1


From 4bf26862d09e1f20bae2fa36be72ec6387a547ba Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:55:00 -0700
Subject: Fix group creat_service_spec to contain maintainer context

---
 spec/services/groups/create_service_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index 267ad529d3b..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as Owner' do
+      context 'as maintainer' do
         before do
-          group.add_owner(user)
+          group.add_maintainer(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From b36d78eabc53bb6a457c45b67a65276c85bf2b8a Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:56:02 -0700
Subject: Add descriptions to examples

---
 spec/policies/group_policy_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 7fba62d2aa8..020b51f776e 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -103,7 +103,7 @@ describe GroupPolicy do
                            :private,
                            subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
 
-      it do
+      it 'allows every maintainer permission plus creating subgroups' do
         allow(Group).to receive(:supports_nested_objects?).and_return(true)
 
         create_subgroup_permission = [:create_subgroup]
@@ -121,7 +121,7 @@ describe GroupPolicy do
     end
 
     context 'with subgroup_creation_level set to owner' do
-      it do
+      it 'allows every maintainer permission' do
         allow(Group).to receive(:supports_nested_objects?).and_return(true)
 
         expect_allowed(*guest_permissions)
-- 
cgit v1.2.1


From d4c53e1799d4967c20ac771f6628416183985ef4 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 13:41:32 -0700
Subject: Apply changes recomended by merge request coach

---
 app/models/group.rb                                       |  4 ++++
 app/views/groups/_group_admin_settings.html.haml          |  6 ++++++
 ...190626175626_add_group_creation_level_to_namespaces.rb | 15 +++++----------
 db/schema.rb                                              |  2 +-
 spec/controllers/admin/groups_controller_spec.rb          |  6 ++----
 spec/features/admin/admin_groups_spec.rb                  |  9 +++++++++
 spec/features/groups/show_spec.rb                         |  4 ++--
 spec/services/groups/create_service_spec.rb               |  9 ---------
 8 files changed, 29 insertions(+), 26 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 9520db1bc0a..3f80c1373f1 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -416,6 +416,10 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
+  def subgroup_creation_level
+    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   private
 
   def update_two_factor_requirement
diff --git a/app/views/groups/_group_admin_settings.html.haml b/app/views/groups/_group_admin_settings.html.haml
index b8f632d11d3..733cb36cc3d 100644
--- a/app/views/groups/_group_admin_settings.html.haml
+++ b/app/views/groups/_group_admin_settings.html.haml
@@ -16,6 +16,12 @@
   .col-sm-10
     = f.select :project_creation_level, options_for_select(::Gitlab::Access.project_creation_options, @group.project_creation_level), {}, class: 'form-control'
 
+.form-group.row
+  .col-sm-2.col-form-label
+    = f.label s_('SubgroupCreationlevel|Allowed to create subgroups')
+  .col-sm-10
+    = f.select :subgroup_creation_level, options_for_select(::Gitlab::Access.subgroup_creation_options, @group.subgroup_creation_level), {}, class: 'form-control'
+
 .form-group.row
   .col-sm-2.col-form-label.pt-0
     = f.label :require_two_factor_authentication, 'Two-factor authentication'
diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index 85ac89af46e..867ec3b7c91 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -7,18 +7,13 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
   disable_ddl_transaction!
 
   def up
-    unless column_exists?(:namespaces, :subgroup_creation_level)
-      add_column_with_default(:namespaces,
-                              :subgroup_creation_level,
-                              :integer,
-                              default: 0)
-      change_column_default(:namespaces, :subgroup_creation_level, 1)
-    end
+    add_column(:namespaces, :subgroup_creation_level, :integer)
+    change_column_default(:namespaces,
+                          :subgroup_creation_level,
+                          ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
   end
 
   def down
-    if column_exists?(:namespaces, :subgroup_creation_level)
-      remove_column(:namespaces, :subgroup_creation_level)
-    end
+    remove_column(:namespaces, :subgroup_creation_level)
   end
 end
diff --git a/db/schema.rb b/db/schema.rb
index 0f5770e4eb1..79cd1a3a797 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -2119,7 +2119,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "ldap_sync_status", default: "ready", null: false
     t.boolean "membership_lock", default: false
     t.integer "last_ci_minutes_usage_notification_level"
-    t.integer "subgroup_creation_level", default: 0, null: false
+    t.integer "subgroup_creation_level", default: 1
     t.index ["created_at"], name: "index_namespaces_on_created_at", using: :btree
     t.index ["custom_project_templates_group_id", "type"], name: "index_namespaces_on_custom_project_templates_group_id_and_type", where: "(custom_project_templates_group_id IS NOT NULL)", using: :btree
     t.index ["file_template_project_id"], name: "index_namespaces_on_file_template_project_id", using: :btree
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 398f587bafe..1123563c1e3 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,13 +70,11 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
-
       expect do
         post :update,
              params: { id: group.to_param,
-                       group: { subgroup_creation_level: OWNER } }
-      end.to change { group.reload.subgroup_creation_level }.to(OWNER)
+                       group: { subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS } }
+      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/features/admin/admin_groups_spec.rb b/spec/features/admin/admin_groups_spec.rb
index 735ca60f7da..35c384dd458 100644
--- a/spec/features/admin/admin_groups_spec.rb
+++ b/spec/features/admin/admin_groups_spec.rb
@@ -102,6 +102,15 @@ describe 'Admin Groups' do
       expect_selected_visibility(group.visibility_level)
     end
 
+    it 'shows the subgroup creation level dropdown populated with the group subgroup_creation_level value' do
+      group = create(:group, :private, :owner_subgroup_creation_only)
+
+      visit admin_group_edit_path(group)
+
+      expect(page).to have_select("group_subgroup_creation_level",
+                                  selected: ::Gitlab::Access.subgroup_creation_options.keys[group.subgroup_creation_level])
+    end
+
     it 'edit group path does not change group name', :js do
       group = create(:group, :private)
 
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index ef0e885ee5f..5096abadb79 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -71,7 +71,7 @@ describe 'Group show page' do
         sign_in(owner)
       end
 
-      context 'when subgroups are supported', :js, :nested_groups do
+      context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
           visit path
@@ -101,7 +101,7 @@ describe 'Group show page' do
         sign_in(maintainer)
       end
 
-      context 'when subgroups are supported', :js, :nested_groups do
+      context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
         end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..c5ff6cdbacd 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,4 +1,3 @@
-# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -88,14 +87,6 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
-
-      context 'as maintainer' do
-        before do
-          group.add_maintainer(user)
-        end
-
-        it { is_expected.to be_persisted }
-      end
     end
   end
 
-- 
cgit v1.2.1


From 0ec6e5d851631f8b2175c86104c73158ddc9065d Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 11:07:17 -0700
Subject: Add failing unit test specifying a maintainer creating a subgroup

---
 spec/services/groups/create_service_spec.rb                  |  9 +++++++++
 .../shared_contexts/policies/group_policy_shared_context.rb  | 12 ++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index c5ff6cdbacd..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,3 +1,4 @@
+# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -87,6 +88,14 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
+
+      context 'as maintainer' do
+        before do
+          group.add_maintainer(user)
+        end
+
+        it { is_expected.to be_persisted }
+      end
     end
   end
 
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 74389c4d82b..d596317462a 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -23,6 +23,15 @@ RSpec.shared_context 'GroupPolicy context' do
       create_projects
       read_cluster create_cluster update_cluster admin_cluster add_cluster
     ]
+    [
+      :create_projects,
+      :read_cluster,
+      :create_cluster,
+      :update_cluster,
+      :admin_cluster,
+      :add_cluster,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+    ].compact
   end
   let(:owner_permissions) do
     [
@@ -30,8 +39,7 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+      :set_note_created_at
     ].compact
   end
 
-- 
cgit v1.2.1


From aa6c7811e9a9e7c1f2023ddc623b12b0351a94be Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 13:22:12 -0700
Subject: Modify API spec to expect a maintainer to be able to create subgroup

---
 spec/support/shared_contexts/policies/group_policy_shared_context.rb | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index d596317462a..5a55bbac788 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,10 +19,6 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    %i[
-      create_projects
-      read_cluster create_cluster update_cluster admin_cluster add_cluster
-    ]
     [
       :create_projects,
       :read_cluster,
-- 
cgit v1.2.1


From 23d66e0b854a229e4535175f8a12acbe0330ac0f Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 15:29:54 -0700
Subject: Adjust the documentation on subgroups

---
 doc/user/group/subgroups/index.md | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index 1c6cca049c5..e3f7539a9b6 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -75,13 +75,16 @@ structure.
 ## Creating a subgroup
 
 NOTE: **Note:**
-You must be an Owner of a group to create a subgroup. For
-more information check the [permissions table](../../permissions.md#group-members-permissions).
+In order to create a subgroup you must either be an Owner or a Maintainer of the
+group, depending on the group's setting. By default groups allow both Owners and
+Maintainers to create subgroups, but this can be changed by an Owner or
+Administrator to only allow Owners to create subgroups. For more information
+check the [permissions table](../../permissions.md#group-members-permissions).
 For a list of words that are not allowed to be used as group names see the
-[reserved names](../../reserved_names.md).
-Users can always create subgroups if they are explicitly added as an Owner to
-a parent group, even if group creation is disabled by an administrator in their
-settings.
+[reserved names](../../reserved_names.md).  Users can always create subgroups if
+they are explicitly added as an Owner (or Maintainer, if that setting is
+enabled) to a parent group, even if group creation is disabled by an
+administrator in their settings.
 
 To create a subgroup:
 
-- 
cgit v1.2.1


From 3dc6717c2857a6bccde528b3dace2dfe03ca38c5 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 15:39:43 -0700
Subject: Adjust the documentation on subgroup permissions

---
 doc/user/permissions.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 619cf34b5c3..f95dc8bf205 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -216,6 +216,8 @@ group.
 | Delete group epic **(ULTIMATE)**                |       |          |           |            | ✓     |
 | View group Audit Events                         |       |          |           |            | ✓     |
 
+*Groups can be set to allow either Owners or Owners and maintainers to create subgroups
+
 ### Subgroup permissions
 
 When you add a member to a subgroup, they inherit the membership and
-- 
cgit v1.2.1


From f12636bfb338ae2ac70b7e8eb6e481beb1c28a4d Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 16:27:49 -0700
Subject: Fix some code style issues

---
 spec/features/groups/show_spec.rb  | 12 ++++++++----
 spec/policies/group_policy_spec.rb | 13 ++++++-------
 2 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 5096abadb79..f1501181432 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -56,10 +56,14 @@ describe 'Group show page' do
   end
 
   context 'subgroup support' do
-    let(:restricted_group) { create(:group,
-                                    subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
-    let(:relaxed_group) { create(:group,
-                                 subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+    let(:restricted_group) do
+      create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) 
+    end
+
+    let(:relaxed_group) do
+      create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) 
+    end
+
     let(:owner) { create(:user) }
     let(:maintainer) { create(:user) }
 
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 020b51f776e..dc3675a7b9e 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -99,9 +99,9 @@ describe GroupPolicy do
     let(:current_user) { maintainer }
 
     context 'with subgroup_creation level set to maintainer' do
-      let(:group) { create(:group,
-                           :private,
-                           subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+      let(:group) do
+        create(:group, :private, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      end
 
       it 'allows every maintainer permission plus creating subgroups' do
         allow(Group).to receive(:supports_nested_objects?).and_return(true)
@@ -207,10 +207,9 @@ describe GroupPolicy do
   end
 
   describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do
-    let(:nested_group) { create(:group,
-                                :private,
-                                :owner_subgroup_creation_only,
-                                parent: group) }
+    let(:nested_group) do
+      create(:group, :private, :owner_subgroup_creation_only, parent: group)
+    end
 
     before do
       nested_group.add_guest(guest)
-- 
cgit v1.2.1


From c22e87121e029bb79aa09f2d04010d738545c7f9 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 2 Jul 2019 08:38:38 -0700
Subject: Apply recomended changes from merge coach

---
 ...190626175626_add_group_creation_level_to_namespaces.rb |  1 -
 spec/features/admin/admin_groups_spec.rb                  |  3 +--
 spec/features/groups/show_spec.rb                         | 15 +++++++++------
 3 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
index 867ec3b7c91..3b75c92e518 100644
--- a/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
+++ b/db/migrate/20190626175626_add_group_creation_level_to_namespaces.rb
@@ -4,7 +4,6 @@ class AddGroupCreationLevelToNamespaces < ActiveRecord::Migration[5.1]
   include Gitlab::Database::MigrationHelpers
 
   DOWNTIME = false
-  disable_ddl_transaction!
 
   def up
     add_column(:namespaces, :subgroup_creation_level, :integer)
diff --git a/spec/features/admin/admin_groups_spec.rb b/spec/features/admin/admin_groups_spec.rb
index 35c384dd458..c1ad73779c9 100644
--- a/spec/features/admin/admin_groups_spec.rb
+++ b/spec/features/admin/admin_groups_spec.rb
@@ -107,8 +107,7 @@ describe 'Admin Groups' do
 
       visit admin_group_edit_path(group)
 
-      expect(page).to have_select("group_subgroup_creation_level",
-                                  selected: ::Gitlab::Access.subgroup_creation_options.keys[group.subgroup_creation_level])
+      expect(page).to have_content('Allowed to create subgroups')
     end
 
     it 'edit group path does not change group name', :js do
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index f1501181432..bed998a0859 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -57,11 +57,11 @@ describe 'Group show page' do
 
   context 'subgroup support' do
     let(:restricted_group) do
-      create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) 
+      create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
     end
 
     let(:relaxed_group) do
-      create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) 
+      create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
 
     let(:owner) { create(:user) }
@@ -78,10 +78,11 @@ describe 'Group show page' do
       context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
         it 'allows creating subgroups' do
+          visit path
+
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -90,10 +91,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
@@ -113,11 +115,12 @@ describe 'Group show page' do
         context 'when subgroup_creation_level is set to maintainers' do
           before do
             relaxed_group.add_maintainer(maintainer)
-            path = group_path(relaxed_group)
-            visit path
           end
 
           it 'allows creating subgroups' do
+            path = group_path(relaxed_group)
+            visit path
+
             expect(page)
               .to have_css("li[data-text='New subgroup']", visible: false)
           end
-- 
cgit v1.2.1


From 02b1235046e1a78d4c43476a1716b6464bb647d1 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 25 Jun 2019 21:59:10 -0700
Subject: Add examples specing the setting to choose who can create subgroups

This setting is at the group level only. The default is specified to
be maintainers and owners.

**Specs only**, all failing.
---
 spec/factories/groups.rb                                 |  1 +
 .../policies/group_policy_shared_context.rb              | 16 ++++++----------
 2 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index b67ab955ffc..947392b4fbc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,6 +5,7 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
+    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 5a55bbac788..74389c4d82b 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,15 +19,10 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    [
-      :create_projects,
-      :read_cluster,
-      :create_cluster,
-      :update_cluster,
-      :admin_cluster,
-      :add_cluster,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
-    ].compact
+    %i[
+      create_projects
+      read_cluster create_cluster update_cluster admin_cluster add_cluster
+    ]
   end
   let(:owner_permissions) do
     [
@@ -35,7 +30,8 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at
+      :set_note_created_at,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
     ].compact
   end
 
-- 
cgit v1.2.1


From 97b1f48e97383648946c985eef8e8a29c307b05e Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 13:31:47 -0700
Subject: Style rules; Revert some examples

---
 spec/controllers/admin/groups_controller_spec.rb | 2 ++
 spec/requests/api/groups_spec.rb                 | 4 ++--
 spec/services/groups/create_service_spec.rb      | 4 ++--
 3 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 1123563c1e3..451367f58e1 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,6 +70,8 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
+      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+
       expect do
         post :update,
              params: { id: group.to_param,
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index 52d926d5484..c41408fba65 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'can create subgroups' do
+        it 'cannot create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(201)
+          expect(response).to have_gitlab_http_status(403)
         end
       end
     end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..267ad529d3b 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as maintainer' do
+      context 'as Owner' do
         before do
-          group.add_maintainer(user)
+          group.add_owner(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From aa428bef4e291efe5d346d7df7bbe0028397d90f Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 16:12:54 -0700
Subject: Make maintainers the default setting for creating subgroups

---
 app/models/group.rb | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 3f80c1373f1..8f39c3a658f 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,6 +58,8 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
+  before_create :default_subgroup_creation_level_to_maintainers
+
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -416,10 +418,6 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
-  def subgroup_creation_level
-    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
-
   private
 
   def update_two_factor_requirement
@@ -449,4 +447,8 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
+
+  def default_subgroup_creation_level_to_maintainers
+    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
 end
-- 
cgit v1.2.1


From 44bd74cd0e87c36a99fb5ac2723f44bccf3dfbb9 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 30 Jun 2019 14:40:23 -0700
Subject: Make subgroup_creation_level default to maintainer at SQL level

- Migration updates existing groups to "owner", then sets default to
  "maintainer" so that new groups will default to that
- Update spec examples
---
 spec/controllers/admin/groups_controller_spec.rb | 2 +-
 spec/factories/groups.rb                         | 1 -
 spec/requests/api/groups_spec.rb                 | 4 ++--
 3 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 451367f58e1..34cd0b324b5 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,7 +70,7 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
       expect do
         post :update,
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 947392b4fbc..b67ab955ffc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,7 +5,6 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
-    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
-- 
cgit v1.2.1


From 7980011e03691ac46a7c59014bb3f0ae13d3dbf8 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:00:34 -0700
Subject: Remove AR hook to set the default subgroup_creation_level

---
 app/models/group.rb | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 8f39c3a658f..9520db1bc0a 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,8 +58,6 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
-  before_create :default_subgroup_creation_level_to_maintainers
-
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -447,8 +445,4 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
-
-  def default_subgroup_creation_level_to_maintainers
-    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
 end
-- 
cgit v1.2.1


From fe4a88be03f4e2e9a4648f5b9431d0011e191be3 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:17:26 -0700
Subject: Clean up the show_spec examples previously added

---
 spec/features/groups/show_spec.rb | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index bed998a0859..9cf5e7f9bb6 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -78,11 +78,10 @@ describe 'Group show page' do
       context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
         end
 
         it 'allows creating subgroups' do
-          visit path
-
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -91,11 +90,10 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
         end
 
         it 'does not allow creating subgroups' do
-          visit path
-
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
-- 
cgit v1.2.1


From 341bead035919132339233ffdef94961c2829571 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:55:00 -0700
Subject: Fix group creat_service_spec to contain maintainer context

---
 spec/services/groups/create_service_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index 267ad529d3b..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as Owner' do
+      context 'as maintainer' do
         before do
-          group.add_owner(user)
+          group.add_maintainer(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From 832f668f295d20e00db8d7bd71627724da3a45f3 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 13:41:32 -0700
Subject: Apply changes recomended by merge request coach

---
 app/models/group.rb                              | 4 ++++
 spec/controllers/admin/groups_controller_spec.rb | 2 --
 spec/services/groups/create_service_spec.rb      | 9 ---------
 3 files changed, 4 insertions(+), 11 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 9520db1bc0a..3f80c1373f1 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -416,6 +416,10 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
+  def subgroup_creation_level
+    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   private
 
   def update_two_factor_requirement
diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 34cd0b324b5..1123563c1e3 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,8 +70,6 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
-
       expect do
         post :update,
              params: { id: group.to_param,
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..c5ff6cdbacd 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,4 +1,3 @@
-# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -88,14 +87,6 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
-
-      context 'as maintainer' do
-        before do
-          group.add_maintainer(user)
-        end
-
-        it { is_expected.to be_persisted }
-      end
     end
   end
 
-- 
cgit v1.2.1


From 899df973dc429c796c57840f7531f5d083c4d298 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 11:07:17 -0700
Subject: Add failing unit test specifying a maintainer creating a subgroup

---
 spec/services/groups/create_service_spec.rb                  |  9 +++++++++
 .../shared_contexts/policies/group_policy_shared_context.rb  | 12 ++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index c5ff6cdbacd..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,3 +1,4 @@
+# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -87,6 +88,14 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
+
+      context 'as maintainer' do
+        before do
+          group.add_maintainer(user)
+        end
+
+        it { is_expected.to be_persisted }
+      end
     end
   end
 
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 74389c4d82b..d596317462a 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -23,6 +23,15 @@ RSpec.shared_context 'GroupPolicy context' do
       create_projects
       read_cluster create_cluster update_cluster admin_cluster add_cluster
     ]
+    [
+      :create_projects,
+      :read_cluster,
+      :create_cluster,
+      :update_cluster,
+      :admin_cluster,
+      :add_cluster,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+    ].compact
   end
   let(:owner_permissions) do
     [
@@ -30,8 +39,7 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+      :set_note_created_at
     ].compact
   end
 
-- 
cgit v1.2.1


From dc65d4f36cb5d0ae1ce0f1c6c1a1a646f1e0cb99 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 13:22:12 -0700
Subject: Modify API spec to expect a maintainer to be able to create subgroup

---
 spec/support/shared_contexts/policies/group_policy_shared_context.rb | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index d596317462a..5a55bbac788 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,10 +19,6 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    %i[
-      create_projects
-      read_cluster create_cluster update_cluster admin_cluster add_cluster
-    ]
     [
       :create_projects,
       :read_cluster,
-- 
cgit v1.2.1


From 396926bbe4182d415e8aa129f45bc1c8ba9e4694 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 25 Jun 2019 21:59:10 -0700
Subject: Add examples specing the setting to choose who can create subgroups

This setting is at the group level only. The default is specified to
be maintainers and owners.

**Specs only**, all failing.
---
 spec/factories/groups.rb                                 |  1 +
 spec/policies/group_policy_spec.rb                       |  8 ++++++++
 .../policies/group_policy_shared_context.rb              | 16 ++++++----------
 3 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index b67ab955ffc..947392b4fbc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,6 +5,7 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
+    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index dc3675a7b9e..893b686da43 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -506,11 +506,15 @@ describe GroupPolicy do
 
   context "create_subgroup" do
     context 'when group has subgroup creation level set to owner' do
+<<<<<<< HEAD
       let(:group) do
         create(
           :group,
           subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
       end
+=======
+      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
+>>>>>>> Add examples specing the setting to choose who can create subgroups
 
       context 'reporter' do
         let(:current_user) { reporter }
@@ -538,11 +542,15 @@ describe GroupPolicy do
     end
 
     context 'when group has subgroup creation level set to maintainer' do
+<<<<<<< HEAD
       let(:group) do
         create(
           :group,
           subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
       end
+=======
+      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
+>>>>>>> Add examples specing the setting to choose who can create subgroups
 
       context 'reporter' do
         let(:current_user) { reporter }
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 5a55bbac788..74389c4d82b 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,15 +19,10 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    [
-      :create_projects,
-      :read_cluster,
-      :create_cluster,
-      :update_cluster,
-      :admin_cluster,
-      :add_cluster,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
-    ].compact
+    %i[
+      create_projects
+      read_cluster create_cluster update_cluster admin_cluster add_cluster
+    ]
   end
   let(:owner_permissions) do
     [
@@ -35,7 +30,8 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at
+      :set_note_created_at,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
     ].compact
   end
 
-- 
cgit v1.2.1


From a2cd8e0dab5c5efb3f1c6a6968337b371e194a24 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 13:31:47 -0700
Subject: Style rules; Revert some examples

---
 spec/controllers/admin/groups_controller_spec.rb | 7 +++++--
 spec/policies/group_policy_spec.rb               | 8 --------
 spec/requests/api/groups_spec.rb                 | 4 ++--
 spec/services/groups/create_service_spec.rb      | 4 ++--
 4 files changed, 9 insertions(+), 14 deletions(-)

diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 1123563c1e3..72f389513f8 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,11 +70,14 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
+      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+
       expect do
         post :update,
              params: { id: group.to_param,
-                       group: { subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS } }
-      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
+                       group: { subgroup_creation_level: MAINTAINER } }
+      end.to change { group.reload.subgroup_creation_level }
+               .to(MAINTAINER)
     end
   end
 end
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index 893b686da43..dc3675a7b9e 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -506,15 +506,11 @@ describe GroupPolicy do
 
   context "create_subgroup" do
     context 'when group has subgroup creation level set to owner' do
-<<<<<<< HEAD
       let(:group) do
         create(
           :group,
           subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
       end
-=======
-      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS) }
->>>>>>> Add examples specing the setting to choose who can create subgroups
 
       context 'reporter' do
         let(:current_user) { reporter }
@@ -542,15 +538,11 @@ describe GroupPolicy do
     end
 
     context 'when group has subgroup creation level set to maintainer' do
-<<<<<<< HEAD
       let(:group) do
         create(
           :group,
           subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
       end
-=======
-      let(:group) { create(:group, subgroup_creation_level: ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS) }
->>>>>>> Add examples specing the setting to choose who can create subgroups
 
       context 'reporter' do
         let(:current_user) { reporter }
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index 52d926d5484..c41408fba65 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'can create subgroups' do
+        it 'cannot create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(201)
+          expect(response).to have_gitlab_http_status(403)
         end
       end
     end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..267ad529d3b 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as maintainer' do
+      context 'as Owner' do
         before do
-          group.add_maintainer(user)
+          group.add_owner(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From bcc970f6f5ec3b48db2417c23bc81d4240a0c47d Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 16:12:54 -0700
Subject: Make maintainers the default setting for creating subgroups

---
 app/models/group.rb | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 3f80c1373f1..8f39c3a658f 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,6 +58,8 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
+  before_create :default_subgroup_creation_level_to_maintainers
+
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -416,10 +418,6 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
-  def subgroup_creation_level
-    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
-
   private
 
   def update_two_factor_requirement
@@ -449,4 +447,8 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
+
+  def default_subgroup_creation_level_to_maintainers
+    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
 end
-- 
cgit v1.2.1


From 4b572f807c0f51ad47ad907d0ac471c7b81ac8be Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 30 Jun 2019 14:40:23 -0700
Subject: Make subgroup_creation_level default to maintainer at SQL level

- Migration updates existing groups to "owner", then sets default to
  "maintainer" so that new groups will default to that
- Update spec examples
---
 spec/controllers/admin/groups_controller_spec.rb | 7 +++----
 spec/factories/groups.rb                         | 1 -
 spec/features/groups/show_spec.rb                | 6 ++++--
 spec/requests/api/groups_spec.rb                 | 4 ++--
 4 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 72f389513f8..398f587bafe 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,14 +70,13 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      MAINTAINER = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
       expect do
         post :update,
              params: { id: group.to_param,
-                       group: { subgroup_creation_level: MAINTAINER } }
-      end.to change { group.reload.subgroup_creation_level }
-               .to(MAINTAINER)
+                       group: { subgroup_creation_level: OWNER } }
+      end.to change { group.reload.subgroup_creation_level }.to(OWNER)
     end
   end
 end
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 947392b4fbc..b67ab955ffc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,7 +5,6 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
-    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 9cf5e7f9bb6..bed998a0859 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -78,10 +78,11 @@ describe 'Group show page' do
       context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
         it 'allows creating subgroups' do
+          visit path
+
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -90,10 +91,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
-- 
cgit v1.2.1


From 27ebf9392ac83cb020803b88ff7ca69887c36753 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:00:34 -0700
Subject: Remove AR hook to set the default subgroup_creation_level

---
 app/models/group.rb | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 8f39c3a658f..9520db1bc0a 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,8 +58,6 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
-  before_create :default_subgroup_creation_level_to_maintainers
-
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -447,8 +445,4 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
-
-  def default_subgroup_creation_level_to_maintainers
-    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
 end
-- 
cgit v1.2.1


From c8b5556eb8d3594df9e69fd16517c23cf098a32f Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:17:26 -0700
Subject: Clean up the show_spec examples previously added

---
 spec/features/groups/show_spec.rb | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index bed998a0859..9cf5e7f9bb6 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -78,11 +78,10 @@ describe 'Group show page' do
       context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
         end
 
         it 'allows creating subgroups' do
-          visit path
-
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -91,11 +90,10 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
         end
 
         it 'does not allow creating subgroups' do
-          visit path
-
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
-- 
cgit v1.2.1


From f940a4a64ed7dde32228233897f9ad713151fb6a Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:55:00 -0700
Subject: Fix group creat_service_spec to contain maintainer context

---
 spec/services/groups/create_service_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index 267ad529d3b..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as Owner' do
+      context 'as maintainer' do
         before do
-          group.add_owner(user)
+          group.add_maintainer(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From 85d0440d56f65b1f62de7f6c6a07eccd2c28256c Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 2 Jul 2019 08:38:38 -0700
Subject: Apply recomended changes from merge coach

---
 spec/features/groups/show_spec.rb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 9cf5e7f9bb6..bed998a0859 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -78,10 +78,11 @@ describe 'Group show page' do
       context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
         it 'allows creating subgroups' do
+          visit path
+
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -90,10 +91,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
-- 
cgit v1.2.1


From 17ecd7a9e18aec95dd56f801050384a2053ca919 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 3 Jul 2019 05:55:20 +0000
Subject: Apply suggestion to doc/user/group/subgroups/index.md

---
 doc/user/group/subgroups/index.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index e3f7539a9b6..fad7541bdc4 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -81,7 +81,9 @@ Maintainers to create subgroups, but this can be changed by an Owner or
 Administrator to only allow Owners to create subgroups. For more information
 check the [permissions table](../../permissions.md#group-members-permissions).
 For a list of words that are not allowed to be used as group names see the
-[reserved names](../../reserved_names.md).  Users can always create subgroups if
+[reserved names](../../reserved_names.md).
+
+Users can always create subgroups if
 they are explicitly added as an Owner (or Maintainer, if that setting is
 enabled) to a parent group, even if group creation is disabled by an
 administrator in their settings.
-- 
cgit v1.2.1


From f56cfd3db7190f709361fdf1bff47e2b08c365c8 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 3 Jul 2019 05:55:49 +0000
Subject: Apply suggestion to doc/user/permissions.md

---
 doc/user/permissions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index f95dc8bf205..ca32631704c 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -209,8 +209,8 @@ group.
 | Create project in group                         |       |          | ✓         | ✓          | ✓     |
 | Create/edit/delete group milestones             |       |          | ✓         | ✓          | ✓     |
 | Enable/disable a dependency proxy **(PREMIUM)** |       |          | ✓         | ✓          | ✓     |
+| Create subgroup                                 |       |          |           | ✓ (1)        | ✓     |
 | Edit group                                      |       |          |           |            | ✓     |
-| Create subgroup                                 |       |          |           |            | ✓     |
 | Manage group members                            |       |          |           |            | ✓     |
 | Remove group                                    |       |          |           |            | ✓     |
 | Delete group epic **(ULTIMATE)**                |       |          |           |            | ✓     |
-- 
cgit v1.2.1


From 3a9cd32a0b52447f60ab7345a0f2deade3755236 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 3 Jul 2019 05:56:03 +0000
Subject: Apply suggestion to doc/user/permissions.md

---
 doc/user/permissions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index ca32631704c..2b084b3000b 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -216,7 +216,7 @@ group.
 | Delete group epic **(ULTIMATE)**                |       |          |           |            | ✓     |
 | View group Audit Events                         |       |          |           |            | ✓     |
 
-*Groups can be set to allow either Owners or Owners and maintainers to create subgroups
+- (1): Groups can be set to allow either Owners or Owners and maintainers to create subgroups
 
 ### Subgroup permissions
 
-- 
cgit v1.2.1


From becfb8318ed081bcfeffcfc3e03b3097bda773e0 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 3 Jul 2019 05:56:53 +0000
Subject: Apply suggestion to doc/user/group/subgroups/index.md

---
 doc/user/group/subgroups/index.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index fad7541bdc4..4e88ec5ee76 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -74,7 +74,6 @@ structure.
 
 ## Creating a subgroup
 
-NOTE: **Note:**
 In order to create a subgroup you must either be an Owner or a Maintainer of the
 group, depending on the group's setting. By default groups allow both Owners and
 Maintainers to create subgroups, but this can be changed by an Owner or
-- 
cgit v1.2.1


From 4cacdfc89deaa271e1dd7b6dcbfaf8f533b9a76d Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 3 Jul 2019 16:43:56 +0000
Subject: Update index.md

---
 doc/user/group/subgroups/index.md | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index 4e88ec5ee76..b9313ccdb1e 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -74,18 +74,19 @@ structure.
 
 ## Creating a subgroup
 
-In order to create a subgroup you must either be an Owner or a Maintainer of the
-group, depending on the group's setting. By default groups allow both Owners and
+To create a subgroup you must either be an Owner or a Maintainer of the group,
+depending on the group's setting. By default groups allow both Owners and
 Maintainers to create subgroups, but this can be changed by an Owner or
-Administrator to only allow Owners to create subgroups. For more information
-check the [permissions table](../../permissions.md#group-members-permissions).
-For a list of words that are not allowed to be used as group names see the
+Administrator to only allow Owners to create subgroups.
+
+For more information check the
+[permissions table](../../permissions.md#group-members-permissions). For a list
+of words that are not allowed to be used as group names see the
 [reserved names](../../reserved_names.md).
 
-Users can always create subgroups if
-they are explicitly added as an Owner (or Maintainer, if that setting is
-enabled) to a parent group, even if group creation is disabled by an
-administrator in their settings.
+Users can always create subgroups if they are explicitly added as an Owner (or
+Maintainer, if that setting is enabled) to a parent group, even if group
+creation is disabled by an administrator in their settings.
 
 To create a subgroup:
 
-- 
cgit v1.2.1


From 480c317c67e8bee8b46be9dffd39558255d30539 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 5 Jul 2019 14:52:06 +0000
Subject: Apply suggestion to doc/user/permissions.md

---
 doc/user/permissions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 2b084b3000b..07122cd90d7 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -216,7 +216,7 @@ group.
 | Delete group epic **(ULTIMATE)**                |       |          |           |            | ✓     |
 | View group Audit Events                         |       |          |           |            | ✓     |
 
-- (1): Groups can be set to allow either Owners or Owners and maintainers to create subgroups
+- (1): Groups can be set to allow either Owners or Owners and Maintainers to create subgroups
 
 ### Subgroup permissions
 
-- 
cgit v1.2.1


From 00ccffdb20b493b4b818277f0d1e57907f5859d4 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 11:07:17 -0700
Subject: Add failing unit test specifying a maintainer creating a subgroup

---
 .../shared_contexts/policies/group_policy_shared_context.rb  | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 74389c4d82b..d596317462a 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -23,6 +23,15 @@ RSpec.shared_context 'GroupPolicy context' do
       create_projects
       read_cluster create_cluster update_cluster admin_cluster add_cluster
     ]
+    [
+      :create_projects,
+      :read_cluster,
+      :create_cluster,
+      :update_cluster,
+      :admin_cluster,
+      :add_cluster,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+    ].compact
   end
   let(:owner_permissions) do
     [
@@ -30,8 +39,7 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+      :set_note_created_at
     ].compact
   end
 
-- 
cgit v1.2.1


From 014e11b86f3659f36bb109b440831ffe6a54b730 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 13:22:12 -0700
Subject: Modify API spec to expect a maintainer to be able to create subgroup

---
 spec/support/shared_contexts/policies/group_policy_shared_context.rb | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index d596317462a..5a55bbac788 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,10 +19,6 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    %i[
-      create_projects
-      read_cluster create_cluster update_cluster admin_cluster add_cluster
-    ]
     [
       :create_projects,
       :read_cluster,
-- 
cgit v1.2.1


From 720dded1d54a0bae7262e2477b744cd04f0635c1 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 25 Jun 2019 21:59:10 -0700
Subject: Add examples specing the setting to choose who can create subgroups

This setting is at the group level only. The default is specified to
be maintainers and owners.

**Specs only**, all failing.
---
 spec/factories/groups.rb                                 |  1 +
 .../policies/group_policy_shared_context.rb              | 16 ++++++----------
 2 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index b67ab955ffc..947392b4fbc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,6 +5,7 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
+    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 5a55bbac788..74389c4d82b 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,15 +19,10 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    [
-      :create_projects,
-      :read_cluster,
-      :create_cluster,
-      :update_cluster,
-      :admin_cluster,
-      :add_cluster,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
-    ].compact
+    %i[
+      create_projects
+      read_cluster create_cluster update_cluster admin_cluster add_cluster
+    ]
   end
   let(:owner_permissions) do
     [
@@ -35,7 +30,8 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at
+      :set_note_created_at,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
     ].compact
   end
 
-- 
cgit v1.2.1


From 6f3b2e07dc394477636e7ea40749f8a7f51e3de7 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Thu, 27 Jun 2019 14:17:24 -0700
Subject: Make the group model return maintainer level when it is not set

---
 app/models/group.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/models/group.rb b/app/models/group.rb
index 9520db1bc0a..3f80c1373f1 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -416,6 +416,10 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
+  def subgroup_creation_level
+    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   private
 
   def update_two_factor_requirement
-- 
cgit v1.2.1


From 0b708e5d36f75b8c82b313737bffbdcc2f7e0255 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 13:31:47 -0700
Subject: Style rules; Revert some examples

---
 spec/controllers/admin/groups_controller_spec.rb | 6 ++----
 spec/models/group_spec.rb                        | 6 ++++--
 spec/requests/api/groups_spec.rb                 | 4 ++--
 spec/services/groups/create_service_spec.rb      | 4 ++--
 4 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/spec/controllers/admin/groups_controller_spec.rb b/spec/controllers/admin/groups_controller_spec.rb
index 398f587bafe..1123563c1e3 100644
--- a/spec/controllers/admin/groups_controller_spec.rb
+++ b/spec/controllers/admin/groups_controller_spec.rb
@@ -70,13 +70,11 @@ describe Admin::GroupsController do
     end
 
     it 'updates the subgroup_creation_level successfully' do
-      OWNER = ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
-
       expect do
         post :update,
              params: { id: group.to_param,
-                       group: { subgroup_creation_level: OWNER } }
-      end.to change { group.reload.subgroup_creation_level }.to(OWNER)
+                       group: { subgroup_creation_level: ::Gitlab::Access::OWNER_SUBGROUP_ACCESS } }
+      end.to change { group.reload.subgroup_creation_level }.to(::Gitlab::Access::OWNER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index c7fb0f51075..6627177ad61 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -996,9 +996,11 @@ describe Group do
   end
 
   describe 'subgroup_creation_level' do
-    it 'defaults to maintainers' do
+    it 'outputs the default one if it is nil' do
+      group = create(:group, subgroup_creation_level: nil)
+
       expect(group.subgroup_creation_level)
-        .to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+        .to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index 52d926d5484..c41408fba65 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'can create subgroups' do
+        it 'cannot create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(201)
+          expect(response).to have_gitlab_http_status(403)
         end
       end
     end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..267ad529d3b 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as maintainer' do
+      context 'as Owner' do
         before do
-          group.add_maintainer(user)
+          group.add_owner(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From 45668ed02370b617d2f8538d61eaa58bda6e39ca Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 14:06:50 -0700
Subject: Remove an example that is no longer necessary

---
 spec/models/group_spec.rb | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 6627177ad61..470ce65707d 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -994,13 +994,4 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
-
-  describe 'subgroup_creation_level' do
-    it 'outputs the default one if it is nil' do
-      group = create(:group, subgroup_creation_level: nil)
-
-      expect(group.subgroup_creation_level)
-        .to eq(::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
-    end
-  end
 end
-- 
cgit v1.2.1


From f1fcd64fb7f4dc19ebab44829dc66a5a8f28a096 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 16:12:54 -0700
Subject: Make maintainers the default setting for creating subgroups

---
 app/models/group.rb       | 10 ++++++----
 spec/models/group_spec.rb |  8 ++++++++
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 3f80c1373f1..8f39c3a658f 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,6 +58,8 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
+  before_create :default_subgroup_creation_level_to_maintainers
+
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -416,10 +418,6 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
-  def subgroup_creation_level
-    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
-
   private
 
   def update_two_factor_requirement
@@ -449,4 +447,8 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
+
+  def default_subgroup_creation_level_to_maintainers
+    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
 end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 470ce65707d..9ae18d7bab7 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -994,4 +994,12 @@ describe Group do
       expect(group.project_creation_level).to eq(Gitlab::CurrentSettings.default_project_creation)
     end
   end
+
+  describe 'subgroup_creation_level' do
+    it 'defaults to maintainers' do
+      group = create (:group)
+
+      expect(group.subgroup_creation_level).to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+    end
+  end
 end
-- 
cgit v1.2.1


From 95708920ae309a82240d14e4a5bb1bb944085fb3 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 30 Jun 2019 14:40:23 -0700
Subject: Make subgroup_creation_level default to maintainer at SQL level

- Migration updates existing groups to "owner", then sets default to
  "maintainer" so that new groups will default to that
- Update spec examples
---
 spec/factories/groups.rb         | 1 -
 spec/models/group_spec.rb        | 5 ++---
 spec/requests/api/groups_spec.rb | 4 ++--
 3 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 947392b4fbc..b67ab955ffc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,7 +5,6 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
-    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 9ae18d7bab7..c7fb0f51075 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -997,9 +997,8 @@ describe Group do
 
   describe 'subgroup_creation_level' do
     it 'defaults to maintainers' do
-      group = create (:group)
-
-      expect(group.subgroup_creation_level).to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
+      expect(group.subgroup_creation_level)
+        .to eq(Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS)
     end
   end
 end
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
-- 
cgit v1.2.1


From ef5f8bda2cc6698d20081c3e7403e9af39398a63 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:00:34 -0700
Subject: Remove AR hook to set the default subgroup_creation_level

---
 app/models/group.rb | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 8f39c3a658f..9520db1bc0a 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -58,8 +58,6 @@ class Group < Namespace
 
   add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
 
-  before_create :default_subgroup_creation_level_to_maintainers
-
   after_create :post_create_hook
   after_destroy :post_destroy_hook
   after_save :update_two_factor_requirement
@@ -447,8 +445,4 @@ class Group < Namespace
 
     errors.add(:visibility_level, "#{visibility} is not allowed since there are sub-groups with higher visibility.")
   end
-
-  def default_subgroup_creation_level_to_maintainers
-    self.subgroup_creation_level = ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
-  end
 end
-- 
cgit v1.2.1


From de71c338785adaca9c0cc6a5c670d5113312b5b7 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:17:26 -0700
Subject: Clean up the show_spec examples previously added

---
 spec/features/groups/show_spec.rb | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index bed998a0859..9cf5e7f9bb6 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -78,11 +78,10 @@ describe 'Group show page' do
       context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
+          visit path
         end
 
         it 'allows creating subgroups' do
-          visit path
-
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -91,11 +90,10 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
+          visit path
         end
 
         it 'does not allow creating subgroups' do
-          visit path
-
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
-- 
cgit v1.2.1


From 0f7366f29d2db81bc38bf7470f80d7e1b91de967 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:55:00 -0700
Subject: Fix group creat_service_spec to contain maintainer context

---
 spec/services/groups/create_service_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index 267ad529d3b..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as Owner' do
+      context 'as maintainer' do
         before do
-          group.add_owner(user)
+          group.add_maintainer(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From eedf735574b9f6c7c6c843943dd946ce84238236 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Fri, 19 Jul 2019 13:00:46 -0700
Subject: Make Bootsnap available via ENABLE_BOOTSNAP=1

Bootsnap speeds up Rails loading and now ships by default with Rails 5.2
apps. We should promote this to a default gem and test it out in
production. This will also make it possible for the Helm Charts to take
advantage of this.

It appears that Bootsnap with Rails 5.2.3 and all the GitLab CE gems
loads fine on an ARM platform now, so it's possible that
https://gitlab.com/gitlab-org/gitlab-ce/issues/34799 has been resolved.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/45230
---
 .gitlab/ci/memory.gitlab-ci.yml              | 2 +-
 Gemfile                                      | 3 ++-
 Gemfile.lock                                 | 4 ++--
 changelogs/unreleased/sh-enable-bootsnap.yml | 5 +++++
 config/boot.rb                               | 2 +-
 5 files changed, 11 insertions(+), 5 deletions(-)
 create mode 100644 changelogs/unreleased/sh-enable-bootsnap.yml

diff --git a/.gitlab/ci/memory.gitlab-ci.yml b/.gitlab/ci/memory.gitlab-ci.yml
index ffe5dbdc31b..9923732e587 100644
--- a/.gitlab/ci/memory.gitlab-ci.yml
+++ b/.gitlab/ci/memory.gitlab-ci.yml
@@ -33,7 +33,7 @@ memory-on-boot:
     NODE_OPTIONS: --max_old_space_size=3584
   script:
     # Both bootsnap and derailed monkey-patch Kernel#require, which leads to circular dependency
-    - DISABLE_BOOTSNAP=true PATH_TO_HIT="/users/sign_in" CUT_OFF=0.3 bundle exec derailed exec perf:mem >> 'tmp/memory_on_boot.txt'
+    - ENABLE_BOOTSNAP=false PATH_TO_HIT="/users/sign_in" CUT_OFF=0.3 bundle exec derailed exec perf:mem >> 'tmp/memory_on_boot.txt'
     - scripts/generate-memory-metrics-on-boot tmp/memory_on_boot.txt >> 'tmp/memory_on_boot_metrics.txt'
   artifacts:
     paths:
diff --git a/Gemfile b/Gemfile
index de1f44642f2..2f64e258fb3 100644
--- a/Gemfile
+++ b/Gemfile
@@ -2,6 +2,8 @@ source 'https://rubygems.org'
 
 gem 'rails', '5.2.3'
 
+gem 'bootsnap', '~> 1.4'
+
 # Improves copy-on-write performance for MRI
 gem 'nakayoshi_fork', '~> 0.0.4'
 
@@ -329,7 +331,6 @@ group :development do
 end
 
 group :development, :test do
-  gem 'bootsnap', '~> 1.4'
   gem 'bullet', '~> 5.5.0', require: !!ENV['ENABLE_BULLET']
   gem 'pry-byebug', '~> 3.5.1', platform: :mri
   gem 'pry-rails', '~> 0.3.4'
diff --git a/Gemfile.lock b/Gemfile.lock
index 2bcc3527de4..79ec7b36a43 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -100,7 +100,7 @@ GEM
     binding_ninja (0.2.3)
     binding_of_caller (0.8.0)
       debug_inspector (>= 0.0.1)
-    bootsnap (1.4.1)
+    bootsnap (1.4.4)
       msgpack (~> 1.0)
     bootstrap_form (4.2.0)
       actionpack (>= 5.0)
@@ -529,7 +529,7 @@ GEM
     mixlib-cli (1.7.0)
     mixlib-config (2.2.18)
       tomlrb
-    msgpack (1.2.10)
+    msgpack (1.3.0)
     multi_json (1.13.1)
     multi_xml (0.6.0)
     multipart-post (2.0.0)
diff --git a/changelogs/unreleased/sh-enable-bootsnap.yml b/changelogs/unreleased/sh-enable-bootsnap.yml
new file mode 100644
index 00000000000..674a900ee01
--- /dev/null
+++ b/changelogs/unreleased/sh-enable-bootsnap.yml
@@ -0,0 +1,5 @@
+---
+title: Make Bootsnap available via ENABLE_BOOTSNAP=1
+merge_request: 30963
+author:
+type: performance
diff --git a/config/boot.rb b/config/boot.rb
index b76b26a5e75..2eacff868eb 100644
--- a/config/boot.rb
+++ b/config/boot.rb
@@ -3,7 +3,7 @@ ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
 # Set up gems listed in the Gemfile.
 require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
 begin
-  require 'bootsnap/setup' unless ENV['DISABLE_BOOTSNAP']
+  require 'bootsnap/setup' if ENV['RAILS_ENV'] != 'production' || %w(1 yes true).include?(ENV['ENABLE_BOOTSNAP'])
 rescue LoadError
   # bootsnap is an optional dependency, so if we don't have it, it's fine
 end
-- 
cgit v1.2.1


From 7b7c14940097612140c71164481a371688d961b2 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 13:41:32 -0700
Subject: Apply changes recomended by merge request coach

---
 app/models/group.rb                         | 4 ++++
 spec/services/groups/create_service_spec.rb | 9 ---------
 2 files changed, 4 insertions(+), 9 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 9520db1bc0a..3f80c1373f1 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -416,6 +416,10 @@ class Group < Namespace
     super || ::Gitlab::CurrentSettings.default_project_creation
   end
 
+  def subgroup_creation_level
+    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+  end
+
   private
 
   def update_two_factor_requirement
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..c5ff6cdbacd 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,4 +1,3 @@
-# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -88,14 +87,6 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
-
-      context 'as maintainer' do
-        before do
-          group.add_maintainer(user)
-        end
-
-        it { is_expected.to be_persisted }
-      end
     end
   end
 
-- 
cgit v1.2.1


From 5497b3ebefe5371678d81fcdab090b080515911a Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 11:07:17 -0700
Subject: Add failing unit test specifying a maintainer creating a subgroup

---
 spec/services/groups/create_service_spec.rb                  |  9 +++++++++
 .../shared_contexts/policies/group_policy_shared_context.rb  | 12 ++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index c5ff6cdbacd..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,3 +1,4 @@
+# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -87,6 +88,14 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
+
+      context 'as maintainer' do
+        before do
+          group.add_maintainer(user)
+        end
+
+        it { is_expected.to be_persisted }
+      end
     end
   end
 
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 74389c4d82b..d596317462a 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -23,6 +23,15 @@ RSpec.shared_context 'GroupPolicy context' do
       create_projects
       read_cluster create_cluster update_cluster admin_cluster add_cluster
     ]
+    [
+      :create_projects,
+      :read_cluster,
+      :create_cluster,
+      :update_cluster,
+      :admin_cluster,
+      :add_cluster,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+    ].compact
   end
   let(:owner_permissions) do
     [
@@ -30,8 +39,7 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+      :set_note_created_at
     ].compact
   end
 
-- 
cgit v1.2.1


From 3f92f3fa10b7f86295484872e617e2a4fb997900 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 13:22:12 -0700
Subject: Modify API spec to expect a maintainer to be able to create subgroup

---
 spec/support/shared_contexts/policies/group_policy_shared_context.rb | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index d596317462a..5a55bbac788 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,10 +19,6 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    %i[
-      create_projects
-      read_cluster create_cluster update_cluster admin_cluster add_cluster
-    ]
     [
       :create_projects,
       :read_cluster,
-- 
cgit v1.2.1


From d287a9b719b8984aa3422453a722f8a13772a3c8 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 2 Jul 2019 08:38:38 -0700
Subject: Apply recomended changes from merge coach

---
 spec/features/groups/show_spec.rb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index 9cf5e7f9bb6..bed998a0859 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -78,10 +78,11 @@ describe 'Group show page' do
       context 'when subgroups are supported', :nested_groups do
         before do
           allow(Group).to receive(:supports_nested_objects?) { true }
-          visit path
         end
 
         it 'allows creating subgroups' do
+          visit path
+
           expect(page)
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
@@ -90,10 +91,11 @@ describe 'Group show page' do
       context 'when subgroups are not supported' do
         before do
           allow(Group).to receive(:supports_nested_objects?) { false }
-          visit path
         end
 
         it 'does not allow creating subgroups' do
+          visit path
+
           expect(page)
             .not_to have_selector("li[data-text='New subgroup']", visible: false)
         end
-- 
cgit v1.2.1


From 6c97f9f5ec1f8c59ebcaf6bf8a71432e89a1d993 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Fri, 19 Jul 2019 13:21:07 -0700
Subject: Add docs for ENABLE_BOOTSNAP

---
 doc/administration/environment_variables.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/doc/administration/environment_variables.md b/doc/administration/environment_variables.md
index 874b1f3c80d..37d7194af53 100644
--- a/doc/administration/environment_variables.md
+++ b/doc/administration/environment_variables.md
@@ -13,6 +13,7 @@ override certain values.
 
 Variable | Type | Description
 -------- | ---- | -----------
+`ENABLE_BOOTSNAP`                          | string  | Enables Bootsnap for speeding up initial Rails boot (`1` to enable)
 `GITLAB_CDN_HOST`                          | string  | Sets the base URL for a CDN to serve static assets (e.g. `//mycdnsubdomain.fictional-cdn.com`)
 `GITLAB_ROOT_PASSWORD`                     | string  | Sets the password for the `root` user on installation
 `GITLAB_HOST`                              | string  | The full URL of the GitLab server (including `http://` or `https://`)
-- 
cgit v1.2.1


From 9710cc34b17d5ba2b7771613066ccf6900110054 Mon Sep 17 00:00:00 2001
From: Jeremy Jackson <jjackson@gitlab.com>
Date: Fri, 19 Jul 2019 20:27:05 +0000
Subject: Fixes typo in developer gotcha documentation

---
 doc/development/gotchas.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/development/gotchas.md b/doc/development/gotchas.md
index 13dda17bb7d..941eea2609e 100644
--- a/doc/development/gotchas.md
+++ b/doc/development/gotchas.md
@@ -53,7 +53,7 @@ When run, this spec doesn't do what we might expect:
      (compared using ==)
 ```
 
-That's because FactoryBot sequences are not reseted for each example.
+This is because FactoryBot sequences are not reset for each example.
 
 Please remember that sequence-generated values exist only to avoid having to
 explicitly set attributes that have a uniqueness constraint when using a factory.
-- 
cgit v1.2.1


From 16cc1300f5650d040df8716b52548d0ac27e3601 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 25 Jun 2019 21:59:10 -0700
Subject: Add examples specing the setting to choose who can create subgroups

This setting is at the group level only. The default is specified to
be maintainers and owners.

**Specs only**, all failing.
---
 spec/factories/groups.rb                                 |  1 +
 .../policies/group_policy_shared_context.rb              | 16 ++++++----------
 2 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index b67ab955ffc..947392b4fbc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,6 +5,7 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
+    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 5a55bbac788..74389c4d82b 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,15 +19,10 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    [
-      :create_projects,
-      :read_cluster,
-      :create_cluster,
-      :update_cluster,
-      :admin_cluster,
-      :add_cluster,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
-    ].compact
+    %i[
+      create_projects
+      read_cluster create_cluster update_cluster admin_cluster add_cluster
+    ]
   end
   let(:owner_permissions) do
     [
@@ -35,7 +30,8 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at
+      :set_note_created_at,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
     ].compact
   end
 
-- 
cgit v1.2.1


From ecd21d93d42dc0d65fcdf8d09de5288e56e7b122 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 13:31:47 -0700
Subject: Style rules; Revert some examples

---
 spec/requests/api/groups_spec.rb            | 4 ++--
 spec/services/groups/create_service_spec.rb | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index 52d926d5484..c41408fba65 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'can create subgroups' do
+        it 'cannot create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(201)
+          expect(response).to have_gitlab_http_status(403)
         end
       end
     end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..267ad529d3b 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as maintainer' do
+      context 'as Owner' do
         before do
-          group.add_maintainer(user)
+          group.add_owner(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From 3aa6daddee467af83396aadfa4cc2d165ac80a31 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 30 Jun 2019 14:40:23 -0700
Subject: Make subgroup_creation_level default to maintainer at SQL level

- Migration updates existing groups to "owner", then sets default to
  "maintainer" so that new groups will default to that
- Update spec examples
---
 spec/factories/groups.rb         | 1 -
 spec/requests/api/groups_spec.rb | 4 ++--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 947392b4fbc..b67ab955ffc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,7 +5,6 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
-    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
-- 
cgit v1.2.1


From 2f9d1f5d669533e8ea453491affd0fab254281d7 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:55:00 -0700
Subject: Fix group creat_service_spec to contain maintainer context

---
 spec/services/groups/create_service_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index 267ad529d3b..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as Owner' do
+      context 'as maintainer' do
         before do
-          group.add_owner(user)
+          group.add_maintainer(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From 0a5346bf11eacd24bfd6811a38901ee62dcf9de3 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 13:41:32 -0700
Subject: Apply changes recomended by merge request coach

---
 spec/services/groups/create_service_spec.rb | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..c5ff6cdbacd 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,4 +1,3 @@
-# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -88,14 +87,6 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
-
-      context 'as maintainer' do
-        before do
-          group.add_maintainer(user)
-        end
-
-        it { is_expected.to be_persisted }
-      end
     end
   end
 
-- 
cgit v1.2.1


From 5156a30440a66bb1cf91b0d4e89b52043f0a1d66 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 11:07:17 -0700
Subject: Add failing unit test specifying a maintainer creating a subgroup

---
 spec/services/groups/create_service_spec.rb                  |  9 +++++++++
 .../shared_contexts/policies/group_policy_shared_context.rb  | 12 ++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index c5ff6cdbacd..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,3 +1,4 @@
+# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
@@ -87,6 +88,14 @@ describe Groups::CreateService, '#execute' do
 
         it { is_expected.to be_persisted }
       end
+
+      context 'as maintainer' do
+        before do
+          group.add_maintainer(user)
+        end
+
+        it { is_expected.to be_persisted }
+      end
     end
   end
 
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 74389c4d82b..d596317462a 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -23,6 +23,15 @@ RSpec.shared_context 'GroupPolicy context' do
       create_projects
       read_cluster create_cluster update_cluster admin_cluster add_cluster
     ]
+    [
+      :create_projects,
+      :read_cluster,
+      :create_cluster,
+      :update_cluster,
+      :admin_cluster,
+      :add_cluster,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+    ].compact
   end
   let(:owner_permissions) do
     [
@@ -30,8 +39,7 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+      :set_note_created_at
     ].compact
   end
 
-- 
cgit v1.2.1


From 0c0314803cccaa997289ef27f9170412c6a471f8 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 16 Jun 2019 13:22:12 -0700
Subject: Modify API spec to expect a maintainer to be able to create subgroup

---
 spec/support/shared_contexts/policies/group_policy_shared_context.rb | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index d596317462a..5a55bbac788 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,10 +19,6 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    %i[
-      create_projects
-      read_cluster create_cluster update_cluster admin_cluster add_cluster
-    ]
     [
       :create_projects,
       :read_cluster,
-- 
cgit v1.2.1


From 302316dac8c19160e52929c03bf54e34fb9f678e Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Tue, 25 Jun 2019 21:59:10 -0700
Subject: Add examples specing the setting to choose who can create subgroups

This setting is at the group level only. The default is specified to
be maintainers and owners.

**Specs only**, all failing.
---
 spec/factories/groups.rb                                 |  1 +
 .../policies/group_policy_shared_context.rb              | 16 ++++++----------
 2 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index b67ab955ffc..947392b4fbc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,6 +5,7 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
+    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 5a55bbac788..74389c4d82b 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -19,15 +19,10 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:reporter_permissions) { [:admin_label] }
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
-    [
-      :create_projects,
-      :read_cluster,
-      :create_cluster,
-      :update_cluster,
-      :admin_cluster,
-      :add_cluster,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
-    ].compact
+    %i[
+      create_projects
+      read_cluster create_cluster update_cluster admin_cluster add_cluster
+    ]
   end
   let(:owner_permissions) do
     [
@@ -35,7 +30,8 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_namespace,
       :admin_group_member,
       :change_visibility_level,
-      :set_note_created_at
+      :set_note_created_at,
+      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
     ].compact
   end
 
-- 
cgit v1.2.1


From b51ffa2e0c0c9a18ac05f801daa7409769a85bc5 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 28 Jun 2019 13:31:47 -0700
Subject: Style rules; Revert some examples

---
 spec/requests/api/groups_spec.rb            | 4 ++--
 spec/services/groups/create_service_spec.rb | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index 52d926d5484..c41408fba65 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'can create subgroups' do
+        it 'cannot create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(201)
+          expect(response).to have_gitlab_http_status(403)
         end
       end
     end
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..267ad529d3b 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as maintainer' do
+      context 'as Owner' do
         before do
-          group.add_maintainer(user)
+          group.add_owner(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From ac759aaacaf028667aed6337241091c07094d55b Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Sun, 30 Jun 2019 14:40:23 -0700
Subject: Make subgroup_creation_level default to maintainer at SQL level

- Migration updates existing groups to "owner", then sets default to
  "maintainer" so that new groups will default to that
- Update spec examples
---
 spec/factories/groups.rb         | 1 -
 spec/requests/api/groups_spec.rb | 4 ++--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index 947392b4fbc..b67ab955ffc 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -5,7 +5,6 @@ FactoryBot.define do
     type 'Group'
     owner nil
     project_creation_level ::Gitlab::Access::MAINTAINER_PROJECT_ACCESS
-    subgroup_creation_level ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
 
     after(:create) do |group|
       if group.owner
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index c41408fba65..52d926d5484 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -803,10 +803,10 @@ describe API::Groups do
           group2.add_maintainer(user1)
         end
 
-        it 'cannot create subgroups' do
+        it 'can create subgroups' do
           post api("/groups", user1), params: { parent_id: group2.id, name: 'foo', path: 'foo' }
 
-          expect(response).to have_gitlab_http_status(403)
+          expect(response).to have_gitlab_http_status(201)
         end
       end
     end
-- 
cgit v1.2.1


From 9f9a9c56c0109f7567d520de960bf17ff9667d38 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Mon, 1 Jul 2019 09:55:00 -0700
Subject: Fix group creat_service_spec to contain maintainer context

---
 spec/services/groups/create_service_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index 267ad529d3b..b4e6ddddfac 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -89,9 +89,9 @@ describe Groups::CreateService, '#execute' do
         it { is_expected.to be_persisted }
       end
 
-      context 'as Owner' do
+      context 'as maintainer' do
         before do
-          group.add_owner(user)
+          group.add_maintainer(user)
         end
 
         it { is_expected.to be_persisted }
-- 
cgit v1.2.1


From de906e3614167e48e618275f846cea5a191a96f3 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 5 Jul 2019 12:43:58 -0700
Subject: Regenerate locale strings

---
 locale/gitlab.pot | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 7b742660a4c..913bf014ba7 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -10135,6 +10135,18 @@ msgstr ""
 msgid "StorageSize|Unknown"
 msgstr ""
 
+msgid "SubgroupCreationLevel|Allowed to create subgroups"
+msgstr ""
+
+msgid "SubgroupCreationlevel|Allowed to create subgroups"
+msgstr ""
+
+msgid "SubgroupCreationlevel|Maintainers"
+msgstr ""
+
+msgid "SubgroupCreationlevel|Owners"
+msgstr ""
+
 msgid "Subgroups"
 msgstr ""
 
-- 
cgit v1.2.1


From 039e5348d0aaf45795e0ebf5d74ec59eb00dc91f Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Wed, 10 Jul 2019 12:27:12 -0700
Subject: Make Group#subgroup_creation_level return Owner if it is nil in DB

---
 app/models/group.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index 3f80c1373f1..37f30552b39 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -417,7 +417,7 @@ class Group < Namespace
   end
 
   def subgroup_creation_level
-    super || ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS
+    super || ::Gitlab::Access::OWNER_SUBGROUP_ACCESS
   end
 
   private
-- 
cgit v1.2.1


From dcb5bd2eb1e8b4da22063c5f131e986b5c7ab3f5 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 12 Jul 2019 10:48:38 -0700
Subject: Add a link from the permissions table to the subgroups/creating a
 subgroup section

---
 doc/user/permissions.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 07122cd90d7..044be05b932 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -216,7 +216,8 @@ group.
 | Delete group epic **(ULTIMATE)**                |       |          |           |            | ✓     |
 | View group Audit Events                         |       |          |           |            | ✓     |
 
-- (1): Groups can be set to allow either Owners or Owners and Maintainers to create subgroups
+- (1): Groups can be set to [allow either Owners or Owners and
+  Maintainers to create subgroups](group/subgroups/index.md#creating-a-subgroup)
 
 ### Subgroup permissions
 
-- 
cgit v1.2.1


From 8264f4699ba8fbefae1011fd23adc65621735dc8 Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 19 Jul 2019 18:22:09 +0000
Subject: Apply suggestion to doc/user/group/subgroups/index.md

---
 doc/user/group/subgroups/index.md | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index b9313ccdb1e..b31851aa151 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -74,10 +74,15 @@ structure.
 
 ## Creating a subgroup
 
-To create a subgroup you must either be an Owner or a Maintainer of the group,
-depending on the group's setting. By default groups allow both Owners and
-Maintainers to create subgroups, but this can be changed by an Owner or
-Administrator to only allow Owners to create subgroups.
+To create a subgroup you must either be an Owner or a Maintainer of the
+group, depending on the group's setting.
+
+By default, groups created in:
+
+- GitLab 12.2 or later allow both Owners and Maintainers to create subgroups.
+- GitLab 12.1 or earlier only allow Owners to create subgroups.
+
+This setting can be for any group by an Owner or Administrator.
 
 For more information check the
 [permissions table](../../permissions.md#group-members-permissions). For a list
-- 
cgit v1.2.1


From a5a444906de6372105c41260a9b1c1eb49d4dc9e Mon Sep 17 00:00:00 2001
From: Nick Thomas <nick@gitlab.com>
Date: Fri, 19 Jul 2019 21:39:26 +0000
Subject: Fix the project auto devops API

If `project_auto_devops.enabled` is nil for a project, when setting any
auto devops values via the API, we try to create a new row in the DB,
instead of re-using the existing one. This leads to the project_id
being set to nil, and the database `NOT NULL` constraint leading to a
500 response.

This commit resolves the issue by correctly detecting the presence of a
ProjectAutoDevops row and re-using it. Persistence is also moved away
from explicit `update!` calls and into relying on `autosave: true` on
the model.
---
 app/models/concerns/project_api_compatibility.rb   |  6 +--
 app/models/project.rb                              |  2 +-
 app/models/project_auto_devops.rb                  |  2 +-
 .../64731-fix-project-auto-devops-api.yml          |  5 +++
 .../concerns/project_api_compatibility_spec.rb     | 51 +++++++++++++++-------
 5 files changed, 45 insertions(+), 21 deletions(-)
 create mode 100644 changelogs/unreleased/64731-fix-project-auto-devops-api.yml

diff --git a/app/models/concerns/project_api_compatibility.rb b/app/models/concerns/project_api_compatibility.rb
index cb00efb06df..631b2a11e9a 100644
--- a/app/models/concerns/project_api_compatibility.rb
+++ b/app/models/concerns/project_api_compatibility.rb
@@ -9,12 +9,10 @@ module ProjectAPICompatibility
   end
 
   def auto_devops_enabled=(value)
-    self.build_auto_devops if self.auto_devops&.enabled.nil?
-    self.auto_devops.update! enabled: value
+    (auto_devops || build_auto_devops).enabled = value
   end
 
   def auto_devops_deploy_strategy=(value)
-    self.build_auto_devops if self.auto_devops&.enabled.nil?
-    self.auto_devops.update! deploy_strategy: value
+    (auto_devops || build_auto_devops).deploy_strategy = value
   end
 end
diff --git a/app/models/project.rb b/app/models/project.rb
index 2906aca75fc..8dfe2212282 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -277,7 +277,7 @@ class Project < ApplicationRecord
   has_many :project_deploy_tokens
   has_many :deploy_tokens, through: :project_deploy_tokens
 
-  has_one :auto_devops, class_name: 'ProjectAutoDevops'
+  has_one :auto_devops, class_name: 'ProjectAutoDevops', inverse_of: :project, autosave: true
   has_many :custom_attributes, class_name: 'ProjectCustomAttribute'
 
   has_many :project_badges, class_name: 'ProjectBadge'
diff --git a/app/models/project_auto_devops.rb b/app/models/project_auto_devops.rb
index 67c12363a3c..f39f54f0434 100644
--- a/app/models/project_auto_devops.rb
+++ b/app/models/project_auto_devops.rb
@@ -5,7 +5,7 @@ class ProjectAutoDevops < ApplicationRecord
 
   ignore_column :domain
 
-  belongs_to :project
+  belongs_to :project, inverse_of: :auto_devops
 
   enum deploy_strategy: {
     continuous: 0,
diff --git a/changelogs/unreleased/64731-fix-project-auto-devops-api.yml b/changelogs/unreleased/64731-fix-project-auto-devops-api.yml
new file mode 100644
index 00000000000..7fe2c036773
--- /dev/null
+++ b/changelogs/unreleased/64731-fix-project-auto-devops-api.yml
@@ -0,0 +1,5 @@
+---
+title: Fix the project auto devops API
+merge_request: 30946
+author:
+type: fixed
diff --git a/spec/models/concerns/project_api_compatibility_spec.rb b/spec/models/concerns/project_api_compatibility_spec.rb
index 8cecd4fe7bc..f5722f88aac 100644
--- a/spec/models/concerns/project_api_compatibility_spec.rb
+++ b/spec/models/concerns/project_api_compatibility_spec.rb
@@ -16,23 +16,44 @@ describe ProjectAPICompatibility do
     expect(project.build_allow_git_fetch).to eq(false)
   end
 
-  # auto_devops_enabled
-  it "converts auto_devops_enabled=false to auto_devops_enabled?=false" do
-    expect(project.auto_devops_enabled?).to eq(true)
-    project.update!(auto_devops_enabled: false)
-    expect(project.auto_devops_enabled?).to eq(false)
-  end
+  describe '#auto_devops_enabled' do
+    where(
+      initial: [:missing, nil, false, true],
+      final: [nil, false, true]
+    )
+
+    with_them do
+      before do
+        project.build_auto_devops(enabled: initial) unless initial == :missing
+      end
+
+      # Implicit auto devops when enabled is nil
+      let(:expected) { final.nil? ? true : final }
+
+      it 'sets the correct value' do
+        project.update!(auto_devops_enabled: final)
 
-  it "converts auto_devops_enabled=true to auto_devops_enabled?=true" do
-    expect(project.auto_devops_enabled?).to eq(true)
-    project.update!(auto_devops_enabled: true)
-    expect(project.auto_devops_enabled?).to eq(true)
+        expect(project.auto_devops_enabled?).to eq(expected)
+      end
+    end
   end
 
-  # auto_devops_deploy_strategy
-  it "converts auto_devops_deploy_strategy=timed_incremental to auto_devops.deploy_strategy=timed_incremental" do
-    expect(project.auto_devops).to be_nil
-    project.update!(auto_devops_deploy_strategy: 'timed_incremental')
-    expect(project.auto_devops.deploy_strategy).to eq('timed_incremental')
+  describe '#auto_devops_deploy_strategy' do
+    where(
+      initial: [:missing, *ProjectAutoDevops.deploy_strategies.keys],
+      final: ProjectAutoDevops.deploy_strategies.keys
+    )
+
+    with_them do
+      before do
+        project.build_auto_devops(deploy_strategy: initial) unless initial == :missing
+      end
+
+      it 'sets the correct value' do
+        project.update!(auto_devops_deploy_strategy: final)
+
+        expect(project.auto_devops.deploy_strategy).to eq(final)
+      end
+    end
   end
 end
-- 
cgit v1.2.1


From 6c4ddc409fe95215502b6427452715edd31b41ab Mon Sep 17 00:00:00 2001
From: Fabio Papa <fabtheman@gmail.com>
Date: Fri, 19 Jul 2019 14:59:36 -0700
Subject: Resolve some issues in MR

---
 spec/services/groups/create_service_spec.rb                          | 1 -
 spec/support/shared_contexts/policies/group_policy_shared_context.rb | 4 ++--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index b4e6ddddfac..a7c95428485 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -1,4 +1,3 @@
-# coding: utf-8
 # frozen_string_literal: true
 
 require 'spec_helper'
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 599c912ce00..74389c4d82b 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -20,8 +20,8 @@ RSpec.shared_context 'GroupPolicy context' do
   let(:developer_permissions) { [:admin_milestone] }
   let(:maintainer_permissions) do
     %i[
-      create_projects read_cluster create_cluster update_cluster
-      admin_cluster add_cluster
+      create_projects
+      read_cluster create_cluster update_cluster admin_cluster add_cluster
     ]
   end
   let(:owner_permissions) do
-- 
cgit v1.2.1


From e1644da6f08cae0158d7a159c9f48d5575baf632 Mon Sep 17 00:00:00 2001
From: Walmyr Lima <walmyr@gitlab.com>
Date: Fri, 19 Jul 2019 21:49:37 +0200
Subject: Standardize Page Objects use on CE Plan Tests

This is a first iteration to address the following issue:
https://gitlab.com/gitlab-org/quality/team-tasks/issues/168

Note: depends on
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/30945
---
 .../2_plan/issue/check_mentions_for_xss_spec.rb    |  8 ++++----
 .../issue/collapse_comments_in_discussions_spec.rb | 22 +++++++++++-----------
 .../browser_ui/2_plan/issue/comment_issue_spec.rb  | 12 ++++++------
 .../2_plan/issue/filter_issue_comments_spec.rb     | 22 +++++++++++-----------
 .../2_plan/issue/issue_suggestions_spec.rb         | 10 +++++-----
 5 files changed, 37 insertions(+), 37 deletions(-)

diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
index afddbff75bd..d412125bb68 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
@@ -30,12 +30,12 @@ module QA
       end
 
       it 'user mentions a user in comment' do
-        Page::Project::Issue::Show.perform do |show_page|
-          show_page.select_all_activities_filter
-          show_page.comment('cc-ing you here @eve')
+        Page::Project::Issue::Show.perform do |show|
+          show.select_all_activities_filter
+          show.comment('cc-ing you here @eve')
 
           expect do
-            expect(show_page).to have_content("cc-ing you here")
+            expect(show).to have_content("cc-ing you here")
           end.not_to raise_error # Selenium::WebDriver::Error::UnhandledAlertError
         end
       end
diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/collapse_comments_in_discussions_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/collapse_comments_in_discussions_spec.rb
index e8fdffeeeab..ad70f6813fb 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/collapse_comments_in_discussions_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/collapse_comments_in_discussions_spec.rb
@@ -15,28 +15,28 @@ module QA
 
         issue.visit!
 
-        Page::Project::Issue::Show.perform do |show_page|
+        Page::Project::Issue::Show.perform do |show|
           my_first_discussion = 'My first discussion'
 
-          show_page.select_all_activities_filter
-          show_page.start_discussion(my_first_discussion)
+          show.select_all_activities_filter
+          show.start_discussion(my_first_discussion)
           page.assert_text(my_first_discussion)
-          show_page.reply_to_discussion(my_first_reply)
+          show.reply_to_discussion(my_first_reply)
           page.assert_text(my_first_reply)
         end
       end
 
       it 'user collapses and expands reply for comments in an issue' do
-        Page::Project::Issue::Show.perform do |show_page|
+        Page::Project::Issue::Show.perform do |show|
           one_reply = "1 reply"
 
-          show_page.collapse_replies
-          expect(show_page).to have_content(one_reply)
-          expect(show_page).not_to have_content(my_first_reply)
+          show.collapse_replies
+          expect(show).to have_content(one_reply)
+          expect(show).not_to have_content(my_first_reply)
 
-          show_page.expand_replies
-          expect(show_page).to have_content(my_first_reply)
-          expect(show_page).not_to have_content(one_reply)
+          show.expand_replies
+          expect(show).to have_content(my_first_reply)
+          expect(show).not_to have_content(one_reply)
         end
       end
     end
diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/comment_issue_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/comment_issue_spec.rb
index 78919561a89..0b1bd00ac8d 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/comment_issue_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/comment_issue_spec.rb
@@ -14,18 +14,18 @@ module QA
       end
 
       it 'user comments on an issue and edits the comment' do
-        Page::Project::Issue::Show.perform do |issue_show_page|
+        Page::Project::Issue::Show.perform do |show|
           first_version_of_comment = 'First version of the comment'
           second_version_of_comment = 'Second version of the comment'
 
-          issue_show_page.comment(first_version_of_comment)
+          show.comment(first_version_of_comment)
 
-          expect(issue_show_page).to have_content(first_version_of_comment)
+          expect(show).to have_content(first_version_of_comment)
 
-          issue_show_page.edit_comment(second_version_of_comment)
+          show.edit_comment(second_version_of_comment)
 
-          expect(issue_show_page).to have_content(second_version_of_comment)
-          expect(issue_show_page).not_to have_content(first_version_of_comment)
+          expect(show).to have_content(second_version_of_comment)
+          expect(show).not_to have_content(first_version_of_comment)
         end
       end
     end
diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/filter_issue_comments_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/filter_issue_comments_spec.rb
index 6f5b6893248..317e31feea8 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/filter_issue_comments_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/filter_issue_comments_spec.rb
@@ -17,25 +17,25 @@ module QA
       end
 
       it 'user filters comments and activities in an issue' do
-        Page::Project::Issue::Show.perform do |show_page|
+        Page::Project::Issue::Show.perform do |show|
           my_own_comment = "My own comment"
           made_the_issue_confidential = "made the issue confidential"
 
-          show_page.comment('/confidential', filter: :comments_only)
-          show_page.comment(my_own_comment, filter: :comments_only)
+          show.comment('/confidential', filter: :comments_only)
+          show.comment(my_own_comment, filter: :comments_only)
 
-          expect(show_page).not_to have_content(made_the_issue_confidential)
-          expect(show_page).to have_content(my_own_comment)
+          expect(show).not_to have_content(made_the_issue_confidential)
+          expect(show).to have_content(my_own_comment)
 
-          show_page.select_all_activities_filter
+          show.select_all_activities_filter
 
-          expect(show_page).to have_content(made_the_issue_confidential)
-          expect(show_page).to have_content(my_own_comment)
+          expect(show).to have_content(made_the_issue_confidential)
+          expect(show).to have_content(my_own_comment)
 
-          show_page.select_history_only_filter
+          show.select_history_only_filter
 
-          expect(show_page).to have_content(made_the_issue_confidential)
-          expect(show_page).not_to have_content(my_own_comment)
+          expect(show).to have_content(made_the_issue_confidential)
+          expect(show).not_to have_content(my_own_comment)
         end
       end
     end
diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/issue_suggestions_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/issue_suggestions_spec.rb
index 694a3ffb54b..c42c2cedde0 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/issue_suggestions_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/issue_suggestions_spec.rb
@@ -24,12 +24,12 @@ module QA
 
       it 'user sees issue suggestions when creating a new issue' do
         Page::Project::Show.perform(&:go_to_new_issue)
-        Page::Project::Issue::New.perform do |new_issue_page|
-          new_issue_page.add_title("issue")
-          expect(new_issue_page).to have_content(issue_title)
+        Page::Project::Issue::New.perform do |new|
+          new.add_title("issue")
+          expect(new).to have_content(issue_title)
 
-          new_issue_page.add_title("Issue Board")
-          expect(new_issue_page).not_to have_content(issue_title)
+          new.add_title("Issue Board")
+          expect(new).not_to have_content(issue_title)
         end
       end
     end
-- 
cgit v1.2.1


From ee01f095a47befaa0c7444ae14b45e0545ce54cd Mon Sep 17 00:00:00 2001
From: Peter Dave Hello <hsu@peterdavehello.org>
Date: Sat, 20 Jul 2019 23:06:32 +0800
Subject: Fix merge_request value in -30974-issue-search-by-number.yml
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

There was an syntax issue here which caused it can't be parsed properly.

cc !28302

yaml-lint(https://www.npmjs.com/package/yaml-lint):
```
✖ unknown tag !<!28302> at line 4, column 1:
    author: Riccardo Padovani
    ^
```

Online YAML Parser:(https://yaml-online-parser.appspot.com/)
```
ERROR:

could not determine a constructor for the tag '!28302'
  in "<unicode string>", line 3, column 16:
    merge_request: !28302                           ...
                   ^
```
---
 changelogs/unreleased/-30974-issue-search-by-number.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changelogs/unreleased/-30974-issue-search-by-number.yml b/changelogs/unreleased/-30974-issue-search-by-number.yml
index 1e6642ec102..da50ee32c83 100644
--- a/changelogs/unreleased/-30974-issue-search-by-number.yml
+++ b/changelogs/unreleased/-30974-issue-search-by-number.yml
@@ -1,5 +1,5 @@
 ---
 title: "Search issuables by iids"
-merge_request: !28302
+merge_request: 28302
 author: Riccardo Padovani
 type: fixed
-- 
cgit v1.2.1


From 592e042369fca677933ae22154b4b7cee0200ecd Mon Sep 17 00:00:00 2001
From: Peter Dave Hello <hsu@peterdavehello.org>
Date: Sat, 20 Jul 2019 23:11:21 +0800
Subject: Remove filename leading slash of -30974-issue-search-by-number.yml

The leading slash will cause some not friendly command line behavier,
for example:

vim:
```
~/gitlab-ce/changelogs/unreleased $ vim -30974-issue-search-by-number.yml
VIM - Vi IMproved 7.4 (2013 Aug 10, compiled Jun 07 2019 15:35:43)
Unknown option argument: "-30974-issue-search-by-number.yml"
More info with: "vim -h"
```

git:
```
~/gitlab-ce/changelogs/unreleased $ git add -30974-issue-search-by-number.yml
error: unknown switch `3'
usage: git add [<options>] [--] <pathspec>...

    -n, --dry-run         dry run
    -v, --verbose         be verbose

    -i, --interactive     interactive picking
    -p, --patch           select hunks interactively
    -e, --edit            edit current diff and apply
    -f, --force           allow adding otherwise ignored files
    -u, --update          update tracked files
    -N, --intent-to-add   record only the fact that the path will be added later
    -A, --all             add changes from all tracked and untracked files
    --ignore-removal      ignore paths removed in the working tree (same as --no-all)
    --refresh             don't add, only refresh the index
    --ignore-errors       just skip files which cannot be added because of errors
    --ignore-missing      check if - even missing - files are ignored in dry run
```

There's no other unreleased changelog has a filename with leading slash,
so I think this one should be corrected.

cc !28302
---
 changelogs/unreleased/-30974-issue-search-by-number.yml | 5 -----
 changelogs/unreleased/30974-issue-search-by-number.yml  | 5 +++++
 2 files changed, 5 insertions(+), 5 deletions(-)
 delete mode 100644 changelogs/unreleased/-30974-issue-search-by-number.yml
 create mode 100644 changelogs/unreleased/30974-issue-search-by-number.yml

diff --git a/changelogs/unreleased/-30974-issue-search-by-number.yml b/changelogs/unreleased/-30974-issue-search-by-number.yml
deleted file mode 100644
index da50ee32c83..00000000000
--- a/changelogs/unreleased/-30974-issue-search-by-number.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: "Search issuables by iids"
-merge_request: 28302
-author: Riccardo Padovani
-type: fixed
diff --git a/changelogs/unreleased/30974-issue-search-by-number.yml b/changelogs/unreleased/30974-issue-search-by-number.yml
new file mode 100644
index 00000000000..da50ee32c83
--- /dev/null
+++ b/changelogs/unreleased/30974-issue-search-by-number.yml
@@ -0,0 +1,5 @@
+---
+title: "Search issuables by iids"
+merge_request: 28302
+author: Riccardo Padovani
+type: fixed
-- 
cgit v1.2.1


From a7fa9bc248bda1044113e33f9ff0eca8938af0b2 Mon Sep 17 00:00:00 2001
From: Rayana Verissimo <rverissimo@gitlab.com>
Date: Sat, 20 Jul 2019 17:50:35 +0000
Subject: Update tooltip values to meet design specs

---
 app/assets/stylesheets/framework/tooltips.scss            | 5 ++---
 app/assets/stylesheets/framework/variables_overrides.scss | 4 ++++
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/app/assets/stylesheets/framework/tooltips.scss b/app/assets/stylesheets/framework/tooltips.scss
index 98f28987a82..edc2fb532c8 100644
--- a/app/assets/stylesheets/framework/tooltips.scss
+++ b/app/assets/stylesheets/framework/tooltips.scss
@@ -1,7 +1,6 @@
 .tooltip-inner {
-  font-size: $tooltip-font-size;
+  font-size: $gl-font-size-small;
   border-radius: $border-radius-default;
-  line-height: 16px;
+  line-height: $gl-line-height;
   font-weight: $gl-font-weight-normal;
-  padding: 8px;
 }
diff --git a/app/assets/stylesheets/framework/variables_overrides.scss b/app/assets/stylesheets/framework/variables_overrides.scss
index ea96381a098..604b48e11ab 100644
--- a/app/assets/stylesheets/framework/variables_overrides.scss
+++ b/app/assets/stylesheets/framework/variables_overrides.scss
@@ -48,3 +48,7 @@ $spacers: (
   9: ($spacer * 8)
 );
 $pagination-color: $gl-text-color;
+$tooltip-padding-y: 0.5rem;
+$tooltip-padding-x: 0.75rem;
+$tooltip-arrow-height: 0.5rem;
+$tooltip-arrow-width: 1rem;
-- 
cgit v1.2.1


From 7320758611b8d8c28fb179f970e015a72357b94d Mon Sep 17 00:00:00 2001
From: Alex Kalderimis <akalderimis@gitlab.com>
Date: Sun, 21 Jul 2019 01:26:19 +0000
Subject: Count wiki page creation

This adds a counter to count page creation, which is reflected in the
usage-data we collect.

The number created is stored in Redis, avoiding DB access.
---
 app/services/wiki_pages/base_service.rb            |  6 ++
 changelogs/unreleased/wiki-usage-pings.yml         |  5 ++
 lib/gitlab/usage_data.rb                           | 17 ++++--
 lib/gitlab/usage_data_counters/web_ide_counter.rb  |  8 +++
 .../usage_data_counters/wiki_page_counter.rb       | 32 ++++++++++
 .../usage_data_counters/web_ide_counter_spec.rb    | 20 +++++++
 .../usage_data_counters/wiki_page_counter_spec.rb  | 69 ++++++++++++++++++++++
 spec/lib/gitlab/usage_data_spec.rb                 | 40 +++++++++----
 spec/services/wiki_pages/base_service_spec.rb      | 27 +++++++++
 spec/services/wiki_pages/create_service_spec.rb    | 25 ++++++++
 spec/services/wiki_pages/destroy_service_spec.rb   | 12 ++++
 spec/services/wiki_pages/update_service_spec.rb    | 25 ++++++++
 12 files changed, 270 insertions(+), 16 deletions(-)
 create mode 100644 changelogs/unreleased/wiki-usage-pings.yml
 create mode 100644 lib/gitlab/usage_data_counters/wiki_page_counter.rb
 create mode 100644 spec/lib/gitlab/usage_data_counters/wiki_page_counter_spec.rb
 create mode 100644 spec/services/wiki_pages/base_service_spec.rb

diff --git a/app/services/wiki_pages/base_service.rb b/app/services/wiki_pages/base_service.rb
index e259f5bd1bc..b9df690c2b7 100644
--- a/app/services/wiki_pages/base_service.rb
+++ b/app/services/wiki_pages/base_service.rb
@@ -8,6 +8,12 @@ module WikiPages
       page_data = Gitlab::DataBuilder::WikiPage.build(page, current_user, action)
       @project.execute_hooks(page_data, :wiki_page_hooks)
       @project.execute_services(page_data, :wiki_page_hooks)
+      increment_usage(action)
+    end
+
+    # This method throws an error if the action is an unanticipated value.
+    def increment_usage(action)
+      Gitlab::UsageDataCounters::WikiPageCounter.count(action)
     end
   end
 end
diff --git a/changelogs/unreleased/wiki-usage-pings.yml b/changelogs/unreleased/wiki-usage-pings.yml
new file mode 100644
index 00000000000..c3d084228c3
--- /dev/null
+++ b/changelogs/unreleased/wiki-usage-pings.yml
@@ -0,0 +1,5 @@
+---
+title: Count wiki creation, update and delete events
+merge_request: 30864
+author:
+type: added
diff --git a/lib/gitlab/usage_data.rb b/lib/gitlab/usage_data.rb
index 43072053e57..db1086c9cae 100644
--- a/lib/gitlab/usage_data.rb
+++ b/lib/gitlab/usage_data.rb
@@ -6,7 +6,9 @@ module Gitlab
 
     class << self
       def data(force_refresh: false)
-        Rails.cache.fetch('usage_data', force: force_refresh, expires_in: 2.weeks) { uncached_data }
+        Rails.cache.fetch('usage_data', force: force_refresh, expires_in: 2.weeks) do
+          uncached_data
+        end
       end
 
       def uncached_data
@@ -128,12 +130,15 @@ module Gitlab
         }
       end
 
+      # @return [Hash<Symbol, Integer>]
       def usage_counters
-        {
-          web_ide_commits: Gitlab::UsageDataCounters::WebIdeCounter.total_commits_count,
-          web_ide_merge_requests: Gitlab::UsageDataCounters::WebIdeCounter.total_merge_requests_count,
-          web_ide_views: Gitlab::UsageDataCounters::WebIdeCounter.total_views_count
-        }
+        usage_data_counters.map(&:totals).reduce({}) { |a, b| a.merge(b) }
+      end
+
+      # @return [Array<#totals>] An array of objects that respond to `#totals`
+      def usage_data_counters
+        [Gitlab::UsageDataCounters::WikiPageCounter,
+         Gitlab::UsageDataCounters::WebIdeCounter]
       end
 
       def components_usage_data
diff --git a/lib/gitlab/usage_data_counters/web_ide_counter.rb b/lib/gitlab/usage_data_counters/web_ide_counter.rb
index 899ad0db9c0..0718c1dd761 100644
--- a/lib/gitlab/usage_data_counters/web_ide_counter.rb
+++ b/lib/gitlab/usage_data_counters/web_ide_counter.rb
@@ -33,6 +33,14 @@ module Gitlab
         def total_views_count
           total_count(VIEWS_COUNT_KEY)
         end
+
+        def totals
+          {
+            web_ide_commits: total_commits_count,
+            web_ide_views: total_views_count,
+            web_ide_merge_requests: total_merge_requests_count
+          }
+        end
       end
     end
   end
diff --git a/lib/gitlab/usage_data_counters/wiki_page_counter.rb b/lib/gitlab/usage_data_counters/wiki_page_counter.rb
new file mode 100644
index 00000000000..c8b59a3160c
--- /dev/null
+++ b/lib/gitlab/usage_data_counters/wiki_page_counter.rb
@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+module Gitlab::UsageDataCounters
+  class WikiPageCounter
+    extend RedisCounter
+
+    KNOWN_EVENTS = %w[create update delete].map(&:freeze).freeze
+
+    UnknownEvent = Class.new(StandardError)
+
+    class << self
+      # Each event gets a unique Redis key
+      def redis_key(event)
+        raise UnknownEvent, event unless KNOWN_EVENTS.include?(event.to_s)
+
+        "USAGE_WIKI_PAGES_#{event}".upcase
+      end
+
+      def count(event)
+        increment(redis_key event)
+      end
+
+      def read(event)
+        total_count(redis_key event)
+      end
+
+      def totals
+        KNOWN_EVENTS.map { |e| ["wiki_pages_#{e}".to_sym, read(e)] }.to_h
+      end
+    end
+  end
+end
diff --git a/spec/lib/gitlab/usage_data_counters/web_ide_counter_spec.rb b/spec/lib/gitlab/usage_data_counters/web_ide_counter_spec.rb
index b5e32d1875f..7a01f7d1de8 100644
--- a/spec/lib/gitlab/usage_data_counters/web_ide_counter_spec.rb
+++ b/spec/lib/gitlab/usage_data_counters/web_ide_counter_spec.rb
@@ -33,4 +33,24 @@ describe Gitlab::UsageDataCounters::WebIdeCounter, :clean_gitlab_redis_shared_st
 
     it_behaves_like 'counter examples'
   end
+
+  describe '.totals' do
+    commits = 5
+    merge_requests = 3
+    views = 2
+
+    before do
+      commits.times { described_class.increment_commits_count }
+      merge_requests.times { described_class.increment_merge_requests_count }
+      views.times { described_class.increment_views_count }
+    end
+
+    it 'can report all totals' do
+      expect(described_class.totals).to include(
+        web_ide_commits: commits,
+        web_ide_views: views,
+        web_ide_merge_requests: merge_requests
+      )
+    end
+  end
 end
diff --git a/spec/lib/gitlab/usage_data_counters/wiki_page_counter_spec.rb b/spec/lib/gitlab/usage_data_counters/wiki_page_counter_spec.rb
new file mode 100644
index 00000000000..41afbbb191c
--- /dev/null
+++ b/spec/lib/gitlab/usage_data_counters/wiki_page_counter_spec.rb
@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::UsageDataCounters::WikiPageCounter, :clean_gitlab_redis_shared_state do
+  shared_examples :wiki_page_event do |event|
+    describe ".count(#{event})" do
+      it "increments the wiki page #{event} counter by 1" do
+        expect do
+          described_class.count(event)
+        end.to change { described_class.read(event) }.by 1
+      end
+    end
+
+    describe ".read(#{event})" do
+      event_count = 5
+
+      it "returns the total number of #{event} events" do
+        event_count.times do
+          described_class.count(event)
+        end
+
+        expect(described_class.read(event)).to eq(event_count)
+      end
+    end
+  end
+
+  include_examples :wiki_page_event, :create
+  include_examples :wiki_page_event, :update
+  include_examples :wiki_page_event, :delete
+
+  describe 'totals' do
+    creations = 5
+    edits = 3
+    deletions = 2
+
+    before do
+      creations.times do
+        described_class.count(:create)
+      end
+      edits.times do
+        described_class.count(:update)
+      end
+      deletions.times do
+        described_class.count(:delete)
+      end
+    end
+
+    it 'can report all totals' do
+      expect(described_class.totals).to include(
+        wiki_pages_update: edits,
+        wiki_pages_create: creations,
+        wiki_pages_delete: deletions
+      )
+    end
+  end
+
+  describe 'unknown events' do
+    error = described_class::UnknownEvent
+
+    it 'cannot increment' do
+      expect { described_class.count(:wibble) }.to raise_error error
+    end
+
+    it 'cannot read' do
+      expect { described_class.read(:wibble) }.to raise_error error
+    end
+  end
+end
diff --git a/spec/lib/gitlab/usage_data_spec.rb b/spec/lib/gitlab/usage_data_spec.rb
index 270dd652c20..2289d906944 100644
--- a/spec/lib/gitlab/usage_data_spec.rb
+++ b/spec/lib/gitlab/usage_data_spec.rb
@@ -57,20 +57,18 @@ describe Gitlab::UsageData do
         gitaly
         database
         avg_cycle_analytics
-        web_ide_views
-        web_ide_commits
-        web_ide_merge_requests
         influxdb_metrics_enabled
         prometheus_metrics_enabled
       ))
-    end
-
-    it 'calls expected usage data methods' do
-      expect(Gitlab::UsageDataCounters::WebIdeCounter).to receive(:total_commits_count)
-      expect(Gitlab::UsageDataCounters::WebIdeCounter).to receive(:total_merge_requests_count)
-      expect(Gitlab::UsageDataCounters::WebIdeCounter).to receive(:total_views_count)
 
-      subject
+      expect(subject).to include(
+        wiki_pages_create: a_kind_of(Integer),
+        wiki_pages_update: a_kind_of(Integer),
+        wiki_pages_delete: a_kind_of(Integer),
+        web_ide_views: a_kind_of(Integer),
+        web_ide_commits: a_kind_of(Integer),
+        web_ide_merge_requests: a_kind_of(Integer)
+      )
     end
 
     it "gathers usage counts" do
@@ -192,6 +190,28 @@ describe Gitlab::UsageData do
     end
   end
 
+  describe '#usage_data_counters' do
+    subject { described_class.usage_data_counters }
+
+    it { is_expected.to all(respond_to :totals) }
+
+    describe 'the results of calling #totals on all objects in the array' do
+      subject { described_class.usage_data_counters.map(&:totals) }
+
+      it do
+        is_expected
+          .to all(be_a Hash)
+          .and all(have_attributes(keys: all(be_a Symbol), values: all(be_a Integer)))
+      end
+    end
+
+    it 'does not have any conflicts' do
+      all_keys = subject.flat_map { |counter| counter.totals.keys }
+
+      expect(all_keys.size).to eq all_keys.to_set.size
+    end
+  end
+
   describe '#features_usage_data_ce' do
     subject { described_class.features_usage_data_ce }
 
diff --git a/spec/services/wiki_pages/base_service_spec.rb b/spec/services/wiki_pages/base_service_spec.rb
new file mode 100644
index 00000000000..2e70246c6f2
--- /dev/null
+++ b/spec/services/wiki_pages/base_service_spec.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe WikiPages::BaseService do
+  let(:project) { double('project') }
+  let(:user) { double('user') }
+
+  subject(:service) { described_class.new(project, user, {}) }
+
+  describe '#increment_usage' do
+    counter = Gitlab::UsageDataCounters::WikiPageCounter
+    error = counter::UnknownEvent
+
+    it 'raises an error on unknown events' do
+      expect { subject.send(:increment_usage, :bad_event) }.to raise_error error
+    end
+
+    context 'the event is valid' do
+      counter::KNOWN_EVENTS.each do |e|
+        it "updates the #{e} counter" do
+          expect { subject.send(:increment_usage, e) }.to change { counter.read(e) }
+        end
+      end
+    end
+  end
+end
diff --git a/spec/services/wiki_pages/create_service_spec.rb b/spec/services/wiki_pages/create_service_spec.rb
index 84510dcf700..ef03a2e9788 100644
--- a/spec/services/wiki_pages/create_service_spec.rb
+++ b/spec/services/wiki_pages/create_service_spec.rb
@@ -14,6 +14,10 @@ describe WikiPages::CreateService do
     }
   end
 
+  let(:bad_opts) do
+    { title: '' }
+  end
+
   subject(:service) { described_class.new(project, user, opts) }
 
   before do
@@ -36,5 +40,26 @@ describe WikiPages::CreateService do
 
       service.execute
     end
+
+    it 'counts wiki page creation' do
+      counter = Gitlab::UsageDataCounters::WikiPageCounter
+
+      expect { service.execute }.to change { counter.read(:create) }.by 1
+    end
+
+    context 'when the options are bad' do
+      subject(:service) { described_class.new(project, user, bad_opts) }
+
+      it 'does not count a creation event' do
+        counter = Gitlab::UsageDataCounters::WikiPageCounter
+
+        expect { service.execute }.not_to change { counter.read(:create) }
+      end
+
+      it 'reports the error' do
+        expect(service.execute).to be_invalid
+          .and have_attributes(errors: be_present)
+      end
+    end
   end
 end
diff --git a/spec/services/wiki_pages/destroy_service_spec.rb b/spec/services/wiki_pages/destroy_service_spec.rb
index c74eac4dad6..350a7eb123b 100644
--- a/spec/services/wiki_pages/destroy_service_spec.rb
+++ b/spec/services/wiki_pages/destroy_service_spec.rb
@@ -20,5 +20,17 @@ describe WikiPages::DestroyService do
 
       service.execute(page)
     end
+
+    it 'increments the delete count' do
+      counter = Gitlab::UsageDataCounters::WikiPageCounter
+
+      expect { service.execute(page) }.to change { counter.read(:delete) }.by 1
+    end
+
+    it 'does not increment the delete count if the deletion failed' do
+      counter = Gitlab::UsageDataCounters::WikiPageCounter
+
+      expect { service.execute(nil) }.not_to change { counter.read(:delete) }
+    end
   end
 end
diff --git a/spec/services/wiki_pages/update_service_spec.rb b/spec/services/wiki_pages/update_service_spec.rb
index 19866bd3bfc..d5f46e7b2db 100644
--- a/spec/services/wiki_pages/update_service_spec.rb
+++ b/spec/services/wiki_pages/update_service_spec.rb
@@ -16,6 +16,10 @@ describe WikiPages::UpdateService do
     }
   end
 
+  let(:bad_opts) do
+    { title: '' }
+  end
+
   subject(:service) { described_class.new(project, user, opts) }
 
   before do
@@ -39,5 +43,26 @@ describe WikiPages::UpdateService do
 
       service.execute(page)
     end
+
+    it 'counts edit events' do
+      counter = Gitlab::UsageDataCounters::WikiPageCounter
+
+      expect { service.execute page }.to change { counter.read(:update) }.by 1
+    end
+
+    context 'when the options are bad' do
+      subject(:service) { described_class.new(project, user, bad_opts) }
+
+      it 'does not count an edit event' do
+        counter = Gitlab::UsageDataCounters::WikiPageCounter
+
+        expect { service.execute page }.not_to change { counter.read(:update) }
+      end
+
+      it 'reports the error' do
+        expect(service.execute page).to be_invalid
+          .and have_attributes(errors: be_present)
+      end
+    end
   end
 end
-- 
cgit v1.2.1


From 785b9b02ded3d2e973afc3c7d12e1a126a23240c Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Mon, 22 Jul 2019 01:49:37 +0000
Subject: Fix unordered list spacing

Correct the spacing of unordered markdown lists
in docs, to maintain standards of documentation,
in /user and others.
---
 doc/administration/gitaly/index.md        |  2 +-
 doc/ci/introduction/index.md              | 36 ++++++++++++++--------------
 doc/user/clusters/applications.md         | 12 +++++-----
 doc/user/group/subgroups/index.md         | 40 +++++++++++++++----------------
 doc/user/project/badges.md                | 16 ++++++-------
 doc/user/project/cycle_analytics.md       | 14 +++++------
 doc/user/project/import/svn.md            | 10 ++++----
 doc/user/project/index.md                 | 18 +++++++-------
 doc/user/project/integrations/mock_ci.md  |  4 ++--
 doc/user/project/integrations/webhooks.md | 14 +++++------
 doc/user/project/issue_board.md           |  8 +++----
 doc/user/project/pages/introduction.md    | 26 ++++++++++----------
 doc/user/search/advanced_search_syntax.md |  6 ++---
 doc/user/search/index.md                  | 10 ++++----
 doc/workflow/forking_workflow.md          | 34 +++++++++++---------------
 doc/workflow/repository_mirroring.md      | 12 +++++-----
 16 files changed, 128 insertions(+), 134 deletions(-)

diff --git a/doc/administration/gitaly/index.md b/doc/administration/gitaly/index.md
index 0ef88a26ab9..0f547ef03bf 100644
--- a/doc/administration/gitaly/index.md
+++ b/doc/administration/gitaly/index.md
@@ -359,7 +359,7 @@ To configure Gitaly with TLS:
    gitaly['tls_listen_addr'] = "0.0.0.0:9999"
    gitaly['certificate_path'] = "path/to/cert.pem"
    gitaly['key_path'] = "path/to/key.pem"
-  ```
+   ```
 
 1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure).
 
diff --git a/doc/ci/introduction/index.md b/doc/ci/introduction/index.md
index fc89f0fc94f..6401ff90a0a 100644
--- a/doc/ci/introduction/index.md
+++ b/doc/ci/introduction/index.md
@@ -146,14 +146,14 @@ so, GitLab CI/CD:
 - Runs automated scripts (sequential or parallel) to:
   - Build and test your app.
   - Preview the changes per merge request with Review Apps, as you
-  would see in your `localhost`.
+    would see in your `localhost`.
 
 Once you're happy with your implementation:
 
 - Get your code reviewed and approved.
 - Merge the feature branch into the default branch.
   - GitLab CI/CD deploys your changes automatically to a production environment.
--  And finally, you and your team can easily roll it back if something goes wrong.
+- And finally, you and your team can easily roll it back if something goes wrong.
 
 ![GitLab workflow example](img/gitlab_workflow_example_11_9.png)
 
@@ -176,24 +176,24 @@ you'll see some of the features available in GitLab
 according to each stage (Verify, Package, Release).
 
 1. **Verify**:
-    - Automatically build and test your application with Continuous Integration.
-    - Analyze your source code quality with [GitLab Code Quality](../../user/project/merge_requests/code_quality.md). **(STARTER)**
-    - Determine the performance impact of code changes with [Browser Performance Testing](../../user/project/merge_requests/browser_performance_testing.md). **(PREMIUM)**
-    - Perform a series of tests, such as [Container Scanning](../../user/application_security/container_scanning/index.md) **(ULTIMATE)**, [Dependency Scanning](../../user/application_security/dependency_scanning/index.md) **(ULTIMATE)**, and [JUnit tests](../junit_test_reports.md).
-    - Deploy your changes with [Review Apps](../review_apps/index.md) to preview the app changes on every branch.
+   - Automatically build and test your application with Continuous Integration.
+   - Analyze your source code quality with [GitLab Code Quality](../../user/project/merge_requests/code_quality.md). **(STARTER)**
+   - Determine the performance impact of code changes with [Browser Performance Testing](../../user/project/merge_requests/browser_performance_testing.md). **(PREMIUM)**
+   - Perform a series of tests, such as [Container Scanning](../../user/application_security/container_scanning/index.md) **(ULTIMATE)**, [Dependency Scanning](../../user/application_security/dependency_scanning/index.md) **(ULTIMATE)**, and [JUnit tests](../junit_test_reports.md).
+   - Deploy your changes with [Review Apps](../review_apps/index.md) to preview the app changes on every branch.
 1. **Package**:
-    - Store Docker images with [Container Registry](../../user/project/container_registry.md).
-    - Store NPM packages with [NPM Registry](../../user/project/packages/npm_registry.md). **(PREMIUM)**
-    - Store Maven artifacts with [Maven Repository](../../user/project/packages/maven_repository.md). **(PREMIUM)**
+   - Store Docker images with [Container Registry](../../user/project/container_registry.md).
+   - Store NPM packages with [NPM Registry](../../user/project/packages/npm_registry.md). **(PREMIUM)**
+   - Store Maven artifacts with [Maven Repository](../../user/project/packages/maven_repository.md). **(PREMIUM)**
 1. **Release**:
-    - Continuous Deployment, automatically deploying your app to production.
-    - Continuous Delivery, manually click to deploy your app to production.
-    - Deploy static websites with [GitLab Pages](../../user/project/pages/index.md).
-    - Ship features to only a portion of your pods and let a percentage of your user base to visit the temporarily deployed feature with [Canary Deployments](../../user/project/canary_deployments.md). **(PREMIUM)**
-    - Deploy your features behind [Feature Flags](../../user/project/operations/feature_flags.md). **(PREMIUM)**
-    - Add release notes to any Git tag with [GitLab Releases](../../user/project/releases/index.md).
-    - View of the current health and status of each CI environment running on Kubernetes with [Deploy Boards](../../user/project/deploy_boards.md). **(PREMIUM)**
-    -  Deploy your application to a production environment in a Kubernetes cluster with [Auto Deploy](../../topics/autodevops/index.md#auto-deploy).
+   - Continuous Deployment, automatically deploying your app to production.
+   - Continuous Delivery, manually click to deploy your app to production.
+   - Deploy static websites with [GitLab Pages](../../user/project/pages/index.md).
+   - Ship features to only a portion of your pods and let a percentage of your user base to visit the temporarily deployed feature with [Canary Deployments](../../user/project/canary_deployments.md). **(PREMIUM)**
+   - Deploy your features behind [Feature Flags](../../user/project/operations/feature_flags.md). **(PREMIUM)**
+   - Add release notes to any Git tag with [GitLab Releases](../../user/project/releases/index.md).
+   - View of the current health and status of each CI environment running on Kubernetes with [Deploy Boards](../../user/project/deploy_boards.md). **(PREMIUM)**
+   - Deploy your application to a production environment in a Kubernetes cluster with [Auto Deploy](../../topics/autodevops/index.md#auto-deploy).
 
 With GitLab CI/CD you can also:
 
diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md
index 6956086c382..d5c836554ce 100644
--- a/doc/user/clusters/applications.md
+++ b/doc/user/clusters/applications.md
@@ -19,8 +19,8 @@ This namespace:
 To see a list of available applications to install:
 
 1. For a:
-    - Project-level cluster, navigate to your project's **Operations > Kubernetes**.
-    - Group-level cluster, navigate to your group's **Kubernetes** page.
+   - Project-level cluster, navigate to your project's **Operations > Kubernetes**.
+   - Group-level cluster, navigate to your group's **Kubernetes** page.
 
 Install Helm first as it's used to install other applications.
 
@@ -232,8 +232,8 @@ The applications below can be upgraded.
 To upgrade an application:
 
 1. For a:
-    - Project-level cluster, navigate to your project's **Operations > Kubernetes**.
-    - Group-level cluster, navigate to your group's **Kubernetes** page.
+   - Project-level cluster, navigate to your project's **Operations > Kubernetes**.
+   - Group-level cluster, navigate to your group's **Kubernetes** page.
 1. Select your cluster.
 1. If an upgrade is available, the **Upgrade** button is displayed. Click the button to upgrade.
 
@@ -259,8 +259,8 @@ The applications below can be uninstalled.
 To uninstall an application:
 
 1. For a:
-    - Project-level cluster, navigate to your project's **Operations > Kubernetes**.
-    - Group-level cluster, navigate to your group's **Kubernetes** page.
+   - Project-level cluster, navigate to your project's **Operations > Kubernetes**.
+   - Group-level cluster, navigate to your group's **Kubernetes** page.
 1. Select your cluster.
 1. Click the **Uninstall** button for the application.
 
diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md
index 1c6cca049c5..7c80c4b7928 100644
--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -28,39 +28,39 @@ only 1 parent group. It resembles a directory behavior or a nested items list:
 - Group 1
   - Group 1.1
   - Group 1.2
-      - Group 1.2.1
-      - Group 1.2.2
-          - Group 1.2.2.1
+    - Group 1.2.1
+    - Group 1.2.2
+      - Group 1.2.2.1
 
 In a real world example, imagine maintaining a GNU/Linux distribution with the
 first group being the name of the distribution, and subsequent groups split as follows:
 
 - Organization Group - GNU/Linux distro
   - Category Subgroup - Packages
-      - (project) Package01
-      - (project) Package02
+    - (project) Package01
+    - (project) Package02
   - Category Subgroup - Software
-      - (project) Core
-      - (project) CLI
-      - (project) Android app
-      - (project) iOS app
+    - (project) Core
+    - (project) CLI
+    - (project) Android app
+    - (project) iOS app
   - Category Subgroup - Infra tools
-      - (project) Ansible playbooks
+    - (project) Ansible playbooks
 
 Another example of GitLab as a company would be the following:
 
 - Organization Group - GitLab
   - Category Subgroup - Marketing
-      - (project) Design
-      - (project) General
+    - (project) Design
+    - (project) General
   - Category Subgroup - Software
-      - (project) GitLab CE
-      - (project) GitLab EE
-      - (project) Omnibus GitLab
-      - (project) GitLab Runner
-      - (project) GitLab Pages daemon
+    - (project) GitLab CE
+    - (project) GitLab EE
+    - (project) Omnibus GitLab
+    - (project) GitLab Runner
+    - (project) GitLab Pages daemon
   - Category Subgroup - Infra tools
-      - (project) Chef cookbooks
+    - (project) Chef cookbooks
   - Category Subgroup - Executive team
 
 ---
@@ -88,13 +88,13 @@ To create a subgroup:
 1. In the group's dashboard expand the **New project** split button, select
    **New subgroup** and click the **New subgroup** button.
 
-    ![Subgroups page](img/create_subgroup_button.png)
+   ![Subgroups page](img/create_subgroup_button.png)
 
 1. Create a new group like you would normally do. Notice that the parent group
    namespace is fixed under **Group path**. The visibility level can differ from
    the parent group.
 
-    ![Subgroups page](img/create_new_group.png)
+   ![Subgroups page](img/create_new_group.png)
 
 1. Click the **Create group** button and you will be taken to the new group's
    dashboard page.
diff --git a/doc/user/project/badges.md b/doc/user/project/badges.md
index 8849dd2d684..cd3e5f5a63c 100644
--- a/doc/user/project/badges.md
+++ b/doc/user/project/badges.md
@@ -17,10 +17,10 @@ If you find that you have to add the same badges to several projects, you may wa
 
 To add a new badge to a project:
 
-1.  Navigate to your project's **Settings > General > Badges**.
-1.  Under "Link", enter the URL that the badges should point to and under
-    "Badge image URL" the URL of the image that should be displayed.
-1.  Submit the badge by clicking the **Add badge** button.
+1. Navigate to your project's **Settings > General > Badges**.
+1. Under "Link", enter the URL that the badges should point to and under
+   "Badge image URL" the URL of the image that should be displayed.
+1. Submit the badge by clicking the **Add badge** button.
 
 After adding a badge to a project, you can see it in the list below the form.
 You can edit it by clicking on the pen icon next to it or to delete it by
@@ -39,10 +39,10 @@ project, consider adding them on the [project level](#project-badges) or use
 
 To add a new badge to a group:
 
-1.  Navigate to your group's **Settings > General > Badges**.
-1.  Under "Link", enter the URL that the badges should point to and under
-    "Badge image URL" the URL of the image that should be displayed.
-1.  Submit the badge by clicking the **Add badge** button.
+1. Navigate to your group's **Settings > General > Badges**.
+1. Under "Link", enter the URL that the badges should point to and under
+   "Badge image URL" the URL of the image that should be displayed.
+1. Submit the badge by clicking the **Add badge** button.
 
 After adding a badge to a group, you can see it in the list below the form.
 You can edit the badge by clicking on the pen icon next to it or to delete it
diff --git a/doc/user/project/cycle_analytics.md b/doc/user/project/cycle_analytics.md
index 5d36e1d4be3..6707b88c317 100644
--- a/doc/user/project/cycle_analytics.md
+++ b/doc/user/project/cycle_analytics.md
@@ -21,19 +21,19 @@ Analytics** tab.
 There are seven stages that are tracked as part of the Cycle Analytics calculations.
 
 - **Issue** (Tracker)
-    - Time to schedule an issue (by milestone or by adding it to an issue board)
+  - Time to schedule an issue (by milestone or by adding it to an issue board)
 - **Plan** (Board)
-    - Time to first commit
+  - Time to first commit
 - **Code** (IDE)
-    - Time to create a merge request
+  - Time to create a merge request
 - **Test** (CI)
-    - Time it takes GitLab CI/CD to test your code
+  - Time it takes GitLab CI/CD to test your code
 - **Review** (Merge Request/MR)
-    - Time spent on code review
+  - Time spent on code review
 - **Staging** (Continuous Deployment)
-    - Time between merging and deploying to production
+  - Time between merging and deploying to production
 - **Production** (Total)
-    - Total lifecycle time; i.e. the velocity of the project or team
+  - Total lifecycle time; i.e. the velocity of the project or team
 
 ## How the data is measured
 
diff --git a/doc/user/project/import/svn.md b/doc/user/project/import/svn.md
index 7359487e1bf..d175ee87f26 100644
--- a/doc/user/project/import/svn.md
+++ b/doc/user/project/import/svn.md
@@ -9,13 +9,13 @@ between the two, for more information consult your favorite search engine.
 There are two approaches to SVN to Git migration:
 
 1. [Git/SVN Mirror](#smooth-migration-with-a-gitsvn-mirror-using-subgit) which:
-    - Makes the GitLab repository to mirror the SVN project.
-    - Git and SVN repositories are kept in sync; you can use either one.
-    - Smoothens the migration process and allows to manage migration risks.
+   - Makes the GitLab repository to mirror the SVN project.
+   - Git and SVN repositories are kept in sync; you can use either one.
+   - Smoothens the migration process and allows to manage migration risks.
 
 1. [Cut over migration](#cut-over-migration-with-svn2git) which:
-     - Translates and imports the existing data and history from SVN to Git.
-     - Is a fire and forget approach, good for smaller teams.
+   - Translates and imports the existing data and history from SVN to Git.
+   - Is a fire and forget approach, good for smaller teams.
 
 ## Smooth migration with a Git/SVN mirror using SubGit
 
diff --git a/doc/user/project/index.md b/doc/user/project/index.md
index 7307c5b8991..45e96437517 100644
--- a/doc/user/project/index.md
+++ b/doc/user/project/index.md
@@ -66,15 +66,15 @@ When you create a project in GitLab, you'll have access to a large number of
   to automatically set up your app's deployment
   - [Enable and disable GitLab CI](../../ci/enable_or_disable_ci.md)
   - [Pipelines](../../ci/pipelines.md): Configure and visualize
-  your GitLab CI/CD pipelines from the UI
-     - [Scheduled Pipelines](pipelines/schedules.md): Schedule a pipeline
-     to start at a chosen time
-     - [Pipeline Graphs](../../ci/pipelines.md#visualizing-pipelines): View your
-     entire pipeline from the UI
-     - [Job artifacts](pipelines/job_artifacts.md): Define,
-     browse, and download job artifacts
-     - [Pipeline settings](pipelines/settings.md): Set up Git strategy (choose the default way your repository is fetched from GitLab in a job),
-     timeout (defines the maximum amount of time in minutes that a job is able run), custom path for `.gitlab-ci.yml`, test coverage parsing, pipeline's visibility, and much more
+    your GitLab CI/CD pipelines from the UI
+    - [Scheduled Pipelines](pipelines/schedules.md): Schedule a pipeline
+      to start at a chosen time
+    - [Pipeline Graphs](../../ci/pipelines.md#visualizing-pipelines): View your
+      entire pipeline from the UI
+    - [Job artifacts](pipelines/job_artifacts.md): Define,
+      browse, and download job artifacts
+    - [Pipeline settings](pipelines/settings.md): Set up Git strategy (choose the default way your repository is fetched from GitLab in a job),
+      timeout (defines the maximum amount of time in minutes that a job is able run), custom path for `.gitlab-ci.yml`, test coverage parsing, pipeline's visibility, and much more
   - [Kubernetes cluster integration](clusters/index.md): Connecting your GitLab project
     with a Kubernetes cluster
   - [Feature Flags](operations/feature_flags.md): Feature flags allow you to ship a project in
diff --git a/doc/user/project/integrations/mock_ci.md b/doc/user/project/integrations/mock_ci.md
index 1c64b275d6e..886094a6531 100644
--- a/doc/user/project/integrations/mock_ci.md
+++ b/doc/user/project/integrations/mock_ci.md
@@ -5,9 +5,9 @@
 To set up the mock CI service server, respond to the following endpoints
 
 - `commit_status`: `#{project.namespace.path}/#{project.path}/status/#{sha}.json`
-   - Have your service return `200 { status: ['failed'|'canceled'|'running'|'pending'|'success'|'success-with-warnings'|'skipped'|'not_found'] }`
+  - Have your service return `200 { status: ['failed'|'canceled'|'running'|'pending'|'success'|'success-with-warnings'|'skipped'|'not_found'] }`
    - If the service returns a 404, it is interpreted as `pending`
 - `build_page`: `#{project.namespace.path}/#{project.path}/status/#{sha}`
-   - Just where the build is linked to, doesn't matter if implemented
+  - Just where the build is linked to, doesn't matter if implemented
 
 For an example of a mock CI server, see [`gitlab-org/gitlab-mock-ci-service`](https://gitlab.com/gitlab-org/gitlab-mock-ci-service)
diff --git a/doc/user/project/integrations/webhooks.md b/doc/user/project/integrations/webhooks.md
index 30940b65454..84adb9637fc 100644
--- a/doc/user/project/integrations/webhooks.md
+++ b/doc/user/project/integrations/webhooks.md
@@ -58,13 +58,13 @@ Navigate to the webhooks page by going to your project's
 If you are writing your own endpoint (web server) that will receive
 GitLab webhooks keep in mind the following things:
 
--   Your endpoint should send its HTTP response as fast as possible. If
-    you wait too long, GitLab may decide the hook failed and retry it.
--   Your endpoint should ALWAYS return a valid HTTP response. If you do
-    not do this then GitLab will think the hook failed and retry it.
-    Most HTTP libraries take care of this for you automatically but if
-    you are writing a low-level hook this is important to remember.
--   GitLab ignores the HTTP status code returned by your endpoint.
+- Your endpoint should send its HTTP response as fast as possible. If
+  you wait too long, GitLab may decide the hook failed and retry it.
+- Your endpoint should ALWAYS return a valid HTTP response. If you do
+  not do this then GitLab will think the hook failed and retry it.
+  Most HTTP libraries take care of this for you automatically but if
+  you are writing a low-level hook this is important to remember.
+- GitLab ignores the HTTP status code returned by your endpoint.
 
 ## Secret token
 
diff --git a/doc/user/project/issue_board.md b/doc/user/project/issue_board.md
index 422e4b71424..eaca5f8cfb8 100644
--- a/doc/user/project/issue_board.md
+++ b/doc/user/project/issue_board.md
@@ -143,10 +143,10 @@ Create lists for each of your team members and quickly drag-and-drop issues onto
 
 - **Issue Board** - Each board represents a unique view for your issues. It can have multiple lists with each list consisting of issues represented by cards.
 - **List** - A column on the issue board that displays issues matching certain attributes. In addition to the default lists of 'Open' and 'Closed' issue, each additional list will show issues matching your chosen label or assignee. On the top of that list you can see the number of issues that belong to it.
-   - **Label list**: a list based on a label. It shows all opened issues with that label.
-   - **Assignee list**: a list which includes all issues assigned to a user.
-   - **Open** (default): shows all open issues that do not belong to one of the other lists. Always appears as the leftmost list.
-   - **Closed** (default): shows all closed issues. Always appears as the rightmost list.
+  - **Label list**: a list based on a label. It shows all opened issues with that label.
+  - **Assignee list**: a list which includes all issues assigned to a user.
+  - **Open** (default): shows all open issues that do not belong to one of the other lists. Always appears as the leftmost list.
+  - **Closed** (default): shows all closed issues. Always appears as the rightmost list.
 - **Card** - A box in the list that represents an individual issue. The information you can see on a card consists of the issue number, the issue title, the assignee, and the labels associated with the issue. You can drag cards from one list to another to change their label or assignee from that of the source list to that of the destination list.
 
 ## Permissions
diff --git a/doc/user/project/pages/introduction.md b/doc/user/project/pages/introduction.md
index 9451b5349c0..e8984cb8b9f 100644
--- a/doc/user/project/pages/introduction.md
+++ b/doc/user/project/pages/introduction.md
@@ -83,23 +83,23 @@ You can enable Pages access control on your project, so that only
 1. Navigate to your project's **Settings > General > Permissions**.
 1. Toggle the **Pages** button to enable the access control.
 
-    NOTE: **Note:**
-    If you don't see the toggle button, that means that it's not enabled.
-    Ask your administrator to [enable it](../../../administration/pages/index.md#access-control).
+   NOTE: **Note:**
+   If you don't see the toggle button, that means that it's not enabled.
+   Ask your administrator to [enable it](../../../administration/pages/index.md#access-control).
 
 1. The Pages access control dropdown allows you to set who can view pages hosted
    with GitLab Pages, depending on your project's visibility:
 
-    - If your project is private:
-      - **Only project members**: Only project members will be able to browse the website.
-      - **Everyone**: Everyone, both logged into and logged out of GitLab, will be able to browse the website, no matter their project membership.
-    - If your project is internal:
-      - **Only project members**: Only project members will be able to browse the website.
-      - **Everyone with access**: Everyone logged into GitLab will be able to browse the website, no matter their project membership.
-      - **Everyone**: Everyone, both logged into and logged out of GitLab, will be able to browse the website, no matter their project membership.
-    - If your project is public:
-      - **Only project members**: Only project members will be able to browse the website.
-      - **Everyone with access**: Everyone, both logged into and logged out of GitLab, will be able to browse the website, no matter their project membership.
+   - If your project is private:
+     - **Only project members**: Only project members will be able to browse the website.
+     - **Everyone**: Everyone, both logged into and logged out of GitLab, will be able to browse the website, no matter their project membership.
+   - If your project is internal:
+     - **Only project members**: Only project members will be able to browse the website.
+     - **Everyone with access**: Everyone logged into GitLab will be able to browse the website, no matter their project membership.
+     - **Everyone**: Everyone, both logged into and logged out of GitLab, will be able to browse the website, no matter their project membership.
+   - If your project is public:
+     - **Only project members**: Only project members will be able to browse the website.
+     - **Everyone with access**: Everyone, both logged into and logged out of GitLab, will be able to browse the website, no matter their project membership.
 
 1. Click **Save changes**.
 
diff --git a/doc/user/search/advanced_search_syntax.md b/doc/user/search/advanced_search_syntax.md
index ad9f065b19b..c3d22e4fd29 100644
--- a/doc/user/search/advanced_search_syntax.md
+++ b/doc/user/search/advanced_search_syntax.md
@@ -50,9 +50,9 @@ here's a quick guide:
 
 The Advanced Syntax Search also supports the use of filters. The available filters are:
 
- - filename: Filters by filename. You can use the glob (`*`) operator for fuzzy matching.
- - path: Filters by path. You can use the glob (`*`) operator for fuzzy matching.
- - extension: Filters by extension in the filename. Please write the extension without a leading dot. Exact match only.
+- filename: Filters by filename. You can use the glob (`*`) operator for fuzzy matching.
+- path: Filters by path. You can use the glob (`*`) operator for fuzzy matching.
+- extension: Filters by extension in the filename. Please write the extension without a leading dot. Exact match only.
 
 To use them, simply add them to your query in the format `<filter_name>:<value>` without
  any spaces between the colon (`:`) and the value.
diff --git a/doc/user/search/index.md b/doc/user/search/index.md
index c34b9ae3d7e..8d7b4a429aa 100644
--- a/doc/user/search/index.md
+++ b/doc/user/search/index.md
@@ -55,12 +55,12 @@ Selecting **Any** does the opposite. It returns results that have a non-empty va
 You can filter issues and merge requests by specific terms included in titles or descriptions.
 
 - Syntax
-    - Searches look for all the words in a query, in any order. E.g.: searching
-      issues for `display bug` will return all issues matching both those words, in any order.
-    - To find the exact term, use double quotes: `"display bug"`
+  - Searches look for all the words in a query, in any order. E.g.: searching
+    issues for `display bug` will return all issues matching both those words, in any order.
+  - To find the exact term, use double quotes: `"display bug"`
 - Limitation
-    - For performance reasons, terms shorter than 3 chars are ignored. E.g.: searching
-      issues for `included in titles` is same as `included titles`
+  - For performance reasons, terms shorter than 3 chars are ignored. E.g.: searching
+    issues for `included in titles` is same as `included titles`
 
 ![filter issues by specific terms](img/issue_search_by_term.png)
 
diff --git a/doc/workflow/forking_workflow.md b/doc/workflow/forking_workflow.md
index 02be0ad191d..869a0a621c3 100644
--- a/doc/workflow/forking_workflow.md
+++ b/doc/workflow/forking_workflow.md
@@ -10,31 +10,25 @@ document more information about using branches to work together.
 
 Forking a project is in most cases a two-step process.
 
-1.  Click on the fork button located in the middle of the page or a project's
-    home page right next to the stars button.
+1. Click on the fork button located in the middle of the page or a project's
+   home page right next to the stars button.
 
-    ![Fork button](img/forking_workflow_fork_button.png)
+   ![Fork button](img/forking_workflow_fork_button.png)
 
-    ---
+1. Once you do that, you'll be presented with a screen where you can choose
+   the namespace to fork to. Only namespaces (groups and your own
+   namespace) where you have write access to, will be shown. Click on the
+   namespace to create your fork there.
 
-1.  Once you do that, you'll be presented with a screen where you can choose
-    the namespace to fork to. Only namespaces (groups and your own
-    namespace) where you have write access to, will be shown. Click on the
-    namespace to create your fork there.
+   ![Choose namespace](img/forking_workflow_choose_namespace.png)
 
-    ![Choose namespace](img/forking_workflow_choose_namespace.png)
+   **Note:**
+   If the namespace you chose to fork the project to has another project with
+   the same path name, you will be presented with a warning that the forking
+   could not be completed. Try to resolve the error and repeat the forking
+   process.
 
-    ---
-
-    **Note:**
-    If the namespace you chose to fork the project to has another project with
-    the same path name, you will be presented with a warning that the forking
-    could not be completed. Try to resolve the error and repeat the forking
-    process.
-
-    ![Path taken error](img/forking_workflow_path_taken_error.png)
-
-    ---
+   ![Path taken error](img/forking_workflow_path_taken_error.png)
 
 After the forking is done, you can start working on the newly created
 repository. There, you will have full [Owner](../user/permissions.md)
diff --git a/doc/workflow/repository_mirroring.md b/doc/workflow/repository_mirroring.md
index 87ca46e94be..0b8e7d851b0 100644
--- a/doc/workflow/repository_mirroring.md
+++ b/doc/workflow/repository_mirroring.md
@@ -92,9 +92,9 @@ The repository will push soon. To force a push, click the appropriate button.
 
 1. On the destination GitLab instance, create a [personal access token](../user/profile/personal_access_tokens.md) with `API` scope.
 1. On the source GitLab instance:
-    1. Fill in the **Git repository URL** field using this format: `https://oauth2@<destination host>/<your_gitlab_group_or_name>/<your_gitlab_project>.git`.
-    1. Fill in **Password** field with the GitLab personal access token created on the destination GitLab instance.
-    1. Click the **Mirror repository** button.
+   1. Fill in the **Git repository URL** field using this format: `https://oauth2@<destination host>/<your_gitlab_group_or_name>/<your_gitlab_project>.git`.
+   1. Fill in **Password** field with the GitLab personal access token created on the destination GitLab instance.
+   1. Click the **Mirror repository** button.
 
 ## Pulling from a remote repository **(STARTER)**
 
@@ -118,9 +118,9 @@ To configure mirror pulling for an existing project:
 1. Select **Pull** from the **Mirror direction** dropdown.
 1. Select an authentication method from the **Authentication method** dropdown, if necessary.
 1. If necessary, check the following boxes:
-    - **Overwrite diverged branches**.
-    - **Trigger pipelines for mirror updates**.
-    - **Only mirror protected branches**.
+   - **Overwrite diverged branches**.
+   - **Trigger pipelines for mirror updates**.
+   - **Only mirror protected branches**.
 1. Click the **Mirror repository** button to save the configuration.
 
 ![Repository mirroring pull settings screen - upper part](img/repository_mirroring_pull_settings_upper.png)
-- 
cgit v1.2.1


From 917f9b4da0587d288c71143800cbeb8baa2dcb6e Mon Sep 17 00:00:00 2001
From: Achilleas Pipinellis <axil@gitlab.com>
Date: Mon, 22 Jul 2019 02:25:01 +0000
Subject: Document all the available options for SAST

Port all info from:

- security-products/sast/blob/master/docs/README.md
- security-products/sast/blob/master/docs/analyzers.md
---
 doc/user/application_security/sast/analyzers.md | 143 ++++++++++++++++++++++++
 doc/user/application_security/sast/index.md     |  52 +++++++++
 2 files changed, 195 insertions(+)
 create mode 100644 doc/user/application_security/sast/analyzers.md

diff --git a/doc/user/application_security/sast/analyzers.md b/doc/user/application_security/sast/analyzers.md
new file mode 100644
index 00000000000..59835aeba01
--- /dev/null
+++ b/doc/user/application_security/sast/analyzers.md
@@ -0,0 +1,143 @@
+---
+table_display_block: true
+---
+
+# SAST Analyzers **(ULTIMATE)**
+
+SAST relies on underlying third party tools that are wrapped into what we call
+"Analyzers". An analyzer is a
+[dedicated project](https://gitlab.com/gitlab-org/security-products/analyzers)
+that wraps a particular tool to:
+
+- Expose its detection logic.
+- Handle its execution.
+- Convert its output to the common format.
+
+This is achieved by implementing the [common API](https://gitlab.com/gitlab-org/security-products/analyzers/common).
+
+SAST supports the following official analyzers:
+
+- [Bandit](https://gitlab.com/gitlab-org/security-products/analyzers/bandit)
+- [Brakeman](https://gitlab.com/gitlab-org/security-products/analyzers/brakeman)
+- [ESLint (Javascript)](https://gitlab.com/gitlab-org/security-products/analyzers/eslint)
+- [SpotBugs with the Find Sec Bugs plugin (Ant, Gradle and wrapper, Grails, Maven and wrapper, SBT)](https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs)
+- [Flawfinder](https://gitlab.com/gitlab-org/security-products/analyzers/flawfinder)
+- [Gosec](https://gitlab.com/gitlab-org/security-products/analyzers/gosec)
+- [NodeJsScan](https://gitlab.com/gitlab-org/security-products/analyzers/nodejs-scan)
+- [PHP CS security-audit](https://gitlab.com/gitlab-org/security-products/analyzers/phpcs-security-audit)
+- [Secrets (Gitleaks, TruffleHog & Diffence secret detectors)](https://gitlab.com/gitlab-org/security-products/analyzers/secrets)
+- [Security Code Scan (.NET)](https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan)
+- [TSLint (Typescript)](https://gitlab.com/gitlab-org/security-products/analyzers/tslint)
+- [Sobelow (Elixir Phoenix)](https://gitlab.com/gitlab-org/security-products/analyzers/sobelow)
+
+The analyzers are published as Docker images that SAST will use to launch
+dedicated containers for each analysis.
+
+SAST is pre-configured with a set of **default images** that are maintained by
+GitLab, but users can also integrate their own **custom images**.
+
+## Official default analyzers
+
+Any custom change to the official analyzers can be achieved by using an
+[environment variable in your `.gitlab-ci.yml`](index.md#customizing-the-sast-settings).
+
+### Using a custom Docker mirror
+
+You can switch to a custom Docker registry that provides the official analyzer
+images under a different prefix. For instance, the following instructs
+SAST to pull `my-docker-registry/gl-images/bandit`
+instead of `registry.gitlab.com/gitlab-org/security-products/analyzers/bandit`.
+In `.gitlab-ci.yml` define:
+
+```yaml
+include:
+  template: SAST.gitlab-ci.yml
+
+variables:
+  SAST_ANALYZER_IMAGE_PREFIX: my-docker-registry/gl-images
+```
+
+This configuration requires that your custom registry provides images for all
+the official analyzers.
+
+### Selecting specific analyzers
+
+You can select the official analyzers you want to run. Here's how to enable
+`bandit` and `flawfinder` while disabling all the other default ones.
+In `.gitlab-ci.yml` define:
+
+```yaml
+include:
+  template: SAST.gitlab-ci.yml
+
+variables:
+  SAST_DEFAULT_ANALYZERS: "bandit,flawfinder"
+```
+
+`bandit` runs first. When merging the reports, SAST will
+remove the duplicates and will keep the `bandit` entries.
+
+### Disabling default analyzers
+
+Setting `SAST_DEFAULT_ANALYZERS` to an empty string will disable all the official
+default analyzers. In `.gitlab-ci.yml` define:
+
+```yaml
+include:
+  template: SAST.gitlab-ci.yml
+
+variables:
+  SAST_DEFAULT_ANALYZERS: ""
+```
+
+That's needed when one totally relies on [custom analyzers](#custom-analyzers).
+
+## Custom Analyzers
+
+You can provide your own analyzers as a comma separated list of Docker images.
+Here's how to add `analyzers/csharp` and `analyzers/perl` to the default images:
+In `.gitlab-ci.yml` define:
+
+```yaml
+include:
+  template: SAST.gitlab-ci.yml
+
+variables:
+  SAST_ANALYZER_IMAGES: "my-docker-registry/analyzers/csharp,amy-docker-registry/analyzers/perl"
+```
+
+The values must be the full path to the container registry images,
+like what you would feed to the `docker pull` command.
+
+NOTE: **Note:**
+This configuration doesn't benefit from the integrated detection step.
+SAST has to fetch and spawn each Docker image to establish whether the
+custom analyzer can scan the source code.
+
+## Analyzers Data
+
+| Property \ Tool                         | Bandit               | Brakeman             | ESLint security      | Find Sec Bugs        | Flawfinder           | Go AST Scanner       | NodeJsScan           | Php CS Security Audit   | Security code Scan (.NET)   | TSLint Security    | Sobelow            |
+| --------------------------------------- | :------------------: | :------------------: | :------------------: | :------------------: | :------------------: | :------------------: | :------------------: | :---------------------: | :-------------------------: | :-------------:    | :----------------: |
+| Severity                                | ✓   | 𐄂                  | 𐄂                  | ✓   | 𐄂                  | ✓   | 𐄂                  | ✓      | 𐄂                         | ✓ | 𐄂                |
+| Title                                   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓      | ✓          | ✓ | ✓ |
+| Description                             | 𐄂                  | 𐄂                  | ✓   | ✓   | 𐄂                  | 𐄂                  | ✓   | 𐄂                     | 𐄂                         | ✓ | ✓ |
+| File                                    | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓      | ✓          | ✓ | ✓ |
+| Start line                              | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓      | ✓          | ✓ | ✓ |
+| End line                                | ✓   | 𐄂                  | ✓   | ✓   | 𐄂                  | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | ✓ | 𐄂                |
+| Start column                            | 𐄂                  | 𐄂                  | ✓   | ✓   | ✓   | ✓   | 𐄂                  | ✓      | ✓          | ✓ | 𐄂                |
+| End column                              | 𐄂                  | 𐄂                  | ✓   | ✓   | 𐄂                  | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | ✓ | 𐄂                |
+| External id (e.g. CVE)                  | 𐄂                  | ⚠            | 𐄂                  | ⚠            | ✓   | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | 𐄂                |
+| URLs                                    | 𐄂                  | ✓   | 𐄂                  | ⚠            | 𐄂                  | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | 𐄂                |
+| Internal doc/explanation                | ⚠            | ✓   | 𐄂                  | ✓   | 𐄂                  | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | ✓ |
+| Solution                                | 𐄂                  | 𐄂                  | 𐄂                  | ⚠            | ✓   | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | 𐄂                |
+| Confidence                              | ✓   | ✓   | 𐄂                  | ✓   | ✓   | ✓   | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | ✓ |
+| Affected item (e.g. class or package)   | 𐄂                  | ✓   | 𐄂                  | ✓   | ✓   | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | 𐄂                |
+| Source code extract                     | ✓   | ✓   | ✓   | 𐄂                  | ✓   | ✓   | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | 𐄂                |
+| Internal ID                             | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | 𐄂                  | ✓      | ✓          | ✓ | ✓ |
+
+- ✓ => we have that data
+- ⚠ => we have that data but it's partially reliable, or we need to extract it from unstructured content
+- 𐄂 => we don't have that data or it would need to develop specific or inefficient/unreliable logic to obtain it.
+
+The values provided by these tools are heterogeneous so they are sometimes
+normalized into common values (e.g., `severity`, `confidence`, etc).
diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md
index 1f9fd9d4e18..7df86eedd18 100644
--- a/doc/user/application_security/sast/index.md
+++ b/doc/user/application_security/sast/index.md
@@ -135,6 +135,58 @@ sast:
     CI_DEBUG_TRACE: "true"
 ```
 
+### Available variables
+
+SAST can be [configured](#customizing-the-sast-settings) using environment variables.
+
+#### Docker images
+
+The following are Docker image-related variables.
+
+| Environment variable          | Description                                                                    |
+|-------------------------------|--------------------------------------------------------------------------------|
+| `SAST_ANALYZER_IMAGES`        | Comma separated list of custom images. Default images are still enabled. Read more about [customizing analyzers](analyzers.md).       |
+| `SAST_ANALYZER_IMAGE_PREFIX`  | Override the name of the Docker registry providing the default images (proxy). Read more about [customizing analyzers](analyzers.md). |
+| `SAST_ANALYZER_IMAGE_TAG`     | Override the Docker tag of the default images. Read more about [customizing analyzers](analyzers.md).                                 |
+| `SAST_DEFAULT_ANALYZERS`      | Override the names of default images. Read more about [customizing analyzers](analyzers.md).                                          |
+| `SAST_PULL_ANALYZER_IMAGES`   | Pull the images from the Docker registry (set to 0 to disable). Read more about [customizing analyzers](analyzers.md).                 |
+
+### Vulnerability filters
+
+Some analyzers make it possible to filter out vulnerabilities under a given threshold.
+
+| `SAST_BANDIT_EXCLUDED_PATHS`  | -   | comma-separated list of paths to exclude from scan. Uses Python's [`fnmatch` syntax](https://docs.python.org/2/library/fnmatch.html) |
+| `SAST_BRAKEMAN_LEVEL`   |         1 | Ignore Brakeman vulnerabilities under given confidence level. Integer, 1=Low 3=High. |
+| `SAST_FLAWFINDER_LEVEL` |         1 | Ignore Flawfinder vulnerabilities under given risk level. Integer, 0=No risk, 5=High risk. |
+| `SAST_GITLEAKS_ENTROPY_LEVEL` | 8.0 | Minimum entropy for secret detection. Float, 0.0 = low, 8.0 = high. |
+| `SAST_GOSEC_LEVEL`      |         0 | Ignore gosec vulnerabilities under given confidence level. Integer, 0=Undefined, 1=Low, 1=Medium, 3=High. |
+| `SAST_EXCLUDED_PATHS`   |   -        | Exclude vulnerabilities from output based on the paths. This is a comma-separated list of patterns. Patterns can be globs, file or folder paths. Parent directories will also match patterns. |
+
+### Timeouts
+
+The following variables configure timeouts.
+
+| `SAST_DOCKER_CLIENT_NEGOTIATION_TIMEOUT` |      2m | Time limit for Docker client negotiation. Timeouts are parsed using Go's [`ParseDuration`](https://golang.org/pkg/time/#ParseDuration). Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". For example, "300ms", "1.5h" or "2h45m". |
+| `SAST_PULL_ANALYZER_IMAGE_TIMEOUT`       |      5m | Time limit when pulling the image of an analyzer. Timeouts are parsed using Go's [`ParseDuration`](https://golang.org/pkg/time/#ParseDuration). Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". For example, "300ms", "1.5h" or "2h45m". |
+| `SAST_RUN_ANALYZER_TIMEOUT`              |     20m | Time limit when running an analyzer. Timeouts are parsed using Go's [`ParseDuration`](https://golang.org/pkg/time/#ParseDuration). Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". For example, "300ms", "1.5h" or "2h45m".|
+
+### Analyzer settings
+
+Some analyzers can be customized with environment variables.
+
+| Environment variable    | Analyzer | Description |
+|-------------------------|----------|----------|
+| `ANT_HOME`              | spotbugs | The `ANT_HOME` environment variable. |
+| `ANT_PATH`              | spotbugs | Path to the `ant` executable. |
+| `GRADLE_PATH`           | spotbugs | Path to the `gradle` executable. |
+| `JAVA_OPTS`             | spotbugs | Additional arguments for the `java` executable. |
+| `JAVA_PATH`             | spotbugs | Path to the `java` executable. |
+| `MAVEN_CLI_OPTS`        | spotbugs | Additional arguments for the `mvn` or `mvnw` executable. |
+| `MAVEN_PATH`            | spotbugs | Path to the `mvn` executable. |
+| `MAVEN_REPO_PATH`       | spotbugs | Path to the Maven local repository (shortcut for the `maven.repo.local` property). |
+| `SBT_PATH`              | spotbugs | Path to the `sbt` executable. |
+| `FAIL_NEVER`            | spotbugs | Set to `1` to ignore compilation failure. |
+
 ## Reports JSON format
 
 CAUTION: **Caution:**
-- 
cgit v1.2.1


From 4d790f8eb6401c0cdb4830dd80807cb10ddbb167 Mon Sep 17 00:00:00 2001
From: Matt Penna <mpenna@gitlab.com>
Date: Mon, 22 Jul 2019 03:39:57 +0000
Subject: Documentation for email confirmation signup restriction

---
 .../admin_area/settings/img/email_confirmation.png | Bin 0 -> 14260 bytes
 .../admin_area/settings/sign_up_restrictions.md    |  23 ++++++++++++++-------
 2 files changed, 16 insertions(+), 7 deletions(-)
 create mode 100644 doc/user/admin_area/settings/img/email_confirmation.png

diff --git a/doc/user/admin_area/settings/img/email_confirmation.png b/doc/user/admin_area/settings/img/email_confirmation.png
new file mode 100644
index 00000000000..4d888da3416
Binary files /dev/null and b/doc/user/admin_area/settings/img/email_confirmation.png differ
diff --git a/doc/user/admin_area/settings/sign_up_restrictions.md b/doc/user/admin_area/settings/sign_up_restrictions.md
index d77e91156f8..1b1bcbcd6e8 100644
--- a/doc/user/admin_area/settings/sign_up_restrictions.md
+++ b/doc/user/admin_area/settings/sign_up_restrictions.md
@@ -4,19 +4,26 @@ type: reference
 
 # Sign-up restrictions
 
-By implementing sign-up restrictions, you can blacklist or whitelist email addresses
-belonging to specific domains.
+You can use sign-up restrictions to require user email confirmation, as well as
+to blacklist or whitelist email addresses belonging to specific domains.
 
 >**Note**: These restrictions are only applied during sign-up. An admin is
 able to add a user through the admin panel with a disallowed domain. Also
 note that the users can change their email addresses after signup to
 disallowed domains.
 
+## Require email confirmation
+
+You can send confirmation emails during sign-up and require that users confirm
+their email address before they are allowed to sign in.
+
+![Email confirmation](img/email_confirmation.png)
+
 ## Whitelist email domains
 
 > [Introduced][ce-598] in GitLab 7.11.0
 
-You can restrict users to only signup using email addresses matching the given
+You can restrict users to only sign up using email addresses matching the given
 domains list.
 
 ## Blacklist email domains
@@ -24,7 +31,9 @@ domains list.
 > [Introduced][ce-5259] in GitLab 8.10.
 
 With this feature enabled, you can block email addresses of a specific domain
-from creating an account on your GitLab server. This is particularly useful to prevent spam. Disposable email addresses are usually used by malicious users to create dummy accounts and spam issues.
+from creating an account on your GitLab server. This is particularly useful
+to prevent malicious users from creating spam accounts with disposable email
+addresses.
 
 ## Settings
 
@@ -33,10 +42,10 @@ To access this feature:
 1. Navigate to the **Settings > General** in the Admin area.
 1. Expand the **Sign-up restrictions** section.
 
-For the:
+For the blacklist, you can enter the list manually or upload a `.txt` file that
+contains list entries.
 
-- Blacklist, you can enter the list manually, or upload a `.txt` file with it. 
-- Whitelist you must enter the list manually.
+For the whitelist, you must enter the list manually.
 
 Both the whitelist and blacklist accept wildcards. For example, you can use
 `*.company.com` to accept every `company.com` subdomain, or `*.io` to block all
-- 
cgit v1.2.1


From 866bef8059591db9a17db71d66a1321b0ca25153 Mon Sep 17 00:00:00 2001
From: Patrick Bajao <ebajao@gitlab.com>
Date: Mon, 22 Jul 2019 13:25:24 +0800
Subject: Fix suggestion on lines that are not part of an MR

Return the `text` as plain string in the response instead of
including HTML tags but keep `rich_text` as is.

The fix is to modify `Blob::UnfoldPresenter#diff_files` to map
each raw diff line (limited by the range specified) to a
corresponding line in an array of highlighted lines to use as
`rich_text`.
---
 app/presenters/blob_presenter.rb                   |  8 +++++-
 app/presenters/blobs/unfold_presenter.rb           | 30 +++++++++++++++-------
 .../57953-fix-unfolded-diff-suggestions.yml        |  5 ++++
 spec/presenters/blobs/unfold_presenter_spec.rb     |  6 +++--
 4 files changed, 37 insertions(+), 12 deletions(-)
 create mode 100644 changelogs/unreleased/57953-fix-unfolded-diff-suggestions.yml

diff --git a/app/presenters/blob_presenter.rb b/app/presenters/blob_presenter.rb
index 91c9abe750b..2cf3278d240 100644
--- a/app/presenters/blob_presenter.rb
+++ b/app/presenters/blob_presenter.rb
@@ -4,7 +4,7 @@ class BlobPresenter < Gitlab::View::Presenter::Delegated
   presents :blob
 
   def highlight(plain: nil)
-    blob.load_all_data! if blob.respond_to?(:load_all_data!)
+    load_all_blob_data
 
     Gitlab::Highlight.highlight(
       blob.path,
@@ -17,4 +17,10 @@ class BlobPresenter < Gitlab::View::Presenter::Delegated
   def web_url
     Gitlab::Routing.url_helpers.project_blob_url(blob.repository.project, File.join(blob.commit_id, blob.path))
   end
+
+  private
+
+  def load_all_blob_data
+    blob.load_all_data! if blob.respond_to?(:load_all_data!)
+  end
 end
diff --git a/app/presenters/blobs/unfold_presenter.rb b/app/presenters/blobs/unfold_presenter.rb
index 7b13db3bb74..21a1e1309e0 100644
--- a/app/presenters/blobs/unfold_presenter.rb
+++ b/app/presenters/blobs/unfold_presenter.rb
@@ -16,8 +16,12 @@ module Blobs
     attribute :indent, Integer, default: 0
 
     def initialize(blob, params)
+      # Load all blob data first as we need to ensure they're all loaded first
+      # so we can accurately show the rest of the diff when unfolding.
+      load_all_blob_data
+
       @subject = blob
-      @all_lines = highlight.lines
+      @all_lines = blob.data.lines
       super(params)
 
       if full?
@@ -25,10 +29,12 @@ module Blobs
       end
     end
 
-    # Converts a String array to Gitlab::Diff::Line array, with match line added
+    # Returns an array of Gitlab::Diff::Line with match line added
     def diff_lines
-      diff_lines = lines.map do |line|
-        Gitlab::Diff::Line.new(line, nil, nil, nil, nil, rich_text: line)
+      diff_lines = lines.map.with_index do |line, index|
+        full_line = limited_blob_lines[index].delete("\n")
+
+        Gitlab::Diff::Line.new(full_line, nil, nil, nil, nil, rich_text: line)
       end
 
       add_match_line(diff_lines)
@@ -37,11 +43,7 @@ module Blobs
     end
 
     def lines
-      strong_memoize(:lines) do
-        lines = @all_lines
-        lines = lines[since - 1..to - 1] unless full?
-        lines.map(&:html_safe)
-      end
+      @lines ||= limit(highlight.lines).map(&:html_safe)
     end
 
     def match_line_text
@@ -71,5 +73,15 @@ module Blobs
 
       bottom? ? diff_lines.push(match_line) : diff_lines.unshift(match_line)
     end
+
+    def limited_blob_lines
+      @limited_blob_lines ||= limit(@all_lines)
+    end
+
+    def limit(lines)
+      return lines if full?
+
+      lines[since - 1..to - 1]
+    end
   end
 end
diff --git a/changelogs/unreleased/57953-fix-unfolded-diff-suggestions.yml b/changelogs/unreleased/57953-fix-unfolded-diff-suggestions.yml
new file mode 100644
index 00000000000..f634c0cd98a
--- /dev/null
+++ b/changelogs/unreleased/57953-fix-unfolded-diff-suggestions.yml
@@ -0,0 +1,5 @@
+---
+title: Fix suggestion on lines that are not part of an MR
+merge_request: 30606
+author:
+type: fixed
diff --git a/spec/presenters/blobs/unfold_presenter_spec.rb b/spec/presenters/blobs/unfold_presenter_spec.rb
index 7ece5f623ce..1534c572b30 100644
--- a/spec/presenters/blobs/unfold_presenter_spec.rb
+++ b/spec/presenters/blobs/unfold_presenter_spec.rb
@@ -54,8 +54,10 @@ describe Blobs::UnfoldPresenter do
         expect(lines.size).to eq(total_lines)
 
         lines.each.with_index do |line, index|
-          expect(line.text).to include("LC#{index + 1}")
-          expect(line.text).to eq(line.rich_text)
+          line_number = index + 1
+
+          expect(line.text).to eq(line_number.to_s)
+          expect(line.rich_text).to include("LC#{line_number}")
           expect(line.type).to be_nil
         end
       end
-- 
cgit v1.2.1


From 589d1797d8dfdced2c6257597264bce0e2072c35 Mon Sep 17 00:00:00 2001
From: Heinrich Lee Yu <heinrich@gitlab.com>
Date: Fri, 19 Jul 2019 00:44:24 +0800
Subject: Handle trailing slashes when generating Jira URLs

Applies to issues_url and new_issue_url
---
 app/models/project_services/jira_service.rb        |  8 +++++++-
 .../unreleased/63833-fix-jira-issues-url.yml       |  5 +++++
 spec/models/project_services/jira_service_spec.rb  | 24 +++++++++++++++++++++-
 3 files changed, 35 insertions(+), 2 deletions(-)
 create mode 100644 changelogs/unreleased/63833-fix-jira-issues-url.yml

diff --git a/app/models/project_services/jira_service.rb b/app/models/project_services/jira_service.rb
index e571700fd02..7ab79242cc3 100644
--- a/app/models/project_services/jira_service.rb
+++ b/app/models/project_services/jira_service.rb
@@ -54,7 +54,7 @@ class JiraService < IssueTrackerService
       username: self.username,
       password: self.password,
       site: URI.join(url, '/').to_s, # Intended to find the root
-      context_path: url.path.chomp('/'),
+      context_path: url.path,
       auth_type: :basic,
       read_timeout: 120,
       use_cookies: true,
@@ -103,6 +103,12 @@ class JiraService < IssueTrackerService
     "#{url}/secure/CreateIssue.jspa"
   end
 
+  alias_method :original_url, :url
+
+  def url
+    original_url&.chomp('/')
+  end
+
   def execute(push)
     # This method is a no-op, because currently JiraService does not
     # support any events.
diff --git a/changelogs/unreleased/63833-fix-jira-issues-url.yml b/changelogs/unreleased/63833-fix-jira-issues-url.yml
new file mode 100644
index 00000000000..24d6bca3842
--- /dev/null
+++ b/changelogs/unreleased/63833-fix-jira-issues-url.yml
@@ -0,0 +1,5 @@
+---
+title: Handle trailing slashes when generating Jira issue URLs
+merge_request: 30911
+author:
+type: fixed
diff --git a/spec/models/project_services/jira_service_spec.rb b/spec/models/project_services/jira_service_spec.rb
index 235cf314af5..02060699e9a 100644
--- a/spec/models/project_services/jira_service_spec.rb
+++ b/spec/models/project_services/jira_service_spec.rb
@@ -236,7 +236,7 @@ describe JiraService do
         allow(JIRA::Resource::Remotelink).to receive(:all).and_return(nil)
 
         expect { @jira_service.close_issue(resource, ExternalIssue.new('JIRA-123', project)) }
-            .not_to raise_error(NoMethodError)
+            .not_to raise_error
       end
 
       # Check https://developer.atlassian.com/jiradev/jira-platform/guides/other/guide-jira-remote-issue-links/fields-in-remote-issue-links
@@ -606,6 +606,12 @@ describe JiraService do
         expect(service.properties['api_url']).to eq('http://jira.sample/api')
       end
     end
+
+    it 'removes trailing slashes from url' do
+      service = described_class.new(url: 'http://jira.test.com/path/')
+
+      expect(service.url).to eq('http://jira.test.com/path')
+    end
   end
 
   describe 'favicon urls', :request_store do
@@ -621,4 +627,20 @@ describe JiraService do
       expect(props[:object][:icon][:url16x16]).to match %r{^http://localhost/uploads/-/system/appearance/favicon/\d+/dk.png$}
     end
   end
+
+  context 'generating external URLs' do
+    let(:service) { described_class.new(url: 'http://jira.test.com/path/') }
+
+    describe '#issues_url' do
+      it 'handles trailing slashes' do
+        expect(service.issues_url).to eq('http://jira.test.com/path/browse/:id')
+      end
+    end
+
+    describe '#new_issue_url' do
+      it 'handles trailing slashes' do
+        expect(service.new_issue_url).to eq('http://jira.test.com/path/secure/CreateIssue.jspa')
+      end
+    end
+  end
 end
-- 
cgit v1.2.1


From f6bfd51deaf1b13f850536be7b2ddee17b1e3a7d Mon Sep 17 00:00:00 2001
From: Tiger <twatson@gitlab.com>
Date: Mon, 22 Jul 2019 15:44:28 +1000
Subject: Remove ignore rule for ProjectAutoDevops#domain

---
 app/models/project_auto_devops.rb       | 4 ----
 spec/models/project_auto_devops_spec.rb | 2 +-
 2 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/app/models/project_auto_devops.rb b/app/models/project_auto_devops.rb
index f39f54f0434..e11d0c48b4b 100644
--- a/app/models/project_auto_devops.rb
+++ b/app/models/project_auto_devops.rb
@@ -1,10 +1,6 @@
 # frozen_string_literal: true
 
 class ProjectAutoDevops < ApplicationRecord
-  include IgnorableColumn
-
-  ignore_column :domain
-
   belongs_to :project, inverse_of: :auto_devops
 
   enum deploy_strategy: {
diff --git a/spec/models/project_auto_devops_spec.rb b/spec/models/project_auto_devops_spec.rb
index 7bdd2367a68..da9e56ef897 100644
--- a/spec/models/project_auto_devops_spec.rb
+++ b/spec/models/project_auto_devops_spec.rb
@@ -15,7 +15,7 @@ describe ProjectAutoDevops do
   it { is_expected.to respond_to(:updated_at) }
 
   describe '#predefined_variables' do
-    let(:auto_devops) { build_stubbed(:project_auto_devops, project: project, domain: domain) }
+    let(:auto_devops) { build_stubbed(:project_auto_devops, project: project) }
 
     context 'when deploy_strategy is manual' do
       let(:auto_devops) { build_stubbed(:project_auto_devops, :manual_deployment, project: project) }
-- 
cgit v1.2.1


From d0a60a7525459c13b5d0bd125bfdf518baa6c3be Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Mon, 22 Jul 2019 06:03:12 +0000
Subject: Add info about mdl to documentation

---
 doc/development/documentation/index.md      | 43 +++++++++++++++++------------
 doc/development/documentation/styleguide.md | 16 +++++++++++
 2 files changed, 41 insertions(+), 18 deletions(-)

diff --git a/doc/development/documentation/index.md b/doc/development/documentation/index.md
index 36a2f47a55b..8ce855594df 100644
--- a/doc/development/documentation/index.md
+++ b/doc/development/documentation/index.md
@@ -488,15 +488,17 @@ Currently, the following tests are in place:
    that all cURL examples in API docs use the full switches. It's recommended
    to [check locally](#previewing-the-changes-live) before pushing to GitLab by executing the command
    `bundle exec nanoc check internal_links` on your local
-   [`gitlab-docs`](https://gitlab.com/gitlab-org/gitlab-docs) directory.
+   [`gitlab-docs`](https://gitlab.com/gitlab-org/gitlab-docs) directory. In addition,
+   `docs-lint` also runs [markdownlint](styleguide.md#markdown-rules) to ensure the
+   markdown is consistent across all documentation.
 1. [`ee_compat_check`](../automatic_ce_ee_merge.md#avoiding-ce-ee-merge-conflicts-beforehand) (runs on CE only):
-    When you submit a merge request to GitLab Community Edition (CE),
-    there is this additional job that runs against Enterprise Edition (EE)
-    and checks if your changes can apply cleanly to the EE codebase.
-    If that job fails, read the instructions in the job log for what to do next.
-    As CE is merged into EE once a day, it's important to avoid merge conflicts.
-    Submitting an EE-equivalent merge request cherry-picking all commits from CE to EE is
-    essential to avoid them.
+   When you submit a merge request to GitLab Community Edition (CE),
+   there is this additional job that runs against Enterprise Edition (EE)
+   and checks if your changes can apply cleanly to the EE codebase.
+   If that job fails, read the instructions in the job log for what to do next.
+   As CE is merged into EE once a day, it's important to avoid merge conflicts.
+   Submitting an EE-equivalent merge request cherry-picking all commits from CE to EE is
+   essential to avoid them.
 1. [`ee-files-location-check`/`ee-specific-lines-check`](#ee-specific-lines-check) (runs on EE only):
    This test ensures that no new files/directories are created/changed in EE.
    All docs should be submitted in CE instead, regardless the tier they are on.
@@ -559,15 +561,16 @@ A file with `proselint` configuration must be placed in a
 #### `markdownlint`
 
 `markdownlint` checks that certain rules ([example](https://github.com/DavidAnson/markdownlint/blob/master/README.md#rules--aliases))
- are followed for Markdown syntax.
- Our [Documentation Style Guide](styleguide.md) and [Markdown Guide](https://about.gitlab.com/handbook/product/technical-writing/markdown-guide/)
- elaborate on which choices must be made when selecting Markdown syntax for
- GitLab documentation. This tool helps catch deviations from those guidelines.
+are followed for Markdown syntax. Our [Documentation Style Guide](styleguide.md) and
+[Markdown Guide](https://about.gitlab.com/handbook/product/technical-writing/markdown-guide/)
+elaborate on which choices must be made when selecting Markdown syntax for GitLab
+documentation. This tool helps catch deviations from those guidelines, and matches the
+tests run on the documentation by [`docs-lint`](#testing).
 
 `markdownlint` can be used [on the command line](https://github.com/igorshubovych/markdownlint-cli#markdownlint-cli--),
- either on a single Markdown file or on all Markdown files in a project. For example, to run
- `markdownlint` on all documentation in the [`gitlab-ce` project](https://gitlab.com/gitlab-org/gitlab-ce),
- run the following commands from within the `gitlab-ce` project:
+either on a single Markdown file or on all Markdown files in a project. For example, to run
+`markdownlint` on all documentation in the [`gitlab-ce` project](https://gitlab.com/gitlab-org/gitlab-ce),
+run the following commands from within the `gitlab-ce` project:
 
 ```sh
 cd doc
@@ -597,7 +600,7 @@ The following sample `markdownlint` configuration modifies the available default
   "line-length": false,
   "no-trailing-punctuation": false,
   "ol-prefix": { "style": "one" },
-  "blanks-around-fences": false,
+  "blanks-around-fences": true,
   "no-inline-html": {
     "allowed_elements": [
       "table",
@@ -612,11 +615,15 @@ The following sample `markdownlint` configuration modifies the available default
       "a",
       "strong",
       "i",
-      "div"
+      "div",
+      "b"
     ]
   },
   "hr-style": { "style": "---" },
-  "fenced-code-language": false
+  "code-block-style": { "style": "fenced" },
+  "fenced-code-language": false,
+  "no-duplicate-header": { "allow_different_nesting": true },
+  "commands-show-output": false
 }
 ```
 
diff --git a/doc/development/documentation/styleguide.md b/doc/development/documentation/styleguide.md
index ccf1deefd91..36ffc02644e 100644
--- a/doc/development/documentation/styleguide.md
+++ b/doc/development/documentation/styleguide.md
@@ -107,6 +107,22 @@ Hard-coded HTML is valid, although it's discouraged to be used while we have `/h
 - Special styling is required.
 - Reviewed and approved by a technical writer.
 
+### Markdown Rules
+
+GitLab ensures that the Markdown used across all documentation is consistent, as
+well as easy to review and maintain, by testing documentation changes with
+[Markdownlint (mdl)](https://github.com/markdownlint/markdownlint). This lint test
+checks many common problems with Markdown, and fails when any document has an issue
+with Markdown formatting that may cause the page to render incorrectly within GitLab.
+It will also fail when a document is using non-standard Markdown (which may render
+correctly, but is not the current standard in GitLab documentation).
+
+Each formatting issue that mdl checks has an associated [rule](https://github.com/markdownlint/markdownlint/blob/master/docs/RULES.md),
+and the rules that are currently enabled for GitLab documentation are listed in the
+[`.mdlrc.style`](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/.mdlrc.style) file.
+Configuration options are set in the [`.mdlrc`](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/.mdlrc.style)
+file.
+
 ## Structure
 
 ### Organize by topic, not by type
-- 
cgit v1.2.1


From f38d76863d9a7e2545ebad28c2de833eab1c3687 Mon Sep 17 00:00:00 2001
From: Emeryao <emeryao@outlook.com>
Date: Mon, 22 Jul 2019 06:17:05 +0000
Subject: use the property of name_with_namespace instead of name for the new
 issue form in boards

add a new attribute for name_with_namespace

prettier the changed code
---
 app/assets/javascripts/boards/components/project_select.vue | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/app/assets/javascripts/boards/components/project_select.vue b/app/assets/javascripts/boards/components/project_select.vue
index a1cf1866faf..e8d25e84be1 100644
--- a/app/assets/javascripts/boards/components/project_select.vue
+++ b/app/assets/javascripts/boards/components/project_select.vue
@@ -68,13 +68,15 @@ export default {
             <li>
               <a href='#' class='dropdown-menu-link' data-project-id="${
                 project.id
-              }" data-project-name="${project.name}">
-                ${_.escape(project.name)}
+              }" data-project-name="${project.name}" data-project-name-with-namespace="${
+          project.name_with_namespace
+        }">
+                ${_.escape(project.name_with_namespace)}
               </a>
             </li>
           `;
       },
-      text: project => project.name,
+      text: project => project.name_with_namespace,
     });
   },
 };
-- 
cgit v1.2.1


From 51957ad56be9da3e1b1c640e3c763754ed65923f Mon Sep 17 00:00:00 2001
From: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Date: Mon, 22 Jul 2019 08:31:41 +0000
Subject: Update CHANGELOG.md for 12.1.0

[ci skip]
---
 CHANGELOG.md                                       | 271 +++++++++++++++++++++
 .../11039-moved-code-difference-from-EE-to-CE.yml  |   5 -
 .../unreleased/11448-fix-cs-with-k8s-runners.yml   |   5 -
 ...-markers-on-monitoring-graphs-not-clickable.yml |   5 -
 .../unreleased/12533-shared-runners-warning.yml    |   5 -
 changelogs/unreleased/12550-fullscrean.yml         |   5 -
 changelogs/unreleased/12553-preferences.yml        |   5 -
 ...-when-a-branch-is-deleted-And-add-MR-option.yml |   5 -
 .../29775-fix-nested-lists-unnecessary-margin.yml  |   5 -
 .../30355-use-hours-only-for-time-tracking.yml     |   5 -
 .../unreleased/32452-multiple-discussions.yml      |   5 -
 .../35757-move-issues-in-boards-pderichs.yml       |   5 -
 changelogs/unreleased/38105-pre-release-tag.yml    |   5 -
 .../unreleased/40379-CJK-search-min-chars.yml      |   5 -
 .../unreleased/42399-registry-confirm-deletion.yml |   5 -
 .../44106-include-subgroups-in-group-activity.yml  |   5 -
 ...e-updated_at-on-an-issue-when-reordering-it.yml |   5 -
 ...ent-users-from-using-the-container-registry.yml |   5 -
 ...ix-ide-editor-to-update-size-on-show-change.yml |   5 -
 ...abel-picker-line-break-on-long-label-titles.yml |   5 -
 ...in-admin-area-if-emails-are-verified-or-not.yml |   5 -
 .../50228-deploy-tokens-custom-username.yml        |   5 -
 ...e-http-status-code-when-repository-disabled.yml |   5 -
 .../51794-add-ordering-to-runner-jobs-api.yml      |   5 -
 changelogs/unreleased/51952-forking-via-webide.yml |   5 -
 .../51952-redirect-to-webide-in-fork.yml           |   5 -
 .../unreleased/52366-improved-group-lists-ui.yml   |   5 -
 .../52442-minimal-remove-mysql-support.yml         |   5 -
 .../52954-allow-developers-to-delete-tags.yml      |   5 -
 .../53357-fix-plus-in-upload-file-names.yml        |   5 -
 ...11-issue-boards-to-core-projects-backend-ce.yml |   5 -
 .../unreleased/54117-transactional-rebase.yml      |   5 -
 ...rect-reaction-emoji-placement-in-discussion.yml |   5 -
 .../55487-enable-group-terminals-button.yml        |   5 -
 changelogs/unreleased/55623-group-cluster-apis.yml |   5 -
 ...le-creation-of-non-rbac-kubernetes-clusters.yml |   5 -
 .../55953-renamed-discussion-to-thread.yml         |   5 -
 ...57538-normalize-users-private-profile-field.yml |   5 -
 changelogs/unreleased/57793-fix-line-age.yml       |   5 -
 changelogs/unreleased/57815.yml                    |   5 -
 ...7918-encrypt-feature-flags-tokens-changelog.yml |   5 -
 ...pplication-settings-panel-shows-wrong-panel.yml |   5 -
 .../unreleased/58065-uniform-html-txt-email.yml    |   5 -
 .../58689-regroup-jump-button-in-discussion.yml    |   6 -
 changelogs/unreleased/58802-rename-webide.yml      |   5 -
 .../unreleased/58808-fix-image-diff-on-text.yml    |   5 -
 .../unreleased/59028-fix-extra-plus-in-diffs.yml   |   5 -
 .../unreleased/59257-find-new-branches-harder.yml  |   5 -
 .../60617-enable-project-cluster-jit.yml           |   5 -
 ...66-kubernetes-applications-uninstall-runner.yml |   5 -
 .../unreleased/60856-deleting-binary-file.yml      |   5 -
 .../unreleased/60859-upload-after-delete.yml       |   5 -
 .../60860-keep-empty-folders-in-tree.yml           |   5 -
 .../unreleased/60879-fix-reports-timing-out.yml    |   5 -
 .../61005-grafanaInAdminSettingsMonitoringMenu.yml |   5 -
 ...-instance-level-cluster-pod-terminal-access.yml |   5 -
 ...1-pass-identities-to-external-authorization.yml |   5 -
 ...from-add-packages_size-to-projectstatistics.yml |   5 -
 ...search-result-doesn-t-pass-wcag-color-audit.yml |   5 -
 changelogs/unreleased/61613-spacing-mr-widgets.yml |   5 -
 changelogs/unreleased/62088-search-back.yml        |   5 -
 .../62124-new-threaded-discussion-design.yml       |   5 -
 ...-for-bulk-delete-api-for-container-registry.yml |   5 -
 ...2-disable-kubernetes-credential-passthrough.yml |   5 -
 ...62772-migrate-managed-clusters-to-unmanaged.yml |   6 -
 .../unreleased/62826-graphql-emoji-mutations.yml   |   5 -
 .../unreleased/62826-graphql-note-mutations.yml    |   5 -
 .../unreleased/62938-wcag-aa-edited-text-color.yml |   5 -
 ...nvironment-details-header-border-misaligned.yml |   5 -
 ...ailability-checker-breaks-inline-validation.yml |   5 -
 ...migrate-clusters-with-no-token-to-unmanaged.yml |   6 -
 .../unreleased/63200-reply-button-broken.yml       |   5 -
 changelogs/unreleased/63227-fix-double-border.yml  |   5 -
 .../unreleased/63247-add-conf-toast-and-link.yml   |   5 -
 ...y-for-the-mr-popover-failes-on-the-frontend.yml |   6 -
 ...298-prevent-excessive-sanitization-asciidoc.yml |   5 -
 changelogs/unreleased/63475-fix-n-1.yml            |   5 -
 .../unreleased/63479-jira-capitalization.yml       |   5 -
 .../63507-fix-race-condition-fetching-token.yml    |   5 -
 .../63559-remove-avatar-from-sign-in.yml           |   5 -
 .../63590-pipeline-actions-cause-full-refresh.yml  |   5 -
 .../63656-runner-tags-search-dropdown-is-empty.yml |   5 -
 ...67-hashed-storage-migration-count-correctly.yml |   5 -
 changelogs/unreleased/63691-fix-doc-link.yml       |   5 -
 changelogs/unreleased/63873-process-start-time.yml |   6 -
 .../63945-update-mixin-deep-to-1-3-2.yml           |   5 -
 changelogs/unreleased/63971-remove-istanbul.yml    |   5 -
 .../unreleased/64066-fix-uneven-click-areas.yml    |   5 -
 .../64070-asciidoctor-enable-section-anchors.yml   |   5 -
 .../unreleased/64091-fix-broken-terminal.yml       |   5 -
 changelogs/unreleased/64161-gitlab-fqdn.yml        |   5 -
 changelogs/unreleased/64176-fix-error-handling.yml |   5 -
 ...registry-empty-state-with-design-guidelines.yml |   5 -
 changelogs/unreleased/64314-ci-icon.yml            |   5 -
 .../unreleased/64315-mget_sessions_in_chunks.yml   |   5 -
 ...lestones-from-instance-milestones-dashboard.yml |   5 -
 ...d-in-a-new-issue-has-an-incorrect-line-wrap.yml |   5 -
 ...zio-quirk-omniauth-strategies-openidconnect.yml |   5 -
 .../64416-lodash-4-6-2-for-prototype-pollution.yml |   5 -
 ...4645-asciidoctor-preserve-footnote-link-ids.yml |   5 -
 ...8ee-add-rule_type-to-approval-project-rules.yml |   5 -
 ...emove-unresolved-class-in-discussion-header.yml |   5 -
 .../unreleased/add-clusters-to-deployment.yml      |   5 -
 .../add-metrics-dashboard-permission-check.yml     |   5 -
 changelogs/unreleased/add-salesforce-logo.yml      |   5 -
 .../add-strategies-column-to-scopes-table.yml      |   5 -
 .../unreleased/allow-reactive-caching-of-nil.yml   |   5 -
 .../always-allow-prometheus-access-in-dev.yml      |   5 -
 .../always-display-environment-selector.yml        |   5 -
 .../api-doc-negative-commit-message-push-rule.yml  |   5 -
 .../asciidoc-enable-syntax-highlighting.yml        |   5 -
 changelogs/unreleased/asciidoctor-upgrade.yml      |   5 -
 ...e-performance-environment-statuses-endpoint.yml |   5 -
 changelogs/unreleased/bjk-fix_prom_example.yml     |   5 -
 changelogs/unreleased/bvl-markdown-graphql.yml     |   5 -
 .../bvl-rename-routes-after-user-rename.yml        |   5 -
 .../unreleased/caneldem-master-patch-77839.yml     |   5 -
 ...ate-merge-request-settings-description-text.yml |   5 -
 .../unreleased/centralize-markdownlint-config.yml  |   5 -
 changelogs/unreleased/check-min-schema-migrate.yml |   5 -
 .../unreleased/ci_default_git_depth_only.yml       |   5 -
 changelogs/unreleased/clusters-group-cte.yml       |   5 -
 .../unreleased/create-merge-train-ref-ce.yml       |   5 -
 .../unreleased/db-update-geo-nodes-primary.yml     |   5 -
 changelogs/unreleased/dohtaset.yml                 |   5 -
 changelogs/unreleased/ds-charts-whitespace.yml     |   5 -
 .../dz-remove-deprecated-group-routes.yml          |   5 -
 .../dz-remove-deprecated-user-routes.yml           |   5 -
 changelogs/unreleased/embedded-metrics-be-2.yml    |   5 -
 .../expose-saml-provider-id-to-users-api.yml       |   5 -
 ...-old-boardservice-on-component-modal-footer.yml |   6 -
 changelogs/unreleased/fe-issue-reorder.yml         |   5 -
 .../feature-uninstall_cluster_ingress.yml          |   5 -
 .../feature-uninstall_jupyter_hub_app.yml          |   5 -
 .../unreleased/fix-broken-vue-i18n-strings.yml     |   5 -
 .../unreleased/fix-comment-race-condition.yml      |   5 -
 ...facivon-url-if-uploads-object-store-enabled.yml |   5 -
 changelogs/unreleased/fix-jupyter-git-v3.yml       |   5 -
 .../fix-median-counting-for-cycle-analytics.yml    |   5 -
 .../unreleased/fix-pipeline-schedule-edge-case.yml |   6 -
 .../fix-sidekiq-transaction-check-race.yml         |   5 -
 .../fix-unicorn-sampler-workers-count.yml          |   5 -
 .../unreleased/fj-fix-subgroup-search-url.yml      |   5 -
 ...63955-fix-import-with-source-branch-deleted.yml |   5 -
 changelogs/unreleased/gitaly-version-v1-53-0.yml   |   5 -
 changelogs/unreleased/gitaly-version-v1.49.0.yml   |   5 -
 changelogs/unreleased/gitaly-version-v1.51.0.yml   |   5 -
 changelogs/unreleased/gitaly-version-v1.52.0.yml   |   5 -
 changelogs/unreleased/graphql-tree-last-commit.yml |   5 -
 ...directive-on-project-avatar-image-component.yml |   5 -
 ...ve-cluster-role-on-service-account-creation.yml |   5 -
 .../hide-restricted-visibility-radio.yml           |   5 -
 changelogs/unreleased/id-clean-up-mr-assignees.yml |   5 -
 .../id-extract-widget-into-different-request.yml   |   5 -
 changelogs/unreleased/id-stale-branches.yml        |   5 -
 changelogs/unreleased/issue-63222.yml              |   5 -
 changelogs/unreleased/issue-zoom-url.yml           |   5 -
 changelogs/unreleased/issue_64021.yml              |   5 -
 changelogs/unreleased/jc-detect-nfs-for-rugged.yml |   5 -
 changelogs/unreleased/jc-remove-catfile-flag.yml   |   5 -
 .../jramsay-enable-object-dedupe-by-default.yml    |   5 -
 changelogs/unreleased/knative-0-6.yml              |   5 -
 .../unreleased/limit-amount-of-tests-returned.yml  |   5 -
 changelogs/unreleased/mh-board-tooltips.yml        |   5 -
 changelogs/unreleased/mh-boards-filter-bar.yml     |   5 -
 changelogs/unreleased/mh-collapsible-boards.yml    |   5 -
 changelogs/unreleased/mh-colon-autocomplete.yml    |   5 -
 changelogs/unreleased/mh-mermaid-linebreaks.yml    |   5 -
 .../unreleased/move-all-configs-to-global.yml      |   5 -
 .../unreleased/mw-project-list-color-fix.yml       |   5 -
 .../unreleased/osw-persist-tmp-snippet-uploads.yml |   5 -
 .../osw-sync-merge-ref-upon-mergeability-check.yml |   5 -
 .../unreleased/paginate-license-management.yml     |   5 -
 changelogs/unreleased/patch-29.yml                 |   5 -
 changelogs/unreleased/po-raw-changes-encoding.yml  |   5 -
 changelogs/unreleased/pre-releases-38105a.yml      |   5 -
 .../prepare-cycle-analytics-for-group-level.yml    |   5 -
 changelogs/unreleased/project_api.yml              |   5 -
 changelogs/unreleased/refactor-sentry.yml          |   5 -
 .../unreleased/registry-fix-multi-delete-modal.yml |   5 -
 changelogs/unreleased/remove-auto-ssl-ff.yml       |   6 -
 ...move-kubernetes-service-deployment-platform.yml |   5 -
 ...remove-support-for-legacy-pipeline-triggers.yml |   5 -
 ...ve_group_and_instance_clusters_feature_flag.yml |   5 -
 ...bling-only-allow-merge-if-pipeline-succeeds.yml |   5 -
 changelogs/unreleased/rj-fix-manual-order.yml      |   5 -
 .../unreleased/sanitize_rake_ldap_check_output.yml |   5 -
 changelogs/unreleased/search-blob-basenames.yml    |   5 -
 .../security-2858-fix-color-validation.yml         |   5 -
 ...security-59581-related-merge-requests-count.yml |   5 -
 .../security-DOS_issue_comments_banzai.yml         |   5 -
 ...rity-bvl-enforce-graphql-type-authorization.yml |   5 -
 .../security-fp-prevent-billion-laughs-attack.yml  |   5 -
 .../unreleased/security-mr-head-pipeline-leak.yml  |   5 -
 .../security-notes-in-private-snippets.yml         |   5 -
 ...nt-detection-of-merge-request-template-name.yml |   5 -
 .../unreleased/set-higher-ttl-for-trace-write.yml  |   5 -
 .../sh-add-force-random-password-user-api.yml      |   5 -
 ...sh-add-gitaly-ref-caching-search-controller.yml |   5 -
 .../unreleased/sh-add-thread-memory-cache.yml      |   5 -
 .../sh-audit-event-json-log-format-from-and-to.yml |   5 -
 .../sh-avoid-loading-pipeline-status.yml           |   5 -
 changelogs/unreleased/sh-bump-fog-aws.yml          |   5 -
 .../unreleased/sh-cache-feature-flag-names.yml     |   5 -
 .../sh-cache-flipper-checks-in-memory.yml          |   5 -
 .../sh-cache-flipper-names-memory-cache.yml        |   5 -
 .../sh-cache-negative-entries-find-commit.yml      |   5 -
 .../sh-clean-up-bitbucket-import-errors.yml        |   5 -
 ...-disable-reactive-caching-automatic-retries.yml |   5 -
 .../sh-enable-ref-name-caching-discussions.yml     |   5 -
 .../unreleased/sh-fix-gitaly-server-info-cache.yml |   5 -
 changelogs/unreleased/sh-fix-httpclient-ssl.yml    |   5 -
 changelogs/unreleased/sh-fix-issue-63349.yml       |   5 -
 changelogs/unreleased/sh-fix-issue-63910.yml       |   5 -
 .../unreleased/sh-handle-nil-replication-lag.yml   |   5 -
 changelogs/unreleased/sh-improve-redis-peek.yml    |   5 -
 .../unreleased/sh-optimize-todos-controller.yml    |   5 -
 .../sh-remove-import-columns-from-projects.yml     |   5 -
 changelogs/unreleased/sh-service-template-bug.yml  |   5 -
 .../unreleased/sh-strong-memoize-appearances.yml   |   5 -
 .../sh-support-subnets-ip-rate-limiter.yml         |   5 -
 changelogs/unreleased/sh-update-mermaid.yml        |   5 -
 changelogs/unreleased/sh-upgrade-rouge-3-5-1.yml   |   5 -
 changelogs/unreleased/slugify.yml                  |   5 -
 .../small-s-in-elasticsearch-in-code.yml           |   5 -
 changelogs/unreleased/small-s-in-elasticsearch.yml |   5 -
 .../unreleased/support-jsonb-default-value.yml     |   5 -
 changelogs/unreleased/tc-rake-orphan-artifacts.yml |   5 -
 changelogs/unreleased/transaction-metrics.yml      |   5 -
 .../unreleased/tz-update-mr-count-over-tabs.yml    |   6 -
 changelogs/unreleased/unicorn-sampler-fix.yml      |   5 -
 changelogs/unreleased/update-clair-version.yml     |   6 -
 .../update-gitlab-runner-helm-chart-to-0-6-0.yml   |   5 -
 changelogs/unreleased/update-pages-to-1-7-0.yml    |   5 -
 changelogs/unreleased/update-pagination-texts.yml  |   5 -
 changelogs/unreleased/update-tar-to-2-2-2.yml      |   5 -
 changelogs/unreleased/update-todo-in-ui.yml        |   5 -
 changelogs/unreleased/use-pg-9-6-11-on-ci.yml      |   5 -
 .../unreleased/winh-jest-markdown-header.yml       |   5 -
 .../unreleased/winh-multiple-issueboards-core.yml  |   5 -
 .../winh-notes-service-applySuggestion.yml         |   5 -
 .../unreleased/winh-notes-service-deleteNote.yml   |   5 -
 .../unreleased/winh-notes-service-toggleAward.yml  |   5 -
 ...winh-updateResolvableDiscussionsCounts-typo.yml |   5 -
 .../z-index-fix-for-diff-file-dropdown.yml         |   5 -
 changelogs/unreleased/z-index-tools.yml            |   5 -
 changelogs/unreleased/zj-gitaly-usage-data.yml     |   5 -
 247 files changed, 271 insertions(+), 1240 deletions(-)
 delete mode 100644 changelogs/unreleased/11039-moved-code-difference-from-EE-to-CE.yml
 delete mode 100644 changelogs/unreleased/11448-fix-cs-with-k8s-runners.yml
 delete mode 100644 changelogs/unreleased/11888-regression-deploy-correlation-markers-on-monitoring-graphs-not-clickable.yml
 delete mode 100644 changelogs/unreleased/12533-shared-runners-warning.yml
 delete mode 100644 changelogs/unreleased/12550-fullscrean.yml
 delete mode 100644 changelogs/unreleased/12553-preferences.yml
 delete mode 100644 changelogs/unreleased/17690-Protect-TeamCity-builds-for-triggering-when-a-branch-is-deleted-And-add-MR-option.yml
 delete mode 100644 changelogs/unreleased/29775-fix-nested-lists-unnecessary-margin.yml
 delete mode 100644 changelogs/unreleased/30355-use-hours-only-for-time-tracking.yml
 delete mode 100644 changelogs/unreleased/32452-multiple-discussions.yml
 delete mode 100644 changelogs/unreleased/35757-move-issues-in-boards-pderichs.yml
 delete mode 100644 changelogs/unreleased/38105-pre-release-tag.yml
 delete mode 100644 changelogs/unreleased/40379-CJK-search-min-chars.yml
 delete mode 100644 changelogs/unreleased/42399-registry-confirm-deletion.yml
 delete mode 100644 changelogs/unreleased/44106-include-subgroups-in-group-activity.yml
 delete mode 100644 changelogs/unreleased/44949-do-not-update-updated_at-on-an-issue-when-reordering-it.yml
 delete mode 100644 changelogs/unreleased/45104-special-characters-in-project-name-path-prevent-users-from-using-the-container-registry.yml
 delete mode 100644 changelogs/unreleased/45120-fix-ide-editor-to-update-size-on-show-change.yml
 delete mode 100644 changelogs/unreleased/48771-label-picker-line-break-on-long-label-titles.yml
 delete mode 100644 changelogs/unreleased/49814-display-in-admin-area-if-emails-are-verified-or-not.yml
 delete mode 100644 changelogs/unreleased/50228-deploy-tokens-custom-username.yml
 delete mode 100644 changelogs/unreleased/50834-change-http-status-code-when-repository-disabled.yml
 delete mode 100644 changelogs/unreleased/51794-add-ordering-to-runner-jobs-api.yml
 delete mode 100644 changelogs/unreleased/51952-forking-via-webide.yml
 delete mode 100644 changelogs/unreleased/51952-redirect-to-webide-in-fork.yml
 delete mode 100644 changelogs/unreleased/52366-improved-group-lists-ui.yml
 delete mode 100644 changelogs/unreleased/52442-minimal-remove-mysql-support.yml
 delete mode 100644 changelogs/unreleased/52954-allow-developers-to-delete-tags.yml
 delete mode 100644 changelogs/unreleased/53357-fix-plus-in-upload-file-names.yml
 delete mode 100644 changelogs/unreleased/53811-issue-boards-to-core-projects-backend-ce.yml
 delete mode 100644 changelogs/unreleased/54117-transactional-rebase.yml
 delete mode 100644 changelogs/unreleased/54595-incorrect-reaction-emoji-placement-in-discussion.yml
 delete mode 100644 changelogs/unreleased/55487-enable-group-terminals-button.yml
 delete mode 100644 changelogs/unreleased/55623-group-cluster-apis.yml
 delete mode 100644 changelogs/unreleased/55902-disable-creation-of-non-rbac-kubernetes-clusters.yml
 delete mode 100644 changelogs/unreleased/55953-renamed-discussion-to-thread.yml
 delete mode 100644 changelogs/unreleased/57538-normalize-users-private-profile-field.yml
 delete mode 100644 changelogs/unreleased/57793-fix-line-age.yml
 delete mode 100644 changelogs/unreleased/57815.yml
 delete mode 100644 changelogs/unreleased/57918-encrypt-feature-flags-tokens-changelog.yml
 delete mode 100644 changelogs/unreleased/57973-errors-in-application-settings-panel-shows-wrong-panel.yml
 delete mode 100644 changelogs/unreleased/58065-uniform-html-txt-email.yml
 delete mode 100644 changelogs/unreleased/58689-regroup-jump-button-in-discussion.yml
 delete mode 100644 changelogs/unreleased/58802-rename-webide.yml
 delete mode 100644 changelogs/unreleased/58808-fix-image-diff-on-text.yml
 delete mode 100644 changelogs/unreleased/59028-fix-extra-plus-in-diffs.yml
 delete mode 100644 changelogs/unreleased/59257-find-new-branches-harder.yml
 delete mode 100644 changelogs/unreleased/60617-enable-project-cluster-jit.yml
 delete mode 100644 changelogs/unreleased/60666-kubernetes-applications-uninstall-runner.yml
 delete mode 100644 changelogs/unreleased/60856-deleting-binary-file.yml
 delete mode 100644 changelogs/unreleased/60859-upload-after-delete.yml
 delete mode 100644 changelogs/unreleased/60860-keep-empty-folders-in-tree.yml
 delete mode 100644 changelogs/unreleased/60879-fix-reports-timing-out.yml
 delete mode 100644 changelogs/unreleased/61005-grafanaInAdminSettingsMonitoringMenu.yml
 delete mode 100644 changelogs/unreleased/61156-instance-level-cluster-pod-terminal-access.yml
 delete mode 100644 changelogs/unreleased/61201-pass-identities-to-external-authorization.yml
 delete mode 100644 changelogs/unreleased/61284-frontend-follow-up-from-add-packages_size-to-projectstatistics.yml
 delete mode 100644 changelogs/unreleased/61342-commit-search-result-doesn-t-pass-wcag-color-audit.yml
 delete mode 100644 changelogs/unreleased/61613-spacing-mr-widgets.yml
 delete mode 100644 changelogs/unreleased/62088-search-back.yml
 delete mode 100644 changelogs/unreleased/62124-new-threaded-discussion-design.yml
 delete mode 100644 changelogs/unreleased/62183-update-response-code-for-bulk-delete-api-for-container-registry.yml
 delete mode 100644 changelogs/unreleased/62772-disable-kubernetes-credential-passthrough.yml
 delete mode 100644 changelogs/unreleased/62772-migrate-managed-clusters-to-unmanaged.yml
 delete mode 100644 changelogs/unreleased/62826-graphql-emoji-mutations.yml
 delete mode 100644 changelogs/unreleased/62826-graphql-note-mutations.yml
 delete mode 100644 changelogs/unreleased/62938-wcag-aa-edited-text-color.yml
 delete mode 100644 changelogs/unreleased/62968-environment-details-header-border-misaligned.yml
 delete mode 100644 changelogs/unreleased/62980-username-availability-checker-breaks-inline-validation.yml
 delete mode 100644 changelogs/unreleased/63079-migrate-clusters-with-no-token-to-unmanaged.yml
 delete mode 100644 changelogs/unreleased/63200-reply-button-broken.yml
 delete mode 100644 changelogs/unreleased/63227-fix-double-border.yml
 delete mode 100644 changelogs/unreleased/63247-add-conf-toast-and-link.yml
 delete mode 100644 changelogs/unreleased/63261-the-graphql-query-for-the-mr-popover-failes-on-the-frontend.yml
 delete mode 100644 changelogs/unreleased/63298-prevent-excessive-sanitization-asciidoc.yml
 delete mode 100644 changelogs/unreleased/63475-fix-n-1.yml
 delete mode 100644 changelogs/unreleased/63479-jira-capitalization.yml
 delete mode 100644 changelogs/unreleased/63507-fix-race-condition-fetching-token.yml
 delete mode 100644 changelogs/unreleased/63559-remove-avatar-from-sign-in.yml
 delete mode 100644 changelogs/unreleased/63590-pipeline-actions-cause-full-refresh.yml
 delete mode 100644 changelogs/unreleased/63656-runner-tags-search-dropdown-is-empty.yml
 delete mode 100644 changelogs/unreleased/63667-hashed-storage-migration-count-correctly.yml
 delete mode 100644 changelogs/unreleased/63691-fix-doc-link.yml
 delete mode 100644 changelogs/unreleased/63873-process-start-time.yml
 delete mode 100644 changelogs/unreleased/63945-update-mixin-deep-to-1-3-2.yml
 delete mode 100644 changelogs/unreleased/63971-remove-istanbul.yml
 delete mode 100644 changelogs/unreleased/64066-fix-uneven-click-areas.yml
 delete mode 100644 changelogs/unreleased/64070-asciidoctor-enable-section-anchors.yml
 delete mode 100644 changelogs/unreleased/64091-fix-broken-terminal.yml
 delete mode 100644 changelogs/unreleased/64161-gitlab-fqdn.yml
 delete mode 100644 changelogs/unreleased/64176-fix-error-handling.yml
 delete mode 100644 changelogs/unreleased/64249-align-container-registry-empty-state-with-design-guidelines.yml
 delete mode 100644 changelogs/unreleased/64314-ci-icon.yml
 delete mode 100644 changelogs/unreleased/64315-mget_sessions_in_chunks.yml
 delete mode 100644 changelogs/unreleased/64321-wrong-url-when-creating-milestones-from-instance-milestones-dashboard.yml
 delete mode 100644 changelogs/unreleased/64331-Assignee-field-in-a-new-issue-has-an-incorrect-line-wrap.yml
 delete mode 100644 changelogs/unreleased/64407-vfazio-quirk-omniauth-strategies-openidconnect.yml
 delete mode 100644 changelogs/unreleased/64416-lodash-4-6-2-for-prototype-pollution.yml
 delete mode 100644 changelogs/unreleased/64645-asciidoctor-preserve-footnote-link-ids.yml
 delete mode 100644 changelogs/unreleased/9928ee-add-rule_type-to-approval-project-rules.yml
 delete mode 100644 changelogs/unreleased/Remove-unresolved-class-in-discussion-header.yml
 delete mode 100644 changelogs/unreleased/add-clusters-to-deployment.yml
 delete mode 100644 changelogs/unreleased/add-metrics-dashboard-permission-check.yml
 delete mode 100644 changelogs/unreleased/add-salesforce-logo.yml
 delete mode 100644 changelogs/unreleased/add-strategies-column-to-scopes-table.yml
 delete mode 100644 changelogs/unreleased/allow-reactive-caching-of-nil.yml
 delete mode 100644 changelogs/unreleased/always-allow-prometheus-access-in-dev.yml
 delete mode 100644 changelogs/unreleased/always-display-environment-selector.yml
 delete mode 100644 changelogs/unreleased/api-doc-negative-commit-message-push-rule.yml
 delete mode 100644 changelogs/unreleased/asciidoc-enable-syntax-highlighting.yml
 delete mode 100644 changelogs/unreleased/asciidoctor-upgrade.yml
 delete mode 100644 changelogs/unreleased/backstage-gb-improve-performance-environment-statuses-endpoint.yml
 delete mode 100644 changelogs/unreleased/bjk-fix_prom_example.yml
 delete mode 100644 changelogs/unreleased/bvl-markdown-graphql.yml
 delete mode 100644 changelogs/unreleased/bvl-rename-routes-after-user-rename.yml
 delete mode 100644 changelogs/unreleased/caneldem-master-patch-77839.yml
 delete mode 100644 changelogs/unreleased/ce-11098-update-merge-request-settings-description-text.yml
 delete mode 100644 changelogs/unreleased/centralize-markdownlint-config.yml
 delete mode 100644 changelogs/unreleased/check-min-schema-migrate.yml
 delete mode 100644 changelogs/unreleased/ci_default_git_depth_only.yml
 delete mode 100644 changelogs/unreleased/clusters-group-cte.yml
 delete mode 100644 changelogs/unreleased/create-merge-train-ref-ce.yml
 delete mode 100644 changelogs/unreleased/db-update-geo-nodes-primary.yml
 delete mode 100644 changelogs/unreleased/dohtaset.yml
 delete mode 100644 changelogs/unreleased/ds-charts-whitespace.yml
 delete mode 100644 changelogs/unreleased/dz-remove-deprecated-group-routes.yml
 delete mode 100644 changelogs/unreleased/dz-remove-deprecated-user-routes.yml
 delete mode 100644 changelogs/unreleased/embedded-metrics-be-2.yml
 delete mode 100644 changelogs/unreleased/expose-saml-provider-id-to-users-api.yml
 delete mode 100644 changelogs/unreleased/fe-delete-old-boardservice-on-component-modal-footer.yml
 delete mode 100644 changelogs/unreleased/fe-issue-reorder.yml
 delete mode 100644 changelogs/unreleased/feature-uninstall_cluster_ingress.yml
 delete mode 100644 changelogs/unreleased/feature-uninstall_jupyter_hub_app.yml
 delete mode 100644 changelogs/unreleased/fix-broken-vue-i18n-strings.yml
 delete mode 100644 changelogs/unreleased/fix-comment-race-condition.yml
 delete mode 100644 changelogs/unreleased/fix-facivon-url-if-uploads-object-store-enabled.yml
 delete mode 100644 changelogs/unreleased/fix-jupyter-git-v3.yml
 delete mode 100644 changelogs/unreleased/fix-median-counting-for-cycle-analytics.yml
 delete mode 100644 changelogs/unreleased/fix-pipeline-schedule-edge-case.yml
 delete mode 100644 changelogs/unreleased/fix-sidekiq-transaction-check-race.yml
 delete mode 100644 changelogs/unreleased/fix-unicorn-sampler-workers-count.yml
 delete mode 100644 changelogs/unreleased/fj-fix-subgroup-search-url.yml
 delete mode 100644 changelogs/unreleased/georgekoltsov-63955-fix-import-with-source-branch-deleted.yml
 delete mode 100644 changelogs/unreleased/gitaly-version-v1-53-0.yml
 delete mode 100644 changelogs/unreleased/gitaly-version-v1.49.0.yml
 delete mode 100644 changelogs/unreleased/gitaly-version-v1.51.0.yml
 delete mode 100644 changelogs/unreleased/gitaly-version-v1.52.0.yml
 delete mode 100644 changelogs/unreleased/graphql-tree-last-commit.yml
 delete mode 100644 changelogs/unreleased/gt-remove-tooltip-directive-on-project-avatar-image-component.yml
 delete mode 100644 changelogs/unreleased/hfy-apply-knative-cluster-role-on-service-account-creation.yml
 delete mode 100644 changelogs/unreleased/hide-restricted-visibility-radio.yml
 delete mode 100644 changelogs/unreleased/id-clean-up-mr-assignees.yml
 delete mode 100644 changelogs/unreleased/id-extract-widget-into-different-request.yml
 delete mode 100644 changelogs/unreleased/id-stale-branches.yml
 delete mode 100644 changelogs/unreleased/issue-63222.yml
 delete mode 100644 changelogs/unreleased/issue-zoom-url.yml
 delete mode 100644 changelogs/unreleased/issue_64021.yml
 delete mode 100644 changelogs/unreleased/jc-detect-nfs-for-rugged.yml
 delete mode 100644 changelogs/unreleased/jc-remove-catfile-flag.yml
 delete mode 100644 changelogs/unreleased/jramsay-enable-object-dedupe-by-default.yml
 delete mode 100644 changelogs/unreleased/knative-0-6.yml
 delete mode 100644 changelogs/unreleased/limit-amount-of-tests-returned.yml
 delete mode 100644 changelogs/unreleased/mh-board-tooltips.yml
 delete mode 100644 changelogs/unreleased/mh-boards-filter-bar.yml
 delete mode 100644 changelogs/unreleased/mh-collapsible-boards.yml
 delete mode 100644 changelogs/unreleased/mh-colon-autocomplete.yml
 delete mode 100644 changelogs/unreleased/mh-mermaid-linebreaks.yml
 delete mode 100644 changelogs/unreleased/move-all-configs-to-global.yml
 delete mode 100644 changelogs/unreleased/mw-project-list-color-fix.yml
 delete mode 100644 changelogs/unreleased/osw-persist-tmp-snippet-uploads.yml
 delete mode 100644 changelogs/unreleased/osw-sync-merge-ref-upon-mergeability-check.yml
 delete mode 100644 changelogs/unreleased/paginate-license-management.yml
 delete mode 100644 changelogs/unreleased/patch-29.yml
 delete mode 100644 changelogs/unreleased/po-raw-changes-encoding.yml
 delete mode 100644 changelogs/unreleased/pre-releases-38105a.yml
 delete mode 100644 changelogs/unreleased/prepare-cycle-analytics-for-group-level.yml
 delete mode 100644 changelogs/unreleased/project_api.yml
 delete mode 100644 changelogs/unreleased/refactor-sentry.yml
 delete mode 100644 changelogs/unreleased/registry-fix-multi-delete-modal.yml
 delete mode 100644 changelogs/unreleased/remove-auto-ssl-ff.yml
 delete mode 100644 changelogs/unreleased/remove-kubernetes-service-deployment-platform.yml
 delete mode 100644 changelogs/unreleased/remove-support-for-legacy-pipeline-triggers.yml
 delete mode 100644 changelogs/unreleased/remove_group_and_instance_clusters_feature_flag.yml
 delete mode 100644 changelogs/unreleased/require-pipeline-when-enabling-only-allow-merge-if-pipeline-succeeds.yml
 delete mode 100644 changelogs/unreleased/rj-fix-manual-order.yml
 delete mode 100644 changelogs/unreleased/sanitize_rake_ldap_check_output.yml
 delete mode 100644 changelogs/unreleased/search-blob-basenames.yml
 delete mode 100644 changelogs/unreleased/security-2858-fix-color-validation.yml
 delete mode 100644 changelogs/unreleased/security-59581-related-merge-requests-count.yml
 delete mode 100644 changelogs/unreleased/security-DOS_issue_comments_banzai.yml
 delete mode 100644 changelogs/unreleased/security-bvl-enforce-graphql-type-authorization.yml
 delete mode 100644 changelogs/unreleased/security-fp-prevent-billion-laughs-attack.yml
 delete mode 100644 changelogs/unreleased/security-mr-head-pipeline-leak.yml
 delete mode 100644 changelogs/unreleased/security-notes-in-private-snippets.yml
 delete mode 100644 changelogs/unreleased/security-prevent-detection-of-merge-request-template-name.yml
 delete mode 100644 changelogs/unreleased/set-higher-ttl-for-trace-write.yml
 delete mode 100644 changelogs/unreleased/sh-add-force-random-password-user-api.yml
 delete mode 100644 changelogs/unreleased/sh-add-gitaly-ref-caching-search-controller.yml
 delete mode 100644 changelogs/unreleased/sh-add-thread-memory-cache.yml
 delete mode 100644 changelogs/unreleased/sh-audit-event-json-log-format-from-and-to.yml
 delete mode 100644 changelogs/unreleased/sh-avoid-loading-pipeline-status.yml
 delete mode 100644 changelogs/unreleased/sh-bump-fog-aws.yml
 delete mode 100644 changelogs/unreleased/sh-cache-feature-flag-names.yml
 delete mode 100644 changelogs/unreleased/sh-cache-flipper-checks-in-memory.yml
 delete mode 100644 changelogs/unreleased/sh-cache-flipper-names-memory-cache.yml
 delete mode 100644 changelogs/unreleased/sh-cache-negative-entries-find-commit.yml
 delete mode 100644 changelogs/unreleased/sh-clean-up-bitbucket-import-errors.yml
 delete mode 100644 changelogs/unreleased/sh-disable-reactive-caching-automatic-retries.yml
 delete mode 100644 changelogs/unreleased/sh-enable-ref-name-caching-discussions.yml
 delete mode 100644 changelogs/unreleased/sh-fix-gitaly-server-info-cache.yml
 delete mode 100644 changelogs/unreleased/sh-fix-httpclient-ssl.yml
 delete mode 100644 changelogs/unreleased/sh-fix-issue-63349.yml
 delete mode 100644 changelogs/unreleased/sh-fix-issue-63910.yml
 delete mode 100644 changelogs/unreleased/sh-handle-nil-replication-lag.yml
 delete mode 100644 changelogs/unreleased/sh-improve-redis-peek.yml
 delete mode 100644 changelogs/unreleased/sh-optimize-todos-controller.yml
 delete mode 100644 changelogs/unreleased/sh-remove-import-columns-from-projects.yml
 delete mode 100644 changelogs/unreleased/sh-service-template-bug.yml
 delete mode 100644 changelogs/unreleased/sh-strong-memoize-appearances.yml
 delete mode 100644 changelogs/unreleased/sh-support-subnets-ip-rate-limiter.yml
 delete mode 100644 changelogs/unreleased/sh-update-mermaid.yml
 delete mode 100644 changelogs/unreleased/sh-upgrade-rouge-3-5-1.yml
 delete mode 100644 changelogs/unreleased/slugify.yml
 delete mode 100644 changelogs/unreleased/small-s-in-elasticsearch-in-code.yml
 delete mode 100644 changelogs/unreleased/small-s-in-elasticsearch.yml
 delete mode 100644 changelogs/unreleased/support-jsonb-default-value.yml
 delete mode 100644 changelogs/unreleased/tc-rake-orphan-artifacts.yml
 delete mode 100644 changelogs/unreleased/transaction-metrics.yml
 delete mode 100644 changelogs/unreleased/tz-update-mr-count-over-tabs.yml
 delete mode 100644 changelogs/unreleased/unicorn-sampler-fix.yml
 delete mode 100644 changelogs/unreleased/update-clair-version.yml
 delete mode 100644 changelogs/unreleased/update-gitlab-runner-helm-chart-to-0-6-0.yml
 delete mode 100644 changelogs/unreleased/update-pages-to-1-7-0.yml
 delete mode 100644 changelogs/unreleased/update-pagination-texts.yml
 delete mode 100644 changelogs/unreleased/update-tar-to-2-2-2.yml
 delete mode 100644 changelogs/unreleased/update-todo-in-ui.yml
 delete mode 100644 changelogs/unreleased/use-pg-9-6-11-on-ci.yml
 delete mode 100644 changelogs/unreleased/winh-jest-markdown-header.yml
 delete mode 100644 changelogs/unreleased/winh-multiple-issueboards-core.yml
 delete mode 100644 changelogs/unreleased/winh-notes-service-applySuggestion.yml
 delete mode 100644 changelogs/unreleased/winh-notes-service-deleteNote.yml
 delete mode 100644 changelogs/unreleased/winh-notes-service-toggleAward.yml
 delete mode 100644 changelogs/unreleased/winh-updateResolvableDiscussionsCounts-typo.yml
 delete mode 100644 changelogs/unreleased/z-index-fix-for-diff-file-dropdown.yml
 delete mode 100644 changelogs/unreleased/z-index-tools.yml
 delete mode 100644 changelogs/unreleased/zj-gitaly-usage-data.yml

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0b73585722f..34ace58bb14 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,277 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 12.1.0
+
+### Security (11 changes, 2 of them are from the community)
+
+- Update tar to 2.2.2. !29949 (Takuya Noguchi)
+- Update lodash to 4.7.14 and lodash.mergewith to 4.6.2. !30602 (Takuya Noguchi)
+- Correctly check permissions when creating snippet notes.
+- Gate MR head_pipeline behind read_pipeline ability.
+- Prevent Billion Laughs attack.
+- Add missing authorizations in GraphQL.
+- Fix Denial of Service for comments when rendering issues/MR comments.
+- Expose merge requests count based on user access.
+- Fix DoS vulnerability in color validation regex.
+- Prevent the detection of merge request templates by unauthorized users.
+- Persist tmp snippet uploads at users.
+
+### Removed (7 changes)
+
+- Disable Kubernetes credential passthrough for managed project-level clusters. !29262
+- Remove deprecated group routes. !29351
+- Remove support for creating non-RBAC kubernetes clusters. !29614
+- Remove Kubernetes service integration and Kubernetes service template from available deployment platforms. !29786
+- Remove MySQL support. !29790
+- Remove depreated /u/:username routing. !30044
+- Remove support for legacy pipeline triggers. !30133
+
+### Fixed (84 changes, 14 of them are from the community)
+
+- Update a user's routes after updating their name. !23272
+- Show poper panel when validation error occurs in admin settings panels. !25434
+- Expect bytes from Gitaly RPC GetRawChanges. !28164
+- Sanitize LDAP output in Rake tasks. !28427
+- Left align mr widget icons and text. !28561
+- Keep the empty folders in the tree. !29196
+- Fix incorrect emoji placement in commit diff discussion. !29445
+- Fix favicon path with uploads of object store. !29482 (Roger Meier)
+- Remove duplicate trailing +/- char in merge request discussions. !29518
+- Fix the signup form's username validation messages not displaying. !29678 (Jiaan Louw)
+- Fix broken environment selector and always display it on monitoring dashboard. !29705
+- Fix Container Scanning job timeout when using the kubernetes executor. !29706
+- Look for new branches more carefully. !29761
+- Fix nested lists unnecessary margin. !29775 (Kuba Kopeć)
+- Fix reports jobs timing out because of cache. !29780
+- Fix Double Border in Profile Page. !29784 (Yoginth <@yo>)
+- Remove minimum character limits for fuzzy searches when using a CTE. !29810
+- Set default sort method for dashboard projects list. !29830 (David Palubin)
+- Protect TeamCity builds from triggering when a branch has been deleted. And a MR-option. !29836 (Nikolay Novikov, Raphael Tweitmann)
+- Fix pipeline schedule does not run correctly when it's scheduled at the same time with the cron worker. !29848
+- Always shows author of created issue/started discussion/comment in HTML body and text of email. !29886 (Frank van Rest)
+- Build correct basenames for title search results. !29898
+- Resolve "500 error when forking via the web IDE button". !29909
+- Turn commit sha in monitor charts popover to link. !29914
+- Fix broken URLs for uploads with a plus in the filename. !29915
+- Retry fetching Kubernetes Secret#token (#63507). !29922
+- Enforce presence of pipeline when "Pipeline must succeed" project setting is enabled. !29926
+- Fix unresponsive reply button in discussions. !29936
+- Allow asynchronous rebase operations to be monitored. !29940
+- Resolve Avatar in Please sign in pattern too large. !29944
+- Persist the cluster a deployment was deployed to. !29960
+- Fix runner tags search dropdown being empty when there are tags. !29985
+- Display the correct amount of projects being migrated/rolled-back to Hashed Storage when specifying ranges. !29996
+- Resolve Environment details header border misaligned. !30011
+- Correct link to docs for External Dashboard. !30019
+- Fix Jupyter-Git integration. !30020 (Amit Rathi)
+- Update Mermaid to 8.1.0. !30036
+- Fix background migrations failing with unused replication slot. !30042
+- Disable Rails SQL query cache when applying service templates. !30060
+- Set higher TTL for write lock of trace to prevent concurrent archiving. !30064
+- Fix charts on Cluster health page. !30073
+- Display boards filter bar on mobile. !30120
+- Fix IDE editor not showing when switching back from preview. !30135
+- Support note position tracing on an image. !30158
+- Replace slugifyWithHyphens with improved slugify function. !30172 (Luke Ward)
+- 'Open' and 'Closed' issue board lists no longer display a redundant tooltip. !30187
+- Fix pipelines table to update without refreshing after action. !30190
+- Change ruby_process_start_time_seconds metric to unix timestamp instead of seconds from boot. !30195
+- Fix attachments using the wrong URLs in e-mails. !30197
+- Make sure UnicornSampler is started only in master process. !30215
+- Don't show image diff note on text file. !30221
+- Fix median counting for cycle analytics. !30229
+- In WebIDE allow adding new entries of the same name as deleted entry. !30239
+- Don't let logged out user do manual order. !30264
+- Skip spam check for task list updates. !30279
+- Make Housekeeping button do a full garbage collection. !30289
+- Removing an image should not output binary data. !30314
+- Fix spacing issues for toasts. !30345
+- Fix race in forbid_sidekiq_in_transactions.rb. !30359
+- Fixed back navigation for projects filter. !30373
+- Fix environments broken terminal. !30401
+- Fix invalid SSL certificate errors on Drone CI service. !30422
+- Fix subgroup url in search drop down. !30457
+- Make unicorn_workers to return meaningful results. !30506
+- Fix wrong URL when creating milestones from instance milestones dashboard. !30512
+- Fixed incorrect line wrap for assignee label in issues. !30523 (Marc Schwede)
+- Improves section header whitespace on the CI/CD Charts page. !30531
+- Prevent multiple confirmation modals from opening when deleting a repository. !30532
+- Aligns CI icon in Merge Request dashboard. !30558
+- Add text-secondary to controls in project list. !30567
+- Review Tools: Add large z-index to toolbar. !30583
+- Hide restricted and disallowed visibility radios. !30590
+- Resolve Label picker: Line break on long label titles. !30610
+- Fix a bug that prevented projects containing merge request diff comments from being imported. !30630
+- I fixed z index bug in diff page. !30657 (Faruk Can)
+- Allow client authentication method to be configured for OpenID Connect. !30683 (Vincent Fazio)
+- Fix commenting before discussions are loaded. !30724
+- Fix linebreak rendering in Mermaid flowcharts. !30730
+- Make httpclient respect system SSL configuration. !30749
+- Bump fog-aws to v3.5.2. !30803
+- API: Allow changing only ci_default_git_depth. !30888 (Mathieu Parent)
+- Search issuables by iids. (Riccardo Padovani)
+- Fix broken warnings while Editing Issues and Edit File on MR.
+- Make sure we are receiving the proper information on the MR Popover by updating the IID in the graphql query.
+
+### Changed (39 changes, 8 of them are from the community)
+
+- Improve group list UI. !26542
+- Backport and Docs for Paginate license management and add license search. !27602
+- Update merge requests section description text on project settings page. !27838
+- Knative version bump 0.5 -> 0.6. !28798 (Chris Baumbauer)
+- Add salesforce logo for salesforce SSO. !28857
+- Enforced requirements for UltraAuth users. !28941 (Kartikey Tanna)
+- Return 400 when deleting tags more often than once per hour. !29448
+- Add identity information to external authorization requests. !29461
+- Enable just-in-time Kubernetes resource creation for project-level clusters. !29515
+- renamed discussion to thread in merge-request and issue timeline. !29553 (Michel Engelen)
+- Changed HTTP Status Code for disabled repository on /branches and /commits to 404. !29585 (Sam Battalio)
+- Enable Git object pools. !29595 (jramsay)
+- Updated container registry to display error message when special characters in path. Documentation has also been updated. !29616
+- Allow developers to delete tags. !29668
+- Will not update issue timestamps when changing positions in a list. !29677
+- Include a link back to the MR for Visual Review feedback form. !29719
+- Improve discussion reply buttons layout and how jump to next discussion button appears. !29779
+- Renders a pre-release tag for releases. !29797
+- Migrate NULL values for users.private_profile column and update users API to reject null value for private_profile. !29888
+- Re-name files in Web IDE in a more natural way. !29948
+- Include events from subgroups in group's activity. !29953 (Fabian Schneider @fabsrc)
+- Upgrade to Gitaly v1.49.0. !29990
+- Remove group and instance clusters feature flag. !30124
+- Add support for creating random passwords in user creation API. !30138
+- Support CIDR notation in IP rate limiter. !30146
+- Add Redis call details in Peek performance bar. !30191
+- Create Knative role and binding with service account. !30235
+- Add cleanup migration for MR's multiple assignees. !30261
+- Updates PHP template to php:latest to ensure always targeting latest stable. !30319 (Paul Giberson)
+- Format `from` and `to` fields in JSON audit log. !30333
+- Upgrade to Gitaly v1.51.0. !30353
+- Modify cycle analytics on project level. !30356
+- Extract clair version as CLAIR_EXECUTABLE_VERSION variable and update clair executable from v8 to v11. !30396
+- Upgrade Rouge to 3.5.1. !30431
+- Move multiple issue boards to core. !30503
+- Upgrade to Gitaly v1.52.0. !30568
+- Upgrade to Gitaly v1.53.0. !30614
+- Open WebIDE in fork when user doesn't have access. !30642
+- Propagate python version variable. (Can Eldem)
+
+### Performance (25 changes, 1 of them is from the community)
+
+- Remove tooltip directive on project avatar image component. !29631 (George Tsiolis)
+- Use Rugged if we detect storage is NFS and we can access the disk. !29725
+- Add endpoint for fetching diverging commit counts. !29802
+- Cache feature flag names in Redis for a minute. !29816
+- Avoid storing backtraces from Bitbucket Cloud imports in the database. !29862
+- Remove import columns from projects table. !29863
+- Enable Gitaly ref name caching for discussions.json. !29951
+- Allow caching of negative FindCommit matches. !29952
+- Eliminate N+1 queries in Dashboard::TodosController. !29954
+- Memoize non-existent custom appearances. !29957
+- Add a separate endpoint for fetching MRs serialized as widgets. !29979
+- Use CTE to fetch clusters hierarchy in single query. !30063
+- Enable Gitaly ref caching for SearchController. !30105
+- Avoid loading pipeline status in search results. !30111
+- Improve performance of MergeRequestsController#ci_environment_status endpoint. !30224
+- Add a memory cache local to the thread to reduce Redis load. !30233
+- Cache Flipper persisted names directly to local memory storage. !30265
+- Limit amount of JUnit tests returned. !30274
+- Cache Flipper feature flags in L1 and L2 caches. !30276
+- Prevent amplification of ReactiveCachingWorker jobs upon failures. !30432
+- Allow ReactiveCaching to support nil value. !30456
+- Improve performance of fetching environments statuses. !30560
+- Do Redis lookup in batches in ActiveSession.sessions_from_ids. !30561
+- Remove catfile cache feature flag. !30750
+- Fix Gitaly auto-detection caching. !30954
+
+### Added (46 changes, 12 of them are from the community)
+
+- Document the negative commit message push rule for the API. !14004 (Maikel Vlasman)
+- Expose saml_provider_id in the users API. !14045
+- Improve Project API. !28327 (Mathieu Parent)
+- Remove Sentry from application settings. !28447 (Roger Meier)
+- Implement borderless discussion design with new reply field. !28580
+- Enable terminals for instance and group clusters. !28613
+- Resolve Multiple discussions per line in merge request diffs. !28748
+- Adds link to Grafana in Admin > Monitoring settings when grafana is enabled in config. !28937 (Romain Maneschi)
+- Bring Manual Ordering on Issue List. !29410
+- Added commit type to tree GraphQL response. !29412
+- New API for User Counts, updates on success of an MR the count on top and in other tabs. !29441
+- Add option to limit time tracking units to hours. !29469 (Jon Kolb)
+- Add confirmation for registry image deletion. !29505
+- Sync merge ref upon mergeability check. !29569
+- Show an Upcoming Status for Releases. !29577
+- Add order_by and sort params to list runner jobs api. !29629 (Sujay Patel)
+- Allow custom username for deploy tokens. !29639
+- Add a verified pill next to email addresses under the admin users section. !29669
+- Add rake task to clean orphan artifact files. !29681
+- Render GFM in GraphQL. !29700
+- Upgrade asciidoctor version to 2.0.10. !29741 (Rajendra Kadam)
+- Allow auto-completing scoped labels. !29749
+- Enable syntax highlighting for AsciiDoc. !29835 (Guillaume Grossetie)
+- Expose placeholder element for metrics charts in GFM. !29861
+- Added a min schema version check to db:migrate. !29882
+- Extract zoom link from issue and pass to frontend. !29910 (raju249)
+- GraphQL mutations for add, remove and toggle emoji. !29919
+- Labeled issue boards can now collapse. !29955
+- Allow Ingress to be uninstalled from the UI. !29977
+- Add permission check to metrics dashboards endpoint. !30017
+- Allow JupyterHub to be uninstalled from the UI. !30097
+- Allow GitLab Runner to be uninstalled from the UI. !30176
+- GraphQL mutations for managing Notes. !30210
+- Add API for CRUD group clusters. !30213
+- Add endpoint to move multiple issues in boards. !30216
+- Enable terminals button for group clusters. !30255
+- Prevent excessive sanitization of AsciiDoc ouptut. !30290 (Guillaume Grossetie)
+- Extend `MergeToRefService` to create merge ref from an arbitrary ref. !30361
+- Add CI variable to provide GitLab HOST. !30417
+- Add migration for adding rule_type to approval_project_rules. !30575
+- Enable section anchors in Asciidoctor. !30666 (Guillaume Grossetie)
+- Preserve footnote link ids in Asciidoctor. !30790 (Guillaume Grossetie)
+- Add support for generating SSL certificates for custon pages domains through Let's Encrypt.
+- Introduce default: for gitlab-ci.yml.
+- Move Multiple Issue Boards for Projects to Core.
+- Add Gitaly data to the usage ping.
+
+### Other (35 changes, 15 of them are from the community)
+
+- Remove unresolved class and fixed height in discussion header. !28440 (David Palubin)
+- Moved EE/CE code differences for file `app/views/search/_category.html.haml` into CE. !28755 (Michel Engelen)
+- Changes "Todo" to "To Do" in the UI for clarity. !28844
+- Migrate GitLab managed project-level clusters to unmanaged if a Kubernetes namespace was unable to be created. !29251
+- Migrate GitLab managed project-level clusters to unmanaged if they are missing a Kubernetes service account token. !29648
+- Add strategies column to operations_feature_flag_scopes table. !29808
+- Disallow `NULL` values for `geo_nodes.primary` column. !29818 (Arun Kumar Mohan)
+- Replace 'JIRA' with 'Jira'. !29849 (Takuya Noguchi)
+- Support jsonb default in add_column_with_default migration helper. !29871
+- Update pagination prev and next texts. !29911
+- Adds metrics to measure cost of expensive operations. !29928
+- Always allow access to health endpoints from localhost in dev. !29930
+- Update GitLab Runner Helm Chart to 0.6.0. !29982
+- Use darker gray color for system note metadata and edited text. !30054
+- Fix typo in docs about Elasticsearch. !30162 (Takuya Noguchi)
+- Fix typo in code comments about Elasticsearch. !30163 (Takuya Noguchi)
+- Update mixin-deep to 1.3.2. !30223 (Takuya Noguchi)
+- Migrate markdown header_spec.js to Jest. !30228 (Martin Hobert)
+- Remove istanbul JavaScript package. !30232 (Takuya Noguchi)
+- Centralize markdownlint configuration. !30263
+- Use PostgreSQL 9.6.11 in CI tests. !30270 (Takuya Noguchi)
+- Fix typo in updateResolvableDiscussionsCounts action. !30278 (Frank van Rest)
+- Change color for namespace in commit search. !30312
+- Remove applySuggestion from notes service. !30399 (Frank van Rest)
+- Improved readability of storage statistics in group / project admin area. !30406
+- Alignign empty container registry message with design guidelines. !30502
+- Remove toggleAward from notes service. !30536 (Frank van Rest)
+- Remove deleteNote from notes service. !30537 (Frank van Rest)
+- change the use of boardService in favor of boardsStore on footer for the board component. !30616 (eduarmreyes)
+- Update example Prometheus scrape config. !30739
+- Update GitLab Pages to v1.7.0.
+- Add token_encrypted column to operations_feature_flags_clients table.
+- Removes EE diff for app/views/profiles/preferences/show.html.haml.
+- Removes EE differences for app/views/layouts/fullscreen.html.haml.
+- Removes EE differences for app/views/admin/users/show.html.haml.
+
+
 ## 12.0.3 (2019-06-27)
 
 - No changes.
diff --git a/changelogs/unreleased/11039-moved-code-difference-from-EE-to-CE.yml b/changelogs/unreleased/11039-moved-code-difference-from-EE-to-CE.yml
deleted file mode 100644
index 10c5eed9556..00000000000
--- a/changelogs/unreleased/11039-moved-code-difference-from-EE-to-CE.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: "Moved EE/CE code differences for file `app/views/search/_category.html.haml` into CE"
-merge_request: 28755
-author: Michel Engelen
-type: other
diff --git a/changelogs/unreleased/11448-fix-cs-with-k8s-runners.yml b/changelogs/unreleased/11448-fix-cs-with-k8s-runners.yml
deleted file mode 100644
index 191e64df4f1..00000000000
--- a/changelogs/unreleased/11448-fix-cs-with-k8s-runners.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix Container Scanning job timeout when using the kubernetes executor
-merge_request: 29706
-author: 
-type: fixed
diff --git a/changelogs/unreleased/11888-regression-deploy-correlation-markers-on-monitoring-graphs-not-clickable.yml b/changelogs/unreleased/11888-regression-deploy-correlation-markers-on-monitoring-graphs-not-clickable.yml
deleted file mode 100644
index 606abe818b4..00000000000
--- a/changelogs/unreleased/11888-regression-deploy-correlation-markers-on-monitoring-graphs-not-clickable.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Turn commit sha in monitor charts popover to link
-merge_request: 29914
-author:
-type: fixed
diff --git a/changelogs/unreleased/12533-shared-runners-warning.yml b/changelogs/unreleased/12533-shared-runners-warning.yml
deleted file mode 100644
index b2b526cc2e4..00000000000
--- a/changelogs/unreleased/12533-shared-runners-warning.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Removes EE differences for app/views/admin/users/show.html.haml
-merge_request:
-author:
-type: other
diff --git a/changelogs/unreleased/12550-fullscrean.yml b/changelogs/unreleased/12550-fullscrean.yml
deleted file mode 100644
index f20b191f411..00000000000
--- a/changelogs/unreleased/12550-fullscrean.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Removes EE differences for app/views/layouts/fullscreen.html.haml
-merge_request:
-author:
-type: other
diff --git a/changelogs/unreleased/12553-preferences.yml b/changelogs/unreleased/12553-preferences.yml
deleted file mode 100644
index c41a8c98e4e..00000000000
--- a/changelogs/unreleased/12553-preferences.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Removes EE diff for app/views/profiles/preferences/show.html.haml
-merge_request:
-author:
-type: other
diff --git a/changelogs/unreleased/17690-Protect-TeamCity-builds-for-triggering-when-a-branch-is-deleted-And-add-MR-option.yml b/changelogs/unreleased/17690-Protect-TeamCity-builds-for-triggering-when-a-branch-is-deleted-And-add-MR-option.yml
deleted file mode 100644
index 741a0faf469..00000000000
--- a/changelogs/unreleased/17690-Protect-TeamCity-builds-for-triggering-when-a-branch-is-deleted-And-add-MR-option.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Protect TeamCity builds from triggering when a branch has been deleted. And a MR-option
-merge_request: 29836
-author: Nikolay Novikov, Raphael Tweitmann
-type: fixed
diff --git a/changelogs/unreleased/29775-fix-nested-lists-unnecessary-margin.yml b/changelogs/unreleased/29775-fix-nested-lists-unnecessary-margin.yml
deleted file mode 100644
index e7e43c54bab..00000000000
--- a/changelogs/unreleased/29775-fix-nested-lists-unnecessary-margin.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix nested lists unnecessary margin
-merge_request: 29775
-author: Kuba Kopeć
-type: fixed
diff --git a/changelogs/unreleased/30355-use-hours-only-for-time-tracking.yml b/changelogs/unreleased/30355-use-hours-only-for-time-tracking.yml
deleted file mode 100644
index b0252f9e81b..00000000000
--- a/changelogs/unreleased/30355-use-hours-only-for-time-tracking.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add option to limit time tracking units to hours
-merge_request: 29469
-author: Jon Kolb
-type: added
diff --git a/changelogs/unreleased/32452-multiple-discussions.yml b/changelogs/unreleased/32452-multiple-discussions.yml
deleted file mode 100644
index 5552340ee66..00000000000
--- a/changelogs/unreleased/32452-multiple-discussions.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Resolve Multiple discussions per line in merge request diffs
-merge_request: 28748
-author:
-type: added
diff --git a/changelogs/unreleased/35757-move-issues-in-boards-pderichs.yml b/changelogs/unreleased/35757-move-issues-in-boards-pderichs.yml
deleted file mode 100644
index ae50350f70d..00000000000
--- a/changelogs/unreleased/35757-move-issues-in-boards-pderichs.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add endpoint to move multiple issues in boards
-merge_request: 30216
-author:
-type: added
diff --git a/changelogs/unreleased/38105-pre-release-tag.yml b/changelogs/unreleased/38105-pre-release-tag.yml
deleted file mode 100644
index d4c5dcacd19..00000000000
--- a/changelogs/unreleased/38105-pre-release-tag.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Renders a pre-release tag for releases
-merge_request: 29797
-author:
-type: changed
diff --git a/changelogs/unreleased/40379-CJK-search-min-chars.yml b/changelogs/unreleased/40379-CJK-search-min-chars.yml
deleted file mode 100644
index 6f6c4df464f..00000000000
--- a/changelogs/unreleased/40379-CJK-search-min-chars.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove minimum character limits for fuzzy searches when using a CTE
-merge_request: 29810
-author:
-type: fixed
diff --git a/changelogs/unreleased/42399-registry-confirm-deletion.yml b/changelogs/unreleased/42399-registry-confirm-deletion.yml
deleted file mode 100644
index 4d720e16721..00000000000
--- a/changelogs/unreleased/42399-registry-confirm-deletion.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add confirmation for registry image deletion
-merge_request: 29505
-author:
-type: added
diff --git a/changelogs/unreleased/44106-include-subgroups-in-group-activity.yml b/changelogs/unreleased/44106-include-subgroups-in-group-activity.yml
deleted file mode 100644
index 6e78d61ebc4..00000000000
--- a/changelogs/unreleased/44106-include-subgroups-in-group-activity.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Include events from subgroups in group's activity
-merge_request: 29953
-author: Fabian Schneider @fabsrc
-type: changed
diff --git a/changelogs/unreleased/44949-do-not-update-updated_at-on-an-issue-when-reordering-it.yml b/changelogs/unreleased/44949-do-not-update-updated_at-on-an-issue-when-reordering-it.yml
deleted file mode 100644
index efc6af7845c..00000000000
--- a/changelogs/unreleased/44949-do-not-update-updated_at-on-an-issue-when-reordering-it.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Will not update issue timestamps when changing positions in a list
-merge_request: 29677
-author:
-type: changed
diff --git a/changelogs/unreleased/45104-special-characters-in-project-name-path-prevent-users-from-using-the-container-registry.yml b/changelogs/unreleased/45104-special-characters-in-project-name-path-prevent-users-from-using-the-container-registry.yml
deleted file mode 100644
index ddde0cc9c39..00000000000
--- a/changelogs/unreleased/45104-special-characters-in-project-name-path-prevent-users-from-using-the-container-registry.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Updated container registry to display error message when special characters in path. Documentation has also been updated.
-merge_request: 29616
-author:
-type: changed
diff --git a/changelogs/unreleased/45120-fix-ide-editor-to-update-size-on-show-change.yml b/changelogs/unreleased/45120-fix-ide-editor-to-update-size-on-show-change.yml
deleted file mode 100644
index 592612c2615..00000000000
--- a/changelogs/unreleased/45120-fix-ide-editor-to-update-size-on-show-change.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix IDE editor not showing when switching back from preview
-merge_request: 30135
-author:
-type: fixed
diff --git a/changelogs/unreleased/48771-label-picker-line-break-on-long-label-titles.yml b/changelogs/unreleased/48771-label-picker-line-break-on-long-label-titles.yml
deleted file mode 100644
index e598247b5d8..00000000000
--- a/changelogs/unreleased/48771-label-picker-line-break-on-long-label-titles.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: 'Resolve Label picker: Line break on long label titles'
-merge_request: 30610
-author: 
-type: fixed
diff --git a/changelogs/unreleased/49814-display-in-admin-area-if-emails-are-verified-or-not.yml b/changelogs/unreleased/49814-display-in-admin-area-if-emails-are-verified-or-not.yml
deleted file mode 100644
index db1391edd73..00000000000
--- a/changelogs/unreleased/49814-display-in-admin-area-if-emails-are-verified-or-not.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add a verified pill next to email addresses under the admin users section.
-merge_request: 29669
-author:
-type: added
diff --git a/changelogs/unreleased/50228-deploy-tokens-custom-username.yml b/changelogs/unreleased/50228-deploy-tokens-custom-username.yml
deleted file mode 100644
index fdafa7b1113..00000000000
--- a/changelogs/unreleased/50228-deploy-tokens-custom-username.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Allow custom username for deploy tokens
-merge_request: 29639
-author:
-type: added
diff --git a/changelogs/unreleased/50834-change-http-status-code-when-repository-disabled.yml b/changelogs/unreleased/50834-change-http-status-code-when-repository-disabled.yml
deleted file mode 100644
index b51079d5c74..00000000000
--- a/changelogs/unreleased/50834-change-http-status-code-when-repository-disabled.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: "Changed HTTP Status Code for disabled repository on /branches and /commits to 404"
-merge_request: 29585
-author: Sam Battalio
-type: changed
diff --git a/changelogs/unreleased/51794-add-ordering-to-runner-jobs-api.yml b/changelogs/unreleased/51794-add-ordering-to-runner-jobs-api.yml
deleted file mode 100644
index 908a132688c..00000000000
--- a/changelogs/unreleased/51794-add-ordering-to-runner-jobs-api.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add order_by and sort params to list runner jobs api
-merge_request: 29629
-author: Sujay Patel
-type: added
diff --git a/changelogs/unreleased/51952-forking-via-webide.yml b/changelogs/unreleased/51952-forking-via-webide.yml
deleted file mode 100644
index 4497c6b6ca4..00000000000
--- a/changelogs/unreleased/51952-forking-via-webide.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Resolve "500 error when forking via the web IDE button"
-merge_request: 29909
-author:
-type: fixed
diff --git a/changelogs/unreleased/51952-redirect-to-webide-in-fork.yml b/changelogs/unreleased/51952-redirect-to-webide-in-fork.yml
deleted file mode 100644
index ada0efca968..00000000000
--- a/changelogs/unreleased/51952-redirect-to-webide-in-fork.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Open WebIDE in fork when user doesn't have access
-merge_request: 30642
-author:
-type: changed
diff --git a/changelogs/unreleased/52366-improved-group-lists-ui.yml b/changelogs/unreleased/52366-improved-group-lists-ui.yml
deleted file mode 100644
index 99e5b67a56c..00000000000
--- a/changelogs/unreleased/52366-improved-group-lists-ui.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Improve group list UI
-merge_request: 26542
-author:
-type: changed
diff --git a/changelogs/unreleased/52442-minimal-remove-mysql-support.yml b/changelogs/unreleased/52442-minimal-remove-mysql-support.yml
deleted file mode 100644
index f1a50657383..00000000000
--- a/changelogs/unreleased/52442-minimal-remove-mysql-support.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove MySQL support
-merge_request: 29790
-author:
-type: removed
diff --git a/changelogs/unreleased/52954-allow-developers-to-delete-tags.yml b/changelogs/unreleased/52954-allow-developers-to-delete-tags.yml
deleted file mode 100644
index 38c65a67f2a..00000000000
--- a/changelogs/unreleased/52954-allow-developers-to-delete-tags.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Allow developers to delete tags
-merge_request: 29668
-author:
-type: changed
diff --git a/changelogs/unreleased/53357-fix-plus-in-upload-file-names.yml b/changelogs/unreleased/53357-fix-plus-in-upload-file-names.yml
deleted file mode 100644
index c11d74bd4fe..00000000000
--- a/changelogs/unreleased/53357-fix-plus-in-upload-file-names.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix broken URLs for uploads with a plus in the filename
-merge_request: 29915
-author:
-type: fixed
diff --git a/changelogs/unreleased/53811-issue-boards-to-core-projects-backend-ce.yml b/changelogs/unreleased/53811-issue-boards-to-core-projects-backend-ce.yml
deleted file mode 100644
index d8fbd7ec362..00000000000
--- a/changelogs/unreleased/53811-issue-boards-to-core-projects-backend-ce.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Move Multiple Issue Boards for Projects to Core
-merge_request:
-author:
-type: added
diff --git a/changelogs/unreleased/54117-transactional-rebase.yml b/changelogs/unreleased/54117-transactional-rebase.yml
deleted file mode 100644
index d0c93114c49..00000000000
--- a/changelogs/unreleased/54117-transactional-rebase.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Allow asynchronous rebase operations to be monitored
-merge_request: 29940
-author:
-type: fixed
diff --git a/changelogs/unreleased/54595-incorrect-reaction-emoji-placement-in-discussion.yml b/changelogs/unreleased/54595-incorrect-reaction-emoji-placement-in-discussion.yml
deleted file mode 100644
index 639eefb50cb..00000000000
--- a/changelogs/unreleased/54595-incorrect-reaction-emoji-placement-in-discussion.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix incorrect emoji placement in commit diff discussion
-merge_request: 29445
-author:
-type: fixed
diff --git a/changelogs/unreleased/55487-enable-group-terminals-button.yml b/changelogs/unreleased/55487-enable-group-terminals-button.yml
deleted file mode 100644
index 6bf16eaadd1..00000000000
--- a/changelogs/unreleased/55487-enable-group-terminals-button.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Enable terminals button for group clusters
-merge_request: 30255
-author:
-type: added
diff --git a/changelogs/unreleased/55623-group-cluster-apis.yml b/changelogs/unreleased/55623-group-cluster-apis.yml
deleted file mode 100644
index fe987ef4a82..00000000000
--- a/changelogs/unreleased/55623-group-cluster-apis.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add API for CRUD group clusters
-merge_request: 30213
-author:
-type: added
diff --git a/changelogs/unreleased/55902-disable-creation-of-non-rbac-kubernetes-clusters.yml b/changelogs/unreleased/55902-disable-creation-of-non-rbac-kubernetes-clusters.yml
deleted file mode 100644
index 2af2d229c6c..00000000000
--- a/changelogs/unreleased/55902-disable-creation-of-non-rbac-kubernetes-clusters.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove support for creating non-RBAC kubernetes clusters
-merge_request: 29614
-author:
-type: removed
diff --git a/changelogs/unreleased/55953-renamed-discussion-to-thread.yml b/changelogs/unreleased/55953-renamed-discussion-to-thread.yml
deleted file mode 100644
index a5203ecf2e0..00000000000
--- a/changelogs/unreleased/55953-renamed-discussion-to-thread.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: "renamed discussion to thread in merge-request and issue timeline"
-merge_request: 29553
-author: Michel Engelen
-type: changed
diff --git a/changelogs/unreleased/57538-normalize-users-private-profile-field.yml b/changelogs/unreleased/57538-normalize-users-private-profile-field.yml
deleted file mode 100644
index 85fc4cbf33c..00000000000
--- a/changelogs/unreleased/57538-normalize-users-private-profile-field.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Migrate NULL values for users.private_profile column and update users API to reject null value for private_profile.
-merge_request: 29888
-author:
-type: changed
diff --git a/changelogs/unreleased/57793-fix-line-age.yml b/changelogs/unreleased/57793-fix-line-age.yml
deleted file mode 100644
index cf4e328e54a..00000000000
--- a/changelogs/unreleased/57793-fix-line-age.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Support note position tracing on an image
-merge_request: 30158
-author:
-type: fixed
diff --git a/changelogs/unreleased/57815.yml b/changelogs/unreleased/57815.yml
deleted file mode 100644
index ae8ec7036ce..00000000000
--- a/changelogs/unreleased/57815.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Enforced requirements for UltraAuth users
-merge_request: 28941
-author: Kartikey Tanna
-type: changed
diff --git a/changelogs/unreleased/57918-encrypt-feature-flags-tokens-changelog.yml b/changelogs/unreleased/57918-encrypt-feature-flags-tokens-changelog.yml
deleted file mode 100644
index 9701c8bc4a5..00000000000
--- a/changelogs/unreleased/57918-encrypt-feature-flags-tokens-changelog.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add token_encrypted column to operations_feature_flags_clients table
-merge_request:
-author:
-type: other
diff --git a/changelogs/unreleased/57973-errors-in-application-settings-panel-shows-wrong-panel.yml b/changelogs/unreleased/57973-errors-in-application-settings-panel-shows-wrong-panel.yml
deleted file mode 100644
index 2b62992eda0..00000000000
--- a/changelogs/unreleased/57973-errors-in-application-settings-panel-shows-wrong-panel.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Show poper panel when validation error occurs in admin settings panels
-merge_request: 25434
-author:
-type: fixed
diff --git a/changelogs/unreleased/58065-uniform-html-txt-email.yml b/changelogs/unreleased/58065-uniform-html-txt-email.yml
deleted file mode 100644
index be34e93ff83..00000000000
--- a/changelogs/unreleased/58065-uniform-html-txt-email.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Always shows author of created issue/started discussion/comment in HTML body and text of email
-merge_request: 29886
-author: Frank van Rest
-type: fixed
diff --git a/changelogs/unreleased/58689-regroup-jump-button-in-discussion.yml b/changelogs/unreleased/58689-regroup-jump-button-in-discussion.yml
deleted file mode 100644
index bf6f314f0ce..00000000000
--- a/changelogs/unreleased/58689-regroup-jump-button-in-discussion.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: Improve discussion reply buttons layout and how jump to next discussion button
-  appears
-merge_request: 29779
-author:
-type: changed
diff --git a/changelogs/unreleased/58802-rename-webide.yml b/changelogs/unreleased/58802-rename-webide.yml
deleted file mode 100644
index 40471d967ce..00000000000
--- a/changelogs/unreleased/58802-rename-webide.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Re-name files in Web IDE in a more natural way
-merge_request: 29948
-author:
-type: changed
diff --git a/changelogs/unreleased/58808-fix-image-diff-on-text.yml b/changelogs/unreleased/58808-fix-image-diff-on-text.yml
deleted file mode 100644
index 78955c24186..00000000000
--- a/changelogs/unreleased/58808-fix-image-diff-on-text.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Don't show image diff note on text file
-merge_request: 30221
-author:
-type: fixed
diff --git a/changelogs/unreleased/59028-fix-extra-plus-in-diffs.yml b/changelogs/unreleased/59028-fix-extra-plus-in-diffs.yml
deleted file mode 100644
index 0786f4dbc10..00000000000
--- a/changelogs/unreleased/59028-fix-extra-plus-in-diffs.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove duplicate trailing +/- char in merge request discussions
-merge_request: 29518
-author:
-type: fixed
diff --git a/changelogs/unreleased/59257-find-new-branches-harder.yml b/changelogs/unreleased/59257-find-new-branches-harder.yml
deleted file mode 100644
index 631eaa22ef0..00000000000
--- a/changelogs/unreleased/59257-find-new-branches-harder.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Look for new branches more carefully
-merge_request: 29761
-author:
-type: fixed
diff --git a/changelogs/unreleased/60617-enable-project-cluster-jit.yml b/changelogs/unreleased/60617-enable-project-cluster-jit.yml
deleted file mode 100644
index b7d745d4385..00000000000
--- a/changelogs/unreleased/60617-enable-project-cluster-jit.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Enable just-in-time Kubernetes resource creation for project-level clusters
-merge_request: 29515
-author:
-type: changed
diff --git a/changelogs/unreleased/60666-kubernetes-applications-uninstall-runner.yml b/changelogs/unreleased/60666-kubernetes-applications-uninstall-runner.yml
deleted file mode 100644
index 3632c8eec20..00000000000
--- a/changelogs/unreleased/60666-kubernetes-applications-uninstall-runner.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Allow GitLab Runner to be uninstalled from the UI
-merge_request: 30176
-author:
-type: added
diff --git a/changelogs/unreleased/60856-deleting-binary-file.yml b/changelogs/unreleased/60856-deleting-binary-file.yml
deleted file mode 100644
index 9b587ed591b..00000000000
--- a/changelogs/unreleased/60856-deleting-binary-file.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Removing an image should not output binary data
-merge_request: 30314
-author:
-type: fixed
diff --git a/changelogs/unreleased/60859-upload-after-delete.yml b/changelogs/unreleased/60859-upload-after-delete.yml
deleted file mode 100644
index c36dfb84bfe..00000000000
--- a/changelogs/unreleased/60859-upload-after-delete.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: In WebIDE allow adding new entries of the same name as deleted entry
-merge_request: 30239
-author:
-type: fixed
diff --git a/changelogs/unreleased/60860-keep-empty-folders-in-tree.yml b/changelogs/unreleased/60860-keep-empty-folders-in-tree.yml
deleted file mode 100644
index 237d0fd6aef..00000000000
--- a/changelogs/unreleased/60860-keep-empty-folders-in-tree.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Keep the empty folders in the tree
-merge_request: 29196
-author:
-type: fixed
diff --git a/changelogs/unreleased/60879-fix-reports-timing-out.yml b/changelogs/unreleased/60879-fix-reports-timing-out.yml
deleted file mode 100644
index 845162fe10f..00000000000
--- a/changelogs/unreleased/60879-fix-reports-timing-out.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix reports jobs timing out because of cache
-merge_request: 29780
-author:
-type: fixed
diff --git a/changelogs/unreleased/61005-grafanaInAdminSettingsMonitoringMenu.yml b/changelogs/unreleased/61005-grafanaInAdminSettingsMonitoringMenu.yml
deleted file mode 100644
index 3ee512f3448..00000000000
--- a/changelogs/unreleased/61005-grafanaInAdminSettingsMonitoringMenu.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Adds link to Grafana in Admin > Monitoring settings when grafana is enabled in config
-merge_request: 28937
-author: Romain Maneschi
-type: added
diff --git a/changelogs/unreleased/61156-instance-level-cluster-pod-terminal-access.yml b/changelogs/unreleased/61156-instance-level-cluster-pod-terminal-access.yml
deleted file mode 100644
index 0b8d301352b..00000000000
--- a/changelogs/unreleased/61156-instance-level-cluster-pod-terminal-access.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Enable terminals for instance and group clusters
-merge_request: 28613
-author:
-type: added
diff --git a/changelogs/unreleased/61201-pass-identities-to-external-authorization.yml b/changelogs/unreleased/61201-pass-identities-to-external-authorization.yml
deleted file mode 100644
index 82eea653de6..00000000000
--- a/changelogs/unreleased/61201-pass-identities-to-external-authorization.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add identity information to external authorization requests
-merge_request: 29461
-author:
-type: changed
diff --git a/changelogs/unreleased/61284-frontend-follow-up-from-add-packages_size-to-projectstatistics.yml b/changelogs/unreleased/61284-frontend-follow-up-from-add-packages_size-to-projectstatistics.yml
deleted file mode 100644
index 3445057f7fb..00000000000
--- a/changelogs/unreleased/61284-frontend-follow-up-from-add-packages_size-to-projectstatistics.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Improved readability of storage statistics in group / project admin area
-merge_request: 30406
-author:
-type: other
diff --git a/changelogs/unreleased/61342-commit-search-result-doesn-t-pass-wcag-color-audit.yml b/changelogs/unreleased/61342-commit-search-result-doesn-t-pass-wcag-color-audit.yml
deleted file mode 100644
index f4ed4551aab..00000000000
--- a/changelogs/unreleased/61342-commit-search-result-doesn-t-pass-wcag-color-audit.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Change color for namespace in commit search
-merge_request: 30312
-author:
-type: other
diff --git a/changelogs/unreleased/61613-spacing-mr-widgets.yml b/changelogs/unreleased/61613-spacing-mr-widgets.yml
deleted file mode 100644
index 7d37ef8da2e..00000000000
--- a/changelogs/unreleased/61613-spacing-mr-widgets.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Left align mr widget icons and text
-merge_request: 28561
-author: 
-type: fixed
diff --git a/changelogs/unreleased/62088-search-back.yml b/changelogs/unreleased/62088-search-back.yml
deleted file mode 100644
index 4758e927880..00000000000
--- a/changelogs/unreleased/62088-search-back.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fixed back navigation for projects filter
-merge_request: 30373
-author:
-type: fixed
diff --git a/changelogs/unreleased/62124-new-threaded-discussion-design.yml b/changelogs/unreleased/62124-new-threaded-discussion-design.yml
deleted file mode 100644
index 6614e05be74..00000000000
--- a/changelogs/unreleased/62124-new-threaded-discussion-design.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Implement borderless discussion design with new reply field
-merge_request: 28580
-author:
-type: added
diff --git a/changelogs/unreleased/62183-update-response-code-for-bulk-delete-api-for-container-registry.yml b/changelogs/unreleased/62183-update-response-code-for-bulk-delete-api-for-container-registry.yml
deleted file mode 100644
index ce75a55efdc..00000000000
--- a/changelogs/unreleased/62183-update-response-code-for-bulk-delete-api-for-container-registry.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Return 400 when deleting tags more often than once per hour.
-merge_request: 29448
-author:
-type: changed
diff --git a/changelogs/unreleased/62772-disable-kubernetes-credential-passthrough.yml b/changelogs/unreleased/62772-disable-kubernetes-credential-passthrough.yml
deleted file mode 100644
index 35771e80821..00000000000
--- a/changelogs/unreleased/62772-disable-kubernetes-credential-passthrough.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Disable Kubernetes credential passthrough for managed project-level clusters
-merge_request: 29262
-author:
-type: removed
diff --git a/changelogs/unreleased/62772-migrate-managed-clusters-to-unmanaged.yml b/changelogs/unreleased/62772-migrate-managed-clusters-to-unmanaged.yml
deleted file mode 100644
index 62a67c7b78d..00000000000
--- a/changelogs/unreleased/62772-migrate-managed-clusters-to-unmanaged.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: Migrate GitLab managed project-level clusters to unmanaged if a Kubernetes
-  namespace was unable to be created
-merge_request: 29251
-author:
-type: other
diff --git a/changelogs/unreleased/62826-graphql-emoji-mutations.yml b/changelogs/unreleased/62826-graphql-emoji-mutations.yml
deleted file mode 100644
index 0c0aaedf844..00000000000
--- a/changelogs/unreleased/62826-graphql-emoji-mutations.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: GraphQL mutations for add, remove and toggle emoji
-merge_request: 29919
-author:
-type: added
diff --git a/changelogs/unreleased/62826-graphql-note-mutations.yml b/changelogs/unreleased/62826-graphql-note-mutations.yml
deleted file mode 100644
index 85273186bb6..00000000000
--- a/changelogs/unreleased/62826-graphql-note-mutations.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: GraphQL mutations for managing Notes
-merge_request: 30210
-author:
-type: added
diff --git a/changelogs/unreleased/62938-wcag-aa-edited-text-color.yml b/changelogs/unreleased/62938-wcag-aa-edited-text-color.yml
deleted file mode 100644
index 6652e495869..00000000000
--- a/changelogs/unreleased/62938-wcag-aa-edited-text-color.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Use darker gray color for system note metadata and edited text
-merge_request: 30054
-author:
-type: other
diff --git a/changelogs/unreleased/62968-environment-details-header-border-misaligned.yml b/changelogs/unreleased/62968-environment-details-header-border-misaligned.yml
deleted file mode 100644
index 749fe6a9cb0..00000000000
--- a/changelogs/unreleased/62968-environment-details-header-border-misaligned.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Resolve Environment details header border misaligned
-merge_request: 30011
-author:
-type: fixed
diff --git a/changelogs/unreleased/62980-username-availability-checker-breaks-inline-validation.yml b/changelogs/unreleased/62980-username-availability-checker-breaks-inline-validation.yml
deleted file mode 100644
index 7436f5d278e..00000000000
--- a/changelogs/unreleased/62980-username-availability-checker-breaks-inline-validation.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix the signup form's username validation messages not displaying
-merge_request: 29678
-author: Jiaan Louw
-type: fixed
diff --git a/changelogs/unreleased/63079-migrate-clusters-with-no-token-to-unmanaged.yml b/changelogs/unreleased/63079-migrate-clusters-with-no-token-to-unmanaged.yml
deleted file mode 100644
index 92133af03f7..00000000000
--- a/changelogs/unreleased/63079-migrate-clusters-with-no-token-to-unmanaged.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: Migrate GitLab managed project-level clusters to unmanaged if they are missing
-  a Kubernetes service account token
-merge_request: 29648
-author:
-type: other
diff --git a/changelogs/unreleased/63200-reply-button-broken.yml b/changelogs/unreleased/63200-reply-button-broken.yml
deleted file mode 100644
index 11f81dbd925..00000000000
--- a/changelogs/unreleased/63200-reply-button-broken.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix unresponsive reply button in discussions
-merge_request: 29936
-author:
-type: fixed
diff --git a/changelogs/unreleased/63227-fix-double-border.yml b/changelogs/unreleased/63227-fix-double-border.yml
deleted file mode 100644
index 6cc4040d333..00000000000
--- a/changelogs/unreleased/63227-fix-double-border.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix Double Border in Profile Page
-merge_request: 29784
-author: Yoginth <@yo>
-type: fixed
diff --git a/changelogs/unreleased/63247-add-conf-toast-and-link.yml b/changelogs/unreleased/63247-add-conf-toast-and-link.yml
deleted file mode 100644
index 915cc20dcc8..00000000000
--- a/changelogs/unreleased/63247-add-conf-toast-and-link.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Include a link back to the MR for Visual Review feedback form
-merge_request: 29719
-author:
-type: changed
diff --git a/changelogs/unreleased/63261-the-graphql-query-for-the-mr-popover-failes-on-the-frontend.yml b/changelogs/unreleased/63261-the-graphql-query-for-the-mr-popover-failes-on-the-frontend.yml
deleted file mode 100644
index 87d74e3f4b4..00000000000
--- a/changelogs/unreleased/63261-the-graphql-query-for-the-mr-popover-failes-on-the-frontend.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: Make sure we are receiving the proper information on the MR Popover by updating
-  the IID in the graphql query
-merge_request:
-author:
-type: fixed
diff --git a/changelogs/unreleased/63298-prevent-excessive-sanitization-asciidoc.yml b/changelogs/unreleased/63298-prevent-excessive-sanitization-asciidoc.yml
deleted file mode 100644
index cd8206cdb99..00000000000
--- a/changelogs/unreleased/63298-prevent-excessive-sanitization-asciidoc.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: "Prevent excessive sanitization of AsciiDoc ouptut"
-merge_request: 30290
-author: Guillaume Grossetie
-type: added
\ No newline at end of file
diff --git a/changelogs/unreleased/63475-fix-n-1.yml b/changelogs/unreleased/63475-fix-n-1.yml
deleted file mode 100644
index 3ed825290fd..00000000000
--- a/changelogs/unreleased/63475-fix-n-1.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Improve performance of MergeRequestsController#ci_environment_status endpoint
-merge_request: 30224
-author:
-type: performance
diff --git a/changelogs/unreleased/63479-jira-capitalization.yml b/changelogs/unreleased/63479-jira-capitalization.yml
deleted file mode 100644
index a4cc32beba6..00000000000
--- a/changelogs/unreleased/63479-jira-capitalization.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Replace 'JIRA' with 'Jira'
-merge_request: 29849
-author: Takuya Noguchi
-type: other
diff --git a/changelogs/unreleased/63507-fix-race-condition-fetching-token.yml b/changelogs/unreleased/63507-fix-race-condition-fetching-token.yml
deleted file mode 100644
index 7f2b59fc9eb..00000000000
--- a/changelogs/unreleased/63507-fix-race-condition-fetching-token.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Retry fetching Kubernetes Secret#token (#63507)
-merge_request: 29922
-author:
-type: fixed
diff --git a/changelogs/unreleased/63559-remove-avatar-from-sign-in.yml b/changelogs/unreleased/63559-remove-avatar-from-sign-in.yml
deleted file mode 100644
index 3f7a8e19de5..00000000000
--- a/changelogs/unreleased/63559-remove-avatar-from-sign-in.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Resolve Avatar in Please sign in pattern too large
-merge_request: 29944
-author:
-type: fixed
diff --git a/changelogs/unreleased/63590-pipeline-actions-cause-full-refresh.yml b/changelogs/unreleased/63590-pipeline-actions-cause-full-refresh.yml
deleted file mode 100644
index a1e7d4679d8..00000000000
--- a/changelogs/unreleased/63590-pipeline-actions-cause-full-refresh.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix pipelines table to update without refreshing after action
-merge_request: 30190
-author:
-type: fixed
diff --git a/changelogs/unreleased/63656-runner-tags-search-dropdown-is-empty.yml b/changelogs/unreleased/63656-runner-tags-search-dropdown-is-empty.yml
deleted file mode 100644
index 08c415f4a1c..00000000000
--- a/changelogs/unreleased/63656-runner-tags-search-dropdown-is-empty.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix runner tags search dropdown being empty when there are tags
-merge_request: 29985
-author:
-type: fixed
diff --git a/changelogs/unreleased/63667-hashed-storage-migration-count-correctly.yml b/changelogs/unreleased/63667-hashed-storage-migration-count-correctly.yml
deleted file mode 100644
index ead79be2505..00000000000
--- a/changelogs/unreleased/63667-hashed-storage-migration-count-correctly.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Display the correct amount of projects being migrated/rolled-back to Hashed Storage when specifying ranges
-merge_request: 29996
-author:
-type: fixed
diff --git a/changelogs/unreleased/63691-fix-doc-link.yml b/changelogs/unreleased/63691-fix-doc-link.yml
deleted file mode 100644
index e63756e8227..00000000000
--- a/changelogs/unreleased/63691-fix-doc-link.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Correct link to docs for External Dashboard
-merge_request: 30019
-author:
-type: fixed
diff --git a/changelogs/unreleased/63873-process-start-time.yml b/changelogs/unreleased/63873-process-start-time.yml
deleted file mode 100644
index b11a66ca106..00000000000
--- a/changelogs/unreleased/63873-process-start-time.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: Change ruby_process_start_time_seconds metric to unix timestamp instead of
-  seconds from boot.
-merge_request: 30195
-author: 
-type: fixed
diff --git a/changelogs/unreleased/63945-update-mixin-deep-to-1-3-2.yml b/changelogs/unreleased/63945-update-mixin-deep-to-1-3-2.yml
deleted file mode 100644
index a0ef34f3700..00000000000
--- a/changelogs/unreleased/63945-update-mixin-deep-to-1-3-2.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Update mixin-deep to 1.3.2
-merge_request: 30223
-author: Takuya Noguchi
-type: other
diff --git a/changelogs/unreleased/63971-remove-istanbul.yml b/changelogs/unreleased/63971-remove-istanbul.yml
deleted file mode 100644
index 674df82db35..00000000000
--- a/changelogs/unreleased/63971-remove-istanbul.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove istanbul JavaScript package
-merge_request: 30232
-author: Takuya Noguchi
-type: other
diff --git a/changelogs/unreleased/64066-fix-uneven-click-areas.yml b/changelogs/unreleased/64066-fix-uneven-click-areas.yml
deleted file mode 100644
index ce0572cad34..00000000000
--- a/changelogs/unreleased/64066-fix-uneven-click-areas.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix spacing issues for toasts
-merge_request: 30345
-author:
-type: fixed
diff --git a/changelogs/unreleased/64070-asciidoctor-enable-section-anchors.yml b/changelogs/unreleased/64070-asciidoctor-enable-section-anchors.yml
deleted file mode 100644
index 51c1537a159..00000000000
--- a/changelogs/unreleased/64070-asciidoctor-enable-section-anchors.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: "Enable section anchors in Asciidoctor"
-merge_request: 30666
-author: Guillaume Grossetie
-type: added
\ No newline at end of file
diff --git a/changelogs/unreleased/64091-fix-broken-terminal.yml b/changelogs/unreleased/64091-fix-broken-terminal.yml
deleted file mode 100644
index 156f6de5008..00000000000
--- a/changelogs/unreleased/64091-fix-broken-terminal.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix environments broken terminal
-merge_request: 30401
-author:
-type: fixed
diff --git a/changelogs/unreleased/64161-gitlab-fqdn.yml b/changelogs/unreleased/64161-gitlab-fqdn.yml
deleted file mode 100644
index 2946be37caa..00000000000
--- a/changelogs/unreleased/64161-gitlab-fqdn.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add CI variable to provide GitLab HOST
-merge_request: 30417
-author:
-type: added
diff --git a/changelogs/unreleased/64176-fix-error-handling.yml b/changelogs/unreleased/64176-fix-error-handling.yml
deleted file mode 100644
index e7a9a5897ae..00000000000
--- a/changelogs/unreleased/64176-fix-error-handling.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix invalid SSL certificate errors on Drone CI service
-merge_request: 30422
-author:
-type: fixed
diff --git a/changelogs/unreleased/64249-align-container-registry-empty-state-with-design-guidelines.yml b/changelogs/unreleased/64249-align-container-registry-empty-state-with-design-guidelines.yml
deleted file mode 100644
index ecdb4b6bed1..00000000000
--- a/changelogs/unreleased/64249-align-container-registry-empty-state-with-design-guidelines.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Alignign empty container registry message with design guidelines
-merge_request: 30502
-author:
-type: other
diff --git a/changelogs/unreleased/64314-ci-icon.yml b/changelogs/unreleased/64314-ci-icon.yml
deleted file mode 100644
index 8a550b6fa5b..00000000000
--- a/changelogs/unreleased/64314-ci-icon.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Aligns CI icon in Merge Request dashboard
-merge_request: 30558
-author:
-type: fixed
diff --git a/changelogs/unreleased/64315-mget_sessions_in_chunks.yml b/changelogs/unreleased/64315-mget_sessions_in_chunks.yml
deleted file mode 100644
index d50d86726e2..00000000000
--- a/changelogs/unreleased/64315-mget_sessions_in_chunks.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Do Redis lookup in batches in ActiveSession.sessions_from_ids
-merge_request: 30561
-author:
-type: performance
diff --git a/changelogs/unreleased/64321-wrong-url-when-creating-milestones-from-instance-milestones-dashboard.yml b/changelogs/unreleased/64321-wrong-url-when-creating-milestones-from-instance-milestones-dashboard.yml
deleted file mode 100644
index 825247db3e7..00000000000
--- a/changelogs/unreleased/64321-wrong-url-when-creating-milestones-from-instance-milestones-dashboard.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix wrong URL when creating milestones from instance milestones dashboard
-merge_request: 30512
-author:
-type: fixed
diff --git a/changelogs/unreleased/64331-Assignee-field-in-a-new-issue-has-an-incorrect-line-wrap.yml b/changelogs/unreleased/64331-Assignee-field-in-a-new-issue-has-an-incorrect-line-wrap.yml
deleted file mode 100644
index 7d67b94869d..00000000000
--- a/changelogs/unreleased/64331-Assignee-field-in-a-new-issue-has-an-incorrect-line-wrap.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fixed incorrect line wrap for assignee label in issues
-merge_request: 30523
-author: Marc Schwede
-type: fixed
diff --git a/changelogs/unreleased/64407-vfazio-quirk-omniauth-strategies-openidconnect.yml b/changelogs/unreleased/64407-vfazio-quirk-omniauth-strategies-openidconnect.yml
deleted file mode 100644
index c2e300863fb..00000000000
--- a/changelogs/unreleased/64407-vfazio-quirk-omniauth-strategies-openidconnect.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Allow client authentication method to be configured for OpenID Connect
-merge_request: 30683
-author: Vincent Fazio
-type: fixed
diff --git a/changelogs/unreleased/64416-lodash-4-6-2-for-prototype-pollution.yml b/changelogs/unreleased/64416-lodash-4-6-2-for-prototype-pollution.yml
deleted file mode 100644
index cd8885233de..00000000000
--- a/changelogs/unreleased/64416-lodash-4-6-2-for-prototype-pollution.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Update lodash to 4.7.14 and lodash.mergewith to 4.6.2
-merge_request: 30602
-author: Takuya Noguchi
-type: security
diff --git a/changelogs/unreleased/64645-asciidoctor-preserve-footnote-link-ids.yml b/changelogs/unreleased/64645-asciidoctor-preserve-footnote-link-ids.yml
deleted file mode 100644
index 5427a035478..00000000000
--- a/changelogs/unreleased/64645-asciidoctor-preserve-footnote-link-ids.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: "Preserve footnote link ids in Asciidoctor"
-merge_request: 30790
-author: Guillaume Grossetie
-type: added
\ No newline at end of file
diff --git a/changelogs/unreleased/9928ee-add-rule_type-to-approval-project-rules.yml b/changelogs/unreleased/9928ee-add-rule_type-to-approval-project-rules.yml
deleted file mode 100644
index 698ecebb971..00000000000
--- a/changelogs/unreleased/9928ee-add-rule_type-to-approval-project-rules.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add migration for adding rule_type to approval_project_rules
-merge_request: 30575
-author:
-type: added
diff --git a/changelogs/unreleased/Remove-unresolved-class-in-discussion-header.yml b/changelogs/unreleased/Remove-unresolved-class-in-discussion-header.yml
deleted file mode 100644
index 3695f3063f3..00000000000
--- a/changelogs/unreleased/Remove-unresolved-class-in-discussion-header.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove unresolved class and fixed height in discussion header
-merge_request: 28440
-author: David Palubin
-type: other
diff --git a/changelogs/unreleased/add-clusters-to-deployment.yml b/changelogs/unreleased/add-clusters-to-deployment.yml
deleted file mode 100644
index c85bd3635cc..00000000000
--- a/changelogs/unreleased/add-clusters-to-deployment.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Persist the cluster a deployment was deployed to
-merge_request: 29960
-author:
-type: fixed
diff --git a/changelogs/unreleased/add-metrics-dashboard-permission-check.yml b/changelogs/unreleased/add-metrics-dashboard-permission-check.yml
deleted file mode 100644
index 0ea2c4c8e41..00000000000
--- a/changelogs/unreleased/add-metrics-dashboard-permission-check.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add permission check to metrics dashboards endpoint
-merge_request: 30017
-author:
-type: added
diff --git a/changelogs/unreleased/add-salesforce-logo.yml b/changelogs/unreleased/add-salesforce-logo.yml
deleted file mode 100644
index 13766821b88..00000000000
--- a/changelogs/unreleased/add-salesforce-logo.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add salesforce logo for salesforce SSO
-merge_request: 28857
-author:
-type: changed
diff --git a/changelogs/unreleased/add-strategies-column-to-scopes-table.yml b/changelogs/unreleased/add-strategies-column-to-scopes-table.yml
deleted file mode 100644
index 0bb87fca014..00000000000
--- a/changelogs/unreleased/add-strategies-column-to-scopes-table.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add strategies column to operations_feature_flag_scopes table
-merge_request: 29808
-author:
-type: other
diff --git a/changelogs/unreleased/allow-reactive-caching-of-nil.yml b/changelogs/unreleased/allow-reactive-caching-of-nil.yml
deleted file mode 100644
index abd88c09d74..00000000000
--- a/changelogs/unreleased/allow-reactive-caching-of-nil.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Allow ReactiveCaching to support nil value
-merge_request: 30456
-author:
-type: performance
diff --git a/changelogs/unreleased/always-allow-prometheus-access-in-dev.yml b/changelogs/unreleased/always-allow-prometheus-access-in-dev.yml
deleted file mode 100644
index acd944ea684..00000000000
--- a/changelogs/unreleased/always-allow-prometheus-access-in-dev.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Always allow access to health endpoints from localhost in dev
-merge_request: 29930
-author:
-type: other
diff --git a/changelogs/unreleased/always-display-environment-selector.yml b/changelogs/unreleased/always-display-environment-selector.yml
deleted file mode 100644
index 7a55e8f3e5d..00000000000
--- a/changelogs/unreleased/always-display-environment-selector.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix broken environment selector and always display it on monitoring dashboard
-merge_request: 29705
-author:
-type: fixed
diff --git a/changelogs/unreleased/api-doc-negative-commit-message-push-rule.yml b/changelogs/unreleased/api-doc-negative-commit-message-push-rule.yml
deleted file mode 100644
index 0500978a2e1..00000000000
--- a/changelogs/unreleased/api-doc-negative-commit-message-push-rule.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: "Document the negative commit message push rule for the API."
-merge_request: 14004
-author: Maikel Vlasman
-type: added
diff --git a/changelogs/unreleased/asciidoc-enable-syntax-highlighting.yml b/changelogs/unreleased/asciidoc-enable-syntax-highlighting.yml
deleted file mode 100644
index 558ee7b6224..00000000000
--- a/changelogs/unreleased/asciidoc-enable-syntax-highlighting.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: "Enable syntax highlighting for AsciiDoc"
-merge_request: 29835
-author: Guillaume Grossetie
-type: added
\ No newline at end of file
diff --git a/changelogs/unreleased/asciidoctor-upgrade.yml b/changelogs/unreleased/asciidoctor-upgrade.yml
deleted file mode 100644
index 50a7cb21e7d..00000000000
--- a/changelogs/unreleased/asciidoctor-upgrade.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Upgrade asciidoctor version to 2.0.10
-merge_request: 29741
-author: Rajendra Kadam
-type: added
diff --git a/changelogs/unreleased/backstage-gb-improve-performance-environment-statuses-endpoint.yml b/changelogs/unreleased/backstage-gb-improve-performance-environment-statuses-endpoint.yml
deleted file mode 100644
index f614e076268..00000000000
--- a/changelogs/unreleased/backstage-gb-improve-performance-environment-statuses-endpoint.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Improve performance of fetching environments statuses
-merge_request: 30560
-author:
-type: performance
diff --git a/changelogs/unreleased/bjk-fix_prom_example.yml b/changelogs/unreleased/bjk-fix_prom_example.yml
deleted file mode 100644
index 2f81bc6196b..00000000000
--- a/changelogs/unreleased/bjk-fix_prom_example.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Update example Prometheus scrape config
-merge_request: 30739
-author:
-type: other
diff --git a/changelogs/unreleased/bvl-markdown-graphql.yml b/changelogs/unreleased/bvl-markdown-graphql.yml
deleted file mode 100644
index c2432b3ae81..00000000000
--- a/changelogs/unreleased/bvl-markdown-graphql.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Render GFM in GraphQL
-merge_request: 29700
-author:
-type: added
diff --git a/changelogs/unreleased/bvl-rename-routes-after-user-rename.yml b/changelogs/unreleased/bvl-rename-routes-after-user-rename.yml
deleted file mode 100644
index 8b0a01dea53..00000000000
--- a/changelogs/unreleased/bvl-rename-routes-after-user-rename.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Update a user's routes after updating their name
-merge_request: 23272
-author:
-type: fixed
diff --git a/changelogs/unreleased/caneldem-master-patch-77839.yml b/changelogs/unreleased/caneldem-master-patch-77839.yml
deleted file mode 100644
index 6239bcf67c4..00000000000
--- a/changelogs/unreleased/caneldem-master-patch-77839.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Propagate python version variable
-merge_request:
-author: Can Eldem
-type: changed
diff --git a/changelogs/unreleased/ce-11098-update-merge-request-settings-description-text.yml b/changelogs/unreleased/ce-11098-update-merge-request-settings-description-text.yml
deleted file mode 100644
index 9f6a2040095..00000000000
--- a/changelogs/unreleased/ce-11098-update-merge-request-settings-description-text.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Update merge requests section description text on project settings page
-merge_request: 27838
-author:
-type: changed
\ No newline at end of file
diff --git a/changelogs/unreleased/centralize-markdownlint-config.yml b/changelogs/unreleased/centralize-markdownlint-config.yml
deleted file mode 100644
index 9ca36078cf1..00000000000
--- a/changelogs/unreleased/centralize-markdownlint-config.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Centralize markdownlint configuration
-merge_request: 30263
-author:
-type: other
diff --git a/changelogs/unreleased/check-min-schema-migrate.yml b/changelogs/unreleased/check-min-schema-migrate.yml
deleted file mode 100644
index d0f4ae1f5d7..00000000000
--- a/changelogs/unreleased/check-min-schema-migrate.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Added a min schema version check to db:migrate
-merge_request: 29882
-author:
-type: added
diff --git a/changelogs/unreleased/ci_default_git_depth_only.yml b/changelogs/unreleased/ci_default_git_depth_only.yml
deleted file mode 100644
index 928e2fe3ec4..00000000000
--- a/changelogs/unreleased/ci_default_git_depth_only.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: 'API: Allow changing only ci_default_git_depth'
-merge_request: 30888
-author: Mathieu Parent
-type: fixed
diff --git a/changelogs/unreleased/clusters-group-cte.yml b/changelogs/unreleased/clusters-group-cte.yml
deleted file mode 100644
index 4b51249062d..00000000000
--- a/changelogs/unreleased/clusters-group-cte.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Use CTE to fetch clusters hierarchy in single query
-merge_request: 30063
-author:
-type: performance
diff --git a/changelogs/unreleased/create-merge-train-ref-ce.yml b/changelogs/unreleased/create-merge-train-ref-ce.yml
deleted file mode 100644
index b0b95275f58..00000000000
--- a/changelogs/unreleased/create-merge-train-ref-ce.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Extend `MergeToRefService` to create merge ref from an arbitrary ref
-merge_request: 30361
-author:
-type: added
diff --git a/changelogs/unreleased/db-update-geo-nodes-primary.yml b/changelogs/unreleased/db-update-geo-nodes-primary.yml
deleted file mode 100644
index 7c5203353ac..00000000000
--- a/changelogs/unreleased/db-update-geo-nodes-primary.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Disallow `NULL` values for `geo_nodes.primary` column
-merge_request: 29818
-author: Arun Kumar Mohan
-type: other
diff --git a/changelogs/unreleased/dohtaset.yml b/changelogs/unreleased/dohtaset.yml
deleted file mode 100644
index 5b917bd06d8..00000000000
--- a/changelogs/unreleased/dohtaset.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix charts on Cluster health page
-merge_request: 30073
-author:
-type: fixed
diff --git a/changelogs/unreleased/ds-charts-whitespace.yml b/changelogs/unreleased/ds-charts-whitespace.yml
deleted file mode 100644
index 210261764a2..00000000000
--- a/changelogs/unreleased/ds-charts-whitespace.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Improves section header whitespace on the CI/CD Charts page
-merge_request: 30531
-author:
-type: fixed
diff --git a/changelogs/unreleased/dz-remove-deprecated-group-routes.yml b/changelogs/unreleased/dz-remove-deprecated-group-routes.yml
deleted file mode 100644
index bfa62c620d5..00000000000
--- a/changelogs/unreleased/dz-remove-deprecated-group-routes.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove deprecated group routes
-merge_request: 29351
-author:
-type: removed
diff --git a/changelogs/unreleased/dz-remove-deprecated-user-routes.yml b/changelogs/unreleased/dz-remove-deprecated-user-routes.yml
deleted file mode 100644
index 92c2e39dd20..00000000000
--- a/changelogs/unreleased/dz-remove-deprecated-user-routes.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove depreated /u/:username routing
-merge_request: 30044
-author:
-type: removed
diff --git a/changelogs/unreleased/embedded-metrics-be-2.yml b/changelogs/unreleased/embedded-metrics-be-2.yml
deleted file mode 100644
index 2623b4a2e0c..00000000000
--- a/changelogs/unreleased/embedded-metrics-be-2.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Expose placeholder element for metrics charts in GFM
-merge_request: 29861
-author:
-type: added
diff --git a/changelogs/unreleased/expose-saml-provider-id-to-users-api.yml b/changelogs/unreleased/expose-saml-provider-id-to-users-api.yml
deleted file mode 100644
index 6f0e4f4cf7f..00000000000
--- a/changelogs/unreleased/expose-saml-provider-id-to-users-api.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Expose saml_provider_id in the users API
-merge_request: 14045
-author:
-type: added
diff --git a/changelogs/unreleased/fe-delete-old-boardservice-on-component-modal-footer.yml b/changelogs/unreleased/fe-delete-old-boardservice-on-component-modal-footer.yml
deleted file mode 100644
index 4392b72443b..00000000000
--- a/changelogs/unreleased/fe-delete-old-boardservice-on-component-modal-footer.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: change the use of boardService in favor of boardsStore on footer for the board
-  component
-merge_request: 30616
-author: eduarmreyes
-type: other
diff --git a/changelogs/unreleased/fe-issue-reorder.yml b/changelogs/unreleased/fe-issue-reorder.yml
deleted file mode 100644
index aca334b6149..00000000000
--- a/changelogs/unreleased/fe-issue-reorder.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Bring Manual Ordering on Issue List
-merge_request: 29410
-author:
-type: added
diff --git a/changelogs/unreleased/feature-uninstall_cluster_ingress.yml b/changelogs/unreleased/feature-uninstall_cluster_ingress.yml
deleted file mode 100644
index c3f8464c4b4..00000000000
--- a/changelogs/unreleased/feature-uninstall_cluster_ingress.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Allow Ingress to be uninstalled from the UI
-merge_request: 29977
-author:
-type: added
diff --git a/changelogs/unreleased/feature-uninstall_jupyter_hub_app.yml b/changelogs/unreleased/feature-uninstall_jupyter_hub_app.yml
deleted file mode 100644
index 28753aa719c..00000000000
--- a/changelogs/unreleased/feature-uninstall_jupyter_hub_app.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Allow JupyterHub to be uninstalled from the UI
-merge_request: 30097
-author:
-type: added
diff --git a/changelogs/unreleased/fix-broken-vue-i18n-strings.yml b/changelogs/unreleased/fix-broken-vue-i18n-strings.yml
deleted file mode 100644
index 69cec8a6b1b..00000000000
--- a/changelogs/unreleased/fix-broken-vue-i18n-strings.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix broken warnings while Editing Issues and Edit File on MR
-merge_request:
-author:
-type: fixed
diff --git a/changelogs/unreleased/fix-comment-race-condition.yml b/changelogs/unreleased/fix-comment-race-condition.yml
deleted file mode 100644
index d1f5b8fe01f..00000000000
--- a/changelogs/unreleased/fix-comment-race-condition.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix commenting before discussions are loaded
-merge_request: 30724
-author:
-type: fixed
diff --git a/changelogs/unreleased/fix-facivon-url-if-uploads-object-store-enabled.yml b/changelogs/unreleased/fix-facivon-url-if-uploads-object-store-enabled.yml
deleted file mode 100644
index 4e6d9c087ef..00000000000
--- a/changelogs/unreleased/fix-facivon-url-if-uploads-object-store-enabled.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: 'Fix favicon path with uploads of object store'
-merge_request: 29482
-author: Roger Meier
-type: fixed
diff --git a/changelogs/unreleased/fix-jupyter-git-v3.yml b/changelogs/unreleased/fix-jupyter-git-v3.yml
deleted file mode 100644
index 8aaaaf249fb..00000000000
--- a/changelogs/unreleased/fix-jupyter-git-v3.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix Jupyter-Git integration
-merge_request: 30020
-author: Amit Rathi
-type: fixed
diff --git a/changelogs/unreleased/fix-median-counting-for-cycle-analytics.yml b/changelogs/unreleased/fix-median-counting-for-cycle-analytics.yml
deleted file mode 100644
index 6ae6db08ba1..00000000000
--- a/changelogs/unreleased/fix-median-counting-for-cycle-analytics.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix median counting for cycle analytics
-merge_request: 30229
-author:
-type: fixed
diff --git a/changelogs/unreleased/fix-pipeline-schedule-edge-case.yml b/changelogs/unreleased/fix-pipeline-schedule-edge-case.yml
deleted file mode 100644
index 2b7e3611567..00000000000
--- a/changelogs/unreleased/fix-pipeline-schedule-edge-case.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: Fix pipeline schedule does not run correctly when it's scheduled at the same
-  time with the cron worker
-merge_request: 29848
-author:
-type: fixed
diff --git a/changelogs/unreleased/fix-sidekiq-transaction-check-race.yml b/changelogs/unreleased/fix-sidekiq-transaction-check-race.yml
deleted file mode 100644
index 89ae4abfe11..00000000000
--- a/changelogs/unreleased/fix-sidekiq-transaction-check-race.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix race in forbid_sidekiq_in_transactions.rb
-merge_request: 30359
-author:
-type: fixed
diff --git a/changelogs/unreleased/fix-unicorn-sampler-workers-count.yml b/changelogs/unreleased/fix-unicorn-sampler-workers-count.yml
deleted file mode 100644
index 9a263b7f460..00000000000
--- a/changelogs/unreleased/fix-unicorn-sampler-workers-count.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Make unicorn_workers to return meaningful results
-merge_request: 30506
-author:
-type: fixed
diff --git a/changelogs/unreleased/fj-fix-subgroup-search-url.yml b/changelogs/unreleased/fj-fix-subgroup-search-url.yml
deleted file mode 100644
index bee6e97fb6f..00000000000
--- a/changelogs/unreleased/fj-fix-subgroup-search-url.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix subgroup url in search drop down
-merge_request: 30457
-author:
-type: fixed
diff --git a/changelogs/unreleased/georgekoltsov-63955-fix-import-with-source-branch-deleted.yml b/changelogs/unreleased/georgekoltsov-63955-fix-import-with-source-branch-deleted.yml
deleted file mode 100644
index 72e2621c52a..00000000000
--- a/changelogs/unreleased/georgekoltsov-63955-fix-import-with-source-branch-deleted.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix a bug that prevented projects containing merge request diff comments from being imported
-merge_request: 30630
-author:
-type: fixed
diff --git a/changelogs/unreleased/gitaly-version-v1-53-0.yml b/changelogs/unreleased/gitaly-version-v1-53-0.yml
deleted file mode 100644
index 7d3e5ce3cb3..00000000000
--- a/changelogs/unreleased/gitaly-version-v1-53-0.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Upgrade to Gitaly v1.53.0
-merge_request: 30614
-author:
-type: changed
diff --git a/changelogs/unreleased/gitaly-version-v1.49.0.yml b/changelogs/unreleased/gitaly-version-v1.49.0.yml
deleted file mode 100644
index 8795bab0209..00000000000
--- a/changelogs/unreleased/gitaly-version-v1.49.0.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Upgrade to Gitaly v1.49.0
-merge_request: 29990
-author:
-type: changed
diff --git a/changelogs/unreleased/gitaly-version-v1.51.0.yml b/changelogs/unreleased/gitaly-version-v1.51.0.yml
deleted file mode 100644
index 00d52a190f3..00000000000
--- a/changelogs/unreleased/gitaly-version-v1.51.0.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Upgrade to Gitaly v1.51.0
-merge_request: 30353
-author:
-type: changed
diff --git a/changelogs/unreleased/gitaly-version-v1.52.0.yml b/changelogs/unreleased/gitaly-version-v1.52.0.yml
deleted file mode 100644
index d56a392c4ff..00000000000
--- a/changelogs/unreleased/gitaly-version-v1.52.0.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Upgrade to Gitaly v1.52.0
-merge_request: 30568
-author:
-type: changed
diff --git a/changelogs/unreleased/graphql-tree-last-commit.yml b/changelogs/unreleased/graphql-tree-last-commit.yml
deleted file mode 100644
index 5104ca6687e..00000000000
--- a/changelogs/unreleased/graphql-tree-last-commit.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Added commit type to tree GraphQL response
-merge_request: 29412
-author:
-type: added
diff --git a/changelogs/unreleased/gt-remove-tooltip-directive-on-project-avatar-image-component.yml b/changelogs/unreleased/gt-remove-tooltip-directive-on-project-avatar-image-component.yml
deleted file mode 100644
index d9ca20d9d4d..00000000000
--- a/changelogs/unreleased/gt-remove-tooltip-directive-on-project-avatar-image-component.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove tooltip directive on project avatar image component
-merge_request: 29631
-author: George Tsiolis
-type: performance
diff --git a/changelogs/unreleased/hfy-apply-knative-cluster-role-on-service-account-creation.yml b/changelogs/unreleased/hfy-apply-knative-cluster-role-on-service-account-creation.yml
deleted file mode 100644
index 958334cc28e..00000000000
--- a/changelogs/unreleased/hfy-apply-knative-cluster-role-on-service-account-creation.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Create Knative role and binding with service account
-merge_request: 30235
-author:
-type: changed
diff --git a/changelogs/unreleased/hide-restricted-visibility-radio.yml b/changelogs/unreleased/hide-restricted-visibility-radio.yml
deleted file mode 100644
index ebc8b787890..00000000000
--- a/changelogs/unreleased/hide-restricted-visibility-radio.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Hide restricted and disallowed visibility radios
-merge_request: 30590
-author:
-type: fixed
diff --git a/changelogs/unreleased/id-clean-up-mr-assignees.yml b/changelogs/unreleased/id-clean-up-mr-assignees.yml
deleted file mode 100644
index 7ff03c9f00b..00000000000
--- a/changelogs/unreleased/id-clean-up-mr-assignees.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add cleanup migration for MR's multiple assignees
-merge_request: 30261
-author:
-type: changed
diff --git a/changelogs/unreleased/id-extract-widget-into-different-request.yml b/changelogs/unreleased/id-extract-widget-into-different-request.yml
deleted file mode 100644
index 3b9f5fdd6bd..00000000000
--- a/changelogs/unreleased/id-extract-widget-into-different-request.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add a separate endpoint for fetching MRs serialized as widgets
-merge_request: 29979
-author:
-type: performance
diff --git a/changelogs/unreleased/id-stale-branches.yml b/changelogs/unreleased/id-stale-branches.yml
deleted file mode 100644
index 2f35c5a12c9..00000000000
--- a/changelogs/unreleased/id-stale-branches.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add endpoint for fetching diverging commit counts
-merge_request: 29802
-author:
-type: performance
diff --git a/changelogs/unreleased/issue-63222.yml b/changelogs/unreleased/issue-63222.yml
deleted file mode 100644
index bc6520b9fc5..00000000000
--- a/changelogs/unreleased/issue-63222.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Set default sort method for dashboard projects list
-merge_request: 29830
-author: David Palubin
-type: fixed
diff --git a/changelogs/unreleased/issue-zoom-url.yml b/changelogs/unreleased/issue-zoom-url.yml
deleted file mode 100644
index e0bd5478192..00000000000
--- a/changelogs/unreleased/issue-zoom-url.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Extract zoom link from issue and pass to frontend
-merge_request: 29910
-author: raju249
-type: added
diff --git a/changelogs/unreleased/issue_64021.yml b/changelogs/unreleased/issue_64021.yml
deleted file mode 100644
index 088d9348619..00000000000
--- a/changelogs/unreleased/issue_64021.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Skip spam check for task list updates
-merge_request: 30279
-author:
-type: fixed
diff --git a/changelogs/unreleased/jc-detect-nfs-for-rugged.yml b/changelogs/unreleased/jc-detect-nfs-for-rugged.yml
deleted file mode 100644
index ca738181a55..00000000000
--- a/changelogs/unreleased/jc-detect-nfs-for-rugged.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Use Rugged if we detect storage is NFS and we can access the disk
-merge_request: 29725
-author:
-type: performance
diff --git a/changelogs/unreleased/jc-remove-catfile-flag.yml b/changelogs/unreleased/jc-remove-catfile-flag.yml
deleted file mode 100644
index 6b72de7bc45..00000000000
--- a/changelogs/unreleased/jc-remove-catfile-flag.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove catfile cache feature flag
-merge_request: 30750
-author:
-type: performance
diff --git a/changelogs/unreleased/jramsay-enable-object-dedupe-by-default.yml b/changelogs/unreleased/jramsay-enable-object-dedupe-by-default.yml
deleted file mode 100644
index b953d7c0fc8..00000000000
--- a/changelogs/unreleased/jramsay-enable-object-dedupe-by-default.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Enable Git object pools
-merge_request: 29595
-author: jramsay
-type: changed
diff --git a/changelogs/unreleased/knative-0-6.yml b/changelogs/unreleased/knative-0-6.yml
deleted file mode 100644
index 66c5c7f343d..00000000000
--- a/changelogs/unreleased/knative-0-6.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Knative version bump 0.5 -> 0.6
-merge_request: 28798
-author: Chris Baumbauer
-type: changed
diff --git a/changelogs/unreleased/limit-amount-of-tests-returned.yml b/changelogs/unreleased/limit-amount-of-tests-returned.yml
deleted file mode 100644
index 0e80a64b6b7..00000000000
--- a/changelogs/unreleased/limit-amount-of-tests-returned.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Limit amount of JUnit tests returned
-merge_request: 30274
-author:
-type: performance
diff --git a/changelogs/unreleased/mh-board-tooltips.yml b/changelogs/unreleased/mh-board-tooltips.yml
deleted file mode 100644
index 06fc64c52a7..00000000000
--- a/changelogs/unreleased/mh-board-tooltips.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: "'Open' and 'Closed' issue board lists no longer display a redundant tooltip"
-merge_request: 30187
-author:
-type: fixed
diff --git a/changelogs/unreleased/mh-boards-filter-bar.yml b/changelogs/unreleased/mh-boards-filter-bar.yml
deleted file mode 100644
index 3e91b5ef443..00000000000
--- a/changelogs/unreleased/mh-boards-filter-bar.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Display boards filter bar on mobile
-merge_request: 30120
-author:
-type: fixed
diff --git a/changelogs/unreleased/mh-collapsible-boards.yml b/changelogs/unreleased/mh-collapsible-boards.yml
deleted file mode 100644
index b69d6e81cc4..00000000000
--- a/changelogs/unreleased/mh-collapsible-boards.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Labeled issue boards can now collapse
-merge_request: 29955
-author:
-type: added
diff --git a/changelogs/unreleased/mh-colon-autocomplete.yml b/changelogs/unreleased/mh-colon-autocomplete.yml
deleted file mode 100644
index 8b169c22588..00000000000
--- a/changelogs/unreleased/mh-colon-autocomplete.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Allow auto-completing scoped labels
-merge_request: 29749
-author:
-type: added
diff --git a/changelogs/unreleased/mh-mermaid-linebreaks.yml b/changelogs/unreleased/mh-mermaid-linebreaks.yml
deleted file mode 100644
index e38820d8ce3..00000000000
--- a/changelogs/unreleased/mh-mermaid-linebreaks.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix linebreak rendering in Mermaid flowcharts
-merge_request: 30730
-author:
-type: fixed
diff --git a/changelogs/unreleased/move-all-configs-to-global.yml b/changelogs/unreleased/move-all-configs-to-global.yml
deleted file mode 100644
index ff311d57f8d..00000000000
--- a/changelogs/unreleased/move-all-configs-to-global.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: 'Introduce default: for gitlab-ci.yml'
-merge_request:
-author:
-type: added
diff --git a/changelogs/unreleased/mw-project-list-color-fix.yml b/changelogs/unreleased/mw-project-list-color-fix.yml
deleted file mode 100644
index 6f8b2742ec6..00000000000
--- a/changelogs/unreleased/mw-project-list-color-fix.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add text-secondary to controls in project list
-merge_request: 30567
-author:
-type: fixed
diff --git a/changelogs/unreleased/osw-persist-tmp-snippet-uploads.yml b/changelogs/unreleased/osw-persist-tmp-snippet-uploads.yml
deleted file mode 100644
index 9348626c41d..00000000000
--- a/changelogs/unreleased/osw-persist-tmp-snippet-uploads.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Persist tmp snippet uploads at users
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/osw-sync-merge-ref-upon-mergeability-check.yml b/changelogs/unreleased/osw-sync-merge-ref-upon-mergeability-check.yml
deleted file mode 100644
index d2744cddebd..00000000000
--- a/changelogs/unreleased/osw-sync-merge-ref-upon-mergeability-check.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Sync merge ref upon mergeability check
-merge_request: 29569
-author:
-type: added
diff --git a/changelogs/unreleased/paginate-license-management.yml b/changelogs/unreleased/paginate-license-management.yml
deleted file mode 100644
index c5134978612..00000000000
--- a/changelogs/unreleased/paginate-license-management.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Backport and Docs for Paginate license management and add license search
-merge_request: 27602
-author:
-type: changed
diff --git a/changelogs/unreleased/patch-29.yml b/changelogs/unreleased/patch-29.yml
deleted file mode 100644
index 674c06e1259..00000000000
--- a/changelogs/unreleased/patch-29.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Updates PHP template to php:latest to ensure always targeting latest stable
-merge_request: 30319
-author: Paul Giberson
-type: changed
diff --git a/changelogs/unreleased/po-raw-changes-encoding.yml b/changelogs/unreleased/po-raw-changes-encoding.yml
deleted file mode 100644
index 051d18f50c7..00000000000
--- a/changelogs/unreleased/po-raw-changes-encoding.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Expect bytes from Gitaly RPC GetRawChanges
-merge_request: 28164
-author:
-type: fixed
diff --git a/changelogs/unreleased/pre-releases-38105a.yml b/changelogs/unreleased/pre-releases-38105a.yml
deleted file mode 100644
index 8b7cf6065d4..00000000000
--- a/changelogs/unreleased/pre-releases-38105a.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Show an Upcoming Status for Releases
-merge_request: 29577
-author:
-type: added
diff --git a/changelogs/unreleased/prepare-cycle-analytics-for-group-level.yml b/changelogs/unreleased/prepare-cycle-analytics-for-group-level.yml
deleted file mode 100644
index d7bfc67b208..00000000000
--- a/changelogs/unreleased/prepare-cycle-analytics-for-group-level.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Modify cycle analytics on project level
-merge_request: 30356
-author:
-type: changed
diff --git a/changelogs/unreleased/project_api.yml b/changelogs/unreleased/project_api.yml
deleted file mode 100644
index a04f9bb5608..00000000000
--- a/changelogs/unreleased/project_api.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Improve Project API
-merge_request: 28327
-author: Mathieu Parent
-type: added
diff --git a/changelogs/unreleased/refactor-sentry.yml b/changelogs/unreleased/refactor-sentry.yml
deleted file mode 100644
index 25c5534fae0..00000000000
--- a/changelogs/unreleased/refactor-sentry.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove Sentry from application settings
-merge_request: 28447
-author: Roger Meier
-type: added
diff --git a/changelogs/unreleased/registry-fix-multi-delete-modal.yml b/changelogs/unreleased/registry-fix-multi-delete-modal.yml
deleted file mode 100644
index 94a2df7a7e7..00000000000
--- a/changelogs/unreleased/registry-fix-multi-delete-modal.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Prevent multiple confirmation modals from opening when deleting a repository
-merge_request: 30532
-author:
-type: fixed
diff --git a/changelogs/unreleased/remove-auto-ssl-ff.yml b/changelogs/unreleased/remove-auto-ssl-ff.yml
deleted file mode 100644
index 1b4d0dcde08..00000000000
--- a/changelogs/unreleased/remove-auto-ssl-ff.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: Add support for generating SSL certificates for custon pages domains through
-  Let's Encrypt
-merge_request:
-author:
-type: added
diff --git a/changelogs/unreleased/remove-kubernetes-service-deployment-platform.yml b/changelogs/unreleased/remove-kubernetes-service-deployment-platform.yml
deleted file mode 100644
index 17421fca234..00000000000
--- a/changelogs/unreleased/remove-kubernetes-service-deployment-platform.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove Kubernetes service integration and Kubernetes service template from available deployment platforms
-merge_request: 29786
-author:
-type: removed
diff --git a/changelogs/unreleased/remove-support-for-legacy-pipeline-triggers.yml b/changelogs/unreleased/remove-support-for-legacy-pipeline-triggers.yml
deleted file mode 100644
index 3f4d4bbd432..00000000000
--- a/changelogs/unreleased/remove-support-for-legacy-pipeline-triggers.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove support for legacy pipeline triggers
-merge_request: 30133
-author:
-type: removed
diff --git a/changelogs/unreleased/remove_group_and_instance_clusters_feature_flag.yml b/changelogs/unreleased/remove_group_and_instance_clusters_feature_flag.yml
deleted file mode 100644
index fcc6c564345..00000000000
--- a/changelogs/unreleased/remove_group_and_instance_clusters_feature_flag.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove group and instance clusters feature flag
-merge_request: 30124
-author:
-type: changed
diff --git a/changelogs/unreleased/require-pipeline-when-enabling-only-allow-merge-if-pipeline-succeeds.yml b/changelogs/unreleased/require-pipeline-when-enabling-only-allow-merge-if-pipeline-succeeds.yml
deleted file mode 100644
index c105287532b..00000000000
--- a/changelogs/unreleased/require-pipeline-when-enabling-only-allow-merge-if-pipeline-succeeds.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Enforce presence of pipeline when "Pipeline must succeed" project setting is enabled
-merge_request: 29926
-author:
-type: fixed
diff --git a/changelogs/unreleased/rj-fix-manual-order.yml b/changelogs/unreleased/rj-fix-manual-order.yml
deleted file mode 100644
index ecc39b78b06..00000000000
--- a/changelogs/unreleased/rj-fix-manual-order.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Don't let logged out user do manual order
-merge_request: 30264
-author:
-type: fixed
diff --git a/changelogs/unreleased/sanitize_rake_ldap_check_output.yml b/changelogs/unreleased/sanitize_rake_ldap_check_output.yml
deleted file mode 100644
index 92824d1dd48..00000000000
--- a/changelogs/unreleased/sanitize_rake_ldap_check_output.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Sanitize LDAP output in Rake tasks
-merge_request: 28427
-author:
-type: fixed
diff --git a/changelogs/unreleased/search-blob-basenames.yml b/changelogs/unreleased/search-blob-basenames.yml
deleted file mode 100644
index 48ad1130e3f..00000000000
--- a/changelogs/unreleased/search-blob-basenames.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Build correct basenames for title search results
-merge_request: 29898
-author:
-type: fixed
diff --git a/changelogs/unreleased/security-2858-fix-color-validation.yml b/changelogs/unreleased/security-2858-fix-color-validation.yml
deleted file mode 100644
index 3430207a2b6..00000000000
--- a/changelogs/unreleased/security-2858-fix-color-validation.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix DoS vulnerability in color validation regex
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-59581-related-merge-requests-count.yml b/changelogs/unreleased/security-59581-related-merge-requests-count.yml
deleted file mode 100644
index 83faa2f7c13..00000000000
--- a/changelogs/unreleased/security-59581-related-merge-requests-count.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Expose merge requests count based on user access
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-DOS_issue_comments_banzai.yml b/changelogs/unreleased/security-DOS_issue_comments_banzai.yml
deleted file mode 100644
index 2405b1a4f5f..00000000000
--- a/changelogs/unreleased/security-DOS_issue_comments_banzai.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix Denial of Service for comments when rendering issues/MR comments
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-bvl-enforce-graphql-type-authorization.yml b/changelogs/unreleased/security-bvl-enforce-graphql-type-authorization.yml
deleted file mode 100644
index 7dedb9f6230..00000000000
--- a/changelogs/unreleased/security-bvl-enforce-graphql-type-authorization.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add missing authorizations in GraphQL
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-fp-prevent-billion-laughs-attack.yml b/changelogs/unreleased/security-fp-prevent-billion-laughs-attack.yml
deleted file mode 100644
index 4e0cf848931..00000000000
--- a/changelogs/unreleased/security-fp-prevent-billion-laughs-attack.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Prevent Billion Laughs attack
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-mr-head-pipeline-leak.yml b/changelogs/unreleased/security-mr-head-pipeline-leak.yml
deleted file mode 100644
index fe8c4dfb3c8..00000000000
--- a/changelogs/unreleased/security-mr-head-pipeline-leak.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Gate MR head_pipeline behind read_pipeline ability.
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-notes-in-private-snippets.yml b/changelogs/unreleased/security-notes-in-private-snippets.yml
deleted file mode 100644
index 907d98cb16d..00000000000
--- a/changelogs/unreleased/security-notes-in-private-snippets.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Correctly check permissions when creating snippet notes
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-prevent-detection-of-merge-request-template-name.yml b/changelogs/unreleased/security-prevent-detection-of-merge-request-template-name.yml
deleted file mode 100644
index d7bb884cb4b..00000000000
--- a/changelogs/unreleased/security-prevent-detection-of-merge-request-template-name.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Prevent the detection of merge request templates by unauthorized users
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/set-higher-ttl-for-trace-write.yml b/changelogs/unreleased/set-higher-ttl-for-trace-write.yml
deleted file mode 100644
index 9f17172100c..00000000000
--- a/changelogs/unreleased/set-higher-ttl-for-trace-write.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Set higher TTL for write lock of trace to prevent concurrent archiving
-merge_request: 30064
-author:
-type: fixed
diff --git a/changelogs/unreleased/sh-add-force-random-password-user-api.yml b/changelogs/unreleased/sh-add-force-random-password-user-api.yml
deleted file mode 100644
index 29f36978a0f..00000000000
--- a/changelogs/unreleased/sh-add-force-random-password-user-api.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add support for creating random passwords in user creation API
-merge_request: 30138
-author:
-type: changed
diff --git a/changelogs/unreleased/sh-add-gitaly-ref-caching-search-controller.yml b/changelogs/unreleased/sh-add-gitaly-ref-caching-search-controller.yml
deleted file mode 100644
index d4be28e9883..00000000000
--- a/changelogs/unreleased/sh-add-gitaly-ref-caching-search-controller.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Enable Gitaly ref caching for SearchController
-merge_request: 30105
-author:
-type: performance
diff --git a/changelogs/unreleased/sh-add-thread-memory-cache.yml b/changelogs/unreleased/sh-add-thread-memory-cache.yml
deleted file mode 100644
index 025ad6d9f14..00000000000
--- a/changelogs/unreleased/sh-add-thread-memory-cache.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add a memory cache local to the thread to reduce Redis load
-merge_request: 30233
-author:
-type: performance
diff --git a/changelogs/unreleased/sh-audit-event-json-log-format-from-and-to.yml b/changelogs/unreleased/sh-audit-event-json-log-format-from-and-to.yml
deleted file mode 100644
index 5bd21d7ef2b..00000000000
--- a/changelogs/unreleased/sh-audit-event-json-log-format-from-and-to.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Format `from` and `to` fields in JSON audit log
-merge_request: 30333
-author:
-type: changed
diff --git a/changelogs/unreleased/sh-avoid-loading-pipeline-status.yml b/changelogs/unreleased/sh-avoid-loading-pipeline-status.yml
deleted file mode 100644
index 2dead948786..00000000000
--- a/changelogs/unreleased/sh-avoid-loading-pipeline-status.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Avoid loading pipeline status in search results
-merge_request: 30111
-author:
-type: performance
diff --git a/changelogs/unreleased/sh-bump-fog-aws.yml b/changelogs/unreleased/sh-bump-fog-aws.yml
deleted file mode 100644
index a936b81ff02..00000000000
--- a/changelogs/unreleased/sh-bump-fog-aws.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Bump fog-aws to v3.5.2
-merge_request: 30803
-author:
-type: fixed
diff --git a/changelogs/unreleased/sh-cache-feature-flag-names.yml b/changelogs/unreleased/sh-cache-feature-flag-names.yml
deleted file mode 100644
index 6120c4870f8..00000000000
--- a/changelogs/unreleased/sh-cache-feature-flag-names.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Cache feature flag names in Redis for a minute
-merge_request: 29816
-author:
-type: performance
diff --git a/changelogs/unreleased/sh-cache-flipper-checks-in-memory.yml b/changelogs/unreleased/sh-cache-flipper-checks-in-memory.yml
deleted file mode 100644
index 125b6244d80..00000000000
--- a/changelogs/unreleased/sh-cache-flipper-checks-in-memory.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Cache Flipper feature flags in L1 and L2 caches
-merge_request: 30276
-author:
-type: performance
diff --git a/changelogs/unreleased/sh-cache-flipper-names-memory-cache.yml b/changelogs/unreleased/sh-cache-flipper-names-memory-cache.yml
deleted file mode 100644
index 00443e81244..00000000000
--- a/changelogs/unreleased/sh-cache-flipper-names-memory-cache.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Cache Flipper persisted names directly to local memory storage
-merge_request: 30265
-author:
-type: performance
diff --git a/changelogs/unreleased/sh-cache-negative-entries-find-commit.yml b/changelogs/unreleased/sh-cache-negative-entries-find-commit.yml
deleted file mode 100644
index 98eb13ee620..00000000000
--- a/changelogs/unreleased/sh-cache-negative-entries-find-commit.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Allow caching of negative FindCommit matches
-merge_request: 29952
-author:
-type: performance
diff --git a/changelogs/unreleased/sh-clean-up-bitbucket-import-errors.yml b/changelogs/unreleased/sh-clean-up-bitbucket-import-errors.yml
deleted file mode 100644
index e4c9de74e6a..00000000000
--- a/changelogs/unreleased/sh-clean-up-bitbucket-import-errors.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Avoid storing backtraces from Bitbucket Cloud imports in the database
-merge_request: 29862
-author:
-type: performance
diff --git a/changelogs/unreleased/sh-disable-reactive-caching-automatic-retries.yml b/changelogs/unreleased/sh-disable-reactive-caching-automatic-retries.yml
deleted file mode 100644
index a0db68adb78..00000000000
--- a/changelogs/unreleased/sh-disable-reactive-caching-automatic-retries.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Prevent amplification of ReactiveCachingWorker jobs upon failures
-merge_request: 30432
-author:
-type: performance
diff --git a/changelogs/unreleased/sh-enable-ref-name-caching-discussions.yml b/changelogs/unreleased/sh-enable-ref-name-caching-discussions.yml
deleted file mode 100644
index 12f4a5a499d..00000000000
--- a/changelogs/unreleased/sh-enable-ref-name-caching-discussions.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Enable Gitaly ref name caching for discussions.json
-merge_request: 29951
-author:
-type: performance
diff --git a/changelogs/unreleased/sh-fix-gitaly-server-info-cache.yml b/changelogs/unreleased/sh-fix-gitaly-server-info-cache.yml
deleted file mode 100644
index ef8f6e25856..00000000000
--- a/changelogs/unreleased/sh-fix-gitaly-server-info-cache.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix Gitaly auto-detection caching
-merge_request: 30954
-author:
-type: performance
diff --git a/changelogs/unreleased/sh-fix-httpclient-ssl.yml b/changelogs/unreleased/sh-fix-httpclient-ssl.yml
deleted file mode 100644
index fda4e2e7084..00000000000
--- a/changelogs/unreleased/sh-fix-httpclient-ssl.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Make httpclient respect system SSL configuration
-merge_request: 30749
-author:
-type: fixed
diff --git a/changelogs/unreleased/sh-fix-issue-63349.yml b/changelogs/unreleased/sh-fix-issue-63349.yml
deleted file mode 100644
index 0e51a6b7b20..00000000000
--- a/changelogs/unreleased/sh-fix-issue-63349.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Make Housekeeping button do a full garbage collection
-merge_request: 30289
-author:
-type: fixed
diff --git a/changelogs/unreleased/sh-fix-issue-63910.yml b/changelogs/unreleased/sh-fix-issue-63910.yml
deleted file mode 100644
index 50312558c57..00000000000
--- a/changelogs/unreleased/sh-fix-issue-63910.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix attachments using the wrong URLs in e-mails
-merge_request: 30197
-author:
-type: fixed
diff --git a/changelogs/unreleased/sh-handle-nil-replication-lag.yml b/changelogs/unreleased/sh-handle-nil-replication-lag.yml
deleted file mode 100644
index 5638d7e79e3..00000000000
--- a/changelogs/unreleased/sh-handle-nil-replication-lag.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix background migrations failing with unused replication slot
-merge_request: 30042
-author:
-type: fixed
diff --git a/changelogs/unreleased/sh-improve-redis-peek.yml b/changelogs/unreleased/sh-improve-redis-peek.yml
deleted file mode 100644
index 940be103ab7..00000000000
--- a/changelogs/unreleased/sh-improve-redis-peek.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add Redis call details in Peek performance bar
-merge_request: 30191
-author:
-type: changed
diff --git a/changelogs/unreleased/sh-optimize-todos-controller.yml b/changelogs/unreleased/sh-optimize-todos-controller.yml
deleted file mode 100644
index 181ddd1b3bc..00000000000
--- a/changelogs/unreleased/sh-optimize-todos-controller.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Eliminate N+1 queries in Dashboard::TodosController
-merge_request: 29954
-author:
-type: performance
diff --git a/changelogs/unreleased/sh-remove-import-columns-from-projects.yml b/changelogs/unreleased/sh-remove-import-columns-from-projects.yml
deleted file mode 100644
index f4052b2bef5..00000000000
--- a/changelogs/unreleased/sh-remove-import-columns-from-projects.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove import columns from projects table
-merge_request: 29863
-author:
-type: performance
diff --git a/changelogs/unreleased/sh-service-template-bug.yml b/changelogs/unreleased/sh-service-template-bug.yml
deleted file mode 100644
index 1ea5ac84f26..00000000000
--- a/changelogs/unreleased/sh-service-template-bug.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Disable Rails SQL query cache when applying service templates
-merge_request: 30060
-author:
-type: fixed
diff --git a/changelogs/unreleased/sh-strong-memoize-appearances.yml b/changelogs/unreleased/sh-strong-memoize-appearances.yml
deleted file mode 100644
index dc4fe1c4d8e..00000000000
--- a/changelogs/unreleased/sh-strong-memoize-appearances.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Memoize non-existent custom appearances
-merge_request: 29957
-author:
-type: performance
diff --git a/changelogs/unreleased/sh-support-subnets-ip-rate-limiter.yml b/changelogs/unreleased/sh-support-subnets-ip-rate-limiter.yml
deleted file mode 100644
index 3e78c58c764..00000000000
--- a/changelogs/unreleased/sh-support-subnets-ip-rate-limiter.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Support CIDR notation in IP rate limiter
-merge_request: 30146
-author:
-type: changed
diff --git a/changelogs/unreleased/sh-update-mermaid.yml b/changelogs/unreleased/sh-update-mermaid.yml
deleted file mode 100644
index 9a7726cf716..00000000000
--- a/changelogs/unreleased/sh-update-mermaid.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Update Mermaid to 8.1.0
-merge_request: 30036
-author:
-type: fixed
diff --git a/changelogs/unreleased/sh-upgrade-rouge-3-5-1.yml b/changelogs/unreleased/sh-upgrade-rouge-3-5-1.yml
deleted file mode 100644
index b408019c736..00000000000
--- a/changelogs/unreleased/sh-upgrade-rouge-3-5-1.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Upgrade Rouge to 3.5.1
-merge_request: 30431
-author:
-type: changed
diff --git a/changelogs/unreleased/slugify.yml b/changelogs/unreleased/slugify.yml
deleted file mode 100644
index 853e90b8bed..00000000000
--- a/changelogs/unreleased/slugify.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Replace slugifyWithHyphens with improved slugify function
-merge_request: 30172
-author: Luke Ward
-type: fixed
diff --git a/changelogs/unreleased/small-s-in-elasticsearch-in-code.yml b/changelogs/unreleased/small-s-in-elasticsearch-in-code.yml
deleted file mode 100644
index 20d7a822cde..00000000000
--- a/changelogs/unreleased/small-s-in-elasticsearch-in-code.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix typo in code comments about Elasticsearch
-merge_request: 30163
-author: Takuya Noguchi
-type: other
diff --git a/changelogs/unreleased/small-s-in-elasticsearch.yml b/changelogs/unreleased/small-s-in-elasticsearch.yml
deleted file mode 100644
index 7cab5c37125..00000000000
--- a/changelogs/unreleased/small-s-in-elasticsearch.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix typo in docs about Elasticsearch
-merge_request: 30162
-author: Takuya Noguchi
-type: other
diff --git a/changelogs/unreleased/support-jsonb-default-value.yml b/changelogs/unreleased/support-jsonb-default-value.yml
deleted file mode 100644
index d46156276f9..00000000000
--- a/changelogs/unreleased/support-jsonb-default-value.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Support jsonb default in add_column_with_default migration helper
-merge_request: 29871
-author:
-type: other
diff --git a/changelogs/unreleased/tc-rake-orphan-artifacts.yml b/changelogs/unreleased/tc-rake-orphan-artifacts.yml
deleted file mode 100644
index 7081bee640a..00000000000
--- a/changelogs/unreleased/tc-rake-orphan-artifacts.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add rake task to clean orphan artifact files
-merge_request: 29681
-author:
-type: added
diff --git a/changelogs/unreleased/transaction-metrics.yml b/changelogs/unreleased/transaction-metrics.yml
deleted file mode 100644
index 8b6e9c7d9d1..00000000000
--- a/changelogs/unreleased/transaction-metrics.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Adds metrics to measure cost of expensive operations
-merge_request: 29928
-author:
-type: other
diff --git a/changelogs/unreleased/tz-update-mr-count-over-tabs.yml b/changelogs/unreleased/tz-update-mr-count-over-tabs.yml
deleted file mode 100644
index 61a49dd8ecc..00000000000
--- a/changelogs/unreleased/tz-update-mr-count-over-tabs.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: New API for User Counts, updates on success of an MR the count on top and in
-  other tabs
-merge_request: 29441
-author:
-type: added
diff --git a/changelogs/unreleased/unicorn-sampler-fix.yml b/changelogs/unreleased/unicorn-sampler-fix.yml
deleted file mode 100644
index 3f0e509f15f..00000000000
--- a/changelogs/unreleased/unicorn-sampler-fix.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Make sure UnicornSampler is started only in master process.
-merge_request: 30215
-author:
-type: fixed
diff --git a/changelogs/unreleased/update-clair-version.yml b/changelogs/unreleased/update-clair-version.yml
deleted file mode 100644
index 59b6e113fd5..00000000000
--- a/changelogs/unreleased/update-clair-version.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: Extract clair version as CLAIR_EXECUTABLE_VERSION variable and update clair
-  executable from v8 to v11
-merge_request: 30396
-author:
-type: changed
diff --git a/changelogs/unreleased/update-gitlab-runner-helm-chart-to-0-6-0.yml b/changelogs/unreleased/update-gitlab-runner-helm-chart-to-0-6-0.yml
deleted file mode 100644
index 6719fa94b19..00000000000
--- a/changelogs/unreleased/update-gitlab-runner-helm-chart-to-0-6-0.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Update GitLab Runner Helm Chart to 0.6.0
-merge_request: 29982
-author:
-type: other
diff --git a/changelogs/unreleased/update-pages-to-1-7-0.yml b/changelogs/unreleased/update-pages-to-1-7-0.yml
deleted file mode 100644
index d41346f021c..00000000000
--- a/changelogs/unreleased/update-pages-to-1-7-0.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Update GitLab Pages to v1.7.0
-merge_request:
-author:
-type: other
diff --git a/changelogs/unreleased/update-pagination-texts.yml b/changelogs/unreleased/update-pagination-texts.yml
deleted file mode 100644
index 6a398e26242..00000000000
--- a/changelogs/unreleased/update-pagination-texts.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Update pagination prev and next texts
-merge_request: 29911
-author:
-type: other
diff --git a/changelogs/unreleased/update-tar-to-2-2-2.yml b/changelogs/unreleased/update-tar-to-2-2-2.yml
deleted file mode 100644
index f142fe59448..00000000000
--- a/changelogs/unreleased/update-tar-to-2-2-2.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Update tar to 2.2.2
-merge_request: 29949
-author: Takuya Noguchi
-type: security
diff --git a/changelogs/unreleased/update-todo-in-ui.yml b/changelogs/unreleased/update-todo-in-ui.yml
deleted file mode 100644
index dddcf0f3983..00000000000
--- a/changelogs/unreleased/update-todo-in-ui.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Changes "Todo" to "To Do" in the UI for clarity
-merge_request: 28844
-author:
-type: other
diff --git a/changelogs/unreleased/use-pg-9-6-11-on-ci.yml b/changelogs/unreleased/use-pg-9-6-11-on-ci.yml
deleted file mode 100644
index 785eb352895..00000000000
--- a/changelogs/unreleased/use-pg-9-6-11-on-ci.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Use PostgreSQL 9.6.11 in CI tests
-merge_request: 30270
-author: Takuya Noguchi
-type: other
diff --git a/changelogs/unreleased/winh-jest-markdown-header.yml b/changelogs/unreleased/winh-jest-markdown-header.yml
deleted file mode 100644
index 6bf9d75cc93..00000000000
--- a/changelogs/unreleased/winh-jest-markdown-header.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Migrate markdown header_spec.js to Jest
-merge_request: 30228
-author: Martin Hobert
-type: other
diff --git a/changelogs/unreleased/winh-multiple-issueboards-core.yml b/changelogs/unreleased/winh-multiple-issueboards-core.yml
deleted file mode 100644
index c45e420c133..00000000000
--- a/changelogs/unreleased/winh-multiple-issueboards-core.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Move multiple issue boards to core
-merge_request: 30503
-author:
-type: changed
diff --git a/changelogs/unreleased/winh-notes-service-applySuggestion.yml b/changelogs/unreleased/winh-notes-service-applySuggestion.yml
deleted file mode 100644
index 30e540237b6..00000000000
--- a/changelogs/unreleased/winh-notes-service-applySuggestion.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove applySuggestion from notes service
-merge_request: 30399
-author: Frank van Rest
-type: other
diff --git a/changelogs/unreleased/winh-notes-service-deleteNote.yml b/changelogs/unreleased/winh-notes-service-deleteNote.yml
deleted file mode 100644
index cf2b37755a2..00000000000
--- a/changelogs/unreleased/winh-notes-service-deleteNote.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove deleteNote from notes service
-merge_request: 30537
-author: Frank van Rest
-type: other
diff --git a/changelogs/unreleased/winh-notes-service-toggleAward.yml b/changelogs/unreleased/winh-notes-service-toggleAward.yml
deleted file mode 100644
index 0471888c285..00000000000
--- a/changelogs/unreleased/winh-notes-service-toggleAward.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove toggleAward from notes service
-merge_request: 30536
-author: Frank van Rest
-type: other
diff --git a/changelogs/unreleased/winh-updateResolvableDiscussionsCounts-typo.yml b/changelogs/unreleased/winh-updateResolvableDiscussionsCounts-typo.yml
deleted file mode 100644
index 24b10bb3edc..00000000000
--- a/changelogs/unreleased/winh-updateResolvableDiscussionsCounts-typo.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix typo in updateResolvableDiscussionsCounts action
-merge_request: 30278
-author: Frank van Rest
-type: other
diff --git a/changelogs/unreleased/z-index-fix-for-diff-file-dropdown.yml b/changelogs/unreleased/z-index-fix-for-diff-file-dropdown.yml
deleted file mode 100644
index 72108f6ab77..00000000000
--- a/changelogs/unreleased/z-index-fix-for-diff-file-dropdown.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: I fixed z index bug in diff page
-merge_request: 30657
-author: Faruk Can
-type: fixed
diff --git a/changelogs/unreleased/z-index-tools.yml b/changelogs/unreleased/z-index-tools.yml
deleted file mode 100644
index 1102612670b..00000000000
--- a/changelogs/unreleased/z-index-tools.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: 'Review Tools: Add large z-index to toolbar'
-merge_request: 30583
-author:
-type: fixed
diff --git a/changelogs/unreleased/zj-gitaly-usage-data.yml b/changelogs/unreleased/zj-gitaly-usage-data.yml
deleted file mode 100644
index ce5087292ed..00000000000
--- a/changelogs/unreleased/zj-gitaly-usage-data.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add Gitaly data to the usage ping
-merge_request:
-author:
-type: added
-- 
cgit v1.2.1


From 30a0d4600e46af1b01f90332679f64c432219d5a Mon Sep 17 00:00:00 2001
From: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Date: Mon, 22 Jul 2019 08:35:01 +0000
Subject: Update VERSION to 12.2.0-pre

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index 6edc7fa8d35..4dd919b3b06 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-12.1.0-pre
+12.2.0-pre
-- 
cgit v1.2.1


From 5322a0e768fb5f8b3293986b7b3674f12552fea8 Mon Sep 17 00:00:00 2001
From: Heinrich Lee Yu <heinrich@gitlab.com>
Date: Mon, 22 Jul 2019 16:37:02 +0800
Subject: Fix syntax error in script

---
 .gitlab/ci/test-metadata.gitlab-ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitlab/ci/test-metadata.gitlab-ci.yml b/.gitlab/ci/test-metadata.gitlab-ci.yml
index b5201f97366..3a5735a2be9 100644
--- a/.gitlab/ci/test-metadata.gitlab-ci.yml
+++ b/.gitlab/ci/test-metadata.gitlab-ci.yml
@@ -39,7 +39,7 @@ update-tests-metadata:
     policy: push
   script:
     - retry gem install fog-aws mime-types activesupport rspec_profiling postgres-copy --no-document
-    - echo "{}" > ${KNAPSACK_RSPEC_SUITE_REPORT_PATH}'
+    - echo "{}" > ${KNAPSACK_RSPEC_SUITE_REPORT_PATH}
     - scripts/merge-reports ${KNAPSACK_RSPEC_SUITE_REPORT_PATH} knapsack/${CI_PROJECT_NAME}/rspec_*_pg_node_*.json
     - '[[ -z ${TESTS_METADATA_S3_BUCKET} ]] || scripts/sync-reports put $TESTS_METADATA_S3_BUCKET $KNAPSACK_RSPEC_SUITE_REPORT_PATH'
     - rm -f knapsack/${CI_PROJECT_NAME}/*_node_*.json
-- 
cgit v1.2.1


From aba93fe2d5661cf3c086f65838db2965c746fdbf Mon Sep 17 00:00:00 2001
From: Steve Abrams <sabrams@gitlab.com>
Date: Mon, 22 Jul 2019 08:50:25 +0000
Subject: OAuth2 support for GitLab personal access tokens

PATs are accepted using the OAuth2 compliant header
"Authorization: Bearer {token}" in order to allow for
OAuth requests while 2FA is enabled.
---
 app/models/personal_access_token.rb                |  1 +
 ...2-support-with-gitlab-personal-access-token.yml |  5 +++++
 doc/api/README.md                                  |  6 ++++++
 doc/user/project/packages/npm_registry.md          | 23 ++++++++++------------
 lib/gitlab/auth/user_auth_finders.rb               | 17 +++++++++++++---
 spec/lib/gitlab/auth/user_auth_finders_spec.rb     | 14 +++++++++++++
 6 files changed, 50 insertions(+), 16 deletions(-)
 create mode 100644 changelogs/unreleased/63438-oauth2-support-with-gitlab-personal-access-token.yml

diff --git a/app/models/personal_access_token.rb b/app/models/personal_access_token.rb
index f69f0e2dccb..7ae431eaad7 100644
--- a/app/models/personal_access_token.rb
+++ b/app/models/personal_access_token.rb
@@ -7,6 +7,7 @@ class PersonalAccessToken < ApplicationRecord
   add_authentication_token_field :token, digest: true
 
   REDIS_EXPIRY_TIME = 3.minutes
+  TOKEN_LENGTH = 20
 
   serialize :scopes, Array # rubocop:disable Cop/ActiveRecordSerialize
 
diff --git a/changelogs/unreleased/63438-oauth2-support-with-gitlab-personal-access-token.yml b/changelogs/unreleased/63438-oauth2-support-with-gitlab-personal-access-token.yml
new file mode 100644
index 00000000000..815010e15ae
--- /dev/null
+++ b/changelogs/unreleased/63438-oauth2-support-with-gitlab-personal-access-token.yml
@@ -0,0 +1,5 @@
+---
+title: Personal access tokens are accepted using OAuth2 header format
+merge_request: 30277
+author:
+type: added
diff --git a/doc/api/README.md b/doc/api/README.md
index 8e60d1c61df..f9cc1a09870 100644
--- a/doc/api/README.md
+++ b/doc/api/README.md
@@ -272,6 +272,12 @@ Example of using the personal access token in a header:
 curl --header "Private-Token: <your_access_token>" https://gitlab.example.com/api/v4/projects
 ```
 
+You can also use personal access tokens with OAuth-compliant headers:
+
+```shell
+curl --header "Authorization: Bearer <your_access_token>" https://gitlab.example.com/api/v4/projects
+```
+
 Read more about [personal access tokens][pat].
 
 ### Session cookie
diff --git a/doc/user/project/packages/npm_registry.md b/doc/user/project/packages/npm_registry.md
index 481b1ce0337..ca0aa9965ef 100644
--- a/doc/user/project/packages/npm_registry.md
+++ b/doc/user/project/packages/npm_registry.md
@@ -49,35 +49,32 @@ Registry.
 ## Authenticating to the GitLab NPM Registry
 
 If a project is private or you want to upload an NPM package to GitLab,
-credentials will need to be provided for authentication. Support is available
-only for [OAuth tokens](../../../api/oauth2.md#resource-owner-password-credentials-flow).
+credentials will need to be provided for authentication. Support is available for [OAuth tokens](../../../api/oauth2.md#resource-owner-password-credentials-flow) or [personal access tokens](../../profile/personal_access_tokens.md).
 
-CAUTION: **2FA not supported:**
-Authentication for personal access tokens is not yet supported
-([#9140](https://gitlab.com/gitlab-org/gitlab-ee/issues/9140)). If you have 2FA
-enabled, you won't be able to authenticate to the GitLab NPM Registry.
+CAUTION: **2FA is only supported with personal access tokens:**
+If you have 2FA enabled, you need to use a [personal access token](../../profile/personal_access_tokens.md) with OAuth headers. Standard OAuth tokens won't be able to authenticate to the GitLab NPM Registry.
 
 ### Authenticating with an OAuth token
 
-To authenticate with an [OAuth token](../../../api/oauth2.md#resource-owner-password-credentials-flow),
-add a corresponding section to your `.npmrc` file:
+To authenticate with an [OAuth token](../../../api/oauth2.md#resource-owner-password-credentials-flow)
+or [personal access token](../../profile/personal_access_tokens.md), add a corresponding section to your `.npmrc` file:
 
 ```ini
 ; Set URL for your scoped packages.
 ; For example package with name `@foo/bar` will use this URL for download
 @foo:registry=https://gitlab.com/api/v4/packages/npm/
 
-; Add the OAuth token for the scoped packages URL. This will allow you to download
+; Add the token for the scoped packages URL. This will allow you to download
 ; `@foo/` packages from private projects.
-//gitlab.com/api/v4/packages/npm/:_authToken=<your_oauth_token>
+//gitlab.com/api/v4/packages/npm/:_authToken=<your_token>
 
-; Add OAuth token for uploading to the registry. Replace <your_project_id>
+; Add token for uploading to the registry. Replace <your_project_id>
 ; with the project you want your package to be uploaded to.
-//gitlab.com/api/v4/projects/<your_project_id>/packages/npm/:_authToken=<your_oauth_token>
+//gitlab.com/api/v4/projects/<your_project_id>/packages/npm/:_authToken=<your_token>
 ```
 
 Replace `<your_project_id>` with your project ID which can be found on the home page
-of your project and `<your_oauth_token>` with your OAuth token.
+of your project and `<your_token>` with your OAuth or personal access token.
 
 If you have a self-hosted GitLab installation, replace `gitlab.com` with your
 domain name.
diff --git a/lib/gitlab/auth/user_auth_finders.rb b/lib/gitlab/auth/user_auth_finders.rb
index a5efe33bdc6..bba7e2cbb3c 100644
--- a/lib/gitlab/auth/user_auth_finders.rb
+++ b/lib/gitlab/auth/user_auth_finders.rb
@@ -90,8 +90,8 @@ module Gitlab
       def find_personal_access_token
         token =
           current_request.params[PRIVATE_TOKEN_PARAM].presence ||
-          current_request.env[PRIVATE_TOKEN_HEADER].presence
-
+          current_request.env[PRIVATE_TOKEN_HEADER].presence ||
+          parsed_oauth_token
         return unless token
 
         # Expiration, revocation and scopes are verified in `validate_access_token!`
@@ -99,9 +99,12 @@ module Gitlab
       end
 
       def find_oauth_access_token
-        token = Doorkeeper::OAuth::Token.from_request(current_request, *Doorkeeper.configuration.access_token_methods)
+        token = parsed_oauth_token
         return unless token
 
+        # PATs with OAuth headers are not handled by OauthAccessToken
+        return if matches_personal_access_token_length?(token)
+
         # Expiration, revocation and scopes are verified in `validate_access_token!`
         oauth_token = OauthAccessToken.by_token(token)
         raise UnauthorizedError unless oauth_token
@@ -110,6 +113,14 @@ module Gitlab
         oauth_token
       end
 
+      def parsed_oauth_token
+        Doorkeeper::OAuth::Token.from_request(current_request, *Doorkeeper.configuration.access_token_methods)
+      end
+
+      def matches_personal_access_token_length?(token)
+        token.length == PersonalAccessToken::TOKEN_LENGTH
+      end
+
       # Check if the request is GET/HEAD, or if CSRF token is valid.
       def verified_request?
         Gitlab::RequestForgeryProtection.verified?(current_request.env)
diff --git a/spec/lib/gitlab/auth/user_auth_finders_spec.rb b/spec/lib/gitlab/auth/user_auth_finders_spec.rb
index 1e2aebdc84b..4751f880cee 100644
--- a/spec/lib/gitlab/auth/user_auth_finders_spec.rb
+++ b/spec/lib/gitlab/auth/user_auth_finders_spec.rb
@@ -138,6 +138,20 @@ describe Gitlab::Auth::UserAuthFinders do
         expect { find_user_from_access_token }.to raise_error(Gitlab::Auth::UnauthorizedError)
       end
     end
+
+    context 'with OAuth headers' do
+      it 'returns user' do
+        env['HTTP_AUTHORIZATION'] = "Bearer #{personal_access_token.token}"
+
+        expect(find_user_from_access_token).to eq user
+      end
+
+      it 'returns exception if invalid personal_access_token' do
+        env['HTTP_AUTHORIZATION'] = 'Bearer invalid_20byte_token'
+
+        expect { find_personal_access_token }.to raise_error(Gitlab::Auth::UnauthorizedError)
+      end
+    end
   end
 
   describe '#find_user_from_web_access_token' do
-- 
cgit v1.2.1


From 657a5cc9d5df9eb4607d360b57d499c896fe1f73 Mon Sep 17 00:00:00 2001
From: Sanad Liaquat <sliaquat@gitlab.com>
Date: Mon, 22 Jul 2019 15:58:43 +0500
Subject: Adds visibility attr to project

---
 qa/qa/page/project/new.rb | 2 +-
 qa/qa/resource/project.rb | 6 ++++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/qa/qa/page/project/new.rb b/qa/qa/page/project/new.rb
index 0918445d119..64aab9be056 100644
--- a/qa/qa/page/project/new.rb
+++ b/qa/qa/page/project/new.rb
@@ -59,7 +59,7 @@ module QA
         end
 
         def set_visibility(visibility)
-          choose visibility
+          choose visibility.capitalize
         end
 
         def click_github_link
diff --git a/qa/qa/resource/project.rb b/qa/qa/resource/project.rb
index c0a6004fe27..93a82094776 100644
--- a/qa/qa/resource/project.rb
+++ b/qa/qa/resource/project.rb
@@ -8,6 +8,7 @@ module QA
       include Events::Project
 
       attr_writer :initialize_with_readme
+      attr_writer :visibility
 
       attribute :id
       attribute :name
@@ -44,6 +45,7 @@ module QA
         @standalone = false
         @description = 'My awesome project'
         @initialize_with_readme = false
+        @visibility = 'public'
       end
 
       def name=(raw_name)
@@ -60,7 +62,7 @@ module QA
           page.choose_test_namespace
           page.choose_name(@name)
           page.add_description(@description)
-          page.set_visibility('Public')
+          page.set_visibility(@visibility)
           page.enable_initialize_with_readme if @initialize_with_readme
           page.create_new_project
         end
@@ -88,7 +90,7 @@ module QA
         post_body = {
           name: name,
           description: description,
-          visibility: 'public',
+          visibility: @visibility,
           initialize_with_readme: @initialize_with_readme
         }
 
-- 
cgit v1.2.1


From 0bc9b770e459f3e573be70a21221361dea2d9fa8 Mon Sep 17 00:00:00 2001
From: samdbeckham <sbeckham@gitlab.com>
Date: Fri, 28 Jun 2019 17:41:21 +0100
Subject: Adds a waitForMutation helper for VueX

---
 spec/javascripts/helpers/vue_test_utils_helper.js | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/spec/javascripts/helpers/vue_test_utils_helper.js b/spec/javascripts/helpers/vue_test_utils_helper.js
index 121e99c9783..68326e37ae7 100644
--- a/spec/javascripts/helpers/vue_test_utils_helper.js
+++ b/spec/javascripts/helpers/vue_test_utils_helper.js
@@ -1,5 +1,3 @@
-/* eslint-disable import/prefer-default-export */
-
 const vNodeContainsText = (vnode, text) =>
   (vnode.text && vnode.text.includes(text)) ||
   (vnode.children && vnode.children.filter(child => vNodeContainsText(child, text)).length);
@@ -19,3 +17,19 @@ export const shallowWrapperContainsSlotText = (shallowWrapper, slotName, text) =
   Boolean(
     shallowWrapper.vm.$slots[slotName].filter(vnode => vNodeContainsText(vnode, text)).length,
   );
+
+/**
+ * Returns a promise that waits for a mutation to be fired before resolving
+ * NOTE: There's no reject action here so it will hang if it waits for a mutation that won't happen.
+ * @param {Object} store - The Vue store that contains the mutations
+ * @param {String} expectedMutationType - The Mutation to wait for
+ */
+export const waitForMutation = (store, expectedMutationType) =>
+  new Promise(resolve => {
+    const unsubscribe = store.subscribe(mutation => {
+      if (mutation.type === expectedMutationType) {
+        unsubscribe();
+        resolve();
+      }
+    });
+  });
-- 
cgit v1.2.1


From be7ad341467ac101ace61e6c56df8abe84e4e481 Mon Sep 17 00:00:00 2001
From: Jeffrey Cafferata <jeffrey@jcid.nl>
Date: Mon, 22 Jul 2019 13:41:02 +0200
Subject: Removed the unnecessary loop through `../project_services/slack.md`.

---
 doc/integration/slack.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/integration/slack.md b/doc/integration/slack.md
index f84ab769218..9fcf2c2d99a 100644
--- a/doc/integration/slack.md
+++ b/doc/integration/slack.md
@@ -1,5 +1,5 @@
 ---
-redirect_to: '../project_services/slack.md'
+redirect_to: '../user/project/integrations/slack.md'
 ---
 
-This document was moved to [project_services/slack.md](../project_services/slack.md).
+This document was moved to [project_services/slack.md](../user/project/integrations/slack.md).
-- 
cgit v1.2.1


From 972b5f4555f70fdb47c5b3dc78127377b7220cad Mon Sep 17 00:00:00 2001
From: Jan Provaznik <jprovaznik@gitlab.com>
Date: Mon, 22 Jul 2019 11:44:20 +0000
Subject: Removed project autocomplete pagination

This pagination is not used anywhere so there is no reason
to keep it. It seems the usage of offset_id was probably
removed in 90c60138db4e1f86026aac5760febe4ba066ca30
---
 app/finders/autocomplete/move_to_project_finder.rb |  9 +++--
 app/models/project.rb                              | 17 +--------
 changelogs/unreleased/jprovazn-project-search.yml  |  5 +++
 spec/controllers/autocomplete_controller_spec.rb   | 22 ------------
 .../autocomplete/move_to_project_finder_spec.rb    | 40 +++++++---------------
 spec/models/project_spec.rb                        | 20 -----------
 6 files changed, 23 insertions(+), 90 deletions(-)
 create mode 100644 changelogs/unreleased/jprovazn-project-search.yml

diff --git a/app/finders/autocomplete/move_to_project_finder.rb b/app/finders/autocomplete/move_to_project_finder.rb
index edaf74c5f92..491cce2232e 100644
--- a/app/finders/autocomplete/move_to_project_finder.rb
+++ b/app/finders/autocomplete/move_to_project_finder.rb
@@ -3,7 +3,9 @@
 module Autocomplete
   # Finder that retrieves a list of projects that an issue can be moved to.
   class MoveToProjectFinder
-    attr_reader :current_user, :search, :project_id, :offset_id
+    attr_reader :current_user, :search, :project_id
+
+    LIMIT = 20
 
     # current_user - The User object of the user that wants to view the list of
     #                projects.
@@ -14,13 +16,10 @@ module Autocomplete
     #
     # * search: An optional search query to apply to the list of projects.
     # * project_id: The ID of a project to exclude from the returned relation.
-    # * offset_id: The ID of a project to use for pagination. When given, only
-    #   projects with a lower ID are included in the list.
     def initialize(current_user, params = {})
       @current_user = current_user
       @search = params[:search]
       @project_id = params[:project_id]
-      @offset_id = params[:offset_id]
     end
 
     def execute
@@ -28,8 +27,8 @@ module Autocomplete
         .projects_where_can_admin_issues
         .optionally_search(search)
         .excluding_project(project_id)
-        .paginate_in_descending_order_using_id(before: offset_id)
         .eager_load_namespace_and_owner
+        .sorted_by_name_asc_limited(LIMIT)
     end
   end
 end
diff --git a/app/models/project.rb b/app/models/project.rb
index 8dfe2212282..ece7507e55c 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -357,6 +357,7 @@ class Project < ApplicationRecord
   scope :sorted_by_activity, -> { reorder(Arel.sql("GREATEST(COALESCE(last_activity_at, '1970-01-01'), COALESCE(last_repository_updated_at, '1970-01-01')) DESC")) }
   scope :sorted_by_stars_desc, -> { reorder(star_count: :desc) }
   scope :sorted_by_stars_asc, -> { reorder(star_count: :asc) }
+  scope :sorted_by_name_asc_limited, ->(limit) { reorder(name: :asc).limit(limit) }
 
   scope :in_namespace, ->(namespace_ids) { where(namespace_id: namespace_ids) }
   scope :personal, ->(user) { where(namespace_id: user.namespace_id) }
@@ -441,22 +442,6 @@ class Project < ApplicationRecord
     without_deleted.find_by_id(id)
   end
 
-  # Paginates a collection using a `WHERE id < ?` condition.
-  #
-  # before - A project ID to use for filtering out projects with an equal or
-  #      greater ID. If no ID is given, all projects are included.
-  #
-  # limit - The maximum number of rows to include.
-  def self.paginate_in_descending_order_using_id(
-    before: nil,
-    limit: Kaminari.config.default_per_page
-  )
-    relation = order_id_desc.limit(limit)
-    relation = relation.where('projects.id < ?', before) if before
-
-    relation
-  end
-
   def self.eager_load_namespace_and_owner
     includes(namespace: :owner)
   end
diff --git a/changelogs/unreleased/jprovazn-project-search.yml b/changelogs/unreleased/jprovazn-project-search.yml
new file mode 100644
index 00000000000..f76d4858924
--- /dev/null
+++ b/changelogs/unreleased/jprovazn-project-search.yml
@@ -0,0 +1,5 @@
+---
+title: Order projects in 'Move issue' dropdown by name.
+merge_request: 30778
+author:
+type: fixed
diff --git a/spec/controllers/autocomplete_controller_spec.rb b/spec/controllers/autocomplete_controller_spec.rb
index 3f1c0ae8ac4..eaa5d6cd073 100644
--- a/spec/controllers/autocomplete_controller_spec.rb
+++ b/spec/controllers/autocomplete_controller_spec.rb
@@ -295,28 +295,6 @@ describe AutocompleteController do
       end
     end
 
-    context 'authorized projects with offset' do
-      before do
-        authorized_project2 = create(:project)
-        authorized_project3 = create(:project)
-
-        authorized_project.add_maintainer(user)
-        authorized_project2.add_maintainer(user)
-        authorized_project3.add_maintainer(user)
-      end
-
-      describe 'GET #projects with project ID and offset_id' do
-        before do
-          get(:projects, params: { project_id: project.id, offset_id: authorized_project.id })
-        end
-
-        it 'returns projects' do
-          expect(json_response).to be_kind_of(Array)
-          expect(json_response.size).to eq 2 # Of a total of 3
-        end
-      end
-    end
-
     context 'authorized projects without admin_issue ability' do
       before do
         authorized_project.add_guest(user)
diff --git a/spec/finders/autocomplete/move_to_project_finder_spec.rb b/spec/finders/autocomplete/move_to_project_finder_spec.rb
index c3bc410a7f6..4a87b47bd08 100644
--- a/spec/finders/autocomplete/move_to_project_finder_spec.rb
+++ b/spec/finders/autocomplete/move_to_project_finder_spec.rb
@@ -6,9 +6,9 @@ describe Autocomplete::MoveToProjectFinder do
 
   let(:no_access_project) { create(:project) }
   let(:guest_project) { create(:project) }
-  let(:reporter_project) { create(:project) }
-  let(:developer_project) { create(:project) }
-  let(:maintainer_project) { create(:project) }
+  let(:reporter_project) { create(:project, name: 'name') }
+  let(:developer_project) { create(:project, name: 'name2') }
+  let(:maintainer_project) { create(:project, name: 'name3') }
 
   describe '#execute' do
     context 'filter' do
@@ -20,14 +20,14 @@ describe Autocomplete::MoveToProjectFinder do
         expect(finder.execute).to be_empty
       end
 
-      it 'returns projects equal or above Gitlab::Access::REPORTER ordered by id in descending order' do
+      it 'returns projects equal or above Gitlab::Access::REPORTER ordered by name' do
         reporter_project.add_reporter(user)
         developer_project.add_developer(user)
         maintainer_project.add_maintainer(user)
 
         finder = described_class.new(user, project_id: project.id)
 
-        expect(finder.execute.to_a).to eq([maintainer_project, developer_project, reporter_project])
+        expect(finder.execute.to_a).to eq([reporter_project, developer_project, maintainer_project])
       end
 
       it 'does not include the source project' do
@@ -60,46 +60,32 @@ describe Autocomplete::MoveToProjectFinder do
         expect(finder.execute.to_a).to eq([other_reporter_project])
       end
 
-      it 'returns a page of projects ordered by id in descending order' do
-        allow(Kaminari.config).to receive(:default_per_page).and_return(2)
+      it 'returns a page of projects ordered by name' do
+        stub_const('Autocomplete::MoveToProjectFinder::LIMIT', 2)
 
-        projects = create_list(:project, 2) do |project|
+        projects = create_list(:project, 3) do |project|
           project.add_developer(user)
         end
 
         finder = described_class.new(user, project_id: project.id)
         page = finder.execute.to_a
 
-        expect(page.length).to eq(Kaminari.config.default_per_page)
-        expect(page[0]).to eq(projects.last)
-      end
-
-      it 'returns projects after the given offset id' do
-        reporter_project.add_reporter(user)
-        developer_project.add_developer(user)
-        maintainer_project.add_maintainer(user)
-
-        expect(described_class.new(user, project_id: project.id, offset_id: maintainer_project.id).execute.to_a)
-          .to eq([developer_project, reporter_project])
-
-        expect(described_class.new(user, project_id: project.id, offset_id: developer_project.id).execute.to_a)
-          .to eq([reporter_project])
-
-        expect(described_class.new(user, project_id: project.id, offset_id: reporter_project.id).execute.to_a)
-          .to be_empty
+        expected_projects = projects.sort_by(&:name).first(2)
+        expect(page.length).to eq(2)
+        expect(page).to eq(expected_projects)
       end
     end
 
     context 'search' do
       it 'returns projects matching a search query' do
-        foo_project = create(:project)
+        foo_project = create(:project, name: 'foo')
         foo_project.add_maintainer(user)
 
         wadus_project = create(:project, name: 'wadus')
         wadus_project.add_maintainer(user)
 
         expect(described_class.new(user, project_id: project.id).execute.to_a)
-          .to eq([wadus_project, foo_project])
+          .to eq([foo_project, wadus_project])
 
         expect(described_class.new(user, project_id: project.id, search: 'wadus').execute.to_a)
           .to eq([wadus_project])
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 927c072be10..bcb2da7eed2 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -1675,26 +1675,6 @@ describe Project do
     end
   end
 
-  describe '.paginate_in_descending_order_using_id' do
-    let!(:project1) { create(:project) }
-    let!(:project2) { create(:project) }
-
-    it 'orders the relation in descending order' do
-      expect(described_class.paginate_in_descending_order_using_id)
-        .to eq([project2, project1])
-    end
-
-    it 'applies a limit to the relation' do
-      expect(described_class.paginate_in_descending_order_using_id(limit: 1))
-        .to eq([project2])
-    end
-
-    it 'limits projects by and ID when given' do
-      expect(described_class.paginate_in_descending_order_using_id(before: project2.id))
-        .to eq([project1])
-    end
-  end
-
   describe '.including_namespace_and_owner' do
     it 'eager loads the namespace and namespace owner' do
       create(:project)
-- 
cgit v1.2.1


From 97b325a4a28206d921523e2ce34af0ac4be31bd0 Mon Sep 17 00:00:00 2001
From: Tristan Read <tread@gitlab.com>
Date: Mon, 22 Jul 2019 12:01:42 +0000
Subject: Add ability to embed metrics

See https://gitlab.com/gitlab-org/gitlab-ce/issues/30423
---
 .../javascripts/behaviors/markdown/render_gfm.js   |  4 +
 .../behaviors/markdown/render_metrics.js           | 24 ++++++
 .../monitoring/components/charts/area.vue          | 96 +++++++++++----------
 .../monitoring/components/dashboard.vue            |  7 +-
 .../javascripts/monitoring/components/embed.vue    | 97 ++++++++++++++++++++++
 app/assets/javascripts/monitoring/constants.js     |  2 +
 .../javascripts/monitoring/stores/actions.js       | 12 ++-
 .../monitoring/stores/mutation_types.js            |  1 +
 .../javascripts/monitoring/stores/mutations.js     |  3 +
 app/assets/javascripts/monitoring/stores/state.js  |  1 +
 app/assets/stylesheets/pages/prometheus.scss       |  5 ++
 .../behaviors/markdown/render_metrics_spec.js      | 37 +++++++++
 spec/frontend/monitoring/embed/embed_spec.js       | 78 +++++++++++++++++
 spec/frontend/monitoring/embed/mock_data.js        | 87 +++++++++++++++++++
 spec/frontend/test_setup.js                        |  6 ++
 15 files changed, 410 insertions(+), 50 deletions(-)
 create mode 100644 app/assets/javascripts/behaviors/markdown/render_metrics.js
 create mode 100644 app/assets/javascripts/monitoring/components/embed.vue
 create mode 100644 spec/frontend/behaviors/markdown/render_metrics_spec.js
 create mode 100644 spec/frontend/monitoring/embed/embed_spec.js
 create mode 100644 spec/frontend/monitoring/embed/mock_data.js

diff --git a/app/assets/javascripts/behaviors/markdown/render_gfm.js b/app/assets/javascripts/behaviors/markdown/render_gfm.js
index bfb073fdcdc..789a057caf8 100644
--- a/app/assets/javascripts/behaviors/markdown/render_gfm.js
+++ b/app/assets/javascripts/behaviors/markdown/render_gfm.js
@@ -2,6 +2,7 @@ import $ from 'jquery';
 import syntaxHighlight from '~/syntax_highlight';
 import renderMath from './render_math';
 import renderMermaid from './render_mermaid';
+import renderMetrics from './render_metrics';
 import highlightCurrentUser from './highlight_current_user';
 import initUserPopovers from '../../user_popovers';
 import initMRPopovers from '../../mr_popover';
@@ -17,6 +18,9 @@ $.fn.renderGFM = function renderGFM() {
   highlightCurrentUser(this.find('.gfm-project_member').get());
   initUserPopovers(this.find('.gfm-project_member').get());
   initMRPopovers(this.find('.gfm-merge_request').get());
+  if (gon.features && gon.features.gfmEmbeddedMetrics) {
+    renderMetrics(this.find('.js-render-metrics').get());
+  }
   return this;
 };
 
diff --git a/app/assets/javascripts/behaviors/markdown/render_metrics.js b/app/assets/javascripts/behaviors/markdown/render_metrics.js
new file mode 100644
index 00000000000..252b98610b6
--- /dev/null
+++ b/app/assets/javascripts/behaviors/markdown/render_metrics.js
@@ -0,0 +1,24 @@
+import Vue from 'vue';
+import Metrics from '~/monitoring/components/embed.vue';
+import { createStore } from '~/monitoring/stores';
+
+// TODO: Handle copy-pasting - https://gitlab.com/gitlab-org/gitlab-ce/issues/64369.
+export default function renderMetrics(elements) {
+  if (!elements.length) {
+    return;
+  }
+
+  elements.forEach(element => {
+    const { dashboardUrl } = element.dataset;
+    const MetricsComponent = Vue.extend(Metrics);
+
+    // eslint-disable-next-line no-new
+    new MetricsComponent({
+      el: element,
+      store: createStore(),
+      propsData: {
+        dashboardUrl,
+      },
+    });
+  });
+}
diff --git a/app/assets/javascripts/monitoring/components/charts/area.vue b/app/assets/javascripts/monitoring/components/charts/area.vue
index 454ff4f284e..edf9423c74c 100644
--- a/app/assets/javascripts/monitoring/components/charts/area.vue
+++ b/app/assets/javascripts/monitoring/components/charts/area.vue
@@ -37,7 +37,13 @@ export default {
     },
     projectPath: {
       type: String,
-      required: true,
+      required: false,
+      default: () => '',
+    },
+    showBorder: {
+      type: Boolean,
+      required: false,
+      default: () => false,
     },
     thresholds: {
       type: Array,
@@ -234,52 +240,54 @@ export default {
 </script>
 
 <template>
-  <div class="prometheus-graph col-12 col-lg-6">
-    <div class="prometheus-graph-header">
-      <h5 ref="graphTitle" class="prometheus-graph-title">{{ graphData.title }}</h5>
-      <div ref="graphWidgets" class="prometheus-graph-widgets"><slot></slot></div>
-    </div>
-    <gl-area-chart
-      ref="areaChart"
-      v-bind="$attrs"
-      :data="chartData"
-      :option="chartOptions"
-      :format-tooltip-text="formatTooltipText"
-      :thresholds="thresholds"
-      :width="width"
-      :height="height"
-      @updated="onChartUpdated"
-    >
-      <template v-if="tooltip.isDeployment">
-        <template slot="tooltipTitle">
-          {{ __('Deployed') }}
-        </template>
-        <div slot="tooltipContent" class="d-flex align-items-center">
-          <icon name="commit" class="mr-2" />
-          <gl-link :href="tooltip.commitUrl">{{ tooltip.sha }}</gl-link>
-        </div>
-      </template>
-      <template v-else>
-        <template slot="tooltipTitle">
-          <div class="text-nowrap">
-            {{ tooltip.title }}
+  <div class="col-12 col-lg-6" :class="[showBorder ? 'p-2' : 'p-0']">
+    <div class="prometheus-graph" :class="{ 'prometheus-graph-embed w-100 p-3': showBorder }">
+      <div class="prometheus-graph-header">
+        <h5 ref="graphTitle" class="prometheus-graph-title">{{ graphData.title }}</h5>
+        <div ref="graphWidgets" class="prometheus-graph-widgets"><slot></slot></div>
+      </div>
+      <gl-area-chart
+        ref="areaChart"
+        v-bind="$attrs"
+        :data="chartData"
+        :option="chartOptions"
+        :format-tooltip-text="formatTooltipText"
+        :thresholds="thresholds"
+        :width="width"
+        :height="height"
+        @updated="onChartUpdated"
+      >
+        <template v-if="tooltip.isDeployment">
+          <template slot="tooltipTitle">
+            {{ __('Deployed') }}
+          </template>
+          <div slot="tooltipContent" class="d-flex align-items-center">
+            <icon name="commit" class="mr-2" />
+            <gl-link :href="tooltip.commitUrl">{{ tooltip.sha }}</gl-link>
           </div>
         </template>
-        <template slot="tooltipContent">
-          <div
-            v-for="(content, key) in tooltip.content"
-            :key="key"
-            class="d-flex justify-content-between"
-          >
-            <gl-chart-series-label :color="isMultiSeries ? content.color : ''">
-              {{ content.name }}
-            </gl-chart-series-label>
-            <div class="prepend-left-32">
-              {{ content.value }}
+        <template v-else>
+          <template slot="tooltipTitle">
+            <div class="text-nowrap">
+              {{ tooltip.title }}
             </div>
-          </div>
+          </template>
+          <template slot="tooltipContent">
+            <div
+              v-for="(content, key) in tooltip.content"
+              :key="key"
+              class="d-flex justify-content-between"
+            >
+              <gl-chart-series-label :color="isMultiSeries ? content.color : ''">
+                {{ content.name }}
+              </gl-chart-series-label>
+              <div class="prepend-left-32">
+                {{ content.value }}
+              </div>
+            </div>
+          </template>
         </template>
-      </template>
-    </gl-area-chart>
+      </gl-area-chart>
+    </div>
   </div>
 </template>
diff --git a/app/assets/javascripts/monitoring/components/dashboard.vue b/app/assets/javascripts/monitoring/components/dashboard.vue
index 6eaced0c108..c7c55880040 100644
--- a/app/assets/javascripts/monitoring/components/dashboard.vue
+++ b/app/assets/javascripts/monitoring/components/dashboard.vue
@@ -11,10 +11,9 @@ import MonitorSingleStatChart from './charts/single_stat.vue';
 import PanelType from './panel_type.vue';
 import GraphGroup from './graph_group.vue';
 import EmptyState from './empty_state.vue';
-import { timeWindows, timeWindowsKeyNames } from '../constants';
+import { sidebarAnimationDuration, timeWindows, timeWindowsKeyNames } from '../constants';
 import { getTimeDiff } from '../utils';
 
-const sidebarAnimationDuration = 150;
 let sidebarMutationObserver;
 
 export default {
@@ -370,8 +369,8 @@ export default {
     </div>
     <div v-if="!showEmptyState">
       <graph-group
-        v-for="(groupData, index) in groupsWithData"
-        :key="index"
+        v-for="groupData in groupsWithData"
+        :key="`${groupData.group}.${groupData.priority}`"
         :name="groupData.group"
         :show-panels="showPanels"
       >
diff --git a/app/assets/javascripts/monitoring/components/embed.vue b/app/assets/javascripts/monitoring/components/embed.vue
new file mode 100644
index 00000000000..e17f03de0fd
--- /dev/null
+++ b/app/assets/javascripts/monitoring/components/embed.vue
@@ -0,0 +1,97 @@
+<script>
+import { mapActions, mapState } from 'vuex';
+import GraphGroup from './graph_group.vue';
+import MonitorAreaChart from './charts/area.vue';
+import { sidebarAnimationDuration, timeWindowsKeyNames, timeWindows } from '../constants';
+import { getTimeDiff } from '../utils';
+
+let sidebarMutationObserver;
+
+export default {
+  components: {
+    GraphGroup,
+    MonitorAreaChart,
+  },
+  props: {
+    dashboardUrl: {
+      type: String,
+      required: true,
+    },
+  },
+  data() {
+    return {
+      params: {
+        ...getTimeDiff(timeWindows[timeWindowsKeyNames.eightHours]),
+      },
+      elWidth: 0,
+    };
+  },
+  computed: {
+    ...mapState('monitoringDashboard', ['groups', 'metricsWithData']),
+    groupData() {
+      const groupsWithData = this.groups.filter(group => this.chartsWithData(group.metrics).length);
+      if (groupsWithData.length) {
+        return groupsWithData[0];
+      }
+      return null;
+    },
+  },
+  mounted() {
+    this.setInitialState();
+    this.fetchMetricsData(this.params);
+    sidebarMutationObserver = new MutationObserver(this.onSidebarMutation);
+    sidebarMutationObserver.observe(document.querySelector('.layout-page'), {
+      attributes: true,
+      childList: false,
+      subtree: false,
+    });
+  },
+  beforeDestroy() {
+    if (sidebarMutationObserver) {
+      sidebarMutationObserver.disconnect();
+    }
+  },
+  methods: {
+    ...mapActions('monitoringDashboard', [
+      'fetchMetricsData',
+      'setEndpoints',
+      'setFeatureFlags',
+      'setShowErrorBanner',
+    ]),
+    chartsWithData(charts) {
+      return charts.filter(chart =>
+        chart.metrics.some(metric => this.metricsWithData.includes(metric.metric_id)),
+      );
+    },
+    onSidebarMutation() {
+      setTimeout(() => {
+        this.elWidth = this.$el.clientWidth;
+      }, sidebarAnimationDuration);
+    },
+    setInitialState() {
+      this.setFeatureFlags({
+        prometheusEndpointEnabled: true,
+      });
+      this.setEndpoints({
+        dashboardEndpoint: this.dashboardUrl,
+      });
+      this.setShowErrorBanner(false);
+    },
+  },
+};
+</script>
+<template>
+  <div class="metrics-embed">
+    <div v-if="groupData" class="row w-100 m-n2 pb-4">
+      <monitor-area-chart
+        v-for="graphData in chartsWithData(groupData.metrics)"
+        :key="graphData.title"
+        :graph-data="graphData"
+        :container-width="elWidth"
+        group-id="monitor-area-chart"
+        :project-path="null"
+        :show-border="true"
+      />
+    </div>
+  </div>
+</template>
diff --git a/app/assets/javascripts/monitoring/constants.js b/app/assets/javascripts/monitoring/constants.js
index 26f1bf3f68d..605c95e6da5 100644
--- a/app/assets/javascripts/monitoring/constants.js
+++ b/app/assets/javascripts/monitoring/constants.js
@@ -1,5 +1,7 @@
 import { __ } from '~/locale';
 
+export const sidebarAnimationDuration = 300; // milliseconds.
+
 export const chartHeight = 300;
 
 export const graphTypes = {
diff --git a/app/assets/javascripts/monitoring/stores/actions.js b/app/assets/javascripts/monitoring/stores/actions.js
index 5b3da51e9a6..245cc2eaca3 100644
--- a/app/assets/javascripts/monitoring/stores/actions.js
+++ b/app/assets/javascripts/monitoring/stores/actions.js
@@ -44,6 +44,10 @@ export const setFeatureFlags = (
   commit(types.SET_ADDITIONAL_PANEL_TYPES_ENABLED, additionalPanelTypesEnabled);
 };
 
+export const setShowErrorBanner = ({ commit }, enabled) => {
+  commit(types.SET_SHOW_ERROR_BANNER, enabled);
+};
+
 export const requestMetricsDashboard = ({ commit }) => {
   commit(types.REQUEST_METRICS_DATA);
 };
@@ -99,7 +103,9 @@ export const fetchMetricsData = ({ state, dispatch }, params) => {
     })
     .catch(error => {
       dispatch('receiveMetricsDataFailure', error);
-      createFlash(s__('Metrics|There was an error while retrieving metrics'));
+      if (state.setShowErrorBanner) {
+        createFlash(s__('Metrics|There was an error while retrieving metrics'));
+      }
     });
 };
 
@@ -119,7 +125,9 @@ export const fetchDashboard = ({ state, dispatch }, params) => {
     })
     .catch(error => {
       dispatch('receiveMetricsDashboardFailure', error);
-      createFlash(s__('Metrics|There was an error while retrieving metrics'));
+      if (state.setShowErrorBanner) {
+        createFlash(s__('Metrics|There was an error while retrieving metrics'));
+      }
     });
 };
 
diff --git a/app/assets/javascripts/monitoring/stores/mutation_types.js b/app/assets/javascripts/monitoring/stores/mutation_types.js
index c89daba3df7..4b1aadbcf05 100644
--- a/app/assets/javascripts/monitoring/stores/mutation_types.js
+++ b/app/assets/javascripts/monitoring/stores/mutation_types.js
@@ -16,3 +16,4 @@ export const SET_ALL_DASHBOARDS = 'SET_ALL_DASHBOARDS';
 export const SET_ENDPOINTS = 'SET_ENDPOINTS';
 export const SET_GETTING_STARTED_EMPTY_STATE = 'SET_GETTING_STARTED_EMPTY_STATE';
 export const SET_NO_DATA_EMPTY_STATE = 'SET_NO_DATA_EMPTY_STATE';
+export const SET_SHOW_ERROR_BANNER = 'SET_SHOW_ERROR_BANNER';
diff --git a/app/assets/javascripts/monitoring/stores/mutations.js b/app/assets/javascripts/monitoring/stores/mutations.js
index 0104dcb867d..b19520d6638 100644
--- a/app/assets/javascripts/monitoring/stores/mutations.js
+++ b/app/assets/javascripts/monitoring/stores/mutations.js
@@ -96,4 +96,7 @@ export default {
   [types.SET_ADDITIONAL_PANEL_TYPES_ENABLED](state, enabled) {
     state.additionalPanelTypesEnabled = enabled;
   },
+  [types.SET_SHOW_ERROR_BANNER](state, enabled) {
+    state.showErrorBanner = enabled;
+  },
 };
diff --git a/app/assets/javascripts/monitoring/stores/state.js b/app/assets/javascripts/monitoring/stores/state.js
index e54bb712695..440bdc951e0 100644
--- a/app/assets/javascripts/monitoring/stores/state.js
+++ b/app/assets/javascripts/monitoring/stores/state.js
@@ -12,6 +12,7 @@ export default () => ({
   additionalPanelTypesEnabled: false,
   emptyState: 'gettingStarted',
   showEmptyState: true,
+  showErrorBanner: true,
   groups: [],
   deploymentData: [],
   environments: [],
diff --git a/app/assets/stylesheets/pages/prometheus.scss b/app/assets/stylesheets/pages/prometheus.scss
index 2d600e3aef6..05a4cc168a8 100644
--- a/app/assets/stylesheets/pages/prometheus.scss
+++ b/app/assets/stylesheets/pages/prometheus.scss
@@ -29,6 +29,11 @@
   padding: $gl-padding / 2;
 }
 
+.prometheus-graph-embed {
+  border: 1px solid $border-color;
+  border-radius: $border-radius-default;
+}
+
 .prometheus-graph-header {
   display: flex;
   align-items: center;
diff --git a/spec/frontend/behaviors/markdown/render_metrics_spec.js b/spec/frontend/behaviors/markdown/render_metrics_spec.js
new file mode 100644
index 00000000000..6db0eabc16b
--- /dev/null
+++ b/spec/frontend/behaviors/markdown/render_metrics_spec.js
@@ -0,0 +1,37 @@
+import Vue from 'vue';
+import renderMetrics from '~/behaviors/markdown/render_metrics';
+import { TEST_HOST } from 'helpers/test_constants';
+
+const originalExtend = Vue.extend;
+
+describe('Render metrics for Gitlab Flavoured Markdown', () => {
+  const container = {
+    Metrics() {},
+  };
+
+  let spyExtend;
+
+  beforeEach(() => {
+    Vue.extend = () => container.Metrics;
+    spyExtend = jest.spyOn(Vue, 'extend');
+  });
+
+  afterEach(() => {
+    Vue.extend = originalExtend;
+  });
+
+  it('does nothing when no elements are found', () => {
+    renderMetrics([]);
+
+    expect(spyExtend).not.toHaveBeenCalled();
+  });
+
+  it('renders a vue component when elements are found', () => {
+    const element = document.createElement('div');
+    element.setAttribute('data-dashboard-url', TEST_HOST);
+
+    renderMetrics([element]);
+
+    expect(spyExtend).toHaveBeenCalled();
+  });
+});
diff --git a/spec/frontend/monitoring/embed/embed_spec.js b/spec/frontend/monitoring/embed/embed_spec.js
new file mode 100644
index 00000000000..3b18a0f77c7
--- /dev/null
+++ b/spec/frontend/monitoring/embed/embed_spec.js
@@ -0,0 +1,78 @@
+import { createLocalVue, shallowMount } from '@vue/test-utils';
+import Vuex from 'vuex';
+import Embed from '~/monitoring/components/embed.vue';
+import MonitorAreaChart from '~/monitoring/components/charts/area.vue';
+import { TEST_HOST } from 'helpers/test_constants';
+import { groups, initialState, metricsData, metricsWithData } from './mock_data';
+
+const localVue = createLocalVue();
+localVue.use(Vuex);
+
+describe('Embed', () => {
+  let wrapper;
+  let store;
+  let actions;
+
+  function mountComponent() {
+    wrapper = shallowMount(Embed, {
+      localVue,
+      store,
+      propsData: {
+        dashboardUrl: TEST_HOST,
+      },
+    });
+  }
+
+  beforeEach(() => {
+    actions = {
+      setFeatureFlags: () => {},
+      setShowErrorBanner: () => {},
+      setEndpoints: () => {},
+      fetchMetricsData: () => {},
+    };
+
+    store = new Vuex.Store({
+      modules: {
+        monitoringDashboard: {
+          namespaced: true,
+          actions,
+          state: initialState,
+        },
+      },
+    });
+  });
+
+  afterEach(() => {
+    if (wrapper) {
+      wrapper.destroy();
+    }
+  });
+
+  describe('no metrics are available yet', () => {
+    beforeEach(() => {
+      mountComponent();
+    });
+
+    it('shows an empty state when no metrics are present', () => {
+      expect(wrapper.find('.metrics-embed').exists()).toBe(true);
+      expect(wrapper.find(MonitorAreaChart).exists()).toBe(false);
+    });
+  });
+
+  describe('metrics are available', () => {
+    beforeEach(() => {
+      store.state.monitoringDashboard.groups = groups;
+      store.state.monitoringDashboard.groups[0].metrics = metricsData;
+      store.state.monitoringDashboard.metricsWithData = metricsWithData;
+
+      mountComponent();
+    });
+
+    it('shows a chart when metrics are present', () => {
+      wrapper.setProps({});
+      expect(wrapper.find('.metrics-embed').exists()).toBe(true);
+      expect(wrapper.find(MonitorAreaChart).exists()).toBe(true);
+      expect(wrapper.findAll(MonitorAreaChart).length).toBe(2);
+    });
+  });
+});
diff --git a/spec/frontend/monitoring/embed/mock_data.js b/spec/frontend/monitoring/embed/mock_data.js
new file mode 100644
index 00000000000..df4acb82e95
--- /dev/null
+++ b/spec/frontend/monitoring/embed/mock_data.js
@@ -0,0 +1,87 @@
+export const metricsWithData = [15, 16];
+
+export const groups = [
+  {
+    panels: [
+      {
+        title: 'Memory Usage (Total)',
+        type: 'area-chart',
+        y_label: 'Total Memory Used',
+        weight: 4,
+        metrics: [
+          {
+            id: 'system_metrics_kubernetes_container_memory_total',
+            metric_id: 15,
+          },
+        ],
+      },
+      {
+        title: 'Core Usage (Total)',
+        type: 'area-chart',
+        y_label: 'Total Cores',
+        weight: 3,
+        metrics: [
+          {
+            id: 'system_metrics_kubernetes_container_cores_total',
+            metric_id: 16,
+          },
+        ],
+      },
+    ],
+  },
+];
+
+export const metrics = [
+  {
+    id: 'system_metrics_kubernetes_container_memory_total',
+    metric_id: 15,
+  },
+  {
+    id: 'system_metrics_kubernetes_container_cores_total',
+    metric_id: 16,
+  },
+];
+
+const queries = [
+  {
+    result: [
+      {
+        values: [
+          ['Mon', 1220],
+          ['Tue', 932],
+          ['Wed', 901],
+          ['Thu', 934],
+          ['Fri', 1290],
+          ['Sat', 1330],
+          ['Sun', 1320],
+        ],
+      },
+    ],
+  },
+];
+
+export const metricsData = [
+  {
+    queries,
+    metrics: [
+      {
+        metric_id: 15,
+      },
+    ],
+  },
+  {
+    queries,
+    metrics: [
+      {
+        metric_id: 16,
+      },
+    ],
+  },
+];
+
+export const initialState = {
+  monitoringDashboard: {},
+  groups: [],
+  metricsWithData: [],
+  useDashboardEndpoint: true,
+};
diff --git a/spec/frontend/test_setup.js b/spec/frontend/test_setup.js
index 634c78ec029..e4d62b044ca 100644
--- a/spec/frontend/test_setup.js
+++ b/spec/frontend/test_setup.js
@@ -69,3 +69,9 @@ Object.entries(jqueryMatchers).forEach(([matcherName, matcherFactory]) => {
 
 // Tech debt issue TBD
 testUtilsConfig.logModifiedComponents = false;
+
+// Basic stub for MutationObserver
+global.MutationObserver = () => ({
+  disconnect: () => {},
+  observe: () => {},
+});
-- 
cgit v1.2.1


From 26ac53b3536b641a8875b9b41047e8154ed58f1c Mon Sep 17 00:00:00 2001
From: Douwe Maan <douwe@selenight.nl>
Date: Mon, 22 Jul 2019 14:25:56 +0200
Subject: Ensure SubmoduleHelper works outside view context

---
 app/helpers/submodule_helper.rb                    | 12 ++--
 .../unreleased/dm-submodule-helper-routing.yml     |  5 ++
 spec/helpers/submodule_helper_spec.rb              | 81 ++++++++++++----------
 3 files changed, 58 insertions(+), 40 deletions(-)
 create mode 100644 changelogs/unreleased/dm-submodule-helper-routing.yml

diff --git a/app/helpers/submodule_helper.rb b/app/helpers/submodule_helper.rb
index 35e04b0ced3..9a281065b90 100644
--- a/app/helpers/submodule_helper.rb
+++ b/app/helpers/submodule_helper.rb
@@ -34,8 +34,8 @@ module SubmoduleHelper
       project.sub!(/\.git\z/, '')
 
       if self_url?(url, namespace, project)
-        [namespace_project_path(namespace, project),
-         namespace_project_tree_path(namespace, project, submodule_item_id)]
+        [url_helpers.namespace_project_path(namespace, project),
+         url_helpers.namespace_project_tree_path(namespace, project, submodule_item_id)]
       elsif relative_self_url?(url)
         relative_self_links(url, submodule_item_id, repository.project)
       elsif github_dot_com_url?(url)
@@ -99,8 +99,8 @@ module SubmoduleHelper
 
     begin
       [
-        namespace_project_path(target_namespace_path, submodule_base),
-        namespace_project_tree_path(target_namespace_path, submodule_base, commit)
+        url_helpers.namespace_project_path(target_namespace_path, submodule_base),
+        url_helpers.namespace_project_tree_path(target_namespace_path, submodule_base, commit)
       ]
     rescue ActionController::UrlGenerationError
       [nil, nil]
@@ -118,4 +118,8 @@ module SubmoduleHelper
   rescue URI::InvalidURIError
     nil
   end
+
+  def url_helpers
+    Gitlab::Routing.url_helpers
+  end
 end
diff --git a/changelogs/unreleased/dm-submodule-helper-routing.yml b/changelogs/unreleased/dm-submodule-helper-routing.yml
new file mode 100644
index 00000000000..779d4d167df
--- /dev/null
+++ b/changelogs/unreleased/dm-submodule-helper-routing.yml
@@ -0,0 +1,5 @@
+---
+title: Fix bug that caused diffs not to show on MRs with changes to submodules
+merge_request:
+author:
+type: fixed
diff --git a/spec/helpers/submodule_helper_spec.rb b/spec/helpers/submodule_helper_spec.rb
index ea48c69e0ae..b922b910c89 100644
--- a/spec/helpers/submodule_helper_spec.rb
+++ b/spec/helpers/submodule_helper_spec.rb
@@ -3,15 +3,11 @@ require 'spec_helper'
 describe SubmoduleHelper do
   include RepoHelpers
 
-  describe 'submodule links' do
-    let(:submodule_item) { double(id: 'hash', path: 'rack') }
-    let(:config) { Gitlab.config.gitlab }
-    let(:repo) { double }
-
-    before do
-      self.instance_variable_set(:@repository, repo)
-    end
+  let(:submodule_item) { double(id: 'hash', path: 'rack') }
+  let(:config) { Gitlab.config.gitlab }
+  let(:repo) { double }
 
+  shared_examples 'submodule_links' do
     context 'submodule on self' do
       before do
         allow(Gitlab.config.gitlab).to receive(:protocol).and_return('http') # set this just to be sure
@@ -21,28 +17,28 @@ describe SubmoduleHelper do
         allow(Gitlab.config.gitlab_shell).to receive(:ssh_port).and_return(22) # set this just to be sure
         allow(Gitlab.config.gitlab_shell).to receive(:ssh_path_prefix).and_return(Settings.send(:build_gitlab_shell_ssh_path_prefix))
         stub_url([config.user, '@', config.host, ':gitlab-org/gitlab-ce.git'].join(''))
-        expect(submodule_links(submodule_item)).to eq([namespace_project_path('gitlab-org', 'gitlab-ce'), namespace_project_tree_path('gitlab-org', 'gitlab-ce', 'hash')])
+        expect(subject).to eq([namespace_project_path('gitlab-org', 'gitlab-ce'), namespace_project_tree_path('gitlab-org', 'gitlab-ce', 'hash')])
       end
 
       it 'detects ssh on non-standard port' do
         allow(Gitlab.config.gitlab_shell).to receive(:ssh_port).and_return(2222)
         allow(Gitlab.config.gitlab_shell).to receive(:ssh_path_prefix).and_return(Settings.send(:build_gitlab_shell_ssh_path_prefix))
         stub_url(['ssh://', config.user, '@', config.host, ':2222/gitlab-org/gitlab-ce.git'].join(''))
-        expect(submodule_links(submodule_item)).to eq([namespace_project_path('gitlab-org', 'gitlab-ce'), namespace_project_tree_path('gitlab-org', 'gitlab-ce', 'hash')])
+        expect(subject).to eq([namespace_project_path('gitlab-org', 'gitlab-ce'), namespace_project_tree_path('gitlab-org', 'gitlab-ce', 'hash')])
       end
 
       it 'detects http on standard port' do
         allow(Gitlab.config.gitlab).to receive(:port).and_return(80)
         allow(Gitlab.config.gitlab).to receive(:url).and_return(Settings.send(:build_gitlab_url))
         stub_url(['http://', config.host, '/gitlab-org/gitlab-ce.git'].join(''))
-        expect(submodule_links(submodule_item)).to eq([namespace_project_path('gitlab-org', 'gitlab-ce'), namespace_project_tree_path('gitlab-org', 'gitlab-ce', 'hash')])
+        expect(subject).to eq([namespace_project_path('gitlab-org', 'gitlab-ce'), namespace_project_tree_path('gitlab-org', 'gitlab-ce', 'hash')])
       end
 
       it 'detects http on non-standard port' do
         allow(Gitlab.config.gitlab).to receive(:port).and_return(3000)
         allow(Gitlab.config.gitlab).to receive(:url).and_return(Settings.send(:build_gitlab_url))
         stub_url(['http://', config.host, ':3000/gitlab-org/gitlab-ce.git'].join(''))
-        expect(submodule_links(submodule_item)).to eq([namespace_project_path('gitlab-org', 'gitlab-ce'), namespace_project_tree_path('gitlab-org', 'gitlab-ce', 'hash')])
+        expect(subject).to eq([namespace_project_path('gitlab-org', 'gitlab-ce'), namespace_project_tree_path('gitlab-org', 'gitlab-ce', 'hash')])
       end
 
       it 'works with relative_url_root' do
@@ -50,7 +46,7 @@ describe SubmoduleHelper do
         allow(Gitlab.config.gitlab).to receive(:relative_url_root).and_return('/gitlab/root')
         allow(Gitlab.config.gitlab).to receive(:url).and_return(Settings.send(:build_gitlab_url))
         stub_url(['http://', config.host, '/gitlab/root/gitlab-org/gitlab-ce.git'].join(''))
-        expect(submodule_links(submodule_item)).to eq([namespace_project_path('gitlab-org', 'gitlab-ce'), namespace_project_tree_path('gitlab-org', 'gitlab-ce', 'hash')])
+        expect(subject).to eq([namespace_project_path('gitlab-org', 'gitlab-ce'), namespace_project_tree_path('gitlab-org', 'gitlab-ce', 'hash')])
       end
 
       it 'works with subgroups' do
@@ -58,34 +54,34 @@ describe SubmoduleHelper do
         allow(Gitlab.config.gitlab).to receive(:relative_url_root).and_return('/gitlab/root')
         allow(Gitlab.config.gitlab).to receive(:url).and_return(Settings.send(:build_gitlab_url))
         stub_url(['http://', config.host, '/gitlab/root/gitlab-org/sub/gitlab-ce.git'].join(''))
-        expect(submodule_links(submodule_item)).to eq([namespace_project_path('gitlab-org/sub', 'gitlab-ce'), namespace_project_tree_path('gitlab-org/sub', 'gitlab-ce', 'hash')])
+        expect(subject).to eq([namespace_project_path('gitlab-org/sub', 'gitlab-ce'), namespace_project_tree_path('gitlab-org/sub', 'gitlab-ce', 'hash')])
       end
     end
 
     context 'submodule on github.com' do
       it 'detects ssh' do
         stub_url('git@github.com:gitlab-org/gitlab-ce.git')
-        expect(submodule_links(submodule_item)).to eq(['https://github.com/gitlab-org/gitlab-ce', 'https://github.com/gitlab-org/gitlab-ce/tree/hash'])
+        expect(subject).to eq(['https://github.com/gitlab-org/gitlab-ce', 'https://github.com/gitlab-org/gitlab-ce/tree/hash'])
       end
 
       it 'detects http' do
         stub_url('http://github.com/gitlab-org/gitlab-ce.git')
-        expect(submodule_links(submodule_item)).to eq(['https://github.com/gitlab-org/gitlab-ce', 'https://github.com/gitlab-org/gitlab-ce/tree/hash'])
+        expect(subject).to eq(['https://github.com/gitlab-org/gitlab-ce', 'https://github.com/gitlab-org/gitlab-ce/tree/hash'])
       end
 
       it 'detects https' do
         stub_url('https://github.com/gitlab-org/gitlab-ce.git')
-        expect(submodule_links(submodule_item)).to eq(['https://github.com/gitlab-org/gitlab-ce', 'https://github.com/gitlab-org/gitlab-ce/tree/hash'])
+        expect(subject).to eq(['https://github.com/gitlab-org/gitlab-ce', 'https://github.com/gitlab-org/gitlab-ce/tree/hash'])
       end
 
       it 'handles urls with no .git on the end' do
         stub_url('http://github.com/gitlab-org/gitlab-ce')
-        expect(submodule_links(submodule_item)).to eq(['https://github.com/gitlab-org/gitlab-ce', 'https://github.com/gitlab-org/gitlab-ce/tree/hash'])
+        expect(subject).to eq(['https://github.com/gitlab-org/gitlab-ce', 'https://github.com/gitlab-org/gitlab-ce/tree/hash'])
       end
 
       it 'returns original with non-standard url' do
         stub_url('http://github.com/another/gitlab-org/gitlab-ce.git')
-        expect(submodule_links(submodule_item)).to eq([repo.submodule_url_for, nil])
+        expect(subject).to eq([repo.submodule_url_for, nil])
       end
     end
 
@@ -97,39 +93,39 @@ describe SubmoduleHelper do
         allow(repo).to receive(:project).and_return(project)
 
         stub_url('./')
-        expect(submodule_links(submodule_item)).to eq(["/master-project/#{project.path}", "/master-project/#{project.path}/tree/hash"])
+        expect(subject).to eq(["/master-project/#{project.path}", "/master-project/#{project.path}/tree/hash"])
       end
     end
 
     context 'submodule on gitlab.com' do
       it 'detects ssh' do
         stub_url('git@gitlab.com:gitlab-org/gitlab-ce.git')
-        expect(submodule_links(submodule_item)).to eq(['https://gitlab.com/gitlab-org/gitlab-ce', 'https://gitlab.com/gitlab-org/gitlab-ce/tree/hash'])
+        expect(subject).to eq(['https://gitlab.com/gitlab-org/gitlab-ce', 'https://gitlab.com/gitlab-org/gitlab-ce/tree/hash'])
       end
 
       it 'detects http' do
         stub_url('http://gitlab.com/gitlab-org/gitlab-ce.git')
-        expect(submodule_links(submodule_item)).to eq(['https://gitlab.com/gitlab-org/gitlab-ce', 'https://gitlab.com/gitlab-org/gitlab-ce/tree/hash'])
+        expect(subject).to eq(['https://gitlab.com/gitlab-org/gitlab-ce', 'https://gitlab.com/gitlab-org/gitlab-ce/tree/hash'])
       end
 
       it 'detects https' do
         stub_url('https://gitlab.com/gitlab-org/gitlab-ce.git')
-        expect(submodule_links(submodule_item)).to eq(['https://gitlab.com/gitlab-org/gitlab-ce', 'https://gitlab.com/gitlab-org/gitlab-ce/tree/hash'])
+        expect(subject).to eq(['https://gitlab.com/gitlab-org/gitlab-ce', 'https://gitlab.com/gitlab-org/gitlab-ce/tree/hash'])
       end
 
       it 'handles urls with no .git on the end' do
         stub_url('http://gitlab.com/gitlab-org/gitlab-ce')
-        expect(submodule_links(submodule_item)).to eq(['https://gitlab.com/gitlab-org/gitlab-ce', 'https://gitlab.com/gitlab-org/gitlab-ce/tree/hash'])
+        expect(subject).to eq(['https://gitlab.com/gitlab-org/gitlab-ce', 'https://gitlab.com/gitlab-org/gitlab-ce/tree/hash'])
       end
 
       it 'handles urls with trailing whitespace' do
         stub_url('http://gitlab.com/gitlab-org/gitlab-ce.git  ')
-        expect(submodule_links(submodule_item)).to eq(['https://gitlab.com/gitlab-org/gitlab-ce', 'https://gitlab.com/gitlab-org/gitlab-ce/tree/hash'])
+        expect(subject).to eq(['https://gitlab.com/gitlab-org/gitlab-ce', 'https://gitlab.com/gitlab-org/gitlab-ce/tree/hash'])
       end
 
       it 'returns original with non-standard url' do
         stub_url('http://gitlab.com/another/gitlab-org/gitlab-ce.git')
-        expect(submodule_links(submodule_item)).to eq([repo.submodule_url_for, nil])
+        expect(subject).to eq([repo.submodule_url_for, nil])
       end
     end
 
@@ -137,27 +133,25 @@ describe SubmoduleHelper do
       it 'sanitizes unsupported protocols' do
         stub_url('javascript:alert("XSS");')
 
-        expect(helper.submodule_links(submodule_item)).to eq([nil, nil])
+        expect(subject).to eq([nil, nil])
       end
 
       it 'sanitizes unsupported protocols disguised as a repository URL' do
         stub_url('javascript:alert("XSS");foo/bar.git')
 
-        expect(helper.submodule_links(submodule_item)).to eq([nil, nil])
+        expect(subject).to eq([nil, nil])
       end
 
       it 'sanitizes invalid URL with extended ASCII' do
         stub_url('é')
 
-        expect(helper.submodule_links(submodule_item)).to eq([nil, nil])
+        expect(subject).to eq([nil, nil])
       end
 
       it 'returns original' do
         stub_url('http://mygitserver.com/gitlab-org/gitlab-ce')
-        expect(submodule_links(submodule_item)).to eq([repo.submodule_url_for, nil])
 
-        stub_url('http://mygitserver.com/gitlab-org/gitlab-ce.git')
-        expect(submodule_links(submodule_item)).to eq([repo.submodule_url_for, nil])
+        expect(subject).to eq([repo.submodule_url_for, nil])
       end
     end
 
@@ -168,8 +162,7 @@ describe SubmoduleHelper do
 
       def expect_relative_link_to_resolve_to(relative_path, expected_path)
         allow(repo).to receive(:submodule_url_for).and_return(relative_path)
-
-        result = submodule_links(submodule_item)
+        result = subject
 
         expect(result).to eq([expected_path, "#{expected_path}/tree/#{submodule_item.id}"])
       end
@@ -190,7 +183,7 @@ describe SubmoduleHelper do
         it 'returns nil' do
           allow(repo).to receive(:submodule_url_for).and_return('../../test.git')
 
-          result = submodule_links(submodule_item)
+          result = subject
 
           expect(result).to eq([nil, nil])
         end
@@ -200,7 +193,7 @@ describe SubmoduleHelper do
         it 'returns nil because it is not possible to have repo nested under another repo' do
           allow(repo).to receive(:submodule_url_for).and_return('./test.git')
 
-          result = submodule_links(submodule_item)
+          result = subject
 
           expect(result).to eq([nil, nil])
         end
@@ -238,6 +231,22 @@ describe SubmoduleHelper do
     end
   end
 
+  context 'as view helpers in view context' do
+    subject { helper.submodule_links(submodule_item) }
+
+    before do
+      self.instance_variable_set(:@repository, repo)
+    end
+
+    it_behaves_like 'submodule_links'
+  end
+
+  context 'as stand-alone module' do
+    subject { described_class.submodule_links(submodule_item, nil, repo) }
+
+    it_behaves_like 'submodule_links'
+  end
+
   def stub_url(url)
     allow(repo).to receive(:submodule_url_for).and_return(url)
   end
-- 
cgit v1.2.1


From d8b11c25512a70823ae2e231fc87e0b247765dc9 Mon Sep 17 00:00:00 2001
From: Zsolt Kovari <zsolt.kovari@cern.ch>
Date: Mon, 22 Jul 2019 12:50:46 +0000
Subject: Display project id on project admin page

---
 app/views/admin/projects/show.html.haml                              | 5 +++++
 .../unreleased/60949-display-projectid-on-project-admin-page.yml     | 5 +++++
 spec/features/admin/admin_projects_spec.rb                           | 1 +
 3 files changed, 11 insertions(+)
 create mode 100644 changelogs/unreleased/60949-display-projectid-on-project-admin-page.yml

diff --git a/app/views/admin/projects/show.html.haml b/app/views/admin/projects/show.html.haml
index 0fae8060b32..3eff0a221d7 100644
--- a/app/views/admin/projects/show.html.haml
+++ b/app/views/admin/projects/show.html.haml
@@ -54,6 +54,11 @@
           %strong
             = @project.created_at.to_s(:medium)
 
+        %li
+          %span.light ID:
+          %strong
+            = @project.id
+
         %li
           %span.light http:
           %strong
diff --git a/changelogs/unreleased/60949-display-projectid-on-project-admin-page.yml b/changelogs/unreleased/60949-display-projectid-on-project-admin-page.yml
new file mode 100644
index 00000000000..3ff83ede2fa
--- /dev/null
+++ b/changelogs/unreleased/60949-display-projectid-on-project-admin-page.yml
@@ -0,0 +1,5 @@
+---
+title: Display project id on project admin page
+merge_request: 29734
+author: Zsolt Kovari
+type: added
diff --git a/spec/features/admin/admin_projects_spec.rb b/spec/features/admin/admin_projects_spec.rb
index 2b6bfa40beb..1c1ca41f633 100644
--- a/spec/features/admin/admin_projects_spec.rb
+++ b/spec/features/admin/admin_projects_spec.rb
@@ -60,6 +60,7 @@ describe "Admin::Projects" do
       expect(page).to have_content(project.name)
       expect(page).to have_content(project.full_name)
       expect(page).to have_content(project.creator.name)
+      expect(page).to have_content(project.id)
     end
   end
 
-- 
cgit v1.2.1


From 0f9fb07d5c54391a9eb8a07c8b776f84ff6f951a Mon Sep 17 00:00:00 2001
From: Zsolt Kovari <zsolt.kovari@cern.ch>
Date: Mon, 22 Jul 2019 12:52:30 +0000
Subject: Display group id on group admin page

---
 app/views/admin/groups/show.html.haml                               | 5 +++++
 changelogs/unreleased/60948-display-groupid-on-group-admin-page.yml | 5 +++++
 locale/gitlab.pot                                                   | 3 +++
 spec/features/admin/admin_groups_spec.rb                            | 1 +
 4 files changed, 14 insertions(+)
 create mode 100644 changelogs/unreleased/60948-display-groupid-on-group-admin-page.yml

diff --git a/app/views/admin/groups/show.html.haml b/app/views/admin/groups/show.html.haml
index 98230684d56..f9cc118a252 100644
--- a/app/views/admin/groups/show.html.haml
+++ b/app/views/admin/groups/show.html.haml
@@ -40,6 +40,11 @@
           %strong
             = @group.created_at.to_s(:medium)
 
+        %li
+          %span.light= _('ID:')
+          %strong
+            = @group.id
+
         = render_if_exists 'admin/namespace_plan_info', namespace: @group
 
         %li
diff --git a/changelogs/unreleased/60948-display-groupid-on-group-admin-page.yml b/changelogs/unreleased/60948-display-groupid-on-group-admin-page.yml
new file mode 100644
index 00000000000..17763b4c69e
--- /dev/null
+++ b/changelogs/unreleased/60948-display-groupid-on-group-admin-page.yml
@@ -0,0 +1,5 @@
+---
+title: Display group id on group admin page
+merge_request: 29735
+author: Zsolt Kovari
+type: added
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 7b742660a4c..5f8467ea809 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -5324,6 +5324,9 @@ msgstr ""
 msgid "ID"
 msgstr ""
 
+msgid "ID:"
+msgstr ""
+
 msgid "IDE|Allow live previews of JavaScript projects in the Web IDE using CodeSandbox client side evaluation."
 msgstr ""
 
diff --git a/spec/features/admin/admin_groups_spec.rb b/spec/features/admin/admin_groups_spec.rb
index 735ca60f7da..bac2972b0fb 100644
--- a/spec/features/admin/admin_groups_spec.rb
+++ b/spec/features/admin/admin_groups_spec.rb
@@ -90,6 +90,7 @@ describe 'Admin Groups' do
       visit admin_group_path(group)
 
       expect(page).to have_content("Group: #{group.name}")
+      expect(page).to have_content("ID: #{group.id}")
     end
   end
 
-- 
cgit v1.2.1


From e0fd42a5b1c4f2613f30f455a1c12cf456fa3ad6 Mon Sep 17 00:00:00 2001
From: Marcia Ramos <marcia@gitlab.com>
Date: Mon, 22 Jul 2019 12:58:36 +0000
Subject: Docs: add alert for bugs - Pages' LE integration

---
 .../lets_encrypt_integration.md                    | 23 ++++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

diff --git a/doc/user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md b/doc/user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md
index 7675a5dd9d4..4588375738e 100644
--- a/doc/user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md
+++ b/doc/user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md
@@ -15,6 +15,12 @@ GitLab does it for you, out-of-the-box.
 [Let's Encrypt](https://letsencrypt.org) is a free, automated, and
 open source Certificate Authority.
 
+CAUTION: **Caution:**
+This feature is in **beta** and might present bugs and UX issues
+such as [#64870](https://gitlab.com/gitlab-org/gitlab-ce/issues/64870).
+See all the related issues linked from this [issue's description](https://gitlab.com/gitlab-org/gitlab-ce/issues/28996)
+for more information.
+
 ## Requirements
 
 Before you can enable automatic provisioning of a SSL certificate for your domain, make sure you have:
@@ -55,9 +61,22 @@ associated Pages domain. It will be also renewed automatically by GitLab.
 > - If you already have SSL certificate in domain settings it
 >   will continue to work until it will be replaced by Let's Encrypt's certificate.
 
-<!-- ## Troubleshooting
+## Troubleshooting
+
+### Error "Certificate misses intermediates"
+
+If you get an error **Certificate misses intermediates** while trying to enable Let's Encrypt integration for your domain, follow the steps below:
+
+1. Go to your project's **Settings > Pages**.
+1. Turn off **Force HTTPS** if it's turned on.
+1. Click **Details** on your domain.
+1. Click the **Edit** button in the top right corner of domain details page.
+1. Enable Let's Encrypt integration.
+1. Click **Save**.
+1. Go to your project's **Settings > Pages**.
+1. Turn on **Force HTTPS**.
 
-Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+<!-- Include any troubleshooting steps that you can foresee. If you know beforehand what issues
 one might have when setting this up, or when something is changed, or on upgrading, it's
 important to describe those, too. Think of things that may go wrong and include them here.
 This is important to minimize requests for support, and to avoid doc comments with
-- 
cgit v1.2.1


From 809b7f8b3dcba4b146012c7e3491462990f477e0 Mon Sep 17 00:00:00 2001
From: Lukas Eipert <leipert@gitlab.com>
Date: Mon, 22 Jul 2019 15:00:08 +0200
Subject: Resolve difference in app/assets/stylesheets/application.scss

---
 app/assets/stylesheets/_ee/application_ee.scss | 5 +++++
 app/assets/stylesheets/application.scss        | 4 ++++
 config/application.rb                          | 6 ++++++
 3 files changed, 15 insertions(+)
 create mode 100644 app/assets/stylesheets/_ee/application_ee.scss

diff --git a/app/assets/stylesheets/_ee/application_ee.scss b/app/assets/stylesheets/_ee/application_ee.scss
new file mode 100644
index 00000000000..0fb2c9b68a9
--- /dev/null
+++ b/app/assets/stylesheets/_ee/application_ee.scss
@@ -0,0 +1,5 @@
+/*
+ This is a noop-file. In EE:
+ ee/app/assets/stylesheets/_ee/application_ee.scss
+ will take precedence over it and import more styles
+ */
diff --git a/app/assets/stylesheets/application.scss b/app/assets/stylesheets/application.scss
index d5ef66af31a..fbf16aa324a 100644
--- a/app/assets/stylesheets/application.scss
+++ b/app/assets/stylesheets/application.scss
@@ -34,4 +34,8 @@
 // Styles for JS behaviors.
 @import "behaviors";
 
+// EE-only stylesheets
+@import "application_ee";
+
+// CSS util classes
 @import "utilities";
diff --git a/config/application.rb b/config/application.rb
index de386506233..ffc8c616f89 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -183,6 +183,12 @@ module Gitlab
       config.assets.precompile << "pages/jira_connect.css"
     end
 
+    # Import path for EE specific SCSS entry point
+    # In CE it will import a noop file, in EE a functioning file
+    # Order is important, so that the ee file takes precedence:
+    config.assets.paths << "#{config.root}/ee/app/assets/stylesheets/_ee"
+    config.assets.paths << "#{config.root}/app/assets/stylesheets/_ee"
+
     config.assets.paths << "#{config.root}/vendor/assets/javascripts/"
     config.assets.precompile << "snowplow/sp.js"
 
-- 
cgit v1.2.1


From c39c64d97331758766d93e58a922a4e0fb216963 Mon Sep 17 00:00:00 2001
From: Lukas Eipert <leipert@gitlab.com>
Date: Mon, 22 Jul 2019 15:14:10 +0200
Subject: Port common class only used in EE

---
 app/assets/stylesheets/framework/common.scss | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/assets/stylesheets/framework/common.scss b/app/assets/stylesheets/framework/common.scss
index 1bd5043ed10..61ab0476c42 100644
--- a/app/assets/stylesheets/framework/common.scss
+++ b/app/assets/stylesheets/framework/common.scss
@@ -434,6 +434,7 @@ img.emoji {
 
 /** COMMON SIZING CLASSES **/
 .w-0 { width: 0; }
+.w-8em { width: 8em; }
 
 .h-12em { height: 12em; }
 
-- 
cgit v1.2.1


From 299a743b27455706279b3e0fe955f2a8a08b5196 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20Coutable?= <remy@rymai.me>
Date: Thu, 4 Jul 2019 17:48:02 +0200
Subject: Dry the list of stage and group labels by linking to them directly
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Rémy Coutable <remy@rymai.me>
---
 doc/development/contributing/issue_workflow.md | 59 +++-----------------------
 1 file changed, 5 insertions(+), 54 deletions(-)

diff --git a/doc/development/contributing/issue_workflow.md b/doc/development/contributing/issue_workflow.md
index abe11b8d1a8..79c701d7abf 100644
--- a/doc/development/contributing/issue_workflow.md
+++ b/doc/development/contributing/issue_workflow.md
@@ -102,20 +102,7 @@ any issue.
 
 Stage labels specify which [DevOps stage][devops-stages] the issue belongs to.
 
-The current stage labels are:
-
-- ~"devops::manage"
-- ~"devops::plan"
-- ~"devops::create"
-- ~"devops::verify"
-- ~"devops::package"
-- ~"devops::release"
-- ~"devops::configure"
-- ~"devops::monitor"
-- ~"devops::secure"
-- ~"devops::defend"
-- ~"devops::growth"
-- ~"devops::enablement"
+The current stage labels can be found by [searching the labels list for `devops::`](https://gitlab.com/groups/gitlab-org/-/labels?search=devops%3A%3A).
 
 These labels are [scoped labels](../../user/project/labels.md#scoped-labels-premium)
 and thus are mutually exclusive.
@@ -138,44 +125,8 @@ The Stage labels are used to generate the [direction pages][direction-pages] aut
 
 Group labels specify which [groups][structure-groups] the issue belongs to.
 
-The current group labels are:
-
-- ~"group::access"
-- ~"group::measure"
-- ~"group::source code"
-- ~"group::knowledge"
-- ~"group::editor"
-- ~"group::gitaly"  
-- ~"group::gitter"  
-- ~"group::team planning"
-- ~"group::enterprise planning"
-- ~"group::certify"
-- ~"group::ci and runner"
-- ~"group::testing"
-- ~"group::package"
-- ~"group::progressive delivery"
-- ~"group::release management"
-- ~"group::autodevops and kubernetes"
-- ~"group::serverless and paas"
-- ~"group::apm"
-- ~"group::health"
-- ~"group::static analysis"
-- ~"group::dynamic analysis"
-- ~"group::software composition analysis"
-- ~"group::runtime application security"
-- ~"group::threat management"
-- ~"group::application infrastructure security"
-- ~"group::activation"
-- ~"group::adoption"
-- ~"group::upsell"
-- ~"group::retention"
-- ~"group::fulfillment"
-- ~"group::telemetry"
-- ~"group::distribution"
-- ~"group::geo"
-- ~"group::memory"
-- ~"group::ecosystem"
-  
+The current group labels can be found by [searching the labels list for `group::`](https://gitlab.com/groups/gitlab-org/-/labels?search=group%3A%3A).
+
 These labels are [scoped labels](../../user/project/labels.md#scoped-labels-premium)
 and thus are mutually exclusive.
 
@@ -248,7 +199,7 @@ If a bug seems to fall between two severity labels, assign it to the higher-seve
 - Example(s) of ~S1
   - Data corruption/loss.
   - Security breach.
-  - Unable to create an issue or merge request. 
+  - Unable to create an issue or merge request.
   - Unable to add a comment or thread to the issue or merge request.
 - Example(s) of ~S2
   - Cannot submit changes through the web IDE but the commandline works.
@@ -259,7 +210,7 @@ If a bug seems to fall between two severity labels, assign it to the higher-seve
 - Example(s) of ~S4
   - Label colors are incorrect.
   - UI elements are not fully aligned.
-  
+
 ## Label for community contributors
 
 Issues that are beneficial to our users, 'nice to haves', that we currently do
-- 
cgit v1.2.1


From a600f147b4e9045534d4cf66e207d230b2af954e Mon Sep 17 00:00:00 2001
From: Nick Thomas <nick@gitlab.com>
Date: Mon, 15 Jul 2019 14:16:55 +0100
Subject: Add Aria support to capybara

---
 spec/features/projects/tree/create_directory_spec.rb | 4 +++-
 spec/features/projects/tree/create_file_spec.rb      | 4 +++-
 spec/support/capybara.rb                             | 1 +
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/spec/features/projects/tree/create_directory_spec.rb b/spec/features/projects/tree/create_directory_spec.rb
index 2cb2a23b7be..8585e24bc35 100644
--- a/spec/features/projects/tree/create_directory_spec.rb
+++ b/spec/features/projects/tree/create_directory_spec.rb
@@ -47,7 +47,9 @@ describe 'Multi-file editor new directory', :js do
 
     fill_in('commit-message', with: 'commit message ide')
 
-    click_button('Commit')
+    page.within '.multi-file-commit-form' do
+      click_button('Commit')
+    end
 
     find('.js-ide-edit-mode').click
 
diff --git a/spec/features/projects/tree/create_file_spec.rb b/spec/features/projects/tree/create_file_spec.rb
index 9f5524da8e9..8623b10562d 100644
--- a/spec/features/projects/tree/create_file_spec.rb
+++ b/spec/features/projects/tree/create_file_spec.rb
@@ -39,7 +39,9 @@ describe 'Multi-file editor new file', :js do
 
     fill_in('commit-message', with: 'commit message ide')
 
-    click_button('Commit')
+    page.within '.multi-file-commit-form' do
+      click_button('Commit')
+    end
 
     expect(page).to have_content('file name')
   end
diff --git a/spec/support/capybara.rb b/spec/support/capybara.rb
index 56ac208a025..60990879fe2 100644
--- a/spec/support/capybara.rb
+++ b/spec/support/capybara.rb
@@ -58,6 +58,7 @@ Capybara.javascript_driver = :chrome
 Capybara.default_max_wait_time = timeout
 Capybara.ignore_hidden_elements = true
 Capybara.default_normalize_ws = true
+Capybara.enable_aria_label = true
 
 # Keep only the screenshots generated from the last failing test suite
 Capybara::Screenshot.prune_strategy = :keep_last_run
-- 
cgit v1.2.1


From 23e0e7ac0b6cd5e1ed0e5e70b6473fd7c4e7844f Mon Sep 17 00:00:00 2001
From: Nick Thomas <nick@gitlab.com>
Date: Tue, 28 May 2019 18:24:21 +0100
Subject: Backport CE parts of "Allow blocking merge requests to be configured"

---
 app/views/shared/issuable/_form.html.haml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/views/shared/issuable/_form.html.haml b/app/views/shared/issuable/_form.html.haml
index 214e87052da..07a7b5ce9de 100644
--- a/app/views/shared/issuable/_form.html.haml
+++ b/app/views/shared/issuable/_form.html.haml
@@ -33,6 +33,8 @@
 
 = render_if_exists 'shared/issuable/approvals', issuable: issuable, presenter: presenter, form: form
 
+= render_if_exists "shared/issuable/form/merge_request_blocks", issuable: issuable, form: form
+
 = render 'shared/issuable/form/branch_chooser', issuable: issuable, form: form
 
 = render 'shared/issuable/form/merge_params', issuable: issuable
-- 
cgit v1.2.1


From 36f8d7bd7950dbc2ddc6bc6299b5947d80ec5cd9 Mon Sep 17 00:00:00 2001
From: Nick Thomas <nick@gitlab.com>
Date: Thu, 18 Jul 2019 16:30:22 +0100
Subject: Add documentation for blocking MRs

This feature needs to be documented, so here is the documentation
---
 .../merge_requests/blocking_merge_requests.md      | 133 +++++++++++++++++++++
 .../img/edit_blocking_merge_requests.png           | Bin 0 -> 9926 bytes
 .../edit_blocking_merge_requests_inaccessible.png  | Bin 0 -> 10867 bytes
 .../show_blocking_merge_requests_in_mr_widget.png  | Bin 0 -> 27089 bytes
 doc/user/project/merge_requests/index.md           |  16 +++
 5 files changed, 149 insertions(+)
 create mode 100644 doc/user/project/merge_requests/blocking_merge_requests.md
 create mode 100644 doc/user/project/merge_requests/img/edit_blocking_merge_requests.png
 create mode 100644 doc/user/project/merge_requests/img/edit_blocking_merge_requests_inaccessible.png
 create mode 100644 doc/user/project/merge_requests/img/show_blocking_merge_requests_in_mr_widget.png

diff --git a/doc/user/project/merge_requests/blocking_merge_requests.md b/doc/user/project/merge_requests/blocking_merge_requests.md
new file mode 100644
index 00000000000..0506a7cb4a5
--- /dev/null
+++ b/doc/user/project/merge_requests/blocking_merge_requests.md
@@ -0,0 +1,133 @@
+---
+type: reference, concepts
+---
+
+# Blocking merge requests **(PREMIUM)**
+
+> Introduced in GitLab Premium 12.2
+
+Blocking merge requests allow dependencies between MRs to be expressed. If a
+merge request is blocked by another MR, it cannot be merged until that blocking
+MR is itself merged.
+
+NOTE: **Note:**
+Blocking merge requests are a **PREMIUM** feature, but this restriction is only
+enforced for the blocked merge request. A merge request in a **CORE** or
+**STARTER** project can block a **PREMIUM** merge request, but not vice-versa.
+
+## Use cases
+
+* Ensure changes to a library are merged before changes to a project that
+  imports the library
+* Prevent a documentation-only merge request from being merged before the MR
+  implementing the feature to be documented
+* Require an MR updating a permissions matrix to be merged before merging an
+  MR from someone who hasn't yet been granted permissions
+
+It is common for a single logical change to span several merge requests. These
+MRs may all be in a single project, or they may be spread out across multiple
+projects, and the order in which they are merged can be significant.
+
+For example, given a project `mycorp/awesome-project` that imports a library
+at `myfriend/awesome-lib`, adding a feature in `awesome-project` may **also**
+require changes to `awesome-lib`, and so necessitate two merge requests. Merging
+the `awesome-project` MR before the `awesome-lib` one would break the `master`
+branch.
+
+The `awesome-project` MR could be [marked as WIP](work_in_progress_merge_requests.md),
+and the reason for the WIP stated included in the comments. However, this
+requires the state of the `awesome-lib` MR to be manually tracked, and doesn't
+scale well if the `awesome-project` MR depends on changes to **several** other
+projects.
+
+By marking the `awesome-project` MR as blocked on the `awesome-lib` MR instead,
+the status of the dependency is automatically tracked by GitLab, and the WIP
+state can be used to communicate the readiness of the code in each individual
+MR instead.
+
+## Configuration
+
+To continue the above example, you can configure a block when creating the
+new MR in `awesome-project` (or by editing it, if it already exists). The block
+needs to be configured on the MR that will be **blocked**, rather than on the
+**blocking** MR. There is a "Blocking merge requests" section in the form:
+
+![Blocking merge requests form control](img/edit_blocking_merge_requests.png)
+
+Anyone who can edit a merge request can change the list of blocking merge
+requests.
+
+New blocks can be added by reference, by URL, or by using autcompletion. To
+remove a block, press the "X" by its reference.
+
+As blocks can be specified across projects, it's possible that someone else has
+added a block for a merge request in a project you don't have access to. These
+are shown as a simple count:
+
+![Blocking merge requests form control with inaccessible MRs](img/edit_blocking_merge_requests_inaccessible.png)
+
+If necessary, you can remove all the blocks like this by pressing the "X", just
+as you would for a single, visible block.
+
+Once you're finished, press the "Save changes" button to submit the request, or
+"Cancel" to return without making any changes.
+
+The list of configured blocks, and the status of each one, is shown in the merge
+request widget:
+
+![Blocking merge requests in merge request widget](img/show_blocking_merge_requests_in_mr_widget.png)
+
+Until all blocking merge requests have, themselves, been merged, the "Merge"
+button will be disabled. In particular, note that **closed** merge requests
+still block their dependents - it is impossible to automatically determine if
+merge requests that were blocked by that MR when it was open, are still blocked
+when it is closed.
+
+If a merge request has been closed **and** the block is no longer relevant, it
+must be removed as a blocking MR, following the instructions above, before
+merge.
+
+## Limitations
+
+* API support: [gitlab-ee#12551](https://gitlab.com/gitlab-org/gitlab-ee/issues/12551)
+* Blocking relationships are not preserved across project export/import: [gitlab-ee#12549](https://gitlab.com/gitlab-org/gitlab-ee/issues/12549)
+* Complex merge order dependencies are not supported: [gitlab-ee#11393](https://gitlab.com/gitlab-org/gitlab-ee/issues/11393)
+
+The last item merits a little more explanation. Blocking merge requests can be
+described as a graph of dependencies. The simplest possible graph has one
+merge request blocking another:
+
+```mermaid
+graph LR;
+    myfriend/awesome-lib!10-->mycorp/awesome-project!100;
+```
+
+A more complex (and still supported) graph might have several MRs blocking
+another from being merged:
+
+```mermaid
+graph LR;
+    myfriend/awesome-lib!10-->mycorp/awesome-project!100;
+    herfriend/another-lib!1-->mycorp/awesome-project!100;
+```
+
+We also support one MR blocking several others from being merged:
+
+```mermaid
+graph LR;
+    herfriend/another-lib!1-->myfriend/awesome-lib!10;
+    herfriend/another-lib!1-->mycorp/awesome-project!100;
+```
+
+What is **not** supported is a "deep", or "nested" graph of dependencies, e.g.:
+
+```mermaid
+graph LR;
+    herfriend/another-lib!1-->myfriend/awesome-lib!10;
+    myfriend/awesome-lib!10-->mycorp/awesome-project!100;
+```
+
+In this example, `myfriend/awesome-lib!10` would be blocked from being merged by
+`herfriend/another-lib!1`, and would also block `mycorp/awesome-project!100`
+from being merged. This is **not** yet supported.
+
diff --git a/doc/user/project/merge_requests/img/edit_blocking_merge_requests.png b/doc/user/project/merge_requests/img/edit_blocking_merge_requests.png
new file mode 100644
index 00000000000..0fe26d602e3
Binary files /dev/null and b/doc/user/project/merge_requests/img/edit_blocking_merge_requests.png differ
diff --git a/doc/user/project/merge_requests/img/edit_blocking_merge_requests_inaccessible.png b/doc/user/project/merge_requests/img/edit_blocking_merge_requests_inaccessible.png
new file mode 100644
index 00000000000..a1003c41c22
Binary files /dev/null and b/doc/user/project/merge_requests/img/edit_blocking_merge_requests_inaccessible.png differ
diff --git a/doc/user/project/merge_requests/img/show_blocking_merge_requests_in_mr_widget.png b/doc/user/project/merge_requests/img/show_blocking_merge_requests_in_mr_widget.png
new file mode 100644
index 00000000000..a1241f9e38c
Binary files /dev/null and b/doc/user/project/merge_requests/img/show_blocking_merge_requests_in_mr_widget.png differ
diff --git a/doc/user/project/merge_requests/index.md b/doc/user/project/merge_requests/index.md
index 8c28e24683f..08a5d2e03a3 100644
--- a/doc/user/project/merge_requests/index.md
+++ b/doc/user/project/merge_requests/index.md
@@ -47,6 +47,7 @@ With **[GitLab Enterprise Edition][ee]**, you can also:
 - Analyze your dependencies for vulnerabilities with [Dependency Scanning](../../application_security/dependency_scanning/index.md) **(ULTIMATE)**
 - Analyze your Docker images for vulnerabilities with [Container Scanning](../../application_security/container_scanning/index.md) **(ULTIMATE)**
 - Determine the performance impact of changes with [Browser Performance Testing](#browser-performance-testing-premium) **(PREMIUM)**
+- Specify merge order dependencies with [Blocking Merge Requests](#blocking-merge-requests-premium) **(PREMIUM)**
 
 ## Use cases
 
@@ -412,6 +413,21 @@ GitLab runs the [Sitespeed.io container][sitespeed-container] and displays the d
 
 [Read more about Browser Performance Testing.](browser_performance_testing.md)
 
+## Blocking Merge Requests **(PREMIUM)**
+
+> Introduced in [GitLab Premium][products] 12.2.
+
+A single logical change may be split across several merge requests, and perhaps
+even across several projects. When this happens, the order in which MRs are
+merged is important.
+
+GitLab allows you to specify that a merge request is blocked by other MRs. With
+this relationship in place, the merge request cannot be merged until all of its
+blockers have also been merged, helping to maintain the consistency of a single
+logical change.
+
+[Read more about Blocking Merge Requests.](blocking_merge_requests.md)
+
 ## Security reports **(ULTIMATE)**
 
 GitLab can scan and report any vulnerabilities found in your project.
-- 
cgit v1.2.1


From 79a45426d5b9a186f5b75085b5dd6529a573c131 Mon Sep 17 00:00:00 2001
From: Yorick Peterse <yorickpeterse@gmail.com>
Date: Mon, 22 Jul 2019 15:30:10 +0200
Subject: Remove duplicate entry from all_models.yml

This line is already present further down in the YAML file. In EE the
line is already removed.
---
 spec/lib/gitlab/import_export/all_models.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/spec/lib/gitlab/import_export/all_models.yml b/spec/lib/gitlab/import_export/all_models.yml
index 7baa52ffb4f..929b6222900 100644
--- a/spec/lib/gitlab/import_export/all_models.yml
+++ b/spec/lib/gitlab/import_export/all_models.yml
@@ -343,7 +343,6 @@ project:
 - fork_network_member
 - fork_network
 - custom_attributes
-- prometheus_metrics
 - lfs_file_locks
 - project_badges
 - source_of_merge_requests
-- 
cgit v1.2.1


From 7e2e48cf6e02cf9bfa12d0ddfcc7a946ddf9d818 Mon Sep 17 00:00:00 2001
From: Yorick Peterse <yorickpeterse@gmail.com>
Date: Mon, 22 Jul 2019 15:35:00 +0200
Subject: Backport project.json fixture from EE

This backports all changes made to an import/export fixture file from EE
to CE.
---
 spec/lib/gitlab/import_export/project.json | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/spec/lib/gitlab/import_export/project.json b/spec/lib/gitlab/import_export/project.json
index c0b97486eeb..9e54ca28e58 100644
--- a/spec/lib/gitlab/import_export/project.json
+++ b/spec/lib/gitlab/import_export/project.json
@@ -2775,7 +2775,8 @@
           "action": 1,
           "author_id": 1
         }
-      ]
+      ],
+      "approvals_before_merge": 1
     },
     {
       "id": 26,
-- 
cgit v1.2.1


From afdb618bd3913c38168ec4ca167e9572a39ba86f Mon Sep 17 00:00:00 2001
From: Peter Dave Hello <hsu@peterdavehello.org>
Date: Sat, 20 Jul 2019 23:30:51 +0800
Subject: Remove duplicated mapping key in config/locales/en.yml

The "errors" section was defined twice in this file, the first one was
the once being removed here, another one is at line 164 (before removal)
or line 158 (after removal).

The content of duplicated strings definition are totally the same, the
second part has more data (41 lines in total, compare to the removed 6
lines), so I removed the first part but not the second part.

cc !16710
---
 changelogs/unreleased/FixLocaleEN.yml | 5 +++++
 config/locales/en.yml                 | 6 ------
 2 files changed, 5 insertions(+), 6 deletions(-)
 create mode 100644 changelogs/unreleased/FixLocaleEN.yml

diff --git a/changelogs/unreleased/FixLocaleEN.yml b/changelogs/unreleased/FixLocaleEN.yml
new file mode 100644
index 00000000000..49738a6d127
--- /dev/null
+++ b/changelogs/unreleased/FixLocaleEN.yml
@@ -0,0 +1,5 @@
+---
+title: Remove duplicated mapping key in config/locales/en.yml
+merge_request: 30980
+author: Peter Dave Hello
+type: fixed
diff --git a/config/locales/en.yml b/config/locales/en.yml
index a3dceb2fb62..a60f86e1d80 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -16,12 +16,6 @@ en:
         api_url: "Sentry API URL"
       project/metrics_setting:
         external_dashboard_url: "External dashboard URL"
-  errors:
-    messages:
-      label_already_exists_at_group_level: "already exists at group level for %{group}. Please choose another one."
-      wrong_size: "is the wrong size (should be %{file_size})"
-      size_too_small: "is too small (should be at least %{file_size})"
-      size_too_big: "is too big (should be at most %{file_size})"
   views:
     pagination:
       previous: "Prev"
-- 
cgit v1.2.1


From 46fef6f21dd4331d6436f67c0a875eefffd95bd0 Mon Sep 17 00:00:00 2001
From: Yorick Peterse <yorickpeterse@gmail.com>
Date: Mon, 22 Jul 2019 16:23:59 +0200
Subject: Backport import/export spec changes from EE

This backports remaining import/export spec changes from EE to CE.
---
 spec/lib/gitlab/import_export/project_tree_saver_spec.rb      | 7 ++++++-
 spec/lib/gitlab/import_export/relation_rename_service_spec.rb | 1 +
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/spec/lib/gitlab/import_export/project_tree_saver_spec.rb b/spec/lib/gitlab/import_export/project_tree_saver_spec.rb
index bc4f867e891..5f56c30c7e0 100644
--- a/spec/lib/gitlab/import_export/project_tree_saver_spec.rb
+++ b/spec/lib/gitlab/import_export/project_tree_saver_spec.rb
@@ -42,6 +42,10 @@ describe Gitlab::ImportExport::ProjectTreeSaver do
         expect(saved_project_json).to include({ 'description' => 'description', 'visibility_level' => 20 })
       end
 
+      it 'has approvals_before_merge set' do
+        expect(saved_project_json['approvals_before_merge']).to eq(1)
+      end
+
       it 'has milestones' do
         expect(saved_project_json['milestones']).not_to be_empty
       end
@@ -287,7 +291,8 @@ describe Gitlab::ImportExport::ProjectTreeSaver do
                      issues: [issue],
                      snippets: [snippet],
                      releases: [release],
-                     group: group
+                     group: group,
+                     approvals_before_merge: 1
                     )
     project_label = create(:label, project: project)
     group_label = create(:group_label, group: group)
diff --git a/spec/lib/gitlab/import_export/relation_rename_service_spec.rb b/spec/lib/gitlab/import_export/relation_rename_service_spec.rb
index a20a844a492..15748407f0c 100644
--- a/spec/lib/gitlab/import_export/relation_rename_service_spec.rb
+++ b/spec/lib/gitlab/import_export/relation_rename_service_spec.rb
@@ -28,6 +28,7 @@ describe Gitlab::ImportExport::RelationRenameService do
 
     before do
       allow(shared).to receive(:export_path).and_return(import_path)
+      allow(ActiveSupport::JSON).to receive(:decode).and_call_original
       allow(ActiveSupport::JSON).to receive(:decode).with(file_content).and_return(json_file)
     end
 
-- 
cgit v1.2.1


From c91ef6cd6d1b2332b18c15017b2a8dc13cc1a391 Mon Sep 17 00:00:00 2001
From: Paul Becotte <pjbecotte@gmail.com>
Date: Mon, 22 Jul 2019 14:32:23 +0000
Subject: The python regex fails if you add branch coverage to the report
 (different number of digit blocks). Don't think there's any downside in
 handling any number of digit blocks so long as it starts with TOTAL and ends
 with a percentage.

---
 app/views/projects/settings/ci_cd/_form.html.haml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/views/projects/settings/ci_cd/_form.html.haml b/app/views/projects/settings/ci_cd/_form.html.haml
index 2d108a1cba5..498a9744783 100644
--- a/app/views/projects/settings/ci_cd/_form.html.haml
+++ b/app/views/projects/settings/ci_cd/_form.html.haml
@@ -99,7 +99,7 @@
                 %code \(\d+.\d+\%\) covered
               %li
                 pytest-cov (Python) -
-                %code ^TOTAL\s+\d+\s+\d+\s+(\d+\%)$
+                %code ^TOTAL.+?(\d+\%)$
               %li
                 phpunit --coverage-text --colors=never (PHP) -
                 %code ^\s*Lines:\s*\d+.\d+\%
-- 
cgit v1.2.1


From 313f145b5594ebba7ce4675905061144adb3b44a Mon Sep 17 00:00:00 2001
From: Imre Farkas <ifarkas@gitlab.com>
Date: Fri, 12 Jul 2019 14:25:12 +0200
Subject: Rake task to cleanup expired ActiveSession lookup keys

In some cases ActiveSession.cleanup was not called after authentication,
so for some user ActiveSession lookup keys grew without ever cleaning
up. This Rake task manually iterates over the lookup keys and removes
ones without existing ActiveSession.
---
 app/models/active_session.rb                       |  8 ++--
 .../64257-active_session_lookup_key_cleanup.yml    |  5 +++
 doc/raketasks/cleanup.md                           | 10 +++++
 lib/tasks/gitlab/cleanup.rake                      | 52 ++++++++++++++++++++++
 spec/models/active_session_spec.rb                 |  2 +-
 spec/tasks/gitlab/cleanup_rake_spec.rb             | 30 +++++++++++++
 6 files changed, 102 insertions(+), 5 deletions(-)
 create mode 100644 changelogs/unreleased/64257-active_session_lookup_key_cleanup.yml

diff --git a/app/models/active_session.rb b/app/models/active_session.rb
index 345767179eb..fdd210f0fba 100644
--- a/app/models/active_session.rb
+++ b/app/models/active_session.rb
@@ -93,12 +93,12 @@ class ActiveSession
   end
 
   def self.list_sessions(user)
-    sessions_from_ids(session_ids_for_user(user))
+    sessions_from_ids(session_ids_for_user(user.id))
   end
 
-  def self.session_ids_for_user(user)
+  def self.session_ids_for_user(user_id)
     Gitlab::Redis::SharedState.with do |redis|
-      redis.smembers(lookup_key_name(user.id))
+      redis.smembers(lookup_key_name(user_id))
     end
   end
 
@@ -129,7 +129,7 @@ class ActiveSession
   end
 
   def self.cleaned_up_lookup_entries(redis, user)
-    session_ids = session_ids_for_user(user)
+    session_ids = session_ids_for_user(user.id)
     entries = raw_active_session_entries(session_ids, user.id)
 
     # remove expired keys.
diff --git a/changelogs/unreleased/64257-active_session_lookup_key_cleanup.yml b/changelogs/unreleased/64257-active_session_lookup_key_cleanup.yml
new file mode 100644
index 00000000000..df3cd98830e
--- /dev/null
+++ b/changelogs/unreleased/64257-active_session_lookup_key_cleanup.yml
@@ -0,0 +1,5 @@
+---
+title: Rake task to cleanup expired ActiveSession lookup keys
+merge_request: 30668
+author:
+type: performance
diff --git a/doc/raketasks/cleanup.md b/doc/raketasks/cleanup.md
index f880f31c39e..832078d23cb 100644
--- a/doc/raketasks/cleanup.md
+++ b/doc/raketasks/cleanup.md
@@ -137,3 +137,13 @@ level with `NICENESS`. Below are the valid levels, but consult
 - `1` or `Realtime`
 - `2` or `Best-effort` (default)
 - `3` or `Idle`
+
+## Remove expired ActiveSession lookup keys
+
+```
+# omnibus-gitlab
+sudo gitlab-rake gitlab:cleanup:sessions:active_sessions_lookup_keys
+
+# installation from source
+bundle exec rake gitlab:cleanup:sessions:active_sessions_lookup_keys RAILS_ENV=production
+```
diff --git a/lib/tasks/gitlab/cleanup.rake b/lib/tasks/gitlab/cleanup.rake
index 88172e26c67..4d854cd178d 100644
--- a/lib/tasks/gitlab/cleanup.rake
+++ b/lib/tasks/gitlab/cleanup.rake
@@ -127,6 +127,58 @@ namespace :gitlab do
       end
     end
 
+    namespace :sessions do
+      desc "GitLab | Cleanup | Sessions | Clean ActiveSession lookup keys"
+      task active_sessions_lookup_keys: :gitlab_environment do
+        session_key_pattern = "#{Gitlab::Redis::SharedState::USER_SESSIONS_LOOKUP_NAMESPACE}:*"
+        last_save_check = Time.at(0)
+        wait_time = 10.seconds
+        cursor = 0
+        total_users_scanned = 0
+
+        Gitlab::Redis::SharedState.with do |redis|
+          begin
+            cursor, keys = redis.scan(cursor, match: session_key_pattern)
+            total_users_scanned += keys.count
+
+            if last_save_check < Time.now - 1.second
+              while redis.info('persistence')['rdb_bgsave_in_progress'] == '1'
+                puts "BGSAVE in progress, waiting #{wait_time} seconds"
+                sleep(wait_time)
+              end
+              last_save_check = Time.now
+            end
+
+            keys.each do |key|
+              user_id = key.split(':').last
+
+              lookup_key_count = redis.scard(key)
+
+              session_ids = ActiveSession.session_ids_for_user(user_id)
+              entries = ActiveSession.raw_active_session_entries(session_ids, user_id)
+              session_ids_and_entries = session_ids.zip(entries)
+
+              inactive_session_ids = session_ids_and_entries.map do |session_id, session|
+                session_id if session.nil?
+              end.compact
+
+              redis.pipelined do |conn|
+                inactive_session_ids.each do |session_id|
+                  conn.srem(key, session_id)
+                end
+              end
+
+              if inactive_session_ids
+                puts "deleted #{inactive_session_ids.count} out of #{lookup_key_count} lookup keys for User ##{user_id}"
+              end
+            end
+          end while cursor.to_i != 0
+
+          puts "--- All done! Total number of scanned users: #{total_users_scanned}"
+        end
+      end
+    end
+
     def remove?
       ENV['REMOVE'] == 'true'
     end
diff --git a/spec/models/active_session_spec.rb b/spec/models/active_session_spec.rb
index 09c2878663a..2a689754ee0 100644
--- a/spec/models/active_session_spec.rb
+++ b/spec/models/active_session_spec.rb
@@ -114,7 +114,7 @@ RSpec.describe ActiveSession, :clean_gitlab_redis_shared_state do
         redis.sadd("session:lookup:user:gitlab:#{user.id}", session_ids)
       end
 
-      expect(ActiveSession.session_ids_for_user(user)).to eq(session_ids)
+      expect(ActiveSession.session_ids_for_user(user.id)).to eq(session_ids)
     end
   end
 
diff --git a/spec/tasks/gitlab/cleanup_rake_spec.rb b/spec/tasks/gitlab/cleanup_rake_spec.rb
index 92c094f08a4..4aee6d005a8 100644
--- a/spec/tasks/gitlab/cleanup_rake_spec.rb
+++ b/spec/tasks/gitlab/cleanup_rake_spec.rb
@@ -185,4 +185,34 @@ describe 'gitlab:cleanup rake tasks' do
       end
     end
   end
+
+  context 'sessions' do
+    describe 'gitlab:cleanup:sessions:active_sessions_lookup_keys', :clean_gitlab_redis_shared_state do
+      subject(:rake_task) { run_rake_task('gitlab:cleanup:sessions:active_sessions_lookup_keys') }
+
+      let!(:user) { create(:user) }
+      let(:existing_session_id) { '5' }
+
+      before do
+        Gitlab::Redis::SharedState.with do |redis|
+          redis.set("session:user:gitlab:#{user.id}:#{existing_session_id}",
+                    Marshal.dump(true))
+          redis.sadd("session:lookup:user:gitlab:#{user.id}", (1..10).to_a)
+        end
+      end
+
+      it 'runs the task without errors' do
+        expect { rake_task }.not_to raise_error
+      end
+
+      it 'removes expired active session lookup keys' do
+        Gitlab::Redis::SharedState.with do |redis|
+          lookup_key = "session:lookup:user:gitlab:#{user.id}"
+          expect { subject }.to change { redis.scard(lookup_key) }.from(10).to(1)
+          expect(redis.smembers("session:lookup:user:gitlab:#{user.id}")).to(
+            eql([existing_session_id]))
+        end
+      end
+    end
+  end
 end
-- 
cgit v1.2.1


From 324b8109c9497350c13c8eb2da08939a865aad6d Mon Sep 17 00:00:00 2001
From: Paul Gascou-Vaillancourt <paul.gascvail@gmail.com>
Date: Fri, 19 Jul 2019 14:12:37 -0400
Subject: Fix translation of 'Updated' term in projects list

---
 app/views/shared/projects/_project.html.haml        | 2 +-
 changelogs/unreleased/fix-i18n-updated-projects.yml | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/fix-i18n-updated-projects.yml

diff --git a/app/views/shared/projects/_project.html.haml b/app/views/shared/projects/_project.html.haml
index 04f72420fe1..c4d1bdad2c4 100644
--- a/app/views/shared/projects/_project.html.haml
+++ b/app/views/shared/projects/_project.html.haml
@@ -89,4 +89,4 @@
             %span.icon-wrapper.pipeline-status
               = render 'ci/status/icon', status: project.commit.last_pipeline.detailed_status(current_user), type: 'commit', tooltip_placement: 'top', path: pipeline_path
         .updated-note
-          %span _('Updated') #{updated_tooltip}
+          %span #{_('Updated')} #{updated_tooltip}
diff --git a/changelogs/unreleased/fix-i18n-updated-projects.yml b/changelogs/unreleased/fix-i18n-updated-projects.yml
new file mode 100644
index 00000000000..408ee438480
--- /dev/null
+++ b/changelogs/unreleased/fix-i18n-updated-projects.yml
@@ -0,0 +1,5 @@
+---
+title: Properly translate term in projects list
+merge_request: 30958
+author:
+type: fixed
-- 
cgit v1.2.1


From 77e2e453649220ba9c002c935bbc18c34fbf5b11 Mon Sep 17 00:00:00 2001
From: Vladimir Shushlin <vshushlin@gitlab.com>
Date: Mon, 22 Jul 2019 15:38:08 +0000
Subject: Validate certificate chain only if it's changed

This validation prevents the domain from being saved from the UI
e.g. when user tries to enable Let's Encrypt integration
---
 app/models/pages_domain.rb                         |  2 +-
 ...-enabled-if-current-certificate-is-outdated.yml |  6 ++
 spec/factories/pages_domains.rb                    | 84 ++++++++++++++++++++++
 spec/models/pages_domain_spec.rb                   | 24 +++++++
 4 files changed, 115 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/64870-can-t-save-pages-domain-form-with-let-s-encrypt-enabled-if-current-certificate-is-outdated.yml

diff --git a/app/models/pages_domain.rb b/app/models/pages_domain.rb
index e6e491634ab..27c122d3559 100644
--- a/app/models/pages_domain.rb
+++ b/app/models/pages_domain.rb
@@ -22,7 +22,7 @@ class PagesDomain < ApplicationRecord
 
   validate :validate_pages_domain
   validate :validate_matching_key, if: ->(domain) { domain.certificate.present? || domain.key.present? }
-  validate :validate_intermediates, if: ->(domain) { domain.certificate.present? }
+  validate :validate_intermediates, if: ->(domain) { domain.certificate.present? && domain.certificate_changed? }
 
   attr_encrypted :key,
     mode: :per_attribute_iv_and_salt,
diff --git a/changelogs/unreleased/64870-can-t-save-pages-domain-form-with-let-s-encrypt-enabled-if-current-certificate-is-outdated.yml b/changelogs/unreleased/64870-can-t-save-pages-domain-form-with-let-s-encrypt-enabled-if-current-certificate-is-outdated.yml
new file mode 100644
index 00000000000..291901d64ed
--- /dev/null
+++ b/changelogs/unreleased/64870-can-t-save-pages-domain-form-with-let-s-encrypt-enabled-if-current-certificate-is-outdated.yml
@@ -0,0 +1,6 @@
+---
+title: Fix "Certificate misses intermediates" UI error when enabling Let's Encrypt
+  integration for pages domain
+merge_request: 30995
+author:
+type: fixed
diff --git a/spec/factories/pages_domains.rb b/spec/factories/pages_domains.rb
index 3e0baab04ce..e441dfcf229 100644
--- a/spec/factories/pages_domains.rb
+++ b/spec/factories/pages_domains.rb
@@ -166,6 +166,90 @@ pu/xO28QOG8=
 -----END CERTIFICATE-----'
     end
 
+    trait :with_trusted_expired_chain do
+      # This contains
+      # Let's Encrypt Authority X3
+      # DST Root CA X3
+      certificate '-----BEGIN CERTIFICATE-----
+MIIFSjCCBDKgAwIBAgISAw24xGWrFotvTBa6AZI/pzq1MA0GCSqGSIb3DQEBCwUA
+MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
+ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAzMDcxNzU5NTZaFw0x
+OTA2MDUxNzU5NTZaMBQxEjAQBgNVBAMTCXN5dHNlLmNvbTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALtIpQuqeZN6OgEE+y2UoGC/31Vt9NAeQWvTuWWO
+nMn/MvDJiw8731Dx4DDbMjhF50UBE20a9iAu2nhlxcsuuIITk2MXKMEgPtqSbwM7
+Mg0/WvgrBOWnF9CpdD3qcsjtstT6Djij06VfMfUrRZzMkGgbGzudR0cShKPmkBVU
+LgB6crFmSQ/qHt5PzBivdexCUpz5WzSKU5UWYFx2UnkSLykvEJuUr3Nn4/o9oyKw
+Qoiq354S262mFuMW+s6wQdMNNkwj41OqCwAGbqq7YUYLDc8OQiRC2LcqSO5yYnnA
+0lNfbEatZ1BzHiDjTH7wMUtwcLGHsZ1C5ZmORD2s2gtGiRkCAwEAAaOCAl4wggJa
+MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
+DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUAMn3t1s4zXdOQbJFOP1riSwjuGkwHwYD
+VR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4G
+CCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8G
+CCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzAU
+BgNVHREEDTALgglzeXRzZS5jb20wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYB
+BAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5v
+cmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdQB0ftqDMa0zEJEhnM4lT0Jwwr/9
+XkIgCMY3NXnmEHvMVgAAAWlZhr4pAAAEAwBGMEQCIBEA+3oiM1UJKY1kajBO5Aoz
+9AZMMlImaR1X5hFIPr95AiBXGIACuXUDLchB0kT8VIG/jM4f9iuXMoYCoKNJggNM
+/gB3ACk8UZZUyDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAABaVmGv/AAAAQD
+AEgwRgIhANeTA7H51SZUmcT2ldtumFYX6/OkOr0fdvze72U0j9U9AiEAjSOSVQmi
+ZdYK6u3JYkDVOWsEzyKwjPWod8UN5K3ej0EwDQYJKoZIhvcNAQELBQADggEBAJev
+ArtxZVVTmLghV0O7471J1mN1fVC2p6b3AsK/TqrI7aiq8XuQq76KmUsB+U05MTXH
+3sYiHm+/RJ7+ljiKVIC8ZfbQsHo5I+F1CNMo6JB6z8Z+bOeRkoves5FNYmiJnUjO
+uoGzt//CyldbX1dEPVNuU7P0s2wZ6Bubump2LoapGIiGxQJfeb0vj0TQzfRacTIZ
+x9U5E/D0y0iewX4kPHK17QDBsSL9WlqsRzFAkQjJ9XWUVn3BO7JG3WU47iOuykby
+y2HmOWUxjv1Yf/H/OYRBiuSCR4LhrE5Ze4tTo2AByrXQ5h7ezjDJQqnKBP5NuwIq
+7NuX+D2esUNos/D6uJg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
+MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
+DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow
+SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT
+GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF
+q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8
+SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0
+Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA
+a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj
+/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T
+AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG
+CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv
+bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k
+c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw
+VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC
+ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz
+MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu
+Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF
+AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo
+uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/
+wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu
+X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG
+PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6
+KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
+MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
+DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow
+PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
+Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O
+rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq
+OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b
+xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw
+7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD
+aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
+HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG
+SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69
+ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr
+AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz
+R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
+JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
+Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
+-----END CERTIFICATE-----'
+    end
+
     trait :with_expired_certificate do
       certificate '-----BEGIN CERTIFICATE-----
 MIIBsDCCARmgAwIBAgIBATANBgkqhkiG9w0BAQUFADAeMRwwGgYDVQQDExNleHBp
diff --git a/spec/models/pages_domain_spec.rb b/spec/models/pages_domain_spec.rb
index 973c67937b7..519c519fbcf 100644
--- a/spec/models/pages_domain_spec.rb
+++ b/spec/models/pages_domain_spec.rb
@@ -127,6 +127,30 @@ describe PagesDomain do
 
       it { is_expected.not_to be_valid }
     end
+
+    context 'when certificate is expired' do
+      let(:domain) do
+        build(:pages_domain, :with_trusted_expired_chain)
+      end
+
+      context 'when certificate is being changed' do
+        it "adds error to certificate" do
+          domain.valid?
+
+          expect(domain.errors.keys).to contain_exactly(:key, :certificate)
+        end
+      end
+
+      context 'when certificate is already saved' do
+        it "doesn't add error to certificate" do
+          domain.save(validate: false)
+
+          domain.valid?
+
+          expect(domain.errors.keys).to contain_exactly(:key)
+        end
+      end
+    end
   end
 
   describe 'validations' do
-- 
cgit v1.2.1


From b0eafaaca10ce291490ee8b69cae0ce7592c1694 Mon Sep 17 00:00:00 2001
From: Brett Walker <bwalker@gitlab.com>
Date: Tue, 9 Jul 2019 17:34:44 -0500
Subject: Add index for issues on relative position, project

and state
---
 app/models/issue.rb                                  |  2 +-
 .../bw-add-index-for-relative-position.yml           |  5 +++++
 ...09220143_add_index_to_issues_relative_position.rb | 20 ++++++++++++++++++++
 db/schema.rb                                         |  1 +
 4 files changed, 27 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/bw-add-index-for-relative-position.yml
 create mode 100644 db/migrate/20190709220143_add_index_to_issues_relative_position.rb

diff --git a/app/models/issue.rb b/app/models/issue.rb
index 12d30389910..8c5dd5e382e 100644
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -131,7 +131,7 @@ class Issue < ApplicationRecord
     when 'due_date'            then order_due_date_asc
     when 'due_date_asc'        then order_due_date_asc
     when 'due_date_desc'       then order_due_date_desc
-    when 'relative_position'   then order_relative_position_asc
+    when 'relative_position'   then order_relative_position_asc.with_order_id_desc
     else
       super
     end
diff --git a/changelogs/unreleased/bw-add-index-for-relative-position.yml b/changelogs/unreleased/bw-add-index-for-relative-position.yml
new file mode 100644
index 00000000000..80ca20992e6
--- /dev/null
+++ b/changelogs/unreleased/bw-add-index-for-relative-position.yml
@@ -0,0 +1,5 @@
+---
+title: Add index for issues on relative position, project, and state for manual sorting
+merge_request: 30542
+author:
+type: fixed
diff --git a/db/migrate/20190709220143_add_index_to_issues_relative_position.rb b/db/migrate/20190709220143_add_index_to_issues_relative_position.rb
new file mode 100644
index 00000000000..effab33ce4f
--- /dev/null
+++ b/db/migrate/20190709220143_add_index_to_issues_relative_position.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+class AddIndexToIssuesRelativePosition < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  # Set this constant to true if this migration requires downtime.
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  INDEX_NAME = 'index_issues_on_project_id_and_state_and_rel_position_and_id'.freeze
+
+  def up
+    add_concurrent_index :issues, [:project_id, :state, :relative_position, :id], order: { id: :desc }, name: INDEX_NAME
+  end
+
+  def down
+    remove_concurrent_index_by_name :issues, INDEX_NAME
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 79cd1a3a797..681353121db 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1682,6 +1682,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.index ["project_id", "created_at", "id", "state"], name: "index_issues_on_project_id_and_created_at_and_id_and_state", using: :btree
     t.index ["project_id", "due_date", "id", "state"], name: "idx_issues_on_project_id_and_due_date_and_id_and_state_partial", where: "(due_date IS NOT NULL)", using: :btree
     t.index ["project_id", "iid"], name: "index_issues_on_project_id_and_iid", unique: true, using: :btree
+    t.index ["project_id", "state", "relative_position", "id"], name: "index_issues_on_project_id_and_state_and_rel_position_and_id", order: { id: :desc }, using: :btree
     t.index ["project_id", "updated_at", "id", "state"], name: "index_issues_on_project_id_and_updated_at_and_id_and_state", using: :btree
     t.index ["relative_position"], name: "index_issues_on_relative_position", using: :btree
     t.index ["state"], name: "index_issues_on_state", using: :btree
-- 
cgit v1.2.1


From f3b00b60b4f3b1edac1d6734d0d377ce7f182d27 Mon Sep 17 00:00:00 2001
From: Nathan Friend <nathan@gitlab.com>
Date: Mon, 22 Jul 2019 16:05:37 +0000
Subject: Clarify project name vs path

---
 doc/api/README.md | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/doc/api/README.md b/doc/api/README.md
index f9cc1a09870..a564abaa305 100644
--- a/doc/api/README.md
+++ b/doc/api/README.md
@@ -515,7 +515,7 @@ more than 10,000, the `X-Total` and `X-Total-Pages` headers as well as the
 
 ## Namespaced path encoding
 
-If using namespaced API calls, make sure that the `NAMESPACE/PROJECT_NAME` is
+If using namespaced API calls, make sure that the `NAMESPACE/PROJECT_PATH` is
 URL-encoded.
 
 For example, `/` is represented by `%2F`:
@@ -524,6 +524,11 @@ For example, `/` is represented by `%2F`:
 GET /api/v4/projects/diaspora%2Fdiaspora
 ```
 
+NOTE: **Note:**
+A project's **path** is not necessarily the same as its **name**.  A
+project's path can found in the project's URL or in the project's settings
+under **General > Advanced > Change path**.
+
 ## Branches and tags name encoding
 
 If your branch or tag contains a `/`, make sure the branch/tag name is
-- 
cgit v1.2.1


From 3c6fee700d52db4da1b3662caf6e1dfe76f56977 Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Wed, 17 Jul 2019 17:17:02 -0500
Subject: CE-EE parity for pipelines development fixture

---
 db/fixtures/development/14_pipelines.rb | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/db/fixtures/development/14_pipelines.rb b/db/fixtures/development/14_pipelines.rb
index db043e39d2c..ffba934021e 100644
--- a/db/fixtures/development/14_pipelines.rb
+++ b/db/fixtures/development/14_pipelines.rb
@@ -79,7 +79,15 @@ class Gitlab::Seeder::Pipelines
 
   def create_master_pipelines
     @project.repository.commits('master', limit: 4).map do |commit|
-      create_pipeline!(@project, 'master', commit)
+      create_pipeline!(@project, 'master', commit).tap do |pipeline|
+        random_pipeline.tap do |triggered_by_pipeline|
+          triggered_by_pipeline.sourced_pipelines.create(
+            source_job: triggered_by_pipeline.builds.all.sample,
+            source_project: triggered_by_pipeline.project,
+            project: pipeline.project,
+            pipeline: pipeline)
+        end
+      end
     end
   rescue
     []
@@ -231,6 +239,10 @@ class Gitlab::Seeder::Pipelines
     @project.team.users.sample
   end
 
+  def random_pipeline
+    Ci::Pipeline.limit(4).all.sample
+  end
+
   def build_status
     Ci::Build::AVAILABLE_STATUSES.sample
   end
-- 
cgit v1.2.1


From 6331ddbe56a30b230935995d1daf644761f154eb Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Mon, 22 Jul 2019 11:42:16 -0500
Subject: CE pipelines don't respond to sourced_pipelines

We also scope the `rescue`s to only those raised by ActiveRecord, which
would have allowed us to spot this logic error sooner.
---
 db/fixtures/development/14_pipelines.rb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/db/fixtures/development/14_pipelines.rb b/db/fixtures/development/14_pipelines.rb
index ffba934021e..05bda7d3672 100644
--- a/db/fixtures/development/14_pipelines.rb
+++ b/db/fixtures/development/14_pipelines.rb
@@ -81,7 +81,7 @@ class Gitlab::Seeder::Pipelines
     @project.repository.commits('master', limit: 4).map do |commit|
       create_pipeline!(@project, 'master', commit).tap do |pipeline|
         random_pipeline.tap do |triggered_by_pipeline|
-          triggered_by_pipeline.sourced_pipelines.create(
+          triggered_by_pipeline.try(:sourced_pipelines)&.create(
             source_job: triggered_by_pipeline.builds.all.sample,
             source_project: triggered_by_pipeline.project,
             project: pipeline.project,
@@ -89,7 +89,7 @@ class Gitlab::Seeder::Pipelines
         end
       end
     end
-  rescue
+  rescue ActiveRecord::ActiveRecordError
     []
   end
 
@@ -106,7 +106,7 @@ class Gitlab::Seeder::Pipelines
     end
 
     pipelines.flatten
-  rescue
+  rescue ActiveRecord::ActiveRecordError
     []
   end
 
-- 
cgit v1.2.1


From 10371fb25a81064402c82033a7448a6c314efb6a Mon Sep 17 00:00:00 2001
From: Lukas Eipert <leipert@gitlab.com>
Date: Mon, 22 Jul 2019 19:05:17 +0200
Subject: Use debian based node images for qa tests

The alpine images do not contain a full build toolchain, so if the
pre-compiled node-sass bindings cannot be downloaded, they will error
and break master. By switching to the debian based images, we are able
to compile in case the downloads are not available.
---
 .gitlab/ci/frontend.gitlab-ci.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml
index b00d2f46088..5d4bbc06e93 100644
--- a/.gitlab/ci/frontend.gitlab-ci.yml
+++ b/.gitlab/ci/frontend.gitlab-ci.yml
@@ -210,15 +210,15 @@ qa:selectors:
 
 qa-frontend-node:8:
   <<: *qa-frontend-node
-  image: node:8-alpine
+  image: node:carbon
 
 qa-frontend-node:10:
   <<: *qa-frontend-node
-  image: node:10-alpine
+  image: node:dubnium
 
 qa-frontend-node:latest:
   <<: *qa-frontend-node
-  image: node:alpine
+  image: node:latest
   allow_failure: true
 
 lint:javascript:report:
-- 
cgit v1.2.1


From 583c12acf44ba18adea45eb0e61f287861c44e43 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Sun, 21 Jul 2019 23:00:37 -0700
Subject: Use persistent Redis cluster for Workhorse pub/sub notifications

Previously, in Omnibus, Workhorse expected to listen via the Redis
shared state cluster for the `workhorse:notifications` publish/subscribe
channel, but the Rails code was using the Sidekiq queue cluster for
this. To fix this inconsistency, we make the Rails code use the
persistent cluster, since we don't want Workhorse to be looking at
anything Sidekiq-related.
---
 app/models/ci/runner.rb                                      | 2 +-
 changelogs/unreleased/sh-use-shared-state-cluster-pubsub.yml | 5 +++++
 lib/gitlab/workhorse.rb                                      | 2 +-
 spec/lib/gitlab/workhorse_spec.rb                            | 1 +
 spec/models/ci/runner_spec.rb                                | 4 ++--
 5 files changed, 10 insertions(+), 4 deletions(-)
 create mode 100644 changelogs/unreleased/sh-use-shared-state-cluster-pubsub.yml

diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb
index 07d00503861..43ff874ac23 100644
--- a/app/models/ci/runner.rb
+++ b/app/models/ci/runner.rb
@@ -264,7 +264,7 @@ module Ci
     private
 
     def cleanup_runner_queue
-      Gitlab::Redis::Queues.with do |redis|
+      Gitlab::Redis::SharedState.with do |redis|
         redis.del(runner_queue_key)
       end
     end
diff --git a/changelogs/unreleased/sh-use-shared-state-cluster-pubsub.yml b/changelogs/unreleased/sh-use-shared-state-cluster-pubsub.yml
new file mode 100644
index 00000000000..5e72f23d7ad
--- /dev/null
+++ b/changelogs/unreleased/sh-use-shared-state-cluster-pubsub.yml
@@ -0,0 +1,5 @@
+---
+title: Use persistent Redis cluster for Workhorse pub/sub notifications
+merge_request: 30990
+author:
+type: fixed
diff --git a/lib/gitlab/workhorse.rb b/lib/gitlab/workhorse.rb
index 46a7b5b982a..3b77fe838ae 100644
--- a/lib/gitlab/workhorse.rb
+++ b/lib/gitlab/workhorse.rb
@@ -221,7 +221,7 @@ module Gitlab
       end
 
       def set_key_and_notify(key, value, expire: nil, overwrite: true)
-        Gitlab::Redis::Queues.with do |redis|
+        Gitlab::Redis::SharedState.with do |redis|
           result = redis.set(key, value, ex: expire, nx: !overwrite)
           if result
             redis.publish(NOTIFICATION_CHANNEL, "#{key}=#{value}")
diff --git a/spec/lib/gitlab/workhorse_spec.rb b/spec/lib/gitlab/workhorse_spec.rb
index f8332757fcd..451e18ed91b 100644
--- a/spec/lib/gitlab/workhorse_spec.rb
+++ b/spec/lib/gitlab/workhorse_spec.rb
@@ -404,6 +404,7 @@ describe Gitlab::Workhorse do
       end
 
       it 'set and notify' do
+        expect(Gitlab::Redis::SharedState).to receive(:with).and_call_original
         expect_any_instance_of(::Redis).to receive(:publish)
           .with(described_class::NOTIFICATION_CHANNEL, "test-key=test-value")
 
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index f735a89f69f..24ea059e871 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -554,7 +554,7 @@ describe Ci::Runner do
     end
 
     def expect_value_in_queues
-      Gitlab::Redis::Queues.with do |redis|
+      Gitlab::Redis::SharedState.with do |redis|
         runner_queue_key = runner.send(:runner_queue_key)
         expect(redis.get(runner_queue_key))
       end
@@ -627,7 +627,7 @@ describe Ci::Runner do
       end
 
       it 'cleans up the queue' do
-        Gitlab::Redis::Queues.with do |redis|
+        Gitlab::Redis::SharedState.with do |redis|
           expect(redis.get(queue_key)).to be_nil
         end
       end
-- 
cgit v1.2.1


From 4b84e1c40d4f7e91cd53ee683d8309e6da947b6f Mon Sep 17 00:00:00 2001
From: Mike Greiling <mike@pixelcog.com>
Date: Mon, 22 Jul 2019 14:45:14 -0500
Subject: Fix xterm CSS not loading

---
 config/application.rb | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/config/application.rb b/config/application.rb
index de386506233..aaf57e8f6a9 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -168,7 +168,6 @@ module Gitlab
 
     # Import gitlab-svgs directly from vendored directory
     config.assets.paths << "#{config.root}/node_modules/@gitlab/svgs/dist"
-    config.assets.paths << "#{config.root}/node_modules"
     config.assets.precompile << "icons.svg"
     config.assets.precompile << "icons.json"
     config.assets.precompile << "illustrations/*.svg"
@@ -186,6 +185,10 @@ module Gitlab
     config.assets.paths << "#{config.root}/vendor/assets/javascripts/"
     config.assets.precompile << "snowplow/sp.js"
 
+    # This path must come last to avoid confusing sprockets
+    # See https://gitlab.com/gitlab-org/gitlab-ce/issues/64091#note_194512508
+    config.assets.paths << "#{config.root}/node_modules"
+
     # Compile non-JS/CSS assets in the ee/app/assets folder by default
     # Mimic sprockets-rails default: https://github.com/rails/sprockets-rails/blob/v3.2.1/lib/sprockets/railtie.rb#L84-L87
     LOOSE_EE_APP_ASSETS = lambda do |logical_path, filename|
-- 
cgit v1.2.1


From bdf4da81a5b3fb3bd5eab6527b81e593078cad60 Mon Sep 17 00:00:00 2001
From: Gosia Ksionek <mksionek@gitlab.com>
Date: Mon, 22 Jul 2019 19:52:32 +0000
Subject: Add review remarks

Add cr remarks

Add cr remarks
---
 .../projects/cycle_analytics/events_controller.rb  | 10 ++--
 .../cycle_analytics/events_controller_spec.rb      | 64 ++++++++++++++++++++++
 2 files changed, 69 insertions(+), 5 deletions(-)
 create mode 100644 spec/controllers/projects/cycle_analytics/events_controller_spec.rb

diff --git a/app/controllers/projects/cycle_analytics/events_controller.rb b/app/controllers/projects/cycle_analytics/events_controller.rb
index 6314d9f2a9f..926592b9681 100644
--- a/app/controllers/projects/cycle_analytics/events_controller.rb
+++ b/app/controllers/projects/cycle_analytics/events_controller.rb
@@ -23,7 +23,7 @@ module Projects
       end
 
       def test
-        options(events_params)[:branch] = events_params[:branch_name]
+        options(cycle_analytics_params)[:branch] = cycle_analytics_params[:branch_name]
 
         render_events(cycle_analytics[:test].events)
       end
@@ -50,13 +50,13 @@ module Projects
       end
 
       def cycle_analytics
-        @cycle_analytics ||= ::CycleAnalytics::ProjectLevel.new(project, options: options(events_params))
+        @cycle_analytics ||= ::CycleAnalytics::ProjectLevel.new(project, options: options(cycle_analytics_params))
       end
 
-      def events_params
-        return {} unless params[:events].present?
+      def cycle_analytics_params
+        return {} unless params[:cycle_analytics].present?
 
-        params[:events].permit(:start_date, :branch_name)
+        params[:cycle_analytics].permit(:start_date, :branch_name)
       end
     end
   end
diff --git a/spec/controllers/projects/cycle_analytics/events_controller_spec.rb b/spec/controllers/projects/cycle_analytics/events_controller_spec.rb
new file mode 100644
index 00000000000..8fc3ae0aa32
--- /dev/null
+++ b/spec/controllers/projects/cycle_analytics/events_controller_spec.rb
@@ -0,0 +1,64 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Projects::CycleAnalytics::EventsController do
+  let(:project) { create(:project, :repository) }
+  let(:user) { create(:user) }
+
+  before do
+    sign_in(user)
+    project.add_maintainer(user)
+  end
+
+  describe 'cycle analytics not set up flag' do
+    context 'with no data' do
+      it 'is empty' do
+        get_issue
+
+        expect(response).to be_success
+        expect(JSON.parse(response.body)['events']).to be_empty
+      end
+    end
+
+    context 'with data' do
+      let(:milestone) { create(:milestone, project: project, created_at: 10.days.ago) }
+      let(:issue) { create(:issue, project: project, created_at: 9.days.ago) }
+
+      before do
+        issue.update(milestone: milestone)
+      end
+
+      it 'is not empty' do
+        get_issue
+
+        expect(response).to be_success
+      end
+
+      it 'contains event detais' do
+        get_issue
+
+        events = JSON.parse(response.body)['events']
+
+        expect(events).not_to be_empty
+        expect(events.first).to include('title', 'author', 'iid', 'total_time', 'created_at', 'url')
+        expect(events.first['title']).to eq(issue.title)
+      end
+
+      context 'with data older than start date' do
+        it 'is empty' do
+          get_issue(additional_params: { cycle_analytics: { start_date: 7 } })
+
+          expect(response).to be_success
+
+          expect(JSON.parse(response.body)['events']).to be_empty
+        end
+      end
+    end
+  end
+
+  def get_issue(additional_params: {})
+    params = additional_params.merge(namespace_id: project.namespace, project_id: project)
+    get(:issue, params: params, format: :json)
+  end
+end
-- 
cgit v1.2.1


From 71045b89f6f0e9c347526b2d90f945dfbcbebdcc Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Fri, 19 Jul 2019 15:17:54 -0700
Subject: Convert githost.log to JSON format

This will make it easier to parse this in production and adds the
`correlation_id` if available.
---
 changelogs/unreleased/sh-make-githost-json.yml |  5 +++++
 doc/administration/logs.md                     | 14 ++++++++++----
 lib/gitlab/git_logger.rb                       |  6 +-----
 3 files changed, 16 insertions(+), 9 deletions(-)
 create mode 100644 changelogs/unreleased/sh-make-githost-json.yml

diff --git a/changelogs/unreleased/sh-make-githost-json.yml b/changelogs/unreleased/sh-make-githost-json.yml
new file mode 100644
index 00000000000..f4113a693cc
--- /dev/null
+++ b/changelogs/unreleased/sh-make-githost-json.yml
@@ -0,0 +1,5 @@
+---
+title: Convert githost.log to JSON format
+merge_request: 30967
+author:
+type: changed
diff --git a/doc/administration/logs.md b/doc/administration/logs.md
index 5a2f389d298..563701b8677 100644
--- a/doc/administration/logs.md
+++ b/doc/administration/logs.md
@@ -157,16 +157,22 @@ This file lives in `/var/log/gitlab/gitlab-rails/githost.log` for
 Omnibus GitLab packages or in `/home/git/gitlab/log/githost.log` for
 installations from source.
 
+NOTE: **Note:**
+After 12.2, this file will be stored in JSON format.
+
 GitLab has to interact with Git repositories but in some rare cases
 something can go wrong and in this case you will know what exactly
 happened. This log file contains all failed requests from GitLab to Git
 repositories. In the majority of cases this file will be useful for developers
 only. For example:
 
-```
-December 03, 2014 13:20 -> ERROR -> Command failed [1]: /usr/bin/git --git-dir=/Users/vsizov/gitlab-development-kit/gitlab/tmp/tests/gitlab-satellites/group184/gitlabhq/.git --work-tree=/Users/vsizov/gitlab-development-kit/gitlab/tmp/tests/gitlab-satellites/group184/gitlabhq merge --no-ff -mMerge branch 'feature_conflict' into 'feature' source/feature_conflict
-
-error: failed to push some refs to '/Users/vsizov/gitlab-development-kit/repositories/gitlabhq/gitlab_git.git'
+```json
+{
+   "severity":"ERROR",
+   "time":"2019-07-19T22:16:12.528Z",
+   "correlation_id":"FeGxww5Hj64",
+   "message":"Command failed [1]: /usr/bin/git --git-dir=/Users/vsizov/gitlab-development-kit/gitlab/tmp/tests/gitlab-satellites/group184/gitlabhq/.git --work-tree=/Users/vsizov/gitlab-development-kit/gitlab/tmp/tests/gitlab-satellites/group184/gitlabhq merge --no-ff -mMerge branch 'feature_conflict' into 'feature' source/feature_conflict\n\nerror: failed to push some refs to '/Users/vsizov/gitlab-development-kit/repositories/gitlabhq/gitlab_git.git'"
+}
 ```
 
 ## `audit_json.log`
diff --git a/lib/gitlab/git_logger.rb b/lib/gitlab/git_logger.rb
index dac4ddd320f..ded5349be01 100644
--- a/lib/gitlab/git_logger.rb
+++ b/lib/gitlab/git_logger.rb
@@ -1,13 +1,9 @@
 # frozen_string_literal: true
 
 module Gitlab
-  class GitLogger < Gitlab::Logger
+  class GitLogger < JsonLogger
     def self.file_name_noext
       'githost'
     end
-
-    def format_message(severity, timestamp, progname, msg)
-      "#{timestamp.to_s(:long)} -> #{severity} -> #{msg}\n"
-    end
   end
 end
-- 
cgit v1.2.1


From 64d1684498e11b1e2196ceb3c4911f26a9f2d624 Mon Sep 17 00:00:00 2001
From: Mike Greiling <mike@pixelcog.com>
Date: Mon, 22 Jul 2019 15:05:03 -0500
Subject: Add CHANGELOG.md entry

---
 changelogs/unreleased/64091-fix-sprockets-paths.yml | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changelogs/unreleased/64091-fix-sprockets-paths.yml

diff --git a/changelogs/unreleased/64091-fix-sprockets-paths.yml b/changelogs/unreleased/64091-fix-sprockets-paths.yml
new file mode 100644
index 00000000000..fcd8b2faa49
--- /dev/null
+++ b/changelogs/unreleased/64091-fix-sprockets-paths.yml
@@ -0,0 +1,5 @@
+---
+title: Fix xterm css not loading for environment terminal
+merge_request: 31023
+author:
+type: fixed
-- 
cgit v1.2.1


From 8214ce34c83df459767af79955cfb123575f8b65 Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Mon, 22 Jul 2019 17:50:23 +0800
Subject: Port EE specific settings to CE

---
 config/initializers/1_settings.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 3a121addc98..494c4dd1f93 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -217,6 +217,7 @@ Gitlab.ee do
   Settings['elasticsearch'] ||= Settingslogic.new({})
   Settings.elasticsearch['enabled'] = false if Settings.elasticsearch['enabled'].nil?
   Settings.elasticsearch['url'] = ENV['ELASTIC_URL'] || "http://localhost:9200"
+  Settings.elasticsearch['indexer_path'] ||= Gitlab::Utils.which('gitlab-elasticsearch-indexer')
 end
 
 #
-- 
cgit v1.2.1


From 996cf4b640c92fcc4c59bfe4cb9f2003a206bc6a Mon Sep 17 00:00:00 2001
From: Alex Kalderimis <alex.kalderimis@gmail.com>
Date: Mon, 22 Jul 2019 10:47:54 -0400
Subject: Refactor usage data counters specs

This makes these tests available for other implementations
---
 .../usage_data_counters/wiki_page_counter_spec.rb  | 73 +++-------------------
 .../gitlab/usage_data_counters/a_redis_counter.rb  | 57 +++++++++++++++++
 2 files changed, 66 insertions(+), 64 deletions(-)
 create mode 100644 spec/support/shared_examples/lib/gitlab/usage_data_counters/a_redis_counter.rb

diff --git a/spec/lib/gitlab/usage_data_counters/wiki_page_counter_spec.rb b/spec/lib/gitlab/usage_data_counters/wiki_page_counter_spec.rb
index 41afbbb191c..4e8ae35187e 100644
--- a/spec/lib/gitlab/usage_data_counters/wiki_page_counter_spec.rb
+++ b/spec/lib/gitlab/usage_data_counters/wiki_page_counter_spec.rb
@@ -2,68 +2,13 @@
 
 require 'spec_helper'
 
-describe Gitlab::UsageDataCounters::WikiPageCounter, :clean_gitlab_redis_shared_state do
-  shared_examples :wiki_page_event do |event|
-    describe ".count(#{event})" do
-      it "increments the wiki page #{event} counter by 1" do
-        expect do
-          described_class.count(event)
-        end.to change { described_class.read(event) }.by 1
-      end
-    end
-
-    describe ".read(#{event})" do
-      event_count = 5
-
-      it "returns the total number of #{event} events" do
-        event_count.times do
-          described_class.count(event)
-        end
-
-        expect(described_class.read(event)).to eq(event_count)
-      end
-    end
-  end
-
-  include_examples :wiki_page_event, :create
-  include_examples :wiki_page_event, :update
-  include_examples :wiki_page_event, :delete
-
-  describe 'totals' do
-    creations = 5
-    edits = 3
-    deletions = 2
-
-    before do
-      creations.times do
-        described_class.count(:create)
-      end
-      edits.times do
-        described_class.count(:update)
-      end
-      deletions.times do
-        described_class.count(:delete)
-      end
-    end
-
-    it 'can report all totals' do
-      expect(described_class.totals).to include(
-        wiki_pages_update: edits,
-        wiki_pages_create: creations,
-        wiki_pages_delete: deletions
-      )
-    end
-  end
-
-  describe 'unknown events' do
-    error = described_class::UnknownEvent
-
-    it 'cannot increment' do
-      expect { described_class.count(:wibble) }.to raise_error error
-    end
-
-    it 'cannot read' do
-      expect { described_class.read(:wibble) }.to raise_error error
-    end
-  end
+describe Gitlab::UsageDataCounters::WikiPageCounter do
+  it_behaves_like 'a redis usage counter', 'Wiki Page', :create
+  it_behaves_like 'a redis usage counter', 'Wiki Page', :update
+  it_behaves_like 'a redis usage counter', 'Wiki Page', :delete
+
+  it_behaves_like 'a redis usage counter with totals', :wiki_pages,
+    create: 5,
+    update: 3,
+    delete: 2
 end
diff --git a/spec/support/shared_examples/lib/gitlab/usage_data_counters/a_redis_counter.rb b/spec/support/shared_examples/lib/gitlab/usage_data_counters/a_redis_counter.rb
new file mode 100644
index 00000000000..91bf804978d
--- /dev/null
+++ b/spec/support/shared_examples/lib/gitlab/usage_data_counters/a_redis_counter.rb
@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+shared_examples 'a redis usage counter' do |thing, event|
+  describe ".count(#{event})", :clean_gitlab_redis_shared_state do
+    it "increments the #{thing} #{event} counter by 1" do
+      expect do
+        described_class.count(event)
+      end.to change { described_class.read(event) }.by 1
+    end
+  end
+
+  describe ".read(#{event})", :clean_gitlab_redis_shared_state do
+    event_count = 5
+
+    it "returns the total number of #{event} events" do
+      event_count.times do
+        described_class.count(event)
+      end
+
+      expect(described_class.read(event)).to eq(event_count)
+    end
+  end
+end
+
+shared_examples 'a redis usage counter with totals' do |prefix, events|
+  describe 'totals', :clean_gitlab_redis_shared_state do
+    before do
+      events.each do |k, n|
+        n.times do
+          described_class.count(k)
+        end
+      end
+    end
+
+    let(:expected_totals) do
+      events.transform_keys { |k| "#{prefix}_#{k}".to_sym }
+    end
+
+    it 'can report all totals' do
+      expect(described_class.totals).to include(expected_totals)
+    end
+  end
+
+  # Override these let-bindings to adjust the unknown events tests
+  let(:unknown_event) { described_class::UnknownEvent }
+  let(:bad_event) { :wibble }
+
+  describe 'unknown events' do
+    it 'cannot increment' do
+      expect { described_class.count(bad_event) }.to raise_error unknown_event
+    end
+
+    it 'cannot read' do
+      expect { described_class.read(bad_event) }.to raise_error unknown_event
+    end
+  end
+end
-- 
cgit v1.2.1


From f81e15c6473ba56569005643cb24351c10c012d6 Mon Sep 17 00:00:00 2001
From: Lukas Eipert <leipert@gitlab.com>
Date: Mon, 22 Jul 2019 21:23:35 +0000
Subject: Update dependency @gitlab/ui to ^5.7.1

---
 package.json | 2 +-
 yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package.json b/package.json
index aebb52dd07c..541ead632e8 100644
--- a/package.json
+++ b/package.json
@@ -38,7 +38,7 @@
     "@babel/preset-env": "^7.4.4",
     "@gitlab/csslab": "^1.9.0",
     "@gitlab/svgs": "^1.67.0",
-    "@gitlab/ui": "^5.7.0",
+    "@gitlab/ui": "^5.7.1",
     "apollo-cache-inmemory": "^1.5.1",
     "apollo-client": "^2.5.1",
     "apollo-link": "^1.2.11",
diff --git a/yarn.lock b/yarn.lock
index c0c1887a9d1..be8f7940a2c 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -705,10 +705,10 @@
   resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-1.67.0.tgz#c7b94eca13b99fd3aaa737fb6dcc0abc41d3c579"
   integrity sha512-hJOmWEs6RkjzyKkb1vc9wwKGZIBIP0coHkxu/KgOoxhBVudpGk4CH7xJ6UuB2TKpb0SEh5CC1CzRZfBYaFhsaA==
 
-"@gitlab/ui@^5.7.0":
-  version "5.7.0"
-  resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-5.7.0.tgz#2ce6b431de262f09b2e1dbe77b047d6e8e1ca41d"
-  integrity sha512-zOPFNrCGyZrgqa8OXNhtfRg4aQ6pRCpIV2+alq3/4jllYb3HHHH+jIk/ejLrvNe8+fk7LRNSvJEvuInRLqBbEg==
+"@gitlab/ui@^5.7.1":
+  version "5.7.1"
+  resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-5.7.1.tgz#e55d04052dd6e50ed1e90676aacc64290d62c0b6"
+  integrity sha512-F06/6z6/69LbKIK0PYRDTB/teSPUnF7LijHl4JiuYHXn7Y2/iVoLsAMikhT89RVR84orHPGnw16vtCPjSjBDrA==
   dependencies:
     "@babel/standalone" "^7.0.0"
     "@gitlab/vue-toasted" "^1.2.1"
-- 
cgit v1.2.1


From 510d03fec26ac64c1ec643f492676c02f4099a56 Mon Sep 17 00:00:00 2001
From: Peter Leitzen <pleitzen@gitlab.com>
Date: Mon, 22 Jul 2019 22:29:14 +0000
Subject: QA: Prefer `flat_map` over `map` + `flatten`

---
 qa/qa/page/base.rb                      | 4 ++--
 qa/qa/page/validator.rb                 | 6 ++----
 qa/qa/scenario/test/sanity/selectors.rb | 2 +-
 qa/spec/specs/runner_spec.rb            | 4 ++--
 4 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/qa/qa/page/base.rb b/qa/qa/page/base.rb
index 80ce23d5c38..45496c6b245 100644
--- a/qa/qa/page/base.rb
+++ b/qa/qa/page/base.rb
@@ -181,11 +181,11 @@ module QA
           return ["Page class does not have views / elements defined!"]
         end
 
-        views.map(&:errors).flatten
+        views.flat_map(&:errors)
       end
 
       def self.elements
-        views.map(&:elements).flatten
+        views.flat_map(&:elements)
       end
 
       def send_keys_to_element(name, keys)
diff --git a/qa/qa/page/validator.rb b/qa/qa/page/validator.rb
index edd12665f1e..9b2d0a1a41d 100644
--- a/qa/qa/page/validator.rb
+++ b/qa/qa/page/validator.rb
@@ -22,16 +22,14 @@ module QA
       end
 
       def descendants
-        @descendants ||= constants.map do |const|
+        @descendants ||= constants.flat_map do |const|
           case const
           when Class
             const if const < Page::Base
           when Module
             Page::Validator.new(const).descendants
           end
-        end
-
-        @descendants.flatten.compact
+        end.compact
       end
 
       def errors
diff --git a/qa/qa/scenario/test/sanity/selectors.rb b/qa/qa/scenario/test/sanity/selectors.rb
index e05269e8d55..b4d70fc191a 100644
--- a/qa/qa/scenario/test/sanity/selectors.rb
+++ b/qa/qa/scenario/test/sanity/selectors.rb
@@ -14,7 +14,7 @@ module QA
               Page::Validator.new(pages)
             end
 
-            validators.map(&:errors).flatten.tap do |errors|
+            validators.flat_map(&:errors).tap do |errors|
               break if errors.none?
 
               warn <<~EOS
diff --git a/qa/spec/specs/runner_spec.rb b/qa/spec/specs/runner_spec.rb
index 6c533c6dc7d..3d98f03a982 100644
--- a/qa/spec/specs/runner_spec.rb
+++ b/qa/spec/specs/runner_spec.rb
@@ -125,9 +125,9 @@ describe QA::Specs::Runner do
     end
 
     def excluded_feature_tags_except(tag)
-      QA::Runtime::Env.supported_features.except(tag).map do |tag, _|
+      QA::Runtime::Env.supported_features.except(tag).flat_map do |tag, _|
         ['--tag', "~requires_#{tag}"]
-      end.flatten
+      end
     end
 
     def expect_rspec_runner_arguments(arguments)
-- 
cgit v1.2.1


From 0242c2418cbb54df191487cb4965cbc27167826e Mon Sep 17 00:00:00 2001
From: Tristan Williams <2390023-tristan@users.noreply.gitlab.com>
Date: Tue, 23 Jul 2019 02:46:51 +0000
Subject: Docs: Update old SAML settings screenshot

---
 .../group/saml_sso/img/group_saml_settings.png     | Bin 89399 -> 140408 bytes
 doc/user/group/saml_sso/index.md                   |   2 +-
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/group/saml_sso/img/group_saml_settings.png b/doc/user/group/saml_sso/img/group_saml_settings.png
index d95acb5075f..8c5dbe36f98 100644
Binary files a/doc/user/group/saml_sso/img/group_saml_settings.png and b/doc/user/group/saml_sso/img/group_saml_settings.png differ
diff --git a/doc/user/group/saml_sso/index.md b/doc/user/group/saml_sso/index.md
index 54923ab69ff..e3f657af564 100644
--- a/doc/user/group/saml_sso/index.md
+++ b/doc/user/group/saml_sso/index.md
@@ -71,7 +71,7 @@ Once you've set up your identity provider to work with GitLab, you'll need to co
 1. Navigate to the group's **Settings > SAML SSO**.
 1. Find the SSO URL from your Identity Provider and enter it the **Identity provider single sign on URL** field.
 1. Find and enter the fingerprint for the SAML token signing certificate in the **Certificate** field.
-1. Check the **Enable SAML authentication for this group** checkbox.
+1. Click the **Enable SAML authentication for this group** toggle switch.
 1. Click the **Save changes** button.
 
 ![Group SAML Settings for GitLab.com](img/group_saml_settings.png)
-- 
cgit v1.2.1


From af5c88d29d1913982aaa9ef5d3c559a75e0b2c3a Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Mon, 22 Jul 2019 21:29:11 -0700
Subject: Update webpack-bundle-analyzer to 3.3.2

This is needed to fix an issue where updating to the latest Webpack
causes an acorn dependency error:
https://github.com/webpack-contrib/webpack-bundle-analyzer/issues/245

Seen while trying to update dependencies for Mermaid in
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/30985
---
 package.json |  2 +-
 yarn.lock    | 29 +++++++++++++++--------------
 2 files changed, 16 insertions(+), 15 deletions(-)

diff --git a/package.json b/package.json
index aebb52dd07c..4c51080660f 100644
--- a/package.json
+++ b/package.json
@@ -138,7 +138,7 @@
     "vue-virtual-scroll-list": "^1.3.1",
     "vuex": "^3.1.0",
     "webpack": "^4.29.0",
-    "webpack-bundle-analyzer": "^3.0.3",
+    "webpack-bundle-analyzer": "^3.3.2",
     "webpack-cli": "^3.2.1",
     "webpack-stats-plugin": "^0.2.1",
     "worker-loader": "^2.0.0",
diff --git a/yarn.lock b/yarn.lock
index c0c1887a9d1..7f4715a8ba0 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -1275,20 +1275,20 @@ acorn-jsx@^5.0.0:
   resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-5.0.1.tgz#32a064fd925429216a09b141102bfdd185fae40e"
   integrity sha512-HJ7CfNHrfJLlNTzIEUTj43LNWGkqpRLxm3YjAlcD0ACydk9XynzYsCBHxut+iqt+1aBXkx9UP/w/ZqMr13XIzg==
 
-acorn-walk@^6.0.1:
-  version "6.1.1"
-  resolved "https://registry.yarnpkg.com/acorn-walk/-/acorn-walk-6.1.1.tgz#d363b66f5fac5f018ff9c3a1e7b6f8e310cc3913"
-  integrity sha512-OtUw6JUTgxA2QoqqmrmQ7F2NYqiBPi/L2jqHyFtllhOUvXYQXf0Z1CYUinIfyT4bTCGmrA7gX9FvHA81uzCoVw==
+acorn-walk@^6.0.1, acorn-walk@^6.1.1:
+  version "6.2.0"
+  resolved "https://registry.yarnpkg.com/acorn-walk/-/acorn-walk-6.2.0.tgz#123cb8f3b84c2171f1f7fb252615b1c78a6b1a8c"
+  integrity sha512-7evsyfH1cLOCdAzZAd43Cic04yKydNx0cF+7tiA19p1XnLLPU4dpCQOqpjqwokFe//vS0QqfqqjCS2JkiIs0cA==
 
-acorn@^5.5.3, acorn@^5.7.3:
+acorn@^5.5.3:
   version "5.7.3"
   resolved "https://registry.yarnpkg.com/acorn/-/acorn-5.7.3.tgz#67aa231bf8812974b85235a96771eb6bd07ea279"
   integrity sha512-T/zvzYRfbVojPWahDsE5evJdHb3oJoQfFbsrKM7w5Zcs++Tr257tia3BmMP8XYVjp1S9RZXQMh7gao96BlqZOw==
 
-acorn@^6.0.1, acorn@^6.0.2, acorn@^6.0.5:
-  version "6.0.5"
-  resolved "https://registry.yarnpkg.com/acorn/-/acorn-6.0.5.tgz#81730c0815f3f3b34d8efa95cb7430965f4d887a"
-  integrity sha512-i33Zgp3XWtmZBMNvCr4azvOFeWVw1Rk6p3hfi3LUDvIFraOMywb1kAtrbi+med14m4Xfpqm3zRZMT+c0FNE7kg==
+acorn@^6.0.1, acorn@^6.0.2, acorn@^6.0.5, acorn@^6.0.7:
+  version "6.2.1"
+  resolved "https://registry.yarnpkg.com/acorn/-/acorn-6.2.1.tgz#3ed8422d6dec09e6121cc7a843ca86a330a86b51"
+  integrity sha512-JD0xT5FCRDNyjDda3Lrg/IxFscp9q4tiYtxE1/nOzlKCk7hIRuYjhq1kCNkbPjMRMZuFq20HNQn1I9k8Oj0E+Q==
 
 after@0.8.2:
   version "0.8.2"
@@ -11389,12 +11389,13 @@ webidl-conversions@^4.0.2:
   resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-4.0.2.tgz#a855980b1f0b6b359ba1d5d9fb39ae941faa63ad"
   integrity sha512-YQ+BmxuTgd6UXZW3+ICGfyqRyHXVlD5GtQr5+qjiNW7bF0cqrzX500HVXPBOvgXb5YnzDd+h0zqyv61KUD7+Sg==
 
-webpack-bundle-analyzer@^3.0.3:
-  version "3.0.3"
-  resolved "https://registry.yarnpkg.com/webpack-bundle-analyzer/-/webpack-bundle-analyzer-3.0.3.tgz#dbc7fff8f52058b6714a20fddf309d0790e3e0a0"
-  integrity sha512-naLWiRfmtH4UJgtUktRTLw6FdoZJ2RvCR9ePbwM9aRMsS/KjFerkPZG9epEvXRAw5d5oPdrs9+3p+afNjxW8Xw==
+webpack-bundle-analyzer@^3.3.2:
+  version "3.3.2"
+  resolved "https://registry.yarnpkg.com/webpack-bundle-analyzer/-/webpack-bundle-analyzer-3.3.2.tgz#3da733a900f515914e729fcebcd4c40dde71fc6f"
+  integrity sha512-7qvJLPKB4rRWZGjVp5U1KEjwutbDHSKboAl0IfafnrdXMrgC0tOtZbQD6Rw0u4cmpgRN4O02Fc0t8eAT+FgGzA==
   dependencies:
-    acorn "^5.7.3"
+    acorn "^6.0.7"
+    acorn-walk "^6.1.1"
     bfj "^6.1.1"
     chalk "^2.4.1"
     commander "^2.18.0"
-- 
cgit v1.2.1


From 40d6d5e2d0123f1417bb5d3d1ead47bd525f8dac Mon Sep 17 00:00:00 2001
From: Heinrich Lee Yu <heinrich@gitlab.com>
Date: Fri, 19 Jul 2019 01:04:43 +0800
Subject: Make pipeline emails respect group email setting

When a user's notification email is set for a group, we
should use that for pipeline emails
---
 app/mailers/notify.rb                              | 12 +-----
 app/models/group.rb                                |  6 +++
 app/models/user.rb                                 |  5 +++
 app/services/notification_service.rb               |  4 +-
 ...85-fix-pipeline-emails-to-use-group-setting.yml |  5 +++
 spec/models/group_spec.rb                          | 37 +++++++++++++++++
 spec/models/user_spec.rb                           | 33 +++++++++++++++
 spec/services/notification_service_spec.rb         | 48 ++++++++++++++++++----
 .../shared_examples/notify_shared_examples.rb      | 35 +++-------------
 9 files changed, 135 insertions(+), 50 deletions(-)
 create mode 100644 changelogs/unreleased/63485-fix-pipeline-emails-to-use-group-setting.yml

diff --git a/app/mailers/notify.rb b/app/mailers/notify.rb
index 576caea4c10..8ef20a03541 100644
--- a/app/mailers/notify.rb
+++ b/app/mailers/notify.rb
@@ -78,17 +78,7 @@ class Notify < BaseMailer
   #
   # Returns a String containing the User's email address.
   def recipient(recipient_id, notification_group = nil)
-    @current_user = User.find(recipient_id)
-    group_notification_email = nil
-
-    if notification_group
-      notification_settings = notification_group.notification_settings_for(@current_user, hierarchy_order: :asc)
-      group_notification_email = notification_settings.find { |n| n.notification_email.present? }&.notification_email
-    end
-
-    # Return group-specific email address if present, otherwise return global
-    # email address
-    group_notification_email || @current_user.notification_email
+    User.find(recipient_id).notification_email_for(notification_group)
   end
 
   # Formats arguments into a String suitable for use as an email subject
diff --git a/app/models/group.rb b/app/models/group.rb
index 37f30552b39..26ce2957e9b 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -144,6 +144,12 @@ class Group < Namespace
     notification_settings(hierarchy_order: hierarchy_order).where(user: user)
   end
 
+  def notification_email_for(user)
+    # Finds the closest notification_setting with a `notification_email`
+    notification_settings = notification_settings_for(user, hierarchy_order: :asc)
+    notification_settings.find { |n| n.notification_email.present? }&.notification_email
+  end
+
   def to_reference(_from = nil, full: nil)
     "#{self.class.reference_prefix}#{full_path}"
   end
diff --git a/app/models/user.rb b/app/models/user.rb
index 0fd3daa3383..b439d1c0c16 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1259,6 +1259,11 @@ class User < ApplicationRecord
     end
   end
 
+  def notification_email_for(notification_group)
+    # Return group-specific email address if present, otherwise return global notification email address
+    notification_group&.notification_email_for(self) || notification_email
+  end
+
   def notification_settings_for(source)
     if notification_settings.loaded?
       notification_settings.find do |notification|
diff --git a/app/services/notification_service.rb b/app/services/notification_service.rb
index 5aa804666f0..a55771ed538 100644
--- a/app/services/notification_service.rb
+++ b/app/services/notification_service.rb
@@ -418,7 +418,9 @@ class NotificationService
       [pipeline.user], :watch,
       custom_action: :"#{pipeline.status}_pipeline",
       target: pipeline
-    ).map(&:notification_email)
+    ).map do |user|
+      user.notification_email_for(pipeline.project.group)
+    end
 
     if recipients.any?
       mailer.public_send(email_template, pipeline, recipients).deliver_later
diff --git a/changelogs/unreleased/63485-fix-pipeline-emails-to-use-group-setting.yml b/changelogs/unreleased/63485-fix-pipeline-emails-to-use-group-setting.yml
new file mode 100644
index 00000000000..c3ee3108216
--- /dev/null
+++ b/changelogs/unreleased/63485-fix-pipeline-emails-to-use-group-setting.yml
@@ -0,0 +1,5 @@
+---
+title: Fix pipeline emails not respecting group notification email setting
+merge_request: 30907
+author:
+type: fixed
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index c7fb0f51075..90e0900445e 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -95,6 +95,43 @@ describe Group do
       end
     end
 
+    describe '#notification_email_for' do
+      let(:user) { create(:user) }
+      let(:group) { create(:group) }
+      let(:subgroup) { create(:group, parent: group) }
+
+      let(:group_notification_email) { 'user+group@example.com' }
+      let(:subgroup_notification_email) { 'user+subgroup@example.com' }
+
+      subject { subgroup.notification_email_for(user) }
+
+      context 'when both group notification emails are set' do
+        it 'returns subgroup notification email' do
+          create(:notification_setting, user: user, source: group, notification_email: group_notification_email)
+          create(:notification_setting, user: user, source: subgroup, notification_email: subgroup_notification_email)
+
+          is_expected.to eq(subgroup_notification_email)
+        end
+      end
+
+      context 'when subgroup notification email is blank' do
+        it 'returns parent group notification email' do
+          create(:notification_setting, user: user, source: group, notification_email: group_notification_email)
+          create(:notification_setting, user: user, source: subgroup, notification_email: '')
+
+          is_expected.to eq(group_notification_email)
+        end
+      end
+
+      context 'when only the parent group notification email is set' do
+        it 'returns parent group notification email' do
+          create(:notification_setting, user: user, source: group, notification_email: group_notification_email)
+
+          is_expected.to eq(group_notification_email)
+        end
+      end
+    end
+
     describe '#visibility_level_allowed_by_parent' do
       let(:parent) { create(:group, :internal) }
       let(:sub_group) { build(:group, parent_id: parent.id) }
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 5cfa64fd764..2d20f8c78cc 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -3504,4 +3504,37 @@ describe User do
       expect(described_class.reorder_by_name).to eq([user1, user2])
     end
   end
+
+  describe '#notification_email_for' do
+    let(:user) { create(:user) }
+    let(:group) { create(:group) }
+
+    subject { user.notification_email_for(group) }
+
+    context 'when group is nil' do
+      let(:group) { nil }
+
+      it 'returns global notification email' do
+        is_expected.to eq(user.notification_email)
+      end
+    end
+
+    context 'when group has no notification email set' do
+      it 'returns global notification email' do
+        create(:notification_setting, user: user, source: group, notification_email: '')
+
+        is_expected.to eq(user.notification_email)
+      end
+    end
+
+    context 'when group has notification email set' do
+      it 'returns group notification email' do
+        group_notification_email = 'user+group@example.com'
+
+        create(:notification_setting, user: user, source: group, notification_email: group_notification_email)
+
+        is_expected.to eq(group_notification_email)
+      end
+    end
+  end
 end
diff --git a/spec/services/notification_service_spec.rb b/spec/services/notification_service_spec.rb
index 3e3de051732..c20de1fd079 100644
--- a/spec/services/notification_service_spec.rb
+++ b/spec/services/notification_service_spec.rb
@@ -2063,27 +2063,59 @@ describe NotificationService, :mailer do
         end
 
         context 'when the creator has custom notifications enabled' do
-          before do
-            pipeline = create_pipeline(u_custom_notification_enabled, :success)
-            notification.pipeline_finished(pipeline)
-          end
+          let(:pipeline) { create_pipeline(u_custom_notification_enabled, :success) }
 
           it 'emails only the creator' do
+            notification.pipeline_finished(pipeline)
+
             should_only_email(u_custom_notification_enabled, kind: :bcc)
           end
+
+          context 'when the creator has group notification email set' do
+            let(:group_notification_email) { 'user+group@example.com' }
+
+            before do
+              group = create(:group)
+
+              project.update(group: group)
+              create(:notification_setting, user: u_custom_notification_enabled, source: group, notification_email: group_notification_email)
+            end
+
+            it 'sends to group notification email' do
+              notification.pipeline_finished(pipeline)
+
+              expect(email_recipients(kind: :bcc).first).to eq(group_notification_email)
+            end
+          end
         end
       end
 
       context 'with a failed pipeline' do
         context 'when the creator has no custom notification set' do
-          before do
-            pipeline = create_pipeline(u_member, :failed)
-            notification.pipeline_finished(pipeline)
-          end
+          let(:pipeline) { create_pipeline(u_member, :failed) }
 
           it 'emails only the creator' do
+            notification.pipeline_finished(pipeline)
+
             should_only_email(u_member, kind: :bcc)
           end
+
+          context 'when the creator has group notification email set' do
+            let(:group_notification_email) { 'user+group@example.com' }
+
+            before do
+              group = create(:group)
+
+              project.update(group: group)
+              create(:notification_setting, user: u_member, source: group, notification_email: group_notification_email)
+            end
+
+            it 'sends to group notification email' do
+              notification.pipeline_finished(pipeline)
+
+              expect(email_recipients(kind: :bcc).first).to eq(group_notification_email)
+            end
+          end
         end
 
         context 'when the creator has watch set' do
diff --git a/spec/support/shared_examples/notify_shared_examples.rb b/spec/support/shared_examples/notify_shared_examples.rb
index e64c7e37a0c..4452b1c82cb 100644
--- a/spec/support/shared_examples/notify_shared_examples.rb
+++ b/spec/support/shared_examples/notify_shared_examples.rb
@@ -42,42 +42,17 @@ shared_examples 'an email sent from GitLab' do
 end
 
 shared_examples 'an email sent to a user' do
-  let(:group_notification_email) { 'user+group@example.com' }
-
   it 'is sent to user\'s global notification email address' do
     expect(subject).to deliver_to(recipient.notification_email)
   end
 
-  context 'that is part of a project\'s group' do
-    it 'is sent to user\'s group notification email address when set' do
-      create(:notification_setting, user: recipient, source: project.group, notification_email: group_notification_email)
-      expect(subject).to deliver_to(group_notification_email)
-    end
-
-    it 'is sent to user\'s global notification email address when no group email set' do
-      create(:notification_setting, user: recipient, source: project.group, notification_email: '')
-      expect(subject).to deliver_to(recipient.notification_email)
-    end
-  end
-
-  context 'when project is in a sub-group', :nested_groups do
-    before do
-      project.update!(group: subgroup)
-    end
-
-    it 'is sent to user\'s subgroup notification email address when set' do
-      # Set top-level group notification email address to make sure it doesn't get selected
-      create(:notification_setting, user: recipient, source: group, notification_email: group_notification_email)
-
-      subgroup_notification_email = 'user+subgroup@example.com'
-      create(:notification_setting, user: recipient, source: subgroup, notification_email: subgroup_notification_email)
+  context 'with group notification email' do
+    it 'is sent to user\'s group notification email' do
+      group_notification_email = 'user+group@example.com'
 
-      expect(subject).to deliver_to(subgroup_notification_email)
-    end
+      create(:notification_setting, user: recipient, source: project.group, notification_email: group_notification_email)
 
-    it 'is sent to user\'s group notification email address when set and subgroup email address not set' do
-      create(:notification_setting, user: recipient, source: subgroup, notification_email: '')
-      expect(subject).to deliver_to(recipient.notification_email)
+      expect(subject).to deliver_to(group_notification_email)
     end
   end
 end
-- 
cgit v1.2.1


From 3c9d75e045c94e25a53e78257b47c938f9c538a2 Mon Sep 17 00:00:00 2001
From: manojmj <mmj@gitlab.com>
Date: Tue, 23 Jul 2019 11:44:09 +0530
Subject: CE Port: Log impersonation actions in audit log

This change adds audit logs for user impersonation
when an admin starts/stops impersonating
another user.
---
 app/controllers/admin/users_controller.rb       |  6 +++++-
 app/controllers/application_controller.rb       | 12 +++++++++---
 doc/administration/audit_events.md              |  1 +
 spec/controllers/admin/users_controller_spec.rb |  6 ++++++
 4 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
index a02d0843615..98883af6286 100644
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -39,7 +39,7 @@ class Admin::UsersController < Admin::ApplicationController
 
       warden.set_user(user, scope: :user)
 
-      Gitlab::AppLogger.info(_("User %{current_user_username} has started impersonating %{username}") % { current_user_username: current_user.username, username: user.username })
+      log_impersonation_event
 
       flash[:alert] = _("You are now impersonating %{username}") % { username: user.username }
 
@@ -236,4 +236,8 @@ class Admin::UsersController < Admin::ApplicationController
   def check_impersonation_availability
     access_denied! unless Gitlab.config.gitlab.impersonation_enabled
   end
+
+  def log_impersonation_event
+    Gitlab::AppLogger.info(_("User %{current_user_username} has started impersonating %{username}") % { current_user_username: current_user.username, username: user.username })
+  end
 end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 75108bf2646..0c80a276fce 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -499,9 +499,7 @@ class ApplicationController < ActionController::Base
   end
 
   def stop_impersonation
-    impersonated_user = current_user
-
-    Gitlab::AppLogger.info("User #{impersonator.username} has stopped impersonating #{impersonated_user.username}")
+    log_impersonation_event
 
     warden.set_user(impersonator, scope: :user)
     session[:impersonator_id] = nil
@@ -509,6 +507,14 @@ class ApplicationController < ActionController::Base
     impersonated_user
   end
 
+  def impersonated_user
+    current_user
+  end
+
+  def log_impersonation_event
+    Gitlab::AppLogger.info("User #{impersonator.username} has stopped impersonating #{impersonated_user.username}")
+  end
+
   def impersonator
     @impersonator ||= User.find(session[:impersonator_id]) if session[:impersonator_id]
   end
diff --git a/doc/administration/audit_events.md b/doc/administration/audit_events.md
index a80ff330e03..aaa43f67760 100644
--- a/doc/administration/audit_events.md
+++ b/doc/administration/audit_events.md
@@ -94,6 +94,7 @@ recorded:
 - Changed password
 - Ask for password reset
 - Grant OAuth access
+- Started/stopped user impersonation
 
 It is possible to filter particular actions by choosing an audit data type from
 the filter drop-down. You can further filter by specific group, project or user
diff --git a/spec/controllers/admin/users_controller_spec.rb b/spec/controllers/admin/users_controller_spec.rb
index 89a0eba66f7..d7428f8b52c 100644
--- a/spec/controllers/admin/users_controller_spec.rb
+++ b/spec/controllers/admin/users_controller_spec.rb
@@ -279,6 +279,12 @@ describe Admin::UsersController do
         expect(warden.user).to eq(user)
       end
 
+      it 'logs the beginning of the impersonation event' do
+        expect(Gitlab::AppLogger).to receive(:info).with("User #{admin.username} has started impersonating #{user.username}").and_call_original
+
+        post :impersonate, params: { id: user.username }
+      end
+
       it "redirects to root" do
         post :impersonate, params: { id: user.username }
 
-- 
cgit v1.2.1


From 3b9b74072f8dad089558d64f1e96937b99ee34a9 Mon Sep 17 00:00:00 2001
From: Sanad Liaquat <sliaquat@gitlab.com>
Date: Tue, 23 Jul 2019 11:17:35 +0500
Subject: Ensure test is on login page

---
 .../features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb     | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
index 425fb861456..d3bb3659e8e 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
@@ -18,6 +18,8 @@ module QA
 
         QA::Runtime::Env.personal_access_token = nil
 
+        Runtime::Browser.visit(:gitlab, Page::Main::Login)
+
         Page::Main::Menu.perform(&:sign_out) if Page::Main::Menu.perform { |p| p.has_personal_area?(wait: 0) }
 
         Page::Main::Login.perform(&:sign_in_using_credentials)
-- 
cgit v1.2.1


From 29d447af7b60641512e24743241d93dbd8eefd7c Mon Sep 17 00:00:00 2001
From: Sanad Liaquat <sliaquat@gitlab.com>
Date: Tue, 23 Jul 2019 11:19:40 +0500
Subject: Temporarily remove the before block to capture screenshots

---
 .../features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb   | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
index d3bb3659e8e..1519bbf9e31 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
@@ -3,7 +3,7 @@
 module QA
   context 'Plan' do
     describe 'check xss occurence in @mentions in issues' do
-      before do
+      it 'user mentions a user in comment' do
         QA::Runtime::Env.personal_access_token = QA::Runtime::Env.admin_personal_access_token
 
         unless QA::Runtime::Env.personal_access_token
@@ -39,9 +39,7 @@ module QA
           issue.project = project
         end
         issue.visit!
-      end
 
-      it 'user mentions a user in comment' do
         Page::Project::Issue::Show.perform do |show|
           show.select_all_activities_filter
           show.comment('cc-ing you here @eve')
-- 
cgit v1.2.1


From 4363cc38d33719c7cb01dba123ad99005b5e27df Mon Sep 17 00:00:00 2001
From: Michel Engelen <michel@nomorejs.net>
Date: Tue, 23 Jul 2019 08:03:48 +0000
Subject: hoverable area on collapsed sidebar icons

---
 .../components/subscriptions/subscriptions.vue     | 32 +++++++++++-----------
 app/assets/stylesheets/pages/issuable.scss         | 20 +++++++++++---
 .../61207-adjusted-hoverable-area-in-sidebar.yml   |  5 ++++
 3 files changed, 37 insertions(+), 20 deletions(-)
 create mode 100644 changelogs/unreleased/61207-adjusted-hoverable-area-in-sidebar.yml

diff --git a/app/assets/javascripts/sidebar/components/subscriptions/subscriptions.vue b/app/assets/javascripts/sidebar/components/subscriptions/subscriptions.vue
index a75daca156c..0d1faceef11 100644
--- a/app/assets/javascripts/sidebar/components/subscriptions/subscriptions.vue
+++ b/app/assets/javascripts/sidebar/components/subscriptions/subscriptions.vue
@@ -73,22 +73,22 @@ export default {
 
 <template>
   <div>
-    <div class="sidebar-collapsed-icon" @click="onClickCollapsedIcon">
-      <span
-        v-tooltip
-        :title="notificationTooltip"
-        data-container="body"
-        data-placement="left"
-        data-boundary="viewport"
-      >
-        <icon
-          :name="notificationIcon"
-          :size="16"
-          aria-hidden="true"
-          class="sidebar-item-icon is-active"
-        />
-      </span>
-    </div>
+    <span
+      v-tooltip
+      class="sidebar-collapsed-icon"
+      :title="notificationTooltip"
+      data-container="body"
+      data-placement="left"
+      data-boundary="viewport"
+      @click="onClickCollapsedIcon"
+    >
+      <icon
+        :name="notificationIcon"
+        :size="16"
+        aria-hidden="true"
+        class="sidebar-item-icon is-active"
+      />
+    </span>
     <span class="issuable-header-text hide-collapsed float-left"> {{ __('Notifications') }} </span>
     <toggle-button
       ref="toggleButton"
diff --git a/app/assets/stylesheets/pages/issuable.scss b/app/assets/stylesheets/pages/issuable.scss
index 6a0127eb51c..66b4f3bad2b 100644
--- a/app/assets/stylesheets/pages/issuable.scss
+++ b/app/assets/stylesheets/pages/issuable.scss
@@ -390,7 +390,7 @@
 
     .block {
       width: $gutter-collapsed-width - 2px;
-      padding: 15px 0 0;
+      padding: 0;
       border-bottom: 0;
       overflow: hidden;
 
@@ -427,10 +427,13 @@
     }
 
     .sidebar-collapsed-icon {
-      display: block;
+      display: flex;
+      flex-direction: column;
+      justify-content: center;
+      align-items: center;
       width: 100%;
+      height: $sidebar-toggle-height;
       text-align: center;
-      margin-bottom: 10px;
       color: $gl-text-color-secondary;
 
       svg {
@@ -470,6 +473,16 @@
       }
 
       .btn-clipboard {
+        /*
+          This change should be temporary, because the DOM currently gets
+          generated from a ruby definition in `app/helpers/button_helper.rb`.
+          As soon as the `copy to clipboard` button will be transfered to
+          Vue this should be adjusted as well.
+        */
+        flex: 1;
+        align-self: stretch;
+        padding: 0;
+
         border: 0;
         background: transparent;
         color: $gl-text-color-secondary;
@@ -493,7 +506,6 @@
 
     .sidebar-collapsed-user {
       padding-bottom: 0;
-      margin-bottom: 10px;
 
       .author-link {
         padding-left: 0;
diff --git a/changelogs/unreleased/61207-adjusted-hoverable-area-in-sidebar.yml b/changelogs/unreleased/61207-adjusted-hoverable-area-in-sidebar.yml
new file mode 100644
index 00000000000..99fc817d703
--- /dev/null
+++ b/changelogs/unreleased/61207-adjusted-hoverable-area-in-sidebar.yml
@@ -0,0 +1,5 @@
+---
+title: "Adjusted the clickable area of collapsed sidebar elements"
+merge_request: 30974
+author: Michel Engelen
+type: changed
-- 
cgit v1.2.1


From 3463c24d409eaa4268be034253f51faaced2952e Mon Sep 17 00:00:00 2001
From: George Koltsov <gkoltsov@gitlab.com>
Date: Wed, 17 Jul 2019 12:24:36 +0100
Subject: Add changelog entry

---
 .../georgekoltsov-64377-add-better-log-msg-to-members-mapper.yml    | 6 ++++++
 lib/gitlab/import_export/members_mapper.rb                          | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/georgekoltsov-64377-add-better-log-msg-to-members-mapper.yml

diff --git a/changelogs/unreleased/georgekoltsov-64377-add-better-log-msg-to-members-mapper.yml b/changelogs/unreleased/georgekoltsov-64377-add-better-log-msg-to-members-mapper.yml
new file mode 100644
index 00000000000..9557e633f76
--- /dev/null
+++ b/changelogs/unreleased/georgekoltsov-64377-add-better-log-msg-to-members-mapper.yml
@@ -0,0 +1,6 @@
+---
+title: When GitLab import fails during importer user mapping step, add an explicit
+  error message mentioning importer
+merge_request: 30838
+author:
+type: other
diff --git a/lib/gitlab/import_export/members_mapper.rb b/lib/gitlab/import_export/members_mapper.rb
index d0e30b246ef..ab19a509310 100644
--- a/lib/gitlab/import_export/members_mapper.rb
+++ b/lib/gitlab/import_export/members_mapper.rb
@@ -51,7 +51,7 @@ module Gitlab
 
         ProjectMember.create!(user: @user, access_level: ProjectMember::MAINTAINER, source_id: @project.id, importing: true)
       rescue => e
-        raise e, ['Error adding importer user to project members', e.message].join('. ')
+        raise e, "Error adding importer user to project members. #{e.message}"
       end
 
       def add_team_member(member, existing_user = nil)
-- 
cgit v1.2.1


From d82df658410e7484438e49e4532bacb7c465261d Mon Sep 17 00:00:00 2001
From: Tim Zallmann <tzallmann@gitlab.com>
Date: Tue, 23 Jul 2019 08:56:34 +0000
Subject: Updates all our stylelint dependencies

Removed stylelint-error-string-formatter
 as this was having a circular reference fail
---
 package.json |   9 +-
 yarn.lock    | 514 +++++++++++++++++++++++++++++++++++------------------------
 2 files changed, 309 insertions(+), 214 deletions(-)

diff --git a/package.json b/package.json
index 4c51080660f..ef88d9c658c 100644
--- a/package.json
+++ b/package.json
@@ -20,7 +20,7 @@
     "prettier-staged-save": "node ./scripts/frontend/prettier.js save",
     "prettier-all": "node ./scripts/frontend/prettier.js check-all",
     "prettier-all-save": "node ./scripts/frontend/prettier.js save-all",
-    "stylelint": "node node_modules/stylelint/bin/stylelint.js app/assets/stylesheets/**/*.*  ee/app/assets/stylesheets/**/*.* !**/vendors/** --custom-formatter node_modules/stylelint-error-string-formatter",
+    "stylelint": "node node_modules/stylelint/bin/stylelint.js app/assets/stylesheets/**/*.*  ee/app/assets/stylesheets/**/*.* !**/vendors/**",
     "stylelint-file": "node node_modules/stylelint/bin/stylelint.js",
     "stylelint-create-utility-map": "node scripts/frontend/stylelint/stylelint-utility-map.js",
     "test": "node scripts/frontend/test",
@@ -117,7 +117,6 @@
     "sql.js": "^0.4.0",
     "stickyfilljs": "^2.0.5",
     "style-loader": "^0.23.1",
-    "stylelint-error-string-formatter": "1.0.2",
     "svg4everybody": "2.1.9",
     "three": "^0.84.0",
     "three-orbit-controls": "^82.1.0",
@@ -192,9 +191,9 @@
     "postcss": "^7.0.14",
     "prettier": "1.18.2",
     "readdir-enhanced": "^2.2.4",
-    "stylelint": "^9.10.1",
-    "stylelint-config-recommended": "^2.1.0",
-    "stylelint-scss": "^3.5.4",
+    "stylelint": "^10.1.0",
+    "stylelint-config-recommended": "^2.2.0",
+    "stylelint-scss": "^3.9.2",
     "vue-jest": "^4.0.0-beta.2",
     "webpack-dev-server": "^3.1.14",
     "yarn-deduplicate": "^1.1.1"
diff --git a/yarn.lock b/yarn.lock
index 7f4715a8ba0..46d5b1c01da 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -2,41 +2,41 @@
 # yarn lockfile v1
 
 
-"@babel/code-frame@^7.0.0":
-  version "7.0.0"
-  resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.0.0.tgz#06e2ab19bdb535385559aabb5ba59729482800f8"
-  integrity sha512-OfC2uemaknXr87bdLUkWog7nYuliM9Ij5HUcajsVcMCpQrcLmtxRbVFTIqmcSkSeYRBFBRxs2FiUqFJDLdiebA==
+"@babel/code-frame@^7.0.0", "@babel/code-frame@^7.5.5":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.5.5.tgz#bc0782f6d69f7b7d49531219699b988f669a8f9d"
+  integrity sha512-27d4lZoomVyo51VegxI20xZPuSHusqbQag/ztrBC7wegWoQ1nLREPVSKSW8byhTlzTKyNE4ifaTA6lCp7JjpFw==
   dependencies:
     "@babel/highlight" "^7.0.0"
 
-"@babel/core@>=7.1.0", "@babel/core@^7.1.0", "@babel/core@^7.4.4":
-  version "7.4.5"
-  resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.4.5.tgz#081f97e8ffca65a9b4b0fdc7e274e703f000c06a"
-  integrity sha512-OvjIh6aqXtlsA8ujtGKfC7LYWksYSX8yQcM8Ay3LuvVeQ63lcOKgoZWVqcpFwkd29aYU9rVx7jxhfhiEDV9MZA==
+"@babel/core@>=7.2.2", "@babel/core@^7.1.0", "@babel/core@^7.4.4":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.5.5.tgz#17b2686ef0d6bc58f963dddd68ab669755582c30"
+  integrity sha512-i4qoSr2KTtce0DmkuuQBV4AuQgGPUcPXMr9L5MyYAtk06z068lQ10a4O009fe5OB/DfNV+h+qqT7ddNV8UnRjg==
   dependencies:
-    "@babel/code-frame" "^7.0.0"
-    "@babel/generator" "^7.4.4"
-    "@babel/helpers" "^7.4.4"
-    "@babel/parser" "^7.4.5"
+    "@babel/code-frame" "^7.5.5"
+    "@babel/generator" "^7.5.5"
+    "@babel/helpers" "^7.5.5"
+    "@babel/parser" "^7.5.5"
     "@babel/template" "^7.4.4"
-    "@babel/traverse" "^7.4.5"
-    "@babel/types" "^7.4.4"
+    "@babel/traverse" "^7.5.5"
+    "@babel/types" "^7.5.5"
     convert-source-map "^1.1.0"
     debug "^4.1.0"
     json5 "^2.1.0"
-    lodash "^4.17.11"
+    lodash "^4.17.13"
     resolve "^1.3.2"
     semver "^5.4.1"
     source-map "^0.5.0"
 
-"@babel/generator@^7.4.0", "@babel/generator@^7.4.4":
-  version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.4.4.tgz#174a215eb843fc392c7edcaabeaa873de6e8f041"
-  integrity sha512-53UOLK6TVNqKxf7RUh8NE851EHRxOOeVXKbK2bivdb+iziMyk03Sr4eaE9OELCbyZAAafAKPDwF2TPUES5QbxQ==
+"@babel/generator@^7.4.0", "@babel/generator@^7.5.5":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.5.5.tgz#873a7f936a3c89491b43536d12245b626664e3cf"
+  integrity sha512-ETI/4vyTSxTzGnU2c49XHv2zhExkv9JHLTwDAFz85kmcwuShvYG2H08FwgIguQf4JC75CBnXAUM5PqeF4fj0nQ==
   dependencies:
-    "@babel/types" "^7.4.4"
+    "@babel/types" "^7.5.5"
     jsesc "^2.5.1"
-    lodash "^4.17.11"
+    lodash "^4.17.13"
     source-map "^0.5.0"
     trim-right "^1.0.1"
 
@@ -207,14 +207,14 @@
     "@babel/traverse" "^7.1.0"
     "@babel/types" "^7.0.0"
 
-"@babel/helpers@^7.4.4":
-  version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.4.4.tgz#868b0ef59c1dd4e78744562d5ce1b59c89f2f2a5"
-  integrity sha512-igczbR/0SeuPR8RFfC7tGrbdTbFL3QTvH6D+Z6zNxnTe//GyqmtHmDkzrqDmyZ3eSwPqB/LhyKoU5DXsp+Vp2A==
+"@babel/helpers@^7.5.5":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.5.5.tgz#63908d2a73942229d1e6685bc2a0e730dde3b75e"
+  integrity sha512-nRq2BUhxZFnfEn/ciJuhklHvFOqjJUD5wpx+1bxUF2axL9C+v4DE/dmp5sT2dKnpOs4orZWzpAZqlCy8QqE/7g==
   dependencies:
     "@babel/template" "^7.4.4"
-    "@babel/traverse" "^7.4.4"
-    "@babel/types" "^7.4.4"
+    "@babel/traverse" "^7.5.5"
+    "@babel/types" "^7.5.5"
 
 "@babel/highlight@^7.0.0":
   version "7.0.0"
@@ -225,10 +225,10 @@
     esutils "^2.0.2"
     js-tokens "^4.0.0"
 
-"@babel/parser@^7.0.0", "@babel/parser@^7.1.0", "@babel/parser@^7.4.3", "@babel/parser@^7.4.4", "@babel/parser@^7.4.5":
-  version "7.4.5"
-  resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.4.5.tgz#04af8d5d5a2b044a2a1bffacc1e5e6673544e872"
-  integrity sha512-9mUqkL1FF5T7f0WDFfAoDdiMVPWsdD1gZYzSnaXsxUCUqzuch/8of9G3VUSNiZmMBoRxT3neyVsqeiL/ZPcjew==
+"@babel/parser@^7.0.0", "@babel/parser@^7.1.0", "@babel/parser@^7.4.3", "@babel/parser@^7.4.4", "@babel/parser@^7.5.5":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.5.5.tgz#02f077ac8817d3df4a832ef59de67565e71cca4b"
+  integrity sha512-E5BN68cqR7dhKan1SfqgPGhQ178bkVKpXTPEXnFJBrEt8/DKRZlybmy+IgYLTeN7tp1R5Ccmbm2rBk17sHYU3g==
 
 "@babel/plugin-proposal-async-generator-functions@^7.2.0":
   version "7.2.0"
@@ -641,28 +641,28 @@
     "@babel/parser" "^7.4.4"
     "@babel/types" "^7.4.4"
 
-"@babel/traverse@^7.0.0", "@babel/traverse@^7.1.0", "@babel/traverse@^7.4.3", "@babel/traverse@^7.4.4", "@babel/traverse@^7.4.5":
-  version "7.4.5"
-  resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.4.5.tgz#4e92d1728fd2f1897dafdd321efbff92156c3216"
-  integrity sha512-Vc+qjynwkjRmIFGxy0KYoPj4FdVDxLej89kMHFsWScq999uX+pwcX4v9mWRjW0KcAYTPAuVQl2LKP1wEVLsp+A==
+"@babel/traverse@^7.0.0", "@babel/traverse@^7.1.0", "@babel/traverse@^7.4.3", "@babel/traverse@^7.4.4", "@babel/traverse@^7.5.5":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.5.5.tgz#f664f8f368ed32988cd648da9f72d5ca70f165bb"
+  integrity sha512-MqB0782whsfffYfSjH4TM+LMjrJnhCNEDMDIjeTpl+ASaUvxcjoiVCo/sM1GhS1pHOXYfWVCYneLjMckuUxDaQ==
   dependencies:
-    "@babel/code-frame" "^7.0.0"
-    "@babel/generator" "^7.4.4"
+    "@babel/code-frame" "^7.5.5"
+    "@babel/generator" "^7.5.5"
     "@babel/helper-function-name" "^7.1.0"
     "@babel/helper-split-export-declaration" "^7.4.4"
-    "@babel/parser" "^7.4.5"
-    "@babel/types" "^7.4.4"
+    "@babel/parser" "^7.5.5"
+    "@babel/types" "^7.5.5"
     debug "^4.1.0"
     globals "^11.1.0"
-    lodash "^4.17.11"
+    lodash "^4.17.13"
 
-"@babel/types@^7.0.0", "@babel/types@^7.3.0", "@babel/types@^7.4.0", "@babel/types@^7.4.4":
-  version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.4.4.tgz#8db9e9a629bb7c29370009b4b779ed93fe57d5f0"
-  integrity sha512-dOllgYdnEFOebhkKCjzSVFqw/PmmB8pH6RGOWkY4GsboQNd47b1fBThBSwlHAq9alF9vc1M3+6oqR47R50L0tQ==
+"@babel/types@^7.0.0", "@babel/types@^7.3.0", "@babel/types@^7.4.0", "@babel/types@^7.4.4", "@babel/types@^7.5.5":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.5.5.tgz#97b9f728e182785909aa4ab56264f090a028d18a"
+  integrity sha512-s63F9nJioLqOlW3UkyMd+BYhXt44YuaFm/VV0VwuteqjYwRrObkU7ra9pY4wAJR3oXi8hJrMcrcJdO/HH33vtw==
   dependencies:
     esutils "^2.0.2"
-    lodash "^4.17.11"
+    lodash "^4.17.13"
     to-fast-properties "^2.0.0"
 
 "@cnakazawa/watch@^1.0.3":
@@ -945,7 +945,7 @@
   resolved "https://registry.yarnpkg.com/@types/events/-/events-1.2.0.tgz#81a6731ce4df43619e5c8c945383b3e62a89ea86"
   integrity sha512-KEIlhXnIutzKwRbQkGWb/I4HFqBuUykAdHgDED6xqwXJfONCjF5VoE0cXEiurh3XauygxzeDzgtXUqvLkxFzzA==
 
-"@types/glob@5 - 7":
+"@types/glob@5 - 7", "@types/glob@^7.1.1":
   version "7.1.1"
   resolved "https://registry.yarnpkg.com/@types/glob/-/glob-7.1.1.tgz#aa59a1c6e3fbc421e07ccd31a944c30eba521575"
   integrity sha512-1Bh06cbWJUHMC97acuD6UMG29nMt0Aqz1vF3guLfG+kHHJhy3AyohZFFxYk2f7Q1SQIrNwvncxAE0N/9s70F2w==
@@ -1305,10 +1305,10 @@ ajv-keywords@^3.1.0:
   resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-3.2.0.tgz#e86b819c602cf8821ad637413698f1dec021847a"
   integrity sha1-6GuBnGAs+IIa1jdBNpjx3sAhhHo=
 
-ajv@^6.1.0, ajv@^6.5.3, ajv@^6.5.5, ajv@^6.9.1:
-  version "6.9.1"
-  resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.9.1.tgz#a4d3683d74abc5670e75f0b16520f70a20ea8dc1"
-  integrity sha512-XDN92U311aINL77ieWHmqCcNlwjoP5cHXDxIxbf2MaPYuCXOHS7gHH8jktxeK5omgd52XbSTX6a4Piwd1pQmzA==
+ajv@^6.1.0, ajv@^6.10.2, ajv@^6.5.3, ajv@^6.5.5:
+  version "6.10.2"
+  resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.10.2.tgz#d3cea04d6b017b2894ad69040fec8b623eb4bd52"
+  integrity sha512-TXtUUEYHuaTEbLZWIKUr5pmBuhDLy+8KYtPYdcV8qC+pOZL+NKqYwvWSRrVXHn+ZmRRAu8vJTAznH7Oag6RVRw==
   dependencies:
     fast-deep-equal "^2.0.1"
     fast-json-stable-stringify "^2.0.0"
@@ -1657,17 +1657,18 @@ atob@^2.1.1:
   resolved "https://registry.yarnpkg.com/atob/-/atob-2.1.2.tgz#6d9517eb9e030d2436666651e86bd9f6f13533c9"
   integrity sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg==
 
-autoprefixer@^9.0.0:
-  version "9.4.7"
-  resolved "https://registry.yarnpkg.com/autoprefixer/-/autoprefixer-9.4.7.tgz#f997994f9a810eae47b38fa6d8a119772051c4ff"
-  integrity sha512-qS5wW6aXHkm53Y4z73tFGsUhmZu4aMPV9iHXYlF0c/wxjknXNHuj/1cIQb+6YH692DbJGGWcckAXX+VxKvahMA==
+autoprefixer@^9.5.1:
+  version "9.6.1"
+  resolved "https://registry.yarnpkg.com/autoprefixer/-/autoprefixer-9.6.1.tgz#51967a02d2d2300bb01866c1611ec8348d355a47"
+  integrity sha512-aVo5WxR3VyvyJxcJC3h4FKfwCQvQWb1tSI5VHNibddCVWrcD1NvlxEweg3TSgiPztMnWfjpy2FURKA2kvDE+Tw==
   dependencies:
-    browserslist "^4.4.1"
-    caniuse-lite "^1.0.30000932"
+    browserslist "^4.6.3"
+    caniuse-lite "^1.0.30000980"
+    chalk "^2.4.2"
     normalize-range "^0.1.2"
     num2fraction "^1.2.2"
-    postcss "^7.0.14"
-    postcss-value-parser "^3.3.1"
+    postcss "^7.0.17"
+    postcss-value-parser "^4.0.0"
 
 autosize@^4.0.0:
   version "4.0.0"
@@ -1981,6 +1982,13 @@ braces@^2.3.0, braces@^2.3.1:
     split-string "^3.0.2"
     to-regex "^3.0.1"
 
+braces@^3.0.1:
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.2.tgz#3454e1a462ee8d599e236df336cd9ea4f8afe107"
+  integrity sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==
+  dependencies:
+    fill-range "^7.0.1"
+
 brorand@^1.0.1:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/brorand/-/brorand-1.1.0.tgz#12c25efe40a45e3c323eb8675a0a0ce57b22371f"
@@ -2056,14 +2064,14 @@ browserify-zlib@^0.2.0:
   dependencies:
     pako "~1.0.5"
 
-browserslist@^4.4.1, browserslist@^4.5.2, browserslist@^4.5.4:
-  version "4.6.0"
-  resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.6.0.tgz#5274028c26f4d933d5b1323307c1d1da5084c9ff"
-  integrity sha512-Jk0YFwXBuMOOol8n6FhgkDzn3mY9PYLYGk29zybF05SbRTsMgPqmTNeQQhOghCxq5oFqAXE3u4sYddr4C0uRhg==
+browserslist@^4.5.2, browserslist@^4.5.4, browserslist@^4.6.3:
+  version "4.6.6"
+  resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.6.6.tgz#6e4bf467cde520bc9dbdf3747dafa03531cec453"
+  integrity sha512-D2Nk3W9JL9Fp/gIcWei8LrERCS+eXu9AM5cfXA8WEZ84lFks+ARnZ0q/R69m2SV3Wjma83QDDPxsNKXUwdIsyA==
   dependencies:
-    caniuse-lite "^1.0.30000967"
-    electron-to-chromium "^1.3.133"
-    node-releases "^1.1.19"
+    caniuse-lite "^1.0.30000984"
+    electron-to-chromium "^1.3.191"
+    node-releases "^1.1.25"
 
 bs-logger@0.x:
   version "0.2.6"
@@ -2263,10 +2271,10 @@ camelcase@^5.0.0:
   resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-5.3.1.tgz#e3c9b31569e106811df242f715725a1f4c494320"
   integrity sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==
 
-caniuse-lite@^1.0.30000932, caniuse-lite@^1.0.30000967:
-  version "1.0.30000969"
-  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30000969.tgz#7664f571f2072657bde70b00a1fc1ba41f1942a9"
-  integrity sha512-Kus0yxkoAJgVc0bax7S4gLSlFifCa7MnSZL9p9VuS/HIKEL4seaqh28KIQAAO50cD/rJ5CiJkJFapkdDAlhFxQ==
+caniuse-lite@^1.0.30000980, caniuse-lite@^1.0.30000984:
+  version "1.0.30000985"
+  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30000985.tgz#0eb40f6c8a8c219155cbe43c4975c0efb4a0f77f"
+  integrity sha512-1ngiwkgqAYPG0JSSUp3PUDGPKKY59EK7NrGGX+VOxaKCNzRbNc7uXMny+c3VJfZxtoK3wSImTvG9T9sXiTw2+w==
 
 capture-exit@^2.0.0:
   version "2.0.0"
@@ -2511,13 +2519,12 @@ cliui@^4.0.0:
     strip-ansi "^4.0.0"
     wrap-ansi "^2.0.0"
 
-clone-regexp@^1.0.0:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/clone-regexp/-/clone-regexp-1.0.1.tgz#051805cd33173375d82118fc0918606da39fd60f"
-  integrity sha512-Fcij9IwRW27XedRIJnSOEupS7RVcXtObJXbcUOX93UCLqqOdRpkvzKywOOSizmEK/Is3S/RHX9dLdfo6R1Q1mw==
+clone-regexp@^2.1.0:
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/clone-regexp/-/clone-regexp-2.2.0.tgz#7d65e00885cd8796405c35a737e7a86b7429e36f"
+  integrity sha512-beMpP7BOtTipFuW8hrJvREQ2DrRu3BE7by0ZpibtfBA+qfHYvMGTc2Yb1JMYPKg/JUw0CHYvpg796aNTSW9z7Q==
   dependencies:
-    is-regexp "^1.0.0"
-    is-supported-regexp-flag "^1.0.0"
+    is-regexp "^2.0.0"
 
 clone-response@1.0.2:
   version "1.0.2"
@@ -2846,14 +2853,14 @@ core-util-is@1.0.2, core-util-is@~1.0.0:
   resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7"
   integrity sha1-tf1UIgqivFq1eqtxQMlAdUUDwac=
 
-cosmiconfig@^5.0.0:
-  version "5.0.7"
-  resolved "https://registry.yarnpkg.com/cosmiconfig/-/cosmiconfig-5.0.7.tgz#39826b292ee0d78eda137dfa3173bd1c21a43b04"
-  integrity sha512-PcLqxTKiDmNT6pSpy4N6KtuPwb53W+2tzNvwOZw0WH9N6O0vLIBq0x8aj8Oj75ere4YcGi48bDFCL+3fRJdlNA==
+cosmiconfig@^5.2.0:
+  version "5.2.1"
+  resolved "https://registry.yarnpkg.com/cosmiconfig/-/cosmiconfig-5.2.1.tgz#040f726809c591e77a17c0a3626ca45b4f168b1a"
+  integrity sha512-H65gsXo1SKjf8zmrJ67eJk8aIRKV5ff2D4uKZIBZShbhGSpEmsQOPW/SKMKYhSTrqR7ufy6RP69rPogdaPh/kA==
   dependencies:
     import-fresh "^2.0.0"
     is-directory "^0.3.1"
-    js-yaml "^3.9.0"
+    js-yaml "^3.13.1"
     parse-json "^4.0.0"
 
 create-ecdh@^4.0.0:
@@ -3012,6 +3019,11 @@ cssesc@^2.0.0:
   resolved "https://registry.yarnpkg.com/cssesc/-/cssesc-2.0.0.tgz#3b13bd1bb1cb36e1bcb5a4dcd27f54c5dcb35703"
   integrity sha512-MsCAG1z9lPdoO/IUMLSBWBSVxVtJ1395VGIQ+Fc2gNdkQ1hNDnQdw3YhA71WJCBW1vdwA0cAnk/DnW6bqoEUYg==
 
+cssesc@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/cssesc/-/cssesc-3.0.0.tgz#37741919903b868565e1c09ea747445cd18983ee"
+  integrity sha512-/Tb/JcjK111nNScGob5MNtsntNM1aCNUDipB/TkwZFhyDrrE47SOx/18wF2bbjgc3ZzCSKW1T5nt5EbFoAz/Vg==
+
 cssom@0.3.x, "cssom@>= 0.3.2 < 0.4.0":
   version "0.3.4"
   resolved "https://registry.yarnpkg.com/cssom/-/cssom-0.3.4.tgz#8cd52e8a3acfd68d3aed38ee0a640177d2f9d797"
@@ -3431,7 +3443,7 @@ debug@^3.1.0, debug@^3.2.5, debug@^3.2.6:
   dependencies:
     ms "^2.1.1"
 
-debug@^4.0.0, debug@^4.0.1, debug@^4.1.0, debug@^4.1.1:
+debug@^4.0.1, debug@^4.1.0, debug@^4.1.1:
   version "4.1.1"
   resolved "https://registry.yarnpkg.com/debug/-/debug-4.1.1.tgz#3b72260255109c6b589cee050f1d516139664791"
   integrity sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==
@@ -3641,7 +3653,7 @@ diffie-hellman@^5.0.0:
     miller-rabin "^4.0.0"
     randombytes "^2.0.0"
 
-dir-glob@^2.2.1:
+dir-glob@^2.2.2:
   version "2.2.2"
   resolved "https://registry.yarnpkg.com/dir-glob/-/dir-glob-2.2.2.tgz#fa09f0694153c8918b18ba0deafae94769fc50c4"
   integrity sha512-f9LBi5QWzIW3I6e//uxZoLBlUt9kcp66qo0sSCxL6YZKc75R1c4MFCoe/LaZiBGmgujvQdxc5Bn3QhfyvK5Hsw==
@@ -3824,10 +3836,10 @@ ejs@^2.6.1:
   resolved "https://registry.yarnpkg.com/ejs/-/ejs-2.6.1.tgz#498ec0d495655abc6f23cd61868d926464071aa0"
   integrity sha512-0xy4A/twfrRCnkhfk8ErDi5DqdAsAqeGxht4xkCUrsvhhbQNs7E+4jV0CN7+NKIY0aHE72+XvqtBIXzD31ZbXQ==
 
-electron-to-chromium@^1.3.133:
-  version "1.3.135"
-  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.135.tgz#f5799b95f2bcd8de17cde47d63392d83a4477041"
-  integrity sha512-xXLNstRdVsisPF3pL3H9TVZo2XkMILfqtD6RiWIUmDK2sFX1Bjwqmd8LBp0Kuo2FgKO63JXPoEVGm8WyYdwP0Q==
+electron-to-chromium@^1.3.191:
+  version "1.3.199"
+  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.199.tgz#f9a62a74cda77854310a2abffde8b75591ea09a1"
+  integrity sha512-gachlDdHSK47s0N2e58GH9HMC6Z4ip0SfmYUa5iEbE50AKaOUXysaJnXMfKj0xB245jWbYcyFSH+th3rqsF8hA==
 
 elliptic@^6.0.0:
   version "6.4.0"
@@ -3847,6 +3859,11 @@ emoji-regex@^7.0.1, emoji-regex@^7.0.3:
   resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-7.0.3.tgz#933a04052860c85e83c122479c4748a8e4c72156"
   integrity sha512-CwBLREIQ7LvYFB0WyRvwhq5N5qPhc6PMjD6bYggFlI5YyDgl+0vxq5VHbMOFqLg7hfWzmu8T5Z1QofhmTIhItA==
 
+emoji-regex@^8.0.0:
+  version "8.0.0"
+  resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-8.0.0.tgz#e818fd69ce5ccfcb404594f842963bf53164cc37"
+  integrity sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==
+
 emoji-unicode-version@^0.2.1:
   version "0.2.1"
   resolved "https://registry.yarnpkg.com/emoji-unicode-version/-/emoji-unicode-version-0.2.1.tgz#0ebf3666b5414097971d34994e299fce75cdbafc"
@@ -4313,12 +4330,12 @@ execa@^1.0.0:
     signal-exit "^3.0.0"
     strip-eof "^1.0.0"
 
-execall@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/execall/-/execall-1.0.0.tgz#73d0904e395b3cab0658b08d09ec25307f29bb73"
-  integrity sha1-c9CQTjlbPKsGWLCNCewlMH8pu3M=
+execall@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/execall/-/execall-2.0.0.tgz#16a06b5fe5099df7d00be5d9c06eecded1663b45"
+  integrity sha512-0FU2hZ5Hh6iQnarpRtQurM/aAvp3RIbfvgLHrcqJYzhXyV2KFruhuChf9NC6waAhiUR7FFtlugkI4p7f2Fqlow==
   dependencies:
-    clone-regexp "^1.0.0"
+    clone-regexp "^2.1.0"
 
 exit@^0.1.2:
   version "0.1.2"
@@ -4558,10 +4575,10 @@ file-entry-cache@^2.0.0:
     flat-cache "^1.2.1"
     object-assign "^4.0.1"
 
-file-entry-cache@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/file-entry-cache/-/file-entry-cache-4.0.0.tgz#633567d15364aefe0b299e1e217735e8f3a9f6e8"
-  integrity sha512-AVSwsnbV8vH/UVbvgEhf3saVQXORNv0ZzSkvkhQIaia5Tia+JhGTaa/ePUSVoPHQyGayQNmYfkzFi3WZV5zcpA==
+file-entry-cache@^5.0.1:
+  version "5.0.1"
+  resolved "https://registry.yarnpkg.com/file-entry-cache/-/file-entry-cache-5.0.1.tgz#ca0f6efa6dd3d561333fb14515065c2fafdf439c"
+  integrity sha512-bCg29ictuBaKUwwArK4ouCaqDgLZcysCFLmM/Yn/FDoqndh/9vNuQfXRDvTuXKLxfD/JtZQGKFT8MGcJBK644g==
   dependencies:
     flat-cache "^2.0.1"
 
@@ -4596,6 +4613,13 @@ fill-range@^4.0.0:
     repeat-string "^1.6.1"
     to-regex-range "^2.1.0"
 
+fill-range@^7.0.1:
+  version "7.0.1"
+  resolved "https://registry.yarnpkg.com/fill-range/-/fill-range-7.0.1.tgz#1919a6a7c75fe38b2c7c77e5198535da9acdda40"
+  integrity sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==
+  dependencies:
+    to-regex-range "^5.0.1"
+
 finalhandler@1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-1.1.0.tgz#ce0b6855b45853e791b2fcc680046d88253dd7f5"
@@ -4859,6 +4883,11 @@ get-stdin@^6.0.0:
   resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-6.0.0.tgz#9e09bf712b360ab9225e812048f71fde9c89657b"
   integrity sha512-jp4tHawyV7+fkkSKyvjuLZswblUtz+SQKzSWnBbii16BuZksJlU1wuBYXY75r+duh/llF1ur6oNwi+2ZzjKZ7g==
 
+get-stdin@^7.0.0:
+  version "7.0.0"
+  resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-7.0.0.tgz#8d5de98f15171a125c5e516643c7a6d0ea8a96f6"
+  integrity sha512-zRKcywvrXlXsA0v0i9Io4KDRaAw7+a1ZpjRwl9Wox8PFlVCCHra7E9c4kqXCoCM9nR5tBkaTTZRBoCm60bFqTQ==
+
 get-stream@3.0.0, get-stream@^3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/get-stream/-/get-stream-3.0.0.tgz#8e943d1358dc37555054ecbe2edb05aa174ede14"
@@ -5011,13 +5040,14 @@ globby@^6.1.0:
     pify "^2.0.0"
     pinkie-promise "^2.0.0"
 
-globby@^9.0.0:
-  version "9.0.0"
-  resolved "https://registry.yarnpkg.com/globby/-/globby-9.0.0.tgz#3800df736dc711266df39b4ce33fe0d481f94c23"
-  integrity sha512-q0qiO/p1w/yJ0hk8V9x1UXlgsXUxlGd0AHUOXZVXBO6aznDtpx7M8D1kBrCAItoPm+4l8r6ATXV1JpjY2SBQOw==
+globby@^9.2.0:
+  version "9.2.0"
+  resolved "https://registry.yarnpkg.com/globby/-/globby-9.2.0.tgz#fd029a706c703d29bdd170f4b6db3a3f7a7cb63d"
+  integrity sha512-ollPHROa5mcxDEkwg6bPt3QbEf4pDQSNtd6JPL1YvOvAo/7/0VAm9TccUeoTmarjPw4pfUthSCqcyfNB1I3ZSg==
   dependencies:
+    "@types/glob" "^7.1.1"
     array-union "^1.0.2"
-    dir-glob "^2.2.1"
+    dir-glob "^2.2.2"
     fast-glob "^2.2.6"
     glob "^7.1.3"
     ignore "^4.0.3"
@@ -5341,10 +5371,10 @@ html-minifier@^4.0.0:
     relateurl "^0.2.7"
     uglify-js "^3.5.1"
 
-html-tags@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/html-tags/-/html-tags-2.0.0.tgz#10b30a386085f43cede353cc8fa7cb0deeea668b"
-  integrity sha1-ELMKOGCF9Dzt41PMj6fLDe7qZos=
+html-tags@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/html-tags/-/html-tags-3.0.0.tgz#41f57708c9e6b7b46a00a22317d614c4a2bab166"
+  integrity sha512-xiXEBjihaNI+VZ2mKEoI5ZPxqUsevTKM+aeeJ/W4KAg2deGE35minmCJMn51BvwJZmiHaeAxrb2LAS0yZJxuuA==
 
 htmlparser2@^3.10.0, htmlparser2@^3.9.0:
   version "3.10.0"
@@ -5461,10 +5491,10 @@ ignore@^4.0.3, ignore@^4.0.6:
   resolved "https://registry.yarnpkg.com/ignore/-/ignore-4.0.6.tgz#750e3db5862087b4737ebac8207ffd1ef27b25fc"
   integrity sha512-cyFDKrqc/YdcWFniJhzI42+AzS+gNwmUzOSFcRCQYwySuBBBy/KjuxWLZ/FHEH6Moq1NizMOBWyTcv8O4OZIMg==
 
-ignore@^5.0.4:
-  version "5.0.5"
-  resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.0.5.tgz#c663c548d6ce186fb33616a8ccb5d46e56bdbbf9"
-  integrity sha512-kOC8IUb8HSDMVcYrDVezCxpJkzSQWTAzf3olpKM6o9rM5zpojx23O0Fl8Wr4+qJ6ZbPEHqf1fdwev/DS7v7pmA==
+ignore@^5.0.6:
+  version "5.1.2"
+  resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.1.2.tgz#e28e584d43ad7e92f96995019cc43b9e1ac49558"
+  integrity sha512-vdqWBp7MyzdmHkkRWV5nY+PfGRbYbahfuvsBCh277tq+w9zyNi7h5CYJCK0kmzti9kU+O/cB7sE8HvKv6aXAKQ==
 
 immediate@~3.0.5:
   version "3.0.6"
@@ -5489,10 +5519,10 @@ import-lazy@^2.1.0:
   resolved "https://registry.yarnpkg.com/import-lazy/-/import-lazy-2.1.0.tgz#05698e3d45c88e8d7e9d92cb0584e77f096f3e43"
   integrity sha1-BWmOPUXIjo1+nZLLBYTnfwlvPkM=
 
-import-lazy@^3.1.0:
-  version "3.1.0"
-  resolved "https://registry.yarnpkg.com/import-lazy/-/import-lazy-3.1.0.tgz#891279202c8a2280fdbd6674dbd8da1a1dfc67cc"
-  integrity sha512-8/gvXvX2JMn0F+CDlSC4l6kOmVaLOO3XLkksI7CI3Ud95KDYJuYur2b9P/PUt/i/pDAMd/DulQsNbbbmRRsDIQ==
+import-lazy@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/import-lazy/-/import-lazy-4.0.0.tgz#e8eb627483a0a43da3c03f3e35548be5cb0cc153"
+  integrity sha512-rKtvo6a868b5Hu3heneU+L4yEQ4jYKLtjpnPeUdK7h0yzXGmyBTypknlkCvHFBqfX9YlorEiMM6Dnq/5atfHkw==
 
 import-local@^2.0.0:
   version "2.0.0"
@@ -5793,6 +5823,11 @@ is-fullwidth-code-point@^2.0.0:
   resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz#a3b30a5c4f199183167aaab93beefae3ddfb654f"
   integrity sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=
 
+is-fullwidth-code-point@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz#f116f8064fe90b3f7844a38997c0b75051269f1d"
+  integrity sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==
+
 is-generator-fn@^2.0.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/is-generator-fn/-/is-generator-fn-2.1.0.tgz#7d140adc389aaf3011a8f2a2a4cfa6faadffb118"
@@ -5842,6 +5877,11 @@ is-number@^3.0.0:
   dependencies:
     kind-of "^3.0.2"
 
+is-number@^7.0.0:
+  version "7.0.0"
+  resolved "https://registry.yarnpkg.com/is-number/-/is-number-7.0.0.tgz#7535345b896734d5f80c4d06c50955527a14f12b"
+  integrity sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==
+
 is-obj@^1.0.0:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/is-obj/-/is-obj-1.0.1.tgz#3e4729ac1f5fde025cd7d83a896dab9f4f67db0f"
@@ -5905,6 +5945,11 @@ is-regexp@^1.0.0:
   resolved "https://registry.yarnpkg.com/is-regexp/-/is-regexp-1.0.0.tgz#fd2d883545c46bac5a633e7b9a09e87fa2cb5069"
   integrity sha1-/S2INUXEa6xaYz57mgnof6LLUGk=
 
+is-regexp@^2.0.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/is-regexp/-/is-regexp-2.1.0.tgz#cd734a56864e23b956bf4e7c66c396a4c0b22c2d"
+  integrity sha512-OZ4IlER3zmRIoB9AqNhEggVxqIH4ofDns5nRrPS6yQxXE1TPCUpFznBfRQmQa8uC+pXqjMnukiJBxCisIxiLGA==
+
 is-resolvable@^1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/is-resolvable/-/is-resolvable-1.1.0.tgz#fb18f87ce1feb925169c9a407c19318a3206ed88"
@@ -5920,11 +5965,6 @@ is-stream@^1.0.0, is-stream@^1.1.0:
   resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44"
   integrity sha1-EtSj3U5o4Lec6428hBc66A2RykQ=
 
-is-supported-regexp-flag@^1.0.0:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/is-supported-regexp-flag/-/is-supported-regexp-flag-1.0.1.tgz#21ee16518d2c1dd3edd3e9a0d57e50207ac364ca"
-  integrity sha512-3vcJecUUrpgCqc/ca0aWeNu64UGgxcvO60K/Fkr1N6RSvfGCTU60UKN68JDmKokgba0rFFJs12EnzOQa14ubKQ==
-
 is-symbol@^1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/is-symbol/-/is-symbol-1.0.2.tgz#a055f6ae57192caee329e7a860118b497a950f38"
@@ -6539,7 +6579,7 @@ js-tokens@^3.0.2:
   resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.2.tgz#9866df395102130e38f7f996bceb65443209c25b"
   integrity sha1-mGbfOVECEw449/mWvOtlRDIJwls=
 
-js-yaml@^3.12.0, js-yaml@^3.9.0:
+js-yaml@^3.12.0, js-yaml@^3.13.1:
   version "3.13.1"
   resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.13.1.tgz#aff151b30bfdfa8e49e05da22e7415e9dfa37847"
   integrity sha512-YfbcO7jXDdyj0DGxYVSlSeQNHbD7XPWvrVWeVUujrQEoZzWJIRrCPoyk6kL6IAjAG2IolMK4T0hNUe0HOUs5Jw==
@@ -6841,10 +6881,10 @@ kleur@^3.0.2:
   resolved "https://registry.yarnpkg.com/kleur/-/kleur-3.0.3.tgz#a79c9ecc86ee1ce3fa6206d1216c501f147fc07e"
   integrity sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==
 
-known-css-properties@^0.11.0:
-  version "0.11.0"
-  resolved "https://registry.yarnpkg.com/known-css-properties/-/known-css-properties-0.11.0.tgz#0da784f115ea77c76b81536d7052e90ee6c86a8a"
-  integrity sha512-bEZlJzXo5V/ApNNa5z375mJC6Nrz4vG43UgcSCrg2OHC+yuB6j0iDSrY7RQ/+PRofFB03wNIIt9iXIVLr4wc7w==
+known-css-properties@^0.14.0:
+  version "0.14.0"
+  resolved "https://registry.yarnpkg.com/known-css-properties/-/known-css-properties-0.14.0.tgz#d7032b4334a32dc22e6e46b081ec789daf18756c"
+  integrity sha512-P+0a/gBzLgVlCnK8I7VcD0yuYJscmWn66wH9tlKsQnmVdg689tLEmziwB9PuazZYLkcm07fvWOKCJJqI55sD5Q==
 
 latest-version@^3.0.0:
   version "3.1.0"
@@ -6877,6 +6917,11 @@ leven@^2.1.0:
   resolved "https://registry.yarnpkg.com/leven/-/leven-2.1.0.tgz#c2e7a9f772094dee9d34202ae8acce4687875580"
   integrity sha1-wuep93IJTe6dNCAq6KzORoeHVYA=
 
+leven@^3.1.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/leven/-/leven-3.1.0.tgz#77891de834064cccba82ae7842bb6b14a13ed7f2"
+  integrity sha512-qsda+H8jTaUaN/x5vzW2rzc+8Rw4TAQ/4KjB46IwK5VH+IlVeeeje/EoZRpiXvIqjFgK84QffqPztGI3VBLG1A==
+
 levn@^0.3.0, levn@~0.3.0:
   version "0.3.0"
   resolved "https://registry.yarnpkg.com/levn/-/levn-0.3.0.tgz#3b09924edf9f083c0490fdd4c0bc4421e04764ee"
@@ -7015,18 +7060,25 @@ lodash.upperfirst@4.3.1:
   resolved "https://registry.yarnpkg.com/lodash.upperfirst/-/lodash.upperfirst-4.3.1.tgz#1365edf431480481ef0d1c68957a5ed99d49f7ce"
   integrity sha1-E2Xt9DFIBIHvDRxolXpe2Z1J984=
 
-lodash@^4.0.0, lodash@^4.13.1, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.14, lodash@^4.17.4, lodash@^4.17.5, lodash@^4.5.0, lodash@~4.17.10:
-  version "4.17.14"
-  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.14.tgz#9ce487ae66c96254fe20b599f21b6816028078ba"
-  integrity sha512-mmKYbW3GLuJeX+iGP+Y7Gp1AiGHGbXHCOh/jZmrawMmsE7MS4znI3RL2FsjbqOyMayHInjOeykW7PEajUk1/xw==
+lodash@^4.0.0, lodash@^4.13.1, lodash@^4.17.10, lodash@^4.17.11, lodash@^4.17.13, lodash@^4.17.14, lodash@^4.17.4, lodash@^4.17.5, lodash@^4.5.0, lodash@~4.17.10:
+  version "4.17.15"
+  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.15.tgz#b447f6670a0455bbfeedd11392eff330ea097548"
+  integrity sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==
 
-log-symbols@^2.0.0, log-symbols@^2.1.0, log-symbols@^2.2.0:
+log-symbols@^2.1.0, log-symbols@^2.2.0:
   version "2.2.0"
   resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-2.2.0.tgz#5740e1c5d6f0dfda4ad9323b5332107ef6b4c40a"
   integrity sha512-VeIAFslyIerEJLXHziedo2basKbMKtTw3vfn5IzG0XTjhAVEJyNHnL2p7vc+wBDSdQuUpNw3M2u6xb9QsAY5Eg==
   dependencies:
     chalk "^2.0.1"
 
+log-symbols@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-3.0.0.tgz#f3a08516a5dea893336a7dee14d18a1cfdab77c4"
+  integrity sha512-dSkNGuI7iG3mfvDzUuYZyvk5dD9ocYCYzNU6CYDE6+Xqd+gwme6Z00NS3dUh8mq/73HaEtT7m6W+yUPtU6BZnQ==
+  dependencies:
+    chalk "^2.4.2"
+
 log4js@^3.0.0:
   version "3.0.5"
   resolved "https://registry.yarnpkg.com/log4js/-/log4js-3.0.5.tgz#b80146bfebad68b430d4f3569556d8a6edfef303"
@@ -7188,10 +7240,10 @@ marked@^0.3.12, marked@~0.3.6:
   resolved "https://registry.yarnpkg.com/marked/-/marked-0.3.19.tgz#5d47f709c4c9fc3c216b6d46127280f40b39d790"
   integrity sha512-ea2eGWOqNxPcXv8dyERdSr/6FmzvWwzjMxpfGB/sbMccXoct+xY+YukPD+QTUZwyvK7BZwcr4m21WBOW41pAkg==
 
-mathml-tag-names@^2.0.1:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/mathml-tag-names/-/mathml-tag-names-2.1.0.tgz#490b70e062ee24636536e3d9481e333733d00f2c"
-  integrity sha512-3Zs9P/0zzwTob2pdgT0CHZuMbnSUSp8MB1bddfm+HDmnFWHGT4jvEZRf+2RuPoa+cjdn/z25SEt5gFTqdhvJAg==
+mathml-tag-names@^2.1.0:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/mathml-tag-names/-/mathml-tag-names-2.1.1.tgz#6dff66c99d55ecf739ca53c492e626f1d12a33cc"
+  integrity sha512-pWB896KPGSGkp1XtyzRBftpTzwSOL0Gfk0wLvxt4f2mgzjY19o0LxJ3U25vNWTzsh7da+KTbuXQoQ3lOJZ8WHw==
 
 md5.js@^1.3.4:
   version "1.3.4"
@@ -7350,6 +7402,14 @@ micromatch@^3.0.4, micromatch@^3.1.10, micromatch@^3.1.4, micromatch@^3.1.6, mic
     snapdragon "^0.8.1"
     to-regex "^3.0.2"
 
+micromatch@^4.0.0:
+  version "4.0.2"
+  resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.2.tgz#4fcb0999bf9fbc2fcbdd212f6d629b9a56c39259"
+  integrity sha512-y7FpHSbMUMoyPbYUSzO6PaZ6FyRnQOpHuKwbo1G+Knck95XVU4QAiKdGEnj5wwoS7PlOgthX/09u5iFJ+aYf5Q==
+  dependencies:
+    braces "^3.0.1"
+    picomatch "^2.0.5"
+
 miller-rabin@^4.0.0:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/miller-rabin/-/miller-rabin-4.0.1.tgz#f080351c865b0dc562a8462966daa53543c78a4d"
@@ -7718,10 +7778,10 @@ node-pre-gyp@^0.12.0:
     semver "^5.3.0"
     tar "^4"
 
-node-releases@^1.1.19:
-  version "1.1.19"
-  resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.19.tgz#c492d1e381fea0350b338b646c27867e88e91b3d"
-  integrity sha512-SH/B4WwovHbulIALsQllAVwqZZD1kPmKCqrhGfR29dXjLAVZMHvBjD3S6nL9D/J9QkmZ1R92/0wCMDKXUUvyyA==
+node-releases@^1.1.25:
+  version "1.1.25"
+  resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.25.tgz#0c2d7dbc7fed30fbe02a9ee3007b8c90bf0133d3"
+  integrity sha512-fI5BXuk83lKEoZDdH3gRhtsNgh05/wZacuXkgbiYkceE7+QIMXOg98n9ZV7mz27B+kFHnqHcUpscZZlGRSmTpQ==
   dependencies:
     semver "^5.3.0"
 
@@ -8367,6 +8427,11 @@ performance-now@^2.1.0:
   resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-2.1.0.tgz#6309f4e0e5fa913ec1c69307ae364b4b377c9e7b"
   integrity sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=
 
+picomatch@^2.0.5:
+  version "2.0.7"
+  resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.0.7.tgz#514169d8c7cd0bdbeecc8a2609e34a7163de69f6"
+  integrity sha512-oLHIdio3tZ0qH76NybpeneBhYVj0QFTfXEFTc/B3zKQspYfYYkWYgFsmzo+4kvId/bQRcNkVeguI3y+CD22BtA==
+
 pify@^2.0.0:
   version "2.3.0"
   resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c"
@@ -8377,7 +8442,7 @@ pify@^3.0.0:
   resolved "https://registry.yarnpkg.com/pify/-/pify-3.0.0.tgz#e5a4acd2c101fdf3d9a4d07f0dbc4db49dd28176"
   integrity sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=
 
-pify@^4.0.0, pify@^4.0.1:
+pify@^4.0.1:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/pify/-/pify-4.0.1.tgz#4b2cd25c50d598735c50292224fd8c6df41e3231"
   integrity sha512-uB80kBFb/tfd68bVleG9T5GGsGPjJrLAUpR5PZIrhBnIaRTQRjqdJSsIKkOP6OAIFbj7GOrcudc5pNjZ+geV2g==
@@ -8480,17 +8545,17 @@ postcss-html@^0.36.0:
   dependencies:
     htmlparser2 "^3.10.0"
 
-postcss-jsx@^0.36.0:
-  version "0.36.0"
-  resolved "https://registry.yarnpkg.com/postcss-jsx/-/postcss-jsx-0.36.0.tgz#b7685ed3d070a175ef0aa48f83d9015bd772c82d"
-  integrity sha512-/lWOSXSX5jlITCKFkuYU2WLFdrncZmjSVyNpHAunEgirZXLwI8RjU556e3Uz4mv0WVHnJA9d3JWb36lK9Yx99g==
+postcss-jsx@^0.36.1:
+  version "0.36.2"
+  resolved "https://registry.yarnpkg.com/postcss-jsx/-/postcss-jsx-0.36.2.tgz#34bcd6752426a60b8df73f069e7595383060a794"
+  integrity sha512-7B8a8a6YDOQFqMQ9UmOo+IPPb2i14Z57Fvc9cOI11B3bWMSY2O6r2XJ3tlcQhUhv93TeN0ntxehTaSWJDQavlg==
   dependencies:
-    "@babel/core" ">=7.1.0"
+    "@babel/core" ">=7.2.2"
 
-postcss-less@^3.1.0:
-  version "3.1.2"
-  resolved "https://registry.yarnpkg.com/postcss-less/-/postcss-less-3.1.2.tgz#fb67e7ba351dbdf69de3c52eebd1184c52bfaea6"
-  integrity sha512-66ZBVo1JGkQ7r13M97xcHcyarWpgg21RaqIZWZXHE3XOtb5+ywK1uZWeY1DYkYRkIX/l8Hvxnx9iSKB68nFr+w==
+postcss-less@^3.1.4:
+  version "3.1.4"
+  resolved "https://registry.yarnpkg.com/postcss-less/-/postcss-less-3.1.4.tgz#369f58642b5928ef898ffbc1a6e93c958304c5ad"
+  integrity sha512-7TvleQWNM2QLcHqvudt3VYjULVB49uiW6XzEUFmvwHzvsOEF5MwBrIXZDJQvJNFGjJQTzSzZnDoCJ8h/ljyGXA==
   dependencies:
     postcss "^7.0.14"
 
@@ -8538,7 +8603,7 @@ postcss-modules-values@^1.3.0:
     icss-replace-symbols "^1.1.0"
     postcss "^6.0.1"
 
-postcss-reporter@^6.0.0:
+postcss-reporter@^6.0.1:
   version "6.0.1"
   resolved "https://registry.yarnpkg.com/postcss-reporter/-/postcss-reporter-6.0.1.tgz#7c055120060a97c8837b4e48215661aafb74245f"
   integrity sha512-LpmQjfRWyabc+fRygxZjpRxfhRf9u/fdlKf4VHG4TSPbV2XNsuISzYW1KL+1aQzx53CAppa1bKG4APIB/DOXXw==
@@ -8553,7 +8618,7 @@ postcss-resolve-nested-selector@^0.1.1:
   resolved "https://registry.yarnpkg.com/postcss-resolve-nested-selector/-/postcss-resolve-nested-selector-0.1.1.tgz#29ccbc7c37dedfac304e9fff0bf1596b3f6a0e4e"
   integrity sha1-Kcy8fDfe36wwTp//C/FZaz9qDk4=
 
-postcss-safe-parser@^4.0.0:
+postcss-safe-parser@^4.0.1:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/postcss-safe-parser/-/postcss-safe-parser-4.0.1.tgz#8756d9e4c36fdce2c72b091bbc8ca176ab1fcdea"
   integrity sha512-xZsFA3uX8MO3yAda03QrG3/Eg1LN3EPfjjf07vke/46HERLZyHrTsQ9E1r1w1W//fWEhtYNndo2hQplN2cVpCQ==
@@ -8593,6 +8658,15 @@ postcss-selector-parser@^5.0.0:
     indexes-of "^1.0.1"
     uniq "^1.0.1"
 
+postcss-selector-parser@^6.0.2:
+  version "6.0.2"
+  resolved "https://registry.yarnpkg.com/postcss-selector-parser/-/postcss-selector-parser-6.0.2.tgz#934cf799d016c83411859e09dcecade01286ec5c"
+  integrity sha512-36P2QR59jDTOAiIkqEprfJDsoNrvwFei3eCqKd1Y0tUsBimsq39BLp7RD+JWny3WgB1zGhJX8XVePwm9k4wdBg==
+  dependencies:
+    cssesc "^3.0.0"
+    indexes-of "^1.0.1"
+    uniq "^1.0.1"
+
 postcss-syntax@^0.36.2:
   version "0.36.2"
   resolved "https://registry.yarnpkg.com/postcss-syntax/-/postcss-syntax-0.36.2.tgz#f08578c7d95834574e5593a82dfbfa8afae3b51c"
@@ -8603,6 +8677,11 @@ postcss-value-parser@^3.3.0, postcss-value-parser@^3.3.1:
   resolved "https://registry.yarnpkg.com/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz#9ff822547e2893213cf1c30efa51ac5fd1ba8281"
   integrity sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==
 
+postcss-value-parser@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/postcss-value-parser/-/postcss-value-parser-4.0.0.tgz#99a983d365f7b2ad8d0f9b8c3094926eab4b936d"
+  integrity sha512-ESPktioptiSUchCKgggAkzdmkgzKfmp0EU8jXH+5kbIUB+unr0Y4CY9SRMvibuvYUBjNh1ACLbxqYNpdTQOteQ==
+
 postcss@^6.0.1, postcss@^6.0.14, postcss@^6.0.23:
   version "6.0.23"
   resolved "https://registry.yarnpkg.com/postcss/-/postcss-6.0.23.tgz#61c82cc328ac60e677645f979054eb98bc0e3324"
@@ -8612,10 +8691,10 @@ postcss@^6.0.1, postcss@^6.0.14, postcss@^6.0.23:
     source-map "^0.6.1"
     supports-color "^5.4.0"
 
-postcss@^7.0.0, postcss@^7.0.1, postcss@^7.0.13, postcss@^7.0.14, postcss@^7.0.2, postcss@^7.0.7:
-  version "7.0.14"
-  resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.14.tgz#4527ed6b1ca0d82c53ce5ec1a2041c2346bbd6e5"
-  integrity sha512-NsbD6XUUMZvBxtQAJuWDJeeC4QFsmWsfozWxCJPWf3M55K9iu2iMDaKqyoOdTJ1R4usBXuxlVFAIo8rZPQD4Bg==
+postcss@^7.0.0, postcss@^7.0.1, postcss@^7.0.14, postcss@^7.0.17, postcss@^7.0.2, postcss@^7.0.7:
+  version "7.0.17"
+  resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.17.tgz#4da1bdff5322d4a0acaab4d87f3e782436bad31f"
+  integrity sha512-546ZowA+KZ3OasvQZHsbuEpysvwTZNGJv9EfyCQdsIDltPSWHAeTQ5fQy/Npi2ZDtLI3zs7Ps/p6wThErhm9fQ==
   dependencies:
     chalk "^2.4.2"
     source-map "^0.6.1"
@@ -9434,10 +9513,10 @@ resolve-from@^3.0.0:
   resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-3.0.0.tgz#b22c7af7d9d6881bc8b6e653335eebcb0a188748"
   integrity sha1-six699nWiBvItuZTM17rywoYh0g=
 
-resolve-from@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-4.0.0.tgz#4abcd852ad32dd7baabfe9b40e00a36db5f392e6"
-  integrity sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==
+resolve-from@^5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-5.0.0.tgz#c35225843df8f776df21c57557bc087e9dfdfc69"
+  integrity sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==
 
 resolve-url@^0.2.1:
   version "0.2.1"
@@ -9820,6 +9899,11 @@ slash@^2.0.0:
   resolved "https://registry.yarnpkg.com/slash/-/slash-2.0.0.tgz#de552851a1759df3a8f206535442f5ec4ddeab44"
   integrity sha512-ZYKh3Wh2z1PpEXWr0MpSBZ0V6mZHAQfYevttO11c51CaWjGTaadiKZ+wVt1PbMlDV5qhMFslpZCemhwOK7C89A==
 
+slash@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/slash/-/slash-3.0.0.tgz#6539be870c165adbd5240220dbe361f1bc4d4634"
+  integrity sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==
+
 slice-ansi@^2.1.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/slice-ansi/-/slice-ansi-2.1.0.tgz#cacd7693461a637a5788d92a7dd4fba068e81636"
@@ -10220,6 +10304,15 @@ string-width@^3.0.0:
     is-fullwidth-code-point "^2.0.0"
     strip-ansi "^5.0.0"
 
+string-width@^4.1.0:
+  version "4.1.0"
+  resolved "https://registry.yarnpkg.com/string-width/-/string-width-4.1.0.tgz#ba846d1daa97c3c596155308063e075ed1c99aff"
+  integrity sha512-NrX+1dVVh+6Y9dnQ19pR0pP4FiEIlUvdTGn8pw6CKTNq5sgib2nIhmUNT5TAmhWmvKr3WcxBcP3E8nWezuipuQ==
+  dependencies:
+    emoji-regex "^8.0.0"
+    is-fullwidth-code-point "^3.0.0"
+    strip-ansi "^5.2.0"
+
 string_decoder@^1.0.0, string_decoder@^1.1.1, string_decoder@~1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.1.1.tgz#9cf1611ba62685d7030ae9e4ba34149c3af03fc8"
@@ -10256,7 +10349,7 @@ strip-ansi@^4.0.0:
   dependencies:
     ansi-regex "^3.0.0"
 
-strip-ansi@^5.0.0:
+strip-ansi@^5.0.0, strip-ansi@^5.2.0:
   version "5.2.0"
   resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-5.2.0.tgz#8c9a536feb6afc962bdfa5b104a5091c1ad9c0ae"
   integrity sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==
@@ -10317,79 +10410,75 @@ style-search@^0.1.0:
   resolved "https://registry.yarnpkg.com/style-search/-/style-search-0.1.0.tgz#7958c793e47e32e07d2b5cafe5c0bf8e12e77902"
   integrity sha1-eVjHk+R+MuB9K1yv5cC/jhLneQI=
 
-stylelint-config-recommended@^2.1.0:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/stylelint-config-recommended/-/stylelint-config-recommended-2.1.0.tgz#f526d5c771c6811186d9eaedbed02195fee30858"
-  integrity sha512-ajMbivOD7JxdsnlS5945KYhvt7L/HwN6YeYF2BH6kE4UCLJR0YvXMf+2j7nQpJyYLZx9uZzU5G1ZOSBiWAc6yA==
-
-stylelint-error-string-formatter@1.0.2:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/stylelint-error-string-formatter/-/stylelint-error-string-formatter-1.0.2.tgz#3076c6703d3e0170daeb55fe85030d63c834745e"
-  integrity sha512-xN69xRB0eTgYcGKVHWIiH2L+Xx8fRPliTiLjaS4YlbfBqkdTuZh2wjtfvNCkCzBTNeINWa5GpSa9RFYXdtwV6w==
+stylelint-config-recommended@^2.2.0:
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/stylelint-config-recommended/-/stylelint-config-recommended-2.2.0.tgz#46ab139db4a0e7151fd5f94af155512886c96d3f"
+  integrity sha512-bZ+d4RiNEfmoR74KZtCKmsABdBJr4iXRiCso+6LtMJPw5rd/KnxUWTxht7TbafrTJK1YRjNgnN0iVZaJfc3xJA==
 
-stylelint-scss@^3.5.4:
-  version "3.5.4"
-  resolved "https://registry.yarnpkg.com/stylelint-scss/-/stylelint-scss-3.5.4.tgz#ff3ee989ac48f5c4f57313523b5ace059ffd6cc2"
-  integrity sha512-hEdEOfFXVqxWcUbenBONW/cAw5cJcEDasY8tGwKNAAn1GDHoZO1ATdWpr+iIk325mPGIQqVb1sUxsRxuL70trw==
+stylelint-scss@^3.9.2:
+  version "3.9.2"
+  resolved "https://registry.yarnpkg.com/stylelint-scss/-/stylelint-scss-3.9.2.tgz#5435174a57696ee52eae40146778a4e62f7ed3a3"
+  integrity sha512-VUh173p3T1qJf016P7yeJ6nxkUpqF5qQ+VSDw3J8P6wEJbA1loaNgBHR3k3skHvUkF+9brLO1ibCHA00pjW3cw==
   dependencies:
     lodash "^4.17.11"
     postcss-media-query-parser "^0.2.3"
     postcss-resolve-nested-selector "^0.1.1"
-    postcss-selector-parser "^5.0.0"
-    postcss-value-parser "^3.3.1"
+    postcss-selector-parser "^6.0.2"
+    postcss-value-parser "^4.0.0"
 
-stylelint@^9.10.1:
-  version "9.10.1"
-  resolved "https://registry.yarnpkg.com/stylelint/-/stylelint-9.10.1.tgz#5f0ee3701461dff1d68284e1386efe8f0677a75d"
-  integrity sha512-9UiHxZhOAHEgeQ7oLGwrwoDR8vclBKlSX7r4fH0iuu0SfPwFaLkb1c7Q2j1cqg9P7IDXeAV2TvQML/fRQzGBBQ==
+stylelint@^10.1.0:
+  version "10.1.0"
+  resolved "https://registry.yarnpkg.com/stylelint/-/stylelint-10.1.0.tgz#1bc4c4ce878107e7c396b19226d91ba28268911a"
+  integrity sha512-OmlUXrgzEMLQYj1JPTpyZPR9G4bl0StidfHnGJEMpdiQ0JyTq0MPg1xkHk1/xVJ2rTPESyJCDWjG8Kbpoo7Kuw==
   dependencies:
-    autoprefixer "^9.0.0"
+    autoprefixer "^9.5.1"
     balanced-match "^1.0.0"
-    chalk "^2.4.1"
-    cosmiconfig "^5.0.0"
-    debug "^4.0.0"
-    execall "^1.0.0"
-    file-entry-cache "^4.0.0"
-    get-stdin "^6.0.0"
+    chalk "^2.4.2"
+    cosmiconfig "^5.2.0"
+    debug "^4.1.1"
+    execall "^2.0.0"
+    file-entry-cache "^5.0.1"
+    get-stdin "^7.0.0"
     global-modules "^2.0.0"
-    globby "^9.0.0"
+    globby "^9.2.0"
     globjoin "^0.1.4"
-    html-tags "^2.0.0"
-    ignore "^5.0.4"
-    import-lazy "^3.1.0"
+    html-tags "^3.0.0"
+    ignore "^5.0.6"
+    import-lazy "^4.0.0"
     imurmurhash "^0.1.4"
-    known-css-properties "^0.11.0"
-    leven "^2.1.0"
-    lodash "^4.17.4"
-    log-symbols "^2.0.0"
-    mathml-tag-names "^2.0.1"
+    known-css-properties "^0.14.0"
+    leven "^3.1.0"
+    lodash "^4.17.11"
+    log-symbols "^3.0.0"
+    mathml-tag-names "^2.1.0"
     meow "^5.0.0"
-    micromatch "^3.1.10"
+    micromatch "^4.0.0"
     normalize-selector "^0.2.0"
-    pify "^4.0.0"
-    postcss "^7.0.13"
+    pify "^4.0.1"
+    postcss "^7.0.14"
     postcss-html "^0.36.0"
-    postcss-jsx "^0.36.0"
-    postcss-less "^3.1.0"
+    postcss-jsx "^0.36.1"
+    postcss-less "^3.1.4"
     postcss-markdown "^0.36.0"
     postcss-media-query-parser "^0.2.3"
-    postcss-reporter "^6.0.0"
+    postcss-reporter "^6.0.1"
     postcss-resolve-nested-selector "^0.1.1"
-    postcss-safe-parser "^4.0.0"
+    postcss-safe-parser "^4.0.1"
     postcss-sass "^0.3.5"
     postcss-scss "^2.0.0"
     postcss-selector-parser "^3.1.0"
     postcss-syntax "^0.36.2"
-    postcss-value-parser "^3.3.0"
-    resolve-from "^4.0.0"
+    postcss-value-parser "^3.3.1"
+    resolve-from "^5.0.0"
     signal-exit "^3.0.2"
-    slash "^2.0.0"
+    slash "^3.0.0"
     specificity "^0.4.1"
-    string-width "^3.0.0"
+    string-width "^4.1.0"
+    strip-ansi "^5.2.0"
     style-search "^0.1.0"
     sugarss "^2.0.0"
     svg-tags "^1.0.0"
-    table "^5.0.0"
+    table "^5.2.3"
 
 sugarss@^2.0.0:
   version "2.0.0"
@@ -10437,13 +10526,13 @@ symbol-tree@^3.2.2:
   resolved "https://registry.yarnpkg.com/symbol-tree/-/symbol-tree-3.2.2.tgz#ae27db38f660a7ae2e1c3b7d1bc290819b8519e6"
   integrity sha1-rifbOPZgp64uHDt9G8KQgZuFGeY=
 
-table@^5.0.0, table@^5.0.2:
-  version "5.2.3"
-  resolved "https://registry.yarnpkg.com/table/-/table-5.2.3.tgz#cde0cc6eb06751c009efab27e8c820ca5b67b7f2"
-  integrity sha512-N2RsDAMvDLvYwFcwbPyF3VmVSSkuF+G1e+8inhBLtHpvwXGw4QRPEZhihQNeEN0i1up6/f6ObCJXNdlRG3YVyQ==
+table@^5.0.2, table@^5.2.3:
+  version "5.4.4"
+  resolved "https://registry.yarnpkg.com/table/-/table-5.4.4.tgz#6e0f88fdae3692793d1077fd172a4667afe986a6"
+  integrity sha512-IIfEAUx5QlODLblLrGTTLJA7Tk0iLSGBvgY8essPRVNGHAzThujww1YqHLs6h3HfTg55h++RzLHH5Xw/rfv+mg==
   dependencies:
-    ajv "^6.9.1"
-    lodash "^4.17.11"
+    ajv "^6.10.2"
+    lodash "^4.17.14"
     slice-ansi "^2.1.0"
     string-width "^3.0.0"
 
@@ -10703,6 +10792,13 @@ to-regex-range@^2.1.0:
     is-number "^3.0.0"
     repeat-string "^1.6.1"
 
+to-regex-range@^5.0.1:
+  version "5.0.1"
+  resolved "https://registry.yarnpkg.com/to-regex-range/-/to-regex-range-5.0.1.tgz#1648c44aae7c8d988a326018ed72f5b4dd0392e4"
+  integrity sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==
+  dependencies:
+    is-number "^7.0.0"
+
 to-regex@^3.0.1, to-regex@^3.0.2:
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/to-regex/-/to-regex-3.0.2.tgz#13cfdd9b336552f30b51f33a8ae1b42a7a7599ce"
-- 
cgit v1.2.1


From 50a24da200be48940af2eeba075a69d9fd1fd35b Mon Sep 17 00:00:00 2001
From: Sanad Liaquat <sliaquat@gitlab.com>
Date: Tue, 23 Jul 2019 14:15:22 +0500
Subject: Replace homepage visit step

---
 .../features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
index 1519bbf9e31..70c03e10449 100644
--- a/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
+++ b/qa/qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb
@@ -18,10 +18,10 @@ module QA
 
         QA::Runtime::Env.personal_access_token = nil
 
-        Runtime::Browser.visit(:gitlab, Page::Main::Login)
-
         Page::Main::Menu.perform(&:sign_out) if Page::Main::Menu.perform { |p| p.has_personal_area?(wait: 0) }
 
+        Runtime::Browser.visit(:gitlab, Page::Main::Login)
+
         Page::Main::Login.perform(&:sign_in_using_credentials)
 
         project = Resource::Project.fabricate_via_api! do |resource|
-- 
cgit v1.2.1


From 3a4cb6d6759abbfd16e048413e8545d1d94e7d9e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kamil=20Trzci=C5=84ski?= <ayufan@ayufan.eu>
Date: Tue, 23 Jul 2019 09:30:00 +0000
Subject: Bring backward compatibility for request profiles

It seems that we missed the backward compatibility support
for profiles in the existing folder.

This commit also fixes some specs to be idempotent
and work in a temporary directory which not always
seems to be the case.

This commit also brings the profile_spec.rb which seems
to be missing.
---
 .../admin/requests_profiles_controller.rb          |  4 +-
 lib/gitlab/request_profiler.rb                     | 15 ++++++
 lib/gitlab/request_profiler/profile.rb             | 29 ++++-------
 .../admin/requests_profiles_controller_spec.rb     |  2 +-
 .../features/admin/admin_requests_profiles_spec.rb | 12 ++++-
 spec/lib/gitlab/request_profiler/profile_spec.rb   | 59 ++++++++++++++++++++++
 spec/lib/gitlab/request_profiler_spec.rb           | 41 ++++++++++++---
 7 files changed, 130 insertions(+), 32 deletions(-)
 create mode 100644 spec/lib/gitlab/request_profiler/profile_spec.rb

diff --git a/app/controllers/admin/requests_profiles_controller.rb b/app/controllers/admin/requests_profiles_controller.rb
index 1d14812186a..24383455064 100644
--- a/app/controllers/admin/requests_profiles_controller.rb
+++ b/app/controllers/admin/requests_profiles_controller.rb
@@ -3,12 +3,12 @@
 class Admin::RequestsProfilesController < Admin::ApplicationController
   def index
     @profile_token = Gitlab::RequestProfiler.profile_token
-    @profiles      = Gitlab::RequestProfiler::Profile.all.group_by(&:request_path)
+    @profiles      = Gitlab::RequestProfiler.all.group_by(&:request_path)
   end
 
   def show
     clean_name = Rack::Utils.clean_path_info(params[:name])
-    profile    = Gitlab::RequestProfiler::Profile.find(clean_name)
+    profile    = Gitlab::RequestProfiler.find(clean_name)
 
     unless profile && profile.content_type
       return redirect_to admin_requests_profiles_path, alert: 'Profile not found'
diff --git a/lib/gitlab/request_profiler.rb b/lib/gitlab/request_profiler.rb
index 64593153686..033e451dbee 100644
--- a/lib/gitlab/request_profiler.rb
+++ b/lib/gitlab/request_profiler.rb
@@ -6,6 +6,21 @@ module Gitlab
   module RequestProfiler
     PROFILES_DIR = "#{Gitlab.config.shared.path}/tmp/requests_profiles".freeze
 
+    def all
+      Dir["#{PROFILES_DIR}/*.{html,txt}"].map do |path|
+        Profile.new(File.basename(path))
+      end.select(&:valid?)
+    end
+    module_function :all
+
+    def find(name)
+      file_path = File.join(PROFILES_DIR, name)
+      return unless File.exist?(file_path)
+
+      Profile.new(name)
+    end
+    module_function :find
+
     def profile_token
       Rails.cache.fetch('profile-token') do
         Devise.friendly_token
diff --git a/lib/gitlab/request_profiler/profile.rb b/lib/gitlab/request_profiler/profile.rb
index 74f2ec1d083..76c675658b1 100644
--- a/lib/gitlab/request_profiler/profile.rb
+++ b/lib/gitlab/request_profiler/profile.rb
@@ -7,19 +7,6 @@ module Gitlab
 
       alias_method :to_param, :name
 
-      def self.all
-        Dir["#{PROFILES_DIR}/*.{html,txt}"].map do |path|
-          new(File.basename(path))
-        end
-      end
-
-      def self.find(name)
-        file_path = File.join(PROFILES_DIR, name)
-        return unless File.exist?(file_path)
-
-        new(name)
-      end
-
       def initialize(name)
         @name = name
         @file_path = File.join(PROFILES_DIR, name)
@@ -27,8 +14,8 @@ module Gitlab
         set_attributes
       end
 
-      def content
-        File.read("#{PROFILES_DIR}/#{name}")
+      def valid?
+        @request_path.present?
       end
 
       def content_type
@@ -43,11 +30,13 @@ module Gitlab
       private
 
       def set_attributes
-        _, path, timestamp, profile_mode, type = name.split(/(.*)_(\d+)_(.*)\.(html|txt)$/)
-        @request_path      = path.tr('|', '/')
-        @time              = Time.at(timestamp.to_i).utc
-        @profile_mode      = profile_mode
-        @type              = type
+        matches = name.match(/^(?<path>.*)_(?<timestamp>\d+)(_(?<profile_mode>\w+))?\.(?<type>html|txt)$/)
+        return unless matches
+
+        @request_path      = matches[:path].tr('|', '/')
+        @time              = Time.at(matches[:timestamp].to_i).utc
+        @profile_mode      = matches[:profile_mode] || 'unknown'
+        @type              = matches[:type]
       end
     end
   end
diff --git a/spec/controllers/admin/requests_profiles_controller_spec.rb b/spec/controllers/admin/requests_profiles_controller_spec.rb
index 289bb58c5a8..345f7720c25 100644
--- a/spec/controllers/admin/requests_profiles_controller_spec.rb
+++ b/spec/controllers/admin/requests_profiles_controller_spec.rb
@@ -23,7 +23,7 @@ describe Admin::RequestsProfilesController do
     end
 
     after do
-      File.unlink(test_file)
+      FileUtils.rm_rf(tmpdir)
     end
 
     context 'when loading HTML profile' do
diff --git a/spec/features/admin/admin_requests_profiles_spec.rb b/spec/features/admin/admin_requests_profiles_spec.rb
index a962af4952b..e8764d0a79c 100644
--- a/spec/features/admin/admin_requests_profiles_spec.rb
+++ b/spec/features/admin/admin_requests_profiles_spec.rb
@@ -1,13 +1,15 @@
 require 'spec_helper'
 
 describe 'Admin::RequestsProfilesController' do
+  let(:tmpdir) { Dir.mktmpdir('profiler-test') }
+
   before do
-    FileUtils.mkdir_p(Gitlab::RequestProfiler::PROFILES_DIR)
+    stub_const('Gitlab::RequestProfiler::PROFILES_DIR', tmpdir)
     sign_in(create(:admin))
   end
 
   after do
-    Gitlab::RequestProfiler.remove_all_profiles
+    FileUtils.rm_rf(tmpdir)
   end
 
   describe 'GET /admin/requests_profiles' do
@@ -60,6 +62,12 @@ describe 'Admin::RequestsProfilesController' do
             name: "|gitlab-org|infrastructure_#{time2.to_i}_memory.html",
             created: time2,
             profile_mode: 'Memory'
+          },
+          {
+            request_path: '/gitlab-org/infrastructure',
+            name: "|gitlab-org|infrastructure_#{time2.to_i}.html",
+            created: time2,
+            profile_mode: 'Unknown'
           }
         ]
       end
diff --git a/spec/lib/gitlab/request_profiler/profile_spec.rb b/spec/lib/gitlab/request_profiler/profile_spec.rb
new file mode 100644
index 00000000000..b37ee558e1a
--- /dev/null
+++ b/spec/lib/gitlab/request_profiler/profile_spec.rb
@@ -0,0 +1,59 @@
+require 'fast_spec_helper'
+
+describe Gitlab::RequestProfiler::Profile do
+  let(:profile) { described_class.new(filename) }
+
+  describe '.new' do
+    context 'using old filename' do
+      let(:filename) { '|api|v4|version.txt_1562854738.html' }
+
+      it 'returns valid data' do
+        expect(profile).to be_valid
+        expect(profile.request_path).to eq('/api/v4/version.txt')
+        expect(profile.time).to eq(Time.at(1562854738).utc)
+        expect(profile.type).to eq('html')
+      end
+    end
+
+    context 'using new filename' do
+      let(:filename) { '|api|v4|version.txt_1563547949_execution.html' }
+
+      it 'returns valid data' do
+        expect(profile).to be_valid
+        expect(profile.request_path).to eq('/api/v4/version.txt')
+        expect(profile.profile_mode).to eq('execution')
+        expect(profile.time).to eq(Time.at(1563547949).utc)
+        expect(profile.type).to eq('html')
+      end
+    end
+  end
+
+  describe '#content_type' do
+    context 'when using html file' do
+      let(:filename) { '|api|v4|version.txt_1562854738_memory.html' }
+
+      it 'returns valid data' do
+        expect(profile).to be_valid
+        expect(profile.content_type).to eq('text/html')
+      end
+    end
+
+    context 'when using text file' do
+      let(:filename) { '|api|v4|version.txt_1562854738_memory.txt' }
+
+      it 'returns valid data' do
+        expect(profile).to be_valid
+        expect(profile.content_type).to eq('text/plain')
+      end
+    end
+
+    context 'when file is unknown' do
+      let(:filename) { '|api|v4|version.txt_1562854738_memory.xxx' }
+
+      it 'returns valid data' do
+        expect(profile).not_to be_valid
+        expect(profile.content_type).to be_nil
+      end
+    end
+  end
+end
diff --git a/spec/lib/gitlab/request_profiler_spec.rb b/spec/lib/gitlab/request_profiler_spec.rb
index fd8cbf39bce..498c045b6cd 100644
--- a/spec/lib/gitlab/request_profiler_spec.rb
+++ b/spec/lib/gitlab/request_profiler_spec.rb
@@ -13,15 +13,42 @@ describe Gitlab::RequestProfiler do
     end
   end
 
-  describe '.remove_all_profiles' do
-    it 'removes Gitlab::RequestProfiler::PROFILES_DIR directory' do
-      dir = described_class::PROFILES_DIR
-      FileUtils.mkdir_p(dir)
+  context 'with temporary PROFILES_DIR' do
+    let(:tmpdir) { Dir.mktmpdir('profiler-test') }
+    let(:profile_name) { '|api|v4|version.txt_1562854738_memory.html' }
+    let(:profile_path) { File.join(tmpdir, profile_name) }
 
-      expect(Dir.exist?(dir)).to be true
+    before do
+      stub_const('Gitlab::RequestProfiler::PROFILES_DIR', tmpdir)
+      FileUtils.touch(profile_path)
+    end
+
+    after do
+      FileUtils.rm_rf(tmpdir)
+    end
+
+    describe '.remove_all_profiles' do
+      it 'removes Gitlab::RequestProfiler::PROFILES_DIR directory' do
+        described_class.remove_all_profiles
+
+        expect(Dir.exist?(tmpdir)).to be false
+      end
+    end
+
+    describe '.all' do
+      subject { described_class.all }
+
+      it 'returns all profiles' do
+        expect(subject.map(&:name)).to contain_exactly(profile_name)
+      end
+    end
+
+    describe '.find' do
+      subject { described_class.find(profile_name) }
 
-      described_class.remove_all_profiles
-      expect(Dir.exist?(dir)).to be false
+      it 'returns all profiles' do
+        expect(subject.name).to eq(profile_name)
+      end
     end
   end
 end
-- 
cgit v1.2.1


From f5ec6b4e1296475aa4930b504ed2e3d329631fcb Mon Sep 17 00:00:00 2001
From: Heinrich Lee Yu <heinrich@gitlab.com>
Date: Tue, 23 Jul 2019 17:30:25 +0800
Subject: Remove project from show_label_issuables_link?

The project param is unnecessary here
---
 app/helpers/labels_helper.rb          |  5 ++---
 app/views/shared/_label_row.html.haml |  4 ++--
 spec/helpers/labels_helper_spec.rb    | 24 +++---------------------
 3 files changed, 7 insertions(+), 26 deletions(-)

diff --git a/app/helpers/labels_helper.rb b/app/helpers/labels_helper.rb
index db4f29cd996..2ed016beea4 100644
--- a/app/helpers/labels_helper.rb
+++ b/app/helpers/labels_helper.rb
@@ -4,11 +4,10 @@ module LabelsHelper
   extend self
   include ActionView::Helpers::TagHelper
 
-  def show_label_issuables_link?(label, issuables_type, current_user: nil, project: nil)
+  def show_label_issuables_link?(label, issuables_type, current_user: nil)
     return true unless label.project_label?
-    return true unless project
 
-    project.feature_available?(issuables_type, current_user)
+    label.project.feature_available?(issuables_type, current_user)
   end
 
   # Link to a Label
diff --git a/app/views/shared/_label_row.html.haml b/app/views/shared/_label_row.html.haml
index af11ce94ec5..b05d903fabe 100644
--- a/app/views/shared/_label_row.html.haml
+++ b/app/views/shared/_label_row.html.haml
@@ -1,7 +1,7 @@
 - force_priority = local_assigns.fetch(:force_priority, false)
 - subject_or_group_defined = defined?(@project) || defined?(@group)
-- show_label_issues_link = subject_or_group_defined && show_label_issuables_link?(label, :issues, project: @project)
-- show_label_merge_requests_link = subject_or_group_defined && show_label_issuables_link?(label, :merge_requests, project: @project)
+- show_label_issues_link = subject_or_group_defined && show_label_issuables_link?(label, :issues)
+- show_label_merge_requests_link = subject_or_group_defined && show_label_issuables_link?(label, :merge_requests)
 
 .label-name
   = render_label(label, tooltip: false)
diff --git a/spec/helpers/labels_helper_spec.rb b/spec/helpers/labels_helper_spec.rb
index 314305d7a8e..4f1cab38f34 100644
--- a/spec/helpers/labels_helper_spec.rb
+++ b/spec/helpers/labels_helper_spec.rb
@@ -3,10 +3,8 @@ require 'spec_helper'
 describe LabelsHelper do
   describe '#show_label_issuables_link?' do
     shared_examples 'a valid response to show_label_issuables_link?' do |issuables_type, when_enabled = true, when_disabled = false|
-      let(:context_project) { project }
-
       context "when asking for a #{issuables_type} link" do
-        subject { show_label_issuables_link?(label.present(issuable_subject: nil), issuables_type, project: context_project) }
+        subject { show_label_issuables_link?(label.present(issuable_subject: nil), issuables_type) }
 
         context "when #{issuables_type} are enabled for the project" do
           let(:project) { create(:project, "#{issuables_type}_access_level": ProjectFeature::ENABLED) }
@@ -39,27 +37,11 @@ describe LabelsHelper do
       let(:label) { create(:group_label, group: group, title: 'bug') }
 
       context 'when asking for an issue link' do
-        context 'in the context of a project' do
-          it_behaves_like 'a valid response to show_label_issuables_link?', :issues, true, true
-        end
-
-        context 'in the context of a group' do
-          let(:context_project) { nil }
-
-          it_behaves_like 'a valid response to show_label_issuables_link?', :issues, true, true
-        end
+        it_behaves_like 'a valid response to show_label_issuables_link?', :issues, true, true
       end
 
       context 'when asking for a merge requests link' do
-        context 'in the context of a project' do
-          it_behaves_like 'a valid response to show_label_issuables_link?', :merge_requests, true, true
-        end
-
-        context 'in the context of a group' do
-          let(:context_project) { nil }
-
-          it_behaves_like 'a valid response to show_label_issuables_link?', :merge_requests, true, true
-        end
+        it_behaves_like 'a valid response to show_label_issuables_link?', :merge_requests, true, true
       end
     end
   end
-- 
cgit v1.2.1


From c1698f4132526697d711c73ca507bba790f7824c Mon Sep 17 00:00:00 2001
From: Nick Kipling <nkipling@gitlab.com>
Date: Tue, 2 Jul 2019 10:00:07 +0100
Subject: Improving packages navigation in project sidebar

Removed Registry from sidebar
Created new Packages top level item
Added Container Registry into packages
Updated tests to support new layout
---
 app/views/layouts/nav/sidebar/_project.html.haml         | 13 -------------
 .../layouts/nav/sidebar/_project_packages_link.html.haml | 16 ++++++++++++++++
 locale/gitlab.pot                                        |  6 +++---
 .../views/layouts/nav/sidebar/_project.html.haml_spec.rb | 13 +++----------
 4 files changed, 22 insertions(+), 26 deletions(-)
 create mode 100644 app/views/layouts/nav/sidebar/_project_packages_link.html.haml

diff --git a/app/views/layouts/nav/sidebar/_project.html.haml b/app/views/layouts/nav/sidebar/_project.html.haml
index a9af5ba5008..8caae5eed83 100644
--- a/app/views/layouts/nav/sidebar/_project.html.haml
+++ b/app/views/layouts/nav/sidebar/_project.html.haml
@@ -274,19 +274,6 @@
 
             = render_if_exists 'layouts/nav/sidebar/project_feature_flags_link'
 
-      - if project_nav_tab? :container_registry
-        = nav_link(controller: %w[projects/registry/repositories]) do
-          = link_to project_container_registry_index_path(@project), class: 'shortcuts-container-registry' do
-            .nav-icon-container
-              = sprite_icon('disk')
-            %span.nav-item-name
-              = _('Registry')
-          %ul.sidebar-sub-level-items.is-fly-out-only
-            = nav_link(controller: %w[projects/registry/repositories], html_options: { class: "fly-out-top-item" } ) do
-              = link_to project_container_registry_index_path(@project) do
-                %strong.fly-out-top-item-name
-                  = _('Registry')
-
       = render_if_exists 'layouts/nav/sidebar/project_packages_link'
 
       - if project_nav_tab? :wiki
diff --git a/app/views/layouts/nav/sidebar/_project_packages_link.html.haml b/app/views/layouts/nav/sidebar/_project_packages_link.html.haml
new file mode 100644
index 00000000000..0fdfc6cd2ab
--- /dev/null
+++ b/app/views/layouts/nav/sidebar/_project_packages_link.html.haml
@@ -0,0 +1,16 @@
+- if project_nav_tab? :container_registry
+  = nav_link controller: :repositories do
+    = link_to project_container_registry_index_path(@project) do
+      .nav-icon-container
+        = sprite_icon('package')
+      %span.nav-item-name
+        = _('Packages')
+    %ul.sidebar-sub-level-items
+      = nav_link(controller: :repositories, html_options: { class: "fly-out-top-item" } ) do
+        = link_to project_container_registry_index_path(@project) do
+          %strong.fly-out-top-item-name
+            = _('Packages')
+      %li.divider.fly-out-top-item
+      = nav_link controller: :repositories do
+        = link_to project_container_registry_index_path(@project), class: 'shortcuts-container-registry', title: _('Container Registry') do
+          %span= _('Container Registry')
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index bd26ca6714d..56311a506f1 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -7276,6 +7276,9 @@ msgstr ""
 msgid "Owner"
 msgstr ""
 
+msgid "Packages"
+msgstr ""
+
 msgid "Page not found"
 msgstr ""
 
@@ -8772,9 +8775,6 @@ msgstr ""
 msgid "Register with two-factor app"
 msgstr ""
 
-msgid "Registry"
-msgstr ""
-
 msgid "Related Deployed Jobs"
 msgstr ""
 
diff --git a/spec/views/layouts/nav/sidebar/_project.html.haml_spec.rb b/spec/views/layouts/nav/sidebar/_project.html.haml_spec.rb
index 2befbcb3370..b627b9dba59 100644
--- a/spec/views/layouts/nav/sidebar/_project.html.haml_spec.rb
+++ b/spec/views/layouts/nav/sidebar/_project.html.haml_spec.rb
@@ -21,7 +21,7 @@ describe 'layouts/nav/sidebar/_project' do
     end
   end
 
-  describe 'container registry tab' do
+  describe 'packages tab' do
     before do
       stub_container_registry_config(enabled: true)
 
@@ -31,24 +31,17 @@ describe 'layouts/nav/sidebar/_project' do
         .and_return('projects/registry/repositories')
     end
 
-    it 'has both Registry and Repository tabs' do
-      render
-
-      expect(rendered).to have_text 'Repository'
-      expect(rendered).to have_text 'Registry'
-    end
-
     it 'highlights sidebar item and flyout' do
       render
 
       expect(rendered).to have_css('.sidebar-top-level-items > li.active', count: 1)
-      expect(rendered).to have_css('.is-fly-out-only > li.active', count: 1)
+      expect(rendered).to have_css('.sidebar-sub-level-items > li.fly-out-top-item.active', count: 1)
     end
 
     it 'highlights container registry tab' do
       render
 
-      expect(rendered).to have_css('.sidebar-top-level-items > li.active', text: 'Registry')
+      expect(rendered).to have_css('.sidebar-sub-level-items > li:not(.fly-out-top-item).active', text: 'Container Registry')
     end
   end
 
-- 
cgit v1.2.1


From 1f403720293393f0f0bf6f99476abe4ba79580a4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Mon, 15 Jul 2019 19:15:10 +0200
Subject: Do not authorize with OAuth for CICD only projects

---
 app/controllers/import/github_controller.rb       |  8 ++++++--
 spec/controllers/import/github_controller_spec.rb | 10 ++++++++++
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/app/controllers/import/github_controller.rb b/app/controllers/import/github_controller.rb
index aa4aa0fbdac..ebb50fc8b10 100644
--- a/app/controllers/import/github_controller.rb
+++ b/app/controllers/import/github_controller.rb
@@ -10,7 +10,7 @@ class Import::GithubController < Import::BaseController
   rescue_from Octokit::Unauthorized, with: :provider_unauthorized
 
   def new
-    if github_import_configured? && logged_in_with_provider?
+    if !ci_cd_only? && github_import_configured? && logged_in_with_provider?
       go_to_provider_for_permissions
     elsif session[access_token_key]
       redirect_to status_import_url
@@ -169,11 +169,15 @@ class Import::GithubController < Import::BaseController
   # rubocop: enable CodeReuse/ActiveRecord
 
   def provider_auth
-    if session[access_token_key].blank?
+    if !ci_cd_only? && session[access_token_key].blank?
       go_to_provider_for_permissions
     end
   end
 
+  def ci_cd_only?
+    %w[1 true].include?(params[:ci_cd_only])
+  end
+
   def client_options
     {}
   end
diff --git a/spec/controllers/import/github_controller_spec.rb b/spec/controllers/import/github_controller_spec.rb
index 059354870b5..5675798ac33 100644
--- a/spec/controllers/import/github_controller_spec.rb
+++ b/spec/controllers/import/github_controller_spec.rb
@@ -33,6 +33,16 @@ describe Import::GithubController do
 
       expect(response).to have_http_status(200)
     end
+
+    context 'when importing a CI/CD project' do
+      it 'always prompts for an access token' do
+        allow(controller).to receive(:github_import_configured?).and_return(true)
+
+        get :new, params: { ci_cd_only: true }
+
+        expect(response).to render_template(:new)
+      end
+    end
   end
 
   describe "GET callback" do
-- 
cgit v1.2.1


From 1b102f5d119009575bda43bfc9b0ae8365f67c50 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ma=C5=82gorzata=20Ksionek?= <mksionek@gitlab.com>
Date: Sat, 6 Jul 2019 22:15:13 +0200
Subject: Add basic project extraction

To allow project filtering

Prepare summary for accepting multiple groups

Modify deploys group summary class

Add filtering by project name in issues summary

Fix rubocop offences

Add changelog entry

Change name to id in project filtering

Fix rebase problem

Add project extraction
---
 app/models/cycle_analytics/group_level.rb          |   3 +-
 ...roup-level-analytics-to-accept-multiple-ids.yml |   5 +
 db/schema.rb                                       | 106 +++++++++++----------
 lib/gitlab/cycle_analytics/base_data_extraction.rb |  27 ++++++
 lib/gitlab/cycle_analytics/base_event_fetcher.rb   |  13 +--
 lib/gitlab/cycle_analytics/base_stage.rb           |  13 +--
 lib/gitlab/cycle_analytics/group_stage_summary.rb  |   7 +-
 lib/gitlab/cycle_analytics/summary/group/base.rb   |   3 +-
 lib/gitlab/cycle_analytics/summary/group/deploy.rb |  14 ++-
 lib/gitlab/cycle_analytics/summary/group/issue.rb  |  13 ++-
 .../cycle_analytics/group_stage_summary_spec.rb    |  29 +++++-
 .../lib/gitlab/cycle_analytics/issue_stage_spec.rb |  23 +++++
 12 files changed, 167 insertions(+), 89 deletions(-)
 create mode 100644 changelogs/unreleased/adjust-group-level-analytics-to-accept-multiple-ids.yml
 create mode 100644 lib/gitlab/cycle_analytics/base_data_extraction.rb

diff --git a/app/models/cycle_analytics/group_level.rb b/app/models/cycle_analytics/group_level.rb
index 508cde0ca00..b351ad82f95 100644
--- a/app/models/cycle_analytics/group_level.rb
+++ b/app/models/cycle_analytics/group_level.rb
@@ -13,7 +13,8 @@ module CycleAnalytics
     def summary
       @summary ||= ::Gitlab::CycleAnalytics::GroupStageSummary.new(group,
                                                               from: options[:from],
-                                                              current_user: options[:current_user]).data
+                                                              current_user: options[:current_user],
+                                                              options: options).data
     end
 
     def permissions(*)
diff --git a/changelogs/unreleased/adjust-group-level-analytics-to-accept-multiple-ids.yml b/changelogs/unreleased/adjust-group-level-analytics-to-accept-multiple-ids.yml
new file mode 100644
index 00000000000..a90e73a1410
--- /dev/null
+++ b/changelogs/unreleased/adjust-group-level-analytics-to-accept-multiple-ids.yml
@@ -0,0 +1,5 @@
+---
+title: Adjust group level analytics to accept multiple ids
+merge_request: 30468
+author:
+type: added
diff --git a/db/schema.rb b/db/schema.rb
index 79cd1a3a797..a001b9ba6ac 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -63,7 +63,6 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "updated_at"
     t.string "home_page_url"
     t.integer "default_branch_protection", default: 2
-    t.text "help_text"
     t.text "restricted_visibility_levels"
     t.boolean "version_check_enabled", default: true
     t.integer "max_attachment_size", default: 10, null: false
@@ -105,8 +104,6 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "container_registry_token_expire_delay", default: 5
     t.text "after_sign_up_text"
     t.boolean "user_default_external", default: false, null: false
-    t.boolean "elasticsearch_indexing", default: false, null: false
-    t.boolean "elasticsearch_search", default: false, null: false
     t.string "repository_storages", default: "default"
     t.string "enabled_git_access_protocol"
     t.boolean "domain_blacklist_enabled", default: false
@@ -128,37 +125,18 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "html_emails_enabled", default: true
     t.string "plantuml_url"
     t.boolean "plantuml_enabled"
-    t.integer "shared_runners_minutes", default: 0, null: false
-    t.bigint "repository_size_limit", default: 0
     t.integer "terminal_max_session_time", default: 0, null: false
     t.integer "unique_ips_limit_per_user"
     t.integer "unique_ips_limit_time_window"
     t.boolean "unique_ips_limit_enabled", default: false, null: false
     t.string "default_artifacts_expire_in", default: "0", null: false
-    t.string "elasticsearch_url", default: "http://localhost:9200"
-    t.boolean "elasticsearch_aws", default: false, null: false
-    t.string "elasticsearch_aws_region", default: "us-east-1"
-    t.string "elasticsearch_aws_access_key"
-    t.string "elasticsearch_aws_secret_access_key"
-    t.integer "geo_status_timeout", default: 10
     t.string "uuid"
     t.decimal "polling_interval_multiplier", default: "1.0", null: false
-    t.boolean "elasticsearch_experimental_indexer"
     t.integer "cached_markdown_version"
-    t.boolean "check_namespace_plan", default: false, null: false
-    t.integer "mirror_max_delay", default: 300, null: false
-    t.integer "mirror_max_capacity", default: 100, null: false
-    t.integer "mirror_capacity_threshold", default: 50, null: false
     t.boolean "prometheus_metrics_enabled", default: true, null: false
-    t.boolean "authorized_keys_enabled", default: true, null: false
     t.boolean "help_page_hide_commercial_content", default: false
     t.string "help_page_support_url"
-    t.boolean "slack_app_enabled", default: false
-    t.string "slack_app_id"
-    t.string "slack_app_secret"
-    t.string "slack_app_verification_token"
     t.integer "performance_bar_allowed_group_id"
-    t.boolean "allow_group_owners_to_manage_ldap", default: true, null: false
     t.boolean "hashed_storage_enabled", default: true, null: false
     t.boolean "project_export_enabled", default: true, null: false
     t.boolean "auto_devops_enabled", default: true, null: false
@@ -171,38 +149,22 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "throttle_authenticated_web_enabled", default: false, null: false
     t.integer "throttle_authenticated_web_requests_per_period", default: 7200, null: false
     t.integer "throttle_authenticated_web_period_in_seconds", default: 3600, null: false
+    t.boolean "password_authentication_enabled_for_web"
+    t.boolean "password_authentication_enabled_for_git", default: true, null: false
     t.integer "gitaly_timeout_default", default: 55, null: false
     t.integer "gitaly_timeout_medium", default: 30, null: false
     t.integer "gitaly_timeout_fast", default: 10, null: false
-    t.boolean "mirror_available", default: true, null: false
-    t.boolean "password_authentication_enabled_for_web"
-    t.boolean "password_authentication_enabled_for_git", default: true, null: false
+    t.boolean "authorized_keys_enabled", default: true, null: false
     t.string "auto_devops_domain"
-    t.boolean "external_authorization_service_enabled", default: false, null: false
-    t.string "external_authorization_service_url"
-    t.string "external_authorization_service_default_label"
     t.boolean "pages_domain_verification_enabled", default: true, null: false
     t.string "user_default_internal_regex"
     t.boolean "allow_local_requests_from_hooks_and_services", default: false, null: false
-    t.float "external_authorization_service_timeout", default: 0.5
-    t.text "external_auth_client_cert"
-    t.text "encrypted_external_auth_client_key"
-    t.string "encrypted_external_auth_client_key_iv"
-    t.string "encrypted_external_auth_client_key_pass"
-    t.string "encrypted_external_auth_client_key_pass_iv"
-    t.string "email_additional_text"
     t.boolean "enforce_terms", default: false
-    t.integer "file_template_project_id"
-    t.boolean "pseudonymizer_enabled", default: false, null: false
+    t.boolean "mirror_available", default: true, null: false
     t.boolean "hide_third_party_offers", default: false, null: false
-    t.boolean "snowplow_enabled", default: false, null: false
-    t.string "snowplow_collector_uri"
-    t.string "snowplow_site_id"
-    t.string "snowplow_cookie_domain"
     t.boolean "instance_statistics_visibility_private", default: false, null: false
     t.boolean "web_ide_clientside_preview_enabled", default: false, null: false
     t.boolean "user_show_add_ssh_key_message", default: true, null: false
-    t.integer "custom_project_templates_group_id"
     t.integer "usage_stats_set_by_user_id"
     t.integer "receive_max_input_size"
     t.integer "diff_max_patch_bytes", default: 102400, null: false
@@ -212,21 +174,59 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "runners_registration_token_encrypted"
     t.integer "local_markdown_version", default: 0, null: false
     t.integer "first_day_of_week", default: 0, null: false
-    t.boolean "elasticsearch_limit_indexing", default: false, null: false
     t.integer "default_project_creation", default: 2, null: false
+    t.boolean "external_authorization_service_enabled", default: false, null: false
+    t.string "external_authorization_service_url"
+    t.string "external_authorization_service_default_label"
+    t.float "external_authorization_service_timeout", default: 0.5
+    t.text "external_auth_client_cert"
+    t.text "encrypted_external_auth_client_key"
+    t.string "encrypted_external_auth_client_key_iv"
+    t.string "encrypted_external_auth_client_key_pass"
+    t.string "encrypted_external_auth_client_key_pass_iv"
     t.string "lets_encrypt_notification_email"
     t.boolean "lets_encrypt_terms_of_service_accepted", default: false, null: false
-    t.string "geo_node_allowed_ips", default: "0.0.0.0/0, ::/0"
     t.integer "elasticsearch_shards", default: 5, null: false
     t.integer "elasticsearch_replicas", default: 1, null: false
     t.text "encrypted_lets_encrypt_private_key"
     t.text "encrypted_lets_encrypt_private_key_iv"
-    t.string "required_instance_ci_template"
     t.boolean "dns_rebinding_protection_enabled", default: true, null: false
     t.boolean "default_project_deletion_protection", default: false, null: false
-    t.boolean "grafana_enabled", default: false, null: false
+    t.text "help_text"
+    t.boolean "elasticsearch_indexing", default: false, null: false
+    t.boolean "elasticsearch_search", default: false, null: false
+    t.integer "shared_runners_minutes", default: 0, null: false
+    t.bigint "repository_size_limit", default: 0
+    t.string "elasticsearch_url", default: "http://localhost:9200"
+    t.boolean "elasticsearch_aws", default: false, null: false
+    t.string "elasticsearch_aws_region", default: "us-east-1"
+    t.string "elasticsearch_aws_access_key"
+    t.string "elasticsearch_aws_secret_access_key"
+    t.integer "geo_status_timeout", default: 10
+    t.boolean "elasticsearch_experimental_indexer"
+    t.boolean "check_namespace_plan", default: false, null: false
+    t.integer "mirror_max_delay", default: 300, null: false
+    t.integer "mirror_max_capacity", default: 100, null: false
+    t.integer "mirror_capacity_threshold", default: 50, null: false
+    t.boolean "slack_app_enabled", default: false
+    t.string "slack_app_id"
+    t.string "slack_app_secret"
+    t.string "slack_app_verification_token"
+    t.boolean "allow_group_owners_to_manage_ldap", default: true, null: false
+    t.string "email_additional_text"
+    t.integer "file_template_project_id"
+    t.boolean "pseudonymizer_enabled", default: false, null: false
+    t.boolean "snowplow_enabled", default: false, null: false
+    t.string "snowplow_collector_uri"
+    t.string "snowplow_site_id"
+    t.string "snowplow_cookie_domain"
+    t.integer "custom_project_templates_group_id"
+    t.boolean "elasticsearch_limit_indexing", default: false, null: false
+    t.string "geo_node_allowed_ips", default: "0.0.0.0/0, ::/0"
+    t.string "required_instance_ci_template"
     t.boolean "lock_memberships_to_ldap", default: false, null: false
     t.boolean "time_tracking_limit_to_hours", default: false, null: false
+    t.boolean "grafana_enabled", default: false, null: false
     t.string "grafana_url", default: "/-/grafana", null: false
     t.index ["custom_project_templates_group_id"], name: "index_application_settings_on_custom_project_templates_group_id", using: :btree
     t.index ["file_template_project_id"], name: "index_application_settings_on_file_template_project_id", using: :btree
@@ -407,10 +407,10 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "project_id"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.string "name", default: "Development", null: false
-    t.integer "milestone_id"
     t.integer "group_id"
+    t.integer "milestone_id"
     t.integer "weight"
+    t.string "name", default: "Development", null: false
     t.index ["group_id"], name: "index_boards_on_group_id", using: :btree
     t.index ["milestone_id"], name: "index_boards_on_milestone_id", using: :btree
     t.index ["project_id"], name: "index_boards_on_project_id", using: :btree
@@ -611,7 +611,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.index ["pipeline_id"], name: "index_ci_pipeline_chat_data_on_pipeline_id", unique: true, using: :btree
   end
 
-  create_table "ci_pipeline_schedule_variables", force: :cascade do |t|
+  create_table "ci_pipeline_schedule_variables", id: :serial, force: :cascade do |t|
     t.string "key", null: false
     t.text "value"
     t.text "encrypted_value"
@@ -1865,7 +1865,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.index ["user_id"], name: "index_members_on_user_id", using: :btree
   end
 
-  create_table "merge_request_assignees", force: :cascade do |t|
+  create_table "merge_request_assignees", id: :serial, force: :cascade do |t|
     t.integer "user_id", null: false
     t.integer "merge_request_id", null: false
     t.index ["merge_request_id", "user_id"], name: "index_merge_request_assignees_on_merge_request_id_and_user_id", unique: true, using: :btree
@@ -2101,8 +2101,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "cached_markdown_version"
     t.string "runners_token"
     t.string "runners_token_encrypted"
-    t.integer "project_creation_level"
     t.boolean "auto_devops_enabled"
+    t.integer "project_creation_level"
     t.datetime_with_timezone "last_ci_minutes_notification_at"
     t.integer "custom_project_templates_group_id"
     t.integer "file_template_project_id"
@@ -2534,7 +2534,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.index ["project_id"], name: "index_project_import_data_on_project_id", using: :btree
   end
 
-  create_table "project_incident_management_settings", primary_key: "project_id", id: :serial, force: :cascade do |t|
+  create_table "project_incident_management_settings", primary_key: "project_id", id: :integer, default: nil, force: :cascade do |t|
     t.boolean "create_issue", default: true, null: false
     t.boolean "send_email", default: false, null: false
     t.text "issue_template_key"
@@ -2885,6 +2885,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
     t.index ["path"], name: "index_redirect_routes_on_path", unique: true, using: :btree
+    t.index ["path"], name: "index_redirect_routes_on_path_text_pattern_ops", using: :btree, opclasses: {"path"=>"varchar_pattern_ops"}
     t.index ["source_type", "source_id"], name: "index_redirect_routes_on_source_type_and_source_id", using: :btree
   end
 
@@ -3304,6 +3305,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "timezone"
     t.boolean "time_display_relative"
     t.boolean "time_format_in_24h"
+    t.string "timezone_name"
     t.integer "epic_notes_filter", limit: 2, default: 0, null: false
     t.string "epics_sort"
     t.integer "roadmap_epics_state"
diff --git a/lib/gitlab/cycle_analytics/base_data_extraction.rb b/lib/gitlab/cycle_analytics/base_data_extraction.rb
new file mode 100644
index 00000000000..deadf47f146
--- /dev/null
+++ b/lib/gitlab/cycle_analytics/base_data_extraction.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module CycleAnalytics
+    module BaseDataExtraction
+      private
+
+      def projects
+        group ? extract_projects(options) : [project]
+      end
+
+      def group
+        @group ||= options.fetch(:group, nil)
+      end
+
+      def project
+        @project ||= options.fetch(:project, nil)
+      end
+
+      def extract_projects(options)
+        projects = Project.inside_path(group.full_path)
+        projects = projects.where(id: options[:projects]) if options[:projects]
+        projects
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/cycle_analytics/base_event_fetcher.rb b/lib/gitlab/cycle_analytics/base_event_fetcher.rb
index 96aa799e864..0f5186e06e7 100644
--- a/lib/gitlab/cycle_analytics/base_event_fetcher.rb
+++ b/lib/gitlab/cycle_analytics/base_event_fetcher.rb
@@ -4,6 +4,7 @@ module Gitlab
   module CycleAnalytics
     class BaseEventFetcher
       include BaseQuery
+      include BaseDataExtraction
 
       attr_reader :projections, :query, :stage, :order, :options
 
@@ -73,18 +74,6 @@ module Gitlab
       def serialization_context
         {}
       end
-
-      def projects
-        group ? Project.inside_path(group.full_path) : [project]
-      end
-
-      def group
-        @group ||= options.fetch(:group, nil)
-      end
-
-      def project
-        @project ||= options.fetch(:project, nil)
-      end
     end
   end
 end
diff --git a/lib/gitlab/cycle_analytics/base_stage.rb b/lib/gitlab/cycle_analytics/base_stage.rb
index 678a891e941..e641bed704b 100644
--- a/lib/gitlab/cycle_analytics/base_stage.rb
+++ b/lib/gitlab/cycle_analytics/base_stage.rb
@@ -4,6 +4,7 @@ module Gitlab
   module CycleAnalytics
     class BaseStage
       include BaseQuery
+      include BaseDataExtraction
 
       attr_reader :options
 
@@ -77,18 +78,6 @@ module Gitlab
       def event_options
         options.merge(start_time_attrs: start_time_attrs, end_time_attrs: end_time_attrs)
       end
-
-      def projects
-        group ? Project.inside_path(group.full_path) : [project]
-      end
-
-      def group
-        @group ||= options.fetch(:group, nil)
-      end
-
-      def project
-        @project ||= options.fetch(:project, nil)
-      end
     end
   end
 end
diff --git a/lib/gitlab/cycle_analytics/group_stage_summary.rb b/lib/gitlab/cycle_analytics/group_stage_summary.rb
index 7b5c74e1a1b..f867d511f65 100644
--- a/lib/gitlab/cycle_analytics/group_stage_summary.rb
+++ b/lib/gitlab/cycle_analytics/group_stage_summary.rb
@@ -3,15 +3,16 @@
 module Gitlab
   module CycleAnalytics
     class GroupStageSummary
-      def initialize(group, from:, current_user:)
+      def initialize(group, from:, current_user:, options:)
         @group = group
         @from = from
         @current_user = current_user
+        @options = options
       end
 
       def data
-        [serialize(Summary::Group::Issue.new(group: @group, from: @from, current_user: @current_user)),
-         serialize(Summary::Group::Deploy.new(group: @group, from: @from))]
+        [serialize(Summary::Group::Issue.new(group: @group, from: @from, current_user: @current_user, options: @options)),
+         serialize(Summary::Group::Deploy.new(group: @group, from: @from, options: @options))]
       end
 
       private
diff --git a/lib/gitlab/cycle_analytics/summary/group/base.rb b/lib/gitlab/cycle_analytics/summary/group/base.rb
index 7f18b61d309..d147879ace4 100644
--- a/lib/gitlab/cycle_analytics/summary/group/base.rb
+++ b/lib/gitlab/cycle_analytics/summary/group/base.rb
@@ -5,9 +5,10 @@ module Gitlab
     module Summary
       module Group
         class Base
-          def initialize(group:, from:)
+          def initialize(group:, from:, options:)
             @group = group
             @from = from
+            @options = options
           end
 
           def title
diff --git a/lib/gitlab/cycle_analytics/summary/group/deploy.rb b/lib/gitlab/cycle_analytics/summary/group/deploy.rb
index d8fcd8f2ce4..ec0b23e770d 100644
--- a/lib/gitlab/cycle_analytics/summary/group/deploy.rb
+++ b/lib/gitlab/cycle_analytics/summary/group/deploy.rb
@@ -10,15 +10,19 @@ module Gitlab
           end
 
           def value
-            @value ||= Deployment.joins(:project)
-              .where(projects: { id: projects })
-              .where("deployments.created_at > ?", @from)
-              .success
-              .count
+            @value ||= find_deployments
           end
 
           private
 
+          def find_deployments
+            deployments = Deployment.joins(:project)
+              .where(projects: { id: projects })
+              .where("deployments.created_at > ?", @from)
+            deployments = deployments.where(projects: { id: @options[:projects] }) if @options[:projects]
+            deployments.success.count
+          end
+
           def projects
             Project.inside_path(@group.full_path).ids
           end
diff --git a/lib/gitlab/cycle_analytics/summary/group/issue.rb b/lib/gitlab/cycle_analytics/summary/group/issue.rb
index 70073e6d843..5df508efa78 100644
--- a/lib/gitlab/cycle_analytics/summary/group/issue.rb
+++ b/lib/gitlab/cycle_analytics/summary/group/issue.rb
@@ -5,10 +5,11 @@ module Gitlab
     module Summary
       module Group
         class Issue < Group::Base
-          def initialize(group:, from:, current_user:)
+          def initialize(group:, from:, current_user:, options:)
             @group = group
             @from = from
             @current_user = current_user
+            @options = options
           end
 
           def title
@@ -16,7 +17,15 @@ module Gitlab
           end
 
           def value
-            @value ||= IssuesFinder.new(@current_user, group_id: @group.id, include_subgroups: true, created_after: @from).execute.count
+            @value ||= find_issues
+          end
+
+          private
+
+          def find_issues
+            issues = IssuesFinder.new(@current_user, group_id: @group.id, include_subgroups: true, created_after: @from).execute
+            issues = issues.where(projects: { id: @options[:projects] }) if @options[:projects]
+            issues.count
           end
         end
       end
diff --git a/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb b/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
index eea4f33ccb8..d4dd52ec092 100644
--- a/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
@@ -8,7 +8,7 @@ describe Gitlab::CycleAnalytics::GroupStageSummary do
   let(:from) { 1.day.ago }
   let(:user) { create(:user, :admin) }
 
-  subject { described_class.new(group, from: Time.now, current_user: user).data }
+  subject { described_class.new(group, from: Time.now, current_user: user, options: {}).data }
 
   describe "#new_issues" do
     context 'with from date' do
@@ -32,6 +32,18 @@ describe Gitlab::CycleAnalytics::GroupStageSummary do
           expect(subject.first[:value]).to eq(3)
         end
       end
+
+      context 'with projects specified in options' do
+        before do
+          Timecop.freeze(5.days.from_now) { create(:issue, project: create(:project, namespace: group)) }
+        end
+
+        subject { described_class.new(group, from: Time.now, current_user: user, options: { projects: [project.id, project_2.id] }).data }
+
+        it 'finds issues from those projects' do
+          expect(subject.first[:value]).to eq(2)
+        end
+      end
     end
 
     context 'with other projects' do
@@ -71,6 +83,20 @@ describe Gitlab::CycleAnalytics::GroupStageSummary do
           expect(subject.second[:value]).to eq(3)
         end
       end
+
+      context 'with projects specified in options' do
+        before do
+          Timecop.freeze(5.days.from_now) do
+            create(:deployment, :success, project: create(:project, :repository, namespace: group, name: 'not_applicable'))
+          end
+        end
+
+        subject { described_class.new(group, from: Time.now, current_user: user, options: { projects: [project.id, project_2.id] }).data }
+
+        it 'shows deploys from those projects' do
+          expect(subject.second[:value]).to eq(2)
+        end
+      end
     end
 
     context 'with other projects' do
@@ -84,5 +110,6 @@ describe Gitlab::CycleAnalytics::GroupStageSummary do
         expect(subject.second[:value]).to eq(0)
       end
     end
+
   end
 end
diff --git a/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb
index ffd0b84cb57..1052ee69830 100644
--- a/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb
@@ -71,6 +71,29 @@ describe Gitlab::CycleAnalytics::IssueStage do
       end
     end
 
+    context 'when only part of projects is chosen' do
+      let(:stage) { described_class.new(options: { from: 2.days.ago, current_user: user, group: group, projects: [project_2.id] }) }
+
+      describe '#group_median' do
+        around do |example|
+          Timecop.freeze { example.run }
+        end
+
+        it 'counts median from issues with metrics' do
+          expect(stage.group_median).to eq(ISSUES_MEDIAN)
+        end
+      end
+
+      describe '#events' do
+        it 'exposes merge requests that close issues' do
+          result = stage.events
+
+          expect(result.count).to eq(1)
+          expect(result.map { |event| event[:title] }).to contain_exactly(issue_2_1.title)
+        end
+      end
+    end
+
     context 'when subgroup is given' do
       let(:subgroup) { create(:group, parent: group) }
       let(:project_4) { create(:project, group: subgroup) }
-- 
cgit v1.2.1


From f70d931b88829585da7915b11bd4775297b6dac9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ma=C5=82gorzata=20Ksionek?= <mksionek@gitlab.com>
Date: Mon, 15 Jul 2019 16:28:52 +0200
Subject: Fix changelog merge request number

---
 .../unreleased/adjust-group-level-analytics-to-accept-multiple-ids.yml  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changelogs/unreleased/adjust-group-level-analytics-to-accept-multiple-ids.yml b/changelogs/unreleased/adjust-group-level-analytics-to-accept-multiple-ids.yml
index a90e73a1410..5e138e1059c 100644
--- a/changelogs/unreleased/adjust-group-level-analytics-to-accept-multiple-ids.yml
+++ b/changelogs/unreleased/adjust-group-level-analytics-to-accept-multiple-ids.yml
@@ -1,5 +1,5 @@
 ---
 title: Adjust group level analytics to accept multiple ids
-merge_request: 30468
+merge_request: 30744
 author:
 type: added
-- 
cgit v1.2.1


From 5ce4236b66465c4edd8edb87e8f9661fdb4ca8c2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ma=C5=82gorzata=20Ksionek?= <mksionek@gitlab.com>
Date: Thu, 18 Jul 2019 16:07:36 +0200
Subject: Add code review remarks

Add cr remarks

Improve specs according to the review

Fix schema

Add cr remarks

Fix naming

Add cr remarks
---
 app/models/cycle_analytics/group_level.rb          |   5 +-
 db/schema.rb                                       | 106 ++++++++++-----------
 lib/gitlab/cycle_analytics/base_data_extraction.rb |  27 ------
 lib/gitlab/cycle_analytics/base_event_fetcher.rb   |   2 +-
 lib/gitlab/cycle_analytics/base_stage.rb           |   2 +-
 .../cycle_analytics/group_projects_provider.rb     |  27 ++++++
 lib/gitlab/cycle_analytics/group_stage_summary.rb  |  12 ++-
 lib/gitlab/cycle_analytics/summary/group/base.rb   |   2 +
 lib/gitlab/cycle_analytics/summary/group/deploy.rb |  11 +--
 lib/gitlab/cycle_analytics/summary/group/issue.rb  |   6 +-
 .../cycle_analytics/group_stage_summary_spec.rb    |   7 +-
 .../lib/gitlab/cycle_analytics/issue_stage_spec.rb |   8 +-
 12 files changed, 106 insertions(+), 109 deletions(-)
 delete mode 100644 lib/gitlab/cycle_analytics/base_data_extraction.rb
 create mode 100644 lib/gitlab/cycle_analytics/group_projects_provider.rb

diff --git a/app/models/cycle_analytics/group_level.rb b/app/models/cycle_analytics/group_level.rb
index b351ad82f95..a41e1375484 100644
--- a/app/models/cycle_analytics/group_level.rb
+++ b/app/models/cycle_analytics/group_level.rb
@@ -11,10 +11,7 @@ module CycleAnalytics
     end
 
     def summary
-      @summary ||= ::Gitlab::CycleAnalytics::GroupStageSummary.new(group,
-                                                              from: options[:from],
-                                                              current_user: options[:current_user],
-                                                              options: options).data
+      @summary ||= ::Gitlab::CycleAnalytics::GroupStageSummary.new(group, options: options).data
     end
 
     def permissions(*)
diff --git a/db/schema.rb b/db/schema.rb
index a001b9ba6ac..79cd1a3a797 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -63,6 +63,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "updated_at"
     t.string "home_page_url"
     t.integer "default_branch_protection", default: 2
+    t.text "help_text"
     t.text "restricted_visibility_levels"
     t.boolean "version_check_enabled", default: true
     t.integer "max_attachment_size", default: 10, null: false
@@ -104,6 +105,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "container_registry_token_expire_delay", default: 5
     t.text "after_sign_up_text"
     t.boolean "user_default_external", default: false, null: false
+    t.boolean "elasticsearch_indexing", default: false, null: false
+    t.boolean "elasticsearch_search", default: false, null: false
     t.string "repository_storages", default: "default"
     t.string "enabled_git_access_protocol"
     t.boolean "domain_blacklist_enabled", default: false
@@ -125,18 +128,37 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "html_emails_enabled", default: true
     t.string "plantuml_url"
     t.boolean "plantuml_enabled"
+    t.integer "shared_runners_minutes", default: 0, null: false
+    t.bigint "repository_size_limit", default: 0
     t.integer "terminal_max_session_time", default: 0, null: false
     t.integer "unique_ips_limit_per_user"
     t.integer "unique_ips_limit_time_window"
     t.boolean "unique_ips_limit_enabled", default: false, null: false
     t.string "default_artifacts_expire_in", default: "0", null: false
+    t.string "elasticsearch_url", default: "http://localhost:9200"
+    t.boolean "elasticsearch_aws", default: false, null: false
+    t.string "elasticsearch_aws_region", default: "us-east-1"
+    t.string "elasticsearch_aws_access_key"
+    t.string "elasticsearch_aws_secret_access_key"
+    t.integer "geo_status_timeout", default: 10
     t.string "uuid"
     t.decimal "polling_interval_multiplier", default: "1.0", null: false
+    t.boolean "elasticsearch_experimental_indexer"
     t.integer "cached_markdown_version"
+    t.boolean "check_namespace_plan", default: false, null: false
+    t.integer "mirror_max_delay", default: 300, null: false
+    t.integer "mirror_max_capacity", default: 100, null: false
+    t.integer "mirror_capacity_threshold", default: 50, null: false
     t.boolean "prometheus_metrics_enabled", default: true, null: false
+    t.boolean "authorized_keys_enabled", default: true, null: false
     t.boolean "help_page_hide_commercial_content", default: false
     t.string "help_page_support_url"
+    t.boolean "slack_app_enabled", default: false
+    t.string "slack_app_id"
+    t.string "slack_app_secret"
+    t.string "slack_app_verification_token"
     t.integer "performance_bar_allowed_group_id"
+    t.boolean "allow_group_owners_to_manage_ldap", default: true, null: false
     t.boolean "hashed_storage_enabled", default: true, null: false
     t.boolean "project_export_enabled", default: true, null: false
     t.boolean "auto_devops_enabled", default: true, null: false
@@ -149,22 +171,38 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "throttle_authenticated_web_enabled", default: false, null: false
     t.integer "throttle_authenticated_web_requests_per_period", default: 7200, null: false
     t.integer "throttle_authenticated_web_period_in_seconds", default: 3600, null: false
-    t.boolean "password_authentication_enabled_for_web"
-    t.boolean "password_authentication_enabled_for_git", default: true, null: false
     t.integer "gitaly_timeout_default", default: 55, null: false
     t.integer "gitaly_timeout_medium", default: 30, null: false
     t.integer "gitaly_timeout_fast", default: 10, null: false
-    t.boolean "authorized_keys_enabled", default: true, null: false
+    t.boolean "mirror_available", default: true, null: false
+    t.boolean "password_authentication_enabled_for_web"
+    t.boolean "password_authentication_enabled_for_git", default: true, null: false
     t.string "auto_devops_domain"
+    t.boolean "external_authorization_service_enabled", default: false, null: false
+    t.string "external_authorization_service_url"
+    t.string "external_authorization_service_default_label"
     t.boolean "pages_domain_verification_enabled", default: true, null: false
     t.string "user_default_internal_regex"
     t.boolean "allow_local_requests_from_hooks_and_services", default: false, null: false
+    t.float "external_authorization_service_timeout", default: 0.5
+    t.text "external_auth_client_cert"
+    t.text "encrypted_external_auth_client_key"
+    t.string "encrypted_external_auth_client_key_iv"
+    t.string "encrypted_external_auth_client_key_pass"
+    t.string "encrypted_external_auth_client_key_pass_iv"
+    t.string "email_additional_text"
     t.boolean "enforce_terms", default: false
-    t.boolean "mirror_available", default: true, null: false
+    t.integer "file_template_project_id"
+    t.boolean "pseudonymizer_enabled", default: false, null: false
     t.boolean "hide_third_party_offers", default: false, null: false
+    t.boolean "snowplow_enabled", default: false, null: false
+    t.string "snowplow_collector_uri"
+    t.string "snowplow_site_id"
+    t.string "snowplow_cookie_domain"
     t.boolean "instance_statistics_visibility_private", default: false, null: false
     t.boolean "web_ide_clientside_preview_enabled", default: false, null: false
     t.boolean "user_show_add_ssh_key_message", default: true, null: false
+    t.integer "custom_project_templates_group_id"
     t.integer "usage_stats_set_by_user_id"
     t.integer "receive_max_input_size"
     t.integer "diff_max_patch_bytes", default: 102400, null: false
@@ -174,59 +212,21 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "runners_registration_token_encrypted"
     t.integer "local_markdown_version", default: 0, null: false
     t.integer "first_day_of_week", default: 0, null: false
+    t.boolean "elasticsearch_limit_indexing", default: false, null: false
     t.integer "default_project_creation", default: 2, null: false
-    t.boolean "external_authorization_service_enabled", default: false, null: false
-    t.string "external_authorization_service_url"
-    t.string "external_authorization_service_default_label"
-    t.float "external_authorization_service_timeout", default: 0.5
-    t.text "external_auth_client_cert"
-    t.text "encrypted_external_auth_client_key"
-    t.string "encrypted_external_auth_client_key_iv"
-    t.string "encrypted_external_auth_client_key_pass"
-    t.string "encrypted_external_auth_client_key_pass_iv"
     t.string "lets_encrypt_notification_email"
     t.boolean "lets_encrypt_terms_of_service_accepted", default: false, null: false
+    t.string "geo_node_allowed_ips", default: "0.0.0.0/0, ::/0"
     t.integer "elasticsearch_shards", default: 5, null: false
     t.integer "elasticsearch_replicas", default: 1, null: false
     t.text "encrypted_lets_encrypt_private_key"
     t.text "encrypted_lets_encrypt_private_key_iv"
+    t.string "required_instance_ci_template"
     t.boolean "dns_rebinding_protection_enabled", default: true, null: false
     t.boolean "default_project_deletion_protection", default: false, null: false
-    t.text "help_text"
-    t.boolean "elasticsearch_indexing", default: false, null: false
-    t.boolean "elasticsearch_search", default: false, null: false
-    t.integer "shared_runners_minutes", default: 0, null: false
-    t.bigint "repository_size_limit", default: 0
-    t.string "elasticsearch_url", default: "http://localhost:9200"
-    t.boolean "elasticsearch_aws", default: false, null: false
-    t.string "elasticsearch_aws_region", default: "us-east-1"
-    t.string "elasticsearch_aws_access_key"
-    t.string "elasticsearch_aws_secret_access_key"
-    t.integer "geo_status_timeout", default: 10
-    t.boolean "elasticsearch_experimental_indexer"
-    t.boolean "check_namespace_plan", default: false, null: false
-    t.integer "mirror_max_delay", default: 300, null: false
-    t.integer "mirror_max_capacity", default: 100, null: false
-    t.integer "mirror_capacity_threshold", default: 50, null: false
-    t.boolean "slack_app_enabled", default: false
-    t.string "slack_app_id"
-    t.string "slack_app_secret"
-    t.string "slack_app_verification_token"
-    t.boolean "allow_group_owners_to_manage_ldap", default: true, null: false
-    t.string "email_additional_text"
-    t.integer "file_template_project_id"
-    t.boolean "pseudonymizer_enabled", default: false, null: false
-    t.boolean "snowplow_enabled", default: false, null: false
-    t.string "snowplow_collector_uri"
-    t.string "snowplow_site_id"
-    t.string "snowplow_cookie_domain"
-    t.integer "custom_project_templates_group_id"
-    t.boolean "elasticsearch_limit_indexing", default: false, null: false
-    t.string "geo_node_allowed_ips", default: "0.0.0.0/0, ::/0"
-    t.string "required_instance_ci_template"
+    t.boolean "grafana_enabled", default: false, null: false
     t.boolean "lock_memberships_to_ldap", default: false, null: false
     t.boolean "time_tracking_limit_to_hours", default: false, null: false
-    t.boolean "grafana_enabled", default: false, null: false
     t.string "grafana_url", default: "/-/grafana", null: false
     t.index ["custom_project_templates_group_id"], name: "index_application_settings_on_custom_project_templates_group_id", using: :btree
     t.index ["file_template_project_id"], name: "index_application_settings_on_file_template_project_id", using: :btree
@@ -407,10 +407,10 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "project_id"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.integer "group_id"
+    t.string "name", default: "Development", null: false
     t.integer "milestone_id"
+    t.integer "group_id"
     t.integer "weight"
-    t.string "name", default: "Development", null: false
     t.index ["group_id"], name: "index_boards_on_group_id", using: :btree
     t.index ["milestone_id"], name: "index_boards_on_milestone_id", using: :btree
     t.index ["project_id"], name: "index_boards_on_project_id", using: :btree
@@ -611,7 +611,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.index ["pipeline_id"], name: "index_ci_pipeline_chat_data_on_pipeline_id", unique: true, using: :btree
   end
 
-  create_table "ci_pipeline_schedule_variables", id: :serial, force: :cascade do |t|
+  create_table "ci_pipeline_schedule_variables", force: :cascade do |t|
     t.string "key", null: false
     t.text "value"
     t.text "encrypted_value"
@@ -1865,7 +1865,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.index ["user_id"], name: "index_members_on_user_id", using: :btree
   end
 
-  create_table "merge_request_assignees", id: :serial, force: :cascade do |t|
+  create_table "merge_request_assignees", force: :cascade do |t|
     t.integer "user_id", null: false
     t.integer "merge_request_id", null: false
     t.index ["merge_request_id", "user_id"], name: "index_merge_request_assignees_on_merge_request_id_and_user_id", unique: true, using: :btree
@@ -2101,8 +2101,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "cached_markdown_version"
     t.string "runners_token"
     t.string "runners_token_encrypted"
-    t.boolean "auto_devops_enabled"
     t.integer "project_creation_level"
+    t.boolean "auto_devops_enabled"
     t.datetime_with_timezone "last_ci_minutes_notification_at"
     t.integer "custom_project_templates_group_id"
     t.integer "file_template_project_id"
@@ -2534,7 +2534,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.index ["project_id"], name: "index_project_import_data_on_project_id", using: :btree
   end
 
-  create_table "project_incident_management_settings", primary_key: "project_id", id: :integer, default: nil, force: :cascade do |t|
+  create_table "project_incident_management_settings", primary_key: "project_id", id: :serial, force: :cascade do |t|
     t.boolean "create_issue", default: true, null: false
     t.boolean "send_email", default: false, null: false
     t.text "issue_template_key"
@@ -2885,7 +2885,6 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
     t.index ["path"], name: "index_redirect_routes_on_path", unique: true, using: :btree
-    t.index ["path"], name: "index_redirect_routes_on_path_text_pattern_ops", using: :btree, opclasses: {"path"=>"varchar_pattern_ops"}
     t.index ["source_type", "source_id"], name: "index_redirect_routes_on_source_type_and_source_id", using: :btree
   end
 
@@ -3305,7 +3304,6 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "timezone"
     t.boolean "time_display_relative"
     t.boolean "time_format_in_24h"
-    t.string "timezone_name"
     t.integer "epic_notes_filter", limit: 2, default: 0, null: false
     t.string "epics_sort"
     t.integer "roadmap_epics_state"
diff --git a/lib/gitlab/cycle_analytics/base_data_extraction.rb b/lib/gitlab/cycle_analytics/base_data_extraction.rb
deleted file mode 100644
index deadf47f146..00000000000
--- a/lib/gitlab/cycle_analytics/base_data_extraction.rb
+++ /dev/null
@@ -1,27 +0,0 @@
-# frozen_string_literal: true
-
-module Gitlab
-  module CycleAnalytics
-    module BaseDataExtraction
-      private
-
-      def projects
-        group ? extract_projects(options) : [project]
-      end
-
-      def group
-        @group ||= options.fetch(:group, nil)
-      end
-
-      def project
-        @project ||= options.fetch(:project, nil)
-      end
-
-      def extract_projects(options)
-        projects = Project.inside_path(group.full_path)
-        projects = projects.where(id: options[:projects]) if options[:projects]
-        projects
-      end
-    end
-  end
-end
diff --git a/lib/gitlab/cycle_analytics/base_event_fetcher.rb b/lib/gitlab/cycle_analytics/base_event_fetcher.rb
index 0f5186e06e7..07ae430c45e 100644
--- a/lib/gitlab/cycle_analytics/base_event_fetcher.rb
+++ b/lib/gitlab/cycle_analytics/base_event_fetcher.rb
@@ -4,7 +4,7 @@ module Gitlab
   module CycleAnalytics
     class BaseEventFetcher
       include BaseQuery
-      include BaseDataExtraction
+      include GroupProjectsProvider
 
       attr_reader :projections, :query, :stage, :order, :options
 
diff --git a/lib/gitlab/cycle_analytics/base_stage.rb b/lib/gitlab/cycle_analytics/base_stage.rb
index e641bed704b..1cd54238bb4 100644
--- a/lib/gitlab/cycle_analytics/base_stage.rb
+++ b/lib/gitlab/cycle_analytics/base_stage.rb
@@ -4,7 +4,7 @@ module Gitlab
   module CycleAnalytics
     class BaseStage
       include BaseQuery
-      include BaseDataExtraction
+      include GroupProjectsProvider
 
       attr_reader :options
 
diff --git a/lib/gitlab/cycle_analytics/group_projects_provider.rb b/lib/gitlab/cycle_analytics/group_projects_provider.rb
new file mode 100644
index 00000000000..1287a48daaa
--- /dev/null
+++ b/lib/gitlab/cycle_analytics/group_projects_provider.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module CycleAnalytics
+    module GroupProjectsProvider
+      def projects
+        group ? projects_for_group : [project]
+      end
+
+      def group
+        @group ||= options.fetch(:group, nil)
+      end
+
+      def project
+        @project ||= options.fetch(:project, nil)
+      end
+
+      private
+
+      def projects_for_group
+        projects = Project.inside_path(group.full_path)
+        projects = projects.where(id: options[:projects]) if options[:projects]
+        projects
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/cycle_analytics/group_stage_summary.rb b/lib/gitlab/cycle_analytics/group_stage_summary.rb
index f867d511f65..a1fc941495d 100644
--- a/lib/gitlab/cycle_analytics/group_stage_summary.rb
+++ b/lib/gitlab/cycle_analytics/group_stage_summary.rb
@@ -3,16 +3,18 @@
 module Gitlab
   module CycleAnalytics
     class GroupStageSummary
-      def initialize(group, from:, current_user:, options:)
+      attr_reader :group, :from, :current_user, :options
+
+      def initialize(group, options:)
         @group = group
-        @from = from
-        @current_user = current_user
+        @from = options[:from]
+        @current_user = options[:current_user]
         @options = options
       end
 
       def data
-        [serialize(Summary::Group::Issue.new(group: @group, from: @from, current_user: @current_user, options: @options)),
-         serialize(Summary::Group::Deploy.new(group: @group, from: @from, options: @options))]
+        [serialize(Summary::Group::Issue.new(group: group, from: from, current_user: current_user, options: options)),
+         serialize(Summary::Group::Deploy.new(group: group, from: from, options: options))]
       end
 
       private
diff --git a/lib/gitlab/cycle_analytics/summary/group/base.rb b/lib/gitlab/cycle_analytics/summary/group/base.rb
index d147879ace4..48d8164bde1 100644
--- a/lib/gitlab/cycle_analytics/summary/group/base.rb
+++ b/lib/gitlab/cycle_analytics/summary/group/base.rb
@@ -5,6 +5,8 @@ module Gitlab
     module Summary
       module Group
         class Base
+          attr_reader :group, :from, :options
+
           def initialize(group:, from:, options:)
             @group = group
             @from = from
diff --git a/lib/gitlab/cycle_analytics/summary/group/deploy.rb b/lib/gitlab/cycle_analytics/summary/group/deploy.rb
index ec0b23e770d..1476a5fceb8 100644
--- a/lib/gitlab/cycle_analytics/summary/group/deploy.rb
+++ b/lib/gitlab/cycle_analytics/summary/group/deploy.rb
@@ -5,6 +5,8 @@ module Gitlab
     module Summary
       module Group
         class Deploy < Group::Base
+          include GroupProjectsProvider
+
           def title
             n_('Deploy', 'Deploys', value)
           end
@@ -17,15 +19,10 @@ module Gitlab
 
           def find_deployments
             deployments = Deployment.joins(:project)
-              .where(projects: { id: projects })
-              .where("deployments.created_at > ?", @from)
-            deployments = deployments.where(projects: { id: @options[:projects] }) if @options[:projects]
+              .where(projects: { id: projects.ids })
+              .where("deployments.created_at > ?", from)
             deployments.success.count
           end
-
-          def projects
-            Project.inside_path(@group.full_path).ids
-          end
         end
       end
     end
diff --git a/lib/gitlab/cycle_analytics/summary/group/issue.rb b/lib/gitlab/cycle_analytics/summary/group/issue.rb
index 5df508efa78..9daae8531d8 100644
--- a/lib/gitlab/cycle_analytics/summary/group/issue.rb
+++ b/lib/gitlab/cycle_analytics/summary/group/issue.rb
@@ -5,6 +5,8 @@ module Gitlab
     module Summary
       module Group
         class Issue < Group::Base
+          attr_reader :group, :from, :current_user, :options
+
           def initialize(group:, from:, current_user:, options:)
             @group = group
             @from = from
@@ -23,8 +25,8 @@ module Gitlab
           private
 
           def find_issues
-            issues = IssuesFinder.new(@current_user, group_id: @group.id, include_subgroups: true, created_after: @from).execute
-            issues = issues.where(projects: { id: @options[:projects] }) if @options[:projects]
+            issues = IssuesFinder.new(current_user, group_id: group.id, include_subgroups: true, created_after: from).execute
+            issues = issues.where(projects: { id: options[:projects] }) if options[:projects]
             issues.count
           end
         end
diff --git a/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb b/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
index d4dd52ec092..d5c2f7cc579 100644
--- a/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/group_stage_summary_spec.rb
@@ -8,7 +8,7 @@ describe Gitlab::CycleAnalytics::GroupStageSummary do
   let(:from) { 1.day.ago }
   let(:user) { create(:user, :admin) }
 
-  subject { described_class.new(group, from: Time.now, current_user: user, options: {}).data }
+  subject { described_class.new(group, options: { from: Time.now, current_user: user }).data }
 
   describe "#new_issues" do
     context 'with from date' do
@@ -38,7 +38,7 @@ describe Gitlab::CycleAnalytics::GroupStageSummary do
           Timecop.freeze(5.days.from_now) { create(:issue, project: create(:project, namespace: group)) }
         end
 
-        subject { described_class.new(group, from: Time.now, current_user: user, options: { projects: [project.id, project_2.id] }).data }
+        subject { described_class.new(group, options: { from: Time.now, current_user: user, projects: [project.id, project_2.id] }).data }
 
         it 'finds issues from those projects' do
           expect(subject.first[:value]).to eq(2)
@@ -91,7 +91,7 @@ describe Gitlab::CycleAnalytics::GroupStageSummary do
           end
         end
 
-        subject { described_class.new(group, from: Time.now, current_user: user, options: { projects: [project.id, project_2.id] }).data }
+        subject { described_class.new(group, options: { from: Time.now, current_user: user, projects: [project.id, project_2.id] }).data }
 
         it 'shows deploys from those projects' do
           expect(subject.second[:value]).to eq(2)
@@ -110,6 +110,5 @@ describe Gitlab::CycleAnalytics::GroupStageSummary do
         expect(subject.second[:value]).to eq(0)
       end
     end
-
   end
 end
diff --git a/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb
index 1052ee69830..dea17e4f3dc 100644
--- a/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb
@@ -85,11 +85,11 @@ describe Gitlab::CycleAnalytics::IssueStage do
       end
 
       describe '#events' do
-        it 'exposes merge requests that close issues' do
-          result = stage.events
+        subject { stage.events }
 
-          expect(result.count).to eq(1)
-          expect(result.map { |event| event[:title] }).to contain_exactly(issue_2_1.title)
+        it 'exposes merge requests that close issues' do
+          expect(subject.count).to eq(1)
+          expect(subject.map { |event| event[:title] }).to contain_exactly(issue_2_1.title)
         end
       end
     end
-- 
cgit v1.2.1


From 41b8dca877ba790cd56677dc6405e16b631f9854 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Wed, 17 Jul 2019 01:36:49 +0200
Subject: Add specs for specifying pipeline behavior

Adds specs for testing the new behavior of specifying a pipeline when
POSTing a status.
---
 app/models/project.rb                              | 12 +++++++++--
 .../21671-multiple-pipeline-status-api.yml         |  2 +-
 doc/api/commits.md                                 |  2 +-
 lib/api/commit_statuses.rb                         |  9 +++-----
 spec/models/project_spec.rb                        | 20 ++++++++++++++++++
 spec/requests/api/commit_statuses_spec.rb          | 24 ++++++++++++++++++----
 6 files changed, 55 insertions(+), 14 deletions(-)

diff --git a/app/models/project.rb b/app/models/project.rb
index 2906aca75fc..aad24a5534c 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -1496,12 +1496,20 @@ class Project < ApplicationRecord
     !namespace.share_with_group_lock
   end
 
-  def pipeline_for(ref, sha = nil)
+  def pipeline_for(ref, sha = nil, id = nil)
+    if id.present?
+      pipelines_for(ref, sha).find_by(id: id)
+    else
+      pipelines_for(ref, sha).take
+    end
+  end
+
+  def pipelines_for(ref, sha = nil)
     sha ||= commit(ref).try(:sha)
 
     return unless sha
 
-    ci_pipelines.order(id: :desc).find_by(sha: sha, ref: ref)
+    ci_pipelines.order(id: :desc).where(sha: sha, ref: ref)
   end
 
   def latest_successful_pipeline_for_default_branch
diff --git a/changelogs/unreleased/21671-multiple-pipeline-status-api.yml b/changelogs/unreleased/21671-multiple-pipeline-status-api.yml
index f87366803e2..b7b0f5fa0c7 100644
--- a/changelogs/unreleased/21671-multiple-pipeline-status-api.yml
+++ b/changelogs/unreleased/21671-multiple-pipeline-status-api.yml
@@ -1,5 +1,5 @@
 ---
 title: Multiple pipeline support for Commit status
-merge_request: 21671
+merge_request: 30828
 author: Gaetan Semet
 type: changed
diff --git a/doc/api/commits.md b/doc/api/commits.md
index a6264897e5e..c0bf53c1db4 100644
--- a/doc/api/commits.md
+++ b/doc/api/commits.md
@@ -581,7 +581,7 @@ POST /projects/:id/statuses/:sha
 | `target_url` |  string  | no  | The target URL to associate with this status
 | `description` | string  | no  | The short description of the status
 | `coverage` | float  | no    | The total code coverage
-| `pipeline_id` |  integer  | no  | The id of the pipeline to set status. Use in case of several pipeline on same sha.
+| `pipeline_id` |  integer  | no  | The ID of the pipeline to set status. Use in case of several pipeline on same SHA.
 
 ```bash
 curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/17/statuses/18f3e63d05582537db6d183d9d557be09e1f90c8?state=success"
diff --git a/lib/api/commit_statuses.rb b/lib/api/commit_statuses.rb
index 61cf929bcdc..d58a5e214ed 100644
--- a/lib/api/commit_statuses.rb
+++ b/lib/api/commit_statuses.rb
@@ -52,7 +52,7 @@ module API
         optional :name,        type: String,  desc: 'A string label to differentiate this status from the status of other systems. Default: "default"'
         optional :context,     type: String,  desc: 'A string label to differentiate this status from the status of other systems. Default: "default"'
         optional :coverage,    type: Float,   desc: 'The total code coverage'
-        optional :pipeline_id, type: Integer, desc: 'An existing pipeline id, when multiple pipelines on the same commit sha have been triggered'
+        optional :pipeline_id, type: Integer, desc: 'An existing pipeline ID, when multiple pipelines on the same commit SHA have been triggered'
       end
       # rubocop: disable CodeReuse/ActiveRecord
       post ':id/statuses/:sha' do
@@ -73,11 +73,8 @@ module API
         not_found! 'References for commit' unless ref
 
         name = params[:name] || params[:context] || 'default'
-        pipeline = if params[:pipeline_id]
-                     @project.ci_pipelines.find_by(id: params[:pipeline_id])
-                   else
-                     @project.pipeline_for(ref, commit.sha)
-                   end
+
+        pipeline = @project.pipeline_for(ref, commit.sha, params[:pipeline_id])
 
         unless pipeline
           pipeline = @project.ci_pipelines.create!(
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 927c072be10..3a8ad5a3066 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -1190,6 +1190,14 @@ describe Project do
       subject { project.pipeline_for('master', pipeline.sha) }
 
       it_behaves_like 'giving the correct pipeline'
+
+      context 'with supplied id' do
+        let!(:other_pipeline) { create_pipeline(project) }
+
+        subject { project.pipeline_for('master', pipeline.sha, other_pipeline.id) }
+
+        it { is_expected.to eq(other_pipeline) }
+      end
     end
 
     context 'with implicit sha' do
@@ -1199,6 +1207,18 @@ describe Project do
     end
   end
 
+  describe '#pipelines_for' do
+    let(:project) { create(:project, :repository) }
+    let!(:pipeline) { create_pipeline(project) }
+    let!(:other_pipeline) { create_pipeline(project) }
+
+    context 'with implicit sha' do
+      subject { project.pipelines_for('master') }
+
+      it { is_expected.to contain_exactly(pipeline, other_pipeline) }
+    end
+  end
+
   describe '#builds_enabled' do
     let(:project) { create(:project) }
 
diff --git a/spec/requests/api/commit_statuses_spec.rb b/spec/requests/api/commit_statuses_spec.rb
index b5e45f99109..1be8883bd3c 100644
--- a/spec/requests/api/commit_statuses_spec.rb
+++ b/spec/requests/api/commit_statuses_spec.rb
@@ -8,10 +8,6 @@ describe API::CommitStatuses do
   let(:developer) { create_user(:developer) }
   let(:sha) { commit.id }
 
-  let(:commit_status) do
-    create(:commit_status, status: :pending, pipeline: pipeline)
-  end
-
   describe "GET /projects/:id/repository/commits/:sha/statuses" do
     let(:get_url) { "/projects/#{project.id}/repository/commits/#{sha}/statuses" }
 
@@ -239,6 +235,26 @@ describe API::CommitStatuses do
             expect(CommitStatus.count).to eq 1
           end
         end
+
+        context 'when a pipeline id is specified' do
+          let!(:first_pipeline) { project.ci_pipelines.create(source: :push, sha: commit.id, ref: 'master', status: 'created') }
+          let!(:other_pipeline) { project.ci_pipelines.create(source: :push, sha: commit.id, ref: 'master', status: 'created') }
+
+          subject do
+            post api(post_url, developer), params: {
+              pipeline_id: other_pipeline.id,
+              state: 'success',
+              ref: 'master'
+            }
+          end
+
+          it 'update the correct pipeline' do
+            subject
+
+            expect(first_pipeline.reload.status).to eq('created')
+            expect(other_pipeline.reload.status).to eq('success')
+          end
+        end
       end
 
       context 'when retrying a commit status' do
-- 
cgit v1.2.1


From c2e0e689f355555db231ac6db40ab1b654c90233 Mon Sep 17 00:00:00 2001
From: Shinya Maeda <shinya@gitlab.com>
Date: Thu, 18 Jul 2019 16:22:46 +0700
Subject: Validate the existence of archived traces before removing live trace

Often live traces are removed even though the archived trace
doesn't exist. This commit checkes the existence strictly.
---
 app/models/ci/build.rb                             |  8 ++++
 app/models/ci/job_artifact.rb                      |  4 ++
 app/services/ci/archive_trace_service.rb           | 28 ++++++++++--
 app/workers/archive_trace_worker.rb                |  2 +-
 app/workers/ci/archive_traces_cron_worker.rb       |  2 +-
 .../unreleased/safe-archiving-for-traces.yml       |  5 +++
 lib/gitlab/ci/trace.rb                             | 12 ++++-
 lib/gitlab/ci/trace/chunked_io.rb                  |  7 +++
 spec/lib/gitlab/ci/trace/chunked_io_spec.rb        | 10 +++++
 spec/models/ci/build_spec.rb                       | 28 ++++++++++++
 spec/models/ci/job_artifact_spec.rb                | 25 +++++++++++
 spec/services/ci/archive_trace_service_spec.rb     | 38 +++++++++++++---
 .../shared_examples/ci_trace_shared_examples.rb    | 52 ++++++++++++++++++++++
 spec/workers/archive_trace_worker_spec.rb          |  2 +-
 spec/workers/ci/archive_traces_cron_worker_spec.rb |  7 ++-
 spec/workers/stuck_ci_jobs_worker_spec.rb          |  4 --
 16 files changed, 214 insertions(+), 20 deletions(-)
 create mode 100644 changelogs/unreleased/safe-archiving-for-traces.yml

diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb
index 635fcc86166..da70cb9a9a7 100644
--- a/app/models/ci/build.rb
+++ b/app/models/ci/build.rb
@@ -531,6 +531,14 @@ module Ci
       trace.exist?
     end
 
+    def has_live_trace?
+      trace.live_trace_exist?
+    end
+
+    def has_archived_trace?
+      trace.archived_trace_exist?
+    end
+
     def artifacts_file
       job_artifacts_archive&.file
     end
diff --git a/app/models/ci/job_artifact.rb b/app/models/ci/job_artifact.rb
index f80e98e5bca..e132cb045e2 100644
--- a/app/models/ci/job_artifact.rb
+++ b/app/models/ci/job_artifact.rb
@@ -176,6 +176,10 @@ module Ci
       end
     end
 
+    def self.archived_trace_exists_for?(job_id)
+      where(job_id: job_id).trace.take&.file&.file&.exists?
+    end
+
     private
 
     def file_format_adapter_class
diff --git a/app/services/ci/archive_trace_service.rb b/app/services/ci/archive_trace_service.rb
index b5cfa1d019c..700d78361a4 100644
--- a/app/services/ci/archive_trace_service.rb
+++ b/app/services/ci/archive_trace_service.rb
@@ -2,8 +2,25 @@
 
 module Ci
   class ArchiveTraceService
-    def execute(job)
+    def execute(job, worker_name:)
+      # TODO: Remove this logging once we confirmed new live trace architecture is functional.
+      # See https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/4667.
+      unless job.has_live_trace?
+        Sidekiq.logger.warn(class: worker_name,
+                            message: 'The job does not have live trace but going to be archived.',
+                            job_id: job.id)
+        return
+      end
+
       job.trace.archive!
+
+      # TODO: Remove this logging once we confirmed new live trace architecture is functional.
+      # See https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/4667.
+      unless job.has_archived_trace?
+        Sidekiq.logger.warn(class: worker_name,
+                            message: 'The job does not have archived trace after archiving.',
+                            job_id: job.id)
+      end
     rescue ::Gitlab::Ci::Trace::AlreadyArchivedError
       # It's already archived, thus we can safely ignore this exception.
     rescue => e
@@ -11,7 +28,7 @@ module Ci
       # If `archive!` keeps failing for over a week, that could incur data loss.
       # (See more https://docs.gitlab.com/ee/administration/job_traces.html#new-live-trace-architecture)
       # In order to avoid interrupting the system, we do not raise an exception here.
-      archive_error(e, job)
+      archive_error(e, job, worker_name)
     end
 
     private
@@ -22,9 +39,12 @@ module Ci
                                 "Counter of failed attempts of trace archiving")
     end
 
-    def archive_error(error, job)
+    def archive_error(error, job, worker_name)
       failed_archive_counter.increment
-      Rails.logger.error "Failed to archive trace. id: #{job.id} message: #{error.message}" # rubocop:disable Gitlab/RailsLogger
+
+      Sidekiq.logger.warn(class: worker_name,
+        message: "Failed to archive trace. message: #{error.message}.",
+        job_id: job.id)
 
       Gitlab::Sentry
         .track_exception(error,
diff --git a/app/workers/archive_trace_worker.rb b/app/workers/archive_trace_worker.rb
index 4a9becf0ca7..66f9b8d9e80 100644
--- a/app/workers/archive_trace_worker.rb
+++ b/app/workers/archive_trace_worker.rb
@@ -7,7 +7,7 @@ class ArchiveTraceWorker
   # rubocop: disable CodeReuse/ActiveRecord
   def perform(job_id)
     Ci::Build.without_archived_trace.find_by(id: job_id).try do |job|
-      Ci::ArchiveTraceService.new.execute(job)
+      Ci::ArchiveTraceService.new.execute(job, worker_name: self.class.name)
     end
   end
   # rubocop: enable CodeReuse/ActiveRecord
diff --git a/app/workers/ci/archive_traces_cron_worker.rb b/app/workers/ci/archive_traces_cron_worker.rb
index f65ff239866..75e68d0233a 100644
--- a/app/workers/ci/archive_traces_cron_worker.rb
+++ b/app/workers/ci/archive_traces_cron_worker.rb
@@ -11,7 +11,7 @@ module Ci
       # This could happen when ArchiveTraceWorker sidekiq jobs were lost by receiving SIGKILL
       # More details in https://gitlab.com/gitlab-org/gitlab-ce/issues/36791
       Ci::Build.finished.with_live_trace.find_each(batch_size: 100) do |build|
-        Ci::ArchiveTraceService.new.execute(build)
+        Ci::ArchiveTraceService.new.execute(build, worker_name: self.class.name)
       end
     end
     # rubocop: enable CodeReuse/ActiveRecord
diff --git a/changelogs/unreleased/safe-archiving-for-traces.yml b/changelogs/unreleased/safe-archiving-for-traces.yml
new file mode 100644
index 00000000000..2b9070bacfe
--- /dev/null
+++ b/changelogs/unreleased/safe-archiving-for-traces.yml
@@ -0,0 +1,5 @@
+---
+title: Extra logging for new live trace architecture
+merge_request: 30892
+author:
+type: fixed
diff --git a/lib/gitlab/ci/trace.rb b/lib/gitlab/ci/trace.rb
index ce5857965bf..cb617080c76 100644
--- a/lib/gitlab/ci/trace.rb
+++ b/lib/gitlab/ci/trace.rb
@@ -63,7 +63,15 @@ module Gitlab
       end
 
       def exist?
-        trace_artifact&.exists? || job.trace_chunks.any? || current_path.present? || old_trace.present?
+        archived_trace_exist? || live_trace_exist?
+      end
+
+      def archived_trace_exist?
+        trace_artifact&.exists?
+      end
+
+      def live_trace_exist?
+        job.trace_chunks.any? || current_path.present? || old_trace.present?
       end
 
       def read
@@ -167,7 +175,7 @@ module Gitlab
 
       def clone_file!(src_stream, temp_dir)
         FileUtils.mkdir_p(temp_dir)
-        Dir.mktmpdir('tmp-trace', temp_dir) do |dir_path|
+        Dir.mktmpdir("tmp-trace-#{job.id}", temp_dir) do |dir_path|
           temp_path = File.join(dir_path, "job.log")
           FileUtils.touch(temp_path)
           size = IO.copy_stream(src_stream, temp_path)
diff --git a/lib/gitlab/ci/trace/chunked_io.rb b/lib/gitlab/ci/trace/chunked_io.rb
index 8c6fd56493f..e99889f4a25 100644
--- a/lib/gitlab/ci/trace/chunked_io.rb
+++ b/lib/gitlab/ci/trace/chunked_io.rb
@@ -166,6 +166,13 @@ module Gitlab
         end
 
         def destroy!
+          # TODO: Remove this logging once we confirmed new live trace architecture is functional.
+          # See https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/4667.
+          unless build.has_archived_trace?
+            Sidekiq.logger.warn(message: 'The job does not have archived trace but going to be destroyed.',
+                                job_id: build.id)
+          end
+
           trace_chunks.fast_destroy_all
           @tell = @size = 0
         ensure
diff --git a/spec/lib/gitlab/ci/trace/chunked_io_spec.rb b/spec/lib/gitlab/ci/trace/chunked_io_spec.rb
index 546a9e7d0cc..3e5cd81f929 100644
--- a/spec/lib/gitlab/ci/trace/chunked_io_spec.rb
+++ b/spec/lib/gitlab/ci/trace/chunked_io_spec.rb
@@ -442,5 +442,15 @@ describe Gitlab::Ci::Trace::ChunkedIO, :clean_gitlab_redis_cache do
 
       expect(Ci::BuildTraceChunk.where(build: build).count).to eq(0)
     end
+
+    context 'when the job does not have archived trace' do
+      it 'leaves a message in sidekiq log' do
+        expect(Sidekiq.logger).to receive(:warn).with(
+          message: 'The job does not have archived trace but going to be destroyed.',
+          job_id: build.id).and_call_original
+
+        subject
+      end
+    end
   end
 end
diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb
index 78862de0657..c30cb70e1c1 100644
--- a/spec/models/ci/build_spec.rb
+++ b/spec/models/ci/build_spec.rb
@@ -692,6 +692,34 @@ describe Ci::Build do
     end
   end
 
+  describe '#has_live_trace?' do
+    subject { build.has_live_trace? }
+
+    let(:build) { create(:ci_build, :trace_live) }
+
+    it { is_expected.to be_truthy }
+
+    context 'when build does not have live trace' do
+      let(:build) { create(:ci_build) }
+
+      it { is_expected.to be_falsy }
+    end
+  end
+
+  describe '#has_archived_trace?' do
+    subject { build.has_archived_trace? }
+
+    let(:build) { create(:ci_build, :trace_artifact) }
+
+    it { is_expected.to be_truthy }
+
+    context 'when build does not have archived trace' do
+      let(:build) { create(:ci_build) }
+
+      it { is_expected.to be_falsy }
+    end
+  end
+
   describe '#has_job_artifacts?' do
     subject { build.has_job_artifacts? }
 
diff --git a/spec/models/ci/job_artifact_spec.rb b/spec/models/ci/job_artifact_spec.rb
index 1ba66565e03..1413da231e0 100644
--- a/spec/models/ci/job_artifact_spec.rb
+++ b/spec/models/ci/job_artifact_spec.rb
@@ -70,6 +70,31 @@ describe Ci::JobArtifact do
     end
   end
 
+  describe '.archived_trace_exists_for?' do
+    subject { described_class.archived_trace_exists_for?(job_id) }
+
+    let!(:artifact) { create(:ci_job_artifact, :trace, job: job) }
+    let(:job) { create(:ci_build) }
+
+    context 'when the specified job_id exists' do
+      let(:job_id) { job.id }
+
+      it { is_expected.to be_truthy }
+
+      context 'when the job does have archived trace' do
+        let!(:artifact) { }
+
+        it { is_expected.to be_falsy }
+      end
+    end
+
+    context 'when the specified job_id does not exist' do
+      let(:job_id) { 10000 }
+
+      it { is_expected.to be_falsy }
+    end
+  end
+
   describe 'callbacks' do
     subject { create(:ci_job_artifact, :archive) }
 
diff --git a/spec/services/ci/archive_trace_service_spec.rb b/spec/services/ci/archive_trace_service_spec.rb
index 44a77c29086..454db3d5a48 100644
--- a/spec/services/ci/archive_trace_service_spec.rb
+++ b/spec/services/ci/archive_trace_service_spec.rb
@@ -3,7 +3,7 @@
 require 'spec_helper'
 
 describe Ci::ArchiveTraceService, '#execute' do
-  subject { described_class.new.execute(job) }
+  subject { described_class.new.execute(job, worker_name: ArchiveTraceWorker.name) }
 
   context 'when job is finished' do
     let(:job) { create(:ci_build, :success, :trace_live) }
@@ -25,6 +25,34 @@ describe Ci::ArchiveTraceService, '#execute' do
         expect { subject }.not_to change { Ci::JobArtifact.trace.count }
       end
     end
+
+    context 'when job does not have trace' do
+      let(:job) { create(:ci_build, :success) }
+
+      it 'leaves a warning message in sidekiq log' do
+        expect(Sidekiq.logger).to receive(:warn).with(
+          class: ArchiveTraceWorker.name,
+          message: 'The job does not have live trace but going to be archived.',
+          job_id: job.id)
+
+        subject
+      end
+    end
+
+    context 'when job failed to archive trace but did not raise an exception' do
+      before do
+        allow_any_instance_of(Gitlab::Ci::Trace).to receive(:archive!) {}
+      end
+
+      it 'leaves a warning message in sidekiq log' do
+        expect(Sidekiq.logger).to receive(:warn).with(
+          class: ArchiveTraceWorker.name,
+          message: 'The job does not have archived trace after archiving.',
+          job_id: job.id)
+
+        subject
+      end
+    end
   end
 
   context 'when job is running' do
@@ -37,10 +65,10 @@ describe Ci::ArchiveTraceService, '#execute' do
               issue_url: 'https://gitlab.com/gitlab-org/gitlab-ce/issues/51502',
               extra: { job_id: job.id } ).once
 
-      expect(Rails.logger)
-        .to receive(:error)
-        .with("Failed to archive trace. id: #{job.id} message: Job is not finished yet")
-        .and_call_original
+      expect(Sidekiq.logger).to receive(:warn).with(
+        class: ArchiveTraceWorker.name,
+        message: "Failed to archive trace. message: Job is not finished yet.",
+        job_id: job.id).and_call_original
 
       expect(Gitlab::Metrics)
         .to receive(:counter)
diff --git a/spec/support/shared_examples/ci_trace_shared_examples.rb b/spec/support/shared_examples/ci_trace_shared_examples.rb
index ab0550e2613..68c2b6e10e2 100644
--- a/spec/support/shared_examples/ci_trace_shared_examples.rb
+++ b/spec/support/shared_examples/ci_trace_shared_examples.rb
@@ -720,6 +720,58 @@ shared_examples_for 'trace with enabled live trace feature' do
     end
   end
 
+  describe '#archived_trace_exist?' do
+    subject { trace.archived_trace_exist? }
+
+    context 'when trace does not exist' do
+      it { is_expected.to be_falsy }
+    end
+
+    context 'when archived trace exists' do
+      before do
+        create(:ci_job_artifact, :trace, job: build)
+      end
+
+      it { is_expected.to be_truthy }
+    end
+
+    context 'when live trace exists' do
+      before do
+        Gitlab::Ci::Trace::ChunkedIO.new(build) do |stream|
+          stream.write('abc')
+        end
+      end
+
+      it { is_expected.to be_falsy }
+    end
+  end
+
+  describe '#live_trace_exist?' do
+    subject { trace.live_trace_exist? }
+
+    context 'when trace does not exist' do
+      it { is_expected.to be_falsy }
+    end
+
+    context 'when archived trace exists' do
+      before do
+        create(:ci_job_artifact, :trace, job: build)
+      end
+
+      it { is_expected.to be_falsy }
+    end
+
+    context 'when live trace exists' do
+      before do
+        Gitlab::Ci::Trace::ChunkedIO.new(build) do |stream|
+          stream.write('abc')
+        end
+      end
+
+      it { is_expected.to be_truthy }
+    end
+  end
+
   describe '#archive!' do
     subject { trace.archive! }
 
diff --git a/spec/workers/archive_trace_worker_spec.rb b/spec/workers/archive_trace_worker_spec.rb
index 368ed3f3db1..44f7be15201 100644
--- a/spec/workers/archive_trace_worker_spec.rb
+++ b/spec/workers/archive_trace_worker_spec.rb
@@ -11,7 +11,7 @@ describe ArchiveTraceWorker do
 
       it 'executes service' do
         expect_any_instance_of(Ci::ArchiveTraceService)
-          .to receive(:execute).with(job)
+          .to receive(:execute).with(job, anything)
 
         subject
       end
diff --git a/spec/workers/ci/archive_traces_cron_worker_spec.rb b/spec/workers/ci/archive_traces_cron_worker_spec.rb
index eca6cf5235f..28381fdc3be 100644
--- a/spec/workers/ci/archive_traces_cron_worker_spec.rb
+++ b/spec/workers/ci/archive_traces_cron_worker_spec.rb
@@ -34,7 +34,7 @@ describe Ci::ArchiveTracesCronWorker do
 
     it 'executes service' do
       expect_any_instance_of(Ci::ArchiveTraceService)
-        .to receive(:execute).with(build)
+        .to receive(:execute).with(build, anything)
 
       subject
     end
@@ -60,7 +60,10 @@ describe Ci::ArchiveTracesCronWorker do
       end
 
       it 'puts a log' do
-        expect(Rails.logger).to receive(:error).with("Failed to archive trace. id: #{build.id} message: Unexpected error")
+        expect(Sidekiq.logger).to receive(:warn).with(
+          class: described_class.name,
+          message: "Failed to archive trace. message: Unexpected error.",
+          job_id: build.id)
 
         subject
       end
diff --git a/spec/workers/stuck_ci_jobs_worker_spec.rb b/spec/workers/stuck_ci_jobs_worker_spec.rb
index 72de62f1188..c3d577e2dae 100644
--- a/spec/workers/stuck_ci_jobs_worker_spec.rb
+++ b/spec/workers/stuck_ci_jobs_worker_spec.rb
@@ -7,8 +7,6 @@ describe StuckCiJobsWorker do
 
   let!(:runner) { create :ci_runner }
   let!(:job) { create :ci_build, runner: runner }
-  let(:trace_lease_key) { "trace:write:lock:#{job.id}" }
-  let(:trace_lease_uuid) { SecureRandom.uuid }
   let(:worker_lease_key) { StuckCiJobsWorker::EXCLUSIVE_LEASE_KEY }
   let(:worker_lease_uuid) { SecureRandom.uuid }
 
@@ -16,7 +14,6 @@ describe StuckCiJobsWorker do
 
   before do
     stub_exclusive_lease(worker_lease_key, worker_lease_uuid)
-    stub_exclusive_lease(trace_lease_key, trace_lease_uuid)
     job.update!(status: status, updated_at: updated_at)
   end
 
@@ -195,7 +192,6 @@ describe StuckCiJobsWorker do
     end
 
     it 'cancels exclusive leases after worker perform' do
-      expect_to_cancel_exclusive_lease(trace_lease_key, trace_lease_uuid)
       expect_to_cancel_exclusive_lease(worker_lease_key, worker_lease_uuid)
 
       worker.perform
-- 
cgit v1.2.1


From b2f143597ca22b9585cc758453ae920d9b9d0fe3 Mon Sep 17 00:00:00 2001
From: Peter Dave Hello <hsu@peterdavehello.org>
Date: Tue, 23 Jul 2019 12:23:51 +0000
Subject: Extend yamllint test to changelogs

cc !30979
---
 .gitlab/ci/docs.gitlab-ci.yml |  1 -
 .gitlab/ci/yaml.gitlab-ci.yml |  2 +-
 changelogs/README.md          |  2 +-
 scripts/lint-changelog-yaml   | 24 ------------------------
 4 files changed, 2 insertions(+), 27 deletions(-)
 delete mode 100755 scripts/lint-changelog-yaml

diff --git a/.gitlab/ci/docs.gitlab-ci.yml b/.gitlab/ci/docs.gitlab-ci.yml
index 5bc109f2b7f..de1110f39fa 100644
--- a/.gitlab/ci/docs.gitlab-ci.yml
+++ b/.gitlab/ci/docs.gitlab-ci.yml
@@ -62,7 +62,6 @@ docs lint:
   before_script: []
   script:
     - scripts/lint-doc.sh
-    - scripts/lint-changelog-yaml
     - mv doc/ /tmp/gitlab-docs/content/$DOCS_GITLAB_REPO_SUFFIX
     - cd /tmp/gitlab-docs
     # Lint Markdown
diff --git a/.gitlab/ci/yaml.gitlab-ci.yml b/.gitlab/ci/yaml.gitlab-ci.yml
index 401318d2df2..b7aa418d8f7 100644
--- a/.gitlab/ci/yaml.gitlab-ci.yml
+++ b/.gitlab/ci/yaml.gitlab-ci.yml
@@ -6,4 +6,4 @@ lint-ci-gitlab:
   dependencies: []
   image: sdesbure/yamllint:latest
   script:
-    - yamllint .gitlab-ci.yml .gitlab/ci lib/gitlab/ci/templates
+    - yamllint .gitlab-ci.yml .gitlab/ci lib/gitlab/ci/templates changelogs
diff --git a/changelogs/README.md b/changelogs/README.md
index c4113ccb863..d408a74157a 100644
--- a/changelogs/README.md
+++ b/changelogs/README.md
@@ -3,7 +3,7 @@
 To generate and validate your changelog entries:
 
 1. Run `bin/changelog` to generate.
-1. Run `scripts/lint-changelog-yaml` to validate.
+1. Run `yamllint changelogs` to validate.
 
 See [development/changelog] documentation for detailed usage.
 
diff --git a/scripts/lint-changelog-yaml b/scripts/lint-changelog-yaml
deleted file mode 100755
index 06d502c4676..00000000000
--- a/scripts/lint-changelog-yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/usr/bin/env ruby
-
-require 'yaml'
-
-invalid_changelogs = Dir['changelogs/**/*'].reject do |changelog|
-  next true if changelog =~ /((README|archive)\.md|unreleased(-ee)?)$/
-  next false unless changelog.end_with?('.yml')
-
-  begin
-    YAML.load_file(changelog)
-  rescue => exception
-    puts exception
-  end
-end
-
-if invalid_changelogs.any?
-  puts
-  puts "Invalid changelogs found!\n"
-  puts invalid_changelogs.sort
-  exit 1
-else
-  puts "All changelogs are valid YAML.\n"
-  exit 0
-end
-- 
cgit v1.2.1


From 911c0f61b351bbd68adf5af5ed565a7108643859 Mon Sep 17 00:00:00 2001
From: Aleksei Lipniagov <alipniagov@gitlab.com>
Date: Tue, 23 Jul 2019 13:03:27 +0300
Subject: Remove :livesum from RubySampler metrics

---
 .../unreleased/64974-remove-livesum-from-ruby-sampler-metrics.yml | 5 +++++
 lib/gitlab/metrics/samplers/ruby_sampler.rb                       | 8 ++++----
 2 files changed, 9 insertions(+), 4 deletions(-)
 create mode 100644 changelogs/unreleased/64974-remove-livesum-from-ruby-sampler-metrics.yml

diff --git a/changelogs/unreleased/64974-remove-livesum-from-ruby-sampler-metrics.yml b/changelogs/unreleased/64974-remove-livesum-from-ruby-sampler-metrics.yml
new file mode 100644
index 00000000000..4fa3b7783c5
--- /dev/null
+++ b/changelogs/unreleased/64974-remove-livesum-from-ruby-sampler-metrics.yml
@@ -0,0 +1,5 @@
+---
+title: Remove :livesum from RubySampler metrics
+merge_request: 31047
+author:
+type: fixed
diff --git a/lib/gitlab/metrics/samplers/ruby_sampler.rb b/lib/gitlab/metrics/samplers/ruby_sampler.rb
index 79f756c8f8a..1e200db0baf 100644
--- a/lib/gitlab/metrics/samplers/ruby_sampler.rb
+++ b/lib/gitlab/metrics/samplers/ruby_sampler.rb
@@ -30,18 +30,18 @@ module Gitlab
 
         def init_metrics
           metrics = {
-            file_descriptors:               ::Gitlab::Metrics.gauge(with_prefix(:file, :descriptors), 'File descriptors used', labels, :livesum),
-            memory_bytes:                   ::Gitlab::Metrics.gauge(with_prefix(:memory, :bytes), 'Memory used', labels, :livesum),
+            file_descriptors:               ::Gitlab::Metrics.gauge(with_prefix(:file, :descriptors), 'File descriptors used', labels),
+            memory_bytes:                   ::Gitlab::Metrics.gauge(with_prefix(:memory, :bytes), 'Memory used', labels),
             process_cpu_seconds_total:      ::Gitlab::Metrics.gauge(with_prefix(:process, :cpu_seconds_total), 'Process CPU seconds total'),
             process_max_fds:                ::Gitlab::Metrics.gauge(with_prefix(:process, :max_fds), 'Process max fds'),
-            process_resident_memory_bytes:  ::Gitlab::Metrics.gauge(with_prefix(:process, :resident_memory_bytes), 'Memory used', labels, :livesum),
+            process_resident_memory_bytes:  ::Gitlab::Metrics.gauge(with_prefix(:process, :resident_memory_bytes), 'Memory used', labels),
             process_start_time_seconds:     ::Gitlab::Metrics.gauge(with_prefix(:process, :start_time_seconds), 'Process start time seconds'),
             sampler_duration:               ::Gitlab::Metrics.counter(with_prefix(:sampler, :duration_seconds_total), 'Sampler time', labels),
             total_time:                     ::Gitlab::Metrics.counter(with_prefix(:gc, :duration_seconds_total), 'Total GC time', labels)
           }
 
           GC.stat.keys.each do |key|
-            metrics[key] = ::Gitlab::Metrics.gauge(with_prefix(:gc_stat, key), to_doc_string(key), labels, :livesum)
+            metrics[key] = ::Gitlab::Metrics.gauge(with_prefix(:gc_stat, key), to_doc_string(key), labels)
           end
 
           metrics
-- 
cgit v1.2.1


From ab11eee1d6e3881399b671f0ebe857a085321371 Mon Sep 17 00:00:00 2001
From: Bob Van Landuyt <bob@vanlanduyt.co>
Date: Fri, 19 Jul 2019 17:28:23 +0200
Subject: Mark mirrors as failed 1 hour after they started

We call `Project#mark_stuck_remote_mirrors_as_failed!` from the
`Git::BaseHooksService`. So that gets called every time we push tags
or branches.

Before this would only mark started mirrors as failed if they had
been started 24 hours ago. A push would never take 24 hours,
especially not when we run it so often.

Lowering that threshold 1 hour should at least allow us to retry
broken mirrors more often on pushes.

The timeout for the initial push is set somewhat longer to accommodate
for pushing large repos. Both numbers are currently picked arbitrarily.
---
 app/models/remote_mirror.rb                               |  4 ++--
 .../bvl-mark-remote-mirrors-as-failed-sooner.yml          |  5 +++++
 spec/models/remote_mirror_spec.rb                         | 15 ++++++++++++---
 3 files changed, 19 insertions(+), 5 deletions(-)
 create mode 100644 changelogs/unreleased/bvl-mark-remote-mirrors-as-failed-sooner.yml

diff --git a/app/models/remote_mirror.rb b/app/models/remote_mirror.rb
index af705b29f7a..6b5605f9999 100644
--- a/app/models/remote_mirror.rb
+++ b/app/models/remote_mirror.rb
@@ -31,7 +31,7 @@ class RemoteMirror < ApplicationRecord
 
   scope :enabled, -> { where(enabled: true) }
   scope :started, -> { with_update_status(:started) }
-  scope :stuck,   -> { started.where('last_update_at < ? OR (last_update_at IS NULL AND updated_at < ?)', 1.day.ago, 1.day.ago) }
+  scope :stuck,   -> { started.where('last_update_at < ? OR (last_update_at IS NULL AND updated_at < ?)', 1.hour.ago, 3.hours.ago) }
 
   state_machine :update_status, initial: :none do
     event :update_start do
@@ -173,7 +173,7 @@ class RemoteMirror < ApplicationRecord
 
     result = URI.parse(url)
     result.password = '*****' if result.password
-    result.user = '*****' if result.user && result.user != "git" # tokens or other data may be saved as user
+    result.user = '*****' if result.user && result.user != 'git' # tokens or other data may be saved as user
     result.to_s
   end
 
diff --git a/changelogs/unreleased/bvl-mark-remote-mirrors-as-failed-sooner.yml b/changelogs/unreleased/bvl-mark-remote-mirrors-as-failed-sooner.yml
new file mode 100644
index 00000000000..1db0a4952b2
--- /dev/null
+++ b/changelogs/unreleased/bvl-mark-remote-mirrors-as-failed-sooner.yml
@@ -0,0 +1,5 @@
+---
+title: Mark push mirrors as failed after 1 hour
+merge_request: 30999
+author:
+type: changed
diff --git a/spec/models/remote_mirror_spec.rb b/spec/models/remote_mirror_spec.rb
index e14b19db915..687b0935c55 100644
--- a/spec/models/remote_mirror_spec.rb
+++ b/spec/models/remote_mirror_spec.rb
@@ -113,7 +113,7 @@ describe RemoteMirror, :mailer do
 
         remote_mirror = create(:remote_mirror)
 
-        expect(remote_mirror.remote_name).to eq("remote_mirror_secret")
+        expect(remote_mirror.remote_name).to eq('remote_mirror_secret')
       end
     end
 
@@ -201,11 +201,20 @@ describe RemoteMirror, :mailer do
   end
 
   context 'stuck mirrors' do
-    it 'includes mirrors stuck in started with no last_update_at set' do
+    it 'includes mirrors that were started over an hour ago' do
+      mirror = create_mirror(url: 'http://cantbeblank',
+                             update_status: 'started',
+                             last_update_at: 3.hours.ago,
+                             updated_at: 2.hours.ago)
+
+      expect(described_class.stuck.last).to eq(mirror)
+    end
+
+    it 'includes mirrors started over 3 hours ago for their first sync' do
       mirror = create_mirror(url: 'http://cantbeblank',
                              update_status: 'started',
                              last_update_at: nil,
-                             updated_at: 25.hours.ago)
+                             updated_at: 4.hours.ago)
 
       expect(described_class.stuck.last).to eq(mirror)
     end
-- 
cgit v1.2.1


From c25ef8ee4a0f480603d7582648cc15f874d61172 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Mon, 22 Jul 2019 08:39:30 -0700
Subject: Remove PostgreSQL opclasses monkey patch

This is no longer needed with Rails 5.2. opclass is the attribute used
per https://github.com/rails/rails/pull/19090/files.

Now that we've removed the monkey patch and restored the Rails schema
dumper, it appears Rails has dropped the inclusion of `using: :btree` as
well (https://github.com/rails/rails/pull/27981).

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/64529
---
 .../initializers/postgresql_opclasses_support.rb   |  211 ----
 db/migrate/20171230123729_init_schema.rb           |   38 +-
 db/migrate/20190206193120_add_index_to_tags.rb     |    2 +-
 db/schema.rb                                       | 1324 ++++++++++----------
 4 files changed, 682 insertions(+), 893 deletions(-)
 delete mode 100644 config/initializers/postgresql_opclasses_support.rb

diff --git a/config/initializers/postgresql_opclasses_support.rb b/config/initializers/postgresql_opclasses_support.rb
deleted file mode 100644
index 7e912180820..00000000000
--- a/config/initializers/postgresql_opclasses_support.rb
+++ /dev/null
@@ -1,211 +0,0 @@
-# rubocop:disable all
-
-# These changes add support for PostgreSQL operator classes when creating
-# indexes and dumping/loading schemas. Taken from Rails pull request
-# https://github.com/rails/rails/pull/19090.
-#
-# License:
-#
-# Copyright (c) 2004-2016 David Heinemeier Hansson
-#
-# Permission is hereby granted, free of charge, to any person obtaining
-# a copy of this software and associated documentation files (the
-# "Software"), to deal in the Software without restriction, including
-# without limitation the rights to use, copy, modify, merge, publish,
-# distribute, sublicense, and/or sell copies of the Software, and to
-# permit persons to whom the Software is furnished to do so, subject to
-# the following conditions:
-#
-# The above copyright notice and this permission notice shall be
-# included in all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-require 'date'
-require 'set'
-require 'bigdecimal'
-require 'bigdecimal/util'
-
-# As the Struct definition is changed in this PR/patch we have to first remove
-# the existing one.
-ActiveRecord::ConnectionAdapters.send(:remove_const, :IndexDefinition)
-
-module ActiveRecord
-  module ConnectionAdapters #:nodoc:
-    # Abstract representation of an index definition on a table. Instances of
-    # this type are typically created and returned by methods in database
-    # adapters. e.g. ActiveRecord::ConnectionAdapters::AbstractMysqlAdapter#indexes
-    attrs = [:table, :name, :unique, :columns, :lengths, :orders, :where, :type, :using, :comment, :opclasses]
-
-    class IndexDefinition < Struct.new(*attrs) #:nodoc:
-    end
-  end
-end
-
-
-module ActiveRecord
-  module ConnectionAdapters # :nodoc:
-    module SchemaStatements
-      def add_index_options(table_name, column_name, options = {}) #:nodoc:
-        column_names = Array(column_name)
-        index_name   = index_name(table_name, column: column_names)
-
-        options.assert_valid_keys(:unique, :order, :name, :where, :length, :internal, :using, :algorithm, :type, :opclasses)
-
-        index_type = options[:unique] ? "UNIQUE" : ""
-        index_type = options[:type].to_s if options.key?(:type)
-        index_name = options[:name].to_s if options.key?(:name)
-        max_index_length = options.fetch(:internal, false) ? index_name_length : allowed_index_name_length
-
-        if options.key?(:algorithm)
-          algorithm = index_algorithms.fetch(options[:algorithm]) {
-            raise ArgumentError.new("Algorithm must be one of the following: #{index_algorithms.keys.map(&:inspect).join(', ')}")
-          }
-        end
-
-        using = "USING #{options[:using]}" if options[:using].present?
-
-        if supports_partial_index?
-          index_options = options[:where] ? " WHERE #{options[:where]}" : ""
-        end
-
-        if index_name.length > max_index_length
-          raise ArgumentError, "Index name '#{index_name}' on table '#{table_name}' is too long; the limit is #{max_index_length} characters"
-        end
-        if data_source_exists?(table_name) && index_name_exists?(table_name, index_name)
-          raise ArgumentError, "Index name '#{index_name}' on table '#{table_name}' already exists"
-        end
-        index_columns = quoted_columns_for_index(column_names, options).join(", ")
-
-        [index_name, index_type, index_columns, index_options, algorithm, using]
-      end
-    end
-  end
-end
-
-module ActiveRecord
-  module ConnectionAdapters
-    module PostgreSQL
-      module SchemaStatements
-        # Returns an array of indexes for the given table.
-        def indexes(table_name, name = nil)
-           result = query(<<-SQL, 'SCHEMA')
-             SELECT distinct i.relname, d.indisunique, d.indkey, pg_get_indexdef(d.indexrelid), t.oid
-             FROM pg_class t
-             INNER JOIN pg_index d ON t.oid = d.indrelid
-             INNER JOIN pg_class i ON d.indexrelid = i.oid
-             WHERE i.relkind = 'i'
-               AND d.indisprimary = 'f'
-               AND t.relname = '#{table_name}'
-               AND i.relnamespace IN (SELECT oid FROM pg_namespace WHERE nspname = ANY (current_schemas(false)) )
-            ORDER BY i.relname
-          SQL
-
-          result.map do |row|
-            index_name = row[0]
-            unique = row[1]
-            indkey = row[2].split(" ").map(&:to_i)
-            inddef = row[3]
-            oid = row[4]
-
-            columns = Hash[query(<<-SQL, "SCHEMA")]
-            SELECT a.attnum, a.attname
-            FROM pg_attribute a
-            WHERE a.attrelid = #{oid}
-            AND a.attnum IN (#{indkey.join(",")})
-            SQL
-
-            column_names = columns.values_at(*indkey).compact
-
-            unless column_names.empty?
-              # add info on sort order for columns (only desc order is explicitly specified, asc is the default)
-              desc_order_columns = inddef.scan(/(\w+) DESC/).flatten
-              orders = desc_order_columns.any? ? Hash[desc_order_columns.map {|order_column| [order_column, :desc]}] : {}
-              where = inddef.scan(/WHERE (.+)$/).flatten[0]
-              using = inddef.scan(/USING (.+?) /).flatten[0].to_sym
-              opclasses = Hash[inddef.scan(/\((.+?)\)(?:$| WHERE )/).flatten[0].split(',').map do |column_and_opclass|
-                column, opclass = column_and_opclass.split(' ').map(&:strip)
-              end.reject do |column, opclass|
-                ['desc', 'asc'].include?(opclass&.downcase)
-              end.map do |column, opclass|
-                [column, opclass] if opclass
-              end.compact]
-
-              index_attrs = [table_name, index_name, unique, column_names, [], orders, where, nil, using, nil, opclasses]
-
-              IndexDefinition.new(*index_attrs)
-            end
-          end.compact
-        end
-
-        def add_index(table_name, column_name, options = {}) #:nodoc:
-          index_name, index_type, index_columns_and_opclasses, index_options, index_algorithm, index_using = add_index_options(table_name, column_name, options)
-          execute "CREATE #{index_type} INDEX #{index_algorithm} #{quote_column_name(index_name)} ON #{quote_table_name(table_name)} #{index_using} (#{index_columns_and_opclasses})#{index_options}"
-        end
-
-        protected
-
-          def quoted_columns_for_index(column_names, options = {})
-            column_opclasses = options[:opclasses] || {}
-            column_names.map {|name| "#{quote_column_name(name)} #{column_opclasses[name]}"}
-
-            quoted_columns = Hash[column_names.map { |name| [name.to_sym, "#{quote_column_name(name)} #{column_opclasses[name]}"] }]
-            add_options_for_index_columns(quoted_columns, options).values
-          end
-      end
-    end
-  end
-end
-
-module ActiveRecord
-  class SchemaDumper
-    private
-
-      def indexes(table, stream)
-        if (indexes = @connection.indexes(table)).any?
-          add_index_statements = indexes.map do |index|
-            table_name = remove_prefix_and_suffix(index.table).inspect
-            "  add_index #{([table_name]+index_parts(index)).join(', ')}"
-          end
-
-          stream.puts add_index_statements.sort.join("\n")
-          stream.puts
-        end
-      end
-
-      def indexes_in_create(table, stream)
-        if (indexes = @connection.indexes(table)).any?
-          index_statements = indexes.map do |index|
-            "    t.index #{index_parts(index).join(', ')}"
-          end
-          stream.puts index_statements.sort.join("\n")
-        end
-      end
-
-      def index_parts(index)
-        index_parts = [
-          index.columns.inspect,
-          "name: #{index.name.inspect}",
-        ]
-        index_parts << "unique: true" if index.unique
-        index_parts << "length: { #{format_options(index.lengths)} }" if index.lengths.present?
-        index_parts << "order: { #{format_options(index.orders)} }" if index.orders.present?
-        index_parts << "where: #{index.where.inspect}" if index.where
-        index_parts << "using: #{index.using.inspect}" if index.using
-        index_parts << "type: #{index.type.inspect}" if index.type
-        index_parts << "opclasses: #{index.opclasses.inspect}" if index.opclasses.present?
-        index_parts << "comment: #{index.comment.inspect}" if index.comment
-        index_parts
-      end
-
-      def format_options(options)
-        options.map { |key, value| "#{key}: #{value.inspect}" }.join(", ")
-      end
-  end
-end
diff --git a/db/migrate/20171230123729_init_schema.rb b/db/migrate/20171230123729_init_schema.rb
index ae7541f2475..fa90b37954f 100644
--- a/db/migrate/20171230123729_init_schema.rb
+++ b/db/migrate/20171230123729_init_schema.rb
@@ -788,7 +788,7 @@ class InitSchema < ActiveRecord::Migration[4.2]
       t.datetime_with_timezone "closed_at"
       t.index ["author_id"], name: "index_issues_on_author_id", using: :btree
       t.index ["confidential"], name: "index_issues_on_confidential", using: :btree
-      t.index ["description"], name: "index_issues_on_description_trigram", using: :gin, opclasses: {"description"=>"gin_trgm_ops"}
+      t.index ["description"], name: "index_issues_on_description_trigram", using: :gin, opclass: {"description"=>"gin_trgm_ops"}
       t.index ["milestone_id"], name: "index_issues_on_milestone_id", using: :btree
       t.index ["moved_to_id"], name: "index_issues_on_moved_to_id", where: "(moved_to_id IS NOT NULL)", using: :btree
       t.index ["project_id", "created_at", "id", "state"], name: "index_issues_on_project_id_and_created_at_and_id_and_state", using: :btree
@@ -797,7 +797,7 @@ class InitSchema < ActiveRecord::Migration[4.2]
       t.index ["project_id", "updated_at", "id", "state"], name: "index_issues_on_project_id_and_updated_at_and_id_and_state", using: :btree
       t.index ["relative_position"], name: "index_issues_on_relative_position", using: :btree
       t.index ["state"], name: "index_issues_on_state", using: :btree
-      t.index ["title"], name: "index_issues_on_title_trigram", using: :gin, opclasses: {"title"=>"gin_trgm_ops"}
+      t.index ["title"], name: "index_issues_on_title_trigram", using: :gin, opclass: {"title"=>"gin_trgm_ops"}
       t.index ["updated_by_id"], name: "index_issues_on_updated_by_id", where: "(updated_by_id IS NOT NULL)", using: :btree
     end
     create_table "keys", id: :serial do |t|
@@ -989,7 +989,7 @@ class InitSchema < ActiveRecord::Migration[4.2]
       t.index ["assignee_id"], name: "index_merge_requests_on_assignee_id", using: :btree
       t.index ["author_id"], name: "index_merge_requests_on_author_id", using: :btree
       t.index ["created_at"], name: "index_merge_requests_on_created_at", using: :btree
-      t.index ["description"], name: "index_merge_requests_on_description_trigram", using: :gin, opclasses: {"description"=>"gin_trgm_ops"}
+      t.index ["description"], name: "index_merge_requests_on_description_trigram", using: :gin, opclass: {"description"=>"gin_trgm_ops"}
       t.index ["head_pipeline_id"], name: "index_merge_requests_on_head_pipeline_id", using: :btree
       t.index ["latest_merge_request_diff_id"], name: "index_merge_requests_on_latest_merge_request_diff_id", using: :btree
       t.index ["merge_user_id"], name: "index_merge_requests_on_merge_user_id", where: "(merge_user_id IS NOT NULL)", using: :btree
@@ -1001,7 +1001,7 @@ class InitSchema < ActiveRecord::Migration[4.2]
       t.index ["target_project_id", "iid"], name: "index_merge_requests_on_target_project_id_and_iid", unique: true, using: :btree
       t.index ["target_project_id", "merge_commit_sha", "id"], name: "index_merge_requests_on_tp_id_and_merge_commit_sha_and_id", using: :btree
       t.index ["title"], name: "index_merge_requests_on_title", using: :btree
-      t.index ["title"], name: "index_merge_requests_on_title_trigram", using: :gin, opclasses: {"title"=>"gin_trgm_ops"}
+      t.index ["title"], name: "index_merge_requests_on_title_trigram", using: :gin, opclass: {"title"=>"gin_trgm_ops"}
       t.index ["updated_by_id"], name: "index_merge_requests_on_updated_by_id", where: "(updated_by_id IS NOT NULL)", using: :btree
     end
     create_table "merge_requests_closing_issues", id: :serial do |t|
@@ -1026,12 +1026,12 @@ class InitSchema < ActiveRecord::Migration[4.2]
       t.date "start_date"
       t.integer "cached_markdown_version"
       t.integer "group_id"
-      t.index ["description"], name: "index_milestones_on_description_trigram", using: :gin, opclasses: {"description"=>"gin_trgm_ops"}
+      t.index ["description"], name: "index_milestones_on_description_trigram", using: :gin, opclass: {"description"=>"gin_trgm_ops"}
       t.index ["due_date"], name: "index_milestones_on_due_date", using: :btree
       t.index ["group_id"], name: "index_milestones_on_group_id", using: :btree
       t.index ["project_id", "iid"], name: "index_milestones_on_project_id_and_iid", unique: true, using: :btree
       t.index ["title"], name: "index_milestones_on_title", using: :btree
-      t.index ["title"], name: "index_milestones_on_title_trigram", using: :gin, opclasses: {"title"=>"gin_trgm_ops"}
+      t.index ["title"], name: "index_milestones_on_title_trigram", using: :gin, opclass: {"title"=>"gin_trgm_ops"}
     end
     create_table "namespaces", id: :serial do |t|
       t.string "name", null: false
@@ -1054,11 +1054,11 @@ class InitSchema < ActiveRecord::Migration[4.2]
       t.string "runners_token"
       t.index ["created_at"], name: "index_namespaces_on_created_at", using: :btree
       t.index ["name", "parent_id"], name: "index_namespaces_on_name_and_parent_id", unique: true, using: :btree
-      t.index ["name"], name: "index_namespaces_on_name_trigram", using: :gin, opclasses: {"name"=>"gin_trgm_ops"}
+      t.index ["name"], name: "index_namespaces_on_name_trigram", using: :gin, opclass: {"name"=>"gin_trgm_ops"}
       t.index ["owner_id"], name: "index_namespaces_on_owner_id", using: :btree
       t.index ["parent_id", "id"], name: "index_namespaces_on_parent_id_and_id", unique: true, using: :btree
       t.index ["path"], name: "index_namespaces_on_path", using: :btree
-      t.index ["path"], name: "index_namespaces_on_path_trigram", using: :gin, opclasses: {"path"=>"gin_trgm_ops"}
+      t.index ["path"], name: "index_namespaces_on_path_trigram", using: :gin, opclass: {"path"=>"gin_trgm_ops"}
       t.index ["require_two_factor_authentication"], name: "index_namespaces_on_require_two_factor_authentication", using: :btree
       t.index ["type"], name: "index_namespaces_on_type", using: :btree
     end
@@ -1091,7 +1091,7 @@ class InitSchema < ActiveRecord::Migration[4.2]
       t.index ["created_at"], name: "index_notes_on_created_at", using: :btree
       t.index ["discussion_id"], name: "index_notes_on_discussion_id", using: :btree
       t.index ["line_code"], name: "index_notes_on_line_code", using: :btree
-      t.index ["note"], name: "index_notes_on_note_trigram", using: :gin, opclasses: {"note"=>"gin_trgm_ops"}
+      t.index ["note"], name: "index_notes_on_note_trigram", using: :gin, opclass: {"note"=>"gin_trgm_ops"}
       t.index ["noteable_id", "noteable_type"], name: "index_notes_on_noteable_id_and_noteable_type", using: :btree
       t.index ["noteable_type"], name: "index_notes_on_noteable_type", using: :btree
       t.index ["project_id", "noteable_type"], name: "index_notes_on_project_id_and_noteable_type", using: :btree
@@ -1304,14 +1304,14 @@ class InitSchema < ActiveRecord::Migration[4.2]
       t.index ["ci_id"], name: "index_projects_on_ci_id", using: :btree
       t.index ["created_at"], name: "index_projects_on_created_at", using: :btree
       t.index ["creator_id"], name: "index_projects_on_creator_id", using: :btree
-      t.index ["description"], name: "index_projects_on_description_trigram", using: :gin, opclasses: {"description"=>"gin_trgm_ops"}
+      t.index ["description"], name: "index_projects_on_description_trigram", using: :gin, opclass: {"description"=>"gin_trgm_ops"}
       t.index ["last_activity_at"], name: "index_projects_on_last_activity_at", using: :btree
       t.index ["last_repository_check_failed"], name: "index_projects_on_last_repository_check_failed", using: :btree
       t.index ["last_repository_updated_at"], name: "index_projects_on_last_repository_updated_at", using: :btree
-      t.index ["name"], name: "index_projects_on_name_trigram", using: :gin, opclasses: {"name"=>"gin_trgm_ops"}
+      t.index ["name"], name: "index_projects_on_name_trigram", using: :gin, opclass: {"name"=>"gin_trgm_ops"}
       t.index ["namespace_id"], name: "index_projects_on_namespace_id", using: :btree
       t.index ["path"], name: "index_projects_on_path", using: :btree
-      t.index ["path"], name: "index_projects_on_path_trigram", using: :gin, opclasses: {"path"=>"gin_trgm_ops"}
+      t.index ["path"], name: "index_projects_on_path_trigram", using: :gin, opclass: {"path"=>"gin_trgm_ops"}
       t.index ["pending_delete"], name: "index_projects_on_pending_delete", using: :btree
       t.index ["repository_storage"], name: "index_projects_on_repository_storage", using: :btree
       t.index ["runners_token"], name: "index_projects_on_runners_token", using: :btree
@@ -1375,7 +1375,7 @@ class InitSchema < ActiveRecord::Migration[4.2]
       t.datetime "updated_at", null: false
       t.boolean "permanent"
       t.index ["path"], name: "index_redirect_routes_on_path", unique: true, using: :btree
-      t.index ["path"], name: "index_redirect_routes_on_path_text_pattern_ops", using: :btree, opclasses: {"path"=>"varchar_pattern_ops"}
+      t.index ["path"], name: "index_redirect_routes_on_path_text_pattern_ops", using: :btree, opclass: {"path"=>"varchar_pattern_ops"}
       t.index ["permanent"], name: "index_redirect_routes_on_permanent", using: :btree
       t.index ["source_type", "source_id"], name: "index_redirect_routes_on_source_type_and_source_id", using: :btree
     end
@@ -1398,7 +1398,7 @@ class InitSchema < ActiveRecord::Migration[4.2]
       t.datetime "updated_at"
       t.string "name"
       t.index ["path"], name: "index_routes_on_path", unique: true, using: :btree
-      t.index ["path"], name: "index_routes_on_path_text_pattern_ops", using: :btree, opclasses: {"path"=>"varchar_pattern_ops"}
+      t.index ["path"], name: "index_routes_on_path_text_pattern_ops", using: :btree, opclass: {"path"=>"varchar_pattern_ops"}
       t.index ["source_type", "source_id"], name: "index_routes_on_source_type_and_source_id", unique: true, using: :btree
     end
     create_table "sent_notifications", id: :serial do |t|
@@ -1454,9 +1454,9 @@ class InitSchema < ActiveRecord::Migration[4.2]
       t.text "description"
       t.text "description_html"
       t.index ["author_id"], name: "index_snippets_on_author_id", using: :btree
-      t.index ["file_name"], name: "index_snippets_on_file_name_trigram", using: :gin, opclasses: {"file_name"=>"gin_trgm_ops"}
+      t.index ["file_name"], name: "index_snippets_on_file_name_trigram", using: :gin, opclass: {"file_name"=>"gin_trgm_ops"}
       t.index ["project_id"], name: "index_snippets_on_project_id", using: :btree
-      t.index ["title"], name: "index_snippets_on_title_trigram", using: :gin, opclasses: {"title"=>"gin_trgm_ops"}
+      t.index ["title"], name: "index_snippets_on_title_trigram", using: :gin, opclass: {"title"=>"gin_trgm_ops"}
       t.index ["updated_at"], name: "index_snippets_on_updated_at", using: :btree
       t.index ["visibility_level"], name: "index_snippets_on_visibility_level", using: :btree
     end
@@ -1663,16 +1663,16 @@ class InitSchema < ActiveRecord::Migration[4.2]
       t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true, using: :btree
       t.index ["created_at"], name: "index_users_on_created_at", using: :btree
       t.index ["email"], name: "index_users_on_email", unique: true, using: :btree
-      t.index ["email"], name: "index_users_on_email_trigram", using: :gin, opclasses: {"email"=>"gin_trgm_ops"}
+      t.index ["email"], name: "index_users_on_email_trigram", using: :gin, opclass: {"email"=>"gin_trgm_ops"}
       t.index ["ghost"], name: "index_users_on_ghost", using: :btree
       t.index ["incoming_email_token"], name: "index_users_on_incoming_email_token", using: :btree
       t.index ["name"], name: "index_users_on_name", using: :btree
-      t.index ["name"], name: "index_users_on_name_trigram", using: :gin, opclasses: {"name"=>"gin_trgm_ops"}
+      t.index ["name"], name: "index_users_on_name_trigram", using: :gin, opclass: {"name"=>"gin_trgm_ops"}
       t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true, using: :btree
       t.index ["rss_token"], name: "index_users_on_rss_token", using: :btree
       t.index ["state"], name: "index_users_on_state", using: :btree
       t.index ["username"], name: "index_users_on_username", using: :btree
-      t.index ["username"], name: "index_users_on_username_trigram", using: :gin, opclasses: {"username"=>"gin_trgm_ops"}
+      t.index ["username"], name: "index_users_on_username_trigram", using: :gin, opclass: {"username"=>"gin_trgm_ops"}
     end
     create_table "users_star_projects", id: :serial do |t|
       t.integer "project_id", null: false
diff --git a/db/migrate/20190206193120_add_index_to_tags.rb b/db/migrate/20190206193120_add_index_to_tags.rb
index 5257ebba003..d6c0270cb4f 100644
--- a/db/migrate/20190206193120_add_index_to_tags.rb
+++ b/db/migrate/20190206193120_add_index_to_tags.rb
@@ -9,7 +9,7 @@ class AddIndexToTags < ActiveRecord::Migration[5.0]
   disable_ddl_transaction!
 
   def up
-    add_concurrent_index :tags, :name, name: INDEX_NAME, using: :gin, opclasses: { name: :gin_trgm_ops }
+    add_concurrent_index :tags, :name, name: INDEX_NAME, using: :gin, opclass: { name: :gin_trgm_ops }
   end
 
   def down
diff --git a/db/schema.rb b/db/schema.rb
index 681353121db..f42a4c600ea 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -228,16 +228,16 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "lock_memberships_to_ldap", default: false, null: false
     t.boolean "time_tracking_limit_to_hours", default: false, null: false
     t.string "grafana_url", default: "/-/grafana", null: false
-    t.index ["custom_project_templates_group_id"], name: "index_application_settings_on_custom_project_templates_group_id", using: :btree
-    t.index ["file_template_project_id"], name: "index_application_settings_on_file_template_project_id", using: :btree
-    t.index ["usage_stats_set_by_user_id"], name: "index_application_settings_on_usage_stats_set_by_user_id", using: :btree
+    t.index ["custom_project_templates_group_id"], name: "index_application_settings_on_custom_project_templates_group_id"
+    t.index ["file_template_project_id"], name: "index_application_settings_on_file_template_project_id"
+    t.index ["usage_stats_set_by_user_id"], name: "index_application_settings_on_usage_stats_set_by_user_id"
   end
 
   create_table "approval_merge_request_rule_sources", force: :cascade do |t|
     t.bigint "approval_merge_request_rule_id", null: false
     t.bigint "approval_project_rule_id", null: false
-    t.index ["approval_merge_request_rule_id"], name: "index_approval_merge_request_rule_sources_1", unique: true, using: :btree
-    t.index ["approval_project_rule_id"], name: "index_approval_merge_request_rule_sources_2", using: :btree
+    t.index ["approval_merge_request_rule_id"], name: "index_approval_merge_request_rule_sources_1", unique: true
+    t.index ["approval_project_rule_id"], name: "index_approval_merge_request_rule_sources_2"
   end
 
   create_table "approval_merge_request_rules", force: :cascade do |t|
@@ -249,31 +249,31 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "name", null: false
     t.integer "rule_type", limit: 2, default: 1, null: false
     t.integer "report_type", limit: 2
-    t.index ["merge_request_id", "code_owner", "name"], name: "approval_rule_name_index_for_code_owners", unique: true, where: "(code_owner = true)", using: :btree
-    t.index ["merge_request_id", "code_owner"], name: "index_approval_merge_request_rules_1", using: :btree
-    t.index ["merge_request_id", "rule_type", "name"], name: "index_approval_rule_name_for_code_owners_rule_type", unique: true, where: "(rule_type = 2)", using: :btree
-    t.index ["merge_request_id", "rule_type"], name: "index_approval_rules_code_owners_rule_type", where: "(rule_type = 2)", using: :btree
+    t.index ["merge_request_id", "code_owner", "name"], name: "approval_rule_name_index_for_code_owners", unique: true, where: "(code_owner = true)"
+    t.index ["merge_request_id", "code_owner"], name: "index_approval_merge_request_rules_1"
+    t.index ["merge_request_id", "rule_type", "name"], name: "index_approval_rule_name_for_code_owners_rule_type", unique: true, where: "(rule_type = 2)"
+    t.index ["merge_request_id", "rule_type"], name: "index_approval_rules_code_owners_rule_type", where: "(rule_type = 2)"
   end
 
   create_table "approval_merge_request_rules_approved_approvers", force: :cascade do |t|
     t.bigint "approval_merge_request_rule_id", null: false
     t.integer "user_id", null: false
-    t.index ["approval_merge_request_rule_id", "user_id"], name: "index_approval_merge_request_rules_approved_approvers_1", unique: true, using: :btree
-    t.index ["user_id"], name: "index_approval_merge_request_rules_approved_approvers_2", using: :btree
+    t.index ["approval_merge_request_rule_id", "user_id"], name: "index_approval_merge_request_rules_approved_approvers_1", unique: true
+    t.index ["user_id"], name: "index_approval_merge_request_rules_approved_approvers_2"
   end
 
   create_table "approval_merge_request_rules_groups", force: :cascade do |t|
     t.bigint "approval_merge_request_rule_id", null: false
     t.integer "group_id", null: false
-    t.index ["approval_merge_request_rule_id", "group_id"], name: "index_approval_merge_request_rules_groups_1", unique: true, using: :btree
-    t.index ["group_id"], name: "index_approval_merge_request_rules_groups_2", using: :btree
+    t.index ["approval_merge_request_rule_id", "group_id"], name: "index_approval_merge_request_rules_groups_1", unique: true
+    t.index ["group_id"], name: "index_approval_merge_request_rules_groups_2"
   end
 
   create_table "approval_merge_request_rules_users", force: :cascade do |t|
     t.bigint "approval_merge_request_rule_id", null: false
     t.integer "user_id", null: false
-    t.index ["approval_merge_request_rule_id", "user_id"], name: "index_approval_merge_request_rules_users_1", unique: true, using: :btree
-    t.index ["user_id"], name: "index_approval_merge_request_rules_users_2", using: :btree
+    t.index ["approval_merge_request_rule_id", "user_id"], name: "index_approval_merge_request_rules_users_1", unique: true
+    t.index ["user_id"], name: "index_approval_merge_request_rules_users_2"
   end
 
   create_table "approval_project_rules", force: :cascade do |t|
@@ -283,22 +283,22 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "approvals_required", limit: 2, default: 0, null: false
     t.string "name", null: false
     t.integer "rule_type", limit: 2, default: 0, null: false
-    t.index ["project_id"], name: "index_approval_project_rules_on_project_id", using: :btree
-    t.index ["rule_type"], name: "index_approval_project_rules_on_rule_type", using: :btree
+    t.index ["project_id"], name: "index_approval_project_rules_on_project_id"
+    t.index ["rule_type"], name: "index_approval_project_rules_on_rule_type"
   end
 
   create_table "approval_project_rules_groups", force: :cascade do |t|
     t.bigint "approval_project_rule_id", null: false
     t.integer "group_id", null: false
-    t.index ["approval_project_rule_id", "group_id"], name: "index_approval_project_rules_groups_1", unique: true, using: :btree
-    t.index ["group_id"], name: "index_approval_project_rules_groups_2", using: :btree
+    t.index ["approval_project_rule_id", "group_id"], name: "index_approval_project_rules_groups_1", unique: true
+    t.index ["group_id"], name: "index_approval_project_rules_groups_2"
   end
 
   create_table "approval_project_rules_users", force: :cascade do |t|
     t.bigint "approval_project_rule_id", null: false
     t.integer "user_id", null: false
-    t.index ["approval_project_rule_id", "user_id"], name: "index_approval_project_rules_users_1", unique: true, using: :btree
-    t.index ["user_id"], name: "index_approval_project_rules_users_2", using: :btree
+    t.index ["approval_project_rule_id", "user_id"], name: "index_approval_project_rules_users_1", unique: true
+    t.index ["user_id"], name: "index_approval_project_rules_users_2"
   end
 
   create_table "approvals", id: :serial, force: :cascade do |t|
@@ -306,8 +306,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "user_id", null: false
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.index ["merge_request_id"], name: "index_approvals_on_merge_request_id", using: :btree
-    t.index ["user_id", "merge_request_id"], name: "index_approvals_on_user_id_and_merge_request_id", unique: true, using: :btree
+    t.index ["merge_request_id"], name: "index_approvals_on_merge_request_id"
+    t.index ["user_id", "merge_request_id"], name: "index_approvals_on_user_id_and_merge_request_id", unique: true
   end
 
   create_table "approver_groups", id: :serial, force: :cascade do |t|
@@ -316,8 +316,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "group_id", null: false
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.index ["group_id"], name: "index_approver_groups_on_group_id", using: :btree
-    t.index ["target_id", "target_type"], name: "index_approver_groups_on_target_id_and_target_type", using: :btree
+    t.index ["group_id"], name: "index_approver_groups_on_group_id"
+    t.index ["target_id", "target_type"], name: "index_approver_groups_on_target_id_and_target_type"
   end
 
   create_table "approvers", id: :serial, force: :cascade do |t|
@@ -326,8 +326,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "user_id", null: false
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.index ["target_id", "target_type"], name: "index_approvers_on_target_id_and_target_type", using: :btree
-    t.index ["user_id"], name: "index_approvers_on_user_id", using: :btree
+    t.index ["target_id", "target_type"], name: "index_approvers_on_target_id_and_target_type"
+    t.index ["user_id"], name: "index_approvers_on_user_id"
   end
 
   create_table "audit_events", id: :serial, force: :cascade do |t|
@@ -338,8 +338,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "details"
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.index ["created_at", "author_id"], name: "analytics_index_audit_events_on_created_at_and_author_id", using: :btree
-    t.index ["entity_id", "entity_type"], name: "index_audit_events_on_entity_id_and_entity_type", using: :btree
+    t.index ["created_at", "author_id"], name: "analytics_index_audit_events_on_created_at_and_author_id"
+    t.index ["entity_id", "entity_type"], name: "index_audit_events_on_entity_id_and_entity_type"
   end
 
   create_table "award_emoji", id: :serial, force: :cascade do |t|
@@ -349,8 +349,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "awardable_type"
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.index ["awardable_type", "awardable_id"], name: "index_award_emoji_on_awardable_type_and_awardable_id", using: :btree
-    t.index ["user_id", "name"], name: "index_award_emoji_on_user_id_and_name", using: :btree
+    t.index ["awardable_type", "awardable_id"], name: "index_award_emoji_on_awardable_type_and_awardable_id"
+    t.index ["user_id", "name"], name: "index_award_emoji_on_user_id_and_name"
   end
 
   create_table "badges", id: :serial, force: :cascade do |t|
@@ -361,15 +361,15 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "type", null: false
     t.datetime_with_timezone "created_at", null: false
     t.datetime_with_timezone "updated_at", null: false
-    t.index ["group_id"], name: "index_badges_on_group_id", using: :btree
-    t.index ["project_id"], name: "index_badges_on_project_id", using: :btree
+    t.index ["group_id"], name: "index_badges_on_group_id"
+    t.index ["project_id"], name: "index_badges_on_project_id"
   end
 
   create_table "board_assignees", id: :serial, force: :cascade do |t|
     t.integer "board_id", null: false
     t.integer "assignee_id", null: false
-    t.index ["assignee_id"], name: "index_board_assignees_on_assignee_id", using: :btree
-    t.index ["board_id", "assignee_id"], name: "index_board_assignees_on_board_id_and_assignee_id", unique: true, using: :btree
+    t.index ["assignee_id"], name: "index_board_assignees_on_assignee_id"
+    t.index ["board_id", "assignee_id"], name: "index_board_assignees_on_board_id_and_assignee_id", unique: true
   end
 
   create_table "board_group_recent_visits", force: :cascade do |t|
@@ -378,17 +378,17 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "user_id"
     t.integer "board_id"
     t.integer "group_id"
-    t.index ["board_id"], name: "index_board_group_recent_visits_on_board_id", using: :btree
-    t.index ["group_id"], name: "index_board_group_recent_visits_on_group_id", using: :btree
-    t.index ["user_id", "group_id", "board_id"], name: "index_board_group_recent_visits_on_user_group_and_board", unique: true, using: :btree
-    t.index ["user_id"], name: "index_board_group_recent_visits_on_user_id", using: :btree
+    t.index ["board_id"], name: "index_board_group_recent_visits_on_board_id"
+    t.index ["group_id"], name: "index_board_group_recent_visits_on_group_id"
+    t.index ["user_id", "group_id", "board_id"], name: "index_board_group_recent_visits_on_user_group_and_board", unique: true
+    t.index ["user_id"], name: "index_board_group_recent_visits_on_user_id"
   end
 
   create_table "board_labels", id: :serial, force: :cascade do |t|
     t.integer "board_id", null: false
     t.integer "label_id", null: false
-    t.index ["board_id", "label_id"], name: "index_board_labels_on_board_id_and_label_id", unique: true, using: :btree
-    t.index ["label_id"], name: "index_board_labels_on_label_id", using: :btree
+    t.index ["board_id", "label_id"], name: "index_board_labels_on_board_id_and_label_id", unique: true
+    t.index ["label_id"], name: "index_board_labels_on_label_id"
   end
 
   create_table "board_project_recent_visits", force: :cascade do |t|
@@ -397,10 +397,10 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "user_id"
     t.integer "project_id"
     t.integer "board_id"
-    t.index ["board_id"], name: "index_board_project_recent_visits_on_board_id", using: :btree
-    t.index ["project_id"], name: "index_board_project_recent_visits_on_project_id", using: :btree
-    t.index ["user_id", "project_id", "board_id"], name: "index_board_project_recent_visits_on_user_project_and_board", unique: true, using: :btree
-    t.index ["user_id"], name: "index_board_project_recent_visits_on_user_id", using: :btree
+    t.index ["board_id"], name: "index_board_project_recent_visits_on_board_id"
+    t.index ["project_id"], name: "index_board_project_recent_visits_on_project_id"
+    t.index ["user_id", "project_id", "board_id"], name: "index_board_project_recent_visits_on_user_project_and_board", unique: true
+    t.index ["user_id"], name: "index_board_project_recent_visits_on_user_id"
   end
 
   create_table "boards", id: :serial, force: :cascade do |t|
@@ -411,9 +411,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "milestone_id"
     t.integer "group_id"
     t.integer "weight"
-    t.index ["group_id"], name: "index_boards_on_group_id", using: :btree
-    t.index ["milestone_id"], name: "index_boards_on_milestone_id", using: :btree
-    t.index ["project_id"], name: "index_boards_on_project_id", using: :btree
+    t.index ["group_id"], name: "index_boards_on_group_id"
+    t.index ["milestone_id"], name: "index_boards_on_milestone_id"
+    t.index ["project_id"], name: "index_boards_on_project_id"
   end
 
   create_table "broadcast_messages", id: :serial, force: :cascade do |t|
@@ -426,7 +426,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "font"
     t.text "message_html", null: false
     t.integer "cached_markdown_version"
-    t.index ["starts_at", "ends_at", "id"], name: "index_broadcast_messages_on_starts_at_and_ends_at_and_id", using: :btree
+    t.index ["starts_at", "ends_at", "id"], name: "index_broadcast_messages_on_starts_at_and_ends_at_and_id"
   end
 
   create_table "chat_names", id: :serial, force: :cascade do |t|
@@ -439,8 +439,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "last_used_at"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["service_id", "team_id", "chat_id"], name: "index_chat_names_on_service_id_and_team_id_and_chat_id", unique: true, using: :btree
-    t.index ["user_id", "service_id"], name: "index_chat_names_on_user_id_and_service_id", unique: true, using: :btree
+    t.index ["service_id", "team_id", "chat_id"], name: "index_chat_names_on_service_id_and_team_id_and_chat_id", unique: true
+    t.index ["user_id", "service_id"], name: "index_chat_names_on_user_id_and_service_id", unique: true
   end
 
   create_table "chat_teams", id: :serial, force: :cascade do |t|
@@ -449,7 +449,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "name"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["namespace_id"], name: "index_chat_teams_on_namespace_id", unique: true, using: :btree
+    t.index ["namespace_id"], name: "index_chat_teams_on_namespace_id", unique: true
   end
 
   create_table "ci_build_trace_chunks", force: :cascade do |t|
@@ -457,13 +457,13 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "chunk_index", null: false
     t.integer "data_store", null: false
     t.binary "raw_data"
-    t.index ["build_id", "chunk_index"], name: "index_ci_build_trace_chunks_on_build_id_and_chunk_index", unique: true, using: :btree
+    t.index ["build_id", "chunk_index"], name: "index_ci_build_trace_chunks_on_build_id_and_chunk_index", unique: true
   end
 
   create_table "ci_build_trace_section_names", id: :serial, force: :cascade do |t|
     t.integer "project_id", null: false
     t.string "name", null: false
-    t.index ["project_id", "name"], name: "index_ci_build_trace_section_names_on_project_id_and_name", unique: true, using: :btree
+    t.index ["project_id", "name"], name: "index_ci_build_trace_section_names_on_project_id_and_name", unique: true
   end
 
   create_table "ci_build_trace_sections", id: :serial, force: :cascade do |t|
@@ -474,9 +474,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.bigint "byte_end", null: false
     t.integer "build_id", null: false
     t.integer "section_name_id", null: false
-    t.index ["build_id", "section_name_id"], name: "index_ci_build_trace_sections_on_build_id_and_section_name_id", unique: true, using: :btree
-    t.index ["project_id"], name: "index_ci_build_trace_sections_on_project_id", using: :btree
-    t.index ["section_name_id"], name: "index_ci_build_trace_sections_on_section_name_id", using: :btree
+    t.index ["build_id", "section_name_id"], name: "index_ci_build_trace_sections_on_build_id_and_section_name_id", unique: true
+    t.index ["project_id"], name: "index_ci_build_trace_sections_on_project_id"
+    t.index ["section_name_id"], name: "index_ci_build_trace_sections_on_section_name_id"
   end
 
   create_table "ci_builds", id: :serial, force: :cascade do |t|
@@ -526,28 +526,28 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "scheduled_at"
     t.string "token_encrypted"
     t.integer "upstream_pipeline_id"
-    t.index ["artifacts_expire_at"], name: "index_ci_builds_on_artifacts_expire_at", where: "(artifacts_file <> ''::text)", using: :btree
-    t.index ["auto_canceled_by_id"], name: "index_ci_builds_on_auto_canceled_by_id", using: :btree
-    t.index ["commit_id", "artifacts_expire_at", "id"], name: "index_ci_builds_on_commit_id_and_artifacts_expireatandidpartial", where: "(((type)::text = 'Ci::Build'::text) AND ((retried = false) OR (retried IS NULL)) AND ((name)::text = ANY (ARRAY[('sast'::character varying)::text, ('dependency_scanning'::character varying)::text, ('sast:container'::character varying)::text, ('container_scanning'::character varying)::text, ('dast'::character varying)::text])))", using: :btree
-    t.index ["commit_id", "stage_idx", "created_at"], name: "index_ci_builds_on_commit_id_and_stage_idx_and_created_at", using: :btree
-    t.index ["commit_id", "status", "type"], name: "index_ci_builds_on_commit_id_and_status_and_type", using: :btree
-    t.index ["commit_id", "type", "name", "ref"], name: "index_ci_builds_on_commit_id_and_type_and_name_and_ref", using: :btree
-    t.index ["commit_id", "type", "ref"], name: "index_ci_builds_on_commit_id_and_type_and_ref", using: :btree
-    t.index ["name"], name: "index_ci_builds_on_name_for_security_products_values", where: "((name)::text = ANY (ARRAY[('container_scanning'::character varying)::text, ('dast'::character varying)::text, ('dependency_scanning'::character varying)::text, ('license_management'::character varying)::text, ('sast'::character varying)::text]))", using: :btree
-    t.index ["project_id", "id"], name: "index_ci_builds_on_project_id_and_id", using: :btree
-    t.index ["project_id", "status"], name: "index_ci_builds_project_id_and_status_for_live_jobs_partial2", where: "(((type)::text = 'Ci::Build'::text) AND ((status)::text = ANY (ARRAY[('running'::character varying)::text, ('pending'::character varying)::text, ('created'::character varying)::text])))", using: :btree
-    t.index ["protected"], name: "index_ci_builds_on_protected", using: :btree
-    t.index ["queued_at"], name: "index_ci_builds_on_queued_at", using: :btree
-    t.index ["runner_id"], name: "index_ci_builds_on_runner_id", using: :btree
-    t.index ["scheduled_at"], name: "partial_index_ci_builds_on_scheduled_at_with_scheduled_jobs", where: "((scheduled_at IS NOT NULL) AND ((type)::text = 'Ci::Build'::text) AND ((status)::text = 'scheduled'::text))", using: :btree
-    t.index ["stage_id", "stage_idx"], name: "tmp_build_stage_position_index", where: "(stage_idx IS NOT NULL)", using: :btree
-    t.index ["stage_id"], name: "index_ci_builds_on_stage_id", using: :btree
-    t.index ["status", "type", "runner_id"], name: "index_ci_builds_on_status_and_type_and_runner_id", using: :btree
-    t.index ["token"], name: "index_ci_builds_on_token", unique: true, using: :btree
-    t.index ["token_encrypted"], name: "index_ci_builds_on_token_encrypted", unique: true, where: "(token_encrypted IS NOT NULL)", using: :btree
-    t.index ["updated_at"], name: "index_ci_builds_on_updated_at", using: :btree
-    t.index ["upstream_pipeline_id"], name: "index_ci_builds_on_upstream_pipeline_id", where: "(upstream_pipeline_id IS NOT NULL)", using: :btree
-    t.index ["user_id"], name: "index_ci_builds_on_user_id", using: :btree
+    t.index ["artifacts_expire_at"], name: "index_ci_builds_on_artifacts_expire_at", where: "(artifacts_file <> ''::text)"
+    t.index ["auto_canceled_by_id"], name: "index_ci_builds_on_auto_canceled_by_id"
+    t.index ["commit_id", "artifacts_expire_at", "id"], name: "index_ci_builds_on_commit_id_and_artifacts_expireatandidpartial", where: "(((type)::text = 'Ci::Build'::text) AND ((retried = false) OR (retried IS NULL)) AND ((name)::text = ANY (ARRAY[('sast'::character varying)::text, ('dependency_scanning'::character varying)::text, ('sast:container'::character varying)::text, ('container_scanning'::character varying)::text, ('dast'::character varying)::text])))"
+    t.index ["commit_id", "stage_idx", "created_at"], name: "index_ci_builds_on_commit_id_and_stage_idx_and_created_at"
+    t.index ["commit_id", "status", "type"], name: "index_ci_builds_on_commit_id_and_status_and_type"
+    t.index ["commit_id", "type", "name", "ref"], name: "index_ci_builds_on_commit_id_and_type_and_name_and_ref"
+    t.index ["commit_id", "type", "ref"], name: "index_ci_builds_on_commit_id_and_type_and_ref"
+    t.index ["name"], name: "index_ci_builds_on_name_for_security_products_values", where: "((name)::text = ANY (ARRAY[('container_scanning'::character varying)::text, ('dast'::character varying)::text, ('dependency_scanning'::character varying)::text, ('license_management'::character varying)::text, ('sast'::character varying)::text]))"
+    t.index ["project_id", "id"], name: "index_ci_builds_on_project_id_and_id"
+    t.index ["project_id", "status"], name: "index_ci_builds_project_id_and_status_for_live_jobs_partial2", where: "(((type)::text = 'Ci::Build'::text) AND ((status)::text = ANY (ARRAY[('running'::character varying)::text, ('pending'::character varying)::text, ('created'::character varying)::text])))"
+    t.index ["protected"], name: "index_ci_builds_on_protected"
+    t.index ["queued_at"], name: "index_ci_builds_on_queued_at"
+    t.index ["runner_id"], name: "index_ci_builds_on_runner_id"
+    t.index ["scheduled_at"], name: "partial_index_ci_builds_on_scheduled_at_with_scheduled_jobs", where: "((scheduled_at IS NOT NULL) AND ((type)::text = 'Ci::Build'::text) AND ((status)::text = 'scheduled'::text))"
+    t.index ["stage_id", "stage_idx"], name: "tmp_build_stage_position_index", where: "(stage_idx IS NOT NULL)"
+    t.index ["stage_id"], name: "index_ci_builds_on_stage_id"
+    t.index ["status", "type", "runner_id"], name: "index_ci_builds_on_status_and_type_and_runner_id"
+    t.index ["token"], name: "index_ci_builds_on_token", unique: true
+    t.index ["token_encrypted"], name: "index_ci_builds_on_token_encrypted", unique: true, where: "(token_encrypted IS NOT NULL)"
+    t.index ["updated_at"], name: "index_ci_builds_on_updated_at"
+    t.index ["upstream_pipeline_id"], name: "index_ci_builds_on_upstream_pipeline_id", where: "(upstream_pipeline_id IS NOT NULL)"
+    t.index ["user_id"], name: "index_ci_builds_on_user_id"
   end
 
   create_table "ci_builds_metadata", id: :serial, force: :cascade do |t|
@@ -557,8 +557,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "timeout_source", default: 1, null: false
     t.jsonb "config_options"
     t.jsonb "config_variables"
-    t.index ["build_id"], name: "index_ci_builds_metadata_on_build_id", unique: true, using: :btree
-    t.index ["project_id"], name: "index_ci_builds_metadata_on_project_id", using: :btree
+    t.index ["build_id"], name: "index_ci_builds_metadata_on_build_id", unique: true
+    t.index ["project_id"], name: "index_ci_builds_metadata_on_project_id"
   end
 
   create_table "ci_builds_runner_session", force: :cascade do |t|
@@ -566,7 +566,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "url", null: false
     t.string "certificate"
     t.string "authorization"
-    t.index ["build_id"], name: "index_ci_builds_runner_session_on_build_id", unique: true, using: :btree
+    t.index ["build_id"], name: "index_ci_builds_runner_session_on_build_id", unique: true
   end
 
   create_table "ci_group_variables", id: :serial, force: :cascade do |t|
@@ -581,7 +581,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "updated_at", null: false
     t.boolean "masked", default: false, null: false
     t.integer "variable_type", limit: 2, default: 1, null: false
-    t.index ["group_id", "key"], name: "index_ci_group_variables_on_group_id_and_key", unique: true, using: :btree
+    t.index ["group_id", "key"], name: "index_ci_group_variables_on_group_id_and_key", unique: true
   end
 
   create_table "ci_job_artifacts", id: :serial, force: :cascade do |t|
@@ -597,18 +597,18 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.binary "file_sha256"
     t.integer "file_format", limit: 2
     t.integer "file_location", limit: 2
-    t.index ["expire_at", "job_id"], name: "index_ci_job_artifacts_on_expire_at_and_job_id", using: :btree
-    t.index ["file_store"], name: "index_ci_job_artifacts_on_file_store", using: :btree
-    t.index ["job_id", "file_type"], name: "index_ci_job_artifacts_on_job_id_and_file_type", unique: true, using: :btree
-    t.index ["project_id"], name: "index_ci_job_artifacts_on_project_id", using: :btree
+    t.index ["expire_at", "job_id"], name: "index_ci_job_artifacts_on_expire_at_and_job_id"
+    t.index ["file_store"], name: "index_ci_job_artifacts_on_file_store"
+    t.index ["job_id", "file_type"], name: "index_ci_job_artifacts_on_job_id_and_file_type", unique: true
+    t.index ["project_id"], name: "index_ci_job_artifacts_on_project_id"
   end
 
   create_table "ci_pipeline_chat_data", force: :cascade do |t|
     t.integer "pipeline_id", null: false
     t.integer "chat_name_id", null: false
     t.text "response_url", null: false
-    t.index ["chat_name_id"], name: "index_ci_pipeline_chat_data_on_chat_name_id", using: :btree
-    t.index ["pipeline_id"], name: "index_ci_pipeline_chat_data_on_pipeline_id", unique: true, using: :btree
+    t.index ["chat_name_id"], name: "index_ci_pipeline_chat_data_on_chat_name_id"
+    t.index ["pipeline_id"], name: "index_ci_pipeline_chat_data_on_pipeline_id", unique: true
   end
 
   create_table "ci_pipeline_schedule_variables", force: :cascade do |t|
@@ -621,7 +621,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "created_at"
     t.datetime_with_timezone "updated_at"
     t.integer "variable_type", limit: 2, default: 1, null: false
-    t.index ["pipeline_schedule_id", "key"], name: "index_ci_pipeline_schedule_variables_on_schedule_id_and_key", unique: true, using: :btree
+    t.index ["pipeline_schedule_id", "key"], name: "index_ci_pipeline_schedule_variables_on_schedule_id_and_key", unique: true
   end
 
   create_table "ci_pipeline_schedules", id: :serial, force: :cascade do |t|
@@ -635,9 +635,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "active", default: true
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.index ["next_run_at", "active"], name: "index_ci_pipeline_schedules_on_next_run_at_and_active", using: :btree
-    t.index ["owner_id"], name: "index_ci_pipeline_schedules_on_owner_id", using: :btree
-    t.index ["project_id"], name: "index_ci_pipeline_schedules_on_project_id", using: :btree
+    t.index ["next_run_at", "active"], name: "index_ci_pipeline_schedules_on_next_run_at_and_active"
+    t.index ["owner_id"], name: "index_ci_pipeline_schedules_on_owner_id"
+    t.index ["project_id"], name: "index_ci_pipeline_schedules_on_project_id"
   end
 
   create_table "ci_pipeline_variables", id: :serial, force: :cascade do |t|
@@ -648,7 +648,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "encrypted_value_iv"
     t.integer "pipeline_id", null: false
     t.integer "variable_type", limit: 2, default: 1, null: false
-    t.index ["pipeline_id", "key"], name: "index_ci_pipeline_variables_on_pipeline_id_and_key", unique: true, using: :btree
+    t.index ["pipeline_id", "key"], name: "index_ci_pipeline_variables_on_pipeline_id_and_key", unique: true
   end
 
   create_table "ci_pipelines", id: :serial, force: :cascade do |t|
@@ -677,25 +677,25 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "merge_request_id"
     t.binary "source_sha"
     t.binary "target_sha"
-    t.index ["auto_canceled_by_id"], name: "index_ci_pipelines_on_auto_canceled_by_id", using: :btree
-    t.index ["merge_request_id"], name: "index_ci_pipelines_on_merge_request_id", where: "(merge_request_id IS NOT NULL)", using: :btree
-    t.index ["pipeline_schedule_id"], name: "index_ci_pipelines_on_pipeline_schedule_id", using: :btree
-    t.index ["project_id", "iid"], name: "index_ci_pipelines_on_project_id_and_iid", unique: true, where: "(iid IS NOT NULL)", using: :btree
-    t.index ["project_id", "ref", "id"], name: "index_ci_pipelines_on_project_idandrefandiddesc", order: { id: :desc }, using: :btree
-    t.index ["project_id", "ref", "status", "id"], name: "index_ci_pipelines_on_project_id_and_ref_and_status_and_id", using: :btree
-    t.index ["project_id", "sha"], name: "index_ci_pipelines_on_project_id_and_sha", using: :btree
-    t.index ["project_id", "source"], name: "index_ci_pipelines_on_project_id_and_source", using: :btree
-    t.index ["project_id", "status", "config_source"], name: "index_ci_pipelines_on_project_id_and_status_and_config_source", using: :btree
-    t.index ["project_id"], name: "index_ci_pipelines_on_project_id", using: :btree
-    t.index ["status"], name: "index_ci_pipelines_on_status", using: :btree
-    t.index ["user_id"], name: "index_ci_pipelines_on_user_id", using: :btree
+    t.index ["auto_canceled_by_id"], name: "index_ci_pipelines_on_auto_canceled_by_id"
+    t.index ["merge_request_id"], name: "index_ci_pipelines_on_merge_request_id", where: "(merge_request_id IS NOT NULL)"
+    t.index ["pipeline_schedule_id"], name: "index_ci_pipelines_on_pipeline_schedule_id"
+    t.index ["project_id", "iid"], name: "index_ci_pipelines_on_project_id_and_iid", unique: true, where: "(iid IS NOT NULL)"
+    t.index ["project_id", "ref", "id"], name: "index_ci_pipelines_on_project_idandrefandiddesc", order: { id: :desc }
+    t.index ["project_id", "ref", "status", "id"], name: "index_ci_pipelines_on_project_id_and_ref_and_status_and_id"
+    t.index ["project_id", "sha"], name: "index_ci_pipelines_on_project_id_and_sha"
+    t.index ["project_id", "source"], name: "index_ci_pipelines_on_project_id_and_source"
+    t.index ["project_id", "status", "config_source"], name: "index_ci_pipelines_on_project_id_and_status_and_config_source"
+    t.index ["project_id"], name: "index_ci_pipelines_on_project_id"
+    t.index ["status"], name: "index_ci_pipelines_on_status"
+    t.index ["user_id"], name: "index_ci_pipelines_on_user_id"
   end
 
   create_table "ci_runner_namespaces", id: :serial, force: :cascade do |t|
     t.integer "runner_id"
     t.integer "namespace_id"
-    t.index ["namespace_id"], name: "index_ci_runner_namespaces_on_namespace_id", using: :btree
-    t.index ["runner_id", "namespace_id"], name: "index_ci_runner_namespaces_on_runner_id_and_namespace_id", unique: true, using: :btree
+    t.index ["namespace_id"], name: "index_ci_runner_namespaces_on_namespace_id"
+    t.index ["runner_id", "namespace_id"], name: "index_ci_runner_namespaces_on_runner_id_and_namespace_id", unique: true
   end
 
   create_table "ci_runner_projects", id: :serial, force: :cascade do |t|
@@ -703,8 +703,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "created_at"
     t.datetime "updated_at"
     t.integer "project_id"
-    t.index ["project_id"], name: "index_ci_runner_projects_on_project_id", using: :btree
-    t.index ["runner_id"], name: "index_ci_runner_projects_on_runner_id", using: :btree
+    t.index ["project_id"], name: "index_ci_runner_projects_on_project_id"
+    t.index ["runner_id"], name: "index_ci_runner_projects_on_runner_id"
   end
 
   create_table "ci_runners", id: :serial, force: :cascade do |t|
@@ -727,12 +727,12 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "maximum_timeout"
     t.integer "runner_type", limit: 2, null: false
     t.string "token_encrypted"
-    t.index ["contacted_at"], name: "index_ci_runners_on_contacted_at", using: :btree
-    t.index ["is_shared"], name: "index_ci_runners_on_is_shared", using: :btree
-    t.index ["locked"], name: "index_ci_runners_on_locked", using: :btree
-    t.index ["runner_type"], name: "index_ci_runners_on_runner_type", using: :btree
-    t.index ["token"], name: "index_ci_runners_on_token", using: :btree
-    t.index ["token_encrypted"], name: "index_ci_runners_on_token_encrypted", using: :btree
+    t.index ["contacted_at"], name: "index_ci_runners_on_contacted_at"
+    t.index ["is_shared"], name: "index_ci_runners_on_is_shared"
+    t.index ["locked"], name: "index_ci_runners_on_locked"
+    t.index ["runner_type"], name: "index_ci_runners_on_runner_type"
+    t.index ["token"], name: "index_ci_runners_on_token"
+    t.index ["token_encrypted"], name: "index_ci_runners_on_token_encrypted"
   end
 
   create_table "ci_sources_pipelines", id: :serial, force: :cascade do |t|
@@ -741,11 +741,11 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "source_project_id"
     t.integer "source_job_id"
     t.integer "source_pipeline_id"
-    t.index ["pipeline_id"], name: "index_ci_sources_pipelines_on_pipeline_id", using: :btree
-    t.index ["project_id"], name: "index_ci_sources_pipelines_on_project_id", using: :btree
-    t.index ["source_job_id"], name: "index_ci_sources_pipelines_on_source_job_id", using: :btree
-    t.index ["source_pipeline_id"], name: "index_ci_sources_pipelines_on_source_pipeline_id", using: :btree
-    t.index ["source_project_id"], name: "index_ci_sources_pipelines_on_source_project_id", using: :btree
+    t.index ["pipeline_id"], name: "index_ci_sources_pipelines_on_pipeline_id"
+    t.index ["project_id"], name: "index_ci_sources_pipelines_on_project_id"
+    t.index ["source_job_id"], name: "index_ci_sources_pipelines_on_source_job_id"
+    t.index ["source_pipeline_id"], name: "index_ci_sources_pipelines_on_source_pipeline_id"
+    t.index ["source_project_id"], name: "index_ci_sources_pipelines_on_source_project_id"
   end
 
   create_table "ci_stages", id: :serial, force: :cascade do |t|
@@ -757,10 +757,10 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "status"
     t.integer "lock_version"
     t.integer "position"
-    t.index ["pipeline_id", "name"], name: "index_ci_stages_on_pipeline_id_and_name", unique: true, using: :btree
-    t.index ["pipeline_id", "position"], name: "index_ci_stages_on_pipeline_id_and_position", using: :btree
-    t.index ["pipeline_id"], name: "index_ci_stages_on_pipeline_id", using: :btree
-    t.index ["project_id"], name: "index_ci_stages_on_project_id", using: :btree
+    t.index ["pipeline_id", "name"], name: "index_ci_stages_on_pipeline_id_and_name", unique: true
+    t.index ["pipeline_id", "position"], name: "index_ci_stages_on_pipeline_id_and_position"
+    t.index ["pipeline_id"], name: "index_ci_stages_on_pipeline_id"
+    t.index ["project_id"], name: "index_ci_stages_on_project_id"
   end
 
   create_table "ci_trigger_requests", id: :serial, force: :cascade do |t|
@@ -769,8 +769,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "created_at"
     t.datetime "updated_at"
     t.integer "commit_id"
-    t.index ["commit_id"], name: "index_ci_trigger_requests_on_commit_id", using: :btree
-    t.index ["trigger_id"], name: "index_ci_trigger_requests_on_trigger_id", using: :btree
+    t.index ["commit_id"], name: "index_ci_trigger_requests_on_commit_id"
+    t.index ["trigger_id"], name: "index_ci_trigger_requests_on_trigger_id"
   end
 
   create_table "ci_triggers", id: :serial, force: :cascade do |t|
@@ -781,8 +781,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "owner_id"
     t.string "description"
     t.string "ref"
-    t.index ["owner_id"], name: "index_ci_triggers_on_owner_id", using: :btree
-    t.index ["project_id"], name: "index_ci_triggers_on_project_id", using: :btree
+    t.index ["owner_id"], name: "index_ci_triggers_on_owner_id"
+    t.index ["project_id"], name: "index_ci_triggers_on_project_id"
   end
 
   create_table "ci_variables", id: :serial, force: :cascade do |t|
@@ -796,14 +796,14 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "environment_scope", default: "*", null: false
     t.boolean "masked", default: false, null: false
     t.integer "variable_type", limit: 2, default: 1, null: false
-    t.index ["project_id", "key", "environment_scope"], name: "index_ci_variables_on_project_id_and_key_and_environment_scope", unique: true, using: :btree
+    t.index ["project_id", "key", "environment_scope"], name: "index_ci_variables_on_project_id_and_key_and_environment_scope", unique: true
   end
 
   create_table "cluster_groups", id: :serial, force: :cascade do |t|
     t.integer "cluster_id", null: false
     t.integer "group_id", null: false
-    t.index ["cluster_id", "group_id"], name: "index_cluster_groups_on_cluster_id_and_group_id", unique: true, using: :btree
-    t.index ["group_id"], name: "index_cluster_groups_on_group_id", using: :btree
+    t.index ["cluster_id", "group_id"], name: "index_cluster_groups_on_cluster_id_and_group_id", unique: true
+    t.index ["group_id"], name: "index_cluster_groups_on_group_id"
   end
 
   create_table "cluster_platforms_kubernetes", id: :serial, force: :cascade do |t|
@@ -819,7 +819,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "encrypted_token"
     t.string "encrypted_token_iv"
     t.integer "authorization_type", limit: 2
-    t.index ["cluster_id"], name: "index_cluster_platforms_kubernetes_on_cluster_id", unique: true, using: :btree
+    t.index ["cluster_id"], name: "index_cluster_platforms_kubernetes_on_cluster_id", unique: true
   end
 
   create_table "cluster_projects", id: :serial, force: :cascade do |t|
@@ -827,8 +827,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "cluster_id", null: false
     t.datetime_with_timezone "created_at", null: false
     t.datetime_with_timezone "updated_at", null: false
-    t.index ["cluster_id"], name: "index_cluster_projects_on_cluster_id", using: :btree
-    t.index ["project_id"], name: "index_cluster_projects_on_project_id", using: :btree
+    t.index ["cluster_id"], name: "index_cluster_projects_on_cluster_id"
+    t.index ["project_id"], name: "index_cluster_projects_on_project_id"
   end
 
   create_table "cluster_providers_gcp", id: :serial, force: :cascade do |t|
@@ -846,7 +846,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "encrypted_access_token"
     t.string "encrypted_access_token_iv"
     t.boolean "legacy_abac", default: false, null: false
-    t.index ["cluster_id"], name: "index_cluster_providers_gcp_on_cluster_id", unique: true, using: :btree
+    t.index ["cluster_id"], name: "index_cluster_providers_gcp_on_cluster_id", unique: true
   end
 
   create_table "clusters", id: :serial, force: :cascade do |t|
@@ -861,8 +861,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "cluster_type", limit: 2, default: 3, null: false
     t.string "domain"
     t.boolean "managed", default: true, null: false
-    t.index ["enabled"], name: "index_clusters_on_enabled", using: :btree
-    t.index ["user_id"], name: "index_clusters_on_user_id", using: :btree
+    t.index ["enabled"], name: "index_clusters_on_enabled"
+    t.index ["user_id"], name: "index_clusters_on_user_id"
   end
 
   create_table "clusters_applications_cert_managers", id: :serial, force: :cascade do |t|
@@ -873,7 +873,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "created_at", null: false
     t.datetime_with_timezone "updated_at", null: false
     t.text "status_reason"
-    t.index ["cluster_id"], name: "index_clusters_applications_cert_managers_on_cluster_id", unique: true, using: :btree
+    t.index ["cluster_id"], name: "index_clusters_applications_cert_managers_on_cluster_id", unique: true
   end
 
   create_table "clusters_applications_helm", id: :serial, force: :cascade do |t|
@@ -886,7 +886,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "encrypted_ca_key"
     t.text "encrypted_ca_key_iv"
     t.text "ca_cert"
-    t.index ["cluster_id"], name: "index_clusters_applications_helm_on_cluster_id", unique: true, using: :btree
+    t.index ["cluster_id"], name: "index_clusters_applications_helm_on_cluster_id", unique: true
   end
 
   create_table "clusters_applications_ingress", id: :serial, force: :cascade do |t|
@@ -900,7 +900,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "status_reason"
     t.string "external_ip"
     t.string "external_hostname"
-    t.index ["cluster_id"], name: "index_clusters_applications_ingress_on_cluster_id", unique: true, using: :btree
+    t.index ["cluster_id"], name: "index_clusters_applications_ingress_on_cluster_id", unique: true
   end
 
   create_table "clusters_applications_jupyter", id: :serial, force: :cascade do |t|
@@ -912,8 +912,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "created_at", null: false
     t.datetime_with_timezone "updated_at", null: false
     t.text "status_reason"
-    t.index ["cluster_id"], name: "index_clusters_applications_jupyter_on_cluster_id", unique: true, using: :btree
-    t.index ["oauth_application_id"], name: "index_clusters_applications_jupyter_on_oauth_application_id", using: :btree
+    t.index ["cluster_id"], name: "index_clusters_applications_jupyter_on_cluster_id", unique: true
+    t.index ["oauth_application_id"], name: "index_clusters_applications_jupyter_on_oauth_application_id"
   end
 
   create_table "clusters_applications_knative", id: :serial, force: :cascade do |t|
@@ -926,7 +926,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "status_reason"
     t.string "external_ip"
     t.string "external_hostname"
-    t.index ["cluster_id"], name: "index_clusters_applications_knative_on_cluster_id", unique: true, using: :btree
+    t.index ["cluster_id"], name: "index_clusters_applications_knative_on_cluster_id", unique: true
   end
 
   create_table "clusters_applications_prometheus", id: :serial, force: :cascade do |t|
@@ -939,7 +939,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "encrypted_alert_manager_token"
     t.string "encrypted_alert_manager_token_iv"
     t.datetime_with_timezone "last_update_started_at"
-    t.index ["cluster_id"], name: "index_clusters_applications_prometheus_on_cluster_id", unique: true, using: :btree
+    t.index ["cluster_id"], name: "index_clusters_applications_prometheus_on_cluster_id", unique: true
   end
 
   create_table "clusters_applications_runners", id: :serial, force: :cascade do |t|
@@ -951,8 +951,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "version", null: false
     t.text "status_reason"
     t.boolean "privileged", default: true, null: false
-    t.index ["cluster_id"], name: "index_clusters_applications_runners_on_cluster_id", unique: true, using: :btree
-    t.index ["runner_id"], name: "index_clusters_applications_runners_on_runner_id", using: :btree
+    t.index ["cluster_id"], name: "index_clusters_applications_runners_on_cluster_id", unique: true
+    t.index ["runner_id"], name: "index_clusters_applications_runners_on_runner_id"
   end
 
   create_table "clusters_kubernetes_namespaces", force: :cascade do |t|
@@ -965,10 +965,10 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "encrypted_service_account_token_iv"
     t.string "namespace", null: false
     t.string "service_account_name"
-    t.index ["cluster_id", "namespace"], name: "kubernetes_namespaces_cluster_and_namespace", unique: true, using: :btree
-    t.index ["cluster_id"], name: "index_clusters_kubernetes_namespaces_on_cluster_id", using: :btree
-    t.index ["cluster_project_id"], name: "index_clusters_kubernetes_namespaces_on_cluster_project_id", using: :btree
-    t.index ["project_id"], name: "index_clusters_kubernetes_namespaces_on_project_id", using: :btree
+    t.index ["cluster_id", "namespace"], name: "kubernetes_namespaces_cluster_and_namespace", unique: true
+    t.index ["cluster_id"], name: "index_clusters_kubernetes_namespaces_on_cluster_id"
+    t.index ["cluster_project_id"], name: "index_clusters_kubernetes_namespaces_on_cluster_project_id"
+    t.index ["project_id"], name: "index_clusters_kubernetes_namespaces_on_project_id"
   end
 
   create_table "container_repositories", id: :serial, force: :cascade do |t|
@@ -976,8 +976,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "name", null: false
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["project_id", "name"], name: "index_container_repositories_on_project_id_and_name", unique: true, using: :btree
-    t.index ["project_id"], name: "index_container_repositories_on_project_id", using: :btree
+    t.index ["project_id", "name"], name: "index_container_repositories_on_project_id_and_name", unique: true
+    t.index ["project_id"], name: "index_container_repositories_on_project_id"
   end
 
   create_table "conversational_development_index_metrics", id: :serial, force: :cascade do |t|
@@ -1023,7 +1023,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "group_id", null: false
     t.bigint "size"
     t.datetime_with_timezone "updated_at", null: false
-    t.index ["group_id", "file_name"], name: "index_dependency_proxy_blobs_on_group_id_and_file_name", using: :btree
+    t.index ["group_id", "file_name"], name: "index_dependency_proxy_blobs_on_group_id_and_file_name"
   end
 
   create_table "dependency_proxy_group_settings", id: :serial, force: :cascade do |t|
@@ -1031,7 +1031,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "enabled", default: false, null: false
     t.integer "group_id", null: false
     t.datetime_with_timezone "updated_at", null: false
-    t.index ["group_id"], name: "index_dependency_proxy_group_settings_on_group_id", using: :btree
+    t.index ["group_id"], name: "index_dependency_proxy_group_settings_on_group_id"
   end
 
   create_table "deploy_keys_projects", id: :serial, force: :cascade do |t|
@@ -1040,7 +1040,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "created_at"
     t.datetime "updated_at"
     t.boolean "can_push", default: false, null: false
-    t.index ["project_id"], name: "index_deploy_keys_projects_on_project_id", using: :btree
+    t.index ["project_id"], name: "index_deploy_keys_projects_on_project_id"
   end
 
   create_table "deploy_tokens", id: :serial, force: :cascade do |t|
@@ -1052,8 +1052,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "name", null: false
     t.string "token", null: false
     t.string "username"
-    t.index ["token", "expires_at", "id"], name: "index_deploy_tokens_on_token_and_expires_at_and_id", where: "(revoked IS FALSE)", using: :btree
-    t.index ["token"], name: "index_deploy_tokens_on_token", unique: true, using: :btree
+    t.index ["token", "expires_at", "id"], name: "index_deploy_tokens_on_token_and_expires_at_and_id", where: "(revoked IS FALSE)"
+    t.index ["token"], name: "index_deploy_tokens_on_token", unique: true
   end
 
   create_table "deployments", id: :serial, force: :cascade do |t|
@@ -1072,37 +1072,37 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "status", limit: 2, null: false
     t.datetime_with_timezone "finished_at"
     t.integer "cluster_id"
-    t.index ["cluster_id"], name: "index_deployments_on_cluster_id", using: :btree
-    t.index ["created_at"], name: "index_deployments_on_created_at", using: :btree
-    t.index ["deployable_type", "deployable_id"], name: "index_deployments_on_deployable_type_and_deployable_id", using: :btree
-    t.index ["environment_id", "id"], name: "index_deployments_on_environment_id_and_id", using: :btree
-    t.index ["environment_id", "iid", "project_id"], name: "index_deployments_on_environment_id_and_iid_and_project_id", using: :btree
-    t.index ["environment_id", "status"], name: "index_deployments_on_environment_id_and_status", using: :btree
-    t.index ["id"], name: "partial_index_deployments_for_legacy_successful_deployments", where: "((finished_at IS NULL) AND (status = 2))", using: :btree
-    t.index ["project_id", "iid"], name: "index_deployments_on_project_id_and_iid", unique: true, using: :btree
-    t.index ["project_id", "status", "created_at"], name: "index_deployments_on_project_id_and_status_and_created_at", using: :btree
-    t.index ["project_id", "status"], name: "index_deployments_on_project_id_and_status", using: :btree
+    t.index ["cluster_id"], name: "index_deployments_on_cluster_id"
+    t.index ["created_at"], name: "index_deployments_on_created_at"
+    t.index ["deployable_type", "deployable_id"], name: "index_deployments_on_deployable_type_and_deployable_id"
+    t.index ["environment_id", "id"], name: "index_deployments_on_environment_id_and_id"
+    t.index ["environment_id", "iid", "project_id"], name: "index_deployments_on_environment_id_and_iid_and_project_id"
+    t.index ["environment_id", "status"], name: "index_deployments_on_environment_id_and_status"
+    t.index ["id"], name: "partial_index_deployments_for_legacy_successful_deployments", where: "((finished_at IS NULL) AND (status = 2))"
+    t.index ["project_id", "iid"], name: "index_deployments_on_project_id_and_iid", unique: true
+    t.index ["project_id", "status", "created_at"], name: "index_deployments_on_project_id_and_status_and_created_at"
+    t.index ["project_id", "status"], name: "index_deployments_on_project_id_and_status"
   end
 
   create_table "design_management_designs", force: :cascade do |t|
     t.integer "project_id", null: false
     t.integer "issue_id", null: false
     t.string "filename", null: false
-    t.index ["issue_id", "filename"], name: "index_design_management_designs_on_issue_id_and_filename", unique: true, using: :btree
-    t.index ["project_id"], name: "index_design_management_designs_on_project_id", using: :btree
+    t.index ["issue_id", "filename"], name: "index_design_management_designs_on_issue_id_and_filename", unique: true
+    t.index ["project_id"], name: "index_design_management_designs_on_project_id"
   end
 
   create_table "design_management_designs_versions", id: false, force: :cascade do |t|
     t.bigint "design_id", null: false
     t.bigint "version_id", null: false
-    t.index ["design_id", "version_id"], name: "design_management_designs_versions_uniqueness", unique: true, using: :btree
-    t.index ["design_id"], name: "index_design_management_designs_versions_on_design_id", using: :btree
-    t.index ["version_id"], name: "index_design_management_designs_versions_on_version_id", using: :btree
+    t.index ["design_id", "version_id"], name: "design_management_designs_versions_uniqueness", unique: true
+    t.index ["design_id"], name: "index_design_management_designs_versions_on_design_id"
+    t.index ["version_id"], name: "index_design_management_designs_versions_on_version_id"
   end
 
   create_table "design_management_versions", force: :cascade do |t|
     t.binary "sha", null: false
-    t.index ["sha"], name: "index_design_management_versions_on_sha", unique: true, using: :btree
+    t.index ["sha"], name: "index_design_management_versions_on_sha", unique: true
   end
 
   create_table "draft_notes", force: :cascade do |t|
@@ -1114,23 +1114,23 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "position"
     t.text "original_position"
     t.text "change_position"
-    t.index ["author_id"], name: "index_draft_notes_on_author_id", using: :btree
-    t.index ["discussion_id"], name: "index_draft_notes_on_discussion_id", using: :btree
-    t.index ["merge_request_id"], name: "index_draft_notes_on_merge_request_id", using: :btree
+    t.index ["author_id"], name: "index_draft_notes_on_author_id"
+    t.index ["discussion_id"], name: "index_draft_notes_on_discussion_id"
+    t.index ["merge_request_id"], name: "index_draft_notes_on_merge_request_id"
   end
 
   create_table "elasticsearch_indexed_namespaces", id: false, force: :cascade do |t|
     t.datetime_with_timezone "created_at", null: false
     t.datetime_with_timezone "updated_at", null: false
     t.integer "namespace_id"
-    t.index ["namespace_id"], name: "index_elasticsearch_indexed_namespaces_on_namespace_id", unique: true, using: :btree
+    t.index ["namespace_id"], name: "index_elasticsearch_indexed_namespaces_on_namespace_id", unique: true
   end
 
   create_table "elasticsearch_indexed_projects", id: false, force: :cascade do |t|
     t.datetime_with_timezone "created_at", null: false
     t.datetime_with_timezone "updated_at", null: false
     t.integer "project_id"
-    t.index ["project_id"], name: "index_elasticsearch_indexed_projects_on_project_id", unique: true, using: :btree
+    t.index ["project_id"], name: "index_elasticsearch_indexed_projects_on_project_id", unique: true
   end
 
   create_table "emails", id: :serial, force: :cascade do |t|
@@ -1141,9 +1141,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "confirmation_token"
     t.datetime_with_timezone "confirmed_at"
     t.datetime_with_timezone "confirmation_sent_at"
-    t.index ["confirmation_token"], name: "index_emails_on_confirmation_token", unique: true, using: :btree
-    t.index ["email"], name: "index_emails_on_email", unique: true, using: :btree
-    t.index ["user_id"], name: "index_emails_on_user_id", using: :btree
+    t.index ["confirmation_token"], name: "index_emails_on_confirmation_token", unique: true
+    t.index ["email"], name: "index_emails_on_email", unique: true
+    t.index ["user_id"], name: "index_emails_on_user_id"
   end
 
   create_table "environments", id: :serial, force: :cascade do |t|
@@ -1155,24 +1155,24 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "environment_type"
     t.string "state", default: "available", null: false
     t.string "slug", null: false
-    t.index ["name"], name: "index_environments_on_name_varchar_pattern_ops", using: :btree, opclasses: {"name"=>"varchar_pattern_ops"}
-    t.index ["project_id", "name"], name: "index_environments_on_project_id_and_name", unique: true, using: :btree
-    t.index ["project_id", "slug"], name: "index_environments_on_project_id_and_slug", unique: true, using: :btree
+    t.index ["name"], name: "index_environments_on_name_varchar_pattern_ops", opclass: :varchar_pattern_ops
+    t.index ["project_id", "name"], name: "index_environments_on_project_id_and_name", unique: true
+    t.index ["project_id", "slug"], name: "index_environments_on_project_id_and_slug", unique: true
   end
 
   create_table "epic_issues", id: :serial, force: :cascade do |t|
     t.integer "epic_id", null: false
     t.integer "issue_id", null: false
     t.integer "relative_position", default: 1073741823, null: false
-    t.index ["epic_id"], name: "index_epic_issues_on_epic_id", using: :btree
-    t.index ["issue_id"], name: "index_epic_issues_on_issue_id", unique: true, using: :btree
+    t.index ["epic_id"], name: "index_epic_issues_on_epic_id"
+    t.index ["issue_id"], name: "index_epic_issues_on_issue_id", unique: true
   end
 
   create_table "epic_metrics", id: :serial, force: :cascade do |t|
     t.integer "epic_id", null: false
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["epic_id"], name: "index_epic_metrics", using: :btree
+    t.index ["epic_id"], name: "index_epic_metrics"
   end
 
   create_table "epics", id: :serial, force: :cascade do |t|
@@ -1205,15 +1205,15 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "closed_at"
     t.integer "parent_id"
     t.integer "relative_position"
-    t.index ["assignee_id"], name: "index_epics_on_assignee_id", using: :btree
-    t.index ["author_id"], name: "index_epics_on_author_id", using: :btree
-    t.index ["closed_by_id"], name: "index_epics_on_closed_by_id", using: :btree
-    t.index ["end_date"], name: "index_epics_on_end_date", using: :btree
-    t.index ["group_id"], name: "index_epics_on_group_id", using: :btree
-    t.index ["iid"], name: "index_epics_on_iid", using: :btree
-    t.index ["milestone_id"], name: "index_milestone", using: :btree
-    t.index ["parent_id"], name: "index_epics_on_parent_id", using: :btree
-    t.index ["start_date"], name: "index_epics_on_start_date", using: :btree
+    t.index ["assignee_id"], name: "index_epics_on_assignee_id"
+    t.index ["author_id"], name: "index_epics_on_author_id"
+    t.index ["closed_by_id"], name: "index_epics_on_closed_by_id"
+    t.index ["end_date"], name: "index_epics_on_end_date"
+    t.index ["group_id"], name: "index_epics_on_group_id"
+    t.index ["iid"], name: "index_epics_on_iid"
+    t.index ["milestone_id"], name: "index_milestone"
+    t.index ["parent_id"], name: "index_epics_on_parent_id"
+    t.index ["start_date"], name: "index_epics_on_start_date"
   end
 
   create_table "events", id: :serial, force: :cascade do |t|
@@ -1224,12 +1224,12 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "updated_at", null: false
     t.integer "action", limit: 2, null: false
     t.string "target_type"
-    t.index ["action"], name: "index_events_on_action", using: :btree
-    t.index ["author_id", "project_id"], name: "index_events_on_author_id_and_project_id", using: :btree
-    t.index ["created_at", "author_id"], name: "analytics_index_events_on_created_at_and_author_id", using: :btree
-    t.index ["project_id", "created_at"], name: "index_events_on_project_id_and_created_at", using: :btree
-    t.index ["project_id", "id"], name: "index_events_on_project_id_and_id", using: :btree
-    t.index ["target_type", "target_id"], name: "index_events_on_target_type_and_target_id", using: :btree
+    t.index ["action"], name: "index_events_on_action"
+    t.index ["author_id", "project_id"], name: "index_events_on_author_id_and_project_id"
+    t.index ["created_at", "author_id"], name: "analytics_index_events_on_created_at_and_author_id"
+    t.index ["project_id", "created_at"], name: "index_events_on_project_id_and_created_at"
+    t.index ["project_id", "id"], name: "index_events_on_project_id_and_id"
+    t.index ["target_type", "target_id"], name: "index_events_on_target_type_and_target_id"
   end
 
   create_table "feature_gates", id: :serial, force: :cascade do |t|
@@ -1238,29 +1238,29 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "value"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["feature_key", "key", "value"], name: "index_feature_gates_on_feature_key_and_key_and_value", unique: true, using: :btree
+    t.index ["feature_key", "key", "value"], name: "index_feature_gates_on_feature_key_and_key_and_value", unique: true
   end
 
   create_table "features", id: :serial, force: :cascade do |t|
     t.string "key", null: false
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["key"], name: "index_features_on_key", unique: true, using: :btree
+    t.index ["key"], name: "index_features_on_key", unique: true
   end
 
   create_table "fork_network_members", id: :serial, force: :cascade do |t|
     t.integer "fork_network_id", null: false
     t.integer "project_id", null: false
     t.integer "forked_from_project_id"
-    t.index ["fork_network_id"], name: "index_fork_network_members_on_fork_network_id", using: :btree
-    t.index ["forked_from_project_id"], name: "index_fork_network_members_on_forked_from_project_id", using: :btree
-    t.index ["project_id"], name: "index_fork_network_members_on_project_id", unique: true, using: :btree
+    t.index ["fork_network_id"], name: "index_fork_network_members_on_fork_network_id"
+    t.index ["forked_from_project_id"], name: "index_fork_network_members_on_forked_from_project_id"
+    t.index ["project_id"], name: "index_fork_network_members_on_project_id", unique: true
   end
 
   create_table "fork_networks", id: :serial, force: :cascade do |t|
     t.integer "root_project_id"
     t.string "deleted_root_project_name"
-    t.index ["root_project_id"], name: "index_fork_networks_on_root_project_id", unique: true, using: :btree
+    t.index ["root_project_id"], name: "index_fork_networks_on_root_project_id", unique: true
   end
 
   create_table "forked_project_links", id: :serial, force: :cascade do |t|
@@ -1268,7 +1268,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "forked_from_project_id", null: false
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.index ["forked_to_project_id"], name: "index_forked_project_links_on_forked_to_project_id", unique: true, using: :btree
+    t.index ["forked_to_project_id"], name: "index_forked_project_links_on_forked_to_project_id", unique: true
   end
 
   create_table "geo_cache_invalidation_events", force: :cascade do |t|
@@ -1289,25 +1289,25 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.bigint "job_artifact_deleted_event_id"
     t.bigint "reset_checksum_event_id"
     t.bigint "cache_invalidation_event_id"
-    t.index ["cache_invalidation_event_id"], name: "index_geo_event_log_on_cache_invalidation_event_id", where: "(cache_invalidation_event_id IS NOT NULL)", using: :btree
-    t.index ["hashed_storage_attachments_event_id"], name: "index_geo_event_log_on_hashed_storage_attachments_event_id", where: "(hashed_storage_attachments_event_id IS NOT NULL)", using: :btree
-    t.index ["hashed_storage_migrated_event_id"], name: "index_geo_event_log_on_hashed_storage_migrated_event_id", where: "(hashed_storage_migrated_event_id IS NOT NULL)", using: :btree
-    t.index ["job_artifact_deleted_event_id"], name: "index_geo_event_log_on_job_artifact_deleted_event_id", where: "(job_artifact_deleted_event_id IS NOT NULL)", using: :btree
-    t.index ["lfs_object_deleted_event_id"], name: "index_geo_event_log_on_lfs_object_deleted_event_id", where: "(lfs_object_deleted_event_id IS NOT NULL)", using: :btree
-    t.index ["repositories_changed_event_id"], name: "index_geo_event_log_on_repositories_changed_event_id", where: "(repositories_changed_event_id IS NOT NULL)", using: :btree
-    t.index ["repository_created_event_id"], name: "index_geo_event_log_on_repository_created_event_id", where: "(repository_created_event_id IS NOT NULL)", using: :btree
-    t.index ["repository_deleted_event_id"], name: "index_geo_event_log_on_repository_deleted_event_id", where: "(repository_deleted_event_id IS NOT NULL)", using: :btree
-    t.index ["repository_renamed_event_id"], name: "index_geo_event_log_on_repository_renamed_event_id", where: "(repository_renamed_event_id IS NOT NULL)", using: :btree
-    t.index ["repository_updated_event_id"], name: "index_geo_event_log_on_repository_updated_event_id", where: "(repository_updated_event_id IS NOT NULL)", using: :btree
-    t.index ["reset_checksum_event_id"], name: "index_geo_event_log_on_reset_checksum_event_id", where: "(reset_checksum_event_id IS NOT NULL)", using: :btree
-    t.index ["upload_deleted_event_id"], name: "index_geo_event_log_on_upload_deleted_event_id", where: "(upload_deleted_event_id IS NOT NULL)", using: :btree
+    t.index ["cache_invalidation_event_id"], name: "index_geo_event_log_on_cache_invalidation_event_id", where: "(cache_invalidation_event_id IS NOT NULL)"
+    t.index ["hashed_storage_attachments_event_id"], name: "index_geo_event_log_on_hashed_storage_attachments_event_id", where: "(hashed_storage_attachments_event_id IS NOT NULL)"
+    t.index ["hashed_storage_migrated_event_id"], name: "index_geo_event_log_on_hashed_storage_migrated_event_id", where: "(hashed_storage_migrated_event_id IS NOT NULL)"
+    t.index ["job_artifact_deleted_event_id"], name: "index_geo_event_log_on_job_artifact_deleted_event_id", where: "(job_artifact_deleted_event_id IS NOT NULL)"
+    t.index ["lfs_object_deleted_event_id"], name: "index_geo_event_log_on_lfs_object_deleted_event_id", where: "(lfs_object_deleted_event_id IS NOT NULL)"
+    t.index ["repositories_changed_event_id"], name: "index_geo_event_log_on_repositories_changed_event_id", where: "(repositories_changed_event_id IS NOT NULL)"
+    t.index ["repository_created_event_id"], name: "index_geo_event_log_on_repository_created_event_id", where: "(repository_created_event_id IS NOT NULL)"
+    t.index ["repository_deleted_event_id"], name: "index_geo_event_log_on_repository_deleted_event_id", where: "(repository_deleted_event_id IS NOT NULL)"
+    t.index ["repository_renamed_event_id"], name: "index_geo_event_log_on_repository_renamed_event_id", where: "(repository_renamed_event_id IS NOT NULL)"
+    t.index ["repository_updated_event_id"], name: "index_geo_event_log_on_repository_updated_event_id", where: "(repository_updated_event_id IS NOT NULL)"
+    t.index ["reset_checksum_event_id"], name: "index_geo_event_log_on_reset_checksum_event_id", where: "(reset_checksum_event_id IS NOT NULL)"
+    t.index ["upload_deleted_event_id"], name: "index_geo_event_log_on_upload_deleted_event_id", where: "(upload_deleted_event_id IS NOT NULL)"
   end
 
   create_table "geo_hashed_storage_attachments_events", force: :cascade do |t|
     t.integer "project_id", null: false
     t.text "old_attachments_path", null: false
     t.text "new_attachments_path", null: false
-    t.index ["project_id"], name: "index_geo_hashed_storage_attachments_events_on_project_id", using: :btree
+    t.index ["project_id"], name: "index_geo_hashed_storage_attachments_events_on_project_id"
   end
 
   create_table "geo_hashed_storage_migrated_events", force: :cascade do |t|
@@ -1319,20 +1319,20 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "new_wiki_disk_path", null: false
     t.integer "old_storage_version", limit: 2
     t.integer "new_storage_version", limit: 2, null: false
-    t.index ["project_id"], name: "index_geo_hashed_storage_migrated_events_on_project_id", using: :btree
+    t.index ["project_id"], name: "index_geo_hashed_storage_migrated_events_on_project_id"
   end
 
   create_table "geo_job_artifact_deleted_events", force: :cascade do |t|
     t.integer "job_artifact_id", null: false
     t.string "file_path", null: false
-    t.index ["job_artifact_id"], name: "index_geo_job_artifact_deleted_events_on_job_artifact_id", using: :btree
+    t.index ["job_artifact_id"], name: "index_geo_job_artifact_deleted_events_on_job_artifact_id"
   end
 
   create_table "geo_lfs_object_deleted_events", force: :cascade do |t|
     t.integer "lfs_object_id", null: false
     t.string "oid", null: false
     t.string "file_path", null: false
-    t.index ["lfs_object_id"], name: "index_geo_lfs_object_deleted_events_on_lfs_object_id", using: :btree
+    t.index ["lfs_object_id"], name: "index_geo_lfs_object_deleted_events_on_lfs_object_id"
   end
 
   create_table "geo_node_namespace_links", id: :serial, force: :cascade do |t|
@@ -1340,9 +1340,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "namespace_id", null: false
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["geo_node_id", "namespace_id"], name: "index_geo_node_namespace_links_on_geo_node_id_and_namespace_id", unique: true, using: :btree
-    t.index ["geo_node_id"], name: "index_geo_node_namespace_links_on_geo_node_id", using: :btree
-    t.index ["namespace_id"], name: "index_geo_node_namespace_links_on_namespace_id", using: :btree
+    t.index ["geo_node_id", "namespace_id"], name: "index_geo_node_namespace_links_on_geo_node_id_and_namespace_id", unique: true
+    t.index ["geo_node_id"], name: "index_geo_node_namespace_links_on_geo_node_id"
+    t.index ["namespace_id"], name: "index_geo_node_namespace_links_on_namespace_id"
   end
 
   create_table "geo_node_statuses", id: :serial, force: :cascade do |t|
@@ -1391,7 +1391,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "repositories_retrying_verification_count"
     t.integer "wikis_retrying_verification_count"
     t.integer "projects_count"
-    t.index ["geo_node_id"], name: "index_geo_node_statuses_on_geo_node_id", unique: true, using: :btree
+    t.index ["geo_node_id"], name: "index_geo_node_statuses_on_geo_node_id", unique: true
   end
 
   create_table "geo_nodes", id: :serial, force: :cascade do |t|
@@ -1411,14 +1411,14 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "minimum_reverification_interval", default: 7, null: false
     t.string "internal_url"
     t.string "name", null: false
-    t.index ["access_key"], name: "index_geo_nodes_on_access_key", using: :btree
-    t.index ["name"], name: "index_geo_nodes_on_name", unique: true, using: :btree
-    t.index ["primary"], name: "index_geo_nodes_on_primary", using: :btree
+    t.index ["access_key"], name: "index_geo_nodes_on_access_key"
+    t.index ["name"], name: "index_geo_nodes_on_name", unique: true
+    t.index ["primary"], name: "index_geo_nodes_on_primary"
   end
 
   create_table "geo_repositories_changed_events", force: :cascade do |t|
     t.integer "geo_node_id", null: false
-    t.index ["geo_node_id"], name: "index_geo_repositories_changed_events_on_geo_node_id", using: :btree
+    t.index ["geo_node_id"], name: "index_geo_repositories_changed_events_on_geo_node_id"
   end
 
   create_table "geo_repository_created_events", force: :cascade do |t|
@@ -1427,7 +1427,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "repo_path", null: false
     t.text "wiki_path"
     t.text "project_name", null: false
-    t.index ["project_id"], name: "index_geo_repository_created_events_on_project_id", using: :btree
+    t.index ["project_id"], name: "index_geo_repository_created_events_on_project_id"
   end
 
   create_table "geo_repository_deleted_events", force: :cascade do |t|
@@ -1436,7 +1436,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "deleted_path", null: false
     t.text "deleted_wiki_path"
     t.text "deleted_project_name", null: false
-    t.index ["project_id"], name: "index_geo_repository_deleted_events_on_project_id", using: :btree
+    t.index ["project_id"], name: "index_geo_repository_deleted_events_on_project_id"
   end
 
   create_table "geo_repository_renamed_events", force: :cascade do |t|
@@ -1448,7 +1448,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "new_wiki_path_with_namespace", null: false
     t.text "old_path", null: false
     t.text "new_path", null: false
-    t.index ["project_id"], name: "index_geo_repository_renamed_events_on_project_id", using: :btree
+    t.index ["project_id"], name: "index_geo_repository_renamed_events_on_project_id"
   end
 
   create_table "geo_repository_updated_events", force: :cascade do |t|
@@ -1459,13 +1459,13 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "new_branch", default: false, null: false
     t.boolean "remove_branch", default: false, null: false
     t.text "ref"
-    t.index ["project_id"], name: "index_geo_repository_updated_events_on_project_id", using: :btree
-    t.index ["source"], name: "index_geo_repository_updated_events_on_source", using: :btree
+    t.index ["project_id"], name: "index_geo_repository_updated_events_on_project_id"
+    t.index ["source"], name: "index_geo_repository_updated_events_on_source"
   end
 
   create_table "geo_reset_checksum_events", force: :cascade do |t|
     t.integer "project_id", null: false
-    t.index ["project_id"], name: "index_geo_reset_checksum_events_on_project_id", using: :btree
+    t.index ["project_id"], name: "index_geo_reset_checksum_events_on_project_id"
   end
 
   create_table "geo_upload_deleted_events", force: :cascade do |t|
@@ -1474,7 +1474,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "model_id", null: false
     t.string "model_type", null: false
     t.string "uploader", null: false
-    t.index ["upload_id"], name: "index_geo_upload_deleted_events_on_upload_id", using: :btree
+    t.index ["upload_id"], name: "index_geo_upload_deleted_events_on_upload_id"
   end
 
   create_table "gitlab_subscriptions", force: :cascade do |t|
@@ -1488,17 +1488,17 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "max_seats_used", default: 0
     t.integer "seats", default: 0
     t.boolean "trial", default: false
-    t.index ["hosted_plan_id"], name: "index_gitlab_subscriptions_on_hosted_plan_id", using: :btree
-    t.index ["namespace_id"], name: "index_gitlab_subscriptions_on_namespace_id", unique: true, using: :btree
+    t.index ["hosted_plan_id"], name: "index_gitlab_subscriptions_on_hosted_plan_id"
+    t.index ["namespace_id"], name: "index_gitlab_subscriptions_on_namespace_id", unique: true
   end
 
   create_table "gpg_key_subkeys", id: :serial, force: :cascade do |t|
     t.integer "gpg_key_id", null: false
     t.binary "keyid"
     t.binary "fingerprint"
-    t.index ["fingerprint"], name: "index_gpg_key_subkeys_on_fingerprint", unique: true, using: :btree
-    t.index ["gpg_key_id"], name: "index_gpg_key_subkeys_on_gpg_key_id", using: :btree
-    t.index ["keyid"], name: "index_gpg_key_subkeys_on_keyid", unique: true, using: :btree
+    t.index ["fingerprint"], name: "index_gpg_key_subkeys_on_fingerprint", unique: true
+    t.index ["gpg_key_id"], name: "index_gpg_key_subkeys_on_gpg_key_id"
+    t.index ["keyid"], name: "index_gpg_key_subkeys_on_keyid", unique: true
   end
 
   create_table "gpg_keys", id: :serial, force: :cascade do |t|
@@ -1508,9 +1508,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.binary "primary_keyid"
     t.binary "fingerprint"
     t.text "key"
-    t.index ["fingerprint"], name: "index_gpg_keys_on_fingerprint", unique: true, using: :btree
-    t.index ["primary_keyid"], name: "index_gpg_keys_on_primary_keyid", unique: true, using: :btree
-    t.index ["user_id"], name: "index_gpg_keys_on_user_id", using: :btree
+    t.index ["fingerprint"], name: "index_gpg_keys_on_fingerprint", unique: true
+    t.index ["primary_keyid"], name: "index_gpg_keys_on_primary_keyid", unique: true
+    t.index ["user_id"], name: "index_gpg_keys_on_user_id"
   end
 
   create_table "gpg_signatures", id: :serial, force: :cascade do |t|
@@ -1524,11 +1524,11 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "gpg_key_user_email"
     t.integer "verification_status", limit: 2, default: 0, null: false
     t.integer "gpg_key_subkey_id"
-    t.index ["commit_sha"], name: "index_gpg_signatures_on_commit_sha", unique: true, using: :btree
-    t.index ["gpg_key_id"], name: "index_gpg_signatures_on_gpg_key_id", using: :btree
-    t.index ["gpg_key_primary_keyid"], name: "index_gpg_signatures_on_gpg_key_primary_keyid", using: :btree
-    t.index ["gpg_key_subkey_id"], name: "index_gpg_signatures_on_gpg_key_subkey_id", using: :btree
-    t.index ["project_id"], name: "index_gpg_signatures_on_project_id", using: :btree
+    t.index ["commit_sha"], name: "index_gpg_signatures_on_commit_sha", unique: true
+    t.index ["gpg_key_id"], name: "index_gpg_signatures_on_gpg_key_id"
+    t.index ["gpg_key_primary_keyid"], name: "index_gpg_signatures_on_gpg_key_primary_keyid"
+    t.index ["gpg_key_subkey_id"], name: "index_gpg_signatures_on_gpg_key_subkey_id"
+    t.index ["project_id"], name: "index_gpg_signatures_on_project_id"
   end
 
   create_table "group_custom_attributes", id: :serial, force: :cascade do |t|
@@ -1537,8 +1537,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "group_id", null: false
     t.string "key", null: false
     t.string "value", null: false
-    t.index ["group_id", "key"], name: "index_group_custom_attributes_on_group_id_and_key", unique: true, using: :btree
-    t.index ["key", "value"], name: "index_group_custom_attributes_on_key_and_value", using: :btree
+    t.index ["group_id", "key"], name: "index_group_custom_attributes_on_group_id_and_key", unique: true
+    t.index ["key", "value"], name: "index_group_custom_attributes_on_key_and_value"
   end
 
   create_table "historical_data", id: :serial, force: :cascade do |t|
@@ -1556,8 +1556,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "updated_at"
     t.integer "saml_provider_id"
     t.string "secondary_extern_uid"
-    t.index ["saml_provider_id"], name: "index_identities_on_saml_provider_id", where: "(saml_provider_id IS NOT NULL)", using: :btree
-    t.index ["user_id"], name: "index_identities_on_user_id", using: :btree
+    t.index ["saml_provider_id"], name: "index_identities_on_saml_provider_id", where: "(saml_provider_id IS NOT NULL)"
+    t.index ["user_id"], name: "index_identities_on_user_id"
   end
 
   create_table "import_export_uploads", id: :serial, force: :cascade do |t|
@@ -1565,8 +1565,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "project_id"
     t.text "import_file"
     t.text "export_file"
-    t.index ["project_id"], name: "index_import_export_uploads_on_project_id", using: :btree
-    t.index ["updated_at"], name: "index_import_export_uploads_on_updated_at", using: :btree
+    t.index ["project_id"], name: "index_import_export_uploads_on_project_id"
+    t.index ["updated_at"], name: "index_import_export_uploads_on_updated_at"
   end
 
   create_table "index_statuses", id: :serial, force: :cascade do |t|
@@ -1578,14 +1578,14 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "updated_at", null: false
     t.binary "last_wiki_commit"
     t.datetime_with_timezone "wiki_indexed_at"
-    t.index ["project_id"], name: "index_index_statuses_on_project_id", unique: true, using: :btree
+    t.index ["project_id"], name: "index_index_statuses_on_project_id", unique: true
   end
 
   create_table "insights", id: :serial, force: :cascade do |t|
     t.integer "namespace_id", null: false
     t.integer "project_id", null: false
-    t.index ["namespace_id"], name: "index_insights_on_namespace_id", using: :btree
-    t.index ["project_id"], name: "index_insights_on_project_id", using: :btree
+    t.index ["namespace_id"], name: "index_insights_on_namespace_id"
+    t.index ["project_id"], name: "index_insights_on_project_id"
   end
 
   create_table "internal_ids", force: :cascade do |t|
@@ -1593,23 +1593,23 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "usage", null: false
     t.integer "last_value", null: false
     t.integer "namespace_id"
-    t.index ["namespace_id"], name: "index_internal_ids_on_namespace_id", using: :btree
-    t.index ["project_id"], name: "index_internal_ids_on_project_id", using: :btree
-    t.index ["usage", "namespace_id"], name: "index_internal_ids_on_usage_and_namespace_id", unique: true, where: "(namespace_id IS NOT NULL)", using: :btree
-    t.index ["usage", "project_id"], name: "index_internal_ids_on_usage_and_project_id", unique: true, where: "(project_id IS NOT NULL)", using: :btree
+    t.index ["namespace_id"], name: "index_internal_ids_on_namespace_id"
+    t.index ["project_id"], name: "index_internal_ids_on_project_id"
+    t.index ["usage", "namespace_id"], name: "index_internal_ids_on_usage_and_namespace_id", unique: true, where: "(namespace_id IS NOT NULL)"
+    t.index ["usage", "project_id"], name: "index_internal_ids_on_usage_and_project_id", unique: true, where: "(project_id IS NOT NULL)"
   end
 
   create_table "ip_restrictions", force: :cascade do |t|
     t.integer "group_id", null: false
     t.string "range", null: false
-    t.index ["group_id"], name: "index_ip_restrictions_on_group_id", using: :btree
+    t.index ["group_id"], name: "index_ip_restrictions_on_group_id"
   end
 
   create_table "issue_assignees", id: false, force: :cascade do |t|
     t.integer "user_id", null: false
     t.integer "issue_id", null: false
-    t.index ["issue_id", "user_id"], name: "index_issue_assignees_on_issue_id_and_user_id", unique: true, using: :btree
-    t.index ["user_id"], name: "index_issue_assignees_on_user_id", using: :btree
+    t.index ["issue_id", "user_id"], name: "index_issue_assignees_on_issue_id_and_user_id", unique: true
+    t.index ["user_id"], name: "index_issue_assignees_on_user_id"
   end
 
   create_table "issue_links", id: :serial, force: :cascade do |t|
@@ -1617,9 +1617,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "target_id", null: false
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.index ["source_id", "target_id"], name: "index_issue_links_on_source_id_and_target_id", unique: true, using: :btree
-    t.index ["source_id"], name: "index_issue_links_on_source_id", using: :btree
-    t.index ["target_id"], name: "index_issue_links_on_target_id", using: :btree
+    t.index ["source_id", "target_id"], name: "index_issue_links_on_source_id_and_target_id", unique: true
+    t.index ["source_id"], name: "index_issue_links_on_source_id"
+    t.index ["target_id"], name: "index_issue_links_on_target_id"
   end
 
   create_table "issue_metrics", id: :serial, force: :cascade do |t|
@@ -1629,7 +1629,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "first_added_to_board_at"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["issue_id"], name: "index_issue_metrics", using: :btree
+    t.index ["issue_id"], name: "index_issue_metrics"
   end
 
   create_table "issue_tracker_data", force: :cascade do |t|
@@ -1642,7 +1642,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "encrypted_issues_url_iv"
     t.string "encrypted_new_issue_url"
     t.string "encrypted_new_issue_url_iv"
-    t.index ["service_id"], name: "index_issue_tracker_data_on_service_id", using: :btree
+    t.index ["service_id"], name: "index_issue_tracker_data_on_service_id"
   end
 
   create_table "issues", id: :serial, force: :cascade do |t|
@@ -1673,22 +1673,22 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "state_id", limit: 2
     t.string "service_desk_reply_to"
     t.integer "weight"
-    t.index ["author_id"], name: "index_issues_on_author_id", using: :btree
-    t.index ["closed_by_id"], name: "index_issues_on_closed_by_id", using: :btree
-    t.index ["confidential"], name: "index_issues_on_confidential", using: :btree
-    t.index ["description"], name: "index_issues_on_description_trigram", using: :gin, opclasses: {"description"=>"gin_trgm_ops"}
-    t.index ["milestone_id"], name: "index_issues_on_milestone_id", using: :btree
-    t.index ["moved_to_id"], name: "index_issues_on_moved_to_id", where: "(moved_to_id IS NOT NULL)", using: :btree
-    t.index ["project_id", "created_at", "id", "state"], name: "index_issues_on_project_id_and_created_at_and_id_and_state", using: :btree
-    t.index ["project_id", "due_date", "id", "state"], name: "idx_issues_on_project_id_and_due_date_and_id_and_state_partial", where: "(due_date IS NOT NULL)", using: :btree
-    t.index ["project_id", "iid"], name: "index_issues_on_project_id_and_iid", unique: true, using: :btree
-    t.index ["project_id", "state", "relative_position", "id"], name: "index_issues_on_project_id_and_state_and_rel_position_and_id", order: { id: :desc }, using: :btree
-    t.index ["project_id", "updated_at", "id", "state"], name: "index_issues_on_project_id_and_updated_at_and_id_and_state", using: :btree
-    t.index ["relative_position"], name: "index_issues_on_relative_position", using: :btree
-    t.index ["state"], name: "index_issues_on_state", using: :btree
-    t.index ["title"], name: "index_issues_on_title_trigram", using: :gin, opclasses: {"title"=>"gin_trgm_ops"}
-    t.index ["updated_at"], name: "index_issues_on_updated_at", using: :btree
-    t.index ["updated_by_id"], name: "index_issues_on_updated_by_id", where: "(updated_by_id IS NOT NULL)", using: :btree
+    t.index ["author_id"], name: "index_issues_on_author_id"
+    t.index ["closed_by_id"], name: "index_issues_on_closed_by_id"
+    t.index ["confidential"], name: "index_issues_on_confidential"
+    t.index ["description"], name: "index_issues_on_description_trigram", opclass: :gin_trgm_ops, using: :gin
+    t.index ["milestone_id"], name: "index_issues_on_milestone_id"
+    t.index ["moved_to_id"], name: "index_issues_on_moved_to_id", where: "(moved_to_id IS NOT NULL)"
+    t.index ["project_id", "created_at", "id", "state"], name: "index_issues_on_project_id_and_created_at_and_id_and_state"
+    t.index ["project_id", "due_date", "id", "state"], name: "idx_issues_on_project_id_and_due_date_and_id_and_state_partial", where: "(due_date IS NOT NULL)"
+    t.index ["project_id", "iid"], name: "index_issues_on_project_id_and_iid", unique: true
+    t.index ["project_id", "state", "relative_position", "id"], name: "index_issues_on_project_id_and_state_and_rel_position_and_id", order: { id: :desc }
+    t.index ["project_id", "updated_at", "id", "state"], name: "index_issues_on_project_id_and_updated_at_and_id_and_state"
+    t.index ["relative_position"], name: "index_issues_on_relative_position"
+    t.index ["state"], name: "index_issues_on_state"
+    t.index ["title"], name: "index_issues_on_title_trigram", opclass: :gin_trgm_ops, using: :gin
+    t.index ["updated_at"], name: "index_issues_on_updated_at"
+    t.index ["updated_by_id"], name: "index_issues_on_updated_by_id", where: "(updated_by_id IS NOT NULL)"
   end
 
   create_table "jira_connect_installations", force: :cascade do |t|
@@ -1696,7 +1696,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "encrypted_shared_secret"
     t.string "encrypted_shared_secret_iv"
     t.string "base_url"
-    t.index ["client_key"], name: "index_jira_connect_installations_on_client_key", unique: true, using: :btree
+    t.index ["client_key"], name: "index_jira_connect_installations_on_client_key", unique: true
   end
 
   create_table "jira_connect_subscriptions", force: :cascade do |t|
@@ -1704,9 +1704,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.bigint "jira_connect_installation_id", null: false
     t.integer "namespace_id", null: false
     t.datetime_with_timezone "updated_at", null: false
-    t.index ["jira_connect_installation_id", "namespace_id"], name: "idx_jira_connect_subscriptions_on_installation_id_namespace_id", unique: true, using: :btree
-    t.index ["jira_connect_installation_id"], name: "idx_jira_connect_subscriptions_on_installation_id", using: :btree
-    t.index ["namespace_id"], name: "index_jira_connect_subscriptions_on_namespace_id", using: :btree
+    t.index ["jira_connect_installation_id", "namespace_id"], name: "idx_jira_connect_subscriptions_on_installation_id_namespace_id", unique: true
+    t.index ["jira_connect_installation_id"], name: "idx_jira_connect_subscriptions_on_installation_id"
+    t.index ["namespace_id"], name: "index_jira_connect_subscriptions_on_namespace_id"
   end
 
   create_table "jira_tracker_data", force: :cascade do |t|
@@ -1722,7 +1722,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "encrypted_password"
     t.string "encrypted_password_iv"
     t.string "jira_issue_transition_id"
-    t.index ["service_id"], name: "index_jira_tracker_data_on_service_id", using: :btree
+    t.index ["service_id"], name: "index_jira_tracker_data_on_service_id"
   end
 
   create_table "keys", id: :serial, force: :cascade do |t|
@@ -1735,8 +1735,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "fingerprint"
     t.boolean "public", default: false, null: false
     t.datetime "last_used_at"
-    t.index ["fingerprint"], name: "index_keys_on_fingerprint", unique: true, using: :btree
-    t.index ["user_id"], name: "index_keys_on_user_id", using: :btree
+    t.index ["fingerprint"], name: "index_keys_on_fingerprint", unique: true
+    t.index ["user_id"], name: "index_keys_on_user_id"
   end
 
   create_table "label_links", id: :serial, force: :cascade do |t|
@@ -1745,8 +1745,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "target_type"
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.index ["label_id"], name: "index_label_links_on_label_id", using: :btree
-    t.index ["target_id", "target_type"], name: "index_label_links_on_target_id_and_target_type", using: :btree
+    t.index ["label_id"], name: "index_label_links_on_label_id"
+    t.index ["target_id", "target_type"], name: "index_label_links_on_target_id_and_target_type"
   end
 
   create_table "label_priorities", id: :serial, force: :cascade do |t|
@@ -1755,9 +1755,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "priority", null: false
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["label_id"], name: "index_label_priorities_on_label_id", using: :btree
-    t.index ["priority"], name: "index_label_priorities_on_priority", using: :btree
-    t.index ["project_id", "label_id"], name: "index_label_priorities_on_project_id_and_label_id", unique: true, using: :btree
+    t.index ["label_id"], name: "index_label_priorities_on_label_id"
+    t.index ["priority"], name: "index_label_priorities_on_priority"
+    t.index ["project_id", "label_id"], name: "index_label_priorities_on_project_id_and_label_id", unique: true
   end
 
   create_table "labels", id: :serial, force: :cascade do |t|
@@ -1772,11 +1772,11 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "type"
     t.integer "group_id"
     t.integer "cached_markdown_version"
-    t.index ["group_id", "project_id", "title"], name: "index_labels_on_group_id_and_project_id_and_title", unique: true, using: :btree
-    t.index ["project_id"], name: "index_labels_on_project_id", using: :btree
-    t.index ["template"], name: "index_labels_on_template", where: "template", using: :btree
-    t.index ["title"], name: "index_labels_on_title", using: :btree
-    t.index ["type", "project_id"], name: "index_labels_on_type_and_project_id", using: :btree
+    t.index ["group_id", "project_id", "title"], name: "index_labels_on_group_id_and_project_id_and_title", unique: true
+    t.index ["project_id"], name: "index_labels_on_project_id"
+    t.index ["template"], name: "index_labels_on_template", where: "template"
+    t.index ["title"], name: "index_labels_on_title"
+    t.index ["type", "project_id"], name: "index_labels_on_type_and_project_id"
   end
 
   create_table "ldap_group_links", id: :serial, force: :cascade do |t|
@@ -1794,8 +1794,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "user_id", null: false
     t.datetime "created_at", null: false
     t.string "path", limit: 511
-    t.index ["project_id", "path"], name: "index_lfs_file_locks_on_project_id_and_path", unique: true, using: :btree
-    t.index ["user_id"], name: "index_lfs_file_locks_on_user_id", using: :btree
+    t.index ["project_id", "path"], name: "index_lfs_file_locks_on_project_id_and_path", unique: true
+    t.index ["user_id"], name: "index_lfs_file_locks_on_user_id"
   end
 
   create_table "lfs_objects", id: :serial, force: :cascade do |t|
@@ -1805,8 +1805,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "updated_at"
     t.string "file"
     t.integer "file_store"
-    t.index ["file_store"], name: "index_lfs_objects_on_file_store", using: :btree
-    t.index ["oid"], name: "index_lfs_objects_on_oid", unique: true, using: :btree
+    t.index ["file_store"], name: "index_lfs_objects_on_file_store"
+    t.index ["oid"], name: "index_lfs_objects_on_oid", unique: true
   end
 
   create_table "lfs_objects_projects", id: :serial, force: :cascade do |t|
@@ -1815,8 +1815,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "created_at"
     t.datetime "updated_at"
     t.integer "repository_type", limit: 2
-    t.index ["lfs_object_id"], name: "index_lfs_objects_projects_on_lfs_object_id", using: :btree
-    t.index ["project_id"], name: "index_lfs_objects_projects_on_project_id", using: :btree
+    t.index ["lfs_object_id"], name: "index_lfs_objects_projects_on_lfs_object_id"
+    t.index ["project_id"], name: "index_lfs_objects_projects_on_project_id"
   end
 
   create_table "licenses", id: :serial, force: :cascade do |t|
@@ -1834,11 +1834,11 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "updated_at", null: false
     t.integer "milestone_id"
     t.integer "user_id"
-    t.index ["board_id", "label_id"], name: "index_lists_on_board_id_and_label_id", unique: true, using: :btree
-    t.index ["label_id"], name: "index_lists_on_label_id", using: :btree
-    t.index ["list_type"], name: "index_lists_on_list_type", using: :btree
-    t.index ["milestone_id"], name: "index_lists_on_milestone_id", using: :btree
-    t.index ["user_id"], name: "index_lists_on_user_id", using: :btree
+    t.index ["board_id", "label_id"], name: "index_lists_on_board_id_and_label_id", unique: true
+    t.index ["label_id"], name: "index_lists_on_label_id"
+    t.index ["list_type"], name: "index_lists_on_list_type"
+    t.index ["milestone_id"], name: "index_lists_on_milestone_id"
+    t.index ["user_id"], name: "index_lists_on_user_id"
   end
 
   create_table "members", id: :serial, force: :cascade do |t|
@@ -1858,20 +1858,20 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.date "expires_at"
     t.boolean "ldap", default: false, null: false
     t.boolean "override", default: false, null: false
-    t.index ["access_level"], name: "index_members_on_access_level", using: :btree
-    t.index ["invite_email"], name: "index_members_on_invite_email", using: :btree
-    t.index ["invite_token"], name: "index_members_on_invite_token", unique: true, using: :btree
-    t.index ["requested_at"], name: "index_members_on_requested_at", using: :btree
-    t.index ["source_id", "source_type"], name: "index_members_on_source_id_and_source_type", using: :btree
-    t.index ["user_id"], name: "index_members_on_user_id", using: :btree
+    t.index ["access_level"], name: "index_members_on_access_level"
+    t.index ["invite_email"], name: "index_members_on_invite_email"
+    t.index ["invite_token"], name: "index_members_on_invite_token", unique: true
+    t.index ["requested_at"], name: "index_members_on_requested_at"
+    t.index ["source_id", "source_type"], name: "index_members_on_source_id_and_source_type"
+    t.index ["user_id"], name: "index_members_on_user_id"
   end
 
   create_table "merge_request_assignees", force: :cascade do |t|
     t.integer "user_id", null: false
     t.integer "merge_request_id", null: false
-    t.index ["merge_request_id", "user_id"], name: "index_merge_request_assignees_on_merge_request_id_and_user_id", unique: true, using: :btree
-    t.index ["merge_request_id"], name: "index_merge_request_assignees_on_merge_request_id", using: :btree
-    t.index ["user_id"], name: "index_merge_request_assignees_on_user_id", using: :btree
+    t.index ["merge_request_id", "user_id"], name: "index_merge_request_assignees_on_merge_request_id_and_user_id", unique: true
+    t.index ["merge_request_id"], name: "index_merge_request_assignees_on_merge_request_id"
+    t.index ["user_id"], name: "index_merge_request_assignees_on_user_id"
   end
 
   create_table "merge_request_blocks", force: :cascade do |t|
@@ -1879,8 +1879,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "blocked_merge_request_id", null: false
     t.datetime_with_timezone "created_at", null: false
     t.datetime_with_timezone "updated_at", null: false
-    t.index ["blocked_merge_request_id"], name: "index_merge_request_blocks_on_blocked_merge_request_id", using: :btree
-    t.index ["blocking_merge_request_id", "blocked_merge_request_id"], name: "index_mr_blocks_on_blocking_and_blocked_mr_ids", unique: true, using: :btree
+    t.index ["blocked_merge_request_id"], name: "index_merge_request_blocks_on_blocked_merge_request_id"
+    t.index ["blocking_merge_request_id", "blocked_merge_request_id"], name: "index_mr_blocks_on_blocking_and_blocked_mr_ids", unique: true
   end
 
   create_table "merge_request_diff_commits", id: false, force: :cascade do |t|
@@ -1894,8 +1894,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "committer_name"
     t.text "committer_email"
     t.text "message"
-    t.index ["merge_request_diff_id", "relative_order"], name: "index_merge_request_diff_commits_on_mr_diff_id_and_order", unique: true, using: :btree
-    t.index ["sha"], name: "index_merge_request_diff_commits_on_sha", using: :btree
+    t.index ["merge_request_diff_id", "relative_order"], name: "index_merge_request_diff_commits_on_mr_diff_id_and_order", unique: true
+    t.index ["sha"], name: "index_merge_request_diff_commits_on_sha"
   end
 
   create_table "merge_request_diff_files", id: false, force: :cascade do |t|
@@ -1913,7 +1913,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "binary"
     t.integer "external_diff_offset"
     t.integer "external_diff_size"
-    t.index ["merge_request_diff_id", "relative_order"], name: "index_merge_request_diff_files_on_mr_diff_id_and_order", unique: true, using: :btree
+    t.index ["merge_request_diff_id", "relative_order"], name: "index_merge_request_diff_files_on_mr_diff_id_and_order", unique: true
   end
 
   create_table "merge_request_diffs", id: :serial, force: :cascade do |t|
@@ -1929,8 +1929,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "external_diff"
     t.integer "external_diff_store"
     t.boolean "stored_externally"
-    t.index ["merge_request_id", "id"], name: "index_merge_request_diffs_on_merge_request_id_and_id", using: :btree
-    t.index ["merge_request_id", "id"], name: "index_merge_request_diffs_on_merge_request_id_and_id_partial", where: "((NOT stored_externally) OR (stored_externally IS NULL))", using: :btree
+    t.index ["merge_request_id", "id"], name: "index_merge_request_diffs_on_merge_request_id_and_id"
+    t.index ["merge_request_id", "id"], name: "index_merge_request_diffs_on_merge_request_id_and_id_partial", where: "((NOT stored_externally) OR (stored_externally IS NULL))"
   end
 
   create_table "merge_request_metrics", id: :serial, force: :cascade do |t|
@@ -1945,13 +1945,13 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "merged_by_id"
     t.integer "latest_closed_by_id"
     t.datetime_with_timezone "latest_closed_at"
-    t.index ["first_deployed_to_production_at"], name: "index_merge_request_metrics_on_first_deployed_to_production_at", using: :btree
-    t.index ["latest_closed_at"], name: "index_merge_request_metrics_on_latest_closed_at", where: "(latest_closed_at IS NOT NULL)", using: :btree
-    t.index ["latest_closed_by_id"], name: "index_merge_request_metrics_on_latest_closed_by_id", using: :btree
-    t.index ["merge_request_id", "merged_at"], name: "index_merge_request_metrics_on_merge_request_id_and_merged_at", where: "(merged_at IS NOT NULL)", using: :btree
-    t.index ["merge_request_id"], name: "index_merge_request_metrics", using: :btree
-    t.index ["merged_by_id"], name: "index_merge_request_metrics_on_merged_by_id", using: :btree
-    t.index ["pipeline_id"], name: "index_merge_request_metrics_on_pipeline_id", using: :btree
+    t.index ["first_deployed_to_production_at"], name: "index_merge_request_metrics_on_first_deployed_to_production_at"
+    t.index ["latest_closed_at"], name: "index_merge_request_metrics_on_latest_closed_at", where: "(latest_closed_at IS NOT NULL)"
+    t.index ["latest_closed_by_id"], name: "index_merge_request_metrics_on_latest_closed_by_id"
+    t.index ["merge_request_id", "merged_at"], name: "index_merge_request_metrics_on_merge_request_id_and_merged_at", where: "(merged_at IS NOT NULL)"
+    t.index ["merge_request_id"], name: "index_merge_request_metrics"
+    t.index ["merged_by_id"], name: "index_merge_request_metrics_on_merged_by_id"
+    t.index ["pipeline_id"], name: "index_merge_request_metrics_on_pipeline_id"
   end
 
   create_table "merge_requests", id: :serial, force: :cascade do |t|
@@ -1993,26 +1993,26 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "state_id", limit: 2
     t.integer "approvals_before_merge"
     t.string "rebase_jid"
-    t.index ["assignee_id"], name: "index_merge_requests_on_assignee_id", using: :btree
-    t.index ["author_id"], name: "index_merge_requests_on_author_id", using: :btree
-    t.index ["created_at"], name: "index_merge_requests_on_created_at", using: :btree
-    t.index ["description"], name: "index_merge_requests_on_description_trigram", using: :gin, opclasses: {"description"=>"gin_trgm_ops"}
-    t.index ["head_pipeline_id"], name: "index_merge_requests_on_head_pipeline_id", using: :btree
-    t.index ["id", "merge_jid"], name: "index_merge_requests_on_id_and_merge_jid", where: "((merge_jid IS NOT NULL) AND ((state)::text = 'locked'::text))", using: :btree
-    t.index ["latest_merge_request_diff_id"], name: "index_merge_requests_on_latest_merge_request_diff_id", using: :btree
-    t.index ["merge_user_id"], name: "index_merge_requests_on_merge_user_id", where: "(merge_user_id IS NOT NULL)", using: :btree
-    t.index ["milestone_id"], name: "index_merge_requests_on_milestone_id", using: :btree
-    t.index ["source_branch"], name: "index_merge_requests_on_source_branch", using: :btree
-    t.index ["source_project_id", "source_branch"], name: "index_merge_requests_on_source_project_and_branch_state_opened", where: "((state)::text = 'opened'::text)", using: :btree
-    t.index ["source_project_id", "source_branch"], name: "index_merge_requests_on_source_project_id_and_source_branch", using: :btree
-    t.index ["state", "merge_status"], name: "index_merge_requests_on_state_and_merge_status", where: "(((state)::text = 'opened'::text) AND ((merge_status)::text = 'can_be_merged'::text))", using: :btree
-    t.index ["target_branch"], name: "index_merge_requests_on_target_branch", using: :btree
-    t.index ["target_project_id", "iid"], name: "index_merge_requests_on_target_project_id_and_iid", unique: true, using: :btree
-    t.index ["target_project_id", "iid"], name: "index_merge_requests_on_target_project_id_and_iid_opened", where: "((state)::text = 'opened'::text)", using: :btree
-    t.index ["target_project_id", "merge_commit_sha", "id"], name: "index_merge_requests_on_tp_id_and_merge_commit_sha_and_id", using: :btree
-    t.index ["title"], name: "index_merge_requests_on_title", using: :btree
-    t.index ["title"], name: "index_merge_requests_on_title_trigram", using: :gin, opclasses: {"title"=>"gin_trgm_ops"}
-    t.index ["updated_by_id"], name: "index_merge_requests_on_updated_by_id", where: "(updated_by_id IS NOT NULL)", using: :btree
+    t.index ["assignee_id"], name: "index_merge_requests_on_assignee_id"
+    t.index ["author_id"], name: "index_merge_requests_on_author_id"
+    t.index ["created_at"], name: "index_merge_requests_on_created_at"
+    t.index ["description"], name: "index_merge_requests_on_description_trigram", opclass: :gin_trgm_ops, using: :gin
+    t.index ["head_pipeline_id"], name: "index_merge_requests_on_head_pipeline_id"
+    t.index ["id", "merge_jid"], name: "index_merge_requests_on_id_and_merge_jid", where: "((merge_jid IS NOT NULL) AND ((state)::text = 'locked'::text))"
+    t.index ["latest_merge_request_diff_id"], name: "index_merge_requests_on_latest_merge_request_diff_id"
+    t.index ["merge_user_id"], name: "index_merge_requests_on_merge_user_id", where: "(merge_user_id IS NOT NULL)"
+    t.index ["milestone_id"], name: "index_merge_requests_on_milestone_id"
+    t.index ["source_branch"], name: "index_merge_requests_on_source_branch"
+    t.index ["source_project_id", "source_branch"], name: "index_merge_requests_on_source_project_and_branch_state_opened", where: "((state)::text = 'opened'::text)"
+    t.index ["source_project_id", "source_branch"], name: "index_merge_requests_on_source_project_id_and_source_branch"
+    t.index ["state", "merge_status"], name: "index_merge_requests_on_state_and_merge_status", where: "(((state)::text = 'opened'::text) AND ((merge_status)::text = 'can_be_merged'::text))"
+    t.index ["target_branch"], name: "index_merge_requests_on_target_branch"
+    t.index ["target_project_id", "iid"], name: "index_merge_requests_on_target_project_id_and_iid", unique: true
+    t.index ["target_project_id", "iid"], name: "index_merge_requests_on_target_project_id_and_iid_opened", where: "((state)::text = 'opened'::text)"
+    t.index ["target_project_id", "merge_commit_sha", "id"], name: "index_merge_requests_on_tp_id_and_merge_commit_sha_and_id"
+    t.index ["title"], name: "index_merge_requests_on_title"
+    t.index ["title"], name: "index_merge_requests_on_title_trigram", opclass: :gin_trgm_ops, using: :gin
+    t.index ["updated_by_id"], name: "index_merge_requests_on_updated_by_id", where: "(updated_by_id IS NOT NULL)"
   end
 
   create_table "merge_requests_closing_issues", id: :serial, force: :cascade do |t|
@@ -2020,8 +2020,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "issue_id", null: false
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["issue_id"], name: "index_merge_requests_closing_issues_on_issue_id", using: :btree
-    t.index ["merge_request_id"], name: "index_merge_requests_closing_issues_on_merge_request_id", using: :btree
+    t.index ["issue_id"], name: "index_merge_requests_closing_issues_on_issue_id"
+    t.index ["merge_request_id"], name: "index_merge_requests_closing_issues_on_merge_request_id"
   end
 
   create_table "merge_trains", force: :cascade do |t|
@@ -2032,10 +2032,10 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "updated_at", null: false
     t.integer "target_project_id", null: false
     t.text "target_branch", null: false
-    t.index ["merge_request_id"], name: "index_merge_trains_on_merge_request_id", unique: true, using: :btree
-    t.index ["pipeline_id"], name: "index_merge_trains_on_pipeline_id", using: :btree
-    t.index ["target_project_id"], name: "index_merge_trains_on_target_project_id", using: :btree
-    t.index ["user_id"], name: "index_merge_trains_on_user_id", using: :btree
+    t.index ["merge_request_id"], name: "index_merge_trains_on_merge_request_id", unique: true
+    t.index ["pipeline_id"], name: "index_merge_trains_on_pipeline_id"
+    t.index ["target_project_id"], name: "index_merge_trains_on_target_project_id"
+    t.index ["user_id"], name: "index_merge_trains_on_user_id"
   end
 
   create_table "milestones", id: :serial, force: :cascade do |t|
@@ -2052,16 +2052,16 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.date "start_date"
     t.integer "cached_markdown_version"
     t.integer "group_id"
-    t.index ["description"], name: "index_milestones_on_description_trigram", using: :gin, opclasses: {"description"=>"gin_trgm_ops"}
-    t.index ["due_date"], name: "index_milestones_on_due_date", using: :btree
-    t.index ["group_id"], name: "index_milestones_on_group_id", using: :btree
-    t.index ["project_id", "iid"], name: "index_milestones_on_project_id_and_iid", unique: true, using: :btree
-    t.index ["title"], name: "index_milestones_on_title", using: :btree
-    t.index ["title"], name: "index_milestones_on_title_trigram", using: :gin, opclasses: {"title"=>"gin_trgm_ops"}
+    t.index ["description"], name: "index_milestones_on_description_trigram", opclass: :gin_trgm_ops, using: :gin
+    t.index ["due_date"], name: "index_milestones_on_due_date"
+    t.index ["group_id"], name: "index_milestones_on_group_id"
+    t.index ["project_id", "iid"], name: "index_milestones_on_project_id_and_iid", unique: true
+    t.index ["title"], name: "index_milestones_on_title"
+    t.index ["title"], name: "index_milestones_on_title_trigram", opclass: :gin_trgm_ops, using: :gin
   end
 
   create_table "namespace_aggregation_schedules", primary_key: "namespace_id", id: :integer, default: nil, force: :cascade do |t|
-    t.index ["namespace_id"], name: "index_namespace_aggregation_schedules_on_namespace_id", unique: true, using: :btree
+    t.index ["namespace_id"], name: "index_namespace_aggregation_schedules_on_namespace_id", unique: true
   end
 
   create_table "namespace_root_storage_statistics", primary_key: "namespace_id", id: :integer, default: nil, force: :cascade do |t|
@@ -2072,14 +2072,14 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.bigint "build_artifacts_size", default: 0, null: false
     t.bigint "storage_size", default: 0, null: false
     t.bigint "packages_size", default: 0, null: false
-    t.index ["namespace_id"], name: "index_namespace_root_storage_statistics_on_namespace_id", unique: true, using: :btree
+    t.index ["namespace_id"], name: "index_namespace_root_storage_statistics_on_namespace_id", unique: true
   end
 
   create_table "namespace_statistics", id: :serial, force: :cascade do |t|
     t.integer "namespace_id", null: false
     t.integer "shared_runners_seconds", default: 0, null: false
     t.datetime "shared_runners_seconds_last_reset"
-    t.index ["namespace_id"], name: "index_namespace_statistics_on_namespace_id", unique: true, using: :btree
+    t.index ["namespace_id"], name: "index_namespace_statistics_on_namespace_id", unique: true
   end
 
   create_table "namespaces", id: :serial, force: :cascade do |t|
@@ -2121,24 +2121,24 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "membership_lock", default: false
     t.integer "last_ci_minutes_usage_notification_level"
     t.integer "subgroup_creation_level", default: 1
-    t.index ["created_at"], name: "index_namespaces_on_created_at", using: :btree
-    t.index ["custom_project_templates_group_id", "type"], name: "index_namespaces_on_custom_project_templates_group_id_and_type", where: "(custom_project_templates_group_id IS NOT NULL)", using: :btree
-    t.index ["file_template_project_id"], name: "index_namespaces_on_file_template_project_id", using: :btree
-    t.index ["ldap_sync_last_successful_update_at"], name: "index_namespaces_on_ldap_sync_last_successful_update_at", using: :btree
-    t.index ["ldap_sync_last_update_at"], name: "index_namespaces_on_ldap_sync_last_update_at", using: :btree
-    t.index ["name", "parent_id"], name: "index_namespaces_on_name_and_parent_id", unique: true, using: :btree
-    t.index ["name"], name: "index_namespaces_on_name_trigram", using: :gin, opclasses: {"name"=>"gin_trgm_ops"}
-    t.index ["owner_id"], name: "index_namespaces_on_owner_id", using: :btree
-    t.index ["parent_id", "id"], name: "index_namespaces_on_parent_id_and_id", unique: true, using: :btree
-    t.index ["path"], name: "index_namespaces_on_path", using: :btree
-    t.index ["path"], name: "index_namespaces_on_path_trigram", using: :gin, opclasses: {"path"=>"gin_trgm_ops"}
-    t.index ["plan_id"], name: "index_namespaces_on_plan_id", using: :btree
-    t.index ["require_two_factor_authentication"], name: "index_namespaces_on_require_two_factor_authentication", using: :btree
-    t.index ["runners_token"], name: "index_namespaces_on_runners_token", unique: true, using: :btree
-    t.index ["runners_token_encrypted"], name: "index_namespaces_on_runners_token_encrypted", unique: true, using: :btree
-    t.index ["shared_runners_minutes_limit", "extra_shared_runners_minutes_limit"], name: "index_namespaces_on_shared_and_extra_runners_minutes_limit", using: :btree
-    t.index ["trial_ends_on"], name: "index_namespaces_on_trial_ends_on", where: "(trial_ends_on IS NOT NULL)", using: :btree
-    t.index ["type"], name: "index_namespaces_on_type", using: :btree
+    t.index ["created_at"], name: "index_namespaces_on_created_at"
+    t.index ["custom_project_templates_group_id", "type"], name: "index_namespaces_on_custom_project_templates_group_id_and_type", where: "(custom_project_templates_group_id IS NOT NULL)"
+    t.index ["file_template_project_id"], name: "index_namespaces_on_file_template_project_id"
+    t.index ["ldap_sync_last_successful_update_at"], name: "index_namespaces_on_ldap_sync_last_successful_update_at"
+    t.index ["ldap_sync_last_update_at"], name: "index_namespaces_on_ldap_sync_last_update_at"
+    t.index ["name", "parent_id"], name: "index_namespaces_on_name_and_parent_id", unique: true
+    t.index ["name"], name: "index_namespaces_on_name_trigram", opclass: :gin_trgm_ops, using: :gin
+    t.index ["owner_id"], name: "index_namespaces_on_owner_id"
+    t.index ["parent_id", "id"], name: "index_namespaces_on_parent_id_and_id", unique: true
+    t.index ["path"], name: "index_namespaces_on_path"
+    t.index ["path"], name: "index_namespaces_on_path_trigram", opclass: :gin_trgm_ops, using: :gin
+    t.index ["plan_id"], name: "index_namespaces_on_plan_id"
+    t.index ["require_two_factor_authentication"], name: "index_namespaces_on_require_two_factor_authentication"
+    t.index ["runners_token"], name: "index_namespaces_on_runners_token", unique: true
+    t.index ["runners_token_encrypted"], name: "index_namespaces_on_runners_token_encrypted", unique: true
+    t.index ["shared_runners_minutes_limit", "extra_shared_runners_minutes_limit"], name: "index_namespaces_on_shared_and_extra_runners_minutes_limit"
+    t.index ["trial_ends_on"], name: "index_namespaces_on_trial_ends_on", where: "(trial_ends_on IS NOT NULL)"
+    t.index ["type"], name: "index_namespaces_on_type"
   end
 
   create_table "note_diff_files", id: :serial, force: :cascade do |t|
@@ -2151,7 +2151,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "b_mode", null: false
     t.text "new_path", null: false
     t.text "old_path", null: false
-    t.index ["diff_note_id"], name: "index_note_diff_files_on_diff_note_id", unique: true, using: :btree
+    t.index ["diff_note_id"], name: "index_note_diff_files_on_diff_note_id", unique: true
   end
 
   create_table "notes", id: :serial, force: :cascade do |t|
@@ -2179,16 +2179,16 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "change_position"
     t.boolean "resolved_by_push"
     t.bigint "review_id"
-    t.index ["author_id"], name: "index_notes_on_author_id", using: :btree
-    t.index ["commit_id"], name: "index_notes_on_commit_id", using: :btree
-    t.index ["created_at"], name: "index_notes_on_created_at", using: :btree
-    t.index ["discussion_id"], name: "index_notes_on_discussion_id", using: :btree
-    t.index ["line_code"], name: "index_notes_on_line_code", using: :btree
-    t.index ["note"], name: "index_notes_on_note_trigram", using: :gin, opclasses: {"note"=>"gin_trgm_ops"}
-    t.index ["noteable_id", "noteable_type"], name: "index_notes_on_noteable_id_and_noteable_type", using: :btree
-    t.index ["noteable_type"], name: "index_notes_on_noteable_type", using: :btree
-    t.index ["project_id", "noteable_type"], name: "index_notes_on_project_id_and_noteable_type", using: :btree
-    t.index ["review_id"], name: "index_notes_on_review_id", using: :btree
+    t.index ["author_id"], name: "index_notes_on_author_id"
+    t.index ["commit_id"], name: "index_notes_on_commit_id"
+    t.index ["created_at"], name: "index_notes_on_created_at"
+    t.index ["discussion_id"], name: "index_notes_on_discussion_id"
+    t.index ["line_code"], name: "index_notes_on_line_code"
+    t.index ["note"], name: "index_notes_on_note_trigram", opclass: :gin_trgm_ops, using: :gin
+    t.index ["noteable_id", "noteable_type"], name: "index_notes_on_noteable_id_and_noteable_type"
+    t.index ["noteable_type"], name: "index_notes_on_noteable_type"
+    t.index ["project_id", "noteable_type"], name: "index_notes_on_project_id_and_noteable_type"
+    t.index ["review_id"], name: "index_notes_on_review_id"
   end
 
   create_table "notification_settings", id: :serial, force: :cascade do |t|
@@ -2214,9 +2214,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "issue_due"
     t.string "notification_email"
     t.boolean "new_epic"
-    t.index ["source_id", "source_type"], name: "index_notification_settings_on_source_id_and_source_type", using: :btree
-    t.index ["user_id", "source_id", "source_type"], name: "index_notifications_on_user_id_and_source_id_and_source_type", unique: true, using: :btree
-    t.index ["user_id"], name: "index_notification_settings_on_user_id", using: :btree
+    t.index ["source_id", "source_type"], name: "index_notification_settings_on_source_id_and_source_type"
+    t.index ["user_id", "source_id", "source_type"], name: "index_notifications_on_user_id_and_source_id_and_source_type", unique: true
+    t.index ["user_id"], name: "index_notification_settings_on_user_id"
   end
 
   create_table "oauth_access_grants", id: :serial, force: :cascade do |t|
@@ -2228,7 +2228,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "created_at", null: false
     t.datetime "revoked_at"
     t.string "scopes"
-    t.index ["token"], name: "index_oauth_access_grants_on_token", unique: true, using: :btree
+    t.index ["token"], name: "index_oauth_access_grants_on_token", unique: true
   end
 
   create_table "oauth_access_tokens", id: :serial, force: :cascade do |t|
@@ -2240,9 +2240,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "revoked_at"
     t.datetime "created_at", null: false
     t.string "scopes"
-    t.index ["refresh_token"], name: "index_oauth_access_tokens_on_refresh_token", unique: true, using: :btree
-    t.index ["resource_owner_id"], name: "index_oauth_access_tokens_on_resource_owner_id", using: :btree
-    t.index ["token"], name: "index_oauth_access_tokens_on_token", unique: true, using: :btree
+    t.index ["refresh_token"], name: "index_oauth_access_tokens_on_refresh_token", unique: true
+    t.index ["resource_owner_id"], name: "index_oauth_access_tokens_on_resource_owner_id"
+    t.index ["token"], name: "index_oauth_access_tokens_on_token", unique: true
   end
 
   create_table "oauth_applications", id: :serial, force: :cascade do |t|
@@ -2256,14 +2256,14 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "owner_id"
     t.string "owner_type"
     t.boolean "trusted", default: false, null: false
-    t.index ["owner_id", "owner_type"], name: "index_oauth_applications_on_owner_id_and_owner_type", using: :btree
-    t.index ["uid"], name: "index_oauth_applications_on_uid", unique: true, using: :btree
+    t.index ["owner_id", "owner_type"], name: "index_oauth_applications_on_owner_id_and_owner_type"
+    t.index ["uid"], name: "index_oauth_applications_on_uid", unique: true
   end
 
   create_table "oauth_openid_requests", id: :serial, force: :cascade do |t|
     t.integer "access_grant_id", null: false
     t.string "nonce", null: false
-    t.index ["access_grant_id"], name: "index_oauth_openid_requests_on_access_grant_id", using: :btree
+    t.index ["access_grant_id"], name: "index_oauth_openid_requests_on_access_grant_id"
   end
 
   create_table "operations_feature_flag_scopes", force: :cascade do |t|
@@ -2273,7 +2273,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "active", null: false
     t.string "environment_scope", default: "*", null: false
     t.jsonb "strategies", default: [{"name"=>"default", "parameters"=>{}}], null: false
-    t.index ["feature_flag_id", "environment_scope"], name: "index_feature_flag_scopes_on_flag_id_and_environment_scope", unique: true, using: :btree
+    t.index ["feature_flag_id", "environment_scope"], name: "index_feature_flag_scopes_on_flag_id_and_environment_scope", unique: true
   end
 
   create_table "operations_feature_flags", force: :cascade do |t|
@@ -2283,15 +2283,15 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "updated_at", null: false
     t.string "name", null: false
     t.text "description"
-    t.index ["project_id", "name"], name: "index_operations_feature_flags_on_project_id_and_name", unique: true, using: :btree
+    t.index ["project_id", "name"], name: "index_operations_feature_flags_on_project_id_and_name", unique: true
   end
 
   create_table "operations_feature_flags_clients", force: :cascade do |t|
     t.integer "project_id", null: false
     t.string "token"
     t.string "token_encrypted"
-    t.index ["project_id", "token"], name: "index_operations_feature_flags_clients_on_project_id_and_token", unique: true, using: :btree
-    t.index ["project_id", "token_encrypted"], name: "index_feature_flags_clients_on_project_id_and_token_encrypted", unique: true, using: :btree
+    t.index ["project_id", "token"], name: "index_operations_feature_flags_clients_on_project_id_and_token", unique: true
+    t.index ["project_id", "token_encrypted"], name: "index_feature_flags_clients_on_project_id_and_token_encrypted", unique: true
   end
 
   create_table "packages_maven_metadata", force: :cascade do |t|
@@ -2302,7 +2302,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "app_name", null: false
     t.string "app_version"
     t.string "path", limit: 512, null: false
-    t.index ["package_id", "path"], name: "index_packages_maven_metadata_on_package_id_and_path", using: :btree
+    t.index ["package_id", "path"], name: "index_packages_maven_metadata_on_package_id_and_path"
   end
 
   create_table "packages_package_files", force: :cascade do |t|
@@ -2316,7 +2316,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.binary "file_sha1"
     t.string "file_name", null: false
     t.text "file", null: false
-    t.index ["package_id", "file_name"], name: "index_packages_package_files_on_package_id_and_file_name", using: :btree
+    t.index ["package_id", "file_name"], name: "index_packages_package_files_on_package_id_and_file_name"
   end
 
   create_table "packages_packages", force: :cascade do |t|
@@ -2326,7 +2326,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "name", null: false
     t.string "version"
     t.integer "package_type", limit: 2, null: false
-    t.index ["project_id"], name: "index_packages_packages_on_project_id", using: :btree
+    t.index ["project_id"], name: "index_packages_packages_on_project_id"
   end
 
   create_table "pages_domain_acme_orders", force: :cascade do |t|
@@ -2339,8 +2339,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "challenge_file_content", null: false
     t.text "encrypted_private_key", null: false
     t.text "encrypted_private_key_iv", null: false
-    t.index ["challenge_token"], name: "index_pages_domain_acme_orders_on_challenge_token", using: :btree
-    t.index ["pages_domain_id"], name: "index_pages_domain_acme_orders_on_pages_domain_id", using: :btree
+    t.index ["challenge_token"], name: "index_pages_domain_acme_orders_on_challenge_token"
+    t.index ["pages_domain_id"], name: "index_pages_domain_acme_orders_on_pages_domain_id"
   end
 
   create_table "pages_domains", id: :serial, force: :cascade do |t|
@@ -2358,13 +2358,13 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "certificate_valid_not_before"
     t.datetime_with_timezone "certificate_valid_not_after"
     t.integer "certificate_source", limit: 2, default: 0, null: false
-    t.index ["certificate_source", "certificate_valid_not_after"], name: "index_pages_domains_need_auto_ssl_renewal", where: "(auto_ssl_enabled = true)", using: :btree
-    t.index ["domain"], name: "index_pages_domains_on_domain", unique: true, using: :btree
-    t.index ["project_id", "enabled_until"], name: "index_pages_domains_on_project_id_and_enabled_until", using: :btree
-    t.index ["project_id"], name: "index_pages_domains_on_project_id", using: :btree
-    t.index ["remove_at"], name: "index_pages_domains_on_remove_at", using: :btree
-    t.index ["verified_at", "enabled_until"], name: "index_pages_domains_on_verified_at_and_enabled_until", using: :btree
-    t.index ["verified_at"], name: "index_pages_domains_on_verified_at", using: :btree
+    t.index ["certificate_source", "certificate_valid_not_after"], name: "index_pages_domains_need_auto_ssl_renewal", where: "(auto_ssl_enabled = true)"
+    t.index ["domain"], name: "index_pages_domains_on_domain", unique: true
+    t.index ["project_id", "enabled_until"], name: "index_pages_domains_on_project_id_and_enabled_until"
+    t.index ["project_id"], name: "index_pages_domains_on_project_id"
+    t.index ["remove_at"], name: "index_pages_domains_on_remove_at"
+    t.index ["verified_at", "enabled_until"], name: "index_pages_domains_on_verified_at_and_enabled_until"
+    t.index ["verified_at"], name: "index_pages_domains_on_verified_at"
   end
 
   create_table "path_locks", id: :serial, force: :cascade do |t|
@@ -2373,9 +2373,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "user_id"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["path"], name: "index_path_locks_on_path", using: :btree
-    t.index ["project_id"], name: "index_path_locks_on_project_id", using: :btree
-    t.index ["user_id"], name: "index_path_locks_on_user_id", using: :btree
+    t.index ["path"], name: "index_path_locks_on_path"
+    t.index ["project_id"], name: "index_path_locks_on_project_id"
+    t.index ["user_id"], name: "index_path_locks_on_user_id"
   end
 
   create_table "personal_access_tokens", id: :serial, force: :cascade do |t|
@@ -2388,8 +2388,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "scopes", default: "--- []\n", null: false
     t.boolean "impersonation", default: false, null: false
     t.string "token_digest"
-    t.index ["token_digest"], name: "index_personal_access_tokens_on_token_digest", unique: true, using: :btree
-    t.index ["user_id"], name: "index_personal_access_tokens_on_user_id", using: :btree
+    t.index ["token_digest"], name: "index_personal_access_tokens_on_token_digest", unique: true
+    t.index ["user_id"], name: "index_personal_access_tokens_on_user_id"
   end
 
   create_table "plans", id: :serial, force: :cascade do |t|
@@ -2399,7 +2399,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "title"
     t.integer "active_pipelines_limit"
     t.integer "pipeline_size_limit"
-    t.index ["name"], name: "index_plans_on_name", using: :btree
+    t.index ["name"], name: "index_plans_on_name"
   end
 
   create_table "pool_repositories", force: :cascade do |t|
@@ -2407,16 +2407,16 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "disk_path"
     t.string "state"
     t.integer "source_project_id"
-    t.index ["disk_path"], name: "index_pool_repositories_on_disk_path", unique: true, using: :btree
-    t.index ["shard_id"], name: "index_pool_repositories_on_shard_id", using: :btree
-    t.index ["source_project_id"], name: "index_pool_repositories_on_source_project_id", unique: true, using: :btree
+    t.index ["disk_path"], name: "index_pool_repositories_on_disk_path", unique: true
+    t.index ["shard_id"], name: "index_pool_repositories_on_shard_id"
+    t.index ["source_project_id"], name: "index_pool_repositories_on_source_project_id", unique: true
   end
 
   create_table "programming_languages", id: :serial, force: :cascade do |t|
     t.string "name", null: false
     t.string "color", null: false
     t.datetime_with_timezone "created_at", null: false
-    t.index ["name"], name: "index_programming_languages_on_name", unique: true, using: :btree
+    t.index ["name"], name: "index_programming_languages_on_name", unique: true
   end
 
   create_table "project_alerting_settings", primary_key: "project_id", id: :integer, default: nil, force: :cascade do |t|
@@ -2429,16 +2429,16 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "name", null: false
     t.datetime_with_timezone "created_at", null: false
     t.datetime_with_timezone "updated_at", null: false
-    t.index ["name"], name: "index_project_aliases_on_name", unique: true, using: :btree
-    t.index ["project_id"], name: "index_project_aliases_on_project_id", using: :btree
+    t.index ["name"], name: "index_project_aliases_on_name", unique: true
+    t.index ["project_id"], name: "index_project_aliases_on_project_id"
   end
 
   create_table "project_authorizations", id: false, force: :cascade do |t|
     t.integer "user_id", null: false
     t.integer "project_id", null: false
     t.integer "access_level", null: false
-    t.index ["project_id"], name: "index_project_authorizations_on_project_id", using: :btree
-    t.index ["user_id", "project_id", "access_level"], name: "index_project_authorizations_on_user_id_project_id_access_level", unique: true, using: :btree
+    t.index ["project_id"], name: "index_project_authorizations_on_project_id"
+    t.index ["user_id", "project_id", "access_level"], name: "index_project_authorizations_on_user_id_project_id_access_level", unique: true
   end
 
   create_table "project_auto_devops", id: :serial, force: :cascade do |t|
@@ -2447,7 +2447,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "updated_at", null: false
     t.boolean "enabled"
     t.integer "deploy_strategy", default: 0, null: false
-    t.index ["project_id"], name: "index_project_auto_devops_on_project_id", unique: true, using: :btree
+    t.index ["project_id"], name: "index_project_auto_devops_on_project_id", unique: true
   end
 
   create_table "project_ci_cd_settings", id: :serial, force: :cascade do |t|
@@ -2456,7 +2456,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "merge_pipelines_enabled"
     t.boolean "merge_trains_enabled", default: false, null: false
     t.integer "default_git_depth"
-    t.index ["project_id"], name: "index_project_ci_cd_settings_on_project_id", unique: true, using: :btree
+    t.index ["project_id"], name: "index_project_ci_cd_settings_on_project_id", unique: true
   end
 
   create_table "project_custom_attributes", id: :serial, force: :cascade do |t|
@@ -2465,23 +2465,23 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "project_id", null: false
     t.string "key", null: false
     t.string "value", null: false
-    t.index ["key", "value"], name: "index_project_custom_attributes_on_key_and_value", using: :btree
-    t.index ["project_id", "key"], name: "index_project_custom_attributes_on_project_id_and_key", unique: true, using: :btree
+    t.index ["key", "value"], name: "index_project_custom_attributes_on_key_and_value"
+    t.index ["project_id", "key"], name: "index_project_custom_attributes_on_project_id_and_key", unique: true
   end
 
   create_table "project_daily_statistics", force: :cascade do |t|
     t.integer "project_id", null: false
     t.integer "fetch_count", null: false
     t.date "date"
-    t.index ["project_id", "date"], name: "index_project_daily_statistics_on_project_id_and_date", unique: true, order: { date: :desc }, using: :btree
+    t.index ["project_id", "date"], name: "index_project_daily_statistics_on_project_id_and_date", unique: true, order: { date: :desc }
   end
 
   create_table "project_deploy_tokens", id: :serial, force: :cascade do |t|
     t.integer "project_id", null: false
     t.integer "deploy_token_id", null: false
     t.datetime_with_timezone "created_at", null: false
-    t.index ["deploy_token_id"], name: "index_project_deploy_tokens_on_deploy_token_id", using: :btree
-    t.index ["project_id", "deploy_token_id"], name: "index_project_deploy_tokens_on_project_id_and_deploy_token_id", unique: true, using: :btree
+    t.index ["deploy_token_id"], name: "index_project_deploy_tokens_on_deploy_token_id"
+    t.index ["project_id", "deploy_token_id"], name: "index_project_deploy_tokens_on_project_id_and_deploy_token_id", unique: true
   end
 
   create_table "project_error_tracking_settings", primary_key: "project_id", id: :integer, default: nil, force: :cascade do |t|
@@ -2496,9 +2496,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
   create_table "project_feature_usages", primary_key: "project_id", id: :integer, default: nil, force: :cascade do |t|
     t.datetime "jira_dvcs_cloud_last_sync_at"
     t.datetime "jira_dvcs_server_last_sync_at"
-    t.index ["jira_dvcs_cloud_last_sync_at", "project_id"], name: "idx_proj_feat_usg_on_jira_dvcs_cloud_last_sync_at_and_proj_id", where: "(jira_dvcs_cloud_last_sync_at IS NOT NULL)", using: :btree
-    t.index ["jira_dvcs_server_last_sync_at", "project_id"], name: "idx_proj_feat_usg_on_jira_dvcs_server_last_sync_at_and_proj_id", where: "(jira_dvcs_server_last_sync_at IS NOT NULL)", using: :btree
-    t.index ["project_id"], name: "index_project_feature_usages_on_project_id", using: :btree
+    t.index ["jira_dvcs_cloud_last_sync_at", "project_id"], name: "idx_proj_feat_usg_on_jira_dvcs_cloud_last_sync_at_and_proj_id", where: "(jira_dvcs_cloud_last_sync_at IS NOT NULL)"
+    t.index ["jira_dvcs_server_last_sync_at", "project_id"], name: "idx_proj_feat_usg_on_jira_dvcs_server_last_sync_at_and_proj_id", where: "(jira_dvcs_server_last_sync_at IS NOT NULL)"
+    t.index ["project_id"], name: "index_project_feature_usages_on_project_id"
   end
 
   create_table "project_features", id: :serial, force: :cascade do |t|
@@ -2512,7 +2512,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "updated_at"
     t.integer "repository_access_level", default: 20, null: false
     t.integer "pages_access_level", null: false
-    t.index ["project_id"], name: "index_project_features_on_project_id", unique: true, using: :btree
+    t.index ["project_id"], name: "index_project_features_on_project_id", unique: true
   end
 
   create_table "project_group_links", id: :serial, force: :cascade do |t|
@@ -2522,8 +2522,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "updated_at"
     t.integer "group_access", default: 30, null: false
     t.date "expires_at"
-    t.index ["group_id"], name: "index_project_group_links_on_group_id", using: :btree
-    t.index ["project_id"], name: "index_project_group_links_on_project_id", using: :btree
+    t.index ["group_id"], name: "index_project_group_links_on_group_id"
+    t.index ["project_id"], name: "index_project_group_links_on_project_id"
   end
 
   create_table "project_import_data", id: :serial, force: :cascade do |t|
@@ -2532,7 +2532,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "encrypted_credentials"
     t.string "encrypted_credentials_iv"
     t.string "encrypted_credentials_salt"
-    t.index ["project_id"], name: "index_project_import_data_on_project_id", using: :btree
+    t.index ["project_id"], name: "index_project_import_data_on_project_id"
   end
 
   create_table "project_incident_management_settings", primary_key: "project_id", id: :serial, force: :cascade do |t|
@@ -2556,21 +2556,21 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "last_update_started_at"
     t.datetime "next_execution_timestamp"
     t.integer "retry_count", default: 0, null: false
-    t.index ["jid"], name: "index_project_mirror_data_on_jid", using: :btree
-    t.index ["last_successful_update_at"], name: "index_project_mirror_data_on_last_successful_update_at", using: :btree
-    t.index ["last_update_at", "retry_count"], name: "index_project_mirror_data_on_last_update_at_and_retry_count", using: :btree
-    t.index ["next_execution_timestamp", "retry_count"], name: "index_mirror_data_on_next_execution_and_retry_count", using: :btree
-    t.index ["project_id"], name: "index_project_mirror_data_on_project_id", unique: true, using: :btree
-    t.index ["status"], name: "index_project_mirror_data_on_status", using: :btree
+    t.index ["jid"], name: "index_project_mirror_data_on_jid"
+    t.index ["last_successful_update_at"], name: "index_project_mirror_data_on_last_successful_update_at"
+    t.index ["last_update_at", "retry_count"], name: "index_project_mirror_data_on_last_update_at_and_retry_count"
+    t.index ["next_execution_timestamp", "retry_count"], name: "index_mirror_data_on_next_execution_and_retry_count"
+    t.index ["project_id"], name: "index_project_mirror_data_on_project_id", unique: true
+    t.index ["status"], name: "index_project_mirror_data_on_status"
   end
 
   create_table "project_repositories", force: :cascade do |t|
     t.integer "shard_id", null: false
     t.string "disk_path", null: false
     t.integer "project_id", null: false
-    t.index ["disk_path"], name: "index_project_repositories_on_disk_path", unique: true, using: :btree
-    t.index ["project_id"], name: "index_project_repositories_on_project_id", unique: true, using: :btree
-    t.index ["shard_id"], name: "index_project_repositories_on_shard_id", using: :btree
+    t.index ["disk_path"], name: "index_project_repositories_on_disk_path", unique: true
+    t.index ["project_id"], name: "index_project_repositories_on_project_id", unique: true
+    t.index ["shard_id"], name: "index_project_repositories_on_shard_id"
   end
 
   create_table "project_repository_states", id: :serial, force: :cascade do |t|
@@ -2585,12 +2585,12 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "wiki_retry_count"
     t.datetime_with_timezone "last_repository_verification_ran_at"
     t.datetime_with_timezone "last_wiki_verification_ran_at"
-    t.index ["last_repository_verification_failure"], name: "idx_repository_states_on_repository_failure_partial", where: "(last_repository_verification_failure IS NOT NULL)", using: :btree
-    t.index ["last_wiki_verification_failure"], name: "idx_repository_states_on_wiki_failure_partial", where: "(last_wiki_verification_failure IS NOT NULL)", using: :btree
-    t.index ["project_id", "last_repository_verification_ran_at"], name: "idx_repository_states_on_last_repository_verification_ran_at", where: "((repository_verification_checksum IS NOT NULL) AND (last_repository_verification_failure IS NULL))", using: :btree
-    t.index ["project_id", "last_wiki_verification_ran_at"], name: "idx_repository_states_on_last_wiki_verification_ran_at", where: "((wiki_verification_checksum IS NOT NULL) AND (last_wiki_verification_failure IS NULL))", using: :btree
-    t.index ["project_id"], name: "idx_repository_states_outdated_checksums", where: "(((repository_verification_checksum IS NULL) AND (last_repository_verification_failure IS NULL)) OR ((wiki_verification_checksum IS NULL) AND (last_wiki_verification_failure IS NULL)))", using: :btree
-    t.index ["project_id"], name: "index_project_repository_states_on_project_id", unique: true, using: :btree
+    t.index ["last_repository_verification_failure"], name: "idx_repository_states_on_repository_failure_partial", where: "(last_repository_verification_failure IS NOT NULL)"
+    t.index ["last_wiki_verification_failure"], name: "idx_repository_states_on_wiki_failure_partial", where: "(last_wiki_verification_failure IS NOT NULL)"
+    t.index ["project_id", "last_repository_verification_ran_at"], name: "idx_repository_states_on_last_repository_verification_ran_at", where: "((repository_verification_checksum IS NOT NULL) AND (last_repository_verification_failure IS NULL))"
+    t.index ["project_id", "last_wiki_verification_ran_at"], name: "idx_repository_states_on_last_wiki_verification_ran_at", where: "((wiki_verification_checksum IS NOT NULL) AND (last_wiki_verification_failure IS NULL))"
+    t.index ["project_id"], name: "idx_repository_states_outdated_checksums", where: "(((repository_verification_checksum IS NULL) AND (last_repository_verification_failure IS NULL)) OR ((wiki_verification_checksum IS NULL) AND (last_wiki_verification_failure IS NULL)))"
+    t.index ["project_id"], name: "index_project_repository_states_on_project_id", unique: true
   end
 
   create_table "project_statistics", id: :serial, force: :cascade do |t|
@@ -2605,8 +2605,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.bigint "wiki_size"
     t.bigint "shared_runners_seconds", default: 0, null: false
     t.datetime "shared_runners_seconds_last_reset"
-    t.index ["namespace_id"], name: "index_project_statistics_on_namespace_id", using: :btree
-    t.index ["project_id"], name: "index_project_statistics_on_project_id", unique: true, using: :btree
+    t.index ["namespace_id"], name: "index_project_statistics_on_namespace_id"
+    t.index ["project_id"], name: "index_project_statistics_on_project_id", unique: true
   end
 
   create_table "project_tracing_settings", force: :cascade do |t|
@@ -2614,7 +2614,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "updated_at", null: false
     t.integer "project_id", null: false
     t.string "external_url", null: false
-    t.index ["project_id"], name: "index_project_tracing_settings_on_project_id", unique: true, using: :btree
+    t.index ["project_id"], name: "index_project_tracing_settings_on_project_id", unique: true
   end
 
   create_table "projects", id: :serial, force: :cascade do |t|
@@ -2691,31 +2691,31 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "reset_approvals_on_push", default: true
     t.boolean "service_desk_enabled", default: true
     t.integer "approvals_before_merge", default: 0, null: false
-    t.index ["archived", "pending_delete", "merge_requests_require_code_owner_approval"], name: "projects_requiring_code_owner_approval", where: "((pending_delete = false) AND (archived = false) AND (merge_requests_require_code_owner_approval = true))", using: :btree
-    t.index ["created_at"], name: "index_projects_on_created_at", using: :btree
-    t.index ["creator_id"], name: "index_projects_on_creator_id", using: :btree
-    t.index ["description"], name: "index_projects_on_description_trigram", using: :gin, opclasses: {"description"=>"gin_trgm_ops"}
-    t.index ["id", "repository_storage", "last_repository_updated_at"], name: "idx_projects_on_repository_storage_last_repository_updated_at", using: :btree
-    t.index ["id"], name: "index_projects_on_id_partial_for_visibility", unique: true, where: "(visibility_level = ANY (ARRAY[10, 20]))", using: :btree
-    t.index ["id"], name: "index_projects_on_mirror_and_mirror_trigger_builds_both_true", where: "((mirror IS TRUE) AND (mirror_trigger_builds IS TRUE))", using: :btree
-    t.index ["last_activity_at"], name: "index_projects_on_last_activity_at", using: :btree
-    t.index ["last_repository_check_at"], name: "index_projects_on_last_repository_check_at", where: "(last_repository_check_at IS NOT NULL)", using: :btree
-    t.index ["last_repository_check_failed"], name: "index_projects_on_last_repository_check_failed", using: :btree
-    t.index ["last_repository_updated_at"], name: "index_projects_on_last_repository_updated_at", using: :btree
-    t.index ["mirror_last_successful_update_at"], name: "index_projects_on_mirror_last_successful_update_at", using: :btree
-    t.index ["mirror_user_id"], name: "index_projects_on_mirror_user_id", using: :btree
-    t.index ["name"], name: "index_projects_on_name_trigram", using: :gin, opclasses: {"name"=>"gin_trgm_ops"}
-    t.index ["namespace_id"], name: "index_projects_on_namespace_id", using: :btree
-    t.index ["path"], name: "index_projects_on_path", using: :btree
-    t.index ["path"], name: "index_projects_on_path_trigram", using: :gin, opclasses: {"path"=>"gin_trgm_ops"}
-    t.index ["pending_delete"], name: "index_projects_on_pending_delete", using: :btree
-    t.index ["pool_repository_id"], name: "index_projects_on_pool_repository_id", where: "(pool_repository_id IS NOT NULL)", using: :btree
-    t.index ["repository_storage", "created_at"], name: "idx_project_repository_check_partial", where: "(last_repository_check_at IS NULL)", using: :btree
-    t.index ["repository_storage"], name: "index_projects_on_repository_storage", using: :btree
-    t.index ["runners_token"], name: "index_projects_on_runners_token", using: :btree
-    t.index ["runners_token_encrypted"], name: "index_projects_on_runners_token_encrypted", using: :btree
-    t.index ["star_count"], name: "index_projects_on_star_count", using: :btree
-    t.index ["visibility_level"], name: "index_projects_on_visibility_level", using: :btree
+    t.index ["archived", "pending_delete", "merge_requests_require_code_owner_approval"], name: "projects_requiring_code_owner_approval", where: "((pending_delete = false) AND (archived = false) AND (merge_requests_require_code_owner_approval = true))"
+    t.index ["created_at"], name: "index_projects_on_created_at"
+    t.index ["creator_id"], name: "index_projects_on_creator_id"
+    t.index ["description"], name: "index_projects_on_description_trigram", opclass: :gin_trgm_ops, using: :gin
+    t.index ["id", "repository_storage", "last_repository_updated_at"], name: "idx_projects_on_repository_storage_last_repository_updated_at"
+    t.index ["id"], name: "index_projects_on_id_partial_for_visibility", unique: true, where: "(visibility_level = ANY (ARRAY[10, 20]))"
+    t.index ["id"], name: "index_projects_on_mirror_and_mirror_trigger_builds_both_true", where: "((mirror IS TRUE) AND (mirror_trigger_builds IS TRUE))"
+    t.index ["last_activity_at"], name: "index_projects_on_last_activity_at"
+    t.index ["last_repository_check_at"], name: "index_projects_on_last_repository_check_at", where: "(last_repository_check_at IS NOT NULL)"
+    t.index ["last_repository_check_failed"], name: "index_projects_on_last_repository_check_failed"
+    t.index ["last_repository_updated_at"], name: "index_projects_on_last_repository_updated_at"
+    t.index ["mirror_last_successful_update_at"], name: "index_projects_on_mirror_last_successful_update_at"
+    t.index ["mirror_user_id"], name: "index_projects_on_mirror_user_id"
+    t.index ["name"], name: "index_projects_on_name_trigram", opclass: :gin_trgm_ops, using: :gin
+    t.index ["namespace_id"], name: "index_projects_on_namespace_id"
+    t.index ["path"], name: "index_projects_on_path"
+    t.index ["path"], name: "index_projects_on_path_trigram", opclass: :gin_trgm_ops, using: :gin
+    t.index ["pending_delete"], name: "index_projects_on_pending_delete"
+    t.index ["pool_repository_id"], name: "index_projects_on_pool_repository_id", where: "(pool_repository_id IS NOT NULL)"
+    t.index ["repository_storage", "created_at"], name: "idx_project_repository_check_partial", where: "(last_repository_check_at IS NULL)"
+    t.index ["repository_storage"], name: "index_projects_on_repository_storage"
+    t.index ["runners_token"], name: "index_projects_on_runners_token"
+    t.index ["runners_token_encrypted"], name: "index_projects_on_runners_token_encrypted"
+    t.index ["star_count"], name: "index_projects_on_star_count"
+    t.index ["visibility_level"], name: "index_projects_on_visibility_level"
   end
 
   create_table "prometheus_alert_events", force: :cascade do |t|
@@ -2725,8 +2725,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "ended_at"
     t.integer "status", limit: 2
     t.string "payload_key"
-    t.index ["project_id", "status"], name: "index_prometheus_alert_events_on_project_id_and_status", using: :btree
-    t.index ["prometheus_alert_id", "payload_key"], name: "index_prometheus_alert_event_scoped_payload_key", unique: true, using: :btree
+    t.index ["project_id", "status"], name: "index_prometheus_alert_events_on_project_id_and_status"
+    t.index ["prometheus_alert_id", "payload_key"], name: "index_prometheus_alert_event_scoped_payload_key", unique: true
   end
 
   create_table "prometheus_alerts", id: :serial, force: :cascade do |t|
@@ -2737,9 +2737,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "environment_id", null: false
     t.integer "project_id", null: false
     t.integer "prometheus_metric_id", null: false
-    t.index ["environment_id"], name: "index_prometheus_alerts_on_environment_id", using: :btree
-    t.index ["project_id", "prometheus_metric_id", "environment_id"], name: "index_prometheus_alerts_metric_environment", unique: true, using: :btree
-    t.index ["prometheus_metric_id"], name: "index_prometheus_alerts_on_prometheus_metric_id", using: :btree
+    t.index ["environment_id"], name: "index_prometheus_alerts_on_environment_id"
+    t.index ["project_id", "prometheus_metric_id", "environment_id"], name: "index_prometheus_alerts_metric_environment", unique: true
+    t.index ["prometheus_metric_id"], name: "index_prometheus_alerts_on_prometheus_metric_id"
   end
 
   create_table "prometheus_metrics", id: :serial, force: :cascade do |t|
@@ -2754,10 +2754,10 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "updated_at", null: false
     t.boolean "common", default: false, null: false
     t.string "identifier"
-    t.index ["common"], name: "index_prometheus_metrics_on_common", using: :btree
-    t.index ["group"], name: "index_prometheus_metrics_on_group", using: :btree
-    t.index ["identifier"], name: "index_prometheus_metrics_on_identifier", unique: true, using: :btree
-    t.index ["project_id"], name: "index_prometheus_metrics_on_project_id", using: :btree
+    t.index ["common"], name: "index_prometheus_metrics_on_common"
+    t.index ["group"], name: "index_prometheus_metrics_on_group"
+    t.index ["identifier"], name: "index_prometheus_metrics_on_identifier", unique: true
+    t.index ["project_id"], name: "index_prometheus_metrics_on_project_id"
   end
 
   create_table "protected_branch_merge_access_levels", id: :serial, force: :cascade do |t|
@@ -2767,9 +2767,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "updated_at", null: false
     t.integer "group_id"
     t.integer "user_id"
-    t.index ["group_id"], name: "index_protected_branch_merge_access_levels_on_group_id", using: :btree
-    t.index ["protected_branch_id"], name: "index_protected_branch_merge_access", using: :btree
-    t.index ["user_id"], name: "index_protected_branch_merge_access_levels_on_user_id", using: :btree
+    t.index ["group_id"], name: "index_protected_branch_merge_access_levels_on_group_id"
+    t.index ["protected_branch_id"], name: "index_protected_branch_merge_access"
+    t.index ["user_id"], name: "index_protected_branch_merge_access_levels_on_user_id"
   end
 
   create_table "protected_branch_push_access_levels", id: :serial, force: :cascade do |t|
@@ -2779,9 +2779,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "updated_at", null: false
     t.integer "group_id"
     t.integer "user_id"
-    t.index ["group_id"], name: "index_protected_branch_push_access_levels_on_group_id", using: :btree
-    t.index ["protected_branch_id"], name: "index_protected_branch_push_access", using: :btree
-    t.index ["user_id"], name: "index_protected_branch_push_access_levels_on_user_id", using: :btree
+    t.index ["group_id"], name: "index_protected_branch_push_access_levels_on_group_id"
+    t.index ["protected_branch_id"], name: "index_protected_branch_push_access"
+    t.index ["user_id"], name: "index_protected_branch_push_access_levels_on_user_id"
   end
 
   create_table "protected_branch_unprotect_access_levels", id: :serial, force: :cascade do |t|
@@ -2789,9 +2789,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "access_level", default: 40
     t.integer "user_id"
     t.integer "group_id"
-    t.index ["group_id"], name: "index_protected_branch_unprotect_access_levels_on_group_id", using: :btree
-    t.index ["protected_branch_id"], name: "index_protected_branch_unprotect_access", using: :btree
-    t.index ["user_id"], name: "index_protected_branch_unprotect_access_levels_on_user_id", using: :btree
+    t.index ["group_id"], name: "index_protected_branch_unprotect_access_levels_on_group_id"
+    t.index ["protected_branch_id"], name: "index_protected_branch_unprotect_access"
+    t.index ["user_id"], name: "index_protected_branch_unprotect_access_levels_on_user_id"
   end
 
   create_table "protected_branches", id: :serial, force: :cascade do |t|
@@ -2799,7 +2799,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "name", null: false
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.index ["project_id"], name: "index_protected_branches_on_project_id", using: :btree
+    t.index ["project_id"], name: "index_protected_branches_on_project_id"
   end
 
   create_table "protected_environment_deploy_access_levels", id: :serial, force: :cascade do |t|
@@ -2809,9 +2809,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "protected_environment_id", null: false
     t.integer "user_id"
     t.integer "group_id"
-    t.index ["group_id"], name: "index_protected_environment_deploy_access_levels_on_group_id", using: :btree
-    t.index ["protected_environment_id"], name: "index_protected_environment_deploy_access", using: :btree
-    t.index ["user_id"], name: "index_protected_environment_deploy_access_levels_on_user_id", using: :btree
+    t.index ["group_id"], name: "index_protected_environment_deploy_access_levels_on_group_id"
+    t.index ["protected_environment_id"], name: "index_protected_environment_deploy_access"
+    t.index ["user_id"], name: "index_protected_environment_deploy_access_levels_on_user_id"
   end
 
   create_table "protected_environments", id: :serial, force: :cascade do |t|
@@ -2819,8 +2819,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "created_at", null: false
     t.datetime_with_timezone "updated_at", null: false
     t.string "name", null: false
-    t.index ["project_id", "name"], name: "index_protected_environments_on_project_id_and_name", unique: true, using: :btree
-    t.index ["project_id"], name: "index_protected_environments_on_project_id", using: :btree
+    t.index ["project_id", "name"], name: "index_protected_environments_on_project_id_and_name", unique: true
+    t.index ["project_id"], name: "index_protected_environments_on_project_id"
   end
 
   create_table "protected_tag_create_access_levels", id: :serial, force: :cascade do |t|
@@ -2830,9 +2830,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "group_id"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["group_id"], name: "index_protected_tag_create_access_levels_on_group_id", using: :btree
-    t.index ["protected_tag_id"], name: "index_protected_tag_create_access", using: :btree
-    t.index ["user_id"], name: "index_protected_tag_create_access_levels_on_user_id", using: :btree
+    t.index ["group_id"], name: "index_protected_tag_create_access_levels_on_group_id"
+    t.index ["protected_tag_id"], name: "index_protected_tag_create_access"
+    t.index ["user_id"], name: "index_protected_tag_create_access_levels_on_user_id"
   end
 
   create_table "protected_tags", id: :serial, force: :cascade do |t|
@@ -2840,8 +2840,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "name", null: false
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["project_id", "name"], name: "index_protected_tags_on_project_id_and_name", unique: true, using: :btree
-    t.index ["project_id"], name: "index_protected_tags_on_project_id", using: :btree
+    t.index ["project_id", "name"], name: "index_protected_tags_on_project_id_and_name", unique: true
+    t.index ["project_id"], name: "index_protected_tags_on_project_id"
   end
 
   create_table "push_event_payloads", id: false, force: :cascade do |t|
@@ -2853,7 +2853,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.binary "commit_to"
     t.text "ref"
     t.string "commit_title", limit: 70
-    t.index ["event_id"], name: "index_push_event_payloads_on_event_id", unique: true, using: :btree
+    t.index ["event_id"], name: "index_push_event_payloads_on_event_id", unique: true
   end
 
   create_table "push_rules", id: :serial, force: :cascade do |t|
@@ -2875,8 +2875,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "commit_committer_check"
     t.boolean "regexp_uses_re2", default: true
     t.string "commit_message_negative_regex"
-    t.index ["is_sample"], name: "index_push_rules_on_is_sample", where: "is_sample", using: :btree
-    t.index ["project_id"], name: "index_push_rules_on_project_id", using: :btree
+    t.index ["is_sample"], name: "index_push_rules_on_is_sample", where: "is_sample"
+    t.index ["project_id"], name: "index_push_rules_on_project_id"
   end
 
   create_table "redirect_routes", id: :serial, force: :cascade do |t|
@@ -2885,8 +2885,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "path", null: false
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["path"], name: "index_redirect_routes_on_path", unique: true, using: :btree
-    t.index ["source_type", "source_id"], name: "index_redirect_routes_on_source_type_and_source_id", using: :btree
+    t.index ["path"], name: "index_redirect_routes_on_path", unique: true
+    t.index ["source_type", "source_id"], name: "index_redirect_routes_on_source_type_and_source_id"
   end
 
   create_table "release_links", force: :cascade do |t|
@@ -2895,8 +2895,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "name", null: false
     t.datetime_with_timezone "created_at", null: false
     t.datetime_with_timezone "updated_at", null: false
-    t.index ["release_id", "name"], name: "index_release_links_on_release_id_and_name", unique: true, using: :btree
-    t.index ["release_id", "url"], name: "index_release_links_on_release_id_and_url", unique: true, using: :btree
+    t.index ["release_id", "name"], name: "index_release_links_on_release_id_and_name", unique: true
+    t.index ["release_id", "url"], name: "index_release_links_on_release_id_and_url", unique: true
   end
 
   create_table "releases", id: :serial, force: :cascade do |t|
@@ -2911,9 +2911,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "name"
     t.string "sha"
     t.datetime_with_timezone "released_at", null: false
-    t.index ["author_id"], name: "index_releases_on_author_id", using: :btree
-    t.index ["project_id", "tag"], name: "index_releases_on_project_id_and_tag", using: :btree
-    t.index ["project_id"], name: "index_releases_on_project_id", using: :btree
+    t.index ["author_id"], name: "index_releases_on_author_id"
+    t.index ["project_id", "tag"], name: "index_releases_on_project_id_and_tag"
+    t.index ["project_id"], name: "index_releases_on_project_id"
   end
 
   create_table "remote_mirrors", id: :serial, force: :cascade do |t|
@@ -2933,15 +2933,15 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
     t.boolean "error_notification_sent"
-    t.index ["last_successful_update_at"], name: "index_remote_mirrors_on_last_successful_update_at", using: :btree
-    t.index ["project_id"], name: "index_remote_mirrors_on_project_id", using: :btree
+    t.index ["last_successful_update_at"], name: "index_remote_mirrors_on_last_successful_update_at"
+    t.index ["project_id"], name: "index_remote_mirrors_on_project_id"
   end
 
   create_table "repository_languages", id: false, force: :cascade do |t|
     t.integer "project_id", null: false
     t.integer "programming_language_id", null: false
     t.float "share", null: false
-    t.index ["project_id", "programming_language_id"], name: "index_repository_languages_on_project_and_languages_id", unique: true, using: :btree
+    t.index ["project_id", "programming_language_id"], name: "index_repository_languages_on_project_and_languages_id", unique: true
   end
 
   create_table "resource_label_events", force: :cascade do |t|
@@ -2955,11 +2955,11 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "reference"
     t.text "reference_html"
     t.integer "epic_id"
-    t.index ["epic_id"], name: "index_resource_label_events_on_epic_id", using: :btree
-    t.index ["issue_id"], name: "index_resource_label_events_on_issue_id", using: :btree
-    t.index ["label_id"], name: "index_resource_label_events_on_label_id", using: :btree
-    t.index ["merge_request_id"], name: "index_resource_label_events_on_merge_request_id", using: :btree
-    t.index ["user_id"], name: "index_resource_label_events_on_user_id", using: :btree
+    t.index ["epic_id"], name: "index_resource_label_events_on_epic_id"
+    t.index ["issue_id"], name: "index_resource_label_events_on_issue_id"
+    t.index ["label_id"], name: "index_resource_label_events_on_label_id"
+    t.index ["merge_request_id"], name: "index_resource_label_events_on_merge_request_id"
+    t.index ["user_id"], name: "index_resource_label_events_on_user_id"
   end
 
   create_table "reviews", force: :cascade do |t|
@@ -2967,9 +2967,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "merge_request_id", null: false
     t.integer "project_id", null: false
     t.datetime_with_timezone "created_at", null: false
-    t.index ["author_id"], name: "index_reviews_on_author_id", using: :btree
-    t.index ["merge_request_id"], name: "index_reviews_on_merge_request_id", using: :btree
-    t.index ["project_id"], name: "index_reviews_on_project_id", using: :btree
+    t.index ["author_id"], name: "index_reviews_on_author_id"
+    t.index ["merge_request_id"], name: "index_reviews_on_merge_request_id"
+    t.index ["project_id"], name: "index_reviews_on_project_id"
   end
 
   create_table "routes", id: :serial, force: :cascade do |t|
@@ -2979,9 +2979,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "created_at"
     t.datetime "updated_at"
     t.string "name"
-    t.index ["path"], name: "index_routes_on_path", unique: true, using: :btree
-    t.index ["path"], name: "index_routes_on_path_text_pattern_ops", using: :btree, opclasses: {"path"=>"varchar_pattern_ops"}
-    t.index ["source_type", "source_id"], name: "index_routes_on_source_type_and_source_id", unique: true, using: :btree
+    t.index ["path"], name: "index_routes_on_path", unique: true
+    t.index ["path"], name: "index_routes_on_path_text_pattern_ops", opclass: :varchar_pattern_ops
+    t.index ["source_type", "source_id"], name: "index_routes_on_source_type_and_source_id", unique: true
   end
 
   create_table "saml_providers", id: :serial, force: :cascade do |t|
@@ -2991,7 +2991,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "sso_url", null: false
     t.boolean "enforced_sso", default: false, null: false
     t.boolean "enforced_group_managed_accounts", default: false, null: false
-    t.index ["group_id"], name: "index_saml_providers_on_group_id", using: :btree
+    t.index ["group_id"], name: "index_saml_providers_on_group_id"
   end
 
   create_table "scim_oauth_access_tokens", id: :serial, force: :cascade do |t|
@@ -2999,7 +2999,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "updated_at", null: false
     t.integer "group_id", null: false
     t.string "token_encrypted", null: false
-    t.index ["group_id", "token_encrypted"], name: "index_scim_oauth_access_tokens_on_group_id_and_token_encrypted", unique: true, using: :btree
+    t.index ["group_id", "token_encrypted"], name: "index_scim_oauth_access_tokens_on_group_id_and_token_encrypted", unique: true
   end
 
   create_table "sent_notifications", id: :serial, force: :cascade do |t|
@@ -3013,7 +3013,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "note_type"
     t.text "position"
     t.string "in_reply_to_discussion_id"
-    t.index ["reply_key"], name: "index_sent_notifications_on_reply_key", unique: true, using: :btree
+    t.index ["reply_key"], name: "index_sent_notifications_on_reply_key", unique: true
   end
 
   create_table "services", id: :serial, force: :cascade do |t|
@@ -3040,14 +3040,14 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "confidential_note_events", default: true
     t.boolean "deployment_events", default: false, null: false
     t.string "description", limit: 500
-    t.index ["project_id"], name: "index_services_on_project_id", using: :btree
-    t.index ["template"], name: "index_services_on_template", using: :btree
-    t.index ["type"], name: "index_services_on_type", using: :btree
+    t.index ["project_id"], name: "index_services_on_project_id"
+    t.index ["template"], name: "index_services_on_template"
+    t.index ["type"], name: "index_services_on_type"
   end
 
   create_table "shards", id: :serial, force: :cascade do |t|
     t.string "name", null: false
-    t.index ["name"], name: "index_shards_on_name", unique: true, using: :btree
+    t.index ["name"], name: "index_shards_on_name", unique: true
   end
 
   create_table "slack_integrations", id: :serial, force: :cascade do |t|
@@ -3058,16 +3058,16 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "user_id", null: false
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["service_id"], name: "index_slack_integrations_on_service_id", using: :btree
-    t.index ["team_id", "alias"], name: "index_slack_integrations_on_team_id_and_alias", unique: true, using: :btree
+    t.index ["service_id"], name: "index_slack_integrations_on_service_id"
+    t.index ["team_id", "alias"], name: "index_slack_integrations_on_team_id_and_alias", unique: true
   end
 
   create_table "smartcard_identities", force: :cascade do |t|
     t.integer "user_id", null: false
     t.string "subject", null: false
     t.string "issuer", null: false
-    t.index ["subject", "issuer"], name: "index_smartcard_identities_on_subject_and_issuer", unique: true, using: :btree
-    t.index ["user_id"], name: "index_smartcard_identities_on_user_id", using: :btree
+    t.index ["subject", "issuer"], name: "index_smartcard_identities_on_subject_and_issuer", unique: true
+    t.index ["user_id"], name: "index_smartcard_identities_on_user_id"
   end
 
   create_table "snippets", id: :serial, force: :cascade do |t|
@@ -3085,25 +3085,25 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "cached_markdown_version"
     t.text "description"
     t.text "description_html"
-    t.index ["author_id"], name: "index_snippets_on_author_id", using: :btree
-    t.index ["file_name"], name: "index_snippets_on_file_name_trigram", using: :gin, opclasses: {"file_name"=>"gin_trgm_ops"}
-    t.index ["project_id"], name: "index_snippets_on_project_id", using: :btree
-    t.index ["title"], name: "index_snippets_on_title_trigram", using: :gin, opclasses: {"title"=>"gin_trgm_ops"}
-    t.index ["updated_at"], name: "index_snippets_on_updated_at", using: :btree
-    t.index ["visibility_level"], name: "index_snippets_on_visibility_level", using: :btree
+    t.index ["author_id"], name: "index_snippets_on_author_id"
+    t.index ["file_name"], name: "index_snippets_on_file_name_trigram", opclass: :gin_trgm_ops, using: :gin
+    t.index ["project_id"], name: "index_snippets_on_project_id"
+    t.index ["title"], name: "index_snippets_on_title_trigram", opclass: :gin_trgm_ops, using: :gin
+    t.index ["updated_at"], name: "index_snippets_on_updated_at"
+    t.index ["visibility_level"], name: "index_snippets_on_visibility_level"
   end
 
   create_table "software_license_policies", id: :serial, force: :cascade do |t|
     t.integer "project_id", null: false
     t.integer "software_license_id", null: false
     t.integer "approval_status", default: 0, null: false
-    t.index ["project_id", "software_license_id"], name: "index_software_license_policies_unique_per_project", unique: true, using: :btree
-    t.index ["software_license_id"], name: "index_software_license_policies_on_software_license_id", using: :btree
+    t.index ["project_id", "software_license_id"], name: "index_software_license_policies_unique_per_project", unique: true
+    t.index ["software_license_id"], name: "index_software_license_policies_on_software_license_id"
   end
 
   create_table "software_licenses", id: :serial, force: :cascade do |t|
     t.string "name", null: false
-    t.index ["name"], name: "index_software_licenses_on_name", using: :btree
+    t.index ["name"], name: "index_software_licenses_on_name"
   end
 
   create_table "spam_logs", id: :serial, force: :cascade do |t|
@@ -3128,8 +3128,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "created_at"
     t.datetime "updated_at"
     t.integer "project_id"
-    t.index ["project_id"], name: "index_subscriptions_on_project_id", using: :btree
-    t.index ["subscribable_id", "subscribable_type", "user_id", "project_id"], name: "index_subscriptions_on_subscribable_and_user_id_and_project_id", unique: true, using: :btree
+    t.index ["project_id"], name: "index_subscriptions_on_project_id"
+    t.index ["subscribable_id", "subscribable_type", "user_id", "project_id"], name: "index_subscriptions_on_subscribable_and_user_id_and_project_id", unique: true
   end
 
   create_table "suggestions", force: :cascade do |t|
@@ -3142,7 +3142,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "lines_above", default: 0, null: false
     t.integer "lines_below", default: 0, null: false
     t.boolean "outdated", default: false, null: false
-    t.index ["note_id", "relative_order"], name: "index_suggestions_on_note_id_and_relative_order", unique: true, using: :btree
+    t.index ["note_id", "relative_order"], name: "index_suggestions_on_note_id_and_relative_order", unique: true
   end
 
   create_table "system_note_metadata", id: :serial, force: :cascade do |t|
@@ -3151,7 +3151,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "action"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["note_id"], name: "index_system_note_metadata_on_note_id", unique: true, using: :btree
+    t.index ["note_id"], name: "index_system_note_metadata_on_note_id", unique: true
   end
 
   create_table "taggings", id: :serial, force: :cascade do |t|
@@ -3162,17 +3162,17 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "tagger_type"
     t.string "context"
     t.datetime "created_at"
-    t.index ["tag_id", "taggable_id", "taggable_type", "context", "tagger_id", "tagger_type"], name: "taggings_idx", unique: true, using: :btree
-    t.index ["tag_id"], name: "index_taggings_on_tag_id", using: :btree
-    t.index ["taggable_id", "taggable_type", "context"], name: "index_taggings_on_taggable_id_and_taggable_type_and_context", using: :btree
-    t.index ["taggable_id", "taggable_type"], name: "index_taggings_on_taggable_id_and_taggable_type", using: :btree
+    t.index ["tag_id", "taggable_id", "taggable_type", "context", "tagger_id", "tagger_type"], name: "taggings_idx", unique: true
+    t.index ["tag_id"], name: "index_taggings_on_tag_id"
+    t.index ["taggable_id", "taggable_type", "context"], name: "index_taggings_on_taggable_id_and_taggable_type_and_context"
+    t.index ["taggable_id", "taggable_type"], name: "index_taggings_on_taggable_id_and_taggable_type"
   end
 
   create_table "tags", id: :serial, force: :cascade do |t|
     t.string "name"
     t.integer "taggings_count", default: 0
-    t.index ["name"], name: "index_tags_on_name", unique: true, using: :btree
-    t.index ["name"], name: "index_tags_on_name_trigram", using: :gin, opclasses: {"name"=>"gin_trgm_ops"}
+    t.index ["name"], name: "index_tags_on_name", unique: true
+    t.index ["name"], name: "index_tags_on_name_trigram", opclass: :gin_trgm_ops, using: :gin
   end
 
   create_table "term_agreements", id: :serial, force: :cascade do |t|
@@ -3181,9 +3181,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "accepted", default: false, null: false
     t.datetime_with_timezone "created_at", null: false
     t.datetime_with_timezone "updated_at", null: false
-    t.index ["term_id"], name: "index_term_agreements_on_term_id", using: :btree
-    t.index ["user_id", "term_id"], name: "term_agreements_unique_index", unique: true, using: :btree
-    t.index ["user_id"], name: "index_term_agreements_on_user_id", using: :btree
+    t.index ["term_id"], name: "index_term_agreements_on_term_id"
+    t.index ["user_id", "term_id"], name: "term_agreements_unique_index", unique: true
+    t.index ["user_id"], name: "index_term_agreements_on_user_id"
   end
 
   create_table "timelogs", id: :serial, force: :cascade do |t|
@@ -3194,9 +3194,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "issue_id"
     t.integer "merge_request_id"
     t.datetime_with_timezone "spent_at"
-    t.index ["issue_id"], name: "index_timelogs_on_issue_id", using: :btree
-    t.index ["merge_request_id"], name: "index_timelogs_on_merge_request_id", using: :btree
-    t.index ["user_id"], name: "index_timelogs_on_user_id", using: :btree
+    t.index ["issue_id"], name: "index_timelogs_on_issue_id"
+    t.index ["merge_request_id"], name: "index_timelogs_on_merge_request_id"
+    t.index ["user_id"], name: "index_timelogs_on_user_id"
   end
 
   create_table "todos", id: :serial, force: :cascade do |t|
@@ -3212,20 +3212,20 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "note_id"
     t.string "commit_id"
     t.integer "group_id"
-    t.index ["author_id"], name: "index_todos_on_author_id", using: :btree
-    t.index ["commit_id"], name: "index_todos_on_commit_id", using: :btree
-    t.index ["group_id"], name: "index_todos_on_group_id", using: :btree
-    t.index ["note_id"], name: "index_todos_on_note_id", using: :btree
-    t.index ["project_id"], name: "index_todos_on_project_id", using: :btree
-    t.index ["target_type", "target_id"], name: "index_todos_on_target_type_and_target_id", using: :btree
-    t.index ["user_id", "id"], name: "index_todos_on_user_id_and_id_done", where: "((state)::text = 'done'::text)", using: :btree
-    t.index ["user_id", "id"], name: "index_todos_on_user_id_and_id_pending", where: "((state)::text = 'pending'::text)", using: :btree
-    t.index ["user_id"], name: "index_todos_on_user_id", using: :btree
+    t.index ["author_id"], name: "index_todos_on_author_id"
+    t.index ["commit_id"], name: "index_todos_on_commit_id"
+    t.index ["group_id"], name: "index_todos_on_group_id"
+    t.index ["note_id"], name: "index_todos_on_note_id"
+    t.index ["project_id"], name: "index_todos_on_project_id"
+    t.index ["target_type", "target_id"], name: "index_todos_on_target_type_and_target_id"
+    t.index ["user_id", "id"], name: "index_todos_on_user_id_and_id_done", where: "((state)::text = 'done'::text)"
+    t.index ["user_id", "id"], name: "index_todos_on_user_id_and_id_pending", where: "((state)::text = 'pending'::text)"
+    t.index ["user_id"], name: "index_todos_on_user_id"
   end
 
   create_table "trending_projects", id: :serial, force: :cascade do |t|
     t.integer "project_id", null: false
-    t.index ["project_id"], name: "index_trending_projects_on_project_id", unique: true, using: :btree
+    t.index ["project_id"], name: "index_trending_projects_on_project_id", unique: true
   end
 
   create_table "u2f_registrations", id: :serial, force: :cascade do |t|
@@ -3237,8 +3237,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
     t.string "name"
-    t.index ["key_handle"], name: "index_u2f_registrations_on_key_handle", using: :btree
-    t.index ["user_id"], name: "index_u2f_registrations_on_user_id", using: :btree
+    t.index ["key_handle"], name: "index_u2f_registrations_on_key_handle"
+    t.index ["user_id"], name: "index_u2f_registrations_on_user_id"
   end
 
   create_table "uploads", id: :serial, force: :cascade do |t|
@@ -3252,10 +3252,10 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "mount_point"
     t.string "secret"
     t.integer "store"
-    t.index ["checksum"], name: "index_uploads_on_checksum", using: :btree
-    t.index ["model_id", "model_type"], name: "index_uploads_on_model_id_and_model_type", using: :btree
-    t.index ["store"], name: "index_uploads_on_store", using: :btree
-    t.index ["uploader", "path"], name: "index_uploads_on_uploader_and_path", using: :btree
+    t.index ["checksum"], name: "index_uploads_on_checksum"
+    t.index ["model_id", "model_type"], name: "index_uploads_on_model_id_and_model_type"
+    t.index ["store"], name: "index_uploads_on_store"
+    t.index ["uploader", "path"], name: "index_uploads_on_uploader_and_path"
   end
 
   create_table "user_agent_details", id: :serial, force: :cascade do |t|
@@ -3266,14 +3266,14 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "submitted", default: false, null: false
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["subject_id", "subject_type"], name: "index_user_agent_details_on_subject_id_and_subject_type", using: :btree
+    t.index ["subject_id", "subject_type"], name: "index_user_agent_details_on_subject_id_and_subject_type"
   end
 
   create_table "user_callouts", id: :serial, force: :cascade do |t|
     t.integer "feature_name", null: false
     t.integer "user_id", null: false
-    t.index ["user_id", "feature_name"], name: "index_user_callouts_on_user_id_and_feature_name", unique: true, using: :btree
-    t.index ["user_id"], name: "index_user_callouts_on_user_id", using: :btree
+    t.index ["user_id", "feature_name"], name: "index_user_callouts_on_user_id_and_feature_name", unique: true
+    t.index ["user_id"], name: "index_user_callouts_on_user_id"
   end
 
   create_table "user_custom_attributes", id: :serial, force: :cascade do |t|
@@ -3282,15 +3282,15 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "user_id", null: false
     t.string "key", null: false
     t.string "value", null: false
-    t.index ["key", "value"], name: "index_user_custom_attributes_on_key_and_value", using: :btree
-    t.index ["user_id", "key"], name: "index_user_custom_attributes_on_user_id_and_key", unique: true, using: :btree
+    t.index ["key", "value"], name: "index_user_custom_attributes_on_key_and_value"
+    t.index ["user_id", "key"], name: "index_user_custom_attributes_on_user_id_and_key", unique: true
   end
 
   create_table "user_interacted_projects", id: false, force: :cascade do |t|
     t.integer "user_id", null: false
     t.integer "project_id", null: false
-    t.index ["project_id", "user_id"], name: "index_user_interacted_projects_on_project_id_and_user_id", unique: true, using: :btree
-    t.index ["user_id"], name: "index_user_interacted_projects_on_user_id", using: :btree
+    t.index ["project_id", "user_id"], name: "index_user_interacted_projects_on_project_id_and_user_id", unique: true
+    t.index ["user_id"], name: "index_user_interacted_projects_on_user_id"
   end
 
   create_table "user_preferences", id: :serial, force: :cascade do |t|
@@ -3309,7 +3309,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "epics_sort"
     t.integer "roadmap_epics_state"
     t.string "roadmaps_sort"
-    t.index ["user_id"], name: "index_user_preferences_on_user_id", unique: true, using: :btree
+    t.index ["user_id"], name: "index_user_preferences_on_user_id", unique: true
   end
 
   create_table "user_statuses", primary_key: "user_id", id: :serial, force: :cascade do |t|
@@ -3317,7 +3317,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "emoji", default: "speech_balloon", null: false
     t.string "message", limit: 100
     t.string "message_html"
-    t.index ["user_id"], name: "index_user_statuses_on_user_id", using: :btree
+    t.index ["user_id"], name: "index_user_statuses_on_user_id"
   end
 
   create_table "user_synced_attributes_metadata", id: :serial, force: :cascade do |t|
@@ -3326,7 +3326,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "location_synced", default: false
     t.integer "user_id", null: false
     t.string "provider"
-    t.index ["user_id"], name: "index_user_synced_attributes_metadata_on_user_id", unique: true, using: :btree
+    t.index ["user_id"], name: "index_user_synced_attributes_metadata_on_user_id", unique: true
   end
 
   create_table "users", id: :serial, force: :cascade do |t|
@@ -3409,26 +3409,26 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.text "note"
     t.integer "roadmap_layout", limit: 2
     t.integer "bot_type", limit: 2
-    t.index ["accepted_term_id"], name: "index_users_on_accepted_term_id", using: :btree
-    t.index ["admin"], name: "index_users_on_admin", using: :btree
-    t.index ["bot_type"], name: "index_users_on_bot_type", using: :btree
-    t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true, using: :btree
-    t.index ["created_at"], name: "index_users_on_created_at", using: :btree
-    t.index ["email"], name: "index_users_on_email", unique: true, using: :btree
-    t.index ["email"], name: "index_users_on_email_trigram", using: :gin, opclasses: {"email"=>"gin_trgm_ops"}
-    t.index ["feed_token"], name: "index_users_on_feed_token", using: :btree
-    t.index ["ghost"], name: "index_users_on_ghost", using: :btree
-    t.index ["group_view"], name: "index_users_on_group_view", using: :btree
-    t.index ["incoming_email_token"], name: "index_users_on_incoming_email_token", using: :btree
-    t.index ["managing_group_id"], name: "index_users_on_managing_group_id", using: :btree
-    t.index ["name"], name: "index_users_on_name", using: :btree
-    t.index ["name"], name: "index_users_on_name_trigram", using: :gin, opclasses: {"name"=>"gin_trgm_ops"}
-    t.index ["public_email"], name: "index_users_on_public_email", where: "((public_email)::text <> ''::text)", using: :btree
-    t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true, using: :btree
-    t.index ["state"], name: "index_users_on_state", using: :btree
-    t.index ["state"], name: "index_users_on_state_and_internal", where: "((ghost <> true) AND (bot_type IS NULL))", using: :btree
-    t.index ["username"], name: "index_users_on_username", using: :btree
-    t.index ["username"], name: "index_users_on_username_trigram", using: :gin, opclasses: {"username"=>"gin_trgm_ops"}
+    t.index ["accepted_term_id"], name: "index_users_on_accepted_term_id"
+    t.index ["admin"], name: "index_users_on_admin"
+    t.index ["bot_type"], name: "index_users_on_bot_type"
+    t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true
+    t.index ["created_at"], name: "index_users_on_created_at"
+    t.index ["email"], name: "index_users_on_email", unique: true
+    t.index ["email"], name: "index_users_on_email_trigram", opclass: :gin_trgm_ops, using: :gin
+    t.index ["feed_token"], name: "index_users_on_feed_token"
+    t.index ["ghost"], name: "index_users_on_ghost"
+    t.index ["group_view"], name: "index_users_on_group_view"
+    t.index ["incoming_email_token"], name: "index_users_on_incoming_email_token"
+    t.index ["managing_group_id"], name: "index_users_on_managing_group_id"
+    t.index ["name"], name: "index_users_on_name"
+    t.index ["name"], name: "index_users_on_name_trigram", opclass: :gin_trgm_ops, using: :gin
+    t.index ["public_email"], name: "index_users_on_public_email", where: "((public_email)::text <> ''::text)"
+    t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
+    t.index ["state"], name: "index_users_on_state"
+    t.index ["state"], name: "index_users_on_state_and_internal", where: "((ghost <> true) AND (bot_type IS NULL))"
+    t.index ["username"], name: "index_users_on_username"
+    t.index ["username"], name: "index_users_on_username_trigram", opclass: :gin_trgm_ops, using: :gin
   end
 
   create_table "users_ops_dashboard_projects", force: :cascade do |t|
@@ -3436,8 +3436,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "updated_at", null: false
     t.integer "user_id", null: false
     t.integer "project_id", null: false
-    t.index ["project_id"], name: "index_users_ops_dashboard_projects_on_project_id", using: :btree
-    t.index ["user_id", "project_id"], name: "index_users_ops_dashboard_projects_on_user_id_and_project_id", unique: true, using: :btree
+    t.index ["project_id"], name: "index_users_ops_dashboard_projects_on_project_id"
+    t.index ["user_id", "project_id"], name: "index_users_ops_dashboard_projects_on_user_id_and_project_id", unique: true
   end
 
   create_table "users_star_projects", id: :serial, force: :cascade do |t|
@@ -3445,8 +3445,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "user_id", null: false
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.index ["project_id"], name: "index_users_star_projects_on_project_id", using: :btree
-    t.index ["user_id", "project_id"], name: "index_users_star_projects_on_user_id_and_project_id", unique: true, using: :btree
+    t.index ["project_id"], name: "index_users_star_projects_on_project_id"
+    t.index ["user_id", "project_id"], name: "index_users_star_projects_on_user_id_and_project_id", unique: true
   end
 
   create_table "vulnerability_feedback", id: :serial, force: :cascade do |t|
@@ -3463,12 +3463,12 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "comment_author_id"
     t.text "comment"
     t.datetime_with_timezone "comment_timestamp"
-    t.index ["author_id"], name: "index_vulnerability_feedback_on_author_id", using: :btree
-    t.index ["comment_author_id"], name: "index_vulnerability_feedback_on_comment_author_id", using: :btree
-    t.index ["issue_id"], name: "index_vulnerability_feedback_on_issue_id", using: :btree
-    t.index ["merge_request_id"], name: "index_vulnerability_feedback_on_merge_request_id", using: :btree
-    t.index ["pipeline_id"], name: "index_vulnerability_feedback_on_pipeline_id", using: :btree
-    t.index ["project_id", "category", "feedback_type", "project_fingerprint"], name: "vulnerability_feedback_unique_idx", unique: true, using: :btree
+    t.index ["author_id"], name: "index_vulnerability_feedback_on_author_id"
+    t.index ["comment_author_id"], name: "index_vulnerability_feedback_on_comment_author_id"
+    t.index ["issue_id"], name: "index_vulnerability_feedback_on_issue_id"
+    t.index ["merge_request_id"], name: "index_vulnerability_feedback_on_merge_request_id"
+    t.index ["pipeline_id"], name: "index_vulnerability_feedback_on_pipeline_id"
+    t.index ["project_id", "category", "feedback_type", "project_fingerprint"], name: "vulnerability_feedback_unique_idx", unique: true
   end
 
   create_table "vulnerability_identifiers", force: :cascade do |t|
@@ -3480,7 +3480,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "external_id", null: false
     t.string "name", null: false
     t.text "url"
-    t.index ["project_id", "fingerprint"], name: "index_vulnerability_identifiers_on_project_id_and_fingerprint", unique: true, using: :btree
+    t.index ["project_id", "fingerprint"], name: "index_vulnerability_identifiers_on_project_id_and_fingerprint", unique: true
   end
 
   create_table "vulnerability_occurrence_identifiers", force: :cascade do |t|
@@ -3488,8 +3488,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "updated_at", null: false
     t.bigint "occurrence_id", null: false
     t.bigint "identifier_id", null: false
-    t.index ["identifier_id"], name: "index_vulnerability_occurrence_identifiers_on_identifier_id", using: :btree
-    t.index ["occurrence_id", "identifier_id"], name: "index_vulnerability_occurrence_identifiers_on_unique_keys", unique: true, using: :btree
+    t.index ["identifier_id"], name: "index_vulnerability_occurrence_identifiers_on_identifier_id"
+    t.index ["occurrence_id", "identifier_id"], name: "index_vulnerability_occurrence_identifiers_on_unique_keys", unique: true
   end
 
   create_table "vulnerability_occurrence_pipelines", force: :cascade do |t|
@@ -3497,8 +3497,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.datetime_with_timezone "updated_at", null: false
     t.bigint "occurrence_id", null: false
     t.integer "pipeline_id", null: false
-    t.index ["occurrence_id", "pipeline_id"], name: "vulnerability_occurrence_pipelines_on_unique_keys", unique: true, using: :btree
-    t.index ["pipeline_id"], name: "index_vulnerability_occurrence_pipelines_on_pipeline_id", using: :btree
+    t.index ["occurrence_id", "pipeline_id"], name: "vulnerability_occurrence_pipelines_on_unique_keys", unique: true
+    t.index ["pipeline_id"], name: "index_vulnerability_occurrence_pipelines_on_pipeline_id"
   end
 
   create_table "vulnerability_occurrences", force: :cascade do |t|
@@ -3516,10 +3516,10 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "name", null: false
     t.string "metadata_version", null: false
     t.text "raw_metadata", null: false
-    t.index ["primary_identifier_id"], name: "index_vulnerability_occurrences_on_primary_identifier_id", using: :btree
-    t.index ["project_id", "primary_identifier_id", "location_fingerprint", "scanner_id"], name: "index_vulnerability_occurrences_on_unique_keys", unique: true, using: :btree
-    t.index ["scanner_id"], name: "index_vulnerability_occurrences_on_scanner_id", using: :btree
-    t.index ["uuid"], name: "index_vulnerability_occurrences_on_uuid", unique: true, using: :btree
+    t.index ["primary_identifier_id"], name: "index_vulnerability_occurrences_on_primary_identifier_id"
+    t.index ["project_id", "primary_identifier_id", "location_fingerprint", "scanner_id"], name: "index_vulnerability_occurrences_on_unique_keys", unique: true
+    t.index ["scanner_id"], name: "index_vulnerability_occurrences_on_scanner_id"
+    t.index ["uuid"], name: "index_vulnerability_occurrences_on_uuid", unique: true
   end
 
   create_table "vulnerability_scanners", force: :cascade do |t|
@@ -3528,7 +3528,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.integer "project_id", null: false
     t.string "external_id", null: false
     t.string "name", null: false
-    t.index ["project_id", "external_id"], name: "index_vulnerability_scanners_on_project_id_and_external_id", unique: true, using: :btree
+    t.index ["project_id", "external_id"], name: "index_vulnerability_scanners_on_project_id_and_external_id", unique: true
   end
 
   create_table "web_hook_logs", id: :serial, force: :cascade do |t|
@@ -3544,8 +3544,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "internal_error_message"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
-    t.index ["created_at", "web_hook_id"], name: "index_web_hook_logs_on_created_at_and_web_hook_id", using: :btree
-    t.index ["web_hook_id"], name: "index_web_hook_logs_on_web_hook_id", using: :btree
+    t.index ["created_at", "web_hook_id"], name: "index_web_hook_logs_on_created_at_and_web_hook_id"
+    t.index ["web_hook_id"], name: "index_web_hook_logs_on_web_hook_id"
   end
 
   create_table "web_hooks", id: :serial, force: :cascade do |t|
@@ -3572,8 +3572,8 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "encrypted_url"
     t.string "encrypted_url_iv"
     t.integer "group_id"
-    t.index ["project_id"], name: "index_web_hooks_on_project_id", using: :btree
-    t.index ["type"], name: "index_web_hooks_on_type", using: :btree
+    t.index ["project_id"], name: "index_web_hooks_on_project_id"
+    t.index ["type"], name: "index_web_hooks_on_type"
   end
 
   add_foreign_key "application_settings", "namespaces", column: "custom_project_templates_group_id", on_delete: :nullify
-- 
cgit v1.2.1


From 89d5663e787dbf938f2862c735a92c7d626548dd Mon Sep 17 00:00:00 2001
From: Eugenia Grieff <egrieff@gitlab.com>
Date: Tue, 23 Jul 2019 14:39:18 +0000
Subject: CE port for Group bulk edit merge requests

Add bulk update sidebar to merge requests template
Add js to toggle sidebar
Fix bulk update button in issues template
Add specs for merge requests in bulk update service
---
 .../pages/groups/merge_requests/index.js           |  4 +++
 app/views/groups/issues.html.haml                  |  2 +-
 app/views/groups/merge_requests.html.haml          |  8 +++++
 doc/user/group/bulk_editing/index.md               | 24 +++++++------
 doc/user/group/index.md                            |  4 +--
 doc/user/project/bulk_editing.md                   |  4 +--
 spec/services/issuable/bulk_update_service_spec.rb | 42 +++++++++++++---------
 7 files changed, 57 insertions(+), 31 deletions(-)

diff --git a/app/assets/javascripts/pages/groups/merge_requests/index.js b/app/assets/javascripts/pages/groups/merge_requests/index.js
index 12a26fd88fa..7520cfb6da0 100644
--- a/app/assets/javascripts/pages/groups/merge_requests/index.js
+++ b/app/assets/javascripts/pages/groups/merge_requests/index.js
@@ -1,11 +1,15 @@
 import projectSelect from '~/project_select';
 import initFilteredSearch from '~/pages/search/init_filtered_search';
+import issuableInitBulkUpdateSidebar from '~/issuable_init_bulk_update_sidebar';
 import IssuableFilteredSearchTokenKeys from '~/filtered_search/issuable_filtered_search_token_keys';
 import addExtraTokensForMergeRequests from 'ee_else_ce/filtered_search/add_extra_tokens_for_merge_requests';
 import { FILTERED_SEARCH } from '~/pages/constants';
 
+const ISSUABLE_BULK_UPDATE_PREFIX = 'merge_request_';
+
 document.addEventListener('DOMContentLoaded', () => {
   addExtraTokensForMergeRequests(IssuableFilteredSearchTokenKeys);
+  issuableInitBulkUpdateSidebar.init(ISSUABLE_BULK_UPDATE_PREFIX);
 
   initFilteredSearch({
     page: FILTERED_SEARCH.MERGE_REQUESTS,
diff --git a/app/views/groups/issues.html.haml b/app/views/groups/issues.html.haml
index f05e269553a..2163446425c 100644
--- a/app/views/groups/issues.html.haml
+++ b/app/views/groups/issues.html.haml
@@ -13,7 +13,7 @@
       = render 'shared/issuable/feed_buttons'
 
       - if @can_bulk_update
-        = render_if_exists 'shared/issuable/bulk_update_button'
+        = render_if_exists 'shared/issuable/bulk_update_button', type: :issues
 
       = render 'shared/new_project_item_select', path: 'issues/new', label: "New issue", type: :issues, with_feature_enabled: 'issues', with_shared: false, include_projects_in_subgroups: true
 
diff --git a/app/views/groups/merge_requests.html.haml b/app/views/groups/merge_requests.html.haml
index 808bb1309b1..b5a2bab4799 100644
--- a/app/views/groups/merge_requests.html.haml
+++ b/app/views/groups/merge_requests.html.haml
@@ -1,3 +1,5 @@
+- @can_bulk_update = can?(current_user, :admin_merge_request, @group)
+
 - page_title "Merge Requests"
 
 - if group_merge_requests_count(state: 'all').zero?
@@ -7,8 +9,14 @@
     = render 'shared/issuable/nav', type: :merge_requests
     - if current_user
       .nav-controls
+        - if @can_bulk_update
+          = render_if_exists 'shared/issuable/bulk_update_button', type: :merge_requests
+
         = render 'shared/new_project_item_select', path: 'merge_requests/new', label: "New merge request", type: :merge_requests, with_feature_enabled: 'merge_requests', with_shared: false, include_projects_in_subgroups: true
 
   = render 'shared/issuable/search_bar', type: :merge_requests
 
+  - if @can_bulk_update
+    = render_if_exists 'shared/issuable/group_bulk_update_sidebar', group: @group, type: :merge_requests
+
   = render 'shared/merge_requests'
diff --git a/doc/user/group/bulk_editing/index.md b/doc/user/group/bulk_editing/index.md
index 117a46da0ea..5b5f75c2dd9 100644
--- a/doc/user/group/bulk_editing/index.md
+++ b/doc/user/group/bulk_editing/index.md
@@ -1,22 +1,26 @@
-# Bulk editing issue milestones **(PREMIUM)**
+# Bulk editing issue and merge request milestones **(PREMIUM)**
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/7249) in
-[GitLab Ultimate](https://about.gitlab.com/pricing/) 12.1.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/7249) for issues in
+  [GitLab Premium](https://about.gitlab.com/pricing/) 12.1.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/12719) for merge
+  requests in GitLab [GitLab Premium](https://about.gitlab.com/pricing/) 12.2.
 
-NOTE: **Note:**
-A permission level of `Reporter` or higher is required in order to manage issues.
+> NOTE: **Note:**
+>
+> - A permission level of `Reporter` or higher is required in order to manage issues.
+> - A permission level of `Developer` or higher is required in order to manage merge requests.
 
-Milestones can be updated simultaneously across multiple issues by using the bulk editing feature.
+Milestones can be updated simultaneously across multiple issues or merge requests by using the bulk editing feature.
 
 ![Bulk editing](img/bulk-editing.png)
 
-To bulk update group issue milestones:
+To bulk update group issue or merge request milestones:
 
-1. Navigate to the issues list.
-1. Click **Edit issues**.
+1. Navigate to the issues or merge requests list.
+1. Click the **Edit issues** or **Edit merge requests** button.
     - This will open a sidebar on the right-hand side of your screen where an editable field
   for milestones will be displayed.
-    - Checkboxes will also appear beside each issue.
+    - Checkboxes will also appear beside each issue or merge request.
 1. Check the checkbox beside each issue to be edited.
 1. Select the desired milestone from the sidebar.
 1. Click **Update all**.
diff --git a/doc/user/group/index.md b/doc/user/group/index.md
index 7597105f36f..14c831fe671 100644
--- a/doc/user/group/index.md
+++ b/doc/user/group/index.md
@@ -78,9 +78,9 @@ Issues and merge requests are part of projects. For a given group, you can view
 [issues](../project/issues/index.md#issues-list) and [merge requests](../project/merge_requests/index.md#merge-requests-per-group) across all projects in that group,
 together in a single list view.
 
-### Bulk editing issues
+### Bulk editing issues and merge requests
 
-For details, see [bulk editing issues](../group/bulk_editing/index.md).
+For details, see [bulk editing issues and merge requests](../group/bulk_editing/index.md).
 
 ## Create a new group
 
diff --git a/doc/user/project/bulk_editing.md b/doc/user/project/bulk_editing.md
index 1783f81df3a..f4733620640 100644
--- a/doc/user/project/bulk_editing.md
+++ b/doc/user/project/bulk_editing.md
@@ -13,8 +13,8 @@ by using the bulk editing feature.
 ![Bulk editing](img/bulk-editing.png)
 
 NOTE: **Note:**
-Bulk editing of merge requests is only available at the project level.
-For more details, see [bulk editing group issues](../group/bulk_editing/index.md).
+Bulk editing issues and merge requests is also available at the group level.
+For more details, see [bulk editing group issues and merge requests](../group/bulk_editing/index.md).
 
 To update multiple project issues or merge requests at the same time:
 
diff --git a/spec/services/issuable/bulk_update_service_spec.rb b/spec/services/issuable/bulk_update_service_spec.rb
index b0bcd7a36ba..40da3d31408 100644
--- a/spec/services/issuable/bulk_update_service_spec.rb
+++ b/spec/services/issuable/bulk_update_service_spec.rb
@@ -16,22 +16,22 @@ describe Issuable::BulkUpdateService do
 
   shared_examples 'updates milestones' do
     it 'succeeds' do
-      result = bulk_update(issues, milestone_id: milestone.id)
+      result = bulk_update(issuables, milestone_id: milestone.id)
 
       expect(result[:success]).to be_truthy
-      expect(result[:count]).to eq(issues.count)
+      expect(result[:count]).to eq(issuables.count)
     end
 
-    it 'updates the issues milestone' do
-      bulk_update(issues, milestone_id: milestone.id)
+    it 'updates the issuables milestone' do
+      bulk_update(issuables, milestone_id: milestone.id)
 
-      issues.each do |issue|
-        expect(issue.reload.milestone).to eq(milestone)
+      issuables.each do |issuable|
+        expect(issuable.reload.milestone).to eq(milestone)
       end
     end
   end
 
-  context 'with project issues' do
+  context 'with project issuables' do
     describe 'close issues' do
       let(:issues) { create_list(:issue, 2, project: project) }
 
@@ -171,7 +171,7 @@ describe Issuable::BulkUpdateService do
     end
 
     describe 'updating milestones' do
-      let(:issues)    { [create(:issue, project: project)] }
+      let(:issuables) { [create(:issue, project: project)] }
       let(:milestone) { create(:milestone, project: project) }
 
       it_behaves_like 'updates milestones'
@@ -360,22 +360,32 @@ describe Issuable::BulkUpdateService do
     end
   end
 
-  context 'with group issues' do
+  context 'with group issuables ' do
     let(:group) { create(:group) }
 
-    context 'updating milestone' do
+    describe 'updating milestones' do
       let(:milestone) { create(:milestone, group: group) }
-      let(:project1)  { create(:project, :repository, group: group) }
-      let(:project2)  { create(:project, :repository, group: group) }
-      let(:issue1)    { create(:issue, project: project1) }
-      let(:issue2)    { create(:issue, project: project2) }
-      let(:issues)    { [issue1, issue2] }
+      let(:project)   { create(:project, :repository, group: group) }
 
       before do
         group.add_maintainer(user)
       end
 
-      it_behaves_like 'updates milestones'
+      context 'when issues' do
+        let(:issue1)    { create(:issue, project: project) }
+        let(:issue2)    { create(:issue, project: project) }
+        let(:issuables) { [issue1, issue2] }
+
+        it_behaves_like 'updates milestones'
+      end
+
+      context 'when merge requests' do
+        let(:merge_request1) { create(:merge_request, source_project: project, source_branch: 'branch-1') }
+        let(:merge_request2) { create(:merge_request, source_project: project, source_branch: 'branch-2') }
+        let(:issuables)      { [merge_request1, merge_request2] }
+
+        it_behaves_like 'updates milestones'
+      end
     end
   end
 end
-- 
cgit v1.2.1


From 982d5582ee4d5b91f008093e7c7d30d8a103d518 Mon Sep 17 00:00:00 2001
From: George Tsiolis <tsiolis.g@gmail.com>
Date: Tue, 23 Jul 2019 18:06:51 +0300
Subject: Update author prefix on merge request notification

---
 app/views/notify/new_merge_request_email.html.haml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/views/notify/new_merge_request_email.html.haml b/app/views/notify/new_merge_request_email.html.haml
index 2ddea0b9f16..8fecdc6e8a6 100644
--- a/app/views/notify/new_merge_request_email.html.haml
+++ b/app/views/notify/new_merge_request_email.html.haml
@@ -5,7 +5,7 @@
   .branch
     = merge_path_description(@merge_request, 'to')
   .author
-    Author #{@merge_request.author_name}
+    Author: #{@merge_request.author_name}
   .assignee
     = assignees_label(@merge_request)
   .approvers
-- 
cgit v1.2.1


From dccf643c42f8887844ab6e88f21d161d66c893e0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20Coutable?= <remy@rymai.me>
Date: Tue, 23 Jul 2019 17:11:13 +0200
Subject: Fix Review App debugging
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Rémy Coutable <remy@rymai.me>
---
 scripts/review_apps/review-apps.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/review_apps/review-apps.sh b/scripts/review_apps/review-apps.sh
index bc47884ee45..363ab2c6540 100755
--- a/scripts/review_apps/review-apps.sh
+++ b/scripts/review_apps/review-apps.sh
@@ -52,7 +52,7 @@ function delete() {
 function get_pod() {
   local app_name="${1}"
   local status="${2-Running}"
-  get_pod_cmd="kubectl get pods -n ${KUBE_NAMESPACE} --field-selector=status.phase=${status} -lapp=${app_name},release=${CI_ENVIRONMENT_SLUG} --no-headers -o=custom-columns=NAME:.metadata.name"
+  get_pod_cmd="kubectl get pods -n ${KUBE_NAMESPACE} --field-selector=status.phase=${status} -lapp=${app_name},release=${CI_ENVIRONMENT_SLUG} --no-headers -o=custom-columns=NAME:.metadata.name | tail -n 1"
   echoinfo "Waiting till '${app_name}' pod is ready" true
   echoinfo "Running '${get_pod_cmd}'"
 
-- 
cgit v1.2.1


From 4aa76dddecc048cef24963323afe59f1c120cb72 Mon Sep 17 00:00:00 2001
From: Nick Thomas <nick@gitlab.com>
Date: Thu, 13 Jun 2019 14:12:28 +0100
Subject: Remove dead MySQL code

None of this code can be reached any more, so it can all be removed
---
 Gemfile                                            |   2 -
 Gemfile.lock                                       |   8 -
 app/models/ci/pipeline.rb                          |   2 -
 app/models/concerns/case_sensitivity.rb            |   4 -
 app/models/concerns/routable.rb                    |  43 +-
 app/models/deployment.rb                           |  11 +-
 app/uploaders/records_uploads.rb                   |  10 +-
 config/application.rb                              |   5 -
 config/database.yml.mysql                          |  60 ---
 config/initializers/active_record_data_types.rb    | 100 ++--
 .../initializers/active_record_mysql_timestamp.rb  |  30 --
 config/initializers/ar_mysql_jsonb_support.rb      |  31 --
 config/initializers/ar_native_database_types.rb    |  12 -
 config/initializers/connection_fix.rb              |  32 --
 .../mysql_ignore_postgresql_options.rb             |  42 --
 .../mysql_set_length_for_binary_indexes.rb         |  30 --
 config/initializers/peek.rb                        |   6 +-
 ...0206200543_reset_events_primary_key_sequence.rb |  16 +-
 ...20180403035759_create_project_ci_cd_settings.rb |   6 -
 ...its_ci_build_trace_chunks_raw_data_for_mysql.rb |  13 -
 ...71529_increase_mysql_text_limit_for_gpg_keys.rb |   1 -
 ...831164904_fix_prometheus_metric_query_limits.rb |  19 -
 ...0154446_add_missing_indexes_for_foreign_keys.rb |   4 -
 db/migrate/gpg_keys_limits_to_mysql.rb             |  14 -
 ...its_ci_build_trace_chunks_raw_data_for_mysql.rb |   9 -
 db/migrate/limits_to_mysql.rb                      |   8 -
 db/migrate/markdown_cache_limits_to_mysql.rb       |  13 -
 .../merge_request_diff_file_limits_to_mysql.rb     |  12 -
 db/migrate/prometheus_metrics_limits_to_mysql.rb   |  12 -
 ...0809_populate_missing_project_ci_cd_settings.rb |   4 -
 ...30552_update_project_import_visibility_level.rb |   2 +-
 ...igrate_auto_dev_ops_domain_to_cluster_domain.rb |  20 -
 ...nt_to_approvals_user_id_and_merge_request_id.rb |  40 +-
 lib/api/entities.rb                                |  11 +-
 lib/backup/database.rb                             |  27 -
 lib/forever.rb                                     |  10 +-
 ...fill_valid_time_for_pages_domain_certificate.rb |  17 +-
 .../populate_untracked_uploads_dependencies.rb     |  15 +-
 .../prepare_untracked_uploads.rb                   |   5 +-
 lib/gitlab/database.rb                             |  76 +--
 lib/gitlab/database/date_time.rb                   |  18 +-
 lib/gitlab/database/median.rb                      |  45 +-
 lib/gitlab/database/migration_helpers.rb           | 138 +-----
 .../v1/rename_base.rb                              |  12 +-
 lib/gitlab/import/database_helpers.rb              |  10 +-
 lib/mysql_zero_date.rb                             |  20 -
 lib/serializers/json.rb                            |  18 +-
 lib/support/deploy/deploy.sh                       |   2 +-
 lib/tasks/gitlab/db.rake                           |  13 +-
 lib/tasks/gitlab/setup.rake                        |   1 -
 lib/tasks/migrate/add_limits_mysql.rake            |  17 -
 scripts/create_mysql_user.sh                       |   7 -
 spec/features/projects/new_project_spec.rb         |   8 +-
 spec/lib/forever_spec.rb                           |  16 +-
 spec/lib/gitlab/cycle_analytics/usage_data_spec.rb |  80 +--
 spec/lib/gitlab/database/median_spec.rb            |  17 -
 spec/lib/gitlab/database/migration_helpers_spec.rb | 542 ++++++---------------
 spec/lib/gitlab/database_spec.rb                   | 135 ++---
 spec/lib/gitlab/import/database_helpers_spec.rb    |  31 +-
 spec/lib/serializers/json_spec.rb                  |  84 +---
 spec/models/concerns/case_sensitivity_spec.rb      |  27 +-
 spec/spec_helper.rb                                |   4 -
 spec/workers/background_migration_worker_spec.rb   |  20 +-
 63 files changed, 352 insertions(+), 1695 deletions(-)
 delete mode 100644 config/database.yml.mysql
 delete mode 100644 config/initializers/active_record_mysql_timestamp.rb
 delete mode 100644 config/initializers/ar_mysql_jsonb_support.rb
 delete mode 100644 config/initializers/ar_native_database_types.rb
 delete mode 100644 config/initializers/connection_fix.rb
 delete mode 100644 config/initializers/mysql_ignore_postgresql_options.rb
 delete mode 100644 config/initializers/mysql_set_length_for_binary_indexes.rb
 delete mode 100644 db/migrate/20180406204716_add_limits_ci_build_trace_chunks_raw_data_for_mysql.rb
 delete mode 100644 db/migrate/20180521171529_increase_mysql_text_limit_for_gpg_keys.rb
 delete mode 100644 db/migrate/20180831164904_fix_prometheus_metric_query_limits.rb
 delete mode 100644 db/migrate/gpg_keys_limits_to_mysql.rb
 delete mode 100644 db/migrate/limits_ci_build_trace_chunks_raw_data_for_mysql.rb
 delete mode 100644 db/migrate/limits_to_mysql.rb
 delete mode 100644 db/migrate/markdown_cache_limits_to_mysql.rb
 delete mode 100644 db/migrate/merge_request_diff_file_limits_to_mysql.rb
 delete mode 100644 db/migrate/prometheus_metrics_limits_to_mysql.rb
 delete mode 100644 lib/mysql_zero_date.rb
 delete mode 100644 lib/tasks/migrate/add_limits_mysql.rake
 delete mode 100644 scripts/create_mysql_user.sh
 delete mode 100644 spec/lib/gitlab/database/median_spec.rb

diff --git a/Gemfile b/Gemfile
index 2f64e258fb3..ba958c6ae10 100644
--- a/Gemfile
+++ b/Gemfile
@@ -16,7 +16,6 @@ gem 'sprockets', '~> 3.7.0'
 gem 'default_value_for', '~> 3.2.0'
 
 # Supported DBs
-gem 'mysql2', '~> 0.4.10', group: :mysql
 gem 'pg', '~> 1.1', group: :postgres
 
 gem 'rugged', '~> 0.28'
@@ -298,7 +297,6 @@ gem 'batch-loader', '~> 1.4.0'
 # Perf bar
 gem 'peek', '~> 1.0.1'
 gem 'peek-gc', '~> 0.0.2'
-gem 'peek-mysql2', '~> 1.2.0', group: :mysql
 gem 'peek-pg', '~> 1.3.0', group: :postgres
 gem 'peek-rblineprof', '~> 0.2.0'
 
diff --git a/Gemfile.lock b/Gemfile.lock
index 79ec7b36a43..7e26c5bbc45 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -536,7 +536,6 @@ GEM
     mustermann (1.0.3)
     mustermann-grape (1.0.0)
       mustermann (~> 1.0.0)
-    mysql2 (0.4.10)
     nakayoshi_fork (0.0.4)
     net-ldap (0.16.0)
     net-ssh (5.2.0)
@@ -644,11 +643,6 @@ GEM
       railties (>= 4.0.0)
     peek-gc (0.0.2)
       peek
-    peek-mysql2 (1.2.0)
-      concurrent-ruby
-      concurrent-ruby-ext
-      mysql2
-      peek
     peek-pg (1.3.0)
       concurrent-ruby
       concurrent-ruby-ext
@@ -1163,7 +1157,6 @@ DEPENDENCIES
   mimemagic (~> 0.3.2)
   mini_magick
   minitest (~> 5.11.0)
-  mysql2 (~> 0.4.10)
   nakayoshi_fork (~> 0.0.4)
   net-ldap
   net-ssh (~> 5.2)
@@ -1191,7 +1184,6 @@ DEPENDENCIES
   org-ruby (~> 0.9.12)
   peek (~> 1.0.1)
   peek-gc (~> 0.0.2)
-  peek-mysql2 (~> 1.2.0)
   peek-pg (~> 1.3.0)
   peek-rblineprof (~> 0.2.0)
   pg (~> 1.1)
diff --git a/app/models/ci/pipeline.rb b/app/models/ci/pipeline.rb
index 2262282e647..c2eb51ba100 100644
--- a/app/models/ci/pipeline.rb
+++ b/app/models/ci/pipeline.rb
@@ -236,8 +236,6 @@ module Ci
 
       if limit
         ids = relation.limit(limit).select(:id)
-        # MySQL does not support limit in subquery
-        ids = ids.pluck(:id) if Gitlab::Database.mysql?
         relation = relation.where(id: ids)
       end
 
diff --git a/app/models/concerns/case_sensitivity.rb b/app/models/concerns/case_sensitivity.rb
index c93b6589ee7..abddbf1c7e3 100644
--- a/app/models/concerns/case_sensitivity.rb
+++ b/app/models/concerns/case_sensitivity.rb
@@ -40,14 +40,10 @@ module CaseSensitivity
     end
 
     def lower_value(value)
-      return value if Gitlab::Database.mysql?
-
       Arel::Nodes::NamedFunction.new('LOWER', [Arel::Nodes.build_quoted(value)])
     end
 
     def lower_column(column)
-      return column if Gitlab::Database.mysql?
-
       column.lower
     end
   end
diff --git a/app/models/concerns/routable.rb b/app/models/concerns/routable.rb
index 9becab632f3..116e8967651 100644
--- a/app/models/concerns/routable.rb
+++ b/app/models/concerns/routable.rb
@@ -33,29 +33,12 @@ module Routable
     #
     # Returns a single object, or nil.
     def find_by_full_path(path, follow_redirects: false)
-      # On MySQL we want to ensure the ORDER BY uses a case-sensitive match so
-      # any literal matches come first, for this we have to use "BINARY".
-      # Without this there's still no guarantee in what order MySQL will return
-      # rows.
-      #
-      # Why do we do this?
-      #
-      # Even though we have Rails validation on Route for unique paths
-      # (case-insensitive), there are old projects in our DB (and possibly
-      # clients' DBs) that have the same path with different cases.
-      # See https://gitlab.com/gitlab-org/gitlab-ce/issues/18603. Also note that
-      # our unique index is case-sensitive in Postgres.
-      binary = Gitlab::Database.mysql? ? 'BINARY' : ''
-      order_sql = Arel.sql("(CASE WHEN #{binary} routes.path = #{connection.quote(path)} THEN 0 ELSE 1 END)")
+      order_sql = Arel.sql("(CASE WHEN routes.path = #{connection.quote(path)} THEN 0 ELSE 1 END)")
       found = where_full_path_in([path]).reorder(order_sql).take
       return found if found
 
       if follow_redirects
-        if Gitlab::Database.postgresql?
-          joins(:redirect_routes).find_by("LOWER(redirect_routes.path) = LOWER(?)", path)
-        else
-          joins(:redirect_routes).find_by(redirect_routes: { path: path })
-        end
+        joins(:redirect_routes).find_by("LOWER(redirect_routes.path) = LOWER(?)", path)
       end
     end
 
@@ -67,27 +50,13 @@ module Routable
     #
     # Returns an ActiveRecord::Relation.
     def where_full_path_in(paths)
-      wheres = []
-      cast_lower = Gitlab::Database.postgresql?
+      return none if paths.empty?
 
-      paths.each do |path|
-        path = connection.quote(path)
-
-        where =
-          if cast_lower
-            "(LOWER(routes.path) = LOWER(#{path}))"
-          else
-            "(routes.path = #{path})"
-          end
-
-        wheres << where
+      wheres = paths.map do |path|
+        "(LOWER(routes.path) = LOWER(#{connection.quote(path)}))"
       end
 
-      if wheres.empty?
-        none
-      else
-        joins(:route).where(wheres.join(' OR '))
-      end
+      joins(:route).where(wheres.join(' OR '))
     end
   end
 
diff --git a/app/models/deployment.rb b/app/models/deployment.rb
index b69cda4f2f9..68586e7a1fd 100644
--- a/app/models/deployment.rb
+++ b/app/models/deployment.rb
@@ -128,17 +128,8 @@ class Deployment < ApplicationRecord
       merge_requests = merge_requests.where("merge_request_metrics.merged_at >= ?", previous_deployment.finished_at)
     end
 
-    # Need to use `map` instead of `select` because MySQL doesn't allow `SELECT`ing from the same table
-    # that we're updating.
-    merge_request_ids =
-      if Gitlab::Database.postgresql?
-        merge_requests.select(:id)
-      elsif Gitlab::Database.mysql?
-        merge_requests.map(&:id)
-      end
-
     MergeRequest::Metrics
-      .where(merge_request_id: merge_request_ids, first_deployed_to_production_at: nil)
+      .where(merge_request_id: merge_requests.select(:id), first_deployed_to_production_at: nil)
       .update_all(first_deployed_to_production_at: finished_at)
   end
 
diff --git a/app/uploaders/records_uploads.rb b/app/uploaders/records_uploads.rb
index 00b51f92b12..3b2a9d2f80e 100644
--- a/app/uploaders/records_uploads.rb
+++ b/app/uploaders/records_uploads.rb
@@ -23,15 +23,7 @@ module RecordsUploads
       return unless model
       return unless file && file.exists?
 
-      # MySQL InnoDB may encounter a deadlock if a deletion and an
-      # insert is in the same transaction due to its next-key locking
-      # algorithm, so we need to skip the transaction.
-      # https://gitlab.com/gitlab-org/gitlab-ce/issues/55161#note_131556351
-      if Gitlab::Database.mysql?
-        readd_upload
-      else
-        Upload.transaction { readd_upload }
-      end
+      Upload.transaction { readd_upload }
     end
 
     def readd_upload
diff --git a/config/application.rb b/config/application.rb
index df5079ba993..92240426b5a 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -22,11 +22,6 @@ module Gitlab
     require_dependency Rails.root.join('lib/gitlab/middleware/read_only')
     require_dependency Rails.root.join('lib/gitlab/middleware/basic_health_check')
 
-    # This needs to be loaded before DB connection is made
-    # to make sure that all connections have NO_ZERO_DATE
-    # setting disabled
-    require_dependency Rails.root.join('lib/mysql_zero_date')
-
     # Settings in config/environments/* take precedence over those specified here.
     # Application configuration should go into files in config/initializers
     # -- all .rb files in that directory are automatically loaded.
diff --git a/config/database.yml.mysql b/config/database.yml.mysql
deleted file mode 100644
index 98c2abe9f5e..00000000000
--- a/config/database.yml.mysql
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# PRODUCTION
-#
-production:
-  adapter: mysql2
-  encoding: utf8
-  collation: utf8_general_ci
-  reconnect: false
-  database: gitlabhq_production
-  pool: 10
-  username: git
-  password: "secure password"
-  host: localhost
-  # socket: /tmp/mysql.sock
-
-#
-# Development specific
-#
-development:
-  adapter: mysql2
-  encoding: utf8
-  collation: utf8_general_ci
-  reconnect: false
-  database: gitlabhq_development
-  pool: 5
-  username: root
-  password: "secure password"
-  host: localhost
-  # socket: /tmp/mysql.sock
-
-#
-# Staging specific
-#
-staging:
-  adapter: mysql2
-  encoding: utf8
-  collation: utf8_general_ci
-  reconnect: false
-  database: gitlabhq_staging
-  pool: 10
-  username: git
-  password: "secure password"
-  host: localhost
-  # socket: /tmp/mysql.sock
-
-# Warning: The database defined as "test" will be erased and
-# re-generated from your development database when you run "rake".
-# Do not set this db to the same as development or production.
-test: &test
-  adapter: mysql2
-  encoding: utf8mb4
-  collation: utf8mb4_general_ci
-  reconnect: false
-  database: gitlabhq_test
-  pool: 5
-  username: root
-  password:
-  host: localhost
-  # socket: /tmp/mysql.sock
-  prepared_statements: false
diff --git a/config/initializers/active_record_data_types.rb b/config/initializers/active_record_data_types.rb
index 151bce4d130..846f28e6f66 100644
--- a/config/initializers/active_record_data_types.rb
+++ b/config/initializers/active_record_data_types.rb
@@ -1,83 +1,45 @@
 # ActiveRecord custom data type for storing datetimes with timezone information.
 # See https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11229
 
-if Gitlab::Database.postgresql?
-  require 'active_record/connection_adapters/postgresql_adapter'
+require 'active_record/connection_adapters/postgresql_adapter'
 
-  module ActiveRecord::ConnectionAdapters::PostgreSQL::OID
-    # Add the class `DateTimeWithTimeZone` so we can map `timestamptz` to it.
-    class DateTimeWithTimeZone < DateTime
-      def type
-        :datetime_with_timezone
-      end
+module ActiveRecord::ConnectionAdapters::PostgreSQL::OID
+  # Add the class `DateTimeWithTimeZone` so we can map `timestamptz` to it.
+  class DateTimeWithTimeZone < DateTime
+    def type
+      :datetime_with_timezone
     end
   end
+end
 
-  module RegisterDateTimeWithTimeZone
-    # Run original `initialize_type_map` and then register `timestamptz` as a
-    # `DateTimeWithTimeZone`.
-    #
-    # Apparently it does not matter that the original `initialize_type_map`
-    # aliases `timestamptz` to `timestamp`.
-    #
-    # When schema dumping, `timestamptz` columns will be output as
-    # `t.datetime_with_timezone`.
-    def initialize_type_map(mapping = type_map)
-      super mapping
-
-      mapping.register_type 'timestamptz' do |_, _, sql_type|
-        precision = extract_precision(sql_type)
-        ActiveRecord::ConnectionAdapters::PostgreSQLAdapter::OID::DateTimeWithTimeZone.new(precision: precision)
-      end
-    end
-  end
-
-  class ActiveRecord::ConnectionAdapters::PostgreSQLAdapter
-    prepend RegisterDateTimeWithTimeZone
-
-    # Add column type `datetime_with_timezone` so we can do this in
-    # migrations:
-    #
-    #   add_column(:users, :datetime_with_timezone)
-    #
-    NATIVE_DATABASE_TYPES[:datetime_with_timezone] = { name: 'timestamptz' }
-  end
-elsif Gitlab::Database.mysql?
-  require 'active_record/connection_adapters/mysql2_adapter'
-
-  module RegisterDateTimeWithTimeZone
-    # Run original `initialize_type_map` and then register `timestamp` as a
-    # `MysqlDateTimeWithTimeZone`.
-    #
-    # When schema dumping, `timestamp` columns will be output as
-    # `t.datetime_with_timezone`.
-    def initialize_type_map(mapping = type_map)
-      super mapping
-
-      mapping.register_type(/timestamp/i) do |sql_type|
-        precision = extract_precision(sql_type)
-        ActiveRecord::ConnectionAdapters::AbstractMysqlAdapter::MysqlDateTimeWithTimeZone.new(precision: precision)
-      end
+module RegisterDateTimeWithTimeZone
+  # Run original `initialize_type_map` and then register `timestamptz` as a
+  # `DateTimeWithTimeZone`.
+  #
+  # Apparently it does not matter that the original `initialize_type_map`
+  # aliases `timestamptz` to `timestamp`.
+  #
+  # When schema dumping, `timestamptz` columns will be output as
+  # `t.datetime_with_timezone`.
+  def initialize_type_map(mapping = type_map)
+    super mapping
+
+    mapping.register_type 'timestamptz' do |_, _, sql_type|
+      precision = extract_precision(sql_type)
+      ActiveRecord::ConnectionAdapters::PostgreSQLAdapter::OID::DateTimeWithTimeZone.new(precision: precision)
     end
   end
+end
 
-  class ActiveRecord::ConnectionAdapters::AbstractMysqlAdapter
-    prepend RegisterDateTimeWithTimeZone
-
-    # Add the class `DateTimeWithTimeZone` so we can map `timestamp` to it.
-    class MysqlDateTimeWithTimeZone < ActiveRecord::Type::DateTime
-      def type
-        :datetime_with_timezone
-      end
-    end
+class ActiveRecord::ConnectionAdapters::PostgreSQLAdapter
+  prepend RegisterDateTimeWithTimeZone
 
-    # Add column type `datetime_with_timezone` so we can do this in
-    # migrations:
-    #
-    #   add_column(:users, :datetime_with_timezone)
-    #
-    NATIVE_DATABASE_TYPES[:datetime_with_timezone] = { name: 'timestamp' }
-  end
+  # Add column type `datetime_with_timezone` so we can do this in
+  # migrations:
+  #
+  #   add_column(:users, :datetime_with_timezone)
+  #
+  NATIVE_DATABASE_TYPES[:datetime_with_timezone] = { name: 'timestamptz' }
 end
 
 # Ensure `datetime_with_timezone` columns are correctly written to schema.rb
diff --git a/config/initializers/active_record_mysql_timestamp.rb b/config/initializers/active_record_mysql_timestamp.rb
deleted file mode 100644
index af74c4ff6fb..00000000000
--- a/config/initializers/active_record_mysql_timestamp.rb
+++ /dev/null
@@ -1,30 +0,0 @@
-# Make sure that MySQL won't try to use CURRENT_TIMESTAMP when the timestamp
-# column is NOT NULL. See https://gitlab.com/gitlab-org/gitlab-ce/issues/36405
-# And also: https://bugs.mysql.com/bug.php?id=75098
-# This patch was based on:
-# https://github.com/rails/rails/blob/15ef55efb591e5379486ccf53dd3e13f416564f6/activerecord/lib/active_record/connection_adapters/mysql/schema_creation.rb#L34-L36
-
-if Gitlab::Database.mysql?
-  require 'active_record/connection_adapters/abstract/schema_creation'
-
-  module MySQLTimestampFix
-    def add_column_options!(sql, options)
-      # By default, TIMESTAMP columns are NOT NULL, cannot contain NULL values,
-      # and assigning NULL assigns the current timestamp. To permit a TIMESTAMP
-      # column to contain NULL, explicitly declare it with the NULL attribute.
-      # See http://dev.mysql.com/doc/refman/5.7/en/timestamp-initialization.html
-      if sql.end_with?('timestamp') && !options[:primary_key]
-        if options[:null] != false
-          sql << ' NULL'
-        elsif options[:column].default.nil?
-          sql << ' DEFAULT 0'
-        end
-      end
-
-      super
-    end
-  end
-
-  ActiveRecord::ConnectionAdapters::AbstractAdapter::SchemaCreation
-    .prepend(MySQLTimestampFix)
-end
diff --git a/config/initializers/ar_mysql_jsonb_support.rb b/config/initializers/ar_mysql_jsonb_support.rb
deleted file mode 100644
index 63a0b05119a..00000000000
--- a/config/initializers/ar_mysql_jsonb_support.rb
+++ /dev/null
@@ -1,31 +0,0 @@
-# frozen_string_literal: true
-
-require 'active_record/connection_adapters/abstract_mysql_adapter'
-require 'active_record/connection_adapters/mysql/schema_definitions'
-
-# MySQL (5.6) and MariaDB (10.1) are currently supported versions within GitLab,
-# Since they do not support native `json` datatype we force to emulate it as `text`
-
-if Gitlab::Database.mysql?
-  module ActiveRecord
-    module ConnectionAdapters
-      class AbstractMysqlAdapter
-        JSON_DATASIZE = 1.megabyte
-
-        NATIVE_DATABASE_TYPES.merge!(
-          json: { name: "text", limit: JSON_DATASIZE },
-          jsonb: { name: "text", limit: JSON_DATASIZE }
-        )
-      end
-
-      module MySQL
-        module ColumnMethods
-          # We add `jsonb` helper, as `json` is already defined for `MySQL` since Rails 5
-          def jsonb(*args, **options)
-            args.each { |name| column(name, :json, options) }
-          end
-        end
-      end
-    end
-  end
-end
diff --git a/config/initializers/ar_native_database_types.rb b/config/initializers/ar_native_database_types.rb
deleted file mode 100644
index 6d397661f75..00000000000
--- a/config/initializers/ar_native_database_types.rb
+++ /dev/null
@@ -1,12 +0,0 @@
-require 'active_record/connection_adapters/abstract_mysql_adapter'
-
-module ActiveRecord
-  module ConnectionAdapters
-    class AbstractMysqlAdapter
-      NATIVE_DATABASE_TYPES.merge!(
-        bigserial: { name: 'bigint(20) auto_increment PRIMARY KEY' },
-        serial: { name: 'int auto_increment PRIMARY KEY' }
-      )
-    end
-  end
-end
diff --git a/config/initializers/connection_fix.rb b/config/initializers/connection_fix.rb
deleted file mode 100644
index d0b1444f607..00000000000
--- a/config/initializers/connection_fix.rb
+++ /dev/null
@@ -1,32 +0,0 @@
-# from http://gist.github.com/238999
-#
-# If your workers are inactive for a long period of time, they'll lose
-# their MySQL connection.
-#
-# This hack ensures we re-connect whenever a connection is
-# lost. Because, really. why not?
-#
-# Stick this in RAILS_ROOT/config/initializers/connection_fix.rb (or somewhere similar)
-#
-# From:
-#   http://coderrr.wordpress.com/2009/01/08/activerecord-threading-issues-and-resolutions/
-
-if defined?(ActiveRecord::ConnectionAdapters::Mysql2Adapter)
-  module ActiveRecord::ConnectionAdapters
-    class Mysql2Adapter
-      alias_method :execute_without_retry, :execute
-
-      def execute(*args)
-        execute_without_retry(*args)
-      rescue ActiveRecord::StatementInvalid => e
-        if e.message =~ /server has gone away/i
-          warn "Lost connection to MySQL server during query"
-          reconnect!
-          retry
-        else
-          raise e
-        end
-      end
-    end
-  end
-end
diff --git a/config/initializers/mysql_ignore_postgresql_options.rb b/config/initializers/mysql_ignore_postgresql_options.rb
deleted file mode 100644
index e6a7d9bef52..00000000000
--- a/config/initializers/mysql_ignore_postgresql_options.rb
+++ /dev/null
@@ -1,42 +0,0 @@
-# This patches ActiveRecord so indexes created using the MySQL adapter ignore
-# any PostgreSQL specific options (e.g. `using: :gin`).
-#
-# These patches do the following for MySQL:
-#
-# 1. Indexes created using the :opclasses option are ignored (as they serve no
-#    purpose on MySQL).
-# 2. When creating an index with `using: :gin` the `using` option is discarded
-#    as :gin is not a valid value for MySQL.
-# 3. The `:opclasses` option is stripped from add_index_options in case it's
-#    used anywhere other than in the add_index methods.
-
-if defined?(ActiveRecord::ConnectionAdapters::Mysql2Adapter)
-  module ActiveRecord
-    module ConnectionAdapters
-      class Mysql2Adapter < AbstractMysqlAdapter
-        alias_method :__gitlab_add_index, :add_index
-        alias_method :__gitlab_add_index_options, :add_index_options
-
-        def add_index(table_name, column_name, options = {})
-          unless options[:opclasses]
-            __gitlab_add_index(table_name, column_name, options)
-          end
-        end
-
-        def add_index_options(table_name, column_name, options = {})
-          if options[:using] && options[:using] == :gin
-            options = options.dup
-            options.delete(:using)
-          end
-
-          if options[:opclasses]
-            options = options.dup
-            options.delete(:opclasses)
-          end
-
-          __gitlab_add_index_options(table_name, column_name, options)
-        end
-      end
-    end
-  end
-end
diff --git a/config/initializers/mysql_set_length_for_binary_indexes.rb b/config/initializers/mysql_set_length_for_binary_indexes.rb
deleted file mode 100644
index 552f3a20a95..00000000000
--- a/config/initializers/mysql_set_length_for_binary_indexes.rb
+++ /dev/null
@@ -1,30 +0,0 @@
-# This patches ActiveRecord so indexes for binary columns created using the
-# MySQL adapter apply a length of 20. Otherwise MySQL can't create an index on
-# binary columns.
-
-module MysqlSetLengthForBinaryIndexAndIgnorePostgresOptionsForSchema
-  # This method is used in Rails 5 schema loading as t.index
-  def index(column_names, options = {})
-    # Ignore indexes that use opclasses,
-    # also see config/initializers/mysql_ignore_postgresql_options.rb
-    if options[:opclasses]
-      warn "WARNING: index on columns #{column_names} uses unsupported option, skipping."
-      return
-    end
-
-    options[:length] ||= {}
-    Array(column_names).each do |column_name|
-      column = columns.find { |c| c.name == column_name }
-
-      if column&.type == :binary
-        options[:length][column_name] = 20
-      end
-    end
-
-    super(column_names, options)
-  end
-end
-
-if defined?(ActiveRecord::ConnectionAdapters::MySQL::TableDefinition)
-  ActiveRecord::ConnectionAdapters::MySQL::TableDefinition.send(:prepend, MysqlSetLengthForBinaryIndexAndIgnorePostgresOptionsForSchema)
-end
diff --git a/config/initializers/peek.rb b/config/initializers/peek.rb
index 2aec32e878c..1ffd133239d 100644
--- a/config/initializers/peek.rb
+++ b/config/initializers/peek.rb
@@ -2,11 +2,7 @@ Rails.application.config.peek.adapter = :redis, { client: ::Redis.new(Gitlab::Re
 
 Peek.into Peek::Views::Host
 
-if Gitlab::Database.mysql?
-  require 'peek-mysql2'
-  PEEK_DB_CLIENT = ::Mysql2::Client
-  PEEK_DB_VIEW = Peek::Views::Mysql2
-elsif Gitlab::Database.postgresql?
+if Gitlab::Database.postgresql?
   require 'peek-pg'
   PEEK_DB_CLIENT = ::PG::Connection
   PEEK_DB_VIEW = Peek::Views::PG
diff --git a/db/migrate/20180206200543_reset_events_primary_key_sequence.rb b/db/migrate/20180206200543_reset_events_primary_key_sequence.rb
index d395c5725e4..e7a18e68395 100644
--- a/db/migrate/20180206200543_reset_events_primary_key_sequence.rb
+++ b/db/migrate/20180206200543_reset_events_primary_key_sequence.rb
@@ -12,24 +12,10 @@ class ResetEventsPrimaryKeySequence < ActiveRecord::Migration[4.2]
   end
 
   def up
-    if Gitlab::Database.postgresql?
-      reset_primary_key_for_postgresql
-    else
-      reset_primary_key_for_mysql
-    end
+    reset_pk_sequence!(Event.table_name)
   end
 
   def down
     # No-op
   end
-
-  def reset_primary_key_for_postgresql
-    reset_pk_sequence!(Event.table_name)
-  end
-
-  def reset_primary_key_for_mysql
-    amount = Event.pluck('COALESCE(MAX(id), 1)').first
-
-    execute "ALTER TABLE #{Event.table_name} AUTO_INCREMENT = #{amount}"
-  end
 end
diff --git a/db/migrate/20180403035759_create_project_ci_cd_settings.rb b/db/migrate/20180403035759_create_project_ci_cd_settings.rb
index 00028689779..c630dd3c942 100644
--- a/db/migrate/20180403035759_create_project_ci_cd_settings.rb
+++ b/db/migrate/20180403035759_create_project_ci_cd_settings.rb
@@ -30,12 +30,6 @@ class CreateProjectCiCdSettings < ActiveRecord::Migration[4.2]
   end
 
   def add_foreign_key_with_retry
-    if Gitlab::Database.mysql?
-      # When using MySQL we don't support online upgrades, thus projects can't
-      # be deleted while we are running this migration.
-      return add_project_id_foreign_key
-    end
-
     # Between the initial INSERT and the addition of the foreign key some
     # projects may have been removed, leaving orphaned rows in our new settings
     # table.
diff --git a/db/migrate/20180406204716_add_limits_ci_build_trace_chunks_raw_data_for_mysql.rb b/db/migrate/20180406204716_add_limits_ci_build_trace_chunks_raw_data_for_mysql.rb
deleted file mode 100644
index 0b541e94353..00000000000
--- a/db/migrate/20180406204716_add_limits_ci_build_trace_chunks_raw_data_for_mysql.rb
+++ /dev/null
@@ -1,13 +0,0 @@
-# See http://doc.gitlab.com/ce/development/migration_style_guide.html
-# for more information on how to write migrations for GitLab.
-require Rails.root.join('db/migrate/limits_ci_build_trace_chunks_raw_data_for_mysql')
-
-class AddLimitsCiBuildTraceChunksRawDataForMysql < ActiveRecord::Migration[4.2]
-  include Gitlab::Database::MigrationHelpers
-
-  DOWNTIME = false
-
-  def up
-    LimitsCiBuildTraceChunksRawDataForMysql.new.up
-  end
-end
diff --git a/db/migrate/20180521171529_increase_mysql_text_limit_for_gpg_keys.rb b/db/migrate/20180521171529_increase_mysql_text_limit_for_gpg_keys.rb
deleted file mode 100644
index 08ce8cc3094..00000000000
--- a/db/migrate/20180521171529_increase_mysql_text_limit_for_gpg_keys.rb
+++ /dev/null
@@ -1 +0,0 @@
-require_relative 'gpg_keys_limits_to_mysql'
diff --git a/db/migrate/20180831164904_fix_prometheus_metric_query_limits.rb b/db/migrate/20180831164904_fix_prometheus_metric_query_limits.rb
deleted file mode 100644
index 80c4d11a38e..00000000000
--- a/db/migrate/20180831164904_fix_prometheus_metric_query_limits.rb
+++ /dev/null
@@ -1,19 +0,0 @@
-# frozen_string_literal: true
-
-# See http://doc.gitlab.com/ce/development/migration_style_guide.html
-# for more information on how to write migrations for GitLab.
-require Rails.root.join('db/migrate/prometheus_metrics_limits_to_mysql')
-
-class FixPrometheusMetricQueryLimits < ActiveRecord::Migration[4.2]
-  include Gitlab::Database::MigrationHelpers
-
-  DOWNTIME = false
-
-  def up
-    PrometheusMetricsLimitsToMysql.new.up
-  end
-
-  def down
-    # no-op
-  end
-end
diff --git a/db/migrate/20181030154446_add_missing_indexes_for_foreign_keys.rb b/db/migrate/20181030154446_add_missing_indexes_for_foreign_keys.rb
index 2b5cd45e92c..e21eb291282 100644
--- a/db/migrate/20181030154446_add_missing_indexes_for_foreign_keys.rb
+++ b/db/migrate/20181030154446_add_missing_indexes_for_foreign_keys.rb
@@ -34,10 +34,6 @@ class AddMissingIndexesForForeignKeys < ActiveRecord::Migration[4.2]
   end
 
   def down
-    # MySQL requires index for FK,
-    # thus removal of indexes does fail
-    return if Gitlab::Database.mysql?
-
     remove_concurrent_index(:application_settings, :usage_stats_set_by_user_id)
     remove_concurrent_index(:ci_pipeline_schedules, :owner_id)
     remove_concurrent_index(:ci_trigger_requests, :trigger_id)
diff --git a/db/migrate/gpg_keys_limits_to_mysql.rb b/db/migrate/gpg_keys_limits_to_mysql.rb
deleted file mode 100644
index 2cd347a0463..00000000000
--- a/db/migrate/gpg_keys_limits_to_mysql.rb
+++ /dev/null
@@ -1,14 +0,0 @@
-class IncreaseMysqlTextLimitForGpgKeys < ActiveRecord::Migration[4.2]
-  # Set this constant to true if this migration requires downtime.
-  DOWNTIME = false
-
-  def up
-    return unless Gitlab::Database.mysql?
-
-    change_column :gpg_keys, :key, :text, limit: 16.megabytes - 1
-  end
-
-  def down
-    # no-op
-  end
-end
diff --git a/db/migrate/limits_ci_build_trace_chunks_raw_data_for_mysql.rb b/db/migrate/limits_ci_build_trace_chunks_raw_data_for_mysql.rb
deleted file mode 100644
index 92402cf387b..00000000000
--- a/db/migrate/limits_ci_build_trace_chunks_raw_data_for_mysql.rb
+++ /dev/null
@@ -1,9 +0,0 @@
-class LimitsCiBuildTraceChunksRawDataForMysql < ActiveRecord::Migration[4.2]
-  def up
-    return unless Gitlab::Database.mysql?
-
-    # Mysql needs MEDIUMTEXT type (up to 16MB) rather than TEXT (up to 64KB)
-    # Because 'raw_data' is always capped by Ci::BuildTraceChunk::CHUNK_SIZE, which is 128KB
-    change_column :ci_build_trace_chunks, :raw_data, :binary, limit: 16.megabytes - 1 # MEDIUMTEXT
-  end
-end
diff --git a/db/migrate/limits_to_mysql.rb b/db/migrate/limits_to_mysql.rb
deleted file mode 100644
index 33cb19aff9e..00000000000
--- a/db/migrate/limits_to_mysql.rb
+++ /dev/null
@@ -1,8 +0,0 @@
-class LimitsToMysql < ActiveRecord::Migration[4.2]
-  def up
-    return unless ActiveRecord::Base.configurations[Rails.env]['adapter'] =~ /^mysql/
-
-    change_column :snippets, :content, :text, limit: 2147483647
-    change_column :notes, :st_diff, :text, limit: 2147483647
-  end
-end
diff --git a/db/migrate/markdown_cache_limits_to_mysql.rb b/db/migrate/markdown_cache_limits_to_mysql.rb
deleted file mode 100644
index f99d500a137..00000000000
--- a/db/migrate/markdown_cache_limits_to_mysql.rb
+++ /dev/null
@@ -1,13 +0,0 @@
-class MarkdownCacheLimitsToMysql < ActiveRecord::Migration[4.2]
-  DOWNTIME = false
-
-  def up
-    return unless Gitlab::Database.mysql?
-
-    change_column :snippets, :content_html, :text, limit: 2147483647
-  end
-
-  def down
-    # no-op
-  end
-end
diff --git a/db/migrate/merge_request_diff_file_limits_to_mysql.rb b/db/migrate/merge_request_diff_file_limits_to_mysql.rb
deleted file mode 100644
index 65dd0b5b7f7..00000000000
--- a/db/migrate/merge_request_diff_file_limits_to_mysql.rb
+++ /dev/null
@@ -1,12 +0,0 @@
-class MergeRequestDiffFileLimitsToMysql < ActiveRecord::Migration[4.2]
-  DOWNTIME = false
-
-  def up
-    return unless Gitlab::Database.mysql?
-
-    change_column :merge_request_diff_files, :diff, :text, limit: 2147483647, default: nil
-  end
-
-  def down
-  end
-end
diff --git a/db/migrate/prometheus_metrics_limits_to_mysql.rb b/db/migrate/prometheus_metrics_limits_to_mysql.rb
deleted file mode 100644
index f7a2fcba8c2..00000000000
--- a/db/migrate/prometheus_metrics_limits_to_mysql.rb
+++ /dev/null
@@ -1,12 +0,0 @@
-class PrometheusMetricsLimitsToMysql < ActiveRecord::Migration[4.2]
-  DOWNTIME = false
-
-  def up
-    return unless Gitlab::Database.mysql?
-
-    change_column :prometheus_metrics, :query, :text, limit: 4096, default: nil
-  end
-
-  def down
-  end
-end
diff --git a/db/post_migrate/20180409170809_populate_missing_project_ci_cd_settings.rb b/db/post_migrate/20180409170809_populate_missing_project_ci_cd_settings.rb
index 0cda3d76a3d..a400a071e07 100644
--- a/db/post_migrate/20180409170809_populate_missing_project_ci_cd_settings.rb
+++ b/db/post_migrate/20180409170809_populate_missing_project_ci_cd_settings.rb
@@ -9,10 +9,6 @@ class PopulateMissingProjectCiCdSettings < ActiveRecord::Migration[4.2]
   disable_ddl_transaction!
 
   def up
-    # MySQL does not support online upgrades, thus there can't be any missing
-    # rows.
-    return if Gitlab::Database.mysql?
-
     # Projects created after the initial migration but before the code started
     # using ProjectCiCdSetting won't have a corresponding row in
     # project_ci_cd_settings, so let's fix that.
diff --git a/db/post_migrate/20181219130552_update_project_import_visibility_level.rb b/db/post_migrate/20181219130552_update_project_import_visibility_level.rb
index 6209de88b31..bfa452578a3 100644
--- a/db/post_migrate/20181219130552_update_project_import_visibility_level.rb
+++ b/db/post_migrate/20181219130552_update_project_import_visibility_level.rb
@@ -49,7 +49,7 @@ class UpdateProjectImportVisibilityLevel < ActiveRecord::Migration[5.0]
   def update_projects_visibility(visibility)
     say_with_time("Updating project visibility to #{visibility} on #{Project::IMPORT_TYPE} imports.") do
       Project.with_group_visibility(visibility).select(:id).each_batch(of: BATCH_SIZE) do |batch, _index|
-        batch_sql = Gitlab::Database.mysql? ? batch.pluck(:id).join(', ') : batch.select(:id).to_sql
+        batch_sql = batch.select(:id).to_sql
 
         say("Updating #{batch.size} items.", true)
 
diff --git a/db/post_migrate/20190204115450_migrate_auto_dev_ops_domain_to_cluster_domain.rb b/db/post_migrate/20190204115450_migrate_auto_dev_ops_domain_to_cluster_domain.rb
index 392e64eeade..036b0b64b48 100644
--- a/db/post_migrate/20190204115450_migrate_auto_dev_ops_domain_to_cluster_domain.rb
+++ b/db/post_migrate/20190204115450_migrate_auto_dev_ops_domain_to_cluster_domain.rb
@@ -16,26 +16,6 @@ class MigrateAutoDevOpsDomainToClusterDomain < ActiveRecord::Migration[5.0]
   private
 
   def update_clusters_domain_query
-    if Gitlab::Database.mysql?
-      mysql_query
-    else
-      postgresql_query
-    end
-  end
-
-  def mysql_query
-    <<~HEREDOC
-    UPDATE clusters, project_auto_devops, cluster_projects
-    SET
-      clusters.domain = project_auto_devops.domain
-    WHERE
-      cluster_projects.cluster_id = clusters.id
-      AND project_auto_devops.project_id = cluster_projects.project_id
-      AND project_auto_devops.domain != ''
-    HEREDOC
-  end
-
-  def postgresql_query
     <<~HEREDOC
     UPDATE clusters
     SET domain = project_auto_devops.domain
diff --git a/db/post_migrate/20190404143330_add_unique_constraint_to_approvals_user_id_and_merge_request_id.rb b/db/post_migrate/20190404143330_add_unique_constraint_to_approvals_user_id_and_merge_request_id.rb
index 447f91ebc7e..dd85ebc8001 100644
--- a/db/post_migrate/20190404143330_add_unique_constraint_to_approvals_user_id_and_merge_request_id.rb
+++ b/db/post_migrate/20190404143330_add_unique_constraint_to_approvals_user_id_and_merge_request_id.rb
@@ -21,34 +21,18 @@ class AddUniqueConstraintToApprovalsUserIdAndMergeRequestId < ActiveRecord::Migr
   def remove_duplicates
     add_concurrent_index :approvals, [:user_id, :merge_request_id, :id]
 
-    if Gitlab::Database.mysql?
-      execute <<-SQL
-        DELETE FROM a
-        USING approvals AS a
-        INNER JOIN (
-          SELECT user_id, merge_request_id, MIN(id) as min_id
-          FROM approvals
-          GROUP BY user_id, merge_request_id
-          HAVING COUNT(id) > 1
-        ) as approvals_with_duplicates
-        ON approvals_with_duplicates.user_id = a.user_id
-        AND approvals_with_duplicates.merge_request_id = a.merge_request_id
-        WHERE approvals_with_duplicates.min_id <> a.id;
-      SQL
-    else
-      execute <<-SQL
-        DELETE FROM approvals
-        USING (
-          SELECT user_id, merge_request_id, MIN(id) as min_id
-          FROM approvals
-          GROUP BY user_id, merge_request_id
-          HAVING COUNT(id) > 1
-        ) as approvals_with_duplicates
-        WHERE approvals_with_duplicates.user_id = approvals.user_id
-        AND approvals_with_duplicates.merge_request_id = approvals.merge_request_id
-        AND approvals_with_duplicates.min_id <> approvals.id;
-      SQL
-    end
+    execute <<-SQL
+      DELETE FROM approvals
+      USING (
+        SELECT user_id, merge_request_id, MIN(id) as min_id
+        FROM approvals
+        GROUP BY user_id, merge_request_id
+        HAVING COUNT(id) > 1
+      ) as approvals_with_duplicates
+      WHERE approvals_with_duplicates.user_id = approvals.user_id
+      AND approvals_with_duplicates.merge_request_id = approvals.merge_request_id
+      AND approvals_with_duplicates.min_id <> approvals.id;
+    SQL
 
     remove_concurrent_index :approvals, [:user_id, :merge_request_id, :id]
   end
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 494da770279..10b4f8934d7 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -1052,15 +1052,8 @@ module API
       # rubocop: disable CodeReuse/ActiveRecord
       def self.preload_relation(projects_relation, options = {})
         relation = super(projects_relation, options)
-
-        # MySQL doesn't support LIMIT inside an IN subquery
-        if Gitlab::Database.mysql?
-          project_ids = relation.pluck('projects.id')
-          namespace_ids = relation.pluck(:namespace_id)
-        else
-          project_ids = relation.select('projects.id')
-          namespace_ids = relation.select(:namespace_id)
-        end
+        project_ids = relation.select('projects.id')
+        namespace_ids = relation.select(:namespace_id)
 
         options[:project_members] = options[:current_user]
           .project_members
diff --git a/lib/backup/database.rb b/lib/backup/database.rb
index cd8e29d14d3..7e457c4982d 100644
--- a/lib/backup/database.rb
+++ b/lib/backup/database.rb
@@ -23,11 +23,6 @@ module Backup
 
       dump_pid =
         case config["adapter"]
-        when /^mysql/ then
-          progress.print "Dumping MySQL database #{config['database']} ... "
-          # Workaround warnings from MySQL 5.6 about passwords on cmd line
-          ENV['MYSQL_PWD'] = config["password"].to_s if config["password"]
-          spawn('mysqldump', *mysql_args, config['database'], out: compress_wr)
         when "postgresql" then
           progress.print "Dumping PostgreSQL database #{config['database']} ... "
           pg_env
@@ -57,11 +52,6 @@ module Backup
 
       restore_pid =
         case config["adapter"]
-        when /^mysql/ then
-          progress.print "Restoring MySQL database #{config['database']} ... "
-          # Workaround warnings from MySQL 5.6 about passwords on cmd line
-          ENV['MYSQL_PWD'] = config["password"].to_s if config["password"]
-          spawn('mysql', *mysql_args, config['database'], in: decompress_rd)
         when "postgresql" then
           progress.print "Restoring PostgreSQL database #{config['database']} ... "
           pg_env
@@ -80,23 +70,6 @@ module Backup
 
     protected
 
-    def mysql_args
-      args = {
-        'host'      => '--host',
-        'port'      => '--port',
-        'socket'    => '--socket',
-        'username'  => '--user',
-        'encoding'  => '--default-character-set',
-        # SSL
-        'sslkey'    => '--ssl-key',
-        'sslcert'   => '--ssl-cert',
-        'sslca'     => '--ssl-ca',
-        'sslcapath' => '--ssl-capath',
-        'sslcipher' => '--ssl-cipher'
-      }
-      args.map { |opt, arg| "#{arg}=#{config[opt]}" if config[opt] }.compact
-    end
-
     def pg_env
       args = {
         'username'  => 'PGUSER',
diff --git a/lib/forever.rb b/lib/forever.rb
index 0a37118fe68..3f923557441 100644
--- a/lib/forever.rb
+++ b/lib/forever.rb
@@ -1,15 +1,9 @@
 # frozen_string_literal: true
 
 class Forever
-  POSTGRESQL_DATE = DateTime.new(3000, 1, 1)
-  MYSQL_DATE = DateTime.new(2038, 01, 19)
+  DATE = DateTime.new(3000, 1, 1)
 
-  # MySQL timestamp has a range of '1970-01-01 00:00:01' UTC to '2038-01-19 03:14:07' UTC
   def self.date
-    if Gitlab::Database.postgresql?
-      POSTGRESQL_DATE
-    else
-      MYSQL_DATE
-    end
+    DATE
   end
 end
diff --git a/lib/gitlab/background_migration/fill_valid_time_for_pages_domain_certificate.rb b/lib/gitlab/background_migration/fill_valid_time_for_pages_domain_certificate.rb
index 6046d33aeac..4016b807f21 100644
--- a/lib/gitlab/background_migration/fill_valid_time_for_pages_domain_certificate.rb
+++ b/lib/gitlab/background_migration/fill_valid_time_for_pages_domain_certificate.rb
@@ -19,18 +19,11 @@ module Gitlab
 
       def perform(start_id, stop_id)
         PagesDomain.where(id: start_id..stop_id).find_each do |domain|
-          if Gitlab::Database.mysql?
-            domain.update_columns(
-              certificate_valid_not_before: domain.x509&.not_before,
-              certificate_valid_not_after: domain.x509&.not_after
-            )
-          else
-            # for some reason activerecord doesn't append timezone, iso8601 forces this
-            domain.update_columns(
-              certificate_valid_not_before: domain.x509&.not_before&.iso8601,
-              certificate_valid_not_after: domain.x509&.not_after&.iso8601
-            )
-          end
+          # for some reason activerecord doesn't append timezone, iso8601 forces this
+          domain.update_columns(
+            certificate_valid_not_before: domain.x509&.not_before&.iso8601,
+            certificate_valid_not_after: domain.x509&.not_after&.iso8601
+          )
         rescue => e
           Rails.logger.error "Failed to update pages domain certificate valid time. id: #{domain.id}, message: #{e.message}" # rubocop:disable Gitlab/RailsLogger
         end
diff --git a/lib/gitlab/background_migration/populate_untracked_uploads_dependencies.rb b/lib/gitlab/background_migration/populate_untracked_uploads_dependencies.rb
index 1924f2ffee2..f5fb33f1660 100644
--- a/lib/gitlab/background_migration/populate_untracked_uploads_dependencies.rb
+++ b/lib/gitlab/background_migration/populate_untracked_uploads_dependencies.rb
@@ -176,23 +176,12 @@ module Gitlab
         self.table_name = 'projects'
 
         def self.find_by_full_path(path)
-          binary = Gitlab::Database.mysql? ? 'BINARY' : ''
-          order_sql = "(CASE WHEN #{binary} routes.path = #{connection.quote(path)} THEN 0 ELSE 1 END)"
+          order_sql = "(CASE WHEN routes.path = #{connection.quote(path)} THEN 0 ELSE 1 END)"
           where_full_path_in(path).reorder(order_sql).take
         end
 
         def self.where_full_path_in(path)
-          cast_lower = Gitlab::Database.postgresql?
-
-          path = connection.quote(path)
-
-          where =
-            if cast_lower
-              "(LOWER(routes.path) = LOWER(#{path}))"
-            else
-              "(routes.path = #{path})"
-            end
-
+          where = "(LOWER(routes.path) = LOWER(#{connection.quote(path)}))"
           joins("INNER JOIN routes ON routes.source_id = projects.id AND routes.source_type = 'Project'").where(where)
         end
       end
diff --git a/lib/gitlab/background_migration/prepare_untracked_uploads.rb b/lib/gitlab/background_migration/prepare_untracked_uploads.rb
index cce2a82c098..7d40b459c9a 100644
--- a/lib/gitlab/background_migration/prepare_untracked_uploads.rb
+++ b/lib/gitlab/background_migration/prepare_untracked_uploads.rb
@@ -133,12 +133,9 @@ module Gitlab
       def insert_sql(file_paths)
         if postgresql_pre_9_5?
           "INSERT INTO #{table_columns_and_values_for_insert(file_paths)};"
-        elsif postgresql?
+        else
           "INSERT INTO #{table_columns_and_values_for_insert(file_paths)}"\
             " ON CONFLICT DO NOTHING;"
-        else # MySQL
-          "INSERT IGNORE INTO"\
-            " #{table_columns_and_values_for_insert(file_paths)};"
         end
       end
 
diff --git a/lib/gitlab/database.rb b/lib/gitlab/database.rb
index 3e4c720b49a..eef63536de4 100644
--- a/lib/gitlab/database.rb
+++ b/lib/gitlab/database.rb
@@ -4,13 +4,13 @@ module Gitlab
   module Database
     include Gitlab::Metrics::Methods
 
-    # The max value of INTEGER type is the same between MySQL and PostgreSQL:
     # https://www.postgresql.org/docs/9.2/static/datatype-numeric.html
-    # http://dev.mysql.com/doc/refman/5.7/en/integer-types.html
     MAX_INT_VALUE = 2147483647
+
     # The max value between MySQL's TIMESTAMP and PostgreSQL's timestampz:
     # https://www.postgresql.org/docs/9.1/static/datatype-datetime.html
     # https://dev.mysql.com/doc/refman/5.7/en/datetime.html
+    # FIXME: this should just be the max value of timestampz
     MAX_TIMESTAMP_VALUE = Time.at((1 << 31) - 1).freeze
 
     # Minimum schema version from which migrations are supported
@@ -39,11 +39,11 @@ module Gitlab
     end
 
     def self.human_adapter_name
-      postgresql? ? 'PostgreSQL' : 'MySQL'
-    end
-
-    def self.mysql?
-      adapter_name.casecmp('mysql2').zero?
+      if postgresql?
+        'PostgreSQL'
+      else
+        'Unknown'
+      end
     end
 
     def self.postgresql?
@@ -60,15 +60,14 @@ module Gitlab
 
     # Check whether the underlying database is in read-only mode
     def self.db_read_only?
-      if postgresql?
-        pg_is_in_recovery =
-          ActiveRecord::Base.connection.execute('SELECT pg_is_in_recovery()')
-            .first.fetch('pg_is_in_recovery')
+      pg_is_in_recovery =
+        ActiveRecord::Base
+          .connection
+          .execute('SELECT pg_is_in_recovery()')
+          .first
+          .fetch('pg_is_in_recovery')
 
-        Gitlab::Utils.to_boolean(pg_is_in_recovery)
-      else
-        false
-      end
+      Gitlab::Utils.to_boolean(pg_is_in_recovery)
     end
 
     def self.db_read_write?
@@ -118,51 +117,23 @@ module Gitlab
     end
 
     def self.nulls_last_order(field, direction = 'ASC')
-      order = "#{field} #{direction}"
-
-      if postgresql?
-        order = "#{order} NULLS LAST"
-      else
-        # `field IS NULL` will be `0` for non-NULL columns and `1` for NULL
-        # columns. In the (default) ascending order, `0` comes first.
-        order = "#{field} IS NULL, #{order}" if direction == 'ASC'
-      end
-
-      Arel.sql(order)
+      Arel.sql("#{field} #{direction} NULLS LAST")
     end
 
     def self.nulls_first_order(field, direction = 'ASC')
-      order = "#{field} #{direction}"
-
-      if postgresql?
-        order = "#{order} NULLS FIRST"
-      else
-        # `field IS NULL` will be `0` for non-NULL columns and `1` for NULL
-        # columns. In the (default) ascending order, `0` comes first.
-        order = "#{field} IS NULL, #{order}" if direction == 'DESC'
-      end
-
-      Arel.sql(order)
+      Arel.sql("#{field} #{direction} NULLS FIRST")
     end
 
     def self.random
-      postgresql? ? "RANDOM()" : "RAND()"
+      "RANDOM()"
     end
 
     def self.true_value
-      if postgresql?
-        "'t'"
-      else
-        1
-      end
+      "'t'"
     end
 
     def self.false_value
-      if postgresql?
-        "'f'"
-      else
-        0
-      end
+      "'f'"
     end
 
     def self.with_connection_pool(pool_size)
@@ -182,7 +153,7 @@ module Gitlab
     # rows - An Array of Hash instances, each mapping the columns to their
     #        values.
     # return_ids - When set to true the return value will be an Array of IDs of
-    #              the inserted rows, this only works on PostgreSQL.
+    #              the inserted rows
     # disable_quote - A key or an Array of keys to exclude from quoting (You
     #                 become responsible for protection from SQL injection for
     #                 these keys!)
@@ -191,7 +162,6 @@ module Gitlab
 
       keys = rows.first.keys
       columns = keys.map { |key| connection.quote_column_name(key) }
-      return_ids = false if mysql?
 
       disable_quote = Array(disable_quote).to_set
       tuples = rows.map do |row|
@@ -258,11 +228,7 @@ module Gitlab
     def self.database_version
       row = connection.execute("SELECT VERSION()").first
 
-      if postgresql?
-        row['version']
-      else
-        row.first
-      end
+      row['version']
     end
 
     private_class_method :database_version
diff --git a/lib/gitlab/database/date_time.rb b/lib/gitlab/database/date_time.rb
index 79d2caff151..1392b397012 100644
--- a/lib/gitlab/database/date_time.rb
+++ b/lib/gitlab/database/date_time.rb
@@ -7,8 +7,7 @@ module Gitlab
       # the first of the `start_time_attrs` that isn't NULL. `SELECT` the resulting interval
       # along with an alias specified by the `as` parameter.
       #
-      # Note: For MySQL, the interval is returned in seconds.
-      #       For PostgreSQL, the interval is returned as an INTERVAL type.
+      # Note: the interval is returned as an INTERVAL type.
       def subtract_datetimes(query_so_far, start_time_attrs, end_time_attrs, as)
         diff_fn = subtract_datetimes_diff(query_so_far, start_time_attrs, end_time_attrs)
 
@@ -16,17 +15,10 @@ module Gitlab
       end
 
       def subtract_datetimes_diff(query_so_far, start_time_attrs, end_time_attrs)
-        if Gitlab::Database.postgresql?
-          Arel::Nodes::Subtraction.new(
-            Arel::Nodes::NamedFunction.new("COALESCE", Array.wrap(end_time_attrs)),
-            Arel::Nodes::NamedFunction.new("COALESCE", Array.wrap(start_time_attrs)))
-        elsif Gitlab::Database.mysql?
-          Arel::Nodes::NamedFunction.new(
-            "TIMESTAMPDIFF",
-            [Arel.sql('second'),
-             Arel::Nodes::NamedFunction.new("COALESCE", Array.wrap(start_time_attrs)),
-             Arel::Nodes::NamedFunction.new("COALESCE", Array.wrap(end_time_attrs))])
-        end
+        Arel::Nodes::Subtraction.new(
+          Arel::Nodes::NamedFunction.new("COALESCE", Array.wrap(end_time_attrs)),
+          Arel::Nodes::NamedFunction.new("COALESCE", Array.wrap(start_time_attrs))
+        )
       end
     end
   end
diff --git a/lib/gitlab/database/median.rb b/lib/gitlab/database/median.rb
index b8d895dee7d..391c1e85a7d 100644
--- a/lib/gitlab/database/median.rb
+++ b/lib/gitlab/database/median.rb
@@ -17,13 +17,9 @@ module Gitlab
       def extract_median(results)
         result = results.compact.first
 
-        if Gitlab::Database.postgresql?
-          result = result.first.presence
+        result = result.first.presence
 
-          result['median']&.to_f if result
-        elsif Gitlab::Database.mysql?
-          result.to_a.flatten.first
-        end
+        result['median']&.to_f if result
       end
 
       def extract_medians(results)
@@ -34,31 +30,6 @@ module Gitlab
         end
       end
 
-      def mysql_median_datetime_sql(arel_table, query_so_far, column_sym)
-        query = arel_table.from
-                .from(arel_table.project(Arel.sql('*')).order(arel_table[column_sym]).as(arel_table.table_name))
-                .project(average([arel_table[column_sym]], 'median'))
-                .where(
-                  Arel::Nodes::Between.new(
-                    Arel.sql("(select @row_id := @row_id + 1)"),
-                    Arel::Nodes::And.new(
-                      [Arel.sql('@ct/2.0'),
-                       Arel.sql('@ct/2.0 + 1')]
-                    )
-                  )
-                ).
-                # Disallow negative values
-                where(arel_table[column_sym].gteq(0))
-
-        [
-          Arel.sql("CREATE TEMPORARY TABLE IF NOT EXISTS #{query_so_far.to_sql}"),
-          Arel.sql("set @ct := (select count(1) from #{arel_table.table_name});"),
-          Arel.sql("set @row_id := 0;"),
-          query.to_sql,
-          Arel.sql("DROP TEMPORARY TABLE IF EXISTS #{arel_table.table_name};")
-        ]
-      end
-
       def pg_median_datetime_sql(arel_table, query_so_far, column_sym, partition_column = nil)
         # Create a CTE with the column we're operating on, row number (after sorting by the column
         # we're operating on), and count of the table we're operating on (duplicated across) all rows
@@ -113,18 +84,8 @@ module Gitlab
 
       private
 
-      def median_queries(arel_table, query_so_far, column_sym, partition_column = nil)
-        if Gitlab::Database.postgresql?
-          pg_median_datetime_sql(arel_table, query_so_far, column_sym, partition_column)
-        elsif Gitlab::Database.mysql?
-          raise NotSupportedError, "partition_column is not supported for MySQL" if partition_column
-
-          mysql_median_datetime_sql(arel_table, query_so_far, column_sym)
-        end
-      end
-
       def execute_queries(arel_table, query_so_far, column_sym, partition_column = nil)
-        queries = median_queries(arel_table, query_so_far, column_sym, partition_column)
+        queries = pg_median_datetime_sql(arel_table, query_so_far, column_sym, partition_column)
 
         Array.wrap(queries).map { |query| ActiveRecord::Base.connection.execute(query) }
       end
diff --git a/lib/gitlab/database/migration_helpers.rb b/lib/gitlab/database/migration_helpers.rb
index 2ae807697bc..4bd09163bf2 100644
--- a/lib/gitlab/database/migration_helpers.rb
+++ b/lib/gitlab/database/migration_helpers.rb
@@ -68,10 +68,7 @@ module Gitlab
         end
       end
 
-      # Creates a new index, concurrently when supported
-      #
-      # On PostgreSQL this method creates an index concurrently, on MySQL this
-      # creates a regular index.
+      # Creates a new index, concurrently
       #
       # Example:
       #
@@ -85,9 +82,7 @@ module Gitlab
             'in the body of your migration class'
         end
 
-        if Database.postgresql?
-          options = options.merge({ algorithm: :concurrently })
-        end
+        options = options.merge({ algorithm: :concurrently })
 
         if index_exists?(table_name, column_name, options)
           Rails.logger.warn "Index not created because it already exists (this may be due to an aborted migration or similar): table_name: #{table_name}, column_name: #{column_name}" # rubocop:disable Gitlab/RailsLogger
@@ -99,9 +94,7 @@ module Gitlab
         end
       end
 
-      # Removes an existed index, concurrently when supported
-      #
-      # On PostgreSQL this method removes an index concurrently.
+      # Removes an existed index, concurrently
       #
       # Example:
       #
@@ -129,9 +122,7 @@ module Gitlab
         end
       end
 
-      # Removes an existing index, concurrently when supported
-      #
-      # On PostgreSQL this method removes an index concurrently.
+      # Removes an existing index, concurrently
       #
       # Example:
       #
@@ -170,8 +161,7 @@ module Gitlab
 
       # Adds a foreign key with only minimal locking on the tables involved.
       #
-      # This method only requires minimal locking when using PostgreSQL. When
-      # using MySQL this method will use Rails' default `add_foreign_key`.
+      # This method only requires minimal locking
       #
       # source - The source table containing the foreign key.
       # target - The target table the key points to.
@@ -187,27 +177,7 @@ module Gitlab
           raise 'add_concurrent_foreign_key can not be run inside a transaction'
         end
 
-        # While MySQL does allow disabling of foreign keys it has no equivalent
-        # of PostgreSQL's "VALIDATE CONSTRAINT". As a result we'll just fall
-        # back to the normal foreign key procedure.
-        if Database.mysql?
-          if foreign_key_exists?(source, target, column: column)
-            Rails.logger.warn "Foreign key not created because it exists already " \
-              "(this may be due to an aborted migration or similar): " \
-              "source: #{source}, target: #{target}, column: #{column}"
-            return
-          end
-
-          key_options = { column: column, on_delete: on_delete }
-
-          # The MySQL adapter tries to create a foreign key without a name when
-          # `:name` is nil, instead of generating a name for us.
-          key_options[:name] = name if name
-
-          return add_foreign_key(source, target, key_options)
-        else
-          on_delete = 'SET NULL' if on_delete == :nullify
-        end
+        on_delete = 'SET NULL' if on_delete == :nullify
 
         key_name = name || concurrent_foreign_key_name(source, column)
 
@@ -265,7 +235,7 @@ module Gitlab
 
       # Long-running migrations may take more than the timeout allowed by
       # the database. Disable the session's statement timeout to ensure
-      # migrations don't get killed prematurely. (PostgreSQL only)
+      # migrations don't get killed prematurely.
       #
       # There are two possible ways to disable the statement timeout:
       #
@@ -277,15 +247,6 @@ module Gitlab
       # otherwise the statement will still be disabled until connection is dropped
       # or `RESET ALL` is executed
       def disable_statement_timeout
-        # bypass disabled_statement logic when not using postgres, but still execute block when one is given
-        unless Database.postgresql?
-          if block_given?
-            yield
-          end
-
-          return
-        end
-
         if block_given?
           begin
             execute('SET statement_timeout TO 0')
@@ -535,13 +496,12 @@ module Gitlab
         quoted_old = quote_column_name(old_column)
         quoted_new = quote_column_name(new_column)
 
-        if Database.postgresql?
-          install_rename_triggers_for_postgresql(trigger_name, quoted_table,
-                                                 quoted_old, quoted_new)
-        else
-          install_rename_triggers_for_mysql(trigger_name, quoted_table,
-                                            quoted_old, quoted_new)
-        end
+        install_rename_triggers_for_postgresql(
+          trigger_name,
+          quoted_table,
+          quoted_old,
+          quoted_new
+        )
       end
 
       # Changes the type of a column concurrently.
@@ -584,11 +544,7 @@ module Gitlab
 
         check_trigger_permissions!(table)
 
-        if Database.postgresql?
-          remove_rename_triggers_for_postgresql(table, trigger_name)
-        else
-          remove_rename_triggers_for_mysql(trigger_name)
-        end
+        remove_rename_triggers_for_postgresql(table, trigger_name)
 
         remove_column(table, old)
       end
@@ -801,38 +757,12 @@ module Gitlab
         EOF
       end
 
-      # Installs the triggers necessary to perform a concurrent column rename on
-      # MySQL.
-      def install_rename_triggers_for_mysql(trigger, table, old, new)
-        execute <<-EOF.strip_heredoc
-        CREATE TRIGGER #{trigger}_insert
-        BEFORE INSERT
-        ON #{table}
-        FOR EACH ROW
-        SET NEW.#{new} = NEW.#{old}
-        EOF
-
-        execute <<-EOF.strip_heredoc
-        CREATE TRIGGER #{trigger}_update
-        BEFORE UPDATE
-        ON #{table}
-        FOR EACH ROW
-        SET NEW.#{new} = NEW.#{old}
-        EOF
-      end
-
       # Removes the triggers used for renaming a PostgreSQL column concurrently.
       def remove_rename_triggers_for_postgresql(table, trigger)
         execute("DROP TRIGGER IF EXISTS #{trigger} ON #{table}")
         execute("DROP FUNCTION IF EXISTS #{trigger}()")
       end
 
-      # Removes the triggers used for renaming a MySQL column concurrently.
-      def remove_rename_triggers_for_mysql(trigger)
-        execute("DROP TRIGGER IF EXISTS #{trigger}_insert")
-        execute("DROP TRIGGER IF EXISTS #{trigger}_update")
-      end
-
       # Returns the (base) name to use for triggers when renaming columns.
       def rename_trigger_name(table, old, new)
         'trigger_' + Digest::SHA256.hexdigest("#{table}_#{old}_#{new}").first(12)
@@ -882,8 +812,6 @@ module Gitlab
             order: index.orders
           }
 
-          # These options are not supported by MySQL, so we only add them if
-          # they were previously set.
           options[:using] = index.using if index.using
           options[:where] = index.where if index.where
 
@@ -923,26 +851,16 @@ module Gitlab
       end
 
       # This will replace the first occurrence of a string in a column with
-      # the replacement
-      # On postgresql we can use `regexp_replace` for that.
-      # On mysql we find the location of the pattern, and overwrite it
-      # with the replacement
+      # the replacement using `regexp_replace`
       def replace_sql(column, pattern, replacement)
         quoted_pattern = Arel::Nodes::Quoted.new(pattern.to_s)
         quoted_replacement = Arel::Nodes::Quoted.new(replacement.to_s)
 
-        if Database.mysql?
-          locate = Arel::Nodes::NamedFunction
-            .new('locate', [quoted_pattern, column])
-          insert_in_place = Arel::Nodes::NamedFunction
-            .new('insert', [column, locate, pattern.size, quoted_replacement])
+        replace = Arel::Nodes::NamedFunction.new(
+          "regexp_replace", [column, quoted_pattern, quoted_replacement]
+        )
 
-          Arel::Nodes::SqlLiteral.new(insert_in_place.to_sql)
-        else
-          replace = Arel::Nodes::NamedFunction
-            .new("regexp_replace", [column, quoted_pattern, quoted_replacement])
-          Arel::Nodes::SqlLiteral.new(replace.to_sql)
-        end
+        Arel::Nodes::SqlLiteral.new(replace.to_sql)
       end
 
       def remove_foreign_key_if_exists(*args)
@@ -984,11 +902,7 @@ database (#{dbname}) using a super user and running:
 
     ALTER #{user} WITH SUPERUSER
 
-For MySQL you instead need to run:
-
-    GRANT ALL PRIVILEGES ON #{dbname}.* TO #{user}@'%'
-
-Both queries will grant the user super user permissions, ensuring you don't run
+This query will grant the user super user permissions, ensuring you don't run
 into similar problems in the future (e.g. when new tables are created).
           EOF
         end
@@ -1091,10 +1005,6 @@ into similar problems in the future (e.g. when new tables are created).
       # This will include indexes using an expression on the column, for example:
       # `CREATE INDEX CONCURRENTLY index_name ON table (LOWER(column));`
       #
-      # For mysql, it falls back to the default ActiveRecord implementation that
-      # will not find custom indexes. But it will select by name without passing
-      # a column.
-      #
       # We can remove this when upgrading to Rails 5 with an updated `index_exists?`:
       # - https://github.com/rails/rails/commit/edc2b7718725016e988089b5fb6d6fb9d6e16882
       #
@@ -1105,10 +1015,8 @@ into similar problems in the future (e.g. when new tables are created).
         # does not find indexes without passing a column name.
         if indexes(table).map(&:name).include?(index.to_s)
           true
-        elsif Gitlab::Database.postgresql?
-          postgres_exists_by_name?(table, index)
         else
-          false
+          postgres_exists_by_name?(table, index)
         end
       end
 
@@ -1124,10 +1032,6 @@ into similar problems in the future (e.g. when new tables are created).
         connection.select_value(index_sql).to_i > 0
       end
 
-      def mysql_compatible_index_length
-        Gitlab::Database.mysql? ? 20 : nil
-      end
-
       private
 
       def validate_timestamp_column_name!(column_name)
diff --git a/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_base.rb b/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_base.rb
index 60afa4bcd52..565f34b78b7 100644
--- a/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_base.rb
+++ b/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_base.rb
@@ -51,14 +51,10 @@ module Gitlab
             quoted_old_full_path = quote_string(old_full_path)
             quoted_old_wildcard_path = quote_string("#{old_full_path}/%")
 
-            filter = if Database.mysql?
-                       "lower(routes.path) = lower('#{quoted_old_full_path}') "\
-                       "OR routes.path LIKE '#{quoted_old_wildcard_path}'"
-                     else
-                       "routes.id IN "\
-                       "( SELECT routes.id FROM routes WHERE lower(routes.path) = lower('#{quoted_old_full_path}') "\
-                       "UNION SELECT routes.id FROM routes WHERE routes.path ILIKE '#{quoted_old_wildcard_path}' )"
-                     end
+            filter =
+              "routes.id IN "\
+              "( SELECT routes.id FROM routes WHERE lower(routes.path) = lower('#{quoted_old_full_path}') "\
+              "UNION SELECT routes.id FROM routes WHERE routes.path ILIKE '#{quoted_old_wildcard_path}' )"
 
             replace_statement = replace_sql(Route.arel_table[:path],
                                             old_full_path,
diff --git a/lib/gitlab/import/database_helpers.rb b/lib/gitlab/import/database_helpers.rb
index 5b3f30d894a..aaade39dd62 100644
--- a/lib/gitlab/import/database_helpers.rb
+++ b/lib/gitlab/import/database_helpers.rb
@@ -6,9 +6,7 @@ module Gitlab
       # Inserts a raw row and returns the ID of the inserted row.
       #
       # attributes - The attributes/columns to set.
-      # relation - An ActiveRecord::Relation to use for finding the ID of the row
-      #            when using MySQL.
-      # rubocop: disable CodeReuse/ActiveRecord
+      # relation - An ActiveRecord::Relation to use for finding the table name
       def insert_and_return_id(attributes, relation)
         # We use bulk_insert here so we can bypass any queries executed by
         # callbacks or validation rules, as doing this wouldn't scale when
@@ -16,12 +14,8 @@ module Gitlab
         result = Gitlab::Database
                  .bulk_insert(relation.table_name, [attributes], return_ids: true)
 
-        # MySQL doesn't support returning the IDs of a bulk insert in a way that
-        # is not a pain, so in this case we'll issue an extra query instead.
-        result.first ||
-          relation.where(iid: attributes[:iid]).limit(1).pluck(:id).first
+        result.first
       end
-      # rubocop: enable CodeReuse/ActiveRecord
     end
   end
 end
diff --git a/lib/mysql_zero_date.rb b/lib/mysql_zero_date.rb
deleted file mode 100644
index f36610abf8f..00000000000
--- a/lib/mysql_zero_date.rb
+++ /dev/null
@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-# Disable NO_ZERO_DATE mode for mysql in rails 5.
-# We use zero date as a default value
-# (config/initializers/active_record_mysql_timestamp.rb), in
-# Rails 5 using zero date fails by default (https://gitlab.com/gitlab-org/gitlab-ce/-/jobs/75450216)
-# and NO_ZERO_DATE has to be explicitly disabled. Disabling strict mode
-# is not sufficient.
-
-require 'active_record/connection_adapters/abstract_mysql_adapter'
-
-module MysqlZeroDate
-  def configure_connection
-    super
-
-    @connection.query "SET @@SESSION.sql_mode = REPLACE(@@SESSION.sql_mode, 'NO_ZERO_DATE', '');" # rubocop:disable Gitlab/ModuleWithInstanceVariables
-  end
-end
-
-ActiveRecord::ConnectionAdapters::AbstractMysqlAdapter.prepend(MysqlZeroDate)
diff --git a/lib/serializers/json.rb b/lib/serializers/json.rb
index 93cb192087a..1ed5d5dc3f5 100644
--- a/lib/serializers/json.rb
+++ b/lib/serializers/json.rb
@@ -1,32 +1,16 @@
 # frozen_string_literal: true
 
 module Serializers
-  # This serializer exports data as JSON,
-  # it is designed to be used with interwork compatibility between MySQL and PostgreSQL
-  # implementations, as used version of MySQL does not support native json type
-  #
-  # Secondly, the loader makes the resulting hash to have deep indifferent access
+  # Make the resulting hash have deep indifferent access
   class JSON
     class << self
       def dump(obj)
-        # MySQL stores data as text
-        # look at ./config/initializers/ar_mysql_jsonb_support.rb
-        if Gitlab::Database.mysql?
-          obj = ActiveSupport::JSON.encode(obj)
-        end
-
         obj
       end
 
       def load(data)
         return if data.nil?
 
-        # On MySQL we store data as text
-        # look at ./config/initializers/ar_mysql_jsonb_support.rb
-        if Gitlab::Database.mysql?
-          data = ActiveSupport::JSON.decode(data)
-        end
-
         Gitlab::Utils.deep_indifferent_access(data)
       end
     end
diff --git a/lib/support/deploy/deploy.sh b/lib/support/deploy/deploy.sh
index ab46c47d8f5..1f8c915140c 100755
--- a/lib/support/deploy/deploy.sh
+++ b/lib/support/deploy/deploy.sh
@@ -28,7 +28,7 @@ sudo -u git -H git pull origin master
 echo 'Deploy: Bundle and migrate'
 
 # change it to your needs
-sudo -u git -H bundle --without aws development test mysql --deployment
+sudo -u git -H bundle --without aws development test --deployment
 
 sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production
 sudo -u git -H bundle exec rake gitlab:assets:clean RAILS_ENV=production
diff --git a/lib/tasks/gitlab/db.rake b/lib/tasks/gitlab/db.rake
index 4e7a8adbef6..5f2ed5274e4 100644
--- a/lib/tasks/gitlab/db.rake
+++ b/lib/tasks/gitlab/db.rake
@@ -26,12 +26,9 @@ namespace :gitlab do
     task drop_tables: :environment do
       connection = ActiveRecord::Base.connection
 
-      # If MySQL, turn off foreign key checks
-      connection.execute('SET FOREIGN_KEY_CHECKS=0') if Gitlab::Database.mysql?
-
-      # connection.tables is deprecated in MySQLAdapter, but in PostgreSQLAdapter
-      # data_sources returns both views and tables, so use #tables instead
-      tables = Gitlab::Database.mysql? ? connection.data_sources : connection.tables
+      # In PostgreSQLAdapter, data_sources returns both views and tables, so use
+      # #tables instead
+      tables = connection.tables
 
       # Removes the entry from the array
       tables.delete 'schema_migrations'
@@ -40,12 +37,8 @@ namespace :gitlab do
 
       # Drop tables with cascade to avoid dependent table errors
       # PG: http://www.postgresql.org/docs/current/static/ddl-depend.html
-      # MySQL: http://dev.mysql.com/doc/refman/5.7/en/drop-table.html
       # Add `IF EXISTS` because cascade could have already deleted a table.
       tables.each { |t| connection.execute("DROP TABLE IF EXISTS #{connection.quote_table_name(t)} CASCADE") }
-
-      # If MySQL, re-enable foreign key checks
-      connection.execute('SET FOREIGN_KEY_CHECKS=1') if Gitlab::Database.mysql?
     end
 
     desc 'Configures the database by running migrate, or by loading the schema and seeding if needed'
diff --git a/lib/tasks/gitlab/setup.rake b/lib/tasks/gitlab/setup.rake
index e876b23d43f..e763de682f8 100644
--- a/lib/tasks/gitlab/setup.rake
+++ b/lib/tasks/gitlab/setup.rake
@@ -31,7 +31,6 @@ namespace :gitlab do
     terminate_all_connections unless Rails.env.production?
 
     Rake::Task["db:reset"].invoke
-    Rake::Task["add_limits_mysql"].invoke
     Rake::Task["setup_postgresql"].invoke
     Rake::Task["db:seed_fu"].invoke
   rescue Gitlab::TaskAbortedByUserError
diff --git a/lib/tasks/migrate/add_limits_mysql.rake b/lib/tasks/migrate/add_limits_mysql.rake
deleted file mode 100644
index c77fa49d586..00000000000
--- a/lib/tasks/migrate/add_limits_mysql.rake
+++ /dev/null
@@ -1,17 +0,0 @@
-require Rails.root.join('db/migrate/limits_to_mysql')
-require Rails.root.join('db/migrate/markdown_cache_limits_to_mysql')
-require Rails.root.join('db/migrate/merge_request_diff_file_limits_to_mysql')
-require Rails.root.join('db/migrate/limits_ci_build_trace_chunks_raw_data_for_mysql')
-require Rails.root.join('db/migrate/gpg_keys_limits_to_mysql')
-require Rails.root.join('db/migrate/prometheus_metrics_limits_to_mysql')
-
-desc "GitLab | Add limits to strings in mysql database"
-task add_limits_mysql: :environment do
-  puts "Adding limits to schema.rb for mysql"
-  LimitsToMysql.new.up
-  MarkdownCacheLimitsToMysql.new.up
-  MergeRequestDiffFileLimitsToMysql.new.up
-  LimitsCiBuildTraceChunksRawDataForMysql.new.up
-  IncreaseMysqlTextLimitForGpgKeys.new.up
-  PrometheusMetricsLimitsToMysql.new.up
-end
diff --git a/scripts/create_mysql_user.sh b/scripts/create_mysql_user.sh
deleted file mode 100644
index 35f68c581f3..00000000000
--- a/scripts/create_mysql_user.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/bash
-
-mysql --user=root --host=mysql <<EOF
-CREATE USER IF NOT EXISTS 'gitlab'@'%';
-GRANT ALL PRIVILEGES ON gitlabhq_test.* TO 'gitlab'@'%';
-FLUSH PRIVILEGES;
-EOF
diff --git a/spec/features/projects/new_project_spec.rb b/spec/features/projects/new_project_spec.rb
index fe7b4b759a8..7602935b47e 100644
--- a/spec/features/projects/new_project_spec.rb
+++ b/spec/features/projects/new_project_spec.rb
@@ -62,13 +62,7 @@ describe 'New project' do
         find('#import-project-tab').click
       end
 
-      context 'when using postgres', :postgresql do
-        it { expect(page).to have_link('Manifest file') }
-      end
-
-      context 'when using mysql', :mysql do
-        it { expect(page).not_to have_link('Manifest file') }
-      end
+      it { expect(page).to have_link('Manifest file') }
     end
 
     context 'Visibility level selector', :js do
diff --git a/spec/lib/forever_spec.rb b/spec/lib/forever_spec.rb
index b9ffe895bf0..800fa5a6ad6 100644
--- a/spec/lib/forever_spec.rb
+++ b/spec/lib/forever_spec.rb
@@ -4,19 +4,9 @@ describe Forever do
   describe '.date' do
     subject { described_class.date }
 
-    context 'when using PostgreSQL' do
-      it 'returns Postgresql future date' do
-        allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
-
-        expect(subject).to eq(described_class::POSTGRESQL_DATE)
-      end
-    end
-
-    context 'when using MySQL' do
-      it 'returns MySQL future date' do
-        allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
-
-        expect(subject).to eq(described_class::MYSQL_DATE)
+    it 'returns Postgresql future date' do
+      Timecop.travel(Date.new(2999, 12, 31)) do
+        is_expected.to be > Date.today
       end
     end
   end
diff --git a/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb b/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb
index ad61bdeace7..258ab049c0b 100644
--- a/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb
@@ -28,27 +28,7 @@ describe Gitlab::CycleAnalytics::UsageData do
       end
     end
 
-    shared_examples 'a valid usage data result' do
-      it 'returns the aggregated usage data of every selected project' do
-        result = subject.to_json
-
-        expect(result).to have_key(:avg_cycle_analytics)
-
-        CycleAnalytics::LevelBase::STAGES.each do |stage|
-          expect(result[:avg_cycle_analytics]).to have_key(stage)
-
-          stage_values    = result[:avg_cycle_analytics][stage]
-          expected_values = expect_values_per_stage[stage]
-
-          expected_values.each_pair do |op, value|
-            expect(stage_values).to have_key(op)
-            expect(stage_values[op]).to eq(value)
-          end
-        end
-      end
-    end
-
-    context 'when using postgresql', :postgresql do
+    context 'a valid usage data result' do
       let(:expect_values_per_stage) do
         {
           issue: {
@@ -89,51 +69,23 @@ describe Gitlab::CycleAnalytics::UsageData do
         }
       end
 
-      it_behaves_like 'a valid usage data result'
-    end
+      it 'returns the aggregated usage data of every selected project' do
+        result = subject.to_json
 
-    context 'when using mysql', :mysql do
-      let(:expect_values_per_stage) do
-        {
-          issue: {
-            average: nil,
-            sd: 0,
-            missing: 2
-          },
-          plan: {
-            average: nil,
-            sd: 0,
-            missing: 2
-          },
-          code: {
-            average: nil,
-            sd: 0,
-            missing: 2
-          },
-          test: {
-            average: nil,
-            sd: 0,
-            missing: 2
-          },
-          review: {
-            average: nil,
-            sd: 0,
-            missing: 2
-          },
-          staging: {
-            average: nil,
-            sd: 0,
-            missing: 2
-          },
-          production: {
-            average: nil,
-            sd: 0,
-            missing: 2
-          }
-        }
-      end
+        expect(result).to have_key(:avg_cycle_analytics)
+
+        CycleAnalytics::LevelBase::STAGES.each do |stage|
+          expect(result[:avg_cycle_analytics]).to have_key(stage)
 
-      it_behaves_like 'a valid usage data result'
+          stage_values    = result[:avg_cycle_analytics][stage]
+          expected_values = expect_values_per_stage[stage]
+
+          expected_values.each_pair do |op, value|
+            expect(stage_values).to have_key(op)
+            expect(stage_values[op]).to eq(value)
+          end
+        end
+      end
     end
   end
 end
diff --git a/spec/lib/gitlab/database/median_spec.rb b/spec/lib/gitlab/database/median_spec.rb
deleted file mode 100644
index 1b5e30089ce..00000000000
--- a/spec/lib/gitlab/database/median_spec.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-require 'spec_helper'
-
-describe Gitlab::Database::Median do
-  let(:dummy_class) do
-    Class.new do
-      include Gitlab::Database::Median
-    end
-  end
-
-  subject(:median) { dummy_class.new }
-
-  describe '#median_datetimes' do
-    it 'raises NotSupportedError', :mysql do
-      expect { median.median_datetimes(nil, nil, nil, :project_id) }.to raise_error(dummy_class::NotSupportedError, "partition_column is not supported for MySQL")
-    end
-  end
-end
diff --git a/spec/lib/gitlab/database/migration_helpers_spec.rb b/spec/lib/gitlab/database/migration_helpers_spec.rb
index dd0033bbc14..b73828b9554 100644
--- a/spec/lib/gitlab/database/migration_helpers_spec.rb
+++ b/spec/lib/gitlab/database/migration_helpers_spec.rb
@@ -30,85 +30,66 @@ describe Gitlab::Database::MigrationHelpers do
 
     before do
       allow(model).to receive(:transaction_open?).and_return(in_transaction)
+      allow(model).to receive(:disable_statement_timeout)
     end
 
-    context 'using PostgreSQL' do
-      before do
-        allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
-        allow(model).to receive(:disable_statement_timeout)
-      end
-
-      it 'adds "created_at" and "updated_at" fields with the "datetime_with_timezone" data type' do
-        Gitlab::Database::MigrationHelpers::DEFAULT_TIMESTAMP_COLUMNS.each do |column_name|
-          expect(model).to receive(:add_column).with(:foo, column_name, :datetime_with_timezone, { null: false })
-        end
-
-        model.add_timestamps_with_timezone(:foo)
-      end
-
-      it 'can disable the NOT NULL constraint' do
-        Gitlab::Database::MigrationHelpers::DEFAULT_TIMESTAMP_COLUMNS.each do |column_name|
-          expect(model).to receive(:add_column).with(:foo, column_name, :datetime_with_timezone, { null: true })
-        end
-
-        model.add_timestamps_with_timezone(:foo, null: true)
+    it 'adds "created_at" and "updated_at" fields with the "datetime_with_timezone" data type' do
+      Gitlab::Database::MigrationHelpers::DEFAULT_TIMESTAMP_COLUMNS.each do |column_name|
+        expect(model).to receive(:add_column).with(:foo, column_name, :datetime_with_timezone, { null: false })
       end
 
-      it 'can add just one column' do
-        expect(model).to receive(:add_column).with(:foo, :created_at, :datetime_with_timezone, anything)
-        expect(model).not_to receive(:add_column).with(:foo, :updated_at, :datetime_with_timezone, anything)
+      model.add_timestamps_with_timezone(:foo)
+    end
 
-        model.add_timestamps_with_timezone(:foo, columns: [:created_at])
+    it 'can disable the NOT NULL constraint' do
+      Gitlab::Database::MigrationHelpers::DEFAULT_TIMESTAMP_COLUMNS.each do |column_name|
+        expect(model).to receive(:add_column).with(:foo, column_name, :datetime_with_timezone, { null: true })
       end
 
-      it 'can add choice of acceptable columns' do
-        expect(model).to receive(:add_column).with(:foo, :created_at, :datetime_with_timezone, anything)
-        expect(model).to receive(:add_column).with(:foo, :deleted_at, :datetime_with_timezone, anything)
-        expect(model).not_to receive(:add_column).with(:foo, :updated_at, :datetime_with_timezone, anything)
-
-        model.add_timestamps_with_timezone(:foo, columns: [:created_at, :deleted_at])
-      end
+      model.add_timestamps_with_timezone(:foo, null: true)
+    end
 
-      it 'cannot add unacceptable column names' do
-        expect do
-          model.add_timestamps_with_timezone(:foo, columns: [:bar])
-        end.to raise_error %r/Illegal timestamp column name/
-      end
+    it 'can add just one column' do
+      expect(model).to receive(:add_column).with(:foo, :created_at, :datetime_with_timezone, anything)
+      expect(model).not_to receive(:add_column).with(:foo, :updated_at, :datetime_with_timezone, anything)
 
-      context 'in a transaction' do
-        let(:in_transaction) { true }
+      model.add_timestamps_with_timezone(:foo, columns: [:created_at])
+    end
 
-        before do
-          allow(model).to receive(:add_column).with(any_args).and_call_original
-          allow(model).to receive(:add_column)
-            .with(:foo, anything, :datetime_with_timezone, anything)
-            .and_return(nil)
-        end
+    it 'can add choice of acceptable columns' do
+      expect(model).to receive(:add_column).with(:foo, :created_at, :datetime_with_timezone, anything)
+      expect(model).to receive(:add_column).with(:foo, :deleted_at, :datetime_with_timezone, anything)
+      expect(model).not_to receive(:add_column).with(:foo, :updated_at, :datetime_with_timezone, anything)
 
-        it 'cannot add a default value' do
-          expect do
-            model.add_timestamps_with_timezone(:foo, default: :i_cause_an_error)
-          end.to raise_error %r/add_timestamps_with_timezone/
-        end
+      model.add_timestamps_with_timezone(:foo, columns: [:created_at, :deleted_at])
+    end
 
-        it 'can add columns without defaults' do
-          expect do
-            model.add_timestamps_with_timezone(:foo)
-          end.not_to raise_error
-        end
-      end
+    it 'cannot add unacceptable column names' do
+      expect do
+        model.add_timestamps_with_timezone(:foo, columns: [:bar])
+      end.to raise_error %r/Illegal timestamp column name/
     end
 
-    context 'using MySQL' do
+    context 'in a transaction' do
+      let(:in_transaction) { true }
+
       before do
-        allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
+        allow(model).to receive(:add_column).with(any_args).and_call_original
+        allow(model).to receive(:add_column)
+          .with(:foo, anything, :datetime_with_timezone, anything)
+          .and_return(nil)
       end
 
-      it 'adds "created_at" and "updated_at" fields with "datetime_with_timezone" data type' do
-        expect(model).to receive(:add_column).with(:foo, :created_at, :datetime_with_timezone, { null: false })
-        expect(model).to receive(:add_column).with(:foo, :updated_at, :datetime_with_timezone, { null: false })
+      it 'cannot add a default value' do
+        expect do
+          model.add_timestamps_with_timezone(:foo, default: :i_cause_an_error)
+        end.to raise_error %r/add_timestamps_with_timezone/
+      end
 
-        model.add_timestamps_with_timezone(:foo)
+      it 'can add columns without defaults' do
+        expect do
+          model.add_timestamps_with_timezone(:foo)
+        end.not_to raise_error
       end
     end
   end
@@ -117,56 +98,29 @@ describe Gitlab::Database::MigrationHelpers do
     context 'outside a transaction' do
       before do
         allow(model).to receive(:transaction_open?).and_return(false)
+        allow(model).to receive(:disable_statement_timeout).and_call_original
       end
 
-      context 'using PostgreSQL', :postgresql do
-        before do
-          allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
-          allow(model).to receive(:disable_statement_timeout).and_call_original
-        end
-
-        it 'creates the index concurrently' do
-          expect(model).to receive(:add_index)
-            .with(:users, :foo, algorithm: :concurrently)
+      it 'creates the index concurrently' do
+        expect(model).to receive(:add_index)
+          .with(:users, :foo, algorithm: :concurrently)
 
-          model.add_concurrent_index(:users, :foo)
-        end
-
-        it 'creates unique index concurrently' do
-          expect(model).to receive(:add_index)
-            .with(:users, :foo, { algorithm: :concurrently, unique: true })
-
-          model.add_concurrent_index(:users, :foo, unique: true)
-        end
-
-        it 'does nothing if the index exists already' do
-          expect(model).to receive(:index_exists?)
-            .with(:users, :foo, { algorithm: :concurrently, unique: true }).and_return(true)
-          expect(model).not_to receive(:add_index)
-
-          model.add_concurrent_index(:users, :foo, unique: true)
-        end
+        model.add_concurrent_index(:users, :foo)
       end
 
-      context 'using MySQL' do
-        before do
-          allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
-        end
+      it 'creates unique index concurrently' do
+        expect(model).to receive(:add_index)
+          .with(:users, :foo, { algorithm: :concurrently, unique: true })
 
-        it 'creates a regular index' do
-          expect(model).to receive(:add_index)
-            .with(:users, :foo, {})
-
-          model.add_concurrent_index(:users, :foo)
-        end
+        model.add_concurrent_index(:users, :foo, unique: true)
+      end
 
-        it 'does nothing if the index exists already' do
-          expect(model).to receive(:index_exists?)
-            .with(:users, :foo, { unique: true }).and_return(true)
-          expect(model).not_to receive(:add_index)
+      it 'does nothing if the index exists already' do
+        expect(model).to receive(:index_exists?)
+          .with(:users, :foo, { algorithm: :concurrently, unique: true }).and_return(true)
+        expect(model).not_to receive(:add_index)
 
-          model.add_concurrent_index(:users, :foo, unique: true)
-        end
+        model.add_concurrent_index(:users, :foo, unique: true)
       end
     end
 
@@ -186,28 +140,23 @@ describe Gitlab::Database::MigrationHelpers do
         allow(model).to receive(:transaction_open?).and_return(false)
         allow(model).to receive(:index_exists?).and_return(true)
         allow(model).to receive(:disable_statement_timeout).and_call_original
+        allow(model).to receive(:supports_drop_index_concurrently?).and_return(true)
       end
 
-      context 'using PostgreSQL' do
-        before do
-          allow(model).to receive(:supports_drop_index_concurrently?).and_return(true)
-        end
-
-        describe 'by column name' do
-          it 'removes the index concurrently' do
-            expect(model).to receive(:remove_index)
-              .with(:users, { algorithm: :concurrently, column: :foo })
+      describe 'by column name' do
+        it 'removes the index concurrently' do
+          expect(model).to receive(:remove_index)
+            .with(:users, { algorithm: :concurrently, column: :foo })
 
-            model.remove_concurrent_index(:users, :foo)
-          end
+          model.remove_concurrent_index(:users, :foo)
+        end
 
-          it 'does nothing if the index does not exist' do
-            expect(model).to receive(:index_exists?)
-              .with(:users, :foo, { algorithm: :concurrently, unique: true }).and_return(false)
-            expect(model).not_to receive(:remove_index)
+        it 'does nothing if the index does not exist' do
+          expect(model).to receive(:index_exists?)
+            .with(:users, :foo, { algorithm: :concurrently, unique: true }).and_return(false)
+          expect(model).not_to receive(:remove_index)
 
-            model.remove_concurrent_index(:users, :foo, unique: true)
-          end
+          model.remove_concurrent_index(:users, :foo, unique: true)
         end
 
         describe 'by index name' do
@@ -230,17 +179,6 @@ describe Gitlab::Database::MigrationHelpers do
           end
         end
       end
-
-      context 'using MySQL' do
-        it 'removes an index' do
-          expect(Gitlab::Database).to receive(:postgresql?).and_return(false).twice
-
-          expect(model).to receive(:remove_index)
-            .with(:users, { column: :foo })
-
-          model.remove_concurrent_index(:users, :foo)
-        end
-      end
     end
 
     context 'inside a transaction' do
@@ -273,88 +211,44 @@ describe Gitlab::Database::MigrationHelpers do
         allow(model).to receive(:transaction_open?).and_return(false)
       end
 
-      context 'using MySQL' do
-        before do
-          allow(Gitlab::Database).to receive(:mysql?).and_return(true)
-        end
+      it 'creates a concurrent foreign key and validates it' do
+        expect(model).to receive(:disable_statement_timeout).and_call_original
+        expect(model).to receive(:execute).with(/statement_timeout/)
+        expect(model).to receive(:execute).ordered.with(/NOT VALID/)
+        expect(model).to receive(:execute).ordered.with(/VALIDATE CONSTRAINT/)
+        expect(model).to receive(:execute).with(/RESET ALL/)
 
-        it 'creates a regular foreign key' do
-          expect(model).to receive(:add_foreign_key)
-            .with(:projects, :users, column: :user_id, on_delete: :cascade)
-
-          model.add_concurrent_foreign_key(:projects, :users, column: :user_id)
-        end
-
-        it 'allows the use of a custom key name' do
-          expect(model).to receive(:add_foreign_key).with(
-            :projects,
-            :users,
-            column: :user_id,
-            on_delete: :cascade,
-            name: :foo
-          )
-
-          model.add_concurrent_foreign_key(
-            :projects,
-            :users,
-            column: :user_id,
-            name: :foo
-          )
-        end
-
-        it 'does not create a foreign key if it exists already' do
-          expect(model).to receive(:foreign_key_exists?).with(:projects, :users, column: :user_id).and_return(true)
-          expect(model).not_to receive(:add_foreign_key)
-
-          model.add_concurrent_foreign_key(:projects, :users, column: :user_id)
-        end
+        model.add_concurrent_foreign_key(:projects, :users, column: :user_id)
       end
 
-      context 'using PostgreSQL' do
-        before do
-          allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
-          allow(Gitlab::Database).to receive(:mysql?).and_return(false)
-        end
-
-        it 'creates a concurrent foreign key and validates it' do
-          expect(model).to receive(:disable_statement_timeout).and_call_original
-          expect(model).to receive(:execute).with(/statement_timeout/)
-          expect(model).to receive(:execute).ordered.with(/NOT VALID/)
-          expect(model).to receive(:execute).ordered.with(/VALIDATE CONSTRAINT/)
-          expect(model).to receive(:execute).with(/RESET ALL/)
+      it 'appends a valid ON DELETE statement' do
+        expect(model).to receive(:disable_statement_timeout).and_call_original
+        expect(model).to receive(:execute).with(/statement_timeout/)
+        expect(model).to receive(:execute).with(/ON DELETE SET NULL/)
+        expect(model).to receive(:execute).ordered.with(/VALIDATE CONSTRAINT/)
+        expect(model).to receive(:execute).with(/RESET ALL/)
 
-          model.add_concurrent_foreign_key(:projects, :users, column: :user_id)
-        end
-
-        it 'appends a valid ON DELETE statement' do
-          expect(model).to receive(:disable_statement_timeout).and_call_original
-          expect(model).to receive(:execute).with(/statement_timeout/)
-          expect(model).to receive(:execute).with(/ON DELETE SET NULL/)
-          expect(model).to receive(:execute).ordered.with(/VALIDATE CONSTRAINT/)
-          expect(model).to receive(:execute).with(/RESET ALL/)
-
-          model.add_concurrent_foreign_key(:projects, :users,
-                                           column: :user_id,
-                                           on_delete: :nullify)
-        end
+        model.add_concurrent_foreign_key(:projects, :users,
+                                         column: :user_id,
+                                         on_delete: :nullify)
+      end
 
-        it 'does not create a foreign key if it exists already' do
-          expect(model).to receive(:foreign_key_exists?).with(:projects, :users, column: :user_id).and_return(true)
-          expect(model).not_to receive(:execute).with(/ADD CONSTRAINT/)
-          expect(model).to receive(:execute).with(/VALIDATE CONSTRAINT/)
+      it 'does not create a foreign key if it exists already' do
+        expect(model).to receive(:foreign_key_exists?).with(:projects, :users, column: :user_id).and_return(true)
+        expect(model).not_to receive(:execute).with(/ADD CONSTRAINT/)
+        expect(model).to receive(:execute).with(/VALIDATE CONSTRAINT/)
 
-          model.add_concurrent_foreign_key(:projects, :users, column: :user_id)
-        end
+        model.add_concurrent_foreign_key(:projects, :users, column: :user_id)
+      end
 
-        it 'allows the use of a custom key name' do
-          expect(model).to receive(:disable_statement_timeout).and_call_original
-          expect(model).to receive(:execute).with(/statement_timeout/)
-          expect(model).to receive(:execute).ordered.with(/NOT VALID/)
-          expect(model).to receive(:execute).ordered.with(/VALIDATE CONSTRAINT.+foo/)
-          expect(model).to receive(:execute).with(/RESET ALL/)
+      it 'allows the use of a custom key name' do
+        expect(model).to receive(:disable_statement_timeout).and_call_original
+        expect(model).to receive(:execute).with(/statement_timeout/)
+        expect(model).to receive(:execute).ordered.with(/NOT VALID/)
+        expect(model).to receive(:execute).ordered.with(/VALIDATE CONSTRAINT.+foo/)
+        expect(model).to receive(:execute).with(/RESET ALL/)
 
-          model.add_concurrent_foreign_key(:projects, :users, column: :user_id, name: :foo)
-        end
+        model.add_concurrent_foreign_key(:projects, :users, column: :user_id, name: :foo)
       end
     end
   end
@@ -393,48 +287,43 @@ describe Gitlab::Database::MigrationHelpers do
   end
 
   describe '#disable_statement_timeout' do
-    context 'using PostgreSQL' do
-      it 'disables statement timeouts to current transaction only' do
-        expect(Gitlab::Database).to receive(:postgresql?).and_return(true)
+    it 'disables statement timeouts to current transaction only' do
+      expect(model).to receive(:execute).with('SET LOCAL statement_timeout TO 0')
 
-        expect(model).to receive(:execute).with('SET LOCAL statement_timeout TO 0')
+      model.disable_statement_timeout
+    end
 
-        model.disable_statement_timeout
+    # this specs runs without an enclosing transaction (:delete truncation method for db_cleaner)
+    context 'with real environment', :delete do
+      before do
+        model.execute("SET statement_timeout TO '20000'")
       end
 
-      # this specs runs without an enclosing transaction (:delete truncation method for db_cleaner)
-      context 'with real environment', :postgresql, :delete do
-        before do
-          model.execute("SET statement_timeout TO '20000'")
-        end
-
-        after do
-          model.execute('RESET ALL')
-        end
-
-        it 'defines statement to 0 only for current transaction' do
-          expect(model.execute('SHOW statement_timeout').first['statement_timeout']).to eq('20s')
+      after do
+        model.execute('RESET ALL')
+      end
 
-          model.connection.transaction do
-            model.disable_statement_timeout
-            expect(model.execute('SHOW statement_timeout').first['statement_timeout']).to eq('0')
-          end
+      it 'defines statement to 0 only for current transaction' do
+        expect(model.execute('SHOW statement_timeout').first['statement_timeout']).to eq('20s')
 
-          expect(model.execute('SHOW statement_timeout').first['statement_timeout']).to eq('20s')
+        model.connection.transaction do
+          model.disable_statement_timeout
+          expect(model.execute('SHOW statement_timeout').first['statement_timeout']).to eq('0')
         end
+
+        expect(model.execute('SHOW statement_timeout').first['statement_timeout']).to eq('20s')
       end
 
       context 'when passing a blocks' do
         it 'disables statement timeouts on session level and executes the block' do
-          expect(Gitlab::Database).to receive(:postgresql?).and_return(true)
           expect(model).to receive(:execute).with('SET statement_timeout TO 0')
-          expect(model).to receive(:execute).with('RESET ALL')
+          expect(model).to receive(:execute).with('RESET ALL').at_least(:once)
 
           expect { |block| model.disable_statement_timeout(&block) }.to yield_control
         end
 
         # this specs runs without an enclosing transaction (:delete truncation method for db_cleaner)
-        context 'with real environment', :postgresql, :delete do
+        context 'with real environment', :delete do
           before do
             model.execute("SET statement_timeout TO '20000'")
           end
@@ -457,69 +346,17 @@ describe Gitlab::Database::MigrationHelpers do
         end
       end
     end
-
-    context 'using MySQL' do
-      it 'does nothing' do
-        expect(Gitlab::Database).to receive(:postgresql?).and_return(false)
-
-        expect(model).not_to receive(:execute)
-
-        model.disable_statement_timeout
-      end
-
-      context 'when passing a blocks' do
-        it 'executes the block of code' do
-          expect(Gitlab::Database).to receive(:postgresql?).and_return(false)
-
-          expect(model).not_to receive(:execute)
-
-          expect { |block| model.disable_statement_timeout(&block) }.to yield_control
-        end
-      end
-    end
   end
 
   describe '#true_value' do
-    context 'using PostgreSQL' do
-      before do
-        expect(Gitlab::Database).to receive(:postgresql?).and_return(true)
-      end
-
-      it 'returns the appropriate value' do
-        expect(model.true_value).to eq("'t'")
-      end
-    end
-
-    context 'using MySQL' do
-      before do
-        expect(Gitlab::Database).to receive(:postgresql?).and_return(false)
-      end
-
-      it 'returns the appropriate value' do
-        expect(model.true_value).to eq(1)
-      end
+    it 'returns the appropriate value' do
+      expect(model.true_value).to eq("'t'")
     end
   end
 
   describe '#false_value' do
-    context 'using PostgreSQL' do
-      before do
-        expect(Gitlab::Database).to receive(:postgresql?).and_return(true)
-      end
-
-      it 'returns the appropriate value' do
-        expect(model.false_value).to eq("'f'")
-      end
-    end
-
-    context 'using MySQL' do
-      before do
-        expect(Gitlab::Database).to receive(:postgresql?).and_return(false)
-      end
-
-      it 'returns the appropriate value' do
-        expect(model.false_value).to eq(0)
-      end
+    it 'returns the appropriate value' do
+      expect(model.false_value).to eq("'f'")
     end
   end
 
@@ -711,77 +548,37 @@ describe Gitlab::Database::MigrationHelpers do
       before do
         allow(model).to receive(:transaction_open?).and_return(false)
         allow(model).to receive(:column_for).and_return(old_column)
-
-        # Since MySQL and PostgreSQL use different quoting styles we'll just
-        # stub the methods used for this to make testing easier.
-        allow(model).to receive(:quote_column_name) { |name| name.to_s }
-        allow(model).to receive(:quote_table_name) { |name| name.to_s }
       end
 
-      context 'using MySQL' do
-        it 'renames a column concurrently' do
-          allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
+      it 'renames a column concurrently' do
+        expect(model).to receive(:check_trigger_permissions!).with(:users)
 
-          expect(model).to receive(:check_trigger_permissions!).with(:users)
+        expect(model).to receive(:install_rename_triggers_for_postgresql)
+          .with(trigger_name, '"users"', '"old"', '"new"')
 
-          expect(model).to receive(:install_rename_triggers_for_mysql)
-            .with(trigger_name, 'users', 'old', 'new')
+        expect(model).to receive(:add_column)
+          .with(:users, :new, :integer,
+               limit: old_column.limit,
+               precision: old_column.precision,
+               scale: old_column.scale)
 
-          expect(model).to receive(:add_column)
-            .with(:users, :new, :integer,
-                 limit: old_column.limit,
-                 precision: old_column.precision,
-                 scale: old_column.scale)
+        expect(model).to receive(:change_column_default)
+          .with(:users, :new, old_column.default)
 
-          expect(model).to receive(:change_column_default)
-            .with(:users, :new, old_column.default)
-
-          expect(model).to receive(:update_column_in_batches)
+        expect(model).to receive(:update_column_in_batches)
 
-          expect(model).to receive(:change_column_null).with(:users, :new, false)
+        expect(model).to receive(:change_column_null).with(:users, :new, false)
 
-          expect(model).to receive(:copy_indexes).with(:users, :old, :new)
-          expect(model).to receive(:copy_foreign_keys).with(:users, :old, :new)
+        expect(model).to receive(:copy_indexes).with(:users, :old, :new)
+        expect(model).to receive(:copy_foreign_keys).with(:users, :old, :new)
 
-          model.rename_column_concurrently(:users, :old, :new)
-        end
-      end
-
-      context 'using PostgreSQL' do
-        it 'renames a column concurrently' do
-          allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
-
-          expect(model).to receive(:check_trigger_permissions!).with(:users)
-
-          expect(model).to receive(:install_rename_triggers_for_postgresql)
-            .with(trigger_name, 'users', 'old', 'new')
-
-          expect(model).to receive(:add_column)
-            .with(:users, :new, :integer,
-                 limit: old_column.limit,
-                 precision: old_column.precision,
-                 scale: old_column.scale)
-
-          expect(model).to receive(:change_column_default)
-            .with(:users, :new, old_column.default)
-
-          expect(model).to receive(:update_column_in_batches)
-
-          expect(model).to receive(:change_column_null).with(:users, :new, false)
-
-          expect(model).to receive(:copy_indexes).with(:users, :old, :new)
-          expect(model).to receive(:copy_foreign_keys).with(:users, :old, :new)
-
-          model.rename_column_concurrently(:users, :old, :new)
-        end
+        model.rename_column_concurrently(:users, :old, :new)
       end
     end
   end
 
   describe '#cleanup_concurrent_column_rename' do
-    it 'cleans up the renaming procedure for PostgreSQL' do
-      allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
-
+    it 'cleans up the renaming procedure' do
       expect(model).to receive(:check_trigger_permissions!).with(:users)
 
       expect(model).to receive(:remove_rename_triggers_for_postgresql)
@@ -791,19 +588,6 @@ describe Gitlab::Database::MigrationHelpers do
 
       model.cleanup_concurrent_column_rename(:users, :old, :new)
     end
-
-    it 'cleans up the renaming procedure for MySQL' do
-      allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
-
-      expect(model).to receive(:check_trigger_permissions!).with(:users)
-
-      expect(model).to receive(:remove_rename_triggers_for_mysql)
-        .with(/trigger_.{12}/)
-
-      expect(model).to receive(:remove_column).with(:users, :old)
-
-      model.cleanup_concurrent_column_rename(:users, :old, :new)
-    end
   end
 
   describe '#change_column_type_concurrently' do
@@ -839,18 +623,6 @@ describe Gitlab::Database::MigrationHelpers do
     end
   end
 
-  describe '#install_rename_triggers_for_mysql' do
-    it 'installs the triggers for MySQL' do
-      expect(model).to receive(:execute)
-        .with(/CREATE TRIGGER foo_insert.+ON users/m)
-
-      expect(model).to receive(:execute)
-        .with(/CREATE TRIGGER foo_update.+ON users/m)
-
-      model.install_rename_triggers_for_mysql('foo', :users, :old, :new)
-    end
-  end
-
   describe '#remove_rename_triggers_for_postgresql' do
     it 'removes the function and trigger' do
       expect(model).to receive(:execute).with('DROP TRIGGER IF EXISTS foo ON bar')
@@ -860,15 +632,6 @@ describe Gitlab::Database::MigrationHelpers do
     end
   end
 
-  describe '#remove_rename_triggers_for_mysql' do
-    it 'removes the triggers' do
-      expect(model).to receive(:execute).with('DROP TRIGGER IF EXISTS foo_insert')
-      expect(model).to receive(:execute).with('DROP TRIGGER IF EXISTS foo_update')
-
-      model.remove_rename_triggers_for_mysql('foo')
-    end
-  end
-
   describe '#rename_trigger_name' do
     it 'returns a String' do
       expect(model.rename_trigger_name(:users, :foo, :bar))
@@ -1088,26 +851,9 @@ describe Gitlab::Database::MigrationHelpers do
   end
 
   describe '#replace_sql' do
-    context 'using postgres' do
-      before do
-        allow(Gitlab::Database).to receive(:mysql?).and_return(false)
-      end
-
-      it 'builds the sql with correct functions' do
-        expect(model.replace_sql(Arel::Table.new(:users)[:first_name], "Alice", "Eve").to_s)
-          .to include('regexp_replace')
-      end
-    end
-
-    context 'using mysql' do
-      before do
-        allow(Gitlab::Database).to receive(:mysql?).and_return(true)
-      end
-
-      it 'builds the sql with the correct functions' do
-        expect(model.replace_sql(Arel::Table.new(:users)[:first_name], "Alice", "Eve").to_s)
-          .to include('locate', 'insert')
-      end
+    it 'builds the sql with correct functions' do
+      expect(model.replace_sql(Arel::Table.new(:users)[:first_name], "Alice", "Eve").to_s)
+        .to include('regexp_replace')
     end
 
     describe 'results' do
@@ -1464,7 +1210,7 @@ describe Gitlab::Database::MigrationHelpers do
         .to be_falsy
     end
 
-    context 'when an index with a function exists', :postgresql do
+    context 'when an index with a function exists' do
       before do
         ActiveRecord::Base.connection.execute(
           'CREATE INDEX test_index ON projects (LOWER(path));'
diff --git a/spec/lib/gitlab/database_spec.rb b/spec/lib/gitlab/database_spec.rb
index 5f57cd6b825..9e8712266e8 100644
--- a/spec/lib/gitlab/database_spec.rb
+++ b/spec/lib/gitlab/database_spec.rb
@@ -24,21 +24,13 @@ describe Gitlab::Database do
       expect(described_class.human_adapter_name).to eq('PostgreSQL')
     end
 
-    it 'returns MySQL when using MySQL' do
+    it 'returns Unknown when using anything else' do
       allow(described_class).to receive(:postgresql?).and_return(false)
 
-      expect(described_class.human_adapter_name).to eq('MySQL')
+      expect(described_class.human_adapter_name).to eq('Unknown')
     end
   end
 
-  # These are just simple smoke tests to check if the methods work (regardless
-  # of what they may return).
-  describe '.mysql?' do
-    subject { described_class.mysql? }
-
-    it { is_expected.to satisfy { |val| val == true || val == false } }
-  end
-
   describe '.postgresql?' do
     subject { described_class.postgresql? }
 
@@ -52,15 +44,6 @@ describe Gitlab::Database do
       described_class.instance_variable_set(:@version, nil)
     end
 
-    context "on mysql" do
-      it "extracts the version number" do
-        allow(described_class).to receive(:database_version)
-          .and_return("5.7.12-standard")
-
-        expect(described_class.version).to eq '5.7.12-standard'
-      end
-    end
-
     context "on postgresql" do
       it "extracts the version number" do
         allow(described_class).to receive(:database_version)
@@ -80,7 +63,7 @@ describe Gitlab::Database do
   end
 
   describe '.postgresql_9_or_less?' do
-    it 'returns false when using MySQL' do
+    it 'returns false when not using postgresql' do
       allow(described_class).to receive(:postgresql?).and_return(false)
 
       expect(described_class.postgresql_9_or_less?).to eq(false)
@@ -134,7 +117,7 @@ describe Gitlab::Database do
   end
 
   describe '.join_lateral_supported?' do
-    it 'returns false when using MySQL' do
+    it 'returns false when not using postgresql' do
       allow(described_class).to receive(:postgresql?).and_return(false)
 
       expect(described_class.join_lateral_supported?).to eq(false)
@@ -156,7 +139,7 @@ describe Gitlab::Database do
   end
 
   describe '.replication_slots_supported?' do
-    it 'returns false when using MySQL' do
+    it 'returns false when not using postgresql' do
       allow(described_class).to receive(:postgresql?).and_return(false)
 
       expect(described_class.replication_slots_supported?).to eq(false)
@@ -248,43 +231,13 @@ describe Gitlab::Database do
   end
 
   describe '.nulls_last_order' do
-    context 'when using PostgreSQL' do
-      before do
-        expect(described_class).to receive(:postgresql?).and_return(true)
-      end
-
-      it { expect(described_class.nulls_last_order('column', 'ASC')).to eq 'column ASC NULLS LAST'}
-      it { expect(described_class.nulls_last_order('column', 'DESC')).to eq 'column DESC NULLS LAST'}
-    end
-
-    context 'when using MySQL' do
-      before do
-        expect(described_class).to receive(:postgresql?).and_return(false)
-      end
-
-      it { expect(described_class.nulls_last_order('column', 'ASC')).to eq 'column IS NULL, column ASC'}
-      it { expect(described_class.nulls_last_order('column', 'DESC')).to eq 'column DESC'}
-    end
+    it { expect(described_class.nulls_last_order('column', 'ASC')).to eq 'column ASC NULLS LAST'}
+    it { expect(described_class.nulls_last_order('column', 'DESC')).to eq 'column DESC NULLS LAST'}
   end
 
   describe '.nulls_first_order' do
-    context 'when using PostgreSQL' do
-      before do
-        expect(described_class).to receive(:postgresql?).and_return(true)
-      end
-
-      it { expect(described_class.nulls_first_order('column', 'ASC')).to eq 'column ASC NULLS FIRST'}
-      it { expect(described_class.nulls_first_order('column', 'DESC')).to eq 'column DESC NULLS FIRST'}
-    end
-
-    context 'when using MySQL' do
-      before do
-        expect(described_class).to receive(:postgresql?).and_return(false)
-      end
-
-      it { expect(described_class.nulls_first_order('column', 'ASC')).to eq 'column ASC'}
-      it { expect(described_class.nulls_first_order('column', 'DESC')).to eq 'column IS NULL, column DESC'}
-    end
+    it { expect(described_class.nulls_first_order('column', 'ASC')).to eq 'column ASC NULLS FIRST'}
+    it { expect(described_class.nulls_first_order('column', 'DESC')).to eq 'column DESC NULLS FIRST'}
   end
 
   describe '.with_connection_pool' do
@@ -394,10 +347,6 @@ describe Gitlab::Database do
     end
 
     context 'when using PostgreSQL' do
-      before do
-        allow(described_class).to receive(:mysql?).and_return(false)
-      end
-
       it 'allows the returning of the IDs of the inserted rows' do
         result = double(:result, values: [['10']])
 
@@ -463,31 +412,15 @@ describe Gitlab::Database do
   end
 
   describe '#true_value' do
-    it 'returns correct value for PostgreSQL' do
-      expect(described_class).to receive(:postgresql?).and_return(true)
-
+    it 'returns correct value' do
       expect(described_class.true_value).to eq "'t'"
     end
-
-    it 'returns correct value for MySQL' do
-      expect(described_class).to receive(:postgresql?).and_return(false)
-
-      expect(described_class.true_value).to eq 1
-    end
   end
 
   describe '#false_value' do
-    it 'returns correct value for PostgreSQL' do
-      expect(described_class).to receive(:postgresql?).and_return(true)
-
+    it 'returns correct value' do
       expect(described_class.false_value).to eq "'f'"
     end
-
-    it 'returns correct value for MySQL' do
-      expect(described_class).to receive(:postgresql?).and_return(false)
-
-      expect(described_class.false_value).to eq 0
-    end
   end
 
   describe '.read_only?' do
@@ -497,43 +430,33 @@ describe Gitlab::Database do
   end
 
   describe '.db_read_only?' do
-    context 'when using PostgreSQL' do
-      before do
-        allow(ActiveRecord::Base.connection).to receive(:execute).and_call_original
-        allow(described_class).to receive(:postgresql?).and_return(true)
-      end
-
-      it 'detects a read only database' do
-        allow(ActiveRecord::Base.connection).to receive(:execute).with('SELECT pg_is_in_recovery()').and_return([{ "pg_is_in_recovery" => "t" }])
-
-        expect(described_class.db_read_only?).to be_truthy
-      end
+    before do
+      allow(ActiveRecord::Base.connection).to receive(:execute).and_call_original
+      allow(described_class).to receive(:postgresql?).and_return(true)
+    end
 
-      it 'detects a read only database' do
-        allow(ActiveRecord::Base.connection).to receive(:execute).with('SELECT pg_is_in_recovery()').and_return([{ "pg_is_in_recovery" => true }])
+    it 'detects a read only database' do
+      allow(ActiveRecord::Base.connection).to receive(:execute).with('SELECT pg_is_in_recovery()').and_return([{ "pg_is_in_recovery" => "t" }])
 
-        expect(described_class.db_read_only?).to be_truthy
-      end
+      expect(described_class.db_read_only?).to be_truthy
+    end
 
-      it 'detects a read write database' do
-        allow(ActiveRecord::Base.connection).to receive(:execute).with('SELECT pg_is_in_recovery()').and_return([{ "pg_is_in_recovery" => "f" }])
+    it 'detects a read only database' do
+      allow(ActiveRecord::Base.connection).to receive(:execute).with('SELECT pg_is_in_recovery()').and_return([{ "pg_is_in_recovery" => true }])
 
-        expect(described_class.db_read_only?).to be_falsey
-      end
+      expect(described_class.db_read_only?).to be_truthy
+    end
 
-      it 'detects a read write database' do
-        allow(ActiveRecord::Base.connection).to receive(:execute).with('SELECT pg_is_in_recovery()').and_return([{ "pg_is_in_recovery" => false }])
+    it 'detects a read write database' do
+      allow(ActiveRecord::Base.connection).to receive(:execute).with('SELECT pg_is_in_recovery()').and_return([{ "pg_is_in_recovery" => "f" }])
 
-        expect(described_class.db_read_only?).to be_falsey
-      end
+      expect(described_class.db_read_only?).to be_falsey
     end
 
-    context 'when using MySQL' do
-      before do
-        expect(described_class).to receive(:postgresql?).and_return(false)
-      end
+    it 'detects a read write database' do
+      allow(ActiveRecord::Base.connection).to receive(:execute).with('SELECT pg_is_in_recovery()').and_return([{ "pg_is_in_recovery" => false }])
 
-      it { expect(described_class.db_read_only?).to be_falsey }
+      expect(described_class.db_read_only?).to be_falsey
     end
   end
 
diff --git a/spec/lib/gitlab/import/database_helpers_spec.rb b/spec/lib/gitlab/import/database_helpers_spec.rb
index e716155b7d5..3ac34455177 100644
--- a/spec/lib/gitlab/import/database_helpers_spec.rb
+++ b/spec/lib/gitlab/import/database_helpers_spec.rb
@@ -15,32 +15,15 @@ describe Gitlab::Import::DatabaseHelpers do
     let(:attributes) { { iid: 1, title: 'foo' } }
     let(:project) { create(:project) }
 
-    context 'on PostgreSQL' do
-      it 'returns the ID returned by the query' do
-        expect(Gitlab::Database)
-          .to receive(:bulk_insert)
-          .with(Issue.table_name, [attributes], return_ids: true)
-          .and_return([10])
+    it 'returns the ID returned by the query' do
+      expect(Gitlab::Database)
+        .to receive(:bulk_insert)
+        .with(Issue.table_name, [attributes], return_ids: true)
+        .and_return([10])
 
-        id = subject.insert_and_return_id(attributes, project.issues)
+      id = subject.insert_and_return_id(attributes, project.issues)
 
-        expect(id).to eq(10)
-      end
-    end
-
-    context 'on MySQL' do
-      it 'uses a separate query to retrieve the ID' do
-        issue = create(:issue, project: project, iid: attributes[:iid])
-
-        expect(Gitlab::Database)
-          .to receive(:bulk_insert)
-          .with(Issue.table_name, [attributes], return_ids: true)
-          .and_return([])
-
-        id = subject.insert_and_return_id(attributes, project.issues)
-
-        expect(id).to eq(issue.id)
-      end
+      expect(id).to eq(10)
     end
   end
 end
diff --git a/spec/lib/serializers/json_spec.rb b/spec/lib/serializers/json_spec.rb
index 5d59d66e8b8..847a01d186c 100644
--- a/spec/lib/serializers/json_spec.rb
+++ b/spec/lib/serializers/json_spec.rb
@@ -6,24 +6,8 @@ describe Serializers::JSON do
 
     subject { described_class.dump(obj) }
 
-    context 'when MySQL is used' do
-      before do
-        allow(Gitlab::Database).to receive(:adapter_name) { 'mysql2' }
-      end
-
-      it 'encodes as string' do
-        is_expected.to eq('{"key":"value"}')
-      end
-    end
-
-    context 'when PostgreSQL is used' do
-      before do
-        allow(Gitlab::Database).to receive(:adapter_name) { 'postgresql' }
-      end
-
-      it 'returns a hash' do
-        is_expected.to eq(obj)
-      end
+    it 'returns a hash' do
+      is_expected.to eq(obj)
     end
   end
 
@@ -31,7 +15,13 @@ describe Serializers::JSON do
     let(:data_string) { '{"key":"value","variables":[{"key":"VAR1","value":"VALUE1"}]}' }
     let(:data_hash) { JSON.parse(data_string) }
 
-    shared_examples 'having consistent accessor' do
+    context 'when loading a hash' do
+      subject { described_class.load(data_hash) }
+
+      it 'decodes a string' do
+        is_expected.to be_a(Hash)
+      end
+
       it 'allows to access with symbols' do
         expect(subject[:key]).to eq('value')
         expect(subject[:variables].first[:key]).to eq('VAR1')
@@ -43,59 +33,11 @@ describe Serializers::JSON do
       end
     end
 
-    context 'when MySQL is used' do
-      before do
-        allow(Gitlab::Database).to receive(:adapter_name) { 'mysql2' }
-      end
-
-      context 'when loading a string' do
-        subject { described_class.load(data_string) }
-
-        it 'decodes a string' do
-          is_expected.to be_a(Hash)
-        end
-
-        it_behaves_like 'having consistent accessor'
-      end
-
-      context 'when loading a different type' do
-        subject { described_class.load({ key: 'hash' }) }
-
-        it 'raises an exception' do
-          expect { subject }.to raise_error(TypeError)
-        end
-      end
-
-      context 'when loading a nil' do
-        subject { described_class.load(nil) }
-
-        it 'returns nil' do
-          is_expected.to be_nil
-        end
-      end
-    end
-
-    context 'when PostgreSQL is used' do
-      before do
-        allow(Gitlab::Database).to receive(:adapter_name) { 'postgresql' }
-      end
-
-      context 'when loading a hash' do
-        subject { described_class.load(data_hash) }
-
-        it 'decodes a string' do
-          is_expected.to be_a(Hash)
-        end
-
-        it_behaves_like 'having consistent accessor'
-      end
-
-      context 'when loading a nil' do
-        subject { described_class.load(nil) }
+    context 'when loading a nil' do
+      subject { described_class.load(nil) }
 
-        it 'returns nil' do
-          is_expected.to be_nil
-        end
+      it 'returns nil' do
+        is_expected.to be_nil
       end
     end
   end
diff --git a/spec/models/concerns/case_sensitivity_spec.rb b/spec/models/concerns/case_sensitivity_spec.rb
index d6d41a25eac..9819f656f0d 100644
--- a/spec/models/concerns/case_sensitivity_spec.rb
+++ b/spec/models/concerns/case_sensitivity_spec.rb
@@ -28,28 +28,13 @@ describe CaseSensitivity do
         .to contain_exactly(model_1)
     end
 
-    # Using `mysql` & `postgresql` metadata-tags here because both adapters build
-    # the query slightly differently
-    context 'for MySQL', :mysql do
-      it 'builds a simple query' do
-        query = model.iwhere(path: %w(MODEL-1 model-2), name: 'model 1').to_sql
-        expected_query = <<~QRY.strip
-        SELECT `namespaces`.* FROM `namespaces` WHERE (`namespaces`.`path` IN ('MODEL-1', 'model-2')) AND (`namespaces`.`name` = 'model 1')
-        QRY
-
-        expect(query).to eq(expected_query)
-      end
-    end
+    it 'builds a query using LOWER' do
+      query = model.iwhere(path: %w(MODEL-1 model-2), name: 'model 1').to_sql
+      expected_query = <<~QRY.strip
+      SELECT \"namespaces\".* FROM \"namespaces\" WHERE (LOWER(\"namespaces\".\"path\") IN (LOWER('MODEL-1'), LOWER('model-2'))) AND (LOWER(\"namespaces\".\"name\") = LOWER('model 1'))
+      QRY
 
-    context 'for PostgreSQL', :postgresql do
-      it 'builds a query using LOWER' do
-        query = model.iwhere(path: %w(MODEL-1 model-2), name: 'model 1').to_sql
-        expected_query = <<~QRY.strip
-        SELECT \"namespaces\".* FROM \"namespaces\" WHERE (LOWER(\"namespaces\".\"path\") IN (LOWER('MODEL-1'), LOWER('model-2'))) AND (LOWER(\"namespaces\".\"name\") = LOWER('model 1'))
-        QRY
-
-        expect(query).to eq(expected_query)
-      end
+      expect(query).to eq(expected_query)
     end
   end
 end
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index a6fb172e79b..a44b5069ade 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -266,10 +266,6 @@ RSpec.configure do |config|
     example.run if Gitlab::Database.postgresql?
   end
 
-  config.around(:each, :mysql) do |example|
-    example.run if Gitlab::Database.mysql?
-  end
-
   # This makes sure the `ApplicationController#can?` method is stubbed with the
   # original implementation for all view specs.
   config.before(:each, type: :view) do
diff --git a/spec/workers/background_migration_worker_spec.rb b/spec/workers/background_migration_worker_spec.rb
index 746c858609f..e5be8ce0423 100644
--- a/spec/workers/background_migration_worker_spec.rb
+++ b/spec/workers/background_migration_worker_spec.rb
@@ -55,21 +55,13 @@ describe BackgroundMigrationWorker, :sidekiq, :clean_gitlab_redis_shared_state d
   end
 
   describe '#healthy_database?' do
-    context 'using MySQL', :mysql do
-      it 'returns true' do
-        expect(worker.healthy_database?).to eq(true)
-      end
-    end
-
-    context 'using PostgreSQL', :postgresql do
-      context 'when replication lag is too great' do
-        it 'returns false' do
-          allow(Postgresql::ReplicationSlot)
-            .to receive(:lag_too_great?)
-            .and_return(true)
+    context 'when replication lag is too great' do
+      it 'returns false' do
+        allow(Postgresql::ReplicationSlot)
+          .to receive(:lag_too_great?)
+          .and_return(true)
 
-          expect(worker.healthy_database?).to eq(false)
-        end
+        expect(worker.healthy_database?).to eq(false)
       end
 
       context 'when replication lag is small enough' do
-- 
cgit v1.2.1


From b4f695da6b798d2b027edaf21446e0cd68e1a55a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20Coutable?= <remy@rymai.me>
Date: Tue, 23 Jul 2019 17:53:17 +0200
Subject: Increase the Review App deploy timeout to 15 minutes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Rémy Coutable <remy@rymai.me>
---
 scripts/review_apps/review-apps.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/review_apps/review-apps.sh b/scripts/review_apps/review-apps.sh
index bc47884ee45..2b565347f86 100755
--- a/scripts/review_apps/review-apps.sh
+++ b/scripts/review_apps/review-apps.sh
@@ -201,7 +201,7 @@ function deploy() {
 HELM_CMD=$(cat << EOF
   helm upgrade --install \
     --wait \
-    --timeout 600 \
+    --timeout 900 \
     --set releaseOverride="$CI_ENVIRONMENT_SLUG" \
     --set global.appConfig.enableUsagePing=false \
     --set global.imagePullPolicy=Always \
-- 
cgit v1.2.1


From 28d9e87d408da31eae1b7284944083323afa600a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20Coutable?= <remy@rymai.me>
Date: Tue, 23 Jul 2019 18:30:47 +0200
Subject: Stop printing dots while retrieving pod in review-apps.sh
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Rémy Coutable <remy@rymai.me>
---
 scripts/review_apps/review-apps.sh | 2 --
 1 file changed, 2 deletions(-)

diff --git a/scripts/review_apps/review-apps.sh b/scripts/review_apps/review-apps.sh
index bc47884ee45..ab65a13923f 100755
--- a/scripts/review_apps/review-apps.sh
+++ b/scripts/review_apps/review-apps.sh
@@ -69,7 +69,6 @@ function get_pod() {
       break
     fi
 
-    printf "."
     let "elapsed_seconds+=interval"
     sleep ${interval}
   done
@@ -360,7 +359,6 @@ function wait_for_review_app_to_be_accessible() {
       break
     fi
 
-    printf "."
     let "elapsed_seconds+=interval"
     sleep ${interval}
   done
-- 
cgit v1.2.1


From 928b9a105516a53d956666449e8b42974ced3267 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Tue, 23 Jul 2019 10:28:23 -0700
Subject: Add documentation on how to add dependencies to yarn

Danger constantly warns about de-duplicating dependencies, so put these
instructions in the documentation so they can be searched.
---
 doc/development/new_fe_guide/dependencies.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/doc/development/new_fe_guide/dependencies.md b/doc/development/new_fe_guide/dependencies.md
index 12a4f089d41..8a6930acd37 100644
--- a/doc/development/new_fe_guide/dependencies.md
+++ b/doc/development/new_fe_guide/dependencies.md
@@ -15,6 +15,18 @@ Exceptions are made for some tools that we require in the
 `gitlab:assets:compile` CI job such as `webpack-bundle-analyzer` to analyze our
 production assets post-compile.
 
+To add or upgrade a dependency, run:
+
+```sh
+yarn add <your dependency here>
+```
+
+This may introduce duplicate dependencies. To de-duplicate `yarn.lock`, run:
+
+```sh
+node_modules/.bin/yarn-deduplicate --list --strategy fewer yarn.lock && yarn install
+```
+
 ---
 
 > TODO: Add Dependencies
-- 
cgit v1.2.1


From 7b76c8d644624f9a8a05e2e7a39af30c0c0c4ae0 Mon Sep 17 00:00:00 2001
From: Ahmad Sherif <me@ahmadsherif.com>
Date: Wed, 10 Jul 2019 19:34:05 +0200
Subject: Return an ETag headers for the archive endpoint

We use the relative path of the archive to check for archive staleness.
---
 .../projects/repositories_controller.rb            | 60 +++++++++++++++++++---
 app/models/repository.rb                           |  3 ++
 .../unreleased/add-caching-to-archive-endpoint.yml |  5 ++
 .../projects/repositories_controller_spec.rb       | 47 +++++++++++++++++
 4 files changed, 108 insertions(+), 7 deletions(-)
 create mode 100644 changelogs/unreleased/add-caching-to-archive-endpoint.yml

diff --git a/app/controllers/projects/repositories_controller.rb b/app/controllers/projects/repositories_controller.rb
index 3b4215b766e..a51759641e4 100644
--- a/app/controllers/projects/repositories_controller.rb
+++ b/app/controllers/projects/repositories_controller.rb
@@ -6,6 +6,7 @@ class Projects::RepositoriesController < Projects::ApplicationController
   # Authorize
   before_action :require_non_empty_project, except: :create
   before_action :assign_archive_vars, only: :archive
+  before_action :assign_append_sha, only: :archive
   before_action :authorize_download_code!
   before_action :authorize_admin_project!, only: :create
 
@@ -16,19 +17,64 @@ class Projects::RepositoriesController < Projects::ApplicationController
   end
 
   def archive
-    append_sha = params[:append_sha]
+    set_cache_headers
+    return if archive_not_modified?
 
-    if @ref
-      shortname = "#{@project.path}-#{@ref.tr('/', '-')}"
-      append_sha = false if @filename == shortname
-    end
-
-    send_git_archive @repository, ref: @ref, path: params[:path], format: params[:format], append_sha: append_sha
+    send_git_archive @repository, **repo_params
   rescue => ex
     logger.error("#{self.class.name}: #{ex}")
     git_not_found!
   end
 
+  private
+
+  def repo_params
+    @repo_params ||= { ref: @ref, path: params[:path], format: params[:format], append_sha: @append_sha }
+  end
+
+  def set_cache_headers
+    expires_in cache_max_age(archive_metadata['CommitId']), public: project.public?
+    fresh_when(etag: archive_metadata['ArchivePath'])
+  end
+
+  def archive_not_modified?
+    # Check response freshness (Last-Modified and ETag)
+    # against request If-Modified-Since and If-None-Match conditions.
+    request.fresh?(response)
+  end
+
+  def archive_metadata
+    @archive_metadata ||= @repository.archive_metadata(
+      @ref,
+      '', # Where archives are stored isn't really important for ETag purposes
+      repo_params[:format],
+      path: repo_params[:path],
+      append_sha: @append_sha
+    )
+  end
+
+  def cache_max_age(commit_id)
+    if @ref == commit_id
+      # This is a link to an archive by a commit SHA. That means that the archive
+      # is immutable. The only reason to invalidate the cache is if the commit
+      # was deleted or if the user lost access to the repository.
+      Repository::ARCHIVE_CACHE_TIME_IMMUTABLE
+    else
+      # A branch or tag points at this archive. That means that the expected archive
+      # content may change over time.
+      Repository::ARCHIVE_CACHE_TIME
+    end
+  end
+
+  def assign_append_sha
+    @append_sha = params[:append_sha]
+
+    if @ref
+      shortname = "#{@project.path}-#{@ref.tr('/', '-')}"
+      @append_sha = false if @filename == shortname
+    end
+  end
+
   def assign_archive_vars
     if params[:id]
       @ref, @filename = extract_ref(params[:id])
diff --git a/app/models/repository.rb b/app/models/repository.rb
index a25d5abfa64..79dd0bab4ec 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -7,6 +7,9 @@ class Repository
   REF_KEEP_AROUND = 'keep-around'.freeze
   REF_ENVIRONMENTS = 'environments'.freeze
 
+  ARCHIVE_CACHE_TIME = 60 # Cache archives referred to by a (mutable) ref for 1 minute
+  ARCHIVE_CACHE_TIME_IMMUTABLE = 3600 # Cache archives referred to by an immutable reference for 1 hour
+
   RESERVED_REFS_NAMES = %W[
     heads
     tags
diff --git a/changelogs/unreleased/add-caching-to-archive-endpoint.yml b/changelogs/unreleased/add-caching-to-archive-endpoint.yml
new file mode 100644
index 00000000000..770ec16e804
--- /dev/null
+++ b/changelogs/unreleased/add-caching-to-archive-endpoint.yml
@@ -0,0 +1,5 @@
+---
+title: Return an ETag header for the archive endpoint
+merge_request: 30581
+author:
+type: added
diff --git a/spec/controllers/projects/repositories_controller_spec.rb b/spec/controllers/projects/repositories_controller_spec.rb
index 8fca9e680dd..fcab4d73dca 100644
--- a/spec/controllers/projects/repositories_controller_spec.rb
+++ b/spec/controllers/projects/repositories_controller_spec.rb
@@ -77,6 +77,53 @@ describe Projects::RepositoriesController do
           expect(response).to have_gitlab_http_status(404)
         end
       end
+
+      describe 'caching' do
+        it 'sets appropriate caching headers' do
+          get_archive
+
+          expect(response).to have_gitlab_http_status(200)
+          expect(response.header['ETag']).to be_present
+          expect(response.header['Cache-Control']).to include('max-age=60, private')
+        end
+
+        context 'when project is public' do
+          let(:project) { create(:project, :repository, :public) }
+
+          it 'sets appropriate caching headers' do
+            get_archive
+
+            expect(response).to have_gitlab_http_status(200)
+            expect(response.header['ETag']).to be_present
+            expect(response.header['Cache-Control']).to include('max-age=60, public')
+          end
+        end
+
+        context 'when ref is a commit SHA' do
+          it 'max-age is set to 3600 in Cache-Control header' do
+            get_archive('ddd0f15ae83993f5cb66a927a28673882e99100b')
+
+            expect(response).to have_gitlab_http_status(200)
+            expect(response.header['Cache-Control']).to include('max-age=3600')
+          end
+        end
+
+        context 'when If-None-Modified header is set' do
+          it 'returns a 304 status' do
+            # Get the archive cached first
+            get_archive
+
+            request.headers['If-None-Match'] = response.headers['ETag']
+            get_archive
+
+            expect(response).to have_gitlab_http_status(304)
+          end
+        end
+
+        def get_archive(id = 'feature')
+          get :archive, params: { namespace_id: project.namespace, project_id: project, id: id }, format: 'zip'
+        end
+      end
     end
   end
 end
-- 
cgit v1.2.1


From e1219ad44e553f3472faddce559ea9f92f64240e Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Tue, 23 Jul 2019 06:42:42 -0700
Subject: Update Mermaid to v8.2.3

This fixes fill colors not working with Mermaid and pulls
in a number of other fixes.

* https://github.com/knsv/mermaid/blob/master/CHANGELOG.md
* https://github.com/knsv/mermaid/#special-note-regarding-version-82

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/64601
---
 .../behaviors/markdown/render_mermaid.js           |    1 +
 changelogs/unreleased/sh-update-mermaid.yml        |    5 +
 package.json                                       |    2 +-
 .../features/issues/user_comments_on_issue_spec.rb |    5 +-
 yarn.lock                                          | 1793 ++++++++++++++++----
 5 files changed, 1506 insertions(+), 300 deletions(-)
 create mode 100644 changelogs/unreleased/sh-update-mermaid.yml

diff --git a/app/assets/javascripts/behaviors/markdown/render_mermaid.js b/app/assets/javascripts/behaviors/markdown/render_mermaid.js
index dbc28beffbe..27708504791 100644
--- a/app/assets/javascripts/behaviors/markdown/render_mermaid.js
+++ b/app/assets/javascripts/behaviors/markdown/render_mermaid.js
@@ -33,6 +33,7 @@ export default function renderMermaid($els) {
         flowchart: {
           htmlLabels: false,
         },
+        securityLevel: 'strict',
       });
 
       $els.each((i, el) => {
diff --git a/changelogs/unreleased/sh-update-mermaid.yml b/changelogs/unreleased/sh-update-mermaid.yml
new file mode 100644
index 00000000000..58d94ec6235
--- /dev/null
+++ b/changelogs/unreleased/sh-update-mermaid.yml
@@ -0,0 +1,5 @@
+---
+title: Update Mermaid to v8.2.3
+merge_request: 30985
+author:
+type: fixed
diff --git a/package.json b/package.json
index ef88d9c658c..3c95091c6ef 100644
--- a/package.json
+++ b/package.json
@@ -96,7 +96,7 @@
     "jszip-utils": "^0.0.2",
     "katex": "^0.10.0",
     "marked": "^0.3.12",
-    "mermaid": "^8.1.0",
+    "mermaid": "^8.2.3",
     "monaco-editor": "^0.15.6",
     "monaco-editor-webpack-plugin": "^1.7.0",
     "mousetrap": "^1.4.6",
diff --git a/spec/features/issues/user_comments_on_issue_spec.rb b/spec/features/issues/user_comments_on_issue_spec.rb
index b4b9a589ba3..4b29f6ee42a 100644
--- a/spec/features/issues/user_comments_on_issue_spec.rb
+++ b/spec/features/issues/user_comments_on_issue_spec.rb
@@ -41,16 +41,17 @@ describe "User comments on issue", :js do
       expect(page.find('pre code').text).to eq code_block_content
     end
 
-    it "does not render html content in mermaid" do
+    it "renders escaped HTML content in Mermaid" do
       html_content = "<img onerror=location=`javascript\\u003aalert\\u0028document.domain\\u0029` src=x>"
       mermaid_content = "graph LR\n  B-->D(#{html_content});"
+      escaped_content = CGI.escapeHTML(html_content).gsub('=', "&equals;")
       comment = "```mermaid\n#{mermaid_content}\n```"
 
       add_note(comment)
 
       wait_for_requests
 
-      expect(page.find('svg.mermaid')).to have_content html_content
+      expect(page.find('svg.mermaid')).to have_content escaped_content
     end
   end
 
diff --git a/yarn.lock b/yarn.lock
index 46d5b1c01da..7d1ef927e9c 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -9,7 +9,7 @@
   dependencies:
     "@babel/highlight" "^7.0.0"
 
-"@babel/core@>=7.2.2", "@babel/core@^7.1.0", "@babel/core@^7.4.4":
+"@babel/core@>=7.2.2", "@babel/core@^7.1.0", "@babel/core@^7.1.2", "@babel/core@^7.4.4":
   version "7.5.5"
   resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.5.5.tgz#17b2686ef0d6bc58f963dddd68ab669755582c30"
   integrity sha512-i4qoSr2KTtce0DmkuuQBV4AuQgGPUcPXMr9L5MyYAtk06z068lQ10a4O009fe5OB/DfNV+h+qqT7ddNV8UnRjg==
@@ -29,7 +29,7 @@
     semver "^5.4.1"
     source-map "^0.5.0"
 
-"@babel/generator@^7.4.0", "@babel/generator@^7.5.5":
+"@babel/generator@^7.1.3", "@babel/generator@^7.4.0", "@babel/generator@^7.5.5":
   version "7.5.5"
   resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.5.5.tgz#873a7f936a3c89491b43536d12245b626664e3cf"
   integrity sha512-ETI/4vyTSxTzGnU2c49XHv2zhExkv9JHLTwDAFz85kmcwuShvYG2H08FwgIguQf4JC75CBnXAUM5PqeF4fj0nQ==
@@ -55,6 +55,14 @@
     "@babel/helper-explode-assignable-expression" "^7.1.0"
     "@babel/types" "^7.0.0"
 
+"@babel/helper-builder-react-jsx@^7.3.0":
+  version "7.3.0"
+  resolved "https://registry.yarnpkg.com/@babel/helper-builder-react-jsx/-/helper-builder-react-jsx-7.3.0.tgz#a1ac95a5d2b3e88ae5e54846bf462eeb81b318a4"
+  integrity sha512-MjA9KgwCuPEkQd9ncSXvSyJ5y+j2sICHyrI0M3L+6fnS4wMSNDc1ARXsbTfbb2cXHn17VisSnU/sHFTCxVxSMw==
+  dependencies:
+    "@babel/types" "^7.3.0"
+    esutils "^2.0.0"
+
 "@babel/helper-call-delegate@^7.4.4":
   version "7.4.4"
   resolved "https://registry.yarnpkg.com/@babel/helper-call-delegate/-/helper-call-delegate-7.4.4.tgz#87c1f8ca19ad552a736a7a27b1c1fcf8b1ff1f43"
@@ -64,26 +72,26 @@
     "@babel/traverse" "^7.4.4"
     "@babel/types" "^7.4.4"
 
-"@babel/helper-create-class-features-plugin@^7.4.4":
-  version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.4.4.tgz#fc3d690af6554cc9efc607364a82d48f58736dba"
-  integrity sha512-UbBHIa2qeAGgyiNR9RszVF7bUHEdgS4JAUNT8SiqrAN6YJVxlOxeLr5pBzb5kan302dejJ9nla4RyKcR1XT6XA==
+"@babel/helper-create-class-features-plugin@^7.4.4", "@babel/helper-create-class-features-plugin@^7.5.5":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.5.5.tgz#401f302c8ddbc0edd36f7c6b2887d8fa1122e5a4"
+  integrity sha512-ZsxkyYiRA7Bg+ZTRpPvB6AbOFKTFFK4LrvTet8lInm0V468MWCaSYJE+I7v2z2r8KNLtYiV+K5kTCnR7dvyZjg==
   dependencies:
     "@babel/helper-function-name" "^7.1.0"
-    "@babel/helper-member-expression-to-functions" "^7.0.0"
+    "@babel/helper-member-expression-to-functions" "^7.5.5"
     "@babel/helper-optimise-call-expression" "^7.0.0"
     "@babel/helper-plugin-utils" "^7.0.0"
-    "@babel/helper-replace-supers" "^7.4.4"
+    "@babel/helper-replace-supers" "^7.5.5"
     "@babel/helper-split-export-declaration" "^7.4.4"
 
-"@babel/helper-define-map@^7.4.4":
-  version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/helper-define-map/-/helper-define-map-7.4.4.tgz#6969d1f570b46bdc900d1eba8e5d59c48ba2c12a"
-  integrity sha512-IX3Ln8gLhZpSuqHJSnTNBWGDE9kdkTEWl21A/K7PQ00tseBwbqCHTvNLHSBd9M0R5rER4h5Rsvj9vw0R5SieBg==
+"@babel/helper-define-map@^7.5.5":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/helper-define-map/-/helper-define-map-7.5.5.tgz#3dec32c2046f37e09b28c93eb0b103fd2a25d369"
+  integrity sha512-fTfxx7i0B5NJqvUOBBGREnrqbTxRh7zinBANpZXAVDlsZxYdclDp467G1sQ8VZYMnAURY3RpBUAgOYT9GfzHBg==
   dependencies:
     "@babel/helper-function-name" "^7.1.0"
-    "@babel/types" "^7.4.4"
-    lodash "^4.17.11"
+    "@babel/types" "^7.5.5"
+    lodash "^4.17.13"
 
 "@babel/helper-explode-assignable-expression@^7.1.0":
   version "7.1.0"
@@ -116,12 +124,12 @@
   dependencies:
     "@babel/types" "^7.4.4"
 
-"@babel/helper-member-expression-to-functions@^7.0.0":
-  version "7.0.0"
-  resolved "https://registry.yarnpkg.com/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.0.0.tgz#8cd14b0a0df7ff00f009e7d7a436945f47c7a16f"
-  integrity sha512-avo+lm/QmZlv27Zsi0xEor2fKcqWG56D5ae9dzklpIaY7cQMK5N8VSpaNVPPagiqmy7LrEjK1IWdGMOqPu5csg==
+"@babel/helper-member-expression-to-functions@^7.5.5":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.5.5.tgz#1fb5b8ec4453a93c439ee9fe3aeea4a84b76b590"
+  integrity sha512-5qZ3D1uMclSNqYcXqiHoA0meVdv+xUEex9em2fqMnrk/scphGlGgg66zjMrPJESPwrFJ6sbfFQYUSa0Mz7FabA==
   dependencies:
-    "@babel/types" "^7.0.0"
+    "@babel/types" "^7.5.5"
 
 "@babel/helper-module-imports@^7.0.0":
   version "7.0.0"
@@ -172,15 +180,15 @@
     "@babel/traverse" "^7.1.0"
     "@babel/types" "^7.0.0"
 
-"@babel/helper-replace-supers@^7.1.0", "@babel/helper-replace-supers@^7.4.4":
-  version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/helper-replace-supers/-/helper-replace-supers-7.4.4.tgz#aee41783ebe4f2d3ab3ae775e1cc6f1a90cefa27"
-  integrity sha512-04xGEnd+s01nY1l15EuMS1rfKktNF+1CkKmHoErDppjAAZL+IUBZpzT748x262HF7fibaQPhbvWUl5HeSt1EXg==
+"@babel/helper-replace-supers@^7.5.5":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/helper-replace-supers/-/helper-replace-supers-7.5.5.tgz#f84ce43df031222d2bad068d2626cb5799c34bc2"
+  integrity sha512-XvRFWrNnlsow2u7jXDuH4jDDctkxbS7gXssrP4q2nUD606ukXHRvydj346wmNg+zAgpFx4MWf4+usfC93bElJg==
   dependencies:
-    "@babel/helper-member-expression-to-functions" "^7.0.0"
+    "@babel/helper-member-expression-to-functions" "^7.5.5"
     "@babel/helper-optimise-call-expression" "^7.0.0"
-    "@babel/traverse" "^7.4.4"
-    "@babel/types" "^7.4.4"
+    "@babel/traverse" "^7.5.5"
+    "@babel/types" "^7.5.5"
 
 "@babel/helper-simple-access@^7.1.0":
   version "7.1.0"
@@ -197,15 +205,15 @@
   dependencies:
     "@babel/types" "^7.4.4"
 
-"@babel/helper-wrap-function@^7.1.0":
-  version "7.1.0"
-  resolved "https://registry.yarnpkg.com/@babel/helper-wrap-function/-/helper-wrap-function-7.1.0.tgz#8cf54e9190706067f016af8f75cb3df829cc8c66"
-  integrity sha512-R6HU3dete+rwsdAfrOzTlE9Mcpk4RjU3aX3gi9grtmugQY0u79X7eogUvfXA5sI81Mfq1cn6AgxihfN33STjJA==
+"@babel/helper-wrap-function@^7.1.0", "@babel/helper-wrap-function@^7.2.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/helper-wrap-function/-/helper-wrap-function-7.2.0.tgz#c4e0012445769e2815b55296ead43a958549f6fa"
+  integrity sha512-o9fP1BZLLSrYlxYEYyl2aS+Flun5gtjTIG8iln+XuEzQTs0PLagAGSXUcqruJwD5fM48jzIEggCKpIfWTcR7pQ==
   dependencies:
     "@babel/helper-function-name" "^7.1.0"
     "@babel/template" "^7.1.0"
     "@babel/traverse" "^7.1.0"
-    "@babel/types" "^7.0.0"
+    "@babel/types" "^7.2.0"
 
 "@babel/helpers@^7.5.5":
   version "7.5.5"
@@ -225,6 +233,11 @@
     esutils "^2.0.2"
     js-tokens "^4.0.0"
 
+"@babel/parser@7.1.3":
+  version "7.1.3"
+  resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.1.3.tgz#2c92469bac2b7fbff810b67fca07bd138b48af77"
+  integrity sha512-gqmspPZOMW3MIRb9HlrnbZHXI1/KHTOroBwN1NcLL6pWxzqzEKGvRTq0W/PxS45OtQGbaFikSQpkS5zbnsQm2w==
+
 "@babel/parser@^7.0.0", "@babel/parser@^7.1.0", "@babel/parser@^7.4.3", "@babel/parser@^7.4.4", "@babel/parser@^7.5.5":
   version "7.5.5"
   resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.5.5.tgz#02f077ac8817d3df4a832ef59de67565e71cca4b"
@@ -239,15 +252,73 @@
     "@babel/helper-remap-async-to-generator" "^7.1.0"
     "@babel/plugin-syntax-async-generators" "^7.2.0"
 
-"@babel/plugin-proposal-class-properties@^7.4.4":
+"@babel/plugin-proposal-class-properties@^7.1.0", "@babel/plugin-proposal-class-properties@^7.4.4":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-class-properties/-/plugin-proposal-class-properties-7.5.5.tgz#a974cfae1e37c3110e71f3c6a2e48b8e71958cd4"
+  integrity sha512-AF79FsnWFxjlaosgdi421vmYG6/jg79bVD0dpD44QdgobzHKuLZ6S3vl8la9qIeSwGi8i1fS0O1mfuDAAdo1/A==
+  dependencies:
+    "@babel/helper-create-class-features-plugin" "^7.5.5"
+    "@babel/helper-plugin-utils" "^7.0.0"
+
+"@babel/plugin-proposal-decorators@^7.1.2":
   version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-class-properties/-/plugin-proposal-class-properties-7.4.4.tgz#93a6486eed86d53452ab9bab35e368e9461198ce"
-  integrity sha512-WjKTI8g8d5w1Bc9zgwSz2nfrsNQsXcCf9J9cdCvrJV6RF56yztwm4TmJC0MgJ9tvwO9gUA/mcYe89bLdGfiXFg==
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-decorators/-/plugin-proposal-decorators-7.4.4.tgz#de9b2a1a8ab0196f378e2a82f10b6e2a36f21cc0"
+  integrity sha512-z7MpQz3XC/iQJWXH9y+MaWcLPNSMY9RQSthrLzak8R8hCj0fuyNk+Dzi9kfNe/JxxlWQ2g7wkABbgWjW36MTcw==
   dependencies:
     "@babel/helper-create-class-features-plugin" "^7.4.4"
     "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-decorators" "^7.2.0"
 
-"@babel/plugin-proposal-json-strings@^7.2.0":
+"@babel/plugin-proposal-do-expressions@^7.0.0":
+  version "7.5.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-do-expressions/-/plugin-proposal-do-expressions-7.5.0.tgz#ceb594d4a618545b00aa0b5cd61cad4aaaeb7a5a"
+  integrity sha512-xe0QQrhm+DGj6H23a6XtwkJNimy1fo71O/YVBfrfvfSl0fsq9T9dfoQBIY4QceEIdUo7u9s7OPEdsWEuizfGeg==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-do-expressions" "^7.2.0"
+
+"@babel/plugin-proposal-dynamic-import@^7.5.0":
+  version "7.5.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-dynamic-import/-/plugin-proposal-dynamic-import-7.5.0.tgz#e532202db4838723691b10a67b8ce509e397c506"
+  integrity sha512-x/iMjggsKTFHYC6g11PL7Qy58IK8H5zqfm9e6hu4z1iH2IRyAp9u9dL80zA6R76yFovETFLKz2VJIC2iIPBuFw==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-dynamic-import" "^7.2.0"
+
+"@babel/plugin-proposal-export-default-from@^7.0.0":
+  version "7.5.2"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-export-default-from/-/plugin-proposal-export-default-from-7.5.2.tgz#2c0ac2dcc36e3b2443fead2c3c5fc796fb1b5145"
+  integrity sha512-wr9Itk05L1/wyyZKVEmXWCdcsp/e185WUNl6AfYZeEKYaUPPvHXRDqO5K1VH7/UamYqGJowFRuCv30aDYZawsg==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-export-default-from" "^7.2.0"
+
+"@babel/plugin-proposal-export-namespace-from@^7.0.0":
+  version "7.5.2"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-export-namespace-from/-/plugin-proposal-export-namespace-from-7.5.2.tgz#ccd5ed05b06d700688ff1db01a9dd27155e0d2a0"
+  integrity sha512-TKUdOL07anjZEbR1iSxb5WFh810KyObdd29XLFLGo1IDsSuGrjH3ouWSbAxHNmrVKzr9X71UYl2dQ7oGGcRp0g==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-export-namespace-from" "^7.2.0"
+
+"@babel/plugin-proposal-function-bind@^7.0.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-function-bind/-/plugin-proposal-function-bind-7.2.0.tgz#94dc2cdc505cafc4e225c0014335a01648056bf7"
+  integrity sha512-qOFJ/eX1Is78sywwTxDcsntLOdb5ZlHVVqUz5xznq8ldAfOVIyZzp1JE2rzHnaksZIhrqMrwIpQL/qcEprnVbw==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-function-bind" "^7.2.0"
+
+"@babel/plugin-proposal-function-sent@^7.1.0":
+  version "7.5.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-function-sent/-/plugin-proposal-function-sent-7.5.0.tgz#39233aa801145e7d8072077cdb2d25f781c1ffd7"
+  integrity sha512-JXdfiQpKoC6UgQliZkp3NX7K3MVec1o1nfTWiCCIORE5ag/QZXhL0aSD8/Y2K+hIHonSTxuJF9rh9zsB6hBi2A==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/helper-wrap-function" "^7.2.0"
+    "@babel/plugin-syntax-function-sent" "^7.2.0"
+
+"@babel/plugin-proposal-json-strings@^7.0.0", "@babel/plugin-proposal-json-strings@^7.2.0":
   version "7.2.0"
   resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-json-strings/-/plugin-proposal-json-strings-7.2.0.tgz#568ecc446c6148ae6b267f02551130891e29f317"
   integrity sha512-MAFV1CA/YVmYwZG0fBQyXhmj0BHCB5egZHCKWIFVv/XCxAeVGIHfos3SwDck4LvCllENIAg7xMKOG5kH0dzyUg==
@@ -255,10 +326,34 @@
     "@babel/helper-plugin-utils" "^7.0.0"
     "@babel/plugin-syntax-json-strings" "^7.2.0"
 
-"@babel/plugin-proposal-object-rest-spread@^7.4.4":
+"@babel/plugin-proposal-logical-assignment-operators@^7.0.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-logical-assignment-operators/-/plugin-proposal-logical-assignment-operators-7.2.0.tgz#8a5cea6c42a7c87446959e02fff5fad012c56f57"
+  integrity sha512-0w797xwdPXKk0m3Js74hDi0mCTZplIu93MOSfb1ZLd/XFe3abWypx1QknVk0J+ohnsjYpvjH4Gwfo2i3RicB6Q==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-logical-assignment-operators" "^7.2.0"
+
+"@babel/plugin-proposal-nullish-coalescing-operator@^7.0.0":
   version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-object-rest-spread/-/plugin-proposal-object-rest-spread-7.4.4.tgz#1ef173fcf24b3e2df92a678f027673b55e7e3005"
-  integrity sha512-dMBG6cSPBbHeEBdFXeQ2QLc5gUpg4Vkaz8octD4aoW/ISO+jBOcsuxYL7bsb5WSu8RLP6boxrBIALEHgoHtO9g==
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-nullish-coalescing-operator/-/plugin-proposal-nullish-coalescing-operator-7.4.4.tgz#41c360d59481d88e0ce3a3f837df10121a769b39"
+  integrity sha512-Amph7Epui1Dh/xxUxS2+K22/MUi6+6JVTvy3P58tja3B6yKTSjwwx0/d83rF7551D6PVSSoplQb8GCwqec7HRw==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-nullish-coalescing-operator" "^7.2.0"
+
+"@babel/plugin-proposal-numeric-separator@^7.0.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-numeric-separator/-/plugin-proposal-numeric-separator-7.2.0.tgz#646854daf4cd22fd6733f6076013a936310443ac"
+  integrity sha512-DohMOGDrZiMKS7LthjUZNNcWl8TAf5BZDwZAH4wpm55FuJTHgfqPGdibg7rZDmont/8Yg0zA03IgT6XLeP+4sg==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-numeric-separator" "^7.2.0"
+
+"@babel/plugin-proposal-object-rest-spread@^7.5.5":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-object-rest-spread/-/plugin-proposal-object-rest-spread-7.5.5.tgz#61939744f71ba76a3ae46b5eea18a54c16d22e58"
+  integrity sha512-F2DxJJSQ7f64FyTVl5cw/9MWn6naXGdk3Q3UhDbFEEHv+EilCPoeRD3Zh/Utx1CJz4uyKlQ4uH+bJPbEhMV7Zw==
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
     "@babel/plugin-syntax-object-rest-spread" "^7.2.0"
@@ -271,6 +366,22 @@
     "@babel/helper-plugin-utils" "^7.0.0"
     "@babel/plugin-syntax-optional-catch-binding" "^7.2.0"
 
+"@babel/plugin-proposal-optional-chaining@^7.0.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-optional-chaining/-/plugin-proposal-optional-chaining-7.2.0.tgz#ae454f4c21c6c2ce8cb2397dc332ae8b420c5441"
+  integrity sha512-ea3Q6edZC/55wEBVZAEz42v528VulyO0eir+7uky/sT4XRcdkWJcFi1aPtitTlwUzGnECWJNExWww1SStt+yWw==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-optional-chaining" "^7.2.0"
+
+"@babel/plugin-proposal-pipeline-operator@^7.0.0":
+  version "7.5.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-pipeline-operator/-/plugin-proposal-pipeline-operator-7.5.0.tgz#4100ec55ef4f6a4c2490b5f5a4f2a22dfa272c06"
+  integrity sha512-HFYuu/yGnkn69ligXxU0ohOVvQDsMNOUJs/c4PYLUVS6ntCYOyGmRQQaSYJARJ9rvc7/ulZKIzxd4wk91hN63A==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-pipeline-operator" "^7.5.0"
+
 "@babel/plugin-proposal-private-methods@^7.4.4":
   version "7.4.4"
   resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-private-methods/-/plugin-proposal-private-methods-7.4.4.tgz#307b7db29d8ae2d259e7c0e6e665b1922d7ac856"
@@ -279,6 +390,14 @@
     "@babel/helper-create-class-features-plugin" "^7.4.4"
     "@babel/helper-plugin-utils" "^7.0.0"
 
+"@babel/plugin-proposal-throw-expressions@^7.0.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-throw-expressions/-/plugin-proposal-throw-expressions-7.2.0.tgz#2d9e452d370f139000e51db65d0a85dc60c64739"
+  integrity sha512-adsydM8DQF4i5DLNO4ySAU5VtHTPewOtNBV3u7F4lNMPADFF9bWQ+iDtUUe8+033cYCUz+bFlQdXQJmJOwoLpw==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-throw-expressions" "^7.2.0"
+
 "@babel/plugin-proposal-unicode-property-regex@^7.4.4":
   version "7.4.4"
   resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-unicode-property-regex/-/plugin-proposal-unicode-property-regex-7.4.4.tgz#501ffd9826c0b91da22690720722ac7cb1ca9c78"
@@ -295,14 +414,63 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
 
-"@babel/plugin-syntax-dynamic-import@^7.2.0":
+"@babel/plugin-syntax-decorators@^7.2.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-decorators/-/plugin-syntax-decorators-7.2.0.tgz#c50b1b957dcc69e4b1127b65e1c33eef61570c1b"
+  integrity sha512-38QdqVoXdHUQfTpZo3rQwqQdWtCn5tMv4uV6r2RMfTqNBuv4ZBhz79SfaQWKTVmxHjeFv/DnXVC/+agHCklYWA==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+
+"@babel/plugin-syntax-do-expressions@^7.2.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-do-expressions/-/plugin-syntax-do-expressions-7.2.0.tgz#f3d4b01be05ecde2892086d7cfd5f1fa1ead5a2a"
+  integrity sha512-/u4rJ+XEmZkIhspVuKRS+7WLvm7Dky9j9TvGK5IgId8B3FKir9MG+nQxDZ9xLn10QMBvW58dZ6ABe2juSmARjg==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+
+"@babel/plugin-syntax-dynamic-import@^7.0.0", "@babel/plugin-syntax-dynamic-import@^7.2.0":
   version "7.2.0"
   resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-dynamic-import/-/plugin-syntax-dynamic-import-7.2.0.tgz#69c159ffaf4998122161ad8ebc5e6d1f55df8612"
   integrity sha512-mVxuJ0YroI/h/tbFTPGZR8cv6ai+STMKNBq0f8hFxsxWjl94qqhsb+wXbpNMDPU3cfR1TIsVFzU3nXyZMqyK4w==
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
 
-"@babel/plugin-syntax-import-meta@^7.2.0":
+"@babel/plugin-syntax-export-default-from@^7.2.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-export-default-from/-/plugin-syntax-export-default-from-7.2.0.tgz#edd83b7adc2e0d059e2467ca96c650ab6d2f3820"
+  integrity sha512-c7nqUnNST97BWPtoe+Ssi+fJukc9P9/JMZ71IOMNQWza2E+Psrd46N6AEvtw6pqK+gt7ChjXyrw4SPDO79f3Lw==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+
+"@babel/plugin-syntax-export-namespace-from@^7.2.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-export-namespace-from/-/plugin-syntax-export-namespace-from-7.2.0.tgz#8d257838c6b3b779db52c0224443459bd27fb039"
+  integrity sha512-1zGA3UNch6A+A11nIzBVEaE3DDJbjfB+eLIcf0GGOh/BJr/8NxL3546MGhV/r0RhH4xADFIEso39TKCfEMlsGA==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+
+"@babel/plugin-syntax-flow@^7.2.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-flow/-/plugin-syntax-flow-7.2.0.tgz#a765f061f803bc48f240c26f8747faf97c26bf7c"
+  integrity sha512-r6YMuZDWLtLlu0kqIim5o/3TNRAlWb073HwT3e2nKf9I8IIvOggPrnILYPsrrKilmn/mYEMCf/Z07w3yQJF6dg==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+
+"@babel/plugin-syntax-function-bind@^7.2.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-function-bind/-/plugin-syntax-function-bind-7.2.0.tgz#68fe85b0c0da67125f87bf239c68051b06c66309"
+  integrity sha512-/WzU1lLU2l0wDfB42Wkg6tahrmtBbiD8C4H6EGSX0M4GAjzN6JiOpq/Uh8G6GSoR6lPMvhjM0MNiV6znj6y/zg==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+
+"@babel/plugin-syntax-function-sent@^7.2.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-function-sent/-/plugin-syntax-function-sent-7.2.0.tgz#91474d4d400604e4c6cbd4d77cd6cb3b8565576c"
+  integrity sha512-2MOVuJ6IMAifp2cf0RFkHQaOvHpbBYyWCvgtF/WVqXhTd7Bgtov8iXVCadLXp2FN1BrI2EFl+JXuwXy0qr3KoQ==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+
+"@babel/plugin-syntax-import-meta@^7.0.0", "@babel/plugin-syntax-import-meta@^7.2.0":
   version "7.2.0"
   resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-import-meta/-/plugin-syntax-import-meta-7.2.0.tgz#2333ef4b875553a3bcd1e93f8ebc09f5b9213a40"
   integrity sha512-Hq6kFSZD7+PHkmBN8bCpHR6J8QEoCuEV/B38AIQscYjgMZkGlXB7cHNFzP5jR4RCh5545yP1ujHdmO7hAgKtBA==
@@ -316,6 +484,34 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
 
+"@babel/plugin-syntax-jsx@^7.2.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.2.0.tgz#0b85a3b4bc7cdf4cc4b8bf236335b907ca22e7c7"
+  integrity sha512-VyN4QANJkRW6lDBmENzRszvZf3/4AXaj9YR7GwrWeeN9tEBPuXbmDYVU9bYBN0D70zCWVwUy0HWq2553VCb6Hw==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+
+"@babel/plugin-syntax-logical-assignment-operators@^7.2.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.2.0.tgz#fcab7388530e96c6f277ce494c55caa6c141fcfb"
+  integrity sha512-l/NKSlrnvd73/EL540t9hZhcSo4TULBrIPs9Palju8Oc/A8DXDO+xQf04whfeuZLpi8AuIvCAdpKmmubLN4EfQ==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+
+"@babel/plugin-syntax-nullish-coalescing-operator@^7.2.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.2.0.tgz#f75083dfd5ade73e783db729bbd87e7b9efb7624"
+  integrity sha512-lRCEaKE+LTxDQtgbYajI04ddt6WW0WJq57xqkAZ+s11h4YgfRHhVA/Y2VhfPzzFD4qeLHWg32DMp9HooY4Kqlg==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+
+"@babel/plugin-syntax-numeric-separator@^7.2.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.2.0.tgz#7470fe070c2944469a756752a69a6963135018be"
+  integrity sha512-DroeVNkO/BnGpL2R7+ZNZqW+E24aR/4YWxP3Qb15d6lPU8KDzF8HlIUIRCOJRn4X77/oyW4mJY+7FHfY82NLtQ==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+
 "@babel/plugin-syntax-object-rest-spread@^7.0.0", "@babel/plugin-syntax-object-rest-spread@^7.2.0":
   version "7.2.0"
   resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-object-rest-spread/-/plugin-syntax-object-rest-spread-7.2.0.tgz#3b7a3e733510c57e820b9142a6579ac8b0dfad2e"
@@ -330,6 +526,27 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
 
+"@babel/plugin-syntax-optional-chaining@^7.2.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-optional-chaining/-/plugin-syntax-optional-chaining-7.2.0.tgz#a59d6ae8c167e7608eaa443fda9fa8fa6bf21dff"
+  integrity sha512-HtGCtvp5Uq/jH/WNUPkK6b7rufnCPLLlDAFN7cmACoIjaOOiXxUt3SswU5loHqrhtqTsa/WoLQ1OQ1AGuZqaWA==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+
+"@babel/plugin-syntax-pipeline-operator@^7.5.0":
+  version "7.5.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-pipeline-operator/-/plugin-syntax-pipeline-operator-7.5.0.tgz#8ea7c2c22847c797748bf07752722a317079dc1e"
+  integrity sha512-5FVxPiMTMXWk4R7Kq9pt272nDu8VImJdaIzvXFSTcXFbgKWWaOdbic12TvUvl6cK+AE5EgnhwvxuWik4ZYYdzg==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+
+"@babel/plugin-syntax-throw-expressions@^7.2.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-throw-expressions/-/plugin-syntax-throw-expressions-7.2.0.tgz#79001ee2afe1b174b1733cdc2fc69c9a46a0f1f8"
+  integrity sha512-ngwynuqu1Rx0JUS9zxSDuPgW1K8TyVZCi2hHehrL4vyjqE7RGoNHWlZsS7KQT2vw9Yjk4YLa0+KldBXTRdPLRg==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+
 "@babel/plugin-transform-arrow-functions@^7.2.0":
   version "7.2.0"
   resolved "https://registry.yarnpkg.com/@babel/plugin-transform-arrow-functions/-/plugin-transform-arrow-functions-7.2.0.tgz#9aeafbe4d6ffc6563bf8f8372091628f00779550"
@@ -337,10 +554,10 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
 
-"@babel/plugin-transform-async-to-generator@^7.4.4":
-  version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-async-to-generator/-/plugin-transform-async-to-generator-7.4.4.tgz#a3f1d01f2f21cadab20b33a82133116f14fb5894"
-  integrity sha512-YiqW2Li8TXmzgbXw+STsSqPBPFnGviiaSp6CYOq55X8GQ2SGVLrXB6pNid8HkqkZAzOH6knbai3snhP7v0fNwA==
+"@babel/plugin-transform-async-to-generator@^7.5.0":
+  version "7.5.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-async-to-generator/-/plugin-transform-async-to-generator-7.5.0.tgz#89a3848a0166623b5bc481164b5936ab947e887e"
+  integrity sha512-mqvkzwIGkq0bEF1zLRRiTdjfomZJDV33AH3oQzHVGkI2VzEmXLpKKOBvEVaFZBJdN0XTyH38s9j/Kiqr68dggg==
   dependencies:
     "@babel/helper-module-imports" "^7.0.0"
     "@babel/helper-plugin-utils" "^7.0.0"
@@ -353,25 +570,25 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
 
-"@babel/plugin-transform-block-scoping@^7.4.4":
-  version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.4.4.tgz#c13279fabf6b916661531841a23c4b7dae29646d"
-  integrity sha512-jkTUyWZcTrwxu5DD4rWz6rDB5Cjdmgz6z7M7RLXOJyCUkFBawssDGcGh8M/0FTSB87avyJI1HsTwUXp9nKA1PA==
+"@babel/plugin-transform-block-scoping@^7.5.5":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.5.5.tgz#a35f395e5402822f10d2119f6f8e045e3639a2ce"
+  integrity sha512-82A3CLRRdYubkG85lKwhZB0WZoHxLGsJdux/cOVaJCJpvYFl1LVzAIFyRsa7CvXqW8rBM4Zf3Bfn8PHt5DP0Sg==
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
-    lodash "^4.17.11"
+    lodash "^4.17.13"
 
-"@babel/plugin-transform-classes@^7.4.4":
-  version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-classes/-/plugin-transform-classes-7.4.4.tgz#0ce4094cdafd709721076d3b9c38ad31ca715eb6"
-  integrity sha512-/e44eFLImEGIpL9qPxSRat13I5QNRgBLu2hOQJCF7VLy/otSM/sypV1+XaIw5+502RX/+6YaSAPmldk+nhHDPw==
+"@babel/plugin-transform-classes@^7.5.5":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-classes/-/plugin-transform-classes-7.5.5.tgz#d094299d9bd680a14a2a0edae38305ad60fb4de9"
+  integrity sha512-U2htCNK/6e9K7jGyJ++1p5XRU+LJjrwtoiVn9SzRlDT2KubcZ11OOwy3s24TjHxPgxNwonCYP7U2K51uVYCMDg==
   dependencies:
     "@babel/helper-annotate-as-pure" "^7.0.0"
-    "@babel/helper-define-map" "^7.4.4"
+    "@babel/helper-define-map" "^7.5.5"
     "@babel/helper-function-name" "^7.1.0"
     "@babel/helper-optimise-call-expression" "^7.0.0"
     "@babel/helper-plugin-utils" "^7.0.0"
-    "@babel/helper-replace-supers" "^7.4.4"
+    "@babel/helper-replace-supers" "^7.5.5"
     "@babel/helper-split-export-declaration" "^7.4.4"
     globals "^11.1.0"
 
@@ -382,10 +599,10 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
 
-"@babel/plugin-transform-destructuring@^7.4.4":
-  version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-destructuring/-/plugin-transform-destructuring-7.4.4.tgz#9d964717829cc9e4b601fc82a26a71a4d8faf20f"
-  integrity sha512-/aOx+nW0w8eHiEHm+BTERB2oJn5D127iye/SUQl7NjHy0lf+j7h4MKMMSOwdazGq9OxgiNADncE+SRJkCxjZpQ==
+"@babel/plugin-transform-destructuring@^7.5.0":
+  version "7.5.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-destructuring/-/plugin-transform-destructuring-7.5.0.tgz#f6c09fdfe3f94516ff074fe877db7bc9ef05855a"
+  integrity sha512-YbYgbd3TryYYLGyC7ZR+Tq8H/+bCmwoaxHfJHupom5ECstzbRLTch6gOQbhEY9Z4hiCNHEURgq06ykFv9JZ/QQ==
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
 
@@ -398,10 +615,10 @@
     "@babel/helper-regex" "^7.4.4"
     regexpu-core "^4.5.4"
 
-"@babel/plugin-transform-duplicate-keys@^7.2.0":
-  version "7.2.0"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-duplicate-keys/-/plugin-transform-duplicate-keys-7.2.0.tgz#d952c4930f312a4dbfff18f0b2914e60c35530b3"
-  integrity sha512-q+yuxW4DsTjNceUiTzK0L+AfQ0zD9rWaTLiUqHA8p0gxx7lu1EylenfzjeIWNkPy6e/0VG/Wjw9uf9LueQwLOw==
+"@babel/plugin-transform-duplicate-keys@^7.5.0":
+  version "7.5.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-duplicate-keys/-/plugin-transform-duplicate-keys-7.5.0.tgz#c5dbf5106bf84cdf691222c0974c12b1df931853"
+  integrity sha512-igcziksHizyQPlX9gfSjHkE2wmoCH3evvD2qR5w29/Dk0SMKE/eOI7f1HhBdNhR/zxJDqrgpoDTq5YSLH/XMsQ==
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
 
@@ -413,6 +630,14 @@
     "@babel/helper-builder-binary-assignment-operator-visitor" "^7.1.0"
     "@babel/helper-plugin-utils" "^7.0.0"
 
+"@babel/plugin-transform-flow-strip-types@^7.0.0":
+  version "7.4.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-flow-strip-types/-/plugin-transform-flow-strip-types-7.4.4.tgz#d267a081f49a8705fc9146de0768c6b58dccd8f7"
+  integrity sha512-WyVedfeEIILYEaWGAUWzVNyqG4sfsNooMhXWsu/YzOvVGcsnPb5PguysjJqI3t3qiaYj0BR8T2f5njdjTGe44Q==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-flow" "^7.2.0"
+
 "@babel/plugin-transform-for-of@^7.4.4":
   version "7.4.4"
   resolved "https://registry.yarnpkg.com/@babel/plugin-transform-for-of/-/plugin-transform-for-of-7.4.4.tgz#0267fc735e24c808ba173866c6c4d1440fc3c556"
@@ -442,30 +667,33 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
 
-"@babel/plugin-transform-modules-amd@^7.2.0":
-  version "7.2.0"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-amd/-/plugin-transform-modules-amd-7.2.0.tgz#82a9bce45b95441f617a24011dc89d12da7f4ee6"
-  integrity sha512-mK2A8ucqz1qhrdqjS9VMIDfIvvT2thrEsIQzbaTdc5QFzhDjQv2CkJJ5f6BXIkgbmaoax3zBr2RyvV/8zeoUZw==
+"@babel/plugin-transform-modules-amd@^7.5.0":
+  version "7.5.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-amd/-/plugin-transform-modules-amd-7.5.0.tgz#ef00435d46da0a5961aa728a1d2ecff063e4fb91"
+  integrity sha512-n20UsQMKnWrltocZZm24cRURxQnWIvsABPJlw/fvoy9c6AgHZzoelAIzajDHAQrDpuKFFPPcFGd7ChsYuIUMpg==
   dependencies:
     "@babel/helper-module-transforms" "^7.1.0"
     "@babel/helper-plugin-utils" "^7.0.0"
+    babel-plugin-dynamic-import-node "^2.3.0"
 
-"@babel/plugin-transform-modules-commonjs@^7.2.0", "@babel/plugin-transform-modules-commonjs@^7.4.4":
-  version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.4.4.tgz#0bef4713d30f1d78c2e59b3d6db40e60192cac1e"
-  integrity sha512-4sfBOJt58sEo9a2BQXnZq+Q3ZTSAUXyK3E30o36BOGnJ+tvJ6YSxF0PG6kERvbeISgProodWuI9UVG3/FMY6iw==
+"@babel/plugin-transform-modules-commonjs@^7.2.0", "@babel/plugin-transform-modules-commonjs@^7.5.0":
+  version "7.5.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.5.0.tgz#425127e6045231360858eeaa47a71d75eded7a74"
+  integrity sha512-xmHq0B+ytyrWJvQTc5OWAC4ii6Dhr0s22STOoydokG51JjWhyYo5mRPXoi+ZmtHQhZZwuXNN+GG5jy5UZZJxIQ==
   dependencies:
     "@babel/helper-module-transforms" "^7.4.4"
     "@babel/helper-plugin-utils" "^7.0.0"
     "@babel/helper-simple-access" "^7.1.0"
+    babel-plugin-dynamic-import-node "^2.3.0"
 
-"@babel/plugin-transform-modules-systemjs@^7.4.4":
-  version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-systemjs/-/plugin-transform-modules-systemjs-7.4.4.tgz#dc83c5665b07d6c2a7b224c00ac63659ea36a405"
-  integrity sha512-MSiModfILQc3/oqnG7NrP1jHaSPryO6tA2kOMmAQApz5dayPxWiHqmq4sWH2xF5LcQK56LlbKByCd8Aah/OIkQ==
+"@babel/plugin-transform-modules-systemjs@^7.5.0":
+  version "7.5.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-systemjs/-/plugin-transform-modules-systemjs-7.5.0.tgz#e75266a13ef94202db2a0620977756f51d52d249"
+  integrity sha512-Q2m56tyoQWmuNGxEtUyeEkm6qJYFqs4c+XyXH5RAuYxObRNz9Zgj/1g2GMnjYp2EUyEy7YTrxliGCXzecl/vJg==
   dependencies:
     "@babel/helper-hoist-variables" "^7.4.4"
     "@babel/helper-plugin-utils" "^7.0.0"
+    babel-plugin-dynamic-import-node "^2.3.0"
 
 "@babel/plugin-transform-modules-umd@^7.2.0":
   version "7.2.0"
@@ -475,12 +703,12 @@
     "@babel/helper-module-transforms" "^7.1.0"
     "@babel/helper-plugin-utils" "^7.0.0"
 
-"@babel/plugin-transform-named-capturing-groups-regex@^7.4.4":
-  version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-named-capturing-groups-regex/-/plugin-transform-named-capturing-groups-regex-7.4.4.tgz#5611d96d987dfc4a3a81c4383bb173361037d68d"
-  integrity sha512-Ki+Y9nXBlKfhD+LXaRS7v95TtTGYRAf9Y1rTDiE75zf8YQz4GDaWRXosMfJBXxnk88mGFjWdCRIeqDbon7spYA==
+"@babel/plugin-transform-named-capturing-groups-regex@^7.4.5":
+  version "7.4.5"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-named-capturing-groups-regex/-/plugin-transform-named-capturing-groups-regex-7.4.5.tgz#9d269fd28a370258199b4294736813a60bbdd106"
+  integrity sha512-z7+2IsWafTBbjNsOxU/Iv5CvTJlr5w4+HGu1HovKYTtgJ362f7kBcQglkfmlspKKZ3bgrbSGvLfNx++ZJgCWsg==
   dependencies:
-    regexp-tree "^0.1.0"
+    regexp-tree "^0.1.6"
 
 "@babel/plugin-transform-new-target@^7.4.4":
   version "7.4.4"
@@ -489,13 +717,13 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
 
-"@babel/plugin-transform-object-super@^7.2.0":
-  version "7.2.0"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-object-super/-/plugin-transform-object-super-7.2.0.tgz#b35d4c10f56bab5d650047dad0f1d8e8814b6598"
-  integrity sha512-VMyhPYZISFZAqAPVkiYb7dUe2AsVi2/wCT5+wZdsNO31FojQJa9ns40hzZ6U9f50Jlq4w6qwzdBB2uwqZ00ebg==
+"@babel/plugin-transform-object-super@^7.5.5":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-object-super/-/plugin-transform-object-super-7.5.5.tgz#c70021df834073c65eb613b8679cc4a381d1a9f9"
+  integrity sha512-un1zJQAhSosGFBduPgN/YFNvWVpRuHKU7IHBglLoLZsGmruJPOo6pbInneflUdmq7YvSVqhpPs5zdBvLnteltQ==
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
-    "@babel/helper-replace-supers" "^7.1.0"
+    "@babel/helper-replace-supers" "^7.5.5"
 
 "@babel/plugin-transform-parameters@^7.4.4":
   version "7.4.4"
@@ -513,12 +741,44 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
 
-"@babel/plugin-transform-regenerator@^7.4.4":
-  version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-regenerator/-/plugin-transform-regenerator-7.4.4.tgz#5b4da4df79391895fca9e28f99e87e22cfc02072"
-  integrity sha512-Zz3w+pX1SI0KMIiqshFZkwnVGUhDZzpX2vtPzfJBKQQq8WsP/Xy9DNdELWivxcKOCX/Pywge4SiEaPaLtoDT4g==
+"@babel/plugin-transform-react-display-name@^7.0.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-react-display-name/-/plugin-transform-react-display-name-7.2.0.tgz#ebfaed87834ce8dc4279609a4f0c324c156e3eb0"
+  integrity sha512-Htf/tPa5haZvRMiNSQSFifK12gtr/8vwfr+A9y69uF0QcU77AVu4K7MiHEkTxF7lQoHOL0F9ErqgfNEAKgXj7A==
   dependencies:
-    regenerator-transform "^0.13.4"
+    "@babel/helper-plugin-utils" "^7.0.0"
+
+"@babel/plugin-transform-react-jsx-self@^7.0.0":
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-react-jsx-self/-/plugin-transform-react-jsx-self-7.2.0.tgz#461e21ad9478f1031dd5e276108d027f1b5240ba"
+  integrity sha512-v6S5L/myicZEy+jr6ielB0OR8h+EH/1QFx/YJ7c7Ua+7lqsjj/vW6fD5FR9hB/6y7mGbfT4vAURn3xqBxsUcdg==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-jsx" "^7.2.0"
+
+"@babel/plugin-transform-react-jsx-source@^7.0.0":
+  version "7.5.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-react-jsx-source/-/plugin-transform-react-jsx-source-7.5.0.tgz#583b10c49cf057e237085bcbd8cc960bd83bd96b"
+  integrity sha512-58Q+Jsy4IDCZx7kqEZuSDdam/1oW8OdDX8f+Loo6xyxdfg1yF0GE2XNJQSTZCaMol93+FBzpWiPEwtbMloAcPg==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-jsx" "^7.2.0"
+
+"@babel/plugin-transform-react-jsx@^7.0.0":
+  version "7.3.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-react-jsx/-/plugin-transform-react-jsx-7.3.0.tgz#f2cab99026631c767e2745a5368b331cfe8f5290"
+  integrity sha512-a/+aRb7R06WcKvQLOu4/TpjKOdvVEKRLWFpKcNuHhiREPgGRB4TQJxq07+EZLS8LFVYpfq1a5lDUnuMdcCpBKg==
+  dependencies:
+    "@babel/helper-builder-react-jsx" "^7.3.0"
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-syntax-jsx" "^7.2.0"
+
+"@babel/plugin-transform-regenerator@^7.4.5":
+  version "7.4.5"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-regenerator/-/plugin-transform-regenerator-7.4.5.tgz#629dc82512c55cee01341fb27bdfcb210354680f"
+  integrity sha512-gBKRh5qAaCWntnd09S8QC7r3auLCqq5DI6O0DlfoyDjslSBVqBibrMdsqO+Uhmx3+BlOmE/Kw1HFxmGbv0N9dA==
+  dependencies:
+    regenerator-transform "^0.14.0"
 
 "@babel/plugin-transform-reserved-words@^7.2.0":
   version "7.2.0"
@@ -573,46 +833,48 @@
     "@babel/helper-regex" "^7.4.4"
     regexpu-core "^4.5.4"
 
-"@babel/preset-env@^7.4.4":
-  version "7.4.4"
-  resolved "https://registry.yarnpkg.com/@babel/preset-env/-/preset-env-7.4.4.tgz#b6f6825bfb27b3e1394ca3de4f926482722c1d6f"
-  integrity sha512-FU1H+ACWqZZqfw1x2G1tgtSSYSfxJLkpaUQL37CenULFARDo+h4xJoVHzRoHbK+85ViLciuI7ME4WTIhFRBBlw==
+"@babel/preset-env@^7.1.0", "@babel/preset-env@^7.4.4":
+  version "7.5.5"
+  resolved "https://registry.yarnpkg.com/@babel/preset-env/-/preset-env-7.5.5.tgz#bc470b53acaa48df4b8db24a570d6da1fef53c9a"
+  integrity sha512-GMZQka/+INwsMz1A5UEql8tG015h5j/qjptpKY2gJ7giy8ohzU710YciJB5rcKsWGWHiW3RUnHib0E5/m3Tp3A==
   dependencies:
     "@babel/helper-module-imports" "^7.0.0"
     "@babel/helper-plugin-utils" "^7.0.0"
     "@babel/plugin-proposal-async-generator-functions" "^7.2.0"
+    "@babel/plugin-proposal-dynamic-import" "^7.5.0"
     "@babel/plugin-proposal-json-strings" "^7.2.0"
-    "@babel/plugin-proposal-object-rest-spread" "^7.4.4"
+    "@babel/plugin-proposal-object-rest-spread" "^7.5.5"
     "@babel/plugin-proposal-optional-catch-binding" "^7.2.0"
     "@babel/plugin-proposal-unicode-property-regex" "^7.4.4"
     "@babel/plugin-syntax-async-generators" "^7.2.0"
+    "@babel/plugin-syntax-dynamic-import" "^7.2.0"
     "@babel/plugin-syntax-json-strings" "^7.2.0"
     "@babel/plugin-syntax-object-rest-spread" "^7.2.0"
     "@babel/plugin-syntax-optional-catch-binding" "^7.2.0"
     "@babel/plugin-transform-arrow-functions" "^7.2.0"
-    "@babel/plugin-transform-async-to-generator" "^7.4.4"
+    "@babel/plugin-transform-async-to-generator" "^7.5.0"
     "@babel/plugin-transform-block-scoped-functions" "^7.2.0"
-    "@babel/plugin-transform-block-scoping" "^7.4.4"
-    "@babel/plugin-transform-classes" "^7.4.4"
+    "@babel/plugin-transform-block-scoping" "^7.5.5"
+    "@babel/plugin-transform-classes" "^7.5.5"
     "@babel/plugin-transform-computed-properties" "^7.2.0"
-    "@babel/plugin-transform-destructuring" "^7.4.4"
+    "@babel/plugin-transform-destructuring" "^7.5.0"
     "@babel/plugin-transform-dotall-regex" "^7.4.4"
-    "@babel/plugin-transform-duplicate-keys" "^7.2.0"
+    "@babel/plugin-transform-duplicate-keys" "^7.5.0"
     "@babel/plugin-transform-exponentiation-operator" "^7.2.0"
     "@babel/plugin-transform-for-of" "^7.4.4"
     "@babel/plugin-transform-function-name" "^7.4.4"
     "@babel/plugin-transform-literals" "^7.2.0"
     "@babel/plugin-transform-member-expression-literals" "^7.2.0"
-    "@babel/plugin-transform-modules-amd" "^7.2.0"
-    "@babel/plugin-transform-modules-commonjs" "^7.4.4"
-    "@babel/plugin-transform-modules-systemjs" "^7.4.4"
+    "@babel/plugin-transform-modules-amd" "^7.5.0"
+    "@babel/plugin-transform-modules-commonjs" "^7.5.0"
+    "@babel/plugin-transform-modules-systemjs" "^7.5.0"
     "@babel/plugin-transform-modules-umd" "^7.2.0"
-    "@babel/plugin-transform-named-capturing-groups-regex" "^7.4.4"
+    "@babel/plugin-transform-named-capturing-groups-regex" "^7.4.5"
     "@babel/plugin-transform-new-target" "^7.4.4"
-    "@babel/plugin-transform-object-super" "^7.2.0"
+    "@babel/plugin-transform-object-super" "^7.5.5"
     "@babel/plugin-transform-parameters" "^7.4.4"
     "@babel/plugin-transform-property-literals" "^7.2.0"
-    "@babel/plugin-transform-regenerator" "^7.4.4"
+    "@babel/plugin-transform-regenerator" "^7.4.5"
     "@babel/plugin-transform-reserved-words" "^7.2.0"
     "@babel/plugin-transform-shorthand-properties" "^7.2.0"
     "@babel/plugin-transform-spread" "^7.2.0"
@@ -620,13 +882,37 @@
     "@babel/plugin-transform-template-literals" "^7.4.4"
     "@babel/plugin-transform-typeof-symbol" "^7.2.0"
     "@babel/plugin-transform-unicode-regex" "^7.4.4"
-    "@babel/types" "^7.4.4"
-    browserslist "^4.5.2"
-    core-js-compat "^3.0.0"
+    "@babel/types" "^7.5.5"
+    browserslist "^4.6.0"
+    core-js-compat "^3.1.1"
     invariant "^2.2.2"
     js-levenshtein "^1.1.3"
     semver "^5.5.0"
 
+"@babel/preset-flow@^7.0.0":
+  version "7.0.0"
+  resolved "https://registry.yarnpkg.com/@babel/preset-flow/-/preset-flow-7.0.0.tgz#afd764835d9535ec63d8c7d4caf1c06457263da2"
+  integrity sha512-bJOHrYOPqJZCkPVbG1Lot2r5OSsB+iUOaxiHdlOeB1yPWS6evswVHwvkDLZ54WTaTRIk89ds0iHmGZSnxlPejQ==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-transform-flow-strip-types" "^7.0.0"
+
+"@babel/preset-react@^7.0.0":
+  version "7.0.0"
+  resolved "https://registry.yarnpkg.com/@babel/preset-react/-/preset-react-7.0.0.tgz#e86b4b3d99433c7b3e9e91747e2653958bc6b3c0"
+  integrity sha512-oayxyPS4Zj+hF6Et11BwuBkmpgT/zMxyuZgFrMeZID6Hdh3dGlk4sHCAhdBCpuCKW2ppBfl2uCCetlrUIJRY3w==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.0.0"
+    "@babel/plugin-transform-react-display-name" "^7.0.0"
+    "@babel/plugin-transform-react-jsx" "^7.0.0"
+    "@babel/plugin-transform-react-jsx-self" "^7.0.0"
+    "@babel/plugin-transform-react-jsx-source" "^7.0.0"
+
+"@babel/preset-stage-0@^7.0.0":
+  version "7.0.0"
+  resolved "https://registry.yarnpkg.com/@babel/preset-stage-0/-/preset-stage-0-7.0.0.tgz#999aaec79ee8f0a763042c68c06539c97c6e0646"
+  integrity sha512-FBMd0IiARPtH5aaOFUVki6evHiJQiY0pFy7fizyRF7dtwc+el3nwpzvhb9qBNzceG1OIJModG1xpE0DDFjPXwA==
+
 "@babel/standalone@^7.0.0":
   version "7.3.4"
   resolved "https://registry.yarnpkg.com/@babel/standalone/-/standalone-7.3.4.tgz#b622c1e522acef91b2a14f22bdcdd4f935a1a474"
@@ -641,7 +927,7 @@
     "@babel/parser" "^7.4.4"
     "@babel/types" "^7.4.4"
 
-"@babel/traverse@^7.0.0", "@babel/traverse@^7.1.0", "@babel/traverse@^7.4.3", "@babel/traverse@^7.4.4", "@babel/traverse@^7.5.5":
+"@babel/traverse@^7.0.0", "@babel/traverse@^7.1.0", "@babel/traverse@^7.1.4", "@babel/traverse@^7.4.3", "@babel/traverse@^7.4.4", "@babel/traverse@^7.5.5":
   version "7.5.5"
   resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.5.5.tgz#f664f8f368ed32988cd648da9f72d5ca70f165bb"
   integrity sha512-MqB0782whsfffYfSjH4TM+LMjrJnhCNEDMDIjeTpl+ASaUvxcjoiVCo/sM1GhS1pHOXYfWVCYneLjMckuUxDaQ==
@@ -656,7 +942,7 @@
     globals "^11.1.0"
     lodash "^4.17.13"
 
-"@babel/types@^7.0.0", "@babel/types@^7.3.0", "@babel/types@^7.4.0", "@babel/types@^7.4.4", "@babel/types@^7.5.5":
+"@babel/types@^7.0.0", "@babel/types@^7.1.3", "@babel/types@^7.2.0", "@babel/types@^7.3.0", "@babel/types@^7.4.0", "@babel/types@^7.4.4", "@babel/types@^7.5.5":
   version "7.5.5"
   resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.5.5.tgz#97b9f728e182785909aa4ab56264f090a028d18a"
   integrity sha512-s63F9nJioLqOlW3UkyMd+BYhXt44YuaFm/VV0VwuteqjYwRrObkU7ra9pY4wAJR3oXi8hJrMcrcJdO/HH33vtw==
@@ -665,6 +951,11 @@
     lodash "^4.17.13"
     to-fast-properties "^2.0.0"
 
+"@braintree/sanitize-url@^3.1.0":
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/@braintree/sanitize-url/-/sanitize-url-3.1.0.tgz#8ff71d51053cd5ee4981e5a501d80a536244f7fd"
+  integrity sha512-GcIY79elgB+azP74j8vqkiXz8xLFfIzbQJdlwOPisgbKT00tviJQuEghOXSMVxJ00HoYJbGswr4kcllUc4xCcg==
+
 "@cnakazawa/watch@^1.0.3":
   version "1.0.3"
   resolved "https://registry.yarnpkg.com/@cnakazawa/watch/-/watch-1.0.3.tgz#099139eaec7ebf07a27c1786a3ff64f39464d2ef"
@@ -1016,10 +1307,10 @@
   dependencies:
     source-map "^0.6.1"
 
-"@types/unist@*", "@types/unist@^2.0.0":
-  version "2.0.2"
-  resolved "https://registry.yarnpkg.com/@types/unist/-/unist-2.0.2.tgz#5dc0a7f76809b7518c0df58689cd16a19bd751c6"
-  integrity sha512-iHI60IbyfQilNubmxsq4zqSjdynlmc2Q/QvH9kjzg9+CCYVVzq1O6tc7VBzSygIwnmOt07w80IG6HDQvjv3Liw==
+"@types/unist@*", "@types/unist@^2.0.0", "@types/unist@^2.0.2":
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/@types/unist/-/unist-2.0.3.tgz#9c088679876f374eb5983f150d4787aa6fb32d7e"
+  integrity sha512-FvUupuM3rlRsRtCN+fDudtmytGO6iHJuuRKS1Ss0pG5z8oX0diNEw94UEL7hgDbpN94rgaK5R7sWm6RrSkZuAQ==
 
 "@types/vfile-message@*":
   version "1.0.1"
@@ -1239,6 +1530,14 @@
   resolved "https://registry.yarnpkg.com/@yarnpkg/lockfile/-/lockfile-1.1.0.tgz#e77a97fbd345b76d83245edcd17d393b1b41fb31"
   integrity sha512-GpSwvyXOcOOlV70vbnzjj4fW5xW/FdUF6nQEt1ENy7m4ZCczi1+/buVUPAqmGfqznsORNFzUMjctTIp8a9tuCQ==
 
+JSONStream@^1.0.3:
+  version "1.3.5"
+  resolved "https://registry.yarnpkg.com/JSONStream/-/JSONStream-1.3.5.tgz#3208c1f08d3a4d99261ab64f92302bc15e111ca0"
+  integrity sha512-E+iruNOY8VV9s4JEbe1aNEm6MiszPRr/UfcHMz0TQh1BXSxHK+ASV1R6W4HpjBhSeS+54PIsAMCBmwD06LLsqQ==
+  dependencies:
+    jsonparse "^1.2.0"
+    through ">=2.2.7 <3"
+
 abab@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/abab/-/abab-2.0.0.tgz#aba0ab4c5eee2d4c79d3487d85450fb2376ebb0f"
@@ -1280,7 +1579,7 @@ acorn-walk@^6.0.1, acorn-walk@^6.1.1:
   resolved "https://registry.yarnpkg.com/acorn-walk/-/acorn-walk-6.2.0.tgz#123cb8f3b84c2171f1f7fb252615b1c78a6b1a8c"
   integrity sha512-7evsyfH1cLOCdAzZAd43Cic04yKydNx0cF+7tiA19p1XnLLPU4dpCQOqpjqwokFe//vS0QqfqqjCS2JkiIs0cA==
 
-acorn@^5.5.3:
+acorn@^5.2.1, acorn@^5.5.3:
   version "5.7.3"
   resolved "https://registry.yarnpkg.com/acorn/-/acorn-5.7.3.tgz#67aa231bf8812974b85235a96771eb6bd07ea279"
   integrity sha512-T/zvzYRfbVojPWahDsE5evJdHb3oJoQfFbsrKM7w5Zcs++Tr257tia3BmMP8XYVjp1S9RZXQMh7gao96BlqZOw==
@@ -1327,17 +1626,24 @@ ansi-align@^2.0.0:
   dependencies:
     string-width "^2.0.0"
 
-ansi-colors@^3.0.0:
-  version "3.0.5"
-  resolved "https://registry.yarnpkg.com/ansi-colors/-/ansi-colors-3.0.5.tgz#cb9dc64993b64fd6945485f797fc3853137d9a7b"
-  integrity sha512-VVjWpkfaphxUBFarydrQ3n26zX5nIK7hcbT3/ielrvwDDyBBjuh2vuSw1P9zkPq0cfqvdw7lkYHnu+OLSfIBsg==
+ansi-colors@^3.0.0, ansi-colors@^3.2.4:
+  version "3.2.4"
+  resolved "https://registry.yarnpkg.com/ansi-colors/-/ansi-colors-3.2.4.tgz#e3a3da4bfbae6c86a9c285625de124a234026fbf"
+  integrity sha512-hHUXGagefjN2iRrID63xckIvotOXOojhQKWIPUZ4mNUZ9nLZW+7FMNoE1lOkEhNWYsx/7ysGIuJYCiMAA9FnrA==
 
 ansi-escapes@^3.0.0:
   version "3.2.0"
   resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-3.2.0.tgz#8780b98ff9dbf5638152d1f1fe5c1d7b4442976b"
   integrity sha512-cBhpre4ma+U0T1oM5fXg7Dy1Jw7zzwv7lt/GoCpr+hDQJoYnKVPLL4dCvSEFMmQurOQvSrwT7SL/DAlhBI97RQ==
 
-ansi-html@0.0.7:
+ansi-gray@^0.1.1:
+  version "0.1.1"
+  resolved "https://registry.yarnpkg.com/ansi-gray/-/ansi-gray-0.1.1.tgz#2962cf54ec9792c48510a3deb524436861ef7251"
+  integrity sha1-KWLPVOyXksSFEKPetSRDaGHvclE=
+  dependencies:
+    ansi-wrap "0.1.0"
+
+ansi-html@0.0.7, ansi-html@^0.0.7:
   version "0.0.7"
   resolved "https://registry.yarnpkg.com/ansi-html/-/ansi-html-0.0.7.tgz#813584021962a9e9e6fd039f940d12f56ca7859e"
   integrity sha1-gTWEAhliqenm/QOflA0S9WynhZ4=
@@ -1369,6 +1675,11 @@ ansi-styles@^3.2.0, ansi-styles@^3.2.1:
   dependencies:
     color-convert "^1.9.0"
 
+ansi-wrap@0.1.0:
+  version "0.1.0"
+  resolved "https://registry.yarnpkg.com/ansi-wrap/-/ansi-wrap-0.1.0.tgz#a82250ddb0015e9a27ca82e82ea603bbfa45efaf"
+  integrity sha1-qCJQ3bABXponyoLoLqYDu/pF768=
+
 anymatch@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/anymatch/-/anymatch-2.0.0.tgz#bcb24b4f37934d9aa7ac17b4adaf89e7c76ef2eb"
@@ -1473,6 +1784,13 @@ apollo-utilities@1.2.1, apollo-utilities@^1.2.1:
     ts-invariant "^0.2.1"
     tslib "^1.9.3"
 
+append-buffer@^1.0.2:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/append-buffer/-/append-buffer-1.0.2.tgz#d8220cf466081525efea50614f3de6514dfa58f1"
+  integrity sha1-2CIM9GYIFSXv6lBhTz3mUU36WPE=
+  dependencies:
+    buffer-equal "^1.0.0"
+
 append-transform@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/append-transform/-/append-transform-1.0.0.tgz#046a52ae582a228bd72f58acfbe2967c678759ab"
@@ -1744,10 +2062,10 @@ babel-loader@^8.0.5:
     mkdirp "^0.5.1"
     util.promisify "^1.0.0"
 
-babel-plugin-dynamic-import-node@^2.2.0:
-  version "2.2.0"
-  resolved "https://registry.yarnpkg.com/babel-plugin-dynamic-import-node/-/babel-plugin-dynamic-import-node-2.2.0.tgz#c0adfb07d95f4a4495e9aaac6ec386c4d7c2524e"
-  integrity sha512-fP899ELUnTaBcIzmrW7nniyqqdYWrWuJUyPWHxFa/c7r7hS6KC8FscNfLlBNIoPSc55kYMGEEKjPjJGCLbE1qA==
+babel-plugin-dynamic-import-node@^2.2.0, babel-plugin-dynamic-import-node@^2.3.0:
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/babel-plugin-dynamic-import-node/-/babel-plugin-dynamic-import-node-2.3.0.tgz#f00f507bdaa3c3e3ff6e7e5e98d90a7acab96f7f"
+  integrity sha512-o6qFkpeQEBxcqt0XYlWzAVxNCSCZdUgcR8IRlhD/8DylxjjO4foPcvTW0GGKa/cVt3rvxZ7o5ippJ+/0nvLhlQ==
   dependencies:
     object.assign "^4.1.0"
 
@@ -1780,6 +2098,11 @@ babel-preset-jest@^24.6.0:
     "@babel/plugin-syntax-object-rest-spread" "^7.0.0"
     babel-plugin-jest-hoist "^24.6.0"
 
+babelify@^10.0.0:
+  version "10.0.0"
+  resolved "https://registry.yarnpkg.com/babelify/-/babelify-10.0.0.tgz#fe73b1a22583f06680d8d072e25a1e0d1d1d7fb5"
+  integrity sha512-X40FaxyH7t3X+JFAKvb1H9wooWKLRCi8pg3m8poqtdZaIng+bjzp9RvKQCvRjF9isHiPkXspbbXT/zwXLtwgwg==
+
 babylon@7.0.0-beta.19:
   version "7.0.0-beta.19"
   resolved "https://registry.yarnpkg.com/babylon/-/babylon-7.0.0-beta.19.tgz#e928c7e807e970e0536b078ab3e0c48f9e052503"
@@ -1910,6 +2233,16 @@ body-parser@1.18.2, body-parser@^1.16.1:
     raw-body "2.3.2"
     type-is "~1.6.15"
 
+body@^5.1.0:
+  version "5.1.0"
+  resolved "https://registry.yarnpkg.com/body/-/body-5.1.0.tgz#e4ba0ce410a46936323367609ecb4e6553125069"
+  integrity sha1-5LoM5BCkaTYyM2dgnstOZVMSUGk=
+  dependencies:
+    continuable-cache "^0.3.1"
+    error "^7.0.0"
+    raw-body "~1.1.0"
+    safe-json-parse "~1.0.1"
+
 bonjour@^3.5.0:
   version "3.5.0"
   resolved "https://registry.yarnpkg.com/bonjour/-/bonjour-3.5.0.tgz#8e890a183d8ee9a2393b3844c691a42bcf7bc9f5"
@@ -1999,7 +2332,7 @@ browser-process-hrtime@^0.1.2:
   resolved "https://registry.yarnpkg.com/browser-process-hrtime/-/browser-process-hrtime-0.1.3.tgz#616f00faef1df7ec1b5bf9cfe2bdc3170f26c7b4"
   integrity sha512-bRFnI4NnjO6cnyLmOV/7PVoDEMJChlcfN0z4s1YMBY989/SvlfMI1lgCnkFUs53e9gQF+w7qu7XdllSTiSl8Aw==
 
-browser-resolve@^1.11.3:
+browser-resolve@^1.11.3, browser-resolve@^1.7.0:
   version "1.11.3"
   resolved "https://registry.yarnpkg.com/browser-resolve/-/browser-resolve-1.11.3.tgz#9b7cbb3d0f510e4cb86bdbd796124d28b5890af6"
   integrity sha512-exDi1BYWB/6raKHmDTCicQfTkqwN5fioMFV4j8BsfMU4R2DK/QfZfK7kOVkmWCNANf0snkBzqGqAJBao9gZMdQ==
@@ -2064,7 +2397,7 @@ browserify-zlib@^0.2.0:
   dependencies:
     pako "~1.0.5"
 
-browserslist@^4.5.2, browserslist@^4.5.4, browserslist@^4.6.3:
+browserslist@^4.6.0, browserslist@^4.6.2, browserslist@^4.6.3:
   version "4.6.6"
   resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.6.6.tgz#6e4bf467cde520bc9dbdf3747dafa03531cec453"
   integrity sha512-D2Nk3W9JL9Fp/gIcWei8LrERCS+eXu9AM5cfXA8WEZ84lFks+ARnZ0q/R69m2SV3Wjma83QDDPxsNKXUwdIsyA==
@@ -2087,6 +2420,11 @@ bser@^2.0.0:
   dependencies:
     node-int64 "^0.4.0"
 
+buffer-equal@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/buffer-equal/-/buffer-equal-1.0.0.tgz#59616b498304d556abd466966b22eeda3eca5fbe"
+  integrity sha1-WWFrSYME1Var1GaWayLu2j7KX74=
+
 buffer-from@1.x, buffer-from@^1.0.0:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/buffer-from/-/buffer-from-1.1.1.tgz#32713bc028f75c02fdb710d7c7bcec1f2c6070ef"
@@ -2097,6 +2435,11 @@ buffer-indexof@^1.0.0:
   resolved "https://registry.yarnpkg.com/buffer-indexof/-/buffer-indexof-1.1.0.tgz#f54f647c4f4e25228baa656a2e57e43d5f270982"
   integrity sha1-9U9kfE9OJSKLqmVqLlfkPV8nCYI=
 
+buffer-shims@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/buffer-shims/-/buffer-shims-1.0.0.tgz#9978ce317388c649ad8793028c3477ef044a8b51"
+  integrity sha1-mXjOMXOIxkmth5MCjDR37wRKi1E=
+
 buffer-xor@^1.0.3:
   version "1.0.3"
   resolved "https://registry.yarnpkg.com/buffer-xor/-/buffer-xor-1.0.3.tgz#26e61ed1422fb70dd42e6e36729ed51d855fe8d9"
@@ -2116,6 +2459,11 @@ builtin-status-codes@^3.0.0:
   resolved "https://registry.yarnpkg.com/builtin-status-codes/-/builtin-status-codes-3.0.0.tgz#85982878e21b98e1c66425e03d0174788f569ee8"
   integrity sha1-hZgoeOIbmOHGZCXgPQF0eI9Wnug=
 
+bytes@1:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/bytes/-/bytes-1.0.0.tgz#3569ede8ba34315fab99c3e92cb04c7220de1fa8"
+  integrity sha1-NWnt6Lo0MV+rmcPpLLBMciDeH6g=
+
 bytes@3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.0.0.tgz#d32815404d689699f85a4ea4fa8755dd13a96048"
@@ -2180,6 +2528,11 @@ cacheable-request@^2.1.1:
     normalize-url "2.0.1"
     responselike "1.0.2"
 
+cached-path-relative@^1.0.0:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/cached-path-relative/-/cached-path-relative-1.0.2.tgz#a13df4196d26776220cc3356eb147a52dba2c6db"
+  integrity sha512-5r2GqsoEb4qMTTN9J+WzXfjov+hjxT+j3u5K+kIVNIwAd99DLCJE9pBIMP1qVeybV6JiijL385Oz0DcYxfbOIg==
+
 call-me-maybe@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/call-me-maybe/-/call-me-maybe-1.0.1.tgz#26d208ea89e37b5cbde60250a15f031c16a4d66b"
@@ -2316,7 +2669,7 @@ chalk@^1.1.1, chalk@^1.1.3:
     strip-ansi "^3.0.0"
     supports-color "^2.0.0"
 
-chalk@^2.0.0, chalk@^2.0.1, chalk@^2.1.0, chalk@^2.4.1, chalk@^2.4.2:
+chalk@^2.0.0, chalk@^2.0.1, chalk@^2.1.0, chalk@^2.3.0, chalk@^2.4.1, chalk@^2.4.2:
   version "2.4.2"
   resolved "https://registry.yarnpkg.com/chalk/-/chalk-2.4.2.tgz#cd42541677a54333cf541a49108c1432b44c9424"
   integrity sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==
@@ -2477,16 +2830,6 @@ cli-cursor@^2.1.0:
   dependencies:
     restore-cursor "^2.0.0"
 
-cli-table3@^0.5.0:
-  version "0.5.1"
-  resolved "https://registry.yarnpkg.com/cli-table3/-/cli-table3-0.5.1.tgz#0252372d94dfc40dbd8df06005f48f31f656f202"
-  integrity sha512-7Qg2Jrep1S/+Q3EceiZtQcDPWxhAvBw+ERf1162v4sikJrvojMHFqXt8QIVha8UlH9rgU0BeWPytZ9/TzYqlUw==
-  dependencies:
-    object-assign "^4.1.0"
-    string-width "^2.1.1"
-  optionalDependencies:
-    colors "^1.1.2"
-
 cli-width@^2.0.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.1.0.tgz#b234ca209b29ef66fc518d9b98d5847b00edf00a"
@@ -2519,6 +2862,11 @@ cliui@^4.0.0:
     strip-ansi "^4.0.0"
     wrap-ansi "^2.0.0"
 
+clone-buffer@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/clone-buffer/-/clone-buffer-1.0.0.tgz#e3e25b207ac4e701af721e2cb5a16792cac3dc58"
+  integrity sha1-4+JbIHrE5wGvch4staFnksrD3Fg=
+
 clone-regexp@^2.1.0:
   version "2.2.0"
   resolved "https://registry.yarnpkg.com/clone-regexp/-/clone-regexp-2.2.0.tgz#7d65e00885cd8796405c35a737e7a86b7429e36f"
@@ -2533,6 +2881,25 @@ clone-response@1.0.2:
   dependencies:
     mimic-response "^1.0.0"
 
+clone-stats@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/clone-stats/-/clone-stats-1.0.0.tgz#b3782dff8bb5474e18b9b6bf0fdfe782f8777680"
+  integrity sha1-s3gt/4u1R04Yuba/D9/ngvh3doA=
+
+clone@^2.1.1:
+  version "2.1.2"
+  resolved "https://registry.yarnpkg.com/clone/-/clone-2.1.2.tgz#1b7f4b9f591f1e8f83670401600345a02887435f"
+  integrity sha1-G39Ln1kfHo+DZwQBYANFoCiHQ18=
+
+cloneable-readable@^1.0.0:
+  version "1.1.3"
+  resolved "https://registry.yarnpkg.com/cloneable-readable/-/cloneable-readable-1.1.3.tgz#120a00cb053bfb63a222e709f9683ea2e11d8cec"
+  integrity sha512-2EF8zTQOxYq70Y4XKtorQupqF0m49MBz2/yf5Bj+MHjvpG3Hy7sImifnqD6UA+TKYxeSV+u6qqQPawN5UvnpKQ==
+  dependencies:
+    inherits "^2.0.1"
+    process-nextick-args "^2.0.0"
+    readable-stream "^2.3.5"
+
 co@^4.6.0:
   version "4.6.0"
   resolved "https://registry.yarnpkg.com/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184"
@@ -2562,10 +2929,10 @@ codesandbox-import-utils@^1.2.3:
     istextorbinary "^2.2.1"
     lz-string "^1.4.4"
 
-collapse-white-space@^1.0.2:
-  version "1.0.4"
-  resolved "https://registry.yarnpkg.com/collapse-white-space/-/collapse-white-space-1.0.4.tgz#ce05cf49e54c3277ae573036a26851ba430a0091"
-  integrity sha512-YfQ1tAUZm561vpYD+5eyWN8+UsceQbSrqqlc/6zDY2gtAE+uZLSdkkovhnGpmCThsvKBFakq4EdY/FF93E8XIw==
+collapse-white-space@^1.0.0, collapse-white-space@^1.0.2:
+  version "1.0.5"
+  resolved "https://registry.yarnpkg.com/collapse-white-space/-/collapse-white-space-1.0.5.tgz#c2495b699ab1ed380d29a1091e01063e75dbbe3a"
+  integrity sha512-703bOOmytCYAX9cXYqoikYIx6twmFCXsnzRQheBcTG3nzKYBR4P/+wkYeH+Mvj7qUz8zZDtdyzbxfnEi/kYzRQ==
 
 collection-visit@^1.0.0:
   version "1.0.0"
@@ -2592,7 +2959,12 @@ color-name@1.1.3, color-name@^1.0.0:
   resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.3.tgz#a7d0558bd89c42f795dd42328f740831ca53bc25"
   integrity sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=
 
-colors@^1.1.0, colors@^1.1.2:
+color-support@^1.1.3:
+  version "1.1.3"
+  resolved "https://registry.yarnpkg.com/color-support/-/color-support-1.1.3.tgz#93834379a1cc9a0c61f82f52f0d04322251bd5a2"
+  integrity sha512-qiBjkpbMLO/HL68y+lh4q0/O1MZFj2RX6X/KmMa3+gJD3z+WwI1ZzDHysvqHGS3mP6mznPckpXmw1nI9cJjyRg==
+
+colors@^1.1.0:
   version "1.3.3"
   resolved "https://registry.yarnpkg.com/colors/-/colors-1.3.3.tgz#39e005d546afe01e01f9c4ca8fa50f686a01205d"
   integrity sha512-mmGt/1pZqYRjMxB1axhTo16/snVZ5krrKkcmMeVKxzECMMXoCgnvTPp10QgHfcbQZw8Dq2jMNG6je4JlWU0gWg==
@@ -2611,6 +2983,11 @@ combined-stream@^1.0.6, combined-stream@~1.0.6:
   dependencies:
     delayed-stream "~1.0.0"
 
+comma-separated-tokens@^1.0.1:
+  version "1.0.7"
+  resolved "https://registry.yarnpkg.com/comma-separated-tokens/-/comma-separated-tokens-1.0.7.tgz#419cd7fb3258b1ed838dc0953167a25e152f5b59"
+  integrity sha512-Jrx3xsP4pPv4AwJUDWY9wOXGtwPXARej6Xd99h4TUGotmf8APuquKMpK+dnD3UgyxK7OEWaisjZz+3b5jtL6xQ==
+
 commander@2, commander@^2.10.0, commander@^2.16.0, commander@^2.18.0, commander@^2.19.0, commander@~2.20.0:
   version "2.20.0"
   resolved "https://registry.yarnpkg.com/commander/-/commander-2.20.0.tgz#d58bb2b5c1ee8f87b0d340027e9e94e222c5a422"
@@ -2683,7 +3060,7 @@ concat-map@0.0.1:
   resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b"
   integrity sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=
 
-concat-stream@^1.5.0:
+concat-stream@^1.5.0, concat-stream@^1.6.0:
   version "1.6.2"
   resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.2.tgz#904bdf194cd3122fc675c77fc4ac3d4ff0fd1a34"
   integrity sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw==
@@ -2693,6 +3070,15 @@ concat-stream@^1.5.0:
     readable-stream "^2.2.2"
     typedarray "^0.0.6"
 
+concat-stream@~1.5.0:
+  version "1.5.2"
+  resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.5.2.tgz#708978624d856af41a5a741defdd261da752c266"
+  integrity sha1-cIl4Yk2FavQaWnQd790mHadSwmY=
+  dependencies:
+    inherits "~2.0.1"
+    readable-stream "~2.0.0"
+    typedarray "~0.0.5"
+
 config-chain@^1.1.12:
   version "1.1.12"
   resolved "https://registry.yarnpkg.com/config-chain/-/config-chain-1.1.12.tgz#0fde8d091200eb5e808caf25fe618c02f48e4efa"
@@ -2772,7 +3158,12 @@ content-type@~1.0.4:
   resolved "https://registry.yarnpkg.com/content-type/-/content-type-1.0.4.tgz#e138cc75e040c727b1966fe5e5f8c9aee256fe3b"
   integrity sha512-hIP3EEPs8tB9AT1L+NUqtwOAps4mk2Zob89MWXMHjHWg9milF/j4osnnQLXBCBFBk/tvIG/tUc9mOUJiPBhPXA==
 
-convert-source-map@^1.1.0, convert-source-map@^1.4.0:
+continuable-cache@^0.3.1:
+  version "0.3.1"
+  resolved "https://registry.yarnpkg.com/continuable-cache/-/continuable-cache-0.3.1.tgz#bd727a7faed77e71ff3985ac93351a912733ad0f"
+  integrity sha1-vXJ6f67XfnH/OYWskzUakSczrQ8=
+
+convert-source-map@^1.1.0, convert-source-map@^1.4.0, convert-source-map@^1.5.0:
   version "1.6.0"
   resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.6.0.tgz#51b537a8c43e0f04dec1993bffcdd504e758ac20"
   integrity sha512-eFu7XigvxdZ1ETfbgPBohgyQ/Z++C0eEhTor0qRwBw9unw+L0/6V8wkSuGgzdThkiS5lSpdptOQPD8Ak40a+7A==
@@ -2813,25 +3204,19 @@ copy-to-clipboard@^3.0.8:
   dependencies:
     toggle-selection "^1.0.3"
 
-core-js-compat@^3.0.0:
-  version "3.0.1"
-  resolved "https://registry.yarnpkg.com/core-js-compat/-/core-js-compat-3.0.1.tgz#bff73ba31ca8687431b9c88f78d3362646fb76f0"
-  integrity sha512-2pC3e+Ht/1/gD7Sim/sqzvRplMiRnFQVlPpDVaHtY9l7zZP7knamr3VRD6NyGfHd84MrDC0tAM9ulNxYMW0T3g==
+core-js-compat@^3.1.1:
+  version "3.1.4"
+  resolved "https://registry.yarnpkg.com/core-js-compat/-/core-js-compat-3.1.4.tgz#e4d0c40fbd01e65b1d457980fe4112d4358a7408"
+  integrity sha512-Z5zbO9f1d0YrJdoaQhphVAnKPimX92D6z8lCGphH89MNRxlL1prI9ExJPqVwP0/kgkQCv8c4GJGT8X16yUncOg==
   dependencies:
-    browserslist "^4.5.4"
-    core-js "3.0.1"
-    core-js-pure "3.0.1"
-    semver "^6.0.0"
-
-core-js-pure@3.0.1:
-  version "3.0.1"
-  resolved "https://registry.yarnpkg.com/core-js-pure/-/core-js-pure-3.0.1.tgz#37358fb0d024e6b86d443d794f4e37e949098cbe"
-  integrity sha512-mSxeQ6IghKW3MoyF4cz19GJ1cMm7761ON+WObSyLfTu/Jn3x7w4NwNFnrZxgl4MTSvYYepVLNuRtlB4loMwJ5g==
+    browserslist "^4.6.2"
+    core-js-pure "3.1.4"
+    semver "^6.1.1"
 
-core-js@3.0.1:
-  version "3.0.1"
-  resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.0.1.tgz#1343182634298f7f38622f95e73f54e48ddf4738"
-  integrity sha512-sco40rF+2KlE0ROMvydjkrVMMG1vYilP2ALoRXcYR4obqbYIuV3Bg+51GEDW+HF8n7NRA+iaA4qD0nD9lo9mew==
+core-js-pure@3.1.4:
+  version "3.1.4"
+  resolved "https://registry.yarnpkg.com/core-js-pure/-/core-js-pure-3.1.4.tgz#5fa17dc77002a169a3566cc48dc774d2e13e3769"
+  integrity sha512-uJ4Z7iPNwiu1foygbcZYJsJs1jiXrTTCvxfLDXNhI/I+NHbSIEyr548y4fcsCEyWY0XgfAG/qqaunJ1SThHenA==
 
 core-js@^2.2.0, core-js@^2.6.9:
   version "2.6.9"
@@ -3546,6 +3931,11 @@ define-property@^2.0.2:
     is-descriptor "^1.0.2"
     isobject "^3.0.1"
 
+defined@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/defined/-/defined-1.0.0.tgz#c98d9bcef75674188e110969151199e39b1fa693"
+  integrity sha1-yY2bzvdWdBiOEQlpFRGZ45sfppM=
+
 del@^2.0.2:
   version "2.2.2"
   resolved "https://registry.yarnpkg.com/del/-/del-2.2.2.tgz#c12c981d067846c84bcaf862cff930d907ffd1a8"
@@ -3609,6 +3999,13 @@ destroy@~1.0.4:
   resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.0.4.tgz#978857442c44749e4206613e37946205826abd80"
   integrity sha1-l4hXRCxEdJ5CBmE+N5RiBYJqvYA=
 
+detab@^2.0.0:
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/detab/-/detab-2.0.2.tgz#074970d1a807b045d0258a4235df5928dd683561"
+  integrity sha512-Q57yPrxScy816TTE1P/uLRXLDKjXhvYTbfxS/e6lPD+YrqghbsMlGB9nQzj/zVtSPaF0DFPSdO916EWO4sQUyQ==
+  dependencies:
+    repeat-string "^1.5.4"
+
 detect-file@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/detect-file/-/detect-file-1.0.0.tgz#f0d66d03672a825cb1b73bdb3fe62310c8e552b7"
@@ -3629,6 +4026,14 @@ detect-node@^2.0.4:
   resolved "https://registry.yarnpkg.com/detect-node/-/detect-node-2.0.4.tgz#014ee8f8f669c5c58023da64b8179c083a28c46c"
   integrity sha512-ZIzRpLJrOj7jjP2miAtgqIfmzbxa4ZOr5jJc601zklsfEx9oTzmmj2nVpIPRpNlRTIh8lc1kyViIY7BWSGNmKw==
 
+detective@^4.0.0:
+  version "4.7.1"
+  resolved "https://registry.yarnpkg.com/detective/-/detective-4.7.1.tgz#0eca7314338442febb6d65da54c10bb1c82b246e"
+  integrity sha512-H6PmeeUcZloWtdt4DAkFyzFL94arpHr3NOwwmVILFiy+9Qd4JTxxXrzfyGk/lmct2qVGBwTSwSXagqu2BxmWig==
+  dependencies:
+    acorn "^5.2.1"
+    defined "^1.0.0"
+
 di@^0.0.1:
   version "0.0.1"
   resolved "https://registry.yarnpkg.com/di/-/di-0.0.1.tgz#806649326ceaa7caa3306d75d985ea2748ba913c"
@@ -3644,6 +4049,11 @@ diff@^3.2.0, diff@^3.4.0:
   resolved "https://registry.yarnpkg.com/diff/-/diff-3.5.0.tgz#800c0dd1e0a8bfbc95835c202ad220fe317e5a12"
   integrity sha512-A46qtFgd+g7pDZinpnwiRJtxbC1hpgf0uzP3iG89scHk0AUC7A1TGxf5OiiOUv/JMZR8GOt8hL900hV0bOy5xA==
 
+diff@^4.0.1:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/diff/-/diff-4.0.1.tgz#0c667cb467ebbb5cea7f14f135cc2dba7780a8ff"
+  integrity sha512-s2+XdvhPCOF01LRQBC8hf4vhbVmI2CGS5aZnxLJlT5FtdhPCDFq80q++zK2KlrVorVDdL5BOGZ/VfLrVtYNF+Q==
+
 diffie-hellman@^5.0.0:
   version "5.0.2"
   resolved "https://registry.yarnpkg.com/diffie-hellman/-/diffie-hellman-5.0.2.tgz#b5835739270cfe26acf632099fded2a07f209e5e"
@@ -3685,6 +4095,13 @@ docdash@^1.0.2:
   resolved "https://registry.yarnpkg.com/docdash/-/docdash-1.0.2.tgz#0449a8f6bb247f563020b78a5485dea95ae2e094"
   integrity sha512-IEM57bWPLtVXpUeCKbiGvHsHtW9O9ZiiBPfeQDAZ7JdQiAF3aNWQoJ3e/+uJ63lHO009yn0tbJjtKpXJ2AURCQ==
 
+doctrine-temporary-fork@2.1.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/doctrine-temporary-fork/-/doctrine-temporary-fork-2.1.0.tgz#36f2154f556ee4f1e60311d391cd23de5187ed57"
+  integrity sha512-nliqOv5NkE4zMON4UA6AMJE6As35afs8aYXATpU4pTUdIKiARZwrJVEP1boA3Rx1ZXHVkwxkhcq4VkqvsuRLsA==
+  dependencies:
+    esutils "^2.0.2"
+
 doctrine@1.5.0:
   version "1.5.0"
   resolved "https://registry.yarnpkg.com/doctrine/-/doctrine-1.5.0.tgz#379dce730f6166f76cefa4e6707a159b02c5a6fa"
@@ -3707,6 +4124,77 @@ document-register-element@1.13.1:
   dependencies:
     lightercollective "^0.1.0"
 
+documentation@^12.0.1:
+  version "12.0.3"
+  resolved "https://registry.yarnpkg.com/documentation/-/documentation-12.0.3.tgz#32f91da8e5cb4104f69db9fd32c87773a1ad6240"
+  integrity sha512-RoqkH+mQ4Vi/nFMxG0BaqPAnjKfsJ9lbLWB8KqoKVAZy+urSpk1K1zBzaFesdDkKeaR3aBgeR3RjtHp8Ut/1Wg==
+  dependencies:
+    "@babel/core" "^7.1.2"
+    "@babel/generator" "^7.1.3"
+    "@babel/parser" "7.1.3"
+    "@babel/plugin-proposal-class-properties" "^7.1.0"
+    "@babel/plugin-proposal-decorators" "^7.1.2"
+    "@babel/plugin-proposal-do-expressions" "^7.0.0"
+    "@babel/plugin-proposal-export-default-from" "^7.0.0"
+    "@babel/plugin-proposal-export-namespace-from" "^7.0.0"
+    "@babel/plugin-proposal-function-bind" "^7.0.0"
+    "@babel/plugin-proposal-function-sent" "^7.1.0"
+    "@babel/plugin-proposal-json-strings" "^7.0.0"
+    "@babel/plugin-proposal-logical-assignment-operators" "^7.0.0"
+    "@babel/plugin-proposal-nullish-coalescing-operator" "^7.0.0"
+    "@babel/plugin-proposal-numeric-separator" "^7.0.0"
+    "@babel/plugin-proposal-optional-chaining" "^7.0.0"
+    "@babel/plugin-proposal-pipeline-operator" "^7.0.0"
+    "@babel/plugin-proposal-throw-expressions" "^7.0.0"
+    "@babel/plugin-syntax-dynamic-import" "^7.0.0"
+    "@babel/plugin-syntax-import-meta" "^7.0.0"
+    "@babel/preset-env" "^7.1.0"
+    "@babel/preset-flow" "^7.0.0"
+    "@babel/preset-react" "^7.0.0"
+    "@babel/preset-stage-0" "^7.0.0"
+    "@babel/traverse" "^7.1.4"
+    "@babel/types" "^7.1.3"
+    ansi-html "^0.0.7"
+    babelify "^10.0.0"
+    chalk "^2.3.0"
+    chokidar "^2.0.4"
+    concat-stream "^1.6.0"
+    diff "^4.0.1"
+    doctrine-temporary-fork "2.1.0"
+    get-port "^4.0.0"
+    git-url-parse "^10.0.1"
+    github-slugger "1.2.0"
+    glob "^7.1.2"
+    globals-docs "^2.4.0"
+    highlight.js "^9.15.5"
+    js-yaml "^3.10.0"
+    lodash "^4.17.10"
+    mdast-util-inject "^1.1.0"
+    micromatch "^3.1.5"
+    mime "^2.2.0"
+    module-deps-sortable "5.0.0"
+    parse-filepath "^1.0.2"
+    pify "^4.0.0"
+    read-pkg-up "^4.0.0"
+    remark "^9.0.0"
+    remark-html "^8.0.0"
+    remark-reference-links "^4.0.1"
+    remark-toc "^5.0.0"
+    remote-origin-url "0.4.0"
+    resolve "^1.8.1"
+    stream-array "^1.1.2"
+    strip-json-comments "^2.0.1"
+    tiny-lr "^1.1.0"
+    unist-builder "^1.0.2"
+    unist-util-visit "^1.3.0"
+    vfile "^4.0.0"
+    vfile-reporter "^6.0.0"
+    vfile-sort "^2.1.0"
+    vinyl "^2.1.0"
+    vinyl-fs "^3.0.2"
+    vue-template-compiler "^2.5.16"
+    yargs "^12.0.2"
+
 dom-serialize@^2.2.0:
   version "2.2.1"
   resolved "https://registry.yarnpkg.com/dom-serialize/-/dom-serialize-2.2.1.tgz#562ae8999f44be5ea3076f5419dcd59eb43ac95b"
@@ -3774,6 +4262,13 @@ dropzone@^4.2.0:
   resolved "https://registry.yarnpkg.com/dropzone/-/dropzone-4.2.0.tgz#fbe7acbb9918e0706489072ef663effeef8a79f3"
   integrity sha1-++esu5kY4HBkiQcu9mPv/u+KefM=
 
+duplexer2@^0.1.2, duplexer2@~0.1.0:
+  version "0.1.4"
+  resolved "https://registry.yarnpkg.com/duplexer2/-/duplexer2-0.1.4.tgz#8b12dab878c0d69e3e7891051662a32fc6bddcc1"
+  integrity sha1-ixLauHjA1p4+eJEFFmKjL8a93ME=
+  dependencies:
+    readable-stream "^2.0.2"
+
 duplexer3@^0.1.4:
   version "0.1.4"
   resolved "https://registry.yarnpkg.com/duplexer3/-/duplexer3-0.1.4.tgz#ee01dd1cac0ed3cbc7fdbea37dc0a8f1ce002ce2"
@@ -3784,10 +4279,10 @@ duplexer@^0.1.1:
   resolved "https://registry.yarnpkg.com/duplexer/-/duplexer-0.1.1.tgz#ace6ff808c1ce66b57d1ebf97977acb02334cfc1"
   integrity sha1-rOb/gIwc5mtX0ev5eXessCM0z8E=
 
-duplexify@^3.4.2, duplexify@^3.5.3:
-  version "3.5.3"
-  resolved "https://registry.yarnpkg.com/duplexify/-/duplexify-3.5.3.tgz#8b5818800df92fd0125b27ab896491912858243e"
-  integrity sha512-g8ID9OroF9hKt2POf8YLayy+9594PzmM3scI00/uBXocX3TWNgoB67hjzkFe9ITAbQOne/lLdBxHXvYUM4ZgGA==
+duplexify@^3.4.2, duplexify@^3.6.0:
+  version "3.7.1"
+  resolved "https://registry.yarnpkg.com/duplexify/-/duplexify-3.7.1.tgz#2a4df5317f6ccfd91f86d6fd25d8d8a103b88309"
+  integrity sha512-07z8uv2wMyS51kKhD1KsdXJg5WQ6t93RneqRxUHnskXVtlYYkLqM0gqStQZ3pj073g687jPCHrqNfCzawLYh5g==
   dependencies:
     end-of-stream "^1.0.0"
     inherits "^2.0.1"
@@ -3854,6 +4349,11 @@ elliptic@^6.0.0:
     minimalistic-assert "^1.0.0"
     minimalistic-crypto-utils "^1.0.0"
 
+"emoji-regex@>=6.0.0 <=6.1.1":
+  version "6.1.1"
+  resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-6.1.1.tgz#c6cd0ec1b0642e2a3c67a1137efc5e796da4f88e"
+  integrity sha1-xs0OwbBkLio8Z6ETfvxeeW2k+I4=
+
 emoji-regex@^7.0.1, emoji-regex@^7.0.3:
   version "7.0.3"
   resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-7.0.3.tgz#933a04052860c85e83c122479c4748a8e4c72156"
@@ -3968,6 +4468,14 @@ error-ex@^1.2.0, error-ex@^1.3.1:
   dependencies:
     is-arrayish "^0.2.1"
 
+error@^7.0.0:
+  version "7.0.2"
+  resolved "https://registry.yarnpkg.com/error/-/error-7.0.2.tgz#a5f75fff4d9926126ddac0ea5dc38e689153cb02"
+  integrity sha1-pfdf/02ZJhJt2sDqXcOOaJFTywI=
+  dependencies:
+    string-template "~0.2.1"
+    xtend "~4.0.0"
+
 es-abstract@^1.5.1, es-abstract@^1.6.1:
   version "1.13.0"
   resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.13.0.tgz#ac86145fdd5099d8dd49558ccba2eaf9b88e24e9"
@@ -4246,7 +4754,7 @@ estraverse@^4.0.0, estraverse@^4.1.0, estraverse@^4.1.1, estraverse@^4.2.0:
   resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.2.0.tgz#0dee3fed31fcd469618ce7342099fc1afa0bdb13"
   integrity sha1-De4/7TH81GlhjOc0IJn8GvoL2xM=
 
-esutils@^2.0.2:
+esutils@^2.0.0, esutils@^2.0.2:
   version "2.0.2"
   resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.2.tgz#0abf4f1caa5bcb1f7a9d8acc6dea4faaa04bac9b"
   integrity sha1-Cr9PHKpbyx96nYrMbepPqqBLrJs=
@@ -4495,6 +5003,16 @@ extsprintf@1.3.0, extsprintf@^1.2.0:
   resolved "https://registry.yarnpkg.com/extsprintf/-/extsprintf-1.3.0.tgz#96918440e3041a7a414f8c52e3c574eb3c3e1e05"
   integrity sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=
 
+fancy-log@^1.3.3:
+  version "1.3.3"
+  resolved "https://registry.yarnpkg.com/fancy-log/-/fancy-log-1.3.3.tgz#dbc19154f558690150a23953a0adbd035be45fc7"
+  integrity sha512-k9oEhlyc0FrVh25qYuSELjr8oxsCoc4/LEZfg2iJJrfEk/tZL9bCoJE47gqAvI2m/AUjluCS4+3I0eTx8n3AEw==
+  dependencies:
+    ansi-gray "^0.1.1"
+    color-support "^1.1.3"
+    parse-node-version "^1.0.0"
+    time-stamp "^1.0.0"
+
 fast-deep-equal@^2.0.1:
   version "2.0.1"
   resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz#7b05218ddf9667bf7f370bf7fdb2cb15fdd0aa49"
@@ -4534,7 +5052,7 @@ fault@^1.0.2:
   dependencies:
     format "^0.2.2"
 
-faye-websocket@^0.10.0:
+faye-websocket@^0.10.0, faye-websocket@~0.10.0:
   version "0.10.0"
   resolved "https://registry.yarnpkg.com/faye-websocket/-/faye-websocket-0.10.0.tgz#4e492f8d04dfb6f89003507f6edbf2d501e7c6f4"
   integrity sha1-TkkvjQTftviQA1B/btvy1QHnxvQ=
@@ -4716,13 +5234,13 @@ flatted@^2.0.0:
   resolved "https://registry.yarnpkg.com/flatted/-/flatted-2.0.0.tgz#55122b6536ea496b4b44893ee2608141d10d9916"
   integrity sha512-R+H8IZclI8AAkSBRQJLVOsxwAoHd6WC40b4QTNWIjzAa6BXOBfQcM587MXDTVPeYaopFNWHUFLx7eNmHDSxMWg==
 
-flush-write-stream@^1.0.0:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/flush-write-stream/-/flush-write-stream-1.0.2.tgz#c81b90d8746766f1a609a46809946c45dd8ae417"
-  integrity sha1-yBuQ2HRnZvGmCaRoCZRsRd2K5Bc=
+flush-write-stream@^1.0.0, flush-write-stream@^1.0.2:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/flush-write-stream/-/flush-write-stream-1.1.1.tgz#8dd7d873a1babc207d94ead0c2e0e44276ebf2e8"
+  integrity sha512-3Z4XhFZ3992uIq0XOqb9AreonueSYphE6oYbpt5+3u06JWklbsPkNv3ZKkP9Bz/r+1MWCaMoSQ28P85+1Yc77w==
   dependencies:
-    inherits "^2.0.1"
-    readable-stream "^2.0.4"
+    inherits "^2.0.3"
+    readable-stream "^2.3.6"
 
 follow-redirects@1.5.10:
   version "1.5.10"
@@ -4799,6 +5317,14 @@ fs-minipass@^1.2.5:
   dependencies:
     minipass "^2.2.1"
 
+fs-mkdirp-stream@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/fs-mkdirp-stream/-/fs-mkdirp-stream-1.0.0.tgz#0b7815fc3201c6a69e14db98ce098c16935259eb"
+  integrity sha1-C3gV/DIBxqaeFNuYzgmMFpNSWes=
+  dependencies:
+    graceful-fs "^4.1.11"
+    through2 "^2.0.3"
+
 fs-write-stream-atomic@^1.0.8:
   version "1.0.10"
   resolved "https://registry.yarnpkg.com/fs-write-stream-atomic/-/fs-write-stream-atomic-1.0.10.tgz#b47df53493ef911df75731e70a9ded0189db40c9"
@@ -4873,6 +5399,11 @@ get-caller-file@^1.0.1:
   resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-1.0.3.tgz#f978fa4c90d1dfe7ff2d6beda2a515e713bdcf4a"
   integrity sha512-3t6rVToeoZfYSGd8YoLFR2DJkiQrIiUrGcjvFX2mDw3bn6k2OtwHN0TNCLbBO+w8qTvimhDkv+LSscbJY1vE6w==
 
+get-port@^4.0.0:
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/get-port/-/get-port-4.2.0.tgz#e37368b1e863b7629c43c5a323625f95cf24b119"
+  integrity sha512-/b3jarXkH8KJoOMQc3uVGHASwGLPq3gSFJ7tgJm2diza+bydJPTGOibin2steecKeOylE8oY2JERlVWkAJO6yw==
+
 get-stdin@^4.0.1:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-4.0.1.tgz#b968c6b0a04384324902e8bf1a5df32579a450fe"
@@ -4934,6 +5465,35 @@ gettext-extractor@^3.4.3:
     pofile "^1"
     typescript "2 - 3"
 
+git-up@^2.0.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/git-up/-/git-up-2.1.0.tgz#2f14cfe78327e7c4a2b92fcac7bfc674fdfad40c"
+  integrity sha512-MJgwfcSd9qxgDyEYpRU/CDxNpUadrK80JHuEQDG4Urn0m7tpSOgCBrtiSIa9S9KH8Tbuo/TN8SSQmJBvsw1HkA==
+  dependencies:
+    is-ssh "^1.3.0"
+    parse-url "^3.0.2"
+
+git-url-parse@^10.0.1:
+  version "10.1.0"
+  resolved "https://registry.yarnpkg.com/git-url-parse/-/git-url-parse-10.1.0.tgz#a27813218f8777e91d15f1c121b83bf14721b67e"
+  integrity sha512-goZOORAtFjU1iG+4zZgWq+N7It09PqS3Xsy43ZwhP5unDD0tTSmXTpqULHodMdJXGejm3COwXIhIRT6Z8DYVZQ==
+  dependencies:
+    git-up "^2.0.0"
+
+github-slugger@1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/github-slugger/-/github-slugger-1.2.0.tgz#8ada3286fd046d8951c3c952a8d7854cfd90fd9a"
+  integrity sha512-wIaa75k1vZhyPm9yWrD08A5Xnx/V+RmzGrpjQuLemGKSb77Qukiaei58Bogrl/LZSADDfPzKJX8jhLs4CRTl7Q==
+  dependencies:
+    emoji-regex ">=6.0.0 <=6.1.1"
+
+github-slugger@^1.0.0, github-slugger@^1.2.1:
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/github-slugger/-/github-slugger-1.2.1.tgz#47e904e70bf2dccd0014748142d31126cfd49508"
+  integrity sha512-SsZUjg/P03KPzQBt7OxJPasGw6NRO5uOgiZ5RGXVud5iSIZ0eNZeNp5rTwCxtavrRUa/A77j8mePVc5lEvk0KQ==
+  dependencies:
+    emoji-regex ">=6.0.0 <=6.1.1"
+
 glob-parent@^3.1.0:
   version "3.1.0"
   resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-3.1.0.tgz#9e6af6299d8d3bd2bd40430832bd113df906c5ae"
@@ -4942,6 +5502,22 @@ glob-parent@^3.1.0:
     is-glob "^3.1.0"
     path-dirname "^1.0.0"
 
+glob-stream@^6.1.0:
+  version "6.1.0"
+  resolved "https://registry.yarnpkg.com/glob-stream/-/glob-stream-6.1.0.tgz#7045c99413b3eb94888d83ab46d0b404cc7bdde4"
+  integrity sha1-cEXJlBOz65SIjYOrRtC0BMx73eQ=
+  dependencies:
+    extend "^3.0.0"
+    glob "^7.1.1"
+    glob-parent "^3.1.0"
+    is-negated-glob "^1.0.0"
+    ordered-read-streams "^1.0.0"
+    pumpify "^1.3.5"
+    readable-stream "^2.1.5"
+    remove-trailing-separator "^1.0.1"
+    to-absolute-glob "^2.0.0"
+    unique-stream "^2.0.2"
+
 glob-to-regexp@^0.3.0:
   version "0.3.0"
   resolved "https://registry.yarnpkg.com/glob-to-regexp/-/glob-to-regexp-0.3.0.tgz#8c5a1494d2066c570cc3bfe4496175acc4d502ab"
@@ -5012,6 +5588,11 @@ global-prefix@^3.0.0:
     kind-of "^6.0.2"
     which "^1.3.1"
 
+globals-docs@^2.4.0:
+  version "2.4.0"
+  resolved "https://registry.yarnpkg.com/globals-docs/-/globals-docs-2.4.0.tgz#f2c647544eb6161c7c38452808e16e693c2dafbb"
+  integrity sha512-B69mWcqCmT3jNYmSxRxxOXWfzu3Go8NQXPfl2o0qPd1EEFhwW0dFUg9ztTu915zPQzqwIhWAlw6hmfIcCK4kkQ==
+
 globals@^11.1.0, globals@^11.7.0:
   version "11.12.0"
   resolved "https://registry.yarnpkg.com/globals/-/globals-11.12.0.tgz#ab8795338868a0babd8525758018c2a7eb95c42e"
@@ -5122,10 +5703,10 @@ got@^8.0.3:
     url-parse-lax "^3.0.0"
     url-to-options "^1.0.1"
 
-graceful-fs@^4.1.11, graceful-fs@^4.1.15, graceful-fs@^4.1.2, graceful-fs@^4.1.9:
-  version "4.1.15"
-  resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.1.15.tgz#ffb703e1066e8a0eeaa4c8b80ba9253eeefbfb00"
-  integrity sha512-6uHUhOPEBgQ24HM+r6b/QwWfZq+yiFcipKFrOFiBEnWdy5sdzYoi+pJeQaPI5qOLRFqWmAXUPQNsielzdLoecA==
+graceful-fs@^4.0.0, graceful-fs@^4.1.11, graceful-fs@^4.1.15, graceful-fs@^4.1.2, graceful-fs@^4.1.6, graceful-fs@^4.1.9:
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.0.tgz#8d8fdc73977cb04104721cb53666c1ca64cd328b"
+  integrity sha512-jpSvDPV4Cq/bgtpndIWbI5hmYxhQGHPC4d4cqBPb4DLniCfhJokdXhwhaDuLBGLQdvvRum/UiX6ECVIPvDXqdg==
 
 graphlibrary@^2.2.0:
   version "2.2.0"
@@ -5151,6 +5732,16 @@ growly@^1.3.0:
   resolved "https://registry.yarnpkg.com/growly/-/growly-1.3.0.tgz#f10748cbe76af964b7c96c93c6bcc28af120c081"
   integrity sha1-8QdIy+dq+WS3yWyTxrzCivEgwIE=
 
+gulp-print@^5.0.2:
+  version "5.0.2"
+  resolved "https://registry.yarnpkg.com/gulp-print/-/gulp-print-5.0.2.tgz#8f379148218d2e168461baa74352e11d1bf7aa75"
+  integrity sha512-iIpHMzC/b3gFvVXOfP9Jk94SWGIsDLVNUrxULRleQev+08ug07mh84b1AOlW6QDQdmInQiqDFqJN1UvhU2nXdg==
+  dependencies:
+    ansi-colors "^3.2.4"
+    fancy-log "^1.3.3"
+    map-stream "0.0.7"
+    vinyl "^2.2.0"
+
 gzip-size@^5.0.0:
   version "5.0.0"
   resolved "https://registry.yarnpkg.com/gzip-size/-/gzip-size-5.0.0.tgz#a55ecd99222f4c48fd8c01c625ce3b349d0a0e80"
@@ -5300,12 +5891,50 @@ hash.js@^1.0.0, hash.js@^1.0.3:
     inherits "^2.0.3"
     minimalistic-assert "^1.0.0"
 
+hast-util-is-element@^1.0.0:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/hast-util-is-element/-/hast-util-is-element-1.0.3.tgz#423b4b26fe8bf1f25950fe052e9ce8f83fd5f6a4"
+  integrity sha512-C62CVn7jbjp89yOhhy7vrkSaB7Vk906Gtcw/Ihd+Iufnq+2pwOZjdPmpzpKLWJXPJBMDX3wXg4FqmdOayPcewA==
+
+hast-util-sanitize@^1.0.0:
+  version "1.3.1"
+  resolved "https://registry.yarnpkg.com/hast-util-sanitize/-/hast-util-sanitize-1.3.1.tgz#4e60d66336bd67e52354d581967467029a933f2e"
+  integrity sha512-AIeKHuHx0Wk45nSkGVa2/ujQYTksnDl8gmmKo/mwQi7ag7IBZ8cM3nJ2G86SajbjGP/HRpud6kMkPtcM2i0Tlw==
+  dependencies:
+    xtend "^4.0.1"
+
+hast-util-to-html@^4.0.0:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/hast-util-to-html/-/hast-util-to-html-4.0.1.tgz#3666b05afb62bd69f8f5e6c94db04dea19438e2a"
+  integrity sha512-2emzwyf0xEsc4TBIPmDJmBttIw8R4SXAJiJZoiRR/s47ODYWgOqNoDbf2SJAbMbfNdFWMiCSOrI3OVnX6Qq2Mg==
+  dependencies:
+    ccount "^1.0.0"
+    comma-separated-tokens "^1.0.1"
+    hast-util-is-element "^1.0.0"
+    hast-util-whitespace "^1.0.0"
+    html-void-elements "^1.0.0"
+    property-information "^4.0.0"
+    space-separated-tokens "^1.0.0"
+    stringify-entities "^1.0.1"
+    unist-util-is "^2.0.0"
+    xtend "^4.0.1"
+
+hast-util-whitespace@^1.0.0:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/hast-util-whitespace/-/hast-util-whitespace-1.0.3.tgz#6d161b307bd0693b5ec000c7c7e8b5445109ee34"
+  integrity sha512-AlkYiLTTwPOyxZ8axq2/bCwRUPjIPBfrHkXuCR92B38b3lSdU22R5F/Z4DL6a2kxWpekWq1w6Nj48tWat6GeRA==
+
 he@^1.1.0, he@^1.2.0:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/he/-/he-1.2.0.tgz#84ae65fa7eafb165fddb61566ae14baf05664f0f"
   integrity sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==
 
-highlight.js@^9.13.1, highlight.js@~9.13.0:
+highlight.js@^9.13.1, highlight.js@^9.15.5:
+  version "9.15.8"
+  resolved "https://registry.yarnpkg.com/highlight.js/-/highlight.js-9.15.8.tgz#f344fda123f36f1a65490e932cf90569e4999971"
+  integrity sha512-RrapkKQWwE+wKdF73VsOa2RQdIoO3mxwJ4P8mhbI6KYJUraUHRKM5w5zQQKXNk0xNL4UVRdulV9SBJcmzJNzVA==
+
+highlight.js@~9.13.0:
   version "9.13.1"
   resolved "https://registry.yarnpkg.com/highlight.js/-/highlight.js-9.13.1.tgz#054586d53a6863311168488a0f58d6c505ce641e"
   integrity sha512-Sc28JNQNDzaH6PORtRLMvif9RSn1mYuOoX3omVjnb0+HbpPygU2ALBI0R/wsiqCb4/fcp07Gdo8g+fhtFrQl6A==
@@ -5376,6 +6005,11 @@ html-tags@^3.0.0:
   resolved "https://registry.yarnpkg.com/html-tags/-/html-tags-3.0.0.tgz#41f57708c9e6b7b46a00a22317d614c4a2bab166"
   integrity sha512-xiXEBjihaNI+VZ2mKEoI5ZPxqUsevTKM+aeeJ/W4KAg2deGE35minmCJMn51BvwJZmiHaeAxrb2LAS0yZJxuuA==
 
+html-void-elements@^1.0.0:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/html-void-elements/-/html-void-elements-1.0.4.tgz#95e8bb5ecd6b88766569c2645f2b5f1591db9ba5"
+  integrity sha512-yMk3naGPLrfvUV9TdDbuYXngh/TpHbA6TrOw3HL9kS8yhwx7i309BReNg7CbAJXGE+UMJ6je5OqJ7lC63o6YuQ==
+
 htmlparser2@^3.10.0, htmlparser2@^3.9.0:
   version "3.10.0"
   resolved "https://registry.yarnpkg.com/htmlparser2/-/htmlparser2-3.10.0.tgz#5f5e422dcf6119c0d983ed36260ce9ded0bee464"
@@ -5590,7 +6224,7 @@ inherits@2.0.1:
   resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.1.tgz#b17d08d326b4423e568eff719f91b0b1cbdf69f1"
   integrity sha1-sX0I0ya0Qj5Wjv9xn5GwscvfafE=
 
-ini@^1.3.4, ini@^1.3.5, ini@~1.3.0:
+ini@^1.3.3, ini@^1.3.4, ini@^1.3.5, ini@~1.3.0:
   version "1.3.5"
   resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.5.tgz#eee25f56db1c9ec6085e0c22778083f596abf927"
   integrity sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw==
@@ -5667,6 +6301,14 @@ ipaddr.js@1.8.0, ipaddr.js@^1.5.2:
   resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.8.0.tgz#eaa33d6ddd7ace8f7f6fe0c9ca0440e706738b1e"
   integrity sha1-6qM9bd16zo9/b+DJygRA5wZzix4=
 
+is-absolute@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/is-absolute/-/is-absolute-1.0.0.tgz#395e1ae84b11f26ad1795e73c17378e48a301576"
+  integrity sha512-dOWoqflvcydARa360Gvv18DZ/gRuHKi2NU/wU5X1ZFzdYfH29nkiNZsF3mp4OJ3H4yo9Mx8A/uAGNzpzPN3yBA==
+  dependencies:
+    is-relative "^1.0.0"
+    is-windows "^1.0.1"
+
 is-accessor-descriptor@^0.1.6:
   version "0.1.6"
   resolved "https://registry.yarnpkg.com/is-accessor-descriptor/-/is-accessor-descriptor-0.1.6.tgz#a9e12cb3ae8d876727eeef3843f8a0897b5c98d6"
@@ -5711,7 +6353,7 @@ is-binary-path@^1.0.0:
   dependencies:
     binary-extensions "^1.0.0"
 
-is-buffer@^1.1.5, is-buffer@~1.1.1:
+is-buffer@^1.1.4, is-buffer@^1.1.5, is-buffer@~1.1.1:
   version "1.1.6"
   resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.6.tgz#efaa2ea9daa0d7ab2ea13a97b2b8ad51fefbe8be"
   integrity sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==
@@ -5860,6 +6502,11 @@ is-installed-globally@^0.1.0:
     global-dirs "^0.1.0"
     is-path-inside "^1.0.0"
 
+is-negated-glob@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/is-negated-glob/-/is-negated-glob-1.0.0.tgz#6910bca5da8c95e784b5751b976cf5a10fee36d2"
+  integrity sha1-aRC8pdqMleeEtXUbl2z1oQ/uNtI=
+
 is-npm@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/is-npm/-/is-npm-1.0.0.tgz#f2fb63a65e4905b406c86072765a1a4dc793b9f4"
@@ -5950,6 +6597,13 @@ is-regexp@^2.0.0:
   resolved "https://registry.yarnpkg.com/is-regexp/-/is-regexp-2.1.0.tgz#cd734a56864e23b956bf4e7c66c396a4c0b22c2d"
   integrity sha512-OZ4IlER3zmRIoB9AqNhEggVxqIH4ofDns5nRrPS6yQxXE1TPCUpFznBfRQmQa8uC+pXqjMnukiJBxCisIxiLGA==
 
+is-relative@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/is-relative/-/is-relative-1.0.0.tgz#a1bb6935ce8c5dba1e8b9754b9b2dcc020e2260d"
+  integrity sha512-Kw/ReK0iqwKeu0MITLFuj0jbPAmEiOsIwyIXvvbfa6QfmN9pkD1M+8pdk7Rl/dTKbH34/XBFMbgD4iMJhLQbGA==
+  dependencies:
+    is-unc-path "^1.0.0"
+
 is-resolvable@^1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/is-resolvable/-/is-resolvable-1.1.0.tgz#fb18f87ce1feb925169c9a407c19318a3206ed88"
@@ -5960,6 +6614,13 @@ is-retry-allowed@^1.0.0, is-retry-allowed@^1.1.0:
   resolved "https://registry.yarnpkg.com/is-retry-allowed/-/is-retry-allowed-1.1.0.tgz#11a060568b67339444033d0125a61a20d564fb34"
   integrity sha1-EaBgVotnM5REAz0BJaYaINVk+zQ=
 
+is-ssh@^1.3.0:
+  version "1.3.1"
+  resolved "https://registry.yarnpkg.com/is-ssh/-/is-ssh-1.3.1.tgz#f349a8cadd24e65298037a522cf7520f2e81a0f3"
+  integrity sha512-0eRIASHZt1E68/ixClI8bp2YK2wmBPVWEismTs6M+M099jKgrzl/3E976zIbImSIob48N2/XGe9y7ZiYdImSlg==
+  dependencies:
+    protocols "^1.1.0"
+
 is-stream@^1.0.0, is-stream@^1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44"
@@ -5977,11 +6638,23 @@ is-typedarray@~1.0.0:
   resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a"
   integrity sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=
 
-is-utf8@^0.2.0:
+is-unc-path@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/is-unc-path/-/is-unc-path-1.0.0.tgz#d731e8898ed090a12c352ad2eaed5095ad322c9d"
+  integrity sha512-mrGpVd0fs7WWLfVsStvgF6iEJnbjDFZh9/emhRDcGWTduTfNHd9CHeUwH3gYIjdbwo4On6hunkztwOaAw0yllQ==
+  dependencies:
+    unc-path-regex "^0.1.2"
+
+is-utf8@^0.2.0, is-utf8@^0.2.1:
   version "0.2.1"
   resolved "https://registry.yarnpkg.com/is-utf8/-/is-utf8-0.2.1.tgz#4b0da1442104d1b336340e80797e865cf39f7d72"
   integrity sha1-Sw2hRCEE0bM2NA6AeX6GXPOffXI=
 
+is-valid-glob@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/is-valid-glob/-/is-valid-glob-1.0.0.tgz#29bf3eff701be2d4d315dbacc39bc39fe8f601aa"
+  integrity sha1-Kb8+/3Ab4tTTFdusw5vDn+j2Aao=
+
 is-whitespace-character@^1.0.0:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/is-whitespace-character/-/is-whitespace-character-1.0.2.tgz#ede53b4c6f6fb3874533751ec9280d01928d03ed"
@@ -6579,7 +7252,7 @@ js-tokens@^3.0.2:
   resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-3.0.2.tgz#9866df395102130e38f7f996bceb65443209c25b"
   integrity sha1-mGbfOVECEw449/mWvOtlRDIJwls=
 
-js-yaml@^3.12.0, js-yaml@^3.13.1:
+js-yaml@^3.10.0, js-yaml@^3.12.0, js-yaml@^3.13.1:
   version "3.13.1"
   resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.13.1.tgz#aff151b30bfdfa8e49e05da22e7415e9dfa37847"
   integrity sha512-YfbcO7jXDdyj0DGxYVSlSeQNHbD7XPWvrVWeVUujrQEoZzWJIRrCPoyk6kL6IAjAG2IolMK4T0hNUe0HOUs5Jw==
@@ -6711,6 +7384,11 @@ json5@^0.5.0:
   resolved "https://registry.yarnpkg.com/json5/-/json5-0.5.1.tgz#1eade7acc012034ad84e2396767ead9fa5495821"
   integrity sha1-Hq3nrMASA0rYTiOWdn6tn6VJWCE=
 
+jsonparse@^1.2.0:
+  version "1.3.1"
+  resolved "https://registry.yarnpkg.com/jsonparse/-/jsonparse-1.3.1.tgz#3f4dae4a91fac315f71062f8521cc239f1366280"
+  integrity sha1-P02uSpH6wxX3EGL4UhzCOfE2YoA=
+
 jsprim@^1.2.2:
   version "1.4.1"
   resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.4.1.tgz#313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2"
@@ -6893,6 +7571,13 @@ latest-version@^3.0.0:
   dependencies:
     package-json "^4.0.0"
 
+lazystream@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/lazystream/-/lazystream-1.0.0.tgz#f6995fe0f820392f61396be89462407bb77168e4"
+  integrity sha1-9plf4PggOS9hOWvolGJAe7dxaOQ=
+  dependencies:
+    readable-stream "^2.0.5"
+
 lcid@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/lcid/-/lcid-1.0.0.tgz#308accafa0bc483a3867b4b6f2b9506251d1b835"
@@ -6907,6 +7592,13 @@ lcid@^2.0.0:
   dependencies:
     invert-kv "^2.0.0"
 
+lead@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/lead/-/lead-1.0.0.tgz#6f14f99a37be3a9dd784f5495690e5903466ee42"
+  integrity sha1-bxT5mje+Op3XhPVJVpDlkDRm7kI=
+  dependencies:
+    flush-write-stream "^1.0.2"
+
 left-pad@^1.3.0:
   version "1.3.0"
   resolved "https://registry.yarnpkg.com/left-pad/-/left-pad-1.3.0.tgz#5b8a3a7765dfe001261dde915589e782f8c94d1e"
@@ -6949,6 +7641,11 @@ linkify-it@^2.0.0:
   dependencies:
     uc.micro "^1.0.1"
 
+livereload-js@^2.3.0:
+  version "2.4.0"
+  resolved "https://registry.yarnpkg.com/livereload-js/-/livereload-js-2.4.0.tgz#447c31cf1ea9ab52fc20db615c5ddf678f78009c"
+  integrity sha512-XPQH8Z2GDP/Hwz2PCDrh2mth4yFejwA1OZ/81Ti3LgKyhDcEjsSsqFWZojHG0va/duGd+WyosY7eXLDoOyqcPw==
+
 load-json-file@^1.0.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/load-json-file/-/load-json-file-1.1.0.tgz#956905708d58b4bab4c2261b04f59f31c99374c0"
@@ -7192,7 +7889,7 @@ map-age-cleaner@^0.1.1:
   dependencies:
     p-defer "^1.0.0"
 
-map-cache@^0.2.2:
+map-cache@^0.2.0, map-cache@^0.2.2:
   version "0.2.2"
   resolved "https://registry.yarnpkg.com/map-cache/-/map-cache-0.2.2.tgz#c32abd0bd6525d9b051645bb4f26ac5dc98a0dbf"
   integrity sha1-wyq9C9ZSXZsFFkW7TyasXcmKDb8=
@@ -7207,6 +7904,11 @@ map-obj@^2.0.0:
   resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-2.0.0.tgz#a65cd29087a92598b8791257a523e021222ac1f9"
   integrity sha1-plzSkIepJZi4eRJXpSPgISIqwfk=
 
+map-stream@0.0.7:
+  version "0.0.7"
+  resolved "https://registry.yarnpkg.com/map-stream/-/map-stream-0.0.7.tgz#8a1f07896d82b10926bd3744a2420009f88974a8"
+  integrity sha1-ih8HiW2CsQkmvTdEokIACfiJdKg=
+
 map-visit@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/map-visit/-/map-visit-1.0.0.tgz#ecdca8f13144e660f1b5bd41f12f3479d98dfb8f"
@@ -7269,6 +7971,52 @@ mdast-util-compact@^1.0.0:
   dependencies:
     unist-util-visit "^1.1.0"
 
+mdast-util-definitions@^1.2.0:
+  version "1.2.4"
+  resolved "https://registry.yarnpkg.com/mdast-util-definitions/-/mdast-util-definitions-1.2.4.tgz#2b54ad4eecaff9d9fcb6bf6f9f6b68b232d77ca7"
+  integrity sha512-HfUArPog1j4Z78Xlzy9Q4aHLnrF/7fb57cooTHypyGoe2XFNbcx/kWZDoOz+ra8CkUzvg3+VHV434yqEd1DRmA==
+  dependencies:
+    unist-util-visit "^1.0.0"
+
+mdast-util-inject@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/mdast-util-inject/-/mdast-util-inject-1.1.0.tgz#db06b8b585be959a2dcd2f87f472ba9b756f3675"
+  integrity sha1-2wa4tYW+lZotzS+H9HK6m3VvNnU=
+  dependencies:
+    mdast-util-to-string "^1.0.0"
+
+mdast-util-to-hast@^3.0.0:
+  version "3.0.4"
+  resolved "https://registry.yarnpkg.com/mdast-util-to-hast/-/mdast-util-to-hast-3.0.4.tgz#132001b266031192348d3366a6b011f28e54dc40"
+  integrity sha512-/eIbly2YmyVgpJNo+bFLLMCI1XgolO/Ffowhf+pHDq3X4/V6FntC9sGQCDLM147eTS+uSXv5dRzJyFn+o0tazA==
+  dependencies:
+    collapse-white-space "^1.0.0"
+    detab "^2.0.0"
+    mdast-util-definitions "^1.2.0"
+    mdurl "^1.0.1"
+    trim "0.0.1"
+    trim-lines "^1.0.0"
+    unist-builder "^1.0.1"
+    unist-util-generated "^1.1.0"
+    unist-util-position "^3.0.0"
+    unist-util-visit "^1.1.0"
+    xtend "^4.0.1"
+
+mdast-util-to-string@^1.0.0, mdast-util-to-string@^1.0.5:
+  version "1.0.6"
+  resolved "https://registry.yarnpkg.com/mdast-util-to-string/-/mdast-util-to-string-1.0.6.tgz#7d85421021343b33de1552fc71cb8e5b4ae7536d"
+  integrity sha512-868pp48gUPmZIhfKrLbaDneuzGiw3OTDjHc5M1kAepR2CWBJ+HpEsm252K4aXdiP5coVZaJPOqGtVU6Po8xnXg==
+
+mdast-util-toc@^3.0.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/mdast-util-toc/-/mdast-util-toc-3.1.0.tgz#395eeb877f067f9d2165d990d77c7eea6f740934"
+  integrity sha512-Za0hqL1PqWrvxGtA/3NH9D5nhGAUS9grMM4obEAz5+zsk1RIw/vWUchkaoDLNdrwk05A0CSC5eEXng36/1qE5w==
+  dependencies:
+    github-slugger "^1.2.1"
+    mdast-util-to-string "^1.0.5"
+    unist-util-is "^2.1.2"
+    unist-util-visit "^1.1.0"
+
 mdurl@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/mdurl/-/mdurl-1.0.1.tgz#fe85b2ec75a59037f2adfec100fd6c601761152e"
@@ -7279,13 +8027,6 @@ media-typer@0.3.0:
   resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748"
   integrity sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=
 
-mem@^1.1.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/mem/-/mem-1.1.0.tgz#5edd52b485ca1d900fe64895505399a0dfa45f76"
-  integrity sha1-Xt1StIXKHZAP5kiVUFOZoN+kX3Y=
-  dependencies:
-    mimic-fn "^1.0.0"
-
 mem@^4.0.0:
   version "4.3.0"
   resolved "https://registry.yarnpkg.com/mem/-/mem-4.3.0.tgz#461af497bc4ae09608cdb2e60eefb69bff744178"
@@ -7363,15 +8104,18 @@ merge2@^1.2.3:
   resolved "https://registry.yarnpkg.com/merge2/-/merge2-1.2.3.tgz#7ee99dbd69bb6481689253f018488a1b902b0ed5"
   integrity sha512-gdUU1Fwj5ep4kplwcmftruWofEFt6lfpkkr3h860CXbAB9c3hGb55EOL2ali0Td5oebvW0E1+3Sr+Ur7XfKpRA==
 
-mermaid@^8.1.0:
-  version "8.1.0"
-  resolved "https://registry.yarnpkg.com/mermaid/-/mermaid-8.1.0.tgz#f9f4c02cf98d2d9fae230d5ce28f531e605e9b72"
-  integrity sha512-fsCN8bOukYHZT6FlA0eIeLs/O3H2+CWcHnxRrS86Ci1cpJes5/qvoye0xjhe8lbXJCFLM8sXWVg57aMHPtnAaw==
+mermaid@^8.2.3:
+  version "8.2.3"
+  resolved "https://registry.yarnpkg.com/mermaid/-/mermaid-8.2.3.tgz#609bad45bedc3ee1a935161c11c3c22689cfecd9"
+  integrity sha512-G2p9BAAEeTtogPs4YXM8KyX+TsZULlgk0tGvmBPfBZ5j3YCPxgAxG9ZzleiYNItF7M1hGkE485BDLN8DbfR+/Q==
   dependencies:
+    "@braintree/sanitize-url" "^3.1.0"
     d3 "^5.7.0"
     dagre-d3-renderer "^0.5.8"
     dagre-layout "^0.8.8"
+    documentation "^12.0.1"
     graphlibrary "^2.2.0"
+    gulp-print "^5.0.2"
     he "^1.2.0"
     lodash "^4.17.11"
     minify "^4.1.1"
@@ -7383,7 +8127,7 @@ methods@~1.1.2:
   resolved "https://registry.yarnpkg.com/methods/-/methods-1.1.2.tgz#5529a4d67654134edcc5266656835b0f851afcee"
   integrity sha1-VSmk1nZUE07cxSZmVoNbD4Ua/O4=
 
-micromatch@^3.0.4, micromatch@^3.1.10, micromatch@^3.1.4, micromatch@^3.1.6, micromatch@^3.1.8, micromatch@^3.1.9:
+micromatch@^3.0.4, micromatch@^3.1.10, micromatch@^3.1.4, micromatch@^3.1.5, micromatch@^3.1.6, micromatch@^3.1.8, micromatch@^3.1.9:
   version "3.1.10"
   resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-3.1.10.tgz#70859bc95c9840952f359a068a3fc49f9ecfac23"
   integrity sha512-MWikgl9n9M3w+bpsY3He8L+w9eF9338xRl8IAO5viDizwSzziFEyUzo2xrrloB64ADbTf8uA8vRqqttDTOmccg==
@@ -7435,10 +8179,10 @@ mime@1.4.1:
   resolved "https://registry.yarnpkg.com/mime/-/mime-1.4.1.tgz#121f9ebc49e3766f311a76e1fa1c8003c4b03aa6"
   integrity sha512-KI1+qOZu5DcW6wayYHSzR/tXKCDC5Om4s1z2QJjDULzLcmf3DvzS7oluY4HCTrc+9FiKmWUgeNLg7W3uIQvxtQ==
 
-mime@^2.0.3, mime@^2.3.1:
-  version "2.3.1"
-  resolved "https://registry.yarnpkg.com/mime/-/mime-2.3.1.tgz#b1621c54d63b97c47d3cfe7f7215f7d64517c369"
-  integrity sha512-OEUllcVoydBHGN1z84yfQDimn58pZNNNXgZlHXSboxMlFvgI6MXSWpWKpFRra7H1HxpVhHTkrghfRW49k6yjeg==
+mime@^2.0.3, mime@^2.2.0, mime@^2.3.1:
+  version "2.4.4"
+  resolved "https://registry.yarnpkg.com/mime/-/mime-2.4.4.tgz#bd7b91135fc6b01cde3e9bae33d659b63d8857e5"
+  integrity sha512-LRxmNwziLPT828z+4YkNzloCFC2YM4wrB99k+AV5ZbEyfGNWfG8SO1FUXLmLDBSo89NrJZ4DIWeLjy1CHGhMGA==
 
 mimic-fn@^1.0.0:
   version "1.2.0"
@@ -7503,7 +8247,7 @@ minimist@1.1.x:
   resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.1.3.tgz#3bedfd91a92d39016fcfaa1c681e8faa1a1efda8"
   integrity sha1-O+39kaktOQFvz6ocaB6Pqhoe/ag=
 
-minimist@^1.1.1, minimist@^1.1.3, minimist@^1.2.0:
+minimist@^1.1.0, minimist@^1.1.1, minimist@^1.1.3, minimist@^1.2.0:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.0.tgz#a35008b20f41383eec1fb914f4cd5df79a264284"
   integrity sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=
@@ -7554,6 +8298,26 @@ mkdirp@0.5.x, mkdirp@0.x, "mkdirp@>=0.5 0", mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp
   dependencies:
     minimist "0.0.8"
 
+module-deps-sortable@5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/module-deps-sortable/-/module-deps-sortable-5.0.0.tgz#99db5bb08f7eab55e4c31f6b7c722c6a2144ba74"
+  integrity sha512-bnGGeghQmz/t/6771/KC4FmxpVm126iR6AAzzq4N6hVZQVl4+ZZBv+VF3PJmDyxXtVtgcgTSSP7NL+jq1QAHrg==
+  dependencies:
+    JSONStream "^1.0.3"
+    browser-resolve "^1.7.0"
+    cached-path-relative "^1.0.0"
+    concat-stream "~1.5.0"
+    defined "^1.0.0"
+    detective "^4.0.0"
+    duplexer2 "^0.1.2"
+    inherits "^2.0.1"
+    readable-stream "^2.0.2"
+    resolve "^1.1.3"
+    stream-combiner2 "^1.1.1"
+    subarg "^1.0.0"
+    through2 "^2.0.0"
+    xtend "^4.0.0"
+
 moment-mini@^2.22.1:
   version "2.22.1"
   resolved "https://registry.yarnpkg.com/moment-mini/-/moment-mini-2.22.1.tgz#bc32d73e43a4505070be6b53494b17623183420d"
@@ -7887,6 +8651,23 @@ normalize-url@2.0.1:
     query-string "^5.0.1"
     sort-keys "^2.0.0"
 
+normalize-url@^1.9.1:
+  version "1.9.1"
+  resolved "https://registry.yarnpkg.com/normalize-url/-/normalize-url-1.9.1.tgz#2cc0d66b31ea23036458436e3620d85954c66c3c"
+  integrity sha1-LMDWazHqIwNkWENuNiDYWVTGbDw=
+  dependencies:
+    object-assign "^4.0.1"
+    prepend-http "^1.0.0"
+    query-string "^4.1.0"
+    sort-keys "^1.0.0"
+
+now-and-later@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/now-and-later/-/now-and-later-2.0.1.tgz#8e579c8685764a7cc02cb680380e94f43ccb1f7c"
+  integrity sha512-KGvQ0cB70AQfg107Xvs/Fbu+dGmZoTRJp2TaPwcwQm3/7PteUyN2BCgk8KBMPGBUXZdVwyWS8fDCGFygBm19UQ==
+  dependencies:
+    once "^1.3.2"
+
 npm-bundled@^1.0.1:
   version "1.0.6"
   resolved "https://registry.yarnpkg.com/npm-bundled/-/npm-bundled-1.0.6.tgz#e7ba9aadcef962bb61248f91721cd932b3fe6bdd"
@@ -7973,7 +8754,7 @@ object-visit@^1.0.0:
   dependencies:
     isobject "^3.0.0"
 
-object.assign@^4.1.0:
+object.assign@^4.0.4, object.assign@^4.1.0:
   version "4.1.0"
   resolved "https://registry.yarnpkg.com/object.assign/-/object.assign-4.1.0.tgz#968bf1100d7956bb3ca086f006f846b3bc4008da"
   integrity sha512-exHJeq6kBKj58mqGyTQ9DFvrZC/eR6OwxzoM9YRoGBqrXYonaFyGiFMuc9VZrXf7DarreEwMpurG3dd+CNyW5w==
@@ -8025,7 +8806,7 @@ on-headers@~1.0.1:
   resolved "https://registry.yarnpkg.com/on-headers/-/on-headers-1.0.1.tgz#928f5d0f470d49342651ea6794b0857c100693f7"
   integrity sha1-ko9dD0cNSTQmUepnlLCFfBAGk/c=
 
-once@^1.3.0, once@^1.3.1, once@^1.4.0:
+once@^1.3.0, once@^1.3.1, once@^1.3.2, once@^1.4.0:
   version "1.4.0"
   resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1"
   integrity sha1-WDsap3WWHUsROsF9nFC6753Xa9E=
@@ -8078,6 +8859,13 @@ optionator@^0.8.1, optionator@^0.8.2:
     type-check "~0.3.2"
     wordwrap "~1.0.0"
 
+ordered-read-streams@^1.0.0:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/ordered-read-streams/-/ordered-read-streams-1.0.1.tgz#77c0cb37c41525d64166d990ffad7ec6a0e1363e"
+  integrity sha1-d8DLN8QVJdZBZtmQ/61+xqDhNj4=
+  dependencies:
+    readable-stream "^2.0.1"
+
 orderedmap@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/orderedmap/-/orderedmap-1.0.0.tgz#d90fc2ba1ed085190907d601dec6e6a53f8d41ba"
@@ -8107,15 +8895,6 @@ os-locale@^1.4.0:
   dependencies:
     lcid "^1.0.0"
 
-os-locale@^2.0.0:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/os-locale/-/os-locale-2.1.0.tgz#42bc2900a6b5b8bd17376c8e882b65afccf24bf2"
-  integrity sha512-3sslG3zJbEYcaC4YVAvDorjGxc7tv6KVATnLPZONiljsUncvihe9BQoVCEs0RZ1kmf4Hk9OBqlZfJZWI4GanKA==
-  dependencies:
-    execa "^0.7.0"
-    lcid "^1.0.0"
-    mem "^1.1.0"
-
 os-locale@^3.0.0:
   version "3.1.0"
   resolved "https://registry.yarnpkg.com/os-locale/-/os-locale-3.1.0.tgz#a802a6ee17f24c10483ab9935719cef4ed16bf1a"
@@ -8279,6 +9058,22 @@ parse-entities@^1.0.2, parse-entities@^1.1.0:
     is-decimal "^1.0.0"
     is-hexadecimal "^1.0.0"
 
+parse-filepath@^1.0.2:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/parse-filepath/-/parse-filepath-1.0.2.tgz#a632127f53aaf3d15876f5872f3ffac763d6c891"
+  integrity sha1-pjISf1Oq89FYdvWHLz/6x2PWyJE=
+  dependencies:
+    is-absolute "^1.0.0"
+    map-cache "^0.2.0"
+    path-root "^0.1.1"
+
+parse-git-config@^0.2.0:
+  version "0.2.0"
+  resolved "https://registry.yarnpkg.com/parse-git-config/-/parse-git-config-0.2.0.tgz#272833fdd15fea146fb75d336d236b963b6ff706"
+  integrity sha1-Jygz/dFf6hRvt10zbSNrljtv9wY=
+  dependencies:
+    ini "^1.3.3"
+
 parse-json@^2.2.0:
   version "2.2.0"
   resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-2.2.0.tgz#f480f40434ef80741f8469099f8dea18f55a4dc9"
@@ -8294,11 +9089,34 @@ parse-json@^4.0.0:
     error-ex "^1.3.1"
     json-parse-better-errors "^1.0.1"
 
+parse-node-version@^1.0.0:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/parse-node-version/-/parse-node-version-1.0.1.tgz#e2b5dbede00e7fa9bc363607f53327e8b073189b"
+  integrity sha512-3YHlOa/JgH6Mnpr05jP9eDG254US9ek25LyIxZlDItp2iJtwyaXQb57lBYLdT3MowkUFYEV2XXNAYIPlESvJlA==
+
 parse-passwd@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/parse-passwd/-/parse-passwd-1.0.0.tgz#6d5b934a456993b23d37f40a382d6f1666a8e5c6"
   integrity sha1-bVuTSkVpk7I9N/QKOC1vFmao5cY=
 
+parse-path@^3.0.1:
+  version "3.0.4"
+  resolved "https://registry.yarnpkg.com/parse-path/-/parse-path-3.0.4.tgz#a48b7b529da41f34d9d1428602a39b29fc7180e4"
+  integrity sha512-wP70vtwv2DyrM2YoA7ZHVv4zIXa4P7dGgHlj+VwyXNDduLLVJ7NMY1zsFxjUUJ3DAwJLupGb1H5gMDDiNlJaxw==
+  dependencies:
+    is-ssh "^1.3.0"
+    protocols "^1.4.0"
+
+parse-url@^3.0.2:
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/parse-url/-/parse-url-3.0.2.tgz#602787a7063a795d72b8673197505e72f60610be"
+  integrity sha1-YCeHpwY6eV1yuGcxl1BecvYGEL4=
+  dependencies:
+    is-ssh "^1.3.0"
+    normalize-url "^1.9.1"
+    parse-path "^3.0.1"
+    protocols "^1.4.0"
+
 parse5@4.0.0:
   version "4.0.0"
   resolved "https://registry.yarnpkg.com/parse5/-/parse5-4.0.0.tgz#6d78656e3da8d78b4ec0b906f7c08ef1dfe3f608"
@@ -8375,6 +9193,18 @@ path-parse@^1.0.6:
   resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.6.tgz#d62dbb5679405d72c4737ec58600e9ddcf06d24c"
   integrity sha512-GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw==
 
+path-root-regex@^0.1.0:
+  version "0.1.2"
+  resolved "https://registry.yarnpkg.com/path-root-regex/-/path-root-regex-0.1.2.tgz#bfccdc8df5b12dc52c8b43ec38d18d72c04ba96d"
+  integrity sha1-v8zcjfWxLcUsi0PsONGNcsBLqW0=
+
+path-root@^0.1.1:
+  version "0.1.1"
+  resolved "https://registry.yarnpkg.com/path-root/-/path-root-0.1.1.tgz#9a4a6814cac1c0cd73360a95f32083c8ea4745b7"
+  integrity sha1-mkpoFMrBwM1zNgqV8yCDyOpHRbc=
+  dependencies:
+    path-root-regex "^0.1.0"
+
 path-to-regexp@0.1.7:
   version "0.1.7"
   resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.7.tgz#df604178005f522f15eb4490e7247a1bfaa67f8c"
@@ -8442,7 +9272,7 @@ pify@^3.0.0:
   resolved "https://registry.yarnpkg.com/pify/-/pify-3.0.0.tgz#e5a4acd2c101fdf3d9a4d07f0dbc4db49dd28176"
   integrity sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=
 
-pify@^4.0.1:
+pify@^4.0.0, pify@^4.0.1:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/pify/-/pify-4.0.1.tgz#4b2cd25c50d598735c50292224fd8c6df41e3231"
   integrity sha512-uB80kBFb/tfd68bVleG9T5GGsGPjJrLAUpR5PZIrhBnIaRTQRjqdJSsIKkOP6OAIFbj7GOrcudc5pNjZ+geV2g==
@@ -8705,7 +9535,7 @@ prelude-ls@~1.1.2:
   resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.1.2.tgz#21932a549f5e52ffd9a827f570e04be62a97da54"
   integrity sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=
 
-prepend-http@^1.0.1:
+prepend-http@^1.0.0, prepend-http@^1.0.1:
   version "1.0.4"
   resolved "https://registry.yarnpkg.com/prepend-http/-/prepend-http-1.0.4.tgz#d4f4562b0ce3696e41ac52d0e002e57a635dc6dc"
   integrity sha1-1PRWKwzjaW5BrFLQ4ALlemNdxtw=
@@ -8747,16 +9577,16 @@ private@^0.1.6:
   resolved "https://registry.yarnpkg.com/private/-/private-0.1.8.tgz#2381edb3689f7a53d653190060fcf822d2f368ff"
   integrity sha512-VvivMrbvd2nKkiG38qjULzlc+4Vx4wm/whI9pQD35YrARNnhxeiRktSOhSukRLFNlzg6Br/cJPet5J/u19r/mg==
 
+process-nextick-args@^2.0.0, process-nextick-args@~2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.1.tgz#7820d9b16120cc55ca9ae7792680ae7dba6d7fe2"
+  integrity sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==
+
 process-nextick-args@~1.0.6:
   version "1.0.7"
   resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-1.0.7.tgz#150e20b756590ad3f91093f25a4f2ad8bff30ba3"
   integrity sha1-FQ4gt1ZZCtP5EJPyWk8q2L/zC6M=
 
-process-nextick-args@~2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.0.tgz#a37d732f4271b4ab1ad070d35508e8290788ffaa"
-  integrity sha512-MtEC1TqN0EU5nephaJ4rAtThHtC86dNN9qCuEhtshvpVBkAW5ZO7BASN9REnF9eoXGcRub+pFuKEpOHE+HbEMw==
-
 process@^0.11.10:
   version "0.11.10"
   resolved "https://registry.yarnpkg.com/process/-/process-0.11.10.tgz#7332300e840161bda3e69a1d1d91a7d4bc16f182"
@@ -8780,6 +9610,13 @@ prompts@^2.0.1:
     kleur "^3.0.2"
     sisteransi "^1.0.0"
 
+property-information@^4.0.0:
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/property-information/-/property-information-4.2.0.tgz#f0e66e07cbd6fed31d96844d958d153ad3eb486e"
+  integrity sha512-TlgDPagHh+eBKOnH2VYvk8qbwsCG/TAJdmTL7f1PROUcSO8qt/KSmShEQ/OKvock8X9tFjtqjCScyOkkkvIKVQ==
+  dependencies:
+    xtend "^4.0.1"
+
 prosemirror-commands@^1.0.7:
   version "1.0.7"
   resolved "https://registry.yarnpkg.com/prosemirror-commands/-/prosemirror-commands-1.0.7.tgz#e5a2ba821e29ea7065c88277fe2c3d7f6b0b9d37"
@@ -8901,6 +9738,11 @@ proto-list@~1.2.1:
   resolved "https://registry.yarnpkg.com/proto-list/-/proto-list-1.2.4.tgz#212d5bfe1318306a420f6402b8e26ff39647a849"
   integrity sha1-IS1b/hMYMGpCD2QCuOJv85ZHqEk=
 
+protocols@^1.1.0, protocols@^1.4.0:
+  version "1.4.7"
+  resolved "https://registry.yarnpkg.com/protocols/-/protocols-1.4.7.tgz#95f788a4f0e979b291ffefcf5636ad113d037d32"
+  integrity sha512-Fx65lf9/YDn3hUX08XUc0J8rSux36rEsyiv21ZGUC1mOyeM3lTRpZLcrm8aAolzS4itwVfm7TAPyxC2E5zd6xg==
+
 proxy-addr@~2.0.3:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/proxy-addr/-/proxy-addr-2.0.4.tgz#ecfc733bf22ff8c6f407fa275327b9ab67e48b93"
@@ -8956,12 +9798,12 @@ pump@^3.0.0:
     end-of-stream "^1.1.0"
     once "^1.3.1"
 
-pumpify@^1.3.3:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/pumpify/-/pumpify-1.4.0.tgz#80b7c5df7e24153d03f0e7ac8a05a5d068bd07fb"
-  integrity sha512-2kmNR9ry+Pf45opRVirpNuIFotsxUGLaYqxIwuR77AYrYRMuFCz9eryHBS52L360O+NcR383CL4QYlMKPq4zYA==
+pumpify@^1.3.3, pumpify@^1.3.5:
+  version "1.5.1"
+  resolved "https://registry.yarnpkg.com/pumpify/-/pumpify-1.5.1.tgz#36513be246ab27570b1a374a5ce278bfd74370ce"
+  integrity sha512-oClZI37HvuUJJxSKKrC17bZ9Cu0ZYhEAGPsPUy9KlMUmv9dKX2o77RUmq7f3XjIxbwyGwYzbzQ1L2Ks8sIradQ==
   dependencies:
-    duplexify "^3.5.3"
+    duplexify "^3.6.0"
     inherits "^2.0.3"
     pump "^2.0.0"
 
@@ -8990,11 +9832,19 @@ qs@6.5.1:
   resolved "https://registry.yarnpkg.com/qs/-/qs-6.5.1.tgz#349cdf6eef89ec45c12d7d5eb3fc0c870343a6d8"
   integrity sha512-eRzhrN1WSINYCDCbrz796z37LOe3m5tmW7RQf6oBntukAG1nmovJvhnwHHRMAfeoItc1m2Hk02WER2aQ/iqs+A==
 
-qs@~6.5.2:
+qs@^6.4.0, qs@~6.5.2:
   version "6.5.2"
   resolved "https://registry.yarnpkg.com/qs/-/qs-6.5.2.tgz#cb3ae806e8740444584ef154ce8ee98d403f3e36"
   integrity sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==
 
+query-string@^4.1.0:
+  version "4.3.4"
+  resolved "https://registry.yarnpkg.com/query-string/-/query-string-4.3.4.tgz#bbb693b9ca915c232515b228b1a02b609043dbeb"
+  integrity sha1-u7aTucqRXCMlFbIosaArYJBD2+s=
+  dependencies:
+    object-assign "^4.1.0"
+    strict-uri-encode "^1.0.0"
+
 query-string@^5.0.1:
   version "5.1.1"
   resolved "https://registry.yarnpkg.com/query-string/-/query-string-5.1.1.tgz#a78c012b71c17e05f2e3fa2319dd330682efb3cb"
@@ -9066,6 +9916,14 @@ raw-body@2.3.2:
     iconv-lite "0.4.19"
     unpipe "1.0.0"
 
+raw-body@~1.1.0:
+  version "1.1.7"
+  resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-1.1.7.tgz#1d027c2bfa116acc6623bca8f00016572a87d425"
+  integrity sha1-HQJ8K/oRasxmI7yo8AAWVyqH1CU=
+  dependencies:
+    bytes "1"
+    string_decoder "0.10"
+
 raw-loader@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/raw-loader/-/raw-loader-1.0.0.tgz#3f9889e73dadbda9a424bce79809b4133ad46405"
@@ -9148,7 +10006,7 @@ read-pkg@^3.0.0:
     normalize-package-data "^2.3.2"
     path-type "^3.0.0"
 
-"readable-stream@1 || 2", readable-stream@^2.0.0, readable-stream@^2.0.1, readable-stream@^2.0.2, readable-stream@^2.0.4, readable-stream@^2.0.6, readable-stream@^2.1.5, readable-stream@^2.2.2, readable-stream@^2.3.0, readable-stream@^2.3.3, readable-stream@^2.3.6:
+"readable-stream@1 || 2", readable-stream@^2.0.0, readable-stream@^2.0.1, readable-stream@^2.0.2, readable-stream@^2.0.5, readable-stream@^2.0.6, readable-stream@^2.1.5, readable-stream@^2.2.2, readable-stream@^2.3.0, readable-stream@^2.3.3, readable-stream@^2.3.5, readable-stream@^2.3.6, readable-stream@~2.3.6:
   version "2.3.6"
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.6.tgz#b11c27d88b8ff1fbe070643cf94b0c79ae1b0aaf"
   integrity sha512-tQtKA9WIAhBF3+VLAseyMqZeBjW0AHJoxOtYqSUZNJxauErmLbVm2FW1y+J/YA9dUrAC39ITejlZWhVIwawkKw==
@@ -9170,7 +10028,7 @@ readable-stream@^3.0.6:
     string_decoder "^1.1.1"
     util-deprecate "^1.0.1"
 
-readable-stream@~2.0.6:
+readable-stream@~2.0.0, readable-stream@~2.0.6:
   version "2.0.6"
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.0.6.tgz#8f90341e68a53ccc928788dacfcd11b36eb9b78e"
   integrity sha1-j5A0HmilPMySh4jaz80Rs265t44=
@@ -9182,6 +10040,19 @@ readable-stream@~2.0.6:
     string_decoder "~0.10.x"
     util-deprecate "~1.0.1"
 
+readable-stream@~2.1.0:
+  version "2.1.5"
+  resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.1.5.tgz#66fa8b720e1438b364681f2ad1a63c618448c9d0"
+  integrity sha1-ZvqLcg4UOLNkaB8q0aY8YYRIydA=
+  dependencies:
+    buffer-shims "^1.0.0"
+    core-util-is "~1.0.0"
+    inherits "~2.0.1"
+    isarray "~1.0.0"
+    process-nextick-args "~1.0.6"
+    string_decoder "~0.10.x"
+    util-deprecate "~1.0.1"
+
 readdir-enhanced@^2.2.4:
   version "2.2.4"
   resolved "https://registry.yarnpkg.com/readdir-enhanced/-/readdir-enhanced-2.2.4.tgz#773fb8a8de5f645fb13d9403746d490d4facb3e6"
@@ -9235,10 +10106,10 @@ regenerate@^1.2.1, regenerate@^1.4.0:
   resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.4.0.tgz#4a856ec4b56e4077c557589cae85e7a4c8869a11"
   integrity sha512-1G6jJVDWrt0rK99kBjvEtziZNCICAuvIPkSiUFIQxVP06RCVpq3dmDo2oi6ABpYaDYaTRr67BEhL8r1wgEZZKg==
 
-regenerator-transform@^0.13.4:
-  version "0.13.4"
-  resolved "https://registry.yarnpkg.com/regenerator-transform/-/regenerator-transform-0.13.4.tgz#18f6763cf1382c69c36df76c6ce122cc694284fb"
-  integrity sha512-T0QMBjK3J0MtxjPmdIMXm72Wvj2Abb0Bd4HADdfijwMdoIsyQZ6fWC7kDFhk2YinBBEMZDL7Y7wh0J1sGx3S4A==
+regenerator-transform@^0.14.0:
+  version "0.14.1"
+  resolved "https://registry.yarnpkg.com/regenerator-transform/-/regenerator-transform-0.14.1.tgz#3b2fce4e1ab7732c08f665dfdb314749c7ddd2fb"
+  integrity sha512-flVuee02C3FKRISbxhXl9mGzdbWUVHubl1SMaknjxkFB1/iqpJhArQUvRxOOPEc/9tAiX0BaQ28FJH10E4isSQ==
   dependencies:
     private "^0.1.6"
 
@@ -9250,14 +10121,10 @@ regex-not@^1.0.0, regex-not@^1.0.2:
     extend-shallow "^3.0.2"
     safe-regex "^1.1.0"
 
-regexp-tree@^0.1.0:
-  version "0.1.0"
-  resolved "https://registry.yarnpkg.com/regexp-tree/-/regexp-tree-0.1.0.tgz#a56ad7746097888ea16457479029ec9345b96ab0"
-  integrity sha512-rHQv+tzu+0l3KS/ERabas1yK49ahNVxuH40WcPg53CzP5p8TgmmyBgHELLyJcvjhTD0e5ahSY6C76LbEVtr7cg==
-  dependencies:
-    cli-table3 "^0.5.0"
-    colors "^1.1.2"
-    yargs "^10.0.3"
+regexp-tree@^0.1.6:
+  version "0.1.11"
+  resolved "https://registry.yarnpkg.com/regexp-tree/-/regexp-tree-0.1.11.tgz#c9c7f00fcf722e0a56c7390983a7a63dd6c272f3"
+  integrity sha512-7/l/DgapVVDzZobwMCCgMlqiqyLFJ0cduo/j+3BcDJIB+yJdsYCfKuI3l/04NV+H/rfNRdPIDbXNZHM9XvQatg==
 
 regexpp@^2.0.1:
   version "2.0.1"
@@ -9329,6 +10196,37 @@ relateurl@^0.2.7:
   resolved "https://registry.yarnpkg.com/relateurl/-/relateurl-0.2.7.tgz#54dbf377e51440aca90a4cd274600d3ff2d888a9"
   integrity sha1-VNvzd+UUQKypCkzSdGANP/LYiKk=
 
+remark-html@^8.0.0:
+  version "8.0.0"
+  resolved "https://registry.yarnpkg.com/remark-html/-/remark-html-8.0.0.tgz#9fcb859a6f3cb40f3ef15402950f1a62ec301b3a"
+  integrity sha512-3V2391GL3hxKhrkzYOyfPpxJ6taIKLCfuLVqumeWQOk3H9nTtSQ8St8kMYkBVIEAquXN1chT83qJ/2lAW+dpEg==
+  dependencies:
+    hast-util-sanitize "^1.0.0"
+    hast-util-to-html "^4.0.0"
+    mdast-util-to-hast "^3.0.0"
+    xtend "^4.0.1"
+
+remark-parse@^5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/remark-parse/-/remark-parse-5.0.0.tgz#4c077f9e499044d1d5c13f80d7a98cf7b9285d95"
+  integrity sha512-b3iXszZLH1TLoyUzrATcTQUZrwNl1rE70rVdSruJFlDaJ9z5aMkhrG43Pp68OgfHndL/ADz6V69Zow8cTQu+JA==
+  dependencies:
+    collapse-white-space "^1.0.2"
+    is-alphabetical "^1.0.0"
+    is-decimal "^1.0.0"
+    is-whitespace-character "^1.0.0"
+    is-word-character "^1.0.0"
+    markdown-escapes "^1.0.0"
+    parse-entities "^1.1.0"
+    repeat-string "^1.5.4"
+    state-toggle "^1.0.0"
+    trim "0.0.1"
+    trim-trailing-lines "^1.0.0"
+    unherit "^1.0.4"
+    unist-util-remove-position "^1.0.0"
+    vfile-location "^2.0.0"
+    xtend "^4.0.1"
+
 remark-parse@^6.0.0:
   version "6.0.3"
   resolved "https://registry.yarnpkg.com/remark-parse/-/remark-parse-6.0.3.tgz#c99131052809da482108413f87b0ee7f52180a3a"
@@ -9350,6 +10248,42 @@ remark-parse@^6.0.0:
     vfile-location "^2.0.0"
     xtend "^4.0.1"
 
+remark-reference-links@^4.0.1:
+  version "4.0.4"
+  resolved "https://registry.yarnpkg.com/remark-reference-links/-/remark-reference-links-4.0.4.tgz#190579a0d6b002859d6cdbdc5aeb8bbdae4e06ab"
+  integrity sha512-+2X8hwSQqxG4tvjYZNrTcEC+bXp8shQvwRGG6J/rnFTvBoU4G0BBviZoqKGZizLh/DG+0gSYhiDDWCqyxXW1iQ==
+  dependencies:
+    unist-util-visit "^1.0.0"
+
+remark-slug@^5.0.0:
+  version "5.1.2"
+  resolved "https://registry.yarnpkg.com/remark-slug/-/remark-slug-5.1.2.tgz#715ecdef8df1226786204b1887d31ab16aa24609"
+  integrity sha512-DWX+Kd9iKycqyD+/B+gEFO3jjnt7Yg1O05lygYSNTe5i5PIxxxPjp5qPBDxPIzp5wreF7+1ROCwRgjEcqmzr3A==
+  dependencies:
+    github-slugger "^1.0.0"
+    mdast-util-to-string "^1.0.0"
+    unist-util-visit "^1.0.0"
+
+remark-stringify@^5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/remark-stringify/-/remark-stringify-5.0.0.tgz#336d3a4d4a6a3390d933eeba62e8de4bd280afba"
+  integrity sha512-Ws5MdA69ftqQ/yhRF9XhVV29mhxbfGhbz0Rx5bQH+oJcNhhSM6nCu1EpLod+DjrFGrU0BMPs+czVmJZU7xiS7w==
+  dependencies:
+    ccount "^1.0.0"
+    is-alphanumeric "^1.0.0"
+    is-decimal "^1.0.0"
+    is-whitespace-character "^1.0.0"
+    longest-streak "^2.0.1"
+    markdown-escapes "^1.0.0"
+    markdown-table "^1.1.0"
+    mdast-util-compact "^1.0.0"
+    parse-entities "^1.0.2"
+    repeat-string "^1.5.4"
+    state-toggle "^1.0.0"
+    stringify-entities "^1.0.1"
+    unherit "^1.0.4"
+    xtend "^4.0.1"
+
 remark-stringify@^6.0.0:
   version "6.0.4"
   resolved "https://registry.yarnpkg.com/remark-stringify/-/remark-stringify-6.0.4.tgz#16ac229d4d1593249018663c7bddf28aafc4e088"
@@ -9370,6 +10304,14 @@ remark-stringify@^6.0.0:
     unherit "^1.0.4"
     xtend "^4.0.1"
 
+remark-toc@^5.0.0:
+  version "5.1.1"
+  resolved "https://registry.yarnpkg.com/remark-toc/-/remark-toc-5.1.1.tgz#8c229d6f834cdb43fde6685e2d43248d3fc82d78"
+  integrity sha512-vCPW4YOsm2CfyuScdktM9KDnJXVHJsd/ZeRtst+dnBU3B3KKvt8bc+bs5syJjyptAHfqo7H+5Uhz+2blWBfwow==
+  dependencies:
+    mdast-util-toc "^3.0.0"
+    remark-slug "^5.0.0"
+
 remark@^10.0.1:
   version "10.0.1"
   resolved "https://registry.yarnpkg.com/remark/-/remark-10.0.1.tgz#3058076dc41781bf505d8978c291485fe47667df"
@@ -9379,6 +10321,39 @@ remark@^10.0.1:
     remark-stringify "^6.0.0"
     unified "^7.0.0"
 
+remark@^9.0.0:
+  version "9.0.0"
+  resolved "https://registry.yarnpkg.com/remark/-/remark-9.0.0.tgz#c5cfa8ec535c73a67c4b0f12bfdbd3a67d8b2f60"
+  integrity sha512-amw8rGdD5lHbMEakiEsllmkdBP+/KpjW/PRK6NSGPZKCQowh0BT4IWXDAkRMyG3SB9dKPXWMviFjNusXzXNn3A==
+  dependencies:
+    remark-parse "^5.0.0"
+    remark-stringify "^5.0.0"
+    unified "^6.0.0"
+
+remote-origin-url@0.4.0:
+  version "0.4.0"
+  resolved "https://registry.yarnpkg.com/remote-origin-url/-/remote-origin-url-0.4.0.tgz#4d3e2902f34e2d37d1c263d87710b77eb4086a30"
+  integrity sha1-TT4pAvNOLTfRwmPYdxC3frQIajA=
+  dependencies:
+    parse-git-config "^0.2.0"
+
+remove-bom-buffer@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/remove-bom-buffer/-/remove-bom-buffer-3.0.0.tgz#c2bf1e377520d324f623892e33c10cac2c252b53"
+  integrity sha512-8v2rWhaakv18qcvNeli2mZ/TMTL2nEyAKRvzo1WtnZBl15SHyEhrCu2/xKlJyUFKHiHgfXIyuY6g2dObJJycXQ==
+  dependencies:
+    is-buffer "^1.1.5"
+    is-utf8 "^0.2.1"
+
+remove-bom-stream@^1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/remove-bom-stream/-/remove-bom-stream-1.2.0.tgz#05f1a593f16e42e1fb90ebf59de8e569525f9523"
+  integrity sha1-BfGlk/FuQuH7kOv1nejlaVJflSM=
+  dependencies:
+    remove-bom-buffer "^3.0.0"
+    safe-buffer "^5.1.0"
+    through2 "^2.0.3"
+
 remove-trailing-separator@^1.0.1:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz#c24bce2a283adad5bc3f58e0d48249b92379d8ef"
@@ -9394,7 +10369,7 @@ repeat-string@^0.2.2:
   resolved "https://registry.yarnpkg.com/repeat-string/-/repeat-string-0.2.2.tgz#c7a8d3236068362059a7e4651fc6884e8b1fb4ae"
   integrity sha1-x6jTI2BoNiBZp+RlH8aITosftK4=
 
-repeat-string@^1.5.4, repeat-string@^1.6.1:
+repeat-string@^1.5.0, repeat-string@^1.5.4, repeat-string@^1.6.1:
   version "1.6.1"
   resolved "https://registry.yarnpkg.com/repeat-string/-/repeat-string-1.6.1.tgz#8dcae470e1c88abc2d600fff4a776286da75e637"
   integrity sha1-jcrkcOHIirwtYA//Sndihtp15jc=
@@ -9406,7 +10381,7 @@ repeating@^2.0.0:
   dependencies:
     is-finite "^1.0.0"
 
-replace-ext@1.0.0:
+replace-ext@1.0.0, replace-ext@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/replace-ext/-/replace-ext-1.0.0.tgz#de63128373fcbf7c3ccfa4de5a480c45a67958eb"
   integrity sha1-3mMSg3P8v3w8z6TeWkgMRaZ5WOs=
@@ -9518,6 +10493,13 @@ resolve-from@^5.0.0:
   resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-5.0.0.tgz#c35225843df8f776df21c57557bc087e9dfdfc69"
   integrity sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==
 
+resolve-options@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/resolve-options/-/resolve-options-1.1.0.tgz#32bb9e39c06d67338dc9378c0d6d6074566ad131"
+  integrity sha1-MrueOcBtZzONyTeMDW1gdFZq0TE=
+  dependencies:
+    value-or-function "^3.0.0"
+
 resolve-url@^0.2.1:
   version "0.2.1"
   resolved "https://registry.yarnpkg.com/resolve-url/-/resolve-url-0.2.1.tgz#2c637fe77c893afd2a663fe21aa9080068e2052a"
@@ -9528,10 +10510,10 @@ resolve@1.1.7:
   resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.1.7.tgz#203114d82ad2c5ed9e8e0411b3932875e889e97b"
   integrity sha1-IDEU2CrSxe2ejgQRs5ModeiJ6Xs=
 
-resolve@1.x, resolve@^1.10.0, resolve@^1.3.2, resolve@^1.4.0, resolve@^1.5.0, resolve@^1.9.0:
-  version "1.11.0"
-  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.11.0.tgz#4014870ba296176b86343d50b60f3b50609ce232"
-  integrity sha512-WL2pBDjqT6pGUNSUzMw00o4T7If+z4H2x3Gz893WoUQ5KW8Vr9txp00ykiP16VBaZF5+j/OcXJHZ9+PCvdiDKw==
+resolve@1.x, resolve@^1.1.3, resolve@^1.10.0, resolve@^1.3.2, resolve@^1.4.0, resolve@^1.5.0, resolve@^1.8.1, resolve@^1.9.0:
+  version "1.11.1"
+  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.11.1.tgz#ea10d8110376982fef578df8fc30b9ac30a07a3e"
+  integrity sha512-vIpgF6wfuJOZI7KKKSP+HmiKggadPQAdsp5HiC1mvqnfp0gF1vdwgBWZIdrVft9pgqoMFQN+R7BSWZiBxx+BBw==
   dependencies:
     path-parse "^1.0.6"
 
@@ -9621,6 +10603,11 @@ safe-buffer@5.1.2, safe-buffer@^5.0.1, safe-buffer@^5.1.0, safe-buffer@^5.1.1, s
   resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d"
   integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==
 
+safe-json-parse@~1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/safe-json-parse/-/safe-json-parse-1.0.1.tgz#3e76723e38dfdda13c9b1d29a1e07ffee4b30b57"
+  integrity sha1-PnZyPjjf3aE8mx0poeB//uSzC1c=
+
 safe-regex@^1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/safe-regex/-/safe-regex-1.1.0.tgz#40a3669f3b077d1e943d44629e157dd48023bf2e"
@@ -9744,10 +10731,10 @@ semver-diff@^2.0.0:
   resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.0.tgz#790a7cf6fea5459bac96110b29b60412dc8ff96b"
   integrity sha512-Ya52jSX2u7QKghxeoFGpLwCtGlt7j0oY9DYb5apt9nPlJ42ID+ulTXESnt/qAQcoSERyZ5sl3LDIOw0nAn/5DA==
 
-semver@^6.0.0:
-  version "6.0.0"
-  resolved "https://registry.yarnpkg.com/semver/-/semver-6.0.0.tgz#05e359ee571e5ad7ed641a6eec1e547ba52dea65"
-  integrity sha512-0UewU+9rFapKFnlbirLi3byoOuhrSsli/z/ihNnvM24vgF+8sNBiI1LZPBSH9wJKUwaUbw+s3hToDLCXkrghrQ==
+semver@^6.0.0, semver@^6.1.1:
+  version "6.2.0"
+  resolved "https://registry.yarnpkg.com/semver/-/semver-6.2.0.tgz#4d813d9590aaf8a9192693d6c85b9344de5901db"
+  integrity sha512-jdFC1VdUGT/2Scgbimf7FSx9iJLXoqfglSF+gJeuNWVpiE37OIbc1jywR/GJyFdz3mnkz2/id0L0J/cr0izR5A==
 
 semver@~5.3.0:
   version "5.3.0"
@@ -10023,6 +11010,13 @@ sockjs@0.3.19:
     faye-websocket "^0.10.0"
     uuid "^3.0.1"
 
+sort-keys@^1.0.0:
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/sort-keys/-/sort-keys-1.1.2.tgz#441b6d4d346798f1b4e49e8920adfba0e543f9ad"
+  integrity sha1-RBttTTRnmPG05J6JIK37oOVD+a0=
+  dependencies:
+    is-plain-obj "^1.0.0"
+
 sort-keys@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/sort-keys/-/sort-keys-2.0.0.tgz#658535584861ec97d730d6cf41822e1f56684128"
@@ -10086,6 +11080,11 @@ source-map@^0.6.0, source-map@^0.6.1, source-map@~0.6.0, source-map@~0.6.1:
   resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.6.1.tgz#74722af32e9614e9c287a8d0bbde48b5e2f1a263"
   integrity sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==
 
+space-separated-tokens@^1.0.0:
+  version "1.1.4"
+  resolved "https://registry.yarnpkg.com/space-separated-tokens/-/space-separated-tokens-1.1.4.tgz#27910835ae00d0adfcdbd0ad7e611fb9544351fa"
+  integrity sha512-UyhMSmeIqZrQn2UdjYpxEkwY9JUrn8pP+7L4f91zRzOQuI8MF1FGLfYU9DKCYeLdo7LXMxwrX5zKFy7eeeVHuA==
+
 spdx-correct@~1.0.0:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-1.0.2.tgz#4b3073d933ff51f3912f03ac5519498a4150db40"
@@ -10223,6 +11222,13 @@ stickyfilljs@^2.0.5:
   resolved "https://registry.yarnpkg.com/stickyfilljs/-/stickyfilljs-2.0.5.tgz#d229e372d2199ddf5d283bbe34ac1f7d2529c2fc"
   integrity sha512-KGKdqKbv1jXit54ltFPIWw/XVeuSrJmTUS8viT1Pmdpp1Jyv3SMpFmhvPBdddX9FHDlHbm9s8cPAhPviBaBVpA==
 
+stream-array@^1.1.2:
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/stream-array/-/stream-array-1.1.2.tgz#9e5f7345f2137c30ee3b498b9114e80b52bb7eb5"
+  integrity sha1-nl9zRfITfDDuO0mLkRToC1K7frU=
+  dependencies:
+    readable-stream "~2.1.0"
+
 stream-browserify@^2.0.1:
   version "2.0.1"
   resolved "https://registry.yarnpkg.com/stream-browserify/-/stream-browserify-2.0.1.tgz#66266ee5f9bdb9940a4e4514cafb43bb71e5c9db"
@@ -10231,6 +11237,14 @@ stream-browserify@^2.0.1:
     inherits "~2.0.1"
     readable-stream "^2.0.2"
 
+stream-combiner2@^1.1.1:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/stream-combiner2/-/stream-combiner2-1.1.1.tgz#fb4d8a1420ea362764e21ad4780397bebcb41cbe"
+  integrity sha1-+02KFCDqNidk4hrUeAOXvry0HL4=
+  dependencies:
+    duplexer2 "~0.1.0"
+    readable-stream "^2.0.2"
+
 stream-each@^1.1.0:
   version "1.2.2"
   resolved "https://registry.yarnpkg.com/stream-each/-/stream-each-1.2.2.tgz#8e8c463f91da8991778765873fe4d960d8f616bd"
@@ -10278,6 +11292,11 @@ string-length@^2.0.0:
     astral-regex "^1.0.0"
     strip-ansi "^4.0.0"
 
+string-template@~0.2.1:
+  version "0.2.1"
+  resolved "https://registry.yarnpkg.com/string-template/-/string-template-0.2.1.tgz#42932e598a352d01fc22ec3367d9d84eec6c9add"
+  integrity sha1-QpMuWYo1LQH8IuwzZ9nYTuxsmt0=
+
 string-width@^1.0.1, string-width@^1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3"
@@ -10304,7 +11323,7 @@ string-width@^3.0.0:
     is-fullwidth-code-point "^2.0.0"
     strip-ansi "^5.0.0"
 
-string-width@^4.1.0:
+string-width@^4.0.0, string-width@^4.1.0:
   version "4.1.0"
   resolved "https://registry.yarnpkg.com/string-width/-/string-width-4.1.0.tgz#ba846d1daa97c3c596155308063e075ed1c99aff"
   integrity sha512-NrX+1dVVh+6Y9dnQ19pR0pP4FiEIlUvdTGn8pw6CKTNq5sgib2nIhmUNT5TAmhWmvKr3WcxBcP3E8nWezuipuQ==
@@ -10313,6 +11332,11 @@ string-width@^4.1.0:
     is-fullwidth-code-point "^3.0.0"
     strip-ansi "^5.2.0"
 
+string_decoder@0.10, string_decoder@~0.10.x:
+  version "0.10.31"
+  resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-0.10.31.tgz#62e203bc41766c6c28c9fc84301dab1c5310fa94"
+  integrity sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=
+
 string_decoder@^1.0.0, string_decoder@^1.1.1, string_decoder@~1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.1.1.tgz#9cf1611ba62685d7030ae9e4ba34149c3af03fc8"
@@ -10320,11 +11344,6 @@ string_decoder@^1.0.0, string_decoder@^1.1.1, string_decoder@~1.1.1:
   dependencies:
     safe-buffer "~5.1.0"
 
-string_decoder@~0.10.x:
-  version "0.10.31"
-  resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-0.10.31.tgz#62e203bc41766c6c28c9fc84301dab1c5310fa94"
-  integrity sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=
-
 stringify-entities@^1.0.1:
   version "1.3.2"
   resolved "https://registry.yarnpkg.com/stringify-entities/-/stringify-entities-1.3.2.tgz#a98417e5471fd227b3e45d3db1861c11caf668f7"
@@ -10480,6 +11499,13 @@ stylelint@^10.1.0:
     svg-tags "^1.0.0"
     table "^5.2.3"
 
+subarg@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/subarg/-/subarg-1.0.0.tgz#f62cf17581e996b48fc965699f54c06ae268b8d2"
+  integrity sha1-9izxdYHplrSPyWVpn1TAauJouNI=
+  dependencies:
+    minimist "^1.1.0"
+
 sugarss@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/sugarss/-/sugarss-2.0.0.tgz#ddd76e0124b297d40bf3cca31c8b22ecb43bc61d"
@@ -10499,7 +11525,7 @@ supports-color@^5.1.0, supports-color@^5.2.0, supports-color@^5.3.0, supports-co
   dependencies:
     has-flag "^3.0.0"
 
-supports-color@^6.1.0:
+supports-color@^6.0.0, supports-color@^6.1.0:
   version "6.1.0"
   resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-6.1.0.tgz#0764abc69c63d5ac842dd4867e8d025e880df8f3"
   integrity sha512-qe1jfm1Mg7Nq/NSh6XE24gPXROEVsWHxC1LIx//XNlD9iw7YZQGjZNjYN7xGaEG6iKdA8EtNFW6R0gjnVXp+wQ==
@@ -10657,15 +11683,23 @@ throttle-debounce@^2.0.0:
   resolved "https://registry.yarnpkg.com/throttle-debounce/-/throttle-debounce-2.0.1.tgz#7307ddd6cd9acadb349132fbf6c18d78c88a5e62"
   integrity sha512-Sr6jZBlWShsAaSXKyNXyNicOrJW/KtkDqIEwHt4wYwWA2wa/q67Luhqoujg48V8hTk60wB56tYrJJn6jc2R7VA==
 
-through2@^2.0.0:
-  version "2.0.3"
-  resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.3.tgz#0004569b37c7c74ba39c43f3ced78d1ad94140be"
-  integrity sha1-AARWmzfHx0ujnEPzzteNGtlBQL4=
+through2-filter@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/through2-filter/-/through2-filter-3.0.0.tgz#700e786df2367c2c88cd8aa5be4cf9c1e7831254"
+  integrity sha512-jaRjI2WxN3W1V8/FMZ9HKIBXixtiqs3SQSX4/YGIiP3gL6djW48VoZq9tDqeCWs3MT8YY5wb/zli8VW8snY1CA==
   dependencies:
-    readable-stream "^2.1.5"
+    through2 "~2.0.0"
+    xtend "~4.0.0"
+
+through2@^2.0.0, through2@^2.0.3, through2@~2.0.0:
+  version "2.0.5"
+  resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.5.tgz#01c1e39eb31d07cb7d03a96a70823260b23132cd"
+  integrity sha512-/mrRod8xqpA+IHSLyGCQ2s8SPHiCDEeQJSep1jqLYeEUClOFG2Qsh+4FU6G9VeqpZnGW/Su8LQGc4YKni5rYSQ==
+  dependencies:
+    readable-stream "~2.3.6"
     xtend "~4.0.1"
 
-through@^2.3.6:
+"through@>=2.2.7 <3", through@^2.3.6:
   version "2.3.8"
   resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5"
   integrity sha1-DdTJ/6q8NXlgsbckEV1+Doai4fU=
@@ -10675,6 +11709,11 @@ thunky@^0.1.0:
   resolved "https://registry.yarnpkg.com/thunky/-/thunky-0.1.0.tgz#bf30146824e2b6e67b0f2d7a4ac8beb26908684e"
   integrity sha1-vzAUaCTituZ7Dy16Ssi+smkIaE4=
 
+time-stamp@^1.0.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/time-stamp/-/time-stamp-1.1.0.tgz#764a5a11af50561921b133f3b44e618687e0f5c3"
+  integrity sha1-dkpaEa9QVhkhsTPztE5hhofg9cM=
+
 timeago.js@^3.0.2:
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/timeago.js/-/timeago.js-3.0.2.tgz#32a67e7c0d887ea42ca588d3aae26f77de5e76cc"
@@ -10699,6 +11738,18 @@ tiny-emitter@^2.0.0:
   resolved "https://registry.yarnpkg.com/tiny-emitter/-/tiny-emitter-2.0.2.tgz#82d27468aca5ade8e5fd1e6d22b57dd43ebdfb7c"
   integrity sha512-2NM0auVBGft5tee/OxP4PI3d8WItkDM+fPnaRAVo6xTDI2knbz9eC5ArWGqtGlYqiH3RU5yMpdyTTO7MguC4ow==
 
+tiny-lr@^1.1.0:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/tiny-lr/-/tiny-lr-1.1.1.tgz#9fa547412f238fedb068ee295af8b682c98b2aab"
+  integrity sha512-44yhA3tsaRoMOjQQ+5v5mVdqef+kH6Qze9jTpqtVufgYjYt08zyZAwNwwVBj3i1rJMnR52IxOW0LK0vBzgAkuA==
+  dependencies:
+    body "^5.1.0"
+    debug "^3.1.0"
+    faye-websocket "~0.10.0"
+    livereload-js "^2.3.0"
+    object-assign "^4.1.0"
+    qs "^6.4.0"
+
 tiptap-commands@^1.4.0:
   version "1.4.0"
   resolved "https://registry.yarnpkg.com/tiptap-commands/-/tiptap-commands-1.4.0.tgz#0cfb3ac138ee3099de56114cb119abd841fbcbe7"
@@ -10762,6 +11813,14 @@ tmpl@1.0.x:
   resolved "https://registry.yarnpkg.com/tmpl/-/tmpl-1.0.4.tgz#23640dd7b42d00433911140820e5cf440e521dd1"
   integrity sha1-I2QN17QtAEM5ERQIIOXPRA5SHdE=
 
+to-absolute-glob@^2.0.0:
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/to-absolute-glob/-/to-absolute-glob-2.0.2.tgz#1865f43d9e74b0822db9f145b78cff7d0f7c849b"
+  integrity sha1-GGX0PZ50sIItufFFt4z/fQ98hJs=
+  dependencies:
+    is-absolute "^1.0.0"
+    is-negated-glob "^1.0.0"
+
 to-array@0.1.4:
   version "0.1.4"
   resolved "https://registry.yarnpkg.com/to-array/-/to-array-0.1.4.tgz#17e6c11f73dd4f3d74cda7a4ff3238e9ad9bf890"
@@ -10809,6 +11868,13 @@ to-regex@^3.0.1, to-regex@^3.0.2:
     regex-not "^1.0.2"
     safe-regex "^1.1.0"
 
+to-through@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/to-through/-/to-through-2.0.0.tgz#fc92adaba072647bc0b67d6b03664aa195093af6"
+  integrity sha1-/JKtq6ByZHvAtn1rA2ZKoZUJOvY=
+  dependencies:
+    through2 "^2.0.3"
+
 toggle-selection@^1.0.3:
   version "1.0.6"
   resolved "https://registry.yarnpkg.com/toggle-selection/-/toggle-selection-1.0.6.tgz#6e45b1263f2017fa0acc7d89d78b15b8bf77da32"
@@ -10836,6 +11902,11 @@ tr46@^1.0.1:
   dependencies:
     punycode "^2.1.0"
 
+trim-lines@^1.0.0:
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/trim-lines/-/trim-lines-1.1.2.tgz#c8adbdbdae21bb5c2766240a661f693afe23e59b"
+  integrity sha512-3GOuyNeTqk3FAqc3jOJtw7FTjYl94XBR5aD9QnDbK/T4CA9sW/J0l9RoaRPE9wyPP7NF331qnHnvJFBJ+IDkmQ==
+
 trim-newlines@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/trim-newlines/-/trim-newlines-1.0.0.tgz#5887966bb582a4503a41eb524f7d35011815a613"
@@ -10954,7 +12025,7 @@ type-is@~1.6.15, type-is@~1.6.16:
     media-typer "0.3.0"
     mime-types "~2.1.18"
 
-typedarray@^0.0.6:
+typedarray@^0.0.6, typedarray@~0.0.5:
   version "0.0.6"
   resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777"
   integrity sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c=
@@ -10982,6 +12053,11 @@ ultron@~1.1.0:
   resolved "https://registry.yarnpkg.com/ultron/-/ultron-1.1.1.tgz#9fe1536a10a664a65266a1e3ccf85fd36302bc9c"
   integrity sha512-UIEXBNeYmKptWH6z8ZnqTeS8fV74zG0/eRU9VGkpzz+LIJNs8W/zM/L+7ctCkRrgbNnnR0xxw4bKOr0cW0N0Og==
 
+unc-path-regex@^0.1.2:
+  version "0.1.2"
+  resolved "https://registry.yarnpkg.com/unc-path-regex/-/unc-path-regex-0.1.2.tgz#e73dd3d7b0d7c5ed86fbac6b0ae7d8c6a69d50fa"
+  integrity sha1-5z3T17DXxe2G+6xrCufYxqadUPo=
+
 undefsafe@^2.0.2:
   version "2.0.2"
   resolved "https://registry.yarnpkg.com/undefsafe/-/undefsafe-2.0.2.tgz#225f6b9e0337663e0d8e7cfd686fc2836ccace76"
@@ -11042,6 +12118,18 @@ unicode-property-aliases-ecmascript@^1.0.4:
   resolved "https://registry.yarnpkg.com/unicode-property-aliases-ecmascript/-/unicode-property-aliases-ecmascript-1.0.4.tgz#5a533f31b4317ea76f17d807fa0d116546111dd0"
   integrity sha512-2WSLa6OdYd2ng8oqiGIWnJqyFArvhn+5vgx5GTxMbUYjCYKUcuKS62YLFF0R/BDGlB1yzXjQOLtPAfHsgirEpg==
 
+unified@^6.0.0:
+  version "6.2.0"
+  resolved "https://registry.yarnpkg.com/unified/-/unified-6.2.0.tgz#7fbd630f719126d67d40c644b7e3f617035f6dba"
+  integrity sha512-1k+KPhlVtqmG99RaTbAv/usu85fcSRu3wY8X+vnsEhIxNP5VbVIDiXnLqyKIG+UMdyTg0ZX9EI6k2AfjJkHPtA==
+  dependencies:
+    bail "^1.0.0"
+    extend "^3.0.0"
+    is-plain-obj "^1.1.0"
+    trough "^1.0.0"
+    vfile "^2.0.0"
+    x-is-string "^0.1.0"
+
 unified@^7.0.0:
   version "7.1.0"
   resolved "https://registry.yarnpkg.com/unified/-/unified-7.1.0.tgz#5032f1c1ee3364bd09da12e27fdd4a7553c7be13"
@@ -11085,6 +12173,14 @@ unique-slug@^2.0.0:
   dependencies:
     imurmurhash "^0.1.4"
 
+unique-stream@^2.0.2:
+  version "2.3.1"
+  resolved "https://registry.yarnpkg.com/unique-stream/-/unique-stream-2.3.1.tgz#c65d110e9a4adf9a6c5948b28053d9a8d04cbeac"
+  integrity sha512-2nY4TnBE70yoxHkDli7DMazpWiP7xMdCYqU2nBRO0UB+ZpEkGsSija7MvmvnZFUeC+mrgiUfcHSr3LmRFIg4+A==
+  dependencies:
+    json-stable-stringify-without-jsonify "^1.0.1"
+    through2-filter "^3.0.0"
+
 unique-string@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/unique-string/-/unique-string-1.0.0.tgz#9e1057cca851abb93398f8b33ae187b99caec11a"
@@ -11092,6 +12188,13 @@ unique-string@^1.0.0:
   dependencies:
     crypto-random-string "^1.0.0"
 
+unist-builder@^1.0.1, unist-builder@^1.0.2:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/unist-builder/-/unist-builder-1.0.4.tgz#e1808aed30bd72adc3607f25afecebef4dd59e17"
+  integrity sha512-v6xbUPP7ILrT15fHGrNyHc1Xda8H3xVhP7/HAIotHOhVPjH5dCXA097C3Rry1Q2O+HbOLCao4hfPB+EYEjHgVg==
+  dependencies:
+    object-assign "^4.1.0"
+
 unist-util-find-all-after@^1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/unist-util-find-all-after/-/unist-util-find-all-after-1.0.2.tgz#9be49cfbae5ca1566b27536670a92836bf2f8d6d"
@@ -11099,11 +12202,21 @@ unist-util-find-all-after@^1.0.2:
   dependencies:
     unist-util-is "^2.0.0"
 
+unist-util-generated@^1.1.0:
+  version "1.1.4"
+  resolved "https://registry.yarnpkg.com/unist-util-generated/-/unist-util-generated-1.1.4.tgz#2261c033d9fc23fae41872cdb7663746e972c1a7"
+  integrity sha512-SA7Sys3h3X4AlVnxHdvN/qYdr4R38HzihoEVY2Q2BZu8NHWDnw5OGcC/tXWjQfd4iG+M6qRFNIRGqJmp2ez4Ww==
+
 unist-util-is@^2.0.0, unist-util-is@^2.1.2:
   version "2.1.2"
   resolved "https://registry.yarnpkg.com/unist-util-is/-/unist-util-is-2.1.2.tgz#1193fa8f2bfbbb82150633f3a8d2eb9a1c1d55db"
   integrity sha512-YkXBK/H9raAmG7KXck+UUpnKiNmUdB+aBGrknfQ4EreE1banuzrKABx3jP6Z5Z3fMSPMQQmeXBlKpCbMwBkxVw==
 
+unist-util-position@^3.0.0:
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/unist-util-position/-/unist-util-position-3.0.3.tgz#fff942b879538b242096c148153826664b1ca373"
+  integrity sha512-28EpCBYFvnMeq9y/4w6pbnFmCUfzlsc41NJui5c51hOFjBA1fejcwc+5W4z2+0ECVbScG3dURS3JTVqwenzqZw==
+
 unist-util-remove-position@^1.0.0:
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/unist-util-remove-position/-/unist-util-remove-position-1.1.2.tgz#86b5dad104d0bbfbeb1db5f5c92f3570575c12cb"
@@ -11116,6 +12229,13 @@ unist-util-stringify-position@^1.0.0, unist-util-stringify-position@^1.1.1:
   resolved "https://registry.yarnpkg.com/unist-util-stringify-position/-/unist-util-stringify-position-1.1.2.tgz#3f37fcf351279dcbca7480ab5889bb8a832ee1c6"
   integrity sha512-pNCVrk64LZv1kElr0N1wPiHEUoXNVFERp+mlTg/s9R5Lwg87f9bM/3sQB99w+N9D/qnM9ar3+AKDBwo/gm/iQQ==
 
+unist-util-stringify-position@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/unist-util-stringify-position/-/unist-util-stringify-position-2.0.1.tgz#de2a2bc8d3febfa606652673a91455b6a36fb9f3"
+  integrity sha512-Zqlf6+FRI39Bah8Q6ZnNGrEHUhwJOkHde2MHVk96lLyftfJJckaPslKgzhVcviXj8KcE9UJM9F+a4JEiBUTYgA==
+  dependencies:
+    "@types/unist" "^2.0.2"
+
 unist-util-visit-parents@^2.0.0:
   version "2.0.1"
   resolved "https://registry.yarnpkg.com/unist-util-visit-parents/-/unist-util-visit-parents-2.0.1.tgz#63fffc8929027bee04bfef7d2cce474f71cb6217"
@@ -11123,10 +12243,10 @@ unist-util-visit-parents@^2.0.0:
   dependencies:
     unist-util-is "^2.1.2"
 
-unist-util-visit@^1.1.0:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/unist-util-visit/-/unist-util-visit-1.4.0.tgz#1cb763647186dc26f5e1df5db6bd1e48b3cc2fb1"
-  integrity sha512-FiGu34ziNsZA3ZUteZxSFaczIjGmksfSgdKqBfOejrrfzyUy5b7YrlzT1Bcvi+djkYDituJDy2XB7tGTeBieKw==
+unist-util-visit@^1.0.0, unist-util-visit@^1.1.0, unist-util-visit@^1.3.0:
+  version "1.4.1"
+  resolved "https://registry.yarnpkg.com/unist-util-visit/-/unist-util-visit-1.4.1.tgz#4724aaa8486e6ee6e26d7ff3c8685960d560b1e3"
+  integrity sha512-AvGNk7Bb//EmJZyhtRUnNMEpId/AZ5Ph/KUpTI09WHQuDZHKovQ1oEv3mfmKpWKtoMzyMC4GLBm1Zy5k12fjIw==
   dependencies:
     unist-util-visit-parents "^2.0.0"
 
@@ -11291,6 +12411,11 @@ validate-npm-package-license@^3.0.1:
     spdx-correct "~1.0.0"
     spdx-expression-parse "~1.0.0"
 
+value-or-function@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/value-or-function/-/value-or-function-3.0.0.tgz#1c243a50b595c1be54a754bfece8563b9ff8d813"
+  integrity sha1-HCQ6ULWVwb5Up1S/7OhWO5/42BM=
+
 vary@~1.1.2:
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.2.tgz#2299f02c6ded30d4a5961b0b9f74524a18f634fc"
@@ -11317,6 +12442,46 @@ vfile-message@^1.0.0:
   dependencies:
     unist-util-stringify-position "^1.1.1"
 
+vfile-message@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/vfile-message/-/vfile-message-2.0.1.tgz#951881861c22fc1eb39f873c0b93e336a64e8f6d"
+  integrity sha512-KtasSV+uVU7RWhUn4Lw+wW1Zl/nW8JWx7JCPps10Y9JRRIDeDXf8wfBLoOSsJLyo27DqMyAi54C6Jf/d6Kr2Bw==
+  dependencies:
+    "@types/unist" "^2.0.2"
+    unist-util-stringify-position "^2.0.0"
+
+vfile-reporter@^6.0.0:
+  version "6.0.0"
+  resolved "https://registry.yarnpkg.com/vfile-reporter/-/vfile-reporter-6.0.0.tgz#753119f51dec9289b7508b457afc0cddf5e07f2e"
+  integrity sha512-8Is0XxFxWJUhPJdOg3CyZTqd3ICCWg6r304PuBl818ZG91h4FMS3Q+lrOPS+cs5/DZK3H0+AkJdH0J8JEwKtDA==
+  dependencies:
+    repeat-string "^1.5.0"
+    string-width "^4.0.0"
+    supports-color "^6.0.0"
+    unist-util-stringify-position "^2.0.0"
+    vfile-sort "^2.1.2"
+    vfile-statistics "^1.1.0"
+
+vfile-sort@^2.1.0, vfile-sort@^2.1.2:
+  version "2.2.1"
+  resolved "https://registry.yarnpkg.com/vfile-sort/-/vfile-sort-2.2.1.tgz#74e714f9175618cdae96bcaedf1a3dc711d87567"
+  integrity sha512-5dt7xEhC44h0uRQKhbM2JAe0z/naHphIZlMOygtMBM9Nn0pZdaX5fshhwWit9wvsuP8t/wp43nTDRRErO1WK8g==
+
+vfile-statistics@^1.1.0:
+  version "1.1.3"
+  resolved "https://registry.yarnpkg.com/vfile-statistics/-/vfile-statistics-1.1.3.tgz#e9c87071997fbcb4243764d2c3805e0bb0820c60"
+  integrity sha512-CstaK/ebTz1W3Qp41Bt9Lj/2DmumFsCwC2sKahDNSPh0mPh7/UyMLCoU8ZBX34CRU0d61B4W41yIFsV0NKMZeA==
+
+vfile@^2.0.0:
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/vfile/-/vfile-2.3.0.tgz#e62d8e72b20e83c324bc6c67278ee272488bf84a"
+  integrity sha512-ASt4mBUHcTpMKD/l5Q+WJXNtshlWxOogYyGYYrg4lt/vuRjC1EFQtlAofL5VmtVNIZJzWYFJjzGWZ0Gw8pzW1w==
+  dependencies:
+    is-buffer "^1.1.4"
+    replace-ext "1.0.0"
+    unist-util-stringify-position "^1.0.0"
+    vfile-message "^1.0.0"
+
 vfile@^3.0.0:
   version "3.0.1"
   resolved "https://registry.yarnpkg.com/vfile/-/vfile-3.0.1.tgz#47331d2abe3282424f4a4bb6acd20a44c4121803"
@@ -11327,6 +12492,65 @@ vfile@^3.0.0:
     unist-util-stringify-position "^1.0.0"
     vfile-message "^1.0.0"
 
+vfile@^4.0.0:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/vfile/-/vfile-4.0.1.tgz#fc3d43a1c71916034216bf65926d5ee3c64ed60c"
+  integrity sha512-lRHFCuC4SQBFr7Uq91oJDJxlnftoTLQ7eKIpMdubhYcVMho4781a8MWXLy3qZrZ0/STD1kRiKc0cQOHm4OkPeA==
+  dependencies:
+    "@types/unist" "^2.0.0"
+    is-buffer "^2.0.0"
+    replace-ext "1.0.0"
+    unist-util-stringify-position "^2.0.0"
+    vfile-message "^2.0.0"
+
+vinyl-fs@^3.0.2:
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/vinyl-fs/-/vinyl-fs-3.0.3.tgz#c85849405f67428feabbbd5c5dbdd64f47d31bc7"
+  integrity sha512-vIu34EkyNyJxmP0jscNzWBSygh7VWhqun6RmqVfXePrOwi9lhvRs//dOaGOTRUQr4tx7/zd26Tk5WeSVZitgng==
+  dependencies:
+    fs-mkdirp-stream "^1.0.0"
+    glob-stream "^6.1.0"
+    graceful-fs "^4.0.0"
+    is-valid-glob "^1.0.0"
+    lazystream "^1.0.0"
+    lead "^1.0.0"
+    object.assign "^4.0.4"
+    pumpify "^1.3.5"
+    readable-stream "^2.3.3"
+    remove-bom-buffer "^3.0.0"
+    remove-bom-stream "^1.2.0"
+    resolve-options "^1.1.0"
+    through2 "^2.0.0"
+    to-through "^2.0.0"
+    value-or-function "^3.0.0"
+    vinyl "^2.0.0"
+    vinyl-sourcemap "^1.1.0"
+
+vinyl-sourcemap@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/vinyl-sourcemap/-/vinyl-sourcemap-1.1.0.tgz#92a800593a38703a8cdb11d8b300ad4be63b3e16"
+  integrity sha1-kqgAWTo4cDqM2xHYswCtS+Y7PhY=
+  dependencies:
+    append-buffer "^1.0.2"
+    convert-source-map "^1.5.0"
+    graceful-fs "^4.1.6"
+    normalize-path "^2.1.1"
+    now-and-later "^2.0.0"
+    remove-bom-buffer "^3.0.0"
+    vinyl "^2.0.0"
+
+vinyl@^2.0.0, vinyl@^2.1.0, vinyl@^2.2.0:
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/vinyl/-/vinyl-2.2.0.tgz#d85b07da96e458d25b2ffe19fece9f2caa13ed86"
+  integrity sha512-MBH+yP0kC/GQ5GwBqrTPTzEfiiLjta7hTtvQtbxBgTeSXsmKQRQecjibMbxIXzVT3Y9KJK+drOz1/k+vsu8Nkg==
+  dependencies:
+    clone "^2.1.1"
+    clone-buffer "^1.0.0"
+    clone-stats "^1.0.0"
+    cloneable-readable "^1.0.0"
+    remove-trailing-separator "^1.0.1"
+    replace-ext "^1.0.0"
+
 visibilityjs@^1.2.4:
   version "1.2.4"
   resolved "https://registry.yarnpkg.com/visibilityjs/-/visibilityjs-1.2.4.tgz#bff8663da62c8c10ad4ee5ae6a1ae6fac4259d63"
@@ -11417,7 +12641,7 @@ vue-style-loader@^4.1.0:
     hash-sum "^1.0.2"
     loader-utils "^1.0.2"
 
-vue-template-compiler@^2.5.20, vue-template-compiler@^2.6.10:
+vue-template-compiler@^2.5.16, vue-template-compiler@^2.5.20, vue-template-compiler@^2.6.10:
   version "2.6.10"
   resolved "https://registry.yarnpkg.com/vue-template-compiler/-/vue-template-compiler-2.6.10.tgz#323b4f3495f04faa3503337a82f5d6507799c9cc"
   integrity sha512-jVZkw4/I/HT5ZMvRnhv78okGusqe0+qH2A0Em0Cp8aq78+NK9TII263CDVz2QXZsIT+yyV/gZc/j/vlwa+Epyg==
@@ -11823,10 +13047,10 @@ xregexp@4.0.0:
   resolved "https://registry.yarnpkg.com/xregexp/-/xregexp-4.0.0.tgz#e698189de49dd2a18cc5687b05e17c8e43943020"
   integrity sha512-PHyM+sQouu7xspQQwELlGwwd05mXUFqwFYfqPO0cC7x4fxyHnnuetmQr6CjJiafIDoH4MogHb9dOoJzR/Y4rFg==
 
-xtend@^4.0.0, xtend@^4.0.1, xtend@~4.0.1:
-  version "4.0.1"
-  resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.1.tgz#a5c6d532be656e23db820efb943a1f04998d63af"
-  integrity sha1-pcbVMr5lbiPbgg77lDofBJmNY68=
+xtend@^4.0.0, xtend@^4.0.1, xtend@~4.0.0, xtend@~4.0.1:
+  version "4.0.2"
+  resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.2.tgz#bb72779f5fa465186b1f438f674fa347fdb5db54"
+  integrity sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==
 
 xterm@^3.5.0:
   version "3.5.0"
@@ -11875,13 +13099,6 @@ yargs-parser@^5.0.0:
   dependencies:
     camelcase "^3.0.0"
 
-yargs-parser@^8.1.0:
-  version "8.1.0"
-  resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-8.1.0.tgz#f1376a33b6629a5d063782944da732631e966950"
-  integrity sha512-yP+6QqN8BmrgW2ggLtTbdrOyBNSI7zBa4IykmiV5R1wl1JWNxQvWhMfMdmzIYtKU7oP3OOInY/tl2ov3BDjnJQ==
-  dependencies:
-    camelcase "^4.1.0"
-
 yargs@12.0.2:
   version "12.0.2"
   resolved "https://registry.yarnpkg.com/yargs/-/yargs-12.0.2.tgz#fe58234369392af33ecbef53819171eff0f5aadc"
@@ -11900,24 +13117,6 @@ yargs@12.0.2:
     y18n "^3.2.1 || ^4.0.0"
     yargs-parser "^10.1.0"
 
-yargs@^10.0.3:
-  version "10.1.2"
-  resolved "https://registry.yarnpkg.com/yargs/-/yargs-10.1.2.tgz#454d074c2b16a51a43e2fb7807e4f9de69ccb5c5"
-  integrity sha512-ivSoxqBGYOqQVruxD35+EyCFDYNEFL/Uo6FcOnz+9xZdZzK0Zzw4r4KhbrME1Oo2gOggwJod2MnsdamSG7H9ig==
-  dependencies:
-    cliui "^4.0.0"
-    decamelize "^1.1.1"
-    find-up "^2.1.0"
-    get-caller-file "^1.0.1"
-    os-locale "^2.0.0"
-    require-directory "^2.1.1"
-    require-main-filename "^1.0.1"
-    set-blocking "^2.0.0"
-    string-width "^2.0.0"
-    which-module "^2.0.0"
-    y18n "^3.2.1"
-    yargs-parser "^8.1.0"
-
 yargs@^12.0.2, yargs@^12.0.4:
   version "12.0.5"
   resolved "https://registry.yarnpkg.com/yargs/-/yargs-12.0.5.tgz#05f5997b609647b64f66b81e3b4b10a368e7ad13"
-- 
cgit v1.2.1


From 7cee6139c07db7ba4fd6febf74c24dbfaee8e59d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Wed, 17 Jul 2019 15:33:52 +0200
Subject: Find build by sha from ref

Adds ability to find builds by sha when only specifying a ref.
---
 app/controllers/projects/artifacts_controller.rb            |  5 ++++-
 app/models/ci/pipeline.rb                                   |  7 ++++++-
 app/models/project.rb                                       | 13 ++++++++++++-
 .../projects/artifacts/user_downloads_artifacts_spec.rb     |  4 ++--
 4 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/app/controllers/projects/artifacts_controller.rb b/app/controllers/projects/artifacts_controller.rb
index 2ef18d900f2..da8a371acaa 100644
--- a/app/controllers/projects/artifacts_controller.rb
+++ b/app/controllers/projects/artifacts_controller.rb
@@ -92,7 +92,10 @@ class Projects::ArtifactsController < Projects::ApplicationController
   def build_from_ref
     return unless @ref_name
 
-    project.latest_successful_build_for(params[:job], @ref_name)
+    commit = project.commit(@ref_name)
+    return unless commit
+
+    project.latest_successful_build_for_sha(params[:job], commit.id)
   end
 
   def artifacts_file
diff --git a/app/models/ci/pipeline.rb b/app/models/ci/pipeline.rb
index 2262282e647..f70ff7e3192 100644
--- a/app/models/ci/pipeline.rb
+++ b/app/models/ci/pipeline.rb
@@ -230,9 +230,10 @@ module Ci
     # ref - The name (or names) of the branch(es)/tag(s) to limit the list of
     #       pipelines to.
     # limit - This limits a backlog search, default to 100.
-    def self.newest_first(ref: nil, limit: 100)
+    def self.newest_first(ref: nil, sha: nil, limit: 100)
       relation = order(id: :desc)
       relation = relation.where(ref: ref) if ref
+      relation = relation.where(sha: sha) if sha
 
       if limit
         ids = relation.limit(limit).select(:id)
@@ -252,6 +253,10 @@ module Ci
       newest_first(ref: ref).success.take
     end
 
+    def self.latest_successful_for_sha(sha)
+      newest_first(sha: sha).success.take
+    end
+
     def self.latest_successful_for_refs(refs)
       relation = newest_first(ref: refs).success
 
diff --git a/app/models/project.rb b/app/models/project.rb
index 8030c645e2e..9616e8c9748 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -719,14 +719,25 @@ class Project < ApplicationRecord
     repository.commits_by(oids: oids)
   end
 
-  # ref can't be HEAD, can only be branch/tag name or SHA
+  # ref can't be HEAD, can only be branch/tag name
   def latest_successful_build_for(job_name, ref = default_branch)
+    return unless ref
+
     latest_pipeline = ci_pipelines.latest_successful_for(ref)
     return unless latest_pipeline
 
     latest_pipeline.builds.latest.with_artifacts_archive.find_by(name: job_name)
   end
 
+  def latest_successful_build_for_sha(job_name, sha = commit(default_branch).id)
+    return unless sha
+
+    latest_pipeline = ci_pipelines.latest_successful_for_sha(sha)
+    return unless latest_pipeline
+
+    latest_pipeline.builds.latest.with_artifacts_archive.find_by(name: job_name)
+  end
+
   def latest_successful_build_for!(job_name, ref = default_branch)
     latest_successful_build_for(job_name, ref) || raise(ActiveRecord::RecordNotFound.new("Couldn't find job #{job_name}"))
   end
diff --git a/spec/features/projects/artifacts/user_downloads_artifacts_spec.rb b/spec/features/projects/artifacts/user_downloads_artifacts_spec.rb
index 5cb015e80be..69296ef00fd 100644
--- a/spec/features/projects/artifacts/user_downloads_artifacts_spec.rb
+++ b/spec/features/projects/artifacts/user_downloads_artifacts_spec.rb
@@ -1,8 +1,8 @@
 require "spec_helper"
 
 describe "User downloads artifacts" do
-  set(:project) { create(:project, :public) }
-  set(:pipeline) { create(:ci_empty_pipeline, status: :success, project: project) }
+  set(:project) { create(:project, :repository, :public) }
+  set(:pipeline) { create(:ci_empty_pipeline, status: :success, sha: project.commit.id, project: project) }
   set(:job) { create(:ci_build, :artifacts, :success, pipeline: pipeline) }
 
   shared_examples "downloading" do
-- 
cgit v1.2.1


From 1eab06571496c1b7950dc081435fa21058b614c8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Tue, 23 Jul 2019 21:21:05 +0200
Subject: Add specs for latest_successful methods for SHAs

---
 spec/models/ci/pipeline_spec.rb | 13 ++++++++++
 spec/models/project_spec.rb     | 55 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 68 insertions(+)

diff --git a/spec/models/ci/pipeline_spec.rb b/spec/models/ci/pipeline_spec.rb
index e24bbc39761..e3f699d9ad3 100644
--- a/spec/models/ci/pipeline_spec.rb
+++ b/spec/models/ci/pipeline_spec.rb
@@ -1812,6 +1812,19 @@ describe Ci::Pipeline, :mailer do
     end
   end
 
+  describe '.latest_successful_for_sha' do
+    include_context 'with some outdated pipelines'
+
+    let!(:latest_successful_pipeline) do
+      create_pipeline(:success, 'ref', 'awesomesha', project)
+    end
+
+    it 'returns the latest successful pipeline' do
+      expect(described_class.latest_successful_for_sha('awesomesha'))
+        .to eq(latest_successful_pipeline)
+    end
+  end
+
   describe '.latest_successful_for_refs' do
     include_context 'with some outdated pipelines'
 
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 9a083eee05e..e88c6a60fec 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -2074,6 +2074,61 @@ describe Project do
     end
   end
 
+  describe '#latest_successful_build_for_sha' do
+    let(:project) { create(:project, :repository) }
+    let(:pipeline) { create_pipeline(project) }
+
+    context 'with many builds' do
+      it 'gives the latest builds from latest pipeline' do
+        pipeline1 = create_pipeline(project)
+        pipeline2 = create_pipeline(project)
+        create_build(pipeline1, 'test')
+        create_build(pipeline1, 'test2')
+        build1_p2 = create_build(pipeline2, 'test')
+        create_build(pipeline2, 'test2')
+
+        expect(project.latest_successful_build_for_sha(build1_p2.name))
+          .to eq(build1_p2)
+      end
+    end
+
+    context 'with succeeded pipeline' do
+      let!(:build) { create_build }
+
+      context 'standalone pipeline' do
+        it 'returns builds for ref for default_branch' do
+          expect(project.latest_successful_build_for_sha(build.name))
+            .to eq(build)
+        end
+
+        it 'returns empty relation if the build cannot be found' do
+          expect(project.latest_successful_build_for_sha('TAIL'))
+            .to be_nil
+        end
+      end
+
+      context 'with some pending pipeline' do
+        before do
+          create_build(create_pipeline(project, 'pending'))
+        end
+
+        it 'gives the latest build from latest pipeline' do
+          expect(project.latest_successful_build_for_sha(build.name))
+            .to eq(build)
+        end
+      end
+    end
+
+    context 'with pending pipeline' do
+      it 'returns empty relation' do
+        pipeline.update(status: 'pending')
+        pending_build = create_build(pipeline)
+
+        expect(project.latest_successful_build_for_sha(pending_build.name)).to be_nil
+      end
+    end
+  end
+
   describe '#latest_successful_build_for!' do
     let(:project) { create(:project, :repository) }
     let(:pipeline) { create_pipeline(project) }
-- 
cgit v1.2.1


From 0a93fea3f6f32bf47b9cc2f2cf5994c99ebb831c Mon Sep 17 00:00:00 2001
From: mo khan <mkhan@gitlab.com>
Date: Tue, 23 Jul 2019 19:40:39 +0000
Subject: Add PIP_DEPENDENCY_PATH to dependency scanning template

---
 changelogs/unreleased/GL-12412.yml                                 | 5 +++++
 doc/user/application_security/dependency_scanning/index.md         | 1 +
 lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml | 1 +
 3 files changed, 7 insertions(+)
 create mode 100644 changelogs/unreleased/GL-12412.yml

diff --git a/changelogs/unreleased/GL-12412.yml b/changelogs/unreleased/GL-12412.yml
new file mode 100644
index 00000000000..304bd63d150
--- /dev/null
+++ b/changelogs/unreleased/GL-12412.yml
@@ -0,0 +1,5 @@
+---
+title: Add DS_PIP_DEPENDENCY_PATH option to configure Dependency Scanning for projects using pip.
+merge_request: 30762
+author:
+type: changed
diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md
index 09bd306363c..7473647f129 100644
--- a/doc/user/application_security/dependency_scanning/index.md
+++ b/doc/user/application_security/dependency_scanning/index.md
@@ -142,6 +142,7 @@ using environment variables.
 | `DS_ANALYZER_IMAGE_PREFIX`              | Override the name of the Docker registry providing the official default images (proxy). Read more about [customizing analyzers](analyzers.md). |
 | `DS_ANALYZER_IMAGE_TAG`                 | Override the Docker tag of the official default images. Read more about [customizing analyzers](analyzers.md). |
 | `DS_PYTHON_VERSION`                     | Version of Python. If set to 2, dependencies are installed using Python 2.7 instead of Python 3.6. ([Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/12296) in GitLab 12.1)|
+| `DS_PIP_DEPENDENCY_PATH`                | Path to load Python pip dependencies from. ([Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/12412) in GitLab 12.2) |
 | `DS_DEFAULT_ANALYZERS`                  | Override the names of the official default images. Read more about [customizing analyzers](analyzers.md). |
 | `DS_DISABLE_REMOTE_CHECKS`              | Do not send any data to GitLab. Used in the [Gemnasium analyzer](#remote-checks). |
 | `DS_PULL_ANALYZER_IMAGES`               | Pull the images from the Docker registry (set to `0` to disable). |
diff --git a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
index 89eccce69f6..600762dd39f 100644
--- a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
@@ -41,6 +41,7 @@ dependency_scanning:
           DS_PULL_ANALYZER_IMAGE_TIMEOUT \
           DS_RUN_ANALYZER_TIMEOUT \
           DS_PYTHON_VERSION \
+          DS_PIP_DEPENDENCY_PATH \
           PIP_INDEX_URL \
           PIP_EXTRA_INDEX_URL \
         ) \
-- 
cgit v1.2.1


From 42ecbcad108aa44beb279421c300024d17a360cd Mon Sep 17 00:00:00 2001
From: Reuben Pereira <rpereira@gitlab.com>
Date: Tue, 23 Jul 2019 19:47:17 +0000
Subject: Add validator for qualidied domain array

- Validate that the entries contain no unicode, html tags and are not
larger than 255 characters.
---
 app/validators/qualified_domain_array_validator.rb |  49 +++++++++
 locale/gitlab.pot                                  |  12 +++
 .../qualified_domain_array_validator_spec.rb       | 111 +++++++++++++++++++++
 3 files changed, 172 insertions(+)
 create mode 100644 app/validators/qualified_domain_array_validator.rb
 create mode 100644 spec/validators/qualified_domain_array_validator_spec.rb

diff --git a/app/validators/qualified_domain_array_validator.rb b/app/validators/qualified_domain_array_validator.rb
new file mode 100644
index 00000000000..986c146a9db
--- /dev/null
+++ b/app/validators/qualified_domain_array_validator.rb
@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+# QualifiedDomainArrayValidator
+#
+# Custom validator for URL hosts/'qualified domains' (FQDNs, ex: gitlab.com, sub.example.com).
+# This does not check if the domain actually exists. It only checks if it is a
+# valid domain string.
+#
+# Example:
+#
+#   class ApplicationSetting < ApplicationRecord
+#     validates :outbound_local_requests_whitelist, qualified_domain_array: true
+#   end
+#
+class QualifiedDomainArrayValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    validate_value_present(record, attribute, value)
+    validate_host_length(record, attribute, value)
+    validate_idna_encoding(record, attribute, value)
+    validate_sanitization(record, attribute, value)
+  end
+
+  private
+
+  def validate_value_present(record, attribute, value)
+    return unless value.blank?
+
+    record.errors.add(attribute, _('entries cannot be blank'))
+  end
+
+  def validate_host_length(record, attribute, value)
+    return unless value&.any? { |entry| entry.size > 255 }
+
+    record.errors.add(attribute, _('entries cannot be larger than 255 characters'))
+  end
+
+  def validate_idna_encoding(record, attribute, value)
+    return if value&.all?(&:ascii_only?)
+
+    record.errors.add(attribute, _('unicode domains should use IDNA encoding'))
+  end
+
+  def validate_sanitization(record, attribute, value)
+    sanitizer = Rails::Html::FullSanitizer.new
+    return unless value&.any? { |str| sanitizer.sanitize(str) != str }
+
+    record.errors.add(attribute, _('entries cannot contain HTML tags'))
+  end
+end
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index bd26ca6714d..5cd9aa7e2de 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -12803,6 +12803,15 @@ msgstr ""
 msgid "encrypted: needs to be a :required, :optional or :migrating!"
 msgstr ""
 
+msgid "entries cannot be blank"
+msgstr ""
+
+msgid "entries cannot be larger than 255 characters"
+msgstr ""
+
+msgid "entries cannot contain HTML tags"
+msgstr ""
+
 msgid "error"
 msgstr ""
 
@@ -13308,6 +13317,9 @@ msgstr ""
 msgid "triggered"
 msgstr ""
 
+msgid "unicode domains should use IDNA encoding"
+msgstr ""
+
 msgid "updated"
 msgstr ""
 
diff --git a/spec/validators/qualified_domain_array_validator_spec.rb b/spec/validators/qualified_domain_array_validator_spec.rb
new file mode 100644
index 00000000000..a96b00bfd1d
--- /dev/null
+++ b/spec/validators/qualified_domain_array_validator_spec.rb
@@ -0,0 +1,111 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe QualifiedDomainArrayValidator do
+  class TestClass
+    include ActiveModel::Validations
+
+    attr_accessor :domain_array
+
+    def initialize(domain_array)
+      self.domain_array = domain_array
+    end
+  end
+
+  let!(:record) do
+    TestClass.new(['gitlab.com'])
+  end
+
+  subject { validator.validate(record) }
+
+  shared_examples 'cannot be blank' do
+    it 'returns error when attribute is blank' do
+      record.domain_array = []
+
+      subject
+
+      expect(record.errors).to be_present
+      expect(record.errors.first[1]).to eq 'entries cannot be blank'
+    end
+  end
+
+  shared_examples 'can be nil' do
+    it 'allows when attribute is nil' do
+      record.domain_array = nil
+
+      subject
+
+      expect(record.errors).to be_empty
+    end
+  end
+
+  describe 'validations' do
+    let(:validator) { described_class.new(attributes: [:domain_array]) }
+
+    it_behaves_like 'cannot be blank'
+
+    it 'returns error when attribute is nil' do
+      record.domain_array = nil
+
+      subject
+
+      expect(record.errors).to be_present
+    end
+
+    it 'allows when domain is valid' do
+      subject
+
+      expect(record.errors).to be_empty
+    end
+
+    it 'returns error when domain contains unicode' do
+      record.domain_array = ['ğitlab.com']
+
+      subject
+
+      expect(record.errors).to be_present
+      expect(record.errors.first[1]).to eq 'unicode domains should use IDNA encoding'
+    end
+
+    it 'returns error when entry is larger than 255 chars' do
+      record.domain_array = ['a' * 256]
+
+      subject
+
+      expect(record.errors).to be_present
+      expect(record.errors.first[1]).to eq 'entries cannot be larger than 255 characters'
+    end
+
+    it 'returns error when entry contains HTML tags' do
+      record.domain_array = ['gitlab.com<h1>something</h1>']
+
+      subject
+
+      expect(record.errors).to be_present
+      expect(record.errors.first[1]).to eq 'entries cannot contain HTML tags'
+    end
+  end
+
+  context 'when allow_nil is set to true' do
+    let(:validator) { described_class.new(attributes: [:domain_array], allow_nil: true) }
+
+    it_behaves_like 'can be nil'
+
+    it_behaves_like 'cannot be blank'
+  end
+
+  context 'when allow_blank is set to true' do
+    let(:validator) { described_class.new(attributes: [:domain_array], allow_blank: true) }
+
+    it_behaves_like 'can be nil'
+
+    it 'allows when attribute is blank' do
+      record.domain_array = []
+
+      subject
+
+      expect(record.errors).to be_empty
+    end
+  end
+end
-- 
cgit v1.2.1


From 822129b6b71bfff3cf46d59e31349e8d47a48687 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ma=C5=82gorzata=20Ksionek?= <mksionek@gitlab.com>
Date: Tue, 23 Jul 2019 22:00:50 +0200
Subject: Change sql query

---
 lib/gitlab/cycle_analytics/summary/group/deploy.rb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/gitlab/cycle_analytics/summary/group/deploy.rb b/lib/gitlab/cycle_analytics/summary/group/deploy.rb
index 1476a5fceb8..78d677cf558 100644
--- a/lib/gitlab/cycle_analytics/summary/group/deploy.rb
+++ b/lib/gitlab/cycle_analytics/summary/group/deploy.rb
@@ -18,9 +18,9 @@ module Gitlab
           private
 
           def find_deployments
-            deployments = Deployment.joins(:project)
-              .where(projects: { id: projects.ids })
-              .where("deployments.created_at > ?", from)
+            deployments = Deployment.joins(:project).merge(Project.inside_path(group.full_path))
+            deployments = deployments.where(projects: { id: options[:projects] }) if options[:projects]
+            deployments = deployments.where("deployments.created_at > ?", from)
             deployments.success.count
           end
         end
-- 
cgit v1.2.1


From f30b1d61d9adeaeb39febfd99ec0461b9a2251ea Mon Sep 17 00:00:00 2001
From: Sergey Alekseev <sergey@asoft.co>
Date: Tue, 23 Jul 2019 20:17:59 +0000
Subject: Speed up boot time

by removing an unused `begin ... rescue ... end` block. The block is no longer necessary after moving the bootsnap gem to the :default group in eedf735574b9f6c7c6c843943dd946ce84238236.
---
 config/boot.rb | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/config/boot.rb b/config/boot.rb
index 2eacff868eb..da4e6b7290c 100644
--- a/config/boot.rb
+++ b/config/boot.rb
@@ -2,8 +2,4 @@ ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
 
 # Set up gems listed in the Gemfile.
 require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
-begin
-  require 'bootsnap/setup' if ENV['RAILS_ENV'] != 'production' || %w(1 yes true).include?(ENV['ENABLE_BOOTSNAP'])
-rescue LoadError
-  # bootsnap is an optional dependency, so if we don't have it, it's fine
-end
+require 'bootsnap/setup' if ENV['RAILS_ENV'] != 'production' || %w(1 yes true).include?(ENV['ENABLE_BOOTSNAP'])
-- 
cgit v1.2.1


From a71da850d93c0fc7cef60ff0fbc8661ba7008911 Mon Sep 17 00:00:00 2001
From: James Keogh <james.keogh@cambridgeconsultants.com>
Date: Tue, 23 Jul 2019 21:32:10 +0000
Subject: Rename changelog to correct issue number, be more explicit that we're
 talking about Auto DevOps projects

---
 changelogs/unreleased/64081-override-helm-release-name.yml | 5 +++++
 doc/topics/autodevops/index.md                             | 1 +
 lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml          | 9 +++++----
 3 files changed, 11 insertions(+), 4 deletions(-)
 create mode 100644 changelogs/unreleased/64081-override-helm-release-name.yml

diff --git a/changelogs/unreleased/64081-override-helm-release-name.yml b/changelogs/unreleased/64081-override-helm-release-name.yml
new file mode 100644
index 00000000000..2bf39b17c03
--- /dev/null
+++ b/changelogs/unreleased/64081-override-helm-release-name.yml
@@ -0,0 +1,5 @@
+---
+title: Allow multiple Auto DevOps projects to deploy to a single namespace within a k8s cluster
+merge_request: 30360
+author: James Keogh
+type: added
diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md
index 7a92a672801..30b9e88ade8 100644
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -764,6 +764,7 @@ also be customized, and you can easily use a [custom buildpack](#custom-buildpac
 | `ROLLOUT_RESOURCE_TYPE`     | From GitLab 11.9, this variable allows specification of the resource type being deployed when using a custom helm chart. Default value is `deployment`. |
 | `ROLLOUT_STATUS_DISABLED`   | From GitLab 12.0, this variable allows to disable rollout status check because it doesn't support all resource types, for example, `cronjob`. |
 | `HELM_UPGRADE_EXTRA_ARGS`   | From GitLab 11.11, this variable allows extra arguments in `helm` commands when deploying the application. Note that using quotes will not prevent word splitting. **Tip:** you can use this variable to [customize the Auto Deploy helm chart](https://docs.gitlab.com/ee/topics/autodevops/index.html#custom-helm-chart) by applying custom override values with `--values my-values.yaml`. |
+| `HELM_RELEASE_NAME`   | From GitLab 12.1, this variable allows the `helm` release name to be overridden, this can be used to assign unique release names when deploying multiple projects to a single namespace  |
 
 TIP: **Tip:**
 Set up the replica variables using a
diff --git a/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml
index 108f0119ae1..6ead127e7b6 100644
--- a/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml
@@ -243,7 +243,8 @@ rollout 100%:
 
 .deploy_helpers: &deploy_helpers |
   [[ "$TRACE" ]] && set -x
-  auto_database_url=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${CI_ENVIRONMENT_SLUG}-postgres:5432/${POSTGRES_DB}
+  export RELEASE_NAME=${HELM_RELEASE_NAME:-$CI_ENVIRONMENT_SLUG}
+  auto_database_url=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${RELEASE_NAME}-postgres:5432/${POSTGRES_DB}
   export DATABASE_URL=${DATABASE_URL-$auto_database_url}
   export TILLER_NAMESPACE=$KUBE_NAMESPACE
 
@@ -307,7 +308,7 @@ rollout 100%:
   }
 
   function deploy_name() {
-    name="$CI_ENVIRONMENT_SLUG"
+    name="$RELEASE_NAME"
     track="${1-stable}"
 
     if [[ "$track" != "stable" ]]; then
@@ -372,7 +373,7 @@ rollout 100%:
         --set service.enabled="$service_enabled" \
         --set gitlab.app="$CI_PROJECT_PATH_SLUG" \
         --set gitlab.env="$CI_ENVIRONMENT_SLUG" \
-        --set releaseOverride="$CI_ENVIRONMENT_SLUG" \
+        --set releaseOverride="$RELEASE_NAME" \
         --set image.repository="$image_repository" \
         --set image.tag="$image_tag" \
         --set image.pullPolicy=IfNotPresent \
@@ -413,7 +414,7 @@ rollout 100%:
         --set service.enabled="$service_enabled" \
         --set gitlab.app="$CI_PROJECT_PATH_SLUG" \
         --set gitlab.env="$CI_ENVIRONMENT_SLUG" \
-        --set releaseOverride="$CI_ENVIRONMENT_SLUG" \
+        --set releaseOverride="$RELEASE_NAME" \
         --set image.repository="$image_repository" \
         --set image.tag="$image_tag" \
         --set image.pullPolicy=IfNotPresent \
-- 
cgit v1.2.1


From 64a32d6cf0d8b67e1b495169054cc172f79cfadd Mon Sep 17 00:00:00 2001
From: Chris Toynbee <ctoynbee@gmail.com>
Date: Tue, 23 Jul 2019 22:13:36 +0000
Subject: Encapsulate file view modes with constants

---
 .../javascripts/ide/components/repo_editor.vue      | 21 ++++++++++++++-------
 app/assets/javascripts/ide/constants.js             |  4 ++++
 app/assets/javascripts/ide/stores/utils.js          |  4 ++--
 spec/javascripts/ide/components/repo_editor_spec.js |  8 ++++----
 spec/javascripts/ide/stores/mutations/file_spec.js  |  5 +++--
 5 files changed, 27 insertions(+), 15 deletions(-)

diff --git a/app/assets/javascripts/ide/components/repo_editor.vue b/app/assets/javascripts/ide/components/repo_editor.vue
index 03756a634d5..802b7f1fa6f 100644
--- a/app/assets/javascripts/ide/components/repo_editor.vue
+++ b/app/assets/javascripts/ide/components/repo_editor.vue
@@ -4,7 +4,12 @@ import { viewerInformationForPath } from '~/vue_shared/components/content_viewer
 import flash from '~/flash';
 import ContentViewer from '~/vue_shared/components/content_viewer/content_viewer.vue';
 import DiffViewer from '~/vue_shared/components/diff_viewer/diff_viewer.vue';
-import { activityBarViews, viewerTypes } from '../constants';
+import {
+  activityBarViews,
+  viewerTypes,
+  FILE_VIEW_MODE_EDITOR,
+  FILE_VIEW_MODE_PREVIEW,
+} from '../constants';
 import Editor from '../lib/editor';
 import ExternalLink from './external_link.vue';
 import FileTemplatesBar from './file_templates/bar.vue';
@@ -49,10 +54,10 @@ export default {
       return this.shouldHideEditor && this.file.mrChange && this.viewer === viewerTypes.mr;
     },
     isEditorViewMode() {
-      return this.file.viewMode === 'editor';
+      return this.file.viewMode === FILE_VIEW_MODE_EDITOR;
     },
     isPreviewViewMode() {
-      return this.file.viewMode === 'preview';
+      return this.file.viewMode === FILE_VIEW_MODE_PREVIEW;
     },
     editTabCSS() {
       return {
@@ -85,7 +90,7 @@ export default {
         if (this.currentActivityView !== activityBarViews.edit) {
           this.setFileViewMode({
             file: this.file,
-            viewMode: 'editor',
+            viewMode: FILE_VIEW_MODE_EDITOR,
           });
         }
       }
@@ -94,7 +99,7 @@ export default {
       if (this.currentActivityView !== activityBarViews.edit) {
         this.setFileViewMode({
           file: this.file,
-          viewMode: 'editor',
+          viewMode: FILE_VIEW_MODE_EDITOR,
         });
       }
     },
@@ -244,6 +249,8 @@ export default {
     },
   },
   viewerTypes,
+  FILE_VIEW_MODE_EDITOR,
+  FILE_VIEW_MODE_PREVIEW,
 };
 </script>
 
@@ -255,7 +262,7 @@ export default {
           <a
             href="javascript:void(0);"
             role="button"
-            @click.prevent="setFileViewMode({ file, viewMode: 'editor' })"
+            @click.prevent="setFileViewMode({ file, viewMode: $options.FILE_VIEW_MODE_EDITOR })"
           >
             <template v-if="viewer === $options.viewerTypes.edit">{{ __('Edit') }}</template>
             <template v-else>{{ __('Review') }}</template>
@@ -265,7 +272,7 @@ export default {
           <a
             href="javascript:void(0);"
             role="button"
-            @click.prevent="setFileViewMode({ file, viewMode: 'preview' })"
+            @click.prevent="setFileViewMode({ file, viewMode: $options.FILE_VIEW_MODE_PREVIEW })"
             >{{ file.previewMode.previewTitle }}</a
           >
         </li>
diff --git a/app/assets/javascripts/ide/constants.js b/app/assets/javascripts/ide/constants.js
index e30670e119f..673ac1bfa9a 100644
--- a/app/assets/javascripts/ide/constants.js
+++ b/app/assets/javascripts/ide/constants.js
@@ -4,6 +4,10 @@ export const MAX_WINDOW_HEIGHT_COMPACT = 750;
 export const MAX_TITLE_LENGTH = 50;
 export const MAX_BODY_LENGTH = 72;
 
+// File view modes
+export const FILE_VIEW_MODE_EDITOR = 'editor';
+export const FILE_VIEW_MODE_PREVIEW = 'preview';
+
 export const activityBarViews = {
   edit: 'ide-tree',
   commit: 'commit-section',
diff --git a/app/assets/javascripts/ide/stores/utils.js b/app/assets/javascripts/ide/stores/utils.js
index 366314536c6..04e86afb268 100644
--- a/app/assets/javascripts/ide/stores/utils.js
+++ b/app/assets/javascripts/ide/stores/utils.js
@@ -1,4 +1,4 @@
-import { commitActionTypes } from '../constants';
+import { commitActionTypes, FILE_VIEW_MODE_EDITOR } from '../constants';
 
 export const dataStructure = () => ({
   id: '',
@@ -43,7 +43,7 @@ export const dataStructure = () => ({
   editorColumn: 1,
   fileLanguage: '',
   eol: '',
-  viewMode: 'editor',
+  viewMode: FILE_VIEW_MODE_EDITOR,
   previewMode: null,
   size: 0,
   parentPath: null,
diff --git a/spec/javascripts/ide/components/repo_editor_spec.js b/spec/javascripts/ide/components/repo_editor_spec.js
index 7dc5cb24981..0701b773e17 100644
--- a/spec/javascripts/ide/components/repo_editor_spec.js
+++ b/spec/javascripts/ide/components/repo_editor_spec.js
@@ -5,7 +5,7 @@ import axios from '~/lib/utils/axios_utils';
 import store from '~/ide/stores';
 import repoEditor from '~/ide/components/repo_editor.vue';
 import Editor from '~/ide/lib/editor';
-import { activityBarViews } from '~/ide/constants';
+import { activityBarViews, FILE_VIEW_MODE_EDITOR, FILE_VIEW_MODE_PREVIEW } from '~/ide/constants';
 import { createComponentWithStore } from '../../helpers/vue_mount_component_helper';
 import setTimeoutPromise from '../../helpers/set_timeout_promise_helper';
 import { file, resetStore } from '../helpers';
@@ -16,7 +16,7 @@ describe('RepoEditor', () => {
   beforeEach(done => {
     const f = {
       ...file(),
-      viewMode: 'editor',
+      viewMode: FILE_VIEW_MODE_EDITOR,
     };
     const RepoEditor = Vue.extend(repoEditor);
 
@@ -370,7 +370,7 @@ describe('RepoEditor', () => {
   describe('when files view mode is preview', () => {
     beforeEach(done => {
       spyOn(vm.editor, 'updateDimensions');
-      vm.file.viewMode = 'preview';
+      vm.file.viewMode = FILE_VIEW_MODE_PREVIEW;
       vm.$nextTick(done);
     });
 
@@ -392,7 +392,7 @@ describe('RepoEditor', () => {
 
     describe('when file view mode changes to editor', () => {
       beforeEach(done => {
-        vm.file.viewMode = 'editor';
+        vm.file.viewMode = FILE_VIEW_MODE_EDITOR;
 
         // one tick to trigger watch
         vm.$nextTick()
diff --git a/spec/javascripts/ide/stores/mutations/file_spec.js b/spec/javascripts/ide/stores/mutations/file_spec.js
index 1b41c3c2548..064e66cef64 100644
--- a/spec/javascripts/ide/stores/mutations/file_spec.js
+++ b/spec/javascripts/ide/stores/mutations/file_spec.js
@@ -1,5 +1,6 @@
 import mutations from '~/ide/stores/mutations/file';
 import state from '~/ide/stores/state';
+import { FILE_VIEW_MODE_PREVIEW } from '~/ide/constants';
 import { file } from '../../helpers';
 
 describe('IDE store file mutations', () => {
@@ -425,10 +426,10 @@ describe('IDE store file mutations', () => {
     it('updates file view mode', () => {
       mutations.SET_FILE_VIEWMODE(localState, {
         file: localFile,
-        viewMode: 'preview',
+        viewMode: FILE_VIEW_MODE_PREVIEW,
       });
 
-      expect(localFile.viewMode).toBe('preview');
+      expect(localFile.viewMode).toBe(FILE_VIEW_MODE_PREVIEW);
     });
   });
 
-- 
cgit v1.2.1


From c03ae6201f5480c179acb26ba06e3824a2cb7aad Mon Sep 17 00:00:00 2001
From: Alex Kalderimis <akalderimis@gitlab.com>
Date: Tue, 23 Jul 2019 22:40:23 +0000
Subject: Allowing all users to view history

This removes the create_wiki permission check from the history
controller, allowing show and history to have the same level of
permissions.

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/29528
---
 app/controllers/projects/wikis_controller.rb       |   2 +-
 .../unreleased/allow-all-users-to-see-history.yml  |   4 +
 spec/controllers/projects/wikis_controller_spec.rb |  41 +++++++
 spec/policies/project_policy_spec.rb               | 120 +++++++++++++++++++++
 4 files changed, 166 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/allow-all-users-to-see-history.yml

diff --git a/app/controllers/projects/wikis_controller.rb b/app/controllers/projects/wikis_controller.rb
index b0998d7f3be..d1914c35bd3 100644
--- a/app/controllers/projects/wikis_controller.rb
+++ b/app/controllers/projects/wikis_controller.rb
@@ -6,7 +6,7 @@ class Projects::WikisController < Projects::ApplicationController
   include Gitlab::Utils::StrongMemoize
 
   before_action :authorize_read_wiki!
-  before_action :authorize_create_wiki!, only: [:edit, :create, :history]
+  before_action :authorize_create_wiki!, only: [:edit, :create]
   before_action :authorize_admin_wiki!, only: :destroy
   before_action :load_project_wiki
   before_action :load_page, only: [:show, :edit, :update, :history, :destroy]
diff --git a/changelogs/unreleased/allow-all-users-to-see-history.yml b/changelogs/unreleased/allow-all-users-to-see-history.yml
new file mode 100644
index 00000000000..7423fa079cc
--- /dev/null
+++ b/changelogs/unreleased/allow-all-users-to-see-history.yml
@@ -0,0 +1,4 @@
+---
+title: Align access permissions for wiki history to those of wiki pages
+merge_request: 30470
+type: fixed
diff --git a/spec/controllers/projects/wikis_controller_spec.rb b/spec/controllers/projects/wikis_controller_spec.rb
index a7e5a79b51d..fbca1d5740f 100644
--- a/spec/controllers/projects/wikis_controller_spec.rb
+++ b/spec/controllers/projects/wikis_controller_spec.rb
@@ -31,6 +31,47 @@ describe Projects::WikisController do
     end
   end
 
+  describe 'GET #history' do
+    before do
+      allow(controller)
+        .to receive(:can?)
+        .with(any_args)
+        .and_call_original
+
+      # The :create_wiki permission is irrelevant to reading history.
+      expect(controller)
+        .not_to receive(:can?)
+        .with(anything, :create_wiki, any_args)
+
+      allow(controller)
+        .to receive(:can?)
+        .with(anything, :read_wiki, any_args)
+        .and_return(allow_read_wiki)
+    end
+
+    shared_examples 'fetching history' do |expected_status|
+      before do
+        get :history, params: { namespace_id: project.namespace, project_id: project, id: wiki_title }
+      end
+
+      it "returns status #{expected_status}" do
+        expect(response).to have_http_status(expected_status)
+      end
+    end
+
+    it_behaves_like 'fetching history', :ok do
+      let(:allow_read_wiki)   { true }
+
+      it 'assigns @page_versions' do
+        expect(assigns(:page_versions)).to be_present
+      end
+    end
+
+    it_behaves_like 'fetching history', :not_found do
+      let(:allow_read_wiki)   { false }
+    end
+  end
+
   describe 'GET #show' do
     render_views
 
diff --git a/spec/policies/project_policy_spec.rb b/spec/policies/project_policy_spec.rb
index fd82150c12a..8fd54e0bf1d 100644
--- a/spec/policies/project_policy_spec.rb
+++ b/spec/policies/project_policy_spec.rb
@@ -126,6 +126,126 @@ describe ProjectPolicy do
         end
       end
     end
+
+    describe 'read_wiki' do
+      subject { described_class.new(user, project) }
+
+      member_roles = %i[guest developer]
+      stranger_roles = %i[anonymous non_member]
+
+      user_roles = stranger_roles + member_roles
+
+      # When a user is anonymous, their `current_user == nil`
+      let(:user) { create(:user) unless user_role == :anonymous }
+
+      before do
+        project.visibility = project_visibility
+        project.project_feature.update_attribute(:wiki_access_level, wiki_access_level)
+        project.add_user(user, user_role) if member_roles.include?(user_role)
+      end
+
+      title = ->(project_visibility, wiki_access_level, user_role) do
+        [
+          "project is #{Gitlab::VisibilityLevel.level_name project_visibility}",
+          "wiki is #{ProjectFeature.str_from_access_level wiki_access_level}",
+          "user is #{user_role}"
+        ].join(', ')
+      end
+
+      describe 'Situations where :read_wiki is always false' do
+        where(case_names: title,
+              project_visibility: Gitlab::VisibilityLevel.options.values,
+              wiki_access_level: [ProjectFeature::DISABLED],
+              user_role: user_roles)
+
+        with_them do
+          it { is_expected.to be_disallowed(:read_wiki) }
+        end
+      end
+
+      describe 'Situations where :read_wiki is always true' do
+        where(case_names: title,
+              project_visibility: [Gitlab::VisibilityLevel::PUBLIC],
+              wiki_access_level: [ProjectFeature::ENABLED],
+              user_role: user_roles)
+
+        with_them do
+          it { is_expected.to be_allowed(:read_wiki) }
+        end
+      end
+
+      describe 'Situations where :read_wiki requires project membership' do
+        context 'the wiki is private, and the user is a member' do
+          where(case_names: title,
+                project_visibility: [Gitlab::VisibilityLevel::PUBLIC,
+                                     Gitlab::VisibilityLevel::INTERNAL],
+                wiki_access_level: [ProjectFeature::PRIVATE],
+                user_role: member_roles)
+
+          with_them do
+            it { is_expected.to be_allowed(:read_wiki) }
+          end
+        end
+
+        context 'the wiki is private, and the user is not member' do
+          where(case_names: title,
+                project_visibility: [Gitlab::VisibilityLevel::PUBLIC,
+                                     Gitlab::VisibilityLevel::INTERNAL],
+                wiki_access_level: [ProjectFeature::PRIVATE],
+                user_role: stranger_roles)
+
+          with_them do
+            it { is_expected.to be_disallowed(:read_wiki) }
+          end
+        end
+
+        context 'the wiki is enabled, and the user is a member' do
+          where(case_names: title,
+                project_visibility: [Gitlab::VisibilityLevel::PRIVATE],
+                wiki_access_level: [ProjectFeature::ENABLED],
+                user_role: member_roles)
+
+          with_them do
+            it { is_expected.to be_allowed(:read_wiki) }
+          end
+        end
+
+        context 'the wiki is enabled, and the user is not a member' do
+          where(case_names: title,
+                project_visibility: [Gitlab::VisibilityLevel::PRIVATE],
+                wiki_access_level: [ProjectFeature::ENABLED],
+                user_role: stranger_roles)
+
+          with_them do
+            it { is_expected.to be_disallowed(:read_wiki) }
+          end
+        end
+      end
+
+      describe 'Situations where :read_wiki prohibits anonymous access' do
+        context 'the user is not anonymous' do
+          where(case_names: title,
+                project_visibility: [Gitlab::VisibilityLevel::INTERNAL],
+                wiki_access_level: [ProjectFeature::ENABLED, ProjectFeature::PUBLIC],
+                user_role: user_roles.reject { |u| u == :anonymous })
+
+          with_them do
+            it { is_expected.to be_allowed(:read_wiki) }
+          end
+        end
+
+        context 'the user is not anonymous' do
+          where(case_names: title,
+                project_visibility: [Gitlab::VisibilityLevel::INTERNAL],
+                wiki_access_level: [ProjectFeature::ENABLED, ProjectFeature::PUBLIC],
+                user_role: %i[anonymous])
+
+          with_them do
+            it { is_expected.to be_disallowed(:read_wiki) }
+          end
+        end
+      end
+    end
   end
 
   context 'issues feature' do
-- 
cgit v1.2.1


From af88ccfae8d972cd4f74ac5742ab58cd036b6582 Mon Sep 17 00:00:00 2001
From: Tiger <twatson@gitlab.com>
Date: Wed, 24 Jul 2019 09:52:39 +1000
Subject: Set DOCKER_TLS_CERTDIR in Auto Dev-Ops CI template

https://gitlab.com/gitlab-org/gitlab-ce/issues/65019
---
 changelogs/unreleased/65019-auto-devops-dind-tls-fix.yml | 5 +++++
 lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml        | 2 ++
 2 files changed, 7 insertions(+)
 create mode 100644 changelogs/unreleased/65019-auto-devops-dind-tls-fix.yml

diff --git a/changelogs/unreleased/65019-auto-devops-dind-tls-fix.yml b/changelogs/unreleased/65019-auto-devops-dind-tls-fix.yml
new file mode 100644
index 00000000000..3eea3e551ce
--- /dev/null
+++ b/changelogs/unreleased/65019-auto-devops-dind-tls-fix.yml
@@ -0,0 +1,5 @@
+---
+title: Set DOCKER_TLS_CERTDIR in Auto Dev-Ops CI template to fix jobs using Docker-in-Docker
+merge_request: 31078
+author:
+type: fixed
diff --git a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
index cf3d261c1cb..7b9a169a91f 100644
--- a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
@@ -57,6 +57,8 @@ variables:
 
   ROLLOUT_RESOURCE_TYPE: deployment
 
+  DOCKER_TLS_CERTDIR: "" # https://gitlab.com/gitlab-org/gitlab-runner/issues/4501
+
 stages:
   - build
   - test
-- 
cgit v1.2.1


From c472bec5c2babe592043d25ef18e6a23806eb29b Mon Sep 17 00:00:00 2001
From: Tiger <twatson@gitlab.com>
Date: Wed, 24 Jul 2019 10:11:12 +1000
Subject: Set DOCKER_TLS_CERTDIR in CI job templates

https://gitlab.com/gitlab-org/gitlab-ce/issues/65019
---
 changelogs/unreleased/65019-job-templates-dind-tls-fix.yml           | 5 +++++
 .../ci/templates/Jobs/Browser-Performance-Testing.gitlab-ci.yml      | 2 ++
 lib/gitlab/ci/templates/Jobs/Build.gitlab-ci.yml                     | 2 ++
 lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml              | 1 +
 lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml   | 1 +
 lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml                  | 1 +
 6 files changed, 12 insertions(+)
 create mode 100644 changelogs/unreleased/65019-job-templates-dind-tls-fix.yml

diff --git a/changelogs/unreleased/65019-job-templates-dind-tls-fix.yml b/changelogs/unreleased/65019-job-templates-dind-tls-fix.yml
new file mode 100644
index 00000000000..c7c02486d61
--- /dev/null
+++ b/changelogs/unreleased/65019-job-templates-dind-tls-fix.yml
@@ -0,0 +1,5 @@
+---
+title: Set DOCKER_TLS_CERTDIR in CI job templates to fix Docker-in-Docker service
+merge_request: 31080
+author:
+type: fixed
diff --git a/lib/gitlab/ci/templates/Jobs/Browser-Performance-Testing.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Browser-Performance-Testing.gitlab-ci.yml
index a09217e8cf0..b0a79950667 100644
--- a/lib/gitlab/ci/templates/Jobs/Browser-Performance-Testing.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Jobs/Browser-Performance-Testing.gitlab-ci.yml
@@ -2,6 +2,8 @@ performance:
   stage: performance
   image: docker:stable
   allow_failure: true
+  variables:
+    DOCKER_TLS_CERTDIR: ""
   services:
     - docker:stable-dind
   script:
diff --git a/lib/gitlab/ci/templates/Jobs/Build.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Build.gitlab-ci.yml
index 18f7290e1d9..8061da968ed 100644
--- a/lib/gitlab/ci/templates/Jobs/Build.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Jobs/Build.gitlab-ci.yml
@@ -1,6 +1,8 @@
 build:
   stage: build
   image: "registry.gitlab.com/gitlab-org/cluster-integration/auto-build-image/master:stable"
+  variables:
+    DOCKER_TLS_CERTDIR: ""
   services:
     - docker:stable-dind
   script:
diff --git a/lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml
index 005ea4b7a46..3adc6a72874 100644
--- a/lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Jobs/Code-Quality.gitlab-ci.yml
@@ -6,6 +6,7 @@ code_quality:
     - docker:stable-dind
   variables:
     DOCKER_DRIVER: overlay2
+    DOCKER_TLS_CERTDIR: ""
   script:
     - |
       if ! docker info &>/dev/null; then
diff --git a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
index 600762dd39f..15b84f1540d 100644
--- a/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml
@@ -9,6 +9,7 @@ dependency_scanning:
   image: docker:stable
   variables:
     DOCKER_DRIVER: overlay2
+    DOCKER_TLS_CERTDIR: ""
   allow_failure: true
   services:
     - docker:stable-dind
diff --git a/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
index 0a97a16b83c..4190de73e1f 100644
--- a/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml
@@ -9,6 +9,7 @@ sast:
   image: docker:stable
   variables:
     DOCKER_DRIVER: overlay2
+    DOCKER_TLS_CERTDIR: ""
   allow_failure: true
   services:
     - docker:stable-dind
-- 
cgit v1.2.1


From 271a6d1b8f447bcb14d9c134fa9d96e1791158b5 Mon Sep 17 00:00:00 2001
From: Jeremy Jackson <jejacks0n@ishifishiGit.local>
Date: Tue, 23 Jul 2019 14:39:11 -0600
Subject: Resolves confusion within spec rake tasks

---
 lib/quality/test_level.rb           |  1 +
 lib/tasks/spec.rake                 | 63 ++-----------------------------------
 spec/lib/quality/test_level_spec.rb |  4 +--
 3 files changed, 6 insertions(+), 62 deletions(-)

diff --git a/lib/quality/test_level.rb b/lib/quality/test_level.rb
index 24d8eac200c..60d79b52680 100644
--- a/lib/quality/test_level.rb
+++ b/lib/quality/test_level.rb
@@ -14,6 +14,7 @@ module Quality
         finders
         frontend
         graphql
+        haml_lint
         helpers
         initializers
         javascripts
diff --git a/lib/tasks/spec.rake b/lib/tasks/spec.rake
index c881ad4cf12..bf18332a8eb 100644
--- a/lib/tasks/spec.rake
+++ b/lib/tasks/spec.rake
@@ -2,8 +2,6 @@
 
 return if Rails.env.production?
 
-Rake::Task["spec"].clear if Rake::Task.task_defined?('spec')
-
 namespace :spec do
   desc 'GitLab | RSpec | Run unit tests'
   RSpec::Core::RakeTask.new(:unit, :rspec_opts) do |t, args|
@@ -26,63 +24,8 @@ namespace :spec do
     t.rspec_opts = args[:rspec_opts]
   end
 
-  desc '[Deprecated] Use the "bin/rspec --tag api" instead'
-  task :api do
-    cmds = [
-      %w(rake gitlab:setup),
-      %w(rspec spec --tag @api)
-    ]
-    run_commands(cmds)
-  end
-
-  desc '[Deprecated] Use the "spec:system" task instead'
-  task :feature do
-    cmds = [
-      %w(rake gitlab:setup),
-      %w(rspec spec --tag @feature)
-    ]
-    run_commands(cmds)
-  end
-
-  desc '[Deprecated] Use "bin/rspec spec/models" instead'
-  task :models do
-    cmds = [
-      %w(rake gitlab:setup),
-      %w(rspec spec --tag @models)
-    ]
-    run_commands(cmds)
-  end
-
-  desc '[Deprecated] Use "bin/rspec spec/services" instead'
-  task :services do
-    cmds = [
-      %w(rake gitlab:setup),
-      %w(rspec spec --tag @services)
-    ]
-    run_commands(cmds)
-  end
-
-  desc '[Deprecated] Use "bin/rspec spec/lib" instead'
-  task :lib do
-    cmds = [
-      %w(rake gitlab:setup),
-      %w(rspec spec --tag @lib)
-    ]
-    run_commands(cmds)
-  end
-end
-
-desc "GitLab | Run specs"
-task :spec do
-  cmds = [
-    %w(rake gitlab:setup),
-    %w(rspec spec)
-  ]
-  run_commands(cmds)
-end
-
-def run_commands(cmds)
-  cmds.each do |cmd|
-    system({ 'RAILS_ENV' => 'test', 'force' => 'yes' }, *cmd) || raise("#{cmd} failed!")
+  desc 'Run the code examples in spec/requests/api'
+  RSpec::Core::RakeTask.new(:api) do |t|
+    t.pattern = 'spec/requests/api/**/*_spec.rb'
   end
 end
diff --git a/spec/lib/quality/test_level_spec.rb b/spec/lib/quality/test_level_spec.rb
index 3465c3a050b..59870ce44a7 100644
--- a/spec/lib/quality/test_level_spec.rb
+++ b/spec/lib/quality/test_level_spec.rb
@@ -7,7 +7,7 @@ RSpec.describe Quality::TestLevel do
     context 'when level is unit' do
       it 'returns a pattern' do
         expect(subject.pattern(:unit))
-          .to eq("spec/{bin,config,db,dependencies,factories,finders,frontend,graphql,helpers,initializers,javascripts,lib,migrations,models,policies,presenters,rack_servers,routing,rubocop,serializers,services,sidekiq,tasks,uploaders,validators,views,workers,elastic_integration}{,/**/}*_spec.rb")
+          .to eq("spec/{bin,config,db,dependencies,factories,finders,frontend,graphql,haml_lint,helpers,initializers,javascripts,lib,migrations,models,policies,presenters,rack_servers,routing,rubocop,serializers,services,sidekiq,tasks,uploaders,validators,views,workers,elastic_integration}{,/**/}*_spec.rb")
       end
     end
 
@@ -47,7 +47,7 @@ RSpec.describe Quality::TestLevel do
     context 'when level is unit' do
       it 'returns a regexp' do
         expect(subject.regexp(:unit))
-          .to eq(%r{spec/(bin|config|db|dependencies|factories|finders|frontend|graphql|helpers|initializers|javascripts|lib|migrations|models|policies|presenters|rack_servers|routing|rubocop|serializers|services|sidekiq|tasks|uploaders|validators|views|workers|elastic_integration)})
+          .to eq(%r{spec/(bin|config|db|dependencies|factories|finders|frontend|graphql|haml_lint|helpers|initializers|javascripts|lib|migrations|models|policies|presenters|rack_servers|routing|rubocop|serializers|services|sidekiq|tasks|uploaders|validators|views|workers|elastic_integration)})
       end
     end
 
-- 
cgit v1.2.1


From a5e7e95d09216436f1b303b3593cd795fb409e13 Mon Sep 17 00:00:00 2001
From: otuhs_d <yekcim.114@gmail.com>
Date: Wed, 24 Jul 2019 00:41:43 +0000
Subject: Correct omitted word

---
 doc/ci/yaml/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/ci/yaml/README.md b/doc/ci/yaml/README.md
index 001f951ebb8..09b9fc87986 100644
--- a/doc/ci/yaml/README.md
+++ b/doc/ci/yaml/README.md
@@ -505,7 +505,7 @@ Feature.enable(:allow_unsafe_ruby_regexp)
 ### `only`/`except` (advanced)
 
 CAUTION: **Warning:**
-This an _alpha_ feature, and it is subject to change at any time without
+This is an _alpha_ feature, and it is subject to change at any time without
 prior notice!
 
 GitLab supports both simple and complex strategies, so it's possible to use an
-- 
cgit v1.2.1


From 3e340b6ffc7f6c76fbbbabf580a96872b9eefa66 Mon Sep 17 00:00:00 2001
From: Dave Pisek <dpisek@gitlab.com>
Date: Thu, 18 Jul 2019 22:48:44 +1000
Subject: Update docs to reflect new Security tabs

This commit includes changes to update the documentation so it
reflects the new navigation structure introduced by the additional
tab "Security & Compliance" to the project-views sidebar and
"Security" to the group-views sidebar.

* Screenshot
* Paths to the Dependency List
* Paths to the group-level security dashboard
---
 .../dependency_scanning/index.md                   |   2 +-
 .../security_dashboard/img/dashboard.png           | Bin 58585 -> 0 bytes
 .../img/group_security_dashboard.png               | Bin 0 -> 226261 bytes
 .../img/project_security_dashboard.png             | Bin 126356 -> 166559 bytes
 .../security_dashboard/index.md                    |   4 ++--
 5 files changed, 3 insertions(+), 3 deletions(-)
 delete mode 100644 doc/user/application_security/security_dashboard/img/dashboard.png
 create mode 100644 doc/user/application_security/security_dashboard/img/group_security_dashboard.png

diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md
index 7473647f129..a2f0584e8dc 100644
--- a/doc/user/application_security/dependency_scanning/index.md
+++ b/doc/user/application_security/dependency_scanning/index.md
@@ -331,7 +331,7 @@ project's dependencies with their versions. This list can be generated only for
 [languages and package managers](#supported-languages-and-package-managers)
 supported by Gemnasium.
 
-To see the generated dependency list, navigate to your project's **Project > Dependency List**.
+To see the generated dependency list, navigate to your project's **Security & Compliance > Dependency List**.
 
 ## Versioning and release process
 
diff --git a/doc/user/application_security/security_dashboard/img/dashboard.png b/doc/user/application_security/security_dashboard/img/dashboard.png
deleted file mode 100644
index a75168b1ce4..00000000000
Binary files a/doc/user/application_security/security_dashboard/img/dashboard.png and /dev/null differ
diff --git a/doc/user/application_security/security_dashboard/img/group_security_dashboard.png b/doc/user/application_security/security_dashboard/img/group_security_dashboard.png
new file mode 100644
index 00000000000..40689861e2a
Binary files /dev/null and b/doc/user/application_security/security_dashboard/img/group_security_dashboard.png differ
diff --git a/doc/user/application_security/security_dashboard/img/project_security_dashboard.png b/doc/user/application_security/security_dashboard/img/project_security_dashboard.png
index f0dad6c54d0..89b310895d3 100644
Binary files a/doc/user/application_security/security_dashboard/img/project_security_dashboard.png and b/doc/user/application_security/security_dashboard/img/project_security_dashboard.png differ
diff --git a/doc/user/application_security/security_dashboard/index.md b/doc/user/application_security/security_dashboard/index.md
index 2a2385c00ae..4cd3fc5f735 100644
--- a/doc/user/application_security/security_dashboard/index.md
+++ b/doc/user/application_security/security_dashboard/index.md
@@ -49,7 +49,7 @@ The group Security Dashboard gives an overview of the vulnerabilities of all the
 projects in a group and its subgroups.
 
 First, navigate to the Security Dashboard found under your group's
-**Overview > Security Dashboard**.
+**Security** tab.
 
 Once you're on the dashboard, at the top you should see a series of filters for:
 
@@ -58,7 +58,7 @@ Once you're on the dashboard, at the top you should see a series of filters for:
 - Report type
 - Project
 
-![dashboard with action buttons and metrics](img/dashboard.png)
+![dashboard with action buttons and metrics](img/group_security_dashboard.png)
 
 Selecting one or more filters will filter the results in this page.
 The first section is an overview of all the vulnerabilities, grouped by severity.
-- 
cgit v1.2.1


From 6c316344468da10ffafabfef616e8d3b6cf8bbb8 Mon Sep 17 00:00:00 2001
From: Victor Zagorodny <vzagorodny@gitlab.com>
Date: Wed, 24 Jul 2019 02:52:01 +0000
Subject: Add GitLab Unix shell scripting style guide to docs

---
 doc/development/contributing/style_guides.md   |   1 +
 doc/development/shell_scripting_guide/index.md | 117 +++++++++++++++++++++++++
 2 files changed, 118 insertions(+)
 create mode 100644 doc/development/shell_scripting_guide/index.md

diff --git a/doc/development/contributing/style_guides.md b/doc/development/contributing/style_guides.md
index 5c6ea1f469d..7832850a9f0 100644
--- a/doc/development/contributing/style_guides.md
+++ b/doc/development/contributing/style_guides.md
@@ -23,6 +23,7 @@
 1. Code should be written in [US English][us-english]
 1. [Go](../go_guide/index.md)
 1. [Python](../python_guide/index.md)
+1. [Shell scripting](../shell_scripting_guide/index.md)
 
 This is also the style used by linting tools such as
 [RuboCop](https://github.com/rubocop-hq/rubocop) and [Hound CI](https://houndci.com).
diff --git a/doc/development/shell_scripting_guide/index.md b/doc/development/shell_scripting_guide/index.md
new file mode 100644
index 00000000000..ae7f2154682
--- /dev/null
+++ b/doc/development/shell_scripting_guide/index.md
@@ -0,0 +1,117 @@
+# Shell scripting standards and style guidelines
+
+## Overview
+
+GitLab consists of many various services and sub-projects. The majority of
+their backend code is written in [Ruby](https://www.ruby-lang.org) and
+[Go](https://golang.org). However, some of them use shell scripts for
+automation of routine system administration tasks like deployment,
+installation, etc. It's being done either for historical reasons or as an effort
+to minimize the dependencies, for instance, for Docker images.
+
+This page aims to define and organize our shell scripting guidelines,
+based on our various experiences. All shell scripts across GitLab project
+should be eventually harmonized with this guide. If there are any per-project
+deviations from this guide, they should be described in the
+`README.md` or `PROCESS.md` file for such a project.
+
+### Avoid using shell scripts
+
+CAUTION: **Caution:**
+This is a must-read section.
+
+Having said all of the above, we recommend staying away from shell scripts
+as much as possible. A language like Ruby or Python (if required for
+consistency with codebases that we leverage) is almost always a better choice.
+The high-level interpreted languages have more readable syntax, offer much more
+mature capabilities for unit-testing, linting, and error reporting.  
+Use shell scripts only if there's a strong restriction on project's
+dependencies size or any other requirements that are more important
+in a particular case.
+
+## Scope of this guide
+
+According to the [GitLab installation requirements](../../install/requirements.md),
+this guide covers only those shells that are used by
+[supported Linux distributions](../../install/requirements.md#supported-linux-distributions),
+that is:
+
+- [POSIX Shell](https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html)
+- [Bash](https://www.gnu.org/software/bash/)
+
+## Shell language choice
+
+- When you need to reduce the dependencies list, use what's provided by the environment. For example, for Docker images it's `sh` from `alpine` which is the base image for most of our tool images.
+- Everywhere else, use `bash` if possible. It's more powerful than `sh` but still a widespread shell.
+
+## Code style and format
+
+This section describes the tools that should be made a mandatory part of
+a project's CI pipeline if it contains shell scripts. These tools
+automate shell code formatting, checking for errors or vulnerabilities, etc.   
+
+### Linting
+
+We're using the [ShellCheck](https://www.shellcheck.net/) utility in its default configuration to lint our
+shell scripts. 
+
+All projects with shell scripts should use this GitLab CI/CD job:
+
+```yaml
+shell check:
+  image: koalaman/shellcheck-alpine
+  stage: test
+  before_script:
+    - shellcheck --version
+  script:
+    - shellcheck scripts/**/*.sh # path to your shell scripts
+```
+
+TIP: **Tip:**
+By default, ShellCheck will use the [shell detection](https://github.com/koalaman/shellcheck/wiki/SC2148#rationale)
+to determine the shell dialect in use. If the shell file is out of your control and ShellCheck cannot
+detect the dialect, use `-s` flag to specify it: `-s sh` or `-s bash`.
+
+### Formatting
+
+It's recommended to use the [shfmt](https://github.com/mvdan/sh#shfmt) tool to maintain consistent formatting.
+We format shell scripts according to the [Google Shell Style Guide](https://google.github.io/styleguide/shell.xml),
+so the following `shfmt` invocation should be applied to the project's script files:
+
+```bash
+shfmt -i 2 -ci scripts/**/*.sh
+```
+
+TIP: **Tip:**
+By default, shfmt will use the [shell detection](https://github.com/mvdan/sh#shfmt) similar to one of ShellCheck
+and ignore files starting with a period. To override this, use `-ln` flag to specify the shell dialect:
+`-ln posix` or `-ln bash`.
+
+NOTE: **Note:**
+Currently, the `shfmt` tool [is not shipped](https://github.com/mvdan/sh/issues/68) as a Docker image containing
+a Linux shell. This makes it impossible to use the [official Docker image](https://hub.docker.com/r/mvdan/shfmt)
+in GitLab Runner. This [may change](https://github.com/mvdan/sh/issues/68#issuecomment-507721371) in future.
+
+## Testing
+
+NOTE: **Note:**
+This is a work in progress.
+
+It is an [ongoing effort](https://gitlab.com/gitlab-org/gitlab-ce/issues/64016) to evaluate different tools for the
+automated testing of shell scripts (like [BATS](https://github.com/sstephenson/bats)).  
+
+## Code Review
+
+The code review should be performed according to:
+
+- [ShellCheck Checks list](https://github.com/koalaman/shellcheck/wiki/Checks)
+- [Google Shell Style Guide](https://google.github.io/styleguide/shell.xml)
+- [Shfmt formatting caveats](https://github.com/mvdan/sh#caveats)
+
+However, the recommended course of action is to use the aforementioned
+tools and address reported offenses. This should eliminate the need
+for code review.
+
+---
+
+[Return to Development documentation](../README.md).
-- 
cgit v1.2.1


From e8d23fc8729ecd951b337f5a30415cd457016fea Mon Sep 17 00:00:00 2001
From: Tiger <twatson@gitlab.com>
Date: Wed, 24 Jul 2019 13:07:38 +1000
Subject: Fix duplicated suggestion in Danger gem warning

---
 danger/gemfile/Dangerfile | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/danger/gemfile/Dangerfile b/danger/gemfile/Dangerfile
index 4e91abc371a..dfe64f79d7b 100644
--- a/danger/gemfile/Dangerfile
+++ b/danger/gemfile/Dangerfile
@@ -3,8 +3,7 @@ GEMFILE_LOCK_NOT_UPDATED_MESSAGE = <<~MSG.freeze
 
 Usually, when %<gemfile>s is updated, you should run
 ```
-bundle install && \
-  bundle install
+bundle install
 ```
 
 or
-- 
cgit v1.2.1


From 378c507cbcd4acec60fc5dadea499e6b16caa801 Mon Sep 17 00:00:00 2001
From: Jose Ivan Vargas <jvargas@gitlab.com>
Date: Wed, 24 Jul 2019 03:18:57 +0000
Subject: Add empty chart component

This merge request adds an empty chart component
which will load in case of queries not having
data to display, this will override the current
logic, which hides all the graphs that have no
data to show
---
 .../monitoring/components/charts/empty_chart.vue   | 41 ++++++++++++++++++++
 .../monitoring/components/dashboard.vue            | 11 +++---
 .../monitoring/components/graph_group.vue          |  6 ++-
 .../monitoring/components/panel_type.vue           | 13 ++++++-
 .../unreleased/jivanvl-add-chart-empty-state.yml   |  5 +++
 locale/gitlab.pot                                  |  3 ++
 .../monitoring/charts/empty_chart_spec.js          | 29 ++++++++++++++
 spec/javascripts/monitoring/panel_type_spec.js     | 44 ++++++++++++++++++++++
 8 files changed, 144 insertions(+), 8 deletions(-)
 create mode 100644 app/assets/javascripts/monitoring/components/charts/empty_chart.vue
 create mode 100644 changelogs/unreleased/jivanvl-add-chart-empty-state.yml
 create mode 100644 spec/javascripts/monitoring/charts/empty_chart_spec.js
 create mode 100644 spec/javascripts/monitoring/panel_type_spec.js

diff --git a/app/assets/javascripts/monitoring/components/charts/empty_chart.vue b/app/assets/javascripts/monitoring/components/charts/empty_chart.vue
new file mode 100644
index 00000000000..73682adc4ee
--- /dev/null
+++ b/app/assets/javascripts/monitoring/components/charts/empty_chart.vue
@@ -0,0 +1,41 @@
+<script>
+import chartEmptyStateIllustration from '@gitlab/svgs/dist/illustrations/chart-empty-state.svg';
+import { chartHeight } from '../../constants';
+
+export default {
+  props: {
+    graphTitle: {
+      type: String,
+      required: true,
+    },
+  },
+  data() {
+    return {
+      height: chartHeight,
+    };
+  },
+  computed: {
+    svgContainerStyle() {
+      return {
+        height: `${this.height}px`,
+      };
+    },
+  },
+  created() {
+    this.chartEmptyStateIllustration = chartEmptyStateIllustration;
+  },
+};
+</script>
+<template>
+  <div class="prometheus-graph col-12 col-lg-6 d-flex flex-column justify-content-center">
+    <div class="prometheus-graph-header">
+      <h5 ref="graphTitle" class="prometheus-graph-title">{{ graphTitle }}</h5>
+    </div>
+    <div
+      class="prepend-top-8 svg-w-100 d-flex align-items-center"
+      :style="svgContainerStyle"
+      v-html="chartEmptyStateIllustration"
+    ></div>
+    <h5 class="text-center prepend-top-8">{{ __('No data to display') }}</h5>
+  </div>
+</template>
diff --git a/app/assets/javascripts/monitoring/components/dashboard.vue b/app/assets/javascripts/monitoring/components/dashboard.vue
index c7c55880040..745488255ab 100644
--- a/app/assets/javascripts/monitoring/components/dashboard.vue
+++ b/app/assets/javascripts/monitoring/components/dashboard.vue
@@ -157,9 +157,6 @@ export default {
       'multipleDashboardsEnabled',
       'additionalPanelTypesEnabled',
     ]),
-    groupsWithData() {
-      return this.groups.filter(group => this.chartsWithData(group.metrics).length > 0);
-    },
     selectedDashboardText() {
       return this.currentDashboard || (this.allDashboards[0] && this.allDashboards[0].display_name);
     },
@@ -256,6 +253,9 @@ export default {
     setTimeWindowParameter(key) {
       return `?time_window=${key}`;
     },
+    groupHasData(group) {
+      return this.chartsWithData(group.metrics).length > 0;
+    },
   },
   addMetric: {
     title: s__('Metrics|Add metric'),
@@ -369,14 +369,15 @@ export default {
     </div>
     <div v-if="!showEmptyState">
       <graph-group
-        v-for="groupData in groupsWithData"
+        v-for="groupData in groups"
         :key="`${groupData.group}.${groupData.priority}`"
         :name="groupData.group"
         :show-panels="showPanels"
+        :collapse-group="groupHasData(groupData)"
       >
         <template v-if="additionalPanelTypesEnabled">
           <panel-type
-            v-for="(graphData, graphIndex) in chartsWithData(groupData.metrics)"
+            v-for="(graphData, graphIndex) in groupData.metrics"
             :key="`panel-type-${graphIndex}`"
             :graph-data="graphData"
             :dashboard-width="elWidth"
diff --git a/app/assets/javascripts/monitoring/components/graph_group.vue b/app/assets/javascripts/monitoring/components/graph_group.vue
index b20ad1802f3..0f5c5b3d60f 100644
--- a/app/assets/javascripts/monitoring/components/graph_group.vue
+++ b/app/assets/javascripts/monitoring/components/graph_group.vue
@@ -10,6 +10,10 @@ export default {
       required: false,
       default: true,
     },
+    collapseGroup: {
+      type: Boolean,
+      required: true,
+    },
   },
 };
 </script>
@@ -19,7 +23,7 @@ export default {
     <div class="card-header">
       <h4>{{ name }}</h4>
     </div>
-    <div class="card-body prometheus-graph-group"><slot></slot></div>
+    <div v-if="collapseGroup" class="card-body prometheus-graph-group"><slot></slot></div>
   </div>
   <div v-else class="prometheus-graph-group"><slot></slot></div>
 </template>
diff --git a/app/assets/javascripts/monitoring/components/panel_type.vue b/app/assets/javascripts/monitoring/components/panel_type.vue
index 45ee067de83..d7cd2c57871 100644
--- a/app/assets/javascripts/monitoring/components/panel_type.vue
+++ b/app/assets/javascripts/monitoring/components/panel_type.vue
@@ -3,11 +3,13 @@ import { mapState } from 'vuex';
 import _ from 'underscore';
 import MonitorAreaChart from './charts/area.vue';
 import MonitorSingleStatChart from './charts/single_stat.vue';
+import MonitorEmptyChart from './charts/empty_chart.vue';
 
 export default {
   components: {
     MonitorAreaChart,
     MonitorSingleStatChart,
+    MonitorEmptyChart,
   },
   props: {
     graphData: {
@@ -24,6 +26,9 @@ export default {
     alertWidgetAvailable() {
       return IS_EE && this.prometheusAlertsAvailable && this.alertsEndpoint && this.graphData;
     },
+    graphDataHasMetrics() {
+      return this.graphData.queries[0].result.length > 0;
+    },
   },
   methods: {
     getGraphAlerts(queries) {
@@ -41,9 +46,12 @@ export default {
 };
 </script>
 <template>
-  <monitor-single-stat-chart v-if="isPanelType('single-stat')" :graph-data="graphData" />
+  <monitor-single-stat-chart
+    v-if="isPanelType('single-stat') && graphDataHasMetrics"
+    :graph-data="graphData"
+  />
   <monitor-area-chart
-    v-else
+    v-else-if="graphDataHasMetrics"
     :graph-data="graphData"
     :deployment-data="deploymentData"
     :project-path="projectPath"
@@ -59,4 +67,5 @@ export default {
       @setAlerts="setAlerts"
     />
   </monitor-area-chart>
+  <monitor-empty-chart v-else :graph-title="graphData.title" />
 </template>
diff --git a/changelogs/unreleased/jivanvl-add-chart-empty-state.yml b/changelogs/unreleased/jivanvl-add-chart-empty-state.yml
new file mode 100644
index 00000000000..7b81ee82582
--- /dev/null
+++ b/changelogs/unreleased/jivanvl-add-chart-empty-state.yml
@@ -0,0 +1,5 @@
+---
+title: Add empty chart component
+merge_request: 30682
+author:
+type: fixed
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 5cd9aa7e2de..df53015390c 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -6917,6 +6917,9 @@ msgstr ""
 msgid "No data found"
 msgstr ""
 
+msgid "No data to display"
+msgstr ""
+
 msgid "No details available"
 msgstr ""
 
diff --git a/spec/javascripts/monitoring/charts/empty_chart_spec.js b/spec/javascripts/monitoring/charts/empty_chart_spec.js
new file mode 100644
index 00000000000..bbfca27dc5a
--- /dev/null
+++ b/spec/javascripts/monitoring/charts/empty_chart_spec.js
@@ -0,0 +1,29 @@
+import { shallowMount } from '@vue/test-utils';
+import EmptyChart from '~/monitoring/components/charts/empty_chart.vue';
+
+describe('Empty Chart component', () => {
+  let emptyChart;
+  const graphTitle = 'Memory Usage';
+
+  beforeEach(() => {
+    emptyChart = shallowMount(EmptyChart, {
+      propsData: {
+        graphTitle,
+      },
+    });
+  });
+
+  afterEach(() => {
+    emptyChart.destroy();
+  });
+
+  it('render the chart title', () => {
+    expect(emptyChart.find({ ref: 'graphTitle' }).text()).toBe(graphTitle);
+  });
+
+  describe('Computed props', () => {
+    it('sets the height for the svg container', () => {
+      expect(emptyChart.vm.svgContainerStyle.height).toBe('300px');
+    });
+  });
+});
diff --git a/spec/javascripts/monitoring/panel_type_spec.js b/spec/javascripts/monitoring/panel_type_spec.js
new file mode 100644
index 00000000000..8ce24041e97
--- /dev/null
+++ b/spec/javascripts/monitoring/panel_type_spec.js
@@ -0,0 +1,44 @@
+import { shallowMount } from '@vue/test-utils';
+import PanelType from '~/monitoring/components/panel_type.vue';
+import EmptyChart from '~/monitoring/components/charts/empty_chart.vue';
+import { graphDataPrometheusQueryRange } from './mock_data';
+
+describe('Panel Type component', () => {
+  let panelType;
+  const dashboardWidth = 100;
+
+  describe('When no graphData is available', () => {
+    let glEmptyChart;
+    const graphDataNoResult = graphDataPrometheusQueryRange;
+    graphDataNoResult.queries[0].result = [];
+
+    beforeEach(() => {
+      panelType = shallowMount(PanelType, {
+        propsData: {
+          dashboardWidth,
+          graphData: graphDataNoResult,
+        },
+      });
+    });
+
+    afterEach(() => {
+      panelType.destroy();
+    });
+
+    describe('Empty Chart component', () => {
+      beforeEach(() => {
+        glEmptyChart = panelType.find(EmptyChart);
+      });
+
+      it('is a Vue instance', () => {
+        expect(glEmptyChart.isVueInstance()).toBe(true);
+      });
+
+      it('it receives a graph title', () => {
+        const props = glEmptyChart.props();
+
+        expect(props.graphTitle).toBe(panelType.vm.graphData.title);
+      });
+    });
+  });
+});
-- 
cgit v1.2.1


From 1ef1b9d5607047370970b6236a6738807f05637f Mon Sep 17 00:00:00 2001
From: Dave Pisek <dpisek@gitlab.com>
Date: Thu, 11 Jul 2019 11:23:53 +1000
Subject: Add "security" top-nevel item to group sidebar

This commits moves the second-level navigation item
'Security Dashboard' into a top-level item.

The rendering of the actual item is EE specific.
---
 app/views/layouts/nav/sidebar/_group.html.haml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/views/layouts/nav/sidebar/_group.html.haml b/app/views/layouts/nav/sidebar/_group.html.haml
index 4b5ccc33716..48c9f19f89f 100644
--- a/app/views/layouts/nav/sidebar/_group.html.haml
+++ b/app/views/layouts/nav/sidebar/_group.html.haml
@@ -36,8 +36,6 @@
                   %span
                     = _('Activity')
 
-            = render_if_exists 'groups/sidebar/security_dashboard' # EE-specific
-
             - if group_sidebar_link?(:contribution_analytics)
               = nav_link(path: 'analytics#show') do
                 = link_to group_analytics_path(@group), title: _('Contribution Analytics'), data: { placement: 'right' } do
@@ -105,6 +103,8 @@
                   = _('Merge Requests')
                 %span.badge.badge-pill.count.merge_counter.js-merge-counter.fly-out-badge= number_with_delimiter(merge_requests_count)
 
+      = render_if_exists "layouts/nav/ee/security_link" # EE-specific
+
       - if group_sidebar_link?(:kubernetes)
         = nav_link(controller: [:clusters]) do
           = link_to group_clusters_path(@group) do
-- 
cgit v1.2.1


From 5b1598191750ed8926b42365abf37a2a277a5d81 Mon Sep 17 00:00:00 2001
From: Dave Pisek <dpisek@gitlab.com>
Date: Wed, 10 Jul 2019 21:45:58 +1000
Subject: Add "security" as nav-item to project sidebar

Moves the security dashboard and dependency list into it's own
top-level navigation item named 'Securty & Compliance', within the
project's sidebar.

This should only affect EE, since the template changes only touch
partials that get conditionally rendered and only exist in EE.
---
 app/views/layouts/nav/sidebar/_project.html.haml | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/app/views/layouts/nav/sidebar/_project.html.haml b/app/views/layouts/nav/sidebar/_project.html.haml
index a9af5ba5008..a9d41997bb7 100644
--- a/app/views/layouts/nav/sidebar/_project.html.haml
+++ b/app/views/layouts/nav/sidebar/_project.html.haml
@@ -34,10 +34,6 @@
               = link_to project_releases_path(@project), title: _('Releases'), class: 'shortcuts-project-releases' do
                 %span= _('Releases')
 
-          = render_if_exists 'projects/sidebar/security_dashboard'
-
-          = render_if_exists 'projects/sidebar/dependencies'
-
           - if can?(current_user, :read_cycle_analytics, @project)
             = nav_link(path: 'cycle_analytics#show') do
               = link_to project_cycle_analytics_path(@project), title: _('Cycle Analytics'), class: 'shortcuts-project-cycle-analytics' do
@@ -203,6 +199,8 @@
                   %span
                     = _('Charts')
 
+      = render_if_exists 'layouts/nav/sidebar/project_security_link' # EE-specific
+
       - if project_nav_tab? :operations
         = nav_link(controller: sidebar_operations_paths) do
           = link_to sidebar_operations_link_path, class: 'shortcuts-operations qa-link-operations' do
-- 
cgit v1.2.1


From 2a61a5a6bac51bc662d5f2638ea74048c5903f87 Mon Sep 17 00:00:00 2001
From: Daniel Gruesso <dgruesso@gitlab.com>
Date: Wed, 24 Jul 2019 04:14:19 +0000
Subject: Remove beta from group and instance clusters

---
 doc/user/group/clusters/index.md    | 1 -
 doc/user/instance/clusters/index.md | 1 -
 2 files changed, 2 deletions(-)

diff --git a/doc/user/group/clusters/index.md b/doc/user/group/clusters/index.md
index 0dffc216f8e..99589cb1915 100644
--- a/doc/user/group/clusters/index.md
+++ b/doc/user/group/clusters/index.md
@@ -5,7 +5,6 @@ type: reference
 # Group-level Kubernetes clusters
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/34758) in GitLab 11.6.
-> Group Cluster integration is currently in [Beta](https://about.gitlab.com/handbook/product/#alpha-beta-ga).
 
 ## Overview
 
diff --git a/doc/user/instance/clusters/index.md b/doc/user/instance/clusters/index.md
index 894f83d3c75..f557dcf4b3c 100644
--- a/doc/user/instance/clusters/index.md
+++ b/doc/user/instance/clusters/index.md
@@ -1,7 +1,6 @@
 # Instance-level Kubernetes clusters
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/39840) in GitLab 11.11.
-> Instance-level cluster integration is currently in [Beta](https://about.gitlab.com/handbook/product/#alpha-beta-ga).
 
 ## Overview
 
-- 
cgit v1.2.1


From a6ac0a2765f07348f618076b8e550e29c9675b77 Mon Sep 17 00:00:00 2001
From: Illya Klymov <xanf@xanf.me>
Date: Fri, 19 Apr 2019 12:44:21 +0300
Subject: Add links in admin area overview

Introduces new `feature_entry` helper for dashboard.
This helper reduces code duplication when listing available features
and relevant links to configuration sections
---
 app/helpers/dashboard_helper.rb                    | 15 ++++++
 app/views/admin/dashboard/index.html.haml          | 53 ++++------------------
 .../unreleased/ce-xanf-add-links-to-admin-area.yml |  5 ++
 locale/gitlab.pot                                  | 18 ++++++++
 spec/helpers/dashboard_helper_spec.rb              | 37 +++++++++++++++
 5 files changed, 85 insertions(+), 43 deletions(-)
 create mode 100644 changelogs/unreleased/ce-xanf-add-links-to-admin-area.yml

diff --git a/app/helpers/dashboard_helper.rb b/app/helpers/dashboard_helper.rb
index 42732eb93dd..d71af08a656 100644
--- a/app/helpers/dashboard_helper.rb
+++ b/app/helpers/dashboard_helper.rb
@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 module DashboardHelper
+  include IconsHelper
+
   def assigned_issues_dashboard_path
     issues_dashboard_path(assignee_username: current_user.username)
   end
@@ -25,6 +27,19 @@ module DashboardHelper
     false
   end
 
+  def feature_entry(title, href: nil, enabled: true)
+    enabled_text = enabled ? 'on' : 'off'
+    label = "#{title}: status #{enabled_text}"
+    link_or_title = href && enabled ? tag.a(title, href: href) : title
+
+    tag.p(aria: { label: label }) do
+      concat(link_or_title)
+      concat(tag.span(class: ['light', 'float-right']) do
+        concat(boolean_to_icon(enabled))
+      end)
+    end
+  end
+
   private
 
   def get_dashboard_nav_links
diff --git a/app/views/admin/dashboard/index.html.haml b/app/views/admin/dashboard/index.html.haml
index 581f6ae0714..c29ecb43fe6 100644
--- a/app/views/admin/dashboard/index.html.haml
+++ b/app/views/admin/dashboard/index.html.haml
@@ -76,51 +76,17 @@
         .info-well
           .well-segment.admin-well.admin-well-features
             %h4 Features
-            - sign_up = "Sign up"
-            %p{ "aria-label" => "#{sign_up}: status " + (allow_signup? ? "on" : "off") }
-              = sign_up
-              %span.light.float-right
-                = boolean_to_icon allow_signup?
-            - ldap = "LDAP"
-            %p{ "aria-label" => "#{ldap}: status " + (Gitlab.config.ldap.enabled ? "on" : "off") }
-              = ldap
-              %span.light.float-right
-                = boolean_to_icon Gitlab.config.ldap.enabled
-            - gravatar = "Gravatar"
-            %p{ "aria-label" => "#{gravatar}: status " + (gravatar_enabled? ? "on" : "off") }
-              = gravatar
-              %span.light.float-right
-                = boolean_to_icon gravatar_enabled?
-            - omniauth = "OmniAuth"
-            %p{ "aria-label" => "#{omniauth}: status " + (Gitlab::Auth.omniauth_enabled? ? "on" : "off") }
-              = omniauth
-              %span.light.float-right
-                = boolean_to_icon Gitlab::Auth.omniauth_enabled?
-            - reply_email = "Reply by email"
-            %p{ "aria-label" => "#{reply_email}: status " + (Gitlab::IncomingEmail.enabled? ? "on" : "off") }
-              = reply_email
-              %span.light.float-right
-                = boolean_to_icon Gitlab::IncomingEmail.enabled?
+            = feature_entry(_('Sign up'), href: admin_application_settings_path(anchor: 'js-signup-settings'))
+            = feature_entry(_('LDAP'), enabled: Gitlab.config.ldap.enabled)
+            = feature_entry(_('Gravatar'), href: admin_application_settings_path(anchor: 'js-account-settings'), enabled: gravatar_enabled?)
+            = feature_entry(_('OmniAuth'), href: admin_application_settings_path(anchor: 'js-signin-settings'), enabled: Gitlab::Auth.omniauth_enabled?)
+            = feature_entry(_('Reply by email'), enabled: Gitlab::IncomingEmail.enabled?)
 
             = render_if_exists 'admin/dashboard/elastic_and_geo'
 
-            - container_reg = "Container Registry"
-            %p{ "aria-label" => "#{container_reg}: status " + (Gitlab.config.registry.enabled ? "on" : "off") }
-              = container_reg
-              %span.light.float-right
-                = boolean_to_icon Gitlab.config.registry.enabled
-            - gitlab_pages = 'GitLab Pages'
-            - gitlab_pages_enabled = Gitlab.config.pages.enabled
-            %p{ "aria-label" => "#{gitlab_pages}: status " + (gitlab_pages_enabled ? "on" : "off") }
-              = gitlab_pages
-              %span.light.float-right
-                = boolean_to_icon gitlab_pages_enabled
-            - gitlab_shared_runners = 'Shared Runners'
-            - gitlab_shared_runners_enabled = Gitlab.config.gitlab_ci.shared_runners_enabled
-            %p{ "aria-label" => "#{gitlab_shared_runners}: status " + (gitlab_shared_runners_enabled ? "on" : "off") }
-              = gitlab_shared_runners
-              %span.light.float-right
-                = boolean_to_icon gitlab_shared_runners_enabled
+            = feature_entry(_('Container Registry'), href: ci_cd_admin_application_settings_path(anchor: 'js-registry-settings'), enabled: Gitlab.config.registry.enabled)
+            = feature_entry(_('Gitlab Pages'), href: help_instance_configuration_url, enabled: Gitlab.config.pages.enabled)
+            = feature_entry(_('Shared Runners'), href: admin_runners_path, enabled: Gitlab.config.gitlab_ci.shared_runners_enabled)
       .col-md-4
         .info-well
           .well-segment.admin-well
@@ -130,7 +96,8 @@
                 .float-right
                   = version_status_badge
             %p
-              GitLab
+              %a{ href: admin_application_settings_path }
+                GitLab
               %span.float-right
                 = Gitlab::VERSION
                 = "(#{Gitlab.revision})"
diff --git a/changelogs/unreleased/ce-xanf-add-links-to-admin-area.yml b/changelogs/unreleased/ce-xanf-add-links-to-admin-area.yml
new file mode 100644
index 00000000000..9eb692c948b
--- /dev/null
+++ b/changelogs/unreleased/ce-xanf-add-links-to-admin-area.yml
@@ -0,0 +1,5 @@
+---
+title: Add links to relevant configuration areas in admin area overview
+merge_request: 29306
+author:
+type: added
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index df53015390c..833c8c9fe11 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -4971,6 +4971,9 @@ msgstr ""
 msgid "Gitea Import"
 msgstr ""
 
+msgid "Gitlab Pages"
+msgstr ""
+
 msgid "Given access %{time_ago}"
 msgstr ""
 
@@ -5031,6 +5034,9 @@ msgstr ""
 msgid "Graph"
 msgstr ""
 
+msgid "Gravatar"
+msgstr ""
+
 msgid "Gravatar enabled"
 msgstr ""
 
@@ -5963,6 +5969,9 @@ msgstr ""
 msgid "Kubernetes service integration has been disabled. Fields on this page are not used by GitLab, you can configure your Kubernetes clusters using the new <a href=\"%{url}\"/>Kubernetes Clusters</a> page"
 msgstr ""
 
+msgid "LDAP"
+msgstr ""
+
 msgid "LFS"
 msgstr ""
 
@@ -7154,6 +7163,9 @@ msgstr ""
 msgid "OfSearchInADropdown|Filter"
 msgstr ""
 
+msgid "OmniAuth"
+msgstr ""
+
 msgid "Once removed, the fork relationship cannot be restored and you will no longer be able to send merge requests to the source."
 msgstr ""
 
@@ -8898,6 +8910,9 @@ msgstr ""
 msgid "Replace all label(s)"
 msgstr ""
 
+msgid "Reply by email"
+msgstr ""
+
 msgid "Reply to comment"
 msgstr ""
 
@@ -9706,6 +9721,9 @@ msgstr ""
 msgid "Sign out"
 msgstr ""
 
+msgid "Sign up"
+msgstr ""
+
 msgid "Sign-in restrictions"
 msgstr ""
 
diff --git a/spec/helpers/dashboard_helper_spec.rb b/spec/helpers/dashboard_helper_spec.rb
index 023238ee0ae..49e23366355 100644
--- a/spec/helpers/dashboard_helper_spec.rb
+++ b/spec/helpers/dashboard_helper_spec.rb
@@ -22,6 +22,43 @@ describe DashboardHelper do
     end
   end
 
+  describe '#feature_entry' do
+    context 'when implicitly enabled' do
+      it 'considers feature enabled by default' do
+        entry = feature_entry('Demo', href: 'demo.link')
+
+        expect(entry).to include('<p aria-label="Demo: status on">')
+        expect(entry).to include('<a href="demo.link">Demo</a>')
+      end
+    end
+
+    context 'when explicitly enabled' do
+      it 'returns a link' do
+        entry = feature_entry('Demo', href: 'demo.link', enabled: true)
+
+        expect(entry).to include('<p aria-label="Demo: status on">')
+        expect(entry).to include('<a href="demo.link">Demo</a>')
+      end
+
+      it 'returns text if href is not provided' do
+        entry = feature_entry('Demo', enabled: true)
+
+        expect(entry).to include('<p aria-label="Demo: status on">')
+        expect(entry).not_to match(/<a[^>]+>/)
+      end
+    end
+
+    context 'when disabled' do
+      it 'returns text without link' do
+        entry = feature_entry('Demo', href: 'demo.link', enabled: false)
+
+        expect(entry).to include('<p aria-label="Demo: status off">')
+        expect(entry).not_to match(/<a[^>]+>/)
+        expect(entry).to include('Demo')
+      end
+    end
+  end
+
   describe '.has_start_trial?' do
     subject { helper.has_start_trial? }
 
-- 
cgit v1.2.1


From 291df05e434f5678c47bce9521ff15748d6c767f Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Sat, 20 Jul 2019 22:34:46 -0700
Subject: Add Rugged calls to performance bar

This will help diagnose the source of excessive I/O from Rugged
calls. To implement this, we need to obtain the full list of arguments
sent to each request method.
---
 .../components/performance_bar_app.vue             |  6 +++
 changelogs/unreleased/sh-add-rugged-to-peek.yml    |  5 ++
 config/initializers/peek.rb                        |  1 +
 lib/gitlab/git/repository.rb                       |  4 ++
 lib/gitlab/git/rugged_impl/blob.rb                 |  2 +-
 lib/gitlab/git/rugged_impl/commit.rb               |  6 +--
 lib/gitlab/git/rugged_impl/repository.rb           |  2 +-
 lib/gitlab/git/rugged_impl/tree.rb                 |  2 +-
 lib/gitlab/git/rugged_impl/use_rugged.rb           | 10 +++-
 lib/gitlab/rugged_instrumentation.rb               | 19 +++++++-
 lib/peek/views/rugged.rb                           | 56 ++++++++++++++++++++++
 scripts/lint-rugged                                |  4 +-
 spec/lib/gitlab/git/repository_spec.rb             |  6 +++
 spec/lib/gitlab/git/rugged_impl/use_rugged_spec.rb | 25 +++++++++-
 spec/lib/peek/views/rugged_spec.rb                 | 37 ++++++++++++++
 15 files changed, 174 insertions(+), 11 deletions(-)
 create mode 100644 changelogs/unreleased/sh-add-rugged-to-peek.yml
 create mode 100644 lib/peek/views/rugged.rb
 create mode 100644 spec/lib/peek/views/rugged_spec.rb

diff --git a/app/assets/javascripts/performance_bar/components/performance_bar_app.vue b/app/assets/javascripts/performance_bar/components/performance_bar_app.vue
index 015c1527500..f05db8376a4 100644
--- a/app/assets/javascripts/performance_bar/components/performance_bar_app.vue
+++ b/app/assets/javascripts/performance_bar/components/performance_bar_app.vue
@@ -41,6 +41,12 @@ export default {
       details: 'details',
       keys: ['feature', 'request'],
     },
+    {
+      metric: 'rugged',
+      header: 'Rugged calls',
+      details: 'details',
+      keys: ['feature', 'args'],
+    },
     {
       metric: 'redis',
       header: 'Redis calls',
diff --git a/changelogs/unreleased/sh-add-rugged-to-peek.yml b/changelogs/unreleased/sh-add-rugged-to-peek.yml
new file mode 100644
index 00000000000..8a030f3daf2
--- /dev/null
+++ b/changelogs/unreleased/sh-add-rugged-to-peek.yml
@@ -0,0 +1,5 @@
+---
+title: Add Rugged calls to performance bar
+merge_request: 30983
+author:
+type: other
diff --git a/config/initializers/peek.rb b/config/initializers/peek.rb
index 1ffd133239d..8416ae430c7 100644
--- a/config/initializers/peek.rb
+++ b/config/initializers/peek.rb
@@ -26,6 +26,7 @@ Peek.into PEEK_DB_VIEW
 Peek.into Peek::Views::Gitaly
 Peek.into Peek::Views::Rblineprof
 Peek.into Peek::Views::RedisDetailed
+Peek.into Peek::Views::Rugged
 Peek.into Peek::Views::GC
 Peek.into Peek::Views::Tracing if Labkit::Tracing.tracing_url_enabled?
 
diff --git a/lib/gitlab/git/repository.rb b/lib/gitlab/git/repository.rb
index 6e8aa5d578e..27032602828 100644
--- a/lib/gitlab/git/repository.rb
+++ b/lib/gitlab/git/repository.rb
@@ -55,6 +55,10 @@ module Gitlab
         @name = @relative_path.split("/").last
       end
 
+      def to_s
+        "<#{self.class.name}: #{self.gl_project_path}>"
+      end
+
       def ==(other)
         other.is_a?(self.class) && [storage, relative_path] == [other.storage, other.relative_path]
       end
diff --git a/lib/gitlab/git/rugged_impl/blob.rb b/lib/gitlab/git/rugged_impl/blob.rb
index 9aea736527b..5c73c0c66a9 100644
--- a/lib/gitlab/git/rugged_impl/blob.rb
+++ b/lib/gitlab/git/rugged_impl/blob.rb
@@ -16,7 +16,7 @@ module Gitlab
           override :tree_entry
           def tree_entry(repository, sha, path, limit)
             if use_rugged?(repository, :rugged_tree_entry)
-              wrap_rugged_call { rugged_tree_entry(repository, sha, path, limit) }
+              execute_rugged_call(:rugged_tree_entry, repository, sha, path, limit)
             else
               super
             end
diff --git a/lib/gitlab/git/rugged_impl/commit.rb b/lib/gitlab/git/rugged_impl/commit.rb
index 29ae9bdd851..0eff35ab1c4 100644
--- a/lib/gitlab/git/rugged_impl/commit.rb
+++ b/lib/gitlab/git/rugged_impl/commit.rb
@@ -36,7 +36,7 @@ module Gitlab
           override :find_commit
           def find_commit(repo, commit_id)
             if use_rugged?(repo, :rugged_find_commit)
-              wrap_rugged_call { rugged_find(repo, commit_id) }
+              execute_rugged_call(:rugged_find, repo, commit_id)
             else
               super
             end
@@ -45,7 +45,7 @@ module Gitlab
           override :batch_by_oid
           def batch_by_oid(repo, oids)
             if use_rugged?(repo, :rugged_list_commits_by_oid)
-              wrap_rugged_call { rugged_batch_by_oid(repo, oids) }
+              execute_rugged_call(:rugged_batch_by_oid, repo, oids)
             else
               super
             end
@@ -68,7 +68,7 @@ module Gitlab
         override :commit_tree_entry
         def commit_tree_entry(path)
           if use_rugged?(@repository, :rugged_commit_tree_entry)
-            wrap_rugged_call { rugged_tree_entry(path) }
+            execute_rugged_call(:rugged_tree_entry, path)
           else
             super
           end
diff --git a/lib/gitlab/git/rugged_impl/repository.rb b/lib/gitlab/git/rugged_impl/repository.rb
index 7bed553393c..8fde93e71e2 100644
--- a/lib/gitlab/git/rugged_impl/repository.rb
+++ b/lib/gitlab/git/rugged_impl/repository.rb
@@ -48,7 +48,7 @@ module Gitlab
         override :ancestor?
         def ancestor?(from, to)
           if use_rugged?(self, :rugged_commit_is_ancestor)
-            wrap_rugged_call { rugged_is_ancestor?(from, to) }
+            execute_rugged_call(:rugged_is_ancestor?, from, to)
           else
             super
           end
diff --git a/lib/gitlab/git/rugged_impl/tree.rb b/lib/gitlab/git/rugged_impl/tree.rb
index 479c5f9d8b7..389c9d32ccb 100644
--- a/lib/gitlab/git/rugged_impl/tree.rb
+++ b/lib/gitlab/git/rugged_impl/tree.rb
@@ -16,7 +16,7 @@ module Gitlab
           override :tree_entries
           def tree_entries(repository, sha, path, recursive)
             if use_rugged?(repository, :rugged_tree_entries)
-              wrap_rugged_call { tree_entries_with_flat_path_from_rugged(repository, sha, path, recursive) }
+              execute_rugged_call(:tree_entries_with_flat_path_from_rugged, repository, sha, path, recursive)
             else
               super
             end
diff --git a/lib/gitlab/git/rugged_impl/use_rugged.rb b/lib/gitlab/git/rugged_impl/use_rugged.rb
index badf943e39c..80b75689334 100644
--- a/lib/gitlab/git/rugged_impl/use_rugged.rb
+++ b/lib/gitlab/git/rugged_impl/use_rugged.rb
@@ -11,17 +11,23 @@ module Gitlab
           Gitlab::GitalyClient.can_use_disk?(repo.storage)
         end
 
-        def wrap_rugged_call(&block)
+        def execute_rugged_call(method_name, *args)
           Gitlab::GitalyClient::StorageSettings.allow_disk_access do
             start = Gitlab::Metrics::System.monotonic_time
 
-            result = yield
+            result = send(method_name, *args) # rubocop:disable GitlabSecurity/PublicSend
 
             duration = Gitlab::Metrics::System.monotonic_time - start
 
             if Gitlab::RuggedInstrumentation.active?
               Gitlab::RuggedInstrumentation.increment_query_count
               Gitlab::RuggedInstrumentation.query_time += duration
+
+              Gitlab::RuggedInstrumentation.add_call_details(
+                feature: method_name,
+                args: args,
+                duration: duration,
+                backtrace: Gitlab::Profiler.clean_backtrace(caller))
             end
 
             result
diff --git a/lib/gitlab/rugged_instrumentation.rb b/lib/gitlab/rugged_instrumentation.rb
index 70c06e8b308..8bb8c547ae1 100644
--- a/lib/gitlab/rugged_instrumentation.rb
+++ b/lib/gitlab/rugged_instrumentation.rb
@@ -24,7 +24,24 @@ module Gitlab
     end
 
     def self.active?
-      Gitlab::SafeRequestStore.active?
+      SafeRequestStore.active?
+    end
+
+    def self.peek_enabled?
+      SafeRequestStore[:peek_enabled]
+    end
+
+    def self.add_call_details(details)
+      return unless peek_enabled?
+
+      Gitlab::SafeRequestStore[:rugged_call_details] ||= []
+      Gitlab::SafeRequestStore[:rugged_call_details] << details
+    end
+
+    def self.list_call_details
+      return [] unless peek_enabled?
+
+      Gitlab::SafeRequestStore[:rugged_call_details] || []
     end
   end
 end
diff --git a/lib/peek/views/rugged.rb b/lib/peek/views/rugged.rb
new file mode 100644
index 00000000000..7e2730e2ae4
--- /dev/null
+++ b/lib/peek/views/rugged.rb
@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+module Peek
+  module Views
+    class Rugged < View
+      def duration
+        ::Gitlab::RuggedInstrumentation.query_time
+      end
+
+      def calls
+        ::Gitlab::RuggedInstrumentation.query_count
+      end
+
+      def results
+        {
+          duration: formatted_duration,
+          calls: calls,
+          details: details
+        }
+      end
+
+      private
+
+      def details
+        ::Gitlab::RuggedInstrumentation.list_call_details
+          .sort { |a, b| b[:duration] <=> a[:duration] }
+          .map(&method(:format_call_details))
+      end
+
+      def format_call_details(call)
+        call.merge(duration: (call[:duration] * 1000).round(3),
+                   args: format_args(call[:args]))
+      end
+
+      def format_args(args)
+        args.map do |arg|
+          # Needed to avoid infinite as_json calls
+          if arg.is_a?(Gitlab::Git::Repository)
+            arg.to_s
+          else
+            arg
+          end
+        end
+      end
+
+      def formatted_duration
+        ms = duration * 1000
+        if ms >= 1000
+          "%.2fms" % ms
+        else
+          "%.0fms" % ms
+        end
+      end
+    end
+  end
+end
diff --git a/scripts/lint-rugged b/scripts/lint-rugged
index e1605b4501b..f40f0489c1a 100755
--- a/scripts/lint-rugged
+++ b/scripts/lint-rugged
@@ -13,9 +13,11 @@ ALLOWED = [
   'lib/gitlab/gitaly_client/storage_settings.rb',
 
   # Needed for logging
+  'config/initializers/peek.rb',
   'config/initializers/lograge.rb',
   'lib/gitlab/grape_logging/loggers/perf_logger.rb',
-  'lib/gitlab/rugged_instrumentation.rb'
+  'lib/gitlab/rugged_instrumentation.rb',
+  'lib/peek/views/rugged.rb'
 ].freeze
 
 rugged_lines = IO.popen(%w[git grep -i -n rugged -- app config lib], &:read).lines
diff --git a/spec/lib/gitlab/git/repository_spec.rb b/spec/lib/gitlab/git/repository_spec.rb
index 41b898df112..dccd50bc472 100644
--- a/spec/lib/gitlab/git/repository_spec.rb
+++ b/spec/lib/gitlab/git/repository_spec.rb
@@ -186,6 +186,12 @@ describe Gitlab::Git::Repository, :seed_helper do
     it { is_expected.to be < 2 }
   end
 
+  describe '#to_s' do
+    subject { repository.to_s }
+
+    it { is_expected.to eq("<Gitlab::Git::Repository: group/project>") }
+  end
+
   describe '#object_directory_size' do
     before do
       allow(repository.gitaly_repository_client)
diff --git a/spec/lib/gitlab/git/rugged_impl/use_rugged_spec.rb b/spec/lib/gitlab/git/rugged_impl/use_rugged_spec.rb
index e437647c258..1a4168f7317 100644
--- a/spec/lib/gitlab/git/rugged_impl/use_rugged_spec.rb
+++ b/spec/lib/gitlab/git/rugged_impl/use_rugged_spec.rb
@@ -16,7 +16,13 @@ describe Gitlab::Git::RuggedImpl::UseRugged, :seed_helper do
   end
 
   subject(:wrapper) do
-    klazz = Class.new { include Gitlab::Git::RuggedImpl::UseRugged }
+    klazz = Class.new do
+      include Gitlab::Git::RuggedImpl::UseRugged
+
+      def rugged_test(ref, test_number)
+      end
+    end
+
     klazz.new
   end
 
@@ -25,6 +31,23 @@ describe Gitlab::Git::RuggedImpl::UseRugged, :seed_helper do
     Gitlab::GitalyClient.instance_variable_set(:@can_use_disk, {})
   end
 
+  context '#execute_rugged_call', :request_store do
+    let(:args) { ['refs/heads/master', 1] }
+
+    before do
+      allow(Gitlab::RuggedInstrumentation).to receive(:peek_enabled?).and_return(true)
+    end
+
+    it 'instruments Rugged call' do
+      expect(subject).to receive(:rugged_test).with(args)
+
+      subject.execute_rugged_call(:rugged_test, args)
+
+      expect(Gitlab::RuggedInstrumentation.query_count).to eq(1)
+      expect(Gitlab::RuggedInstrumentation.list_call_details.count).to eq(1)
+    end
+  end
+
   context 'when feature flag is not persisted' do
     before do
       allow(Feature).to receive(:persisted?).with(feature_flag).and_return(false)
diff --git a/spec/lib/peek/views/rugged_spec.rb b/spec/lib/peek/views/rugged_spec.rb
new file mode 100644
index 00000000000..0fc75043df8
--- /dev/null
+++ b/spec/lib/peek/views/rugged_spec.rb
@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Peek::Views::Rugged, :request_store do
+  subject { described_class.new }
+
+  let(:project) { create(:project) }
+
+  before do
+    allow(Gitlab::RuggedInstrumentation).to receive(:peek_enabled?).and_return(true)
+  end
+
+  it 'returns aggregated results' do
+    ::Gitlab::RuggedInstrumentation.query_time += 1.234
+    ::Gitlab::RuggedInstrumentation.increment_query_count
+    ::Gitlab::RuggedInstrumentation.increment_query_count
+
+    ::Gitlab::RuggedInstrumentation.add_call_details(feature: :rugged_test,
+                                                     args: [project.repository.raw, 'HEAD'],
+                                                     duration: 0.123)
+    ::Gitlab::RuggedInstrumentation.add_call_details(feature: :rugged_test2,
+                                                     args: [project.repository.raw, 'refs/heads/master'],
+                                                     duration: 0.456)
+
+    expect(subject.duration).to be_within(0.00001).of(1.234)
+    expect(subject.calls).to eq(2)
+
+    results = subject.results
+    expect(results[:calls]).to eq(2)
+    expect(results[:duration]).to eq('1234.00ms')
+    expect(results[:details].count).to eq(2)
+
+    expect(results[:details][0][:args]).to eq([project.repository.raw.to_s, "refs/heads/master"])
+    expect(results[:details][1][:args]).to eq([project.repository.raw.to_s, "HEAD"])
+  end
+end
-- 
cgit v1.2.1


From 02a27937255f7815ce8d87ea044d4426848f2841 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Tue, 23 Jul 2019 22:12:42 -0700
Subject: Hide Rugged data if it doesn't exist

---
 lib/peek/views/rugged.rb           | 2 ++
 spec/lib/peek/views/rugged_spec.rb | 4 ++++
 2 files changed, 6 insertions(+)

diff --git a/lib/peek/views/rugged.rb b/lib/peek/views/rugged.rb
index 7e2730e2ae4..7b0ab162b15 100644
--- a/lib/peek/views/rugged.rb
+++ b/lib/peek/views/rugged.rb
@@ -12,6 +12,8 @@ module Peek
       end
 
       def results
+        return {} unless calls > 0
+
         {
           duration: formatted_duration,
           calls: calls,
diff --git a/spec/lib/peek/views/rugged_spec.rb b/spec/lib/peek/views/rugged_spec.rb
index 0fc75043df8..715b360953c 100644
--- a/spec/lib/peek/views/rugged_spec.rb
+++ b/spec/lib/peek/views/rugged_spec.rb
@@ -11,6 +11,10 @@ describe Peek::Views::Rugged, :request_store do
     allow(Gitlab::RuggedInstrumentation).to receive(:peek_enabled?).and_return(true)
   end
 
+  it 'returns no results' do
+    expect(subject.results).to eq({})
+  end
+
   it 'returns aggregated results' do
     ::Gitlab::RuggedInstrumentation.query_time += 1.234
     ::Gitlab::RuggedInstrumentation.increment_query_count
-- 
cgit v1.2.1


From e3173c918f1f344711710088e053b2ed0bbe251e Mon Sep 17 00:00:00 2001
From: Elliot Rushton <erushton@gitlab.com>
Date: Wed, 24 Jul 2019 06:11:14 +0000
Subject: Add notes to the docs about setting service variables for users
 wanting to do so from the UI

---
 doc/ci/services/mysql.md    | 6 ++++++
 doc/ci/services/postgres.md | 7 +++++++
 2 files changed, 13 insertions(+)

diff --git a/doc/ci/services/mysql.md b/doc/ci/services/mysql.md
index 697452cee83..9ea113969c8 100644
--- a/doc/ci/services/mysql.md
+++ b/doc/ci/services/mysql.md
@@ -25,6 +25,12 @@ variables:
   MYSQL_ROOT_PASSWORD: "<your_mysql_password>"
 ```
 
+NOTE: **Note:**
+The `MYSQL_DATABASE` and `MYSQL_ROOT_PASSWORD` variables can't be set in the GitLab UI.
+To set them, assign them to a variable [in the UI](../variables/README.md#via-the-ui), 
+and then assign that variable to the 
+`MYSQL_DATABASE` and `MYSQL_ROOT_PASSWORD` variables in your `.gitlab-ci.yml`.
+
 And then configure your application to use the database, for example:
 
 ```yaml
diff --git a/doc/ci/services/postgres.md b/doc/ci/services/postgres.md
index b72dd6e920a..142f4f262e5 100644
--- a/doc/ci/services/postgres.md
+++ b/doc/ci/services/postgres.md
@@ -25,6 +25,13 @@ variables:
   POSTGRES_PASSWORD: ""
 ```
 
+NOTE: **Note:**
+The `POSTGRES_DB`, `POSTGRES_USER`, and `POSTGRES_PASSWORD` variables can't be set in
+the GitLab UI. To set them, assign them to a variable
+[in the UI](../variables/README.md#via-the-ui), and then assign that
+variable to the `POSTGRES_DB`, `POSTGRES_USER`, and `POSTGRES_PASSWORD` variables in
+your `.gitlab-ci.yml`.
+
 And then configure your application to use the database, for example:
 
 ```yaml
-- 
cgit v1.2.1


From 163a43629c9018beb5f2a474ce63a0065445471b Mon Sep 17 00:00:00 2001
From: Peter Leitzen <pleitzen@gitlab.com>
Date: Wed, 24 Jul 2019 08:19:15 +0000
Subject: Prefer `flat_map` over `map` + `flatten` in specs

Although `flat_map` is equivalent to `map` + `flatten(1)`
(note the level 1) we can apply this same refactoring to all cases.
---
 spec/controllers/projects/jobs_controller_spec.rb              |  2 +-
 .../gitlab/database_importers/common_metrics/importer_spec.rb  |  4 ++--
 spec/lib/gitlab/import_export/project_tree_saver_spec.rb       |  4 ++--
 spec/lib/gitlab/metrics/dashboard/processor_spec.rb            |  6 +++---
 spec/lib/gitlab/prometheus/metric_group_spec.rb                |  4 ++--
 spec/models/wiki_page_spec.rb                                  |  3 +--
 spec/services/issuable/bulk_update_service_spec.rb             | 10 +++++-----
 spec/services/issues/update_service_spec.rb                    |  2 +-
 spec/services/merge_requests/update_service_spec.rb            |  2 +-
 spec/support/helpers/key_generator_helper.rb                   |  2 +-
 10 files changed, 19 insertions(+), 20 deletions(-)

diff --git a/spec/controllers/projects/jobs_controller_spec.rb b/spec/controllers/projects/jobs_controller_spec.rb
index 901402aa5fd..e428aa3c7b7 100644
--- a/spec/controllers/projects/jobs_controller_spec.rb
+++ b/spec/controllers/projects/jobs_controller_spec.rb
@@ -158,7 +158,7 @@ describe Projects::JobsController, :clean_gitlab_redis_shared_state do
         get_show_json
 
         json_response.dig('pipeline', 'details', 'stages').tap do |stages|
-          expect(stages.map(&:keys).flatten)
+          expect(stages.flat_map(&:keys))
             .to eq %w[name title status path dropdown_path]
         end
       end
diff --git a/spec/lib/gitlab/database_importers/common_metrics/importer_spec.rb b/spec/lib/gitlab/database_importers/common_metrics/importer_spec.rb
index 57c8bafd488..eed2a1b7b48 100644
--- a/spec/lib/gitlab/database_importers/common_metrics/importer_spec.rb
+++ b/spec/lib/gitlab/database_importers/common_metrics/importer_spec.rb
@@ -7,8 +7,8 @@ describe Gitlab::DatabaseImporters::CommonMetrics::Importer do
 
   context "does import common_metrics.yml" do
     let(:groups) { subject.content['panel_groups'] }
-    let(:panels) { groups.map { |group| group['panels'] }.flatten }
-    let(:metrics) { panels.map { |group| group['metrics'] }.flatten }
+    let(:panels) { groups.flat_map { |group| group['panels'] } }
+    let(:metrics) { panels.flat_map { |group| group['metrics'] } }
     let(:metric_ids) { metrics.map { |metric| metric['id'] } }
 
     before do
diff --git a/spec/lib/gitlab/import_export/project_tree_saver_spec.rb b/spec/lib/gitlab/import_export/project_tree_saver_spec.rb
index 5f56c30c7e0..1ff2eb9210f 100644
--- a/spec/lib/gitlab/import_export/project_tree_saver_spec.rb
+++ b/spec/lib/gitlab/import_export/project_tree_saver_spec.rb
@@ -179,9 +179,9 @@ describe Gitlab::ImportExport::ProjectTreeSaver do
       end
 
       it 'has priorities associated to labels' do
-        priorities = saved_project_json['issues'].first['label_links'].map { |link| link['label']['priorities'] }
+        priorities = saved_project_json['issues'].first['label_links'].flat_map { |link| link['label']['priorities'] }
 
-        expect(priorities.flatten).not_to be_empty
+        expect(priorities).not_to be_empty
       end
 
       it 'has issue resource label events' do
diff --git a/spec/lib/gitlab/metrics/dashboard/processor_spec.rb b/spec/lib/gitlab/metrics/dashboard/processor_spec.rb
index 797d4daabe3..d7891e69dd0 100644
--- a/spec/lib/gitlab/metrics/dashboard/processor_spec.rb
+++ b/spec/lib/gitlab/metrics/dashboard/processor_spec.rb
@@ -101,9 +101,9 @@ describe Gitlab::Metrics::Dashboard::Processor do
   private
 
   def all_metrics
-    dashboard[:panel_groups].map do |group|
-      group[:panels].map { |panel| panel[:metrics] }
-    end.flatten
+    dashboard[:panel_groups].flat_map do |group|
+      group[:panels].flat_map { |panel| panel[:metrics] }
+    end
   end
 
   def get_metric_details(metric)
diff --git a/spec/lib/gitlab/prometheus/metric_group_spec.rb b/spec/lib/gitlab/prometheus/metric_group_spec.rb
index 5cc6827488b..a45dd0af91e 100644
--- a/spec/lib/gitlab/prometheus/metric_group_spec.rb
+++ b/spec/lib/gitlab/prometheus/metric_group_spec.rb
@@ -17,7 +17,7 @@ describe Gitlab::Prometheus::MetricGroup do
     end
 
     it 'returns exactly three metric queries' do
-      expect(subject.map(&:metrics).flatten.map(&:id)).to contain_exactly(
+      expect(subject.flat_map(&:metrics).map(&:id)).to contain_exactly(
         common_metric_group_a.id, common_metric_group_b_q1.id,
         common_metric_group_b_q2.id)
     end
@@ -37,7 +37,7 @@ describe Gitlab::Prometheus::MetricGroup do
 
     subject do
       described_class.for_project(other_project)
-        .map(&:metrics).flatten
+        .flat_map(&:metrics)
         .map(&:id)
     end
 
diff --git a/spec/models/wiki_page_spec.rb b/spec/models/wiki_page_spec.rb
index 520a06e138e..18c62c917dc 100644
--- a/spec/models/wiki_page_spec.rb
+++ b/spec/models/wiki_page_spec.rb
@@ -81,10 +81,9 @@ describe WikiPage do
           grouped_entries = described_class.group_by_directory(wiki.list_pages)
 
           actual_order =
-            grouped_entries.map do |page_or_dir|
+            grouped_entries.flat_map do |page_or_dir|
               get_slugs(page_or_dir)
             end
-            .flatten
           expect(actual_order).to eq(expected_order)
         end
       end
diff --git a/spec/services/issuable/bulk_update_service_spec.rb b/spec/services/issuable/bulk_update_service_spec.rb
index 40da3d31408..fb12877fa05 100644
--- a/spec/services/issuable/bulk_update_service_spec.rb
+++ b/spec/services/issuable/bulk_update_service_spec.rb
@@ -265,7 +265,7 @@ describe Issuable::BulkUpdateService do
         end
 
         it 'removes the label IDs from all issues passed' do
-          expect(issues.map(&:reload).map(&:label_ids).flatten).not_to include(merge_requests.id)
+          expect(issues.map(&:reload).flat_map(&:label_ids)).not_to include(merge_requests.id)
         end
 
         it 'does not update issues not passed in' do
@@ -297,11 +297,11 @@ describe Issuable::BulkUpdateService do
         let(:remove_labels) { [regression] }
 
         it 'removes the label IDs from all issues passed' do
-          expect(issues.map(&:reload).map(&:label_ids).flatten).not_to include(regression.id)
+          expect(issues.map(&:reload).flat_map(&:label_ids)).not_to include(regression.id)
         end
 
         it 'ignores the label IDs parameter' do
-          expect(issues.map(&:reload).map(&:label_ids).flatten).not_to include(merge_requests.id)
+          expect(issues.map(&:reload).flat_map(&:label_ids)).not_to include(merge_requests.id)
         end
 
         it 'does not update issues not passed in' do
@@ -320,11 +320,11 @@ describe Issuable::BulkUpdateService do
         end
 
         it 'removes the label IDs from all issues passed' do
-          expect(issues.map(&:reload).map(&:label_ids).flatten).not_to include(merge_requests.id)
+          expect(issues.map(&:reload).flat_map(&:label_ids)).not_to include(merge_requests.id)
         end
 
         it 'ignores the label IDs parameter' do
-          expect(issues.map(&:reload).map(&:label_ids).flatten).not_to include(regression.id)
+          expect(issues.map(&:reload).flat_map(&:label_ids)).not_to include(regression.id)
         end
 
         it 'does not update issues not passed in' do
diff --git a/spec/services/issues/update_service_spec.rb b/spec/services/issues/update_service_spec.rb
index 468e7c286d5..68b79132096 100644
--- a/spec/services/issues/update_service_spec.rb
+++ b/spec/services/issues/update_service_spec.rb
@@ -179,7 +179,7 @@ describe Issues::UpdateService, :mailer do
         it 'sends email to user2 about assign of new issue and email to user3 about issue unassignment' do
           deliveries = ActionMailer::Base.deliveries
           email = deliveries.last
-          recipients = deliveries.last(2).map(&:to).flatten
+          recipients = deliveries.last(2).flat_map(&:to)
           expect(recipients).to include(user2.email, user3.email)
           expect(email.subject).to include(issue.title)
         end
diff --git a/spec/services/merge_requests/update_service_spec.rb b/spec/services/merge_requests/update_service_spec.rb
index 7e5837a4798..2e58da894e5 100644
--- a/spec/services/merge_requests/update_service_spec.rb
+++ b/spec/services/merge_requests/update_service_spec.rb
@@ -99,7 +99,7 @@ describe MergeRequests::UpdateService, :mailer do
       it 'sends email to user2 about assign of new merge request and email to user3 about merge request unassignment' do
         deliveries = ActionMailer::Base.deliveries
         email = deliveries.last
-        recipients = deliveries.last(2).map(&:to).flatten
+        recipients = deliveries.last(2).flat_map(&:to)
         expect(recipients).to include(user2.email, user3.email)
         expect(email.subject).to include(merge_request.title)
       end
diff --git a/spec/support/helpers/key_generator_helper.rb b/spec/support/helpers/key_generator_helper.rb
index d55d8312c65..768b8c127b9 100644
--- a/spec/support/helpers/key_generator_helper.rb
+++ b/spec/support/helpers/key_generator_helper.rb
@@ -33,7 +33,7 @@ module Spec
 
         # Packs string components into an openssh-encoded pubkey.
         def pack_pubkey_components(strings)
-          (strings.map { |s| [s.length].pack('N') }).zip(strings).flatten.join
+          (strings.flat_map { |s| [s.length].pack('N') }).zip(strings).join
         end
       end
     end
-- 
cgit v1.2.1


From 13e7feef08a4b4fd32d553ac58f943a1f8a3d579 Mon Sep 17 00:00:00 2001
From: Patrick Derichs <pderichs@gitlab.com>
Date: Wed, 24 Jul 2019 08:53:29 +0200
Subject: Add where condition to filter out invalid labels with nil type

---
 app/models/label.rb                                      |  2 +-
 changelogs/unreleased/63730-fix-500-status-labels-pd.yml |  5 +++++
 spec/models/label_spec.rb                                | 13 +++++++++++++
 3 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/63730-fix-500-status-labels-pd.yml

diff --git a/app/models/label.rb b/app/models/label.rb
index b83e0862bab..dd403562bfa 100644
--- a/app/models/label.rb
+++ b/app/models/label.rb
@@ -33,7 +33,7 @@ class Label < ApplicationRecord
 
   default_scope { order(title: :asc) }
 
-  scope :templates, -> { where(template: true) }
+  scope :templates, -> { where(template: true, type: [Label.name, nil]) }
   scope :with_title, ->(title) { where(title: title) }
   scope :with_lists_and_board, -> { joins(lists: :board).merge(List.movable) }
   scope :on_project_boards, ->(project_id) { with_lists_and_board.where(boards: { project_id: project_id }) }
diff --git a/changelogs/unreleased/63730-fix-500-status-labels-pd.yml b/changelogs/unreleased/63730-fix-500-status-labels-pd.yml
new file mode 100644
index 00000000000..a1e2ae0e5df
--- /dev/null
+++ b/changelogs/unreleased/63730-fix-500-status-labels-pd.yml
@@ -0,0 +1,5 @@
+---
+title: Fix admin labels page when there are invalid records
+merge_request: 30885
+author:
+type: fixed
diff --git a/spec/models/label_spec.rb b/spec/models/label_spec.rb
index 5174c590a10..c2e2298823e 100644
--- a/spec/models/label_spec.rb
+++ b/spec/models/label_spec.rb
@@ -193,4 +193,17 @@ describe Label do
       expect(described_class.optionally_subscribed_by(nil)).to match_array([label, label2])
     end
   end
+
+  describe '#templates' do
+    context 'with invalid template labels' do
+      it 'returns only valid template labels' do
+        create(:label)
+        # Project labels should not have template set to true
+        create(:label, template: true)
+        valid_template_label = described_class.create!(title: 'test', template: true, type: nil)
+
+        expect(described_class.templates).to eq([valid_template_label])
+      end
+    end
+  end
 end
-- 
cgit v1.2.1


From 2bc43c447184dec3b37bdb44d1c565c436e99179 Mon Sep 17 00:00:00 2001
From: Mohammad Alhashash <alhashash@shebak.com>
Date: Tue, 23 Jul 2019 22:02:12 +0000
Subject: Fix incorrect web server parameter in init.d script

Environment variable USE_WEB_SERVER should have the value of the selected webserver when calling bin/web startup script.

Fixes #65008
---
 lib/support/init.d/gitlab | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/lib/support/init.d/gitlab b/lib/support/init.d/gitlab
index 32df74f104a..bccb94ff0bf 100755
--- a/lib/support/init.d/gitlab
+++ b/lib/support/init.d/gitlab
@@ -67,6 +67,13 @@ if ! cd "$app_root" ; then
  echo "Failed to cd into $app_root, exiting!";  exit 1
 fi
 
+# Select the web server to use
+if [ -z "$EXPERIMENTAL_PUMA" ]; then
+  use_web_server="unicorn"
+else
+  use_web_server="puma"
+fi
+
 
 ### Init Script functions
 
@@ -256,7 +263,7 @@ start_gitlab() {
   check_stale_pids
 
   if [ "$web_status" != "0" ]; then
-    echo "Starting GitLab web server"
+    echo "Starting GitLab web server ($use_web_server)"
   fi
   if [ "$sidekiq_status" != "0" ]; then
     echo "Starting GitLab Sidekiq"
@@ -281,7 +288,7 @@ start_gitlab() {
     # Remove old socket if it exists
     rm -f "$rails_socket" 2>/dev/null
     # Start the web server
-    RAILS_ENV=$RAILS_ENV EXPERIMENTAL_PUMA=$EXPERIMENTAL_PUMA bin/web start
+    RAILS_ENV=$RAILS_ENV USE_WEB_SERVER=$use_web_server bin/web start
   fi
 
   # If sidekiq is already running, don't start it again.
@@ -343,7 +350,7 @@ stop_gitlab() {
 
   if [ "$web_status" = "0" ]; then
     echo "Shutting down GitLab web server"
-    RAILS_ENV=$RAILS_ENV EXPERIMENTAL_PUMA=$EXPERIMENTAL_PUMA bin/web stop
+    RAILS_ENV=$RAILS_ENV USE_WEB_SERVER=$use_web_server bin/web stop
   fi
   if [ "$sidekiq_status" = "0" ]; then
     echo "Shutting down GitLab Sidekiq"
@@ -447,7 +454,7 @@ reload_gitlab(){
     exit 1
   fi
   printf "Reloading GitLab web server configuration... "
-  RAILS_ENV=$RAILS_ENV EXPERIMENTAL_PUMA=$EXPERIMENTAL_PUMA bin/web reload
+  RAILS_ENV=$RAILS_ENV USE_WEB_SERVER=$use_web_server bin/web reload
   echo "Done."
 
   echo "Restarting GitLab Sidekiq since it isn't capable of reloading its config..."
-- 
cgit v1.2.1


From 7cf4bf848f9d3018af2c87d7c88b26b7610db995 Mon Sep 17 00:00:00 2001
From: Christian Couder <chriscool@tuxfamily.org>
Date: Tue, 16 Jul 2019 09:16:41 +0200
Subject: Support title and desc on merge w/ push option

MergeRequests::PushOptionsHandlerService has been updated to allow
creating and updating merge requests with the `title` and
`description` set using git push options.

To create a new merge request and set its title and description:

      git push -u origin -o merge_request.create \
        -o merge_request.title="My title" \
        -o merge_request.description="My description"

To update an existing merge request and set its title and
description:

      git push -u origin -o merge_request.title="My title" \
        -o merge_request.description="My description"

Issue https://gitlab.com/gitlab-org/gitlab-ce/issues/64320
---
 .../merge_requests/push_options_handler_service.rb |  17 ++-
 changelogs/unreleased/label-descr-push-opts.yml    |   5 +
 doc/user/project/merge_requests/index.md           |  24 ++++
 lib/gitlab/push_options.rb                         |   4 +-
 .../push_options_handler_service_spec.rb           | 154 +++++++++++++++++++++
 5 files changed, 194 insertions(+), 10 deletions(-)
 create mode 100644 changelogs/unreleased/label-descr-push-opts.yml

diff --git a/app/services/merge_requests/push_options_handler_service.rb b/app/services/merge_requests/push_options_handler_service.rb
index 6d70b5106c7..b210004e6e1 100644
--- a/app/services/merge_requests/push_options_handler_service.rb
+++ b/app/services/merge_requests/push_options_handler_service.rb
@@ -118,7 +118,14 @@ module MergeRequests
     end
 
     def base_params
-      params = {}
+      params = {
+        title: push_options[:title],
+        description: push_options[:description],
+        target_branch: push_options[:target],
+        force_remove_source_branch: push_options[:remove_source_branch]
+      }
+
+      params.compact!
 
       if push_options.key?(:merge_when_pipeline_succeeds)
         params.merge!(
@@ -127,14 +134,6 @@ module MergeRequests
         )
       end
 
-      if push_options.key?(:remove_source_branch)
-        params[:force_remove_source_branch] = push_options[:remove_source_branch]
-      end
-
-      if push_options.key?(:target)
-        params[:target_branch] = push_options[:target]
-      end
-
       params
     end
 
diff --git a/changelogs/unreleased/label-descr-push-opts.yml b/changelogs/unreleased/label-descr-push-opts.yml
new file mode 100644
index 00000000000..9b01cfdaed2
--- /dev/null
+++ b/changelogs/unreleased/label-descr-push-opts.yml
@@ -0,0 +1,5 @@
+---
+title: Support setting of merge request title and description using git push options
+merge_request: 31068
+author:
+type: added
diff --git a/doc/user/project/merge_requests/index.md b/doc/user/project/merge_requests/index.md
index d5ca853eff5..f78ec9d96e6 100644
--- a/doc/user/project/merge_requests/index.md
+++ b/doc/user/project/merge_requests/index.md
@@ -343,6 +343,30 @@ git push -o merge_request.remove_source_branch
 You can also use this push option in addition to the
 `merge_request.create` push option.
 
+### Set merge request title using git push options
+
+To set the title of an existing merge request, use
+the `merge_request.title` push option:
+
+```sh
+git push -o merge_request.title="The title I want"
+```
+
+You can also use this push option in addition to the
+`merge_request.create` push option.
+
+### Set merge request description using git push options
+
+To set the description of an existing merge request, use
+the `merge_request.description` push option:
+
+```sh
+git push -o merge_request.description="The description I want"
+```
+
+You can also use this push option in addition to the
+`merge_request.create` push option.
+
 ## Find the merge request that introduced a change
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/2383) in GitLab 10.5.
diff --git a/lib/gitlab/push_options.rb b/lib/gitlab/push_options.rb
index b96590af08e..682edfc4259 100644
--- a/lib/gitlab/push_options.rb
+++ b/lib/gitlab/push_options.rb
@@ -6,9 +6,11 @@ module Gitlab
       merge_request: {
         keys: [
           :create,
+          :description,
           :merge_when_pipeline_succeeds,
           :remove_source_branch,
-          :target
+          :target,
+          :title
         ]
       },
       ci: {
diff --git a/spec/services/merge_requests/push_options_handler_service_spec.rb b/spec/services/merge_requests/push_options_handler_service_spec.rb
index ac40cf02c48..a27fea0c90f 100644
--- a/spec/services/merge_requests/push_options_handler_service_spec.rb
+++ b/spec/services/merge_requests/push_options_handler_service_spec.rb
@@ -11,6 +11,8 @@ describe MergeRequests::PushOptionsHandlerService do
   let(:service) { described_class.new(project, user, changes, push_options) }
   let(:source_branch) { 'fix' }
   let(:target_branch) { 'feature' }
+  let(:title) { 'my title' }
+  let(:description) { 'my description' }
   let(:new_branch_changes) { "#{Gitlab::Git::BLANK_SHA} 570e7b2abdd848b95f2f578043fc23bd6f6fd24d refs/heads/#{source_branch}" }
   let(:existing_branch_changes) { "d14d6c0abdd253381df51a723d58691b2ee1ab08 570e7b2abdd848b95f2f578043fc23bd6f6fd24d refs/heads/#{source_branch}" }
   let(:deleted_branch_changes) { "d14d6c0abdd253381df51a723d58691b2ee1ab08 #{Gitlab::Git::BLANK_SHA} refs/heads/#{source_branch}" }
@@ -73,6 +75,26 @@ describe MergeRequests::PushOptionsHandlerService do
     end
   end
 
+  shared_examples_for 'a service that can set the title of a merge request' do
+    subject(:last_mr) { MergeRequest.last }
+
+    it 'sets the title' do
+      service.execute
+
+      expect(last_mr.title).to eq(title)
+    end
+  end
+
+  shared_examples_for 'a service that can set the description of a merge request' do
+    subject(:last_mr) { MergeRequest.last }
+
+    it 'sets the description' do
+      service.execute
+
+      expect(last_mr.description).to eq(description)
+    end
+  end
+
   shared_examples_for 'a service that can set the merge request to merge when pipeline succeeds' do
     subject(:last_mr) { MergeRequest.last }
 
@@ -350,6 +372,138 @@ describe MergeRequests::PushOptionsHandlerService do
     end
   end
 
+  describe '`title` push option' do
+    let(:push_options) { { title: title } }
+
+    context 'with a new branch' do
+      let(:changes) { new_branch_changes }
+
+      it_behaves_like 'a service that does not create a merge request'
+
+      it 'adds an error to the service' do
+        error = "A merge_request.create push option is required to create a merge request for branch #{source_branch}"
+
+        service.execute
+
+        expect(service.errors).to include(error)
+      end
+
+      context 'when coupled with the `create` push option' do
+        let(:push_options) { { create: true, title: title } }
+
+        it_behaves_like 'a service that can create a merge request'
+        it_behaves_like 'a service that can set the title of a merge request'
+      end
+    end
+
+    context 'with an existing branch but no open MR' do
+      let(:changes) { existing_branch_changes }
+
+      it_behaves_like 'a service that does not create a merge request'
+
+      it 'adds an error to the service' do
+        error = "A merge_request.create push option is required to create a merge request for branch #{source_branch}"
+
+        service.execute
+
+        expect(service.errors).to include(error)
+      end
+
+      context 'when coupled with the `create` push option' do
+        let(:push_options) { { create: true, title: title } }
+
+        it_behaves_like 'a service that can create a merge request'
+        it_behaves_like 'a service that can set the title of a merge request'
+      end
+    end
+
+    context 'with an existing branch that has a merge request open' do
+      let(:changes) { existing_branch_changes }
+      let!(:merge_request) { create(:merge_request, source_project: project, source_branch: source_branch)}
+
+      it_behaves_like 'a service that does not create a merge request'
+      it_behaves_like 'a service that can set the title of a merge request'
+    end
+
+    context 'with a deleted branch' do
+      let(:changes) { deleted_branch_changes }
+
+      it_behaves_like 'a service that does nothing'
+    end
+
+    context 'with the project default branch' do
+      let(:changes) { default_branch_changes }
+
+      it_behaves_like 'a service that does nothing'
+    end
+  end
+
+  describe '`description` push option' do
+    let(:push_options) { { description: description } }
+
+    context 'with a new branch' do
+      let(:changes) { new_branch_changes }
+
+      it_behaves_like 'a service that does not create a merge request'
+
+      it 'adds an error to the service' do
+        error = "A merge_request.create push option is required to create a merge request for branch #{source_branch}"
+
+        service.execute
+
+        expect(service.errors).to include(error)
+      end
+
+      context 'when coupled with the `create` push option' do
+        let(:push_options) { { create: true, description: description } }
+
+        it_behaves_like 'a service that can create a merge request'
+        it_behaves_like 'a service that can set the description of a merge request'
+      end
+    end
+
+    context 'with an existing branch but no open MR' do
+      let(:changes) { existing_branch_changes }
+
+      it_behaves_like 'a service that does not create a merge request'
+
+      it 'adds an error to the service' do
+        error = "A merge_request.create push option is required to create a merge request for branch #{source_branch}"
+
+        service.execute
+
+        expect(service.errors).to include(error)
+      end
+
+      context 'when coupled with the `create` push option' do
+        let(:push_options) { { create: true, description: description } }
+
+        it_behaves_like 'a service that can create a merge request'
+        it_behaves_like 'a service that can set the description of a merge request'
+      end
+    end
+
+    context 'with an existing branch that has a merge request open' do
+      let(:changes) { existing_branch_changes }
+      let!(:merge_request) { create(:merge_request, source_project: project, source_branch: source_branch)}
+
+      it_behaves_like 'a service that does not create a merge request'
+      it_behaves_like 'a service that can set the description of a merge request'
+    end
+
+    context 'with a deleted branch' do
+      let(:changes) { deleted_branch_changes }
+
+      it_behaves_like 'a service that does nothing'
+    end
+
+    context 'with the project default branch' do
+      let(:changes) { default_branch_changes }
+
+      it_behaves_like 'a service that does nothing'
+    end
+  end
+
   describe 'multiple pushed branches' do
     let(:push_options) { { create: true } }
     let(:changes) do
-- 
cgit v1.2.1


From 9de60d6d607c9a52589fe442cbefc5cc5bc0262c Mon Sep 17 00:00:00 2001
From: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Date: Wed, 24 Jul 2019 10:14:56 +0000
Subject: Update CHANGELOG.md for 12.1.1

[ci skip]
---
 CHANGELOG.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 34ace58bb14..3ed244b7ed2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,10 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 12.1.1
+
+- No changes.
+
 ## 12.1.0
 
 ### Security (11 changes, 2 of them are from the community)
-- 
cgit v1.2.1


From 61de1f3596c9de9ad7bf955fc4c04f0ab1c030b2 Mon Sep 17 00:00:00 2001
From: Mark Lapierre <mlapierre@gitlab.com>
Date: Wed, 24 Jul 2019 10:24:06 +0000
Subject: Use a single knapsack file

There should be no difference between jobs in package-and-qa.

Review apps should also be similar but there might be differences
if the runners have different resources.
---
 qa/qa/ce/knapsack/nightly_master_report.json | 46 ++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 qa/qa/ce/knapsack/nightly_master_report.json

diff --git a/qa/qa/ce/knapsack/nightly_master_report.json b/qa/qa/ce/knapsack/nightly_master_report.json
new file mode 100644
index 00000000000..08694f706de
--- /dev/null
+++ b/qa/qa/ce/knapsack/nightly_master_report.json
@@ -0,0 +1,46 @@
+{
+  "qa/specs/features/api/1_manage/users_spec.rb": 0.6089541912078857,
+  "qa/specs/features/api/3_create/repository/files_spec.rb": 5.015859127044678,
+  "qa/specs/features/api/3_create/repository/project_archive_compare_spec.rb": 1.0199065208435059,
+  "qa/specs/features/browser_ui/1_manage/group/transfer_project_spec.rb": 33.54091453552246,
+  "qa/specs/features/browser_ui/1_manage/login/log_in_spec.rb": 3.438166856765747,
+  "qa/specs/features/browser_ui/1_manage/login/login_via_oauth_spec.rb": 20.58603596687317,
+  "qa/specs/features/browser_ui/1_manage/login/register_spec.rb": 22.320587396621704,
+  "qa/specs/features/browser_ui/1_manage/project/add_project_member_spec.rb": 8.490083694458008,
+  "qa/specs/features/browser_ui/1_manage/project/create_project_spec.rb": 10.214765310287476,
+  "qa/specs/features/browser_ui/1_manage/project/import_github_repo_spec.rb": 100.28881478309631,
+  "qa/specs/features/browser_ui/1_manage/project/view_project_activity_spec.rb": 7.882027864456177,
+  "qa/specs/features/browser_ui/2_plan/issue/check_mentions_for_xss_spec.rb": 13.739388942718506,
+  "qa/specs/features/browser_ui/2_plan/issue/collapse_comments_in_discussions_spec.rb": 13.403101205825806,
+  "qa/specs/features/browser_ui/2_plan/issue/comment_issue_spec.rb": 10.989444971084595,
+  "qa/specs/features/browser_ui/2_plan/issue/create_issue_spec.rb": 10.811973810195923,
+  "qa/specs/features/browser_ui/2_plan/issue/filter_issue_comments_spec.rb": 12.63524317741394,
+  "qa/specs/features/browser_ui/2_plan/issue/issue_suggestions_spec.rb": 11.280649185180664,
+  "qa/specs/features/browser_ui/3_create/merge_request/create_merge_request_spec.rb": 41.76726770401001,
+  "qa/specs/features/browser_ui/3_create/merge_request/merge_merge_request_from_fork_spec.rb": 32.5517954826355,
+  "qa/specs/features/browser_ui/3_create/merge_request/rebase_merge_request_spec.rb": 46.54227638244629,
+  "qa/specs/features/browser_ui/3_create/merge_request/squash_merge_request_spec.rb": 27.943300485610962,
+  "qa/specs/features/browser_ui/3_create/merge_request/view_merge_request_diff_patch_spec.rb": 3.705310821533203,
+  "qa/specs/features/browser_ui/3_create/repository/add_file_template_spec.rb": 40.09336972236633,
+  "qa/specs/features/browser_ui/3_create/repository/add_list_delete_branches_spec.rb": 31.49540114402771,
+  "qa/specs/features/browser_ui/3_create/repository/add_ssh_key_spec.rb": 16.18057894706726,
+  "qa/specs/features/browser_ui/3_create/repository/clone_spec.rb": 0.7397980690002441,
+  "qa/specs/features/browser_ui/3_create/repository/create_edit_delete_file_via_web_spec.rb": 18.047621726989746,
+  "qa/specs/features/browser_ui/3_create/repository/push_http_private_token_spec.rb": 9.48607873916626,
+  "qa/specs/features/browser_ui/3_create/repository/push_mirroring_over_http_spec.rb": 23.710937023162842,
+  "qa/specs/features/browser_ui/3_create/repository/push_over_http_file_size_spec.rb": 19.459370374679565,
+  "qa/specs/features/browser_ui/3_create/repository/push_over_http_spec.rb": 7.730542182922363,
+  "qa/specs/features/browser_ui/3_create/repository/push_protected_branch_spec.rb": 29.76174831390381,
+  "qa/specs/features/browser_ui/3_create/repository/use_ssh_key_spec.rb": 22.800872802734375,
+  "qa/specs/features/browser_ui/3_create/repository/user_views_commit_diff_patch_spec.rb": 6.731764793395996,
+  "qa/specs/features/browser_ui/3_create/snippet/create_snippet_spec.rb": 5.812374591827393,
+  "qa/specs/features/browser_ui/3_create/web_ide/add_file_template_spec.rb": 25.460349321365356,
+  "qa/specs/features/browser_ui/3_create/wiki/create_edit_clone_push_wiki_spec.rb": 17.273863554000854,
+  "qa/specs/features/browser_ui/4_verify/ci_variable/add_ci_variable_spec.rb": 8.31815505027771,
+  "qa/specs/features/browser_ui/4_verify/runner/register_runner_spec.rb": 18.679633855819702,
+  "qa/specs/features/browser_ui/6_release/deploy_key/add_deploy_key_spec.rb": 15.342933893203735,
+  "qa/specs/features/browser_ui/6_release/deploy_key/clone_using_deploy_key_spec.rb": 92.46774697303772,
+  "qa/specs/features/browser_ui/6_release/deploy_token/add_deploy_token_spec.rb": 20.252174615859985,
+  "qa/specs/features/browser_ui/7_configure/auto_devops/create_project_with_auto_devops_spec.rb": 8.281434059143066,
+  "qa/specs/features/browser_ui/non_devops/performance_bar_spec.rb": 8.810423135757446
+}
\ No newline at end of file
-- 
cgit v1.2.1


From 667b92a3a4e0fada63703bcb170f49da13f9a40a Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Tue, 23 Jul 2019 22:25:23 -0700
Subject: Update performance bar documentation

---
 .../monitoring/performance/img/performance_bar.png | Bin 99331 -> 127198 bytes
 .../img/performance_bar_gitaly_calls.png           | Bin 91275 -> 203373 bytes
 .../img/performance_bar_redis_calls.png            | Bin 0 -> 191734 bytes
 .../img/performance_bar_rugged_calls.png           | Bin 0 -> 274852 bytes
 .../img/performance_bar_sql_queries.png            | Bin 128337 -> 338952 bytes
 .../monitoring/performance/performance_bar.md      |   8 +++++---
 6 files changed, 5 insertions(+), 3 deletions(-)
 create mode 100644 doc/administration/monitoring/performance/img/performance_bar_redis_calls.png
 create mode 100644 doc/administration/monitoring/performance/img/performance_bar_rugged_calls.png

diff --git a/doc/administration/monitoring/performance/img/performance_bar.png b/doc/administration/monitoring/performance/img/performance_bar.png
index 2bf686f9017..8a6f8b3b273 100644
Binary files a/doc/administration/monitoring/performance/img/performance_bar.png and b/doc/administration/monitoring/performance/img/performance_bar.png differ
diff --git a/doc/administration/monitoring/performance/img/performance_bar_gitaly_calls.png b/doc/administration/monitoring/performance/img/performance_bar_gitaly_calls.png
index 7af6d401d1d..265178729c4 100644
Binary files a/doc/administration/monitoring/performance/img/performance_bar_gitaly_calls.png and b/doc/administration/monitoring/performance/img/performance_bar_gitaly_calls.png differ
diff --git a/doc/administration/monitoring/performance/img/performance_bar_redis_calls.png b/doc/administration/monitoring/performance/img/performance_bar_redis_calls.png
new file mode 100644
index 00000000000..78dd7594adf
Binary files /dev/null and b/doc/administration/monitoring/performance/img/performance_bar_redis_calls.png differ
diff --git a/doc/administration/monitoring/performance/img/performance_bar_rugged_calls.png b/doc/administration/monitoring/performance/img/performance_bar_rugged_calls.png
new file mode 100644
index 00000000000..f4068268137
Binary files /dev/null and b/doc/administration/monitoring/performance/img/performance_bar_rugged_calls.png differ
diff --git a/doc/administration/monitoring/performance/img/performance_bar_sql_queries.png b/doc/administration/monitoring/performance/img/performance_bar_sql_queries.png
index b3219b4fa94..dab323eb066 100644
Binary files a/doc/administration/monitoring/performance/img/performance_bar_sql_queries.png and b/doc/administration/monitoring/performance/img/performance_bar_sql_queries.png differ
diff --git a/doc/administration/monitoring/performance/performance_bar.md b/doc/administration/monitoring/performance/performance_bar.md
index 4ee156fdc11..15eab7dcab0 100644
--- a/doc/administration/monitoring/performance/performance_bar.md
+++ b/doc/administration/monitoring/performance/performance_bar.md
@@ -8,15 +8,16 @@ activated, it looks as follows:
 It allows you to see (from left to right):
 
 - the current host serving the page
-- the timing of the page (backend, frontend)
 - time taken and number of DB queries, click through for details of these queries
   ![SQL profiling using the Performance Bar](img/performance_bar_sql_queries.png)
 - time taken and number of [Gitaly] calls, click through for details of these calls
   ![Gitaly profiling using the Performance Bar](img/performance_bar_gitaly_calls.png)
+- time taken and number of [Rugged] calls, click through for details of these calls
+  ![Rugged profiling using the Performance Bar](img/performance_bar_rugged_calls.png)
 - profile of the code used to generate the page, line by line. In the profile view, the numbers in the left panel represent wall time, cpu time, and number of calls (based on [rblineprof](https://github.com/tmm1/rblineprof)).
   ![Line profiling using the Performance Bar](img/performance_bar_line_profiling.png)
-- time taken and number of calls to Redis
-- time taken and number of background jobs created by Sidekiq
+- time taken and number of Redis calls, click through for details of these calls
+  ![Redis profiling using the Performance Bar](img/performance_bar_redis_calls.png)
 - time taken and number of Ruby GC calls
 
 On the far right is a request selector that allows you to view the same metrics
@@ -43,3 +44,4 @@ You can toggle the Bar using the same shortcut.
 ![GitLab Performance Bar Admin Settings](img/performance_bar_configuration_settings.png)
 
 [Gitaly]: ../../gitaly/index.md
+[Rugged]: ../../high_availability/nfs.md#improving-nfs-performance-with-gitlab
-- 
cgit v1.2.1


From d18ee3faad34097c14d2f1ee9c4a1bf7b00b202a Mon Sep 17 00:00:00 2001
From: Luke Duncalfe <lduncalfe@gitlab.com>
Date: Wed, 24 Jul 2019 11:23:51 +0000
Subject: LFS export records repository_type data

A project can have the same `LfsObject` linked with up to three
`LfsObjectsProject` records. Each of these records would be for a
different repository, recorded in the `repository_type` property. The
different repositories at time of writing are "project", "wiki", and
"design". See https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/13894

This change exports the list of `repository_type`s as a JSON mapping of
oid => repository_types, which are imported to recreate the correct
`LfsObjectsProject` records.

https://gitlab.com/gitlab-org/gitlab-ee/issues/11090
---
 .../11090-export-design-management-lfs-data.yml    |  5 ++
 doc/administration/logs.md                         |  3 -
 doc/development/import_export.md                   |  1 +
 lib/gitlab/import_export.rb                        | 12 ++-
 lib/gitlab/import_export/lfs_restorer.rb           | 51 ++++++++++-
 lib/gitlab/import_export/lfs_saver.rb              | 47 ++++++++++-
 spec/factories/lfs_objects.rb                      |  1 +
 spec/lib/gitlab/import_export/lfs_restorer_spec.rb | 98 ++++++++++++++++------
 spec/lib/gitlab/import_export/lfs_saver_spec.rb    | 49 ++++++++++-
 9 files changed, 231 insertions(+), 36 deletions(-)
 create mode 100644 changelogs/unreleased/11090-export-design-management-lfs-data.yml

diff --git a/changelogs/unreleased/11090-export-design-management-lfs-data.yml b/changelogs/unreleased/11090-export-design-management-lfs-data.yml
new file mode 100644
index 00000000000..36b773124d7
--- /dev/null
+++ b/changelogs/unreleased/11090-export-design-management-lfs-data.yml
@@ -0,0 +1,5 @@
+---
+title: Add support for exporting repository type data for LFS objects
+merge_request: 30830
+author:
+type: changed
diff --git a/doc/administration/logs.md b/doc/administration/logs.md
index 563701b8677..44a33eb7bcf 100644
--- a/doc/administration/logs.md
+++ b/doc/administration/logs.md
@@ -283,9 +283,6 @@ Introduced in GitLab 11.3. This file lives in `/var/log/gitlab/gitlab-rails/impo
 Omnibus GitLab packages or in `/home/git/gitlab/log/importer.log` for
 installations from source.
 
-Currently it logs the progress of project imports from the Bitbucket Server
-importer. Future importers may use this file.
-
 ## `auth.log`
 
 Introduced in GitLab 12.0. This file lives in `/var/log/gitlab/gitlab-rails/auth.log` for
diff --git a/doc/development/import_export.md b/doc/development/import_export.md
index 4c78c62f5f5..0c343bc22e4 100644
--- a/doc/development/import_export.md
+++ b/doc/development/import_export.md
@@ -19,6 +19,7 @@ Project.find_by_full_path('group/project').import_state.slice(:jid, :status, :la
 grep JID /var/log/gitlab/sidekiq/current
 grep "Import/Export error" /var/log/gitlab/sidekiq/current
 grep "Import/Export backtrace" /var/log/gitlab/sidekiq/current
+tail /var/log/gitlab/gitlab-rails/importer.log
 ```
 
 ## Troubleshooting performance issues
diff --git a/lib/gitlab/import_export.rb b/lib/gitlab/import_export.rb
index f63a5ece71e..bb46bd657e8 100644
--- a/lib/gitlab/import_export.rb
+++ b/lib/gitlab/import_export.rb
@@ -4,7 +4,9 @@ module Gitlab
   module ImportExport
     extend self
 
-    # For every version update, the version history in import_export.md has to be kept up to date.
+    # For every version update the version history in these docs must be kept up to date:
+    # - development/import_export.md
+    # - user/project/settings/import_export.md
     VERSION = '0.2.4'.freeze
     FILENAME_LIMIT = 50
 
@@ -28,6 +30,14 @@ module Gitlab
       "project.bundle"
     end
 
+    def lfs_objects_filename
+      "lfs-objects.json"
+    end
+
+    def lfs_objects_storage
+      "lfs-objects"
+    end
+
     def config_file
       Rails.root.join('lib/gitlab/import_export/import_export.yml')
     end
diff --git a/lib/gitlab/import_export/lfs_restorer.rb b/lib/gitlab/import_export/lfs_restorer.rb
index 345c7880e30..1de8a5bf9ec 100644
--- a/lib/gitlab/import_export/lfs_restorer.rb
+++ b/lib/gitlab/import_export/lfs_restorer.rb
@@ -3,6 +3,10 @@
 module Gitlab
   module ImportExport
     class LfsRestorer
+      include Gitlab::Utils::StrongMemoize
+
+      attr_accessor :project, :shared
+
       def initialize(project:, shared:)
         @project = project
         @shared = shared
@@ -17,7 +21,7 @@ module Gitlab
 
         true
       rescue => e
-        @shared.error(e)
+        shared.error(e)
         false
       end
 
@@ -29,16 +33,57 @@ module Gitlab
 
         lfs_object = LfsObject.find_or_initialize_by(oid: oid, size: size)
         lfs_object.file = File.open(path) unless lfs_object.file&.exists?
+        lfs_object.save! if lfs_object.changed?
 
-        @project.all_lfs_objects << lfs_object
+        repository_types(oid).each do |repository_type|
+          LfsObjectsProject.create!(
+            project: project,
+            lfs_object: lfs_object,
+            repository_type: repository_type
+          )
+        end
+      end
+
+      def repository_types(oid)
+        # We allow support for imports created before the `lfs-objects.json`
+        # file was generated. In this case, the restorer will link an LFS object
+        # with a single `lfs_objects_projects` relation.
+        #
+        # This allows us backwards-compatibility without version bumping.
+        # See https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/30830#note_192608870
+        return ['project'] unless has_lfs_json?
+
+        lfs_json[oid]
       end
 
       def lfs_file_paths
         @lfs_file_paths ||= Dir.glob("#{lfs_storage_path}/*")
       end
 
+      def has_lfs_json?
+        strong_memoize(:has_lfs_json) do
+          File.exist?(lfs_json_path)
+        end
+      end
+
+      def lfs_json
+        return {} unless has_lfs_json?
+
+        @lfs_json ||=
+          begin
+            json = IO.read(lfs_json_path)
+            ActiveSupport::JSON.decode(json)
+          rescue
+            raise Gitlab::ImportExport::Error.new('Incorrect JSON format')
+          end
+      end
+
       def lfs_storage_path
-        File.join(@shared.export_path, 'lfs-objects')
+        File.join(shared.export_path, ImportExport.lfs_objects_storage)
+      end
+
+      def lfs_json_path
+        File.join(shared.export_path, ImportExport.lfs_objects_filename)
       end
     end
   end
diff --git a/lib/gitlab/import_export/lfs_saver.rb b/lib/gitlab/import_export/lfs_saver.rb
index 954f6f00078..18c590e1ca9 100644
--- a/lib/gitlab/import_export/lfs_saver.rb
+++ b/lib/gitlab/import_export/lfs_saver.rb
@@ -5,25 +5,40 @@ module Gitlab
     class LfsSaver
       include Gitlab::ImportExport::CommandLineUtil
 
+      attr_accessor :lfs_json, :project, :shared
+
+      BATCH_SIZE = 100
+
       def initialize(project:, shared:)
         @project = project
         @shared = shared
+        @lfs_json = {}
       end
 
       def save
-        @project.all_lfs_objects.each do |lfs_object|
-          save_lfs_object(lfs_object)
+        project.all_lfs_objects.find_in_batches(batch_size: BATCH_SIZE) do |batch|
+          batch.each do |lfs_object|
+            save_lfs_object(lfs_object)
+          end
+
+          append_lfs_json_for_batch(batch) if write_lfs_json_enabled?
         end
 
+        write_lfs_json if write_lfs_json_enabled?
+
         true
       rescue => e
-        @shared.error(e)
+        shared.error(e)
 
         false
       end
 
       private
 
+      def write_lfs_json_enabled?
+        ::Feature.enabled?(:export_lfs_objects_projects, default_enabled: true)
+      end
+
       def save_lfs_object(lfs_object)
         if lfs_object.local_store?
           copy_file_for_lfs_object(lfs_object)
@@ -45,12 +60,36 @@ module Gitlab
         copy_files(lfs_object.file.path, destination_path_for_object(lfs_object))
       end
 
+      def append_lfs_json_for_batch(lfs_objects_batch)
+        lfs_objects_projects = LfsObjectsProject
+                                .select('lfs_objects.oid, array_agg(distinct lfs_objects_projects.repository_type) as repository_types')
+                                .joins(:lfs_object)
+                                .where(project: project, lfs_object: lfs_objects_batch)
+                                .group('lfs_objects.oid')
+
+        lfs_objects_projects.each do |group|
+          oid = group.oid
+
+          lfs_json[oid] ||= []
+          lfs_json[oid] += group.repository_types
+        end
+      end
+
+      def write_lfs_json
+        mkdir_p(shared.export_path)
+        File.write(lfs_json_path, lfs_json.to_json)
+      end
+
       def destination_path_for_object(lfs_object)
         File.join(lfs_export_path, lfs_object.oid)
       end
 
       def lfs_export_path
-        File.join(@shared.export_path, 'lfs-objects')
+        File.join(shared.export_path, ImportExport.lfs_objects_storage)
+      end
+
+      def lfs_json_path
+        File.join(shared.export_path, ImportExport.lfs_objects_filename)
       end
     end
   end
diff --git a/spec/factories/lfs_objects.rb b/spec/factories/lfs_objects.rb
index c909471bb55..08ac7fb69e7 100644
--- a/spec/factories/lfs_objects.rb
+++ b/spec/factories/lfs_objects.rb
@@ -14,6 +14,7 @@ FactoryBot.define do
   # objects, so the test needs to decide which (if any) object gets it
   trait :correct_oid do
     oid 'b804383982bb89b00e828e3f44c038cc991d3d1768009fc39ba8e2c081b9fb75'
+    size 1062
   end
 
   trait :object_storage do
diff --git a/spec/lib/gitlab/import_export/lfs_restorer_spec.rb b/spec/lib/gitlab/import_export/lfs_restorer_spec.rb
index 70eeb9ee66b..2b0bdb909ae 100644
--- a/spec/lib/gitlab/import_export/lfs_restorer_spec.rb
+++ b/spec/lib/gitlab/import_export/lfs_restorer_spec.rb
@@ -6,6 +6,7 @@ describe Gitlab::ImportExport::LfsRestorer do
   let(:export_path) { "#{Dir.tmpdir}/lfs_object_restorer_spec" }
   let(:project) { create(:project) }
   let(:shared) { project.import_export_shared }
+  let(:saver) { Gitlab::ImportExport::LfsSaver.new(project: project, shared: shared) }
   subject(:restorer) { described_class.new(project: project, shared: shared) }
 
   before do
@@ -19,49 +20,98 @@ describe Gitlab::ImportExport::LfsRestorer do
 
   describe '#restore' do
     context 'when the archive contains lfs files' do
-      let(:dummy_lfs_file_path) { File.join(shared.export_path, 'lfs-objects', 'dummy') }
-
-      def create_lfs_object_with_content(content)
-        dummy_lfs_file = Tempfile.new('existing')
-        File.write(dummy_lfs_file.path, content)
-        size = dummy_lfs_file.size
-        oid = LfsObject.calculate_oid(dummy_lfs_file.path)
-        LfsObject.create!(oid: oid, size: size, file: dummy_lfs_file)
+      let(:lfs_object) { create(:lfs_object, :correct_oid, :with_file) }
+
+      # Use the LfsSaver to save data to be restored
+      def save_lfs_data
+        %w(project wiki).each do |repository_type|
+          create(
+            :lfs_objects_project,
+            project: project,
+            repository_type: repository_type,
+            lfs_object: lfs_object
+          )
+        end
+
+        saver.save
+
+        project.lfs_objects.delete_all
       end
 
       before do
-        FileUtils.mkdir_p(File.dirname(dummy_lfs_file_path))
-        File.write(dummy_lfs_file_path, 'not very large')
-        allow(restorer).to receive(:lfs_file_paths).and_return([dummy_lfs_file_path])
+        save_lfs_data
+        project.reload
       end
 
-      it 'creates an lfs object for the project' do
-        expect { restorer.restore }.to change { project.reload.lfs_objects.size }.by(1)
+      it 'succeeds' do
+        expect(restorer.restore).to eq(true)
+        expect(shared.errors).to be_empty
       end
 
-      it 'assigns the file correctly' do
+      it 'does not create a new `LfsObject` records, as one already exists' do
+        expect { restorer.restore }.not_to change { LfsObject.count }
+      end
+
+      it 'creates new `LfsObjectsProject` records in order to link the project to the existing `LfsObject`' do
+        expect { restorer.restore }.to change { LfsObjectsProject.count }.by(2)
+      end
+
+      it 'restores the correct `LfsObject` records' do
         restorer.restore
 
-        expect(project.lfs_objects.first.file.read).to eq('not very large')
+        expect(project.lfs_objects).to contain_exactly(lfs_object)
       end
 
-      it 'links an existing LFS object if it existed' do
-        lfs_object = create_lfs_object_with_content('not very large')
+      it 'restores the correct `LfsObjectsProject` records for the project' do
+        restorer.restore
 
+        expect(
+          project.lfs_objects_projects.pluck(:repository_type)
+        ).to contain_exactly('project', 'wiki')
+      end
+
+      it 'assigns the file correctly' do
         restorer.restore
 
-        expect(project.lfs_objects).to include(lfs_object)
+        expect(project.lfs_objects.first.file.read).to eq(lfs_object.file.read)
       end
 
-      it 'succeeds' do
-        expect(restorer.restore).to be_truthy
-        expect(shared.errors).to be_empty
+      context 'when there is not an existing `LfsObject`' do
+        before do
+          lfs_object.destroy
+        end
+
+        it 'creates a new lfs object' do
+          expect { restorer.restore }.to change { LfsObject.count }.by(1)
+        end
+
+        it 'stores the upload' do
+          expect_any_instance_of(LfsObjectUploader).to receive(:store!)
+
+          restorer.restore
+        end
       end
 
-      it 'stores the upload' do
-        expect_any_instance_of(LfsObjectUploader).to receive(:store!)
+      context 'when there is no lfs-objects.json file' do
+        before do
+          json_file = File.join(shared.export_path, ::Gitlab::ImportExport.lfs_objects_filename)
 
-        restorer.restore
+          FileUtils.rm_rf(json_file)
+        end
+
+        it 'restores the correct `LfsObject` records' do
+          restorer.restore
+
+          expect(project.lfs_objects).to contain_exactly(lfs_object)
+        end
+
+        it 'restores a single `LfsObjectsProject` record for the project with "project" for the `repository_type`' do
+          restorer.restore
+
+          expect(
+            project.lfs_objects_projects.pluck(:repository_type)
+          ).to contain_exactly('project')
+        end
       end
     end
 
diff --git a/spec/lib/gitlab/import_export/lfs_saver_spec.rb b/spec/lib/gitlab/import_export/lfs_saver_spec.rb
index 9b0e21deb2e..c3c88486e16 100644
--- a/spec/lib/gitlab/import_export/lfs_saver_spec.rb
+++ b/spec/lib/gitlab/import_export/lfs_saver_spec.rb
@@ -19,6 +19,11 @@ describe Gitlab::ImportExport::LfsSaver do
   describe '#save' do
     context 'when the project has LFS objects locally stored' do
       let(:lfs_object) { create(:lfs_object, :with_file) }
+      let(:lfs_json_file) { File.join(shared.export_path, Gitlab::ImportExport.lfs_objects_filename) }
+
+      def lfs_json
+        JSON.parse(IO.read(lfs_json_file))
+      end
 
       before do
         project.lfs_objects << lfs_object
@@ -35,6 +40,45 @@ describe Gitlab::ImportExport::LfsSaver do
 
         expect(File).to exist("#{shared.export_path}/lfs-objects/#{lfs_object.oid}")
       end
+
+      describe 'saving a json file' do
+        before do
+          # Create two more LfsObjectProject records with different `repository_type`s
+          %w(wiki design).each do |repository_type|
+            create(
+              :lfs_objects_project,
+              project: project,
+              repository_type: repository_type,
+              lfs_object: lfs_object
+            )
+          end
+
+          FileUtils.rm_rf(lfs_json_file)
+        end
+
+        it 'saves a json file correctly' do
+          saver.save
+
+          expect(File.exist?(lfs_json_file)).to eq(true)
+          expect(lfs_json).to eq(
+            {
+              lfs_object.oid => [
+                LfsObjectsProject.repository_types['wiki'],
+                LfsObjectsProject.repository_types['design'],
+                nil
+              ]
+            }
+          )
+        end
+
+        it 'does not save a json file if feature is disabled' do
+          stub_feature_flags(export_lfs_objects_projects: false)
+
+          saver.save
+
+          expect(File.exist?(lfs_json_file)).to eq(false)
+        end
+      end
     end
 
     context 'when the LFS objects are stored in object storage' do
@@ -42,8 +86,11 @@ describe Gitlab::ImportExport::LfsSaver do
 
       before do
         allow(LfsObjectUploader).to receive(:object_store_enabled?).and_return(true)
-        allow(lfs_object.file).to receive(:url).and_return('http://my-object-storage.local')
         project.lfs_objects << lfs_object
+
+        expect_next_instance_of(LfsObjectUploader) do |instance|
+          expect(instance).to receive(:url).and_return('http://my-object-storage.local')
+        end
       end
 
       it 'downloads the file to include in an archive' do
-- 
cgit v1.2.1


From 74f0faa27c12a50f7705161b66c27485809e8e07 Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Wed, 24 Jul 2019 12:49:43 +0100
Subject: Remove unused peek view code

We haven't needed these since we started rendering the performance bar
in Vue.
---
 app/views/peek/views/_gc.html.haml      | 7 -------
 app/views/peek/views/_redis.html.haml   | 7 -------
 app/views/peek/views/_sidekiq.html.haml | 7 -------
 locale/gitlab.pot                       | 6 ------
 4 files changed, 27 deletions(-)
 delete mode 100644 app/views/peek/views/_gc.html.haml
 delete mode 100644 app/views/peek/views/_redis.html.haml
 delete mode 100644 app/views/peek/views/_sidekiq.html.haml

diff --git a/app/views/peek/views/_gc.html.haml b/app/views/peek/views/_gc.html.haml
deleted file mode 100644
index 2a586261ce1..00000000000
--- a/app/views/peek/views/_gc.html.haml
+++ /dev/null
@@ -1,7 +0,0 @@
-- local_assigns.fetch(:view)
-
-%span.bold
-  %span{ title: _('Invoke Time'), data: { defer_to: "#{view.defer_key}-gc_time" } }...
-  \/
-  %span{ title: _('Invoke Count'), data: { defer_to: "#{view.defer_key}-invokes" } }...
-gc
diff --git a/app/views/peek/views/_redis.html.haml b/app/views/peek/views/_redis.html.haml
deleted file mode 100644
index f7fba6c95fc..00000000000
--- a/app/views/peek/views/_redis.html.haml
+++ /dev/null
@@ -1,7 +0,0 @@
-- local_assigns.fetch(:view)
-
-%span.bold
-  %span{ data: { defer_to: "#{view.defer_key}-duration" } }...
-  \/
-  %span{ data: { defer_to: "#{view.defer_key}-calls" } }...
-redis
diff --git a/app/views/peek/views/_sidekiq.html.haml b/app/views/peek/views/_sidekiq.html.haml
deleted file mode 100644
index 7efbc05890d..00000000000
--- a/app/views/peek/views/_sidekiq.html.haml
+++ /dev/null
@@ -1,7 +0,0 @@
-- local_assigns.fetch(:view)
-
-%span.bold
-  %span{ data: { defer_to: "#{view.defer_key}-duration" } }...
-  \/
-  %span{ data: { defer_to: "#{view.defer_key}-calls" } }...
-sidekiq
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 7b1a3fd4d2c..97defd42742 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -5696,12 +5696,6 @@ msgstr ""
 msgid "Invocations"
 msgstr ""
 
-msgid "Invoke Count"
-msgstr ""
-
-msgid "Invoke Time"
-msgstr ""
-
 msgid "IssuableStatus|Closed (%{moved_link_start}moved%{moved_link_end})"
 msgstr ""
 
-- 
cgit v1.2.1


From f36da45711f7d412951b50c6b9db913a5e324171 Mon Sep 17 00:00:00 2001
From: Adam Hegyi <ahegyi@gitlab.com>
Date: Mon, 22 Jul 2019 09:47:29 +0200
Subject: Make RelativePositioning reusable

RelativePositioning module was heavily dependent on the Issue model.
This changes makes it easier to reuse the functionality provided by
RelativePositioning in other models.

Needed by: https://gitlab.com/gitlab-org/gitlab-ee/issues/12196
---
 app/models/concerns/relative_positioning.rb        |  52 +++--
 app/models/issue.rb                                |   6 +-
 spec/models/concerns/relative_positioning_spec.rb  | 242 --------------------
 spec/models/issue_spec.rb                          |   8 +
 .../relative_positioning_shared_examples.rb        | 253 +++++++++++++++++++++
 5 files changed, 300 insertions(+), 261 deletions(-)
 delete mode 100644 spec/models/concerns/relative_positioning_spec.rb
 create mode 100644 spec/support/shared_examples/relative_positioning_shared_examples.rb

diff --git a/app/models/concerns/relative_positioning.rb b/app/models/concerns/relative_positioning.rb
index e4fe46d722a..9cd7b8d6258 100644
--- a/app/models/concerns/relative_positioning.rb
+++ b/app/models/concerns/relative_positioning.rb
@@ -1,5 +1,26 @@
 # frozen_string_literal: true
 
+# This module makes it possible to handle items as a list, where the order of items can be easily altered
+# Requirements:
+#
+# - Only works for ActiveRecord models
+# - relative_position integer field must present on the model
+# - This module uses GROUP BY: the model should have a parent relation, example: project -> issues, project is the parent relation (issues table has a parent_id column)
+#
+# Setup like this in the body of your class:
+#
+#     include RelativePositioning
+#
+#     # base query used for the position calculation
+#     def self.relative_positioning_query_base(issue)
+#       where(deleted: false)
+#     end
+#
+#     # column that should be used in GROUP BY
+#     def self.relative_positioning_parent_column
+#       :project_id
+#     end
+#
 module RelativePositioning
   extend ActiveSupport::Concern
 
@@ -93,7 +114,7 @@ module RelativePositioning
     return move_after(before) unless after
     return move_before(after) unless before
 
-    # If there is no place to insert an issue we need to create one by moving the before issue closer
+    # If there is no place to insert an item we need to create one by moving the before item closer
     # to its predecessor. This process will recursively move all the predecessors until we have a place
     if (after.relative_position - before.relative_position) < 2
       before.move_before
@@ -108,11 +129,11 @@ module RelativePositioning
     pos_after = before.next_relative_position
 
     if before.shift_after?
-      issue_to_move = self.class.in_parents(parent_ids).find_by!(relative_position: pos_after)
-      issue_to_move.move_after
-      @positionable_neighbours = [issue_to_move] # rubocop:disable Gitlab/ModuleWithInstanceVariables
+      item_to_move = self.class.relative_positioning_query_base(self).find_by!(relative_position: pos_after)
+      item_to_move.move_after
+      @positionable_neighbours = [item_to_move] # rubocop:disable Gitlab/ModuleWithInstanceVariables
 
-      pos_after = issue_to_move.relative_position
+      pos_after = item_to_move.relative_position
     end
 
     self.relative_position = self.class.position_between(pos_before, pos_after)
@@ -123,11 +144,11 @@ module RelativePositioning
     pos_before = after.prev_relative_position
 
     if after.shift_before?
-      issue_to_move = self.class.in_parents(parent_ids).find_by!(relative_position: pos_before)
-      issue_to_move.move_before
-      @positionable_neighbours = [issue_to_move] # rubocop:disable Gitlab/ModuleWithInstanceVariables
+      item_to_move = self.class.relative_positioning_query_base(self).find_by!(relative_position: pos_before)
+      item_to_move.move_before
+      @positionable_neighbours = [item_to_move] # rubocop:disable Gitlab/ModuleWithInstanceVariables
 
-      pos_before = issue_to_move.relative_position
+      pos_before = item_to_move.relative_position
     end
 
     self.relative_position = self.class.position_between(pos_before, pos_after)
@@ -141,13 +162,13 @@ module RelativePositioning
     self.relative_position = self.class.position_between(min_relative_position || START_POSITION, MIN_POSITION)
   end
 
-  # Indicates if there is an issue that should be shifted to free the place
+  # Indicates if there is an item that should be shifted to free the place
   def shift_after?
     next_pos = next_relative_position
     next_pos && (next_pos - relative_position) == 1
   end
 
-  # Indicates if there is an issue that should be shifted to free the place
+  # Indicates if there is an item that should be shifted to free the place
   def shift_before?
     prev_pos = prev_relative_position
     prev_pos && (relative_position - prev_pos) == 1
@@ -159,7 +180,7 @@ module RelativePositioning
   def save_positionable_neighbours
     return unless @positionable_neighbours
 
-    status = @positionable_neighbours.all? { |issue| issue.save(touch: false) }
+    status = @positionable_neighbours.all? { |item| item.save(touch: false) }
     @positionable_neighbours = nil
 
     status
@@ -170,16 +191,15 @@ module RelativePositioning
     # When calculating across projects, this is much more efficient than
     # MAX(relative_position) without the GROUP BY, due to index usage:
     # https://gitlab.com/gitlab-org/gitlab-ce/issues/54276#note_119340977
-    relation = self.class
-                 .in_parents(parent_ids)
+    relation = self.class.relative_positioning_query_base(self)
                  .order(Gitlab::Database.nulls_last_order('position', 'DESC'))
+                 .group(self.class.relative_positioning_parent_column)
                  .limit(1)
-                 .group(self.class.parent_column)
 
     relation = yield relation if block_given?
 
     relation
-      .pluck(self.class.parent_column, Arel.sql("#{calculation}(relative_position) AS position"))
+      .pluck(self.class.relative_positioning_parent_column, Arel.sql("#{calculation}(relative_position) AS position"))
       .first&.
       last
   end
diff --git a/app/models/issue.rb b/app/models/issue.rb
index 8c5dd5e382e..164858dc432 100644
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -91,11 +91,11 @@ class Issue < ApplicationRecord
     end
   end
 
-  class << self
-    alias_method :in_parents, :in_projects
+  def self.relative_positioning_query_base(issue)
+    in_projects(issue.parent_ids)
   end
 
-  def self.parent_column
+  def self.relative_positioning_parent_column
     :project_id
   end
 
diff --git a/spec/models/concerns/relative_positioning_spec.rb b/spec/models/concerns/relative_positioning_spec.rb
deleted file mode 100644
index d0ae45f7871..00000000000
--- a/spec/models/concerns/relative_positioning_spec.rb
+++ /dev/null
@@ -1,242 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe RelativePositioning do
-  let(:project) { create(:project) }
-  let(:issue) { create(:issue, project: project) }
-  let(:issue1) { create(:issue, project: project) }
-  let(:new_issue) { create(:issue, project: project) }
-
-  describe '.move_to_end' do
-    it 'moves the object to the end' do
-      Issue.move_to_end([issue, issue1])
-
-      expect(issue1.prev_relative_position).to eq issue.relative_position
-      expect(issue.prev_relative_position).to eq nil
-      expect(issue1.next_relative_position).to eq nil
-    end
-
-    it 'does not perform any moves if all issues have their relative_position set' do
-      issue.update!(relative_position: 1)
-
-      expect(issue).not_to receive(:save)
-
-      Issue.move_to_end([issue])
-    end
-  end
-
-  describe '#max_relative_position' do
-    it 'returns maximum position' do
-      expect(issue.max_relative_position).to eq issue1.relative_position
-    end
-  end
-
-  describe '#prev_relative_position' do
-    it 'returns previous position if there is an issue above' do
-      expect(issue1.prev_relative_position).to eq issue.relative_position
-    end
-
-    it 'returns nil if there is no issue above' do
-      expect(issue.prev_relative_position).to eq nil
-    end
-  end
-
-  describe '#next_relative_position' do
-    it 'returns next position if there is an issue below' do
-      expect(issue.next_relative_position).to eq issue1.relative_position
-    end
-
-    it 'returns nil if there is no issue below' do
-      expect(issue1.next_relative_position).to eq nil
-    end
-  end
-
-  describe '#move_before' do
-    it 'moves issue before' do
-      [issue1, issue].each(&:move_to_end)
-
-      issue.move_before(issue1)
-
-      expect(issue.relative_position).to be < issue1.relative_position
-    end
-  end
-
-  describe '#move_after' do
-    it 'moves issue after' do
-      [issue, issue1].each(&:move_to_end)
-
-      issue.move_after(issue1)
-
-      expect(issue.relative_position).to be > issue1.relative_position
-    end
-  end
-
-  describe '#move_to_end' do
-    before do
-      [issue, issue1].each do |issue|
-        issue.move_to_end && issue.save
-      end
-    end
-
-    it 'moves issue to the end' do
-      new_issue.move_to_end
-
-      expect(new_issue.relative_position).to be > issue1.relative_position
-    end
-  end
-
-  describe '#shift_after?' do
-    before do
-      [issue, issue1].each do |issue|
-        issue.move_to_end && issue.save
-      end
-    end
-
-    it 'returns true' do
-      issue.update(relative_position: issue1.relative_position - 1)
-
-      expect(issue.shift_after?).to be_truthy
-    end
-
-    it 'returns false' do
-      issue.update(relative_position: issue1.relative_position - 2)
-
-      expect(issue.shift_after?).to be_falsey
-    end
-  end
-
-  describe '#shift_before?' do
-    before do
-      [issue, issue1].each do |issue|
-        issue.move_to_end && issue.save
-      end
-    end
-
-    it 'returns true' do
-      issue.update(relative_position: issue1.relative_position + 1)
-
-      expect(issue.shift_before?).to be_truthy
-    end
-
-    it 'returns false' do
-      issue.update(relative_position: issue1.relative_position + 2)
-
-      expect(issue.shift_before?).to be_falsey
-    end
-  end
-
-  describe '#move_between' do
-    before do
-      [issue, issue1].each do |issue|
-        issue.move_to_end && issue.save
-      end
-    end
-
-    it 'positions issue between two other' do
-      new_issue.move_between(issue, issue1)
-
-      expect(new_issue.relative_position).to be > issue.relative_position
-      expect(new_issue.relative_position).to be < issue1.relative_position
-    end
-
-    it 'positions issue between on top' do
-      new_issue.move_between(nil, issue)
-
-      expect(new_issue.relative_position).to be < issue.relative_position
-    end
-
-    it 'positions issue between to end' do
-      new_issue.move_between(issue1, nil)
-
-      expect(new_issue.relative_position).to be > issue1.relative_position
-    end
-
-    it 'positions issues even when after and before positions are the same' do
-      issue1.update relative_position: issue.relative_position
-
-      new_issue.move_between(issue, issue1)
-
-      expect(new_issue.relative_position).to be > issue.relative_position
-      expect(issue.relative_position).to be < issue1.relative_position
-    end
-
-    it 'positions issues between other two if distance is 1' do
-      issue1.update relative_position: issue.relative_position + 1
-
-      new_issue.move_between(issue, issue1)
-
-      expect(new_issue.relative_position).to be > issue.relative_position
-      expect(issue.relative_position).to be < issue1.relative_position
-    end
-
-    it 'positions issue in the middle of other two if distance is big enough' do
-      issue.update relative_position: 6000
-      issue1.update relative_position: 10000
-
-      new_issue.move_between(issue, issue1)
-
-      expect(new_issue.relative_position).to eq(8000)
-    end
-
-    it 'positions issue closer to the middle if we are at the very top' do
-      issue1.update relative_position: 6000
-
-      new_issue.move_between(nil, issue1)
-
-      expect(new_issue.relative_position).to eq(6000 - RelativePositioning::IDEAL_DISTANCE)
-    end
-
-    it 'positions issue closer to the middle if we are at the very bottom' do
-      issue.update relative_position: 6000
-      issue1.update relative_position: nil
-
-      new_issue.move_between(issue, nil)
-
-      expect(new_issue.relative_position).to eq(6000 + RelativePositioning::IDEAL_DISTANCE)
-    end
-
-    it 'positions issue in the middle of other two if distance is not big enough' do
-      issue.update relative_position: 100
-      issue1.update relative_position: 400
-
-      new_issue.move_between(issue, issue1)
-
-      expect(new_issue.relative_position).to eq(250)
-    end
-
-    it 'positions issue in the middle of other two is there is no place' do
-      issue.update relative_position: 100
-      issue1.update relative_position: 101
-
-      new_issue.move_between(issue, issue1)
-
-      expect(new_issue.relative_position).to be_between(issue.relative_position, issue1.relative_position)
-    end
-
-    it 'uses rebalancing if there is no place' do
-      issue.update relative_position: 100
-      issue1.update relative_position: 101
-      issue2 = create(:issue, relative_position: 102, project: project)
-      new_issue.update relative_position: 103
-
-      new_issue.move_between(issue1, issue2)
-      new_issue.save!
-
-      expect(new_issue.relative_position).to be_between(issue1.relative_position, issue2.relative_position)
-      expect(issue.reload.relative_position).not_to eq(100)
-    end
-
-    it 'positions issue right if we pass none-sequential parameters' do
-      issue.update relative_position: 99
-      issue1.update relative_position: 101
-      issue2 = create(:issue, relative_position: 102, project: project)
-      new_issue.update relative_position: 103
-
-      new_issue.move_between(issue, issue2)
-      new_issue.save!
-
-      expect(new_issue.relative_position).to be(100)
-    end
-  end
-end
diff --git a/spec/models/issue_spec.rb b/spec/models/issue_spec.rb
index d5b016dc8f6..2e7d78d77a8 100644
--- a/spec/models/issue_spec.rb
+++ b/spec/models/issue_spec.rb
@@ -871,4 +871,12 @@ describe Issue do
       expect(issue.labels_hook_attrs).to eq([label.hook_attrs])
     end
   end
+
+  context "relative positioning" do
+    it_behaves_like "a class that supports relative positioning" do
+      let(:project) { create(:project) }
+      let(:factory) { :issue }
+      let(:default_params) { { project: project } }
+    end
+  end
 end
diff --git a/spec/support/shared_examples/relative_positioning_shared_examples.rb b/spec/support/shared_examples/relative_positioning_shared_examples.rb
new file mode 100644
index 00000000000..5ee62644c54
--- /dev/null
+++ b/spec/support/shared_examples/relative_positioning_shared_examples.rb
@@ -0,0 +1,253 @@
+# frozen_string_literal: true
+
+RSpec.shared_examples "a class that supports relative positioning" do
+  let(:item1) { create(factory, default_params) }
+  let(:item2) { create(factory, default_params) }
+  let(:new_item) { create(factory, default_params) }
+
+  def create_item(params)
+    create(factory, params.merge(default_params))
+  end
+
+  describe '.move_to_end' do
+    it 'moves the object to the end' do
+      item1.update(relative_position: 5)
+      item2.update(relative_position: 15)
+
+      described_class.move_to_end([item1, item2])
+
+      expect(item2.prev_relative_position).to eq item1.relative_position
+      expect(item1.prev_relative_position).to eq nil
+      expect(item2.next_relative_position).to eq nil
+    end
+
+    it 'does not perform any moves if all items have their relative_position set' do
+      item1.update!(relative_position: 1)
+
+      expect(item1).not_to receive(:save)
+
+      described_class.move_to_end([item1])
+    end
+  end
+
+  describe '#max_relative_position' do
+    it 'returns maximum position' do
+      expect(item1.max_relative_position).to eq item2.relative_position
+    end
+  end
+
+  describe '#prev_relative_position' do
+    it 'returns previous position if there is an item above' do
+      item1.update(relative_position: 5)
+      item2.update(relative_position: 15)
+
+      expect(item2.prev_relative_position).to eq item1.relative_position
+    end
+
+    it 'returns nil if there is no item above' do
+      expect(item1.prev_relative_position).to eq nil
+    end
+  end
+
+  describe '#next_relative_position' do
+    it 'returns next position if there is an item below' do
+      item1.update(relative_position: 5)
+      item2.update(relative_position: 15)
+
+      expect(item1.next_relative_position).to eq item2.relative_position
+    end
+
+    it 'returns nil if there is no item below' do
+      expect(item2.next_relative_position).to eq nil
+    end
+  end
+
+  describe '#move_before' do
+    it 'moves item before' do
+      [item2, item1].each(&:move_to_end)
+
+      item1.move_before(item2)
+
+      expect(item1.relative_position).to be < item2.relative_position
+    end
+  end
+
+  describe '#move_after' do
+    it 'moves item after' do
+      [item1, item2].each(&:move_to_end)
+
+      item1.move_after(item2)
+
+      expect(item1.relative_position).to be > item2.relative_position
+    end
+  end
+
+  describe '#move_to_end' do
+    before do
+      [item1, item2].each do |item1|
+        item1.move_to_end && item1.save
+      end
+    end
+
+    it 'moves item to the end' do
+      new_item.move_to_end
+
+      expect(new_item.relative_position).to be > item2.relative_position
+    end
+  end
+
+  describe '#shift_after?' do
+    before do
+      [item1, item2].each do |item1|
+        item1.move_to_end && item1.save
+      end
+    end
+
+    it 'returns true' do
+      item1.update(relative_position: item2.relative_position - 1)
+
+      expect(item1.shift_after?).to be_truthy
+    end
+
+    it 'returns false' do
+      item1.update(relative_position: item2.relative_position - 2)
+
+      expect(item1.shift_after?).to be_falsey
+    end
+  end
+
+  describe '#shift_before?' do
+    before do
+      [item1, item2].each do |item1|
+        item1.move_to_end && item1.save
+      end
+    end
+
+    it 'returns true' do
+      item1.update(relative_position: item2.relative_position + 1)
+
+      expect(item1.shift_before?).to be_truthy
+    end
+
+    it 'returns false' do
+      item1.update(relative_position: item2.relative_position + 2)
+
+      expect(item1.shift_before?).to be_falsey
+    end
+  end
+
+  describe '#move_between' do
+    before do
+      [item1, item2].each do |item1|
+        item1.move_to_end && item1.save
+      end
+    end
+
+    it 'positions item between two other' do
+      new_item.move_between(item1, item2)
+
+      expect(new_item.relative_position).to be > item1.relative_position
+      expect(new_item.relative_position).to be < item2.relative_position
+    end
+
+    it 'positions item between on top' do
+      new_item.move_between(nil, item1)
+
+      expect(new_item.relative_position).to be < item1.relative_position
+    end
+
+    it 'positions item between to end' do
+      new_item.move_between(item2, nil)
+
+      expect(new_item.relative_position).to be > item2.relative_position
+    end
+
+    it 'positions items even when after and before positions are the same' do
+      item2.update relative_position: item1.relative_position
+
+      new_item.move_between(item1, item2)
+
+      expect(new_item.relative_position).to be > item1.relative_position
+      expect(item1.relative_position).to be < item2.relative_position
+    end
+
+    it 'positions items between other two if distance is 1' do
+      item2.update relative_position: item1.relative_position + 1
+
+      new_item.move_between(item1, item2)
+
+      expect(new_item.relative_position).to be > item1.relative_position
+      expect(item1.relative_position).to be < item2.relative_position
+    end
+
+    it 'positions item in the middle of other two if distance is big enough' do
+      item1.update relative_position: 6000
+      item2.update relative_position: 10000
+
+      new_item.move_between(item1, item2)
+
+      expect(new_item.relative_position).to eq(8000)
+    end
+
+    it 'positions item closer to the middle if we are at the very top' do
+      item2.update relative_position: 6000
+
+      new_item.move_between(nil, item2)
+
+      expect(new_item.relative_position).to eq(6000 - RelativePositioning::IDEAL_DISTANCE)
+    end
+
+    it 'positions item closer to the middle if we are at the very bottom' do
+      new_item.update relative_position: 1
+      item1.update relative_position: 6000
+      item2.destroy
+
+      new_item.move_between(item1, nil)
+
+      expect(new_item.relative_position).to eq(6000 + RelativePositioning::IDEAL_DISTANCE)
+    end
+
+    it 'positions item in the middle of other two if distance is not big enough' do
+      item1.update relative_position: 100
+      item2.update relative_position: 400
+
+      new_item.move_between(item1, item2)
+
+      expect(new_item.relative_position).to eq(250)
+    end
+
+    it 'positions item in the middle of other two is there is no place' do
+      item1.update relative_position: 100
+      item2.update relative_position: 101
+
+      new_item.move_between(item1, item2)
+
+      expect(new_item.relative_position).to be_between(item1.relative_position, item2.relative_position)
+    end
+
+    it 'uses rebalancing if there is no place' do
+      item1.update relative_position: 100
+      item2.update relative_position: 101
+      item3 = create_item(relative_position: 102)
+      new_item.update relative_position: 103
+
+      new_item.move_between(item2, item3)
+      new_item.save!
+
+      expect(new_item.relative_position).to be_between(item2.relative_position, item3.relative_position)
+      expect(item1.reload.relative_position).not_to eq(100)
+    end
+
+    it 'positions item right if we pass none-sequential parameters' do
+      item1.update relative_position: 99
+      item2.update relative_position: 101
+      item3 = create_item(relative_position: 102)
+      new_item.update relative_position: 103
+
+      new_item.move_between(item1, item3)
+      new_item.save!
+
+      expect(new_item.relative_position).to be(100)
+    end
+  end
+end
-- 
cgit v1.2.1


From 047a77c990293c0451858ffabcbd8e46bb50d9c7 Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Wed, 24 Jul 2019 12:25:43 +0000
Subject: Cross link to kaniko docs

Also make security warning more visible and
improves instructions.
---
 doc/ci/docker/using_docker_build.md | 28 +++++++++++++++++++---------
 doc/user/group/clusters/index.md    |  7 +++++++
 doc/user/project/clusters/index.md  | 13 +++++++++----
 3 files changed, 35 insertions(+), 13 deletions(-)

diff --git a/doc/ci/docker/using_docker_build.md b/doc/ci/docker/using_docker_build.md
index efdcaf5a6f5..9f1ce1fc230 100644
--- a/doc/ci/docker/using_docker_build.md
+++ b/doc/ci/docker/using_docker_build.md
@@ -6,7 +6,6 @@ type: concepts, howto
 
 GitLab CI/CD allows you to use Docker Engine to build and test docker-based projects.
 
-
 One of the new trends in Continuous Integration/Deployment is to:
 
 1. Create an application image.
@@ -29,7 +28,16 @@ during jobs.
 
 ## Runner Configuration
 
-There are three methods to enable the use of `docker build` and `docker run` during jobs; each with their own tradeoffs.
+There are three methods to enable the use of `docker build` and `docker run`
+during jobs; each with their own tradeoffs.
+
+An alternative to using `docker build` is to [use kaniko](using_kaniko.md).
+This avoids having to execute Runner in privileged mode.
+
+TIP: **Tip:**
+To see how Docker and Runner are configured for shared Runners on
+GitLab.com, see [GitLab.com Shared
+Runners](../../user/gitlab_com/index.md#shared-runners).
 
 ### Use shell executor
 
@@ -88,9 +96,9 @@ For more information please read [On Docker security: `docker` group considered
 The second approach is to use the special docker-in-docker (dind)
 [Docker image](https://hub.docker.com/_/docker/) with all tools installed
 (`docker`) and run the job script in context of that
-image in privileged mode. 
+image in privileged mode.
 
-NOTE: **Note:** `docker-compose` is not part of docker-in-docker (dind). In case you'd like to use `docker-compose` in your CI builds, please follow the [installation instructions for docker-compose](https://docs.docker.com/compose/install/) provided by docker. 
+NOTE: **Note:** `docker-compose` is not part of docker-in-docker (dind). In case you'd like to use `docker-compose` in your CI builds, please follow the [installation instructions for docker-compose](https://docs.docker.com/compose/install/) provided by docker.
 
 In order to do that, follow the steps:
 
@@ -115,6 +123,13 @@ In order to do that, follow the steps:
     want to use [docker-in-docker] mode, you always have to use `privileged = true`
     in your Docker containers.
 
+    DANGER: **Danger:**
+    By enabling `--docker-privileged`, you are effectively disabling all of
+    the security mechanisms of containers and exposing your host to privilege
+    escalation which can lead to container breakout. For more information, check
+    out the official Docker documentation on
+    [Runtime privilege and Linux capabilities][docker-cap].
+
     The above command will create a `config.toml` entry similar to this:
 
     ```toml
@@ -173,11 +188,6 @@ In order to do that, follow the steps:
 Docker-in-Docker works well, and is the recommended configuration, but it is
 not without its own challenges:
 
-- By enabling `--docker-privileged`, you are effectively disabling all of
-  the security mechanisms of containers and exposing your host to privilege
-  escalation which can lead to container breakout. For more information, check
-  out the official Docker documentation on
-  [Runtime privilege and Linux capabilities][docker-cap].
 - When using docker-in-docker, each job is in a clean environment without the past
   history. Concurrent jobs work fine because every build gets it's own
   instance of Docker engine so they won't conflict with each other. But this
diff --git a/doc/user/group/clusters/index.md b/doc/user/group/clusters/index.md
index 99589cb1915..625c5440ec0 100644
--- a/doc/user/group/clusters/index.md
+++ b/doc/user/group/clusters/index.md
@@ -137,6 +137,13 @@ The result will then be:
 - The Staging cluster will be used for the `deploy to staging` job.
 - The Production cluster will be used for the `deploy to production` job.
 
+## Security of Runners
+
+For important information about securely configuring GitLab Runners, see
+[Security of
+Runners](../../project/clusters/index.md#security-of-gitlab-runners)
+documentation for project-level clusters.
+
 <!-- ## Troubleshooting
 
 Include any troubleshooting steps that you can foresee. If you know beforehand what issues
diff --git a/doc/user/project/clusters/index.md b/doc/user/project/clusters/index.md
index 4c247691757..35f2976899b 100644
--- a/doc/user/project/clusters/index.md
+++ b/doc/user/project/clusters/index.md
@@ -343,10 +343,15 @@ turn can do almost everything that the host can do. Be aware of the
 inherent security risk associated with performing `docker run` operations on
 arbitrary images as they effectively have root access.
 
-If you don't want to use GitLab Runner in privileged mode, first make sure that
-you don't have it installed via the applications, and then use the
-[Runner's Helm chart](../../../install/kubernetes/gitlab_runner_chart.md) to
-install it manually.
+If you don't want to use GitLab Runner in privileged mode, either:
+
+- Use shared Runners on GitLab.com. They don't have this security issue.
+- Set up your own Runners using configuration described at
+  [Shared Runners](../../gitlab_com/index.md#shared-runners). This involves:
+  1. Making sure that you don't have it installed via
+     [the applications](#installing-applications).
+  1. Installing a Runner
+     [using `docker+machine`](https://docs.gitlab.com/runner/executors/docker_machine.html).
 
 ## Installing applications
 
-- 
cgit v1.2.1


From 105bb6ffca3d53b81ee8d1cce6521ed28c2b1ba7 Mon Sep 17 00:00:00 2001
From: Steve Azzopardi <sazzopardi@gitlab.com>
Date: Wed, 24 Jul 2019 12:58:15 +0000
Subject: Add Go test guidelines

---
 doc/development/go_guide/index.md | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)

diff --git a/doc/development/go_guide/index.md b/doc/development/go_guide/index.md
index f827d240bf6..9f0ac8cc753 100644
--- a/doc/development/go_guide/index.md
+++ b/doc/development/go_guide/index.md
@@ -173,6 +173,45 @@ func Test(t *testing.T) {
 }
 ```
 
+### Table-Driven Tests
+
+Using [Table-Driven Tests](https://github.com/golang/go/wiki/TableDrivenTests)
+is generally good practice when you have multiple entries of
+inputs/outputs for the same function. Below are some guidelines one can
+follow when writing table-driven test. These guidelines are mostly
+extracted from Go standard library source code. Keep in mind it's OK not
+to follow these guidelines when it makes sense.
+
+#### Defining test cases
+
+Each table entry is a complete test case with inputs and expected
+results, and sometimes with additional information such as a test name
+to make the test output easily readable.
+
+- [Define a slice of anonymous struct](https://github.com/golang/go/blob/50bd1c4d4eb4fac8ddeb5f063c099daccfb71b26/src/encoding/csv/reader_test.go#L16)
+  inside of the test.
+- [Define a slice of anonymous struct](https://github.com/golang/go/blob/55d31e16c12c38d36811bdee65ac1f7772148250/src/cmd/go/internal/module/module_test.go#L9-L66)
+  outside of the test.
+- [Named structs](https://github.com/golang/go/blob/2e0cd2aef5924e48e1ceb74e3d52e76c56dd34cc/src/cmd/go/internal/modfetch/coderepo_test.go#L54-L69)
+  for code reuse.
+- [Using `map[string]struct{}`](https://github.com/golang/go/blob/6d5caf38e37bf9aeba3291f1f0b0081f934b1187/src/cmd/trace/annotations_test.go#L180-L235).
+
+#### Contents of the test case
+
+- Ideally, each test case should have a field with a unique identifier
+  to use for naming subtests. In the Go standard library, this is commonly the
+  `name string` field.
+- Use `want`/`expect`/`actual` when you are specifcing something in the
+  test case that will be used for assertion.
+
+#### Variable names
+
+- Each table-driven test map/slice of struct can be named `tests`.
+- When looping through `tests` the anonymous struct can be referred
+  to as `tt` or `tc`.
+- The description of the test can be referred to as
+  `name`/`testName`/`tn`.
+
 ### Benchmarks
 
 Programs handling a lot of IO or complex operations should always include
-- 
cgit v1.2.1


From ea2a64c3ace77b23420e6bb60492af03492e0aa4 Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Wed, 24 Jul 2019 13:07:42 +0000
Subject: Improve code quality documentation

---
 doc/user/project/merge_requests/code_quality.md | 79 ++++++++++++++++++-------
 1 file changed, 59 insertions(+), 20 deletions(-)

diff --git a/doc/user/project/merge_requests/code_quality.md b/doc/user/project/merge_requests/code_quality.md
index ad1d79ae5b1..eb6e454062a 100644
--- a/doc/user/project/merge_requests/code_quality.md
+++ b/doc/user/project/merge_requests/code_quality.md
@@ -9,8 +9,18 @@ in [GitLab Starter](https://about.gitlab.com/pricing/) 9.3.
 
 With the help of [GitLab CI/CD](../../../ci/README.md), you can analyze your
 source code quality using GitLab Code Quality.
-Code Quality uses [Code Climate Engines](https://codeclimate.com), which are
-free and open source. Code Quality doesn't require a Code Climate subscription.
+
+Code Quality:
+
+- Uses [Code Climate Engines](https://codeclimate.com), which are
+  free and open source. Code Quality doesn't require a Code Climate
+  subscription.
+- Runs in [pipelines](../../../ci/pipelines.md) using an Docker image built in
+  [GitLab Code
+  Quality](https://gitlab.com/gitlab-org/security-products/codequality) project.
+- Can make use of a [template](#template-and-examples).
+- Is available with [Auto
+  DevOps](../../../topics/autodevops/index.md#auto-code-quality-starter).
 
 Going a step further, GitLab can show the Code Quality report right
 in the merge request widget area:
@@ -21,22 +31,48 @@ in the merge request widget area:
 
 For instance, consider the following workflow:
 
-1. Your backend team member starts a new implementation for making a certain feature in your app faster
-1. With Code Quality reports, they analyze how their implementation is impacting the code quality
-1. The metrics show that their code degrade the quality in 10 points
-1. You ask a co-worker to help them with this modification
-1. They both work on the changes until Code Quality report displays no degradations, only improvements
-1. You approve the merge request and authorize its deployment to staging
-1. Once verified, their changes are deployed to production
+1. Your backend team member starts a new implementation for making a certain
+   feature in your app faster.
+1. With Code Quality reports, they analyze how their implementation is impacting
+   the code quality.
+1. The metrics show that their code degrade the quality in 10 points.
+1. You ask a co-worker to help them with this modification.
+1. They both work on the changes until Code Quality report displays no
+   degradations, only improvements.
+1. You approve the merge request and authorize its deployment to staging.
+1. Once verified, their changes are deployed to production.
+
+## Template and examples
+
+For most GitLab instances, the supplied template is the preferred method of
+implementing Code Quality. See
+[Analyze your project's Code Quality](../../../ci/examples/code_quality.md) for:
+
+- Information on the builtin GitLab Code Quality template.
+- Examples of manual GitLab configuration for earlier GitLab versions.
 
-## How it works
+## Configuring jobs using variables
 
-First of all, you need to define a job in your `.gitlab-ci.yml` file that generates the
-[Code Quality report artifact](../../../ci/yaml/README.md#artifactsreportscodequality-starter).
+The Code Quality job supports environment variables that users can set to
+configure job execution at runtime.
 
-The Code Quality report artifact is a subset of the
-[Code Climate spec](https://github.com/codeclimate/spec/blob/master/SPEC.md#data-types).
-It must be a JSON file containing an array of objects with the following properties:
+For a list of available environment variables, see
+[Environment variables](https://gitlab.com/gitlab-org/security-products/codequality/blob/master/README.md#environment-variables).
+
+## Implementing a custom tool
+
+It's possible to have a custom tool provide Code Quality reports in GitLab. To
+do this:
+
+1. Define a job in your `.gitlab-ci.yml` file that generates the
+   [Code Quality report
+   artifact](../../../ci/yaml/README.md#artifactsreportscodequality-starter).
+1. Configure your tool to generate the Code Quality report artifact as a JSON
+   file that implements subset of the [Code Climate
+   spec](https://github.com/codeclimate/spec/blob/master/SPEC.md#data-types).
+
+The Code Quality report artifact JSON file must contain an array of objects
+with the following properties:
 
 | Name                   | Description                                                                            |
 | ---------------------- | -------------------------------------------------------------------------------------- |
@@ -63,13 +99,16 @@ Example:
 ```
 
 NOTE: **Note:**
-Although the Code Climate spec supports more properties, those are ignored by GitLab.
+Although the Code Climate spec supports more properties, those are ignored by
+GitLab.
+
+## Code Quality reports
 
-For more information on what the Code Quality job should look like, check the
-example on [analyzing a project's code quality](../../../ci/examples/code_quality.md).
+Once the Code Quality job has completed, GitLab:
 
-GitLab then checks this report, compares the metrics between the source and target
-branches, and shows the information right on the merge request.
+- Checks the generated report.
+- Compares the metrics between the source and target branches.
+- Shows the information right on the merge request.
 
 If multiple jobs in a pipeline generate a code quality artifact, only the artifact from
 the last created job (the job with the largest job ID) is used. To avoid confusion,
-- 
cgit v1.2.1


From 74a34e8b7bd3019b63eeae58abc7185c122bc528 Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Wed, 24 Jul 2019 13:10:06 +0000
Subject: Clean up headers in markdown

Some markdown headers needed tweaking to adhere
to standards, including blank lines above and below,
only one space after hash, first header should be
h1, and only one h1 per doc
---
 doc/administration/troubleshooting/debug.md          |  2 +-
 doc/api/epics.md                                     |  2 +-
 doc/ci/pipelines.md                                  |  2 +-
 doc/development/contributing/community_roles.md      |  2 +-
 doc/development/fe_guide/axios.md                    |  3 +++
 doc/development/fe_guide/style_guide_scss.md         |  1 +
 doc/development/module_with_instance_variables.md    | 20 ++++++++++----------
 .../new_fe_guide/development/accessibility.md        |  5 +++++
 doc/development/new_fe_guide/style/index.md          |  2 +-
 doc/development/verifying_database_capabilities.md   |  2 +-
 doc/user/admin_area/settings/usage_statistics.md     |  4 ++--
 .../integrations/prometheus_library/haproxy.md       |  1 +
 12 files changed, 28 insertions(+), 18 deletions(-)

diff --git a/doc/administration/troubleshooting/debug.md b/doc/administration/troubleshooting/debug.md
index 098d946a9fa..604dff5983d 100644
--- a/doc/administration/troubleshooting/debug.md
+++ b/doc/administration/troubleshooting/debug.md
@@ -209,7 +209,7 @@ ps auwx | grep unicorn | awk '{ print " -p " $2}' | xargs strace -tt -T -f -s 10
 
 The output in `/tmp/unicorn.txt` may help diagnose the root cause.
 
-# More information
+## More information
 
 - [Debugging Stuck Ruby Processes](https://blog.newrelic.com/2013/04/29/debugging-stuck-ruby-processes-what-to-do-before-you-kill-9/)
 - [Cheatsheet of using gdb and ruby processes](gdb-stuck-ruby.txt)
diff --git a/doc/api/epics.md b/doc/api/epics.md
index d05eb0a8804..3036b3c2364 100644
--- a/doc/api/epics.md
+++ b/doc/api/epics.md
@@ -10,7 +10,7 @@ If epics feature is not available a `403` status code will be returned.
 
 The [epic issues API](epic_issues.md) allows you to interact with issues associated with an epic.
 
-# Milestone dates integration
+## Milestone dates integration
 
 > [Introduced][ee-6448] in GitLab 11.3.
 
diff --git a/doc/ci/pipelines.md b/doc/ci/pipelines.md
index 06a81c3d0c7..98f30350968 100644
--- a/doc/ci/pipelines.md
+++ b/doc/ci/pipelines.md
@@ -345,7 +345,7 @@ GitLab provides API endpoints to:
   - [Triggering pipelines through the API](triggers/README.md).
   - [Pipeline triggers API](../api/pipeline_triggers.md).
 
-### Start multiple manual actions in a stage
+### Start multiple manual actions in a stage
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/27188) in GitLab 11.11.
 
diff --git a/doc/development/contributing/community_roles.md b/doc/development/contributing/community_roles.md
index 3296cb173d7..7d2d1b77a0e 100644
--- a/doc/development/contributing/community_roles.md
+++ b/doc/development/contributing/community_roles.md
@@ -1,4 +1,4 @@
-### Community members & roles
+# Community members & roles
 
 GitLab community members and their privileges/responsibilities.
 
diff --git a/doc/development/fe_guide/axios.md b/doc/development/fe_guide/axios.md
index 0d9397c3bd5..09b4a3c3d96 100644
--- a/doc/development/fe_guide/axios.md
+++ b/doc/development/fe_guide/axios.md
@@ -1,15 +1,18 @@
 # Axios
+
 We use [axios][axios] to communicate with the server in Vue applications and most new code.
 
 In order to guarantee all defaults are set you *should not use `axios` directly*, you should import `axios` from `axios_utils`.
 
 ## CSRF token
+
 All our request require a CSRF token.
 To guarantee this token is set, we are importing [axios][axios], setting the token, and exporting `axios` .
 
 This exported module should be used instead of directly using `axios` to ensure the token is set.
 
 ## Usage
+
 ```javascript
   import axios from './lib/utils/axios_utils';
 
diff --git a/doc/development/fe_guide/style_guide_scss.md b/doc/development/fe_guide/style_guide_scss.md
index f895cfd36ac..95c4a094c04 100644
--- a/doc/development/fe_guide/style_guide_scss.md
+++ b/doc/development/fe_guide/style_guide_scss.md
@@ -212,6 +212,7 @@ selectors are intended for use only with JavaScript to allow for removal or
 renaming without breaking styling.
 
 ### IDs
+
 Don't use ID selectors in CSS.
 
 ```scss
diff --git a/doc/development/module_with_instance_variables.md b/doc/development/module_with_instance_variables.md
index 7bdfa04fc57..443eee0b62c 100644
--- a/doc/development/module_with_instance_variables.md
+++ b/doc/development/module_with_instance_variables.md
@@ -1,6 +1,6 @@
-## Modules with instance variables could be considered harmful
+# Modules with instance variables could be considered harmful
 
-### Background
+## Background
 
 Rails somehow encourages people using modules and instance variables
 everywhere. For example, using instance variables in the controllers,
@@ -9,7 +9,7 @@ helpers, and views. They're also encouraging the use of
 saving everything in a giant, single object, and people could access
 everything in that one giant object.
 
-### The problems
+## The problems
 
 Of course this is convenient to develop, because we just have everything
 within reach. However this has a number of downsides when that chosen object
@@ -24,7 +24,7 @@ manipulated from 3 different modules. It's hard to track when those variables
 start giving us troubles. We don't know which module would suddenly change
 one of the variables. Everything could touch anything.
 
-### Similar concerns
+## Similar concerns
 
 People are saying multiple inheritance is bad. Mixing multiple modules with
 multiple instance variables scattering everywhere suffer from the same issue.
@@ -40,7 +40,7 @@ Note that `included` doesn't solve the whole issue. They define the
 dependencies, but they still allow each modules to talk implicitly via the
 instance variables in the final giant object, and that's where the problem is.
 
-### Solutions
+## Solutions
 
 We should split the giant object into multiple objects, and they communicate
 with each other with the API, i.e. public methods. In short, composition over
@@ -53,7 +53,7 @@ With clearly defined API, this would make things less coupled and much easier
 to debug and track, and much more extensible for other objects to use, because
 they communicate in a clear way, rather than implicit dependencies.
 
-### Acceptable use
+## Acceptable use
 
 However, it's not always bad to use instance variables in a module,
 as long as it's contained in the same module; that is, no other modules or
@@ -74,7 +74,7 @@ Unfortunately it's not easy to code more complex rules into the cop, so
 we rely on people's best judgement. If we could find another good pattern
 we could easily add to the cop, we should do it.
 
-### How to rewrite and avoid disabling this cop
+## How to rewrite and avoid disabling this cop
 
 Even if we could just disable the cop, we should avoid doing so. Some code
 could be easily rewritten in simple form. Consider this acceptable method:
@@ -181,7 +181,7 @@ rather than whatever includes the module, and those modules which were also
 included, making it much easier to track down any issues,
 and reducing the chance of having name conflicts.
 
-### How to disable this cop
+## How to disable this cop
 
 Put the disabling comment right after your code in the same line:
 
@@ -210,14 +210,14 @@ end
 Note that you need to enable it at some point, otherwise everything below
 won't be checked.
 
-### Things we might need to ignore right now
+## Things we might need to ignore right now
 
 Because of the way Rails helpers and mailers work, we might not be able to
 avoid the use of instance variables there. For those cases, we could ignore
 them at the moment. At least we're not going to share those modules with
 other random objects, so they're still somewhat isolated.
 
-### Instance variables in views
+## Instance variables in views
 
 They're bad because we can't easily tell who's using the instance variables
 (from controller's point of view) and where we set them up (from partials'
diff --git a/doc/development/new_fe_guide/development/accessibility.md b/doc/development/new_fe_guide/development/accessibility.md
index 81a29170129..ae5c4c6a6cc 100644
--- a/doc/development/new_fe_guide/development/accessibility.md
+++ b/doc/development/new_fe_guide/development/accessibility.md
@@ -1,17 +1,21 @@
 # Accessiblity
+
 Using semantic HTML plays a key role when it comes to accessibility.
 
 ## Accessible Rich Internet Applications - ARIA
+
 WAI-ARIA, the Accessible Rich Internet Applications specification, defines a way to make Web content and Web applications more accessible to people with disabilities.
 
 > Note: It is [recommended][using-aria] to use semantic elements as the primary method to achieve accessibility rather than adding aria attributes. Adding aria attributes should be seen as a secondary method for creating accessible elements.
 
 ### Role
+
 The `role` attribute describes the role the element plays in the context of the document.
 
 Check the list of WAI-ARIA roles [here][roles]
 
 ## Icons
+
 When using icons or images that aren't absolutely needed to understand the context, we should use `aria-hidden="true"`.
 
 On the other hand, if an icon is crucial to understand the context we should do one of the following:
@@ -20,6 +24,7 @@ On the other hand, if an icon is crucial to understand the context we should do
 1. Use `aria-labelledby` to point to an element that contains the explanation for that icon
 
 ## Form inputs
+
 In forms we should use the `for` attribute in the label statement:
 
 ```
diff --git a/doc/development/new_fe_guide/style/index.md b/doc/development/new_fe_guide/style/index.md
index 335d9e66240..f073dc56f1f 100644
--- a/doc/development/new_fe_guide/style/index.md
+++ b/doc/development/new_fe_guide/style/index.md
@@ -8,7 +8,7 @@
 
 ## [Vue style guide](vue.md)
 
-# Tooling
+## Tooling
 
 ## [Prettier](prettier.md)
 
diff --git a/doc/development/verifying_database_capabilities.md b/doc/development/verifying_database_capabilities.md
index 661ab9cef1a..ccec6f7d719 100644
--- a/doc/development/verifying_database_capabilities.md
+++ b/doc/development/verifying_database_capabilities.md
@@ -25,7 +25,7 @@ else
 end
 ```
 
-# Read-only database
+## Read-only database
 
 The database can be used in read-only mode. In this case we have to
 make sure all GET requests don't attempt any write operations to the
diff --git a/doc/user/admin_area/settings/usage_statistics.md b/doc/user/admin_area/settings/usage_statistics.md
index f698e0a1608..516600c9d99 100644
--- a/doc/user/admin_area/settings/usage_statistics.md
+++ b/doc/user/admin_area/settings/usage_statistics.md
@@ -52,8 +52,8 @@ You can view the exact JSON payload in the administration panel. To view the pay
 1. Expand **Settings** in the left sidebar and click on **Metrics and profiling**.
 1. Expand **Usage statistics** and click on the **Preview payload** button.
 
-You can see how [the usage ping data maps to different stages of the product](https://gitlab.com/gitlab-data/analytics/blob/master/transform/snowflake-dbt/data/ping_metrics_to_stage_mapping_data.csv). 
- 
+You can see how [the usage ping data maps to different stages of the product](https://gitlab.com/gitlab-data/analytics/blob/master/transform/snowflake-dbt/data/ping_metrics_to_stage_mapping_data.csv).
+
 ### Deactivate the usage ping
 
 The usage ping is opt-out. If you want to deactivate this feature, go to
diff --git a/doc/user/project/integrations/prometheus_library/haproxy.md b/doc/user/project/integrations/prometheus_library/haproxy.md
index 6be8fc82431..90a725f271b 100644
--- a/doc/user/project/integrations/prometheus_library/haproxy.md
+++ b/doc/user/project/integrations/prometheus_library/haproxy.md
@@ -1,4 +1,5 @@
 # Monitoring HAProxy
+
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12621) in GitLab 9.4
 
 GitLab has support for automatically detecting and monitoring HAProxy. This is provided by leveraging the [HAProxy Exporter](https://github.com/prometheus/haproxy_exporter), which translates HAProxy statistics into a Prometheus readable form.
-- 
cgit v1.2.1


From 9a5ffe4057ddf8ec3a90975f49a56cd509db6bf8 Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Wed, 24 Jul 2019 13:25:55 +0000
Subject: Improve the Auto DevOps topic a bit

---
 doc/topics/autodevops/index.md                    | 103 +++++++++++-----------
 doc/user/project/clusters/eks_and_gitlab/index.md |   2 +-
 2 files changed, 53 insertions(+), 52 deletions(-)

diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md
index 30b9e88ade8..7e1cf03908d 100644
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -1,6 +1,7 @@
 # Auto DevOps
 
-> [Introduced][ce-37115] in GitLab 10.0. Generally available on GitLab 11.0.
+> - [Introduced][ce-37115] in GitLab 10.0.
+> - Generally available on GitLab 11.0.
 
 Auto DevOps provides pre-defined CI/CD configuration which allows you to automatically detect, build, test,
 deploy, and monitor your applications. Leveraging CI/CD best practices and tools, Auto DevOps aims
@@ -43,16 +44,16 @@ platform or a Platform as a Service (PaaS). It takes inspiration from the
 innovative work done by [Heroku](https://www.heroku.com/) and goes beyond it
 in multiple ways:
 
-1. Auto DevOps works with any Kubernetes cluster; you're not limited to running
-   on GitLab's infrastructure. (Note that many features also work without Kubernetes.)
-1. There is no additional cost (no markup on the infrastructure costs), and you
-   can use a self-hosted Kubernetes cluster or Containers as a Service on any
-   public cloud (for example, [Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine/)).
-1. Auto DevOps has more features including security testing, performance testing,
-   and code quality testing.
-1. Auto DevOps offers an incremental graduation path. If you need advanced customizations,
-   you can start modifying the templates without having to start over on a
-   completely different platform. Review the [customizing](#customizing) section for more information.
+- Auto DevOps works with any Kubernetes cluster; you're not limited to running
+  on GitLab's infrastructure. (Note that many features also work without Kubernetes).
+- There is no additional cost (no markup on the infrastructure costs), and you
+  can use a self-hosted Kubernetes cluster or Containers as a Service on any
+  public cloud (for example, [Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine/)).
+- Auto DevOps has more features including security testing, performance testing,
+  and code quality testing.
+- Auto DevOps offers an incremental graduation path. If you need advanced customizations,
+  you can start modifying the templates without having to start over on a
+  completely different platform. Review the [customizing](#customizing) section for more information.
 
 ## Features
 
@@ -90,38 +91,38 @@ For an overview on the creation of Auto DevOps, read the blog post [From 2/3 of
 
 To make full use of Auto DevOps, you will need:
 
-1. **GitLab Runner** (needed for all stages) - Your Runner needs to be
-   configured to be able to run Docker. Generally this means using the
-   [Docker](https://docs.gitlab.com/runner/executors/docker.html) or [Kubernetes
-   executor](https://docs.gitlab.com/runner/executors/kubernetes.html), with
-   [privileged mode enabled](https://docs.gitlab.com/runner/executors/docker.html#use-docker-in-docker-with-privileged-mode).
-   The Runners do not need to be installed in the Kubernetes cluster, but the
-   Kubernetes executor is easy to use and is automatically autoscaling.
-   Docker-based Runners can be configured to autoscale as well, using [Docker
-   Machine](https://docs.gitlab.com/runner/install/autoscaling.html). Runners
-   should be registered as [shared Runners](../../ci/runners/README.md#registering-a-shared-runner)
-   for the entire GitLab instance, or [specific Runners](../../ci/runners/README.md#registering-a-specific-runner)
-   that are assigned to specific projects.
-1. **Base domain** (needed for Auto Review Apps and Auto Deploy) - You will need
-   a domain configured with wildcard DNS which is going to be used by all of your
-   Auto DevOps applications. [Read the specifics](#auto-devops-base-domain).
-1. **Kubernetes** (needed for Auto Review Apps, Auto Deploy, and Auto Monitoring) -
-   To enable deployments, you will need Kubernetes 1.5+. You need a [Kubernetes cluster][kubernetes-clusters]
-   for the project, or a Kubernetes [default service template](../../user/project/integrations/services_templates.md)
-   for the entire GitLab installation.
-   1. **A load balancer** - You can use NGINX ingress by deploying it to your
-      Kubernetes cluster using the
-      [`nginx-ingress`](https://github.com/kubernetes/charts/tree/master/stable/nginx-ingress)
-      Helm chart.
-1. **Prometheus** (needed for Auto Monitoring) - To enable Auto Monitoring, you
-   will need Prometheus installed somewhere (inside or outside your cluster) and
-   configured to scrape your Kubernetes cluster. To get response metrics
-   (in addition to system metrics), you need to
-   [configure Prometheus to monitor NGINX](../../user/project/integrations/prometheus_library/nginx_ingress.md#configuring-nginx-ingress-monitoring).
-   The [Prometheus service](../../user/project/integrations/prometheus.md)
-   integration needs to be enabled for the project, or enabled as a
-   [default service template](../../user/project/integrations/services_templates.md)
-   for the entire GitLab installation.
+- **GitLab Runner** (needed for all stages) - Your Runner needs to be
+  configured to be able to run Docker. Generally this means using the
+  [Docker](https://docs.gitlab.com/runner/executors/docker.html) or [Kubernetes
+  executor](https://docs.gitlab.com/runner/executors/kubernetes.html), with
+  [privileged mode enabled](https://docs.gitlab.com/runner/executors/docker.html#use-docker-in-docker-with-privileged-mode).
+  The Runners do not need to be installed in the Kubernetes cluster, but the
+  Kubernetes executor is easy to use and is automatically autoscaling.
+  Docker-based Runners can be configured to autoscale as well, using [Docker
+  Machine](https://docs.gitlab.com/runner/install/autoscaling.html). Runners
+  should be registered as [shared Runners](../../ci/runners/README.md#registering-a-shared-runner)
+  for the entire GitLab instance, or [specific Runners](../../ci/runners/README.md#registering-a-specific-runner)
+  that are assigned to specific projects.
+- **Base domain** (needed for Auto Review Apps and Auto Deploy) - You will need
+  a domain configured with wildcard DNS which is going to be used by all of your
+  Auto DevOps applications. [Read the specifics](#auto-devops-base-domain).
+- **Kubernetes** (needed for Auto Review Apps, Auto Deploy, and Auto Monitoring) -
+  To enable deployments, you will need Kubernetes 1.5+. You need a [Kubernetes cluster][kubernetes-clusters]
+  for the project, or a Kubernetes [default service template](../../user/project/integrations/services_templates.md)
+  for the entire GitLab installation.
+  - **A load balancer** - You can use NGINX ingress by deploying it to your
+    Kubernetes cluster using the
+    [`nginx-ingress`](https://github.com/kubernetes/charts/tree/master/stable/nginx-ingress)
+    Helm chart.
+- **Prometheus** (needed for Auto Monitoring) - To enable Auto Monitoring, you
+  will need Prometheus installed somewhere (inside or outside your cluster) and
+  configured to scrape your Kubernetes cluster. To get response metrics
+  (in addition to system metrics), you need to
+  [configure Prometheus to monitor NGINX](../../user/project/integrations/prometheus_library/nginx_ingress.md#configuring-nginx-ingress-monitoring).
+  The [Prometheus service](../../user/project/integrations/prometheus.md)
+  integration needs to be enabled for the project, or enabled as a
+  [default service template](../../user/project/integrations/services_templates.md)
+  for the entire GitLab installation.
 
 If you do not have Kubernetes or Prometheus installed, then Auto Review Apps,
 Auto Deploy, and Auto Monitoring will be silently skipped.
@@ -147,7 +148,7 @@ NOTE: **Note**
 A wildcard DNS A record matching the base domain(s) is required, for example,
 given a base domain of `example.com`, you'd need a DNS entry like:
 
-```
+```text
 *.example.com   3600     A     1.2.3.4
 ```
 
@@ -224,7 +225,7 @@ full use of Auto DevOps are available. If this is your fist time, we recommend y
 GitLab.com users can enable/disable Auto DevOps at the project-level only. Self-managed users
 can enable/disable Auto DevOps at the project-level, group-level or instance-level.
 
-### Enabling/disabling Auto DevOps at the instance-level (Administrators only)
+### At the instance level (Administrators only)
 
 Even when disabled at the instance level, group owners and project maintainers can still enable
 Auto DevOps at the group and project level, respectively.
@@ -234,7 +235,7 @@ Auto DevOps at the group and project level, respectively.
 1. If enabling, optionally set up the Auto DevOps [base domain](#auto-devops-base-domain) which will be used for Auto Deploy and Auto Review Apps.
 1. Click **Save changes** for the changes to take effect.
 
-### Enabling/disabling Auto DevOps at the group-level
+### At the group level
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/52447) in GitLab 11.10.
 
@@ -250,7 +251,7 @@ When enabling or disabling Auto DevOps at group-level, group configuration will
 the subgroups and projects inside that group, unless Auto DevOps is specifically enabled or disabled on
 the subgroup or project.
 
-### Enabling/disabling Auto DevOps at the project-level
+### At the project level
 
 If enabling, check that your project doesn't have a `.gitlab-ci.yml`, or if one exists, remove it.
 
@@ -263,7 +264,7 @@ If enabling, check that your project doesn't have a `.gitlab-ci.yml`, or if one
 
 When the feature has been enabled, an Auto DevOps pipeline is triggered on the default branch.
 
-### Feature flag to enable for a percentage of projects
+### Enable for a percentage of projects
 
 There is also a feature flag to enable Auto DevOps by default to your chosen percentage of projects.
 
@@ -371,7 +372,7 @@ Any differences between the source and target branches are also
 Static Application Security Testing (SAST) uses the
 [SAST Docker image](https://gitlab.com/gitlab-org/security-products/sast) to run static
 analysis on the current code and checks for potential security issues. The
-the Auto SAST stage will be skipped on licenses other than Ultimate and requires GitLab Runner 11.5 or above.
+Auto SAST stage will be skipped on licenses other than Ultimate and requires GitLab Runner 11.5 or above.
 
 Once the report is created, it's uploaded as an artifact which you can later download and
 check out.
@@ -488,7 +489,7 @@ Any security warnings are also shown in the merge request widget. Read how
 
 Auto Browser Performance Testing utilizes the [Sitespeed.io container](https://hub.docker.com/r/sitespeedio/sitespeed.io/) to measure the performance of a web page. A JSON report is created and uploaded as an artifact, which includes the overall performance score for each page. By default, the root page of Review and Production environments will be tested. If you would like to add additional URL's to test, simply add the paths to a file named `.gitlab-urls.txt` in the root directory, one per line. For example:
 
-```
+```text
 /
 /features
 /direction
@@ -1009,7 +1010,7 @@ multi-buildpack does not.
 
 As of GitLab 10.0, the supported buildpacks are:
 
-```
+```text
 - heroku-buildpack-multi     v1.0.0
 - heroku-buildpack-ruby      v168
 - heroku-buildpack-nodejs    v99
diff --git a/doc/user/project/clusters/eks_and_gitlab/index.md b/doc/user/project/clusters/eks_and_gitlab/index.md
index 55a9fbabf98..28f3420de35 100644
--- a/doc/user/project/clusters/eks_and_gitlab/index.md
+++ b/doc/user/project/clusters/eks_and_gitlab/index.md
@@ -253,7 +253,7 @@ With RBAC disabled and services deployed,
 [Auto DevOps](../../../../topics/autodevops/index.md) can now be leveraged
 to build, test, and deploy the app.
 
-[Enable Auto DevOps](../../../../topics/autodevops/index.md#enablingdisabling-auto-devops-at-the-project-level)
+[Enable Auto DevOps](../../../../topics/autodevops/index.md#at-the-project-level)
 if not already enabled. If a wildcard DNS entry was created resolving to the
 Load Balancer, enter it in the `domain` field under the Auto DevOps settings.
 Otherwise, the deployed app will not be externally available outside of the cluster.
-- 
cgit v1.2.1


From b8683c266d623b6e51b0254ce38ad7a8edece7f4 Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Wed, 24 Jul 2019 13:28:46 +0000
Subject: Better information on blocking users

---
 doc/user/abuse_reports.md                  | 22 +++++---
 doc/user/admin_area/abuse_reports.md       | 52 +++++++++++++++----
 doc/user/profile/account/delete_account.md | 82 +++++++++++++++++++++---------
 3 files changed, 115 insertions(+), 41 deletions(-)

diff --git a/doc/user/abuse_reports.md b/doc/user/abuse_reports.md
index 41ee7e62b2c..e6c86cc8f2e 100644
--- a/doc/user/abuse_reports.md
+++ b/doc/user/abuse_reports.md
@@ -1,6 +1,12 @@
 # Abuse reports
 
-Report abuse from users to GitLab administrators.
+You can report abuse from other GitLab users to GitLab administrators.
+
+A GitLab administrator [can then choose](admin_area/abuse_reports.md) to:
+
+- Remove the user, which deletes them from the instance.
+- Block the user, which denies them access to the instance.
+- Or remove the report, which retains the users access to the instance.
 
 You can report a user through their:
 
@@ -12,7 +18,8 @@ You can report a user through their:
 
 To report abuse from a user's profile page:
 
-1. Click on the exclamation point report abuse button at the top right of the user's profile.
+1. Click on the exclamation point report abuse button at the top right of the
+   user's profile.
 1. Complete an abuse report.
 1. Click the **Send report** button.
 
@@ -26,15 +33,18 @@ To report abuse from a user's comment:
 1. Click the **Send report** button.
 
 NOTE: **Note:**
-A URL to the reported user's comment will be
-pre-filled in the abuse report's **Message** field.
+A URL to the reported user's comment will be pre-filled in the abuse report's
+**Message** field.
 
 ## Reporting abuse through a user's issue or merge request
 
 The **Report abuse** button is displayed at the top right of the issue or merge request:
 
-- When **Report abuse** is selected from the menu that appears when the **Close issue** or **Close merge request** button is clicked, for users that have permission to close the issue or merge request.
-- When viewing the issue or merge request, for users that don't have permission to close the issue or merge request.
+- When **Report abuse** is selected from the menu that appears when the
+  **Close issue** or **Close merge request** button is clicked, for users that
+  have permission to close the issue or merge request.
+- When viewing the issue or merge request, for users that don't have permission
+  to close the issue or merge request.
 
 With the **Report abuse** button displayed, to submit an abuse report:
 
diff --git a/doc/user/admin_area/abuse_reports.md b/doc/user/admin_area/abuse_reports.md
index 01c2d9607f5..8088c33fc9c 100644
--- a/doc/user/admin_area/abuse_reports.md
+++ b/doc/user/admin_area/abuse_reports.md
@@ -2,30 +2,60 @@
 
 View and resolve abuse reports from GitLab users.
 
-Admins can view abuse reports in the admin area and are able to
-resolve the reports by removing the reported user, blocking the reported user, or removing the report.
+GitLab administrators can view and [resolve](#resolving-abuse-reports) abuse
+reports in the Admin Area.
 
 ## Reporting abuse
 
-To find out more about reporting abuse, see [abuse reports user documentation](../abuse_reports.md).
+To find out more about reporting abuse, see [abuse reports user
+documentation](../abuse_reports.md).
 
 ## Resolving abuse reports
 
-To access abuse reports, go to **Admin area > Abuse Reports**.
+To access abuse reports, go to **Admin Area > Abuse Reports**.
 
 There are 3 ways to resolve an abuse report, with a button for each method:
 
-- Remove user & report: [Deletes the reported user](../profile/account/delete_account.md) from the instance and removes the abuse report from the list.
-- Block user: Blocks the reported user from the instance and does not remove the abuse report from the list.
-- Remove report: Removes the abuse report from the list and does not restrict the access for the reported user.
+- Remove user & report. This will:
+  - [Delete the reported user](../profile/account/delete_account.md) from the
+    instance.
+  - Remove the abuse report from the list.
+- [Block user](#blocking-users).
+- Remove report. This will:
+  - Remove the abuse report from the list.
+  - Remove access restrictions for the reported user.
+
+The following is an example of the **Abuse Reports** page:
 
 ![abuse-reports-page-image](img/abuse_reports_page.png)
 
-## Blocked users
+### Blocking users
+
+A blocked user cannot log in or access any repositories, but all of their data
+remains.
+
+Blocking a user:
+
+- Leaves them in the abuse report list.
+- Changes the **Block user** button to a disabled **Already blocked** button.
 
-Blocking a user will not remove the abuse report from the list.
+The user will be notified with the
+[following message](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/app/workers/email_receiver_worker.rb#L38):
 
-Instead, the block button will be disabled and explain that the user is "Already blocked".
-You are still able to remove the user and/or report if necessary.
+```text
+Your account has been blocked. If you believe this is in error, contact a staff member.
+```
+
+After blocking, you can still either:
+
+- Remove the user and report if necessary.
+- Remove the report.
+
+The following is an example of a blocked user listed on the **Abuse Reports**
+page:
 
 ![abuse-report-blocked-user-image](img/abuse_report_blocked_user.png)
+
+NOTE: **Note:**
+Users can be [blocked](../../api/users.md#block-user) and
+[unblocked](../../api/users.md#unblock-user) using the GitLab API.
diff --git a/doc/user/profile/account/delete_account.md b/doc/user/profile/account/delete_account.md
index 304a7984191..cbee79de493 100644
--- a/doc/user/profile/account/delete_account.md
+++ b/doc/user/profile/account/delete_account.md
@@ -1,37 +1,71 @@
-# Deleting a User Account
+# Deleting a User account
+
+Users can be deleted from a GitLab instance, either by:
+
+- The user themselves.
+- An administrator.
 
 NOTE: **Note:**
 Deleting a user will delete all projects in that user namespace.
 
-- As a user, you can delete your own account by navigating to **Settings** > **Account** and selecting **Delete account**
-- As an admin, you can delete a user account by navigating to the **Admin Area**, selecting the **Users** tab, selecting a user, and clicking on **Delete user**
+## As a user
+
+As a user, you can delete your own account by:
+
+1. Clicking on your avatar.
+1. Navigating to **Settings > Account**.
+1. Selecting **Delete account**.
+
+## As an administrator
+
+As an administrator, you can delete a user account by:
+
+1. Navigating to **Admin Area > Overview > Users**.
+1. Selecting a user.
+1. Under the **Account** tab, clicking:
+   - **Delete user** to delete only the user but maintaining their
+     [associated records](#associated-records).
+   - **Delete user and contributions** to delete the user and
+     their associated records.
+
+### Blocking a user
+
+In addition to blocking a user
+[via an abuse report](../../admin_area/abuse_reports.md#blocking-users),
+a user can be blocked directly from the Admin area. To do this:
+
+1. Navigate to  **Admin Area > Overview > Users**.
+1. Selecting a user.
+1. Under the **Account** tab, click **Block user**.
 
 ## Associated Records
 
-> Introduced for issues in [GitLab 9.0][ce-7393], and for merge requests, award
-  emoji, notes, and abuse reports in [GitLab 9.1][ce-10467].
-  Hard deletion from abuse reports and spam logs was introduced in
-  [GitLab 9.1][ce-10273], and from the API in [GitLab 9.3][ce-11853].
+> - Introduced for issues in
+>   [GitLab 9.0](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7393).
+> - Introduced for merge requests, award emoji, notes, and abuse reports in
+>   [GitLab 9.1](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10467).
+> - Hard deletion from abuse reports and spam logs was introduced in
+>   [GitLab 9.1](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10273),
+>   and from the API in
+>   [GitLab 9.3](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11853).
 
 When a user account is deleted, not all associated records are deleted with it.
 Here's a list of things that will **not** be deleted:
 
-- Issues that the user created
-- Merge requests that the user created
-- Notes that the user created
-- Abuse reports that the user reported
-- Award emoji that the user created
+- Issues that the user created.
+- Merge requests that the user created.
+- Notes that the user created.
+- Abuse reports that the user reported.
+- Award emoji that the user created.
 
 Instead of being deleted, these records will be moved to a system-wide
-user with the username "Ghost User", whose sole purpose is to act as a container for such records. Any commits made by a deleted user will still display the username of the original user.
-
-When a user is deleted from an [abuse report](../../admin_area/abuse_reports.md) or spam log, these associated
-records are not ghosted and will be removed, along with any groups the user
-is a sole owner of. Administrators can also request this behaviour when
-deleting users from the [API](../../../api/users.md#user-deletion) or the
-admin area.
-
-[ce-7393]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7393
-[ce-10273]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10273
-[ce-10467]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10467
-[ce-11853]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11853
+user with the username "Ghost User", whose sole purpose is to act as a container
+for such records. Any commits made by a deleted user will still display the
+username of the original user.
+
+When a user is deleted from an [abuse report](../../admin_area/abuse_reports.md)
+or spam log, these associated records are not ghosted and will be removed, along
+with any groups the user is a sole owner of.
+
+Administrators can also request this behavior when deleting users from the
+[API](../../../api/users.md#user-deletion) or the Admin Area.
-- 
cgit v1.2.1


From a0adccd210e5dea3681a66a439502e075098e062 Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Wed, 24 Jul 2019 13:32:15 +0000
Subject: Fix some errors in Markdown files

---
 doc/administration/geo/replication/configuration.md          | 4 ++--
 doc/administration/geo/replication/updating_the_geo_nodes.md | 2 +-
 doc/api/README.md                                            | 2 +-
 doc/topics/autodevops/index.md                               | 2 +-
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/doc/administration/geo/replication/configuration.md b/doc/administration/geo/replication/configuration.md
index 0e11dffa0d6..fd076bb79d8 100644
--- a/doc/administration/geo/replication/configuration.md
+++ b/doc/administration/geo/replication/configuration.md
@@ -17,7 +17,7 @@ You are encouraged to first read through all the steps before executing them
 in your testing/production environment.
 
 NOTE: **Note:**
-**Do not** set up any custom authentication for the **secondary** nodes. This will be handled by the **primary** node.  
+**Do not** set up any custom authentication for the **secondary** nodes. This will be handled by the **primary** node.
 Any change that requires access to the **Admin Area** needs to be done in the
 **primary** node because the **secondary** node is a read-only replica.
 
@@ -242,7 +242,7 @@ node's Geo Nodes dashboard in your browser.
 ![Geo dashboard](img/geo_node_dashboard.png)
 
 If your installation isn't working properly, check the
-[troubleshooting document].
+[troubleshooting document](troubleshooting.md).
 
 The two most obvious issues that can become apparent in the dashboard are:
 
diff --git a/doc/administration/geo/replication/updating_the_geo_nodes.md b/doc/administration/geo/replication/updating_the_geo_nodes.md
index 166ee94eca4..550b3b07a95 100644
--- a/doc/administration/geo/replication/updating_the_geo_nodes.md
+++ b/doc/administration/geo/replication/updating_the_geo_nodes.md
@@ -251,7 +251,7 @@ Omnibus is the following:
 1. Check the steps about defining `postgresql['sql_user_password']`, `gitlab_rails['db_password']`.
 1. Make sure `postgresql['max_replication_slots']` matches the number of **secondary** Geo nodes locations.
 1. Install GitLab on the **secondary** server.
-1. Re-run the [database replication process][database-replication].
+1. Re-run the [database replication process](database.md#step-3-initiate-the-replication-process).
 
 ## Special update notes for 9.0.x
 
diff --git a/doc/api/README.md b/doc/api/README.md
index f9cc1a09870..91bc8ca8aab 100644
--- a/doc/api/README.md
+++ b/doc/api/README.md
@@ -29,7 +29,7 @@ The following API resources are available in the project context:
 | [Commits](commits.md)                                               | `/projects/:id/repository/commits`, `/projects/:id/statuses`                                                                                                                                          |
 | [Container Registry](container_registry.md)                         | `/projects/:id/registry/repositories`                                                                                                                                                                 |
 | [Custom attributes](custom_attributes.md)                           | `/projects/:id/custom_attributes` (also available for groups and users)                                                                                                                               |
-| [Dependencies](dependencies.md) **[ULTIMATE]**                      | `/projects/:id/dependencies`
+| [Dependencies](dependencies.md) **(ULTIMATE)**                      | `/projects/:id/dependencies`
 | [Deploy keys](deploy_keys.md)                                       | `/projects/:id/deploy_keys` (also available standalone)                                                                                                                                               |
 | [Deployments](deployments.md)                                       | `/projects/:id/deployments`                                                                                                                                                                           |
 | [Discussions](discussions.md) (threaded comments)                   | `/projects/:id/issues/.../discussions`, `/projects/:id/snippets/.../discussions`, `/projects/:id/merge_requests/.../discussions`, `/projects/:id/commits/.../discussions` (also available for groups) |
diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md
index 7e1cf03908d..c416dbac492 100644
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -750,7 +750,7 @@ also be customized, and you can easily use a [custom buildpack](#custom-buildpac
 | `DB_MIGRATE`                 | From GitLab 11.4, this variable can be used to specify the command to run to migrate the application's PostgreSQL database. It runs inside the application pod. |
 | `STAGING_ENABLED`            | From GitLab 10.8, this variable can be used to define a [deploy policy for staging and production environments](#deploy-policy-for-staging-and-production-environments). |
 | `CANARY_ENABLED`             | From GitLab 11.0, this variable can be used to define a [deploy policy for canary environments](#deploy-policy-for-canary-environments-premium). |
-| `INCREMENTAL_ROLLOUT_MODE`| From GitLab 11.4, this variable, if present, can be used to enable an [incremental rollout](#incremental-rollout-to-production-premium) of your application for the production environment.<br/>Set to: <ul><li>`manual`, for manual deployment jobs.</li><li>`timed`, for automatic rollout deployments with a 5 minute delay each one.</li></ul> |
+| `INCREMENTAL_ROLLOUT_MODE`| From GitLab 11.4, this variable, if present, can be used to enable an [incremental rollout](#incremental-rollout-to-production-premium) of your application for the production environment. Set to `manual` for manual deployment jobs or `timed` for automatic rollout deployments with a 5 minute delay each one. |
 | `TEST_DISABLED`              | From GitLab 11.0, this variable can be used to disable the `test` job. If the variable is present, the job will not be created. |
 | `CODE_QUALITY_DISABLED`       | From GitLab 11.0, this variable can be used to disable the `codequality` job. If the variable is present, the job will not be created. |
 | `LICENSE_MANAGEMENT_DISABLED` | From GitLab 11.0, this variable can be used to disable the `license_management` job. If the variable is present, the job will not be created. |
-- 
cgit v1.2.1


From 68d1a9a306ae927013b194d3ffb8602e490d6dca Mon Sep 17 00:00:00 2001
From: Brandon Labuschagne <blabuschagne@gitlab.com>
Date: Wed, 24 Jul 2019 13:59:23 +0000
Subject: Add projectIds to CA service

---
 app/assets/javascripts/cycle_analytics/cycle_analytics_service.js | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/app/assets/javascripts/cycle_analytics/cycle_analytics_service.js b/app/assets/javascripts/cycle_analytics/cycle_analytics_service.js
index a0426301a0a..babbfe93082 100644
--- a/app/assets/javascripts/cycle_analytics/cycle_analytics_service.js
+++ b/app/assets/javascripts/cycle_analytics/cycle_analytics_service.js
@@ -8,22 +8,26 @@ export default class CycleAnalyticsService {
   }
 
   fetchCycleAnalyticsData(options = { startDate: 30 }) {
+    const { startDate, projectIds } = options;
+
     return this.axios
       .get('', {
         params: {
-          'cycle_analytics[start_date]': options.startDate,
+          'cycle_analytics[start_date]': startDate,
+          'cycle_analytics[project_ids]': projectIds,
         },
       })
       .then(x => x.data);
   }
 
   fetchStageData(options) {
-    const { stage, startDate } = options;
+    const { stage, startDate, projectIds } = options;
 
     return this.axios
       .get(`events/${stage.name}.json`, {
         params: {
           'cycle_analytics[start_date]': startDate,
+          'cycle_analytics[project_ids]': projectIds,
         },
       })
       .then(x => x.data);
-- 
cgit v1.2.1


From 8d1e97fc3b9af28d2a34d2b16239e52d3b5d0303 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kamil=20Trzci=C5=84ski?= <ayufan@ayufan.eu>
Date: Tue, 23 Jul 2019 11:28:22 +0200
Subject: Optimise import performance

- Fix `O(n)` complexity of `append_or_update_attribute`,
  we append objects to an array and re-save project
- Remove the usage of `keys.include?` as it performs `O(n)`
  search, instead use `.has_key?`
- Remove the usage of `.keys.first` as it performs a copy
  of all keys, instead use `.first.first`
---
 app/models/project.rb                              | 32 ++++++++++------------
 .../unreleased/optimise-import-performance.yml     |  5 ++++
 lib/gitlab/import_export/attributes_finder.rb      |  2 +-
 lib/gitlab/import_export/json_hash_builder.rb      |  2 +-
 lib/gitlab/import_export/members_mapper.rb         |  2 +-
 lib/gitlab/import_export/relation_factory.rb       |  2 +-
 spec/controllers/user_callouts_controller_spec.rb  |  4 +--
 spec/lib/gitlab/import_export/project.group.json   |  6 ++--
 .../import_export/project_tree_restorer_spec.rb    |  6 ++--
 spec/models/project_spec.rb                        |  5 +---
 10 files changed, 32 insertions(+), 34 deletions(-)
 create mode 100644 changelogs/unreleased/optimise-import-performance.yml

diff --git a/app/models/project.rb b/app/models/project.rb
index ece7507e55c..08221642295 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -1854,16 +1854,24 @@ class Project < ApplicationRecord
   end
 
   def append_or_update_attribute(name, value)
-    old_values = public_send(name.to_s) # rubocop:disable GitlabSecurity/PublicSend
+    if Project.reflect_on_association(name).try(:macro) == :has_many
+      # if this is 1-to-N relation, update the parent object
+      value.each do |item|
+        item.update!(
+          Project.reflect_on_association(name).foreign_key => id)
+      end
+
+      # force to drop relation cache
+      public_send(name).reset # rubocop:disable GitlabSecurity/PublicSend
 
-    if Project.reflect_on_association(name).try(:macro) == :has_many && old_values.any?
-      update_attribute(name, old_values + value)
+      # succeeded
+      true
     else
+      # if this is another relation or attribute, update just object
       update_attribute(name, value)
     end
-
-  rescue ActiveRecord::RecordNotSaved => e
-    handle_update_attribute_error(e, value)
+  rescue ActiveRecord::RecordInvalid => e
+    raise e, "Failed to set #{name}: #{e.message}"
   end
 
   # Tries to set repository as read_only, checking for existing Git transfers in progress beforehand
@@ -2252,18 +2260,6 @@ class Project < ApplicationRecord
     ContainerRepository.build_root_repository(self).has_tags?
   end
 
-  def handle_update_attribute_error(ex, value)
-    if ex.message.start_with?('Failed to replace')
-      if value.respond_to?(:each)
-        invalid = value.detect(&:invalid?)
-
-        raise ex, ([ex.message] + invalid.errors.full_messages).join(' ') if invalid
-      end
-    end
-
-    raise ex
-  end
-
   def fetch_branch_allows_collaboration(user, branch_name = nil)
     return false unless user
 
diff --git a/changelogs/unreleased/optimise-import-performance.yml b/changelogs/unreleased/optimise-import-performance.yml
new file mode 100644
index 00000000000..c63f44d5109
--- /dev/null
+++ b/changelogs/unreleased/optimise-import-performance.yml
@@ -0,0 +1,5 @@
+---
+title: Optimise import performance
+merge_request: 31045
+author:
+type: performance
diff --git a/lib/gitlab/import_export/attributes_finder.rb b/lib/gitlab/import_export/attributes_finder.rb
index 409243e68a5..42cd94add79 100644
--- a/lib/gitlab/import_export/attributes_finder.rb
+++ b/lib/gitlab/import_export/attributes_finder.rb
@@ -45,7 +45,7 @@ module Gitlab
       end
 
       def key_from_hash(value)
-        value.is_a?(Hash) ? value.keys.first : value
+        value.is_a?(Hash) ? value.first.first : value
       end
     end
   end
diff --git a/lib/gitlab/import_export/json_hash_builder.rb b/lib/gitlab/import_export/json_hash_builder.rb
index b145f37c052..a92e3862361 100644
--- a/lib/gitlab/import_export/json_hash_builder.rb
+++ b/lib/gitlab/import_export/json_hash_builder.rb
@@ -27,7 +27,7 @@ module Gitlab
       #   {:merge_requests=>[:merge_request_diff, :notes]}
       def process_model_objects(model_object_hash)
         json_config_hash = {}
-        current_key = model_object_hash.keys.first
+        current_key = model_object_hash.first.first
 
         model_object_hash.values.flatten.each do |model_object|
           @attributes_finder.parse(current_key) { |hash| json_config_hash[current_key] ||= hash }
diff --git a/lib/gitlab/import_export/members_mapper.rb b/lib/gitlab/import_export/members_mapper.rb
index a154de5419e..71e9064c5fd 100644
--- a/lib/gitlab/import_export/members_mapper.rb
+++ b/lib/gitlab/import_export/members_mapper.rb
@@ -35,7 +35,7 @@ module Gitlab
       end
 
       def include?(old_author_id)
-        map.keys.include?(old_author_id) && map[old_author_id] != default_user_id
+        map.has_key?(old_author_id) && map[old_author_id] != default_user_id
       end
 
       private
diff --git a/lib/gitlab/import_export/relation_factory.rb b/lib/gitlab/import_export/relation_factory.rb
index 1b545b1d049..0be49e27acb 100644
--- a/lib/gitlab/import_export/relation_factory.rb
+++ b/lib/gitlab/import_export/relation_factory.rb
@@ -185,7 +185,7 @@ module Gitlab
         return unless EXISTING_OBJECT_CHECK.include?(@relation_name)
         return unless @relation_hash['group_id']
 
-        @relation_hash['group_id'] = @project.group&.id
+        @relation_hash['group_id'] = @project.namespace_id
       end
 
       def reset_tokens!
diff --git a/spec/controllers/user_callouts_controller_spec.rb b/spec/controllers/user_callouts_controller_spec.rb
index babc93a83e5..07eaff2da09 100644
--- a/spec/controllers/user_callouts_controller_spec.rb
+++ b/spec/controllers/user_callouts_controller_spec.rb
@@ -13,7 +13,7 @@ describe UserCalloutsController do
     subject { post :create, params: { feature_name: feature_name }, format: :json }
 
     context 'with valid feature name' do
-      let(:feature_name) { UserCallout.feature_names.keys.first }
+      let(:feature_name) { UserCallout.feature_names.first.first }
 
       context 'when callout entry does not exist' do
         it 'creates a callout entry with dismissed state' do
@@ -28,7 +28,7 @@ describe UserCalloutsController do
       end
 
       context 'when callout entry already exists' do
-        let!(:callout) { create(:user_callout, feature_name: UserCallout.feature_names.keys.first, user: user) }
+        let!(:callout) { create(:user_callout, feature_name: UserCallout.feature_names.first.first, user: user) }
 
         it 'returns success' do
           subject
diff --git a/spec/lib/gitlab/import_export/project.group.json b/spec/lib/gitlab/import_export/project.group.json
index 1a561e81e4a..66f5bb4c87b 100644
--- a/spec/lib/gitlab/import_export/project.group.json
+++ b/spec/lib/gitlab/import_export/project.group.json
@@ -19,7 +19,7 @@
   "labels": [
     {
       "id": 2,
-      "title": "project label",
+      "title": "A project label",
       "color": "#428bca",
       "project_id": 8,
       "created_at": "2016-07-22T08:55:44.161Z",
@@ -105,7 +105,7 @@
           "updated_at": "2017-08-15T18:37:40.795Z",
           "label": {
             "id": 6,
-            "title": "project label",
+            "title": "A project label",
             "color": "#A8D695",
             "project_id": null,
             "created_at": "2017-08-15T18:37:19.698Z",
@@ -162,7 +162,7 @@
           "updated_at": "2017-08-15T18:37:40.795Z",
           "label": {
             "id": 2,
-            "title": "project label",
+            "title": "A project label",
             "color": "#A8D695",
             "project_id": null,
             "created_at": "2017-08-15T18:37:19.698Z",
diff --git a/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb b/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb
index 3b7de185cf1..b9f6595762b 100644
--- a/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb
+++ b/spec/lib/gitlab/import_export/project_tree_restorer_spec.rb
@@ -272,7 +272,7 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
     end
 
     it 'has label priorities' do
-      expect(project.labels.first.priorities).not_to be_empty
+      expect(project.labels.find_by(title: 'A project label').priorities).not_to be_empty
     end
 
     it 'has milestones' do
@@ -325,7 +325,7 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
 
       it_behaves_like 'restores project correctly',
                       issues: 1,
-                      labels: 1,
+                      labels: 2,
                       milestones: 1,
                       first_issue_labels: 1,
                       services: 1
@@ -402,7 +402,7 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
       it_behaves_like 'restores project successfully'
       it_behaves_like 'restores project correctly',
                       issues: 2,
-                      labels: 1,
+                      labels: 2,
                       milestones: 2,
                       first_issue_labels: 1
 
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index bcb2da7eed2..da9e204d4ca 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -3097,11 +3097,8 @@ describe Project do
     let(:project) { create(:project) }
 
     it 'shows full error updating an invalid MR' do
-      error_message = 'Failed to replace merge_requests because one or more of the new records could not be saved.'\
-        ' Validate fork Source project is not a fork of the target project'
-
       expect { project.append_or_update_attribute(:merge_requests, [create(:merge_request)]) }
-        .to raise_error(ActiveRecord::RecordNotSaved, error_message)
+        .to raise_error(ActiveRecord::RecordInvalid, /Failed to set merge_requests:/)
     end
 
     it 'updates the project successfully' do
-- 
cgit v1.2.1


From 1902d9cc74a1dc2c87fdbb39a6cdbb67092cbb5a Mon Sep 17 00:00:00 2001
From: Valery Sizov <valery@gitlab.com>
Date: Tue, 9 Jul 2019 18:59:52 +0300
Subject: Backport of
 https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/14597

This is the first part of Docker Registry replication
    for secondary Geo node.
---
 app/models/container_repository.rb                 |  5 +++++
 config/gitlab.yml.example                          |  9 ++++++++
 config/initializers/1_settings.rb                  |  1 +
 ...eo_container_repository_updated_events_table.rb | 17 +++++++++++++++
 .../20190611100202_add_index_to_geo_event_log.rb   | 17 +++++++++++++++
 ...64_add_foreign_keys_for_container_repository.rb | 25 ++++++++++++++++++++++
 db/schema.rb                                       |  9 ++++++++
 7 files changed, 83 insertions(+)
 create mode 100644 db/migrate/20190611100201_add_geo_container_repository_updated_events_table.rb
 create mode 100644 db/migrate/20190611100202_add_index_to_geo_event_log.rb
 create mode 100644 db/migrate/20190627122264_add_foreign_keys_for_container_repository.rb

diff --git a/app/models/container_repository.rb b/app/models/container_repository.rb
index 39e12ac2b06..facd81dde80 100644
--- a/app/models/container_repository.rb
+++ b/app/models/container_repository.rb
@@ -86,4 +86,9 @@ class ContainerRepository < ApplicationRecord
   def self.build_root_repository(project)
     self.new(project: project, name: '')
   end
+
+  def self.find_by_path!(path)
+    self.find_by!(project: path.repository_project,
+                  name: path.repository_name)
+  end
 end
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index 0e78980350f..dd53127ac2c 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -400,6 +400,15 @@ production: &base
     # path: shared/registry
     # issuer: gitlab-issuer
 
+    # Add notification settings if you plan to use Geo Replication for the registry
+    # notifications:
+    # - name: geo_event
+    #   url: https://example.com/api/v4/container_registry_event/events
+    #   timeout: 2s
+    #   threshold: 5
+    #   backoff: 1s
+    #   headers:
+    #     Authorization: secret_phrase
 
   ## Error Reporting and Logging with Sentry
   sentry:
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 494c4dd1f93..32fec7c3d22 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -259,6 +259,7 @@ Settings.registry['key']           ||= nil
 Settings.registry['issuer']        ||= nil
 Settings.registry['host_port']     ||= [Settings.registry['host'], Settings.registry['port']].compact.join(':')
 Settings.registry['path']            = Settings.absolute(Settings.registry['path'] || File.join(Settings.shared['path'], 'registry'))
+Settings.registry['notifications'] ||= []
 
 #
 # Error Reporting and Logging with Sentry
diff --git a/db/migrate/20190611100201_add_geo_container_repository_updated_events_table.rb b/db/migrate/20190611100201_add_geo_container_repository_updated_events_table.rb
new file mode 100644
index 00000000000..8963e837e08
--- /dev/null
+++ b/db/migrate/20190611100201_add_geo_container_repository_updated_events_table.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class AddGeoContainerRepositoryUpdatedEventsTable < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def change
+    create_table :geo_container_repository_updated_events, force: :cascade do |t|
+      t.integer :container_repository_id, null: false
+
+      t.index :container_repository_id, name: :idx_geo_con_rep_updated_events_on_container_repository_id, using: :btree
+    end
+
+    add_column :geo_event_log, :container_repository_updated_event_id, :bigint
+  end
+end
diff --git a/db/migrate/20190611100202_add_index_to_geo_event_log.rb b/db/migrate/20190611100202_add_index_to_geo_event_log.rb
new file mode 100644
index 00000000000..c5c855fed61
--- /dev/null
+++ b/db/migrate/20190611100202_add_index_to_geo_event_log.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class AddIndexToGeoEventLog < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_concurrent_index :geo_event_log, :container_repository_updated_event_id
+  end
+
+  def down
+    remove_concurrent_index(:geo_event_log, :container_repository_updated_event_id)
+  end
+end
diff --git a/db/migrate/20190627122264_add_foreign_keys_for_container_repository.rb b/db/migrate/20190627122264_add_foreign_keys_for_container_repository.rb
new file mode 100644
index 00000000000..cf7fd03e9af
--- /dev/null
+++ b/db/migrate/20190627122264_add_foreign_keys_for_container_repository.rb
@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+class AddForeignKeysForContainerRepository < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_concurrent_foreign_key(:geo_container_repository_updated_events, :container_repositories, column: :container_repository_id, on_delete: :cascade)
+
+    add_concurrent_foreign_key(:geo_event_log, :geo_container_repository_updated_events, column: :container_repository_updated_event_id, on_delete: :cascade)
+  end
+
+  def down
+    if foreign_key_exists?(:geo_container_repository_updated_events, :container_repositories)
+      remove_foreign_key(:geo_container_repository_updated_events, :container_repositories)
+    end
+
+    if foreign_key_exists?(:geo_event_log, :geo_container_repository_updated_events)
+      remove_foreign_key(:geo_event_log, :geo_container_repository_updated_events)
+    end
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index f42a4c600ea..0e03c2eb2ec 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1275,6 +1275,11 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.string "key", null: false
   end
 
+  create_table "geo_container_repository_updated_events", force: :cascade do |t|
+    t.integer "container_repository_id", null: false
+    t.index ["container_repository_id"], name: "idx_geo_con_rep_updated_events_on_container_repository_id"
+  end
+
   create_table "geo_event_log", force: :cascade do |t|
     t.datetime "created_at", null: false
     t.bigint "repository_updated_event_id"
@@ -1289,7 +1294,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.bigint "job_artifact_deleted_event_id"
     t.bigint "reset_checksum_event_id"
     t.bigint "cache_invalidation_event_id"
+    t.bigint "container_repository_updated_event_id"
     t.index ["cache_invalidation_event_id"], name: "index_geo_event_log_on_cache_invalidation_event_id", where: "(cache_invalidation_event_id IS NOT NULL)"
+    t.index ["container_repository_updated_event_id"], name: "index_geo_event_log_on_container_repository_updated_event_id"
     t.index ["hashed_storage_attachments_event_id"], name: "index_geo_event_log_on_hashed_storage_attachments_event_id", where: "(hashed_storage_attachments_event_id IS NOT NULL)"
     t.index ["hashed_storage_migrated_event_id"], name: "index_geo_event_log_on_hashed_storage_migrated_event_id", where: "(hashed_storage_migrated_event_id IS NOT NULL)"
     t.index ["job_artifact_deleted_event_id"], name: "index_geo_event_log_on_job_artifact_deleted_event_id", where: "(job_artifact_deleted_event_id IS NOT NULL)"
@@ -3700,7 +3707,9 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
   add_foreign_key "fork_network_members", "projects", on_delete: :cascade
   add_foreign_key "fork_networks", "projects", column: "root_project_id", name: "fk_e7b436b2b5", on_delete: :nullify
   add_foreign_key "forked_project_links", "projects", column: "forked_to_project_id", name: "fk_434510edb0", on_delete: :cascade
+  add_foreign_key "geo_container_repository_updated_events", "container_repositories", name: "fk_212c89c706", on_delete: :cascade
   add_foreign_key "geo_event_log", "geo_cache_invalidation_events", column: "cache_invalidation_event_id", name: "fk_42c3b54bed", on_delete: :cascade
+  add_foreign_key "geo_event_log", "geo_container_repository_updated_events", column: "container_repository_updated_event_id", name: "fk_6ada82d42a", on_delete: :cascade
   add_foreign_key "geo_event_log", "geo_hashed_storage_migrated_events", column: "hashed_storage_migrated_event_id", name: "fk_27548c6db3", on_delete: :cascade
   add_foreign_key "geo_event_log", "geo_job_artifact_deleted_events", column: "job_artifact_deleted_event_id", name: "fk_176d3fbb5d", on_delete: :cascade
   add_foreign_key "geo_event_log", "geo_lfs_object_deleted_events", column: "lfs_object_deleted_event_id", name: "fk_d5af95fcd9", on_delete: :cascade
-- 
cgit v1.2.1


From dee72df589fae9e2c03af5539b24aa866c2da37c Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Wed, 24 Jul 2019 15:47:06 +0000
Subject: Followup edit of documentation

---
 doc/development/chaos_endpoints.md      |  8 ++++----
 doc/development/reusing_abstractions.md | 11 +++++------
 2 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/doc/development/chaos_endpoints.md b/doc/development/chaos_endpoints.md
index eb6dde2d24e..961520db7d8 100644
--- a/doc/development/chaos_endpoints.md
+++ b/doc/development/chaos_endpoints.md
@@ -69,7 +69,7 @@ curl http://localhost:3000/-/chaos/leakmem?memory_mb=1024&duration_s=10&token=se
 
 This endpoint attempts to fully utilise a single core, at 100%, for the given period.
 
-Depending on your rack server setup, your request may timeout after a predermined period (normally 60 seconds).
+Depending on your rack server setup, your request may timeout after a predetermined period (normally 60 seconds).
 If you're using Unicorn, this is done by killing the worker process.
 
 ```
@@ -80,7 +80,7 @@ GET /-/chaos/cpu_spin?duration_s=50&async=true
 
 | Attribute    | Type    | Required | Description                                                           |
 | ------------ | ------- | -------- | --------------------------------------------------------------------- |
-| `duration_s` | integer | no       | Duration, in seconds, that the core will be utilised. Defaults to 30s |
+| `duration_s` | integer | no       | Duration, in seconds, that the core will be utilized. Defaults to 30s |
 | `async`      | boolean | no       | Set to true to consume CPU in a Sidekiq background worker process     |
 
 ```bash
@@ -93,7 +93,7 @@ curl http://localhost:3000/-/chaos/cpu_spin?duration_s=60&token=secret
 This endpoint attempts to fully utilise a single core, and interleave it with DB request, for the given period.
 This endpoint can be used to model yielding execution to another threads when running concurrently.
 
-Depending on your rack server setup, your request may timeout after a predermined period (normally 60 seconds).
+Depending on your rack server setup, your request may timeout after a predetermined period (normally 60 seconds).
 If you're using Unicorn, this is done by killing the worker process.
 
 ```
@@ -105,7 +105,7 @@ GET /-/chaos/db_spin?duration_s=50&async=true
 | Attribute    | Type    | Required | Description                                                                 |
 | ------------ | ------- | -------- | --------------------------------------------------------------------------- |
 | `interval_s` | float   | no       | Interval, in seconds, for every DB request. Defaults to 1s                  |
-| `duration_s` | integer | no       | Duration, in seconds, that the core will be utilised. Defaults to 30s       |
+| `duration_s` | integer | no       | Duration, in seconds, that the core will be utilized. Defaults to 30s       |
 | `async`      | boolean | no       | Set to true to perform the operation in a Sidekiq background worker process |
 
 ```bash
diff --git a/doc/development/reusing_abstractions.md b/doc/development/reusing_abstractions.md
index 59da02ed6fd..fce144f8dc2 100644
--- a/doc/development/reusing_abstractions.md
+++ b/doc/development/reusing_abstractions.md
@@ -14,13 +14,13 @@ on maintainability, the ability to easily debug problems, or even performance.
 An example would be to use `ProjectsFinder` in `IssuesFinder` to limit issues to
 those belonging to a set of projects. While initially this may seem like a good
 idea, both classes provide a very high level interface with very little control.
-This means that `IssuesFinder` may not be able to produce a better optimised
+This means that `IssuesFinder` may not be able to produce a better optimized
 database query, as a large portion of the query is controlled by the internals
 of `ProjectsFinder`.
 
 To work around this problem, you would use the same code used by
 `ProjectsFinder`, instead of using `ProjectsFinder` itself directly. This allows
-you to compose your behaviour better, giving you more control over the behaviour
+you to compose your behavior better, giving you more control over the behavior
 of the code.
 
 To illustrate, consider the following code from `IssuableFinder#projects`:
@@ -52,7 +52,7 @@ functionality is added to this (high level) interface. Instead of _only_
 affecting the cases where this is necessary, it may also start affecting
 `IssuableFinder` in a negative way. For example, the query produced by
 `GroupProjectsFinder` may include unnecessary conditions. Since we're using a
-finder here, we can't easily opt-out of that behaviour. We could add options to
+finder here, we can't easily opt-out of that behavior. We could add options to
 do so, but then we'd need as many options as we have features. Every option adds
 two code paths, which means that for four features we have to cover 8 different
 code paths.
@@ -213,6 +213,5 @@ The API provided by Active Record itself, such as the `where` method, `save`,
 
 Everything in `app/workers`.
 
-The scheduling of Sidekiq jobs using `SomeWorker.perform_async`, `perform_in`,
-etc. Directly invoking a worker using `SomeWorker.new.perform` should be avoided
-at all times in application code, though this is fine to use in tests.
+Use `SomeWorker.perform_async` or `SomeWorker.perform_in` to schedule Sidekiq
+jobs. Never directly invoke a worker using `SomeWorker.new.perform`.
-- 
cgit v1.2.1


From d7eadcc0f30d3bd005f9dfb160dd0a460b3a8f56 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Wed, 24 Jul 2019 07:42:45 -0700
Subject: Use a base class for Peek views

Introduce a `DetailedView` base class, which is inherited by
the Gitaly, Redis, and Rugged views. This reduces code duplication.
---
 lib/peek/views/detailed_view.rb    | 49 ++++++++++++++++++++++++++++++++++++++
 lib/peek/views/gitaly.rb           | 27 ++++-----------------
 lib/peek/views/redis_detailed.rb   | 23 ++----------------
 lib/peek/views/rugged.rb           | 35 ++++++++-------------------
 spec/lib/peek/views/rugged_spec.rb |  3 ---
 5 files changed, 65 insertions(+), 72 deletions(-)
 create mode 100644 lib/peek/views/detailed_view.rb

diff --git a/lib/peek/views/detailed_view.rb b/lib/peek/views/detailed_view.rb
new file mode 100644
index 00000000000..ebaf46478df
--- /dev/null
+++ b/lib/peek/views/detailed_view.rb
@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+module Peek
+  module Views
+    class DetailedView < View
+      def results
+        {
+          duration: formatted_duration,
+          calls: calls,
+          details: details
+        }
+      end
+
+      private
+
+      def duration
+        raise NotImplementedError
+      end
+
+      def calls
+        raise NotImplementedError
+      end
+
+      def call_details
+        raise NotImplementedError
+      end
+
+      def format_call_details(call)
+        raise NotImplementedError
+      end
+
+      def details
+        call_details
+          .sort { |a, b| b[:duration] <=> a[:duration] }
+          .map(&method(:format_call_details))
+      end
+
+      def formatted_duration
+        ms = duration * 1000
+
+        if ms >= 1000
+          "%.2fms" % ms
+        else
+          "%.0fms" % ms
+        end
+      end
+    end
+  end
+end
diff --git a/lib/peek/views/gitaly.rb b/lib/peek/views/gitaly.rb
index 30f95a10024..067aaf31fbc 100644
--- a/lib/peek/views/gitaly.rb
+++ b/lib/peek/views/gitaly.rb
@@ -2,7 +2,9 @@
 
 module Peek
   module Views
-    class Gitaly < View
+    class Gitaly < DetailedView
+      private
+
       def duration
         ::Gitlab::GitalyClient.query_time
       end
@@ -11,20 +13,8 @@ module Peek
         ::Gitlab::GitalyClient.get_request_count
       end
 
-      def results
-        {
-          duration: formatted_duration,
-          calls: calls,
-          details: details
-        }
-      end
-
-      private
-
-      def details
+      def call_details
         ::Gitlab::GitalyClient.list_call_details
-          .sort { |a, b| b[:duration] <=> a[:duration] }
-          .map(&method(:format_call_details))
       end
 
       def format_call_details(call)
@@ -34,15 +24,6 @@ module Peek
                    request: pretty_request || {})
       end
 
-      def formatted_duration
-        ms = duration * 1000
-        if ms >= 1000
-          "%.2fms" % ms
-        else
-          "%.0fms" % ms
-        end
-      end
-
       def setup_subscribers
         subscribe 'start_processing.action_controller' do
           ::Gitlab::GitalyClient.query_time = 0
diff --git a/lib/peek/views/redis_detailed.rb b/lib/peek/views/redis_detailed.rb
index 12760c9b75e..c61a1e91282 100644
--- a/lib/peek/views/redis_detailed.rb
+++ b/lib/peek/views/redis_detailed.rb
@@ -35,36 +35,19 @@ end
 
 module Peek
   module Views
-    class RedisDetailed < View
+    class RedisDetailed < DetailedView
       REDACTED_MARKER = "<redacted>"
 
       def key
         'redis'
       end
 
-      def results
-        {
-          calls: calls,
-          duration: formatted_duration,
-          details: details
-        }
-      end
-
       def detail_store
         ::Gitlab::SafeRequestStore['redis_call_details'] ||= []
       end
 
       private
 
-      def formatted_duration
-        ms = duration * 1000
-        if ms >= 1000
-          "%.2fms" % ms
-        else
-          "%.0fms" % ms
-        end
-      end
-
       def duration
         detail_store.map { |entry| entry[:duration] }.sum # rubocop:disable CodeReuse/ActiveRecord
       end
@@ -73,10 +56,8 @@ module Peek
         detail_store.count
       end
 
-      def details
+      def call_details
         detail_store
-          .sort { |a, b| b[:duration] <=> a[:duration] }
-          .map(&method(:format_call_details))
       end
 
       def format_call_details(call)
diff --git a/lib/peek/views/rugged.rb b/lib/peek/views/rugged.rb
index 7b0ab162b15..f0cd520fb8b 100644
--- a/lib/peek/views/rugged.rb
+++ b/lib/peek/views/rugged.rb
@@ -2,7 +2,15 @@
 
 module Peek
   module Views
-    class Rugged < View
+    class Rugged < DetailedView
+      def results
+        return {} unless calls > 0
+
+        super
+      end
+
+      private
+
       def duration
         ::Gitlab::RuggedInstrumentation.query_time
       end
@@ -11,22 +19,8 @@ module Peek
         ::Gitlab::RuggedInstrumentation.query_count
       end
 
-      def results
-        return {} unless calls > 0
-
-        {
-          duration: formatted_duration,
-          calls: calls,
-          details: details
-        }
-      end
-
-      private
-
-      def details
+      def call_details
         ::Gitlab::RuggedInstrumentation.list_call_details
-          .sort { |a, b| b[:duration] <=> a[:duration] }
-          .map(&method(:format_call_details))
       end
 
       def format_call_details(call)
@@ -44,15 +38,6 @@ module Peek
           end
         end
       end
-
-      def formatted_duration
-        ms = duration * 1000
-        if ms >= 1000
-          "%.2fms" % ms
-        else
-          "%.0fms" % ms
-        end
-      end
     end
   end
 end
diff --git a/spec/lib/peek/views/rugged_spec.rb b/spec/lib/peek/views/rugged_spec.rb
index 715b360953c..8bf996fc6bc 100644
--- a/spec/lib/peek/views/rugged_spec.rb
+++ b/spec/lib/peek/views/rugged_spec.rb
@@ -27,9 +27,6 @@ describe Peek::Views::Rugged, :request_store do
                                                      args: [project.repository.raw, 'refs/heads/master'],
                                                      duration: 0.456)
 
-    expect(subject.duration).to be_within(0.00001).of(1.234)
-    expect(subject.calls).to eq(2)
-
     results = subject.results
     expect(results[:calls]).to eq(2)
     expect(results[:duration]).to eq('1234.00ms')
-- 
cgit v1.2.1


From 259493bb4cbce2ab48b7e9b959430888dc9f9d8b Mon Sep 17 00:00:00 2001
From: Andreas Brandl <abrandl@gitlab.com>
Date: Wed, 24 Jul 2019 17:00:34 +0000
Subject: Enable tablesample count strategy by default

https://gitlab.com/gitlab-org/gitlab-ce/issues/58792
---
 changelogs/unreleased/ab-count-strategies.yml          |  5 +++++
 lib/gitlab/database/count.rb                           | 12 +++++-------
 lib/gitlab/database/count/exact_count_strategy.rb      |  4 ----
 lib/gitlab/database/count/reltuples_count_strategy.rb  |  4 ----
 .../database/count/tablesample_count_strategy.rb       |  4 ----
 .../gitlab/database/count/exact_count_strategy_spec.rb | 14 --------------
 .../database/count/reltuples_count_strategy_spec.rb    | 14 --------------
 .../database/count/tablesample_count_strategy_spec.rb  | 18 ------------------
 spec/lib/gitlab/database/count_spec.rb                 | 15 ++-------------
 9 files changed, 12 insertions(+), 78 deletions(-)
 create mode 100644 changelogs/unreleased/ab-count-strategies.yml

diff --git a/changelogs/unreleased/ab-count-strategies.yml b/changelogs/unreleased/ab-count-strategies.yml
new file mode 100644
index 00000000000..bd95ff45d6f
--- /dev/null
+++ b/changelogs/unreleased/ab-count-strategies.yml
@@ -0,0 +1,5 @@
+---
+title: Use tablesample approximate counting by default.
+merge_request: 31048
+author:
+type: performance
diff --git a/lib/gitlab/database/count.rb b/lib/gitlab/database/count.rb
index f3d37ccd72a..eac61254bdf 100644
--- a/lib/gitlab/database/count.rb
+++ b/lib/gitlab/database/count.rb
@@ -37,16 +37,14 @@ module Gitlab
       # @return [Hash] of Model -> count mapping
       def self.approximate_counts(models, strategies: [TablesampleCountStrategy, ReltuplesCountStrategy, ExactCountStrategy])
         strategies.each_with_object({}) do |strategy, counts_by_model|
-          if strategy.enabled?
-            models_with_missing_counts = models - counts_by_model.keys
+          models_with_missing_counts = models - counts_by_model.keys
 
-            break counts_by_model if models_with_missing_counts.empty?
+          break counts_by_model if models_with_missing_counts.empty?
 
-            counts = strategy.new(models_with_missing_counts).count
+          counts = strategy.new(models_with_missing_counts).count
 
-            counts.each do |model, count|
-              counts_by_model[model] = count
-            end
+          counts.each do |model, count|
+            counts_by_model[model] = count
           end
         end
       end
diff --git a/lib/gitlab/database/count/exact_count_strategy.rb b/lib/gitlab/database/count/exact_count_strategy.rb
index fa6951eda22..0b8fe640bf8 100644
--- a/lib/gitlab/database/count/exact_count_strategy.rb
+++ b/lib/gitlab/database/count/exact_count_strategy.rb
@@ -23,10 +23,6 @@ module Gitlab
         rescue *CONNECTION_ERRORS
           {}
         end
-
-        def self.enabled?
-          true
-        end
       end
     end
   end
diff --git a/lib/gitlab/database/count/reltuples_count_strategy.rb b/lib/gitlab/database/count/reltuples_count_strategy.rb
index 695f6fa766e..6cd90c01ab2 100644
--- a/lib/gitlab/database/count/reltuples_count_strategy.rb
+++ b/lib/gitlab/database/count/reltuples_count_strategy.rb
@@ -31,10 +31,6 @@ module Gitlab
           {}
         end
 
-        def self.enabled?
-          Gitlab::Database.postgresql?
-        end
-
         private
 
         # Models using single-type inheritance (STI) don't work with
diff --git a/lib/gitlab/database/count/tablesample_count_strategy.rb b/lib/gitlab/database/count/tablesample_count_strategy.rb
index 7777f31f702..e9387a91a14 100644
--- a/lib/gitlab/database/count/tablesample_count_strategy.rb
+++ b/lib/gitlab/database/count/tablesample_count_strategy.rb
@@ -28,10 +28,6 @@ module Gitlab
           {}
         end
 
-        def self.enabled?
-          Gitlab::Database.postgresql? && Feature.enabled?(:tablesample_counts)
-        end
-
         private
 
         def perform_count(model, estimate)
diff --git a/spec/lib/gitlab/database/count/exact_count_strategy_spec.rb b/spec/lib/gitlab/database/count/exact_count_strategy_spec.rb
index 3991c737a26..0c1be4b4610 100644
--- a/spec/lib/gitlab/database/count/exact_count_strategy_spec.rb
+++ b/spec/lib/gitlab/database/count/exact_count_strategy_spec.rb
@@ -23,18 +23,4 @@ describe Gitlab::Database::Count::ExactCountStrategy do
       expect(subject).to eq({})
     end
   end
-
-  describe '.enabled?' do
-    it 'is enabled for PostgreSQL' do
-      allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
-
-      expect(described_class.enabled?).to be_truthy
-    end
-
-    it 'is enabled for MySQL' do
-      allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
-
-      expect(described_class.enabled?).to be_truthy
-    end
-  end
 end
diff --git a/spec/lib/gitlab/database/count/reltuples_count_strategy_spec.rb b/spec/lib/gitlab/database/count/reltuples_count_strategy_spec.rb
index bd3c66d0548..a528707c9dc 100644
--- a/spec/lib/gitlab/database/count/reltuples_count_strategy_spec.rb
+++ b/spec/lib/gitlab/database/count/reltuples_count_strategy_spec.rb
@@ -48,18 +48,4 @@ describe Gitlab::Database::Count::ReltuplesCountStrategy do
       end
     end
   end
-
-  describe '.enabled?' do
-    it 'is enabled for PostgreSQL' do
-      allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
-
-      expect(described_class.enabled?).to be_truthy
-    end
-
-    it 'is disabled for MySQL' do
-      allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
-
-      expect(described_class.enabled?).to be_falsey
-    end
-  end
 end
diff --git a/spec/lib/gitlab/database/count/tablesample_count_strategy_spec.rb b/spec/lib/gitlab/database/count/tablesample_count_strategy_spec.rb
index 40d810b195b..a57f033b5ed 100644
--- a/spec/lib/gitlab/database/count/tablesample_count_strategy_spec.rb
+++ b/spec/lib/gitlab/database/count/tablesample_count_strategy_spec.rb
@@ -56,22 +56,4 @@ describe Gitlab::Database::Count::TablesampleCountStrategy do
       end
     end
   end
-
-  describe '.enabled?' do
-    before do
-      stub_feature_flags(tablesample_counts: true)
-    end
-
-    it 'is enabled for PostgreSQL' do
-      allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
-
-      expect(described_class.enabled?).to be_truthy
-    end
-
-    it 'is disabled for MySQL' do
-      allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
-
-      expect(described_class.enabled?).to be_falsey
-    end
-  end
 end
diff --git a/spec/lib/gitlab/database/count_spec.rb b/spec/lib/gitlab/database/count_spec.rb
index 1d096b8fa7c..71d6633f62f 100644
--- a/spec/lib/gitlab/database/count_spec.rb
+++ b/spec/lib/gitlab/database/count_spec.rb
@@ -9,24 +9,13 @@ describe Gitlab::Database::Count do
   let(:models) { [Project, Identity] }
 
   context '.approximate_counts' do
-    context 'selecting strategies' do
-      let(:strategies) { [double('s1', enabled?: true), double('s2', enabled?: false)] }
-
-      it 'uses only enabled strategies' do
-        expect(strategies[0]).to receive(:new).and_return(double('strategy1', count: {}))
-        expect(strategies[1]).not_to receive(:new)
-
-        described_class.approximate_counts(models, strategies: strategies)
-      end
-    end
-
     context 'fallbacks' do
       subject { described_class.approximate_counts(models, strategies: strategies) }
 
       let(:strategies) do
         [
-          double('s1', enabled?: true, new: first_strategy),
-          double('s2', enabled?: true, new: second_strategy)
+          double('s1', new: first_strategy),
+          double('s2', new: second_strategy)
         ]
       end
 
-- 
cgit v1.2.1


From 78d57823cabc6ad7844439373a4bed253cfd1f6f Mon Sep 17 00:00:00 2001
From: Ezekiel Kigbo <ekigbo@gitlab.com>
Date: Wed, 24 Jul 2019 17:39:18 +0000
Subject: Removed pluralize function

Replaced instance of the `pluralize` js function
with `n__` to follow our development guide.
---
 app/assets/javascripts/commits.js                         |  5 +++--
 .../javascripts/diffs/components/diff_gutter_avatars.vue  |  5 +++--
 app/assets/javascripts/lib/utils/datetime_utility.js      | 15 +++++----------
 app/assets/javascripts/lib/utils/text_utility.js          |  8 --------
 locale/gitlab.pot                                         | 10 ++++++++++
 spec/frontend/lib/utils/text_utility_spec.js              | 14 --------------
 6 files changed, 21 insertions(+), 36 deletions(-)

diff --git a/app/assets/javascripts/commits.js b/app/assets/javascripts/commits.js
index 54e2589c707..7dd75d03ab9 100644
--- a/app/assets/javascripts/commits.js
+++ b/app/assets/javascripts/commits.js
@@ -1,5 +1,5 @@
 import $ from 'jquery';
-import { pluralize } from './lib/utils/text_utility';
+import { n__ } from '~/locale';
 import { localTimeAgo } from './lib/utils/datetime_utility';
 import Pager from './pager';
 import axios from './lib/utils/axios_utils';
@@ -90,9 +90,10 @@ export default class CommitsList {
           .first()
           .find('li.commit').length,
       );
+
       $commitsHeadersLast
         .find('span.commits-count')
-        .text(`${commitsCount} ${pluralize('commit', commitsCount)}`);
+        .text(n__('%d commit', '%d commits', commitsCount));
     }
 
     localTimeAgo($processedData.find('.js-timeago'));
diff --git a/app/assets/javascripts/diffs/components/diff_gutter_avatars.vue b/app/assets/javascripts/diffs/components/diff_gutter_avatars.vue
index af5550aec3b..7ede7a4f430 100644
--- a/app/assets/javascripts/diffs/components/diff_gutter_avatars.vue
+++ b/app/assets/javascripts/diffs/components/diff_gutter_avatars.vue
@@ -1,6 +1,7 @@
 <script>
+import { n__ } from '~/locale';
 import Icon from '~/vue_shared/components/icon.vue';
-import { pluralize, truncate } from '~/lib/utils/text_utility';
+import { truncate } from '~/lib/utils/text_utility';
 import UserAvatarImage from '~/vue_shared/components/user_avatar/user_avatar_image.vue';
 import { GlTooltipDirective } from '@gitlab/ui';
 import { COUNT_OF_AVATARS_IN_GUTTER, LENGTH_OF_AVATAR_TOOLTIP } from '../constants';
@@ -42,7 +43,7 @@ export default {
         return '';
       }
 
-      return pluralize(`${this.moreCount} more comment`, this.moreCount);
+      return n__('%d more comment', '%d more comments', this.moreCount);
     },
   },
   methods: {
diff --git a/app/assets/javascripts/lib/utils/datetime_utility.js b/app/assets/javascripts/lib/utils/datetime_utility.js
index 062d21ed247..a4715789337 100644
--- a/app/assets/javascripts/lib/utils/datetime_utility.js
+++ b/app/assets/javascripts/lib/utils/datetime_utility.js
@@ -2,8 +2,7 @@ import $ from 'jquery';
 import _ from 'underscore';
 import timeago from 'timeago.js';
 import dateFormat from 'dateformat';
-import { pluralize } from './text_utility';
-import { languageCode, s__, __ } from '../../locale';
+import { languageCode, s__, __, n__ } from '../../locale';
 
 window.timeago = timeago;
 
@@ -231,14 +230,10 @@ export const timeIntervalInWords = intervalInSeconds => {
   const secondsInteger = parseInt(intervalInSeconds, 10);
   const minutes = Math.floor(secondsInteger / 60);
   const seconds = secondsInteger - minutes * 60;
-  let text = '';
-
-  if (minutes >= 1) {
-    text = `${minutes} ${pluralize('minute', minutes)} ${seconds} ${pluralize('second', seconds)}`;
-  } else {
-    text = `${seconds} ${pluralize('second', seconds)}`;
-  }
-  return text;
+  const secondsText = n__('%d second', '%d seconds', seconds);
+  return minutes >= 1
+    ? [n__('%d minute', '%d minutes', minutes), secondsText].join(' ')
+    : secondsText;
 };
 
 export const dateInWords = (date, abbreviated = false, hideYear = false) => {
diff --git a/app/assets/javascripts/lib/utils/text_utility.js b/app/assets/javascripts/lib/utils/text_utility.js
index d38f59b5861..d13fbeb5fc7 100644
--- a/app/assets/javascripts/lib/utils/text_utility.js
+++ b/app/assets/javascripts/lib/utils/text_utility.js
@@ -28,14 +28,6 @@ export const highCountTrim = count => (count > 99 ? '99+' : count);
 export const humanize = string =>
   string.charAt(0).toUpperCase() + string.replace(/_/g, ' ').slice(1);
 
-/**
- * Adds an 's' to the end of the string when count is bigger than 0
- * @param {String} str
- * @param {Number} count
- * @returns {String}
- */
-export const pluralize = (str, count) => str + (count > 1 || count === 0 ? 's' : '');
-
 /**
  * Replaces underscores with dashes
  * @param {*} str
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 97defd42742..9607be988be 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -95,11 +95,21 @@ msgid_plural "%d metrics"
 msgstr[0] ""
 msgstr[1] ""
 
+msgid "%d minute"
+msgid_plural "%d minutes"
+msgstr[0] ""
+msgstr[1] ""
+
 msgid "%d more comment"
 msgid_plural "%d more comments"
 msgstr[0] ""
 msgstr[1] ""
 
+msgid "%d second"
+msgid_plural "%d seconds"
+msgstr[0] ""
+msgstr[1] ""
+
 msgid "%d staged change"
 msgid_plural "%d staged changes"
 msgstr[0] ""
diff --git a/spec/frontend/lib/utils/text_utility_spec.js b/spec/frontend/lib/utils/text_utility_spec.js
index dc886d0db3b..b6f1aef9ce4 100644
--- a/spec/frontend/lib/utils/text_utility_spec.js
+++ b/spec/frontend/lib/utils/text_utility_spec.js
@@ -29,20 +29,6 @@ describe('text_utility', () => {
     });
   });
 
-  describe('pluralize', () => {
-    it('should pluralize given string', () => {
-      expect(textUtils.pluralize('test', 2)).toBe('tests');
-    });
-
-    it('should pluralize when count is 0', () => {
-      expect(textUtils.pluralize('test', 0)).toBe('tests');
-    });
-
-    it('should not pluralize when count is 1', () => {
-      expect(textUtils.pluralize('test', 1)).toBe('test');
-    });
-  });
-
   describe('dasherize', () => {
     it('should replace underscores with dashes', () => {
       expect(textUtils.dasherize('foo_bar_foo')).toEqual('foo-bar-foo');
-- 
cgit v1.2.1


From e5bdcfbc9b1007332fdaa1d37ce1fac47325850d Mon Sep 17 00:00:00 2001
From: Reuben Pereira <rpereira@gitlab.com>
Date: Wed, 24 Jul 2019 17:59:38 +0000
Subject: [ADD] outbound requests whitelist

Signed-off-by: Istvan szalai <istvan.szalai@savoirfairelinux.com>
---
 app/helpers/application_settings_helper.rb         |   1 +
 app/models/application_setting.rb                  |   5 +
 app/models/application_setting_implementation.rb   |  56 ++++--
 .../admin/application_settings/_outbound.html.haml |   7 +
 ...bound-requests-whitelist-for-local-networks.yml |   5 +
 ...d_requests_whitelist_to_application_settings.rb |   9 +
 db/schema.rb                                       |   1 +
 doc/api/settings.md                                |   3 +
 lib/gitlab/url_blocker.rb                          |  36 +++-
 lib/gitlab/utils.rb                                |   7 +
 locale/gitlab.pot                                  |   9 +
 spec/lib/gitlab/url_blocker_spec.rb                | 210 ++++++++++++++++++---
 spec/lib/gitlab/utils_spec.rb                      |  19 ++
 spec/models/application_setting_spec.rb            |  11 ++
 .../application_setting_examples.rb                | 103 +++++-----
 15 files changed, 394 insertions(+), 88 deletions(-)
 create mode 100644 changelogs/unreleased/add-outbound-requests-whitelist-for-local-networks.yml
 create mode 100644 db/migrate/20180824202952_add_outbound_requests_whitelist_to_application_settings.rb

diff --git a/app/helpers/application_settings_helper.rb b/app/helpers/application_settings_helper.rb
index 4bf9b708401..3847a35fbab 100644
--- a/app/helpers/application_settings_helper.rb
+++ b/app/helpers/application_settings_helper.rb
@@ -177,6 +177,7 @@ module ApplicationSettingsHelper
       :domain_blacklist_enabled,
       :domain_blacklist_raw,
       :domain_whitelist_raw,
+      :outbound_local_requests_whitelist_raw,
       :dsa_key_restriction,
       :ecdsa_key_restriction,
       :ed25519_key_restriction,
diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb
index 8e558487c1c..a769a8f07fd 100644
--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@@ -41,6 +41,11 @@ class ApplicationSetting < ApplicationRecord
 
   validates :uuid, presence: true
 
+  validates :outbound_local_requests_whitelist,
+            length: { maximum: 1_000, message: N_('is too long (maximum is 1000 entries)') }
+
+  validates :outbound_local_requests_whitelist, qualified_domain_array: true, allow_blank: true
+
   validates :session_expire_delay,
             presence: true,
             numericality: { only_integer: true, greater_than_or_equal_to: 0 }
diff --git a/app/models/application_setting_implementation.rb b/app/models/application_setting_implementation.rb
index df4caed175d..30fc9fd6892 100644
--- a/app/models/application_setting_implementation.rb
+++ b/app/models/application_setting_implementation.rb
@@ -2,6 +2,7 @@
 
 module ApplicationSettingImplementation
   extend ActiveSupport::Concern
+  include Gitlab::Utils::StrongMemoize
 
   DOMAIN_LIST_SEPARATOR = %r{\s*[,;]\s*     # comma or semicolon, optionally surrounded by whitespace
                             |               # or
@@ -96,7 +97,8 @@ module ApplicationSettingImplementation
         diff_max_patch_bytes: Gitlab::Git::Diff::DEFAULT_MAX_PATCH_BYTES,
         commit_email_hostname: default_commit_email_hostname,
         protected_ci_variables: false,
-        local_markdown_version: 0
+        local_markdown_version: 0,
+        outbound_local_requests_whitelist: []
       }
     end
 
@@ -131,31 +133,52 @@ module ApplicationSettingImplementation
   end
 
   def domain_whitelist_raw
-    self.domain_whitelist&.join("\n")
+    array_to_string(self.domain_whitelist)
   end
 
   def domain_blacklist_raw
-    self.domain_blacklist&.join("\n")
+    array_to_string(self.domain_blacklist)
   end
 
   def domain_whitelist_raw=(values)
-    self.domain_whitelist = []
-    self.domain_whitelist = values.split(DOMAIN_LIST_SEPARATOR)
-    self.domain_whitelist.reject! { |d| d.empty? }
-    self.domain_whitelist
+    self.domain_whitelist = domain_strings_to_array(values)
   end
 
   def domain_blacklist_raw=(values)
-    self.domain_blacklist = []
-    self.domain_blacklist = values.split(DOMAIN_LIST_SEPARATOR)
-    self.domain_blacklist.reject! { |d| d.empty? }
-    self.domain_blacklist
+    self.domain_blacklist = domain_strings_to_array(values)
   end
 
   def domain_blacklist_file=(file)
     self.domain_blacklist_raw = file.read
   end
 
+  def outbound_local_requests_whitelist_raw
+    array_to_string(self.outbound_local_requests_whitelist)
+  end
+
+  def outbound_local_requests_whitelist_raw=(values)
+    self.outbound_local_requests_whitelist = domain_strings_to_array(values)
+  end
+
+  def outbound_local_requests_whitelist_arrays
+    strong_memoize(:outbound_local_requests_whitelist_arrays) do
+      ip_whitelist = []
+      domain_whitelist = []
+
+      self.outbound_local_requests_whitelist.each do |str|
+        ip_obj = Gitlab::Utils.string_to_ip_object(str)
+
+        if ip_obj
+          ip_whitelist << ip_obj
+        else
+          domain_whitelist << str
+        end
+      end
+
+      [ip_whitelist, domain_whitelist]
+    end
+  end
+
   def repository_storages
     Array(read_attribute(:repository_storages))
   end
@@ -255,6 +278,17 @@ module ApplicationSettingImplementation
 
   private
 
+  def array_to_string(arr)
+    arr&.join("\n")
+  end
+
+  def domain_strings_to_array(values)
+    values
+      .split(DOMAIN_LIST_SEPARATOR)
+      .reject(&:empty?)
+      .uniq
+  end
+
   def ensure_uuid!
     return if uuid?
 
diff --git a/app/views/admin/application_settings/_outbound.html.haml b/app/views/admin/application_settings/_outbound.html.haml
index d16304ed338..e58bb526c11 100644
--- a/app/views/admin/application_settings/_outbound.html.haml
+++ b/app/views/admin/application_settings/_outbound.html.haml
@@ -8,6 +8,13 @@
         = f.label :allow_local_requests_from_hooks_and_services, class: 'form-check-label' do
           Allow requests to the local network from hooks and services
 
+    .form-group
+      = f.label :outbound_local_requests_whitelist_raw, class: 'label-bold' do
+        = _('Whitelist to allow requests to the local network from hooks and services')
+      = f.text_area :outbound_local_requests_whitelist_raw, placeholder: "example.com, 192.168.1.1", class: 'form-control', rows: 8
+      %span.form-text.text-muted
+        = _('Requests to these domain(s)/address(es) on the local network will be allowed when local requests from hooks and services are disabled. IP ranges such as 1:0:0:0:0:0:0:0/124 or 127.0.0.0/28 are supported. Domain wildcards are not supported currently. Use comma, semicolon, or newline to separate multiple entries. The whitelist can hold a maximum of 4000 entries. Domains should use IDNA encoding. Ex: domain.com, 192.168.1.1, 127.0.0.0/28.')
+
     .form-group
       .form-check
         = f.check_box :dns_rebinding_protection_enabled, class: 'form-check-input'
diff --git a/changelogs/unreleased/add-outbound-requests-whitelist-for-local-networks.yml b/changelogs/unreleased/add-outbound-requests-whitelist-for-local-networks.yml
new file mode 100644
index 00000000000..9b50175f536
--- /dev/null
+++ b/changelogs/unreleased/add-outbound-requests-whitelist-for-local-networks.yml
@@ -0,0 +1,5 @@
+---
+title: Add Outbound requests whitelist for local networks
+merge_request: 30350
+author: Istvan Szalai
+type: added
diff --git a/db/migrate/20180824202952_add_outbound_requests_whitelist_to_application_settings.rb b/db/migrate/20180824202952_add_outbound_requests_whitelist_to_application_settings.rb
new file mode 100644
index 00000000000..4ee654ce873
--- /dev/null
+++ b/db/migrate/20180824202952_add_outbound_requests_whitelist_to_application_settings.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class AddOutboundRequestsWhitelistToApplicationSettings < ActiveRecord::Migration[5.1]
+  DOWNTIME = false
+
+  def change
+    add_column :application_settings, :outbound_local_requests_whitelist, :string, array: true, limit: 255
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index f42a4c600ea..7a25d6cf769 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -228,6 +228,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "lock_memberships_to_ldap", default: false, null: false
     t.boolean "time_tracking_limit_to_hours", default: false, null: false
     t.string "grafana_url", default: "/-/grafana", null: false
+    t.string "outbound_local_requests_whitelist", limit: 255, array: true
     t.index ["custom_project_templates_group_id"], name: "index_application_settings_on_custom_project_templates_group_id"
     t.index ["file_template_project_id"], name: "index_application_settings_on_file_template_project_id"
     t.index ["usage_stats_set_by_user_id"], name: "index_application_settings_on_usage_stats_set_by_user_id"
diff --git a/doc/api/settings.md b/doc/api/settings.md
index ff48cac1f47..68da88af698 100644
--- a/doc/api/settings.md
+++ b/doc/api/settings.md
@@ -39,6 +39,7 @@ Example response:
    "session_expire_delay" : 10080,
    "home_page_url" : null,
    "default_snippet_visibility" : "private",
+   "outbound_local_requests_whitelist": [],
    "domain_whitelist" : [],
    "domain_blacklist_enabled" : false,
    "domain_blacklist" : [],
@@ -113,6 +114,7 @@ Example response:
   "default_project_visibility": "internal",
   "default_snippet_visibility": "private",
   "default_group_visibility": "private",
+  "outbound_local_requests_whitelist": [],
   "domain_whitelist": [],
   "domain_blacklist_enabled" : false,
   "domain_blacklist" : [],
@@ -193,6 +195,7 @@ are listed in the descriptions of the relevant settings.
 | `domain_blacklist`                       | array of strings | required by: `domain_blacklist_enabled` | Users with e-mail addresses that match these domain(s) will NOT be able to sign-up. Wildcards allowed. Use separate lines for multiple entries. Ex: `domain.com`, `*.domain.com`. |
 | `domain_blacklist_enabled`               | boolean          | no                                   | (**If enabled, requires:** `domain_blacklist`) Allows blocking sign-ups from emails from specific domains. |
 | `domain_whitelist`                       | array of strings | no                                   | Force people to use only corporate emails for sign-up. Default is `null`, meaning there is no restriction. |
+| `outbound_local_requests_whitelist`      | array of strings | no                                   | Define a list of trusted domains or ip addresses to which local requests are allowed when local requests for hooks and services are disabled.
 | `dsa_key_restriction`                    | integer          | no                                   | The minimum allowed bit length of an uploaded DSA key. Default is `0` (no restriction). `-1` disables DSA keys. |
 | `ecdsa_key_restriction`                  | integer          | no                                   | The minimum allowed curve size (in bits) of an uploaded ECDSA key. Default is `0` (no restriction). `-1` disables ECDSA keys. |
 | `ed25519_key_restriction`                | integer          | no                                   | The minimum allowed curve size (in bits) of an uploaded ED25519 key. Default is `0` (no restriction). `-1` disables ED25519 keys. |
diff --git a/lib/gitlab/url_blocker.rb b/lib/gitlab/url_blocker.rb
index f6b2e2acf16..eab6762cab7 100644
--- a/lib/gitlab/url_blocker.rb
+++ b/lib/gitlab/url_blocker.rb
@@ -45,18 +45,21 @@ module Gitlab
           ascii_only: ascii_only
         )
 
+        normalized_hostname = uri.normalized_host
         hostname = uri.hostname
         port = get_port(uri)
 
         address_info = get_address_info(hostname, port)
         return [uri, nil] unless address_info
 
-        protected_uri_with_hostname = enforce_uri_hostname(address_info, uri, hostname, dns_rebind_protection)
+        ip_address = ip_address(address_info)
+        protected_uri_with_hostname = enforce_uri_hostname(ip_address, uri, hostname, dns_rebind_protection)
 
         # Allow url from the GitLab instance itself but only for the configured hostname and ports
         return protected_uri_with_hostname if internal?(uri)
 
         validate_local_request(
+          normalized_hostname: normalized_hostname,
           address_info: address_info,
           allow_localhost: allow_localhost,
           allow_local_network: allow_local_network
@@ -83,10 +86,7 @@ module Gitlab
       #
       # The original hostname is used to validate the SSL, given in that scenario
       # we'll be making the request to the IP address, instead of using the hostname.
-      def enforce_uri_hostname(addrs_info, uri, hostname, dns_rebind_protection)
-        address = addrs_info.first
-        ip_address = address&.ip_address
-
+      def enforce_uri_hostname(ip_address, uri, hostname, dns_rebind_protection)
         return [uri, nil] unless dns_rebind_protection && ip_address && ip_address != hostname
 
         uri = uri.dup
@@ -94,6 +94,10 @@ module Gitlab
         [uri, hostname]
       end
 
+      def ip_address(address_info)
+        address_info.first&.ip_address
+      end
+
       def validate_uri(uri:, schemes:, ports:, enforce_sanitization:, enforce_user:, ascii_only:)
         validate_html_tags(uri) if enforce_sanitization
 
@@ -113,9 +117,19 @@ module Gitlab
       rescue SocketError
       end
 
-      def validate_local_request(address_info:, allow_localhost:, allow_local_network:)
+      def validate_local_request(
+        normalized_hostname:,
+        address_info:,
+        allow_localhost:,
+        allow_local_network:)
         return if allow_local_network && allow_localhost
 
+        ip_whitelist, domain_whitelist =
+          Gitlab::CurrentSettings.outbound_local_requests_whitelist_arrays
+
+        return if local_domain_whitelisted?(domain_whitelist, normalized_hostname) ||
+          local_ip_whitelisted?(ip_whitelist, ip_address(address_info))
+
         unless allow_localhost
           validate_localhost(address_info)
           validate_loopback(address_info)
@@ -231,6 +245,16 @@ module Gitlab
           (uri.port.blank? || uri.port == config.gitlab_shell.ssh_port)
       end
 
+      def local_ip_whitelisted?(ip_whitelist, ip_string)
+        ip_obj = Gitlab::Utils.string_to_ip_object(ip_string)
+
+        ip_whitelist.any? { |ip| ip.include?(ip_obj) }
+      end
+
+      def local_domain_whitelisted?(domain_whitelist, domain_string)
+        domain_whitelist.include?(domain_string)
+      end
+
       def config
         Gitlab.config
       end
diff --git a/lib/gitlab/utils.rb b/lib/gitlab/utils.rb
index 16ec8a8bb28..31c9e18c996 100644
--- a/lib/gitlab/utils.rb
+++ b/lib/gitlab/utils.rb
@@ -131,5 +131,12 @@ module Gitlab
         data
       end
     end
+
+    def string_to_ip_object(str)
+      return unless str
+
+      IPAddr.new(str)
+    rescue IPAddr::InvalidAddressError
+    end
   end
 end
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 9607be988be..1f622db8bd7 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -8998,6 +8998,9 @@ msgstr ""
 msgid "Requests Profiles"
 msgstr ""
 
+msgid "Requests to these domain(s)/address(es) on the local network will be allowed when local requests from hooks and services are disabled. IP ranges such as 1:0:0:0:0:0:0:0/124 or 127.0.0.0/28 are supported. Domain wildcards are not supported currently. Use comma, semicolon, or newline to separate multiple entries. The whitelist can hold a maximum of 4000 entries. Domains should use IDNA encoding. Ex: domain.com, 192.168.1.1, 127.0.0.0/28."
+msgstr ""
+
 msgid "Require all users in this group to setup Two-factor authentication"
 msgstr ""
 
@@ -12133,6 +12136,9 @@ msgstr[1] ""
 msgid "When:"
 msgstr ""
 
+msgid "Whitelist to allow requests to the local network from hooks and services"
+msgstr ""
+
 msgid "Who can see this group?"
 msgstr ""
 
@@ -12912,6 +12918,9 @@ msgstr ""
 msgid "is not an email you own"
 msgstr ""
 
+msgid "is too long (maximum is 1000 entries)"
+msgstr ""
+
 msgid "issue"
 msgstr ""
 
diff --git a/spec/lib/gitlab/url_blocker_spec.rb b/spec/lib/gitlab/url_blocker_spec.rb
index f8b0cbfb6f6..93194de4a1b 100644
--- a/spec/lib/gitlab/url_blocker_spec.rb
+++ b/spec/lib/gitlab/url_blocker_spec.rb
@@ -220,53 +220,53 @@ describe Gitlab::UrlBlocker do
       end
       let(:fake_domain) { 'www.fakedomain.fake' }
 
-      context 'true (default)' do
+      shared_examples 'allows local requests' do |url_blocker_attributes|
         it 'does not block urls from private networks' do
           local_ips.each do |ip|
-            stub_domain_resolv(fake_domain, ip)
-
-            expect(described_class).not_to be_blocked_url("http://#{fake_domain}")
-
-            unstub_domain_resolv
+            stub_domain_resolv(fake_domain, ip) do
+              expect(described_class).not_to be_blocked_url("http://#{fake_domain}", url_blocker_attributes)
+            end
 
-            expect(described_class).not_to be_blocked_url("http://#{ip}")
+            expect(described_class).not_to be_blocked_url("http://#{ip}", url_blocker_attributes)
           end
         end
 
         it 'allows localhost endpoints' do
-          expect(described_class).not_to be_blocked_url('http://0.0.0.0', allow_localhost: true)
-          expect(described_class).not_to be_blocked_url('http://localhost', allow_localhost: true)
-          expect(described_class).not_to be_blocked_url('http://127.0.0.1', allow_localhost: true)
+          expect(described_class).not_to be_blocked_url('http://0.0.0.0', url_blocker_attributes)
+          expect(described_class).not_to be_blocked_url('http://localhost', url_blocker_attributes)
+          expect(described_class).not_to be_blocked_url('http://127.0.0.1', url_blocker_attributes)
         end
 
         it 'allows loopback endpoints' do
-          expect(described_class).not_to be_blocked_url('http://127.0.0.2', allow_localhost: true)
+          expect(described_class).not_to be_blocked_url('http://127.0.0.2', url_blocker_attributes)
         end
 
         it 'allows IPv4 link-local endpoints' do
-          expect(described_class).not_to be_blocked_url('http://169.254.169.254')
-          expect(described_class).not_to be_blocked_url('http://169.254.168.100')
+          expect(described_class).not_to be_blocked_url('http://169.254.169.254', url_blocker_attributes)
+          expect(described_class).not_to be_blocked_url('http://169.254.168.100', url_blocker_attributes)
         end
 
         it 'allows IPv6 link-local endpoints' do
-          expect(described_class).not_to be_blocked_url('http://[0:0:0:0:0:ffff:169.254.169.254]')
-          expect(described_class).not_to be_blocked_url('http://[::ffff:169.254.169.254]')
-          expect(described_class).not_to be_blocked_url('http://[::ffff:a9fe:a9fe]')
-          expect(described_class).not_to be_blocked_url('http://[0:0:0:0:0:ffff:169.254.168.100]')
-          expect(described_class).not_to be_blocked_url('http://[::ffff:169.254.168.100]')
-          expect(described_class).not_to be_blocked_url('http://[::ffff:a9fe:a864]')
-          expect(described_class).not_to be_blocked_url('http://[fe80::c800:eff:fe74:8]')
+          expect(described_class).not_to be_blocked_url('http://[0:0:0:0:0:ffff:169.254.169.254]', url_blocker_attributes)
+          expect(described_class).not_to be_blocked_url('http://[::ffff:169.254.169.254]', url_blocker_attributes)
+          expect(described_class).not_to be_blocked_url('http://[::ffff:a9fe:a9fe]', url_blocker_attributes)
+          expect(described_class).not_to be_blocked_url('http://[0:0:0:0:0:ffff:169.254.168.100]', url_blocker_attributes)
+          expect(described_class).not_to be_blocked_url('http://[::ffff:169.254.168.100]', url_blocker_attributes)
+          expect(described_class).not_to be_blocked_url('http://[::ffff:a9fe:a864]', url_blocker_attributes)
+          expect(described_class).not_to be_blocked_url('http://[fe80::c800:eff:fe74:8]', url_blocker_attributes)
         end
       end
 
+      context 'true (default)' do
+        it_behaves_like 'allows local requests', { allow_localhost: true, allow_local_network: true }
+      end
+
       context 'false' do
         it 'blocks urls from private networks' do
           local_ips.each do |ip|
-            stub_domain_resolv(fake_domain, ip)
-
-            expect(described_class).to be_blocked_url("http://#{fake_domain}", allow_local_network: false)
-
-            unstub_domain_resolv
+            stub_domain_resolv(fake_domain, ip) do
+              expect(described_class).to be_blocked_url("http://#{fake_domain}", allow_local_network: false)
+            end
 
             expect(described_class).to be_blocked_url("http://#{ip}", allow_local_network: false)
           end
@@ -286,15 +286,169 @@ describe Gitlab::UrlBlocker do
           expect(described_class).to be_blocked_url('http://[::ffff:a9fe:a864]', allow_local_network: false)
           expect(described_class).to be_blocked_url('http://[fe80::c800:eff:fe74:8]', allow_local_network: false)
         end
+
+        context 'when local domain/IP is whitelisted' do
+          let(:url_blocker_attributes) do
+            {
+              allow_localhost: false,
+              allow_local_network: false
+            }
+          end
+
+          before do
+            stub_application_setting(outbound_local_requests_whitelist: whitelist)
+          end
+
+          context 'with IPs in whitelist' do
+            let(:whitelist) do
+              [
+                '0.0.0.0',
+                '127.0.0.1',
+                '127.0.0.2',
+                '192.168.1.1',
+                '192.168.1.2',
+                '0:0:0:0:0:ffff:192.168.1.2',
+                '::ffff:c0a8:102',
+                '10.0.0.2',
+                '0:0:0:0:0:ffff:10.0.0.2',
+                '::ffff:a00:2',
+                '172.16.0.2',
+                '0:0:0:0:0:ffff:172.16.0.2',
+                '::ffff:ac10:20',
+                'feef::1',
+                'fee2::',
+                'fc00:bf8b:e62c:abcd:abcd:aaaa:aaaa:aaaa',
+                '0:0:0:0:0:ffff:169.254.169.254',
+                '::ffff:a9fe:a9fe',
+                '::ffff:169.254.168.100',
+                '::ffff:a9fe:a864',
+                'fe80::c800:eff:fe74:8',
+
+                # garbage IPs
+                '45645632345',
+                'garbage456:more345gar:bage'
+              ]
+            end
+
+            it_behaves_like 'allows local requests', { allow_localhost: false, allow_local_network: false }
+
+            it 'whitelists IP when dns_rebind_protection is disabled' do
+              stub_domain_resolv('example.com', '192.168.1.1') do
+                expect(described_class).not_to be_blocked_url("http://example.com",
+                  url_blocker_attributes.merge(dns_rebind_protection: false))
+              end
+            end
+          end
+
+          context 'with domains in whitelist' do
+            let(:whitelist) do
+              [
+                'www.example.com',
+                'example.com',
+                'xn--itlab-j1a.com',
+                'garbage$^$%#$^&$'
+              ]
+            end
+
+            it 'allows domains present in whitelist' do
+              domain = 'example.com'
+              subdomain1 = 'www.example.com'
+              subdomain2 = 'subdomain.example.com'
+
+              stub_domain_resolv(domain, '192.168.1.1') do
+                expect(described_class).not_to be_blocked_url("http://#{domain}",
+                  url_blocker_attributes)
+              end
+
+              stub_domain_resolv(subdomain1, '192.168.1.1') do
+                expect(described_class).not_to be_blocked_url("http://#{subdomain1}",
+                  url_blocker_attributes)
+              end
+
+              # subdomain2 is not part of the whitelist so it should be blocked
+              stub_domain_resolv(subdomain2, '192.168.1.1') do
+                expect(described_class).to be_blocked_url("http://#{subdomain2}",
+                  url_blocker_attributes)
+              end
+            end
+
+            it 'works with unicode and idna encoded domains' do
+              unicode_domain = 'ğitlab.com'
+              idna_encoded_domain = 'xn--itlab-j1a.com'
+
+              stub_domain_resolv(unicode_domain, '192.168.1.1') do
+                expect(described_class).not_to be_blocked_url("http://#{unicode_domain}",
+                  url_blocker_attributes)
+              end
+
+              stub_domain_resolv(idna_encoded_domain, '192.168.1.1') do
+                expect(described_class).not_to be_blocked_url("http://#{idna_encoded_domain}",
+                  url_blocker_attributes)
+              end
+            end
+          end
+
+          context 'with ip ranges in whitelist' do
+            let(:ipv4_range) { '127.0.0.0/28' }
+            let(:ipv6_range) { 'fd84:6d02:f6d8:c89e::/124' }
+
+            let(:whitelist) do
+              [
+                ipv4_range,
+                ipv6_range
+              ]
+            end
+
+            it 'blocks ipv4 range when not in whitelist' do
+              stub_application_setting(outbound_local_requests_whitelist: [])
+
+              IPAddr.new(ipv4_range).to_range.to_a.each do |ip|
+                expect(described_class).to be_blocked_url("http://#{ip}",
+                  url_blocker_attributes)
+              end
+            end
+
+            it 'allows all ipv4s in the range when in whitelist' do
+              IPAddr.new(ipv4_range).to_range.to_a.each do |ip|
+                expect(described_class).not_to be_blocked_url("http://#{ip}",
+                  url_blocker_attributes)
+              end
+            end
+
+            it 'blocks ipv6 range when not in whitelist' do
+              stub_application_setting(outbound_local_requests_whitelist: [])
+
+              IPAddr.new(ipv6_range).to_range.to_a.each do |ip|
+                expect(described_class).to be_blocked_url("http://[#{ip}]",
+                  url_blocker_attributes)
+              end
+            end
+
+            it 'allows all ipv6s in the range when in whitelist' do
+              IPAddr.new(ipv6_range).to_range.to_a.each do |ip|
+                expect(described_class).not_to be_blocked_url("http://[#{ip}]",
+                  url_blocker_attributes)
+              end
+            end
+
+            it 'blocks IPs outside the range' do
+              expect(described_class).to be_blocked_url("http://[fd84:6d02:f6d8:c89e:0:0:1:f]",
+                url_blocker_attributes)
+
+              expect(described_class).to be_blocked_url("http://127.0.1.15",
+                url_blocker_attributes)
+            end
+          end
+        end
       end
 
-      def stub_domain_resolv(domain, ip)
+      def stub_domain_resolv(domain, ip, &block)
         address = double(ip_address: ip, ipv4_private?: true, ipv6_link_local?: false, ipv4_loopback?: false, ipv6_loopback?: false, ipv4?: false)
         allow(Addrinfo).to receive(:getaddrinfo).with(domain, any_args).and_return([address])
         allow(address).to receive(:ipv6_v4mapped?).and_return(false)
-      end
 
-      def unstub_domain_resolv
+        yield
+
         allow(Addrinfo).to receive(:getaddrinfo).and_call_original
       end
     end
diff --git a/spec/lib/gitlab/utils_spec.rb b/spec/lib/gitlab/utils_spec.rb
index 4645339f439..0c20b3aa4c8 100644
--- a/spec/lib/gitlab/utils_spec.rb
+++ b/spec/lib/gitlab/utils_spec.rb
@@ -231,4 +231,23 @@ describe Gitlab::Utils do
       end
     end
   end
+
+  describe '.string_to_ip_object' do
+    it 'returns nil when string is nil' do
+      expect(described_class.string_to_ip_object(nil)).to eq(nil)
+    end
+
+    it 'returns nil when string is invalid IP' do
+      expect(described_class.string_to_ip_object('invalid ip')).to eq(nil)
+      expect(described_class.string_to_ip_object('')).to eq(nil)
+    end
+
+    it 'returns IP object when string is valid IP' do
+      expect(described_class.string_to_ip_object('192.168.1.1')).to eq(IPAddr.new('192.168.1.1'))
+      expect(described_class.string_to_ip_object('::ffff:a9fe:a864')).to eq(IPAddr.new('::ffff:a9fe:a864'))
+      expect(described_class.string_to_ip_object('[::ffff:a9fe:a864]')).to eq(IPAddr.new('::ffff:a9fe:a864'))
+      expect(described_class.string_to_ip_object('127.0.0.0/28')).to eq(IPAddr.new('127.0.0.0/28'))
+      expect(described_class.string_to_ip_object('1:0:0:0:0:0:0:0/124')).to eq(IPAddr.new('1:0:0:0:0:0:0:0/124'))
+    end
+  end
 end
diff --git a/spec/models/application_setting_spec.rb b/spec/models/application_setting_spec.rb
index ab6f6dfe720..bd87bbd8d68 100644
--- a/spec/models/application_setting_spec.rb
+++ b/spec/models/application_setting_spec.rb
@@ -37,6 +37,17 @@ describe ApplicationSetting do
     it { is_expected.not_to allow_value("myemail@example.com").for(:lets_encrypt_notification_email) }
     it { is_expected.to allow_value("myemail@test.example.com").for(:lets_encrypt_notification_email) }
 
+    it { is_expected.to allow_value(['192.168.1.1'] * 1_000).for(:outbound_local_requests_whitelist) }
+    it { is_expected.not_to allow_value(['192.168.1.1'] * 1_001).for(:outbound_local_requests_whitelist) }
+    it { is_expected.to allow_value(['1' * 255]).for(:outbound_local_requests_whitelist) }
+    it { is_expected.not_to allow_value(['1' * 256]).for(:outbound_local_requests_whitelist) }
+    it { is_expected.not_to allow_value(['ğitlab.com']).for(:outbound_local_requests_whitelist) }
+    it { is_expected.to allow_value(['xn--itlab-j1a.com']).for(:outbound_local_requests_whitelist) }
+    it { is_expected.not_to allow_value(['<h1></h1>']).for(:outbound_local_requests_whitelist) }
+    it { is_expected.to allow_value(['gitlab.com']).for(:outbound_local_requests_whitelist) }
+    it { is_expected.to allow_value(nil).for(:outbound_local_requests_whitelist) }
+    it { is_expected.to allow_value([]).for(:outbound_local_requests_whitelist) }
+
     context "when user accepted let's encrypt terms of service" do
       before do
         setting.update(lets_encrypt_terms_of_service_accepted: true)
diff --git a/spec/support/shared_examples/application_setting_examples.rb b/spec/support/shared_examples/application_setting_examples.rb
index e7ec24c5b7e..2c600785ad3 100644
--- a/spec/support/shared_examples/application_setting_examples.rb
+++ b/spec/support/shared_examples/application_setting_examples.rb
@@ -1,58 +1,54 @@
 # frozen_string_literal: true
 
-RSpec.shared_examples 'application settings examples' do
-  context 'restricted signup domains' do
-    it 'sets single domain' do
-      setting.domain_whitelist_raw = 'example.com'
-      expect(setting.domain_whitelist).to eq(['example.com'])
-    end
+RSpec.shared_examples 'string of domains' do |attribute|
+  it 'sets single domain' do
+    setting.method("#{attribute}_raw=").call('example.com')
+    expect(setting.method(attribute).call).to eq(['example.com'])
+  end
 
-    it 'sets multiple domains with spaces' do
-      setting.domain_whitelist_raw = 'example.com *.example.com'
-      expect(setting.domain_whitelist).to eq(['example.com', '*.example.com'])
-    end
+  it 'sets multiple domains with spaces' do
+    setting.method("#{attribute}_raw=").call('example.com *.example.com')
+    expect(setting.method(attribute).call).to eq(['example.com', '*.example.com'])
+  end
 
-    it 'sets multiple domains with newlines and a space' do
-      setting.domain_whitelist_raw = "example.com\n *.example.com"
-      expect(setting.domain_whitelist).to eq(['example.com', '*.example.com'])
-    end
+  it 'sets multiple domains with newlines and a space' do
+    setting.method("#{attribute}_raw=").call("example.com\n *.example.com")
+    expect(setting.method(attribute).call).to eq(['example.com', '*.example.com'])
+  end
 
-    it 'sets multiple domains with commas' do
-      setting.domain_whitelist_raw = "example.com, *.example.com"
-      expect(setting.domain_whitelist).to eq(['example.com', '*.example.com'])
-    end
+  it 'sets multiple domains with commas' do
+    setting.method("#{attribute}_raw=").call("example.com, *.example.com")
+    expect(setting.method(attribute).call).to eq(['example.com', '*.example.com'])
   end
 
-  context 'blacklisted signup domains' do
-    it 'sets single domain' do
-      setting.domain_blacklist_raw = 'example.com'
-      expect(setting.domain_blacklist).to contain_exactly('example.com')
-    end
+  it 'sets multiple domains with semicolon' do
+    setting.method("#{attribute}_raw=").call("example.com; *.example.com")
+    expect(setting.method(attribute).call).to contain_exactly('example.com', '*.example.com')
+  end
 
-    it 'sets multiple domains with spaces' do
-      setting.domain_blacklist_raw = 'example.com *.example.com'
-      expect(setting.domain_blacklist).to contain_exactly('example.com', '*.example.com')
-    end
+  it 'sets multiple domains with mixture of everything' do
+    setting.method("#{attribute}_raw=").call("example.com; *.example.com\n test.com\sblock.com   yes.com")
+    expect(setting.method(attribute).call).to contain_exactly('example.com', '*.example.com', 'test.com', 'block.com', 'yes.com')
+  end
 
-    it 'sets multiple domains with newlines and a space' do
-      setting.domain_blacklist_raw = "example.com\n *.example.com"
-      expect(setting.domain_blacklist).to contain_exactly('example.com', '*.example.com')
-    end
+  it 'removes duplicates' do
+    setting.method("#{attribute}_raw=").call("example.com; example.com; 127.0.0.1; 127.0.0.1")
+    expect(setting.method(attribute).call).to contain_exactly('example.com', '127.0.0.1')
+  end
 
-    it 'sets multiple domains with commas' do
-      setting.domain_blacklist_raw = "example.com, *.example.com"
-      expect(setting.domain_blacklist).to contain_exactly('example.com', '*.example.com')
-    end
+  it 'does not fail with garbage values' do
+    setting.method("#{attribute}_raw=").call("example;34543:garbage:fdh5654;")
+    expect(setting.method(attribute).call).to contain_exactly('example', '34543:garbage:fdh5654')
+  end
+end
 
-    it 'sets multiple domains with semicolon' do
-      setting.domain_blacklist_raw = "example.com; *.example.com"
-      expect(setting.domain_blacklist).to contain_exactly('example.com', '*.example.com')
-    end
+RSpec.shared_examples 'application settings examples' do
+  context 'restricted signup domains' do
+    it_behaves_like 'string of domains', :domain_whitelist
+  end
 
-    it 'sets multiple domains with mixture of everything' do
-      setting.domain_blacklist_raw = "example.com; *.example.com\n test.com\sblock.com   yes.com"
-      expect(setting.domain_blacklist).to contain_exactly('example.com', '*.example.com', 'test.com', 'block.com', 'yes.com')
-    end
+  context 'blacklisted signup domains' do
+    it_behaves_like 'string of domains', :domain_blacklist
 
     it 'sets multiple domain with file' do
       setting.domain_blacklist_file = File.open(Rails.root.join('spec/fixtures/', 'domain_blacklist.txt'))
@@ -60,6 +56,27 @@ RSpec.shared_examples 'application settings examples' do
     end
   end
 
+  context 'outbound_local_requests_whitelist' do
+    it_behaves_like 'string of domains', :outbound_local_requests_whitelist
+  end
+
+  context 'outbound_local_requests_whitelist_arrays' do
+    it 'separates the IPs and domains' do
+      setting.outbound_local_requests_whitelist = [
+        '192.168.1.1', '127.0.0.0/28', 'www.example.com', 'example.com',
+        '::ffff:a00:2', '1:0:0:0:0:0:0:0/124', 'subdomain.example.com'
+      ]
+
+      ip_whitelist = [
+        IPAddr.new('192.168.1.1'), IPAddr.new('127.0.0.0/8'),
+        IPAddr.new('::ffff:a00:2'), IPAddr.new('1:0:0:0:0:0:0:0/124')
+      ]
+      domain_whitelist = ['www.example.com', 'example.com', 'subdomain.example.com']
+
+      expect(setting.outbound_local_requests_whitelist_arrays).to contain_exactly(ip_whitelist, domain_whitelist)
+    end
+  end
+
   describe 'usage ping settings' do
     context 'when the usage ping is disabled in gitlab.yml' do
       before do
-- 
cgit v1.2.1


From 3e001d29ccdb5a5b1ba223710525f8dc7ae844ee Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Wed, 24 Jul 2019 11:11:18 -0700
Subject: Enable Rubocop Performance/InefficientHashSearch

When used with a Hash, `.keys.include?` is bad because:

1. It performs a O(n) search instead of the efficient `.has_key?`
2. It clones all keys into separate array.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/64975
---
 .rubocop_todo.yml                                      | 11 -----------
 app/controllers/concerns/sessionless_authentication.rb |  2 +-
 app/models/note.rb                                     |  2 +-
 app/models/user_preference.rb                          |  2 +-
 qa/spec/spec_helper.rb                                 |  2 +-
 5 files changed, 4 insertions(+), 15 deletions(-)

diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml
index 41714eefa97..72de4f0b2aa 100644
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@@ -262,17 +262,6 @@ Naming/HeredocDelimiterNaming:
 Naming/RescuedExceptionsVariableName:
   Enabled: false
 
-# Offense count: 6
-# Cop supports --auto-correct.
-Performance/InefficientHashSearch:
-  Exclude:
-    - 'app/controllers/concerns/sessionless_authentication.rb'
-    - 'app/models/note.rb'
-    - 'app/models/user_preference.rb'
-    - 'ee/app/models/ee/project.rb'
-    - 'lib/gitlab/import_export/members_mapper.rb'
-    - 'qa/spec/spec_helper.rb'
-
 # Offense count: 3
 # Cop supports --auto-correct.
 Performance/ReverseEach:
diff --git a/app/controllers/concerns/sessionless_authentication.rb b/app/controllers/concerns/sessionless_authentication.rb
index 590eefc6dab..4304b8565ce 100644
--- a/app/controllers/concerns/sessionless_authentication.rb
+++ b/app/controllers/concerns/sessionless_authentication.rb
@@ -13,7 +13,7 @@ module SessionlessAuthentication
   end
 
   def sessionless_user?
-    current_user && !session.keys.include?('warden.user.user.key')
+    current_user && !session.key?('warden.user.user.key')
   end
 
   def sessionless_sign_in(user)
diff --git a/app/models/note.rb b/app/models/note.rb
index 5c31cff9816..3f182c1f099 100644
--- a/app/models/note.rb
+++ b/app/models/note.rb
@@ -292,7 +292,7 @@ class Note < ApplicationRecord
   end
 
   def special_role=(role)
-    raise "Role is undefined, #{role} not found in #{SpecialRole.values}" unless SpecialRole.values.include?(role)
+    raise "Role is undefined, #{role} not found in #{SpecialRole.values}" unless SpecialRole.value?(role)
 
     @special_role = role
   end
diff --git a/app/models/user_preference.rb b/app/models/user_preference.rb
index f1326f4c8cb..b236250c24e 100644
--- a/app/models/user_preference.rb
+++ b/app/models/user_preference.rb
@@ -26,7 +26,7 @@ class UserPreference < ApplicationRecord
 
   def set_notes_filter(filter_id, issuable)
     # No need to update the column if the value is already set.
-    if filter_id && NOTES_FILTERS.values.include?(filter_id)
+    if filter_id && NOTES_FILTERS.value?(filter_id)
       field = notes_filter_field_for(issuable)
       self[field] = filter_id
 
diff --git a/qa/spec/spec_helper.rb b/qa/spec/spec_helper.rb
index 21bfd2876a9..363980acc33 100644
--- a/qa/spec/spec_helper.rb
+++ b/qa/spec/spec_helper.rb
@@ -46,7 +46,7 @@ RSpec.configure do |config|
 
   if ENV['CI']
     config.around do |example|
-      retry_times = example.metadata.keys.include?(:quarantine) ? 1 : 2
+      retry_times = example.metadata.key?(:quarantine) ? 1 : 2
       example.run_with_retry retry: retry_times
     end
   end
-- 
cgit v1.2.1


From 3cefc5d7df09dbc21cd9c892bc6c62b5b583ca6a Mon Sep 17 00:00:00 2001
From: Mayra Cabrera <mcabrera@gitlab.com>
Date: Wed, 24 Jul 2019 19:49:31 +0000
Subject: Add RateLimiter to RawController

* Limits raw requests to 300 per minute and per raw path.
* Add a new attribute to ApplicationSettings so user can change this
value on their instance.
* Uses Gitlab::ActionRateLimiter to limit the raw requests.
* Add a new method into ActionRateLimiter to log the event into auth.log

Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/48717
---
 .../admin/application_settings_controller.rb       |   1 +
 app/controllers/projects/raw_controller.rb         |  20 ++++
 app/models/application_setting_implementation.rb   |   3 +-
 .../application_settings/_performance.html.haml    |   6 ++
 .../48717-rate-limit-raw-controller-show.yml       |   5 +
 ...w_blob_request_limit_to_application_settings.rb |   9 ++
 db/schema.rb                                       |   3 +-
 lib/gitlab/action_rate_limiter.rb                  |  40 +++++++-
 locale/gitlab.pot                                  |   9 ++
 spec/controllers/projects/raw_controller_spec.rb   |  95 +++++++++++++++++++
 spec/lib/gitlab/action_rate_limiter_spec.rb        | 101 ++++++++++++++++++---
 .../application_settings/update_service_spec.rb    |  16 ++++
 12 files changed, 291 insertions(+), 17 deletions(-)
 create mode 100644 changelogs/unreleased/48717-rate-limit-raw-controller-show.yml
 create mode 100644 db/migrate/20190715142138_add_raw_blob_request_limit_to_application_settings.rb

diff --git a/app/controllers/admin/application_settings_controller.rb b/app/controllers/admin/application_settings_controller.rb
index e9ec8876688..99411641874 100644
--- a/app/controllers/admin/application_settings_controller.rb
+++ b/app/controllers/admin/application_settings_controller.rb
@@ -106,6 +106,7 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
       :lets_encrypt_notification_email,
       :lets_encrypt_terms_of_service_accepted,
       :domain_blacklist_file,
+      :raw_blob_request_limit,
       disabled_oauth_sign_in_sources: [],
       import_sources: [],
       repository_storages: [],
diff --git a/app/controllers/projects/raw_controller.rb b/app/controllers/projects/raw_controller.rb
index 42ae5b0ef3c..3254229d9cb 100644
--- a/app/controllers/projects/raw_controller.rb
+++ b/app/controllers/projects/raw_controller.rb
@@ -8,10 +8,30 @@ class Projects::RawController < Projects::ApplicationController
   before_action :require_non_empty_project
   before_action :assign_ref_vars
   before_action :authorize_download_code!
+  before_action :show_rate_limit, only: [:show]
 
   def show
     @blob = @repository.blob_at(@commit.id, @path)
 
     send_blob(@repository, @blob, inline: (params[:inline] != 'false'))
   end
+
+  private
+
+  def show_rate_limit
+    limiter = ::Gitlab::ActionRateLimiter.new(action: :show_raw_controller)
+
+    return unless limiter.throttled?([@project, @commit, @path], raw_blob_request_limit)
+
+    limiter.log_request(request, :raw_blob_request_limit, current_user)
+
+    flash[:alert] = _('You cannot access the raw file. Please wait a minute.')
+    redirect_to project_blob_path(@project, File.join(@ref, @path))
+  end
+
+  def raw_blob_request_limit
+    Gitlab::CurrentSettings
+      .current_application_settings
+      .raw_blob_request_limit
+  end
 end
diff --git a/app/models/application_setting_implementation.rb b/app/models/application_setting_implementation.rb
index 30fc9fd6892..1e612bd0e78 100644
--- a/app/models/application_setting_implementation.rb
+++ b/app/models/application_setting_implementation.rb
@@ -98,7 +98,8 @@ module ApplicationSettingImplementation
         commit_email_hostname: default_commit_email_hostname,
         protected_ci_variables: false,
         local_markdown_version: 0,
-        outbound_local_requests_whitelist: []
+        outbound_local_requests_whitelist: [],
+        raw_blob_request_limit: 300
       }
     end
 
diff --git a/app/views/admin/application_settings/_performance.html.haml b/app/views/admin/application_settings/_performance.html.haml
index 7821a83530f..b52171afc69 100644
--- a/app/views/admin/application_settings/_performance.html.haml
+++ b/app/views/admin/application_settings/_performance.html.haml
@@ -15,4 +15,10 @@
           AuthorizedKeysCommand. Click on the help icon for more details.
           = link_to icon('question-circle'), help_page_path('administration/operations/fast_ssh_key_lookup')
 
+    .form-group
+      = f.label :raw_blob_request_limit, _('Raw blob request rate limit per minute'), class: 'label-bold'
+      = f.number_field :raw_blob_request_limit, class: 'form-control'
+      .form-text.text-muted
+        = _('Highest number of requests per minute for each raw path, default to 300. To disable throttling set to 0.')
+
   = f.submit 'Save changes', class: "btn btn-success"
diff --git a/changelogs/unreleased/48717-rate-limit-raw-controller-show.yml b/changelogs/unreleased/48717-rate-limit-raw-controller-show.yml
new file mode 100644
index 00000000000..38ee95a7553
--- /dev/null
+++ b/changelogs/unreleased/48717-rate-limit-raw-controller-show.yml
@@ -0,0 +1,5 @@
+---
+title: Add Rate Request Limiter to RawController#show endpoint
+merge_request: 30635
+author:
+type: added
diff --git a/db/migrate/20190715142138_add_raw_blob_request_limit_to_application_settings.rb b/db/migrate/20190715142138_add_raw_blob_request_limit_to_application_settings.rb
new file mode 100644
index 00000000000..e8198e11ea7
--- /dev/null
+++ b/db/migrate/20190715142138_add_raw_blob_request_limit_to_application_settings.rb
@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class AddRawBlobRequestLimitToApplicationSettings < ActiveRecord::Migration[5.2]
+  DOWNTIME = false
+
+  def change
+    add_column :application_settings, :raw_blob_request_limit, :integer, default: 300, null: false
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 7a25d6cf769..430fdd8f708 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2019_07_15_114644) do
+ActiveRecord::Schema.define(version: 2019_07_15_142138) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "pg_trgm"
@@ -229,6 +229,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_114644) do
     t.boolean "time_tracking_limit_to_hours", default: false, null: false
     t.string "grafana_url", default: "/-/grafana", null: false
     t.string "outbound_local_requests_whitelist", limit: 255, array: true
+    t.integer "raw_blob_request_limit", default: 300, null: false
     t.index ["custom_project_templates_group_id"], name: "index_application_settings_on_custom_project_templates_group_id"
     t.index ["file_template_project_id"], name: "index_application_settings_on_file_template_project_id"
     t.index ["usage_stats_set_by_user_id"], name: "index_application_settings_on_usage_stats_set_by_user_id"
diff --git a/lib/gitlab/action_rate_limiter.rb b/lib/gitlab/action_rate_limiter.rb
index c442211e073..fdb06d00548 100644
--- a/lib/gitlab/action_rate_limiter.rb
+++ b/lib/gitlab/action_rate_limiter.rb
@@ -33,16 +33,48 @@ module Gitlab
     # Increments the given key and returns true if the action should
     # be throttled.
     #
-    # key - An array of ActiveRecord instances
-    # threshold_value - The maximum number of times this action should occur in the given time interval
+    # key - An array of ActiveRecord instances or strings
+    # threshold_value - The maximum number of times this action should occur in the given time interval. If number is zero is considered disabled.
     def throttled?(key, threshold_value)
-      self.increment(key) > threshold_value
+      threshold_value > 0 &&
+        self.increment(key) > threshold_value
+    end
+
+    # Logs request into auth.log
+    #
+    # request - Web request to be logged
+    # type - A symbol key that represents the request.
+    # current_user - Current user of the request, it can be nil.
+    def log_request(request, type, current_user)
+      request_information = {
+        message: 'Action_Rate_Limiter_Request',
+        env: type,
+        ip: request.ip,
+        request_method: request.request_method,
+        fullpath: request.fullpath
+      }
+
+      if current_user
+        request_information.merge!({
+          user_id: current_user.id,
+          username: current_user.username
+        })
+      end
+
+      Gitlab::AuthLogger.error(request_information)
     end
 
     private
 
     def action_key(key)
-      serialized = key.map { |obj| "#{obj.class.model_name.to_s.underscore}:#{obj.id}" }.join(":")
+      serialized = key.map do |obj|
+        if obj.is_a?(String)
+          "#{obj}"
+        else
+          "#{obj.class.model_name.to_s.underscore}:#{obj.id}"
+        end
+      end.join(":")
+
       "action_rate_limiter:#{action}:#{serialized}"
     end
   end
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 1f622db8bd7..cbab027d4a3 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -5298,6 +5298,9 @@ msgstr[1] ""
 msgid "Hide values"
 msgstr ""
 
+msgid "Highest number of requests per minute for each raw path, default to 300. To disable throttling set to 0."
+msgstr ""
+
 msgid "Highest role:"
 msgstr ""
 
@@ -8717,6 +8720,9 @@ msgstr ""
 msgid "Rake Tasks Help"
 msgstr ""
 
+msgid "Raw blob request rate limit per minute"
+msgstr ""
+
 msgid "Read more"
 msgstr ""
 
@@ -12442,6 +12448,9 @@ msgstr ""
 msgid "You can test your .gitlab-ci.yml in %{linkStart}CI Lint%{linkEnd}."
 msgstr ""
 
+msgid "You cannot access the raw file. Please wait a minute."
+msgstr ""
+
 msgid "You cannot impersonate a blocked user"
 msgstr ""
 
diff --git a/spec/controllers/projects/raw_controller_spec.rb b/spec/controllers/projects/raw_controller_spec.rb
index 97acd47b4da..8ee3168273f 100644
--- a/spec/controllers/projects/raw_controller_spec.rb
+++ b/spec/controllers/projects/raw_controller_spec.rb
@@ -3,6 +3,8 @@
 require 'spec_helper'
 
 describe Projects::RawController do
+  include RepoHelpers
+
   let(:project) { create(:project, :public, :repository) }
 
   describe 'GET #show' do
@@ -46,5 +48,98 @@ describe Projects::RawController do
       let(:filename) { 'lfs_object.iso' }
       let(:filepath) { "be93687/files/lfs/#{filename}" }
     end
+
+    context 'when the endpoint receives requests above the limit', :clean_gitlab_redis_cache do
+      let(:file_path) { 'master/README.md' }
+
+      before do
+        stub_application_setting(raw_blob_request_limit: 5)
+      end
+
+      it 'prevents from accessing the raw file' do
+        execute_raw_requests(requests: 6, project: project, file_path: file_path)
+
+        expect(flash[:alert]).to eq('You cannot access the raw file. Please wait a minute.')
+        expect(response).to redirect_to(project_blob_path(project, file_path))
+      end
+
+      it 'logs the event on auth.log' do
+        attributes = {
+          message: 'Action_Rate_Limiter_Request',
+          env: :raw_blob_request_limit,
+          ip: '0.0.0.0',
+          request_method: 'GET',
+          fullpath: "/#{project.full_path}/raw/#{file_path}"
+        }
+
+        expect(Gitlab::AuthLogger).to receive(:error).with(attributes).once
+
+        execute_raw_requests(requests: 6, project: project, file_path: file_path)
+      end
+
+      context 'when the request uses a different version of a commit' do
+        it 'prevents from accessing the raw file' do
+          # 3 times with the normal sha
+          commit_sha = project.repository.commit.sha
+          file_path = "#{commit_sha}/README.md"
+
+          execute_raw_requests(requests: 3, project: project, file_path: file_path)
+
+          # 3 times with the modified version
+          modified_sha = commit_sha.gsub(commit_sha[0..5], commit_sha[0..5].upcase)
+          modified_path = "#{modified_sha}/README.md"
+
+          execute_raw_requests(requests: 3, project: project, file_path: modified_path)
+
+          expect(flash[:alert]).to eq('You cannot access the raw file. Please wait a minute.')
+          expect(response).to redirect_to(project_blob_path(project, modified_path))
+        end
+      end
+
+      context 'when the throttling has been disabled' do
+        before do
+          stub_application_setting(raw_blob_request_limit: 0)
+        end
+
+        it 'does not prevent from accessing the raw file' do
+          execute_raw_requests(requests: 10, project: project, file_path: file_path)
+
+          expect(response).to have_gitlab_http_status(200)
+        end
+      end
+
+      context 'with case-sensitive files' do
+        it 'prevents from accessing the specific file' do
+          create_file_in_repo(project, 'master', 'master', 'readme.md', 'Add readme.md')
+          create_file_in_repo(project, 'master', 'master', 'README.md', 'Add README.md')
+
+          commit_sha = project.repository.commit.sha
+          file_path = "#{commit_sha}/readme.md"
+
+          # Accessing downcase version of readme
+          execute_raw_requests(requests: 6, project: project, file_path: file_path)
+
+          expect(flash[:alert]).to eq('You cannot access the raw file. Please wait a minute.')
+          expect(response).to redirect_to(project_blob_path(project, file_path))
+
+          # Accessing upcase version of readme
+          file_path = "#{commit_sha}/README.md"
+
+          execute_raw_requests(requests: 1, project: project, file_path: file_path)
+
+          expect(response).to have_gitlab_http_status(200)
+        end
+      end
+    end
+  end
+
+  def execute_raw_requests(requests:, project:, file_path:)
+    requests.times do
+      get :show, params: {
+        namespace_id: project.namespace,
+        project_id: project,
+        id: file_path
+      }
+    end
   end
 end
diff --git a/spec/lib/gitlab/action_rate_limiter_spec.rb b/spec/lib/gitlab/action_rate_limiter_spec.rb
index 542fc03e555..cf266a25819 100644
--- a/spec/lib/gitlab/action_rate_limiter_spec.rb
+++ b/spec/lib/gitlab/action_rate_limiter_spec.rb
@@ -1,11 +1,9 @@
 require 'spec_helper'
 
-describe Gitlab::ActionRateLimiter do
+describe Gitlab::ActionRateLimiter, :clean_gitlab_redis_cache do
   let(:redis) { double('redis') }
   let(:user) { create(:user) }
   let(:project) { create(:project) }
-  let(:key) { [user, project] }
-  let(:cache_key) { "action_rate_limiter:test_action:user:#{user.id}:project:#{project.id}" }
 
   subject { described_class.new(action: :test_action, expiry_time: 100) }
 
@@ -13,17 +11,98 @@ describe Gitlab::ActionRateLimiter do
     allow(Gitlab::Redis::Cache).to receive(:with).and_yield(redis)
   end
 
-  it 'increases the throttle count and sets the expire time' do
-    expect(redis).to receive(:incr).with(cache_key).and_return(1)
-    expect(redis).to receive(:expire).with(cache_key, 100)
+  shared_examples 'action rate limiter' do
+    it 'increases the throttle count and sets the expiration time' do
+      expect(redis).to receive(:incr).with(cache_key).and_return(1)
+      expect(redis).to receive(:expire).with(cache_key, 100)
 
-    expect(subject.throttled?(key, 1)).to be false
+      expect(subject.throttled?(key, 1)).to be_falsy
+    end
+
+    it 'returns true if the key is throttled' do
+      expect(redis).to receive(:incr).with(cache_key).and_return(2)
+      expect(redis).not_to receive(:expire)
+
+      expect(subject.throttled?(key, 1)).to be_truthy
+    end
+
+    context 'when throttling is disabled' do
+      it 'returns false and does not set expiration time' do
+        expect(redis).not_to receive(:incr)
+        expect(redis).not_to receive(:expire)
+
+        expect(subject.throttled?(key, 0)).to be_falsy
+      end
+    end
+  end
+
+  context 'when the key is an array of only ActiveRecord models' do
+    let(:key) { [user, project] }
+
+    let(:cache_key) do
+      "action_rate_limiter:test_action:user:#{user.id}:project:#{project.id}"
+    end
+
+    it_behaves_like 'action rate limiter'
+  end
+
+  context 'when they key a combination of ActiveRecord models and strings' do
+    let(:project) { create(:project, :public, :repository) }
+    let(:commit) { project.repository.commit }
+    let(:path) { 'app/controllers/groups_controller.rb' }
+    let(:key) { [project, commit, path] }
+
+    let(:cache_key) do
+      "action_rate_limiter:test_action:project:#{project.id}:commit:#{commit.sha}:#{path}"
+    end
+
+    it_behaves_like 'action rate limiter'
   end
 
-  it 'returns true if the key is throttled' do
-    expect(redis).to receive(:incr).with(cache_key).and_return(2)
-    expect(redis).not_to receive(:expire)
+  describe '#log_request' do
+    let(:file_path) { 'master/README.md' }
+    let(:type) { :raw_blob_request_limit }
+    let(:fullpath) { "/#{project.full_path}/raw/#{file_path}" }
+
+    let(:request) do
+      double('request', ip: '127.0.0.1', request_method: 'GET', fullpath: fullpath)
+    end
+
+    let(:base_attributes) do
+      {
+        message: 'Action_Rate_Limiter_Request',
+        env: type,
+        ip: '127.0.0.1',
+        request_method: 'GET',
+        fullpath: fullpath
+      }
+    end
+
+    context 'without a current user' do
+      let(:current_user) { nil }
+
+      it 'logs information to auth.log' do
+        expect(Gitlab::AuthLogger).to receive(:error).with(base_attributes).once
+
+        subject.log_request(request, type, current_user)
+      end
+    end
+
+    context 'with a current_user' do
+      let(:current_user) { create(:user) }
+
+      let(:attributes) do
+        base_attributes.merge({
+          user_id: current_user.id,
+          username: current_user.username
+        })
+      end
+
+      it 'logs information to auth.log' do
+        expect(Gitlab::AuthLogger).to receive(:error).with(attributes).once
 
-    expect(subject.throttled?(key, 1)).to be true
+        subject.log_request(request, type, current_user)
+      end
+    end
   end
 end
diff --git a/spec/services/application_settings/update_service_spec.rb b/spec/services/application_settings/update_service_spec.rb
index a641828faa5..33cd1f37ff6 100644
--- a/spec/services/application_settings/update_service_spec.rb
+++ b/spec/services/application_settings/update_service_spec.rb
@@ -180,4 +180,20 @@ describe ApplicationSettings::UpdateService do
       described_class.new(application_settings, admin, { home_page_url: 'http://foo.bar' }).execute
     end
   end
+
+  context 'when raw_blob_request_limit is passsed' do
+    let(:params) do
+      {
+        raw_blob_request_limit: 600
+      }
+    end
+
+    it 'updates raw_blob_request_limit value' do
+      subject.execute
+
+      application_settings.reload
+
+      expect(application_settings.raw_blob_request_limit).to eq(600)
+    end
+  end
 end
-- 
cgit v1.2.1


From 3f9aa7dae25ad7f208b485dd7d3fa42905069385 Mon Sep 17 00:00:00 2001
From: Alex Kalderimis <alex.kalderimis@gmail.com>
Date: Mon, 15 Jul 2019 10:29:21 -0400
Subject: Adds event enum column to DesignsVersions join table

Also adds index to support scopes and queries

This supports https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/14656
---
 changelogs/unreleased/delete-designs-v2.yml        |  4 ++++
 ...t_type_to_design_management_designs_versions.rb | 27 ++++++++++++++++++++++
 db/schema.rb                                       |  2 ++
 3 files changed, 33 insertions(+)
 create mode 100644 changelogs/unreleased/delete-designs-v2.yml
 create mode 100644 db/migrate/20190715140740_add_event_type_to_design_management_designs_versions.rb

diff --git a/changelogs/unreleased/delete-designs-v2.yml b/changelogs/unreleased/delete-designs-v2.yml
new file mode 100644
index 00000000000..a678e4f93b9
--- /dev/null
+++ b/changelogs/unreleased/delete-designs-v2.yml
@@ -0,0 +1,4 @@
+---
+title: Adds event enum column to DesignsVersions join table
+merge_request: 30745
+type: added
diff --git a/db/migrate/20190715140740_add_event_type_to_design_management_designs_versions.rb b/db/migrate/20190715140740_add_event_type_to_design_management_designs_versions.rb
new file mode 100644
index 00000000000..81a8b0a3271
--- /dev/null
+++ b/db/migrate/20190715140740_add_event_type_to_design_management_designs_versions.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+# This migration sets up a event enum on the DesignsVersions join table
+class AddEventTypeToDesignManagementDesignsVersions < ActiveRecord::Migration[5.2]
+  include Gitlab::Database::MigrationHelpers
+
+  # Set this constant to true if this migration requires downtime.
+  DOWNTIME = false
+
+  # We disable these cops here because adding this column is safe. The table does not
+  # have any data in it.
+  # rubocop: disable Migration/AddIndex
+  # rubocop: disable Migration/AddColumn
+  def up
+    add_column(:design_management_designs_versions, :event, :integer,
+               limit: 2,
+               null: false,
+               default: 0)
+    add_index(:design_management_designs_versions, :event)
+  end
+
+  # rubocop: disable Migration/RemoveIndex
+  def down
+    remove_index(:design_management_designs_versions, :event)
+    remove_column(:design_management_designs_versions, :event)
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 430fdd8f708..5c860c7dfc9 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1097,8 +1097,10 @@ ActiveRecord::Schema.define(version: 2019_07_15_142138) do
   create_table "design_management_designs_versions", id: false, force: :cascade do |t|
     t.bigint "design_id", null: false
     t.bigint "version_id", null: false
+    t.integer "event", limit: 2, default: 0, null: false
     t.index ["design_id", "version_id"], name: "design_management_designs_versions_uniqueness", unique: true
     t.index ["design_id"], name: "index_design_management_designs_versions_on_design_id"
+    t.index ["event"], name: "index_design_management_designs_versions_on_event"
     t.index ["version_id"], name: "index_design_management_designs_versions_on_version_id"
   end
 
-- 
cgit v1.2.1


From 6587d1270305e087e2b0d981a88dc7c0a0cc0621 Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Wed, 24 Jul 2019 15:18:48 -0500
Subject: CE-EE parity for interpret_service_spec

---
 spec/services/quick_actions/interpret_service_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/services/quick_actions/interpret_service_spec.rb b/spec/services/quick_actions/interpret_service_spec.rb
index 95a131e8c86..71c4c3ad0d7 100644
--- a/spec/services/quick_actions/interpret_service_spec.rb
+++ b/spec/services/quick_actions/interpret_service_spec.rb
@@ -574,7 +574,7 @@ describe QuickActions::InterpretService do
 
       context 'Issue' do
         it 'populates assignee_ids: [] if content contains /unassign' do
-          issue.update(assignee_ids: [developer.id])
+          issue.update!(assignee_ids: [developer.id])
           _, updates = service.execute(content, issue)
 
           expect(updates).to eq(assignee_ids: [])
@@ -583,7 +583,7 @@ describe QuickActions::InterpretService do
 
       context 'Merge Request' do
         it 'populates assignee_ids: [] if content contains /unassign' do
-          merge_request.update(assignee_ids: [developer.id])
+          merge_request.update!(assignee_ids: [developer.id])
           _, updates = service.execute(content, merge_request)
 
           expect(updates).to eq(assignee_ids: [])
-- 
cgit v1.2.1


From 1dc2a2f689f963b932b9714ac5299c268e872b9c Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Wed, 24 Jul 2019 15:19:23 -0500
Subject: CE-EE parity for spec/views

---
 .../projects/merge_requests/creations/_new_submit.html.haml_spec.rb      | 1 +
 spec/views/projects/merge_requests/edit.html.haml_spec.rb                | 1 +
 2 files changed, 2 insertions(+)

diff --git a/spec/views/projects/merge_requests/creations/_new_submit.html.haml_spec.rb b/spec/views/projects/merge_requests/creations/_new_submit.html.haml_spec.rb
index 0206928a211..88c4b52b3a6 100644
--- a/spec/views/projects/merge_requests/creations/_new_submit.html.haml_spec.rb
+++ b/spec/views/projects/merge_requests/creations/_new_submit.html.haml_spec.rb
@@ -12,6 +12,7 @@ describe 'projects/merge_requests/creations/_new_submit.html.haml' do
     assign(:hidden_commit_count, 0)
     assign(:total_commit_count, merge_request.commits.count)
     assign(:project, merge_request.target_project)
+    assign(:target_project, merge_request.target_project)
     assign(:mr_presenter, merge_request.present(current_user: merge_request.author))
 
     allow(view).to receive(:can?).and_return(true)
diff --git a/spec/views/projects/merge_requests/edit.html.haml_spec.rb b/spec/views/projects/merge_requests/edit.html.haml_spec.rb
index 529afa03f9c..0a3a46210ed 100644
--- a/spec/views/projects/merge_requests/edit.html.haml_spec.rb
+++ b/spec/views/projects/merge_requests/edit.html.haml_spec.rb
@@ -23,6 +23,7 @@ describe 'projects/merge_requests/edit.html.haml' do
 
   before do
     assign(:project, project)
+    assign(:target_project, project)
     assign(:merge_request, closed_merge_request)
     assign(:mr_presenter, closed_merge_request.present(current_user: user))
 
-- 
cgit v1.2.1


From bfe1df68ac744cd9ca3a148e471585d537e24e2e Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Wed, 24 Jul 2019 15:26:44 -0500
Subject: Copy dashboard fixture schema from EE

---
 spec/fixtures/lib/gitlab/metrics/dashboard/schemas/dashboard.json | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/spec/fixtures/lib/gitlab/metrics/dashboard/schemas/dashboard.json b/spec/fixtures/lib/gitlab/metrics/dashboard/schemas/dashboard.json
index 1ee1205e29a..5d779a323c2 100644
--- a/spec/fixtures/lib/gitlab/metrics/dashboard/schemas/dashboard.json
+++ b/spec/fixtures/lib/gitlab/metrics/dashboard/schemas/dashboard.json
@@ -1,6 +1,10 @@
 {
   "type": "object",
-  "required": ["dashboard", "priority", "panel_groups"],
+  "required": [
+    "dashboard",
+    "priority",
+    "panel_groups"
+  ],
   "properties": {
     "dashboard": { "type": "string" },
     "priority": { "type": "number" },
-- 
cgit v1.2.1


From d85c3f35fa80e7df2e345a35b5ebf82bbcb03b6e Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Wed, 24 Jul 2019 15:27:31 -0500
Subject: Copy private_access_spec from EE

---
 spec/features/security/project/private_access_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/features/security/project/private_access_spec.rb b/spec/features/security/project/private_access_spec.rb
index f380bc122a7..65dbae1c674 100644
--- a/spec/features/security/project/private_access_spec.rb
+++ b/spec/features/security/project/private_access_spec.rb
@@ -126,7 +126,7 @@ describe "Private Project Access" do
 
   describe "GET /:project_path/blob" do
     let(:commit) { project.repository.commit }
-    subject { project_blob_path(project, File.join(commit.id, '.gitignore'))}
+    subject { project_blob_path(project, File.join(commit.id, '.gitignore')) }
 
     it { is_expected.to be_allowed_for(:admin) }
     it { is_expected.to be_allowed_for(:owner).of(project) }
-- 
cgit v1.2.1


From 07a308ad1b3e4ac1c6a3d81a60dac5c4254281b9 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Wed, 24 Jul 2019 14:08:25 -0700
Subject: Enable Rubocop Performance/ReverseEach

`Array.reverse_each` is faster than `Array.reverse.each` because:

* reverse.each creates a new array then loops each element
* reverse_each loops in reverse order (no intermediate array created)
---
 .rubocop_todo.yml                                                 | 8 --------
 app/models/commit.rb                                              | 2 +-
 .../20190222051615_add_indexes_for_merge_request_diffs_query.rb   | 2 +-
 lib/gitlab/profiler.rb                                            | 2 +-
 4 files changed, 3 insertions(+), 11 deletions(-)

diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml
index 72de4f0b2aa..3898206e3b5 100644
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@@ -262,14 +262,6 @@ Naming/HeredocDelimiterNaming:
 Naming/RescuedExceptionsVariableName:
   Enabled: false
 
-# Offense count: 3
-# Cop supports --auto-correct.
-Performance/ReverseEach:
-  Exclude:
-    - 'app/models/commit.rb'
-    - 'db/migrate/20190222051615_add_indexes_for_merge_request_diffs_query.rb'
-    - 'lib/gitlab/profiler.rb'
-
 # Offense count: 7081
 # Configuration parameters: Prefixes.
 # Prefixes: when, with, without
diff --git a/app/models/commit.rb b/app/models/commit.rb
index be37fa2e76f..0889ce7e287 100644
--- a/app/models/commit.rb
+++ b/app/models/commit.rb
@@ -346,7 +346,7 @@ class Commit
       if commits_in_merge_request.present?
         message_body << ""
 
-        commits_in_merge_request.reverse.each do |commit_in_merge|
+        commits_in_merge_request.reverse_each do |commit_in_merge|
           message_body << "#{commit_in_merge.short_id} #{commit_in_merge.title}"
         end
       end
diff --git a/db/migrate/20190222051615_add_indexes_for_merge_request_diffs_query.rb b/db/migrate/20190222051615_add_indexes_for_merge_request_diffs_query.rb
index 0048268ca6f..bf7f7b44dec 100644
--- a/db/migrate/20190222051615_add_indexes_for_merge_request_diffs_query.rb
+++ b/db/migrate/20190222051615_add_indexes_for_merge_request_diffs_query.rb
@@ -35,7 +35,7 @@ class AddIndexesForMergeRequestDiffsQuery < ActiveRecord::Migration[5.0]
   end
 
   def down
-    INDEX_SPECS.reverse.each do |spec|
+    INDEX_SPECS.reverse_each do |spec|
       remove_concurrent_index(*spec)
     end
   end
diff --git a/lib/gitlab/profiler.rb b/lib/gitlab/profiler.rb
index 890228e5e78..615c0ec374c 100644
--- a/lib/gitlab/profiler.rb
+++ b/lib/gitlab/profiler.rb
@@ -166,7 +166,7 @@ module Gitlab
         [model, times.count, times.sum]
       end
 
-      summarised_load_times.sort_by(&:last).reverse.each do |(model, query_count, time)|
+      summarised_load_times.sort_by(&:last).reverse_each do |(model, query_count, time)|
         logger.info("#{model} total (#{query_count}): #{time.round(2)}ms")
       end
     end
-- 
cgit v1.2.1


From ff209f73a00a2415b182b8eb55401a7313939d8a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Lu=C3=ADs?= <me@andr3.net>
Date: Wed, 24 Jul 2019 21:27:01 +0000
Subject: Fix tags page layout

---
 app/views/projects/tags/show.html.haml               | 2 +-
 changelogs/unreleased/64763-fix-tags-page-layout.yml | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/64763-fix-tags-page-layout.yml

diff --git a/app/views/projects/tags/show.html.haml b/app/views/projects/tags/show.html.haml
index 02f6ef02843..78cce58938e 100644
--- a/app/views/projects/tags/show.html.haml
+++ b/app/views/projects/tags/show.html.haml
@@ -4,7 +4,7 @@
 - page_title @tag.name, s_('TagsPage|Tags')
 
 %div{ class: container_class }
-  .top-area.multi-line
+  .top-area.multi-line.flex-wrap
     .nav-text
       .title
         %span.item-title.ref-name
diff --git a/changelogs/unreleased/64763-fix-tags-page-layout.yml b/changelogs/unreleased/64763-fix-tags-page-layout.yml
new file mode 100644
index 00000000000..db6b1f31506
--- /dev/null
+++ b/changelogs/unreleased/64763-fix-tags-page-layout.yml
@@ -0,0 +1,5 @@
+---
+title: Fix tag page layout
+merge_request:
+author:
+type: fixed
-- 
cgit v1.2.1


From 2246bb7d22498565d77c4b8fa05f50b27db09ec8 Mon Sep 17 00:00:00 2001
From: Marc Schwede <git@schwedenmut.de>
Date: Wed, 24 Jul 2019 21:28:26 +0000
Subject: Changed `author_avatar` to inline-block class

Fixes #64746
---
 app/helpers/avatars_helper.rb                                        | 2 +-
 ...-authors-avatar-sretched-in-commit-view-if-no-image-is-loaded.yml | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/64746-Commit-authors-avatar-sretched-in-commit-view-if-no-image-is-loaded.yml

diff --git a/app/helpers/avatars_helper.rb b/app/helpers/avatars_helper.rb
index 5906ddabee4..81ff359556d 100644
--- a/app/helpers/avatars_helper.rb
+++ b/app/helpers/avatars_helper.rb
@@ -52,7 +52,7 @@ module AvatarsHelper
       user: commit_or_event.author,
       user_name: commit_or_event.author_name,
       user_email: commit_or_event.author_email,
-      css_class: 'd-none d-sm-inline'
+      css_class: 'd-none d-sm-inline-block'
     }))
   end
 
diff --git a/changelogs/unreleased/64746-Commit-authors-avatar-sretched-in-commit-view-if-no-image-is-loaded.yml b/changelogs/unreleased/64746-Commit-authors-avatar-sretched-in-commit-view-if-no-image-is-loaded.yml
new file mode 100644
index 00000000000..fb0f4cedc62
--- /dev/null
+++ b/changelogs/unreleased/64746-Commit-authors-avatar-sretched-in-commit-view-if-no-image-is-loaded.yml
@@ -0,0 +1,5 @@
+---
+title: Fixed distorted avatars when resource not reachable
+merge_request: 30904
+author: Marc Schwede
+type: other
-- 
cgit v1.2.1


From 9aa75af34ee5a55d50ca9876269f2c1b4f12b003 Mon Sep 17 00:00:00 2001
From: Alex Kalderimis <alex.kalderimis@gmail.com>
Date: Wed, 24 Jul 2019 18:39:30 -0400
Subject: Fix incorrect use of message interpolation

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/65088
---
 app/views/shared/projects/_project.html.haml                |  4 +++-
 ...8-incorrect-message-interpolation-on-project-listing.yml |  5 +++++
 .../users/user_browses_projects_on_user_page_spec.rb        | 13 +++++++++++++
 3 files changed, 21 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/65088-incorrect-message-interpolation-on-project-listing.yml

diff --git a/app/views/shared/projects/_project.html.haml b/app/views/shared/projects/_project.html.haml
index c4d1bdad2c4..f40a9cffb29 100644
--- a/app/views/shared/projects/_project.html.haml
+++ b/app/views/shared/projects/_project.html.haml
@@ -89,4 +89,6 @@
             %span.icon-wrapper.pipeline-status
               = render 'ci/status/icon', status: project.commit.last_pipeline.detailed_status(current_user), type: 'commit', tooltip_placement: 'top', path: pipeline_path
         .updated-note
-          %span #{_('Updated')} #{updated_tooltip}
+          %span
+            = _('Updated')
+            = updated_tooltip
diff --git a/changelogs/unreleased/65088-incorrect-message-interpolation-on-project-listing.yml b/changelogs/unreleased/65088-incorrect-message-interpolation-on-project-listing.yml
new file mode 100644
index 00000000000..dd74b8443bc
--- /dev/null
+++ b/changelogs/unreleased/65088-incorrect-message-interpolation-on-project-listing.yml
@@ -0,0 +1,5 @@
+---
+title: Fix incorrect use of message interpolation
+merge_request: 31121
+author:
+type: fixed
diff --git a/spec/features/users/user_browses_projects_on_user_page_spec.rb b/spec/features/users/user_browses_projects_on_user_page_spec.rb
index 6a9b281fb4c..5768f42c888 100644
--- a/spec/features/users/user_browses_projects_on_user_page_spec.rb
+++ b/spec/features/users/user_browses_projects_on_user_page_spec.rb
@@ -53,6 +53,19 @@ describe 'Users > User browses projects on user page', :js do
     expect(page).to have_content(project2.name)
   end
 
+  it 'does not have incorrectly interpolated message', :js do
+    project = create(:project, namespace: user.namespace, updated_at: 2.minutes.since)
+
+    sign_in(user)
+    visit user_path(user)
+    click_nav_link('Personal projects')
+
+    wait_for_requests
+
+    expect(page).to have_content(project.name)
+    expect(page).not_to have_content("_('Updated')")
+  end
+
   context 'when not signed in' do
     it 'renders user public project' do
       visit user_path(user)
-- 
cgit v1.2.1


From 4da0aa973f279b41bd0540a4057f9f5a76b21994 Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Wed, 24 Jul 2019 23:33:19 +0000
Subject: Add whitespace back to markdown doc

---
 doc/user/markdown.md | 62 ++++++++++++++++++++++++++++------------------------
 1 file changed, 34 insertions(+), 28 deletions(-)

diff --git a/doc/user/markdown.md b/doc/user/markdown.md
index 37f3f21f539..b533a4f60b8 100644
--- a/doc/user/markdown.md
+++ b/doc/user/markdown.md
@@ -136,26 +136,26 @@ Supported formats (named colors are not supported):
 Color written inside backticks will be followed by a color "chip":
 
 ```markdown
-`#F00`
-`#F00A`
-`#FF0000`
-`#FF0000AA`
-`RGB(0,255,0)`
-`RGB(0%,100%,0%)`
-`RGBA(0,255,0,0.3)`
-`HSL(540,70%,50%)`
-`HSLA(540,70%,50%,0.3)`
-```
-
-`#F00`
-`#F00A`
-`#FF0000`
-`#FF0000AA`
-`RGB(0,255,0)`
-`RGB(0%,100%,0%)`
-`RGBA(0,255,0,0.3)`
-`HSL(540,70%,50%)`
-`HSLA(540,70%,50%,0.3)`
+`#F00`  
+`#F00A`  
+`#FF0000`  
+`#FF0000AA`  
+`RGB(0,255,0)`  
+`RGB(0%,100%,0%)`  
+`RGBA(0,255,0,0.3)`  
+`HSL(540,70%,50%)`  
+`HSLA(540,70%,50%,0.3)`  
+```
+
+`#F00`  
+`#F00A`  
+`#FF0000`  
+`#FF0000AA`  
+`RGB(0,255,0)`  
+`RGB(0%,100%,0%)`  
+`RGBA(0,255,0,0.3)`  
+`HSL(540,70%,50%)`  
+`HSLA(540,70%,50%,0.3)`  
 
 ### Diagrams and flowcharts using Mermaid
 
@@ -397,6 +397,7 @@ unordered or ordered lists:
   - [ ] Sub-task 1
   - [x] Sub-task 2
   - [ ] Sub-task 3
+
 1. [x] Completed task
 1. [ ] Incomplete task
    1. [ ] Sub-task 1
@@ -408,6 +409,7 @@ unordered or ordered lists:
   - [ ] Sub-task 1
   - [x] Sub-task 2
   - [ ] Sub-task 3
+
 1. [x] Completed task
 1. [ ] Incomplete task
    1. [ ] Sub-task 1
@@ -976,7 +978,7 @@ after the `</summary>` tag and before the `</details>` tag, as shown in the exam
 
 These details _will_ remain **hidden** until expanded.
 
-    PASTE LOGS HERE
+PASTE LOGS HERE
 
 </details>
 ```
@@ -988,7 +990,7 @@ These details _will_ remain **hidden** until expanded.
 
 These details <em>will</em> remain <b>hidden</b> until expanded.
 
-    PASTE LOGS HERE
+PASTE LOGS HERE
 
 </details>
 
@@ -1135,13 +1137,13 @@ GFM will autolink almost any URL you put into your text:
 ### Lists
 
 Ordered and unordered lists can be easily created. Add the number you want the list
-to start with, like `1. ` (with a space) at the start of each line for ordered lists.
+to start with, like `1.`, followed by a space, at the start of each line for ordered lists.
 After the first number, it does not matter what number you use, ordered lists will be
-numbered automatically by vertical order, so repeating `1. ` for all items in the
-same list is common. If you start with a number other than `1. `, it will use that as the first
+numbered automatically by vertical order, so repeating `1.` for all items in the
+same list is common. If you start with a number other than `1.`, it will use that as the first
 number, and count up from there.
 
-Add a `* `, `- ` or `+ ` (with a space) at the start of each line for unordered lists, but
+Add a `*`, `-` or `+`, followed by a space, at the start of each line for unordered lists, but
 you should not use a mix of them.
 
 Examples:
@@ -1156,7 +1158,9 @@ Examples:
 4. And another item.
 
 * Unordered lists can use asterisks
+
 - Or minuses
+
 + Or pluses
 ```
 
@@ -1170,9 +1174,11 @@ Examples:
    1. Next ordered sub-list item
 1. And another item.
 
-* Unordered lists can use asterisks
+- Unordered lists can use asterisks
+
 - Or minuses
-+ Or pluses
+
+- Or pluses
 
 ---
 
-- 
cgit v1.2.1


From b297cdcbdfa290e04acffe4a8ac272309b00b5f4 Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Fri, 5 Jul 2019 23:54:15 +1200
Subject: Extract deploy functions in a base image

https://gitlab.com/gitlab-org/cluster-integration/auto-deploy-image
---
 .../extract_auto_deploy_into_base_image.yml        |   5 +
 lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml  |   3 -
 lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml  | 421 +++------------------
 3 files changed, 53 insertions(+), 376 deletions(-)
 create mode 100644 changelogs/unreleased/extract_auto_deploy_into_base_image.yml

diff --git a/changelogs/unreleased/extract_auto_deploy_into_base_image.yml b/changelogs/unreleased/extract_auto_deploy_into_base_image.yml
new file mode 100644
index 00000000000..ff0d1f3bd71
--- /dev/null
+++ b/changelogs/unreleased/extract_auto_deploy_into_base_image.yml
@@ -0,0 +1,5 @@
+---
+title: Extract Auto DevOps deploy functions into a base image
+merge_request: 30404
+author:
+type: changed
diff --git a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
index 7b9a169a91f..5c1c0c142e5 100644
--- a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
@@ -50,9 +50,6 @@ variables:
   POSTGRES_DB: $CI_ENVIRONMENT_SLUG
   POSTGRES_VERSION: 9.6.2
 
-  KUBERNETES_VERSION: 1.11.10
-  HELM_VERSION: 2.14.0
-
   DOCKER_DRIVER: overlay2
 
   ROLLOUT_RESOURCE_TYPE: deployment
diff --git a/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml b/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml
index 6ead127e7b6..a8ec2d4781d 100644
--- a/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml
@@ -1,14 +1,17 @@
+.auto-deploy:
+  image: "registry.gitlab.com/gitlab-org/cluster-integration/auto-deploy-image:v0.1.0"
+
 review:
+  extends: .auto-deploy
   stage: review
   script:
-    - check_kube_domain
-    - install_dependencies
-    - download_chart
-    - ensure_namespace
-    - initialize_tiller
-    - create_secret
-    - deploy
-    - persist_environment_url
+    - auto-deploy check_kube_domain
+    - auto-deploy download_chart
+    - auto-deploy ensure_namespace
+    - auto-deploy initialize_tiller
+    - auto-deploy create_secret
+    - auto-deploy deploy
+    - auto-deploy persist_environment_url
   environment:
     name: review/$CI_COMMIT_REF_NAME
     url: http://$CI_PROJECT_ID-$CI_ENVIRONMENT_SLUG.$KUBE_INGRESS_BASE_DOMAIN
@@ -27,13 +30,13 @@ review:
       - $REVIEW_DISABLED
 
 stop_review:
+  extends: .auto-deploy
   stage: cleanup
   variables:
     GIT_STRATEGY: none
   script:
-    - install_dependencies
-    - initialize_tiller
-    - delete
+    - auto-deploy initialize_tiller
+    - auto-deploy delete
   environment:
     name: review/$CI_COMMIT_REF_NAME
     action: stop
@@ -57,15 +60,15 @@ stop_review:
 # STAGING_ENABLED.
 
 staging:
+  extends: .auto-deploy
   stage: staging
   script:
-    - check_kube_domain
-    - install_dependencies
-    - download_chart
-    - ensure_namespace
-    - initialize_tiller
-    - create_secret
-    - deploy
+    - auto-deploy check_kube_domain
+    - auto-deploy download_chart
+    - auto-deploy ensure_namespace
+    - auto-deploy initialize_tiller
+    - auto-deploy create_secret
+    - auto-deploy deploy
   environment:
     name: staging
     url: http://$CI_PROJECT_PATH_SLUG-staging.$KUBE_INGRESS_BASE_DOMAIN
@@ -81,15 +84,15 @@ staging:
 # CANARY_ENABLED.
 
 canary:
+  extends: .auto-deploy
   stage: canary
   script:
-    - check_kube_domain
-    - install_dependencies
-    - download_chart
-    - ensure_namespace
-    - initialize_tiller
-    - create_secret
-    - deploy canary
+    - auto-deploy check_kube_domain
+    - auto-deploy download_chart
+    - auto-deploy ensure_namespace
+    - auto-deploy initialize_tiller
+    - auto-deploy create_secret
+    - auto-deploy deploy canary
   environment:
     name: production
     url: http://$CI_PROJECT_PATH_SLUG.$KUBE_INGRESS_BASE_DOMAIN
@@ -102,18 +105,18 @@ canary:
       - $CANARY_ENABLED
 
 .production: &production_template
+  extends: .auto-deploy
   stage: production
   script:
-    - check_kube_domain
-    - install_dependencies
-    - download_chart
-    - ensure_namespace
-    - initialize_tiller
-    - create_secret
-    - deploy
-    - delete canary
-    - delete rollout
-    - persist_environment_url
+    - auto-deploy check_kube_domain
+    - auto-deploy download_chart
+    - auto-deploy ensure_namespace
+    - auto-deploy initialize_tiller
+    - auto-deploy create_secret
+    - auto-deploy deploy
+    - auto-deploy delete canary
+    - auto-deploy delete rollout
+    - auto-deploy persist_environment_url
   environment:
     name: production
     url: http://$CI_PROJECT_PATH_SLUG.$KUBE_INGRESS_BASE_DOMAIN
@@ -152,17 +155,17 @@ production_manual:
 # This job implements incremental rollout on for every push to `master`.
 
 .rollout: &rollout_template
+  extends: .auto-deploy
   script:
-    - check_kube_domain
-    - install_dependencies
-    - download_chart
-    - ensure_namespace
-    - initialize_tiller
-    - create_secret
-    - deploy rollout $ROLLOUT_PERCENTAGE
-    - scale stable $((100-ROLLOUT_PERCENTAGE))
-    - delete canary
-    - persist_environment_url
+    - auto-deploy check_kube_domain
+    - auto-deploy download_chart
+    - auto-deploy ensure_namespace
+    - auto-deploy initialize_tiller
+    - auto-deploy create_secret
+    - auto-deploy deploy rollout $ROLLOUT_PERCENTAGE
+    - auto-deploy scale stable $((100-ROLLOUT_PERCENTAGE))
+    - auto-deploy delete canary
+    - auto-deploy persist_environment_url
   environment:
     name: production
     url: http://$CI_PROJECT_PATH_SLUG.$KUBE_INGRESS_BASE_DOMAIN
@@ -240,331 +243,3 @@ rollout 100%:
   <<: *manual_rollout_template
   <<: *production_template
   allow_failure: false
-
-.deploy_helpers: &deploy_helpers |
-  [[ "$TRACE" ]] && set -x
-  export RELEASE_NAME=${HELM_RELEASE_NAME:-$CI_ENVIRONMENT_SLUG}
-  auto_database_url=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${RELEASE_NAME}-postgres:5432/${POSTGRES_DB}
-  export DATABASE_URL=${DATABASE_URL-$auto_database_url}
-  export TILLER_NAMESPACE=$KUBE_NAMESPACE
-
-  function get_replicas() {
-    track="${1:-stable}"
-    percentage="${2:-100}"
-
-    env_track=$( echo $track | tr -s  '[:lower:]'  '[:upper:]' )
-    env_slug=$( echo ${CI_ENVIRONMENT_SLUG//-/_} | tr -s  '[:lower:]'  '[:upper:]' )
-
-    if [[ "$track" == "stable" ]] || [[ "$track" == "rollout" ]]; then
-      # for stable track get number of replicas from `PRODUCTION_REPLICAS`
-      eval new_replicas=\$${env_slug}_REPLICAS
-      if [[ -z "$new_replicas" ]]; then
-        new_replicas=$REPLICAS
-      fi
-    else
-      # for all tracks get number of replicas from `CANARY_PRODUCTION_REPLICAS`
-      eval new_replicas=\$${env_track}_${env_slug}_REPLICAS
-      if [[ -z "$new_replicas" ]]; then
-        eval new_replicas=\${env_track}_REPLICAS
-      fi
-    fi
-
-    replicas="${new_replicas:-1}"
-    replicas="$(($replicas * $percentage / 100))"
-
-    # always return at least one replicas
-    if [[ $replicas -gt 0 ]]; then
-      echo "$replicas"
-    else
-      echo 1
-    fi
-  }
-
-  # Extracts variables prefixed with K8S_SECRET_
-  # and creates a Kubernetes secret.
-  #
-  # e.g. If we have the following environment variables:
-  #   K8S_SECRET_A=value1
-  #   K8S_SECRET_B=multi\ word\ value
-  #
-  # Then we will create a secret with the following key-value pairs:
-  #   data:
-  #     A: dmFsdWUxCg==
-  #     B: bXVsdGkgd29yZCB2YWx1ZQo=
-  function create_application_secret() {
-    track="${1-stable}"
-    export APPLICATION_SECRET_NAME=$(application_secret_name "$track")
-
-    env | sed -n "s/^K8S_SECRET_\(.*\)$/\1/p" > k8s_prefixed_variables
-
-    kubectl create secret \
-      -n "$KUBE_NAMESPACE" generic "$APPLICATION_SECRET_NAME" \
-      --from-env-file k8s_prefixed_variables -o yaml --dry-run |
-      kubectl replace -n "$KUBE_NAMESPACE" --force -f -
-
-    export APPLICATION_SECRET_CHECKSUM=$(cat k8s_prefixed_variables | sha256sum | cut -d ' ' -f 1)
-
-    rm k8s_prefixed_variables
-  }
-
-  function deploy_name() {
-    name="$RELEASE_NAME"
-    track="${1-stable}"
-
-    if [[ "$track" != "stable" ]]; then
-      name="$name-$track"
-    fi
-
-    echo $name
-  }
-
-  function application_secret_name() {
-    track="${1-stable}"
-    name=$(deploy_name "$track")
-
-    echo "${name}-secret"
-  }
-
-  function deploy() {
-    track="${1-stable}"
-    percentage="${2:-100}"
-    name=$(deploy_name "$track")
-
-    if [[ -z "$CI_COMMIT_TAG" ]]; then
-      image_repository=${CI_APPLICATION_REPOSITORY:-$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG}
-      image_tag=${CI_APPLICATION_TAG:-$CI_COMMIT_SHA}
-    else
-      image_repository=${CI_APPLICATION_REPOSITORY:-$CI_REGISTRY_IMAGE}
-      image_tag=${CI_APPLICATION_TAG:-$CI_COMMIT_TAG}
-    fi
-
-    service_enabled="true"
-    postgres_enabled="$POSTGRES_ENABLED"
-
-    # if track is different than stable,
-    # re-use all attached resources
-    if [[ "$track" != "stable" ]]; then
-      service_enabled="false"
-      postgres_enabled="false"
-    fi
-
-    replicas=$(get_replicas "$track" "$percentage")
-
-    if [[ "$CI_PROJECT_VISIBILITY" != "public" ]]; then
-      secret_name='gitlab-registry'
-    else
-      secret_name=''
-    fi
-
-    create_application_secret "$track"
-
-    env_slug=$(echo ${CI_ENVIRONMENT_SLUG//-/_} | tr -s '[:lower:]' '[:upper:]')
-    eval env_ADDITIONAL_HOSTS=\$${env_slug}_ADDITIONAL_HOSTS
-    if [ -n "$env_ADDITIONAL_HOSTS" ]; then
-      additional_hosts="{$env_ADDITIONAL_HOSTS}"
-    elif [ -n "$ADDITIONAL_HOSTS" ]; then
-      additional_hosts="{$ADDITIONAL_HOSTS}"
-    fi
-
-    if [[ -n "$DB_INITIALIZE" && -z "$(helm ls -q "^$name$")" ]]; then
-      echo "Deploying first release with database initialization..."
-      helm upgrade --install \
-        --wait \
-        --set service.enabled="$service_enabled" \
-        --set gitlab.app="$CI_PROJECT_PATH_SLUG" \
-        --set gitlab.env="$CI_ENVIRONMENT_SLUG" \
-        --set releaseOverride="$RELEASE_NAME" \
-        --set image.repository="$image_repository" \
-        --set image.tag="$image_tag" \
-        --set image.pullPolicy=IfNotPresent \
-        --set image.secrets[0].name="$secret_name" \
-        --set application.track="$track" \
-        --set application.database_url="$DATABASE_URL" \
-        --set application.secretName="$APPLICATION_SECRET_NAME" \
-        --set application.secretChecksum="$APPLICATION_SECRET_CHECKSUM" \
-        --set service.commonName="le-$CI_PROJECT_ID.$KUBE_INGRESS_BASE_DOMAIN" \
-        --set service.url="$CI_ENVIRONMENT_URL" \
-        --set service.additionalHosts="$additional_hosts" \
-        --set replicaCount="$replicas" \
-        --set postgresql.enabled="$postgres_enabled" \
-        --set postgresql.nameOverride="postgres" \
-        --set postgresql.postgresUser="$POSTGRES_USER" \
-        --set postgresql.postgresPassword="$POSTGRES_PASSWORD" \
-        --set postgresql.postgresDatabase="$POSTGRES_DB" \
-        --set postgresql.imageTag="$POSTGRES_VERSION" \
-        --set application.initializeCommand="$DB_INITIALIZE" \
-        $HELM_UPGRADE_EXTRA_ARGS \
-        --namespace="$KUBE_NAMESPACE" \
-        "$name" \
-        chart/
-
-      echo "Deploying second release..."
-      helm upgrade --reuse-values \
-        --wait \
-        --set application.initializeCommand="" \
-        --set application.migrateCommand="$DB_MIGRATE" \
-        $HELM_UPGRADE_EXTRA_ARGS \
-        --namespace="$KUBE_NAMESPACE" \
-        "$name" \
-        chart/
-    else
-      echo "Deploying new release..."
-      helm upgrade --install \
-        --wait \
-        --set service.enabled="$service_enabled" \
-        --set gitlab.app="$CI_PROJECT_PATH_SLUG" \
-        --set gitlab.env="$CI_ENVIRONMENT_SLUG" \
-        --set releaseOverride="$RELEASE_NAME" \
-        --set image.repository="$image_repository" \
-        --set image.tag="$image_tag" \
-        --set image.pullPolicy=IfNotPresent \
-        --set image.secrets[0].name="$secret_name" \
-        --set application.track="$track" \
-        --set application.database_url="$DATABASE_URL" \
-        --set application.secretName="$APPLICATION_SECRET_NAME" \
-        --set application.secretChecksum="$APPLICATION_SECRET_CHECKSUM" \
-        --set service.commonName="le-$CI_PROJECT_ID.$KUBE_INGRESS_BASE_DOMAIN" \
-        --set service.url="$CI_ENVIRONMENT_URL" \
-        --set service.additionalHosts="$additional_hosts" \
-        --set replicaCount="$replicas" \
-        --set postgresql.enabled="$postgres_enabled" \
-        --set postgresql.nameOverride="postgres" \
-        --set postgresql.postgresUser="$POSTGRES_USER" \
-        --set postgresql.postgresPassword="$POSTGRES_PASSWORD" \
-        --set postgresql.postgresDatabase="$POSTGRES_DB" \
-        --set postgresql.imageTag="$POSTGRES_VERSION" \
-        --set application.migrateCommand="$DB_MIGRATE" \
-        $HELM_UPGRADE_EXTRA_ARGS \
-        --namespace="$KUBE_NAMESPACE" \
-        "$name" \
-        chart/
-    fi
-
-    if [[ -z "$ROLLOUT_STATUS_DISABLED" ]]; then
-      kubectl rollout status -n "$KUBE_NAMESPACE" -w "$ROLLOUT_RESOURCE_TYPE/$name"
-    fi
-  }
-
-  function scale() {
-    track="${1-stable}"
-    percentage="${2-100}"
-    name=$(deploy_name "$track")
-
-    replicas=$(get_replicas "$track" "$percentage")
-
-    if [[ -n "$(helm ls -q "^$name$")" ]]; then
-      helm upgrade --reuse-values \
-        --wait \
-        --set replicaCount="$replicas" \
-        --namespace="$KUBE_NAMESPACE" \
-        "$name" \
-        chart/
-    fi
-  }
-
-  function install_dependencies() {
-    apk add -U openssl curl tar gzip bash ca-certificates git
-    curl -sSL -o /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub
-    curl -sSL -O https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.28-r0/glibc-2.28-r0.apk
-    apk add glibc-2.28-r0.apk
-    rm glibc-2.28-r0.apk
-
-    curl -sS "https://kubernetes-helm.storage.googleapis.com/helm-v${HELM_VERSION}-linux-amd64.tar.gz" | tar zx
-    mv linux-amd64/helm /usr/bin/
-    mv linux-amd64/tiller /usr/bin/
-    helm version --client
-    tiller -version
-
-    curl -sSL -o /usr/bin/kubectl "https://storage.googleapis.com/kubernetes-release/release/v${KUBERNETES_VERSION}/bin/linux/amd64/kubectl"
-    chmod +x /usr/bin/kubectl
-    kubectl version --client
-  }
-
-  function download_chart() {
-    if [[ ! -d chart ]]; then
-      auto_chart=${AUTO_DEVOPS_CHART:-gitlab/auto-deploy-app}
-      auto_chart_name=$(basename $auto_chart)
-      auto_chart_name=${auto_chart_name%.tgz}
-      auto_chart_name=${auto_chart_name%.tar.gz}
-    else
-      auto_chart="chart"
-      auto_chart_name="chart"
-    fi
-
-    helm init --client-only
-    helm repo add ${AUTO_DEVOPS_CHART_REPOSITORY_NAME:-gitlab} ${AUTO_DEVOPS_CHART_REPOSITORY:-https://charts.gitlab.io} ${AUTO_DEVOPS_CHART_REPOSITORY_USERNAME:+"--username" "$AUTO_DEVOPS_CHART_REPOSITORY_USERNAME"} ${AUTO_DEVOPS_CHART_REPOSITORY_PASSWORD:+"--password" "$AUTO_DEVOPS_CHART_REPOSITORY_PASSWORD"}
-    if [[ ! -d "$auto_chart" ]]; then
-      helm fetch ${auto_chart} --untar
-    fi
-    if [ "$auto_chart_name" != "chart" ]; then
-      mv ${auto_chart_name} chart
-    fi
-
-    helm dependency update chart/
-    helm dependency build chart/
-  }
-
-  function ensure_namespace() {
-    kubectl get namespace "$KUBE_NAMESPACE" || kubectl create namespace "$KUBE_NAMESPACE"
-  }
-
-  function check_kube_domain() {
-    if [[ -z "$KUBE_INGRESS_BASE_DOMAIN" ]]; then
-      echo "In order to deploy or use Review Apps,"
-      echo "KUBE_INGRESS_BASE_DOMAIN variables must be set"
-      echo "From 11.8, you can set KUBE_INGRESS_BASE_DOMAIN in cluster settings"
-      echo "or by defining a variable at group or project level."
-      echo "You can also manually add it in .gitlab-ci.yml"
-      false
-    else
-      true
-    fi
-  }
-
-  function initialize_tiller() {
-    echo "Checking Tiller..."
-
-    export HELM_HOST="localhost:44134"
-    tiller -listen ${HELM_HOST} -alsologtostderr > /dev/null 2>&1 &
-    echo "Tiller is listening on ${HELM_HOST}"
-
-    if ! helm version --debug; then
-      echo "Failed to init Tiller."
-      return 1
-    fi
-    echo ""
-  }
-
-  function create_secret() {
-    echo "Create secret..."
-    if [[ "$CI_PROJECT_VISIBILITY" == "public" ]]; then
-      return
-    fi
-
-    kubectl create secret -n "$KUBE_NAMESPACE" \
-      docker-registry gitlab-registry \
-      --docker-server="$CI_REGISTRY" \
-      --docker-username="${CI_DEPLOY_USER:-$CI_REGISTRY_USER}" \
-      --docker-password="${CI_DEPLOY_PASSWORD:-$CI_REGISTRY_PASSWORD}" \
-      --docker-email="$GITLAB_USER_EMAIL" \
-      -o yaml --dry-run | kubectl replace -n "$KUBE_NAMESPACE" --force -f -
-  }
-
-  function persist_environment_url() {
-      echo $CI_ENVIRONMENT_URL > environment_url.txt
-  }
-
-  function delete() {
-    track="${1-stable}"
-    name=$(deploy_name "$track")
-
-    if [[ -n "$(helm ls -q "^$name$")" ]]; then
-      helm delete --purge "$name"
-    fi
-
-    secret_name=$(application_secret_name "$track")
-    kubectl delete secret --ignore-not-found -n "$KUBE_NAMESPACE" "$secret_name"
-  }
-
-before_script:
-  - *deploy_helpers
-- 
cgit v1.2.1


From 461418e1e8fe95e9342d964dbec0a93cb9b17d6d Mon Sep 17 00:00:00 2001
From: Eric Lindsey <eslindsey@gmail.com>
Date: Thu, 25 Jul 2019 03:08:43 +0000
Subject: Fix rendering in Newline section

---
 doc/user/markdown.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/user/markdown.md b/doc/user/markdown.md
index b533a4f60b8..9380dcf2a32 100644
--- a/doc/user/markdown.md
+++ b/doc/user/markdown.md
@@ -1049,14 +1049,14 @@ A new line due to the previous backslash.
 
 First paragraph.
 Another line in the same paragraph.
-A third line in the same paragraph, but this time ending with two spaces.
+A third line in the same paragraph, but this time ending with two spaces.  
 A new line directly under the first paragraph.
 
 <!-- (Do *NOT* remove the two ending whitespaces in the second line) -->
 <!-- (They are needed for the Markdown text to render correctly on docs.gitlab.com, the backslash works fine inside GitLab itself) -->
 
 Second paragraph.
-Another line, this time ending with a backslash.
+Another line, this time ending with a backslash.  
 A new line due to the previous backslash.
 
 ### Links
-- 
cgit v1.2.1


From 6b8602898153c6f0d39b07a927b9bbd84a7adc83 Mon Sep 17 00:00:00 2001
From: Tristan Williams <2390023-tristan@users.noreply.gitlab.com>
Date: Thu, 25 Jul 2019 04:14:23 +0000
Subject: Docs: Improve SCIM documentation

---
 .../group/saml_sso/img/scim_attribute_mapping.png  | Bin 95420 -> 113191 bytes
 .../saml_sso/img/scim_name_identifier_mapping.png  | Bin 0 -> 175281 bytes
 .../saml_sso/img/scim_provisioning_status.png      | Bin 0 -> 23006 bytes
 doc/user/group/saml_sso/scim_setup.md              |  51 ++++++++++++---------
 4 files changed, 30 insertions(+), 21 deletions(-)
 create mode 100644 doc/user/group/saml_sso/img/scim_name_identifier_mapping.png
 create mode 100644 doc/user/group/saml_sso/img/scim_provisioning_status.png

diff --git a/doc/user/group/saml_sso/img/scim_attribute_mapping.png b/doc/user/group/saml_sso/img/scim_attribute_mapping.png
index c9f6b71f5b0..dad459d8c28 100644
Binary files a/doc/user/group/saml_sso/img/scim_attribute_mapping.png and b/doc/user/group/saml_sso/img/scim_attribute_mapping.png differ
diff --git a/doc/user/group/saml_sso/img/scim_name_identifier_mapping.png b/doc/user/group/saml_sso/img/scim_name_identifier_mapping.png
new file mode 100644
index 00000000000..85e5648816e
Binary files /dev/null and b/doc/user/group/saml_sso/img/scim_name_identifier_mapping.png differ
diff --git a/doc/user/group/saml_sso/img/scim_provisioning_status.png b/doc/user/group/saml_sso/img/scim_provisioning_status.png
new file mode 100644
index 00000000000..4b8887b5418
Binary files /dev/null and b/doc/user/group/saml_sso/img/scim_provisioning_status.png differ
diff --git a/doc/user/group/saml_sso/scim_setup.md b/doc/user/group/saml_sso/scim_setup.md
index 55c5a18db7d..bc74725bbc9 100644
--- a/doc/user/group/saml_sso/scim_setup.md
+++ b/doc/user/group/saml_sso/scim_setup.md
@@ -45,7 +45,7 @@ The following identity providers are supported:
   Feature.enable(:group_scim, group)
   ```
 
-### GitLab configuration
+## GitLab configuration
 
 Once [Single sign-on](index.md) has been configured, we can:
 
@@ -55,41 +55,48 @@ Once [Single sign-on](index.md) has been configured, we can:
 
 ![SCIM token configuration](img/scim_token.png)
 
-## SCIM IdP configuration
+## Identity Provider configuration
 
-### Configuration on Azure
+### Azure
 
-In the [Single sign-on](index.md) configuration for the group, make sure
-that the **Name identifier value** (NameID) points to a unique identifier, such
-as the `user.objectid`. This will match the `extern_uid`  used on GitLab.
+First, double check the [Single sign-on](index.md) configuration for your group and ensure that **Name identifier value** (NameID) points to `user.objectid` or another unique identifier. This will match the `extern_uid` used on GitLab.
 
-The GitLab app in Azure needs to be configured following
-[Azure's SCIM setup](https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/use-scim-to-provision-users-and-groups#getting-started).
+![Name identifier value mapping](img/scim_name_identifier_mapping.png)
 
-Note the following:
+#### Set up admin credentials
+
+Next, configure your GitLab application in Azure by following the
+[Provisioning users and groups to applications that support SCIM](https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/use-scim-to-provision-users-and-groups#provisioning-users-and-groups-to-applications-that-support-scim) 
+section in Azure's SCIM setup documentation.
+
+During this configuration, note the following:
 
 - The `Tenant URL` and `secret token` are the ones retrieved in the
   [previous step](#gitlab-configuration).
 - Should there be any problems with the availability of GitLab or similar
   errors, the notification email set will get those.
+- It is recommended to set a notification email and check the **Send an email notification when a failure occurs** checkbox.
 - For mappings, we will only leave `Synchronize Azure Active Directory Users to AppName` enabled.
 
-You can then test the connection clicking on `Test Connection`.
+You can then test the connection by clicking on **Test Connection**. If the connection is successful, be sure to save your configuration before moving on.
 
-### Synchronize Azure Active Directory users
+#### Configure attribute mapping
 
-1. Click on `Synchronize Azure Active Directory Users to AppName`, to configure
-   the attribute mapping.
-1. Select the unique identifier (in the example `objectId`) as the `id` and `externalId`,
-   and enable the `Create`, `Update`, and `Delete` actions.
-1. Map the `userPricipalName` to `emails[type eq "work"].value` and `mailNickname` to
-   `userName`.
+1. Click on `Synchronize Azure Active Directory Users to AppName`, to configure the attribute mapping.
+1. Click **Delete** next to the `mail` mapping.
+1. Map `userPrincipalName` to `emails[type eq "work"].value` and change it's **Matching precedence** to `2`.
+1. Map `mailNickname` to `userName`.
+1. Create a new mapping by clicking **Add New Mapping** then set **Source attribute** to `objectId`, **Target attribute** to `id`, **Match objects using this attribute** to `Yes`, and **Matching precedence** to `1`.
+1. Create a new mapping by clicking **Add New Mapping** then set **Source attribute** to `objectId`, and **Target attribute** to `externalId`.
+1. Click the `userPrincipalName` mapping and change **Match objects using this attribute** to `No`.
 
-   Example configuration:
+    Save your changes and you should have the following configuration:
 
    ![Azure's attribute mapping configuration](img/scim_attribute_mapping.png)
 
-1. Click on **Show advanced options > Edit attribute list for AppName**.
+    NOTE: **Note:** If you used a unique identifier **other than** `objectId`, be sure to map it instead to both `id` and `externalId`.
+
+1. Below the mapping list click on **Show advanced options > Edit attribute list for AppName**.
 1. Leave the `id` as the primary and only required field.
 
    NOTE: **Note:**
@@ -99,12 +106,14 @@ You can then test the connection clicking on `Test Connection`.
    ![Azure's attribute advanced configuration](img/scim_advanced.png)
 
 1. Save all the screens and, in the **Provisioning** step, set
-   the `Provisioning Status` to `ON`.
+   the `Provisioning Status` to `On`.
+
+    ![Provisioning status toggle switch](img/scim_provisioning_status.png)
 
    NOTE: **Note:**
    You can control what is actually synced by selecting the `Scope`. For example,
    `Sync only assigned users and groups` will only sync the users assigned to
-   the application (`Users and groups`), otherwise it will sync the whole Active Directory.
+   the application (`Users and groups`), otherwise, it will sync the whole Active Directory.
 
 Once enabled, the synchronization details and any errors will appear on the
 bottom of the **Provisioning** screen, together with a link to the audit logs.
-- 
cgit v1.2.1


From 2b3d00a77822eaf2e622dd0b1baf85ebea2b1ee4 Mon Sep 17 00:00:00 2001
From: Heinrich Lee Yu <heinrich@gitlab.com>
Date: Wed, 17 Jul 2019 11:51:22 +0800
Subject: Remove unneeded monkey-patch

Changes all calls to data_source_exists? to table_exists?
since that is the intent of these calls
---
 config/initializers/0_license.rb                               |  2 +-
 config/initializers/active_record_migration.rb                 | 10 ----------
 config/initializers/load_balancing.rb                          |  2 +-
 lib/gitlab/background_migration/prepare_untracked_uploads.rb   |  2 +-
 lib/tasks/gitlab/db.rake                                       |  2 +-
 scripts/insert-rspec-profiling-data                            |  4 ----
 .../background_migration/populate_untracked_uploads_spec.rb    |  2 +-
 7 files changed, 5 insertions(+), 19 deletions(-)
 delete mode 100644 config/initializers/active_record_migration.rb

diff --git a/config/initializers/0_license.rb b/config/initializers/0_license.rb
index f750022dfdf..19c71c34904 100644
--- a/config/initializers/0_license.rb
+++ b/config/initializers/0_license.rb
@@ -10,7 +10,7 @@ Gitlab.ee do
   end
 
   # Needed to run migration
-  if ActiveRecord::Base.connected? && ActiveRecord::Base.connection.data_source_exists?('licenses')
+  if ActiveRecord::Base.connected? && ActiveRecord::Base.connection.table_exists?('licenses')
     message = LicenseHelper.license_message(signed_in: true, is_admin: true, in_html: false)
     if ::License.block_changes? && message.present?
       warn "WARNING: #{message}"
diff --git a/config/initializers/active_record_migration.rb b/config/initializers/active_record_migration.rb
deleted file mode 100644
index 04c06be7834..00000000000
--- a/config/initializers/active_record_migration.rb
+++ /dev/null
@@ -1,10 +0,0 @@
-require 'active_record/migration'
-
-module ActiveRecord
-  class Migration
-    # data_source_exists? is not available in 4.2.10, table_exists deprecated in 5.0
-    def table_exists?(table_name)
-      ActiveRecord::Base.connection.data_source_exists?(table_name)
-    end
-  end
-end
diff --git a/config/initializers/load_balancing.rb b/config/initializers/load_balancing.rb
index 029c0ff4277..a49bcbe1f96 100644
--- a/config/initializers/load_balancing.rb
+++ b/config/initializers/load_balancing.rb
@@ -3,7 +3,7 @@
 # We need to run this initializer after migrations are done so it doesn't fail on CI
 
 Gitlab.ee do
-  if ActiveRecord::Base.connected? && ActiveRecord::Base.connection.data_source_exists?('licenses')
+  if ActiveRecord::Base.connected? && ActiveRecord::Base.connection.table_exists?('licenses')
     if Gitlab::Database::LoadBalancing.enable?
       Gitlab::Database.disable_prepared_statements
 
diff --git a/lib/gitlab/background_migration/prepare_untracked_uploads.rb b/lib/gitlab/background_migration/prepare_untracked_uploads.rb
index 7d40b459c9a..806c3a7a369 100644
--- a/lib/gitlab/background_migration/prepare_untracked_uploads.rb
+++ b/lib/gitlab/background_migration/prepare_untracked_uploads.rb
@@ -55,7 +55,7 @@ module Gitlab
       def ensure_temporary_tracking_table_exists
         table_name = :untracked_files_for_uploads
 
-        unless ActiveRecord::Base.connection.data_source_exists?(table_name)
+        unless ActiveRecord::Base.connection.table_exists?(table_name)
           UntrackedFile.connection.create_table table_name do |t|
             t.string :path, limit: 600, null: false
             t.index :path, unique: true
diff --git a/lib/tasks/gitlab/db.rake b/lib/tasks/gitlab/db.rake
index 5f2ed5274e4..d054959e05e 100644
--- a/lib/tasks/gitlab/db.rake
+++ b/lib/tasks/gitlab/db.rake
@@ -33,7 +33,7 @@ namespace :gitlab do
       # Removes the entry from the array
       tables.delete 'schema_migrations'
       # Truncate schema_migrations to ensure migrations re-run
-      connection.execute('TRUNCATE schema_migrations') if connection.data_source_exists? 'schema_migrations'
+      connection.execute('TRUNCATE schema_migrations') if connection.table_exists? 'schema_migrations'
 
       # Drop tables with cascade to avoid dependent table errors
       # PG: http://www.postgresql.org/docs/current/static/ddl-depend.html
diff --git a/scripts/insert-rspec-profiling-data b/scripts/insert-rspec-profiling-data
index b34379764e0..88c9d8c12b1 100755
--- a/scripts/insert-rspec-profiling-data
+++ b/scripts/insert-rspec-profiling-data
@@ -14,10 +14,6 @@ module RspecProfiling
         Result.establish_connection(results_url)
       end
 
-      def prepared?
-        connection.data_source_exists?(table)
-      end
-
       def results_url
         ENV['RSPEC_PROFILING_POSTGRES_URL']
       end
diff --git a/spec/lib/gitlab/background_migration/populate_untracked_uploads_spec.rb b/spec/lib/gitlab/background_migration/populate_untracked_uploads_spec.rb
index 0dee683350f..0d2074eed22 100644
--- a/spec/lib/gitlab/background_migration/populate_untracked_uploads_spec.rb
+++ b/spec/lib/gitlab/background_migration/populate_untracked_uploads_spec.rb
@@ -114,7 +114,7 @@ describe Gitlab::BackgroundMigration::PopulateUntrackedUploads, :sidekiq, :migra
     it 'does not drop the temporary tracking table after processing the batch, if there are still untracked rows' do
       subject.perform(1, untracked_files_for_uploads.last.id - 1)
 
-      expect(ActiveRecord::Base.connection.data_source_exists?(:untracked_files_for_uploads)).to be_truthy
+      expect(ActiveRecord::Base.connection.table_exists?(:untracked_files_for_uploads)).to be_truthy
     end
 
     it 'drops the temporary tracking table after processing the batch, if there are no untracked rows left' do
-- 
cgit v1.2.1


From 41f87e9e99e14f7d591f222b0246467acd040625 Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Thu, 25 Jul 2019 16:31:53 +1200
Subject: Removes potentially incorrect, and slow fallback

Deployment_platform is relatively expensive and calling this after the
fact means that this may not be the cluster that was deployed to.

Correspondingly reduce the leeway given in the related N+1 spec
---
 app/models/deployment_metrics.rb                            | 13 +------------
 ...move_deployment_metrics_deployment_platform_fallback.yml |  6 ++++++
 spec/controllers/projects/merge_requests_controller_spec.rb |  5 ++---
 spec/models/deployment_metrics_spec.rb                      | 12 ------------
 4 files changed, 9 insertions(+), 27 deletions(-)
 create mode 100644 changelogs/unreleased/remove_deployment_metrics_deployment_platform_fallback.yml

diff --git a/app/models/deployment_metrics.rb b/app/models/deployment_metrics.rb
index cfe762ca25e..2056c8bc59c 100644
--- a/app/models/deployment_metrics.rb
+++ b/app/models/deployment_metrics.rb
@@ -44,18 +44,7 @@ class DeploymentMetrics
     end
   end
 
-  # TODO remove fallback case to deployment_platform_cluster.
-  # Otherwise we will continue to pay the performance penalty described in
-  # https://gitlab.com/gitlab-org/gitlab-ce/issues/63475
-  #
-  # Removal issue: https://gitlab.com/gitlab-org/gitlab-ce/issues/64105
   def cluster_prometheus
-    cluster_with_fallback = cluster || deployment_platform_cluster
-
-    cluster_with_fallback.application_prometheus if cluster_with_fallback&.application_prometheus_available?
-  end
-
-  def deployment_platform_cluster
-    deployment.environment.deployment_platform&.cluster
+    cluster.application_prometheus if cluster&.application_prometheus_available?
   end
 end
diff --git a/changelogs/unreleased/remove_deployment_metrics_deployment_platform_fallback.yml b/changelogs/unreleased/remove_deployment_metrics_deployment_platform_fallback.yml
new file mode 100644
index 00000000000..d32cbd1d8e0
--- /dev/null
+++ b/changelogs/unreleased/remove_deployment_metrics_deployment_platform_fallback.yml
@@ -0,0 +1,6 @@
+---
+title: Remove incorrect fallback when determining which cluster to use when retrieving
+  MR performance metrics
+merge_request: 31126
+author:
+type: changed
diff --git a/spec/controllers/projects/merge_requests_controller_spec.rb b/spec/controllers/projects/merge_requests_controller_spec.rb
index f11880122b1..fa71d9b61b1 100644
--- a/spec/controllers/projects/merge_requests_controller_spec.rb
+++ b/spec/controllers/projects/merge_requests_controller_spec.rb
@@ -885,10 +885,9 @@ describe Projects::MergeRequestsController do
         environment2 = create(:environment, project: forked)
         create(:deployment, :succeed, environment: environment2, sha: sha, ref: 'master', deployable: build)
 
-        # TODO address the last 11 queries
+        # TODO address the last 5 queries
         # See https://gitlab.com/gitlab-org/gitlab-ce/issues/63952 (5 queries)
-        # And https://gitlab.com/gitlab-org/gitlab-ce/issues/64105 (6 queries)
-        leeway = 11
+        leeway = 5
         expect { get_ci_environments_status }.not_to exceed_all_query_limit(control_count + leeway)
       end
     end
diff --git a/spec/models/deployment_metrics_spec.rb b/spec/models/deployment_metrics_spec.rb
index 0aadb1f3a5e..7c574a8b6c8 100644
--- a/spec/models/deployment_metrics_spec.rb
+++ b/spec/models/deployment_metrics_spec.rb
@@ -49,18 +49,6 @@ describe DeploymentMetrics do
 
         it { is_expected.to be_truthy }
       end
-
-      context 'fallback deployment platform' do
-        let(:cluster) { create(:cluster, :provided_by_user, environment_scope: '*', projects: [deployment.project]) }
-        let!(:prometheus) { create(:clusters_applications_prometheus, :installed, cluster: cluster) }
-
-        before do
-          expect(deployment.project).to receive(:deployment_platform).and_return(cluster.platform)
-          expect(cluster.application_prometheus).to receive(:can_query?).and_return(true)
-        end
-
-        it { is_expected.to be_truthy }
-      end
     end
   end
 
-- 
cgit v1.2.1


From f0391c2517879bbb73702ccafd5e02bf25b40eec Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Thu, 25 Jul 2019 17:27:42 +1200
Subject: Add frozen_string_literal to spec/support

Using the sed script from
https://gitlab.com/gitlab-org/gitlab-ce/issues/59758
---
 spec/support/api/boards_shared_examples.rb                              | 2 ++
 spec/support/api/issues_resolving_discussions_shared_examples.rb        | 2 ++
 spec/support/api/members_shared_examples.rb                             | 2 ++
 spec/support/api/milestones_shared_examples.rb                          | 2 ++
 spec/support/api/repositories_shared_context.rb                         | 2 ++
 spec/support/api/schema_matcher.rb                                      | 2 ++
 spec/support/api/scopes/read_user_shared_examples.rb                    | 2 ++
 spec/support/api/time_tracking_shared_examples.rb                       | 2 ++
 spec/support/banzai/reference_filter_shared_examples.rb                 | 2 ++
 spec/support/batch_loader.rb                                            | 2 ++
 spec/support/capybara.rb                                                | 2 ++
 spec/support/carrierwave.rb                                             | 2 ++
 spec/support/chunked_io/chunked_io_helpers.rb                           | 2 ++
 spec/support/commit_trailers_spec_helper.rb                             | 2 ++
 spec/support/controllers/githubish_import_controller_shared_context.rb  | 2 ++
 spec/support/controllers/githubish_import_controller_shared_examples.rb | 2 ++
 .../controllers/ldap_omniauth_callbacks_controller_shared_context.rb    | 2 ++
 spec/support/controllers/sessionless_auth_controller_shared_examples.rb | 2 ++
 spec/support/cycle_analytics_helpers/test_generation.rb                 | 2 ++
 spec/support/db_cleaner.rb                                              | 2 ++
 spec/support/external_authorization_service_helpers.rb                  | 2 ++
 spec/support/features/discussion_comments_shared_example.rb             | 2 ++
 spec/support/features/reportable_note_shared_examples.rb                | 2 ++
 .../support/features/resolving_discussions_in_issues_shared_examples.rb | 2 ++
 spec/support/features/rss_shared_examples.rb                            | 2 ++
 spec/support/features/variable_list_shared_examples.rb                  | 2 ++
 spec/support/forgery_protection.rb                                      | 2 ++
 spec/support/google_api/cloud_platform_helpers.rb                       | 2 ++
 spec/support/helpers/api_helpers.rb                                     | 2 ++
 spec/support/helpers/assets_helpers.rb                                  | 2 ++
 spec/support/helpers/bare_repo_operations.rb                            | 2 ++
 spec/support/helpers/board_helpers.rb                                   | 2 ++
 spec/support/helpers/capybara_helpers.rb                                | 2 ++
 spec/support/helpers/ci_artifact_metadata_generator.rb                  | 2 ++
 spec/support/helpers/cookie_helper.rb                                   | 2 ++
 spec/support/helpers/cycle_analytics_helpers.rb                         | 2 ++
 spec/support/helpers/database_connection_helpers.rb                     | 2 ++
 spec/support/helpers/devise_helpers.rb                                  | 2 ++
 spec/support/helpers/drag_to_helper.rb                                  | 2 ++
 spec/support/helpers/dropzone_helper.rb                                 | 2 ++
 spec/support/helpers/email_helpers.rb                                   | 2 ++
 spec/support/helpers/exclusive_lease_helpers.rb                         | 2 ++
 spec/support/helpers/expect_next_instance_of.rb                         | 2 ++
 spec/support/helpers/expect_offense.rb                                  | 2 ++
 spec/support/helpers/fake_blob_helpers.rb                               | 2 ++
 spec/support/helpers/fake_migration_classes.rb                          | 2 ++
 spec/support/helpers/fake_u2f_device.rb                                 | 2 ++
 spec/support/helpers/features/branches_helpers.rb                       | 2 ++
 spec/support/helpers/features/notes_helpers.rb                          | 2 ++
 spec/support/helpers/features/sorting_helpers.rb                        | 2 ++
 spec/support/helpers/filter_spec_helper.rb                              | 2 ++
 spec/support/helpers/filtered_search_helpers.rb                         | 2 ++
 spec/support/helpers/fixture_helpers.rb                                 | 2 ++
 spec/support/helpers/git_http_helpers.rb                                | 2 ++
 spec/support/helpers/gitlab_verify_helpers.rb                           | 2 ++
 spec/support/helpers/graphql_helpers.rb                                 | 2 ++
 spec/support/helpers/import_spec_helper.rb                              | 2 ++
 spec/support/helpers/input_helper.rb                                    | 2 ++
 spec/support/helpers/inspect_requests.rb                                | 2 ++
 spec/support/helpers/issue_helpers.rb                                   | 2 ++
 spec/support/helpers/javascript_fixtures_helpers.rb                     | 2 ++
 spec/support/helpers/jira_service_helper.rb                             | 2 ++
 spec/support/helpers/key_generator_helper.rb                            | 2 ++
 spec/support/helpers/kubernetes_helpers.rb                              | 2 ++
 spec/support/helpers/ldap_helpers.rb                                    | 2 ++
 spec/support/helpers/live_debugger.rb                                   | 2 ++
 spec/support/helpers/login_helpers.rb                                   | 2 ++
 spec/support/helpers/markdown_feature.rb                                | 2 ++
 spec/support/helpers/merge_request_diff_helpers.rb                      | 2 ++
 spec/support/helpers/merge_request_helpers.rb                           | 2 ++
 spec/support/helpers/migrations_helpers.rb                              | 2 ++
 spec/support/helpers/mobile_helpers.rb                                  | 2 ++
 spec/support/helpers/note_interaction_helpers.rb                        | 2 ++
 spec/support/helpers/notification_helpers.rb                            | 2 ++
 spec/support/helpers/project_forks_helper.rb                            | 2 ++
 spec/support/helpers/prometheus_helpers.rb                              | 2 ++
 spec/support/helpers/query_recorder.rb                                  | 2 ++
 spec/support/helpers/quick_actions_helpers.rb                           | 2 ++
 spec/support/helpers/rake_helpers.rb                                    | 2 ++
 spec/support/helpers/reactive_caching_helpers.rb                        | 2 ++
 spec/support/helpers/redis_without_keys.rb                              | 2 ++
 spec/support/helpers/reference_parser_helpers.rb                        | 2 ++
 spec/support/helpers/repo_helpers.rb                                    | 2 ++
 spec/support/helpers/routes_helpers.rb                                  | 2 ++
 spec/support/helpers/search_helpers.rb                                  | 2 ++
 spec/support/helpers/seed_repo.rb                                       | 2 ++
 spec/support/helpers/select2_helper.rb                                  | 2 ++
 spec/support/helpers/selection_helper.rb                                | 2 ++
 spec/support/helpers/sorting_helper.rb                                  | 2 ++
 spec/support/helpers/stub_configuration.rb                              | 2 ++
 spec/support/helpers/stub_env.rb                                        | 2 ++
 spec/support/helpers/stub_feature_flags.rb                              | 2 ++
 spec/support/helpers/stub_gitlab_calls.rb                               | 2 ++
 spec/support/helpers/stub_gitlab_data.rb                                | 2 ++
 spec/support/helpers/stub_metrics.rb                                    | 2 ++
 spec/support/helpers/stub_object_storage.rb                             | 2 ++
 spec/support/helpers/stub_requests.rb                                   | 2 ++
 spec/support/helpers/stub_worker.rb                                     | 2 ++
 spec/support/helpers/terms_helper.rb                                    | 2 ++
 spec/support/helpers/test_env.rb                                        | 2 ++
 spec/support/helpers/upload_helpers.rb                                  | 2 ++
 spec/support/helpers/wait_for_requests.rb                               | 2 ++
 spec/support/helpers/wait_helpers.rb                                    | 2 ++
 spec/support/helpers/wiki_helpers.rb                                    | 2 ++
 spec/support/helpers/workhorse_helpers.rb                               | 2 ++
 spec/support/http_io/http_io_helpers.rb                                 | 2 ++
 spec/support/import_export/common_util.rb                               | 2 ++
 spec/support/import_export/configuration_helper.rb                      | 2 ++
 spec/support/import_export/export_file_helper.rb                        | 2 ++
 spec/support/inspect_squelch.rb                                         | 2 ++
 spec/support/issuables_requiring_filter_shared_examples.rb              | 2 ++
 spec/support/json_response.rb                                           | 2 ++
 spec/support/matchers/abort_matcher.rb                                  | 2 ++
 spec/support/matchers/access_matchers.rb                                | 2 ++
 spec/support/matchers/access_matchers_for_controller.rb                 | 2 ++
 spec/support/matchers/background_migrations_matchers.rb                 | 2 ++
 spec/support/matchers/be_a_binary_string.rb                             | 2 ++
 spec/support/matchers/be_like_time.rb                                   | 2 ++
 spec/support/matchers/be_url.rb                                         | 2 ++
 spec/support/matchers/be_utf8.rb                                        | 2 ++
 spec/support/matchers/be_valid_commit.rb                                | 2 ++
 spec/support/matchers/disallow_request_matchers.rb                      | 2 ++
 spec/support/matchers/exceed_query_limit.rb                             | 2 ++
 spec/support/matchers/execute_check.rb                                  | 2 ++
 spec/support/matchers/gitaly_matchers.rb                                | 2 ++
 spec/support/matchers/gitlab_git_matchers.rb                            | 2 ++
 spec/support/matchers/graphql_matchers.rb                               | 2 ++
 spec/support/matchers/have_emoji.rb                                     | 2 ++
 spec/support/matchers/have_gitlab_http_status.rb                        | 2 ++
 spec/support/matchers/have_issuable_counts.rb                           | 2 ++
 spec/support/matchers/include_module.rb                                 | 2 ++
 spec/support/matchers/issuable_matchers.rb                              | 2 ++
 spec/support/matchers/markdown_matchers.rb                              | 2 ++
 spec/support/matchers/match_file.rb                                     | 2 ++
 spec/support/matchers/match_ids.rb                                      | 2 ++
 spec/support/matchers/metric_counter_matcher.rb                         | 2 ++
 spec/support/matchers/navigation_matcher.rb                             | 2 ++
 spec/support/matchers/pagination_matcher.rb                             | 2 ++
 spec/support/matchers/query_matcher.rb                                  | 2 ++
 spec/support/matchers/satisfy_matchers.rb                               | 2 ++
 spec/support/matchers/security_header_matcher.rb                        | 2 ++
 spec/support/migrations_helpers/track_untracked_uploads_helpers.rb      | 2 ++
 spec/support/omni_auth.rb                                               | 2 ++
 spec/support/prometheus/additional_metrics_shared_examples.rb           | 2 ++
 spec/support/prometheus/metric_builders.rb                              | 2 ++
 spec/support/protected_tags/access_control_ce_shared_examples.rb        | 2 ++
 spec/support/redis/redis_helpers.rb                                     | 2 ++
 spec/support/redis/redis_shared_examples.rb                             | 2 ++
 spec/support/rspec.rb                                                   | 2 ++
 spec/support/seed.rb                                                    | 2 ++
 spec/support/services/clusters/create_service_shared.rb                 | 2 ++
 .../services/issuable_create_service_slash_commands_shared_examples.rb  | 2 ++
 spec/support/services/issuable_update_service_shared_examples.rb        | 2 ++
 spec/support/services/migrate_to_ghost_user_service_shared_examples.rb  | 2 ++
 spec/support/setup_builds_storage.rb                                    | 2 ++
 spec/support/shared_contexts/email_shared_context.rb                    | 2 ++
 .../shared_contexts/finders/group_projects_finder_shared_contexts.rb    | 2 ++
 spec/support/shared_contexts/finders/issues_finder_shared_contexts.rb   | 2 ++
 .../shared_contexts/finders/merge_requests_finder_shared_contexts.rb    | 2 ++
 spec/support/shared_contexts/finders/users_finder_shared_contexts.rb    | 2 ++
 spec/support/shared_contexts/json_response_shared_context.rb            | 2 ++
 spec/support/shared_contexts/merge_requests_allowing_collaboration.rb   | 2 ++
 spec/support/shared_contexts/services_shared_context.rb                 | 2 ++
 spec/support/shared_contexts/url_shared_context.rb                      | 2 ++
 spec/support/shared_examples/chat_slash_commands_shared_examples.rb     | 2 ++
 spec/support/shared_examples/ci_trace_shared_examples.rb                | 2 ++
 spec/support/shared_examples/common_system_notes_examples.rb            | 2 ++
 .../controllers/external_authorization_service_shared_examples.rb       | 2 ++
 .../controllers/issuable_notes_filter_shared_examples.rb                | 2 ++
 .../controllers/set_sort_order_from_user_preference_shared_examples.rb  | 2 ++
 spec/support/shared_examples/controllers/todos_shared_examples.rb       | 2 ++
 .../shared_examples/controllers/uploads_actions_shared_examples.rb      | 2 ++
 spec/support/shared_examples/controllers/variables_shared_examples.rb   | 2 ++
 spec/support/shared_examples/dirty_submit_form_shared_examples.rb       | 2 ++
 spec/support/shared_examples/email_format_shared_examples.rb            | 2 ++
 spec/support/shared_examples/fast_destroy_all.rb                        | 2 ++
 .../features/comments_on_merge_request_files_shared_examples.rb         | 2 ++
 .../shared_examples/features/creatable_merge_request_shared_examples.rb | 2 ++
 .../shared_examples/features/editable_merge_request_shared_examples.rb  | 2 ++
 .../shared_examples/features/issuable_sidebar_shared_examples.rb        | 2 ++
 .../features/issuables_user_dropdown_behaviors_shared_examples.rb       | 2 ++
 .../features/master_manages_access_requests_shared_example.rb           | 2 ++
 .../features/project_features_apply_to_issuables_shared_examples.rb     | 2 ++
 .../shared_examples/features/protected_branches_access_control_ce.rb    | 2 ++
 spec/support/shared_examples/features/search_shared_examples.rb         | 2 ++
 spec/support/shared_examples/file_finder.rb                             | 2 ++
 .../finders/finder_with_external_authorization_enabled.rb               | 2 ++
 spec/support/shared_examples/gitlab_verify.rb                           | 2 ++
 spec/support/shared_examples/graphql/issuable_state_shared_examples.rb  | 2 ++
 spec/support/shared_examples/group_members_shared_example.rb            | 2 ++
 spec/support/shared_examples/helm_generated_script.rb                   | 2 ++
 spec/support/shared_examples/issuable_shared_examples.rb                | 2 ++
 spec/support/shared_examples/issuables_list_metadata_shared_examples.rb | 2 ++
 spec/support/shared_examples/issue_tracker_service_shared_example.rb    | 2 ++
 spec/support/shared_examples/ldap_shared_examples.rb                    | 2 ++
 spec/support/shared_examples/legacy_path_redirect_shared_examples.rb    | 2 ++
 .../background_migration/backfill_project_repositories_examples.rb      | 2 ++
 spec/support/shared_examples/malicious_regexp_shared_examples.rb        | 2 ++
 spec/support/shared_examples/mentionable_shared_examples.rb             | 2 ++
 spec/support/shared_examples/milestone_tabs_examples.rb                 | 2 ++
 .../shared_examples/models/atomic_internal_id_shared_examples.rb        | 2 ++
 spec/support/shared_examples/models/chat_service_shared_examples.rb     | 2 ++
 .../shared_examples/models/cluster_application_core_shared_examples.rb  | 2 ++
 .../shared_examples/models/cluster_application_helm_cert_examples.rb    | 2 ++
 .../models/cluster_application_status_shared_examples.rb                | 2 ++
 .../shared_examples/models/issuable_hook_data_shared_examples.rb        | 2 ++
 .../shared_examples/models/members_notifications_shared_example.rb      | 2 ++
 .../support/shared_examples/models/project_hook_data_shared_examples.rb | 2 ++
 spec/support/shared_examples/models/with_uploads_shared_examples.rb     | 2 ++
 spec/support/shared_examples/notify_shared_examples.rb                  | 2 ++
 spec/support/shared_examples/position_formatters.rb                     | 2 ++
 spec/support/shared_examples/reference_parser_shared_examples.rb        | 2 ++
 .../shared_examples/requests/api/custom_attributes_shared_examples.rb   | 2 ++
 spec/support/shared_examples/requests/api/diff_discussions.rb           | 2 ++
 spec/support/shared_examples/requests/api/discussions.rb                | 2 ++
 .../shared_examples/requests/api/issuable_participants_examples.rb      | 2 ++
 .../requests/api/issues/merge_requests_count_shared_examples.rb         | 2 ++
 spec/support/shared_examples/requests/api/notes.rb                      | 2 ++
 spec/support/shared_examples/requests/api/resolvable_discussions.rb     | 2 ++
 spec/support/shared_examples/requests/api/status_shared_examples.rb     | 2 ++
 spec/support/shared_examples/requests/graphql_shared_examples.rb        | 2 ++
 spec/support/shared_examples/serializers/note_entity_examples.rb        | 2 ++
 spec/support/shared_examples/services/boards/boards_create_service.rb   | 2 ++
 spec/support/shared_examples/services/boards/boards_list_service.rb     | 2 ++
 spec/support/shared_examples/services/boards/issues_list_service.rb     | 2 ++
 spec/support/shared_examples/services/boards/issues_move_service.rb     | 2 ++
 spec/support/shared_examples/services/boards/lists_destroy_service.rb   | 2 ++
 spec/support/shared_examples/services/boards/lists_list_service.rb      | 2 ++
 spec/support/shared_examples/services/boards/lists_move_service.rb      | 2 ++
 .../services/check_ingress_ip_address_service_shared_examples.rb        | 2 ++
 .../services/gitlab_projects_import_service_shared_examples.rb          | 2 ++
 .../shared_examples/slack_mattermost_notifications_shared_examples.rb   | 2 ++
 spec/support/shared_examples/snippet_visibility_shared_examples.rb      | 2 ++
 spec/support/shared_examples/snippets_shared_examples.rb                | 2 ++
 spec/support/shared_examples/taskable_shared_examples.rb                | 2 ++
 spec/support/shared_examples/throttled_touch.rb                         | 2 ++
 spec/support/shared_examples/unique_ip_check_shared_examples.rb         | 2 ++
 spec/support/shared_examples/update_invalid_issuable.rb                 | 2 ++
 spec/support/shared_examples/updating_mentions_shared_examples.rb       | 2 ++
 .../shared_examples/uploaders/gitlab_uploader_shared_examples.rb        | 2 ++
 .../support/shared_examples/uploaders/object_storage_shared_examples.rb | 2 ++
 spec/support/shared_examples/url_validator_examples.rb                  | 2 ++
 spec/support/sidekiq.rb                                                 | 2 ++
 spec/support/stored_repositories.rb                                     | 2 ++
 spec/support/test_reports/test_reports_helper.rb                        | 2 ++
 spec/support/trace/trace_helpers.rb                                     | 2 ++
 spec/support/webmock.rb                                                 | 2 ++
 247 files changed, 494 insertions(+)

diff --git a/spec/support/api/boards_shared_examples.rb b/spec/support/api/boards_shared_examples.rb
index 3abb5096a7a..b7aff32460d 100644
--- a/spec/support/api/boards_shared_examples.rb
+++ b/spec/support/api/boards_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples_for 'group and project boards' do |route_definition, ee = false|
   let(:root_url) { route_definition.gsub(":id", board_parent.id.to_s) }
 
diff --git a/spec/support/api/issues_resolving_discussions_shared_examples.rb b/spec/support/api/issues_resolving_discussions_shared_examples.rb
index d2d6260dfa8..4c44f1bd103 100644
--- a/spec/support/api/issues_resolving_discussions_shared_examples.rb
+++ b/spec/support/api/issues_resolving_discussions_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'creating an issue resolving discussions through the API' do
   it 'creates a new project issue' do
     expect(response).to have_gitlab_http_status(:created)
diff --git a/spec/support/api/members_shared_examples.rb b/spec/support/api/members_shared_examples.rb
index 8d910e52eda..603efd4fc75 100644
--- a/spec/support/api/members_shared_examples.rb
+++ b/spec/support/api/members_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'a 404 response when source is private' do
   before do
     source.update_column(:visibility_level, Gitlab::VisibilityLevel::PRIVATE)
diff --git a/spec/support/api/milestones_shared_examples.rb b/spec/support/api/milestones_shared_examples.rb
index 63b719be03e..d6439f77408 100644
--- a/spec/support/api/milestones_shared_examples.rb
+++ b/spec/support/api/milestones_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples_for 'group and project milestones' do |route_definition|
   let(:resource_route) { "#{route}/#{milestone.id}" }
   let(:label_1) { create(:label, title: 'label_1', project: project, priority: 1) }
diff --git a/spec/support/api/repositories_shared_context.rb b/spec/support/api/repositories_shared_context.rb
index f1341804e56..346015106e3 100644
--- a/spec/support/api/repositories_shared_context.rb
+++ b/spec/support/api/repositories_shared_context.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_context 'disabled repository' do
   before do
     project.project_feature.update!(
diff --git a/spec/support/api/schema_matcher.rb b/spec/support/api/schema_matcher.rb
index 4cf34d43117..ebbd57c8115 100644
--- a/spec/support/api/schema_matcher.rb
+++ b/spec/support/api/schema_matcher.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module SchemaPath
   def self.expand(schema, dir = nil)
     if Gitlab.ee? && dir.nil?
diff --git a/spec/support/api/scopes/read_user_shared_examples.rb b/spec/support/api/scopes/read_user_shared_examples.rb
index 683234264a8..3786a8012f9 100644
--- a/spec/support/api/scopes/read_user_shared_examples.rb
+++ b/spec/support/api/scopes/read_user_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples_for 'allows the "read_user" scope' do |api_version|
   let(:version) { api_version || 'v4' }
 
diff --git a/spec/support/api/time_tracking_shared_examples.rb b/spec/support/api/time_tracking_shared_examples.rb
index 15037222630..3bd1b145433 100644
--- a/spec/support/api/time_tracking_shared_examples.rb
+++ b/spec/support/api/time_tracking_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'an unauthorized API user' do
   it { is_expected.to eq(403) }
 end
diff --git a/spec/support/banzai/reference_filter_shared_examples.rb b/spec/support/banzai/reference_filter_shared_examples.rb
index 476d80f3a93..27765652f28 100644
--- a/spec/support/banzai/reference_filter_shared_examples.rb
+++ b/spec/support/banzai/reference_filter_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Specs for reference links containing HTML.
 #
 # Requires a reference:
diff --git a/spec/support/batch_loader.rb b/spec/support/batch_loader.rb
index bb790e660a6..0eb8f279d29 100644
--- a/spec/support/batch_loader.rb
+++ b/spec/support/batch_loader.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.configure do |config|
   config.after do
     BatchLoader::Executor.clear_current
diff --git a/spec/support/capybara.rb b/spec/support/capybara.rb
index 60990879fe2..8accc5c1df5 100644
--- a/spec/support/capybara.rb
+++ b/spec/support/capybara.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # rubocop:disable Style/GlobalVars
 require 'capybara/rails'
 require 'capybara/rspec'
diff --git a/spec/support/carrierwave.rb b/spec/support/carrierwave.rb
index b376822d530..8da55514c78 100644
--- a/spec/support/carrierwave.rb
+++ b/spec/support/carrierwave.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 CarrierWave.root = File.expand_path('tmp/tests/public', Rails.root)
 
 RSpec.configure do |config|
diff --git a/spec/support/chunked_io/chunked_io_helpers.rb b/spec/support/chunked_io/chunked_io_helpers.rb
index fec1f951563..278f577f3cb 100644
--- a/spec/support/chunked_io/chunked_io_helpers.rb
+++ b/spec/support/chunked_io/chunked_io_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ChunkedIOHelpers
   def sample_trace_raw
     @sample_trace_raw ||= File.read(expand_fixture_path('trace/sample_trace'))
diff --git a/spec/support/commit_trailers_spec_helper.rb b/spec/support/commit_trailers_spec_helper.rb
index efa317fd2f9..a958e259368 100644
--- a/spec/support/commit_trailers_spec_helper.rb
+++ b/spec/support/commit_trailers_spec_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module CommitTrailersSpecHelper
   extend ActiveSupport::Concern
 
diff --git a/spec/support/controllers/githubish_import_controller_shared_context.rb b/spec/support/controllers/githubish_import_controller_shared_context.rb
index e71994edec6..3706178ee34 100644
--- a/spec/support/controllers/githubish_import_controller_shared_context.rb
+++ b/spec/support/controllers/githubish_import_controller_shared_context.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_context 'a GitHub-ish import controller' do
   let(:user) { create(:user) }
   let(:token) { "asdasd12345" }
diff --git a/spec/support/controllers/githubish_import_controller_shared_examples.rb b/spec/support/controllers/githubish_import_controller_shared_examples.rb
index 5bb1269a19d..7ddec49bfdf 100644
--- a/spec/support/controllers/githubish_import_controller_shared_examples.rb
+++ b/spec/support/controllers/githubish_import_controller_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Specifications for behavior common to all objects with an email attribute.
 # Takes a list of email-format attributes and requires:
 # - subject { "the object with a attribute= setter"  }
diff --git a/spec/support/controllers/ldap_omniauth_callbacks_controller_shared_context.rb b/spec/support/controllers/ldap_omniauth_callbacks_controller_shared_context.rb
index a0c77eecb61..d636c1cf6cd 100644
--- a/spec/support/controllers/ldap_omniauth_callbacks_controller_shared_context.rb
+++ b/spec/support/controllers/ldap_omniauth_callbacks_controller_shared_context.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 shared_context 'Ldap::OmniauthCallbacksController' do
diff --git a/spec/support/controllers/sessionless_auth_controller_shared_examples.rb b/spec/support/controllers/sessionless_auth_controller_shared_examples.rb
index 355555d9d19..b5149a0fcb1 100644
--- a/spec/support/controllers/sessionless_auth_controller_shared_examples.rb
+++ b/spec/support/controllers/sessionless_auth_controller_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'authenticates sessionless user' do |path, format, params|
   params ||= {}
 
diff --git a/spec/support/cycle_analytics_helpers/test_generation.rb b/spec/support/cycle_analytics_helpers/test_generation.rb
index be1c2bc3046..c57abbd96c6 100644
--- a/spec/support/cycle_analytics_helpers/test_generation.rb
+++ b/spec/support/cycle_analytics_helpers/test_generation.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # rubocop:disable Metrics/AbcSize
 
 # Note: The ABC size is large here because we have a method generating test cases with
diff --git a/spec/support/db_cleaner.rb b/spec/support/db_cleaner.rb
index 08622dff6d9..041ffa25535 100644
--- a/spec/support/db_cleaner.rb
+++ b/spec/support/db_cleaner.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module DbCleaner
   def delete_from_all_tables!(except: nil)
     DatabaseCleaner.clean_with(:deletion, cache_tables: false, except: except)
diff --git a/spec/support/external_authorization_service_helpers.rb b/spec/support/external_authorization_service_helpers.rb
index 79dd9a3d58e..f4214d800cf 100644
--- a/spec/support/external_authorization_service_helpers.rb
+++ b/spec/support/external_authorization_service_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ExternalAuthorizationServiceHelpers
   def enable_external_authorization_service_check
     stub_application_setting(external_authorization_service_enabled: true)
diff --git a/spec/support/features/discussion_comments_shared_example.rb b/spec/support/features/discussion_comments_shared_example.rb
index 7c8e57702ae..5590bf0fb7e 100644
--- a/spec/support/features/discussion_comments_shared_example.rb
+++ b/spec/support/features/discussion_comments_shared_example.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'thread comments' do |resource_name|
   let(:form_selector) { '.js-main-target-form' }
   let(:dropdown_selector) { "#{form_selector} .comment-type-dropdown" }
diff --git a/spec/support/features/reportable_note_shared_examples.rb b/spec/support/features/reportable_note_shared_examples.rb
index 5d5a0a7b5d2..2f9208e6ed5 100644
--- a/spec/support/features/reportable_note_shared_examples.rb
+++ b/spec/support/features/reportable_note_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 shared_examples 'reportable note' do |type|
diff --git a/spec/support/features/resolving_discussions_in_issues_shared_examples.rb b/spec/support/features/resolving_discussions_in_issues_shared_examples.rb
index 8d0e03134d0..d4f8a87d0d8 100644
--- a/spec/support/features/resolving_discussions_in_issues_shared_examples.rb
+++ b/spec/support/features/resolving_discussions_in_issues_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'creating an issue for a thread' do
   it 'shows an issue with the title filled in' do
     title_field = page.find_field('issue[title]')
diff --git a/spec/support/features/rss_shared_examples.rb b/spec/support/features/rss_shared_examples.rb
index 0de92aedba5..c97eeba87db 100644
--- a/spec/support/features/rss_shared_examples.rb
+++ b/spec/support/features/rss_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples "an autodiscoverable RSS feed with current_user's feed token" do
   it "has an RSS autodiscovery link tag with current_user's feed token" do
     expect(page).to have_css("link[type*='atom+xml'][href*='feed_token=#{user.feed_token}']", visible: false)
diff --git a/spec/support/features/variable_list_shared_examples.rb b/spec/support/features/variable_list_shared_examples.rb
index 01531864c1f..0f8ad2c6536 100644
--- a/spec/support/features/variable_list_shared_examples.rb
+++ b/spec/support/features/variable_list_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'variable list' do
   it 'shows list of variables' do
     page.within('.js-ci-variable-list-section') do
diff --git a/spec/support/forgery_protection.rb b/spec/support/forgery_protection.rb
index fa87d5fa881..1d6ea013292 100644
--- a/spec/support/forgery_protection.rb
+++ b/spec/support/forgery_protection.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ForgeryProtection
   def with_forgery_protection
     ActionController::Base.allow_forgery_protection = true
diff --git a/spec/support/google_api/cloud_platform_helpers.rb b/spec/support/google_api/cloud_platform_helpers.rb
index 2fdbddd40c2..a1328ef0d13 100644
--- a/spec/support/google_api/cloud_platform_helpers.rb
+++ b/spec/support/google_api/cloud_platform_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module GoogleApi
   module CloudPlatformHelpers
     def stub_google_api_validate_token
diff --git a/spec/support/helpers/api_helpers.rb b/spec/support/helpers/api_helpers.rb
index 4a9ce9beb78..e0e875186f0 100644
--- a/spec/support/helpers/api_helpers.rb
+++ b/spec/support/helpers/api_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ApiHelpers
   # Public: Prepend a request path with the path to the API
   #
diff --git a/spec/support/helpers/assets_helpers.rb b/spec/support/helpers/assets_helpers.rb
index 09bbf451671..fa24ad9ad2a 100644
--- a/spec/support/helpers/assets_helpers.rb
+++ b/spec/support/helpers/assets_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module AssetsHelpers
   # In a CI environment the assets are not compiled, as there is a CI job
   # `compile-assets` that compiles them in the prepare stage for all following
diff --git a/spec/support/helpers/bare_repo_operations.rb b/spec/support/helpers/bare_repo_operations.rb
index 3f4a4243cb6..099610f087d 100644
--- a/spec/support/helpers/bare_repo_operations.rb
+++ b/spec/support/helpers/bare_repo_operations.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'zlib'
 
 class BareRepoOperations
diff --git a/spec/support/helpers/board_helpers.rb b/spec/support/helpers/board_helpers.rb
index b85fde222ea..683ee3e4bf2 100644
--- a/spec/support/helpers/board_helpers.rb
+++ b/spec/support/helpers/board_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module BoardHelpers
   def click_card(card)
     within card do
diff --git a/spec/support/helpers/capybara_helpers.rb b/spec/support/helpers/capybara_helpers.rb
index bcc2df44708..5abbc1e2951 100644
--- a/spec/support/helpers/capybara_helpers.rb
+++ b/spec/support/helpers/capybara_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module CapybaraHelpers
   # Execute a block a certain number of times before considering it a failure
   #
diff --git a/spec/support/helpers/ci_artifact_metadata_generator.rb b/spec/support/helpers/ci_artifact_metadata_generator.rb
index ef638d59d2d..e02501565a9 100644
--- a/spec/support/helpers/ci_artifact_metadata_generator.rb
+++ b/spec/support/helpers/ci_artifact_metadata_generator.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # frozen_sting_literal: true
 
 # This generates fake CI metadata .gz for testing
diff --git a/spec/support/helpers/cookie_helper.rb b/spec/support/helpers/cookie_helper.rb
index 5ff7b0b68c9..ea4be12355b 100644
--- a/spec/support/helpers/cookie_helper.rb
+++ b/spec/support/helpers/cookie_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Helper for setting cookies in Selenium/WebDriver
 #
 module CookieHelper
diff --git a/spec/support/helpers/cycle_analytics_helpers.rb b/spec/support/helpers/cycle_analytics_helpers.rb
index 100e439ef44..575b2e779c5 100644
--- a/spec/support/helpers/cycle_analytics_helpers.rb
+++ b/spec/support/helpers/cycle_analytics_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module CycleAnalyticsHelpers
   include GitHelpers
 
diff --git a/spec/support/helpers/database_connection_helpers.rb b/spec/support/helpers/database_connection_helpers.rb
index 763329499f0..10ea7b5de91 100644
--- a/spec/support/helpers/database_connection_helpers.rb
+++ b/spec/support/helpers/database_connection_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module DatabaseConnectionHelpers
   def run_with_new_database_connection
     pool = ActiveRecord::Base.connection_pool
diff --git a/spec/support/helpers/devise_helpers.rb b/spec/support/helpers/devise_helpers.rb
index fb2a110422a..70fc6a48414 100644
--- a/spec/support/helpers/devise_helpers.rb
+++ b/spec/support/helpers/devise_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module DeviseHelpers
   # explicitly tells Devise which mapping to use
   # this is needed when we are testing a Devise controller bypassing the router
diff --git a/spec/support/helpers/drag_to_helper.rb b/spec/support/helpers/drag_to_helper.rb
index 6d53ad0b602..6099f87323f 100644
--- a/spec/support/helpers/drag_to_helper.rb
+++ b/spec/support/helpers/drag_to_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module DragTo
   def drag_to(list_from_index: 0, from_index: 0, to_index: 0, list_to_index: 0, selector: '', scrollable: 'body', duration: 1000)
     evaluate_script("simulateDrag({scrollable: $('#{scrollable}').get(0), duration: #{duration}, from: {el: $('#{selector}').eq(#{list_from_index}).get(0), index: #{from_index}}, to: {el: $('#{selector}').eq(#{list_to_index}).get(0), index: #{to_index}}});")
diff --git a/spec/support/helpers/dropzone_helper.rb b/spec/support/helpers/dropzone_helper.rb
index fe72d320fcf..a0f261b312e 100644
--- a/spec/support/helpers/dropzone_helper.rb
+++ b/spec/support/helpers/dropzone_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module DropzoneHelper
   # Provides a way to perform `attach_file` for a Dropzone-based file input
   #
diff --git a/spec/support/helpers/email_helpers.rb b/spec/support/helpers/email_helpers.rb
index ed049daba80..83ba654fab3 100644
--- a/spec/support/helpers/email_helpers.rb
+++ b/spec/support/helpers/email_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module EmailHelpers
   def sent_to_user(user, recipients: email_recipients)
     recipients.count { |to| to == user.notification_email }
diff --git a/spec/support/helpers/exclusive_lease_helpers.rb b/spec/support/helpers/exclusive_lease_helpers.rb
index 383cc7dee81..77703e20602 100644
--- a/spec/support/helpers/exclusive_lease_helpers.rb
+++ b/spec/support/helpers/exclusive_lease_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ExclusiveLeaseHelpers
   def stub_exclusive_lease(key = nil, uuid = 'uuid', renew: false, timeout: nil)
     key     ||= instance_of(String)
diff --git a/spec/support/helpers/expect_next_instance_of.rb b/spec/support/helpers/expect_next_instance_of.rb
index b95046b2b42..749d2cb2a56 100644
--- a/spec/support/helpers/expect_next_instance_of.rb
+++ b/spec/support/helpers/expect_next_instance_of.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ExpectNextInstanceOf
   def expect_next_instance_of(klass, *new_args)
     receive_new = receive(:new)
diff --git a/spec/support/helpers/expect_offense.rb b/spec/support/helpers/expect_offense.rb
index 35718ba90c5..76301fe19ff 100644
--- a/spec/support/helpers/expect_offense.rb
+++ b/spec/support/helpers/expect_offense.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rubocop/rspec/support'
 
 # https://github.com/backus/rubocop-rspec/blob/master/spec/support/expect_offense.rb
diff --git a/spec/support/helpers/fake_blob_helpers.rb b/spec/support/helpers/fake_blob_helpers.rb
index 801ca8b7412..ef4740638ff 100644
--- a/spec/support/helpers/fake_blob_helpers.rb
+++ b/spec/support/helpers/fake_blob_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module FakeBlobHelpers
   class FakeBlob
     include BlobLike
diff --git a/spec/support/helpers/fake_migration_classes.rb b/spec/support/helpers/fake_migration_classes.rb
index c7766df7a52..6c066b3b199 100644
--- a/spec/support/helpers/fake_migration_classes.rb
+++ b/spec/support/helpers/fake_migration_classes.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class FakeRenameReservedPathMigrationV1 < ActiveRecord::Migration[4.2]
   include Gitlab::Database::RenameReservedPathsMigration::V1
 
diff --git a/spec/support/helpers/fake_u2f_device.rb b/spec/support/helpers/fake_u2f_device.rb
index 22cd8152d77..f765b277175 100644
--- a/spec/support/helpers/fake_u2f_device.rb
+++ b/spec/support/helpers/fake_u2f_device.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class FakeU2fDevice
   attr_reader :name
 
diff --git a/spec/support/helpers/features/branches_helpers.rb b/spec/support/helpers/features/branches_helpers.rb
index df88fd425c9..2a50b41cb4e 100644
--- a/spec/support/helpers/features/branches_helpers.rb
+++ b/spec/support/helpers/features/branches_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # These helpers allow you to manipulate with sorting features.
 #
 # Usage:
diff --git a/spec/support/helpers/features/notes_helpers.rb b/spec/support/helpers/features/notes_helpers.rb
index 8a139fafac2..a2d8d71b541 100644
--- a/spec/support/helpers/features/notes_helpers.rb
+++ b/spec/support/helpers/features/notes_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # These helpers allow you to manipulate with notes.
 #
 # Usage:
diff --git a/spec/support/helpers/features/sorting_helpers.rb b/spec/support/helpers/features/sorting_helpers.rb
index 003ecb251fe..a6428bf8573 100644
--- a/spec/support/helpers/features/sorting_helpers.rb
+++ b/spec/support/helpers/features/sorting_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # These helpers allow you to manipulate with sorting features.
 #
 # Usage:
diff --git a/spec/support/helpers/filter_spec_helper.rb b/spec/support/helpers/filter_spec_helper.rb
index 721d359c2ee..95c24d76dcd 100644
--- a/spec/support/helpers/filter_spec_helper.rb
+++ b/spec/support/helpers/filter_spec_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Helper methods for Banzai filter specs
 #
 # Must be included into specs manually
diff --git a/spec/support/helpers/filtered_search_helpers.rb b/spec/support/helpers/filtered_search_helpers.rb
index 34ef185ea27..39c818b1763 100644
--- a/spec/support/helpers/filtered_search_helpers.rb
+++ b/spec/support/helpers/filtered_search_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module FilteredSearchHelpers
   def filtered_search
     page.find('.filtered-search')
diff --git a/spec/support/helpers/fixture_helpers.rb b/spec/support/helpers/fixture_helpers.rb
index 611d19f36a0..7b3b8ae5f7a 100644
--- a/spec/support/helpers/fixture_helpers.rb
+++ b/spec/support/helpers/fixture_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module FixtureHelpers
   def fixture_file(filename, dir: '')
     return '' if filename.blank?
diff --git a/spec/support/helpers/git_http_helpers.rb b/spec/support/helpers/git_http_helpers.rb
index c83860d7b51..de8bb9ac8e3 100644
--- a/spec/support/helpers/git_http_helpers.rb
+++ b/spec/support/helpers/git_http_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require_relative 'workhorse_helpers'
 
 module GitHttpHelpers
diff --git a/spec/support/helpers/gitlab_verify_helpers.rb b/spec/support/helpers/gitlab_verify_helpers.rb
index 5df4bf24ec2..9901ce374ed 100644
--- a/spec/support/helpers/gitlab_verify_helpers.rb
+++ b/spec/support/helpers/gitlab_verify_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module GitlabVerifyHelpers
   def collect_ranges(args = {})
     verifier = described_class.new(args.merge(batch_size: 1))
diff --git a/spec/support/helpers/graphql_helpers.rb b/spec/support/helpers/graphql_helpers.rb
index ec3c460cd37..ae1b859ae3f 100644
--- a/spec/support/helpers/graphql_helpers.rb
+++ b/spec/support/helpers/graphql_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module GraphqlHelpers
   MutationDefinition = Struct.new(:query, :variables)
 
diff --git a/spec/support/helpers/import_spec_helper.rb b/spec/support/helpers/import_spec_helper.rb
index d4eced724fa..d8fb2ba08af 100644
--- a/spec/support/helpers/import_spec_helper.rb
+++ b/spec/support/helpers/import_spec_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'ostruct'
 
 # Helper methods for controller specs in the Import namespace
diff --git a/spec/support/helpers/input_helper.rb b/spec/support/helpers/input_helper.rb
index acbb42274ec..5136f8e9cb8 100644
--- a/spec/support/helpers/input_helper.rb
+++ b/spec/support/helpers/input_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # see app/assets/javascripts/test_utils/simulate_input.js
 
 module InputHelper
diff --git a/spec/support/helpers/inspect_requests.rb b/spec/support/helpers/inspect_requests.rb
index 88ddc5c7f6c..4a1d9cb8539 100644
--- a/spec/support/helpers/inspect_requests.rb
+++ b/spec/support/helpers/inspect_requests.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require_relative './wait_for_requests'
 
 module InspectRequests
diff --git a/spec/support/helpers/issue_helpers.rb b/spec/support/helpers/issue_helpers.rb
index ffd72515f37..82b954a92e2 100644
--- a/spec/support/helpers/issue_helpers.rb
+++ b/spec/support/helpers/issue_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module IssueHelpers
   def visit_issues(project, opts = {})
     visit project_issues_path project, opts
diff --git a/spec/support/helpers/javascript_fixtures_helpers.rb b/spec/support/helpers/javascript_fixtures_helpers.rb
index e9129bd263e..7ec65318ec5 100644
--- a/spec/support/helpers/javascript_fixtures_helpers.rb
+++ b/spec/support/helpers/javascript_fixtures_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'action_dispatch/testing/test_request'
 require 'fileutils'
 
diff --git a/spec/support/helpers/jira_service_helper.rb b/spec/support/helpers/jira_service_helper.rb
index 7e955f3d593..57c33c81ea3 100644
--- a/spec/support/helpers/jira_service_helper.rb
+++ b/spec/support/helpers/jira_service_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module JiraServiceHelper
   JIRA_URL = "http://jira.example.net".freeze
   JIRA_API = JIRA_URL + "/rest/api/2"
diff --git a/spec/support/helpers/key_generator_helper.rb b/spec/support/helpers/key_generator_helper.rb
index 768b8c127b9..59c8eeb3692 100644
--- a/spec/support/helpers/key_generator_helper.rb
+++ b/spec/support/helpers/key_generator_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Spec
   module Support
     module Helpers
diff --git a/spec/support/helpers/kubernetes_helpers.rb b/spec/support/helpers/kubernetes_helpers.rb
index 278264f3df5..538a5b8ef3c 100644
--- a/spec/support/helpers/kubernetes_helpers.rb
+++ b/spec/support/helpers/kubernetes_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module KubernetesHelpers
   include Gitlab::Kubernetes
 
diff --git a/spec/support/helpers/ldap_helpers.rb b/spec/support/helpers/ldap_helpers.rb
index 66ca5d7f0a3..dce8a3803f5 100644
--- a/spec/support/helpers/ldap_helpers.rb
+++ b/spec/support/helpers/ldap_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module LdapHelpers
   def ldap_adapter(provider = 'ldapmain', ldap = double(:ldap))
     ::Gitlab::Auth::LDAP::Adapter.new(provider, ldap)
diff --git a/spec/support/helpers/live_debugger.rb b/spec/support/helpers/live_debugger.rb
index 911eb48a8ca..d6091035b59 100644
--- a/spec/support/helpers/live_debugger.rb
+++ b/spec/support/helpers/live_debugger.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'io/console'
 
 module LiveDebugger
diff --git a/spec/support/helpers/login_helpers.rb b/spec/support/helpers/login_helpers.rb
index 0cb99b4e087..2b508ee6f2c 100644
--- a/spec/support/helpers/login_helpers.rb
+++ b/spec/support/helpers/login_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require_relative 'devise_helpers'
 
 module LoginHelpers
diff --git a/spec/support/helpers/markdown_feature.rb b/spec/support/helpers/markdown_feature.rb
index 96401379cf0..eea03fb9325 100644
--- a/spec/support/helpers/markdown_feature.rb
+++ b/spec/support/helpers/markdown_feature.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # This is a helper class used by the GitLab Markdown feature spec
 #
 # Because the feature spec only cares about the output of the Markdown, and the
diff --git a/spec/support/helpers/merge_request_diff_helpers.rb b/spec/support/helpers/merge_request_diff_helpers.rb
index 3b49d0b3319..49beecc6d4b 100644
--- a/spec/support/helpers/merge_request_diff_helpers.rb
+++ b/spec/support/helpers/merge_request_diff_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MergeRequestDiffHelpers
   def click_diff_line(line_holder, diff_side = nil)
     line = get_line_components(line_holder, diff_side)
diff --git a/spec/support/helpers/merge_request_helpers.rb b/spec/support/helpers/merge_request_helpers.rb
index 772adff4626..3c359bc9353 100644
--- a/spec/support/helpers/merge_request_helpers.rb
+++ b/spec/support/helpers/merge_request_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MergeRequestHelpers
   def visit_merge_requests(project, opts = {})
     visit project_merge_requests_path project, opts
diff --git a/spec/support/helpers/migrations_helpers.rb b/spec/support/helpers/migrations_helpers.rb
index 272b24f7541..2727ab7fb1e 100644
--- a/spec/support/helpers/migrations_helpers.rb
+++ b/spec/support/helpers/migrations_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MigrationsHelpers
   def active_record_base
     ActiveRecord::Base
diff --git a/spec/support/helpers/mobile_helpers.rb b/spec/support/helpers/mobile_helpers.rb
index 4230d315d9b..94dbd2fb1b7 100644
--- a/spec/support/helpers/mobile_helpers.rb
+++ b/spec/support/helpers/mobile_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MobileHelpers
   def resize_screen_xs
     resize_window(575, 768)
diff --git a/spec/support/helpers/note_interaction_helpers.rb b/spec/support/helpers/note_interaction_helpers.rb
index 79a0aa174b1..a4322618cd3 100644
--- a/spec/support/helpers/note_interaction_helpers.rb
+++ b/spec/support/helpers/note_interaction_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module NoteInteractionHelpers
   def open_more_actions_dropdown(note)
     note_element = find("#note_#{note.id}")
diff --git a/spec/support/helpers/notification_helpers.rb b/spec/support/helpers/notification_helpers.rb
index 44c2051598c..16ecb338f6e 100644
--- a/spec/support/helpers/notification_helpers.rb
+++ b/spec/support/helpers/notification_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module NotificationHelpers
   extend self
 
diff --git a/spec/support/helpers/project_forks_helper.rb b/spec/support/helpers/project_forks_helper.rb
index bcb11a09b36..b2d22853e4c 100644
--- a/spec/support/helpers/project_forks_helper.rb
+++ b/spec/support/helpers/project_forks_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ProjectForksHelper
   def fork_project(project, user = nil, params = {})
     Gitlab::GitalyClient.allow_n_plus_1_calls do
diff --git a/spec/support/helpers/prometheus_helpers.rb b/spec/support/helpers/prometheus_helpers.rb
index db662836013..4d39d9df494 100644
--- a/spec/support/helpers/prometheus_helpers.rb
+++ b/spec/support/helpers/prometheus_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module PrometheusHelpers
   def prometheus_memory_query(environment_slug)
     %{avg(container_memory_usage_bytes{container_name!="POD",environment="#{environment_slug}"}) / 2^20}
diff --git a/spec/support/helpers/query_recorder.rb b/spec/support/helpers/query_recorder.rb
index f77b43391dd..d936dc6de41 100644
--- a/spec/support/helpers/query_recorder.rb
+++ b/spec/support/helpers/query_recorder.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ActiveRecord
   class QueryRecorder
     attr_reader :log, :skip_cached, :cached
diff --git a/spec/support/helpers/quick_actions_helpers.rb b/spec/support/helpers/quick_actions_helpers.rb
index 361190aa352..cb853f5363f 100644
--- a/spec/support/helpers/quick_actions_helpers.rb
+++ b/spec/support/helpers/quick_actions_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module QuickActionsHelpers
   def write_note(text)
     Sidekiq::Testing.fake! do
diff --git a/spec/support/helpers/rake_helpers.rb b/spec/support/helpers/rake_helpers.rb
index 7d8d7750bf3..d8f354a69da 100644
--- a/spec/support/helpers/rake_helpers.rb
+++ b/spec/support/helpers/rake_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module RakeHelpers
   def run_rake_task(task_name, *args)
     Rake::Task[task_name].reenable
diff --git a/spec/support/helpers/reactive_caching_helpers.rb b/spec/support/helpers/reactive_caching_helpers.rb
index 528da37e8cf..aa9d3b3a199 100644
--- a/spec/support/helpers/reactive_caching_helpers.rb
+++ b/spec/support/helpers/reactive_caching_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ReactiveCachingHelpers
   def reactive_cache_key(subject, *qualifiers)
     ([subject.class.reactive_cache_key.call(subject)].flatten + qualifiers).join(':')
diff --git a/spec/support/helpers/redis_without_keys.rb b/spec/support/helpers/redis_without_keys.rb
index 6220167dee6..e030f1028f7 100644
--- a/spec/support/helpers/redis_without_keys.rb
+++ b/spec/support/helpers/redis_without_keys.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class Redis
   ForbiddenCommand = Class.new(StandardError)
 
diff --git a/spec/support/helpers/reference_parser_helpers.rb b/spec/support/helpers/reference_parser_helpers.rb
index 9f27502aa52..f96a01d15b5 100644
--- a/spec/support/helpers/reference_parser_helpers.rb
+++ b/spec/support/helpers/reference_parser_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ReferenceParserHelpers
   def empty_html_link
     Nokogiri::HTML.fragment('<a></a>').children[0]
diff --git a/spec/support/helpers/repo_helpers.rb b/spec/support/helpers/repo_helpers.rb
index 44d95a029af..ca4d2acbf2c 100644
--- a/spec/support/helpers/repo_helpers.rb
+++ b/spec/support/helpers/repo_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module RepoHelpers
   extend self
 
diff --git a/spec/support/helpers/routes_helpers.rb b/spec/support/helpers/routes_helpers.rb
index c4129606418..2a7cd81cbe3 100644
--- a/spec/support/helpers/routes_helpers.rb
+++ b/spec/support/helpers/routes_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module RoutesHelpers
   def fake_routes(&block)
     @routes = @routes.dup
diff --git a/spec/support/helpers/search_helpers.rb b/spec/support/helpers/search_helpers.rb
index abbbb636d66..815337f8615 100644
--- a/spec/support/helpers/search_helpers.rb
+++ b/spec/support/helpers/search_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module SearchHelpers
   def select_filter(name)
     find(:xpath, "//ul[contains(@class, 'search-filter')]//a[contains(.,'#{name}')]").click
diff --git a/spec/support/helpers/seed_repo.rb b/spec/support/helpers/seed_repo.rb
index 71f1a86b0c1..20738b45129 100644
--- a/spec/support/helpers/seed_repo.rb
+++ b/spec/support/helpers/seed_repo.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # This file is generated by generate-seed-repo-rb. Do not edit this file manually.
 #
 # Seed repo:
diff --git a/spec/support/helpers/select2_helper.rb b/spec/support/helpers/select2_helper.rb
index 87672c8896d..9c42c2b0d8b 100644
--- a/spec/support/helpers/select2_helper.rb
+++ b/spec/support/helpers/select2_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require_relative 'wait_for_requests'
 
 # Select2 ajax programmatic helper
diff --git a/spec/support/helpers/selection_helper.rb b/spec/support/helpers/selection_helper.rb
index b4725b137b2..a5f9ca76f6e 100644
--- a/spec/support/helpers/selection_helper.rb
+++ b/spec/support/helpers/selection_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module SelectionHelper
   def select_element(selector)
     find(selector)
diff --git a/spec/support/helpers/sorting_helper.rb b/spec/support/helpers/sorting_helper.rb
index e505a6b7258..3801d25fb63 100644
--- a/spec/support/helpers/sorting_helper.rb
+++ b/spec/support/helpers/sorting_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Helper allows you to sort items
 #
 # Params
diff --git a/spec/support/helpers/stub_configuration.rb b/spec/support/helpers/stub_configuration.rb
index 049702be1f6..c8b2bf040e6 100644
--- a/spec/support/helpers/stub_configuration.rb
+++ b/spec/support/helpers/stub_configuration.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'active_support/core_ext/hash/transform_values'
 require 'active_support/hash_with_indifferent_access'
 require 'active_support/dependencies'
diff --git a/spec/support/helpers/stub_env.rb b/spec/support/helpers/stub_env.rb
index 1c2f474a015..8107ffc939f 100644
--- a/spec/support/helpers/stub_env.rb
+++ b/spec/support/helpers/stub_env.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Inspired by https://github.com/ljkbennett/stub_env/blob/master/lib/stub_env/helpers.rb
 module StubENV
   def stub_env(key_or_hash, value = nil)
diff --git a/spec/support/helpers/stub_feature_flags.rb b/spec/support/helpers/stub_feature_flags.rb
index 48258692304..6c3efff7262 100644
--- a/spec/support/helpers/stub_feature_flags.rb
+++ b/spec/support/helpers/stub_feature_flags.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module StubFeatureFlags
   # Stub Feature flags with `flag_name: true/false`
   #
diff --git a/spec/support/helpers/stub_gitlab_calls.rb b/spec/support/helpers/stub_gitlab_calls.rb
index 4cb3b18df85..badea94352a 100644
--- a/spec/support/helpers/stub_gitlab_calls.rb
+++ b/spec/support/helpers/stub_gitlab_calls.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module StubGitlabCalls
   def stub_gitlab_calls
     stub_user
diff --git a/spec/support/helpers/stub_gitlab_data.rb b/spec/support/helpers/stub_gitlab_data.rb
index fa402f35b95..ed518393c03 100644
--- a/spec/support/helpers/stub_gitlab_data.rb
+++ b/spec/support/helpers/stub_gitlab_data.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module StubGitlabData
   def gitlab_ci_yaml
     File.read(Rails.root.join('spec/support/gitlab_stubs/gitlab_ci.yml'))
diff --git a/spec/support/helpers/stub_metrics.rb b/spec/support/helpers/stub_metrics.rb
index 64983fdf222..e347955efbb 100644
--- a/spec/support/helpers/stub_metrics.rb
+++ b/spec/support/helpers/stub_metrics.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module StubMetrics
   def authentication_metrics
     Gitlab::Auth::Activity
diff --git a/spec/support/helpers/stub_object_storage.rb b/spec/support/helpers/stub_object_storage.rb
index d31f9908714..e5b8bb712bb 100644
--- a/spec/support/helpers/stub_object_storage.rb
+++ b/spec/support/helpers/stub_object_storage.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module StubObjectStorage
   def stub_object_storage_uploader(
         config:,
diff --git a/spec/support/helpers/stub_requests.rb b/spec/support/helpers/stub_requests.rb
index 5cad35282c0..6eb8007ed26 100644
--- a/spec/support/helpers/stub_requests.rb
+++ b/spec/support/helpers/stub_requests.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module StubRequests
   IP_ADDRESS_STUB = '8.8.8.9'.freeze
 
diff --git a/spec/support/helpers/stub_worker.rb b/spec/support/helpers/stub_worker.rb
index 58b7ee93dff..cac839ed5fe 100644
--- a/spec/support/helpers/stub_worker.rb
+++ b/spec/support/helpers/stub_worker.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Inspired by https://github.com/ljkbennett/stub_env/blob/master/lib/stub_env/helpers.rb
 module StubWorker
   def stub_worker(queue:)
diff --git a/spec/support/helpers/terms_helper.rb b/spec/support/helpers/terms_helper.rb
index a00ec14138b..a61bae18f9a 100644
--- a/spec/support/helpers/terms_helper.rb
+++ b/spec/support/helpers/terms_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module TermsHelper
   def enforce_terms
     stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
diff --git a/spec/support/helpers/test_env.rb b/spec/support/helpers/test_env.rb
index b062631b995..a4acf76e1a3 100644
--- a/spec/support/helpers/test_env.rb
+++ b/spec/support/helpers/test_env.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rspec/mocks'
 require 'toml-rb'
 
diff --git a/spec/support/helpers/upload_helpers.rb b/spec/support/helpers/upload_helpers.rb
index 5eead80c935..60e14a8673b 100644
--- a/spec/support/helpers/upload_helpers.rb
+++ b/spec/support/helpers/upload_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fileutils'
 
 module UploadHelpers
diff --git a/spec/support/helpers/wait_for_requests.rb b/spec/support/helpers/wait_for_requests.rb
index 45b9faa0fea..3bb2f7c5b51 100644
--- a/spec/support/helpers/wait_for_requests.rb
+++ b/spec/support/helpers/wait_for_requests.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module WaitForRequests
   extend self
 
diff --git a/spec/support/helpers/wait_helpers.rb b/spec/support/helpers/wait_helpers.rb
index 7e8e25798e8..a8c4408db59 100644
--- a/spec/support/helpers/wait_helpers.rb
+++ b/spec/support/helpers/wait_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module WaitHelpers
   extend self
 
diff --git a/spec/support/helpers/wiki_helpers.rb b/spec/support/helpers/wiki_helpers.rb
index 8165403cb60..06cea728b42 100644
--- a/spec/support/helpers/wiki_helpers.rb
+++ b/spec/support/helpers/wiki_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module WikiHelpers
   extend self
 
diff --git a/spec/support/helpers/workhorse_helpers.rb b/spec/support/helpers/workhorse_helpers.rb
index ef1f9f68671..4488e5f227e 100644
--- a/spec/support/helpers/workhorse_helpers.rb
+++ b/spec/support/helpers/workhorse_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module WorkhorseHelpers
   extend self
 
diff --git a/spec/support/http_io/http_io_helpers.rb b/spec/support/http_io/http_io_helpers.rb
index 42144870eb5..0193db81fa9 100644
--- a/spec/support/http_io/http_io_helpers.rb
+++ b/spec/support/http_io/http_io_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module HttpIOHelpers
   def stub_remote_url_206(url, file_path)
     WebMock.stub_request(:get, url)
diff --git a/spec/support/import_export/common_util.rb b/spec/support/import_export/common_util.rb
index 2542a59bb00..ac6840dbcfc 100644
--- a/spec/support/import_export/common_util.rb
+++ b/spec/support/import_export/common_util.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ImportExport
   module CommonUtil
     def setup_symlink(tmpdir, symlink_name)
diff --git a/spec/support/import_export/configuration_helper.rb b/spec/support/import_export/configuration_helper.rb
index b4164cff922..122df7f27f0 100644
--- a/spec/support/import_export/configuration_helper.rb
+++ b/spec/support/import_export/configuration_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ConfigurationHelper
   # Returns a list of models from hashes/arrays contained in +project_tree+
   def names_from_tree(project_tree)
diff --git a/spec/support/import_export/export_file_helper.rb b/spec/support/import_export/export_file_helper.rb
index 388b88f0331..f862a9bc1a4 100644
--- a/spec/support/import_export/export_file_helper.rb
+++ b/spec/support/import_export/export_file_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require './spec/support/import_export/configuration_helper'
 
 module ExportFileHelper
diff --git a/spec/support/inspect_squelch.rb b/spec/support/inspect_squelch.rb
index 8ee6732370b..90475204889 100644
--- a/spec/support/inspect_squelch.rb
+++ b/spec/support/inspect_squelch.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # This class can generate a lot of output if it fails,
 # so squelch the instance variable output.
 class ActiveSupport::Cache::NullStore
diff --git a/spec/support/issuables_requiring_filter_shared_examples.rb b/spec/support/issuables_requiring_filter_shared_examples.rb
index 71bcc82ee58..ee25df00dfb 100644
--- a/spec/support/issuables_requiring_filter_shared_examples.rb
+++ b/spec/support/issuables_requiring_filter_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'issuables requiring filter' do |action|
   it "doesn't load any issuables if no filter is set" do
     expect_any_instance_of(described_class).not_to receive(:issuables_collection)
diff --git a/spec/support/json_response.rb b/spec/support/json_response.rb
index 43d8ab73dde..55bdce0cfe9 100644
--- a/spec/support/json_response.rb
+++ b/spec/support/json_response.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.configure do |config|
   config.include_context 'JSON response', type: :controller
   config.include_context 'JSON response', type: :request
diff --git a/spec/support/matchers/abort_matcher.rb b/spec/support/matchers/abort_matcher.rb
index ce1dd140210..64fed2ca069 100644
--- a/spec/support/matchers/abort_matcher.rb
+++ b/spec/support/matchers/abort_matcher.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :abort_execution do
   match do |code_block|
     @captured_stderr = StringIO.new
diff --git a/spec/support/matchers/access_matchers.rb b/spec/support/matchers/access_matchers.rb
index e6899e2d23c..c9ff777f604 100644
--- a/spec/support/matchers/access_matchers.rb
+++ b/spec/support/matchers/access_matchers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # AccessMatchers
 #
 # The custom matchers contained in this module are used to test a user's access
diff --git a/spec/support/matchers/access_matchers_for_controller.rb b/spec/support/matchers/access_matchers_for_controller.rb
index 429401a5da8..401bf6c196e 100644
--- a/spec/support/matchers/access_matchers_for_controller.rb
+++ b/spec/support/matchers/access_matchers_for_controller.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # AccessMatchersForController
 #
 # For testing authorize_xxx in controller.
diff --git a/spec/support/matchers/background_migrations_matchers.rb b/spec/support/matchers/background_migrations_matchers.rb
index f4127efc6ae..c38aa7ad6a6 100644
--- a/spec/support/matchers/background_migrations_matchers.rb
+++ b/spec/support/matchers/background_migrations_matchers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :be_scheduled_delayed_migration do |delay, *expected|
   match do |migration|
     BackgroundMigrationWorker.jobs.any? do |job|
diff --git a/spec/support/matchers/be_a_binary_string.rb b/spec/support/matchers/be_a_binary_string.rb
index f041ae76167..6195c6c7554 100644
--- a/spec/support/matchers/be_a_binary_string.rb
+++ b/spec/support/matchers/be_a_binary_string.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :be_a_binary_string do |_|
   match do |actual|
     actual.is_a?(String) && actual.encoding == Encoding.find('ASCII-8BIT')
diff --git a/spec/support/matchers/be_like_time.rb b/spec/support/matchers/be_like_time.rb
index 1f27390eab7..b449f7a7ffb 100644
--- a/spec/support/matchers/be_like_time.rb
+++ b/spec/support/matchers/be_like_time.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :be_like_time do |expected|
   match do |actual|
     expect(actual).to be_within(1.second).of(expected)
diff --git a/spec/support/matchers/be_url.rb b/spec/support/matchers/be_url.rb
index f8096af1b22..7bd0e7fada4 100644
--- a/spec/support/matchers/be_url.rb
+++ b/spec/support/matchers/be_url.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :be_url do |_|
   match do |actual|
     URI.parse(actual) rescue false
diff --git a/spec/support/matchers/be_utf8.rb b/spec/support/matchers/be_utf8.rb
index ea806352422..4fa55539a49 100644
--- a/spec/support/matchers/be_utf8.rb
+++ b/spec/support/matchers/be_utf8.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :be_utf8 do |_|
   match do |actual|
     actual.is_a?(String) && actual.encoding == Encoding.find('UTF-8')
diff --git a/spec/support/matchers/be_valid_commit.rb b/spec/support/matchers/be_valid_commit.rb
index 3696e4d5f03..b59339de622 100644
--- a/spec/support/matchers/be_valid_commit.rb
+++ b/spec/support/matchers/be_valid_commit.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :be_valid_commit do
   match do |actual|
     actual &&
diff --git a/spec/support/matchers/disallow_request_matchers.rb b/spec/support/matchers/disallow_request_matchers.rb
index db4d90e4fd0..a161e3660cd 100644
--- a/spec/support/matchers/disallow_request_matchers.rb
+++ b/spec/support/matchers/disallow_request_matchers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :disallow_request do
   match do |middleware|
     alert = middleware.env['rack.session'].to_hash
diff --git a/spec/support/matchers/exceed_query_limit.rb b/spec/support/matchers/exceed_query_limit.rb
index cd042401f3a..40cf85eb8e5 100644
--- a/spec/support/matchers/exceed_query_limit.rb
+++ b/spec/support/matchers/exceed_query_limit.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ExceedQueryLimitHelpers
   def with_threshold(threshold)
     @threshold = threshold
diff --git a/spec/support/matchers/execute_check.rb b/spec/support/matchers/execute_check.rb
index 7232fad52fb..d3c0751f0dc 100644
--- a/spec/support/matchers/execute_check.rb
+++ b/spec/support/matchers/execute_check.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :execute_check do |expected|
   match do |actual|
     expect(actual).to eq(SystemCheck)
diff --git a/spec/support/matchers/gitaly_matchers.rb b/spec/support/matchers/gitaly_matchers.rb
index 933ed22b5d0..c2b3ebe3422 100644
--- a/spec/support/matchers/gitaly_matchers.rb
+++ b/spec/support/matchers/gitaly_matchers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :gitaly_request_with_path do |storage_name, relative_path|
   match do |actual|
     repository = actual.repository
diff --git a/spec/support/matchers/gitlab_git_matchers.rb b/spec/support/matchers/gitlab_git_matchers.rb
index c840cd4bf2d..aea1603db05 100644
--- a/spec/support/matchers/gitlab_git_matchers.rb
+++ b/spec/support/matchers/gitlab_git_matchers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :gitlab_git_repository_with do |values|
   match do |actual|
     actual.is_a?(Gitlab::Git::Repository) &&
diff --git a/spec/support/matchers/graphql_matchers.rb b/spec/support/matchers/graphql_matchers.rb
index 7894484f590..4d48b4b5389 100644
--- a/spec/support/matchers/graphql_matchers.rb
+++ b/spec/support/matchers/graphql_matchers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :require_graphql_authorizations do |*expected|
   match do |field|
     expect(field.metadata[:authorize]).to eq(*expected)
diff --git a/spec/support/matchers/have_emoji.rb b/spec/support/matchers/have_emoji.rb
index 23fb8e9c1c4..273bd0b7f40 100644
--- a/spec/support/matchers/have_emoji.rb
+++ b/spec/support/matchers/have_emoji.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :have_emoji do |emoji_name|
   match do |actual|
     expect(actual).to have_selector("gl-emoji[data-name='#{emoji_name}']")
diff --git a/spec/support/matchers/have_gitlab_http_status.rb b/spec/support/matchers/have_gitlab_http_status.rb
index e7e418cdde4..13a64a58218 100644
--- a/spec/support/matchers/have_gitlab_http_status.rb
+++ b/spec/support/matchers/have_gitlab_http_status.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :have_gitlab_http_status do |expected|
   match do |actual|
     expect(actual).to have_http_status(expected)
diff --git a/spec/support/matchers/have_issuable_counts.rb b/spec/support/matchers/have_issuable_counts.rb
index 92cf3de5448..049cfc022fb 100644
--- a/spec/support/matchers/have_issuable_counts.rb
+++ b/spec/support/matchers/have_issuable_counts.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :have_issuable_counts do |opts|
   expected_counts = opts.map do |state, count|
     "#{state.to_s.humanize} #{count}"
diff --git a/spec/support/matchers/include_module.rb b/spec/support/matchers/include_module.rb
index 0a78af1e90e..9b6970cf061 100644
--- a/spec/support/matchers/include_module.rb
+++ b/spec/support/matchers/include_module.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :include_module do |expected|
   match do
     described_class.included_modules.include?(expected)
diff --git a/spec/support/matchers/issuable_matchers.rb b/spec/support/matchers/issuable_matchers.rb
index 62f510b0fbd..743f0b8c932 100644
--- a/spec/support/matchers/issuable_matchers.rb
+++ b/spec/support/matchers/issuable_matchers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :have_header_with_correct_id_and_link do |level, text, id, parent = ".md"|
   match do |actual|
     node = find("#{parent} h#{level} a#user-content-#{id}")
diff --git a/spec/support/matchers/markdown_matchers.rb b/spec/support/matchers/markdown_matchers.rb
index ec4ec6f4038..12e8fa83a60 100644
--- a/spec/support/matchers/markdown_matchers.rb
+++ b/spec/support/matchers/markdown_matchers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # MarkdownMatchers
 #
 # Custom matchers for our custom HTML::Pipeline filters. These are used to test
diff --git a/spec/support/matchers/match_file.rb b/spec/support/matchers/match_file.rb
index d1888b3376a..4e522b52912 100644
--- a/spec/support/matchers/match_file.rb
+++ b/spec/support/matchers/match_file.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :match_file do |expected|
   match do |actual|
     expect(Digest::MD5.hexdigest(actual)).to eq(Digest::MD5.hexdigest(File.read(expected)))
diff --git a/spec/support/matchers/match_ids.rb b/spec/support/matchers/match_ids.rb
index 1cb6b74acac..7bc41949937 100644
--- a/spec/support/matchers/match_ids.rb
+++ b/spec/support/matchers/match_ids.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :match_ids do |*expected|
   match do |actual|
     actual_ids = map_ids(actual)
diff --git a/spec/support/matchers/metric_counter_matcher.rb b/spec/support/matchers/metric_counter_matcher.rb
index 22d5cd17e3f..f0d52b9b149 100644
--- a/spec/support/matchers/metric_counter_matcher.rb
+++ b/spec/support/matchers/metric_counter_matcher.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :increment do |counter|
   match do |adapter|
     expect(adapter.send(counter))
diff --git a/spec/support/matchers/navigation_matcher.rb b/spec/support/matchers/navigation_matcher.rb
index 63f59b9654c..ad73c96031e 100644
--- a/spec/support/matchers/navigation_matcher.rb
+++ b/spec/support/matchers/navigation_matcher.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :have_active_navigation do |expected|
   match do |page|
     expect(page).to have_selector('.sidebar-top-level-items > li.active', count: 1)
diff --git a/spec/support/matchers/pagination_matcher.rb b/spec/support/matchers/pagination_matcher.rb
index 9a7697e2bfc..a3e9c3b8474 100644
--- a/spec/support/matchers/pagination_matcher.rb
+++ b/spec/support/matchers/pagination_matcher.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :include_pagination_headers do |expected|
   match do |actual|
     expect(actual.headers).to include('X-Total', 'X-Total-Pages', 'X-Per-Page', 'X-Page', 'X-Next-Page', 'X-Prev-Page', 'Link')
diff --git a/spec/support/matchers/query_matcher.rb b/spec/support/matchers/query_matcher.rb
index bb0feca7c43..3e47fe241bc 100644
--- a/spec/support/matchers/query_matcher.rb
+++ b/spec/support/matchers/query_matcher.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :make_queries_matching do |matcher, expected_count = nil|
   supports_block_expectations
 
diff --git a/spec/support/matchers/satisfy_matchers.rb b/spec/support/matchers/satisfy_matchers.rb
index 585915bac93..dd1920ee2b2 100644
--- a/spec/support/matchers/satisfy_matchers.rb
+++ b/spec/support/matchers/satisfy_matchers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # These matchers are a syntactic hack to provide more readable expectations for
 # an Enumerable object.
 #
diff --git a/spec/support/matchers/security_header_matcher.rb b/spec/support/matchers/security_header_matcher.rb
index f8518d13ebb..760b1fddd06 100644
--- a/spec/support/matchers/security_header_matcher.rb
+++ b/spec/support/matchers/security_header_matcher.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec::Matchers.define :include_security_headers do |expected|
   match do |actual|
     expect(actual.headers).to include('X-Content-Type-Options')
diff --git a/spec/support/migrations_helpers/track_untracked_uploads_helpers.rb b/spec/support/migrations_helpers/track_untracked_uploads_helpers.rb
index 016bcfa9b1b..656be3b6d4d 100644
--- a/spec/support/migrations_helpers/track_untracked_uploads_helpers.rb
+++ b/spec/support/migrations_helpers/track_untracked_uploads_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MigrationsHelpers
   module TrackUntrackedUploadsHelpers
     PUBLIC_DIR = File.join(Rails.root, 'tmp', 'tests', 'public')
diff --git a/spec/support/omni_auth.rb b/spec/support/omni_auth.rb
index 0b1af4052ff..64aa3855a6f 100644
--- a/spec/support/omni_auth.rb
+++ b/spec/support/omni_auth.rb
@@ -1 +1,3 @@
+# frozen_string_literal: true
+
 OmniAuth.config.test_mode = true
diff --git a/spec/support/prometheus/additional_metrics_shared_examples.rb b/spec/support/prometheus/additional_metrics_shared_examples.rb
index de21e808932..82582630dee 100644
--- a/spec/support/prometheus/additional_metrics_shared_examples.rb
+++ b/spec/support/prometheus/additional_metrics_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples 'additional metrics query' do
   include Prometheus::MetricBuilders
 
diff --git a/spec/support/prometheus/metric_builders.rb b/spec/support/prometheus/metric_builders.rb
index c8d056d3fc8..512e32a44d0 100644
--- a/spec/support/prometheus/metric_builders.rb
+++ b/spec/support/prometheus/metric_builders.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Prometheus
   module MetricBuilders
     def simple_query(suffix = 'a', **opts)
diff --git a/spec/support/protected_tags/access_control_ce_shared_examples.rb b/spec/support/protected_tags/access_control_ce_shared_examples.rb
index 71eec9f3217..8666c19481c 100644
--- a/spec/support/protected_tags/access_control_ce_shared_examples.rb
+++ b/spec/support/protected_tags/access_control_ce_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples "protected tags > access control > CE" do
   ProtectedRefAccess::HUMAN_ACCESS_LEVELS.each do |(access_type_id, access_type_name)|
     it "allows creating protected tags that #{access_type_name} can create" do
diff --git a/spec/support/redis/redis_helpers.rb b/spec/support/redis/redis_helpers.rb
index 0457e8487d8..7c571738a01 100644
--- a/spec/support/redis/redis_helpers.rb
+++ b/spec/support/redis/redis_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module RedisHelpers
   # config/README.md
 
diff --git a/spec/support/redis/redis_shared_examples.rb b/spec/support/redis/redis_shared_examples.rb
index 6aa59960092..7e47cdae866 100644
--- a/spec/support/redis/redis_shared_examples.rb
+++ b/spec/support/redis/redis_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples "redis_shared_examples" do
   include StubENV
 
diff --git a/spec/support/rspec.rb b/spec/support/rspec.rb
index b38c5dfe60b..1c9f9e5161e 100644
--- a/spec/support/rspec.rb
+++ b/spec/support/rspec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require_relative "helpers/stub_configuration"
 require_relative "helpers/stub_metrics"
 require_relative "helpers/stub_object_storage"
diff --git a/spec/support/seed.rb b/spec/support/seed.rb
index bea2e9c3044..36cb819763b 100644
--- a/spec/support/seed.rb
+++ b/spec/support/seed.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.configure do |config|
   config.include SeedHelper, :seed_helper
 
diff --git a/spec/support/services/clusters/create_service_shared.rb b/spec/support/services/clusters/create_service_shared.rb
index b0bf942aa09..6ec8750ce87 100644
--- a/spec/support/services/clusters/create_service_shared.rb
+++ b/spec/support/services/clusters/create_service_shared.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_context 'valid cluster create params' do
   let(:params) do
     {
diff --git a/spec/support/services/issuable_create_service_slash_commands_shared_examples.rb b/spec/support/services/issuable_create_service_slash_commands_shared_examples.rb
index 8b4cffaac19..4c3644e6724 100644
--- a/spec/support/services/issuable_create_service_slash_commands_shared_examples.rb
+++ b/spec/support/services/issuable_create_service_slash_commands_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Specifications for behavior common to all objects with executable attributes.
 # It can take a `default_params`.
 
diff --git a/spec/support/services/issuable_update_service_shared_examples.rb b/spec/support/services/issuable_update_service_shared_examples.rb
index ffbce6c42bf..5e5acd0e40a 100644
--- a/spec/support/services/issuable_update_service_shared_examples.rb
+++ b/spec/support/services/issuable_update_service_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'issuable update service' do
   def update_issuable(opts)
     described_class.new(project, user, opts).execute(open_issuable)
diff --git a/spec/support/services/migrate_to_ghost_user_service_shared_examples.rb b/spec/support/services/migrate_to_ghost_user_service_shared_examples.rb
index 1284415da1f..65236f13e27 100644
--- a/spec/support/services/migrate_to_ghost_user_service_shared_examples.rb
+++ b/spec/support/services/migrate_to_ghost_user_service_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 shared_examples "migrating a deleted user's associated records to the ghost user" do |record_class, fields|
diff --git a/spec/support/setup_builds_storage.rb b/spec/support/setup_builds_storage.rb
index 1d2a4856724..bbe442f07b0 100644
--- a/spec/support/setup_builds_storage.rb
+++ b/spec/support/setup_builds_storage.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.configure do |config|
   def builds_path
     Rails.root.join('tmp/tests/builds')
diff --git a/spec/support/shared_contexts/email_shared_context.rb b/spec/support/shared_contexts/email_shared_context.rb
index 4f5d53f9317..b4d061a8215 100644
--- a/spec/support/shared_contexts/email_shared_context.rb
+++ b/spec/support/shared_contexts/email_shared_context.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_context :email_shared_context do
   let(:mail_key) { "59d8df8370b7e95c5a49fbf86aeb2c93" }
   let(:receiver) { Gitlab::Email::Receiver.new(email_raw) }
diff --git a/spec/support/shared_contexts/finders/group_projects_finder_shared_contexts.rb b/spec/support/shared_contexts/finders/group_projects_finder_shared_contexts.rb
index a0d994c4d8d..38f6011646e 100644
--- a/spec/support/shared_contexts/finders/group_projects_finder_shared_contexts.rb
+++ b/spec/support/shared_contexts/finders/group_projects_finder_shared_contexts.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 RSpec.shared_context 'GroupProjectsFinder context' do
diff --git a/spec/support/shared_contexts/finders/issues_finder_shared_contexts.rb b/spec/support/shared_contexts/finders/issues_finder_shared_contexts.rb
index b8a9554f55f..26ab6fbd400 100644
--- a/spec/support/shared_contexts/finders/issues_finder_shared_contexts.rb
+++ b/spec/support/shared_contexts/finders/issues_finder_shared_contexts.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 RSpec.shared_context 'IssuesFinder context' do
diff --git a/spec/support/shared_contexts/finders/merge_requests_finder_shared_contexts.rb b/spec/support/shared_contexts/finders/merge_requests_finder_shared_contexts.rb
index ab6687f1d07..ef1e65d2577 100644
--- a/spec/support/shared_contexts/finders/merge_requests_finder_shared_contexts.rb
+++ b/spec/support/shared_contexts/finders/merge_requests_finder_shared_contexts.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 RSpec.shared_context 'MergeRequestsFinder multiple projects with merge requests context' do
diff --git a/spec/support/shared_contexts/finders/users_finder_shared_contexts.rb b/spec/support/shared_contexts/finders/users_finder_shared_contexts.rb
index 9e1f89ee0ed..d6404b2ee4b 100644
--- a/spec/support/shared_contexts/finders/users_finder_shared_contexts.rb
+++ b/spec/support/shared_contexts/finders/users_finder_shared_contexts.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 RSpec.shared_context 'UsersFinder#execute filter by project context' do
diff --git a/spec/support/shared_contexts/json_response_shared_context.rb b/spec/support/shared_contexts/json_response_shared_context.rb
index df5fc288089..bd37c97ed35 100644
--- a/spec/support/shared_contexts/json_response_shared_context.rb
+++ b/spec/support/shared_contexts/json_response_shared_context.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_context 'JSON response' do
   let(:json_response) { JSON.parse(response.body) }
 end
diff --git a/spec/support/shared_contexts/merge_requests_allowing_collaboration.rb b/spec/support/shared_contexts/merge_requests_allowing_collaboration.rb
index 05424d08b9d..276ebf973c8 100644
--- a/spec/support/shared_contexts/merge_requests_allowing_collaboration.rb
+++ b/spec/support/shared_contexts/merge_requests_allowing_collaboration.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_context 'merge request allowing collaboration' do
   include ProjectForksHelper
 
diff --git a/spec/support/shared_contexts/services_shared_context.rb b/spec/support/shared_contexts/services_shared_context.rb
index 0c3a24d206f..4d176ab5fca 100644
--- a/spec/support/shared_contexts/services_shared_context.rb
+++ b/spec/support/shared_contexts/services_shared_context.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 Service.available_services_names.each do |service|
   shared_context service do
     let(:dashed_service) { service.dasherize }
diff --git a/spec/support/shared_contexts/url_shared_context.rb b/spec/support/shared_contexts/url_shared_context.rb
index 1b1f67daac3..560cd500ecd 100644
--- a/spec/support/shared_contexts/url_shared_context.rb
+++ b/spec/support/shared_contexts/url_shared_context.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_context 'invalid urls' do
   let(:urls_with_CRLF) do
     ["http://127.0.0.1:333/pa\rth",
diff --git a/spec/support/shared_examples/chat_slash_commands_shared_examples.rb b/spec/support/shared_examples/chat_slash_commands_shared_examples.rb
index dc97a39f051..82975027e5b 100644
--- a/spec/support/shared_examples/chat_slash_commands_shared_examples.rb
+++ b/spec/support/shared_examples/chat_slash_commands_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples 'chat slash commands service' do
   describe "Associations" do
     it { is_expected.to respond_to :token }
diff --git a/spec/support/shared_examples/ci_trace_shared_examples.rb b/spec/support/shared_examples/ci_trace_shared_examples.rb
index 68c2b6e10e2..6fd4b14d51d 100644
--- a/spec/support/shared_examples/ci_trace_shared_examples.rb
+++ b/spec/support/shared_examples/ci_trace_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples_for 'common trace features' do
   describe '#html' do
     before do
diff --git a/spec/support/shared_examples/common_system_notes_examples.rb b/spec/support/shared_examples/common_system_notes_examples.rb
index da5a4f3e319..75f93a32d78 100644
--- a/spec/support/shared_examples/common_system_notes_examples.rb
+++ b/spec/support/shared_examples/common_system_notes_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'system note creation' do |update_params, note_text|
   subject { described_class.new(project, user).execute(issuable, old_labels: []) }
 
diff --git a/spec/support/shared_examples/controllers/external_authorization_service_shared_examples.rb b/spec/support/shared_examples/controllers/external_authorization_service_shared_examples.rb
index 8dd78fd0a25..2faa0cf8c1c 100644
--- a/spec/support/shared_examples/controllers/external_authorization_service_shared_examples.rb
+++ b/spec/support/shared_examples/controllers/external_authorization_service_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 shared_examples 'disabled when using an external authorization service' do
diff --git a/spec/support/shared_examples/controllers/issuable_notes_filter_shared_examples.rb b/spec/support/shared_examples/controllers/issuable_notes_filter_shared_examples.rb
index f4b02dc5350..fb22498f84f 100644
--- a/spec/support/shared_examples/controllers/issuable_notes_filter_shared_examples.rb
+++ b/spec/support/shared_examples/controllers/issuable_notes_filter_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'issuable notes filter' do
   let(:params) do
     if issuable_parent.is_a?(Project)
diff --git a/spec/support/shared_examples/controllers/set_sort_order_from_user_preference_shared_examples.rb b/spec/support/shared_examples/controllers/set_sort_order_from_user_preference_shared_examples.rb
index eb051166a69..1cd14ea2251 100644
--- a/spec/support/shared_examples/controllers/set_sort_order_from_user_preference_shared_examples.rb
+++ b/spec/support/shared_examples/controllers/set_sort_order_from_user_preference_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'set sort order from user preference' do
   describe '#set_sort_order_from_user_preference' do
     # There is no issuable_sorting_field defined in any CE controllers yet,
diff --git a/spec/support/shared_examples/controllers/todos_shared_examples.rb b/spec/support/shared_examples/controllers/todos_shared_examples.rb
index bafd9bac8d0..f3f9abb7da2 100644
--- a/spec/support/shared_examples/controllers/todos_shared_examples.rb
+++ b/spec/support/shared_examples/controllers/todos_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'todos actions' do
   context 'when authorized' do
     before do
diff --git a/spec/support/shared_examples/controllers/uploads_actions_shared_examples.rb b/spec/support/shared_examples/controllers/uploads_actions_shared_examples.rb
index 59708173716..97b2a01576c 100644
--- a/spec/support/shared_examples/controllers/uploads_actions_shared_examples.rb
+++ b/spec/support/shared_examples/controllers/uploads_actions_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'handle uploads' do
   let(:user)  { create(:user) }
   let(:jpg)   { fixture_file_upload('spec/fixtures/rails_sample.jpg', 'image/jpg') }
diff --git a/spec/support/shared_examples/controllers/variables_shared_examples.rb b/spec/support/shared_examples/controllers/variables_shared_examples.rb
index e80722857ec..78666e677ef 100644
--- a/spec/support/shared_examples/controllers/variables_shared_examples.rb
+++ b/spec/support/shared_examples/controllers/variables_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'GET #show lists all variables' do
   it 'renders the variables as json' do
     subject
diff --git a/spec/support/shared_examples/dirty_submit_form_shared_examples.rb b/spec/support/shared_examples/dirty_submit_form_shared_examples.rb
index 4e45e2921e7..60c8899d349 100644
--- a/spec/support/shared_examples/dirty_submit_form_shared_examples.rb
+++ b/spec/support/shared_examples/dirty_submit_form_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'dirty submit form' do |selector_args|
   selectors = selector_args.is_a?(Array) ? selector_args : [selector_args]
 
diff --git a/spec/support/shared_examples/email_format_shared_examples.rb b/spec/support/shared_examples/email_format_shared_examples.rb
index b924a208e71..22d6c2b38e3 100644
--- a/spec/support/shared_examples/email_format_shared_examples.rb
+++ b/spec/support/shared_examples/email_format_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Specifications for behavior common to all objects with an email attribute.
 # Takes a list of email-format attributes and requires:
 # - subject { "the object with a attribute= setter"  }
diff --git a/spec/support/shared_examples/fast_destroy_all.rb b/spec/support/shared_examples/fast_destroy_all.rb
index a8079b6d864..a64259c03f2 100644
--- a/spec/support/shared_examples/fast_destroy_all.rb
+++ b/spec/support/shared_examples/fast_destroy_all.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples_for 'fast destroyable' do
   describe 'Forbid #destroy and #destroy_all' do
     it 'does not delete database rows and associted external data' do
diff --git a/spec/support/shared_examples/features/comments_on_merge_request_files_shared_examples.rb b/spec/support/shared_examples/features/comments_on_merge_request_files_shared_examples.rb
index 2b36955a3c4..f24e47f4638 100644
--- a/spec/support/shared_examples/features/comments_on_merge_request_files_shared_examples.rb
+++ b/spec/support/shared_examples/features/comments_on_merge_request_files_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'comment on merge request file' do
   it 'adds a comment' do
     click_diff_line(find("[id='#{sample_commit.line_code}']"))
diff --git a/spec/support/shared_examples/features/creatable_merge_request_shared_examples.rb b/spec/support/shared_examples/features/creatable_merge_request_shared_examples.rb
index ec1b1754cf0..c0db4cdde72 100644
--- a/spec/support/shared_examples/features/creatable_merge_request_shared_examples.rb
+++ b/spec/support/shared_examples/features/creatable_merge_request_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples 'a creatable merge request' do
   include WaitForRequests
 
diff --git a/spec/support/shared_examples/features/editable_merge_request_shared_examples.rb b/spec/support/shared_examples/features/editable_merge_request_shared_examples.rb
index a6121fcc50a..964c80007b0 100644
--- a/spec/support/shared_examples/features/editable_merge_request_shared_examples.rb
+++ b/spec/support/shared_examples/features/editable_merge_request_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples 'an editable merge request' do
   it 'updates merge request', :js do
     find('.js-assignee-search').click
diff --git a/spec/support/shared_examples/features/issuable_sidebar_shared_examples.rb b/spec/support/shared_examples/features/issuable_sidebar_shared_examples.rb
index 96c821b26f7..09a48533ee3 100644
--- a/spec/support/shared_examples/features/issuable_sidebar_shared_examples.rb
+++ b/spec/support/shared_examples/features/issuable_sidebar_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'issue sidebar stays collapsed on mobile' do
   before do
     resize_screen_xs
diff --git a/spec/support/shared_examples/features/issuables_user_dropdown_behaviors_shared_examples.rb b/spec/support/shared_examples/features/issuables_user_dropdown_behaviors_shared_examples.rb
index c92c7f603d6..63ed37cde03 100644
--- a/spec/support/shared_examples/features/issuables_user_dropdown_behaviors_shared_examples.rb
+++ b/spec/support/shared_examples/features/issuables_user_dropdown_behaviors_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'issuable user dropdown behaviors' do
   include FilteredSearchHelpers
 
diff --git a/spec/support/shared_examples/features/master_manages_access_requests_shared_example.rb b/spec/support/shared_examples/features/master_manages_access_requests_shared_example.rb
index d87e5fcaa88..8e1d24c4be2 100644
--- a/spec/support/shared_examples/features/master_manages_access_requests_shared_example.rb
+++ b/spec/support/shared_examples/features/master_manages_access_requests_shared_example.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples 'Maintainer manages access requests' do
   let(:user) { create(:user) }
   let(:maintainer) { create(:user) }
diff --git a/spec/support/shared_examples/features/project_features_apply_to_issuables_shared_examples.rb b/spec/support/shared_examples/features/project_features_apply_to_issuables_shared_examples.rb
index 64c3b80136d..51559c0b110 100644
--- a/spec/support/shared_examples/features/project_features_apply_to_issuables_shared_examples.rb
+++ b/spec/support/shared_examples/features/project_features_apply_to_issuables_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'project features apply to issuables' do |klass|
   let(:described_class) { klass }
 
diff --git a/spec/support/shared_examples/features/protected_branches_access_control_ce.rb b/spec/support/shared_examples/features/protected_branches_access_control_ce.rb
index a8f2c2e7a5a..867a1774aa9 100644
--- a/spec/support/shared_examples/features/protected_branches_access_control_ce.rb
+++ b/spec/support/shared_examples/features/protected_branches_access_control_ce.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples "protected branches > access control > CE" do
   ProtectedRefAccess::HUMAN_ACCESS_LEVELS.each do |(access_type_id, access_type_name)|
     it "allows creating protected branches that #{access_type_name} can push to" do
diff --git a/spec/support/shared_examples/features/search_shared_examples.rb b/spec/support/shared_examples/features/search_shared_examples.rb
index 25ebbf011d5..e27d6700cbf 100644
--- a/spec/support/shared_examples/features/search_shared_examples.rb
+++ b/spec/support/shared_examples/features/search_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'top right search form' do
   it 'does not show top right search form' do
     expect(page).not_to have_selector('.search')
diff --git a/spec/support/shared_examples/file_finder.rb b/spec/support/shared_examples/file_finder.rb
index 0dc351b5149..984a06ccd1a 100644
--- a/spec/support/shared_examples/file_finder.rb
+++ b/spec/support/shared_examples/file_finder.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'file finder' do
   let(:query) { 'files' }
   let(:search_results) { subject.find(query) }
diff --git a/spec/support/shared_examples/finders/finder_with_external_authorization_enabled.rb b/spec/support/shared_examples/finders/finder_with_external_authorization_enabled.rb
index d7e17cc0b70..b8b0079e36d 100644
--- a/spec/support/shared_examples/finders/finder_with_external_authorization_enabled.rb
+++ b/spec/support/shared_examples/finders/finder_with_external_authorization_enabled.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 shared_examples 'a finder with external authorization service' do
diff --git a/spec/support/shared_examples/gitlab_verify.rb b/spec/support/shared_examples/gitlab_verify.rb
index 560913ca92f..721ea3b4c88 100644
--- a/spec/support/shared_examples/gitlab_verify.rb
+++ b/spec/support/shared_examples/gitlab_verify.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples 'Gitlab::Verify::BatchVerifier subclass' do
   describe 'batching' do
     let(:first_batch) { objects[0].id..objects[0].id }
diff --git a/spec/support/shared_examples/graphql/issuable_state_shared_examples.rb b/spec/support/shared_examples/graphql/issuable_state_shared_examples.rb
index 713f0a879c1..145c476c7f7 100644
--- a/spec/support/shared_examples/graphql/issuable_state_shared_examples.rb
+++ b/spec/support/shared_examples/graphql/issuable_state_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples 'issuable state' do
   it 'exposes all the existing issuable states' do
     expect(described_class.values.keys).to include(*%w[opened closed locked])
diff --git a/spec/support/shared_examples/group_members_shared_example.rb b/spec/support/shared_examples/group_members_shared_example.rb
index 547c83c7955..4f7d496741d 100644
--- a/spec/support/shared_examples/group_members_shared_example.rb
+++ b/spec/support/shared_examples/group_members_shared_example.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples 'members and requesters associations' do
   describe '#members_and_requesters' do
     it 'includes members and requesters' do
diff --git a/spec/support/shared_examples/helm_generated_script.rb b/spec/support/shared_examples/helm_generated_script.rb
index 01bee603274..17f495ebe46 100644
--- a/spec/support/shared_examples/helm_generated_script.rb
+++ b/spec/support/shared_examples/helm_generated_script.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'helm commands' do
   describe '#generate_script' do
     let(:helm_setup) do
diff --git a/spec/support/shared_examples/issuable_shared_examples.rb b/spec/support/shared_examples/issuable_shared_examples.rb
index d97b21f71cd..3460a8ba297 100644
--- a/spec/support/shared_examples/issuable_shared_examples.rb
+++ b/spec/support/shared_examples/issuable_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'cache counters invalidator' do
   it 'invalidates counter cache for assignees' do
     expect_any_instance_of(User).to receive(:invalidate_merge_request_cache_counts)
diff --git a/spec/support/shared_examples/issuables_list_metadata_shared_examples.rb b/spec/support/shared_examples/issuables_list_metadata_shared_examples.rb
index 244f4766a84..52d90b5f183 100644
--- a/spec/support/shared_examples/issuables_list_metadata_shared_examples.rb
+++ b/spec/support/shared_examples/issuables_list_metadata_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'issuables list meta-data' do |issuable_type, action = nil|
   include ProjectForksHelper
 
diff --git a/spec/support/shared_examples/issue_tracker_service_shared_example.rb b/spec/support/shared_examples/issue_tracker_service_shared_example.rb
index a6ab03cb808..0a483fd30ba 100644
--- a/spec/support/shared_examples/issue_tracker_service_shared_example.rb
+++ b/spec/support/shared_examples/issue_tracker_service_shared_example.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples 'issue tracker service URL attribute' do |url_attr|
   it { is_expected.to allow_value('https://example.com').for(url_attr) }
 
diff --git a/spec/support/shared_examples/ldap_shared_examples.rb b/spec/support/shared_examples/ldap_shared_examples.rb
index 52c34e78965..0a70ce7ea0c 100644
--- a/spec/support/shared_examples/ldap_shared_examples.rb
+++ b/spec/support/shared_examples/ldap_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples_for 'normalizes a DN' do
   using RSpec::Parameterized::TableSyntax
 
diff --git a/spec/support/shared_examples/legacy_path_redirect_shared_examples.rb b/spec/support/shared_examples/legacy_path_redirect_shared_examples.rb
index f326e502092..22e5698825d 100644
--- a/spec/support/shared_examples/legacy_path_redirect_shared_examples.rb
+++ b/spec/support/shared_examples/legacy_path_redirect_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'redirecting a legacy path' do |source, target|
   include RSpec::Rails::RequestExampleGroup
 
diff --git a/spec/support/shared_examples/lib/gitlab/background_migration/backfill_project_repositories_examples.rb b/spec/support/shared_examples/lib/gitlab/background_migration/backfill_project_repositories_examples.rb
index dcf7c1a90c2..2cbc0c2bdf2 100644
--- a/spec/support/shared_examples/lib/gitlab/background_migration/backfill_project_repositories_examples.rb
+++ b/spec/support/shared_examples/lib/gitlab/background_migration/backfill_project_repositories_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'backfill migration for project repositories' do |storage|
   describe '#perform' do
     let(:storage_versions) { storage == :legacy ? [nil, 0] : [1, 2] }
diff --git a/spec/support/shared_examples/malicious_regexp_shared_examples.rb b/spec/support/shared_examples/malicious_regexp_shared_examples.rb
index a86050e2cf2..96c02260d53 100644
--- a/spec/support/shared_examples/malicious_regexp_shared_examples.rb
+++ b/spec/support/shared_examples/malicious_regexp_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'timeout'
 
 shared_examples 'malicious regexp' do
diff --git a/spec/support/shared_examples/mentionable_shared_examples.rb b/spec/support/shared_examples/mentionable_shared_examples.rb
index fea52c2eeb2..93a8c4709a6 100644
--- a/spec/support/shared_examples/mentionable_shared_examples.rb
+++ b/spec/support/shared_examples/mentionable_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Specifications for behavior common to all Mentionable implementations.
 # Requires a shared context containing:
 # - subject { "the mentionable implementation" }
diff --git a/spec/support/shared_examples/milestone_tabs_examples.rb b/spec/support/shared_examples/milestone_tabs_examples.rb
index 8b757586941..bda4b978737 100644
--- a/spec/support/shared_examples/milestone_tabs_examples.rb
+++ b/spec/support/shared_examples/milestone_tabs_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'milestone tabs' do
   def go(path, extra_params = {})
     params =
diff --git a/spec/support/shared_examples/models/atomic_internal_id_shared_examples.rb b/spec/support/shared_examples/models/atomic_internal_id_shared_examples.rb
index a248f60d23e..b837ca87256 100644
--- a/spec/support/shared_examples/models/atomic_internal_id_shared_examples.rb
+++ b/spec/support/shared_examples/models/atomic_internal_id_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 shared_examples_for 'AtomicInternalId' do |validate_presence: true|
diff --git a/spec/support/shared_examples/models/chat_service_shared_examples.rb b/spec/support/shared_examples/models/chat_service_shared_examples.rb
index 0a302e7d030..71c0c57f302 100644
--- a/spec/support/shared_examples/models/chat_service_shared_examples.rb
+++ b/spec/support/shared_examples/models/chat_service_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 shared_examples_for "chat service" do |service_name|
diff --git a/spec/support/shared_examples/models/cluster_application_core_shared_examples.rb b/spec/support/shared_examples/models/cluster_application_core_shared_examples.rb
index d6490a808ce..8e58cc7ba22 100644
--- a/spec/support/shared_examples/models/cluster_application_core_shared_examples.rb
+++ b/spec/support/shared_examples/models/cluster_application_core_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'cluster application core specs' do |application_name|
   it { is_expected.to belong_to(:cluster) }
   it { is_expected.to validate_presence_of(:cluster) }
diff --git a/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb b/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb
index bd3661471f8..7ddb3b11c85 100644
--- a/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb
+++ b/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'cluster application helm specs' do |application_name|
   let(:application) { create(application_name) }
 
diff --git a/spec/support/shared_examples/models/cluster_application_status_shared_examples.rb b/spec/support/shared_examples/models/cluster_application_status_shared_examples.rb
index 4525c03837f..5341aacb445 100644
--- a/spec/support/shared_examples/models/cluster_application_status_shared_examples.rb
+++ b/spec/support/shared_examples/models/cluster_application_status_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'cluster application status specs' do |application_name|
   describe '#status' do
     let(:cluster) { create(:cluster, :provided_by_gcp) }
diff --git a/spec/support/shared_examples/models/issuable_hook_data_shared_examples.rb b/spec/support/shared_examples/models/issuable_hook_data_shared_examples.rb
index a4762b68858..7ea2bb265cc 100644
--- a/spec/support/shared_examples/models/issuable_hook_data_shared_examples.rb
+++ b/spec/support/shared_examples/models/issuable_hook_data_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # This shared example requires a `builder` and `user` variable
 shared_examples 'issuable hook data' do |kind|
   let(:data) { builder.build(user: user) }
diff --git a/spec/support/shared_examples/models/members_notifications_shared_example.rb b/spec/support/shared_examples/models/members_notifications_shared_example.rb
index ef5cea3f2a5..050d710f1de 100644
--- a/spec/support/shared_examples/models/members_notifications_shared_example.rb
+++ b/spec/support/shared_examples/models/members_notifications_shared_example.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples 'members notifications' do |entity_type|
   let(:notification_service) { double('NotificationService').as_null_object }
 
diff --git a/spec/support/shared_examples/models/project_hook_data_shared_examples.rb b/spec/support/shared_examples/models/project_hook_data_shared_examples.rb
index f0264878811..03d10c10e3c 100644
--- a/spec/support/shared_examples/models/project_hook_data_shared_examples.rb
+++ b/spec/support/shared_examples/models/project_hook_data_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'project hook data with deprecateds' do |project_key: :project|
   it 'contains project data' do
     expect(data[project_key][:name]).to eq(project.name)
diff --git a/spec/support/shared_examples/models/with_uploads_shared_examples.rb b/spec/support/shared_examples/models/with_uploads_shared_examples.rb
index 43033a2d256..eb1ade03017 100644
--- a/spec/support/shared_examples/models/with_uploads_shared_examples.rb
+++ b/spec/support/shared_examples/models/with_uploads_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 shared_examples_for 'model with uploads' do |supports_fileuploads|
diff --git a/spec/support/shared_examples/notify_shared_examples.rb b/spec/support/shared_examples/notify_shared_examples.rb
index 4452b1c82cb..a537fab4bcd 100644
--- a/spec/support/shared_examples/notify_shared_examples.rb
+++ b/spec/support/shared_examples/notify_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_context 'gitlab email notification' do
   set(:group) { create(:group) }
   set(:subgroup) { create(:group, parent: group) }
diff --git a/spec/support/shared_examples/position_formatters.rb b/spec/support/shared_examples/position_formatters.rb
index ffc9456dbc7..30b6b8d24f0 100644
--- a/spec/support/shared_examples/position_formatters.rb
+++ b/spec/support/shared_examples/position_formatters.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples_for "position formatter" do
   let(:formatter) { described_class.new(attrs) }
 
diff --git a/spec/support/shared_examples/reference_parser_shared_examples.rb b/spec/support/shared_examples/reference_parser_shared_examples.rb
index baf8bcc04b8..d903c0f10e0 100644
--- a/spec/support/shared_examples/reference_parser_shared_examples.rb
+++ b/spec/support/shared_examples/reference_parser_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples "referenced feature visibility" do |*related_features|
   let(:feature_fields) do
     related_features.map { |feature| (feature + "_access_level").to_sym }
diff --git a/spec/support/shared_examples/requests/api/custom_attributes_shared_examples.rb b/spec/support/shared_examples/requests/api/custom_attributes_shared_examples.rb
index 8a7fcf856a1..776a0bdd29e 100644
--- a/spec/support/shared_examples/requests/api/custom_attributes_shared_examples.rb
+++ b/spec/support/shared_examples/requests/api/custom_attributes_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'custom attributes endpoints' do |attributable_name|
   let!(:custom_attribute1) { attributable.custom_attributes.create key: 'foo', value: 'foo' }
   let!(:custom_attribute2) { attributable.custom_attributes.create key: 'bar', value: 'bar' }
diff --git a/spec/support/shared_examples/requests/api/diff_discussions.rb b/spec/support/shared_examples/requests/api/diff_discussions.rb
index 366c2955359..76c6c93964a 100644
--- a/spec/support/shared_examples/requests/api/diff_discussions.rb
+++ b/spec/support/shared_examples/requests/api/diff_discussions.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'diff discussions API' do |parent_type, noteable_type, id_name|
   describe "GET /#{parent_type}/:id/#{noteable_type}/:noteable_id/discussions" do
     it "includes diff discussions" do
diff --git a/spec/support/shared_examples/requests/api/discussions.rb b/spec/support/shared_examples/requests/api/discussions.rb
index c3132c41f5b..fc72287f265 100644
--- a/spec/support/shared_examples/requests/api/discussions.rb
+++ b/spec/support/shared_examples/requests/api/discussions.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'discussions API' do |parent_type, noteable_type, id_name, can_reply_to_individual_notes: false|
   describe "GET /#{parent_type}/:id/#{noteable_type}/:noteable_id/discussions" do
     it "returns an array of discussions" do
diff --git a/spec/support/shared_examples/requests/api/issuable_participants_examples.rb b/spec/support/shared_examples/requests/api/issuable_participants_examples.rb
index 96d59e0c472..9fe6288d53f 100644
--- a/spec/support/shared_examples/requests/api/issuable_participants_examples.rb
+++ b/spec/support/shared_examples/requests/api/issuable_participants_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'issuable participants endpoint' do
   let(:area) { entity.class.name.underscore.pluralize }
 
diff --git a/spec/support/shared_examples/requests/api/issues/merge_requests_count_shared_examples.rb b/spec/support/shared_examples/requests/api/issues/merge_requests_count_shared_examples.rb
index 5f4e178f2e5..90c1ed8d09b 100644
--- a/spec/support/shared_examples/requests/api/issues/merge_requests_count_shared_examples.rb
+++ b/spec/support/shared_examples/requests/api/issues/merge_requests_count_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 def get_issue
   json_response.is_a?(Array) ? json_response.detect {|issue| issue['id'] == target_issue.id} : json_response
 end
diff --git a/spec/support/shared_examples/requests/api/notes.rb b/spec/support/shared_examples/requests/api/notes.rb
index 57eefd5ef01..354ae7288b1 100644
--- a/spec/support/shared_examples/requests/api/notes.rb
+++ b/spec/support/shared_examples/requests/api/notes.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'noteable API' do |parent_type, noteable_type, id_name|
   describe "GET /#{parent_type}/:id/#{noteable_type}/:noteable_id/notes" do
     context 'sorting' do
diff --git a/spec/support/shared_examples/requests/api/resolvable_discussions.rb b/spec/support/shared_examples/requests/api/resolvable_discussions.rb
index 7e2416b23f3..42054a273f3 100644
--- a/spec/support/shared_examples/requests/api/resolvable_discussions.rb
+++ b/spec/support/shared_examples/requests/api/resolvable_discussions.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'resolvable discussions API' do |parent_type, noteable_type, id_name|
   describe "PUT /#{parent_type}/:id/#{noteable_type}/:noteable_id/discussions/:discussion_id" do
     it "resolves discussion if resolved is true" do
diff --git a/spec/support/shared_examples/requests/api/status_shared_examples.rb b/spec/support/shared_examples/requests/api/status_shared_examples.rb
index ebfc5fed3bb..eebed7e42c1 100644
--- a/spec/support/shared_examples/requests/api/status_shared_examples.rb
+++ b/spec/support/shared_examples/requests/api/status_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Specs for status checking.
 #
 # Requires an API request:
diff --git a/spec/support/shared_examples/requests/graphql_shared_examples.rb b/spec/support/shared_examples/requests/graphql_shared_examples.rb
index 04140cad3f0..2a38d56141a 100644
--- a/spec/support/shared_examples/requests/graphql_shared_examples.rb
+++ b/spec/support/shared_examples/requests/graphql_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 shared_examples 'a working graphql query' do
diff --git a/spec/support/shared_examples/serializers/note_entity_examples.rb b/spec/support/shared_examples/serializers/note_entity_examples.rb
index ec208aba2a9..bfcaa2f1bd5 100644
--- a/spec/support/shared_examples/serializers/note_entity_examples.rb
+++ b/spec/support/shared_examples/serializers/note_entity_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'note entity' do
   subject { entity.as_json }
 
diff --git a/spec/support/shared_examples/services/boards/boards_create_service.rb b/spec/support/shared_examples/services/boards/boards_create_service.rb
index 5bdc04f660f..19818a6091b 100644
--- a/spec/support/shared_examples/services/boards/boards_create_service.rb
+++ b/spec/support/shared_examples/services/boards/boards_create_service.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'boards create service' do
   context 'when parent does not have a board' do
     it 'creates a new board' do
diff --git a/spec/support/shared_examples/services/boards/boards_list_service.rb b/spec/support/shared_examples/services/boards/boards_list_service.rb
index e0d5a7c61f2..566e5050f8e 100644
--- a/spec/support/shared_examples/services/boards/boards_list_service.rb
+++ b/spec/support/shared_examples/services/boards/boards_list_service.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'boards list service' do
   context 'when parent does not have a board' do
     it 'creates a new parent board' do
diff --git a/spec/support/shared_examples/services/boards/issues_list_service.rb b/spec/support/shared_examples/services/boards/issues_list_service.rb
index 8b879cef084..75733c774ef 100644
--- a/spec/support/shared_examples/services/boards/issues_list_service.rb
+++ b/spec/support/shared_examples/services/boards/issues_list_service.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'issues list service' do
   it 'delegates search to IssuesFinder' do
     params = { board_id: board.id, id: list1.id }
diff --git a/spec/support/shared_examples/services/boards/issues_move_service.rb b/spec/support/shared_examples/services/boards/issues_move_service.rb
index 5359831f8f8..d3fa8084185 100644
--- a/spec/support/shared_examples/services/boards/issues_move_service.rb
+++ b/spec/support/shared_examples/services/boards/issues_move_service.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'issues move service' do |group|
   shared_examples 'updating timestamps' do
     it 'updates updated_at' do
diff --git a/spec/support/shared_examples/services/boards/lists_destroy_service.rb b/spec/support/shared_examples/services/boards/lists_destroy_service.rb
index 62b6ffe1836..95725078f9d 100644
--- a/spec/support/shared_examples/services/boards/lists_destroy_service.rb
+++ b/spec/support/shared_examples/services/boards/lists_destroy_service.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'lists destroy service' do
   context 'when list type is label' do
     it 'removes list from board' do
diff --git a/spec/support/shared_examples/services/boards/lists_list_service.rb b/spec/support/shared_examples/services/boards/lists_list_service.rb
index 0a8220111ab..29784f6da08 100644
--- a/spec/support/shared_examples/services/boards/lists_list_service.rb
+++ b/spec/support/shared_examples/services/boards/lists_list_service.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'lists list service' do
   context 'when the board has a backlog list' do
     let!(:backlog_list) { create(:backlog_list, board: board) }
diff --git a/spec/support/shared_examples/services/boards/lists_move_service.rb b/spec/support/shared_examples/services/boards/lists_move_service.rb
index 2cdb968a45d..0b3bfd8e2a8 100644
--- a/spec/support/shared_examples/services/boards/lists_move_service.rb
+++ b/spec/support/shared_examples/services/boards/lists_move_service.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'lists move service' do
   let!(:planning)    { create(:list, board: board, position: 0) }
   let!(:development) { create(:list, board: board, position: 1) }
diff --git a/spec/support/shared_examples/services/check_ingress_ip_address_service_shared_examples.rb b/spec/support/shared_examples/services/check_ingress_ip_address_service_shared_examples.rb
index 02de47a96dd..1e0ac8b7615 100644
--- a/spec/support/shared_examples/services/check_ingress_ip_address_service_shared_examples.rb
+++ b/spec/support/shared_examples/services/check_ingress_ip_address_service_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'check ingress ip executions' do |app_name|
   describe '#execute' do
     let(:application) { create(app_name, :installed) }
diff --git a/spec/support/shared_examples/services/gitlab_projects_import_service_shared_examples.rb b/spec/support/shared_examples/services/gitlab_projects_import_service_shared_examples.rb
index b8db35a6ef9..1c3fa5644d3 100644
--- a/spec/support/shared_examples/services/gitlab_projects_import_service_shared_examples.rb
+++ b/spec/support/shared_examples/services/gitlab_projects_import_service_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'gitlab projects import validations' do
   context 'with an invalid path' do
     let(:path) { '/invalid-path/' }
diff --git a/spec/support/shared_examples/slack_mattermost_notifications_shared_examples.rb b/spec/support/shared_examples/slack_mattermost_notifications_shared_examples.rb
index 36c486dbdd6..52fef1c13e1 100644
--- a/spec/support/shared_examples/slack_mattermost_notifications_shared_examples.rb
+++ b/spec/support/shared_examples/slack_mattermost_notifications_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 Dir[Rails.root.join("app/models/project_services/chat_message/*.rb")].each { |f| require f }
 
 RSpec.shared_examples 'slack or mattermost notifications' do
diff --git a/spec/support/shared_examples/snippet_visibility_shared_examples.rb b/spec/support/shared_examples/snippet_visibility_shared_examples.rb
index 833c31a57cb..b5321c6db34 100644
--- a/spec/support/shared_examples/snippet_visibility_shared_examples.rb
+++ b/spec/support/shared_examples/snippet_visibility_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples 'snippet visibility' do
   using RSpec::Parameterized::TableSyntax
 
diff --git a/spec/support/shared_examples/snippets_shared_examples.rb b/spec/support/shared_examples/snippets_shared_examples.rb
index 85f0facd5c3..5c35617bd36 100644
--- a/spec/support/shared_examples/snippets_shared_examples.rb
+++ b/spec/support/shared_examples/snippets_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # These shared examples expect a `snippets` array of snippets
 RSpec.shared_examples 'paginated snippets' do |remote: false|
   it "is limited to #{Snippet.default_per_page} items per page" do
diff --git a/spec/support/shared_examples/taskable_shared_examples.rb b/spec/support/shared_examples/taskable_shared_examples.rb
index 4a1df1ce380..f04f509f3d2 100644
--- a/spec/support/shared_examples/taskable_shared_examples.rb
+++ b/spec/support/shared_examples/taskable_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Specs for task state functionality for issues and merge requests.
 #
 # Requires a context containing:
diff --git a/spec/support/shared_examples/throttled_touch.rb b/spec/support/shared_examples/throttled_touch.rb
index eba990d4037..aaaa590862d 100644
--- a/spec/support/shared_examples/throttled_touch.rb
+++ b/spec/support/shared_examples/throttled_touch.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples_for 'throttled touch' do
   describe '#touch' do
     it 'updates the updated_at timestamp' do
diff --git a/spec/support/shared_examples/unique_ip_check_shared_examples.rb b/spec/support/shared_examples/unique_ip_check_shared_examples.rb
index e5c8ac6a004..65d86ddee9e 100644
--- a/spec/support/shared_examples/unique_ip_check_shared_examples.rb
+++ b/spec/support/shared_examples/unique_ip_check_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_context 'unique ips sign in limit' do
   include StubENV
   before do
diff --git a/spec/support/shared_examples/update_invalid_issuable.rb b/spec/support/shared_examples/update_invalid_issuable.rb
index 4cb6d001b9b..b7ac08372f9 100644
--- a/spec/support/shared_examples/update_invalid_issuable.rb
+++ b/spec/support/shared_examples/update_invalid_issuable.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'update invalid issuable' do |klass|
   let(:params) do
     {
diff --git a/spec/support/shared_examples/updating_mentions_shared_examples.rb b/spec/support/shared_examples/updating_mentions_shared_examples.rb
index 5e3f19ba19e..ef385f94cc2 100644
--- a/spec/support/shared_examples/updating_mentions_shared_examples.rb
+++ b/spec/support/shared_examples/updating_mentions_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples 'updating mentions' do |service_class|
   let(:mentioned_user) { create(:user) }
   let(:service_class) { service_class }
diff --git a/spec/support/shared_examples/uploaders/gitlab_uploader_shared_examples.rb b/spec/support/shared_examples/uploaders/gitlab_uploader_shared_examples.rb
index 1190863d88e..9263aaff89a 100644
--- a/spec/support/shared_examples/uploaders/gitlab_uploader_shared_examples.rb
+++ b/spec/support/shared_examples/uploaders/gitlab_uploader_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples "matches the method pattern" do |method|
   let(:target) { subject }
   let(:args) { nil }
diff --git a/spec/support/shared_examples/uploaders/object_storage_shared_examples.rb b/spec/support/shared_examples/uploaders/object_storage_shared_examples.rb
index 1bd176280c5..5d605dd811b 100644
--- a/spec/support/shared_examples/uploaders/object_storage_shared_examples.rb
+++ b/spec/support/shared_examples/uploaders/object_storage_shared_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_context 'with storage' do |store, **stub_params|
   before do
     subject.object_store = store
diff --git a/spec/support/shared_examples/url_validator_examples.rb b/spec/support/shared_examples/url_validator_examples.rb
index 25277ccd9aa..16fceddb605 100644
--- a/spec/support/shared_examples/url_validator_examples.rb
+++ b/spec/support/shared_examples/url_validator_examples.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.shared_examples 'url validator examples' do |schemes|
   let(:validator) { described_class.new(attributes: [:link_url], **options) }
   let!(:badge) { build(:badge, link_url: 'http://www.example.com') }
diff --git a/spec/support/sidekiq.rb b/spec/support/sidekiq.rb
index d1a765f27b9..585c458a64e 100644
--- a/spec/support/sidekiq.rb
+++ b/spec/support/sidekiq.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'sidekiq/testing/inline'
 
 # If Sidekiq::Testing.inline! is used, SQL transactions done inside
diff --git a/spec/support/stored_repositories.rb b/spec/support/stored_repositories.rb
index 55212355daa..95f0f971787 100644
--- a/spec/support/stored_repositories.rb
+++ b/spec/support/stored_repositories.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 RSpec.configure do |config|
   config.before(:each, :broken_storage) do
     allow(Gitlab::GitalyClient).to receive(:call) do
diff --git a/spec/support/test_reports/test_reports_helper.rb b/spec/support/test_reports/test_reports_helper.rb
index 6840fb9a860..6ba50c83b25 100644
--- a/spec/support/test_reports/test_reports_helper.rb
+++ b/spec/support/test_reports/test_reports_helper.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module TestReportsHelper
   def create_test_case_rspec_success(name = 'test_spec')
     Gitlab::Ci::Reports::TestCase.new(
diff --git a/spec/support/trace/trace_helpers.rb b/spec/support/trace/trace_helpers.rb
index c7802bbcb94..9255715ff71 100644
--- a/spec/support/trace/trace_helpers.rb
+++ b/spec/support/trace/trace_helpers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module TraceHelpers
   def create_legacy_trace(build, content)
     File.open(legacy_trace_path(build), 'wb') { |stream| stream.write(content) }
diff --git a/spec/support/webmock.rb b/spec/support/webmock.rb
index 9ac7e7fc515..32b88edc2df 100644
--- a/spec/support/webmock.rb
+++ b/spec/support/webmock.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'webmock'
 require 'webmock/rspec'
 
-- 
cgit v1.2.1


From 1ce5bcacdbf56682e05fa63875203bf4d10584bc Mon Sep 17 00:00:00 2001
From: Heinrich Lee Yu <heinrich@gitlab.com>
Date: Wed, 24 Jul 2019 17:20:54 +0800
Subject: Remove code related to object hierarchy in MySQL

These are not required because MySQL is not
supported anymore
---
 app/controllers/application_controller.rb          |   2 +-
 app/controllers/concerns/group_tree.rb             |  20 ++--
 app/finders/group_descendants_finder.rb            |   2 -
 app/graphql/types/group_type.rb                    |   8 +-
 app/helpers/groups_helper.rb                       |   4 -
 app/models/concerns/descendant.rb                  |  11 --
 app/models/group.rb                                |   1 -
 app/models/namespace.rb                            |   2 -
 app/policies/group_policy.rb                       |   6 +-
 app/services/groups/nested_create_service.rb       |   4 -
 app/services/groups/transfer_service.rb            |   1 -
 app/services/members/destroy_service.rb            |   2 +-
 .../users/refresh_authorized_projects_service.rb   |   8 +-
 app/views/groups/settings/_advanced.html.haml      |  25 ++---
 lib/api/entities.rb                                |   5 +-
 lib/api/groups.rb                                  |   5 +-
 lib/gitlab/object_hierarchy.rb                     |  17 ---
 lib/gitlab/project_authorizations.rb               | 121 ++++++++++++++++++++
 .../project_authorizations/with_nested_groups.rb   | 125 ---------------------
 .../without_nested_groups.rb                       |  35 ------
 spec/controllers/boards/issues_controller_spec.rb  |   2 +-
 spec/controllers/concerns/group_tree_spec.rb       |   4 +-
 .../dashboard/groups_controller_spec.rb            |   2 +-
 .../controllers/groups/children_controller_spec.rb |   4 +-
 spec/controllers/groups/labels_controller_spec.rb  |   4 +-
 spec/controllers/groups_controller_spec.rb         |   6 +-
 .../import/bitbucket_controller_spec.rb            |   6 +-
 spec/controllers/import/gitlab_controller_spec.rb  |   6 +-
 .../projects/milestones_controller_spec.rb         |   2 +-
 spec/features/dashboard/groups_list_spec.rb        |   6 +-
 spec/features/groups/empty_states_spec.rb          |   2 +-
 spec/features/groups/group_settings_spec.rb        |   2 +-
 spec/features/groups/issues_spec.rb                |   2 +-
 spec/features/groups/members/list_members_spec.rb  |   4 +-
 spec/features/groups/share_lock_spec.rb            |   2 +-
 spec/features/groups/show_spec.rb                  |  38 +------
 spec/features/groups_spec.rb                       |   4 +-
 spec/features/ide_spec.rb                          |   2 +-
 spec/features/import/manifest_import_spec.rb       |   2 +-
 spec/features/labels_hierarchy_spec.rb             |   2 +-
 .../features/projects/members/invite_group_spec.rb |   4 +-
 spec/features/projects/new_project_spec.rb         |   2 +-
 .../projects/settings/pipelines_settings_spec.rb   |   2 +-
 .../settings/user_transfers_a_project_spec.rb      |   2 +-
 spec/features/projects/sub_group_issuables_spec.rb |   2 +-
 .../features/projects/user_creates_project_spec.rb |   2 +-
 spec/features/projects_spec.rb                     |   2 +-
 spec/finders/autocomplete/users_finder_spec.rb     |   2 +-
 spec/finders/cluster_ancestors_finder_spec.rb      |   4 +-
 spec/finders/group_descendants_finder_spec.rb      |   6 +-
 spec/finders/group_members_finder_spec.rb          |   4 +-
 spec/finders/group_projects_finder_spec.rb         |  12 +-
 spec/finders/groups_finder_spec.rb                 |   2 +-
 spec/finders/issues_finder_spec.rb                 |   2 +-
 spec/finders/labels_finder_spec.rb                 |   6 +-
 spec/finders/members_finder_spec.rb                |   8 +-
 spec/finders/merge_requests_finder_spec.rb         |   2 +-
 spec/finders/todos_finder_spec.rb                  |   2 +-
 .../resolvers/namespace_projects_resolver_spec.rb  |   2 +-
 spec/helpers/auto_devops_helper_spec.rb            |   6 +-
 spec/helpers/groups_helper_spec.rb                 |   6 +-
 spec/helpers/namespaces_helper_spec.rb             |   4 +-
 .../filter/milestone_reference_filter_spec.rb      |   4 +-
 .../fix_cross_project_label_links_spec.rb          |   4 +-
 .../gitlab/bare_repository_import/importer_spec.rb |  16 +--
 .../count/reltuples_count_strategy_spec.rb         |   2 +-
 .../count/tablesample_count_strategy_spec.rb       |   2 +-
 spec/lib/gitlab/database/grant_spec.rb             |   2 +-
 spec/lib/gitlab/group_search_results_spec.rb       |   6 +-
 spec/lib/gitlab/manifest_import/manifest_spec.rb   |   2 +-
 .../gitlab/manifest_import/project_creator_spec.rb |   2 +-
 spec/lib/gitlab/object_hierarchy_spec.rb           |   2 +-
 spec/lib/gitlab/performance_bar_spec.rb            |   4 +-
 spec/lib/gitlab/project_authorizations_spec.rb     |  38 +++----
 spec/lib/gitlab/sql/cte_spec.rb                    |   2 +-
 spec/lib/gitlab/sql/recursive_cte_spec.rb          |   2 +-
 spec/models/ci/runner_spec.rb                      |   2 +-
 spec/models/clusters/cluster_spec.rb               |   2 +-
 spec/models/concerns/deployment_platform_spec.rb   |   2 +-
 spec/models/concerns/group_descendant_spec.rb      |   6 +-
 spec/models/concerns/issuable_spec.rb              |   2 +-
 spec/models/group_spec.rb                          |  28 ++---
 spec/models/members/group_member_spec.rb           |   2 +-
 spec/models/members/project_member_spec.rb         |   2 +-
 .../namespace/root_storage_statistics_spec.rb      |   2 +-
 spec/models/namespace_spec.rb                      |  20 ++--
 spec/models/notification_recipient_spec.rb         |   2 +-
 spec/models/postgresql/replication_slot_spec.rb    |   2 +-
 spec/models/project_group_link_spec.rb             |   2 +-
 spec/models/project_spec.rb                        |  28 +++--
 spec/models/todo_spec.rb                           |   6 +-
 spec/models/user_spec.rb                           |  38 +++----
 spec/policies/group_member_policy_spec.rb          |   2 +-
 spec/policies/group_policy_spec.rb                 |  59 +---------
 spec/presenters/clusters/cluster_presenter_spec.rb |   2 +-
 spec/requests/api/boards_spec.rb                   |   2 +-
 .../api/graphql/namespace/projects_spec.rb         |   2 +-
 spec/requests/api/group_labels_spec.rb             |   4 +-
 spec/requests/api/groups_spec.rb                   |  10 +-
 spec/requests/api/issues/get_group_issues_spec.rb  |   2 +-
 spec/requests/api/members_spec.rb                  |   6 +-
 spec/requests/api/merge_requests_spec.rb           |   2 +-
 spec/requests/api/projects_spec.rb                 |   2 +-
 spec/requests/openid_connect_spec.rb               |   2 +-
 spec/serializers/group_child_entity_spec.rb        |   2 +-
 spec/serializers/group_child_serializer_spec.rb    |   4 +-
 spec/serializers/pipeline_serializer_spec.rb       |   2 +-
 spec/services/boards/issues/list_service_spec.rb   |   2 +-
 spec/services/groups/auto_devops_service_spec.rb   |   2 +-
 spec/services/groups/create_service_spec.rb        |  46 +++-----
 spec/services/groups/nested_create_service_spec.rb |  30 +----
 spec/services/groups/transfer_service_spec.rb      |  17 +--
 spec/services/groups/update_service_spec.rb        |   2 +-
 spec/services/issues/update_service_spec.rb        |   4 +-
 spec/services/members/destroy_service_spec.rb      |   6 +-
 spec/services/notification_service_spec.rb         |  50 ++++-----
 .../services/projects/autocomplete_service_spec.rb |   2 +-
 .../todos/destroy/entity_leave_service_spec.rb     |   2 +-
 .../todos/destroy/group_private_service_spec.rb    |   2 +-
 .../refresh_authorized_projects_service_spec.rb    |   4 +-
 spec/spec_helper.rb                                |   8 --
 .../githubish_import_controller_shared_examples.rb |   6 +-
 .../policies/group_policy_shared_context.rb        |   2 +-
 spec/views/groups/edit.html.haml_spec.rb           |   2 +-
 .../layouts/header/_new_dropdown.haml_spec.rb      |   2 +-
 125 files changed, 404 insertions(+), 712 deletions(-)
 delete mode 100644 app/models/concerns/descendant.rb
 create mode 100644 lib/gitlab/project_authorizations.rb
 delete mode 100644 lib/gitlab/project_authorizations/with_nested_groups.rb
 delete mode 100644 lib/gitlab/project_authorizations/without_nested_groups.rb

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 0c80a276fce..1d55a073f3b 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -421,7 +421,7 @@ class ApplicationController < ActionController::Base
   end
 
   def manifest_import_enabled?
-    Group.supports_nested_objects? && Gitlab::CurrentSettings.import_sources.include?('manifest')
+    Gitlab::CurrentSettings.import_sources.include?('manifest')
   end
 
   def phabricator_import_enabled?
diff --git a/app/controllers/concerns/group_tree.rb b/app/controllers/concerns/group_tree.rb
index e9a7d6a3152..d076c62c707 100644
--- a/app/controllers/concerns/group_tree.rb
+++ b/app/controllers/concerns/group_tree.rb
@@ -32,18 +32,14 @@ module GroupTree
   def filtered_groups_with_ancestors(groups)
     filtered_groups = groups.search(params[:filter]).page(params[:page])
 
-    if Group.supports_nested_objects?
-      # We find the ancestors by ID of the search results here.
-      # Otherwise the ancestors would also have filters applied,
-      # which would cause them not to be preloaded.
-      #
-      # Pagination needs to be applied before loading the ancestors to
-      # make sure ancestors are not cut off by pagination.
-      Gitlab::ObjectHierarchy.new(Group.where(id: filtered_groups.select(:id)))
-        .base_and_ancestors
-    else
-      filtered_groups
-    end
+    # We find the ancestors by ID of the search results here.
+    # Otherwise the ancestors would also have filters applied,
+    # which would cause them not to be preloaded.
+    #
+    # Pagination needs to be applied before loading the ancestors to
+    # make sure ancestors are not cut off by pagination.
+    Gitlab::ObjectHierarchy.new(Group.where(id: filtered_groups.select(:id)))
+      .base_and_ancestors
   end
   # rubocop: enable CodeReuse/ActiveRecord
 end
diff --git a/app/finders/group_descendants_finder.rb b/app/finders/group_descendants_finder.rb
index ec340f38450..4e489a9c930 100644
--- a/app/finders/group_descendants_finder.rb
+++ b/app/finders/group_descendants_finder.rb
@@ -132,8 +132,6 @@ class GroupDescendantsFinder
   end
 
   def subgroups
-    return Group.none unless Group.supports_nested_objects?
-
     # When filtering subgroups, we want to find all matches within the tree of
     # descendants to show to the user
     groups = if params[:filter]
diff --git a/app/graphql/types/group_type.rb b/app/graphql/types/group_type.rb
index 530aecc2bf9..66b41919914 100644
--- a/app/graphql/types/group_type.rb
+++ b/app/graphql/types/group_type.rb
@@ -14,10 +14,8 @@ module Types
       group.avatar_url(only_path: false)
     end
 
-    if ::Group.supports_nested_objects?
-      field :parent, GroupType,
-            null: true,
-            resolve: -> (obj, _args, _ctx) { Gitlab::Graphql::Loaders::BatchModelLoader.new(Group, obj.parent_id).find }
-    end
+    field :parent, GroupType,
+          null: true,
+          resolve: -> (obj, _args, _ctx) { Gitlab::Graphql::Loaders::BatchModelLoader.new(Group, obj.parent_id).find }
   end
 end
diff --git a/app/helpers/groups_helper.rb b/app/helpers/groups_helper.rb
index 5aed7e313e6..160f9ac4793 100644
--- a/app/helpers/groups_helper.rb
+++ b/app/helpers/groups_helper.rb
@@ -127,10 +127,6 @@ module GroupsHelper
     groups.to_json
   end
 
-  def supports_nested_groups?
-    Group.supports_nested_objects?
-  end
-
   private
 
   def get_group_sidebar_links
diff --git a/app/models/concerns/descendant.rb b/app/models/concerns/descendant.rb
deleted file mode 100644
index 4c436522122..00000000000
--- a/app/models/concerns/descendant.rb
+++ /dev/null
@@ -1,11 +0,0 @@
-# frozen_string_literal: true
-
-module Descendant
-  extend ActiveSupport::Concern
-
-  class_methods do
-    def supports_nested_objects?
-      Gitlab::Database.postgresql?
-    end
-  end
-end
diff --git a/app/models/group.rb b/app/models/group.rb
index 26ce2957e9b..a8382c12603 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -10,7 +10,6 @@ class Group < Namespace
   include Referable
   include SelectForProjectAuthorization
   include LoadedInGroupList
-  include Descendant
   include GroupDescendant
   include TokenAuthenticatable
   include WithUploads
diff --git a/app/models/namespace.rb b/app/models/namespace.rb
index b8d7348268a..058350b16ce 100644
--- a/app/models/namespace.rb
+++ b/app/models/namespace.rb
@@ -332,8 +332,6 @@ class Namespace < ApplicationRecord
   end
 
   def force_share_with_group_lock_on_descendants
-    return unless Group.supports_nested_objects?
-
     # We can't use `descendants.update_all` since Rails will throw away the WITH
     # RECURSIVE statement. We also can't use WHERE EXISTS since we can't use
     # different table aliases, hence we're just using WHERE IN. Since we have a
diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index 0add8bfad31..84b1873c05d 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -16,8 +16,6 @@ class GroupPolicy < BasePolicy
   condition(:maintainer) { access_level >= GroupMember::MAINTAINER }
   condition(:reporter) { access_level >= GroupMember::REPORTER }
 
-  condition(:nested_groups_supported, scope: :global) { Group.supports_nested_objects? }
-
   condition(:has_parent, scope: :subject) { @subject.has_parent? }
   condition(:share_with_group_locked, scope: :subject) { @subject.share_with_group_lock? }
   condition(:parent_share_with_group_locked, scope: :subject) { @subject.parent&.share_with_group_lock? }
@@ -108,8 +106,8 @@ class GroupPolicy < BasePolicy
     enable :read_nested_project_resources
   end
 
-  rule { owner & nested_groups_supported }.enable :create_subgroup
-  rule { maintainer & maintainer_can_create_group & nested_groups_supported }.enable :create_subgroup
+  rule { owner }.enable :create_subgroup
+  rule { maintainer & maintainer_can_create_group }.enable :create_subgroup
 
   rule { public_group | logged_in_viewable }.enable :view_globally
 
diff --git a/app/services/groups/nested_create_service.rb b/app/services/groups/nested_create_service.rb
index 01bd685712b..a51ac9aa593 100644
--- a/app/services/groups/nested_create_service.rb
+++ b/app/services/groups/nested_create_service.rb
@@ -18,10 +18,6 @@ module Groups
         return namespace
       end
 
-      if group_path.include?('/') && !Group.supports_nested_objects?
-        raise 'Nested groups are not supported on MySQL'
-      end
-
       create_group_path
     end
 
diff --git a/app/services/groups/transfer_service.rb b/app/services/groups/transfer_service.rb
index 98e7c311572..fe7e07ef9f0 100644
--- a/app/services/groups/transfer_service.rb
+++ b/app/services/groups/transfer_service.rb
@@ -43,7 +43,6 @@ module Groups
 
     def ensure_allowed_transfer
       raise_transfer_error(:group_is_already_root) if group_is_already_root?
-      raise_transfer_error(:database_not_supported) unless Group.supports_nested_objects?
       raise_transfer_error(:same_parent_as_current) if same_parent?
       raise_transfer_error(:invalid_policies) unless valid_policies?
       raise_transfer_error(:namespace_with_same_path) if namespace_with_same_path?
diff --git a/app/services/members/destroy_service.rb b/app/services/members/destroy_service.rb
index c8d5e563cd8..0164760920f 100644
--- a/app/services/members/destroy_service.rb
+++ b/app/services/members/destroy_service.rb
@@ -31,7 +31,7 @@ module Members
       return unless member.is_a?(GroupMember) && member.user && member.group
 
       delete_project_members(member)
-      delete_subgroup_members(member) if Group.supports_nested_objects?
+      delete_subgroup_members(member)
     end
 
     def delete_project_members(member)
diff --git a/app/services/users/refresh_authorized_projects_service.rb b/app/services/users/refresh_authorized_projects_service.rb
index 4a26d2be2af..ae67b4f5256 100644
--- a/app/services/users/refresh_authorized_projects_service.rb
+++ b/app/services/users/refresh_authorized_projects_service.rb
@@ -102,13 +102,7 @@ module Users
     end
 
     def fresh_authorizations
-      klass = if Group.supports_nested_objects?
-                Gitlab::ProjectAuthorizations::WithNestedGroups
-              else
-                Gitlab::ProjectAuthorizations::WithoutNestedGroups
-              end
-
-      klass.new(user).calculate
+      Gitlab::ProjectAuthorizations.new(user).calculate
     end
   end
 end
diff --git a/app/views/groups/settings/_advanced.html.haml b/app/views/groups/settings/_advanced.html.haml
index 5d211d0e186..d1eb6478997 100644
--- a/app/views/groups/settings/_advanced.html.haml
+++ b/app/views/groups/settings/_advanced.html.haml
@@ -23,20 +23,19 @@
 
     = f.submit 'Change group path', class: 'btn btn-warning'
 
-- if supports_nested_groups?
-  .sub-section
-    %h4.warning-title Transfer group
-    = form_for @group, url: transfer_group_path(@group), method: :put do |f|
-      .form-group
-        = dropdown_tag('Select parent group', options: { toggle_class: 'js-groups-dropdown', title: 'Parent Group', filter: true, dropdown_class: 'dropdown-open-top dropdown-group-transfer', placeholder: 'Search groups', data: { data: parent_group_options(@group) } })
-        = hidden_field_tag 'new_parent_group_id'
+.sub-section
+  %h4.warning-title Transfer group
+  = form_for @group, url: transfer_group_path(@group), method: :put do |f|
+    .form-group
+      = dropdown_tag('Select parent group', options: { toggle_class: 'js-groups-dropdown', title: 'Parent Group', filter: true, dropdown_class: 'dropdown-open-top dropdown-group-transfer', placeholder: 'Search groups', data: { data: parent_group_options(@group) } })
+      = hidden_field_tag 'new_parent_group_id'
 
-      %ul
-        %li Be careful. Changing a group's parent can have unintended #{link_to 'side effects', 'https://docs.gitlab.com/ce/user/project/index.html#redirects-when-changing-repository-paths', target: 'blank'}.
-        %li You can only transfer the group to a group you manage.
-        %li You will need to update your local repositories to point to the new location.
-        %li If the parent group's visibility is lower than the group current visibility, visibility levels for subgroups and projects will be changed to match the new parent group's visibility.
-      = f.submit 'Transfer group', class: 'btn btn-warning'
+    %ul
+      %li Be careful. Changing a group's parent can have unintended #{link_to 'side effects', 'https://docs.gitlab.com/ce/user/project/index.html#redirects-when-changing-repository-paths', target: 'blank'}.
+      %li You can only transfer the group to a group you manage.
+      %li You will need to update your local repositories to point to the new location.
+      %li If the parent group's visibility is lower than the group current visibility, visibility levels for subgroups and projects will be changed to match the new parent group's visibility.
+    = f.submit 'Transfer group', class: 'btn btn-warning'
 
 .sub-section
   %h4.danger-title= _('Remove group')
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 10b4f8934d7..2e78331df6c 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -366,10 +366,7 @@ module API
       end
       expose :request_access_enabled
       expose :full_name, :full_path
-
-      if ::Group.supports_nested_objects?
-        expose :parent_id
-      end
+      expose :parent_id
 
       expose :custom_attributes, using: 'API::Entities::CustomAttribute', if: :with_custom_attributes
 
diff --git a/lib/api/groups.rb b/lib/api/groups.rb
index ec1020c7c78..f545f33c06b 100644
--- a/lib/api/groups.rb
+++ b/lib/api/groups.rb
@@ -114,10 +114,7 @@ module API
       params do
         requires :name, type: String, desc: 'The name of the group'
         requires :path, type: String, desc: 'The path of the group'
-
-        if ::Group.supports_nested_objects?
-          optional :parent_id, type: Integer, desc: 'The parent group id for creating nested group'
-        end
+        optional :parent_id, type: Integer, desc: 'The parent group id for creating nested group'
 
         use :optional_params
       end
diff --git a/lib/gitlab/object_hierarchy.rb b/lib/gitlab/object_hierarchy.rb
index 38b32770e90..c06f106ffe1 100644
--- a/lib/gitlab/object_hierarchy.rb
+++ b/lib/gitlab/object_hierarchy.rb
@@ -32,11 +32,6 @@ module Gitlab
     # Returns the maximum depth starting from the base
     # A base object with no children has a maximum depth of `1`
     def max_descendants_depth
-      unless hierarchy_supported?
-        # This makes the return value consistent with the case where hierarchy is supported
-        return descendants_base.exists? ? 1 : nil
-      end
-
       base_and_descendants(with_depth: true).maximum(DEPTH_COLUMN)
     end
 
@@ -66,8 +61,6 @@ module Gitlab
     # each parent.
     # rubocop: disable CodeReuse/ActiveRecord
     def base_and_ancestors(upto: nil, hierarchy_order: nil)
-      return ancestors_base unless hierarchy_supported?
-
       recursive_query = base_and_ancestors_cte(upto, hierarchy_order).apply_to(model.all)
       recursive_query = recursive_query.order(depth: hierarchy_order) if hierarchy_order
 
@@ -81,10 +74,6 @@ module Gitlab
     # When `with_depth` is `true`, a `depth` column is included where it starts with `1` for the base objects
     # and incremented as we go down the descendant tree
     def base_and_descendants(with_depth: false)
-      unless hierarchy_supported?
-        return with_depth ? descendants_base.select("1 as #{DEPTH_COLUMN}", objects_table[Arel.star]) : descendants_base
-      end
-
       read_only(base_and_descendants_cte(with_depth: with_depth).apply_to(model.all))
     end
 
@@ -112,8 +101,6 @@ module Gitlab
     # If nested objects are not supported, ancestors_base is returned.
     # rubocop: disable CodeReuse/ActiveRecord
     def all_objects
-      return ancestors_base unless hierarchy_supported?
-
       ancestors = base_and_ancestors_cte
       descendants = base_and_descendants_cte
 
@@ -135,10 +122,6 @@ module Gitlab
 
     private
 
-    def hierarchy_supported?
-      Gitlab::Database.postgresql?
-    end
-
     # rubocop: disable CodeReuse/ActiveRecord
     def base_and_ancestors_cte(stop_id = nil, hierarchy_order = nil)
       cte = SQL::RecursiveCTE.new(:base_and_ancestors)
diff --git a/lib/gitlab/project_authorizations.rb b/lib/gitlab/project_authorizations.rb
new file mode 100644
index 00000000000..a9270cd536e
--- /dev/null
+++ b/lib/gitlab/project_authorizations.rb
@@ -0,0 +1,121 @@
+# frozen_string_literal: true
+
+# This class relies on Common Table Expressions to efficiently get all data,
+# including data for nested groups.
+module Gitlab
+  class ProjectAuthorizations
+    attr_reader :user
+
+    # user - The User object for which to calculate the authorizations.
+    def initialize(user)
+      @user = user
+    end
+
+    def calculate
+      cte = recursive_cte
+      cte_alias = cte.table.alias(Group.table_name)
+      projects = Project.arel_table
+      links = ProjectGroupLink.arel_table
+
+      relations = [
+        # The project a user has direct access to.
+        user.projects.select_for_project_authorization,
+
+        # The personal projects of the user.
+        user.personal_projects.select_as_maintainer_for_project_authorization,
+
+        # Projects that belong directly to any of the groups the user has
+        # access to.
+        Namespace
+          .unscoped
+          .select([alias_as_column(projects[:id], 'project_id'),
+                   cte_alias[:access_level]])
+          .from(cte_alias)
+          .joins(:projects),
+
+        # Projects shared with any of the namespaces the user has access to.
+        Namespace
+          .unscoped
+          .select([
+            links[:project_id],
+            least(cte_alias[:access_level], links[:group_access], 'access_level')
+          ])
+          .from(cte_alias)
+          .joins('INNER JOIN project_group_links ON project_group_links.group_id = namespaces.id')
+          .joins('INNER JOIN projects ON projects.id = project_group_links.project_id')
+          .joins('INNER JOIN namespaces p_ns ON p_ns.id = projects.namespace_id')
+          .where('p_ns.share_with_group_lock IS FALSE')
+      ]
+
+      ProjectAuthorization
+        .unscoped
+        .with
+        .recursive(cte.to_arel)
+        .select_from_union(relations)
+    end
+
+    private
+
+    # Builds a recursive CTE that gets all the groups the current user has
+    # access to, including any nested groups.
+    def recursive_cte
+      cte = Gitlab::SQL::RecursiveCTE.new(:namespaces_cte)
+      members = Member.arel_table
+      namespaces = Namespace.arel_table
+
+      # Namespaces the user is a member of.
+      cte << user.groups
+        .select([namespaces[:id], members[:access_level]])
+        .except(:order)
+
+      # Sub groups of any groups the user is a member of.
+      cte << Group.select([
+          namespaces[:id],
+          greatest(members[:access_level], cte.table[:access_level], 'access_level')
+        ])
+        .joins(join_cte(cte))
+        .joins(join_members)
+        .except(:order)
+
+      cte
+    end
+
+    # Builds a LEFT JOIN to join optional memberships onto the CTE.
+    def join_members
+      members = Member.arel_table
+      namespaces = Namespace.arel_table
+
+      cond = members[:source_id]
+        .eq(namespaces[:id])
+        .and(members[:source_type].eq('Namespace'))
+        .and(members[:requested_at].eq(nil))
+        .and(members[:user_id].eq(user.id))
+
+      Arel::Nodes::OuterJoin.new(members, Arel::Nodes::On.new(cond))
+    end
+
+    # Builds an INNER JOIN to join namespaces onto the CTE.
+    def join_cte(cte)
+      namespaces = Namespace.arel_table
+      cond = cte.table[:id].eq(namespaces[:parent_id])
+
+      Arel::Nodes::InnerJoin.new(cte.table, Arel::Nodes::On.new(cond))
+    end
+
+    def greatest(left, right, column_alias)
+      sql_function('GREATEST', [left, right], column_alias)
+    end
+
+    def least(left, right, column_alias)
+      sql_function('LEAST', [left, right], column_alias)
+    end
+
+    def sql_function(name, args, column_alias)
+      alias_as_column(Arel::Nodes::NamedFunction.new(name, args), column_alias)
+    end
+
+    def alias_as_column(value, alias_to)
+      Arel::Nodes::As.new(value, Arel::Nodes::SqlLiteral.new(alias_to))
+    end
+  end
+end
diff --git a/lib/gitlab/project_authorizations/with_nested_groups.rb b/lib/gitlab/project_authorizations/with_nested_groups.rb
deleted file mode 100644
index 2372a316ab0..00000000000
--- a/lib/gitlab/project_authorizations/with_nested_groups.rb
+++ /dev/null
@@ -1,125 +0,0 @@
-# frozen_string_literal: true
-
-module Gitlab
-  module ProjectAuthorizations
-    # Calculating new project authorizations when supporting nested groups.
-    #
-    # This class relies on Common Table Expressions to efficiently get all data,
-    # including data for nested groups. As a result this class can only be used
-    # on PostgreSQL.
-    class WithNestedGroups
-      attr_reader :user
-
-      # user - The User object for which to calculate the authorizations.
-      def initialize(user)
-        @user = user
-      end
-
-      def calculate
-        cte = recursive_cte
-        cte_alias = cte.table.alias(Group.table_name)
-        projects = Project.arel_table
-        links = ProjectGroupLink.arel_table
-
-        relations = [
-          # The project a user has direct access to.
-          user.projects.select_for_project_authorization,
-
-          # The personal projects of the user.
-          user.personal_projects.select_as_maintainer_for_project_authorization,
-
-          # Projects that belong directly to any of the groups the user has
-          # access to.
-          Namespace
-            .unscoped
-            .select([alias_as_column(projects[:id], 'project_id'),
-                     cte_alias[:access_level]])
-            .from(cte_alias)
-            .joins(:projects),
-
-          # Projects shared with any of the namespaces the user has access to.
-          Namespace
-            .unscoped
-            .select([links[:project_id],
-                     least(cte_alias[:access_level],
-                           links[:group_access],
-                           'access_level')])
-            .from(cte_alias)
-            .joins('INNER JOIN project_group_links ON project_group_links.group_id = namespaces.id')
-            .joins('INNER JOIN projects ON projects.id = project_group_links.project_id')
-            .joins('INNER JOIN namespaces p_ns ON p_ns.id = projects.namespace_id')
-            .where('p_ns.share_with_group_lock IS FALSE')
-        ]
-
-        ProjectAuthorization
-          .unscoped
-          .with
-          .recursive(cte.to_arel)
-          .select_from_union(relations)
-      end
-
-      private
-
-      # Builds a recursive CTE that gets all the groups the current user has
-      # access to, including any nested groups.
-      def recursive_cte
-        cte = Gitlab::SQL::RecursiveCTE.new(:namespaces_cte)
-        members = Member.arel_table
-        namespaces = Namespace.arel_table
-
-        # Namespaces the user is a member of.
-        cte << user.groups
-          .select([namespaces[:id], members[:access_level]])
-          .except(:order)
-
-        # Sub groups of any groups the user is a member of.
-        cte << Group.select([namespaces[:id],
-                             greatest(members[:access_level],
-                                      cte.table[:access_level], 'access_level')])
-          .joins(join_cte(cte))
-          .joins(join_members)
-          .except(:order)
-
-        cte
-      end
-
-      # Builds a LEFT JOIN to join optional memberships onto the CTE.
-      def join_members
-        members = Member.arel_table
-        namespaces = Namespace.arel_table
-
-        cond = members[:source_id]
-          .eq(namespaces[:id])
-          .and(members[:source_type].eq('Namespace'))
-          .and(members[:requested_at].eq(nil))
-          .and(members[:user_id].eq(user.id))
-
-        Arel::Nodes::OuterJoin.new(members, Arel::Nodes::On.new(cond))
-      end
-
-      # Builds an INNER JOIN to join namespaces onto the CTE.
-      def join_cte(cte)
-        namespaces = Namespace.arel_table
-        cond = cte.table[:id].eq(namespaces[:parent_id])
-
-        Arel::Nodes::InnerJoin.new(cte.table, Arel::Nodes::On.new(cond))
-      end
-
-      def greatest(left, right, column_alias)
-        sql_function('GREATEST', [left, right], column_alias)
-      end
-
-      def least(left, right, column_alias)
-        sql_function('LEAST', [left, right], column_alias)
-      end
-
-      def sql_function(name, args, column_alias)
-        alias_as_column(Arel::Nodes::NamedFunction.new(name, args), column_alias)
-      end
-
-      def alias_as_column(value, alias_to)
-        Arel::Nodes::As.new(value, Arel::Nodes::SqlLiteral.new(alias_to))
-      end
-    end
-  end
-end
diff --git a/lib/gitlab/project_authorizations/without_nested_groups.rb b/lib/gitlab/project_authorizations/without_nested_groups.rb
deleted file mode 100644
index 50b41b17649..00000000000
--- a/lib/gitlab/project_authorizations/without_nested_groups.rb
+++ /dev/null
@@ -1,35 +0,0 @@
-# frozen_string_literal: true
-
-module Gitlab
-  module ProjectAuthorizations
-    # Calculating new project authorizations when not supporting nested groups.
-    class WithoutNestedGroups
-      attr_reader :user
-
-      # user - The User object for which to calculate the authorizations.
-      def initialize(user)
-        @user = user
-      end
-
-      def calculate
-        relations = [
-          # Projects the user is a direct member of
-          user.projects.select_for_project_authorization,
-
-          # Personal projects
-          user.personal_projects.select_as_maintainer_for_project_authorization,
-
-          # Projects of groups the user is a member of
-          user.groups_projects.select_for_project_authorization,
-
-          # Projects shared with groups the user is a member of
-          user.groups.joins(:shared_projects).select_for_project_authorization
-        ]
-
-        ProjectAuthorization
-          .unscoped
-          .select_from_union(relations)
-      end
-    end
-  end
-end
diff --git a/spec/controllers/boards/issues_controller_spec.rb b/spec/controllers/boards/issues_controller_spec.rb
index 0db58fbefc1..d54f7ad33cf 100644
--- a/spec/controllers/boards/issues_controller_spec.rb
+++ b/spec/controllers/boards/issues_controller_spec.rb
@@ -85,7 +85,7 @@ describe Boards::IssuesController do
           expect { list_issues(user: user, board: group_board, list: list3) }.not_to exceed_query_limit(control_count + (2 * 8 - 1))
         end
 
-        it 'avoids N+1 database queries when adding a subgroup, project, and issue', :nested_groups do
+        it 'avoids N+1 database queries when adding a subgroup, project, and issue' do
           create(:project, group: sub_group_1)
           create(:labeled_issue, project: project, labels: [development])
           control_count = ActiveRecord::QueryRecorder.new { list_issues(user: user, board: group_board, list: list3) }.count
diff --git a/spec/controllers/concerns/group_tree_spec.rb b/spec/controllers/concerns/group_tree_spec.rb
index aa3cd690e3f..835c3d9b3af 100644
--- a/spec/controllers/concerns/group_tree_spec.rb
+++ b/spec/controllers/concerns/group_tree_spec.rb
@@ -30,7 +30,7 @@ describe GroupTree do
       expect(assigns(:groups)).to contain_exactly(other_group)
     end
 
-    context 'for subgroups', :nested_groups do
+    context 'for subgroups' do
       it 'only renders root groups when no parent was given' do
         create(:group, :public, parent: group)
 
@@ -85,7 +85,7 @@ describe GroupTree do
         expect(json_response.first['id']).to eq(group.id)
       end
 
-      context 'nested groups', :nested_groups do
+      context 'nested groups' do
         it 'expands the tree when filtering' do
           subgroup = create(:group, :public, parent: group, name: 'filter')
 
diff --git a/spec/controllers/dashboard/groups_controller_spec.rb b/spec/controllers/dashboard/groups_controller_spec.rb
index 48373d29412..20a0951423b 100644
--- a/spec/controllers/dashboard/groups_controller_spec.rb
+++ b/spec/controllers/dashboard/groups_controller_spec.rb
@@ -26,7 +26,7 @@ describe Dashboard::GroupsController do
       expect(assigns(:groups)).to contain_exactly(member_of_group)
     end
 
-    context 'when rendering an expanded hierarchy with public groups you are not a member of', :nested_groups do
+    context 'when rendering an expanded hierarchy with public groups you are not a member of' do
       let!(:top_level_result) { create(:group, name: 'chef-top') }
       let!(:top_level_a) { create(:group, name: 'top-a') }
       let!(:sub_level_result_a) { create(:group, name: 'chef-sub-a', parent: top_level_a) }
diff --git a/spec/controllers/groups/children_controller_spec.rb b/spec/controllers/groups/children_controller_spec.rb
index 02fb971bd9a..bced300a24c 100644
--- a/spec/controllers/groups/children_controller_spec.rb
+++ b/spec/controllers/groups/children_controller_spec.rb
@@ -46,7 +46,7 @@ describe Groups::ChildrenController do
       end
     end
 
-    context 'for subgroups', :nested_groups do
+    context 'for subgroups' do
       let!(:public_subgroup) { create(:group, :public, parent: group) }
       let!(:private_subgroup) { create(:group, :private, parent: group) }
       let!(:public_project) { create(:project, :public, namespace: group) }
@@ -292,7 +292,7 @@ describe Groups::ChildrenController do
         end
       end
 
-      context 'with subgroups and projects', :nested_groups do
+      context 'with subgroups and projects' do
         let!(:first_page_subgroups) { create_list(:group, per_page, :public, parent: group) }
         let!(:other_subgroup) { create(:group, :public, parent: group) }
         let!(:next_page_projects) { create_list(:project, per_page, :public, namespace: group) }
diff --git a/spec/controllers/groups/labels_controller_spec.rb b/spec/controllers/groups/labels_controller_spec.rb
index 3cc6fc6f066..98a4c50fc49 100644
--- a/spec/controllers/groups/labels_controller_spec.rb
+++ b/spec/controllers/groups/labels_controller_spec.rb
@@ -24,7 +24,7 @@ describe Groups::LabelsController do
       expect(label_ids).to match_array([label_1.title, group_label_1.title])
     end
 
-    context 'with ancestor group', :nested_groups do
+    context 'with ancestor group' do
       set(:subgroup) { create(:group, parent: group) }
       set(:subgroup_label_1) { create(:group_label, group: subgroup, title: 'subgroup_label_1') }
 
@@ -32,7 +32,7 @@ describe Groups::LabelsController do
         subgroup.add_owner(user)
       end
 
-      it 'returns ancestor group labels', :nested_groups do
+      it 'returns ancestor group labels' do
         get :index, params: { group_id: subgroup, include_ancestor_groups: true, only_group_labels: true }, format: :json
 
         label_ids = json_response.map {|label| label['title']}
diff --git a/spec/controllers/groups_controller_spec.rb b/spec/controllers/groups_controller_spec.rb
index d2faef5b12b..404e61c5271 100644
--- a/spec/controllers/groups_controller_spec.rb
+++ b/spec/controllers/groups_controller_spec.rb
@@ -89,7 +89,7 @@ describe GroupsController do
   end
 
   describe 'GET #new' do
-    context 'when creating subgroups', :nested_groups do
+    context 'when creating subgroups' do
       [true, false].each do |can_create_group_status|
         context "and can_create_group is #{can_create_group_status}" do
           before do
@@ -166,7 +166,7 @@ describe GroupsController do
       end
     end
 
-    context 'when creating subgroups', :nested_groups do
+    context 'when creating subgroups' do
       [true, false].each do |can_create_group_status|
         context "and can_create_group is #{can_create_group_status}" do
           context 'and logged in as Owner' do
@@ -584,7 +584,7 @@ describe GroupsController do
     end
   end
 
-  describe 'PUT transfer', :postgresql do
+  describe 'PUT transfer' do
     before do
       sign_in(user)
     end
diff --git a/spec/controllers/import/bitbucket_controller_spec.rb b/spec/controllers/import/bitbucket_controller_spec.rb
index 64a66502732..38388c21749 100644
--- a/spec/controllers/import/bitbucket_controller_spec.rb
+++ b/spec/controllers/import/bitbucket_controller_spec.rb
@@ -231,7 +231,7 @@ describe Import::BitbucketController do
       end
     end
 
-    context 'user has chosen an existing nested namespace and name for the project', :postgresql do
+    context 'user has chosen an existing nested namespace and name for the project' do
       let(:parent_namespace) { create(:group, name: 'foo') }
       let(:nested_namespace) { create(:group, name: 'bar', parent: parent_namespace) }
       let(:test_name) { 'test_name' }
@@ -250,7 +250,7 @@ describe Import::BitbucketController do
       end
     end
 
-    context 'user has chosen a non-existent nested namespaces and name for the project', :postgresql do
+    context 'user has chosen a non-existent nested namespaces and name for the project' do
       let(:test_name) { 'test_name' }
 
       it 'takes the selected namespace and name' do
@@ -281,7 +281,7 @@ describe Import::BitbucketController do
       end
     end
 
-    context 'user has chosen existent and non-existent nested namespaces and name for the project', :postgresql do
+    context 'user has chosen existent and non-existent nested namespaces and name for the project' do
       let(:test_name) { 'test_name' }
       let!(:parent_namespace) { create(:group, name: 'foo') }
 
diff --git a/spec/controllers/import/gitlab_controller_spec.rb b/spec/controllers/import/gitlab_controller_spec.rb
index 5af7572e74e..e465eca6c71 100644
--- a/spec/controllers/import/gitlab_controller_spec.rb
+++ b/spec/controllers/import/gitlab_controller_spec.rb
@@ -197,7 +197,7 @@ describe Import::GitlabController do
         end
       end
 
-      context 'user has chosen an existing nested namespace for the project', :postgresql do
+      context 'user has chosen an existing nested namespace for the project' do
         let(:parent_namespace) { create(:group, name: 'foo') }
         let(:nested_namespace) { create(:group, name: 'bar', parent: parent_namespace) }
 
@@ -215,7 +215,7 @@ describe Import::GitlabController do
         end
       end
 
-      context 'user has chosen a non-existent nested namespaces for the project', :postgresql do
+      context 'user has chosen a non-existent nested namespaces for the project' do
         let(:test_name) { 'test_name' }
 
         it 'takes the selected namespace and name' do
@@ -246,7 +246,7 @@ describe Import::GitlabController do
         end
       end
 
-      context 'user has chosen existent and non-existent nested namespaces and name for the project', :postgresql do
+      context 'user has chosen existent and non-existent nested namespaces and name for the project' do
         let(:test_name) { 'test_name' }
         let!(:parent_namespace) { create(:group, name: 'foo') }
 
diff --git a/spec/controllers/projects/milestones_controller_spec.rb b/spec/controllers/projects/milestones_controller_spec.rb
index 767cee7d54a..9b2025b836c 100644
--- a/spec/controllers/projects/milestones_controller_spec.rb
+++ b/spec/controllers/projects/milestones_controller_spec.rb
@@ -115,7 +115,7 @@ describe Projects::MilestonesController do
         end
       end
 
-      context 'with nested groups', :nested_groups do
+      context 'with nested groups' do
         let!(:subgroup) { create(:group, :public, parent: group) }
         let!(:subgroup_milestone) { create(:milestone, group: subgroup) }
 
diff --git a/spec/features/dashboard/groups_list_spec.rb b/spec/features/dashboard/groups_list_spec.rb
index fb76e2b0014..bdab3c63244 100644
--- a/spec/features/dashboard/groups_list_spec.rb
+++ b/spec/features/dashboard/groups_list_spec.rb
@@ -27,7 +27,7 @@ describe 'Dashboard Groups page', :js do
     expect(page).not_to have_content(another_group.name)
   end
 
-  it 'shows subgroups the user is member of', :nested_groups do
+  it 'shows subgroups the user is member of' do
     group.add_owner(user)
     nested_group.add_owner(user)
 
@@ -40,7 +40,7 @@ describe 'Dashboard Groups page', :js do
     expect(page).to have_content(nested_group.name)
   end
 
-  context 'when filtering groups', :nested_groups do
+  context 'when filtering groups' do
     before do
       group.add_owner(user)
       nested_group.add_owner(user)
@@ -79,7 +79,7 @@ describe 'Dashboard Groups page', :js do
     end
   end
 
-  context 'with subgroups', :nested_groups do
+  context 'with subgroups' do
     let!(:subgroup) { create(:group, :public, parent: group) }
 
     before do
diff --git a/spec/features/groups/empty_states_spec.rb b/spec/features/groups/empty_states_spec.rb
index e4eb0d355d1..3fbc0f78d38 100644
--- a/spec/features/groups/empty_states_spec.rb
+++ b/spec/features/groups/empty_states_spec.rb
@@ -110,7 +110,7 @@ describe 'Group empty states' do
       end
 
       context 'group without a project' do
-        context 'group has a subgroup', :nested_groups do
+        context 'group has a subgroup' do
           let(:subgroup) { create(:group, parent: group) }
           let(:subgroup_project) { create(:project, namespace: subgroup) }
 
diff --git a/spec/features/groups/group_settings_spec.rb b/spec/features/groups/group_settings_spec.rb
index 676769c25fe..257aeae7e23 100644
--- a/spec/features/groups/group_settings_spec.rb
+++ b/spec/features/groups/group_settings_spec.rb
@@ -121,7 +121,7 @@ describe 'Edit group settings' do
       expect(find(:css, '.group-root-path').text).to eq(root_url)
     end
 
-    it 'has a parent group URL label for a subgroup group', :postgresql do
+    it 'has a parent group URL label for a subgroup group' do
       subgroup = create(:group, parent: group)
 
       visit edit_group_path(subgroup)
diff --git a/spec/features/groups/issues_spec.rb b/spec/features/groups/issues_spec.rb
index 0ada530781c..a16004c79ca 100644
--- a/spec/features/groups/issues_spec.rb
+++ b/spec/features/groups/issues_spec.rb
@@ -50,7 +50,7 @@ describe 'Group issues page' do
     end
   end
 
-  context 'issues list', :nested_groups do
+  context 'issues list' do
     let(:subgroup) { create(:group, parent: group) }
     let(:subgroup_project) { create(:project, :public, group: subgroup)}
     let(:user_in_group) { create(:group_member, :maintainer, user: create(:user), group: group ).user }
diff --git a/spec/features/groups/members/list_members_spec.rb b/spec/features/groups/members/list_members_spec.rb
index 4ba7161601e..ffff755793f 100644
--- a/spec/features/groups/members/list_members_spec.rb
+++ b/spec/features/groups/members/list_members_spec.rb
@@ -13,7 +13,7 @@ describe 'Groups > Members > List members' do
     sign_in(user1)
   end
 
-  it 'show members from current group and parent', :nested_groups do
+  it 'show members from current group and parent' do
     group.add_developer(user1)
     nested_group.add_developer(user2)
 
@@ -23,7 +23,7 @@ describe 'Groups > Members > List members' do
     expect(second_row.text).to include(user2.name)
   end
 
-  it 'show user once if member of both current group and parent', :nested_groups do
+  it 'show user once if member of both current group and parent' do
     group.add_developer(user1)
     nested_group.add_developer(user1)
 
diff --git a/spec/features/groups/share_lock_spec.rb b/spec/features/groups/share_lock_spec.rb
index 704d9f12888..86b523fbdd9 100644
--- a/spec/features/groups/share_lock_spec.rb
+++ b/spec/features/groups/share_lock_spec.rb
@@ -9,7 +9,7 @@ describe 'Group share with group lock' do
     sign_in(root_owner)
   end
 
-  context 'with a subgroup', :nested_groups do
+  context 'with a subgroup' do
     let!(:subgroup) { create(:group, parent: root_group) }
 
     context 'when enabling the parent group share with group lock' do
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index bed998a0859..0d78bd23973 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -75,11 +75,7 @@ describe 'Group show page' do
         sign_in(owner)
       end
 
-      context 'when subgroups are supported', :nested_groups do
-        before do
-          allow(Group).to receive(:supports_nested_objects?) { true }
-        end
-
+      context 'when subgroups are supported' do
         it 'allows creating subgroups' do
           visit path
 
@@ -87,19 +83,6 @@ describe 'Group show page' do
             .to have_css("li[data-text='New subgroup']", visible: false)
         end
       end
-
-      context 'when subgroups are not supported' do
-        before do
-          allow(Group).to receive(:supports_nested_objects?) { false }
-        end
-
-        it 'does not allow creating subgroups' do
-          visit path
-
-          expect(page)
-            .not_to have_selector("li[data-text='New subgroup']", visible: false)
-        end
-      end
     end
 
     context 'for maintainers' do
@@ -107,11 +90,7 @@ describe 'Group show page' do
         sign_in(maintainer)
       end
 
-      context 'when subgroups are supported', :nested_groups do
-        before do
-          allow(Group).to receive(:supports_nested_objects?) { true }
-        end
-
+      context 'when subgroups are supported' do
         context 'when subgroup_creation_level is set to maintainers' do
           before do
             relaxed_group.add_maintainer(maintainer)
@@ -141,19 +120,6 @@ describe 'Group show page' do
           end
         end
       end
-
-      context 'when subgroups are not supported' do
-        before do
-          allow(Group).to receive(:supports_nested_objects?) { false }
-        end
-
-        it 'does not allow creating subgroups' do
-          visit path
-
-          expect(page)
-            .not_to have_selector("li[data-text='New subgroup']", visible: false)
-        end
-      end
     end
   end
 
diff --git a/spec/features/groups_spec.rb b/spec/features/groups_spec.rb
index 8e7f78cab81..ad645643919 100644
--- a/spec/features/groups_spec.rb
+++ b/spec/features/groups_spec.rb
@@ -105,7 +105,7 @@ describe 'Group' do
     end
   end
 
-  describe 'create a nested group', :nested_groups, :js do
+  describe 'create a nested group', :js do
     let(:group) { create(:group, path: 'foo') }
 
     context 'as admin' do
@@ -231,7 +231,7 @@ describe 'Group' do
     end
   end
 
-  describe 'group page with nested groups', :nested_groups, :js do
+  describe 'group page with nested groups', :js do
     let!(:group) { create(:group) }
     let!(:nested_group) { create(:group, parent: group) }
     let!(:project) { create(:project, namespace: group) }
diff --git a/spec/features/ide_spec.rb b/spec/features/ide_spec.rb
index 6eb59ef72c2..65989c36c1e 100644
--- a/spec/features/ide_spec.rb
+++ b/spec/features/ide_spec.rb
@@ -1,7 +1,7 @@
 require 'spec_helper'
 
 describe 'IDE', :js do
-  describe 'sub-groups', :nested_groups do
+  describe 'sub-groups' do
     let(:user) { create(:user) }
     let(:group) { create(:group) }
     let(:subgroup) { create(:group, parent: group) }
diff --git a/spec/features/import/manifest_import_spec.rb b/spec/features/import/manifest_import_spec.rb
index a90cdd8d920..90b499efd72 100644
--- a/spec/features/import/manifest_import_spec.rb
+++ b/spec/features/import/manifest_import_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe 'Import multiple repositories by uploading a manifest file', :js, :postgresql do
+describe 'Import multiple repositories by uploading a manifest file', :js do
   include Select2Helper
 
   let(:user) { create(:admin) }
diff --git a/spec/features/labels_hierarchy_spec.rb b/spec/features/labels_hierarchy_spec.rb
index 489651fea15..45bd2218ee6 100644
--- a/spec/features/labels_hierarchy_spec.rb
+++ b/spec/features/labels_hierarchy_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe 'Labels Hierarchy', :js, :nested_groups do
+describe 'Labels Hierarchy', :js do
   include FilteredSearchHelpers
 
   let!(:user) { create(:user) }
diff --git a/spec/features/projects/members/invite_group_spec.rb b/spec/features/projects/members/invite_group_spec.rb
index 7432c600c1e..c5423ec4662 100644
--- a/spec/features/projects/members/invite_group_spec.rb
+++ b/spec/features/projects/members/invite_group_spec.rb
@@ -58,7 +58,7 @@ describe 'Project > Members > Invite group', :js do
       end
     end
 
-    context 'for a project in a subgroup', :nested_groups do
+    context 'for a project in a subgroup' do
       let!(:group_to_share_with) { create(:group) }
       let(:root_group) { create(:group) }
       let(:subgroup) { create(:group, parent: root_group) }
@@ -181,7 +181,7 @@ describe 'Project > Members > Invite group', :js do
         group_to_share_with.add_maintainer(maintainer)
       end
 
-      it 'the groups dropdown does not show ancestors', :nested_groups do
+      it 'the groups dropdown does not show ancestors' do
         visit project_settings_members_path(project)
 
         click_on 'invite-group-tab'
diff --git a/spec/features/projects/new_project_spec.rb b/spec/features/projects/new_project_spec.rb
index 7602935b47e..8cdaed43fbc 100644
--- a/spec/features/projects/new_project_spec.rb
+++ b/spec/features/projects/new_project_spec.rb
@@ -294,7 +294,7 @@ describe 'New project' do
         end
       end
 
-      context 'from manifest file', :postgresql do
+      context 'from manifest file' do
         before do
           first('.import_manifest').click
         end
diff --git a/spec/features/projects/settings/pipelines_settings_spec.rb b/spec/features/projects/settings/pipelines_settings_spec.rb
index bf0c0de89b2..31fdd308292 100644
--- a/spec/features/projects/settings/pipelines_settings_spec.rb
+++ b/spec/features/projects/settings/pipelines_settings_spec.rb
@@ -126,7 +126,7 @@ describe "Projects > Settings > Pipelines settings" do
           end
         end
 
-        context 'when auto devops is turned on group parent level', :nested_groups do
+        context 'when auto devops is turned on group parent level' do
           before do
             group = create(:group, parent: create(:group, :auto_devops_enabled))
             project.update!(namespace: group)
diff --git a/spec/features/projects/settings/user_transfers_a_project_spec.rb b/spec/features/projects/settings/user_transfers_a_project_spec.rb
index 2fdbc04fa62..9af2e47a334 100644
--- a/spec/features/projects/settings/user_transfers_a_project_spec.rb
+++ b/spec/features/projects/settings/user_transfers_a_project_spec.rb
@@ -68,7 +68,7 @@ describe 'Projects > Settings > User transfers a project', :js do
     end
   end
 
-  context 'when nested groups are available', :nested_groups do
+  context 'when nested groups are available' do
     it 'allows transferring a project to a subgroup' do
       subgroup = create(:group, parent: group)
 
diff --git a/spec/features/projects/sub_group_issuables_spec.rb b/spec/features/projects/sub_group_issuables_spec.rb
index 50e7e934cf6..8afbcf72ca7 100644
--- a/spec/features/projects/sub_group_issuables_spec.rb
+++ b/spec/features/projects/sub_group_issuables_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe 'Subgroup Issuables', :js, :nested_groups do
+describe 'Subgroup Issuables', :js do
   let!(:group)    { create(:group, name: 'group') }
   let!(:subgroup) { create(:group, parent: group, name: 'subgroup') }
   let!(:project)  { create(:project, namespace: subgroup, name: 'project') }
diff --git a/spec/features/projects/user_creates_project_spec.rb b/spec/features/projects/user_creates_project_spec.rb
index c0932539131..19262a635ac 100644
--- a/spec/features/projects/user_creates_project_spec.rb
+++ b/spec/features/projects/user_creates_project_spec.rb
@@ -26,7 +26,7 @@ describe 'User creates a project', :js do
     expect(page).to have_content(project.url_to_repo)
   end
 
-  context 'in a subgroup they do not own', :nested_groups do
+  context 'in a subgroup they do not own' do
     let(:parent) { create(:group) }
     let!(:subgroup) { create(:group, parent: parent) }
 
diff --git a/spec/features/projects_spec.rb b/spec/features/projects_spec.rb
index b5112758475..d1e2d17e9cc 100644
--- a/spec/features/projects_spec.rb
+++ b/spec/features/projects_spec.rb
@@ -314,7 +314,7 @@ describe 'Project' do
       end
     end
 
-    context 'for subgroups', :js, :nested_groups do
+    context 'for subgroups', :js do
       let(:group) { create(:group) }
       let(:subgroup) { create(:group, parent: group) }
       let(:project) { create(:project, :repository, group: subgroup) }
diff --git a/spec/finders/autocomplete/users_finder_spec.rb b/spec/finders/autocomplete/users_finder_spec.rb
index bcde115b1a6..f3b54ca0461 100644
--- a/spec/finders/autocomplete/users_finder_spec.rb
+++ b/spec/finders/autocomplete/users_finder_spec.rb
@@ -50,7 +50,7 @@ describe Autocomplete::UsersFinder do
       it { is_expected.to match_array([user1]) }
     end
 
-    context 'when passed a subgroup', :nested_groups do
+    context 'when passed a subgroup' do
       let(:grandparent) { create(:group, :public) }
       let(:parent) { create(:group, :public, parent: grandparent) }
       let(:child) { create(:group, :public, parent: parent) }
diff --git a/spec/finders/cluster_ancestors_finder_spec.rb b/spec/finders/cluster_ancestors_finder_spec.rb
index 750042b6b54..4aedb41d446 100644
--- a/spec/finders/cluster_ancestors_finder_spec.rb
+++ b/spec/finders/cluster_ancestors_finder_spec.rb
@@ -32,7 +32,7 @@ describe ClusterAncestorsFinder, '#execute' do
       is_expected.to eq([project_cluster, group_cluster, instance_cluster])
     end
 
-    context 'nested groups', :nested_groups do
+    context 'nested groups' do
       let(:group) { create(:group, parent: parent_group) }
       let(:parent_group) { create(:group) }
 
@@ -65,7 +65,7 @@ describe ClusterAncestorsFinder, '#execute' do
       is_expected.to eq([group_cluster, instance_cluster])
     end
 
-    context 'nested groups', :nested_groups do
+    context 'nested groups' do
       let(:group) { create(:group, parent: parent_group) }
       let(:parent_group) { create(:group) }
 
diff --git a/spec/finders/group_descendants_finder_spec.rb b/spec/finders/group_descendants_finder_spec.rb
index c28fd7cad11..5fb6739d6e2 100644
--- a/spec/finders/group_descendants_finder_spec.rb
+++ b/spec/finders/group_descendants_finder_spec.rb
@@ -19,7 +19,7 @@ describe GroupDescendantsFinder do
       expect(finder.has_children?).to be_truthy
     end
 
-    context 'when there are subgroups', :nested_groups do
+    context 'when there are subgroups' do
       it 'is true when there are projects' do
         create(:group, parent: group)
 
@@ -99,7 +99,7 @@ describe GroupDescendantsFinder do
         )
       end
 
-      context 'with nested groups', :nested_groups do
+      context 'with nested groups' do
         let!(:subgroup1) { create(:group, parent: group, name: 'a', path: 'sub-a') }
         let!(:subgroup2) { create(:group, parent: group, name: 'z', path: 'sub-z') }
 
@@ -126,7 +126,7 @@ describe GroupDescendantsFinder do
     end
   end
 
-  context 'with nested groups', :nested_groups do
+  context 'with nested groups' do
     let!(:project) { create(:project, namespace: group) }
     let!(:subgroup) { create(:group, :private, parent: group) }
 
diff --git a/spec/finders/group_members_finder_spec.rb b/spec/finders/group_members_finder_spec.rb
index 8975ea0f063..49b0e14241e 100644
--- a/spec/finders/group_members_finder_spec.rb
+++ b/spec/finders/group_members_finder_spec.rb
@@ -18,7 +18,7 @@ describe GroupMembersFinder, '#execute' do
     expect(result.to_a).to match_array([member3, member2, member1])
   end
 
-  it 'returns members for nested group', :nested_groups do
+  it 'returns members for nested group' do
     group.add_developer(user2)
     nested_group.request_access(user4)
     member1 = group.add_maintainer(user1)
@@ -30,7 +30,7 @@ describe GroupMembersFinder, '#execute' do
     expect(result.to_a).to match_array([member1, member3, member4])
   end
 
-  it 'returns members for descendant groups if requested', :nested_groups do
+  it 'returns members for descendant groups if requested' do
     member1 = group.add_maintainer(user2)
     member2 = group.add_maintainer(user1)
     nested_group.add_maintainer(user2)
diff --git a/spec/finders/group_projects_finder_spec.rb b/spec/finders/group_projects_finder_spec.rb
index f8fcc2d0e40..f4bd8a3f6ba 100644
--- a/spec/finders/group_projects_finder_spec.rb
+++ b/spec/finders/group_projects_finder_spec.rb
@@ -19,7 +19,7 @@ describe GroupProjectsFinder do
     context "only owned" do
       let(:options) { { only_owned: true } }
 
-      context 'with subgroups projects', :nested_groups do
+      context 'with subgroups projects' do
         before do
           options[:include_subgroups] = true
         end
@@ -33,7 +33,7 @@ describe GroupProjectsFinder do
     end
 
     context "all" do
-      context 'with subgroups projects', :nested_groups do
+      context 'with subgroups projects' do
         before do
           options[:include_subgroups] = true
         end
@@ -78,7 +78,7 @@ describe GroupProjectsFinder do
           subgroup_private_project.add_maintainer(current_user)
         end
 
-        context 'with subgroups projects', :nested_groups do
+        context 'with subgroups projects' do
           before do
             options[:include_subgroups] = true
           end
@@ -96,7 +96,7 @@ describe GroupProjectsFinder do
           current_user.update(external: true)
         end
 
-        context 'with subgroups projects', :nested_groups do
+        context 'with subgroups projects' do
           before do
             options[:include_subgroups] = true
           end
@@ -111,7 +111,7 @@ describe GroupProjectsFinder do
     end
 
     context "all" do
-      context 'with subgroups projects', :nested_groups do
+      context 'with subgroups projects' do
         before do
           options[:include_subgroups] = true
         end
@@ -153,7 +153,7 @@ describe GroupProjectsFinder do
     context "only owned" do
       let(:options) { { only_owned: true } }
 
-      context 'with subgroups projects', :nested_groups do
+      context 'with subgroups projects' do
         before do
           options[:include_subgroups] = true
         end
diff --git a/spec/finders/groups_finder_spec.rb b/spec/finders/groups_finder_spec.rb
index 367ca43bdfe..c8875d1f92d 100644
--- a/spec/finders/groups_finder_spec.rb
+++ b/spec/finders/groups_finder_spec.rb
@@ -65,7 +65,7 @@ describe GroupsFinder do
       end
     end
 
-    context 'subgroups', :nested_groups do
+    context 'subgroups' do
       let(:user) { create(:user) }
       let!(:parent_group) { create(:group, :public) }
       let!(:public_subgroup) { create(:group, :public, parent: parent_group) }
diff --git a/spec/finders/issues_finder_spec.rb b/spec/finders/issues_finder_spec.rb
index bf38d083ca6..7fbe27c1939 100644
--- a/spec/finders/issues_finder_spec.rb
+++ b/spec/finders/issues_finder_spec.rb
@@ -51,7 +51,7 @@ describe IssuesFinder do
           end
         end
 
-        context 'when include_subgroup param is true', :nested_groups do
+        context 'when include_subgroup param is true' do
           before do
             params[:include_subgroups] = true
           end
diff --git a/spec/finders/labels_finder_spec.rb b/spec/finders/labels_finder_spec.rb
index 98b4933fef6..ba41ded112a 100644
--- a/spec/finders/labels_finder_spec.rb
+++ b/spec/finders/labels_finder_spec.rb
@@ -89,7 +89,7 @@ describe LabelsFinder do
         end
       end
 
-      context 'when including labels from group ancestors', :nested_groups do
+      context 'when including labels from group ancestors' do
         it 'returns labels from group and its ancestors' do
           private_group_1.add_developer(user)
           private_subgroup_1.add_developer(user)
@@ -108,7 +108,7 @@ describe LabelsFinder do
         end
       end
 
-      context 'when including labels from group descendants', :nested_groups do
+      context 'when including labels from group descendants' do
         it 'returns labels from group and its descendants' do
           private_group_1.add_developer(user)
           private_subgroup_1.add_developer(user)
@@ -128,7 +128,7 @@ describe LabelsFinder do
       end
     end
 
-    context 'filtering by project_id', :nested_groups do
+    context 'filtering by project_id' do
       context 'when include_ancestor_groups is true' do
         let!(:sub_project) { create(:project, namespace: private_subgroup_1 ) }
         let!(:project_label) { create(:label, project: sub_project, title: 'Label 5') }
diff --git a/spec/finders/members_finder_spec.rb b/spec/finders/members_finder_spec.rb
index 83348457caa..4203f58fe81 100644
--- a/spec/finders/members_finder_spec.rb
+++ b/spec/finders/members_finder_spec.rb
@@ -9,7 +9,7 @@ describe MembersFinder, '#execute' do
   set(:user3)        { create(:user) }
   set(:user4)        { create(:user) }
 
-  it 'returns members for project and parent groups', :nested_groups do
+  it 'returns members for project and parent groups' do
     nested_group.request_access(user1)
     member1 = group.add_maintainer(user2)
     member2 = nested_group.add_maintainer(user3)
@@ -20,7 +20,7 @@ describe MembersFinder, '#execute' do
     expect(result.to_a).to match_array([member1, member2, member3])
   end
 
-  it 'includes nested group members if asked', :nested_groups do
+  it 'includes nested group members if asked' do
     project = create(:project, namespace: group)
     nested_group.request_access(user1)
     member1 = group.add_maintainer(user2)
@@ -32,7 +32,7 @@ describe MembersFinder, '#execute' do
     expect(result.to_a).to match_array([member1, member2, member3])
   end
 
-  context 'when include_invited_groups_members == true', :nested_groups do
+  context 'when include_invited_groups_members == true' do
     subject { described_class.new(project, user2).execute(include_invited_groups_members: true) }
 
     set(:linked_group) { create(:group, :public, :access_requestable) }
@@ -40,7 +40,7 @@ describe MembersFinder, '#execute' do
     set(:linked_group_member) { linked_group.add_developer(user1) }
     set(:nested_linked_group_member) { nested_linked_group.add_developer(user2) }
 
-    it 'includes all the invited_groups members including members inherited from ancestor groups', :nested_groups do
+    it 'includes all the invited_groups members including members inherited from ancestor groups' do
       create(:project_group_link, project: project, group: nested_linked_group)
 
       expect(subject).to contain_exactly(linked_group_member, nested_linked_group_member)
diff --git a/spec/finders/merge_requests_finder_spec.rb b/spec/finders/merge_requests_finder_spec.rb
index da5e9dab058..78224f0b9da 100644
--- a/spec/finders/merge_requests_finder_spec.rb
+++ b/spec/finders/merge_requests_finder_spec.rb
@@ -42,7 +42,7 @@ describe MergeRequestsFinder do
           expect(merge_requests).to contain_exactly(merge_request1, merge_request2)
         end
 
-        it 'filters by group including subgroups', :nested_groups do
+        it 'filters by group including subgroups' do
           params = { group_id: group.id, include_subgroups: true }
 
           merge_requests = described_class.new(user, params).execute
diff --git a/spec/finders/todos_finder_spec.rb b/spec/finders/todos_finder_spec.rb
index 22318a9946a..f7b35e76925 100644
--- a/spec/finders/todos_finder_spec.rb
+++ b/spec/finders/todos_finder_spec.rb
@@ -36,7 +36,7 @@ describe TodosFinder do
           expect(todos).to match_array([todo1])
         end
 
-        context 'with subgroups', :nested_groups do
+        context 'with subgroups' do
           let(:subgroup) { create(:group, parent: group) }
           let!(:todo3) { create(:todo, user: user, group: subgroup, target: issue) }
 
diff --git a/spec/graphql/resolvers/namespace_projects_resolver_spec.rb b/spec/graphql/resolvers/namespace_projects_resolver_spec.rb
index 20e197e9f73..47591445fc0 100644
--- a/spec/graphql/resolvers/namespace_projects_resolver_spec.rb
+++ b/spec/graphql/resolvers/namespace_projects_resolver_spec.rb
@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe Resolvers::NamespaceProjectsResolver, :nested_groups do
+describe Resolvers::NamespaceProjectsResolver do
   include GraphqlHelpers
 
   let(:current_user) { create(:user) }
diff --git a/spec/helpers/auto_devops_helper_spec.rb b/spec/helpers/auto_devops_helper_spec.rb
index d2540696b17..e80388f9ea7 100644
--- a/spec/helpers/auto_devops_helper_spec.rb
+++ b/spec/helpers/auto_devops_helper_spec.rb
@@ -118,7 +118,7 @@ describe AutoDevopsHelper do
           it { is_expected.to eq('instance enabled') }
         end
 
-        context 'with groups', :nested_groups do
+        context 'with groups' do
           before do
             receiver.update(parent: parent)
           end
@@ -170,7 +170,7 @@ describe AutoDevopsHelper do
           it { is_expected.to eq('instance enabled') }
         end
 
-        context 'with groups', :nested_groups do
+        context 'with groups' do
           let(:receiver) { create(:project, :repository, namespace: group) }
 
           before do
@@ -203,7 +203,7 @@ describe AutoDevopsHelper do
           it { is_expected.to be_nil }
         end
 
-        context 'with groups', :nested_groups do
+        context 'with groups' do
           let(:receiver) { create(:project, :repository, namespace: group) }
 
           context 'when auto devops is disabled on group level' do
diff --git a/spec/helpers/groups_helper_spec.rb b/spec/helpers/groups_helper_spec.rb
index 1763c46389a..037b16c90ed 100644
--- a/spec/helpers/groups_helper_spec.rb
+++ b/spec/helpers/groups_helper_spec.rb
@@ -86,7 +86,7 @@ describe GroupsHelper do
     end
   end
 
-  describe 'group_title', :nested_groups do
+  describe 'group_title' do
     let(:group) { create(:group) }
     let(:nested_group) { create(:group, parent: group) }
     let(:deep_nested_group) { create(:group, parent: nested_group) }
@@ -99,7 +99,7 @@ describe GroupsHelper do
   end
 
   # rubocop:disable Layout/SpaceBeforeComma
-  describe '#share_with_group_lock_help_text', :nested_groups do
+  describe '#share_with_group_lock_help_text' do
     let!(:root_group) { create(:group) }
     let!(:subgroup) { create(:group, parent: root_group) }
     let!(:sub_subgroup) { create(:group, parent: subgroup) }
@@ -230,7 +230,7 @@ describe GroupsHelper do
     end
   end
 
-  describe 'parent_group_options', :nested_groups do
+  describe 'parent_group_options' do
     let(:current_user) { create(:user) }
     let(:group) { create(:group, name: 'group') }
     let(:group2) { create(:group, name: 'group2') }
diff --git a/spec/helpers/namespaces_helper_spec.rb b/spec/helpers/namespaces_helper_spec.rb
index 601f864ef36..e38513f6d94 100644
--- a/spec/helpers/namespaces_helper_spec.rb
+++ b/spec/helpers/namespaces_helper_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe NamespacesHelper, :postgresql do
+describe NamespacesHelper do
   let!(:admin) { create(:admin) }
   let!(:admin_project_creation_level) { nil }
   let!(:admin_group) do
@@ -109,7 +109,7 @@ describe NamespacesHelper, :postgresql do
       expect(options).to include(user_group.name)
     end
 
-    context 'when nested groups are available', :nested_groups do
+    context 'when nested groups are available' do
       it 'includes groups nested in groups the user can administer' do
         allow(helper).to receive(:current_user).and_return(user)
         child_group = create(:group, :private, parent: user_group)
diff --git a/spec/lib/banzai/filter/milestone_reference_filter_spec.rb b/spec/lib/banzai/filter/milestone_reference_filter_spec.rb
index f0a5dc8d0d7..91edadfa234 100644
--- a/spec/lib/banzai/filter/milestone_reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/milestone_reference_filter_spec.rb
@@ -363,7 +363,7 @@ describe Banzai::Filter::MilestoneReferenceFilter do
       expect(doc.css('a')).to be_empty
     end
 
-    it 'supports parent group references', :nested_groups do
+    it 'supports parent group references' do
       milestone.update!(group: parent_group)
 
       doc = reference_filter("See #{reference}")
@@ -396,7 +396,7 @@ describe Banzai::Filter::MilestoneReferenceFilter do
     context 'when group milestone' do
       let(:group_milestone) { create(:milestone, title: 'group_milestone', group: group) }
 
-      context 'for subgroups', :nested_groups do
+      context 'for subgroups' do
         let(:sub_group) { create(:group, parent: group) }
         let(:sub_group_milestone) { create(:milestone, title: 'sub_group_milestone', group: sub_group) }
 
diff --git a/spec/lib/gitlab/background_migration/fix_cross_project_label_links_spec.rb b/spec/lib/gitlab/background_migration/fix_cross_project_label_links_spec.rb
index 20af63bc6c8..84ccd57a50b 100644
--- a/spec/lib/gitlab/background_migration/fix_cross_project_label_links_spec.rb
+++ b/spec/lib/gitlab/background_migration/fix_cross_project_label_links_spec.rb
@@ -75,7 +75,7 @@ describe Gitlab::BackgroundMigration::FixCrossProjectLabelLinks, :migration, sch
         create_resource(target_type, 1, 2)
       end
 
-      it 'ignores label links referencing ancestor group labels', :nested_groups do
+      it 'ignores label links referencing ancestor group labels' do
         labels_table.create(id: 4, title: 'bug', color: 'red', project_id: 2, type: 'ProjectLabel')
         label_links_table.create(label_id: 4, target_type: target_type, target_id: 1)
         link = label_links_table.create(label_id: 1, target_type: target_type, target_id: 1)
@@ -85,7 +85,7 @@ describe Gitlab::BackgroundMigration::FixCrossProjectLabelLinks, :migration, sch
         expect(link.reload.label_id).to eq(1)
       end
 
-      it 'checks also issues and MRs in subgroups', :nested_groups do
+      it 'checks also issues and MRs in subgroups' do
         link = label_links_table.create(label_id: 2, target_type: target_type, target_id: 1)
 
         subject.perform(1, 100)
diff --git a/spec/lib/gitlab/bare_repository_import/importer_spec.rb b/spec/lib/gitlab/bare_repository_import/importer_spec.rb
index f4759b69538..ebd3c28f130 100644
--- a/spec/lib/gitlab/bare_repository_import/importer_spec.rb
+++ b/spec/lib/gitlab/bare_repository_import/importer_spec.rb
@@ -103,7 +103,7 @@ describe Gitlab::BareRepositoryImport::Importer, :seed_helper do
     end
   end
 
-  context 'with subgroups', :nested_groups do
+  context 'with subgroups' do
     let(:project_path) { 'a-group/a-sub-group/a-project' }
 
     let(:existing_group) do
@@ -188,20 +188,6 @@ describe Gitlab::BareRepositoryImport::Importer, :seed_helper do
     end
   end
 
-  context 'when subgroups are not available' do
-    let(:project_path) { 'a-group/a-sub-group/a-project' }
-
-    before do
-      expect(Group).to receive(:supports_nested_objects?) { false }
-    end
-
-    describe '#create_project_if_needed' do
-      it 'raises an error' do
-        expect { importer.create_project_if_needed }.to raise_error('Nested groups are not supported on MySQL')
-      end
-    end
-  end
-
   def prepare_repository(project_path, source_project)
     repo_path = File.join(base_dir, project_path)
 
diff --git a/spec/lib/gitlab/database/count/reltuples_count_strategy_spec.rb b/spec/lib/gitlab/database/count/reltuples_count_strategy_spec.rb
index a528707c9dc..959f3fdc289 100644
--- a/spec/lib/gitlab/database/count/reltuples_count_strategy_spec.rb
+++ b/spec/lib/gitlab/database/count/reltuples_count_strategy_spec.rb
@@ -8,7 +8,7 @@ describe Gitlab::Database::Count::ReltuplesCountStrategy do
 
   subject { described_class.new(models).count }
 
-  describe '#count', :postgresql do
+  describe '#count' do
     let(:models) { [Project, Identity] }
 
     context 'when reltuples is up to date' do
diff --git a/spec/lib/gitlab/database/count/tablesample_count_strategy_spec.rb b/spec/lib/gitlab/database/count/tablesample_count_strategy_spec.rb
index a57f033b5ed..cc9d778e579 100644
--- a/spec/lib/gitlab/database/count/tablesample_count_strategy_spec.rb
+++ b/spec/lib/gitlab/database/count/tablesample_count_strategy_spec.rb
@@ -12,7 +12,7 @@ describe Gitlab::Database::Count::TablesampleCountStrategy do
 
   subject { strategy.count }
 
-  describe '#count', :postgresql do
+  describe '#count' do
     let(:estimates) do
       {
         Project => threshold + 1,
diff --git a/spec/lib/gitlab/database/grant_spec.rb b/spec/lib/gitlab/database/grant_spec.rb
index 5ebf3f399b6..9e62dc14d77 100644
--- a/spec/lib/gitlab/database/grant_spec.rb
+++ b/spec/lib/gitlab/database/grant_spec.rb
@@ -8,7 +8,7 @@ describe Gitlab::Database::Grant do
       expect(described_class.create_and_execute_trigger?('users')).to eq(true)
     end
 
-    it 'returns false when the user can not create and/or execute a trigger', :postgresql do
+    it 'returns false when the user can not create and/or execute a trigger' do
       # In case of MySQL the user may have SUPER permissions, making it
       # impossible to have `false` returned when running tests; hence we only
       # run these tests on PostgreSQL.
diff --git a/spec/lib/gitlab/group_search_results_spec.rb b/spec/lib/gitlab/group_search_results_spec.rb
index 2734fcef0a0..53a91a35ec9 100644
--- a/spec/lib/gitlab/group_search_results_spec.rb
+++ b/spec/lib/gitlab/group_search_results_spec.rb
@@ -20,7 +20,7 @@ describe Gitlab::GroupSearchResults do
       expect(result).to eq [user1]
     end
 
-    it 'returns the user belonging to the subgroup matching the search query', :nested_groups do
+    it 'returns the user belonging to the subgroup matching the search query' do
       user1 = create(:user, username: 'gob_bluth')
       subgroup = create(:group, parent: group)
       create(:group_member, :developer, user: user1, group: subgroup)
@@ -32,7 +32,7 @@ describe Gitlab::GroupSearchResults do
       expect(result).to eq [user1]
     end
 
-    it 'returns the user belonging to the parent group matching the search query', :nested_groups do
+    it 'returns the user belonging to the parent group matching the search query' do
       user1 = create(:user, username: 'gob_bluth')
       parent_group = create(:group, children: [group])
       create(:group_member, :developer, user: user1, group: parent_group)
@@ -44,7 +44,7 @@ describe Gitlab::GroupSearchResults do
       expect(result).to eq [user1]
     end
 
-    it 'does not return the user belonging to the private subgroup', :nested_groups do
+    it 'does not return the user belonging to the private subgroup' do
       user1 = create(:user, username: 'gob_bluth')
       subgroup = create(:group, :private, parent: group)
       create(:group_member, :developer, user: user1, group: subgroup)
diff --git a/spec/lib/gitlab/manifest_import/manifest_spec.rb b/spec/lib/gitlab/manifest_import/manifest_spec.rb
index ab305fb2316..ded93e23c08 100644
--- a/spec/lib/gitlab/manifest_import/manifest_spec.rb
+++ b/spec/lib/gitlab/manifest_import/manifest_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe Gitlab::ManifestImport::Manifest, :postgresql do
+describe Gitlab::ManifestImport::Manifest do
   let(:file) { File.open(Rails.root.join('spec/fixtures/aosp_manifest.xml')) }
   let(:manifest) { described_class.new(file) }
 
diff --git a/spec/lib/gitlab/manifest_import/project_creator_spec.rb b/spec/lib/gitlab/manifest_import/project_creator_spec.rb
index 1d01d437535..a7487972f51 100644
--- a/spec/lib/gitlab/manifest_import/project_creator_spec.rb
+++ b/spec/lib/gitlab/manifest_import/project_creator_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe Gitlab::ManifestImport::ProjectCreator, :postgresql do
+describe Gitlab::ManifestImport::ProjectCreator do
   let(:group) { create(:group) }
   let(:user) { create(:user) }
   let(:repository) do
diff --git a/spec/lib/gitlab/object_hierarchy_spec.rb b/spec/lib/gitlab/object_hierarchy_spec.rb
index e6e9ae3223e..bfd456cdd7e 100644
--- a/spec/lib/gitlab/object_hierarchy_spec.rb
+++ b/spec/lib/gitlab/object_hierarchy_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe Gitlab::ObjectHierarchy, :postgresql do
+describe Gitlab::ObjectHierarchy do
   let!(:parent) { create(:group) }
   let!(:child1) { create(:group, parent: parent) }
   let!(:child2) { create(:group, parent: child1) }
diff --git a/spec/lib/gitlab/performance_bar_spec.rb b/spec/lib/gitlab/performance_bar_spec.rb
index ee3c571c9c0..71c109db1f1 100644
--- a/spec/lib/gitlab/performance_bar_spec.rb
+++ b/spec/lib/gitlab/performance_bar_spec.rb
@@ -96,7 +96,7 @@ describe Gitlab::PerformanceBar do
       end
     end
 
-    context 'when allowed group is nested', :nested_groups do
+    context 'when allowed group is nested' do
       let!(:nested_my_group) { create(:group, parent: create(:group, path: 'my-org'), path: 'my-group') }
 
       before do
@@ -110,7 +110,7 @@ describe Gitlab::PerformanceBar do
       end
     end
 
-    context 'when a nested group has the same path', :nested_groups do
+    context 'when a nested group has the same path' do
       before do
         create(:group, :nested, path: 'my-group').add_developer(user)
       end
diff --git a/spec/lib/gitlab/project_authorizations_spec.rb b/spec/lib/gitlab/project_authorizations_spec.rb
index bd0bc2c9044..75e2d5e1319 100644
--- a/spec/lib/gitlab/project_authorizations_spec.rb
+++ b/spec/lib/gitlab/project_authorizations_spec.rb
@@ -20,13 +20,7 @@ describe Gitlab::ProjectAuthorizations do
   end
 
   let(:authorizations) do
-    klass = if Group.supports_nested_objects?
-              Gitlab::ProjectAuthorizations::WithNestedGroups
-            else
-              Gitlab::ProjectAuthorizations::WithoutNestedGroups
-            end
-
-    klass.new(user).calculate
+    described_class.new(user).calculate
   end
 
   it 'returns the correct number of authorizations' do
@@ -46,28 +40,26 @@ describe Gitlab::ProjectAuthorizations do
     expect(mapping[group_project.id]).to eq(Gitlab::Access::DEVELOPER)
   end
 
-  if Group.supports_nested_objects?
-    context 'with nested groups' do
-      let!(:nested_group) { create(:group, parent: group) }
-      let!(:nested_project) { create(:project, namespace: nested_group) }
+  context 'with nested groups' do
+    let!(:nested_group) { create(:group, parent: group) }
+    let!(:nested_project) { create(:project, namespace: nested_group) }
 
-      it 'includes nested groups' do
-        expect(authorizations.pluck(:project_id)).to include(nested_project.id)
-      end
+    it 'includes nested groups' do
+      expect(authorizations.pluck(:project_id)).to include(nested_project.id)
+    end
 
-      it 'inherits access levels when the user is not a member of a nested group' do
-        mapping = map_access_levels(authorizations)
+    it 'inherits access levels when the user is not a member of a nested group' do
+      mapping = map_access_levels(authorizations)
 
-        expect(mapping[nested_project.id]).to eq(Gitlab::Access::DEVELOPER)
-      end
+      expect(mapping[nested_project.id]).to eq(Gitlab::Access::DEVELOPER)
+    end
 
-      it 'uses the greatest access level when a user is a member of a nested group' do
-        nested_group.add_maintainer(user)
+    it 'uses the greatest access level when a user is a member of a nested group' do
+      nested_group.add_maintainer(user)
 
-        mapping = map_access_levels(authorizations)
+      mapping = map_access_levels(authorizations)
 
-        expect(mapping[nested_project.id]).to eq(Gitlab::Access::MAINTAINER)
-      end
+      expect(mapping[nested_project.id]).to eq(Gitlab::Access::MAINTAINER)
     end
   end
 end
diff --git a/spec/lib/gitlab/sql/cte_spec.rb b/spec/lib/gitlab/sql/cte_spec.rb
index d6763c7b2e1..5d2164491b5 100644
--- a/spec/lib/gitlab/sql/cte_spec.rb
+++ b/spec/lib/gitlab/sql/cte_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe Gitlab::SQL::CTE, :postgresql do
+describe Gitlab::SQL::CTE do
   describe '#to_arel' do
     it 'generates an Arel relation for the CTE body' do
       relation = User.where(id: 1)
diff --git a/spec/lib/gitlab/sql/recursive_cte_spec.rb b/spec/lib/gitlab/sql/recursive_cte_spec.rb
index 7fe39dd5a96..407a4d8a247 100644
--- a/spec/lib/gitlab/sql/recursive_cte_spec.rb
+++ b/spec/lib/gitlab/sql/recursive_cte_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe Gitlab::SQL::RecursiveCTE, :postgresql do
+describe Gitlab::SQL::RecursiveCTE do
   let(:cte) { described_class.new(:cte_name) }
 
   describe '#to_arel' do
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 24ea059e871..78b151631c1 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -146,7 +146,7 @@ describe Ci::Runner do
       expect(described_class.belonging_to_parent_group_of_project(project.id)).to contain_exactly(runner)
     end
 
-    context 'with a parent group with a runner', :nested_groups do
+    context 'with a parent group with a runner' do
       let(:runner) { create(:ci_runner, :group, groups: [parent_group]) }
       let(:project) { create(:project, group: group) }
       let(:group) { create(:group, parent: parent_group) }
diff --git a/spec/models/clusters/cluster_spec.rb b/spec/models/clusters/cluster_spec.rb
index 52661178d76..8f2f1b200e4 100644
--- a/spec/models/clusters/cluster_spec.rb
+++ b/spec/models/clusters/cluster_spec.rb
@@ -342,7 +342,7 @@ describe Clusters::Cluster, :use_clean_rails_memory_store_caching do
       end
     end
 
-    context 'when sub-group has configured kubernetes cluster', :nested_groups do
+    context 'when sub-group has configured kubernetes cluster' do
       let(:sub_group_cluster) { create(:cluster, :provided_by_gcp, :group) }
       let(:sub_group) { sub_group_cluster.group }
       let(:project) { create(:project, group: sub_group) }
diff --git a/spec/models/concerns/deployment_platform_spec.rb b/spec/models/concerns/deployment_platform_spec.rb
index c4f9f62ece5..27f535487c8 100644
--- a/spec/models/concerns/deployment_platform_spec.rb
+++ b/spec/models/concerns/deployment_platform_spec.rb
@@ -45,7 +45,7 @@ describe DeploymentPlatform do
         is_expected.to eq(group_cluster.platform_kubernetes)
       end
 
-      context 'when child group has configured kubernetes cluster', :nested_groups do
+      context 'when child group has configured kubernetes cluster' do
         let(:child_group1) { create(:group, parent: group) }
         let!(:child_group1_cluster) { create(:cluster_for_group, groups: [child_group1]) }
 
diff --git a/spec/models/concerns/group_descendant_spec.rb b/spec/models/concerns/group_descendant_spec.rb
index 194caac3fce..192e884f3e8 100644
--- a/spec/models/concerns/group_descendant_spec.rb
+++ b/spec/models/concerns/group_descendant_spec.rb
@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe GroupDescendant, :nested_groups do
+describe GroupDescendant do
   let(:parent) { create(:group) }
   let(:subgroup) { create(:group, parent: parent) }
   let(:subsub_group) { create(:group, parent: subgroup) }
@@ -84,7 +84,7 @@ describe GroupDescendant, :nested_groups do
       it 'tracks the exception when a parent was not preloaded' do
         expect(Gitlab::Sentry).to receive(:track_exception).and_call_original
 
-        expect { GroupDescendant.build_hierarchy([subsub_group]) }.to raise_error(ArgumentError)
+        expect { described_class.build_hierarchy([subsub_group]) }.to raise_error(ArgumentError)
       end
 
       it 'recovers if a parent was not reloaded by querying for the parent' do
@@ -93,7 +93,7 @@ describe GroupDescendant, :nested_groups do
         # this does not raise in production, so stubbing it here.
         allow(Gitlab::Sentry).to receive(:track_exception)
 
-        expect(GroupDescendant.build_hierarchy([subsub_group])).to eq(expected_hierarchy)
+        expect(described_class.build_hierarchy([subsub_group])).to eq(expected_hierarchy)
       end
 
       it 'raises an error if not all elements were preloaded' do
diff --git a/spec/models/concerns/issuable_spec.rb b/spec/models/concerns/issuable_spec.rb
index e19da41c3fe..39680c0e51a 100644
--- a/spec/models/concerns/issuable_spec.rb
+++ b/spec/models/concerns/issuable_spec.rb
@@ -128,7 +128,7 @@ describe Issuable do
       expect(build_issuable(milestone.id).milestone_available?).to be_truthy
     end
 
-    it 'returns true with a milestone from the the parent of the issue project group', :nested_groups do
+    it 'returns true with a milestone from the the parent of the issue project group' do
       parent = create(:group)
       group.update(parent: parent)
       milestone = create(:milestone, group: parent)
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 90e0900445e..7e9bbf5a407 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -71,7 +71,7 @@ describe Group do
       end
     end
 
-    describe '#notification_settings', :nested_groups do
+    describe '#notification_settings' do
       let(:user) { create(:user) }
       let(:group) { create(:group) }
       let(:sub_group) { create(:group, parent_id: group.id) }
@@ -237,7 +237,7 @@ describe Group do
         it { is_expected.to match_array([private_group, internal_group, group]) }
       end
 
-      context 'when user is a member of private subgroup', :postgresql do
+      context 'when user is a member of private subgroup' do
         let!(:private_subgroup) { create(:group, :private, parent: private_group) }
 
         before do
@@ -416,7 +416,7 @@ describe Group do
       it { expect(group.last_owner?(@members[:owner])).to be_falsy }
     end
 
-    context 'with owners from a parent', :postgresql do
+    context 'with owners from a parent' do
       before do
         parent_group = create(:group)
         create(:group_member, :owner, group: parent_group)
@@ -524,7 +524,7 @@ describe Group do
     it { expect(subject.parent).to be_kind_of(described_class) }
   end
 
-  describe '#members_with_parents', :nested_groups do
+  describe '#members_with_parents' do
     let!(:group) { create(:group, :nested) }
     let!(:maintainer) { group.parent.add_user(create(:user), GroupMember::MAINTAINER) }
     let!(:developer) { group.add_user(create(:user), GroupMember::DEVELOPER) }
@@ -535,7 +535,7 @@ describe Group do
     end
   end
 
-  describe '#direct_and_indirect_members', :nested_groups do
+  describe '#direct_and_indirect_members' do
     let!(:group) { create(:group, :nested) }
     let!(:sub_group) { create(:group, parent: group) }
     let!(:maintainer) { group.parent.add_user(create(:user), GroupMember::MAINTAINER) }
@@ -552,7 +552,7 @@ describe Group do
     end
   end
 
-  describe '#users_with_descendants', :nested_groups do
+  describe '#users_with_descendants' do
     let(:user_a) { create(:user) }
     let(:user_b) { create(:user) }
 
@@ -571,7 +571,7 @@ describe Group do
     end
   end
 
-  describe '#direct_and_indirect_users', :nested_groups do
+  describe '#direct_and_indirect_users' do
     let(:user_a) { create(:user) }
     let(:user_b) { create(:user) }
     let(:user_c) { create(:user) }
@@ -601,7 +601,7 @@ describe Group do
     end
   end
 
-  describe '#project_users_with_descendants', :nested_groups do
+  describe '#project_users_with_descendants' do
     let(:user_a) { create(:user) }
     let(:user_b) { create(:user) }
     let(:user_c) { create(:user) }
@@ -678,7 +678,7 @@ describe Group do
       end
     end
 
-    context 'sub groups and projects', :nested_groups do
+    context 'sub groups and projects' do
       it 'enables two_factor_requirement for group member' do
         group.add_user(user, GroupMember::OWNER)
 
@@ -687,7 +687,7 @@ describe Group do
         expect(user.reload.require_two_factor_authentication_from_group).to be_truthy
       end
 
-      context 'expanded group members', :nested_groups do
+      context 'expanded group members' do
         let(:indirect_user) { create(:user) }
 
         it 'enables two_factor_requirement for subgroup member' do
@@ -720,7 +720,7 @@ describe Group do
           expect(user.reload.require_two_factor_authentication_from_group).to be_falsey
         end
 
-        it 'does not enable two_factor_requirement for subgroup child project member', :nested_groups do
+        it 'does not enable two_factor_requirement for subgroup child project member' do
           subgroup = create(:group, :nested, parent: group)
           project = create(:project, group: subgroup)
           project.add_maintainer(user)
@@ -820,7 +820,7 @@ describe Group do
       it_behaves_like 'ref is protected'
     end
 
-    context 'when group has children', :postgresql do
+    context 'when group has children' do
       let(:group_child)      { create(:group, parent: group) }
       let(:group_child_2)    { create(:group, parent: group_child) }
       let(:group_child_3)    { create(:group, parent: group_child_2) }
@@ -843,7 +843,7 @@ describe Group do
     end
   end
 
-  describe '#highest_group_member', :nested_groups do
+  describe '#highest_group_member' do
     let(:nested_group) { create(:group, parent: group) }
     let(:nested_group_2) { create(:group, parent: nested_group) }
     let(:user) { create(:user) }
@@ -932,7 +932,7 @@ describe Group do
       it { is_expected.to eq(config) }
     end
 
-    context 'with parent groups', :nested_groups do
+    context 'with parent groups' do
       where(:instance_value, :parent_value, :group_value, :config) do
         # Instance level enabled
         true | nil   | nil    | { status: true, scope: :instance }
diff --git a/spec/models/members/group_member_spec.rb b/spec/models/members/group_member_spec.rb
index f227abd3dae..ebb0bfca369 100644
--- a/spec/models/members/group_member_spec.rb
+++ b/spec/models/members/group_member_spec.rb
@@ -69,7 +69,7 @@ describe GroupMember do
     end
   end
 
-  context 'access levels', :nested_groups do
+  context 'access levels' do
     context 'with parent group' do
       it_behaves_like 'inherited access level as a member of entity' do
         let(:entity) { create(:group, parent: parent_entity) }
diff --git a/spec/models/members/project_member_spec.rb b/spec/models/members/project_member_spec.rb
index 497764b6825..79c39b81196 100644
--- a/spec/models/members/project_member_spec.rb
+++ b/spec/models/members/project_member_spec.rb
@@ -130,7 +130,7 @@ describe ProjectMember do
       end
     end
 
-    context 'with parent group and a subgroup', :nested_groups do
+    context 'with parent group and a subgroup' do
       it_behaves_like 'inherited access level as a member of entity' do
         let(:subgroup) { create(:group, parent: parent_entity) }
         let(:entity) { create(:project, group: subgroup) }
diff --git a/spec/models/namespace/root_storage_statistics_spec.rb b/spec/models/namespace/root_storage_statistics_spec.rb
index 3229a32234e..5341278db7c 100644
--- a/spec/models/namespace/root_storage_statistics_spec.rb
+++ b/spec/models/namespace/root_storage_statistics_spec.rb
@@ -56,7 +56,7 @@ RSpec.describe Namespace::RootStorageStatistics, type: :model do
 
     it_behaves_like 'data refresh'
 
-    context 'with subgroups', :nested_groups do
+    context 'with subgroups' do
       let(:subgroup1) { create(:group, parent: namespace)}
       let(:subgroup2) { create(:group, parent: subgroup1)}
 
diff --git a/spec/models/namespace_spec.rb b/spec/models/namespace_spec.rb
index f908f3504e0..2b9c3c43af9 100644
--- a/spec/models/namespace_spec.rb
+++ b/spec/models/namespace_spec.rb
@@ -191,7 +191,7 @@ describe Namespace do
     end
   end
 
-  describe '#ancestors_upto', :nested_groups do
+  describe '#ancestors_upto' do
     let(:parent) { create(:group) }
     let(:child) { create(:group, parent: parent) }
     let(:child2) { create(:group, parent: child) }
@@ -271,7 +271,7 @@ describe Namespace do
         end
       end
 
-      context 'with subgroups', :nested_groups do
+      context 'with subgroups' do
         let(:parent) { create(:group, name: 'parent', path: 'parent') }
         let(:new_parent) { create(:group, name: 'new_parent', path: 'new_parent') }
         let(:child) { create(:group, name: 'child', path: 'child', parent: parent) }
@@ -475,7 +475,7 @@ describe Namespace do
     end
   end
 
-  describe '#self_and_hierarchy', :nested_groups do
+  describe '#self_and_hierarchy' do
     let!(:group) { create(:group, path: 'git_lab') }
     let!(:nested_group) { create(:group, parent: group) }
     let!(:deep_nested_group) { create(:group, parent: nested_group) }
@@ -490,7 +490,7 @@ describe Namespace do
     end
   end
 
-  describe '#ancestors', :nested_groups do
+  describe '#ancestors' do
     let(:group) { create(:group) }
     let(:nested_group) { create(:group, parent: group) }
     let(:deep_nested_group) { create(:group, parent: nested_group) }
@@ -504,7 +504,7 @@ describe Namespace do
     end
   end
 
-  describe '#self_and_ancestors', :nested_groups do
+  describe '#self_and_ancestors' do
     let(:group) { create(:group) }
     let(:nested_group) { create(:group, parent: group) }
     let(:deep_nested_group) { create(:group, parent: nested_group) }
@@ -518,7 +518,7 @@ describe Namespace do
     end
   end
 
-  describe '#descendants', :nested_groups do
+  describe '#descendants' do
     let!(:group) { create(:group, path: 'git_lab') }
     let!(:nested_group) { create(:group, parent: group) }
     let!(:deep_nested_group) { create(:group, parent: nested_group) }
@@ -534,7 +534,7 @@ describe Namespace do
     end
   end
 
-  describe '#self_and_descendants', :nested_groups do
+  describe '#self_and_descendants' do
     let!(:group) { create(:group, path: 'git_lab') }
     let!(:nested_group) { create(:group, parent: group) }
     let!(:deep_nested_group) { create(:group, parent: nested_group) }
@@ -550,7 +550,7 @@ describe Namespace do
     end
   end
 
-  describe '#users_with_descendants', :nested_groups do
+  describe '#users_with_descendants' do
     let(:user_a) { create(:user) }
     let(:user_b) { create(:user) }
 
@@ -597,7 +597,7 @@ describe Namespace do
     it { expect(group.all_pipelines.to_a).to match_array([pipeline1, pipeline2]) }
   end
 
-  describe '#share_with_group_lock with subgroups', :nested_groups do
+  describe '#share_with_group_lock with subgroups' do
     context 'when creating a subgroup' do
       let(:subgroup) { create(:group, parent: root_group )}
 
@@ -738,7 +738,7 @@ describe Namespace do
   end
 
   describe '#root_ancestor' do
-    it 'returns the top most ancestor', :nested_groups do
+    it 'returns the top most ancestor' do
       root_group = create(:group)
       nested_group = create(:group, parent: root_group)
       deep_nested_group = create(:group, parent: nested_group)
diff --git a/spec/models/notification_recipient_spec.rb b/spec/models/notification_recipient_spec.rb
index 20278d81f6d..4122736c148 100644
--- a/spec/models/notification_recipient_spec.rb
+++ b/spec/models/notification_recipient_spec.rb
@@ -49,7 +49,7 @@ describe NotificationRecipient do
   end
 
   context '#notification_setting' do
-    context 'for child groups', :nested_groups do
+    context 'for child groups' do
       let!(:moved_group) { create(:group) }
       let(:group) { create(:group) }
       let(:sub_group_1) { create(:group, parent: group) }
diff --git a/spec/models/postgresql/replication_slot_spec.rb b/spec/models/postgresql/replication_slot_spec.rb
index 95ae204a8a8..d435fccc09a 100644
--- a/spec/models/postgresql/replication_slot_spec.rb
+++ b/spec/models/postgresql/replication_slot_spec.rb
@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe Postgresql::ReplicationSlot, :postgresql do
+describe Postgresql::ReplicationSlot do
   describe '.in_use?' do
     it 'returns true when replication slots are present' do
       expect(described_class).to receive(:exists?).and_return(true)
diff --git a/spec/models/project_group_link_spec.rb b/spec/models/project_group_link_spec.rb
index dad5506900b..cd997224122 100644
--- a/spec/models/project_group_link_spec.rb
+++ b/spec/models/project_group_link_spec.rb
@@ -25,7 +25,7 @@ describe ProjectGroupLink do
       expect(project_group_link).not_to be_valid
     end
 
-    it "doesn't allow a project to be shared with an ancestor of the group it is in", :nested_groups do
+    it "doesn't allow a project to be shared with an ancestor of the group it is in" do
       project_group_link.group = parent_group
 
       expect(project_group_link).not_to be_valid
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 7d458324c20..15a7d943009 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -2292,7 +2292,7 @@ describe Project do
     end
   end
 
-  describe '#ancestors_upto', :nested_groups do
+  describe '#ancestors_upto' do
     let(:parent) { create(:group) }
     let(:child) { create(:group, parent: parent) }
     let(:child2) { create(:group, parent: child) }
@@ -2331,7 +2331,7 @@ describe Project do
       it { is_expected.to eq(group) }
     end
 
-    context 'in a nested group', :nested_groups do
+    context 'in a nested group' do
       let(:root) { create(:group) }
       let(:child) { create(:group, parent: root) }
       let(:project) { create(:project, group: child) }
@@ -2479,7 +2479,7 @@ describe Project do
         expect(forked_project.in_fork_network_of?(project)).to be_truthy
       end
 
-      it 'is true for a fork of a fork', :postgresql do
+      it 'is true for a fork of a fork' do
         other_fork = fork_project(forked_project)
 
         expect(other_fork.in_fork_network_of?(project)).to be_truthy
@@ -3801,7 +3801,7 @@ describe Project do
         end
       end
 
-      context 'when enabled on root parent', :nested_groups do
+      context 'when enabled on root parent' do
         let(:parent_group) { create(:group, parent: create(:group, :auto_devops_enabled)) }
 
         context 'when auto devops instance enabled' do
@@ -3821,7 +3821,7 @@ describe Project do
         end
       end
 
-      context 'when disabled on root parent', :nested_groups do
+      context 'when disabled on root parent' do
         let(:parent_group) { create(:group, parent: create(:group, :auto_devops_disabled)) }
 
         context 'when auto devops instance enabled' do
@@ -4264,18 +4264,16 @@ describe Project do
       expect(project.badges.count).to eq 3
     end
 
-    if Group.supports_nested_objects?
-      context 'with nested_groups' do
-        let(:parent_group) { create(:group) }
+    context 'with nested_groups' do
+      let(:parent_group) { create(:group) }
 
-        before do
-          create_list(:group_badge, 2, group: project_group)
-          project_group.update(parent: parent_group)
-        end
+      before do
+        create_list(:group_badge, 2, group: project_group)
+        project_group.update(parent: parent_group)
+      end
 
-        it 'returns the project and the project nested groups badges' do
-          expect(project.badges.count).to eq 5
-        end
+      it 'returns the project and the project nested groups badges' do
+        expect(project.badges.count).to eq 5
       end
     end
   end
diff --git a/spec/models/todo_spec.rb b/spec/models/todo_spec.rb
index b5bf294790a..9aeef7c3b4b 100644
--- a/spec/models/todo_spec.rb
+++ b/spec/models/todo_spec.rb
@@ -262,11 +262,7 @@ describe Todo do
       todo2 = create(:todo, group: child_group)
       todos = described_class.for_group_and_descendants(parent_group)
 
-      expect(todos).to include(todo1)
-
-      # Nested groups only work on PostgreSQL, so on MySQL todo2 won't be
-      # present.
-      expect(todos).to include(todo2) if Gitlab::Database.postgresql?
+      expect(todos).to contain_exactly(todo1, todo2)
     end
   end
 
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 2d20f8c78cc..35c335c5b5c 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -985,7 +985,7 @@ describe User do
     it { expect(user.namespaces).to contain_exactly(user.namespace, group) }
     it { expect(user.manageable_namespaces).to contain_exactly(user.namespace, group) }
 
-    context 'with child groups', :nested_groups do
+    context 'with child groups' do
       let!(:subgroup) { create(:group, parent: group) }
 
       describe '#manageable_namespaces' do
@@ -2082,11 +2082,7 @@ describe User do
 
     subject { user.membership_groups }
 
-    if Group.supports_nested_objects?
-      it { is_expected.to contain_exactly parent_group, child_group }
-    else
-      it { is_expected.to contain_exactly parent_group }
-    end
+    it { is_expected.to contain_exactly parent_group, child_group }
   end
 
   describe '#authorizations_for_projects' do
@@ -2386,7 +2382,7 @@ describe User do
       it_behaves_like :member
     end
 
-    context 'with subgroup with different owner for project runner', :nested_groups do
+    context 'with subgroup with different owner for project runner' do
       let(:group) { create(:group) }
       let(:another_user) { create(:user) }
       let(:subgroup) { create(:group, parent: group) }
@@ -2490,22 +2486,16 @@ describe User do
         group.add_owner(user)
       end
 
-      if Group.supports_nested_objects?
-        it 'returns all groups' do
-          is_expected.to match_array [
-            group,
-            nested_group_1, nested_group_1_1,
-            nested_group_2, nested_group_2_1
-          ]
-        end
-      else
-        it 'returns the top-level groups' do
-          is_expected.to match_array [group]
-        end
+      it 'returns all groups' do
+        is_expected.to match_array [
+          group,
+          nested_group_1, nested_group_1_1,
+          nested_group_2, nested_group_2_1
+        ]
       end
     end
 
-    context 'user is member of the first child (internal node), branch 1', :nested_groups do
+    context 'user is member of the first child (internal node), branch 1' do
       before do
         nested_group_1.add_owner(user)
       end
@@ -2518,7 +2508,7 @@ describe User do
       end
     end
 
-    context 'user is member of the first child (internal node), branch 2', :nested_groups do
+    context 'user is member of the first child (internal node), branch 2' do
       before do
         nested_group_2.add_owner(user)
       end
@@ -2531,7 +2521,7 @@ describe User do
       end
     end
 
-    context 'user is member of the last child (leaf node)', :nested_groups do
+    context 'user is member of the last child (leaf node)' do
       before do
         nested_group_1_1.add_owner(user)
       end
@@ -2687,7 +2677,7 @@ describe User do
       end
     end
 
-    context 'with 2FA requirement from expanded groups', :nested_groups do
+    context 'with 2FA requirement from expanded groups' do
       let!(:group1) { create :group, require_two_factor_authentication: true }
       let!(:group1a) { create :group, parent: group1 }
 
@@ -2702,7 +2692,7 @@ describe User do
       end
     end
 
-    context 'with 2FA requirement on nested child group', :nested_groups do
+    context 'with 2FA requirement on nested child group' do
       let!(:group1) { create :group, require_two_factor_authentication: false }
       let!(:group1a) { create :group, require_two_factor_authentication: true, parent: group1 }
 
diff --git a/spec/policies/group_member_policy_spec.rb b/spec/policies/group_member_policy_spec.rb
index 7bd7184cffe..a4f3301a064 100644
--- a/spec/policies/group_member_policy_spec.rb
+++ b/spec/policies/group_member_policy_spec.rb
@@ -58,7 +58,7 @@ describe GroupMemberPolicy do
     end
   end
 
-  context 'with the group parent', :postgresql do
+  context 'with the group parent' do
     let(:current_user) { create :user }
     let(:subgroup) { create(:group, :private, parent: group)}
 
diff --git a/spec/policies/group_policy_spec.rb b/spec/policies/group_policy_spec.rb
index dc3675a7b9e..be55d94daec 100644
--- a/spec/policies/group_policy_spec.rb
+++ b/spec/policies/group_policy_spec.rb
@@ -51,7 +51,7 @@ describe GroupPolicy do
 
     it { expect_allowed(:read_label, :read_list) }
 
-    context 'in subgroups', :nested_groups do
+    context 'in subgroups' do
       let(:subgroup) { create(:group, :private, parent: group) }
       let(:project) { create(:project, namespace: subgroup) }
 
@@ -104,8 +104,6 @@ describe GroupPolicy do
       end
 
       it 'allows every maintainer permission plus creating subgroups' do
-        allow(Group).to receive(:supports_nested_objects?).and_return(true)
-
         create_subgroup_permission = [:create_subgroup]
         updated_maintainer_permissions =
           maintainer_permissions + create_subgroup_permission
@@ -122,8 +120,6 @@ describe GroupPolicy do
 
     context 'with subgroup_creation_level set to owner' do
       it 'allows every maintainer permission' do
-        allow(Group).to receive(:supports_nested_objects?).and_return(true)
-
         expect_allowed(*guest_permissions)
         expect_allowed(*reporter_permissions)
         expect_allowed(*developer_permissions)
@@ -137,8 +133,6 @@ describe GroupPolicy do
     let(:current_user) { owner }
 
     it do
-      allow(Group).to receive(:supports_nested_objects?).and_return(true)
-
       expect_allowed(*guest_permissions)
       expect_allowed(*reporter_permissions)
       expect_allowed(*developer_permissions)
@@ -151,8 +145,6 @@ describe GroupPolicy do
     let(:current_user) { admin }
 
     it do
-      allow(Group).to receive(:supports_nested_objects?).and_return(true)
-
       expect_allowed(*guest_permissions)
       expect_allowed(*reporter_permissions)
       expect_allowed(*developer_permissions)
@@ -161,52 +153,7 @@ describe GroupPolicy do
     end
   end
 
-  describe 'when nested group support feature is disabled' do
-    before do
-      allow(Group).to receive(:supports_nested_objects?).and_return(false)
-    end
-
-    context 'admin' do
-      let(:current_user) { admin }
-
-      it 'allows every owner permission except creating subgroups' do
-        create_subgroup_permission = [:create_subgroup]
-        updated_owner_permissions =
-          owner_permissions - create_subgroup_permission
-
-        expect_disallowed(*create_subgroup_permission)
-        expect_allowed(*updated_owner_permissions)
-      end
-    end
-
-    context 'owner' do
-      let(:current_user) { owner }
-
-      it 'allows every owner permission except creating subgroups' do
-        create_subgroup_permission = [:create_subgroup]
-        updated_owner_permissions =
-          owner_permissions - create_subgroup_permission
-
-        expect_disallowed(*create_subgroup_permission)
-        expect_allowed(*updated_owner_permissions)
-      end
-    end
-
-    context 'maintainer' do
-      let(:current_user) { maintainer }
-
-      it 'allows every maintainer permission except creating subgroups' do
-        create_subgroup_permission = [:create_subgroup]
-        updated_maintainer_permissions =
-          maintainer_permissions - create_subgroup_permission
-
-        expect_disallowed(*create_subgroup_permission)
-        expect_allowed(*updated_maintainer_permissions)
-      end
-    end
-  end
-
-  describe 'private nested group use the highest access level from the group and inherited permissions', :nested_groups do
+  describe 'private nested group use the highest access level from the group and inherited permissions' do
     let(:nested_group) do
       create(:group, :private, :owner_subgroup_creation_only, parent: group)
     end
@@ -289,8 +236,6 @@ describe GroupPolicy do
       let(:current_user) { owner }
 
       it do
-        allow(Group).to receive(:supports_nested_objects?).and_return(true)
-
         expect_allowed(*guest_permissions)
         expect_allowed(*reporter_permissions)
         expect_allowed(*developer_permissions)
diff --git a/spec/presenters/clusters/cluster_presenter_spec.rb b/spec/presenters/clusters/cluster_presenter_spec.rb
index 7054a70e2ed..6b988e2645b 100644
--- a/spec/presenters/clusters/cluster_presenter_spec.rb
+++ b/spec/presenters/clusters/cluster_presenter_spec.rb
@@ -43,7 +43,7 @@ describe Clusters::ClusterPresenter do
       end
 
       shared_examples 'ancestor clusters' do
-        context 'ancestor clusters', :nested_groups do
+        context 'ancestor clusters' do
           let(:root_group) { create(:group, name: 'Root Group') }
           let(:parent) { create(:group, name: 'parent', parent: root_group) }
           let(:child) { create(:group, name: 'child', parent: parent) }
diff --git a/spec/requests/api/boards_spec.rb b/spec/requests/api/boards_spec.rb
index de79e8c4c5c..0b9c0c2ebe9 100644
--- a/spec/requests/api/boards_spec.rb
+++ b/spec/requests/api/boards_spec.rb
@@ -63,7 +63,7 @@ describe API::Boards do
     end
   end
 
-  describe "POST /groups/:id/boards/lists", :nested_groups do
+  describe "POST /groups/:id/boards/lists" do
     set(:group) { create(:group) }
     set(:board_parent) { create(:group, parent: group ) }
     let(:url) { "/groups/#{board_parent.id}/boards/#{board.id}/lists" }
diff --git a/spec/requests/api/graphql/namespace/projects_spec.rb b/spec/requests/api/graphql/namespace/projects_spec.rb
index 63fa16c79ca..815e9531ecf 100644
--- a/spec/requests/api/graphql/namespace/projects_spec.rb
+++ b/spec/requests/api/graphql/namespace/projects_spec.rb
@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe 'getting projects', :nested_groups do
+describe 'getting projects' do
   include GraphqlHelpers
 
   let(:group)             { create(:group) }
diff --git a/spec/requests/api/group_labels_spec.rb b/spec/requests/api/group_labels_spec.rb
index 3769f8b78e4..fcea57d9df7 100644
--- a/spec/requests/api/group_labels_spec.rb
+++ b/spec/requests/api/group_labels_spec.rb
@@ -94,7 +94,7 @@ describe API::GroupLabels do
       expect(response).to have_gitlab_http_status(400)
     end
 
-    it "does not delete parent's group labels", :nested_groups do
+    it "does not delete parent's group labels" do
       subgroup = create(:group, parent: group)
       subgroup_label = create(:group_label, title: 'feature', group: subgroup)
 
@@ -127,7 +127,7 @@ describe API::GroupLabels do
       expect(json_response['description']).to eq('test')
     end
 
-    it "does not update parent's group label", :nested_groups do
+    it "does not update parent's group label" do
       subgroup = create(:group, parent: group)
       subgroup_label = create(:group_label, title: 'feature', group: subgroup)
 
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index 52d926d5484..50f36141aed 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -530,7 +530,7 @@ describe API::Groups do
         expect(json_response.length).to eq(2)
       end
 
-      it "returns projects including those in subgroups", :nested_groups do
+      it "returns projects including those in subgroups" do
         subgroup = create(:group, parent: group1)
         create(:project, group: subgroup)
         create(:project, group: subgroup)
@@ -642,7 +642,7 @@ describe API::Groups do
     end
   end
 
-  describe 'GET /groups/:id/subgroups', :nested_groups do
+  describe 'GET /groups/:id/subgroups' do
     let!(:subgroup1) { create(:group, parent: group1) }
     let!(:subgroup2) { create(:group, :private, parent: group1) }
     let!(:subgroup3) { create(:group, :private, parent: group2) }
@@ -786,7 +786,7 @@ describe API::Groups do
         expect(response).to have_gitlab_http_status(403)
       end
 
-      context 'as owner', :nested_groups do
+      context 'as owner' do
         before do
           group2.add_owner(user1)
         end
@@ -798,7 +798,7 @@ describe API::Groups do
         end
       end
 
-      context 'as maintainer', :nested_groups do
+      context 'as maintainer' do
         before do
           group2.add_maintainer(user1)
         end
@@ -825,7 +825,7 @@ describe API::Groups do
         expect(json_response["visibility"]).to eq(Gitlab::VisibilityLevel.string_level(Gitlab::CurrentSettings.current_application_settings.default_group_visibility))
       end
 
-      it "creates a nested group", :nested_groups do
+      it "creates a nested group" do
         parent = create(:group)
         parent.add_owner(user3)
         group = attributes_for(:group, { parent_id: parent.id })
diff --git a/spec/requests/api/issues/get_group_issues_spec.rb b/spec/requests/api/issues/get_group_issues_spec.rb
index 9a41d790945..5916bb11516 100644
--- a/spec/requests/api/issues/get_group_issues_spec.rb
+++ b/spec/requests/api/issues/get_group_issues_spec.rb
@@ -82,7 +82,7 @@ describe API::Issues do
       end
     end
 
-    context 'when group has subgroups', :nested_groups do
+    context 'when group has subgroups' do
       let(:subgroup_1) { create(:group, parent: group) }
       let(:subgroup_2) { create(:group, parent: subgroup_1) }
 
diff --git a/spec/requests/api/members_spec.rb b/spec/requests/api/members_spec.rb
index 55f38079b1f..26f6e705528 100644
--- a/spec/requests/api/members_spec.rb
+++ b/spec/requests/api/members_spec.rb
@@ -99,7 +99,7 @@ describe API::Members do
     end
   end
 
-  describe 'GET /:source_type/:id/members/all', :nested_groups do
+  describe 'GET /:source_type/:id/members/all' do
     let(:nested_user) { create(:user) }
     let(:project_user) { create(:user) }
     let(:linked_group_user) { create(:user) }
@@ -238,7 +238,7 @@ describe API::Members do
       end
 
       context 'access levels' do
-        it 'does not create the member if group level is higher', :nested_groups do
+        it 'does not create the member if group level is higher' do
           parent = create(:group)
 
           group.update(parent: parent)
@@ -252,7 +252,7 @@ describe API::Members do
           expect(json_response['message']['access_level']).to eq(["should be greater than or equal to Developer inherited membership from group #{parent.name}"])
         end
 
-        it 'creates the member if group level is lower', :nested_groups do
+        it 'creates the member if group level is lower' do
           parent = create(:group)
 
           group.update(parent: parent)
diff --git a/spec/requests/api/merge_requests_spec.rb b/spec/requests/api/merge_requests_spec.rb
index ced853caab4..7a6f1cd548c 100644
--- a/spec/requests/api/merge_requests_spec.rb
+++ b/spec/requests/api/merge_requests_spec.rb
@@ -723,7 +723,7 @@ describe API::MergeRequests do
 
     it_behaves_like 'merge requests list'
 
-    context 'when have subgroups', :nested_groups do
+    context 'when have subgroups' do
       let!(:group) { create(:group, :public) }
       let!(:subgroup) { create(:group, parent: group) }
       let!(:project) { create(:project, :public, :repository, creator: user, namespace: subgroup, only_allow_merge_if_pipeline_succeeds: false) }
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index fee300e9d7a..5b3a2412aff 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -1357,7 +1357,7 @@ describe API::Projects do
           end
         end
 
-        context 'nested group project', :nested_groups do
+        context 'nested group project' do
           let(:group) { create(:group) }
           let(:nested_group) { create(:group, parent: group) }
           let(:project2) { create(:project, group: nested_group) }
diff --git a/spec/requests/openid_connect_spec.rb b/spec/requests/openid_connect_spec.rb
index 86e41cbdf00..025568d8bea 100644
--- a/spec/requests/openid_connect_spec.rb
+++ b/spec/requests/openid_connect_spec.rb
@@ -104,7 +104,7 @@ describe 'OpenID Connect requests' do
         expect(json_response).to match(id_token_claims.merge(user_info_claims))
 
         expected_groups = [group1.full_path, group3.full_path]
-        expected_groups << group4.full_path if Group.supports_nested_objects?
+        expected_groups << group4.full_path
         expect(json_response['groups']).to match_array(expected_groups)
       end
 
diff --git a/spec/serializers/group_child_entity_spec.rb b/spec/serializers/group_child_entity_spec.rb
index b58d95ccb43..00e2f931549 100644
--- a/spec/serializers/group_child_entity_spec.rb
+++ b/spec/serializers/group_child_entity_spec.rb
@@ -62,7 +62,7 @@ describe GroupChildEntity do
     it_behaves_like 'group child json'
   end
 
-  describe 'for a group', :nested_groups do
+  describe 'for a group' do
     let(:description) { 'Awesomeness' }
     let(:object) do
       create(:group, :nested, :with_avatar,
diff --git a/spec/serializers/group_child_serializer_spec.rb b/spec/serializers/group_child_serializer_spec.rb
index 5541ada3750..c9e8535585b 100644
--- a/spec/serializers/group_child_serializer_spec.rb
+++ b/spec/serializers/group_child_serializer_spec.rb
@@ -16,7 +16,7 @@ describe GroupChildSerializer do
       end
     end
 
-    context 'with a hierarchy', :nested_groups do
+    context 'with a hierarchy' do
       let(:parent) { create(:group) }
 
       subject(:serializer) do
@@ -75,7 +75,7 @@ describe GroupChildSerializer do
         expect(serializer.represent(build_list(:project, 2))).to be_kind_of(Array)
       end
 
-      context 'with a hierarchy', :nested_groups do
+      context 'with a hierarchy' do
         let(:parent) { create(:group) }
 
         subject(:serializer) do
diff --git a/spec/serializers/pipeline_serializer_spec.rb b/spec/serializers/pipeline_serializer_spec.rb
index 54e6abc2d3a..7f9827329b3 100644
--- a/spec/serializers/pipeline_serializer_spec.rb
+++ b/spec/serializers/pipeline_serializer_spec.rb
@@ -126,7 +126,7 @@ describe PipelineSerializer do
         expect(subject.all? { |entry| entry[:merge_request].present? }).to be_truthy
       end
 
-      it 'preloads related merge requests', :postgresql do
+      it 'preloads related merge requests' do
         recorded = ActiveRecord::QueryRecorder.new { subject }
 
         expect(recorded.log)
diff --git a/spec/services/boards/issues/list_service_spec.rb b/spec/services/boards/issues/list_service_spec.rb
index 40878e24cb4..931b67b2950 100644
--- a/spec/services/boards/issues/list_service_spec.rb
+++ b/spec/services/boards/issues/list_service_spec.rb
@@ -112,7 +112,7 @@ describe Boards::Issues::ListService do
         it_behaves_like 'issues list service'
       end
 
-      context 'and group is an ancestor', :nested_groups do
+      context 'and group is an ancestor' do
         let(:parent) { create(:group) }
         let(:group) { create(:group, parent: parent) }
         let!(:backlog) { create(:backlog_list, board: board) }
diff --git a/spec/services/groups/auto_devops_service_spec.rb b/spec/services/groups/auto_devops_service_spec.rb
index 7f8ab517cef..7591b2f6f12 100644
--- a/spec/services/groups/auto_devops_service_spec.rb
+++ b/spec/services/groups/auto_devops_service_spec.rb
@@ -47,7 +47,7 @@ describe Groups::AutoDevopsService, '#execute' do
         expect(subgroup_1.auto_devops_enabled?).to eq(false)
       end
 
-      context 'when subgroups have projects', :nested_groups do
+      context 'when subgroups have projects' do
         it 'reflects changes on projects' do
           subgroup_1 = create(:group, parent: group)
           project_1 = create(:project, namespace: subgroup_1)
diff --git a/spec/services/groups/create_service_spec.rb b/spec/services/groups/create_service_spec.rb
index a7c95428485..0f9f20de586 100644
--- a/spec/services/groups/create_service_spec.rb
+++ b/spec/services/groups/create_service_spec.rb
@@ -44,7 +44,7 @@ describe Groups::CreateService, '#execute' do
     end
   end
 
-  describe 'creating subgroup', :nested_groups do
+  describe 'creating subgroup' do
     let!(:group) { create(:group) }
     let!(:service) { described_class.new(user, group_params.merge(parent_id: group.id)) }
 
@@ -54,47 +54,31 @@ describe Groups::CreateService, '#execute' do
       end
 
       it { is_expected.to be_persisted }
+    end
 
-      context 'when nested groups feature is disabled' do
-        it 'does not save group and returns an error' do
-          allow(Group).to receive(:supports_nested_objects?).and_return(false)
+    context 'as guest' do
+      it 'does not save group and returns an error' do
+        is_expected.not_to be_persisted
 
-          is_expected.not_to be_persisted
-          expect(subject.errors[:parent_id]).to include('You don’t have permission to create a subgroup in this group.')
-          expect(subject.parent_id).to be_nil
-        end
+        expect(subject.errors[:parent_id].first).to eq('You don’t have permission to create a subgroup in this group.')
+        expect(subject.parent_id).to be_nil
       end
     end
 
-    context 'when nested groups feature is enabled' do
+    context 'as owner' do
       before do
-        allow(Group).to receive(:supports_nested_objects?).and_return(true)
-      end
-
-      context 'as guest' do
-        it 'does not save group and returns an error' do
-          is_expected.not_to be_persisted
-
-          expect(subject.errors[:parent_id].first).to eq('You don’t have permission to create a subgroup in this group.')
-          expect(subject.parent_id).to be_nil
-        end
+        group.add_owner(user)
       end
 
-      context 'as owner' do
-        before do
-          group.add_owner(user)
-        end
+      it { is_expected.to be_persisted }
+    end
 
-        it { is_expected.to be_persisted }
+    context 'as maintainer' do
+      before do
+        group.add_maintainer(user)
       end
 
-      context 'as maintainer' do
-        before do
-          group.add_maintainer(user)
-        end
-
-        it { is_expected.to be_persisted }
-      end
+      it { is_expected.to be_persisted }
     end
   end
 
diff --git a/spec/services/groups/nested_create_service_spec.rb b/spec/services/groups/nested_create_service_spec.rb
index 13acf9e055b..b30392c1b12 100644
--- a/spec/services/groups/nested_create_service_spec.rb
+++ b/spec/services/groups/nested_create_service_spec.rb
@@ -28,35 +28,7 @@ describe Groups::NestedCreateService do
     end
   end
 
-  describe 'without subgroups' do
-    let(:params) { { group_path: 'a-group' } }
-
-    before do
-      allow(Group).to receive(:supports_nested_objects?) { false }
-    end
-
-    it 'creates the group' do
-      group = service.execute
-
-      expect(group).to be_persisted
-    end
-
-    it 'returns the group if it already existed' do
-      existing_group = create(:group, path: 'a-group')
-
-      expect(service.execute).to eq(existing_group)
-    end
-
-    it 'raises an error when tring to create a subgroup' do
-      service = described_class.new(user, group_path: 'a-group/a-sub-group')
-
-      expect { service.execute }.to raise_error('Nested groups are not supported on MySQL')
-    end
-
-    it_behaves_like 'with a visibility level'
-  end
-
-  describe 'with subgroups', :nested_groups do
+  describe 'with subgroups' do
     let(:params) { { group_path: 'a-group/a-sub-group' } }
 
     describe "#execute" do
diff --git a/spec/services/groups/transfer_service_spec.rb b/spec/services/groups/transfer_service_spec.rb
index b5708ebba76..f3af8cf5f3b 100644
--- a/spec/services/groups/transfer_service_spec.rb
+++ b/spec/services/groups/transfer_service_spec.rb
@@ -2,28 +2,13 @@
 
 require 'rails_helper'
 
-describe Groups::TransferService, :postgresql do
+describe Groups::TransferService do
   let(:user) { create(:user) }
   let(:new_parent_group) { create(:group, :public) }
   let!(:group_member) { create(:group_member, :owner, group: group, user: user) }
   let(:transfer_service) { described_class.new(group, user) }
 
   shared_examples 'ensuring allowed transfer for a group' do
-    context 'with other database than PostgreSQL' do
-      before do
-        allow(Group).to receive(:supports_nested_objects?).and_return(false)
-      end
-
-      it 'returns false' do
-        expect(transfer_service.execute(new_parent_group)).to be_falsy
-      end
-
-      it 'adds an error on group' do
-        transfer_service.execute(new_parent_group)
-        expect(transfer_service.error).to eq('Transfer failed: Database is not supported.')
-      end
-    end
-
     context "when there's an exception on GitLab shell directories" do
       let(:new_parent_group) { create(:group, :public) }
 
diff --git a/spec/services/groups/update_service_spec.rb b/spec/services/groups/update_service_spec.rb
index d081c20f669..5d4576139f7 100644
--- a/spec/services/groups/update_service_spec.rb
+++ b/spec/services/groups/update_service_spec.rb
@@ -133,7 +133,7 @@ describe Groups::UpdateService do
     end
   end
 
-  context 'for a subgroup', :nested_groups do
+  context 'for a subgroup' do
     let(:subgroup) { create(:group, :private, parent: private_group) }
 
     context 'when the parent group share_with_group_lock is enabled' do
diff --git a/spec/services/issues/update_service_spec.rb b/spec/services/issues/update_service_spec.rb
index 68b79132096..3ae7c7b1c1d 100644
--- a/spec/services/issues/update_service_spec.rb
+++ b/spec/services/issues/update_service_spec.rb
@@ -116,7 +116,7 @@ describe Issues::UpdateService, :mailer do
         expect(issue.relative_position).to be_between(issue1.relative_position, issue2.relative_position)
       end
 
-      context 'when moving issue between issues from different projects', :nested_groups do
+      context 'when moving issue between issues from different projects' do
         let(:group) { create(:group) }
         let(:subgroup) { create(:group, parent: group) }
 
@@ -703,7 +703,7 @@ describe Issues::UpdateService, :mailer do
       end
     end
 
-    context 'when moving an issue ', :nested_groups do
+    context 'when moving an issue ' do
       it 'raises an error for invalid move ids within a project' do
         opts = { move_between_ids: [9000, 9999] }
 
diff --git a/spec/services/members/destroy_service_spec.rb b/spec/services/members/destroy_service_spec.rb
index 52f9a305d8f..7dce7f035d4 100644
--- a/spec/services/members/destroy_service_spec.rb
+++ b/spec/services/members/destroy_service_spec.rb
@@ -267,15 +267,15 @@ describe Members::DestroyService do
       expect(group.members.map(&:user)).not_to include(member_user)
     end
 
-    it 'removes the subgroup membership', :postgresql do
+    it 'removes the subgroup membership' do
       expect(subgroup.members.map(&:user)).not_to include(member_user)
     end
 
-    it 'removes the subsubgroup membership', :postgresql do
+    it 'removes the subsubgroup membership' do
       expect(subsubgroup.members.map(&:user)).not_to include(member_user)
     end
 
-    it 'removes the subsubproject membership', :postgresql do
+    it 'removes the subsubproject membership' do
       expect(subsubproject.members.map(&:user)).not_to include(member_user)
     end
 
diff --git a/spec/services/notification_service_spec.rb b/spec/services/notification_service_spec.rb
index c20de1fd079..1dcade1de0d 100644
--- a/spec/services/notification_service_spec.rb
+++ b/spec/services/notification_service_spec.rb
@@ -111,7 +111,7 @@ describe NotificationService, :mailer do
       should_email(participant)
     end
 
-    context 'for subgroups', :nested_groups do
+    context 'for subgroups' do
       before do
         build_group(project)
       end
@@ -337,7 +337,7 @@ describe NotificationService, :mailer do
 
         it_behaves_like 'new note notifications'
 
-        context 'which is a subgroup', :nested_groups do
+        context 'which is a subgroup' do
           let!(:parent) { create(:group) }
           let!(:group) { create(:group, parent: parent) }
 
@@ -388,7 +388,7 @@ describe NotificationService, :mailer do
         should_email(admin)
       end
 
-      context 'on project that belongs to subgroup', :nested_groups do
+      context 'on project that belongs to subgroup' do
         let(:group_reporter) { create(:user) }
         let(:group_guest) { create(:user) }
         let(:parent_group) { create(:group) }
@@ -458,7 +458,7 @@ describe NotificationService, :mailer do
           should_not_email_nested_group_user(@pg_disabled)
         end
 
-        it 'notifies parent group members with mention level', :nested_groups do
+        it 'notifies parent group members with mention level' do
           note = create(:note_on_issue, noteable: issue, project_id: issue.project_id, note: "@#{@pg_mention.username}")
 
           notification.new_note(note)
@@ -2410,52 +2410,40 @@ describe NotificationService, :mailer do
     group
   end
 
-  # Creates a nested group only if supported
-  # to avoid errors on MySQL
   def create_nested_group(visibility)
-    if Group.supports_nested_objects?
-      parent_group = create(:group, visibility)
-      child_group = create(:group, visibility, parent: parent_group)
+    parent_group = create(:group, visibility)
+    child_group = create(:group, visibility, parent: parent_group)
 
-      # Parent group member: global=disabled, parent_group=watch, child_group=global
-      @pg_watcher ||= create_user_with_notification(:watch, 'parent_group_watcher', parent_group)
-      @pg_watcher.notification_settings_for(nil).disabled!
+    # Parent group member: global=disabled, parent_group=watch, child_group=global
+    @pg_watcher ||= create_user_with_notification(:watch, 'parent_group_watcher', parent_group)
+    @pg_watcher.notification_settings_for(nil).disabled!
 
-      # Parent group member: global=global, parent_group=disabled, child_group=global
-      @pg_disabled ||= create_user_with_notification(:disabled, 'parent_group_disabled', parent_group)
-      @pg_disabled.notification_settings_for(nil).global!
+    # Parent group member: global=global, parent_group=disabled, child_group=global
+    @pg_disabled ||= create_user_with_notification(:disabled, 'parent_group_disabled', parent_group)
+    @pg_disabled.notification_settings_for(nil).global!
 
-      # Parent group member: global=global, parent_group=mention, child_group=global
-      @pg_mention ||= create_user_with_notification(:mention, 'parent_group_mention', parent_group)
-      @pg_mention.notification_settings_for(nil).global!
+    # Parent group member: global=global, parent_group=mention, child_group=global
+    @pg_mention ||= create_user_with_notification(:mention, 'parent_group_mention', parent_group)
+    @pg_mention.notification_settings_for(nil).global!
 
-      # Parent group member: global=global, parent_group=participating, child_group=global
-      @pg_participant ||= create_user_with_notification(:participating, 'parent_group_participant', parent_group)
-      @pg_mention.notification_settings_for(nil).global!
+    # Parent group member: global=global, parent_group=participating, child_group=global
+    @pg_participant ||= create_user_with_notification(:participating, 'parent_group_participant', parent_group)
+    @pg_mention.notification_settings_for(nil).global!
 
-      child_group
-    else
-      create(:group, visibility)
-    end
+    child_group
   end
 
   def add_member_for_parent_group(user, project)
-    return unless Group.supports_nested_objects?
-
     project.reload
 
     project.group.parent.add_maintainer(user)
   end
 
   def should_email_nested_group_user(user, times: 1, recipients: email_recipients)
-    return unless Group.supports_nested_objects?
-
     should_email(user, times: 1, recipients: email_recipients)
   end
 
   def should_not_email_nested_group_user(user, recipients: email_recipients)
-    return unless Group.supports_nested_objects?
-
     should_not_email(user, recipients: email_recipients)
   end
 
diff --git a/spec/services/projects/autocomplete_service_spec.rb b/spec/services/projects/autocomplete_service_spec.rb
index 2f70c8ea94d..b625653bc77 100644
--- a/spec/services/projects/autocomplete_service_spec.rb
+++ b/spec/services/projects/autocomplete_service_spec.rb
@@ -118,7 +118,7 @@ describe Projects::AutocompleteService do
       expect(milestone_titles).to eq([group_milestone2.title, group_milestone1.title])
     end
 
-    context 'with nested groups', :nested_groups do
+    context 'with nested groups' do
       let(:subgroup) { create(:group, :public, parent: group) }
       let!(:subgroup_milestone) { create(:milestone, group: subgroup) }
 
diff --git a/spec/services/todos/destroy/entity_leave_service_spec.rb b/spec/services/todos/destroy/entity_leave_service_spec.rb
index 2a553e18807..ce809bbf6c5 100644
--- a/spec/services/todos/destroy/entity_leave_service_spec.rb
+++ b/spec/services/todos/destroy/entity_leave_service_spec.rb
@@ -176,7 +176,7 @@ describe Todos::Destroy::EntityLeaveService do
           end
         end
 
-        context 'with nested groups', :nested_groups do
+        context 'with nested groups' do
           let(:subgroup) { create(:group, :private, parent: group) }
           let(:subgroup2) { create(:group, :private, parent: group) }
           let(:subproject) { create(:project, group: subgroup) }
diff --git a/spec/services/todos/destroy/group_private_service_spec.rb b/spec/services/todos/destroy/group_private_service_spec.rb
index a1798686d7c..7dd495847b3 100644
--- a/spec/services/todos/destroy/group_private_service_spec.rb
+++ b/spec/services/todos/destroy/group_private_service_spec.rb
@@ -35,7 +35,7 @@ describe Todos::Destroy::GroupPrivateService do
         expect(project_member.todos).to match_array([todo_project_member])
       end
 
-      context 'with nested groups', :nested_groups do
+      context 'with nested groups' do
         let(:parent_group) { create(:group) }
         let(:subgroup)     { create(:group, :private, parent: group) }
         let(:subproject)   { create(:project, group: subgroup) }
diff --git a/spec/services/users/refresh_authorized_projects_service_spec.rb b/spec/services/users/refresh_authorized_projects_service_spec.rb
index 0287a24808d..f5a914bb482 100644
--- a/spec/services/users/refresh_authorized_projects_service_spec.rb
+++ b/spec/services/users/refresh_authorized_projects_service_spec.rb
@@ -135,7 +135,7 @@ describe Users::RefreshAuthorizedProjectsService do
       end
     end
 
-    context 'projects of subgroups of groups the user is a member of', :nested_groups do
+    context 'projects of subgroups of groups the user is a member of' do
       let(:group) { create(:group) }
       let(:nested_group) { create(:group, parent: group) }
       let!(:other_project) { create(:project, group: nested_group) }
@@ -163,7 +163,7 @@ describe Users::RefreshAuthorizedProjectsService do
       end
     end
 
-    context 'projects shared with subgroups of groups the user is a member of', :nested_groups do
+    context 'projects shared with subgroups of groups the user is a member of' do
       let(:group) { create(:group) }
       let(:nested_group) { create(:group, parent: group) }
       let(:other_project) { create(:project) }
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index a44b5069ade..6ef5f46c81b 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -258,14 +258,6 @@ RSpec.configure do |config|
     Gitlab::CurrentSettings.clear_in_memory_application_settings!
   end
 
-  config.around(:each, :nested_groups) do |example|
-    example.run if Group.supports_nested_objects?
-  end
-
-  config.around(:each, :postgresql) do |example|
-    example.run if Gitlab::Database.postgresql?
-  end
-
   # This makes sure the `ApplicationController#can?` method is stubbed with the
   # original implementation for all view specs.
   config.before(:each, type: :view) do
diff --git a/spec/support/controllers/githubish_import_controller_shared_examples.rb b/spec/support/controllers/githubish_import_controller_shared_examples.rb
index 5bb1269a19d..5fd303e7336 100644
--- a/spec/support/controllers/githubish_import_controller_shared_examples.rb
+++ b/spec/support/controllers/githubish_import_controller_shared_examples.rb
@@ -321,7 +321,7 @@ shared_examples 'a GitHub-ish import controller: POST create' do
       end
     end
 
-    context 'user has chosen an existing nested namespace and name for the project', :postgresql do
+    context 'user has chosen an existing nested namespace and name for the project' do
       let(:parent_namespace) { create(:group, name: 'foo') }
       let(:nested_namespace) { create(:group, name: 'bar', parent: parent_namespace) }
       let(:test_name) { 'test_name' }
@@ -340,7 +340,7 @@ shared_examples 'a GitHub-ish import controller: POST create' do
       end
     end
 
-    context 'user has chosen a non-existent nested namespaces and name for the project', :postgresql do
+    context 'user has chosen a non-existent nested namespaces and name for the project' do
       let(:test_name) { 'test_name' }
 
       it 'takes the selected namespace and name' do
@@ -371,7 +371,7 @@ shared_examples 'a GitHub-ish import controller: POST create' do
       end
     end
 
-    context 'user has chosen existent and non-existent nested namespaces and name for the project', :postgresql do
+    context 'user has chosen existent and non-existent nested namespaces and name for the project' do
       let(:test_name) { 'test_name' }
       let!(:parent_namespace) { create(:group, name: 'foo') }
 
diff --git a/spec/support/shared_contexts/policies/group_policy_shared_context.rb b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
index 74389c4d82b..c11725c63d2 100644
--- a/spec/support/shared_contexts/policies/group_policy_shared_context.rb
+++ b/spec/support/shared_contexts/policies/group_policy_shared_context.rb
@@ -31,7 +31,7 @@ RSpec.shared_context 'GroupPolicy context' do
       :admin_group_member,
       :change_visibility_level,
       :set_note_created_at,
-      (Gitlab::Database.postgresql? ? :create_subgroup : nil)
+      :create_subgroup
     ].compact
   end
 
diff --git a/spec/views/groups/edit.html.haml_spec.rb b/spec/views/groups/edit.html.haml_spec.rb
index 29e15960fb8..47804411b9d 100644
--- a/spec/views/groups/edit.html.haml_spec.rb
+++ b/spec/views/groups/edit.html.haml_spec.rb
@@ -35,7 +35,7 @@ describe 'groups/edit.html.haml' do
       it_behaves_like '"Share with group lock" setting', { disabled: false, checked: false }
     end
 
-    context 'for a subgroup', :nested_groups do
+    context 'for a subgroup' do
       let!(:subgroup) { create(:group, parent: root_group) }
       let(:sub_owner) { create(:user) }
       let(:test_group) { subgroup }
diff --git a/spec/views/layouts/header/_new_dropdown.haml_spec.rb b/spec/views/layouts/header/_new_dropdown.haml_spec.rb
index 2e19d0cec26..26e429ac5d0 100644
--- a/spec/views/layouts/header/_new_dropdown.haml_spec.rb
+++ b/spec/views/layouts/header/_new_dropdown.haml_spec.rb
@@ -28,7 +28,7 @@ describe 'layouts/header/_new_dropdown' do
         )
       end
 
-      it 'has a "New subgroup" link', :nested_groups do
+      it 'has a "New subgroup" link' do
         render
 
         expect(rendered).to have_link(
-- 
cgit v1.2.1


From 1ec7dae9adddbd73f6d2d3eb87b8c4473038d50a Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Mon, 15 Jul 2019 14:12:38 +0100
Subject: Add development documentation on label filtering

This topic comes up periodically, and we've investigated several options
for changing the way we filter labels. Unfortunately, we have yet to
find an option that is strictly better than the current state.
---
 doc/development/README.md             |   4 +
 doc/development/filtering_by_label.md | 166 ++++++++++++++++++++++++++++++++++
 2 files changed, 170 insertions(+)
 create mode 100644 doc/development/filtering_by_label.md

diff --git a/doc/development/README.md b/doc/development/README.md
index a74770ae383..45efa744a6b 100644
--- a/doc/development/README.md
+++ b/doc/development/README.md
@@ -111,6 +111,10 @@ description: 'Learn how to contribute to GitLab.'
 - [Database helper modules](database_helpers.md)
 - [Code comments](code_comments.md)
 
+## Case studies
+
+- [Database case study: Filtering by label](filtering_by_label.md)
+
 ## Integration guides
 
 - [Jira Connect app](integrations/jira_connect.md)
diff --git a/doc/development/filtering_by_label.md b/doc/development/filtering_by_label.md
new file mode 100644
index 00000000000..6e6b71b1787
--- /dev/null
+++ b/doc/development/filtering_by_label.md
@@ -0,0 +1,166 @@
+# Filtering by label
+
+## Introduction
+
+GitLab has [labels](../user/project/labels.md) that can be assigned to issues,
+merge requests, and epics. Labels on those objects are a many-to-many relation
+through the polymorphic `label_links` table.
+
+To filter these objects by multiple labels - for instance, 'all open
+issues with the label ~Plan and the label ~backend' - we generate a
+query containing a `GROUP BY` clause. In a simple form, this looks like:
+
+```sql
+SELECT
+    issues.*
+FROM
+    issues
+    INNER JOIN label_links ON label_links.target_id = issues.id
+        AND label_links.target_type = 'Issue'
+    INNER JOIN labels ON labels.id = label_links.label_id
+WHERE
+    issues.project_id = 13083
+    AND (issues.state IN ('opened'))
+    AND labels.title IN ('Plan',
+        'backend')
+GROUP BY
+    issues.id
+HAVING (COUNT(DISTINCT labels.title) = 2)
+ORDER BY
+    issues.updated_at DESC,
+    issues.id DESC
+LIMIT 20 OFFSET 0
+```
+
+In particular, note that:
+
+1. We `GROUP BY issues.id` so that we can ...
+2. Use the `HAVING (COUNT(DISTINCT labels.title) = 2)` condition to ensure that
+   all matched issues have both labels.
+
+This is more complicated than is ideal. It makes the query construction more
+prone to errors (such as
+[gitlab-org/gitlab-ce#15557](https://gitlab.com/gitlab-org/gitlab-ce/issues/15557)).
+
+## Attempt A: WHERE EXISTS
+
+### Attempt A1: use multiple subqueries with WHERE EXISTS
+
+In
+[gitlab-org/gitlab-ce#37137](https://gitlab.com/gitlab-org/gitlab-ce/issues/37137)
+and its associated merge request
+[gitlab-org/gitlab-ce!14022](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/14022),
+we tried to replace the `GROUP BY` with multiple uses of `WHERE EXISTS`. For the
+example above, this would give:
+
+```sql
+WHERE (EXISTS (
+        SELECT
+            TRUE
+        FROM
+            label_links
+            INNER JOIN labels ON labels.id = label_links.label_id
+        WHERE
+            labels.title = 'Plan'
+            AND target_type = 'Issue'
+            AND target_id = issues.id))
+AND (EXISTS (
+        SELECT
+            TRUE
+        FROM
+            label_links
+            INNER JOIN labels ON labels.id = label_links.label_id
+        WHERE
+            labels.title = 'backend'
+            AND target_type = 'Issue'
+            AND target_id = issues.id))
+```
+
+While this worked without schema changes, and did improve readability somewhat,
+it did not improve query performance.
+
+## Attempt B: Denormalize using an array column
+
+Having [removed MySQL support in GitLab
+12.1](https://about.gitlab.com/2019/06/27/removing-mysql-support/), using
+[Postgres's arrays](https://www.postgresql.org/docs/9.6/arrays.html) became more
+tractable as we didn't have to support two databases. We discussed denormalizing
+the `label_links` table for querying in
+[gitlab-org/gitlab-ce#49651](https://gitlab.com/gitlab-org/gitlab-ce/issues/49651),
+with two options: label IDs and titles.
+
+We can think of both of those as array columns on `issues`, `merge_requests`,
+and `epics`: `issues.label_ids` would be an array column of label IDs, and
+`issues.label_titles` would be an array of label titles.
+
+These array columns can be complemented with [GIN
+indexes](https://www.postgresql.org/docs/9.6/gin-intro.html) to improve
+matching.
+
+### Attempt B1: store label IDs for each object
+
+This has some strong advantages over titles:
+
+1. Unless a label is deleted, or a project is moved, we never need to
+   bulk-update the denormalized column.
+2. It uses less storage than the titles.
+
+Unfortunately, our application design makes this hard. If we were able to query
+just by label ID easily, we wouldn't need the `INNER JOIN labels` in the initial
+query at the start of this document. GitLab allows users to filter by label
+title across projects and even across groups, so a filter by the label ~Plan may
+include labels with multiple distinct IDs.
+
+We do not want users to have to know about the different IDs, which means that
+given this data set:
+
+| Project | ~Plan label ID | ~backend label ID |
+| ---     | ---            | ---               |
+| A       | 11             | 12                |
+| B       | 21             | 22                |
+| C       | 31             | 32                |
+
+We would need something like:
+
+```sql
+WHERE
+    label_ids @> ARRAY[11, 12]
+    OR label_ids @> ARRAY[21, 22]
+    OR label_ids @> ARRAY[31, 32]
+```
+
+This can get even more complicated when we consider that in some cases, there
+might be two ~backend labels - with different IDs - that could apply to the same
+object, so the number of combinations would balloon further.
+
+### Attempt B2: store label titles for each object
+
+From the perspective of updating the labelable object, this is the worst
+option. We have to bulk update the objects when:
+
+1. The objects are moved from one project to another.
+1. The project is moved from one group to another.
+1. The label is renamed.
+1. The label is deleted.
+
+It also uses much more storage. Querying is simple, though:
+
+```sql
+WHERE
+    label_titles @> ARRAY['Plan', 'backend']
+```
+
+And our [tests in
+gitlab-org/gitlab-ce#49651](https://gitlab.com/gitlab-org/gitlab-ce/issues/49651#note_188777346)
+showed that this could be fast.
+
+However, at present, the disadvantages outweigh the advantages.
+
+## Conclusion
+
+We have yet to find a method that is demonstratably better than the current
+method, when considering:
+
+1. Query performance.
+1. Readability.
+1. Ease of maintaining schema consistency.
-- 
cgit v1.2.1


From ad041afe00562a8c7063c9d2fe8dc7abc222932b Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Thu, 25 Jul 2019 08:14:59 +0000
Subject: Correct manual sort introduction release

---
 doc/user/project/issues/sorting_issue_lists.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/project/issues/sorting_issue_lists.md b/doc/user/project/issues/sorting_issue_lists.md
index ba120783430..0fe86e6f410 100644
--- a/doc/user/project/issues/sorting_issue_lists.md
+++ b/doc/user/project/issues/sorting_issue_lists.md
@@ -9,7 +9,7 @@ similar to [issue boards](../issue_board.md#issue-ordering-in-a-list).
 
 ## Manual sorting
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/62178) in GitLab 12.1.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/62178) in GitLab 12.2.
 
 When you select **Manual** sorting, you can change
 the order by dragging and dropping the issues. The changed order will persist. Everyone who visits the same list will see the reordered list, with some exceptions.
-- 
cgit v1.2.1


From 85104fc81f7663fb77114cc6bf99ca095adf7701 Mon Sep 17 00:00:00 2001
From: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Date: Thu, 25 Jul 2019 08:22:38 +0000
Subject: Update CHANGELOG.md for 12.1.2

[ci skip]
---
 CHANGELOG.md | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3ed244b7ed2..0610228127d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,21 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 12.1.2
+
+### Security (9 changes)
+
+- Restrict slash commands to users who can log in.
+- Patch XSS issue in wiki links.
+- Queries for Upload should be scoped by model.
+- Filter merge request params on the new merge request page.
+- Fix Server Side Request Forgery mitigation bypass.
+- Show badges if pipelines are public otherwise default to project permissions.
+- Do not allow localhost url redirection in GitHub Integration.
+- Do not show moved issue id for users that cannot read issue.
+- Drop feature to take ownership of trigger token.
+
+
 ## 12.1.1
 
 - No changes.
-- 
cgit v1.2.1


From d19717cba65ef3ae6f76ec25140ab5c255b27d42 Mon Sep 17 00:00:00 2001
From: Heinrich Lee Yu <heinrich@gitlab.com>
Date: Thu, 25 Jul 2019 17:29:51 +0800
Subject: Backport Jira issue key regex

---
 app/models/project_services/jira_service.rb | 2 +-
 lib/gitlab/regex.rb                         | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/app/models/project_services/jira_service.rb b/app/models/project_services/jira_service.rb
index 7ab79242cc3..d08fcd8954d 100644
--- a/app/models/project_services/jira_service.rb
+++ b/app/models/project_services/jira_service.rb
@@ -31,7 +31,7 @@ class JiraService < IssueTrackerService
 
   # {PROJECT-KEY}-{NUMBER} Examples: JIRA-1, PROJECT-1
   def self.reference_pattern(only_long: true)
-    @reference_pattern ||= /(?<issue>\b([A-Z][A-Z0-9_]+-)\d+)/
+    @reference_pattern ||= /(?<issue>\b#{Gitlab::Regex.jira_issue_key_regex})/
   end
 
   def initialize_properties
diff --git a/lib/gitlab/regex.rb b/lib/gitlab/regex.rb
index e43147a3f37..21614ea003e 100644
--- a/lib/gitlab/regex.rb
+++ b/lib/gitlab/regex.rb
@@ -94,6 +94,12 @@ module Gitlab
       }mx
     end
 
+    # Based on Jira's project key format
+    # https://confluence.atlassian.com/adminjiraserver073/changing-the-project-key-format-861253229.html
+    def jira_issue_key_regex
+      @jira_issue_key_regex ||= /[A-Z][A-Z_0-9]+-\d+/
+    end
+
     def jira_transition_id_regex
       @jira_transition_id_regex ||= /\d+/
     end
-- 
cgit v1.2.1


From 595a092a083a9a16cad12dc663cad1a674551a51 Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Thu, 25 Jul 2019 20:20:27 +1200
Subject: Fix frozen string error

---
 spec/features/projects/commits/user_browses_commits_spec.rb | 2 +-
 spec/support/helpers/api_helpers.rb                         | 9 +++++----
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/spec/features/projects/commits/user_browses_commits_spec.rb b/spec/features/projects/commits/user_browses_commits_spec.rb
index fc74a370e72..818939c1b96 100644
--- a/spec/features/projects/commits/user_browses_commits_spec.rb
+++ b/spec/features/projects/commits/user_browses_commits_spec.rb
@@ -13,7 +13,7 @@ describe 'User browses commits' do
   it 'renders commit' do
     visit project_commit_path(project, sample_commit.id)
 
-    expect(page).to have_content(sample_commit.message.gsub!(/\s+/, ' '))
+    expect(page).to have_content(sample_commit.message.gsub(/\s+/, ' '))
       .and have_content("Showing #{sample_commit.files_changed_count} changed files")
       .and have_content('Side-by-side')
   end
diff --git a/spec/support/helpers/api_helpers.rb b/spec/support/helpers/api_helpers.rb
index e0e875186f0..aff0f87b6e4 100644
--- a/spec/support/helpers/api_helpers.rb
+++ b/spec/support/helpers/api_helpers.rb
@@ -32,11 +32,12 @@ module ApiHelpers
     end
 
     if query_string
-      full_path << (path.index('?') ? '&' : '?')
-      full_path << query_string
-    end
+      separator = path.index('?') ? '&' : '?'
 
-    full_path
+      full_path + separator + query_string
+    else
+      full_path
+    end
   end
 
   def expect_paginated_array_response(items)
-- 
cgit v1.2.1


From ad7acfaad0e806cac48889451631061775a6dfa2 Mon Sep 17 00:00:00 2001
From: Shinya Maeda <shinya@gitlab.com>
Date: Mon, 22 Jul 2019 15:50:50 +0700
Subject: Logging sidekiq worker class name in SidekiqMemoryKiller

Currently, SidekiqMemoryKiller does not feed worker class name in the
json structured logging. This commit extends the json parameter.
---
 lib/gitlab/sidekiq_middleware/memory_killer.rb     | 23 +++++++++++++++-------
 .../sidekiq_middleware/memory_killer_spec.rb       |  3 +++
 2 files changed, 19 insertions(+), 7 deletions(-)

diff --git a/lib/gitlab/sidekiq_middleware/memory_killer.rb b/lib/gitlab/sidekiq_middleware/memory_killer.rb
index 671d795ec33..4b10f921ed8 100644
--- a/lib/gitlab/sidekiq_middleware/memory_killer.rb
+++ b/lib/gitlab/sidekiq_middleware/memory_killer.rb
@@ -14,9 +14,12 @@ module Gitlab
       # shut Sidekiq down
       MUTEX = Mutex.new
 
+      attr_reader :worker
+
       def call(worker, job, queue)
         yield
 
+        @worker = worker
         current_rss = get_rss
 
         return unless MAX_RSS > 0 && current_rss > MAX_RSS
@@ -25,9 +28,11 @@ module Gitlab
           # Return if another thread is already waiting to shut Sidekiq down
           next unless MUTEX.try_lock
 
-          Sidekiq.logger.warn "Sidekiq worker PID-#{pid} current RSS #{current_rss}"\
-            " exceeds maximum RSS #{MAX_RSS} after finishing job #{worker.class} JID-#{job['jid']}"
-          Sidekiq.logger.warn "Sidekiq worker PID-#{pid} will stop fetching new jobs in #{GRACE_TIME} seconds, and will be shut down #{SHUTDOWN_WAIT} seconds later"
+          warn("Sidekiq worker PID-#{pid} current RSS #{current_rss}"\
+               " exceeds maximum RSS #{MAX_RSS} after finishing job #{worker.class} JID-#{job['jid']}")
+
+          warn("Sidekiq worker PID-#{pid} will stop fetching new jobs"\
+               " in #{GRACE_TIME} seconds, and will be shut down #{SHUTDOWN_WAIT} seconds later")
 
           # Wait `GRACE_TIME` to give the memory intensive job time to finish.
           # Then, tell Sidekiq to stop fetching new jobs.
@@ -59,24 +64,28 @@ module Gitlab
       def wait_and_signal_pgroup(time, signal, explanation)
         return wait_and_signal(time, signal, explanation) unless Process.getpgrp == pid
 
-        Sidekiq.logger.warn "waiting #{time} seconds before sending Sidekiq worker PGRP-#{pid} #{signal} (#{explanation})"
+        warn("waiting #{time} seconds before sending Sidekiq worker PGRP-#{pid} #{signal} (#{explanation})", signal: signal)
         sleep(time)
 
-        Sidekiq.logger.warn "sending Sidekiq worker PGRP-#{pid} #{signal} (#{explanation})"
+        warn("sending Sidekiq worker PGRP-#{pid} #{signal} (#{explanation})", signal: signal)
         Process.kill(signal, 0)
       end
 
       def wait_and_signal(time, signal, explanation)
-        Sidekiq.logger.warn "waiting #{time} seconds before sending Sidekiq worker PID-#{pid} #{signal} (#{explanation})"
+        warn("waiting #{time} seconds before sending Sidekiq worker PID-#{pid} #{signal} (#{explanation})", signal: signal)
         sleep(time)
 
-        Sidekiq.logger.warn "sending Sidekiq worker PID-#{pid} #{signal} (#{explanation})"
+        warn("sending Sidekiq worker PID-#{pid} #{signal} (#{explanation})", signal: signal)
         Process.kill(signal, pid)
       end
 
       def pid
         Process.pid
       end
+
+      def warn(message, signal: nil)
+        Sidekiq.logger.warn(class: worker.class, pid: pid, signal: signal, message: message)
+      end
     end
   end
 end
diff --git a/spec/lib/gitlab/sidekiq_middleware/memory_killer_spec.rb b/spec/lib/gitlab/sidekiq_middleware/memory_killer_spec.rb
index 1a5a38b5d99..b451844f06c 100644
--- a/spec/lib/gitlab/sidekiq_middleware/memory_killer_spec.rb
+++ b/spec/lib/gitlab/sidekiq_middleware/memory_killer_spec.rb
@@ -45,6 +45,9 @@ describe Gitlab::SidekiqMiddleware::MemoryKiller do
       expect(subject).to receive(:sleep).with(10).ordered
       expect(Process).to receive(:kill).with('SIGKILL', pid).ordered
 
+      expect(Sidekiq.logger)
+        .to receive(:warn).with(class: 'TestWorker', message: anything, pid: pid, signal: anything).at_least(:once)
+
       run
     end
 
-- 
cgit v1.2.1


From a40116065e2a761f6fa8dc7d569cb3e39025f6d3 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Wed, 24 Jul 2019 21:44:07 -0700
Subject: Support Docker OCI images

Docker Distribution v2.7.0 shipped with OCI support, but our container
registry client was not updated to handle the manifest format in the
HTTP `Accept` header.  As a result, API calls to retrieve a manifest
would return with an error, "OCI manifest found, but accept header does
not support OCI manifests". This would result in blank fields in the
container registry page and prevent tags from being deleted.

To fix this, we just need to add
`application/vnd.oci.image.manifest.v1+json` to the `Accept` header and
configure Faraday to parse the response as JSON. The response structure
is the same as the standard Docker Distribution V2 manifest.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/58685

Closes https://gitlab.com/gitlab-org/gitlab-ee/issues/12877
---
 .../unreleased/sh-support-docker-oci-images.yml    |  5 +++
 lib/container_registry/client.rb                   |  9 ++++--
 spec/lib/container_registry/client_spec.rb         | 36 ++++++++++++++++++++++
 spec/lib/container_registry/tag_spec.rb            |  2 +-
 spec/models/container_repository_spec.rb           |  2 +-
 5 files changed, 49 insertions(+), 5 deletions(-)
 create mode 100644 changelogs/unreleased/sh-support-docker-oci-images.yml

diff --git a/changelogs/unreleased/sh-support-docker-oci-images.yml b/changelogs/unreleased/sh-support-docker-oci-images.yml
new file mode 100644
index 00000000000..2dcf980fa50
--- /dev/null
+++ b/changelogs/unreleased/sh-support-docker-oci-images.yml
@@ -0,0 +1,5 @@
+---
+title: Support Docker OCI images
+merge_request: 31127
+author:
+type: fixed
diff --git a/lib/container_registry/client.rb b/lib/container_registry/client.rb
index c80f49f5ae0..c3a19af7a94 100644
--- a/lib/container_registry/client.rb
+++ b/lib/container_registry/client.rb
@@ -7,7 +7,9 @@ module ContainerRegistry
   class Client
     attr_accessor :uri
 
-    MANIFEST_VERSION = 'application/vnd.docker.distribution.manifest.v2+json'.freeze
+    DOCKER_DISTRIBUTION_MANIFEST_V2_TYPE = 'application/vnd.docker.distribution.manifest.v2+json'
+    OCI_MANIFEST_V1_TYPE = 'application/vnd.oci.image.manifest.v1+json'
+    ACCEPTED_TYPES = [DOCKER_DISTRIBUTION_MANIFEST_V2_TYPE, OCI_MANIFEST_V1_TYPE].freeze
 
     # Taken from: FaradayMiddleware::FollowRedirects
     REDIRECT_CODES = Set.new [301, 302, 303, 307]
@@ -60,12 +62,13 @@ module ContainerRegistry
     end
 
     def accept_manifest(conn)
-      conn.headers['Accept'] = MANIFEST_VERSION
+      conn.headers['Accept'] = ACCEPTED_TYPES
 
       conn.response :json, content_type: 'application/json'
       conn.response :json, content_type: 'application/vnd.docker.distribution.manifest.v1+prettyjws'
       conn.response :json, content_type: 'application/vnd.docker.distribution.manifest.v1+json'
-      conn.response :json, content_type: 'application/vnd.docker.distribution.manifest.v2+json'
+      conn.response :json, content_type: DOCKER_DISTRIBUTION_MANIFEST_V2_TYPE
+      conn.response :json, content_type: OCI_MANIFEST_V1_TYPE
     end
 
     def response_body(response, allow_redirect: false)
diff --git a/spec/lib/container_registry/client_spec.rb b/spec/lib/container_registry/client_spec.rb
index 3df33f48adb..ce06377bbbf 100644
--- a/spec/lib/container_registry/client_spec.rb
+++ b/spec/lib/container_registry/client_spec.rb
@@ -6,6 +6,42 @@ describe ContainerRegistry::Client do
   let(:options) { { token: token } }
   let(:client) { described_class.new("http://container-registry", options) }
 
+  shared_examples '#repository_manifest' do |manifest_type|
+    let(:manifest) do
+      {
+        "schemaVersion" => 2,
+        "config" => {
+          "mediaType" => manifest_type,
+          "digest" =>
+          "sha256:4a3ef0786dd241be6000311e1503869b320be433b9cba84cfafeb512d1720c95",
+          "size" => 6608
+        },
+        "layers" => [
+          {
+            "mediaType" => manifest_type,
+            "digest" =>
+            "sha256:83ef92b73cf4595aa7fe214ec6747228283d585f373d8f6bc08d66bebab531b7",
+            "size" => 2828661
+          }
+        ]
+ }
+    end
+
+    it 'GET /v2/:name/manifests/mytag' do
+      stub_request(:get, "http://container-registry/v2/group/test/manifests/mytag")
+        .with(headers: {
+                'Accept' => described_class::ACCEPTED_TYPES.join(', '),
+                'Authorization' => "bearer #{token}"
+              })
+        .to_return(status: 200, body: manifest.to_json, headers: { content_type: manifest_type })
+
+      expect(client.repository_manifest('group/test', 'mytag')).to eq(manifest)
+    end
+  end
+
+  it_behaves_like '#repository_manifest', described_class::DOCKER_DISTRIBUTION_MANIFEST_V2_TYPE
+  it_behaves_like '#repository_manifest', described_class::OCI_MANIFEST_V1_TYPE
+
   describe '#blob' do
     it 'GET /v2/:name/blobs/:digest' do
       stub_request(:get, "http://container-registry/v2/group/test/blobs/sha256:0123456789012345")
diff --git a/spec/lib/container_registry/tag_spec.rb b/spec/lib/container_registry/tag_spec.rb
index cb4ae3be525..65090f32f66 100644
--- a/spec/lib/container_registry/tag_spec.rb
+++ b/spec/lib/container_registry/tag_spec.rb
@@ -9,7 +9,7 @@ describe ContainerRegistry::Tag do
   end
 
   let(:headers) do
-    { 'Accept' => 'application/vnd.docker.distribution.manifest.v2+json' }
+    { 'Accept' => ContainerRegistry::Client::ACCEPTED_TYPES.join(', ') }
   end
 
   let(:tag) { described_class.new(repository, 'tag') }
diff --git a/spec/models/container_repository_spec.rb b/spec/models/container_repository_spec.rb
index 013112d1d51..935838ce294 100644
--- a/spec/models/container_repository_spec.rb
+++ b/spec/models/container_repository_spec.rb
@@ -16,7 +16,7 @@ describe ContainerRepository do
                                    host_port: 'registry.gitlab')
 
     stub_request(:get, 'http://registry.gitlab/v2/group/test/my_image/tags/list')
-      .with(headers: { 'Accept' => 'application/vnd.docker.distribution.manifest.v2+json' })
+      .with(headers: { 'Accept' => ContainerRegistry::Client::ACCEPTED_TYPES.join(', ') })
       .to_return(
         status: 200,
         body: JSON.dump(tags: ['test_tag']),
-- 
cgit v1.2.1


From d4ef3be35b63f3ef022e21d6ba56ffe41b8f192c Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Thu, 25 Jul 2019 21:33:32 +1200
Subject: Frozen string cannot change encoding

This was shown in specs but surely this will be happening in application
code as well if this method is passes a frozen string.

We were also trying to force_encode a OmniAuth::AuthHash which had the
very confusing behaviour of returning nil when it was sent a method that
it did not define. Fix that by only force_encoding a String.
---
 lib/gitlab/auth/o_auth/auth_hash.rb           | 3 +--
 lib/gitlab/utils.rb                           | 2 +-
 spec/lib/gitlab/auth/o_auth/auth_hash_spec.rb | 7 ++++++-
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/lib/gitlab/auth/o_auth/auth_hash.rb b/lib/gitlab/auth/o_auth/auth_hash.rb
index 72a187377d0..91b9ddc0d00 100644
--- a/lib/gitlab/auth/o_auth/auth_hash.rb
+++ b/lib/gitlab/auth/o_auth/auth_hash.rb
@@ -60,8 +60,7 @@ module Gitlab
 
         def get_info(key)
           value = info[key]
-          Gitlab::Utils.force_utf8(value) if value
-          value
+          value.is_a?(String) ? Gitlab::Utils.force_utf8(value) : value
         end
 
         def username_and_email
diff --git a/lib/gitlab/utils.rb b/lib/gitlab/utils.rb
index 31c9e18c996..c66ce0434a4 100644
--- a/lib/gitlab/utils.rb
+++ b/lib/gitlab/utils.rb
@@ -22,7 +22,7 @@ module Gitlab
     end
 
     def force_utf8(str)
-      str.force_encoding(Encoding::UTF_8)
+      str.dup.force_encoding(Encoding::UTF_8)
     end
 
     def ensure_utf8_size(str, bytes:)
diff --git a/spec/lib/gitlab/auth/o_auth/auth_hash_spec.rb b/spec/lib/gitlab/auth/o_auth/auth_hash_spec.rb
index 40001cea22e..a5436149818 100644
--- a/spec/lib/gitlab/auth/o_auth/auth_hash_spec.rb
+++ b/spec/lib/gitlab/auth/o_auth/auth_hash_spec.rb
@@ -40,7 +40,11 @@ describe Gitlab::Auth::OAuth::AuthHash do
       last_name:  last_name_ascii,
       name:       name_ascii,
       nickname:   nickname_ascii,
-      uid:        uid_ascii
+      uid:        uid_ascii,
+      address: {
+        locality: 'some locality',
+        country: 'some country'
+      }
     }
   end
 
@@ -51,6 +55,7 @@ describe Gitlab::Auth::OAuth::AuthHash do
     it { expect(auth_hash.username).to eql nickname_utf8 }
     it { expect(auth_hash.name).to eql name_utf8 }
     it { expect(auth_hash.password).not_to be_empty }
+    it { expect(auth_hash.location).to eq 'some locality, some country' }
   end
 
   context 'email not provided' do
-- 
cgit v1.2.1


From d3d4a1d968e149182019a064cca0ec45d9134522 Mon Sep 17 00:00:00 2001
From: Ezekiel Kigbo <ekigbo@gitlab.com>
Date: Thu, 25 Jul 2019 13:00:18 +0000
Subject: Autofix i18n lints for vue files

Autofixes additional linting errors
found in vue files.
---
 .../javascripts/boards/components/board_form.vue   | 27 ++++++++-------
 .../components/commit_sidebar/success_message.vue  |  4 ++-
 .../components/performance_bar_app.vue             |  4 +--
 locale/gitlab.pot                                  | 39 ++++++++++++++++++++++
 4 files changed, 59 insertions(+), 15 deletions(-)

diff --git a/app/assets/javascripts/boards/components/board_form.vue b/app/assets/javascripts/boards/components/board_form.vue
index 6754abf4019..ebf48cee2ae 100644
--- a/app/assets/javascripts/boards/components/board_form.vue
+++ b/app/assets/javascripts/boards/components/board_form.vue
@@ -1,4 +1,5 @@
 <script>
+import { __ } from '~/locale';
 import Flash from '~/flash';
 import DeprecatedModal from '~/vue_shared/components/deprecated_modal.vue';
 import { visitUrl } from '~/lib/utils/url_utility';
@@ -86,12 +87,12 @@ export default {
     },
     buttonText() {
       if (this.isNewForm) {
-        return 'Create board';
+        return __('Create board');
       }
       if (this.isDeleteForm) {
-        return 'Delete';
+        return __('Delete');
       }
-      return 'Save changes';
+      return __('Save changes');
     },
     buttonKind() {
       if (this.isNewForm) {
@@ -104,15 +105,15 @@ export default {
     },
     title() {
       if (this.isNewForm) {
-        return 'Create new board';
+        return __('Create new board');
       }
       if (this.isDeleteForm) {
-        return 'Delete board';
+        return __('Delete board');
       }
       if (this.readonly) {
-        return 'Board scope';
+        return __('Board scope');
       }
-      return 'Edit board';
+      return __('Edit board');
     },
     readonly() {
       return !this.canAdminBoard;
@@ -138,7 +139,7 @@ export default {
             visitUrl(boardsStore.rootPath);
           })
           .catch(() => {
-            Flash('Failed to delete board. Please try again.');
+            Flash(__('Failed to delete board. Please try again.'));
             this.isLoading = false;
           });
       } else {
@@ -149,7 +150,7 @@ export default {
             visitUrl(data.board_path);
           })
           .catch(() => {
-            Flash('Unable to save your changes. Please try again.');
+            Flash(__('Unable to save your changes. Please try again.'));
             this.isLoading = false;
           });
       }
@@ -182,17 +183,19 @@ export default {
     @submit="submit"
   >
     <template slot="body">
-      <p v-if="isDeleteForm">Are you sure you want to delete this board?</p>
+      <p v-if="isDeleteForm">{{ __('Are you sure you want to delete this board?') }}</p>
       <form v-else class="js-board-config-modal" @submit.prevent>
         <div v-if="!readonly" class="append-bottom-20">
-          <label class="form-section-title label-bold" for="board-new-name"> Board name </label>
+          <label class="form-section-title label-bold" for="board-new-name">{{
+            __('Board name')
+          }}</label>
           <input
             id="board-new-name"
             ref="name"
             v-model="board.name"
             class="form-control"
             type="text"
-            placeholder="Enter board name"
+            :placeholder="__('Enter board name')"
             @keyup.enter="submit"
           />
         </div>
diff --git a/app/assets/javascripts/ide/components/commit_sidebar/success_message.vue b/app/assets/javascripts/ide/components/commit_sidebar/success_message.vue
index b1d5de8682d..137f8bb18c7 100644
--- a/app/assets/javascripts/ide/components/commit_sidebar/success_message.vue
+++ b/app/assets/javascripts/ide/components/commit_sidebar/success_message.vue
@@ -10,7 +10,9 @@ export default {
 
 <template>
   <div class="multi-file-commit-panel-success-message" aria-live="assertive">
-    <div class="svg-content svg-80"><img :src="committedStateSvgPath" alt="" /></div>
+    <div class="svg-content svg-80">
+      <img :src="committedStateSvgPath" :alt="s__('IDE|Successful commit')" />
+    </div>
     <div class="append-right-default prepend-left-default">
       <div class="text-content text-center">
         <h4>{{ __('All changes are committed') }}</h4>
diff --git a/app/assets/javascripts/performance_bar/components/performance_bar_app.vue b/app/assets/javascripts/performance_bar/components/performance_bar_app.vue
index f05db8376a4..73c9c60765a 100644
--- a/app/assets/javascripts/performance_bar/components/performance_bar_app.vue
+++ b/app/assets/javascripts/performance_bar/components/performance_bar_app.vue
@@ -43,13 +43,13 @@ export default {
     },
     {
       metric: 'rugged',
-      header: 'Rugged calls',
+      header: s__('PerformanceBar|Rugged calls'),
       details: 'details',
       keys: ['feature', 'args'],
     },
     {
       metric: 'redis',
-      header: 'Redis calls',
+      header: s__('PerformanceBar|Redis calls'),
       details: 'details',
       keys: ['cmd'],
     },
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index cbab027d4a3..996f082f197 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -1239,6 +1239,9 @@ msgstr ""
 msgid "Are you sure you want to delete this %{typeOfComment}?"
 msgstr ""
 
+msgid "Are you sure you want to delete this board?"
+msgstr ""
+
 msgid "Are you sure you want to delete this device? This action cannot be undone."
 msgstr ""
 
@@ -1636,6 +1639,12 @@ msgstr ""
 msgid "Blog"
 msgstr ""
 
+msgid "Board name"
+msgstr ""
+
+msgid "Board scope"
+msgstr ""
+
 msgid "BoardBlankState|Add default lists"
 msgstr ""
 
@@ -3228,6 +3237,9 @@ msgstr ""
 msgid "Create a personal access token on your account to pull or push via %{protocol}."
 msgstr ""
 
+msgid "Create board"
+msgstr ""
+
 msgid "Create branch"
 msgstr ""
 
@@ -3267,6 +3279,9 @@ msgstr ""
 msgid "Create milestone"
 msgstr ""
 
+msgid "Create new board"
+msgstr ""
+
 msgid "Create new branch"
 msgstr ""
 
@@ -3495,6 +3510,9 @@ msgstr ""
 msgid "Delete Snippet"
 msgstr ""
 
+msgid "Delete board"
+msgstr ""
+
 msgid "Delete comment"
 msgstr ""
 
@@ -3887,6 +3905,9 @@ msgstr ""
 msgid "Edit application"
 msgstr ""
 
+msgid "Edit board"
+msgstr ""
+
 msgid "Edit comment"
 msgstr ""
 
@@ -4067,6 +4088,9 @@ msgstr ""
 msgid "Enter at least three characters to search"
 msgstr ""
 
+msgid "Enter board name"
+msgstr ""
+
 msgid "Enter in your Bitbucket Server URL and personal access token below"
 msgstr ""
 
@@ -4583,6 +4607,9 @@ msgstr ""
 msgid "Failed to create resources"
 msgstr ""
 
+msgid "Failed to delete board. Please try again."
+msgstr ""
+
 msgid "Failed to deploy to"
 msgstr ""
 
@@ -5382,6 +5409,9 @@ msgstr ""
 msgid "IDE|Review"
 msgstr ""
 
+msgid "IDE|Successful commit"
+msgstr ""
+
 msgid "IP Address"
 msgstr ""
 
@@ -7409,6 +7439,12 @@ msgstr ""
 msgid "PerformanceBar|Gitaly calls"
 msgstr ""
 
+msgid "PerformanceBar|Redis calls"
+msgstr ""
+
+msgid "PerformanceBar|Rugged calls"
+msgstr ""
+
 msgid "PerformanceBar|SQL queries"
 msgstr ""
 
@@ -11588,6 +11624,9 @@ msgstr ""
 msgid "Unable to resolve"
 msgstr ""
 
+msgid "Unable to save your changes. Please try again."
+msgstr ""
+
 msgid "Unable to schedule a pipeline to run immediately"
 msgstr ""
 
-- 
cgit v1.2.1


From 09a7e5cdd0003383b259dc7b7ff7a24691a9f78f Mon Sep 17 00:00:00 2001
From: Sanad Liaquat <sliaquat@gitlab.com>
Date: Thu, 25 Jul 2019 18:40:47 +0500
Subject: Retry if dropdown is not visible

---
 qa/qa/page/project/issue/show.rb | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/qa/qa/page/project/issue/show.rb b/qa/qa/page/project/issue/show.rb
index b59540d0377..507dccb52d0 100644
--- a/qa/qa/page/project/issue/show.rb
+++ b/qa/qa/page/project/issue/show.rb
@@ -70,7 +70,10 @@ module QA
           end
 
           def select_labels_and_refresh(labels)
-            click_element(:edit_link_labels)
+            Support::Retrier.retry_until do
+              click_element(:edit_link_labels)
+              has_element?(:dropdown_menu_labels, text: labels.first)
+            end
 
             labels.each do |label|
               within_element(:dropdown_menu_labels, text: label) do
-- 
cgit v1.2.1


From a1fc3ea77de24e3278841e9d64b12b9c8ffb97fd Mon Sep 17 00:00:00 2001
From: Tetiana Chupryna <tchupryna@gitlab.com>
Date: Thu, 25 Jul 2019 13:58:23 +0000
Subject: Fix typo in param name

---
 doc/api/dependencies.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/api/dependencies.md b/doc/api/dependencies.md
index ed5ebdade19..2496b038c7f 100644
--- a/doc/api/dependencies.md
+++ b/doc/api/dependencies.md
@@ -17,8 +17,8 @@ supported by Gemnasium.
 
 ```
 GET /projects/:id/dependencies
-GET /projects/:id/vulnerabilities?package_manger=maven
-GET /projects/:id/vulnerabilities?package_manger=yarn,bundler
+GET /projects/:id/vulnerabilities?package_manager=maven
+GET /projects/:id/vulnerabilities?package_manager=yarn,bundler
 ```
 
 | Attribute     | Type           | Required | Description                                                                                                                                                                 |
-- 
cgit v1.2.1


From cd2a503db06861595f537bee017fa84ce8f91558 Mon Sep 17 00:00:00 2001
From: Kerri Miller <kerrizor@kerrizor.com>
Date: Thu, 25 Jul 2019 14:02:10 +0000
Subject: Add a section of examples

We have a fairly good guide to Code Reviews, but can be improved
by adding a few examples of what a good code review looks like
at GitLab, specifically ones where there is a bit of back and
forth, "nit-picking," etc. This would:

+ help set expectations of newly hired engineers around what our
process looks like when it is functioning what level of scrutiny
their code will be under

+ how we have technical conversations

+ show by example how after you're done crafting a solution, there
can still be extra work done either tidying up code and/or managing
the communication and conversations about your proposed MR
---
 doc/development/code_review.md | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/doc/development/code_review.md b/doc/development/code_review.md
index 709cd0c806b..b7d74b17eb3 100644
--- a/doc/development/code_review.md
+++ b/doc/development/code_review.md
@@ -365,6 +365,31 @@ Enterprise Edition instance. This has some implications:
 1. **Filesystem access** can be slow, so try to avoid
    [shared files](shared_files.md) when an alternative solution is available.
 
+## Examples
+
+How code reviews are conducted can surprise new contributors. Here are some examples of code reviews that should help to orient you as to what to expect.
+
+**["Modify `DiffNote` to reuse it for Designs"](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/13703):**
+It contained everything from nitpicks around newlines to reasoning
+about what versions for designs are, how we should compare them
+if there was no previous version of a certain file (parent vs.
+blank `sha` vs empty tree).
+
+**["Support multi-line suggestions"](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/25211)**:
+The MR itself consists of a collaboration between FE and BE,
+and documenting comments from the author for the reviewer.
+There's some nitpicks, some questions for information, and
+towards the end, a security vulnerability.
+
+**["Allow multiple repositories per project"](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/10251)**:
+ZJ referred to the other projects (workhorse) this might impact,
+suggested some improvements for consistency. And James' comments
+helped us with overall code quality (using delegation, `&.` those
+types of things), and making the code more robust.
+
+**["Support multiple assignees for merge requests"](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/10161)**:
+A  good example of collaboration on an MR touching multiple parts of the codebase. Nick pointed out interesting edge cases, James Lopes also joined in raising concerns on import/export feature.
+
 ### Credits
 
 Largely based on the [thoughtbot code review guide].
-- 
cgit v1.2.1


From 82a8632b885d31851645da9633f68066d6ab3d65 Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Thu, 25 Jul 2019 14:12:45 +0000
Subject: Restructure project cluster topic

Also fixes links to section headings that
have changed.
---
 doc/README.md                                 |   2 +-
 doc/api/group_clusters.md                     |   2 +-
 doc/api/project_clusters.md                   |   2 +-
 doc/topics/autodevops/index.md                |   2 +-
 doc/user/clusters/applications.md             |   3 +-
 doc/user/project/clusters/index.md            | 414 +++++++++++++-------------
 doc/user/project/clusters/runbooks/index.md   |   4 +-
 doc/user/project/clusters/serverless/index.md |   5 +-
 8 files changed, 225 insertions(+), 209 deletions(-)

diff --git a/doc/README.md b/doc/README.md
index bf7017d8fb4..af675582a99 100644
--- a/doc/README.md
+++ b/doc/README.md
@@ -302,7 +302,7 @@ The following documentation relates to the DevOps **Configure** stage:
 | Configure Topics                                                                                                                   | Description                                                               |
 |:-----------------------------------------------------------------------------------------------------------------------------------|:--------------------------------------------------------------------------|
 | [Auto DevOps](topics/autodevops/index.md)                                                                                          | Automatically employ a complete DevOps lifecycle.                         |
-| [Easy creation of Kubernetes<br/>clusters on GKE](user/project/clusters/index.md#adding-and-creating-a-new-gke-cluster-via-gitlab) | Use Google Kubernetes Engine and GitLab.                                  |
+| [Create Kubernetes clusters on GKE](user/project/clusters/index.md#add-new-gke-cluster) | Use Google Kubernetes Engine and GitLab.                                  |
 | [Executable Runbooks](user/project/clusters/runbooks/index.md)                                                                     | Documented procedures that explain how to carry out particular processes. |
 | [GitLab ChatOps](ci/chatops/README.md)                                                                                             | Interact with CI/CD jobs through chat services.                           |
 | [Installing Applications](user/project/clusters/index.md#installing-applications)                                                  | Deploy Helm, Ingress, and Prometheus on Kubernetes.                       |
diff --git a/doc/api/group_clusters.md b/doc/api/group_clusters.md
index 31c0e6abead..29e58d9279a 100644
--- a/doc/api/group_clusters.md
+++ b/doc/api/group_clusters.md
@@ -210,7 +210,7 @@ Parameters:
 
 NOTE: **Note:**
 `name`, `api_url`, `ca_cert` and `token` can only be updated if the cluster was added
-through the ["Add an existing Kubernetes Cluster"](../user/project/clusters/index.md#adding-an-existing-kubernetes-cluster) option or
+through the ["Add existing Kubernetes cluster"](../user/project/clusters/index.md#add-existing-kubernetes-cluster) option or
 through the ["Add existing cluster to group"](#add-existing-cluster-to-group) endpoint.
 
 Example request:
diff --git a/doc/api/project_clusters.md b/doc/api/project_clusters.md
index 614ea41d572..762a4ad95ab 100644
--- a/doc/api/project_clusters.md
+++ b/doc/api/project_clusters.md
@@ -261,7 +261,7 @@ Parameters:
 
 NOTE: **Note:**
 `name`, `api_url`, `ca_cert` and `token` can only be updated if the cluster was added
-through the ["Add an existing Kubernetes Cluster"](../user/project/clusters/index.md#adding-an-existing-kubernetes-cluster) option or
+through the ["Add existing Kubernetes cluster"](../user/project/clusters/index.md#add-existing-kubernetes-cluster) option or
 through the ["Add existing cluster to project"](#add-existing-cluster-to-project) endpoint.
 
 Example request:
diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md
index c416dbac492..d7ac45149b9 100644
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -1058,7 +1058,7 @@ planned for a subsequent release.
   case, you may need to customize your `.gitlab-ci.yml` with your test commands.
 - Auto Deploy will fail if GitLab can not create a Kubernetes namespace and
   service account for your project. For help debugging this issue, see
-  [Troubleshooting failed deployment jobs](../../user/project/clusters/index.md#troubleshooting-failed-deployment-jobs).
+  [Troubleshooting failed deployment jobs](../../user/project/clusters/index.md#troubleshooting).
 
 ### Disable the banner instance wide
 
diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md
index d5c836554ce..e1a6f8fcf71 100644
--- a/doc/user/clusters/applications.md
+++ b/doc/user/clusters/applications.md
@@ -5,11 +5,12 @@ be added directly to your configured cluster. These applications are
 needed for [Review Apps](../../ci/review_apps/index.md) and
 [deployments](../../ci/environments.md) when using [Auto DevOps](../../topics/autodevops/index.md).
 You can install them after you
-[create a cluster](../project/clusters/index.md#adding-and-creating-a-new-gke-cluster-via-gitlab).
+[create a cluster](../project/clusters/index.md#add-new-gke-cluster).
 
 ## Installing applications
 
 Applications managed by GitLab will be installed onto the `gitlab-managed-apps` namespace.
+
 This namespace:
 
 - Is different from the namespace used for project deployments.
diff --git a/doc/user/project/clusters/index.md b/doc/user/project/clusters/index.md
index 35f2976899b..670dde6bb00 100644
--- a/doc/user/project/clusters/index.md
+++ b/doc/user/project/clusters/index.md
@@ -1,33 +1,111 @@
-# Connecting GitLab with a Kubernetes cluster
+# Kubernetes clusters
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/35954) in GitLab 10.1.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/35954) for
+>   projects in GitLab 10.1.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/34758) for
+>   [groups](../../group/clusters/index.md) in GitLab 11.6.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/39840) for
+>   [instances](../../instance/clusters/index.md) in GitLab 11.11.
 
-Connect your project to Google Kubernetes Engine (GKE) or an existing Kubernetes
-cluster in a few steps.
+GitLab provides many features with a Kubernetes integration. Kubernetes can be
+integrated with projects, but also:
+
+- [Groups](../../group/clusters/index.md).
+- [Instances](../../instance/clusters/index.md).
 
 NOTE: **Scalable app deployment with GitLab and Google Cloud Platform**
 [Watch the webcast](https://about.gitlab.com/webcast/scalable-app-deploy/) and learn how to spin up a Kubernetes cluster managed by Google Cloud Platform (GCP) in a few clicks.
 
 ## Overview
 
-With one or more Kubernetes clusters associated to your project, you can use
-[Review Apps](../../../ci/review_apps/index.md), deploy your applications, run
-your pipelines, use it with [Auto DevOps](../../../topics/autodevops/index.md),
-and much more, all from within GitLab.
+Using the GitLab project Kubernetes integration, you can:
+
+- Use [Review Apps](../../../ci/review_apps/index.md).
+- Run [pipelines](../../../ci/pipelines.md).
+- [Deploy](#deploying-to-a-kubernetes-cluster) your applications.
+- Detect and [monitor Kubernetes](#kubernetes-monitoring).
+- Use it with [Auto DevOps](#auto-devops).
+- Use [Web terminals](#web-terminals).
+- Use [Deploy Boards](#deploy-boards-premium). **(PREMIUM)**
+- Use [Canary Deployments](#canary-deployments-premium). **(PREMIUM)**
+- View [Pod logs](#pod-logs-ultimate). **(ULTIMATE)**
+
+You can also:
+
+- Connect and deploy to an [Amazon EKS cluster](eks_and_gitlab/index.html).
+- Run serverless workloads on [Kubernetes with Knative](serverless/index.md).
+
+### Deploy Boards **(PREMIUM)**
+
+GitLab's Deploy Boards offer a consolidated view of the current health and
+status of each CI [environment](../../../ci/environments.md) running on Kubernetes,
+displaying the status of the pods in the deployment. Developers and other
+teammates can view the progress and status of a rollout, pod by pod, in the
+workflow they already use without any need to access Kubernetes.
+
+[Read more about Deploy Boards](../deploy_boards.md)
+
+### Canary Deployments **(PREMIUM)**
+
+Leverage [Kubernetes' Canary deployments](https://kubernetes.io/docs/concepts/cluster-administration/manage-deployment/#canary-deployments)
+and visualize your canary deployments right inside the Deploy Board, without
+the need to leave GitLab.
+
+[Read more about Canary Deployments](../canary_deployments.md)
+
+### Pod logs **(ULTIMATE)**
+
+GitLab makes it easy to view the logs of running pods in connected Kubernetes clusters. By displaying the logs directly in GitLab, developers can avoid having to manage console tools or jump to a different interface.
+
+[Read more about Kubernetes pod logs](kubernetes_pod_logs.md)
+
+### Kubernetes monitoring
 
-There are two options when adding a new cluster to your project; either associate
-your account with Google Kubernetes Engine (GKE) so that you can [create new
-clusters](#adding-and-creating-a-new-gke-cluster-via-gitlab) from within GitLab,
-or provide the credentials to an [existing Kubernetes cluster](#adding-an-existing-kubernetes-cluster).
+Automatically detect and monitor Kubernetes metrics. Automatic monitoring of
+[NGINX ingress](../integrations/prometheus_library/nginx.md) is also supported.
+
+[Read more about Kubernetes monitoring](../integrations/prometheus_library/kubernetes.md)
+
+### Auto DevOps
+
+Auto DevOps automatically detects, builds, tests, deploys, and monitors your
+applications.
+
+To make full use of Auto DevOps(Auto Deploy, Auto Review Apps, and Auto Monitoring)
+you will need the Kubernetes project integration enabled.
+
+[Read more about Auto DevOps](../../../topics/autodevops/index.md)
+
+### Web terminals
 
 NOTE: **Note:**
-From [GitLab 11.6](https://gitlab.com/gitlab-org/gitlab-ce/issues/34758) you
-can also associate a Kubernetes cluster to your groups and from
-[GitLab 11.11](https://gitlab.com/gitlab-org/gitlab-ce/issues/39840),
-to the GitLab instance. Learn more about [group-level](../../group/clusters/index.md)
-and [instance-level](../../instance/clusters/index.md) Kubernetes clusters.
+Introduced in GitLab 8.15. You must be the project owner or have `maintainer` permissions
+to use terminals. Support is limited to the first container in the
+first pod of your environment.
+
+When enabled, the Kubernetes service adds [web terminal](../../../ci/environments.md#web-terminals)
+support to your [environments](../../../ci/environments.md). This is based on the `exec` functionality found in
+Docker and Kubernetes, so you get a new shell session within your existing
+containers. To use this integration, you should deploy to Kubernetes using
+the deployment variables above, ensuring any deployments, replica sets, and
+pods are annotated with:
 
-## Adding and creating a new GKE cluster via GitLab
+- `app.gitlab.com/env: $CI_ENVIRONMENT_SLUG`
+- `app.gitlab.com/app: $CI_PROJECT_PATH_SLUG`
+
+`$CI_ENVIRONMENT_SLUG` and `$CI_PROJECT_PATH_SLUG` are the values of
+the CI variables.
+
+## Adding and removing clusters
+
+There are two options when adding a new cluster to your project:
+
+- Associate your account with Google Kubernetes Engine (GKE) to
+  [create new clusters](#add-new-gke-cluster) from within GitLab.
+- Provide credentials to an
+  [existing Kubernetes cluster](#add-existing-kubernetes-cluster).
+
+### Add new GKE cluster
 
 TIP: **Tip:**
 Every new Google Cloud Platform (GCP) account receives [$300 in credit upon sign up](https://console.cloud.google.com/freetrial),
@@ -39,7 +117,7 @@ The [Google authentication integration](../../../integration/google.md) must
 be enabled in GitLab at the instance level. If that's not the case, ask your
 GitLab administrator to enable it. On GitLab.com, this is enabled.
 
-### Requirements
+#### Requirements
 
 Before creating your first cluster on Google Kubernetes Engine with GitLab's
 integration, make sure the following requirements are met:
@@ -49,7 +127,7 @@ integration, make sure the following requirements are met:
 - The Kubernetes Engine API and related service are enabled. It should work immediately but may take up to 10 minutes after you create a project. For more information see the
   ["Before you begin" section of the Kubernetes Engine docs](https://cloud.google.com/kubernetes-engine/docs/quickstart#before-you-begin).
 
-### Creating the cluster
+#### Creating the cluster
 
 If all of the above requirements are met, you can proceed to create and add a
 new Kubernetes cluster to your project:
@@ -57,7 +135,7 @@ new Kubernetes cluster to your project:
 1. Navigate to your project's **Operations > Kubernetes** page.
 
    NOTE: **Note:**
-   You need Maintainer [permissions] and above to access the Kubernetes page.
+   You need Maintainer [permissions](../../permissions.md) and above to access the Kubernetes page.
 
 1. Click **Add Kubernetes cluster**.
 1. Click **Create with Google Kubernetes Engine**.
@@ -91,14 +169,14 @@ client certificate is enabled.
 NOTE: **Note:**
 Starting from [GitLab 12.1](https://gitlab.com/gitlab-org/gitlab-ce/issues/55902), all GKE clusters created by GitLab are RBAC enabled. Take a look at the [RBAC section](#rbac-cluster-resources) for more information.
 
-## Adding an existing Kubernetes cluster
+### Add existing Kubernetes cluster
 
 To add an existing Kubernetes cluster to your project:
 
 1. Navigate to your project's **Operations > Kubernetes** page.
 
    NOTE: **Note:**
-   You need Maintainer [permissions] and above to access the Kubernetes page.
+   You need Maintainer [permissions](../../permissions.md) and above to access the Kubernetes page.
 
 1. Click **Add Kubernetes cluster**.
 1. Click **Add an existing Kubernetes cluster** and fill in the details:
@@ -216,7 +294,36 @@ To add an existing Kubernetes cluster to your project:
 After a couple of minutes, your cluster will be ready to go. You can now proceed
 to install some [pre-defined applications](#installing-applications).
 
-## Security implications
+### Enabling or disabling integration
+
+After you have successfully added your cluster information, you can enable the
+Kubernetes cluster integration:
+
+1. Click the **Enabled/Disabled** switch
+1. Hit **Save** for the changes to take effect
+
+To disable the Kubernetes cluster integration, follow the same procedure.
+
+### Removing integration
+
+NOTE: **Note:**
+You need Maintainer [permissions](../../permissions.md) and above to remove a Kubernetes cluster integration.
+
+NOTE: **Note:**
+When you remove a cluster, you only remove its relation to GitLab, not the
+cluster itself. To remove the cluster, you can do so by visiting the GKE
+dashboard or using `kubectl`.
+
+To remove the Kubernetes cluster integration from your project, simply click the
+**Remove integration** button. You will then be able to follow the procedure
+and add a Kubernetes cluster again.
+
+## Cluster configuration
+
+This section covers important considerations for configuring Kubernetes
+clusters with GitLab.
+
+### Security implications
 
 CAUTION: **Important:**
 The whole cluster security is based on a model where [developers](../../permissions.md)
@@ -227,7 +334,7 @@ functionalities needed to successfully build and deploy a containerized
 application. Bear in mind that the same credentials are used for all the
 applications running on the cluster.
 
-## GitLab-managed clusters
+### GitLab-managed clusters
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22011) in GitLab 11.5.
 > Became [optional](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/26565) in GitLab 11.11.
@@ -246,7 +353,7 @@ NOTE: **Note:**
 If you [install applications](#installing-applications) on your cluster, GitLab will create
 the resources required to run these even if you have chosen to manage your own cluster.
 
-## Base domain
+### Base domain
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/24580) in GitLab 11.8.
 
@@ -264,7 +371,7 @@ you can either:
 - Create an `A` record that points to the Ingress IP address with your domain provider.
 - Enter a wildcard DNS address using a service such as nip.io or xip.io. For example, `192.168.1.1.xip.io`.
 
-## Access controls
+### Access controls
 
 When creating a cluster in GitLab, you will be asked if you would like to create either:
 
@@ -294,12 +401,12 @@ Helm will also create additional service accounts and other resources for each
 installed application. Consult the documentation of the Helm charts for each application
 for details.
 
-If you are [adding an existing Kubernetes cluster](#adding-an-existing-kubernetes-cluster),
+If you are [adding an existing Kubernetes cluster](#add-existing-kubernetes-cluster),
 ensure the token of the account has administrator privileges for the cluster.
 
 The resources created by GitLab differ depending on the type of cluster.
 
-### ABAC cluster resources
+#### ABAC cluster resources
 
 GitLab creates the following resources for ABAC clusters.
 
@@ -312,7 +419,7 @@ GitLab creates the following resources for ABAC clusters.
 | Project namespace | `ServiceAccount`     | Uses namespace of Project         | Deploying to a cluster     |
 | Project namespace | `Secret`             | Token for project ServiceAccount  | Deploying to a cluster     |
 
-### RBAC cluster resources
+#### RBAC cluster resources
 
 GitLab creates the following resources for RBAC clusters.
 
@@ -330,11 +437,12 @@ GitLab creates the following resources for RBAC clusters.
 NOTE: **Note:**
 Project-specific resources are only created if your cluster is [managed by GitLab](#gitlab-managed-clusters).
 
-### Security of GitLab Runners
+#### Security of GitLab Runners
 
 GitLab Runners have the [privileged mode](https://docs.gitlab.com/runner/executors/docker.html#the-privileged-mode)
 enabled by default, which allows them to execute special commands and running
-Docker in Docker. This functionality is needed to run some of the [Auto DevOps]
+Docker in Docker. This functionality is needed to run some of the
+[Auto DevOps](../../../topics/autodevops/index.md)
 jobs. This implies the containers are running in privileged mode and you should,
 therefore, be aware of some important details.
 
@@ -353,6 +461,69 @@ If you don't want to use GitLab Runner in privileged mode, either:
   1. Installing a Runner
      [using `docker+machine`](https://docs.gitlab.com/runner/executors/docker_machine.html).
 
+### Setting the environment scope **(PREMIUM)**
+
+When adding more than one Kubernetes cluster to your project, you need to differentiate
+them with an environment scope. The environment scope associates clusters with [environments](../../../ci/environments.md) similar to how the
+[environment-specific variables](../../../ci/variables/README.md#limiting-environment-scopes-of-environment-variables-premium) work.
+
+The default environment scope is `*`, which means all jobs, regardless of their
+environment, will use that cluster. Each scope can only be used by a single
+cluster in a project, and a validation error will occur if otherwise.
+Also, jobs that don't have an environment keyword set will not be able to access any cluster.
+
+For example, let's say the following Kubernetes clusters exist in a project:
+
+| Cluster     | Environment scope |
+| ----------- | ----------------- |
+| Development | `*`               |
+| Staging     | `staging`         |
+| Production  | `production`      |
+
+And the following environments are set in [`.gitlab-ci.yml`](../../../ci/yaml/README.md):
+
+```yaml
+stages:
+- test
+- deploy
+
+test:
+  stage: test
+  script: sh test
+
+deploy to staging:
+  stage: deploy
+  script: make deploy
+  environment:
+    name: staging
+    url: https://staging.example.com/
+
+deploy to production:
+  stage: deploy
+  script: make deploy
+  environment:
+    name: production
+    url: https://example.com/
+```
+
+The result will then be:
+
+- The development cluster will be used for the "test" job.
+- The staging cluster will be used for the "deploy to staging" job.
+- The production cluster will be used for the "deploy to production" job.
+
+### Multiple Kubernetes clusters **(PREMIUM)**
+
+> Introduced in [GitLab Premium](https://about.gitlab.com/pricing/) 10.3.
+
+With GitLab Premium, you can associate more than one Kubernetes cluster to your
+project. That way you can have different clusters for different environments,
+like dev, staging, production, etc.
+
+Simply add another cluster, like you did the first time, and make sure to
+[set an environment scope](#setting-the-environment-scope-premium) that will
+differentiate the new cluster with the rest.
+
 ## Installing applications
 
 GitLab can install and manage some applications in your project-level
@@ -360,7 +531,7 @@ cluster. For more information on installing, upgrading, uninstalling,
 and troubleshooting applications for your project cluster, see
 [Gitlab Managed Apps](../../clusters/applications.md).
 
-## Getting the external endpoint
+### Getting the external endpoint
 
 NOTE: **Note:**
 With the following procedure, a load balancer must be installed in your cluster
@@ -371,7 +542,7 @@ to obtain the endpoint. You can use either
 In order to publish your web application, you first need to find the endpoint which will be either an IP
 address or a hostname associated with your load balancer.
 
-### Automatically determining the external endpoint
+#### Automatically determining the external endpoint
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/17052) in GitLab 10.6.
 
@@ -386,7 +557,7 @@ and your cluster runs on Google Kubernetes Engine:
 If GitLab is still unable to determine the endpoint of your Ingress or Knative application, you can
 manually determine it by following the steps below.
 
-### Manually determining the external endpoint
+#### Manually determining the external endpoint
 
 If the cluster is on GKE, click the **Google Kubernetes Engine** link in the
 **Advanced settings**, or go directly to the
@@ -425,7 +596,7 @@ Otherwise, you can list the IP addresses of all load balancers:
 kubectl get svc --all-namespaces -o jsonpath='{range.items[?(@.status.loadBalancer.ingress)]}{.status.loadBalancer.ingress[*].ip} '
 ```
 
-### Using a static IP
+#### Using a static IP
 
 By default, an ephemeral external IP address is associated to the cluster's load
 balancer. If you associate the ephemeral IP with your DNS and the IP changes,
@@ -435,79 +606,19 @@ reserved IP.
 
 Read how to [promote an ephemeral external IP address in GKE](https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address#promote_ephemeral_ip).
 
-### Pointing your DNS at the external endpoint
+#### Pointing your DNS at the external endpoint
 
 Once you've set up the external endpoint, you should associate it with a [wildcard DNS
 record](https://en.wikipedia.org/wiki/Wildcard_DNS_record) such as `*.example.com.`
 in order to be able to reach your apps. If your external endpoint is an IP address,
 use an A record. If your external endpoint is a hostname, use a CNAME record.
 
-## Multiple Kubernetes clusters **(PREMIUM)**
+## Deploying to a Kubernetes cluster
 
-> Introduced in [GitLab Premium][ee] 10.3.
+A Kubernetes cluster can be the destination for a deployment job, using
+special [deployment variables](#deployment-variables).
 
-With GitLab Premium, you can associate more than one Kubernetes clusters to your
-project. That way you can have different clusters for different environments,
-like dev, staging, production, etc.
-
-Simply add another cluster, like you did the first time, and make sure to
-[set an environment scope](#setting-the-environment-scope-premium) that will
-differentiate the new cluster with the rest.
-
-## Setting the environment scope **(PREMIUM)**
-
-When adding more than one Kubernetes cluster to your project, you need to differentiate
-them with an environment scope. The environment scope associates clusters with [environments](../../../ci/environments.md) similar to how the
-[environment-specific variables](../../../ci/variables/README.md#limiting-environment-scopes-of-environment-variables-premium) work.
-
-The default environment scope is `*`, which means all jobs, regardless of their
-environment, will use that cluster. Each scope can only be used by a single
-cluster in a project, and a validation error will occur if otherwise.
-Also, jobs that don't have an environment keyword set will not be able to access any cluster.
-
----
-
-For example, let's say the following Kubernetes clusters exist in a project:
-
-| Cluster     | Environment scope |
-| ----------- | ----------------- |
-| Development | `*`               |
-| Staging     | `staging`         |
-| Production  | `production`      |
-
-And the following environments are set in [`.gitlab-ci.yml`](../../../ci/yaml/README.md):
-
-```yaml
-stages:
-- test
-- deploy
-
-test:
-  stage: test
-  script: sh test
-
-deploy to staging:
-  stage: deploy
-  script: make deploy
-  environment:
-    name: staging
-    url: https://staging.example.com/
-
-deploy to production:
-  stage: deploy
-  script: make deploy
-  environment:
-    name: production
-    url: https://example.com/
-```
-
-The result will then be:
-
-- The development cluster will be used for the "test" job.
-- The staging cluster will be used for the "deploy to staging" job.
-- The production cluster will be used for the "deploy to production" job.
-
-## Deployment variables
+### Deployment variables
 
 The Kubernetes cluster integration exposes the following
 [deployment variables](../../../ci/variables/README.md#deployment-environment-variables) in the
@@ -527,7 +638,7 @@ NOTE: **NOTE:**
 Prior to GitLab 11.5, `KUBE_TOKEN` was the Kubernetes token of the main
 service account of the cluster integration.
 
-### Troubleshooting failed deployment jobs
+### Troubleshooting
 
 Before the deployment jobs starts, GitLab creates the following specifically for
 the deployment job:
@@ -559,105 +670,8 @@ namespaces and service accounts yourself.
 
 ## Monitoring your Kubernetes cluster **(ULTIMATE)**
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/4701) in [GitLab Ultimate][ee] 10.6.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/4701) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 10.6.
 
 When [Prometheus is deployed](#installing-applications), GitLab will automatically monitor the cluster's health. At the top of the cluster settings page, CPU and Memory utilization is displayed, along with the total amount available. Keeping an eye on cluster resources can be important, if the cluster runs out of memory pods may be shutdown or fail to start.
 
 ![Cluster Monitoring](img/k8s_cluster_monitoring.png)
-
-## Enabling or disabling the Kubernetes cluster integration
-
-After you have successfully added your cluster information, you can enable the
-Kubernetes cluster integration:
-
-1. Click the **Enabled/Disabled** switch
-1. Hit **Save** for the changes to take effect
-
-You can now start using your Kubernetes cluster for your deployments.
-
-To disable the Kubernetes cluster integration, follow the same procedure.
-
-## Removing the Kubernetes cluster integration
-
-NOTE: **Note:**
-You need Maintainer [permissions] and above to remove a Kubernetes cluster integration.
-
-NOTE: **Note:**
-When you remove a cluster, you only remove its relation to GitLab, not the
-cluster itself. To remove the cluster, you can do so by visiting the GKE
-dashboard or using `kubectl`.
-
-To remove the Kubernetes cluster integration from your project, simply click the
-**Remove integration** button. You will then be able to follow the procedure
-and add a Kubernetes cluster again.
-
-## What you can get with the Kubernetes integration
-
-Here's what you can do with GitLab if you enable the Kubernetes integration.
-
-### Deploy Boards **(PREMIUM)**
-
-GitLab's Deploy Boards offer a consolidated view of the current health and
-status of each CI [environment](../../../ci/environments.md) running on Kubernetes,
-displaying the status of the pods in the deployment. Developers and other
-teammates can view the progress and status of a rollout, pod by pod, in the
-workflow they already use without any need to access Kubernetes.
-
-[Read more about Deploy Boards](../deploy_boards.md)
-
-### Canary Deployments **(PREMIUM)**
-
-Leverage [Kubernetes' Canary deployments](https://kubernetes.io/docs/concepts/cluster-administration/manage-deployment/#canary-deployments)
-and visualize your canary deployments right inside the Deploy Board, without
-the need to leave GitLab.
-
-[Read more about Canary Deployments](../canary_deployments.md)
-
-### Pod logs **(ULTIMATE)**
-
-GitLab makes it easy to view the logs of running pods in connected Kubernetes clusters. By displaying the logs directly in GitLab, developers can avoid having to manage console tools or jump to a different interface.
-
-[Read more about Kubernetes pod logs](kubernetes_pod_logs.md)
-
-### Kubernetes monitoring
-
-Automatically detect and monitor Kubernetes metrics. Automatic monitoring of
-[NGINX ingress](../integrations/prometheus_library/nginx.md) is also supported.
-
-[Read more about Kubernetes monitoring](../integrations/prometheus_library/kubernetes.md)
-
-### Auto DevOps
-
-Auto DevOps automatically detects, builds, tests, deploys, and monitors your
-applications.
-
-To make full use of Auto DevOps(Auto Deploy, Auto Review Apps, and Auto Monitoring)
-you will need the Kubernetes project integration enabled.
-
-[Read more about Auto DevOps](../../../topics/autodevops/index.md)
-
-### Web terminals
-
-NOTE: **Note:**
-Introduced in GitLab 8.15. You must be the project owner or have `maintainer` permissions
-to use terminals. Support is limited to the first container in the
-first pod of your environment.
-
-When enabled, the Kubernetes service adds [web terminal](../../../ci/environments.md#web-terminals)
-support to your [environments](../../../ci/environments.md). This is based on the `exec` functionality found in
-Docker and Kubernetes, so you get a new shell session within your existing
-containers. To use this integration, you should deploy to Kubernetes using
-the deployment variables above, ensuring any pods you create are labelled with
-`app=$CI_ENVIRONMENT_SLUG`. GitLab will do the rest!
-
-### Integrating Amazon EKS cluster with GitLab
-
-- Learn how to [connect and deploy to an Amazon EKS cluster](eks_and_gitlab/index.md).
-
-### Serverless
-
-- [Run serverless workloads on Kubernetes with Knative.](serverless/index.md)
-
-[permissions]: ../../permissions.md
-[ee]: https://about.gitlab.com/pricing/
-[Auto DevOps]: ../../../topics/autodevops/index.md
diff --git a/doc/user/project/clusters/runbooks/index.md b/doc/user/project/clusters/runbooks/index.md
index c021d059d30..8df27976662 100644
--- a/doc/user/project/clusters/runbooks/index.md
+++ b/doc/user/project/clusters/runbooks/index.md
@@ -35,7 +35,7 @@ for an overview of how this is accomplished in GitLab!**
 To create an executable runbook, you will need:
 
 1. **Kubernetes** - A Kubernetes cluster is required to deploy the rest of the applications.
-    The simplest way to get started is to add a cluster using [GitLab's GKE integration](../index.md#adding-and-creating-a-new-gke-cluster-via-gitlab).
+    The simplest way to get started is to add a cluster using [GitLab's GKE integration](../index.md#add-new-gke-cluster).
 1. **Helm Tiller** - Helm is a package manager for Kubernetes and is required to install
     all the other applications. It is installed in its own pod inside the cluster which
     can run the helm CLI in a safe environment.
@@ -60,7 +60,7 @@ the components outlined above and the preloaded demo runbook.
 
 ### 1. Add a Kubernetes cluster
 
-Follow the steps outlined in [Adding and creating a new GKE cluster via GitLab](../index.md#adding-and-creating-a-new-gke-cluster-via-gitlab)
+Follow the steps outlined in [Add new GKE cluster](../index.md#add-new-gke-cluster)
 to add a Kubernetes cluster to your project.
 
 ### 2. Install Helm Tiller, Ingress, and JupyterHub
diff --git a/doc/user/project/clusters/serverless/index.md b/doc/user/project/clusters/serverless/index.md
index a32759c7bdc..92ad49e9448 100644
--- a/doc/user/project/clusters/serverless/index.md
+++ b/doc/user/project/clusters/serverless/index.md
@@ -28,7 +28,7 @@ To run Knative on Gitlab, you will need:
    - If you are planning on deploying a serverless application, clone the sample [Knative Ruby App](https://gitlab.com/knative-examples/knative-ruby-app) to get started.
 
 1. **Kubernetes Cluster:** An RBAC-enabled Kubernetes cluster is required to deploy Knative.
-   The simplest way to get started is to add a cluster using [GitLab's GKE integration](../index.md#adding-and-creating-a-new-gke-cluster-via-gitlab).
+   The simplest way to get started is to add a cluster using [GitLab's GKE integration](../index.md#add-new-gke-cluster).
    The set of minimum recommended cluster specifications to run Knative is 3 nodes, 6 vCPUs, and 22.50 GB memory.
 1. **Helm Tiller:** Helm is a package manager for Kubernetes and is required to install
    Knative.
@@ -96,7 +96,8 @@ cluster which already has Knative installed.
 You must do the following:
 
 1. Follow the steps to
-   [add an existing Kubernetes cluster](../index.md#adding-an-existing-kubernetes-cluster).
+   [add an existing Kubernetes
+   cluster](../index.md#add-existing-kubernetes-cluster).
 
 1. Ensure GitLab can manage Knative:
    - For a non-GitLab managed cluster, ensure that the service account for the token
-- 
cgit v1.2.1


From 12b93fcb4986656bd5d020a6c60054013ed9abb7 Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Thu, 25 Jul 2019 14:16:25 +0000
Subject: Refine topics for Phase 2 of SSoT audit

Includes admin_area and application_security
topics.
---
 doc/user/admin_area/abuse_reports.md               | 16 ++++++++
 doc/user/admin_area/broadcast_messages.md          | 16 ++++++++
 doc/user/admin_area/custom_project_templates.md    | 45 ++++++++++++++++------
 .../container_scanning/index.md                    |  8 +++-
 doc/user/application_security/dast/index.md        | 16 ++++++++
 .../dependency_scanning/index.md                   | 18 ++++++++-
 doc/user/application_security/index.md             | 38 ++++++++++++++----
 .../license_management/index.md                    | 16 ++++++++
 doc/user/application_security/sast/index.md        | 16 ++++++++
 .../security_dashboard/index.md                    | 22 +++++++++--
 10 files changed, 187 insertions(+), 24 deletions(-)

diff --git a/doc/user/admin_area/abuse_reports.md b/doc/user/admin_area/abuse_reports.md
index 8088c33fc9c..0c5d2f81e25 100644
--- a/doc/user/admin_area/abuse_reports.md
+++ b/doc/user/admin_area/abuse_reports.md
@@ -1,3 +1,7 @@
+---
+type: reference, howto
+---
+
 # Abuse reports
 
 View and resolve abuse reports from GitLab users.
@@ -59,3 +63,15 @@ page:
 NOTE: **Note:**
 Users can be [blocked](../../api/users.md#block-user) and
 [unblocked](../../api/users.md#unblock-user) using the GitLab API.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/admin_area/broadcast_messages.md b/doc/user/admin_area/broadcast_messages.md
index 02445abdb37..01b6558bdbe 100644
--- a/doc/user/admin_area/broadcast_messages.md
+++ b/doc/user/admin_area/broadcast_messages.md
@@ -1,3 +1,7 @@
+---
+type: reference, howto
+---
+
 # Broadcast Messages
 
 GitLab can display messages to all users of a GitLab instance in a banner that appears in the UI.
@@ -51,3 +55,15 @@ Once deleted, the broadcast message is removed from the list of broadcast messag
 
 NOTE: **Note:**
 Broadcast messages can be deleted while active.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/admin_area/custom_project_templates.md b/doc/user/admin_area/custom_project_templates.md
index 427f3103cfc..02c2efaa4f3 100644
--- a/doc/user/admin_area/custom_project_templates.md
+++ b/doc/user/admin_area/custom_project_templates.md
@@ -1,26 +1,49 @@
+---
+type: reference
+---
+
 # Custom instance-level project templates **(PREMIUM ONLY)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/6860) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.2.
 
-When you create a new [project](../project/index.md), creating it based on custom project templates is
-a convenient bootstrap option.
+GitLab administrators can configure the group where all the custom project
+templates are sourced.
 
-GitLab administrators can configure a GitLab group that serves as template
-source for an entire GitLab instance under **Admin area > Settings > Custom project templates**.
+Every project directly under the group namespace will be
+available to the user if they have access to them. For example:
+
+- Public project in the group will be available to every logged in user.
+- Private projects will be available only if the user is a member of the project.
+
+Repository and database information that are copied over to each new project are
+identical to the data exported with
+[GitLab's Project Import/Export](../project/settings/import_export.md).
 
 NOTE: **Note:**
 To set project templates at a group level,
 see [Custom group-level project templates](../group/custom_project_templates.md).
 
-Within this section, you can configure the group where all the custom project
-templates are sourced. Every project directly under the group namespace will be
-available to the user if they have access to them. For example, every public
-project in the group will be available to every logged in user.
+## Configuring
 
-However, private projects will be available only if the user is a member of the project.
+GitLab administrators can configure a GitLab group that serves as template
+source for an entire GitLab instance by:
+
+1. Navigating to **Admin area > Settings > Templates**.
+1. Expanding **Custom project templates**.
+1. Selecting a group to use.
+1. Pressing **Save changes**.
 
 NOTE: **Note:**
 Projects below subgroups of the template group are **not** supported.
 
-Repository and database information that are copied over to each new project are
-identical to the data exported with [GitLab's Project Import/Export](../project/settings/import_export.md).
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/application_security/container_scanning/index.md b/doc/user/application_security/container_scanning/index.md
index da75684a3fe..86491c7d74e 100644
--- a/doc/user/application_security/container_scanning/index.md
+++ b/doc/user/application_security/container_scanning/index.md
@@ -1,3 +1,7 @@
+---
+type: reference, howto
+---
+
 # Container Scanning **(ULTIMATE)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/3672)
@@ -47,7 +51,7 @@ To enable Container Scanning in your pipeline, you need:
   your Docker image to your project's [Container Registry](../../project/container_registry.md).
   The name of the Docker image should match the following scheme:
 
-  ```
+  ```text
   $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA
   ```
 
@@ -114,7 +118,7 @@ When the GitLab Runner uses the Docker executor and NFS is used
 (e.g., `/var/lib/docker` is on an NFS mount), Container Scanning might fail with
 an error like the following:
 
-```
+```text
 docker: Error response from daemon: failed to copy xattrs: failed to set xattr "security.selinux" on /path/to/file: operation not supported.
 ```
 
diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md
index 4b98dd73d76..88e2d1ef22b 100644
--- a/doc/user/application_security/dast/index.md
+++ b/doc/user/application_security/dast/index.md
@@ -1,3 +1,7 @@
+---
+type: reference, howto
+---
+
 # Dynamic Application Security Testing (DAST) **(ULTIMATE)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/4348)
@@ -199,3 +203,15 @@ Once a vulnerability is found, you can interact with it. Read more on how to
 
 For more information about the vulnerabilities database update, check the
 [maintenance table](../index.md#maintenance-and-update-of-the-vulnerabilities-database).
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md
index a2f0584e8dc..6a810757a28 100644
--- a/doc/user/application_security/dependency_scanning/index.md
+++ b/doc/user/application_security/dependency_scanning/index.md
@@ -1,3 +1,7 @@
+---
+type: reference, howto
+---
+
 # Dependency Scanning **(ULTIMATE)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/5105)
@@ -150,7 +154,7 @@ using environment variables.
 | `DS_DOCKER_CLIENT_NEGOTIATION_TIMEOUT`  | Time limit for Docker client negotiation. Timeouts are parsed using Go's [`ParseDuration`](https://golang.org/pkg/time/#ParseDuration). Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`. For example, `300ms`, `1.5h`, or `2h45m`. |
 | `DS_PULL_ANALYZER_IMAGE_TIMEOUT`        | Time limit when pulling the image of an analyzer. Timeouts are parsed using Go's [`ParseDuration`](https://golang.org/pkg/time/#ParseDuration). Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`. For example, `300ms`, `1.5h`, or `2h45m`. |
 | `DS_RUN_ANALYZER_TIMEOUT`               | Time limit when running an analyzer. Timeouts are parsed using Go's [`ParseDuration`](https://golang.org/pkg/time/#ParseDuration). Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, `h`. For example, `300ms`, `1.5h`, or `2h45m`. |
-| `PIP_INDEX_URL`                         | Base URL of Python Package Index (default https://pypi.org/simple). |
+| `PIP_INDEX_URL`                         | Base URL of Python Package Index (default `https://pypi.org/simple`). |
 | `PIP_EXTRA_INDEX_URL`                   | Array of [extra URLs](https://pip.pypa.io/en/stable/reference/pip_install/#cmdoption-extra-index-url) of package indexes to use in addition to `PIP_INDEX_URL`. Comma separated. |
 
 ## Reports JSON format
@@ -342,3 +346,15 @@ Please check the [Release Process documentation](https://gitlab.com/gitlab-org/s
 You can search the [gemnasium-db](https://gitlab.com/gitlab-org/security-products/gemnasium-db) project
 to find a vulnerability in the Gemnasium database.
 You can also [submit new vulnerabilities](https://gitlab.com/gitlab-org/security-products/gemnasium-db/blob/master/CONTRIBUTING.md).
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md
index 56a4cbd26d2..31f0b5a050c 100644
--- a/doc/user/application_security/index.md
+++ b/doc/user/application_security/index.md
@@ -1,10 +1,22 @@
+---
+type: reference, howto
+---
+
 # GitLab Secure **(ULTIMATE)**
 
-Check your application for security vulnerabilities that may lead to unauthorized access,
-data leaks, and denial of services. GitLab will perform static and dynamic tests on the
-code of your application, looking for known flaws and report them in the merge request
-so you can fix them before merging. Security teams can use dashboards to get a
-high-level view on projects and groups, and start remediation processes when needed.
+Check your application for security vulnerabilities that may lead to
+unauthorized access, data leaks, and denial of services.
+
+GitLab will perform static and dynamic tests on the code of your application,
+looking for known flaws and report them in the merge request so you can fix
+them before merging.
+
+Security teams can use dashboards to get a high-level view on projects and
+groups, and start remediation processes when needed.
+
+<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
+For an overview of application security with GitLab, see
+[Security Deep Dive](https://www.youtube.com/watch?v=k4vEJnGYy84).
 
 ## Security scanning tools
 
@@ -54,7 +66,7 @@ Each security vulnerability in the merge request report or the
 entry, a detailed information will pop up with different possible options:
 
 - [Dismiss vulnerability](#dismissing-a-vulnerability): Dismissing a vulnerability
-  will place a <s>strikethrough</s> styling on it.
+  will place a ~~strikethrough~~ styling on it.
 - [Create issue](#creating-an-issue-for-a-vulnerability): The new issue will
   have the title and description pre-populated with the information from the
   vulnerability report and will be created as [confidential](../project/issues/confidential_issues.md) by default.
@@ -124,7 +136,7 @@ generated by GitLab. To apply the fix:
 #### Creating a merge request from a vulnerability
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/9224) in
-  [GitLab Ultimate](https://about.gitlab.com/pricing) 11.9.
+> [GitLab Ultimate](https://about.gitlab.com/pricing) 11.9.
 
 In certain cases, GitLab will allow you to create a merge request that will
 automatically remediate the vulnerability. Any vulnerability that has a
@@ -135,3 +147,15 @@ If this action is available there will be a **Create merge request** button in t
 Clicking on this button will create a merge request to apply the solution onto the source branch.
 
 ![Create merge request from vulnerability](img/create_issue_with_list_hover.png)
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/application_security/license_management/index.md b/doc/user/application_security/license_management/index.md
index b0eb753938b..c324848c703 100644
--- a/doc/user/application_security/license_management/index.md
+++ b/doc/user/application_security/license_management/index.md
@@ -1,3 +1,7 @@
+---
+type: reference, howto
+---
+
 # License Management **(ULTIMATE)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/5483)
@@ -227,3 +231,15 @@ pipeline ID that has a `license_management` job to see the Licenses tab with the
 licenses (if any).
 
 ![License Management Pipeline Tab](img/license_management_pipeline_tab.png)
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md
index 7df86eedd18..aac881112ff 100644
--- a/doc/user/application_security/sast/index.md
+++ b/doc/user/application_security/sast/index.md
@@ -1,3 +1,7 @@
+---
+type: reference, howto
+---
+
 # Static Application Security Testing (SAST) **(ULTIMATE)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/3775)
@@ -334,3 +338,15 @@ Once a vulnerability is found, you can interact with it. Read more on how to
 
 For more information about the vulnerabilities database update, check the
 [maintenance table](../index.md#maintenance-and-update-of-the-vulnerabilities-database).
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/application_security/security_dashboard/index.md b/doc/user/application_security/security_dashboard/index.md
index 4cd3fc5f735..ac8c1ac0354 100644
--- a/doc/user/application_security/security_dashboard/index.md
+++ b/doc/user/application_security/security_dashboard/index.md
@@ -1,3 +1,7 @@
+---
+type: reference, howto
+---
+
 # GitLab Security Dashboard **(ULTIMATE)**
 
 The Security Dashboard is a good place to get an overview of all the security
@@ -16,9 +20,9 @@ To benefit from the Security Dashboard you must first configure one of the
 The Security Dashboard supports the following reports:
 
 - [Container Scanning](../container_scanning/index.md)
-- [DAST](../dast/index.md)
+- [Dynamic Application Security Testing](../dast/index.md)
 - [Dependency Scanning](../dependency_scanning/index.md)
-- [SAST](../sast/index.md)
+- [Static Application Security Testing](../sast/index.md)
 
 ## Requirements
 
@@ -43,7 +47,7 @@ for your project. Use it to find and fix vulnerabilities affecting the
 ## Group Security Dashboard
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/6709) in
-  [GitLab Ultimate](https://about.gitlab.com/pricing) 11.5.
+> [GitLab Ultimate](https://about.gitlab.com/pricing) 11.5.
 
 The group Security Dashboard gives an overview of the vulnerabilities of all the
 projects in a group and its subgroups.
@@ -102,3 +106,15 @@ That way, reports are created even if no code change happens.
 When using [Auto DevOps](../../../topics/autodevops/index.md), use
 [special environment variables](../../../topics/autodevops/index.md#environment-variables)
 to configure daily security scans.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
-- 
cgit v1.2.1


From f1ea767818e5566a722115b4bccc7ea0aaf23e1a Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Thu, 25 Jul 2019 14:18:37 +0000
Subject: Improve steps for setting commit email

---
 doc/user/profile/index.md | 31 ++++++++++++++++---------------
 1 file changed, 16 insertions(+), 15 deletions(-)

diff --git a/doc/user/profile/index.md b/doc/user/profile/index.md
index 61a30a775b0..fc5eb8c7b56 100644
--- a/doc/user/profile/index.md
+++ b/doc/user/profile/index.md
@@ -147,39 +147,40 @@ You can also set your current status [using the API](../../api/users.md#user-sta
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/21598) in GitLab 11.4.
 
-A commit email, is the email that will be displayed in every Git-related action done through the
-GitLab interface.
+A commit email is an email address displayed in every Git-related action carried out through the GitLab interface.
 
-You are able to select from the list of your own verified emails which email you want to use as the commit email.
+Any of your own verified email addresses can be used as the commit email.
 
-To change it:
+To change your commit email:
 
-1. Open the user menu in the top-right corner of the navigation bar.
-1. Hit **Commit email** selection box.
+1. Click on your avatar at the top-right corner of the navigation bar.
+1. From the menu that appears, click **Settings**.
+1. In the **Main settings** section, locate  **Commit email** dropdown.
 1. Select any of the verified emails.
-1. Hit **Update profile settings**.
+1. Press **Update profile settings**.
 
 ### Private commit email
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22560) in GitLab 11.5.
 
-GitLab provides the user with an automatically generated private commit email option,
+GitLab provides users with an automatically generated private commit email option,
 which allows the user to not make their email information public.
 
 To enable this option:
 
-1. Open the user menu in the top-right corner of the navigation bar.
-1. Hit **Commit email** selection box.
-1. Select **Use a private email** option.
-1. Hit **Update profile settings**.
+1. Click on your avatar at the top-right corner of the navigation bar.
+1. From the menu that appears, click **Settings**.
+1. In the **Main settings** section, locate  **Commit email** dropdown.
+1. Select the "Use a private email" option.
+1. Press **Update profile settings**.
 
 Once this option is enabled, every Git-related action will be performed using the private commit email.
 
-In order to stay fully annonymous, you can also copy this private commit email
+In order to stay fully anonymous, you can also copy this private commit email
 and configure it on your local machine using the following command:
 
-```
-git config --global user.email "YOUR_PRIVATE_COMMIT_EMAIL"
+```sh
+git config --global user.email <YOUR_PRIVATE_COMMIT_EMAIL>
 ```
 
 ## Troubleshooting
-- 
cgit v1.2.1


From d6298a26367143a7ccbdbbd3961f7679780b6495 Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Thu, 25 Jul 2019 14:22:42 +0000
Subject: Update documentation for current state

---
 doc/user/project/container_registry.md      |  71 ++++++++++++++--------------
 doc/user/project/img/container_registry.png | Bin 35202 -> 0 bytes
 2 files changed, 36 insertions(+), 35 deletions(-)
 delete mode 100644 doc/user/project/img/container_registry.png

diff --git a/doc/user/project/container_registry.md b/doc/user/project/container_registry.md
index 9368c56004d..c9eb81b990c 100644
--- a/doc/user/project/container_registry.md
+++ b/doc/user/project/container_registry.md
@@ -1,13 +1,8 @@
 # GitLab Container Registry
 
-> **Notes:**
->
 > - [Introduced][ce-4040] in GitLab 8.8.
 > - Docker Registry manifest `v1` support was added in GitLab 8.9 to support Docker
 >   versions earlier than 1.10.
-> - This document is about the user guide. To learn how to enable GitLab Container
->   Registry across your GitLab instance, visit the
->   [administrator documentation](../../administration/container_registry.md).
 > - Starting from GitLab 8.12, if you have 2FA enabled in your account, you need
 >   to pass a [personal access token][pat] instead of your password in order to
 >   login to GitLab's Container Registry.
@@ -16,28 +11,33 @@
 With the Docker Container Registry integrated into GitLab, every project can
 have its own space to store its Docker images.
 
+This document is the user guide. To learn how to enable GitLab Container
+Registry across your GitLab instance, visit the
+[administrator documentation](../../administration/container_registry.md).
+
 You can read more about Docker Registry at <https://docs.docker.com/registry/introduction/>.
 
 ## Enable the Container Registry for your project
 
-NOTE: **Note:**
-If you cannot find the Container Registry entry under your project's settings,
-that means that it is not enabled in your GitLab instance. Ask your administrator
-to enable it.
-
-1. First, ask your system administrator to enable GitLab Container Registry
-   following the [administration documentation](../../administration/container_registry.md).
-   If you are using GitLab.com, this is enabled by default so you can start using
-   the Registry immediately. Currently there is a soft (10GB) size restriction for
-   registry on GitLab.com, as part of the [repository size limit](repository/index.md).
-1. Go to your [project's General settings](settings/index.md#sharing-and-permissions)
+If you cannot find the **Packages > Container Registry** entry under your
+project's sidebar, it is not enabled in your GitLab instance. Ask your
+administrator to enable GitLab Container Registry following the
+[administration documentation](../../administration/container_registry.md).
+
+If you are using GitLab.com, this is enabled by default so you can start using
+the Registry immediately. Currently there is a soft (10GB) size restriction for
+registry on GitLab.com, as part of the [repository size limit](repository/index.md).
+
+Once enabled for your GitLab instance, to enable Container Registry for your
+project:
+
+1. Go to your project's **Settings > General** page.
+1. Expand the **Visibility, project features, permissions** section
    and enable the **Container Registry** feature on your project. For new
    projects this might be enabled by default. For existing projects
    (prior GitLab 8.8), you will have to explicitly enable it.
-1. Hit **Save changes** for the changes to take effect. You should now be able
-   to see the **Registry** link in the sidebar.
-
-![Container Registry](img/container_registry.png)
+1. Press **Save changes** for the changes to take effect. You should now be able
+   to see the **Packages > Container Registry**  link in the sidebar.
 
 ## Build and push images
 
@@ -49,14 +49,14 @@ to enable it.
 > - To move or rename a repository with a container registry you will have to
 >   delete all existing images.
 
-If you visit the **Registry** link under your project's menu, you can see the
-explicit instructions to login to the Container Registry using your GitLab
-credentials.
+If you visit the **Packages > Container Registry** link under your project's
+menu, you can see the explicit instructions to login to the Container Registry
+using your GitLab credentials.
 
 For example if the Registry's URL is `registry.example.com`, then you should be
 able to login with:
 
-```
+```sh
 docker login registry.example.com
 ```
 
@@ -64,14 +64,14 @@ Building and publishing images should be a straightforward process. Just make
 sure that you are using the Registry URL with the namespace and project name
 that is hosted on GitLab:
 
-```
+```sh
 docker build -t registry.example.com/group/project/image .
 docker push registry.example.com/group/project/image
 ```
 
 Your image will be named after the following scheme:
 
-```
+```text
 <registry URL>/<namespace>/<project>/<image>
 ```
 
@@ -79,7 +79,7 @@ GitLab supports up to three levels of image repository names.
 
 Following examples of image tags are valid:
 
-```
+```text
 registry.example.com/group/project:some-tag
 registry.example.com/group/project/image:latest
 registry.example.com/group/project/my/image:rc1
@@ -90,7 +90,7 @@ registry.example.com/group/project/my/image:rc1
 To download and run a container from images hosted in GitLab Container Registry,
 use `docker run`:
 
-```
+```sh
 docker run [options] registry.example.com/group/project/image [arguments]
 ```
 
@@ -100,7 +100,7 @@ For more information on running Docker containers, visit the
 ## Control Container Registry from within GitLab
 
 GitLab offers a simple Container Registry management panel. Go to your project
-and click **Registry** in the project menu.
+and click **Packages > Container Registry** in the project menu.
 
 This view will show you all tags in your project and will easily allow you to
 delete them.
@@ -173,9 +173,9 @@ curl localhost:5001/debug/vars
 A Docker connection error can occur when there are special characters in either the group,
 project or branch name. Special characters can include:
 
-* Leading underscore
-* Trailing hyphen/dash
-* Double hyphen/dash
+- Leading underscore
+- Trailing hyphen/dash
+- Double hyphen/dash
 
 To get around this, you can [change the group path](../group/index.md#changing-a-groups-path),
 [change the project path](../project/settings/index.md#renaming-a-repository) or chanage the branch
@@ -183,7 +183,8 @@ name.
 
 ### Advanced Troubleshooting
 
->**NOTE:** The following section is only recommended for experts.
+NOTE: **Note:**
+The following section is only recommended for experts.
 
 Sometimes it's not obvious what is wrong, and you may need to dive deeper into
 the communication between the Docker client and the Registry to find out
@@ -195,7 +196,7 @@ diagnose a problem with the S3 setup.
 A user attempted to enable an S3-backed Registry. The `docker login` step went
 fine. However, when pushing an image, the output showed:
 
-```
+```text
 The push refers to a repository [s3-testing.myregistry.com:4567/root/docker-test/docker-image]
 dc5e59c14160: Pushing [==================================================>] 14.85 kB
 03c20c1a019a: Pushing [==================================================>] 2.048 kB
@@ -218,7 +219,7 @@ at the communication between the client and the Registry.
 The REST API between the Docker client and Registry is [described
 here](https://docs.docker.com/registry/spec/api/). Normally, one would just
 use Wireshark or tcpdump to capture the traffic and see where things went
-wrong.  However, since all communications between Docker clients and servers
+wrong. However, since all communications between Docker clients and servers
 are done over HTTPS, it's a bit difficult to decrypt the traffic quickly even
 if you know the private key. What can we do instead?
 
diff --git a/doc/user/project/img/container_registry.png b/doc/user/project/img/container_registry.png
deleted file mode 100644
index abbaf838538..00000000000
Binary files a/doc/user/project/img/container_registry.png and /dev/null differ
-- 
cgit v1.2.1


From e2080f94ef4ffb1dfd5e248633f4d15d9c7c6be9 Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Thu, 25 Jul 2019 14:23:27 +0000
Subject: Note GitLab University may be out of date in parts

---
 doc/university/README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/doc/university/README.md b/doc/university/README.md
index f696db2df20..b17f40b91a5 100644
--- a/doc/university/README.md
+++ b/doc/university/README.md
@@ -9,6 +9,10 @@ GitLab University is a great place to start when learning about version control
 
 If you're looking for a GitLab subscription for _your university_, see our [Education](https://about.gitlab.com/solutions/education/) page.
 
+CAUTION: **Caution:**
+Some of the content in GitLab University may be out of date and we plan to
+[evaluate](https://gitlab.com/gitlab-org/gitlab-ce/issues/41064) it.
+
 The GitLab University curriculum is composed of GitLab videos, screencasts, presentations, projects and external GitLab content hosted on other services and has been organized into the following sections:
 
 1. [GitLab Beginner](#1-gitlab-beginner).
-- 
cgit v1.2.1


From 7b5fb754f8b74e5b356e7e7ef882bada1acc20e7 Mon Sep 17 00:00:00 2001
From: Nathan Friend <nathan@gitlab.com>
Date: Thu, 25 Jul 2019 11:26:29 -0300
Subject: Improve pipeline status Slack notifications

This commit adds some formatting to the Slack notifications for pipeline
statuses, as well as adds information about the stage and jobs
that failed in the case of pipeline failure.
---
 .../chat_message/pipeline_message.rb               | 225 +++++++++-
 ...prove-slack-notification-on-pipeline-status.yml |   5 +
 locale/gitlab.pot                                  |  51 +++
 .../chat_message/pipeline_message_spec.rb          | 484 +++++++++++++++++----
 .../microsoft_teams_service_spec.rb                |   3 +-
 .../models/chat_service_shared_examples.rb         |   3 +-
 ...ack_mattermost_notifications_shared_examples.rb |   4 +-
 7 files changed, 671 insertions(+), 104 deletions(-)
 create mode 100644 changelogs/unreleased/32495-improve-slack-notification-on-pipeline-status.yml

diff --git a/app/models/project_services/chat_message/pipeline_message.rb b/app/models/project_services/chat_message/pipeline_message.rb
index 62aec4351db..4edf263433f 100644
--- a/app/models/project_services/chat_message/pipeline_message.rb
+++ b/app/models/project_services/chat_message/pipeline_message.rb
@@ -1,24 +1,47 @@
 # frozen_string_literal: true
+require 'slack-notifier'
 
 module ChatMessage
   class PipelineMessage < BaseMessage
+    MAX_VISIBLE_JOBS = 10
+
+    attr_reader :user
     attr_reader :ref_type
     attr_reader :ref
     attr_reader :status
+    attr_reader :detailed_status
     attr_reader :duration
+    attr_reader :finished_at
     attr_reader :pipeline_id
+    attr_reader :failed_stages
+    attr_reader :failed_jobs
+
+    attr_reader :project
+    attr_reader :commit
+    attr_reader :committer
+    attr_reader :pipeline
 
     def initialize(data)
       super
 
+      @user = data[:user]
       @user_name = data.dig(:user, :username) || 'API'
 
       pipeline_attributes = data[:object_attributes]
       @ref_type = pipeline_attributes[:tag] ? 'tag' : 'branch'
       @ref = pipeline_attributes[:ref]
       @status = pipeline_attributes[:status]
+      @detailed_status = pipeline_attributes[:detailed_status]
       @duration = pipeline_attributes[:duration].to_i
+      @finished_at = pipeline_attributes[:finished_at] ? Time.parse(pipeline_attributes[:finished_at]).to_i : nil
       @pipeline_id = pipeline_attributes[:id]
+      @failed_jobs = Array(data[:builds]).select { |b| b[:status] == 'failed' }.reverse # Show failed jobs from oldest to newest
+      @failed_stages = @failed_jobs.map { |j| j[:stage] }.uniq
+
+      @project = Project.find(data[:project][:id])
+      @commit = project.commit_by(oid: data[:commit][:id])
+      @committer = commit.committer
+      @pipeline = Ci::Pipeline.find(pipeline_id)
     end
 
     def pretext
@@ -28,38 +51,145 @@ module ChatMessage
     def attachments
       return message if markdown
 
-      [{ text: format(message), color: attachment_color }]
+      return [{ text: format(message), color: attachment_color }] unless fancy_notifications?
+
+      [{
+        fallback: format(message),
+        color: attachment_color,
+        author_name: user_combined_name,
+        author_icon: user_avatar,
+        author_link: author_url,
+        title: s_("ChatMessage|Pipeline #%{pipeline_id} %{humanized_status} in %{duration}") %
+          {
+            pipeline_id: pipeline_id,
+            humanized_status: humanized_status,
+            duration: pretty_duration(duration)
+          },
+        title_link: pipeline_url,
+        fields: attachments_fields,
+        footer: project.name,
+        footer_icon: project.avatar_url,
+        ts: finished_at
+      }]
     end
 
     def activity
       {
-        title: "Pipeline #{pipeline_link} of #{ref_type} #{branch_link} by #{user_combined_name} #{humanized_status}",
-        subtitle: "in #{project_link}",
-        text: "in #{pretty_duration(duration)}",
+        title: s_("ChatMessage|Pipeline %{pipeline_link} of %{ref_type} %{branch_link} by %{user_combined_name} %{humanized_status}") %
+          {
+            pipeline_link: pipeline_link,
+            ref_type: ref_type,
+            branch_link: branch_link,
+            user_combined_name: user_combined_name,
+            humanized_status: humanized_status
+          },
+        subtitle: s_("ChatMessage|in %{project_link}") % { project_link: project_link },
+        text: s_("ChatMessage|in %{duration}") % { duration: pretty_duration(duration) },
         image: user_avatar || ''
       }
     end
 
     private
 
+    def fancy_notifications?
+      Feature.enabled?(:fancy_pipeline_slack_notifications, default_enabled: true)
+    end
+
+    def failed_stages_field
+      {
+        title: s_("ChatMessage|Failed stage").pluralize(failed_stages.length),
+        value: Slack::Notifier::LinkFormatter.format(failed_stages_links),
+        short: true
+      }
+    end
+
+    def failed_jobs_field
+      {
+        title: s_("ChatMessage|Failed job").pluralize(failed_jobs.length),
+        value: Slack::Notifier::LinkFormatter.format(failed_jobs_links),
+        short: true
+      }
+    end
+
+    def yaml_error_field
+      {
+        title: s_("ChatMessage|Invalid CI config YAML file"),
+        value: pipeline.yaml_errors,
+        short: false
+      }
+    end
+
+    def attachments_fields
+      fields = [
+        {
+          title: ref_type == "tag" ? s_("ChatMessage|Tag") : s_("ChatMessage|Branch"),
+          value: Slack::Notifier::LinkFormatter.format(ref_name_link),
+          short: true
+        },
+        {
+          title: s_("ChatMessage|Commit"),
+          value: Slack::Notifier::LinkFormatter.format(commit_link),
+          short: true
+        }
+      ]
+
+      fields << failed_stages_field if failed_stages.any?
+      fields << failed_jobs_field if failed_jobs.any?
+      fields << yaml_error_field if pipeline.has_yaml_errors?
+
+      fields
+    end
+
     def message
-      "#{project_link}: Pipeline #{pipeline_link} of #{ref_type} #{branch_link} by #{user_combined_name} #{humanized_status} in #{pretty_duration(duration)}"
+      s_("ChatMessage|%{project_link}: Pipeline %{pipeline_link} of %{ref_type} %{branch_link} by %{user_combined_name} %{humanized_status} in %{duration}") %
+        {
+          project_link: project_link,
+          pipeline_link: pipeline_link,
+          ref_type: ref_type,
+          branch_link: branch_link,
+          user_combined_name: user_combined_name,
+          humanized_status: humanized_status,
+          duration: pretty_duration(duration)
+        }
     end
 
     def humanized_status
-      case status
-      when 'success'
-        'passed'
+      if fancy_notifications?
+        case status
+        when 'success'
+          detailed_status == "passed with warnings" ? s_("ChatMessage|has passed with warnings") : s_("ChatMessage|has passed")
+        when 'failed'
+          s_("ChatMessage|has failed")
+        else
+          status
+        end
       else
-        status
+        case status
+        when 'success'
+          s_("ChatMessage|passed")
+        when 'failed'
+          s_("ChatMessage|failed")
+        else
+          status
+        end
       end
     end
 
     def attachment_color
-      if status == 'success'
-        'good'
+      if fancy_notifications?
+        case status
+        when 'success'
+          detailed_status == 'passed with warnings' ? 'warning' : 'good'
+        else
+          'danger'
+        end
       else
-        'danger'
+        case status
+        when 'success'
+          'good'
+        else
+          'danger'
+        end
       end
     end
 
@@ -71,16 +201,83 @@ module ChatMessage
       "[#{ref}](#{branch_url})"
     end
 
+    def project_url
+      project.web_url
+    end
+
     def project_link
-      "[#{project_name}](#{project_url})"
+      "[#{project.name}](#{project_url})"
+    end
+
+    def pipeline_failed_jobs_url
+      "#{project_url}/pipelines/#{pipeline_id}/failures"
     end
 
     def pipeline_url
-      "#{project_url}/pipelines/#{pipeline_id}"
+      if fancy_notifications? && failed_jobs.any?
+        pipeline_failed_jobs_url
+      else
+        "#{project_url}/pipelines/#{pipeline_id}"
+      end
     end
 
     def pipeline_link
       "[##{pipeline_id}](#{pipeline_url})"
     end
+
+    def job_url(job)
+      "#{project_url}/-/jobs/#{job[:id]}"
+    end
+
+    def job_link(job)
+      "[#{job[:name]}](#{job_url(job)})"
+    end
+
+    def failed_jobs_links
+      failed = failed_jobs.slice(0, MAX_VISIBLE_JOBS)
+      truncated = failed_jobs.slice(MAX_VISIBLE_JOBS, failed_jobs.size)
+
+      failed_links = failed.map { |job| job_link(job) }
+
+      unless truncated.blank?
+        failed_links << s_("ChatMessage|and [%{count} more](%{pipeline_failed_jobs_url})") % {
+          count: truncated.size,
+          pipeline_failed_jobs_url: pipeline_failed_jobs_url
+        }
+      end
+
+      failed_links.join(I18n.translate(:'support.array.words_connector'))
+    end
+
+    def stage_link(stage)
+      # All stages link to the pipeline page
+      "[#{stage}](#{pipeline_url})"
+    end
+
+    def failed_stages_links
+      failed_stages.map { |s| stage_link(s) }.join(I18n.translate(:'support.array.words_connector'))
+    end
+
+    def commit_url
+      Gitlab::UrlBuilder.build(commit)
+    end
+
+    def commit_link
+      "[#{commit.title}](#{commit_url})"
+    end
+
+    def commits_page_url
+      "#{project_url}/commits/#{ref}"
+    end
+
+    def ref_name_link
+      "[#{ref}](#{commits_page_url})"
+    end
+
+    def author_url
+      return unless user && committer
+
+      Gitlab::UrlBuilder.build(committer)
+    end
   end
 end
diff --git a/changelogs/unreleased/32495-improve-slack-notification-on-pipeline-status.yml b/changelogs/unreleased/32495-improve-slack-notification-on-pipeline-status.yml
new file mode 100644
index 00000000000..b7b39303c2e
--- /dev/null
+++ b/changelogs/unreleased/32495-improve-slack-notification-on-pipeline-status.yml
@@ -0,0 +1,5 @@
+---
+title: Improve pipeline status Slack notifications
+merge_request: 27683
+author:
+type: added
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index cbab027d4a3..bc644925281 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -2011,6 +2011,57 @@ msgstr ""
 msgid "Chat"
 msgstr ""
 
+msgid "ChatMessage|%{project_link}: Pipeline %{pipeline_link} of %{ref_type} %{branch_link} by %{user_combined_name} %{humanized_status} in %{duration}"
+msgstr ""
+
+msgid "ChatMessage|Branch"
+msgstr ""
+
+msgid "ChatMessage|Commit"
+msgstr ""
+
+msgid "ChatMessage|Failed job"
+msgstr ""
+
+msgid "ChatMessage|Failed stage"
+msgstr ""
+
+msgid "ChatMessage|Invalid CI config YAML file"
+msgstr ""
+
+msgid "ChatMessage|Pipeline #%{pipeline_id} %{humanized_status} in %{duration}"
+msgstr ""
+
+msgid "ChatMessage|Pipeline %{pipeline_link} of %{ref_type} %{branch_link} by %{user_combined_name} %{humanized_status}"
+msgstr ""
+
+msgid "ChatMessage|Tag"
+msgstr ""
+
+msgid "ChatMessage|and [%{count} more](%{pipeline_failed_jobs_url})"
+msgstr ""
+
+msgid "ChatMessage|failed"
+msgstr ""
+
+msgid "ChatMessage|has failed"
+msgstr ""
+
+msgid "ChatMessage|has passed"
+msgstr ""
+
+msgid "ChatMessage|has passed with warnings"
+msgstr ""
+
+msgid "ChatMessage|in %{duration}"
+msgstr ""
+
+msgid "ChatMessage|in %{project_link}"
+msgstr ""
+
+msgid "ChatMessage|passed"
+msgstr ""
+
 msgid "Check again"
 msgstr ""
 
diff --git a/spec/models/project_services/chat_message/pipeline_message_spec.rb b/spec/models/project_services/chat_message/pipeline_message_spec.rb
index 8f9fa310ad4..619ab96af94 100644
--- a/spec/models/project_services/chat_message/pipeline_message_spec.rb
+++ b/spec/models/project_services/chat_message/pipeline_message_spec.rb
@@ -1,12 +1,9 @@
 # frozen_string_literal: true
-
 require 'spec_helper'
 
 describe ChatMessage::PipelineMessage do
   subject { described_class.new(args) }
 
-  let(:user) { { name: "The Hacker", username: 'hacker' } }
-  let(:duration) { 7210 }
   let(:args) do
     {
       object_attributes: {
@@ -14,122 +11,437 @@ describe ChatMessage::PipelineMessage do
         sha: '97de212e80737a608d939f648d959671fb0a0142',
         tag: false,
         ref: 'develop',
-        status: status,
-        duration: duration
+        status: 'success',
+        detailed_status: nil,
+        duration: 7210,
+        finished_at: "2019-05-27 11:56:36 -0300"
       },
       project: {
-        path_with_namespace: 'project_name',
-        web_url: 'http://example.gitlab.com'
+        id: 234,
+        name: "project_name",
+        path_with_namespace: 'group/project_name',
+        web_url: 'http://example.gitlab.com',
+        avatar_url: 'http://example.com/project_avatar'
+      },
+      user: {
+        id: 345,
+        name: "The Hacker",
+        username: "hacker",
+        email: "hacker@example.gitlab.com",
+        avatar_url: "http://example.com/avatar"
+      },
+      commit: {
+        id: "abcdef"
       },
-      user: user
+      builds: nil,
+      markdown: false
     }
   end
-  let(:combined_name) { "The Hacker (hacker)" }
 
-  context 'without markdown' do
-    context 'pipeline succeeded' do
-      let(:status) { 'success' }
-      let(:color) { 'good' }
-      let(:message) { build_message('passed', combined_name) }
+  let(:has_yaml_errors) { false }
+
+  before do
+    test_commit = double("A test commit", committer: args[:user], title: "A test commit message")
+    test_project = double("A test project",
+                          commit_by: test_commit, name: args[:project][:name],
+                          web_url: args[:project][:web_url], avatar_url: args[:project][:avatar_url])
+    allow(Project).to receive(:find) { test_project }
+
+    test_pipeline = double("A test pipeline", has_yaml_errors?: has_yaml_errors,
+                          yaml_errors: "yaml error description here")
+    allow(Ci::Pipeline).to receive(:find) { test_pipeline }
+
+    allow(Gitlab::UrlBuilder).to receive(:build).with(test_commit).and_return("http://example.com/commit")
+    allow(Gitlab::UrlBuilder).to receive(:build).with(args[:user]).and_return("http://example.gitlab.com/hacker")
+  end
+
+  context 'when the fancy_pipeline_slack_notifications feature flag is disabled' do
+    before do
+      stub_feature_flags(fancy_pipeline_slack_notifications: false)
+    end
+
+    it 'returns an empty pretext' do
+      expect(subject.pretext).to be_empty
+    end
+
+    it "returns the pipeline summary in the activity's title" do
+      expect(subject.activity[:title]).to eq(
+        "Pipeline [#123](http://example.gitlab.com/pipelines/123)" \
+          " of branch [develop](http://example.gitlab.com/commits/develop)" \
+          " by The Hacker (hacker) passed"
+      )
+    end
 
-      it 'returns a message with information about succeeded build' do
-        expect(subject.pretext).to be_empty
-        expect(subject.fallback).to eq(message)
-        expect(subject.attachments).to eq([text: message, color: color])
+    context "when the pipeline failed" do
+      before do
+        args[:object_attributes][:status] = 'failed'
+      end
+
+      it "returns the summary with a 'failed' status" do
+        expect(subject.activity[:title]).to eq(
+          "Pipeline [#123](http://example.gitlab.com/pipelines/123)" \
+            " of branch [develop](http://example.gitlab.com/commits/develop)" \
+            " by The Hacker (hacker) failed"
+        )
       end
     end
 
-    context 'pipeline failed' do
-      let(:status) { 'failed' }
-      let(:color) { 'danger' }
-      let(:message) { build_message(status, combined_name) }
+    context 'when no user is provided because the pipeline was triggered by the API' do
+      before do
+        args[:user] = nil
+      end
 
-      it 'returns a message with information about failed build' do
-        expect(subject.pretext).to be_empty
-        expect(subject.fallback).to eq(message)
-        expect(subject.attachments).to eq([text: message, color: color])
+      it "returns the summary with 'API' as the username" do
+        expect(subject.activity[:title]).to eq(
+          "Pipeline [#123](http://example.gitlab.com/pipelines/123)" \
+            " of branch [develop](http://example.gitlab.com/commits/develop)" \
+            " by API passed"
+        )
       end
+    end
 
-      context 'when triggered by API therefore lacking user' do
-        let(:user) { nil }
-        let(:message) { build_message(status, 'API') }
+    it "returns a link to the project in the activity's subtitle" do
+      expect(subject.activity[:subtitle]).to eq("in [project_name](http://example.gitlab.com)")
+    end
 
-        it 'returns a message stating it is by API' do
-          expect(subject.pretext).to be_empty
-          expect(subject.fallback).to eq(message)
-          expect(subject.attachments).to eq([text: message, color: color])
-        end
+    it "returns the build duration in the activity's text property" do
+      expect(subject.activity[:text]).to eq("in 02:00:10")
+    end
+
+    it "returns the user's avatar image URL in the activity's image property" do
+      expect(subject.activity[:image]).to eq("http://example.com/avatar")
+    end
+
+    context 'when the user does not have an avatar' do
+      before do
+        args[:user][:avatar_url] = nil
+      end
+
+      it "returns an empty string in the activity's image property" do
+        expect(subject.activity[:image]).to be_empty
+      end
+    end
+
+    it "returns the pipeline summary as the attachment's text property" do
+      expect(subject.attachments.first[:text]).to eq(
+        "<http://example.gitlab.com|project_name>:" \
+          " Pipeline <http://example.gitlab.com/pipelines/123|#123>" \
+          " of branch <http://example.gitlab.com/commits/develop|develop>" \
+          " by The Hacker (hacker) passed in 02:00:10"
+      )
+    end
+
+    it "returns 'good' as the attachment's color property" do
+      expect(subject.attachments.first[:color]).to eq('good')
+    end
+
+    context "when the pipeline failed" do
+      before do
+        args[:object_attributes][:status] = 'failed'
+      end
+
+      it "returns 'danger' as the attachment's color property" do
+        expect(subject.attachments.first[:color]).to eq('danger')
       end
     end
 
-    def build_message(status_text = status, name = user[:name])
-      "<http://example.gitlab.com|project_name>:" \
-        " Pipeline <http://example.gitlab.com/pipelines/123|#123>" \
-        " of branch <http://example.gitlab.com/commits/develop|develop>" \
-        " by #{name} #{status_text} in 02:00:10"
+    context 'when rendering markdown' do
+      before do
+        args[:markdown] = true
+      end
+
+      it 'returns the pipeline summary as the attachments in markdown format' do
+        expect(subject.attachments).to eq(
+          "[project_name](http://example.gitlab.com):" \
+            " Pipeline [#123](http://example.gitlab.com/pipelines/123)" \
+            " of branch [develop](http://example.gitlab.com/commits/develop)" \
+            " by The Hacker (hacker) passed in 02:00:10"
+        )
+      end
     end
   end
 
-  context 'with markdown' do
+  context 'when the fancy_pipeline_slack_notifications feature flag is enabled' do
     before do
-      args[:markdown] = true
-    end
-
-    context 'pipeline succeeded' do
-      let(:status) { 'success' }
-      let(:color) { 'good' }
-      let(:message) { build_markdown_message('passed', combined_name) }
-
-      it 'returns a message with information about succeeded build' do
-        expect(subject.pretext).to be_empty
-        expect(subject.attachments).to eq(message)
-        expect(subject.activity).to eq({
-          title: 'Pipeline [#123](http://example.gitlab.com/pipelines/123) of branch [develop](http://example.gitlab.com/commits/develop) by The Hacker (hacker) passed',
-          subtitle: 'in [project_name](http://example.gitlab.com)',
-          text: 'in 02:00:10',
-          image: ''
-        })
+      stub_feature_flags(fancy_pipeline_slack_notifications: true)
+    end
+
+    it 'returns an empty pretext' do
+      expect(subject.pretext).to be_empty
+    end
+
+    it "returns the pipeline summary in the activity's title" do
+      expect(subject.activity[:title]).to eq(
+        "Pipeline [#123](http://example.gitlab.com/pipelines/123)" \
+          " of branch [develop](http://example.gitlab.com/commits/develop)" \
+          " by The Hacker (hacker) has passed"
+      )
+    end
+
+    context "when the pipeline failed" do
+      before do
+        args[:object_attributes][:status] = 'failed'
+      end
+
+      it "returns the summary with a 'failed' status" do
+        expect(subject.activity[:title]).to eq(
+          "Pipeline [#123](http://example.gitlab.com/pipelines/123)" \
+            " of branch [develop](http://example.gitlab.com/commits/develop)" \
+            " by The Hacker (hacker) has failed"
+        )
+      end
+    end
+
+    context "when the pipeline passed with warnings" do
+      before do
+        args[:object_attributes][:detailed_status] = 'passed with warnings'
+      end
+
+      it "returns the summary with a 'passed with warnings' status" do
+        expect(subject.activity[:title]).to eq(
+          "Pipeline [#123](http://example.gitlab.com/pipelines/123)" \
+            " of branch [develop](http://example.gitlab.com/commits/develop)" \
+            " by The Hacker (hacker) has passed with warnings"
+        )
+      end
+    end
+
+    context 'when no user is provided because the pipeline was triggered by the API' do
+      before do
+        args[:user] = nil
+      end
+
+      it "returns the summary with 'API' as the username" do
+        expect(subject.activity[:title]).to eq(
+          "Pipeline [#123](http://example.gitlab.com/pipelines/123)" \
+            " of branch [develop](http://example.gitlab.com/commits/develop)" \
+            " by API has passed"
+        )
+      end
+    end
+
+    it "returns a link to the project in the activity's subtitle" do
+      expect(subject.activity[:subtitle]).to eq("in [project_name](http://example.gitlab.com)")
+    end
+
+    it "returns the build duration in the activity's text property" do
+      expect(subject.activity[:text]).to eq("in 02:00:10")
+    end
+
+    it "returns the user's avatar image URL in the activity's image property" do
+      expect(subject.activity[:image]).to eq("http://example.com/avatar")
+    end
+
+    context 'when the user does not have an avatar' do
+      before do
+        args[:user][:avatar_url] = nil
+      end
+
+      it "returns an empty string in the activity's image property" do
+        expect(subject.activity[:image]).to be_empty
+      end
+    end
+
+    it "returns the pipeline summary as the attachment's fallback property" do
+      expect(subject.attachments.first[:fallback]).to eq(
+        "<http://example.gitlab.com|project_name>:" \
+          " Pipeline <http://example.gitlab.com/pipelines/123|#123>" \
+          " of branch <http://example.gitlab.com/commits/develop|develop>" \
+          " by The Hacker (hacker) has passed in 02:00:10"
+      )
+    end
+
+    it "returns 'good' as the attachment's color property" do
+      expect(subject.attachments.first[:color]).to eq('good')
+    end
+
+    context "when the pipeline failed" do
+      before do
+        args[:object_attributes][:status] = 'failed'
+      end
+
+      it "returns 'danger' as the attachment's color property" do
+        expect(subject.attachments.first[:color]).to eq('danger')
+      end
+    end
+
+    context "when the pipeline passed with warnings" do
+      before do
+        args[:object_attributes][:detailed_status] = 'passed with warnings'
+      end
+
+      it "returns 'warning' as the attachment's color property" do
+        expect(subject.attachments.first[:color]).to eq('warning')
       end
     end
 
-    context 'pipeline failed' do
-      let(:status) { 'failed' }
-      let(:color) { 'danger' }
-      let(:message) { build_markdown_message(status, combined_name) }
+    it "returns the committer's name and username as the attachment's author_name property" do
+      expect(subject.attachments.first[:author_name]).to eq('The Hacker (hacker)')
+    end
+
+    it "returns the committer's avatar URL as the attachment's author_icon property" do
+      expect(subject.attachments.first[:author_icon]).to eq('http://example.com/avatar')
+    end
+
+    it "returns the committer's GitLab profile URL as the attachment's author_link property" do
+      expect(subject.attachments.first[:author_link]).to eq('http://example.gitlab.com/hacker')
+    end
+
+    context 'when no user is provided because the pipeline was triggered by the API' do
+      before do
+        args[:user] = nil
+      end
+
+      it "returns the committer's name and username as the attachment's author_name property" do
+        expect(subject.attachments.first[:author_name]).to eq('API')
+      end
+
+      it "returns nil as the attachment's author_icon property" do
+        expect(subject.attachments.first[:author_icon]).to be_nil
+      end
+
+      it "returns nil as the attachment's author_link property" do
+        expect(subject.attachments.first[:author_link]).to be_nil
+      end
+    end
+
+    it "returns the pipeline ID, status, and duration as the attachment's title property" do
+      expect(subject.attachments.first[:title]).to eq("Pipeline #123 has passed in 02:00:10")
+    end
+
+    it "returns the pipeline URL as the attachment's title_link property" do
+      expect(subject.attachments.first[:title_link]).to eq("http://example.gitlab.com/pipelines/123")
+    end
+
+    it "returns two attachment fields" do
+      expect(subject.attachments.first[:fields].count).to eq(2)
+    end
+
+    it "returns the commit message as the attachment's second field property" do
+      expect(subject.attachments.first[:fields][0]).to eq({
+        title: "Branch",
+        value: "<http://example.gitlab.com/commits/develop|develop>",
+        short: true
+      })
+    end
+
+    it "returns the ref name and link as the attachment's second field property" do
+      expect(subject.attachments.first[:fields][1]).to eq({
+        title: "Commit",
+        value: "<http://example.com/commit|A test commit message>",
+        short: true
+      })
+    end
+
+    context "when a job in the pipeline fails" do
+      before do
+        args[:builds] = [
+          { id: 1, name: "rspec", status: "failed", stage: "test" },
+          { id: 2, name: "karma", status: "success", stage: "test" }
+        ]
+      end
+
+      it "returns four attachment fields" do
+        expect(subject.attachments.first[:fields].count).to eq(4)
+      end
 
-      it 'returns a message with information about failed build' do
-        expect(subject.pretext).to be_empty
-        expect(subject.attachments).to eq(message)
-        expect(subject.activity).to eq({
-          title: 'Pipeline [#123](http://example.gitlab.com/pipelines/123) of branch [develop](http://example.gitlab.com/commits/develop) by The Hacker (hacker) failed',
-          subtitle: 'in [project_name](http://example.gitlab.com)',
-          text: 'in 02:00:10',
-          image: ''
+      it "returns the stage name and link to the 'Failed jobs' tab on the pipeline's page as the attachment's third field property" do
+        expect(subject.attachments.first[:fields][2]).to eq({
+          title: "Failed stage",
+          value: "<http://example.gitlab.com/pipelines/123/failures|test>",
+          short: true
         })
       end
 
-      context 'when triggered by API therefore lacking user' do
-        let(:user) { nil }
-        let(:message) { build_markdown_message(status, 'API') }
+      it "returns the job name and link as the attachment's fourth field property" do
+        expect(subject.attachments.first[:fields][3]).to eq({
+          title: "Failed job",
+          value: "<http://example.gitlab.com/-/jobs/1|rspec>",
+          short: true
+        })
+      end
+    end
+
+    context "when lots of jobs across multiple stages fail" do
+      before do
+        args[:builds] = (1..25).map do |i|
+          { id: i, name: "job-#{i}", status: "failed", stage: "stage-" + ((i % 3) + 1).to_s }
+        end
+      end
+
+      it "returns the stage names and links to the 'Failed jobs' tab on the pipeline's page as the attachment's third field property" do
+        expect(subject.attachments.first[:fields][2]).to eq({
+          title: "Failed stages",
+          value: "<http://example.gitlab.com/pipelines/123/failures|stage-2>, <http://example.gitlab.com/pipelines/123/failures|stage-1>, <http://example.gitlab.com/pipelines/123/failures|stage-3>",
+          short: true
+        })
+      end
 
-        it 'returns a message stating it is by API' do
-          expect(subject.pretext).to be_empty
-          expect(subject.attachments).to eq(message)
-          expect(subject.activity).to eq({
-            title: 'Pipeline [#123](http://example.gitlab.com/pipelines/123) of branch [develop](http://example.gitlab.com/commits/develop) by API failed',
-            subtitle: 'in [project_name](http://example.gitlab.com)',
-            text: 'in 02:00:10',
-            image: ''
-          })
+      it "returns the job names and links as the attachment's fourth field property" do
+        expected_jobs = 25.downto(16).map do |i|
+          "<http://example.gitlab.com/-/jobs/#{i}|job-#{i}>"
         end
+
+        expected_jobs << "and <http://example.gitlab.com/pipelines/123/failures|15 more>"
+
+        expect(subject.attachments.first[:fields][3]).to eq({
+          title: "Failed jobs",
+          value: expected_jobs.join(", "),
+          short: true
+        })
       end
     end
 
-    def build_markdown_message(status_text = status, name = user[:name])
-      "[project_name](http://example.gitlab.com):" \
-        " Pipeline [#123](http://example.gitlab.com/pipelines/123)" \
-        " of branch [develop](http://example.gitlab.com/commits/develop)" \
-        " by #{name} #{status_text} in 02:00:10"
+    context "when the CI config file contains a YAML error" do
+      let(:has_yaml_errors) { true }
+
+      it "returns three attachment fields" do
+        expect(subject.attachments.first[:fields].count).to eq(3)
+      end
+
+      it "returns the YAML error deatils as the attachment's third field property" do
+        expect(subject.attachments.first[:fields][2]).to eq({
+          title: "Invalid CI config YAML file",
+          value: "yaml error description here",
+          short: false
+        })
+      end
+    end
+
+    it "returns the stage name and link as the attachment's second field property" do
+      expect(subject.attachments.first[:fields][1]).to eq({
+        title: "Commit",
+        value: "<http://example.com/commit|A test commit message>",
+        short: true
+      })
+    end
+
+    it "returns the project's name as the attachment's footer property" do
+      expect(subject.attachments.first[:footer]).to eq("project_name")
+    end
+
+    it "returns the project's avatar URL as the attachment's footer_icon property" do
+      expect(subject.attachments.first[:footer_icon]).to eq("http://example.com/project_avatar")
+    end
+
+    it "returns the pipeline's timestamp as the attachment's ts property" do
+      expected_ts = Time.parse(args[:object_attributes][:finished_at]).to_i
+      expect(subject.attachments.first[:ts]).to eq(expected_ts)
+    end
+
+    context 'when rendering markdown' do
+      before do
+        args[:markdown] = true
+      end
+
+      it 'returns the pipeline summary as the attachments in markdown format' do
+        expect(subject.attachments).to eq(
+          "[project_name](http://example.gitlab.com):" \
+            " Pipeline [#123](http://example.gitlab.com/pipelines/123)" \
+            " of branch [develop](http://example.gitlab.com/commits/develop)" \
+            " by The Hacker (hacker) has passed in 02:00:10"
+        )
+      end
     end
   end
 end
diff --git a/spec/models/project_services/microsoft_teams_service_spec.rb b/spec/models/project_services/microsoft_teams_service_spec.rb
index 3ffe633868f..73c20359091 100644
--- a/spec/models/project_services/microsoft_teams_service_spec.rb
+++ b/spec/models/project_services/microsoft_teams_service_spec.rb
@@ -292,7 +292,8 @@ describe MicrosoftTeamsService do
 
       context 'when disabled' do
         let(:pipeline) do
-          create(:ci_pipeline, :failed, project: project, ref: 'not-the-default-branch')
+          create(:ci_pipeline, :failed, project: project,
+                 sha: project.commit.sha, ref: 'not-the-default-branch')
         end
 
         before do
diff --git a/spec/support/shared_examples/models/chat_service_shared_examples.rb b/spec/support/shared_examples/models/chat_service_shared_examples.rb
index 0a302e7d030..8d70c06c468 100644
--- a/spec/support/shared_examples/models/chat_service_shared_examples.rb
+++ b/spec/support/shared_examples/models/chat_service_shared_examples.rb
@@ -220,7 +220,8 @@ shared_examples_for "chat service" do |service_name|
 
       context "with not default branch" do
         let(:pipeline) do
-          create(:ci_pipeline, project: project, status: "failed", ref: "not-the-default-branch")
+          create(:ci_pipeline, :failed, project: project,
+                 sha: project.commit.sha, ref: "not-the-default-branch")
         end
 
         context "when notify_only_default_branch enabled" do
diff --git a/spec/support/shared_examples/slack_mattermost_notifications_shared_examples.rb b/spec/support/shared_examples/slack_mattermost_notifications_shared_examples.rb
index 36c486dbdd6..bbed3b1f6a9 100644
--- a/spec/support/shared_examples/slack_mattermost_notifications_shared_examples.rb
+++ b/spec/support/shared_examples/slack_mattermost_notifications_shared_examples.rb
@@ -452,7 +452,7 @@ RSpec.shared_examples 'slack or mattermost notifications' do
     context 'only notify for the default branch' do
       context 'when enabled' do
         let(:pipeline) do
-          create(:ci_pipeline, :failed, project: project, ref: 'not-the-default-branch')
+          create(:ci_pipeline, :failed, project: project, sha: project.commit.sha, ref: 'not-the-default-branch')
         end
 
         before do
@@ -470,7 +470,7 @@ RSpec.shared_examples 'slack or mattermost notifications' do
 
       context 'when disabled' do
         let(:pipeline) do
-          create(:ci_pipeline, :failed, project: project, ref: 'not-the-default-branch')
+          create(:ci_pipeline, :failed, project: project, sha: project.commit.sha, ref: 'not-the-default-branch')
         end
 
         before do
-- 
cgit v1.2.1


From ac7746de01522f0d1e4a5eaf20fab67984a5dd10 Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Thu, 25 Jul 2019 14:26:38 +0000
Subject: Update guidance for EE doc submissions

---
 doc/development/documentation/index.md | 43 ++++++++--------------------------
 1 file changed, 10 insertions(+), 33 deletions(-)

diff --git a/doc/development/documentation/index.md b/doc/development/documentation/index.md
index 8ce855594df..d717b17136e 100644
--- a/doc/development/documentation/index.md
+++ b/doc/development/documentation/index.md
@@ -57,35 +57,22 @@ See the [Structure](styleguide.md#structure) section of the [Documentation Style
 We currently maintain two sets of docs: one in the
 [gitlab-ce](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/doc) repo and
 one in [gitlab-ee](https://gitlab.com/gitlab-org/gitlab-ee/tree/master/doc).
-They are similar, and most pages are identical, but they are different repositories.
-With the single codebase effort, we want to make those two sets identical, so when the
-time comes to have only one codebase, we'll be ready.
-
-Here are some links to get you up to speed with the current effort:
-
-- [CE/EE codebases blueprint](https://about.gitlab.com/handbook/engineering/infrastructure/blueprint/ce-ee-codebases/)
-- [CE/EE codebases merge design](https://about.gitlab.com/handbook/engineering/infrastructure/design/merge-ce-ee-codebases/)
-- [Single docs codebase epic](https://gitlab.com/groups/gitlab-org/-/epics/199)
-- [Issue board of related issues](https://gitlab.com/groups/gitlab-org/-/boards/981090?&label_name[]=Documentation&label_name[]=single%20codebase)
-- [Related merge requests](https://gitlab.com/groups/gitlab-org/-/merge_requests?scope=all&utf8=%E2%9C%93&state=all&label_name[]=Documentation&label_name[]=single%20codebase)
-- [Visualize the existing diffs](https://leipert-projects.gitlab.io/is-gitlab-pretty-yet/diff/?search=%5Edoc)
+They are identical, but they are different repositories. When the
+time comes to have only one codebase for the GitLab project, we'll be ready.
 
 ### CE first
 
-After a given documentation path is aligned across CE and EE, all merge requests
-affecting that path must be submitted to CE, regardless of the content it has.
-This means that:
+All merge requests for documentation must be submitted to CE, regardless of the content
+it has. This means that:
 
-- For **EE-only docs changes**, you only have to submit a CE MR.
+- For **EE-only docs changes**, you only have to submit an MR in the CE project.
 - For **EE-only features** that touch both the code and the docs, you have to submit
-  an EE MR containing all changes, and a CE MR containing only the docs changes
+  an EE MR containing all code changes, and a CE MR containing only the docs changes
   and without a changelog entry.
 
 This might seem like a duplicate effort, but it's only for the short term.
-A list of the already aligned docs can be found in
-[the epic description](https://gitlab.com/groups/gitlab-org/-/epics/199#ee-specific-lines-check).
 
-Since the docs will be combined, it's crucial to add the relevant
+Since the CE and EE docs are combined, it's crucial to add the relevant
 [product badges](styleguide.md#product-badges) for all EE documentation, so that
 we can discern which features belong to which tier.
 
@@ -94,19 +81,9 @@ we can discern which features belong to which tier.
 There's a special test in place
 ([`ee_specific_check.rb`](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/scripts/ee_specific_check/ee_specific_check.rb)),
 which, among others, checks and prevents creating/editing new files and directories
-in EE under `doc/`.
-
-We have a long list of documentation paths that are either whitelisted or not.
-Paths in the whitelist (not commented out) will not be subject to the test,
-which means you are allowed to create/change docs content in EE for the time
-being. The goal is to not have any doc whitelisted.
-
-At the time of this writing, the only items left to be aligned are the API docs:
-
-- `doc/api/*` ([issue](https://gitlab.com/gitlab-org/gitlab-ce/issues/60045) / [merge request](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/27491))
-
-Eventually, once all docs are aligned, we'll remove any doc reference from that
-script, so it catches everything.
+in EE under `doc/`. This should fail when changes to anything in `/doc` are submitted
+in an EE MR. To pass the test, simply remove the docs changes from the EE MR, and
+[submit them in CE](#ce-first).
 
 ## Changing document location
 
-- 
cgit v1.2.1


From d5c10813955651d9129b30446a1419ab124dcc61 Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Thu, 25 Jul 2019 10:51:05 -0500
Subject: Extract resource_label_events API shared examples

This will allow us to reuse them in an EE-only spec.
---
 spec/requests/api/resource_label_events_spec.rb    | 42 ---------------------
 .../shared_examples/resource_label_events_api.rb   | 43 ++++++++++++++++++++++
 2 files changed, 43 insertions(+), 42 deletions(-)
 create mode 100644 spec/support/shared_examples/resource_label_events_api.rb

diff --git a/spec/requests/api/resource_label_events_spec.rb b/spec/requests/api/resource_label_events_spec.rb
index 37b46eaeb86..6ed407d81db 100644
--- a/spec/requests/api/resource_label_events_spec.rb
+++ b/spec/requests/api/resource_label_events_spec.rb
@@ -11,48 +11,6 @@ describe API::ResourceLabelEvents do
     project.add_developer(user)
   end
 
-  shared_examples 'resource_label_events API' do |parent_type, eventable_type, id_name|
-    describe "GET /#{parent_type}/:id/#{eventable_type}/:noteable_id/resource_label_events" do
-      it "returns an array of resource label events" do
-        get api("/#{parent_type}/#{parent.id}/#{eventable_type}/#{eventable[id_name]}/resource_label_events", user)
-
-        expect(response).to have_gitlab_http_status(200)
-        expect(response).to include_pagination_headers
-        expect(json_response).to be_an Array
-        expect(json_response.first['id']).to eq(event.id)
-      end
-
-      it "returns a 404 error when eventable id not found" do
-        get api("/#{parent_type}/#{parent.id}/#{eventable_type}/12345/resource_label_events", user)
-
-        expect(response).to have_gitlab_http_status(404)
-      end
-
-      it "returns 404 when not authorized" do
-        parent.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
-
-        get api("/#{parent_type}/#{parent.id}/#{eventable_type}/#{eventable[id_name]}/resource_label_events", private_user)
-
-        expect(response).to have_gitlab_http_status(404)
-      end
-    end
-
-    describe "GET /#{parent_type}/:id/#{eventable_type}/:noteable_id/resource_label_events/:event_id" do
-      it "returns a resource label event by id" do
-        get api("/#{parent_type}/#{parent.id}/#{eventable_type}/#{eventable[id_name]}/resource_label_events/#{event.id}", user)
-
-        expect(response).to have_gitlab_http_status(200)
-        expect(json_response['id']).to eq(event.id)
-      end
-
-      it "returns a 404 error if resource label event not found" do
-        get api("/#{parent_type}/#{parent.id}/#{eventable_type}/#{eventable[id_name]}/resource_label_events/12345", user)
-
-        expect(response).to have_gitlab_http_status(404)
-      end
-    end
-  end
-
   context 'when eventable is an Issue' do
     let(:issue) { create(:issue, project: project, author: user) }
 
diff --git a/spec/support/shared_examples/resource_label_events_api.rb b/spec/support/shared_examples/resource_label_events_api.rb
new file mode 100644
index 00000000000..6e317172823
--- /dev/null
+++ b/spec/support/shared_examples/resource_label_events_api.rb
@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+shared_examples 'resource_label_events API' do |parent_type, eventable_type, id_name|
+  describe "GET /#{parent_type}/:id/#{eventable_type}/:noteable_id/resource_label_events" do
+    it "returns an array of resource label events" do
+      get api("/#{parent_type}/#{parent.id}/#{eventable_type}/#{eventable[id_name]}/resource_label_events", user)
+
+      expect(response).to have_gitlab_http_status(200)
+      expect(response).to include_pagination_headers
+      expect(json_response).to be_an Array
+      expect(json_response.first['id']).to eq(event.id)
+    end
+
+    it "returns a 404 error when eventable id not found" do
+      get api("/#{parent_type}/#{parent.id}/#{eventable_type}/12345/resource_label_events", user)
+
+      expect(response).to have_gitlab_http_status(404)
+    end
+
+    it "returns 404 when not authorized" do
+      parent.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
+
+      get api("/#{parent_type}/#{parent.id}/#{eventable_type}/#{eventable[id_name]}/resource_label_events", private_user)
+
+      expect(response).to have_gitlab_http_status(404)
+    end
+  end
+
+  describe "GET /#{parent_type}/:id/#{eventable_type}/:noteable_id/resource_label_events/:event_id" do
+    it "returns a resource label event by id" do
+      get api("/#{parent_type}/#{parent.id}/#{eventable_type}/#{eventable[id_name]}/resource_label_events/#{event.id}", user)
+
+      expect(response).to have_gitlab_http_status(200)
+      expect(json_response['id']).to eq(event.id)
+    end
+
+    it "returns a 404 error if resource label event not found" do
+      get api("/#{parent_type}/#{parent.id}/#{eventable_type}/#{eventable[id_name]}/resource_label_events/12345", user)
+
+      expect(response).to have_gitlab_http_status(404)
+    end
+  end
+end
-- 
cgit v1.2.1


From 148df25638aa77d3b066788ada47d74005100c51 Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Thu, 25 Jul 2019 11:10:31 -0500
Subject: Simplify resource_label_events API shared example

We don't need a repository, and we only need a private user in one
example, so we can scope it locally there.
---
 spec/requests/api/resource_label_events_spec.rb           | 3 +--
 spec/support/shared_examples/resource_label_events_api.rb | 1 +
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/requests/api/resource_label_events_spec.rb b/spec/requests/api/resource_label_events_spec.rb
index 6ed407d81db..25bea627b0c 100644
--- a/spec/requests/api/resource_label_events_spec.rb
+++ b/spec/requests/api/resource_label_events_spec.rb
@@ -4,8 +4,7 @@ require 'spec_helper'
 
 describe API::ResourceLabelEvents do
   set(:user) { create(:user) }
-  set(:project) { create(:project, :public, :repository, namespace: user.namespace) }
-  set(:private_user) { create(:user) }
+  set(:project) { create(:project, :public, namespace: user.namespace) }
 
   before do
     project.add_developer(user)
diff --git a/spec/support/shared_examples/resource_label_events_api.rb b/spec/support/shared_examples/resource_label_events_api.rb
index 6e317172823..945cb8d9f2c 100644
--- a/spec/support/shared_examples/resource_label_events_api.rb
+++ b/spec/support/shared_examples/resource_label_events_api.rb
@@ -19,6 +19,7 @@ shared_examples 'resource_label_events API' do |parent_type, eventable_type, id_
 
     it "returns 404 when not authorized" do
       parent.update!(visibility_level: Gitlab::VisibilityLevel::PRIVATE)
+      private_user = create(:user)
 
       get api("/#{parent_type}/#{parent.id}/#{eventable_type}/#{eventable[id_name]}/resource_label_events", private_user)
 
-- 
cgit v1.2.1


From 6150eb2c3750a37c95426a9aabac54e48192d000 Mon Sep 17 00:00:00 2001
From: Greg Myers <gmyers@gitlab.com>
Date: Thu, 25 Jul 2019 17:13:50 +0000
Subject: Remove \ from unicorn\_stderr.log

---
 doc/administration/logs.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/administration/logs.md b/doc/administration/logs.md
index 44a33eb7bcf..31876dd178a 100644
--- a/doc/administration/logs.md
+++ b/doc/administration/logs.md
@@ -242,7 +242,7 @@ I, [2015-02-13T06:17:00.679433 #9291]  INFO -- : Moving existing hooks directory
 
 User clone/fetch activity using ssh transport appears in this log as `executing git command <gitaly-upload-pack...`.
 
-## `unicorn\_stderr.log`
+## `unicorn_stderr.log`
 
 This file lives in `/var/log/gitlab/unicorn/unicorn_stderr.log` for
 Omnibus GitLab packages or in `/home/git/gitlab/log/unicorn_stderr.log` for
-- 
cgit v1.2.1


From 412a0a6722baf54c638416e5f9052215991885a4 Mon Sep 17 00:00:00 2001
From: Andreas Brandl <abrandl@gitlab.com>
Date: Thu, 25 Jul 2019 16:30:45 +0000
Subject: Add points how to prepare for database reviews

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/65126.

Came up in the database office hours call on 2019-07-25.
---
 doc/development/database_review.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/doc/development/database_review.md b/doc/development/database_review.md
index 1413c2f69fb..3d10a0c84e5 100644
--- a/doc/development/database_review.md
+++ b/doc/development/database_review.md
@@ -68,6 +68,17 @@ make sure you have applied the ~database label and rerun the
 `danger-review` CI job, or pick someone from the
 [`@gl-database` team](https://gitlab.com/groups/gl-database/-/group_members).
 
+### How to prepare for speedy database reviews
+
+In order to make reviewing easier and therefore faster, please consider preparing a comment
+and details for a database reviewer:
+
+- Provide queries in SQL form rather than ActiveRecord.
+- Format any queries with a SQL query formatter, for example with [sqlformat.darold.net](http://sqlformat.darold.net).
+- Consider providing query plans via a link to [explain.depesz.com](https://explain.depesz.com) or another tool instead of textual form.
+- For query changes, it is best to provide the SQL query along with a plan *before* and *after* the change. This helps to spot differences quickly.
+- When providing query plans, make sure to use good parameter values, so that the query executed is a good example and also hits enough data. Usually, the `gitlab-org` namespace (`namespace_id = 9970`) and the `gitlab-org/gitlab-ce` project (`project_id = 13083`) provides enough data to serve as a good example.
+
 ### How to review for database
 
 - Check migrations
-- 
cgit v1.2.1


From f0b2ef0b5fc4600c2a941a9b506873bc9dd80594 Mon Sep 17 00:00:00 2001
From: Jacques Erasmus <jerasmus@gitlab.com>
Date: Thu, 25 Jul 2019 17:38:06 +0000
Subject: Update namespace label text for managed clusters

Added the ability to update the namespace label text for gitlab-managed
---
 .../pages/projects/clusters/show/index.js          |  2 +
 app/assets/javascripts/pages/projects/index.js     |  2 +
 .../projects/gke_cluster_namespace/index.js        | 35 +++++++++++++
 app/views/clusters/clusters/_namespace.html.haml   | 14 +++++
 app/views/clusters/clusters/user/_form.html.haml   |  9 ++--
 .../clusters/platforms/kubernetes/_form.html.haml  |  8 +--
 changelogs/unreleased/je-separate-namespace-fe.yml |  5 ++
 locale/gitlab.pot                                  |  9 ++++
 .../gke_cluster_namespace_spec.js                  | 61 ++++++++++++++++++++++
 9 files changed, 137 insertions(+), 8 deletions(-)
 create mode 100644 app/assets/javascripts/projects/gke_cluster_namespace/index.js
 create mode 100644 app/views/clusters/clusters/_namespace.html.haml
 create mode 100644 changelogs/unreleased/je-separate-namespace-fe.yml
 create mode 100644 spec/frontend/projects/gke_cluster_namespace/gke_cluster_namespace_spec.js

diff --git a/app/assets/javascripts/pages/projects/clusters/show/index.js b/app/assets/javascripts/pages/projects/clusters/show/index.js
index 8001d2dd1da..f091c01fc98 100644
--- a/app/assets/javascripts/pages/projects/clusters/show/index.js
+++ b/app/assets/javascripts/pages/projects/clusters/show/index.js
@@ -1,5 +1,7 @@
 import ClustersBundle from '~/clusters/clusters_bundle';
+import initGkeNamespace from '~/projects/gke_cluster_namespace';
 
 document.addEventListener('DOMContentLoaded', () => {
   new ClustersBundle(); // eslint-disable-line no-new
+  initGkeNamespace();
 });
diff --git a/app/assets/javascripts/pages/projects/index.js b/app/assets/javascripts/pages/projects/index.js
index d4bd02c14e9..55c377ebec0 100644
--- a/app/assets/javascripts/pages/projects/index.js
+++ b/app/assets/javascripts/pages/projects/index.js
@@ -1,4 +1,5 @@
 import initGkeDropdowns from '~/projects/gke_cluster_dropdowns';
+import initGkeNamespace from '~/projects/gke_cluster_namespace';
 import PersistentUserCallout from '../../persistent_user_callout';
 import Project from './project';
 import ShortcutsNavigation from '../../behaviors/shortcuts/shortcuts_navigation';
@@ -16,6 +17,7 @@ document.addEventListener('DOMContentLoaded', () => {
     PersistentUserCallout.factory(callout);
 
     initGkeDropdowns();
+    initGkeNamespace();
   }
 
   new Project(); // eslint-disable-line no-new
diff --git a/app/assets/javascripts/projects/gke_cluster_namespace/index.js b/app/assets/javascripts/projects/gke_cluster_namespace/index.js
new file mode 100644
index 00000000000..288740203ad
--- /dev/null
+++ b/app/assets/javascripts/projects/gke_cluster_namespace/index.js
@@ -0,0 +1,35 @@
+/**
+ * Disables & hides the namespace inputs when the gitlab-managed checkbox is checked/unchecked.
+ */
+
+const setDisabled = (el, isDisabled) => {
+  if (isDisabled) {
+    el.classList.add('hidden');
+    el.querySelector('input').setAttribute('disabled', true);
+  } else {
+    el.classList.remove('hidden');
+    el.querySelector('input').removeAttribute('disabled');
+  }
+};
+
+const setState = glManagedCheckbox => {
+  const glManaged = document.querySelector('.js-namespace-prefixed');
+  const selfManaged = document.querySelector('.js-namespace');
+
+  if (glManagedCheckbox.checked) {
+    setDisabled(glManaged, false);
+    setDisabled(selfManaged, true);
+  } else {
+    setDisabled(glManaged, true);
+    setDisabled(selfManaged, false);
+  }
+};
+
+const initGkeNamespace = () => {
+  const glManagedCheckbox = document.querySelector('.js-gl-managed');
+
+  setState(glManagedCheckbox); // this is needed in order to set the initial state
+  glManagedCheckbox.addEventListener('change', () => setState(glManagedCheckbox));
+};
+
+export default initGkeNamespace;
diff --git a/app/views/clusters/clusters/_namespace.html.haml b/app/views/clusters/clusters/_namespace.html.haml
new file mode 100644
index 00000000000..0c64819ad62
--- /dev/null
+++ b/app/views/clusters/clusters/_namespace.html.haml
@@ -0,0 +1,14 @@
+- managed_namespace_help_text = s_('ClusterIntegration|Choose a prefix to be used for your namespaces. Defaults to your project path.')
+- non_managed_namespace_help_text = s_('ClusterIntegration|The namespace associated with your project. This will be used for deploy boards, pod logs, and Web terminals.')
+- managed_namespace_help_link = link_to _('More information'), help_page_path('user/project/clusters/index.md',
+  anchor: 'gitlab-managed-clusters'), target: '_blank'
+
+.js-namespace-prefixed
+  = platform_field.text_field :namespace,
+    label: s_('ClusterIntegration|Project namespace prefix (optional, unique)'), label_class: 'label-bold',
+    help: '%{help_text} %{help_link}'.html_safe % { help_text: managed_namespace_help_text, help_link: managed_namespace_help_link }
+.js-namespace.hidden
+  = platform_field.text_field :namespace,
+    label: s_('ClusterIntegration|Project namespace (optional, unique)'), label_class: 'label-bold',
+    help: '%{help_text}'.html_safe % { help_text: non_managed_namespace_help_text },
+    disabled: true
diff --git a/app/views/clusters/clusters/user/_form.html.haml b/app/views/clusters/clusters/user/_form.html.haml
index f2fc5ac93fb..1d212553c3b 100644
--- a/app/views/clusters/clusters/user/_form.html.haml
+++ b/app/views/clusters/clusters/user/_form.html.haml
@@ -34,10 +34,6 @@
       autocomplete: 'off', label_class: 'label-bold',
       help: '%{help_text} %{help_link}'.html_safe % { help_text: token_help_text, help_link: more_info_link }
 
-    - if @user_cluster.allow_user_defined_namespace?
-      = platform_kubernetes_field.text_field :namespace,
-        label: s_('ClusterIntegration|Project namespace (optional, unique)'), label_class: 'label-bold'
-
     = platform_kubernetes_field.form_group :authorization_type,
       { help: '%{help_text} %{help_link}'.html_safe % { help_text: rbac_help_text, help_link: rbac_help_link } } do
       = platform_kubernetes_field.check_box :authorization_type,
@@ -46,10 +42,15 @@
 
   .form-group
     = field.check_box :managed, { label: s_('ClusterIntegration|GitLab-managed cluster'),
+      class: 'js-gl-managed',
       label_class: 'label-bold' }
     .form-text.text-muted
       = s_('ClusterIntegration|Allow GitLab to manage namespace and service accounts for this cluster.')
       = link_to _('More information'), help_page_path('user/project/clusters/index.md', anchor: 'gitlab-managed-clusters'), target: '_blank'
 
+  = field.fields_for :platform_kubernetes, @user_cluster.platform_kubernetes do |platform_kubernetes_field|
+    - if @user_cluster.allow_user_defined_namespace?
+      = render('clusters/clusters/namespace', platform_field: platform_kubernetes_field)
+
   .form-group
     = field.submit s_('ClusterIntegration|Add Kubernetes cluster'), class: 'btn btn-success'
diff --git a/app/views/clusters/platforms/kubernetes/_form.html.haml b/app/views/clusters/platforms/kubernetes/_form.html.haml
index f2e44462226..e50c573bd90 100644
--- a/app/views/clusters/platforms/kubernetes/_form.html.haml
+++ b/app/views/clusters/platforms/kubernetes/_form.html.haml
@@ -36,10 +36,6 @@
     label: s_('ClusterIntegration|Service Token'), label_class: 'label-bold',
     input_group_class: 'gl-field-error-anchor', append: show_token_btn + copy_token_btn
 
-    - if cluster.allow_user_defined_namespace?
-      = platform_field.text_field :namespace, label: s_('ClusterIntegration|Project namespace (optional, unique)'),
-        label_class: 'label-bold'
-
     = platform_field.form_group :authorization_type do
       = platform_field.check_box :authorization_type, { disabled: true, label: s_('ClusterIntegration|RBAC-enabled cluster'),
       label_class: 'label-bold', inline: true }, 'rbac', 'abac'
@@ -49,10 +45,14 @@
 
     .form-group
       = field.check_box :managed, { label: s_('ClusterIntegration|GitLab-managed cluster'),
+        class: 'js-gl-managed',
         label_class: 'label-bold' }
       .form-text.text-muted
         = s_('ClusterIntegration|Allow GitLab to manage namespace and service accounts for this cluster.')
         = link_to _('More information'), help_page_path('user/project/clusters/index.md', anchor: 'gitlab-managed-clusters'), target: '_blank'
 
+    - if cluster.allow_user_defined_namespace?
+      = render('clusters/clusters/namespace', platform_field: platform_field)
+
   .form-group
     = field.submit s_('ClusterIntegration|Save changes'), class: 'btn btn-success'
diff --git a/changelogs/unreleased/je-separate-namespace-fe.yml b/changelogs/unreleased/je-separate-namespace-fe.yml
new file mode 100644
index 00000000000..fb6be071eb6
--- /dev/null
+++ b/changelogs/unreleased/je-separate-namespace-fe.yml
@@ -0,0 +1,5 @@
+---
+title: Update namespace label for GitLab-managed clusters
+merge_request: 30935
+author:
+type: added
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 996f082f197..ed71a4b42d9 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -2383,6 +2383,9 @@ msgstr ""
 msgid "ClusterIntegration|Certificate Authority bundle (PEM format)"
 msgstr ""
 
+msgid "ClusterIntegration|Choose a prefix to be used for your namespaces. Defaults to your project path."
+msgstr ""
+
 msgid "ClusterIntegration|Choose which applications to install on your Kubernetes cluster. Helm Tiller is required to install any of the following applications."
 msgstr ""
 
@@ -2620,6 +2623,9 @@ msgstr ""
 msgid "ClusterIntegration|Project namespace (optional, unique)"
 msgstr ""
 
+msgid "ClusterIntegration|Project namespace prefix (optional, unique)"
+msgstr ""
+
 msgid "ClusterIntegration|Prometheus"
 msgstr ""
 
@@ -2728,6 +2734,9 @@ msgstr ""
 msgid "ClusterIntegration|The endpoint is in the process of being assigned. Please check your Kubernetes cluster or Quotas on Google Kubernetes Engine if it takes a long time."
 msgstr ""
 
+msgid "ClusterIntegration|The namespace associated with your project. This will be used for deploy boards, pod logs, and Web terminals."
+msgstr ""
+
 msgid "ClusterIntegration|There was a problem authenticating with your cluster. Please ensure your CA Certificate and Token are valid."
 msgstr ""
 
diff --git a/spec/frontend/projects/gke_cluster_namespace/gke_cluster_namespace_spec.js b/spec/frontend/projects/gke_cluster_namespace/gke_cluster_namespace_spec.js
new file mode 100644
index 00000000000..7b8df03d3c3
--- /dev/null
+++ b/spec/frontend/projects/gke_cluster_namespace/gke_cluster_namespace_spec.js
@@ -0,0 +1,61 @@
+import initGkeNamespace from '~/projects/gke_cluster_namespace';
+
+describe('GKE cluster namespace', () => {
+  const changeEvent = new Event('change');
+  const isHidden = el => el.classList.contains('hidden');
+  const hasDisabledInput = el => el.querySelector('input').disabled;
+
+  let glManagedCheckbox;
+  let selfManaged;
+  let glManaged;
+
+  beforeEach(() => {
+    setFixtures(`
+      <input class="js-gl-managed" type="checkbox" value="1" checked />
+      <div class="js-namespace">
+        <input type="text" />
+      </div>      
+      <div class="js-namespace-prefixed">
+        <input type="text" />
+      </div>
+    `);
+
+    glManagedCheckbox = document.querySelector('.js-gl-managed');
+    selfManaged = document.querySelector('.js-namespace');
+    glManaged = document.querySelector('.js-namespace-prefixed');
+
+    initGkeNamespace();
+  });
+
+  describe('GKE cluster namespace toggles', () => {
+    it('initially displays the GitLab-managed label and input', () => {
+      expect(isHidden(glManaged)).toEqual(false);
+      expect(hasDisabledInput(glManaged)).toEqual(false);
+
+      expect(isHidden(selfManaged)).toEqual(true);
+      expect(hasDisabledInput(selfManaged)).toEqual(true);
+    });
+
+    it('displays the self-managed label and input when the Gitlab-managed checkbox is unchecked', () => {
+      glManagedCheckbox.checked = false;
+      glManagedCheckbox.dispatchEvent(changeEvent);
+
+      expect(isHidden(glManaged)).toEqual(true);
+      expect(hasDisabledInput(glManaged)).toEqual(true);
+
+      expect(isHidden(selfManaged)).toEqual(false);
+      expect(hasDisabledInput(selfManaged)).toEqual(false);
+    });
+
+    it('displays the GitLab-managed label and input when the Gitlab-managed checkbox is checked', () => {
+      glManagedCheckbox.checked = true;
+      glManagedCheckbox.dispatchEvent(changeEvent);
+
+      expect(isHidden(glManaged)).toEqual(false);
+      expect(hasDisabledInput(glManaged)).toEqual(false);
+
+      expect(isHidden(selfManaged)).toEqual(true);
+      expect(hasDisabledInput(selfManaged)).toEqual(true);
+    });
+  });
+});
-- 
cgit v1.2.1


From edfba2bbe729c4be88b602a08410a9ece349ad2e Mon Sep 17 00:00:00 2001
From: Peter Leitzen <pleitzen@gitlab.com>
Date: Thu, 25 Jul 2019 18:40:46 +0000
Subject: Add doc about incident issue labels

---
 doc/user/project/integrations/prometheus.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/doc/user/project/integrations/prometheus.md b/doc/user/project/integrations/prometheus.md
index 61c30e0b0ef..ba982c9cf6f 100644
--- a/doc/user/project/integrations/prometheus.md
+++ b/doc/user/project/integrations/prometheus.md
@@ -326,6 +326,8 @@ Once enabled, an issue will be opened automatically when an alert is triggered w
 
 To further customize the issue, you can add labels, mentions, or any other supported [quick action](../quick_actions.md) in the selected issue template.
 
+Since [version 12.2](https://gitlab.com/gitlab-org/gitlab-ce/issues/63373), GitLab will tag each incident issue with the `incident` label automatically. If the label does not yet exist, it will be created automatically as well.
+
 If the metric exceeds the threshold of the alert for over 5 minutes, an email will be sent to all [Maintainers and Owners](../../permissions.md#project-members-permissions) of the project.
 
 ## Determining the performance impact of a merge
-- 
cgit v1.2.1


From 64f3324096e759b599682ef7ce5bdee75c9701b2 Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Thu, 25 Jul 2019 18:43:52 +0000
Subject: Add default for outbound_local_requests_whitelist

It needs to default to an empty array logically.
---
 ...ge_outbound_local_requests_whitelist_default.rb | 30 ++++++++++++++++++++++
 db/schema.rb                                       |  4 +--
 ...tbound_local_requests_whitelist_default_spec.rb | 21 +++++++++++++++
 3 files changed, 53 insertions(+), 2 deletions(-)
 create mode 100644 db/migrate/20190725012225_change_outbound_local_requests_whitelist_default.rb
 create mode 100644 spec/migrations/change_outbound_local_requests_whitelist_default_spec.rb

diff --git a/db/migrate/20190725012225_change_outbound_local_requests_whitelist_default.rb b/db/migrate/20190725012225_change_outbound_local_requests_whitelist_default.rb
new file mode 100644
index 00000000000..21b00e0b7d9
--- /dev/null
+++ b/db/migrate/20190725012225_change_outbound_local_requests_whitelist_default.rb
@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+class ChangeOutboundLocalRequestsWhitelistDefault < ActiveRecord::Migration[5.2]
+  include Gitlab::Database::MigrationHelpers
+
+  # Set this constant to true if this migration requires downtime.
+  DOWNTIME = false
+
+  class ApplicationSetting < ActiveRecord::Base
+    self.table_name = 'application_settings'
+  end
+
+  def up
+    default_value = []
+
+    change_column_default(:application_settings, :outbound_local_requests_whitelist, default_value)
+
+    ApplicationSetting
+      .where(outbound_local_requests_whitelist: nil)
+      .update(outbound_local_requests_whitelist: default_value)
+
+    change_column_null(:application_settings, :outbound_local_requests_whitelist, false)
+  end
+
+  def down
+    change_column_null(:application_settings, :outbound_local_requests_whitelist, true)
+
+    change_column_default(:application_settings, :outbound_local_requests_whitelist, nil)
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 2ec8fcce8f8..dbfc5959d9d 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2019_07_15_142138) do
+ActiveRecord::Schema.define(version: 2019_07_25_012225) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "pg_trgm"
@@ -228,7 +228,7 @@ ActiveRecord::Schema.define(version: 2019_07_15_142138) do
     t.boolean "lock_memberships_to_ldap", default: false, null: false
     t.boolean "time_tracking_limit_to_hours", default: false, null: false
     t.string "grafana_url", default: "/-/grafana", null: false
-    t.string "outbound_local_requests_whitelist", limit: 255, array: true
+    t.string "outbound_local_requests_whitelist", limit: 255, default: [], null: false, array: true
     t.integer "raw_blob_request_limit", default: 300, null: false
     t.index ["custom_project_templates_group_id"], name: "index_application_settings_on_custom_project_templates_group_id"
     t.index ["file_template_project_id"], name: "index_application_settings_on_file_template_project_id"
diff --git a/spec/migrations/change_outbound_local_requests_whitelist_default_spec.rb b/spec/migrations/change_outbound_local_requests_whitelist_default_spec.rb
new file mode 100644
index 00000000000..232f6f090c3
--- /dev/null
+++ b/spec/migrations/change_outbound_local_requests_whitelist_default_spec.rb
@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+require Rails.root.join('db', 'migrate', '20190725012225_change_outbound_local_requests_whitelist_default.rb')
+
+describe ChangeOutboundLocalRequestsWhitelistDefault, :migration do
+  let(:application_settings) { table(:application_settings) }
+
+  it 'defaults to empty array' do
+    setting = application_settings.create!
+    setting_with_value = application_settings.create!(outbound_local_requests_whitelist: '{a,b}')
+
+    expect(application_settings.where(outbound_local_requests_whitelist: nil).count).to eq(1)
+
+    migrate!
+
+    expect(application_settings.where(outbound_local_requests_whitelist: nil).count).to eq(0)
+    expect(setting.reload.outbound_local_requests_whitelist).to eq([])
+    expect(setting_with_value.reload.outbound_local_requests_whitelist).to eq(%w[a b])
+  end
+end
-- 
cgit v1.2.1


From 38ab1ae2f200e2071ea7329e106beb1b9232f44c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Tue, 23 Jul 2019 21:29:12 +0200
Subject: Rename latest_successful to be more explicit

* Reword Project#latest_successful_build_for to
Project#latest_successful_build_for_ref
* Reword Ci::Pipeline#latest_successful_for to
Ci::Pipeline#latest_successful_build_for_ref
---
 .../projects/build_artifacts_controller.rb         |  2 +-
 app/models/ci/pipeline.rb                          |  3 ++-
 app/models/project.rb                              | 14 +++++------
 lib/api/job_artifacts.rb                           |  4 ++--
 lib/gitlab/badge/coverage/report.rb                |  2 +-
 spec/models/ci/pipeline_spec.rb                    |  4 ++--
 spec/models/project_spec.rb                        | 28 +++++++++++-----------
 7 files changed, 29 insertions(+), 28 deletions(-)

diff --git a/app/controllers/projects/build_artifacts_controller.rb b/app/controllers/projects/build_artifacts_controller.rb
index 4274c356227..99f4524eec5 100644
--- a/app/controllers/projects/build_artifacts_controller.rb
+++ b/app/controllers/projects/build_artifacts_controller.rb
@@ -51,6 +51,6 @@ class Projects::BuildArtifactsController < Projects::ApplicationController
   def job_from_ref
     return unless @ref_name
 
-    project.latest_successful_build_for(params[:job], @ref_name)
+    project.latest_successful_build_for_ref(params[:job], @ref_name)
   end
 end
diff --git a/app/models/ci/pipeline.rb b/app/models/ci/pipeline.rb
index f70ff7e3192..08fd1f81ffc 100644
--- a/app/models/ci/pipeline.rb
+++ b/app/models/ci/pipeline.rb
@@ -229,6 +229,7 @@ module Ci
     #
     # ref - The name (or names) of the branch(es)/tag(s) to limit the list of
     #       pipelines to.
+    # sha - The commit SHA (or mutliple SHAs) to limit the list of pipelines to.
     # limit - This limits a backlog search, default to 100.
     def self.newest_first(ref: nil, sha: nil, limit: 100)
       relation = order(id: :desc)
@@ -249,7 +250,7 @@ module Ci
       newest_first(ref: ref).pluck(:status).first
     end
 
-    def self.latest_successful_for(ref)
+    def self.latest_successful_for_ref(ref)
       newest_first(ref: ref).success.take
     end
 
diff --git a/app/models/project.rb b/app/models/project.rb
index 9616e8c9748..dd0922a2fbf 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -720,16 +720,16 @@ class Project < ApplicationRecord
   end
 
   # ref can't be HEAD, can only be branch/tag name
-  def latest_successful_build_for(job_name, ref = default_branch)
+  def latest_successful_build_for_ref(job_name, ref = default_branch)
     return unless ref
 
-    latest_pipeline = ci_pipelines.latest_successful_for(ref)
+    latest_pipeline = ci_pipelines.latest_successful_for_ref(ref)
     return unless latest_pipeline
 
     latest_pipeline.builds.latest.with_artifacts_archive.find_by(name: job_name)
   end
 
-  def latest_successful_build_for_sha(job_name, sha = commit(default_branch).id)
+  def latest_successful_build_for_sha(job_name, sha)
     return unless sha
 
     latest_pipeline = ci_pipelines.latest_successful_for_sha(sha)
@@ -738,8 +738,8 @@ class Project < ApplicationRecord
     latest_pipeline.builds.latest.with_artifacts_archive.find_by(name: job_name)
   end
 
-  def latest_successful_build_for!(job_name, ref = default_branch)
-    latest_successful_build_for(job_name, ref) || raise(ActiveRecord::RecordNotFound.new("Couldn't find job #{job_name}"))
+  def latest_successful_build_for_ref!(job_name, ref = default_branch)
+    latest_successful_build_for_ref(job_name, ref) || raise(ActiveRecord::RecordNotFound.new("Couldn't find job #{job_name}"))
   end
 
   def merge_base_commit(first_commit_id, second_commit_id)
@@ -1514,12 +1514,12 @@ class Project < ApplicationRecord
     end
 
     @latest_successful_pipeline_for_default_branch =
-      ci_pipelines.latest_successful_for(default_branch)
+      ci_pipelines.latest_successful_for_ref(default_branch)
   end
 
   def latest_successful_pipeline_for(ref = nil)
     if ref && ref != default_branch
-      ci_pipelines.latest_successful_for(ref)
+      ci_pipelines.latest_successful_for_ref(ref)
     else
       latest_successful_pipeline_for_default_branch
     end
diff --git a/lib/api/job_artifacts.rb b/lib/api/job_artifacts.rb
index e7fed55170e..b35aa952f81 100644
--- a/lib/api/job_artifacts.rb
+++ b/lib/api/job_artifacts.rb
@@ -27,7 +27,7 @@ module API
         requirements: { ref_name: /.+/ } do
         authorize_download_artifacts!
 
-        latest_build = user_project.latest_successful_build_for!(params[:job], params[:ref_name])
+        latest_build = user_project.latest_successful_build_for_ref!(params[:job], params[:ref_name])
 
         present_carrierwave_file!(latest_build.artifacts_file)
       end
@@ -45,7 +45,7 @@ module API
           requirements: { ref_name: /.+/ } do
         authorize_download_artifacts!
 
-        build = user_project.latest_successful_build_for!(params[:job], params[:ref_name])
+        build = user_project.latest_successful_build_for_ref!(params[:job], params[:ref_name])
 
         path = Gitlab::Ci::Build::Artifacts::Path
                  .new(params[:artifact_path])
diff --git a/lib/gitlab/badge/coverage/report.rb b/lib/gitlab/badge/coverage/report.rb
index 7f7cc62c8ef..15cccc6f287 100644
--- a/lib/gitlab/badge/coverage/report.rb
+++ b/lib/gitlab/badge/coverage/report.rb
@@ -14,7 +14,7 @@ module Gitlab
           @ref = ref
           @job = job
 
-          @pipeline = @project.ci_pipelines.latest_successful_for(@ref)
+          @pipeline = @project.ci_pipelines.latest_successful_for_ref(@ref)
         end
 
         def entity
diff --git a/spec/models/ci/pipeline_spec.rb b/spec/models/ci/pipeline_spec.rb
index e3f699d9ad3..1fb83fbb088 100644
--- a/spec/models/ci/pipeline_spec.rb
+++ b/spec/models/ci/pipeline_spec.rb
@@ -1799,7 +1799,7 @@ describe Ci::Pipeline, :mailer do
     end
   end
 
-  describe '.latest_successful_for' do
+  describe '.latest_successful_for_ref' do
     include_context 'with some outdated pipelines'
 
     let!(:latest_successful_pipeline) do
@@ -1807,7 +1807,7 @@ describe Ci::Pipeline, :mailer do
     end
 
     it 'returns the latest successful pipeline' do
-      expect(described_class.latest_successful_for('ref'))
+      expect(described_class.latest_successful_for_ref('ref'))
         .to eq(latest_successful_pipeline)
     end
   end
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index e88c6a60fec..fc778174314 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -2019,7 +2019,7 @@ describe Project do
     end
   end
 
-  describe '#latest_successful_build_for' do
+  describe '#latest_successful_build_for_ref' do
     let(:project) { create(:project, :repository) }
     let(:pipeline) { create_pipeline(project) }
 
@@ -2032,7 +2032,7 @@ describe Project do
         build1_p2 = create_build(pipeline2, 'test')
         create_build(pipeline2, 'test2')
 
-        expect(project.latest_successful_build_for(build1_p2.name))
+        expect(project.latest_successful_build_for_ref(build1_p2.name))
           .to eq(build1_p2)
       end
     end
@@ -2042,12 +2042,12 @@ describe Project do
 
       context 'standalone pipeline' do
         it 'returns builds for ref for default_branch' do
-          expect(project.latest_successful_build_for(build.name))
+          expect(project.latest_successful_build_for_ref(build.name))
             .to eq(build)
         end
 
         it 'returns empty relation if the build cannot be found' do
-          expect(project.latest_successful_build_for('TAIL'))
+          expect(project.latest_successful_build_for_ref('TAIL'))
             .to be_nil
         end
       end
@@ -2058,7 +2058,7 @@ describe Project do
         end
 
         it 'gives the latest build from latest pipeline' do
-          expect(project.latest_successful_build_for(build.name))
+          expect(project.latest_successful_build_for_ref(build.name))
             .to eq(build)
         end
       end
@@ -2069,7 +2069,7 @@ describe Project do
         pipeline.update(status: 'pending')
         pending_build = create_build(pipeline)
 
-        expect(project.latest_successful_build_for(pending_build.name)).to be_nil
+        expect(project.latest_successful_build_for_ref(pending_build.name)).to be_nil
       end
     end
   end
@@ -2129,7 +2129,7 @@ describe Project do
     end
   end
 
-  describe '#latest_successful_build_for!' do
+  describe '#latest_successful_build_for_ref!' do
     let(:project) { create(:project, :repository) }
     let(:pipeline) { create_pipeline(project) }
 
@@ -2142,7 +2142,7 @@ describe Project do
         build1_p2 = create_build(pipeline2, 'test')
         create_build(pipeline2, 'test2')
 
-        expect(project.latest_successful_build_for(build1_p2.name))
+        expect(project.latest_successful_build_for_ref!(build1_p2.name))
           .to eq(build1_p2)
       end
     end
@@ -2152,12 +2152,12 @@ describe Project do
 
       context 'standalone pipeline' do
         it 'returns builds for ref for default_branch' do
-          expect(project.latest_successful_build_for!(build.name))
+          expect(project.latest_successful_build_for_ref!(build.name))
             .to eq(build)
         end
 
         it 'returns exception if the build cannot be found' do
-          expect { project.latest_successful_build_for!(build.name, 'TAIL') }
+          expect { project.latest_successful_build_for_ref!(build.name, 'TAIL') }
             .to raise_error(ActiveRecord::RecordNotFound)
         end
       end
@@ -2168,7 +2168,7 @@ describe Project do
         end
 
         it 'gives the latest build from latest pipeline' do
-          expect(project.latest_successful_build_for!(build.name))
+          expect(project.latest_successful_build_for_ref!(build.name))
             .to eq(build)
         end
       end
@@ -2179,7 +2179,7 @@ describe Project do
         pipeline.update(status: 'pending')
         pending_build = create_build(pipeline)
 
-        expect { project.latest_successful_build_for!(pending_build.name) }
+        expect { project.latest_successful_build_for_ref!(pending_build.name) }
           .to raise_error(ActiveRecord::RecordNotFound)
       end
     end
@@ -4091,7 +4091,7 @@ describe Project do
 
     context 'with a ref that is not the default branch' do
       it 'returns the latest successful pipeline for the given ref' do
-        expect(project.ci_pipelines).to receive(:latest_successful_for).with('foo')
+        expect(project.ci_pipelines).to receive(:latest_successful_for_ref).with('foo')
 
         project.latest_successful_pipeline_for('foo')
       end
@@ -4119,7 +4119,7 @@ describe Project do
     it 'memoizes and returns the latest successful pipeline for the default branch' do
       pipeline = double(:pipeline)
 
-      expect(project.ci_pipelines).to receive(:latest_successful_for)
+      expect(project.ci_pipelines).to receive(:latest_successful_for_ref)
         .with(project.default_branch)
         .and_return(pipeline)
         .once
-- 
cgit v1.2.1


From ae58f82e62d60edf0a1de2790d1798f5b5f16b28 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Tue, 23 Jul 2019 22:13:56 +0200
Subject: Extract common spec elements to shared_examples

---
 spec/models/project_spec.rb                        | 100 ++-------------------
 ...project_latest_successful_build_for_examples.rb |  63 +++++++++++++
 2 files changed, 71 insertions(+), 92 deletions(-)
 create mode 100644 spec/support/shared_examples/project_latest_successful_build_for_examples.rb

diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index fc778174314..a44afe9285f 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -2023,54 +2023,16 @@ describe Project do
     let(:project) { create(:project, :repository) }
     let(:pipeline) { create_pipeline(project) }
 
-    context 'with many builds' do
-      it 'gives the latest builds from latest pipeline' do
-        pipeline1 = create_pipeline(project)
-        pipeline2 = create_pipeline(project)
-        create_build(pipeline1, 'test')
-        create_build(pipeline1, 'test2')
-        build1_p2 = create_build(pipeline2, 'test')
-        create_build(pipeline2, 'test2')
-
-        expect(project.latest_successful_build_for_ref(build1_p2.name))
-          .to eq(build1_p2)
-      end
-    end
+    it_behaves_like 'latest successful build for sha or ref'
 
-    context 'with succeeded pipeline' do
-      let!(:build) { create_build }
+    subject { project.latest_successful_build_for_ref(build_name) }
 
-      context 'standalone pipeline' do
-        it 'returns builds for ref for default_branch' do
-          expect(project.latest_successful_build_for_ref(build.name))
-            .to eq(build)
-        end
+    context 'with a specified ref' do
+      let(:build) { create_build }
 
-        it 'returns empty relation if the build cannot be found' do
-          expect(project.latest_successful_build_for_ref('TAIL'))
-            .to be_nil
-        end
-      end
+      subject { project.latest_successful_build_for_ref(build.name, project.default_branch) }
 
-      context 'with some pending pipeline' do
-        before do
-          create_build(create_pipeline(project, 'pending'))
-        end
-
-        it 'gives the latest build from latest pipeline' do
-          expect(project.latest_successful_build_for_ref(build.name))
-            .to eq(build)
-        end
-      end
-    end
-
-    context 'with pending pipeline' do
-      it 'returns empty relation' do
-        pipeline.update(status: 'pending')
-        pending_build = create_build(pipeline)
-
-        expect(project.latest_successful_build_for_ref(pending_build.name)).to be_nil
-      end
+      it { is_expected.to eq(build) }
     end
   end
 
@@ -2078,55 +2040,9 @@ describe Project do
     let(:project) { create(:project, :repository) }
     let(:pipeline) { create_pipeline(project) }
 
-    context 'with many builds' do
-      it 'gives the latest builds from latest pipeline' do
-        pipeline1 = create_pipeline(project)
-        pipeline2 = create_pipeline(project)
-        create_build(pipeline1, 'test')
-        create_build(pipeline1, 'test2')
-        build1_p2 = create_build(pipeline2, 'test')
-        create_build(pipeline2, 'test2')
-
-        expect(project.latest_successful_build_for_sha(build1_p2.name))
-          .to eq(build1_p2)
-      end
-    end
-
-    context 'with succeeded pipeline' do
-      let!(:build) { create_build }
-
-      context 'standalone pipeline' do
-        it 'returns builds for ref for default_branch' do
-          expect(project.latest_successful_build_for_sha(build.name))
-            .to eq(build)
-        end
+    it_behaves_like 'latest successful build for sha or ref'
 
-        it 'returns empty relation if the build cannot be found' do
-          expect(project.latest_successful_build_for_sha('TAIL'))
-            .to be_nil
-        end
-      end
-
-      context 'with some pending pipeline' do
-        before do
-          create_build(create_pipeline(project, 'pending'))
-        end
-
-        it 'gives the latest build from latest pipeline' do
-          expect(project.latest_successful_build_for_sha(build.name))
-            .to eq(build)
-        end
-      end
-    end
-
-    context 'with pending pipeline' do
-      it 'returns empty relation' do
-        pipeline.update(status: 'pending')
-        pending_build = create_build(pipeline)
-
-        expect(project.latest_successful_build_for_sha(pending_build.name)).to be_nil
-      end
-    end
+    subject { project.latest_successful_build_for_sha(build_name, project.commit.sha) }
   end
 
   describe '#latest_successful_build_for_ref!' do
diff --git a/spec/support/shared_examples/project_latest_successful_build_for_examples.rb b/spec/support/shared_examples/project_latest_successful_build_for_examples.rb
new file mode 100644
index 00000000000..a9bd23e9fc9
--- /dev/null
+++ b/spec/support/shared_examples/project_latest_successful_build_for_examples.rb
@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+shared_examples 'latest successful build for sha or ref' do
+  context 'with many builds' do
+    let(:other_pipeline) { create_pipeline(project) }
+    let(:other_build) { create_build(other_pipeline, 'test') }
+    let(:build_name) { other_build.name }
+
+    before do
+      pipeline1 = create_pipeline(project)
+      pipeline2 = create_pipeline(project)
+      create_build(pipeline1, 'test')
+      create_build(pipeline1, 'test2')
+      create_build(pipeline2, 'test2')
+    end
+
+    it 'gives the latest builds from latest pipeline' do
+      expect(subject).to eq(other_build)
+    end
+  end
+
+  context 'with succeeded pipeline' do
+    let!(:build) { create_build }
+    let(:build_name) { build.name }
+
+    context 'standalone pipeline' do
+      it 'returns builds for ref for default_branch' do
+        expect(subject).to eq(build)
+      end
+
+      context 'with nonexistent build' do
+        let(:build_name) { 'TAIL' }
+
+        it 'returns empty relation if the build cannot be found' do
+          expect(subject).to be_nil
+        end
+      end
+    end
+
+    context 'with some pending pipeline' do
+      before do
+        create_build(create_pipeline(project, 'pending'))
+      end
+
+      it 'gives the latest build from latest pipeline' do
+        expect(subject).to eq(build)
+      end
+    end
+  end
+
+  context 'with pending pipeline' do
+    let!(:pending_build) { create_build(pipeline) }
+    let(:build_name) { pending_build.name }
+
+    before do
+      pipeline.update(status: 'pending')
+    end
+
+    it 'returns empty relation' do
+      expect(subject).to be_nil
+    end
+  end
+end
-- 
cgit v1.2.1


From 0f7d8c04219a5631d48a2eff59d4a5daa881787f Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Thu, 25 Jul 2019 22:49:13 +0000
Subject: Update links to relative

Following the single docs codebase change, all internal links
should be relative. Also cleans up one table
---
 doc/development/documentation/styleguide.md       |  2 +-
 doc/development/testing_guide/frontend_testing.md |  2 +-
 doc/install/azure/index.md                        |  7 +-
 doc/integration/README.md                         |  4 +-
 doc/topics/autodevops/index.md                    | 86 +++++++++++------------
 doc/user/project/protected_branches.md            |  1 -
 6 files changed, 48 insertions(+), 54 deletions(-)

diff --git a/doc/development/documentation/styleguide.md b/doc/development/documentation/styleguide.md
index 36ffc02644e..dd798777c12 100644
--- a/doc/development/documentation/styleguide.md
+++ b/doc/development/documentation/styleguide.md
@@ -1092,6 +1092,6 @@ curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" --data "domain_
 
 [cURL]: http://curl.haxx.se/ "cURL website"
 [single spaces]: http://www.slate.com/articles/technology/technology/2011/01/space_invaders.html
-[gfm]: https://docs.gitlab.com/ce/user/markdown.html#newlines "GitLab flavored markdown documentation"
+[gfm]: ../../user/markdown.md#newlines "GitLab flavored markdown documentation"
 [ce-1242]: https://gitlab.com/gitlab-org/gitlab-ce/issues/1242
 [doc-restart]: ../../administration/restart_gitlab.md "GitLab restart documentation"
diff --git a/doc/development/testing_guide/frontend_testing.md b/doc/development/testing_guide/frontend_testing.md
index ff28c2ea5e2..2985278cc92 100644
--- a/doc/development/testing_guide/frontend_testing.md
+++ b/doc/development/testing_guide/frontend_testing.md
@@ -588,7 +588,7 @@ end
 
 [jasmine-focus]: https://jasmine.github.io/2.5/focused_specs.html
 [karma]: http://karma-runner.github.io/
-[vue-test]: https://docs.gitlab.com/ce/development/fe_guide/vue.html#testing-vue-components
+[vue-test]: ../fe_guide/vue.md#testing-vue-components
 [rspec]: https://github.com/rspec/rspec-rails#feature-specs
 [capybara]: https://github.com/teamcapybara/capybara
 [jasmine]: https://jasmine.github.io/
diff --git a/doc/install/azure/index.md b/doc/install/azure/index.md
index c0e1b0ebbc8..543a222bd25 100644
--- a/doc/install/azure/index.md
+++ b/doc/install/azure/index.md
@@ -70,7 +70,7 @@ The first items we need to configure are the basic settings of the underlying vi
    > **Note:** if you're unsure which authentication type to use, select **Password**
 
    1. If you chose **SSH public key** - enter your `SSH public key` into the field provided
-   _(read the [SSH documentation][GitLab-Docs-SSH] to learn more about how to set up SSH
+   _(read the [SSH documentation](../../ssh/README.md) to learn more about how to set up SSH
    public keys)_
    1. If you chose **Password** - enter the password you wish to use _(this is the password that you
    will use later in this tutorial to [SSH] into the VM, so make sure it's a strong password/passphrase)_
@@ -407,7 +407,7 @@ on any cloud service you choose.
 
 ## Where to next?
 
-Check out our other [Technical Articles][GitLab-Technical-Articles] or browse the [GitLab Documentation][GitLab-Docs] to learn more about GitLab.
+Check out our other [Technical Articles](../../articles/index.md) or browse the [GitLab Documentation][GitLab-Docs](../../README.md) to learn more about GitLab.
 
 ### Useful links
 
@@ -423,9 +423,6 @@ Check out our other [Technical Articles][GitLab-Technical-Articles] or browse th
 - [SSH], [PuTTY] and [Using SSH in PuTTY][Using-SSH-In-Putty]
 
 [Original-Blog-Post]: https://about.gitlab.com/2016/07/13/how-to-setup-a-gitlab-instance-on-microsoft-azure/ "How to Set up a GitLab Instance on Microsoft Azure"
-[GitLab-Docs]: https://docs.gitlab.com/ce/README.html "GitLab Documentation"
-[GitLab-Technical-Articles]: https://docs.gitlab.com/ce/articles/index.html "GitLab Technical Articles"
-[GitLab-Docs-SSH]: https://docs.gitlab.com/ce/ssh/README.html "GitLab Documentation: SSH"
 [CE]: https://about.gitlab.com/features/
 [EE]: https://about.gitlab.com/features/#ee-starter
 
diff --git a/doc/integration/README.md b/doc/integration/README.md
index 135952a1b08..55f9666e3a3 100644
--- a/doc/integration/README.md
+++ b/doc/integration/README.md
@@ -27,7 +27,7 @@ See the documentation below for details on how to configure these services.
 - [SAML](saml.md) Configure GitLab as a SAML 2.0 Service Provider
 - [Trello](trello_power_up.md) Integrate Trello with GitLab
 
-> GitLab Enterprise Edition contains [advanced Jenkins support][jenkins].
+> GitLab Enterprise Edition contains [advanced Jenkins support](jenkins.md).
 
 ## Project services
 
@@ -70,5 +70,3 @@ After that restart GitLab with:
 ```bash
 sudo gitlab-ctl restart
 ```
-
-[jenkins]: https://docs.gitlab.com/ee/integration/jenkins.html
diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md
index 296ab63166f..c6219126b30 100644
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -192,10 +192,10 @@ The following table is an example of how the three different clusters would
 be configured.
 
 | Cluster name | Cluster environment scope | `KUBE_INGRESS_BASE_DOMAIN` variable value | Variable environment scope | Notes |
-| ------------ | -------------- | ----------------------------- | ------------- | ------ |
-| review       |  `review/*`    | `review.example.com`  | `review/*`      | The review cluster which will run all [Review Apps](../../ci/review_apps/index.md). `*` is a wildcard, which means it will be used by every environment name starting with `review/`. |
-| staging      |  `staging`     | `staging.example.com` | `staging`       | (Optional) The staging cluster which will run the deployments of the staging environments. You need to [enable it first](#deploy-policy-for-staging-and-production-environments). |
-| production   |  `production`  | `example.com`         | `production`    | The production cluster which will run the deployments of the production environment. You can use [incremental rollouts](#incremental-rollout-to-production-premium). |
+|--------------|---------------------------|-------------------------------------------|----------------------------|---|
+| review       | `review/*`                | `review.example.com`                      | `review/*`                 | The review cluster which will run all [Review Apps](../../ci/review_apps/index.md). `*` is a wildcard, which means it will be used by every environment name starting with `review/`. |
+| staging      | `staging`                 | `staging.example.com`                     | `staging`                  | (Optional) The staging cluster which will run the deployments of the staging environments. You need to [enable it first](#deploy-policy-for-staging-and-production-environments). |
+| production   | `production`              | `example.com`                             | `production`               | The production cluster which will run the deployments of the production environment. You can use [incremental rollouts](#incremental-rollout-to-production-premium). |
 
 To add a different cluster for each environment:
 
@@ -721,47 +721,47 @@ The following variables can be used for setting up the Auto DevOps domain,
 providing a custom Helm chart, or scaling your application. PostgreSQL can
 also be customized, and you can easily use a [custom buildpack](#custom-buildpacks).
 
-| **Variable**                 | **Description**                                                                                                                                                                                                               |
-| ------------                 | ---------------                                                                                                                                                                                                               |
-| `AUTO_DEVOPS_CHART`          | The Helm Chart used to deploy your apps; defaults to the one [provided by GitLab](https://gitlab.com/gitlab-org/charts/auto-deploy-app).                                                             |
-| `AUTO_DEVOPS_CHART_REPOSITORY` | The Helm Chart repository used to search for charts; defaults to `https://charts.gitlab.io`. |
-| `AUTO_DEVOPS_CHART_REPOSITORY_NAME` | From Gitlab 11.11, this variable can be used to set the name of the helm repository; defaults to "gitlab" |
+| **Variable**                            | **Description**                    |
+|-----------------------------------------|------------------------------------|
+| `AUTO_DEVOPS_CHART`                     | The Helm Chart used to deploy your apps; defaults to the one [provided by GitLab](https://gitlab.com/gitlab-org/charts/auto-deploy-app). |
+| `AUTO_DEVOPS_CHART_REPOSITORY`          | The Helm Chart repository used to search for charts; defaults to `https://charts.gitlab.io`. |
+| `AUTO_DEVOPS_CHART_REPOSITORY_NAME`     | From Gitlab 11.11, this variable can be used to set the name of the helm repository; defaults to "gitlab" |
 | `AUTO_DEVOPS_CHART_REPOSITORY_USERNAME` | From Gitlab 11.11, this variable can be used to set a username to connect to the helm repository. Defaults to no credentials. (Also set AUTO_DEVOPS_CHART_REPOSITORY_PASSWORD) |
 | `AUTO_DEVOPS_CHART_REPOSITORY_PASSWORD` | From Gitlab 11.11, this variable can be used to set a password to connect to the helm repository. Defaults to no credentials. (Also set AUTO_DEVOPS_CHART_REPOSITORY_USERNAME) |
-| `REPLICAS`                   | The number of replicas to deploy; defaults to 1.                                                                                                                                                                              |
-| `PRODUCTION_REPLICAS`        | The number of replicas to deploy in the production environment. Takes precedence over `REPLICAS` and defaults to 1. For zero downtime upgrades, set to 2 or greater.                                |
-| `CANARY_REPLICAS`            | The number of canary replicas to deploy for [Canary Deployments](../../user/project/canary_deployments.md); defaults to 1                                                                              |
-| `CANARY_PRODUCTION_REPLICAS` | The number of canary replicas to deploy for [Canary Deployments](../../user/project/canary_deployments.md) in the production environment. This takes precedence over `CANARY_REPLICAS`; defaults to 1  |
-| `ADDITIONAL_HOSTS`           | Fully qualified domain names specified as a comma-separated list that are added to the ingress hosts.                                                                                                                         |
-| `<ENVIRONMENT>_ADDITIONAL_HOSTS` | For a specific environment, the fully qualified domain names specified as a comma-separated list that are added to the ingress hosts. This takes precedence over `ADDITIONAL_HOSTS`.                                      |
-| `POSTGRES_ENABLED`           | Whether PostgreSQL is enabled; defaults to `"true"`. Set to `false` to disable the automatic deployment of PostgreSQL.                                                                                                        |
-| `POSTGRES_USER`              | The PostgreSQL user; defaults to `user`. Set it to use a custom username.                                                                                                                                                     |
-| `POSTGRES_PASSWORD`          | The PostgreSQL password; defaults to `testing-password`. Set it to use a custom password.                                                                                                                                     |
-| `POSTGRES_DB`                | The PostgreSQL database name; defaults to the value of [`$CI_ENVIRONMENT_SLUG`](../../ci/variables/README.md#predefined-environment-variables). Set it to use a custom database name.                               |
-| `POSTGRES_VERSION`           | Tag for the [`postgres` Docker image](https://hub.docker.com/_/postgres) to use. Defaults to `9.6.2`. |
-| `BUILDPACK_URL`              | The buildpack's full URL. It can point to either Git repositories or a tarball URL. For Git repositories, it is possible to point to a specific `ref`, for example `https://github.com/heroku/heroku-buildpack-ruby.git#v142` |
-| `SAST_CONFIDENCE_LEVEL`      | The minimum confidence level of security issues you want to be reported; `1` for Low, `2` for Medium, `3` for High; defaults to `3`.|
-| `DEP_SCAN_DISABLE_REMOTE_CHECKS` | Whether remote Dependency Scanning checks are disabled; defaults to `"false"`. Set to `"true"` to disable checks that send data to GitLab central servers. [Read more about remote checks](https://gitlab.com/gitlab-org/security-products/dependency-scanning#remote-checks).|
-| `DB_INITIALIZE`              | From GitLab 11.4, this variable can be used to specify the command to run to initialize the application's PostgreSQL database. It runs inside the application pod. |
-| `DB_MIGRATE`                 | From GitLab 11.4, this variable can be used to specify the command to run to migrate the application's PostgreSQL database. It runs inside the application pod. |
-| `STAGING_ENABLED`            | From GitLab 10.8, this variable can be used to define a [deploy policy for staging and production environments](#deploy-policy-for-staging-and-production-environments). |
-| `CANARY_ENABLED`             | From GitLab 11.0, this variable can be used to define a [deploy policy for canary environments](#deploy-policy-for-canary-environments-premium). |
-| `INCREMENTAL_ROLLOUT_MODE`| From GitLab 11.4, this variable, if present, can be used to enable an [incremental rollout](#incremental-rollout-to-production-premium) of your application for the production environment. Set to `manual` for manual deployment jobs or `timed` for automatic rollout deployments with a 5 minute delay each one. |
-| `TEST_DISABLED`              | From GitLab 11.0, this variable can be used to disable the `test` job. If the variable is present, the job will not be created. |
-| `CODE_QUALITY_DISABLED`       | From GitLab 11.0, this variable can be used to disable the `codequality` job. If the variable is present, the job will not be created. |
-| `LICENSE_MANAGEMENT_DISABLED` | From GitLab 11.0, this variable can be used to disable the `license_management` job. If the variable is present, the job will not be created. |
-| `SAST_DISABLED`              | From GitLab 11.0, this variable can be used to disable the `sast` job. If the variable is present, the job will not be created. |
-| `DEPENDENCY_SCANNING_DISABLED` | From GitLab 11.0, this variable can be used to disable the `dependency_scanning` job. If the variable is present, the job will not be created. |
-| `CONTAINER_SCANNING_DISABLED` | From GitLab 11.0, this variable can be used to disable the `sast:container` job. If the variable is present, the job will not be created. |
-| `REVIEW_DISABLED`            | From GitLab 11.0, this variable can be used to disable the `review` and the manual `review:stop` job. If the variable is present, these jobs will not be created. |
-| `DAST_DISABLED`              | From GitLab 11.0, this variable can be used to disable the `dast` job. If the variable is present, the job will not be created. |
-| `PERFORMANCE_DISABLED`       | From GitLab 11.0, this variable can be used to disable the `performance` job. If the variable is present, the job will not be created. |
-| `K8S_SECRET_*`               | From GitLab 11.7, any variable prefixed with [`K8S_SECRET_`](#application-secret-variables) will be made available by Auto DevOps as environment variables to the deployed application. |
-| `KUBE_INGRESS_BASE_DOMAIN`   | From GitLab 11.8, this variable can be used to set a domain per cluster. See [cluster domains](../../user/project/clusters/index.md#base-domain) for more information. |
-| `ROLLOUT_RESOURCE_TYPE`     | From GitLab 11.9, this variable allows specification of the resource type being deployed when using a custom helm chart. Default value is `deployment`. |
-| `ROLLOUT_STATUS_DISABLED`   | From GitLab 12.0, this variable allows to disable rollout status check because it doesn't support all resource types, for example, `cronjob`. |
-| `HELM_UPGRADE_EXTRA_ARGS`   | From GitLab 11.11, this variable allows extra arguments in `helm` commands when deploying the application. Note that using quotes will not prevent word splitting. **Tip:** you can use this variable to [customize the Auto Deploy helm chart](https://docs.gitlab.com/ee/topics/autodevops/index.html#custom-helm-chart) by applying custom override values with `--values my-values.yaml`. |
-| `HELM_RELEASE_NAME`   | From GitLab 12.1, this variable allows the `helm` release name to be overridden, this can be used to assign unique release names when deploying multiple projects to a single namespace  |
+| `REPLICAS`                              | The number of replicas to deploy; defaults to 1. |
+| `PRODUCTION_REPLICAS`                   | The number of replicas to deploy in the production environment. Takes precedence over `REPLICAS` and defaults to 1. For zero downtime upgrades, set to 2 or greater. |
+| `CANARY_REPLICAS`                       | The number of canary replicas to deploy for [Canary Deployments](../../user/project/canary_deployments.md); defaults to 1. |
+| `CANARY_PRODUCTION_REPLICAS`            | The number of canary replicas to deploy for [Canary Deployments](../../user/project/canary_deployments.md) in the production environment. This takes precedence over `CANARY_REPLICAS`; defaults to 1. |
+| `ADDITIONAL_HOSTS`                      | Fully qualified domain names specified as a comma-separated list that are added to the ingress hosts. |
+| `<ENVIRONMENT>_ADDITIONAL_HOSTS`        | For a specific environment, the fully qualified domain names specified as a comma-separated list that are added to the ingress hosts. This takes precedence over `ADDITIONAL_HOSTS`. |
+| `POSTGRES_ENABLED`                      | Whether PostgreSQL is enabled; defaults to `"true"`. Set to `false` to disable the automatic deployment of PostgreSQL. |
+| `POSTGRES_USER`                         | The PostgreSQL user; defaults to `user`. Set it to use a custom username. |
+| `POSTGRES_PASSWORD`                     | The PostgreSQL password; defaults to `testing-password`. Set it to use a custom password. |
+| `POSTGRES_DB`                           | The PostgreSQL database name; defaults to the value of [`$CI_ENVIRONMENT_SLUG`](../../ci/variables/README.md#predefined-environment-variables). Set it to use a custom database name. |
+| `POSTGRES_VERSION`                      | Tag for the [`postgres` Docker image](https://hub.docker.com/_/postgres) to use. Defaults to `9.6.2`. |
+| `BUILDPACK_URL`                         | The buildpack's full URL. It can point to either Git repositories or a tarball URL. For Git repositories, it is possible to point to a specific `ref`, for example `https://github.com/heroku/heroku-buildpack-ruby.git#v142`. |
+| `SAST_CONFIDENCE_LEVEL`                 | The minimum confidence level of security issues you want to be reported; `1` for Low, `2` for Medium, `3` for High; defaults to `3`. |
+| `DS_DISABLE_REMOTE_CHECKS`              | Whether remote Dependency Scanning checks are disabled; defaults to `"false"`. Set to `"true"` to disable checks that send data to GitLab central servers. [Read more about remote checks](../../user/application_security/dependency_scanning/index.md#remote-checks). |
+| `DB_INITIALIZE`                         | From GitLab 11.4, this variable can be used to specify the command to run to initialize the application's PostgreSQL database. It runs inside the application pod. |
+| `DB_MIGRATE`                            | From GitLab 11.4, this variable can be used to specify the command to run to migrate the application's PostgreSQL database. It runs inside the application pod. |
+| `STAGING_ENABLED`                       | From GitLab 10.8, this variable can be used to define a [deploy policy for staging and production environments](#deploy-policy-for-staging-and-production-environments). |
+| `CANARY_ENABLED`                        | From GitLab 11.0, this variable can be used to define a [deploy policy for canary environments](#deploy-policy-for-canary-environments-premium). |
+| `INCREMENTAL_ROLLOUT_MODE`              | From GitLab 11.4, this variable, if present, can be used to enable an [incremental rollout](#incremental-rollout-to-production-premium) of your application for the production environment. Set to `manual` for manual deployment jobs or `timed` for automatic rollout deployments with a 5 minute delay each one. |
+| `TEST_DISABLED`                         | From GitLab 11.0, this variable can be used to disable the `test` job. If the variable is present, the job will not be created. |
+| `CODE_QUALITY_DISABLED`                 | From GitLab 11.0, this variable can be used to disable the `codequality` job. If the variable is present, the job will not be created. |
+| `LICENSE_MANAGEMENT_DISABLED`           | From GitLab 11.0, this variable can be used to disable the `license_management` job. If the variable is present, the job will not be created. |
+| `SAST_DISABLED`                         | From GitLab 11.0, this variable can be used to disable the `sast` job. If the variable is present, the job will not be created. |
+| `DEPENDENCY_SCANNING_DISABLED`          | From GitLab 11.0, this variable can be used to disable the `dependency_scanning` job. If the variable is present, the job will not be created. |
+| `CONTAINER_SCANNING_DISABLED`           | From GitLab 11.0, this variable can be used to disable the `sast:container` job. If the variable is present, the job will not be created. |
+| `REVIEW_DISABLED`                       | From GitLab 11.0, this variable can be used to disable the `review` and the manual `review:stop` job. If the variable is present, these jobs will not be created. |
+| `DAST_DISABLED`                         | From GitLab 11.0, this variable can be used to disable the `dast` job. If the variable is present, the job will not be created. |
+| `PERFORMANCE_DISABLED`                  | From GitLab 11.0, this variable can be used to disable the `performance` job. If the variable is present, the job will not be created. |
+| `K8S_SECRET_*`                          | From GitLab 11.7, any variable prefixed with [`K8S_SECRET_`](#application-secret-variables) will be made available by Auto DevOps as environment variables to the deployed application. |
+| `KUBE_INGRESS_BASE_DOMAIN`              | From GitLab 11.8, this variable can be used to set a domain per cluster. See [cluster domains](../../user/project/clusters/index.md#base-domain) for more information. |
+| `ROLLOUT_RESOURCE_TYPE`                 | From GitLab 11.9, this variable allows specification of the resource type being deployed when using a custom helm chart. Default value is `deployment`. |
+| `ROLLOUT_STATUS_DISABLED`               | From GitLab 12.0, this variable allows to disable rollout status check because it doesn't support all resource types, for example, `cronjob`. |
+| `HELM_UPGRADE_EXTRA_ARGS`               | From GitLab 11.11, this variable allows extra arguments in `helm` commands when deploying the application. Note that using quotes will not prevent word splitting. **Tip:** you can use this variable to [customize the Auto Deploy helm chart](#custom-helm-chart) by applying custom override values with `--values my-values.yaml`. |
+| `HELM_RELEASE_NAME`                     | From GitLab 12.1, this variable allows the `helm` release name to be overridden, this can be used to assign unique release names when deploying multiple projects to a single namespace. |
 
 TIP: **Tip:**
 Set up the replica variables using a
diff --git a/doc/user/project/protected_branches.md b/doc/user/project/protected_branches.md
index 20a03dff2da..9a3c02e1f50 100644
--- a/doc/user/project/protected_branches.md
+++ b/doc/user/project/protected_branches.md
@@ -180,6 +180,5 @@ for details about the pipelines security model.
 [ce-4892]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4892 "Allow developers to merge into a protected branch without having push access"
 [ce-5081]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5081 "Allow creating protected branches that can't be pushed to"
 [ce-21393]: https://gitlab.com/gitlab-org/gitlab-ce/issues/21393
-[ee-restrict]: https://docs.gitlab.com/ee/user/project/protected_branches.html#restricting-push-and-merge-access-to-certain-users
 [perm]: ../permissions.md
 [ee]: https://about.gitlab.com/pricing/
-- 
cgit v1.2.1


From 22f5c068c0a9c216088d260c82cfe0125366498d Mon Sep 17 00:00:00 2001
From: Shinya Maeda <shinya@gitlab.com>
Date: Thu, 25 Jul 2019 23:03:25 +0000
Subject: Add trouble shooting for Merge Train

Add trouble shooting sections
---
 .../pipelines_for_merged_results/index.md          |  36 +++++++----
 .../merge_trains/img/merge_train_failure.png       | Bin 0 -> 63661 bytes
 .../img/merge_train_immediate_merge.png            | Bin 0 -> 30760 bytes
 .../merge_trains/index.md                          |  69 ++++++++++++++++++---
 4 files changed, 85 insertions(+), 20 deletions(-)
 create mode 100644 doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_failure.png
 create mode 100644 doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_immediate_merge.png

diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/index.md b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/index.md
index f63b17a9e5a..ad07c662965 100644
--- a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/index.md
+++ b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/index.md
@@ -62,18 +62,32 @@ CAUTION: **Warning:**
 Make sure your `gitlab-ci.yml` file is [configured properly for pipelines for merge requests](../index.md#configuring-pipelines-for-merge-requests),
 otherwise pipelines for merged results won't run and your merge requests will be stuck in an unresolved state.
 
-## Merge Trains **(PREMIUM)**
+## Troubleshooting
 
-Read the [documentation on Merge Trains](merge_trains/index.md).
+### Pipelines for merged results not created even with new change pushed to merge request
 
-<!-- ## Troubleshooting
+Can be caused by some disabled feature flags. Please make sure that
+the following feature flags are enabled on your GitLab instance:
 
-Include any troubleshooting steps that you can foresee. If you know beforehand what issues
-one might have when setting this up, or when something is changed, or on upgrading, it's
-important to describe those, too. Think of things that may go wrong and include them here.
-This is important to minimize requests for support, and to avoid doc comments with
-questions that you know someone might ask.
+- `:ci_use_merge_request_ref`
+- `:merge_ref_auto_sync`
 
-Each scenario can be a third-level heading, e.g. `### Getting error message X`.
-If you have none to add when creating a doc, leave this section in place
-but commented out to help encourage others to add to it in the future. -->
+To check these feature flag values, please ask administrator to execute the following commands:
+
+```shell
+> sudo gitlab-rails console                         # Login to Rails console of GitLab instance.
+> Feature.enabled?(:ci_use_merge_request_ref)       # Check if it's enabled or not.
+> Feature.enable(:ci_use_merge_request_ref)         # Enable the feature flag.
+```
+
+## Using Merge Trains **(PREMIUM)**
+
+By enabling [Pipelines for merged results](#pipelines-for-merged-results-premium),
+GitLab will [automatically display](merge_trains/index.md#how-to-add-a-merge-request-to-a-merge-train)
+a **Start/Add Merge Train button** as the most recommended merge strategy.
+
+Generally, this is a safer option than merging merge requests immediately as your
+merge request will be evaluated with an expected post-merge result before the actual
+merge happens.
+
+For more information, read the [documentation on Merge Trains](merge_trains/index.md).
diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_failure.png b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_failure.png
new file mode 100644
index 00000000000..a8916e5721c
Binary files /dev/null and b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_failure.png differ
diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_immediate_merge.png b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_immediate_merge.png
new file mode 100644
index 00000000000..65ff7e3d674
Binary files /dev/null and b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_immediate_merge.png differ
diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md
index 44cbcde264c..80a1c264bc4 100644
--- a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md
+++ b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md
@@ -80,14 +80,65 @@ button while the latest pipeline is running.
 
 ![Add to merge train when pipeline succeeds](img/merge_train_start_when_pipeline_succeeds_v12_0.png)
 
-<!-- ## Troubleshooting
+## Immediately merge a merge request with a merge train
 
-Include any troubleshooting steps that you can foresee. If you know beforehand what issues
-one might have when setting this up, or when something is changed, or on upgrading, it's
-important to describe those, too. Think of things that may go wrong and include them here.
-This is important to minimize requests for support, and to avoid doc comments with
-questions that you know someone might ask.
+In case, you have a high-priority merge request (e.g. critical patch) to be merged urgently,
+you can use **Merge Immediately** option for bypassing the merge train.
+This is the fastest option to get the change merged into the target branch.
 
-Each scenario can be a third-level heading, e.g. `### Getting error message X`.
-If you have none to add when creating a doc, leave this section in place
-but commented out to help encourage others to add to it in the future. -->
+![Merge Immediately](img/merge_train_immediate_merge.png)
+
+However, every time you merge a merge request immediately, it could affect the
+existing merge train to be reconstructed, specifically, it regenerates expected
+merge commits and pipelines. This means, merging immediately essentially wastes
+CI resources.
+
+## Troubleshooting
+
+### Merge request dropped from the merge train immediately
+
+If a merge request is not mergeable (for example, it's WIP, there is a merge
+conflict, etc), your merge request will be dropped from the merge train automatically.
+
+In these cases, the reason for dropping the merge request is in the **system notes**.
+
+To check the reason:
+
+1. Open the merge request that was dropped from the merge train.
+1. Open the **Discussion** tab.
+1. Find a system note that includes either:
+   - The text **... removed this merge request from the merge train because ...**
+   - **... aborted this merge request from the merge train because ...**
+   The reason is given in the text after the **because ...** phrase.
+
+![Merge Train Failure](img/merge_train_failure.png)
+
+### Merge When Pipeline Succeeds cannot be chosen
+
+[Merge When Pipeline Succeeds](../../../../user/project/merge_requests/merge_when_pipeline_succeeds.md)
+is unavailable when
+[Pipelines for Merged Results is enabled](../index.md#enabling-pipelines-for-merged-results).
+
+Follow [this issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/12267) to
+track progress on this issue.
+
+### Merge Train disturbs your workflow
+
+First of all, please check if [merge immediately](#immediately-merge-a-merge-request-with-a-merge-train)
+is available as a workaround in your workflow. This is the most recommended
+workaround you'd be able to take immediately. If it's not available or acceptable,
+please read through this section.
+
+Merge train is enabled by default when you enable [Pipelines for merged results](../index.md),
+however, you can forcibly disable this feature by disabling the feature flag `:merge_trains_enabled`.
+After you disabled this feature, all the existing merge trains will be aborted and
+you will no longer see the **Start/Add Merge Train** button in merge requests.
+
+To check if the feature flag is enabled on your GitLab instance,
+please ask administrator to execute the following commands:
+
+```shell
+> sudo gitlab-rails console                         # Login to Rails console of GitLab instance.
+> Feature.enabled?(:merge_trains_enabled)           # Check if it's enabled or not.
+> Feature.disable(:merge_trains_enabled)            # Disable the feature flag.
+```
\ No newline at end of file
-- 
cgit v1.2.1


From 634a03bf608eaf86ecf14b4f44fa30e62905ac6b Mon Sep 17 00:00:00 2001
From: Luke Duncalfe <lduncalfe@eml.cc>
Date: Wed, 24 Jul 2019 13:53:06 +1200
Subject: Redirect project.wiki.git to project wiki home

https://gitlab.com/gitlab-org/gitlab-ce/issues/19186
---
 .../19186-redirect-wiki-git-route-to-wiki.yml      |  5 +++++
 config/routes/git_http.rb                          | 12 +++++++++++
 lib/gitlab/path_regex.rb                           |  4 ++++
 spec/routing/git_http_routing_spec.rb              | 24 ++++++++++++++++++++++
 4 files changed, 45 insertions(+)
 create mode 100644 changelogs/unreleased/19186-redirect-wiki-git-route-to-wiki.yml
 create mode 100644 spec/routing/git_http_routing_spec.rb

diff --git a/changelogs/unreleased/19186-redirect-wiki-git-route-to-wiki.yml b/changelogs/unreleased/19186-redirect-wiki-git-route-to-wiki.yml
new file mode 100644
index 00000000000..705621d06f7
--- /dev/null
+++ b/changelogs/unreleased/19186-redirect-wiki-git-route-to-wiki.yml
@@ -0,0 +1,5 @@
+---
+title: Redirect from a project wiki git route to the project wiki home
+merge_request: 31085
+author:
+type: added
diff --git a/config/routes/git_http.rb b/config/routes/git_http.rb
index a959d40881b..aac6d418a92 100644
--- a/config/routes/git_http.rb
+++ b/config/routes/git_http.rb
@@ -34,6 +34,18 @@ scope(path: '*namespace_id/:project_id',
     end
   end
 
+  # Redirect /group/project.wiki.git to the project wiki
+  scope(format: true, constraints: { project_id: Gitlab::PathRegex.project_wiki_git_route_regex, format: :git }) do
+    wiki_redirect = redirect do |params, request|
+      project_id = params[:project_id].delete_suffix('.wiki')
+      path = [params[:namespace_id], project_id, 'wikis'].join('/')
+      path << "?#{request.query_string}" unless request.query_string.blank?
+      path
+    end
+
+    get '/', to: wiki_redirect
+  end
+
   # Redirect /group/project/info/refs to /group/project.git/info/refs
   scope(constraints: { project_id: Gitlab::PathRegex.project_route_regex }) do
     # Allow /info/refs, /info/refs?service=git-upload-pack, and
diff --git a/lib/gitlab/path_regex.rb b/lib/gitlab/path_regex.rb
index a13b3f9e069..f96466b2b00 100644
--- a/lib/gitlab/path_regex.rb
+++ b/lib/gitlab/path_regex.rb
@@ -175,6 +175,10 @@ module Gitlab
       @project_git_route_regex ||= /#{project_route_regex}\.git/.freeze
     end
 
+    def project_wiki_git_route_regex
+      @project_wiki_git_route_regex ||= /#{PATH_REGEX_STR}\.wiki/.freeze
+    end
+
     def full_namespace_path_regex
       @full_namespace_path_regex ||= %r{\A#{full_namespace_route_regex}/\z}
     end
diff --git a/spec/routing/git_http_routing_spec.rb b/spec/routing/git_http_routing_spec.rb
new file mode 100644
index 00000000000..af14e5f81cb
--- /dev/null
+++ b/spec/routing/git_http_routing_spec.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'git_http routing' do
+  include RSpec::Rails::RequestExampleGroup
+
+  describe 'wiki.git routing', 'routing' do
+    let(:wiki_path)  { '/gitlab/gitlabhq/wikis' }
+
+    it 'redirects namespace/project.wiki.git to the project wiki' do
+      expect(get('/gitlab/gitlabhq.wiki.git')).to redirect_to(wiki_path)
+    end
+
+    it 'preserves query parameters' do
+      expect(get('/gitlab/gitlabhq.wiki.git?foo=bar&baz=qux')).to redirect_to("#{wiki_path}?foo=bar&baz=qux")
+    end
+
+    it 'only redirects when the format is .git' do
+      expect(get('/gitlab/gitlabhq.wiki')).not_to redirect_to(wiki_path)
+      expect(get('/gitlab/gitlabhq.wiki.json')).not_to redirect_to(wiki_path)
+    end
+  end
+end
-- 
cgit v1.2.1


From 10a1670d614b2f4b7b8af63cf4a3540d0fec8b35 Mon Sep 17 00:00:00 2001
From: Sarah Yasonik <syasonik@gitlab.com>
Date: Fri, 26 Jul 2019 00:46:57 +0000
Subject: Add docs for template field in prometheus alerts

---
 doc/user/project/integrations/prometheus.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/doc/user/project/integrations/prometheus.md b/doc/user/project/integrations/prometheus.md
index ba982c9cf6f..e609fe43507 100644
--- a/doc/user/project/integrations/prometheus.md
+++ b/doc/user/project/integrations/prometheus.md
@@ -323,8 +323,9 @@ Once enabled, an issue will be opened automatically when an alert is triggered w
   - `starts_at`: Alert start time via `startsAt`
   - `full_query`: Alert query extracted from `generatorURL`
   - Optional list of attached annotations extracted from `annotations/*`
+- Alert [GFM](../../markdown.md): GitLab Flavored Markdown from `annotations/gitlab_incident_markdown`
 
-To further customize the issue, you can add labels, mentions, or any other supported [quick action](../quick_actions.md) in the selected issue template.
+To further customize the issue, you can add labels, mentions, or any other supported [quick action](../quick_actions.md) in the selected issue template, which will apply to all incidents. To limit quick actions or other information to only specific types of alerts, use the `annotations/gitlab_incident_markdown` field.
 
 Since [version 12.2](https://gitlab.com/gitlab-org/gitlab-ce/issues/63373), GitLab will tag each incident issue with the `incident` label automatically. If the label does not yet exist, it will be created automatically as well.
 
-- 
cgit v1.2.1


From 13eb8fdaf1e975d83a5cd3ecadbd8158d41d5235 Mon Sep 17 00:00:00 2001
From: Agnes Oetama <aoetama@gitlab.com>
Date: Fri, 26 Jul 2019 01:13:26 +0000
Subject: Update README.md - add CTA to watch Mastering CI/CD webcast and 5
 teams that made the switch to GitLab CI/CD article

---
 doc/ci/README.md             | 6 ++++++
 doc/ci/introduction/index.md | 5 +++++
 doc/ci/pipelines.md          | 5 +++++
 3 files changed, 16 insertions(+)

diff --git a/doc/ci/README.md b/doc/ci/README.md
index 7048ceaac41..6923d07bb1d 100644
--- a/doc/ci/README.md
+++ b/doc/ci/README.md
@@ -13,6 +13,11 @@ through the [continuous methodologies](introduction/index.md#introduction-to-cic
 - Continuous Delivery (CD)
 - Continuous Deployment (CD)
 
+NOTE: **Out-of-the-box management systems can decrease hours spent on maintaining toolchains by 10% or more.**
+Watch our
+["Mastering continuous software development"](https://about.gitlab.com/webcast/mastering-ci-cd/)
+webcast to learn about continuous methods and how GitLab’s built-in CI can help you simplify and scale software development. 
+
 ## Overview
 
 Continuous Integration works by pushing small code chunks to your
@@ -155,6 +160,7 @@ for your CI/CD infrastructure:
 
 - [Why we chose GitLab CI for our CI/CD solution](https://about.gitlab.com/2016/10/17/gitlab-ci-oohlala/)
 - [Building our web-app on GitLab CI](https://about.gitlab.com/2016/07/22/building-our-web-app-on-gitlab-ci/)
+- [5 Teams that made the switch to GitLab CI/CD](https://about.gitlab.com/2019/04/25/5-teams-that-made-the-switch-to-gitlab-ci-cd/)
 
 See also the [Why CI/CD?](https://docs.google.com/presentation/d/1OGgk2Tcxbpl7DJaIOzCX4Vqg3dlwfELC3u2jEeCBbDk) presentation.
 
diff --git a/doc/ci/introduction/index.md b/doc/ci/introduction/index.md
index 6401ff90a0a..366aca3442e 100644
--- a/doc/ci/introduction/index.md
+++ b/doc/ci/introduction/index.md
@@ -9,6 +9,11 @@ In this document we'll present an overview of the concepts of Continuous Integra
 Continuous Delivery, and Continuous Deployment, as well as an introduction to
 GitLab CI/CD.
 
+NOTE: **Out-of-the-box management systems can decrease hours spent on maintaining toolchains by 10% or more.**
+Watch our
+["Mastering continuous software development"](https://about.gitlab.com/webcast/mastering-ci-cd/)
+webcast to learn about continuous methods and how GitLab’s built-in CI can help you simplify and scale software development.
+
 ## Introduction to CI/CD methodologies
 
 The continuous methodologies of software development are based on
diff --git a/doc/ci/pipelines.md b/doc/ci/pipelines.md
index 98f30350968..be8f66c741f 100644
--- a/doc/ci/pipelines.md
+++ b/doc/ci/pipelines.md
@@ -6,6 +6,11 @@ type: reference
 
 > Introduced in GitLab 8.8.
 
+NOTE: **Tip:**
+Watch our
+["Mastering continuous software development"](https://about.gitlab.com/webcast/mastering-ci-cd/)
+webcast to see a comprehensive demo of GitLab CI/CD pipeline.
+
 ## Introduction
 
 Pipelines are the top-level component of continuous integration, delivery, and deployment.
-- 
cgit v1.2.1


From 94bb660460bd3b01e289d6deb431774694f3ebb7 Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Thu, 25 Jul 2019 17:11:48 +1200
Subject: Add frozen_string_literal to spec/factories

Using the sed script from
https://gitlab.com/gitlab-org/gitlab-ce/issues/59758
---
 spec/factories/abuse_reports.rb                            | 2 ++
 spec/factories/appearances.rb                              | 2 ++
 spec/factories/application_settings.rb                     | 2 ++
 spec/factories/award_emoji.rb                              | 2 ++
 spec/factories/badge.rb                                    | 2 ++
 spec/factories/boards.rb                                   | 2 ++
 spec/factories/broadcast_messages.rb                       | 2 ++
 spec/factories/chat_names.rb                               | 2 ++
 spec/factories/chat_teams.rb                               | 2 ++
 spec/factories/ci/bridge.rb                                | 2 ++
 spec/factories/ci/build_trace_chunks.rb                    | 2 ++
 spec/factories/ci/build_trace_section_names.rb             | 2 ++
 spec/factories/ci/builds.rb                                | 2 ++
 spec/factories/ci/group_variables.rb                       | 2 ++
 spec/factories/ci/job_artifacts.rb                         | 2 ++
 spec/factories/ci/pipeline_schedule.rb                     | 2 ++
 spec/factories/ci/pipeline_schedule_variables.rb           | 2 ++
 spec/factories/ci/pipeline_variables.rb                    | 2 ++
 spec/factories/ci/pipelines.rb                             | 2 ++
 spec/factories/ci/runner_projects.rb                       | 2 ++
 spec/factories/ci/runners.rb                               | 2 ++
 spec/factories/ci/stages.rb                                | 2 ++
 spec/factories/ci/trigger_requests.rb                      | 2 ++
 spec/factories/ci/triggers.rb                              | 2 ++
 spec/factories/ci/variables.rb                             | 2 ++
 spec/factories/clusters/applications/helm.rb               | 2 ++
 spec/factories/clusters/clusters.rb                        | 2 ++
 spec/factories/clusters/platforms/kubernetes.rb            | 2 ++
 spec/factories/clusters/providers/gcp.rb                   | 2 ++
 spec/factories/commit_statuses.rb                          | 2 ++
 spec/factories/commits.rb                                  | 2 ++
 spec/factories/container_repositories.rb                   | 2 ++
 spec/factories/conversational_development_index_metrics.rb | 2 ++
 spec/factories/deploy_keys_projects.rb                     | 2 ++
 spec/factories/deploy_tokens.rb                            | 2 ++
 spec/factories/deployments.rb                              | 2 ++
 spec/factories/emails.rb                                   | 2 ++
 spec/factories/environments.rb                             | 2 ++
 spec/factories/events.rb                                   | 2 ++
 spec/factories/file_uploaders.rb                           | 2 ++
 spec/factories/fork_network_members.rb                     | 2 ++
 spec/factories/fork_networks.rb                            | 2 ++
 spec/factories/gitaly/commit.rb                            | 2 ++
 spec/factories/gitaly/commit_author.rb                     | 2 ++
 spec/factories/gitaly/tag.rb                               | 2 ++
 spec/factories/gpg_key_subkeys.rb                          | 2 ++
 spec/factories/gpg_keys.rb                                 | 2 ++
 spec/factories/gpg_signature.rb                            | 2 ++
 spec/factories/group_custom_attributes.rb                  | 2 ++
 spec/factories/group_members.rb                            | 2 ++
 spec/factories/groups.rb                                   | 2 ++
 spec/factories/identities.rb                               | 2 ++
 spec/factories/import_export_uploads.rb                    | 2 ++
 spec/factories/import_states.rb                            | 2 ++
 spec/factories/instance_configuration.rb                   | 2 ++
 spec/factories/internal_ids.rb                             | 2 ++
 spec/factories/issues.rb                                   | 2 ++
 spec/factories/keys.rb                                     | 2 ++
 spec/factories/label_links.rb                              | 2 ++
 spec/factories/label_priorities.rb                         | 2 ++
 spec/factories/labels.rb                                   | 2 ++
 spec/factories/lfs_file_locks.rb                           | 2 ++
 spec/factories/lfs_objects.rb                              | 2 ++
 spec/factories/lfs_objects_projects.rb                     | 2 ++
 spec/factories/lists.rb                                    | 2 ++
 spec/factories/merge_requests.rb                           | 2 ++
 spec/factories/merge_requests_closing_issues.rb            | 2 ++
 spec/factories/milestones.rb                               | 2 ++
 spec/factories/namespaces.rb                               | 2 ++
 spec/factories/notes.rb                                    | 2 ++
 spec/factories/notification_settings.rb                    | 2 ++
 spec/factories/oauth_access_grants.rb                      | 2 ++
 spec/factories/oauth_access_tokens.rb                      | 2 ++
 spec/factories/oauth_applications.rb                       | 2 ++
 spec/factories/pages_domains.rb                            | 2 ++
 spec/factories/personal_access_tokens.rb                   | 2 ++
 spec/factories/pool_repositories.rb                        | 2 ++
 spec/factories/programming_languages.rb                    | 2 ++
 spec/factories/project_auto_devops.rb                      | 2 ++
 spec/factories/project_custom_attributes.rb                | 2 ++
 spec/factories/project_deploy_tokens.rb                    | 2 ++
 spec/factories/project_group_links.rb                      | 2 ++
 spec/factories/project_hooks.rb                            | 2 ++
 spec/factories/project_members.rb                          | 2 ++
 spec/factories/project_statistics.rb                       | 2 ++
 spec/factories/project_wikis.rb                            | 2 ++
 spec/factories/projects.rb                                 | 2 ++
 spec/factories/protected_branches.rb                       | 2 ++
 spec/factories/protected_tags.rb                           | 2 ++
 spec/factories/redirect_routes.rb                          | 2 ++
 spec/factories/releases.rb                                 | 2 ++
 spec/factories/remote_mirrors.rb                           | 2 ++
 spec/factories/repository_languages.rb                     | 2 ++
 spec/factories/sent_notifications.rb                       | 2 ++
 spec/factories/sequences.rb                                | 2 ++
 spec/factories/service_hooks.rb                            | 2 ++
 spec/factories/services.rb                                 | 2 ++
 spec/factories/shards.rb                                   | 2 ++
 spec/factories/snippets.rb                                 | 2 ++
 spec/factories/spam_logs.rb                                | 2 ++
 spec/factories/subscriptions.rb                            | 2 ++
 spec/factories/system_hooks.rb                             | 2 ++
 spec/factories/system_note_metadata.rb                     | 2 ++
 spec/factories/term_agreements.rb                          | 2 ++
 spec/factories/terms.rb                                    | 2 ++
 spec/factories/timelogs.rb                                 | 2 ++
 spec/factories/todos.rb                                    | 2 ++
 spec/factories/trending_project.rb                         | 2 ++
 spec/factories/u2f_registrations.rb                        | 2 ++
 spec/factories/uploads.rb                                  | 2 ++
 spec/factories/user_agent_details.rb                       | 2 ++
 spec/factories/user_callouts.rb                            | 2 ++
 spec/factories/user_custom_attributes.rb                   | 2 ++
 spec/factories/users.rb                                    | 2 ++
 spec/factories/users_star_projects.rb                      | 2 ++
 spec/factories/web_hook_log.rb                             | 2 ++
 spec/factories/wiki_directories.rb                         | 2 ++
 spec/factories/wiki_pages.rb                               | 2 ++
 118 files changed, 236 insertions(+)

diff --git a/spec/factories/abuse_reports.rb b/spec/factories/abuse_reports.rb
index 021971ac421..578af9ed895 100644
--- a/spec/factories/abuse_reports.rb
+++ b/spec/factories/abuse_reports.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :abuse_report do
     reporter factory: :user
diff --git a/spec/factories/appearances.rb b/spec/factories/appearances.rb
index dd5129229d4..bdd5964fb93 100644
--- a/spec/factories/appearances.rb
+++ b/spec/factories/appearances.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Read about factories at https://github.com/thoughtbot/factory_bot
 
 FactoryBot.define do
diff --git a/spec/factories/application_settings.rb b/spec/factories/application_settings.rb
index 00c063c49f8..90b6b9e648a 100644
--- a/spec/factories/application_settings.rb
+++ b/spec/factories/application_settings.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :application_setting do
     default_projects_limit 42
diff --git a/spec/factories/award_emoji.rb b/spec/factories/award_emoji.rb
index 43753fa650c..a8bb806381e 100644
--- a/spec/factories/award_emoji.rb
+++ b/spec/factories/award_emoji.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :award_emoji do
     name "thumbsup"
diff --git a/spec/factories/badge.rb b/spec/factories/badge.rb
index b87ece946cb..1d4e29014cc 100644
--- a/spec/factories/badge.rb
+++ b/spec/factories/badge.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   trait :base_badge do
     link_url { generate(:url) }
diff --git a/spec/factories/boards.rb b/spec/factories/boards.rb
index 6524bb4830c..a5aff5c7504 100644
--- a/spec/factories/boards.rb
+++ b/spec/factories/boards.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :board do
     transient do
diff --git a/spec/factories/broadcast_messages.rb b/spec/factories/broadcast_messages.rb
index 1a2be5e9552..2a30e2034b1 100644
--- a/spec/factories/broadcast_messages.rb
+++ b/spec/factories/broadcast_messages.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :broadcast_message do
     message "MyText"
diff --git a/spec/factories/chat_names.rb b/spec/factories/chat_names.rb
index 56993e5da18..07bf990162f 100644
--- a/spec/factories/chat_names.rb
+++ b/spec/factories/chat_names.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :chat_name, class: ChatName do
     user factory: :user
diff --git a/spec/factories/chat_teams.rb b/spec/factories/chat_teams.rb
index d048c46d6b6..52628e6d53d 100644
--- a/spec/factories/chat_teams.rb
+++ b/spec/factories/chat_teams.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :chat_team, class: ChatTeam do
     sequence(:team_id) { |n| "abcdefghijklm#{n}" }
diff --git a/spec/factories/ci/bridge.rb b/spec/factories/ci/bridge.rb
index 7cb5900f2b7..6491b9dca19 100644
--- a/spec/factories/ci/bridge.rb
+++ b/spec/factories/ci/bridge.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :ci_bridge, class: Ci::Bridge do
     name 'bridge'
diff --git a/spec/factories/ci/build_trace_chunks.rb b/spec/factories/ci/build_trace_chunks.rb
index 3e8e2736423..492dc47f083 100644
--- a/spec/factories/ci/build_trace_chunks.rb
+++ b/spec/factories/ci/build_trace_chunks.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :ci_build_trace_chunk, class: Ci::BuildTraceChunk do
     build factory: :ci_build
diff --git a/spec/factories/ci/build_trace_section_names.rb b/spec/factories/ci/build_trace_section_names.rb
index ce07e716dde..e52694ef3dc 100644
--- a/spec/factories/ci/build_trace_section_names.rb
+++ b/spec/factories/ci/build_trace_section_names.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :ci_build_trace_section_name, class: Ci::BuildTraceSectionName do
     sequence(:name) { |n| "section_#{n}" }
diff --git a/spec/factories/ci/builds.rb b/spec/factories/ci/builds.rb
index 5f7c75a3a92..e3b7c64176a 100644
--- a/spec/factories/ci/builds.rb
+++ b/spec/factories/ci/builds.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 include ActionDispatch::TestProcess
 
 FactoryBot.define do
diff --git a/spec/factories/ci/group_variables.rb b/spec/factories/ci/group_variables.rb
index 9bf520a2c0a..13c2b78e61b 100644
--- a/spec/factories/ci/group_variables.rb
+++ b/spec/factories/ci/group_variables.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :ci_group_variable, class: Ci::GroupVariable do
     sequence(:key) { |n| "VARIABLE_#{n}" }
diff --git a/spec/factories/ci/job_artifacts.rb b/spec/factories/ci/job_artifacts.rb
index 542fa9775cd..2d68a8e9fe3 100644
--- a/spec/factories/ci/job_artifacts.rb
+++ b/spec/factories/ci/job_artifacts.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 include ActionDispatch::TestProcess
 
 FactoryBot.define do
diff --git a/spec/factories/ci/pipeline_schedule.rb b/spec/factories/ci/pipeline_schedule.rb
index 4b83ba2ac1b..8fae6986869 100644
--- a/spec/factories/ci/pipeline_schedule.rb
+++ b/spec/factories/ci/pipeline_schedule.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :ci_pipeline_schedule, class: Ci::PipelineSchedule do
     cron '0 1 * * *'
diff --git a/spec/factories/ci/pipeline_schedule_variables.rb b/spec/factories/ci/pipeline_schedule_variables.rb
index c85b97fbfc7..fd7cfada65b 100644
--- a/spec/factories/ci/pipeline_schedule_variables.rb
+++ b/spec/factories/ci/pipeline_schedule_variables.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :ci_pipeline_schedule_variable, class: Ci::PipelineScheduleVariable do
     sequence(:key) { |n| "VARIABLE_#{n}" }
diff --git a/spec/factories/ci/pipeline_variables.rb b/spec/factories/ci/pipeline_variables.rb
index b18055d7b3a..af0982124d7 100644
--- a/spec/factories/ci/pipeline_variables.rb
+++ b/spec/factories/ci/pipeline_variables.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :ci_pipeline_variable, class: Ci::PipelineVariable do
     sequence(:key) { |n| "VARIABLE_#{n}" }
diff --git a/spec/factories/ci/pipelines.rb b/spec/factories/ci/pipelines.rb
index aa5ccbda6cd..9652b0000a9 100644
--- a/spec/factories/ci/pipelines.rb
+++ b/spec/factories/ci/pipelines.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :ci_empty_pipeline, class: Ci::Pipeline do
     source :push
diff --git a/spec/factories/ci/runner_projects.rb b/spec/factories/ci/runner_projects.rb
index ec15972c423..bc28544a839 100644
--- a/spec/factories/ci/runner_projects.rb
+++ b/spec/factories/ci/runner_projects.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :ci_runner_project, class: Ci::RunnerProject do
     runner factory: [:ci_runner, :project]
diff --git a/spec/factories/ci/runners.rb b/spec/factories/ci/runners.rb
index 24e70913b87..1e4344b814d 100644
--- a/spec/factories/ci/runners.rb
+++ b/spec/factories/ci/runners.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :ci_runner, class: Ci::Runner do
     sequence(:description) { |n| "My runner#{n}" }
diff --git a/spec/factories/ci/stages.rb b/spec/factories/ci/stages.rb
index ce61e6bf759..88ff8d7dc53 100644
--- a/spec/factories/ci/stages.rb
+++ b/spec/factories/ci/stages.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :ci_stage, class: Ci::LegacyStage do
     skip_create
diff --git a/spec/factories/ci/trigger_requests.rb b/spec/factories/ci/trigger_requests.rb
index 0e9fc3d0014..d63bf9868c9 100644
--- a/spec/factories/ci/trigger_requests.rb
+++ b/spec/factories/ci/trigger_requests.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :ci_trigger_request, class: Ci::TriggerRequest do
     trigger factory: :ci_trigger
diff --git a/spec/factories/ci/triggers.rb b/spec/factories/ci/triggers.rb
index 742d9efba2d..6f628ed5435 100644
--- a/spec/factories/ci/triggers.rb
+++ b/spec/factories/ci/triggers.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :ci_trigger_without_token, class: Ci::Trigger do
     owner
diff --git a/spec/factories/ci/variables.rb b/spec/factories/ci/variables.rb
index 97a7c9ba252..55d11085040 100644
--- a/spec/factories/ci/variables.rb
+++ b/spec/factories/ci/variables.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :ci_variable, class: Ci::Variable do
     sequence(:key) { |n| "VARIABLE_#{n}" }
diff --git a/spec/factories/clusters/applications/helm.rb b/spec/factories/clusters/applications/helm.rb
index d78f01828d7..7fe9ea6801a 100644
--- a/spec/factories/clusters/applications/helm.rb
+++ b/spec/factories/clusters/applications/helm.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :clusters_applications_helm, class: Clusters::Applications::Helm do
     cluster factory: %i(cluster provided_by_gcp)
diff --git a/spec/factories/clusters/clusters.rb b/spec/factories/clusters/clusters.rb
index 171f5256d2b..b0d14b672f4 100644
--- a/spec/factories/clusters/clusters.rb
+++ b/spec/factories/clusters/clusters.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :cluster, class: Clusters::Cluster do
     user
diff --git a/spec/factories/clusters/platforms/kubernetes.rb b/spec/factories/clusters/platforms/kubernetes.rb
index bf30a9c3a61..d5dc288fddb 100644
--- a/spec/factories/clusters/platforms/kubernetes.rb
+++ b/spec/factories/clusters/platforms/kubernetes.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :cluster_platform_kubernetes, class: Clusters::Platforms::Kubernetes do
     cluster
diff --git a/spec/factories/clusters/providers/gcp.rb b/spec/factories/clusters/providers/gcp.rb
index 186c7c8027c..22462651b6a 100644
--- a/spec/factories/clusters/providers/gcp.rb
+++ b/spec/factories/clusters/providers/gcp.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :cluster_provider_gcp, class: Clusters::Providers::Gcp do
     cluster
diff --git a/spec/factories/commit_statuses.rb b/spec/factories/commit_statuses.rb
index 848a31e96c1..a76da30217e 100644
--- a/spec/factories/commit_statuses.rb
+++ b/spec/factories/commit_statuses.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :commit_status, class: CommitStatus do
     name 'default'
diff --git a/spec/factories/commits.rb b/spec/factories/commits.rb
index 2bcc4b6cf52..d1554426a76 100644
--- a/spec/factories/commits.rb
+++ b/spec/factories/commits.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require_relative '../support/helpers/repo_helpers'
 
 FactoryBot.define do
diff --git a/spec/factories/container_repositories.rb b/spec/factories/container_repositories.rb
index 00fad7975c9..a9771200d6e 100644
--- a/spec/factories/container_repositories.rb
+++ b/spec/factories/container_repositories.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :container_repository do
     name 'test_image'
diff --git a/spec/factories/conversational_development_index_metrics.rb b/spec/factories/conversational_development_index_metrics.rb
index abf37fb861e..ea5816684c6 100644
--- a/spec/factories/conversational_development_index_metrics.rb
+++ b/spec/factories/conversational_development_index_metrics.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :conversational_development_index_metric, class: ConversationalDevelopmentIndex::Metric do
     leader_issues 9.256
diff --git a/spec/factories/deploy_keys_projects.rb b/spec/factories/deploy_keys_projects.rb
index 4350652fb79..7f82902dee7 100644
--- a/spec/factories/deploy_keys_projects.rb
+++ b/spec/factories/deploy_keys_projects.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :deploy_keys_project do
     deploy_key
diff --git a/spec/factories/deploy_tokens.rb b/spec/factories/deploy_tokens.rb
index 017e866e69c..a96258f5cbe 100644
--- a/spec/factories/deploy_tokens.rb
+++ b/spec/factories/deploy_tokens.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :deploy_token do
     token { SecureRandom.hex(50) }
diff --git a/spec/factories/deployments.rb b/spec/factories/deployments.rb
index 1c7787bc1a6..89ff1c527df 100644
--- a/spec/factories/deployments.rb
+++ b/spec/factories/deployments.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :deployment, class: Deployment do
     sha 'b83d6e391c22777fca1ed3012fce84f633d7fed0'
diff --git a/spec/factories/emails.rb b/spec/factories/emails.rb
index feacd5ccf15..284ba631c37 100644
--- a/spec/factories/emails.rb
+++ b/spec/factories/emails.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :email do
     user
diff --git a/spec/factories/environments.rb b/spec/factories/environments.rb
index 9d9e3d693b8..b5c8f0ca4f0 100644
--- a/spec/factories/environments.rb
+++ b/spec/factories/environments.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :environment, class: Environment do
     sequence(:name) { |n| "environment#{n}" }
diff --git a/spec/factories/events.rb b/spec/factories/events.rb
index bf8411b1894..b15eb1592fc 100644
--- a/spec/factories/events.rb
+++ b/spec/factories/events.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :event do
     project
diff --git a/spec/factories/file_uploaders.rb b/spec/factories/file_uploaders.rb
index 8404985bfea..ec8f5c9af2d 100644
--- a/spec/factories/file_uploaders.rb
+++ b/spec/factories/file_uploaders.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :file_uploader do
     skip_create
diff --git a/spec/factories/fork_network_members.rb b/spec/factories/fork_network_members.rb
index 850e3f158f1..d34de72ab60 100644
--- a/spec/factories/fork_network_members.rb
+++ b/spec/factories/fork_network_members.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :fork_network_member do
     association :project
diff --git a/spec/factories/fork_networks.rb b/spec/factories/fork_networks.rb
index 813b1943eb2..12ea688bbce 100644
--- a/spec/factories/fork_networks.rb
+++ b/spec/factories/fork_networks.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :fork_network do
     association :root_project, factory: :project
diff --git a/spec/factories/gitaly/commit.rb b/spec/factories/gitaly/commit.rb
index 5034c3d0e48..954b5338846 100644
--- a/spec/factories/gitaly/commit.rb
+++ b/spec/factories/gitaly/commit.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   sequence(:gitaly_commit_id) { Digest::SHA1.hexdigest(Time.now.to_f.to_s) }
 
diff --git a/spec/factories/gitaly/commit_author.rb b/spec/factories/gitaly/commit_author.rb
index aaf634ce08b..51dcd8a623b 100644
--- a/spec/factories/gitaly/commit_author.rb
+++ b/spec/factories/gitaly/commit_author.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :gitaly_commit_author, class: Gitaly::CommitAuthor do
     skip_create
diff --git a/spec/factories/gitaly/tag.rb b/spec/factories/gitaly/tag.rb
index e99776d524a..a7a84753090 100644
--- a/spec/factories/gitaly/tag.rb
+++ b/spec/factories/gitaly/tag.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :gitaly_tag, class: Gitaly::Tag do
     skip_create
diff --git a/spec/factories/gpg_key_subkeys.rb b/spec/factories/gpg_key_subkeys.rb
index 6c7db5379a9..9daf26d930d 100644
--- a/spec/factories/gpg_key_subkeys.rb
+++ b/spec/factories/gpg_key_subkeys.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :gpg_key_subkey do
     gpg_key
diff --git a/spec/factories/gpg_keys.rb b/spec/factories/gpg_keys.rb
index 3c0f43cc1b6..9f321643174 100644
--- a/spec/factories/gpg_keys.rb
+++ b/spec/factories/gpg_keys.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require_relative '../support/helpers/gpg_helpers'
 
 FactoryBot.define do
diff --git a/spec/factories/gpg_signature.rb b/spec/factories/gpg_signature.rb
index b89e6ffc4b3..a0fc1740d77 100644
--- a/spec/factories/gpg_signature.rb
+++ b/spec/factories/gpg_signature.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :gpg_signature do
     commit_sha { Digest::SHA1.hexdigest(SecureRandom.hex) }
diff --git a/spec/factories/group_custom_attributes.rb b/spec/factories/group_custom_attributes.rb
index d2f45d5d3ce..895bc42c84b 100644
--- a/spec/factories/group_custom_attributes.rb
+++ b/spec/factories/group_custom_attributes.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :group_custom_attribute do
     group
diff --git a/spec/factories/group_members.rb b/spec/factories/group_members.rb
index 077c6ddc5ae..3bf9cdef253 100644
--- a/spec/factories/group_members.rb
+++ b/spec/factories/group_members.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :group_member do
     access_level { GroupMember::OWNER }
diff --git a/spec/factories/groups.rb b/spec/factories/groups.rb
index b67ab955ffc..334c0f369cd 100644
--- a/spec/factories/groups.rb
+++ b/spec/factories/groups.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :group, class: Group, parent: :namespace do
     sequence(:name) { |n| "group#{n}" }
diff --git a/spec/factories/identities.rb b/spec/factories/identities.rb
index 122d0d42938..21cfe7fe623 100644
--- a/spec/factories/identities.rb
+++ b/spec/factories/identities.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :identity do
     provider 'ldapmain'
diff --git a/spec/factories/import_export_uploads.rb b/spec/factories/import_export_uploads.rb
index 7750d49b1d0..8521411e0e8 100644
--- a/spec/factories/import_export_uploads.rb
+++ b/spec/factories/import_export_uploads.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :import_export_upload do
     project { create(:project) }
diff --git a/spec/factories/import_states.rb b/spec/factories/import_states.rb
index d6de26dccbc..8e778200389 100644
--- a/spec/factories/import_states.rb
+++ b/spec/factories/import_states.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :import_state, class: ProjectImportState do
     status :none
diff --git a/spec/factories/instance_configuration.rb b/spec/factories/instance_configuration.rb
index 31866a9c221..daa0be3f404 100644
--- a/spec/factories/instance_configuration.rb
+++ b/spec/factories/instance_configuration.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :instance_configuration do
     skip_create
diff --git a/spec/factories/internal_ids.rb b/spec/factories/internal_ids.rb
index fbde07a391a..df5c5beeb42 100644
--- a/spec/factories/internal_ids.rb
+++ b/spec/factories/internal_ids.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :internal_id do
     project
diff --git a/spec/factories/issues.rb b/spec/factories/issues.rb
index ab27fee33dc..434225f7022 100644
--- a/spec/factories/issues.rb
+++ b/spec/factories/issues.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :issue do
     title { generate(:title) }
diff --git a/spec/factories/keys.rb b/spec/factories/keys.rb
index 3f0c60f32b7..087d2521836 100644
--- a/spec/factories/keys.rb
+++ b/spec/factories/keys.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require_relative '../support/helpers/key_generator_helper'
 
 FactoryBot.define do
diff --git a/spec/factories/label_links.rb b/spec/factories/label_links.rb
index 007847d9cf4..9b7c0a158bd 100644
--- a/spec/factories/label_links.rb
+++ b/spec/factories/label_links.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :label_link do
     label
diff --git a/spec/factories/label_priorities.rb b/spec/factories/label_priorities.rb
index c4824faad53..2f9f2ddfa89 100644
--- a/spec/factories/label_priorities.rb
+++ b/spec/factories/label_priorities.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :label_priority do
     project
diff --git a/spec/factories/labels.rb b/spec/factories/labels.rb
index f759b6d499d..3eed750be03 100644
--- a/spec/factories/labels.rb
+++ b/spec/factories/labels.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   trait :base_label do
     title { generate(:label_title) }
diff --git a/spec/factories/lfs_file_locks.rb b/spec/factories/lfs_file_locks.rb
index b9d24f82b65..73675d076ab 100644
--- a/spec/factories/lfs_file_locks.rb
+++ b/spec/factories/lfs_file_locks.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :lfs_file_lock do
     user
diff --git a/spec/factories/lfs_objects.rb b/spec/factories/lfs_objects.rb
index 08ac7fb69e7..631d87cfb12 100644
--- a/spec/factories/lfs_objects.rb
+++ b/spec/factories/lfs_objects.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 include ActionDispatch::TestProcess
 
 FactoryBot.define do
diff --git a/spec/factories/lfs_objects_projects.rb b/spec/factories/lfs_objects_projects.rb
index 4804d0bb884..7b55cc57f75 100644
--- a/spec/factories/lfs_objects_projects.rb
+++ b/spec/factories/lfs_objects_projects.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :lfs_objects_project do
     lfs_object
diff --git a/spec/factories/lists.rb b/spec/factories/lists.rb
index 210c58b21e9..e68611ec518 100644
--- a/spec/factories/lists.rb
+++ b/spec/factories/lists.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :list do
     board
diff --git a/spec/factories/merge_requests.rb b/spec/factories/merge_requests.rb
index 0b6a43b13a9..3d12ff98257 100644
--- a/spec/factories/merge_requests.rb
+++ b/spec/factories/merge_requests.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :merge_request do
     title { generate(:title) }
diff --git a/spec/factories/merge_requests_closing_issues.rb b/spec/factories/merge_requests_closing_issues.rb
index ee0606a72b6..94f8b27358c 100644
--- a/spec/factories/merge_requests_closing_issues.rb
+++ b/spec/factories/merge_requests_closing_issues.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :merge_requests_closing_issues do
     issue
diff --git a/spec/factories/milestones.rb b/spec/factories/milestones.rb
index 027349b2f8e..7d623000fc9 100644
--- a/spec/factories/milestones.rb
+++ b/spec/factories/milestones.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :milestone do
     title
diff --git a/spec/factories/namespaces.rb b/spec/factories/namespaces.rb
index 0cfc6e3aa46..09dbe16ef9e 100644
--- a/spec/factories/namespaces.rb
+++ b/spec/factories/namespaces.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :namespace do
     sequence(:name) { |n| "namespace#{n}" }
diff --git a/spec/factories/notes.rb b/spec/factories/notes.rb
index c51f2f958f9..5b9a7e6f864 100644
--- a/spec/factories/notes.rb
+++ b/spec/factories/notes.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require_relative '../support/helpers/repo_helpers'
 
 include ActionDispatch::TestProcess
diff --git a/spec/factories/notification_settings.rb b/spec/factories/notification_settings.rb
index 5116ef33f5d..c16b0e456ba 100644
--- a/spec/factories/notification_settings.rb
+++ b/spec/factories/notification_settings.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :notification_setting do
     source factory: :project
diff --git a/spec/factories/oauth_access_grants.rb b/spec/factories/oauth_access_grants.rb
index 02c51cd9899..7a46ae6d71d 100644
--- a/spec/factories/oauth_access_grants.rb
+++ b/spec/factories/oauth_access_grants.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :oauth_access_grant do
     resource_owner_id { create(:user).id }
diff --git a/spec/factories/oauth_access_tokens.rb b/spec/factories/oauth_access_tokens.rb
index eabfd6cd830..8d1075dacbb 100644
--- a/spec/factories/oauth_access_tokens.rb
+++ b/spec/factories/oauth_access_tokens.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :oauth_access_token do
     resource_owner
diff --git a/spec/factories/oauth_applications.rb b/spec/factories/oauth_applications.rb
index 4427da1d6c7..4748b320298 100644
--- a/spec/factories/oauth_applications.rb
+++ b/spec/factories/oauth_applications.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :oauth_application, class: 'Doorkeeper::Application', aliases: [:application] do
     sequence(:name) { |n| "OAuth App #{n}" }
diff --git a/spec/factories/pages_domains.rb b/spec/factories/pages_domains.rb
index e441dfcf229..ee5be82cd19 100644
--- a/spec/factories/pages_domains.rb
+++ b/spec/factories/pages_domains.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :pages_domain, class: 'PagesDomain' do
     sequence(:domain) { |n| "my#{n}.domain.com" }
diff --git a/spec/factories/personal_access_tokens.rb b/spec/factories/personal_access_tokens.rb
index e7fd22a96b2..cc9b2328705 100644
--- a/spec/factories/personal_access_tokens.rb
+++ b/spec/factories/personal_access_tokens.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :personal_access_token do
     user
diff --git a/spec/factories/pool_repositories.rb b/spec/factories/pool_repositories.rb
index 8cac666069c..7a8946d47b0 100644
--- a/spec/factories/pool_repositories.rb
+++ b/spec/factories/pool_repositories.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :pool_repository do
     shard { Shard.by_name("default") }
diff --git a/spec/factories/programming_languages.rb b/spec/factories/programming_languages.rb
index d3511d42b6c..ee8e7765ec9 100644
--- a/spec/factories/programming_languages.rb
+++ b/spec/factories/programming_languages.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :programming_language do
     name 'Ruby'
diff --git a/spec/factories/project_auto_devops.rb b/spec/factories/project_auto_devops.rb
index 1de42512402..4cc59c7095c 100644
--- a/spec/factories/project_auto_devops.rb
+++ b/spec/factories/project_auto_devops.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :project_auto_devops do
     project
diff --git a/spec/factories/project_custom_attributes.rb b/spec/factories/project_custom_attributes.rb
index 099d2d7ff19..c9ed86cc0ac 100644
--- a/spec/factories/project_custom_attributes.rb
+++ b/spec/factories/project_custom_attributes.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :project_custom_attribute do
     project
diff --git a/spec/factories/project_deploy_tokens.rb b/spec/factories/project_deploy_tokens.rb
index 4866cb58d88..fbf5454b0fe 100644
--- a/spec/factories/project_deploy_tokens.rb
+++ b/spec/factories/project_deploy_tokens.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :project_deploy_token do
     project
diff --git a/spec/factories/project_group_links.rb b/spec/factories/project_group_links.rb
index 59c77627ee5..b02d167a950 100644
--- a/spec/factories/project_group_links.rb
+++ b/spec/factories/project_group_links.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :project_group_link do
     project
diff --git a/spec/factories/project_hooks.rb b/spec/factories/project_hooks.rb
index a448d565e4b..96c9742c7d0 100644
--- a/spec/factories/project_hooks.rb
+++ b/spec/factories/project_hooks.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :project_hook do
     url { generate(:url) }
diff --git a/spec/factories/project_members.rb b/spec/factories/project_members.rb
index c72e0487895..6dcac0400ca 100644
--- a/spec/factories/project_members.rb
+++ b/spec/factories/project_members.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :project_member do
     user
diff --git a/spec/factories/project_statistics.rb b/spec/factories/project_statistics.rb
index 3d4174eb852..f084d9d5cbf 100644
--- a/spec/factories/project_statistics.rb
+++ b/spec/factories/project_statistics.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :project_statistics do
     project
diff --git a/spec/factories/project_wikis.rb b/spec/factories/project_wikis.rb
index 4d21ed47f39..401402614f4 100644
--- a/spec/factories/project_wikis.rb
+++ b/spec/factories/project_wikis.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :project_wiki do
     skip_create
diff --git a/spec/factories/projects.rb b/spec/factories/projects.rb
index 0e8810b73a1..afe27aaf1fb 100644
--- a/spec/factories/projects.rb
+++ b/spec/factories/projects.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require_relative '../support/helpers/test_env'
 
 FactoryBot.define do
diff --git a/spec/factories/protected_branches.rb b/spec/factories/protected_branches.rb
index 5457c0d2a8f..741615bc0d3 100644
--- a/spec/factories/protected_branches.rb
+++ b/spec/factories/protected_branches.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :protected_branch do
     name
diff --git a/spec/factories/protected_tags.rb b/spec/factories/protected_tags.rb
index 2b81d089549..6ff2a245b58 100644
--- a/spec/factories/protected_tags.rb
+++ b/spec/factories/protected_tags.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :protected_tag do
     name
diff --git a/spec/factories/redirect_routes.rb b/spec/factories/redirect_routes.rb
index 774232d0b34..8fa0aec007c 100644
--- a/spec/factories/redirect_routes.rb
+++ b/spec/factories/redirect_routes.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :redirect_route do
     sequence(:path) { |n| "redirect#{n}" }
diff --git a/spec/factories/releases.rb b/spec/factories/releases.rb
index 4cacc77c182..34794f57284 100644
--- a/spec/factories/releases.rb
+++ b/spec/factories/releases.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :release do
     tag "v1.1.0"
diff --git a/spec/factories/remote_mirrors.rb b/spec/factories/remote_mirrors.rb
index adc7da27522..ff1d751c86c 100644
--- a/spec/factories/remote_mirrors.rb
+++ b/spec/factories/remote_mirrors.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :remote_mirror, class: 'RemoteMirror' do
     association :project, :repository
diff --git a/spec/factories/repository_languages.rb b/spec/factories/repository_languages.rb
index 1757ba6766c..b2b17ebbce2 100644
--- a/spec/factories/repository_languages.rb
+++ b/spec/factories/repository_languages.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :repository_language do
     project
diff --git a/spec/factories/sent_notifications.rb b/spec/factories/sent_notifications.rb
index b0174dd06b7..11116af7dbb 100644
--- a/spec/factories/sent_notifications.rb
+++ b/spec/factories/sent_notifications.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :sent_notification do
     project
diff --git a/spec/factories/sequences.rb b/spec/factories/sequences.rb
index f2b6e7a11f9..b6f2d6d8389 100644
--- a/spec/factories/sequences.rb
+++ b/spec/factories/sequences.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   sequence(:username) { |n| "user#{n}" }
   sequence(:name) { |n| "John Doe#{n}" }
diff --git a/spec/factories/service_hooks.rb b/spec/factories/service_hooks.rb
index c907862b4f6..ff819f4f8d0 100644
--- a/spec/factories/service_hooks.rb
+++ b/spec/factories/service_hooks.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :service_hook do
     url { generate(:url) }
diff --git a/spec/factories/services.rb b/spec/factories/services.rb
index daf842e3075..5ef39b3e818 100644
--- a/spec/factories/services.rb
+++ b/spec/factories/services.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :service do
     project
diff --git a/spec/factories/shards.rb b/spec/factories/shards.rb
index c095fa5f0a0..c30a38180e8 100644
--- a/spec/factories/shards.rb
+++ b/spec/factories/shards.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :shard do
     name "default"
diff --git a/spec/factories/snippets.rb b/spec/factories/snippets.rb
index dc12b562108..9c3a0fbe9b3 100644
--- a/spec/factories/snippets.rb
+++ b/spec/factories/snippets.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :snippet do
     author
diff --git a/spec/factories/spam_logs.rb b/spec/factories/spam_logs.rb
index a467f850a80..42a856832e7 100644
--- a/spec/factories/spam_logs.rb
+++ b/spec/factories/spam_logs.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :spam_log do
     user
diff --git a/spec/factories/subscriptions.rb b/spec/factories/subscriptions.rb
index 8f7ab74ec70..2b652cd57bf 100644
--- a/spec/factories/subscriptions.rb
+++ b/spec/factories/subscriptions.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :subscription do
     project
diff --git a/spec/factories/system_hooks.rb b/spec/factories/system_hooks.rb
index 9e00eeb6ef1..a2d163a060f 100644
--- a/spec/factories/system_hooks.rb
+++ b/spec/factories/system_hooks.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :system_hook do
     url { generate(:url) }
diff --git a/spec/factories/system_note_metadata.rb b/spec/factories/system_note_metadata.rb
index e913068da40..8cd4b77799c 100644
--- a/spec/factories/system_note_metadata.rb
+++ b/spec/factories/system_note_metadata.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :system_note_metadata do
     note
diff --git a/spec/factories/term_agreements.rb b/spec/factories/term_agreements.rb
index 3c4eebd0196..b7e259bd44b 100644
--- a/spec/factories/term_agreements.rb
+++ b/spec/factories/term_agreements.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :term_agreement do
     term
diff --git a/spec/factories/terms.rb b/spec/factories/terms.rb
index 5ffca365a5f..b890261d293 100644
--- a/spec/factories/terms.rb
+++ b/spec/factories/terms.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :term, class: ApplicationSetting::Term do
     terms "Lorem ipsum dolor sit amet, consectetur adipiscing elit."
diff --git a/spec/factories/timelogs.rb b/spec/factories/timelogs.rb
index b45f06b9a0a..056a8833c46 100644
--- a/spec/factories/timelogs.rb
+++ b/spec/factories/timelogs.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # Read about factories at https://github.com/thoughtbot/factory_bot
 
 FactoryBot.define do
diff --git a/spec/factories/todos.rb b/spec/factories/todos.rb
index ed3d87eb76b..2ff024112a4 100644
--- a/spec/factories/todos.rb
+++ b/spec/factories/todos.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :todo do
     project
diff --git a/spec/factories/trending_project.rb b/spec/factories/trending_project.rb
index f7c634fd21f..354b8c1e002 100644
--- a/spec/factories/trending_project.rb
+++ b/spec/factories/trending_project.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   # TrendingProject
   factory :trending_project, class: 'TrendingProject' do
diff --git a/spec/factories/u2f_registrations.rb b/spec/factories/u2f_registrations.rb
index 26090b08966..c968468834b 100644
--- a/spec/factories/u2f_registrations.rb
+++ b/spec/factories/u2f_registrations.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :u2f_registration do
     certificate { FFaker::BaconIpsum.characters(728) }
diff --git a/spec/factories/uploads.rb b/spec/factories/uploads.rb
index 426abdc2a6c..2ede92c8af0 100644
--- a/spec/factories/uploads.rb
+++ b/spec/factories/uploads.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :upload do
     model { build(:project) }
diff --git a/spec/factories/user_agent_details.rb b/spec/factories/user_agent_details.rb
index 7183a8e1140..055aea50585 100644
--- a/spec/factories/user_agent_details.rb
+++ b/spec/factories/user_agent_details.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :user_agent_detail do
     ip_address '127.0.0.1'
diff --git a/spec/factories/user_callouts.rb b/spec/factories/user_callouts.rb
index 528e442c14b..c4a217fd357 100644
--- a/spec/factories/user_callouts.rb
+++ b/spec/factories/user_callouts.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :user_callout do
     feature_name :gke_cluster_integration
diff --git a/spec/factories/user_custom_attributes.rb b/spec/factories/user_custom_attributes.rb
index a184a2e0f17..7bd5c06f4ef 100644
--- a/spec/factories/user_custom_attributes.rb
+++ b/spec/factories/user_custom_attributes.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :user_custom_attribute do
     user
diff --git a/spec/factories/users.rb b/spec/factories/users.rb
index 4f3392cdcbf..b2c8bdab013 100644
--- a/spec/factories/users.rb
+++ b/spec/factories/users.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :user, aliases: [:author, :assignee, :recipient, :owner, :resource_owner] do
     email { generate(:email) }
diff --git a/spec/factories/users_star_projects.rb b/spec/factories/users_star_projects.rb
index 6afd08a2084..a1299024fe4 100644
--- a/spec/factories/users_star_projects.rb
+++ b/spec/factories/users_star_projects.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :users_star_project do
     project
diff --git a/spec/factories/web_hook_log.rb b/spec/factories/web_hook_log.rb
index 17837260a4b..5750af85662 100644
--- a/spec/factories/web_hook_log.rb
+++ b/spec/factories/web_hook_log.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :web_hook_log do
     web_hook factory: :project_hook
diff --git a/spec/factories/wiki_directories.rb b/spec/factories/wiki_directories.rb
index b105c82b19d..de23cf110b5 100644
--- a/spec/factories/wiki_directories.rb
+++ b/spec/factories/wiki_directories.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 FactoryBot.define do
   factory :wiki_directory do
     skip_create
diff --git a/spec/factories/wiki_pages.rb b/spec/factories/wiki_pages.rb
index ae257d769e8..761ba58edb2 100644
--- a/spec/factories/wiki_pages.rb
+++ b/spec/factories/wiki_pages.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'ostruct'
 
 FactoryBot.define do
-- 
cgit v1.2.1


From 73e848850c2fbb890ae7d5e0886cd2d85aafa3d2 Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Thu, 25 Jul 2019 17:24:42 +1200
Subject: Add frozen_string_literal to spec/features

Using the sed script from
https://gitlab.com/gitlab-org/gitlab-ce/issues/59758
---
 spec/features/abuse_report_spec.rb                                      | 2 ++
 spec/features/admin/admin_abuse_reports_spec.rb                         | 2 ++
 spec/features/admin/admin_broadcast_messages_spec.rb                    | 2 ++
 spec/features/admin/admin_browse_spam_logs_spec.rb                      | 2 ++
 spec/features/admin/admin_browses_logs_spec.rb                          | 2 ++
 spec/features/admin/admin_builds_spec.rb                                | 2 ++
 spec/features/admin/admin_deploy_keys_spec.rb                           | 2 ++
 spec/features/admin/admin_disables_git_access_protocol_spec.rb          | 2 ++
 spec/features/admin/admin_disables_two_factor_spec.rb                   | 2 ++
 spec/features/admin/admin_groups_spec.rb                                | 2 ++
 spec/features/admin/admin_health_check_spec.rb                          | 2 ++
 spec/features/admin/admin_hook_logs_spec.rb                             | 2 ++
 spec/features/admin/admin_hooks_spec.rb                                 | 2 ++
 spec/features/admin/admin_labels_spec.rb                                | 2 ++
 spec/features/admin/admin_manage_applications_spec.rb                   | 2 ++
 spec/features/admin/admin_projects_spec.rb                              | 2 ++
 spec/features/admin/admin_requests_profiles_spec.rb                     | 2 ++
 spec/features/admin/admin_runners_spec.rb                               | 2 ++
 spec/features/admin/admin_settings_spec.rb                              | 2 ++
 spec/features/admin/admin_system_info_spec.rb                           | 2 ++
 spec/features/admin/admin_users_impersonation_tokens_spec.rb            | 2 ++
 spec/features/admin/admin_users_spec.rb                                 | 2 ++
 spec/features/admin/admin_uses_repository_checks_spec.rb                | 2 ++
 spec/features/admin/dashboard_spec.rb                                   | 2 ++
 spec/features/admin/services/admin_activates_prometheus_spec.rb         | 2 ++
 spec/features/atom/dashboard_spec.rb                                    | 2 ++
 spec/features/atom/issues_spec.rb                                       | 2 ++
 spec/features/atom/users_spec.rb                                        | 2 ++
 spec/features/boards/add_issues_modal_spec.rb                           | 2 ++
 spec/features/boards/boards_spec.rb                                     | 2 ++
 spec/features/boards/issue_ordering_spec.rb                             | 2 ++
 spec/features/boards/keyboard_shortcut_spec.rb                          | 2 ++
 spec/features/boards/modal_filter_spec.rb                               | 2 ++
 spec/features/boards/new_issue_spec.rb                                  | 2 ++
 spec/features/boards/reload_boards_on_browser_back_spec.rb              | 2 ++
 spec/features/boards/sidebar_spec.rb                                    | 2 ++
 spec/features/boards/sub_group_project_spec.rb                          | 2 ++
 spec/features/calendar_spec.rb                                          | 2 ++
 spec/features/commits_spec.rb                                           | 2 ++
 spec/features/container_registry_spec.rb                                | 2 ++
 spec/features/cycle_analytics_spec.rb                                   | 2 ++
 spec/features/dashboard/active_tab_spec.rb                              | 2 ++
 spec/features/dashboard/activity_spec.rb                                | 2 ++
 spec/features/dashboard/archived_projects_spec.rb                       | 2 ++
 spec/features/dashboard/datetime_on_tooltips_spec.rb                    | 2 ++
 .../group_dashboard_with_external_authorization_service_spec.rb         | 2 ++
 spec/features/dashboard/group_spec.rb                                   | 2 ++
 spec/features/dashboard/groups_list_spec.rb                             | 2 ++
 spec/features/dashboard/help_spec.rb                                    | 2 ++
 spec/features/dashboard/issuables_counter_spec.rb                       | 2 ++
 spec/features/dashboard/issues_filter_spec.rb                           | 2 ++
 spec/features/dashboard/issues_spec.rb                                  | 2 ++
 spec/features/dashboard/label_filter_spec.rb                            | 2 ++
 spec/features/dashboard/merge_requests_spec.rb                          | 2 ++
 spec/features/dashboard/milestone_tabs_spec.rb                          | 2 ++
 spec/features/dashboard/milestones_spec.rb                              | 2 ++
 spec/features/dashboard/project_member_activity_index_spec.rb           | 2 ++
 spec/features/dashboard/projects_spec.rb                                | 2 ++
 spec/features/dashboard/shortcuts_spec.rb                               | 2 ++
 spec/features/dashboard/snippets_spec.rb                                | 2 ++
 spec/features/dashboard/todos/target_state_spec.rb                      | 2 ++
 spec/features/dashboard/todos/todos_filtering_spec.rb                   | 2 ++
 spec/features/dashboard/todos/todos_sorting_spec.rb                     | 2 ++
 spec/features/dashboard/todos/todos_spec.rb                             | 2 ++
 spec/features/dashboard/user_filters_projects_spec.rb                   | 2 ++
 spec/features/discussion_comments/commit_spec.rb                        | 2 ++
 spec/features/discussion_comments/issue_spec.rb                         | 2 ++
 spec/features/discussion_comments/merge_request_spec.rb                 | 2 ++
 spec/features/discussion_comments/snippets_spec.rb                      | 2 ++
 spec/features/error_pages_spec.rb                                       | 2 ++
 spec/features/expand_collapse_diffs_spec.rb                             | 2 ++
 spec/features/explore/groups_list_spec.rb                               | 2 ++
 spec/features/explore/groups_spec.rb                                    | 2 ++
 spec/features/explore/user_explores_projects_spec.rb                    | 2 ++
 spec/features/global_search_spec.rb                                     | 2 ++
 spec/features/group_variables_spec.rb                                   | 2 ++
 spec/features/groups/activity_spec.rb                                   | 2 ++
 spec/features/groups/board_spec.rb                                      | 2 ++
 spec/features/groups/empty_states_spec.rb                               | 2 ++
 spec/features/groups/group_settings_spec.rb                             | 2 ++
 spec/features/groups/issues_spec.rb                                     | 2 ++
 spec/features/groups/labels/edit_spec.rb                                | 2 ++
 spec/features/groups/labels/subscription_spec.rb                        | 2 ++
 spec/features/groups/labels/user_sees_links_to_issuables.rb             | 2 ++
 spec/features/groups/members/filter_members_spec.rb                     | 2 ++
 spec/features/groups/members/leave_group_spec.rb                        | 2 ++
 spec/features/groups/members/list_members_spec.rb                       | 2 ++
 spec/features/groups/members/manage_members_spec.rb                     | 2 ++
 spec/features/groups/members/master_manages_access_requests_spec.rb     | 2 ++
 spec/features/groups/members/request_access_spec.rb                     | 2 ++
 spec/features/groups/members/search_members_spec.rb                     | 2 ++
 spec/features/groups/members/sort_members_spec.rb                       | 2 ++
 spec/features/groups/milestone_spec.rb                                  | 2 ++
 spec/features/groups/milestones_sorting_spec.rb                         | 2 ++
 spec/features/groups/settings/group_badges_spec.rb                      | 2 ++
 spec/features/groups/share_lock_spec.rb                                 | 2 ++
 spec/features/groups/show_spec.rb                                       | 2 ++
 spec/features/groups/user_browse_projects_group_page_spec.rb            | 2 ++
 .../features/groups/user_sees_users_dropdowns_in_issuables_list_spec.rb | 2 ++
 spec/features/groups_spec.rb                                            | 2 ++
 spec/features/ics/dashboard_issues_spec.rb                              | 2 ++
 spec/features/ics/group_issues_spec.rb                                  | 2 ++
 spec/features/ics/project_issues_spec.rb                                | 2 ++
 spec/features/ide/user_opens_merge_request_spec.rb                      | 2 ++
 spec/features/ide_spec.rb                                               | 2 ++
 spec/features/import/manifest_import_spec.rb                            | 2 ++
 spec/features/instance_statistics/cohorts_spec.rb                       | 2 ++
 spec/features/instance_statistics/instance_statistics.rb                | 2 ++
 spec/features/invites_spec.rb                                           | 2 ++
 spec/features/issuables/close_reopen_report_toggle_spec.rb              | 2 ++
 spec/features/issuables/discussion_lock_spec.rb                         | 2 ++
 spec/features/issuables/issuable_list_spec.rb                           | 2 ++
 spec/features/issuables/markdown_references/internal_references_spec.rb | 2 ++
 spec/features/issuables/markdown_references/jira_spec.rb                | 2 ++
 spec/features/issuables/shortcuts_issuable_spec.rb                      | 2 ++
 spec/features/issuables/user_sees_sidebar_spec.rb                       | 2 ++
 spec/features/issues/bulk_assignment_labels_spec.rb                     | 2 ++
 .../issues/create_issue_for_discussions_in_merge_request_spec.rb        | 2 ++
 .../issues/create_issue_for_single_discussion_in_merge_request_spec.rb  | 2 ++
 spec/features/issues/filtered_search/dropdown_assignee_spec.rb          | 2 ++
 spec/features/issues/filtered_search/dropdown_author_spec.rb            | 2 ++
 spec/features/issues/filtered_search/dropdown_emoji_spec.rb             | 2 ++
 spec/features/issues/filtered_search/dropdown_hint_spec.rb              | 2 ++
 spec/features/issues/filtered_search/dropdown_label_spec.rb             | 2 ++
 spec/features/issues/filtered_search/dropdown_milestone_spec.rb         | 2 ++
 spec/features/issues/filtered_search/filter_issues_spec.rb              | 2 ++
 spec/features/issues/filtered_search/recent_searches_spec.rb            | 2 ++
 spec/features/issues/filtered_search/search_bar_spec.rb                 | 2 ++
 spec/features/issues/filtered_search/visual_tokens_spec.rb              | 2 ++
 spec/features/issues/form_spec.rb                                       | 2 ++
 spec/features/issues/gfm_autocomplete_spec.rb                           | 2 ++
 spec/features/issues/group_label_sidebar_spec.rb                        | 2 ++
 spec/features/issues/issue_detail_spec.rb                               | 2 ++
 spec/features/issues/issue_sidebar_spec.rb                              | 2 ++
 spec/features/issues/keyboard_shortcut_spec.rb                          | 2 ++
 spec/features/issues/markdown_toolbar_spec.rb                           | 2 ++
 spec/features/issues/move_spec.rb                                       | 2 ++
 spec/features/issues/note_polling_spec.rb                               | 2 ++
 spec/features/issues/notes_on_issues_spec.rb                            | 2 ++
 spec/features/issues/rss_spec.rb                                        | 2 ++
 spec/features/issues/spam_issues_spec.rb                                | 2 ++
 spec/features/issues/todo_spec.rb                                       | 2 ++
 spec/features/issues/update_issues_spec.rb                              | 2 ++
 spec/features/issues/user_comments_on_issue_spec.rb                     | 2 ++
 spec/features/issues/user_creates_branch_and_merge_request_spec.rb      | 2 ++
 spec/features/issues/user_creates_confidential_merge_request_spec.rb    | 2 ++
 spec/features/issues/user_edits_issue_spec.rb                           | 2 ++
 spec/features/issues/user_interacts_with_awards_spec.rb                 | 2 ++
 spec/features/issues/user_sees_breadcrumb_links_spec.rb                 | 2 ++
 spec/features/issues/user_sorts_issues_spec.rb                          | 2 ++
 spec/features/issues/user_toggles_subscription_spec.rb                  | 2 ++
 spec/features/issues/user_views_issue_spec.rb                           | 2 ++
 spec/features/issues/user_views_issues_spec.rb                          | 2 ++
 spec/features/labels_hierarchy_spec.rb                                  | 2 ++
 spec/features/markdown/copy_as_gfm_spec.rb                              | 2 ++
 spec/features/markdown/gitlab_flavored_markdown_spec.rb                 | 2 ++
 spec/features/markdown/markdown_spec.rb                                 | 2 ++
 spec/features/markdown/math_spec.rb                                     | 2 ++
 spec/features/markdown/mermaid_spec.rb                                  | 2 ++
 spec/features/merge_request/maintainer_edits_fork_spec.rb               | 2 ++
 spec/features/merge_request/user_accepts_merge_request_spec.rb          | 2 ++
 .../user_allows_commits_from_memebers_who_can_merge_spec.rb             | 2 ++
 spec/features/merge_request/user_assigns_themselves_spec.rb             | 2 ++
 spec/features/merge_request/user_awards_emoji_spec.rb                   | 2 ++
 spec/features/merge_request/user_closes_merge_request_spec.rb           | 2 ++
 spec/features/merge_request/user_comments_on_commit_spec.rb             | 2 ++
 spec/features/merge_request/user_comments_on_diff_spec.rb               | 2 ++
 spec/features/merge_request/user_comments_on_merge_request_spec.rb      | 2 ++
 spec/features/merge_request/user_creates_image_diff_notes_spec.rb       | 2 ++
 spec/features/merge_request/user_creates_merge_request_spec.rb          | 2 ++
 spec/features/merge_request/user_creates_mr_spec.rb                     | 2 ++
 .../features/merge_request/user_customizes_merge_commit_message_spec.rb | 2 ++
 spec/features/merge_request/user_edits_merge_request_spec.rb            | 2 ++
 spec/features/merge_request/user_edits_mr_spec.rb                       | 2 ++
 spec/features/merge_request/user_expands_diff_spec.rb                   | 2 ++
 spec/features/merge_request/user_locks_discussion_spec.rb               | 2 ++
 spec/features/merge_request/user_manages_subscription_spec.rb           | 2 ++
 spec/features/merge_request/user_merges_immediately_spec.rb             | 2 ++
 .../merge_request/user_merges_only_if_pipeline_succeeds_spec.rb         | 2 ++
 spec/features/merge_request/user_merges_when_pipeline_succeeds_spec.rb  | 2 ++
 spec/features/merge_request/user_posts_diff_notes_spec.rb               | 2 ++
 spec/features/merge_request/user_posts_notes_spec.rb                    | 2 ++
 spec/features/merge_request/user_rebases_merge_request_spec.rb          | 2 ++
 spec/features/merge_request/user_reopens_merge_request_spec.rb          | 2 ++
 spec/features/merge_request/user_resolves_conflicts_spec.rb             | 2 ++
 .../user_resolves_diff_notes_and_discussions_resolve_spec.rb            | 2 ++
 .../merge_request/user_resolves_outdated_diff_discussions_spec.rb       | 2 ++
 spec/features/merge_request/user_reverts_merge_request_spec.rb          | 2 ++
 spec/features/merge_request/user_scrolls_to_note_on_load_spec.rb        | 2 ++
 spec/features/merge_request/user_sees_avatar_on_diff_notes_spec.rb      | 2 ++
 spec/features/merge_request/user_sees_breadcrumb_links_spec.rb          | 2 ++
 spec/features/merge_request/user_sees_check_out_branch_modal_spec.rb    | 2 ++
 spec/features/merge_request/user_sees_cherry_pick_modal_spec.rb         | 2 ++
 spec/features/merge_request/user_sees_closing_issues_message_spec.rb    | 2 ++
 spec/features/merge_request/user_sees_deleted_target_branch_spec.rb     | 2 ++
 spec/features/merge_request/user_sees_deployment_widget_spec.rb         | 2 ++
 spec/features/merge_request/user_sees_diff_spec.rb                      | 2 ++
 spec/features/merge_request/user_sees_discussions_spec.rb               | 2 ++
 spec/features/merge_request/user_sees_empty_state_spec.rb               | 2 ++
 .../user_sees_merge_button_depending_on_unresolved_discussions_spec.rb  | 2 ++
 spec/features/merge_request/user_sees_merge_widget_spec.rb              | 2 ++
 spec/features/merge_request/user_sees_mini_pipeline_graph_spec.rb       | 2 ++
 .../merge_request/user_sees_mr_from_deleted_forked_project_spec.rb      | 2 ++
 .../merge_request/user_sees_mr_with_deleted_source_branch_spec.rb       | 2 ++
 spec/features/merge_request/user_sees_notes_from_forked_project_spec.rb | 2 ++
 .../merge_request/user_sees_pipelines_from_forked_project_spec.rb       | 2 ++
 spec/features/merge_request/user_sees_pipelines_spec.rb                 | 2 ++
 spec/features/merge_request/user_sees_system_notes_spec.rb              | 2 ++
 spec/features/merge_request/user_sees_versions_spec.rb                  | 2 ++
 spec/features/merge_request/user_sees_wip_help_message_spec.rb          | 2 ++
 spec/features/merge_request/user_selects_branches_for_new_mr_spec.rb    | 2 ++
 spec/features/merge_request/user_toggles_whitespace_changes_spec.rb     | 2 ++
 .../user_tries_to_access_private_repository_through_new_mr_spec.rb      | 2 ++
 spec/features/merge_request/user_views_diffs_spec.rb                    | 2 ++
 spec/features/merge_request/user_views_open_merge_request_spec.rb       | 2 ++
 spec/features/merge_requests/filters_generic_behavior_spec.rb           | 2 ++
 spec/features/merge_requests/user_filters_by_assignees_spec.rb          | 2 ++
 spec/features/merge_requests/user_filters_by_labels_spec.rb             | 2 ++
 spec/features/merge_requests/user_filters_by_milestones_spec.rb         | 2 ++
 spec/features/merge_requests/user_filters_by_multiple_criteria_spec.rb  | 2 ++
 spec/features/merge_requests/user_filters_by_target_branch_spec.rb      | 2 ++
 spec/features/merge_requests/user_lists_merge_requests_spec.rb          | 2 ++
 spec/features/merge_requests/user_mass_updates_spec.rb                  | 2 ++
 spec/features/merge_requests/user_sorts_merge_requests_spec.rb          | 2 ++
 spec/features/merge_requests/user_squashes_merge_request_spec.rb        | 2 ++
 spec/features/merge_requests/user_views_all_merge_requests_spec.rb      | 2 ++
 spec/features/merge_requests/user_views_closed_merge_requests_spec.rb   | 2 ++
 spec/features/merge_requests/user_views_merged_merge_requests_spec.rb   | 2 ++
 spec/features/merge_requests/user_views_open_merge_requests_spec.rb     | 2 ++
 spec/features/milestone_spec.rb                                         | 2 ++
 spec/features/milestones/user_creates_milestone_spec.rb                 | 2 ++
 spec/features/milestones/user_deletes_milestone_spec.rb                 | 2 ++
 spec/features/milestones/user_edits_milestone_spec.rb                   | 2 ++
 spec/features/milestones/user_promotes_milestone_spec.rb                | 2 ++
 spec/features/milestones/user_sees_breadcrumb_links_spec.rb             | 2 ++
 spec/features/milestones/user_views_milestone_spec.rb                   | 2 ++
 spec/features/milestones/user_views_milestones_spec.rb                  | 2 ++
 spec/features/oauth_login_spec.rb                                       | 2 ++
 spec/features/participants_autocomplete_spec.rb                         | 2 ++
 spec/features/password_reset_spec.rb                                    | 2 ++
 spec/features/profile_spec.rb                                           | 2 ++
 spec/features/profiles/account_spec.rb                                  | 2 ++
 spec/features/profiles/active_sessions_spec.rb                          | 2 ++
 spec/features/profiles/chat_names_spec.rb                               | 2 ++
 spec/features/profiles/emails_spec.rb                                   | 2 ++
 spec/features/profiles/gpg_keys_spec.rb                                 | 2 ++
 spec/features/profiles/keys_spec.rb                                     | 2 ++
 spec/features/profiles/oauth_applications_spec.rb                       | 2 ++
 spec/features/profiles/password_spec.rb                                 | 2 ++
 spec/features/profiles/personal_access_tokens_spec.rb                   | 2 ++
 spec/features/profiles/user_changes_notified_of_own_activity_spec.rb    | 2 ++
 spec/features/profiles/user_edit_profile_spec.rb                        | 2 ++
 spec/features/profiles/user_manages_applications_spec.rb                | 2 ++
 spec/features/profiles/user_manages_emails_spec.rb                      | 2 ++
 spec/features/profiles/user_visits_notifications_tab_spec.rb            | 2 ++
 spec/features/profiles/user_visits_profile_account_page_spec.rb         | 2 ++
 spec/features/profiles/user_visits_profile_authentication_log_spec.rb   | 2 ++
 spec/features/profiles/user_visits_profile_preferences_page_spec.rb     | 2 ++
 spec/features/profiles/user_visits_profile_spec.rb                      | 2 ++
 spec/features/profiles/user_visits_profile_ssh_keys_page_spec.rb        | 2 ++
 spec/features/projects/activity/rss_spec.rb                             | 2 ++
 spec/features/projects/activity/user_sees_activity_spec.rb              | 2 ++
 spec/features/projects/activity/user_sees_private_activity_spec.rb      | 2 ++
 spec/features/projects/actve_tabs_spec.rb                               | 2 ++
 spec/features/projects/artifacts/file_spec.rb                           | 2 ++
 spec/features/projects/artifacts/raw_spec.rb                            | 2 ++
 spec/features/projects/artifacts/user_browses_artifacts_spec.rb         | 2 ++
 spec/features/projects/artifacts/user_downloads_artifacts_spec.rb       | 2 ++
 spec/features/projects/badges/coverage_spec.rb                          | 2 ++
 spec/features/projects/badges/list_spec.rb                              | 2 ++
 spec/features/projects/badges/pipeline_badge_spec.rb                    | 2 ++
 spec/features/projects/blobs/blob_line_permalink_updater_spec.rb        | 2 ++
 spec/features/projects/blobs/blob_show_spec.rb                          | 2 ++
 spec/features/projects/blobs/edit_spec.rb                               | 2 ++
 spec/features/projects/blobs/shortcuts_blob_spec.rb                     | 2 ++
 .../projects/blobs/user_creates_new_blob_in_new_project_spec.rb         | 2 ++
 spec/features/projects/branches/download_buttons_spec.rb                | 2 ++
 spec/features/projects/branches/new_branch_ref_dropdown_spec.rb         | 2 ++
 spec/features/projects/branches/user_creates_branch_spec.rb             | 2 ++
 spec/features/projects/branches/user_deletes_branch_spec.rb             | 2 ++
 spec/features/projects/branches/user_views_branches_spec.rb             | 2 ++
 spec/features/projects/branches_spec.rb                                 | 2 ++
 spec/features/projects/ci/lint_spec.rb                                  | 2 ++
 spec/features/projects/clusters/applications_spec.rb                    | 2 ++
 spec/features/projects/clusters/gcp_spec.rb                             | 2 ++
 spec/features/projects/clusters/user_spec.rb                            | 2 ++
 spec/features/projects/commit/builds_spec.rb                            | 2 ++
 spec/features/projects/commit/cherry_pick_spec.rb                       | 2 ++
 spec/features/projects/commit/comments/user_adds_comment_spec.rb        | 2 ++
 spec/features/projects/commit/comments/user_deletes_comments_spec.rb    | 2 ++
 spec/features/projects/commit/comments/user_edits_comments_spec.rb      | 2 ++
 spec/features/projects/commit/diff_notes_spec.rb                        | 2 ++
 spec/features/projects/commit/mini_pipeline_graph_spec.rb               | 2 ++
 spec/features/projects/commit/user_comments_on_commit_spec.rb           | 2 ++
 spec/features/projects/commit/user_reverts_commit_spec.rb               | 2 ++
 spec/features/projects/commits/rss_spec.rb                              | 2 ++
 spec/features/projects/commits/user_browses_commits_spec.rb             | 2 ++
 spec/features/projects/compare_spec.rb                                  | 2 ++
 spec/features/projects/deploy_keys_spec.rb                              | 2 ++
 spec/features/projects/diffs/diff_show_spec.rb                          | 2 ++
 spec/features/projects/environments/environment_metrics_spec.rb         | 2 ++
 spec/features/projects/environments/environment_spec.rb                 | 2 ++
 spec/features/projects/environments/environments_spec.rb                | 2 ++
 spec/features/projects/features_visibility_spec.rb                      | 2 ++
 spec/features/projects/files/dockerfile_dropdown_spec.rb                | 2 ++
 spec/features/projects/files/download_buttons_spec.rb                   | 2 ++
 spec/features/projects/files/edit_file_soft_wrap_spec.rb                | 2 ++
 spec/features/projects/files/editing_a_file_spec.rb                     | 2 ++
 spec/features/projects/files/files_sort_submodules_with_folders_spec.rb | 2 ++
 spec/features/projects/files/find_file_keyboard_spec.rb                 | 2 ++
 spec/features/projects/files/gitignore_dropdown_spec.rb                 | 2 ++
 spec/features/projects/files/gitlab_ci_yml_dropdown_spec.rb             | 2 ++
 spec/features/projects/files/project_owner_creates_license_file_spec.rb | 2 ++
 ...ject_owner_sees_link_to_create_license_file_in_empty_project_spec.rb | 2 ++
 spec/features/projects/files/template_selector_menu_spec.rb             | 2 ++
 spec/features/projects/files/template_type_dropdown_spec.rb             | 2 ++
 spec/features/projects/files/undo_template_spec.rb                      | 2 ++
 .../files/user_browses_a_tree_with_a_folder_containing_only_a_folder.rb | 2 ++
 spec/features/projects/files/user_browses_files_spec.rb                 | 2 ++
 spec/features/projects/files/user_browses_lfs_files_spec.rb             | 2 ++
 spec/features/projects/files/user_creates_directory_spec.rb             | 2 ++
 spec/features/projects/files/user_creates_files_spec.rb                 | 2 ++
 spec/features/projects/files/user_deletes_files_spec.rb                 | 2 ++
 spec/features/projects/files/user_edits_files_spec.rb                   | 2 ++
 spec/features/projects/files/user_find_file_spec.rb                     | 2 ++
 spec/features/projects/files/user_reads_pipeline_status_spec.rb         | 2 ++
 spec/features/projects/files/user_replaces_files_spec.rb                | 2 ++
 spec/features/projects/files/user_searches_for_files_spec.rb            | 2 ++
 spec/features/projects/files/user_uploads_files_spec.rb                 | 2 ++
 spec/features/projects/fork_spec.rb                                     | 2 ++
 spec/features/projects/forks/fork_list_spec.rb                          | 2 ++
 spec/features/projects/gfm_autocomplete_load_spec.rb                    | 2 ++
 spec/features/projects/graph_spec.rb                                    | 2 ++
 spec/features/projects/hook_logs/user_reads_log_spec.rb                 | 2 ++
 spec/features/projects/import_export/export_file_spec.rb                | 2 ++
 spec/features/projects/import_export/import_file_spec.rb                | 2 ++
 spec/features/projects/issuable_templates_spec.rb                       | 2 ++
 .../issues/viewing_issues_with_external_authorization_enabled_spec.rb   | 2 ++
 spec/features/projects/jobs/permissions_spec.rb                         | 2 ++
 spec/features/projects/jobs/user_browses_job_spec.rb                    | 2 ++
 spec/features/projects/jobs/user_browses_jobs_spec.rb                   | 2 ++
 spec/features/projects/labels/issues_sorted_by_priority_spec.rb         | 2 ++
 spec/features/projects/labels/subscription_spec.rb                      | 2 ++
 spec/features/projects/labels/update_prioritization_spec.rb             | 2 ++
 spec/features/projects/labels/user_creates_labels_spec.rb               | 2 ++
 spec/features/projects/labels/user_edits_labels_spec.rb                 | 2 ++
 spec/features/projects/labels/user_removes_labels_spec.rb               | 2 ++
 spec/features/projects/labels/user_sees_breadcrumb_links_spec.rb        | 2 ++
 spec/features/projects/labels/user_sees_links_to_issuables.rb           | 2 ++
 spec/features/projects/members/anonymous_user_sees_members_spec.rb      | 2 ++
 .../projects/members/group_member_cannot_leave_group_project_spec.rb    | 2 ++
 .../group_member_cannot_request_access_to_his_group_project_spec.rb     | 2 ++
 spec/features/projects/members/group_members_spec.rb                    | 2 ++
 .../members/group_requester_cannot_request_access_to_project_spec.rb    | 2 ++
 spec/features/projects/members/groups_with_access_list_spec.rb          | 2 ++
 spec/features/projects/members/invite_group_spec.rb                     | 2 ++
 spec/features/projects/members/list_spec.rb                             | 2 ++
 .../projects/members/master_adds_member_with_expiration_date_spec.rb    | 2 ++
 spec/features/projects/members/master_manages_access_requests_spec.rb   | 2 ++
 .../members/member_cannot_request_access_to_his_project_spec.rb         | 2 ++
 spec/features/projects/members/member_leaves_project_spec.rb            | 2 ++
 spec/features/projects/members/owner_cannot_leave_project_spec.rb       | 2 ++
 .../projects/members/owner_cannot_request_access_to_his_project_spec.rb | 2 ++
 spec/features/projects/members/sorting_spec.rb                          | 2 ++
 spec/features/projects/members/user_requests_access_spec.rb             | 2 ++
 spec/features/projects/merge_request_button_spec.rb                     | 2 ++
 spec/features/projects/milestones/milestone_spec.rb                     | 2 ++
 spec/features/projects/milestones/milestones_sorting_spec.rb            | 2 ++
 spec/features/projects/milestones/new_spec.rb                           | 2 ++
 spec/features/projects/milestones/user_interacts_with_labels_spec.rb    | 2 ++
 spec/features/projects/network_graph_spec.rb                            | 2 ++
 spec/features/projects/new_project_spec.rb                              | 2 ++
 spec/features/projects/pipeline_schedules_spec.rb                       | 2 ++
 spec/features/projects/pipelines/pipelines_spec.rb                      | 2 ++
 spec/features/projects/releases/user_views_releases_spec.rb             | 2 ++
 spec/features/projects/remote_mirror_spec.rb                            | 2 ++
 spec/features/projects/services/disable_triggers_spec.rb                | 2 ++
 spec/features/projects/services/user_activates_asana_spec.rb            | 2 ++
 spec/features/projects/services/user_activates_assembla_spec.rb         | 2 ++
 .../projects/services/user_activates_atlassian_bamboo_ci_spec.rb        | 2 ++
 spec/features/projects/services/user_activates_emails_on_push_spec.rb   | 2 ++
 spec/features/projects/services/user_activates_flowdock_spec.rb         | 2 ++
 spec/features/projects/services/user_activates_irker_spec.rb            | 2 ++
 spec/features/projects/services/user_activates_issue_tracker_spec.rb    | 2 ++
 .../projects/services/user_activates_jetbrains_teamcity_ci_spec.rb      | 2 ++
 spec/features/projects/services/user_activates_jira_spec.rb             | 2 ++
 .../projects/services/user_activates_mattermost_slash_command_spec.rb   | 2 ++
 spec/features/projects/services/user_activates_packagist_spec.rb        | 2 ++
 spec/features/projects/services/user_activates_pivotaltracker_spec.rb   | 2 ++
 spec/features/projects/services/user_activates_prometheus_spec.rb       | 2 ++
 spec/features/projects/services/user_activates_pushover_spec.rb         | 2 ++
 .../projects/services/user_activates_slack_notifications_spec.rb        | 2 ++
 .../projects/services/user_activates_slack_slash_command_spec.rb        | 2 ++
 spec/features/projects/services/user_activates_youtrack_spec.rb         | 2 ++
 spec/features/projects/services/user_views_services_spec.rb             | 2 ++
 spec/features/projects/settings/forked_project_settings_spec.rb         | 2 ++
 spec/features/projects/settings/integration_settings_spec.rb            | 2 ++
 spec/features/projects/settings/lfs_settings_spec.rb                    | 2 ++
 spec/features/projects/settings/pipelines_settings_spec.rb              | 2 ++
 spec/features/projects/settings/project_badges_spec.rb                  | 2 ++
 spec/features/projects/settings/repository_settings_spec.rb             | 2 ++
 spec/features/projects/settings/user_archives_project_spec.rb           | 2 ++
 spec/features/projects/settings/user_changes_avatar_spec.rb             | 2 ++
 spec/features/projects/settings/user_changes_default_branch_spec.rb     | 2 ++
 spec/features/projects/settings/user_interacts_with_deploy_keys_spec.rb | 2 ++
 spec/features/projects/settings/user_manages_group_links_spec.rb        | 2 ++
 spec/features/projects/settings/user_manages_project_members_spec.rb    | 2 ++
 spec/features/projects/settings/user_renames_a_project_spec.rb          | 2 ++
 .../projects/settings/user_sees_revoke_deploy_token_modal_spec.rb       | 2 ++
 spec/features/projects/settings/user_tags_project_spec.rb               | 2 ++
 spec/features/projects/settings/user_transfers_a_project_spec.rb        | 2 ++
 spec/features/projects/settings/visibility_settings_spec.rb             | 2 ++
 .../projects/show/developer_views_empty_project_instructions_spec.rb    | 2 ++
 spec/features/projects/show/download_buttons_spec.rb                    | 2 ++
 spec/features/projects/show/no_password_spec.rb                         | 2 ++
 spec/features/projects/show/redirects_spec.rb                           | 2 ++
 spec/features/projects/show/rss_spec.rb                                 | 2 ++
 spec/features/projects/show/user_interacts_with_stars_spec.rb           | 2 ++
 spec/features/projects/show/user_manages_notifications_spec.rb          | 2 ++
 spec/features/projects/show/user_sees_collaboration_links_spec.rb       | 2 ++
 spec/features/projects/show/user_sees_deletion_failure_message_spec.rb  | 2 ++
 spec/features/projects/show/user_sees_git_instructions_spec.rb          | 2 ++
 spec/features/projects/show/user_sees_last_commit_ci_status_spec.rb     | 2 ++
 spec/features/projects/show/user_sees_readme_spec.rb                    | 2 ++
 spec/features/projects/show/user_sees_setup_shortcut_buttons_spec.rb    | 2 ++
 spec/features/projects/snippets/create_snippet_spec.rb                  | 2 ++
 spec/features/projects/snippets/show_spec.rb                            | 2 ++
 spec/features/projects/snippets/user_comments_on_snippet_spec.rb        | 2 ++
 spec/features/projects/snippets/user_deletes_snippet_spec.rb            | 2 ++
 spec/features/projects/snippets/user_updates_snippet_spec.rb            | 2 ++
 spec/features/projects/snippets/user_views_snippets_spec.rb             | 2 ++
 spec/features/projects/sub_group_issuables_spec.rb                      | 2 ++
 spec/features/projects/tags/download_buttons_spec.rb                    | 2 ++
 spec/features/projects/tree/create_directory_spec.rb                    | 2 ++
 spec/features/projects/tree/create_file_spec.rb                         | 2 ++
 spec/features/projects/tree/rss_spec.rb                                 | 2 ++
 spec/features/projects/tree/tree_show_spec.rb                           | 2 ++
 spec/features/projects/tree/upload_file_spec.rb                         | 2 ++
 spec/features/projects/user_creates_project_spec.rb                     | 2 ++
 spec/features/projects/user_sees_sidebar_spec.rb                        | 2 ++
 spec/features/projects/user_uses_shortcuts_spec.rb                      | 2 ++
 spec/features/projects/user_views_empty_project_spec.rb                 | 2 ++
 spec/features/projects/view_on_env_spec.rb                              | 2 ++
 spec/features/projects/wiki/markdown_preview_spec.rb                    | 2 ++
 spec/features/projects/wiki/shortcuts_spec.rb                           | 2 ++
 spec/features/projects/wiki/user_creates_wiki_page_spec.rb              | 2 ++
 spec/features/projects/wiki/user_deletes_wiki_page_spec.rb              | 2 ++
 spec/features/projects/wiki/user_git_access_wiki_page_spec.rb           | 2 ++
 spec/features/projects/wiki/user_updates_wiki_page_spec.rb              | 2 ++
 spec/features/projects/wiki/user_views_wiki_empty_spec.rb               | 2 ++
 spec/features/projects/wiki/user_views_wiki_in_project_page_spec.rb     | 2 ++
 spec/features/projects/wiki/user_views_wiki_page_spec.rb                | 2 ++
 spec/features/protected_branches_spec.rb                                | 2 ++
 spec/features/protected_tags_spec.rb                                    | 2 ++
 spec/features/raven_js_spec.rb                                          | 2 ++
 spec/features/read_only_spec.rb                                         | 2 ++
 spec/features/reportable_note/commit_spec.rb                            | 2 ++
 spec/features/reportable_note/issue_spec.rb                             | 2 ++
 spec/features/reportable_note/merge_request_spec.rb                     | 2 ++
 spec/features/reportable_note/snippets_spec.rb                          | 2 ++
 spec/features/runners_spec.rb                                           | 2 ++
 spec/features/search/user_searches_for_code_spec.rb                     | 2 ++
 spec/features/search/user_searches_for_comments_spec.rb                 | 2 ++
 spec/features/search/user_searches_for_commits_spec.rb                  | 2 ++
 spec/features/search/user_searches_for_issues_spec.rb                   | 2 ++
 spec/features/search/user_searches_for_merge_requests_spec.rb           | 2 ++
 spec/features/search/user_searches_for_milestones_spec.rb               | 2 ++
 spec/features/search/user_searches_for_projects_spec.rb                 | 2 ++
 spec/features/search/user_searches_for_users_spec.rb                    | 2 ++
 spec/features/search/user_searches_for_wiki_pages_spec.rb               | 2 ++
 spec/features/search/user_uses_header_search_field_spec.rb              | 2 ++
 spec/features/search/user_uses_search_filters_spec.rb                   | 2 ++
 spec/features/security/admin_access_spec.rb                             | 2 ++
 spec/features/security/dashboard_access_spec.rb                         | 2 ++
 spec/features/security/group/internal_access_spec.rb                    | 2 ++
 spec/features/security/group/private_access_spec.rb                     | 2 ++
 spec/features/security/group/public_access_spec.rb                      | 2 ++
 spec/features/security/project/internal_access_spec.rb                  | 2 ++
 spec/features/security/project/private_access_spec.rb                   | 2 ++
 spec/features/security/project/public_access_spec.rb                    | 2 ++
 spec/features/security/project/snippet/internal_access_spec.rb          | 2 ++
 spec/features/security/project/snippet/private_access_spec.rb           | 2 ++
 spec/features/security/project/snippet/public_access_spec.rb            | 2 ++
 spec/features/snippets/embedded_snippet_spec.rb                         | 2 ++
 spec/features/snippets/explore_spec.rb                                  | 2 ++
 spec/features/snippets/internal_snippet_spec.rb                         | 2 ++
 spec/features/snippets/notes_on_personal_snippets_spec.rb               | 2 ++
 spec/features/snippets/public_snippets_spec.rb                          | 2 ++
 spec/features/snippets/search_snippets_spec.rb                          | 2 ++
 spec/features/snippets/show_spec.rb                                     | 2 ++
 spec/features/snippets/user_creates_snippet_spec.rb                     | 2 ++
 spec/features/snippets/user_deletes_snippet_spec.rb                     | 2 ++
 spec/features/snippets/user_edits_snippet_spec.rb                       | 2 ++
 spec/features/snippets/user_sees_breadcrumb_links.rb                    | 2 ++
 spec/features/snippets/user_snippets_spec.rb                            | 2 ++
 spec/features/snippets_spec.rb                                          | 2 ++
 spec/features/tags/developer_creates_tag_spec.rb                        | 2 ++
 spec/features/tags/developer_deletes_tag_spec.rb                        | 2 ++
 spec/features/tags/developer_updates_tag_spec.rb                        | 2 ++
 spec/features/tags/developer_views_tags_spec.rb                         | 2 ++
 spec/features/task_lists_spec.rb                                        | 2 ++
 spec/features/triggers_spec.rb                                          | 2 ++
 spec/features/u2f_spec.rb                                               | 2 ++
 spec/features/unsubscribe_links_spec.rb                                 | 2 ++
 spec/features/uploads/user_uploads_avatar_to_group_spec.rb              | 2 ++
 spec/features/uploads/user_uploads_avatar_to_profile_spec.rb            | 2 ++
 spec/features/uploads/user_uploads_file_to_note_spec.rb                 | 2 ++
 spec/features/user_can_display_performance_bar_spec.rb                  | 2 ++
 spec/features/user_sees_revert_modal_spec.rb                            | 2 ++
 spec/features/user_sorts_things_spec.rb                                 | 2 ++
 spec/features/users/active_sessions_spec.rb                             | 2 ++
 spec/features/users/add_email_to_existing_account.rb                    | 2 ++
 spec/features/users/login_spec.rb                                       | 2 ++
 spec/features/users/logout_spec.rb                                      | 2 ++
 spec/features/users/overview_spec.rb                                    | 2 ++
 spec/features/users/rss_spec.rb                                         | 2 ++
 spec/features/users/show_spec.rb                                        | 2 ++
 spec/features/users/signup_spec.rb                                      | 2 ++
 spec/features/users/snippets_spec.rb                                    | 2 ++
 spec/features/users/terms_spec.rb                                       | 2 ++
 spec/features/users/user_browses_projects_on_user_page_spec.rb          | 2 ++
 521 files changed, 1042 insertions(+)

diff --git a/spec/features/abuse_report_spec.rb b/spec/features/abuse_report_spec.rb
index eb12eebe8e6..b1573bfb270 100644
--- a/spec/features/abuse_report_spec.rb
+++ b/spec/features/abuse_report_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Abuse reports' do
diff --git a/spec/features/admin/admin_abuse_reports_spec.rb b/spec/features/admin/admin_abuse_reports_spec.rb
index 3ff1a66b0b2..48fff9e57d3 100644
--- a/spec/features/admin/admin_abuse_reports_spec.rb
+++ b/spec/features/admin/admin_abuse_reports_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Admin::AbuseReports", :js do
diff --git a/spec/features/admin/admin_broadcast_messages_spec.rb b/spec/features/admin/admin_broadcast_messages_spec.rb
index f6dc499df29..dfc7c89840a 100644
--- a/spec/features/admin/admin_broadcast_messages_spec.rb
+++ b/spec/features/admin/admin_broadcast_messages_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Admin Broadcast Messages' do
diff --git a/spec/features/admin/admin_browse_spam_logs_spec.rb b/spec/features/admin/admin_browse_spam_logs_spec.rb
index 4645fde7522..c79524a7fb3 100644
--- a/spec/features/admin/admin_browse_spam_logs_spec.rb
+++ b/spec/features/admin/admin_browse_spam_logs_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Admin browse spam logs' do
diff --git a/spec/features/admin/admin_browses_logs_spec.rb b/spec/features/admin/admin_browses_logs_spec.rb
index 1f83d04d9aa..5a2df89aeb7 100644
--- a/spec/features/admin/admin_browses_logs_spec.rb
+++ b/spec/features/admin/admin_browses_logs_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Admin browses logs' do
diff --git a/spec/features/admin/admin_builds_spec.rb b/spec/features/admin/admin_builds_spec.rb
index 51b42d1b43b..afdf8eb0cca 100644
--- a/spec/features/admin/admin_builds_spec.rb
+++ b/spec/features/admin/admin_builds_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Admin Builds' do
diff --git a/spec/features/admin/admin_deploy_keys_spec.rb b/spec/features/admin/admin_deploy_keys_spec.rb
index cb96830cb7c..2039a6ff1ee 100644
--- a/spec/features/admin/admin_deploy_keys_spec.rb
+++ b/spec/features/admin/admin_deploy_keys_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 RSpec.describe 'admin deploy keys' do
diff --git a/spec/features/admin/admin_disables_git_access_protocol_spec.rb b/spec/features/admin/admin_disables_git_access_protocol_spec.rb
index f066b088800..ca8874a24f9 100644
--- a/spec/features/admin/admin_disables_git_access_protocol_spec.rb
+++ b/spec/features/admin/admin_disables_git_access_protocol_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Admin disables Git access protocol', :js do
diff --git a/spec/features/admin/admin_disables_two_factor_spec.rb b/spec/features/admin/admin_disables_two_factor_spec.rb
index e41835b4f24..6e6a4964541 100644
--- a/spec/features/admin/admin_disables_two_factor_spec.rb
+++ b/spec/features/admin/admin_disables_two_factor_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Admin disables 2FA for a user' do
diff --git a/spec/features/admin/admin_groups_spec.rb b/spec/features/admin/admin_groups_spec.rb
index a08902c30be..34356a2ee90 100644
--- a/spec/features/admin/admin_groups_spec.rb
+++ b/spec/features/admin/admin_groups_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Admin Groups' do
diff --git a/spec/features/admin/admin_health_check_spec.rb b/spec/features/admin/admin_health_check_spec.rb
index 790051dd933..97c34d55d73 100644
--- a/spec/features/admin/admin_health_check_spec.rb
+++ b/spec/features/admin/admin_health_check_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Admin Health Check", :feature do
diff --git a/spec/features/admin/admin_hook_logs_spec.rb b/spec/features/admin/admin_hook_logs_spec.rb
index 928f97b6d29..98900142353 100644
--- a/spec/features/admin/admin_hook_logs_spec.rb
+++ b/spec/features/admin/admin_hook_logs_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Admin::HookLogs' do
diff --git a/spec/features/admin/admin_hooks_spec.rb b/spec/features/admin/admin_hooks_spec.rb
index ce780789f5a..0fd748af3ce 100644
--- a/spec/features/admin/admin_hooks_spec.rb
+++ b/spec/features/admin/admin_hooks_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Admin::Hooks' do
diff --git a/spec/features/admin/admin_labels_spec.rb b/spec/features/admin/admin_labels_spec.rb
index 238ea2a25bd..35638e0829b 100644
--- a/spec/features/admin/admin_labels_spec.rb
+++ b/spec/features/admin/admin_labels_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 RSpec.describe 'admin issues labels' do
diff --git a/spec/features/admin/admin_manage_applications_spec.rb b/spec/features/admin/admin_manage_applications_spec.rb
index a4904272706..dd4d4b1a426 100644
--- a/spec/features/admin/admin_manage_applications_spec.rb
+++ b/spec/features/admin/admin_manage_applications_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 RSpec.describe 'admin manage applications' do
diff --git a/spec/features/admin/admin_projects_spec.rb b/spec/features/admin/admin_projects_spec.rb
index 1c1ca41f633..058e548208f 100644
--- a/spec/features/admin/admin_projects_spec.rb
+++ b/spec/features/admin/admin_projects_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Admin::Projects" do
diff --git a/spec/features/admin/admin_requests_profiles_spec.rb b/spec/features/admin/admin_requests_profiles_spec.rb
index e8764d0a79c..0400b89dbfd 100644
--- a/spec/features/admin/admin_requests_profiles_spec.rb
+++ b/spec/features/admin/admin_requests_profiles_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Admin::RequestsProfilesController' do
diff --git a/spec/features/admin/admin_runners_spec.rb b/spec/features/admin/admin_runners_spec.rb
index 97b432a6751..4ad90c96558 100644
--- a/spec/features/admin/admin_runners_spec.rb
+++ b/spec/features/admin/admin_runners_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Admin Runners" do
diff --git a/spec/features/admin/admin_settings_spec.rb b/spec/features/admin/admin_settings_spec.rb
index 518b3625348..a074bbcff0a 100644
--- a/spec/features/admin/admin_settings_spec.rb
+++ b/spec/features/admin/admin_settings_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Admin updates settings' do
diff --git a/spec/features/admin/admin_system_info_spec.rb b/spec/features/admin/admin_system_info_spec.rb
index 5a989319d5b..3dacf63e25a 100644
--- a/spec/features/admin/admin_system_info_spec.rb
+++ b/spec/features/admin/admin_system_info_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Admin System Info' do
diff --git a/spec/features/admin/admin_users_impersonation_tokens_spec.rb b/spec/features/admin/admin_users_impersonation_tokens_spec.rb
index c7860bebb06..27f2436108c 100644
--- a/spec/features/admin/admin_users_impersonation_tokens_spec.rb
+++ b/spec/features/admin/admin_users_impersonation_tokens_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Admin > Users > Impersonation Tokens', :js do
diff --git a/spec/features/admin/admin_users_spec.rb b/spec/features/admin/admin_users_spec.rb
index dafec29dfcc..ebf71d8c9da 100644
--- a/spec/features/admin/admin_users_spec.rb
+++ b/spec/features/admin/admin_users_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Admin::Users" do
diff --git a/spec/features/admin/admin_uses_repository_checks_spec.rb b/spec/features/admin/admin_uses_repository_checks_spec.rb
index d04bb9acd9e..8c1ec183286 100644
--- a/spec/features/admin/admin_uses_repository_checks_spec.rb
+++ b/spec/features/admin/admin_uses_repository_checks_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Admin uses repository checks' do
diff --git a/spec/features/admin/dashboard_spec.rb b/spec/features/admin/dashboard_spec.rb
index a6ca0803469..267a40dc2f8 100644
--- a/spec/features/admin/dashboard_spec.rb
+++ b/spec/features/admin/dashboard_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'admin visits dashboard' do
diff --git a/spec/features/admin/services/admin_activates_prometheus_spec.rb b/spec/features/admin/services/admin_activates_prometheus_spec.rb
index 904fe5b406b..64c57cd425b 100644
--- a/spec/features/admin/services/admin_activates_prometheus_spec.rb
+++ b/spec/features/admin/services/admin_activates_prometheus_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Admin activates Prometheus' do
diff --git a/spec/features/atom/dashboard_spec.rb b/spec/features/atom/dashboard_spec.rb
index 947587220a9..7df0e47cd14 100644
--- a/spec/features/atom/dashboard_spec.rb
+++ b/spec/features/atom/dashboard_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Dashboard Feed" do
diff --git a/spec/features/atom/issues_spec.rb b/spec/features/atom/issues_spec.rb
index 714a9885caa..c0413f0f352 100644
--- a/spec/features/atom/issues_spec.rb
+++ b/spec/features/atom/issues_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Issues Feed' do
diff --git a/spec/features/atom/users_spec.rb b/spec/features/atom/users_spec.rb
index 7de8bea5049..6f013e13ae4 100644
--- a/spec/features/atom/users_spec.rb
+++ b/spec/features/atom/users_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "User Feed" do
diff --git a/spec/features/boards/add_issues_modal_spec.rb b/spec/features/boards/add_issues_modal_spec.rb
index 030993462b5..6e477a93293 100644
--- a/spec/features/boards/add_issues_modal_spec.rb
+++ b/spec/features/boards/add_issues_modal_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Issue Boards add issue modal', :js do
diff --git a/spec/features/boards/boards_spec.rb b/spec/features/boards/boards_spec.rb
index 4c6175f5590..4e7b25115d7 100644
--- a/spec/features/boards/boards_spec.rb
+++ b/spec/features/boards/boards_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Issue Boards', :js do
diff --git a/spec/features/boards/issue_ordering_spec.rb b/spec/features/boards/issue_ordering_spec.rb
index 21779336559..c8ea202169c 100644
--- a/spec/features/boards/issue_ordering_spec.rb
+++ b/spec/features/boards/issue_ordering_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Issue Boards', :js do
diff --git a/spec/features/boards/keyboard_shortcut_spec.rb b/spec/features/boards/keyboard_shortcut_spec.rb
index d820a59aa16..5f3a2c409ed 100644
--- a/spec/features/boards/keyboard_shortcut_spec.rb
+++ b/spec/features/boards/keyboard_shortcut_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Issue Boards shortcut', :js do
diff --git a/spec/features/boards/modal_filter_spec.rb b/spec/features/boards/modal_filter_spec.rb
index e42d18b457e..93de2750466 100644
--- a/spec/features/boards/modal_filter_spec.rb
+++ b/spec/features/boards/modal_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Issue Boards add issue modal filtering', :js do
diff --git a/spec/features/boards/new_issue_spec.rb b/spec/features/boards/new_issue_spec.rb
index d0c4534e317..abbec0ea810 100644
--- a/spec/features/boards/new_issue_spec.rb
+++ b/spec/features/boards/new_issue_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Issue Boards new issue', :js do
diff --git a/spec/features/boards/reload_boards_on_browser_back_spec.rb b/spec/features/boards/reload_boards_on_browser_back_spec.rb
index 4b4bd705a77..752c8c1052d 100644
--- a/spec/features/boards/reload_boards_on_browser_back_spec.rb
+++ b/spec/features/boards/reload_boards_on_browser_back_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Ensure Boards do not show stale data on browser back', :js do
diff --git a/spec/features/boards/sidebar_spec.rb b/spec/features/boards/sidebar_spec.rb
index 6c9ae343e01..7ee3a839293 100644
--- a/spec/features/boards/sidebar_spec.rb
+++ b/spec/features/boards/sidebar_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Issue Boards', :js do
diff --git a/spec/features/boards/sub_group_project_spec.rb b/spec/features/boards/sub_group_project_spec.rb
index de2cb4c335e..264e5e85505 100644
--- a/spec/features/boards/sub_group_project_spec.rb
+++ b/spec/features/boards/sub_group_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Sub-group project issue boards', :js do
diff --git a/spec/features/calendar_spec.rb b/spec/features/calendar_spec.rb
index 8cb9b57a049..235b6d0fd40 100644
--- a/spec/features/calendar_spec.rb
+++ b/spec/features/calendar_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Contributions Calendar', :js do
diff --git a/spec/features/commits_spec.rb b/spec/features/commits_spec.rb
index a2dd34e7f7c..96d8da845cb 100644
--- a/spec/features/commits_spec.rb
+++ b/spec/features/commits_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Commits' do
diff --git a/spec/features/container_registry_spec.rb b/spec/features/container_registry_spec.rb
index 1b5943bd5d8..89dece97a35 100644
--- a/spec/features/container_registry_spec.rb
+++ b/spec/features/container_registry_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Container Registry", :js do
diff --git a/spec/features/cycle_analytics_spec.rb b/spec/features/cycle_analytics_spec.rb
index 4108a0f370d..07f0864fb3b 100644
--- a/spec/features/cycle_analytics_spec.rb
+++ b/spec/features/cycle_analytics_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Cycle Analytics', :js do
diff --git a/spec/features/dashboard/active_tab_spec.rb b/spec/features/dashboard/active_tab_spec.rb
index f4d0f82d248..92d0c0c9260 100644
--- a/spec/features/dashboard/active_tab_spec.rb
+++ b/spec/features/dashboard/active_tab_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 RSpec.describe 'Dashboard Active Tab', :js do
diff --git a/spec/features/dashboard/activity_spec.rb b/spec/features/dashboard/activity_spec.rb
index c55dc4523f7..0a3b550c0c4 100644
--- a/spec/features/dashboard/activity_spec.rb
+++ b/spec/features/dashboard/activity_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dashboard > Activity' do
diff --git a/spec/features/dashboard/archived_projects_spec.rb b/spec/features/dashboard/archived_projects_spec.rb
index d31df322d10..9965229a539 100644
--- a/spec/features/dashboard/archived_projects_spec.rb
+++ b/spec/features/dashboard/archived_projects_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 RSpec.describe 'Dashboard Archived Project' do
diff --git a/spec/features/dashboard/datetime_on_tooltips_spec.rb b/spec/features/dashboard/datetime_on_tooltips_spec.rb
index f44bd55ecf6..56b47b74626 100644
--- a/spec/features/dashboard/datetime_on_tooltips_spec.rb
+++ b/spec/features/dashboard/datetime_on_tooltips_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Tooltips on .timeago dates', :js do
diff --git a/spec/features/dashboard/group_dashboard_with_external_authorization_service_spec.rb b/spec/features/dashboard/group_dashboard_with_external_authorization_service_spec.rb
index 4098dd02141..aebc2eb1916 100644
--- a/spec/features/dashboard/group_dashboard_with_external_authorization_service_spec.rb
+++ b/spec/features/dashboard/group_dashboard_with_external_authorization_service_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'The group dashboard' do
diff --git a/spec/features/dashboard/group_spec.rb b/spec/features/dashboard/group_spec.rb
index 259f220c68b..653a16bbbcc 100644
--- a/spec/features/dashboard/group_spec.rb
+++ b/spec/features/dashboard/group_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 RSpec.describe 'Dashboard Group' do
diff --git a/spec/features/dashboard/groups_list_spec.rb b/spec/features/dashboard/groups_list_spec.rb
index fb76e2b0014..d760f415c39 100644
--- a/spec/features/dashboard/groups_list_spec.rb
+++ b/spec/features/dashboard/groups_list_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dashboard Groups page', :js do
diff --git a/spec/features/dashboard/help_spec.rb b/spec/features/dashboard/help_spec.rb
index 467a503a62d..3f425001447 100644
--- a/spec/features/dashboard/help_spec.rb
+++ b/spec/features/dashboard/help_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 RSpec.describe 'Dashboard Help' do
diff --git a/spec/features/dashboard/issuables_counter_spec.rb b/spec/features/dashboard/issuables_counter_spec.rb
index 50b71368e13..eca78749171 100644
--- a/spec/features/dashboard/issuables_counter_spec.rb
+++ b/spec/features/dashboard/issuables_counter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Navigation bar counter', :use_clean_rails_memory_store_caching do
diff --git a/spec/features/dashboard/issues_filter_spec.rb b/spec/features/dashboard/issues_filter_spec.rb
index c0434f767bb..1352e1bd8fc 100644
--- a/spec/features/dashboard/issues_filter_spec.rb
+++ b/spec/features/dashboard/issues_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dashboard Issues filtering', :js do
diff --git a/spec/features/dashboard/issues_spec.rb b/spec/features/dashboard/issues_spec.rb
index 9957bec0f0b..cb055ff8416 100644
--- a/spec/features/dashboard/issues_spec.rb
+++ b/spec/features/dashboard/issues_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 RSpec.describe 'Dashboard Issues' do
diff --git a/spec/features/dashboard/label_filter_spec.rb b/spec/features/dashboard/label_filter_spec.rb
index 2d4659d380f..630b2b636b4 100644
--- a/spec/features/dashboard/label_filter_spec.rb
+++ b/spec/features/dashboard/label_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dashboard > label filter', :js do
diff --git a/spec/features/dashboard/merge_requests_spec.rb b/spec/features/dashboard/merge_requests_spec.rb
index 0c6713f623c..0c1e1d5910b 100644
--- a/spec/features/dashboard/merge_requests_spec.rb
+++ b/spec/features/dashboard/merge_requests_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dashboard Merge Requests' do
diff --git a/spec/features/dashboard/milestone_tabs_spec.rb b/spec/features/dashboard/milestone_tabs_spec.rb
index 21de7c2f06f..a83e4c1f7c9 100644
--- a/spec/features/dashboard/milestone_tabs_spec.rb
+++ b/spec/features/dashboard/milestone_tabs_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dashboard milestone tabs', :js do
diff --git a/spec/features/dashboard/milestones_spec.rb b/spec/features/dashboard/milestones_spec.rb
index c3310a4a132..c21bc922de7 100644
--- a/spec/features/dashboard/milestones_spec.rb
+++ b/spec/features/dashboard/milestones_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dashboard > Milestones' do
diff --git a/spec/features/dashboard/project_member_activity_index_spec.rb b/spec/features/dashboard/project_member_activity_index_spec.rb
index 16919fe63ad..8e7a0b2a611 100644
--- a/spec/features/dashboard/project_member_activity_index_spec.rb
+++ b/spec/features/dashboard/project_member_activity_index_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project member activity', :js do
diff --git a/spec/features/dashboard/projects_spec.rb b/spec/features/dashboard/projects_spec.rb
index d1ed64cce7f..e2100c8562b 100644
--- a/spec/features/dashboard/projects_spec.rb
+++ b/spec/features/dashboard/projects_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dashboard Projects' do
diff --git a/spec/features/dashboard/shortcuts_spec.rb b/spec/features/dashboard/shortcuts_spec.rb
index 254bb12573c..659bec177ab 100644
--- a/spec/features/dashboard/shortcuts_spec.rb
+++ b/spec/features/dashboard/shortcuts_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dashboard shortcuts', :js do
diff --git a/spec/features/dashboard/snippets_spec.rb b/spec/features/dashboard/snippets_spec.rb
index 0e248c8732d..4fb01995cb0 100644
--- a/spec/features/dashboard/snippets_spec.rb
+++ b/spec/features/dashboard/snippets_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dashboard snippets' do
diff --git a/spec/features/dashboard/todos/target_state_spec.rb b/spec/features/dashboard/todos/target_state_spec.rb
index d55c32b3082..931fc16a5eb 100644
--- a/spec/features/dashboard/todos/target_state_spec.rb
+++ b/spec/features/dashboard/todos/target_state_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Dashboard > Todo target states' do
diff --git a/spec/features/dashboard/todos/todos_filtering_spec.rb b/spec/features/dashboard/todos/todos_filtering_spec.rb
index 85f865321cf..5c20d50edc0 100644
--- a/spec/features/dashboard/todos/todos_filtering_spec.rb
+++ b/spec/features/dashboard/todos/todos_filtering_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dashboard > User filters todos', :js do
diff --git a/spec/features/dashboard/todos/todos_sorting_spec.rb b/spec/features/dashboard/todos/todos_sorting_spec.rb
index b87caaa1c07..3870c661784 100644
--- a/spec/features/dashboard/todos/todos_sorting_spec.rb
+++ b/spec/features/dashboard/todos/todos_sorting_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dashboard > User sorts todos' do
diff --git a/spec/features/dashboard/todos/todos_spec.rb b/spec/features/dashboard/todos/todos_spec.rb
index c48229fc0a0..b98a04b0bda 100644
--- a/spec/features/dashboard/todos/todos_spec.rb
+++ b/spec/features/dashboard/todos/todos_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dashboard Todos' do
diff --git a/spec/features/dashboard/user_filters_projects_spec.rb b/spec/features/dashboard/user_filters_projects_spec.rb
index 4410c8f887f..c4e4eb8affe 100644
--- a/spec/features/dashboard/user_filters_projects_spec.rb
+++ b/spec/features/dashboard/user_filters_projects_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dashboard > User filters projects' do
diff --git a/spec/features/discussion_comments/commit_spec.rb b/spec/features/discussion_comments/commit_spec.rb
index b3f1731ec95..0362ddbae82 100644
--- a/spec/features/discussion_comments/commit_spec.rb
+++ b/spec/features/discussion_comments/commit_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Thread Comments Commit', :js do
diff --git a/spec/features/discussion_comments/issue_spec.rb b/spec/features/discussion_comments/issue_spec.rb
index d71a1ee4731..fbceb2a51ae 100644
--- a/spec/features/discussion_comments/issue_spec.rb
+++ b/spec/features/discussion_comments/issue_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Thread Comments Issue', :js do
diff --git a/spec/features/discussion_comments/merge_request_spec.rb b/spec/features/discussion_comments/merge_request_spec.rb
index 86e3507a3ee..96184593655 100644
--- a/spec/features/discussion_comments/merge_request_spec.rb
+++ b/spec/features/discussion_comments/merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Thread Comments Merge Request', :js do
diff --git a/spec/features/discussion_comments/snippets_spec.rb b/spec/features/discussion_comments/snippets_spec.rb
index 29aa3e4366c..082f35050c0 100644
--- a/spec/features/discussion_comments/snippets_spec.rb
+++ b/spec/features/discussion_comments/snippets_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Thread Comments Snippet', :js do
diff --git a/spec/features/error_pages_spec.rb b/spec/features/error_pages_spec.rb
index cd7bcf29cc9..562277388bb 100644
--- a/spec/features/error_pages_spec.rb
+++ b/spec/features/error_pages_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Error Pages' do
diff --git a/spec/features/expand_collapse_diffs_spec.rb b/spec/features/expand_collapse_diffs_spec.rb
index b2b3382666a..4bd2a305dfa 100644
--- a/spec/features/expand_collapse_diffs_spec.rb
+++ b/spec/features/expand_collapse_diffs_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Expand and collapse diffs', :js do
diff --git a/spec/features/explore/groups_list_spec.rb b/spec/features/explore/groups_list_spec.rb
index 56f6b1f7eaf..9686eee18fc 100644
--- a/spec/features/explore/groups_list_spec.rb
+++ b/spec/features/explore/groups_list_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Explore Groups page', :js do
diff --git a/spec/features/explore/groups_spec.rb b/spec/features/explore/groups_spec.rb
index e4ef47d88dd..81c77a29ecd 100644
--- a/spec/features/explore/groups_spec.rb
+++ b/spec/features/explore/groups_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Explore Groups', :js do
diff --git a/spec/features/explore/user_explores_projects_spec.rb b/spec/features/explore/user_explores_projects_spec.rb
index c724c3d17f8..9c3686dba2d 100644
--- a/spec/features/explore/user_explores_projects_spec.rb
+++ b/spec/features/explore/user_explores_projects_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User explores projects' do
diff --git a/spec/features/global_search_spec.rb b/spec/features/global_search_spec.rb
index f2ab5373d3d..3efbeddb7aa 100644
--- a/spec/features/global_search_spec.rb
+++ b/spec/features/global_search_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Global search' do
diff --git a/spec/features/group_variables_spec.rb b/spec/features/group_variables_spec.rb
index fc5777e8c7c..2b8d37bd629 100644
--- a/spec/features/group_variables_spec.rb
+++ b/spec/features/group_variables_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Group variables', :js do
diff --git a/spec/features/groups/activity_spec.rb b/spec/features/groups/activity_spec.rb
index 88fc12ae1e4..c102e19d477 100644
--- a/spec/features/groups/activity_spec.rb
+++ b/spec/features/groups/activity_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Group activity page' do
diff --git a/spec/features/groups/board_spec.rb b/spec/features/groups/board_spec.rb
index 86a4a016f3d..ca33dbb7a33 100644
--- a/spec/features/groups/board_spec.rb
+++ b/spec/features/groups/board_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Group Boards' do
diff --git a/spec/features/groups/empty_states_spec.rb b/spec/features/groups/empty_states_spec.rb
index e4eb0d355d1..789a89c83b9 100644
--- a/spec/features/groups/empty_states_spec.rb
+++ b/spec/features/groups/empty_states_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Group empty states' do
diff --git a/spec/features/groups/group_settings_spec.rb b/spec/features/groups/group_settings_spec.rb
index 676769c25fe..01d73d7817c 100644
--- a/spec/features/groups/group_settings_spec.rb
+++ b/spec/features/groups/group_settings_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Edit group settings' do
diff --git a/spec/features/groups/issues_spec.rb b/spec/features/groups/issues_spec.rb
index 0ada530781c..887f483dc7d 100644
--- a/spec/features/groups/issues_spec.rb
+++ b/spec/features/groups/issues_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Group issues page' do
diff --git a/spec/features/groups/labels/edit_spec.rb b/spec/features/groups/labels/edit_spec.rb
index 7cfc27a8905..43f067b89d6 100644
--- a/spec/features/groups/labels/edit_spec.rb
+++ b/spec/features/groups/labels/edit_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Edit group label' do
diff --git a/spec/features/groups/labels/subscription_spec.rb b/spec/features/groups/labels/subscription_spec.rb
index 22b51b297a6..cbccf4f3880 100644
--- a/spec/features/groups/labels/subscription_spec.rb
+++ b/spec/features/groups/labels/subscription_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Labels subscription' do
diff --git a/spec/features/groups/labels/user_sees_links_to_issuables.rb b/spec/features/groups/labels/user_sees_links_to_issuables.rb
index 1fdba78fa6c..e636f625b31 100644
--- a/spec/features/groups/labels/user_sees_links_to_issuables.rb
+++ b/spec/features/groups/labels/user_sees_links_to_issuables.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Groups > Labels > User sees links to issuables' do
diff --git a/spec/features/groups/members/filter_members_spec.rb b/spec/features/groups/members/filter_members_spec.rb
index 386d81546d7..7aad66ec08f 100644
--- a/spec/features/groups/members/filter_members_spec.rb
+++ b/spec/features/groups/members/filter_members_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Groups > Members > Filter members' do
diff --git a/spec/features/groups/members/leave_group_spec.rb b/spec/features/groups/members/leave_group_spec.rb
index 439803f9255..df15f995be4 100644
--- a/spec/features/groups/members/leave_group_spec.rb
+++ b/spec/features/groups/members/leave_group_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Groups > Members > Leave group' do
diff --git a/spec/features/groups/members/list_members_spec.rb b/spec/features/groups/members/list_members_spec.rb
index 4ba7161601e..98fcc4ac386 100644
--- a/spec/features/groups/members/list_members_spec.rb
+++ b/spec/features/groups/members/list_members_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Groups > Members > List members' do
diff --git a/spec/features/groups/members/manage_members_spec.rb b/spec/features/groups/members/manage_members_spec.rb
index e2b4a491a13..779fa74501a 100644
--- a/spec/features/groups/members/manage_members_spec.rb
+++ b/spec/features/groups/members/manage_members_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Groups > Members > Manage members' do
diff --git a/spec/features/groups/members/master_manages_access_requests_spec.rb b/spec/features/groups/members/master_manages_access_requests_spec.rb
index bd615c99412..454da126c81 100644
--- a/spec/features/groups/members/master_manages_access_requests_spec.rb
+++ b/spec/features/groups/members/master_manages_access_requests_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Groups > Members > Maintainer manages access requests' do
diff --git a/spec/features/groups/members/request_access_spec.rb b/spec/features/groups/members/request_access_spec.rb
index 94510f917a3..0d5321709ae 100644
--- a/spec/features/groups/members/request_access_spec.rb
+++ b/spec/features/groups/members/request_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Groups > Members > Request access' do
diff --git a/spec/features/groups/members/search_members_spec.rb b/spec/features/groups/members/search_members_spec.rb
index e7efdf7dfef..d2d084c9174 100644
--- a/spec/features/groups/members/search_members_spec.rb
+++ b/spec/features/groups/members/search_members_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Search group member' do
diff --git a/spec/features/groups/members/sort_members_spec.rb b/spec/features/groups/members/sort_members_spec.rb
index ee32f6d77fe..11770e6ac2a 100644
--- a/spec/features/groups/members/sort_members_spec.rb
+++ b/spec/features/groups/members/sort_members_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Groups > Members > Sort members' do
diff --git a/spec/features/groups/milestone_spec.rb b/spec/features/groups/milestone_spec.rb
index d57eb87ca77..7f0155b63e0 100644
--- a/spec/features/groups/milestone_spec.rb
+++ b/spec/features/groups/milestone_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Group milestones' do
diff --git a/spec/features/groups/milestones_sorting_spec.rb b/spec/features/groups/milestones_sorting_spec.rb
index 7bc015ea28f..d27511be0b0 100644
--- a/spec/features/groups/milestones_sorting_spec.rb
+++ b/spec/features/groups/milestones_sorting_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Milestones sorting', :js do
diff --git a/spec/features/groups/settings/group_badges_spec.rb b/spec/features/groups/settings/group_badges_spec.rb
index a5c8dbf18d0..9236a50cce5 100644
--- a/spec/features/groups/settings/group_badges_spec.rb
+++ b/spec/features/groups/settings/group_badges_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Group Badges' do
diff --git a/spec/features/groups/share_lock_spec.rb b/spec/features/groups/share_lock_spec.rb
index 704d9f12888..a74065a62b4 100644
--- a/spec/features/groups/share_lock_spec.rb
+++ b/spec/features/groups/share_lock_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Group share with group lock' do
diff --git a/spec/features/groups/show_spec.rb b/spec/features/groups/show_spec.rb
index bed998a0859..3ed4be2e207 100644
--- a/spec/features/groups/show_spec.rb
+++ b/spec/features/groups/show_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Group show page' do
diff --git a/spec/features/groups/user_browse_projects_group_page_spec.rb b/spec/features/groups/user_browse_projects_group_page_spec.rb
index 916363c41dd..075bc1128ca 100644
--- a/spec/features/groups/user_browse_projects_group_page_spec.rb
+++ b/spec/features/groups/user_browse_projects_group_page_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'User browse group projects page' do
diff --git a/spec/features/groups/user_sees_users_dropdowns_in_issuables_list_spec.rb b/spec/features/groups/user_sees_users_dropdowns_in_issuables_list_spec.rb
index 6d6f206d761..742021ae4a1 100644
--- a/spec/features/groups/user_sees_users_dropdowns_in_issuables_list_spec.rb
+++ b/spec/features/groups/user_sees_users_dropdowns_in_issuables_list_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Groups > User sees users dropdowns in issuables list' do
diff --git a/spec/features/groups_spec.rb b/spec/features/groups_spec.rb
index 8e7f78cab81..01ce97c7c4d 100644
--- a/spec/features/groups_spec.rb
+++ b/spec/features/groups_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Group' do
diff --git a/spec/features/ics/dashboard_issues_spec.rb b/spec/features/ics/dashboard_issues_spec.rb
index b74bbf848ac..4eebff31a9c 100644
--- a/spec/features/ics/dashboard_issues_spec.rb
+++ b/spec/features/ics/dashboard_issues_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dashboard Issues Calendar Feed' do
diff --git a/spec/features/ics/group_issues_spec.rb b/spec/features/ics/group_issues_spec.rb
index 86da720c8be..7e674fd08df 100644
--- a/spec/features/ics/group_issues_spec.rb
+++ b/spec/features/ics/group_issues_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Group Issues Calendar Feed' do
diff --git a/spec/features/ics/project_issues_spec.rb b/spec/features/ics/project_issues_spec.rb
index 37b90c666bc..c339f28a27e 100644
--- a/spec/features/ics/project_issues_spec.rb
+++ b/spec/features/ics/project_issues_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project Issues Calendar Feed' do
diff --git a/spec/features/ide/user_opens_merge_request_spec.rb b/spec/features/ide/user_opens_merge_request_spec.rb
index 185349219a7..03318287db9 100644
--- a/spec/features/ide/user_opens_merge_request_spec.rb
+++ b/spec/features/ide/user_opens_merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'IDE merge request', :js do
diff --git a/spec/features/ide_spec.rb b/spec/features/ide_spec.rb
index 6eb59ef72c2..7c03dbe0a2a 100644
--- a/spec/features/ide_spec.rb
+++ b/spec/features/ide_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'IDE', :js do
diff --git a/spec/features/import/manifest_import_spec.rb b/spec/features/import/manifest_import_spec.rb
index a90cdd8d920..e209573584c 100644
--- a/spec/features/import/manifest_import_spec.rb
+++ b/spec/features/import/manifest_import_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Import multiple repositories by uploading a manifest file', :js, :postgresql do
diff --git a/spec/features/instance_statistics/cohorts_spec.rb b/spec/features/instance_statistics/cohorts_spec.rb
index 40e65515ceb..61294ec9af2 100644
--- a/spec/features/instance_statistics/cohorts_spec.rb
+++ b/spec/features/instance_statistics/cohorts_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Cohorts page' do
diff --git a/spec/features/instance_statistics/instance_statistics.rb b/spec/features/instance_statistics/instance_statistics.rb
index d03e6e68075..40d0f1db207 100644
--- a/spec/features/instance_statistics/instance_statistics.rb
+++ b/spec/features/instance_statistics/instance_statistics.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Cohorts page', :js do
diff --git a/spec/features/invites_spec.rb b/spec/features/invites_spec.rb
index 9e1a12a9c2a..855cf22642e 100644
--- a/spec/features/invites_spec.rb
+++ b/spec/features/invites_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Invites' do
diff --git a/spec/features/issuables/close_reopen_report_toggle_spec.rb b/spec/features/issuables/close_reopen_report_toggle_spec.rb
index 26c44baeb21..8805018902f 100644
--- a/spec/features/issuables/close_reopen_report_toggle_spec.rb
+++ b/spec/features/issuables/close_reopen_report_toggle_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Issuables Close/Reopen/Report toggle' do
diff --git a/spec/features/issuables/discussion_lock_spec.rb b/spec/features/issuables/discussion_lock_spec.rb
index 7ea29ff252b..0cd2c077081 100644
--- a/spec/features/issuables/discussion_lock_spec.rb
+++ b/spec/features/issuables/discussion_lock_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Discussion Lock', :js do
diff --git a/spec/features/issuables/issuable_list_spec.rb b/spec/features/issuables/issuable_list_spec.rb
index 225b858742d..dc68e633e27 100644
--- a/spec/features/issuables/issuable_list_spec.rb
+++ b/spec/features/issuables/issuable_list_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'issuable list' do
diff --git a/spec/features/issuables/markdown_references/internal_references_spec.rb b/spec/features/issuables/markdown_references/internal_references_spec.rb
index 870e92b8de8..e84629dc17f 100644
--- a/spec/features/issuables/markdown_references/internal_references_spec.rb
+++ b/spec/features/issuables/markdown_references/internal_references_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "rails_helper"
 
 describe "Internal references", :js do
diff --git a/spec/features/issuables/markdown_references/jira_spec.rb b/spec/features/issuables/markdown_references/jira_spec.rb
index 8eaccfc0949..aecdeffe4a4 100644
--- a/spec/features/issuables/markdown_references/jira_spec.rb
+++ b/spec/features/issuables/markdown_references/jira_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "rails_helper"
 
 describe "Jira", :js do
diff --git a/spec/features/issuables/shortcuts_issuable_spec.rb b/spec/features/issuables/shortcuts_issuable_spec.rb
index a19101366a0..da8a0dd7b0f 100644
--- a/spec/features/issuables/shortcuts_issuable_spec.rb
+++ b/spec/features/issuables/shortcuts_issuable_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Blob shortcuts', :js do
diff --git a/spec/features/issuables/user_sees_sidebar_spec.rb b/spec/features/issuables/user_sees_sidebar_spec.rb
index c6c2e58ecea..d1e10c70414 100644
--- a/spec/features/issuables/user_sees_sidebar_spec.rb
+++ b/spec/features/issuables/user_sees_sidebar_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Issue Sidebar on Mobile' do
diff --git a/spec/features/issues/bulk_assignment_labels_spec.rb b/spec/features/issues/bulk_assignment_labels_spec.rb
index 7be5961af09..e8b828bd264 100644
--- a/spec/features/issues/bulk_assignment_labels_spec.rb
+++ b/spec/features/issues/bulk_assignment_labels_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Issues > Labels bulk assignment' do
diff --git a/spec/features/issues/create_issue_for_discussions_in_merge_request_spec.rb b/spec/features/issues/create_issue_for_discussions_in_merge_request_spec.rb
index f6dccb5e98a..f2e482faf5f 100644
--- a/spec/features/issues/create_issue_for_discussions_in_merge_request_spec.rb
+++ b/spec/features/issues/create_issue_for_discussions_in_merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Resolving all open threads in a merge request from an issue', :js do
diff --git a/spec/features/issues/create_issue_for_single_discussion_in_merge_request_spec.rb b/spec/features/issues/create_issue_for_single_discussion_in_merge_request_spec.rb
index 1b1a31d0723..08c98358544 100644
--- a/spec/features/issues/create_issue_for_single_discussion_in_merge_request_spec.rb
+++ b/spec/features/issues/create_issue_for_single_discussion_in_merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Resolve an open thread in a merge request by creating an issue', :js do
diff --git a/spec/features/issues/filtered_search/dropdown_assignee_spec.rb b/spec/features/issues/filtered_search/dropdown_assignee_spec.rb
index 75313442b65..2ca551cec77 100644
--- a/spec/features/issues/filtered_search/dropdown_assignee_spec.rb
+++ b/spec/features/issues/filtered_search/dropdown_assignee_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Dropdown assignee', :js do
diff --git a/spec/features/issues/filtered_search/dropdown_author_spec.rb b/spec/features/issues/filtered_search/dropdown_author_spec.rb
index bc8d9bc8450..b2905fc1dde 100644
--- a/spec/features/issues/filtered_search/dropdown_author_spec.rb
+++ b/spec/features/issues/filtered_search/dropdown_author_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Dropdown author', :js do
diff --git a/spec/features/issues/filtered_search/dropdown_emoji_spec.rb b/spec/features/issues/filtered_search/dropdown_emoji_spec.rb
index a5c3ab7e7d0..45344aeb8f5 100644
--- a/spec/features/issues/filtered_search/dropdown_emoji_spec.rb
+++ b/spec/features/issues/filtered_search/dropdown_emoji_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Dropdown emoji', :js do
diff --git a/spec/features/issues/filtered_search/dropdown_hint_spec.rb b/spec/features/issues/filtered_search/dropdown_hint_spec.rb
index 1f4e9e79179..34313553b34 100644
--- a/spec/features/issues/filtered_search/dropdown_hint_spec.rb
+++ b/spec/features/issues/filtered_search/dropdown_hint_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Dropdown hint', :js do
diff --git a/spec/features/issues/filtered_search/dropdown_label_spec.rb b/spec/features/issues/filtered_search/dropdown_label_spec.rb
index f502061dfce..f7f9f0de4db 100644
--- a/spec/features/issues/filtered_search/dropdown_label_spec.rb
+++ b/spec/features/issues/filtered_search/dropdown_label_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Dropdown label', :js do
diff --git a/spec/features/issues/filtered_search/dropdown_milestone_spec.rb b/spec/features/issues/filtered_search/dropdown_milestone_spec.rb
index 7a6f76cb382..8429fe44c43 100644
--- a/spec/features/issues/filtered_search/dropdown_milestone_spec.rb
+++ b/spec/features/issues/filtered_search/dropdown_milestone_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Dropdown milestone', :js do
diff --git a/spec/features/issues/filtered_search/filter_issues_spec.rb b/spec/features/issues/filtered_search/filter_issues_spec.rb
index fa8e5cb0ca9..8b5e7934ec1 100644
--- a/spec/features/issues/filtered_search/filter_issues_spec.rb
+++ b/spec/features/issues/filtered_search/filter_issues_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Filter issues', :js do
diff --git a/spec/features/issues/filtered_search/recent_searches_spec.rb b/spec/features/issues/filtered_search/recent_searches_spec.rb
index 41b9ada988a..c038281d825 100644
--- a/spec/features/issues/filtered_search/recent_searches_spec.rb
+++ b/spec/features/issues/filtered_search/recent_searches_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Recent searches', :js do
diff --git a/spec/features/issues/filtered_search/search_bar_spec.rb b/spec/features/issues/filtered_search/search_bar_spec.rb
index da23aea1fc9..0fe03160e7a 100644
--- a/spec/features/issues/filtered_search/search_bar_spec.rb
+++ b/spec/features/issues/filtered_search/search_bar_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Search bar', :js do
diff --git a/spec/features/issues/filtered_search/visual_tokens_spec.rb b/spec/features/issues/filtered_search/visual_tokens_spec.rb
index 9fd661d80ae..b20add1ea33 100644
--- a/spec/features/issues/filtered_search/visual_tokens_spec.rb
+++ b/spec/features/issues/filtered_search/visual_tokens_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Visual tokens', :js do
diff --git a/spec/features/issues/form_spec.rb b/spec/features/issues/form_spec.rb
index 597af566f9c..e840ac79916 100644
--- a/spec/features/issues/form_spec.rb
+++ b/spec/features/issues/form_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'New/edit issue', :js do
diff --git a/spec/features/issues/gfm_autocomplete_spec.rb b/spec/features/issues/gfm_autocomplete_spec.rb
index 40845ec48f9..566441dc6f6 100644
--- a/spec/features/issues/gfm_autocomplete_spec.rb
+++ b/spec/features/issues/gfm_autocomplete_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'GFM autocomplete', :js do
diff --git a/spec/features/issues/group_label_sidebar_spec.rb b/spec/features/issues/group_label_sidebar_spec.rb
index 9c10f78f67a..746c55b6a26 100644
--- a/spec/features/issues/group_label_sidebar_spec.rb
+++ b/spec/features/issues/group_label_sidebar_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Group label on issue' do
diff --git a/spec/features/issues/issue_detail_spec.rb b/spec/features/issues/issue_detail_spec.rb
index 791bd003597..8f2e5b237ea 100644
--- a/spec/features/issues/issue_detail_spec.rb
+++ b/spec/features/issues/issue_detail_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Issue Detail', :js do
diff --git a/spec/features/issues/issue_sidebar_spec.rb b/spec/features/issues/issue_sidebar_spec.rb
index 321da8f44d7..b88d1bbeae5 100644
--- a/spec/features/issues/issue_sidebar_spec.rb
+++ b/spec/features/issues/issue_sidebar_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Issue Sidebar' do
diff --git a/spec/features/issues/keyboard_shortcut_spec.rb b/spec/features/issues/keyboard_shortcut_spec.rb
index 961de9d3d25..e1325e63e6b 100644
--- a/spec/features/issues/keyboard_shortcut_spec.rb
+++ b/spec/features/issues/keyboard_shortcut_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Issues shortcut', :js do
diff --git a/spec/features/issues/markdown_toolbar_spec.rb b/spec/features/issues/markdown_toolbar_spec.rb
index 94bd7c53bb5..b80b47a4c99 100644
--- a/spec/features/issues/markdown_toolbar_spec.rb
+++ b/spec/features/issues/markdown_toolbar_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Issue markdown toolbar', :js do
diff --git a/spec/features/issues/move_spec.rb b/spec/features/issues/move_spec.rb
index 2abc50b04e4..9e0be7d8935 100644
--- a/spec/features/issues/move_spec.rb
+++ b/spec/features/issues/move_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'issue move to another project' do
diff --git a/spec/features/issues/note_polling_spec.rb b/spec/features/issues/note_polling_spec.rb
index 3cd7ce6dada..04ad012d57e 100644
--- a/spec/features/issues/note_polling_spec.rb
+++ b/spec/features/issues/note_polling_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Issue notes polling', :js do
diff --git a/spec/features/issues/notes_on_issues_spec.rb b/spec/features/issues/notes_on_issues_spec.rb
index fed77453cbb..5247baa58a1 100644
--- a/spec/features/issues/notes_on_issues_spec.rb
+++ b/spec/features/issues/notes_on_issues_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Create notes on issues', :js do
diff --git a/spec/features/issues/rss_spec.rb b/spec/features/issues/rss_spec.rb
index 0e1383cd607..d6a406f4f44 100644
--- a/spec/features/issues/rss_spec.rb
+++ b/spec/features/issues/rss_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project Issues RSS' do
diff --git a/spec/features/issues/spam_issues_spec.rb b/spec/features/issues/spam_issues_spec.rb
index 7cce45ff206..85c72c42f45 100644
--- a/spec/features/issues/spam_issues_spec.rb
+++ b/spec/features/issues/spam_issues_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'New issue', :js do
diff --git a/spec/features/issues/todo_spec.rb b/spec/features/issues/todo_spec.rb
index 07ae159eef4..9282c31751a 100644
--- a/spec/features/issues/todo_spec.rb
+++ b/spec/features/issues/todo_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Manually create a todo item from issue', :js do
diff --git a/spec/features/issues/update_issues_spec.rb b/spec/features/issues/update_issues_spec.rb
index fd8629ae504..0e27d0231d0 100644
--- a/spec/features/issues/update_issues_spec.rb
+++ b/spec/features/issues/update_issues_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Multiple issue updating from issues#index', :js do
diff --git a/spec/features/issues/user_comments_on_issue_spec.rb b/spec/features/issues/user_comments_on_issue_spec.rb
index 4b29f6ee42a..bdaaea5bf7f 100644
--- a/spec/features/issues/user_comments_on_issue_spec.rb
+++ b/spec/features/issues/user_comments_on_issue_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User comments on issue", :js do
diff --git a/spec/features/issues/user_creates_branch_and_merge_request_spec.rb b/spec/features/issues/user_creates_branch_and_merge_request_spec.rb
index f9103d83ba0..878a73718d7 100644
--- a/spec/features/issues/user_creates_branch_and_merge_request_spec.rb
+++ b/spec/features/issues/user_creates_branch_and_merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'User creates branch and merge request on issue page', :js do
diff --git a/spec/features/issues/user_creates_confidential_merge_request_spec.rb b/spec/features/issues/user_creates_confidential_merge_request_spec.rb
index 7ae4af4667b..4a32b7e2b73 100644
--- a/spec/features/issues/user_creates_confidential_merge_request_spec.rb
+++ b/spec/features/issues/user_creates_confidential_merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'User creates confidential merge request on issue page', :js do
diff --git a/spec/features/issues/user_edits_issue_spec.rb b/spec/features/issues/user_edits_issue_spec.rb
index 60b88ef4bdf..0afc19d9519 100644
--- a/spec/features/issues/user_edits_issue_spec.rb
+++ b/spec/features/issues/user_edits_issue_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User edits issue", :js do
diff --git a/spec/features/issues/user_interacts_with_awards_spec.rb b/spec/features/issues/user_interacts_with_awards_spec.rb
index d117620a2b1..eab18b72c86 100644
--- a/spec/features/issues/user_interacts_with_awards_spec.rb
+++ b/spec/features/issues/user_interacts_with_awards_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User interacts with awards' do
diff --git a/spec/features/issues/user_sees_breadcrumb_links_spec.rb b/spec/features/issues/user_sees_breadcrumb_links_spec.rb
index 43369f7609f..db8d3c5dd53 100644
--- a/spec/features/issues/user_sees_breadcrumb_links_spec.rb
+++ b/spec/features/issues/user_sees_breadcrumb_links_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'New issue breadcrumb' do
diff --git a/spec/features/issues/user_sorts_issues_spec.rb b/spec/features/issues/user_sorts_issues_spec.rb
index eebd2d57cca..79938785633 100644
--- a/spec/features/issues/user_sorts_issues_spec.rb
+++ b/spec/features/issues/user_sorts_issues_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User sorts issues" do
diff --git a/spec/features/issues/user_toggles_subscription_spec.rb b/spec/features/issues/user_toggles_subscription_spec.rb
index c2b2a193682..7a721adc8dd 100644
--- a/spec/features/issues/user_toggles_subscription_spec.rb
+++ b/spec/features/issues/user_toggles_subscription_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User toggles subscription", :js do
diff --git a/spec/features/issues/user_views_issue_spec.rb b/spec/features/issues/user_views_issue_spec.rb
index 330b6f0e77a..dd04ac94105 100644
--- a/spec/features/issues/user_views_issue_spec.rb
+++ b/spec/features/issues/user_views_issue_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User views issue" do
diff --git a/spec/features/issues/user_views_issues_spec.rb b/spec/features/issues/user_views_issues_spec.rb
index 58afb4efb86..b986991f38f 100644
--- a/spec/features/issues/user_views_issues_spec.rb
+++ b/spec/features/issues/user_views_issues_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User views issues" do
diff --git a/spec/features/labels_hierarchy_spec.rb b/spec/features/labels_hierarchy_spec.rb
index 489651fea15..5741f331aac 100644
--- a/spec/features/labels_hierarchy_spec.rb
+++ b/spec/features/labels_hierarchy_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Labels Hierarchy', :js, :nested_groups do
diff --git a/spec/features/markdown/copy_as_gfm_spec.rb b/spec/features/markdown/copy_as_gfm_spec.rb
index c30ac9c4ae2..609d8d9976b 100644
--- a/spec/features/markdown/copy_as_gfm_spec.rb
+++ b/spec/features/markdown/copy_as_gfm_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Copy as GFM', :js do
diff --git a/spec/features/markdown/gitlab_flavored_markdown_spec.rb b/spec/features/markdown/gitlab_flavored_markdown_spec.rb
index 8fda3c7193e..f34af268630 100644
--- a/spec/features/markdown/gitlab_flavored_markdown_spec.rb
+++ b/spec/features/markdown/gitlab_flavored_markdown_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "GitLab Flavored Markdown" do
diff --git a/spec/features/markdown/markdown_spec.rb b/spec/features/markdown/markdown_spec.rb
index 8815643ca96..0efeffe3232 100644
--- a/spec/features/markdown/markdown_spec.rb
+++ b/spec/features/markdown/markdown_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'erb'
 
diff --git a/spec/features/markdown/math_spec.rb b/spec/features/markdown/math_spec.rb
index 16ad0d456be..68d99b4241a 100644
--- a/spec/features/markdown/math_spec.rb
+++ b/spec/features/markdown/math_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Math rendering', :js do
diff --git a/spec/features/markdown/mermaid_spec.rb b/spec/features/markdown/mermaid_spec.rb
index e3bcaca737e..aaaceebc216 100644
--- a/spec/features/markdown/mermaid_spec.rb
+++ b/spec/features/markdown/mermaid_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Mermaid rendering', :js do
diff --git a/spec/features/merge_request/maintainer_edits_fork_spec.rb b/spec/features/merge_request/maintainer_edits_fork_spec.rb
index b35f985126c..030638cba71 100644
--- a/spec/features/merge_request/maintainer_edits_fork_spec.rb
+++ b/spec/features/merge_request/maintainer_edits_fork_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'a maintainer edits files on a source-branch of an MR from a fork', :js do
diff --git a/spec/features/merge_request/user_accepts_merge_request_spec.rb b/spec/features/merge_request/user_accepts_merge_request_spec.rb
index 3d029ccec1a..4d305d43351 100644
--- a/spec/features/merge_request/user_accepts_merge_request_spec.rb
+++ b/spec/features/merge_request/user_accepts_merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User accepts a merge request', :js do
diff --git a/spec/features/merge_request/user_allows_commits_from_memebers_who_can_merge_spec.rb b/spec/features/merge_request/user_allows_commits_from_memebers_who_can_merge_spec.rb
index b8c4a78e24f..be403abcc4d 100644
--- a/spec/features/merge_request/user_allows_commits_from_memebers_who_can_merge_spec.rb
+++ b/spec/features/merge_request/user_allows_commits_from_memebers_who_can_merge_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'create a merge request, allowing commits from members who can merge to the target branch', :js do
diff --git a/spec/features/merge_request/user_assigns_themselves_spec.rb b/spec/features/merge_request/user_assigns_themselves_spec.rb
index 41cc7cef777..d7918a9e9d7 100644
--- a/spec/features/merge_request/user_assigns_themselves_spec.rb
+++ b/spec/features/merge_request/user_assigns_themselves_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User assigns themselves' do
diff --git a/spec/features/merge_request/user_awards_emoji_spec.rb b/spec/features/merge_request/user_awards_emoji_spec.rb
index 93376bc8ce0..5e9b232760b 100644
--- a/spec/features/merge_request/user_awards_emoji_spec.rb
+++ b/spec/features/merge_request/user_awards_emoji_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User awards emoji', :js do
diff --git a/spec/features/merge_request/user_closes_merge_request_spec.rb b/spec/features/merge_request/user_closes_merge_request_spec.rb
index 2d12d690151..c5125c38ed7 100644
--- a/spec/features/merge_request/user_closes_merge_request_spec.rb
+++ b/spec/features/merge_request/user_closes_merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User closes a merge requests', :js do
diff --git a/spec/features/merge_request/user_comments_on_commit_spec.rb b/spec/features/merge_request/user_comments_on_commit_spec.rb
index 8ea358bcc70..6b869d93e4c 100644
--- a/spec/features/merge_request/user_comments_on_commit_spec.rb
+++ b/spec/features/merge_request/user_comments_on_commit_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User comments on a commit', :js do
diff --git a/spec/features/merge_request/user_comments_on_diff_spec.rb b/spec/features/merge_request/user_comments_on_diff_spec.rb
index eb4b2cf5bd0..19b8a7f74b7 100644
--- a/spec/features/merge_request/user_comments_on_diff_spec.rb
+++ b/spec/features/merge_request/user_comments_on_diff_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User comments on a diff', :js do
diff --git a/spec/features/merge_request/user_comments_on_merge_request_spec.rb b/spec/features/merge_request/user_comments_on_merge_request_spec.rb
index e6bc3780b5c..c7845b4cce4 100644
--- a/spec/features/merge_request/user_comments_on_merge_request_spec.rb
+++ b/spec/features/merge_request/user_comments_on_merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User comments on a merge request', :js do
diff --git a/spec/features/merge_request/user_creates_image_diff_notes_spec.rb b/spec/features/merge_request/user_creates_image_diff_notes_spec.rb
index 3a9a06a6bc3..e0724a04ea3 100644
--- a/spec/features/merge_request/user_creates_image_diff_notes_spec.rb
+++ b/spec/features/merge_request/user_creates_image_diff_notes_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Merge request > User creates image diff notes', :js do
diff --git a/spec/features/merge_request/user_creates_merge_request_spec.rb b/spec/features/merge_request/user_creates_merge_request_spec.rb
index 2a70cbb2a72..f92791cc810 100644
--- a/spec/features/merge_request/user_creates_merge_request_spec.rb
+++ b/spec/features/merge_request/user_creates_merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User creates a merge request", :js do
diff --git a/spec/features/merge_request/user_creates_mr_spec.rb b/spec/features/merge_request/user_creates_mr_spec.rb
index c9dedab048a..267097bd466 100644
--- a/spec/features/merge_request/user_creates_mr_spec.rb
+++ b/spec/features/merge_request/user_creates_mr_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User creates MR' do
diff --git a/spec/features/merge_request/user_customizes_merge_commit_message_spec.rb b/spec/features/merge_request/user_customizes_merge_commit_message_spec.rb
index c6b11fce388..3213efcb60b 100644
--- a/spec/features/merge_request/user_customizes_merge_commit_message_spec.rb
+++ b/spec/features/merge_request/user_customizes_merge_commit_message_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request < User customizes merge commit message', :js do
diff --git a/spec/features/merge_request/user_edits_merge_request_spec.rb b/spec/features/merge_request/user_edits_merge_request_spec.rb
index 7de0f9daac6..81c56855961 100644
--- a/spec/features/merge_request/user_edits_merge_request_spec.rb
+++ b/spec/features/merge_request/user_edits_merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User edits a merge request', :js do
diff --git a/spec/features/merge_request/user_edits_mr_spec.rb b/spec/features/merge_request/user_edits_mr_spec.rb
index 25979513ead..e6b847c5e7f 100644
--- a/spec/features/merge_request/user_edits_mr_spec.rb
+++ b/spec/features/merge_request/user_edits_mr_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Merge request > User edits MR' do
diff --git a/spec/features/merge_request/user_expands_diff_spec.rb b/spec/features/merge_request/user_expands_diff_spec.rb
index 3560b8d90bb..f7317ec5ca7 100644
--- a/spec/features/merge_request/user_expands_diff_spec.rb
+++ b/spec/features/merge_request/user_expands_diff_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User expands diff', :js do
diff --git a/spec/features/merge_request/user_locks_discussion_spec.rb b/spec/features/merge_request/user_locks_discussion_spec.rb
index 76c759ab8d3..365e9b60d90 100644
--- a/spec/features/merge_request/user_locks_discussion_spec.rb
+++ b/spec/features/merge_request/user_locks_discussion_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User locks discussion', :js do
diff --git a/spec/features/merge_request/user_manages_subscription_spec.rb b/spec/features/merge_request/user_manages_subscription_spec.rb
index 68a835e7f77..5c6072c57ff 100644
--- a/spec/features/merge_request/user_manages_subscription_spec.rb
+++ b/spec/features/merge_request/user_manages_subscription_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User manages subscription', :js do
diff --git a/spec/features/merge_request/user_merges_immediately_spec.rb b/spec/features/merge_request/user_merges_immediately_spec.rb
index 84636ae355c..2f01971c2e9 100644
--- a/spec/features/merge_request/user_merges_immediately_spec.rb
+++ b/spec/features/merge_request/user_merges_immediately_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge requests > User merges immediately', :js do
diff --git a/spec/features/merge_request/user_merges_only_if_pipeline_succeeds_spec.rb b/spec/features/merge_request/user_merges_only_if_pipeline_succeeds_spec.rb
index 8372b61f872..3f9c27bbf9d 100644
--- a/spec/features/merge_request/user_merges_only_if_pipeline_succeeds_spec.rb
+++ b/spec/features/merge_request/user_merges_only_if_pipeline_succeeds_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User merges only if pipeline succeeds', :js do
diff --git a/spec/features/merge_request/user_merges_when_pipeline_succeeds_spec.rb b/spec/features/merge_request/user_merges_when_pipeline_succeeds_spec.rb
index 85c4d778fd0..93938ac221a 100644
--- a/spec/features/merge_request/user_merges_when_pipeline_succeeds_spec.rb
+++ b/spec/features/merge_request/user_merges_when_pipeline_succeeds_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User merges when pipeline succeeds', :js do
diff --git a/spec/features/merge_request/user_posts_diff_notes_spec.rb b/spec/features/merge_request/user_posts_diff_notes_spec.rb
index 19edce1b562..ead564aea28 100644
--- a/spec/features/merge_request/user_posts_diff_notes_spec.rb
+++ b/spec/features/merge_request/user_posts_diff_notes_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User posts diff notes', :js do
diff --git a/spec/features/merge_request/user_posts_notes_spec.rb b/spec/features/merge_request/user_posts_notes_spec.rb
index 8ff24449b39..1fad9eac1bd 100644
--- a/spec/features/merge_request/user_posts_notes_spec.rb
+++ b/spec/features/merge_request/user_posts_notes_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User posts notes', :js do
diff --git a/spec/features/merge_request/user_rebases_merge_request_spec.rb b/spec/features/merge_request/user_rebases_merge_request_spec.rb
index 92e1c9942b1..34f009000dc 100644
--- a/spec/features/merge_request/user_rebases_merge_request_spec.rb
+++ b/spec/features/merge_request/user_rebases_merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User rebases a merge request", :js do
diff --git a/spec/features/merge_request/user_reopens_merge_request_spec.rb b/spec/features/merge_request/user_reopens_merge_request_spec.rb
index 745b4537e72..6dee5770d0c 100644
--- a/spec/features/merge_request/user_reopens_merge_request_spec.rb
+++ b/spec/features/merge_request/user_reopens_merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User reopens a merge requests', :js do
diff --git a/spec/features/merge_request/user_resolves_conflicts_spec.rb b/spec/features/merge_request/user_resolves_conflicts_spec.rb
index 8fd44b87e5a..fb089a9ffcb 100644
--- a/spec/features/merge_request/user_resolves_conflicts_spec.rb
+++ b/spec/features/merge_request/user_resolves_conflicts_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User resolves conflicts', :js do
diff --git a/spec/features/merge_request/user_resolves_diff_notes_and_discussions_resolve_spec.rb b/spec/features/merge_request/user_resolves_diff_notes_and_discussions_resolve_spec.rb
index 3e72b2ce71f..b8e4852a748 100644
--- a/spec/features/merge_request/user_resolves_diff_notes_and_discussions_resolve_spec.rb
+++ b/spec/features/merge_request/user_resolves_diff_notes_and_discussions_resolve_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User resolves diff notes and threads', :js do
diff --git a/spec/features/merge_request/user_resolves_outdated_diff_discussions_spec.rb b/spec/features/merge_request/user_resolves_outdated_diff_discussions_spec.rb
index 777464ef841..b40c11f0d47 100644
--- a/spec/features/merge_request/user_resolves_outdated_diff_discussions_spec.rb
+++ b/spec/features/merge_request/user_resolves_outdated_diff_discussions_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Merge request > User resolves outdated diff discussions', :js do
diff --git a/spec/features/merge_request/user_reverts_merge_request_spec.rb b/spec/features/merge_request/user_reverts_merge_request_spec.rb
index 67b6aefb2d8..71270b13c14 100644
--- a/spec/features/merge_request/user_reverts_merge_request_spec.rb
+++ b/spec/features/merge_request/user_reverts_merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User reverts a merge request', :js do
diff --git a/spec/features/merge_request/user_scrolls_to_note_on_load_spec.rb b/spec/features/merge_request/user_scrolls_to_note_on_load_spec.rb
index 2f7d359575e..23b37c218e1 100644
--- a/spec/features/merge_request/user_scrolls_to_note_on_load_spec.rb
+++ b/spec/features/merge_request/user_scrolls_to_note_on_load_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User scrolls to note on load', :js do
diff --git a/spec/features/merge_request/user_sees_avatar_on_diff_notes_spec.rb b/spec/features/merge_request/user_sees_avatar_on_diff_notes_spec.rb
index b58c433bbfe..fae81758086 100644
--- a/spec/features/merge_request/user_sees_avatar_on_diff_notes_spec.rb
+++ b/spec/features/merge_request/user_sees_avatar_on_diff_notes_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees avatars on diff notes', :js do
diff --git a/spec/features/merge_request/user_sees_breadcrumb_links_spec.rb b/spec/features/merge_request/user_sees_breadcrumb_links_spec.rb
index 18d204da17a..e1f0ddc4c6a 100644
--- a/spec/features/merge_request/user_sees_breadcrumb_links_spec.rb
+++ b/spec/features/merge_request/user_sees_breadcrumb_links_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'New merge request breadcrumb' do
diff --git a/spec/features/merge_request/user_sees_check_out_branch_modal_spec.rb b/spec/features/merge_request/user_sees_check_out_branch_modal_spec.rb
index 86086a58f18..93ae408a173 100644
--- a/spec/features/merge_request/user_sees_check_out_branch_modal_spec.rb
+++ b/spec/features/merge_request/user_sees_check_out_branch_modal_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees check out branch modal', :js do
diff --git a/spec/features/merge_request/user_sees_cherry_pick_modal_spec.rb b/spec/features/merge_request/user_sees_cherry_pick_modal_spec.rb
index aa499493dbe..8a2614c53af 100644
--- a/spec/features/merge_request/user_sees_cherry_pick_modal_spec.rb
+++ b/spec/features/merge_request/user_sees_cherry_pick_modal_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User cherry-picks', :js do
diff --git a/spec/features/merge_request/user_sees_closing_issues_message_spec.rb b/spec/features/merge_request/user_sees_closing_issues_message_spec.rb
index d7c784b14c5..52163571175 100644
--- a/spec/features/merge_request/user_sees_closing_issues_message_spec.rb
+++ b/spec/features/merge_request/user_sees_closing_issues_message_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees closing issues message', :js do
diff --git a/spec/features/merge_request/user_sees_deleted_target_branch_spec.rb b/spec/features/merge_request/user_sees_deleted_target_branch_spec.rb
index 46c21a2b155..f46921af1cd 100644
--- a/spec/features/merge_request/user_sees_deleted_target_branch_spec.rb
+++ b/spec/features/merge_request/user_sees_deleted_target_branch_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees deleted target branch', :js do
diff --git a/spec/features/merge_request/user_sees_deployment_widget_spec.rb b/spec/features/merge_request/user_sees_deployment_widget_spec.rb
index fe8e0b07d39..14fbfc2fd3f 100644
--- a/spec/features/merge_request/user_sees_deployment_widget_spec.rb
+++ b/spec/features/merge_request/user_sees_deployment_widget_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees deployment widget', :js do
diff --git a/spec/features/merge_request/user_sees_diff_spec.rb b/spec/features/merge_request/user_sees_diff_spec.rb
index 8dc5912b8be..32429bac5f9 100644
--- a/spec/features/merge_request/user_sees_diff_spec.rb
+++ b/spec/features/merge_request/user_sees_diff_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees diff', :js do
diff --git a/spec/features/merge_request/user_sees_discussions_spec.rb b/spec/features/merge_request/user_sees_discussions_spec.rb
index 39258b48295..a11baf1dca3 100644
--- a/spec/features/merge_request/user_sees_discussions_spec.rb
+++ b/spec/features/merge_request/user_sees_discussions_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees threads', :js do
diff --git a/spec/features/merge_request/user_sees_empty_state_spec.rb b/spec/features/merge_request/user_sees_empty_state_spec.rb
index 012bfd6e458..f1ad5c2dffc 100644
--- a/spec/features/merge_request/user_sees_empty_state_spec.rb
+++ b/spec/features/merge_request/user_sees_empty_state_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees empty state' do
diff --git a/spec/features/merge_request/user_sees_merge_button_depending_on_unresolved_discussions_spec.rb b/spec/features/merge_request/user_sees_merge_button_depending_on_unresolved_discussions_spec.rb
index cf398a7df18..53cafb60dfb 100644
--- a/spec/features/merge_request/user_sees_merge_button_depending_on_unresolved_discussions_spec.rb
+++ b/spec/features/merge_request/user_sees_merge_button_depending_on_unresolved_discussions_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees merge button depending on unresolved threads', :js do
diff --git a/spec/features/merge_request/user_sees_merge_widget_spec.rb b/spec/features/merge_request/user_sees_merge_widget_spec.rb
index 30e30751693..b5d0240e9de 100644
--- a/spec/features/merge_request/user_sees_merge_widget_spec.rb
+++ b/spec/features/merge_request/user_sees_merge_widget_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees merge widget', :js do
diff --git a/spec/features/merge_request/user_sees_mini_pipeline_graph_spec.rb b/spec/features/merge_request/user_sees_mini_pipeline_graph_spec.rb
index dd8900a3698..eb89d616b14 100644
--- a/spec/features/merge_request/user_sees_mini_pipeline_graph_spec.rb
+++ b/spec/features/merge_request/user_sees_mini_pipeline_graph_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request < User sees mini pipeline graph', :js do
diff --git a/spec/features/merge_request/user_sees_mr_from_deleted_forked_project_spec.rb b/spec/features/merge_request/user_sees_mr_from_deleted_forked_project_spec.rb
index fc4a188d4a7..80ee35f2a91 100644
--- a/spec/features/merge_request/user_sees_mr_from_deleted_forked_project_spec.rb
+++ b/spec/features/merge_request/user_sees_mr_from_deleted_forked_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees MR from deleted forked project', :js do
diff --git a/spec/features/merge_request/user_sees_mr_with_deleted_source_branch_spec.rb b/spec/features/merge_request/user_sees_mr_with_deleted_source_branch_spec.rb
index fd4175d5227..d9dc32d0594 100644
--- a/spec/features/merge_request/user_sees_mr_with_deleted_source_branch_spec.rb
+++ b/spec/features/merge_request/user_sees_mr_with_deleted_source_branch_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 # This test serves as a regression test for a bug that caused an error
diff --git a/spec/features/merge_request/user_sees_notes_from_forked_project_spec.rb b/spec/features/merge_request/user_sees_notes_from_forked_project_spec.rb
index a6118453540..195592531f2 100644
--- a/spec/features/merge_request/user_sees_notes_from_forked_project_spec.rb
+++ b/spec/features/merge_request/user_sees_notes_from_forked_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees notes from forked project', :js do
diff --git a/spec/features/merge_request/user_sees_pipelines_from_forked_project_spec.rb b/spec/features/merge_request/user_sees_pipelines_from_forked_project_spec.rb
index 97093bbc2f6..68c9e0b123d 100644
--- a/spec/features/merge_request/user_sees_pipelines_from_forked_project_spec.rb
+++ b/spec/features/merge_request/user_sees_pipelines_from_forked_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees pipelines from forked project', :js do
diff --git a/spec/features/merge_request/user_sees_pipelines_spec.rb b/spec/features/merge_request/user_sees_pipelines_spec.rb
index 8faddee4daa..e057f59e00c 100644
--- a/spec/features/merge_request/user_sees_pipelines_spec.rb
+++ b/spec/features/merge_request/user_sees_pipelines_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees pipelines', :js do
diff --git a/spec/features/merge_request/user_sees_system_notes_spec.rb b/spec/features/merge_request/user_sees_system_notes_spec.rb
index c6811d4161a..26cdd5ba21c 100644
--- a/spec/features/merge_request/user_sees_system_notes_spec.rb
+++ b/spec/features/merge_request/user_sees_system_notes_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees system notes', :js do
diff --git a/spec/features/merge_request/user_sees_versions_spec.rb b/spec/features/merge_request/user_sees_versions_spec.rb
index 6eae3fd4676..dae5845adec 100644
--- a/spec/features/merge_request/user_sees_versions_spec.rb
+++ b/spec/features/merge_request/user_sees_versions_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees versions', :js do
diff --git a/spec/features/merge_request/user_sees_wip_help_message_spec.rb b/spec/features/merge_request/user_sees_wip_help_message_spec.rb
index 92cc73ddf1f..46209237faf 100644
--- a/spec/features/merge_request/user_sees_wip_help_message_spec.rb
+++ b/spec/features/merge_request/user_sees_wip_help_message_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees WIP help message' do
diff --git a/spec/features/merge_request/user_selects_branches_for_new_mr_spec.rb b/spec/features/merge_request/user_selects_branches_for_new_mr_spec.rb
index ae41cf90576..a1f027cbb1d 100644
--- a/spec/features/merge_request/user_selects_branches_for_new_mr_spec.rb
+++ b/spec/features/merge_request/user_selects_branches_for_new_mr_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User selects branches for new MR', :js do
diff --git a/spec/features/merge_request/user_toggles_whitespace_changes_spec.rb b/spec/features/merge_request/user_toggles_whitespace_changes_spec.rb
index 0decdfe3a14..61b9904dde5 100644
--- a/spec/features/merge_request/user_toggles_whitespace_changes_spec.rb
+++ b/spec/features/merge_request/user_toggles_whitespace_changes_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User toggles whitespace changes', :js do
diff --git a/spec/features/merge_request/user_tries_to_access_private_repository_through_new_mr_spec.rb b/spec/features/merge_request/user_tries_to_access_private_repository_through_new_mr_spec.rb
index 9318b5f1ebb..d0dba4b9761 100644
--- a/spec/features/merge_request/user_tries_to_access_private_repository_through_new_mr_spec.rb
+++ b/spec/features/merge_request/user_tries_to_access_private_repository_through_new_mr_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Merge Request > Tries to access private repo of public project' do
diff --git a/spec/features/merge_request/user_views_diffs_spec.rb b/spec/features/merge_request/user_views_diffs_spec.rb
index 74342b16cb2..6d58d43a295 100644
--- a/spec/features/merge_request/user_views_diffs_spec.rb
+++ b/spec/features/merge_request/user_views_diffs_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User views diffs', :js do
diff --git a/spec/features/merge_request/user_views_open_merge_request_spec.rb b/spec/features/merge_request/user_views_open_merge_request_spec.rb
index 849fab62fc6..a788fc71286 100644
--- a/spec/features/merge_request/user_views_open_merge_request_spec.rb
+++ b/spec/features/merge_request/user_views_open_merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User views an open merge request' do
diff --git a/spec/features/merge_requests/filters_generic_behavior_spec.rb b/spec/features/merge_requests/filters_generic_behavior_spec.rb
index 0e7fac6b409..404e591cf4b 100644
--- a/spec/features/merge_requests/filters_generic_behavior_spec.rb
+++ b/spec/features/merge_requests/filters_generic_behavior_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge Requests > Filters generic behavior', :js do
diff --git a/spec/features/merge_requests/user_filters_by_assignees_spec.rb b/spec/features/merge_requests/user_filters_by_assignees_spec.rb
index 0cbf1bcae30..b896b6392f1 100644
--- a/spec/features/merge_requests/user_filters_by_assignees_spec.rb
+++ b/spec/features/merge_requests/user_filters_by_assignees_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge Requests > User filters by assignees', :js do
diff --git a/spec/features/merge_requests/user_filters_by_labels_spec.rb b/spec/features/merge_requests/user_filters_by_labels_spec.rb
index 08d741af93d..9fb149ca58d 100644
--- a/spec/features/merge_requests/user_filters_by_labels_spec.rb
+++ b/spec/features/merge_requests/user_filters_by_labels_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge Requests > User filters by labels', :js do
diff --git a/spec/features/merge_requests/user_filters_by_milestones_spec.rb b/spec/features/merge_requests/user_filters_by_milestones_spec.rb
index 727a236d980..2fb3c86ea94 100644
--- a/spec/features/merge_requests/user_filters_by_milestones_spec.rb
+++ b/spec/features/merge_requests/user_filters_by_milestones_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge Requests > User filters by milestones', :js do
diff --git a/spec/features/merge_requests/user_filters_by_multiple_criteria_spec.rb b/spec/features/merge_requests/user_filters_by_multiple_criteria_spec.rb
index 4627931f26a..3dd0f93ddfa 100644
--- a/spec/features/merge_requests/user_filters_by_multiple_criteria_spec.rb
+++ b/spec/features/merge_requests/user_filters_by_multiple_criteria_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge requests > User filters by multiple criteria', :js do
diff --git a/spec/features/merge_requests/user_filters_by_target_branch_spec.rb b/spec/features/merge_requests/user_filters_by_target_branch_spec.rb
index ffbdacc68f6..b5969f656b0 100644
--- a/spec/features/merge_requests/user_filters_by_target_branch_spec.rb
+++ b/spec/features/merge_requests/user_filters_by_target_branch_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge Requests > User filters by target branch', :js do
diff --git a/spec/features/merge_requests/user_lists_merge_requests_spec.rb b/spec/features/merge_requests/user_lists_merge_requests_spec.rb
index 2dee0e26954..69d4650d1ac 100644
--- a/spec/features/merge_requests/user_lists_merge_requests_spec.rb
+++ b/spec/features/merge_requests/user_lists_merge_requests_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge requests > User lists merge requests' do
diff --git a/spec/features/merge_requests/user_mass_updates_spec.rb b/spec/features/merge_requests/user_mass_updates_spec.rb
index c2dd105324d..48c92a87c63 100644
--- a/spec/features/merge_requests/user_mass_updates_spec.rb
+++ b/spec/features/merge_requests/user_mass_updates_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge requests > User mass updates', :js do
diff --git a/spec/features/merge_requests/user_sorts_merge_requests_spec.rb b/spec/features/merge_requests/user_sorts_merge_requests_spec.rb
index fa887110c13..ca3e24d7036 100644
--- a/spec/features/merge_requests/user_sorts_merge_requests_spec.rb
+++ b/spec/features/merge_requests/user_sorts_merge_requests_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User sorts merge requests' do
diff --git a/spec/features/merge_requests/user_squashes_merge_request_spec.rb b/spec/features/merge_requests/user_squashes_merge_request_spec.rb
index bf9c55cf22c..4fc8c71e47e 100644
--- a/spec/features/merge_requests/user_squashes_merge_request_spec.rb
+++ b/spec/features/merge_requests/user_squashes_merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User squashes a merge request', :js do
diff --git a/spec/features/merge_requests/user_views_all_merge_requests_spec.rb b/spec/features/merge_requests/user_views_all_merge_requests_spec.rb
index 6c695bd7aa9..60496d61e87 100644
--- a/spec/features/merge_requests/user_views_all_merge_requests_spec.rb
+++ b/spec/features/merge_requests/user_views_all_merge_requests_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User views all merge requests' do
diff --git a/spec/features/merge_requests/user_views_closed_merge_requests_spec.rb b/spec/features/merge_requests/user_views_closed_merge_requests_spec.rb
index 853809fe87a..dc0d35e4fea 100644
--- a/spec/features/merge_requests/user_views_closed_merge_requests_spec.rb
+++ b/spec/features/merge_requests/user_views_closed_merge_requests_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User views closed merge requests' do
diff --git a/spec/features/merge_requests/user_views_merged_merge_requests_spec.rb b/spec/features/merge_requests/user_views_merged_merge_requests_spec.rb
index eb012694f1e..ddb354204c9 100644
--- a/spec/features/merge_requests/user_views_merged_merge_requests_spec.rb
+++ b/spec/features/merge_requests/user_views_merged_merge_requests_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User views merged merge requests' do
diff --git a/spec/features/merge_requests/user_views_open_merge_requests_spec.rb b/spec/features/merge_requests/user_views_open_merge_requests_spec.rb
index 115e548b691..cefac9690ce 100644
--- a/spec/features/merge_requests/user_views_open_merge_requests_spec.rb
+++ b/spec/features/merge_requests/user_views_open_merge_requests_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User views open merge requests' do
diff --git a/spec/features/milestone_spec.rb b/spec/features/milestone_spec.rb
index adac59b89ef..6d5acc894b1 100644
--- a/spec/features/milestone_spec.rb
+++ b/spec/features/milestone_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Milestone' do
diff --git a/spec/features/milestones/user_creates_milestone_spec.rb b/spec/features/milestones/user_creates_milestone_spec.rb
index 5de0c381cdf..73f4f187501 100644
--- a/spec/features/milestones/user_creates_milestone_spec.rb
+++ b/spec/features/milestones/user_creates_milestone_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "rails_helper"
 
 describe "User creates milestone", :js do
diff --git a/spec/features/milestones/user_deletes_milestone_spec.rb b/spec/features/milestones/user_deletes_milestone_spec.rb
index f68ed1cde07..5666c1dd507 100644
--- a/spec/features/milestones/user_deletes_milestone_spec.rb
+++ b/spec/features/milestones/user_deletes_milestone_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "rails_helper"
 
 describe "User deletes milestone", :js do
diff --git a/spec/features/milestones/user_edits_milestone_spec.rb b/spec/features/milestones/user_edits_milestone_spec.rb
index 077295f1cc0..f8e96eac3ea 100644
--- a/spec/features/milestones/user_edits_milestone_spec.rb
+++ b/spec/features/milestones/user_edits_milestone_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "rails_helper"
 
 describe "User edits milestone", :js do
diff --git a/spec/features/milestones/user_promotes_milestone_spec.rb b/spec/features/milestones/user_promotes_milestone_spec.rb
index df1bc502134..acceb5cad62 100644
--- a/spec/features/milestones/user_promotes_milestone_spec.rb
+++ b/spec/features/milestones/user_promotes_milestone_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'User promotes milestone' do
diff --git a/spec/features/milestones/user_sees_breadcrumb_links_spec.rb b/spec/features/milestones/user_sees_breadcrumb_links_spec.rb
index d3906ea73bd..f58242759cc 100644
--- a/spec/features/milestones/user_sees_breadcrumb_links_spec.rb
+++ b/spec/features/milestones/user_sees_breadcrumb_links_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'New project milestone breadcrumb' do
diff --git a/spec/features/milestones/user_views_milestone_spec.rb b/spec/features/milestones/user_views_milestone_spec.rb
index 83d8e2ff9e9..aa0cdf66b75 100644
--- a/spec/features/milestones/user_views_milestone_spec.rb
+++ b/spec/features/milestones/user_views_milestone_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "rails_helper"
 
 describe "User views milestone" do
diff --git a/spec/features/milestones/user_views_milestones_spec.rb b/spec/features/milestones/user_views_milestones_spec.rb
index bebe40f73fd..6868791f584 100644
--- a/spec/features/milestones/user_views_milestones_spec.rb
+++ b/spec/features/milestones/user_views_milestones_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "rails_helper"
 
 describe "User views milestones" do
diff --git a/spec/features/oauth_login_spec.rb b/spec/features/oauth_login_spec.rb
index 86331728f88..5793534d114 100644
--- a/spec/features/oauth_login_spec.rb
+++ b/spec/features/oauth_login_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'OAuth Login', :js, :allow_forgery_protection do
diff --git a/spec/features/participants_autocomplete_spec.rb b/spec/features/participants_autocomplete_spec.rb
index 134731a4639..312285ca2cb 100644
--- a/spec/features/participants_autocomplete_spec.rb
+++ b/spec/features/participants_autocomplete_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Member autocomplete', :js do
diff --git a/spec/features/password_reset_spec.rb b/spec/features/password_reset_spec.rb
index dcc63dff9f5..8ceca1e3175 100644
--- a/spec/features/password_reset_spec.rb
+++ b/spec/features/password_reset_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Password reset' do
diff --git a/spec/features/profile_spec.rb b/spec/features/profile_spec.rb
index 2e0753c3bfb..e80a3cd32cc 100644
--- a/spec/features/profile_spec.rb
+++ b/spec/features/profile_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Profile account page', :js do
diff --git a/spec/features/profiles/account_spec.rb b/spec/features/profiles/account_spec.rb
index 90d0e9bb77c..741e41adbf1 100644
--- a/spec/features/profiles/account_spec.rb
+++ b/spec/features/profiles/account_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Profile > Account', :js do
diff --git a/spec/features/profiles/active_sessions_spec.rb b/spec/features/profiles/active_sessions_spec.rb
index 2aa0177af5d..709cca7d178 100644
--- a/spec/features/profiles/active_sessions_spec.rb
+++ b/spec/features/profiles/active_sessions_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Profile > Active Sessions', :clean_gitlab_redis_shared_state do
diff --git a/spec/features/profiles/chat_names_spec.rb b/spec/features/profiles/chat_names_spec.rb
index c72069f6262..0219dacbc38 100644
--- a/spec/features/profiles/chat_names_spec.rb
+++ b/spec/features/profiles/chat_names_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Profile > Chat' do
diff --git a/spec/features/profiles/emails_spec.rb b/spec/features/profiles/emails_spec.rb
index bc6d54b5ed7..40e2988730b 100644
--- a/spec/features/profiles/emails_spec.rb
+++ b/spec/features/profiles/emails_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Profile > Emails' do
diff --git a/spec/features/profiles/gpg_keys_spec.rb b/spec/features/profiles/gpg_keys_spec.rb
index ec3ec795b63..4237f037c27 100644
--- a/spec/features/profiles/gpg_keys_spec.rb
+++ b/spec/features/profiles/gpg_keys_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Profile > GPG Keys' do
diff --git a/spec/features/profiles/keys_spec.rb b/spec/features/profiles/keys_spec.rb
index e6586fc8a0a..c1b142c4e12 100644
--- a/spec/features/profiles/keys_spec.rb
+++ b/spec/features/profiles/keys_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Profile > SSH Keys' do
diff --git a/spec/features/profiles/oauth_applications_spec.rb b/spec/features/profiles/oauth_applications_spec.rb
index 7d204f89fba..94c9897a7a9 100644
--- a/spec/features/profiles/oauth_applications_spec.rb
+++ b/spec/features/profiles/oauth_applications_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Profile > Applications' do
diff --git a/spec/features/profiles/password_spec.rb b/spec/features/profiles/password_spec.rb
index 5e3569e4beb..8c0c426f689 100644
--- a/spec/features/profiles/password_spec.rb
+++ b/spec/features/profiles/password_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Profile > Password' do
diff --git a/spec/features/profiles/personal_access_tokens_spec.rb b/spec/features/profiles/personal_access_tokens_spec.rb
index dee213a11d4..22f9c8d8afc 100644
--- a/spec/features/profiles/personal_access_tokens_spec.rb
+++ b/spec/features/profiles/personal_access_tokens_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Profile > Personal Access Tokens', :js do
diff --git a/spec/features/profiles/user_changes_notified_of_own_activity_spec.rb b/spec/features/profiles/user_changes_notified_of_own_activity_spec.rb
index f618bc330ea..5af48c4503d 100644
--- a/spec/features/profiles/user_changes_notified_of_own_activity_spec.rb
+++ b/spec/features/profiles/user_changes_notified_of_own_activity_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Profile > Notifications > User changes notified_of_own_activity setting', :js do
diff --git a/spec/features/profiles/user_edit_profile_spec.rb b/spec/features/profiles/user_edit_profile_spec.rb
index a53da94ef7d..7a53e2d19f7 100644
--- a/spec/features/profiles/user_edit_profile_spec.rb
+++ b/spec/features/profiles/user_edit_profile_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User edit profile' do
diff --git a/spec/features/profiles/user_manages_applications_spec.rb b/spec/features/profiles/user_manages_applications_spec.rb
index 34aaab240cc..7a961855c92 100644
--- a/spec/features/profiles/user_manages_applications_spec.rb
+++ b/spec/features/profiles/user_manages_applications_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User manages applications' do
diff --git a/spec/features/profiles/user_manages_emails_spec.rb b/spec/features/profiles/user_manages_emails_spec.rb
index 7283c76eb54..09da819a187 100644
--- a/spec/features/profiles/user_manages_emails_spec.rb
+++ b/spec/features/profiles/user_manages_emails_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User manages emails' do
diff --git a/spec/features/profiles/user_visits_notifications_tab_spec.rb b/spec/features/profiles/user_visits_notifications_tab_spec.rb
index db797bb586f..1472cc882a7 100644
--- a/spec/features/profiles/user_visits_notifications_tab_spec.rb
+++ b/spec/features/profiles/user_visits_notifications_tab_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User visits the notifications tab', :js do
diff --git a/spec/features/profiles/user_visits_profile_account_page_spec.rb b/spec/features/profiles/user_visits_profile_account_page_spec.rb
index a8c08a680d7..f576a2bf9e1 100644
--- a/spec/features/profiles/user_visits_profile_account_page_spec.rb
+++ b/spec/features/profiles/user_visits_profile_account_page_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User visits the profile account page' do
diff --git a/spec/features/profiles/user_visits_profile_authentication_log_spec.rb b/spec/features/profiles/user_visits_profile_authentication_log_spec.rb
index 0f419c3c2c0..2f6f8ebee9c 100644
--- a/spec/features/profiles/user_visits_profile_authentication_log_spec.rb
+++ b/spec/features/profiles/user_visits_profile_authentication_log_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User visits the authentication log' do
diff --git a/spec/features/profiles/user_visits_profile_preferences_page_spec.rb b/spec/features/profiles/user_visits_profile_preferences_page_spec.rb
index 1b3718968b9..5e52c82a234 100644
--- a/spec/features/profiles/user_visits_profile_preferences_page_spec.rb
+++ b/spec/features/profiles/user_visits_profile_preferences_page_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User visits the profile preferences page' do
diff --git a/spec/features/profiles/user_visits_profile_spec.rb b/spec/features/profiles/user_visits_profile_spec.rb
index 2dc4547b2d8..1c90a794099 100644
--- a/spec/features/profiles/user_visits_profile_spec.rb
+++ b/spec/features/profiles/user_visits_profile_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User visits their profile' do
diff --git a/spec/features/profiles/user_visits_profile_ssh_keys_page_spec.rb b/spec/features/profiles/user_visits_profile_ssh_keys_page_spec.rb
index 685bf44619d..05ad9096f65 100644
--- a/spec/features/profiles/user_visits_profile_ssh_keys_page_spec.rb
+++ b/spec/features/profiles/user_visits_profile_ssh_keys_page_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User visits the profile SSH keys page' do
diff --git a/spec/features/projects/activity/rss_spec.rb b/spec/features/projects/activity/rss_spec.rb
index 411134e7b8e..e1efe6ca64d 100644
--- a/spec/features/projects/activity/rss_spec.rb
+++ b/spec/features/projects/activity/rss_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project Activity RSS' do
diff --git a/spec/features/projects/activity/user_sees_activity_spec.rb b/spec/features/projects/activity/user_sees_activity_spec.rb
index bb4b2abc3c7..664002d909c 100644
--- a/spec/features/projects/activity/user_sees_activity_spec.rb
+++ b/spec/features/projects/activity/user_sees_activity_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Activity > User sees activity' do
diff --git a/spec/features/projects/activity/user_sees_private_activity_spec.rb b/spec/features/projects/activity/user_sees_private_activity_spec.rb
index 61ec2ce9d29..0ec4752d418 100644
--- a/spec/features/projects/activity/user_sees_private_activity_spec.rb
+++ b/spec/features/projects/activity/user_sees_private_activity_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project > Activity > User sees private activity', :js do
diff --git a/spec/features/projects/actve_tabs_spec.rb b/spec/features/projects/actve_tabs_spec.rb
index 7c6110c533b..56f587f23ee 100644
--- a/spec/features/projects/actve_tabs_spec.rb
+++ b/spec/features/projects/actve_tabs_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project active tab' do
diff --git a/spec/features/projects/artifacts/file_spec.rb b/spec/features/projects/artifacts/file_spec.rb
index 993d0040434..f7eaae12072 100644
--- a/spec/features/projects/artifacts/file_spec.rb
+++ b/spec/features/projects/artifacts/file_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Artifact file', :js do
diff --git a/spec/features/projects/artifacts/raw_spec.rb b/spec/features/projects/artifacts/raw_spec.rb
index d8ee9adda6b..0606ab0ed08 100644
--- a/spec/features/projects/artifacts/raw_spec.rb
+++ b/spec/features/projects/artifacts/raw_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Raw artifact', :js do
diff --git a/spec/features/projects/artifacts/user_browses_artifacts_spec.rb b/spec/features/projects/artifacts/user_browses_artifacts_spec.rb
index a1fcd4024c0..ecc07181d09 100644
--- a/spec/features/projects/artifacts/user_browses_artifacts_spec.rb
+++ b/spec/features/projects/artifacts/user_browses_artifacts_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User browses artifacts" do
diff --git a/spec/features/projects/artifacts/user_downloads_artifacts_spec.rb b/spec/features/projects/artifacts/user_downloads_artifacts_spec.rb
index 5cb015e80be..33283ec906c 100644
--- a/spec/features/projects/artifacts/user_downloads_artifacts_spec.rb
+++ b/spec/features/projects/artifacts/user_downloads_artifacts_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User downloads artifacts" do
diff --git a/spec/features/projects/badges/coverage_spec.rb b/spec/features/projects/badges/coverage_spec.rb
index 8522ea747fa..46aa104fdd7 100644
--- a/spec/features/projects/badges/coverage_spec.rb
+++ b/spec/features/projects/badges/coverage_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'test coverage badge' do
diff --git a/spec/features/projects/badges/list_spec.rb b/spec/features/projects/badges/list_spec.rb
index e30b908c60d..7a90457c942 100644
--- a/spec/features/projects/badges/list_spec.rb
+++ b/spec/features/projects/badges/list_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'list of badges' do
diff --git a/spec/features/projects/badges/pipeline_badge_spec.rb b/spec/features/projects/badges/pipeline_badge_spec.rb
index 4ac4e8f0fcb..f2c57d702a5 100644
--- a/spec/features/projects/badges/pipeline_badge_spec.rb
+++ b/spec/features/projects/badges/pipeline_badge_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Pipeline Badge' do
diff --git a/spec/features/projects/blobs/blob_line_permalink_updater_spec.rb b/spec/features/projects/blobs/blob_line_permalink_updater_spec.rb
index 96f514f4f04..1fc490ecbfe 100644
--- a/spec/features/projects/blobs/blob_line_permalink_updater_spec.rb
+++ b/spec/features/projects/blobs/blob_line_permalink_updater_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Blob button line permalinks (BlobLinePermalinkUpdater)', :js do
diff --git a/spec/features/projects/blobs/blob_show_spec.rb b/spec/features/projects/blobs/blob_show_spec.rb
index aa2e538cc8e..af6bb8c271f 100644
--- a/spec/features/projects/blobs/blob_show_spec.rb
+++ b/spec/features/projects/blobs/blob_show_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'File blob', :js do
diff --git a/spec/features/projects/blobs/edit_spec.rb b/spec/features/projects/blobs/edit_spec.rb
index 57d21f3e182..3b32d213754 100644
--- a/spec/features/projects/blobs/edit_spec.rb
+++ b/spec/features/projects/blobs/edit_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Editing file blob', :js do
diff --git a/spec/features/projects/blobs/shortcuts_blob_spec.rb b/spec/features/projects/blobs/shortcuts_blob_spec.rb
index 3925de6cfb9..bc12a8ff007 100644
--- a/spec/features/projects/blobs/shortcuts_blob_spec.rb
+++ b/spec/features/projects/blobs/shortcuts_blob_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Blob shortcuts', :js do
diff --git a/spec/features/projects/blobs/user_creates_new_blob_in_new_project_spec.rb b/spec/features/projects/blobs/user_creates_new_blob_in_new_project_spec.rb
index 8a0b92190dd..b90129d6176 100644
--- a/spec/features/projects/blobs/user_creates_new_blob_in_new_project_spec.rb
+++ b/spec/features/projects/blobs/user_creates_new_blob_in_new_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User creates blob in new project', :js do
diff --git a/spec/features/projects/branches/download_buttons_spec.rb b/spec/features/projects/branches/download_buttons_spec.rb
index 3e75890725e..401425187b0 100644
--- a/spec/features/projects/branches/download_buttons_spec.rb
+++ b/spec/features/projects/branches/download_buttons_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Download buttons in branches page' do
diff --git a/spec/features/projects/branches/new_branch_ref_dropdown_spec.rb b/spec/features/projects/branches/new_branch_ref_dropdown_spec.rb
index 0faf73db7da..4b6b07f6cda 100644
--- a/spec/features/projects/branches/new_branch_ref_dropdown_spec.rb
+++ b/spec/features/projects/branches/new_branch_ref_dropdown_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'New Branch Ref Dropdown', :js do
diff --git a/spec/features/projects/branches/user_creates_branch_spec.rb b/spec/features/projects/branches/user_creates_branch_spec.rb
index b706ad64954..156edb973cd 100644
--- a/spec/features/projects/branches/user_creates_branch_spec.rb
+++ b/spec/features/projects/branches/user_creates_branch_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User creates branch", :js do
diff --git a/spec/features/projects/branches/user_deletes_branch_spec.rb b/spec/features/projects/branches/user_deletes_branch_spec.rb
index 96f215e1606..1f053b69646 100644
--- a/spec/features/projects/branches/user_deletes_branch_spec.rb
+++ b/spec/features/projects/branches/user_deletes_branch_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User deletes branch", :js do
diff --git a/spec/features/projects/branches/user_views_branches_spec.rb b/spec/features/projects/branches/user_views_branches_spec.rb
index 777d30fdffd..f3810611094 100644
--- a/spec/features/projects/branches/user_views_branches_spec.rb
+++ b/spec/features/projects/branches/user_views_branches_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User views branches" do
diff --git a/spec/features/projects/branches_spec.rb b/spec/features/projects/branches_spec.rb
index ee71c843b80..b35067d0f4d 100644
--- a/spec/features/projects/branches_spec.rb
+++ b/spec/features/projects/branches_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Branches' do
diff --git a/spec/features/projects/ci/lint_spec.rb b/spec/features/projects/ci/lint_spec.rb
index 313950072e7..521cfb54cd2 100644
--- a/spec/features/projects/ci/lint_spec.rb
+++ b/spec/features/projects/ci/lint_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'CI Lint', :js do
diff --git a/spec/features/projects/clusters/applications_spec.rb b/spec/features/projects/clusters/applications_spec.rb
index c75259d1b0c..d0182270d82 100644
--- a/spec/features/projects/clusters/applications_spec.rb
+++ b/spec/features/projects/clusters/applications_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Clusters Applications', :js do
diff --git a/spec/features/projects/clusters/gcp_spec.rb b/spec/features/projects/clusters/gcp_spec.rb
index 974e0f84681..820ce48e52c 100644
--- a/spec/features/projects/clusters/gcp_spec.rb
+++ b/spec/features/projects/clusters/gcp_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Gcp Cluster', :js do
diff --git a/spec/features/projects/clusters/user_spec.rb b/spec/features/projects/clusters/user_spec.rb
index 31cc09ae911..3899aab8170 100644
--- a/spec/features/projects/clusters/user_spec.rb
+++ b/spec/features/projects/clusters/user_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User Cluster', :js do
diff --git a/spec/features/projects/commit/builds_spec.rb b/spec/features/projects/commit/builds_spec.rb
index d72476f36a9..d28ff5d3b5f 100644
--- a/spec/features/projects/commit/builds_spec.rb
+++ b/spec/features/projects/commit/builds_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'project commit pipelines', :js do
diff --git a/spec/features/projects/commit/cherry_pick_spec.rb b/spec/features/projects/commit/cherry_pick_spec.rb
index acfb582dba9..46a6f62ba14 100644
--- a/spec/features/projects/commit/cherry_pick_spec.rb
+++ b/spec/features/projects/commit/cherry_pick_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Cherry-pick Commits' do
diff --git a/spec/features/projects/commit/comments/user_adds_comment_spec.rb b/spec/features/projects/commit/comments/user_adds_comment_spec.rb
index 586e2e33112..bae8e6dc827 100644
--- a/spec/features/projects/commit/comments/user_adds_comment_spec.rb
+++ b/spec/features/projects/commit/comments/user_adds_comment_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User adds a comment on a commit", :js do
diff --git a/spec/features/projects/commit/comments/user_deletes_comments_spec.rb b/spec/features/projects/commit/comments/user_deletes_comments_spec.rb
index a727cab4ac7..2993a402e37 100644
--- a/spec/features/projects/commit/comments/user_deletes_comments_spec.rb
+++ b/spec/features/projects/commit/comments/user_deletes_comments_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User deletes comments on a commit", :js do
diff --git a/spec/features/projects/commit/comments/user_edits_comments_spec.rb b/spec/features/projects/commit/comments/user_edits_comments_spec.rb
index 75bccd99f59..0fa2b2ff232 100644
--- a/spec/features/projects/commit/comments/user_edits_comments_spec.rb
+++ b/spec/features/projects/commit/comments/user_edits_comments_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User edits a comment on a commit", :js do
diff --git a/spec/features/projects/commit/diff_notes_spec.rb b/spec/features/projects/commit/diff_notes_spec.rb
index e2aefa35fad..04bd66df28d 100644
--- a/spec/features/projects/commit/diff_notes_spec.rb
+++ b/spec/features/projects/commit/diff_notes_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Commit diff', :js do
diff --git a/spec/features/projects/commit/mini_pipeline_graph_spec.rb b/spec/features/projects/commit/mini_pipeline_graph_spec.rb
index 614f11c8392..1199a3bd226 100644
--- a/spec/features/projects/commit/mini_pipeline_graph_spec.rb
+++ b/spec/features/projects/commit/mini_pipeline_graph_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Mini Pipeline Graph in Commit View', :js do
diff --git a/spec/features/projects/commit/user_comments_on_commit_spec.rb b/spec/features/projects/commit/user_comments_on_commit_spec.rb
index 73ce8d2b996..f4fea9b9ae0 100644
--- a/spec/features/projects/commit/user_comments_on_commit_spec.rb
+++ b/spec/features/projects/commit/user_comments_on_commit_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User comments on commit", :js do
diff --git a/spec/features/projects/commit/user_reverts_commit_spec.rb b/spec/features/projects/commit/user_reverts_commit_spec.rb
index 42844a03ea6..39ee72a4a99 100644
--- a/spec/features/projects/commit/user_reverts_commit_spec.rb
+++ b/spec/features/projects/commit/user_reverts_commit_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User reverts a commit', :js do
diff --git a/spec/features/projects/commits/rss_spec.rb b/spec/features/projects/commits/rss_spec.rb
index cfc2637f1b2..0266df48d4a 100644
--- a/spec/features/projects/commits/rss_spec.rb
+++ b/spec/features/projects/commits/rss_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project Commits RSS' do
diff --git a/spec/features/projects/commits/user_browses_commits_spec.rb b/spec/features/projects/commits/user_browses_commits_spec.rb
index 818939c1b96..085d8d63d52 100644
--- a/spec/features/projects/commits/user_browses_commits_spec.rb
+++ b/spec/features/projects/commits/user_browses_commits_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User browses commits' do
diff --git a/spec/features/projects/compare_spec.rb b/spec/features/projects/compare_spec.rb
index 5f7cf68987e..2674617bcfc 100644
--- a/spec/features/projects/compare_spec.rb
+++ b/spec/features/projects/compare_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "Compare", :js do
diff --git a/spec/features/projects/deploy_keys_spec.rb b/spec/features/projects/deploy_keys_spec.rb
index 1fa9babaff5..0f3e7646673 100644
--- a/spec/features/projects/deploy_keys_spec.rb
+++ b/spec/features/projects/deploy_keys_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project deploy keys', :js do
diff --git a/spec/features/projects/diffs/diff_show_spec.rb b/spec/features/projects/diffs/diff_show_spec.rb
index df05625d105..df94d6debd6 100644
--- a/spec/features/projects/diffs/diff_show_spec.rb
+++ b/spec/features/projects/diffs/diff_show_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Diff file viewer', :js do
diff --git a/spec/features/projects/environments/environment_metrics_spec.rb b/spec/features/projects/environments/environment_metrics_spec.rb
index b08ccdc2a7c..c027b776d67 100644
--- a/spec/features/projects/environments/environment_metrics_spec.rb
+++ b/spec/features/projects/environments/environment_metrics_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Environment > Metrics' do
diff --git a/spec/features/projects/environments/environment_spec.rb b/spec/features/projects/environments/environment_spec.rb
index fbaf12be64e..497880a7835 100644
--- a/spec/features/projects/environments/environment_spec.rb
+++ b/spec/features/projects/environments/environment_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Environment' do
diff --git a/spec/features/projects/environments/environments_spec.rb b/spec/features/projects/environments/environments_spec.rb
index 1b5d9083932..1a2302b3d0c 100644
--- a/spec/features/projects/environments/environments_spec.rb
+++ b/spec/features/projects/environments/environments_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Environments page', :js do
diff --git a/spec/features/projects/features_visibility_spec.rb b/spec/features/projects/features_visibility_spec.rb
index 254e885ce46..ca383da5f5c 100644
--- a/spec/features/projects/features_visibility_spec.rb
+++ b/spec/features/projects/features_visibility_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Edit Project Settings' do
diff --git a/spec/features/projects/files/dockerfile_dropdown_spec.rb b/spec/features/projects/files/dockerfile_dropdown_spec.rb
index 004585f7c9e..2e0c589e168 100644
--- a/spec/features/projects/files/dockerfile_dropdown_spec.rb
+++ b/spec/features/projects/files/dockerfile_dropdown_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > User wants to add a Dockerfile file' do
diff --git a/spec/features/projects/files/download_buttons_spec.rb b/spec/features/projects/files/download_buttons_spec.rb
index 111972a6b00..a4889f8d4c4 100644
--- a/spec/features/projects/files/download_buttons_spec.rb
+++ b/spec/features/projects/files/download_buttons_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > Download buttons in files tree' do
diff --git a/spec/features/projects/files/edit_file_soft_wrap_spec.rb b/spec/features/projects/files/edit_file_soft_wrap_spec.rb
index 41af70d8ebc..df6bc6883a9 100644
--- a/spec/features/projects/files/edit_file_soft_wrap_spec.rb
+++ b/spec/features/projects/files/edit_file_soft_wrap_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > User uses soft wrap whilst editing file', :js do
diff --git a/spec/features/projects/files/editing_a_file_spec.rb b/spec/features/projects/files/editing_a_file_spec.rb
index 4074e67e2d2..085276f96a8 100644
--- a/spec/features/projects/files/editing_a_file_spec.rb
+++ b/spec/features/projects/files/editing_a_file_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > User wants to edit a file' do
diff --git a/spec/features/projects/files/files_sort_submodules_with_folders_spec.rb b/spec/features/projects/files/files_sort_submodules_with_folders_spec.rb
index 51c884201a6..0e43f2fd26b 100644
--- a/spec/features/projects/files/files_sort_submodules_with_folders_spec.rb
+++ b/spec/features/projects/files/files_sort_submodules_with_folders_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > User views files page' do
diff --git a/spec/features/projects/files/find_file_keyboard_spec.rb b/spec/features/projects/files/find_file_keyboard_spec.rb
index cd0235f2b9e..b680be09444 100644
--- a/spec/features/projects/files/find_file_keyboard_spec.rb
+++ b/spec/features/projects/files/find_file_keyboard_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > Find file keyboard shortcuts', :js do
diff --git a/spec/features/projects/files/gitignore_dropdown_spec.rb b/spec/features/projects/files/gitignore_dropdown_spec.rb
index 9fa4c053a40..dcb960b880a 100644
--- a/spec/features/projects/files/gitignore_dropdown_spec.rb
+++ b/spec/features/projects/files/gitignore_dropdown_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > User wants to add a .gitignore file' do
diff --git a/spec/features/projects/files/gitlab_ci_yml_dropdown_spec.rb b/spec/features/projects/files/gitlab_ci_yml_dropdown_spec.rb
index 53aff183562..875ae5d34d1 100644
--- a/spec/features/projects/files/gitlab_ci_yml_dropdown_spec.rb
+++ b/spec/features/projects/files/gitlab_ci_yml_dropdown_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > User wants to add a .gitlab-ci.yml file' do
diff --git a/spec/features/projects/files/project_owner_creates_license_file_spec.rb b/spec/features/projects/files/project_owner_creates_license_file_spec.rb
index 44715261b8b..2944089358f 100644
--- a/spec/features/projects/files/project_owner_creates_license_file_spec.rb
+++ b/spec/features/projects/files/project_owner_creates_license_file_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > Project owner creates a license file', :js do
diff --git a/spec/features/projects/files/project_owner_sees_link_to_create_license_file_in_empty_project_spec.rb b/spec/features/projects/files/project_owner_sees_link_to_create_license_file_in_empty_project_spec.rb
index 0b8474fb87a..556b7227403 100644
--- a/spec/features/projects/files/project_owner_sees_link_to_create_license_file_in_empty_project_spec.rb
+++ b/spec/features/projects/files/project_owner_sees_link_to_create_license_file_in_empty_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > Project owner sees a link to create a license file in empty project', :js do
diff --git a/spec/features/projects/files/template_selector_menu_spec.rb b/spec/features/projects/files/template_selector_menu_spec.rb
index 6b313824acd..838a484d62e 100644
--- a/spec/features/projects/files/template_selector_menu_spec.rb
+++ b/spec/features/projects/files/template_selector_menu_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Template selector menu', :js do
diff --git a/spec/features/projects/files/template_type_dropdown_spec.rb b/spec/features/projects/files/template_type_dropdown_spec.rb
index 342a93b328f..8b385185e2e 100644
--- a/spec/features/projects/files/template_type_dropdown_spec.rb
+++ b/spec/features/projects/files/template_type_dropdown_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > Template type dropdown selector', :js do
diff --git a/spec/features/projects/files/undo_template_spec.rb b/spec/features/projects/files/undo_template_spec.rb
index 91618145391..d3f8d36a0a9 100644
--- a/spec/features/projects/files/undo_template_spec.rb
+++ b/spec/features/projects/files/undo_template_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > Template Undo Button', :js do
diff --git a/spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder.rb b/spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder.rb
index 2d67837763c..934de2fde8f 100644
--- a/spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder.rb
+++ b/spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 # This is a regression test for https://gitlab.com/gitlab-org/gitlab-ce/issues/37569
diff --git a/spec/features/projects/files/user_browses_files_spec.rb b/spec/features/projects/files/user_browses_files_spec.rb
index a5d849db8a3..a090461261b 100644
--- a/spec/features/projects/files/user_browses_files_spec.rb
+++ b/spec/features/projects/files/user_browses_files_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User browses files" do
diff --git a/spec/features/projects/files/user_browses_lfs_files_spec.rb b/spec/features/projects/files/user_browses_lfs_files_spec.rb
index d5cb8f9212d..08ebeed2cdd 100644
--- a/spec/features/projects/files/user_browses_lfs_files_spec.rb
+++ b/spec/features/projects/files/user_browses_lfs_files_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > User browses LFS files' do
diff --git a/spec/features/projects/files/user_creates_directory_spec.rb b/spec/features/projects/files/user_creates_directory_spec.rb
index e29e867492e..19d95c87c6c 100644
--- a/spec/features/projects/files/user_creates_directory_spec.rb
+++ b/spec/features/projects/files/user_creates_directory_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > User creates a directory', :js do
diff --git a/spec/features/projects/files/user_creates_files_spec.rb b/spec/features/projects/files/user_creates_files_spec.rb
index 264b288ab38..74c037641cd 100644
--- a/spec/features/projects/files/user_creates_files_spec.rb
+++ b/spec/features/projects/files/user_creates_files_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > User creates files' do
diff --git a/spec/features/projects/files/user_deletes_files_spec.rb b/spec/features/projects/files/user_deletes_files_spec.rb
index 11ee87f245b..fd4783cfb6b 100644
--- a/spec/features/projects/files/user_deletes_files_spec.rb
+++ b/spec/features/projects/files/user_deletes_files_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > User deletes files', :js do
diff --git a/spec/features/projects/files/user_edits_files_spec.rb b/spec/features/projects/files/user_edits_files_spec.rb
index e4b02408b49..56430721ed6 100644
--- a/spec/features/projects/files/user_edits_files_spec.rb
+++ b/spec/features/projects/files/user_edits_files_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > User edits files', :js do
diff --git a/spec/features/projects/files/user_find_file_spec.rb b/spec/features/projects/files/user_find_file_spec.rb
index e2d881b34d2..72f6ccb20d6 100644
--- a/spec/features/projects/files/user_find_file_spec.rb
+++ b/spec/features/projects/files/user_find_file_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User find project file' do
diff --git a/spec/features/projects/files/user_reads_pipeline_status_spec.rb b/spec/features/projects/files/user_reads_pipeline_status_spec.rb
index 5bce96d9b80..15f8fa7438d 100644
--- a/spec/features/projects/files/user_reads_pipeline_status_spec.rb
+++ b/spec/features/projects/files/user_reads_pipeline_status_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'user reads pipeline status', :js do
diff --git a/spec/features/projects/files/user_replaces_files_spec.rb b/spec/features/projects/files/user_replaces_files_spec.rb
index bfd612e4cc8..d50bc0a7d18 100644
--- a/spec/features/projects/files/user_replaces_files_spec.rb
+++ b/spec/features/projects/files/user_replaces_files_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > User replaces files', :js do
diff --git a/spec/features/projects/files/user_searches_for_files_spec.rb b/spec/features/projects/files/user_searches_for_files_spec.rb
index a90e4918fb1..e82f54fbe50 100644
--- a/spec/features/projects/files/user_searches_for_files_spec.rb
+++ b/spec/features/projects/files/user_searches_for_files_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > User searches for files' do
diff --git a/spec/features/projects/files/user_uploads_files_spec.rb b/spec/features/projects/files/user_uploads_files_spec.rb
index 25ff3fdf411..74b5d7c5041 100644
--- a/spec/features/projects/files/user_uploads_files_spec.rb
+++ b/spec/features/projects/files/user_uploads_files_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Files > User uploads files' do
diff --git a/spec/features/projects/fork_spec.rb b/spec/features/projects/fork_spec.rb
index 26b94bf58b2..2aed402652b 100644
--- a/spec/features/projects/fork_spec.rb
+++ b/spec/features/projects/fork_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project fork' do
diff --git a/spec/features/projects/forks/fork_list_spec.rb b/spec/features/projects/forks/fork_list_spec.rb
index 2c41c61a660..2dbe3d90bad 100644
--- a/spec/features/projects/forks/fork_list_spec.rb
+++ b/spec/features/projects/forks/fork_list_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'listing forks of a project' do
diff --git a/spec/features/projects/gfm_autocomplete_load_spec.rb b/spec/features/projects/gfm_autocomplete_load_spec.rb
index 1c988726ae6..ad39dec0a43 100644
--- a/spec/features/projects/gfm_autocomplete_load_spec.rb
+++ b/spec/features/projects/gfm_autocomplete_load_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'GFM autocomplete loading', :js do
diff --git a/spec/features/projects/graph_spec.rb b/spec/features/projects/graph_spec.rb
index e1bc18519a2..6082eb03374 100644
--- a/spec/features/projects/graph_spec.rb
+++ b/spec/features/projects/graph_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project Graph', :js do
diff --git a/spec/features/projects/hook_logs/user_reads_log_spec.rb b/spec/features/projects/hook_logs/user_reads_log_spec.rb
index 086cd4b9f03..8c666f5d67a 100644
--- a/spec/features/projects/hook_logs/user_reads_log_spec.rb
+++ b/spec/features/projects/hook_logs/user_reads_log_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Hook logs' do
diff --git a/spec/features/projects/import_export/export_file_spec.rb b/spec/features/projects/import_export/export_file_spec.rb
index c71a778fc84..a1002f38936 100644
--- a/spec/features/projects/import_export/export_file_spec.rb
+++ b/spec/features/projects/import_export/export_file_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 # Integration test that exports a file using the Import/Export feature
diff --git a/spec/features/projects/import_export/import_file_spec.rb b/spec/features/projects/import_export/import_file_spec.rb
index 8d2b1fc7e30..a12fc8b18ed 100644
--- a/spec/features/projects/import_export/import_file_spec.rb
+++ b/spec/features/projects/import_export/import_file_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Import/Export - project import integration test', :js do
diff --git a/spec/features/projects/issuable_templates_spec.rb b/spec/features/projects/issuable_templates_spec.rb
index a57edc394f9..18eadb7c4a3 100644
--- a/spec/features/projects/issuable_templates_spec.rb
+++ b/spec/features/projects/issuable_templates_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'issuable templates', :js do
diff --git a/spec/features/projects/issues/viewing_issues_with_external_authorization_enabled_spec.rb b/spec/features/projects/issues/viewing_issues_with_external_authorization_enabled_spec.rb
index a8612d77a5e..6c8f4b51ea0 100644
--- a/spec/features/projects/issues/viewing_issues_with_external_authorization_enabled_spec.rb
+++ b/spec/features/projects/issues/viewing_issues_with_external_authorization_enabled_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'viewing an issue with cross project references' do
diff --git a/spec/features/projects/jobs/permissions_spec.rb b/spec/features/projects/jobs/permissions_spec.rb
index b5e711997a0..44309a9c4bf 100644
--- a/spec/features/projects/jobs/permissions_spec.rb
+++ b/spec/features/projects/jobs/permissions_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project Jobs Permissions' do
diff --git a/spec/features/projects/jobs/user_browses_job_spec.rb b/spec/features/projects/jobs/user_browses_job_spec.rb
index fbe765d4c44..6d0269dd96b 100644
--- a/spec/features/projects/jobs/user_browses_job_spec.rb
+++ b/spec/features/projects/jobs/user_browses_job_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User browses a job', :js do
diff --git a/spec/features/projects/jobs/user_browses_jobs_spec.rb b/spec/features/projects/jobs/user_browses_jobs_spec.rb
index ebc20d15d67..44709cb1230 100644
--- a/spec/features/projects/jobs/user_browses_jobs_spec.rb
+++ b/spec/features/projects/jobs/user_browses_jobs_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User browses jobs' do
diff --git a/spec/features/projects/labels/issues_sorted_by_priority_spec.rb b/spec/features/projects/labels/issues_sorted_by_priority_spec.rb
index 25417cf4955..55629376007 100644
--- a/spec/features/projects/labels/issues_sorted_by_priority_spec.rb
+++ b/spec/features/projects/labels/issues_sorted_by_priority_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Issue prioritization' do
diff --git a/spec/features/projects/labels/subscription_spec.rb b/spec/features/projects/labels/subscription_spec.rb
index 49227eebf3d..1d0f9e73a1b 100644
--- a/spec/features/projects/labels/subscription_spec.rb
+++ b/spec/features/projects/labels/subscription_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Labels subscription' do
diff --git a/spec/features/projects/labels/update_prioritization_spec.rb b/spec/features/projects/labels/update_prioritization_spec.rb
index f32b155790f..3a37ee6623d 100644
--- a/spec/features/projects/labels/update_prioritization_spec.rb
+++ b/spec/features/projects/labels/update_prioritization_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Prioritize labels' do
diff --git a/spec/features/projects/labels/user_creates_labels_spec.rb b/spec/features/projects/labels/user_creates_labels_spec.rb
index c71b04fea09..257e064ae3d 100644
--- a/spec/features/projects/labels/user_creates_labels_spec.rb
+++ b/spec/features/projects/labels/user_creates_labels_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User creates labels" do
diff --git a/spec/features/projects/labels/user_edits_labels_spec.rb b/spec/features/projects/labels/user_edits_labels_spec.rb
index 0708bbd40ce..da33ae3af3a 100644
--- a/spec/features/projects/labels/user_edits_labels_spec.rb
+++ b/spec/features/projects/labels/user_edits_labels_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User edits labels" do
diff --git a/spec/features/projects/labels/user_removes_labels_spec.rb b/spec/features/projects/labels/user_removes_labels_spec.rb
index 7f49ddf560f..459adeeec30 100644
--- a/spec/features/projects/labels/user_removes_labels_spec.rb
+++ b/spec/features/projects/labels/user_removes_labels_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User removes labels" do
diff --git a/spec/features/projects/labels/user_sees_breadcrumb_links_spec.rb b/spec/features/projects/labels/user_sees_breadcrumb_links_spec.rb
index 0c0501f438a..35c84204910 100644
--- a/spec/features/projects/labels/user_sees_breadcrumb_links_spec.rb
+++ b/spec/features/projects/labels/user_sees_breadcrumb_links_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'New project label breadcrumb' do
diff --git a/spec/features/projects/labels/user_sees_links_to_issuables.rb b/spec/features/projects/labels/user_sees_links_to_issuables.rb
index c404fc8d66f..fd2151a1f8e 100644
--- a/spec/features/projects/labels/user_sees_links_to_issuables.rb
+++ b/spec/features/projects/labels/user_sees_links_to_issuables.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Labels > User sees links to issuables' do
diff --git a/spec/features/projects/members/anonymous_user_sees_members_spec.rb b/spec/features/projects/members/anonymous_user_sees_members_spec.rb
index b3ed725f602..096cf97551a 100644
--- a/spec/features/projects/members/anonymous_user_sees_members_spec.rb
+++ b/spec/features/projects/members/anonymous_user_sees_members_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Members > Anonymous user sees members' do
diff --git a/spec/features/projects/members/group_member_cannot_leave_group_project_spec.rb b/spec/features/projects/members/group_member_cannot_leave_group_project_spec.rb
index a645b917568..b6f6e2ca85f 100644
--- a/spec/features/projects/members/group_member_cannot_leave_group_project_spec.rb
+++ b/spec/features/projects/members/group_member_cannot_leave_group_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Members > Group member cannot leave group project' do
diff --git a/spec/features/projects/members/group_member_cannot_request_access_to_his_group_project_spec.rb b/spec/features/projects/members/group_member_cannot_request_access_to_his_group_project_spec.rb
index bb475ea95e5..1f4d555c6ae 100644
--- a/spec/features/projects/members/group_member_cannot_request_access_to_his_group_project_spec.rb
+++ b/spec/features/projects/members/group_member_cannot_request_access_to_his_group_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Members > Group member cannot request access to his group project' do
diff --git a/spec/features/projects/members/group_members_spec.rb b/spec/features/projects/members/group_members_spec.rb
index 0b2cd13b8ec..dd5fc82e058 100644
--- a/spec/features/projects/members/group_members_spec.rb
+++ b/spec/features/projects/members/group_members_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects members' do
diff --git a/spec/features/projects/members/group_requester_cannot_request_access_to_project_spec.rb b/spec/features/projects/members/group_requester_cannot_request_access_to_project_spec.rb
index ea3894c92bd..fb4238f0a1f 100644
--- a/spec/features/projects/members/group_requester_cannot_request_access_to_project_spec.rb
+++ b/spec/features/projects/members/group_requester_cannot_request_access_to_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Members > Group requester cannot request access to project', :js do
diff --git a/spec/features/projects/members/groups_with_access_list_spec.rb b/spec/features/projects/members/groups_with_access_list_spec.rb
index c0b5d943e96..7b1fded1834 100644
--- a/spec/features/projects/members/groups_with_access_list_spec.rb
+++ b/spec/features/projects/members/groups_with_access_list_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Members > Groups with access list', :js do
diff --git a/spec/features/projects/members/invite_group_spec.rb b/spec/features/projects/members/invite_group_spec.rb
index 7432c600c1e..63e75e8b9a9 100644
--- a/spec/features/projects/members/invite_group_spec.rb
+++ b/spec/features/projects/members/invite_group_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project > Members > Invite group', :js do
diff --git a/spec/features/projects/members/list_spec.rb b/spec/features/projects/members/list_spec.rb
index cf309492808..6d92c777033 100644
--- a/spec/features/projects/members/list_spec.rb
+++ b/spec/features/projects/members/list_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project members list' do
diff --git a/spec/features/projects/members/master_adds_member_with_expiration_date_spec.rb b/spec/features/projects/members/master_adds_member_with_expiration_date_spec.rb
index 26de6fb33fd..501dd05300a 100644
--- a/spec/features/projects/members/master_adds_member_with_expiration_date_spec.rb
+++ b/spec/features/projects/members/master_adds_member_with_expiration_date_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Members > Maintainer adds member with expiration date', :js do
diff --git a/spec/features/projects/members/master_manages_access_requests_spec.rb b/spec/features/projects/members/master_manages_access_requests_spec.rb
index adc8202cde7..17d6efbcaa5 100644
--- a/spec/features/projects/members/master_manages_access_requests_spec.rb
+++ b/spec/features/projects/members/master_manages_access_requests_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Members > Maintainer manages access requests' do
diff --git a/spec/features/projects/members/member_cannot_request_access_to_his_project_spec.rb b/spec/features/projects/members/member_cannot_request_access_to_his_project_spec.rb
index f612ad8d551..606444b36a2 100644
--- a/spec/features/projects/members/member_cannot_request_access_to_his_project_spec.rb
+++ b/spec/features/projects/members/member_cannot_request_access_to_his_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Members > Member cannot request access to his project' do
diff --git a/spec/features/projects/members/member_leaves_project_spec.rb b/spec/features/projects/members/member_leaves_project_spec.rb
index bd2ef9c07c4..fb1165838c7 100644
--- a/spec/features/projects/members/member_leaves_project_spec.rb
+++ b/spec/features/projects/members/member_leaves_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Members > Member leaves project' do
diff --git a/spec/features/projects/members/owner_cannot_leave_project_spec.rb b/spec/features/projects/members/owner_cannot_leave_project_spec.rb
index 0aa005adb4d..781c584796d 100644
--- a/spec/features/projects/members/owner_cannot_leave_project_spec.rb
+++ b/spec/features/projects/members/owner_cannot_leave_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Members > Owner cannot leave project' do
diff --git a/spec/features/projects/members/owner_cannot_request_access_to_his_project_spec.rb b/spec/features/projects/members/owner_cannot_request_access_to_his_project_spec.rb
index eb1b720af05..2fb76da36ad 100644
--- a/spec/features/projects/members/owner_cannot_request_access_to_his_project_spec.rb
+++ b/spec/features/projects/members/owner_cannot_request_access_to_his_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Members > Owner cannot request access to his project' do
diff --git a/spec/features/projects/members/sorting_spec.rb b/spec/features/projects/members/sorting_spec.rb
index 220775b514d..332f07614da 100644
--- a/spec/features/projects/members/sorting_spec.rb
+++ b/spec/features/projects/members/sorting_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Members > Sorting' do
diff --git a/spec/features/projects/members/user_requests_access_spec.rb b/spec/features/projects/members/user_requests_access_spec.rb
index f26941ab567..9f7327cd6e4 100644
--- a/spec/features/projects/members/user_requests_access_spec.rb
+++ b/spec/features/projects/members/user_requests_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Members > User requests access', :js do
diff --git a/spec/features/projects/merge_request_button_spec.rb b/spec/features/projects/merge_request_button_spec.rb
index 69561b4d733..950af8b0ae0 100644
--- a/spec/features/projects/merge_request_button_spec.rb
+++ b/spec/features/projects/merge_request_button_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Merge Request button' do
diff --git a/spec/features/projects/milestones/milestone_spec.rb b/spec/features/projects/milestones/milestone_spec.rb
index ff31092b910..5e94b2f721e 100644
--- a/spec/features/projects/milestones/milestone_spec.rb
+++ b/spec/features/projects/milestones/milestone_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project milestone' do
diff --git a/spec/features/projects/milestones/milestones_sorting_spec.rb b/spec/features/projects/milestones/milestones_sorting_spec.rb
index dc711377e6e..77cf696fb7c 100644
--- a/spec/features/projects/milestones/milestones_sorting_spec.rb
+++ b/spec/features/projects/milestones/milestones_sorting_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Milestones sorting', :js do
diff --git a/spec/features/projects/milestones/new_spec.rb b/spec/features/projects/milestones/new_spec.rb
index 0b5ab547dce..b1b74bed59d 100644
--- a/spec/features/projects/milestones/new_spec.rb
+++ b/spec/features/projects/milestones/new_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Creating a new project milestone', :js do
diff --git a/spec/features/projects/milestones/user_interacts_with_labels_spec.rb b/spec/features/projects/milestones/user_interacts_with_labels_spec.rb
index a6d58be7b13..0177871599a 100644
--- a/spec/features/projects/milestones/user_interacts_with_labels_spec.rb
+++ b/spec/features/projects/milestones/user_interacts_with_labels_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User interacts with labels' do
diff --git a/spec/features/projects/network_graph_spec.rb b/spec/features/projects/network_graph_spec.rb
index 9f9a7787093..2f6a2e90ab9 100644
--- a/spec/features/projects/network_graph_spec.rb
+++ b/spec/features/projects/network_graph_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project Network Graph', :js do
diff --git a/spec/features/projects/new_project_spec.rb b/spec/features/projects/new_project_spec.rb
index 7602935b47e..9e5bca2dd14 100644
--- a/spec/features/projects/new_project_spec.rb
+++ b/spec/features/projects/new_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'New project' do
diff --git a/spec/features/projects/pipeline_schedules_spec.rb b/spec/features/projects/pipeline_schedules_spec.rb
index 24041a51383..c21b1e36f9a 100644
--- a/spec/features/projects/pipeline_schedules_spec.rb
+++ b/spec/features/projects/pipeline_schedules_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Pipeline Schedules', :js do
diff --git a/spec/features/projects/pipelines/pipelines_spec.rb b/spec/features/projects/pipelines/pipelines_spec.rb
index 885d5f85989..4fb72eb8737 100644
--- a/spec/features/projects/pipelines/pipelines_spec.rb
+++ b/spec/features/projects/pipelines/pipelines_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Pipelines', :js do
diff --git a/spec/features/projects/releases/user_views_releases_spec.rb b/spec/features/projects/releases/user_views_releases_spec.rb
index 725d7173bce..a9b8ff9dc4d 100644
--- a/spec/features/projects/releases/user_views_releases_spec.rb
+++ b/spec/features/projects/releases/user_views_releases_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User views releases', :js do
diff --git a/spec/features/projects/remote_mirror_spec.rb b/spec/features/projects/remote_mirror_spec.rb
index 33e9b73efe8..d357aabead7 100644
--- a/spec/features/projects/remote_mirror_spec.rb
+++ b/spec/features/projects/remote_mirror_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project remote mirror', :feature do
diff --git a/spec/features/projects/services/disable_triggers_spec.rb b/spec/features/projects/services/disable_triggers_spec.rb
index 1a13fe03a67..2785f74bee2 100644
--- a/spec/features/projects/services/disable_triggers_spec.rb
+++ b/spec/features/projects/services/disable_triggers_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Disable individual triggers' do
diff --git a/spec/features/projects/services/user_activates_asana_spec.rb b/spec/features/projects/services/user_activates_asana_spec.rb
index c44e07dd3b4..b07c77da554 100644
--- a/spec/features/projects/services/user_activates_asana_spec.rb
+++ b/spec/features/projects/services/user_activates_asana_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User activates Asana' do
diff --git a/spec/features/projects/services/user_activates_assembla_spec.rb b/spec/features/projects/services/user_activates_assembla_spec.rb
index 9c3884a7c74..56f7beb8f4b 100644
--- a/spec/features/projects/services/user_activates_assembla_spec.rb
+++ b/spec/features/projects/services/user_activates_assembla_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User activates Assembla' do
diff --git a/spec/features/projects/services/user_activates_atlassian_bamboo_ci_spec.rb b/spec/features/projects/services/user_activates_atlassian_bamboo_ci_spec.rb
index 19573565265..c694eeb1cc2 100644
--- a/spec/features/projects/services/user_activates_atlassian_bamboo_ci_spec.rb
+++ b/spec/features/projects/services/user_activates_atlassian_bamboo_ci_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User activates Atlassian Bamboo CI' do
diff --git a/spec/features/projects/services/user_activates_emails_on_push_spec.rb b/spec/features/projects/services/user_activates_emails_on_push_spec.rb
index cc55f7b2060..2015b658295 100644
--- a/spec/features/projects/services/user_activates_emails_on_push_spec.rb
+++ b/spec/features/projects/services/user_activates_emails_on_push_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User activates Emails on push' do
diff --git a/spec/features/projects/services/user_activates_flowdock_spec.rb b/spec/features/projects/services/user_activates_flowdock_spec.rb
index f981b7e9da9..fc8e75daa0d 100644
--- a/spec/features/projects/services/user_activates_flowdock_spec.rb
+++ b/spec/features/projects/services/user_activates_flowdock_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User activates Flowdock' do
diff --git a/spec/features/projects/services/user_activates_irker_spec.rb b/spec/features/projects/services/user_activates_irker_spec.rb
index 4c8e321b411..898e16ce835 100644
--- a/spec/features/projects/services/user_activates_irker_spec.rb
+++ b/spec/features/projects/services/user_activates_irker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User activates Irker (IRC gateway)' do
diff --git a/spec/features/projects/services/user_activates_issue_tracker_spec.rb b/spec/features/projects/services/user_activates_issue_tracker_spec.rb
index 74b9a2b20cd..5803500a4d2 100644
--- a/spec/features/projects/services/user_activates_issue_tracker_spec.rb
+++ b/spec/features/projects/services/user_activates_issue_tracker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User activates issue tracker', :js do
diff --git a/spec/features/projects/services/user_activates_jetbrains_teamcity_ci_spec.rb b/spec/features/projects/services/user_activates_jetbrains_teamcity_ci_spec.rb
index c50fd93e4cb..9842141285a 100644
--- a/spec/features/projects/services/user_activates_jetbrains_teamcity_ci_spec.rb
+++ b/spec/features/projects/services/user_activates_jetbrains_teamcity_ci_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User activates JetBrains TeamCity CI' do
diff --git a/spec/features/projects/services/user_activates_jira_spec.rb b/spec/features/projects/services/user_activates_jira_spec.rb
index c52f38e2806..7847b7d5177 100644
--- a/spec/features/projects/services/user_activates_jira_spec.rb
+++ b/spec/features/projects/services/user_activates_jira_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User activates Jira', :js do
diff --git a/spec/features/projects/services/user_activates_mattermost_slash_command_spec.rb b/spec/features/projects/services/user_activates_mattermost_slash_command_spec.rb
index 70f3a812ee9..f8179979018 100644
--- a/spec/features/projects/services/user_activates_mattermost_slash_command_spec.rb
+++ b/spec/features/projects/services/user_activates_mattermost_slash_command_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Set up Mattermost slash commands', :js do
diff --git a/spec/features/projects/services/user_activates_packagist_spec.rb b/spec/features/projects/services/user_activates_packagist_spec.rb
index 756e9b33c07..85bd15adbe5 100644
--- a/spec/features/projects/services/user_activates_packagist_spec.rb
+++ b/spec/features/projects/services/user_activates_packagist_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User activates Packagist' do
diff --git a/spec/features/projects/services/user_activates_pivotaltracker_spec.rb b/spec/features/projects/services/user_activates_pivotaltracker_spec.rb
index 1d6b19e0b0c..67ff99c0295 100644
--- a/spec/features/projects/services/user_activates_pivotaltracker_spec.rb
+++ b/spec/features/projects/services/user_activates_pivotaltracker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User activates PivotalTracker' do
diff --git a/spec/features/projects/services/user_activates_prometheus_spec.rb b/spec/features/projects/services/user_activates_prometheus_spec.rb
index 61361c8a2e3..a83d3e2e8be 100644
--- a/spec/features/projects/services/user_activates_prometheus_spec.rb
+++ b/spec/features/projects/services/user_activates_prometheus_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User activates Prometheus' do
diff --git a/spec/features/projects/services/user_activates_pushover_spec.rb b/spec/features/projects/services/user_activates_pushover_spec.rb
index 24612ee1457..34e1cf33f36 100644
--- a/spec/features/projects/services/user_activates_pushover_spec.rb
+++ b/spec/features/projects/services/user_activates_pushover_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User activates Pushover' do
diff --git a/spec/features/projects/services/user_activates_slack_notifications_spec.rb b/spec/features/projects/services/user_activates_slack_notifications_spec.rb
index 24b5d5259db..f23b1d3102a 100644
--- a/spec/features/projects/services/user_activates_slack_notifications_spec.rb
+++ b/spec/features/projects/services/user_activates_slack_notifications_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User activates Slack notifications' do
diff --git a/spec/features/projects/services/user_activates_slack_slash_command_spec.rb b/spec/features/projects/services/user_activates_slack_slash_command_spec.rb
index 08cfddf7993..752ef8d592d 100644
--- a/spec/features/projects/services/user_activates_slack_slash_command_spec.rb
+++ b/spec/features/projects/services/user_activates_slack_slash_command_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Slack slash commands' do
diff --git a/spec/features/projects/services/user_activates_youtrack_spec.rb b/spec/features/projects/services/user_activates_youtrack_spec.rb
index bb6a030c1cf..67f0aa214e2 100644
--- a/spec/features/projects/services/user_activates_youtrack_spec.rb
+++ b/spec/features/projects/services/user_activates_youtrack_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User activates issue tracker', :js do
diff --git a/spec/features/projects/services/user_views_services_spec.rb b/spec/features/projects/services/user_views_services_spec.rb
index e9c8cf0fe34..d9358a40602 100644
--- a/spec/features/projects/services/user_views_services_spec.rb
+++ b/spec/features/projects/services/user_views_services_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User views services' do
diff --git a/spec/features/projects/settings/forked_project_settings_spec.rb b/spec/features/projects/settings/forked_project_settings_spec.rb
index df33d215602..a2c6dd8e288 100644
--- a/spec/features/projects/settings/forked_project_settings_spec.rb
+++ b/spec/features/projects/settings/forked_project_settings_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Settings > For a forked project', :js do
diff --git a/spec/features/projects/settings/integration_settings_spec.rb b/spec/features/projects/settings/integration_settings_spec.rb
index 016ccf63f58..26ea4ec5944 100644
--- a/spec/features/projects/settings/integration_settings_spec.rb
+++ b/spec/features/projects/settings/integration_settings_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Settings > Integration settings' do
diff --git a/spec/features/projects/settings/lfs_settings_spec.rb b/spec/features/projects/settings/lfs_settings_spec.rb
index befb306b48d..56606df5a78 100644
--- a/spec/features/projects/settings/lfs_settings_spec.rb
+++ b/spec/features/projects/settings/lfs_settings_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Projects > Settings > LFS settings' do
diff --git a/spec/features/projects/settings/pipelines_settings_spec.rb b/spec/features/projects/settings/pipelines_settings_spec.rb
index bf0c0de89b2..c1981edcec8 100644
--- a/spec/features/projects/settings/pipelines_settings_spec.rb
+++ b/spec/features/projects/settings/pipelines_settings_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Projects > Settings > Pipelines settings" do
diff --git a/spec/features/projects/settings/project_badges_spec.rb b/spec/features/projects/settings/project_badges_spec.rb
index 42b5547d43b..5791e30a495 100644
--- a/spec/features/projects/settings/project_badges_spec.rb
+++ b/spec/features/projects/settings/project_badges_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project Badges' do
diff --git a/spec/features/projects/settings/repository_settings_spec.rb b/spec/features/projects/settings/repository_settings_spec.rb
index 1edfee705c8..45adcc00a3c 100644
--- a/spec/features/projects/settings/repository_settings_spec.rb
+++ b/spec/features/projects/settings/repository_settings_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Settings > Repository settings' do
diff --git a/spec/features/projects/settings/user_archives_project_spec.rb b/spec/features/projects/settings/user_archives_project_spec.rb
index 5008eab4d39..7667fad7b03 100644
--- a/spec/features/projects/settings/user_archives_project_spec.rb
+++ b/spec/features/projects/settings/user_archives_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Settings > User archives a project' do
diff --git a/spec/features/projects/settings/user_changes_avatar_spec.rb b/spec/features/projects/settings/user_changes_avatar_spec.rb
index 64335163016..67789b869da 100644
--- a/spec/features/projects/settings/user_changes_avatar_spec.rb
+++ b/spec/features/projects/settings/user_changes_avatar_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Settings > User changes avatar' do
diff --git a/spec/features/projects/settings/user_changes_default_branch_spec.rb b/spec/features/projects/settings/user_changes_default_branch_spec.rb
index 7dc18601f50..411fc0c7e07 100644
--- a/spec/features/projects/settings/user_changes_default_branch_spec.rb
+++ b/spec/features/projects/settings/user_changes_default_branch_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Settings > User changes default branch' do
diff --git a/spec/features/projects/settings/user_interacts_with_deploy_keys_spec.rb b/spec/features/projects/settings/user_interacts_with_deploy_keys_spec.rb
index ecfb49b9efe..cd9299150b2 100644
--- a/spec/features/projects/settings/user_interacts_with_deploy_keys_spec.rb
+++ b/spec/features/projects/settings/user_interacts_with_deploy_keys_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User interacts with deploy keys", :js do
diff --git a/spec/features/projects/settings/user_manages_group_links_spec.rb b/spec/features/projects/settings/user_manages_group_links_spec.rb
index e5a58c44e41..7df0bbb9d02 100644
--- a/spec/features/projects/settings/user_manages_group_links_spec.rb
+++ b/spec/features/projects/settings/user_manages_group_links_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Settings > User manages group links' do
diff --git a/spec/features/projects/settings/user_manages_project_members_spec.rb b/spec/features/projects/settings/user_manages_project_members_spec.rb
index b8ca11d53f0..6d94388a6e2 100644
--- a/spec/features/projects/settings/user_manages_project_members_spec.rb
+++ b/spec/features/projects/settings/user_manages_project_members_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Settings > User manages project members' do
diff --git a/spec/features/projects/settings/user_renames_a_project_spec.rb b/spec/features/projects/settings/user_renames_a_project_spec.rb
index d3979b79910..d2daf8b922d 100644
--- a/spec/features/projects/settings/user_renames_a_project_spec.rb
+++ b/spec/features/projects/settings/user_renames_a_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Settings > User renames a project' do
diff --git a/spec/features/projects/settings/user_sees_revoke_deploy_token_modal_spec.rb b/spec/features/projects/settings/user_sees_revoke_deploy_token_modal_spec.rb
index 069704a1305..9c77a08718e 100644
--- a/spec/features/projects/settings/user_sees_revoke_deploy_token_modal_spec.rb
+++ b/spec/features/projects/settings/user_sees_revoke_deploy_token_modal_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Repository Settings > User sees revoke deploy token modal', :js do
diff --git a/spec/features/projects/settings/user_tags_project_spec.rb b/spec/features/projects/settings/user_tags_project_spec.rb
index e3f06c042b9..a919dd0e4af 100644
--- a/spec/features/projects/settings/user_tags_project_spec.rb
+++ b/spec/features/projects/settings/user_tags_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Settings > User tags a project' do
diff --git a/spec/features/projects/settings/user_transfers_a_project_spec.rb b/spec/features/projects/settings/user_transfers_a_project_spec.rb
index 2fdbc04fa62..cd0b7cef8a4 100644
--- a/spec/features/projects/settings/user_transfers_a_project_spec.rb
+++ b/spec/features/projects/settings/user_transfers_a_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Settings > User transfers a project', :js do
diff --git a/spec/features/projects/settings/visibility_settings_spec.rb b/spec/features/projects/settings/visibility_settings_spec.rb
index 1fbc108697f..46fd676954d 100644
--- a/spec/features/projects/settings/visibility_settings_spec.rb
+++ b/spec/features/projects/settings/visibility_settings_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Settings > Visibility settings', :js do
diff --git a/spec/features/projects/show/developer_views_empty_project_instructions_spec.rb b/spec/features/projects/show/developer_views_empty_project_instructions_spec.rb
index 8ba91fe7fd7..6f176c260a2 100644
--- a/spec/features/projects/show/developer_views_empty_project_instructions_spec.rb
+++ b/spec/features/projects/show/developer_views_empty_project_instructions_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Projects > Show > Developer views empty project instructions' do
diff --git a/spec/features/projects/show/download_buttons_spec.rb b/spec/features/projects/show/download_buttons_spec.rb
index fee5f8001b0..5e7453bcdb7 100644
--- a/spec/features/projects/show/download_buttons_spec.rb
+++ b/spec/features/projects/show/download_buttons_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Show > Download buttons' do
diff --git a/spec/features/projects/show/no_password_spec.rb b/spec/features/projects/show/no_password_spec.rb
index 8259d482fd9..0048b1bf017 100644
--- a/spec/features/projects/show/no_password_spec.rb
+++ b/spec/features/projects/show/no_password_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'No Password Alert' do
diff --git a/spec/features/projects/show/redirects_spec.rb b/spec/features/projects/show/redirects_spec.rb
index 8d41c547d77..1b579ab0121 100644
--- a/spec/features/projects/show/redirects_spec.rb
+++ b/spec/features/projects/show/redirects_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Show > Redirects' do
diff --git a/spec/features/projects/show/rss_spec.rb b/spec/features/projects/show/rss_spec.rb
index 4d9135b9677..4fe1fde5bdd 100644
--- a/spec/features/projects/show/rss_spec.rb
+++ b/spec/features/projects/show/rss_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Show > RSS' do
diff --git a/spec/features/projects/show/user_interacts_with_stars_spec.rb b/spec/features/projects/show/user_interacts_with_stars_spec.rb
index ba28c0e1b8a..e4cd8294f7a 100644
--- a/spec/features/projects/show/user_interacts_with_stars_spec.rb
+++ b/spec/features/projects/show/user_interacts_with_stars_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Show > User interacts with project stars' do
diff --git a/spec/features/projects/show/user_manages_notifications_spec.rb b/spec/features/projects/show/user_manages_notifications_spec.rb
index e9dd1dc0f66..5e9c98428cf 100644
--- a/spec/features/projects/show/user_manages_notifications_spec.rb
+++ b/spec/features/projects/show/user_manages_notifications_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Show > User manages notifications', :js do
diff --git a/spec/features/projects/show/user_sees_collaboration_links_spec.rb b/spec/features/projects/show/user_sees_collaboration_links_spec.rb
index 46586b891e7..bbb3a066ed5 100644
--- a/spec/features/projects/show/user_sees_collaboration_links_spec.rb
+++ b/spec/features/projects/show/user_sees_collaboration_links_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Show > Collaboration links' do
diff --git a/spec/features/projects/show/user_sees_deletion_failure_message_spec.rb b/spec/features/projects/show/user_sees_deletion_failure_message_spec.rb
index d9d57298929..bdd0ab688f0 100644
--- a/spec/features/projects/show/user_sees_deletion_failure_message_spec.rb
+++ b/spec/features/projects/show/user_sees_deletion_failure_message_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Show > User sees a deletion failure message' do
diff --git a/spec/features/projects/show/user_sees_git_instructions_spec.rb b/spec/features/projects/show/user_sees_git_instructions_spec.rb
index 0d59ef4a727..dde9490a5e1 100644
--- a/spec/features/projects/show/user_sees_git_instructions_spec.rb
+++ b/spec/features/projects/show/user_sees_git_instructions_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Show > User sees Git instructions' do
diff --git a/spec/features/projects/show/user_sees_last_commit_ci_status_spec.rb b/spec/features/projects/show/user_sees_last_commit_ci_status_spec.rb
index 89ce4b50781..a1cad261875 100644
--- a/spec/features/projects/show/user_sees_last_commit_ci_status_spec.rb
+++ b/spec/features/projects/show/user_sees_last_commit_ci_status_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Show > User sees last commit CI status' do
diff --git a/spec/features/projects/show/user_sees_readme_spec.rb b/spec/features/projects/show/user_sees_readme_spec.rb
index d80606c1c23..98906de4620 100644
--- a/spec/features/projects/show/user_sees_readme_spec.rb
+++ b/spec/features/projects/show/user_sees_readme_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Show > User sees README' do
diff --git a/spec/features/projects/show/user_sees_setup_shortcut_buttons_spec.rb b/spec/features/projects/show/user_sees_setup_shortcut_buttons_spec.rb
index 58bd20d7551..c136d7607fd 100644
--- a/spec/features/projects/show/user_sees_setup_shortcut_buttons_spec.rb
+++ b/spec/features/projects/show/user_sees_setup_shortcut_buttons_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Show > User sees setup shortcut buttons' do
diff --git a/spec/features/projects/snippets/create_snippet_spec.rb b/spec/features/projects/snippets/create_snippet_spec.rb
index 6d8a72dd6a3..430883fdf29 100644
--- a/spec/features/projects/snippets/create_snippet_spec.rb
+++ b/spec/features/projects/snippets/create_snippet_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Projects > Snippets > Create Snippet', :js do
diff --git a/spec/features/projects/snippets/show_spec.rb b/spec/features/projects/snippets/show_spec.rb
index f3dc13fb52f..e448309356d 100644
--- a/spec/features/projects/snippets/show_spec.rb
+++ b/spec/features/projects/snippets/show_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Snippets > Project snippet', :js do
diff --git a/spec/features/projects/snippets/user_comments_on_snippet_spec.rb b/spec/features/projects/snippets/user_comments_on_snippet_spec.rb
index 4e1e2f330ec..239d19d35d1 100644
--- a/spec/features/projects/snippets/user_comments_on_snippet_spec.rb
+++ b/spec/features/projects/snippets/user_comments_on_snippet_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Snippets > User comments on a snippet', :js do
diff --git a/spec/features/projects/snippets/user_deletes_snippet_spec.rb b/spec/features/projects/snippets/user_deletes_snippet_spec.rb
index 2bd8bb9d551..1b56d7bf26d 100644
--- a/spec/features/projects/snippets/user_deletes_snippet_spec.rb
+++ b/spec/features/projects/snippets/user_deletes_snippet_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Snippets > User deletes a snippet' do
diff --git a/spec/features/projects/snippets/user_updates_snippet_spec.rb b/spec/features/projects/snippets/user_updates_snippet_spec.rb
index 33f77d55f89..c7ff4f89fd6 100644
--- a/spec/features/projects/snippets/user_updates_snippet_spec.rb
+++ b/spec/features/projects/snippets/user_updates_snippet_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Snippets > User updates a snippet' do
diff --git a/spec/features/projects/snippets/user_views_snippets_spec.rb b/spec/features/projects/snippets/user_views_snippets_spec.rb
index 1243db9d9f7..59869244b4a 100644
--- a/spec/features/projects/snippets/user_views_snippets_spec.rb
+++ b/spec/features/projects/snippets/user_views_snippets_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Snippets > User views snippets' do
diff --git a/spec/features/projects/sub_group_issuables_spec.rb b/spec/features/projects/sub_group_issuables_spec.rb
index 50e7e934cf6..0701fa7a304 100644
--- a/spec/features/projects/sub_group_issuables_spec.rb
+++ b/spec/features/projects/sub_group_issuables_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Subgroup Issuables', :js, :nested_groups do
diff --git a/spec/features/projects/tags/download_buttons_spec.rb b/spec/features/projects/tags/download_buttons_spec.rb
index 4c8ec53836a..76b2704ae49 100644
--- a/spec/features/projects/tags/download_buttons_spec.rb
+++ b/spec/features/projects/tags/download_buttons_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Download buttons in tags page' do
diff --git a/spec/features/projects/tree/create_directory_spec.rb b/spec/features/projects/tree/create_directory_spec.rb
index 8585e24bc35..7ac5da86702 100644
--- a/spec/features/projects/tree/create_directory_spec.rb
+++ b/spec/features/projects/tree/create_directory_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Multi-file editor new directory', :js do
diff --git a/spec/features/projects/tree/create_file_spec.rb b/spec/features/projects/tree/create_file_spec.rb
index 8623b10562d..00eefe9db42 100644
--- a/spec/features/projects/tree/create_file_spec.rb
+++ b/spec/features/projects/tree/create_file_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Multi-file editor new file', :js do
diff --git a/spec/features/projects/tree/rss_spec.rb b/spec/features/projects/tree/rss_spec.rb
index 022167d9c5f..4300574210f 100644
--- a/spec/features/projects/tree/rss_spec.rb
+++ b/spec/features/projects/tree/rss_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Project Tree RSS' do
diff --git a/spec/features/projects/tree/tree_show_spec.rb b/spec/features/projects/tree/tree_show_spec.rb
index 3ccea2db705..ca616be341d 100644
--- a/spec/features/projects/tree/tree_show_spec.rb
+++ b/spec/features/projects/tree/tree_show_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects tree', :js do
diff --git a/spec/features/projects/tree/upload_file_spec.rb b/spec/features/projects/tree/upload_file_spec.rb
index e5dd2f40fdf..38c29263b1e 100644
--- a/spec/features/projects/tree/upload_file_spec.rb
+++ b/spec/features/projects/tree/upload_file_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Multi-file editor upload file', :js do
diff --git a/spec/features/projects/user_creates_project_spec.rb b/spec/features/projects/user_creates_project_spec.rb
index c0932539131..e9a67bd8d4d 100644
--- a/spec/features/projects/user_creates_project_spec.rb
+++ b/spec/features/projects/user_creates_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User creates a project', :js do
diff --git a/spec/features/projects/user_sees_sidebar_spec.rb b/spec/features/projects/user_sees_sidebar_spec.rb
index 383e8824b7b..4226cdcc759 100644
--- a/spec/features/projects/user_sees_sidebar_spec.rb
+++ b/spec/features/projects/user_sees_sidebar_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > User sees sidebar' do
diff --git a/spec/features/projects/user_uses_shortcuts_spec.rb b/spec/features/projects/user_uses_shortcuts_spec.rb
index 64f9a4fcd39..ff24730acef 100644
--- a/spec/features/projects/user_uses_shortcuts_spec.rb
+++ b/spec/features/projects/user_uses_shortcuts_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User uses shortcuts', :js do
diff --git a/spec/features/projects/user_views_empty_project_spec.rb b/spec/features/projects/user_views_empty_project_spec.rb
index b7c0834d33a..cb6b63d4dd5 100644
--- a/spec/features/projects/user_views_empty_project_spec.rb
+++ b/spec/features/projects/user_views_empty_project_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User views an empty project' do
diff --git a/spec/features/projects/view_on_env_spec.rb b/spec/features/projects/view_on_env_spec.rb
index 7bfcd46713e..beb32104809 100644
--- a/spec/features/projects/view_on_env_spec.rb
+++ b/spec/features/projects/view_on_env_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'View on environment', :js do
diff --git a/spec/features/projects/wiki/markdown_preview_spec.rb b/spec/features/projects/wiki/markdown_preview_spec.rb
index 49058d1372a..7b511c4d3d5 100644
--- a/spec/features/projects/wiki/markdown_preview_spec.rb
+++ b/spec/features/projects/wiki/markdown_preview_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Wiki > User previews markdown changes', :js do
diff --git a/spec/features/projects/wiki/shortcuts_spec.rb b/spec/features/projects/wiki/shortcuts_spec.rb
index c01be1f14ed..806d2f28bb9 100644
--- a/spec/features/projects/wiki/shortcuts_spec.rb
+++ b/spec/features/projects/wiki/shortcuts_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Wiki shortcuts', :js do
diff --git a/spec/features/projects/wiki/user_creates_wiki_page_spec.rb b/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
index aac095bfa6b..cc6dbaa6eb8 100644
--- a/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
+++ b/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe "User creates wiki page" do
diff --git a/spec/features/projects/wiki/user_deletes_wiki_page_spec.rb b/spec/features/projects/wiki/user_deletes_wiki_page_spec.rb
index 18ccd31f3d0..38e5e292064 100644
--- a/spec/features/projects/wiki/user_deletes_wiki_page_spec.rb
+++ b/spec/features/projects/wiki/user_deletes_wiki_page_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User deletes wiki page', :js do
diff --git a/spec/features/projects/wiki/user_git_access_wiki_page_spec.rb b/spec/features/projects/wiki/user_git_access_wiki_page_spec.rb
index db97d59e918..ab3d912dd15 100644
--- a/spec/features/projects/wiki/user_git_access_wiki_page_spec.rb
+++ b/spec/features/projects/wiki/user_git_access_wiki_page_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Wiki > User views Git access wiki page' do
diff --git a/spec/features/projects/wiki/user_updates_wiki_page_spec.rb b/spec/features/projects/wiki/user_updates_wiki_page_spec.rb
index dbf8af3e5bb..2aab8fda62d 100644
--- a/spec/features/projects/wiki/user_updates_wiki_page_spec.rb
+++ b/spec/features/projects/wiki/user_updates_wiki_page_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User updates wiki page' do
diff --git a/spec/features/projects/wiki/user_views_wiki_empty_spec.rb b/spec/features/projects/wiki/user_views_wiki_empty_spec.rb
index e94b3a9432b..ab0f9b750d2 100644
--- a/spec/features/projects/wiki/user_views_wiki_empty_spec.rb
+++ b/spec/features/projects/wiki/user_views_wiki_empty_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User views empty wiki' do
diff --git a/spec/features/projects/wiki/user_views_wiki_in_project_page_spec.rb b/spec/features/projects/wiki/user_views_wiki_in_project_page_spec.rb
index fb0ebe22bf7..471e80b27dc 100644
--- a/spec/features/projects/wiki/user_views_wiki_in_project_page_spec.rb
+++ b/spec/features/projects/wiki/user_views_wiki_in_project_page_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Projects > Wiki > User views wiki in project page' do
diff --git a/spec/features/projects/wiki/user_views_wiki_page_spec.rb b/spec/features/projects/wiki/user_views_wiki_page_spec.rb
index 6e28ec0d7b2..e19f9b6c2c1 100644
--- a/spec/features/projects/wiki/user_views_wiki_page_spec.rb
+++ b/spec/features/projects/wiki/user_views_wiki_page_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User views a wiki page' do
diff --git a/spec/features/protected_branches_spec.rb b/spec/features/protected_branches_spec.rb
index 0dbff5a2701..80937223016 100644
--- a/spec/features/protected_branches_spec.rb
+++ b/spec/features/protected_branches_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Protected Branches', :js do
diff --git a/spec/features/protected_tags_spec.rb b/spec/features/protected_tags_spec.rb
index 652542b1719..7844d6ac6d3 100644
--- a/spec/features/protected_tags_spec.rb
+++ b/spec/features/protected_tags_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Protected Tags', :js do
diff --git a/spec/features/raven_js_spec.rb b/spec/features/raven_js_spec.rb
index a4dd79b3179..38699f0cc1b 100644
--- a/spec/features/raven_js_spec.rb
+++ b/spec/features/raven_js_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'RavenJS' do
diff --git a/spec/features/read_only_spec.rb b/spec/features/read_only_spec.rb
index 8bfaf558466..3af4b51b9b1 100644
--- a/spec/features/read_only_spec.rb
+++ b/spec/features/read_only_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'read-only message' do
diff --git a/spec/features/reportable_note/commit_spec.rb b/spec/features/reportable_note/commit_spec.rb
index 54ebda9dcab..3502401095e 100644
--- a/spec/features/reportable_note/commit_spec.rb
+++ b/spec/features/reportable_note/commit_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Reportable note on commit', :js do
diff --git a/spec/features/reportable_note/issue_spec.rb b/spec/features/reportable_note/issue_spec.rb
index bce1f7a3780..c45ef77df55 100644
--- a/spec/features/reportable_note/issue_spec.rb
+++ b/spec/features/reportable_note/issue_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Reportable note on issue', :js do
diff --git a/spec/features/reportable_note/merge_request_spec.rb b/spec/features/reportable_note/merge_request_spec.rb
index d00324156c4..2e4d032754b 100644
--- a/spec/features/reportable_note/merge_request_spec.rb
+++ b/spec/features/reportable_note/merge_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Reportable note on merge request', :js do
diff --git a/spec/features/reportable_note/snippets_spec.rb b/spec/features/reportable_note/snippets_spec.rb
index 06218d9b286..c2c853cdb05 100644
--- a/spec/features/reportable_note/snippets_spec.rb
+++ b/spec/features/reportable_note/snippets_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Reportable note on snippets', :js do
diff --git a/spec/features/runners_spec.rb b/spec/features/runners_spec.rb
index 6eae0be4b9f..63d21d94b5f 100644
--- a/spec/features/runners_spec.rb
+++ b/spec/features/runners_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Runners' do
diff --git a/spec/features/search/user_searches_for_code_spec.rb b/spec/features/search/user_searches_for_code_spec.rb
index ecec2f3e043..71af75640de 100644
--- a/spec/features/search/user_searches_for_code_spec.rb
+++ b/spec/features/search/user_searches_for_code_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User searches for code' do
diff --git a/spec/features/search/user_searches_for_comments_spec.rb b/spec/features/search/user_searches_for_comments_spec.rb
index c7c469a262c..2ce3fa4735f 100644
--- a/spec/features/search/user_searches_for_comments_spec.rb
+++ b/spec/features/search/user_searches_for_comments_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User searches for comments' do
diff --git a/spec/features/search/user_searches_for_commits_spec.rb b/spec/features/search/user_searches_for_commits_spec.rb
index 998f8521384..81c299752ea 100644
--- a/spec/features/search/user_searches_for_commits_spec.rb
+++ b/spec/features/search/user_searches_for_commits_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User searches for commits' do
diff --git a/spec/features/search/user_searches_for_issues_spec.rb b/spec/features/search/user_searches_for_issues_spec.rb
index 4bff269f89e..f0fcf6df70c 100644
--- a/spec/features/search/user_searches_for_issues_spec.rb
+++ b/spec/features/search/user_searches_for_issues_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User searches for issues', :js do
diff --git a/spec/features/search/user_searches_for_merge_requests_spec.rb b/spec/features/search/user_searches_for_merge_requests_spec.rb
index 75d44e413cb..d005b87cdfe 100644
--- a/spec/features/search/user_searches_for_merge_requests_spec.rb
+++ b/spec/features/search/user_searches_for_merge_requests_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User searches for merge requests', :js do
diff --git a/spec/features/search/user_searches_for_milestones_spec.rb b/spec/features/search/user_searches_for_milestones_spec.rb
index 7d52c4c8bcc..00964ab4f1d 100644
--- a/spec/features/search/user_searches_for_milestones_spec.rb
+++ b/spec/features/search/user_searches_for_milestones_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User searches for milestones', :js do
diff --git a/spec/features/search/user_searches_for_projects_spec.rb b/spec/features/search/user_searches_for_projects_spec.rb
index 242e437e41c..082c1ae8e4a 100644
--- a/spec/features/search/user_searches_for_projects_spec.rb
+++ b/spec/features/search/user_searches_for_projects_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User searches for projects' do
diff --git a/spec/features/search/user_searches_for_users_spec.rb b/spec/features/search/user_searches_for_users_spec.rb
index 3725143291d..2517a843c62 100644
--- a/spec/features/search/user_searches_for_users_spec.rb
+++ b/spec/features/search/user_searches_for_users_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User searches for users' do
diff --git a/spec/features/search/user_searches_for_wiki_pages_spec.rb b/spec/features/search/user_searches_for_wiki_pages_spec.rb
index ee43755262e..0a5abfbf46a 100644
--- a/spec/features/search/user_searches_for_wiki_pages_spec.rb
+++ b/spec/features/search/user_searches_for_wiki_pages_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User searches for wiki pages', :js do
diff --git a/spec/features/search/user_uses_header_search_field_spec.rb b/spec/features/search/user_uses_header_search_field_spec.rb
index 7ddd5c12cdf..29ce5425323 100644
--- a/spec/features/search/user_uses_header_search_field_spec.rb
+++ b/spec/features/search/user_uses_header_search_field_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User uses header search field', :js do
diff --git a/spec/features/search/user_uses_search_filters_spec.rb b/spec/features/search/user_uses_search_filters_spec.rb
index 0725ff178ac..f5cda15b38a 100644
--- a/spec/features/search/user_uses_search_filters_spec.rb
+++ b/spec/features/search/user_uses_search_filters_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User uses search filters', :js do
diff --git a/spec/features/security/admin_access_spec.rb b/spec/features/security/admin_access_spec.rb
index ff679034a36..9b2c873b2aa 100644
--- a/spec/features/security/admin_access_spec.rb
+++ b/spec/features/security/admin_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Admin::Projects" do
diff --git a/spec/features/security/dashboard_access_spec.rb b/spec/features/security/dashboard_access_spec.rb
index 07cddc92ac4..13fafd88a4c 100644
--- a/spec/features/security/dashboard_access_spec.rb
+++ b/spec/features/security/dashboard_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Dashboard access" do
diff --git a/spec/features/security/group/internal_access_spec.rb b/spec/features/security/group/internal_access_spec.rb
index 51b32ba6c03..f4f3872aa09 100644
--- a/spec/features/security/group/internal_access_spec.rb
+++ b/spec/features/security/group/internal_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Internal Group access' do
diff --git a/spec/features/security/group/private_access_spec.rb b/spec/features/security/group/private_access_spec.rb
index a776169a8e5..9cef8ef777c 100644
--- a/spec/features/security/group/private_access_spec.rb
+++ b/spec/features/security/group/private_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Private Group access' do
diff --git a/spec/features/security/group/public_access_spec.rb b/spec/features/security/group/public_access_spec.rb
index 3a53c3c2bc7..bbe74f0dab0 100644
--- a/spec/features/security/group/public_access_spec.rb
+++ b/spec/features/security/group/public_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Public Group access' do
diff --git a/spec/features/security/project/internal_access_spec.rb b/spec/features/security/project/internal_access_spec.rb
index e23000fa676..42c747c674f 100644
--- a/spec/features/security/project/internal_access_spec.rb
+++ b/spec/features/security/project/internal_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Internal Project Access" do
diff --git a/spec/features/security/project/private_access_spec.rb b/spec/features/security/project/private_access_spec.rb
index 65dbae1c674..a86d240b7d6 100644
--- a/spec/features/security/project/private_access_spec.rb
+++ b/spec/features/security/project/private_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Private Project Access" do
diff --git a/spec/features/security/project/public_access_spec.rb b/spec/features/security/project/public_access_spec.rb
index 57d56371719..8d7f8c84358 100644
--- a/spec/features/security/project/public_access_spec.rb
+++ b/spec/features/security/project/public_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Public Project Access" do
diff --git a/spec/features/security/project/snippet/internal_access_spec.rb b/spec/features/security/project/snippet/internal_access_spec.rb
index 0c58fdf2f12..4b6c7d2c8fb 100644
--- a/spec/features/security/project/snippet/internal_access_spec.rb
+++ b/spec/features/security/project/snippet/internal_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Internal Project Snippets Access" do
diff --git a/spec/features/security/project/snippet/private_access_spec.rb b/spec/features/security/project/snippet/private_access_spec.rb
index 420f1938763..3135d25cc10 100644
--- a/spec/features/security/project/snippet/private_access_spec.rb
+++ b/spec/features/security/project/snippet/private_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Private Project Snippets Access" do
diff --git a/spec/features/security/project/snippet/public_access_spec.rb b/spec/features/security/project/snippet/public_access_spec.rb
index 6c75902c6e9..81689a7bcb5 100644
--- a/spec/features/security/project/snippet/public_access_spec.rb
+++ b/spec/features/security/project/snippet/public_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Public Project Snippets Access" do
diff --git a/spec/features/snippets/embedded_snippet_spec.rb b/spec/features/snippets/embedded_snippet_spec.rb
index ab661f6fc69..d6275b5a265 100644
--- a/spec/features/snippets/embedded_snippet_spec.rb
+++ b/spec/features/snippets/embedded_snippet_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Embedded Snippets' do
diff --git a/spec/features/snippets/explore_spec.rb b/spec/features/snippets/explore_spec.rb
index c08f25875f8..b48a5691e96 100644
--- a/spec/features/snippets/explore_spec.rb
+++ b/spec/features/snippets/explore_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Explore Snippets' do
diff --git a/spec/features/snippets/internal_snippet_spec.rb b/spec/features/snippets/internal_snippet_spec.rb
index f6215b481dc..8454a347382 100644
--- a/spec/features/snippets/internal_snippet_spec.rb
+++ b/spec/features/snippets/internal_snippet_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Internal Snippets', :js do
diff --git a/spec/features/snippets/notes_on_personal_snippets_spec.rb b/spec/features/snippets/notes_on_personal_snippets_spec.rb
index 78e0a43ce6d..2bd01be25e9 100644
--- a/spec/features/snippets/notes_on_personal_snippets_spec.rb
+++ b/spec/features/snippets/notes_on_personal_snippets_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Comments on personal snippets', :js do
diff --git a/spec/features/snippets/public_snippets_spec.rb b/spec/features/snippets/public_snippets_spec.rb
index 71c72b98fad..e32a9292e22 100644
--- a/spec/features/snippets/public_snippets_spec.rb
+++ b/spec/features/snippets/public_snippets_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Public Snippets', :js do
diff --git a/spec/features/snippets/search_snippets_spec.rb b/spec/features/snippets/search_snippets_spec.rb
index c137b0bcd96..4a8c5f9b1fe 100644
--- a/spec/features/snippets/search_snippets_spec.rb
+++ b/spec/features/snippets/search_snippets_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Search Snippets' do
diff --git a/spec/features/snippets/show_spec.rb b/spec/features/snippets/show_spec.rb
index 74fdfcf492e..edf7d37fd6d 100644
--- a/spec/features/snippets/show_spec.rb
+++ b/spec/features/snippets/show_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Snippet', :js do
diff --git a/spec/features/snippets/user_creates_snippet_spec.rb b/spec/features/snippets/user_creates_snippet_spec.rb
index 93d77d5b5ce..a4a5407d1f7 100644
--- a/spec/features/snippets/user_creates_snippet_spec.rb
+++ b/spec/features/snippets/user_creates_snippet_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'User creates snippet', :js do
diff --git a/spec/features/snippets/user_deletes_snippet_spec.rb b/spec/features/snippets/user_deletes_snippet_spec.rb
index 7bdccacb0fa..9773aca849a 100644
--- a/spec/features/snippets/user_deletes_snippet_spec.rb
+++ b/spec/features/snippets/user_deletes_snippet_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'User deletes snippet' do
diff --git a/spec/features/snippets/user_edits_snippet_spec.rb b/spec/features/snippets/user_edits_snippet_spec.rb
index 77f62990158..92e34a1f510 100644
--- a/spec/features/snippets/user_edits_snippet_spec.rb
+++ b/spec/features/snippets/user_edits_snippet_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'User edits snippet', :js do
diff --git a/spec/features/snippets/user_sees_breadcrumb_links.rb b/spec/features/snippets/user_sees_breadcrumb_links.rb
index 696f2b93390..5b10984ce1d 100644
--- a/spec/features/snippets/user_sees_breadcrumb_links.rb
+++ b/spec/features/snippets/user_sees_breadcrumb_links.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'New user snippet breadcrumbs' do
diff --git a/spec/features/snippets/user_snippets_spec.rb b/spec/features/snippets/user_snippets_spec.rb
index e3065a899cc..4e9215db945 100644
--- a/spec/features/snippets/user_snippets_spec.rb
+++ b/spec/features/snippets/user_snippets_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'User Snippets' do
diff --git a/spec/features/snippets_spec.rb b/spec/features/snippets_spec.rb
index 96c50f6c804..9df6fe7d16b 100644
--- a/spec/features/snippets_spec.rb
+++ b/spec/features/snippets_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Snippets' do
diff --git a/spec/features/tags/developer_creates_tag_spec.rb b/spec/features/tags/developer_creates_tag_spec.rb
index b2ad7ed8f3f..a2d53b04c9d 100644
--- a/spec/features/tags/developer_creates_tag_spec.rb
+++ b/spec/features/tags/developer_creates_tag_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Developer creates tag' do
diff --git a/spec/features/tags/developer_deletes_tag_spec.rb b/spec/features/tags/developer_deletes_tag_spec.rb
index dc4c7a4fb0a..82b416c3a7f 100644
--- a/spec/features/tags/developer_deletes_tag_spec.rb
+++ b/spec/features/tags/developer_deletes_tag_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Developer deletes tag' do
diff --git a/spec/features/tags/developer_updates_tag_spec.rb b/spec/features/tags/developer_updates_tag_spec.rb
index 1e11fc9e5d5..0cdd953b9ae 100644
--- a/spec/features/tags/developer_updates_tag_spec.rb
+++ b/spec/features/tags/developer_updates_tag_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Developer updates tag' do
diff --git a/spec/features/tags/developer_views_tags_spec.rb b/spec/features/tags/developer_views_tags_spec.rb
index 09e644c6b97..b892b2b4d12 100644
--- a/spec/features/tags/developer_views_tags_spec.rb
+++ b/spec/features/tags/developer_views_tags_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Developer views tags' do
diff --git a/spec/features/task_lists_spec.rb b/spec/features/task_lists_spec.rb
index 33d9c10f5e8..acffc4ce580 100644
--- a/spec/features/task_lists_spec.rb
+++ b/spec/features/task_lists_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Task Lists' do
diff --git a/spec/features/triggers_spec.rb b/spec/features/triggers_spec.rb
index 7c44680e9f7..9661e204dfb 100644
--- a/spec/features/triggers_spec.rb
+++ b/spec/features/triggers_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Triggers', :js do
diff --git a/spec/features/u2f_spec.rb b/spec/features/u2f_spec.rb
index ea02f36d9d0..bb18703f90e 100644
--- a/spec/features/u2f_spec.rb
+++ b/spec/features/u2f_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Using U2F (Universal 2nd Factor) Devices for Authentication', :js do
diff --git a/spec/features/unsubscribe_links_spec.rb b/spec/features/unsubscribe_links_spec.rb
index 392d8e3e1c1..2f8b715289c 100644
--- a/spec/features/unsubscribe_links_spec.rb
+++ b/spec/features/unsubscribe_links_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Unsubscribe links' do
diff --git a/spec/features/uploads/user_uploads_avatar_to_group_spec.rb b/spec/features/uploads/user_uploads_avatar_to_group_spec.rb
index 72b53bae46a..40d864e0002 100644
--- a/spec/features/uploads/user_uploads_avatar_to_group_spec.rb
+++ b/spec/features/uploads/user_uploads_avatar_to_group_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'User uploads avatar to group' do
diff --git a/spec/features/uploads/user_uploads_avatar_to_profile_spec.rb b/spec/features/uploads/user_uploads_avatar_to_profile_spec.rb
index 48f8b8bf77e..4c694365e3b 100644
--- a/spec/features/uploads/user_uploads_avatar_to_profile_spec.rb
+++ b/spec/features/uploads/user_uploads_avatar_to_profile_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'User uploads avatar to profile' do
diff --git a/spec/features/uploads/user_uploads_file_to_note_spec.rb b/spec/features/uploads/user_uploads_file_to_note_spec.rb
index 24a00c86b0a..6bf8e8ea74f 100644
--- a/spec/features/uploads/user_uploads_file_to_note_spec.rb
+++ b/spec/features/uploads/user_uploads_file_to_note_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'User uploads file to note' do
diff --git a/spec/features/user_can_display_performance_bar_spec.rb b/spec/features/user_can_display_performance_bar_spec.rb
index e069c2fddd1..b2036108d42 100644
--- a/spec/features/user_can_display_performance_bar_spec.rb
+++ b/spec/features/user_can_display_performance_bar_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'User can display performance bar', :js do
diff --git a/spec/features/user_sees_revert_modal_spec.rb b/spec/features/user_sees_revert_modal_spec.rb
index d2cdade88d1..35828b5f086 100644
--- a/spec/features/user_sees_revert_modal_spec.rb
+++ b/spec/features/user_sees_revert_modal_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe 'Merge request > User sees revert modal', :js do
diff --git a/spec/features/user_sorts_things_spec.rb b/spec/features/user_sorts_things_spec.rb
index 0295f588326..41f8f3761e8 100644
--- a/spec/features/user_sorts_things_spec.rb
+++ b/spec/features/user_sorts_things_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 # The main goal of this spec is not to check whether the sorting UI works, but
diff --git a/spec/features/users/active_sessions_spec.rb b/spec/features/users/active_sessions_spec.rb
index 25349b5d036..c717e89eafb 100644
--- a/spec/features/users/active_sessions_spec.rb
+++ b/spec/features/users/active_sessions_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Active user sessions', :clean_gitlab_redis_shared_state do
diff --git a/spec/features/users/add_email_to_existing_account.rb b/spec/features/users/add_email_to_existing_account.rb
index 4355f769429..42e352399a8 100644
--- a/spec/features/users/add_email_to_existing_account.rb
+++ b/spec/features/users/add_email_to_existing_account.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'AdditionalEmailToExistingAccount' do
diff --git a/spec/features/users/login_spec.rb b/spec/features/users/login_spec.rb
index efba303033b..5c0f89941e0 100644
--- a/spec/features/users/login_spec.rb
+++ b/spec/features/users/login_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Login' do
diff --git a/spec/features/users/logout_spec.rb b/spec/features/users/logout_spec.rb
index 635729efa53..64202776b9b 100644
--- a/spec/features/users/logout_spec.rb
+++ b/spec/features/users/logout_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Logout/Sign out', :js do
diff --git a/spec/features/users/overview_spec.rb b/spec/features/users/overview_spec.rb
index bfa85696e19..b3531d040e4 100644
--- a/spec/features/users/overview_spec.rb
+++ b/spec/features/users/overview_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Overview tab on a user profile', :js do
diff --git a/spec/features/users/rss_spec.rb b/spec/features/users/rss_spec.rb
index 9af4447056e..ecdbf032623 100644
--- a/spec/features/users/rss_spec.rb
+++ b/spec/features/users/rss_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User RSS' do
diff --git a/spec/features/users/show_spec.rb b/spec/features/users/show_spec.rb
index 351750c0179..932c1d8d4bd 100644
--- a/spec/features/users/show_spec.rb
+++ b/spec/features/users/show_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'User page' do
diff --git a/spec/features/users/signup_spec.rb b/spec/features/users/signup_spec.rb
index 50befa7028d..f5897bffaf0 100644
--- a/spec/features/users/signup_spec.rb
+++ b/spec/features/users/signup_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Signup' do
diff --git a/spec/features/users/snippets_spec.rb b/spec/features/users/snippets_spec.rb
index 8c697e33436..8b6bf54b642 100644
--- a/spec/features/users/snippets_spec.rb
+++ b/spec/features/users/snippets_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Snippets tab on a user profile', :js do
diff --git a/spec/features/users/terms_spec.rb b/spec/features/users/terms_spec.rb
index a770309e6b0..d44e3622a56 100644
--- a/spec/features/users/terms_spec.rb
+++ b/spec/features/users/terms_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Users > Terms' do
diff --git a/spec/features/users/user_browses_projects_on_user_page_spec.rb b/spec/features/users/user_browses_projects_on_user_page_spec.rb
index 5768f42c888..9a1ee7715d6 100644
--- a/spec/features/users/user_browses_projects_on_user_page_spec.rb
+++ b/spec/features/users/user_browses_projects_on_user_page_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Users > User browses projects on user page', :js do
-- 
cgit v1.2.1


From 8be61f7695728e88dabcba0e74714044800eaf67 Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Thu, 25 Jul 2019 22:53:43 +1200
Subject: Fix can't modify frozen String errors

Use unary plus as recommended by Performance/UnfreezeString cop
---
 spec/features/ics/dashboard_issues_spec.rb               | 2 +-
 spec/features/ics/group_issues_spec.rb                   | 2 +-
 spec/features/ics/project_issues_spec.rb                 | 2 +-
 spec/features/projects/wiki/user_views_wiki_page_spec.rb | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/spec/features/ics/dashboard_issues_spec.rb b/spec/features/ics/dashboard_issues_spec.rb
index 4eebff31a9c..bde5488f375 100644
--- a/spec/features/ics/dashboard_issues_spec.rb
+++ b/spec/features/ics/dashboard_issues_spec.rb
@@ -93,7 +93,7 @@ describe 'Dashboard Issues Calendar Feed' do
 
         expect(body).to have_text("SUMMARY:test title (in #{project.full_path})")
         # line length for ics is 75 chars
-        expected_description = "DESCRIPTION:Find out more at #{issue_url(issue)}".insert(75, ' ')
+        expected_description = (+"DESCRIPTION:Find out more at #{issue_url(issue)}").insert(75, ' ')
         expect(body).to have_text(expected_description)
         expect(body).to have_text("DTSTART;VALUE=DATE:#{Date.tomorrow.strftime('%Y%m%d')}")
         expect(body).to have_text("URL:#{issue_url(issue)}")
diff --git a/spec/features/ics/group_issues_spec.rb b/spec/features/ics/group_issues_spec.rb
index 7e674fd08df..0b317095678 100644
--- a/spec/features/ics/group_issues_spec.rb
+++ b/spec/features/ics/group_issues_spec.rb
@@ -68,7 +68,7 @@ describe 'Group Issues Calendar Feed' do
 
         expect(body).to have_text("SUMMARY:test title (in #{project.full_path})")
         # line length for ics is 75 chars
-        expected_description = "DESCRIPTION:Find out more at #{issue_url(issue)}".insert(75, ' ')
+        expected_description = (+"DESCRIPTION:Find out more at #{issue_url(issue)}").insert(75, ' ')
         expect(body).to have_text(expected_description)
         expect(body).to have_text("DTSTART;VALUE=DATE:#{Date.tomorrow.strftime('%Y%m%d')}")
         expect(body).to have_text("URL:#{issue_url(issue)}")
diff --git a/spec/features/ics/project_issues_spec.rb b/spec/features/ics/project_issues_spec.rb
index c339f28a27e..3c940149670 100644
--- a/spec/features/ics/project_issues_spec.rb
+++ b/spec/features/ics/project_issues_spec.rb
@@ -67,7 +67,7 @@ describe 'Project Issues Calendar Feed' do
 
         expect(body).to have_text("SUMMARY:test title (in #{project.full_path})")
         # line length for ics is 75 chars
-        expected_description = "DESCRIPTION:Find out more at #{issue_url(issue)}".insert(75, ' ')
+        expected_description = (+"DESCRIPTION:Find out more at #{issue_url(issue)}").insert(75, ' ')
         expect(body).to have_text(expected_description)
         expect(body).to have_text("DTSTART;VALUE=DATE:#{Date.tomorrow.strftime('%Y%m%d')}")
         expect(body).to have_text("URL:#{issue_url(issue)}")
diff --git a/spec/features/projects/wiki/user_views_wiki_page_spec.rb b/spec/features/projects/wiki/user_views_wiki_page_spec.rb
index e19f9b6c2c1..05742b63c43 100644
--- a/spec/features/projects/wiki/user_views_wiki_page_spec.rb
+++ b/spec/features/projects/wiki/user_views_wiki_page_spec.rb
@@ -131,7 +131,7 @@ describe 'User views a wiki page' do
   end
 
   context 'when page has invalid content encoding' do
-    let(:content) { 'whatever'.force_encoding('ISO-8859-1') }
+    let(:content) { (+'whatever').force_encoding('ISO-8859-1') }
 
     before do
       allow(Gitlab::EncodingHelper).to receive(:encode!).and_return(content)
-- 
cgit v1.2.1


From f540ffcef6a278b3465dec43b99a6baaf51eeb51 Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Thu, 25 Jul 2019 17:21:37 +1200
Subject: Add frozen_string_literal to spec/lib (part 1)

Using the sed script from
https://gitlab.com/gitlab-org/gitlab-ce/issues/59758
---
 spec/lib/after_commit_queue_spec.rb                                     | 2 ++
 spec/lib/api/api_spec.rb                                                | 2 ++
 spec/lib/api/helpers/custom_validators_spec.rb                          | 2 ++
 spec/lib/api/helpers/pagination_spec.rb                                 | 2 ++
 spec/lib/api/helpers/related_resources_helpers_spec.rb                  | 2 ++
 spec/lib/api/helpers/version_spec.rb                                    | 2 ++
 spec/lib/api/helpers_spec.rb                                            | 2 ++
 spec/lib/backup/files_spec.rb                                           | 2 ++
 spec/lib/backup/manager_spec.rb                                         | 2 ++
 spec/lib/backup/repository_spec.rb                                      | 2 ++
 spec/lib/backup/uploads_spec.rb                                         | 2 ++
 spec/lib/banzai/color_parser_spec.rb                                    | 2 ++
 spec/lib/banzai/commit_renderer_spec.rb                                 | 2 ++
 spec/lib/banzai/cross_project_reference_spec.rb                         | 2 ++
 spec/lib/banzai/filter/absolute_link_filter_spec.rb                     | 2 ++
 spec/lib/banzai/filter/abstract_reference_filter_spec.rb                | 2 ++
 spec/lib/banzai/filter/ascii_doc_post_processing_filter_spec.rb         | 2 ++
 spec/lib/banzai/filter/autolink_filter_spec.rb                          | 2 ++
 spec/lib/banzai/filter/blockquote_fence_filter_spec.rb                  | 2 ++
 spec/lib/banzai/filter/color_filter_spec.rb                             | 2 ++
 spec/lib/banzai/filter/commit_range_reference_filter_spec.rb            | 2 ++
 spec/lib/banzai/filter/commit_reference_filter_spec.rb                  | 2 ++
 spec/lib/banzai/filter/commit_trailers_filter_spec.rb                   | 2 ++
 spec/lib/banzai/filter/emoji_filter_spec.rb                             | 2 ++
 spec/lib/banzai/filter/external_issue_reference_filter_spec.rb          | 2 ++
 spec/lib/banzai/filter/external_link_filter_spec.rb                     | 2 ++
 spec/lib/banzai/filter/front_matter_filter_spec.rb                      | 2 ++
 spec/lib/banzai/filter/gollum_tags_filter_spec.rb                       | 2 ++
 spec/lib/banzai/filter/html_entity_filter_spec.rb                       | 2 ++
 spec/lib/banzai/filter/image_lazy_load_filter_spec.rb                   | 2 ++
 spec/lib/banzai/filter/image_link_filter_spec.rb                        | 2 ++
 spec/lib/banzai/filter/inline_diff_filter_spec.rb                       | 2 ++
 spec/lib/banzai/filter/issuable_state_filter_spec.rb                    | 2 ++
 spec/lib/banzai/filter/issue_reference_filter_spec.rb                   | 2 ++
 spec/lib/banzai/filter/label_reference_filter_spec.rb                   | 2 ++
 spec/lib/banzai/filter/markdown_filter_spec.rb                          | 2 ++
 spec/lib/banzai/filter/math_filter_spec.rb                              | 2 ++
 spec/lib/banzai/filter/merge_request_reference_filter_spec.rb           | 2 ++
 spec/lib/banzai/filter/mermaid_filter_spec.rb                           | 2 ++
 spec/lib/banzai/filter/milestone_reference_filter_spec.rb               | 2 ++
 spec/lib/banzai/filter/plantuml_filter_spec.rb                          | 2 ++
 spec/lib/banzai/filter/reference_filter_spec.rb                         | 2 ++
 spec/lib/banzai/filter/reference_redactor_filter_spec.rb                | 2 ++
 spec/lib/banzai/filter/relative_link_filter_spec.rb                     | 2 ++
 spec/lib/banzai/filter/sanitization_filter_spec.rb                      | 2 ++
 spec/lib/banzai/filter/snippet_reference_filter_spec.rb                 | 2 ++
 spec/lib/banzai/filter/spaced_link_filter_spec.rb                       | 2 ++
 spec/lib/banzai/filter/syntax_highlight_filter_spec.rb                  | 2 ++
 spec/lib/banzai/filter/table_of_contents_filter_spec.rb                 | 2 ++
 spec/lib/banzai/filter/user_reference_filter_spec.rb                    | 2 ++
 spec/lib/banzai/filter/video_link_filter_spec.rb                        | 2 ++
 spec/lib/banzai/filter/wiki_link_filter_spec.rb                         | 2 ++
 spec/lib/banzai/filter_array_spec.rb                                    | 2 ++
 spec/lib/banzai/issuable_extractor_spec.rb                              | 2 ++
 spec/lib/banzai/object_renderer_spec.rb                                 | 2 ++
 spec/lib/banzai/pipeline/description_pipeline_spec.rb                   | 2 ++
 spec/lib/banzai/pipeline/email_pipeline_spec.rb                         | 2 ++
 spec/lib/banzai/pipeline/full_pipeline_spec.rb                          | 2 ++
 spec/lib/banzai/pipeline/gfm_pipeline_spec.rb                           | 2 ++
 spec/lib/banzai/pipeline/wiki_pipeline_spec.rb                          | 2 ++
 spec/lib/banzai/querying_spec.rb                                        | 2 ++
 spec/lib/banzai/reference_parser/base_parser_spec.rb                    | 2 ++
 spec/lib/banzai/reference_parser/commit_parser_spec.rb                  | 2 ++
 spec/lib/banzai/reference_parser/commit_range_parser_spec.rb            | 2 ++
 spec/lib/banzai/reference_parser/external_issue_parser_spec.rb          | 2 ++
 spec/lib/banzai/reference_parser/issue_parser_spec.rb                   | 2 ++
 spec/lib/banzai/reference_parser/label_parser_spec.rb                   | 2 ++
 spec/lib/banzai/reference_parser/merge_request_parser_spec.rb           | 2 ++
 spec/lib/banzai/reference_parser/milestone_parser_spec.rb               | 2 ++
 spec/lib/banzai/reference_parser/snippet_parser_spec.rb                 | 2 ++
 spec/lib/banzai/reference_parser/user_parser_spec.rb                    | 2 ++
 spec/lib/banzai/reference_redactor_spec.rb                              | 2 ++
 spec/lib/banzai/renderer_spec.rb                                        | 2 ++
 spec/lib/bitbucket/collection_spec.rb                                   | 2 ++
 spec/lib/bitbucket/connection_spec.rb                                   | 2 ++
 spec/lib/bitbucket/page_spec.rb                                         | 2 ++
 spec/lib/bitbucket/paginator_spec.rb                                    | 2 ++
 spec/lib/bitbucket/representation/comment_spec.rb                       | 2 ++
 spec/lib/bitbucket/representation/issue_spec.rb                         | 2 ++
 spec/lib/bitbucket/representation/pull_request_comment_spec.rb          | 2 ++
 spec/lib/bitbucket/representation/pull_request_spec.rb                  | 2 ++
 spec/lib/bitbucket/representation/repo_spec.rb                          | 2 ++
 spec/lib/bitbucket/representation/user_spec.rb                          | 2 ++
 spec/lib/bitbucket_server/client_spec.rb                                | 2 ++
 spec/lib/bitbucket_server/connection_spec.rb                            | 2 ++
 spec/lib/bitbucket_server/page_spec.rb                                  | 2 ++
 spec/lib/bitbucket_server/paginator_spec.rb                             | 2 ++
 spec/lib/bitbucket_server/representation/activity_spec.rb               | 2 ++
 spec/lib/bitbucket_server/representation/comment_spec.rb                | 2 ++
 spec/lib/bitbucket_server/representation/pull_request_comment_spec.rb   | 2 ++
 spec/lib/bitbucket_server/representation/pull_request_spec.rb           | 2 ++
 spec/lib/bitbucket_server/representation/repo_spec.rb                   | 2 ++
 spec/lib/constraints/feature_constrainer_spec.rb                        | 2 ++
 spec/lib/constraints/group_url_constrainer_spec.rb                      | 2 ++
 spec/lib/constraints/project_url_constrainer_spec.rb                    | 2 ++
 spec/lib/constraints/user_url_constrainer_spec.rb                       | 2 ++
 spec/lib/container_registry/blob_spec.rb                                | 2 ++
 spec/lib/container_registry/client_spec.rb                              | 2 ++
 spec/lib/container_registry/path_spec.rb                                | 2 ++
 spec/lib/container_registry/registry_spec.rb                            | 2 ++
 spec/lib/container_registry/tag_spec.rb                                 | 2 ++
 spec/lib/event_filter_spec.rb                                           | 2 ++
 spec/lib/expand_variables_spec.rb                                       | 2 ++
 spec/lib/extracts_path_spec.rb                                          | 2 ++
 spec/lib/feature/gitaly_spec.rb                                         | 2 ++
 spec/lib/feature_spec.rb                                                | 2 ++
 spec/lib/file_size_validator_spec.rb                                    | 2 ++
 spec/lib/forever_spec.rb                                                | 2 ++
 spec/lib/gitaly/server_spec.rb                                          | 2 ++
 spec/lib/gitlab/action_rate_limiter_spec.rb                             | 2 ++
 spec/lib/gitlab/allowable_spec.rb                                       | 2 ++
 spec/lib/gitlab/app_logger_spec.rb                                      | 2 ++
 spec/lib/gitlab/asciidoc_spec.rb                                        | 2 ++
 spec/lib/gitlab/auth/activity_spec.rb                                   | 2 ++
 spec/lib/gitlab/auth/blocked_user_tracker_spec.rb                       | 2 ++
 spec/lib/gitlab/auth/ldap/access_spec.rb                                | 2 ++
 spec/lib/gitlab/auth/ldap/adapter_spec.rb                               | 2 ++
 spec/lib/gitlab/auth/ldap/authentication_spec.rb                        | 2 ++
 spec/lib/gitlab/auth/ldap/config_spec.rb                                | 2 ++
 spec/lib/gitlab/auth/ldap/dn_spec.rb                                    | 2 ++
 spec/lib/gitlab/auth/ldap/user_spec.rb                                  | 2 ++
 spec/lib/gitlab/auth/o_auth/auth_hash_spec.rb                           | 2 ++
 spec/lib/gitlab/auth/o_auth/identity_linker_spec.rb                     | 2 ++
 spec/lib/gitlab/auth/o_auth/provider_spec.rb                            | 2 ++
 spec/lib/gitlab/auth/o_auth/user_spec.rb                                | 2 ++
 spec/lib/gitlab/auth/request_authenticator_spec.rb                      | 2 ++
 spec/lib/gitlab/auth/saml/auth_hash_spec.rb                             | 2 ++
 spec/lib/gitlab/auth/saml/identity_linker_spec.rb                       | 2 ++
 spec/lib/gitlab/auth/saml/user_spec.rb                                  | 2 ++
 spec/lib/gitlab/auth/unique_ips_limiter_spec.rb                         | 2 ++
 spec/lib/gitlab/auth/user_access_denied_reason_spec.rb                  | 2 ++
 spec/lib/gitlab/auth/user_auth_finders_spec.rb                          | 2 ++
 spec/lib/gitlab/auth_spec.rb                                            | 2 ++
 .../background_migration/add_merge_request_diff_commits_count_spec.rb   | 2 ++
 spec/lib/gitlab/background_migration/archive_legacy_traces_spec.rb      | 2 ++
 spec/lib/gitlab/background_migration/encrypt_columns_spec.rb            | 2 ++
 spec/lib/gitlab/background_migration/encrypt_runners_tokens_spec.rb     | 2 ++
 .../gitlab/background_migration/fix_cross_project_label_links_spec.rb   | 2 ++
 spec/lib/gitlab/background_migration/migrate_build_stage_spec.rb        | 2 ++
 spec/lib/gitlab/background_migration/migrate_legacy_artifacts_spec.rb   | 2 ++
 spec/lib/gitlab/background_migration/migrate_stage_index_spec.rb        | 2 ++
 .../populate_untracked_uploads_dependencies/untracked_file_spec.rb      | 2 ++
 spec/lib/gitlab/background_migration/populate_untracked_uploads_spec.rb | 2 ++
 spec/lib/gitlab/background_migration/prepare_untracked_uploads_spec.rb  | 2 ++
 .../gitlab/background_migration/schedule_calculate_wiki_sizes_spec.rb   | 2 ++
 .../set_confidential_note_events_on_services_spec.rb                    | 2 ++
 .../set_confidential_note_events_on_webhooks_spec.rb                    | 2 ++
 spec/lib/gitlab/background_migration_spec.rb                            | 2 ++
 spec/lib/gitlab/badge/coverage/metadata_spec.rb                         | 2 ++
 spec/lib/gitlab/badge/coverage/report_spec.rb                           | 2 ++
 spec/lib/gitlab/badge/coverage/template_spec.rb                         | 2 ++
 spec/lib/gitlab/badge/pipeline/metadata_spec.rb                         | 2 ++
 spec/lib/gitlab/badge/pipeline/status_spec.rb                           | 2 ++
 spec/lib/gitlab/badge/pipeline/template_spec.rb                         | 2 ++
 spec/lib/gitlab/badge/shared/metadata.rb                                | 2 ++
 spec/lib/gitlab/bare_repository_import/importer_spec.rb                 | 2 ++
 spec/lib/gitlab/bare_repository_import/repository_spec.rb               | 2 ++
 spec/lib/gitlab/bitbucket_import/importer_spec.rb                       | 2 ++
 spec/lib/gitlab/bitbucket_import/project_creator_spec.rb                | 2 ++
 spec/lib/gitlab/bitbucket_import/wiki_formatter_spec.rb                 | 2 ++
 spec/lib/gitlab/bitbucket_server_import/importer_spec.rb                | 2 ++
 spec/lib/gitlab/blame_spec.rb                                           | 2 ++
 spec/lib/gitlab/build_access_spec.rb                                    | 2 ++
 spec/lib/gitlab/cache/ci/project_pipeline_status_spec.rb                | 2 ++
 spec/lib/gitlab/cache/request_cache_spec.rb                             | 2 ++
 spec/lib/gitlab/changes_list_spec.rb                                    | 2 ++
 spec/lib/gitlab/chat_name_token_spec.rb                                 | 2 ++
 spec/lib/gitlab/chat_spec.rb                                            | 2 ++
 spec/lib/gitlab/checks/change_access_spec.rb                            | 2 ++
 spec/lib/gitlab/checks/force_push_spec.rb                               | 2 ++
 spec/lib/gitlab/checks/lfs_integrity_spec.rb                            | 2 ++
 spec/lib/gitlab/checks/project_created_spec.rb                          | 2 ++
 spec/lib/gitlab/checks/project_moved_spec.rb                            | 2 ++
 spec/lib/gitlab/ci/ansi2html_spec.rb                                    | 2 ++
 spec/lib/gitlab/ci/build/artifacts/adapters/gzip_stream_spec.rb         | 2 ++
 spec/lib/gitlab/ci/build/artifacts/adapters/raw_stream_spec.rb          | 2 ++
 spec/lib/gitlab/ci/build/artifacts/metadata/entry_spec.rb               | 2 ++
 spec/lib/gitlab/ci/build/artifacts/metadata_spec.rb                     | 2 ++
 spec/lib/gitlab/ci/build/artifacts/path_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/build/credentials/factory_spec.rb                    | 2 ++
 spec/lib/gitlab/ci/build/credentials/registry_spec.rb                   | 2 ++
 spec/lib/gitlab/ci/build/image_spec.rb                                  | 2 ++
 spec/lib/gitlab/ci/build/policy/changes_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/build/policy/kubernetes_spec.rb                      | 2 ++
 spec/lib/gitlab/ci/build/policy/refs_spec.rb                            | 2 ++
 spec/lib/gitlab/ci/build/policy/variables_spec.rb                       | 2 ++
 spec/lib/gitlab/ci/build/policy_spec.rb                                 | 2 ++
 spec/lib/gitlab/ci/build/step_spec.rb                                   | 2 ++
 spec/lib/gitlab/ci/charts_spec.rb                                       | 2 ++
 spec/lib/gitlab/ci/config/entry/artifacts_spec.rb                       | 2 ++
 spec/lib/gitlab/ci/config/entry/cache_spec.rb                           | 2 ++
 spec/lib/gitlab/ci/config/entry/commands_spec.rb                        | 2 ++
 spec/lib/gitlab/ci/config/entry/coverage_spec.rb                        | 2 ++
 spec/lib/gitlab/ci/config/entry/default_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/config/entry/environment_spec.rb                     | 2 ++
 spec/lib/gitlab/ci/config/entry/hidden_spec.rb                          | 2 ++
 spec/lib/gitlab/ci/config/entry/image_spec.rb                           | 2 ++
 spec/lib/gitlab/ci/config/entry/job_spec.rb                             | 2 ++
 spec/lib/gitlab/ci/config/entry/jobs_spec.rb                            | 2 ++
 spec/lib/gitlab/ci/config/entry/key_spec.rb                             | 2 ++
 spec/lib/gitlab/ci/config/entry/paths_spec.rb                           | 2 ++
 spec/lib/gitlab/ci/config/entry/policy_spec.rb                          | 2 ++
 spec/lib/gitlab/ci/config/entry/reports_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/config/entry/retry_spec.rb                           | 2 ++
 spec/lib/gitlab/ci/config/entry/root_spec.rb                            | 2 ++
 spec/lib/gitlab/ci/config/entry/script_spec.rb                          | 2 ++
 spec/lib/gitlab/ci/config/entry/service_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/config/entry/services_spec.rb                        | 2 ++
 spec/lib/gitlab/ci/config/entry/stage_spec.rb                           | 2 ++
 spec/lib/gitlab/ci/config/entry/stages_spec.rb                          | 2 ++
 spec/lib/gitlab/ci/config/entry/variables_spec.rb                       | 2 ++
 spec/lib/gitlab/ci/config/extendable/entry_spec.rb                      | 2 ++
 spec/lib/gitlab/ci/config/extendable_spec.rb                            | 2 ++
 spec/lib/gitlab/ci/config_spec.rb                                       | 2 ++
 spec/lib/gitlab/ci/cron_parser_spec.rb                                  | 2 ++
 spec/lib/gitlab/ci/mask_secret_spec.rb                                  | 2 ++
 spec/lib/gitlab/ci/parsers/test/junit_spec.rb                           | 2 ++
 spec/lib/gitlab/ci/pipeline/chain/build_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/pipeline/chain/command_spec.rb                       | 2 ++
 spec/lib/gitlab/ci/pipeline/chain/create_spec.rb                        | 2 ++
 spec/lib/gitlab/ci/pipeline/chain/populate_spec.rb                      | 2 ++
 spec/lib/gitlab/ci/pipeline/chain/sequence_spec.rb                      | 2 ++
 spec/lib/gitlab/ci/pipeline/chain/skip_spec.rb                          | 2 ++
 spec/lib/gitlab/ci/pipeline/chain/validate/abilities_spec.rb            | 2 ++
 spec/lib/gitlab/ci/pipeline/chain/validate/config_spec.rb               | 2 ++
 spec/lib/gitlab/ci/pipeline/chain/validate/repository_spec.rb           | 2 ++
 spec/lib/gitlab/ci/pipeline/duration_spec.rb                            | 2 ++
 spec/lib/gitlab/ci/pipeline/expression/lexeme/and_spec.rb               | 2 ++
 spec/lib/gitlab/ci/pipeline/expression/lexeme/equals_spec.rb            | 2 ++
 spec/lib/gitlab/ci/pipeline/expression/lexeme/matches_spec.rb           | 2 ++
 spec/lib/gitlab/ci/pipeline/expression/lexeme/not_equals_spec.rb        | 2 ++
 spec/lib/gitlab/ci/pipeline/expression/lexeme/not_matches_spec.rb       | 2 ++
 spec/lib/gitlab/ci/pipeline/expression/lexeme/null_spec.rb              | 2 ++
 spec/lib/gitlab/ci/pipeline/expression/lexeme/or_spec.rb                | 2 ++
 spec/lib/gitlab/ci/pipeline/expression/lexeme/pattern_spec.rb           | 2 ++
 spec/lib/gitlab/ci/pipeline/expression/lexeme/string_spec.rb            | 2 ++
 spec/lib/gitlab/ci/pipeline/expression/lexeme/variable_spec.rb          | 2 ++
 spec/lib/gitlab/ci/pipeline/expression/lexer_spec.rb                    | 2 ++
 spec/lib/gitlab/ci/pipeline/expression/parser_spec.rb                   | 2 ++
 spec/lib/gitlab/ci/pipeline/expression/statement_spec.rb                | 2 ++
 spec/lib/gitlab/ci/pipeline/expression/token_spec.rb                    | 2 ++
 spec/lib/gitlab/ci/pipeline/seed/stage_spec.rb                          | 2 ++
 spec/lib/gitlab/ci/reports/test_case_spec.rb                            | 2 ++
 spec/lib/gitlab/ci/reports/test_reports_comparer_spec.rb                | 2 ++
 spec/lib/gitlab/ci/reports/test_reports_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/reports/test_suite_comparer_spec.rb                  | 2 ++
 spec/lib/gitlab/ci/reports/test_suite_spec.rb                           | 2 ++
 spec/lib/gitlab/ci/status/build/action_spec.rb                          | 2 ++
 spec/lib/gitlab/ci/status/build/cancelable_spec.rb                      | 2 ++
 spec/lib/gitlab/ci/status/build/canceled_spec.rb                        | 2 ++
 spec/lib/gitlab/ci/status/build/common_spec.rb                          | 2 ++
 spec/lib/gitlab/ci/status/build/created_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/status/build/erased_spec.rb                          | 2 ++
 spec/lib/gitlab/ci/status/build/factory_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/status/build/failed_allowed_spec.rb                  | 2 ++
 spec/lib/gitlab/ci/status/build/failed_spec.rb                          | 2 ++
 spec/lib/gitlab/ci/status/build/failed_unmet_prerequisites_spec.rb      | 2 ++
 spec/lib/gitlab/ci/status/build/manual_spec.rb                          | 2 ++
 spec/lib/gitlab/ci/status/build/pending_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/status/build/play_spec.rb                            | 2 ++
 spec/lib/gitlab/ci/status/build/retried_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/status/build/retryable_spec.rb                       | 2 ++
 spec/lib/gitlab/ci/status/build/scheduled_spec.rb                       | 2 ++
 spec/lib/gitlab/ci/status/build/skipped_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/status/build/stop_spec.rb                            | 2 ++
 spec/lib/gitlab/ci/status/build/unschedule_spec.rb                      | 2 ++
 spec/lib/gitlab/ci/status/canceled_spec.rb                              | 2 ++
 spec/lib/gitlab/ci/status/created_spec.rb                               | 2 ++
 spec/lib/gitlab/ci/status/extended_spec.rb                              | 2 ++
 spec/lib/gitlab/ci/status/external/common_spec.rb                       | 2 ++
 spec/lib/gitlab/ci/status/external/factory_spec.rb                      | 2 ++
 spec/lib/gitlab/ci/status/factory_spec.rb                               | 2 ++
 spec/lib/gitlab/ci/status/failed_spec.rb                                | 2 ++
 spec/lib/gitlab/ci/status/group/common_spec.rb                          | 2 ++
 spec/lib/gitlab/ci/status/group/factory_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/status/manual_spec.rb                                | 2 ++
 spec/lib/gitlab/ci/status/pending_spec.rb                               | 2 ++
 spec/lib/gitlab/ci/status/pipeline/blocked_spec.rb                      | 2 ++
 spec/lib/gitlab/ci/status/pipeline/common_spec.rb                       | 2 ++
 spec/lib/gitlab/ci/status/pipeline/delayed_spec.rb                      | 2 ++
 spec/lib/gitlab/ci/status/pipeline/factory_spec.rb                      | 2 ++
 spec/lib/gitlab/ci/status/running_spec.rb                               | 2 ++
 spec/lib/gitlab/ci/status/scheduled_spec.rb                             | 2 ++
 spec/lib/gitlab/ci/status/skipped_spec.rb                               | 2 ++
 spec/lib/gitlab/ci/status/stage/common_spec.rb                          | 2 ++
 spec/lib/gitlab/ci/status/stage/factory_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/status/success_spec.rb                               | 2 ++
 spec/lib/gitlab/ci/status/success_warning_spec.rb                       | 2 ++
 spec/lib/gitlab/ci/trace/chunked_io_spec.rb                             | 2 ++
 spec/lib/gitlab/ci/trace/section_parser_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/trace_spec.rb                                        | 2 ++
 spec/lib/gitlab/ci/variables/collection/item_spec.rb                    | 2 ++
 spec/lib/gitlab/ci/variables/collection_spec.rb                         | 2 ++
 spec/lib/gitlab/ci/yaml_processor_spec.rb                               | 2 ++
 spec/lib/gitlab/ci_access_spec.rb                                       | 2 ++
 spec/lib/gitlab/closing_issue_extractor_spec.rb                         | 2 ++
 spec/lib/gitlab/color_schemes_spec.rb                                   | 2 ++
 spec/lib/gitlab/config/entry/attributable_spec.rb                       | 2 ++
 spec/lib/gitlab/config/entry/boolean_spec.rb                            | 2 ++
 spec/lib/gitlab/config/entry/configurable_spec.rb                       | 2 ++
 spec/lib/gitlab/config/entry/factory_spec.rb                            | 2 ++
 spec/lib/gitlab/config/entry/simplifiable_spec.rb                       | 2 ++
 spec/lib/gitlab/config/entry/undefined_spec.rb                          | 2 ++
 spec/lib/gitlab/config/entry/unspecified_spec.rb                        | 2 ++
 spec/lib/gitlab/config/entry/validatable_spec.rb                        | 2 ++
 spec/lib/gitlab/config/entry/validator_spec.rb                          | 2 ++
 spec/lib/gitlab/config/loader/yaml_spec.rb                              | 2 ++
 spec/lib/gitlab/conflict/file_collection_spec.rb                        | 2 ++
 spec/lib/gitlab/conflict/file_spec.rb                                   | 2 ++
 spec/lib/gitlab/contributions_calendar_spec.rb                          | 2 ++
 spec/lib/gitlab/cross_project_access/check_collection_spec.rb           | 2 ++
 spec/lib/gitlab/cross_project_access/check_info_spec.rb                 | 2 ++
 spec/lib/gitlab/cross_project_access/class_methods_spec.rb              | 2 ++
 spec/lib/gitlab/cross_project_access_spec.rb                            | 2 ++
 spec/lib/gitlab/crypto_helper_spec.rb                                   | 2 ++
 spec/lib/gitlab/current_settings_spec.rb                                | 2 ++
 spec/lib/gitlab/cycle_analytics/base_event_fetcher_spec.rb              | 2 ++
 spec/lib/gitlab/cycle_analytics/code_event_fetcher_spec.rb              | 2 ++
 spec/lib/gitlab/cycle_analytics/code_stage_spec.rb                      | 2 ++
 spec/lib/gitlab/cycle_analytics/events_spec.rb                          | 2 ++
 spec/lib/gitlab/cycle_analytics/issue_event_fetcher_spec.rb             | 2 ++
 spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb                     | 2 ++
 spec/lib/gitlab/cycle_analytics/permissions_spec.rb                     | 2 ++
 spec/lib/gitlab/cycle_analytics/plan_event_fetcher_spec.rb              | 2 ++
 spec/lib/gitlab/cycle_analytics/plan_stage_spec.rb                      | 2 ++
 spec/lib/gitlab/cycle_analytics/production_event_fetcher_spec.rb        | 2 ++
 spec/lib/gitlab/cycle_analytics/production_stage_spec.rb                | 2 ++
 spec/lib/gitlab/cycle_analytics/review_event_fetcher_spec.rb            | 2 ++
 spec/lib/gitlab/cycle_analytics/review_stage_spec.rb                    | 2 ++
 spec/lib/gitlab/cycle_analytics/shared_event_spec.rb                    | 2 ++
 spec/lib/gitlab/cycle_analytics/shared_stage_spec.rb                    | 2 ++
 spec/lib/gitlab/cycle_analytics/stage_summary_spec.rb                   | 2 ++
 spec/lib/gitlab/cycle_analytics/staging_event_fetcher_spec.rb           | 2 ++
 spec/lib/gitlab/cycle_analytics/staging_stage_spec.rb                   | 2 ++
 spec/lib/gitlab/cycle_analytics/test_event_fetcher_spec.rb              | 2 ++
 spec/lib/gitlab/cycle_analytics/test_stage_spec.rb                      | 2 ++
 spec/lib/gitlab/cycle_analytics/updater_spec.rb                         | 2 ++
 spec/lib/gitlab/cycle_analytics/usage_data_spec.rb                      | 2 ++
 spec/lib/gitlab/daemon_spec.rb                                          | 2 ++
 spec/lib/gitlab/data_builder/build_spec.rb                              | 2 ++
 spec/lib/gitlab/data_builder/note_spec.rb                               | 2 ++
 spec/lib/gitlab/data_builder/pipeline_spec.rb                           | 2 ++
 spec/lib/gitlab/data_builder/push_spec.rb                               | 2 ++
 spec/lib/gitlab/data_builder/wiki_page_spec.rb                          | 2 ++
 spec/lib/gitlab/database/count/exact_count_strategy_spec.rb             | 2 ++
 spec/lib/gitlab/database/count/reltuples_count_strategy_spec.rb         | 2 ++
 spec/lib/gitlab/database/count/tablesample_count_strategy_spec.rb       | 2 ++
 spec/lib/gitlab/database/count_spec.rb                                  | 2 ++
 spec/lib/gitlab/database/grant_spec.rb                                  | 2 ++
 spec/lib/gitlab/database/migration_helpers_spec.rb                      | 2 ++
 spec/lib/gitlab/database/multi_threaded_migration_spec.rb               | 2 ++
 .../database/rename_reserved_paths_migration/v1/rename_base_spec.rb     | 2 ++
 .../rename_reserved_paths_migration/v1/rename_namespaces_spec.rb        | 2 ++
 .../database/rename_reserved_paths_migration/v1/rename_projects_spec.rb | 2 ++
 spec/lib/gitlab/database/rename_reserved_paths_migration/v1_spec.rb     | 2 ++
 spec/lib/gitlab/database/sha_attribute_spec.rb                          | 2 ++
 spec/lib/gitlab/database_spec.rb                                        | 2 ++
 spec/lib/gitlab/dependency_linker/cartfile_linker_spec.rb               | 2 ++
 spec/lib/gitlab/dependency_linker/composer_json_linker_spec.rb          | 2 ++
 spec/lib/gitlab/dependency_linker/gemfile_linker_spec.rb                | 2 ++
 spec/lib/gitlab/dependency_linker/gemspec_linker_spec.rb                | 2 ++
 spec/lib/gitlab/dependency_linker/godeps_json_linker_spec.rb            | 2 ++
 spec/lib/gitlab/dependency_linker/package_json_linker_spec.rb           | 2 ++
 spec/lib/gitlab/dependency_linker/podfile_linker_spec.rb                | 2 ++
 spec/lib/gitlab/dependency_linker/podspec_json_linker_spec.rb           | 2 ++
 spec/lib/gitlab/dependency_linker/podspec_linker_spec.rb                | 2 ++
 spec/lib/gitlab/dependency_linker/requirements_txt_linker_spec.rb       | 2 ++
 spec/lib/gitlab/dependency_linker_spec.rb                               | 2 ++
 spec/lib/gitlab/diff/diff_refs_spec.rb                                  | 2 ++
 spec/lib/gitlab/diff/file_collection/merge_request_diff_spec.rb         | 2 ++
 spec/lib/gitlab/diff/file_spec.rb                                       | 2 ++
 spec/lib/gitlab/diff/formatters/image_formatter_spec.rb                 | 2 ++
 spec/lib/gitlab/diff/formatters/text_formatter_spec.rb                  | 2 ++
 spec/lib/gitlab/diff/highlight_spec.rb                                  | 2 ++
 spec/lib/gitlab/diff/inline_diff_markdown_marker_spec.rb                | 2 ++
 spec/lib/gitlab/diff/inline_diff_marker_spec.rb                         | 2 ++
 spec/lib/gitlab/diff/inline_diff_spec.rb                                | 2 ++
 spec/lib/gitlab/diff/line_mapper_spec.rb                                | 2 ++
 spec/lib/gitlab/diff/line_spec.rb                                       | 2 ++
 spec/lib/gitlab/diff/parallel_diff_spec.rb                              | 2 ++
 spec/lib/gitlab/diff/parser_spec.rb                                     | 2 ++
 spec/lib/gitlab/diff/position_spec.rb                                   | 2 ++
 spec/lib/gitlab/diff/position_tracer_spec.rb                            | 2 ++
 spec/lib/gitlab/downtime_check/message_spec.rb                          | 2 ++
 spec/lib/gitlab/downtime_check_spec.rb                                  | 2 ++
 spec/lib/gitlab/email/attachment_uploader_spec.rb                       | 2 ++
 spec/lib/gitlab/email/hook/additional_headers_interceptor_spec.rb       | 2 ++
 spec/lib/gitlab/email/hook/delivery_metrics_observer_spec.rb            | 2 ++
 spec/lib/gitlab/email/hook/disable_email_interceptor_spec.rb            | 2 ++
 spec/lib/gitlab/email/message/repository_push_spec.rb                   | 2 ++
 spec/lib/gitlab/email/receiver_spec.rb                                  | 2 ++
 spec/lib/gitlab/email/reply_parser_spec.rb                              | 2 ++
 spec/lib/gitlab/encoding_helper_spec.rb                                 | 2 ++
 spec/lib/gitlab/etag_caching/middleware_spec.rb                         | 2 ++
 spec/lib/gitlab/etag_caching/router_spec.rb                             | 2 ++
 395 files changed, 790 insertions(+)

diff --git a/spec/lib/after_commit_queue_spec.rb b/spec/lib/after_commit_queue_spec.rb
index 6e7c2ec2363..8e9dfd90338 100644
--- a/spec/lib/after_commit_queue_spec.rb
+++ b/spec/lib/after_commit_queue_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe AfterCommitQueue do
diff --git a/spec/lib/api/api_spec.rb b/spec/lib/api/api_spec.rb
index ceef0b41e59..c83d068ca50 100644
--- a/spec/lib/api/api_spec.rb
+++ b/spec/lib/api/api_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::API do
diff --git a/spec/lib/api/helpers/custom_validators_spec.rb b/spec/lib/api/helpers/custom_validators_spec.rb
index aed86b21cb7..1ebce2ab5c4 100644
--- a/spec/lib/api/helpers/custom_validators_spec.rb
+++ b/spec/lib/api/helpers/custom_validators_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Helpers::CustomValidators do
diff --git a/spec/lib/api/helpers/pagination_spec.rb b/spec/lib/api/helpers/pagination_spec.rb
index b0a00392957..b57adb46385 100644
--- a/spec/lib/api/helpers/pagination_spec.rb
+++ b/spec/lib/api/helpers/pagination_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Helpers::Pagination do
diff --git a/spec/lib/api/helpers/related_resources_helpers_spec.rb b/spec/lib/api/helpers/related_resources_helpers_spec.rb
index 99fe8795d91..fb26cc417e8 100644
--- a/spec/lib/api/helpers/related_resources_helpers_spec.rb
+++ b/spec/lib/api/helpers/related_resources_helpers_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Helpers::RelatedResourcesHelpers do
diff --git a/spec/lib/api/helpers/version_spec.rb b/spec/lib/api/helpers/version_spec.rb
index 34006e0930b..a9f33962537 100644
--- a/spec/lib/api/helpers/version_spec.rb
+++ b/spec/lib/api/helpers/version_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Helpers::Version do
diff --git a/spec/lib/api/helpers_spec.rb b/spec/lib/api/helpers_spec.rb
index 00916f80784..0624c25e734 100644
--- a/spec/lib/api/helpers_spec.rb
+++ b/spec/lib/api/helpers_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Helpers do
diff --git a/spec/lib/backup/files_spec.rb b/spec/lib/backup/files_spec.rb
index 63f2298357f..e903eada62d 100644
--- a/spec/lib/backup/files_spec.rb
+++ b/spec/lib/backup/files_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Backup::Files do
diff --git a/spec/lib/backup/manager_spec.rb b/spec/lib/backup/manager_spec.rb
index ae1c881e1f6..fee7ffc60ee 100644
--- a/spec/lib/backup/manager_spec.rb
+++ b/spec/lib/backup/manager_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Backup::Manager do
diff --git a/spec/lib/backup/repository_spec.rb b/spec/lib/backup/repository_spec.rb
index 5ace5c5b1a2..e1d46c25338 100644
--- a/spec/lib/backup/repository_spec.rb
+++ b/spec/lib/backup/repository_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Backup::Repository do
diff --git a/spec/lib/backup/uploads_spec.rb b/spec/lib/backup/uploads_spec.rb
index 544d3754c0f..55b69f29812 100644
--- a/spec/lib/backup/uploads_spec.rb
+++ b/spec/lib/backup/uploads_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Backup::Uploads do
diff --git a/spec/lib/banzai/color_parser_spec.rb b/spec/lib/banzai/color_parser_spec.rb
index af2a8f215c1..d9202ce77db 100644
--- a/spec/lib/banzai/color_parser_spec.rb
+++ b/spec/lib/banzai/color_parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::ColorParser do
diff --git a/spec/lib/banzai/commit_renderer_spec.rb b/spec/lib/banzai/commit_renderer_spec.rb
index 316dbf052c3..e5a16b167be 100644
--- a/spec/lib/banzai/commit_renderer_spec.rb
+++ b/spec/lib/banzai/commit_renderer_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::CommitRenderer do
diff --git a/spec/lib/banzai/cross_project_reference_spec.rb b/spec/lib/banzai/cross_project_reference_spec.rb
index ba995e16be7..cf41af7e7a1 100644
--- a/spec/lib/banzai/cross_project_reference_spec.rb
+++ b/spec/lib/banzai/cross_project_reference_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::CrossProjectReference do
diff --git a/spec/lib/banzai/filter/absolute_link_filter_spec.rb b/spec/lib/banzai/filter/absolute_link_filter_spec.rb
index 50be551cd90..b61bd496dba 100644
--- a/spec/lib/banzai/filter/absolute_link_filter_spec.rb
+++ b/spec/lib/banzai/filter/absolute_link_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::AbsoluteLinkFilter do
diff --git a/spec/lib/banzai/filter/abstract_reference_filter_spec.rb b/spec/lib/banzai/filter/abstract_reference_filter_spec.rb
index 1e82d18d056..3e8b0ea113f 100644
--- a/spec/lib/banzai/filter/abstract_reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/abstract_reference_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::AbstractReferenceFilter do
diff --git a/spec/lib/banzai/filter/ascii_doc_post_processing_filter_spec.rb b/spec/lib/banzai/filter/ascii_doc_post_processing_filter_spec.rb
index 34f1657b6d3..bd06dae26ba 100644
--- a/spec/lib/banzai/filter/ascii_doc_post_processing_filter_spec.rb
+++ b/spec/lib/banzai/filter/ascii_doc_post_processing_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::AsciiDocPostProcessingFilter do
diff --git a/spec/lib/banzai/filter/autolink_filter_spec.rb b/spec/lib/banzai/filter/autolink_filter_spec.rb
index 4972c4b4bd2..8fba72a23f6 100644
--- a/spec/lib/banzai/filter/autolink_filter_spec.rb
+++ b/spec/lib/banzai/filter/autolink_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::AutolinkFilter do
diff --git a/spec/lib/banzai/filter/blockquote_fence_filter_spec.rb b/spec/lib/banzai/filter/blockquote_fence_filter_spec.rb
index 5b3f679084e..807f1b8bbd3 100644
--- a/spec/lib/banzai/filter/blockquote_fence_filter_spec.rb
+++ b/spec/lib/banzai/filter/blockquote_fence_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Banzai::Filter::BlockquoteFenceFilter do
diff --git a/spec/lib/banzai/filter/color_filter_spec.rb b/spec/lib/banzai/filter/color_filter_spec.rb
index a098b037510..f8931d37b99 100644
--- a/spec/lib/banzai/filter/color_filter_spec.rb
+++ b/spec/lib/banzai/filter/color_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::ColorFilter, lib: true do
diff --git a/spec/lib/banzai/filter/commit_range_reference_filter_spec.rb b/spec/lib/banzai/filter/commit_range_reference_filter_spec.rb
index 4daf6be1bb7..a82b890be42 100644
--- a/spec/lib/banzai/filter/commit_range_reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/commit_range_reference_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::CommitRangeReferenceFilter do
diff --git a/spec/lib/banzai/filter/commit_reference_filter_spec.rb b/spec/lib/banzai/filter/commit_reference_filter_spec.rb
index d6c9e9e4b19..1bc0335cfc0 100644
--- a/spec/lib/banzai/filter/commit_reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/commit_reference_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::CommitReferenceFilter do
diff --git a/spec/lib/banzai/filter/commit_trailers_filter_spec.rb b/spec/lib/banzai/filter/commit_trailers_filter_spec.rb
index 068cdc85a07..bcb74be1034 100644
--- a/spec/lib/banzai/filter/commit_trailers_filter_spec.rb
+++ b/spec/lib/banzai/filter/commit_trailers_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'ffaker'
 
diff --git a/spec/lib/banzai/filter/emoji_filter_spec.rb b/spec/lib/banzai/filter/emoji_filter_spec.rb
index 85a4619e33d..4e163668a28 100644
--- a/spec/lib/banzai/filter/emoji_filter_spec.rb
+++ b/spec/lib/banzai/filter/emoji_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::EmojiFilter do
diff --git a/spec/lib/banzai/filter/external_issue_reference_filter_spec.rb b/spec/lib/banzai/filter/external_issue_reference_filter_spec.rb
index 7c94cf37e32..78795a157f8 100644
--- a/spec/lib/banzai/filter/external_issue_reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/external_issue_reference_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::ExternalIssueReferenceFilter do
diff --git a/spec/lib/banzai/filter/external_link_filter_spec.rb b/spec/lib/banzai/filter/external_link_filter_spec.rb
index 2acbe05f082..59fea5766ee 100644
--- a/spec/lib/banzai/filter/external_link_filter_spec.rb
+++ b/spec/lib/banzai/filter/external_link_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 shared_examples 'an external link with rel attribute' do
diff --git a/spec/lib/banzai/filter/front_matter_filter_spec.rb b/spec/lib/banzai/filter/front_matter_filter_spec.rb
index 3071dc7cf21..90b383dbcff 100644
--- a/spec/lib/banzai/filter/front_matter_filter_spec.rb
+++ b/spec/lib/banzai/filter/front_matter_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Banzai::Filter::FrontMatterFilter do
diff --git a/spec/lib/banzai/filter/gollum_tags_filter_spec.rb b/spec/lib/banzai/filter/gollum_tags_filter_spec.rb
index 0e178b859c4..9d179ef2a49 100644
--- a/spec/lib/banzai/filter/gollum_tags_filter_spec.rb
+++ b/spec/lib/banzai/filter/gollum_tags_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::GollumTagsFilter do
diff --git a/spec/lib/banzai/filter/html_entity_filter_spec.rb b/spec/lib/banzai/filter/html_entity_filter_spec.rb
index 1d98fc0d5db..6017380725d 100644
--- a/spec/lib/banzai/filter/html_entity_filter_spec.rb
+++ b/spec/lib/banzai/filter/html_entity_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::HtmlEntityFilter do
diff --git a/spec/lib/banzai/filter/image_lazy_load_filter_spec.rb b/spec/lib/banzai/filter/image_lazy_load_filter_spec.rb
index d06c5535309..6475fd14ce4 100644
--- a/spec/lib/banzai/filter/image_lazy_load_filter_spec.rb
+++ b/spec/lib/banzai/filter/image_lazy_load_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::ImageLazyLoadFilter do
diff --git a/spec/lib/banzai/filter/image_link_filter_spec.rb b/spec/lib/banzai/filter/image_link_filter_spec.rb
index c84b98eb225..7b0cb675551 100644
--- a/spec/lib/banzai/filter/image_link_filter_spec.rb
+++ b/spec/lib/banzai/filter/image_link_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::ImageLinkFilter do
diff --git a/spec/lib/banzai/filter/inline_diff_filter_spec.rb b/spec/lib/banzai/filter/inline_diff_filter_spec.rb
index 63c4ab61b86..c09065fb746 100644
--- a/spec/lib/banzai/filter/inline_diff_filter_spec.rb
+++ b/spec/lib/banzai/filter/inline_diff_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::InlineDiffFilter do
diff --git a/spec/lib/banzai/filter/issuable_state_filter_spec.rb b/spec/lib/banzai/filter/issuable_state_filter_spec.rb
index a5373517ac8..9f6dcded56f 100644
--- a/spec/lib/banzai/filter/issuable_state_filter_spec.rb
+++ b/spec/lib/banzai/filter/issuable_state_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::IssuableStateFilter do
diff --git a/spec/lib/banzai/filter/issue_reference_filter_spec.rb b/spec/lib/banzai/filter/issue_reference_filter_spec.rb
index 914c4e2d823..4a412da27a7 100644
--- a/spec/lib/banzai/filter/issue_reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/issue_reference_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::IssueReferenceFilter do
diff --git a/spec/lib/banzai/filter/label_reference_filter_spec.rb b/spec/lib/banzai/filter/label_reference_filter_spec.rb
index 108d7b43a26..213a5459118 100644
--- a/spec/lib/banzai/filter/label_reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/label_reference_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'html/pipeline'
 
diff --git a/spec/lib/banzai/filter/markdown_filter_spec.rb b/spec/lib/banzai/filter/markdown_filter_spec.rb
index 83fcda29680..06df67facf9 100644
--- a/spec/lib/banzai/filter/markdown_filter_spec.rb
+++ b/spec/lib/banzai/filter/markdown_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::MarkdownFilter do
diff --git a/spec/lib/banzai/filter/math_filter_spec.rb b/spec/lib/banzai/filter/math_filter_spec.rb
index cade8cb409e..c8fd92edcdf 100644
--- a/spec/lib/banzai/filter/math_filter_spec.rb
+++ b/spec/lib/banzai/filter/math_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::MathFilter do
diff --git a/spec/lib/banzai/filter/merge_request_reference_filter_spec.rb b/spec/lib/banzai/filter/merge_request_reference_filter_spec.rb
index 72dfd6ff9ea..12ee952b10e 100644
--- a/spec/lib/banzai/filter/merge_request_reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/merge_request_reference_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::MergeRequestReferenceFilter do
diff --git a/spec/lib/banzai/filter/mermaid_filter_spec.rb b/spec/lib/banzai/filter/mermaid_filter_spec.rb
index f6474c8936d..ae6725cc14c 100644
--- a/spec/lib/banzai/filter/mermaid_filter_spec.rb
+++ b/spec/lib/banzai/filter/mermaid_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::MermaidFilter do
diff --git a/spec/lib/banzai/filter/milestone_reference_filter_spec.rb b/spec/lib/banzai/filter/milestone_reference_filter_spec.rb
index f0a5dc8d0d7..89c0c12fbfe 100644
--- a/spec/lib/banzai/filter/milestone_reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/milestone_reference_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::MilestoneReferenceFilter do
diff --git a/spec/lib/banzai/filter/plantuml_filter_spec.rb b/spec/lib/banzai/filter/plantuml_filter_spec.rb
index 6f7acfe7072..713bab4527b 100644
--- a/spec/lib/banzai/filter/plantuml_filter_spec.rb
+++ b/spec/lib/banzai/filter/plantuml_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::PlantumlFilter do
diff --git a/spec/lib/banzai/filter/reference_filter_spec.rb b/spec/lib/banzai/filter/reference_filter_spec.rb
index f96b6c83b0a..d889b0b832d 100644
--- a/spec/lib/banzai/filter/reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/reference_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::ReferenceFilter do
diff --git a/spec/lib/banzai/filter/reference_redactor_filter_spec.rb b/spec/lib/banzai/filter/reference_redactor_filter_spec.rb
index e87440895e0..dc888a47988 100644
--- a/spec/lib/banzai/filter/reference_redactor_filter_spec.rb
+++ b/spec/lib/banzai/filter/reference_redactor_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::ReferenceRedactorFilter do
diff --git a/spec/lib/banzai/filter/relative_link_filter_spec.rb b/spec/lib/banzai/filter/relative_link_filter_spec.rb
index a714fa50f5f..ecb83b6cb66 100644
--- a/spec/lib/banzai/filter/relative_link_filter_spec.rb
+++ b/spec/lib/banzai/filter/relative_link_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::RelativeLinkFilter do
diff --git a/spec/lib/banzai/filter/sanitization_filter_spec.rb b/spec/lib/banzai/filter/sanitization_filter_spec.rb
index f2a5d7b2c9f..8a4b819e4d6 100644
--- a/spec/lib/banzai/filter/sanitization_filter_spec.rb
+++ b/spec/lib/banzai/filter/sanitization_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::SanitizationFilter do
diff --git a/spec/lib/banzai/filter/snippet_reference_filter_spec.rb b/spec/lib/banzai/filter/snippet_reference_filter_spec.rb
index 21cf092428d..62ce12406a2 100644
--- a/spec/lib/banzai/filter/snippet_reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/snippet_reference_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::SnippetReferenceFilter do
diff --git a/spec/lib/banzai/filter/spaced_link_filter_spec.rb b/spec/lib/banzai/filter/spaced_link_filter_spec.rb
index 76d7644d76c..98c38813144 100644
--- a/spec/lib/banzai/filter/spaced_link_filter_spec.rb
+++ b/spec/lib/banzai/filter/spaced_link_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::SpacedLinkFilter do
diff --git a/spec/lib/banzai/filter/syntax_highlight_filter_spec.rb b/spec/lib/banzai/filter/syntax_highlight_filter_spec.rb
index 80ca7a63435..f220ccecee1 100644
--- a/spec/lib/banzai/filter/syntax_highlight_filter_spec.rb
+++ b/spec/lib/banzai/filter/syntax_highlight_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::SyntaxHighlightFilter do
diff --git a/spec/lib/banzai/filter/table_of_contents_filter_spec.rb b/spec/lib/banzai/filter/table_of_contents_filter_spec.rb
index 4a9880ac85a..cd3bdf49496 100644
--- a/spec/lib/banzai/filter/table_of_contents_filter_spec.rb
+++ b/spec/lib/banzai/filter/table_of_contents_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::TableOfContentsFilter do
diff --git a/spec/lib/banzai/filter/user_reference_filter_spec.rb b/spec/lib/banzai/filter/user_reference_filter_spec.rb
index 1e8a44b4549..6bc87d245f5 100644
--- a/spec/lib/banzai/filter/user_reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/user_reference_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::UserReferenceFilter do
diff --git a/spec/lib/banzai/filter/video_link_filter_spec.rb b/spec/lib/banzai/filter/video_link_filter_spec.rb
index 81dda0687f3..483e806624c 100644
--- a/spec/lib/banzai/filter/video_link_filter_spec.rb
+++ b/spec/lib/banzai/filter/video_link_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::VideoLinkFilter do
diff --git a/spec/lib/banzai/filter/wiki_link_filter_spec.rb b/spec/lib/banzai/filter/wiki_link_filter_spec.rb
index cce1cd0b284..9694c44c17a 100644
--- a/spec/lib/banzai/filter/wiki_link_filter_spec.rb
+++ b/spec/lib/banzai/filter/wiki_link_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Filter::WikiLinkFilter do
diff --git a/spec/lib/banzai/filter_array_spec.rb b/spec/lib/banzai/filter_array_spec.rb
index ea84005e7f8..bed41a80d29 100644
--- a/spec/lib/banzai/filter_array_spec.rb
+++ b/spec/lib/banzai/filter_array_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::FilterArray do
diff --git a/spec/lib/banzai/issuable_extractor_spec.rb b/spec/lib/banzai/issuable_extractor_spec.rb
index f42951d9781..7fa6048c1c6 100644
--- a/spec/lib/banzai/issuable_extractor_spec.rb
+++ b/spec/lib/banzai/issuable_extractor_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::IssuableExtractor do
diff --git a/spec/lib/banzai/object_renderer_spec.rb b/spec/lib/banzai/object_renderer_spec.rb
index e3e6e22568c..a523608fa50 100644
--- a/spec/lib/banzai/object_renderer_spec.rb
+++ b/spec/lib/banzai/object_renderer_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::ObjectRenderer do
diff --git a/spec/lib/banzai/pipeline/description_pipeline_spec.rb b/spec/lib/banzai/pipeline/description_pipeline_spec.rb
index 77cb1954ea3..d032ec71e45 100644
--- a/spec/lib/banzai/pipeline/description_pipeline_spec.rb
+++ b/spec/lib/banzai/pipeline/description_pipeline_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Banzai::Pipeline::DescriptionPipeline do
diff --git a/spec/lib/banzai/pipeline/email_pipeline_spec.rb b/spec/lib/banzai/pipeline/email_pipeline_spec.rb
index b99161109eb..eea25320f3d 100644
--- a/spec/lib/banzai/pipeline/email_pipeline_spec.rb
+++ b/spec/lib/banzai/pipeline/email_pipeline_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Banzai::Pipeline::EmailPipeline do
diff --git a/spec/lib/banzai/pipeline/full_pipeline_spec.rb b/spec/lib/banzai/pipeline/full_pipeline_spec.rb
index 3d3aa64d630..2b4d1b58676 100644
--- a/spec/lib/banzai/pipeline/full_pipeline_spec.rb
+++ b/spec/lib/banzai/pipeline/full_pipeline_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Banzai::Pipeline::FullPipeline do
diff --git a/spec/lib/banzai/pipeline/gfm_pipeline_spec.rb b/spec/lib/banzai/pipeline/gfm_pipeline_spec.rb
index 469692f7b5a..0a3e0962452 100644
--- a/spec/lib/banzai/pipeline/gfm_pipeline_spec.rb
+++ b/spec/lib/banzai/pipeline/gfm_pipeline_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Banzai::Pipeline::GfmPipeline do
diff --git a/spec/lib/banzai/pipeline/wiki_pipeline_spec.rb b/spec/lib/banzai/pipeline/wiki_pipeline_spec.rb
index 64ca3ec345d..cb94944fdfb 100644
--- a/spec/lib/banzai/pipeline/wiki_pipeline_spec.rb
+++ b/spec/lib/banzai/pipeline/wiki_pipeline_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Banzai::Pipeline::WikiPipeline do
diff --git a/spec/lib/banzai/querying_spec.rb b/spec/lib/banzai/querying_spec.rb
index 27da2a7439c..b7a235b0558 100644
--- a/spec/lib/banzai/querying_spec.rb
+++ b/spec/lib/banzai/querying_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Querying do
diff --git a/spec/lib/banzai/reference_parser/base_parser_spec.rb b/spec/lib/banzai/reference_parser/base_parser_spec.rb
index c6e9fc414a1..7897164d985 100644
--- a/spec/lib/banzai/reference_parser/base_parser_spec.rb
+++ b/spec/lib/banzai/reference_parser/base_parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::ReferenceParser::BaseParser do
diff --git a/spec/lib/banzai/reference_parser/commit_parser_spec.rb b/spec/lib/banzai/reference_parser/commit_parser_spec.rb
index f558dea209f..b44ae67e430 100644
--- a/spec/lib/banzai/reference_parser/commit_parser_spec.rb
+++ b/spec/lib/banzai/reference_parser/commit_parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::ReferenceParser::CommitParser do
diff --git a/spec/lib/banzai/reference_parser/commit_range_parser_spec.rb b/spec/lib/banzai/reference_parser/commit_range_parser_spec.rb
index ff3b82cc482..da853233018 100644
--- a/spec/lib/banzai/reference_parser/commit_range_parser_spec.rb
+++ b/spec/lib/banzai/reference_parser/commit_range_parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::ReferenceParser::CommitRangeParser do
diff --git a/spec/lib/banzai/reference_parser/external_issue_parser_spec.rb b/spec/lib/banzai/reference_parser/external_issue_parser_spec.rb
index 1cb31e57114..0f29a95bdcc 100644
--- a/spec/lib/banzai/reference_parser/external_issue_parser_spec.rb
+++ b/spec/lib/banzai/reference_parser/external_issue_parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::ReferenceParser::ExternalIssueParser do
diff --git a/spec/lib/banzai/reference_parser/issue_parser_spec.rb b/spec/lib/banzai/reference_parser/issue_parser_spec.rb
index 77c2064caba..a925d294b1b 100644
--- a/spec/lib/banzai/reference_parser/issue_parser_spec.rb
+++ b/spec/lib/banzai/reference_parser/issue_parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::ReferenceParser::IssueParser do
diff --git a/spec/lib/banzai/reference_parser/label_parser_spec.rb b/spec/lib/banzai/reference_parser/label_parser_spec.rb
index e4df2533821..cf8adb57ffc 100644
--- a/spec/lib/banzai/reference_parser/label_parser_spec.rb
+++ b/spec/lib/banzai/reference_parser/label_parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::ReferenceParser::LabelParser do
diff --git a/spec/lib/banzai/reference_parser/merge_request_parser_spec.rb b/spec/lib/banzai/reference_parser/merge_request_parser_spec.rb
index 5417b1f00be..1561dabcdbf 100644
--- a/spec/lib/banzai/reference_parser/merge_request_parser_spec.rb
+++ b/spec/lib/banzai/reference_parser/merge_request_parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::ReferenceParser::MergeRequestParser do
diff --git a/spec/lib/banzai/reference_parser/milestone_parser_spec.rb b/spec/lib/banzai/reference_parser/milestone_parser_spec.rb
index 751d042ffde..006f8e37690 100644
--- a/spec/lib/banzai/reference_parser/milestone_parser_spec.rb
+++ b/spec/lib/banzai/reference_parser/milestone_parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::ReferenceParser::MilestoneParser do
diff --git a/spec/lib/banzai/reference_parser/snippet_parser_spec.rb b/spec/lib/banzai/reference_parser/snippet_parser_spec.rb
index d410bd4c164..528f79ed020 100644
--- a/spec/lib/banzai/reference_parser/snippet_parser_spec.rb
+++ b/spec/lib/banzai/reference_parser/snippet_parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::ReferenceParser::SnippetParser do
diff --git a/spec/lib/banzai/reference_parser/user_parser_spec.rb b/spec/lib/banzai/reference_parser/user_parser_spec.rb
index 112447f098e..a5b4e59a3a1 100644
--- a/spec/lib/banzai/reference_parser/user_parser_spec.rb
+++ b/spec/lib/banzai/reference_parser/user_parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::ReferenceParser::UserParser do
diff --git a/spec/lib/banzai/reference_redactor_spec.rb b/spec/lib/banzai/reference_redactor_spec.rb
index a3b47c4d826..c30a194a0b3 100644
--- a/spec/lib/banzai/reference_redactor_spec.rb
+++ b/spec/lib/banzai/reference_redactor_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::ReferenceRedactor do
diff --git a/spec/lib/banzai/renderer_spec.rb b/spec/lib/banzai/renderer_spec.rb
index a099f7482c1..0d329b47aa3 100644
--- a/spec/lib/banzai/renderer_spec.rb
+++ b/spec/lib/banzai/renderer_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Banzai::Renderer do
diff --git a/spec/lib/bitbucket/collection_spec.rb b/spec/lib/bitbucket/collection_spec.rb
index 9008cb3e870..5946be71565 100644
--- a/spec/lib/bitbucket/collection_spec.rb
+++ b/spec/lib/bitbucket/collection_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 # Emulates paginator. It returns 2 pages with results
diff --git a/spec/lib/bitbucket/connection_spec.rb b/spec/lib/bitbucket/connection_spec.rb
index 14faeb231a9..ec8eac232cd 100644
--- a/spec/lib/bitbucket/connection_spec.rb
+++ b/spec/lib/bitbucket/connection_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Bitbucket::Connection do
diff --git a/spec/lib/bitbucket/page_spec.rb b/spec/lib/bitbucket/page_spec.rb
index 04d5a0470b1..6301dd56faf 100644
--- a/spec/lib/bitbucket/page_spec.rb
+++ b/spec/lib/bitbucket/page_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Bitbucket::Page do
diff --git a/spec/lib/bitbucket/paginator_spec.rb b/spec/lib/bitbucket/paginator_spec.rb
index bdf10a5e2a2..a1effa14000 100644
--- a/spec/lib/bitbucket/paginator_spec.rb
+++ b/spec/lib/bitbucket/paginator_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Bitbucket::Paginator do
diff --git a/spec/lib/bitbucket/representation/comment_spec.rb b/spec/lib/bitbucket/representation/comment_spec.rb
index fec243a9f96..2dcc933ee61 100644
--- a/spec/lib/bitbucket/representation/comment_spec.rb
+++ b/spec/lib/bitbucket/representation/comment_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Bitbucket::Representation::Comment do
diff --git a/spec/lib/bitbucket/representation/issue_spec.rb b/spec/lib/bitbucket/representation/issue_spec.rb
index 20f47224aa8..c7d1ebdd597 100644
--- a/spec/lib/bitbucket/representation/issue_spec.rb
+++ b/spec/lib/bitbucket/representation/issue_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Bitbucket::Representation::Issue do
diff --git a/spec/lib/bitbucket/representation/pull_request_comment_spec.rb b/spec/lib/bitbucket/representation/pull_request_comment_spec.rb
index 673dcf22ce8..151055f510f 100644
--- a/spec/lib/bitbucket/representation/pull_request_comment_spec.rb
+++ b/spec/lib/bitbucket/representation/pull_request_comment_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Bitbucket::Representation::PullRequestComment do
diff --git a/spec/lib/bitbucket/representation/pull_request_spec.rb b/spec/lib/bitbucket/representation/pull_request_spec.rb
index 30453528be4..7cf43b2b6fd 100644
--- a/spec/lib/bitbucket/representation/pull_request_spec.rb
+++ b/spec/lib/bitbucket/representation/pull_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Bitbucket::Representation::PullRequest do
diff --git a/spec/lib/bitbucket/representation/repo_spec.rb b/spec/lib/bitbucket/representation/repo_spec.rb
index 405265cc669..a272695e681 100644
--- a/spec/lib/bitbucket/representation/repo_spec.rb
+++ b/spec/lib/bitbucket/representation/repo_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Bitbucket::Representation::Repo do
diff --git a/spec/lib/bitbucket/representation/user_spec.rb b/spec/lib/bitbucket/representation/user_spec.rb
index f79ff4edb7b..0169887a24c 100644
--- a/spec/lib/bitbucket/representation/user_spec.rb
+++ b/spec/lib/bitbucket/representation/user_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Bitbucket::Representation::User do
diff --git a/spec/lib/bitbucket_server/client_spec.rb b/spec/lib/bitbucket_server/client_spec.rb
index 4f0d57ca8a6..988710b7c4d 100644
--- a/spec/lib/bitbucket_server/client_spec.rb
+++ b/spec/lib/bitbucket_server/client_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe BitbucketServer::Client do
diff --git a/spec/lib/bitbucket_server/connection_spec.rb b/spec/lib/bitbucket_server/connection_spec.rb
index ab8a5b89608..3a7fe4e7321 100644
--- a/spec/lib/bitbucket_server/connection_spec.rb
+++ b/spec/lib/bitbucket_server/connection_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe BitbucketServer::Connection do
diff --git a/spec/lib/bitbucket_server/page_spec.rb b/spec/lib/bitbucket_server/page_spec.rb
index cf419a9045b..2da1d0995ca 100644
--- a/spec/lib/bitbucket_server/page_spec.rb
+++ b/spec/lib/bitbucket_server/page_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe BitbucketServer::Page do
diff --git a/spec/lib/bitbucket_server/paginator_spec.rb b/spec/lib/bitbucket_server/paginator_spec.rb
index eadd7f68bfb..e01cbeb4270 100644
--- a/spec/lib/bitbucket_server/paginator_spec.rb
+++ b/spec/lib/bitbucket_server/paginator_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe BitbucketServer::Paginator do
diff --git a/spec/lib/bitbucket_server/representation/activity_spec.rb b/spec/lib/bitbucket_server/representation/activity_spec.rb
index 15c50e40472..b548dedadfb 100644
--- a/spec/lib/bitbucket_server/representation/activity_spec.rb
+++ b/spec/lib/bitbucket_server/representation/activity_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe BitbucketServer::Representation::Activity do
diff --git a/spec/lib/bitbucket_server/representation/comment_spec.rb b/spec/lib/bitbucket_server/representation/comment_spec.rb
index 53a20a1d80a..f8c73c3da35 100644
--- a/spec/lib/bitbucket_server/representation/comment_spec.rb
+++ b/spec/lib/bitbucket_server/representation/comment_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe BitbucketServer::Representation::Comment do
diff --git a/spec/lib/bitbucket_server/representation/pull_request_comment_spec.rb b/spec/lib/bitbucket_server/representation/pull_request_comment_spec.rb
index bd7e3597486..db43e990812 100644
--- a/spec/lib/bitbucket_server/representation/pull_request_comment_spec.rb
+++ b/spec/lib/bitbucket_server/representation/pull_request_comment_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe BitbucketServer::Representation::PullRequestComment do
diff --git a/spec/lib/bitbucket_server/representation/pull_request_spec.rb b/spec/lib/bitbucket_server/representation/pull_request_spec.rb
index 4b8afdb006b..e091890041e 100644
--- a/spec/lib/bitbucket_server/representation/pull_request_spec.rb
+++ b/spec/lib/bitbucket_server/representation/pull_request_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe BitbucketServer::Representation::PullRequest do
diff --git a/spec/lib/bitbucket_server/representation/repo_spec.rb b/spec/lib/bitbucket_server/representation/repo_spec.rb
index 3ac1030fbb0..801de247d73 100644
--- a/spec/lib/bitbucket_server/representation/repo_spec.rb
+++ b/spec/lib/bitbucket_server/representation/repo_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe BitbucketServer::Representation::Repo do
diff --git a/spec/lib/constraints/feature_constrainer_spec.rb b/spec/lib/constraints/feature_constrainer_spec.rb
index 42efc164f81..0739da801a7 100644
--- a/spec/lib/constraints/feature_constrainer_spec.rb
+++ b/spec/lib/constraints/feature_constrainer_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Constraints::FeatureConstrainer do
diff --git a/spec/lib/constraints/group_url_constrainer_spec.rb b/spec/lib/constraints/group_url_constrainer_spec.rb
index ff295068ba9..573de331898 100644
--- a/spec/lib/constraints/group_url_constrainer_spec.rb
+++ b/spec/lib/constraints/group_url_constrainer_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Constraints::GroupUrlConstrainer do
diff --git a/spec/lib/constraints/project_url_constrainer_spec.rb b/spec/lib/constraints/project_url_constrainer_spec.rb
index 3496b01ebcc..ac3221ecab7 100644
--- a/spec/lib/constraints/project_url_constrainer_spec.rb
+++ b/spec/lib/constraints/project_url_constrainer_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Constraints::ProjectUrlConstrainer do
diff --git a/spec/lib/constraints/user_url_constrainer_spec.rb b/spec/lib/constraints/user_url_constrainer_spec.rb
index e2c85bb27bb..15ef930420c 100644
--- a/spec/lib/constraints/user_url_constrainer_spec.rb
+++ b/spec/lib/constraints/user_url_constrainer_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Constraints::UserUrlConstrainer do
diff --git a/spec/lib/container_registry/blob_spec.rb b/spec/lib/container_registry/blob_spec.rb
index d3fff5bad42..ba7f76cfa3b 100644
--- a/spec/lib/container_registry/blob_spec.rb
+++ b/spec/lib/container_registry/blob_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe ContainerRegistry::Blob do
diff --git a/spec/lib/container_registry/client_spec.rb b/spec/lib/container_registry/client_spec.rb
index ce06377bbbf..bc5fddd12ba 100644
--- a/spec/lib/container_registry/client_spec.rb
+++ b/spec/lib/container_registry/client_spec.rb
@@ -1,4 +1,6 @@
 # coding: utf-8
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe ContainerRegistry::Client do
diff --git a/spec/lib/container_registry/path_spec.rb b/spec/lib/container_registry/path_spec.rb
index 010deae822c..8c671b4d56d 100644
--- a/spec/lib/container_registry/path_spec.rb
+++ b/spec/lib/container_registry/path_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe ContainerRegistry::Path do
diff --git a/spec/lib/container_registry/registry_spec.rb b/spec/lib/container_registry/registry_spec.rb
index 4d6eea94bf0..7cf70a1f562 100644
--- a/spec/lib/container_registry/registry_spec.rb
+++ b/spec/lib/container_registry/registry_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe ContainerRegistry::Registry do
diff --git a/spec/lib/container_registry/tag_spec.rb b/spec/lib/container_registry/tag_spec.rb
index 65090f32f66..110f006536b 100644
--- a/spec/lib/container_registry/tag_spec.rb
+++ b/spec/lib/container_registry/tag_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe ContainerRegistry::Tag do
diff --git a/spec/lib/event_filter_spec.rb b/spec/lib/event_filter_spec.rb
index 6648e141b7a..d6eca8d85ff 100644
--- a/spec/lib/event_filter_spec.rb
+++ b/spec/lib/event_filter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe EventFilter do
diff --git a/spec/lib/expand_variables_spec.rb b/spec/lib/expand_variables_spec.rb
index 7faa0f31b68..099d7b6b67c 100644
--- a/spec/lib/expand_variables_spec.rb
+++ b/spec/lib/expand_variables_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe ExpandVariables do
diff --git a/spec/lib/extracts_path_spec.rb b/spec/lib/extracts_path_spec.rb
index 21ba72953fb..ffe7584a019 100644
--- a/spec/lib/extracts_path_spec.rb
+++ b/spec/lib/extracts_path_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe ExtractsPath do
diff --git a/spec/lib/feature/gitaly_spec.rb b/spec/lib/feature/gitaly_spec.rb
index 0e24a927d4c..4e07acf9c1a 100644
--- a/spec/lib/feature/gitaly_spec.rb
+++ b/spec/lib/feature/gitaly_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Feature::Gitaly do
diff --git a/spec/lib/feature_spec.rb b/spec/lib/feature_spec.rb
index 127463a57e8..185abacf8e7 100644
--- a/spec/lib/feature_spec.rb
+++ b/spec/lib/feature_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Feature do
diff --git a/spec/lib/file_size_validator_spec.rb b/spec/lib/file_size_validator_spec.rb
index ebd907ecb7f..87376a98c60 100644
--- a/spec/lib/file_size_validator_spec.rb
+++ b/spec/lib/file_size_validator_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe FileSizeValidator do
diff --git a/spec/lib/forever_spec.rb b/spec/lib/forever_spec.rb
index 800fa5a6ad6..9f17308241b 100644
--- a/spec/lib/forever_spec.rb
+++ b/spec/lib/forever_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Forever do
diff --git a/spec/lib/gitaly/server_spec.rb b/spec/lib/gitaly/server_spec.rb
index 34bd43cb3ab..12dfad6698d 100644
--- a/spec/lib/gitaly/server_spec.rb
+++ b/spec/lib/gitaly/server_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitaly::Server do
diff --git a/spec/lib/gitlab/action_rate_limiter_spec.rb b/spec/lib/gitlab/action_rate_limiter_spec.rb
index cf266a25819..8dbad32dfb4 100644
--- a/spec/lib/gitlab/action_rate_limiter_spec.rb
+++ b/spec/lib/gitlab/action_rate_limiter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::ActionRateLimiter, :clean_gitlab_redis_cache do
diff --git a/spec/lib/gitlab/allowable_spec.rb b/spec/lib/gitlab/allowable_spec.rb
index 9d80d480b52..4905cc4c3db 100644
--- a/spec/lib/gitlab/allowable_spec.rb
+++ b/spec/lib/gitlab/allowable_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Allowable do
diff --git a/spec/lib/gitlab/app_logger_spec.rb b/spec/lib/gitlab/app_logger_spec.rb
index c86d30ce6df..3b21104b15d 100644
--- a/spec/lib/gitlab/app_logger_spec.rb
+++ b/spec/lib/gitlab/app_logger_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::AppLogger, :request_store do
diff --git a/spec/lib/gitlab/asciidoc_spec.rb b/spec/lib/gitlab/asciidoc_spec.rb
index cbd4a509a55..7c65525b8dc 100644
--- a/spec/lib/gitlab/asciidoc_spec.rb
+++ b/spec/lib/gitlab/asciidoc_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'nokogiri'
 
diff --git a/spec/lib/gitlab/auth/activity_spec.rb b/spec/lib/gitlab/auth/activity_spec.rb
index 07854cb1eba..e03fafe3826 100644
--- a/spec/lib/gitlab/auth/activity_spec.rb
+++ b/spec/lib/gitlab/auth/activity_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fast_spec_helper'
 
 describe Gitlab::Auth::Activity do
diff --git a/spec/lib/gitlab/auth/blocked_user_tracker_spec.rb b/spec/lib/gitlab/auth/blocked_user_tracker_spec.rb
index f39863fdda1..52849f8c172 100644
--- a/spec/lib/gitlab/auth/blocked_user_tracker_spec.rb
+++ b/spec/lib/gitlab/auth/blocked_user_tracker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::BlockedUserTracker do
diff --git a/spec/lib/gitlab/auth/ldap/access_spec.rb b/spec/lib/gitlab/auth/ldap/access_spec.rb
index 662f899180b..ecdd5b29986 100644
--- a/spec/lib/gitlab/auth/ldap/access_spec.rb
+++ b/spec/lib/gitlab/auth/ldap/access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::LDAP::Access do
diff --git a/spec/lib/gitlab/auth/ldap/adapter_spec.rb b/spec/lib/gitlab/auth/ldap/adapter_spec.rb
index 3eeaf3862f6..54486913b72 100644
--- a/spec/lib/gitlab/auth/ldap/adapter_spec.rb
+++ b/spec/lib/gitlab/auth/ldap/adapter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::LDAP::Adapter do
diff --git a/spec/lib/gitlab/auth/ldap/authentication_spec.rb b/spec/lib/gitlab/auth/ldap/authentication_spec.rb
index 111572d043b..e68e83e4617 100644
--- a/spec/lib/gitlab/auth/ldap/authentication_spec.rb
+++ b/spec/lib/gitlab/auth/ldap/authentication_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::LDAP::Authentication do
diff --git a/spec/lib/gitlab/auth/ldap/config_spec.rb b/spec/lib/gitlab/auth/ldap/config_spec.rb
index b91a09e3137..577dfe51949 100644
--- a/spec/lib/gitlab/auth/ldap/config_spec.rb
+++ b/spec/lib/gitlab/auth/ldap/config_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::LDAP::Config do
diff --git a/spec/lib/gitlab/auth/ldap/dn_spec.rb b/spec/lib/gitlab/auth/ldap/dn_spec.rb
index f2983a02602..63656efba29 100644
--- a/spec/lib/gitlab/auth/ldap/dn_spec.rb
+++ b/spec/lib/gitlab/auth/ldap/dn_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::LDAP::DN do
diff --git a/spec/lib/gitlab/auth/ldap/user_spec.rb b/spec/lib/gitlab/auth/ldap/user_spec.rb
index 44bb9d20e47..bc09de7b525 100644
--- a/spec/lib/gitlab/auth/ldap/user_spec.rb
+++ b/spec/lib/gitlab/auth/ldap/user_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::LDAP::User do
diff --git a/spec/lib/gitlab/auth/o_auth/auth_hash_spec.rb b/spec/lib/gitlab/auth/o_auth/auth_hash_spec.rb
index a5436149818..25532b7a68a 100644
--- a/spec/lib/gitlab/auth/o_auth/auth_hash_spec.rb
+++ b/spec/lib/gitlab/auth/o_auth/auth_hash_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::OAuth::AuthHash do
diff --git a/spec/lib/gitlab/auth/o_auth/identity_linker_spec.rb b/spec/lib/gitlab/auth/o_auth/identity_linker_spec.rb
index bf810d72f0e..45c1baa4089 100644
--- a/spec/lib/gitlab/auth/o_auth/identity_linker_spec.rb
+++ b/spec/lib/gitlab/auth/o_auth/identity_linker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::OAuth::IdentityLinker do
diff --git a/spec/lib/gitlab/auth/o_auth/provider_spec.rb b/spec/lib/gitlab/auth/o_auth/provider_spec.rb
index 80d702cf9dc..f46f9d76a1e 100644
--- a/spec/lib/gitlab/auth/o_auth/provider_spec.rb
+++ b/spec/lib/gitlab/auth/o_auth/provider_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::OAuth::Provider do
diff --git a/spec/lib/gitlab/auth/o_auth/user_spec.rb b/spec/lib/gitlab/auth/o_auth/user_spec.rb
index b765c265e69..a9b15c411dc 100644
--- a/spec/lib/gitlab/auth/o_auth/user_spec.rb
+++ b/spec/lib/gitlab/auth/o_auth/user_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::OAuth::User do
diff --git a/spec/lib/gitlab/auth/request_authenticator_spec.rb b/spec/lib/gitlab/auth/request_authenticator_spec.rb
index 3d979132880..f7fff389d88 100644
--- a/spec/lib/gitlab/auth/request_authenticator_spec.rb
+++ b/spec/lib/gitlab/auth/request_authenticator_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::RequestAuthenticator do
diff --git a/spec/lib/gitlab/auth/saml/auth_hash_spec.rb b/spec/lib/gitlab/auth/saml/auth_hash_spec.rb
index 3620e1afe25..13636a495d1 100644
--- a/spec/lib/gitlab/auth/saml/auth_hash_spec.rb
+++ b/spec/lib/gitlab/auth/saml/auth_hash_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::Saml::AuthHash do
diff --git a/spec/lib/gitlab/auth/saml/identity_linker_spec.rb b/spec/lib/gitlab/auth/saml/identity_linker_spec.rb
index f3305d574cc..89118ff05ba 100644
--- a/spec/lib/gitlab/auth/saml/identity_linker_spec.rb
+++ b/spec/lib/gitlab/auth/saml/identity_linker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::Saml::IdentityLinker do
diff --git a/spec/lib/gitlab/auth/saml/user_spec.rb b/spec/lib/gitlab/auth/saml/user_spec.rb
index c523f5e177f..5546438b7ee 100644
--- a/spec/lib/gitlab/auth/saml/user_spec.rb
+++ b/spec/lib/gitlab/auth/saml/user_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::Saml::User do
diff --git a/spec/lib/gitlab/auth/unique_ips_limiter_spec.rb b/spec/lib/gitlab/auth/unique_ips_limiter_spec.rb
index 22708687a56..ebf7de9c701 100644
--- a/spec/lib/gitlab/auth/unique_ips_limiter_spec.rb
+++ b/spec/lib/gitlab/auth/unique_ips_limiter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::UniqueIpsLimiter, :clean_gitlab_redis_shared_state do
diff --git a/spec/lib/gitlab/auth/user_access_denied_reason_spec.rb b/spec/lib/gitlab/auth/user_access_denied_reason_spec.rb
index 002ce776be9..8ec19c454d8 100644
--- a/spec/lib/gitlab/auth/user_access_denied_reason_spec.rb
+++ b/spec/lib/gitlab/auth/user_access_denied_reason_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::UserAccessDeniedReason do
diff --git a/spec/lib/gitlab/auth/user_auth_finders_spec.rb b/spec/lib/gitlab/auth/user_auth_finders_spec.rb
index 4751f880cee..41265da97a4 100644
--- a/spec/lib/gitlab/auth/user_auth_finders_spec.rb
+++ b/spec/lib/gitlab/auth/user_auth_finders_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth::UserAuthFinders do
diff --git a/spec/lib/gitlab/auth_spec.rb b/spec/lib/gitlab/auth_spec.rb
index 0403830f700..edff38f05ec 100644
--- a/spec/lib/gitlab/auth_spec.rb
+++ b/spec/lib/gitlab/auth_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Auth do
diff --git a/spec/lib/gitlab/background_migration/add_merge_request_diff_commits_count_spec.rb b/spec/lib/gitlab/background_migration/add_merge_request_diff_commits_count_spec.rb
index c43ed72038e..e299e2a366f 100644
--- a/spec/lib/gitlab/background_migration/add_merge_request_diff_commits_count_spec.rb
+++ b/spec/lib/gitlab/background_migration/add_merge_request_diff_commits_count_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BackgroundMigration::AddMergeRequestDiffCommitsCount, :migration, schema: 20180105212544 do
diff --git a/spec/lib/gitlab/background_migration/archive_legacy_traces_spec.rb b/spec/lib/gitlab/background_migration/archive_legacy_traces_spec.rb
index 877c061d11b..2a7cffb2f3e 100644
--- a/spec/lib/gitlab/background_migration/archive_legacy_traces_spec.rb
+++ b/spec/lib/gitlab/background_migration/archive_legacy_traces_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BackgroundMigration::ArchiveLegacyTraces, :migration, schema: 20180529152628 do
diff --git a/spec/lib/gitlab/background_migration/encrypt_columns_spec.rb b/spec/lib/gitlab/background_migration/encrypt_columns_spec.rb
index 1d9bac79dcd..3c2ed6d3a6d 100644
--- a/spec/lib/gitlab/background_migration/encrypt_columns_spec.rb
+++ b/spec/lib/gitlab/background_migration/encrypt_columns_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BackgroundMigration::EncryptColumns, :migration, schema: 20180910115836 do
diff --git a/spec/lib/gitlab/background_migration/encrypt_runners_tokens_spec.rb b/spec/lib/gitlab/background_migration/encrypt_runners_tokens_spec.rb
index 9d4921968b3..54af9807e7b 100644
--- a/spec/lib/gitlab/background_migration/encrypt_runners_tokens_spec.rb
+++ b/spec/lib/gitlab/background_migration/encrypt_runners_tokens_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BackgroundMigration::EncryptRunnersTokens, :migration, schema: 20181121111200 do
diff --git a/spec/lib/gitlab/background_migration/fix_cross_project_label_links_spec.rb b/spec/lib/gitlab/background_migration/fix_cross_project_label_links_spec.rb
index 20af63bc6c8..7d1aacb6393 100644
--- a/spec/lib/gitlab/background_migration/fix_cross_project_label_links_spec.rb
+++ b/spec/lib/gitlab/background_migration/fix_cross_project_label_links_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BackgroundMigration::FixCrossProjectLabelLinks, :migration, schema: 20180702120647 do
diff --git a/spec/lib/gitlab/background_migration/migrate_build_stage_spec.rb b/spec/lib/gitlab/background_migration/migrate_build_stage_spec.rb
index 582396275ed..a496f8416bf 100644
--- a/spec/lib/gitlab/background_migration/migrate_build_stage_spec.rb
+++ b/spec/lib/gitlab/background_migration/migrate_build_stage_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BackgroundMigration::MigrateBuildStage, :migration, schema: 20180212101928 do
diff --git a/spec/lib/gitlab/background_migration/migrate_legacy_artifacts_spec.rb b/spec/lib/gitlab/background_migration/migrate_legacy_artifacts_spec.rb
index 2d1505dacfe..268626d58fd 100644
--- a/spec/lib/gitlab/background_migration/migrate_legacy_artifacts_spec.rb
+++ b/spec/lib/gitlab/background_migration/migrate_legacy_artifacts_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BackgroundMigration::MigrateLegacyArtifacts, :migration, schema: 20180816161409 do
diff --git a/spec/lib/gitlab/background_migration/migrate_stage_index_spec.rb b/spec/lib/gitlab/background_migration/migrate_stage_index_spec.rb
index 4db829b1e7b..1a8b0355fd9 100644
--- a/spec/lib/gitlab/background_migration/migrate_stage_index_spec.rb
+++ b/spec/lib/gitlab/background_migration/migrate_stage_index_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BackgroundMigration::MigrateStageIndex, :migration, schema: 20180420080616 do
diff --git a/spec/lib/gitlab/background_migration/populate_untracked_uploads_dependencies/untracked_file_spec.rb b/spec/lib/gitlab/background_migration/populate_untracked_uploads_dependencies/untracked_file_spec.rb
index c76adcbe2f5..ea1eaa6417d 100644
--- a/spec/lib/gitlab/background_migration/populate_untracked_uploads_dependencies/untracked_file_spec.rb
+++ b/spec/lib/gitlab/background_migration/populate_untracked_uploads_dependencies/untracked_file_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 # Rollback DB to 10.5 (later than this was originally written for) because it still needs to work.
diff --git a/spec/lib/gitlab/background_migration/populate_untracked_uploads_spec.rb b/spec/lib/gitlab/background_migration/populate_untracked_uploads_spec.rb
index 0d2074eed22..44f537ca8dd 100644
--- a/spec/lib/gitlab/background_migration/populate_untracked_uploads_spec.rb
+++ b/spec/lib/gitlab/background_migration/populate_untracked_uploads_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 # Rollback DB to 10.5 (later than this was originally written for) because it still needs to work.
diff --git a/spec/lib/gitlab/background_migration/prepare_untracked_uploads_spec.rb b/spec/lib/gitlab/background_migration/prepare_untracked_uploads_spec.rb
index 35750d89c35..591368ee98e 100644
--- a/spec/lib/gitlab/background_migration/prepare_untracked_uploads_spec.rb
+++ b/spec/lib/gitlab/background_migration/prepare_untracked_uploads_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 # Rollback DB to 10.5 (later than this was originally written for) because it still needs to work.
diff --git a/spec/lib/gitlab/background_migration/schedule_calculate_wiki_sizes_spec.rb b/spec/lib/gitlab/background_migration/schedule_calculate_wiki_sizes_spec.rb
index d494ce68c5b..f877e8cc1b8 100644
--- a/spec/lib/gitlab/background_migration/schedule_calculate_wiki_sizes_spec.rb
+++ b/spec/lib/gitlab/background_migration/schedule_calculate_wiki_sizes_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require Rails.root.join('db', 'post_migrate', '20190527194900_schedule_calculate_wiki_sizes.rb')
 
diff --git a/spec/lib/gitlab/background_migration/set_confidential_note_events_on_services_spec.rb b/spec/lib/gitlab/background_migration/set_confidential_note_events_on_services_spec.rb
index 6f3fb994f17..3600755ada7 100644
--- a/spec/lib/gitlab/background_migration/set_confidential_note_events_on_services_spec.rb
+++ b/spec/lib/gitlab/background_migration/set_confidential_note_events_on_services_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BackgroundMigration::SetConfidentialNoteEventsOnServices, :migration, schema: 20180122154930 do
diff --git a/spec/lib/gitlab/background_migration/set_confidential_note_events_on_webhooks_spec.rb b/spec/lib/gitlab/background_migration/set_confidential_note_events_on_webhooks_spec.rb
index 82b484b7d5b..5cd9c02fd3f 100644
--- a/spec/lib/gitlab/background_migration/set_confidential_note_events_on_webhooks_spec.rb
+++ b/spec/lib/gitlab/background_migration/set_confidential_note_events_on_webhooks_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BackgroundMigration::SetConfidentialNoteEventsOnWebhooks, :migration, schema: 20180104131052 do
diff --git a/spec/lib/gitlab/background_migration_spec.rb b/spec/lib/gitlab/background_migration_spec.rb
index 1d0ffb5e9df..8960ac706e6 100644
--- a/spec/lib/gitlab/background_migration_spec.rb
+++ b/spec/lib/gitlab/background_migration_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BackgroundMigration do
diff --git a/spec/lib/gitlab/badge/coverage/metadata_spec.rb b/spec/lib/gitlab/badge/coverage/metadata_spec.rb
index 74eaf7eaf8b..2b87508bdef 100644
--- a/spec/lib/gitlab/badge/coverage/metadata_spec.rb
+++ b/spec/lib/gitlab/badge/coverage/metadata_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/badge/shared/metadata'
 
diff --git a/spec/lib/gitlab/badge/coverage/report_spec.rb b/spec/lib/gitlab/badge/coverage/report_spec.rb
index da789bf3705..eee3f96ab85 100644
--- a/spec/lib/gitlab/badge/coverage/report_spec.rb
+++ b/spec/lib/gitlab/badge/coverage/report_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Badge::Coverage::Report do
diff --git a/spec/lib/gitlab/badge/coverage/template_spec.rb b/spec/lib/gitlab/badge/coverage/template_spec.rb
index d9c21a22590..b51d707a61d 100644
--- a/spec/lib/gitlab/badge/coverage/template_spec.rb
+++ b/spec/lib/gitlab/badge/coverage/template_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Badge::Coverage::Template do
diff --git a/spec/lib/gitlab/badge/pipeline/metadata_spec.rb b/spec/lib/gitlab/badge/pipeline/metadata_spec.rb
index 9032a8e9016..b096803f921 100644
--- a/spec/lib/gitlab/badge/pipeline/metadata_spec.rb
+++ b/spec/lib/gitlab/badge/pipeline/metadata_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/badge/shared/metadata'
 
diff --git a/spec/lib/gitlab/badge/pipeline/status_spec.rb b/spec/lib/gitlab/badge/pipeline/status_spec.rb
index dc835375c66..684c6829879 100644
--- a/spec/lib/gitlab/badge/pipeline/status_spec.rb
+++ b/spec/lib/gitlab/badge/pipeline/status_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Badge::Pipeline::Status do
diff --git a/spec/lib/gitlab/badge/pipeline/template_spec.rb b/spec/lib/gitlab/badge/pipeline/template_spec.rb
index bcef0b7e120..c0aaa3d73e1 100644
--- a/spec/lib/gitlab/badge/pipeline/template_spec.rb
+++ b/spec/lib/gitlab/badge/pipeline/template_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Badge::Pipeline::Template do
diff --git a/spec/lib/gitlab/badge/shared/metadata.rb b/spec/lib/gitlab/badge/shared/metadata.rb
index 63c7ca5a915..809fa54db02 100644
--- a/spec/lib/gitlab/badge/shared/metadata.rb
+++ b/spec/lib/gitlab/badge/shared/metadata.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 shared_examples 'badge metadata' do
   describe '#to_html' do
     let(:html) { Nokogiri::HTML.parse(metadata.to_html) }
diff --git a/spec/lib/gitlab/bare_repository_import/importer_spec.rb b/spec/lib/gitlab/bare_repository_import/importer_spec.rb
index f4759b69538..6fb95b4d3a2 100644
--- a/spec/lib/gitlab/bare_repository_import/importer_spec.rb
+++ b/spec/lib/gitlab/bare_repository_import/importer_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BareRepositoryImport::Importer, :seed_helper do
diff --git a/spec/lib/gitlab/bare_repository_import/repository_spec.rb b/spec/lib/gitlab/bare_repository_import/repository_spec.rb
index a07c5371134..0607e2232a1 100644
--- a/spec/lib/gitlab/bare_repository_import/repository_spec.rb
+++ b/spec/lib/gitlab/bare_repository_import/repository_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe ::Gitlab::BareRepositoryImport::Repository do
diff --git a/spec/lib/gitlab/bitbucket_import/importer_spec.rb b/spec/lib/gitlab/bitbucket_import/importer_spec.rb
index 35700e0b588..62b688d4d3e 100644
--- a/spec/lib/gitlab/bitbucket_import/importer_spec.rb
+++ b/spec/lib/gitlab/bitbucket_import/importer_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BitbucketImport::Importer do
diff --git a/spec/lib/gitlab/bitbucket_import/project_creator_spec.rb b/spec/lib/gitlab/bitbucket_import/project_creator_spec.rb
index e2bee22cf1f..0dd8547a925 100644
--- a/spec/lib/gitlab/bitbucket_import/project_creator_spec.rb
+++ b/spec/lib/gitlab/bitbucket_import/project_creator_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BitbucketImport::ProjectCreator do
diff --git a/spec/lib/gitlab/bitbucket_import/wiki_formatter_spec.rb b/spec/lib/gitlab/bitbucket_import/wiki_formatter_spec.rb
index 795fd069ab2..7b5c7847f2d 100644
--- a/spec/lib/gitlab/bitbucket_import/wiki_formatter_spec.rb
+++ b/spec/lib/gitlab/bitbucket_import/wiki_formatter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BitbucketImport::WikiFormatter do
diff --git a/spec/lib/gitlab/bitbucket_server_import/importer_spec.rb b/spec/lib/gitlab/bitbucket_server_import/importer_spec.rb
index cc09804fd53..8ab7b2c5fa7 100644
--- a/spec/lib/gitlab/bitbucket_server_import/importer_spec.rb
+++ b/spec/lib/gitlab/bitbucket_server_import/importer_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BitbucketServerImport::Importer do
diff --git a/spec/lib/gitlab/blame_spec.rb b/spec/lib/gitlab/blame_spec.rb
index 7cab04e9fc9..e1afd5b25bb 100644
--- a/spec/lib/gitlab/blame_spec.rb
+++ b/spec/lib/gitlab/blame_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Blame do
diff --git a/spec/lib/gitlab/build_access_spec.rb b/spec/lib/gitlab/build_access_spec.rb
index 08f50bf4fac..b7af8ace5b5 100644
--- a/spec/lib/gitlab/build_access_spec.rb
+++ b/spec/lib/gitlab/build_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::BuildAccess do
diff --git a/spec/lib/gitlab/cache/ci/project_pipeline_status_spec.rb b/spec/lib/gitlab/cache/ci/project_pipeline_status_spec.rb
index 483c5ea9cff..91e7edaf704 100644
--- a/spec/lib/gitlab/cache/ci/project_pipeline_status_spec.rb
+++ b/spec/lib/gitlab/cache/ci/project_pipeline_status_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Cache::Ci::ProjectPipelineStatus, :clean_gitlab_redis_cache do
diff --git a/spec/lib/gitlab/cache/request_cache_spec.rb b/spec/lib/gitlab/cache/request_cache_spec.rb
index 5b82c216a13..70a7f090d0a 100644
--- a/spec/lib/gitlab/cache/request_cache_spec.rb
+++ b/spec/lib/gitlab/cache/request_cache_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Cache::RequestCache do
diff --git a/spec/lib/gitlab/changes_list_spec.rb b/spec/lib/gitlab/changes_list_spec.rb
index 464508fcd73..911450f3a8b 100644
--- a/spec/lib/gitlab/changes_list_spec.rb
+++ b/spec/lib/gitlab/changes_list_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe Gitlab::ChangesList do
diff --git a/spec/lib/gitlab/chat_name_token_spec.rb b/spec/lib/gitlab/chat_name_token_spec.rb
index 1e9fb9077fc..b2d4a466021 100644
--- a/spec/lib/gitlab/chat_name_token_spec.rb
+++ b/spec/lib/gitlab/chat_name_token_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::ChatNameToken do
diff --git a/spec/lib/gitlab/chat_spec.rb b/spec/lib/gitlab/chat_spec.rb
index d61c4b36668..08cc16314c5 100644
--- a/spec/lib/gitlab/chat_spec.rb
+++ b/spec/lib/gitlab/chat_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Chat, :use_clean_rails_memory_store_caching do
diff --git a/spec/lib/gitlab/checks/change_access_spec.rb b/spec/lib/gitlab/checks/change_access_spec.rb
index 45fb33e9e4a..3a8e8f67e16 100644
--- a/spec/lib/gitlab/checks/change_access_spec.rb
+++ b/spec/lib/gitlab/checks/change_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Checks::ChangeAccess do
diff --git a/spec/lib/gitlab/checks/force_push_spec.rb b/spec/lib/gitlab/checks/force_push_spec.rb
index 0e0788ce974..9432be083d3 100644
--- a/spec/lib/gitlab/checks/force_push_spec.rb
+++ b/spec/lib/gitlab/checks/force_push_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Checks::ForcePush do
diff --git a/spec/lib/gitlab/checks/lfs_integrity_spec.rb b/spec/lib/gitlab/checks/lfs_integrity_spec.rb
index 887ea8fc1e0..88e8f5d74d1 100644
--- a/spec/lib/gitlab/checks/lfs_integrity_spec.rb
+++ b/spec/lib/gitlab/checks/lfs_integrity_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Checks::LfsIntegrity do
diff --git a/spec/lib/gitlab/checks/project_created_spec.rb b/spec/lib/gitlab/checks/project_created_spec.rb
index ac02007e111..14cb5e6ec66 100644
--- a/spec/lib/gitlab/checks/project_created_spec.rb
+++ b/spec/lib/gitlab/checks/project_created_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Gitlab::Checks::ProjectCreated, :clean_gitlab_redis_shared_state do
diff --git a/spec/lib/gitlab/checks/project_moved_spec.rb b/spec/lib/gitlab/checks/project_moved_spec.rb
index 8e9386b1ba1..3ca977aa48d 100644
--- a/spec/lib/gitlab/checks/project_moved_spec.rb
+++ b/spec/lib/gitlab/checks/project_moved_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Gitlab::Checks::ProjectMoved, :clean_gitlab_redis_shared_state do
diff --git a/spec/lib/gitlab/ci/ansi2html_spec.rb b/spec/lib/gitlab/ci/ansi2html_spec.rb
index 3d57ce431ab..651fdaaabca 100644
--- a/spec/lib/gitlab/ci/ansi2html_spec.rb
+++ b/spec/lib/gitlab/ci/ansi2html_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Ansi2html do
diff --git a/spec/lib/gitlab/ci/build/artifacts/adapters/gzip_stream_spec.rb b/spec/lib/gitlab/ci/build/artifacts/adapters/gzip_stream_spec.rb
index 987c6b37aaa..cec3e70bb9f 100644
--- a/spec/lib/gitlab/ci/build/artifacts/adapters/gzip_stream_spec.rb
+++ b/spec/lib/gitlab/ci/build/artifacts/adapters/gzip_stream_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Build::Artifacts::Adapters::GzipStream do
diff --git a/spec/lib/gitlab/ci/build/artifacts/adapters/raw_stream_spec.rb b/spec/lib/gitlab/ci/build/artifacts/adapters/raw_stream_spec.rb
index ec2dd724b45..66a234232e1 100644
--- a/spec/lib/gitlab/ci/build/artifacts/adapters/raw_stream_spec.rb
+++ b/spec/lib/gitlab/ci/build/artifacts/adapters/raw_stream_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Build::Artifacts::Adapters::RawStream do
diff --git a/spec/lib/gitlab/ci/build/artifacts/metadata/entry_spec.rb b/spec/lib/gitlab/ci/build/artifacts/metadata/entry_spec.rb
index 3b905611467..24d17eb0fb3 100644
--- a/spec/lib/gitlab/ci/build/artifacts/metadata/entry_spec.rb
+++ b/spec/lib/gitlab/ci/build/artifacts/metadata/entry_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Build::Artifacts::Metadata::Entry do
diff --git a/spec/lib/gitlab/ci/build/artifacts/metadata_spec.rb b/spec/lib/gitlab/ci/build/artifacts/metadata_spec.rb
index a9a4af1f455..ff189c4701e 100644
--- a/spec/lib/gitlab/ci/build/artifacts/metadata_spec.rb
+++ b/spec/lib/gitlab/ci/build/artifacts/metadata_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Build::Artifacts::Metadata do
diff --git a/spec/lib/gitlab/ci/build/artifacts/path_spec.rb b/spec/lib/gitlab/ci/build/artifacts/path_spec.rb
index 7bd6a2ead25..7bbef0f5197 100644
--- a/spec/lib/gitlab/ci/build/artifacts/path_spec.rb
+++ b/spec/lib/gitlab/ci/build/artifacts/path_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Build::Artifacts::Path do
diff --git a/spec/lib/gitlab/ci/build/credentials/factory_spec.rb b/spec/lib/gitlab/ci/build/credentials/factory_spec.rb
index d53db05e5e6..9148c0d579e 100644
--- a/spec/lib/gitlab/ci/build/credentials/factory_spec.rb
+++ b/spec/lib/gitlab/ci/build/credentials/factory_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Build::Credentials::Factory do
diff --git a/spec/lib/gitlab/ci/build/credentials/registry_spec.rb b/spec/lib/gitlab/ci/build/credentials/registry_spec.rb
index c6054138cde..552580dcbbe 100644
--- a/spec/lib/gitlab/ci/build/credentials/registry_spec.rb
+++ b/spec/lib/gitlab/ci/build/credentials/registry_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Build::Credentials::Registry do
diff --git a/spec/lib/gitlab/ci/build/image_spec.rb b/spec/lib/gitlab/ci/build/image_spec.rb
index 6e20e0ef5c3..04bab9c58b8 100644
--- a/spec/lib/gitlab/ci/build/image_spec.rb
+++ b/spec/lib/gitlab/ci/build/image_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Build::Image do
diff --git a/spec/lib/gitlab/ci/build/policy/changes_spec.rb b/spec/lib/gitlab/ci/build/policy/changes_spec.rb
index 92cf0376c02..48ac2e4e657 100644
--- a/spec/lib/gitlab/ci/build/policy/changes_spec.rb
+++ b/spec/lib/gitlab/ci/build/policy/changes_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Build::Policy::Changes do
diff --git a/spec/lib/gitlab/ci/build/policy/kubernetes_spec.rb b/spec/lib/gitlab/ci/build/policy/kubernetes_spec.rb
index 4510b82ca9d..bc2e6fe6b8d 100644
--- a/spec/lib/gitlab/ci/build/policy/kubernetes_spec.rb
+++ b/spec/lib/gitlab/ci/build/policy/kubernetes_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Build::Policy::Kubernetes do
diff --git a/spec/lib/gitlab/ci/build/policy/refs_spec.rb b/spec/lib/gitlab/ci/build/policy/refs_spec.rb
index 22ca681cfd3..43c5d3ec980 100644
--- a/spec/lib/gitlab/ci/build/policy/refs_spec.rb
+++ b/spec/lib/gitlab/ci/build/policy/refs_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Build::Policy::Refs do
diff --git a/spec/lib/gitlab/ci/build/policy/variables_spec.rb b/spec/lib/gitlab/ci/build/policy/variables_spec.rb
index 9b016901a20..42a2a9fda2e 100644
--- a/spec/lib/gitlab/ci/build/policy/variables_spec.rb
+++ b/spec/lib/gitlab/ci/build/policy/variables_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Build::Policy::Variables do
diff --git a/spec/lib/gitlab/ci/build/policy_spec.rb b/spec/lib/gitlab/ci/build/policy_spec.rb
index 20ee3dd3e89..80d7b2e9dc8 100644
--- a/spec/lib/gitlab/ci/build/policy_spec.rb
+++ b/spec/lib/gitlab/ci/build/policy_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Build::Policy do
diff --git a/spec/lib/gitlab/ci/build/step_spec.rb b/spec/lib/gitlab/ci/build/step_spec.rb
index e3136fc925e..84e6e0e177f 100644
--- a/spec/lib/gitlab/ci/build/step_spec.rb
+++ b/spec/lib/gitlab/ci/build/step_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Build::Step do
diff --git a/spec/lib/gitlab/ci/charts_spec.rb b/spec/lib/gitlab/ci/charts_spec.rb
index 1668d3bbaac..cfb7a3f72fa 100644
--- a/spec/lib/gitlab/ci/charts_spec.rb
+++ b/spec/lib/gitlab/ci/charts_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Charts do
diff --git a/spec/lib/gitlab/ci/config/entry/artifacts_spec.rb b/spec/lib/gitlab/ci/config/entry/artifacts_spec.rb
index bd1f2c92844..a7f457e0f5e 100644
--- a/spec/lib/gitlab/ci/config/entry/artifacts_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/artifacts_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Artifacts do
diff --git a/spec/lib/gitlab/ci/config/entry/cache_spec.rb b/spec/lib/gitlab/ci/config/entry/cache_spec.rb
index 8f711e02f9b..4cb63168ec7 100644
--- a/spec/lib/gitlab/ci/config/entry/cache_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/cache_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Cache do
diff --git a/spec/lib/gitlab/ci/config/entry/commands_spec.rb b/spec/lib/gitlab/ci/config/entry/commands_spec.rb
index 8934aeb83db..269a3406913 100644
--- a/spec/lib/gitlab/ci/config/entry/commands_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/commands_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Commands do
diff --git a/spec/lib/gitlab/ci/config/entry/coverage_spec.rb b/spec/lib/gitlab/ci/config/entry/coverage_spec.rb
index 4c6bd859552..48d0864cfca 100644
--- a/spec/lib/gitlab/ci/config/entry/coverage_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/coverage_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Coverage do
diff --git a/spec/lib/gitlab/ci/config/entry/default_spec.rb b/spec/lib/gitlab/ci/config/entry/default_spec.rb
index a901dd80c2c..27d63dbd407 100644
--- a/spec/lib/gitlab/ci/config/entry/default_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/default_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Default do
diff --git a/spec/lib/gitlab/ci/config/entry/environment_spec.rb b/spec/lib/gitlab/ci/config/entry/environment_spec.rb
index 0bc9e8bd3cd..7b72b45fd8d 100644
--- a/spec/lib/gitlab/ci/config/entry/environment_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/environment_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Environment do
diff --git a/spec/lib/gitlab/ci/config/entry/hidden_spec.rb b/spec/lib/gitlab/ci/config/entry/hidden_spec.rb
index c88ee10550c..40b73352676 100644
--- a/spec/lib/gitlab/ci/config/entry/hidden_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/hidden_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Hidden do
diff --git a/spec/lib/gitlab/ci/config/entry/image_spec.rb b/spec/lib/gitlab/ci/config/entry/image_spec.rb
index 1ebdda398b9..8de2e5de724 100644
--- a/spec/lib/gitlab/ci/config/entry/image_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/image_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Image do
diff --git a/spec/lib/gitlab/ci/config/entry/job_spec.rb b/spec/lib/gitlab/ci/config/entry/job_spec.rb
index 25766d34c65..d5861d5dd07 100644
--- a/spec/lib/gitlab/ci/config/entry/job_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/job_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Job do
diff --git a/spec/lib/gitlab/ci/config/entry/jobs_spec.rb b/spec/lib/gitlab/ci/config/entry/jobs_spec.rb
index 3e4137930dc..61c8956d41f 100644
--- a/spec/lib/gitlab/ci/config/entry/jobs_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/jobs_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Jobs do
diff --git a/spec/lib/gitlab/ci/config/entry/key_spec.rb b/spec/lib/gitlab/ci/config/entry/key_spec.rb
index 3cbf19bea8b..a7874447725 100644
--- a/spec/lib/gitlab/ci/config/entry/key_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/key_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Key do
diff --git a/spec/lib/gitlab/ci/config/entry/paths_spec.rb b/spec/lib/gitlab/ci/config/entry/paths_spec.rb
index 1d9c5ddee9b..221d5ae5863 100644
--- a/spec/lib/gitlab/ci/config/entry/paths_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/paths_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Paths do
diff --git a/spec/lib/gitlab/ci/config/entry/policy_spec.rb b/spec/lib/gitlab/ci/config/entry/policy_spec.rb
index fba5671594d..266a27c1e47 100644
--- a/spec/lib/gitlab/ci/config/entry/policy_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/policy_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fast_spec_helper'
 require 'support/helpers/stub_feature_flags'
 require_dependency 'active_model'
diff --git a/spec/lib/gitlab/ci/config/entry/reports_spec.rb b/spec/lib/gitlab/ci/config/entry/reports_spec.rb
index 38943138cbf..3c352c30e55 100644
--- a/spec/lib/gitlab/ci/config/entry/reports_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/reports_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Reports do
diff --git a/spec/lib/gitlab/ci/config/entry/retry_spec.rb b/spec/lib/gitlab/ci/config/entry/retry_spec.rb
index 164a9ed4c3d..f9efd2e014d 100644
--- a/spec/lib/gitlab/ci/config/entry/retry_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/retry_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Retry do
diff --git a/spec/lib/gitlab/ci/config/entry/root_spec.rb b/spec/lib/gitlab/ci/config/entry/root_spec.rb
index 7a252ed675a..968dbb9c7f2 100644
--- a/spec/lib/gitlab/ci/config/entry/root_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/root_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Root do
diff --git a/spec/lib/gitlab/ci/config/entry/script_spec.rb b/spec/lib/gitlab/ci/config/entry/script_spec.rb
index 069eaa26422..d523243d3b6 100644
--- a/spec/lib/gitlab/ci/config/entry/script_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/script_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Script do
diff --git a/spec/lib/gitlab/ci/config/entry/service_spec.rb b/spec/lib/gitlab/ci/config/entry/service_spec.rb
index d31866a1987..66cca100688 100644
--- a/spec/lib/gitlab/ci/config/entry/service_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/service_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Service do
diff --git a/spec/lib/gitlab/ci/config/entry/services_spec.rb b/spec/lib/gitlab/ci/config/entry/services_spec.rb
index d5a1316f665..764f783b083 100644
--- a/spec/lib/gitlab/ci/config/entry/services_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/services_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Services do
diff --git a/spec/lib/gitlab/ci/config/entry/stage_spec.rb b/spec/lib/gitlab/ci/config/entry/stage_spec.rb
index 70c8a0a355a..574fa00575a 100644
--- a/spec/lib/gitlab/ci/config/entry/stage_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/stage_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Stage do
diff --git a/spec/lib/gitlab/ci/config/entry/stages_spec.rb b/spec/lib/gitlab/ci/config/entry/stages_spec.rb
index 182c8d867c7..97970522104 100644
--- a/spec/lib/gitlab/ci/config/entry/stages_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/stages_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Stages do
diff --git a/spec/lib/gitlab/ci/config/entry/variables_spec.rb b/spec/lib/gitlab/ci/config/entry/variables_spec.rb
index 84bfef9e8ad..1320b366367 100644
--- a/spec/lib/gitlab/ci/config/entry/variables_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/variables_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config::Entry::Variables do
diff --git a/spec/lib/gitlab/ci/config/extendable/entry_spec.rb b/spec/lib/gitlab/ci/config/extendable/entry_spec.rb
index d63612053b6..e00104e3c68 100644
--- a/spec/lib/gitlab/ci/config/extendable/entry_spec.rb
+++ b/spec/lib/gitlab/ci/config/extendable/entry_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fast_spec_helper'
 
 describe Gitlab::Ci::Config::Extendable::Entry do
diff --git a/spec/lib/gitlab/ci/config/extendable_spec.rb b/spec/lib/gitlab/ci/config/extendable_spec.rb
index 90213f6603d..874b224067b 100644
--- a/spec/lib/gitlab/ci/config/extendable_spec.rb
+++ b/spec/lib/gitlab/ci/config/extendable_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fast_spec_helper'
 
 describe Gitlab::Ci::Config::Extendable do
diff --git a/spec/lib/gitlab/ci/config_spec.rb b/spec/lib/gitlab/ci/config_spec.rb
index 4e8bff3d738..986cde3540a 100644
--- a/spec/lib/gitlab/ci/config_spec.rb
+++ b/spec/lib/gitlab/ci/config_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Config do
diff --git a/spec/lib/gitlab/ci/cron_parser_spec.rb b/spec/lib/gitlab/ci/cron_parser_spec.rb
index 491e3fba9d9..af4e9d687c4 100644
--- a/spec/lib/gitlab/ci/cron_parser_spec.rb
+++ b/spec/lib/gitlab/ci/cron_parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::CronParser do
diff --git a/spec/lib/gitlab/ci/mask_secret_spec.rb b/spec/lib/gitlab/ci/mask_secret_spec.rb
index 3789a142248..6607aaae399 100644
--- a/spec/lib/gitlab/ci/mask_secret_spec.rb
+++ b/spec/lib/gitlab/ci/mask_secret_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::MaskSecret do
diff --git a/spec/lib/gitlab/ci/parsers/test/junit_spec.rb b/spec/lib/gitlab/ci/parsers/test/junit_spec.rb
index a49402c7398..8ff60710f67 100644
--- a/spec/lib/gitlab/ci/parsers/test/junit_spec.rb
+++ b/spec/lib/gitlab/ci/parsers/test/junit_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fast_spec_helper'
 
 describe Gitlab::Ci::Parsers::Test::Junit do
diff --git a/spec/lib/gitlab/ci/pipeline/chain/build_spec.rb b/spec/lib/gitlab/ci/pipeline/chain/build_spec.rb
index 50cb45c39d1..bf9ff922c05 100644
--- a/spec/lib/gitlab/ci/pipeline/chain/build_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/chain/build_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Chain::Build do
diff --git a/spec/lib/gitlab/ci/pipeline/chain/command_spec.rb b/spec/lib/gitlab/ci/pipeline/chain/command_spec.rb
index 5181e9c1583..5775e934cfd 100644
--- a/spec/lib/gitlab/ci/pipeline/chain/command_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/chain/command_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Chain::Command do
diff --git a/spec/lib/gitlab/ci/pipeline/chain/create_spec.rb b/spec/lib/gitlab/ci/pipeline/chain/create_spec.rb
index 0edc3f315bb..650ab193997 100644
--- a/spec/lib/gitlab/ci/pipeline/chain/create_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/chain/create_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Chain::Create do
diff --git a/spec/lib/gitlab/ci/pipeline/chain/populate_spec.rb b/spec/lib/gitlab/ci/pipeline/chain/populate_spec.rb
index 0302e4090cf..417a2d119ff 100644
--- a/spec/lib/gitlab/ci/pipeline/chain/populate_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/chain/populate_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Chain::Populate do
diff --git a/spec/lib/gitlab/ci/pipeline/chain/sequence_spec.rb b/spec/lib/gitlab/ci/pipeline/chain/sequence_spec.rb
index eca23694a2b..9cb59442dfd 100644
--- a/spec/lib/gitlab/ci/pipeline/chain/sequence_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/chain/sequence_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Chain::Sequence do
diff --git a/spec/lib/gitlab/ci/pipeline/chain/skip_spec.rb b/spec/lib/gitlab/ci/pipeline/chain/skip_spec.rb
index c7f4fc98ca3..fe46633ed1b 100644
--- a/spec/lib/gitlab/ci/pipeline/chain/skip_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/chain/skip_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Chain::Skip do
diff --git a/spec/lib/gitlab/ci/pipeline/chain/validate/abilities_spec.rb b/spec/lib/gitlab/ci/pipeline/chain/validate/abilities_spec.rb
index b3e58c3dfdb..ac370433955 100644
--- a/spec/lib/gitlab/ci/pipeline/chain/validate/abilities_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/chain/validate/abilities_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Chain::Validate::Abilities do
diff --git a/spec/lib/gitlab/ci/pipeline/chain/validate/config_spec.rb b/spec/lib/gitlab/ci/pipeline/chain/validate/config_spec.rb
index 00bbc4c817a..79acd3e4f54 100644
--- a/spec/lib/gitlab/ci/pipeline/chain/validate/config_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/chain/validate/config_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Chain::Validate::Config do
diff --git a/spec/lib/gitlab/ci/pipeline/chain/validate/repository_spec.rb b/spec/lib/gitlab/ci/pipeline/chain/validate/repository_spec.rb
index 2e8c9d70098..b866355906e 100644
--- a/spec/lib/gitlab/ci/pipeline/chain/validate/repository_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/chain/validate/repository_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Chain::Validate::Repository do
diff --git a/spec/lib/gitlab/ci/pipeline/duration_spec.rb b/spec/lib/gitlab/ci/pipeline/duration_spec.rb
index 7c9836e2da6..a4984092f35 100644
--- a/spec/lib/gitlab/ci/pipeline/duration_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/duration_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Duration do
diff --git a/spec/lib/gitlab/ci/pipeline/expression/lexeme/and_spec.rb b/spec/lib/gitlab/ci/pipeline/expression/lexeme/and_spec.rb
index 006ce4d8078..847d613dba3 100644
--- a/spec/lib/gitlab/ci/pipeline/expression/lexeme/and_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/expression/lexeme/and_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fast_spec_helper'
 require 'rspec-parameterized'
 
diff --git a/spec/lib/gitlab/ci/pipeline/expression/lexeme/equals_spec.rb b/spec/lib/gitlab/ci/pipeline/expression/lexeme/equals_spec.rb
index fcbd2863289..0e13681a4cf 100644
--- a/spec/lib/gitlab/ci/pipeline/expression/lexeme/equals_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/expression/lexeme/equals_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Expression::Lexeme::Equals do
diff --git a/spec/lib/gitlab/ci/pipeline/expression/lexeme/matches_spec.rb b/spec/lib/gitlab/ci/pipeline/expression/lexeme/matches_spec.rb
index a6fdec832a3..4e4f1bf6ad3 100644
--- a/spec/lib/gitlab/ci/pipeline/expression/lexeme/matches_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/expression/lexeme/matches_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fast_spec_helper'
 require_dependency 're2'
 
diff --git a/spec/lib/gitlab/ci/pipeline/expression/lexeme/not_equals_spec.rb b/spec/lib/gitlab/ci/pipeline/expression/lexeme/not_equals_spec.rb
index 38d30c9035a..a3a48f83b27 100644
--- a/spec/lib/gitlab/ci/pipeline/expression/lexeme/not_equals_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/expression/lexeme/not_equals_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Expression::Lexeme::NotEquals do
diff --git a/spec/lib/gitlab/ci/pipeline/expression/lexeme/not_matches_spec.rb b/spec/lib/gitlab/ci/pipeline/expression/lexeme/not_matches_spec.rb
index 99110ff8d88..6b81008ffb1 100644
--- a/spec/lib/gitlab/ci/pipeline/expression/lexeme/not_matches_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/expression/lexeme/not_matches_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fast_spec_helper'
 require_dependency 're2'
 
diff --git a/spec/lib/gitlab/ci/pipeline/expression/lexeme/null_spec.rb b/spec/lib/gitlab/ci/pipeline/expression/lexeme/null_spec.rb
index b5a59929e11..7013c6bacbb 100644
--- a/spec/lib/gitlab/ci/pipeline/expression/lexeme/null_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/expression/lexeme/null_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Expression::Lexeme::Null do
diff --git a/spec/lib/gitlab/ci/pipeline/expression/lexeme/or_spec.rb b/spec/lib/gitlab/ci/pipeline/expression/lexeme/or_spec.rb
index d542eebc613..15505ebc82b 100644
--- a/spec/lib/gitlab/ci/pipeline/expression/lexeme/or_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/expression/lexeme/or_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fast_spec_helper'
 require 'rspec-parameterized'
 
diff --git a/spec/lib/gitlab/ci/pipeline/expression/lexeme/pattern_spec.rb b/spec/lib/gitlab/ci/pipeline/expression/lexeme/pattern_spec.rb
index 6ce4b321397..2cc25a07417 100644
--- a/spec/lib/gitlab/ci/pipeline/expression/lexeme/pattern_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/expression/lexeme/pattern_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Expression::Lexeme::Pattern do
diff --git a/spec/lib/gitlab/ci/pipeline/expression/lexeme/string_spec.rb b/spec/lib/gitlab/ci/pipeline/expression/lexeme/string_spec.rb
index f54ef492e6d..2a6b90d127f 100644
--- a/spec/lib/gitlab/ci/pipeline/expression/lexeme/string_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/expression/lexeme/string_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Expression::Lexeme::String do
diff --git a/spec/lib/gitlab/ci/pipeline/expression/lexeme/variable_spec.rb b/spec/lib/gitlab/ci/pipeline/expression/lexeme/variable_spec.rb
index 599a5411881..29e26930249 100644
--- a/spec/lib/gitlab/ci/pipeline/expression/lexeme/variable_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/expression/lexeme/variable_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Expression::Lexeme::Variable do
diff --git a/spec/lib/gitlab/ci/pipeline/expression/lexer_spec.rb b/spec/lib/gitlab/ci/pipeline/expression/lexer_spec.rb
index 7c98e729b0b..2b0cee2d6f2 100644
--- a/spec/lib/gitlab/ci/pipeline/expression/lexer_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/expression/lexer_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Expression::Lexer do
diff --git a/spec/lib/gitlab/ci/pipeline/expression/parser_spec.rb b/spec/lib/gitlab/ci/pipeline/expression/parser_spec.rb
index e88ec5561b6..10adfa18af6 100644
--- a/spec/lib/gitlab/ci/pipeline/expression/parser_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/expression/parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fast_spec_helper'
 
 describe Gitlab::Ci::Pipeline::Expression::Parser do
diff --git a/spec/lib/gitlab/ci/pipeline/expression/statement_spec.rb b/spec/lib/gitlab/ci/pipeline/expression/statement_spec.rb
index b259ef711aa..79ee4d07e3a 100644
--- a/spec/lib/gitlab/ci/pipeline/expression/statement_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/expression/statement_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fast_spec_helper'
 require 'rspec-parameterized'
 
diff --git a/spec/lib/gitlab/ci/pipeline/expression/token_spec.rb b/spec/lib/gitlab/ci/pipeline/expression/token_spec.rb
index cedfe270f9d..aa807cecb72 100644
--- a/spec/lib/gitlab/ci/pipeline/expression/token_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/expression/token_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'fast_spec_helper'
 
 describe Gitlab::Ci::Pipeline::Expression::Token do
diff --git a/spec/lib/gitlab/ci/pipeline/seed/stage_spec.rb b/spec/lib/gitlab/ci/pipeline/seed/stage_spec.rb
index 493ca3cd7b5..ad864d0d56e 100644
--- a/spec/lib/gitlab/ci/pipeline/seed/stage_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/seed/stage_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Pipeline::Seed::Stage do
diff --git a/spec/lib/gitlab/ci/reports/test_case_spec.rb b/spec/lib/gitlab/ci/reports/test_case_spec.rb
index 6932f79f0ce..20c489ee94c 100644
--- a/spec/lib/gitlab/ci/reports/test_case_spec.rb
+++ b/spec/lib/gitlab/ci/reports/test_case_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Reports::TestCase do
diff --git a/spec/lib/gitlab/ci/reports/test_reports_comparer_spec.rb b/spec/lib/gitlab/ci/reports/test_reports_comparer_spec.rb
index 36582204cc1..48eef0643b2 100644
--- a/spec/lib/gitlab/ci/reports/test_reports_comparer_spec.rb
+++ b/spec/lib/gitlab/ci/reports/test_reports_comparer_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Reports::TestReportsComparer do
diff --git a/spec/lib/gitlab/ci/reports/test_reports_spec.rb b/spec/lib/gitlab/ci/reports/test_reports_spec.rb
index 74ff134b239..0b5d05bada3 100644
--- a/spec/lib/gitlab/ci/reports/test_reports_spec.rb
+++ b/spec/lib/gitlab/ci/reports/test_reports_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Reports::TestReports do
diff --git a/spec/lib/gitlab/ci/reports/test_suite_comparer_spec.rb b/spec/lib/gitlab/ci/reports/test_suite_comparer_spec.rb
index 579b3e6fd24..cf4690bb334 100644
--- a/spec/lib/gitlab/ci/reports/test_suite_comparer_spec.rb
+++ b/spec/lib/gitlab/ci/reports/test_suite_comparer_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Reports::TestSuiteComparer do
diff --git a/spec/lib/gitlab/ci/reports/test_suite_spec.rb b/spec/lib/gitlab/ci/reports/test_suite_spec.rb
index cd34dbaf62f..8646db43bc8 100644
--- a/spec/lib/gitlab/ci/reports/test_suite_spec.rb
+++ b/spec/lib/gitlab/ci/reports/test_suite_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Reports::TestSuite do
diff --git a/spec/lib/gitlab/ci/status/build/action_spec.rb b/spec/lib/gitlab/ci/status/build/action_spec.rb
index bdec582b57b..3aae7e18d6d 100644
--- a/spec/lib/gitlab/ci/status/build/action_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/action_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Action do
diff --git a/spec/lib/gitlab/ci/status/build/cancelable_spec.rb b/spec/lib/gitlab/ci/status/build/cancelable_spec.rb
index 78d6fa65b5a..3841dae91c7 100644
--- a/spec/lib/gitlab/ci/status/build/cancelable_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/cancelable_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Cancelable do
diff --git a/spec/lib/gitlab/ci/status/build/canceled_spec.rb b/spec/lib/gitlab/ci/status/build/canceled_spec.rb
index c6b5cc68770..4b43c78f1a7 100644
--- a/spec/lib/gitlab/ci/status/build/canceled_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/canceled_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Canceled do
diff --git a/spec/lib/gitlab/ci/status/build/common_spec.rb b/spec/lib/gitlab/ci/status/build/common_spec.rb
index ca3c66f0152..5114540708f 100644
--- a/spec/lib/gitlab/ci/status/build/common_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/common_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Common do
diff --git a/spec/lib/gitlab/ci/status/build/created_spec.rb b/spec/lib/gitlab/ci/status/build/created_spec.rb
index 8bdfe6ef7a2..6e3aa442810 100644
--- a/spec/lib/gitlab/ci/status/build/created_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/created_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Created do
diff --git a/spec/lib/gitlab/ci/status/build/erased_spec.rb b/spec/lib/gitlab/ci/status/build/erased_spec.rb
index 0acd271e375..af9c296da0c 100644
--- a/spec/lib/gitlab/ci/status/build/erased_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/erased_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Erased do
diff --git a/spec/lib/gitlab/ci/status/build/factory_spec.rb b/spec/lib/gitlab/ci/status/build/factory_spec.rb
index b6231510b91..de489fa4664 100644
--- a/spec/lib/gitlab/ci/status/build/factory_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/factory_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Factory do
diff --git a/spec/lib/gitlab/ci/status/build/failed_allowed_spec.rb b/spec/lib/gitlab/ci/status/build/failed_allowed_spec.rb
index 2a5915d75d0..01500689619 100644
--- a/spec/lib/gitlab/ci/status/build/failed_allowed_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/failed_allowed_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::FailedAllowed do
diff --git a/spec/lib/gitlab/ci/status/build/failed_spec.rb b/spec/lib/gitlab/ci/status/build/failed_spec.rb
index e424270f7c5..78f5214ca81 100644
--- a/spec/lib/gitlab/ci/status/build/failed_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/failed_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Failed do
diff --git a/spec/lib/gitlab/ci/status/build/failed_unmet_prerequisites_spec.rb b/spec/lib/gitlab/ci/status/build/failed_unmet_prerequisites_spec.rb
index a4854bdc6b9..19a3c82eac7 100644
--- a/spec/lib/gitlab/ci/status/build/failed_unmet_prerequisites_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/failed_unmet_prerequisites_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 RSpec.describe Gitlab::Ci::Status::Build::FailedUnmetPrerequisites do
diff --git a/spec/lib/gitlab/ci/status/build/manual_spec.rb b/spec/lib/gitlab/ci/status/build/manual_spec.rb
index 6386296f992..bffe2c10d12 100644
--- a/spec/lib/gitlab/ci/status/build/manual_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/manual_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Manual do
diff --git a/spec/lib/gitlab/ci/status/build/pending_spec.rb b/spec/lib/gitlab/ci/status/build/pending_spec.rb
index 4cf70828e53..64d57954c15 100644
--- a/spec/lib/gitlab/ci/status/build/pending_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/pending_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Pending do
diff --git a/spec/lib/gitlab/ci/status/build/play_spec.rb b/spec/lib/gitlab/ci/status/build/play_spec.rb
index 02f8c4c114b..bb12a900b55 100644
--- a/spec/lib/gitlab/ci/status/build/play_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/play_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Play do
diff --git a/spec/lib/gitlab/ci/status/build/retried_spec.rb b/spec/lib/gitlab/ci/status/build/retried_spec.rb
index 76c2fb01e3f..fce497d40a1 100644
--- a/spec/lib/gitlab/ci/status/build/retried_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/retried_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Retried do
diff --git a/spec/lib/gitlab/ci/status/build/retryable_spec.rb b/spec/lib/gitlab/ci/status/build/retryable_spec.rb
index 84d98588f2d..5b0ae315927 100644
--- a/spec/lib/gitlab/ci/status/build/retryable_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/retryable_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Retryable do
diff --git a/spec/lib/gitlab/ci/status/build/scheduled_spec.rb b/spec/lib/gitlab/ci/status/build/scheduled_spec.rb
index 68b87fea75d..8f87da10815 100644
--- a/spec/lib/gitlab/ci/status/build/scheduled_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/scheduled_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Scheduled do
diff --git a/spec/lib/gitlab/ci/status/build/skipped_spec.rb b/spec/lib/gitlab/ci/status/build/skipped_spec.rb
index 46f6933025a..7ce5142da78 100644
--- a/spec/lib/gitlab/ci/status/build/skipped_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/skipped_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Skipped do
diff --git a/spec/lib/gitlab/ci/status/build/stop_spec.rb b/spec/lib/gitlab/ci/status/build/stop_spec.rb
index 5b7534c96c1..d3e98400a53 100644
--- a/spec/lib/gitlab/ci/status/build/stop_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/stop_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Stop do
diff --git a/spec/lib/gitlab/ci/status/build/unschedule_spec.rb b/spec/lib/gitlab/ci/status/build/unschedule_spec.rb
index ed046d66ca5..c18fc3252b4 100644
--- a/spec/lib/gitlab/ci/status/build/unschedule_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/unschedule_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Build::Unschedule do
diff --git a/spec/lib/gitlab/ci/status/canceled_spec.rb b/spec/lib/gitlab/ci/status/canceled_spec.rb
index dc74d7e28c5..6cfcea4fdde 100644
--- a/spec/lib/gitlab/ci/status/canceled_spec.rb
+++ b/spec/lib/gitlab/ci/status/canceled_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Canceled do
diff --git a/spec/lib/gitlab/ci/status/created_spec.rb b/spec/lib/gitlab/ci/status/created_spec.rb
index ce4333f2aca..aeb41e9cfc3 100644
--- a/spec/lib/gitlab/ci/status/created_spec.rb
+++ b/spec/lib/gitlab/ci/status/created_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Created do
diff --git a/spec/lib/gitlab/ci/status/extended_spec.rb b/spec/lib/gitlab/ci/status/extended_spec.rb
index 6eacb07078b..8accfc4a2f9 100644
--- a/spec/lib/gitlab/ci/status/extended_spec.rb
+++ b/spec/lib/gitlab/ci/status/extended_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Extended do
diff --git a/spec/lib/gitlab/ci/status/external/common_spec.rb b/spec/lib/gitlab/ci/status/external/common_spec.rb
index 0d02c371a92..983522fa2d6 100644
--- a/spec/lib/gitlab/ci/status/external/common_spec.rb
+++ b/spec/lib/gitlab/ci/status/external/common_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::External::Common do
diff --git a/spec/lib/gitlab/ci/status/external/factory_spec.rb b/spec/lib/gitlab/ci/status/external/factory_spec.rb
index 529d02a3e39..3b90fb60cca 100644
--- a/spec/lib/gitlab/ci/status/external/factory_spec.rb
+++ b/spec/lib/gitlab/ci/status/external/factory_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::External::Factory do
diff --git a/spec/lib/gitlab/ci/status/factory_spec.rb b/spec/lib/gitlab/ci/status/factory_spec.rb
index bbf9c7c83a3..b51c0bec47e 100644
--- a/spec/lib/gitlab/ci/status/factory_spec.rb
+++ b/spec/lib/gitlab/ci/status/factory_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Factory do
diff --git a/spec/lib/gitlab/ci/status/failed_spec.rb b/spec/lib/gitlab/ci/status/failed_spec.rb
index a4a92117c7f..5c7393fc8cf 100644
--- a/spec/lib/gitlab/ci/status/failed_spec.rb
+++ b/spec/lib/gitlab/ci/status/failed_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Failed do
diff --git a/spec/lib/gitlab/ci/status/group/common_spec.rb b/spec/lib/gitlab/ci/status/group/common_spec.rb
index c0ca05881f5..35fff30ea9d 100644
--- a/spec/lib/gitlab/ci/status/group/common_spec.rb
+++ b/spec/lib/gitlab/ci/status/group/common_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Group::Common do
diff --git a/spec/lib/gitlab/ci/status/group/factory_spec.rb b/spec/lib/gitlab/ci/status/group/factory_spec.rb
index 0cd83123938..be76a1d5a65 100644
--- a/spec/lib/gitlab/ci/status/group/factory_spec.rb
+++ b/spec/lib/gitlab/ci/status/group/factory_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Group::Factory do
diff --git a/spec/lib/gitlab/ci/status/manual_spec.rb b/spec/lib/gitlab/ci/status/manual_spec.rb
index 0463f2e1aff..0839452ec22 100644
--- a/spec/lib/gitlab/ci/status/manual_spec.rb
+++ b/spec/lib/gitlab/ci/status/manual_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Manual do
diff --git a/spec/lib/gitlab/ci/status/pending_spec.rb b/spec/lib/gitlab/ci/status/pending_spec.rb
index 0e25358dd8a..5f830e5bb56 100644
--- a/spec/lib/gitlab/ci/status/pending_spec.rb
+++ b/spec/lib/gitlab/ci/status/pending_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Pending do
diff --git a/spec/lib/gitlab/ci/status/pipeline/blocked_spec.rb b/spec/lib/gitlab/ci/status/pipeline/blocked_spec.rb
index 1a2b952d374..876ba712d05 100644
--- a/spec/lib/gitlab/ci/status/pipeline/blocked_spec.rb
+++ b/spec/lib/gitlab/ci/status/pipeline/blocked_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Pipeline::Blocked do
diff --git a/spec/lib/gitlab/ci/status/pipeline/common_spec.rb b/spec/lib/gitlab/ci/status/pipeline/common_spec.rb
index 57df8325635..d3251d138b8 100644
--- a/spec/lib/gitlab/ci/status/pipeline/common_spec.rb
+++ b/spec/lib/gitlab/ci/status/pipeline/common_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Pipeline::Common do
diff --git a/spec/lib/gitlab/ci/status/pipeline/delayed_spec.rb b/spec/lib/gitlab/ci/status/pipeline/delayed_spec.rb
index f89712d2b03..90b797965b3 100644
--- a/spec/lib/gitlab/ci/status/pipeline/delayed_spec.rb
+++ b/spec/lib/gitlab/ci/status/pipeline/delayed_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Pipeline::Delayed do
diff --git a/spec/lib/gitlab/ci/status/pipeline/factory_spec.rb b/spec/lib/gitlab/ci/status/pipeline/factory_spec.rb
index 466087a0e31..8a36cd1b658 100644
--- a/spec/lib/gitlab/ci/status/pipeline/factory_spec.rb
+++ b/spec/lib/gitlab/ci/status/pipeline/factory_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Pipeline::Factory do
diff --git a/spec/lib/gitlab/ci/status/running_spec.rb b/spec/lib/gitlab/ci/status/running_spec.rb
index 9c9d431bb5d..75ff58c5c98 100644
--- a/spec/lib/gitlab/ci/status/running_spec.rb
+++ b/spec/lib/gitlab/ci/status/running_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Running do
diff --git a/spec/lib/gitlab/ci/status/scheduled_spec.rb b/spec/lib/gitlab/ci/status/scheduled_spec.rb
index b8ca3caa1f7..a0374e1a87b 100644
--- a/spec/lib/gitlab/ci/status/scheduled_spec.rb
+++ b/spec/lib/gitlab/ci/status/scheduled_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Scheduled do
diff --git a/spec/lib/gitlab/ci/status/skipped_spec.rb b/spec/lib/gitlab/ci/status/skipped_spec.rb
index 63694ca0ea6..7f68d4a2fa9 100644
--- a/spec/lib/gitlab/ci/status/skipped_spec.rb
+++ b/spec/lib/gitlab/ci/status/skipped_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Skipped do
diff --git a/spec/lib/gitlab/ci/status/stage/common_spec.rb b/spec/lib/gitlab/ci/status/stage/common_spec.rb
index bb2d0a2c75c..26ff0e901fd 100644
--- a/spec/lib/gitlab/ci/status/stage/common_spec.rb
+++ b/spec/lib/gitlab/ci/status/stage/common_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Stage::Common do
diff --git a/spec/lib/gitlab/ci/status/stage/factory_spec.rb b/spec/lib/gitlab/ci/status/stage/factory_spec.rb
index 4b299170c87..8f5b1ff62a5 100644
--- a/spec/lib/gitlab/ci/status/stage/factory_spec.rb
+++ b/spec/lib/gitlab/ci/status/stage/factory_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Stage::Factory do
diff --git a/spec/lib/gitlab/ci/status/success_spec.rb b/spec/lib/gitlab/ci/status/success_spec.rb
index 2f67df71c4f..d4b3a9f12cc 100644
--- a/spec/lib/gitlab/ci/status/success_spec.rb
+++ b/spec/lib/gitlab/ci/status/success_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::Success do
diff --git a/spec/lib/gitlab/ci/status/success_warning_spec.rb b/spec/lib/gitlab/ci/status/success_warning_spec.rb
index 9493b1d89f2..af952011e21 100644
--- a/spec/lib/gitlab/ci/status/success_warning_spec.rb
+++ b/spec/lib/gitlab/ci/status/success_warning_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Status::SuccessWarning do
diff --git a/spec/lib/gitlab/ci/trace/chunked_io_spec.rb b/spec/lib/gitlab/ci/trace/chunked_io_spec.rb
index 3e5cd81f929..e5948f07c70 100644
--- a/spec/lib/gitlab/ci/trace/chunked_io_spec.rb
+++ b/spec/lib/gitlab/ci/trace/chunked_io_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Trace::ChunkedIO, :clean_gitlab_redis_cache do
diff --git a/spec/lib/gitlab/ci/trace/section_parser_spec.rb b/spec/lib/gitlab/ci/trace/section_parser_spec.rb
index ca53ff87c6f..5e2efe083be 100644
--- a/spec/lib/gitlab/ci/trace/section_parser_spec.rb
+++ b/spec/lib/gitlab/ci/trace/section_parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Trace::SectionParser do
diff --git a/spec/lib/gitlab/ci/trace_spec.rb b/spec/lib/gitlab/ci/trace_spec.rb
index d6510649dba..f7bc5686b68 100644
--- a/spec/lib/gitlab/ci/trace_spec.rb
+++ b/spec/lib/gitlab/ci/trace_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Trace, :clean_gitlab_redis_shared_state do
diff --git a/spec/lib/gitlab/ci/variables/collection/item_spec.rb b/spec/lib/gitlab/ci/variables/collection/item_spec.rb
index 613814df23f..1bdca753cd3 100644
--- a/spec/lib/gitlab/ci/variables/collection/item_spec.rb
+++ b/spec/lib/gitlab/ci/variables/collection/item_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Variables::Collection::Item do
diff --git a/spec/lib/gitlab/ci/variables/collection_spec.rb b/spec/lib/gitlab/ci/variables/collection_spec.rb
index 8e732d44d5d..59b9f7d4fb9 100644
--- a/spec/lib/gitlab/ci/variables/collection_spec.rb
+++ b/spec/lib/gitlab/ci/variables/collection_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Ci::Variables::Collection do
diff --git a/spec/lib/gitlab/ci/yaml_processor_spec.rb b/spec/lib/gitlab/ci/yaml_processor_spec.rb
index 789d6813d5b..fc9d4f97bda 100644
--- a/spec/lib/gitlab/ci/yaml_processor_spec.rb
+++ b/spec/lib/gitlab/ci/yaml_processor_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 module Gitlab
diff --git a/spec/lib/gitlab/ci_access_spec.rb b/spec/lib/gitlab/ci_access_spec.rb
index 75b90e76083..3c68d209eb6 100644
--- a/spec/lib/gitlab/ci_access_spec.rb
+++ b/spec/lib/gitlab/ci_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::CiAccess do
diff --git a/spec/lib/gitlab/closing_issue_extractor_spec.rb b/spec/lib/gitlab/closing_issue_extractor_spec.rb
index 44568f2a653..fdd01f58c9d 100644
--- a/spec/lib/gitlab/closing_issue_extractor_spec.rb
+++ b/spec/lib/gitlab/closing_issue_extractor_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::ClosingIssueExtractor do
diff --git a/spec/lib/gitlab/color_schemes_spec.rb b/spec/lib/gitlab/color_schemes_spec.rb
index c7be45dbcd3..ba5573f6901 100644
--- a/spec/lib/gitlab/color_schemes_spec.rb
+++ b/spec/lib/gitlab/color_schemes_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::ColorSchemes do
diff --git a/spec/lib/gitlab/config/entry/attributable_spec.rb b/spec/lib/gitlab/config/entry/attributable_spec.rb
index abb4fff3ad7..82614bb8238 100644
--- a/spec/lib/gitlab/config/entry/attributable_spec.rb
+++ b/spec/lib/gitlab/config/entry/attributable_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Config::Entry::Attributable do
diff --git a/spec/lib/gitlab/config/entry/boolean_spec.rb b/spec/lib/gitlab/config/entry/boolean_spec.rb
index 1b7a3f850ec..0b8b720dd80 100644
--- a/spec/lib/gitlab/config/entry/boolean_spec.rb
+++ b/spec/lib/gitlab/config/entry/boolean_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Config::Entry::Boolean do
diff --git a/spec/lib/gitlab/config/entry/configurable_spec.rb b/spec/lib/gitlab/config/entry/configurable_spec.rb
index 62dbf20ddf8..8c3a4490d08 100644
--- a/spec/lib/gitlab/config/entry/configurable_spec.rb
+++ b/spec/lib/gitlab/config/entry/configurable_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Config::Entry::Configurable do
diff --git a/spec/lib/gitlab/config/entry/factory_spec.rb b/spec/lib/gitlab/config/entry/factory_spec.rb
index 42f8be8e141..a614ef56a78 100644
--- a/spec/lib/gitlab/config/entry/factory_spec.rb
+++ b/spec/lib/gitlab/config/entry/factory_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Config::Entry::Factory do
diff --git a/spec/lib/gitlab/config/entry/simplifiable_spec.rb b/spec/lib/gitlab/config/entry/simplifiable_spec.rb
index bc8387ada67..65e18fe3f10 100644
--- a/spec/lib/gitlab/config/entry/simplifiable_spec.rb
+++ b/spec/lib/gitlab/config/entry/simplifiable_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Config::Entry::Simplifiable do
diff --git a/spec/lib/gitlab/config/entry/undefined_spec.rb b/spec/lib/gitlab/config/entry/undefined_spec.rb
index 48f9d276c95..83c3a6aec72 100644
--- a/spec/lib/gitlab/config/entry/undefined_spec.rb
+++ b/spec/lib/gitlab/config/entry/undefined_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Config::Entry::Undefined do
diff --git a/spec/lib/gitlab/config/entry/unspecified_spec.rb b/spec/lib/gitlab/config/entry/unspecified_spec.rb
index 64421824a12..32c52594ecf 100644
--- a/spec/lib/gitlab/config/entry/unspecified_spec.rb
+++ b/spec/lib/gitlab/config/entry/unspecified_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Config::Entry::Unspecified do
diff --git a/spec/lib/gitlab/config/entry/validatable_spec.rb b/spec/lib/gitlab/config/entry/validatable_spec.rb
index 5a8f9766d23..925db3594ba 100644
--- a/spec/lib/gitlab/config/entry/validatable_spec.rb
+++ b/spec/lib/gitlab/config/entry/validatable_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Config::Entry::Validatable do
diff --git a/spec/lib/gitlab/config/entry/validator_spec.rb b/spec/lib/gitlab/config/entry/validator_spec.rb
index efa16c4265c..7bf350912df 100644
--- a/spec/lib/gitlab/config/entry/validator_spec.rb
+++ b/spec/lib/gitlab/config/entry/validator_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Config::Entry::Validator do
diff --git a/spec/lib/gitlab/config/loader/yaml_spec.rb b/spec/lib/gitlab/config/loader/yaml_spec.rb
index 0affeb01f6a..ccddf340c3d 100644
--- a/spec/lib/gitlab/config/loader/yaml_spec.rb
+++ b/spec/lib/gitlab/config/loader/yaml_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Config::Loader::Yaml do
diff --git a/spec/lib/gitlab/conflict/file_collection_spec.rb b/spec/lib/gitlab/conflict/file_collection_spec.rb
index c93912db411..f3cdb1a9e59 100644
--- a/spec/lib/gitlab/conflict/file_collection_spec.rb
+++ b/spec/lib/gitlab/conflict/file_collection_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Conflict::FileCollection do
diff --git a/spec/lib/gitlab/conflict/file_spec.rb b/spec/lib/gitlab/conflict/file_spec.rb
index a955ce54e85..adf5a232a75 100644
--- a/spec/lib/gitlab/conflict/file_spec.rb
+++ b/spec/lib/gitlab/conflict/file_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Conflict::File do
diff --git a/spec/lib/gitlab/contributions_calendar_spec.rb b/spec/lib/gitlab/contributions_calendar_spec.rb
index 51e5bdc6307..1154f029a8d 100644
--- a/spec/lib/gitlab/contributions_calendar_spec.rb
+++ b/spec/lib/gitlab/contributions_calendar_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::ContributionsCalendar do
diff --git a/spec/lib/gitlab/cross_project_access/check_collection_spec.rb b/spec/lib/gitlab/cross_project_access/check_collection_spec.rb
index a9e7575240e..1aa5480b670 100644
--- a/spec/lib/gitlab/cross_project_access/check_collection_spec.rb
+++ b/spec/lib/gitlab/cross_project_access/check_collection_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::CrossProjectAccess::CheckCollection do
diff --git a/spec/lib/gitlab/cross_project_access/check_info_spec.rb b/spec/lib/gitlab/cross_project_access/check_info_spec.rb
index ea7393a7006..7d2471b6327 100644
--- a/spec/lib/gitlab/cross_project_access/check_info_spec.rb
+++ b/spec/lib/gitlab/cross_project_access/check_info_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::CrossProjectAccess::CheckInfo do
diff --git a/spec/lib/gitlab/cross_project_access/class_methods_spec.rb b/spec/lib/gitlab/cross_project_access/class_methods_spec.rb
index 5349685e633..17d265542dd 100644
--- a/spec/lib/gitlab/cross_project_access/class_methods_spec.rb
+++ b/spec/lib/gitlab/cross_project_access/class_methods_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::CrossProjectAccess::ClassMethods do
diff --git a/spec/lib/gitlab/cross_project_access_spec.rb b/spec/lib/gitlab/cross_project_access_spec.rb
index 614b0473c7e..ce18d207413 100644
--- a/spec/lib/gitlab/cross_project_access_spec.rb
+++ b/spec/lib/gitlab/cross_project_access_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::CrossProjectAccess do
diff --git a/spec/lib/gitlab/crypto_helper_spec.rb b/spec/lib/gitlab/crypto_helper_spec.rb
index 05cc6cf15de..71bbeccb17b 100644
--- a/spec/lib/gitlab/crypto_helper_spec.rb
+++ b/spec/lib/gitlab/crypto_helper_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::CryptoHelper do
diff --git a/spec/lib/gitlab/current_settings_spec.rb b/spec/lib/gitlab/current_settings_spec.rb
index db31e5280a3..2759412add8 100644
--- a/spec/lib/gitlab/current_settings_spec.rb
+++ b/spec/lib/gitlab/current_settings_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::CurrentSettings do
diff --git a/spec/lib/gitlab/cycle_analytics/base_event_fetcher_spec.rb b/spec/lib/gitlab/cycle_analytics/base_event_fetcher_spec.rb
index b7a64adc2ff..3eea791d61a 100644
--- a/spec/lib/gitlab/cycle_analytics/base_event_fetcher_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/base_event_fetcher_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::CycleAnalytics::BaseEventFetcher do
diff --git a/spec/lib/gitlab/cycle_analytics/code_event_fetcher_spec.rb b/spec/lib/gitlab/cycle_analytics/code_event_fetcher_spec.rb
index 0267e8c2f69..b521ad0c6ea 100644
--- a/spec/lib/gitlab/cycle_analytics/code_event_fetcher_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/code_event_fetcher_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/cycle_analytics/shared_event_spec'
 
diff --git a/spec/lib/gitlab/cycle_analytics/code_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/code_stage_spec.rb
index 933f3c7896e..dd1d9ac0f16 100644
--- a/spec/lib/gitlab/cycle_analytics/code_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/code_stage_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/cycle_analytics/shared_stage_spec'
 
diff --git a/spec/lib/gitlab/cycle_analytics/events_spec.rb b/spec/lib/gitlab/cycle_analytics/events_spec.rb
index 5ee02650e49..a163de07967 100644
--- a/spec/lib/gitlab/cycle_analytics/events_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/events_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'cycle analytics events' do
diff --git a/spec/lib/gitlab/cycle_analytics/issue_event_fetcher_spec.rb b/spec/lib/gitlab/cycle_analytics/issue_event_fetcher_spec.rb
index fd9fa2fee49..afb7b6a13b0 100644
--- a/spec/lib/gitlab/cycle_analytics/issue_event_fetcher_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/issue_event_fetcher_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/cycle_analytics/shared_event_spec'
 
diff --git a/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb
index dea17e4f3dc..4dd21239cde 100644
--- a/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/issue_stage_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/cycle_analytics/shared_stage_spec'
 
diff --git a/spec/lib/gitlab/cycle_analytics/permissions_spec.rb b/spec/lib/gitlab/cycle_analytics/permissions_spec.rb
index f670c7f6c75..2896e973a43 100644
--- a/spec/lib/gitlab/cycle_analytics/permissions_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/permissions_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::CycleAnalytics::Permissions do
diff --git a/spec/lib/gitlab/cycle_analytics/plan_event_fetcher_spec.rb b/spec/lib/gitlab/cycle_analytics/plan_event_fetcher_spec.rb
index 2e5dc5b5547..17786cd02c6 100644
--- a/spec/lib/gitlab/cycle_analytics/plan_event_fetcher_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/plan_event_fetcher_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/cycle_analytics/shared_event_spec'
 
diff --git a/spec/lib/gitlab/cycle_analytics/plan_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/plan_stage_spec.rb
index 3cd1320ca9c..98d2593de66 100644
--- a/spec/lib/gitlab/cycle_analytics/plan_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/plan_stage_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/cycle_analytics/shared_stage_spec'
 
diff --git a/spec/lib/gitlab/cycle_analytics/production_event_fetcher_spec.rb b/spec/lib/gitlab/cycle_analytics/production_event_fetcher_spec.rb
index 74001181305..3ecfad49acd 100644
--- a/spec/lib/gitlab/cycle_analytics/production_event_fetcher_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/production_event_fetcher_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/cycle_analytics/shared_event_spec'
 
diff --git a/spec/lib/gitlab/cycle_analytics/production_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/production_stage_spec.rb
index 916684b81eb..4d0cc91a318 100644
--- a/spec/lib/gitlab/cycle_analytics/production_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/production_stage_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/cycle_analytics/shared_stage_spec'
 
diff --git a/spec/lib/gitlab/cycle_analytics/review_event_fetcher_spec.rb b/spec/lib/gitlab/cycle_analytics/review_event_fetcher_spec.rb
index 4f67c95ed4c..2c2169be58c 100644
--- a/spec/lib/gitlab/cycle_analytics/review_event_fetcher_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/review_event_fetcher_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/cycle_analytics/shared_event_spec'
 
diff --git a/spec/lib/gitlab/cycle_analytics/review_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/review_stage_spec.rb
index 6d14973c711..0f36a8c5c36 100644
--- a/spec/lib/gitlab/cycle_analytics/review_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/review_stage_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/cycle_analytics/shared_stage_spec'
 
diff --git a/spec/lib/gitlab/cycle_analytics/shared_event_spec.rb b/spec/lib/gitlab/cycle_analytics/shared_event_spec.rb
index b001a46001e..c053af010b3 100644
--- a/spec/lib/gitlab/cycle_analytics/shared_event_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/shared_event_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 shared_examples 'default query config' do
diff --git a/spec/lib/gitlab/cycle_analytics/shared_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/shared_stage_spec.rb
index c146146723f..cf95741908f 100644
--- a/spec/lib/gitlab/cycle_analytics/shared_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/shared_stage_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 shared_examples 'base stage' do
diff --git a/spec/lib/gitlab/cycle_analytics/stage_summary_spec.rb b/spec/lib/gitlab/cycle_analytics/stage_summary_spec.rb
index f8009709ce2..778c2f479b5 100644
--- a/spec/lib/gitlab/cycle_analytics/stage_summary_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/stage_summary_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::CycleAnalytics::StageSummary do
diff --git a/spec/lib/gitlab/cycle_analytics/staging_event_fetcher_spec.rb b/spec/lib/gitlab/cycle_analytics/staging_event_fetcher_spec.rb
index bbc82496340..016d2e8da5b 100644
--- a/spec/lib/gitlab/cycle_analytics/staging_event_fetcher_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/staging_event_fetcher_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/cycle_analytics/shared_event_spec'
 
diff --git a/spec/lib/gitlab/cycle_analytics/staging_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/staging_stage_spec.rb
index 9ca12cc448c..bd64c4aca42 100644
--- a/spec/lib/gitlab/cycle_analytics/staging_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/staging_stage_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/cycle_analytics/shared_stage_spec'
 
diff --git a/spec/lib/gitlab/cycle_analytics/test_event_fetcher_spec.rb b/spec/lib/gitlab/cycle_analytics/test_event_fetcher_spec.rb
index 6639fa54e0e..be7c0e9dd59 100644
--- a/spec/lib/gitlab/cycle_analytics/test_event_fetcher_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/test_event_fetcher_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/cycle_analytics/shared_event_spec'
 
diff --git a/spec/lib/gitlab/cycle_analytics/test_stage_spec.rb b/spec/lib/gitlab/cycle_analytics/test_stage_spec.rb
index 41028c44a00..9162686d17d 100644
--- a/spec/lib/gitlab/cycle_analytics/test_stage_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/test_stage_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'lib/gitlab/cycle_analytics/shared_stage_spec'
 
diff --git a/spec/lib/gitlab/cycle_analytics/updater_spec.rb b/spec/lib/gitlab/cycle_analytics/updater_spec.rb
index eff54cd3692..67f386f9144 100644
--- a/spec/lib/gitlab/cycle_analytics/updater_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/updater_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::CycleAnalytics::Updater do
diff --git a/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb b/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb
index 258ab049c0b..e568ea633db 100644
--- a/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb
+++ b/spec/lib/gitlab/cycle_analytics/usage_data_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::CycleAnalytics::UsageData do
diff --git a/spec/lib/gitlab/daemon_spec.rb b/spec/lib/gitlab/daemon_spec.rb
index 2bdb0dfc736..d3e73314b87 100644
--- a/spec/lib/gitlab/daemon_spec.rb
+++ b/spec/lib/gitlab/daemon_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Daemon do
diff --git a/spec/lib/gitlab/data_builder/build_spec.rb b/spec/lib/gitlab/data_builder/build_spec.rb
index 14fe196a986..b170ef788d9 100644
--- a/spec/lib/gitlab/data_builder/build_spec.rb
+++ b/spec/lib/gitlab/data_builder/build_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::DataBuilder::Build do
diff --git a/spec/lib/gitlab/data_builder/note_spec.rb b/spec/lib/gitlab/data_builder/note_spec.rb
index 1b5dd2538e0..3c26daba5a5 100644
--- a/spec/lib/gitlab/data_builder/note_spec.rb
+++ b/spec/lib/gitlab/data_builder/note_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::DataBuilder::Note do
diff --git a/spec/lib/gitlab/data_builder/pipeline_spec.rb b/spec/lib/gitlab/data_builder/pipeline_spec.rb
index 1f36fd5c6ef..4afb7195b7b 100644
--- a/spec/lib/gitlab/data_builder/pipeline_spec.rb
+++ b/spec/lib/gitlab/data_builder/pipeline_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::DataBuilder::Pipeline do
diff --git a/spec/lib/gitlab/data_builder/push_spec.rb b/spec/lib/gitlab/data_builder/push_spec.rb
index 46ad674a1eb..cc31f88d365 100644
--- a/spec/lib/gitlab/data_builder/push_spec.rb
+++ b/spec/lib/gitlab/data_builder/push_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::DataBuilder::Push do
diff --git a/spec/lib/gitlab/data_builder/wiki_page_spec.rb b/spec/lib/gitlab/data_builder/wiki_page_spec.rb
index 9c8bdf4b032..404d54bf2da 100644
--- a/spec/lib/gitlab/data_builder/wiki_page_spec.rb
+++ b/spec/lib/gitlab/data_builder/wiki_page_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::DataBuilder::WikiPage do
diff --git a/spec/lib/gitlab/database/count/exact_count_strategy_spec.rb b/spec/lib/gitlab/database/count/exact_count_strategy_spec.rb
index 0c1be4b4610..111833a506a 100644
--- a/spec/lib/gitlab/database/count/exact_count_strategy_spec.rb
+++ b/spec/lib/gitlab/database/count/exact_count_strategy_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Database::Count::ExactCountStrategy do
diff --git a/spec/lib/gitlab/database/count/reltuples_count_strategy_spec.rb b/spec/lib/gitlab/database/count/reltuples_count_strategy_spec.rb
index a528707c9dc..e49be9d5a1d 100644
--- a/spec/lib/gitlab/database/count/reltuples_count_strategy_spec.rb
+++ b/spec/lib/gitlab/database/count/reltuples_count_strategy_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Database::Count::ReltuplesCountStrategy do
diff --git a/spec/lib/gitlab/database/count/tablesample_count_strategy_spec.rb b/spec/lib/gitlab/database/count/tablesample_count_strategy_spec.rb
index a57f033b5ed..8d01ea930c5 100644
--- a/spec/lib/gitlab/database/count/tablesample_count_strategy_spec.rb
+++ b/spec/lib/gitlab/database/count/tablesample_count_strategy_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Database::Count::TablesampleCountStrategy do
diff --git a/spec/lib/gitlab/database/count_spec.rb b/spec/lib/gitlab/database/count_spec.rb
index 71d6633f62f..71c25f23b6b 100644
--- a/spec/lib/gitlab/database/count_spec.rb
+++ b/spec/lib/gitlab/database/count_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Database::Count do
diff --git a/spec/lib/gitlab/database/grant_spec.rb b/spec/lib/gitlab/database/grant_spec.rb
index 5ebf3f399b6..f305656568c 100644
--- a/spec/lib/gitlab/database/grant_spec.rb
+++ b/spec/lib/gitlab/database/grant_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Database::Grant do
diff --git a/spec/lib/gitlab/database/migration_helpers_spec.rb b/spec/lib/gitlab/database/migration_helpers_spec.rb
index b73828b9554..2731fc8573f 100644
--- a/spec/lib/gitlab/database/migration_helpers_spec.rb
+++ b/spec/lib/gitlab/database/migration_helpers_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Database::MigrationHelpers do
diff --git a/spec/lib/gitlab/database/multi_threaded_migration_spec.rb b/spec/lib/gitlab/database/multi_threaded_migration_spec.rb
index 6c45f13bb5a..53c001fbc1b 100644
--- a/spec/lib/gitlab/database/multi_threaded_migration_spec.rb
+++ b/spec/lib/gitlab/database/multi_threaded_migration_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Database::MultiThreadedMigration do
diff --git a/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_base_spec.rb b/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_base_spec.rb
index 81419e51635..612c418e8bb 100644
--- a/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_base_spec.rb
+++ b/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_base_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Database::RenameReservedPathsMigration::V1::RenameBase, :delete do
diff --git a/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_namespaces_spec.rb b/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_namespaces_spec.rb
index b6096d4faf6..8c4d7e323fa 100644
--- a/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_namespaces_spec.rb
+++ b/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_namespaces_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Database::RenameReservedPathsMigration::V1::RenameNamespaces, :delete do
diff --git a/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_projects_spec.rb b/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_projects_spec.rb
index d4d7a83921c..1ccdb1d9447 100644
--- a/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_projects_spec.rb
+++ b/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_projects_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Database::RenameReservedPathsMigration::V1::RenameProjects, :delete do
diff --git a/spec/lib/gitlab/database/rename_reserved_paths_migration/v1_spec.rb b/spec/lib/gitlab/database/rename_reserved_paths_migration/v1_spec.rb
index ddd54a669a3..b09258ae227 100644
--- a/spec/lib/gitlab/database/rename_reserved_paths_migration/v1_spec.rb
+++ b/spec/lib/gitlab/database/rename_reserved_paths_migration/v1_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 shared_examples 'renames child namespaces' do |type|
diff --git a/spec/lib/gitlab/database/sha_attribute_spec.rb b/spec/lib/gitlab/database/sha_attribute_spec.rb
index 778bfa2cc47..9dd80e0a229 100644
--- a/spec/lib/gitlab/database/sha_attribute_spec.rb
+++ b/spec/lib/gitlab/database/sha_attribute_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Database::ShaAttribute do
diff --git a/spec/lib/gitlab/database_spec.rb b/spec/lib/gitlab/database_spec.rb
index 9e8712266e8..bdc48934589 100644
--- a/spec/lib/gitlab/database_spec.rb
+++ b/spec/lib/gitlab/database_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Database do
diff --git a/spec/lib/gitlab/dependency_linker/cartfile_linker_spec.rb b/spec/lib/gitlab/dependency_linker/cartfile_linker_spec.rb
index 3a93d5e1e97..3eb5db51224 100644
--- a/spec/lib/gitlab/dependency_linker/cartfile_linker_spec.rb
+++ b/spec/lib/gitlab/dependency_linker/cartfile_linker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Gitlab::DependencyLinker::CartfileLinker do
diff --git a/spec/lib/gitlab/dependency_linker/composer_json_linker_spec.rb b/spec/lib/gitlab/dependency_linker/composer_json_linker_spec.rb
index 0ebd8994636..6bef6f57e64 100644
--- a/spec/lib/gitlab/dependency_linker/composer_json_linker_spec.rb
+++ b/spec/lib/gitlab/dependency_linker/composer_json_linker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Gitlab::DependencyLinker::ComposerJsonLinker do
diff --git a/spec/lib/gitlab/dependency_linker/gemfile_linker_spec.rb b/spec/lib/gitlab/dependency_linker/gemfile_linker_spec.rb
index f00f6b47b94..6ecdb0d1247 100644
--- a/spec/lib/gitlab/dependency_linker/gemfile_linker_spec.rb
+++ b/spec/lib/gitlab/dependency_linker/gemfile_linker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Gitlab::DependencyLinker::GemfileLinker do
diff --git a/spec/lib/gitlab/dependency_linker/gemspec_linker_spec.rb b/spec/lib/gitlab/dependency_linker/gemspec_linker_spec.rb
index 6c6a5d70576..256fe58925c 100644
--- a/spec/lib/gitlab/dependency_linker/gemspec_linker_spec.rb
+++ b/spec/lib/gitlab/dependency_linker/gemspec_linker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Gitlab::DependencyLinker::GemspecLinker do
diff --git a/spec/lib/gitlab/dependency_linker/godeps_json_linker_spec.rb b/spec/lib/gitlab/dependency_linker/godeps_json_linker_spec.rb
index ae5ad39ad11..f620d1b590c 100644
--- a/spec/lib/gitlab/dependency_linker/godeps_json_linker_spec.rb
+++ b/spec/lib/gitlab/dependency_linker/godeps_json_linker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Gitlab::DependencyLinker::GodepsJsonLinker do
diff --git a/spec/lib/gitlab/dependency_linker/package_json_linker_spec.rb b/spec/lib/gitlab/dependency_linker/package_json_linker_spec.rb
index 9050127af7f..71e9381eaad 100644
--- a/spec/lib/gitlab/dependency_linker/package_json_linker_spec.rb
+++ b/spec/lib/gitlab/dependency_linker/package_json_linker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Gitlab::DependencyLinker::PackageJsonLinker do
diff --git a/spec/lib/gitlab/dependency_linker/podfile_linker_spec.rb b/spec/lib/gitlab/dependency_linker/podfile_linker_spec.rb
index 8f1b523653e..eb81bc07760 100644
--- a/spec/lib/gitlab/dependency_linker/podfile_linker_spec.rb
+++ b/spec/lib/gitlab/dependency_linker/podfile_linker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Gitlab::DependencyLinker::PodfileLinker do
diff --git a/spec/lib/gitlab/dependency_linker/podspec_json_linker_spec.rb b/spec/lib/gitlab/dependency_linker/podspec_json_linker_spec.rb
index d4a398c5948..938726dd434 100644
--- a/spec/lib/gitlab/dependency_linker/podspec_json_linker_spec.rb
+++ b/spec/lib/gitlab/dependency_linker/podspec_json_linker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Gitlab::DependencyLinker::PodspecJsonLinker do
diff --git a/spec/lib/gitlab/dependency_linker/podspec_linker_spec.rb b/spec/lib/gitlab/dependency_linker/podspec_linker_spec.rb
index bacec830103..540eb2fadfe 100644
--- a/spec/lib/gitlab/dependency_linker/podspec_linker_spec.rb
+++ b/spec/lib/gitlab/dependency_linker/podspec_linker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Gitlab::DependencyLinker::PodspecLinker do
diff --git a/spec/lib/gitlab/dependency_linker/requirements_txt_linker_spec.rb b/spec/lib/gitlab/dependency_linker/requirements_txt_linker_spec.rb
index ef952b3abd5..957a87985a2 100644
--- a/spec/lib/gitlab/dependency_linker/requirements_txt_linker_spec.rb
+++ b/spec/lib/gitlab/dependency_linker/requirements_txt_linker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Gitlab::DependencyLinker::RequirementsTxtLinker do
diff --git a/spec/lib/gitlab/dependency_linker_spec.rb b/spec/lib/gitlab/dependency_linker_spec.rb
index 10d2f701298..98e46d62ca0 100644
--- a/spec/lib/gitlab/dependency_linker_spec.rb
+++ b/spec/lib/gitlab/dependency_linker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails_helper'
 
 describe Gitlab::DependencyLinker do
diff --git a/spec/lib/gitlab/diff/diff_refs_spec.rb b/spec/lib/gitlab/diff/diff_refs_spec.rb
index f9bfb4c469e..e12b46c15ad 100644
--- a/spec/lib/gitlab/diff/diff_refs_spec.rb
+++ b/spec/lib/gitlab/diff/diff_refs_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Diff::DiffRefs do
diff --git a/spec/lib/gitlab/diff/file_collection/merge_request_diff_spec.rb b/spec/lib/gitlab/diff/file_collection/merge_request_diff_spec.rb
index 0697594c725..d89be6fef4e 100644
--- a/spec/lib/gitlab/diff/file_collection/merge_request_diff_spec.rb
+++ b/spec/lib/gitlab/diff/file_collection/merge_request_diff_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Diff::FileCollection::MergeRequestDiff do
diff --git a/spec/lib/gitlab/diff/file_spec.rb b/spec/lib/gitlab/diff/file_spec.rb
index cc36060f864..716fc8ae987 100644
--- a/spec/lib/gitlab/diff/file_spec.rb
+++ b/spec/lib/gitlab/diff/file_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Diff::File do
diff --git a/spec/lib/gitlab/diff/formatters/image_formatter_spec.rb b/spec/lib/gitlab/diff/formatters/image_formatter_spec.rb
index 2f99febe04e..2e6eb71d37d 100644
--- a/spec/lib/gitlab/diff/formatters/image_formatter_spec.rb
+++ b/spec/lib/gitlab/diff/formatters/image_formatter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Diff::Formatters::ImageFormatter do
diff --git a/spec/lib/gitlab/diff/formatters/text_formatter_spec.rb b/spec/lib/gitlab/diff/formatters/text_formatter_spec.rb
index 897dc917f6a..33d4994f5db 100644
--- a/spec/lib/gitlab/diff/formatters/text_formatter_spec.rb
+++ b/spec/lib/gitlab/diff/formatters/text_formatter_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Diff::Formatters::TextFormatter do
diff --git a/spec/lib/gitlab/diff/highlight_spec.rb b/spec/lib/gitlab/diff/highlight_spec.rb
index 5d0a603d11d..f5d3d14ccc5 100644
--- a/spec/lib/gitlab/diff/highlight_spec.rb
+++ b/spec/lib/gitlab/diff/highlight_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Diff::Highlight do
diff --git a/spec/lib/gitlab/diff/inline_diff_markdown_marker_spec.rb b/spec/lib/gitlab/diff/inline_diff_markdown_marker_spec.rb
index 7e17437fa2a..a668bb464a4 100644
--- a/spec/lib/gitlab/diff/inline_diff_markdown_marker_spec.rb
+++ b/spec/lib/gitlab/diff/inline_diff_markdown_marker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Diff::InlineDiffMarkdownMarker do
diff --git a/spec/lib/gitlab/diff/inline_diff_marker_spec.rb b/spec/lib/gitlab/diff/inline_diff_marker_spec.rb
index 97e65318059..26b99870b31 100644
--- a/spec/lib/gitlab/diff/inline_diff_marker_spec.rb
+++ b/spec/lib/gitlab/diff/inline_diff_marker_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Diff::InlineDiffMarker do
diff --git a/spec/lib/gitlab/diff/inline_diff_spec.rb b/spec/lib/gitlab/diff/inline_diff_spec.rb
index 0a41362f606..fdbee3b4230 100644
--- a/spec/lib/gitlab/diff/inline_diff_spec.rb
+++ b/spec/lib/gitlab/diff/inline_diff_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Diff::InlineDiff do
diff --git a/spec/lib/gitlab/diff/line_mapper_spec.rb b/spec/lib/gitlab/diff/line_mapper_spec.rb
index 42750bf9ea1..1739bcd14a8 100644
--- a/spec/lib/gitlab/diff/line_mapper_spec.rb
+++ b/spec/lib/gitlab/diff/line_mapper_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Diff::LineMapper do
diff --git a/spec/lib/gitlab/diff/line_spec.rb b/spec/lib/gitlab/diff/line_spec.rb
index 76d411973c7..29b9951ba4c 100644
--- a/spec/lib/gitlab/diff/line_spec.rb
+++ b/spec/lib/gitlab/diff/line_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 describe Gitlab::Diff::Line do
   describe '.init_from_hash' do
     it 'round-trips correctly with to_hash' do
diff --git a/spec/lib/gitlab/diff/parallel_diff_spec.rb b/spec/lib/gitlab/diff/parallel_diff_spec.rb
index e9fc7be366a..7540da71086 100644
--- a/spec/lib/gitlab/diff/parallel_diff_spec.rb
+++ b/spec/lib/gitlab/diff/parallel_diff_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Diff::ParallelDiff do
diff --git a/spec/lib/gitlab/diff/parser_spec.rb b/spec/lib/gitlab/diff/parser_spec.rb
index 80c8c189665..00a446c4e20 100644
--- a/spec/lib/gitlab/diff/parser_spec.rb
+++ b/spec/lib/gitlab/diff/parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Diff::Parser do
diff --git a/spec/lib/gitlab/diff/position_spec.rb b/spec/lib/gitlab/diff/position_spec.rb
index b755cd1aff0..399787635c0 100644
--- a/spec/lib/gitlab/diff/position_spec.rb
+++ b/spec/lib/gitlab/diff/position_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Diff::Position do
diff --git a/spec/lib/gitlab/diff/position_tracer_spec.rb b/spec/lib/gitlab/diff/position_tracer_spec.rb
index 79b33d4d276..47d78e0b18c 100644
--- a/spec/lib/gitlab/diff/position_tracer_spec.rb
+++ b/spec/lib/gitlab/diff/position_tracer_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Diff::PositionTracer do
diff --git a/spec/lib/gitlab/downtime_check/message_spec.rb b/spec/lib/gitlab/downtime_check/message_spec.rb
index a5a398abf78..2beb5a19a32 100644
--- a/spec/lib/gitlab/downtime_check/message_spec.rb
+++ b/spec/lib/gitlab/downtime_check/message_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::DowntimeCheck::Message do
diff --git a/spec/lib/gitlab/downtime_check_spec.rb b/spec/lib/gitlab/downtime_check_spec.rb
index 1f1e4e0216c..56ad49d528f 100644
--- a/spec/lib/gitlab/downtime_check_spec.rb
+++ b/spec/lib/gitlab/downtime_check_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::DowntimeCheck do
diff --git a/spec/lib/gitlab/email/attachment_uploader_spec.rb b/spec/lib/gitlab/email/attachment_uploader_spec.rb
index 45c690842bc..d66a746284d 100644
--- a/spec/lib/gitlab/email/attachment_uploader_spec.rb
+++ b/spec/lib/gitlab/email/attachment_uploader_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe Gitlab::Email::AttachmentUploader do
diff --git a/spec/lib/gitlab/email/hook/additional_headers_interceptor_spec.rb b/spec/lib/gitlab/email/hook/additional_headers_interceptor_spec.rb
index ae61ece8029..65e4e27d56f 100644
--- a/spec/lib/gitlab/email/hook/additional_headers_interceptor_spec.rb
+++ b/spec/lib/gitlab/email/hook/additional_headers_interceptor_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Email::Hook::AdditionalHeadersInterceptor do
diff --git a/spec/lib/gitlab/email/hook/delivery_metrics_observer_spec.rb b/spec/lib/gitlab/email/hook/delivery_metrics_observer_spec.rb
index 4497d4002da..24da47c42ac 100644
--- a/spec/lib/gitlab/email/hook/delivery_metrics_observer_spec.rb
+++ b/spec/lib/gitlab/email/hook/delivery_metrics_observer_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Email::Hook::DeliveryMetricsObserver do
diff --git a/spec/lib/gitlab/email/hook/disable_email_interceptor_spec.rb b/spec/lib/gitlab/email/hook/disable_email_interceptor_spec.rb
index 91aa3bc7c2e..0c58cf088cc 100644
--- a/spec/lib/gitlab/email/hook/disable_email_interceptor_spec.rb
+++ b/spec/lib/gitlab/email/hook/disable_email_interceptor_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Email::Hook::DisableEmailInterceptor do
diff --git a/spec/lib/gitlab/email/message/repository_push_spec.rb b/spec/lib/gitlab/email/message/repository_push_spec.rb
index 0ec1f931037..84c5b38127e 100644
--- a/spec/lib/gitlab/email/message/repository_push_spec.rb
+++ b/spec/lib/gitlab/email/message/repository_push_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Email::Message::RepositoryPush do
diff --git a/spec/lib/gitlab/email/receiver_spec.rb b/spec/lib/gitlab/email/receiver_spec.rb
index 0af978eced3..c9fde06cbae 100644
--- a/spec/lib/gitlab/email/receiver_spec.rb
+++ b/spec/lib/gitlab/email/receiver_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::Email::Receiver do
diff --git a/spec/lib/gitlab/email/reply_parser_spec.rb b/spec/lib/gitlab/email/reply_parser_spec.rb
index 376d3accd55..646575b2edd 100644
--- a/spec/lib/gitlab/email/reply_parser_spec.rb
+++ b/spec/lib/gitlab/email/reply_parser_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "spec_helper"
 
 # Inspired in great part by Discourse's Email::Receiver
diff --git a/spec/lib/gitlab/encoding_helper_spec.rb b/spec/lib/gitlab/encoding_helper_spec.rb
index 88ea98eb1e1..86e8db3bc15 100644
--- a/spec/lib/gitlab/encoding_helper_spec.rb
+++ b/spec/lib/gitlab/encoding_helper_spec.rb
@@ -1,4 +1,6 @@
 # coding: utf-8
+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe Gitlab::EncodingHelper do
diff --git a/spec/lib/gitlab/etag_caching/middleware_spec.rb b/spec/lib/gitlab/etag_caching/middleware_spec.rb
index 4a54d641b4e..9ead55075fa 100644
--- a/spec/lib/gitlab/etag_caching/middleware_spec.rb
+++ b/spec/lib/gitlab/etag_caching/middleware_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::EtagCaching::Middleware do
diff --git a/spec/lib/gitlab/etag_caching/router_spec.rb b/spec/lib/gitlab/etag_caching/router_spec.rb
index a7cb0bb2a87..fbc49d894a6 100644
--- a/spec/lib/gitlab/etag_caching/router_spec.rb
+++ b/spec/lib/gitlab/etag_caching/router_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Gitlab::EtagCaching::Router do
-- 
cgit v1.2.1


From d9db8d85b321a64d2f0b3108d40e66968218835a Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Thu, 25 Jul 2019 22:17:26 +1200
Subject: Fix cannot modify frozen string

Note that Performance/UnfreezeString recommends unary plus over
"".dup, but unary plus has lower precedence so we have to use
parenthesis
---
 spec/lib/banzai/filter/table_of_contents_filter_spec.rb | 10 +++++-----
 spec/lib/gitlab/auth/o_auth/auth_hash_spec.rb           | 12 ++++++------
 spec/lib/gitlab/ci/trace/chunked_io_spec.rb             |  2 +-
 spec/lib/gitlab/encoding_helper_spec.rb                 | 12 ++++++------
 4 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/spec/lib/banzai/filter/table_of_contents_filter_spec.rb b/spec/lib/banzai/filter/table_of_contents_filter_spec.rb
index cd3bdf49496..5ca3c722e3e 100644
--- a/spec/lib/banzai/filter/table_of_contents_filter_spec.rb
+++ b/spec/lib/banzai/filter/table_of_contents_filter_spec.rb
@@ -114,11 +114,11 @@ describe Banzai::Filter::TableOfContentsFilter do
     context 'table of contents nesting' do
       let(:results) do
         result(
-          header(1, 'Header 1') <<
-          header(2, 'Header 1-1') <<
-          header(3, 'Header 1-1-1') <<
-          header(2, 'Header 1-2') <<
-          header(1, 'Header 2') <<
+          header(1, 'Header 1') +
+          header(2, 'Header 1-1') +
+          header(3, 'Header 1-1-1') +
+          header(2, 'Header 1-2') +
+          header(1, 'Header 2') +
           header(2, 'Header 2-1')
         )
       end
diff --git a/spec/lib/gitlab/auth/o_auth/auth_hash_spec.rb b/spec/lib/gitlab/auth/o_auth/auth_hash_spec.rb
index 25532b7a68a..a2d9e27ea5b 100644
--- a/spec/lib/gitlab/auth/o_auth/auth_hash_spec.rb
+++ b/spec/lib/gitlab/auth/o_auth/auth_hash_spec.rb
@@ -15,13 +15,13 @@ describe Gitlab::Auth::OAuth::AuthHash do
   end
 
   let(:uid_raw) do
-    "CN=Onur K\xC3\xBC\xC3\xA7\xC3\xBCk,OU=Test,DC=example,DC=net"
+    +"CN=Onur K\xC3\xBC\xC3\xA7\xC3\xBCk,OU=Test,DC=example,DC=net"
   end
-  let(:email_raw) { "onur.k\xC3\xBC\xC3\xA7\xC3\xBCk_ABC-123@example.net" }
-  let(:nickname_raw) { "ok\xC3\xBC\xC3\xA7\xC3\xBCk" }
-  let(:first_name_raw) { 'Onur' }
-  let(:last_name_raw) { "K\xC3\xBC\xC3\xA7\xC3\xBCk" }
-  let(:name_raw) { "Onur K\xC3\xBC\xC3\xA7\xC3\xBCk" }
+  let(:email_raw) { +"onur.k\xC3\xBC\xC3\xA7\xC3\xBCk_ABC-123@example.net" }
+  let(:nickname_raw) { +"ok\xC3\xBC\xC3\xA7\xC3\xBCk" }
+  let(:first_name_raw) { +'Onur' }
+  let(:last_name_raw) { +"K\xC3\xBC\xC3\xA7\xC3\xBCk" }
+  let(:name_raw) { +"Onur K\xC3\xBC\xC3\xA7\xC3\xBCk" }
 
   let(:uid_ascii) { uid_raw.force_encoding(Encoding::ASCII_8BIT) }
   let(:email_ascii) { email_raw.force_encoding(Encoding::ASCII_8BIT) }
diff --git a/spec/lib/gitlab/ci/trace/chunked_io_spec.rb b/spec/lib/gitlab/ci/trace/chunked_io_spec.rb
index e5948f07c70..e0077a5280a 100644
--- a/spec/lib/gitlab/ci/trace/chunked_io_spec.rb
+++ b/spec/lib/gitlab/ci/trace/chunked_io_spec.rb
@@ -314,7 +314,7 @@ describe Gitlab::Ci::Trace::ChunkedIO, :clean_gitlab_redis_cache do
     end
 
     context 'when utf-8 is being used' do
-      let(:sample_trace_raw) { sample_trace_raw_utf8.force_encoding(Encoding::BINARY) }
+      let(:sample_trace_raw) { sample_trace_raw_utf8.dup.force_encoding(Encoding::BINARY) }
       let(:sample_trace_raw_utf8) { "😺\n😺\n😺\n😺" }
 
       before do
diff --git a/spec/lib/gitlab/encoding_helper_spec.rb b/spec/lib/gitlab/encoding_helper_spec.rb
index 86e8db3bc15..b24b71522ec 100644
--- a/spec/lib/gitlab/encoding_helper_spec.rb
+++ b/spec/lib/gitlab/encoding_helper_spec.rb
@@ -11,8 +11,8 @@ describe Gitlab::EncodingHelper do
     [
       ["nil", nil, nil],
       ["empty string", "".encode("ASCII-8BIT"), "".encode("UTF-8")],
-      ["invalid utf-8 encoded string", "my bad string\xE5".force_encoding("UTF-8"), "my bad string"],
-      ["frozen non-ascii string", "é".force_encoding("ASCII-8BIT").freeze, "é".encode("UTF-8")],
+      ["invalid utf-8 encoded string", (+"my bad string\xE5").force_encoding("UTF-8"), "my bad string"],
+      ["frozen non-ascii string", (+"é").force_encoding("ASCII-8BIT").freeze, "é".encode("UTF-8")],
       [
         'leaves ascii only string as is',
         'ascii only string',
@@ -25,7 +25,7 @@ describe Gitlab::EncodingHelper do
       ],
       [
         'removes invalid bytes from ASCII-8bit encoded multibyte string. This can occur when a git diff match line truncates in the middle of a multibyte character. This occurs after the second word in this example. The test string is as short as we can get while still triggering the error condition when not looking at `detect[:confidence]`.',
-        "mu ns\xC3\n Lorem ipsum dolor sit amet, consectetur adipisicing ut\xC3\xA0y\xC3\xB9abcd\xC3\xB9efg kia elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non p\n {: .normal_pn}\n \n-Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in\n# *Lorem ipsum\xC3\xB9l\xC3\xB9l\xC3\xA0 dolor\xC3\xB9k\xC3\xB9 sit\xC3\xA8b\xC3\xA8 N\xC3\xA8 amet b\xC3\xA0d\xC3\xAC*\n+# *consectetur\xC3\xB9l\xC3\xB9l\xC3\xA0 adipisicing\xC3\xB9k\xC3\xB9 elit\xC3\xA8b\xC3\xA8 N\xC3\xA8 sed do\xC3\xA0d\xC3\xAC*{: .italic .smcaps}\n \n \xEF\x9B\xA1 eiusmod tempor incididunt, ut\xC3\xAAn\xC3\xB9 labore et dolore. Tw\xC4\x83nj\xC3\xAC magna aliqua. Ut enim ad minim veniam\n {: .normal}\n@@ -9,5 +9,5 @@ quis nostrud\xC3\xAAt\xC3\xB9 exercitiation ullamco laboris m\xC3\xB9s\xC3\xB9k\xC3\xB9abc\xC3\xB9 nisi ".force_encoding('ASCII-8BIT'),
+        (+"mu ns\xC3\n Lorem ipsum dolor sit amet, consectetur adipisicing ut\xC3\xA0y\xC3\xB9abcd\xC3\xB9efg kia elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non p\n {: .normal_pn}\n \n-Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in\n# *Lorem ipsum\xC3\xB9l\xC3\xB9l\xC3\xA0 dolor\xC3\xB9k\xC3\xB9 sit\xC3\xA8b\xC3\xA8 N\xC3\xA8 amet b\xC3\xA0d\xC3\xAC*\n+# *consectetur\xC3\xB9l\xC3\xB9l\xC3\xA0 adipisicing\xC3\xB9k\xC3\xB9 elit\xC3\xA8b\xC3\xA8 N\xC3\xA8 sed do\xC3\xA0d\xC3\xAC*{: .italic .smcaps}\n \n \xEF\x9B\xA1 eiusmod tempor incididunt, ut\xC3\xAAn\xC3\xB9 labore et dolore. Tw\xC4\x83nj\xC3\xAC magna aliqua. Ut enim ad minim veniam\n {: .normal}\n@@ -9,5 +9,5 @@ quis nostrud\xC3\xAAt\xC3\xB9 exercitiation ullamco laboris m\xC3\xB9s\xC3\xB9k\xC3\xB9abc\xC3\xB9 nisi ").force_encoding('ASCII-8BIT'),
         "mu ns\n Lorem ipsum dolor sit amet, consectetur adipisicing ut\xC3\xA0y\xC3\xB9abcd\xC3\xB9efg kia elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non p\n {: .normal_pn}\n \n-Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in\n# *Lorem ipsum\xC3\xB9l\xC3\xB9l\xC3\xA0 dolor\xC3\xB9k\xC3\xB9 sit\xC3\xA8b\xC3\xA8 N\xC3\xA8 amet b\xC3\xA0d\xC3\xAC*\n+# *consectetur\xC3\xB9l\xC3\xB9l\xC3\xA0 adipisicing\xC3\xB9k\xC3\xB9 elit\xC3\xA8b\xC3\xA8 N\xC3\xA8 sed do\xC3\xA0d\xC3\xAC*{: .italic .smcaps}\n \n \xEF\x9B\xA1 eiusmod tempor incididunt, ut\xC3\xAAn\xC3\xB9 labore et dolore. Tw\xC4\x83nj\xC3\xAC magna aliqua. Ut enim ad minim veniam\n {: .normal}\n@@ -9,5 +9,5 @@ quis nostrud\xC3\xAAt\xC3\xB9 exercitiation ullamco laboris m\xC3\xB9s\xC3\xB9k\xC3\xB9abc\xC3\xB9 nisi "
       ],
       [
@@ -95,7 +95,7 @@ describe Gitlab::EncodingHelper do
     [
       ["nil", nil, nil],
       ["empty string", "".encode("ASCII-8BIT"), "".encode("UTF-8")],
-      ["invalid utf-8 encoded string", "my bad string\xE5".force_encoding("UTF-8"), "my bad stringå"],
+      ["invalid utf-8 encoded string", (+"my bad string\xE5").force_encoding("UTF-8"), "my bad stringå"],
       [
         "encodes valid utf8 encoded string to utf8",
         "λ, λ, λ".encode("UTF-8"),
@@ -162,12 +162,12 @@ describe Gitlab::EncodingHelper do
       ],
       [
         'removes invalid bytes from ASCII-8bit encoded multibyte string.',
-        "Lorem ipsum\xC3\n dolor sit amet, xy\xC3\xA0y\xC3\xB9abcd\xC3\xB9efg".force_encoding('ASCII-8BIT'),
+        (+"Lorem ipsum\xC3\n dolor sit amet, xy\xC3\xA0y\xC3\xB9abcd\xC3\xB9efg").force_encoding('ASCII-8BIT'),
         "Lorem ipsum\n dolor sit amet, xyàyùabcdùefg"
       ],
       [
         'handles UTF-16BE encoded strings',
-        "\xFE\xFF\x00\x41".force_encoding('ASCII-8BIT'), # An "A" prepended with UTF-16 BOM
+        (+"\xFE\xFF\x00\x41").force_encoding('ASCII-8BIT'), # An "A" prepended with UTF-16 BOM
         "\xEF\xBB\xBFA" # An "A" prepended with UTF-8 BOM
       ]
     ].each do |description, test_string, xpect|
-- 
cgit v1.2.1


From ca9b067e3444b90fd5261d30a735b2a10586336f Mon Sep 17 00:00:00 2001
From: Tristan Read <tread@gitlab.com>
Date: Fri, 26 Jul 2019 01:41:54 +0000
Subject: Feature test for gfm embedding metrics

---
 spec/features/markdown/metrics_spec.rb     | 60 ++++++++++++++++++++++++++++++
 spec/support/helpers/prometheus_helpers.rb |  8 ++++
 2 files changed, 68 insertions(+)
 create mode 100644 spec/features/markdown/metrics_spec.rb

diff --git a/spec/features/markdown/metrics_spec.rb b/spec/features/markdown/metrics_spec.rb
new file mode 100644
index 00000000000..aa53ac50c78
--- /dev/null
+++ b/spec/features/markdown/metrics_spec.rb
@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'Metrics rendering', :js, :use_clean_rails_memory_store_caching do
+  include PrometheusHelpers
+
+  let(:user) { create(:user) }
+  let(:project) { create(:prometheus_project) }
+  let(:environment) { create(:environment, project: project) }
+  let(:issue) { create(:issue, project: project, description: description) }
+  let(:description) { "See [metrics dashboard](#{metrics_url}) for info." }
+  let(:metrics_url) { metrics_project_environment_url(project, environment) }
+
+  before do
+    configure_host
+    import_common_metrics
+    stub_any_prometheus_request_with_response
+
+    project.add_developer(user)
+
+    sign_in(user)
+  end
+
+  after do
+    restore_host
+  end
+
+  context 'with deployments and related deployable present' do
+    it 'shows embedded metrics' do
+      visit project_issue_path(project, issue)
+
+      expect(page).to have_css('div.prometheus-graph')
+      expect(page).to have_text('Memory Usage (Total)')
+      expect(page).to have_text('Core Usage (Total)')
+    end
+  end
+
+  def import_common_metrics
+    ::Gitlab::DatabaseImporters::CommonMetrics::Importer.new.execute
+  end
+
+  def configure_host
+    @original_default_host = default_url_options[:host]
+    @original_gitlab_url = Gitlab.config.gitlab[:url]
+
+    # Ensure we create a metrics url with the right host.
+    # Configure host for route helpers in specs (also updates root_url):
+    default_url_options[:host] = Capybara.server_host
+
+    # Ensure we identify urls with the appropriate host.
+    # Configure host to include port in app:
+    Gitlab.config.gitlab[:url] = root_url.chomp('/')
+  end
+
+  def restore_host
+    default_url_options[:host] = @original_default_host
+    Gitlab.config.gitlab[:url] = @original_gitlab_url
+  end
+end
diff --git a/spec/support/helpers/prometheus_helpers.rb b/spec/support/helpers/prometheus_helpers.rb
index 4d39d9df494..7c03746a395 100644
--- a/spec/support/helpers/prometheus_helpers.rb
+++ b/spec/support/helpers/prometheus_helpers.rb
@@ -76,6 +76,14 @@ module PrometheusHelpers
     WebMock.stub_request(:any, /prometheus.example.com/)
   end
 
+  def stub_any_prometheus_request_with_response(status: 200, headers: {}, body: nil)
+    stub_any_prometheus_request.to_return({
+      status: status,
+      headers: { 'Content-Type' => 'application/json' }.merge(headers),
+      body: body || prometheus_values_body.to_json
+    })
+  end
+
   def stub_all_prometheus_requests(environment_slug, body: nil, status: 200)
     stub_prometheus_request(
       prometheus_query_with_time_url(prometheus_memory_query(environment_slug), Time.now.utc),
-- 
cgit v1.2.1


From 10a42a8a76c281fad735f89cb3c37caf2acd6e04 Mon Sep 17 00:00:00 2001
From: Mario de la Ossa <mariodelaossa@gmail.com>
Date: Tue, 23 Jul 2019 21:36:07 -0600
Subject: Respect alt email when sending group access notifications

When sending access granted/rejected emails we should also respect
custom emails set for groups/sub-groups
---
 app/mailers/emails/members.rb                       | 17 ++++++++++-------
 app/mailers/notify.rb                               | 12 ++++++++----
 app/mailers/previews/notify_preview.rb              |  8 ++++++--
 app/services/notification_service.rb                |  2 +-
 ...3568-access-email-notifications-custom-email.yml |  5 +++++
 spec/mailers/notify_spec.rb                         | 21 ++++++++++++++-------
 .../shared_examples/notify_shared_examples.rb       |  2 +-
 7 files changed, 45 insertions(+), 22 deletions(-)
 create mode 100644 changelogs/unreleased/63568-access-email-notifications-custom-email.yml

diff --git a/app/mailers/emails/members.rb b/app/mailers/emails/members.rb
index 2bfa59774d7..76fa7236ab1 100644
--- a/app/mailers/emails/members.rb
+++ b/app/mailers/emails/members.rb
@@ -9,11 +9,11 @@ module Emails
       helper_method :member_source, :member
     end
 
-    def member_access_requested_email(member_source_type, member_id, recipient_notification_email)
+    def member_access_requested_email(member_source_type, member_id, recipient_id)
       @member_source_type = member_source_type
       @member_id = member_id
 
-      mail(to: recipient_notification_email,
+      mail(to: recipient(recipient_id, notification_group),
            subject: subject("Request to join the #{member_source.human_name} #{member_source.model_name.singular}"))
     end
 
@@ -21,16 +21,15 @@ module Emails
       @member_source_type = member_source_type
       @member_id = member_id
 
-      mail(to: member.user.notification_email,
+      mail(to: recipient(member.user, notification_group),
            subject: subject("Access to the #{member_source.human_name} #{member_source.model_name.singular} was granted"))
     end
 
     def member_access_denied_email(member_source_type, source_id, user_id)
       @member_source_type = member_source_type
       @member_source = member_source_class.find(source_id)
-      requester = User.find(user_id)
 
-      mail(to: requester.notification_email,
+      mail(to: recipient(user_id, notification_group),
            subject: subject("Access to the #{member_source.human_name} #{member_source.model_name.singular} was denied"))
     end
 
@@ -48,7 +47,7 @@ module Emails
       @member_id = member_id
       return unless member.created_by
 
-      mail(to: member.created_by.notification_email,
+      mail(to: recipient(member.created_by, notification_group),
            subject: subject('Invitation accepted'))
     end
 
@@ -59,7 +58,7 @@ module Emails
       @member_source = member_source_class.find(source_id)
       @invite_email = invite_email
 
-      mail(to: recipient(created_by_id, member_source_type == 'Project' ? @member_source.group : @member_source),
+      mail(to: recipient(created_by_id, notification_group),
            subject: subject('Invitation declined'))
     end
 
@@ -71,6 +70,10 @@ module Emails
       @member_source ||= member.source
     end
 
+    def notification_group
+      @member_source_type.casecmp?('project') ? member_source.group : member_source
+    end
+
     private
 
     def member_source_class
diff --git a/app/mailers/notify.rb b/app/mailers/notify.rb
index 8ef20a03541..5d292094a05 100644
--- a/app/mailers/notify.rb
+++ b/app/mailers/notify.rb
@@ -71,14 +71,18 @@ class Notify < BaseMailer
     address.format
   end
 
-  # Look up a User by their ID and return their email address
+  # Look up a User's notification email for a particular context.
+  # Can look up by their ID or can accept a User object.
   #
-  # recipient_id       - User ID
+  # recipient          - User object OR a User ID
   # notification_group - The parent group of the notification
   #
   # Returns a String containing the User's email address.
-  def recipient(recipient_id, notification_group = nil)
-    User.find(recipient_id).notification_email_for(notification_group)
+  def recipient(recipient, notification_group = nil)
+    user = recipient if recipient.is_a?(User)
+    user ||= User.find(recipient)
+
+    user.notification_email_for(notification_group)
   end
 
   # Formats arguments into a String suitable for use as an email subject
diff --git a/app/mailers/previews/notify_preview.rb b/app/mailers/previews/notify_preview.rb
index 80e0a17c312..b3fab930922 100644
--- a/app/mailers/previews/notify_preview.rb
+++ b/app/mailers/previews/notify_preview.rb
@@ -105,11 +105,11 @@ class NotifyPreview < ActionMailer::Preview
   end
 
   def member_access_granted_email
-    Notify.member_access_granted_email('project', user.id).message
+    Notify.member_access_granted_email(member.source_type, member.id).message
   end
 
   def member_access_requested_email
-    Notify.member_access_requested_email('group', user.id, 'some@example.com').message
+    Notify.member_access_requested_email('group', user.id, user.id).message
   end
 
   def member_invite_accepted_email
@@ -183,6 +183,10 @@ class NotifyPreview < ActionMailer::Preview
     @user ||= User.last
   end
 
+  def member
+    @member ||= Member.last
+  end
+
   def create_note(params)
     Notes::CreateService.new(project, user, params).execute
   end
diff --git a/app/services/notification_service.rb b/app/services/notification_service.rb
index a55771ed538..21fab22e0d4 100644
--- a/app/services/notification_service.rb
+++ b/app/services/notification_service.rb
@@ -595,7 +595,7 @@ class NotificationService
   end
 
   def deliver_access_request_email(recipient, member)
-    mailer.member_access_requested_email(member.real_source_type, member.id, recipient.user.notification_email).deliver_later
+    mailer.member_access_requested_email(member.real_source_type, member.id, recipient.user.id).deliver_later
   end
 
   def fallback_to_group_owners_maintainers?(recipients, member)
diff --git a/changelogs/unreleased/63568-access-email-notifications-custom-email.yml b/changelogs/unreleased/63568-access-email-notifications-custom-email.yml
new file mode 100644
index 00000000000..ece6442d7cf
--- /dev/null
+++ b/changelogs/unreleased/63568-access-email-notifications-custom-email.yml
@@ -0,0 +1,5 @@
+---
+title: Respect group notification email when sending group access notifications
+merge_request: 31089
+author:
+type: fixed
diff --git a/spec/mailers/notify_spec.rb b/spec/mailers/notify_spec.rb
index 56bbcc4c306..dcc4b70a382 100644
--- a/spec/mailers/notify_spec.rb
+++ b/spec/mailers/notify_spec.rb
@@ -640,7 +640,7 @@ describe Notify do
         project.request_access(user)
         project.requesters.find_by(user_id: user.id)
       end
-      subject { described_class.member_access_requested_email('project', project_member.id, recipient.notification_email) }
+      subject { described_class.member_access_requested_email('project', project_member.id, recipient.id) }
 
       it_behaves_like 'an email sent from GitLab'
       it_behaves_like 'it should not have Gmail Actions links'
@@ -737,9 +737,9 @@ describe Notify do
 
     describe 'project invitation accepted' do
       let(:invited_user) { create(:user, name: 'invited user') }
-      let(:maintainer) { create(:user).tap { |u| project.add_maintainer(u) } }
+      let(:recipient) { create(:user).tap { |u| project.add_maintainer(u) } }
       let(:project_member) do
-        invitee = invite_to_project(project, inviter: maintainer)
+        invitee = invite_to_project(project, inviter: recipient)
         invitee.accept_invite!(invited_user)
         invitee
       end
@@ -747,6 +747,7 @@ describe Notify do
       subject { described_class.member_invite_accepted_email('project', project_member.id) }
 
       it_behaves_like 'an email sent from GitLab'
+      it_behaves_like 'an email sent to a user'
       it_behaves_like 'it should not have Gmail Actions links'
       it_behaves_like "a user cannot unsubscribe through footer link"
       it_behaves_like 'appearance header and footer enabled'
@@ -762,16 +763,17 @@ describe Notify do
     end
 
     describe 'project invitation declined' do
-      let(:maintainer) { create(:user).tap { |u| project.add_maintainer(u) } }
+      let(:recipient) { create(:user).tap { |u| project.add_maintainer(u) } }
       let(:project_member) do
-        invitee = invite_to_project(project, inviter: maintainer)
+        invitee = invite_to_project(project, inviter: recipient)
         invitee.decline_invite!
         invitee
       end
 
-      subject { described_class.member_invite_declined_email('Project', project.id, project_member.invite_email, maintainer.id) }
+      subject { described_class.member_invite_declined_email('Project', project.id, project_member.invite_email, recipient.id) }
 
       it_behaves_like 'an email sent from GitLab'
+      it_behaves_like 'an email sent to a user'
       it_behaves_like 'it should not have Gmail Actions links'
       it_behaves_like "a user cannot unsubscribe through footer link"
       it_behaves_like 'appearance header and footer enabled'
@@ -1087,9 +1089,10 @@ describe Notify do
         group.request_access(user)
         group.requesters.find_by(user_id: user.id)
       end
-      subject { described_class.member_access_requested_email('group', group_member.id, recipient.notification_email) }
+      subject { described_class.member_access_requested_email('group', group_member.id, recipient.id) }
 
       it_behaves_like 'an email sent from GitLab'
+      it_behaves_like 'an email sent to a user'
       it_behaves_like 'it should not have Gmail Actions links'
       it_behaves_like "a user cannot unsubscribe through footer link"
       it_behaves_like 'appearance header and footer enabled'
@@ -1111,9 +1114,11 @@ describe Notify do
         group.request_access(user)
         group.requesters.find_by(user_id: user.id)
       end
+      let(:recipient) { user }
       subject { described_class.member_access_denied_email('group', group.id, user.id) }
 
       it_behaves_like 'an email sent from GitLab'
+      it_behaves_like 'an email sent to a user'
       it_behaves_like 'it should not have Gmail Actions links'
       it_behaves_like "a user cannot unsubscribe through footer link"
       it_behaves_like 'appearance header and footer enabled'
@@ -1128,10 +1133,12 @@ describe Notify do
 
     describe 'group access changed' do
       let(:group_member) { create(:group_member, group: group, user: user) }
+      let(:recipient) { user }
 
       subject { described_class.member_access_granted_email('group', group_member.id) }
 
       it_behaves_like 'an email sent from GitLab'
+      it_behaves_like 'an email sent to a user'
       it_behaves_like 'it should not have Gmail Actions links'
       it_behaves_like "a user cannot unsubscribe through footer link"
       it_behaves_like 'appearance header and footer enabled'
diff --git a/spec/support/shared_examples/notify_shared_examples.rb b/spec/support/shared_examples/notify_shared_examples.rb
index 4452b1c82cb..ffc439b63ea 100644
--- a/spec/support/shared_examples/notify_shared_examples.rb
+++ b/spec/support/shared_examples/notify_shared_examples.rb
@@ -50,7 +50,7 @@ shared_examples 'an email sent to a user' do
     it 'is sent to user\'s group notification email' do
       group_notification_email = 'user+group@example.com'
 
-      create(:notification_setting, user: recipient, source: project.group, notification_email: group_notification_email)
+      create(:notification_setting, user: recipient, source: group, notification_email: group_notification_email)
 
       expect(subject).to deliver_to(group_notification_email)
     end
-- 
cgit v1.2.1


From 6cfd13726fbce725633d95140dd0e4bf1779c5db Mon Sep 17 00:00:00 2001
From: manojmj <mmj@gitlab.com>
Date: Wed, 24 Jul 2019 19:45:50 +0530
Subject: CE: Add project download & project export audit event

This change adds audit events for
download of repository and export of
project.
---
 doc/administration/audit_events.md | 2 ++
 lib/api/helpers.rb                 | 4 ++++
 lib/api/helpers/runner.rb          | 2 +-
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/doc/administration/audit_events.md b/doc/administration/audit_events.md
index aaa43f67760..02de2caf558 100644
--- a/doc/administration/audit_events.md
+++ b/doc/administration/audit_events.md
@@ -73,6 +73,8 @@ From there, you can see the following actions:
 - User was added to project and with which [permissions]
 - Permission changes of a user assigned to a project
 - User was removed from project
+- Project export was downloaded
+- Project repository was downloaded
 
 ### Instance events **(PREMIUM ONLY)**
 
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 8ae42c6dadd..1aa6dc44bf7 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -544,5 +544,9 @@ module API
 
       params[:archived]
     end
+
+    def ip_address
+      env["action_dispatch.remote_ip"].to_s || request.ip
+    end
   end
 end
diff --git a/lib/api/helpers/runner.rb b/lib/api/helpers/runner.rb
index 100463fcb95..5b87eccf860 100644
--- a/lib/api/helpers/runner.rb
+++ b/lib/api/helpers/runner.rb
@@ -25,7 +25,7 @@ module API
       end
 
       def get_runner_ip
-        { ip_address: env["action_dispatch.remote_ip"].to_s || request.ip }
+        { ip_address: ip_address }
       end
 
       def current_runner
-- 
cgit v1.2.1


From 929b403d21308cb7843aa474bfba599345b706b4 Mon Sep 17 00:00:00 2001
From: Imre Farkas <ifarkas@gitlab.com>
Date: Fri, 26 Jul 2019 07:05:50 +0000
Subject: Ensure Warden triggers after_authentication callback

By not triggering the callback:
- ActiveSession lookup keys are not cleaned
- Devise also misses its hook related to session cleanup
---
 .../concerns/authenticates_with_two_factor.rb      |  4 +--
 app/controllers/omniauth_callbacks_controller.rb   |  2 +-
 app/controllers/sessions_controller.rb             | 11 +++++++
 .../unreleased/64257-warden_set_user_fix.yml       |  5 +++
 lib/gitlab/auth/activity.rb                        |  7 ++--
 spec/features/oauth_login_spec.rb                  |  1 +
 spec/features/users/login_spec.rb                  | 38 ++++++++++++++++------
 7 files changed, 53 insertions(+), 15 deletions(-)
 create mode 100644 changelogs/unreleased/64257-warden_set_user_fix.yml

diff --git a/app/controllers/concerns/authenticates_with_two_factor.rb b/app/controllers/concerns/authenticates_with_two_factor.rb
index 4926062f9ca..8c8f0b3a22e 100644
--- a/app/controllers/concerns/authenticates_with_two_factor.rb
+++ b/app/controllers/concerns/authenticates_with_two_factor.rb
@@ -55,7 +55,7 @@ module AuthenticatesWithTwoFactor
 
       remember_me(user) if user_params[:remember_me] == '1'
       user.save!
-      sign_in(user, message: :two_factor_authenticated)
+      sign_in(user, message: :two_factor_authenticated, event: :authentication)
     else
       user.increment_failed_attempts!
       Gitlab::AppLogger.info("Failed Login: user=#{user.username} ip=#{request.remote_ip} method=OTP")
@@ -72,7 +72,7 @@ module AuthenticatesWithTwoFactor
       session.delete(:challenge)
 
       remember_me(user) if user_params[:remember_me] == '1'
-      sign_in(user, message: :two_factor_authenticated)
+      sign_in(user, message: :two_factor_authenticated, event: :authentication)
     else
       user.increment_failed_attempts!
       Gitlab::AppLogger.info("Failed Login: user=#{user.username} ip=#{request.remote_ip} method=U2F")
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
index 2a8dd997d04..b1efa767154 100644
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -139,7 +139,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
       if user.two_factor_enabled? && !auth_user.bypass_two_factor?
         prompt_for_two_factor(user)
       else
-        sign_in_and_redirect(user)
+        sign_in_and_redirect(user, event: :authentication)
       end
     else
       fail_login(user)
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 7604b31467a..1880bead3ee 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -26,6 +26,17 @@ class SessionsController < Devise::SessionsController
   after_action :log_failed_login, if: -> { action_name == 'new' && failed_login? }
   helper_method :captcha_enabled?
 
+  # protect_from_forgery is already prepended in ApplicationController but
+  # authenticate_with_two_factor which signs in the user is prepended before
+  # that here.
+  # We need to make sure CSRF token is verified before authenticating the user
+  # because Devise.clean_up_csrf_token_on_authentication is set to true by
+  # default to avoid CSRF token fixation attacks. Authenticating the user first
+  # would cause the CSRF token to be cleared and then
+  # RequestForgeryProtection#verify_authenticity_token would fail because of
+  # token mismatch.
+  protect_from_forgery with: :exception, prepend: true
+
   CAPTCHA_HEADER = 'X-GitLab-Show-Login-Captcha'.freeze
 
   def new
diff --git a/changelogs/unreleased/64257-warden_set_user_fix.yml b/changelogs/unreleased/64257-warden_set_user_fix.yml
new file mode 100644
index 00000000000..7b6818876fb
--- /dev/null
+++ b/changelogs/unreleased/64257-warden_set_user_fix.yml
@@ -0,0 +1,5 @@
+---
+title: Ensure Warden triggers after_authentication callback
+merge_request: 31138
+author:
+type: fixed
diff --git a/lib/gitlab/auth/activity.rb b/lib/gitlab/auth/activity.rb
index 558628b5422..988ff196193 100644
--- a/lib/gitlab/auth/activity.rb
+++ b/lib/gitlab/auth/activity.rb
@@ -37,14 +37,17 @@ module Gitlab
 
       def user_authenticated!
         self.class.user_authenticated_counter_increment!
+
+        case @opts[:message]
+        when :two_factor_authenticated
+          self.class.user_two_factor_authenticated_counter_increment!
+        end
       end
 
       def user_session_override!
         self.class.user_session_override_counter_increment!
 
         case @opts[:message]
-        when :two_factor_authenticated
-          self.class.user_two_factor_authenticated_counter_increment!
         when :sessionless_sign_in
           self.class.user_sessionless_authentication_counter_increment!
         end
diff --git a/spec/features/oauth_login_spec.rb b/spec/features/oauth_login_spec.rb
index 86331728f88..54705cd51b0 100644
--- a/spec/features/oauth_login_spec.rb
+++ b/spec/features/oauth_login_spec.rb
@@ -34,6 +34,7 @@ describe 'OAuth Login', :js, :allow_forgery_protection do
 
       before do
         stub_omniauth_config(provider)
+        expect(ActiveSession).to receive(:cleanup).with(user).at_least(:once).and_call_original
       end
 
       context 'when two-factor authentication is disabled' do
diff --git a/spec/features/users/login_spec.rb b/spec/features/users/login_spec.rb
index efba303033b..1ea88010c89 100644
--- a/spec/features/users/login_spec.rb
+++ b/spec/features/users/login_spec.rb
@@ -132,7 +132,6 @@ describe 'Login' do
       it 'does not show a "You are already signed in." error message' do
         expect(authentication_metrics)
           .to increment(:user_authenticated_counter)
-          .and increment(:user_session_override_counter)
           .and increment(:user_two_factor_authenticated_counter)
 
         enter_code(user.current_otp)
@@ -144,7 +143,6 @@ describe 'Login' do
         it 'allows login with valid code' do
           expect(authentication_metrics)
             .to increment(:user_authenticated_counter)
-            .and increment(:user_session_override_counter)
             .and increment(:user_two_factor_authenticated_counter)
 
           enter_code(user.current_otp)
@@ -170,7 +168,6 @@ describe 'Login' do
         it 'allows login with invalid code, then valid code' do
           expect(authentication_metrics)
             .to increment(:user_authenticated_counter)
-            .and increment(:user_session_override_counter)
             .and increment(:user_two_factor_authenticated_counter)
 
           enter_code('foo')
@@ -179,6 +176,15 @@ describe 'Login' do
           enter_code(user.current_otp)
           expect(current_path).to eq root_path
         end
+
+        it 'triggers ActiveSession.cleanup for the user' do
+          expect(authentication_metrics)
+            .to increment(:user_authenticated_counter)
+            .and increment(:user_two_factor_authenticated_counter)
+          expect(ActiveSession).to receive(:cleanup).with(user).once.and_call_original
+
+          enter_code(user.current_otp)
+        end
       end
 
       context 'using backup code' do
@@ -195,7 +201,6 @@ describe 'Login' do
           it 'allows login' do
             expect(authentication_metrics)
               .to increment(:user_authenticated_counter)
-              .and increment(:user_session_override_counter)
               .and increment(:user_two_factor_authenticated_counter)
 
             enter_code(codes.sample)
@@ -206,7 +211,6 @@ describe 'Login' do
           it 'invalidates the used code' do
             expect(authentication_metrics)
               .to increment(:user_authenticated_counter)
-              .and increment(:user_session_override_counter)
               .and increment(:user_two_factor_authenticated_counter)
 
             expect { enter_code(codes.sample) }
@@ -216,7 +220,6 @@ describe 'Login' do
           it 'invalidates backup codes twice in a row' do
             expect(authentication_metrics)
               .to increment(:user_authenticated_counter).twice
-              .and increment(:user_session_override_counter).twice
               .and increment(:user_two_factor_authenticated_counter).twice
               .and increment(:user_session_destroyed_counter)
 
@@ -230,6 +233,15 @@ describe 'Login' do
             expect { enter_code(codes.sample) }
               .to change { user.reload.otp_backup_codes.size }.by(-1)
           end
+
+          it 'triggers ActiveSession.cleanup for the user' do
+            expect(authentication_metrics)
+              .to increment(:user_authenticated_counter)
+                    .and increment(:user_two_factor_authenticated_counter)
+            expect(ActiveSession).to receive(:cleanup).with(user).once.and_call_original
+
+            enter_code(codes.sample)
+          end
         end
 
         context 'with invalid code' do
@@ -274,7 +286,7 @@ describe 'Login' do
 
           expect(authentication_metrics)
             .to increment(:user_authenticated_counter)
-            .and increment(:user_session_override_counter)
+          expect(ActiveSession).to receive(:cleanup).with(user).once.and_call_original
 
           sign_in_using_saml!
 
@@ -287,8 +299,8 @@ describe 'Login' do
         it 'shows 2FA prompt after OAuth login' do
           expect(authentication_metrics)
             .to increment(:user_authenticated_counter)
-            .and increment(:user_session_override_counter)
             .and increment(:user_two_factor_authenticated_counter)
+          expect(ActiveSession).to receive(:cleanup).with(user).once.and_call_original
 
           sign_in_using_saml!
 
@@ -329,6 +341,14 @@ describe 'Login' do
 
         expect(page).not_to have_content(I18n.t('devise.failure.already_authenticated'))
       end
+
+      it 'triggers ActiveSession.cleanup for the user' do
+        expect(authentication_metrics)
+          .to increment(:user_authenticated_counter)
+        expect(ActiveSession).to receive(:cleanup).with(user).once.and_call_original
+
+        gitlab_sign_in(user)
+      end
     end
 
     context 'with invalid username and password' do
@@ -649,7 +669,6 @@ describe 'Login' do
         it 'asks the user to accept the terms' do
           expect(authentication_metrics)
             .to increment(:user_authenticated_counter)
-            .and increment(:user_session_override_counter)
             .and increment(:user_two_factor_authenticated_counter)
 
           visit new_user_session_path
@@ -708,7 +727,6 @@ describe 'Login' do
       it 'asks the user to accept the terms before setting an email' do
         expect(authentication_metrics)
           .to increment(:user_authenticated_counter)
-          .and increment(:user_session_override_counter)
 
         gitlab_sign_in_via('saml', user, 'my-uid')
 
-- 
cgit v1.2.1


From 355a2df560dea2719a027ada718a923ab7876ffe Mon Sep 17 00:00:00 2001
From: Patrick Derichs <pderichs@gitlab.com>
Date: Fri, 26 Jul 2019 09:10:27 +0200
Subject: Use NotesFinder in module IssuableActions

Add spec for concern IssuableActions

Add shared samples for discussions endpoint

Add schema validations for discussions

Fix rubocop style issue

Make target assignable

Use new possibility to provide target
---
 app/controllers/concerns/issuable_actions.rb       | 22 ++++---
 app/finders/notes_finder.rb                        | 38 ++++++++----
 spec/controllers/concerns/issuable_actions_spec.rb | 69 ++++++++++++++++++++++
 .../controllers/projects/issues_controller_spec.rb | 22 +++++++
 .../projects/merge_requests_controller_spec.rb     | 16 +++++
 spec/finders/notes_finder_spec.rb                  | 31 +++++++---
 spec/fixtures/api/schemas/entities/discussion.json | 67 +++++++++++++++++++++
 .../fixtures/api/schemas/entities/discussions.json |  4 ++
 .../discussions_provider_shared_examples.rb        | 15 +++++
 9 files changed, 260 insertions(+), 24 deletions(-)
 create mode 100644 spec/controllers/concerns/issuable_actions_spec.rb
 create mode 100644 spec/fixtures/api/schemas/entities/discussion.json
 create mode 100644 spec/fixtures/api/schemas/entities/discussions.json
 create mode 100644 spec/support/shared_examples/discussions_provider_shared_examples.rb

diff --git a/app/controllers/concerns/issuable_actions.rb b/app/controllers/concerns/issuable_actions.rb
index 6fa2f75be33..94d1e8248fc 100644
--- a/app/controllers/concerns/issuable_actions.rb
+++ b/app/controllers/concerns/issuable_actions.rb
@@ -98,13 +98,12 @@ module IssuableActions
     render json: { notice: "#{quantity} #{resource_name.pluralize(quantity)} updated" }
   end
 
-  # rubocop: disable CodeReuse/ActiveRecord
+  # rubocop:disable CodeReuse/ActiveRecord
   def discussions
-    notes = issuable.discussion_notes
-      .inc_relations_for_view
-      .with_notes_filter(notes_filter)
-      .includes(:noteable)
-      .fresh
+    notes = NotesFinder.new(project, current_user, finder_params_for_issuable).execute
+                .inc_relations_for_view
+                .includes(:noteable)
+                .fresh
 
     if notes_filter != UserPreference::NOTES_FILTERS[:only_comments]
       notes = ResourceEvents::MergeIntoNotesService.new(issuable, current_user).execute(notes)
@@ -117,7 +116,7 @@ module IssuableActions
 
     render json: discussion_serializer.represent(discussions, context: self)
   end
-  # rubocop: enable CodeReuse/ActiveRecord
+  # rubocop:enable CodeReuse/ActiveRecord
 
   private
 
@@ -222,4 +221,13 @@ module IssuableActions
   def parent
     @project || @group # rubocop:disable Gitlab/ModuleWithInstanceVariables
   end
+
+  # rubocop:disable Gitlab/ModuleWithInstanceVariables
+  def finder_params_for_issuable
+    {
+        target: @issuable,
+        notes_filter: notes_filter
+    }
+  end
+  # rubocop:enable Gitlab/ModuleWithInstanceVariables
 end
diff --git a/app/finders/notes_finder.rb b/app/finders/notes_finder.rb
index 8f610d7dddb..c25600221d7 100644
--- a/app/finders/notes_finder.rb
+++ b/app/finders/notes_finder.rb
@@ -3,6 +3,8 @@
 class NotesFinder
   FETCH_OVERLAP = 5.seconds
 
+  attr_reader :target_type
+
   # Used to filter Notes
   # When used with target_type and target_id this returns notes specifically for the controller
   #
@@ -10,6 +12,7 @@ class NotesFinder
   #   current_user - which user check authorizations with
   #   project - which project to look for notes on
   #   params:
+  #     target: noteable
   #     target_type: string
   #     target_id: integer
   #     last_fetched_at: time
@@ -18,7 +21,8 @@ class NotesFinder
   def initialize(project, current_user, params = {})
     @project = project
     @current_user = current_user
-    @params = params
+    @params = params.dup
+    @target_type = @params[:target_type]
   end
 
   def execute
@@ -32,7 +36,27 @@ class NotesFinder
   def target
     return @target if defined?(@target)
 
-    target_type = @params[:target_type]
+    if target_given?
+      use_explicit_target
+    else
+      find_target_by_type_and_ids
+    end
+  end
+
+  private
+
+  def target_given?
+    @params.key?(:target)
+  end
+
+  def use_explicit_target
+    @target = @params[:target]
+    @target_type = @target.class.name.underscore
+
+    @target
+  end
+
+  def find_target_by_type_and_ids
     target_id   = @params[:target_id]
     target_iid  = @params[:target_iid]
 
@@ -45,13 +69,11 @@ class NotesFinder
           @project.commit(target_id)
         end
       else
-        noteables_for_type_by_id(target_type, target_id, target_iid)
+        noteable_for_type_by_id(target_type, target_id, target_iid)
       end
   end
 
-  private
-
-  def noteables_for_type_by_id(type, id, iid)
+  def noteable_for_type_by_id(type, id, iid)
     query = if id
               { id: id }
             else
@@ -77,10 +99,6 @@ class NotesFinder
     search(notes)
   end
 
-  def target_type
-    @params[:target_type]
-  end
-
   # rubocop: disable CodeReuse/ActiveRecord
   def notes_of_any_type
     types = %w(commit issue merge_request snippet)
diff --git a/spec/controllers/concerns/issuable_actions_spec.rb b/spec/controllers/concerns/issuable_actions_spec.rb
new file mode 100644
index 00000000000..3281fd4a2ef
--- /dev/null
+++ b/spec/controllers/concerns/issuable_actions_spec.rb
@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe IssuableActions do
+  let(:project) { double('project') }
+  let(:user) { double('user') }
+  let(:issuable) { double('issuable') }
+  let(:finder_params_for_issuable) { {} }
+  let(:notes_result) { double('notes_result') }
+  let(:discussion_serializer) { double('discussion_serializer') }
+
+  let(:controller) do
+    klass = Class.new do
+      attr_reader :current_user, :project, :issuable
+
+      def self.before_action(action, params = nil)
+      end
+
+      include IssuableActions
+
+      def initialize(issuable, project, user, finder_params)
+        @issuable = issuable
+        @project = project
+        @current_user = user
+        @finder_params = finder_params
+      end
+
+      def finder_params_for_issuable
+        @finder_params
+      end
+
+      def params
+        {
+          notes_filter: 1
+        }
+      end
+
+      def prepare_notes_for_rendering(notes)
+        []
+      end
+
+      def render(options)
+      end
+    end
+
+    klass.new(issuable, project, user, finder_params_for_issuable)
+  end
+
+  describe '#discussions' do
+    before do
+      allow(user).to receive(:set_notes_filter)
+      allow(user).to receive(:user_preference)
+      allow(discussion_serializer).to receive(:represent)
+    end
+
+    it 'instantiates and calls NotesFinder as expected' do
+      expect(Discussion).to receive(:build_collection).and_return([])
+      expect(DiscussionSerializer).to receive(:new).and_return(discussion_serializer)
+      expect(NotesFinder).to receive(:new).with(project, user, finder_params_for_issuable).and_call_original
+
+      expect_any_instance_of(NotesFinder).to receive(:execute).and_return(notes_result)
+
+      expect(notes_result).to receive_messages(inc_relations_for_view: notes_result, includes: notes_result, fresh: notes_result)
+
+      controller.discussions
+    end
+  end
+end
diff --git a/spec/controllers/projects/issues_controller_spec.rb b/spec/controllers/projects/issues_controller_spec.rb
index 32d14dce936..0f885d776e1 100644
--- a/spec/controllers/projects/issues_controller_spec.rb
+++ b/spec/controllers/projects/issues_controller_spec.rb
@@ -1260,6 +1260,28 @@ describe Projects::IssuesController do
         sign_in(user)
       end
 
+      context do
+        it_behaves_like 'discussions provider' do
+          let!(:author) { create(:user) }
+          let!(:project) { create(:project) }
+
+          let!(:issue) { create(:issue, project: project, author: user) }
+
+          let!(:note_on_issue1) { create(:discussion_note_on_issue, noteable: issue, project: issue.project, author: create(:user)) }
+          let!(:note_on_issue2) { create(:discussion_note_on_issue, noteable: issue, project: issue.project, author: create(:user)) }
+
+          let(:requested_iid) { issue.iid }
+          let(:expected_discussion_count) { 3 }
+          let(:expected_discussion_ids) do
+            [
+              issue.notes.first.discussion_id,
+              note_on_issue1.discussion_id,
+              note_on_issue2.discussion_id
+            ]
+          end
+        end
+      end
+
       it 'returns discussion json' do
         get :discussions, params: { namespace_id: project.namespace, project_id: project, id: issue.iid }
 
diff --git a/spec/controllers/projects/merge_requests_controller_spec.rb b/spec/controllers/projects/merge_requests_controller_spec.rb
index f11880122b1..b777fa7f816 100644
--- a/spec/controllers/projects/merge_requests_controller_spec.rb
+++ b/spec/controllers/projects/merge_requests_controller_spec.rb
@@ -1121,6 +1121,22 @@ describe Projects::MergeRequestsController do
         end
       end
     end
+
+    context do
+      it_behaves_like 'discussions provider' do
+        let!(:author) { create(:user) }
+        let!(:project) { create(:project) }
+
+        let!(:merge_request) { create(:merge_request, source_project: project) }
+
+        let!(:mr_note1) { create(:discussion_note_on_merge_request, noteable: merge_request, project: project) }
+        let!(:mr_note2) { create(:discussion_note_on_merge_request, noteable: merge_request, project: project) }
+
+        let(:requested_iid) { merge_request.iid }
+        let(:expected_discussion_count) { 2 }
+        let(:expected_discussion_ids) { [mr_note1.discussion_id, mr_note2.discussion_id] }
+      end
+    end
   end
 
   describe 'GET edit' do
diff --git a/spec/finders/notes_finder_spec.rb b/spec/finders/notes_finder_spec.rb
index 87bde4ca2f6..677fde0d8ce 100644
--- a/spec/finders/notes_finder_spec.rb
+++ b/spec/finders/notes_finder_spec.rb
@@ -118,16 +118,11 @@ describe NotesFinder do
 
     context 'for target' do
       let(:project) { create(:project, :repository) }
-      let(:note1) { create :note_on_commit, project: project }
-      let(:note2) { create :note_on_commit, project: project }
+      let!(:note1) { create :note_on_commit, project: project }
+      let!(:note2) { create :note_on_commit, project: project }
       let(:commit) { note1.noteable }
       let(:params) { { target_id: commit.id, target_type: 'commit', last_fetched_at: 1.hour.ago.to_i } }
 
-      before do
-        note1
-        note2
-      end
-
       it 'finds all notes' do
         notes = described_class.new(project, user, params).execute
         expect(notes.size).to eq(2)
@@ -194,6 +189,28 @@ describe NotesFinder do
         end
       end
     end
+
+    context 'for explicit target' do
+      let(:project) { create(:project, :repository) }
+      let!(:note1) { create :note_on_commit, project: project, created_at: 1.day.ago, updated_at: 2.hours.ago }
+      let!(:note2) { create :note_on_commit, project: project }
+      let(:commit) { note1.noteable }
+      let(:params) { { target: commit } }
+
+      it 'returns the expected notes' do
+        expect(described_class.new(project, user, params).execute).to eq([note1, note2])
+      end
+
+      it 'returns the expected notes when last_fetched_at is given' do
+        params = { target: commit, last_fetched_at: 1.hour.ago.to_i }
+        expect(described_class.new(project, user, params).execute).to eq([note2])
+      end
+
+      it 'fails when nil is provided' do
+        params = { target: nil }
+        expect { described_class.new(project, user, params).execute }.to raise_error(RuntimeError)
+      end
+    end
   end
 
   describe '.search' do
diff --git a/spec/fixtures/api/schemas/entities/discussion.json b/spec/fixtures/api/schemas/entities/discussion.json
new file mode 100644
index 00000000000..bcc1db79e83
--- /dev/null
+++ b/spec/fixtures/api/schemas/entities/discussion.json
@@ -0,0 +1,67 @@
+{
+  "type": "object",
+  "required" : [
+    "id",
+    "notes",
+    "individual_note"
+  ],
+  "properties" : {
+    "id": { "type": "string" },
+    "individual_note": { "type": "boolean" },
+    "notes": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "properties" : {
+          "id": { "type": "string" },
+          "type": { "type": ["string", "null"] },
+          "body": { "type": "string" },
+          "attachment": { "type": ["string", "null"]},
+          "award_emoji": { "type": "array" },
+          "author": {
+            "type": "object",
+            "properties": {
+              "name": { "type": "string" },
+              "username": { "type": "string" },
+              "id": { "type": "integer" },
+              "state": { "type": "string" },
+              "avatar_url": { "type": "uri" },
+              "web_url": { "type": "uri" },
+              "status_tooltip_html": { "type": ["string", "null"] },
+              "path": { "type": "string" }
+            },
+            "additionalProperties": false
+          },
+          "created_at": { "type": "date" },
+          "updated_at": { "type": "date" },
+          "system": { "type": "boolean" },
+          "noteable_id": { "type": "integer" },
+          "noteable_iid": { "type": "integer" },
+          "noteable_type": { "type": "string" },
+          "resolved": { "type": "boolean" },
+          "resolvable": { "type": "boolean" },
+          "resolved_by": { "type": ["string", "null"] },
+          "note": { "type": "string" },
+          "note_html": { "type": "string"  },
+          "current_user": { "type": "object" },
+          "suggestions": { "type": "array" },
+          "discussion_id": { "type": "string" },
+          "emoji_awardable": { "type": "boolean" },
+          "report_abuse_path": { "type": "string" },
+          "noteable_note_url": { "type": "string" },
+          "resolve_path": { "type": "string" },
+          "resolve_with_issue_path": { "type": "string" },
+          "cached_markdown_version": { "type": "integer" },
+          "human_access": { "type": ["string", "null"] },
+          "toggle_award_path": { "type": "string" },
+          "path": { "type": "string" }
+        },
+        "required": [
+          "id", "attachment", "author", "created_at", "updated_at",
+          "system", "noteable_id", "noteable_type"
+        ],
+        "additionalProperties": false
+      }
+    }
+  }
+}
diff --git a/spec/fixtures/api/schemas/entities/discussions.json b/spec/fixtures/api/schemas/entities/discussions.json
new file mode 100644
index 00000000000..5a837429776
--- /dev/null
+++ b/spec/fixtures/api/schemas/entities/discussions.json
@@ -0,0 +1,4 @@
+{
+  "type": "array",
+  "items": { "$ref": "discussion.json" }
+}
diff --git a/spec/support/shared_examples/discussions_provider_shared_examples.rb b/spec/support/shared_examples/discussions_provider_shared_examples.rb
new file mode 100644
index 00000000000..77cf1ac3f51
--- /dev/null
+++ b/spec/support/shared_examples/discussions_provider_shared_examples.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+shared_examples 'discussions provider' do
+  it 'returns the expected discussions' do
+    get :discussions, params: { namespace_id: project.namespace, project_id: project, id: requested_iid }
+
+    expect(response).to have_gitlab_http_status(200)
+    expect(response).to match_response_schema('entities/discussions')
+
+    expect(json_response.size).to eq(expected_discussion_count)
+    expect(json_response.pluck('id')).to eq(expected_discussion_ids)
+  end
+end
-- 
cgit v1.2.1


From c111d121d6faedfe3f38af1780e16ab056048e30 Mon Sep 17 00:00:00 2001
From: Martin Hanzel <mhanzel@gitlab.com>
Date: Fri, 26 Jul 2019 07:18:15 +0000
Subject: Add UndoStack class - a custom undo/redo engine

It will be hooked up to the markdown editor later
---
 app/assets/javascripts/commons/polyfills.js        |   1 +
 app/assets/javascripts/gl_form.js                  |  87 +++++
 app/assets/javascripts/helpers/indent_helper.js    | 182 ++++++++++
 app/assets/javascripts/lib/utils/common_utils.js   |  65 ++++
 app/assets/javascripts/lib/utils/keycodes.js       |  10 +-
 app/assets/javascripts/lib/utils/undo_stack.js     | 105 ++++++
 .../vue_shared/components/markdown/toolbar.vue     |  41 ++-
 app/views/shared/notes/_hints.html.haml            |  11 +-
 changelogs/unreleased/mh-editor-indents.yml        |   5 +
 locale/gitlab.pot                                  |  15 +-
 package.json                                       |   2 +-
 .../projects/wiki/user_creates_wiki_page_spec.rb   |  12 +-
 spec/frontend/helpers/indent_helper_spec.js        | 371 +++++++++++++++++++++
 spec/frontend/lib/utils/common_utils_spec.js       | 180 ++++++++++
 spec/frontend/lib/utils/undo_stack_spec.js         | 237 +++++++++++++
 yarn.lock                                          |   2 +-
 16 files changed, 1287 insertions(+), 39 deletions(-)
 create mode 100644 app/assets/javascripts/helpers/indent_helper.js
 create mode 100644 app/assets/javascripts/lib/utils/undo_stack.js
 create mode 100644 changelogs/unreleased/mh-editor-indents.yml
 create mode 100644 spec/frontend/helpers/indent_helper_spec.js
 create mode 100644 spec/frontend/lib/utils/common_utils_spec.js
 create mode 100644 spec/frontend/lib/utils/undo_stack_spec.js

diff --git a/app/assets/javascripts/commons/polyfills.js b/app/assets/javascripts/commons/polyfills.js
index 7a6ad3dc771..daa941a63cd 100644
--- a/app/assets/javascripts/commons/polyfills.js
+++ b/app/assets/javascripts/commons/polyfills.js
@@ -12,6 +12,7 @@ import 'core-js/es/promise/finally';
 import 'core-js/es/string/code-point-at';
 import 'core-js/es/string/from-code-point';
 import 'core-js/es/string/includes';
+import 'core-js/es/string/repeat';
 import 'core-js/es/string/starts-with';
 import 'core-js/es/string/ends-with';
 import 'core-js/es/symbol';
diff --git a/app/assets/javascripts/gl_form.js b/app/assets/javascripts/gl_form.js
index a66555838ba..b98fe9f6ce2 100644
--- a/app/assets/javascripts/gl_form.js
+++ b/app/assets/javascripts/gl_form.js
@@ -3,9 +3,16 @@ import autosize from 'autosize';
 import GfmAutoComplete, { defaultAutocompleteConfig } from 'ee_else_ce/gfm_auto_complete';
 import dropzoneInput from './dropzone_input';
 import { addMarkdownListeners, removeMarkdownListeners } from './lib/utils/text_markdown';
+import IndentHelper from './helpers/indent_helper';
+import { keystroke } from './lib/utils/common_utils';
+import * as keys from './lib/utils/keycodes';
+import UndoStack from './lib/utils/undo_stack';
 
 export default class GLForm {
   constructor(form, enableGFM = {}) {
+    this.handleKeyShortcuts = this.handleKeyShortcuts.bind(this);
+    this.setState = this.setState.bind(this);
+
     this.form = form;
     this.textarea = this.form.find('textarea.js-gfm-input');
     this.enableGFM = Object.assign({}, defaultAutocompleteConfig, enableGFM);
@@ -16,6 +23,10 @@ export default class GLForm {
         this.enableGFM[item] = Boolean(dataSources[item]);
       }
     });
+
+    this.undoStack = new UndoStack();
+    this.indentHelper = new IndentHelper(this.textarea[0]);
+
     // Before we start, we should clean up any previous data for this form
     this.destroy();
     // Set up the form
@@ -85,9 +96,84 @@ export default class GLForm {
   clearEventListeners() {
     this.textarea.off('focus');
     this.textarea.off('blur');
+    this.textarea.off('keydown');
     removeMarkdownListeners(this.form);
   }
 
+  setState(state) {
+    const selection = [this.textarea[0].selectionStart, this.textarea[0].selectionEnd];
+    this.textarea.val(state);
+    this.textarea[0].setSelectionRange(selection[0], selection[1]);
+  }
+
+  /*
+   Handle keypresses for a custom undo/redo stack.
+   We need this because the toolbar buttons and indentation helpers mess with the browser's
+   native undo/redo capability.
+   */
+  handleUndo(event) {
+    const content = this.textarea.val();
+    const { selectionStart, selectionEnd } = this.textarea[0];
+    const stack = this.undoStack;
+
+    if (stack.isEmpty()) {
+      // ==== Save initial state in undo history ====
+      stack.save(content);
+    }
+
+    if (keystroke(event, keys.Z_KEY_CODE, 'l')) {
+      // ==== Undo ====
+      event.preventDefault();
+      stack.save(content);
+      if (stack.canUndo()) {
+        this.setState(stack.undo());
+      }
+    } else if (keystroke(event, keys.Z_KEY_CODE, 'ls') || keystroke(event, keys.Y_KEY_CODE, 'l')) {
+      // ==== Redo ====
+      event.preventDefault();
+      if (stack.canRedo()) {
+        this.setState(stack.redo());
+      }
+    } else if (
+      keystroke(event, keys.SPACE_KEY_CODE) ||
+      keystroke(event, keys.ENTER_KEY_CODE) ||
+      selectionStart !== selectionEnd
+    ) {
+      // ==== Save after finishing a word or before deleting a large selection ====
+      stack.save(content);
+    } else if (content === '') {
+      // ==== Save after deleting everything ====
+      stack.save('');
+    } else {
+      // ==== Save after 1 second of inactivity ====
+      stack.scheduleSave(content);
+    }
+  }
+
+  handleIndent(event) {
+    if (keystroke(event, keys.LEFT_BRACKET_KEY_CODE, 'l')) {
+      // ==== Unindent selected lines ====
+      event.preventDefault();
+      this.indentHelper.unindent();
+    } else if (keystroke(event, keys.RIGHT_BRACKET_KEY_CODE, 'l')) {
+      // ==== Indent selected lines ====
+      event.preventDefault();
+      this.indentHelper.indent();
+    } else if (keystroke(event, keys.ENTER_KEY_CODE)) {
+      // ==== Auto-indent new lines ====
+      event.preventDefault();
+      this.indentHelper.newline();
+    } else if (keystroke(event, keys.BACKSPACE_KEY_CODE)) {
+      // ==== Auto-delete indents at the beginning of the line ====
+      this.indentHelper.backspace(event);
+    }
+  }
+
+  handleKeyShortcuts(event) {
+    this.handleIndent(event);
+    this.handleUndo(event);
+  }
+
   addEventListeners() {
     this.textarea.on('focus', function focusTextArea() {
       $(this)
@@ -99,5 +185,6 @@ export default class GLForm {
         .closest('.md-area')
         .removeClass('is-focused');
     });
+    this.textarea.on('keydown', e => this.handleKeyShortcuts(e.originalEvent));
   }
 }
diff --git a/app/assets/javascripts/helpers/indent_helper.js b/app/assets/javascripts/helpers/indent_helper.js
new file mode 100644
index 00000000000..a8815fac04e
--- /dev/null
+++ b/app/assets/javascripts/helpers/indent_helper.js
@@ -0,0 +1,182 @@
+const INDENT_SEQUENCE = '    ';
+
+function countLeftSpaces(text) {
+  const i = text.split('').findIndex(c => c !== ' ');
+  return i === -1 ? text.length : i;
+}
+
+/**
+ * IndentHelper provides methods that allow manual and smart indentation in
+ * textareas. It supports line indent/unindent, selection indent/unindent,
+ * auto indentation on newlines, and smart deletion of indents with backspace.
+ */
+export default class IndentHelper {
+  /**
+   * Creates a new IndentHelper and binds it to the given `textarea`. You can provide a custom indent sequence in the second parameter, but the `newline` and `backspace` operations may work funny if the indent sequence isn't spaces only.
+   */
+  constructor(textarea, indentSequence = INDENT_SEQUENCE) {
+    this.element = textarea;
+    this.seq = indentSequence;
+  }
+
+  getSelection() {
+    return { start: this.element.selectionStart, end: this.element.selectionEnd };
+  }
+
+  isRangeSelection() {
+    return this.element.selectionStart !== this.element.selectionEnd;
+  }
+
+  /**
+   * Re-implementation of textarea's setRangeText method, because IE/Edge don't support it.
+   *
+   * @see https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#dom-textarea%2Finput-setrangetext
+   */
+  setRangeText(replacement, start, end, selectMode) {
+    // Disable eslint to remain as faithful as possible to the above linked spec
+    /* eslint-disable no-param-reassign, no-case-declarations */
+    const text = this.element.value;
+
+    if (start > end) {
+      throw new RangeError('setRangeText: start index must be less than or equal to end index');
+    }
+
+    // Clamp to [0, len]
+    start = Math.max(0, Math.min(start, text.length));
+    end = Math.max(0, Math.min(end, text.length));
+
+    let selection = { start: this.element.selectionStart, end: this.element.selectionEnd };
+
+    this.element.value = text.slice(0, start) + replacement + text.slice(end);
+
+    const newLength = replacement.length;
+    const newEnd = start + newLength;
+
+    switch (selectMode) {
+      case 'select':
+        selection = { start, newEnd };
+        break;
+      case 'start':
+        selection = { start, end: start };
+        break;
+      case 'end':
+        selection = { start: newEnd, end: newEnd };
+        break;
+      case 'preserve':
+      default:
+        const oldLength = end - start;
+        const delta = newLength - oldLength;
+        if (selection.start > end) {
+          selection.start += delta;
+        } else if (selection.start > start) {
+          selection.start = start;
+        }
+        if (selection.end > end) {
+          selection.end += delta;
+        } else if (selection.end > start) {
+          selection.end = newEnd;
+        }
+    }
+
+    this.element.setSelectionRange(selection.start, selection.end);
+
+    /* eslint-enable no-param-reassign, no-case-declarations */
+  }
+
+  /**
+   * Returns an array of lines in the textarea, with information about their
+   * start/end offsets and whether they are included in the current selection.
+   */
+  splitLines() {
+    const { start, end } = this.getSelection();
+
+    const lines = this.element.value.split('\n');
+    let textStart = 0;
+    const lineObjects = [];
+    lines.forEach(line => {
+      const lineObj = {
+        text: line,
+        start: textStart,
+        end: textStart + line.length,
+      };
+      lineObj.inSelection = lineObj.start <= end && lineObj.end >= start;
+      lineObjects.push(lineObj);
+      textStart += line.length + 1;
+    });
+    return lineObjects;
+  }
+
+  /**
+   * Indents selected lines by one level.
+   */
+  indent() {
+    const { start } = this.getSelection();
+
+    const selectedLines = this.splitLines().filter(line => line.inSelection);
+    if (!this.isRangeSelection() && start === selectedLines[0].start) {
+      // Special case: if cursor is at the beginning of the line, move it one
+      // indent right.
+      const line = selectedLines[0];
+      this.setRangeText(this.seq, line.start, line.start, 'end');
+    } else {
+      selectedLines.reverse();
+      selectedLines.forEach(line => {
+        this.setRangeText(INDENT_SEQUENCE, line.start, line.start, 'preserve');
+      });
+    }
+  }
+
+  /**
+   * Unindents selected lines by one level.
+   */
+  unindent() {
+    const lines = this.splitLines().filter(line => line.inSelection);
+    lines.reverse();
+    lines
+      .filter(line => line.text.startsWith(this.seq))
+      .forEach(line => {
+        this.setRangeText('', line.start, line.start + this.seq.length, 'preserve');
+      });
+  }
+
+  /**
+   * Emulates a newline keypress, automatically indenting the new line.
+   */
+  newline() {
+    const { start, end } = this.getSelection();
+
+    if (this.isRangeSelection()) {
+      // Manually kill the selection before calculating the indent
+      this.setRangeText('', start, end, 'start');
+    }
+
+    // Auto-indent the next line
+    const currentLine = this.splitLines().find(line => line.end >= start);
+    const spaces = countLeftSpaces(currentLine.text);
+    this.setRangeText(`\n${' '.repeat(spaces)}`, start, start, 'end');
+  }
+
+  /**
+   * If the cursor is positioned at the end of a line's leading indents,
+   * emulates a backspace keypress by deleting a single level of indents.
+   * @param event The DOM KeyboardEvent that triggers this action, or null.
+   */
+  backspace(event) {
+    const { start } = this.getSelection();
+
+    // If the cursor is at the end of leading indents, delete an indent.
+    if (!this.isRangeSelection()) {
+      const currentLine = this.splitLines().find(line => line.end >= start);
+      const cursorPosition = start - currentLine.start;
+      if (countLeftSpaces(currentLine.text) === cursorPosition && cursorPosition > 0) {
+        if (event) event.preventDefault();
+
+        let spacesToDelete = cursorPosition % this.seq.length;
+        if (spacesToDelete === 0) {
+          spacesToDelete = this.seq.length;
+        }
+        this.setRangeText('', start - spacesToDelete, start, 'start');
+      }
+    }
+  }
+}
diff --git a/app/assets/javascripts/lib/utils/common_utils.js b/app/assets/javascripts/lib/utils/common_utils.js
index 5e90893b684..1a94aee2398 100644
--- a/app/assets/javascripts/lib/utils/common_utils.js
+++ b/app/assets/javascripts/lib/utils/common_utils.js
@@ -203,6 +203,71 @@ export const isMetaKey = e => e.metaKey || e.ctrlKey || e.altKey || e.shiftKey;
 // 3) Middle-click or Mouse Wheel Click (e.which is 2)
 export const isMetaClick = e => e.metaKey || e.ctrlKey || e.which === 2;
 
+export const getPlatformLeaderKey = () => {
+  // eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings
+  if (navigator && navigator.platform && navigator.platform.startsWith('Mac')) {
+    return 'meta';
+  }
+  return 'ctrl';
+};
+
+export const getPlatformLeaderKeyHTML = () => {
+  if (getPlatformLeaderKey() === 'meta') {
+    return '&#8984;';
+  }
+  // eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings
+  return 'Ctrl';
+};
+
+export const isPlatformLeaderKey = e => {
+  if (getPlatformLeaderKey() === 'meta') {
+    return Boolean(e.metaKey);
+  }
+  return Boolean(e.ctrlKey);
+};
+
+/**
+ * Tests if a KeyboardEvent corresponds exactly to a keystroke.
+ *
+ * This function avoids hacking around an old version of Mousetrap, which we ship at the moment. It should be removed after we upgrade to the newest Mousetrap. See:
+ * - https://gitlab.com/gitlab-org/gitlab-ce/issues/63182
+ * - https://gitlab.com/gitlab-org/gitlab-ce/issues/64246
+ *
+ * @example
+ *     // Matches the enter key with exactly zero modifiers
+ *     keystroke(event, 13)
+ *
+ * @example
+ *     // Matches Control-Shift-Z
+ *     keystroke(event, 90, 'cs')
+ *
+ * @param e The KeyboardEvent to test.
+ * @param keyCode The key code of the key to test. Why keycodes? IE/Edge don't support the more convenient `key` and `code` properties.
+ * @param modifiers A string of modifiers keys. Each modifier key is represented by one character. The set of pressed modifier keys must match the given string exactly. Available options are 'a' for Alt/Option, 'c' for Control, 'm' for Meta/Command, 's' for Shift, and 'l' for the leader key (Meta on MacOS and Control otherwise).
+ * @returns {boolean} True if the KeyboardEvent corresponds to the given keystroke.
+ */
+export const keystroke = (e, keyCode, modifiers = '') => {
+  if (!e || !keyCode) {
+    return false;
+  }
+
+  const leader = getPlatformLeaderKey();
+  const mods = modifiers.toLowerCase().replace('l', leader.charAt(0));
+
+  // Match depressed modifier keys
+  if (
+    e.altKey !== mods.includes('a') ||
+    e.ctrlKey !== mods.includes('c') ||
+    e.metaKey !== mods.includes('m') ||
+    e.shiftKey !== mods.includes('s')
+  ) {
+    return false;
+  }
+
+  // Match the depressed key
+  return keyCode === (e.keyCode || e.which);
+};
+
 export const contentTop = () => {
   const perfBar = $('#js-peek').outerHeight() || 0;
   const mrTabsHeight = $('.merge-request-tabs').outerHeight() || 0;
diff --git a/app/assets/javascripts/lib/utils/keycodes.js b/app/assets/javascripts/lib/utils/keycodes.js
index 5e0f9b612a2..e24fcf47d71 100644
--- a/app/assets/javascripts/lib/utils/keycodes.js
+++ b/app/assets/javascripts/lib/utils/keycodes.js
@@ -1,4 +1,10 @@
-export const UP_KEY_CODE = 38;
-export const DOWN_KEY_CODE = 40;
+export const BACKSPACE_KEY_CODE = 8;
 export const ENTER_KEY_CODE = 13;
 export const ESC_KEY_CODE = 27;
+export const SPACE_KEY_CODE = 32;
+export const UP_KEY_CODE = 38;
+export const DOWN_KEY_CODE = 40;
+export const Y_KEY_CODE = 89;
+export const Z_KEY_CODE = 90;
+export const LEFT_BRACKET_KEY_CODE = 219;
+export const RIGHT_BRACKET_KEY_CODE = 221;
diff --git a/app/assets/javascripts/lib/utils/undo_stack.js b/app/assets/javascripts/lib/utils/undo_stack.js
new file mode 100644
index 00000000000..6cfdc2a0a0f
--- /dev/null
+++ b/app/assets/javascripts/lib/utils/undo_stack.js
@@ -0,0 +1,105 @@
+/**
+ * UndoStack provides a custom implementation of an undo/redo engine. It was originally written for GitLab's Markdown editor (`gl_form.js`), whose rich text editing capabilities broke native browser undo/redo behaviour.
+ *
+ * UndoStack supports predictable undos/redos, debounced saves, maximum history length, and duplicate detection.
+ *
+ * Usage:
+ *   - `stack = new UndoStack();`
+ *   - Saves a state to the stack with `stack.save(state)`.
+ *   - Get the current state with `stack.current()`.
+ *   - Revert to the previous state with `stack.undo()`.
+ *   - Redo a previous undo with `stack.redo()`;
+ *   - Queue a future save with `stack.scheduleSave(state, delay)`. Useful for text editors.
+ *   - See the full undo history in `stack.history`.
+ */
+export default class UndoStack {
+  constructor(maxLength = 1000) {
+    this.clear();
+    this.maxLength = maxLength;
+
+    // If you're storing reference-types in the undo stack, you might want to
+    // reassign this property to some deep-equals function.
+    this.comparator = (a, b) => a === b;
+  }
+
+  current() {
+    if (this.cursor === -1) {
+      return undefined;
+    }
+    return this.history[this.cursor];
+  }
+
+  isEmpty() {
+    return this.history.length === 0;
+  }
+
+  clear() {
+    this.clearPending();
+    this.history = [];
+    this.cursor = -1;
+  }
+
+  save(state) {
+    this.clearPending();
+    if (this.comparator(state, this.current())) {
+      // Don't save state if it's the same as the current state
+      return;
+    }
+
+    this.history.length = this.cursor + 1;
+    this.history.push(state);
+    this.cursor += 1;
+
+    if (this.history.length > this.maxLength) {
+      this.history.shift();
+      this.cursor -= 1;
+    }
+  }
+
+  scheduleSave(state, delay = 1000) {
+    this.clearPending();
+    this.pendingState = state;
+    this.timeout = setTimeout(this.saveNow.bind(this), delay);
+  }
+
+  saveNow() {
+    // Persists scheduled saves immediately
+    this.save(this.pendingState);
+    this.clearPending();
+  }
+
+  clearPending() {
+    // Cancels any scheduled saves
+    if (this.timeout) {
+      clearTimeout(this.timeout);
+      delete this.timeout;
+      delete this.pendingState;
+    }
+  }
+
+  canUndo() {
+    return this.cursor > 0;
+  }
+
+  undo() {
+    this.clearPending();
+    if (!this.canUndo()) {
+      return undefined;
+    }
+    this.cursor -= 1;
+    return this.history[this.cursor];
+  }
+
+  canRedo() {
+    return this.cursor >= 0 && this.cursor < this.history.length - 1;
+  }
+
+  redo() {
+    this.clearPending();
+    if (!this.canRedo()) {
+      return undefined;
+    }
+    this.cursor += 1;
+    return this.history[this.cursor];
+  }
+}
diff --git a/app/assets/javascripts/vue_shared/components/markdown/toolbar.vue b/app/assets/javascripts/vue_shared/components/markdown/toolbar.vue
index 8ce5b615795..21c44b59520 100644
--- a/app/assets/javascripts/vue_shared/components/markdown/toolbar.vue
+++ b/app/assets/javascripts/vue_shared/components/markdown/toolbar.vue
@@ -1,5 +1,6 @@
 <script>
 import { GlLink } from '@gitlab/ui';
+import { s__, sprintf } from '~/locale';
 
 export default {
   components: {
@@ -22,8 +23,28 @@ export default {
     },
   },
   computed: {
-    hasQuickActionsDocsPath() {
-      return this.quickActionsDocsPath !== '';
+    toolbarHelpHtml() {
+      const mdLinkStart = `<a href="${this.markdownDocsPath}" target="_blank" rel="noopener noreferrer" tabindex="-1">`;
+      const actionsLinkStart = `<a href="${this.quickActionsDocsPath}" target="_blank" rel="noopener noreferrer" tabindex="-1">`;
+      const linkEnd = '</a>';
+
+      if (this.markdownDocsPath && !this.quickActionsDocsPath) {
+        return sprintf(
+          s__('Editor|%{mdLinkStart}Markdown is supported%{mdLinkEnd}'),
+          { mdLinkStart, mdLinkEnd: linkEnd },
+          false,
+        );
+      } else if (this.markdownDocsPath && this.quickActionsDocsPath) {
+        return sprintf(
+          s__(
+            'Editor|%{mdLinkStart}Markdown%{mdLinkEnd} and %{actionsLinkStart}quick actions%{actionsLinkEnd} are supported',
+          ),
+          { mdLinkStart, mdLinkEnd: linkEnd, actionsLinkStart, actionsLinkEnd: linkEnd },
+          false,
+        );
+      }
+
+      return null;
     },
   },
 };
@@ -32,21 +53,7 @@ export default {
 <template>
   <div class="comment-toolbar clearfix">
     <div class="toolbar-text">
-      <template v-if="!hasQuickActionsDocsPath && markdownDocsPath">
-        <gl-link :href="markdownDocsPath" target="_blank" tabindex="-1">{{
-          __('Markdown is supported')
-        }}</gl-link>
-      </template>
-      <template v-if="hasQuickActionsDocsPath && markdownDocsPath">
-        <gl-link :href="markdownDocsPath" target="_blank" tabindex="-1">{{
-          __('Markdown')
-        }}</gl-link>
-        and
-        <gl-link :href="quickActionsDocsPath" target="_blank" tabindex="-1">{{
-          __('quick actions')
-        }}</gl-link>
-        are supported
-      </template>
+      <span v-html="toolbarHelpHtml"></span>
     </div>
     <span v-if="canAttachFile" class="uploading-container">
       <span class="uploading-progress-container hide">
diff --git a/app/views/shared/notes/_hints.html.haml b/app/views/shared/notes/_hints.html.haml
index fae7d6526e8..72ede50dd8c 100644
--- a/app/views/shared/notes/_hints.html.haml
+++ b/app/views/shared/notes/_hints.html.haml
@@ -1,14 +1,13 @@
 - supports_quick_actions = local_assigns.fetch(:supports_quick_actions, false)
 .comment-toolbar.clearfix
   .toolbar-text
-    = link_to _('Markdown'), help_page_path('user/markdown'), target: '_blank', tabindex: -1
+    - md_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer" tabindex="-1">'.html_safe % { url: help_page_path('user/markdown') }
+    - actions_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer" tabindex="-1">'.html_safe % { url: help_page_path('user/project/quick_actions') }
+    - link_end = '</a>'.html_safe
     - if supports_quick_actions
-      and
-      = link_to _('quick actions'), help_page_path('user/project/quick_actions'), target: '_blank', tabindex: -1
-      are
+      = s_('Editor|%{mdLinkStart}Markdown%{mdLinkEnd} and %{actionsLinkStart}quick actions%{actionsLinkEnd} are supported').html_safe % { mdLinkStart: md_link_start, mdLinkEnd: link_end, actionsLinkStart: actions_link_start, actionsLinkEnd: link_end }
     - else
-      is
-    supported
+      = s_('Editor|%{mdLinkStart}Markdown is supported%{mdLinkEnd}').html_safe % { mdLinkStart: md_link_start, mdLinkEnd: link_end }
 
   %span.uploading-container
     %span.uploading-progress-container.hide
diff --git a/changelogs/unreleased/mh-editor-indents.yml b/changelogs/unreleased/mh-editor-indents.yml
new file mode 100644
index 00000000000..a282c0f505d
--- /dev/null
+++ b/changelogs/unreleased/mh-editor-indents.yml
@@ -0,0 +1,5 @@
+---
+title: Markdown editors now have indentation shortcuts and auto-indentation
+merge_request: 28914
+author:
+type: added
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index ed71a4b42d9..114d245b688 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -3941,6 +3941,12 @@ msgstr ""
 msgid "Edit public deploy key"
 msgstr ""
 
+msgid "Editor|%{mdLinkStart}Markdown is supported%{mdLinkEnd}"
+msgstr ""
+
+msgid "Editor|%{mdLinkStart}Markdown%{mdLinkEnd} and %{actionsLinkStart}quick actions%{actionsLinkEnd} are supported"
+msgstr ""
+
 msgid "Email"
 msgstr ""
 
@@ -6382,18 +6388,12 @@ msgstr ""
 msgid "Mark to do as done"
 msgstr ""
 
-msgid "Markdown"
-msgstr ""
-
 msgid "Markdown Help"
 msgstr ""
 
 msgid "Markdown enabled"
 msgstr ""
 
-msgid "Markdown is supported"
-msgstr ""
-
 msgid "Marks this issue as a duplicate of %{duplicate_reference}."
 msgstr ""
 
@@ -13314,9 +13314,6 @@ msgstr ""
 msgid "project avatar"
 msgstr ""
 
-msgid "quick actions"
-msgstr ""
-
 msgid "register"
 msgstr ""
 
diff --git a/package.json b/package.json
index 4264064c93d..dce20505fb0 100644
--- a/package.json
+++ b/package.json
@@ -99,7 +99,7 @@
     "mermaid": "^8.2.3",
     "monaco-editor": "^0.15.6",
     "monaco-editor-webpack-plugin": "^1.7.0",
-    "mousetrap": "^1.4.6",
+    "mousetrap": "1.4.6",
     "pdfjs-dist": "^2.0.943",
     "pikaday": "^1.6.1",
     "popper.js": "^1.14.7",
diff --git a/spec/features/projects/wiki/user_creates_wiki_page_spec.rb b/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
index aac095bfa6b..80741ace5d6 100644
--- a/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
+++ b/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
@@ -132,9 +132,15 @@ describe "User creates wiki page" do
 
         fill_in(:wiki_content, with: ascii_content)
 
-        page.within(".wiki-form") do
-          click_button("Create page")
-        end
+        # This is the dumbest bug in the world:
+        # When the #wiki_content textarea is filled in, JS captures the `Enter` keydown event in order to do
+        # auto-indentation and manually inserts a newline. However, for whatever reason, when you try to click on the
+        # submit button in Capybara, it will not trigger the `click` event if a \n or \r character has been manually
+        # added to the textarea. It will, however, trigger ALL OTHER EVENTS, including `mouseover`/down/up, focus, and
+        # blur. Just not `click`. But only when you manually insert \n or \r - if you manually insert any other sequence
+        # then `click` is fired normally. And it's only Capybara. Browsers and JSDOM don't have this issue.
+        # So that's why the next line performs the click via JS.
+        page.execute_script("document.querySelector('.qa-create-page-button').click()")
 
         page.within ".md" do
           expect(page).to have_selector(".katex", count: 3).and have_content("2+2 is 4")
diff --git a/spec/frontend/helpers/indent_helper_spec.js b/spec/frontend/helpers/indent_helper_spec.js
new file mode 100644
index 00000000000..fca12f0d1ef
--- /dev/null
+++ b/spec/frontend/helpers/indent_helper_spec.js
@@ -0,0 +1,371 @@
+import IndentHelper from '~/helpers/indent_helper';
+
+function createMockTextarea() {
+  const el = document.createElement('textarea');
+  el.setCursor = pos => el.setSelectionRange(pos, pos);
+  el.setCursorToEnd = () => el.setCursor(el.value.length);
+  el.selection = () => [el.selectionStart, el.selectionEnd];
+  el.cursor = () => {
+    const [start, end] = el.selection();
+    return start === end ? start : undefined;
+  };
+  return el;
+}
+
+describe('indent_helper', () => {
+  let element;
+  let ih;
+
+  beforeEach(() => {
+    element = createMockTextarea();
+    ih = new IndentHelper(element);
+  });
+
+  describe('indents', () => {
+    describe('a single line', () => {
+      it('when on an empty line; and cursor follows', () => {
+        element.value = '';
+        ih.indent();
+        expect(element.value).toBe('    ');
+        expect(element.cursor()).toBe(4);
+        ih.indent();
+        expect(element.value).toBe('        ');
+        expect(element.cursor()).toBe(8);
+      });
+
+      it('when at the start of a line; and cursor stays at start', () => {
+        element.value = 'foobar';
+        element.setCursor(0);
+        ih.indent();
+        expect(element.value).toBe('    foobar');
+        expect(element.cursor()).toBe(4);
+      });
+
+      it('when the cursor is in the middle; and cursor follows', () => {
+        element.value = 'foobar';
+        element.setCursor(3);
+        ih.indent();
+        expect(element.value).toBe('    foobar');
+        expect(element.cursor()).toBe(7);
+      });
+    });
+
+    describe('several lines', () => {
+      it('when everything is selected; and everything remains selected', () => {
+        element.value = 'foo\nbar\nbaz';
+        element.setSelectionRange(0, 11);
+        ih.indent();
+        expect(element.value).toBe('    foo\n    bar\n    baz');
+        expect(element.selection()).toEqual([0, 23]);
+      });
+
+      it('when all lines are partially selected; and the selection adapts', () => {
+        element.value = 'foo\nbar\nbaz';
+        element.setSelectionRange(2, 9);
+        ih.indent();
+        expect(element.value).toBe('    foo\n    bar\n    baz');
+        expect(element.selection()).toEqual([6, 21]);
+      });
+
+      it('when some lines are entirely selected; and entire lines remain selected', () => {
+        element.value = 'foo\nbar\nbaz';
+        element.setSelectionRange(4, 11);
+        ih.indent();
+        expect(element.value).toBe('foo\n    bar\n    baz');
+        expect(element.selection()).toEqual([4, 19]);
+      });
+
+      it('when some lines are partially selected; and the selection adapts', () => {
+        element.value = 'foo\nbar\nbaz';
+        element.setSelectionRange(5, 9);
+        ih.indent();
+        expect(element.value).toBe('foo\n    bar\n    baz');
+        expect(element.selection()).toEqual([5 + 4, 9 + 2 * 4]);
+      });
+
+      it('having different indentation when some lines are entirely selected; and entire lines remain selected', () => {
+        element.value = '    foo\nbar\n    baz';
+        element.setSelectionRange(8, 19);
+        ih.indent();
+        expect(element.value).toBe('    foo\n    bar\n        baz');
+        expect(element.selection()).toEqual([8, 27]);
+      });
+
+      it('having different indentation when some lines are partially selected; and the selection adapts', () => {
+        element.value = '    foo\nbar\n    baz';
+        element.setSelectionRange(9, 14);
+        ih.indent();
+        expect(element.value).toBe('    foo\n    bar\n        baz');
+        expect(element.selection()).toEqual([13, 22]);
+      });
+    });
+  });
+
+  describe('unindents', () => {
+    describe('a single line', () => {
+      it('but does nothing if there is not indent', () => {
+        element.value = 'foobar';
+        element.setCursor(2);
+        ih.unindent();
+        expect(element.value).toBe('foobar');
+        expect(element.cursor()).toBe(2);
+      });
+
+      it('but does nothing if there is a partial indent', () => {
+        element.value = '  foobar';
+        element.setCursor(1);
+        ih.unindent();
+        expect(element.value).toBe('  foobar');
+        expect(element.cursor()).toBe(1);
+      });
+
+      it('when the cursor is in the line text; cursor follows', () => {
+        element.value = '    foobar';
+        element.setCursor(6);
+        ih.unindent();
+        expect(element.value).toBe('foobar');
+        expect(element.cursor()).toBe(2);
+      });
+
+      it('when the cursor is in the indent; and cursor goes to start', () => {
+        element.value = '    foobar';
+        element.setCursor(2);
+        ih.unindent();
+        expect(element.value).toBe('foobar');
+        expect(element.cursor()).toBe(0);
+      });
+
+      it('when the cursor is at line start; and cursor stays at start', () => {
+        element.value = '    foobar';
+        element.setCursor(0);
+        ih.unindent();
+        expect(element.value).toBe('foobar');
+        expect(element.cursor()).toBe(0);
+      });
+
+      it('when a selection includes part of the indent and text', () => {
+        element.value = '    foobar';
+        element.setSelectionRange(2, 8);
+        ih.unindent();
+        expect(element.value).toBe('foobar');
+        expect(element.selection()).toEqual([0, 4]);
+      });
+
+      it('when a selection includes part of the indent only', () => {
+        element.value = '    foobar';
+        element.setSelectionRange(0, 4);
+        ih.unindent();
+        expect(element.value).toBe('foobar');
+        expect(element.cursor()).toBe(0);
+
+        element.value = '    foobar';
+        element.setSelectionRange(1, 3);
+        ih.unindent();
+        expect(element.value).toBe('foobar');
+        expect(element.cursor()).toBe(0);
+      });
+    });
+
+    describe('several lines', () => {
+      it('when everything is selected', () => {
+        element.value = '    foo\n        bar\n    baz';
+        element.setSelectionRange(0, 27);
+        ih.unindent();
+        expect(element.value).toBe('foo\n    bar\nbaz');
+        expect(element.selection()).toEqual([0, 15]);
+      });
+
+      it('when all lines are partially selected', () => {
+        element.value = '    foo\n        bar\n    baz';
+        element.setSelectionRange(5, 26);
+        ih.unindent();
+        expect(element.value).toBe('foo\n    bar\nbaz');
+        expect(element.selection()).toEqual([1, 14]);
+      });
+
+      it('when all lines are entirely selected', () => {
+        element.value = '    foo\n        bar\n    baz';
+        element.setSelectionRange(8, 27);
+        ih.unindent();
+        expect(element.value).toBe('    foo\n    bar\nbaz');
+        expect(element.selection()).toEqual([8, 19]);
+      });
+
+      it('when some lines are entirely selected', () => {
+        element.value = '    foo\n        bar\n    baz';
+        element.setSelectionRange(8, 27);
+        ih.unindent();
+        expect(element.value).toBe('    foo\n    bar\nbaz');
+        expect(element.selection()).toEqual([8, 19]);
+      });
+
+      it('when some lines are partially selected', () => {
+        element.value = '    foo\n        bar\n    baz';
+        element.setSelectionRange(17, 26);
+        ih.unindent();
+        expect(element.value).toBe('    foo\n    bar\nbaz');
+        expect(element.selection()).toEqual([13, 18]);
+      });
+
+      it('when some lines are partially selected within their indents', () => {
+        element.value = '    foo\n        bar\n    baz';
+        element.setSelectionRange(10, 22);
+        ih.unindent();
+        expect(element.value).toBe('    foo\n    bar\nbaz');
+        expect(element.selection()).toEqual([8, 16]);
+      });
+    });
+  });
+
+  describe('newline', () => {
+    describe('on a single line', () => {
+      it('auto-indents the new line', () => {
+        element.value = 'foo\n bar\n    baz\n        qux';
+
+        element.setCursor(3);
+        ih.newline();
+        expect(element.value).toBe('foo\n\n bar\n    baz\n        qux');
+        expect(element.cursor()).toBe(4);
+
+        element.setCursor(9);
+        ih.newline();
+        expect(element.value).toBe('foo\n\n bar\n \n    baz\n        qux');
+        expect(element.cursor()).toBe(11);
+
+        element.setCursor(19);
+        ih.newline();
+        expect(element.value).toBe('foo\n\n bar\n \n    baz\n    \n        qux');
+        expect(element.cursor()).toBe(24);
+
+        element.setCursor(36);
+        ih.newline();
+        expect(element.value).toBe('foo\n\n bar\n \n    baz\n    \n        qux\n        ');
+        expect(element.cursor()).toBe(45);
+      });
+
+      it('splits a line and auto-indents', () => {
+        element.value = '    foobar';
+        element.setCursor(7);
+        ih.newline();
+        expect(element.value).toBe('    foo\n    bar');
+        expect(element.cursor()).toBe(12);
+      });
+
+      it('replaces selection with an indented newline', () => {
+        element.value = '    foobarbaz';
+        element.setSelectionRange(7, 10);
+        ih.newline();
+        expect(element.value).toBe('    foo\n    baz');
+        expect(element.cursor()).toBe(12);
+      });
+    });
+
+    it('on several lines.replaces selection with indented newline', () => {
+      element.value = '  foo\n    bar\n  baz';
+      element.setSelectionRange(4, 17);
+      ih.newline();
+      expect(element.value).toBe('  fo\n  az');
+      expect(element.cursor()).toBe(7);
+    });
+  });
+
+  describe('backspace', () => {
+    let event;
+
+    // This suite tests only the special indent-removing behaviour of the
+    // backspace() method, since non-special cases are handled natively as a
+    // backspace keypress.
+
+    beforeEach(() => {
+      event = { preventDefault: jest.fn() };
+    });
+
+    describe('on a single line', () => {
+      it('does nothing special if in the line text', () => {
+        element.value = '    foobar';
+        element.setCursor(7);
+        ih.backspace(event);
+        expect(event.preventDefault).not.toHaveBeenCalled();
+      });
+
+      it('does nothing special if after a non-leading indent', () => {
+        element.value = '    foo    bar';
+        element.setCursor(11);
+        ih.backspace(event);
+        expect(event.preventDefault).not.toHaveBeenCalled();
+      });
+
+      it('deletes one leading indent', () => {
+        element.value = '        foo';
+        element.setCursor(8);
+        ih.backspace(event);
+        expect(event.preventDefault).toHaveBeenCalled();
+        expect(element.value).toBe('    foo');
+        expect(element.cursor()).toBe(4);
+      });
+
+      it('does nothing if cursor is inside the leading indent', () => {
+        element.value = '        foo';
+        element.setCursor(4);
+        ih.backspace(event);
+        expect(event.preventDefault).not.toHaveBeenCalled();
+      });
+
+      it('does nothing if cursor is at the start of the line', () => {
+        element.value = '    foo';
+        element.setCursor(0);
+        ih.backspace(event);
+        expect(event.preventDefault).not.toHaveBeenCalled();
+      });
+
+      it('deletes one partial indent', () => {
+        element.value = '      foo';
+        element.setCursor(6);
+        ih.backspace(event);
+        expect(event.preventDefault).toHaveBeenCalled();
+        expect(element.value).toBe('    foo');
+        expect(element.cursor()).toBe(4);
+      });
+
+      it('deletes indents sequentially', () => {
+        element.value = '          foo';
+        element.setCursor(10);
+        ih.backspace(event);
+        ih.backspace(event);
+        ih.backspace(event);
+        expect(event.preventDefault).toHaveBeenCalled();
+        expect(element.value).toBe('foo');
+        expect(element.cursor()).toBe(0);
+      });
+    });
+
+    describe('on several lines', () => {
+      it('deletes indent only on its own line', () => {
+        element.value = '    foo\n        bar\n    baz';
+        element.setCursor(16);
+        ih.backspace(event);
+        expect(event.preventDefault).toHaveBeenCalled();
+        expect(element.value).toBe('    foo\n    bar\n    baz');
+        expect(element.cursor()).toBe(12);
+      });
+
+      it('has no special behaviour with any range selection', () => {
+        const text = '  foo\n    bar\n  baz';
+        for (let start = 0; start < text.length; start += 1) {
+          for (let end = start + 1; end < text.length; end += 1) {
+            element.value = text;
+            element.setSelectionRange(start, end);
+            ih.backspace(event);
+            expect(event.preventDefault).not.toHaveBeenCalled();
+
+            // Ensure that the backspace() method doesn't change state
+            // In reality, these two statements won't hold because the browser
+            // will natively process the backspace event.
+            expect(element.value).toBe(text);
+            expect(element.selection()).toEqual([start, end]);
+          }
+        }
+      });
+    });
+  });
+});
diff --git a/spec/frontend/lib/utils/common_utils_spec.js b/spec/frontend/lib/utils/common_utils_spec.js
new file mode 100644
index 00000000000..e3d3b82d2f3
--- /dev/null
+++ b/spec/frontend/lib/utils/common_utils_spec.js
@@ -0,0 +1,180 @@
+import * as cu from '~/lib/utils/common_utils';
+
+const CMD_ENTITY = '&#8984;';
+
+// Redefine `navigator.platform` because it's unsettable by default in JSDOM.
+let platform;
+Object.defineProperty(navigator, 'platform', {
+  configurable: true,
+  get: () => platform,
+  set: val => {
+    platform = val;
+  },
+});
+
+describe('common_utils', () => {
+  describe('platform leader key helpers', () => {
+    const CTRL_EVENT = { ctrlKey: true };
+    const META_EVENT = { metaKey: true };
+    const BOTH_EVENT = { ctrlKey: true, metaKey: true };
+
+    it('should return "ctrl" if navigator.platform is unset', () => {
+      expect(cu.getPlatformLeaderKey()).toBe('ctrl');
+      expect(cu.getPlatformLeaderKeyHTML()).toBe('Ctrl');
+      expect(cu.isPlatformLeaderKey(CTRL_EVENT)).toBe(true);
+      expect(cu.isPlatformLeaderKey(META_EVENT)).toBe(false);
+      expect(cu.isPlatformLeaderKey(BOTH_EVENT)).toBe(true);
+    });
+
+    it('should return "meta" on MacOS', () => {
+      navigator.platform = 'MacIntel';
+      expect(cu.getPlatformLeaderKey()).toBe('meta');
+      expect(cu.getPlatformLeaderKeyHTML()).toBe(CMD_ENTITY);
+      expect(cu.isPlatformLeaderKey(CTRL_EVENT)).toBe(false);
+      expect(cu.isPlatformLeaderKey(META_EVENT)).toBe(true);
+      expect(cu.isPlatformLeaderKey(BOTH_EVENT)).toBe(true);
+    });
+
+    it('should return "ctrl" on Linux', () => {
+      navigator.platform = 'Linux is great';
+      expect(cu.getPlatformLeaderKey()).toBe('ctrl');
+      expect(cu.getPlatformLeaderKeyHTML()).toBe('Ctrl');
+      expect(cu.isPlatformLeaderKey(CTRL_EVENT)).toBe(true);
+      expect(cu.isPlatformLeaderKey(META_EVENT)).toBe(false);
+      expect(cu.isPlatformLeaderKey(BOTH_EVENT)).toBe(true);
+    });
+
+    it('should return "ctrl" on Windows', () => {
+      navigator.platform = 'Win32';
+      expect(cu.getPlatformLeaderKey()).toBe('ctrl');
+      expect(cu.getPlatformLeaderKeyHTML()).toBe('Ctrl');
+      expect(cu.isPlatformLeaderKey(CTRL_EVENT)).toBe(true);
+      expect(cu.isPlatformLeaderKey(META_EVENT)).toBe(false);
+      expect(cu.isPlatformLeaderKey(BOTH_EVENT)).toBe(true);
+    });
+  });
+
+  describe('keystroke', () => {
+    const CODE_BACKSPACE = 8;
+    const CODE_TAB = 9;
+    const CODE_ENTER = 13;
+    const CODE_SPACE = 32;
+    const CODE_4 = 52;
+    const CODE_F = 70;
+    const CODE_Z = 90;
+
+    // Helper function that quickly creates KeyboardEvents
+    const k = (code, modifiers = '') => ({
+      keyCode: code,
+      which: code,
+      altKey: modifiers.includes('a'),
+      ctrlKey: modifiers.includes('c'),
+      metaKey: modifiers.includes('m'),
+      shiftKey: modifiers.includes('s'),
+    });
+
+    const EV_F = k(CODE_F);
+    const EV_ALT_F = k(CODE_F, 'a');
+    const EV_CONTROL_F = k(CODE_F, 'c');
+    const EV_META_F = k(CODE_F, 'm');
+    const EV_SHIFT_F = k(CODE_F, 's');
+    const EV_CONTROL_SHIFT_F = k(CODE_F, 'cs');
+    const EV_ALL_F = k(CODE_F, 'scma');
+    const EV_ENTER = k(CODE_ENTER);
+    const EV_TAB = k(CODE_TAB);
+    const EV_SPACE = k(CODE_SPACE);
+    const EV_BACKSPACE = k(CODE_BACKSPACE);
+    const EV_4 = k(CODE_4);
+    const EV_$ = k(CODE_4, 's');
+
+    const { keystroke } = cu;
+
+    it('short-circuits with bad arguments', () => {
+      expect(keystroke()).toBe(false);
+      expect(keystroke({})).toBe(false);
+    });
+
+    it('handles keystrokes using key codes', () => {
+      // Test a letter key with modifiers
+      expect(keystroke(EV_F, CODE_F)).toBe(true);
+      expect(keystroke(EV_F, CODE_F, '')).toBe(true);
+      expect(keystroke(EV_ALT_F, CODE_F, 'a')).toBe(true);
+      expect(keystroke(EV_CONTROL_F, CODE_F, 'c')).toBe(true);
+      expect(keystroke(EV_META_F, CODE_F, 'm')).toBe(true);
+      expect(keystroke(EV_SHIFT_F, CODE_F, 's')).toBe(true);
+      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 'cs')).toBe(true);
+      expect(keystroke(EV_ALL_F, CODE_F, 'acms')).toBe(true);
+
+      // Test non-letter keys
+      expect(keystroke(EV_TAB, CODE_TAB)).toBe(true);
+      expect(keystroke(EV_ENTER, CODE_ENTER)).toBe(true);
+      expect(keystroke(EV_SPACE, CODE_SPACE)).toBe(true);
+      expect(keystroke(EV_BACKSPACE, CODE_BACKSPACE)).toBe(true);
+
+      // Test a number/symbol key
+      expect(keystroke(EV_4, CODE_4)).toBe(true);
+      expect(keystroke(EV_$, CODE_4, 's')).toBe(true);
+
+      // Test wrong input
+      expect(keystroke(EV_F, CODE_Z)).toBe(false);
+      expect(keystroke(EV_SHIFT_F, CODE_F)).toBe(false);
+      expect(keystroke(EV_SHIFT_F, CODE_F, 'c')).toBe(false);
+    });
+
+    it('is case-insensitive', () => {
+      expect(keystroke(EV_ALL_F, CODE_F, 'ACMS')).toBe(true);
+    });
+
+    it('handles bogus inputs', () => {
+      expect(keystroke(EV_F, 'not a keystroke')).toBe(false);
+      expect(keystroke(EV_F, null)).toBe(false);
+    });
+
+    it('handles exact modifier keys, in any order', () => {
+      // Test permutations of modifiers
+      expect(keystroke(EV_ALL_F, CODE_F, 'acms')).toBe(true);
+      expect(keystroke(EV_ALL_F, CODE_F, 'smca')).toBe(true);
+      expect(keystroke(EV_ALL_F, CODE_F, 'csma')).toBe(true);
+      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 'cs')).toBe(true);
+      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 'sc')).toBe(true);
+
+      // Test wrong modifiers
+      expect(keystroke(EV_ALL_F, CODE_F, 'smca')).toBe(true);
+      expect(keystroke(EV_ALL_F, CODE_F)).toBe(false);
+      expect(keystroke(EV_ALL_F, CODE_F, '')).toBe(false);
+      expect(keystroke(EV_ALL_F, CODE_F, 'c')).toBe(false);
+      expect(keystroke(EV_ALL_F, CODE_F, 'ca')).toBe(false);
+      expect(keystroke(EV_ALL_F, CODE_F, 'ms')).toBe(false);
+      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 'cs')).toBe(true);
+      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 'c')).toBe(false);
+      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 's')).toBe(false);
+      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 'csa')).toBe(false);
+      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 'm')).toBe(false);
+      expect(keystroke(EV_SHIFT_F, CODE_F, 's')).toBe(true);
+      expect(keystroke(EV_SHIFT_F, CODE_F, 'c')).toBe(false);
+      expect(keystroke(EV_SHIFT_F, CODE_F, 'csm')).toBe(false);
+    });
+
+    it('handles the platform-dependent leader key', () => {
+      navigator.platform = 'Win32';
+      let EV_UNDO = k(CODE_Z, 'c');
+      let EV_REDO = k(CODE_Z, 'cs');
+      expect(keystroke(EV_UNDO, CODE_Z, 'l')).toBe(true);
+      expect(keystroke(EV_UNDO, CODE_Z, 'c')).toBe(true);
+      expect(keystroke(EV_UNDO, CODE_Z, 'm')).toBe(false);
+      expect(keystroke(EV_REDO, CODE_Z, 'sl')).toBe(true);
+      expect(keystroke(EV_REDO, CODE_Z, 'sc')).toBe(true);
+      expect(keystroke(EV_REDO, CODE_Z, 'sm')).toBe(false);
+
+      navigator.platform = 'MacIntel';
+      EV_UNDO = k(CODE_Z, 'm');
+      EV_REDO = k(CODE_Z, 'ms');
+      expect(keystroke(EV_UNDO, CODE_Z, 'l')).toBe(true);
+      expect(keystroke(EV_UNDO, CODE_Z, 'c')).toBe(false);
+      expect(keystroke(EV_UNDO, CODE_Z, 'm')).toBe(true);
+      expect(keystroke(EV_REDO, CODE_Z, 'sl')).toBe(true);
+      expect(keystroke(EV_REDO, CODE_Z, 'sc')).toBe(false);
+      expect(keystroke(EV_REDO, CODE_Z, 'sm')).toBe(true);
+    });
+  });
+});
diff --git a/spec/frontend/lib/utils/undo_stack_spec.js b/spec/frontend/lib/utils/undo_stack_spec.js
new file mode 100644
index 00000000000..31ad0e77d6f
--- /dev/null
+++ b/spec/frontend/lib/utils/undo_stack_spec.js
@@ -0,0 +1,237 @@
+import UndoStack from '~/lib/utils/undo_stack';
+
+import { isEqual } from 'underscore';
+
+describe('UndoStack', () => {
+  let stack;
+
+  beforeEach(() => {
+    stack = new UndoStack();
+  });
+
+  afterEach(() => {
+    // Make sure there's not pending saves
+    const history = Array.from(stack.history);
+    jest.runAllTimers();
+    expect(stack.history).toEqual(history);
+  });
+
+  it('is blank on construction', () => {
+    expect(stack.isEmpty()).toBe(true);
+    expect(stack.history).toEqual([]);
+    expect(stack.cursor).toBe(-1);
+    expect(stack.canUndo()).toBe(false);
+    expect(stack.canRedo()).toBe(false);
+  });
+
+  it('handles simple undo/redo behaviour', () => {
+    stack.save(10);
+    stack.save(11);
+    stack.save(12);
+
+    expect(stack.history).toEqual([10, 11, 12]);
+    expect(stack.cursor).toBe(2);
+    expect(stack.current()).toBe(12);
+    expect(stack.isEmpty()).toBe(false);
+    expect(stack.canUndo()).toBe(true);
+    expect(stack.canRedo()).toBe(false);
+
+    stack.undo();
+    expect(stack.history).toEqual([10, 11, 12]);
+    expect(stack.current()).toBe(11);
+    expect(stack.canUndo()).toBe(true);
+    expect(stack.canRedo()).toBe(true);
+
+    stack.undo();
+    expect(stack.current()).toBe(10);
+    expect(stack.canUndo()).toBe(false);
+    expect(stack.canRedo()).toBe(true);
+
+    stack.redo();
+    expect(stack.current()).toBe(11);
+
+    stack.redo();
+    expect(stack.current()).toBe(12);
+    expect(stack.isEmpty()).toBe(false);
+    expect(stack.canUndo()).toBe(true);
+    expect(stack.canRedo()).toBe(false);
+
+    // Saving should clear the redo stack
+    stack.undo();
+    stack.save(13);
+    expect(stack.history).toEqual([10, 11, 13]);
+    expect(stack.current()).toBe(13);
+  });
+
+  it('clear() should clear the undo history', () => {
+    stack.save(0);
+    stack.save(1);
+    stack.save(2);
+    stack.clear();
+    expect(stack.history).toEqual([]);
+    expect(stack.current()).toBeUndefined();
+  });
+
+  it('undo and redo are no-ops if unavailable', () => {
+    stack.save(10);
+    expect(stack.canRedo()).toBe(false);
+    expect(stack.canUndo()).toBe(false);
+
+    stack.save(11);
+    expect(stack.canRedo()).toBe(false);
+    expect(stack.canUndo()).toBe(true);
+
+    expect(stack.redo()).toBeUndefined();
+    expect(stack.history).toEqual([10, 11]);
+    expect(stack.current()).toBe(11);
+    expect(stack.canRedo()).toBe(false);
+    expect(stack.canUndo()).toBe(true);
+
+    expect(stack.undo()).toBe(10);
+    expect(stack.undo()).toBeUndefined();
+    expect(stack.history).toEqual([10, 11]);
+    expect(stack.current()).toBe(10);
+    expect(stack.canRedo()).toBe(true);
+    expect(stack.canUndo()).toBe(false);
+  });
+
+  it('should not save a duplicate state', () => {
+    stack.save(10);
+    stack.save(11);
+    stack.save(11);
+    stack.save(10);
+    stack.save(10);
+
+    expect(stack.history).toEqual([10, 11, 10]);
+  });
+
+  it('uses the === operator to detect duplicates', () => {
+    stack.save(10);
+    stack.save(10);
+    expect(stack.history).toEqual([10]);
+
+    // eslint-disable-next-line eqeqeq
+    expect(2 == '2' && '2' == 2).toBe(true);
+    stack.clear();
+    stack.save(2);
+    stack.save(2);
+    stack.save('2');
+    stack.save('2');
+    stack.save(2);
+    expect(stack.history).toEqual([2, '2', 2]);
+
+    const obj = {};
+    stack.clear();
+    stack.save(obj);
+    stack.save(obj);
+    stack.save({});
+    stack.save({});
+    expect(stack.history).toEqual([{}, {}, {}]);
+  });
+
+  it('should allow custom comparators', () => {
+    stack.comparator = isEqual;
+    const obj = {};
+    stack.clear();
+    stack.save(obj);
+    stack.save(obj);
+    stack.save({});
+    stack.save({});
+    expect(stack.history).toEqual([{}]);
+  });
+
+  it('should enforce a max number of undo states', () => {
+    // Try 2000 saves. Only the last 1000 should be preserved.
+    const sequence = Array(2000)
+      .fill(0)
+      .map((el, i) => i);
+    sequence.forEach(stack.save.bind(stack));
+    expect(stack.history.length).toBe(1000);
+    expect(stack.history).toEqual(sequence.slice(1000));
+    expect(stack.current()).toBe(1999);
+    expect(stack.canUndo()).toBe(true);
+    expect(stack.canRedo()).toBe(false);
+
+    // Saving drops the oldest elements from the stack
+    stack.save('end');
+    expect(stack.history.length).toBe(1000);
+    expect(stack.current()).toBe('end');
+    expect(stack.history).toEqual([...sequence.slice(1001), 'end']);
+
+    // If states were undone but the history is full, can still add.
+    stack.undo();
+    stack.undo();
+    expect(stack.current()).toBe(1998);
+    stack.save(3000);
+    expect(stack.history.length).toBe(999);
+    // should be [1001, 1002, ..., 1998, 3000]
+    expect(stack.history).toEqual([...sequence.slice(1001, 1999), 3000]);
+
+    // Try a different max length
+    stack = new UndoStack(2);
+    stack.save(0);
+    expect(stack.history).toEqual([0]);
+    stack.save(1);
+    expect(stack.history).toEqual([0, 1]);
+    stack.save(2);
+    expect(stack.history).toEqual([1, 2]);
+  });
+
+  describe('scheduled saves', () => {
+    it('should work', () => {
+      // Schedules 1000 ms ahead by default
+      stack.save(0);
+      stack.scheduleSave(1);
+      expect(stack.history).toEqual([0]);
+      jest.advanceTimersByTime(999);
+      expect(stack.history).toEqual([0]);
+      jest.advanceTimersByTime(1);
+      expect(stack.history).toEqual([0, 1]);
+    });
+
+    it('should have an adjustable delay', () => {
+      stack.scheduleSave(2, 100);
+      jest.advanceTimersByTime(100);
+      expect(stack.history).toEqual([2]);
+    });
+
+    it('should cancel previous scheduled saves', () => {
+      stack.scheduleSave(3);
+      jest.advanceTimersByTime(100);
+      stack.scheduleSave(4);
+      jest.runAllTimers();
+      expect(stack.history).toEqual([4]);
+    });
+
+    it('should be canceled by explicit saves', () => {
+      stack.scheduleSave(5);
+      stack.save(6);
+      jest.runAllTimers();
+      expect(stack.history).toEqual([6]);
+    });
+
+    it('should be canceled by undos and redos', () => {
+      stack.save(1);
+      stack.save(2);
+      stack.scheduleSave(3);
+      stack.undo();
+      jest.runAllTimers();
+      expect(stack.history).toEqual([1, 2]);
+      expect(stack.current()).toBe(1);
+
+      stack.scheduleSave(4);
+      stack.redo();
+      jest.runAllTimers();
+      expect(stack.history).toEqual([1, 2]);
+      expect(stack.current()).toBe(2);
+    });
+
+    it('should be persisted immediately with saveNow()', () => {
+      stack.scheduleSave(7);
+      stack.scheduleSave(8);
+      stack.saveNow();
+      jest.runAllTimers();
+      expect(stack.history).toEqual([8]);
+    });
+  });
+});
diff --git a/yarn.lock b/yarn.lock
index 4fa7665b000..0936e14c0a5 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -8340,7 +8340,7 @@ monaco-editor@^0.15.6:
   resolved "https://registry.yarnpkg.com/monaco-editor/-/monaco-editor-0.15.6.tgz#d63b3b06f86f803464f003b252627c3eb4a09483"
   integrity sha512-JoU9V9k6KqT9R9Tiw1RTU8ohZ+Xnf9DMg6Ktqqw5hILumwmq7xqa/KLXw513uTUsWbhtnHoSJYYR++u3pkyxJg==
 
-mousetrap@^1.4.6:
+mousetrap@1.4.6:
   version "1.4.6"
   resolved "https://registry.yarnpkg.com/mousetrap/-/mousetrap-1.4.6.tgz#eaca72e22e56d5b769b7555873b688c3332e390a"
   integrity sha1-6spy4i5W1bdpt1VYc7aIwzMuOQo=
-- 
cgit v1.2.1


From 4873b2b2ec435a527fdc1352c1aeda5e3aff840b Mon Sep 17 00:00:00 2001
From: Sanad Liaquat <sliaquat@gitlab.com>
Date: Fri, 26 Jul 2019 13:23:22 +0500
Subject: Move create group with mattermost spec to correct dir

---
 .../group/create_group_with_mattermost_team_spec.rb | 21 +++++++++++++++++++++
 .../create_group_with_mattermost_team_spec.rb       | 21 ---------------------
 2 files changed, 21 insertions(+), 21 deletions(-)
 create mode 100644 qa/qa/specs/features/browser_ui/1_manage/group/create_group_with_mattermost_team_spec.rb
 delete mode 100644 qa/qa/specs/features/browser_ui/7_configure/mattermost/create_group_with_mattermost_team_spec.rb

diff --git a/qa/qa/specs/features/browser_ui/1_manage/group/create_group_with_mattermost_team_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/group/create_group_with_mattermost_team_spec.rb
new file mode 100644
index 00000000000..94d20106de4
--- /dev/null
+++ b/qa/qa/specs/features/browser_ui/1_manage/group/create_group_with_mattermost_team_spec.rb
@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module QA
+  context 'Configure', :orchestrated, :mattermost do
+    describe 'Mattermost support' do
+      it 'user creates a group with a mattermost team' do
+        Runtime::Browser.visit(:gitlab, Page::Main::Login)
+        Page::Main::Login.perform(&:sign_in_using_credentials)
+        Page::Main::Menu.perform(&:go_to_groups)
+
+        Page::Dashboard::Groups.perform do |page|
+          page.click_new_group
+
+          expect(page).to have_content(
+            /Create a Mattermost team for this group/
+          )
+        end
+      end
+    end
+  end
+end
diff --git a/qa/qa/specs/features/browser_ui/7_configure/mattermost/create_group_with_mattermost_team_spec.rb b/qa/qa/specs/features/browser_ui/7_configure/mattermost/create_group_with_mattermost_team_spec.rb
deleted file mode 100644
index 94d20106de4..00000000000
--- a/qa/qa/specs/features/browser_ui/7_configure/mattermost/create_group_with_mattermost_team_spec.rb
+++ /dev/null
@@ -1,21 +0,0 @@
-# frozen_string_literal: true
-
-module QA
-  context 'Configure', :orchestrated, :mattermost do
-    describe 'Mattermost support' do
-      it 'user creates a group with a mattermost team' do
-        Runtime::Browser.visit(:gitlab, Page::Main::Login)
-        Page::Main::Login.perform(&:sign_in_using_credentials)
-        Page::Main::Menu.perform(&:go_to_groups)
-
-        Page::Dashboard::Groups.perform do |page|
-          page.click_new_group
-
-          expect(page).to have_content(
-            /Create a Mattermost team for this group/
-          )
-        end
-      end
-    end
-  end
-end
-- 
cgit v1.2.1


From 6df22f17d2aa255742f2a728df7a00c0af4ee84c Mon Sep 17 00:00:00 2001
From: Lukas 'Eipi' Eipert <leipert@gitlab.com>
Date: Fri, 26 Jul 2019 09:40:17 +0000
Subject: Karma: Fix css selector for loading icon

The GitLab UI update changed the spinner selector from `spinner` to
`gl-spinner`, so we need to update it, so that our tests won't fail.
---
 package.json                                                 |  2 +-
 spec/javascripts/badges/components/badge_list_spec.js        |  2 +-
 spec/javascripts/badges/components/badge_spec.js             |  2 +-
 spec/javascripts/boards/board_list_spec.js                   |  2 +-
 spec/javascripts/registry/components/app_spec.js             |  2 +-
 .../reports/components/grouped_test_reports_app_spec.js      | 12 ++++++------
 .../vue_mr_widget/components/mr_widget_status_icon_spec.js   |  2 +-
 .../components/states/mr_widget_auto_merge_failed_spec.js    |  4 +++-
 .../components/states/mr_widget_checking_spec.js             |  2 +-
 spec/javascripts/vue_shared/components/file_icon_spec.js     |  2 +-
 .../vue_shared/components/header_ci_component_spec.js        |  2 +-
 yarn.lock                                                    |  8 ++++----
 12 files changed, 22 insertions(+), 20 deletions(-)

diff --git a/package.json b/package.json
index dce20505fb0..773918524f9 100644
--- a/package.json
+++ b/package.json
@@ -38,7 +38,7 @@
     "@babel/preset-env": "^7.4.4",
     "@gitlab/csslab": "^1.9.0",
     "@gitlab/svgs": "^1.67.0",
-    "@gitlab/ui": "^5.7.1",
+    "@gitlab/ui": "^5.9.0",
     "apollo-cache-inmemory": "^1.5.1",
     "apollo-client": "^2.5.1",
     "apollo-link": "^1.2.11",
diff --git a/spec/javascripts/badges/components/badge_list_spec.js b/spec/javascripts/badges/components/badge_list_spec.js
index 2f72c9ed89d..2fa807657de 100644
--- a/spec/javascripts/badges/components/badge_list_spec.js
+++ b/spec/javascripts/badges/components/badge_list_spec.js
@@ -60,7 +60,7 @@ describe('BadgeList component', () => {
 
     Vue.nextTick()
       .then(() => {
-        const loadingIcon = vm.$el.querySelector('.spinner');
+        const loadingIcon = vm.$el.querySelector('.gl-spinner');
 
         expect(loadingIcon).toBeVisible();
       })
diff --git a/spec/javascripts/badges/components/badge_spec.js b/spec/javascripts/badges/components/badge_spec.js
index 4e4d1ae2e99..c82a03a628a 100644
--- a/spec/javascripts/badges/components/badge_spec.js
+++ b/spec/javascripts/badges/components/badge_spec.js
@@ -15,7 +15,7 @@ describe('Badge component', () => {
     const buttons = vm.$el.querySelectorAll('button');
     return {
       badgeImage: vm.$el.querySelector('img.project-badge'),
-      loadingIcon: vm.$el.querySelector('.spinner'),
+      loadingIcon: vm.$el.querySelector('.gl-spinner'),
       reloadButton: buttons[buttons.length - 1],
     };
   };
diff --git a/spec/javascripts/boards/board_list_spec.js b/spec/javascripts/boards/board_list_spec.js
index 9c9b435d7fd..6774a46ed58 100644
--- a/spec/javascripts/boards/board_list_spec.js
+++ b/spec/javascripts/boards/board_list_spec.js
@@ -148,7 +148,7 @@ describe('Board list component', () => {
     component.list.loadingMore = true;
 
     Vue.nextTick(() => {
-      expect(component.$el.querySelector('.board-list-count .spinner')).not.toBeNull();
+      expect(component.$el.querySelector('.board-list-count .gl-spinner')).not.toBeNull();
 
       done();
     });
diff --git a/spec/javascripts/registry/components/app_spec.js b/spec/javascripts/registry/components/app_spec.js
index 7b9b8d2b039..e7675669f7a 100644
--- a/spec/javascripts/registry/components/app_spec.js
+++ b/spec/javascripts/registry/components/app_spec.js
@@ -106,7 +106,7 @@ describe('Registry List', () => {
 
     it('should render a loading spinner', done => {
       Vue.nextTick(() => {
-        expect(vm.$el.querySelector('.spinner')).not.toBe(null);
+        expect(vm.$el.querySelector('.gl-spinner')).not.toBe(null);
         done();
       });
     });
diff --git a/spec/javascripts/reports/components/grouped_test_reports_app_spec.js b/spec/javascripts/reports/components/grouped_test_reports_app_spec.js
index a17494966a3..1f1e626ed33 100644
--- a/spec/javascripts/reports/components/grouped_test_reports_app_spec.js
+++ b/spec/javascripts/reports/components/grouped_test_reports_app_spec.js
@@ -34,7 +34,7 @@ describe('Grouped Test Reports App', () => {
 
     it('renders success summary text', done => {
       setTimeout(() => {
-        expect(vm.$el.querySelector('.fa-spinner')).toBeNull();
+        expect(vm.$el.querySelector('.gl-spinner')).toBeNull();
         expect(vm.$el.querySelector('.js-code-text').textContent.trim()).toEqual(
           'Test summary contained no changed test results out of 11 total tests',
         );
@@ -61,7 +61,7 @@ describe('Grouped Test Reports App', () => {
 
     it('renders success summary text', done => {
       setTimeout(() => {
-        expect(vm.$el.querySelector('.spinner')).not.toBeNull();
+        expect(vm.$el.querySelector('.gl-spinner')).not.toBeNull();
         expect(vm.$el.querySelector('.js-code-text').textContent.trim()).toEqual(
           'Test summary results are being parsed',
         );
@@ -81,7 +81,7 @@ describe('Grouped Test Reports App', () => {
 
     it('renders failed summary text + new badge', done => {
       setTimeout(() => {
-        expect(vm.$el.querySelector('.spinner')).toBeNull();
+        expect(vm.$el.querySelector('.gl-spinner')).toBeNull();
         expect(vm.$el.querySelector('.js-code-text').textContent.trim()).toEqual(
           'Test summary contained 2 failed test results out of 11 total tests',
         );
@@ -109,7 +109,7 @@ describe('Grouped Test Reports App', () => {
 
     it('renders summary text', done => {
       setTimeout(() => {
-        expect(vm.$el.querySelector('.spinner')).toBeNull();
+        expect(vm.$el.querySelector('.gl-spinner')).toBeNull();
         expect(vm.$el.querySelector('.js-code-text').textContent.trim()).toEqual(
           'Test summary contained 2 failed test results and 2 fixed test results out of 11 total tests',
         );
@@ -137,7 +137,7 @@ describe('Grouped Test Reports App', () => {
 
     it('renders summary text', done => {
       setTimeout(() => {
-        expect(vm.$el.querySelector('.spinner')).toBeNull();
+        expect(vm.$el.querySelector('.gl-spinner')).toBeNull();
         expect(vm.$el.querySelector('.js-code-text').textContent.trim()).toEqual(
           'Test summary contained 2 fixed test results out of 11 total tests',
         );
@@ -190,7 +190,7 @@ describe('Grouped Test Reports App', () => {
     });
 
     it('renders loading summary text with loading icon', done => {
-      expect(vm.$el.querySelector('.spinner')).not.toBeNull();
+      expect(vm.$el.querySelector('.gl-spinner')).not.toBeNull();
       expect(vm.$el.querySelector('.js-code-text').textContent.trim()).toEqual(
         'Test summary results are being parsed',
       );
diff --git a/spec/javascripts/vue_mr_widget/components/mr_widget_status_icon_spec.js b/spec/javascripts/vue_mr_widget/components/mr_widget_status_icon_spec.js
index f622f52a7b9..5aac37d28df 100644
--- a/spec/javascripts/vue_mr_widget/components/mr_widget_status_icon_spec.js
+++ b/spec/javascripts/vue_mr_widget/components/mr_widget_status_icon_spec.js
@@ -18,7 +18,7 @@ describe('MR widget status icon component', () => {
     it('renders loading icon', () => {
       vm = mountComponent(Component, { status: 'loading' });
 
-      expect(vm.$el.querySelector('.mr-widget-icon span').classList).toContain('spinner');
+      expect(vm.$el.querySelector('.mr-widget-icon span').classList).toContain('gl-spinner');
     });
   });
 
diff --git a/spec/javascripts/vue_mr_widget/components/states/mr_widget_auto_merge_failed_spec.js b/spec/javascripts/vue_mr_widget/components/states/mr_widget_auto_merge_failed_spec.js
index d93badf8cd3..55a11a72551 100644
--- a/spec/javascripts/vue_mr_widget/components/states/mr_widget_auto_merge_failed_spec.js
+++ b/spec/javascripts/vue_mr_widget/components/states/mr_widget_auto_merge_failed_spec.js
@@ -38,7 +38,9 @@ describe('MRWidgetAutoMergeFailed', () => {
 
     Vue.nextTick(() => {
       expect(vm.$el.querySelector('button').getAttribute('disabled')).toEqual('disabled');
-      expect(vm.$el.querySelector('button .loading-container span').classList).toContain('spinner');
+      expect(vm.$el.querySelector('button .loading-container span').classList).toContain(
+        'gl-spinner',
+      );
       done();
     });
   });
diff --git a/spec/javascripts/vue_mr_widget/components/states/mr_widget_checking_spec.js b/spec/javascripts/vue_mr_widget/components/states/mr_widget_checking_spec.js
index 96e512d222a..70c70eca746 100644
--- a/spec/javascripts/vue_mr_widget/components/states/mr_widget_checking_spec.js
+++ b/spec/javascripts/vue_mr_widget/components/states/mr_widget_checking_spec.js
@@ -20,7 +20,7 @@ describe('MRWidgetChecking', () => {
   });
 
   it('renders loading icon', () => {
-    expect(vm.$el.querySelector('.mr-widget-icon span').classList).toContain('spinner');
+    expect(vm.$el.querySelector('.mr-widget-icon span').classList).toContain('gl-spinner');
   });
 
   it('renders information about merging', () => {
diff --git a/spec/javascripts/vue_shared/components/file_icon_spec.js b/spec/javascripts/vue_shared/components/file_icon_spec.js
index 5bea8c43da3..1f61e19fa84 100644
--- a/spec/javascripts/vue_shared/components/file_icon_spec.js
+++ b/spec/javascripts/vue_shared/components/file_icon_spec.js
@@ -72,7 +72,7 @@ describe('File Icon component', () => {
 
     const { classList } = vm.$el.querySelector('.loading-container span');
 
-    expect(classList.contains('spinner')).toEqual(true);
+    expect(classList.contains('gl-spinner')).toEqual(true);
   });
 
   it('should add a special class and a size class', () => {
diff --git a/spec/javascripts/vue_shared/components/header_ci_component_spec.js b/spec/javascripts/vue_shared/components/header_ci_component_spec.js
index a9c1a67b39b..2b059e5e9f4 100644
--- a/spec/javascripts/vue_shared/components/header_ci_component_spec.js
+++ b/spec/javascripts/vue_shared/components/header_ci_component_spec.js
@@ -88,7 +88,7 @@ describe('Header CI Component', () => {
       vm.actions[0].isLoading = true;
 
       Vue.nextTick(() => {
-        expect(vm.$el.querySelector('.btn .spinner').getAttribute('style')).toBeFalsy();
+        expect(vm.$el.querySelector('.btn .gl-spinner').getAttribute('style')).toBeFalsy();
         done();
       });
     });
diff --git a/yarn.lock b/yarn.lock
index 0936e14c0a5..7095ff706c2 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -996,10 +996,10 @@
   resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-1.67.0.tgz#c7b94eca13b99fd3aaa737fb6dcc0abc41d3c579"
   integrity sha512-hJOmWEs6RkjzyKkb1vc9wwKGZIBIP0coHkxu/KgOoxhBVudpGk4CH7xJ6UuB2TKpb0SEh5CC1CzRZfBYaFhsaA==
 
-"@gitlab/ui@^5.7.1":
-  version "5.7.1"
-  resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-5.7.1.tgz#e55d04052dd6e50ed1e90676aacc64290d62c0b6"
-  integrity sha512-F06/6z6/69LbKIK0PYRDTB/teSPUnF7LijHl4JiuYHXn7Y2/iVoLsAMikhT89RVR84orHPGnw16vtCPjSjBDrA==
+"@gitlab/ui@^5.9.0":
+  version "5.9.0"
+  resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-5.9.0.tgz#a38b1b57c365608b100b95969ae7a57ce1707542"
+  integrity sha512-cgvEPWVerYZNLqkHjg5dd0VhEDBWj8aNoISZCaGOWI9K4yVtpMPVRUv19o/xYm4vUexfFsG9vg9lBgd+4ZU6Yw==
   dependencies:
     "@babel/standalone" "^7.0.0"
     "@gitlab/vue-toasted" "^1.2.1"
-- 
cgit v1.2.1


From cfef1e8e99c275386d3680b90e95ba0cdf137f7c Mon Sep 17 00:00:00 2001
From: Douwe Maan <douwe@selenight.nl>
Date: Thu, 25 Jul 2019 17:01:17 -0500
Subject: Fix error rendering submodules in MR diffs when there is no
 .gitmodules

Without this change, we get a NoMethodError on nil
---
 app/helpers/submodule_helper.rb                  |  2 +
 changelogs/unreleased/dm-submodule-links-nil.yml |  5 +++
 lib/gitlab/submodule_links.rb                    | 11 ++++--
 spec/helpers/submodule_helper_spec.rb            | 13 +++++++
 spec/lib/gitlab/submodule_links_spec.rb          | 47 ++++++++++++++++++++++++
 5 files changed, 75 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/unreleased/dm-submodule-links-nil.yml
 create mode 100644 spec/lib/gitlab/submodule_links_spec.rb

diff --git a/app/helpers/submodule_helper.rb b/app/helpers/submodule_helper.rb
index 9a281065b90..e683e2959d1 100644
--- a/app/helpers/submodule_helper.rb
+++ b/app/helpers/submodule_helper.rb
@@ -13,6 +13,8 @@ module SubmoduleHelper
   end
 
   def submodule_links_for_url(submodule_item_id, url, repository)
+    return [nil, nil] unless url
+
     if url == '.' || url == './'
       url = File.join(Gitlab.config.gitlab.url, repository.project.full_path)
     end
diff --git a/changelogs/unreleased/dm-submodule-links-nil.yml b/changelogs/unreleased/dm-submodule-links-nil.yml
new file mode 100644
index 00000000000..c09ca41d01d
--- /dev/null
+++ b/changelogs/unreleased/dm-submodule-links-nil.yml
@@ -0,0 +1,5 @@
+---
+title: Fix error rendering submodules in MR diffs when there is no .gitmodules
+merge_request: 31162
+author:
+type: fixed
diff --git a/lib/gitlab/submodule_links.rb b/lib/gitlab/submodule_links.rb
index a6c0369d864..18fd604a3b0 100644
--- a/lib/gitlab/submodule_links.rb
+++ b/lib/gitlab/submodule_links.rb
@@ -9,7 +9,7 @@ module Gitlab
     end
 
     def for(submodule, sha)
-      submodule_url = submodule_url_for(sha)[submodule.path]
+      submodule_url = submodule_url_for(sha, submodule.path)
       SubmoduleHelper.submodule_links_for_url(submodule.id, submodule_url, repository)
     end
 
@@ -17,10 +17,15 @@ module Gitlab
 
     attr_reader :repository
 
-    def submodule_url_for(sha)
-      strong_memoize(:"submodule_links_for_#{sha}") do
+    def submodule_urls_for(sha)
+      strong_memoize(:"submodule_urls_for_#{sha}") do
         repository.submodule_urls_for(sha)
       end
     end
+
+    def submodule_url_for(sha, path)
+      urls = submodule_urls_for(sha)
+      urls && urls[path]
+    end
   end
 end
diff --git a/spec/helpers/submodule_helper_spec.rb b/spec/helpers/submodule_helper_spec.rb
index b922b910c89..ab4ef899119 100644
--- a/spec/helpers/submodule_helper_spec.rb
+++ b/spec/helpers/submodule_helper_spec.rb
@@ -229,6 +229,19 @@ describe SubmoduleHelper do
         end
       end
     end
+
+    context 'unknown submodule' do
+      before do
+        # When there is no `.gitmodules` file, or if `.gitmodules` does not
+        # know the submodule at the specified path,
+        # `Repository#submodule_url_for` returns `nil`
+        stub_url(nil)
+      end
+
+      it 'returns no links' do
+        expect(subject).to eq([nil, nil])
+      end
+    end
   end
 
   context 'as view helpers in view context' do
diff --git a/spec/lib/gitlab/submodule_links_spec.rb b/spec/lib/gitlab/submodule_links_spec.rb
new file mode 100644
index 00000000000..a84602cd07d
--- /dev/null
+++ b/spec/lib/gitlab/submodule_links_spec.rb
@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::SubmoduleLinks do
+  let(:submodule_item) { double(id: 'hash', path: 'gitlab-ce') }
+  let(:repo) { double }
+  let(:links) { described_class.new(repo) }
+
+  describe '#for' do
+    subject { links.for(submodule_item, 'ref') }
+
+    context 'when there is no .gitmodules file' do
+      before do
+        stub_urls(nil)
+      end
+
+      it 'returns no links' do
+        expect(subject).to eq([nil, nil])
+      end
+    end
+
+    context 'when the submodule is unknown' do
+      before do
+        stub_urls({ 'path' => 'url' })
+      end
+
+      it 'returns no links' do
+        expect(subject).to eq([nil, nil])
+      end
+    end
+
+    context 'when the submodule is known' do
+      before do
+        stub_urls({ 'gitlab-ce' => 'git@gitlab.com:gitlab-org/gitlab-ce.git' })
+      end
+
+      it 'returns links' do
+        expect(subject).to eq(['https://gitlab.com/gitlab-org/gitlab-ce', 'https://gitlab.com/gitlab-org/gitlab-ce/tree/hash'])
+      end
+    end
+  end
+
+  def stub_urls(urls)
+    allow(repo).to receive(:submodule_urls_for).and_return(urls)
+  end
+end
-- 
cgit v1.2.1


From fb4877dbdcac909176bfd283426a3a21faa67afe Mon Sep 17 00:00:00 2001
From: Marcia Ramos <virtua.creative@gmail.com>
Date: Fri, 26 Jul 2019 11:07:11 +0100
Subject: Milestones docs - ssot

---
 doc/user/project/milestones/burndown_charts.md | 20 ++++++++++++++++++--
 doc/user/project/milestones/index.md           | 16 ++++++++++++++++
 2 files changed, 34 insertions(+), 2 deletions(-)

diff --git a/doc/user/project/milestones/burndown_charts.md b/doc/user/project/milestones/burndown_charts.md
index 84e08b4eeb8..d4dd9c7d4c3 100644
--- a/doc/user/project/milestones/burndown_charts.md
+++ b/doc/user/project/milestones/burndown_charts.md
@@ -1,6 +1,9 @@
+---
+type: reference
+---
+
 # Burndown Charts **(STARTER)**
 
-> **Notes:**
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/1540) in [GitLab Starter](https://about.gitlab.com/pricing/) 9.1 for project milestones.
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/5354) in [GitLab Premium](https://about.gitlab.com/pricing/) 10.8 for group milestones.
 > - [Added](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/6495) to [GitLab Starter](https://about.gitlab.com/pricing/) 11.2 for group milestones.
@@ -20,7 +23,8 @@ yourself to have the same sense of progress.
 
 GitLab Starter plots it for you and presents it in a clear and beautiful chart.
 
-For an overview, check the video demonstration on [Mapping Work Versus Time, With Burndown Charts](https://about.gitlab.com/2017/04/25/mapping-work-to-do-versus-time-with-burndown-charts/).
+<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
+For an overview, check the video demonstration on [Mapping work versus time with Burndown Charts](https://www.youtube.com/watch?v=zJU2MuRChzs).
 
 ## Use cases
 
@@ -68,3 +72,15 @@ The Burndown Chart can also be toggled to display the cumulative open issue
 weight for a given day. When using this feature, make sure issue weights have
 been properly assigned, since an open issue with no weight adds zero to the
 cumulative value.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/project/milestones/index.md b/doc/user/project/milestones/index.md
index 142462e1879..453983fa882 100644
--- a/doc/user/project/milestones/index.md
+++ b/doc/user/project/milestones/index.md
@@ -1,3 +1,7 @@
+---
+type: index, reference
+---
+
 # Milestones
 
 ## Overview
@@ -145,3 +149,15 @@ The milestone sidebar on the milestone view shows the following:
 For project milestones only, the milestone sidebar shows the total issue weight of all issues that have the milestone assigned.
 
 ![Project milestone page](img/milestones_project_milestone_page.png)
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
-- 
cgit v1.2.1


From 8136fac26c8f470720ff90d152b93abf50f5084d Mon Sep 17 00:00:00 2001
From: Peter Leitzen <pleitzen@gitlab.com>
Date: Fri, 26 Jul 2019 10:44:13 +0000
Subject: Prefer `flat_map` over `map` + `flatten`

Convert several occurrences of `map` + `flatten` to
`flat_map` where applicable.
---
 app/models/concerns/protected_ref.rb                             | 2 +-
 app/models/group.rb                                              | 2 +-
 app/serializers/stage_entity.rb                                  | 8 ++++----
 app/services/ci/process_pipeline_service.rb                      | 4 ++--
 lib/api/validations/types/labels_list.rb                         | 2 +-
 lib/banzai/reference_redactor.rb                                 | 2 +-
 lib/gitlab/background_migration/backfill_project_repositories.rb | 2 +-
 lib/gitlab/ci/config/normalizer.rb                               | 2 +-
 lib/gitlab/ci/status/factory.rb                                  | 6 ++----
 9 files changed, 14 insertions(+), 16 deletions(-)

diff --git a/app/models/concerns/protected_ref.rb b/app/models/concerns/protected_ref.rb
index af387c99f3d..0648b4a78e1 100644
--- a/app/models/concerns/protected_ref.rb
+++ b/app/models/concerns/protected_ref.rb
@@ -47,7 +47,7 @@ module ProtectedRef
 
     def access_levels_for_ref(ref, action:, protected_refs: nil)
       self.matching(ref, protected_refs: protected_refs)
-        .map(&:"#{action}_access_levels").flatten
+        .flat_map(&:"#{action}_access_levels")
     end
 
     # Returns all protected refs that match the given ref name.
diff --git a/app/models/group.rb b/app/models/group.rb
index 26ce2957e9b..65a6705b6c0 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -388,7 +388,7 @@ class Group < Namespace
     variables = Ci::GroupVariable.where(group: list_of_ids)
     variables = variables.unprotected unless project.protected_for?(ref)
     variables = variables.group_by(&:group_id)
-    list_of_ids.reverse.map { |group| variables[group.id] }.compact.flatten
+    list_of_ids.reverse.flat_map { |group| variables[group.id] }.compact
   end
 
   def group_member(user)
diff --git a/app/serializers/stage_entity.rb b/app/serializers/stage_entity.rb
index 029dd3d0684..0b0454c5282 100644
--- a/app/serializers/stage_entity.rb
+++ b/app/serializers/stage_entity.rb
@@ -59,14 +59,14 @@ class StageEntity < Grape::Entity
   end
 
   def latest_statuses
-    HasStatus::ORDERED_STATUSES.map do |ordered_status|
+    HasStatus::ORDERED_STATUSES.flat_map do |ordered_status|
       grouped_statuses.fetch(ordered_status, [])
-    end.flatten
+    end
   end
 
   def retried_statuses
-    HasStatus::ORDERED_STATUSES.map do |ordered_status|
+    HasStatus::ORDERED_STATUSES.flat_map do |ordered_status|
       grouped_retried_statuses.fetch(ordered_status, [])
-    end.flatten
+    end
   end
 end
diff --git a/app/services/ci/process_pipeline_service.rb b/app/services/ci/process_pipeline_service.rb
index aaf56048b5c..207cc5017d0 100644
--- a/app/services/ci/process_pipeline_service.rb
+++ b/app/services/ci/process_pipeline_service.rb
@@ -10,13 +10,13 @@ module Ci
       update_retried
 
       new_builds =
-        stage_indexes_of_created_processables.map do |index|
+        stage_indexes_of_created_processables.flat_map do |index|
           process_stage(index)
         end
 
       @pipeline.update_status
 
-      new_builds.flatten.any?
+      new_builds.any?
     end
 
     private
diff --git a/lib/api/validations/types/labels_list.rb b/lib/api/validations/types/labels_list.rb
index 47cd83c29cf..60277b99106 100644
--- a/lib/api/validations/types/labels_list.rb
+++ b/lib/api/validations/types/labels_list.rb
@@ -10,7 +10,7 @@ module API
             when String
               value.split(',').map(&:strip)
             when Array
-              value.map { |v| v.to_s.split(',').map(&:strip) }.flatten
+              value.flat_map { |v| v.to_s.split(',').map(&:strip) }
             when LabelsList
               value
             else
diff --git a/lib/banzai/reference_redactor.rb b/lib/banzai/reference_redactor.rb
index eb5c35da375..936436982e7 100644
--- a/lib/banzai/reference_redactor.rb
+++ b/lib/banzai/reference_redactor.rb
@@ -33,7 +33,7 @@ module Banzai
     #
     # data - An Array of a Hashes mapping an HTML document to nodes to redact.
     def redact_document_nodes(all_document_nodes)
-      all_nodes = all_document_nodes.map { |x| x[:nodes] }.flatten
+      all_nodes = all_document_nodes.flat_map { |x| x[:nodes] }
       visible = nodes_visible_to_user(all_nodes)
       metadata = []
 
diff --git a/lib/gitlab/background_migration/backfill_project_repositories.rb b/lib/gitlab/background_migration/backfill_project_repositories.rb
index c8d83cc1803..1d9aa050041 100644
--- a/lib/gitlab/background_migration/backfill_project_repositories.rb
+++ b/lib/gitlab/background_migration/backfill_project_repositories.rb
@@ -40,7 +40,7 @@ module Gitlab
         end
 
         def reload!
-          @shards = Hash[*Shard.all.map { |shard| [shard.name, shard.id] }.flatten]
+          @shards = Hash[*Shard.all.flat_map { |shard| [shard.name, shard.id] }]
         end
       end
 
diff --git a/lib/gitlab/ci/config/normalizer.rb b/lib/gitlab/ci/config/normalizer.rb
index 191f5d09645..99356226ef9 100644
--- a/lib/gitlab/ci/config/normalizer.rb
+++ b/lib/gitlab/ci/config/normalizer.rb
@@ -46,7 +46,7 @@ module Gitlab
           parallelized_job_names = @parallelized_jobs.keys.map(&:to_s)
           parallelized_config.each_with_object({}) do |(job_name, config), hash|
             if config[:dependencies] && (intersection = config[:dependencies] & parallelized_job_names).any?
-              parallelized_deps = intersection.map { |dep| @parallelized_jobs[dep.to_sym].map(&:first) }.flatten
+              parallelized_deps = intersection.flat_map { |dep| @parallelized_jobs[dep.to_sym].map(&:first) }
               deps = config[:dependencies] - intersection + parallelized_deps
               hash[job_name] = config.merge(dependencies: deps)
             else
diff --git a/lib/gitlab/ci/status/factory.rb b/lib/gitlab/ci/status/factory.rb
index 3446644eff8..2a0bf060c9b 100644
--- a/lib/gitlab/ci/status/factory.rb
+++ b/lib/gitlab/ci/status/factory.rb
@@ -34,11 +34,9 @@ module Gitlab
         def extended_statuses
           return @extended_statuses if defined?(@extended_statuses)
 
-          groups = self.class.extended_statuses.map do |group|
+          @extended_statuses = self.class.extended_statuses.flat_map do |group|
             Array(group).find { |status| status.matches?(@subject, @user) }
-          end
-
-          @extended_statuses = groups.flatten.compact
+          end.compact
         end
 
         def self.extended_statuses
-- 
cgit v1.2.1


From 9e6c8213fd19c3a1ba60fb68c2a8db85fbc46098 Mon Sep 17 00:00:00 2001
From: Marcia Ramos <virtua.creative@gmail.com>
Date: Fri, 26 Jul 2019 12:17:58 +0100
Subject: Releases doc - ssot

---
 doc/user/project/releases/index.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/doc/user/project/releases/index.md b/doc/user/project/releases/index.md
index 00a4f6c6a6b..aae253467f0 100644
--- a/doc/user/project/releases/index.md
+++ b/doc/user/project/releases/index.md
@@ -1,3 +1,7 @@
+---
+type: reference, howto
+---
+
 # Releases
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/41766) in GitLab 11.7.
@@ -60,3 +64,15 @@ Navigate to **Project > Releases** in order to see the list of releases for a gi
 project.
 
 ![Releases list](img/releases.png)
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
-- 
cgit v1.2.1


From 99b5965ac0ab3ca1a6f5df1b9ecd6bae6f7c4543 Mon Sep 17 00:00:00 2001
From: Martin Wortschack <mwortschack@gitlab.com>
Date: Fri, 26 Jul 2019 12:12:31 +0000
Subject: (CE Port) Add MR table component for Productivity Analytics

---
 app/assets/stylesheets/framework/common.scss |  1 +
 app/assets/stylesheets/framework/lists.scss  | 16 ++++++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/app/assets/stylesheets/framework/common.scss b/app/assets/stylesheets/framework/common.scss
index 61ab0476c42..6b44834cc52 100644
--- a/app/assets/stylesheets/framework/common.scss
+++ b/app/assets/stylesheets/framework/common.scss
@@ -441,6 +441,7 @@ img.emoji {
 .mw-460 { max-width: 460px; }
 .mw-6em { max-width: 6em; }
 .mw-70p { max-width: 70%; }
+.mw-90p { max-width: 90%; }
 
 .min-height-0 { min-height: 0; }
 
diff --git a/app/assets/stylesheets/framework/lists.scss b/app/assets/stylesheets/framework/lists.scss
index 460d9ea9526..ecd32dcd0ce 100644
--- a/app/assets/stylesheets/framework/lists.scss
+++ b/app/assets/stylesheets/framework/lists.scss
@@ -285,3 +285,19 @@ ul.indent-list {
     max-width: 350px;
   }
 }
+
+.horizontal-list {
+  padding-left: 0;
+  list-style: none;
+
+  > li {
+    float: left;
+  }
+
+  &.list-items-separated {
+    > li:not(:last-child)::after {
+      content: '\00b7';
+      margin: 0 $gl-padding-4;
+    }
+  }
+}
-- 
cgit v1.2.1


From ba2d8c10f9f839abf2520240115d1eff523e272e Mon Sep 17 00:00:00 2001
From: Tetiana Chupryna <tchupryna@gitlab.com>
Date: Fri, 26 Jul 2019 13:01:05 +0000
Subject: Add severity for vulnerabilities

---
 .../dependency_list/gl-dependency-scanning-report.json                | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/fixtures/security-reports/dependency_list/gl-dependency-scanning-report.json b/spec/fixtures/security-reports/dependency_list/gl-dependency-scanning-report.json
index 1e62d020026..8fb66f6652b 100644
--- a/spec/fixtures/security-reports/dependency_list/gl-dependency-scanning-report.json
+++ b/spec/fixtures/security-reports/dependency_list/gl-dependency-scanning-report.json
@@ -7,7 +7,7 @@
       "message": "Vulnerabilities in libxml2 in nokogiri",
       "description": "  The version of libxml2 packaged with Nokogiri contains several vulnerabilities.\r\n  Nokogiri has mitigated these issues by upgrading to libxml 2.9.5.\r\n\r\n  It was discovered that a type confusion error existed in libxml2. An\r\n  attacker could use this to specially construct XML data that\r\n  could cause a denial of service or possibly execute arbitrary\r\n  code. (CVE-2017-0663)\r\n\r\n  It was discovered that libxml2 did not properly validate parsed entity\r\n  references. An attacker could use this to specially construct XML\r\n  data that could expose sensitive information. (CVE-2017-7375)\r\n\r\n  It was discovered that a buffer overflow existed in libxml2 when\r\n  handling HTTP redirects. An attacker could use this to specially\r\n  construct XML data that could cause a denial of service or possibly\r\n  execute arbitrary code. (CVE-2017-7376)\r\n\r\n  Marcel Böhme and Van-Thuan Pham discovered a buffer overflow in\r\n  libxml2 when handling elements. An attacker could use this to specially\r\n  construct XML data that could cause a denial of service or possibly\r\n  execute arbitrary code. (CVE-2017-9047)\r\n\r\n  Marcel Böhme and Van-Thuan Pham discovered a buffer overread\r\n  in libxml2 when handling elements. An attacker could use this\r\n  to specially construct XML data that could cause a denial of\r\n  service. (CVE-2017-9048)\r\n\r\n  Marcel Böhme and Van-Thuan Pham discovered multiple buffer overreads\r\n  in libxml2 when handling parameter-entity references. An attacker\r\n  could use these to specially construct XML data that could cause a\r\n  denial of service. (CVE-2017-9049, CVE-2017-9050)",
       "cve": "rails/Gemfile.lock:nokogiri:gemnasium:06565b64-486d-4326-b906-890d9915804d",
-      "severity": "Unknown",
+      "severity": "High",
       "solution": "Upgrade to latest version.",
       "scanner": {
         "id": "gemnasium",
@@ -48,7 +48,7 @@
       "message": "Infinite recursion in parameter entities in nokogiri",
       "description": "libxml2 incorrectly handles certain parameter entities. An attacker can leverage this with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.",
       "cve": "rails/Gemfile.lock:nokogiri:gemnasium:6a0d56f6-2441-492a-9b14-edb95ac31919",
-      "severity": "Unknown",
+      "severity": "High",
       "solution": "Upgrade to latest version.",
       "scanner": {
         "id": "gemnasium",
-- 
cgit v1.2.1


From 29a7c83eb30914627163f481de40836de5dc8158 Mon Sep 17 00:00:00 2001
From: Ammar Alakkad <aalakkad@gitlab.com>
Date: Fri, 26 Jul 2019 16:05:59 +0300
Subject: Add color utils with relevant tests

---
 app/assets/javascripts/lib/utils/color_utils.js | 25 ++++++++++++++++++
 spec/frontend/lib/utils/color_utils_spec.js     | 35 +++++++++++++++++++++++++
 2 files changed, 60 insertions(+)
 create mode 100644 app/assets/javascripts/lib/utils/color_utils.js
 create mode 100644 spec/frontend/lib/utils/color_utils_spec.js

diff --git a/app/assets/javascripts/lib/utils/color_utils.js b/app/assets/javascripts/lib/utils/color_utils.js
new file mode 100644
index 00000000000..07fb2915ca7
--- /dev/null
+++ b/app/assets/javascripts/lib/utils/color_utils.js
@@ -0,0 +1,25 @@
+/**
+ * Convert hex color to rgb array
+ *
+ * @param hex string
+ * @returns array|null
+ */
+export const hexToRgb = hex => {
+  // Expand shorthand form (e.g. "03F") to full form (e.g. "0033FF")
+  const shorthandRegex = /^#?([a-f\d])([a-f\d])([a-f\d])$/i;
+  const fullHex = hex.replace(shorthandRegex, (_m, r, g, b) => r + r + g + g + b + b);
+
+  const result = /^#?([a-f\d]{2})([a-f\d]{2})([a-f\d]{2})$/i.exec(fullHex);
+  return result
+    ? [parseInt(result[1], 16), parseInt(result[2], 16), parseInt(result[3], 16)]
+    : null;
+};
+
+export const textColorForBackground = backgroundColor => {
+  const [r, g, b] = hexToRgb(backgroundColor);
+
+  if (r + g + b > 500) {
+    return '#333333';
+  }
+  return '#FFFFFF';
+};
diff --git a/spec/frontend/lib/utils/color_utils_spec.js b/spec/frontend/lib/utils/color_utils_spec.js
new file mode 100644
index 00000000000..433e9d5a85e
--- /dev/null
+++ b/spec/frontend/lib/utils/color_utils_spec.js
@@ -0,0 +1,35 @@
+import { textColorForBackground, hexToRgb } from '~/lib/utils/color_utils';
+
+describe('Color utils', () => {
+  describe('Converting hex code to rgb', () => {
+    it('convert hex code to rgb', () => {
+      expect(hexToRgb('#000000')).toEqual([0, 0, 0]);
+      expect(hexToRgb('#ffffff')).toEqual([255, 255, 255]);
+    });
+
+    it('convert short hex code to rgb', () => {
+      expect(hexToRgb('#000')).toEqual([0, 0, 0]);
+      expect(hexToRgb('#fff')).toEqual([255, 255, 255]);
+    });
+
+    it('handle conversion regardless of the characters case', () => {
+      expect(hexToRgb('#f0F')).toEqual([255, 0, 255]);
+    });
+  });
+
+  describe('Getting text color for given background', () => {
+    // following tests are being ported from `text_color_for_bg` section in labels_helper_spec.rb
+    it('uses light text on dark backgrounds', () => {
+      expect(textColorForBackground('#222E2E')).toEqual('#FFFFFF');
+    });
+
+    it('uses dark text on light backgrounds', () => {
+      expect(textColorForBackground('#EEEEEE')).toEqual('#333333');
+    });
+
+    it('supports RGB triplets', () => {
+      expect(textColorForBackground('#FFF')).toEqual('#333333');
+      expect(textColorForBackground('#000')).toEqual('#FFFFFF');
+    });
+  });
+});
-- 
cgit v1.2.1


From 352385111fb7fffead03b7a474a7feea3fdaebdf Mon Sep 17 00:00:00 2001
From: Ammar Alakkad <aalakkad@gitlab.com>
Date: Fri, 26 Jul 2019 16:06:12 +0300
Subject: Add default colors for broadcast messages

---
 .../admin/broadcast_messages/broadcast_message.js  | 49 ++++++++++++++++++----
 app/views/admin/broadcast_messages/_form.html.haml | 22 ++++++----
 ...efault-options-with-descriptive-labels-like.yml |  5 +++
 3 files changed, 62 insertions(+), 14 deletions(-)
 create mode 100644 changelogs/unreleased/61787-the-colour-selector-for-broadcast-messages-should-provide-a-few-default-options-with-descriptive-labels-like.yml

diff --git a/app/assets/javascripts/pages/admin/broadcast_messages/broadcast_message.js b/app/assets/javascripts/pages/admin/broadcast_messages/broadcast_message.js
index 6e00e31b828..7a6a486f551 100644
--- a/app/assets/javascripts/pages/admin/broadcast_messages/broadcast_message.js
+++ b/app/assets/javascripts/pages/admin/broadcast_messages/broadcast_message.js
@@ -3,26 +3,31 @@ import _ from 'underscore';
 import axios from '~/lib/utils/axios_utils';
 import flash from '~/flash';
 import { __ } from '~/locale';
+import { textColorForBackground } from '~/lib/utils/color_utils';
 
 export default () => {
-  $('input#broadcast_message_color').on('input', function onMessageColorInput() {
+  const $broadcastMessageColor = $('input#broadcast_message_color');
+  const $broadcastMessagePreview = $('div.broadcast-message-preview');
+  $broadcastMessageColor.on('input', function onMessageColorInput() {
     const previewColor = $(this).val();
-    $('div.broadcast-message-preview').css('background-color', previewColor);
+    $broadcastMessagePreview.css('background-color', previewColor);
   });
 
   $('input#broadcast_message_font').on('input', function onMessageFontInput() {
     const previewColor = $(this).val();
-    $('div.broadcast-message-preview').css('color', previewColor);
+    $broadcastMessagePreview.css('color', previewColor);
   });
 
-  const previewPath = $('textarea#broadcast_message_message').data('previewPath');
+  const $broadcastMessage = $('textarea#broadcast_message_message');
+  const previewPath = $broadcastMessage.data('previewPath');
+  const $jsBroadcastMessagePreview = $('.js-broadcast-message-preview');
 
-  $('textarea#broadcast_message_message').on(
+  $broadcastMessage.on(
     'input',
     _.debounce(function onMessageInput() {
       const message = $(this).val();
       if (message === '') {
-        $('.js-broadcast-message-preview').text(__('Your message here'));
+        $jsBroadcastMessagePreview.text(__('Your message here'));
       } else {
         axios
           .post(previewPath, {
@@ -31,10 +36,40 @@ export default () => {
             },
           })
           .then(({ data }) => {
-            $('.js-broadcast-message-preview').html(data.message);
+            $jsBroadcastMessagePreview.html(data.message);
           })
           .catch(() => flash(__('An error occurred while rendering preview broadcast message')));
       }
     }, 250),
   );
+
+  const updateColorPreview = () => {
+    const selectedBackgroundColor = $broadcastMessageColor.val();
+    const contrastTextColor = textColorForBackground(selectedBackgroundColor);
+
+    // save contrastTextColor to hidden input field
+    $('input.text-font-color').val(contrastTextColor);
+
+    // Updates the preview color with the hex-color input
+    const selectedColorStyle = {
+      backgroundColor: selectedBackgroundColor,
+      color: contrastTextColor,
+    };
+
+    $('.label-color-preview').css(selectedColorStyle);
+
+    return $broadcastMessagePreview.css(selectedColorStyle);
+  };
+
+  const setSuggestedColor = e => {
+    const color = $(e.currentTarget).data('color');
+    $broadcastMessageColor
+      .val(color)
+      // Notify the form, that color has changed
+      .trigger('input');
+    updateColorPreview();
+    return e.preventDefault();
+  };
+
+  $(document).on('click', '.suggest-colors a', setSuggestedColor);
 };
diff --git a/app/views/admin/broadcast_messages/_form.html.haml b/app/views/admin/broadcast_messages/_form.html.haml
index c8ee87c6212..962234d3aea 100644
--- a/app/views/admin/broadcast_messages/_form.html.haml
+++ b/app/views/admin/broadcast_messages/_form.html.haml
@@ -17,19 +17,27 @@
         required: true,
         dir: 'auto',
         data: { preview_path: preview_admin_broadcast_messages_path }
-  .form-group.row.js-toggle-colors-container
-    .col-sm-10.offset-sm-2
-      = link_to 'Customize colors', '#', class: 'js-toggle-colors-link'
-  .form-group.row.js-toggle-colors-container.toggle-colors.hide
+  .form-group.row
     .col-sm-2.col-form-label
-      = f.label :color, "Background Color"
+      = f.label :color, _("Background color")
     .col-sm-10
-      = f.color_field :color, class: "form-control"
+      .input-group
+        .input-group-prepend
+          .input-group-text.label-color-preview{ :style => 'background-color: ' + @broadcast_message.color + '; color: ' + @broadcast_message.font }
+            = '&nbsp;'.html_safe
+        = f.text_field :color, class: "form-control"
+      .form-text.text-muted
+        = _('Choose any color.')
+        %br
+        = _("Or you can choose one of the suggested colors below")
+
+      = render_suggested_colors
+
   .form-group.row.js-toggle-colors-container.toggle-colors.hide
     .col-sm-2.col-form-label
       = f.label :font, "Font Color"
     .col-sm-10
-      = f.color_field :font, class: "form-control"
+      = f.color_field :font, class: "form-control text-font-color"
   .form-group.row
     .col-sm-2.col-form-label
       = f.label :starts_at, _("Starts at (UTC)")
diff --git a/changelogs/unreleased/61787-the-colour-selector-for-broadcast-messages-should-provide-a-few-default-options-with-descriptive-labels-like.yml b/changelogs/unreleased/61787-the-colour-selector-for-broadcast-messages-should-provide-a-few-default-options-with-descriptive-labels-like.yml
new file mode 100644
index 00000000000..ec6e9c5aff8
--- /dev/null
+++ b/changelogs/unreleased/61787-the-colour-selector-for-broadcast-messages-should-provide-a-few-default-options-with-descriptive-labels-like.yml
@@ -0,0 +1,5 @@
+---
+title: add color selector to broadcast messages form
+merge_request: 30988
+author:
+type: other
-- 
cgit v1.2.1


From ad1c71663f7780838c7c90979419f3e3cf5ec580 Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Fri, 26 Jul 2019 14:03:00 +0100
Subject: Replace peek-pg with our own implementation

This uses an ActiveRecord subscriber to get queries and calculate the
total query time from that. This means that the total will always be
consistent with the queries in the table. It does however mean that we
could potentially miss some queries that don't go through ActiveRecord.

Making this change also allows us to unify the response JSON a little
bit, making the frontend slightly simpler as a result.
---
 Gemfile                                            |  3 +-
 Gemfile.lock                                       |  6 ---
 .../performance_bar/components/detailed_metric.vue | 13 ++++---
 .../components/performance_bar_app.vue             | 12 +++---
 config/initializers/peek.rb                        | 40 +++----------------
 lib/gitlab/performance_bar/peek_query_tracker.rb   | 45 ----------------------
 lib/peek/views/active_record.rb                    | 25 ++++++++++++
 lib/peek/views/detailed_view.rb                    | 12 ++++--
 lib/peek/views/gitaly.rb                           |  3 +-
 lib/peek/views/redis_detailed.rb                   | 19 +--------
 lib/peek/views/rugged.rb                           |  3 +-
 .../components/detailed_metric_spec.js             | 27 ++++++++++++-
 vendor/licenses.csv                                |  1 -
 13 files changed, 82 insertions(+), 127 deletions(-)
 delete mode 100644 lib/gitlab/performance_bar/peek_query_tracker.rb
 create mode 100644 lib/peek/views/active_record.rb

diff --git a/Gemfile b/Gemfile
index ba958c6ae10..e860ee61cb9 100644
--- a/Gemfile
+++ b/Gemfile
@@ -16,7 +16,7 @@ gem 'sprockets', '~> 3.7.0'
 gem 'default_value_for', '~> 3.2.0'
 
 # Supported DBs
-gem 'pg', '~> 1.1', group: :postgres
+gem 'pg', '~> 1.1'
 
 gem 'rugged', '~> 0.28'
 gem 'grape-path-helpers', '~> 1.1'
@@ -297,7 +297,6 @@ gem 'batch-loader', '~> 1.4.0'
 # Perf bar
 gem 'peek', '~> 1.0.1'
 gem 'peek-gc', '~> 0.0.2'
-gem 'peek-pg', '~> 1.3.0', group: :postgres
 gem 'peek-rblineprof', '~> 0.2.0'
 
 # Memory benchmarks
diff --git a/Gemfile.lock b/Gemfile.lock
index 7e26c5bbc45..24dee04833c 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -643,11 +643,6 @@ GEM
       railties (>= 4.0.0)
     peek-gc (0.0.2)
       peek
-    peek-pg (1.3.0)
-      concurrent-ruby
-      concurrent-ruby-ext
-      peek
-      pg
     peek-rblineprof (0.2.0)
       peek
       rblineprof
@@ -1184,7 +1179,6 @@ DEPENDENCIES
   org-ruby (~> 0.9.12)
   peek (~> 1.0.1)
   peek-gc (~> 0.0.2)
-  peek-pg (~> 1.3.0)
   peek-rblineprof (~> 0.2.0)
   pg (~> 1.1)
   premailer-rails (~> 1.9.7)
diff --git a/app/assets/javascripts/performance_bar/components/detailed_metric.vue b/app/assets/javascripts/performance_bar/components/detailed_metric.vue
index d5f1cea8356..5bc1d5e0533 100644
--- a/app/assets/javascripts/performance_bar/components/detailed_metric.vue
+++ b/app/assets/javascripts/performance_bar/components/detailed_metric.vue
@@ -16,11 +16,14 @@ export default {
       type: String,
       required: true,
     },
-    header: {
+    title: {
       type: String,
-      required: true,
+      required: false,
+      default() {
+        return this.metric;
+      },
     },
-    details: {
+    header: {
       type: String,
       required: true,
     },
@@ -34,7 +37,7 @@ export default {
       return this.currentRequest.details[this.metric];
     },
     detailsList() {
-      return this.metricDetails[this.details];
+      return this.metricDetails.details;
     },
   },
 };
@@ -101,6 +104,6 @@ export default {
 
       <div slot="footer"></div>
     </gl-modal>
-    {{ metric }}
+    {{ title }}
   </div>
 </template>
diff --git a/app/assets/javascripts/performance_bar/components/performance_bar_app.vue b/app/assets/javascripts/performance_bar/components/performance_bar_app.vue
index 73c9c60765a..769ddb21277 100644
--- a/app/assets/javascripts/performance_bar/components/performance_bar_app.vue
+++ b/app/assets/javascripts/performance_bar/components/performance_bar_app.vue
@@ -34,23 +34,25 @@ export default {
     },
   },
   detailedMetrics: [
-    { metric: 'pg', header: s__('PerformanceBar|SQL queries'), details: 'queries', keys: ['sql'] },
+    {
+      metric: 'active-record',
+      title: 'pg',
+      header: s__('PerformanceBar|SQL queries'),
+      keys: ['sql'],
+    },
     {
       metric: 'gitaly',
       header: s__('PerformanceBar|Gitaly calls'),
-      details: 'details',
       keys: ['feature', 'request'],
     },
     {
       metric: 'rugged',
       header: s__('PerformanceBar|Rugged calls'),
-      details: 'details',
       keys: ['feature', 'args'],
     },
     {
       metric: 'redis',
       header: s__('PerformanceBar|Redis calls'),
-      details: 'details',
       keys: ['cmd'],
     },
   ],
@@ -118,8 +120,8 @@ export default {
         :key="metric.metric"
         :current-request="currentRequest"
         :metric="metric.metric"
+        :title="metric.title"
         :header="metric.header"
-        :details="metric.details"
         :keys="metric.keys"
       />
       <div v-if="initialRequest" id="peek-view-rblineprof" class="view">
diff --git a/config/initializers/peek.rb b/config/initializers/peek.rb
index 8416ae430c7..d51d553c939 100644
--- a/config/initializers/peek.rb
+++ b/config/initializers/peek.rb
@@ -1,44 +1,14 @@
-Rails.application.config.peek.adapter = :redis, { client: ::Redis.new(Gitlab::Redis::Cache.params) }
-
-Peek.into Peek::Views::Host
+require 'peek/adapters/redis'
 
-if Gitlab::Database.postgresql?
-  require 'peek-pg'
-  PEEK_DB_CLIENT = ::PG::Connection
-  PEEK_DB_VIEW = Peek::Views::PG
+Peek::Adapters::Redis.prepend ::Gitlab::PerformanceBar::RedisAdapterWhenPeekEnabled
 
-  # Remove once we have https://github.com/peek/peek-pg/pull/10
-  module ::Peek::PGInstrumented
-    def exec_params(*args)
-      start = Time.now
-      super(*args)
-    ensure
-      duration = (Time.now - start)
-      PEEK_DB_CLIENT.query_time.update { |value| value + duration }
-      PEEK_DB_CLIENT.query_count.update { |value| value + 1 }
-    end
-  end
-else
-  raise "Unsupported database adapter for peek!"
-end
+Rails.application.config.peek.adapter = :redis, { client: ::Redis.new(Gitlab::Redis::Cache.params) }
 
-Peek.into PEEK_DB_VIEW
+Peek.into Peek::Views::Host
+Peek.into Peek::Views::ActiveRecord
 Peek.into Peek::Views::Gitaly
 Peek.into Peek::Views::Rblineprof
 Peek.into Peek::Views::RedisDetailed
 Peek.into Peek::Views::Rugged
 Peek.into Peek::Views::GC
 Peek.into Peek::Views::Tracing if Labkit::Tracing.tracing_url_enabled?
-
-# rubocop:disable Naming/ClassAndModuleCamelCase
-class PEEK_DB_CLIENT
-  class << self
-    attr_accessor :query_details
-  end
-  self.query_details = Concurrent::Array.new
-end
-
-PEEK_DB_VIEW.prepend ::Gitlab::PerformanceBar::PeekQueryTracker
-
-require 'peek/adapters/redis'
-Peek::Adapters::Redis.prepend ::Gitlab::PerformanceBar::RedisAdapterWhenPeekEnabled
diff --git a/lib/gitlab/performance_bar/peek_query_tracker.rb b/lib/gitlab/performance_bar/peek_query_tracker.rb
deleted file mode 100644
index 3a27e26eaba..00000000000
--- a/lib/gitlab/performance_bar/peek_query_tracker.rb
+++ /dev/null
@@ -1,45 +0,0 @@
-# frozen_string_literal: true
-
-# Inspired by https://github.com/peek/peek-pg/blob/master/lib/peek/views/pg.rb
-# PEEK_DB_CLIENT is a constant set in config/initializers/peek.rb
-module Gitlab
-  module PerformanceBar
-    module PeekQueryTracker
-      def sorted_queries
-        PEEK_DB_CLIENT.query_details
-          .sort { |a, b| b[:duration] <=> a[:duration] }
-      end
-
-      def results
-        super.merge(queries: sorted_queries)
-      end
-
-      private
-
-      def setup_subscribers
-        super
-
-        # Reset each counter when a new request starts
-        before_request do
-          PEEK_DB_CLIENT.query_details = []
-        end
-
-        subscribe('sql.active_record') do |_, start, finish, _, data|
-          if Gitlab::SafeRequestStore.store[:peek_enabled]
-            unless data[:cached]
-              backtrace = Gitlab::Profiler.clean_backtrace(caller)
-              track_query(data[:sql].strip, data[:binds], backtrace, start, finish)
-            end
-          end
-        end
-      end
-
-      def track_query(raw_query, bindings, backtrace, start, finish)
-        duration = (finish - start) * 1000.0
-        query_info = { duration: duration.round(3), sql: raw_query, backtrace: backtrace }
-
-        PEEK_DB_CLIENT.query_details << query_info
-      end
-    end
-  end
-end
diff --git a/lib/peek/views/active_record.rb b/lib/peek/views/active_record.rb
new file mode 100644
index 00000000000..2d78818630d
--- /dev/null
+++ b/lib/peek/views/active_record.rb
@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Peek
+  module Views
+    class ActiveRecord < DetailedView
+      private
+
+      def setup_subscribers
+        super
+
+        subscribe('sql.active_record') do |_, start, finish, _, data|
+          if Gitlab::SafeRequestStore.store[:peek_enabled]
+            unless data[:cached]
+              detail_store << {
+                duration: finish - start,
+                sql: data[:sql].strip,
+                backtrace: Gitlab::Profiler.clean_backtrace(caller)
+              }
+            end
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/lib/peek/views/detailed_view.rb b/lib/peek/views/detailed_view.rb
index ebaf46478df..f4ca1cb5075 100644
--- a/lib/peek/views/detailed_view.rb
+++ b/lib/peek/views/detailed_view.rb
@@ -11,22 +11,26 @@ module Peek
         }
       end
 
+      def detail_store
+        ::Gitlab::SafeRequestStore["#{key}_call_details"] ||= []
+      end
+
       private
 
       def duration
-        raise NotImplementedError
+        detail_store.map { |entry| entry[:duration] }.sum # rubocop:disable CodeReuse/ActiveRecord
       end
 
       def calls
-        raise NotImplementedError
+        detail_store.count
       end
 
       def call_details
-        raise NotImplementedError
+        detail_store
       end
 
       def format_call_details(call)
-        raise NotImplementedError
+        call.merge(duration: (call[:duration] * 1000).round(3))
       end
 
       def details
diff --git a/lib/peek/views/gitaly.rb b/lib/peek/views/gitaly.rb
index 067aaf31fbc..6ad6ddfd89d 100644
--- a/lib/peek/views/gitaly.rb
+++ b/lib/peek/views/gitaly.rb
@@ -20,8 +20,7 @@ module Peek
       def format_call_details(call)
         pretty_request = call[:request]&.reject { |k, v| v.blank? }.to_h.pretty_inspect
 
-        call.merge(duration: (call[:duration] * 1000).round(3),
-                   request: pretty_request || {})
+        super.merge(request: pretty_request || {})
       end
 
       def setup_subscribers
diff --git a/lib/peek/views/redis_detailed.rb b/lib/peek/views/redis_detailed.rb
index c61a1e91282..a64ea672895 100644
--- a/lib/peek/views/redis_detailed.rb
+++ b/lib/peek/views/redis_detailed.rb
@@ -42,27 +42,10 @@ module Peek
         'redis'
       end
 
-      def detail_store
-        ::Gitlab::SafeRequestStore['redis_call_details'] ||= []
-      end
-
       private
 
-      def duration
-        detail_store.map { |entry| entry[:duration] }.sum # rubocop:disable CodeReuse/ActiveRecord
-      end
-
-      def calls
-        detail_store.count
-      end
-
-      def call_details
-        detail_store
-      end
-
       def format_call_details(call)
-        call.merge(cmd: format_command(call[:cmd]),
-                   duration: (call[:duration] * 1000).round(3))
+        super.merge(cmd: format_command(call[:cmd]))
       end
 
       def format_command(cmd)
diff --git a/lib/peek/views/rugged.rb b/lib/peek/views/rugged.rb
index f0cd520fb8b..6b9d3e7b1a3 100644
--- a/lib/peek/views/rugged.rb
+++ b/lib/peek/views/rugged.rb
@@ -24,8 +24,7 @@ module Peek
       end
 
       def format_call_details(call)
-        call.merge(duration: (call[:duration] * 1000).round(3),
-                   args: format_args(call[:args]))
+        super.merge(args: format_args(call[:args]))
       end
 
       def format_args(args)
diff --git a/spec/javascripts/performance_bar/components/detailed_metric_spec.js b/spec/javascripts/performance_bar/components/detailed_metric_spec.js
index 8a7aa057186..0486b5fa3db 100644
--- a/spec/javascripts/performance_bar/components/detailed_metric_spec.js
+++ b/spec/javascripts/performance_bar/components/detailed_metric_spec.js
@@ -44,7 +44,6 @@ describe('detailedMetric', () => {
         },
         metric: 'gitaly',
         header: 'Gitaly calls',
-        details: 'details',
         keys: ['feature', 'request'],
       });
     });
@@ -79,8 +78,32 @@ describe('detailedMetric', () => {
       });
     });
 
-    it('displays the metric name', () => {
+    it('displays the metric title', () => {
       expect(vm.$el.innerText).toContain('gitaly');
     });
+
+    describe('when using a custom metric title', () => {
+      beforeEach(() => {
+        vm = mountComponent(Vue.extend(detailedMetric), {
+          currentRequest: {
+            details: {
+              gitaly: {
+                duration: '123ms',
+                calls: '456',
+                details: requestDetails,
+              },
+            },
+          },
+          metric: 'gitaly',
+          title: 'custom',
+          header: 'Gitaly calls',
+          keys: ['feature', 'request'],
+        });
+      });
+
+      it('displays the custom title', () => {
+        expect(vm.$el.innerText).toContain('custom');
+      });
+    });
   });
 });
diff --git a/vendor/licenses.csv b/vendor/licenses.csv
index 0c52cb5a947..bf6d05c6b6e 100644
--- a/vendor/licenses.csv
+++ b/vendor/licenses.csv
@@ -816,7 +816,6 @@ pbkdf2,3.0.14,MIT
 peek,1.0.1,MIT
 peek-gc,0.0.2,MIT
 peek-mysql2,1.1.0,MIT
-peek-pg,1.3.0,MIT
 peek-rblineprof,0.2.0,MIT
 peek-redis,1.2.0,MIT
 pg,0.18.4,"BSD,ruby,GPL"
-- 
cgit v1.2.1


From acc694ead6f8a7428efab126aa6b8a29b132db43 Mon Sep 17 00:00:00 2001
From: Kerri Miller <kerrizor@kerrizor.com>
Date: Fri, 26 Jul 2019 13:41:11 +0000
Subject: Extract SanitizeNodeLink and apply to WikiLinkFilter

The SanitizationFilter was running before the WikiFilter. Since
WikiFilter can modify links, we could see links that _should_ be stopped
by SanatizationFilter being rendered on the page. I (kerrizor) had
previously addressed the bug in: https://gitlab.com/gitlab-org/gitlab-ee/commit/7bc971915bbeadb950bb0e1f13510bf3038229a4
However, an additional exploit was discovered after that was merged.
Working through the issue, we couldn't simply shuffle the order of
filters, due to some implicit assumptions about the order of filters, so
instead we've extracted the logic that sanitizes a Nokogiri-generated
Node object, and applied it to the WikiLinkFilter as well.

On moving filters around:
Once we start moving around filters, we get cascading failures; fix one,
another one crops up. Many of the existing filters in the WikiPipeline
chain seem to assume that other filters have already done their work,
and thus operate on a "transform anything that's left" basis;
WikiFilter, for instance, assumes any link it finds in the markdown
should be prepended with the wiki_base_path.. but if it does that, it
also turns `href="@user"` into `href="/path/to/wiki/@user"`, which the
UserReferenceFilter doesn't see as a user reference it needs to
transform into a user profile link. This is true for all the reference
filters in the WikiPipeline.
---
 ...-60143-patch-additional-xss-vector-in-wikis.yml |  5 ++
 lib/banzai/filter/autolink_filter.rb               | 11 +--
 lib/banzai/filter/base_sanitization_filter.rb      | 32 +--------
 lib/banzai/filter/wiki_link_filter.rb              | 15 +++-
 lib/banzai/filter/wiki_link_filter/rewriter.rb     |  8 ---
 lib/gitlab/utils/sanitize_node_link.rb             | 61 +++++++++++++++++
 spec/lib/banzai/filter/wiki_link_filter_spec.rb    | 42 ------------
 spec/lib/banzai/pipeline/wiki_pipeline_spec.rb     | 79 ++++++++++++++++++++++
 spec/lib/gitlab/utils/sanitize_node_link_spec.rb   | 72 ++++++++++++++++++++
 9 files changed, 233 insertions(+), 92 deletions(-)
 create mode 100644 changelogs/unreleased/security-60143-patch-additional-xss-vector-in-wikis.yml
 create mode 100644 lib/gitlab/utils/sanitize_node_link.rb
 create mode 100644 spec/lib/gitlab/utils/sanitize_node_link_spec.rb

diff --git a/changelogs/unreleased/security-60143-patch-additional-xss-vector-in-wikis.yml b/changelogs/unreleased/security-60143-patch-additional-xss-vector-in-wikis.yml
new file mode 100644
index 00000000000..a8a26d5fc56
--- /dev/null
+++ b/changelogs/unreleased/security-60143-patch-additional-xss-vector-in-wikis.yml
@@ -0,0 +1,5 @@
+---
+title: Patch XSS issue in wiki links
+merge_request:
+author:
+type: security
diff --git a/lib/banzai/filter/autolink_filter.rb b/lib/banzai/filter/autolink_filter.rb
index 56214043d87..5f2cbc24c60 100644
--- a/lib/banzai/filter/autolink_filter.rb
+++ b/lib/banzai/filter/autolink_filter.rb
@@ -18,6 +18,7 @@ module Banzai
     #
     class AutolinkFilter < HTML::Pipeline::Filter
       include ActionView::Helpers::TagHelper
+      include Gitlab::Utils::SanitizeNodeLink
 
       # Pattern to match text that should be autolinked.
       #
@@ -72,19 +73,11 @@ module Banzai
 
       private
 
-      # Return true if any of the UNSAFE_PROTOCOLS strings are included in the URI scheme
-      def contains_unsafe?(scheme)
-        return false unless scheme
-
-        scheme = scheme.strip.downcase
-        Banzai::Filter::SanitizationFilter::UNSAFE_PROTOCOLS.any? { |protocol| scheme.include?(protocol) }
-      end
-
       def autolink_match(match)
         # start by stripping out dangerous links
         begin
           uri = Addressable::URI.parse(match)
-          return match if contains_unsafe?(uri.scheme)
+          return match unless safe_protocol?(uri.scheme)
         rescue Addressable::URI::InvalidURIError
           return match
         end
diff --git a/lib/banzai/filter/base_sanitization_filter.rb b/lib/banzai/filter/base_sanitization_filter.rb
index 420e92cb1e8..2dabca3552d 100644
--- a/lib/banzai/filter/base_sanitization_filter.rb
+++ b/lib/banzai/filter/base_sanitization_filter.rb
@@ -11,6 +11,7 @@ module Banzai
     # Extends HTML::Pipeline::SanitizationFilter with common rules.
     class BaseSanitizationFilter < HTML::Pipeline::SanitizationFilter
       include Gitlab::Utils::StrongMemoize
+      extend Gitlab::Utils::SanitizeNodeLink
 
       UNSAFE_PROTOCOLS = %w(data javascript vbscript).freeze
 
@@ -40,7 +41,7 @@ module Banzai
           # Allow any protocol in `a` elements
           # and then remove links with unsafe protocols
           whitelist[:protocols].delete('a')
-          whitelist[:transformers].push(self.class.remove_unsafe_links)
+          whitelist[:transformers].push(self.class.method(:remove_unsafe_links))
 
           # Remove `rel` attribute from `a` elements
           whitelist[:transformers].push(self.class.remove_rel)
@@ -54,35 +55,6 @@ module Banzai
       end
 
       class << self
-        def remove_unsafe_links
-          lambda do |env|
-            node = env[:node]
-
-            return unless node.name == 'a'
-            return unless node.has_attribute?('href')
-
-            begin
-              node['href'] = node['href'].strip
-              uri = Addressable::URI.parse(node['href'])
-
-              return unless uri.scheme
-
-              # Remove all invalid scheme characters before checking against the
-              # list of unsafe protocols.
-              #
-              # See https://tools.ietf.org/html/rfc3986#section-3.1
-              scheme = uri.scheme
-                           .strip
-                           .downcase
-                           .gsub(/[^A-Za-z0-9\+\.\-]+/, '')
-
-              node.remove_attribute('href') if UNSAFE_PROTOCOLS.include?(scheme)
-            rescue Addressable::URI::InvalidURIError
-              node.remove_attribute('href')
-            end
-          end
-        end
-
         def remove_rel
           lambda do |env|
             if env[:node_name] == 'a'
diff --git a/lib/banzai/filter/wiki_link_filter.rb b/lib/banzai/filter/wiki_link_filter.rb
index 1728a442533..18947679b69 100644
--- a/lib/banzai/filter/wiki_link_filter.rb
+++ b/lib/banzai/filter/wiki_link_filter.rb
@@ -8,15 +8,19 @@ module Banzai
     # Context options:
     #   :project_wiki
     class WikiLinkFilter < HTML::Pipeline::Filter
+      include Gitlab::Utils::SanitizeNodeLink
+
       def call
         return doc unless project_wiki?
 
-        doc.search('a:not(.gfm)').each { |el| process_link_attr(el.attribute('href')) }
-        doc.search('video').each { |el| process_link_attr(el.attribute('src')) }
+        doc.search('a:not(.gfm)').each { |el| process_link(el.attribute('href'), el) }
+
+        doc.search('video').each { |el| process_link(el.attribute('src'), el) }
+
         doc.search('img').each do |el|
           attr = el.attribute('data-src') || el.attribute('src')
 
-          process_link_attr(attr)
+          process_link(attr, el)
         end
 
         doc
@@ -24,6 +28,11 @@ module Banzai
 
       protected
 
+      def process_link(link_attr, node)
+        process_link_attr(link_attr)
+        remove_unsafe_links({ node: node }, remove_invalid_links: false)
+      end
+
       def project_wiki?
         !context[:project_wiki].nil?
       end
diff --git a/lib/banzai/filter/wiki_link_filter/rewriter.rb b/lib/banzai/filter/wiki_link_filter/rewriter.rb
index 77b5053f38c..f4cc8beeb52 100644
--- a/lib/banzai/filter/wiki_link_filter/rewriter.rb
+++ b/lib/banzai/filter/wiki_link_filter/rewriter.rb
@@ -4,8 +4,6 @@ module Banzai
   module Filter
     class WikiLinkFilter < HTML::Pipeline::Filter
       class Rewriter
-        UNSAFE_SLUG_REGEXES = [/\Ajavascript:/i].freeze
-
         def initialize(link_string, wiki:, slug:)
           @uri = Addressable::URI.parse(link_string)
           @wiki_base_path = wiki && wiki.wiki_base_path
@@ -37,8 +35,6 @@ module Banzai
 
         # Of the form `./link`, `../link`, or similar
         def apply_hierarchical_link_rules!
-          return if slug_considered_unsafe?
-
           @uri = Addressable::URI.join(@slug, @uri) if @uri.to_s[0] == '.'
         end
 
@@ -58,10 +54,6 @@ module Banzai
         def repository_upload?
           @uri.relative? && @uri.path.starts_with?(Wikis::CreateAttachmentService::ATTACHMENT_PATH)
         end
-
-        def slug_considered_unsafe?
-          UNSAFE_SLUG_REGEXES.any? { |r| r.match?(@slug) }
-        end
       end
     end
   end
diff --git a/lib/gitlab/utils/sanitize_node_link.rb b/lib/gitlab/utils/sanitize_node_link.rb
new file mode 100644
index 00000000000..620d71a7814
--- /dev/null
+++ b/lib/gitlab/utils/sanitize_node_link.rb
@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+require_dependency 'gitlab/utils'
+
+module Gitlab
+  module Utils
+    module SanitizeNodeLink
+      UNSAFE_PROTOCOLS  = %w(data javascript vbscript).freeze
+      ATTRS_TO_SANITIZE = %w(href src data-src).freeze
+
+      def remove_unsafe_links(env, remove_invalid_links: true)
+        node = env[:node]
+
+        sanitize_node(node: node, remove_invalid_links: remove_invalid_links)
+
+        # HTML entities such as <video></video> have scannable attrs in
+        #   children elements, which also need to be sanitized.
+        #
+        node.children.each do |child_node|
+          sanitize_node(node: child_node, remove_invalid_links: remove_invalid_links)
+        end
+      end
+
+      # Remove all invalid scheme characters before checking against the
+      # list of unsafe protocols.
+      #
+      # See https://tools.ietf.org/html/rfc3986#section-3.1
+      #
+      def safe_protocol?(scheme)
+        return false unless scheme
+
+        scheme = scheme
+          .strip
+          .downcase
+          .gsub(/[^A-Za-z\+\.\-]+/, '')
+
+        UNSAFE_PROTOCOLS.none?(scheme)
+      end
+
+      private
+
+      def sanitize_node(node:, remove_invalid_links: true)
+        ATTRS_TO_SANITIZE.each do |attr|
+          next unless node.has_attribute?(attr)
+
+          begin
+            node[attr] = node[attr].strip
+            uri = Addressable::URI.parse(node[attr])
+
+            next unless uri.scheme
+            next if safe_protocol?(uri.scheme)
+
+            node.remove_attribute(attr)
+          rescue Addressable::URI::InvalidURIError
+            node.remove_attribute(attr) if remove_invalid_links
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/spec/lib/banzai/filter/wiki_link_filter_spec.rb b/spec/lib/banzai/filter/wiki_link_filter_spec.rb
index cce1cd0b284..b9059b85fdc 100644
--- a/spec/lib/banzai/filter/wiki_link_filter_spec.rb
+++ b/spec/lib/banzai/filter/wiki_link_filter_spec.rb
@@ -70,47 +70,5 @@ describe Banzai::Filter::WikiLinkFilter do
         expect(filtered_link.attribute('href').value).to eq(invalid_link)
       end
     end
-
-    context "when the slug is deemed unsafe or invalid" do
-      let(:link) { "alert(1);" }
-
-      invalid_slugs = [
-        "javascript:",
-        "JaVaScRiPt:",
-        "\u0001java\u0003script:",
-        "javascript    :",
-        "javascript:    ",
-        "javascript    :   ",
-        ":javascript:",
-        "javascript&#58;",
-        "javascript&#0058;",
-        "javascript&#x3A;",
-        "javascript&#x003A;",
-        "java\0script:",
-        " &#14;  javascript:"
-        ]
-
-      invalid_slugs.each do |slug|
-        context "with the slug #{slug}" do
-          it "doesn't rewrite a (.) relative link" do
-            filtered_link = filter(
-              "<a href='.#{link}'>Link</a>",
-              project_wiki: wiki,
-              page_slug: slug).children[0]
-
-            expect(filtered_link.attribute('href').value).not_to include(slug)
-          end
-
-          it "doesn't rewrite a (..) relative link" do
-            filtered_link = filter(
-              "<a href='..#{link}'>Link</a>",
-              project_wiki: wiki,
-              page_slug: slug).children[0]
-
-            expect(filtered_link.attribute('href').value).not_to include(slug)
-          end
-        end
-      end
-    end
   end
 end
diff --git a/spec/lib/banzai/pipeline/wiki_pipeline_spec.rb b/spec/lib/banzai/pipeline/wiki_pipeline_spec.rb
index 64ca3ec345d..95c0c9f9a17 100644
--- a/spec/lib/banzai/pipeline/wiki_pipeline_spec.rb
+++ b/spec/lib/banzai/pipeline/wiki_pipeline_spec.rb
@@ -177,6 +177,85 @@ describe Banzai::Pipeline::WikiPipeline do
         end
       end
     end
+
+    describe "checking slug validity when assembling links" do
+      context "with a valid slug" do
+        let(:valid_slug) { "http://example.com" }
+
+        it "includes the slug in a (.) relative link" do
+          output = described_class.to_html(
+            "[Link](./alert(1);)",
+            project: project,
+            project_wiki: project_wiki,
+            page_slug: valid_slug
+          )
+
+          expect(output).to include(valid_slug)
+        end
+
+        it "includeds the slug in a (..) relative link" do
+          output = described_class.to_html(
+            "[Link](../alert(1);)",
+            project: project,
+            project_wiki: project_wiki,
+            page_slug: valid_slug
+          )
+
+          expect(output).to include(valid_slug)
+        end
+      end
+
+      context "when the slug is deemed unsafe or invalid" do
+        invalid_slugs = [
+          "javascript:",
+          "JaVaScRiPt:",
+          "\u0001java\u0003script:",
+          "javascript    :",
+          "javascript:    ",
+          "javascript    :   ",
+          ":javascript:",
+          "javascript&#58;",
+          "javascript&#0058;",
+          "javascript&#x3A;",
+          "javascript&#x003A;",
+          "java\0script:",
+          " &#14;  javascript:"
+        ]
+
+        invalid_js_links = [
+          "alert(1);",
+          "alert(document.location);"
+        ]
+
+        invalid_slugs.each do |slug|
+          context "with the invalid slug #{slug}" do
+            invalid_js_links.each do |link|
+              it "doesn't include a prohibited slug in a (.) relative link '#{link}'" do
+                output = described_class.to_html(
+                  "[Link](./#{link})",
+                  project: project,
+                  project_wiki: project_wiki,
+                  page_slug: slug
+                )
+
+                expect(output).not_to include(slug)
+              end
+
+              it "doesn't include a prohibited slug in a (..) relative link '#{link}'" do
+                output = described_class.to_html(
+                  "[Link](../#{link})",
+                  project: project,
+                  project_wiki: project_wiki,
+                  page_slug: slug
+                )
+
+                expect(output).not_to include(slug)
+              end
+            end
+          end
+        end
+      end
+    end
   end
 
   describe 'videos' do
diff --git a/spec/lib/gitlab/utils/sanitize_node_link_spec.rb b/spec/lib/gitlab/utils/sanitize_node_link_spec.rb
new file mode 100644
index 00000000000..064c2707d06
--- /dev/null
+++ b/spec/lib/gitlab/utils/sanitize_node_link_spec.rb
@@ -0,0 +1,72 @@
+require 'spec_helper'
+
+describe Gitlab::Utils::SanitizeNodeLink do
+  let(:klass) do
+    struct = Struct.new(:value)
+    struct.include(described_class)
+
+    struct
+  end
+
+  subject(:object) { klass.new(:value) }
+
+  invalid_schemes = [
+    "javascript:",
+    "JaVaScRiPt:",
+    "\u0001java\u0003script:",
+    "javascript    :",
+    "javascript:    ",
+    "javascript    :   ",
+    ":javascript:",
+    "javascript&#58;",
+    "javascript&#0058;",
+    " &#14;  javascript:"
+  ]
+
+  invalid_schemes.each do |scheme|
+    context "with the scheme: #{scheme}" do
+      describe "#remove_unsafe_links" do
+        tags = {
+          a: {
+            doc: HTML::Pipeline.parse("<a href='#{scheme}alert(1);'>foo</a>"),
+            attr: "href",
+            node_to_check: -> (doc) { doc.children.first }
+          },
+          img: {
+            doc: HTML::Pipeline.parse("<img src='#{scheme}alert(1);'>"),
+            attr: "src",
+            node_to_check: -> (doc) { doc.children.first }
+          },
+          video: {
+            doc: HTML::Pipeline.parse("<video><source src='#{scheme}alert(1);'></video>"),
+            attr: "src",
+            node_to_check: -> (doc) { doc.children.first.children.filter("source").first }
+          }
+        }
+
+        tags.each do |tag, opts|
+          context "<#{tag}> tags" do
+            it "removes the unsafe link" do
+              node = opts[:node_to_check].call(opts[:doc])
+
+              expect { object.remove_unsafe_links({ node: node }, remove_invalid_links: true) }
+                .to change { node[opts[:attr]] }
+
+              expect(node[opts[:attr]]).to be_blank
+            end
+          end
+        end
+      end
+
+      describe "#safe_protocol?" do
+        let(:doc) { HTML::Pipeline.parse("<a href='#{scheme}alert(1);'>foo</a>") }
+        let(:node) { doc.children.first }
+        let(:uri) { Addressable::URI.parse(node['href'])}
+
+        it "returns false" do
+          expect(object.safe_protocol?(scheme)).to be_falsy
+        end
+      end
+    end
+  end
+end
-- 
cgit v1.2.1


From 13676e021cddba7a801386a183dba696200312bf Mon Sep 17 00:00:00 2001
From: Aleksei Lipniagov <alipniagov@gitlab.com>
Date: Fri, 26 Jul 2019 15:02:21 +0000
Subject: Fix pid discovery for Unicorn in PidProvider

---
 .../64972-fix-unicorn-workers-metric.yml           |  5 ++
 lib/prometheus/pid_provider.rb                     | 35 +++++++-----
 spec/lib/prometheus/pid_provider_spec.rb           | 66 +++++++++++++++++-----
 3 files changed, 78 insertions(+), 28 deletions(-)
 create mode 100644 changelogs/unreleased/64972-fix-unicorn-workers-metric.yml

diff --git a/changelogs/unreleased/64972-fix-unicorn-workers-metric.yml b/changelogs/unreleased/64972-fix-unicorn-workers-metric.yml
new file mode 100644
index 00000000000..f80111f0bd9
--- /dev/null
+++ b/changelogs/unreleased/64972-fix-unicorn-workers-metric.yml
@@ -0,0 +1,5 @@
+---
+title: Fix pid discovery for Unicorn processes in `PidProvider`
+merge_request: 31056
+author:
+type: fixed
diff --git a/lib/prometheus/pid_provider.rb b/lib/prometheus/pid_provider.rb
index c92522c73c5..e0f7e7e0a9e 100644
--- a/lib/prometheus/pid_provider.rb
+++ b/lib/prometheus/pid_provider.rb
@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require 'prometheus/client/support/unicorn'
-
 module Prometheus
   module PidProvider
     extend self
@@ -10,29 +8,38 @@ module Prometheus
       if Sidekiq.server?
         'sidekiq'
       elsif defined?(Unicorn::Worker)
-        "unicorn_#{unicorn_worker_id}"
+        unicorn_worker_id
       elsif defined?(::Puma)
-        "puma_#{puma_worker_id}"
+        puma_worker_id
       else
-        "process_#{Process.pid}"
+        unknown_process_id
       end
     end
 
     private
 
-    # This is not fully accurate as we don't really know if the nil returned
-    # is actually means we're on master or not.
-    # Follow up issue was created to address this problem and
-    # to introduce more structrured approach to a current process discovery:
-    # https://gitlab.com/gitlab-org/gitlab-ce/issues/64740
     def unicorn_worker_id
-      ::Prometheus::Client::Support::Unicorn.worker_id || 'master'
+      if matches = process_name.match(/unicorn.*worker\[([0-9]+)\]/)
+        "unicorn_#{matches[1]}"
+      elsif process_name =~ /unicorn/
+        "unicorn_master"
+      else
+        unknown_process_id
+      end
     end
 
-    # See the comment for #unicorn_worker_id
     def puma_worker_id
-      match = process_name.match(/cluster worker ([0-9]+):/)
-      match ? match[1] : 'master'
+      if matches = process_name.match(/puma.*cluster worker ([0-9]+):/)
+        "puma_#{matches[1]}"
+      elsif process_name =~ /puma/
+        "puma_master"
+      else
+        unknown_process_id
+      end
+    end
+
+    def unknown_process_id
+      "process_#{Process.pid}"
     end
 
     def process_name
diff --git a/spec/lib/prometheus/pid_provider_spec.rb b/spec/lib/prometheus/pid_provider_spec.rb
index e7d500612b1..ba843b27254 100644
--- a/spec/lib/prometheus/pid_provider_spec.rb
+++ b/spec/lib/prometheus/pid_provider_spec.rb
@@ -25,22 +25,60 @@ describe Prometheus::PidProvider do
       before do
         stub_const('Unicorn::Worker', Class.new)
         hide_const('Puma')
+
+        expect(described_class).to receive(:process_name)
+          .at_least(:once)
+          .and_return(process_name)
       end
 
-      context 'when `Prometheus::Client::Support::Unicorn` provides worker_id' do
-        before do
-          expect(::Prometheus::Client::Support::Unicorn).to receive(:worker_id).and_return(1)
+      context 'when unicorn master is specified in process name' do
+        context 'when running in Omnibus' do
+          context 'before the process was renamed' do
+            let(:process_name) { "/opt/gitlab/embedded/bin/unicorn"}
+
+            it { is_expected.to eq 'unicorn_master' }
+          end
+
+          context 'after the process was renamed' do
+            let(:process_name) { "unicorn master -D -E production -c /var/opt/gitlab/gitlab-rails/etc/unicorn.rb /opt/gitlab/embedded/service/gitlab-rails/config.ru" }
+
+            it { is_expected.to eq 'unicorn_master' }
+          end
         end
 
-        it { is_expected.to eq 'unicorn_1' }
+        context 'when in development env' do
+          context 'before the process was renamed' do
+            let(:process_name) { "path_to_bindir/bin/unicorn_rails"}
+
+            it { is_expected.to eq 'unicorn_master' }
+          end
+
+          context 'after the process was renamed' do
+            let(:process_name) { "unicorn_rails master -c /gitlab_dir/config/unicorn.rb -E development" }
+
+            it { is_expected.to eq 'unicorn_master' }
+          end
+        end
       end
 
-      context 'when no worker_id is provided from `Prometheus::Client::Support::Unicorn`' do
-        before do
-          expect(::Prometheus::Client::Support::Unicorn).to receive(:worker_id).and_return(nil)
+      context 'when unicorn worker id is specified in process name' do
+        context 'when running in Omnibus' do
+          let(:process_name) { "unicorn worker[1] -D -E production -c /var/opt/gitlab/gitlab-rails/etc/unicorn.rb /opt/gitlab/embedded/service/gitlab-rails/config.ru" }
+
+          it { is_expected.to eq 'unicorn_1' }
         end
 
-        it { is_expected.to eq 'unicorn_master' }
+        context 'when in development env' do
+          let(:process_name) { "unicorn_rails worker[1] -c gitlab_dir/config/unicorn.rb -E development" }
+
+          it { is_expected.to eq 'unicorn_1' }
+        end
+      end
+
+      context 'when no specified unicorn master or worker id in process name' do
+        let(:process_name) { "bin/unknown_process"}
+
+        it { is_expected.to eq "process_#{Process.pid}" }
       end
     end
 
@@ -48,20 +86,20 @@ describe Prometheus::PidProvider do
       before do
         stub_const('Puma', Module.new)
         hide_const('Unicorn::Worker')
+
+        expect(described_class).to receive(:process_name)
+          .at_least(:once)
+          .and_return(process_name)
       end
 
       context 'when cluster worker id is specified in process name' do
-        before do
-          expect(described_class).to receive(:process_name).and_return('puma: cluster worker 1: 17483 [gitlab-puma-worker]')
-        end
+        let(:process_name) { 'puma: cluster worker 1: 17483 [gitlab-puma-worker]' }
 
         it { is_expected.to eq 'puma_1' }
       end
 
       context 'when no worker id is specified in process name' do
-        before do
-          expect(described_class).to receive(:process_name).and_return('bin/puma')
-        end
+        let(:process_name) { 'bin/puma' }
 
         it { is_expected.to eq 'puma_master' }
       end
-- 
cgit v1.2.1


From 5a96c0534355dab491a620d3b954d9424a43ae36 Mon Sep 17 00:00:00 2001
From: Laura Montemayor <lmontemayor@gitlab.com>
Date: Fri, 26 Jul 2019 15:35:10 +0000
Subject: Updates label value to include units in metrics

This MR updates the y_label values and the label
values in common_metrics and cluster_metrics to
append the units of measurement to the labels.
---
 ...re-not-shown-on-the-performance-dashboard-2.yml |  5 +++
 config/prometheus/cluster_metrics.yml              | 16 ++++-----
 config/prometheus/common_metrics.yml               | 42 +++++++++++-----------
 .../20190709220014_import_common_metrics_y_axis.rb | 13 +++++++
 4 files changed, 47 insertions(+), 29 deletions(-)
 create mode 100644 changelogs/unreleased/59325-units-are-not-shown-on-the-performance-dashboard-2.yml
 create mode 100644 db/migrate/20190709220014_import_common_metrics_y_axis.rb

diff --git a/changelogs/unreleased/59325-units-are-not-shown-on-the-performance-dashboard-2.yml b/changelogs/unreleased/59325-units-are-not-shown-on-the-performance-dashboard-2.yml
new file mode 100644
index 00000000000..38cfa0f273e
--- /dev/null
+++ b/changelogs/unreleased/59325-units-are-not-shown-on-the-performance-dashboard-2.yml
@@ -0,0 +1,5 @@
+---
+title: 'fix: updates to include units for the y axis label'
+merge_request: 30330
+author:
+type: fixed
diff --git a/config/prometheus/cluster_metrics.yml b/config/prometheus/cluster_metrics.yml
index 3df76b0974f..f2a41e4c337 100644
--- a/config/prometheus/cluster_metrics.yml
+++ b/config/prometheus/cluster_metrics.yml
@@ -2,12 +2,12 @@
   priority: 1
   metrics:
   - title: "CPU Usage"
-    y_label: "CPU"
+    y_label: "CPU (cores)"
     required_metrics: ['container_cpu_usage_seconds_total']
     weight: 1
     queries:
     - query_range: 'avg(sum(rate(container_cpu_usage_seconds_total{id="/"}[15m])) by (job)) without (job)'
-      label: Usage
+      label: Usage (cores)
       unit: "cores"
       appearance:
         line:
@@ -15,7 +15,7 @@
         area:
           opacity: 0
     - query_range: 'sum(kube_pod_container_resource_requests_cpu_cores{kubernetes_namespace="gitlab-managed-apps"})'
-      label: Requested
+      label: Requested (cores)
       unit: "cores"
       appearance:
         line:
@@ -23,7 +23,7 @@
         area:
           opacity: 0
     - query_range: 'sum(kube_node_status_capacity_cpu_cores{kubernetes_namespace="gitlab-managed-apps"})'
-      label: Capacity
+      label: Capacity (cores)
       unit: "cores"
       appearance:
         line:
@@ -32,12 +32,12 @@
         area:
           opacity: 0
   - title: "Memory usage"
-    y_label: "Memory"
+    y_label: "Memory (GiB)"
     required_metrics: ['container_memory_usage_bytes']
     weight: 1
     queries:
     - query_range: 'avg(sum(container_memory_usage_bytes{id="/"}) by (job)) without (job) / 2^30'
-      label: Usage
+      label: Usage (GiB)
       unit: "GiB"
       appearance:
         line:
@@ -45,7 +45,7 @@
         area:
           opacity: 0
     - query_range: 'sum(kube_pod_container_resource_requests_memory_bytes{kubernetes_namespace="gitlab-managed-apps"})/2^30'
-      label: Requested
+      label: Requested (GiB)
       unit: "GiB"
       appearance:
         line:
@@ -53,7 +53,7 @@
         area:
           opacity: 0
     - query_range: 'sum(kube_node_status_capacity_memory_bytes{kubernetes_namespace="gitlab-managed-apps"})/2^30'
-      label: Capacity
+      label: Capacity (GiB)
       unit: "GiB"
       appearance:
         line:
diff --git a/config/prometheus/common_metrics.yml b/config/prometheus/common_metrics.yml
index f9ce5a6f365..32475ef8380 100644
--- a/config/prometheus/common_metrics.yml
+++ b/config/prometheus/common_metrics.yml
@@ -21,16 +21,16 @@ panel_groups:
     metrics:
     - id: response_metrics_nginx_ingress_latency_pod_average
       query_range: 'avg(nginx_upstream_response_msecs_avg{upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"})'
-      label: Pod average
+      label: Pod average (ms)
       unit: ms
   - title: "HTTP Error Rate"
     type: "area-chart"
-    y_label: "HTTP Errors"
+    y_label: "HTTP Errors (%)"
     weight: 1
     metrics:
     - id: response_metrics_nginx_ingress_http_error_rate
       query_range: 'sum(rate(nginx_upstream_responses_total{status_code="5xx", upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m])) / sum(rate(nginx_upstream_responses_total{upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m])) * 100'
-      label: 5xx Errors
+      label: 5xx Errors (%)
       unit: "%"
 # NGINX Ingress metrics for post-0.16.0 versions
 - group: Response metrics (NGINX Ingress)
@@ -52,16 +52,16 @@ panel_groups:
     metrics:
     - id: response_metrics_nginx_ingress_16_latency_pod_average
       query_range: 'sum(rate(nginx_ingress_controller_ingress_upstream_latency_seconds_sum{namespace="%{kube_namespace}",ingress=~".*%{ci_environment_slug}.*"}[2m])) / sum(rate(nginx_ingress_controller_ingress_upstream_latency_seconds_count{namespace="%{kube_namespace}",ingress=~".*%{ci_environment_slug}.*"}[2m])) * 1000'
-      label: Pod average
+      label: Pod average (ms)
       unit: ms
   - title: "HTTP Error Rate"
     type: "area-chart"
-    y_label: "HTTP Errors"
+    y_label: "HTTP Errors (%)"
     weight: 1
     metrics:
     - id: response_metrics_nginx_ingress_16_http_error_rate
       query_range: 'sum(rate(nginx_ingress_controller_requests{status=~"5.*",namespace="%{kube_namespace}",ingress=~".*%{ci_environment_slug}.*"}[2m])) / sum(rate(nginx_ingress_controller_requests{namespace="%{kube_namespace}",ingress=~".*%{ci_environment_slug}.*"}[2m])) * 100'
-      label: 5xx Errors
+      label: 5xx Errors (%)
       unit: "%"
 - group: Response metrics (HA Proxy)
   priority: 10
@@ -82,7 +82,7 @@ panel_groups:
     metrics:
     - id: response_metrics_ha_proxy_http_error_rate
       query_range: 'sum(rate(haproxy_frontend_http_responses_total{code="5xx",%{environment_filter}}[2m])) / sum(rate(haproxy_frontend_http_responses_total{%{environment_filter}}[2m]))'
-      label: HTTP Errors
+      label: HTTP Errors (%)
       unit: "%"
 - group: Response metrics (AWS ELB)
   priority: 10
@@ -94,7 +94,7 @@ panel_groups:
     metrics:
     - id: response_metrics_aws_elb_throughput_requests
       query_range: 'sum(aws_elb_request_count_sum{%{environment_filter}}) / 60'
-      label: Total
+      label: Total (req/sec)
       unit: req / sec
   - title: "Latency"
     type: "area-chart"
@@ -103,7 +103,7 @@ panel_groups:
     metrics:
     - id: response_metrics_aws_elb_latency_average
       query_range: 'avg(aws_elb_latency_average{%{environment_filter}}) * 1000'
-      label: Average
+      label: Average (ms)
       unit: ms
   - title: "HTTP Error Rate"
     type: "area-chart"
@@ -112,7 +112,7 @@ panel_groups:
     metrics:
     - id: response_metrics_aws_elb_http_error_rate
       query_range: 'sum(aws_elb_httpcode_backend_5_xx_sum{%{environment_filter}}) / sum(aws_elb_request_count_sum{%{environment_filter}})'
-      label: HTTP Errors
+      label: HTTP Errors (%)
       unit: "%"
 - group: Response metrics (NGINX)
   priority: 10
@@ -133,9 +133,9 @@ panel_groups:
     metrics:
     - id: response_metrics_nginx_latency
       query_range: 'avg(nginx_server_requestMsec{%{environment_filter}})'
-      label: Upstream
+      label: Upstream (ms)
       unit: ms
-  - title: "HTTP Error Rate"
+  - title: "HTTP Error Rate (Errors / Sec)"
     type: "area-chart"
     y_label: "HTTP 500 Errors / Sec"
     weight: 1
@@ -149,12 +149,12 @@ panel_groups:
   panels:
   - title: "Memory Usage (Total)"
     type: "area-chart"
-    y_label: "Total Memory Used"
+    y_label: "Total Memory Used (GB)"
     weight: 4
     metrics:
     - id: system_metrics_kubernetes_container_memory_total
       query_range: 'avg(sum(container_memory_usage_bytes{container_name!="POD",pod_name=~"^%{ci_environment_slug}-(.*)",namespace="%{kube_namespace}"}) by (job)) without (job)  /1024/1024/1024'
-      label: Total
+      label: Total (GB)
       unit: GB
   - title: "Core Usage (Total)"
     type: "area-chart"
@@ -163,25 +163,25 @@ panel_groups:
     metrics:
     - id: system_metrics_kubernetes_container_cores_total
       query_range: 'avg(sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name=~"^%{ci_environment_slug}-(.*)",namespace="%{kube_namespace}"}[15m])) by (job)) without (job)'
-      label: Total
+      label: Total (cores)
       unit: "cores"
   - title: "Memory Usage (Pod average)"
     type: "area-chart"
-    y_label: "Memory Used per Pod"
+    y_label: "Memory Used per Pod (MB)"
     weight: 2
     metrics:
     - id: system_metrics_kubernetes_container_memory_average
       query_range: 'avg(sum(container_memory_usage_bytes{container_name!="POD",pod_name=~"^%{ci_environment_slug}-([^c].*|c([^a]|a([^n]|n([^a]|a([^r]|r[^y])))).*|)-(.*)",namespace="%{kube_namespace}"}) by (job)) without (job) / count(avg(container_memory_usage_bytes{container_name!="POD",pod_name=~"^%{ci_environment_slug}-([^c].*|c([^a]|a([^n]|n([^a]|a([^r]|r[^y])))).*|)-(.*)",namespace="%{kube_namespace}"}) without (job)) /1024/1024'
-      label: Pod average
+      label: Pod average (MB)
       unit: MB
   - title: "Canary: Memory Usage (Pod Average)"
     type: "area-chart"
-    y_label: "Memory Used per Pod"
+    y_label: "Memory Used per Pod (MB)"
     weight: 2
     metrics:
     - id: system_metrics_kubernetes_container_memory_average_canary
       query_range: 'avg(sum(container_memory_usage_bytes{container_name!="POD",pod_name=~"^%{ci_environment_slug}-canary-(.*)",namespace="%{kube_namespace}"}) by (job)) without (job) / count(avg(container_memory_usage_bytes{container_name!="POD",pod_name=~"^%{ci_environment_slug}-canary-(.*)",namespace="%{kube_namespace}"}) without (job)) /1024/1024'
-      label: Pod average
+      label: Pod average (MB)
       unit: MB
       track: canary
   - title: "Core Usage (Pod Average)"
@@ -191,7 +191,7 @@ panel_groups:
     metrics:
     - id: system_metrics_kubernetes_container_core_usage
       query_range: 'avg(sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name=~"^%{ci_environment_slug}-([^c].*|c([^a]|a([^n]|n([^a]|a([^r]|r[^y])))).*|)-(.*)",namespace="%{kube_namespace}"}[15m])) by (job)) without (job) / count(sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name=~"^%{ci_environment_slug}-([^c].*|c([^a]|a([^n]|n([^a]|a([^r]|r[^y])))).*|)-(.*)",namespace="%{kube_namespace}"}[15m])) by (pod_name))'
-      label: Pod average
+      label: Pod average (cores)
       unit: "cores"
   - title: "Canary: Core Usage (Pod Average)"
     type: "area-chart"
@@ -200,7 +200,7 @@ panel_groups:
     metrics:
     - id: system_metrics_kubernetes_container_core_usage_canary
       query_range: 'avg(sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name=~"^%{ci_environment_slug}-canary-(.*)",namespace="%{kube_namespace}"}[15m])) by (job)) without (job) / count(sum(rate(container_cpu_usage_seconds_total{container_name!="POD",pod_name=~"^%{ci_environment_slug}-canary-(.*)",namespace="%{kube_namespace}"}[15m])) by (pod_name))'
-      label: Pod average
+      label: Pod average (cores)
       unit: "cores"
       track: canary
   - title: "Knative function invocations"
diff --git a/db/migrate/20190709220014_import_common_metrics_y_axis.rb b/db/migrate/20190709220014_import_common_metrics_y_axis.rb
new file mode 100644
index 00000000000..89ecf32ecc1
--- /dev/null
+++ b/db/migrate/20190709220014_import_common_metrics_y_axis.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class ImportCommonMetricsYAxis < ActiveRecord::Migration[5.1]
+  DOWNTIME = false
+
+  def up
+    ::Gitlab::DatabaseImporters::CommonMetrics::Importer.new.execute
+  end
+
+  def down
+    # no-op
+  end
+end
-- 
cgit v1.2.1


From 65d8e39dc49a25bc25fae71e19b51edd53fb091e Mon Sep 17 00:00:00 2001
From: Harish Ramachandran <harish@gitlab.com>
Date: Fri, 26 Jul 2019 11:36:48 -0400
Subject: Document how to use the GroupSync rake task

---
 doc/administration/raketasks/ldap.md | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/doc/administration/raketasks/ldap.md b/doc/administration/raketasks/ldap.md
index 91fc0133d56..e880d76e756 100644
--- a/doc/administration/raketasks/ldap.md
+++ b/doc/administration/raketasks/ldap.md
@@ -28,6 +28,31 @@ limit by passing a number to the check task:
 rake gitlab:ldap:check[50]
 ```
 
+## Run a Group Sync
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/14735) in [GitLab Starter](https://about.gitlab.com/pricing/) 12.3.
+
+The following task will run a [group sync](../auth/ldap-ee.md#group-sync) immediately. This is valuable
+when you'd like to update all configured group memberships against LDAP without
+waiting for the next scheduled group sync to be run.
+
+NOTE: **NOTE:**
+If you'd like to change the frequency at which a group sync is performed,
+[adjust the cron schedule](../auth/ldap-ee.md#adjusting-ldap-group-sync-schedule)
+instead.
+
+**Omnibus Installation**
+
+```
+sudo gitlab-rake gitlab:ldap:group_sync
+```
+
+**Source Installation**
+
+```bash
+bundle exec rake gitlab:ldap:group_sync
+```
+
 ## Rename a provider
 
 If you change the LDAP server ID in `gitlab.yml` or `gitlab.rb` you will need
-- 
cgit v1.2.1


From 5a8eaef42e771e9de6f6cbce715877352807f53c Mon Sep 17 00:00:00 2001
From: Oleg Zubchenko <RedGreenBlueDiamond@gmail.com>
Date: Thu, 4 Jul 2019 14:59:10 +0300
Subject: Add git blame api

---
 changelogs/unreleased/add-git-blame-api.yml |   5 +
 doc/api/repository_files.md                 |  69 ++++++++++++
 lib/api/entities.rb                         |  13 +++
 lib/api/files.rb                            |  25 +++++
 spec/requests/api/files_spec.rb             | 162 ++++++++++++++++++++++++++++
 5 files changed, 274 insertions(+)
 create mode 100644 changelogs/unreleased/add-git-blame-api.yml

diff --git a/changelogs/unreleased/add-git-blame-api.yml b/changelogs/unreleased/add-git-blame-api.yml
new file mode 100644
index 00000000000..cdb77041433
--- /dev/null
+++ b/changelogs/unreleased/add-git-blame-api.yml
@@ -0,0 +1,5 @@
+---
+title: Add git blame to GitLab API
+merge_request: 30675
+author: Oleg Zubchenko
+type: added
diff --git a/doc/api/repository_files.md b/doc/api/repository_files.md
index 87c7f371de1..b292c9dd7de 100644
--- a/doc/api/repository_files.md
+++ b/doc/api/repository_files.md
@@ -80,6 +80,75 @@ X-Gitlab-Size: 1476
 ...
 ```
 
+## Get file blame from repository
+
+Allows you to receive blame information. Each blame range contains lines and corresponding commit info.
+
+```
+GET /projects/:id/repository/files/:file_path/blame
+```
+
+```bash
+curl --request GET --header 'PRIVATE-TOKEN: <your_access_token>' 'https://gitlab.example.com/api/v4/projects/13083/repository/files/path%2Fto%2Ffile.rb/blame?ref=master'
+```
+
+Example response:
+
+```json
+[
+  {
+    "commit": {
+      "id": "d42409d56517157c48bf3bd97d3f75974dde19fb",
+      "message": "Add feature\n\nalso fix bug\n",
+      "parent_ids": [
+        "cc6e14f9328fa6d7b5a0d3c30dc2002a3f2a3822"
+      ],
+      "authored_date": "2015-12-18T08:12:22.000Z",
+      "author_name": "John Doe",
+      "author_email": "john.doe@example.com",
+      "committed_date": "2015-12-18T08:12:22.000Z",
+      "committer_name": "John Doe",
+      "committer_email": "john.doe@example.com"
+    },
+    "lines": [
+      "require 'fileutils'",
+      "require 'open3'",
+      ""
+    ]
+  },
+  ...
+]
+```
+
+Parameters:
+
+- `file_path` (required) - Url encoded full path to new file. Ex. lib%2Fclass%2Erb
+- `ref` (required) - The name of branch, tag or commit
+
+NOTE: **Note:**
+`HEAD` method return just file metadata as in [Get file from repository](repository_files.md#get-file-from-repository).
+
+```bash
+curl --head --header 'PRIVATE-TOKEN: <your_access_token>' 'https://gitlab.example.com/api/v4/projects/13083/repository/files/path%2Fto%2Ffile.rb/blame?ref=master'
+```
+
+Example response:
+
+```text
+HTTP/1.1 200 OK
+...
+X-Gitlab-Blob-Id: 79f7bbd25901e8334750839545a9bd021f0e4c83
+X-Gitlab-Commit-Id: d5a3ff139356ce33e37e73add446f16869741b50
+X-Gitlab-Content-Sha256: 4c294617b60715c1d218e61164a3abd4808a4284cbc30e6728a01ad9aada4481
+X-Gitlab-Encoding: base64
+X-Gitlab-File-Name: file.rb
+X-Gitlab-File-Path: path/to/file.rb
+X-Gitlab-Last-Commit-Id: 570e7b2abdd848b95f2f578043fc23bd6f6fd24d
+X-Gitlab-Ref: master
+X-Gitlab-Size: 1476
+...
+```
+
 ## Get raw file from repository
 
 ```
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 0a9515f1dd2..2b1176871fe 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -2,6 +2,19 @@
 
 module API
   module Entities
+    class BlameRangeCommit < Grape::Entity
+      expose :id
+      expose :parent_ids
+      expose :message
+      expose :authored_date, :author_name, :author_email
+      expose :committed_date, :committer_name, :committer_email
+    end
+
+    class BlameRange < Grape::Entity
+      expose :commit, using: BlameRangeCommit
+      expose :lines
+    end
+
     class WikiPageBasic < Grape::Entity
       expose :format
       expose :slug
diff --git a/lib/api/files.rb b/lib/api/files.rb
index ca59d330e1c..0b438fb5bbc 100644
--- a/lib/api/files.rb
+++ b/lib/api/files.rb
@@ -83,6 +83,31 @@ module API
     resource :projects, requirements: FILE_ENDPOINT_REQUIREMENTS do
       allow_access_with_scope :read_repository, if: -> (request) { request.get? || request.head? }
 
+      desc 'Get blame file metadata from repository'
+      params do
+        requires :file_path, type: String, desc: 'The url encoded path to the file. Ex. lib%2Fclass%2Erb'
+        requires :ref, type: String, desc: 'The name of branch, tag or commit', allow_blank: false
+      end
+      head ":id/repository/files/:file_path/blame", requirements: FILE_ENDPOINT_REQUIREMENTS do
+        assign_file_vars!
+
+        set_http_headers(blob_data)
+      end
+
+      desc 'Get blame file from the repository'
+      params do
+        requires :file_path, type: String, desc: 'The url encoded path to the file. Ex. lib%2Fclass%2Erb'
+        requires :ref, type: String, desc: 'The name of branch, tag or commit', allow_blank: false
+      end
+      get ":id/repository/files/:file_path/blame", requirements: FILE_ENDPOINT_REQUIREMENTS do
+        assign_file_vars!
+
+        set_http_headers(blob_data)
+
+        blame_ranges = Gitlab::Blame.new(@blob, @commit).groups(highlight: false)
+        present blame_ranges, with: Entities::BlameRange
+      end
+
       desc 'Get raw file metadata from repository'
       params do
         requires :file_path, type: String, desc: 'The url encoded path to the file. Ex. lib%2Fclass%2Erb'
diff --git a/spec/requests/api/files_spec.rb b/spec/requests/api/files_spec.rb
index 1ad536258ba..21b67357543 100644
--- a/spec/requests/api/files_spec.rb
+++ b/spec/requests/api/files_spec.rb
@@ -186,6 +186,14 @@ describe API::Files do
         expect(headers[Gitlab::Workhorse::DETECT_HEADER]).to eq "true"
       end
 
+      it 'returns blame file info' do
+        url = route(file_path) + '/blame'
+
+        get api(url, current_user), params: params
+
+        expect(response).to have_gitlab_http_status(200)
+      end
+
       it 'sets inline content disposition by default' do
         url = route(file_path) + "/raw"
 
@@ -252,6 +260,160 @@ describe API::Files do
     end
   end
 
+  describe 'GET /projects/:id/repository/files/:file_path/blame' do
+    shared_examples_for 'repository blame files' do
+      let(:expected_blame_range_sizes) do
+        [3, 2, 1, 2, 1, 1, 1, 1, 8, 1, 3, 1, 2, 1, 4, 1, 2, 2]
+      end
+
+      let(:expected_blame_range_commit_ids) do
+        %w[
+          913c66a37b4a45b9769037c55c2d238bd0942d2e
+          874797c3a73b60d2187ed6e2fcabd289ff75171e
+          913c66a37b4a45b9769037c55c2d238bd0942d2e
+          874797c3a73b60d2187ed6e2fcabd289ff75171e
+          570e7b2abdd848b95f2f578043fc23bd6f6fd24d
+          874797c3a73b60d2187ed6e2fcabd289ff75171e
+          913c66a37b4a45b9769037c55c2d238bd0942d2e
+          874797c3a73b60d2187ed6e2fcabd289ff75171e
+          570e7b2abdd848b95f2f578043fc23bd6f6fd24d
+          913c66a37b4a45b9769037c55c2d238bd0942d2e
+          874797c3a73b60d2187ed6e2fcabd289ff75171e
+          913c66a37b4a45b9769037c55c2d238bd0942d2e
+          874797c3a73b60d2187ed6e2fcabd289ff75171e
+          570e7b2abdd848b95f2f578043fc23bd6f6fd24d
+          874797c3a73b60d2187ed6e2fcabd289ff75171e
+          913c66a37b4a45b9769037c55c2d238bd0942d2e
+          874797c3a73b60d2187ed6e2fcabd289ff75171e
+          913c66a37b4a45b9769037c55c2d238bd0942d2e
+        ]
+      end
+
+      it 'returns file attributes in headers' do
+        head api(route(file_path) + '/blame', current_user), params: params
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(response.headers['X-Gitlab-File-Path']).to eq(CGI.unescape(file_path))
+        expect(response.headers['X-Gitlab-File-Name']).to eq('popen.rb')
+        expect(response.headers['X-Gitlab-Last-Commit-Id']).to eq('570e7b2abdd848b95f2f578043fc23bd6f6fd24d')
+        expect(response.headers['X-Gitlab-Content-Sha256'])
+          .to eq('c440cd09bae50c4632cc58638ad33c6aa375b6109d811e76a9cc3a613c1e8887')
+      end
+
+      it 'returns blame file attributes as json' do
+        get api(route(file_path) + '/blame', current_user), params: params
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(json_response.map { |x| x['lines'].size }).to eq(expected_blame_range_sizes)
+        expect(json_response.map { |x| x['commit']['id'] }).to eq(expected_blame_range_commit_ids)
+        range = json_response[0]
+        expect(range['lines']).to eq(["require 'fileutils'", "require 'open3'", ''])
+        expect(range['commit']['id']).to eq('913c66a37b4a45b9769037c55c2d238bd0942d2e')
+        expect(range['commit']['parent_ids']).to eq(['cfe32cf61b73a0d5e9f13e774abde7ff789b1660'])
+        expect(range['commit']['message'])
+          .to eq("Files, encoding and much more\n\nSigned-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>\n")
+
+        expect(range['commit']['authored_date']).to eq('2014-02-27T08:14:56.000Z')
+        expect(range['commit']['author_name']).to eq('Dmitriy Zaporozhets')
+        expect(range['commit']['author_email']).to eq('dmitriy.zaporozhets@gmail.com')
+
+        expect(range['commit']['committed_date']).to eq('2014-02-27T08:14:56.000Z')
+        expect(range['commit']['committer_name']).to eq('Dmitriy Zaporozhets')
+        expect(range['commit']['committer_email']).to eq('dmitriy.zaporozhets@gmail.com')
+      end
+
+      it 'returns blame file info for files with dots' do
+        url = route('.gitignore') + '/blame'
+
+        get api(url, current_user), params: params
+
+        expect(response).to have_gitlab_http_status(200)
+      end
+
+      it 'returns file by commit sha' do
+        # This file is deleted on HEAD
+        file_path = 'files%2Fjs%2Fcommit%2Ejs%2Ecoffee'
+        params[:ref] = '6f6d7e7ed97bb5f0054f2b1df789b39ca89b6ff9'
+
+        get api(route(file_path) + '/blame', current_user), params: params
+
+        expect(response).to have_gitlab_http_status(200)
+      end
+
+      context 'when mandatory params are not given' do
+        it_behaves_like '400 response' do
+          let(:request) { get api(route('any%2Ffile/blame'), current_user) }
+        end
+      end
+
+      context 'when file_path does not exist' do
+        let(:params) { { ref: 'master' } }
+
+        it_behaves_like '404 response' do
+          let(:request) { get api(route('app%2Fmodels%2Fapplication%2Erb/blame'), current_user), params: params }
+          let(:message) { '404 File Not Found' }
+        end
+      end
+
+      context 'when commit does not exist' do
+        let(:params) { { ref: '1111111111111111111111111111111111111111' } }
+
+        it_behaves_like '404 response' do
+          let(:request) { get api(route(file_path + '/blame'), current_user), params: params }
+          let(:message) { '404 Commit Not Found' }
+        end
+      end
+
+      context 'when repository is disabled' do
+        include_context 'disabled repository'
+
+        it_behaves_like '403 response' do
+          let(:request) { get api(route(file_path + '/blame'), current_user), params: params }
+        end
+      end
+    end
+
+    context 'when unauthenticated', 'and project is public' do
+      it_behaves_like 'repository blame files' do
+        let(:project) { create(:project, :public, :repository) }
+        let(:current_user) { nil }
+      end
+    end
+
+    context 'when unauthenticated', 'and project is private' do
+      it_behaves_like '404 response' do
+        let(:request) { get api(route(file_path)), params: params }
+        let(:message) { '404 Project Not Found' }
+      end
+    end
+
+    context 'when authenticated', 'as a developer' do
+      it_behaves_like 'repository blame files' do
+        let(:current_user) { user }
+      end
+    end
+
+    context 'when authenticated', 'as a guest' do
+      it_behaves_like '403 response' do
+        let(:request) { get api(route(file_path) + '/blame', guest), params: params }
+      end
+    end
+
+    context 'when PATs are used' do
+      it 'returns blame file by commit sha' do
+        token = create(:personal_access_token, scopes: ['read_repository'], user: user)
+
+        # This file is deleted on HEAD
+        file_path = 'files%2Fjs%2Fcommit%2Ejs%2Ecoffee'
+        params[:ref] = '6f6d7e7ed97bb5f0054f2b1df789b39ca89b6ff9'
+
+        get api(route(file_path) + '/blame', personal_access_token: token), params: params
+
+        expect(response).to have_gitlab_http_status(200)
+      end
+    end
+  end
+
   describe "GET /projects/:id/repository/files/:file_path/raw" do
     shared_examples_for 'repository raw files' do
       it 'returns raw file info' do
-- 
cgit v1.2.1


From a90b38641d43870a4bf36544ed1d966ae8d1fa13 Mon Sep 17 00:00:00 2001
From: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Date: Fri, 26 Jul 2019 17:57:43 +0000
Subject: Update CHANGELOG.md for 12.1.2

[ci skip]
---
 CHANGELOG.md                                               | 4 ++++
 changelogs/unreleased/security-mr-pipeline-permissions.yml | 5 -----
 2 files changed, 4 insertions(+), 5 deletions(-)
 delete mode 100644 changelogs/unreleased/security-mr-pipeline-permissions.yml

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0610228127d..e2882bce1bd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,10 @@ entry.
 
 ## 12.1.2
 
+### Security (1 change)
+
+- Use source project as permissions reference for MergeRequestsController#pipelines.
+
 ### Security (9 changes)
 
 - Restrict slash commands to users who can log in.
diff --git a/changelogs/unreleased/security-mr-pipeline-permissions.yml b/changelogs/unreleased/security-mr-pipeline-permissions.yml
deleted file mode 100644
index a317c93228c..00000000000
--- a/changelogs/unreleased/security-mr-pipeline-permissions.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Use source project as permissions reference for MergeRequestsController#pipelines
-merge_request:
-author:
-type: security
-- 
cgit v1.2.1


From 9bf08867ddece5fec67807631de7d4fb9a0bd6a6 Mon Sep 17 00:00:00 2001
From: Dan Davison <ddavison@gitlab.com>
Date: Fri, 26 Jul 2019 18:07:51 +0000
Subject: Refactor elements used by ci_variable and ::CICD

Many elements defined in the QA framework in ci_variable.rb
call elements and methods that are not framework specific.

Fix these issues, as well as use data-qa-selector s
---
 app/views/layouts/nav/sidebar/_project.html.haml    |  8 ++++----
 .../settings/ci_cd/_autodevops_form.html.haml       |  4 ++--
 app/views/projects/settings/ci_cd/show.html.haml    |  6 +++---
 qa/qa/page/project/settings/ci_cd.rb                | 21 ++++++++++-----------
 qa/qa/page/project/sub_menus/project.rb             |  4 ++--
 5 files changed, 21 insertions(+), 22 deletions(-)

diff --git a/app/views/layouts/nav/sidebar/_project.html.haml b/app/views/layouts/nav/sidebar/_project.html.haml
index d1634eb62c0..92dd558885a 100644
--- a/app/views/layouts/nav/sidebar/_project.html.haml
+++ b/app/views/layouts/nav/sidebar/_project.html.haml
@@ -9,7 +9,7 @@
           = @project.name
     %ul.sidebar-top-level-items
       = nav_link(path: sidebar_projects_paths, html_options: { class: 'home' }) do
-        = link_to project_path(@project), class: 'shortcuts-project qa-link-project' do
+        = link_to project_path(@project), class: 'shortcuts-project', data: { qa_selector: 'project_link' } do
           .nav-icon-container
             = sprite_icon('home')
           %span.nav-item-name
@@ -26,7 +26,7 @@
               %span= _('Details')
 
           = nav_link(path: 'projects#activity') do
-            = link_to activity_project_path(@project), title: _('Activity'), class: 'shortcuts-project-activity qa-activity-link' do
+            = link_to activity_project_path(@project), title: _('Activity'), class: 'shortcuts-project-activity', data: { qa_selector: 'activity_link' } do
               %span= _('Activity')
 
           - if project_nav_tab?(:releases)
@@ -146,7 +146,7 @@
 
       - if project_nav_tab? :merge_requests
         = nav_link(controller: @project.issues_enabled? ? :merge_requests : [:merge_requests, :labels, :milestones]) do
-          = link_to project_merge_requests_path(@project), class: 'shortcuts-merge_requests qa-merge-requests-link' do
+          = link_to project_merge_requests_path(@project), class: 'shortcuts-merge_requests', data: { qa_selector: 'merge_requests_link' } do
             .nav-icon-container
               = sprite_icon('git-merge')
             %span.nav-item-name#js-onboarding-mr-link
@@ -277,7 +277,7 @@
       - if project_nav_tab? :wiki
         - wiki_url = project_wiki_path(@project, :home)
         = nav_link(controller: :wikis) do
-          = link_to wiki_url, class: 'shortcuts-wiki qa-wiki-link' do
+          = link_to wiki_url, class: 'shortcuts-wiki', data: { qa_selector: 'wiki_link' } do
             .nav-icon-container
               = sprite_icon('book')
             %span.nav-item-name
diff --git a/app/views/projects/settings/ci_cd/_autodevops_form.html.haml b/app/views/projects/settings/ci_cd/_autodevops_form.html.haml
index fe74dc122c3..04b77fb987a 100644
--- a/app/views/projects/settings/ci_cd/_autodevops_form.html.haml
+++ b/app/views/projects/settings/ci_cd/_autodevops_form.html.haml
@@ -8,7 +8,7 @@
             .card.auto-devops-card
               .card-body
                 .form-check
-                  = form.check_box :enabled, class: 'form-check-input js-toggle-extra-settings', checked: auto_devops_enabled
+                  = form.check_box :enabled, class: 'form-check-input js-toggle-extra-settings', checked: auto_devops_enabled, data: { qa_selector: 'enable_autodevops_checkbox' }
                   = form.label :enabled, class: 'form-check-label' do
                     %strong= s_('CICD|Default to Auto DevOps pipeline')
                     - if auto_devops_enabled
@@ -42,4 +42,4 @@
                     = s_('CICD|Automatic deployment to staging, manual deployment to production')
                     = link_to icon('question-circle'), help_page_path('topics/autodevops/index.md', anchor: 'incremental-rollout-to-production'), target: '_blank'
 
-          = f.submit _('Save changes'), class: "btn btn-success prepend-top-15"
+          = f.submit _('Save changes'), class: "btn btn-success prepend-top-15", data: { qa_selector: 'save_changes_button' }
diff --git a/app/views/projects/settings/ci_cd/show.html.haml b/app/views/projects/settings/ci_cd/show.html.haml
index 5e3e1076c2c..293f0a241eb 100644
--- a/app/views/projects/settings/ci_cd/show.html.haml
+++ b/app/views/projects/settings/ci_cd/show.html.haml
@@ -16,7 +16,7 @@
   .settings-content
     = render 'form'
 
-%section.qa-autodevops-settings.settings#autodevops-settings.no-animate{ class: ('expanded' if expanded) }
+%section.settings#autodevops-settings.no-animate{ class: ('expanded' if expanded), data: { qa_selector: 'autodevops_settings_content' } }
   .settings-header
     %h4
       = s_('CICD|Auto DevOps')
@@ -30,7 +30,7 @@
 
 = render_if_exists 'projects/settings/ci_cd/protected_environments', expanded: expanded
 
-%section.qa-runners-settings.settings.no-animate#js-runners-settings{ class: ('expanded' if expanded) }
+%section.settings.no-animate#js-runners-settings{ class: ('expanded' if expanded), data: { qa_selector: 'runners_settings_content' } }
   .settings-header
     %h4
       = _("Runners")
@@ -41,7 +41,7 @@
   .settings-content
     = render 'projects/runners/index'
 
-%section.qa-variables-settings.settings.no-animate{ class: ('expanded' if expanded) }
+%section.settings.no-animate{ class: ('expanded' if expanded), data: { qa_selector: 'variables_settings_content' } }
   .settings-header
     = render 'ci/variables/header', expanded: expanded
   .settings-content
diff --git a/qa/qa/page/project/settings/ci_cd.rb b/qa/qa/page/project/settings/ci_cd.rb
index b8c5c563da6..ae826fb3a32 100644
--- a/qa/qa/page/project/settings/ci_cd.rb
+++ b/qa/qa/page/project/settings/ci_cd.rb
@@ -8,33 +8,32 @@ module QA
           include Common
 
           view 'app/views/projects/settings/ci_cd/show.html.haml' do
-            element :autodevops_settings
-            element :runners_settings
-            element :variables_settings
+            element :autodevops_settings_content
+            element :runners_settings_content
+            element :variables_settings_content
           end
 
           view 'app/views/projects/settings/ci_cd/_autodevops_form.html.haml' do
-            element :enable_auto_devops_field, 'check_box :enabled' # rubocop:disable QA/ElementWithPattern
-            element :enable_auto_devops_button, "%strong= s_('CICD|Default to Auto DevOps pipeline')" # rubocop:disable QA/ElementWithPattern
-            element :save_changes_button, "submit _('Save changes')" # rubocop:disable QA/ElementWithPattern
+            element :enable_autodevops_checkbox
+            element :save_changes_button
           end
 
           def expand_runners_settings(&block)
-            expand_section(:runners_settings) do
+            expand_section(:runners_settings_content) do
               Settings::Runners.perform(&block)
             end
           end
 
           def expand_ci_variables(&block)
-            expand_section(:variables_settings) do
+            expand_section(:variables_settings_content) do
               Settings::CiVariables.perform(&block)
             end
           end
 
           def enable_auto_devops
-            expand_section(:autodevops_settings) do
-              check 'Default to Auto DevOps pipeline'
-              click_on 'Save changes'
+            expand_section(:autodevops_settings_content) do
+              check_element :enable_autodevops_checkbox
+              click_element :save_changes_button
             end
           end
         end
diff --git a/qa/qa/page/project/sub_menus/project.rb b/qa/qa/page/project/sub_menus/project.rb
index 5e0ee3c274a..6f1bc131f84 100644
--- a/qa/qa/page/project/sub_menus/project.rb
+++ b/qa/qa/page/project/sub_menus/project.rb
@@ -10,7 +10,7 @@ module QA
           def self.included(base)
             base.class_eval do
               view 'app/views/layouts/nav/sidebar/_project.html.haml' do
-                element :link_project
+                element :project_link
               end
             end
           end
@@ -18,7 +18,7 @@ module QA
           def click_project
             retry_on_exception do
               within_sidebar do
-                click_element(:link_project)
+                click_element(:project_link)
               end
             end
           end
-- 
cgit v1.2.1


From ebd992fdafb5e10dcf22b7f6a751ffc882ebaea4 Mon Sep 17 00:00:00 2001
From: Tanya Pazitny <tpazitny@gitlab.com>
Date: Fri, 26 Jul 2019 21:00:54 +0000
Subject: Changes capybara selector to qa-selector

Otherwise capybara hits ambiguous match.
---
 spec/features/contextual_sidebar_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/features/contextual_sidebar_spec.rb b/spec/features/contextual_sidebar_spec.rb
index 88da1b7966b..9807818bef7 100644
--- a/spec/features/contextual_sidebar_spec.rb
+++ b/spec/features/contextual_sidebar_spec.rb
@@ -20,7 +20,7 @@ describe 'Contextual sidebar', :js do
 
     expect(page).to have_selector('.is-showing-fly-out')
 
-    find('.qa-link-project').hover
+    find('a[data-qa-selector="project_link"]').hover
 
     expect(page).not_to have_selector('.is-showing-fly-out')
 
@@ -30,7 +30,7 @@ describe 'Contextual sidebar', :js do
 
     expect(page).to have_selector('.is-showing-fly-out')
 
-    find('.qa-link-project').hover
+    find('a[data-qa-selector="project_link"]').hover
 
     expect(page).to have_selector('.is-showing-fly-out')
   end
-- 
cgit v1.2.1


From 68f170a449afee29ab7361ffac09269db3ce13bf Mon Sep 17 00:00:00 2001
From: Tanya Pazitny <tpazitny@gitlab.com>
Date: Fri, 26 Jul 2019 14:42:07 -0700
Subject: Change qa-* class references to rspec-*

---
 .../protected_branches/_create_protected_branch.html.haml    |  4 ++--
 .../features/protected_branches_access_control_ce.rb         | 12 ++++++------
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/app/views/projects/protected_branches/_create_protected_branch.html.haml b/app/views/projects/protected_branches/_create_protected_branch.html.haml
index 24b53555cdc..ee359a01e74 100644
--- a/app/views/projects/protected_branches/_create_protected_branch.html.haml
+++ b/app/views/projects/protected_branches/_create_protected_branch.html.haml
@@ -2,13 +2,13 @@
   .merge_access_levels-container
     = dropdown_tag('Select',
                     options: { toggle_class: 'js-allowed-to-merge qa-allowed-to-merge-select wide',
-                    dropdown_class: 'dropdown-menu-selectable qa-allowed-to-merge-dropdown capitalize-header',
+                    dropdown_class: 'dropdown-menu-selectable qa-allowed-to-merge-dropdown rspec-allowed-to-merge-dropdown capitalize-header',
                     data: { field_name: 'protected_branch[merge_access_levels_attributes][0][access_level]', input_id: 'merge_access_levels_attributes' }})
 - content_for :push_access_levels do
   .push_access_levels-container
     = dropdown_tag('Select',
                     options: { toggle_class: 'js-allowed-to-push qa-allowed-to-push-select wide',
-                    dropdown_class: 'dropdown-menu-selectable qa-allowed-to-push-dropdown capitalize-header',
+                    dropdown_class: 'dropdown-menu-selectable qa-allowed-to-push-dropdown rspec-allowed-to-push-dropdown capitalize-header',
                     data: { field_name: 'protected_branch[push_access_levels_attributes][0][access_level]', input_id: 'push_access_levels_attributes' }})
 
 = render 'projects/protected_branches/shared/create_protected_branch'
diff --git a/spec/support/shared_examples/features/protected_branches_access_control_ce.rb b/spec/support/shared_examples/features/protected_branches_access_control_ce.rb
index 867a1774aa9..db83d6f0793 100644
--- a/spec/support/shared_examples/features/protected_branches_access_control_ce.rb
+++ b/spec/support/shared_examples/features/protected_branches_access_control_ce.rb
@@ -8,7 +8,7 @@ shared_examples "protected branches > access control > CE" do
       set_protected_branch_name('master')
 
       find(".js-allowed-to-merge").click
-      within('.qa-allowed-to-merge-dropdown') do
+      within('.rspec-allowed-to-merge-dropdown') do
         expect(first("li")).to have_content("Roles")
         find(:link, 'No one').click
       end
@@ -34,13 +34,13 @@ shared_examples "protected branches > access control > CE" do
       set_protected_branch_name('master')
 
       find(".js-allowed-to-merge").click
-      within('.qa-allowed-to-merge-dropdown') do
+      within('.rspec-allowed-to-merge-dropdown') do
         expect(first("li")).to have_content("Roles")
         find(:link, 'No one').click
       end
 
       find(".js-allowed-to-push").click
-      within('.qa-allowed-to-push-dropdown') do
+      within('.rspec-allowed-to-push-dropdown') do
         expect(first("li")).to have_content("Roles")
         find(:link, 'No one').click
       end
@@ -80,7 +80,7 @@ shared_examples "protected branches > access control > CE" do
       end
 
       find(".js-allowed-to-push").click
-      within('.qa-allowed-to-push-dropdown') do
+      within('.rspec-allowed-to-push-dropdown') do
         expect(first("li")).to have_content("Roles")
         find(:link, 'No one').click
       end
@@ -97,13 +97,13 @@ shared_examples "protected branches > access control > CE" do
       set_protected_branch_name('master')
 
       find(".js-allowed-to-merge").click
-      within('.qa-allowed-to-merge-dropdown') do
+      within('.rspec-allowed-to-merge-dropdown') do
         expect(first("li")).to have_content("Roles")
         find(:link, 'No one').click
       end
 
       find(".js-allowed-to-push").click
-      within('.qa-allowed-to-push-dropdown') do
+      within('.rspec-allowed-to-push-dropdown') do
         expect(first("li")).to have_content("Roles")
         find(:link, 'No one').click
       end
-- 
cgit v1.2.1


From e8e4821bce5a9796836fbf705bce1a73aef275c3 Mon Sep 17 00:00:00 2001
From: Tanya Pazitny <tpazitny@gitlab.com>
Date: Fri, 26 Jul 2019 14:48:11 -0700
Subject: Change qa-* class references to rspec-*

---
 app/views/projects/wikis/_form.html.haml                   | 2 +-
 spec/features/projects/wiki/user_creates_wiki_page_spec.rb | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/views/projects/wikis/_form.html.haml b/app/views/projects/wikis/_form.html.haml
index 5bb69563b51..66a614b0197 100644
--- a/app/views/projects/wikis/_form.html.haml
+++ b/app/views/projects/wikis/_form.html.haml
@@ -51,6 +51,6 @@
       .float-right
         = link_to _("Cancel"), project_wiki_path(@project, @page), class: 'btn btn-cancel btn-grouped'
     - else
-      = f.submit s_("Wiki|Create page"), class: 'btn-success btn qa-create-page-button'
+      = f.submit s_("Wiki|Create page"), class: 'btn-success btn qa-create-page-button rspec-create-page-button'
       .float-right
         = link_to _("Cancel"), project_wiki_path(@project, :home), class: 'btn btn-cancel'
diff --git a/spec/features/projects/wiki/user_creates_wiki_page_spec.rb b/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
index 80741ace5d6..249bff4ab67 100644
--- a/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
+++ b/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
@@ -140,7 +140,7 @@ describe "User creates wiki page" do
         # blur. Just not `click`. But only when you manually insert \n or \r - if you manually insert any other sequence
         # then `click` is fired normally. And it's only Capybara. Browsers and JSDOM don't have this issue.
         # So that's why the next line performs the click via JS.
-        page.execute_script("document.querySelector('.qa-create-page-button').click()")
+        page.execute_script("document.querySelector('.rspec-create-page-button').click()")
 
         page.within ".md" do
           expect(page).to have_selector(".katex", count: 3).and have_content("2+2 is 4")
-- 
cgit v1.2.1


From 03a8f1088fa3f1c76c5b03722c62255ab8ba4cb6 Mon Sep 17 00:00:00 2001
From: Kyle Wiebers <kwiebers@gitlab.com>
Date: Thu, 25 Jul 2019 10:59:31 -0500
Subject: Update gitlab-styles to add Lint/SafeNavigationWithEmpty

---
 Gemfile.lock                                 | 6 +++---
 app/models/concerns/token_authenticatable.rb | 4 +---
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 7e26c5bbc45..4b5b264700d 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -321,7 +321,7 @@ GEM
     gitlab-markup (1.7.0)
     gitlab-sidekiq-fetcher (0.4.0)
       sidekiq (~> 5)
-    gitlab-styles (2.7.0)
+    gitlab-styles (2.8.0)
       rubocop (~> 0.69.0)
       rubocop-gitlab-security (~> 0.1.0)
       rubocop-performance (~> 1.1.0)
@@ -441,7 +441,7 @@ GEM
     jaeger-client (0.10.0)
       opentracing (~> 0.3)
       thrift
-    jaro_winkler (1.5.2)
+    jaro_winkler (1.5.3)
     jira-ruby (1.4.1)
       activesupport
       multipart-post
@@ -845,7 +845,7 @@ GEM
     ruby-fogbugz (0.2.1)
       crack (~> 0.4)
     ruby-prof (0.17.0)
-    ruby-progressbar (1.10.0)
+    ruby-progressbar (1.10.1)
     ruby-saml (1.7.2)
       nokogiri (>= 1.5.10)
     ruby_parser (3.13.1)
diff --git a/app/models/concerns/token_authenticatable.rb b/app/models/concerns/token_authenticatable.rb
index 1293df571a3..4099039dd96 100644
--- a/app/models/concerns/token_authenticatable.rb
+++ b/app/models/concerns/token_authenticatable.rb
@@ -3,10 +3,8 @@
 module TokenAuthenticatable
   extend ActiveSupport::Concern
 
-  private
-
   class_methods do
-    private # rubocop:disable Lint/UselessAccessModifier
+    private
 
     def add_authentication_token_field(token_field, options = {})
       if token_authenticatable_fields.include?(token_field)
-- 
cgit v1.2.1


From a117fc178e08b46a0ee8640b97450183f4e83163 Mon Sep 17 00:00:00 2001
From: Tanya Pazitny <tpazitny@gitlab.com>
Date: Fri, 26 Jul 2019 14:51:59 -0700
Subject: Change qa-* class references to rspec-*

---
 app/views/projects/edit.html.haml                                       | 2 +-
 .../projects/settings/user_manages_merge_requests_settings_spec.rb      | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/views/projects/edit.html.haml b/app/views/projects/edit.html.haml
index 3403564992e..ba412b550f1 100644
--- a/app/views/projects/edit.html.haml
+++ b/app/views/projects/edit.html.haml
@@ -35,7 +35,7 @@
     = form_for [@project.namespace.becomes(Namespace), @project], remote: true, html: { multipart: true, class: "merge-request-settings-form js-mr-settings-form" }, authenticity_token: true do |f|
       %input{ name: 'update_section', type: 'hidden', value: 'js-merge-request-settings' }
       = render 'projects/merge_request_settings', form: f
-      = f.submit _('Save changes'), class: "btn btn-success qa-save-merge-request-changes"
+      = f.submit _('Save changes'), class: "btn btn-success qa-save-merge-request-changes rspec-save-merge-request-changes"
 
 = render_if_exists 'projects/merge_request_approvals_settings', expanded: expanded
 
diff --git a/spec/features/projects/settings/user_manages_merge_requests_settings_spec.rb b/spec/features/projects/settings/user_manages_merge_requests_settings_spec.rb
index 0739726f52c..9f09c5c4501 100644
--- a/spec/features/projects/settings/user_manages_merge_requests_settings_spec.rb
+++ b/spec/features/projects/settings/user_manages_merge_requests_settings_spec.rb
@@ -94,7 +94,7 @@ describe 'Projects > Settings > User manages merge request settings' do
     it 'when unchecked sets :printing_merge_request_link_enabled to false' do
       uncheck('project_printing_merge_request_link_enabled')
       within('.merge-request-settings-form') do
-        find('.qa-save-merge-request-changes')
+        find('.rspec-save-merge-request-changes')
         click_on('Save changes')
       end
 
-- 
cgit v1.2.1


From 533d53bf90c39d728a07b42027daca1e993b2a78 Mon Sep 17 00:00:00 2001
From: Tanya Pazitny <tpazitny@gitlab.com>
Date: Fri, 26 Jul 2019 14:59:27 -0700
Subject: Change qa-* class references to rspec-*

---
 app/views/projects/edit.html.haml | 2 +-
 spec/features/projects_spec.rb    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/views/projects/edit.html.haml b/app/views/projects/edit.html.haml
index 3403564992e..cd7ecc7e14a 100644
--- a/app/views/projects/edit.html.haml
+++ b/app/views/projects/edit.html.haml
@@ -23,7 +23,7 @@
       .js-project-permissions-form
       = f.submit _('Save changes'), class: "btn btn-success"
 
-%section.qa-merge-request-settings.settings.merge-requests-feature.no-animate#js-merge-request-settings{ class: [('expanded' if expanded), ('hidden' if @project.project_feature.send(:merge_requests_access_level) == 0)] }
+%section.qa-merge-request-settings.rspec-merge-request-settings.settings.merge-requests-feature.no-animate#js-merge-request-settings{ class: [('expanded' if expanded), ('hidden' if @project.project_feature.send(:merge_requests_access_level) == 0)] }
   .settings-header
     %h4.settings-title.js-settings-toggle.js-settings-toggle-trigger-only= _('Merge requests')
     %button.btn.btn-default.js-settings-toggle{ type: 'button' }= expanded ? _('Collapse') : _('Expand')
diff --git a/spec/features/projects_spec.rb b/spec/features/projects_spec.rb
index d1e2d17e9cc..67ae26d8d1e 100644
--- a/spec/features/projects_spec.rb
+++ b/spec/features/projects_spec.rb
@@ -387,7 +387,7 @@ describe 'Project' do
     end
 
     it_behaves_like 'dirty submit form', [{ form: '.js-general-settings-form', input: 'input[name="project[name]"]' },
-                                          { form: '.qa-merge-request-settings', input: '#project_printing_merge_request_link_enabled' }]
+                                          { form: '.rspec-merge-request-settings', input: '#project_printing_merge_request_link_enabled' }]
   end
 
   def remove_with_confirm(button_text, confirm_with)
-- 
cgit v1.2.1


From d0236453de8614c60f2f64a237966cad2f242f7e Mon Sep 17 00:00:00 2001
From: Tanya Pazitny <tpazitny@gitlab.com>
Date: Fri, 26 Jul 2019 15:02:29 -0700
Subject: Change qa-* class references to rspec-*

---
 app/views/shared/form_elements/_description.html.haml | 2 +-
 spec/features/issues/user_creates_issue_spec.rb       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/views/shared/form_elements/_description.html.haml b/app/views/shared/form_elements/_description.html.haml
index b11cb8a3076..be78fd0ccfb 100644
--- a/app/views/shared/form_elements/_description.html.haml
+++ b/app/views/shared/form_elements/_description.html.haml
@@ -15,7 +15,7 @@
 
     = render layout: 'projects/md_preview', locals: { url: preview_url, referenced_users: true } do
       = render 'projects/zen', f: form, attr: :description,
-                               classes: 'note-textarea qa-issuable-form-description',
+                               classes: 'note-textarea qa-issuable-form-description rspec-issuable-form-description',
                                placeholder: "Write a comment or drag your files here…",
                                supports_quick_actions: supports_quick_actions
       = render 'shared/notes/hints', supports_quick_actions: supports_quick_actions
diff --git a/spec/features/issues/user_creates_issue_spec.rb b/spec/features/issues/user_creates_issue_spec.rb
index 2789d574156..a71395c0e47 100644
--- a/spec/features/issues/user_creates_issue_spec.rb
+++ b/spec/features/issues/user_creates_issue_spec.rb
@@ -28,7 +28,7 @@ describe "User creates issue" do
 
       fill_in("Title", with: issue_title)
       first('.js-md').click
-      first('.qa-issuable-form-description').native.send_keys('Description')
+      first('.rspec-issuable-form-description').native.send_keys('Description')
 
       click_button("Submit issue")
 
-- 
cgit v1.2.1


From 8bc24d10a79d4cf03f7fcb5163ae6026e0d9f12a Mon Sep 17 00:00:00 2001
From: Osnat Vider <ovider@gitlab.com>
Date: Fri, 26 Jul 2019 22:18:56 +0000
Subject: Update ruby version in readme file to match .ruby-version

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 51dc87ac653..73bfcc988cc 100644
--- a/README.md
+++ b/README.md
@@ -81,7 +81,7 @@ Instructions on how to start GitLab and how to run the tests can be found in the
 GitLab is a Ruby on Rails application that runs on the following software:
 
 - Ubuntu/Debian/CentOS/RHEL/OpenSUSE
-- Ruby (MRI) 2.4
+- Ruby (MRI) 2.6.3
 - Git 2.8.4+
 - Redis 2.8+
 - PostgreSQL (preferred) or MySQL
-- 
cgit v1.2.1


From f73ad3137762d221d12219c3fbca6a464245b8c6 Mon Sep 17 00:00:00 2001
From: Ben Bodenmiller <bbodenmiller@hotmail.com>
Date: Sat, 27 Jul 2019 00:28:19 +0000
Subject: Add requesting particular OAuth2 scopes details

---
 doc/api/oauth2.md | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/doc/api/oauth2.md b/doc/api/oauth2.md
index 76e3a0fa1a4..f9382361187 100644
--- a/doc/api/oauth2.md
+++ b/doc/api/oauth2.md
@@ -50,11 +50,14 @@ The web application flow is:
    `/oauth/authorize` endpoint with the following GET parameters:
 
    ```
-   https://gitlab.example.com/oauth/authorize?client_id=APP_ID&redirect_uri=REDIRECT_URI&response_type=code&state=YOUR_UNIQUE_STATE_HASH
+   https://gitlab.example.com/oauth/authorize?client_id=APP_ID&redirect_uri=REDIRECT_URI&response_type=code&state=YOUR_UNIQUE_STATE_HASH&scope=REQUESTED_SCOPES
    ```
 
-   This will ask the user to approve the applications access to their account and
-   then redirect back to the `REDIRECT_URI` you provided. The redirect will
+   This will ask the user to approve the applications access to their account
+   based on the scopes specified in `REQUESTED_SCOPES` and then redirect back to
+   the `REDIRECT_URI` you provided. The [scope parameter](https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes#requesting-particular-scopes)
+   is a space separated list of scopes you want to have access to (e.g. `scope=read_user+profile`
+   would request `read_user` and `profile` scopes). The redirect will
    include the GET `code` parameter, for example:
 
    ```
@@ -110,11 +113,14 @@ To request the access token, you should redirect the user to the
 `/oauth/authorize` endpoint using `token` response type:
 
 ```
-https://gitlab.example.com/oauth/authorize?client_id=APP_ID&redirect_uri=REDIRECT_URI&response_type=token&state=YOUR_UNIQUE_STATE_HASH
+https://gitlab.example.com/oauth/authorize?client_id=APP_ID&redirect_uri=REDIRECT_URI&response_type=token&state=YOUR_UNIQUE_STATE_HASH&scope=REQUESTED_SCOPES
 ```
 
-This will ask the user to approve the application's access to their account and
-then redirect them back to the `REDIRECT_URI` you provided. The redirect
+This will ask the user to approve the applications access to their account
+based on the scopes specified in `REQUESTED_SCOPES` and then redirect back to
+the `REDIRECT_URI` you provided. The [scope parameter](https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes#requesting-particular-scopes)
+   is a space separated list of scopes you want to have access to (e.g. `scope=read_user+profile`
+would request `read_user` and `profile` scopes). The redirect
 will include a fragment with `access_token` as well as token details in GET
 parameters, for example:
 
-- 
cgit v1.2.1


From 972573e35183c50de37ce7eec1346f20a23bfca1 Mon Sep 17 00:00:00 2001
From: Tomislav Nikic <tnikic@gitlab.com>
Date: Sat, 27 Jul 2019 04:23:34 +0000
Subject: Adding changes to CE from EE

All the changes done to files that are also inside CE and need to be
ported.
---
 .../javascripts/diffs/components/diff_discussion_reply.vue   |  1 -
 app/assets/javascripts/diffs/components/diff_file_header.vue |  1 +
 .../javascripts/notes/components/discussion_actions.vue      |  2 +-
 app/assets/javascripts/notes/components/note_form.vue        |  8 ++++++--
 app/views/projects/merge_requests/show.html.haml             |  2 +-
 qa/qa/page/component/note.rb                                 | 12 ++++++++++--
 6 files changed, 19 insertions(+), 7 deletions(-)

diff --git a/app/assets/javascripts/diffs/components/diff_discussion_reply.vue b/app/assets/javascripts/diffs/components/diff_discussion_reply.vue
index 2aa5e9b3339..531ebaddacd 100644
--- a/app/assets/javascripts/diffs/components/diff_discussion_reply.vue
+++ b/app/assets/javascripts/diffs/components/diff_discussion_reply.vue
@@ -44,7 +44,6 @@ export default {
           class="d-none d-sm-block"
         />
         <reply-placeholder
-          class="qa-discussion-reply"
           :button-text="__('Start a new discussion...')"
           @onClick="$emit('showNewDiscussionForm')"
         />
diff --git a/app/assets/javascripts/diffs/components/diff_file_header.vue b/app/assets/javascripts/diffs/components/diff_file_header.vue
index 4b226e30699..32fbeaaa905 100644
--- a/app/assets/javascripts/diffs/components/diff_file_header.vue
+++ b/app/assets/javascripts/diffs/components/diff_file_header.vue
@@ -263,6 +263,7 @@ export default {
               :disabled="!diffHasDiscussions(diffFile)"
               :class="{ active: hasExpandedDiscussions }"
               class="js-btn-vue-toggle-comments btn"
+              data-qa-selector="toggle_comments_button"
               type="button"
               @click="handleToggleDiscussions"
             >
diff --git a/app/assets/javascripts/notes/components/discussion_actions.vue b/app/assets/javascripts/notes/components/discussion_actions.vue
index 7aa8580d794..edab750b572 100644
--- a/app/assets/javascripts/notes/components/discussion_actions.vue
+++ b/app/assets/javascripts/notes/components/discussion_actions.vue
@@ -41,8 +41,8 @@ export default {
 <template>
   <div class="discussion-with-resolve-btn clearfix">
     <reply-placeholder
+      data-qa-selector="discussion_reply_tab"
       :button-text="s__('MergeRequests|Reply...')"
-      class="qa-discussion-reply"
       @onClick="$emit('showReplyForm')"
     />
 
diff --git a/app/assets/javascripts/notes/components/note_form.vue b/app/assets/javascripts/notes/components/note_form.vue
index 3823861c0b9..222badf70d1 100644
--- a/app/assets/javascripts/notes/components/note_form.vue
+++ b/app/assets/javascripts/notes/components/note_form.vue
@@ -293,12 +293,16 @@ export default {
                 <input
                   v-model="isUnresolving"
                   type="checkbox"
-                  class="qa-unresolve-review-discussion"
+                  data-qa-selector="unresolve_review_discussion_checkbox"
                 />
                 {{ __('Unresolve thread') }}
               </template>
               <template v-else>
-                <input v-model="isResolving" type="checkbox" class="qa-resolve-review-discussion" />
+                <input
+                  v-model="isResolving"
+                  type="checkbox"
+                  data-qa-selector="resolve_review_discussion_checkbox"
+                />
                 {{ __('Resolve thread') }}
               </template>
             </label>
diff --git a/app/views/projects/merge_requests/show.html.haml b/app/views/projects/merge_requests/show.html.haml
index 2084ca6f905..2c5c5141bf0 100644
--- a/app/views/projects/merge_requests/show.html.haml
+++ b/app/views/projects/merge_requests/show.html.haml
@@ -32,7 +32,7 @@
     .merge-request-tabs-holder{ class: ("js-tabs-affix" unless ENV['RAILS_ENV'] == 'test') }
       .merge-request-tabs-container
         %ul.merge-request-tabs.nav-tabs.nav.nav-links
-          %li.notes-tab.qa-notes-tab
+          %li.notes-tab{ data: { qa_selector: 'notes_tab'} }
             = tab_link_for @merge_request, :show, force_link: @commit.present? do
               = _("Discussion")
               %span.badge.badge-pill= @merge_request.related_notes.user.count
diff --git a/qa/qa/page/component/note.rb b/qa/qa/page/component/note.rb
index fe324574f4d..34fde045091 100644
--- a/qa/qa/page/component/note.rb
+++ b/qa/qa/page/component/note.rb
@@ -20,13 +20,17 @@ module QA
           end
 
           base.view 'app/assets/javascripts/notes/components/discussion_actions.vue' do
-            element :discussion_reply
+            element :discussion_reply_tab
           end
 
           base.view 'app/assets/javascripts/notes/components/toggle_replies_widget.vue' do
             element :expand_replies
             element :collapse_replies
           end
+
+          base.view 'app/assets/javascripts/diffs/components/diff_file_header.vue' do
+            element :toggle_comments_button
+          end
         end
 
         def start_discussion(text)
@@ -36,8 +40,12 @@ module QA
           click_element :comment_button
         end
 
+        def toggle_comments
+          all_elements(:toggle_comments_button).last.click
+        end
+
         def type_reply_to_discussion(reply_text)
-          all_elements(:discussion_reply).last.click
+          all_elements(:discussion_reply_tab).last.click
           fill_element :reply_input, reply_text
         end
 
-- 
cgit v1.2.1


From c41788fe54fecf113a31b1aa3238ea22ac1947d5 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Sat, 27 Jul 2019 04:28:56 +0000
Subject: Revert "Merge branch '52123-issuable-actions-notesfinder-pderichs'
 into 'master'"

This reverts merge request !29733
---
 app/controllers/concerns/issuable_actions.rb       | 22 +++----
 app/finders/notes_finder.rb                        | 38 ++++--------
 spec/controllers/concerns/issuable_actions_spec.rb | 69 ----------------------
 .../controllers/projects/issues_controller_spec.rb | 22 -------
 .../projects/merge_requests_controller_spec.rb     | 16 -----
 spec/finders/notes_finder_spec.rb                  | 31 +++-------
 spec/fixtures/api/schemas/entities/discussion.json | 67 ---------------------
 .../fixtures/api/schemas/entities/discussions.json |  4 --
 .../discussions_provider_shared_examples.rb        | 15 -----
 9 files changed, 24 insertions(+), 260 deletions(-)
 delete mode 100644 spec/controllers/concerns/issuable_actions_spec.rb
 delete mode 100644 spec/fixtures/api/schemas/entities/discussion.json
 delete mode 100644 spec/fixtures/api/schemas/entities/discussions.json
 delete mode 100644 spec/support/shared_examples/discussions_provider_shared_examples.rb

diff --git a/app/controllers/concerns/issuable_actions.rb b/app/controllers/concerns/issuable_actions.rb
index 94d1e8248fc..6fa2f75be33 100644
--- a/app/controllers/concerns/issuable_actions.rb
+++ b/app/controllers/concerns/issuable_actions.rb
@@ -98,12 +98,13 @@ module IssuableActions
     render json: { notice: "#{quantity} #{resource_name.pluralize(quantity)} updated" }
   end
 
-  # rubocop:disable CodeReuse/ActiveRecord
+  # rubocop: disable CodeReuse/ActiveRecord
   def discussions
-    notes = NotesFinder.new(project, current_user, finder_params_for_issuable).execute
-                .inc_relations_for_view
-                .includes(:noteable)
-                .fresh
+    notes = issuable.discussion_notes
+      .inc_relations_for_view
+      .with_notes_filter(notes_filter)
+      .includes(:noteable)
+      .fresh
 
     if notes_filter != UserPreference::NOTES_FILTERS[:only_comments]
       notes = ResourceEvents::MergeIntoNotesService.new(issuable, current_user).execute(notes)
@@ -116,7 +117,7 @@ module IssuableActions
 
     render json: discussion_serializer.represent(discussions, context: self)
   end
-  # rubocop:enable CodeReuse/ActiveRecord
+  # rubocop: enable CodeReuse/ActiveRecord
 
   private
 
@@ -221,13 +222,4 @@ module IssuableActions
   def parent
     @project || @group # rubocop:disable Gitlab/ModuleWithInstanceVariables
   end
-
-  # rubocop:disable Gitlab/ModuleWithInstanceVariables
-  def finder_params_for_issuable
-    {
-        target: @issuable,
-        notes_filter: notes_filter
-    }
-  end
-  # rubocop:enable Gitlab/ModuleWithInstanceVariables
 end
diff --git a/app/finders/notes_finder.rb b/app/finders/notes_finder.rb
index c25600221d7..8f610d7dddb 100644
--- a/app/finders/notes_finder.rb
+++ b/app/finders/notes_finder.rb
@@ -3,8 +3,6 @@
 class NotesFinder
   FETCH_OVERLAP = 5.seconds
 
-  attr_reader :target_type
-
   # Used to filter Notes
   # When used with target_type and target_id this returns notes specifically for the controller
   #
@@ -12,7 +10,6 @@ class NotesFinder
   #   current_user - which user check authorizations with
   #   project - which project to look for notes on
   #   params:
-  #     target: noteable
   #     target_type: string
   #     target_id: integer
   #     last_fetched_at: time
@@ -21,8 +18,7 @@ class NotesFinder
   def initialize(project, current_user, params = {})
     @project = project
     @current_user = current_user
-    @params = params.dup
-    @target_type = @params[:target_type]
+    @params = params
   end
 
   def execute
@@ -36,27 +32,7 @@ class NotesFinder
   def target
     return @target if defined?(@target)
 
-    if target_given?
-      use_explicit_target
-    else
-      find_target_by_type_and_ids
-    end
-  end
-
-  private
-
-  def target_given?
-    @params.key?(:target)
-  end
-
-  def use_explicit_target
-    @target = @params[:target]
-    @target_type = @target.class.name.underscore
-
-    @target
-  end
-
-  def find_target_by_type_and_ids
+    target_type = @params[:target_type]
     target_id   = @params[:target_id]
     target_iid  = @params[:target_iid]
 
@@ -69,11 +45,13 @@ class NotesFinder
           @project.commit(target_id)
         end
       else
-        noteable_for_type_by_id(target_type, target_id, target_iid)
+        noteables_for_type_by_id(target_type, target_id, target_iid)
       end
   end
 
-  def noteable_for_type_by_id(type, id, iid)
+  private
+
+  def noteables_for_type_by_id(type, id, iid)
     query = if id
               { id: id }
             else
@@ -99,6 +77,10 @@ class NotesFinder
     search(notes)
   end
 
+  def target_type
+    @params[:target_type]
+  end
+
   # rubocop: disable CodeReuse/ActiveRecord
   def notes_of_any_type
     types = %w(commit issue merge_request snippet)
diff --git a/spec/controllers/concerns/issuable_actions_spec.rb b/spec/controllers/concerns/issuable_actions_spec.rb
deleted file mode 100644
index 3281fd4a2ef..00000000000
--- a/spec/controllers/concerns/issuable_actions_spec.rb
+++ /dev/null
@@ -1,69 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe IssuableActions do
-  let(:project) { double('project') }
-  let(:user) { double('user') }
-  let(:issuable) { double('issuable') }
-  let(:finder_params_for_issuable) { {} }
-  let(:notes_result) { double('notes_result') }
-  let(:discussion_serializer) { double('discussion_serializer') }
-
-  let(:controller) do
-    klass = Class.new do
-      attr_reader :current_user, :project, :issuable
-
-      def self.before_action(action, params = nil)
-      end
-
-      include IssuableActions
-
-      def initialize(issuable, project, user, finder_params)
-        @issuable = issuable
-        @project = project
-        @current_user = user
-        @finder_params = finder_params
-      end
-
-      def finder_params_for_issuable
-        @finder_params
-      end
-
-      def params
-        {
-          notes_filter: 1
-        }
-      end
-
-      def prepare_notes_for_rendering(notes)
-        []
-      end
-
-      def render(options)
-      end
-    end
-
-    klass.new(issuable, project, user, finder_params_for_issuable)
-  end
-
-  describe '#discussions' do
-    before do
-      allow(user).to receive(:set_notes_filter)
-      allow(user).to receive(:user_preference)
-      allow(discussion_serializer).to receive(:represent)
-    end
-
-    it 'instantiates and calls NotesFinder as expected' do
-      expect(Discussion).to receive(:build_collection).and_return([])
-      expect(DiscussionSerializer).to receive(:new).and_return(discussion_serializer)
-      expect(NotesFinder).to receive(:new).with(project, user, finder_params_for_issuable).and_call_original
-
-      expect_any_instance_of(NotesFinder).to receive(:execute).and_return(notes_result)
-
-      expect(notes_result).to receive_messages(inc_relations_for_view: notes_result, includes: notes_result, fresh: notes_result)
-
-      controller.discussions
-    end
-  end
-end
diff --git a/spec/controllers/projects/issues_controller_spec.rb b/spec/controllers/projects/issues_controller_spec.rb
index 0f885d776e1..32d14dce936 100644
--- a/spec/controllers/projects/issues_controller_spec.rb
+++ b/spec/controllers/projects/issues_controller_spec.rb
@@ -1260,28 +1260,6 @@ describe Projects::IssuesController do
         sign_in(user)
       end
 
-      context do
-        it_behaves_like 'discussions provider' do
-          let!(:author) { create(:user) }
-          let!(:project) { create(:project) }
-
-          let!(:issue) { create(:issue, project: project, author: user) }
-
-          let!(:note_on_issue1) { create(:discussion_note_on_issue, noteable: issue, project: issue.project, author: create(:user)) }
-          let!(:note_on_issue2) { create(:discussion_note_on_issue, noteable: issue, project: issue.project, author: create(:user)) }
-
-          let(:requested_iid) { issue.iid }
-          let(:expected_discussion_count) { 3 }
-          let(:expected_discussion_ids) do
-            [
-              issue.notes.first.discussion_id,
-              note_on_issue1.discussion_id,
-              note_on_issue2.discussion_id
-            ]
-          end
-        end
-      end
-
       it 'returns discussion json' do
         get :discussions, params: { namespace_id: project.namespace, project_id: project, id: issue.iid }
 
diff --git a/spec/controllers/projects/merge_requests_controller_spec.rb b/spec/controllers/projects/merge_requests_controller_spec.rb
index 9aa5f1ade8d..fa71d9b61b1 100644
--- a/spec/controllers/projects/merge_requests_controller_spec.rb
+++ b/spec/controllers/projects/merge_requests_controller_spec.rb
@@ -1120,22 +1120,6 @@ describe Projects::MergeRequestsController do
         end
       end
     end
-
-    context do
-      it_behaves_like 'discussions provider' do
-        let!(:author) { create(:user) }
-        let!(:project) { create(:project) }
-
-        let!(:merge_request) { create(:merge_request, source_project: project) }
-
-        let!(:mr_note1) { create(:discussion_note_on_merge_request, noteable: merge_request, project: project) }
-        let!(:mr_note2) { create(:discussion_note_on_merge_request, noteable: merge_request, project: project) }
-
-        let(:requested_iid) { merge_request.iid }
-        let(:expected_discussion_count) { 2 }
-        let(:expected_discussion_ids) { [mr_note1.discussion_id, mr_note2.discussion_id] }
-      end
-    end
   end
 
   describe 'GET edit' do
diff --git a/spec/finders/notes_finder_spec.rb b/spec/finders/notes_finder_spec.rb
index 677fde0d8ce..87bde4ca2f6 100644
--- a/spec/finders/notes_finder_spec.rb
+++ b/spec/finders/notes_finder_spec.rb
@@ -118,11 +118,16 @@ describe NotesFinder do
 
     context 'for target' do
       let(:project) { create(:project, :repository) }
-      let!(:note1) { create :note_on_commit, project: project }
-      let!(:note2) { create :note_on_commit, project: project }
+      let(:note1) { create :note_on_commit, project: project }
+      let(:note2) { create :note_on_commit, project: project }
       let(:commit) { note1.noteable }
       let(:params) { { target_id: commit.id, target_type: 'commit', last_fetched_at: 1.hour.ago.to_i } }
 
+      before do
+        note1
+        note2
+      end
+
       it 'finds all notes' do
         notes = described_class.new(project, user, params).execute
         expect(notes.size).to eq(2)
@@ -189,28 +194,6 @@ describe NotesFinder do
         end
       end
     end
-
-    context 'for explicit target' do
-      let(:project) { create(:project, :repository) }
-      let!(:note1) { create :note_on_commit, project: project, created_at: 1.day.ago, updated_at: 2.hours.ago }
-      let!(:note2) { create :note_on_commit, project: project }
-      let(:commit) { note1.noteable }
-      let(:params) { { target: commit } }
-
-      it 'returns the expected notes' do
-        expect(described_class.new(project, user, params).execute).to eq([note1, note2])
-      end
-
-      it 'returns the expected notes when last_fetched_at is given' do
-        params = { target: commit, last_fetched_at: 1.hour.ago.to_i }
-        expect(described_class.new(project, user, params).execute).to eq([note2])
-      end
-
-      it 'fails when nil is provided' do
-        params = { target: nil }
-        expect { described_class.new(project, user, params).execute }.to raise_error(RuntimeError)
-      end
-    end
   end
 
   describe '.search' do
diff --git a/spec/fixtures/api/schemas/entities/discussion.json b/spec/fixtures/api/schemas/entities/discussion.json
deleted file mode 100644
index bcc1db79e83..00000000000
--- a/spec/fixtures/api/schemas/entities/discussion.json
+++ /dev/null
@@ -1,67 +0,0 @@
-{
-  "type": "object",
-  "required" : [
-    "id",
-    "notes",
-    "individual_note"
-  ],
-  "properties" : {
-    "id": { "type": "string" },
-    "individual_note": { "type": "boolean" },
-    "notes": {
-      "type": "array",
-      "items": {
-        "type": "object",
-        "properties" : {
-          "id": { "type": "string" },
-          "type": { "type": ["string", "null"] },
-          "body": { "type": "string" },
-          "attachment": { "type": ["string", "null"]},
-          "award_emoji": { "type": "array" },
-          "author": {
-            "type": "object",
-            "properties": {
-              "name": { "type": "string" },
-              "username": { "type": "string" },
-              "id": { "type": "integer" },
-              "state": { "type": "string" },
-              "avatar_url": { "type": "uri" },
-              "web_url": { "type": "uri" },
-              "status_tooltip_html": { "type": ["string", "null"] },
-              "path": { "type": "string" }
-            },
-            "additionalProperties": false
-          },
-          "created_at": { "type": "date" },
-          "updated_at": { "type": "date" },
-          "system": { "type": "boolean" },
-          "noteable_id": { "type": "integer" },
-          "noteable_iid": { "type": "integer" },
-          "noteable_type": { "type": "string" },
-          "resolved": { "type": "boolean" },
-          "resolvable": { "type": "boolean" },
-          "resolved_by": { "type": ["string", "null"] },
-          "note": { "type": "string" },
-          "note_html": { "type": "string"  },
-          "current_user": { "type": "object" },
-          "suggestions": { "type": "array" },
-          "discussion_id": { "type": "string" },
-          "emoji_awardable": { "type": "boolean" },
-          "report_abuse_path": { "type": "string" },
-          "noteable_note_url": { "type": "string" },
-          "resolve_path": { "type": "string" },
-          "resolve_with_issue_path": { "type": "string" },
-          "cached_markdown_version": { "type": "integer" },
-          "human_access": { "type": ["string", "null"] },
-          "toggle_award_path": { "type": "string" },
-          "path": { "type": "string" }
-        },
-        "required": [
-          "id", "attachment", "author", "created_at", "updated_at",
-          "system", "noteable_id", "noteable_type"
-        ],
-        "additionalProperties": false
-      }
-    }
-  }
-}
diff --git a/spec/fixtures/api/schemas/entities/discussions.json b/spec/fixtures/api/schemas/entities/discussions.json
deleted file mode 100644
index 5a837429776..00000000000
--- a/spec/fixtures/api/schemas/entities/discussions.json
+++ /dev/null
@@ -1,4 +0,0 @@
-{
-  "type": "array",
-  "items": { "$ref": "discussion.json" }
-}
diff --git a/spec/support/shared_examples/discussions_provider_shared_examples.rb b/spec/support/shared_examples/discussions_provider_shared_examples.rb
deleted file mode 100644
index 77cf1ac3f51..00000000000
--- a/spec/support/shared_examples/discussions_provider_shared_examples.rb
+++ /dev/null
@@ -1,15 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-shared_examples 'discussions provider' do
-  it 'returns the expected discussions' do
-    get :discussions, params: { namespace_id: project.namespace, project_id: project, id: requested_iid }
-
-    expect(response).to have_gitlab_http_status(200)
-    expect(response).to match_response_schema('entities/discussions')
-
-    expect(json_response.size).to eq(expected_discussion_count)
-    expect(json_response.pluck('id')).to eq(expected_discussion_ids)
-  end
-end
-- 
cgit v1.2.1


From 3e18a4154a888467c09f04203885015be86d2843 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Fri, 26 Jul 2019 22:10:47 -0700
Subject: Update Rugged to 0.28.2

This is a bug fix release:
https://github.com/libgit2/libgit2/releases
---
 Gemfile.lock | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 7e26c5bbc45..91a9ad1ba28 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -853,7 +853,7 @@ GEM
     rubyntlm (0.6.2)
     rubypants (0.2.0)
     rubyzip (1.2.2)
-    rugged (0.28.1)
+    rugged (0.28.2)
     safe_yaml (1.0.4)
     sanitize (4.6.6)
       crass (~> 1.0.2)
-- 
cgit v1.2.1


From cb3290a1a3deed5db6a5361ef3963a5eb83ef2aa Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Sat, 27 Jul 2019 22:53:24 -0700
Subject: Make pdf.js render CJK characters

As mentioned in
https://github.com/wojtekmaj/react-pdf/blob/master/README.md,
pdf.js needs the bundled cMaps files to work.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/62152
---
 app/assets/javascripts/pdf/index.vue             |   6 +-
 changelogs/unreleased/sh-add-cmaps-for-pdfjs.yml |   5 +
 config/webpack.config.js                         |   8 ++
 package.json                                     |   1 +
 yarn.lock                                        | 134 +++++++++++++++--------
 5 files changed, 107 insertions(+), 47 deletions(-)
 create mode 100644 changelogs/unreleased/sh-add-cmaps-for-pdfjs.yml

diff --git a/app/assets/javascripts/pdf/index.vue b/app/assets/javascripts/pdf/index.vue
index 6d39abd4a1f..75feeb1ba04 100644
--- a/app/assets/javascripts/pdf/index.vue
+++ b/app/assets/javascripts/pdf/index.vue
@@ -35,7 +35,11 @@ export default {
     load() {
       this.pages = [];
       return pdfjsLib
-        .getDocument(this.document)
+        .getDocument({
+          url: this.document,
+          cMapUrl: '/assets/webpack/cmaps/',
+          cMapPacked: true,
+        })
         .then(this.renderPages)
         .then(() => this.$emit('pdflabload'))
         .catch(error => this.$emit('pdflaberror', error))
diff --git a/changelogs/unreleased/sh-add-cmaps-for-pdfjs.yml b/changelogs/unreleased/sh-add-cmaps-for-pdfjs.yml
new file mode 100644
index 00000000000..f4686484e33
--- /dev/null
+++ b/changelogs/unreleased/sh-add-cmaps-for-pdfjs.yml
@@ -0,0 +1,5 @@
+---
+title: Make pdf.js render CJK characters
+merge_request: 31220
+author:
+type: fixed
diff --git a/config/webpack.config.js b/config/webpack.config.js
index cd793743eb7..4b6a9e4b99e 100644
--- a/config/webpack.config.js
+++ b/config/webpack.config.js
@@ -6,6 +6,7 @@ const StatsWriterPlugin = require('webpack-stats-plugin').StatsWriterPlugin;
 const CompressionPlugin = require('compression-webpack-plugin');
 const MonacoWebpackPlugin = require('monaco-editor-webpack-plugin');
 const BundleAnalyzerPlugin = require('webpack-bundle-analyzer').BundleAnalyzerPlugin;
+const CopyWebpackPlugin = require('copy-webpack-plugin');
 
 const ROOT_PATH = path.resolve(__dirname, '..');
 const CACHE_PATH = process.env.WEBPACK_CACHE_PATH || path.join(ROOT_PATH, 'tmp/cache');
@@ -278,6 +279,13 @@ module.exports = {
       }
     }),
 
+    new CopyWebpackPlugin([
+      {
+        from: path.join(ROOT_PATH, 'node_modules/pdfjs-dist/cmaps/'),
+        to: path.join(ROOT_PATH, 'public/assets/webpack/cmaps/'),
+      },
+    ]),
+
     // compression can require a lot of compute time and is disabled in CI
     IS_PRODUCTION && !NO_COMPRESSION && new CompressionPlugin(),
 
diff --git a/package.json b/package.json
index 773918524f9..dfa8e8fe4d7 100644
--- a/package.json
+++ b/package.json
@@ -56,6 +56,7 @@
     "clipboard": "^1.7.1",
     "codesandbox-api": "^0.0.20",
     "compression-webpack-plugin": "^2.0.0",
+    "copy-webpack-plugin": "^5.0.4",
     "core-js": "^3.1.3",
     "cropper": "^2.3.0",
     "css-loader": "^1.0.0",
diff --git a/yarn.lock b/yarn.lock
index 7095ff706c2..d0e43363977 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -2180,10 +2180,10 @@ bfj@^6.1.1:
     hoopy "^0.1.2"
     tryer "^1.0.0"
 
-big.js@^3.1.3:
-  version "3.2.0"
-  resolved "https://registry.yarnpkg.com/big.js/-/big.js-3.2.0.tgz#a5fc298b81b9e0dca2e458824784b65c52ba588e"
-  integrity sha512-+hN/Zh2D08Mx65pZ/4g5bsmNiZUuChDiQfTUQ7qJr4/kuopCr88xZsAXv6mBoZEsUI4OuGHlX59qE94K2mMW8Q==
+big.js@^5.2.2:
+  version "5.2.2"
+  resolved "https://registry.yarnpkg.com/big.js/-/big.js-5.2.2.tgz#65f0af382f578bcdc742bd9c281e9cb2d7768328"
+  integrity sha512-vyL2OymJxmarO8gxMr0mhChsO9QGwhynfuu4+MHTAW6czfq9humCB7rKpUjDd9YUiDPU4mzpyupFSvOClAwbmQ==
 
 binary-extensions@^1.0.0:
   version "1.11.0"
@@ -2207,10 +2207,10 @@ block-stream@*:
   dependencies:
     inherits "~2.0.0"
 
-bluebird@^3.1.1, bluebird@^3.3.0, bluebird@^3.5.1, bluebird@^3.5.3, bluebird@~3.5.0:
-  version "3.5.3"
-  resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.5.3.tgz#7d01c6f9616c9a51ab0f8c549a79dfe6ec33efa7"
-  integrity sha512-/qKPUQlaW1OyR51WeCPBvRnAlnZFUJkCSG5HzGnuIqhgyJtF+T94lFnn33eiazjRm2LAHVy2guNnaq48X9SJuw==
+bluebird@^3.1.1, bluebird@^3.3.0, bluebird@^3.5.1, bluebird@^3.5.5, bluebird@~3.5.0:
+  version "3.5.5"
+  resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.5.5.tgz#a8d0afd73251effbbd5fe384a77d73003c17a71f"
+  integrity sha512-5am6HnnfN+urzt4yfg7IgTbotDjIT/u8AJpEt0sIU9FtXfVeezXAPKswrG+xKUCOYAINpSdgZVDU6QFh+cuH3w==
 
 bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.1.1, bn.js@^4.4.0:
   version "4.11.8"
@@ -2469,22 +2469,22 @@ bytes@3.0.0:
   resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.0.0.tgz#d32815404d689699f85a4ea4fa8755dd13a96048"
   integrity sha1-0ygVQE1olpn4Wk6k+odV3ROpYEg=
 
-cacache@^11.0.2, cacache@^11.2.0:
-  version "11.3.2"
-  resolved "https://registry.yarnpkg.com/cacache/-/cacache-11.3.2.tgz#2d81e308e3d258ca38125b676b98b2ac9ce69bfa"
-  integrity sha512-E0zP4EPGDOaT2chM08Als91eYnf8Z+eH1awwwVsngUmgppfM5jjJ8l3z5vO5p5w/I3LsiXawb1sW0VY65pQABg==
+cacache@^11.0.2, cacache@^11.2.0, cacache@^11.3.3:
+  version "11.3.3"
+  resolved "https://registry.yarnpkg.com/cacache/-/cacache-11.3.3.tgz#8bd29df8c6a718a6ebd2d010da4d7972ae3bbadc"
+  integrity sha512-p8WcneCytvzPxhDvYp31PD039vi77I12W+/KfR9S8AZbaiARFBCpsPJS+9uhWfeBfeAtW7o/4vt3MUqLkbY6nA==
   dependencies:
-    bluebird "^3.5.3"
+    bluebird "^3.5.5"
     chownr "^1.1.1"
     figgy-pudding "^3.5.1"
-    glob "^7.1.3"
+    glob "^7.1.4"
     graceful-fs "^4.1.15"
     lru-cache "^5.1.1"
     mississippi "^3.0.0"
     mkdirp "^0.5.1"
     move-concurrently "^1.0.1"
     promise-inflight "^1.0.1"
-    rimraf "^2.6.2"
+    rimraf "^2.6.3"
     ssri "^6.0.1"
     unique-filename "^1.1.1"
     y18n "^4.0.0"
@@ -3204,6 +3204,24 @@ copy-to-clipboard@^3.0.8:
   dependencies:
     toggle-selection "^1.0.3"
 
+copy-webpack-plugin@^5.0.4:
+  version "5.0.4"
+  resolved "https://registry.yarnpkg.com/copy-webpack-plugin/-/copy-webpack-plugin-5.0.4.tgz#c78126f604e24f194c6ec2f43a64e232b5d43655"
+  integrity sha512-YBuYGpSzoCHSSDGyHy6VJ7SHojKp6WHT4D7ItcQFNAYx2hrwkMe56e97xfVR0/ovDuMTrMffXUiltvQljtAGeg==
+  dependencies:
+    cacache "^11.3.3"
+    find-cache-dir "^2.1.0"
+    glob-parent "^3.1.0"
+    globby "^7.1.1"
+    is-glob "^4.0.1"
+    loader-utils "^1.2.3"
+    minimatch "^3.0.4"
+    normalize-path "^3.0.0"
+    p-limit "^2.2.0"
+    schema-utils "^1.0.0"
+    serialize-javascript "^1.7.0"
+    webpack-log "^2.0.0"
+
 core-js-compat@^3.1.1:
   version "3.1.4"
   resolved "https://registry.yarnpkg.com/core-js-compat/-/core-js-compat-3.1.4.tgz#e4d0c40fbd01e65b1d457980fe4112d4358a7408"
@@ -4063,7 +4081,7 @@ diffie-hellman@^5.0.0:
     miller-rabin "^4.0.0"
     randombytes "^2.0.0"
 
-dir-glob@^2.2.2:
+dir-glob@^2.0.0, dir-glob@^2.2.2:
   version "2.2.2"
   resolved "https://registry.yarnpkg.com/dir-glob/-/dir-glob-2.2.2.tgz#fa09f0694153c8918b18ba0deafae94769fc50c4"
   integrity sha512-f9LBi5QWzIW3I6e//uxZoLBlUt9kcp66qo0sSCxL6YZKc75R1c4MFCoe/LaZiBGmgujvQdxc5Bn3QhfyvK5Hsw==
@@ -5164,13 +5182,13 @@ finalhandler@1.1.1:
     statuses "~1.4.0"
     unpipe "~1.0.0"
 
-find-cache-dir@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/find-cache-dir/-/find-cache-dir-2.0.0.tgz#4c1faed59f45184530fb9d7fa123a4d04a98472d"
-  integrity sha512-LDUY6V1Xs5eFskUVYtIwatojt6+9xC9Chnlk/jYOOvn3FAFfSaWddxahDGyNHh0b2dMXa6YW2m0tk8TdVaXHlA==
+find-cache-dir@^2.0.0, find-cache-dir@^2.1.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/find-cache-dir/-/find-cache-dir-2.1.0.tgz#8d0f94cd13fe43c6c7c261a0d86115ca918c05f7"
+  integrity sha512-Tq6PixE0w/VMFfCgbONnkiQIVol/JJL7nRMi20fqzA4NRs9AfeqMGeRdPi3wIhYkxjeBaWh2rxwapn5Tu3IqOQ==
   dependencies:
     commondir "^1.0.1"
-    make-dir "^1.0.0"
+    make-dir "^2.0.0"
     pkg-dir "^3.0.0"
 
 find-root@^1.0.0, find-root@^1.1.0:
@@ -5528,7 +5546,7 @@ glob-to-regexp@^0.4.0:
   resolved "https://registry.yarnpkg.com/glob-to-regexp/-/glob-to-regexp-0.4.1.tgz#c75297087c851b9a578bd217dd59a92f59fe546e"
   integrity sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw==
 
-"glob@5 - 7", glob@^7.0.0, glob@^7.0.3, glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@~7.1.1:
+"glob@5 - 7", glob@^7.0.0, glob@^7.0.3, glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4, glob@~7.1.1:
   version "7.1.4"
   resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.4.tgz#aa608a2f6c577ad357e1ae5a5c26d9a8d1969255"
   integrity sha512-hkLPepehmnKk41pUGm3sYxoFs/umurYfYJCerbXEyFIWcAzvpipAgVkBqqT9RBKMGjnq6kMuyYwha6csxbiM1A==
@@ -5621,6 +5639,18 @@ globby@^6.1.0:
     pify "^2.0.0"
     pinkie-promise "^2.0.0"
 
+globby@^7.1.1:
+  version "7.1.1"
+  resolved "https://registry.yarnpkg.com/globby/-/globby-7.1.1.tgz#fb2ccff9401f8600945dfada97440cca972b8680"
+  integrity sha1-+yzP+UAfhgCUXfral0QMypcrhoA=
+  dependencies:
+    array-union "^1.0.1"
+    dir-glob "^2.0.0"
+    glob "^7.1.2"
+    ignore "^3.3.5"
+    pify "^3.0.0"
+    slash "^1.0.0"
+
 globby@^9.2.0:
   version "9.2.0"
   resolved "https://registry.yarnpkg.com/globby/-/globby-9.2.0.tgz#fd029a706c703d29bdd170f4b6db3a3f7a7cb63d"
@@ -6120,6 +6150,11 @@ ignore-walk@^3.0.1:
   dependencies:
     minimatch "^3.0.4"
 
+ignore@^3.3.5:
+  version "3.3.10"
+  resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.3.10.tgz#0a97fb876986e8081c631160f8f9f389157f0043"
+  integrity sha512-Pgs951kaMm5GXP7MOvxERINe3gsaVjUWFm+UZPSq9xYriQAksyhg0csnS0KXSNRD5NmNdapXEpjxG49+AKh/ug==
+
 ignore@^4.0.3, ignore@^4.0.6:
   version "4.0.6"
   resolved "https://registry.yarnpkg.com/ignore/-/ignore-4.0.6.tgz#750e3db5862087b4737ebac8207ffd1ef27b25fc"
@@ -6482,10 +6517,10 @@ is-glob@^3.1.0:
   dependencies:
     is-extglob "^2.1.0"
 
-is-glob@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-4.0.0.tgz#9521c76845cc2610a85203ddf080a958c2ffabc0"
-  integrity sha1-lSHHaEXMJhCoUgPd8ICpWML/q8A=
+is-glob@^4.0.0, is-glob@^4.0.1:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-4.0.1.tgz#7567dbe9f2f5e2467bc77ab83c4a29482407a5dc"
+  integrity sha512-5G0tKtBTFImOqDnLB2hG6Bp2qcKEFduo4tZu9MT/H6NQv/ghhy30o55ufafxJ/LdH79LLs2Kfrn85TLKyA7BUg==
   dependencies:
     is-extglob "^2.1.1"
 
@@ -7379,10 +7414,12 @@ json5@2.x, json5@^2.1.0:
   dependencies:
     minimist "^1.2.0"
 
-json5@^0.5.0:
-  version "0.5.1"
-  resolved "https://registry.yarnpkg.com/json5/-/json5-0.5.1.tgz#1eade7acc012034ad84e2396767ead9fa5495821"
-  integrity sha1-Hq3nrMASA0rYTiOWdn6tn6VJWCE=
+json5@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/json5/-/json5-1.0.1.tgz#779fb0018604fa854eacbf6252180d83543e3dbe"
+  integrity sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==
+  dependencies:
+    minimist "^1.2.0"
 
 jsonparse@^1.2.0:
   version "1.3.1"
@@ -7682,14 +7719,14 @@ loader-runner@^2.3.0:
   resolved "https://registry.yarnpkg.com/loader-runner/-/loader-runner-2.3.0.tgz#f482aea82d543e07921700d5a46ef26fdac6b8a2"
   integrity sha1-9IKuqC1UPgeSFwDVpG7yb9rGuKI=
 
-loader-utils@^1.0.0, loader-utils@^1.0.2, loader-utils@^1.1.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-1.1.0.tgz#c98aef488bcceda2ffb5e2de646d6a754429f5cd"
-  integrity sha1-yYrvSIvM7aL/teLeZG1qdUQp9c0=
+loader-utils@^1.0.0, loader-utils@^1.0.2, loader-utils@^1.1.0, loader-utils@^1.2.3:
+  version "1.2.3"
+  resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-1.2.3.tgz#1ff5dc6911c9f0a062531a4c04b609406108c2c7"
+  integrity sha512-fkpz8ejdnEMG3s37wGL07iSBDg99O9D5yflE9RGNH3hRdx9SOwYfnGYdZOUIZitN8E+E2vkq3MUMYMvPYl5ZZA==
   dependencies:
-    big.js "^3.1.3"
+    big.js "^5.2.2"
     emojis-list "^2.0.0"
-    json5 "^0.5.0"
+    json5 "^1.0.1"
 
 locate-path@^2.0.0:
   version "2.0.0"
@@ -7862,7 +7899,7 @@ make-dir@^1.0.0, make-dir@^1.3.0:
   dependencies:
     pify "^3.0.0"
 
-make-dir@^2.1.0:
+make-dir@^2.0.0, make-dir@^2.1.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/make-dir/-/make-dir-2.1.0.tgz#5f0310e18b8be898cc07009295a30ae41e91e6f5"
   integrity sha512-LS9X+dc8KLxXCb8dni79fLIIUA5VyZoyjSMCwTluaXA0o27cCK0bhXkpgw+sTXVpPy/lSO57ilRixqk0vDmtRA==
@@ -8956,7 +8993,7 @@ p-limit@^1.1.0:
   dependencies:
     p-try "^1.0.0"
 
-p-limit@^2.0.0:
+p-limit@^2.0.0, p-limit@^2.2.0:
   version "2.2.0"
   resolved "https://registry.yarnpkg.com/p-limit/-/p-limit-2.2.0.tgz#417c9941e6027a9abcba5092dd2904e255b5fbc2"
   integrity sha512-pZbTJpoUsCzV48Mc9Nh51VbwO0X9cuPFE8gYwx9BTCt9SF8/b7Zljd2fVgOxhIF/HDTKgpVzs+GPhyKfjLLFRQ==
@@ -9245,9 +9282,9 @@ pbkdf2@^3.0.3:
     sha.js "^2.4.8"
 
 pdfjs-dist@^2.0.943:
-  version "2.0.943"
-  resolved "https://registry.yarnpkg.com/pdfjs-dist/-/pdfjs-dist-2.0.943.tgz#32fb9a2d863df5a1d89521a0b3cd900c16e7edde"
-  integrity sha512-iLhNcm4XceTHRaSU5o22ZGCm4YpuW5+rf4+BJFH/feBhMQLbCGBry+Jet8Q419QDI4qgARaIQzXuiNrsNWS8Yw==
+  version "2.1.266"
+  resolved "https://registry.yarnpkg.com/pdfjs-dist/-/pdfjs-dist-2.1.266.tgz#cded02268b389559e807f410d2a729db62160026"
+  integrity sha512-Jy7o1wE3NezPxozexSbq4ltuLT0Z21ew/qrEiAEeUZzHxMHGk4DUV1D7RuCXg5vJDvHmjX1YssN+we9QfRRgXQ==
   dependencies:
     node-ensure "^0.0.0"
     worker-loader "^2.0.0"
@@ -10542,7 +10579,7 @@ rfdc@^1.1.2:
   resolved "https://registry.yarnpkg.com/rfdc/-/rfdc-1.1.2.tgz#e6e72d74f5dc39de8f538f65e00c36c18018e349"
   integrity sha512-92ktAgvZhBzYTIK0Mja9uen5q5J3NRVMoDkJL2VMwq6SXjVCgqvQeVP2XAaUY6HT+XpQYeLSjb3UoitBryKmdA==
 
-rimraf@2, rimraf@2.6.3, rimraf@^2.2.8, rimraf@^2.5.4, rimraf@^2.6.0, rimraf@^2.6.1, rimraf@^2.6.2, rimraf@^2.6.3:
+rimraf@2, rimraf@2.6.3, rimraf@^2.2.8, rimraf@^2.5.4, rimraf@^2.6.0, rimraf@^2.6.1, rimraf@^2.6.3:
   version "2.6.3"
   resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.6.3.tgz#b2d104fe0d8fb27cf9e0a1cda8262dd3833c6cab"
   integrity sha512-mwqeW5XsA2qAejG46gYdENaxXjx9onRNCfn7L0duuP4hCuTIi/QO7PDK07KJfp1d+izWPrzEJDcSqBa0OZQriA==
@@ -10760,10 +10797,10 @@ send@0.16.2:
     range-parser "~1.2.0"
     statuses "~1.4.0"
 
-serialize-javascript@^1.4.0:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-1.4.0.tgz#7c958514db6ac2443a8abc062dc9f7886a7f6005"
-  integrity sha1-fJWFFNtqwkQ6irwGLcn3iGp/YAU=
+serialize-javascript@^1.4.0, serialize-javascript@^1.7.0:
+  version "1.7.0"
+  resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-1.7.0.tgz#d6e0dfb2a3832a8c94468e6eb1db97e55a192a65"
+  integrity sha512-ke8UG8ulpFOxO8f8gRYabHQe/ZntKlcig2Mp+8+URDP1D8vJZ0KUt7LYo07q25Z/+JVSgpr/cui9PIp5H6/+nA==
 
 serve-index@^1.7.2:
   version "1.9.1"
@@ -10881,6 +10918,11 @@ sisteransi@^1.0.0:
   resolved "https://registry.yarnpkg.com/sisteransi/-/sisteransi-1.0.0.tgz#77d9622ff909080f1c19e5f4a1df0c1b0a27b88c"
   integrity sha512-N+z4pHB4AmUv0SjveWRd6q1Nj5w62m5jodv+GD8lvmbY/83T/rpbJGZOnK5T149OldDj4Db07BSv9xY4K6NTPQ==
 
+slash@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/slash/-/slash-1.0.0.tgz#c41f2f6c39fc16d1cd17ad4b5d896114ae470d55"
+  integrity sha1-xB8vbDn8FtHNF61LXYlhFK5HDVU=
+
 slash@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/slash/-/slash-2.0.0.tgz#de552851a1759df3a8f206535442f5ec4ddeab44"
-- 
cgit v1.2.1


From 8476516e3db8575da52b0e3ae271064ad098ead0 Mon Sep 17 00:00:00 2001
From: Furkan Ayhan <furkanayhn@gmail.com>
Date: Sun, 28 Jul 2019 21:21:31 +0300
Subject: Separate private methods under the keyword on projects controller

---
 app/controllers/projects_controller.rb | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
index 37ffd28bf9e..d4ff72c2314 100644
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -284,6 +284,18 @@ class ProjectsController < Projects::ApplicationController
   end
   # rubocop: enable CodeReuse/ActiveRecord
 
+  def resolve
+    @project = Project.find(params[:id])
+
+    if can?(current_user, :read_project, @project)
+      redirect_to @project
+    else
+      render_404
+    end
+  end
+
+  private
+
   # Render project landing depending of which features are available
   # So if page is not available in the list it renders the next page
   #
@@ -453,14 +465,4 @@ class ProjectsController < Projects::ApplicationController
   def present_project
     @project = @project.present(current_user: current_user)
   end
-
-  def resolve
-    @project = Project.find(params[:id])
-
-    if can?(current_user, :read_project, @project)
-      redirect_to @project
-    else
-      render_404
-    end
-  end
 end
-- 
cgit v1.2.1


From ce0d74c26b6499062e5dd28f2000c18dfefabf92 Mon Sep 17 00:00:00 2001
From: Tiger <twatson@gitlab.com>
Date: Mon, 29 Jul 2019 12:04:18 +1000
Subject: Remove unused Clusters::RefreshService

Also removes all logic from ClusterConfigureWorker
and ClusterProjectConfigureWorker, which are also
no longer used.
---
 app/services/clusters/refresh_service.rb           |  40 --------
 app/workers/cluster_configure_worker.rb            |   6 +-
 app/workers/cluster_project_configure_worker.rb    |   4 +-
 spec/services/clusters/refresh_service_spec.rb     | 113 ---------------------
 spec/workers/cluster_configure_worker_spec.rb      |  71 -------------
 .../cluster_project_configure_worker_spec.rb       |  14 ---
 6 files changed, 2 insertions(+), 246 deletions(-)
 delete mode 100644 app/services/clusters/refresh_service.rb
 delete mode 100644 spec/services/clusters/refresh_service_spec.rb
 delete mode 100644 spec/workers/cluster_configure_worker_spec.rb
 delete mode 100644 spec/workers/cluster_project_configure_worker_spec.rb

diff --git a/app/services/clusters/refresh_service.rb b/app/services/clusters/refresh_service.rb
deleted file mode 100644
index 3752a306793..00000000000
--- a/app/services/clusters/refresh_service.rb
+++ /dev/null
@@ -1,40 +0,0 @@
-# frozen_string_literal: true
-
-module Clusters
-  class RefreshService
-    def self.create_or_update_namespaces_for_cluster(cluster)
-      projects_with_missing_kubernetes_namespaces_for_cluster(cluster).each do |project|
-        create_or_update_namespace(cluster, project)
-      end
-    end
-
-    def self.create_or_update_namespaces_for_project(project)
-      clusters_with_missing_kubernetes_namespaces_for_project(project).each do |cluster|
-        create_or_update_namespace(cluster, project)
-      end
-    end
-
-    def self.projects_with_missing_kubernetes_namespaces_for_cluster(cluster)
-      cluster.all_projects.missing_kubernetes_namespace(cluster.kubernetes_namespaces)
-    end
-
-    private_class_method :projects_with_missing_kubernetes_namespaces_for_cluster
-
-    def self.clusters_with_missing_kubernetes_namespaces_for_project(project)
-      project.clusters.managed.missing_kubernetes_namespace(project.kubernetes_namespaces)
-    end
-
-    private_class_method :clusters_with_missing_kubernetes_namespaces_for_project
-
-    def self.create_or_update_namespace(cluster, project)
-      kubernetes_namespace = cluster.find_or_initialize_kubernetes_namespace_for_project(project)
-
-      ::Clusters::Gcp::Kubernetes::CreateOrUpdateNamespaceService.new(
-        cluster: cluster,
-        kubernetes_namespace: kubernetes_namespace
-      ).execute
-    end
-
-    private_class_method :create_or_update_namespace
-  end
-end
diff --git a/app/workers/cluster_configure_worker.rb b/app/workers/cluster_configure_worker.rb
index 6f64b7ea0ab..b0e551d4e03 100644
--- a/app/workers/cluster_configure_worker.rb
+++ b/app/workers/cluster_configure_worker.rb
@@ -5,10 +5,6 @@ class ClusterConfigureWorker
   include ClusterQueue
 
   def perform(cluster_id)
-    Clusters::Cluster.managed.find_by_id(cluster_id).try do |cluster|
-      if cluster.project_type?
-        Clusters::RefreshService.create_or_update_namespaces_for_cluster(cluster)
-      end
-    end
+    # Scheduled for removal in https://gitlab.com/gitlab-org/gitlab-ce/issues/59319
   end
 end
diff --git a/app/workers/cluster_project_configure_worker.rb b/app/workers/cluster_project_configure_worker.rb
index 497e57c0d0b..8f48eca4d86 100644
--- a/app/workers/cluster_project_configure_worker.rb
+++ b/app/workers/cluster_project_configure_worker.rb
@@ -5,8 +5,6 @@ class ClusterProjectConfigureWorker
   include ClusterQueue
 
   def perform(project_id)
-    project = Project.find(project_id)
-
-    ::Clusters::RefreshService.create_or_update_namespaces_for_project(project)
+    # Scheduled for removal in https://gitlab.com/gitlab-org/gitlab-ce/issues/59319
   end
 end
diff --git a/spec/services/clusters/refresh_service_spec.rb b/spec/services/clusters/refresh_service_spec.rb
deleted file mode 100644
index 5bc8a709941..00000000000
--- a/spec/services/clusters/refresh_service_spec.rb
+++ /dev/null
@@ -1,113 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe Clusters::RefreshService do
-  shared_examples 'creates a kubernetes namespace' do
-    let(:token) { 'aaaaaa' }
-    let(:service_account_creator) { double(Clusters::Gcp::Kubernetes::CreateOrUpdateServiceAccountService, execute: true) }
-    let(:secrets_fetcher) { double(Clusters::Gcp::Kubernetes::FetchKubernetesTokenService, execute: token) }
-
-    it 'creates a kubernetes namespace' do
-      expect(Clusters::Gcp::Kubernetes::CreateOrUpdateServiceAccountService).to receive(:namespace_creator).and_return(service_account_creator)
-      expect(Clusters::Gcp::Kubernetes::FetchKubernetesTokenService).to receive(:new).and_return(secrets_fetcher)
-
-      expect { subject }.to change(project.kubernetes_namespaces, :count)
-
-      kubernetes_namespace = cluster.kubernetes_namespaces.first
-      expect(kubernetes_namespace).to be_present
-      expect(kubernetes_namespace.project).to eq(project)
-    end
-  end
-
-  shared_examples 'does not create a kubernetes namespace' do
-    it 'does not create a new kubernetes namespace' do
-      expect(Clusters::Gcp::Kubernetes::CreateOrUpdateServiceAccountService).not_to receive(:namespace_creator)
-      expect(Clusters::Gcp::Kubernetes::FetchKubernetesTokenService).not_to receive(:new)
-
-      expect { subject }.not_to change(Clusters::KubernetesNamespace, :count)
-    end
-  end
-
-  describe '.create_or_update_namespaces_for_cluster' do
-    let(:cluster) { create(:cluster, :provided_by_user, :project) }
-    let(:project) { cluster.project }
-
-    subject { described_class.create_or_update_namespaces_for_cluster(cluster) }
-
-    context 'cluster is project level' do
-      include_examples 'creates a kubernetes namespace'
-
-      context 'when project already has kubernetes namespace' do
-        before do
-          create(:cluster_kubernetes_namespace, project: project, cluster: cluster)
-        end
-
-        include_examples 'does not create a kubernetes namespace'
-      end
-    end
-
-    context 'cluster is group level' do
-      let(:cluster) { create(:cluster, :provided_by_user, :group) }
-      let(:group) { cluster.group }
-      let(:project) { create(:project, group: group) }
-
-      include_examples 'creates a kubernetes namespace'
-
-      context 'when project already has kubernetes namespace' do
-        before do
-          create(:cluster_kubernetes_namespace, project: project, cluster: cluster)
-        end
-
-        include_examples 'does not create a kubernetes namespace'
-      end
-    end
-  end
-
-  describe '.create_or_update_namespaces_for_project' do
-    let(:project) { create(:project) }
-
-    subject { described_class.create_or_update_namespaces_for_project(project) }
-
-    it 'creates no kubernetes namespaces' do
-      expect { subject }.not_to change(project.kubernetes_namespaces, :count)
-    end
-
-    context 'project has a project cluster' do
-      let!(:cluster) { create(:cluster, :provided_by_gcp, cluster_type: :project_type, projects: [project]) }
-
-      include_examples 'creates a kubernetes namespace'
-
-      context 'when project already has kubernetes namespace' do
-        before do
-          create(:cluster_kubernetes_namespace, project: project, cluster: cluster)
-        end
-
-        include_examples 'does not create a kubernetes namespace'
-      end
-    end
-
-    context 'project belongs to a group cluster' do
-      let!(:cluster) { create(:cluster, :provided_by_gcp, :group) }
-
-      let(:group) { cluster.group }
-      let(:project) { create(:project, group: group) }
-
-      include_examples 'does not create a kubernetes namespace'
-
-      context 'when project already has kubernetes namespace' do
-        before do
-          create(:cluster_kubernetes_namespace, project: project, cluster: cluster)
-        end
-
-        include_examples 'does not create a kubernetes namespace'
-      end
-    end
-
-    context 'cluster is not managed' do
-      let!(:cluster) { create(:cluster, :project, :not_managed, projects: [project]) }
-
-      include_examples 'does not create a kubernetes namespace'
-    end
-  end
-end
diff --git a/spec/workers/cluster_configure_worker_spec.rb b/spec/workers/cluster_configure_worker_spec.rb
deleted file mode 100644
index 975088f3ee6..00000000000
--- a/spec/workers/cluster_configure_worker_spec.rb
+++ /dev/null
@@ -1,71 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe ClusterConfigureWorker, '#perform' do
-  let(:worker) { described_class.new }
-
-  shared_examples 'configured cluster' do
-    it 'creates a namespace' do
-      expect(Clusters::RefreshService).to receive(:create_or_update_namespaces_for_cluster).with(cluster).once
-
-      worker.perform(cluster.id)
-    end
-  end
-
-  shared_examples 'unconfigured cluster' do
-    it 'does not create a namespace' do
-      expect(Clusters::RefreshService).not_to receive(:create_or_update_namespaces_for_cluster)
-
-      worker.perform(cluster.id)
-    end
-  end
-
-  context 'group cluster' do
-    let(:cluster) { create(:cluster, :group, :provided_by_gcp) }
-    let(:group) { cluster.group }
-
-    context 'when group has a project' do
-      let!(:project) { create(:project, group: group) }
-
-      it_behaves_like 'unconfigured cluster'
-    end
-
-    context 'when group has project in a sub-group' do
-      let!(:subgroup) { create(:group, parent: group) }
-      let!(:project) { create(:project, group: subgroup) }
-
-      it_behaves_like 'unconfigured cluster'
-    end
-  end
-
-  context 'when provider type is gcp' do
-    let!(:cluster) { create(:cluster, :project, :provided_by_gcp) }
-
-    it_behaves_like 'configured cluster'
-  end
-
-  context 'when provider type is user' do
-    let!(:cluster) { create(:cluster, :project, :provided_by_user) }
-
-    it_behaves_like 'configured cluster'
-  end
-
-  context 'when cluster is not managed' do
-    let(:cluster) { create(:cluster, :not_managed) }
-
-    it 'does not configure the cluster' do
-      expect(Clusters::RefreshService).not_to receive(:create_or_update_namespaces_for_cluster)
-
-      described_class.new.perform(cluster.id)
-    end
-  end
-
-  context 'when cluster does not exist' do
-    it 'does not provision a cluster' do
-      expect_any_instance_of(Clusters::Gcp::Kubernetes::CreateOrUpdateNamespaceService).not_to receive(:execute)
-
-      described_class.new.perform(123)
-    end
-  end
-end
diff --git a/spec/workers/cluster_project_configure_worker_spec.rb b/spec/workers/cluster_project_configure_worker_spec.rb
deleted file mode 100644
index 2ac9d0f61b4..00000000000
--- a/spec/workers/cluster_project_configure_worker_spec.rb
+++ /dev/null
@@ -1,14 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe ClusterProjectConfigureWorker, '#perform' do
-  let(:worker) { described_class.new }
-  let(:cluster) { create(:cluster, :project) }
-
-  it 'configures the cluster' do
-    expect(Clusters::RefreshService).to receive(:create_or_update_namespaces_for_project)
-
-    described_class.new.perform(cluster.projects.first.id)
-  end
-end
-- 
cgit v1.2.1


From 0ff6a32fc59d163e589a0348a3038e1b577182a0 Mon Sep 17 00:00:00 2001
From: Marcia Ramos <marcia@gitlab.com>
Date: Mon, 29 Jul 2019 04:08:45 +0000
Subject: Docs: Pipelines - ssot

---
 doc/user/project/pipelines/job_artifacts.md | 57 +++++++++++++++++------------
 doc/user/project/pipelines/schedules.md     | 18 ++++++++-
 doc/user/project/pipelines/settings.md      | 20 ++++++++++
 3 files changed, 69 insertions(+), 26 deletions(-)

diff --git a/doc/user/project/pipelines/job_artifacts.md b/doc/user/project/pipelines/job_artifacts.md
index 2411744c874..ef90899c512 100644
--- a/doc/user/project/pipelines/job_artifacts.md
+++ b/doc/user/project/pipelines/job_artifacts.md
@@ -1,24 +1,24 @@
+---
+type: reference, howto
+---
+
 # Introduction to job artifacts
 
-> **Notes:**
->
-> - Since GitLab 8.2 and GitLab Runner 0.7.0, job artifacts that are created by
->   GitLab Runner are uploaded to GitLab and are downloadable as a single archive
->   (`tar.gz`) using the GitLab UI.
-> - Starting with GitLab 8.4 and GitLab Runner 1.0, the artifacts archive format
->   changed to `ZIP`, and it is now possible to browse its contents, with the added
->   ability of downloading the files separately.
-> - Starting with GitLab 8.17, builds are renamed to jobs.
-> - The artifacts browser will be available only for new artifacts that are sent
->   to GitLab using GitLab Runner version 1.0 and up. It will not be possible to
->   browse old artifacts already uploaded to GitLab.
->- This is the user documentation. For the administration guide see
->   [administration/job_artifacts](../../../administration/job_artifacts.md).
-
-Artifacts is a list of files and directories which are attached to a job
-after it finishes. This feature is enabled by default in all
+> - Introduced in GitLab 8.2 and GitLab Runner 0.7.0.
+> - Starting with GitLab 8.4 and GitLab Runner 1.0, the artifacts archive format changed to `ZIP`, and it is now possible to browse its contents, with the added ability of downloading the files separately.
+> - In GitLab 8.17, builds were renamed to jobs.
+> - The artifacts browser will be available only for new artifacts that are sent to GitLab using GitLab Runner version 1.0 and up. It will not be possible to browse old artifacts already uploaded to GitLab.
+
+Artifacts are a list of files and directories which created by a job
+once it finishes. This feature is [enabled by default](../../../administration/job_artifacts.md) in all
 GitLab installations.
 
+Job artifacts that are created by GitLab Runner are uploaded to GitLab and are downloadable as a single archive using the GitLab UI.
+
+<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
+For an overview, watch the video [GitLab CI Pipeline, Artifacts, and Environments](https://www.youtube.com/watch?v=PCKDICEe10s).
+Watch also [GitLab CI pipeline tutorial for beginners](https://www.youtube.com/watch?v=Jav4vbUrqII).
+
 ## Defining artifacts in `.gitlab-ci.yml`
 
 A simple example of using the artifacts definition in `.gitlab-ci.yml` would be
@@ -50,11 +50,8 @@ For more examples on artifacts, follow the [artifacts reference in
 
 ## Browsing artifacts
 
-> **Note:**
 > With GitLab 9.2, PDFs, images, videos and other formats can be previewed
 > directly in the job artifacts browser without the need to download them.
->
-> **Note:**
 > With [GitLab 10.1][ce-14399], HTML files in a public project can be previewed
 > directly in a new tab without the need to download them when
 > [GitLab Pages](../../../administration/pages/index.md) is enabled.
@@ -108,7 +105,7 @@ inside GitLab that make that possible.
 It is possible to download the latest artifacts of a job via a well known URL
 so you can use it for scripting purposes.
 
->**Note:**
+NOTE: **Note:**
 The latest artifacts are considered as the artifacts created by jobs in the
 latest pipeline that succeeded for the specific ref.
 Artifacts for other pipelines can be accessed with direct access to them.
@@ -169,9 +166,9 @@ https://gitlab.com/gitlab-org/gitlab-ce/-/jobs/artifacts/master/file/htmlcov/ind
 The latest builds are also exposed in the UI in various places. Specifically,
 look for the download button in:
 
-- the main project's page
-- the branches page
-- the tags page
+- The main project's page
+- The branches page
+- The tags page
 
 If the latest job has failed to upload the artifacts, you can see that
 information in the UI.
@@ -201,3 +198,15 @@ In order to retrieve a job artifact of a different project, you might need to us
 
 [expiry date]: ../../../ci/yaml/README.md#artifactsexpire_in
 [ce-14399]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/14399
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/project/pipelines/schedules.md b/doc/user/project/pipelines/schedules.md
index dd5427ab35a..4e25d8545e9 100644
--- a/doc/user/project/pipelines/schedules.md
+++ b/doc/user/project/pipelines/schedules.md
@@ -1,7 +1,9 @@
+---
+type: reference, howto
+---
+
 # Pipeline schedules
 
-> **Notes**:
->
 > - Introduced in GitLab 9.1 as [Trigger Schedule](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10533).
 > - [Renamed to Pipeline Schedule](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10853) in GitLab 9.2.
 > - Cron notation is parsed by [Fugit](https://github.com/floraison/fugit).
@@ -118,3 +120,15 @@ on the target branch, the schedule will stop creating new pipelines. This can
 happen if, for example, the owner is blocked or removed from the project, or
 the target branch or tag is protected. In this case, someone with sufficient
 privileges must take ownership of the schedule.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/project/pipelines/settings.md b/doc/user/project/pipelines/settings.md
index df82daa3da3..45f27b3c811 100644
--- a/doc/user/project/pipelines/settings.md
+++ b/doc/user/project/pipelines/settings.md
@@ -1,3 +1,7 @@
+---
+type: reference, howto
+---
+
 # Pipelines settings
 
 To reach the pipelines settings navigate to your project's
@@ -5,6 +9,10 @@ To reach the pipelines settings navigate to your project's
 
 The following settings can be configured per project.
 
+<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
+For an overview, watch the video [GitLab CI Pipeline, Artifacts, and Environments](https://www.youtube.com/watch?v=PCKDICEe10s).
+Watch also [GitLab CI pipeline tutorial for beginners](https://www.youtube.com/watch?v=Jav4vbUrqII).
+
 ## Git strategy
 
 With Git strategy, you can choose the default way your repository is fetched
@@ -216,3 +224,15 @@ https://example.gitlab.com/<namespace>/<project>/badges/<branch>/coverage.svg?st
 ## Environment Variables
 
 [Environment variables](../../../ci/variables/README.html#gitlab-cicd-environment-variables) can be set in an environment to be available to a runner.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
-- 
cgit v1.2.1


From f1b6395cf96dae27e91f41e398cdc8df525029b7 Mon Sep 17 00:00:00 2001
From: Marcia Ramos <marcia@gitlab.com>
Date: Mon, 29 Jul 2019 04:10:24 +0000
Subject: Docs: adere ssot

---
 doc/user/project/protected_branches.md | 32 +++++++++++++++++++++++---------
 doc/user/project/protected_tags.md     | 26 ++++++++++++++++++++------
 doc/user/project/quick_actions.md      | 20 ++++++++++++++++++--
 3 files changed, 61 insertions(+), 17 deletions(-)

diff --git a/doc/user/project/protected_branches.md b/doc/user/project/protected_branches.md
index 9a3c02e1f50..e3515711f17 100644
--- a/doc/user/project/protected_branches.md
+++ b/doc/user/project/protected_branches.md
@@ -1,3 +1,7 @@
+---
+type: reference, howto
+---
+
 # Protected Branches
 
 [Permissions](../permissions.md) in GitLab are fundamentally defined around the
@@ -9,13 +13,13 @@ created protected branches.
 
 By default, a protected branch does four simple things:
 
-- it prevents its creation, if not already created, from everybody except users
-  with Maintainer permission
-- it prevents pushes from everybody except users with Maintainer permission
-- it prevents **anyone** from force pushing to the branch
-- it prevents **anyone** from deleting the branch
+- It prevents its creation, if not already created, from everybody except users
+  with Maintainer permission.
+- It prevents pushes from everybody except users with Maintainer permission.
+- It prevents **anyone** from force pushing to the branch.
+- It prevents **anyone** from deleting the branch.
 
->**Note**:
+NOTE: **Note:**
 A GitLab admin is allowed to push to the protected branches.
 
 See the [Changelog](#changelog) section for changes over time.
@@ -68,7 +72,7 @@ they are set to "Maintainers" by default.
 
 ## Restricting push and merge access to certain users **(STARTER)**
 
-> This feature was [introduced][ce-5081] in [GitLab Starter][ee] 8.11.
+> [Introduced][ce-5081] in [GitLab Starter][ee] 8.11.
 
 With GitLab Enterprise Edition you can restrict access to protected branches
 by choosing a role (Maintainers, Developers) as well as certain users. From the
@@ -174,11 +178,21 @@ for details about the pipelines security model.
 - Allow developers to merge into a protected branch without having push access [gitlab-org/gitlab-ce!4892][ce-4892]
 - Allow specifying protected branches using wildcards [gitlab-org/gitlab-ce!4665][ce-4665]
 
----
-
 [ce-4665]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4665 "Allow specifying protected branches using wildcards"
 [ce-4892]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4892 "Allow developers to merge into a protected branch without having push access"
 [ce-5081]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5081 "Allow creating protected branches that can't be pushed to"
 [ce-21393]: https://gitlab.com/gitlab-org/gitlab-ce/issues/21393
 [perm]: ../permissions.md
 [ee]: https://about.gitlab.com/pricing/
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/project/protected_tags.md b/doc/user/project/protected_tags.md
index 26bec323f02..687c4e1ea6f 100644
--- a/doc/user/project/protected_tags.md
+++ b/doc/user/project/protected_tags.md
@@ -1,3 +1,7 @@
+---
+type: reference, howto
+---
+
 # Protected Tags
 
 > [Introduced][ce-10356] in GitLab 9.1.
@@ -14,19 +18,19 @@ Protected tags will prevent anyone from updating or deleting the tag, as and wil
 
 To protect a tag, you need to have at least Maintainer permission level.
 
-1. Navigate to the project's Settings -> Repository page
+1. Navigate to the project's **Settings > Repository**:
 
     ![Repository Settings](img/project_repository_settings.png)
 
-1. From the **Tag** dropdown menu, select the tag you want to protect or type and click `Create wildcard`. In the screenshot below, we chose to protect all tags matching `v*`.
+1. From the **Tag** dropdown menu, select the tag you want to protect or type and click **Create wildcard**. In the screenshot below, we chose to protect all tags matching `v*`:
 
     ![Protected tags page](img/protected_tags_page.png)
 
-1. From the `Allowed to create` dropdown, select who will have permission to create matching tags and then click `Protect`.
+1. From the **Allowed to create** dropdown, select who will have permission to create matching tags and then click **Protect**:
 
     ![Allowed to create tags dropdown](img/protected_tags_permissions_dropdown.png)
 
-1. Once done, the protected tag will appear in the "Protected tags" list.
+1. Once done, the protected tag will appear in the **Protected tags** list:
 
     ![Protected tags list](img/protected_tags_list.png)
 
@@ -45,13 +49,23 @@ matching the wildcard. For example:
 Two different wildcards can potentially match the same tag. For example,
 `*-stable` and `production-*` would both match a `production-stable` tag.
 In that case, if _any_ of these protected tags have a setting like
-"Allowed to create", then `production-stable` will also inherit this setting.
+**Allowed to create**, then `production-stable` will also inherit this setting.
 
 If you click on a protected tag's name, you will be presented with a list of
 all matching tags:
 
 ![Protected tag matches](img/protected_tag_matches.png)
 
----
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
 
 [ce-10356]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10356 "Protected Tags"
diff --git a/doc/user/project/quick_actions.md b/doc/user/project/quick_actions.md
index f81669a41c9..40fba8fb111 100644
--- a/doc/user/project/quick_actions.md
+++ b/doc/user/project/quick_actions.md
@@ -1,4 +1,8 @@
-# GitLab quick actions
+---
+type: reference
+---
+
+# GitLab Quick Actions
 
 Quick actions are textual shortcuts for common actions on issues, epics, merge requests,
 and commits that are usually done by clicking buttons or dropdowns in GitLab's UI.
@@ -7,7 +11,7 @@ in comments of issues, epics, merge requests, and commits. Each command should b
 on a separate line in order to be properly detected and executed. Once executed,
 the commands are removed from the text body and not visible to anyone else.
 
-## Quick actions for issues and merge requests
+## Quick Actions for issues and merge requests
 
 The following quick actions are applicable to both issues and merge requests threads,
 discussions, and descriptions:
@@ -96,3 +100,15 @@ The following quick actions are applicable for epics threads and description:
 | `/remove_child_epic <&epic | group&epic | Epic URL>` | Removes child epic from epic ([introduced in GitLab 12.0](https://gitlab.com/gitlab-org/gitlab-ee/issues/7330)) |
 | `/parent_epic <&epic |  group&epic | Epic URL>` | Sets parent epic to epic ([introduced in GitLab 12.1](https://gitlab.com/gitlab-org/gitlab-ee/issues/10556)) |
 | `/remove_parent_epic` | Removes parent epic from epic ([introduced in GitLab 12.1](https://gitlab.com/gitlab-org/gitlab-ee/issues/10556)) |
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
-- 
cgit v1.2.1


From f2796135e1bb31494c90bf6477a4ba02d4011258 Mon Sep 17 00:00:00 2001
From: Sarah Daily <sdaily@gitlab.com>
Date: Mon, 29 Jul 2019 04:55:01 +0000
Subject: Add relevant Kubernetes page

---
 doc/user/project/clusters/kubernetes_pod_logs.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/doc/user/project/clusters/kubernetes_pod_logs.md b/doc/user/project/clusters/kubernetes_pod_logs.md
index 864cd75823c..163f3befeee 100644
--- a/doc/user/project/clusters/kubernetes_pod_logs.md
+++ b/doc/user/project/clusters/kubernetes_pod_logs.md
@@ -5,6 +5,10 @@
 GitLab makes it easy to view the logs of running pods in [connected Kubernetes clusters](index.md).
 By displaying the logs directly in GitLab, developers can avoid having to manage console tools or jump to a different interface.
 
+NOTE: **Kubernetes + GitLab**
+Everything you need to build, test, deploy, and run your app at scale.
+[Learn more](https://about.gitlab.com/solutions/kubernetes/).
+
 ## Overview
 
 [Kubernetes](https://kubernetes.io) pod logs can be viewed directly within GitLab. Logs can be displayed by clicking on a specific pod from [Deploy Boards](../deploy_boards.md):
-- 
cgit v1.2.1


From a5aa40c5fe93dc3daba8a578f4c09c4e443fcbec Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Mon, 29 Jul 2019 07:43:10 +0000
Subject: Add Job specific variables

Adds Job specific variables to facilitate specifying variables when
running manual jobs.
---
 .../javascripts/jobs/components/empty_state.vue    |  39 ++++-
 app/assets/javascripts/jobs/components/job_app.vue |   8 +
 .../jobs/components/manual_variables_form.vue      | 179 +++++++++++++++++++++
 app/assets/javascripts/jobs/index.js               |   1 +
 app/assets/javascripts/jobs/store/actions.js       |  14 ++
 app/controllers/projects/jobs_controller.rb        |   6 +-
 app/models/ci/build.rb                             |   7 +-
 app/models/ci/job_variable.rb                      |  14 ++
 app/models/concerns/new_has_variable.rb            |  14 ++
 app/services/ci/play_build_service.rb              |   4 +-
 app/views/projects/jobs/show.html.haml             |   1 +
 app/views/projects/settings/ci_cd/show.html.haml   |   2 +-
 .../unreleased/mc-feature-manual-job-variables.yml |   5 +
 db/migrate/20190711124721_create_job_variables.rb  |  23 +++
 db/schema.rb                                       |  11 ++
 doc/ci/img/manual_job_variables.png                | Bin 0 -> 429891 bytes
 doc/ci/pipelines.md                                |  14 ++
 lib/gitlab/ci/status/build/manual.rb               |   2 +-
 locale/gitlab.pot                                  |  21 ++-
 spec/controllers/projects/jobs_controller_spec.rb  |  13 +-
 spec/factories/ci/job_variables.rb                 |  10 ++
 spec/features/projects/jobs_spec.rb                |  10 +-
 spec/frontend/jobs/components/empty_state_spec.js  |  42 +++++
 spec/javascripts/jobs/components/job_app_spec.js   |   1 +
 .../jobs/components/manual_variables_form_spec.js  |  88 ++++++++++
 spec/models/ci/build_spec.rb                       |  13 +-
 spec/models/ci/job_variable_spec.rb                |  12 ++
 spec/services/ci/play_build_service_spec.rb        |  13 ++
 spec/services/ci/retry_build_service_spec.rb       |   5 +-
 29 files changed, 549 insertions(+), 23 deletions(-)
 create mode 100644 app/assets/javascripts/jobs/components/manual_variables_form.vue
 create mode 100644 app/models/ci/job_variable.rb
 create mode 100644 app/models/concerns/new_has_variable.rb
 create mode 100644 changelogs/unreleased/mc-feature-manual-job-variables.yml
 create mode 100644 db/migrate/20190711124721_create_job_variables.rb
 create mode 100644 doc/ci/img/manual_job_variables.png
 create mode 100644 spec/factories/ci/job_variables.rb
 create mode 100644 spec/javascripts/jobs/components/manual_variables_form_spec.js
 create mode 100644 spec/models/ci/job_variable_spec.rb

diff --git a/app/assets/javascripts/jobs/components/empty_state.vue b/app/assets/javascripts/jobs/components/empty_state.vue
index 04f910b6b80..275ed80146e 100644
--- a/app/assets/javascripts/jobs/components/empty_state.vue
+++ b/app/assets/javascripts/jobs/components/empty_state.vue
@@ -1,9 +1,11 @@
 <script>
 import { GlLink } from '@gitlab/ui';
+import ManualVariablesForm from './manual_variables_form.vue';
 
 export default {
   components: {
     GlLink,
+    ManualVariablesForm,
   },
   props: {
     illustrationPath: {
@@ -23,6 +25,21 @@ export default {
       required: false,
       default: null,
     },
+    playable: {
+      type: Boolean,
+      required: true,
+      default: false,
+    },
+    scheduled: {
+      type: Boolean,
+      required: false,
+      default: false,
+    },
+    variablesSettingsUrl: {
+      type: String,
+      required: false,
+      default: null,
+    },
     action: {
       type: Object,
       required: false,
@@ -37,28 +54,40 @@ export default {
       },
     },
   },
+  computed: {
+    shouldRenderManualVariables() {
+      return this.playable && !this.scheduled;
+    },
+  },
 };
 </script>
 <template>
   <div class="row empty-state">
     <div class="col-12">
-      <div :class="illustrationSizeClass" class="svg-content"><img :src="illustrationPath" /></div>
+      <div :class="illustrationSizeClass" class="svg-content">
+        <img :src="illustrationPath" />
+      </div>
     </div>
 
     <div class="col-12">
       <div class="text-content">
         <h4 class="js-job-empty-state-title text-center">{{ title }}</h4>
 
-        <p v-if="content" class="js-job-empty-state-content text-center">{{ content }}</p>
-
+        <p v-if="content" class="js-job-empty-state-content">{{ content }}</p>
+      </div>
+      <manual-variables-form
+        v-if="shouldRenderManualVariables"
+        :action="action"
+        :variables-settings-url="variablesSettingsUrl"
+      />
+      <div class="text-content">
         <div v-if="action" class="text-center">
           <gl-link
             :href="action.path"
             :data-method="action.method"
             class="js-job-empty-state-action btn btn-primary"
+            >{{ action.button_title }}</gl-link
           >
-            {{ action.button_title }}
-          </gl-link>
         </div>
       </div>
     </div>
diff --git a/app/assets/javascripts/jobs/components/job_app.vue b/app/assets/javascripts/jobs/components/job_app.vue
index 79fb67d38cd..ef9fb6d08d1 100644
--- a/app/assets/javascripts/jobs/components/job_app.vue
+++ b/app/assets/javascripts/jobs/components/job_app.vue
@@ -45,6 +45,11 @@ export default {
       required: false,
       default: null,
     },
+    variablesSettingsUrl: {
+      type: String,
+      required: false,
+      default: null,
+    },
     runnerHelpUrl: {
       type: String,
       required: false,
@@ -313,6 +318,9 @@ export default {
           :title="emptyStateTitle"
           :content="emptyStateIllustration.content"
           :action="emptyStateAction"
+          :playable="job.playable"
+          :scheduled="job.scheduled"
+          :variables-settings-url="variablesSettingsUrl"
         />
         <!-- EO empty state -->
 
diff --git a/app/assets/javascripts/jobs/components/manual_variables_form.vue b/app/assets/javascripts/jobs/components/manual_variables_form.vue
new file mode 100644
index 00000000000..c32a3cac7be
--- /dev/null
+++ b/app/assets/javascripts/jobs/components/manual_variables_form.vue
@@ -0,0 +1,179 @@
+<script>
+import _ from 'underscore';
+import { mapActions } from 'vuex';
+import { GlButton } from '@gitlab/ui';
+import { s__, sprintf } from '~/locale';
+import Icon from '~/vue_shared/components/icon.vue';
+
+export default {
+  name: 'ManualVariablesForm',
+  components: {
+    GlButton,
+    Icon,
+  },
+  props: {
+    action: {
+      type: Object,
+      required: false,
+      default: null,
+      validator(value) {
+        return (
+          value === null ||
+          (_.has(value, 'path') && _.has(value, 'method') && _.has(value, 'button_title'))
+        );
+      },
+    },
+    variablesSettingsUrl: {
+      type: String,
+      required: true,
+      default: '',
+    },
+  },
+  inputTypes: {
+    key: 'key',
+    value: 'value',
+  },
+  i18n: {
+    keyPlaceholder: s__('CiVariables|Input variable key'),
+    valuePlaceholder: s__('CiVariables|Input variable value'),
+  },
+  data() {
+    return {
+      variables: [],
+      key: '',
+      secretValue: '',
+    };
+  },
+  computed: {
+    helpText() {
+      return sprintf(
+        s__(
+          'CiVariables|Specify variable values to be used in this run. The values specified in %{linkStart}CI/CD settings%{linkEnd} will be used as default',
+        ),
+        {
+          linkStart: `<a href="${this.variablesSettingsUrl}">`,
+          linkEnd: '</a>',
+        },
+        false,
+      );
+    },
+  },
+  watch: {
+    key(newVal) {
+      this.handleValueChange(newVal, this.$options.inputTypes.key);
+    },
+    secretValue(newVal) {
+      this.handleValueChange(newVal, this.$options.inputTypes.value);
+    },
+  },
+  methods: {
+    ...mapActions(['triggerManualJob']),
+    handleValueChange(newValue, type) {
+      if (newValue !== '') {
+        this.createNewVariable(type);
+        this.resetForm();
+      }
+    },
+    createNewVariable(type) {
+      const newVariable = {
+        key: this.key,
+        secret_value: this.secretValue,
+        id: _.uniqueId(),
+      };
+
+      this.variables.push(newVariable);
+
+      return this.$nextTick().then(() => {
+        this.$refs[`${this.$options.inputTypes[type]}-${newVariable.id}`][0].focus();
+      });
+    },
+    resetForm() {
+      this.key = '';
+      this.secretValue = '';
+    },
+    deleteVariable(id) {
+      this.variables.splice(this.variables.findIndex(el => el.id === id), 1);
+    },
+  },
+};
+</script>
+<template>
+  <div class="js-manual-vars-form col-12">
+    <label>{{ s__('CiVariables|Variables') }}</label>
+
+    <div class="ci-table">
+      <div class="gl-responsive-table-row table-row-header pb-0 pt-0 border-0" role="row">
+        <div class="table-section section-50" role="rowheader">{{ s__('CiVariables|Key') }}</div>
+        <div class="table-section section-50" role="rowheader">{{ s__('CiVariables|Value') }}</div>
+      </div>
+
+      <div v-for="variable in variables" :key="variable.id" class="gl-responsive-table-row">
+        <div class="table-section section-50">
+          <div class="table-mobile-header" role="rowheader">{{ s__('Pipeline|Key') }}</div>
+          <div class="table-mobile-content append-right-10">
+            <input
+              :ref="`${$options.inputTypes.key}-${variable.id}`"
+              v-model="variable.key"
+              :placeholder="$options.i18n.keyPlaceholder"
+              class="ci-variable-body-item form-control"
+            />
+          </div>
+        </div>
+
+        <div class="table-section section-50">
+          <div class="table-mobile-header" role="rowheader">{{ s__('Pipeline|Value') }}</div>
+          <div class="table-mobile-content append-right-10">
+            <input
+              :ref="`${$options.inputTypes.value}-${variable.id}`"
+              v-model="variable.secret_value"
+              :placeholder="$options.i18n.valuePlaceholder"
+              class="ci-variable-body-item form-control"
+            />
+          </div>
+        </div>
+
+        <div class="table-section section-10">
+          <div class="table-mobile-header" role="rowheader"></div>
+          <div class="table-mobile-content justify-content-end">
+            <gl-button class="btn-transparent btn-blank w-25" @click="deleteVariable(variable.id)">
+              <icon name="clear" />
+            </gl-button>
+          </div>
+        </div>
+      </div>
+      <div class="gl-responsive-table-row">
+        <div class="table-section section-50">
+          <div class="table-mobile-header" role="rowheader">{{ s__('Pipeline|Key') }}</div>
+          <div class="table-mobile-content append-right-10">
+            <input
+              ref="inputKey"
+              v-model="key"
+              class="js-input-key form-control"
+              :placeholder="$options.i18n.keyPlaceholder"
+            />
+          </div>
+        </div>
+
+        <div class="table-section section-50">
+          <div class="table-mobile-header" role="rowheader">{{ s__('Pipeline|Value') }}</div>
+          <div class="table-mobile-content append-right-10">
+            <input
+              ref="inputSecretValue"
+              v-model="secretValue"
+              class="ci-variable-body-item form-control"
+              :placeholder="$options.i18n.valuePlaceholder"
+            />
+          </div>
+        </div>
+      </div>
+    </div>
+    <div class="d-flex prepend-top-default justify-content-center">
+      <p class="text-muted" v-html="helpText"></p>
+    </div>
+    <div class="d-flex justify-content-center">
+      <gl-button variant="primary" @click="triggerManualJob(variables)">
+        {{ action.button_title }}
+      </gl-button>
+    </div>
+  </div>
+</template>
diff --git a/app/assets/javascripts/jobs/index.js b/app/assets/javascripts/jobs/index.js
index 25132449458..06514fcce1d 100644
--- a/app/assets/javascripts/jobs/index.js
+++ b/app/assets/javascripts/jobs/index.js
@@ -15,6 +15,7 @@ export default () => {
           deploymentHelpUrl: element.dataset.deploymentHelpUrl,
           runnerHelpUrl: element.dataset.runnerHelpUrl,
           runnerSettingsUrl: element.dataset.runnerSettingsUrl,
+          variablesSettingsUrl: element.dataset.variablesSettingsUrl,
           endpoint: element.dataset.endpoint,
           pagePath: element.dataset.buildOptionsPagePath,
           logState: element.dataset.buildOptionsLogState,
diff --git a/app/assets/javascripts/jobs/store/actions.js b/app/assets/javascripts/jobs/store/actions.js
index 12d67a43599..a2daef96a2d 100644
--- a/app/assets/javascripts/jobs/store/actions.js
+++ b/app/assets/javascripts/jobs/store/actions.js
@@ -209,5 +209,19 @@ export const receiveJobsForStageError = ({ commit }) => {
   flash(__('An error occurred while fetching the jobs.'));
 };
 
+export const triggerManualJob = ({ state }, variables) => {
+  const parsedVariables = variables.map(variable => {
+    const copyVar = Object.assign({}, variable);
+    delete copyVar.id;
+    return copyVar;
+  });
+
+  axios
+    .post(state.job.status.action.path, {
+      job_variables_attributes: parsedVariables,
+    })
+    .catch(() => flash(__('An error occurred while triggering the job.')));
+};
+
 // prevent babel-plugin-rewire from generating an invalid default during karma tests
 export default () => {};
diff --git a/app/controllers/projects/jobs_controller.rb b/app/controllers/projects/jobs_controller.rb
index 02ff6e872c9..adbc0159358 100644
--- a/app/controllers/projects/jobs_controller.rb
+++ b/app/controllers/projects/jobs_controller.rb
@@ -94,7 +94,7 @@ class Projects::JobsController < Projects::ApplicationController
   def play
     return respond_422 unless @build.playable?
 
-    build = @build.play(current_user)
+    build = @build.play(current_user, play_params[:job_variables_attributes])
     redirect_to build_path(build)
   end
 
@@ -190,6 +190,10 @@ class Projects::JobsController < Projects::ApplicationController
     { query: { 'response-content-type' => 'text/plain; charset=utf-8', 'response-content-disposition' => 'inline' } }
   end
 
+  def play_params
+    params.permit(job_variables_attributes: %i[key secret_value])
+  end
+
   def trace_artifact_file
     @trace_artifact_file ||= build.job_artifacts_trace&.file
   end
diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb
index da70cb9a9a7..07813e03f3a 100644
--- a/app/models/ci/build.rb
+++ b/app/models/ci/build.rb
@@ -40,6 +40,7 @@ module Ci
     has_many :trace_chunks, class_name: 'Ci::BuildTraceChunk', foreign_key: :build_id
 
     has_many :job_artifacts, class_name: 'Ci::JobArtifact', foreign_key: :job_id, dependent: :destroy, inverse_of: :job # rubocop:disable Cop/ActiveRecordDependent
+    has_many :job_variables, class_name: 'Ci::JobVariable', foreign_key: :job_id
 
     Ci::JobArtifact.file_types.each do |key, value|
       has_one :"job_artifacts_#{key}", -> { where(file_type: value) }, class_name: 'Ci::JobArtifact', inverse_of: :job, foreign_key: :job_id
@@ -48,6 +49,7 @@ module Ci
     has_one :runner_session, class_name: 'Ci::BuildRunnerSession', validate: true, inverse_of: :build
 
     accepts_nested_attributes_for :runner_session
+    accepts_nested_attributes_for :job_variables
 
     delegate :url, to: :runner_session, prefix: true, allow_nil: true
     delegate :terminal_specification, to: :runner_session, allow_nil: true
@@ -331,10 +333,10 @@ module Ci
     end
 
     # rubocop: disable CodeReuse/ServiceClass
-    def play(current_user)
+    def play(current_user, job_variables_attributes = nil)
       Ci::PlayBuildService
         .new(project, current_user)
-        .execute(self)
+        .execute(self, job_variables_attributes)
     end
     # rubocop: enable CodeReuse/ServiceClass
 
@@ -432,6 +434,7 @@ module Ci
         Gitlab::Ci::Variables::Collection.new
           .concat(persisted_variables)
           .concat(scoped_variables)
+          .concat(job_variables)
           .concat(persisted_environment_variables)
           .to_runner_variables
       end
diff --git a/app/models/ci/job_variable.rb b/app/models/ci/job_variable.rb
new file mode 100644
index 00000000000..862a0bc1299
--- /dev/null
+++ b/app/models/ci/job_variable.rb
@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module Ci
+  class JobVariable < ApplicationRecord
+    extend Gitlab::Ci::Model
+    include NewHasVariable
+
+    belongs_to :job, class_name: "Ci::Build", foreign_key: :job_id
+
+    alias_attribute :secret_value, :value
+
+    validates :key, uniqueness: { scope: :job_id }
+  end
+end
diff --git a/app/models/concerns/new_has_variable.rb b/app/models/concerns/new_has_variable.rb
new file mode 100644
index 00000000000..429bf496872
--- /dev/null
+++ b/app/models/concerns/new_has_variable.rb
@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module NewHasVariable
+  extend ActiveSupport::Concern
+  include HasVariable
+
+  included do
+    attr_encrypted :value,
+      mode: :per_attribute_iv,
+      algorithm: 'aes-256-gcm',
+      key: Settings.attr_encrypted_db_key_base_32,
+      insecure_mode: false
+  end
+end
diff --git a/app/services/ci/play_build_service.rb b/app/services/ci/play_build_service.rb
index eb0b070657d..9f922ffde81 100644
--- a/app/services/ci/play_build_service.rb
+++ b/app/services/ci/play_build_service.rb
@@ -2,7 +2,7 @@
 
 module Ci
   class PlayBuildService < ::BaseService
-    def execute(build)
+    def execute(build, job_variables_attributes = nil)
       unless can?(current_user, :update_build, build)
         raise Gitlab::Access::AccessDeniedError
       end
@@ -10,7 +10,7 @@ module Ci
       # Try to enqueue the build, otherwise create a duplicate.
       #
       if build.enqueue
-        build.tap { |action| action.update(user: current_user) }
+        build.tap { |action| action.update(user: current_user, job_variables_attributes: job_variables_attributes || []) }
       else
         Ci::Build.retry(build, current_user)
       end
diff --git a/app/views/projects/jobs/show.html.haml b/app/views/projects/jobs/show.html.haml
index 81a53f22f67..c7fab87a593 100644
--- a/app/views/projects/jobs/show.html.haml
+++ b/app/views/projects/jobs/show.html.haml
@@ -11,4 +11,5 @@
     deployment_help_url: help_page_path('user/project/clusters/index.html', anchor: 'troubleshooting-failed-deployment-jobs'),
     runner_help_url: help_page_path('ci/runners/README.html', anchor: 'setting-maximum-job-timeout-for-a-runner'),
     runner_settings_url: project_runners_path(@build.project, anchor: 'js-runners-settings'),
+    variables_settings_url: project_variables_path(@build.project, anchor: 'js-cicd-variables-settings'),
     build_options: javascript_build_options } }
diff --git a/app/views/projects/settings/ci_cd/show.html.haml b/app/views/projects/settings/ci_cd/show.html.haml
index 293f0a241eb..87000e8270b 100644
--- a/app/views/projects/settings/ci_cd/show.html.haml
+++ b/app/views/projects/settings/ci_cd/show.html.haml
@@ -41,7 +41,7 @@
   .settings-content
     = render 'projects/runners/index'
 
-%section.settings.no-animate{ class: ('expanded' if expanded), data: { qa_selector: 'variables_settings_content' } }
+%section.qa-variables-settings.settings.no-animate#js-cicd-variables-settings{ class: ('expanded' if expanded), data: { qa_selector: 'variables_settings_content' } }
   .settings-header
     = render 'ci/variables/header', expanded: expanded
   .settings-content
diff --git a/changelogs/unreleased/mc-feature-manual-job-variables.yml b/changelogs/unreleased/mc-feature-manual-job-variables.yml
new file mode 100644
index 00000000000..a71cabfe303
--- /dev/null
+++ b/changelogs/unreleased/mc-feature-manual-job-variables.yml
@@ -0,0 +1,5 @@
+---
+title: Allow specifying variables when running manual jobs
+merge_request: 30485
+author:
+type: added
diff --git a/db/migrate/20190711124721_create_job_variables.rb b/db/migrate/20190711124721_create_job_variables.rb
new file mode 100644
index 00000000000..a860522f39e
--- /dev/null
+++ b/db/migrate/20190711124721_create_job_variables.rb
@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class CreateJobVariables < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  # Set this constant to true if this migration requires downtime.
+  DOWNTIME = false
+
+  def change
+    create_table :ci_job_variables do |t|
+      t.string :key, null: false
+      t.text :encrypted_value
+      t.string :encrypted_value_iv
+      t.references :job, null: false, index: true, foreign_key: { to_table: :ci_builds, on_delete: :cascade }
+      t.integer :variable_type, null: false, limit: 2, default: 1
+    end
+
+    add_index :ci_job_variables, [:key, :job_id], unique: true
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 67479937b47..1b5272179f5 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -605,6 +605,16 @@ ActiveRecord::Schema.define(version: 2019_07_25_012225) do
     t.index ["project_id"], name: "index_ci_job_artifacts_on_project_id"
   end
 
+  create_table "ci_job_variables", force: :cascade do |t|
+    t.string "key", null: false
+    t.text "encrypted_value"
+    t.string "encrypted_value_iv"
+    t.bigint "job_id", null: false
+    t.integer "variable_type", limit: 2, default: 1, null: false
+    t.index ["job_id"], name: "index_ci_job_variables_on_job_id"
+    t.index ["key", "job_id"], name: "index_ci_job_variables_on_key_and_job_id", unique: true
+  end
+
   create_table "ci_pipeline_chat_data", force: :cascade do |t|
     t.integer "pipeline_id", null: false
     t.integer "chat_name_id", null: false
@@ -3637,6 +3647,7 @@ ActiveRecord::Schema.define(version: 2019_07_25_012225) do
   add_foreign_key "ci_group_variables", "namespaces", column: "group_id", name: "fk_33ae4d58d8", on_delete: :cascade
   add_foreign_key "ci_job_artifacts", "ci_builds", column: "job_id", on_delete: :cascade
   add_foreign_key "ci_job_artifacts", "projects", on_delete: :cascade
+  add_foreign_key "ci_job_variables", "ci_builds", column: "job_id", on_delete: :cascade
   add_foreign_key "ci_pipeline_chat_data", "chat_names", on_delete: :cascade
   add_foreign_key "ci_pipeline_chat_data", "ci_pipelines", column: "pipeline_id", on_delete: :cascade
   add_foreign_key "ci_pipeline_schedule_variables", "ci_pipeline_schedules", column: "pipeline_schedule_id", name: "fk_41c35fda51", on_delete: :cascade
diff --git a/doc/ci/img/manual_job_variables.png b/doc/ci/img/manual_job_variables.png
new file mode 100644
index 00000000000..c7d62477cdd
Binary files /dev/null and b/doc/ci/img/manual_job_variables.png differ
diff --git a/doc/ci/pipelines.md b/doc/ci/pipelines.md
index be8f66c741f..ed8d0e3bc35 100644
--- a/doc/ci/pipelines.md
+++ b/doc/ci/pipelines.md
@@ -323,6 +323,20 @@ stage has a job with a manual action.
 
 ![Pipelines example](img/pipelines.png)
 
+### Specifying variables when running manual jobs
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/30485) in GitLab 12.2.
+
+When running manual jobs you can supply additional job specific variables.
+
+You can do this from the job page of the manual job you want to run with
+additional variables.
+
+This is useful when you want to alter the execution of a job by using
+environment variables.
+
+![Manual job variables](img/manual_job_variables.png)
+
 ### Delay a job in a pipeline graph
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/21767) in GitLab 11.4.
diff --git a/lib/gitlab/ci/status/build/manual.rb b/lib/gitlab/ci/status/build/manual.rb
index d01b09f1398..df572188194 100644
--- a/lib/gitlab/ci/status/build/manual.rb
+++ b/lib/gitlab/ci/status/build/manual.rb
@@ -10,7 +10,7 @@ module Gitlab
               image: 'illustrations/manual_action.svg',
               size: 'svg-394',
               title: _('This job requires a manual action'),
-              content: _('This job depends on a user to trigger its process. Often they are used to deploy code to production environments')
+              content: _('This job requires manual intervention to start. Before starting this job, you can add variables below for last-minute configuration changes.')
             }
           end
 
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 58c75ee2319..5397404b630 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -1080,6 +1080,9 @@ msgstr ""
 msgid "An error occurred while saving assignees"
 msgstr ""
 
+msgid "An error occurred while triggering the job."
+msgstr ""
+
 msgid "An error occurred while validating username"
 msgstr ""
 
@@ -2221,6 +2224,9 @@ msgstr ""
 msgid "CiVariables|Remove variable row"
 msgstr ""
 
+msgid "CiVariables|Specify variable values to be used in this run. The values specified in %{linkStart}CI/CD settings%{linkEnd} will be used as default"
+msgstr ""
+
 msgid "CiVariables|State"
 msgstr ""
 
@@ -2230,6 +2236,9 @@ msgstr ""
 msgid "CiVariables|Value"
 msgstr ""
 
+msgid "CiVariables|Variables"
+msgstr ""
+
 msgid "CiVariable|* (All environments)"
 msgstr ""
 
@@ -7697,6 +7706,9 @@ msgstr ""
 msgid "Pipeline|Existing branch name or tag"
 msgstr ""
 
+msgid "Pipeline|Key"
+msgstr ""
+
 msgid "Pipeline|Pipeline"
 msgstr ""
 
@@ -7727,6 +7739,9 @@ msgstr ""
 msgid "Pipeline|Triggerer"
 msgstr ""
 
+msgid "Pipeline|Value"
+msgstr ""
+
 msgid "Pipeline|Variables"
 msgstr ""
 
@@ -11056,9 +11071,6 @@ msgstr ""
 msgid "This issue is locked."
 msgstr ""
 
-msgid "This job depends on a user to trigger its process. Often they are used to deploy code to production environments"
-msgstr ""
-
 msgid "This job depends on upstream jobs that need to succeed in order for this job to be triggered"
 msgstr ""
 
@@ -11113,6 +11125,9 @@ msgstr ""
 msgid "This job requires a manual action"
 msgstr ""
 
+msgid "This job requires manual intervention to start. Before starting this job, you can add variables below for last-minute configuration changes."
+msgstr ""
+
 msgid "This job will automatically run after its timer finishes. Often they are used for incremental roll-out deploys to production environments. When unscheduled it converts into a manual action."
 msgstr ""
 
diff --git a/spec/controllers/projects/jobs_controller_spec.rb b/spec/controllers/projects/jobs_controller_spec.rb
index e428aa3c7b7..39ebf02dcf5 100644
--- a/spec/controllers/projects/jobs_controller_spec.rb
+++ b/spec/controllers/projects/jobs_controller_spec.rb
@@ -676,6 +676,8 @@ describe Projects::JobsController, :clean_gitlab_redis_shared_state do
   end
 
   describe 'POST play' do
+    let(:variable_attributes) { [] }
+
     before do
       project.add_developer(user)
 
@@ -698,6 +700,14 @@ describe Projects::JobsController, :clean_gitlab_redis_shared_state do
       it 'transits to pending' do
         expect(job.reload).to be_pending
       end
+
+      context 'when job variables are specified' do
+        let(:variable_attributes) { [{ key: 'first', secret_value: 'first' }] }
+
+        it 'assigns the job variables' do
+          expect(job.reload.job_variables.map(&:key)).to contain_exactly('first')
+        end
+      end
     end
 
     context 'when job is not playable' do
@@ -712,7 +722,8 @@ describe Projects::JobsController, :clean_gitlab_redis_shared_state do
       post :play, params: {
                     namespace_id: project.namespace,
                     project_id: project,
-                    id: job.id
+                    id: job.id,
+                    job_variables_attributes: variable_attributes
                   }
     end
   end
diff --git a/spec/factories/ci/job_variables.rb b/spec/factories/ci/job_variables.rb
new file mode 100644
index 00000000000..d664b763abd
--- /dev/null
+++ b/spec/factories/ci/job_variables.rb
@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+FactoryBot.define do
+  factory :ci_job_variable, class: Ci::JobVariable do
+    sequence(:key) { |n| "VARIABLE_#{n}" }
+    value 'VARIABLE_VALUE'
+
+    job factory: :ci_build
+  end
+end
diff --git a/spec/features/projects/jobs_spec.rb b/spec/features/projects/jobs_spec.rb
index f4ed89adc0f..8ed420300af 100644
--- a/spec/features/projects/jobs_spec.rb
+++ b/spec/features/projects/jobs_spec.rb
@@ -701,12 +701,12 @@ describe 'Jobs', :clean_gitlab_redis_shared_state do
       it 'shows manual action empty state', :js do
         expect(page).to have_content(job.detailed_status(user).illustration[:title])
         expect(page).to have_content('This job requires a manual action')
-        expect(page).to have_content('This job depends on a user to trigger its process. Often they are used to deploy code to production environments')
-        expect(page).to have_link('Trigger this manual action')
+        expect(page).to have_content('This job requires manual intervention to start. Before starting this job, you can add variables below for last-minute configuration changes.')
+        expect(page).to have_button('Trigger this manual action')
       end
 
       it 'plays manual action and shows pending status', :js do
-        click_link 'Trigger this manual action'
+        click_button 'Trigger this manual action'
 
         wait_for_requests
         expect(page).to have_content('This job has not started yet')
@@ -734,8 +734,8 @@ describe 'Jobs', :clean_gitlab_redis_shared_state do
 
         wait_for_requests
         expect(page).to have_content('This job requires a manual action')
-        expect(page).to have_content('This job depends on a user to trigger its process. Often they are used to deploy code to production environments')
-        expect(page).to have_link('Trigger this manual action')
+        expect(page).to have_content('This job requires manual intervention to start. Before starting this job, you can add variables below for last-minute configuration changes.')
+        expect(page).to have_button('Trigger this manual action')
       end
     end
 
diff --git a/spec/frontend/jobs/components/empty_state_spec.js b/spec/frontend/jobs/components/empty_state_spec.js
index a2df79bdda0..dfba5a936ee 100644
--- a/spec/frontend/jobs/components/empty_state_spec.js
+++ b/spec/frontend/jobs/components/empty_state_spec.js
@@ -10,6 +10,8 @@ describe('Empty State', () => {
     illustrationPath: 'illustrations/pending_job_empty.svg',
     illustrationSizeClass: 'svg-430',
     title: 'This job has not started yet',
+    playable: false,
+    variablesSettingsUrl: '',
   };
 
   const content = 'This job is in pending state and is waiting to be picked by a runner';
@@ -90,4 +92,44 @@ describe('Empty State', () => {
       expect(vm.$el.querySelector('.js-job-empty-state-action')).toBeNull();
     });
   });
+
+  describe('without playbale action', () => {
+    it('does not render manual variables form', () => {
+      vm = mountComponent(Component, {
+        ...props,
+        content,
+      });
+
+      expect(vm.$el.querySelector('.js-manual-vars-form')).toBeNull();
+    });
+  });
+
+  describe('with playbale action and not scheduled job', () => {
+    it('renders manual variables form', () => {
+      vm = mountComponent(Component, {
+        ...props,
+        content,
+        playable: true,
+        scheduled: false,
+        action: {
+          path: 'runner',
+          button_title: 'Check runner',
+          method: 'post',
+        },
+      });
+
+      expect(vm.$el.querySelector('.js-manual-vars-form')).not.toBeNull();
+    });
+  });
+
+  describe('with playbale action and  scheduled job', () => {
+    it('does not render manual variables form', () => {
+      vm = mountComponent(Component, {
+        ...props,
+        content,
+      });
+
+      expect(vm.$el.querySelector('.js-manual-vars-form')).toBeNull();
+    });
+  });
 });
diff --git a/spec/javascripts/jobs/components/job_app_spec.js b/spec/javascripts/jobs/components/job_app_spec.js
index f28d2c2a882..c58d59b4b16 100644
--- a/spec/javascripts/jobs/components/job_app_spec.js
+++ b/spec/javascripts/jobs/components/job_app_spec.js
@@ -19,6 +19,7 @@ describe('Job App ', () => {
     runnerHelpUrl: 'help/runner',
     deploymentHelpUrl: 'help/deployment',
     runnerSettingsUrl: 'settings/ci-cd/runners',
+    variablesSettingsUrl: 'settings/ci-cd/variables',
     terminalPath: 'jobs/123/terminal',
     pagePath: `${gl.TEST_HOST}jobs/123`,
     logState:
diff --git a/spec/javascripts/jobs/components/manual_variables_form_spec.js b/spec/javascripts/jobs/components/manual_variables_form_spec.js
new file mode 100644
index 00000000000..093aa905185
--- /dev/null
+++ b/spec/javascripts/jobs/components/manual_variables_form_spec.js
@@ -0,0 +1,88 @@
+import { shallowMount } from '@vue/test-utils';
+import { GlButton } from '@gitlab/ui';
+import Form from '~/jobs/components/manual_variables_form.vue';
+
+describe('Manual Variables Form', () => {
+  let wrapper;
+  const requiredProps = {
+    action: {
+      path: '/play',
+      method: 'post',
+      button_title: 'Trigger this manual action',
+    },
+    variablesSettingsUrl: '/settings',
+  };
+
+  const factory = (props = {}) => {
+    wrapper = shallowMount(Form, {
+      propsData: props,
+    });
+  };
+
+  beforeEach(() => {
+    factory(requiredProps);
+  });
+
+  afterEach(() => {
+    wrapper.destroy();
+  });
+
+  it('renders empty form with correct placeholders', () => {
+    expect(wrapper.find({ ref: 'inputKey' }).attributes('placeholder')).toBe('Input variable key');
+    expect(wrapper.find({ ref: 'inputSecretValue' }).attributes('placeholder')).toBe(
+      'Input variable value',
+    );
+  });
+
+  it('renders help text with provided link', () => {
+    expect(wrapper.find('p').text()).toBe(
+      'Specify variable values to be used in this run. The values specified in CI/CD settings will be used as default',
+    );
+
+    expect(wrapper.find('a').attributes('href')).toBe(requiredProps.variablesSettingsUrl);
+  });
+
+  describe('when adding a new variable', () => {
+    it('creates a new variable when user types a new key and resets the form', done => {
+      wrapper.vm
+        .$nextTick()
+        .then(() => wrapper.find({ ref: 'inputKey' }).setValue('new key'))
+        .then(() => {
+          expect(wrapper.vm.variables.length).toBe(1);
+          expect(wrapper.vm.variables[0].key).toBe('new key');
+          expect(wrapper.find({ ref: 'inputKey' }).attributes('value')).toBe(undefined);
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+
+    it('creates a new variable when user types a new value and resets the form', done => {
+      wrapper.vm
+        .$nextTick()
+        .then(() => wrapper.find({ ref: 'inputSecretValue' }).setValue('new value'))
+        .then(() => {
+          expect(wrapper.vm.variables.length).toBe(1);
+          expect(wrapper.vm.variables[0].secret_value).toBe('new value');
+          expect(wrapper.find({ ref: 'inputSecretValue' }).attributes('value')).toBe(undefined);
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+  });
+
+  describe('when deleting a variable', () => {
+    it('removes the variable row', () => {
+      wrapper.vm.variables = [
+        {
+          key: 'new key',
+          secret_value: 'value',
+          id: '1',
+        },
+      ];
+
+      wrapper.find(GlButton).vm.$emit('click');
+
+      expect(wrapper.vm.variables.length).toBe(0);
+    });
+  });
+});
diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb
index c30cb70e1c1..17c7c05324a 100644
--- a/spec/models/ci/build_spec.rb
+++ b/spec/models/ci/build_spec.rb
@@ -21,7 +21,8 @@ describe Ci::Build do
   it { is_expected.to belong_to(:erased_by) }
   it { is_expected.to have_many(:trace_sections)}
   it { is_expected.to have_one(:deployment) }
-  it { is_expected.to have_one(:runner_session)}
+  it { is_expected.to have_one(:runner_session) }
+  it { is_expected.to have_many(:job_variables) }
   it { is_expected.to validate_presence_of(:ref) }
   it { is_expected.to respond_to(:has_trace?) }
   it { is_expected.to respond_to(:trace) }
@@ -2258,6 +2259,16 @@ describe Ci::Build do
       it { is_expected.to include(manual_variable) }
     end
 
+    context 'when job variable is defined' do
+      let(:job_variable) { { key: 'first', value: 'first', public: false, masked: false } }
+
+      before do
+        create(:ci_job_variable, job_variable.slice(:key, :value).merge(job: build))
+      end
+
+      it { is_expected.to include(job_variable) }
+    end
+
     context 'when build is for tag' do
       let(:tag_variable) do
         { key: 'CI_COMMIT_TAG', value: 'master', public: true, masked: false }
diff --git a/spec/models/ci/job_variable_spec.rb b/spec/models/ci/job_variable_spec.rb
new file mode 100644
index 00000000000..b94a914c784
--- /dev/null
+++ b/spec/models/ci/job_variable_spec.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Ci::JobVariable do
+  subject { build(:ci_job_variable) }
+
+  it_behaves_like "CI variable"
+
+  it { is_expected.to belong_to(:job) }
+  it { is_expected.to validate_uniqueness_of(:key).scoped_to(:job_id) }
+end
diff --git a/spec/services/ci/play_build_service_spec.rb b/spec/services/ci/play_build_service_spec.rb
index 1e68b7956ea..cf39f3da4fe 100644
--- a/spec/services/ci/play_build_service_spec.rb
+++ b/spec/services/ci/play_build_service_spec.rb
@@ -60,6 +60,19 @@ describe Ci::PlayBuildService, '#execute' do
 
       expect(build.reload.user).to eq user
     end
+
+    context 'when variables are supplied' do
+      let(:job_variables) do
+        [{ key: 'first', secret_value: 'first' },
+         { key: 'second', secret_value: 'second' }]
+      end
+
+      it 'assigns the variables to the build' do
+        service.execute(build, job_variables)
+
+        expect(build.reload.job_variables.map(&:key)).to contain_exactly('first', 'second')
+      end
+    end
   end
 
   context 'when build is not a playable manual action' do
diff --git a/spec/services/ci/retry_build_service_spec.rb b/spec/services/ci/retry_build_service_spec.rb
index 11b06ef5019..915288cd916 100644
--- a/spec/services/ci/retry_build_service_spec.rb
+++ b/spec/services/ci/retry_build_service_spec.rb
@@ -30,7 +30,8 @@ describe Ci::RetryBuildService do
        job_artifacts_sast job_artifacts_dependency_scanning
        job_artifacts_container_scanning job_artifacts_dast
        job_artifacts_license_management job_artifacts_performance
-       job_artifacts_codequality job_artifacts_metrics scheduled_at].freeze
+       job_artifacts_codequality job_artifacts_metrics scheduled_at
+       job_variables].freeze
 
   IGNORE_ACCESSORS =
     %i[type lock_version target_url base_tags trace_sections
@@ -65,6 +66,8 @@ describe Ci::RetryBuildService do
                file_type: file_type, job: build, expire_at: build.artifacts_expire_at)
       end
 
+      create(:ci_job_variable, job: build)
+
       build.reload
     end
 
-- 
cgit v1.2.1


From 26e9efc011c49b6918d4cc345a3328cabf22e2a7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Francisco=20Javier=20L=C3=B3pez?= <fjlopez@gitlab.com>
Date: Mon, 29 Jul 2019 09:58:58 +0000
Subject: Added navbar searches usage ping counter

Added usage ping counter when the user makes
a search through the navbar search component.
---
 app/controllers/search_controller.rb               |  8 +++++++
 app/views/layouts/_search.html.haml                |  1 +
 .../fj-navbar-searches-usage-ping-counter.yml      |  5 ++++
 lib/gitlab/usage_data.rb                           |  7 ++++--
 lib/gitlab/usage_data_counters/search_counter.rb   | 27 ++++++++++++++++++++++
 spec/features/global_search_spec.rb                | 13 +++++++----
 .../usage_data_counters/search_counter_spec.rb     | 13 +++++++++++
 spec/lib/gitlab/usage_data_spec.rb                 |  3 ++-
 8 files changed, 70 insertions(+), 7 deletions(-)
 create mode 100644 changelogs/unreleased/fj-navbar-searches-usage-ping-counter.yml
 create mode 100644 lib/gitlab/usage_data_counters/search_counter.rb
 create mode 100644 spec/lib/gitlab/usage_data_counters/search_counter_spec.rb

diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb
index 8c674be58c5..13741548687 100644
--- a/app/controllers/search_controller.rb
+++ b/app/controllers/search_controller.rb
@@ -31,6 +31,8 @@ class SearchController < ApplicationController
     render_commits if @scope == 'commits'
     eager_load_user_status if @scope == 'users'
 
+    increment_navbar_searches_counter
+
     check_single_commit_result
   end
 
@@ -70,4 +72,10 @@ class SearchController < ApplicationController
       redirect_to project_commit_path(@project, only_commit) if found_by_commit_sha
     end
   end
+
+  def increment_navbar_searches_counter
+    return if params[:nav_source] != 'navbar'
+
+    Gitlab::UsageDataCounters::SearchCounter.increment_navbar_searches_count
+  end
 end
diff --git a/app/views/layouts/_search.html.haml b/app/views/layouts/_search.html.haml
index c62dce880c0..9cac8266eaf 100644
--- a/app/views/layouts/_search.html.haml
+++ b/app/views/layouts/_search.html.haml
@@ -45,5 +45,6 @@
     - if @snippet || @snippets
       = hidden_field_tag :snippets, true
     = hidden_field_tag :repository_ref, @ref
+    = hidden_field_tag :nav_source, 'navbar'
     = button_tag 'Go' if ENV['RAILS_ENV'] == 'test'
     .search-autocomplete-opts.hide{ :'data-autocomplete-path' => search_autocomplete_path, :'data-autocomplete-project-id' => @project.try(:id), :'data-autocomplete-project-ref' => @ref }
diff --git a/changelogs/unreleased/fj-navbar-searches-usage-ping-counter.yml b/changelogs/unreleased/fj-navbar-searches-usage-ping-counter.yml
new file mode 100644
index 00000000000..ab7c1697fd6
--- /dev/null
+++ b/changelogs/unreleased/fj-navbar-searches-usage-ping-counter.yml
@@ -0,0 +1,5 @@
+---
+title: Added navbar searches usage ping counter
+merge_request: 30953
+author:
+type: changed
diff --git a/lib/gitlab/usage_data.rb b/lib/gitlab/usage_data.rb
index db1086c9cae..d5657c474c8 100644
--- a/lib/gitlab/usage_data.rb
+++ b/lib/gitlab/usage_data.rb
@@ -137,8 +137,11 @@ module Gitlab
 
       # @return [Array<#totals>] An array of objects that respond to `#totals`
       def usage_data_counters
-        [Gitlab::UsageDataCounters::WikiPageCounter,
-         Gitlab::UsageDataCounters::WebIdeCounter]
+        [
+         Gitlab::UsageDataCounters::WikiPageCounter,
+         Gitlab::UsageDataCounters::WebIdeCounter,
+         Gitlab::UsageDataCounters::SearchCounter
+        ]
       end
 
       def components_usage_data
diff --git a/lib/gitlab/usage_data_counters/search_counter.rb b/lib/gitlab/usage_data_counters/search_counter.rb
new file mode 100644
index 00000000000..5f0735347e1
--- /dev/null
+++ b/lib/gitlab/usage_data_counters/search_counter.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module UsageDataCounters
+    class SearchCounter
+      extend RedisCounter
+
+      NAVBAR_SEARCHES_COUNT_KEY = 'NAVBAR_SEARCHES_COUNT'
+
+      class << self
+        def increment_navbar_searches_count
+          increment(NAVBAR_SEARCHES_COUNT_KEY)
+        end
+
+        def total_navbar_searches_count
+          total_count(NAVBAR_SEARCHES_COUNT_KEY)
+        end
+
+        def totals
+          {
+            navbar_searches: total_navbar_searches_count
+          }
+        end
+      end
+    end
+  end
+end
diff --git a/spec/features/global_search_spec.rb b/spec/features/global_search_spec.rb
index 3efbeddb7aa..a7ccc6f7d7b 100644
--- a/spec/features/global_search_spec.rb
+++ b/spec/features/global_search_spec.rb
@@ -9,6 +9,15 @@ describe 'Global search' do
   before do
     project.add_maintainer(user)
     sign_in(user)
+
+    visit dashboard_projects_path
+  end
+
+  it 'increases usage ping searches counter' do
+    expect(Gitlab::UsageDataCounters::SearchCounter).to receive(:increment_navbar_searches_count)
+
+    fill_in "search", with: "foobar"
+    click_button "Go"
   end
 
   describe 'I search through the issues and I see pagination' do
@@ -18,8 +27,6 @@ describe 'Global search' do
     end
 
     it "has a pagination" do
-      visit dashboard_projects_path
-
       fill_in "search", with: "initial"
       click_button "Go"
 
@@ -29,8 +36,6 @@ describe 'Global search' do
   end
 
   it 'closes the dropdown on blur', :js do
-    visit dashboard_projects_path
-
     fill_in 'search', with: "a"
     dropdown = find('.js-dashboard-search-options')
 
diff --git a/spec/lib/gitlab/usage_data_counters/search_counter_spec.rb b/spec/lib/gitlab/usage_data_counters/search_counter_spec.rb
new file mode 100644
index 00000000000..50a9f980dc7
--- /dev/null
+++ b/spec/lib/gitlab/usage_data_counters/search_counter_spec.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::UsageDataCounters::SearchCounter, :clean_gitlab_redis_shared_state do
+  it 'increments counter and return the total count' do
+    expect(described_class.total_navbar_searches_count).to eq(0)
+
+    2.times { described_class.increment_navbar_searches_count }
+
+    expect(described_class.total_navbar_searches_count).to eq(2)
+  end
+end
diff --git a/spec/lib/gitlab/usage_data_spec.rb b/spec/lib/gitlab/usage_data_spec.rb
index 2289d906944..6d0a2098b2e 100644
--- a/spec/lib/gitlab/usage_data_spec.rb
+++ b/spec/lib/gitlab/usage_data_spec.rb
@@ -67,7 +67,8 @@ describe Gitlab::UsageData do
         wiki_pages_delete: a_kind_of(Integer),
         web_ide_views: a_kind_of(Integer),
         web_ide_commits: a_kind_of(Integer),
-        web_ide_merge_requests: a_kind_of(Integer)
+        web_ide_merge_requests: a_kind_of(Integer),
+        navbar_searches: a_kind_of(Integer)
       )
     end
 
-- 
cgit v1.2.1


From e39eaeedab5c0e81ad6c5be765bf6a5e957f6d18 Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Mon, 29 Jul 2019 10:18:02 +0000
Subject: Categorize autodevops variables

---
 doc/topics/autodevops/index.md | 95 ++++++++++++++++++++++++++----------------
 1 file changed, 59 insertions(+), 36 deletions(-)

diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md
index c6219126b30..9b291c1bc10 100644
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -721,47 +721,34 @@ The following variables can be used for setting up the Auto DevOps domain,
 providing a custom Helm chart, or scaling your application. PostgreSQL can
 also be customized, and you can easily use a [custom buildpack](#custom-buildpacks).
 
+#### Build and deployment
+
+The following table lists variables related to building and deploying
+applications.
+
 | **Variable**                            | **Description**                    |
 |-----------------------------------------|------------------------------------|
-| `AUTO_DEVOPS_CHART`                     | The Helm Chart used to deploy your apps; defaults to the one [provided by GitLab](https://gitlab.com/gitlab-org/charts/auto-deploy-app). |
-| `AUTO_DEVOPS_CHART_REPOSITORY`          | The Helm Chart repository used to search for charts; defaults to `https://charts.gitlab.io`. |
-| `AUTO_DEVOPS_CHART_REPOSITORY_NAME`     | From Gitlab 11.11, this variable can be used to set the name of the helm repository; defaults to "gitlab" |
-| `AUTO_DEVOPS_CHART_REPOSITORY_USERNAME` | From Gitlab 11.11, this variable can be used to set a username to connect to the helm repository. Defaults to no credentials. (Also set AUTO_DEVOPS_CHART_REPOSITORY_PASSWORD) |
-| `AUTO_DEVOPS_CHART_REPOSITORY_PASSWORD` | From Gitlab 11.11, this variable can be used to set a password to connect to the helm repository. Defaults to no credentials. (Also set AUTO_DEVOPS_CHART_REPOSITORY_USERNAME) |
-| `REPLICAS`                              | The number of replicas to deploy; defaults to 1. |
-| `PRODUCTION_REPLICAS`                   | The number of replicas to deploy in the production environment. Takes precedence over `REPLICAS` and defaults to 1. For zero downtime upgrades, set to 2 or greater. |
-| `CANARY_REPLICAS`                       | The number of canary replicas to deploy for [Canary Deployments](../../user/project/canary_deployments.md); defaults to 1. |
-| `CANARY_PRODUCTION_REPLICAS`            | The number of canary replicas to deploy for [Canary Deployments](../../user/project/canary_deployments.md) in the production environment. This takes precedence over `CANARY_REPLICAS`; defaults to 1. |
 | `ADDITIONAL_HOSTS`                      | Fully qualified domain names specified as a comma-separated list that are added to the ingress hosts. |
 | `<ENVIRONMENT>_ADDITIONAL_HOSTS`        | For a specific environment, the fully qualified domain names specified as a comma-separated list that are added to the ingress hosts. This takes precedence over `ADDITIONAL_HOSTS`. |
-| `POSTGRES_ENABLED`                      | Whether PostgreSQL is enabled; defaults to `"true"`. Set to `false` to disable the automatic deployment of PostgreSQL. |
-| `POSTGRES_USER`                         | The PostgreSQL user; defaults to `user`. Set it to use a custom username. |
-| `POSTGRES_PASSWORD`                     | The PostgreSQL password; defaults to `testing-password`. Set it to use a custom password. |
-| `POSTGRES_DB`                           | The PostgreSQL database name; defaults to the value of [`$CI_ENVIRONMENT_SLUG`](../../ci/variables/README.md#predefined-environment-variables). Set it to use a custom database name. |
-| `POSTGRES_VERSION`                      | Tag for the [`postgres` Docker image](https://hub.docker.com/_/postgres) to use. Defaults to `9.6.2`. |
-| `BUILDPACK_URL`                         | The buildpack's full URL. It can point to either Git repositories or a tarball URL. For Git repositories, it is possible to point to a specific `ref`, for example `https://github.com/heroku/heroku-buildpack-ruby.git#v142`. |
-| `SAST_CONFIDENCE_LEVEL`                 | The minimum confidence level of security issues you want to be reported; `1` for Low, `2` for Medium, `3` for High; defaults to `3`. |
-| `DS_DISABLE_REMOTE_CHECKS`              | Whether remote Dependency Scanning checks are disabled; defaults to `"false"`. Set to `"true"` to disable checks that send data to GitLab central servers. [Read more about remote checks](../../user/application_security/dependency_scanning/index.md#remote-checks). |
-| `DB_INITIALIZE`                         | From GitLab 11.4, this variable can be used to specify the command to run to initialize the application's PostgreSQL database. It runs inside the application pod. |
-| `DB_MIGRATE`                            | From GitLab 11.4, this variable can be used to specify the command to run to migrate the application's PostgreSQL database. It runs inside the application pod. |
-| `STAGING_ENABLED`                       | From GitLab 10.8, this variable can be used to define a [deploy policy for staging and production environments](#deploy-policy-for-staging-and-production-environments). |
-| `CANARY_ENABLED`                        | From GitLab 11.0, this variable can be used to define a [deploy policy for canary environments](#deploy-policy-for-canary-environments-premium). |
-| `INCREMENTAL_ROLLOUT_MODE`              | From GitLab 11.4, this variable, if present, can be used to enable an [incremental rollout](#incremental-rollout-to-production-premium) of your application for the production environment. Set to `manual` for manual deployment jobs or `timed` for automatic rollout deployments with a 5 minute delay each one. |
-| `TEST_DISABLED`                         | From GitLab 11.0, this variable can be used to disable the `test` job. If the variable is present, the job will not be created. |
-| `CODE_QUALITY_DISABLED`                 | From GitLab 11.0, this variable can be used to disable the `codequality` job. If the variable is present, the job will not be created. |
-| `LICENSE_MANAGEMENT_DISABLED`           | From GitLab 11.0, this variable can be used to disable the `license_management` job. If the variable is present, the job will not be created. |
-| `SAST_DISABLED`                         | From GitLab 11.0, this variable can be used to disable the `sast` job. If the variable is present, the job will not be created. |
-| `DEPENDENCY_SCANNING_DISABLED`          | From GitLab 11.0, this variable can be used to disable the `dependency_scanning` job. If the variable is present, the job will not be created. |
-| `CONTAINER_SCANNING_DISABLED`           | From GitLab 11.0, this variable can be used to disable the `sast:container` job. If the variable is present, the job will not be created. |
-| `REVIEW_DISABLED`                       | From GitLab 11.0, this variable can be used to disable the `review` and the manual `review:stop` job. If the variable is present, these jobs will not be created. |
-| `DAST_DISABLED`                         | From GitLab 11.0, this variable can be used to disable the `dast` job. If the variable is present, the job will not be created. |
-| `PERFORMANCE_DISABLED`                  | From GitLab 11.0, this variable can be used to disable the `performance` job. If the variable is present, the job will not be created. |
+| `AUTO_DEVOPS_CHART`                     | Helm Chart used to deploy your apps. Defaults to the one [provided by GitLab](https://gitlab.com/gitlab-org/charts/auto-deploy-app). |
+| `AUTO_DEVOPS_CHART_REPOSITORY`          | Helm Chart repository used to search for charts. Defaults to `https://charts.gitlab.io`. |
+| `AUTO_DEVOPS_CHART_REPOSITORY_NAME`     | From Gitlab 11.11, used to set the name of the helm repository. Defaults to `gitlab`. |
+| `AUTO_DEVOPS_CHART_REPOSITORY_USERNAME` | From Gitlab 11.11, used to set a username to connect to the helm repository. Defaults to no credentials. Also set `AUTO_DEVOPS_CHART_REPOSITORY_PASSWORD`. |
+| `AUTO_DEVOPS_CHART_REPOSITORY_PASSWORD` | From Gitlab 11.11, used to set a password to connect to the helm repository. Defaults to no credentials. Also set `AUTO_DEVOPS_CHART_REPOSITORY_USERNAME`. |
+| `BUILDPACK_URL`                         | Buildpack's full URL. Can point to either Git repositories or a tarball URL. For Git repositories, it is possible to point to a specific `ref`. For example `https://github.com/heroku/heroku-buildpack-ruby.git#v142`. |
+| `CANARY_ENABLED`                        | From GitLab 11.0, used to define a [deploy policy for canary environments](#deploy-policy-for-canary-environments-premium). |
+| `CANARY_PRODUCTION_REPLICAS`            | Number of canary replicas to deploy for [Canary Deployments](../../user/project/canary_deployments.md) in the production environment. Takes precedence over `CANARY_REPLICAS`. Defaults to 1. |
+| `CANARY_REPLICAS`                       | Number of canary replicas to deploy for [Canary Deployments](../../user/project/canary_deployments.md). Defaults to 1. |
+| `HELM_RELEASE_NAME`                     | From GitLab 12.1, allows the `helm` release name to be overridden. Can be used to assign unique release names when deploying multiple projects to a single namespace. |
+| `HELM_UPGRADE_EXTRA_ARGS`               | From GitLab 11.11, allows extra arguments in `helm` commands when deploying the application. Note that using quotes will not prevent word splitting. **Tip:** you can use this variable to [customize the Auto Deploy helm chart](#custom-helm-chart) by applying custom override values with `--values my-values.yaml`. |
+| `INCREMENTAL_ROLLOUT_MODE`              | From GitLab 11.4, if present, can be used to enable an [incremental rollout](#incremental-rollout-to-production-premium) of your application for the production environment. Set to `manual` for manual deployment jobs or `timed` for automatic rollout deployments with a 5 minute delay each one. |
 | `K8S_SECRET_*`                          | From GitLab 11.7, any variable prefixed with [`K8S_SECRET_`](#application-secret-variables) will be made available by Auto DevOps as environment variables to the deployed application. |
-| `KUBE_INGRESS_BASE_DOMAIN`              | From GitLab 11.8, this variable can be used to set a domain per cluster. See [cluster domains](../../user/project/clusters/index.md#base-domain) for more information. |
-| `ROLLOUT_RESOURCE_TYPE`                 | From GitLab 11.9, this variable allows specification of the resource type being deployed when using a custom helm chart. Default value is `deployment`. |
-| `ROLLOUT_STATUS_DISABLED`               | From GitLab 12.0, this variable allows to disable rollout status check because it doesn't support all resource types, for example, `cronjob`. |
-| `HELM_UPGRADE_EXTRA_ARGS`               | From GitLab 11.11, this variable allows extra arguments in `helm` commands when deploying the application. Note that using quotes will not prevent word splitting. **Tip:** you can use this variable to [customize the Auto Deploy helm chart](#custom-helm-chart) by applying custom override values with `--values my-values.yaml`. |
-| `HELM_RELEASE_NAME`                     | From GitLab 12.1, this variable allows the `helm` release name to be overridden, this can be used to assign unique release names when deploying multiple projects to a single namespace. |
+| `KUBE_INGRESS_BASE_DOMAIN`              | From GitLab 11.8, can be used to set a domain per cluster. See [cluster domains](../../user/project/clusters/index.md#base-domain) for more information. |
+| `PRODUCTION_REPLICAS`                   | Number of replicas to deploy in the production environment. Takes precedence over `REPLICAS` and defaults to 1. For zero downtime upgrades, set to 2 or greater. |
+| `REPLICAS`                              | Number of replicas to deploy. Defaults to 1. |
+| `ROLLOUT_RESOURCE_TYPE`                 | From GitLab 11.9, allows specification of the resource type being deployed when using a custom helm chart. Default value is `deployment`. |
+| `ROLLOUT_STATUS_DISABLED`               | From GitLab 12.0, used to disable rollout status check because it doesn't support all resource types, for example, `cronjob`. |
+| `STAGING_ENABLED`                       | From GitLab 10.8, used to define a [deploy policy for staging and production environments](#deploy-policy-for-staging-and-production-environments). |
 
 TIP: **Tip:**
 Set up the replica variables using a
@@ -773,6 +760,42 @@ You should *not* scale your application using Kubernetes directly. This can
 cause confusion with Helm not detecting the change, and subsequent deploys with
 Auto DevOps can undo your changes.
 
+#### Database
+
+The following table lists variables related to the database.
+
+| **Variable**                            | **Description**                    |
+| `DB_INITIALIZE`                         | From GitLab 11.4, used to specify the command to run to initialize the application's PostgreSQL database. Runs inside the application pod. |
+| `DB_MIGRATE`                            | From GitLab 11.4, used to specify the command to run to migrate the application's PostgreSQL database. Runs inside the application pod. |
+| `POSTGRES_ENABLED`                      | Whether PostgreSQL is enabled. Defaults to `"true"`. Set to `false` to disable the automatic deployment of PostgreSQL. |
+| `POSTGRES_USER`                         | The PostgreSQL user. Defaults to `user`. Set it to use a custom username. |
+| `POSTGRES_PASSWORD`                     | The PostgreSQL password. Defaults to `testing-password`. Set it to use a custom password. |
+| `POSTGRES_DB`                           | The PostgreSQL database name. Defaults to the value of [`$CI_ENVIRONMENT_SLUG`](../../ci/variables/README.md#predefined-environment-variables). Set it to use a custom database name. |
+| `POSTGRES_VERSION`                      | Tag for the [`postgres` Docker image](https://hub.docker.com/_/postgres) to use. Defaults to `9.6.2`. |
+
+#### Security tools
+
+The following table lists variables related to security tools.
+
+| **Variable**                            | **Description**                    |
+| `SAST_CONFIDENCE_LEVEL`                 | Minimum confidence level of security issues you want to be reported; `1` for Low, `2` for Medium, `3` for High. Defaults to `3`. |
+| `DS_DISABLE_REMOTE_CHECKS`              | Whether remote Dependency Scanning checks are disabled. Defaults to `"false"`. Set to `"true"` to disable checks that send data to GitLab central servers. [Read more about remote checks](../../user/application_security/dependency_scanning/index.md#remote-checks). |
+
+#### Disable jobs
+
+The following table lists variables used to disable jobs.
+
+| **Variable**                            | **Description**                    |
+| `CODE_QUALITY_DISABLED`                 | From GitLab 11.0, used to disable the `codequality` job. If the variable is present, the job will not be created. |
+| `CONTAINER_SCANNING_DISABLED`           | From GitLab 11.0, used to disable the `sast:container` job. If the variable is present, the job will not be created. |
+| `DAST_DISABLED`                         | From GitLab 11.0, used to disable the `dast` job. If the variable is present, the job will not be created. |
+| `DEPENDENCY_SCANNING_DISABLED`          | From GitLab 11.0, used to disable the `dependency_scanning` job. If the variable is present, the job will not be created. |
+| `LICENSE_MANAGEMENT_DISABLED`           | From GitLab 11.0, used to disable the `license_management` job. If the variable is present, the job will not be created. |
+| `PERFORMANCE_DISABLED`                  | From GitLab 11.0, used to disable the `performance` job. If the variable is present, the job will not be created. |
+| `REVIEW_DISABLED`                       | From GitLab 11.0, used to disable the `review` and the manual `review:stop` job. If the variable is present, these jobs will not be created. |
+| `SAST_DISABLED`                         | From GitLab 11.0, used to disable the `sast` job. If the variable is present, the job will not be created. |
+| `TEST_DISABLED`                         | From GitLab 11.0, used to disable the `test` job. If the variable is present, the job will not be created. |
+
 #### Application secret variables
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/49056) in GitLab 11.7.
-- 
cgit v1.2.1


From defe2eaa80ae1635747acaa875579267bc43a316 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Fri, 26 Jul 2019 19:54:00 +0200
Subject: Document Code Quality potential security flaw

---
 doc/ci/examples/code_quality.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/doc/ci/examples/code_quality.md b/doc/ci/examples/code_quality.md
index 43f773dab7c..e63470ec9d9 100644
--- a/doc/ci/examples/code_quality.md
+++ b/doc/ci/examples/code_quality.md
@@ -34,6 +34,12 @@ For [GitLab Starter][ee] users, this information will be automatically
 extracted and shown right in the merge request widget.
 [Learn more on Code Quality in merge requests](../../user/project/merge_requests/code_quality.md).
 
+CAUTION: **Caution:**
+On self-managed instances, if a malicious actor compromises the Code Quality job
+definition they will be able to execute privileged docker commands on the Runner
+host. Having proper access control policies mitigates this attack vector by
+allowing access only to trusted actors.
+
 ## Previous job definitions
 
 CAUTION: **Caution:**
-- 
cgit v1.2.1


From 4a648828fc5716dc8f204b957ffbd7397c661676 Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Mon, 29 Jul 2019 10:23:29 +0000
Subject: Fix deploy example and other fixes

---
 doc/topics/autodevops/index.md     |  4 ++++
 doc/user/project/clusters/index.md | 31 ++++++++++++++++++-------------
 2 files changed, 22 insertions(+), 13 deletions(-)

diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md
index 9b291c1bc10..1687a3aee72 100644
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -87,6 +87,10 @@ Auto DevOps provides great defaults for all the stages; you can, however,
 
 For an overview on the creation of Auto DevOps, read the blog post [From 2/3 of the Self-Hosted Git Market, to the Next-Generation CI System, to Auto DevOps](https://about.gitlab.com/2017/06/29/whats-next-for-gitlab-ci/).
 
+NOTE: **Note**
+Kubernetes clusters can [be used without](../../user/project/clusters/index.md)
+Auto DevOps.
+
 ## Requirements
 
 To make full use of Auto DevOps, you will need:
diff --git a/doc/user/project/clusters/index.md b/doc/user/project/clusters/index.md
index 670dde6bb00..918944d72a1 100644
--- a/doc/user/project/clusters/index.md
+++ b/doc/user/project/clusters/index.md
@@ -1,11 +1,10 @@
 # Kubernetes clusters
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/35954) for
->   projects in GitLab 10.1.
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/34758) for
->   [groups](../../group/clusters/index.md) in GitLab 11.6.
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/39840) for
->   [instances](../../instance/clusters/index.md) in GitLab 11.11.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/35954) in GitLab 10.1 for projects.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/34758) in
+>   GitLab 11.6 for [groups](../../group/clusters/index.md).
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/39840) in
+>   GitLab 11.11 for [instances](../../instance/clusters/index.md).
 
 GitLab provides many features with a Kubernetes integration. Kubernetes can be
 integrated with projects, but also:
@@ -76,6 +75,9 @@ you will need the Kubernetes project integration enabled.
 
 [Read more about Auto DevOps](../../../topics/autodevops/index.md)
 
+NOTE: **Note**
+Kubernetes clusters can be used without Auto DevOps.
+
 ### Web terminals
 
 NOTE: **Note:**
@@ -477,10 +479,10 @@ For example, let's say the following Kubernetes clusters exist in a project:
 | Cluster     | Environment scope |
 | ----------- | ----------------- |
 | Development | `*`               |
-| Staging     | `staging`         |
 | Production  | `production`      |
 
-And the following environments are set in [`.gitlab-ci.yml`](../../../ci/yaml/README.md):
+And the following environments are set in
+[`.gitlab-ci.yml`](../../../ci/yaml/README.md):
 
 ```yaml
 stages:
@@ -508,9 +510,12 @@ deploy to production:
 
 The result will then be:
 
-- The development cluster will be used for the "test" job.
-- The staging cluster will be used for the "deploy to staging" job.
-- The production cluster will be used for the "deploy to production" job.
+- The Development cluster details will be available in the `deploy to staging`
+  job.
+- The production cluster details will be available in the `deploy to production`
+  job.
+- No cluster details will be available in the `test` job because it doesn't
+  define any environment.
 
 ### Multiple Kubernetes clusters **(PREMIUM)**
 
@@ -615,8 +620,8 @@ use an A record. If your external endpoint is a hostname, use a CNAME record.
 
 ## Deploying to a Kubernetes cluster
 
-A Kubernetes cluster can be the destination for a deployment job, using
-special [deployment variables](#deployment-variables).
+A Kubernetes cluster can be the destination for a deployment job using special
+[deployment variables](#deployment-variables).
 
 ### Deployment variables
 
-- 
cgit v1.2.1


From 2869b94508309f359dbade6a04b32be15a77007d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cindy=20Pallares=20=F0=9F=A6=89?= <cindy@gitlab.com>
Date: Mon, 29 Jul 2019 10:26:49 +0000
Subject: Update IP access restriction docs

---
 doc/user/group/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/group/index.md b/doc/user/group/index.md
index 14c831fe671..98e1c654d0e 100644
--- a/doc/user/group/index.md
+++ b/doc/user/group/index.md
@@ -331,7 +331,7 @@ This will disable the option for all users who previously had permissions to
 operate project memberships, so no new users can be added. Furthermore, any
 request to add a new user to a project through API will not be possible.
 
-#### IP access restriction **(ULTIMATE)**
+#### IP access restriction **(ULTIMATE ONLY)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/1985) in
 [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.0.
-- 
cgit v1.2.1


From 988dc80585c6e52970e94f22dff6bc1e4c786e9e Mon Sep 17 00:00:00 2001
From: Andreas Brandl <abrandl@gitlab.com>
Date: Wed, 24 Jul 2019 15:59:55 +0200
Subject: Further remove code branches by database type

We dropped MySQL support and a lot of mysql specific code has been
removed in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/29608.

This comes in from the other direction and removes any `if postgresql?`
branches.
---
 app/finders/issuable_finder.rb                     |  1 -
 app/finders/members_finder.rb                      | 41 +++---------
 app/models/merge_request.rb                        |  9 +--
 app/models/milestone.rb                            | 27 ++------
 app/models/redirect_route.rb                       |  6 +-
 app/services/cohorts_service.rb                    |  6 +-
 .../projects/base_move_relations_service.rb        |  9 +--
 .../projects/fetch_statistics_increment_service.rb |  7 +-
 app/workers/background_migration_worker.rb         |  2 -
 .../background_migration/migrate_stage_index.rb    | 42 +++++-------
 .../prepare_untracked_uploads.rb                   |  8 +--
 .../remove_restricted_todos.rb                     | 17 +----
 lib/gitlab/ci/charts.rb                            | 14 ++--
 lib/gitlab/contributions_calendar.rb               |  6 +-
 lib/gitlab/database.rb                             |  9 +--
 lib/gitlab/database/grant.rb                       | 50 ++++----------
 lib/gitlab/database/median.rb                      |  2 -
 lib/gitlab/database/migration_helpers.rb           |  2 -
 lib/gitlab/database/sha_attribute.rb               | 11 +--
 lib/gitlab/health_checks/db_check.rb               |  6 +-
 lib/gitlab/sherlock/query.rb                       |  7 +-
 lib/tasks/gitlab/setup.rake                        |  2 -
 spec/features/admin/dashboard_spec.rb              |  6 +-
 spec/finders/issues_finder_spec.rb                 | 13 ----
 spec/lib/gitlab/database/sha_attribute_spec.rb     |  6 +-
 spec/lib/gitlab/database_spec.rb                   | 78 +++++-----------------
 spec/models/project_feature_spec.rb                |  6 +-
 27 files changed, 90 insertions(+), 303 deletions(-)

diff --git a/app/finders/issuable_finder.rb b/app/finders/issuable_finder.rb
index f4fbeacfaba..1773ac2d508 100644
--- a/app/finders/issuable_finder.rb
+++ b/app/finders/issuable_finder.rb
@@ -320,7 +320,6 @@ class IssuableFinder
   def use_cte_for_search?
     strong_memoize(:use_cte_for_search) do
       next false unless search
-      next false unless Gitlab::Database.postgresql?
       # Only simple unsorted & simple sorts can use CTE
       next false if params[:sort].present? && !params[:sort].in?(klass.simple_sorts.keys)
 
diff --git a/app/finders/members_finder.rb b/app/finders/members_finder.rb
index 917de249104..f730b015c0a 100644
--- a/app/finders/members_finder.rb
+++ b/app/finders/members_finder.rb
@@ -59,35 +59,16 @@ class MembersFinder
   def distinct_on(union)
     # We're interested in a list of members without duplicates by user_id.
     # We prefer project members over group members, project members should go first.
-    if Gitlab::Database.postgresql?
-      <<~SQL
-          SELECT DISTINCT ON (user_id, invite_email) member_union.*
-          FROM (#{union.to_sql}) AS member_union
-          ORDER BY user_id,
-            invite_email,
-            CASE
-              WHEN type = 'ProjectMember' THEN 1
-              WHEN type = 'GroupMember' THEN 2
-              ELSE 3
-            END
-      SQL
-    else
-      # Older versions of MySQL do not support window functions (and DISTINCT ON is postgres-specific).
-      <<~SQL
-          SELECT t1.*
-          FROM (#{union.to_sql}) AS t1
-          JOIN (
-            SELECT
-              COALESCE(user_id, -1) AS user_id,
-              COALESCE(invite_email, 'NULL') AS invite_email,
-              MIN(CASE WHEN type = 'ProjectMember' THEN 1 WHEN type = 'GroupMember' THEN 2 ELSE 3 END) AS type_number
-            FROM
-            (#{union.to_sql}) AS t3
-            GROUP BY COALESCE(user_id, -1), COALESCE(invite_email, 'NULL')
-          ) AS t2 ON COALESCE(t1.user_id, -1) = t2.user_id
-                 AND COALESCE(t1.invite_email, 'NULL') = t2.invite_email
-                 AND CASE WHEN t1.type = 'ProjectMember' THEN 1 WHEN t1.type = 'GroupMember' THEN 2 ELSE 3 END = t2.type_number
-      SQL
-    end
+    <<~SQL
+        SELECT DISTINCT ON (user_id, invite_email) member_union.*
+        FROM (#{union.to_sql}) AS member_union
+        ORDER BY user_id,
+          invite_email,
+          CASE
+            WHEN type = 'ProjectMember' THEN 1
+            WHEN type = 'GroupMember' THEN 2
+            ELSE 3
+          END
+    SQL
   end
 end
diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb
index 68e6e48fb7d..8ade91933a4 100644
--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -1249,15 +1249,8 @@ class MergeRequest < ApplicationRecord
   end
 
   def all_commits
-    # MySQL doesn't support LIMIT in a subquery.
-    diffs_relation = if Gitlab::Database.postgresql?
-                       merge_request_diffs.recent
-                     else
-                       merge_request_diffs
-                     end
-
     MergeRequestDiffCommit
-      .where(merge_request_diff: diffs_relation)
+      .where(merge_request_diff: merge_request_diffs.recent)
       .limit(10_000)
   end
 
diff --git a/app/models/milestone.rb b/app/models/milestone.rb
index 37c129e843a..2ad2838111e 100644
--- a/app/models/milestone.rb
+++ b/app/models/milestone.rb
@@ -149,29 +149,10 @@ class Milestone < ApplicationRecord
   end
 
   def self.upcoming_ids(projects, groups)
-    rel = unscoped
-            .for_projects_and_groups(projects, groups)
-            .active.where('milestones.due_date > CURRENT_DATE')
-
-    if Gitlab::Database.postgresql?
-      rel.order(:project_id, :group_id, :due_date).select('DISTINCT ON (project_id, group_id) id')
-    else
-      # We need to use MySQL's NULL-safe comparison operator `<=>` here
-      # because one of `project_id` or `group_id` is always NULL
-      join_clause = <<~HEREDOC
-        LEFT OUTER JOIN milestones earlier_milestones
-          ON milestones.project_id <=> earlier_milestones.project_id
-            AND milestones.group_id <=> earlier_milestones.group_id
-            AND milestones.due_date > earlier_milestones.due_date
-            AND earlier_milestones.due_date > CURRENT_DATE
-            AND earlier_milestones.state = 'active'
-      HEREDOC
-
-      rel
-        .joins(join_clause)
-        .where('earlier_milestones.id IS NULL')
-        .select(:id)
-    end
+    unscoped
+      .for_projects_and_groups(projects, groups)
+      .active.where('milestones.due_date > CURRENT_DATE')
+      .order(:project_id, :group_id, :due_date).select('DISTINCT ON (project_id, group_id) id')
   end
 
   def participants
diff --git a/app/models/redirect_route.rb b/app/models/redirect_route.rb
index 2e4769364c6..22f60802257 100644
--- a/app/models/redirect_route.rb
+++ b/app/models/redirect_route.rb
@@ -11,11 +11,7 @@ class RedirectRoute < ApplicationRecord
     uniqueness: { case_sensitive: false }
 
   scope :matching_path_and_descendants, -> (path) do
-    wheres = if Gitlab::Database.postgresql?
-               'LOWER(redirect_routes.path) = LOWER(?) OR LOWER(redirect_routes.path) LIKE LOWER(?)'
-             else
-               'redirect_routes.path = ? OR redirect_routes.path LIKE ?'
-             end
+    wheres = 'LOWER(redirect_routes.path) = LOWER(?) OR LOWER(redirect_routes.path) LIKE LOWER(?)'
 
     where(wheres, path, "#{sanitize_sql_like(path)}/%")
   end
diff --git a/app/services/cohorts_service.rb b/app/services/cohorts_service.rb
index 6d466c2fc9c..97fbb70f350 100644
--- a/app/services/cohorts_service.rb
+++ b/app/services/cohorts_service.rb
@@ -95,10 +95,6 @@ class CohortsService
   # rubocop: enable CodeReuse/ActiveRecord
 
   def column_to_date(column)
-    if Gitlab::Database.postgresql?
-      "CAST(DATE_TRUNC('month', #{column}) AS date)"
-    else
-      "STR_TO_DATE(DATE_FORMAT(#{column}, '%Y-%m-01'), '%Y-%m-%d')"
-    end
+    "CAST(DATE_TRUNC('month', #{column}) AS date)"
   end
 end
diff --git a/app/services/projects/base_move_relations_service.rb b/app/services/projects/base_move_relations_service.rb
index 24dec1f3a45..b177837214d 100644
--- a/app/services/projects/base_move_relations_service.rb
+++ b/app/services/projects/base_move_relations_service.rb
@@ -13,14 +13,9 @@ module Projects
 
     private
 
-    # rubocop: disable CodeReuse/ActiveRecord
     def prepare_relation(relation, id_param = :id)
-      if Gitlab::Database.postgresql?
-        relation
-      else
-        relation.model.where("#{id_param}": relation.pluck(id_param))
-      end
+      # TODO: Refactor and remove this method (https://gitlab.com/gitlab-org/gitlab-ce/issues/65054)
+      relation
     end
-    # rubocop: enable CodeReuse/ActiveRecord
   end
 end
diff --git a/app/services/projects/fetch_statistics_increment_service.rb b/app/services/projects/fetch_statistics_increment_service.rb
index 8644e6bf313..b150fd2d9f1 100644
--- a/app/services/projects/fetch_statistics_increment_service.rb
+++ b/app/services/projects/fetch_statistics_increment_service.rb
@@ -12,14 +12,9 @@ module Projects
       increment_fetch_count_sql = <<~SQL
         INSERT INTO #{table_name} (project_id, date, fetch_count)
         VALUES (#{project.id}, '#{Date.today}', 1)
+        ON CONFLICT (project_id, date) DO UPDATE SET fetch_count = #{table_name}.fetch_count + 1
       SQL
 
-      increment_fetch_count_sql += if Gitlab::Database.postgresql?
-                                     "ON CONFLICT (project_id, date) DO UPDATE SET fetch_count = #{table_name}.fetch_count + 1"
-                                   else
-                                     "ON DUPLICATE KEY UPDATE fetch_count = #{table_name}.fetch_count + 1"
-                                   end
-
       ActiveRecord::Base.connection.execute(increment_fetch_count_sql)
     end
 
diff --git a/app/workers/background_migration_worker.rb b/app/workers/background_migration_worker.rb
index 688b600649a..b83412b5e6e 100644
--- a/app/workers/background_migration_worker.rb
+++ b/app/workers/background_migration_worker.rb
@@ -76,8 +76,6 @@ class BackgroundMigrationWorker
   # class_name - The name of the background migration that we might want to
   #              run.
   def healthy_database?
-    return true unless Gitlab::Database.postgresql?
-
     !Postgresql::ReplicationSlot.lag_too_great?
   end
 
diff --git a/lib/gitlab/background_migration/migrate_stage_index.rb b/lib/gitlab/background_migration/migrate_stage_index.rb
index f921233460d..55608529cee 100644
--- a/lib/gitlab/background_migration/migrate_stage_index.rb
+++ b/lib/gitlab/background_migration/migrate_stage_index.rb
@@ -13,34 +13,22 @@ module Gitlab
       private
 
       def migrate_stage_index_sql(start_id, stop_id)
-        if Gitlab::Database.postgresql?
-          <<~SQL
-            WITH freqs AS (
-              SELECT stage_id, stage_idx, COUNT(*) AS freq FROM ci_builds
-                WHERE stage_id BETWEEN #{start_id} AND #{stop_id}
-                  AND stage_idx IS NOT NULL
-                GROUP BY stage_id, stage_idx
-            ), indexes AS (
-              SELECT DISTINCT stage_id, first_value(stage_idx)
-                OVER (PARTITION BY stage_id ORDER BY freq DESC) AS index
-                FROM freqs
-            )
+        <<~SQL
+          WITH freqs AS (
+            SELECT stage_id, stage_idx, COUNT(*) AS freq FROM ci_builds
+              WHERE stage_id BETWEEN #{start_id} AND #{stop_id}
+                AND stage_idx IS NOT NULL
+              GROUP BY stage_id, stage_idx
+          ), indexes AS (
+            SELECT DISTINCT stage_id, first_value(stage_idx)
+              OVER (PARTITION BY stage_id ORDER BY freq DESC) AS index
+              FROM freqs
+          )
 
-            UPDATE ci_stages SET position = indexes.index
-              FROM indexes WHERE indexes.stage_id = ci_stages.id
-                AND ci_stages.position IS NULL;
-          SQL
-        else
-          <<~SQL
-            UPDATE ci_stages
-              SET position =
-                (SELECT stage_idx FROM ci_builds
-                  WHERE ci_builds.stage_id = ci_stages.id
-                  GROUP BY ci_builds.stage_idx ORDER BY COUNT(*) DESC LIMIT 1)
-            WHERE ci_stages.id BETWEEN #{start_id} AND #{stop_id}
-              AND ci_stages.position IS NULL
-          SQL
-        end
+          UPDATE ci_stages SET position = indexes.index
+            FROM indexes WHERE indexes.stage_id = ci_stages.id
+              AND ci_stages.position IS NULL;
+        SQL
       end
     end
   end
diff --git a/lib/gitlab/background_migration/prepare_untracked_uploads.rb b/lib/gitlab/background_migration/prepare_untracked_uploads.rb
index 806c3a7a369..2ac51dd7b55 100644
--- a/lib/gitlab/background_migration/prepare_untracked_uploads.rb
+++ b/lib/gitlab/background_migration/prepare_untracked_uploads.rb
@@ -147,19 +147,13 @@ module Gitlab
         "#{UntrackedFile.table_name} (path) VALUES #{values}"
       end
 
-      def postgresql?
-        strong_memoize(:postgresql) do
-          Gitlab::Database.postgresql?
-        end
-      end
-
       def can_bulk_insert_and_ignore_duplicates?
         !postgresql_pre_9_5?
       end
 
       def postgresql_pre_9_5?
         strong_memoize(:postgresql_pre_9_5) do
-          postgresql? && Gitlab::Database.version.to_f < 9.5
+          Gitlab::Database.version.to_f < 9.5
         end
       end
 
diff --git a/lib/gitlab/background_migration/remove_restricted_todos.rb b/lib/gitlab/background_migration/remove_restricted_todos.rb
index 47579d46c1b..9ef6d8654ae 100644
--- a/lib/gitlab/background_migration/remove_restricted_todos.rb
+++ b/lib/gitlab/background_migration/remove_restricted_todos.rb
@@ -50,14 +50,7 @@ module Gitlab
       private
 
       def remove_non_members_todos(project_id)
-        if Gitlab::Database.postgresql?
-          batch_remove_todos_cte(project_id)
-        else
-          unauthorized_project_todos(project_id)
-            .each_batch(of: 5000) do |batch|
-              batch.delete_all
-            end
-        end
+        batch_remove_todos_cte(project_id)
       end
 
       def remove_confidential_issue_todos(project_id)
@@ -90,13 +83,7 @@ module Gitlab
 
           next if target_types.empty?
 
-          if Gitlab::Database.postgresql?
-            batch_remove_todos_cte(project_id, target_types)
-          else
-            unauthorized_project_todos(project_id)
-              .where(target_type: target_types)
-              .delete_all
-          end
+          batch_remove_todos_cte(project_id, target_types)
         end
       end
 
diff --git a/lib/gitlab/ci/charts.rb b/lib/gitlab/ci/charts.rb
index 7cabaadb122..3fbfdffe277 100644
--- a/lib/gitlab/ci/charts.rb
+++ b/lib/gitlab/ci/charts.rb
@@ -21,16 +21,10 @@ module Gitlab
       module MonthlyInterval
         # rubocop: disable CodeReuse/ActiveRecord
         def grouped_count(query)
-          if Gitlab::Database.postgresql?
-            query
-              .group("to_char(#{::Ci::Pipeline.table_name}.created_at, '01 Month YYYY')")
-              .count(:created_at)
-              .transform_keys(&:squish)
-          else
-            query
-              .group("DATE_FORMAT(#{::Ci::Pipeline.table_name}.created_at, '01 %M %Y')")
-              .count(:created_at)
-          end
+          query
+            .group("to_char(#{::Ci::Pipeline.table_name}.created_at, '01 Month YYYY')")
+            .count(:created_at)
+            .transform_keys(&:squish)
         end
         # rubocop: enable CodeReuse/ActiveRecord
 
diff --git a/lib/gitlab/contributions_calendar.rb b/lib/gitlab/contributions_calendar.rb
index f7d046600e8..5b0b91de5da 100644
--- a/lib/gitlab/contributions_calendar.rb
+++ b/lib/gitlab/contributions_calendar.rb
@@ -84,11 +84,7 @@ module Gitlab
         .and(t[:created_at].lteq(Date.current.end_of_day))
         .and(t[:author_id].eq(contributor.id))
 
-      date_interval = if Gitlab::Database.postgresql?
-                        "INTERVAL '#{Time.zone.now.utc_offset} seconds'"
-                      else
-                        "INTERVAL #{Time.zone.now.utc_offset} SECOND"
-                      end
+      date_interval = "INTERVAL '#{Time.zone.now.utc_offset} seconds'"
 
       Event.reorder(nil)
         .select(t[:project_id], t[:target_type], t[:action], "date(created_at + #{date_interval}) AS date", 'count(id) as total_amount')
diff --git a/lib/gitlab/database.rb b/lib/gitlab/database.rb
index eef63536de4..cbdff0ab060 100644
--- a/lib/gitlab/database.rb
+++ b/lib/gitlab/database.rb
@@ -46,6 +46,7 @@ module Gitlab
       end
     end
 
+    # @deprecated
     def self.postgresql?
       adapter_name.casecmp('postgresql').zero?
     end
@@ -79,19 +80,19 @@ module Gitlab
     end
 
     def self.postgresql_9_or_less?
-      postgresql? && version.to_f < 10
+      version.to_f < 10
     end
 
     def self.join_lateral_supported?
-      postgresql? && version.to_f >= 9.3
+      version.to_f >= 9.3
     end
 
     def self.replication_slots_supported?
-      postgresql? && version.to_f >= 9.4
+      version.to_f >= 9.4
     end
 
     def self.postgresql_minimum_supported_version?
-      postgresql? && version.to_f >= 9.6
+      version.to_f >= 9.6
     end
 
     # map some of the function names that changed between PostgreSQL 9 and 10
diff --git a/lib/gitlab/database/grant.rb b/lib/gitlab/database/grant.rb
index 26adf4e221b..1f47f320a29 100644
--- a/lib/gitlab/database/grant.rb
+++ b/lib/gitlab/database/grant.rb
@@ -6,47 +6,25 @@ module Gitlab
     class Grant < ActiveRecord::Base
       include FromUnion
 
-      self.table_name =
-        if Database.postgresql?
-          'information_schema.role_table_grants'
-        else
-          'information_schema.schema_privileges'
-        end
+      self.table_name = 'information_schema.role_table_grants'
 
       # Returns true if the current user can create and execute triggers on the
       # given table.
       def self.create_and_execute_trigger?(table)
-        if Database.postgresql?
-          # We _must not_ use quote_table_name as this will produce double
-          # quotes on PostgreSQL and for "has_table_privilege" we need single
-          # quotes.
-          quoted_table = connection.quote(table)
-
-          begin
-            from(nil)
-              .pluck(Arel.sql("has_table_privilege(#{quoted_table}, 'TRIGGER')"))
-              .first
-          rescue ActiveRecord::StatementInvalid
-            # This error is raised when using a non-existing table name. In this
-            # case we just want to return false as a user technically can't
-            # create triggers for such a table.
-            false
-          end
-        else
-          queries = [
-            Grant.select(1)
-              .from('information_schema.user_privileges')
-              .where("PRIVILEGE_TYPE = 'SUPER'")
-              .where("GRANTEE = CONCAT('\\'', REPLACE(CURRENT_USER(), '@', '\\'@\\''), '\\'')"),
-
-            Grant.select(1)
-              .from('information_schema.schema_privileges')
-              .where("PRIVILEGE_TYPE = 'TRIGGER'")
-              .where('TABLE_SCHEMA = ?', Gitlab::Database.database_name)
-              .where("GRANTEE = CONCAT('\\'', REPLACE(CURRENT_USER(), '@', '\\'@\\''), '\\'')")
-          ]
+        # We _must not_ use quote_table_name as this will produce double
+        # quotes on PostgreSQL and for "has_table_privilege" we need single
+        # quotes.
+        quoted_table = connection.quote(table)
 
-          Grant.from_union(queries, alias_as: 'privs').any?
+        begin
+          from(nil)
+            .pluck(Arel.sql("has_table_privilege(#{quoted_table}, 'TRIGGER')"))
+            .first
+        rescue ActiveRecord::StatementInvalid
+          # This error is raised when using a non-existing table name. In this
+          # case we just want to return false as a user technically can't
+          # create triggers for such a table.
+          false
         end
       end
     end
diff --git a/lib/gitlab/database/median.rb b/lib/gitlab/database/median.rb
index 391c1e85a7d..603b125d8b4 100644
--- a/lib/gitlab/database/median.rb
+++ b/lib/gitlab/database/median.rb
@@ -137,8 +137,6 @@ module Gitlab
       end
 
       def extract_diff_epoch(diff)
-        return diff unless Gitlab::Database.postgresql?
-
         Arel.sql(%Q{EXTRACT(EPOCH FROM (#{diff.to_sql}))})
       end
 
diff --git a/lib/gitlab/database/migration_helpers.rb b/lib/gitlab/database/migration_helpers.rb
index 4bd09163bf2..9bba4f6ce1e 100644
--- a/lib/gitlab/database/migration_helpers.rb
+++ b/lib/gitlab/database/migration_helpers.rb
@@ -152,8 +152,6 @@ module Gitlab
 
       # Only available on Postgresql >= 9.2
       def supports_drop_index_concurrently?
-        return false unless Database.postgresql?
-
         version = select_one("SELECT current_setting('server_version_num') AS v")['v'].to_i
 
         version >= 90200
diff --git a/lib/gitlab/database/sha_attribute.rb b/lib/gitlab/database/sha_attribute.rb
index 109ae7893da..ddbabc9098e 100644
--- a/lib/gitlab/database/sha_attribute.rb
+++ b/lib/gitlab/database/sha_attribute.rb
@@ -2,14 +2,9 @@
 
 module Gitlab
   module Database
-    BINARY_TYPE =
-      if Gitlab::Database.postgresql?
-        # PostgreSQL defines its own class with slightly different
-        # behaviour from the default Binary type.
-        ActiveRecord::ConnectionAdapters::PostgreSQL::OID::Bytea
-      else
-        ActiveModel::Type::Binary
-      end
+    # PostgreSQL defines its own class with slightly different
+    # behaviour from the default Binary type.
+    BINARY_TYPE = ActiveRecord::ConnectionAdapters::PostgreSQL::OID::Bytea
 
     # Class for casting binary data to hexadecimal SHA1 hashes (and vice-versa).
     #
diff --git a/lib/gitlab/health_checks/db_check.rb b/lib/gitlab/health_checks/db_check.rb
index 2bcd25cd3cc..ec4b97eaca4 100644
--- a/lib/gitlab/health_checks/db_check.rb
+++ b/lib/gitlab/health_checks/db_check.rb
@@ -18,11 +18,7 @@ module Gitlab
 
         def check
           catch_timeout 10.seconds do
-            if Gitlab::Database.postgresql?
-              ActiveRecord::Base.connection.execute('SELECT 1 as ping')&.first&.[]('ping')&.to_s
-            else
-              ActiveRecord::Base.connection.execute('SELECT 1 as ping')&.first&.first&.to_s
-            end
+            ActiveRecord::Base.connection.execute('SELECT 1 as ping')&.first&.[]('ping')&.to_s
           end
         end
       end
diff --git a/lib/gitlab/sherlock/query.rb b/lib/gitlab/sherlock/query.rb
index 159ce27e702..cbd89b7629f 100644
--- a/lib/gitlab/sherlock/query.rb
+++ b/lib/gitlab/sherlock/query.rb
@@ -96,12 +96,7 @@ module Gitlab
       private
 
       def raw_explain(query)
-        explain =
-          if Gitlab::Database.postgresql?
-            "EXPLAIN ANALYZE #{query};"
-          else
-            "EXPLAIN #{query};"
-          end
+        explain = "EXPLAIN ANALYZE #{query};"
 
         ActiveRecord::Base.connection.execute(explain)
       end
diff --git a/lib/tasks/gitlab/setup.rake b/lib/tasks/gitlab/setup.rake
index e763de682f8..5d86d6e466c 100644
--- a/lib/tasks/gitlab/setup.rake
+++ b/lib/tasks/gitlab/setup.rake
@@ -45,8 +45,6 @@ namespace :gitlab do
   # method terminates all the connections so that a subsequent DROP
   # will work.
   def self.terminate_all_connections
-    return false unless Gitlab::Database.postgresql?
-
     cmd = <<~SQL
     SELECT pg_terminate_backend(pg_stat_activity.pid)
         FROM pg_stat_activity
diff --git a/spec/features/admin/dashboard_spec.rb b/spec/features/admin/dashboard_spec.rb
index 267a40dc2f8..e204e0a515d 100644
--- a/spec/features/admin/dashboard_spec.rb
+++ b/spec/features/admin/dashboard_spec.rb
@@ -17,10 +17,8 @@ describe 'admin visits dashboard' do
 
       # Make sure the fork_networks & fork_networks reltuples have been updated
       # to get a correct count on postgresql
-      if Gitlab::Database.postgresql?
-        ActiveRecord::Base.connection.execute('ANALYZE fork_networks')
-        ActiveRecord::Base.connection.execute('ANALYZE fork_network_members')
-      end
+      ActiveRecord::Base.connection.execute('ANALYZE fork_networks')
+      ActiveRecord::Base.connection.execute('ANALYZE fork_network_members')
 
       visit admin_root_path
 
diff --git a/spec/finders/issues_finder_spec.rb b/spec/finders/issues_finder_spec.rb
index 7fbe27c1939..879ff01f294 100644
--- a/spec/finders/issues_finder_spec.rb
+++ b/spec/finders/issues_finder_spec.rb
@@ -690,7 +690,6 @@ describe IssuesFinder do
     let(:finder) { described_class.new(nil, params) }
 
     before do
-      allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
       stub_feature_flags(attempt_group_search_optimizations: true)
     end
 
@@ -702,18 +701,6 @@ describe IssuesFinder do
       end
     end
 
-    context 'when the database is not Postgres' do
-      let(:params) { { search: 'foo', attempt_group_search_optimizations: true } }
-
-      before do
-        allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
-      end
-
-      it 'returns false' do
-        expect(finder.use_cte_for_search?).to be_falsey
-      end
-    end
-
     context 'when the force_cte param is falsey' do
       let(:params) { { search: 'foo' } }
 
diff --git a/spec/lib/gitlab/database/sha_attribute_spec.rb b/spec/lib/gitlab/database/sha_attribute_spec.rb
index 9dd80e0a229..c6fc55291f5 100644
--- a/spec/lib/gitlab/database/sha_attribute_spec.rb
+++ b/spec/lib/gitlab/database/sha_attribute_spec.rb
@@ -12,11 +12,7 @@ describe Gitlab::Database::ShaAttribute do
   end
 
   let(:binary_from_db) do
-    if Gitlab::Database.postgresql?
-      "\\x#{sha}"
-    else
-      binary_sha
-    end
+    "\\x#{sha}"
   end
 
   let(:attribute) { described_class.new }
diff --git a/spec/lib/gitlab/database_spec.rb b/spec/lib/gitlab/database_spec.rb
index bdc48934589..77e58b6d5c7 100644
--- a/spec/lib/gitlab/database_spec.rb
+++ b/spec/lib/gitlab/database_spec.rb
@@ -17,14 +17,6 @@ describe Gitlab::Database do
     it 'returns the name of the adapter' do
       expect(described_class.adapter_name).to be_an_instance_of(String)
     end
-  end
-
-  describe '.human_adapter_name' do
-    it 'returns PostgreSQL when using PostgreSQL' do
-      allow(described_class).to receive(:postgresql?).and_return(true)
-
-      expect(described_class.human_adapter_name).to eq('PostgreSQL')
-    end
 
     it 'returns Unknown when using anything else' do
       allow(described_class).to receive(:postgresql?).and_return(false)
@@ -33,6 +25,12 @@ describe Gitlab::Database do
     end
   end
 
+  describe '.human_adapter_name' do
+    it 'returns PostgreSQL when using PostgreSQL' do
+      expect(described_class.human_adapter_name).to eq('PostgreSQL')
+    end
+  end
+
   describe '.postgresql?' do
     subject { described_class.postgresql? }
 
@@ -65,21 +63,18 @@ describe Gitlab::Database do
   end
 
   describe '.postgresql_9_or_less?' do
-    it 'returns false when not using postgresql' do
-      allow(described_class).to receive(:postgresql?).and_return(false)
-
-      expect(described_class.postgresql_9_or_less?).to eq(false)
+    it 'returns true when using postgresql 8.4' do
+      allow(described_class).to receive(:version).and_return('8.4')
+      expect(described_class.postgresql_9_or_less?).to eq(true)
     end
 
     it 'returns true when using PostgreSQL 9.6' do
-      allow(described_class).to receive(:postgresql?).and_return(true)
       allow(described_class).to receive(:version).and_return('9.6')
 
       expect(described_class.postgresql_9_or_less?).to eq(true)
     end
 
     it 'returns false when using PostgreSQL 10 or newer' do
-      allow(described_class).to receive(:postgresql?).and_return(true)
       allow(described_class).to receive(:version).and_return('10')
 
       expect(described_class.postgresql_9_or_less?).to eq(false)
@@ -87,53 +82,33 @@ describe Gitlab::Database do
   end
 
   describe '.postgresql_minimum_supported_version?' do
-    it 'returns false when not using PostgreSQL' do
-      allow(described_class).to receive(:postgresql?).and_return(false)
+    it 'returns false when using PostgreSQL 9.5' do
+      allow(described_class).to receive(:version).and_return('9.5')
 
       expect(described_class.postgresql_minimum_supported_version?).to eq(false)
     end
 
-    context 'when using PostgreSQL' do
-      before do
-        allow(described_class).to receive(:postgresql?).and_return(true)
-      end
-
-      it 'returns false when using PostgreSQL 9.5' do
-        allow(described_class).to receive(:version).and_return('9.5')
-
-        expect(described_class.postgresql_minimum_supported_version?).to eq(false)
-      end
-
-      it 'returns true when using PostgreSQL 9.6' do
-        allow(described_class).to receive(:version).and_return('9.6')
+    it 'returns true when using PostgreSQL 9.6' do
+      allow(described_class).to receive(:version).and_return('9.6')
 
-        expect(described_class.postgresql_minimum_supported_version?).to eq(true)
-      end
+      expect(described_class.postgresql_minimum_supported_version?).to eq(true)
+    end
 
-      it 'returns true when using PostgreSQL 10 or newer' do
-        allow(described_class).to receive(:version).and_return('10')
+    it 'returns true when using PostgreSQL 10 or newer' do
+      allow(described_class).to receive(:version).and_return('10')
 
-        expect(described_class.postgresql_minimum_supported_version?).to eq(true)
-      end
+      expect(described_class.postgresql_minimum_supported_version?).to eq(true)
     end
   end
 
   describe '.join_lateral_supported?' do
-    it 'returns false when not using postgresql' do
-      allow(described_class).to receive(:postgresql?).and_return(false)
-
-      expect(described_class.join_lateral_supported?).to eq(false)
-    end
-
     it 'returns false when using PostgreSQL 9.2' do
-      allow(described_class).to receive(:postgresql?).and_return(true)
       allow(described_class).to receive(:version).and_return('9.2.1')
 
       expect(described_class.join_lateral_supported?).to eq(false)
     end
 
     it 'returns true when using PostgreSQL 9.3.0 or newer' do
-      allow(described_class).to receive(:postgresql?).and_return(true)
       allow(described_class).to receive(:version).and_return('9.3.0')
 
       expect(described_class.join_lateral_supported?).to eq(true)
@@ -141,21 +116,13 @@ describe Gitlab::Database do
   end
 
   describe '.replication_slots_supported?' do
-    it 'returns false when not using postgresql' do
-      allow(described_class).to receive(:postgresql?).and_return(false)
-
-      expect(described_class.replication_slots_supported?).to eq(false)
-    end
-
     it 'returns false when using PostgreSQL 9.3' do
-      allow(described_class).to receive(:postgresql?).and_return(true)
       allow(described_class).to receive(:version).and_return('9.3.1')
 
       expect(described_class.replication_slots_supported?).to eq(false)
     end
 
     it 'returns true when using PostgreSQL 9.4.0 or newer' do
-      allow(described_class).to receive(:postgresql?).and_return(true)
       allow(described_class).to receive(:version).and_return('9.4.0')
 
       expect(described_class.replication_slots_supported?).to eq(true)
@@ -164,14 +131,12 @@ describe Gitlab::Database do
 
   describe '.pg_wal_lsn_diff' do
     it 'returns old name when using PostgreSQL 9.6' do
-      allow(described_class).to receive(:postgresql?).and_return(true)
       allow(described_class).to receive(:version).and_return('9.6')
 
       expect(described_class.pg_wal_lsn_diff).to eq('pg_xlog_location_diff')
     end
 
     it 'returns new name when using PostgreSQL 10 or newer' do
-      allow(described_class).to receive(:postgresql?).and_return(true)
       allow(described_class).to receive(:version).and_return('10')
 
       expect(described_class.pg_wal_lsn_diff).to eq('pg_wal_lsn_diff')
@@ -180,14 +145,12 @@ describe Gitlab::Database do
 
   describe '.pg_current_wal_insert_lsn' do
     it 'returns old name when using PostgreSQL 9.6' do
-      allow(described_class).to receive(:postgresql?).and_return(true)
       allow(described_class).to receive(:version).and_return('9.6')
 
       expect(described_class.pg_current_wal_insert_lsn).to eq('pg_current_xlog_insert_location')
     end
 
     it 'returns new name when using PostgreSQL 10 or newer' do
-      allow(described_class).to receive(:postgresql?).and_return(true)
       allow(described_class).to receive(:version).and_return('10')
 
       expect(described_class.pg_current_wal_insert_lsn).to eq('pg_current_wal_insert_lsn')
@@ -196,14 +159,12 @@ describe Gitlab::Database do
 
   describe '.pg_last_wal_receive_lsn' do
     it 'returns old name when using PostgreSQL 9.6' do
-      allow(described_class).to receive(:postgresql?).and_return(true)
       allow(described_class).to receive(:version).and_return('9.6')
 
       expect(described_class.pg_last_wal_receive_lsn).to eq('pg_last_xlog_receive_location')
     end
 
     it 'returns new name when using PostgreSQL 10 or newer' do
-      allow(described_class).to receive(:postgresql?).and_return(true)
       allow(described_class).to receive(:version).and_return('10')
 
       expect(described_class.pg_last_wal_receive_lsn).to eq('pg_last_wal_receive_lsn')
@@ -212,14 +173,12 @@ describe Gitlab::Database do
 
   describe '.pg_last_wal_replay_lsn' do
     it 'returns old name when using PostgreSQL 9.6' do
-      allow(described_class).to receive(:postgresql?).and_return(true)
       allow(described_class).to receive(:version).and_return('9.6')
 
       expect(described_class.pg_last_wal_replay_lsn).to eq('pg_last_xlog_replay_location')
     end
 
     it 'returns new name when using PostgreSQL 10 or newer' do
-      allow(described_class).to receive(:postgresql?).and_return(true)
       allow(described_class).to receive(:version).and_return('10')
 
       expect(described_class.pg_last_wal_replay_lsn).to eq('pg_last_wal_replay_lsn')
@@ -434,7 +393,6 @@ describe Gitlab::Database do
   describe '.db_read_only?' do
     before do
       allow(ActiveRecord::Base.connection).to receive(:execute).and_call_original
-      allow(described_class).to receive(:postgresql?).and_return(true)
     end
 
     it 'detects a read only database' do
diff --git a/spec/models/project_feature_spec.rb b/spec/models/project_feature_spec.rb
index 31e55bf6be6..dc7a8433064 100644
--- a/spec/models/project_feature_spec.rb
+++ b/spec/models/project_feature_spec.rb
@@ -8,11 +8,7 @@ describe ProjectFeature do
 
   describe '.quoted_access_level_column' do
     it 'returns the table name and quoted column name for a feature' do
-      expected = if Gitlab::Database.postgresql?
-                   '"project_features"."issues_access_level"'
-                 else
-                   '`project_features`.`issues_access_level`'
-                 end
+      expected = '"project_features"."issues_access_level"'
 
       expect(described_class.quoted_access_level_column(:issues)).to eq(expected)
     end
-- 
cgit v1.2.1


From b9af5066eaadda217224ba2037db72bfc9ee440c Mon Sep 17 00:00:00 2001
From: Andreas Brandl <abrandl@gitlab.com>
Date: Sat, 27 Jul 2019 16:59:35 +0200
Subject: Refactor and remove #prepare_relation method

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/65054
---
 app/services/projects/base_move_relations_service.rb         | 7 -------
 app/services/projects/move_deploy_keys_projects_service.rb   | 3 +--
 app/services/projects/move_lfs_objects_projects_service.rb   | 3 +--
 app/services/projects/move_notification_settings_service.rb  | 3 +--
 app/services/projects/move_project_authorizations_service.rb | 3 +--
 app/services/projects/move_project_group_links_service.rb    | 3 +--
 app/services/projects/move_project_members_service.rb        | 2 +-
 7 files changed, 6 insertions(+), 18 deletions(-)

diff --git a/app/services/projects/base_move_relations_service.rb b/app/services/projects/base_move_relations_service.rb
index b177837214d..3a159cef58b 100644
--- a/app/services/projects/base_move_relations_service.rb
+++ b/app/services/projects/base_move_relations_service.rb
@@ -10,12 +10,5 @@ module Projects
 
       true
     end
-
-    private
-
-    def prepare_relation(relation, id_param = :id)
-      # TODO: Refactor and remove this method (https://gitlab.com/gitlab-org/gitlab-ce/issues/65054)
-      relation
-    end
   end
 end
diff --git a/app/services/projects/move_deploy_keys_projects_service.rb b/app/services/projects/move_deploy_keys_projects_service.rb
index b6a3af8c7b8..01419563538 100644
--- a/app/services/projects/move_deploy_keys_projects_service.rb
+++ b/app/services/projects/move_deploy_keys_projects_service.rb
@@ -16,8 +16,7 @@ module Projects
     private
 
     def move_deploy_keys_projects
-      prepare_relation(non_existent_deploy_keys_projects)
-        .update_all(project_id: @project.id)
+      non_existent_deploy_keys_projects.update_all(project_id: @project.id)
     end
 
     # rubocop: disable CodeReuse/ActiveRecord
diff --git a/app/services/projects/move_lfs_objects_projects_service.rb b/app/services/projects/move_lfs_objects_projects_service.rb
index 308a54ad06e..10e19014db4 100644
--- a/app/services/projects/move_lfs_objects_projects_service.rb
+++ b/app/services/projects/move_lfs_objects_projects_service.rb
@@ -16,8 +16,7 @@ module Projects
     private
 
     def move_lfs_objects_projects
-      prepare_relation(non_existent_lfs_objects_projects)
-        .update_all(project_id: @project.lfs_storage_project.id)
+      non_existent_lfs_objects_projects.update_all(project_id: @project.lfs_storage_project.id)
     end
 
     def remove_remaining_lfs_objects_project
diff --git a/app/services/projects/move_notification_settings_service.rb b/app/services/projects/move_notification_settings_service.rb
index e740c44bd26..65a888fe26b 100644
--- a/app/services/projects/move_notification_settings_service.rb
+++ b/app/services/projects/move_notification_settings_service.rb
@@ -16,8 +16,7 @@ module Projects
     private
 
     def move_notification_settings
-      prepare_relation(non_existent_notifications)
-        .update_all(source_id: @project.id)
+      non_existent_notifications.update_all(source_id: @project.id)
     end
 
     # Remove remaining notification settings from source_project
diff --git a/app/services/projects/move_project_authorizations_service.rb b/app/services/projects/move_project_authorizations_service.rb
index 2985ba89014..c95ad60ab5e 100644
--- a/app/services/projects/move_project_authorizations_service.rb
+++ b/app/services/projects/move_project_authorizations_service.rb
@@ -21,8 +21,7 @@ module Projects
     private
 
     def move_project_authorizations
-      prepare_relation(non_existent_authorization, :user_id)
-        .update_all(project_id: @project.id)
+      non_existent_authorization.update_all(project_id: @project.id)
     end
 
     def remove_remaining_authorizations
diff --git a/app/services/projects/move_project_group_links_service.rb b/app/services/projects/move_project_group_links_service.rb
index cf4b291c761..d1aa9af2bcb 100644
--- a/app/services/projects/move_project_group_links_service.rb
+++ b/app/services/projects/move_project_group_links_service.rb
@@ -20,8 +20,7 @@ module Projects
     private
 
     def move_group_links
-      prepare_relation(non_existent_group_links)
-        .update_all(project_id: @project.id)
+      non_existent_group_links.update_all(project_id: @project.id)
     end
 
     # Remove remaining project group links from source_project
diff --git a/app/services/projects/move_project_members_service.rb b/app/services/projects/move_project_members_service.rb
index faf389241d2..de4e7e5a1e3 100644
--- a/app/services/projects/move_project_members_service.rb
+++ b/app/services/projects/move_project_members_service.rb
@@ -20,7 +20,7 @@ module Projects
     private
 
     def move_project_members
-      prepare_relation(non_existent_members).update_all(source_id: @project.id)
+      non_existent_members.update_all(source_id: @project.id)
     end
 
     def remove_remaining_members
-- 
cgit v1.2.1


From cfea48dffd04918e4d457ed92ff987b8246ef4ec Mon Sep 17 00:00:00 2001
From: Ryan Cobb <rcobb@gitlab.com>
Date: Mon, 29 Jul 2019 11:53:12 +0000
Subject: Adds direct monitoring for sidekiq metrics

This adds diirect monitoring for sidekiq metrics. This is done via
sidekiq middleware and a sampler to pull from sidekiqs api.
---
 config/initializers/sidekiq.rb                     |  1 +
 lib/gitlab/sidekiq_middleware/metrics.rb           | 48 ++++++++++++++++++
 spec/lib/gitlab/sidekiq_middleware/metrics_spec.rb | 57 ++++++++++++++++++++++
 3 files changed, 106 insertions(+)
 create mode 100644 lib/gitlab/sidekiq_middleware/metrics.rb
 create mode 100644 spec/lib/gitlab/sidekiq_middleware/metrics_spec.rb

diff --git a/config/initializers/sidekiq.rb b/config/initializers/sidekiq.rb
index 166fb9b6916..9f88fb9895b 100644
--- a/config/initializers/sidekiq.rb
+++ b/config/initializers/sidekiq.rb
@@ -33,6 +33,7 @@ Sidekiq.configure_server do |config|
   config.redis = queues_config_hash
 
   config.server_middleware do |chain|
+    chain.add Gitlab::SidekiqMiddleware::Metrics if Settings.monitoring.sidekiq_exporter
     chain.add Gitlab::SidekiqMiddleware::ArgumentsLogger if ENV['SIDEKIQ_LOG_ARGUMENTS'] && !enable_json_logs
     chain.add Gitlab::SidekiqMiddleware::MemoryKiller if ENV['SIDEKIQ_MEMORY_KILLER_MAX_RSS']
     chain.add Gitlab::SidekiqMiddleware::RequestStoreMiddleware unless ENV['SIDEKIQ_REQUEST_STORE'] == '0'
diff --git a/lib/gitlab/sidekiq_middleware/metrics.rb b/lib/gitlab/sidekiq_middleware/metrics.rb
new file mode 100644
index 00000000000..b06ffa9c121
--- /dev/null
+++ b/lib/gitlab/sidekiq_middleware/metrics.rb
@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module SidekiqMiddleware
+    class Metrics
+      def initialize
+        @metrics = init_metrics
+      end
+
+      def call(_worker, job, queue)
+        labels = create_labels(queue)
+        @metrics[:sidekiq_running_jobs].increment(labels, 1)
+
+        if job['retry_count'].present?
+          @metrics[:sidekiq_jobs_retried_total].increment(labels, 1)
+        end
+
+        realtime = Benchmark.realtime do
+          yield
+        end
+
+        @metrics[:sidekiq_jobs_completion_seconds].observe(labels, realtime)
+      rescue Exception # rubocop: disable Lint/RescueException
+        @metrics[:sidekiq_jobs_failed_total].increment(labels, 1)
+        raise
+      ensure
+        @metrics[:sidekiq_running_jobs].increment(labels, -1)
+      end
+
+      private
+
+      def init_metrics
+        {
+          sidekiq_jobs_completion_seconds: ::Gitlab::Metrics.histogram(:sidekiq_jobs_completion_seconds, 'Seconds to complete sidekiq job'),
+          sidekiq_jobs_failed_total:       ::Gitlab::Metrics.counter(:sidekiq_jobs_failed_total, 'Sidekiq jobs failed'),
+          sidekiq_jobs_retried_total:      ::Gitlab::Metrics.counter(:sidekiq_jobs_retried_total, 'Sidekiq jobs retried'),
+          sidekiq_running_jobs:            ::Gitlab::Metrics.gauge(:sidekiq_running_jobs, 'Number of Sidekiq jobs running', {}, :livesum)
+        }
+      end
+
+      def create_labels(queue)
+        {
+          queue: queue
+        }
+      end
+    end
+  end
+end
diff --git a/spec/lib/gitlab/sidekiq_middleware/metrics_spec.rb b/spec/lib/gitlab/sidekiq_middleware/metrics_spec.rb
new file mode 100644
index 00000000000..c6df1c6a0d8
--- /dev/null
+++ b/spec/lib/gitlab/sidekiq_middleware/metrics_spec.rb
@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::SidekiqMiddleware::Metrics do
+  describe '#call' do
+    let(:middleware) { described_class.new }
+    let(:worker) { double(:worker) }
+
+    let(:completion_seconds_metric) { double('completion seconds metric') }
+    let(:failed_total_metric) { double('failed total metric') }
+    let(:retried_total_metric) { double('retried total metric') }
+    let(:running_jobs_metric) { double('running jobs metric') }
+
+    before do
+      allow(Gitlab::Metrics).to receive(:histogram).with(:sidekiq_jobs_completion_seconds, anything).and_return(completion_seconds_metric)
+      allow(Gitlab::Metrics).to receive(:counter).with(:sidekiq_jobs_failed_total, anything).and_return(failed_total_metric)
+      allow(Gitlab::Metrics).to receive(:counter).with(:sidekiq_jobs_retried_total, anything).and_return(retried_total_metric)
+      allow(Gitlab::Metrics).to receive(:gauge).with(:sidekiq_running_jobs, anything, {}, :livesum).and_return(running_jobs_metric)
+
+      allow(running_jobs_metric).to receive(:increment)
+    end
+
+    it 'yields block' do
+      allow(completion_seconds_metric).to receive(:observe)
+
+      expect { |b| middleware.call(worker, {}, :test, &b) }.to yield_control.once
+    end
+
+    it 'sets metrics' do
+      labels = { queue: :test }
+
+      expect(running_jobs_metric).to receive(:increment).with(labels, 1)
+      expect(running_jobs_metric).to receive(:increment).with(labels, -1)
+      expect(completion_seconds_metric).to receive(:observe).with(labels, kind_of(Numeric))
+
+      middleware.call(worker, {}, :test) { nil }
+    end
+
+    context 'when job is retried' do
+      it 'sets sidekiq_jobs_retried_total metric' do
+        allow(completion_seconds_metric).to receive(:observe)
+
+        expect(retried_total_metric).to receive(:increment)
+
+        middleware.call(worker, { 'retry_count' => 1 }, :test) { nil }
+      end
+    end
+
+    context 'when error is raised' do
+      it 'sets sidekiq_jobs_failed_total and reraises' do
+        expect(failed_total_metric).to receive(:increment)
+        expect { middleware.call(worker, {}, :test) { raise } }.to raise_error
+      end
+    end
+  end
+end
-- 
cgit v1.2.1


From d7a4c1d2a5f395ca6ddb2dc2608ac33ccebf8a74 Mon Sep 17 00:00:00 2001
From: Yorick Peterse <yorickpeterse@gmail.com>
Date: Mon, 22 Jul 2019 17:11:50 +0200
Subject: Backport EE changes made to the scripts/ directory

This backport changes made by EE to the files in the scripts/ directory.
This comes with a few changes to some scripts to make them work in the
single codebase setup.
---
 lib/gitlab.rb            |   4 +-
 lib/tasks/gitlab/db.rake |   8 +++
 scripts/lint-rugged      |   3 ++
 scripts/static-analysis  |   5 ++
 scripts/utils.sh         | 128 +++++++++++++++++++++++++++++++++++++++++++++++
 spec/lib/gitlab_spec.rb  |   6 +++
 6 files changed, 152 insertions(+), 2 deletions(-)

diff --git a/lib/gitlab.rb b/lib/gitlab.rb
index c62d1071dba..d9d8dcf7900 100644
--- a/lib/gitlab.rb
+++ b/lib/gitlab.rb
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require_dependency File.expand_path('gitlab/popen', __dir__)
+require 'pathname'
 
 module Gitlab
   def self.root
@@ -61,7 +61,7 @@ module Gitlab
 
   def self.ee?
     @is_ee ||=
-      if ENV['IS_GITLAB_EE'].present?
+      if ENV['IS_GITLAB_EE'] && !ENV['IS_GITLAB_EE'].empty?
         Gitlab::Utils.to_boolean(ENV['IS_GITLAB_EE'])
       else
         # We may use this method when the Rails environment is not loaded. This
diff --git a/lib/tasks/gitlab/db.rake b/lib/tasks/gitlab/db.rake
index d054959e05e..1961f64659c 100644
--- a/lib/tasks/gitlab/db.rake
+++ b/lib/tasks/gitlab/db.rake
@@ -70,5 +70,13 @@ namespace :gitlab do
 
       Gitlab::DowntimeCheck.new.check_and_print(migrations)
     end
+
+    desc 'Sets up EE specific database functionality'
+
+    if Gitlab.ee?
+      task setup_ee: %w[geo:db:drop geo:db:create geo:db:schema:load geo:db:migrate]
+    else
+      task :setup_ee
+    end
   end
 end
diff --git a/scripts/lint-rugged b/scripts/lint-rugged
index f40f0489c1a..d862571c1c5 100755
--- a/scripts/lint-rugged
+++ b/scripts/lint-rugged
@@ -1,6 +1,9 @@
 #!/usr/bin/env ruby
 
 ALLOWED = [
+  # https://gitlab.com/gitlab-org/gitaly/issues/760
+  'lib/elasticsearch/git/repository.rb',
+
   # Needed to handle repositories that are not in any storage
   'lib/gitlab/bare_repository_import/repository.rb',
 
diff --git a/scripts/static-analysis b/scripts/static-analysis
index 642c50ec0a8..6fd64fbf9da 100755
--- a/scripts/static-analysis
+++ b/scripts/static-analysis
@@ -1,6 +1,7 @@
 #!/usr/bin/env ruby
 
 # We don't have auto-loading here
+require_relative '../lib/gitlab'
 require_relative '../lib/gitlab/popen'
 require_relative '../lib/gitlab/popen/runner'
 
@@ -36,6 +37,10 @@ tasks = [
   %w[scripts/lint-rugged]
 ]
 
+if Gitlab.ee?
+  tasks.unshift(%w[ruby -rbundler/setup scripts/ee_specific_check/ee_specific_check.rb])
+end
+
 static_analysis = Gitlab::Popen::Runner.new
 
 static_analysis.run(tasks) do |cmd, &run|
diff --git a/scripts/utils.sh b/scripts/utils.sh
index 4a6567b8a62..c1bdef5b847 100644
--- a/scripts/utils.sh
+++ b/scripts/utils.sh
@@ -29,6 +29,134 @@ function setup_db() {
     if [ "$GITLAB_DATABASE" = "mysql" ]; then
         bundle exec rake add_limits_mysql
     fi
+
+    bundle exec rake gitlab:db:setup_ee
+}
+
+function install_api_client_dependencies_with_apk() {
+  apk add --update openssl curl jq
+}
+
+function install_api_client_dependencies_with_apt() {
+  apt update && apt install jq -y
+}
+
+function install_gitlab_gem() {
+  gem install gitlab --no-document
+}
+
+function echoerr() {
+  local header="${2}"
+
+  if [ -n "${header}" ]; then
+    printf "\n\033[0;31m** %s **\n\033[0m" "${1}" >&2;
+  else
+    printf "\033[0;31m%s\n\033[0m" "${1}" >&2;
+  fi
+}
+
+function echoinfo() {
+  local header="${2}"
+
+  if [ -n "${header}" ]; then
+    printf "\n\033[0;33m** %s **\n\033[0m" "${1}" >&2;
+  else
+    printf "\033[0;33m%s\n\033[0m" "${1}" >&2;
+  fi
+}
+
+function get_job_id() {
+  local job_name="${1}"
+  local query_string="${2:+&${2}}"
+  local api_token="${API_TOKEN-${GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN}}"
+  if [ -z "${api_token}" ]; then
+    echoerr "Please provide an API token with \$API_TOKEN or \$GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN."
+    return
+  fi
+
+  local max_page=3
+  local page=1
+
+  while true; do
+    local url="https://gitlab.com/api/v4/projects/${CI_PROJECT_ID}/pipelines/${CI_PIPELINE_ID}/jobs?per_page=100&page=${page}${query_string}"
+    echoinfo "GET ${url}"
+
+    local job_id
+    job_id=$(curl --silent --show-error --header "PRIVATE-TOKEN: ${api_token}" "${url}" | jq "map(select(.name == \"${job_name}\")) | map(.id) | last")
+    [[ "${job_id}" == "null" && "${page}" -lt "$max_page" ]] || break
+
+    let "page++"
+  done
+
+  if [[ "${job_id}" == "" ]]; then
+    echoerr "The '${job_name}' job ID couldn't be retrieved!"
+  else
+    echoinfo "The '${job_name}' job ID is ${job_id}"
+    echo "${job_id}"
+  fi
+}
+
+function play_job() {
+  local job_name="${1}"
+  local job_id
+  job_id=$(get_job_id "${job_name}" "scope=manual");
+  if [ -z "${job_id}" ]; then return; fi
+
+  local api_token="${API_TOKEN-${GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN}}"
+  if [ -z "${api_token}" ]; then
+    echoerr "Please provide an API token with \$API_TOKEN or \$GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN."
+    return
+  fi
+
+  local url="https://gitlab.com/api/v4/projects/${CI_PROJECT_ID}/jobs/${job_id}/play"
+  echoinfo "POST ${url}"
+
+  local job_url
+  job_url=$(curl --silent --show-error --request POST --header "PRIVATE-TOKEN: ${api_token}" "${url}" | jq ".web_url")
+  echoinfo "Manual job '${job_name}' started at: ${job_url}"
+}
+
+function wait_for_job_to_be_done() {
+  local job_name="${1}"
+  local query_string="${2}"
+  local job_id
+  job_id=$(get_job_id "${job_name}" "${query_string}")
+  if [ -z "${job_id}" ]; then return; fi
+
+  local api_token="${API_TOKEN-${GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN}}"
+  if [ -z "${api_token}" ]; then
+    echoerr "Please provide an API token with \$API_TOKEN or \$GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN."
+    return
+  fi
+
+  echoinfo "Waiting for the '${job_name}' job to finish..."
+
+  local url="https://gitlab.com/api/v4/projects/${CI_PROJECT_ID}/jobs/${job_id}"
+  echoinfo "GET ${url}"
+
+  # In case the job hasn't finished yet. Keep trying until the job times out.
+  local interval=30
+  local elapsed_seconds=0
+  while true; do
+    local job_status
+    job_status=$(curl --silent --show-error --header "PRIVATE-TOKEN: ${api_token}" "${url}" | jq ".status" | sed -e s/\"//g)
+    [[ "${job_status}" == "pending" || "${job_status}" == "running" ]] || break
+
+    printf "."
+    let "elapsed_seconds+=interval"
+    sleep ${interval}
+  done
+
+  local elapsed_minutes=$((elapsed_seconds / 60))
+  echoinfo "Waited '${job_name}' for ${elapsed_minutes} minutes."
+
+  if [[ "${job_status}" == "failed" ]]; then
+    echoerr "The '${job_name}' failed."
+  elif [[ "${job_status}" == "manual" ]]; then
+    echoinfo "The '${job_name}' is manual."
+  else
+    echoinfo "The '${job_name}' passed."
+  fi
 }
 
 function install_api_client_dependencies_with_apk() {
diff --git a/spec/lib/gitlab_spec.rb b/spec/lib/gitlab_spec.rb
index 82b0e819063..c293f58c9cb 100644
--- a/spec/lib/gitlab_spec.rb
+++ b/spec/lib/gitlab_spec.rb
@@ -136,6 +136,12 @@ describe Gitlab do
 
       expect(described_class.ee?).to eq(false)
     end
+
+    it 'returns true when the IS_GITLAB_EE variable is not empty' do
+      stub_env('IS_GITLAB_EE', '1')
+
+      expect(described_class.ee?).to eq(true)
+    end
   end
 
   describe '.http_proxy_env?' do
-- 
cgit v1.2.1


From 998cd8cb70be5093971a41a5be2674ea7bfbd1fb Mon Sep 17 00:00:00 2001
From: Yorick Peterse <yorickpeterse@gmail.com>
Date: Wed, 24 Jul 2019 16:45:31 +0200
Subject: Backport EE changes for the schema specs

This backports two EE specific changes made to the schema changes. We do
not yet backport the EE prepend, as this will/can be done when
https://gitlab.com/gitlab-org/gitlab-ce/issues/58170 is implemented.
---
 spec/db/schema_spec.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/spec/db/schema_spec.rb b/spec/db/schema_spec.rb
index 6cfec5f4017..13fad1b6dc9 100644
--- a/spec/db/schema_spec.rb
+++ b/spec/db/schema_spec.rb
@@ -1,12 +1,14 @@
 # frozen_string_literal: true
 
 require 'spec_helper'
+require Rails.root.join('ee', 'spec', 'db', 'schema_support') if Gitlab.ee?
 
 describe 'Database schema' do
   let(:connection) { ActiveRecord::Base.connection }
   let(:tables) { connection.tables }
 
   # Use if you are certain that this column should not have a foreign key
+  # EE: edit the ee/spec/db/schema_support.rb
   IGNORED_FK_COLUMNS = {
     abuse_reports: %w[reporter_id user_id],
     application_settings: %w[performance_bar_allowed_group_id slack_app_id snowplow_site_id],
-- 
cgit v1.2.1


From 646521bdc7c6e995ccbd02ba771be3a6c4b00d78 Mon Sep 17 00:00:00 2001
From: Yorick Peterse <yorickpeterse@gmail.com>
Date: Wed, 24 Jul 2019 17:11:07 +0200
Subject: Backport ToDo feature specs from EE

This ensures that both CE and EE have the same specs.
---
 .../dashboard/todos/todos_filtering_spec.rb        | 42 ++++++++++++++++++----
 1 file changed, 35 insertions(+), 7 deletions(-)

diff --git a/spec/features/dashboard/todos/todos_filtering_spec.rb b/spec/features/dashboard/todos/todos_filtering_spec.rb
index 5c20d50edc0..f273e416597 100644
--- a/spec/features/dashboard/todos/todos_filtering_spec.rb
+++ b/spec/features/dashboard/todos/todos_filtering_spec.rb
@@ -6,23 +6,36 @@ describe 'Dashboard > User filters todos', :js do
   let(:user_1)    { create(:user, username: 'user_1', name: 'user_1') }
   let(:user_2)    { create(:user, username: 'user_2', name: 'user_2') }
 
-  let(:project_1) { create(:project, name: 'project_1') }
-  let(:project_2) { create(:project, name: 'project_2') }
+  let(:group1) { create(:group) }
+  let(:group2) { create(:group) }
 
-  let(:issue) { create(:issue, title: 'issue', project: project_1) }
+  let(:project_1) { create(:project, name: 'project_1', namespace: group1) }
+  let(:project_2) { create(:project, name: 'project_2', namespace: group1) }
+  let(:project_3) { create(:project, name: 'project_3', namespace: group2) }
+
+  let(:issue1) { create(:issue, title: 'issue', project: project_1) }
+  let(:issue2) { create(:issue, title: 'issue', project: project_3) }
 
   let!(:merge_request) { create(:merge_request, source_project: project_2, title: 'merge_request') }
 
   before do
-    create(:todo, user: user_1, author: user_2, project: project_1, target: issue, action: 1)
+    create(:todo, user: user_1, author: user_2, project: project_1, target: issue1, action: 1)
+    create(:todo, user: user_1, author: user_2, project: project_3, target: issue2, action: 1)
     create(:todo, user: user_1, author: user_1, project: project_2, target: merge_request, action: 2)
 
     project_1.add_developer(user_1)
     project_2.add_developer(user_1)
+    project_3.add_developer(user_1)
     sign_in(user_1)
     visit dashboard_todos_path
   end
 
+  it 'displays all todos without a filter' do
+    expect(page).to have_content issue1.to_reference(full: true)
+    expect(page).to have_content merge_request.to_reference(full: true)
+    expect(page).to have_content issue2.to_reference(full: true)
+  end
+
   it 'filters by project' do
     click_button 'Project'
     within '.dropdown-menu-project' do
@@ -36,6 +49,20 @@ describe 'Dashboard > User filters todos', :js do
     expect(page).not_to have_content project_2.full_name
   end
 
+  it 'filters by group' do
+    click_button 'Group'
+    within '.dropdown-menu-group' do
+      fill_in 'Search groups', with: group1.full_name
+      click_link group1.full_name
+    end
+
+    wait_for_requests
+
+    expect(page).to     have_content issue1.to_reference(full: true)
+    expect(page).to     have_content merge_request.to_reference(full: true)
+    expect(page).not_to have_content issue2.to_reference(full: true)
+  end
+
   context 'Author filter' do
     it 'filters by author' do
       click_button 'Author'
@@ -65,7 +92,7 @@ describe 'Dashboard > User filters todos', :js do
     it 'shows only authors of existing done todos' do
       user_3 = create :user
       user_4 = create :user
-      create(:todo, user: user_1, author: user_3, project: project_1, target: issue, action: 1, state: :done)
+      create(:todo, user: user_1, author: user_3, project: project_1, target: issue1, action: 1, state: :done)
       create(:todo, user: user_1, author: user_4, project: project_2, target: merge_request, action: 2, state: :done)
 
       project_1.add_developer(user_3)
@@ -94,14 +121,15 @@ describe 'Dashboard > User filters todos', :js do
 
     wait_for_requests
 
-    expect(find('.todos-list')).to     have_content issue.to_reference
+    expect(find('.todos-list')).to     have_content issue1.to_reference
+    expect(find('.todos-list')).to     have_content issue2.to_reference
     expect(find('.todos-list')).not_to have_content merge_request.to_reference
   end
 
   describe 'filter by action' do
     before do
       create(:todo, :build_failed, user: user_1, author: user_2, project: project_1)
-      create(:todo, :marked, user: user_1, author: user_2, project: project_1, target: issue)
+      create(:todo, :marked, user: user_1, author: user_2, project: project_1, target: issue1)
     end
 
     it 'filters by Assigned' do
-- 
cgit v1.2.1


From 3d052438101b1e25117b74d6e0bf2ddf49e41f81 Mon Sep 17 00:00:00 2001
From: Yorick Peterse <yorickpeterse@gmail.com>
Date: Thu, 25 Jul 2019 14:39:37 +0200
Subject: Make protected tags spec the same for CE and EE

This changes a protected tags feature spec so that it is the same in
both CE and EE. This requires the use of a `if Gitlab.ee?` check, as the
added lines don't work in CE but do work in EE. Removing them entirely
in turn breaks the EE spec.
---
 spec/features/protected_tags_spec.rb | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/spec/features/protected_tags_spec.rb b/spec/features/protected_tags_spec.rb
index 7844d6ac6d3..3322a747cf5 100644
--- a/spec/features/protected_tags_spec.rb
+++ b/spec/features/protected_tags_spec.rb
@@ -16,6 +16,7 @@ describe 'Protected Tags', :js do
     it "allows creating explicit protected tags" do
       visit project_protected_tags_path(project)
       set_protected_tag_name('some-tag')
+      set_allowed_to('create') if Gitlab.ee?
       click_on "Protect"
 
       within(".protected-tags-list") { expect(page).to have_content('some-tag') }
@@ -29,6 +30,7 @@ describe 'Protected Tags', :js do
 
       visit project_protected_tags_path(project)
       set_protected_tag_name('some-tag')
+      set_allowed_to('create') if Gitlab.ee?
       click_on "Protect"
 
       within(".protected-tags-list") { expect(page).to have_content(commit.id[0..7]) }
@@ -37,6 +39,7 @@ describe 'Protected Tags', :js do
     it "displays an error message if the named tag does not exist" do
       visit project_protected_tags_path(project)
       set_protected_tag_name('some-tag')
+      set_allowed_to('create') if Gitlab.ee?
       click_on "Protect"
 
       within(".protected-tags-list") { expect(page).to have_content('tag was removed') }
@@ -47,6 +50,7 @@ describe 'Protected Tags', :js do
     it "allows creating protected tags with a wildcard" do
       visit project_protected_tags_path(project)
       set_protected_tag_name('*-stable')
+      set_allowed_to('create') if Gitlab.ee?
       click_on "Protect"
 
       within(".protected-tags-list") { expect(page).to have_content('*-stable') }
@@ -60,6 +64,7 @@ describe 'Protected Tags', :js do
 
       visit project_protected_tags_path(project)
       set_protected_tag_name('*-stable')
+      set_allowed_to('create') if Gitlab.ee?
       click_on "Protect"
 
       within(".protected-tags-list") do
@@ -75,6 +80,7 @@ describe 'Protected Tags', :js do
 
       visit project_protected_tags_path(project)
       set_protected_tag_name('*-stable')
+      set_allowed_to('create') if Gitlab.ee?
       click_on "Protect"
 
       visit project_protected_tags_path(project)
-- 
cgit v1.2.1


From 3fa5ee8907a399c3af4bf60bc712fddf47ec1474 Mon Sep 17 00:00:00 2001
From: Yorick Peterse <yorickpeterse@gmail.com>
Date: Thu, 25 Jul 2019 16:54:02 +0200
Subject: Make usage content spec the same for CE and EE

This changes the spec in question so that it is the same for both CE and
EE. This requires an `if Gitlab.ee?` since EE requires that we stub an
EE specific module, but doing so in CE will break the spec there.
---
 spec/features/usage_stats_consent_spec.rb | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/spec/features/usage_stats_consent_spec.rb b/spec/features/usage_stats_consent_spec.rb
index dd8f3179895..14232b1b370 100644
--- a/spec/features/usage_stats_consent_spec.rb
+++ b/spec/features/usage_stats_consent_spec.rb
@@ -8,7 +8,15 @@ describe 'Usage stats consent' do
     let(:message) { 'To help improve GitLab, we would like to periodically collect usage information.' }
 
     before do
-      allow(user).to receive(:has_current_license?).and_return false
+      if Gitlab.ee?
+        allow_any_instance_of(EE::User)
+          .to receive(:has_current_license?)
+          .and_return(false)
+      else
+        allow(user)
+          .to receive(:has_current_license?)
+          .and_return(false)
+      end
 
       gitlab_sign_in(user)
     end
-- 
cgit v1.2.1


From 701b6fce64f3dd31e2050da09b1f9fdb35706904 Mon Sep 17 00:00:00 2001
From: Yorick Peterse <yorickpeterse@gmail.com>
Date: Thu, 25 Jul 2019 16:55:32 +0200
Subject: Fix whitespace in wiki link filtering specs

This ensures this spec is the same in both CE and EE.
---
 spec/lib/banzai/filter/wiki_link_filter_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/lib/banzai/filter/wiki_link_filter_spec.rb b/spec/lib/banzai/filter/wiki_link_filter_spec.rb
index 9694c44c17a..877d99b68f3 100644
--- a/spec/lib/banzai/filter/wiki_link_filter_spec.rb
+++ b/spec/lib/banzai/filter/wiki_link_filter_spec.rb
@@ -90,7 +90,7 @@ describe Banzai::Filter::WikiLinkFilter do
         "javascript&#x003A;",
         "java\0script:",
         " &#14;  javascript:"
-        ]
+      ]
 
       invalid_slugs.each do |slug|
         context "with the slug #{slug}" do
-- 
cgit v1.2.1


From 63f395f96ef6bb96fee7ce7eb7672b0a8f7d6d1e Mon Sep 17 00:00:00 2001
From: Desiree Chevalier <dchevalier@gitlab.com>
Date: Fri, 26 Jul 2019 09:59:51 -0400
Subject: Add retry on exception to mattermost login

---
 .../1_manage/login/log_into_mattermost_via_gitlab_spec.rb      | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/qa/qa/specs/features/browser_ui/1_manage/login/log_into_mattermost_via_gitlab_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/login/log_into_mattermost_via_gitlab_spec.rb
index 67610b62ed7..0a999cf00fa 100644
--- a/qa/qa/specs/features/browser_ui/1_manage/login/log_into_mattermost_via_gitlab_spec.rb
+++ b/qa/qa/specs/features/browser_ui/1_manage/login/log_into_mattermost_via_gitlab_spec.rb
@@ -7,11 +7,13 @@ module QA
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
         Page::Main::Login.perform(&:sign_in_using_credentials)
 
-        Runtime::Browser.visit(:mattermost, Page::Mattermost::Login)
-        Page::Mattermost::Login.perform(&:sign_in_using_oauth)
+        Support::Retrier.retry_on_exception do
+          Runtime::Browser.visit(:mattermost, Page::Mattermost::Login)
+          Page::Mattermost::Login.perform(&:sign_in_using_oauth)
 
-        Page::Mattermost::Main.perform do |page|
-          expect(page).to have_content(/(Welcome to: Mattermost|Logout GitLab Mattermost)/)
+          Page::Mattermost::Main.perform do |page|
+            expect(page).to have_content(/(Welcome to: Mattermost|Logout GitLab Mattermost)/)
+          end
         end
       end
     end
-- 
cgit v1.2.1


From 173eaab379a380187838d6132e78ebf983ee30b5 Mon Sep 17 00:00:00 2001
From: Tanya Pazitny <tpazitny@gitlab.com>
Date: Mon, 29 Jul 2019 14:34:27 +0000
Subject: Update reference architecture docs to remove status

---
 doc/administration/high_availability/README.md | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/doc/administration/high_availability/README.md b/doc/administration/high_availability/README.md
index 41ef68f5b57..42516d811a0 100644
--- a/doc/administration/high_availability/README.md
+++ b/doc/administration/high_availability/README.md
@@ -164,16 +164,13 @@ contention due to certain workloads.
 
 #### Reference Architecture
 
-- **Status:** Work-in-progress
 - **Supported Users (approximate):** 10,000
-- **Related Issues:** [gitlab-com/support/support-team-meta#1513](https://gitlab.com/gitlab-com/support/support-team-meta/issues/1513),
- [gitlab-org/quality/team-tasks#110](https://gitlab.com/gitlab-org/quality/team-tasks/issues/110)
-
-The Support and Quality teams are in the process of building and performance testing
-an environment that will support about 10,000 users. The specifications below
-are a work-in-progress representation of the work so far. Quality will be
-certifying this environment in FY20-Q2. The specifications may be adjusted
-prior to certification based on performance testing.
+- **Known Issues:** While validating the reference architecture, slow endpoints were discovered and are being investigated. [gitlab-org/gitlab-ce/issues/64335](https://gitlab.com/gitlab-org/gitlab-ce/issues/64335)
+
+The Support and Quality teams built, performance tested, and validated an
+environment that supports about 10,000 users. The specifications below are a
+representation of the work so far. The specifications may be adjusted in the
+future based on additional testing and iteration.
 
 - 3 PostgreSQL - 4 CPU, 8GB RAM per node
 - 1 PgBouncer - 2 CPU, 4GB RAM
-- 
cgit v1.2.1


From cc7b15fe935d41aab85918eb7ae7c0ef81f8bfb0 Mon Sep 17 00:00:00 2001
From: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Date: Mon, 29 Jul 2019 14:48:20 +0000
Subject: Update CHANGELOG.md for 11.11.7

[ci skip]
---
 CHANGELOG.md                                              | 15 +++++++++++++++
 ...ecurity-60143-patch-additional-xss-vector-in-wikis.yml |  5 -----
 changelogs/unreleased/security-bvl-filter-mr-params.yml   |  5 -----
 changelogs/unreleased/security-dns-ssrf-bypass.yml        |  5 -----
 .../security-fix-badges-leaked-to-unauthorized-users.yml  |  5 -----
 changelogs/unreleased/security-github-ssrf-redirect.yml   |  5 -----
 changelogs/unreleased/security-hide_moved_issue_id.yml    |  5 -----
 .../security-remove-take-trigger-ownership-feature.yml    |  5 -----
 8 files changed, 15 insertions(+), 35 deletions(-)
 delete mode 100644 changelogs/unreleased/security-60143-patch-additional-xss-vector-in-wikis.yml
 delete mode 100644 changelogs/unreleased/security-bvl-filter-mr-params.yml
 delete mode 100644 changelogs/unreleased/security-dns-ssrf-bypass.yml
 delete mode 100644 changelogs/unreleased/security-fix-badges-leaked-to-unauthorized-users.yml
 delete mode 100644 changelogs/unreleased/security-github-ssrf-redirect.yml
 delete mode 100644 changelogs/unreleased/security-hide_moved_issue_id.yml
 delete mode 100644 changelogs/unreleased/security-remove-take-trigger-ownership-feature.yml

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e2882bce1bd..d93cc182c62 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -644,6 +644,21 @@ entry.
 - Moves snowplow to CE repo.
 
 
+## 11.11.7
+
+### Security (9 changes)
+
+- Restrict slash commands to users who can log in.
+- Patch XSS issue in wiki links.
+- Filter merge request params on the new merge request page.
+- Fix Server Side Request Forgery mitigation bypass.
+- Show badges if pipelines are public otherwise default to project permissions.
+- Do not allow localhost url redirection in GitHub Integration.
+- Do not show moved issue id for users that cannot read issue.
+- Use source project as permissions reference for MergeRequestsController#pipelines.
+- Drop feature to take ownership of trigger token.
+
+
 ## 11.11.4 (2019-06-26)
 
 ### Fixed (3 changes)
diff --git a/changelogs/unreleased/security-60143-patch-additional-xss-vector-in-wikis.yml b/changelogs/unreleased/security-60143-patch-additional-xss-vector-in-wikis.yml
deleted file mode 100644
index a8a26d5fc56..00000000000
--- a/changelogs/unreleased/security-60143-patch-additional-xss-vector-in-wikis.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Patch XSS issue in wiki links
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-bvl-filter-mr-params.yml b/changelogs/unreleased/security-bvl-filter-mr-params.yml
deleted file mode 100644
index 4433ec73b7c..00000000000
--- a/changelogs/unreleased/security-bvl-filter-mr-params.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Filter merge request params on the new merge request page
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-dns-ssrf-bypass.yml b/changelogs/unreleased/security-dns-ssrf-bypass.yml
deleted file mode 100644
index e48696ce5bd..00000000000
--- a/changelogs/unreleased/security-dns-ssrf-bypass.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix Server Side Request Forgery mitigation bypass
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-fix-badges-leaked-to-unauthorized-users.yml b/changelogs/unreleased/security-fix-badges-leaked-to-unauthorized-users.yml
deleted file mode 100644
index 9526f3c559f..00000000000
--- a/changelogs/unreleased/security-fix-badges-leaked-to-unauthorized-users.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Show badges if pipelines are public otherwise default to project permissions.
-erge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-github-ssrf-redirect.yml b/changelogs/unreleased/security-github-ssrf-redirect.yml
deleted file mode 100644
index 36a36de3eb0..00000000000
--- a/changelogs/unreleased/security-github-ssrf-redirect.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Do not allow localhost url redirection in GitHub Integration
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-hide_moved_issue_id.yml b/changelogs/unreleased/security-hide_moved_issue_id.yml
deleted file mode 100644
index 24353d797c9..00000000000
--- a/changelogs/unreleased/security-hide_moved_issue_id.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Do not show moved issue id for users that cannot read issue
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-remove-take-trigger-ownership-feature.yml b/changelogs/unreleased/security-remove-take-trigger-ownership-feature.yml
deleted file mode 100644
index 201f66e1f18..00000000000
--- a/changelogs/unreleased/security-remove-take-trigger-ownership-feature.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Drop feature to take ownership of trigger token.
-merge_request:
-author:
-type: security
-- 
cgit v1.2.1


From 6d3b203dd8c0d18535b62eb65054342a5c9cd96c Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Sun, 28 Jul 2019 08:06:59 -0700
Subject: Fix pdf.js rendering pages in the wrong order

There was an implicit assumption that the pages returned from the
Promise of `pdf.getPage(num)` would return in order, but no such
guarantee exists. To handle this, we explicitly set which array index
based on the page number and then trigger a Vue update via `splice`.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/64467
---
 app/assets/javascripts/pdf/index.vue                 | 8 +++++++-
 changelogs/unreleased/sh-fix-pdfjs-page-ordering.yml | 5 +++++
 2 files changed, 12 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/sh-fix-pdfjs-page-ordering.yml

diff --git a/app/assets/javascripts/pdf/index.vue b/app/assets/javascripts/pdf/index.vue
index 6d39abd4a1f..a0142df0806 100644
--- a/app/assets/javascripts/pdf/index.vue
+++ b/app/assets/javascripts/pdf/index.vue
@@ -40,6 +40,8 @@ export default {
         .then(() => this.$emit('pdflabload'))
         .catch(error => this.$emit('pdflaberror', error))
         .then(() => {
+          // Trigger a Vue update: https://vuejs.org/v2/guide/list.html#Caveats
+          this.pages.splice(this.pages.length);
           this.loading = false;
         });
     },
@@ -47,7 +49,11 @@ export default {
       const pagePromises = [];
       this.loading = true;
       for (let num = 1; num <= pdf.numPages; num += 1) {
-        pagePromises.push(pdf.getPage(num).then(p => this.pages.push(p)));
+        pagePromises.push(
+          pdf.getPage(num).then(p => {
+            this.pages[p.pageIndex] = p;
+          }),
+        );
       }
       return Promise.all(pagePromises);
     },
diff --git a/changelogs/unreleased/sh-fix-pdfjs-page-ordering.yml b/changelogs/unreleased/sh-fix-pdfjs-page-ordering.yml
new file mode 100644
index 00000000000..84161c51905
--- /dev/null
+++ b/changelogs/unreleased/sh-fix-pdfjs-page-ordering.yml
@@ -0,0 +1,5 @@
+---
+title: Fix pdf.js rendering pages in the wrong order
+merge_request: 31222
+author:
+type: fixed
-- 
cgit v1.2.1


From 6bfdf529f5b6f604e1d157fa379a108d1b7f8586 Mon Sep 17 00:00:00 2001
From: Sarah Groff Hennigh-Palermo <sarah.groff.palermo@gmail.com>
Date: Mon, 29 Jul 2019 15:42:42 +0000
Subject: Add MR form to runtime Visual Review configuration

* adds the ability to enter a merge request ID directly into the toolbar,
* adds the option to save the ID to `localStorage` (as with the token),
* adds a link to change the ID once entered
* adds some more explanatory errors for 401 & 404
* saves the comment to session storage if the user navigates away without posting it
---
 .../visual_review_toolbar/components/comment.js    | 179 ++++-----------------
 .../components/comment_mr_note.js                  |  31 ++++
 .../components/comment_post.js                     | 145 +++++++++++++++++
 .../components/comment_storage.js                  |  20 +++
 .../visual_review_toolbar/components/constants.js  |  41 -----
 .../components/form_elements.js                    |  17 ++
 .../visual_review_toolbar/components/index.js      |  28 ++--
 .../visual_review_toolbar/components/login.js      |  46 +++---
 .../visual_review_toolbar/components/mr_id.js      |  63 ++++++++
 .../visual_review_toolbar/components/note.js       |   2 +-
 .../visual_review_toolbar/components/utils.js      |   9 +-
 .../visual_review_toolbar/components/wrapper.js    |  47 ++----
 .../javascripts/visual_review_toolbar/index.js     |  25 ++-
 .../visual_review_toolbar/shared/constants.js      |  47 ++++++
 .../visual_review_toolbar/shared/index.js          |  49 ++++++
 .../visual_review_toolbar/shared/storage_utils.js  |  42 +++++
 .../visual_review_toolbar/store/events.js          |  45 +++++-
 .../visual_review_toolbar/store/index.js           |  14 +-
 .../visual_review_toolbar/store/state.js           |  67 +++++---
 .../visual_review_toolbar/styles/toolbar.css       |  16 +-
 changelogs/unreleased/64190-add-mr-form.yml        |   5 +
 21 files changed, 629 insertions(+), 309 deletions(-)
 create mode 100644 app/assets/javascripts/visual_review_toolbar/components/comment_mr_note.js
 create mode 100644 app/assets/javascripts/visual_review_toolbar/components/comment_post.js
 create mode 100644 app/assets/javascripts/visual_review_toolbar/components/comment_storage.js
 delete mode 100644 app/assets/javascripts/visual_review_toolbar/components/constants.js
 create mode 100644 app/assets/javascripts/visual_review_toolbar/components/form_elements.js
 create mode 100644 app/assets/javascripts/visual_review_toolbar/components/mr_id.js
 create mode 100644 app/assets/javascripts/visual_review_toolbar/shared/constants.js
 create mode 100644 app/assets/javascripts/visual_review_toolbar/shared/index.js
 create mode 100644 app/assets/javascripts/visual_review_toolbar/shared/storage_utils.js
 create mode 100644 changelogs/unreleased/64190-add-mr-form.yml

diff --git a/app/assets/javascripts/visual_review_toolbar/components/comment.js b/app/assets/javascripts/visual_review_toolbar/components/comment.js
index 04bfb5e9532..20effc1751d 100644
--- a/app/assets/javascripts/visual_review_toolbar/components/comment.js
+++ b/app/assets/javascripts/visual_review_toolbar/components/comment.js
@@ -1,148 +1,39 @@
-import { BLACK, COMMENT_BOX, MUTED, LOGOUT } from './constants';
-import { clearNote, postError } from './note';
-import {
-  buttonClearStyles,
-  selectCommentBox,
-  selectCommentButton,
-  selectNote,
-  selectNoteContainer,
-} from './utils';
-
-const comment = `
-  <div>
-    <textarea id="${COMMENT_BOX}" name="${COMMENT_BOX}" rows="3" placeholder="Enter your feedback or idea" class="gitlab-input" aria-required="true"></textarea>
-    <p class="gitlab-metadata-note">Additional metadata will be included: browser, OS, current page, user agent, and viewport dimensions.</p>
-  </div>
-  <div class="gitlab-button-wrapper">
-    <button class="gitlab-button gitlab-button-secondary" style="${buttonClearStyles}" type="button" id="${LOGOUT}"> Log out </button>
-    <button class="gitlab-button gitlab-button-success" style="${buttonClearStyles}" type="button" id="gitlab-comment-button"> Send feedback </button>
-  </div>
-`;
-
-const resetCommentButton = () => {
-  const commentButton = selectCommentButton();
-
-  /* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
-  commentButton.innerText = 'Send feedback';
-  commentButton.classList.replace('gitlab-button-secondary', 'gitlab-button-success');
-  commentButton.style.opacity = 1;
-};
-
-const resetCommentBox = () => {
-  const commentBox = selectCommentBox();
-  commentBox.style.pointerEvents = 'auto';
-  commentBox.style.color = BLACK;
-};
-
-const resetCommentText = () => {
-  const commentBox = selectCommentBox();
-  commentBox.value = '';
-};
-
-const resetComment = () => {
-  resetCommentButton();
-  resetCommentBox();
-  resetCommentText();
-};
-
-const confirmAndClear = feedbackInfo => {
-  const commentButton = selectCommentButton();
-  const currentNote = selectNote();
-  const noteContainer = selectNoteContainer();
-
-  /* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
-  commentButton.innerText = 'Feedback sent';
-  noteContainer.style.visibility = 'visible';
-  currentNote.insertAdjacentHTML('beforeend', feedbackInfo);
-
-  setTimeout(resetComment, 1000);
-  setTimeout(clearNote, 6000);
-};
-
-const setInProgressState = () => {
-  const commentButton = selectCommentButton();
-  const commentBox = selectCommentBox();
-
-  /* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
-  commentButton.innerText = 'Sending feedback';
-  commentButton.classList.replace('gitlab-button-success', 'gitlab-button-secondary');
-  commentButton.style.opacity = 0.5;
-  commentBox.style.color = MUTED;
-  commentBox.style.pointerEvents = 'none';
-};
-
-const postComment = ({
-  href,
-  platform,
-  browser,
-  userAgent,
-  innerWidth,
-  innerHeight,
-  projectId,
-  projectPath,
-  mergeRequestId,
-  mrUrl,
-  token,
-}) => {
-  // Clear any old errors
-  clearNote(COMMENT_BOX);
-
-  setInProgressState();
-
-  const commentText = selectCommentBox().value.trim();
-
-  if (!commentText) {
-    /* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
-    postError('Your comment appears to be empty.', COMMENT_BOX);
-    resetCommentBox();
-    resetCommentButton();
-    return;
-  }
-
-  const detailText = `
- \n
-<details>
-  <summary>Metadata</summary>
-  Posted from ${href} | ${platform} | ${browser} | ${innerWidth} x ${innerHeight}.
-  <br /><br />
-  <em>User agent: ${userAgent}</em>
-</details>
+import { nextView } from '../store';
+import { localStorage, COMMENT_BOX, LOGOUT } from '../shared';
+import { clearNote } from './note';
+import { buttonClearStyles } from './utils';
+import { addForm } from './wrapper';
+import { changeSelectedMr, selectedMrNote } from './comment_mr_note';
+import postComment from './comment_post';
+import { saveComment, getSavedComment } from './comment_storage';
+
+const comment = state => {
+  const savedComment = getSavedComment();
+
+  return `
+    <div>
+      <textarea id="${COMMENT_BOX}" name="${COMMENT_BOX}" rows="3" placeholder="Enter your feedback or idea" class="gitlab-input" aria-required="true">${savedComment}</textarea>
+      ${selectedMrNote(state)}
+      <p class="gitlab-metadata-note">Additional metadata will be included: browser, OS, current page, user agent, and viewport dimensions.</p>
+    </div>
+    <div class="gitlab-button-wrapper">
+      <button class="gitlab-button gitlab-button-success" style="${buttonClearStyles}" type="button" id="gitlab-comment-button"> Send feedback </button>
+      <button class="gitlab-button gitlab-button-secondary" style="${buttonClearStyles}" type="button" id="${LOGOUT}"> Log out </button>
+    </div>
   `;
+};
 
-  const url = `
-    ${mrUrl}/api/v4/projects/${projectId}/merge_requests/${mergeRequestId}/discussions`;
-
-  const body = `${commentText} ${detailText}`;
-
-  fetch(url, {
-    method: 'POST',
-    headers: {
-      'PRIVATE-TOKEN': token,
-      'Content-Type': 'application/json',
-    },
-    body: JSON.stringify({ body }),
-  })
-    .then(response => {
-      if (response.ok) {
-        return response.json();
-      }
-
-      throw new Error(`${response.status}: ${response.statusText}`);
-    })
-    .then(data => {
-      const commentId = data.notes[0].id;
-      const feedbackLink = `${mrUrl}/${projectPath}/merge_requests/${mergeRequestId}#note_${commentId}`;
-      const feedbackInfo = `Feedback sent. View at <a class="gitlab-link" href="${feedbackLink}">${projectPath} #${mergeRequestId} (comment ${commentId})</a>`;
-      confirmAndClear(feedbackInfo);
-    })
-    .catch(err => {
-      postError(
-        `Your comment could not be sent. Please try again. Error: ${err.message}`,
-        COMMENT_BOX,
-      );
-      resetCommentBox();
-      resetCommentButton();
-    });
+// This function is here becaause it is called only from the comment view
+// If we reach a design where we can logout from multiple views, promote this
+// to it's own package
+const logoutUser = state => {
+  localStorage.removeItem('token');
+  localStorage.removeItem('mergeRequestId');
+  state.token = '';
+  state.mergeRequestId = '';
+
+  clearNote();
+  addForm(nextView(state, COMMENT_BOX));
 };
 
-export { comment, postComment };
+export { changeSelectedMr, comment, logoutUser, postComment, saveComment };
diff --git a/app/assets/javascripts/visual_review_toolbar/components/comment_mr_note.js b/app/assets/javascripts/visual_review_toolbar/components/comment_mr_note.js
new file mode 100644
index 00000000000..f71ffbf4f20
--- /dev/null
+++ b/app/assets/javascripts/visual_review_toolbar/components/comment_mr_note.js
@@ -0,0 +1,31 @@
+import { nextView } from '../store';
+import { localStorage, CHANGE_MR_ID_BUTTON, COMMENT_BOX } from '../shared';
+import { clearNote } from './note';
+import { buttonClearStyles } from './utils';
+import { addForm } from './wrapper';
+
+const selectedMrNote = state => {
+  const { mrUrl, projectPath, mergeRequestId } = state;
+
+  const mrLink = `${mrUrl}/${projectPath}/merge_requests/${mergeRequestId}`;
+
+  return `
+    <p class="gitlab-metadata-note">
+      This posts to merge request <a class="gitlab-link" href="${mrLink}">!${mergeRequestId}</a>.
+      <button style="${buttonClearStyles}" type="button" id="${CHANGE_MR_ID_BUTTON}" class="gitlab-link gitlab-link-button">Change</button>
+    </p>
+  `;
+};
+
+const clearMrId = state => {
+  localStorage.removeItem('mergeRequestId');
+  state.mergeRequestId = '';
+};
+
+const changeSelectedMr = state => {
+  clearMrId(state);
+  clearNote();
+  addForm(nextView(state, COMMENT_BOX));
+};
+
+export { changeSelectedMr, selectedMrNote };
diff --git a/app/assets/javascripts/visual_review_toolbar/components/comment_post.js b/app/assets/javascripts/visual_review_toolbar/components/comment_post.js
new file mode 100644
index 00000000000..ee5f2b62425
--- /dev/null
+++ b/app/assets/javascripts/visual_review_toolbar/components/comment_post.js
@@ -0,0 +1,145 @@
+import { BLACK, COMMENT_BOX, MUTED } from '../shared';
+import { clearSavedComment } from './comment_storage';
+import { clearNote, postError } from './note';
+import { selectCommentBox, selectCommentButton, selectNote, selectNoteContainer } from './utils';
+
+const resetCommentButton = () => {
+  const commentButton = selectCommentButton();
+
+  /* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
+  commentButton.innerText = 'Send feedback';
+  commentButton.classList.replace('gitlab-button-secondary', 'gitlab-button-success');
+  commentButton.style.opacity = 1;
+};
+
+const resetCommentBox = () => {
+  const commentBox = selectCommentBox();
+  commentBox.style.pointerEvents = 'auto';
+  commentBox.style.color = BLACK;
+};
+
+const resetCommentText = () => {
+  const commentBox = selectCommentBox();
+  commentBox.value = '';
+  clearSavedComment();
+};
+
+const resetComment = () => {
+  resetCommentButton();
+  resetCommentBox();
+  resetCommentText();
+};
+
+const confirmAndClear = feedbackInfo => {
+  const commentButton = selectCommentButton();
+  const currentNote = selectNote();
+  const noteContainer = selectNoteContainer();
+
+  /* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
+  commentButton.innerText = 'Feedback sent';
+  noteContainer.style.visibility = 'visible';
+  currentNote.insertAdjacentHTML('beforeend', feedbackInfo);
+
+  setTimeout(resetComment, 1000);
+  setTimeout(clearNote, 6000);
+};
+
+const setInProgressState = () => {
+  const commentButton = selectCommentButton();
+  const commentBox = selectCommentBox();
+
+  /* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
+  commentButton.innerText = 'Sending feedback';
+  commentButton.classList.replace('gitlab-button-success', 'gitlab-button-secondary');
+  commentButton.style.opacity = 0.5;
+  commentBox.style.color = MUTED;
+  commentBox.style.pointerEvents = 'none';
+};
+
+const commentErrors = error => {
+  switch (error.status) {
+    case 401:
+      /* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
+      return 'Unauthorized. You may have entered an incorrect authentication token.';
+    case 404:
+      /* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
+      return 'Not found. You may have entered an incorrect merge request ID.';
+    default:
+      /* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
+      return `Your comment could not be sent. Please try again. Error: ${error.message}`;
+  }
+};
+
+const postComment = ({
+  platform,
+  browser,
+  userAgent,
+  innerWidth,
+  innerHeight,
+  projectId,
+  projectPath,
+  mergeRequestId,
+  mrUrl,
+  token,
+}) => {
+  // Clear any old errors
+  clearNote(COMMENT_BOX);
+
+  setInProgressState();
+
+  const commentText = selectCommentBox().value.trim();
+  // Get the href at the last moment to support SPAs
+  const { href } = window.location;
+
+  if (!commentText) {
+    /* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
+    postError('Your comment appears to be empty.', COMMENT_BOX);
+    resetCommentBox();
+    resetCommentButton();
+    return;
+  }
+
+  const detailText = `
+ \n
+<details>
+  <summary>Metadata</summary>
+  Posted from ${href} | ${platform} | ${browser} | ${innerWidth} x ${innerHeight}.
+  <br /><br />
+  <em>User agent: ${userAgent}</em>
+</details>
+  `;
+
+  const url = `
+    ${mrUrl}/api/v4/projects/${projectId}/merge_requests/${mergeRequestId}/discussions`;
+
+  const body = `${commentText} ${detailText}`;
+
+  fetch(url, {
+    method: 'POST',
+    headers: {
+      'PRIVATE-TOKEN': token,
+      'Content-Type': 'application/json',
+    },
+    body: JSON.stringify({ body }),
+  })
+    .then(response => {
+      if (response.ok) {
+        return response.json();
+      }
+
+      throw response;
+    })
+    .then(data => {
+      const commentId = data.notes[0].id;
+      const feedbackLink = `${mrUrl}/${projectPath}/merge_requests/${mergeRequestId}#note_${commentId}`;
+      const feedbackInfo = `Feedback sent. View at <a class="gitlab-link" href="${feedbackLink}">${projectPath} !${mergeRequestId} (comment ${commentId})</a>`;
+      confirmAndClear(feedbackInfo);
+    })
+    .catch(err => {
+      postError(commentErrors(err), COMMENT_BOX);
+      resetCommentBox();
+      resetCommentButton();
+    });
+};
+
+export default postComment;
diff --git a/app/assets/javascripts/visual_review_toolbar/components/comment_storage.js b/app/assets/javascripts/visual_review_toolbar/components/comment_storage.js
new file mode 100644
index 00000000000..32a9e7e2f05
--- /dev/null
+++ b/app/assets/javascripts/visual_review_toolbar/components/comment_storage.js
@@ -0,0 +1,20 @@
+import { selectCommentBox } from './utils';
+import { sessionStorage } from '../shared';
+
+const getSavedComment = () => sessionStorage.getItem('comment') || '';
+
+const saveComment = () => {
+  const currentComment = selectCommentBox();
+
+  // This may be added to any view via top-level beforeunload listener
+  // so let's skip if it does not apply
+  if (currentComment && currentComment.value) {
+    sessionStorage.setItem('comment', currentComment.value);
+  }
+};
+
+const clearSavedComment = () => {
+  sessionStorage.removeItem('comment');
+};
+
+export { getSavedComment, saveComment, clearSavedComment };
diff --git a/app/assets/javascripts/visual_review_toolbar/components/constants.js b/app/assets/javascripts/visual_review_toolbar/components/constants.js
deleted file mode 100644
index 07fcb179d15..00000000000
--- a/app/assets/javascripts/visual_review_toolbar/components/constants.js
+++ /dev/null
@@ -1,41 +0,0 @@
-// component selectors
-const COLLAPSE_BUTTON = 'gitlab-collapse';
-const COMMENT_BOX = 'gitlab-comment';
-const COMMENT_BUTTON = 'gitlab-comment-button';
-const FORM = 'gitlab-form';
-const FORM_CONTAINER = 'gitlab-form-wrapper';
-const LOGIN = 'gitlab-login';
-const LOGOUT = 'gitlab-logout-button';
-const NOTE = 'gitlab-validation-note';
-const NOTE_CONTAINER = 'gitlab-note-wrapper';
-const REMEMBER_TOKEN = 'gitlab-remember_token';
-const REVIEW_CONTAINER = 'gitlab-review-container';
-const TOKEN_BOX = 'gitlab-token';
-
-// colors — these are applied programmatically
-// rest of styles belong in ./styles
-const BLACK = 'rgba(46, 46, 46, 1)';
-const CLEAR = 'rgba(255, 255, 255, 0)';
-const MUTED = 'rgba(223, 223, 223, 0.5)';
-const RED = 'rgba(219, 59, 33, 1)';
-const WHITE = 'rgba(250, 250, 250, 1)';
-
-export {
-  COLLAPSE_BUTTON,
-  COMMENT_BOX,
-  COMMENT_BUTTON,
-  FORM,
-  FORM_CONTAINER,
-  LOGIN,
-  LOGOUT,
-  NOTE,
-  NOTE_CONTAINER,
-  REMEMBER_TOKEN,
-  REVIEW_CONTAINER,
-  TOKEN_BOX,
-  BLACK,
-  CLEAR,
-  MUTED,
-  RED,
-  WHITE,
-};
diff --git a/app/assets/javascripts/visual_review_toolbar/components/form_elements.js b/app/assets/javascripts/visual_review_toolbar/components/form_elements.js
new file mode 100644
index 00000000000..608488a6fea
--- /dev/null
+++ b/app/assets/javascripts/visual_review_toolbar/components/form_elements.js
@@ -0,0 +1,17 @@
+import { REMEMBER_ITEM } from '../shared';
+import { buttonClearStyles } from './utils';
+
+/* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
+const rememberBox = (rememberText = 'Remember me') => `
+  <div class="gitlab-checkbox-wrapper">
+    <input type="checkbox" id="${REMEMBER_ITEM}" name="${REMEMBER_ITEM}" value="remember">
+    <label for="${REMEMBER_ITEM}" class="gitlab-checkbox-label">${rememberText}</label>
+  </div>
+`;
+
+const submitButton = buttonId => `
+  <div class="gitlab-button-wrapper">
+    <button class="gitlab-button-wide gitlab-button gitlab-button-success" style="${buttonClearStyles}" type="button" id="${buttonId}"> Submit </button>
+  </div>
+`;
+export { rememberBox, submitButton };
diff --git a/app/assets/javascripts/visual_review_toolbar/components/index.js b/app/assets/javascripts/visual_review_toolbar/components/index.js
index 50b52d7d3a2..e88b3637ad8 100644
--- a/app/assets/javascripts/visual_review_toolbar/components/index.js
+++ b/app/assets/javascripts/visual_review_toolbar/components/index.js
@@ -1,33 +1,23 @@
-import { comment, postComment } from './comment';
-import {
-  COLLAPSE_BUTTON,
-  COMMENT_BUTTON,
-  FORM_CONTAINER,
-  LOGIN,
-  LOGOUT,
-  REVIEW_CONTAINER,
-} from './constants';
+import { changeSelectedMr, comment, logoutUser, postComment, saveComment } from './comment';
 import { authorizeUser, login } from './login';
+import { addMr, mrForm } from './mr_id';
 import { note } from './note';
-import { selectContainer } from './utils';
-import { buttonAndForm, logoutUser, toggleForm } from './wrapper';
-import { collapseButton } from './wrapper_icons';
+import { selectContainer, selectForm } from './utils';
+import { buttonAndForm, toggleForm } from './wrapper';
 
 export {
+  addMr,
   authorizeUser,
   buttonAndForm,
-  collapseButton,
+  changeSelectedMr,
   comment,
   login,
   logoutUser,
+  mrForm,
   note,
   postComment,
+  saveComment,
   selectContainer,
+  selectForm,
   toggleForm,
-  COLLAPSE_BUTTON,
-  COMMENT_BUTTON,
-  FORM_CONTAINER,
-  LOGIN,
-  LOGOUT,
-  REVIEW_CONTAINER,
 };
diff --git a/app/assets/javascripts/visual_review_toolbar/components/login.js b/app/assets/javascripts/visual_review_toolbar/components/login.js
index 0a71299f041..4a6976ef2fd 100644
--- a/app/assets/javascripts/visual_review_toolbar/components/login.js
+++ b/app/assets/javascripts/visual_review_toolbar/components/login.js
@@ -1,35 +1,31 @@
-import { LOGIN, REMEMBER_TOKEN, TOKEN_BOX } from './constants';
+import { nextView } from '../store';
+import { localStorage, LOGIN, TOKEN_BOX } from '../shared';
 import { clearNote, postError } from './note';
-import { buttonClearStyles, selectRemember, selectToken } from './utils';
-import { addCommentForm } from './wrapper';
+import { rememberBox, submitButton } from './form_elements';
+import { selectRemember, selectToken } from './utils';
+import { addForm } from './wrapper';
+
+const labelText = `
+  Enter your <a class="gitlab-link" href="https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html">personal access token</a>
+`;
 
 const login = `
-  <div>
-    <label for="${TOKEN_BOX}" class="gitlab-label">Enter your <a class="gitlab-link" href="https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html">personal access token</a></label>
-    <input class="gitlab-input" type="password" id="${TOKEN_BOX}" name="${TOKEN_BOX}" aria-required="true" autocomplete="current-password">
-  </div>
-  <div class="gitlab-checkbox-wrapper">
-    <input type="checkbox" id="${REMEMBER_TOKEN}" name="${REMEMBER_TOKEN}" value="remember">
-    <label for="${REMEMBER_TOKEN}" class="gitlab-checkbox-label">Remember me</label>
-  </div>
-  <div class="gitlab-button-wrapper">
-    <button class="gitlab-button-wide gitlab-button gitlab-button-success" style="${buttonClearStyles}" type="button" id="${LOGIN}"> Submit </button>
-  </div>
+    <div>
+      <label for="${TOKEN_BOX}" class="gitlab-label">${labelText}</label>
+      <input class="gitlab-input" type="password" id="${TOKEN_BOX}" name="${TOKEN_BOX}" autocomplete="current-password" aria-required="true">
+    </div>
+    ${rememberBox()}
+    ${submitButton(LOGIN)}
 `;
 
 const storeToken = (token, state) => {
-  const { localStorage } = window;
   const rememberMe = selectRemember().checked;
 
-  // All the browsers we support have localStorage, so let's silently fail
-  // and go on with the rest of the functionality.
-  try {
-    if (rememberMe) {
-      localStorage.setItem('token', token);
-    }
-  } finally {
-    state.token = token;
+  if (rememberMe) {
+    localStorage.setItem('token', token);
   }
+
+  state.token = token;
 };
 
 const authorizeUser = state => {
@@ -45,7 +41,7 @@ const authorizeUser = state => {
   }
 
   storeToken(token, state);
-  addCommentForm();
+  addForm(nextView(state, LOGIN));
 };
 
-export { authorizeUser, login };
+export { authorizeUser, login, storeToken };
diff --git a/app/assets/javascripts/visual_review_toolbar/components/mr_id.js b/app/assets/javascripts/visual_review_toolbar/components/mr_id.js
new file mode 100644
index 00000000000..f51e9631dd2
--- /dev/null
+++ b/app/assets/javascripts/visual_review_toolbar/components/mr_id.js
@@ -0,0 +1,63 @@
+import { nextView } from '../store';
+import { MR_ID, MR_ID_BUTTON, localStorage } from '../shared';
+import { clearNote, postError } from './note';
+import { rememberBox, submitButton } from './form_elements';
+import { selectForm, selectMrBox, selectRemember } from './utils';
+import { addForm } from './wrapper';
+
+/* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
+const mrLabel = `Enter your merge request ID`;
+/* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
+const mrRememberText = `Remember this number`;
+
+const mrForm = `
+    <div>
+      <label for="${MR_ID}" class="gitlab-label">${mrLabel}</label>
+      <input class="gitlab-input" type="text" pattern="[1-9][0-9]*" id="${MR_ID}" name="${MR_ID}" placeholder="e.g., 321" aria-required="true">
+    </div>
+    ${rememberBox(mrRememberText)}
+    ${submitButton(MR_ID_BUTTON)}
+`;
+
+const storeMR = (id, state) => {
+  const rememberMe = selectRemember().checked;
+
+  if (rememberMe) {
+    localStorage.setItem('mergeRequestId', id);
+  }
+
+  state.mergeRequestId = id;
+};
+
+const getFormError = (mrNumber, form) => {
+  if (!mrNumber) {
+    /* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
+    return 'Please enter your merge request ID number.';
+  }
+
+  if (!form.checkValidity()) {
+    /* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
+    return 'Please remove any non-number values from the field.';
+  }
+
+  return null;
+};
+
+const addMr = state => {
+  // Clear any old errors
+  clearNote(MR_ID);
+
+  const mrNumber = selectMrBox().value;
+  const form = selectForm();
+  const formError = getFormError(mrNumber, form);
+
+  if (formError) {
+    postError(formError, MR_ID);
+    return;
+  }
+
+  storeMR(mrNumber, state);
+  addForm(nextView(state, MR_ID));
+};
+
+export { addMr, mrForm, storeMR };
diff --git a/app/assets/javascripts/visual_review_toolbar/components/note.js b/app/assets/javascripts/visual_review_toolbar/components/note.js
index 0150f640aae..9cddcb710f2 100644
--- a/app/assets/javascripts/visual_review_toolbar/components/note.js
+++ b/app/assets/javascripts/visual_review_toolbar/components/note.js
@@ -1,4 +1,4 @@
-import { NOTE, NOTE_CONTAINER, RED } from './constants';
+import { NOTE, NOTE_CONTAINER, RED } from '../shared';
 import { selectById, selectNote, selectNoteContainer } from './utils';
 
 const note = `
diff --git a/app/assets/javascripts/visual_review_toolbar/components/utils.js b/app/assets/javascripts/visual_review_toolbar/components/utils.js
index 00f4460925d..4ec9bd4a32a 100644
--- a/app/assets/javascripts/visual_review_toolbar/components/utils.js
+++ b/app/assets/javascripts/visual_review_toolbar/components/utils.js
@@ -6,12 +6,13 @@ import {
   COMMENT_BUTTON,
   FORM,
   FORM_CONTAINER,
+  MR_ID,
   NOTE,
   NOTE_CONTAINER,
-  REMEMBER_TOKEN,
+  REMEMBER_ITEM,
   REVIEW_CONTAINER,
   TOKEN_BOX,
-} from './constants';
+} from '../shared';
 
 // this style must be applied inline in a handful of components
 /* eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings */
@@ -27,9 +28,10 @@ const selectCommentButton = () => document.getElementById(COMMENT_BUTTON);
 const selectContainer = () => document.getElementById(REVIEW_CONTAINER);
 const selectForm = () => document.getElementById(FORM);
 const selectFormContainer = () => document.getElementById(FORM_CONTAINER);
+const selectMrBox = () => document.getElementById(MR_ID);
 const selectNote = () => document.getElementById(NOTE);
 const selectNoteContainer = () => document.getElementById(NOTE_CONTAINER);
-const selectRemember = () => document.getElementById(REMEMBER_TOKEN);
+const selectRemember = () => document.getElementById(REMEMBER_ITEM);
 const selectToken = () => document.getElementById(TOKEN_BOX);
 
 export {
@@ -41,6 +43,7 @@ export {
   selectCommentButton,
   selectForm,
   selectFormContainer,
+  selectMrBox,
   selectNote,
   selectNoteContainer,
   selectRemember,
diff --git a/app/assets/javascripts/visual_review_toolbar/components/wrapper.js b/app/assets/javascripts/visual_review_toolbar/components/wrapper.js
index f2eaf1d7916..fdf8ad7c41f 100644
--- a/app/assets/javascripts/visual_review_toolbar/components/wrapper.js
+++ b/app/assets/javascripts/visual_review_toolbar/components/wrapper.js
@@ -1,55 +1,32 @@
-import { comment } from './comment';
-import { CLEAR, FORM, FORM_CONTAINER, WHITE } from './constants';
-import { login } from './login';
-import { clearNote } from './note';
+import { CLEAR, FORM, FORM_CONTAINER, WHITE } from '../shared';
 import {
   selectCollapseButton,
   selectForm,
   selectFormContainer,
   selectNoteContainer,
 } from './utils';
-import { commentIcon, compressIcon } from './wrapper_icons';
+import { collapseButton, commentIcon, compressIcon } from './wrapper_icons';
 
 const form = content => `
-  <form id="${FORM}">
+  <form id="${FORM}" novalidate>
     ${content}
   </form>
 `;
 
-const buttonAndForm = ({ content, toggleButton }) => `
+const buttonAndForm = content => `
   <div id="${FORM_CONTAINER}" class="gitlab-form-open">
-    ${toggleButton}
+    ${collapseButton}
     ${form(content)}
   </div>
 `;
 
-const addCommentForm = () => {
+const addForm = nextForm => {
   const formWrapper = selectForm();
-  formWrapper.innerHTML = comment;
+  formWrapper.innerHTML = nextForm;
 };
 
-const addLoginForm = () => {
-  const formWrapper = selectForm();
-  formWrapper.innerHTML = login;
-};
-
-function logoutUser() {
-  const { localStorage } = window;
-
-  // All the browsers we support have localStorage, so let's silently fail
-  // and go on with the rest of the functionality.
-  try {
-    localStorage.removeItem('token');
-  } catch (err) {
-    return;
-  }
-
-  clearNote();
-  addLoginForm();
-}
-
 function toggleForm() {
-  const collapseButton = selectCollapseButton();
+  const toggleButton = selectCollapseButton();
   const currentForm = selectForm();
   const formContainer = selectFormContainer();
   const noteContainer = selectNoteContainer();
@@ -84,19 +61,19 @@ function toggleForm() {
     },
   };
 
-  const nextState = collapseButton.classList.contains('gitlab-collapse-open') ? CLOSED : OPEN;
+  const nextState = toggleButton.classList.contains('gitlab-collapse-open') ? CLOSED : OPEN;
   const currentVals = stateVals[nextState];
 
   formContainer.classList.replace(...currentVals.containerClasses);
   formContainer.style.backgroundColor = currentVals.backgroundColor;
   formContainer.classList.toggle('gitlab-form-open');
   currentForm.style.display = currentVals.display;
-  collapseButton.classList.replace(...currentVals.buttonClasses);
-  collapseButton.innerHTML = currentVals.icon;
+  toggleButton.classList.replace(...currentVals.buttonClasses);
+  toggleButton.innerHTML = currentVals.icon;
 
   if (noteContainer && noteContainer.innerText.length > 0) {
     noteContainer.style.display = currentVals.display;
   }
 }
 
-export { addCommentForm, addLoginForm, buttonAndForm, logoutUser, toggleForm };
+export { addForm, buttonAndForm, toggleForm };
diff --git a/app/assets/javascripts/visual_review_toolbar/index.js b/app/assets/javascripts/visual_review_toolbar/index.js
index f94eb88835a..67b3fadd772 100644
--- a/app/assets/javascripts/visual_review_toolbar/index.js
+++ b/app/assets/javascripts/visual_review_toolbar/index.js
@@ -1,7 +1,8 @@
 import './styles/toolbar.css';
 
-import { buttonAndForm, note, selectContainer, REVIEW_CONTAINER } from './components';
-import { debounce, eventLookup, getInitialView, initializeState, updateWindowSize } from './store';
+import { buttonAndForm, note, selectForm, selectContainer } from './components';
+import { REVIEW_CONTAINER } from './shared';
+import { eventLookup, getInitialView, initializeGlobalListeners, initializeState } from './store';
 
 /*
 
@@ -20,7 +21,7 @@ import { debounce, eventLookup, getInitialView, initializeState, updateWindowSiz
 window.addEventListener('load', () => {
   initializeState(window, document);
 
-  const mainContent = buttonAndForm(getInitialView(window));
+  const mainContent = buttonAndForm(getInitialView());
   const container = document.createElement('div');
   container.setAttribute('id', REVIEW_CONTAINER);
   container.insertAdjacentHTML('beforeend', note);
@@ -29,8 +30,22 @@ window.addEventListener('load', () => {
   document.body.insertBefore(container, document.body.firstChild);
 
   selectContainer().addEventListener('click', event => {
-    eventLookup(event)();
+    eventLookup(event.target.id)();
   });
 
-  window.addEventListener('resize', debounce(updateWindowSize.bind(null, window), 200));
+  selectForm().addEventListener('submit', event => {
+    // this is important to prevent the form from adding data
+    // as URL params and inadvertently revealing secrets
+    event.preventDefault();
+
+    const id =
+      event.target.querySelector('.gitlab-button-wrapper') &&
+      event.target.querySelector('.gitlab-button-wrapper').getElementsByTagName('button')[0] &&
+      event.target.querySelector('.gitlab-button-wrapper').getElementsByTagName('button')[0].id;
+
+    // even if this is called with false, it's ok; it will get the default no-op
+    eventLookup(id)();
+  });
+
+  initializeGlobalListeners();
 });
diff --git a/app/assets/javascripts/visual_review_toolbar/shared/constants.js b/app/assets/javascripts/visual_review_toolbar/shared/constants.js
new file mode 100644
index 00000000000..a56ea378b14
--- /dev/null
+++ b/app/assets/javascripts/visual_review_toolbar/shared/constants.js
@@ -0,0 +1,47 @@
+// component selectors
+const CHANGE_MR_ID_BUTTON = 'gitlab-change-mr';
+const COLLAPSE_BUTTON = 'gitlab-collapse';
+const COMMENT_BOX = 'gitlab-comment';
+const COMMENT_BUTTON = 'gitlab-comment-button';
+const FORM = 'gitlab-form';
+const FORM_CONTAINER = 'gitlab-form-wrapper';
+const LOGIN = 'gitlab-login-button';
+const LOGOUT = 'gitlab-logout-button';
+const MR_ID = 'gitlab-submit-mr';
+const MR_ID_BUTTON = 'gitlab-submit-mr-button';
+const NOTE = 'gitlab-validation-note';
+const NOTE_CONTAINER = 'gitlab-note-wrapper';
+const REMEMBER_ITEM = 'gitlab-remember-item';
+const REVIEW_CONTAINER = 'gitlab-review-container';
+const TOKEN_BOX = 'gitlab-token';
+
+// colors — these are applied programmatically
+// rest of styles belong in ./styles
+const BLACK = 'rgba(46, 46, 46, 1)';
+const CLEAR = 'rgba(255, 255, 255, 0)';
+const MUTED = 'rgba(223, 223, 223, 0.5)';
+const RED = 'rgba(219, 59, 33, 1)';
+const WHITE = 'rgba(250, 250, 250, 1)';
+
+export {
+  CHANGE_MR_ID_BUTTON,
+  COLLAPSE_BUTTON,
+  COMMENT_BOX,
+  COMMENT_BUTTON,
+  FORM,
+  FORM_CONTAINER,
+  LOGIN,
+  LOGOUT,
+  MR_ID,
+  MR_ID_BUTTON,
+  NOTE,
+  NOTE_CONTAINER,
+  REMEMBER_ITEM,
+  REVIEW_CONTAINER,
+  TOKEN_BOX,
+  BLACK,
+  CLEAR,
+  MUTED,
+  RED,
+  WHITE,
+};
diff --git a/app/assets/javascripts/visual_review_toolbar/shared/index.js b/app/assets/javascripts/visual_review_toolbar/shared/index.js
new file mode 100644
index 00000000000..751eae74dde
--- /dev/null
+++ b/app/assets/javascripts/visual_review_toolbar/shared/index.js
@@ -0,0 +1,49 @@
+import {
+  CHANGE_MR_ID_BUTTON,
+  COLLAPSE_BUTTON,
+  COMMENT_BOX,
+  COMMENT_BUTTON,
+  FORM,
+  FORM_CONTAINER,
+  LOGIN,
+  LOGOUT,
+  MR_ID,
+  MR_ID_BUTTON,
+  NOTE,
+  NOTE_CONTAINER,
+  REMEMBER_ITEM,
+  REVIEW_CONTAINER,
+  TOKEN_BOX,
+  BLACK,
+  CLEAR,
+  MUTED,
+  RED,
+  WHITE,
+} from './constants';
+
+import { localStorage, sessionStorage } from './storage_utils';
+
+export {
+  localStorage,
+  sessionStorage,
+  CHANGE_MR_ID_BUTTON,
+  COLLAPSE_BUTTON,
+  COMMENT_BOX,
+  COMMENT_BUTTON,
+  FORM,
+  FORM_CONTAINER,
+  LOGIN,
+  LOGOUT,
+  MR_ID,
+  MR_ID_BUTTON,
+  NOTE,
+  NOTE_CONTAINER,
+  REMEMBER_ITEM,
+  REVIEW_CONTAINER,
+  TOKEN_BOX,
+  BLACK,
+  CLEAR,
+  MUTED,
+  RED,
+  WHITE,
+};
diff --git a/app/assets/javascripts/visual_review_toolbar/shared/storage_utils.js b/app/assets/javascripts/visual_review_toolbar/shared/storage_utils.js
new file mode 100644
index 00000000000..00456d3536e
--- /dev/null
+++ b/app/assets/javascripts/visual_review_toolbar/shared/storage_utils.js
@@ -0,0 +1,42 @@
+import { setUsingGracefulStorageFlag } from '../store/state';
+
+const TEST_KEY = 'gitlab-storage-test';
+
+const createStorageStub = () => {
+  const items = {};
+
+  return {
+    getItem(key) {
+      return items[key];
+    },
+    setItem(key, value) {
+      items[key] = value;
+    },
+    removeItem(key) {
+      delete items[key];
+    },
+  };
+};
+
+const hasStorageSupport = storage => {
+  // Support test taken from https://stackoverflow.com/a/11214467/1708147
+  try {
+    storage.setItem(TEST_KEY, TEST_KEY);
+    storage.removeItem(TEST_KEY);
+    setUsingGracefulStorageFlag(true);
+
+    return true;
+  } catch (err) {
+    setUsingGracefulStorageFlag(false);
+    return false;
+  }
+};
+
+const useGracefulStorage = storage =>
+  // If a browser does not support local storage, let's return a graceful implementation.
+  hasStorageSupport(storage) ? storage : createStorageStub();
+
+const localStorage = useGracefulStorage(window.localStorage);
+const sessionStorage = useGracefulStorage(window.sessionStorage);
+
+export { localStorage, sessionStorage };
diff --git a/app/assets/javascripts/visual_review_toolbar/store/events.js b/app/assets/javascripts/visual_review_toolbar/store/events.js
index 93996be8473..c9095c77ef1 100644
--- a/app/assets/javascripts/visual_review_toolbar/store/events.js
+++ b/app/assets/javascripts/visual_review_toolbar/store/events.js
@@ -1,20 +1,37 @@
 import {
+  addMr,
   authorizeUser,
+  changeSelectedMr,
   logoutUser,
   postComment,
+  saveComment,
   toggleForm,
+} from '../components';
+
+import {
+  CHANGE_MR_ID_BUTTON,
   COLLAPSE_BUTTON,
   COMMENT_BUTTON,
   LOGIN,
   LOGOUT,
-} from '../components';
+  MR_ID_BUTTON,
+} from '../shared';
 
 import { state } from './state';
+import debounce from './utils';
 
 const noop = () => {};
 
-const eventLookup = ({ target: { id } }) => {
+// State needs to be bound here to be acted on
+// because these are called by click events and
+// as such are called with only the `event` object
+const eventLookup = id => {
   switch (id) {
+    case CHANGE_MR_ID_BUTTON:
+      return () => {
+        saveComment();
+        changeSelectedMr(state);
+      };
     case COLLAPSE_BUTTON:
       return toggleForm;
     case COMMENT_BUTTON:
@@ -22,7 +39,12 @@ const eventLookup = ({ target: { id } }) => {
     case LOGIN:
       return authorizeUser.bind(null, state);
     case LOGOUT:
-      return logoutUser;
+      return () => {
+        saveComment();
+        logoutUser(state);
+      };
+    case MR_ID_BUTTON:
+      return addMr.bind(null, state);
     default:
       return noop;
   }
@@ -33,4 +55,19 @@ const updateWindowSize = wind => {
   state.innerHeight = wind.innerHeight;
 };
 
-export { eventLookup, updateWindowSize };
+const initializeGlobalListeners = () => {
+  window.addEventListener('resize', debounce(updateWindowSize.bind(null, window), 200));
+  window.addEventListener('beforeunload', event => {
+    if (state.usingGracefulStorage) {
+      // if there is no browser storage support, reloading will lose the comment; this way, the user will be warned
+      // we assign the return value because it is required by Chrome see: https://developer.mozilla.org/en-US/docs/Web/API/WindowEventHandlers/onbeforeunload#Example,
+      event.preventDefault();
+      /* eslint-disable-next-line no-param-reassign */
+      event.returnValue = '';
+    }
+
+    saveComment();
+  });
+};
+
+export { eventLookup, initializeGlobalListeners };
diff --git a/app/assets/javascripts/visual_review_toolbar/store/index.js b/app/assets/javascripts/visual_review_toolbar/store/index.js
index 7143588c0bf..07c8dd6f1d2 100644
--- a/app/assets/javascripts/visual_review_toolbar/store/index.js
+++ b/app/assets/javascripts/visual_review_toolbar/store/index.js
@@ -1,5 +1,11 @@
-import { eventLookup, updateWindowSize } from './events';
-import { getInitialView, initializeState } from './state';
-import debounce from './utils';
+import { eventLookup, initializeGlobalListeners } from './events';
+import { nextView, getInitialView, initializeState, setUsingGracefulStorageFlag } from './state';
 
-export { debounce, eventLookup, getInitialView, initializeState, updateWindowSize };
+export {
+  eventLookup,
+  getInitialView,
+  initializeGlobalListeners,
+  initializeState,
+  nextView,
+  setUsingGracefulStorageFlag,
+};
diff --git a/app/assets/javascripts/visual_review_toolbar/store/state.js b/app/assets/javascripts/visual_review_toolbar/store/state.js
index 22702d524b8..741a5c7d99c 100644
--- a/app/assets/javascripts/visual_review_toolbar/store/state.js
+++ b/app/assets/javascripts/visual_review_toolbar/store/state.js
@@ -1,8 +1,9 @@
-import { comment, login, collapseButton } from '../components';
+import { comment, login, mrForm } from '../components';
+import { localStorage, COMMENT_BOX, LOGIN, MR_ID } from '../shared';
 
 const state = {
   browser: '',
-  href: '',
+  usingGracefulStorage: '',
   innerWidth: '',
   innerHeight: '',
   mergeRequestId: '',
@@ -23,11 +24,31 @@ const getBrowserId = sUsrAg => {
   return aKeys[nIdx];
 };
 
+const nextView = (appState, form = 'none') => {
+  const formsList = {
+    [COMMENT_BOX]: currentState => (currentState.token ? mrForm : login),
+    [LOGIN]: currentState => (currentState.mergeRequestId ? comment(currentState) : mrForm),
+    [MR_ID]: currentState => (currentState.token ? comment(currentState) : login),
+    none: currentState => {
+      if (!currentState.token) {
+        return login;
+      }
+
+      if (currentState.token && !currentState.mergeRequestId) {
+        return mrForm;
+      }
+
+      return comment(currentState);
+    },
+  };
+
+  return formsList[form](appState);
+};
+
 const initializeState = (wind, doc) => {
   const {
     innerWidth,
     innerHeight,
-    location: { href },
     navigator: { platform, userAgent },
   } = wind;
 
@@ -39,7 +60,6 @@ const initializeState = (wind, doc) => {
   // This mutates our default state object above. It's weird but it makes the linter happy.
   Object.assign(state, {
     browser,
-    href,
     innerWidth,
     innerHeight,
     mergeRequestId,
@@ -49,30 +69,27 @@ const initializeState = (wind, doc) => {
     projectPath,
     userAgent,
   });
-};
 
-function getInitialView({ localStorage }) {
-  const loginView = {
-    content: login,
-    toggleButton: collapseButton,
-  };
+  return state;
+};
 
-  const commentView = {
-    content: comment,
-    toggleButton: collapseButton,
-  };
+const getInitialView = () => {
+  const token = localStorage.getItem('token');
+  const mrId = localStorage.getItem('mergeRequestId');
 
-  try {
-    const token = localStorage.getItem('token');
+  if (token) {
+    state.token = token;
+  }
 
-    if (token) {
-      state.token = token;
-      return commentView;
-    }
-    return loginView;
-  } catch (err) {
-    return loginView;
+  if (mrId) {
+    state.mergeRequestId = mrId;
   }
-}
 
-export { initializeState, getInitialView, state };
+  return nextView(state);
+};
+
+const setUsingGracefulStorageFlag = flag => {
+  state.usingGracefulStorage = !flag;
+};
+
+export { initializeState, getInitialView, nextView, setUsingGracefulStorageFlag, state };
diff --git a/app/assets/javascripts/visual_review_toolbar/styles/toolbar.css b/app/assets/javascripts/visual_review_toolbar/styles/toolbar.css
index 6a7b2f52549..e5732fd5d93 100644
--- a/app/assets/javascripts/visual_review_toolbar/styles/toolbar.css
+++ b/app/assets/javascripts/visual_review_toolbar/styles/toolbar.css
@@ -107,10 +107,14 @@
 }
 
 .gitlab-button-wrapper {
-  margin-top: 1rem;
+  margin-top: 0.5rem;
   display: flex;
   align-items: baseline;
-  justify-content: flex-end;
+  /*
+    this makes sure the hit enter to submit picks the correct button
+    on the comment view
+   */
+  flex-direction: row-reverse;
 }
 
 .gitlab-collapse {
@@ -155,6 +159,12 @@
   text-decoration: underline;
 }
 
+.gitlab-link-button {
+  border: none;
+  cursor: pointer;
+  padding: 0 .15rem;
+}
+
 .gitlab-message {
   padding: .25rem 0;
   margin: 0;
@@ -165,7 +175,7 @@
   font-size: .7rem;
   line-height: 1rem;
   color: #666;
-  margin-bottom: 0;
+  margin-bottom: .5rem;
 }
 
 .gitlab-input {
diff --git a/changelogs/unreleased/64190-add-mr-form.yml b/changelogs/unreleased/64190-add-mr-form.yml
new file mode 100644
index 00000000000..08340d01fd8
--- /dev/null
+++ b/changelogs/unreleased/64190-add-mr-form.yml
@@ -0,0 +1,5 @@
+---
+title: Add MR form to Visual Review (EE) runtime configuration
+merge_request: 30481
+author:
+type: changed
-- 
cgit v1.2.1


From 5246626d2cf8bb23e4fb9a7172542573a6e17ba3 Mon Sep 17 00:00:00 2001
From: Lukas Eipert <leipert@gitlab.com>
Date: Mon, 29 Jul 2019 18:04:00 +0200
Subject: Simplify pdf.js logic

Instead of complicated splicing, we can simply return all pages.
Promise.all will take care of the correct ordering for us.
---
 app/assets/javascripts/pdf/index.vue      | 22 ++++++++--------------
 app/assets/javascripts/pdf/page/index.vue |  4 +++-
 2 files changed, 11 insertions(+), 15 deletions(-)

diff --git a/app/assets/javascripts/pdf/index.vue b/app/assets/javascripts/pdf/index.vue
index a0142df0806..2b468aa5744 100644
--- a/app/assets/javascripts/pdf/index.vue
+++ b/app/assets/javascripts/pdf/index.vue
@@ -14,7 +14,6 @@ export default {
   },
   data() {
     return {
-      loading: false,
       pages: [],
     };
   },
@@ -37,23 +36,18 @@ export default {
       return pdfjsLib
         .getDocument(this.document)
         .then(this.renderPages)
-        .then(() => this.$emit('pdflabload'))
-        .catch(error => this.$emit('pdflaberror', error))
-        .then(() => {
-          // Trigger a Vue update: https://vuejs.org/v2/guide/list.html#Caveats
-          this.pages.splice(this.pages.length);
-          this.loading = false;
+        .then(pages => {
+          this.pages = pages;
+          this.$emit('pdflabload');
+        })
+        .catch(error => {
+          this.$emit('pdflaberror', error);
         });
     },
     renderPages(pdf) {
       const pagePromises = [];
-      this.loading = true;
       for (let num = 1; num <= pdf.numPages; num += 1) {
-        pagePromises.push(
-          pdf.getPage(num).then(p => {
-            this.pages[p.pageIndex] = p;
-          }),
-        );
+        pagePromises.push(pdf.getPage(num));
       }
       return Promise.all(pagePromises);
     },
@@ -65,8 +59,8 @@ export default {
   <div v-if="hasPDF" class="pdf-viewer">
     <page
       v-for="(page, index) in pages"
+      v-if="page"
       :key="index"
-      :v-if="!loading"
       :page="page"
       :number="index + 1"
     />
diff --git a/app/assets/javascripts/pdf/page/index.vue b/app/assets/javascripts/pdf/page/index.vue
index f16aaca6cd7..d933fdf220a 100644
--- a/app/assets/javascripts/pdf/page/index.vue
+++ b/app/assets/javascripts/pdf/page/index.vue
@@ -39,7 +39,9 @@ export default {
       .then(() => {
         this.rendering = false;
       })
-      .catch(error => this.$emit('pdflaberror', error));
+      .catch(error => {
+        this.$emit('pdflaberror', error);
+      });
   },
 };
 </script>
-- 
cgit v1.2.1


From 6d4c7b9fc30d652ca165995a2df4540fd742d960 Mon Sep 17 00:00:00 2001
From: Damian Nowak <spam@nowaker.net>
Date: Mon, 29 Jul 2019 16:19:54 +0000
Subject: Jobs: use curl --location to follow redirects

Required to fetch artifacts/logs if AWS is used as the storage backend.
---
 doc/api/jobs.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/doc/api/jobs.md b/doc/api/jobs.md
index 0e45ee1a583..2a1c1b5f6f3 100644
--- a/doc/api/jobs.md
+++ b/doc/api/jobs.md
@@ -491,7 +491,7 @@ Parameters
 Example request:
 
 ```sh
-curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/jobs/5/artifacts/some/release/file.pdf"
+curl --location --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/jobs/5/artifacts/some/release/file.pdf"
 ```
 
 Possible response status codes:
@@ -526,7 +526,7 @@ Parameters:
 Example request:
 
 ```sh
-curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/jobs/artifacts/master/raw/some/release/file.pdf?job=pdf"
+curl --location --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/jobs/artifacts/master/raw/some/release/file.pdf?job=pdf"
 ```
 
 Possible response status codes:
@@ -551,7 +551,7 @@ GET /projects/:id/jobs/:job_id/trace
 | job_id    | integer        | yes      | ID of a job.                                                                                                 |
 
 ```sh
-curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/jobs/8/trace"
+curl --location --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/jobs/8/trace"
 ```
 
 Possible response status codes:
-- 
cgit v1.2.1


From 177463007b1b97d29c7f4f8e279365c1ca6bfc9e Mon Sep 17 00:00:00 2001
From: Luke Duncalfe <lduncalfe@gitlab.com>
Date: Mon, 29 Jul 2019 18:55:19 +0000
Subject: Migrations for adding issue_id to versions table

These migrations do the following:

- Adds a new `issue_id` column to `versions`. This fixes an n+1 problem
  when loading versions for an issue in GraphQL as AR can now load from
  cache
- Change the unique restraint on versions.sha to be scoped to `issue_id`
  as in order to import version data, we need to allow duplicate `sha`
  values for versions
- Update all versions with an `issue_id`

https://gitlab.com/gitlab-org/gitlab-ee/issues/11090
---
 .../20190715042813_add_issue_id_to_versions.rb     | 13 ++++++++
 ...20190715043954_set_issue_id_for_all_versions.rb | 19 +++++++++++
 ...0190715043944_remove_sha_index_from_versions.rb | 17 ++++++++++
 ...01_add_unique_issue_id_sha_index_to_versions.rb | 17 ++++++++++
 db/schema.rb                                       |  5 ++-
 .../set_issue_id_for_all_versions_spec.rb          | 38 ++++++++++++++++++++++
 6 files changed, 108 insertions(+), 1 deletion(-)
 create mode 100644 db/migrate/20190715042813_add_issue_id_to_versions.rb
 create mode 100644 db/migrate/20190715043954_set_issue_id_for_all_versions.rb
 create mode 100644 db/post_migrate/20190715043944_remove_sha_index_from_versions.rb
 create mode 100644 db/post_migrate/20190715044501_add_unique_issue_id_sha_index_to_versions.rb
 create mode 100644 spec/migrations/set_issue_id_for_all_versions_spec.rb

diff --git a/db/migrate/20190715042813_add_issue_id_to_versions.rb b/db/migrate/20190715042813_add_issue_id_to_versions.rb
new file mode 100644
index 00000000000..1cefdbc9df2
--- /dev/null
+++ b/db/migrate/20190715042813_add_issue_id_to_versions.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class AddIssueIdToVersions < ActiveRecord::Migration[5.2]
+  DOWNTIME = false
+
+  def up
+    add_reference :design_management_versions, :issue, index: true, foreign_key: { on_delete: :cascade }
+  end
+
+  def down
+    remove_reference :design_management_versions, :issue
+  end
+end
diff --git a/db/migrate/20190715043954_set_issue_id_for_all_versions.rb b/db/migrate/20190715043954_set_issue_id_for_all_versions.rb
new file mode 100644
index 00000000000..345b749f1a4
--- /dev/null
+++ b/db/migrate/20190715043954_set_issue_id_for_all_versions.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+class SetIssueIdForAllVersions < ActiveRecord::Migration[5.2]
+  DOWNTIME = false
+
+  def up
+    execute('UPDATE design_management_versions as versions SET issue_id = (
+      SELECT design_management_designs.issue_id
+        FROM design_management_designs
+        INNER JOIN design_management_designs_versions ON design_management_designs.id = design_management_designs_versions.design_id
+        WHERE design_management_designs_versions.version_id = versions.id
+        LIMIT 1
+    )')
+  end
+
+  def down
+    # no-op
+  end
+end
diff --git a/db/post_migrate/20190715043944_remove_sha_index_from_versions.rb b/db/post_migrate/20190715043944_remove_sha_index_from_versions.rb
new file mode 100644
index 00000000000..b23abb80dda
--- /dev/null
+++ b/db/post_migrate/20190715043944_remove_sha_index_from_versions.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class RemoveShaIndexFromVersions < ActiveRecord::Migration[5.2]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    remove_concurrent_index :design_management_versions, :sha
+  end
+
+  def down
+    add_concurrent_index :design_management_versions, :sha, unique: true, using: :btree
+  end
+end
diff --git a/db/post_migrate/20190715044501_add_unique_issue_id_sha_index_to_versions.rb b/db/post_migrate/20190715044501_add_unique_issue_id_sha_index_to_versions.rb
new file mode 100644
index 00000000000..27b0c9648f9
--- /dev/null
+++ b/db/post_migrate/20190715044501_add_unique_issue_id_sha_index_to_versions.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class AddUniqueIssueIdShaIndexToVersions < ActiveRecord::Migration[5.2]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_concurrent_index :design_management_versions, [:sha, :issue_id], unique: true, using: :btree
+  end
+
+  def down
+    remove_concurrent_index :design_management_versions, [:sha, :issue_id]
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 1b5272179f5..3188ff5b229 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1116,7 +1116,9 @@ ActiveRecord::Schema.define(version: 2019_07_25_012225) do
 
   create_table "design_management_versions", force: :cascade do |t|
     t.binary "sha", null: false
-    t.index ["sha"], name: "index_design_management_versions_on_sha", unique: true
+    t.bigint "issue_id"
+    t.index ["issue_id"], name: "index_design_management_versions_on_issue_id"
+    t.index ["sha", "issue_id"], name: "index_design_management_versions_on_sha_and_issue_id", unique: true
   end
 
   create_table "draft_notes", force: :cascade do |t|
@@ -3701,6 +3703,7 @@ ActiveRecord::Schema.define(version: 2019_07_25_012225) do
   add_foreign_key "design_management_designs", "projects", on_delete: :cascade
   add_foreign_key "design_management_designs_versions", "design_management_designs", column: "design_id", name: "fk_03c671965c", on_delete: :cascade
   add_foreign_key "design_management_designs_versions", "design_management_versions", column: "version_id", name: "fk_f4d25ba00c", on_delete: :cascade
+  add_foreign_key "design_management_versions", "issues", on_delete: :cascade
   add_foreign_key "draft_notes", "merge_requests", on_delete: :cascade
   add_foreign_key "draft_notes", "users", column: "author_id", on_delete: :cascade
   add_foreign_key "elasticsearch_indexed_namespaces", "namespaces", on_delete: :cascade
diff --git a/spec/migrations/set_issue_id_for_all_versions_spec.rb b/spec/migrations/set_issue_id_for_all_versions_spec.rb
new file mode 100644
index 00000000000..bfc2731181b
--- /dev/null
+++ b/spec/migrations/set_issue_id_for_all_versions_spec.rb
@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+require Rails.root.join('db', 'migrate', '20190715043954_set_issue_id_for_all_versions.rb')
+
+describe SetIssueIdForAllVersions, :migration do
+  let(:projects) { table(:projects) }
+  let(:issues) { table(:issues) }
+  let(:designs) { table(:design_management_designs) }
+  let(:designs_versions) { table(:design_management_designs_versions) }
+  let(:versions) { table(:design_management_versions) }
+
+  before do
+    @project = projects.create!(name: 'gitlab', path: 'gitlab-org/gitlab-ce', namespace_id: 1)
+
+    @issue_1 = issues.create!(description: 'first', project_id: @project.id)
+    @issue_2 = issues.create!(description: 'second', project_id: @project.id)
+
+    @design_1 = designs.create!(issue_id: @issue_1.id, filename: 'homepage-1.jpg', project_id: @project.id)
+    @design_2 = designs.create!(issue_id: @issue_2.id, filename: 'homepage-2.jpg', project_id: @project.id)
+
+    @version_1 = versions.create!(sha: 'foo')
+    @version_2 = versions.create!(sha: 'bar')
+
+    designs_versions.create!(version_id: @version_1.id, design_id: @design_1.id)
+    designs_versions.create!(version_id: @version_2.id, design_id: @design_2.id)
+  end
+
+  it 'correctly sets issue_id' do
+    expect(versions.where(issue_id: nil).count).to eq(2)
+
+    migrate!
+
+    expect(versions.where(issue_id: nil).count).to eq(0)
+    expect(versions.find(@version_1.id).issue_id).to eq(@issue_1.id)
+    expect(versions.find(@version_2.id).issue_id).to eq(@issue_2.id)
+  end
+end
-- 
cgit v1.2.1


From 576b397de9f9962f7de7304600e13107f24edcef Mon Sep 17 00:00:00 2001
From: Andreas Brandl <abrandl@gitlab.com>
Date: Mon, 29 Jul 2019 19:06:50 +0000
Subject: Create index on environments by state

---
 changelogs/unreleased/ab-add-index-on-environments.yml  |  5 +++++
 ...190729090456_add_index_on_environments_with_state.rb | 17 +++++++++++++++++
 db/schema.rb                                            |  3 ++-
 3 files changed, 24 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/ab-add-index-on-environments.yml
 create mode 100644 db/migrate/20190729090456_add_index_on_environments_with_state.rb

diff --git a/changelogs/unreleased/ab-add-index-on-environments.yml b/changelogs/unreleased/ab-add-index-on-environments.yml
new file mode 100644
index 00000000000..6c7641912f4
--- /dev/null
+++ b/changelogs/unreleased/ab-add-index-on-environments.yml
@@ -0,0 +1,5 @@
+---
+title: Create index on environments by state
+merge_request: 31231
+author:
+type: performance
diff --git a/db/migrate/20190729090456_add_index_on_environments_with_state.rb b/db/migrate/20190729090456_add_index_on_environments_with_state.rb
new file mode 100644
index 00000000000..9a8d8391415
--- /dev/null
+++ b/db/migrate/20190729090456_add_index_on_environments_with_state.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class AddIndexOnEnvironmentsWithState < ActiveRecord::Migration[5.2]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_concurrent_index :environments, [:project_id, :state]
+  end
+
+  def down
+    remove_concurrent_index :environments, [:project_id, :state]
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 3188ff5b229..f6b7e22fe09 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2019_07_25_012225) do
+ActiveRecord::Schema.define(version: 2019_07_29_090456) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "pg_trgm"
@@ -1174,6 +1174,7 @@ ActiveRecord::Schema.define(version: 2019_07_25_012225) do
     t.index ["name"], name: "index_environments_on_name_varchar_pattern_ops", opclass: :varchar_pattern_ops
     t.index ["project_id", "name"], name: "index_environments_on_project_id_and_name", unique: true
     t.index ["project_id", "slug"], name: "index_environments_on_project_id_and_slug", unique: true
+    t.index ["project_id", "state"], name: "index_environments_on_project_id_and_state"
   end
 
   create_table "epic_issues", id: :serial, force: :cascade do |t|
-- 
cgit v1.2.1


From c4ba95f78786e916b6a934fb6ca982ebadeb734a Mon Sep 17 00:00:00 2001
From: Tanya Pazitny <tpazitny@gitlab.com>
Date: Mon, 29 Jul 2019 19:15:16 +0000
Subject: Change qa-* class references to rspec-* for repository settings

---
 app/views/projects/mirrors/_disabled_mirror_badge.html.haml | 2 +-
 app/views/projects/mirrors/_mirror_repos.html.haml          | 4 ++--
 app/views/shared/_remote_mirror_update_button.html.haml     | 2 +-
 spec/features/projects/settings/repository_settings_spec.rb | 8 ++++----
 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/app/views/projects/mirrors/_disabled_mirror_badge.html.haml b/app/views/projects/mirrors/_disabled_mirror_badge.html.haml
index 356cb43f07f..9c11b650f75 100644
--- a/app/views/projects/mirrors/_disabled_mirror_badge.html.haml
+++ b/app/views/projects/mirrors/_disabled_mirror_badge.html.haml
@@ -1 +1 @@
-.badge.badge-warning.qa-disabled-mirror-badge{ data: { toggle: 'tooltip', html: 'true' }, title: _('Disabled mirrors can only be enabled by instance owners. It is recommended that you delete them.') }= _('Disabled')
+.badge.badge-warning.qa-disabled-mirror-badge.rspec-disabled-mirror-badge{ data: { toggle: 'tooltip', html: 'true' }, title: _('Disabled mirrors can only be enabled by instance owners. It is recommended that you delete them.') }= _('Disabled')
diff --git a/app/views/projects/mirrors/_mirror_repos.html.haml b/app/views/projects/mirrors/_mirror_repos.html.haml
index e68fa5d08c7..280ec6d715b 100644
--- a/app/views/projects/mirrors/_mirror_repos.html.haml
+++ b/app/views/projects/mirrors/_mirror_repos.html.haml
@@ -50,7 +50,7 @@
             = render_if_exists 'projects/mirrors/table_pull_row'
             - @project.remote_mirrors.each_with_index do |mirror, index|
               - next if mirror.new_record?
-              %tr.qa-mirrored-repository-row{ class: ('bg-secondary' if mirror.disabled?) }
+              %tr.qa-mirrored-repository-row.rspec-mirrored-repository-row{ class: ('bg-secondary' if mirror.disabled?) }
                 %td.qa-mirror-repository-url= mirror.safe_url
                 %td= _('Push')
                 %td.qa-mirror-last-update-at= mirror.last_update_at.present? ? time_ago_with_tooltip(mirror.last_update_at) : _('Never')
@@ -64,4 +64,4 @@
                     - if mirror.ssh_key_auth?
                       = clipboard_button(text: mirror.ssh_public_key, class: 'btn btn-default', title: _('Copy SSH public key'))
                     = render 'shared/remote_mirror_update_button', remote_mirror: mirror
-                    %button.js-delete-mirror.qa-delete-mirror.btn.btn-danger{ type: 'button', data: { mirror_id: mirror.id, toggle: 'tooltip', container: 'body' }, title: _('Remove') }= icon('trash-o')
+                    %button.js-delete-mirror.qa-delete-mirror.rspec-delete-mirror.btn.btn-danger{ type: 'button', data: { mirror_id: mirror.id, toggle: 'tooltip', container: 'body' }, title: _('Remove') }= icon('trash-o')
diff --git a/app/views/shared/_remote_mirror_update_button.html.haml b/app/views/shared/_remote_mirror_update_button.html.haml
index 8da2ae5111a..4b39c8b06e9 100644
--- a/app/views/shared/_remote_mirror_update_button.html.haml
+++ b/app/views/shared/_remote_mirror_update_button.html.haml
@@ -2,5 +2,5 @@
   %button.btn.disabled{ type: 'button', data: { toggle: 'tooltip', container: 'body' }, title: _('Updating') }
     = icon("refresh spin")
 - elsif remote_mirror.enabled?
-  = link_to update_now_project_mirror_path(@project, sync_remote: true), method: :post, class: "btn qa-update-now-button", data: { toggle: 'tooltip', container: 'body' }, title: _('Update now') do
+  = link_to update_now_project_mirror_path(@project, sync_remote: true), method: :post, class: "btn qa-update-now-button rspec-update-now-button", data: { toggle: 'tooltip', container: 'body' }, title: _('Update now') do
     = icon("refresh")
diff --git a/spec/features/projects/settings/repository_settings_spec.rb b/spec/features/projects/settings/repository_settings_spec.rb
index 45adcc00a3c..1294c8822b6 100644
--- a/spec/features/projects/settings/repository_settings_spec.rb
+++ b/spec/features/projects/settings/repository_settings_spec.rb
@@ -250,11 +250,11 @@ describe 'Projects > Settings > Repository settings' do
 
       visit project_settings_repository_path(project)
 
-      mirror = find('.qa-mirrored-repository-row')
+      mirror = find('.rspec-mirrored-repository-row')
 
-      expect(mirror).to have_selector('.qa-delete-mirror')
-      expect(mirror).to have_selector('.qa-disabled-mirror-badge')
-      expect(mirror).not_to have_selector('.qa-update-now-button')
+      expect(mirror).to have_selector('.rspec-delete-mirror')
+      expect(mirror).to have_selector('.rspec-disabled-mirror-badge')
+      expect(mirror).not_to have_selector('.rspec-update-now-button')
     end
   end
 end
-- 
cgit v1.2.1


From 7fa33cccf6583ad5cd4963b61fb3c4bc5c6a8e03 Mon Sep 17 00:00:00 2001
From: Tanya Pazitny <tpazitny@gitlab.com>
Date: Mon, 29 Jul 2019 19:16:39 +0000
Subject: Change qa-full-name to rspec-full-name

---
 app/views/profiles/show.html.haml                | 4 ++--
 spec/features/profiles/user_edit_profile_spec.rb | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/views/profiles/show.html.haml b/app/views/profiles/show.html.haml
index e36d5192a29..ffb90bbd354 100644
--- a/app/views/profiles/show.html.haml
+++ b/app/views/profiles/show.html.haml
@@ -89,10 +89,10 @@
     .col-lg-8
       .row
         - if @user.read_only_attribute?(:name)
-          = f.text_field :name, required: true, readonly: true, wrapper: { class: 'col-md-9 qa-full-name' },
+          = f.text_field :name, required: true, readonly: true, wrapper: { class: 'col-md-9 qa-full-name rspec-full-name' },
           help: s_("Profiles|Your name was automatically set based on your %{provider_label} account, so people you know can recognize you") % { provider_label: attribute_provider_label(:name) }
         - else
-          = f.text_field :name, label: s_('Profiles|Full name'), required: true, title: s_("Profiles|Using emojis in names seems fun, but please try to set a status message instead"), wrapper: { class: 'col-md-9 qa-full-name' }, help: s_("Profiles|Enter your name, so people you know can recognize you")
+          = f.text_field :name, label: s_('Profiles|Full name'), required: true, title: s_("Profiles|Using emojis in names seems fun, but please try to set a status message instead"), wrapper: { class: 'col-md-9 qa-full-name rspec-full-name' }, help: s_("Profiles|Enter your name, so people you know can recognize you")
         = f.text_field :id, readonly: true, label: s_('Profiles|User ID'), wrapper: { class: 'col-md-3' }
 
       = render_if_exists 'profiles/email_settings', form: f
diff --git a/spec/features/profiles/user_edit_profile_spec.rb b/spec/features/profiles/user_edit_profile_spec.rb
index 7a53e2d19f7..1ab7742b36e 100644
--- a/spec/features/profiles/user_edit_profile_spec.rb
+++ b/spec/features/profiles/user_edit_profile_spec.rb
@@ -42,7 +42,7 @@ describe 'User edit profile' do
     simulate_input('#user_name', 'Martin 😀')
     submit_settings
 
-    page.within('.qa-full-name') do
+    page.within('.rspec-full-name') do
       expect(page).to have_css '.gl-field-error-outline'
       expect(find('.gl-field-error')).not_to have_selector('.hidden')
       expect(find('.gl-field-error')).to have_content('Using emojis in names seems fun, but please try to set a status message instead')
-- 
cgit v1.2.1


From 30b7187488b236a5f9e2a476f06b7425cf959ea2 Mon Sep 17 00:00:00 2001
From: Romain Aviolat <r.aviolat@gmail.com>
Date: Mon, 29 Jul 2019 21:18:05 +0200
Subject: Doc: ci: examples: fix typo Envoy

This commit fixes a typo in the ci/examples
documentation
---
 doc/ci/examples/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/ci/examples/README.md b/doc/ci/examples/README.md
index 9295dcfd4e0..00995f881da 100644
--- a/doc/ci/examples/README.md
+++ b/doc/ci/examples/README.md
@@ -33,7 +33,7 @@ The following table lists examples with step-by-step tutorials that are containe
 | Java with Maven             | [How to deploy Maven projects to Artifactory with GitLab CI/CD](artifactory_and_gitlab/index.md).                          |
 | PHP with PHPunit, atoum     | [Testing PHP projects](php.md).                                                                                            |
 | PHP with NPM, SCP           | [Running Composer and NPM scripts with deployment via SCP in GitLab CI/CD](deployment/composer-npm-deploy.md).             |
-| PHP with Laravel, Ennvoy    | [Test and deploy Laravel applications with GitLab CI/CD and Envoy](laravel_with_gitlab_and_envoy/index.md).                |
+| PHP with Laravel, Envoy     | [Test and deploy Laravel applications with GitLab CI/CD and Envoy](laravel_with_gitlab_and_envoy/index.md).                |
 | Python on Heroku            | [Test and deploy a Python application with GitLab CI/CD](test-and-deploy-python-application-to-heroku.md).                 |
 | Ruby on Heroku              | [Test and deploy a Ruby application with GitLab CI/CD](test-and-deploy-ruby-application-to-heroku.md).                     |
 | Scala on Heroku             | [Test and deploy a Scala application to Heroku](test-scala-application.md).                                                |
-- 
cgit v1.2.1


From a0a3e29982019d8114d9d0f0f8f721b4d85f5026 Mon Sep 17 00:00:00 2001
From: Tanya Pazitny <tpazitny@gitlab.com>
Date: Mon, 29 Jul 2019 19:18:54 +0000
Subject: Change qa-* class references to rspec-* in
 spec/features/contextual_sidebar_spec.rb

---
 app/views/layouts/nav/sidebar/_project.html.haml  |  4 ++--
 app/views/shared/_sidebar_toggle_button.html.haml |  2 +-
 spec/features/contextual_sidebar_spec.rb          | 10 +++++-----
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/app/views/layouts/nav/sidebar/_project.html.haml b/app/views/layouts/nav/sidebar/_project.html.haml
index 92dd558885a..02ecf816e90 100644
--- a/app/views/layouts/nav/sidebar/_project.html.haml
+++ b/app/views/layouts/nav/sidebar/_project.html.haml
@@ -9,7 +9,7 @@
           = @project.name
     %ul.sidebar-top-level-items
       = nav_link(path: sidebar_projects_paths, html_options: { class: 'home' }) do
-        = link_to project_path(@project), class: 'shortcuts-project', data: { qa_selector: 'project_link' } do
+        = link_to project_path(@project), class: 'shortcuts-project rspec-project-link', data: { qa_selector: 'project_link' } do
           .nav-icon-container
             = sprite_icon('home')
           %span.nav-item-name
@@ -163,7 +163,7 @@
 
       - if project_nav_tab? :pipelines
         = nav_link(controller: [:pipelines, :builds, :jobs, :pipeline_schedules, :artifacts]) do
-          = link_to project_pipelines_path(@project), class: 'shortcuts-pipelines qa-link-pipelines' do
+          = link_to project_pipelines_path(@project), class: 'shortcuts-pipelines qa-link-pipelines rspec-link-pipelines' do
             .nav-icon-container
               = sprite_icon('rocket')
             %span.nav-item-name#js-onboarding-pipelines-link
diff --git a/app/views/shared/_sidebar_toggle_button.html.haml b/app/views/shared/_sidebar_toggle_button.html.haml
index d499bc0a253..c7546073e5c 100644
--- a/app/views/shared/_sidebar_toggle_button.html.haml
+++ b/app/views/shared/_sidebar_toggle_button.html.haml
@@ -1,4 +1,4 @@
-%a.toggle-sidebar-button.js-toggle-sidebar.qa-toggle-sidebar{ role: "button", type: "button", title: "Toggle sidebar" }
+%a.toggle-sidebar-button.js-toggle-sidebar.qa-toggle-sidebar.rspec-toggle-sidebar{ role: "button", type: "button", title: "Toggle sidebar" }
   = sprite_icon('angle-double-left', css_class: 'icon-angle-double-left')
   = sprite_icon('angle-double-right', css_class: 'icon-angle-double-right')
   %span.collapse-text= _("Collapse sidebar")
diff --git a/spec/features/contextual_sidebar_spec.rb b/spec/features/contextual_sidebar_spec.rb
index 9807818bef7..e250e8cc90a 100644
--- a/spec/features/contextual_sidebar_spec.rb
+++ b/spec/features/contextual_sidebar_spec.rb
@@ -16,21 +16,21 @@ describe 'Contextual sidebar', :js do
   it 'shows flyout navs when collapsed or expanded apart from on the active item when expanded' do
     expect(page).not_to have_selector('.js-sidebar-collapsed')
 
-    find('.qa-link-pipelines').hover
+    find('.rspec-link-pipelines').hover
 
     expect(page).to have_selector('.is-showing-fly-out')
 
-    find('a[data-qa-selector="project_link"]').hover
+    find('.rspec-project-link').hover
 
     expect(page).not_to have_selector('.is-showing-fly-out')
 
-    find('.qa-toggle-sidebar').click
+    find('.rspec-toggle-sidebar').click
 
-    find('.qa-link-pipelines').hover
+    find('.rspec-link-pipelines').hover
 
     expect(page).to have_selector('.is-showing-fly-out')
 
-    find('a[data-qa-selector="project_link"]').hover
+    find('.rspec-project-link').hover
 
     expect(page).to have_selector('.is-showing-fly-out')
   end
-- 
cgit v1.2.1


From 67e1dd4c0a3a356631b3c4e852f19d9734504f77 Mon Sep 17 00:00:00 2001
From: Tanya Pazitny <tpazitny@gitlab.com>
Date: Mon, 29 Jul 2019 19:19:44 +0000
Subject: Change qa-reverse-sort class references to rspec-reverse-sort

---
 app/helpers/sorting_helper.rb                             | 2 +-
 app/helpers/wiki_helper.rb                                | 2 +-
 spec/features/issuables/sorting_list_spec.rb              | 4 ++--
 spec/features/projects/wiki/user_views_wiki_pages_spec.rb | 4 ++--
 spec/helpers/wiki_helper_spec.rb                          | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/app/helpers/sorting_helper.rb b/app/helpers/sorting_helper.rb
index d5e5b472115..15f35645c78 100644
--- a/app/helpers/sorting_helper.rb
+++ b/app/helpers/sorting_helper.rb
@@ -210,7 +210,7 @@ module SortingHelper
   end
 
   def sort_direction_button(reverse_url, reverse_sort, sort_value)
-    link_class = 'btn btn-default has-tooltip reverse-sort-btn qa-reverse-sort'
+    link_class = 'btn btn-default has-tooltip reverse-sort-btn qa-reverse-sort rspec-reverse-sort'
     icon = sort_direction_icon(sort_value)
     url = reverse_url
 
diff --git a/app/helpers/wiki_helper.rb b/app/helpers/wiki_helper.rb
index edd48f82729..dd8fde2a697 100644
--- a/app/helpers/wiki_helper.rb
+++ b/app/helpers/wiki_helper.rb
@@ -50,7 +50,7 @@ module WikiHelper
 
   def wiki_sort_controls(project, sort, direction)
     sort ||= ProjectWiki::TITLE_ORDER
-    link_class = 'btn btn-default has-tooltip reverse-sort-btn qa-reverse-sort'
+    link_class = 'btn btn-default has-tooltip reverse-sort-btn qa-reverse-sort rspec-reverse-sort'
     reversed_direction = direction == 'desc' ? 'asc' : 'desc'
     icon_class = direction == 'desc' ? 'highest' : 'lowest'
 
diff --git a/spec/features/issuables/sorting_list_spec.rb b/spec/features/issuables/sorting_list_spec.rb
index 3a46a4e0167..b4531f5da4e 100644
--- a/spec/features/issuables/sorting_list_spec.rb
+++ b/spec/features/issuables/sorting_list_spec.rb
@@ -102,7 +102,7 @@ describe 'Sort Issuable List' do
         expect(first_merge_request).to include(last_updated_issuable.title)
         expect(last_merge_request).to include(first_updated_issuable.title)
 
-        find('.issues-other-filters .filter-dropdown-container .qa-reverse-sort').click
+        find('.issues-other-filters .filter-dropdown-container .rspec-reverse-sort').click
 
         expect(first_merge_request).to include(first_updated_issuable.title)
         expect(last_merge_request).to include(last_updated_issuable.title)
@@ -204,7 +204,7 @@ describe 'Sort Issuable List' do
         expect(first_issue).to include(last_updated_issuable.title)
         expect(last_issue).to include(first_updated_issuable.title)
 
-        find('.issues-other-filters .filter-dropdown-container .qa-reverse-sort').click
+        find('.issues-other-filters .filter-dropdown-container .rspec-reverse-sort').click
 
         expect(first_issue).to include(first_updated_issuable.title)
         expect(last_issue).to include(last_updated_issuable.title)
diff --git a/spec/features/projects/wiki/user_views_wiki_pages_spec.rb b/spec/features/projects/wiki/user_views_wiki_pages_spec.rb
index 5c16d7783f0..6740df1d4ed 100644
--- a/spec/features/projects/wiki/user_views_wiki_pages_spec.rb
+++ b/spec/features/projects/wiki/user_views_wiki_pages_spec.rb
@@ -42,7 +42,7 @@ describe 'User views wiki pages' do
     context 'desc' do
       before do
         page.within('.wiki-sort-dropdown') do
-          page.find('.qa-reverse-sort').click
+          page.find('.rspec-reverse-sort').click
         end
       end
 
@@ -75,7 +75,7 @@ describe 'User views wiki pages' do
     context 'desc' do
       before do
         page.within('.wiki-sort-dropdown') do
-          page.find('.qa-reverse-sort').click
+          page.find('.rspec-reverse-sort').click
         end
       end
 
diff --git a/spec/helpers/wiki_helper_spec.rb b/spec/helpers/wiki_helper_spec.rb
index 8eab40aeaf3..ee977e37ec1 100644
--- a/spec/helpers/wiki_helper_spec.rb
+++ b/spec/helpers/wiki_helper_spec.rb
@@ -22,7 +22,7 @@ describe WikiHelper do
   describe '#wiki_sort_controls' do
     let(:project) { create(:project) }
     let(:wiki_link) { helper.wiki_sort_controls(project, sort, direction) }
-    let(:classes) { "btn btn-default has-tooltip reverse-sort-btn qa-reverse-sort" }
+    let(:classes) { "btn btn-default has-tooltip reverse-sort-btn qa-reverse-sort rspec-reverse-sort" }
 
     def expected_link(sort, direction, icon_class)
       path = "/#{project.full_path}/wikis/pages?direction=#{direction}&sort=#{sort}"
-- 
cgit v1.2.1


From 9658e5ec33f01542879bcebd1ec2917b306dc77f Mon Sep 17 00:00:00 2001
From: Tanya Pazitny <tpazitny@gitlab.com>
Date: Mon, 29 Jul 2019 19:20:28 +0000
Subject: Change qa-* class references to js-* for squash-checkbox

---
 .../vue_merge_request_widget/components/states/squash_before_merge.vue  | 2 +-
 .../components/states/mr_widget_squash_before_merge_spec.js             | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/assets/javascripts/vue_merge_request_widget/components/states/squash_before_merge.vue b/app/assets/javascripts/vue_merge_request_widget/components/states/squash_before_merge.vue
index accb9d9fef1..98f682c2e8a 100644
--- a/app/assets/javascripts/vue_merge_request_widget/components/states/squash_before_merge.vue
+++ b/app/assets/javascripts/vue_merge_request_widget/components/states/squash_before_merge.vue
@@ -36,7 +36,7 @@ export default {
         :disabled="isDisabled"
         type="checkbox"
         name="squash"
-        class="qa-squash-checkbox"
+        class="qa-squash-checkbox js-squash-checkbox"
         @change="$emit('input', $event.target.checked)"
       />
       {{ __('Squash commits') }}
diff --git a/spec/javascripts/vue_mr_widget/components/states/mr_widget_squash_before_merge_spec.js b/spec/javascripts/vue_mr_widget/components/states/mr_widget_squash_before_merge_spec.js
index d6d8eecfcb9..cb656525f06 100644
--- a/spec/javascripts/vue_mr_widget/components/states/mr_widget_squash_before_merge_spec.js
+++ b/spec/javascripts/vue_mr_widget/components/states/mr_widget_squash_before_merge_spec.js
@@ -21,7 +21,7 @@ describe('Squash before merge component', () => {
   });
 
   describe('checkbox', () => {
-    const findCheckbox = () => wrapper.find('.qa-squash-checkbox');
+    const findCheckbox = () => wrapper.find('.js-squash-checkbox');
 
     it('is unchecked if passed value prop is false', () => {
       createComponent({
-- 
cgit v1.2.1


From e3fb7f7725389e96a01703943b87aa97f14762c2 Mon Sep 17 00:00:00 2001
From: Tanya Pazitny <tpazitny@gitlab.com>
Date: Mon, 29 Jul 2019 19:22:22 +0000
Subject: Change qa-* class references to js-* for suggestions

---
 app/assets/javascripts/vue_shared/components/markdown/header.vue    | 2 +-
 .../javascripts/vue_shared/components/markdown/suggestion_diff.vue  | 2 +-
 .../vue_shared/components/markdown/suggestion_diff_header.vue       | 4 ++--
 spec/features/markdown/copy_as_gfm_spec.rb                          | 6 +++---
 spec/frontend/vue_shared/components/markdown/header_spec.js         | 2 +-
 .../vue_shared/components/markdown/suggestion_diff_header_spec.js   | 4 ++--
 .../vue_shared/components/markdown/suggestion_diff_spec.js          | 2 +-
 7 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/app/assets/javascripts/vue_shared/components/markdown/header.vue b/app/assets/javascripts/vue_shared/components/markdown/header.vue
index 56a16c9e4d6..fcf2f950501 100644
--- a/app/assets/javascripts/vue_shared/components/markdown/header.vue
+++ b/app/assets/javascripts/vue_shared/components/markdown/header.vue
@@ -123,7 +123,7 @@ export default {
               :cursor-offset="4"
               :tag-content="lineContent"
               icon="doc-code"
-              class="qa-suggestion-btn"
+              class="qa-suggestion-btn js-suggestion-btn"
               @click="handleSuggestDismissed"
             />
             <gl-popover
diff --git a/app/assets/javascripts/vue_shared/components/markdown/suggestion_diff.vue b/app/assets/javascripts/vue_shared/components/markdown/suggestion_diff.vue
index 2eb4ec12a4a..a7cd292e01d 100644
--- a/app/assets/javascripts/vue_shared/components/markdown/suggestion_diff.vue
+++ b/app/assets/javascripts/vue_shared/components/markdown/suggestion_diff.vue
@@ -39,7 +39,7 @@ export default {
 <template>
   <div class="md-suggestion">
     <suggestion-diff-header
-      class="qa-suggestion-diff-header"
+      class="qa-suggestion-diff-header js-suggestion-diff-header"
       :can-apply="suggestion.appliable && suggestion.current_user.can_apply && !disabled"
       :is-applied="suggestion.applied"
       :help-page-path="helpPagePath"
diff --git a/app/assets/javascripts/vue_shared/components/markdown/suggestion_diff_header.vue b/app/assets/javascripts/vue_shared/components/markdown/suggestion_diff_header.vue
index 32783b85df4..12de3671477 100644
--- a/app/assets/javascripts/vue_shared/components/markdown/suggestion_diff_header.vue
+++ b/app/assets/javascripts/vue_shared/components/markdown/suggestion_diff_header.vue
@@ -41,7 +41,7 @@ export default {
 
 <template>
   <div class="md-suggestion-header border-bottom-0 mt-2">
-    <div class="qa-suggestion-diff-header font-weight-bold">
+    <div class="qa-suggestion-diff-header js-suggestion-diff-header font-weight-bold">
       {{ __('Suggested change') }}
       <a v-if="helpPagePath" :href="helpPagePath" :aria-label="__('Help')" class="js-help-btn">
         <icon name="question-o" css-classes="link-highlight" />
@@ -55,7 +55,7 @@ export default {
     <gl-button
       v-else-if="canApply"
       v-gl-tooltip.viewport="__('This also resolves the discussion')"
-      class="btn-inverted qa-apply-btn"
+      class="btn-inverted qa-apply-btn js-apply-btn"
       :disabled="isApplying"
       variant="success"
       @click="applySuggestion"
diff --git a/spec/features/markdown/copy_as_gfm_spec.rb b/spec/features/markdown/copy_as_gfm_spec.rb
index 609d8d9976b..176801d482e 100644
--- a/spec/features/markdown/copy_as_gfm_spec.rb
+++ b/spec/features/markdown/copy_as_gfm_spec.rb
@@ -418,8 +418,8 @@ describe 'Copy as GFM', :js do
 
         html = <<~HTML
           <div class="md-suggestion">
-            <div class="md-suggestion-header border-bottom-0 mt-2 qa-suggestion-diff-header">
-              <div class="qa-suggestion-diff-header font-weight-bold">
+            <div class="md-suggestion-header border-bottom-0 mt-2 qa-suggestion-diff-header js-suggestion-diff-header">
+              <div class="qa-suggestion-diff-header js-suggestion-diff-header font-weight-bold">
                 Suggested change
                 <a href="/gitlab/help/user/discussions/index.md#suggest-changes" aria-label="Help" class="js-help-btn">
                   <svg aria-hidden="true" class="s16 ic-question-o link-highlight">
@@ -428,7 +428,7 @@ describe 'Copy as GFM', :js do
                 </a>
               </div>
               <!---->
-              <button type="button" class="btn qa-apply-btn">Apply suggestion</button>
+              <button type="button" class="btn qa-apply-btn js-apply-btn">Apply suggestion</button>
             </div>
             <table class="mb-3 md-suggestion-diff js-syntax-highlight code white">
               <tbody>
diff --git a/spec/frontend/vue_shared/components/markdown/header_spec.js b/spec/frontend/vue_shared/components/markdown/header_spec.js
index aa0b544f948..48f2ee86619 100644
--- a/spec/frontend/vue_shared/components/markdown/header_spec.js
+++ b/spec/frontend/vue_shared/components/markdown/header_spec.js
@@ -101,7 +101,7 @@ describe('Markdown field header component', () => {
     vm.canSuggest = false;
 
     Vue.nextTick(() => {
-      expect(vm.$el.querySelector('.qa-suggestion-btn')).toBe(null);
+      expect(vm.$el.querySelector('.js-suggestion-btn')).toBe(null);
     });
   });
 });
diff --git a/spec/frontend/vue_shared/components/markdown/suggestion_diff_header_spec.js b/spec/frontend/vue_shared/components/markdown/suggestion_diff_header_spec.js
index d69b4c7c162..6716e5cd794 100644
--- a/spec/frontend/vue_shared/components/markdown/suggestion_diff_header_spec.js
+++ b/spec/frontend/vue_shared/components/markdown/suggestion_diff_header_spec.js
@@ -28,8 +28,8 @@ describe('Suggestion Diff component', () => {
     wrapper.destroy();
   });
 
-  const findApplyButton = () => wrapper.find('.qa-apply-btn');
-  const findHeader = () => wrapper.find('.qa-suggestion-diff-header');
+  const findApplyButton = () => wrapper.find('.js-apply-btn');
+  const findHeader = () => wrapper.find('.js-suggestion-diff-header');
   const findHelpButton = () => wrapper.find('.js-help-btn');
   const findLoading = () => wrapper.find(GlLoadingIcon);
 
diff --git a/spec/javascripts/vue_shared/components/markdown/suggestion_diff_spec.js b/spec/javascripts/vue_shared/components/markdown/suggestion_diff_spec.js
index ea74cb9eb21..dc929e83eb7 100644
--- a/spec/javascripts/vue_shared/components/markdown/suggestion_diff_spec.js
+++ b/spec/javascripts/vue_shared/components/markdown/suggestion_diff_spec.js
@@ -60,7 +60,7 @@ describe('Suggestion Diff component', () => {
 
   describe('init', () => {
     it('renders a suggestion header', () => {
-      expect(vm.$el.querySelector('.qa-suggestion-diff-header')).not.toBeNull();
+      expect(vm.$el.querySelector('.js-suggestion-diff-header')).not.toBeNull();
     });
 
     it('renders a diff table with syntax highlighting', () => {
-- 
cgit v1.2.1


From 6613a57772ee14b121b790ab8048523d1c0430ce Mon Sep 17 00:00:00 2001
From: Jacopo <beschi.jacopo@gmail.com>
Date: Sat, 20 Jul 2019 11:06:19 +0200
Subject: Add system notes for when a zoom call was added/removed from an issue

Add a zoom link added / removed system note when a zoom link is being
added / removed to the issue description.
---
 app/helpers/system_note_helper.rb                  |  1 +
 app/models/system_note_metadata.rb                 |  2 +-
 app/services/issuable_base_service.rb              |  1 +
 app/services/issues/update_service.rb              |  2 +
 app/services/system_note_service.rb                |  8 +++
 app/services/zoom_notes_service.rb                 | 42 +++++++++++
 ...a-zoom-call-was-added-removed-from-an-issue.yml |  5 ++
 lib/gitlab/zoom_link_extractor.rb                  |  4 ++
 locale/gitlab.pot                                  |  6 ++
 spec/lib/gitlab/zoom_link_extractor_spec.rb        | 10 +++
 spec/services/issues/update_service_spec.rb        |  9 +++
 .../services/merge_requests/update_service_spec.rb |  3 +-
 spec/services/system_note_service_spec.rb          | 24 +++++++
 spec/services/zoom_notes_service_spec.rb           | 81 ++++++++++++++++++++++
 14 files changed, 196 insertions(+), 2 deletions(-)
 create mode 100644 app/services/zoom_notes_service.rb
 create mode 100644 changelogs/unreleased/63547-add-system-notes-for-when-a-zoom-call-was-added-removed-from-an-issue.yml
 create mode 100644 spec/services/zoom_notes_service_spec.rb

diff --git a/app/helpers/system_note_helper.rb b/app/helpers/system_note_helper.rb
index ac4e8f54260..3efae0a653c 100644
--- a/app/helpers/system_note_helper.rb
+++ b/app/helpers/system_note_helper.rb
@@ -21,6 +21,7 @@ module SystemNoteHelper
     'discussion' => 'comment',
     'moved' => 'arrow-right',
     'outdated' => 'pencil-square',
+    'pinned_embed' => 'thumbtack',
     'duplicate' => 'issue-duplicate',
     'locked' => 'lock',
     'unlocked' => 'lock-open',
diff --git a/app/models/system_note_metadata.rb b/app/models/system_note_metadata.rb
index 55da37c9545..9a2640db9ca 100644
--- a/app/models/system_note_metadata.rb
+++ b/app/models/system_note_metadata.rb
@@ -16,7 +16,7 @@ class SystemNoteMetadata < ApplicationRecord
     commit description merge confidential visible label assignee cross_reference
     title time_tracking branch milestone discussion task moved
     opened closed merged duplicate locked unlocked
-    outdated tag due_date
+    outdated tag due_date pinned_embed
   ].freeze
 
   validates :note, presence: true
diff --git a/app/services/issuable_base_service.rb b/app/services/issuable_base_service.rb
index db673cace81..77c2224ee3b 100644
--- a/app/services/issuable_base_service.rb
+++ b/app/services/issuable_base_service.rb
@@ -358,6 +358,7 @@ class IssuableBaseService < BaseService
         assignees: issuable.assignees.to_a
       }
     associations[:total_time_spent] = issuable.total_time_spent if issuable.respond_to?(:total_time_spent)
+    associations[:description] = issuable.description
 
     associations
   end
diff --git a/app/services/issues/update_service.rb b/app/services/issues/update_service.rb
index 7cd825aa967..c8f4412c9f2 100644
--- a/app/services/issues/update_service.rb
+++ b/app/services/issues/update_service.rb
@@ -61,6 +61,8 @@ module Issues
       if added_mentions.present?
         notification_service.async.new_mentions_in_issue(issue, added_mentions, current_user)
       end
+
+      ZoomNotesService.new(issue, project, current_user, old_description: old_associations[:description]).execute
     end
 
     def handle_task_changes(issuable)
diff --git a/app/services/system_note_service.rb b/app/services/system_note_service.rb
index e4564bc9b00..e30debbbe75 100644
--- a/app/services/system_note_service.rb
+++ b/app/services/system_note_service.rb
@@ -597,6 +597,14 @@ module SystemNoteService
     note_text =~ /\A#{cross_reference_note_prefix}/i
   end
 
+  def zoom_link_added(issue, project, author)
+    create_note(NoteSummary.new(issue, project, author, _('a Zoom call was added to this issue'), action: 'pinned_embed'))
+  end
+
+  def zoom_link_removed(issue, project, author)
+    create_note(NoteSummary.new(issue, project, author, _('a Zoom call was removed from this issue'), action: 'pinned_embed'))
+  end
+
   private
 
   # rubocop: disable CodeReuse/ActiveRecord
diff --git a/app/services/zoom_notes_service.rb b/app/services/zoom_notes_service.rb
new file mode 100644
index 00000000000..983a7fcacd1
--- /dev/null
+++ b/app/services/zoom_notes_service.rb
@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+class ZoomNotesService
+  def initialize(issue, project, current_user, old_description: nil)
+    @issue = issue
+    @project = project
+    @current_user = current_user
+    @old_description = old_description
+  end
+
+  def execute
+    return if @issue.description == @old_description
+
+    if zoom_link_added?
+      zoom_link_added_notification
+    elsif zoom_link_removed?
+      zoom_link_removed_notification
+    end
+  end
+
+  private
+
+  def zoom_link_added?
+    has_zoom_link?(@issue.description) && !has_zoom_link?(@old_description)
+  end
+
+  def zoom_link_removed?
+    !has_zoom_link?(@issue.description) && has_zoom_link?(@old_description)
+  end
+
+  def has_zoom_link?(text)
+    Gitlab::ZoomLinkExtractor.new(text).match?
+  end
+
+  def zoom_link_added_notification
+    SystemNoteService.zoom_link_added(@issue, @project, @current_user)
+  end
+
+  def zoom_link_removed_notification
+    SystemNoteService.zoom_link_removed(@issue, @project, @current_user)
+  end
+end
diff --git a/changelogs/unreleased/63547-add-system-notes-for-when-a-zoom-call-was-added-removed-from-an-issue.yml b/changelogs/unreleased/63547-add-system-notes-for-when-a-zoom-call-was-added-removed-from-an-issue.yml
new file mode 100644
index 00000000000..387c01dc135
--- /dev/null
+++ b/changelogs/unreleased/63547-add-system-notes-for-when-a-zoom-call-was-added-removed-from-an-issue.yml
@@ -0,0 +1,5 @@
+---
+title: Add system notes for when a Zoom call was added/removed from an issue
+merge_request: 30857
+author: Jacopo Beschi @jacopo-beschi
+type: added
diff --git a/lib/gitlab/zoom_link_extractor.rb b/lib/gitlab/zoom_link_extractor.rb
index d9994898a08..7ac14eb2d4f 100644
--- a/lib/gitlab/zoom_link_extractor.rb
+++ b/lib/gitlab/zoom_link_extractor.rb
@@ -17,5 +17,9 @@ module Gitlab
     def links
       @text.scan(ZOOM_REGEXP)
     end
+
+    def match?
+      ZOOM_REGEXP.match?(@text)
+    end
   end
 end
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 7b742660a4c..4a30892c275 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -12687,6 +12687,12 @@ msgstr ""
 msgid "Your request for access has been queued for review."
 msgstr ""
 
+msgid "a Zoom call was added to this issue"
+msgstr ""
+
+msgid "a Zoom call was removed from this issue"
+msgstr ""
+
 msgid "a deleted user"
 msgstr ""
 
diff --git a/spec/lib/gitlab/zoom_link_extractor_spec.rb b/spec/lib/gitlab/zoom_link_extractor_spec.rb
index 52387fc3688..c3d1679d031 100644
--- a/spec/lib/gitlab/zoom_link_extractor_spec.rb
+++ b/spec/lib/gitlab/zoom_link_extractor_spec.rb
@@ -20,5 +20,15 @@ describe Gitlab::ZoomLinkExtractor do
 
       it { is_expected.to eq(links) }
     end
+
+    describe '#match?' do
+      it 'is true when a zoom link found' do
+        expect(described_class.new('issue text https://zoom.us/j/123')).to be_match
+      end
+
+      it 'is false when no zoom link found' do
+        expect(described_class.new('issue text')).not_to be_match
+      end
+    end
   end
 end
diff --git a/spec/services/issues/update_service_spec.rb b/spec/services/issues/update_service_spec.rb
index 468e7c286d5..f72618943b2 100644
--- a/spec/services/issues/update_service_spec.rb
+++ b/spec/services/issues/update_service_spec.rb
@@ -226,6 +226,15 @@ describe Issues::UpdateService, :mailer do
       end
     end
 
+    it 'creates zoom_link_added system note when a zoom link is added to the description' do
+      update_issue(description: 'Changed description https://zoom.us/j/5873603787')
+
+      note = find_note('a Zoom call was added')
+
+      expect(note).not_to be_nil
+      expect(note.note).to eq('a Zoom call was added to this issue')
+    end
+
     context 'when issue turns confidential' do
       let(:opts) do
         {
diff --git a/spec/services/merge_requests/update_service_spec.rb b/spec/services/merge_requests/update_service_spec.rb
index 7e5837a4798..516d906f58f 100644
--- a/spec/services/merge_requests/update_service_spec.rb
+++ b/spec/services/merge_requests/update_service_spec.rb
@@ -91,7 +91,8 @@ describe MergeRequests::UpdateService, :mailer do
               labels: [],
               mentioned_users: [user2],
               assignees: [user3],
-              total_time_spent: 0
+              total_time_spent: 0,
+              description: "FYI #{user2.to_reference}"
             }
           )
       end
diff --git a/spec/services/system_note_service_spec.rb b/spec/services/system_note_service_spec.rb
index 157cfc46e69..486d0ca0c56 100644
--- a/spec/services/system_note_service_spec.rb
+++ b/spec/services/system_note_service_spec.rb
@@ -513,6 +513,30 @@ describe SystemNoteService do
     end
   end
 
+  describe '.zoom_link_added' do
+    subject { described_class.zoom_link_added(issue, project, author) }
+
+    it_behaves_like 'a system note' do
+      let(:action) { 'pinned_embed' }
+    end
+
+    it 'sets the zoom link added note text' do
+      expect(subject.note).to eq('a Zoom call was added to this issue')
+    end
+  end
+
+  describe '.zoom_link_removed' do
+    subject { described_class.zoom_link_removed(issue, project, author) }
+
+    it_behaves_like 'a system note' do
+      let(:action) { 'pinned_embed' }
+    end
+
+    it 'sets the zoom link removed note text' do
+      expect(subject.note).to eq('a Zoom call was removed from this issue')
+    end
+  end
+
   describe '.cross_reference' do
     subject { described_class.cross_reference(noteable, mentioner, author) }
 
diff --git a/spec/services/zoom_notes_service_spec.rb b/spec/services/zoom_notes_service_spec.rb
new file mode 100644
index 00000000000..419ecf3f374
--- /dev/null
+++ b/spec/services/zoom_notes_service_spec.rb
@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe ZoomNotesService do
+  describe '#execute' do
+    let(:issue) { OpenStruct.new(description: description) }
+    let(:project) { Object.new }
+    let(:user) { Object.new }
+    let(:description) { 'an issue description' }
+    let(:old_description) { nil }
+
+    subject { described_class.new(issue, project, user, old_description: old_description) }
+
+    shared_examples 'no notifications' do
+      it "doesn't create notifications" do
+        expect(SystemNoteService).not_to receive(:zoom_link_added)
+        expect(SystemNoteService).not_to receive(:zoom_link_removed)
+
+        subject.execute
+      end
+    end
+
+    it_behaves_like 'no notifications'
+
+    context 'when the zoom link exists in both description and old_description' do
+      let(:description) { 'a changed issue description https://zoom.us/j/123' }
+      let(:old_description) { 'an issue description https://zoom.us/j/123' }
+
+      it_behaves_like 'no notifications'
+    end
+
+    context "when the zoom link doesn't exist in both description and old_description" do
+      let(:description) { 'a changed issue description' }
+      let(:old_description) { 'an issue description' }
+
+      it_behaves_like 'no notifications'
+    end
+
+    context 'when description == old_description' do
+      let(:old_description) { 'an issue description' }
+
+      it_behaves_like 'no notifications'
+    end
+
+    context 'when the description contains a zoom link and old_description is nil' do
+      let(:description) { 'a changed issue description https://zoom.us/j/123' }
+
+      it 'creates a zoom_link_added notification' do
+        expect(SystemNoteService).to receive(:zoom_link_added).with(issue, project, user)
+        expect(SystemNoteService).not_to receive(:zoom_link_removed)
+
+        subject.execute
+      end
+    end
+
+    context 'when the zoom link has been added to the description' do
+      let(:description) { 'a changed issue description https://zoom.us/j/123' }
+      let(:old_description) { 'an issue description' }
+
+      it 'creates a zoom_link_added notification' do
+        expect(SystemNoteService).to receive(:zoom_link_added).with(issue, project, user)
+        expect(SystemNoteService).not_to receive(:zoom_link_removed)
+
+        subject.execute
+      end
+    end
+
+    context 'when the zoom link has been removed from the description' do
+      let(:description) { 'a changed issue description' }
+      let(:old_description) { 'an issue description https://zoom.us/j/123' }
+
+      it 'creates a zoom_link_removed notification' do
+        expect(SystemNoteService).not_to receive(:zoom_link_added).with(issue, project, user)
+        expect(SystemNoteService).to receive(:zoom_link_removed)
+
+        subject.execute
+      end
+    end
+  end
+end
-- 
cgit v1.2.1


From 7d68ac70aa111ab17cfb01e12ace7fa09fedb90b Mon Sep 17 00:00:00 2001
From: Mike Greiling <mike@pixelcog.com>
Date: Mon, 29 Jul 2019 15:25:35 -0500
Subject: Use file-loader to import icon sprites

---
 app/assets/javascripts/vue_shared/components/icon.vue | 4 +++-
 config/webpack.config.js                              | 8 ++++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/app/assets/javascripts/vue_shared/components/icon.vue b/app/assets/javascripts/vue_shared/components/icon.vue
index 41c4c861566..fa89473da62 100644
--- a/app/assets/javascripts/vue_shared/components/icon.vue
+++ b/app/assets/javascripts/vue_shared/components/icon.vue
@@ -1,4 +1,6 @@
 <script>
+import iconsPath from '@gitlab/svgs/dist/icons.svg';
+
 // only allow classes in images.scss e.g. s12
 const validSizes = [8, 10, 12, 14, 16, 18, 24, 32, 48, 72];
 let iconValidator = () => true;
@@ -84,7 +86,7 @@ export default {
 
   computed: {
     spriteHref() {
-      return `${gon.sprite_icons}#${this.name}`;
+      return `${iconsPath}#${this.name}`;
     },
     iconTestClass() {
       return `ic-${this.name}`;
diff --git a/config/webpack.config.js b/config/webpack.config.js
index cd793743eb7..f00a9ac0df9 100644
--- a/config/webpack.config.js
+++ b/config/webpack.config.js
@@ -156,8 +156,16 @@ module.exports = {
         exclude: /node_modules/,
         loader: 'graphql-tag/loader',
       },
+      {
+        test: /icons\.svg$/,
+        loader: 'file-loader',
+        options: {
+          name: '[name].[hash:8].[ext]',
+        },
+      },
       {
         test: /\.svg$/,
+        exclude: /icons\.svg$/,
         loader: 'raw-loader',
       },
       {
-- 
cgit v1.2.1


From 5738171aef09003bc919f5a8a99e1a2562c3c6ed Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Francisco=20Javier=20L=C3=B3pez?= <fjlopez@gitlab.com>
Date: Mon, 29 Jul 2019 20:58:44 +0000
Subject: Fix broken master because of security merge

---
 lib/gitlab/url_blocker.rb | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/lib/gitlab/url_blocker.rb b/lib/gitlab/url_blocker.rb
index aac96377152..9c35d200dcb 100644
--- a/lib/gitlab/url_blocker.rb
+++ b/lib/gitlab/url_blocker.rb
@@ -86,11 +86,8 @@ module Gitlab
       #
       # The original hostname is used to validate the SSL, given in that scenario
       # we'll be making the request to the IP address, instead of using the hostname.
-      def enforce_uri_hostname(addrs_info, uri, hostname, dns_rebind_protection)
-        address = addrs_info.first
-        ip_address = address.ip_address
-
-        return [uri, nil] unless dns_rebind_protection && ip_address != hostname
+      def enforce_uri_hostname(ip_address, uri, hostname, dns_rebind_protection)
+        return [uri, nil] unless dns_rebind_protection && ip_address && ip_address != hostname
 
         uri = uri.dup
         uri.hostname = ip_address
-- 
cgit v1.2.1


From 922857cf480854667d99ad4f811782aaab1a66e3 Mon Sep 17 00:00:00 2001
From: Cody West <cwest@gitlab.com>
Date: Mon, 29 Jul 2019 21:03:28 +0000
Subject: Update visibility level doc

Adding parenthetical about guest users not being able to view private
projects.
---
 doc/public_access/public_access.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/public_access/public_access.md b/doc/public_access/public_access.md
index d04428fdbfe..ea4702acc41 100644
--- a/doc/public_access/public_access.md
+++ b/doc/public_access/public_access.md
@@ -37,7 +37,7 @@ visibility setting keep this setting. You can read more about the change in the
 
 ### Private projects
 
-Private projects can only be cloned and viewed by project members.
+Private projects can only be cloned and viewed by project members (except for guests).
 
 They will appear in the public access directory (`/public`) for project members only.
 
-- 
cgit v1.2.1


From b0ba7c72de0a864b01ec1c4be626a8a233a9009f Mon Sep 17 00:00:00 2001
From: Mike Greiling <mike@pixelcog.com>
Date: Mon, 29 Jul 2019 15:25:59 -0500
Subject: Override icons.svg asset path with sprockets asset

---
 app/assets/javascripts/lib/utils/icons_path.js | 3 +++
 config/webpack.config.js                       | 6 ++++++
 2 files changed, 9 insertions(+)
 create mode 100644 app/assets/javascripts/lib/utils/icons_path.js

diff --git a/app/assets/javascripts/lib/utils/icons_path.js b/app/assets/javascripts/lib/utils/icons_path.js
new file mode 100644
index 00000000000..1a1c3c8e7b3
--- /dev/null
+++ b/app/assets/javascripts/lib/utils/icons_path.js
@@ -0,0 +1,3 @@
+// any import of '@gitlab/svgs/dist/icons.svg' will be overridden with this
+// to avoid asset duplication between sprockets and webpack
+export default gon && gon.sprite_icons;
diff --git a/config/webpack.config.js b/config/webpack.config.js
index f00a9ac0df9..c497a6e88f8 100644
--- a/config/webpack.config.js
+++ b/config/webpack.config.js
@@ -89,6 +89,12 @@ const alias = {
 
   // the following resolves files which are different between CE and EE
   ee_else_ce: path.join(ROOT_PATH, 'app/assets/javascripts'),
+
+  // override loader path for icons.svg so we do not duplicate this asset
+  '@gitlab/svgs/dist/icons.svg': path.join(
+    ROOT_PATH,
+    'app/assets/javascripts/lib/utils/icons_path.js',
+  ),
 };
 
 if (IS_EE) {
-- 
cgit v1.2.1


From d770171da49c6c4b09012da6faa613cb524cbea7 Mon Sep 17 00:00:00 2001
From: Simon Knox <simon@gitlab.com>
Date: Mon, 29 Jul 2019 21:52:55 +0000
Subject: Alerts dropdown to modal - CE1

---
 app/assets/javascripts/monitoring/components/dashboard.vue  | 4 +++-
 app/assets/javascripts/monitoring/components/panel_type.vue | 6 ++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/app/assets/javascripts/monitoring/components/dashboard.vue b/app/assets/javascripts/monitoring/components/dashboard.vue
index 745488255ab..45543ef2cc8 100644
--- a/app/assets/javascripts/monitoring/components/dashboard.vue
+++ b/app/assets/javascripts/monitoring/components/dashboard.vue
@@ -369,7 +369,7 @@ export default {
     </div>
     <div v-if="!showEmptyState">
       <graph-group
-        v-for="groupData in groups"
+        v-for="(groupData, index) in groups"
         :key="`${groupData.group}.${groupData.priority}`"
         :name="groupData.group"
         :show-panels="showPanels"
@@ -381,6 +381,7 @@ export default {
             :key="`panel-type-${graphIndex}`"
             :graph-data="graphData"
             :dashboard-width="elWidth"
+            :index="`${index}-${graphIndex}`"
           />
         </template>
         <template v-else>
@@ -399,6 +400,7 @@ export default {
               :alerts-endpoint="alertsEndpoint"
               :relevant-queries="graphData.queries"
               :alerts-to-manage="getGraphAlerts(graphData.queries)"
+              :modal-id="`alert-modal-${index}-${graphIndex}`"
               @setAlerts="setAlerts"
             />
           </monitor-area-chart>
diff --git a/app/assets/javascripts/monitoring/components/panel_type.vue b/app/assets/javascripts/monitoring/components/panel_type.vue
index d7cd2c57871..f1f02964a29 100644
--- a/app/assets/javascripts/monitoring/components/panel_type.vue
+++ b/app/assets/javascripts/monitoring/components/panel_type.vue
@@ -20,6 +20,11 @@ export default {
       type: Number,
       required: true,
     },
+    index: {
+      type: String,
+      required: false,
+      default: '',
+    },
   },
   computed: {
     ...mapState('monitoringDashboard', ['deploymentData', 'projectPath']),
@@ -64,6 +69,7 @@ export default {
       :alerts-endpoint="alertsEndpoint"
       :relevant-queries="graphData.queries"
       :alerts-to-manage="getGraphAlerts(graphData.queries)"
+      :modal-id="`alert-modal-${index}`"
       @setAlerts="setAlerts"
     />
   </monitor-area-chart>
-- 
cgit v1.2.1


From 46ef495488d46932b18353739342d503288e0eea Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Wed, 24 Jul 2019 14:46:37 +1200
Subject: Write out sham_rack gem

This means we have one less Net::HTTP monkeypatch.

sham_rack cannot handle IPv6 addresses which means it breaks Net::HTTP
connections because it monkey-patches Net::HTTP
---
 Gemfile                                         | 1 -
 Gemfile.lock                                    | 3 ---
 spec/lib/container_registry/blob_spec.rb        | 2 +-
 spec/services/projects/download_service_spec.rb | 9 ++-------
 4 files changed, 3 insertions(+), 12 deletions(-)

diff --git a/Gemfile b/Gemfile
index e860ee61cb9..2d2ce8185aa 100644
--- a/Gemfile
+++ b/Gemfile
@@ -388,7 +388,6 @@ group :test do
   gem 'json-schema', '~> 2.8.0'
   gem 'webmock', '~> 3.5.1'
   gem 'rails-controller-testing'
-  gem 'sham_rack', '~> 1.3.6'
   gem 'concurrent-ruby', '~> 1.1'
   gem 'test-prof', '~> 0.2.5'
   gem 'rspec_junit_formatter'
diff --git a/Gemfile.lock b/Gemfile.lock
index 3614f111a4b..f7776b296da 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -884,8 +884,6 @@ GEM
       faraday (>= 0.7.6, < 1.0)
     settingslogic (2.0.9)
     sexp_processor (4.12.0)
-    sham_rack (1.3.6)
-      rack
     shoulda-matchers (4.0.1)
       activesupport (>= 4.2.0)
     sidekiq (5.2.7)
@@ -1232,7 +1230,6 @@ DEPENDENCIES
   selenium-webdriver (~> 3.141)
   sentry-raven (~> 2.9)
   settingslogic (~> 2.0.9)
-  sham_rack (~> 1.3.6)
   shoulda-matchers (~> 4.0.1)
   sidekiq (~> 5.2.7)
   sidekiq-cron (~> 1.0)
diff --git a/spec/lib/container_registry/blob_spec.rb b/spec/lib/container_registry/blob_spec.rb
index ba7f76cfa3b..ec5addc7c68 100644
--- a/spec/lib/container_registry/blob_spec.rb
+++ b/spec/lib/container_registry/blob_spec.rb
@@ -116,7 +116,7 @@ describe ContainerRegistry::Blob do
         let(:location) { 'file:///etc/passwd' }
 
         it 'raises an error' do
-          expect { blob.data }.to raise_error(ArgumentError, 'invalid address')
+          expect { blob.data }.to raise_error(NoMethodError, %q{undefined method `request_uri' for #<URI::File file:///etc/passwd>})
         end
       end
     end
diff --git a/spec/services/projects/download_service_spec.rb b/spec/services/projects/download_service_spec.rb
index f25233ceeb1..06efc2ff825 100644
--- a/spec/services/projects/download_service_spec.rb
+++ b/spec/services/projects/download_service_spec.rb
@@ -20,13 +20,8 @@ describe Projects::DownloadService do
 
     context 'for URLs that are on the whitelist' do
       before do
-        sham_rack_app = ShamRack.at('mycompany.fogbugz.com').stub
-        sham_rack_app.register_resource('/rails_sample.jpg', File.read(Rails.root + 'spec/fixtures/rails_sample.jpg'), 'image/jpg')
-        sham_rack_app.register_resource('/doc_sample.txt', File.read(Rails.root + 'spec/fixtures/doc_sample.txt'), 'text/plain')
-      end
-
-      after do
-        ShamRack.unmount_all
+        stub_request(:get, 'http://mycompany.fogbugz.com/rails_sample.jpg').to_return(body: File.read(Rails.root + 'spec/fixtures/rails_sample.jpg'))
+        stub_request(:get, 'http://mycompany.fogbugz.com/doc_sample.txt').to_return(body: File.read(Rails.root + 'spec/fixtures/doc_sample.txt'))
       end
 
       context 'an image file' do
-- 
cgit v1.2.1


From d6a7408fd319749b9cd47690f03720d1a5c088ca Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Wed, 24 Jul 2019 22:39:40 +1200
Subject: Explicitly reject non http(s) schemes

Rather than relying on NoMethodError deep inside faraday
---
 lib/container_registry/client.rb         |  5 ++++-
 spec/lib/container_registry/blob_spec.rb | 19 ++++++++++++++++++-
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/lib/container_registry/client.rb b/lib/container_registry/client.rb
index c3a19af7a94..82810ea4076 100644
--- a/lib/container_registry/client.rb
+++ b/lib/container_registry/client.rb
@@ -82,7 +82,10 @@ module ContainerRegistry
     def redirect_response(location)
       return unless location
 
-      faraday_redirect.get(location)
+      uri = URI(@base_uri).merge(location)
+      raise ArgumentError, "Invalid scheme for #{location}" unless %w[http https].include?(uri.scheme)
+
+      faraday_redirect.get(uri)
     end
 
     def faraday
diff --git a/spec/lib/container_registry/blob_spec.rb b/spec/lib/container_registry/blob_spec.rb
index ec5addc7c68..be7be2f3719 100644
--- a/spec/lib/container_registry/blob_spec.rb
+++ b/spec/lib/container_registry/blob_spec.rb
@@ -112,11 +112,28 @@ describe ContainerRegistry::Blob do
         end
       end
 
+      context 'for a relative address' do
+        before do
+          stub_request(:get, 'http://registry.gitlab/relative')
+            .with { |request| !request.headers.include?('Authorization') }
+            .to_return(
+              status: 200,
+              headers: { 'Content-Type' => 'application/json' },
+              body: '{"key":"value"}')
+        end
+
+        let(:location) { '/relative' }
+
+        it 'returns correct data' do
+          expect(blob.data).to eq '{"key":"value"}'
+        end
+      end
+
       context 'for invalid file' do
         let(:location) { 'file:///etc/passwd' }
 
         it 'raises an error' do
-          expect { blob.data }.to raise_error(NoMethodError, %q{undefined method `request_uri' for #<URI::File file:///etc/passwd>})
+          expect { blob.data }.to raise_error(ArgumentError, 'Invalid scheme for file:///etc/passwd')
         end
       end
     end
-- 
cgit v1.2.1


From 9c8f6e0cdfcf3be90bd819751cf76ba760556d13 Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Wed, 24 Jul 2019 15:48:44 +1200
Subject: Stub DNS to return IPv4 address

Otherwise certain machines return IPv6 first, which is non-deterministic
---
 spec/lib/gitlab/http_connection_adapter_spec.rb |  6 ++++++
 spec/support/helpers/stub_requests.rb           | 13 +++++++++++++
 2 files changed, 19 insertions(+)

diff --git a/spec/lib/gitlab/http_connection_adapter_spec.rb b/spec/lib/gitlab/http_connection_adapter_spec.rb
index 930d1f62272..1532fd1103e 100644
--- a/spec/lib/gitlab/http_connection_adapter_spec.rb
+++ b/spec/lib/gitlab/http_connection_adapter_spec.rb
@@ -3,7 +3,13 @@
 require 'spec_helper'
 
 describe Gitlab::HTTPConnectionAdapter do
+  include StubRequests
+
   describe '#connection' do
+    before do
+      stub_all_dns('https://example.org', ip_address: '93.184.216.34')
+    end
+
     context 'when local requests are not allowed' do
       it 'sets up the connection' do
         uri = URI('https://example.org')
diff --git a/spec/support/helpers/stub_requests.rb b/spec/support/helpers/stub_requests.rb
index 6eb8007ed26..473f07dd413 100644
--- a/spec/support/helpers/stub_requests.rb
+++ b/spec/support/helpers/stub_requests.rb
@@ -28,6 +28,19 @@ module StubRequests
                          .and_return([addr])
   end
 
+  def stub_all_dns(url, ip_address:)
+    url = URI(url)
+    port = 80 # arbitarily chosen, does not matter as we are not going to connect
+    socket = Socket.sockaddr_in(port, ip_address)
+    addr = Addrinfo.new(socket)
+
+    # See Gitlab::UrlBlocker
+    allow(Addrinfo).to receive(:getaddrinfo).and_call_original
+    allow(Addrinfo).to receive(:getaddrinfo)
+      .with(url.hostname, anything, nil, :STREAM)
+      .and_return([addr])
+  end
+
   def stubbed_hostname(url, hostname: IP_ADDRESS_STUB)
     url = parse_url(url)
     url.hostname = hostname
-- 
cgit v1.2.1


From 66d48385ecaf46b7ddfe0bd33440baaf4ff81a77 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=F0=9F=99=88=20=20jacopo=20beschi=20=F0=9F=99=89?=
 <intrip@gmail.com>
Date: Mon, 29 Jul 2019 22:33:57 +0000
Subject: Resolve "MembersFinder contains slow database query with OR
 conditions"

---
 app/finders/group_members_finder.rb                          | 12 ++++++------
 app/models/members/group_member.rb                           |  2 ++
 ...inder-contains-slow-database-query-with-or-conditions.yml |  5 +++++
 3 files changed, 13 insertions(+), 6 deletions(-)
 create mode 100644 changelogs/unreleased/64180-membersfinder-contains-slow-database-query-with-or-conditions.yml

diff --git a/app/finders/group_members_finder.rb b/app/finders/group_members_finder.rb
index eebc67cfa9e..33ec6a715f9 100644
--- a/app/finders/group_members_finder.rb
+++ b/app/finders/group_members_finder.rb
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class GroupMembersFinder
+class GroupMembersFinder < UnionFinder
   def initialize(group)
     @group = group
   end
@@ -8,18 +8,18 @@ class GroupMembersFinder
   # rubocop: disable CodeReuse/ActiveRecord
   def execute(include_descendants: false)
     group_members = @group.members
-    wheres = []
+    relations = []
 
     return group_members unless @group.parent || include_descendants
 
-    wheres << "members.id IN (#{group_members.select(:id).to_sql})"
+    relations << group_members
 
     if @group.parent
       parents_members = GroupMember.non_request
         .where(source_id: @group.ancestors.select(:id))
         .where.not(user_id: @group.users.select(:id))
 
-      wheres << "members.id IN (#{parents_members.select(:id).to_sql})"
+      relations << parents_members
     end
 
     if include_descendants
@@ -27,10 +27,10 @@ class GroupMembersFinder
         .where(source_id: @group.descendants.select(:id))
         .where.not(user_id: @group.users.select(:id))
 
-      wheres << "members.id IN (#{descendant_members.select(:id).to_sql})"
+      relations << descendant_members
     end
 
-    GroupMember.where(wheres.join(' OR '))
+    find_union(relations, GroupMember)
   end
   # rubocop: enable CodeReuse/ActiveRecord
 end
diff --git a/app/models/members/group_member.rb b/app/models/members/group_member.rb
index 4cba69069bb..f6b19317c50 100644
--- a/app/models/members/group_member.rb
+++ b/app/models/members/group_member.rb
@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 class GroupMember < Member
+  include FromUnion
+
   SOURCE_TYPE = 'Namespace'.freeze
 
   belongs_to :group, foreign_key: 'source_id'
diff --git a/changelogs/unreleased/64180-membersfinder-contains-slow-database-query-with-or-conditions.yml b/changelogs/unreleased/64180-membersfinder-contains-slow-database-query-with-or-conditions.yml
new file mode 100644
index 00000000000..f86c63a15b6
--- /dev/null
+++ b/changelogs/unreleased/64180-membersfinder-contains-slow-database-query-with-or-conditions.yml
@@ -0,0 +1,5 @@
+---
+title: Improve MembersFinder query performance using UNION
+merge_request: 30451
+author: Jacopo Beschi @jacopo-beschi
+type: performance
-- 
cgit v1.2.1


From c96e1257006fc0c7309bd7757bd2c53444d7d3af Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=F0=9F=99=88=20=20jacopo=20beschi=20=F0=9F=99=89?=
 <intrip@gmail.com>
Date: Mon, 29 Jul 2019 22:35:29 +0000
Subject: Make quick action "commands applied" banner more useful

Extends the quick actions "commands applied" banner to show
the quick action preview text, but with everything in past tense.
---
 app/models/label.rb                                |   4 +
 app/services/notes/create_service.rb               |   4 +-
 app/services/quick_actions/interpret_service.rb    |  31 +-
 ...-action-commands-applied-banner-more-useful.yml |   5 +
 doc/user/project/quick_actions.md                  |   3 +-
 lib/gitlab/quick_actions/command_definition.rb     |  21 +-
 lib/gitlab/quick_actions/commit_actions.rb         |   7 +
 lib/gitlab/quick_actions/dsl.rb                    |  37 ++
 lib/gitlab/quick_actions/issuable_actions.rb       | 116 ++++--
 lib/gitlab/quick_actions/issue_actions.rb          |  43 ++-
 .../issue_and_merge_request_actions.rb             | 103 ++++--
 lib/gitlab/quick_actions/merge_request_actions.rb  |  28 +-
 locale/gitlab.pot                                  | 180 ++++++++++
 .../quick_actions/command_definition_spec.rb       |  46 +++
 spec/lib/gitlab/quick_actions/dsl_spec.rb          |  14 +-
 .../quick_actions/interpret_service_spec.rb        | 388 +++++++++++++++++----
 .../commit/tag_quick_action_shared_examples.rb     |   2 +-
 .../issuable/close_quick_action_shared_examples.rb |   2 +-
 ...e_merge_request_quick_action_shared_examples.rb |  22 +-
 .../duplicate_quick_action_shared_examples.rb      |   2 -
 .../issue/move_quick_action_shared_examples.rb     |   8 +-
 .../merge_quick_action_shared_examples.rb          |   2 +-
 22 files changed, 917 insertions(+), 151 deletions(-)
 create mode 100644 changelogs/unreleased/56100-make-quick-action-commands-applied-banner-more-useful.yml

diff --git a/app/models/label.rb b/app/models/label.rb
index dd403562bfa..25de26b8384 100644
--- a/app/models/label.rb
+++ b/app/models/label.rb
@@ -137,6 +137,10 @@ class Label < ApplicationRecord
     where(id: ids)
   end
 
+  def self.on_project_board?(project_id, label_id)
+    on_project_boards(project_id).where(id: label_id).exists?
+  end
+
   def open_issues_count(user = nil)
     issues_count(user, state: 'opened')
   end
diff --git a/app/services/notes/create_service.rb b/app/services/notes/create_service.rb
index 1b46f6d8a72..194c4a43dbc 100644
--- a/app/services/notes/create_service.rb
+++ b/app/services/notes/create_service.rb
@@ -21,7 +21,7 @@ module Notes
 
       if quick_actions_service.supported?(note)
         options = { merge_request_diff_head_sha: merge_request_diff_head_sha }
-        content, update_params = quick_actions_service.execute(note, options)
+        content, update_params, message = quick_actions_service.execute(note, options)
 
         only_commands = content.empty?
 
@@ -52,7 +52,7 @@ module Notes
         # We must add the error after we call #save because errors are reset
         # when #save is called
         if only_commands
-          note.errors.add(:commands_only, 'Commands applied')
+          note.errors.add(:commands_only, message.presence || _('Commands did not apply'))
         end
       end
 
diff --git a/app/services/quick_actions/interpret_service.rb b/app/services/quick_actions/interpret_service.rb
index 8ff73522e5f..7f944e25887 100644
--- a/app/services/quick_actions/interpret_service.rb
+++ b/app/services/quick_actions/interpret_service.rb
@@ -31,17 +31,19 @@ module QuickActions
     end
 
     # Takes a text and interprets the commands that are extracted from it.
-    # Returns the content without commands, and hash of changes to be applied to a record.
+    # Returns the content without commands, a hash of changes to be applied to a record
+    # and a string containing the execution_message to show to the user.
     def execute(content, quick_action_target, only: nil)
-      return [content, {}] unless current_user.can?(:use_quick_actions)
+      return [content, {}, ''] unless current_user.can?(:use_quick_actions)
 
       @quick_action_target = quick_action_target
       @updates = {}
+      @execution_message = {}
 
       content, commands = extractor.extract_commands(content, only: only)
       extract_updates(commands)
 
-      [content, @updates]
+      [content, @updates, execution_messages_for(commands)]
     end
 
     # Takes a text and interprets the commands that are extracted from it.
@@ -119,8 +121,12 @@ module QuickActions
       labels_params.scan(/"([^"]+)"|([^ ]+)/).flatten.compact
     end
 
-    def find_label_references(labels_param)
-      find_labels(labels_param).map(&:to_reference)
+    def find_label_references(labels_param, format = :id)
+      labels_to_reference(find_labels(labels_param), format)
+    end
+
+    def labels_to_reference(labels, format = :id)
+      labels.map { |l| l.to_reference(format: format) }
     end
 
     def find_label_ids(labels_param)
@@ -128,11 +134,24 @@ module QuickActions
     end
 
     def explain_commands(commands)
+      map_commands(commands, :explain)
+    end
+
+    def execution_messages_for(commands)
+      map_commands(commands, :execute_message).join(' ')
+    end
+
+    def map_commands(commands, method)
       commands.map do |name, arg|
         definition = self.class.definition_by_name(name)
         next unless definition
 
-        definition.explain(self, arg)
+        case method
+        when :explain
+          definition.explain(self, arg)
+        when :execute_message
+          @execution_message[name.to_sym] || definition.execute_message(self, arg)
+        end
       end.compact
     end
 
diff --git a/changelogs/unreleased/56100-make-quick-action-commands-applied-banner-more-useful.yml b/changelogs/unreleased/56100-make-quick-action-commands-applied-banner-more-useful.yml
new file mode 100644
index 00000000000..a2fa07c6ed2
--- /dev/null
+++ b/changelogs/unreleased/56100-make-quick-action-commands-applied-banner-more-useful.yml
@@ -0,0 +1,5 @@
+---
+title: Make quick action commands applied banner more useful
+merge_request: 26672
+author: Jacopo Beschi @jacopo-beschi
+type: added
diff --git a/doc/user/project/quick_actions.md b/doc/user/project/quick_actions.md
index 40fba8fb111..b8e0ef8d12f 100644
--- a/doc/user/project/quick_actions.md
+++ b/doc/user/project/quick_actions.md
@@ -9,7 +9,8 @@ and commits that are usually done by clicking buttons or dropdowns in GitLab's U
 You can enter these commands while creating a new issue or merge request, or
 in comments of issues, epics, merge requests, and commits. Each command should be
 on a separate line in order to be properly detected and executed. Once executed,
-the commands are removed from the text body and not visible to anyone else.
+
+> From [GitLab 12.1](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/26672), an alert is displayed when a quick action is successfully applied.
 
 ## Quick Actions for issues and merge requests
 
diff --git a/lib/gitlab/quick_actions/command_definition.rb b/lib/gitlab/quick_actions/command_definition.rb
index 93030fd454e..ebdae139315 100644
--- a/lib/gitlab/quick_actions/command_definition.rb
+++ b/lib/gitlab/quick_actions/command_definition.rb
@@ -3,8 +3,8 @@
 module Gitlab
   module QuickActions
     class CommandDefinition
-      attr_accessor :name, :aliases, :description, :explanation, :params,
-        :condition_block, :parse_params_block, :action_block, :warning, :types
+      attr_accessor :name, :aliases, :description, :explanation, :execution_message,
+        :params, :condition_block, :parse_params_block, :action_block, :warning, :types
 
       def initialize(name, attributes = {})
         @name = name
@@ -13,6 +13,7 @@ module Gitlab
         @description = attributes[:description] || ''
         @warning = attributes[:warning] || ''
         @explanation = attributes[:explanation] || ''
+        @execution_message = attributes[:execution_message] || ''
         @params = attributes[:params] || []
         @condition_block = attributes[:condition_block]
         @parse_params_block = attributes[:parse_params_block]
@@ -48,13 +49,23 @@ module Gitlab
       end
 
       def execute(context, arg)
-        return if noop? || !available?(context)
+        return unless executable?(context)
 
         count_commands_executed_in(context)
 
         execute_block(action_block, context, arg)
       end
 
+      def execute_message(context, arg)
+        return unless executable?(context)
+
+        if execution_message.respond_to?(:call)
+          execute_block(execution_message, context, arg)
+        else
+          execution_message
+        end
+      end
+
       def to_h(context)
         desc = description
         if desc.respond_to?(:call)
@@ -77,6 +88,10 @@ module Gitlab
 
       private
 
+      def executable?(context)
+        !noop? && available?(context)
+      end
+
       def count_commands_executed_in(context)
         return unless context.respond_to?(:commands_executed_count=)
 
diff --git a/lib/gitlab/quick_actions/commit_actions.rb b/lib/gitlab/quick_actions/commit_actions.rb
index 1018910e8e9..49f5ddf24eb 100644
--- a/lib/gitlab/quick_actions/commit_actions.rb
+++ b/lib/gitlab/quick_actions/commit_actions.rb
@@ -16,6 +16,13 @@ module Gitlab
             _("Tags this commit to %{tag_name}.") % { tag_name: tag_name }
           end
         end
+        execution_message do |tag_name, message|
+          if message.present?
+            _("Tagged this commit to %{tag_name} with \"%{message}\".") % { tag_name: tag_name, message: message }
+          else
+            _("Tagged this commit to %{tag_name}.") % { tag_name: tag_name }
+          end
+        end
         params 'v1.2.3 <message>'
         parse_params do |tag_name_and_message|
           tag_name_and_message.split(' ', 2)
diff --git a/lib/gitlab/quick_actions/dsl.rb b/lib/gitlab/quick_actions/dsl.rb
index ecb2169151e..5abbd377642 100644
--- a/lib/gitlab/quick_actions/dsl.rb
+++ b/lib/gitlab/quick_actions/dsl.rb
@@ -66,6 +66,35 @@ module Gitlab
           @explanation = block_given? ? block : text
         end
 
+        # Allows to provide a message about quick action execution result, success or failure.
+        # This message is shown after quick action execution and after saving the note.
+        #
+        # Example:
+        #
+        #   execution_message do |arguments|
+        #     "Added label(s) #{arguments.join(' ')}"
+        #   end
+        #   command :command_key do |arguments|
+        #     # Awesome code block
+        #   end
+        #
+        # Note: The execution_message won't be executed unless the condition block returns true.
+        #       execution_message block is executed always after the command block has run,
+        #       for this reason if the condition block doesn't return true after the command block has
+        #       run you need to set the @execution_message variable inside the command block instead as
+        #       shown in the following example.
+        #
+        # Example using instance variable:
+        #
+        #   command :command_key do |arguments|
+        #     # Awesome code block
+        #     @execution_message[:command_key] = 'command_key executed successfully'
+        #   end
+        #
+        def execution_message(text = '', &block)
+          @execution_message = block_given? ? block : text
+        end
+
         # Allows to define type(s) that must be met in order for the command
         # to be returned by `.command_names` & `.command_definitions`.
         #
@@ -121,10 +150,16 @@ module Gitlab
         # comment.
         # It accepts aliases and takes a block.
         #
+        # You can also set the @execution_message instance variable, on conflicts with
+        # execution_message method the instance variable has precedence.
+        #
         # Example:
         #
         #   command :my_command, :alias_for_my_command do |arguments|
         #     # Awesome code block
+        #     @updates[:my_command] = 'foo'
+        #
+        #     @execution_message[:my_command] = 'my_command executed successfully'
         #   end
         def command(*command_names, &block)
           define_command(CommandDefinition, *command_names, &block)
@@ -158,6 +193,7 @@ module Gitlab
             description: @description,
             warning: @warning,
             explanation: @explanation,
+            execution_message: @execution_message,
             params: @params,
             condition_block: @condition_block,
             parse_params_block: @parse_params_block,
@@ -173,6 +209,7 @@ module Gitlab
 
           @description = nil
           @explanation = nil
+          @execution_message = nil
           @params = nil
           @condition_block = nil
           @warning = nil
diff --git a/lib/gitlab/quick_actions/issuable_actions.rb b/lib/gitlab/quick_actions/issuable_actions.rb
index f7f89d4e897..b975a967d03 100644
--- a/lib/gitlab/quick_actions/issuable_actions.rb
+++ b/lib/gitlab/quick_actions/issuable_actions.rb
@@ -12,10 +12,16 @@ module Gitlab
       included do
         # Issue, MergeRequest, Epic: quick actions definitions
         desc do
-          "Close this #{quick_action_target.to_ability_name.humanize(capitalize: false)}"
+          _('Close this %{quick_action_target}') %
+            { quick_action_target: quick_action_target.to_ability_name.humanize(capitalize: false) }
         end
         explanation do
-          "Closes this #{quick_action_target.to_ability_name.humanize(capitalize: false)}."
+          _('Closes this %{quick_action_target}.') %
+            { quick_action_target: quick_action_target.to_ability_name.humanize(capitalize: false) }
+        end
+        execution_message do
+          _('Closed this %{quick_action_target}.') %
+            { quick_action_target: quick_action_target.to_ability_name.humanize(capitalize: false) }
         end
         types Issuable
         condition do
@@ -28,10 +34,16 @@ module Gitlab
         end
 
         desc do
-          "Reopen this #{quick_action_target.to_ability_name.humanize(capitalize: false)}"
+          _('Reopen this %{quick_action_target}') %
+            { quick_action_target: quick_action_target.to_ability_name.humanize(capitalize: false) }
         end
         explanation do
-          "Reopens this #{quick_action_target.to_ability_name.humanize(capitalize: false)}."
+          _('Reopens this %{quick_action_target}.') %
+            { quick_action_target: quick_action_target.to_ability_name.humanize(capitalize: false) }
+        end
+        execution_message do
+          _('Reopened this %{quick_action_target}.') %
+            { quick_action_target: quick_action_target.to_ability_name.humanize(capitalize: false) }
         end
         types Issuable
         condition do
@@ -45,7 +57,10 @@ module Gitlab
 
         desc _('Change title')
         explanation do |title_param|
-          _("Changes the title to \"%{title_param}\".") % { title_param: title_param }
+          _('Changes the title to "%{title_param}".') % { title_param: title_param }
+        end
+        execution_message do |title_param|
+          _('Changed the title to "%{title_param}".') % { title_param: title_param }
         end
         params '<New title>'
         types Issuable
@@ -61,7 +76,10 @@ module Gitlab
         explanation do |labels_param|
           labels = find_label_references(labels_param)
 
-          "Adds #{labels.join(' ')} #{'label'.pluralize(labels.count)}." if labels.any?
+          if labels.any?
+            _("Adds %{labels} %{label_text}.") %
+              { labels: labels.join(' '), label_text: 'label'.pluralize(labels.count) }
+          end
         end
         params '~label1 ~"label 2"'
         types Issuable
@@ -71,21 +89,15 @@ module Gitlab
             find_labels.any?
         end
         command :label do |labels_param|
-          label_ids = find_label_ids(labels_param)
-
-          if label_ids.any?
-            @updates[:add_label_ids] ||= []
-            @updates[:add_label_ids] += label_ids
-
-            @updates[:add_label_ids].uniq!
-          end
+          run_label_command(labels: find_labels(labels_param), command: :label, updates_key: :add_label_ids)
         end
 
         desc _('Remove all or specific label(s)')
         explanation do |labels_param = nil|
-          if labels_param.present?
-            labels = find_label_references(labels_param)
-            "Removes #{labels.join(' ')} #{'label'.pluralize(labels.count)}." if labels.any?
+          label_references = labels_param.present? ? find_label_references(labels_param) : []
+          if label_references.any?
+            _("Removes %{label_references} %{label_text}.") %
+              { label_references: label_references.join(' '), label_text: 'label'.pluralize(label_references.count) }
           else
             _('Removes all labels.')
           end
@@ -99,7 +111,9 @@ module Gitlab
         end
         command :unlabel do |labels_param = nil|
           if labels_param.present?
-            label_ids = find_label_ids(labels_param)
+            labels = find_labels(labels_param)
+            label_ids = labels.map(&:id)
+            label_references = labels_to_reference(labels, :name)
 
             if label_ids.any?
               @updates[:remove_label_ids] ||= []
@@ -109,7 +123,10 @@ module Gitlab
             end
           else
             @updates[:label_ids] = []
+            label_references = []
           end
+
+          @execution_message[:unlabel] = remove_label_message(label_references)
         end
 
         desc _('Replace all label(s)')
@@ -125,18 +142,12 @@ module Gitlab
             current_user.can?(:"admin_#{quick_action_target.to_ability_name}", parent)
         end
         command :relabel do |labels_param|
-          label_ids = find_label_ids(labels_param)
-
-          if label_ids.any?
-            @updates[:label_ids] ||= []
-            @updates[:label_ids] += label_ids
-
-            @updates[:label_ids].uniq!
-          end
+          run_label_command(labels: find_labels(labels_param), command: :relabel, updates_key: :label_ids)
         end
 
         desc _('Add a todo')
         explanation _('Adds a todo.')
+        execution_message _('Added a todo.')
         types Issuable
         condition do
           quick_action_target.persisted? &&
@@ -148,6 +159,7 @@ module Gitlab
 
         desc _('Mark to do as done')
         explanation _('Marks to do as done.')
+        execution_message _('Marked to do as done.')
         types Issuable
         condition do
           quick_action_target.persisted? &&
@@ -159,7 +171,12 @@ module Gitlab
 
         desc _('Subscribe')
         explanation do
-          "Subscribes to this #{quick_action_target.to_ability_name.humanize(capitalize: false)}."
+          _('Subscribes to this %{quick_action_target}.') %
+            { quick_action_target: quick_action_target.to_ability_name.humanize(capitalize: false) }
+        end
+        execution_message do
+          _('Subscribed to this %{quick_action_target}.') %
+            { quick_action_target: quick_action_target.to_ability_name.humanize(capitalize: false) }
         end
         types Issuable
         condition do
@@ -172,7 +189,12 @@ module Gitlab
 
         desc _('Unsubscribe')
         explanation do
-          "Unsubscribes from this #{quick_action_target.to_ability_name.humanize(capitalize: false)}."
+          _('Unsubscribes from this %{quick_action_target}.') %
+            { quick_action_target: quick_action_target.to_ability_name.humanize(capitalize: false) }
+        end
+        execution_message do
+          _('Unsubscribed from this %{quick_action_target}.') %
+            { quick_action_target: quick_action_target.to_ability_name.humanize(capitalize: false) }
         end
         types Issuable
         condition do
@@ -187,6 +209,9 @@ module Gitlab
         explanation do |name|
           _("Toggles :%{name}: emoji award.") % { name: name } if name
         end
+        execution_message do |name|
+          _("Toggled :%{name}: emoji award.") % { name: name } if name
+        end
         params ':emoji:'
         types Issuable
         condition do
@@ -215,6 +240,41 @@ module Gitlab
         substitution :tableflip do |comment|
           "#{comment} #{TABLEFLIP}"
         end
+
+        private
+
+        def run_label_command(labels:, command:, updates_key:)
+          return if labels.empty?
+
+          @updates[updates_key] ||= []
+          @updates[updates_key] += labels.map(&:id)
+          @updates[updates_key].uniq!
+
+          label_references = labels_to_reference(labels, :name)
+          @execution_message[command] = case command
+                                        when :relabel
+                                          _('Replaced all labels with %{label_references} %{label_text}.') %
+                                            {
+                                            label_references: label_references.join(' '),
+                                            label_text: 'label'.pluralize(label_references.count)
+                                          }
+                                        when :label
+                                          _('Added %{label_references} %{label_text}.') %
+                                            {
+                                            label_references: label_references.join(' '),
+                                            label_text: 'label'.pluralize(labels.count)
+                                          }
+                                        end
+        end
+
+        def remove_label_message(label_references)
+          if label_references.any?
+            _("Removed %{label_references} %{label_text}.") %
+              { label_references: label_references.join(' '), label_text: 'label'.pluralize(label_references.count) }
+          else
+            _('Removed all labels.')
+          end
+        end
       end
     end
   end
diff --git a/lib/gitlab/quick_actions/issue_actions.rb b/lib/gitlab/quick_actions/issue_actions.rb
index 85e62f950c8..0868bd85600 100644
--- a/lib/gitlab/quick_actions/issue_actions.rb
+++ b/lib/gitlab/quick_actions/issue_actions.rb
@@ -12,6 +12,9 @@ module Gitlab
         explanation do |due_date|
           _("Sets the due date to %{due_date}.") % { due_date: due_date.strftime('%b %-d, %Y') } if due_date
         end
+        execution_message do |due_date|
+          _("Set the due date to %{due_date}.") % { due_date: due_date.strftime('%b %-d, %Y') } if due_date
+        end
         params '<in 2 days | this Friday | December 31st>'
         types Issue
         condition do
@@ -27,6 +30,7 @@ module Gitlab
 
         desc _('Remove due date')
         explanation _('Removes the due date.')
+        execution_message _('Removed the due date.')
         types Issue
         condition do
           quick_action_target.persisted? &&
@@ -49,22 +53,27 @@ module Gitlab
           current_user.can?(:"update_#{quick_action_target.to_ability_name}", quick_action_target) &&
             quick_action_target.project.boards.count == 1
         end
-        # rubocop: disable CodeReuse/ActiveRecord
         command :board_move do |target_list_name|
-          label_ids = find_label_ids(target_list_name)
+          labels = find_labels(target_list_name)
+          label_ids = labels.map(&:id)
 
           if label_ids.size == 1
             label_id = label_ids.first
 
             # Ensure this label corresponds to a list on the board
-            next unless Label.on_project_boards(quick_action_target.project_id).where(id: label_id).exists?
+            next unless Label.on_project_board?(quick_action_target.project_id, label_id)
 
             @updates[:remove_label_ids] =
-              quick_action_target.labels.on_project_boards(quick_action_target.project_id).where.not(id: label_id).pluck(:id)
+              quick_action_target.labels.on_project_boards(quick_action_target.project_id).where.not(id: label_id).pluck(:id) # rubocop: disable CodeReuse/ActiveRecord
             @updates[:add_label_ids] = [label_id]
+
+            message = _("Moved issue to %{label} column in the board.") % { label: labels_to_reference(labels).first }
+          else
+            message = _('Move this issue failed because you need to specify only one label.')
           end
+
+          @execution_message[:board_move] = message
         end
-        # rubocop: enable CodeReuse/ActiveRecord
 
         desc _('Mark this issue as a duplicate of another issue')
         explanation do |duplicate_reference|
@@ -81,7 +90,13 @@ module Gitlab
 
           if canonical_issue.present?
             @updates[:canonical_issue_id] = canonical_issue.id
+
+            message = _("Marked this issue as a duplicate of %{duplicate_param}.") % { duplicate_param: duplicate_param }
+          else
+            message = _('Mark as duplicate failed because referenced issue was not found')
           end
+
+          @execution_message[:duplicate] = message
         end
 
         desc _('Move this issue to another project.')
@@ -99,13 +114,22 @@ module Gitlab
 
           if target_project.present?
             @updates[:target_project] = target_project
+
+            message = _("Moved this issue to %{path_to_project}.") % { path_to_project: target_project_path }
+          else
+            message = _("Move this issue failed because target project doesn't exists")
           end
+
+          @execution_message[:move] = message
         end
 
         desc _('Make issue confidential.')
         explanation do
           _('Makes this issue confidential')
         end
+        execution_message do
+          _('Made this issue confidential')
+        end
         types Issue
         condition do
           current_user.can?(:"admin_#{quick_action_target.to_ability_name}", quick_action_target)
@@ -119,7 +143,14 @@ module Gitlab
           if branch_name
             _("Creates branch '%{branch_name}' and a merge request to resolve this issue") % { branch_name: branch_name }
           else
-            "Creates a branch and a merge request to resolve this issue"
+            _('Creates a branch and a merge request to resolve this issue')
+          end
+        end
+        execution_message do |branch_name = nil|
+          if branch_name
+            _("Created branch '%{branch_name}' and a merge request to resolve this issue") % { branch_name: branch_name }
+          else
+            _('Created a branch and a merge request to resolve this issue')
           end
         end
         params "<branch name>"
diff --git a/lib/gitlab/quick_actions/issue_and_merge_request_actions.rb b/lib/gitlab/quick_actions/issue_and_merge_request_actions.rb
index e1579cfddc0..41ffd51cde8 100644
--- a/lib/gitlab/quick_actions/issue_and_merge_request_actions.rb
+++ b/lib/gitlab/quick_actions/issue_and_merge_request_actions.rb
@@ -9,12 +9,9 @@ module Gitlab
       included do
         # Issue, MergeRequest: quick actions definitions
         desc _('Assign')
-        # rubocop: disable CodeReuse/ActiveRecord
         explanation do |users|
-          users = quick_action_target.allows_multiple_assignees? ? users : users.take(1)
-          "Assigns #{users.map(&:to_reference).to_sentence}."
+          _('Assigns %{assignee_users_sentence}.') % { assignee_users_sentence: assignee_users_sentence(users) }
         end
-        # rubocop: enable CodeReuse/ActiveRecord
         params do
           quick_action_target.allows_multiple_assignees? ? '@user1 @user2' : '@user'
         end
@@ -26,7 +23,10 @@ module Gitlab
           extract_users(assignee_param)
         end
         command :assign do |users|
-          next if users.empty?
+          if users.empty?
+            @execution_message[:assign] = _("Assign command failed because no user was found")
+            next
+          end
 
           if quick_action_target.allows_multiple_assignees?
             @updates[:assignee_ids] ||= quick_action_target.assignees.map(&:id)
@@ -34,6 +34,8 @@ module Gitlab
           else
             @updates[:assignee_ids] = [users.first.id]
           end
+
+          @execution_message[:assign] = _('Assigned %{assignee_users_sentence}.') % { assignee_users_sentence: assignee_users_sentence(users) }
         end
 
         desc do
@@ -44,9 +46,14 @@ module Gitlab
           end
         end
         explanation do |users = nil|
-          assignees = quick_action_target.assignees
-          assignees &= users if users.present? && quick_action_target.allows_multiple_assignees?
-          "Removes #{'assignee'.pluralize(assignees.size)} #{assignees.map(&:to_reference).to_sentence}."
+          assignees = assignees_for_removal(users)
+          _("Removes %{assignee_text} %{assignee_references}.") %
+            { assignee_text: 'assignee'.pluralize(assignees.size), assignee_references: assignees.map(&:to_reference).to_sentence }
+        end
+        execution_message do |users = nil|
+          assignees = assignees_for_removal(users)
+          _("Removed %{assignee_text} %{assignee_references}.") %
+            { assignee_text: 'assignee'.pluralize(assignees.size), assignee_references: assignees.map(&:to_reference).to_sentence }
         end
         params do
           quick_action_target.allows_multiple_assignees? ? '@user1 @user2' : ''
@@ -74,6 +81,9 @@ module Gitlab
         explanation do |milestone|
           _("Sets the milestone to %{milestone_reference}.") % { milestone_reference: milestone.to_reference } if milestone
         end
+        execution_message do |milestone|
+          _("Set the milestone to %{milestone_reference}.") % { milestone_reference: milestone.to_reference } if milestone
+        end
         params '%"milestone"'
         types Issue, MergeRequest
         condition do
@@ -92,6 +102,9 @@ module Gitlab
         explanation do
           _("Removes %{milestone_reference} milestone.") % { milestone_reference: quick_action_target.milestone.to_reference(format: :name) }
         end
+        execution_message do
+          _("Removed %{milestone_reference} milestone.") % { milestone_reference: quick_action_target.milestone.to_reference(format: :name) }
+        end
         types Issue, MergeRequest
         condition do
           quick_action_target.persisted? &&
@@ -116,17 +129,22 @@ module Gitlab
             extract_references(issuable_param, :merge_request).first
         end
         command :copy_metadata do |source_issuable|
-          if source_issuable.present? && source_issuable.project.id == quick_action_target.project.id
+          if can_copy_metadata?(source_issuable)
             @updates[:add_label_ids] = source_issuable.labels.map(&:id)
             @updates[:milestone_id] = source_issuable.milestone.id if source_issuable.milestone
+
+            @execution_message[:copy_metadata] = _("Copied labels and milestone from %{source_issuable_reference}.") % { source_issuable_reference: source_issuable.to_reference }
           end
         end
 
         desc _('Set time estimate')
         explanation do |time_estimate|
-          time_estimate = Gitlab::TimeTrackingFormatter.output(time_estimate)
-
-          _("Sets time estimate to %{time_estimate}.") % { time_estimate: time_estimate } if time_estimate
+          formatted_time_estimate = format_time_estimate(time_estimate)
+          _("Sets time estimate to %{time_estimate}.") % { time_estimate: formatted_time_estimate } if formatted_time_estimate
+        end
+        execution_message do |time_estimate|
+          formatted_time_estimate = format_time_estimate(time_estimate)
+          _("Set time estimate to %{time_estimate}.") % { time_estimate: formatted_time_estimate } if formatted_time_estimate
         end
         params '<1w 3d 2h 14m>'
         types Issue, MergeRequest
@@ -144,18 +162,12 @@ module Gitlab
 
         desc _('Add or subtract spent time')
         explanation do |time_spent, time_spent_date|
-          if time_spent
-            if time_spent > 0
-              verb = _('Adds')
-              value = time_spent
-            else
-              verb = _('Subtracts')
-              value = -time_spent
-            end
-
-            _("%{verb} %{time_spent_value} spent time.") % { verb: verb, time_spent_value: Gitlab::TimeTrackingFormatter.output(value) }
-          end
+          spend_time_message(time_spent, time_spent_date, false)
         end
+        execution_message do |time_spent, time_spent_date|
+          spend_time_message(time_spent, time_spent_date, true)
+        end
+
         params '<time(1h30m | -1h30m)> <date(YYYY-MM-DD)>'
         types Issue, MergeRequest
         condition do
@@ -176,6 +188,7 @@ module Gitlab
 
         desc _('Remove time estimate')
         explanation _('Removes time estimate.')
+        execution_message _('Removed time estimate.')
         types Issue, MergeRequest
         condition do
           quick_action_target.persisted? &&
@@ -187,6 +200,7 @@ module Gitlab
 
         desc _('Remove spent time')
         explanation _('Removes spent time.')
+        execution_message _('Removed spent time.')
         condition do
           quick_action_target.persisted? &&
             current_user.can?(:"admin_#{quick_action_target.to_ability_name}", project)
@@ -198,6 +212,7 @@ module Gitlab
 
         desc _("Lock the discussion")
         explanation _("Locks the discussion")
+        execution_message _("Locked the discussion")
         types Issue, MergeRequest
         condition do
           quick_action_target.persisted? &&
@@ -210,6 +225,7 @@ module Gitlab
 
         desc _("Unlock the discussion")
         explanation _("Unlocks the discussion")
+        execution_message _("Unlocked the discussion")
         types Issue, MergeRequest
         condition do
           quick_action_target.persisted? &&
@@ -219,6 +235,47 @@ module Gitlab
         command :unlock do
           @updates[:discussion_locked] = false
         end
+
+        private
+
+        def assignee_users_sentence(users)
+          if quick_action_target.allows_multiple_assignees?
+            users
+          else
+            [users.first]
+          end.map(&:to_reference).to_sentence
+        end
+
+        def assignees_for_removal(users)
+          assignees = quick_action_target.assignees
+          if users.present? && quick_action_target.allows_multiple_assignees?
+            assignees & users
+          else
+            assignees
+          end
+        end
+
+        def can_copy_metadata?(source_issuable)
+          source_issuable.present? && source_issuable.project_id == quick_action_target.project_id
+        end
+
+        def format_time_estimate(time_estimate)
+          Gitlab::TimeTrackingFormatter.output(time_estimate)
+        end
+
+        def spend_time_message(time_spent, time_spent_date, paste_tense)
+          return unless time_spent
+
+          if time_spent > 0
+            verb = paste_tense ? _('Added') : _('Adds')
+            value = time_spent
+          else
+            verb = paste_tense ? _('Subtracted') : _('Subtracts')
+            value = -time_spent
+          end
+
+          _("%{verb} %{time_spent_value} spent time.") % { verb: verb, time_spent_value: format_time_estimate(value) }
+        end
       end
     end
   end
diff --git a/lib/gitlab/quick_actions/merge_request_actions.rb b/lib/gitlab/quick_actions/merge_request_actions.rb
index bade59182a1..e9127095a0d 100644
--- a/lib/gitlab/quick_actions/merge_request_actions.rb
+++ b/lib/gitlab/quick_actions/merge_request_actions.rb
@@ -8,8 +8,9 @@ module Gitlab
 
       included do
         # MergeRequest only quick actions definitions
-        desc 'Merge (when the pipeline succeeds)'
-        explanation 'Merges this merge request when the pipeline succeeds.'
+        desc _('Merge (when the pipeline succeeds)')
+        explanation _('Merges this merge request when the pipeline succeeds.')
+        execution_message _('Scheduled to merge this merge request when the pipeline succeeds.')
         types MergeRequest
         condition do
           last_diff_sha = params && params[:merge_request_diff_head_sha]
@@ -22,10 +23,22 @@ module Gitlab
 
         desc 'Toggle the Work In Progress status'
         explanation do
-          verb = quick_action_target.work_in_progress? ? 'Unmarks' : 'Marks'
           noun = quick_action_target.to_ability_name.humanize(capitalize: false)
-          "#{verb} this #{noun} as Work In Progress."
+          if quick_action_target.work_in_progress?
+            _("Unmarks this %{noun} as Work In Progress.")
+          else
+            _("Marks this %{noun} as Work In Progress.")
+          end % { noun: noun }
         end
+        execution_message do
+          noun = quick_action_target.to_ability_name.humanize(capitalize: false)
+          if quick_action_target.work_in_progress?
+            _("Unmarked this %{noun} as Work In Progress.")
+          else
+            _("Marked this %{noun} as Work In Progress.")
+          end % { noun: noun }
+        end
+
         types MergeRequest
         condition do
           quick_action_target.respond_to?(:work_in_progress?) &&
@@ -36,9 +49,12 @@ module Gitlab
           @updates[:wip_event] = quick_action_target.work_in_progress? ? 'unwip' : 'wip'
         end
 
-        desc 'Set target branch'
+        desc _('Set target branch')
         explanation do |branch_name|
-          "Sets target branch to #{branch_name}."
+          _('Sets target branch to %{branch_name}.') % { branch_name: branch_name }
+        end
+        execution_message do |branch_name|
+          _('Set target branch to %{branch_name}.') % { branch_name: branch_name }
         end
         params '<Local branch name>'
         types MergeRequest
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index acabbd0f06a..c2e2d0ce247 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -735,6 +735,15 @@ msgstr ""
 msgid "AddMember|Too many users specified (limit is %{user_limit})"
 msgstr ""
 
+msgid "Added"
+msgstr ""
+
+msgid "Added %{label_references} %{label_text}."
+msgstr ""
+
+msgid "Added a todo."
+msgstr ""
+
 msgid "Added at"
 msgstr ""
 
@@ -744,6 +753,9 @@ msgstr ""
 msgid "Adds"
 msgstr ""
 
+msgid "Adds %{labels} %{label_text}."
+msgstr ""
+
 msgid "Adds a todo."
 msgstr ""
 
@@ -1332,6 +1344,9 @@ msgstr ""
 msgid "Assign"
 msgstr ""
 
+msgid "Assign command failed because no user was found"
+msgstr ""
+
 msgid "Assign custom color like #FF0000"
 msgstr ""
 
@@ -1353,6 +1368,9 @@ msgstr ""
 msgid "Assign yourself to this issue"
 msgstr ""
 
+msgid "Assigned %{assignee_users_sentence}."
+msgstr ""
+
 msgid "Assigned Issues"
 msgstr ""
 
@@ -1370,6 +1388,9 @@ msgstr[1] ""
 msgid "Assignee(s)"
 msgstr ""
 
+msgid "Assigns %{assignee_users_sentence}."
+msgstr ""
+
 msgid "Attach a file"
 msgstr ""
 
@@ -2005,6 +2026,9 @@ msgstr ""
 msgid "ChangeTypeAction|This will create a new commit in order to revert the existing changes."
 msgstr ""
 
+msgid "Changed the title to \"%{title_param}\"."
+msgstr ""
+
 msgid "Changes"
 msgstr ""
 
@@ -2341,9 +2365,18 @@ msgstr ""
 msgid "Close sidebar"
 msgstr ""
 
+msgid "Close this %{quick_action_target}"
+msgstr ""
+
 msgid "Closed"
 msgstr ""
 
+msgid "Closed this %{quick_action_target}."
+msgstr ""
+
+msgid "Closes this %{quick_action_target}."
+msgstr ""
+
 msgid "ClusterIntegration| %{custom_domain_start}More information%{custom_domain_end}."
 msgstr ""
 
@@ -2887,6 +2920,9 @@ msgstr ""
 msgid "Commands applied"
 msgstr ""
 
+msgid "Commands did not apply"
+msgstr ""
+
 msgid "Comment"
 msgstr ""
 
@@ -3186,6 +3222,9 @@ msgstr ""
 msgid "Copied"
 msgstr ""
 
+msgid "Copied labels and milestone from %{source_issuable_reference}."
+msgstr ""
+
 msgid "Copy %{http_label} clone URL"
 msgstr ""
 
@@ -3396,6 +3435,12 @@ msgstr ""
 msgid "Created At"
 msgstr ""
 
+msgid "Created a branch and a merge request to resolve this issue"
+msgstr ""
+
+msgid "Created branch '%{branch_name}' and a merge request to resolve this issue"
+msgstr ""
+
 msgid "Created by me"
 msgstr ""
 
@@ -3405,6 +3450,9 @@ msgstr ""
 msgid "Created on:"
 msgstr ""
 
+msgid "Creates a branch and a merge request to resolve this issue"
+msgstr ""
+
 msgid "Creates branch '%{branch_name}' and a merge request to resolve this issue"
 msgstr ""
 
@@ -6337,6 +6385,9 @@ msgstr ""
 msgid "Locked by %{fileLockUserName}"
 msgstr ""
 
+msgid "Locked the discussion"
+msgstr ""
+
 msgid "Locked to current projects"
 msgstr ""
 
@@ -6355,6 +6406,9 @@ msgstr ""
 msgid "MRDiff|Show full file"
 msgstr ""
 
+msgid "Made this issue confidential"
+msgstr ""
+
 msgid "Make and review changes in the browser with the Web IDE"
 msgstr ""
 
@@ -6436,6 +6490,9 @@ msgstr ""
 msgid "Mark as done"
 msgstr ""
 
+msgid "Mark as duplicate failed because referenced issue was not found"
+msgstr ""
+
 msgid "Mark as resolved"
 msgstr ""
 
@@ -6454,6 +6511,18 @@ msgstr ""
 msgid "Markdown enabled"
 msgstr ""
 
+msgid "Marked this %{noun} as Work In Progress."
+msgstr ""
+
+msgid "Marked this issue as a duplicate of %{duplicate_param}."
+msgstr ""
+
+msgid "Marked to do as done."
+msgstr ""
+
+msgid "Marks this %{noun} as Work In Progress."
+msgstr ""
+
 msgid "Marks this issue as a duplicate of %{duplicate_reference}."
 msgstr ""
 
@@ -6499,6 +6568,9 @@ msgstr ""
 msgid "Merge"
 msgstr ""
 
+msgid "Merge (when the pipeline succeeds)"
+msgstr ""
+
 msgid "Merge Request"
 msgstr ""
 
@@ -6622,6 +6694,9 @@ msgstr ""
 msgid "Merged branches are being deleted. This can take some time depending on the number of branches. Please refresh the page to see changes."
 msgstr ""
 
+msgid "Merges this merge request when the pipeline succeeds."
+msgstr ""
+
 msgid "Messages"
 msgstr ""
 
@@ -6805,6 +6880,12 @@ msgstr ""
 msgid "Move issue from one column of the board to another"
 msgstr ""
 
+msgid "Move this issue failed because target project doesn't exists"
+msgstr ""
+
+msgid "Move this issue failed because you need to specify only one label."
+msgstr ""
+
 msgid "Move this issue to another project."
 msgstr ""
 
@@ -6814,6 +6895,12 @@ msgstr ""
 msgid "MoveIssue|Cannot move issue to project it originates from!"
 msgstr ""
 
+msgid "Moved issue to %{label} column in the board."
+msgstr ""
+
+msgid "Moved this issue to %{path_to_project}."
+msgstr ""
+
 msgid "Moves issue to %{label} column in the board."
 msgstr ""
 
@@ -8986,12 +9073,39 @@ msgstr ""
 msgid "Remove time estimate"
 msgstr ""
 
+msgid "Removed %{assignee_text} %{assignee_references}."
+msgstr ""
+
+msgid "Removed %{label_references} %{label_text}."
+msgstr ""
+
+msgid "Removed %{milestone_reference} milestone."
+msgstr ""
+
+msgid "Removed all labels."
+msgstr ""
+
 msgid "Removed group can not be restored!"
 msgstr ""
 
 msgid "Removed projects cannot be restored!"
 msgstr ""
 
+msgid "Removed spent time."
+msgstr ""
+
+msgid "Removed the due date."
+msgstr ""
+
+msgid "Removed time estimate."
+msgstr ""
+
+msgid "Removes %{assignee_text} %{assignee_references}."
+msgstr ""
+
+msgid "Removes %{label_references} %{label_text}."
+msgstr ""
+
 msgid "Removes %{milestone_reference} milestone."
 msgstr ""
 
@@ -9025,12 +9139,24 @@ msgstr ""
 msgid "Reopen milestone"
 msgstr ""
 
+msgid "Reopen this %{quick_action_target}"
+msgstr ""
+
+msgid "Reopened this %{quick_action_target}."
+msgstr ""
+
+msgid "Reopens this %{quick_action_target}."
+msgstr ""
+
 msgid "Replace"
 msgstr ""
 
 msgid "Replace all label(s)"
 msgstr ""
 
+msgid "Replaced all labels with %{label_references} %{label_text}."
+msgstr ""
+
 msgid "Reply by email"
 msgstr ""
 
@@ -9369,6 +9495,9 @@ msgstr ""
 msgid "Scheduled"
 msgstr ""
 
+msgid "Scheduled to merge this merge request when the pipeline succeeds."
+msgstr ""
+
 msgid "Schedules"
 msgstr ""
 
@@ -9696,18 +9825,33 @@ msgstr ""
 msgid "Set requirements for a user to sign-in. Enable mandatory two-factor authentication."
 msgstr ""
 
+msgid "Set target branch"
+msgstr ""
+
+msgid "Set target branch to %{branch_name}."
+msgstr ""
+
 msgid "Set the default expiration time for each job's artifacts. 0 for unlimited. The default unit is in seconds, but you can define an alternative. For example: <code>4 mins 2 sec</code>, <code>2h42min</code>."
 msgstr ""
 
+msgid "Set the due date to %{due_date}."
+msgstr ""
+
 msgid "Set the duration for which the jobs will be considered as old and expired. Once that time passes, the jobs will be archived and no longer able to be retried. Make it empty to never expire jobs. It has to be no less than 1 day, for example: <code>15 days</code>, <code>1 month</code>, <code>2 years</code>."
 msgstr ""
 
 msgid "Set the maximum file size for each job's artifacts"
 msgstr ""
 
+msgid "Set the milestone to %{milestone_reference}."
+msgstr ""
+
 msgid "Set time estimate"
 msgstr ""
 
+msgid "Set time estimate to %{time_estimate}."
+msgstr ""
+
 msgid "Set up CI/CD"
 msgstr ""
 
@@ -9753,6 +9897,9 @@ msgstr ""
 msgid "SetStatusModal|What's your status?"
 msgstr ""
 
+msgid "Sets target branch to %{branch_name}."
+msgstr ""
+
 msgid "Sets the due date to %{due_date}."
 msgstr ""
 
@@ -10334,9 +10481,18 @@ msgstr ""
 msgid "Subscribed"
 msgstr ""
 
+msgid "Subscribed to this %{quick_action_target}."
+msgstr ""
+
+msgid "Subscribes to this %{quick_action_target}."
+msgstr ""
+
 msgid "Subscription"
 msgstr ""
 
+msgid "Subtracted"
+msgstr ""
+
 msgid "Subtracts"
 msgstr ""
 
@@ -10484,6 +10640,12 @@ msgstr ""
 msgid "Tag this commit."
 msgstr ""
 
+msgid "Tagged this commit to %{tag_name} with \"%{message}\"."
+msgstr ""
+
+msgid "Tagged this commit to %{tag_name}."
+msgstr ""
+
 msgid "Tags"
 msgstr ""
 
@@ -11543,6 +11705,9 @@ msgstr ""
 msgid "ToggleButton|Toggle Status: ON"
 msgstr ""
 
+msgid "Toggled :%{name}: emoji award."
+msgstr ""
+
 msgid "Toggles :%{name}: emoji award."
 msgstr ""
 
@@ -11750,9 +11915,18 @@ msgstr ""
 msgid "Unlocked"
 msgstr ""
 
+msgid "Unlocked the discussion"
+msgstr ""
+
 msgid "Unlocks the discussion"
 msgstr ""
 
+msgid "Unmarked this %{noun} as Work In Progress."
+msgstr ""
+
+msgid "Unmarks this %{noun} as Work In Progress."
+msgstr ""
+
 msgid "Unresolve discussion"
 msgstr ""
 
@@ -11795,6 +11969,12 @@ msgstr ""
 msgid "Unsubscribe from %{type}"
 msgstr ""
 
+msgid "Unsubscribed from this %{quick_action_target}."
+msgstr ""
+
+msgid "Unsubscribes from this %{quick_action_target}."
+msgstr ""
+
 msgid "Until"
 msgstr ""
 
diff --git a/spec/lib/gitlab/quick_actions/command_definition_spec.rb b/spec/lib/gitlab/quick_actions/command_definition_spec.rb
index b6e0adbc1c2..21f2c87a755 100644
--- a/spec/lib/gitlab/quick_actions/command_definition_spec.rb
+++ b/spec/lib/gitlab/quick_actions/command_definition_spec.rb
@@ -219,6 +219,52 @@ describe Gitlab::QuickActions::CommandDefinition do
     end
   end
 
+  describe "#execute_message" do
+    context "when the command is a noop" do
+      it 'returns nil' do
+        expect(subject.execute_message({}, nil)).to be_nil
+      end
+    end
+
+    context "when the command is not a noop" do
+      before do
+        subject.action_block = proc { self.run = true }
+      end
+
+      context "when the command is not available" do
+        before do
+          subject.condition_block = proc { false }
+        end
+
+        it 'returns nil' do
+          expect(subject.execute_message({}, nil)).to be_nil
+        end
+      end
+
+      context "when the command is available" do
+        context 'when the execution_message is a static string' do
+          before do
+            subject.execution_message = 'Assigned jacopo'
+          end
+
+          it 'returns this static string' do
+            expect(subject.execute_message({}, nil)).to eq('Assigned jacopo')
+          end
+        end
+
+        context 'when the explanation is dynamic' do
+          before do
+            subject.execution_message = proc { |arg| "Assigned #{arg}" }
+          end
+
+          it 'invokes the proc' do
+            expect(subject.execute_message({}, 'Jacopo')).to eq('Assigned Jacopo')
+          end
+        end
+      end
+    end
+  end
+
   describe '#explain' do
     context 'when the command is not available' do
       before do
diff --git a/spec/lib/gitlab/quick_actions/dsl_spec.rb b/spec/lib/gitlab/quick_actions/dsl_spec.rb
index 185adab1ff6..78b9b3804c3 100644
--- a/spec/lib/gitlab/quick_actions/dsl_spec.rb
+++ b/spec/lib/gitlab/quick_actions/dsl_spec.rb
@@ -20,6 +20,9 @@ describe Gitlab::QuickActions::Dsl do
       desc do
         "A dynamic description for #{noteable.upcase}"
       end
+      execution_message do |arg|
+        "A dynamic execution message for #{noteable.upcase} passing #{arg}"
+      end
       params 'The first argument', 'The second argument'
       command :dynamic_description do |args|
         args.split
@@ -30,6 +33,7 @@ describe Gitlab::QuickActions::Dsl do
       explanation do |arg|
         "Action does something with #{arg}"
       end
+      execution_message 'Command applied correctly'
       condition do
         project == 'foo'
       end
@@ -67,6 +71,7 @@ describe Gitlab::QuickActions::Dsl do
       expect(no_args_def.aliases).to eq([:none])
       expect(no_args_def.description).to eq('A command with no args')
       expect(no_args_def.explanation).to eq('')
+      expect(no_args_def.execution_message).to eq('')
       expect(no_args_def.params).to eq([])
       expect(no_args_def.condition_block).to be_nil
       expect(no_args_def.types).to eq([])
@@ -78,6 +83,8 @@ describe Gitlab::QuickActions::Dsl do
       expect(explanation_with_aliases_def.aliases).to eq([:once, :first])
       expect(explanation_with_aliases_def.description).to eq('')
       expect(explanation_with_aliases_def.explanation).to eq('Static explanation')
+      expect(explanation_with_aliases_def.execution_message).to eq('')
+      expect(no_args_def.params).to eq([])
       expect(explanation_with_aliases_def.params).to eq(['The first argument'])
       expect(explanation_with_aliases_def.condition_block).to be_nil
       expect(explanation_with_aliases_def.types).to eq([])
@@ -88,7 +95,7 @@ describe Gitlab::QuickActions::Dsl do
       expect(dynamic_description_def.name).to eq(:dynamic_description)
       expect(dynamic_description_def.aliases).to eq([])
       expect(dynamic_description_def.to_h(OpenStruct.new(noteable: 'issue'))[:description]).to eq('A dynamic description for ISSUE')
-      expect(dynamic_description_def.explanation).to eq('')
+      expect(dynamic_description_def.execute_message(OpenStruct.new(noteable: 'issue'), 'arg')).to eq('A dynamic execution message for ISSUE passing arg')
       expect(dynamic_description_def.params).to eq(['The first argument', 'The second argument'])
       expect(dynamic_description_def.condition_block).to be_nil
       expect(dynamic_description_def.types).to eq([])
@@ -100,6 +107,7 @@ describe Gitlab::QuickActions::Dsl do
       expect(cc_def.aliases).to eq([])
       expect(cc_def.description).to eq('')
       expect(cc_def.explanation).to eq('')
+      expect(cc_def.execution_message).to eq('')
       expect(cc_def.params).to eq([])
       expect(cc_def.condition_block).to be_nil
       expect(cc_def.types).to eq([])
@@ -111,6 +119,7 @@ describe Gitlab::QuickActions::Dsl do
       expect(cond_action_def.aliases).to eq([])
       expect(cond_action_def.description).to eq('')
       expect(cond_action_def.explanation).to be_a_kind_of(Proc)
+      expect(cond_action_def.execution_message).to eq('Command applied correctly')
       expect(cond_action_def.params).to eq([])
       expect(cond_action_def.condition_block).to be_a_kind_of(Proc)
       expect(cond_action_def.types).to eq([])
@@ -122,6 +131,7 @@ describe Gitlab::QuickActions::Dsl do
       expect(with_params_parsing_def.aliases).to eq([])
       expect(with_params_parsing_def.description).to eq('')
       expect(with_params_parsing_def.explanation).to eq('')
+      expect(with_params_parsing_def.execution_message).to eq('')
       expect(with_params_parsing_def.params).to eq([])
       expect(with_params_parsing_def.condition_block).to be_nil
       expect(with_params_parsing_def.types).to eq([])
@@ -133,6 +143,7 @@ describe Gitlab::QuickActions::Dsl do
       expect(substitution_def.aliases).to eq([])
       expect(substitution_def.description).to eq('')
       expect(substitution_def.explanation).to eq('')
+      expect(substitution_def.execution_message).to eq('')
       expect(substitution_def.params).to eq(['<Comment>'])
       expect(substitution_def.condition_block).to be_nil
       expect(substitution_def.types).to eq([])
@@ -144,6 +155,7 @@ describe Gitlab::QuickActions::Dsl do
       expect(has_types.aliases).to eq([])
       expect(has_types.description).to eq('A command with types')
       expect(has_types.explanation).to eq('')
+      expect(has_types.execution_message).to eq('')
       expect(has_types.params).to eq([])
       expect(has_types.condition_block).to be_nil
       expect(has_types.types).to eq([Issue, Commit])
diff --git a/spec/services/quick_actions/interpret_service_spec.rb b/spec/services/quick_actions/interpret_service_spec.rb
index 71c4c3ad0d7..bf5f211b11c 100644
--- a/spec/services/quick_actions/interpret_service_spec.rb
+++ b/spec/services/quick_actions/interpret_service_spec.rb
@@ -28,61 +28,108 @@ describe QuickActions::InterpretService do
     shared_examples 'reopen command' do
       it 'returns state_event: "reopen" if content contains /reopen' do
         issuable.close!
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(state_event: 'reopen')
       end
+
+      it 'returns the reopen message' do
+        issuable.close!
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq("Reopened this #{issuable.to_ability_name.humanize(capitalize: false)}.")
+      end
     end
 
     shared_examples 'close command' do
       it 'returns state_event: "close" if content contains /close' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(state_event: 'close')
       end
+
+      it 'returns the close message' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq("Closed this #{issuable.to_ability_name.humanize(capitalize: false)}.")
+      end
     end
 
     shared_examples 'title command' do
       it 'populates title: "A brand new title" if content contains /title A brand new title' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(title: 'A brand new title')
       end
+
+      it 'returns the title message' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq(%{Changed the title to "A brand new title".})
+      end
     end
 
     shared_examples 'milestone command' do
       it 'fetches milestone and populates milestone_id if content contains /milestone' do
         milestone # populate the milestone
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(milestone_id: milestone.id)
       end
+
+      it 'returns the milestone message' do
+        milestone # populate the milestone
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq("Set the milestone to #{milestone.to_reference}.")
+      end
+
+      it 'returns empty milestone message when milestone is wrong' do
+        _, _, message = service.execute('/milestone %wrong-milestone', issuable)
+
+        expect(message).to be_empty
+      end
     end
 
     shared_examples 'remove_milestone command' do
       it 'populates milestone_id: nil if content contains /remove_milestone' do
         issuable.update!(milestone_id: milestone.id)
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(milestone_id: nil)
       end
+
+      it 'returns removed milestone message' do
+        issuable.update!(milestone_id: milestone.id)
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq("Removed #{milestone.to_reference} milestone.")
+      end
     end
 
     shared_examples 'label command' do
       it 'fetches label ids and populates add_label_ids if content contains /label' do
         bug # populate the label
         inprogress # populate the label
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(add_label_ids: [bug.id, inprogress.id])
       end
+
+      it 'returns the label message' do
+        bug # populate the label
+        inprogress # populate the label
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq("Added #{bug.to_reference(format: :name)} #{inprogress.to_reference(format: :name)} labels.")
+      end
     end
 
     shared_examples 'multiple label command' do
       it 'fetches label ids and populates add_label_ids if content contains multiple /label' do
         bug # populate the label
         inprogress # populate the label
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(add_label_ids: [inprogress.id, bug.id])
       end
@@ -91,7 +138,7 @@ describe QuickActions::InterpretService do
     shared_examples 'multiple label with same argument' do
       it 'prevents duplicate label ids and populates add_label_ids if content contains multiple /label' do
         inprogress # populate the label
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(add_label_ids: [inprogress.id])
       end
@@ -120,16 +167,23 @@ describe QuickActions::InterpretService do
     shared_examples 'unlabel command' do
       it 'fetches label ids and populates remove_label_ids if content contains /unlabel' do
         issuable.update!(label_ids: [inprogress.id]) # populate the label
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(remove_label_ids: [inprogress.id])
       end
+
+      it 'returns the unlabel message' do
+        issuable.update!(label_ids: [inprogress.id]) # populate the label
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq("Removed #{inprogress.to_reference(format: :name)} label.")
+      end
     end
 
     shared_examples 'multiple unlabel command' do
       it 'fetches label ids and populates remove_label_ids if content contains  mutiple /unlabel' do
         issuable.update!(label_ids: [inprogress.id, bug.id]) # populate the label
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(remove_label_ids: [inprogress.id, bug.id])
       end
@@ -138,7 +192,7 @@ describe QuickActions::InterpretService do
     shared_examples 'unlabel command with no argument' do
       it 'populates label_ids: [] if content contains /unlabel with no arguments' do
         issuable.update!(label_ids: [inprogress.id]) # populate the label
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(label_ids: [])
       end
@@ -148,91 +202,161 @@ describe QuickActions::InterpretService do
       it 'populates label_ids: [] if content contains /relabel' do
         issuable.update!(label_ids: [bug.id]) # populate the label
         inprogress # populate the label
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(label_ids: [inprogress.id])
       end
+
+      it 'returns the relabel message' do
+        issuable.update!(label_ids: [bug.id]) # populate the label
+        inprogress # populate the label
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq("Replaced all labels with #{inprogress.to_reference(format: :name)} label.")
+      end
     end
 
     shared_examples 'todo command' do
       it 'populates todo_event: "add" if content contains /todo' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(todo_event: 'add')
       end
+
+      it 'returns the todo message' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq('Added a todo.')
+      end
     end
 
     shared_examples 'done command' do
       it 'populates todo_event: "done" if content contains /done' do
         TodoService.new.mark_todo(issuable, developer)
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(todo_event: 'done')
       end
+
+      it 'returns the done message' do
+        TodoService.new.mark_todo(issuable, developer)
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq('Marked to do as done.')
+      end
     end
 
     shared_examples 'subscribe command' do
       it 'populates subscription_event: "subscribe" if content contains /subscribe' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(subscription_event: 'subscribe')
       end
+
+      it 'returns the subscribe message' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq("Subscribed to this #{issuable.to_ability_name.humanize(capitalize: false)}.")
+      end
     end
 
     shared_examples 'unsubscribe command' do
       it 'populates subscription_event: "unsubscribe" if content contains /unsubscribe' do
         issuable.subscribe(developer, project)
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(subscription_event: 'unsubscribe')
       end
+
+      it 'returns the unsubscribe message' do
+        issuable.subscribe(developer, project)
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq("Unsubscribed from this #{issuable.to_ability_name.humanize(capitalize: false)}.")
+      end
     end
 
     shared_examples 'due command' do
+      let(:expected_date) { Date.new(2016, 8, 28) }
+
       it 'populates due_date: Date.new(2016, 8, 28) if content contains /due 2016-08-28' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
+
+        expect(updates).to eq(due_date: expected_date)
+      end
 
-        expect(updates).to eq(due_date: defined?(expected_date) ? expected_date : Date.new(2016, 8, 28))
+      it 'returns due_date message: Date.new(2016, 8, 28) if content contains /due 2016-08-28' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq("Set the due date to #{expected_date.to_s(:medium)}.")
       end
     end
 
     shared_examples 'remove_due_date command' do
-      it 'populates due_date: nil if content contains /remove_due_date' do
+      before do
         issuable.update!(due_date: Date.today)
-        _, updates = service.execute(content, issuable)
+      end
+
+      it 'populates due_date: nil if content contains /remove_due_date' do
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(due_date: nil)
       end
+
+      it 'returns Removed the due date' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq('Removed the due date.')
+      end
     end
 
     shared_examples 'wip command' do
       it 'returns wip_event: "wip" if content contains /wip' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(wip_event: 'wip')
       end
+
+      it 'returns the wip message' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq("Marked this #{issuable.to_ability_name.humanize(capitalize: false)} as Work In Progress.")
+      end
     end
 
     shared_examples 'unwip command' do
       it 'returns wip_event: "unwip" if content contains /wip' do
         issuable.update!(title: issuable.wip_title)
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(wip_event: 'unwip')
       end
+
+      it 'returns the unwip message' do
+        issuable.update!(title: issuable.wip_title)
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq("Unmarked this #{issuable.to_ability_name.humanize(capitalize: false)} as Work In Progress.")
+      end
     end
 
     shared_examples 'estimate command' do
       it 'populates time_estimate: 3600 if content contains /estimate 1h' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(time_estimate: 3600)
       end
+
+      it 'returns the time_estimate formatted message' do
+        _, _, message = service.execute('/estimate 79d', issuable)
+
+        expect(message).to eq('Set time estimate to 3mo 3w 4d.')
+      end
     end
 
     shared_examples 'spend command' do
       it 'populates spend_time: 3600 if content contains /spend 1h' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(spend_time: {
                                 duration: 3600,
@@ -240,11 +364,17 @@ describe QuickActions::InterpretService do
                                 spent_at: DateTime.now.to_date
                               })
       end
+
+      it 'returns the spend_time message including the formatted duration and verb' do
+        _, _, message = service.execute('/spend -120m', issuable)
+
+        expect(message).to eq('Subtracted 2h spent time.')
+      end
     end
 
     shared_examples 'spend command with negative time' do
       it 'populates spend_time: -1800 if content contains /spend -30m' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(spend_time: {
                                 duration: -1800,
@@ -256,7 +386,7 @@ describe QuickActions::InterpretService do
 
     shared_examples 'spend command with valid date' do
       it 'populates spend time: 1800 with date in date type format' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(spend_time: {
                                 duration: 1800,
@@ -268,7 +398,7 @@ describe QuickActions::InterpretService do
 
     shared_examples 'spend command with invalid date' do
       it 'will not create any note and timelog' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq({})
       end
@@ -276,7 +406,7 @@ describe QuickActions::InterpretService do
 
     shared_examples 'spend command with future date' do
       it 'will not create any note and timelog' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq({})
       end
@@ -284,18 +414,30 @@ describe QuickActions::InterpretService do
 
     shared_examples 'remove_estimate command' do
       it 'populates time_estimate: 0 if content contains /remove_estimate' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(time_estimate: 0)
       end
+
+      it 'returns the remove_estimate message' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq('Removed time estimate.')
+      end
     end
 
     shared_examples 'remove_time_spent command' do
       it 'populates spend_time: :reset if content contains /remove_time_spent' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(spend_time: { duration: :reset, user_id: developer.id })
       end
+
+      it 'returns the remove_time_spent message' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq('Removed spent time.')
+      end
     end
 
     shared_examples 'lock command' do
@@ -303,10 +445,16 @@ describe QuickActions::InterpretService do
       let(:merge_request) { create(:merge_request, source_project: project, discussion_locked: false) }
 
       it 'returns discussion_locked: true if content contains /lock' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(discussion_locked: true)
       end
+
+      it 'returns the lock discussion message' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq('Locked the discussion')
+      end
     end
 
     shared_examples 'unlock command' do
@@ -314,45 +462,79 @@ describe QuickActions::InterpretService do
       let(:merge_request) { create(:merge_request, source_project: project, discussion_locked: true) }
 
       it 'returns discussion_locked: true if content contains /unlock' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(discussion_locked: false)
       end
+
+      it 'returns the unlock discussion message' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq('Unlocked the discussion')
+      end
     end
 
-    shared_examples 'empty command' do
+    shared_examples 'empty command' do |error_msg|
       it 'populates {} if content contains an unsupported command' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to be_empty
       end
+
+      it "returns #{error_msg || 'an empty'} message" do
+        _, _, message = service.execute(content, issuable)
+
+        if error_msg
+          expect(message).to eq(error_msg)
+        else
+          expect(message).to be_empty
+        end
+      end
     end
 
     shared_examples 'merge command' do
       let(:project) { create(:project, :repository) }
 
       it 'runs merge command if content contains /merge' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(merge: merge_request.diff_head_sha)
       end
+
+      it 'returns them merge message' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq('Scheduled to merge this merge request when the pipeline succeeds.')
+      end
     end
 
     shared_examples 'award command' do
       it 'toggle award 100 emoji if content contains /award :100:' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(emoji_award: "100")
       end
+
+      it 'returns the award message' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq('Toggled :100: emoji award.')
+      end
     end
 
     shared_examples 'duplicate command' do
       it 'fetches issue and populates canonical_issue_id if content contains /duplicate issue_reference' do
         issue_duplicate # populate the issue
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(canonical_issue_id: issue_duplicate.id)
       end
+
+      it 'returns the duplicate message' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq("Marked this issue as a duplicate of #{issue_duplicate.to_reference(project)}.")
+      end
     end
 
     shared_examples 'copy_metadata command' do
@@ -360,7 +542,7 @@ describe QuickActions::InterpretService do
         source_issuable # populate the issue
         todo_label # populate this label
         inreview_label # populate this label
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates[:add_label_ids]).to match_array([inreview_label.id, todo_label.id])
 
@@ -370,19 +552,45 @@ describe QuickActions::InterpretService do
           expect(updates).not_to have_key(:milestone_id)
         end
       end
+
+      it 'returns the copy metadata message' do
+        _, _, message = service.execute("/copy_metadata #{source_issuable.to_reference}", issuable)
+
+        expect(message).to eq("Copied labels and milestone from #{source_issuable.to_reference}.")
+      end
+    end
+
+    describe 'move issue command' do
+      it 'returns the move issue message' do
+        _, _, message = service.execute("/move #{project.full_path}", issue)
+
+        expect(message).to eq("Moved this issue to #{project.full_path}.")
+      end
+
+      it 'returns move issue failure message when the referenced issue is not found' do
+        _, _, message = service.execute('/move invalid', issue)
+
+        expect(message).to eq("Move this issue failed because target project doesn't exists")
+      end
     end
 
     shared_examples 'confidential command' do
       it 'marks issue as confidential if content contains /confidential' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(confidential: true)
       end
+
+      it 'returns the confidential message' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq('Made this issue confidential')
+      end
     end
 
     shared_examples 'shrug command' do
       it 'appends ¯\_(ツ)_/¯ to the comment' do
-        new_content, _ = service.execute(content, issuable)
+        new_content, _, _ = service.execute(content, issuable)
 
         expect(new_content).to end_with(described_class::SHRUG)
       end
@@ -390,7 +598,7 @@ describe QuickActions::InterpretService do
 
     shared_examples 'tableflip command' do
       it 'appends (╯°□°)╯︵ ┻━┻ to the comment' do
-        new_content, _ = service.execute(content, issuable)
+        new_content, _, _ = service.execute(content, issuable)
 
         expect(new_content).to end_with(described_class::TABLEFLIP)
       end
@@ -398,18 +606,34 @@ describe QuickActions::InterpretService do
 
     shared_examples 'tag command' do
       it 'tags a commit' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(tag_name: tag_name, tag_message: tag_message)
       end
+
+      it 'returns the tag message' do
+        _, _, message = service.execute(content, issuable)
+
+        if tag_message.present?
+          expect(message).to eq(%{Tagged this commit to #{tag_name} with "#{tag_message}".})
+        else
+          expect(message).to eq("Tagged this commit to #{tag_name}.")
+        end
+      end
     end
 
     shared_examples 'assign command' do
       it 'assigns to a single user' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(assignee_ids: [developer.id])
       end
+
+      it 'returns the assign message' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq("Assigned #{developer.to_reference}.")
+      end
     end
 
     it_behaves_like 'reopen command' do
@@ -463,7 +687,7 @@ describe QuickActions::InterpretService do
         let(:service) { described_class.new(project, developer, {}) }
 
         it 'precheck passes and returns merge command' do
-          _, updates = service.execute('/merge', merge_request)
+          _, updates, _ = service.execute('/merge', merge_request)
 
           expect(updates).to eq(merge: nil)
         end
@@ -559,7 +783,7 @@ describe QuickActions::InterpretService do
       end
     end
 
-    it_behaves_like 'empty command' do
+    it_behaves_like 'empty command', "Assign command failed because no user was found" do
       let(:content) { '/assign @abcd1234' }
       let(:issuable) { issue }
     end
@@ -575,19 +799,33 @@ describe QuickActions::InterpretService do
       context 'Issue' do
         it 'populates assignee_ids: [] if content contains /unassign' do
           issue.update!(assignee_ids: [developer.id])
-          _, updates = service.execute(content, issue)
+          _, updates, _ = service.execute(content, issue)
 
           expect(updates).to eq(assignee_ids: [])
         end
+
+        it 'returns the unassign message for all the assignee if content contains /unassign' do
+          issue.update(assignee_ids: [developer.id, developer2.id])
+          _, _, message = service.execute(content, issue)
+
+          expect(message).to eq("Removed assignees #{developer.to_reference} and #{developer2.to_reference}.")
+        end
       end
 
       context 'Merge Request' do
         it 'populates assignee_ids: [] if content contains /unassign' do
           merge_request.update!(assignee_ids: [developer.id])
-          _, updates = service.execute(content, merge_request)
+          _, updates, _ = service.execute(content, merge_request)
 
           expect(updates).to eq(assignee_ids: [])
         end
+
+        it 'returns the unassign message for all the assignee if content contains /unassign' do
+          merge_request.update(assignee_ids: [developer.id, developer2.id])
+          _, _, message = service.execute(content, merge_request)
+
+          expect(message).to eq("Removed assignees #{developer.to_reference} and #{developer2.to_reference}.")
+        end
       end
     end
 
@@ -979,12 +1217,12 @@ describe QuickActions::InterpretService do
           let(:issuable) { issue }
         end
 
-        it_behaves_like 'empty command' do
+        it_behaves_like 'empty command', 'Mark as duplicate failed because referenced issue was not found' do
           let(:content) { "/duplicate imaginary#1234" }
           let(:issuable) { issue }
         end
 
-        it_behaves_like 'empty command' do
+        it_behaves_like 'empty command', 'Mark as duplicate failed because referenced issue was not found' do
           let(:other_project) { create(:project, :private) }
           let(:issue_duplicate) { create(:issue, project: other_project) }
 
@@ -1049,7 +1287,7 @@ describe QuickActions::InterpretService do
         let(:issuable) { issue }
       end
 
-      it_behaves_like 'empty command' do
+      it_behaves_like 'empty command', 'Mark as duplicate failed because referenced issue was not found' do
         let(:content) { '/duplicate #{issue.to_reference}' }
         let(:issuable) { issue }
       end
@@ -1132,13 +1370,13 @@ describe QuickActions::InterpretService do
       let(:service) { described_class.new(non_empty_project, developer)}
 
       it 'updates target_branch if /target_branch command is executed' do
-        _, updates = service.execute('/target_branch merge-test', merge_request)
+        _, updates, _ = service.execute('/target_branch merge-test', merge_request)
 
         expect(updates).to eq(target_branch: 'merge-test')
       end
 
       it 'handles blanks around param' do
-        _, updates = service.execute('/target_branch  merge-test     ', merge_request)
+        _, updates, _ = service.execute('/target_branch  merge-test     ', merge_request)
 
         expect(updates).to eq(target_branch: 'merge-test')
       end
@@ -1156,6 +1394,12 @@ describe QuickActions::InterpretService do
           let(:issuable) { another_merge_request }
         end
       end
+
+      it 'returns the target_branch message' do
+        _, _, message = service.execute('/target_branch merge-test', merge_request)
+
+        expect(message).to eq('Set target branch to merge-test.')
+      end
     end
 
     context '/board_move command' do
@@ -1171,13 +1415,13 @@ describe QuickActions::InterpretService do
       it 'populates remove_label_ids for all current board columns' do
         issue.update!(label_ids: [todo.id, inprogress.id])
 
-        _, updates = service.execute(content, issue)
+        _, updates, _ = service.execute(content, issue)
 
         expect(updates[:remove_label_ids]).to match_array([todo.id, inprogress.id])
       end
 
       it 'populates add_label_ids with the id of the given label' do
-        _, updates = service.execute(content, issue)
+        _, updates, _ = service.execute(content, issue)
 
         expect(updates[:add_label_ids]).to eq([inreview.id])
       end
@@ -1185,7 +1429,7 @@ describe QuickActions::InterpretService do
       it 'does not include the given label id in remove_label_ids' do
         issue.update!(label_ids: [todo.id, inreview.id])
 
-        _, updates = service.execute(content, issue)
+        _, updates, _ = service.execute(content, issue)
 
         expect(updates[:remove_label_ids]).to match_array([todo.id])
       end
@@ -1193,11 +1437,19 @@ describe QuickActions::InterpretService do
       it 'does not remove label ids that are not lists on the board' do
         issue.update!(label_ids: [todo.id, bug.id])
 
-        _, updates = service.execute(content, issue)
+        _, updates, _ = service.execute(content, issue)
 
         expect(updates[:remove_label_ids]).to match_array([todo.id])
       end
 
+      it 'returns board_move message' do
+        issue.update!(label_ids: [todo.id, inprogress.id])
+
+        _, _, message = service.execute(content, issue)
+
+        expect(message).to eq("Moved issue to ~#{inreview.id} column in the board.")
+      end
+
       context 'if the project has multiple boards' do
         let(:issuable) { issue }
 
@@ -1211,13 +1463,13 @@ describe QuickActions::InterpretService do
       context 'if the given label does not exist' do
         let(:issuable) { issue }
         let(:content) { '/board_move ~"Fake Label"' }
-        it_behaves_like 'empty command'
+        it_behaves_like 'empty command', 'Move this issue failed because you need to specify only one label.'
       end
 
       context 'if multiple labels are given' do
         let(:issuable) { issue }
         let(:content) { %{/board_move ~"#{inreview.title}" ~"#{todo.title}"} }
-        it_behaves_like 'empty command'
+        it_behaves_like 'empty command', 'Move this issue failed because you need to specify only one label.'
       end
 
       context 'if the given label is not a list on the board' do
@@ -1292,10 +1544,16 @@ describe QuickActions::InterpretService do
       end
 
       it 'populates create_merge_request with branch_name and issue iid' do
-        _, updates = service.execute(content, issuable)
+        _, updates, _ = service.execute(content, issuable)
 
         expect(updates).to eq(create_merge_request: { branch_name: branch_name, issue_iid: issuable.iid })
       end
+
+      it 'returns the create_merge_request message' do
+        _, _, message = service.execute(content, issuable)
+
+        expect(message).to eq("Created branch '#{branch_name}' and a merge request to resolve this issue")
+      end
     end
   end
 
@@ -1558,6 +1816,12 @@ describe QuickActions::InterpretService do
 
           expect(explanations).to eq(['Creates a branch and a merge request to resolve this issue'])
         end
+
+        it 'returns the execution message using the default branch name' do
+          _, _, message = service.execute(content, issue)
+
+          expect(message).to eq('Created a branch and a merge request to resolve this issue')
+        end
       end
 
       context 'with a branch name' do
@@ -1568,6 +1832,12 @@ describe QuickActions::InterpretService do
 
           expect(explanations).to eq(["Creates branch 'foo' and a merge request to resolve this issue"])
         end
+
+        it 'returns the execution message using the given branch name' do
+          _, _, message = service.execute(content, issue)
+
+          expect(message).to eq("Created branch 'foo' and a merge request to resolve this issue")
+        end
       end
     end
 
diff --git a/spec/support/shared_examples/quick_actions/commit/tag_quick_action_shared_examples.rb b/spec/support/shared_examples/quick_actions/commit/tag_quick_action_shared_examples.rb
index b337a1c18d8..f5a86e4dc2c 100644
--- a/spec/support/shared_examples/quick_actions/commit/tag_quick_action_shared_examples.rb
+++ b/spec/support/shared_examples/quick_actions/commit/tag_quick_action_shared_examples.rb
@@ -5,7 +5,7 @@ shared_examples 'tag quick action' do
     it 'tags this commit' do
       add_note("/tag #{tag_name} #{tag_message}")
 
-      expect(page).to have_content 'Commands applied'
+      expect(page).to have_content %{Tagged this commit to #{tag_name} with "#{tag_message}".}
       expect(page).to have_content "tagged commit #{truncated_commit_sha}"
       expect(page).to have_content tag_name
 
diff --git a/spec/support/shared_examples/quick_actions/issuable/close_quick_action_shared_examples.rb b/spec/support/shared_examples/quick_actions/issuable/close_quick_action_shared_examples.rb
index a79a61bc708..6e7eb78261a 100644
--- a/spec/support/shared_examples/quick_actions/issuable/close_quick_action_shared_examples.rb
+++ b/spec/support/shared_examples/quick_actions/issuable/close_quick_action_shared_examples.rb
@@ -68,7 +68,7 @@ shared_examples 'close quick action' do |issuable_type|
       it "does not close the #{issuable_type}" do
         add_note('/close')
 
-        expect(page).not_to have_content 'Commands applied'
+        expect(page).not_to have_content "Closed this #{issuable.to_ability_name.humanize(capitalize: false)}."
         expect(issuable).to be_open
       end
     end
diff --git a/spec/support/shared_examples/quick_actions/issue/create_merge_request_quick_action_shared_examples.rb b/spec/support/shared_examples/quick_actions/issue/create_merge_request_quick_action_shared_examples.rb
index 34dba5dbc31..3e9ee9a633f 100644
--- a/spec/support/shared_examples/quick_actions/issue/create_merge_request_quick_action_shared_examples.rb
+++ b/spec/support/shared_examples/quick_actions/issue/create_merge_request_quick_action_shared_examples.rb
@@ -2,8 +2,14 @@
 
 shared_examples 'create_merge_request quick action' do
   context 'create a merge request starting from an issue' do
-    def expect_mr_quickaction(success)
-      expect(page).to have_content 'Commands applied'
+    def expect_mr_quickaction(success, branch_name = nil)
+      command_message = if branch_name
+                          "Created branch '#{branch_name}' and a merge request to resolve this issue"
+                        else
+                          "Created a branch and a merge request to resolve this issue"
+                        end
+
+      expect(page).to have_content command_message
 
       if success
         expect(page).to have_content 'created merge request'
@@ -13,19 +19,21 @@ shared_examples 'create_merge_request quick action' do
     end
 
     it "doesn't create a merge request when the branch name is invalid" do
-      add_note("/create_merge_request invalid branch name")
+      branch_name = 'invalid branch name'
+      add_note("/create_merge_request #{branch_name}")
 
       wait_for_requests
 
-      expect_mr_quickaction(false)
+      expect_mr_quickaction(false, branch_name)
     end
 
     it "doesn't create a merge request when a branch with that name already exists" do
-      add_note("/create_merge_request feature")
+      branch_name = 'feature'
+      add_note("/create_merge_request #{branch_name}")
 
       wait_for_requests
 
-      expect_mr_quickaction(false)
+      expect_mr_quickaction(false, branch_name)
     end
 
     it 'creates a new merge request using issue iid and title as branch name when the branch name is empty' do
@@ -46,7 +54,7 @@ shared_examples 'create_merge_request quick action' do
       branch_name = '1-feature'
       add_note("/create_merge_request #{branch_name}")
 
-      expect_mr_quickaction(true)
+      expect_mr_quickaction(true, branch_name)
 
       created_mr = project.merge_requests.last
       expect(created_mr.source_branch).to eq(branch_name)
diff --git a/spec/support/shared_examples/quick_actions/issue/duplicate_quick_action_shared_examples.rb b/spec/support/shared_examples/quick_actions/issue/duplicate_quick_action_shared_examples.rb
index 633c7135fbc..3834b8b2b87 100644
--- a/spec/support/shared_examples/quick_actions/issue/duplicate_quick_action_shared_examples.rb
+++ b/spec/support/shared_examples/quick_actions/issue/duplicate_quick_action_shared_examples.rb
@@ -9,7 +9,6 @@ shared_examples 'duplicate quick action' do
         add_note("/duplicate ##{original_issue.to_reference}")
 
         expect(page).not_to have_content "/duplicate #{original_issue.to_reference}"
-        expect(page).to have_content 'Commands applied'
         expect(page).to have_content "marked this issue as a duplicate of #{original_issue.to_reference}"
 
         expect(issue.reload).to be_closed
@@ -28,7 +27,6 @@ shared_examples 'duplicate quick action' do
       it 'does not create a note, and does not mark the issue as a duplicate' do
         add_note("/duplicate ##{original_issue.to_reference}")
 
-        expect(page).not_to have_content 'Commands applied'
         expect(page).not_to have_content "marked this issue as a duplicate of #{original_issue.to_reference}"
 
         expect(issue.reload).to be_open
diff --git a/spec/support/shared_examples/quick_actions/issue/move_quick_action_shared_examples.rb b/spec/support/shared_examples/quick_actions/issue/move_quick_action_shared_examples.rb
index a0b0d888769..85682b4919d 100644
--- a/spec/support/shared_examples/quick_actions/issue/move_quick_action_shared_examples.rb
+++ b/spec/support/shared_examples/quick_actions/issue/move_quick_action_shared_examples.rb
@@ -12,7 +12,7 @@ shared_examples 'move quick action' do
       it 'moves the issue' do
         add_note("/move #{target_project.full_path}")
 
-        expect(page).to have_content 'Commands applied'
+        expect(page).to have_content "Moved this issue to #{target_project.full_path}."
         expect(issue.reload).to be_closed
 
         visit project_issue_path(target_project, issue)
@@ -29,7 +29,7 @@ shared_examples 'move quick action' do
 
         wait_for_requests
 
-        expect(page).to have_content 'Commands applied'
+        expect(page).to have_content "Moved this issue to #{project_unauthorized.full_path}."
         expect(issue.reload).to be_open
       end
     end
@@ -40,7 +40,7 @@ shared_examples 'move quick action' do
 
         wait_for_requests
 
-        expect(page).to have_content 'Commands applied'
+        expect(page).to have_content "Move this issue failed because target project doesn't exists"
         expect(issue.reload).to be_open
       end
     end
@@ -56,7 +56,7 @@ shared_examples 'move quick action' do
 
       shared_examples 'applies the commands to issues in both projects, target and source' do
         it "applies quick actions" do
-          expect(page).to have_content 'Commands applied'
+          expect(page).to have_content "Moved this issue to #{target_project.full_path}."
           expect(issue.reload).to be_closed
 
           visit project_issue_path(target_project, issue)
diff --git a/spec/support/shared_examples/quick_actions/merge_request/merge_quick_action_shared_examples.rb b/spec/support/shared_examples/quick_actions/merge_request/merge_quick_action_shared_examples.rb
index c454ddc4bba..ac7c17915de 100644
--- a/spec/support/shared_examples/quick_actions/merge_request/merge_quick_action_shared_examples.rb
+++ b/spec/support/shared_examples/quick_actions/merge_request/merge_quick_action_shared_examples.rb
@@ -10,7 +10,7 @@ shared_examples 'merge quick action' do
     it 'merges the MR' do
       add_note("/merge")
 
-      expect(page).to have_content 'Commands applied'
+      expect(page).to have_content 'Scheduled to merge this merge request when the pipeline succeeds.'
 
       expect(merge_request.reload).to be_merged
     end
-- 
cgit v1.2.1


From 7d745d31d96f84d3da863843976121aafe3256b5 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Mon, 29 Jul 2019 12:55:33 -0700
Subject: Update rouge to v3.7.0

This adds support for a number of new languages (e.g. Ada)
and fixes a number of lexers:
https://github.com/rouge-ruby/rouge/compare/v3.5.1..v3.7.0

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/64625
---
 Gemfile                                         | 2 +-
 Gemfile.lock                                    | 4 ++--
 changelogs/unreleased/sh-update-rouge-3-7-0.yml | 5 +++++
 spec/features/markdown/copy_as_gfm_spec.rb      | 2 +-
 4 files changed, 9 insertions(+), 4 deletions(-)
 create mode 100644 changelogs/unreleased/sh-update-rouge-3-7-0.yml

diff --git a/Gemfile b/Gemfile
index e860ee61cb9..865111ca2bc 100644
--- a/Gemfile
+++ b/Gemfile
@@ -134,7 +134,7 @@ gem 'wikicloth', '0.8.1'
 gem 'asciidoctor', '~> 2.0.10'
 gem 'asciidoctor-include-ext', '~> 0.3.1', require: false
 gem 'asciidoctor-plantuml', '0.0.9'
-gem 'rouge', '~> 3.5'
+gem 'rouge', '~> 3.7'
 gem 'truncato', '~> 0.7.11'
 gem 'bootstrap_form', '~> 4.2.0'
 gem 'nokogiri', '~> 1.10.3'
diff --git a/Gemfile.lock b/Gemfile.lock
index 3614f111a4b..a87bf239fb9 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -780,7 +780,7 @@ GEM
     retriable (3.1.2)
     rinku (2.0.0)
     rotp (2.1.2)
-    rouge (3.5.1)
+    rouge (3.7.0)
     rqrcode (0.7.0)
       chunky_png
     rqrcode-rails3 (0.1.7)
@@ -1208,7 +1208,7 @@ DEPENDENCIES
   redis-rails (~> 5.0.2)
   request_store (~> 1.3)
   responders (~> 2.0)
-  rouge (~> 3.5)
+  rouge (~> 3.7)
   rqrcode-rails3 (~> 0.1.7)
   rspec-parameterized
   rspec-rails (~> 3.8.0)
diff --git a/changelogs/unreleased/sh-update-rouge-3-7-0.yml b/changelogs/unreleased/sh-update-rouge-3-7-0.yml
new file mode 100644
index 00000000000..6828f48863c
--- /dev/null
+++ b/changelogs/unreleased/sh-update-rouge-3-7-0.yml
@@ -0,0 +1,5 @@
+---
+title: Update rouge to v3.7.0
+merge_request: 31254
+author:
+type: other
diff --git a/spec/features/markdown/copy_as_gfm_spec.rb b/spec/features/markdown/copy_as_gfm_spec.rb
index 176801d482e..c098a1b3e3a 100644
--- a/spec/features/markdown/copy_as_gfm_spec.rb
+++ b/spec/features/markdown/copy_as_gfm_spec.rb
@@ -798,7 +798,7 @@ describe 'Copy as GFM', :js do
       context 'selecting one word of text' do
         it 'copies as inline code' do
           verify(
-            '.line[id="LC27"] .s2',
+            '.line[id="LC27"] .nl',
 
             '`"bio"`'
           )
-- 
cgit v1.2.1


From dfe13131d705c739a3b8747e70c004aaf2e58856 Mon Sep 17 00:00:00 2001
From: Sarah Yasonik <syasonik@gitlab.com>
Date: Mon, 29 Jul 2019 23:03:59 +0000
Subject: Move BaseService to Services directory

In preparation for embedding specific metrics in issues
https://gitlab.com/gitlab-org/gitlab-ce/issues/62971,
this commit moves the BaseService for metrics dashboards
to a new services subdirectory. This is purely for the sake
of organization and maintainability.
---
 app/services/metrics/dashboard/base_service.rb     | 70 +++++++++++++++++
 .../metrics/dashboard/default_embed_service.rb     | 63 +++++++++++++++
 .../metrics/dashboard/project_dashboard_service.rb | 48 ++++++++++++
 .../metrics/dashboard/system_dashboard_service.rb  | 47 ++++++++++++
 lib/gitlab/metrics/dashboard/base_service.rb       | 72 -----------------
 .../metrics/dashboard/dynamic_dashboard_service.rb | 65 ----------------
 lib/gitlab/metrics/dashboard/finder.rb             | 10 +--
 .../metrics/dashboard/project_dashboard_service.rb | 50 ------------
 .../metrics/dashboard/system_dashboard_service.rb  | 49 ------------
 .../projects/environments_controller_spec.rb       |  2 +-
 .../dashboard/dynamic_dashboard_service_spec.rb    | 36 ---------
 spec/lib/gitlab/metrics/dashboard/finder_spec.rb   |  2 +-
 .../dashboard/project_dashboard_service_spec.rb    | 89 ----------------------
 .../dashboard/system_dashboard_service_spec.rb     | 52 -------------
 .../dashboard/default_embed_service_spec.rb        | 36 +++++++++
 .../dashboard/project_dashboard_service_spec.rb    | 89 ++++++++++++++++++++++
 .../dashboard/system_dashboard_service_spec.rb     | 52 +++++++++++++
 17 files changed, 412 insertions(+), 420 deletions(-)
 create mode 100644 app/services/metrics/dashboard/base_service.rb
 create mode 100644 app/services/metrics/dashboard/default_embed_service.rb
 create mode 100644 app/services/metrics/dashboard/project_dashboard_service.rb
 create mode 100644 app/services/metrics/dashboard/system_dashboard_service.rb
 delete mode 100644 lib/gitlab/metrics/dashboard/base_service.rb
 delete mode 100644 lib/gitlab/metrics/dashboard/dynamic_dashboard_service.rb
 delete mode 100644 lib/gitlab/metrics/dashboard/project_dashboard_service.rb
 delete mode 100644 lib/gitlab/metrics/dashboard/system_dashboard_service.rb
 delete mode 100644 spec/lib/gitlab/metrics/dashboard/dynamic_dashboard_service_spec.rb
 delete mode 100644 spec/lib/gitlab/metrics/dashboard/project_dashboard_service_spec.rb
 delete mode 100644 spec/lib/gitlab/metrics/dashboard/system_dashboard_service_spec.rb
 create mode 100644 spec/services/metrics/dashboard/default_embed_service_spec.rb
 create mode 100644 spec/services/metrics/dashboard/project_dashboard_service_spec.rb
 create mode 100644 spec/services/metrics/dashboard/system_dashboard_service_spec.rb

diff --git a/app/services/metrics/dashboard/base_service.rb b/app/services/metrics/dashboard/base_service.rb
new file mode 100644
index 00000000000..b331bf51874
--- /dev/null
+++ b/app/services/metrics/dashboard/base_service.rb
@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+# Searches a projects repository for a metrics dashboard and formats the output.
+# Expects any custom dashboards will be located in `.gitlab/dashboards`
+module Metrics
+  module Dashboard
+    class BaseService < ::BaseService
+      PROCESSING_ERROR = Gitlab::Metrics::Dashboard::Stages::BaseStage::DashboardProcessingError
+      NOT_FOUND_ERROR = Gitlab::Template::Finders::RepoTemplateFinder::FileNotFoundError
+
+      def get_dashboard
+        return error('Insufficient permissions.', :unauthorized) unless allowed?
+
+        success(dashboard: process_dashboard)
+      rescue NOT_FOUND_ERROR
+        error("#{dashboard_path} could not be found.", :not_found)
+      rescue PROCESSING_ERROR => e
+        error(e.message, :unprocessable_entity)
+      end
+
+      # Summary of all known dashboards for the service.
+      # @return [Array<Hash>] ex) [{ path: String, default: Boolean }]
+      def self.all_dashboard_paths(_project)
+        raise NotImplementedError
+      end
+
+      # Returns an un-processed dashboard from the cache.
+      def raw_dashboard
+        Gitlab::Metrics::Dashboard::Cache.fetch(cache_key) { get_raw_dashboard }
+      end
+
+      private
+
+      # Determines whether users should be able to view
+      # dashboards at all.
+      def allowed?
+        Ability.allowed?(current_user, :read_environment, project)
+      end
+
+      # Returns a new dashboard Hash, supplemented with DB info
+      def process_dashboard
+        Gitlab::Metrics::Dashboard::Processor
+          .new(project, params[:environment], raw_dashboard)
+          .process(insert_project_metrics: insert_project_metrics?)
+      end
+
+      # @return [String] Relative filepath of the dashboard yml
+      def dashboard_path
+        params[:dashboard_path]
+      end
+
+      # @return [Hash] an unmodified dashboard
+      def get_raw_dashboard
+        raise NotImplementedError
+      end
+
+      # @return [String]
+      def cache_key
+        raise NotImplementedError
+      end
+
+      # Determines whether custom metrics should be included
+      # in the processed output.
+      # @return [Boolean]
+      def insert_project_metrics?
+        false
+      end
+    end
+  end
+end
diff --git a/app/services/metrics/dashboard/default_embed_service.rb b/app/services/metrics/dashboard/default_embed_service.rb
new file mode 100644
index 00000000000..0967c5bcfeb
--- /dev/null
+++ b/app/services/metrics/dashboard/default_embed_service.rb
@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+# Responsible for returning a filtered system dashboard
+# containing only the default embedded metrics. In future,
+# this class may be updated to support filtering to
+# alternate metrics/panels.
+#
+# Why isn't this filtering in a processing stage? By filtering
+# here, we ensure the dynamically-determined dashboard is cached.
+#
+# Use Gitlab::Metrics::Dashboard::Finder to retrive dashboards.
+module Metrics
+  module Dashboard
+    class DefaultEmbedService < ::Metrics::Dashboard::BaseService
+      # For the default filtering for embedded metrics,
+      # uses the 'id' key in dashboard-yml definition for
+      # identification.
+      DEFAULT_EMBEDDED_METRICS_IDENTIFIERS = %w(
+        system_metrics_kubernetes_container_memory_total
+        system_metrics_kubernetes_container_cores_total
+      ).freeze
+
+      # Returns a new dashboard with only the matching
+      # metrics from the system dashboard, stripped of groups.
+      # @return [Hash]
+      def raw_dashboard
+        panels = panel_groups.each_with_object([]) do |group, panels|
+          matched_panels = group['panels'].select { |panel| matching_panel?(panel) }
+
+          panels.concat(matched_panels)
+        end
+
+        { 'panel_groups' => [{ 'panels' => panels }] }
+      end
+
+      def cache_key
+        "dynamic_metrics_dashboard_#{metric_identifiers.join('_')}"
+      end
+
+      private
+
+      # Returns an array of the panels groups on the
+      # system dashboard
+      def panel_groups
+        ::Metrics::Dashboard::SystemDashboardService
+          .new(project, nil)
+          .raw_dashboard['panel_groups']
+      end
+
+      # Identifies a panel as "matching" if any metric ids in
+      # the panel is in the list of identifiers to collect.
+      def matching_panel?(panel)
+        panel['metrics'].any? do |metric|
+          metric_identifiers.include?(metric['id'])
+        end
+      end
+
+      def metric_identifiers
+        DEFAULT_EMBEDDED_METRICS_IDENTIFIERS
+      end
+    end
+  end
+end
diff --git a/app/services/metrics/dashboard/project_dashboard_service.rb b/app/services/metrics/dashboard/project_dashboard_service.rb
new file mode 100644
index 00000000000..756d387c0e6
--- /dev/null
+++ b/app/services/metrics/dashboard/project_dashboard_service.rb
@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+# Searches a projects repository for a metrics dashboard and formats the output.
+# Expects any custom dashboards will be located in `.gitlab/dashboards`
+# Use Gitlab::Metrics::Dashboard::Finder to retrive dashboards.
+module Metrics
+  module Dashboard
+    class ProjectDashboardService < ::Metrics::Dashboard::BaseService
+      DASHBOARD_ROOT = ".gitlab/dashboards"
+
+      class << self
+        def all_dashboard_paths(project)
+          file_finder(project)
+            .list_files_for(DASHBOARD_ROOT)
+            .map do |filepath|
+              {
+                path: filepath,
+                display_name: name_for_path(filepath),
+                default: false
+              }
+            end
+        end
+
+        def file_finder(project)
+          Gitlab::Template::Finders::RepoTemplateFinder.new(project, DASHBOARD_ROOT, '.yml')
+        end
+
+        # Grabs the filepath after the base directory.
+        def name_for_path(filepath)
+          filepath.delete_prefix("#{DASHBOARD_ROOT}/")
+        end
+      end
+
+      private
+
+      # Searches the project repo for a custom-defined dashboard.
+      def get_raw_dashboard
+        yml = self.class.file_finder(project).read(dashboard_path)
+
+        YAML.safe_load(yml)
+      end
+
+      def cache_key
+        "project_#{project.id}_metrics_dashboard_#{dashboard_path}"
+      end
+    end
+  end
+end
diff --git a/app/services/metrics/dashboard/system_dashboard_service.rb b/app/services/metrics/dashboard/system_dashboard_service.rb
new file mode 100644
index 00000000000..fcd71aadb03
--- /dev/null
+++ b/app/services/metrics/dashboard/system_dashboard_service.rb
@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+# Fetches the system metrics dashboard and formats the output.
+# Use Gitlab::Metrics::Dashboard::Finder to retrive dashboards.
+module Metrics
+  module Dashboard
+    class SystemDashboardService < ::Metrics::Dashboard::BaseService
+      SYSTEM_DASHBOARD_PATH = 'config/prometheus/common_metrics.yml'
+      SYSTEM_DASHBOARD_NAME = 'Default'
+
+      class << self
+        def all_dashboard_paths(_project)
+          [{
+            path: SYSTEM_DASHBOARD_PATH,
+            display_name: SYSTEM_DASHBOARD_NAME,
+            default: true
+          }]
+        end
+
+        def system_dashboard?(filepath)
+          filepath == SYSTEM_DASHBOARD_PATH
+        end
+      end
+
+      private
+
+      def dashboard_path
+        SYSTEM_DASHBOARD_PATH
+      end
+
+      # Returns the base metrics shipped with every GitLab service.
+      def get_raw_dashboard
+        yml = File.read(Rails.root.join(dashboard_path))
+
+        YAML.safe_load(yml)
+      end
+
+      def cache_key
+        "metrics_dashboard_#{dashboard_path}"
+      end
+
+      def insert_project_metrics?
+        true
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/metrics/dashboard/base_service.rb b/lib/gitlab/metrics/dashboard/base_service.rb
deleted file mode 100644
index 0628e82e592..00000000000
--- a/lib/gitlab/metrics/dashboard/base_service.rb
+++ /dev/null
@@ -1,72 +0,0 @@
-# frozen_string_literal: true
-
-# Searches a projects repository for a metrics dashboard and formats the output.
-# Expects any custom dashboards will be located in `.gitlab/dashboards`
-module Gitlab
-  module Metrics
-    module Dashboard
-      class BaseService < ::BaseService
-        PROCESSING_ERROR = Gitlab::Metrics::Dashboard::Stages::BaseStage::DashboardProcessingError
-        NOT_FOUND_ERROR = Gitlab::Template::Finders::RepoTemplateFinder::FileNotFoundError
-
-        def get_dashboard
-          return error('Insufficient permissions.', :unauthorized) unless allowed?
-
-          success(dashboard: process_dashboard)
-        rescue NOT_FOUND_ERROR
-          error("#{dashboard_path} could not be found.", :not_found)
-        rescue PROCESSING_ERROR => e
-          error(e.message, :unprocessable_entity)
-        end
-
-        # Summary of all known dashboards for the service.
-        # @return [Array<Hash>] ex) [{ path: String, default: Boolean }]
-        def self.all_dashboard_paths(_project)
-          raise NotImplementedError
-        end
-
-        # Returns an un-processed dashboard from the cache.
-        def raw_dashboard
-          Gitlab::Metrics::Dashboard::Cache.fetch(cache_key) { get_raw_dashboard }
-        end
-
-        private
-
-        # Determines whether users should be able to view
-        # dashboards at all.
-        def allowed?
-          Ability.allowed?(current_user, :read_environment, project)
-        end
-
-        # Returns a new dashboard Hash, supplemented with DB info
-        def process_dashboard
-          Gitlab::Metrics::Dashboard::Processor
-            .new(project, params[:environment], raw_dashboard)
-            .process(insert_project_metrics: insert_project_metrics?)
-        end
-
-        # @return [String] Relative filepath of the dashboard yml
-        def dashboard_path
-          params[:dashboard_path]
-        end
-
-        # @return [Hash] an unmodified dashboard
-        def get_raw_dashboard
-          raise NotImplementedError
-        end
-
-        # @return [String]
-        def cache_key
-          raise NotImplementedError
-        end
-
-        # Determines whether custom metrics should be included
-        # in the processed output.
-        # @return [Boolean]
-        def insert_project_metrics?
-          false
-        end
-      end
-    end
-  end
-end
diff --git a/lib/gitlab/metrics/dashboard/dynamic_dashboard_service.rb b/lib/gitlab/metrics/dashboard/dynamic_dashboard_service.rb
deleted file mode 100644
index 81ed8922e17..00000000000
--- a/lib/gitlab/metrics/dashboard/dynamic_dashboard_service.rb
+++ /dev/null
@@ -1,65 +0,0 @@
-# frozen_string_literal: true
-
-# Responsible for returning a filtered system dashboard
-# containing only the default embedded metrics. In future,
-# this class may be updated to support filtering to
-# alternate metrics/panels.
-#
-# Why isn't this filtering in a processing stage? By filtering
-# here, we ensure the dynamically-determined dashboard is cached.
-#
-# Use Gitlab::Metrics::Dashboard::Finder to retrive dashboards.
-module Gitlab
-  module Metrics
-    module Dashboard
-      class DynamicDashboardService < Gitlab::Metrics::Dashboard::BaseService
-        # For the default filtering for embedded metrics,
-        # uses the 'id' key in dashboard-yml definition for
-        # identification.
-        DEFAULT_EMBEDDED_METRICS_IDENTIFIERS = %w(
-          system_metrics_kubernetes_container_memory_total
-          system_metrics_kubernetes_container_cores_total
-        ).freeze
-
-        # Returns a new dashboard with only the matching
-        # metrics from the system dashboard, stripped of groups.
-        # @return [Hash]
-        def raw_dashboard
-          panels = panel_groups.each_with_object([]) do |group, panels|
-            matched_panels = group['panels'].select { |panel| matching_panel?(panel) }
-
-            panels.concat(matched_panels)
-          end
-
-          { 'panel_groups' => [{ 'panels' => panels }] }
-        end
-
-        def cache_key
-          "dynamic_metrics_dashboard_#{metric_identifiers.join('_')}"
-        end
-
-        private
-
-        # Returns an array of the panels groups on the
-        # system dashboard
-        def panel_groups
-          Gitlab::Metrics::Dashboard::SystemDashboardService
-            .new(project, nil)
-            .raw_dashboard['panel_groups']
-        end
-
-        # Identifies a panel as "matching" if any metric ids in
-        # the panel is in the list of identifiers to collect.
-        def matching_panel?(panel)
-          panel['metrics'].any? do |metric|
-            metric_identifiers.include?(metric['id'])
-          end
-        end
-
-        def metric_identifiers
-          DEFAULT_EMBEDDED_METRICS_IDENTIFIERS
-        end
-      end
-    end
-  end
-end
diff --git a/lib/gitlab/metrics/dashboard/finder.rb b/lib/gitlab/metrics/dashboard/finder.rb
index d7491d1553d..1373830844b 100644
--- a/lib/gitlab/metrics/dashboard/finder.rb
+++ b/lib/gitlab/metrics/dashboard/finder.rb
@@ -47,22 +47,22 @@ module Gitlab
           private
 
           def service_for_path(dashboard_path, embedded:)
-            return dynamic_service if embedded
+            return embed_service if embedded
             return system_service if system_dashboard?(dashboard_path)
 
             project_service
           end
 
           def system_service
-            Gitlab::Metrics::Dashboard::SystemDashboardService
+            ::Metrics::Dashboard::SystemDashboardService
           end
 
           def project_service
-            Gitlab::Metrics::Dashboard::ProjectDashboardService
+            ::Metrics::Dashboard::ProjectDashboardService
           end
 
-          def dynamic_service
-            Gitlab::Metrics::Dashboard::DynamicDashboardService
+          def embed_service
+            ::Metrics::Dashboard::DefaultEmbedService
           end
 
           def system_dashboard?(filepath)
diff --git a/lib/gitlab/metrics/dashboard/project_dashboard_service.rb b/lib/gitlab/metrics/dashboard/project_dashboard_service.rb
deleted file mode 100644
index 5a1c4ecf886..00000000000
--- a/lib/gitlab/metrics/dashboard/project_dashboard_service.rb
+++ /dev/null
@@ -1,50 +0,0 @@
-# frozen_string_literal: true
-
-# Searches a projects repository for a metrics dashboard and formats the output.
-# Expects any custom dashboards will be located in `.gitlab/dashboards`
-# Use Gitlab::Metrics::Dashboard::Finder to retrive dashboards.
-module Gitlab
-  module Metrics
-    module Dashboard
-      class ProjectDashboardService < Gitlab::Metrics::Dashboard::BaseService
-        DASHBOARD_ROOT = ".gitlab/dashboards"
-
-        class << self
-          def all_dashboard_paths(project)
-            file_finder(project)
-              .list_files_for(DASHBOARD_ROOT)
-              .map do |filepath|
-                {
-                  path: filepath,
-                  display_name: name_for_path(filepath),
-                  default: false
-                }
-              end
-          end
-
-          def file_finder(project)
-            Gitlab::Template::Finders::RepoTemplateFinder.new(project, DASHBOARD_ROOT, '.yml')
-          end
-
-          # Grabs the filepath after the base directory.
-          def name_for_path(filepath)
-            filepath.delete_prefix("#{DASHBOARD_ROOT}/")
-          end
-        end
-
-        private
-
-        # Searches the project repo for a custom-defined dashboard.
-        def get_raw_dashboard
-          yml = self.class.file_finder(project).read(dashboard_path)
-
-          YAML.safe_load(yml)
-        end
-
-        def cache_key
-          "project_#{project.id}_metrics_dashboard_#{dashboard_path}"
-        end
-      end
-    end
-  end
-end
diff --git a/lib/gitlab/metrics/dashboard/system_dashboard_service.rb b/lib/gitlab/metrics/dashboard/system_dashboard_service.rb
deleted file mode 100644
index 82421572f4a..00000000000
--- a/lib/gitlab/metrics/dashboard/system_dashboard_service.rb
+++ /dev/null
@@ -1,49 +0,0 @@
-# frozen_string_literal: true
-
-# Fetches the system metrics dashboard and formats the output.
-# Use Gitlab::Metrics::Dashboard::Finder to retrive dashboards.
-module Gitlab
-  module Metrics
-    module Dashboard
-      class SystemDashboardService < Gitlab::Metrics::Dashboard::BaseService
-        SYSTEM_DASHBOARD_PATH = 'config/prometheus/common_metrics.yml'
-        SYSTEM_DASHBOARD_NAME = 'Default'
-
-        class << self
-          def all_dashboard_paths(_project)
-            [{
-              path: SYSTEM_DASHBOARD_PATH,
-              display_name: SYSTEM_DASHBOARD_NAME,
-              default: true
-            }]
-          end
-
-          def system_dashboard?(filepath)
-            filepath == SYSTEM_DASHBOARD_PATH
-          end
-        end
-
-        private
-
-        def dashboard_path
-          SYSTEM_DASHBOARD_PATH
-        end
-
-        # Returns the base metrics shipped with every GitLab service.
-        def get_raw_dashboard
-          yml = File.read(Rails.root.join(dashboard_path))
-
-          YAML.safe_load(yml)
-        end
-
-        def cache_key
-          "metrics_dashboard_#{dashboard_path}"
-        end
-
-        def insert_project_metrics?
-          true
-        end
-      end
-    end
-  end
-end
diff --git a/spec/controllers/projects/environments_controller_spec.rb b/spec/controllers/projects/environments_controller_spec.rb
index ebbbebf1bc0..8872e8d38e7 100644
--- a/spec/controllers/projects/environments_controller_spec.rb
+++ b/spec/controllers/projects/environments_controller_spec.rb
@@ -551,7 +551,7 @@ describe Projects::EnvironmentsController do
         end
 
         context 'when the specified dashboard is the default dashboard' do
-          let(:dashboard_path) { Gitlab::Metrics::Dashboard::SystemDashboardService::SYSTEM_DASHBOARD_PATH }
+          let(:dashboard_path) { ::Metrics::Dashboard::SystemDashboardService::SYSTEM_DASHBOARD_PATH }
 
           it_behaves_like 'the default dashboard'
         end
diff --git a/spec/lib/gitlab/metrics/dashboard/dynamic_dashboard_service_spec.rb b/spec/lib/gitlab/metrics/dashboard/dynamic_dashboard_service_spec.rb
deleted file mode 100644
index 79a78df44ae..00000000000
--- a/spec/lib/gitlab/metrics/dashboard/dynamic_dashboard_service_spec.rb
+++ /dev/null
@@ -1,36 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe Gitlab::Metrics::Dashboard::DynamicDashboardService, :use_clean_rails_memory_store_caching do
-  include MetricsDashboardHelpers
-
-  set(:project) { build(:project) }
-  set(:user) { create(:user) }
-  set(:environment) { create(:environment, project: project) }
-
-  before do
-    project.add_maintainer(user)
-  end
-
-  describe '#get_dashboard' do
-    let(:service_params) { [project, user, { environment: environment, dashboard_path: nil }] }
-    let(:service_call) { described_class.new(*service_params).get_dashboard }
-
-    it_behaves_like 'valid embedded dashboard service response'
-    it_behaves_like 'raises error for users with insufficient permissions'
-
-    it 'caches the unprocessed dashboard for subsequent calls' do
-      expect(YAML).to receive(:safe_load).once.and_call_original
-
-      described_class.new(*service_params).get_dashboard
-      described_class.new(*service_params).get_dashboard
-    end
-
-    context 'when called with a non-system dashboard' do
-      let(:dashboard_path) { 'garbage/dashboard/path' }
-
-      it_behaves_like 'valid embedded dashboard service response'
-    end
-  end
-end
diff --git a/spec/lib/gitlab/metrics/dashboard/finder_spec.rb b/spec/lib/gitlab/metrics/dashboard/finder_spec.rb
index d8ed54c0248..e57c7326320 100644
--- a/spec/lib/gitlab/metrics/dashboard/finder_spec.rb
+++ b/spec/lib/gitlab/metrics/dashboard/finder_spec.rb
@@ -8,7 +8,7 @@ describe Gitlab::Metrics::Dashboard::Finder, :use_clean_rails_memory_store_cachi
   set(:project) { build(:project) }
   set(:user) { create(:user) }
   set(:environment) { create(:environment, project: project) }
-  let(:system_dashboard_path) { Gitlab::Metrics::Dashboard::SystemDashboardService::SYSTEM_DASHBOARD_PATH}
+  let(:system_dashboard_path) { ::Metrics::Dashboard::SystemDashboardService::SYSTEM_DASHBOARD_PATH}
 
   before do
     project.add_maintainer(user)
diff --git a/spec/lib/gitlab/metrics/dashboard/project_dashboard_service_spec.rb b/spec/lib/gitlab/metrics/dashboard/project_dashboard_service_spec.rb
deleted file mode 100644
index 468e8ec9ef2..00000000000
--- a/spec/lib/gitlab/metrics/dashboard/project_dashboard_service_spec.rb
+++ /dev/null
@@ -1,89 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails_helper'
-
-describe Gitlab::Metrics::Dashboard::ProjectDashboardService, :use_clean_rails_memory_store_caching do
-  include MetricsDashboardHelpers
-
-  set(:user) { create(:user) }
-  set(:project) { create(:project) }
-  set(:environment) { create(:environment, project: project) }
-
-  before do
-    project.add_maintainer(user)
-  end
-
-  describe 'get_dashboard' do
-    let(:dashboard_path) { '.gitlab/dashboards/test.yml' }
-    let(:service_params) { [project, user, { environment: environment, dashboard_path: dashboard_path }] }
-    let(:service_call) { described_class.new(*service_params).get_dashboard }
-
-    context 'when the dashboard does not exist' do
-      it_behaves_like 'misconfigured dashboard service response', :not_found
-    end
-
-    it_behaves_like 'raises error for users with insufficient permissions'
-
-    context 'when the dashboard exists' do
-      let(:project) { project_with_dashboard(dashboard_path) }
-
-      it_behaves_like 'valid dashboard service response'
-
-      it 'caches the unprocessed dashboard for subsequent calls' do
-        expect_any_instance_of(described_class)
-          .to receive(:get_raw_dashboard)
-          .once
-          .and_call_original
-
-        described_class.new(*service_params).get_dashboard
-        described_class.new(*service_params).get_dashboard
-      end
-
-      context 'and the dashboard is then deleted' do
-        it 'does not return the previously cached dashboard' do
-          described_class.new(*service_params).get_dashboard
-
-          delete_project_dashboard(project, user, dashboard_path)
-
-          expect_any_instance_of(described_class)
-          .to receive(:get_raw_dashboard)
-          .once
-          .and_call_original
-
-          described_class.new(*service_params).get_dashboard
-        end
-      end
-    end
-
-    context 'when the dashboard is configured incorrectly' do
-      let(:project) { project_with_dashboard(dashboard_path, {}) }
-
-      it_behaves_like 'misconfigured dashboard service response', :unprocessable_entity
-    end
-  end
-
-  describe '::all_dashboard_paths' do
-    let(:all_dashboards) { described_class.all_dashboard_paths(project) }
-
-    context 'when there are no project dashboards' do
-      it 'returns an empty array' do
-        expect(all_dashboards).to be_empty
-      end
-    end
-
-    context 'when there are project dashboards available' do
-      let(:dashboard_path) { '.gitlab/dashboards/test.yml' }
-      let(:project) { project_with_dashboard(dashboard_path) }
-
-      it 'returns the dashboard attributes' do
-        expect(all_dashboards).to eq(
-          [{
-            path: dashboard_path,
-            display_name: 'test.yml',
-            default: false
-          }]
-        )
-      end
-    end
-  end
-end
diff --git a/spec/lib/gitlab/metrics/dashboard/system_dashboard_service_spec.rb b/spec/lib/gitlab/metrics/dashboard/system_dashboard_service_spec.rb
deleted file mode 100644
index 13f22dd01c5..00000000000
--- a/spec/lib/gitlab/metrics/dashboard/system_dashboard_service_spec.rb
+++ /dev/null
@@ -1,52 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe Gitlab::Metrics::Dashboard::SystemDashboardService, :use_clean_rails_memory_store_caching do
-  include MetricsDashboardHelpers
-
-  set(:user) { create(:user) }
-  set(:project) { create(:project) }
-  set(:environment) { create(:environment, project: project) }
-
-  before do
-    project.add_maintainer(user)
-  end
-
-  describe 'get_dashboard' do
-    let(:dashboard_path) { described_class::SYSTEM_DASHBOARD_PATH }
-    let(:service_params) { [project, user, { environment: environment, dashboard_path: dashboard_path }] }
-    let(:service_call) { described_class.new(*service_params).get_dashboard }
-
-    it_behaves_like 'valid dashboard service response'
-    it_behaves_like 'raises error for users with insufficient permissions'
-
-    it 'caches the unprocessed dashboard for subsequent calls' do
-      expect(YAML).to receive(:safe_load).once.and_call_original
-
-      described_class.new(*service_params).get_dashboard
-      described_class.new(*service_params).get_dashboard
-    end
-
-    context 'when called with a non-system dashboard' do
-      let(:dashboard_path) { 'garbage/dashboard/path' }
-
-      # We want to alwaus return the system dashboard.
-      it_behaves_like 'valid dashboard service response'
-    end
-  end
-
-  describe '::all_dashboard_paths' do
-    it 'returns the dashboard attributes' do
-      all_dashboards = described_class.all_dashboard_paths(project)
-
-      expect(all_dashboards).to eq(
-        [{
-          path: described_class::SYSTEM_DASHBOARD_PATH,
-          display_name: described_class::SYSTEM_DASHBOARD_NAME,
-          default: true
-        }]
-      )
-    end
-  end
-end
diff --git a/spec/services/metrics/dashboard/default_embed_service_spec.rb b/spec/services/metrics/dashboard/default_embed_service_spec.rb
new file mode 100644
index 00000000000..5b24b9b2a14
--- /dev/null
+++ b/spec/services/metrics/dashboard/default_embed_service_spec.rb
@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Metrics::Dashboard::DefaultEmbedService, :use_clean_rails_memory_store_caching do
+  include MetricsDashboardHelpers
+
+  set(:project) { build(:project) }
+  set(:user) { create(:user) }
+  set(:environment) { create(:environment, project: project) }
+
+  before do
+    project.add_maintainer(user)
+  end
+
+  describe '#get_dashboard' do
+    let(:service_params) { [project, user, { environment: environment, dashboard_path: nil }] }
+    let(:service_call) { described_class.new(*service_params).get_dashboard }
+
+    it_behaves_like 'valid embedded dashboard service response'
+    it_behaves_like 'raises error for users with insufficient permissions'
+
+    it 'caches the unprocessed dashboard for subsequent calls' do
+      expect(YAML).to receive(:safe_load).once.and_call_original
+
+      described_class.new(*service_params).get_dashboard
+      described_class.new(*service_params).get_dashboard
+    end
+
+    context 'when called with a non-system dashboard' do
+      let(:dashboard_path) { 'garbage/dashboard/path' }
+
+      it_behaves_like 'valid embedded dashboard service response'
+    end
+  end
+end
diff --git a/spec/services/metrics/dashboard/project_dashboard_service_spec.rb b/spec/services/metrics/dashboard/project_dashboard_service_spec.rb
new file mode 100644
index 00000000000..1357914be2a
--- /dev/null
+++ b/spec/services/metrics/dashboard/project_dashboard_service_spec.rb
@@ -0,0 +1,89 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe Metrics::Dashboard::ProjectDashboardService, :use_clean_rails_memory_store_caching do
+  include MetricsDashboardHelpers
+
+  set(:user) { create(:user) }
+  set(:project) { create(:project) }
+  set(:environment) { create(:environment, project: project) }
+
+  before do
+    project.add_maintainer(user)
+  end
+
+  describe 'get_dashboard' do
+    let(:dashboard_path) { '.gitlab/dashboards/test.yml' }
+    let(:service_params) { [project, user, { environment: environment, dashboard_path: dashboard_path }] }
+    let(:service_call) { described_class.new(*service_params).get_dashboard }
+
+    context 'when the dashboard does not exist' do
+      it_behaves_like 'misconfigured dashboard service response', :not_found
+    end
+
+    it_behaves_like 'raises error for users with insufficient permissions'
+
+    context 'when the dashboard exists' do
+      let(:project) { project_with_dashboard(dashboard_path) }
+
+      it_behaves_like 'valid dashboard service response'
+
+      it 'caches the unprocessed dashboard for subsequent calls' do
+        expect_any_instance_of(described_class)
+          .to receive(:get_raw_dashboard)
+          .once
+          .and_call_original
+
+        described_class.new(*service_params).get_dashboard
+        described_class.new(*service_params).get_dashboard
+      end
+
+      context 'and the dashboard is then deleted' do
+        it 'does not return the previously cached dashboard' do
+          described_class.new(*service_params).get_dashboard
+
+          delete_project_dashboard(project, user, dashboard_path)
+
+          expect_any_instance_of(described_class)
+          .to receive(:get_raw_dashboard)
+          .once
+          .and_call_original
+
+          described_class.new(*service_params).get_dashboard
+        end
+      end
+    end
+
+    context 'when the dashboard is configured incorrectly' do
+      let(:project) { project_with_dashboard(dashboard_path, {}) }
+
+      it_behaves_like 'misconfigured dashboard service response', :unprocessable_entity
+    end
+  end
+
+  describe '::all_dashboard_paths' do
+    let(:all_dashboards) { described_class.all_dashboard_paths(project) }
+
+    context 'when there are no project dashboards' do
+      it 'returns an empty array' do
+        expect(all_dashboards).to be_empty
+      end
+    end
+
+    context 'when there are project dashboards available' do
+      let(:dashboard_path) { '.gitlab/dashboards/test.yml' }
+      let(:project) { project_with_dashboard(dashboard_path) }
+
+      it 'returns the dashboard attributes' do
+        expect(all_dashboards).to eq(
+          [{
+            path: dashboard_path,
+            display_name: 'test.yml',
+            default: false
+          }]
+        )
+      end
+    end
+  end
+end
diff --git a/spec/services/metrics/dashboard/system_dashboard_service_spec.rb b/spec/services/metrics/dashboard/system_dashboard_service_spec.rb
new file mode 100644
index 00000000000..8be3e7f6064
--- /dev/null
+++ b/spec/services/metrics/dashboard/system_dashboard_service_spec.rb
@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Metrics::Dashboard::SystemDashboardService, :use_clean_rails_memory_store_caching do
+  include MetricsDashboardHelpers
+
+  set(:user) { create(:user) }
+  set(:project) { create(:project) }
+  set(:environment) { create(:environment, project: project) }
+
+  before do
+    project.add_maintainer(user)
+  end
+
+  describe 'get_dashboard' do
+    let(:dashboard_path) { described_class::SYSTEM_DASHBOARD_PATH }
+    let(:service_params) { [project, user, { environment: environment, dashboard_path: dashboard_path }] }
+    let(:service_call) { described_class.new(*service_params).get_dashboard }
+
+    it_behaves_like 'valid dashboard service response'
+    it_behaves_like 'raises error for users with insufficient permissions'
+
+    it 'caches the unprocessed dashboard for subsequent calls' do
+      expect(YAML).to receive(:safe_load).once.and_call_original
+
+      described_class.new(*service_params).get_dashboard
+      described_class.new(*service_params).get_dashboard
+    end
+
+    context 'when called with a non-system dashboard' do
+      let(:dashboard_path) { 'garbage/dashboard/path' }
+
+      # We want to alwaus return the system dashboard.
+      it_behaves_like 'valid dashboard service response'
+    end
+  end
+
+  describe '::all_dashboard_paths' do
+    it 'returns the dashboard attributes' do
+      all_dashboards = described_class.all_dashboard_paths(project)
+
+      expect(all_dashboards).to eq(
+        [{
+          path: described_class::SYSTEM_DASHBOARD_PATH,
+          display_name: described_class::SYSTEM_DASHBOARD_NAME,
+          default: true
+        }]
+      )
+    end
+  end
+end
-- 
cgit v1.2.1


From 4c10387e4302f66d338ff34adf3525f208082dce Mon Sep 17 00:00:00 2001
From: Russell Dickenson <rdickenson@gitlab.com>
Date: Mon, 29 Jul 2019 23:43:43 +0000
Subject: Changes to Repository docs for SSOT epic

Content about Repository was edited to comply with
docs standards. This is part of a SSOT epic.

- Added standard elements to each file.
- Moved content on Branches, and Compare, to the
  Branches file.
- Added a brief introduction piece to the GPG
  content.
- Lightly edited all content to improve clarity.
---
 .../repository/branches/img/compare_branches.png   | Bin 0 -> 131046 bytes
 doc/user/project/repository/branches/index.md      |  61 +++++++++++++++--
 .../project/repository/gpg_signed_commits/index.md |  75 +++++++++++++--------
 .../project/repository/img/compare_branches.png    | Bin 131046 -> 0 bytes
 doc/user/project/repository/index.md               |  52 +++++---------
 .../repository/reducing_the_repo_size_using_git.md |  16 +++++
 doc/user/project/repository/web_editor.md          |  16 +++++
 7 files changed, 151 insertions(+), 69 deletions(-)
 create mode 100644 doc/user/project/repository/branches/img/compare_branches.png
 delete mode 100644 doc/user/project/repository/img/compare_branches.png

diff --git a/doc/user/project/repository/branches/img/compare_branches.png b/doc/user/project/repository/branches/img/compare_branches.png
new file mode 100644
index 00000000000..52d5c518c45
Binary files /dev/null and b/doc/user/project/repository/branches/img/compare_branches.png differ
diff --git a/doc/user/project/repository/branches/index.md b/doc/user/project/repository/branches/index.md
index a81c9197ec1..0858e8b2624 100644
--- a/doc/user/project/repository/branches/index.md
+++ b/doc/user/project/repository/branches/index.md
@@ -1,17 +1,41 @@
+---
+type: concepts, howto
+---
+
 # Branches
 
-Read through GiLab's branching documentation:
+A branch is a version of a project's working tree. You create a branch for each
+set of related changes you make. This keeps each set of changes separate from
+each other, allowing changes to be made in parallel, without affecting each
+other.
+
+After pushing your changes to a new branch, you can:
+
+- Create a [merge request](../../merge_requests/index.md)
+- Perform inline code review
+- [Discuss](../../discussions/index.md) your implementation with your team
+- Preview changes submitted to a new branch with [Review Apps](../../../../ci/review_apps/index.md).
+
+With [GitLab Starter](https://about.gitlab.com/pricing/), you can also request
+[approval](../../merge_requests/merge_request_approvals.md) from your managers.
+
+For more information on managing branches using the GitLab UI, see:
+
+- [Default branches](#default-branch)
+- [Create a branch](../web_editor.md#create-a-new-branch)
+- [Protected branches](../../protected_branches.md#protected-branches)
+- [Delete merged branches](#delete-merged-branches)
+- [Branch filter search box](#branch-filter-search-box)
+
+You can also manage branches using the
+[command line](../../../../gitlab-basics/start-using-git.md#create-a-branch).
 
-- [Create a branch](../web_editor.md#create-a-new-branch).
-- [Default branch](#default-branch).
-- [Protected branches](../../protected_branches.md#protected-branches).
-- [Delete merged branches](#delete-merged-branches).
-- [Branch filter search box](#branch-filter-search-box).
+<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>Watch the video [GitLab Flow](https://www.youtube.com/watch?v=InKNIvky2KE).
 
 See also:
 
 - [Branches API](../../../../api/branches.md), for information on operating on repository branches using the GitLab API.
-- [GitLab Flow](../../../../university/training/gitlab_flow.md). Use the best of GitLab for your branching strategies.
+- [GitLab Flow](../../../../university/training/gitlab_flow.md) documentation.
 - [Getting started with Git](../../../../topics/git/index.md) and GitLab.
 
 ## Default branch
@@ -29,6 +53,17 @@ The default branch is also protected against accidental deletion. Read through
 the documentation on [protected branches](../../protected_branches.md#protected-branches)
 to learn more.
 
+## Compare
+
+To compare branches in a repository:
+
+1. Navigate to your project's repository.
+1. Select **Repository > Compare** in the sidebar.
+1. Select branches to compare using the [branch filter search box](#branch-filter-search-box)
+1. Click **Compare** to view the changes inline:
+
+![compare branches](img/compare_branches.png)
+
 ## Delete merged branches
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6449) in GitLab 8.14.
@@ -57,3 +92,15 @@ Sometimes when you have hundreds of branches you may want a more flexible matchi
 
 - `^feature` will only match branch names that begin with 'feature'.
 - `feature$` will only match branch names that end with 'feature'.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/project/repository/gpg_signed_commits/index.md b/doc/user/project/repository/gpg_signed_commits/index.md
index 3b0a045ef9c..b929c6a681a 100644
--- a/doc/user/project/repository/gpg_signed_commits/index.md
+++ b/doc/user/project/repository/gpg_signed_commits/index.md
@@ -1,38 +1,39 @@
-# Signing commits with GPG
+---
+type: concepts, howto
+---
 
-NOTE: **Note:**
-The term GPG is used for all OpenPGP/PGP/GPG related material and
-implementations.
+# Signing commits with GPG
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9546) in GitLab 9.5.
 > - Subkeys support was added in GitLab 10.1.
 
-GitLab can show whether a commit is verified or not when signed with a GPG key.
-All you need to do is upload the public GPG key in your profile settings.
+You can use a GPG key to sign Git commits made in a GitLab repository. Signed
+commits are labeled **Verified** if the identity of the committer can be
+verified. To verify the identity of a committer, GitLab requires their public
+GPG key.
 
-GPG verified tags are not supported yet.
+NOTE: **Note:**
+The term GPG is used for all OpenPGP/PGP/GPG related material and
+implementations.
 
-## Getting started with GPG
+GPG verified tags are not supported yet.
 
-Here are a few guides to get you started with GPG:
-
-- [Git Tools - Signing Your Work](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work)
-- [Managing OpenPGP Keys](https://riseup.net/en/security/message-security/openpgp/gpg-keys)
-- [OpenPGP Best Practices](https://riseup.net/en/security/message-security/openpgp/best-practices)
-- [Creating a new GPG key with subkeys](https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/) (advanced)
+See the [further reading](#further-reading) section for more details on GPG.
 
 ## How GitLab handles GPG
 
 GitLab uses its own keyring to verify the GPG signature. It does not access any
 public key server.
 
-In order to have a commit verified on GitLab the corresponding public key needs
-to be uploaded to GitLab. For a signature to be verified three conditions need
-to be met:
+For a commit to be verified by GitLab:
 
-1. The public key needs to be added your GitLab account
-1. One of the emails in the GPG key matches a **verified** email address you use in GitLab
-1. The committer's email matches the verified email from the gpg key
+- The committer must have a GPG public/private key pair.
+- The committer's public key must have been uploaded to their GitLab
+  account.
+- One of the emails in the GPG key must match a **verified** email address
+  used by the committer in GitLab.
+- The committer's email address must match the verified email address from the
+  GPG key.
 
 ## Generating a GPG key
 
@@ -65,8 +66,7 @@ started:
    Your selection? 1
    ```
 
-1. The next question is key length. We recommend to choose the highest value
-   which is `4096`:
+1. The next question is key length. We recommend you choose `4096`:
 
    ```
    RSA keys may be between 1024 and 4096 bits long.
@@ -74,8 +74,8 @@ started:
    Requested keysize is 4096 bits
    ```
 
-1. Next, you need to specify the validity period of your key. This is something
-   subjective, and you can use the default value which is to never expire:
+1. Specify the validity period of your key. This is something
+   subjective, and you can use the default value, which is to never expire:
 
    ```
    Please specify how long the key should be valid.
@@ -94,9 +94,9 @@ started:
    Is this correct? (y/N) y
    ```
 
-1. Enter you real name, the email address to be associated with this key (should
-   match a verified email address you use in GitLab) and an optional comment
-   (press <kbd>Enter</kbd> to skip):
+1. Enter your real name, the email address to be associated with this key
+   (should match a verified email address you use in GitLab) and an optional
+   comment (press <kbd>Enter</kbd> to skip):
 
    ```
    GnuPG needs to construct a user ID to identify your key.
@@ -270,3 +270,24 @@ via [push rules](../../../../push_rules/push_rules.md).
 ## GPG signing API
 
 Learn how to [get the GPG signature from a commit via API](../../../../api/commits.md#get-gpg-signature-of-a-commit).
+
+## Further reading
+
+For more details about GPG, see:
+
+- [Git Tools - Signing Your Work](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work)
+- [Managing OpenPGP Keys](https://riseup.net/en/security/message-security/openpgp/gpg-keys)
+- [OpenPGP Best Practices](https://riseup.net/en/security/message-security/openpgp/best-practices)
+- [Creating a new GPG key with subkeys](https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/) (advanced)
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/project/repository/img/compare_branches.png b/doc/user/project/repository/img/compare_branches.png
deleted file mode 100644
index 52d5c518c45..00000000000
Binary files a/doc/user/project/repository/img/compare_branches.png and /dev/null differ
diff --git a/doc/user/project/repository/index.md b/doc/user/project/repository/index.md
index 5b5685b3418..84d63d29929 100644
--- a/doc/user/project/repository/index.md
+++ b/doc/user/project/repository/index.md
@@ -1,3 +1,7 @@
+---
+type: concepts, howto
+---
+
 # Repository
 
 A [repository](https://git-scm.com/book/en/v2/Git-Basics-Getting-a-Git-Repository)
@@ -111,33 +115,7 @@ GitLab.
 
 ## Branches
 
-When you submit changes in a new [branch](branches/index.md), you create a new version
-of that project's file tree. Your branch contains all the changes
-you are presenting, which are detected by Git line by line.
-
-To continue your workflow, once you pushed your changes to a new branch,
-you can create a [merge request](../merge_requests/index.md), perform
-inline code review, and [discuss](../../discussions/index.md)
-your implementation with your team.
-You can live preview changes submitted to a new branch with
-[Review Apps](../../../ci/review_apps/index.md).
-
-With [GitLab Starter](https://about.gitlab.com/pricing/), you can also request
-[approval](../merge_requests/merge_request_approvals.md) from your managers.
-
-To create, delete, and view [branches](branches/index.md) via GitLab's UI:
-
-- [Default branches](branches/index.md#default-branch)
-- [Create a branch](web_editor.md#create-a-new-branch)
-- [Protected branches](../protected_branches.md#protected-branches)
-- [Delete merged branches](branches/index.md#delete-merged-branches)
-- [Branch filter search box](branches/index.md#branch-filter-search-box)
-
-Alternatively, you can use the
-[command line](../../../gitlab-basics/start-using-git.md#create-a-branch).
-
-To learn more about branching strategies read through the
-[GitLab Flow](../../../university/training/gitlab_flow.md) documentation.
+For details, see [Branches](branches/index.md).
 
 ## Commits
 
@@ -213,14 +191,6 @@ detected, add the following to `.gitattributes` in the root of your repository.
 
 > *.proto linguist-detectable=true
 
-## Compare
-
-Select branches to compare using the [branch filter search box](branches/index.md#branch-filter-search-box), then click the **Compare** button to view the changes inline:
-
-![compare branches](img/compare_branches.png)
-
-Find it under your project's **Repository > Compare**.
-
 ## Locked files **(PREMIUM)**
 
 Use [File Locking](../file_lock.md) to
@@ -256,3 +226,15 @@ By clicking the download icon, a dropdown will open with links to download the f
   `tar`, `tar.gz`, and `tar.bz2`.
 - **Artifacts:**
   allows users to download the artifacts of the latest CI build.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/project/repository/reducing_the_repo_size_using_git.md b/doc/user/project/repository/reducing_the_repo_size_using_git.md
index 7c711bc0b3b..3adf66e4b6f 100644
--- a/doc/user/project/repository/reducing_the_repo_size_using_git.md
+++ b/doc/user/project/repository/reducing_the_repo_size_using_git.md
@@ -1,3 +1,7 @@
+---
+type: howto
+---
+
 # Reducing the repository size using Git
 
 A GitLab Enterprise Edition administrator can set a [repository size limit](../../admin_area/settings/account_and_limit_settings.md)
@@ -139,3 +143,15 @@ purposes!
    ```
 
 Your repository should now be below the size limit.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/project/repository/web_editor.md b/doc/user/project/repository/web_editor.md
index 0116f0fe7ca..09a5cdabc00 100644
--- a/doc/user/project/repository/web_editor.md
+++ b/doc/user/project/repository/web_editor.md
@@ -1,3 +1,7 @@
+---
+type: howto
+---
+
 # GitLab Web Editor
 
 Sometimes it's easier to make quick changes directly from the GitLab interface
@@ -169,3 +173,15 @@ through the web editor, you can choose to use another of your linked email
 addresses from the **User Settings > Edit Profile** page.
 
 [ce-2808]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/2808
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
-- 
cgit v1.2.1


From 7caf8e29fa2789d97d7b45a3715a18d8b08b33a9 Mon Sep 17 00:00:00 2001
From: DeAndre Harris <dharris@gitlab.com>
Date: Mon, 29 Jul 2019 23:51:47 +0000
Subject: Adds troubleshooting guidance to SAML SCIM setup docs

---
 doc/user/group/saml_sso/scim_setup.md | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/doc/user/group/saml_sso/scim_setup.md b/doc/user/group/saml_sso/scim_setup.md
index bc74725bbc9..ab48c9080a9 100644
--- a/doc/user/group/saml_sso/scim_setup.md
+++ b/doc/user/group/saml_sso/scim_setup.md
@@ -78,7 +78,7 @@ During this configuration, note the following:
 - It is recommended to set a notification email and check the **Send an email notification when a failure occurs** checkbox.
 - For mappings, we will only leave `Synchronize Azure Active Directory Users to AppName` enabled.
 
-You can then test the connection by clicking on **Test Connection**. If the connection is successful, be sure to save your configuration before moving on.
+You can then test the connection by clicking on **Test Connection**. If the connection is successful, be sure to save your configuration before moving on. See below for [troubleshooting](#troubleshooting).
 
 #### Configure attribute mapping
 
@@ -118,14 +118,8 @@ You can then test the connection by clicking on **Test Connection**. If the conn
 Once enabled, the synchronization details and any errors will appear on the
 bottom of the **Provisioning** screen, together with a link to the audit logs.
 
-<!-- ## Troubleshooting
+## Troubleshooting
 
-Include any troubleshooting steps that you can foresee. If you know beforehand what issues
-one might have when setting this up, or when something is changed, or on upgrading, it's
-important to describe those, too. Think of things that may go wrong and include them here.
-This is important to minimize requests for support, and to avoid doc comments with
-questions that you know someone might ask.
+### Testing Azure connection: invalid credentials
 
-Each scenario can be a third-level heading, e.g. `### Getting error message X`.
-If you have none to add when creating a doc, leave this section in place
-but commented out to help encourage others to add to it in the future. -->
+When testing the connection, you may encounter an error: **You appear to have entered invalid credentials. Please confirm you are using the correct information for an administrative account**. If `Tenant URL` and `secret token` are correct, check whether your group path contains characters that may be considered invalid JSON primitives (such as `.`). Removing such characters from the group path typically resolves the error.
-- 
cgit v1.2.1


From d869b636a350126d5b6605244a62ac540c7fb72d Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Tue, 30 Jul 2019 02:25:10 +0000
Subject: Add gradle to not-yet-supported list

---
 doc/user/application_security/dependency_scanning/index.md | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md
index 6a810757a28..10b4d9d4c7c 100644
--- a/doc/user/application_security/dependency_scanning/index.md
+++ b/doc/user/application_security/dependency_scanning/index.md
@@ -52,14 +52,15 @@ The following languages and dependency managers are supported.
 
 | Language (package managers)  | Supported | Scan tool(s) |
 |----------------------------- | --------- | ------------ |
+| Java ([Gradle](https://gradle.org/)) | not currently ([issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/13075 "Dependency Scanning for Gradle" )) | not available |
+| Java ([Maven](https://maven.apache.org/)) | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) |
 | JavaScript ([npm](https://www.npmjs.com/), [yarn](https://yarnpkg.com/en/)) | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium), [Retire.js](https://retirejs.github.io/retire.js)         |
+| Go ([Golang](https://golang.org/)) | not currently ([issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/7132 "Dependency Scanning for Go")) | not available |
+| PHP ([Composer](https://getcomposer.org/))  | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) |
 | Python ([pip](https://pip.pypa.io/en/stable/)) (only `requirements.txt` supported)  | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) |
+| Python ([Pipfile](https://docs.pipenv.org/en/latest/basics/)) | not currently ([issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/11756 "Pipfile.lock support for Dependency Scanning"))| not available |
+| Python ([poetry](https://poetry.eustace.io/)) | not currently ([issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/7006 "Support Poetry in Dependency Scanning")) | not available |
 | Ruby ([gem](https://rubygems.org/)) | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium), [bundler-audit](https://github.com/rubysec/bundler-audit) |
-| Java ([Maven](https://maven.apache.org/)) | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) |
-| PHP ([Composer](https://getcomposer.org/))  | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) |
-| Python ([poetry](https://poetry.eustace.io/)) | no ([issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/7006 "Support Poetry in Dependency Scanning")) | not available |
-| Python ([Pipfile](https://docs.pipenv.org/en/latest/basics/)) | no ([issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/11756 "Pipfile.lock support for Dependency Scanning"))| not available |
-| Go ([Golang](https://golang.org/)) | no ([issue](https://gitlab.com/gitlab-org/gitlab-ee/issues/7132 "Dependency Scanning for Go")) | not available |
 
 ## Remote checks
 
-- 
cgit v1.2.1


From 7f18248aa6552b843273e9a95edbc5663c0a5426 Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Tue, 30 Jul 2019 05:02:59 +0000
Subject: First pass to bring /gitlab-basics to SSoT standards

Removes duplicated information, and combines sections and files
together when they are duplicated or highly related. Also adds
intros to all pages and sections missing intros, and troubleshooting
sections to pages that may need them in the future. Links more to
other docs, and clarifies language when abosolutely necessary, and
adds angle brackets to sample parameters.
---
 doc/gitlab-basics/README.md                |  27 +++--
 doc/gitlab-basics/add-file.md              |  92 ++++++++++++++-
 doc/gitlab-basics/add-image.md             |  59 +---------
 doc/gitlab-basics/add-merge-request.md     |  39 +++++--
 doc/gitlab-basics/basic-git-commands.md    |   6 +-
 doc/gitlab-basics/command-line-commands.md | 148 ++++++++++-------------
 doc/gitlab-basics/create-branch.md         |  20 ++--
 doc/gitlab-basics/create-project.md        |  87 ++++++++------
 doc/gitlab-basics/create-your-ssh-keys.md  |  27 +++--
 doc/gitlab-basics/fork-project.md          |  19 +--
 doc/gitlab-basics/start-using-git.md       | 182 +++++++++++++++++------------
 11 files changed, 396 insertions(+), 310 deletions(-)

diff --git a/doc/gitlab-basics/README.md b/doc/gitlab-basics/README.md
index fd16047b8e4..fc3d36910f2 100644
--- a/doc/gitlab-basics/README.md
+++ b/doc/gitlab-basics/README.md
@@ -1,15 +1,18 @@
 ---
 comments: false
+type: index
 ---
 
 # GitLab basics guides
 
-This section provides resources to help you start with GitLab by focusing on basic functionality.
+This section provides resources to help you start working with GitLab and Git by focusing
+on the basic features that you will need to use.
 
 This documentation is split into the following groups:
 
 - [GitLab-specific functionality](#gitlab-basics), for basic GitLab features.
-- [General Git functionality](#git-basics), for working with Git in conjunction with GitLab.
+- [General Git functionality](#working-with-git-from-the-command-line), for working
+  with Git in conjunction with GitLab.
 
 ## GitLab basics
 
@@ -17,22 +20,26 @@ The following are guides to basic GitLab functionality:
 
 - [Create and add your SSH public key](create-your-ssh-keys.md), for enabling Git over SSH.
 - [Create a project](create-project.md), to start using GitLab.
-- [Create a group](../user/group/index.md#create-a-new-group), to combine and administer projects together.
+- [Create a group](../user/group/index.md#create-a-new-group), to combine and administer
+  projects together.
 - [Create a branch](create-branch.md), to make changes to files stored in a project's repository.
 - [Fork a project](fork-project.md), to duplicate projects so they can be worked on in parallel.
 - [Add a file](add-file.md), to add new files to a project's repository.
-- [Add an image](add-image.md), to add new images to a project's repository.
-- [Create an issue](../user/project/issues/managing_issues.md#create-a-new-issue), to start collaborating within a project.
-- [Create a merge request](add-merge-request.md), to request changes made in a branch be merged into a project's repository.
-- See how these features come together in the [GitLab Flow introduction video](https://youtu.be/InKNIvky2KE) and [GitLab Flow page](../workflow/gitlab_flow.md).
+- [Create an issue](../user/project/issues/managing_issues.md#create-a-new-issue),
+  to start collaborating within a project.
+- [Create a merge request](add-merge-request.md), to request changes made in a branch
+  be merged into a project's repository.
+- See how these features come together in the [GitLab Flow introduction video](https://youtu.be/InKNIvky2KE)
+  and [GitLab Flow page](../workflow/gitlab_flow.md).
 
-## Git basics
+## Working with Git from the command line
 
-If you're familiar with Git on the command line, you can interact with your GitLab projects just as you would with any other Git repository.
+If you're familiar with Git on the command line, you can interact with your GitLab
+projects just as you would with any other Git repository.
 
 These resources will help get further acclimated to working on the command line.
 
 - [Start using Git on the command line](start-using-git.md), for some simple Git commands.
 - [Command line basics](command-line-commands.md), to create and edit files using the command line.
 
-More Git resources are available at GitLab's [Git documentation](../topics/git/index.md).
+More Git resources are available in GitLab's [Git documentation](../topics/git/index.md).
diff --git a/doc/gitlab-basics/add-file.md b/doc/gitlab-basics/add-file.md
index e9fbcbc23a9..41cc8bc4aeb 100644
--- a/doc/gitlab-basics/add-file.md
+++ b/doc/gitlab-basics/add-file.md
@@ -1,5 +1,91 @@
-# How to add a file
+---
+type: howto
+---
 
-You can create a file in your [terminal](command-line-commands.md) and push
-to GitLab or you can use the
+# Add a file to a repository
+
+Adding files to a repository is a small, but key task. Bringing files in to a repository,
+such as code, images, or documents, allows them to be tracked by Git, even though they
+may have been created elsewhere.
+
+You can add a file to a repository in your [terminal](#add-a-file-using-the-command-line), and
+then push to GitLab. You can also use the [web interface](../user/project/repository/web_editor.md#upload-a-file),
+which may be a simpler solution.
+
+If you need to create a file first, for example a `README.md` text file, that can
+also be done from the [terminal](command-line-commands.md#create-a-text-file-in-the-current-directory) or
 [web interface](../user/project/repository/web_editor.md#create-a-file).
+
+## Add a file using the command line
+
+Open a [terminal/shell](command-line-commands.md), and change into the folder of your
+GitLab project. This usually means running the following command until you get
+to the desired destination:
+
+```sh
+cd <destination folder>
+```
+
+[Create a branch](create-branch.md) to add your file to, before it is added to the master
+(main) branch of the project. It is not strictly necessary, but working directly in
+the `master` branch is not recommended unless your project is very small, and you are
+the only person working on it. You can [switch to an existing branch](start-using-git.md#work-on-an-existing-branch),
+if you have one already.
+
+Using your standard tool for copying files (for example, Finder in macOS, or File Explorer
+in Windows), put the file into a directory within the GitLab project.
+
+Check if your file is actually present in the directory (if you are in Windows,
+use `dir` instead):
+
+```sh
+ls
+```
+
+You should see the name of the file in the list shown.
+
+Check the status:
+
+```sh
+git status
+```
+
+Your file's name should appear in red, so `git` took notice of it! Now add it
+to the repository:
+
+```sh
+git add <name of file>
+```
+
+Check the status again, your file's name should have turned green:
+
+```sh
+git status
+```
+
+Commit (save) your file to the repository:
+
+```sh
+git commit -m "DESCRIBE COMMIT IN A FEW WORDS"
+```
+
+Now you can push (send) your changes (in the branch `<branch-name>`) to GitLab
+(the git remote named 'origin'):
+
+```sh
+git push origin <branch-name>
+```
+
+Your image will be added to your branch in your repository in GitLab.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/gitlab-basics/add-image.md b/doc/gitlab-basics/add-image.md
index 17c210c43e0..11a4a6bbd97 100644
--- a/doc/gitlab-basics/add-image.md
+++ b/doc/gitlab-basics/add-image.md
@@ -1,56 +1,5 @@
-# How to add an image
+---
+redirect_to: 'add-file.md'
+---
 
-Using your standard tool for copying files (e.g. Finder in Mac OS, or Explorer
-in Windows, or...), put the image file into the GitLab project. You can find the
-project as a regular folder in your files.
-
-Go to your [shell](command-line-commands.md), and move into the folder of your
-GitLab project. This usually means running the following command until you get
-to the desired destination:
-
-```
-cd NAME-OF-FOLDER-YOU'D-LIKE-TO-OPEN
-```
-
-Check if your image is actually present in the directory (if you are in Windows,
-use `dir` instead):
-
-```
-ls
-```
-
-You should see the name of the image in the list shown.
-
-Check the status:
-
-```
-git status
-```
-
-Your image's name should appear in red, so `git` took notice of it! Now add it
-to the repository:
-
-```
-git add NAME-OF-YOUR-IMAGE
-```
-
-Check the status again, your image's name should have turned green:
-
-```
-git status
-```
-
-Commit:
-
-```
-git commit -m "DESCRIBE COMMIT IN A FEW WORDS"
-```
-
-Now you can push (send) your changes (in the branch NAME-OF-BRANCH) to GitLab
-(the git remote named 'origin'):
-
-```
-git push origin NAME-OF-BRANCH
-```
-
-Your image will be added to your branch in your repository in GitLab.
+This document was moved to [another location](add-file.md).
diff --git a/doc/gitlab-basics/add-merge-request.md b/doc/gitlab-basics/add-merge-request.md
index 7bb2e014738..1a6a26152fa 100644
--- a/doc/gitlab-basics/add-merge-request.md
+++ b/doc/gitlab-basics/add-merge-request.md
@@ -1,9 +1,16 @@
+---
+type: howto
+---
+
 # How to create a merge request
 
-Merge requests are useful to integrate separate changes that you've made to a
-project, on different branches. This is a brief guide on how to create a merge
-request. For more information, check the
-[merge requests documentation](../user/project/merge_requests/index.md).
+Merge requests are how you integrate separate changes that you've made in a
+[branch](create-branch.md) to a [project](create-project.md).
+
+This is a brief guide on how to create a merge request. For more detailed information,
+check the [merge requests documentation](../user/project/merge_requests/index.md), or
+you can watch our [GitLab Flow video](https://www.youtube.com/watch?v=InKNIvky2KE) for
+a quick overview of working with merge requests.
 
 ---
 
@@ -12,19 +19,31 @@ request. For more information, check the
 1. Go to the project where you'd like to merge your changes and click on the
    **Merge requests** tab.
 1. Click on **New merge request** on the right side of the screen.
-1. From there on, you have the option to select the source branch and the target
+1. From there, you have the option to select the source branch and the target
    branch you'd like to compare to. The default target project is the upstream
    repository, but you can choose to compare across any of its forks.
 
-    ![Select a branch](img/merge_request_select_branch.png)
+   ![Select a branch](img/merge_request_select_branch.png)
 
 1. When ready, click on the **Compare branches and continue** button.
 1. At a minimum, add a title and a description to your merge request. Optionally,
-   select a user to review your merge request and to accept or close it. You may
-   also select a milestone and labels.
+   select a user to review your merge request. You may also select a milestone and
+   labels.
 
-    ![New merge request page](img/merge_request_page.png)
+   ![New merge request page](img/merge_request_page.png)
 
 1. When ready, click on the **Submit merge request** button.
 
-Your merge request will be ready to be approved and merged.
+Your merge request will be ready to be reviewed, approved, and merged.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/gitlab-basics/basic-git-commands.md b/doc/gitlab-basics/basic-git-commands.md
index c2a3415cbc4..4e0cc2de2bc 100644
--- a/doc/gitlab-basics/basic-git-commands.md
+++ b/doc/gitlab-basics/basic-git-commands.md
@@ -1,3 +1,5 @@
-# Basic Git commands
+---
+redirect_to: 'start-using-git.md'
+---
 
-This section is now merged into [Start using Git](start-using-git.md).
+This document was moved to [another location](start-using-git.md).
diff --git a/doc/gitlab-basics/command-line-commands.md b/doc/gitlab-basics/command-line-commands.md
index b8ebbbea9d4..ed70d3ce598 100644
--- a/doc/gitlab-basics/command-line-commands.md
+++ b/doc/gitlab-basics/command-line-commands.md
@@ -1,75 +1,47 @@
-# Command Line basic commands
-
-## Start working on your project
-
-In Git, when you copy a project you say you "clone" it. To work on a git project locally (from your own computer), you will need to clone it. To do this, sign in to GitLab.
-
-When you are on your Dashboard, click on the project that you'd like to clone.
-To work in the project, you can copy a link to the Git repository through a SSH
-or a HTTPS protocol. SSH is easier to use after it's been
-[set up](create-your-ssh-keys.md). While you are at the **Project** tab, select
-HTTPS or SSH from the dropdown menu and copy the link using the _Copy URL to clipboard_
-button (you'll have to paste it on your shell in the next step).
-
-![Copy the HTTPS or SSH](img/project_clone_url.png)
-
-## Working with project files on the command line
-
-This section has examples of some basic shell commands that you might find useful. For more information, search the web for _bash commands_.
-
-Alternatively, you can edit files using your choice of editor (IDE) or the GitLab user interface.
-
-### Clone your project
-
-Go to your computer's shell and type the following command with your SSH or HTTPS URL:
+---
+type: howto, reference
+---
 
-```
-git clone PASTE HTTPS OR SSH HERE
-```
-
-A clone of the project will be created in your computer.
-
-NOTE: **Note:**
-If you clone your project via a URL that contains special characters, make sure
-that characters are URL-encoded.
-
-### Go into a project directory to work in it
-
-```
-cd NAME-OF-PROJECT
-```
+# Command Line basic commands
 
-### Go back one directory
+When [working with Git from the command line](start-using-git.md), you will need to
+use more than just the Git commands. There are several basic commands that you should
+learn, in order to make full use of the command line.
 
-```
-cd ..
-```
+## Start working on your project
 
-### List what’s in the current directory
+To work on a git project locally (from your own computer), with the command line,
+first you will need to [clone (copy) it](start-using-git.md#clone-a-repository) to
+your computer.
 
-```
-ls
-```
+## Working with files on the command line
 
-### List what’s in the current directory that starts with `a`
+This section has examples of some basic shell commands that you might find useful.
+For more information, search the web for _bash commands_.
 
-```
-ls a*
-```
+Alternatively, you can edit files using your choice of editor (IDE), or the GitLab user
+interface (not locally).
 
-### List what’s in the current directory that ends with `.md`
+### Common commands
 
-```
-ls *.md
-```
+The list below is not exhaustive, but contains many of the most commonly used commands.
 
-### Create a new directory
+| Command                        | Description                                 |
+|--------------------------------|---------------------------------------------|
+| `cd NAME-OF-DIRECTORY`         | Go into a directory to work in it           |
+| `cd ..`                        | Go back one directory                       |
+| `ls`                           | List what’s in the current directory        |
+| `ls a*`                        | List what’s in the current directory that starts with `a` |
+| `ls *.md`                      | List what’s in the current directory that ends with `.md` |
+| `mkdir NAME-OF-YOUR-DIRECTORY` | Create a new directory                      |
+| `cat README.md`                | Display the contents of a [text file you created previously](#create-a-text-file-in-the-current-directory) |
+| `pwd`                          | Show the current directory                  |
+| `clear`                        | Clear the shell window                      |
 
-```
-mkdir NAME-OF-YOUR-DIRECTORY
-```
+### Create a text file in the current directory
 
-### Create a README.md file in the current directory
+To create a text file from the command line, for example `README.md`, follow these
+steps:
 
 ```
 touch README.md
@@ -80,37 +52,37 @@ nano README.md
 #### Press: enter
 ```
 
-### Show the contents of the README.md file
+### Remove a file or directory
 
-```
-cat README.md
-```
-
-### Remove a file
+It is easy to delete (remove) a file or directory, but be careful:
 
 DANGER: **Danger:**
-This will permanently delete the file.
+This will **permanently** delete a file.
 
 ```
 rm NAME-OF-FILE
 ```
 
-### Remove a directory and all of its contents
-
 DANGER: **Danger:**
-This will permanently delete the directory and all of its contents.
+This will **permanently** delete a directory and **all** of its contents.
 
 ```
 rm -r NAME-OF-DIRECTORY
 ```
 
-### View command history
+### View and Execute commands from history
+
+You can view the history of all the commands you executed from the command line,
+and then execute any of them again, if needed.
+
+First, list the commands you executed previously:
 
 ```
 history
 ```
 
-### Execute command 123 from history
+Then, choose a command from the list and check the number next to the command (`123`,
+for example) . Execute the same full command with:
 
 ```
 !123
@@ -118,28 +90,32 @@ history
 
 ### Carry out commands for which the account you are using lacks authority
 
-You will be asked for an administrator’s password.
+Not all commands can be executed from a basic user account on a computer, you may
+need administrator's rights to execute commands that affect the system, or try to access
+protected data, for example. You can use `sudo` to execute these commands, but you
+will likely be asked for an administrator password.
 
 ```
-sudo COMMAND
+sudo RESTRICTED-COMMAND
 ```
 
 CAUTION: **Caution:**
 Be careful of the commands you run with `sudo`. Certain commands may cause
-damage to your data and system.
+damage to your data or system.
 
-### Show which directory I am in
+## Sample Git taskflow
 
-```
-pwd
-```
-
-### Clear the shell window
+If you are completely new to Git, looking through some [sample taskflows](https://rogerdudler.github.io/git-guide/)
+will help you understand the best practices for using these commands as you work.
 
-```
-clear
-```
+<!-- ## Troubleshooting
 
-### Sample Git taskflow
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
 
-If you are completely new to Git, looking through some [sample taskflows](https://rogerdudler.github.io/git-guide/) will help you understand best practices for using these commands as you work.
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/gitlab-basics/create-branch.md b/doc/gitlab-basics/create-branch.md
index ad94f0dad29..e2a2fb52af8 100644
--- a/doc/gitlab-basics/create-branch.md
+++ b/doc/gitlab-basics/create-branch.md
@@ -1,12 +1,16 @@
+---
+type: howto
+---
+
 # How to create a branch
 
-A branch is an independent line of development.
+A branch is an independent line of development in a [project](../user/project/index.md).
 
-New commits are recorded in the history for the current branch, which results
-in taking the source from someone’s repository (the place where the history of
-your work is stored) at certain point in time, and apply your own changes to it
-in the history of the project.
+When you create a new branch (in your [terminal](basic-git-commands.md) or with
+[the web interface](../user/project/repository/web_editor.md#create-a-new-branch)),
+you are creating a snapshot of a certain branch, usually the main `master` branch,
+at it's current state. From there, you can start to make your own changes without
+affecting the main codebase. The history of your changes will be tracked in your branch.
 
-To add changes to your GitLab project, you should create a branch. You can do
-it in your [terminal](basic-git-commands.md) or by
-[using the web interface](../user/project/repository/web_editor.md#create-a-new-branch).
+When your changes are ready, you then merge them into the rest of the codebase with a
+[merge request](add-merge-request.md).
diff --git a/doc/gitlab-basics/create-project.md b/doc/gitlab-basics/create-project.md
index 2caf7dbbc7a..1833b27a292 100644
--- a/doc/gitlab-basics/create-project.md
+++ b/doc/gitlab-basics/create-project.md
@@ -1,10 +1,13 @@
-# Create a project
+---
+type: howto
+---
 
-[Projects](../user/project/index.md) combine many features of GitLab together.
+# Creating projects
 
-NOTE: **Note:**
-For a list of words that cannot be used as project names see
-[Reserved project and group names](../user/reserved_names.md).
+Most work in GitLab is done within a [Project](../user/project/index.md). Files and
+code are saved in projects, and most features are used within the scope of projects.
+
+## Create a project in GitLab
 
 To create a project in GitLab:
 
@@ -14,11 +17,14 @@ To create a project in GitLab:
    - Create a [blank project](#blank-projects).
    - Create a project using with one of the available [project templates](#project-templates).
    - [Import a project](../user/project/import/index.md) from a different repository,
-     if enabled on your GitLab instance. Contact your GitLab admin if this
-     is unavailable.
+     if enabled on your GitLab instance. Contact your GitLab admin if this is unavailable.
    - Run [CI/CD pipelines for external repositories](../ci/ci_cd_for_external_repos/index.md). **(PREMIUM)**
 
-## Blank projects
+NOTE: **Note:**
+For a list of words that cannot be used as project names see
+[Reserved project and group names](../user/reserved_names.md).
+
+### Blank projects
 
 To create a new blank project on the **New project** page:
 
@@ -37,23 +43,25 @@ To create a new blank project on the **New project** page:
      can be cloned.
 1. Click **Create project**.
 
-## Project templates
+### Project templates
 
-Project templates can pre-populate your project with necessary files to get you started quickly.
+Project templates can pre-populate a new project with the necessary files to get you
+started quickly.
 
 There are two types of project templates:
 
 - [Built-in templates](#built-in-templates), sourced from the following groups:
   - [`project-templates`](https://gitlab.com/gitlab-org/project-templates)
   - [`pages`](https://gitlab.com/pages)
-- [Custom project templates](#custom-project-templates-premium-only), for custom templates configured by GitLab administrators and users.
+- [Custom project templates](#custom-project-templates-premium-only), for custom templates
+  configured by GitLab administrators and users.
 
-### Built-in templates
+#### Built-in templates
 
 Built-in templates are project templates that are:
 
-- Developed and maintained in the
-  [`project-templates`](https://gitlab.com/gitlab-org/project-templates) and [`pages`](https://gitlab.com/pages) groups.
+- Developed and maintained in the [`project-templates`](https://gitlab.com/gitlab-org/project-templates)
+  and [`pages`](https://gitlab.com/pages) groups.
 - Released with GitLab.
 
 To use a built-in template on the **New project** page:
@@ -62,22 +70,25 @@ To use a built-in template on the **New project** page:
 1. From the list of available built-in templates, click the:
    - **Preview** button to look at the template source itself.
    - **Use template** button to start creating the project.
-1. Finish creating the project by filling out the project's details. The process is the same as for
-   using a [blank project](#blank-projects).
+1. Finish creating the project by filling out the project's details. The process is
+   the same as creating a [blank project](#blank-projects).
 
 TIP: **Tip:**
-You can improve the existing built-in templates or contribute new ones on the
-[`project-templates`](https://gitlab.com/gitlab-org/project-templates) and [`pages`](https://gitlab.com/pages) groups.
+You can improve the existing built-in templates or contribute new ones in the
+[`project-templates`](https://gitlab.com/gitlab-org/project-templates) and
+[`pages`](https://gitlab.com/pages) groups.
 
-### Custom project templates **(PREMIUM ONLY)**
+#### Custom project templates **(PREMIUM ONLY)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/6860) in
 [GitLab Premium](https://about.gitlab.com/pricing) 11.2.
 
-Creating new projects based on custom project templates is a convenient option to bootstrap a project.
+Creating new projects based on custom project templates is a convenient option to
+bootstrap a project.
 
-Custom projects are available from the **Instance** or **Group** tabs under the **Create from template** tab,
-depending on the type of template.
+Custom projects are available at the [instance-level](../user/admin_area/custom_project_templates.md)
+from the **Instance** tab, or at the [group-level](../user/group/custom_project_templates.md)
+from the **Group** tab, under the **Create from template** tab.
 
 To use a custom project template on the **New project** page:
 
@@ -85,23 +96,19 @@ To use a custom project template on the **New project** page:
 1. From the list of available custom templates, click the:
    - **Preview** button to look at the template source itself.
    - **Use template** button to start creating the project.
-1. Finish creating the project by filling out the project's details. The process is the same as for
-   using a [blank project](#blank-projects).
-
-For information on configuring custom project templates, see:
-
-- [Custom instance-level project templates](../user/admin_area/custom_project_templates.md), for instance-level templates.
-- [Custom group-level project templates](../user/group/custom_project_templates.md), for group-level templates.
+1. Finish creating the project by filling out the project's details. The process is
+   the same as creating a [blank project](#blank-projects).
 
 ## Push to create a new project
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/26388) in GitLab 10.5.
 
-When you create a new repo locally, instead of going to GitLab to manually
-create a new project and then push the repo, you can directly push it to
-GitLab to create the new project, all without leaving your terminal. If you have access to that
-namespace, we will automatically create a new project under that GitLab namespace with its
-visibility set to Private by default (you can later change it in the [project's settings](../public_access/public_access.md#how-to-change-project-visibility)).
+When you create a new repository locally, instead of going to GitLab to manually
+create a new project and then [clone the repo](start-using-git.md#clone-a-repository)
+locally, you can directly push it to GitLab to create the new project, all without leaving
+your terminal. If you have access rights to the associated namespace, GitLab will
+automatically create a new project under that GitLab namespace with its visibility
+set to Private by default (you can later change it in the [project's settings](../public_access/public_access.md#how-to-change-project-visibility)).
 
 This can be done by using either SSH or HTTPS:
 
@@ -127,3 +134,15 @@ remote: To view the project, visit:
 remote:   https://gitlab.example.com/namespace/nonexistent-project
 remote:
 ```
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/gitlab-basics/create-your-ssh-keys.md b/doc/gitlab-basics/create-your-ssh-keys.md
index aac73d4c9c5..338b96374aa 100644
--- a/doc/gitlab-basics/create-your-ssh-keys.md
+++ b/doc/gitlab-basics/create-your-ssh-keys.md
@@ -1,22 +1,27 @@
-# Create and add your SSH public key
+---
+type: howto
+---
 
-This topic describes how to:
+# Create and add your SSH public key
 
-- Create an SSH key pair to use with GitLab.
-- Add the SSH public key to your GitLab account.
+It is best practice to use [Git over SSH instead of Git over HTTP](https://git-scm.com/book/en/v2/Git-on-the-Server-The-Protocols).
+In order to use SSH, you will need to
 
-You do this to use [Git over SSH instead of Git over HTTP](https://git-scm.com/book/en/v2/Git-on-the-Server-The-Protocols).
+1. [Create an SSH key pair](#creating-your-ssh-key-pair) on your local computer.
+1. [Add the key to GitLab](#adding-your-ssh-public-key-to-gitlab).
 
 ## Creating your SSH key pair
 
-1. Go to your [command line](start-using-git.md).
-1. Follow the [instructions](../ssh/README.md#generating-a-new-ssh-key-pair) to generate your SSH key pair.
+1. Go to your [command line](start-using-git.md#open-a-shell).
+1. Follow the [instructions](../ssh/README.md#generating-a-new-ssh-key-pair) to generate
+   your SSH key pair.
 
 ## Adding your SSH public key to GitLab
 
-To add the SSH public key to GitLab,
-see [Adding an SSH key to your GitLab account](../ssh/README.md#adding-an-ssh-key-to-your-gitlab-account).
+To add the SSH public key to GitLab, see
+[Adding an SSH key to your GitLab account](../ssh/README.md#adding-an-ssh-key-to-your-gitlab-account).
 
 NOTE: **Note:**
-Once you add a key, you cannot edit it. If the paste
-[didn't work](../ssh/README.md#testing-that-everything-is-set-up-correctly), you need to remove the key and re-add it.
+Once you add a key, you cannot edit it. If it didn't paste properly, it
+[will not work](../ssh/README.md#testing-that-everything-is-set-up-correctly), and
+you will need to remove the key from GitLab and try adding it again.
diff --git a/doc/gitlab-basics/fork-project.md b/doc/gitlab-basics/fork-project.md
index a128a7c7dd3..5c19985121d 100644
--- a/doc/gitlab-basics/fork-project.md
+++ b/doc/gitlab-basics/fork-project.md
@@ -1,20 +1,11 @@
+---
+type: howto
+---
+
 # How to fork a project
 
 A fork is a copy of an original repository that you put in another namespace
 where you can experiment and apply changes that you can later decide whether or
 not to share, without affecting the original project.
 
-It takes just a few steps to fork a project in GitLab.
-
-1. Go to a project's dashboard under the **Project** tab and click on the
-   **Fork** button.
-
-    ![Click on Fork button](img/fork_new.png)
-
-1. You will be asked where to fork the repository. Click on the user or group
-   to where you'd like to add the forked project.
-
-    ![Choose namespace](img/fork_choose_namespace.png)
-
-1. After a few moments, depending on the repository's size, the forking will
-   complete.
+It takes just a few steps to [fork a project in GitLab](../workflow/forking_workflow.md#creating-a-fork).
diff --git a/doc/gitlab-basics/start-using-git.md b/doc/gitlab-basics/start-using-git.md
index b3c5d32f2f5..3e3f96fb31f 100644
--- a/doc/gitlab-basics/start-using-git.md
+++ b/doc/gitlab-basics/start-using-git.md
@@ -1,38 +1,43 @@
+---
+type: howto, tutorial
+---
+
 # Start using Git on the command line
 
-If you want to start using Git and GitLab, make sure that you have created and/or signed into an account on GitLab.
+While GitLab has a powerful user interface, if you want to use Git itself, you will
+have to do so from the command line. If you want to start using Git and GitLab together,
+make sure that you have created and/or signed into an account on GitLab.
 
 ## Open a shell
 
-Depending on your operating system, you will need to use a shell of your preference. Here are some suggestions:
-
-- [Terminal](http://blog.teamtreehouse.com/introduction-to-the-mac-os-x-command-line) on  Mac OSX
+Depending on your operating system, you will need to use a shell of your preference.
+Here are some suggestions:
 
+- [Terminal](http://blog.teamtreehouse.com/introduction-to-the-mac-os-x-command-line) on macOS
 - [GitBash](https://msysgit.github.io) on Windows
-
 - [Linux Terminal](http://www.howtogeek.com/140679/beginner-geek-how-to-start-using-the-linux-terminal/) on Linux
 
 ## Check if Git has already been installed
 
-Git is usually preinstalled on Mac and Linux.
-
-Type the following command and then press enter:
+Git is usually preinstalled on Mac and Linux, so run the following command:
 
 ```bash
 git --version
 ```
 
-You should receive a message that tells you which Git version you have on your computer. If you don’t receive a "Git version" message, it means that you need to [download Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git).
+You should receive a message that tells you which Git version you have on your computer.
+If you don’t receive a "Git version" message, it means that you need to
+[download Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git).
 
-If Git doesn't automatically download, there's an option on the website to [download manually](https://git-scm.com/downloads). Then follow the steps on the installation window.
-
-After you are finished installing Git, open a new shell and type `git --version` again to verify that it was correctly installed.
+After you are finished installing Git, open a new shell and type `git --version` again
+to verify that it was correctly installed.
 
 ## Add your Git username and set your email
 
-It is important to configure your Git username and email address, since every Git commit will use this information to identify you as the author.
+It is important to configure your Git username and email address, since every Git
+commit will use this information to identify you as the author.
 
-On your shell, type the following command to add your username:
+In your shell, type the following command to add your username:
 
 ```bash
 git config --global user.name "YOUR_USERNAME"
@@ -56,7 +61,10 @@ To verify that you entered your email correctly, type:
 git config --global user.email
 ```
 
-You'll need to do this only once, since you are using the `--global` option. It tells Git to always use this information for anything you do on that system. If you want to override this with a different username or email address for specific projects, you can run the command without the `--global` option when you’re in that project.
+You'll need to do this only once, since you are using the `--global` option. It tells
+Git to always use this information for anything you do on that system. If you want
+to override this with a different username or email address for specific projects,
+you can run the command without the `--global` option when you’re in that project.
 
 ## Check your information
 
@@ -68,12 +76,12 @@ git config --global --list
 
 ## Basic Git commands
 
-Start using Git via the command line with the most basic
-commands as described below.
+Start using Git via the command line with the most basic commands as described below.
 
-## Initialize a local directory for Git version control
+### Initialize a local directory for Git version control
 
-If you have an existing local directory that you want to *initialize* for version control, use the `init` command to instruct Git to begin tracking the directory:
+If you have an existing local directory that you want to *initialize* for version
+control, use the `init` command to instruct Git to begin tracking the directory:
 
 ```bash
 git init
@@ -81,34 +89,33 @@ git init
 
 This creates a `.git` directory that contains the Git configuration files.
 
-Once the directory has been initialized, you can [add a remote repository](#add-a-remote-repository) and [send changes to GitLab.com](#send-changes-to-gitlabcom). View the instructions on [Create a project](../gitlab-basics/create-project.html#push-to-create-a-new-project) to create a new project on GitLab with your changes.
+Once the directory has been initialized, you can [add a remote repository](#add-a-remote-repository)
+and [send changes to GitLab.com](#send-changes-to-gitlabcom). You will also need to
+[create a new project in GitLab](../gitlab-basics/create-project.html#push-to-create-a-new-project)
+for your Git repository.
 
 ### Clone a repository
 
-To start working locally on an existing remote repository,
-clone it with the command `git clone <repository path>`.
-By cloning a repository, you'll download a copy of its
-files into your local computer, preserving the Git
-connection with the remote repository.
+To start working locally on an existing remote repository, clone it with the command
+`git clone <repository path>`. By cloning a repository, you'll download a copy of its
+files to your local computer, automatically preserving the Git connection with the
+remote repository.
 
-You can either clone it via HTTPS or [SSH](../ssh/README.md).
-If you chose to clone it via HTTPS, you'll have to enter your
-credentials every time you pull and push. With SSH, you enter
-your credentials once and can pull and push straightaway.
+You can either clone it via HTTPS or [SSH](../ssh/README.md). If you chose to clone
+it via HTTPS, you'll have to enter your credentials every time you pull and push.
+With SSH, you enter your credentials only once.
 
-You can find both paths (HTTPS and SSH) by navigating to
-your project's landing page and clicking **Clone**. GitLab
-will prompt you with both paths, from which you can copy
+You can find both paths (HTTPS and SSH) by navigating to your project's landing page
+and clicking **Clone**. GitLab will prompt you with both paths, from which you can copy
 and paste in your command line.
 
-As an example, consider a repository path:
+As an example, consider this repository path:
 
 - HTTPS: `https://gitlab.com/gitlab-org/gitlab-ce.git`
-- SSH: `` git@gitlab.com:gitlab-org/gitlab-ce.git ``
+- SSH: `git@gitlab.com:gitlab-org/gitlab-ce.git`
 
-To get started, open a terminal window in the directory
-you wish to clone the repository files into, and run one
-of the following commands.
+To get started, open a terminal window in the directory you wish to clone the repository
+files into, and run one of the following commands.
 
 Clone via HTTPS:
 
@@ -122,13 +129,15 @@ Clone via SSH:
 git clone git@gitlab.com:gitlab-org/gitlab-ce.git
 ```
 
-Both commands will download a copy of the files in a
-folder named after the project's name.
-
-You can then navigate to the directory and start working
+Both commands will download a copy of the files in a folder named after the project's
+name. You can then navigate to the directory and start working
 on it locally.
 
-### Go to the master branch to pull the latest changes from there
+### Switch to the master branch
+
+You are always in a branch when working with Git. The main branch is the master branch,
+but you can use the same command to switch to a different branch by changing `master`
+to the branch name.
 
 ```bash
 git checkout master
@@ -136,13 +145,20 @@ git checkout master
 
 ### Download the latest changes in the project
 
-This is for you to work on an up-to-date copy (it is important to do this every time you start working on a project), while you set up tracking branches. You pull from remote repositories to get all the changes made by users since the last time you cloned or pulled the project. Later, you can push your local commits to the remote repositories.
+To work on an up-to-date copy of the project (it is important to do this every time
+you start working on a project), you `pull` to get all the changes made by users since
+the last time you cloned or pulled the project. Use `master` for the `<name-of-branch>`
+to get the main branch code, or the branch name of the branch you are currently working
+in.
 
 ```bash
-git pull REMOTE NAME-OF-BRANCH
+git pull REMOTE <name-of-branch>
 ```
 
-When you first clone a repository, REMOTE is typically "origin". This is where the repository came from, and it indicates the SSH or HTTPS URL of the repository on the remote server. NAME-OF-BRANCH is usually "master", but it may be any existing branch.
+When you first clone a repository, REMOTE is typically `origin`. This is where the
+repository was cloned from, and it indicates the SSH or HTTPS URL of the repository
+on the remote server. `<name-of-branch>` is usually `master`, but it may be any existing
+branch.
 
 ### View your remote repositories
 
@@ -157,17 +173,20 @@ git remote -v
 To add a link to a remote repository:
 
 ```bash
-git remote add SOURCE-NAME REPOSITORY-PATH
+git remote add <source-name> <repository-path>
 ```
 
-You'll use this source name every time you [push changes to GitLab.com](#send-changes-to-gitlabcom), so use something easy to remember and type.
+You'll use this source name every time you [push changes to GitLab.com](#send-changes-to-gitlabcom),
+so use something easy to remember and type.
 
 ### Create a branch
 
-To create a branch, type the following (spaces won't be recognized in the branch name, so you will need to use a hyphen or underscore):
+To create a new branch, to work from without affecting the `master` branch, type the
+following (spaces won't be recognized in the branch name, so you will need to use a
+hyphen or underscore):
 
 ```bash
-git checkout -b NAME-OF-BRANCH
+git checkout -b <name-of-branch>>
 ```
 
 ### Work on an existing branch
@@ -175,12 +194,14 @@ git checkout -b NAME-OF-BRANCH
 To switch to an existing branch, so you can work on it:
 
 ```bash
-git checkout NAME-OF-BRANCH
+git checkout <name-of-branch>
 ```
 
 ### View the changes you've made
 
-It's important to be aware of what's happening and the status of your changes. When you add, change, or delete files/folders, Git knows about it. To check the status of your changes:
+It's important to be aware of what's happening and the status of your changes. When
+you add, change, or delete files/folders, Git knows about it. To check the status of
+your changes:
 
 ```bash
 git status
@@ -188,7 +209,8 @@ git status
 
 ### View differences
 
-To view the differences between your local, unstaged changes and the repository versions that you cloned or pulled, type:
+To view the differences between your local, unstaged changes and the repository versions
+that you cloned or pulled, type:
 
 ```bash
 git diff
@@ -196,16 +218,19 @@ git diff
 
 ### Add and commit local changes
 
-You'll see your local changes in red when you type `git status`. These changes may be new, modified, or deleted files/folders. Use `git add` to stage a local file/folder for committing. Then use `git commit` to commit the staged files:
+You'll see any local changes in red when you type `git status`. These changes may
+be new, modified, or deleted files/folders. Use `git add` to first stage (prepare)
+a local file/folder for committing. Then use `git commit` to commit (save) the staged
+files:
 
 ```bash
-git add FILE OR FOLDER
+git add <file-name OR folder-name>
 git commit -m "COMMENT TO DESCRIBE THE INTENTION OF THE COMMIT"
 ```
 
 ### Add all changes to commit
 
-To add and commit all local changes in one command:
+To add and commit (save) all local changes quickly:
 
 ```bash
 git add .
@@ -217,35 +242,32 @@ The `.` character typically means _all_ in Git.
 
 ### Send changes to GitLab.com
 
-To push all local commits to the remote repository:
+To push all local commits (saved changes) to the remote repository:
 
 ```bash
-git push REMOTE NAME-OF-BRANCH
+git push <remote> <name-of-branch>
 ```
 
-For example, to push your local commits to the _master_ branch of the _origin_ remote:
+For example, to push your local commits to the _`master`_ branch of the _`origin`_ remote:
 
 ```bash
 git push origin master
 ```
 
-### Delete all changes in the Git repository
+### Delete all changes in the branch
 
-To delete all local changes in the repository that have not been added to the staging area, and leave unstaged files/folders, type:
+To delete all local changes in the branch that have not been added to the staging
+area, and leave unstaged files/folders, type:
 
 ```bash
 git checkout .
 ```
 
-### Delete all untracked changes in the Git repository
-
-```bash
-git clean -f
-```
+Note that this removes *changes* to files, not the files themselves.
 
 ### Unstage all changes that have been added to the staging area
 
-To undo the most recent add, but not committed, files/folders:
+To undo the most recently added, but not committed, changes to files/folders:
 
 ```bash
 git reset .
@@ -259,25 +281,31 @@ To undo the most recent commit, type:
 git reset HEAD~1
 ```
 
-This leaves the files and folders unstaged in your local repository.
+This leaves the changed files and folders unstaged in your local repository.
 
 CAUTION: **Warning:**
-A Git commit is mostly irreversible, particularly if you already pushed it to the remote repository. Although you can undo a commit, the best option is to avoid the situation altogether.
+A Git commit should not usually be reverse, particularly if you already pushed it
+to the remote repository. Although you can undo a commit, the best option is to avoid
+the situation altogether by working carefully.
 
-### Merge created branch with master branch
+### Merge a branch with master branch
 
-You need to be in the created branch.
+When you are ready to make all the changes in a branch a permanent addition to
+the master branch, you `merge` the two together:
 
 ```bash
-git checkout NAME-OF-BRANCH
+git checkout <name-of-branch>
 git merge master
 ```
 
-### Merge master branch with created branch
+<!-- ## Troubleshooting
 
-You need to be in the master branch.
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
 
-```bash
-git checkout master
-git merge NAME-OF-BRANCH
-```
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
-- 
cgit v1.2.1


From 49b66a6ade41475d828d2191e5505abd1ce90eee Mon Sep 17 00:00:00 2001
From: Heinrich Lee Yu <heinrich@gitlab.com>
Date: Mon, 29 Jul 2019 17:17:17 +0800
Subject: Update documentation on CSV export max file size

---
 doc/user/project/issues/csv_export.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/project/issues/csv_export.md b/doc/user/project/issues/csv_export.md
index d3f53c09fb3..27ce3a814f9 100644
--- a/doc/user/project/issues/csv_export.md
+++ b/doc/user/project/issues/csv_export.md
@@ -72,4 +72,4 @@ Data will be encoded with a comma as the column delimiter, with `"` used to quot
 
 ## Limitations
 
-As the issues will be sent as an email attachment, there is a limit on how much data can be exported. Currently this limit is 20MB to ensure successful delivery across a range of email providers. If this limit is reached we suggest narrowing the search before export, perhaps by exporting open and closed issues separately.
+As the issues will be sent as an email attachment, there is a limit on how much data can be exported. Currently this limit is 15MB to ensure successful delivery across a range of email providers. If this limit is reached we suggest narrowing the search before export, perhaps by exporting open and closed issues separately.
-- 
cgit v1.2.1


From 57a6f142cb033fa3fd3c87a72378567b4ed33b14 Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Tue, 30 Jul 2019 15:12:50 +1000
Subject: QA spec for Auto DevOps should 10GB GKE disk

This was defaulting to 100GB according to
https://cloud.google.com/sdk/gcloud/reference/container/clusters/create#--disk-size
which is really not ideal since we haven't automated clean up per
https://gitlab.com/gitlab-org/gitlab-qa/issues/298
---
 qa/qa/service/kubernetes_cluster.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/qa/qa/service/kubernetes_cluster.rb b/qa/qa/service/kubernetes_cluster.rb
index 40263e94065..7b3451ed799 100644
--- a/qa/qa/service/kubernetes_cluster.rb
+++ b/qa/qa/service/kubernetes_cluster.rb
@@ -29,6 +29,7 @@ module QA
           #{auth_options}
           --enable-basic-auth
           --region #{Runtime::Env.gcloud_region}
+          --disk-size 10GB
           && gcloud container clusters
           get-credentials
           --region #{Runtime::Env.gcloud_region}
-- 
cgit v1.2.1


From 9c2baada57a6a4c6746ce9fa37ec33d94e2dff09 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Thu, 25 Jul 2019 16:15:00 -0700
Subject: Ignore Gitaly errors if cache flushing fails on project destruction

We should just ignore these errors and move along with the deletion
since the repositories are going to be trashed anyway.

Closes https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/31164
---
 app/services/projects/destroy_service.rb                | 13 +++++++++++--
 .../unreleased/sh-ignore-git-errors-delete-project.yml  |  5 +++++
 spec/services/projects/destroy_service_spec.rb          | 17 ++++++++++++++++-
 3 files changed, 32 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/unreleased/sh-ignore-git-errors-delete-project.yml

diff --git a/app/services/projects/destroy_service.rb b/app/services/projects/destroy_service.rb
index b805a7f1211..a1279bfb3a3 100644
--- a/app/services/projects/destroy_service.rb
+++ b/app/services/projects/destroy_service.rb
@@ -210,11 +210,20 @@ module Projects
     end
 
     def flush_caches(project)
-      project.repository.before_delete
+      ignore_git_errors(repo_path) { project.repository.before_delete }
 
-      Repository.new(wiki_path, project, disk_path: repo_path).before_delete
+      ignore_git_errors(wiki_path) { Repository.new(wiki_path, project, disk_path: repo_path).before_delete }
 
       Projects::ForksCountService.new(project).delete_cache
     end
+
+    # If we get a Gitaly error, the repository may be corrupted. We can
+    # ignore these errors since we're going to trash the repositories
+    # anyway.
+    def ignore_git_errors(disk_path, &block)
+      yield
+    rescue Gitlab::Git::CommandError => e
+      Gitlab::GitLogger.warn(class: self.class.name, project_id: project.id, disk_path: disk_path, message: e.to_s)
+    end
   end
 end
diff --git a/changelogs/unreleased/sh-ignore-git-errors-delete-project.yml b/changelogs/unreleased/sh-ignore-git-errors-delete-project.yml
new file mode 100644
index 00000000000..f5e2147f00e
--- /dev/null
+++ b/changelogs/unreleased/sh-ignore-git-errors-delete-project.yml
@@ -0,0 +1,5 @@
+---
+title: Ignore Gitaly errors if cache flushing fails on project destruction
+merge_request: 31164
+author:
+type: fixed
diff --git a/spec/services/projects/destroy_service_spec.rb b/spec/services/projects/destroy_service_spec.rb
index 3af7ee3ad50..e436af77ed4 100644
--- a/spec/services/projects/destroy_service_spec.rb
+++ b/spec/services/projects/destroy_service_spec.rb
@@ -121,7 +121,22 @@ describe Projects::DestroyService do
     it { expect(Dir.exist?(remove_path)).to be_truthy }
   end
 
-  context 'when flushing caches fail' do
+  context 'when flushing caches fail due to Git errors' do
+    before do
+      allow(project.repository).to receive(:before_delete).and_raise(::Gitlab::Git::CommandError)
+      allow(Gitlab::GitLogger).to receive(:warn).with(
+        class: described_class.name,
+        project_id: project.id,
+        disk_path: project.disk_path,
+        message: 'Gitlab::Git::CommandError').and_call_original
+
+      perform_enqueued_jobs { destroy_project(project, user, {}) }
+    end
+
+    it_behaves_like 'deleting the project'
+  end
+
+  context 'when flushing caches fail due to Redis' do
     before do
       new_user = create(:user)
       project.team.add_user(new_user, Gitlab::Access::DEVELOPER)
-- 
cgit v1.2.1


From d4cc05e2ddba9ba086deff5b90a9d80b7c5e1db1 Mon Sep 17 00:00:00 2001
From: Agnes Oetama <aoetama@gitlab.com>
Date: Tue, 30 Jul 2019 06:17:24 +0000
Subject: Update jenkins.md - add CTA to about.gitlab page

---
 doc/integration/jenkins.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/doc/integration/jenkins.md b/doc/integration/jenkins.md
index 50cb3d50009..6755640d39c 100644
--- a/doc/integration/jenkins.md
+++ b/doc/integration/jenkins.md
@@ -35,6 +35,9 @@ and [Migrating from Jenkins to GitLab](https://www.youtube.com/watch?v=RlEVGOpYF
 
 For a real use case, read the blog post [Continuous integration: From Jenkins to GitLab using Docker](https://about.gitlab.com/2017/07/27/docker-my-precious/).
 
+NOTE: **Moving from a traditional CI plug-in to a single application for the entire software development lifecycle can decrease hours spent on maintaining toolchains by 10% or more.** 
+Visit the ['GitLab vs. Jenkins' comparison page](https://about.gitlab.com/devops-tools/jenkins-vs-gitlab.html) to learn how our built-in CI compares to Jenkins.
+
 ## Requirements
 
 - [Jenkins GitLab Plugin](https://wiki.jenkins.io/display/JENKINS/GitLab+Plugin)
-- 
cgit v1.2.1


From 8f14d3c1401088a61a2360b9ad988807f944bd79 Mon Sep 17 00:00:00 2001
From: Shinya Maeda <shinya@gitlab.com>
Date: Tue, 30 Jul 2019 11:42:36 +0700
Subject: Fix sidekiq memory killer warning message

---
 lib/gitlab/sidekiq_middleware/memory_killer.rb           | 2 +-
 spec/lib/gitlab/sidekiq_middleware/memory_killer_spec.rb | 7 +++++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/lib/gitlab/sidekiq_middleware/memory_killer.rb b/lib/gitlab/sidekiq_middleware/memory_killer.rb
index 4b10f921ed8..49c4fdc3033 100644
--- a/lib/gitlab/sidekiq_middleware/memory_killer.rb
+++ b/lib/gitlab/sidekiq_middleware/memory_killer.rb
@@ -84,7 +84,7 @@ module Gitlab
       end
 
       def warn(message, signal: nil)
-        Sidekiq.logger.warn(class: worker.class, pid: pid, signal: signal, message: message)
+        Sidekiq.logger.warn(class: worker.class.name, pid: pid, signal: signal, message: message)
       end
     end
   end
diff --git a/spec/lib/gitlab/sidekiq_middleware/memory_killer_spec.rb b/spec/lib/gitlab/sidekiq_middleware/memory_killer_spec.rb
index b451844f06c..1de9a644610 100644
--- a/spec/lib/gitlab/sidekiq_middleware/memory_killer_spec.rb
+++ b/spec/lib/gitlab/sidekiq_middleware/memory_killer_spec.rb
@@ -4,7 +4,7 @@ describe Gitlab::SidekiqMiddleware::MemoryKiller do
   subject { described_class.new }
   let(:pid) { 999 }
 
-  let(:worker) { double(:worker, class: 'TestWorker') }
+  let(:worker) { double(:worker, class: ProjectCacheWorker) }
   let(:job) { { 'jid' => 123 } }
   let(:queue) { 'test_queue' }
 
@@ -46,7 +46,10 @@ describe Gitlab::SidekiqMiddleware::MemoryKiller do
       expect(Process).to receive(:kill).with('SIGKILL', pid).ordered
 
       expect(Sidekiq.logger)
-        .to receive(:warn).with(class: 'TestWorker', message: anything, pid: pid, signal: anything).at_least(:once)
+          .to receive(:warn).with(class: 'ProjectCacheWorker',
+                                  message: anything,
+                                  pid: pid,
+                                  signal: anything).at_least(:once)
 
       run
     end
-- 
cgit v1.2.1


From 9870e86f6c9e8899400fe847f741bda6f458a978 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20Coutable?= <remy@rymai.me>
Date: Mon, 29 Jul 2019 13:24:33 +0200
Subject: Use the --atomic flag when deploying Review Apps
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Rémy Coutable <remy@rymai.me>
---
 scripts/review_apps/review-apps.sh | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/scripts/review_apps/review-apps.sh b/scripts/review_apps/review-apps.sh
index 4f617b15a6e..408a0595f9e 100755
--- a/scripts/review_apps/review-apps.sh
+++ b/scripts/review_apps/review-apps.sh
@@ -189,17 +189,11 @@ function deploy() {
   gitlab_shell_image_repository="${IMAGE_REPOSITORY}/gitlab-shell"
   gitlab_workhorse_image_repository="${IMAGE_REPOSITORY}/gitlab-workhorse-${IMAGE_VERSION}"
 
-  # Cleanup and previous installs, as FAILED and PENDING_UPGRADE will cause errors with `upgrade`
-  if [ "$CI_ENVIRONMENT_SLUG" != "production" ] && previous_deploy_failed "$CI_ENVIRONMENT_SLUG" ; then
-    echo "Deployment in bad state, cleaning up $CI_ENVIRONMENT_SLUG"
-    delete
-  fi
-
   create_application_secret
 
 HELM_CMD=$(cat << EOF
   helm upgrade --install \
-    --wait \
+    --atomic \
     --timeout 900 \
     --set releaseOverride="$CI_ENVIRONMENT_SLUG" \
     --set global.appConfig.enableUsagePing=false \
-- 
cgit v1.2.1


From 7906503d97b8481cf2be1331cb4479fef3806973 Mon Sep 17 00:00:00 2001
From: Tomislav Nikic <tnikic@gitlab.com>
Date: Tue, 30 Jul 2019 08:04:26 +0000
Subject: Getting on par with EE

This commit covers all the files that where changed in the
identically named branch on EE that is creating an elasticsearch
test case.
---
 app/views/layouts/_search.html.haml            |  3 ++-
 app/views/layouts/nav/sidebar/_admin.html.haml |  2 +-
 app/views/search/_category.html.haml           |  2 +-
 app/views/search/results/_blob_data.html.haml  |  6 ++---
 qa/qa.rb                                       |  4 ++++
 qa/qa/page/admin/menu.rb                       | 12 ++++++++++
 qa/qa/page/main/menu.rb                        |  8 +++++++
 qa/qa/page/search/results.rb                   | 33 ++++++++++++++++++++++++++
 8 files changed, 64 insertions(+), 6 deletions(-)
 create mode 100644 qa/qa/page/search/results.rb

diff --git a/app/views/layouts/_search.html.haml b/app/views/layouts/_search.html.haml
index 9cac8266eaf..bc900992cb0 100644
--- a/app/views/layouts/_search.html.haml
+++ b/app/views/layouts/_search.html.haml
@@ -13,7 +13,8 @@
                                             tabindex: '1',
                                             autocomplete: 'off',
                                             data: { issues_path: issues_dashboard_path,
-                                              mr_path: merge_requests_dashboard_path },
+                                              mr_path: merge_requests_dashboard_path,
+                                              qa_selector: 'search_term_field' },
                                             aria: { label: _('Search or jump to…') }
           %button.hidden.js-dropdown-search-toggle{ type: 'button', data: { toggle: 'dropdown' } }
           .dropdown-menu.dropdown-select.js-dashboard-search-options
diff --git a/app/views/layouts/nav/sidebar/_admin.html.haml b/app/views/layouts/nav/sidebar/_admin.html.haml
index 87133c7ba22..cb39c830170 100644
--- a/app/views/layouts/nav/sidebar/_admin.html.haml
+++ b/app/views/layouts/nav/sidebar/_admin.html.haml
@@ -236,7 +236,7 @@
                 %span
                   = _('General')
             = nav_link(path: 'application_settings#integrations') do
-              = link_to integrations_admin_application_settings_path, title: _('Integrations') do
+              = link_to integrations_admin_application_settings_path, title: _('Integrations'), data: { qa_selector: 'integration_settings_link' } do
                 %span
                   = _('Integrations')
             = nav_link(path: 'application_settings#repository') do
diff --git a/app/views/search/_category.html.haml b/app/views/search/_category.html.haml
index ee7d89a9bd8..18613ff4c16 100644
--- a/app/views/search/_category.html.haml
+++ b/app/views/search/_category.html.haml
@@ -12,7 +12,7 @@
   %ul.nav-links.search-filter.scrolling-tabs.nav.nav-tabs
     - if @project
       - if project_search_tabs?(:blobs)
-        %li{ class: active_when(@scope == 'blobs') }
+        %li{ class: active_when(@scope == 'blobs'), data: { qa_selector: 'code_tab' } }
           = link_to search_filter_path(scope: 'blobs') do
             = _("Code")
             %span.badge.badge-pill
diff --git a/app/views/search/results/_blob_data.html.haml b/app/views/search/results/_blob_data.html.haml
index 143e9f91ca3..36b6ea7bd37 100644
--- a/app/views/search/results/_blob_data.html.haml
+++ b/app/views/search/results/_blob_data.html.haml
@@ -1,10 +1,10 @@
-.blob-result
+.blob-result{ data: { qa_selector: 'result_item_content' } }
   .file-holder
-    .js-file-title.file-title
+    .js-file-title.file-title{ data: { qa_selector: 'file_title_content' } }
       = link_to blob_link do
         %i.fa.fa-file
         %strong
           = search_blob_title(project, file_name)
     - if blob.data
-      .file-content.code.term
+      .file-content.code.term{ data: { qa_selector: 'file_text_content' } }
         = render 'shared/file_highlight', blob: blob, first_line_number: blob.startline
diff --git a/qa/qa.rb b/qa/qa.rb
index be73776425b..18fb4509dce 100644
--- a/qa/qa.rb
+++ b/qa/qa.rb
@@ -314,6 +314,10 @@ module QA
       autoload :Login, 'qa/page/mattermost/login'
     end
 
+    module Search
+      autoload :Results, 'qa/page/search/results'
+    end
+
     ##
     # Classes describing components that are used by several pages.
     #
diff --git a/qa/qa/page/admin/menu.rb b/qa/qa/page/admin/menu.rb
index eea5717f5a7..61ec9854726 100644
--- a/qa/qa/page/admin/menu.rb
+++ b/qa/qa/page/admin/menu.rb
@@ -13,6 +13,10 @@ module QA
           element :admin_settings_metrics_and_profiling_item
         end
 
+        view 'app/views/layouts/nav/sidebar/_admin.html.haml' do
+          element :integration_settings_link
+        end
+
         def go_to_repository_settings
           hover_settings do
             within_submenu do
@@ -21,6 +25,14 @@ module QA
           end
         end
 
+        def go_to_integration_settings
+          hover_settings do
+            within_submenu do
+              click_element :integration_settings_link
+            end
+          end
+        end
+
         def go_to_general_settings
           hover_settings do
             within_submenu do
diff --git a/qa/qa/page/main/menu.rb b/qa/qa/page/main/menu.rb
index d86d554356e..e3039149ab4 100644
--- a/qa/qa/page/main/menu.rb
+++ b/qa/qa/page/main/menu.rb
@@ -27,6 +27,10 @@ module QA
           element :your_projects_link
         end
 
+        view 'app/views/layouts/_search.html.haml' do
+          element :search_term_field
+        end
+
         def go_to_groups
           within_top_menu do
             click_element :groups_dropdown
@@ -71,6 +75,10 @@ module QA
           click_element :snippets_link
         end
 
+        def search_for(term)
+          fill_element :search_term_field, "#{term}\n"
+        end
+
         def has_personal_area?(wait: Capybara.default_max_wait_time)
           has_element?(:user_avatar, wait: wait)
         end
diff --git a/qa/qa/page/search/results.rb b/qa/qa/page/search/results.rb
new file mode 100644
index 00000000000..b9b18abf660
--- /dev/null
+++ b/qa/qa/page/search/results.rb
@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module QA::Page
+  module Search
+    class Results < QA::Page::Base
+      view 'app/views/search/_category.html.haml' do
+        element :code_tab
+      end
+
+      view 'app/views/search/results/_blob_data.html.haml' do
+        element :result_item_content
+        element :file_title_content
+        element :file_text_content
+      end
+
+      def switch_to_code
+        click_element(:code_tab)
+      end
+
+      def has_file_in_project?(file_name, project_name)
+        has_element? :result_item_content, text: "#{project_name}: #{file_name}"
+      end
+
+      def has_file_with_content?(file_name, file_text)
+        within_element_by_index :result_item_content, 0 do
+          false unless has_element? :file_title_content, text: file_name
+
+          has_element? :file_text_content, text: file_text
+        end
+      end
+    end
+  end
+end
-- 
cgit v1.2.1


From a98f3de66eafd78f2769a848aa565612a5bbc337 Mon Sep 17 00:00:00 2001
From: Steve Azzopardi <sazzopardi@gitlab.com>
Date: Tue, 30 Jul 2019 10:31:58 +0200
Subject: Update docker title for docker-in-docker workflow

`docker-in-docker` is a workflow not an specific executor. It uses the
[Docker executor](https://docs.gitlab.com/runner/executors/docker.html).
---
 doc/ci/docker/using_docker_build.md    | 2 +-
 doc/ci/docker/using_kaniko.md          | 3 ++-
 doc/ci/examples/browser_performance.md | 4 ++--
 doc/ci/examples/code_quality.md        | 2 +-
 4 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/doc/ci/docker/using_docker_build.md b/doc/ci/docker/using_docker_build.md
index 9f1ce1fc230..10a21edbd34 100644
--- a/doc/ci/docker/using_docker_build.md
+++ b/doc/ci/docker/using_docker_build.md
@@ -91,7 +91,7 @@ NOTE: **Note:**
 By adding `gitlab-runner` to the `docker` group you are effectively granting `gitlab-runner` full root permissions.
 For more information please read [On Docker security: `docker` group considered harmful](https://www.andreas-jung.com/contents/on-docker-security-docker-group-considered-harmful).
 
-### Use docker-in-docker executor
+### Use docker-in-docker workflow with Docker executor
 
 The second approach is to use the special docker-in-docker (dind)
 [Docker image](https://hub.docker.com/_/docker/) with all tools installed
diff --git a/doc/ci/docker/using_kaniko.md b/doc/ci/docker/using_kaniko.md
index 50f1ac3d54a..925653f9fdf 100644
--- a/doc/ci/docker/using_kaniko.md
+++ b/doc/ci/docker/using_kaniko.md
@@ -11,7 +11,8 @@ Requires GitLab Runner 11.2 and above.
 container images from a Dockerfile, inside a container or Kubernetes cluster.
 
 kaniko solves two problems with using the
-[docker-in-docker build](using_docker_build.md#use-docker-in-docker-executor) method:
+[docker-in-docker
+build](using_docker_build.md#use-docker-in-docker-workflow-with-docker-executor) method:
 
 - Docker-in-docker requires [privileged mode](https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities)
   in order to function, which is a significant security concern.
diff --git a/doc/ci/examples/browser_performance.md b/doc/ci/examples/browser_performance.md
index 8ecac4a5a4f..3266e5dc62e 100644
--- a/doc/ci/examples/browser_performance.md
+++ b/doc/ci/examples/browser_performance.md
@@ -15,7 +15,7 @@ your code by using GitLab CI/CD and [sitespeed.io](https://www.sitespeed.io)
 using Docker-in-Docker.
 
 First, you need GitLab Runner with
-[docker-in-docker executor](../docker/using_docker_build.md#use-docker-in-docker-executor).
+[docker-in-docker build](../docker/using_docker_build.md#use-docker-in-docker-workflow-with-docker-executor).
 
 Once you set up the Runner, add a new job to `.gitlab-ci.yml` that
 generates the expected report:
@@ -155,4 +155,4 @@ performance:
     paths:
       - performance.json
       - sitespeed-results/
-```
\ No newline at end of file
+```
diff --git a/doc/ci/examples/code_quality.md b/doc/ci/examples/code_quality.md
index e63470ec9d9..69bad6b4c25 100644
--- a/doc/ci/examples/code_quality.md
+++ b/doc/ci/examples/code_quality.md
@@ -14,7 +14,7 @@ This example shows how to run Code Quality on your code by using GitLab CI/CD
 and Docker.
 
 First, you need GitLab Runner with
-[docker-in-docker executor](../docker/using_docker_build.md#use-docker-in-docker-executor).
+[docker-in-docker executor](../docker/using_docker_build.md#use-docker-in-docker-workflow-with-docker-executor).
 
 Once you set up the Runner, include the CodeQuality template in your CI config:
 
-- 
cgit v1.2.1


From 18cdc5ba6ce1810c19982475eca89fd385fe31e2 Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Wed, 24 Jul 2019 12:37:05 +0100
Subject: Remove line profiler from performance bar

1. The output isn't great. It can be hard to find hotspots and, even
   when you do find them, to find why those are hotspots.
2. It uses some jQuery-specific frontend code which we can remove now
   that we don't have this any more.
3. It's only possible to profile the initial request, not any subsequent
   AJAX requests.
---
 Gemfile                                            |   1 -
 Gemfile.lock                                       |   4 -
 .../components/performance_bar_app.vue             |  23 ----
 app/assets/stylesheets/performance_bar.scss        |  11 --
 app/controllers/concerns/with_performance_bar.rb   |   4 -
 app/views/peek/_bar.html.haml                      |   3 +-
 .../remove-line-profile-from-performance-bar.yml   |   5 +
 config/initializers/peek.rb                        |   1 -
 .../monitoring/performance/img/performance_bar.png | Bin 127198 -> 113617 bytes
 .../img/performance_bar_line_profiling.png         | Bin 93063 -> 0 bytes
 .../monitoring/performance/performance_bar.md      |   2 -
 lib/peek/rblineprof/custom_controller_helpers.rb   | 124 ---------------------
 lib/peek/views/redis_detailed.rb                   |   2 +-
 locale/gitlab.pot                                  |   3 -
 vendor/licenses.csv                                |   1 -
 15 files changed, 7 insertions(+), 177 deletions(-)
 create mode 100644 changelogs/unreleased/remove-line-profile-from-performance-bar.yml
 delete mode 100644 doc/administration/monitoring/performance/img/performance_bar_line_profiling.png
 delete mode 100644 lib/peek/rblineprof/custom_controller_helpers.rb

diff --git a/Gemfile b/Gemfile
index d7bc8e1a749..61a6432a953 100644
--- a/Gemfile
+++ b/Gemfile
@@ -297,7 +297,6 @@ gem 'batch-loader', '~> 1.4.0'
 # Perf bar
 gem 'peek', '~> 1.0.1'
 gem 'peek-gc', '~> 0.0.2'
-gem 'peek-rblineprof', '~> 0.2.0'
 
 # Memory benchmarks
 gem 'derailed_benchmarks', require: false
diff --git a/Gemfile.lock b/Gemfile.lock
index f9f6616bad2..45f1464a5b5 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -643,9 +643,6 @@ GEM
       railties (>= 4.0.0)
     peek-gc (0.0.2)
       peek
-    peek-rblineprof (0.2.0)
-      peek
-      rblineprof
     pg (1.1.4)
     po_to_json (1.0.1)
       json (>= 1.6.0)
@@ -1177,7 +1174,6 @@ DEPENDENCIES
   org-ruby (~> 0.9.12)
   peek (~> 1.0.1)
   peek-gc (~> 0.0.2)
-  peek-rblineprof (~> 0.2.0)
   pg (~> 1.1)
   premailer-rails (~> 1.9.7)
   prometheus-client-mmap (~> 0.9.8)
diff --git a/app/assets/javascripts/performance_bar/components/performance_bar_app.vue b/app/assets/javascripts/performance_bar/components/performance_bar_app.vue
index 769ddb21277..c0ea42ad1a2 100644
--- a/app/assets/javascripts/performance_bar/components/performance_bar_app.vue
+++ b/app/assets/javascripts/performance_bar/components/performance_bar_app.vue
@@ -1,5 +1,4 @@
 <script>
-import $ from 'jquery';
 import { glEmojiTag } from '~/emoji';
 
 import detailedMetric from './detailed_metric.vue';
@@ -28,10 +27,6 @@ export default {
       type: String,
       required: true,
     },
-    profileUrl: {
-      type: String,
-      required: true,
-    },
   },
   detailedMetrics: [
     {
@@ -74,9 +69,6 @@ export default {
     initialRequest() {
       return this.currentRequestId === this.requestId;
     },
-    lineProfileModal() {
-      return $('#modal-peek-line-profile');
-    },
     hasHost() {
       return this.currentRequest && this.currentRequest.details && this.currentRequest.details.host;
     },
@@ -90,10 +82,6 @@ export default {
   },
   mounted() {
     this.currentRequest = this.requestId;
-
-    if (this.lineProfileModal.length) {
-      this.lineProfileModal.modal('toggle');
-    }
   },
   methods: {
     changeCurrentRequest(newRequestId) {
@@ -124,17 +112,6 @@ export default {
         :header="metric.header"
         :keys="metric.keys"
       />
-      <div v-if="initialRequest" id="peek-view-rblineprof" class="view">
-        <button
-          v-if="lineProfileModal.length"
-          class="btn-link btn-blank"
-          data-toggle="modal"
-          data-target="#modal-peek-line-profile"
-        >
-          {{ s__('PerformanceBar|profile') }}
-        </button>
-        <a v-else :href="profileUrl">{{ s__('PerformanceBar|profile') }}</a>
-      </div>
       <div id="peek-view-gc" class="view">
         <span v-if="currentRequest.details" class="bold">
           <span title="Invoke Time">{{ currentRequest.details.gc.gc_time }}</span
diff --git a/app/assets/stylesheets/performance_bar.scss b/app/assets/stylesheets/performance_bar.scss
index 5a8940ffd6d..ad7d87f0bf6 100644
--- a/app/assets/stylesheets/performance_bar.scss
+++ b/app/assets/stylesheets/performance_bar.scss
@@ -1,6 +1,5 @@
 @import 'framework/variables';
 @import 'framework/variables_overrides';
-@import 'peek/views/rblineprof';
 
 #js-peek {
   position: fixed;
@@ -128,13 +127,3 @@
 #modal-peek-pg-queries-content {
   color: $black;
 }
-
-.peek-rblineprof-file {
-  pre.duration {
-    width: 280px;
-  }
-
-  .data {
-    overflow: visible;
-  }
-}
diff --git a/app/controllers/concerns/with_performance_bar.rb b/app/controllers/concerns/with_performance_bar.rb
index 77c3d476ac6..4e0ae3c59eb 100644
--- a/app/controllers/concerns/with_performance_bar.rb
+++ b/app/controllers/concerns/with_performance_bar.rb
@@ -3,10 +3,6 @@
 module WithPerformanceBar
   extend ActiveSupport::Concern
 
-  included do
-    include Peek::Rblineprof::CustomControllerHelpers
-  end
-
   def peek_enabled?
     return false unless Gitlab::PerformanceBar.enabled?(current_user)
 
diff --git a/app/views/peek/_bar.html.haml b/app/views/peek/_bar.html.haml
index 89d3b931f88..5228930293c 100644
--- a/app/views/peek/_bar.html.haml
+++ b/app/views/peek/_bar.html.haml
@@ -2,6 +2,5 @@
 
 #js-peek{ data: { env: Peek.env,
          request_id: Peek.request_id,
-         peek_url: "#{peek_routes_path}/results",
-         profile_url: url_for(safe_params.merge(lineprofiler: 'true')) },
+         peek_url: "#{peek_routes_path}/results" },
          class: Peek.env }
diff --git a/changelogs/unreleased/remove-line-profile-from-performance-bar.yml b/changelogs/unreleased/remove-line-profile-from-performance-bar.yml
new file mode 100644
index 00000000000..c1c7450fbbd
--- /dev/null
+++ b/changelogs/unreleased/remove-line-profile-from-performance-bar.yml
@@ -0,0 +1,5 @@
+---
+title: Remove line profiler from performance bar
+merge_request:
+author:
+type: removed
diff --git a/config/initializers/peek.rb b/config/initializers/peek.rb
index d51d553c939..4a2b7931f30 100644
--- a/config/initializers/peek.rb
+++ b/config/initializers/peek.rb
@@ -7,7 +7,6 @@ Rails.application.config.peek.adapter = :redis, { client: ::Redis.new(Gitlab::Re
 Peek.into Peek::Views::Host
 Peek.into Peek::Views::ActiveRecord
 Peek.into Peek::Views::Gitaly
-Peek.into Peek::Views::Rblineprof
 Peek.into Peek::Views::RedisDetailed
 Peek.into Peek::Views::Rugged
 Peek.into Peek::Views::GC
diff --git a/doc/administration/monitoring/performance/img/performance_bar.png b/doc/administration/monitoring/performance/img/performance_bar.png
index 8a6f8b3b273..89b09054d46 100644
Binary files a/doc/administration/monitoring/performance/img/performance_bar.png and b/doc/administration/monitoring/performance/img/performance_bar.png differ
diff --git a/doc/administration/monitoring/performance/img/performance_bar_line_profiling.png b/doc/administration/monitoring/performance/img/performance_bar_line_profiling.png
deleted file mode 100644
index a55ce753101..00000000000
Binary files a/doc/administration/monitoring/performance/img/performance_bar_line_profiling.png and /dev/null differ
diff --git a/doc/administration/monitoring/performance/performance_bar.md b/doc/administration/monitoring/performance/performance_bar.md
index 15eab7dcab0..2cc78ccc03c 100644
--- a/doc/administration/monitoring/performance/performance_bar.md
+++ b/doc/administration/monitoring/performance/performance_bar.md
@@ -14,8 +14,6 @@ It allows you to see (from left to right):
   ![Gitaly profiling using the Performance Bar](img/performance_bar_gitaly_calls.png)
 - time taken and number of [Rugged] calls, click through for details of these calls
   ![Rugged profiling using the Performance Bar](img/performance_bar_rugged_calls.png)
-- profile of the code used to generate the page, line by line. In the profile view, the numbers in the left panel represent wall time, cpu time, and number of calls (based on [rblineprof](https://github.com/tmm1/rblineprof)).
-  ![Line profiling using the Performance Bar](img/performance_bar_line_profiling.png)
 - time taken and number of Redis calls, click through for details of these calls
   ![Redis profiling using the Performance Bar](img/performance_bar_redis_calls.png)
 - time taken and number of Ruby GC calls
diff --git a/lib/peek/rblineprof/custom_controller_helpers.rb b/lib/peek/rblineprof/custom_controller_helpers.rb
deleted file mode 100644
index 581cc6a37b4..00000000000
--- a/lib/peek/rblineprof/custom_controller_helpers.rb
+++ /dev/null
@@ -1,124 +0,0 @@
-# frozen_string_literal: true
-
-module Peek
-  module Rblineprof
-    module CustomControllerHelpers
-      extend ActiveSupport::Concern
-
-      # This will become useless once https://github.com/peek/peek-rblineprof/pull/5
-      # is merged
-      def pygmentize(file_name, code, lexer = nil)
-        if lexer.present?
-          Gitlab::Highlight.highlight(file_name, code)
-        else
-          "<pre>#{Rack::Utils.escape_html(code)}</pre>"
-        end
-      end
-
-      # rubocop:disable all
-      def inject_rblineprof
-        ret = nil
-        profile = lineprof(rblineprof_profiler_regex) do
-          ret = yield
-        end
-
-        if response.content_type =~ %r|text/html|
-          sort = params[:lineprofiler_sort]
-          mode = params[:lineprofiler_mode] || 'cpu'
-          min  = (params[:lineprofiler_min] || 5).to_i * 1000
-          summary = params[:lineprofiler_summary]
-
-          # Sort each file by the longest calculated time
-          per_file = profile.map do |file, lines|
-            total, child, excl, total_cpu, child_cpu, excl_cpu = lines[0]
-
-            wall = summary == 'exclusive' ? excl : total
-            cpu  = summary == 'exclusive' ? excl_cpu : total_cpu
-            idle = summary == 'exclusive' ? (excl - excl_cpu) : (total - total_cpu)
-
-            [
-              file, lines,
-              wall, cpu, idle,
-              sort == 'idle' ? idle : sort == 'cpu' ? cpu : wall
-            ]
-          end.sort_by{ |a,b,c,d,e,f| -f }
-
-          output = ["<div class='modal-dialog modal-xl'><div class='modal-content'>"]
-          output << "<div class='modal-header'>"
-          output << "<h4>Line profiling: #{human_description(params[:lineprofiler])}</h4>"
-          output << "<button class='close' type='button' data-dismiss='modal' aria-label='close'><span aria-hidden='true'>&times;</span></button>"
-          output << "</div>"
-          output << "<div class='modal-body'>"
-
-          per_file.each do |file_name, lines, file_wall, file_cpu, file_idle, file_sort|
-            output << "<div class='peek-rblineprof-file'><div class='heading'>"
-
-            show_src = file_sort > min
-            tmpl = show_src ? "<a href='#' class='js-lineprof-file'>%s</a>" : "%s"
-
-            if mode == 'cpu'
-              output << sprintf("<span class='duration'>% 8.1fms + % 8.1fms</span> #{tmpl}", file_cpu / 1000.0, file_idle / 1000.0, file_name.sub(Rails.root.to_s + '/', ''))
-            else
-              output << sprintf("<span class='duration'>% 8.1fms</span> #{tmpl}", file_wall/1000.0, file_name.sub(Rails.root.to_s + '/', ''))
-            end
-
-            output << "</div>" # .heading
-
-            next unless show_src
-
-            output << "<div class='data'>"
-            code = []
-            times = []
-            File.readlines(file_name).each_with_index do |line, i|
-              code << line
-              wall, cpu, calls = lines[i + 1]
-
-              if calls && calls > 0
-                if mode == 'cpu'
-                  idle = wall - cpu
-                  times << sprintf("% 8.1fms + % 8.1fms (% 5d)", cpu / 1000.0, idle / 1000.0, calls)
-                else
-                  times << sprintf("% 8.1fms (% 5d)", wall / 1000.0, calls)
-                end
-              else
-                times << ' '
-              end
-            end
-            output << "<pre class='duration'>#{times.join("\n")}</pre>"
-            # The following line was changed from
-            # https://github.com/peek/peek-rblineprof/blob/8d3b7a283a27de2f40abda45974516693d882258/lib/peek/rblineprof/controller_helpers.rb#L125
-            # This will become useless once https://github.com/peek/peek-rblineprof/pull/16
-            # is merged and is implemented.
-            output << "<pre class='code highlight white'>#{pygmentize(file_name, code.join, 'ruby')}</pre>"
-            output << "</div></div>" # .data then .peek-rblineprof-file
-          end
-
-          output << "</div></div></div>"
-
-          response.body += "<div class='modal' id='modal-peek-line-profile' tabindex=-1>#{output.join}</div>".html_safe
-        end
-
-        ret
-      end
-
-      private
-
-      def human_description(lineprofiler_param)
-        case lineprofiler_param
-        when 'app'
-          'app/ & lib/'
-        when 'views'
-          'app/view/'
-        when 'gems'
-          'vendor/gems'
-        when 'all'
-          'everything in Rails.root'
-        when 'stdlib'
-          'everything in the Ruby standard library'
-        else
-          'app/, config/, lib/, vendor/ & plugin/'
-        end
-      end
-    end
-  end
-end
diff --git a/lib/peek/views/redis_detailed.rb b/lib/peek/views/redis_detailed.rb
index a64ea672895..b95307deddb 100644
--- a/lib/peek/views/redis_detailed.rb
+++ b/lib/peek/views/redis_detailed.rb
@@ -22,7 +22,7 @@ module Gitlab
         detail_store << {
           cmd: args.first,
           duration: duration,
-          backtrace: Gitlab::Profiler.clean_backtrace(caller)
+          backtrace: ::Gitlab::Profiler.clean_backtrace(caller)
         }
       end
 
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index c65f5b22f6e..591dc2a7e39 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -7604,9 +7604,6 @@ msgstr ""
 msgid "PerformanceBar|SQL queries"
 msgstr ""
 
-msgid "PerformanceBar|profile"
-msgstr ""
-
 msgid "PerformanceBar|trace"
 msgstr ""
 
diff --git a/vendor/licenses.csv b/vendor/licenses.csv
index bf6d05c6b6e..0c445aeac88 100644
--- a/vendor/licenses.csv
+++ b/vendor/licenses.csv
@@ -816,7 +816,6 @@ pbkdf2,3.0.14,MIT
 peek,1.0.1,MIT
 peek-gc,0.0.2,MIT
 peek-mysql2,1.1.0,MIT
-peek-rblineprof,0.2.0,MIT
 peek-redis,1.2.0,MIT
 pg,0.18.4,"BSD,ruby,GPL"
 pify,3.0.0,MIT
-- 
cgit v1.2.1


From 96f8a282c6ad1a598b4720c38a34646d0dc0439e Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Tue, 30 Jul 2019 10:51:29 +0000
Subject: Fix secpick pushing to stable branch

---
 bin/secpick | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/secpick b/bin/secpick
index d01304285b6..8a61356a088 100755
--- a/bin/secpick
+++ b/bin/secpick
@@ -45,7 +45,7 @@ module Secpick
 
     def git_commands
       ["git fetch #{@options[:remote]} #{stable_branch}",
-       "git checkout -B #{source_branch} #{@options[:remote]}/#{stable_branch}",
+       "git checkout -B #{source_branch} #{@options[:remote]}/#{stable_branch} --no-track",
        "git cherry-pick #{@options[:sha]}",
        "git push #{@options[:remote]} #{source_branch}",
        "git checkout #{original_branch}"]
-- 
cgit v1.2.1


From 25de90bb241853186aee2e25f753d6ae1bf5b1cb Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Tue, 30 Jul 2019 12:58:36 +0100
Subject: Fix broken internal links in docs

---
 doc/install/installation.md                   | 2 +-
 doc/user/clusters/applications.md             | 2 +-
 doc/user/project/repository/branches/index.md | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/doc/install/installation.md b/doc/install/installation.md
index 06ec00cecc4..46ee980841b 100644
--- a/doc/install/installation.md
+++ b/doc/install/installation.md
@@ -6,7 +6,7 @@ type: howto
 
 This is the official installation guide to set up a production GitLab server
 using the source files. To set up a **development installation** or for many
-other installation options, see the [main installation page](index.md).
+other installation options, see the [main installation page](README.md).
 It was created for and tested on **Debian/Ubuntu** operating systems.
 Read [requirements.md](requirements.md) for hardware and operating system requirements.
 If you want to install on RHEL/CentOS, we recommend using the
diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md
index e1a6f8fcf71..1bc43f4b7a4 100644
--- a/doc/user/clusters/applications.md
+++ b/doc/user/clusters/applications.md
@@ -95,7 +95,7 @@ CI/CD](../../ci/README.md), the open-source continuous integration
 service included with GitLab that coordinates the jobs. When installing
 the GitLab Runner via the applications, it will run in **privileged
 mode** by default. Make sure you read the [security
-implications](../project/clusters/index.md/#security-implications) before doing so.
+implications](../project/clusters/index.md#security-implications) before doing so.
 
 NOTE: **Note:**
 The
diff --git a/doc/user/project/repository/branches/index.md b/doc/user/project/repository/branches/index.md
index 0858e8b2624..a864665602e 100644
--- a/doc/user/project/repository/branches/index.md
+++ b/doc/user/project/repository/branches/index.md
@@ -13,7 +13,7 @@ After pushing your changes to a new branch, you can:
 
 - Create a [merge request](../../merge_requests/index.md)
 - Perform inline code review
-- [Discuss](../../discussions/index.md) your implementation with your team
+- [Discuss](../../../discussions/index.md) your implementation with your team
 - Preview changes submitted to a new branch with [Review Apps](../../../../ci/review_apps/index.md).
 
 With [GitLab Starter](https://about.gitlab.com/pricing/), you can also request
-- 
cgit v1.2.1


From 916183a7fd63f772a8493c9ac782b465503f9d13 Mon Sep 17 00:00:00 2001
From: Yorick Peterse <yorickpeterse@gmail.com>
Date: Tue, 23 Jul 2019 16:51:13 +0200
Subject: Add methods for injecting EE modules

This adds the methods prepend_if_ee, extend_if_ee, and include_if_ee
that can be used to inject EE specific modules in EE.

These methods are exposed as an initializer that is loaded as soon as
possible. For tests that use fast_spec_helper.rb we must load this
initializer manually, as the Rails environment is not loaded. This is
not the most pretty setup, but unfortunately there is no alternative
that we can use.
---
 .../initializers/0_inject_enterprise_edition_module.rb  | 17 +++++++++++++++++
 spec/fast_spec_helper.rb                                |  1 +
 2 files changed, 18 insertions(+)
 create mode 100644 config/initializers/0_inject_enterprise_edition_module.rb

diff --git a/config/initializers/0_inject_enterprise_edition_module.rb b/config/initializers/0_inject_enterprise_edition_module.rb
new file mode 100644
index 00000000000..4b21732e179
--- /dev/null
+++ b/config/initializers/0_inject_enterprise_edition_module.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module InjectEnterpriseEditionModule
+  def prepend_if_ee(constant)
+    prepend(constant.constantize) if Gitlab.ee?
+  end
+
+  def extend_if_ee(constant)
+    extend(constant.constantize) if Gitlab.ee?
+  end
+
+  def include_if_ee(constant)
+    include(constant.constantize) if Gitlab.ee?
+  end
+end
+
+Module.prepend(InjectEnterpriseEditionModule)
diff --git a/spec/fast_spec_helper.rb b/spec/fast_spec_helper.rb
index 91ef7653822..f5a487b4d57 100644
--- a/spec/fast_spec_helper.rb
+++ b/spec/fast_spec_helper.rb
@@ -4,6 +4,7 @@ ENV['GITLAB_ENV'] = 'test'
 ENV['IN_MEMORY_APPLICATION_SETTINGS'] = 'true'
 
 require 'active_support/dependencies'
+require_relative '../config/initializers/0_inject_enterprise_edition_module'
 require_relative '../config/settings'
 require_relative 'support/rspec'
 require 'active_support/all'
-- 
cgit v1.2.1


From cc6619a80f5a101619d3631a05c61c8561705f69 Mon Sep 17 00:00:00 2001
From: Yorick Peterse <yorickpeterse@gmail.com>
Date: Fri, 26 Jul 2019 14:52:18 +0200
Subject: Extend cop for verifying injecting of EE modules

This extends the InjectEnterpriseEditionModule RuboCop cop so that it
verifies the following:

1. The line number the injection occurs on (as before).
2. The method used (e.g. prepend instead of prepend_if_ee).
3. The argument type passed when using the new module injection methods.
---
 rubocop/cop/inject_enterprise_edition_module.rb    |  48 ++++++-
 .../cop/inject_enterprise_edition_module_spec.rb   | 144 +++++++++++++++------
 2 files changed, 143 insertions(+), 49 deletions(-)

diff --git a/rubocop/cop/inject_enterprise_edition_module.rb b/rubocop/cop/inject_enterprise_edition_module.rb
index 1d37b1bd12d..e0e1b2d6c7d 100644
--- a/rubocop/cop/inject_enterprise_edition_module.rb
+++ b/rubocop/cop/inject_enterprise_edition_module.rb
@@ -6,23 +6,39 @@ module RuboCop
     # the last line of a file. Injecting a module in the middle of a file will
     # cause merge conflicts, while placing it on the last line will not.
     class InjectEnterpriseEditionModule < RuboCop::Cop::Cop
-      MSG = 'Injecting EE modules must be done on the last line of this file' \
-        ', outside of any class or module definitions'
+      INVALID_LINE = 'Injecting EE modules must be done on the last line of this file' \
+          ', outside of any class or module definitions'
 
-      METHODS = Set.new(%i[include extend prepend]).freeze
+      DISALLOWED_METHOD =
+        'EE modules must be injected using `include_if_ee`, `extend_if_ee`, or `prepend_if_ee`'
+
+      INVALID_ARGUMENT = 'EE modules to inject must be specified as a String'
+
+      CHECK_LINE_METHODS =
+        Set.new(%i[include_if_ee extend_if_ee prepend_if_ee]).freeze
+
+      DISALLOW_METHODS = Set.new(%i[include extend prepend]).freeze
 
       def ee_const?(node)
         line = node.location.expression.source_line
 
         # We use `match?` here instead of RuboCop's AST matching, as this makes
         # it far easier to handle nested constants such as `EE::Foo::Bar::Baz`.
-        line.match?(/(\s|\()(::)?EE::/)
+        line.match?(/(\s|\()('|")?(::)?EE::/)
       end
 
       def on_send(node)
-        return unless METHODS.include?(node.children[1])
-        return unless ee_const?(node.children[2])
+        return unless check_method?(node)
 
+        if DISALLOW_METHODS.include?(node.children[1])
+          add_offense(node, message: DISALLOWED_METHOD)
+        else
+          verify_line_number(node)
+          verify_argument_type(node)
+        end
+      end
+
+      def verify_line_number(node)
         line = node.location.line
         buffer = node.location.expression.source_buffer
         last_line = buffer.last_line
@@ -32,7 +48,25 @@ module RuboCop
         # the expression is the last line _of code_.
         last_line -= 1 if buffer.source.end_with?("\n")
 
-        add_offense(node) if line < last_line
+        add_offense(node, message: INVALID_LINE) if line < last_line
+      end
+
+      def verify_argument_type(node)
+        argument = node.children[2]
+
+        return if argument.str_type?
+
+        add_offense(argument, message: INVALID_ARGUMENT)
+      end
+
+      def check_method?(node)
+        name = node.children[1]
+
+        if CHECK_LINE_METHODS.include?(name) || DISALLOW_METHODS.include?(name)
+          ee_const?(node.children[2])
+        else
+          false
+        end
       end
 
       # Automatically correcting these offenses is not always possible, as
diff --git a/spec/rubocop/cop/inject_enterprise_edition_module_spec.rb b/spec/rubocop/cop/inject_enterprise_edition_module_spec.rb
index 0ff777388e5..27df42c0aee 100644
--- a/spec/rubocop/cop/inject_enterprise_edition_module_spec.rb
+++ b/spec/rubocop/cop/inject_enterprise_edition_module_spec.rb
@@ -10,91 +10,91 @@ describe RuboCop::Cop::InjectEnterpriseEditionModule do
 
   subject(:cop) { described_class.new }
 
-  it 'flags the use of `prepend EE` in the middle of a file' do
+  it 'flags the use of `prepend_if_ee EE` in the middle of a file' do
     expect_offense(<<~SOURCE)
     class Foo
-      prepend EE::Foo
-      ^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
+      prepend_if_ee 'EE::Foo'
+      ^^^^^^^^^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
     end
     SOURCE
   end
 
-  it 'does not flag the use of `prepend EEFoo` in the middle of a file' do
+  it 'does not flag the use of `prepend_if_ee EEFoo` in the middle of a file' do
     expect_no_offenses(<<~SOURCE)
     class Foo
-      prepend EEFoo
+      prepend_if_ee 'EEFoo'
     end
     SOURCE
   end
 
-  it 'flags the use of `prepend EE::Foo::Bar` in the middle of a file' do
+  it 'flags the use of `prepend_if_ee EE::Foo::Bar` in the middle of a file' do
     expect_offense(<<~SOURCE)
     class Foo
-      prepend EE::Foo::Bar
-      ^^^^^^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
+      prepend_if_ee 'EE::Foo::Bar'
+      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
     end
     SOURCE
   end
 
-  it 'flags the use of `prepend(EE::Foo::Bar)` in the middle of a file' do
+  it 'flags the use of `prepend_if_ee(EE::Foo::Bar)` in the middle of a file' do
     expect_offense(<<~SOURCE)
     class Foo
-      prepend(EE::Foo::Bar)
-      ^^^^^^^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
+      prepend_if_ee('EE::Foo::Bar')
+      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
     end
     SOURCE
   end
 
-  it 'flags the use of `prepend EE::Foo::Bar::Baz` in the middle of a file' do
+  it 'flags the use of `prepend_if_ee EE::Foo::Bar::Baz` in the middle of a file' do
     expect_offense(<<~SOURCE)
     class Foo
-      prepend EE::Foo::Bar::Baz
-      ^^^^^^^^^^^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
+      prepend_if_ee 'EE::Foo::Bar::Baz'
+      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
     end
     SOURCE
   end
 
-  it 'flags the use of `prepend ::EE` in the middle of a file' do
+  it 'flags the use of `prepend_if_ee ::EE` in the middle of a file' do
     expect_offense(<<~SOURCE)
     class Foo
-      prepend ::EE::Foo
-      ^^^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
+      prepend_if_ee '::EE::Foo'
+      ^^^^^^^^^^^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
     end
     SOURCE
   end
 
-  it 'flags the use of `include EE` in the middle of a file' do
+  it 'flags the use of `include_if_ee EE` in the middle of a file' do
     expect_offense(<<~SOURCE)
     class Foo
-      include EE::Foo
-      ^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
+      include_if_ee 'EE::Foo'
+      ^^^^^^^^^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
     end
     SOURCE
   end
 
-  it 'flags the use of `include ::EE` in the middle of a file' do
+  it 'flags the use of `include_if_ee ::EE` in the middle of a file' do
     expect_offense(<<~SOURCE)
     class Foo
-      include ::EE::Foo
-      ^^^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
+      include_if_ee '::EE::Foo'
+      ^^^^^^^^^^^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
     end
     SOURCE
   end
 
-  it 'flags the use of `extend EE` in the middle of a file' do
+  it 'flags the use of `extend_if_ee EE` in the middle of a file' do
     expect_offense(<<~SOURCE)
     class Foo
-      extend EE::Foo
-      ^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
+      extend_if_ee 'EE::Foo'
+      ^^^^^^^^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
     end
     SOURCE
   end
 
-  it 'flags the use of `extend ::EE` in the middle of a file' do
+  it 'flags the use of `extend_if_ee ::EE` in the middle of a file' do
     expect_offense(<<~SOURCE)
     class Foo
-      extend ::EE::Foo
-      ^^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
+      extend_if_ee '::EE::Foo'
+      ^^^^^^^^^^^^^^^^^^^^^^^^ Injecting EE modules must be done on the last line of this file, outside of any class or module definitions
     end
     SOURCE
   end
@@ -102,7 +102,7 @@ describe RuboCop::Cop::InjectEnterpriseEditionModule do
   it 'does not flag prepending of regular modules' do
     expect_no_offenses(<<~SOURCE)
     class Foo
-      prepend Foo
+      prepend_if_ee 'Foo'
     end
     SOURCE
   end
@@ -110,7 +110,7 @@ describe RuboCop::Cop::InjectEnterpriseEditionModule do
   it 'does not flag including of regular modules' do
     expect_no_offenses(<<~SOURCE)
     class Foo
-      include Foo
+      include_if_ee 'Foo'
     end
     SOURCE
   end
@@ -118,51 +118,111 @@ describe RuboCop::Cop::InjectEnterpriseEditionModule do
   it 'does not flag extending using regular modules' do
     expect_no_offenses(<<~SOURCE)
     class Foo
-      extend Foo
+      extend_if_ee 'Foo'
     end
     SOURCE
   end
 
-  it 'does not flag the use of `prepend EE` on the last line' do
+  it 'does not flag the use of `prepend_if_ee EE` on the last line' do
     expect_no_offenses(<<~SOURCE)
     class Foo
     end
 
-    Foo.prepend(EE::Foo)
+    Foo.prepend_if_ee('EE::Foo')
     SOURCE
   end
 
-  it 'does not flag the use of `include EE` on the last line' do
+  it 'does not flag the use of `include_if_ee EE` on the last line' do
     expect_no_offenses(<<~SOURCE)
     class Foo
     end
 
-    Foo.include(EE::Foo)
+    Foo.include_if_ee('EE::Foo')
     SOURCE
   end
 
-  it 'does not flag the use of `extend EE` on the last line' do
+  it 'does not flag the use of `extend_if_ee EE` on the last line' do
     expect_no_offenses(<<~SOURCE)
     class Foo
     end
 
-    Foo.extend(EE::Foo)
+    Foo.extend_if_ee('EE::Foo')
     SOURCE
   end
 
   it 'autocorrects offenses by just disabling the Cop' do
     source = <<~SOURCE
     class Foo
-      prepend EE::Foo
-      include Bar
+      prepend_if_ee 'EE::Foo'
+      include_if_ee 'Bar'
     end
     SOURCE
 
     expect(autocorrect_source(source)).to eq(<<~SOURCE)
     class Foo
-      prepend EE::Foo # rubocop: disable Cop/InjectEnterpriseEditionModule
-      include Bar
+      prepend_if_ee 'EE::Foo' # rubocop: disable Cop/InjectEnterpriseEditionModule
+      include_if_ee 'Bar'
+    end
+    SOURCE
+  end
+
+  it 'disallows the use of prepend to inject an EE module' do
+    expect_offense(<<~SOURCE)
+    class Foo
+    end
+
+    Foo.prepend(EE::Foo)
+    ^^^^^^^^^^^^^^^^^^^^ EE modules must be injected using `include_if_ee`, `extend_if_ee`, or `prepend_if_ee`
+    SOURCE
+  end
+
+  it 'disallows the use of extend to inject an EE module' do
+    expect_offense(<<~SOURCE)
+    class Foo
     end
+
+    Foo.extend(EE::Foo)
+    ^^^^^^^^^^^^^^^^^^^ EE modules must be injected using `include_if_ee`, `extend_if_ee`, or `prepend_if_ee`
+    SOURCE
+  end
+
+  it 'disallows the use of include to inject an EE module' do
+    expect_offense(<<~SOURCE)
+    class Foo
+    end
+
+    Foo.include(EE::Foo)
+    ^^^^^^^^^^^^^^^^^^^^ EE modules must be injected using `include_if_ee`, `extend_if_ee`, or `prepend_if_ee`
+    SOURCE
+  end
+
+  it 'disallows the use of prepend_if_ee without a String' do
+    expect_offense(<<~SOURCE)
+    class Foo
+    end
+
+    Foo.prepend_if_ee(EE::Foo)
+                      ^^^^^^^ EE modules to inject must be specified as a String
+    SOURCE
+  end
+
+  it 'disallows the use of include_if_ee without a String' do
+    expect_offense(<<~SOURCE)
+    class Foo
+    end
+
+    Foo.include_if_ee(EE::Foo)
+                      ^^^^^^^ EE modules to inject must be specified as a String
+    SOURCE
+  end
+
+  it 'disallows the use of extend_if_ee without a String' do
+    expect_offense(<<~SOURCE)
+    class Foo
+    end
+
+    Foo.extend_if_ee(EE::Foo)
+                     ^^^^^^^ EE modules to inject must be specified as a String
     SOURCE
   end
 end
-- 
cgit v1.2.1


From 3ecf41ecaff4f677aad2444d28d0bbeabcbc3333 Mon Sep 17 00:00:00 2001
From: Yorick Peterse <yorickpeterse@gmail.com>
Date: Tue, 30 Jul 2019 15:00:53 +0200
Subject: Added docs for the new EE injection methods

---
 doc/development/ee_features.md | 46 +++++++++++++++++++++++-------------------
 1 file changed, 25 insertions(+), 21 deletions(-)

diff --git a/doc/development/ee_features.md b/doc/development/ee_features.md
index 7131b717353..2217dedccd3 100644
--- a/doc/development/ee_features.md
+++ b/doc/development/ee_features.md
@@ -125,20 +125,24 @@ This also applies to views.
 ### EE features based on CE features
 
 For features that build on existing CE features, write a module in the `EE`
-namespace and `prepend` it in the CE class, on the last line of the file that
-the class resides in. This makes conflicts less likely to happen during CE to EE
-merges because only one line is added to the CE class - the `prepend` line. For
-example, to prepend a module into the `User` class you would use the following
-approach:
+namespace and inject it in the CE class, on the last line of the file that the
+class resides in. This makes conflicts less likely to happen during CE to EE
+merges because only one line is added to the CE class - the line that injects
+the module. For example, to prepend a module into the `User` class you would use
+the following approach:
 
 ```ruby
 class User < ActiveRecord::Base
   # ... lots of code here ...
 end
 
-User.prepend(EE::User)
+User.prepend_if_ee('EE::User')
 ```
 
+Do not use methods such as `prepend`, `extend`, and `include`. Instead, use
+`prepend_if_ee`, `extend_if_ee`, or `include_if_ee`. These methods take a
+_String_ containing the full module name as the argument, not the module itself.
+
 Since the module would require an `EE` namespace, the file should also be
 put in an `ee/` sub-directory. For example, we want to extend the user model
 in EE, so we have a module called `::EE::User` put inside
@@ -255,7 +259,7 @@ class ApplicationController < ActionController::Base
   # ...
 end
 
-ApplicationController.prepend(EE::ApplicationController)
+ApplicationController.prepend_if_ee('EE::ApplicationController')
 ```
 
 And create a new file in the `ee/` sub-directory with the altered
@@ -504,9 +508,9 @@ EE-specific LDAP classes in `ee/lib/ee/gitlab/ldap`.
 
 ### Code in `lib/api/`
 
-It can be very tricky to extend EE features by a single line of `prepend`,
-and for each different [Grape](https://github.com/ruby-grape/grape) feature,
-we might need different strategies to extend it. To apply different strategies
+It can be very tricky to extend EE features by a single line of `prepend_if_ee`,
+and for each different [Grape](https://github.com/ruby-grape/grape) feature, we
+might need different strategies to extend it. To apply different strategies
 easily, we would use `extend ActiveSupport::Concern` in the EE module.
 
 Put the EE module files following
@@ -543,12 +547,12 @@ constants.
 We can define `params` and utilize `use` in another `params` definition to
 include params defined in EE. However, we need to define the "interface" first
 in CE in order for EE to override it. We don't have to do this in other places
-due to `prepend`, but Grape is complex internally and we couldn't easily do
-that, so we'll follow regular object-oriented practices that we define the
+due to `prepend_if_ee`, but Grape is complex internally and we couldn't easily
+do that, so we'll follow regular object-oriented practices that we define the
 interface first here.
 
 For example, suppose we have a few more optional params for EE. We can move the
-params out of the `Grape::API` class to a helper module, so we can `prepend` it
+params out of the `Grape::API` class to a helper module, so we can inject it
 before it would be used in the class.
 
 ```ruby
@@ -583,7 +587,7 @@ module API
   end
 end
 
-API::Helpers::ProjectsHelpers.prepend(EE::API::Helpers::ProjectsHelpers)
+API::Helpers::ProjectsHelpers.prepend_if_ee('EE::API::Helpers::ProjectsHelpers')
 ```
 
 We could override it in EE module:
@@ -624,7 +628,7 @@ module API
   end
 end
 
-API::JobArtifacts.prepend(EE::API::JobArtifacts)
+API::JobArtifacts.prepend_if_ee('EE::API::JobArtifacts')
 ```
 
 And then we can follow regular object-oriented practices to override it:
@@ -677,7 +681,7 @@ module API
   end
 end
 
-API::MergeRequests.prepend(EE::API::MergeRequests)
+API::MergeRequests.prepend_if_ee('EE::API::MergeRequests')
 ```
 
 Note that `update_merge_request_ee` doesn't do anything in CE, but
@@ -717,8 +721,8 @@ Sometimes we need to use different arguments for a particular API route, and we
 can't easily extend it with an EE module because Grape has different context in
 different blocks. In order to overcome this, we need to move the data to a class
 method that resides in a separate module or class. This allows us to extend that
-module or class before its data is used, without having to place a `prepend` in
-the middle of CE code.
+module or class before its data is used, without having to place a
+`prepend_if_ee` in the middle of CE code.
 
 For example, in one place we need to pass an extra argument to
 `at_least_one_of` so that the API could consider an EE-only argument as the
@@ -739,7 +743,7 @@ module API
   end
 end
 
-API::MergeRequests::Parameters.prepend(EE::API::MergeRequests::Parameters)
+API::MergeRequests::Parameters.prepend_if_ee('EE::API::MergeRequests::Parameters')
 
 # api/merge_requests.rb
 module API
@@ -789,7 +793,7 @@ class Identity < ActiveRecord::Base
     [:provider]
   end
 
-  prepend EE::Identity
+  prepend_if_ee('EE::Identity')
 
   validates :extern_uid,
     allow_blank: true,
@@ -841,7 +845,7 @@ class Identity < ActiveRecord::Base
   end
 end
 
-Identity::UniquenessScopes.prepend(EE::Identity::UniquenessScopes)
+Identity::UniquenessScopes.prepend_if_ee('EE::Identity::UniquenessScopes')
 
 # app/models/identity.rb
 class Identity < ActiveRecord::Base
-- 
cgit v1.2.1


From 00d33c9d9a05144cebf9f41f870a53d435bb1ffc Mon Sep 17 00:00:00 2001
From: Enrique Alcantara <ealcantara@gitlab.com>
Date: Mon, 29 Jul 2019 16:15:11 -0400
Subject: Emit dropdown show event in boards_selector test

---
 spec/javascripts/boards/components/boards_selector_spec.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/spec/javascripts/boards/components/boards_selector_spec.js b/spec/javascripts/boards/components/boards_selector_spec.js
index 504bc51778c..473cc0612ea 100644
--- a/spec/javascripts/boards/components/boards_selector_spec.js
+++ b/spec/javascripts/boards/components/boards_selector_spec.js
@@ -76,7 +76,8 @@ describe('BoardsSelector', () => {
       document.querySelector('.js-boards-selector'),
     );
 
-    vm.$el.querySelector('.js-dropdown-toggle').click();
+    // Emits gl-dropdown show event to simulate the dropdown is opened at initialization time
+    vm.$children[0].$emit('show');
 
     Promise.all([allBoardsResponse, recentBoardsResponse])
       .then(() => vm.$nextTick())
-- 
cgit v1.2.1


From 012fe3141e11f29b0a25985425dd7de96bf436c9 Mon Sep 17 00:00:00 2001
From: Hordur Freyr Yngvason <hfyngvason@gitlab.com>
Date: Tue, 30 Jul 2019 13:52:28 +0000
Subject: Fix broken update_project_templates rake task

This rake task had been broken for a while. This fixes the breakages,
adds a test to help avoid future breakages, and adds a few ergonomic
improvements to the task itself.
---
 lib/gitlab/project_template.rb                  | 10 ++--
 lib/tasks/gitlab/update_templates.rake          | 62 ++++++++++++++++++-------
 spec/lib/gitlab/project_template_spec.rb        |  6 +++
 spec/tasks/gitlab/update_templates_rake_spec.rb | 25 ++++++++++
 4 files changed, 83 insertions(+), 20 deletions(-)
 create mode 100644 spec/tasks/gitlab/update_templates_rake_spec.rb

diff --git a/lib/gitlab/project_template.rb b/lib/gitlab/project_template.rb
index 99885be8755..dbf469a44c1 100644
--- a/lib/gitlab/project_template.rb
+++ b/lib/gitlab/project_template.rb
@@ -13,11 +13,15 @@ module Gitlab
     end
 
     def archive_path
-      Rails.root.join("vendor/project_templates/#{name}.tar.gz")
+      self.class.archive_directory.join(archive_filename)
+    end
+
+    def archive_filename
+      "#{name}.tar.gz"
     end
 
     def clone_url
-      "https://gitlab.com/gitlab-org/project-templates/#{name}.git"
+      "#{preview}.git"
     end
 
     def ==(other)
@@ -54,7 +58,7 @@ module Gitlab
       end
 
       def archive_directory
-        Rails.root.join("vendor_directory/project_templates")
+        Rails.root.join("vendor/project_templates")
       end
     end
   end
diff --git a/lib/tasks/gitlab/update_templates.rake b/lib/tasks/gitlab/update_templates.rake
index e058e9fe069..8267c235a7f 100644
--- a/lib/tasks/gitlab/update_templates.rake
+++ b/lib/tasks/gitlab/update_templates.rake
@@ -5,25 +5,43 @@ namespace :gitlab do
   end
 
   desc "GitLab | Update project templates"
-  task :update_project_templates do
-    include Gitlab::ImportExport::CommandLineUtil
+  task :update_project_templates, [] => :environment do |_task, args|
+    # we need an instance method from Gitlab::ImportExport::CommandLineUtil and don't
+    # want to include it in the task, as this would affect subsequent tasks as well
+    downloader = Class.new do
+      extend Gitlab::ImportExport::CommandLineUtil
+
+      def self.call(uploader, upload_path)
+        download_or_copy_upload(uploader, upload_path)
+      end
+    end
+
+    template_names = args.extras.to_set
 
     if Rails.env.production?
-      puts "This rake task is not meant fo production instances".red
-      exit(1)
+      raise "This rake task is not meant for production instances"
     end
 
     admin = User.find_by(admin: true)
 
     unless admin
-      puts "No admin user could be found".red
-      exit(1)
+      raise "No admin user could be found"
     end
 
-    Gitlab::ProjectTemplate.all.each do |template|
+    tmp_namespace_path = "tmp-project-import-#{Time.now.to_i}"
+    puts "Creating temporary namespace #{tmp_namespace_path}"
+    tmp_namespace = Namespace.create!(owner: admin, name: tmp_namespace_path, path: tmp_namespace_path)
+
+    templates = if template_names.empty?
+                  Gitlab::ProjectTemplate.all
+                else
+                  Gitlab::ProjectTemplate.all.select { |template| template_names.include?(template.name) }
+                end
+
+    templates.each do |template|
       params = {
         import_url: template.clone_url,
-        namespace_id: admin.namespace.id,
+        namespace_id: tmp_namespace.id,
         path: template.name,
         skip_wiki: true
       }
@@ -32,19 +50,17 @@ namespace :gitlab do
       project = Projects::CreateService.new(admin, params).execute
 
       unless project.persisted?
-        puts project.errors.messages
-        exit(1)
+        raise "Failed to create project: #{project.errors.messages}"
       end
 
       loop do
-        if project.finished?
+        if project.import_finished?
           puts "Import finished for #{template.name}"
           break
         end
 
-        if project.failed?
-          puts "Failed to import from #{project_params[:import_url]}".red
-          exit(1)
+        if project.import_failed?
+          raise "Failed to import from #{project_params[:import_url]}"
         end
 
         puts "Waiting for the import to finish"
@@ -54,11 +70,23 @@ namespace :gitlab do
       end
 
       Projects::ImportExport::ExportService.new(project, admin).execute
-      download_or_copy_upload(project.export_file, template.archive_path)
-      Projects::DestroyService.new(admin, project).execute
+      downloader.call(project.export_file, template.archive_path)
+
+      unless Projects::DestroyService.new(project, admin).execute
+        puts "Failed to destroy project #{template.name} (but namespace will be cleaned up later)"
+      end
+
       puts "Exported #{template.name}".green
     end
-    puts "Done".green
+
+    success = true
+  ensure
+    if tmp_namespace
+      puts "Destroying temporary namespace #{tmp_namespace_path}"
+      tmp_namespace.destroy
+    end
+
+    puts "Done".green if success
   end
 
   def update(template)
diff --git a/spec/lib/gitlab/project_template_spec.rb b/spec/lib/gitlab/project_template_spec.rb
index 8c2fc048a54..8b82ea7faa5 100644
--- a/spec/lib/gitlab/project_template_spec.rb
+++ b/spec/lib/gitlab/project_template_spec.rb
@@ -44,6 +44,12 @@ describe Gitlab::ProjectTemplate do
     end
   end
 
+  describe '.archive_directory' do
+    subject { described_class.archive_directory }
+
+    it { is_expected.to be_a Pathname }
+  end
+
   describe 'instance methods' do
     subject { described_class.new('phoenix', 'Phoenix Framework', 'Phoenix description', 'link-to-template') }
 
diff --git a/spec/tasks/gitlab/update_templates_rake_spec.rb b/spec/tasks/gitlab/update_templates_rake_spec.rb
new file mode 100644
index 00000000000..7b17549b8c7
--- /dev/null
+++ b/spec/tasks/gitlab/update_templates_rake_spec.rb
@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+require 'rake_helper'
+
+describe 'gitlab:update_project_templates rake task' do
+  let!(:tmpdir) { Dir.mktmpdir }
+
+  before do
+    Rake.application.rake_require 'tasks/gitlab/update_templates'
+    create(:admin)
+    allow(Gitlab::ProjectTemplate)
+      .to receive(:archive_directory)
+        .and_return(Pathname.new(tmpdir))
+  end
+
+  after do
+    FileUtils.rm_rf(tmpdir)
+  end
+
+  it 'updates valid project templates' do
+    expect { run_rake_task('gitlab:update_project_templates', ['rails']) }
+      .to change { Dir.entries(tmpdir) }
+        .by(['rails.tar.gz'])
+  end
+end
-- 
cgit v1.2.1


From c34138e09e964bd8c141d9ae7d360c7085affd16 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Mon, 29 Jul 2019 12:47:40 -0700
Subject: Remove pdf.js deprecation warnings

1. `page.getViewpoint()` now takes in JSON instead of an integer.
2. Promises are returned from loading and rendering tasks.

See https://mozilla.github.io/pdf.js/examples/index.html for more
details.
---
 app/assets/javascripts/pdf/index.vue                   | 2 +-
 app/assets/javascripts/pdf/page/index.vue              | 4 ++--
 changelogs/unreleased/sh-remove-pdfjs-deprecations.yml | 5 +++++
 spec/javascripts/pdf/page_spec.js                      | 5 +++--
 4 files changed, 11 insertions(+), 5 deletions(-)
 create mode 100644 changelogs/unreleased/sh-remove-pdfjs-deprecations.yml

diff --git a/app/assets/javascripts/pdf/index.vue b/app/assets/javascripts/pdf/index.vue
index 14640c172cd..bbbd9789dc9 100644
--- a/app/assets/javascripts/pdf/index.vue
+++ b/app/assets/javascripts/pdf/index.vue
@@ -39,7 +39,7 @@ export default {
           cMapUrl: '/assets/webpack/cmaps/',
           cMapPacked: true,
         })
-        .then(this.renderPages)
+        .promise.then(this.renderPages)
         .then(pages => {
           this.pages = pages;
           this.$emit('pdflabload');
diff --git a/app/assets/javascripts/pdf/page/index.vue b/app/assets/javascripts/pdf/page/index.vue
index d933fdf220a..65f84e75e86 100644
--- a/app/assets/javascripts/pdf/page/index.vue
+++ b/app/assets/javascripts/pdf/page/index.vue
@@ -18,7 +18,7 @@ export default {
   },
   computed: {
     viewport() {
-      return this.page.getViewport(this.scale);
+      return this.page.getViewport({ scale: this.scale });
     },
     context() {
       return this.$refs.canvas.getContext('2d');
@@ -36,7 +36,7 @@ export default {
     this.rendering = true;
     this.page
       .render(this.renderContext)
-      .then(() => {
+      .promise.then(() => {
         this.rendering = false;
       })
       .catch(error => {
diff --git a/changelogs/unreleased/sh-remove-pdfjs-deprecations.yml b/changelogs/unreleased/sh-remove-pdfjs-deprecations.yml
new file mode 100644
index 00000000000..a00ceedf3f4
--- /dev/null
+++ b/changelogs/unreleased/sh-remove-pdfjs-deprecations.yml
@@ -0,0 +1,5 @@
+---
+title: Remove pdf.js deprecation warnings
+merge_request: 31253
+author:
+type: fixed
diff --git a/spec/javascripts/pdf/page_spec.js b/spec/javascripts/pdf/page_spec.js
index 6dea570266b..efeb65acf87 100644
--- a/spec/javascripts/pdf/page_spec.js
+++ b/spec/javascripts/pdf/page_spec.js
@@ -17,7 +17,7 @@ describe('Page component', () => {
     pdfjsLib.GlobalWorkerOptions.workerSrc = workerSrc;
     pdfjsLib
       .getDocument(testPDF)
-      .then(pdf => pdf.getPage(1))
+      .promise.then(pdf => pdf.getPage(1))
       .then(page => {
         testPage = page;
       })
@@ -31,7 +31,8 @@ describe('Page component', () => {
 
   it('renders the page when mounting', done => {
     const promise = Promise.resolve();
-    spyOn(testPage, 'render').and.callFake(() => promise);
+    spyOn(testPage, 'render').and.returnValue({ promise });
+
     vm = mountComponent(Component, {
       page: testPage,
       number: 1,
-- 
cgit v1.2.1


From 3b76d2982f2fdacdce5842c68ab3ba68b6cb7842 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Tue, 30 Jul 2019 06:20:27 -0700
Subject: Fix exception handling in Gitaly autodetection

In SELinux, the file cannot be written, and `Errno::EACCES`, not
`Errno::ACCESS` is thrown.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/65328
---
 changelogs/unreleased/sh-fix-gitaly-access-control.yml |  5 +++++
 lib/gitlab/gitaly_client.rb                            |  2 +-
 spec/lib/gitlab/gitaly_client_spec.rb                  | 10 ++++++++++
 3 files changed, 16 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/sh-fix-gitaly-access-control.yml

diff --git a/changelogs/unreleased/sh-fix-gitaly-access-control.yml b/changelogs/unreleased/sh-fix-gitaly-access-control.yml
new file mode 100644
index 00000000000..bdd33f3ff45
--- /dev/null
+++ b/changelogs/unreleased/sh-fix-gitaly-access-control.yml
@@ -0,0 +1,5 @@
+---
+title: Fix exception handling in Gitaly autodetection
+merge_request: 31285
+author:
+type: fixed
diff --git a/lib/gitlab/gitaly_client.rb b/lib/gitlab/gitaly_client.rb
index c98de722fe1..4783832961d 100644
--- a/lib/gitlab/gitaly_client.rb
+++ b/lib/gitlab/gitaly_client.rb
@@ -413,7 +413,7 @@ module Gitlab
       metadata_file = File.read(storage_metadata_file_path(storage))
       metadata_hash = JSON.parse(metadata_file)
       metadata_hash['gitaly_filesystem_id']
-    rescue Errno::ENOENT, Errno::ACCESS, JSON::ParserError
+    rescue Errno::ENOENT, Errno::EACCES, JSON::ParserError
       nil
     end
 
diff --git a/spec/lib/gitlab/gitaly_client_spec.rb b/spec/lib/gitlab/gitaly_client_spec.rb
index e1d24ae8977..e9fb6c0125c 100644
--- a/spec/lib/gitlab/gitaly_client_spec.rb
+++ b/spec/lib/gitlab/gitaly_client_spec.rb
@@ -17,6 +17,16 @@ describe Gitlab::GitalyClient do
     })
   end
 
+  describe '.filesystem_id_from_disk' do
+    it 'catches errors' do
+      [Errno::ENOENT, Errno::EACCES, JSON::ParserError].each do |error|
+        allow(File).to receive(:read).with(described_class.storage_metadata_file_path('default')).and_raise(error)
+
+        expect(described_class.filesystem_id_from_disk('default')).to be_nil
+      end
+    end
+  end
+
   describe '.stub_class' do
     it 'returns the gRPC health check stub' do
       expect(described_class.stub_class(:health_check)).to eq(::Grpc::Health::V1::Health::Stub)
-- 
cgit v1.2.1


From 0c7e13f912847fe5fb7eeb93c1cfd4861d6ec44e Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Tue, 30 Jul 2019 22:29:02 +0800
Subject: Update regular expression to extract stage name

Since now the role name can be:

"<a href=\"/job-families/engineering/test-automation-engineer/\">Senior Test Automation Engineer</a>, Create:Source Code"

We need to cope with </a> in the middle.
---
 lib/gitlab/danger/teammate.rb           | 2 +-
 spec/lib/gitlab/danger/teammate_spec.rb | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/lib/gitlab/danger/teammate.rb b/lib/gitlab/danger/teammate.rb
index b44f134f2c1..74cbcc11255 100644
--- a/lib/gitlab/danger/teammate.rb
+++ b/lib/gitlab/danger/teammate.rb
@@ -39,7 +39,7 @@ module Gitlab
       def has_capability?(project, category, kind, labels)
         case category
         when :test
-          area = role[/Test Automation Engineer, (\w+)/, 1]
+          area = role[/Test Automation Engineer(?:.*?, (\w+))/, 1]
 
           area && labels.any?(area) if kind == :reviewer
         else
diff --git a/spec/lib/gitlab/danger/teammate_spec.rb b/spec/lib/gitlab/danger/teammate_spec.rb
index 6a6cf1429c8..171f2344e82 100644
--- a/spec/lib/gitlab/danger/teammate_spec.rb
+++ b/spec/lib/gitlab/danger/teammate_spec.rb
@@ -40,6 +40,14 @@ describe Gitlab::Danger::Teammate do
         it '#maintainer? returns false' do
           expect(subject.maintainer?(project, :test, labels)).to be_falsey
         end
+
+        context 'when hyperlink is mangled in the role' do
+          let(:role) { '<a href="#">Test Automation Engineer</a>, Create' }
+
+          it '#reviewer? returns true' do
+            expect(subject.reviewer?(project, :test, labels)).to be_truthy
+          end
+        end
       end
 
       context 'when role is Test Automation Engineer, Manage' do
-- 
cgit v1.2.1


From 89a8d02c350a18b23e1ba0f00080e4549d9770ec Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Tue, 30 Jul 2019 23:06:37 +0800
Subject: Use spec_helper than rails_helper

---
 spec/controllers/projects/error_tracking_controller_spec.rb | 2 +-
 spec/features/display_system_header_and_footer_bar_spec.rb  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/controllers/projects/error_tracking_controller_spec.rb b/spec/controllers/projects/error_tracking_controller_spec.rb
index 844c61f1ace..d11ef24ef96 100644
--- a/spec/controllers/projects/error_tracking_controller_spec.rb
+++ b/spec/controllers/projects/error_tracking_controller_spec.rb
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require 'rails_helper'
+require 'spec_helper'
 
 describe Projects::ErrorTrackingController do
   set(:project) { create(:project) }
diff --git a/spec/features/display_system_header_and_footer_bar_spec.rb b/spec/features/display_system_header_and_footer_bar_spec.rb
index af9d9a5834f..e32da1a02bc 100644
--- a/spec/features/display_system_header_and_footer_bar_spec.rb
+++ b/spec/features/display_system_header_and_footer_bar_spec.rb
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require 'rails_helper'
+require 'spec_helper'
 
 describe 'Display system header and footer bar' do
   let(:header_message) { "Foo" }
-- 
cgit v1.2.1


From 8a1fc36e1d3df359c7ab87a5d3b40cf35b2a8604 Mon Sep 17 00:00:00 2001
From: Alex Kalderimis <alex.kalderimis@gmail.com>
Date: Mon, 29 Jul 2019 14:36:35 -0400
Subject: Propagate argument errors as execution errors

---
 app/controllers/graphql_controller.rb       |  4 ++++
 spec/controllers/graphql_controller_spec.rb | 21 +++++++++++++++++++++
 2 files changed, 25 insertions(+)

diff --git a/app/controllers/graphql_controller.rb b/app/controllers/graphql_controller.rb
index 9fbbe373b0d..72d40f709e6 100644
--- a/app/controllers/graphql_controller.rb
+++ b/app/controllers/graphql_controller.rb
@@ -30,6 +30,10 @@ class GraphqlController < ApplicationController
     render_error(exception.message, status: :unprocessable_entity)
   end
 
+  rescue_from Gitlab::Graphql::Errors::ArgumentError do |exception|
+    render_error(exception.message, status: :unprocessable_entity)
+  end
+
   private
 
   def execute_multiplex
diff --git a/spec/controllers/graphql_controller_spec.rb b/spec/controllers/graphql_controller_spec.rb
index c19a752b07b..9937bdf4061 100644
--- a/spec/controllers/graphql_controller_spec.rb
+++ b/spec/controllers/graphql_controller_spec.rb
@@ -7,6 +7,27 @@ describe GraphqlController do
     stub_feature_flags(graphql: true)
   end
 
+  describe 'ArgumentError' do
+    let(:user) { create(:user) }
+    let(:message) { 'green ideas sleep furiously' }
+
+    before do
+      sign_in(user)
+    end
+
+    it 'handles argument errors' do
+      allow(subject).to receive(:execute) do
+        raise Gitlab::Graphql::Errors::ArgumentError, message
+      end
+
+      post :execute
+
+      expect(json_response).to include(
+        'errors' => include(a_hash_including('message' => message))
+      )
+    end
+  end
+
   describe 'POST #execute' do
     context 'when user is logged in' do
       let(:user) { create(:user) }
-- 
cgit v1.2.1


From 8738a83390e640059b5c3f20ec13f4c3c48576ae Mon Sep 17 00:00:00 2001
From: Alex Kalderimis <alex.kalderimis@gmail.com>
Date: Mon, 29 Jul 2019 15:25:41 -0400
Subject: Improves the graphql_helpers used in GraphQL tests

This improves the graphql test helpers, failing earlier and more
explicitly.
---
 spec/support/helpers/graphql_helpers.rb | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/spec/support/helpers/graphql_helpers.rb b/spec/support/helpers/graphql_helpers.rb
index ae1b859ae3f..d86371d70b9 100644
--- a/spec/support/helpers/graphql_helpers.rb
+++ b/spec/support/helpers/graphql_helpers.rb
@@ -3,6 +3,8 @@
 module GraphqlHelpers
   MutationDefinition = Struct.new(:query, :variables)
 
+  NoData = Class.new(StandardError)
+
   # makes an underscored string look like a fieldname
   # "merge_request" => "mergeRequest"
   def self.fieldnamerize(underscored_field_name)
@@ -158,8 +160,9 @@ module GraphqlHelpers
     post_graphql(mutation.query, current_user: current_user, variables: mutation.variables)
   end
 
+  # Raises an error if no data is found
   def graphql_data
-    json_response['data']
+    json_response['data'] || (raise NoData, graphql_errors)
   end
 
   def graphql_errors
@@ -173,8 +176,9 @@ module GraphqlHelpers
     end
   end
 
+  # Raises an error if no response is found
   def graphql_mutation_response(mutation_name)
-    graphql_data[GraphqlHelpers.fieldnamerize(mutation_name)]
+    graphql_data.fetch(GraphqlHelpers.fieldnamerize(mutation_name))
   end
 
   def nested_fields?(field)
-- 
cgit v1.2.1


From 9aa31c8aef56a104fe5007a8994b3936059d3516 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Cunha?= <j.a.cunha@gmail.com>
Date: Tue, 30 Jul 2019 14:12:16 +0100
Subject: Remove typo from factory name

- the typo in this factory name was precluding us from properly
creating dynamic code to remove duplciation.
---
 .../controllers/admin/clusters/applications_controller_spec.rb |  2 +-
 .../groups/clusters/applications_controller_spec.rb            |  2 +-
 spec/factories/clusters/applications/helm.rb                   |  2 +-
 spec/lib/gitlab/usage_data_spec.rb                             |  2 +-
 spec/models/clusters/applications/cert_manager_spec.rb         | 10 +++++-----
 spec/models/clusters/cluster_spec.rb                           |  2 +-
 6 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/spec/controllers/admin/clusters/applications_controller_spec.rb b/spec/controllers/admin/clusters/applications_controller_spec.rb
index cf202d88acc..9d6edcd80c0 100644
--- a/spec/controllers/admin/clusters/applications_controller_spec.rb
+++ b/spec/controllers/admin/clusters/applications_controller_spec.rb
@@ -84,7 +84,7 @@ describe Admin::Clusters::ApplicationsController do
       patch :update, params: params
     end
 
-    let!(:application) { create(:clusters_applications_cert_managers, :installed, cluster: cluster) }
+    let!(:application) { create(:clusters_applications_cert_manager, :installed, cluster: cluster) }
     let(:application_name) { application.name }
     let(:params) { { application: application_name, id: cluster.id, email: "new-email@example.com" } }
 
diff --git a/spec/controllers/groups/clusters/applications_controller_spec.rb b/spec/controllers/groups/clusters/applications_controller_spec.rb
index 16a63536ea6..21533d1c89a 100644
--- a/spec/controllers/groups/clusters/applications_controller_spec.rb
+++ b/spec/controllers/groups/clusters/applications_controller_spec.rb
@@ -91,7 +91,7 @@ describe Groups::Clusters::ApplicationsController do
       patch :update, params: params.merge(group_id: group)
     end
 
-    let!(:application) { create(:clusters_applications_cert_managers, :installed, cluster: cluster) }
+    let!(:application) { create(:clusters_applications_cert_manager, :installed, cluster: cluster) }
     let(:application_name) { application.name }
     let(:params) { { application: application_name, id: cluster.id, email: "new-email@example.com" } }
 
diff --git a/spec/factories/clusters/applications/helm.rb b/spec/factories/clusters/applications/helm.rb
index 7fe9ea6801a..24c22ef3928 100644
--- a/spec/factories/clusters/applications/helm.rb
+++ b/spec/factories/clusters/applications/helm.rb
@@ -60,7 +60,7 @@ FactoryBot.define do
       cluster factory: %i(cluster with_installed_helm provided_by_gcp)
     end
 
-    factory :clusters_applications_cert_managers, class: Clusters::Applications::CertManager do
+    factory :clusters_applications_cert_manager, class: Clusters::Applications::CertManager do
       email 'admin@example.com'
       cluster factory: %i(cluster with_installed_helm provided_by_gcp)
     end
diff --git a/spec/lib/gitlab/usage_data_spec.rb b/spec/lib/gitlab/usage_data_spec.rb
index 6d0a2098b2e..297c4f0b683 100644
--- a/spec/lib/gitlab/usage_data_spec.rb
+++ b/spec/lib/gitlab/usage_data_spec.rb
@@ -24,7 +24,7 @@ describe Gitlab::UsageData do
       create(:cluster, :group, :disabled)
       create(:clusters_applications_helm, :installed, cluster: gcp_cluster)
       create(:clusters_applications_ingress, :installed, cluster: gcp_cluster)
-      create(:clusters_applications_cert_managers, :installed, cluster: gcp_cluster)
+      create(:clusters_applications_cert_manager, :installed, cluster: gcp_cluster)
       create(:clusters_applications_prometheus, :installed, cluster: gcp_cluster)
       create(:clusters_applications_runner, :installed, cluster: gcp_cluster)
       create(:clusters_applications_knative, :installed, cluster: gcp_cluster)
diff --git a/spec/models/clusters/applications/cert_manager_spec.rb b/spec/models/clusters/applications/cert_manager_spec.rb
index 8d853a04e33..a77e06ea829 100644
--- a/spec/models/clusters/applications/cert_manager_spec.rb
+++ b/spec/models/clusters/applications/cert_manager_spec.rb
@@ -3,11 +3,11 @@
 require 'rails_helper'
 
 describe Clusters::Applications::CertManager do
-  let(:cert_manager) { create(:clusters_applications_cert_managers) }
+  let(:cert_manager) { create(:clusters_applications_cert_manager) }
 
-  include_examples 'cluster application core specs', :clusters_applications_cert_managers
-  include_examples 'cluster application status specs', :clusters_applications_cert_managers
-  include_examples 'cluster application version specs', :clusters_applications_cert_managers
+  include_examples 'cluster application core specs', :clusters_applications_cert_manager
+  include_examples 'cluster application status specs', :clusters_applications_cert_manager
+  include_examples 'cluster application version specs', :clusters_applications_cert_manager
   include_examples 'cluster application initial status specs'
 
   describe '#can_uninstall?' do
@@ -72,7 +72,7 @@ describe Clusters::Applications::CertManager do
     end
 
     context 'application failed to install previously' do
-      let(:cert_manager) { create(:clusters_applications_cert_managers, :errored, version: '0.0.1') }
+      let(:cert_manager) { create(:clusters_applications_cert_manager, :errored, version: '0.0.1') }
 
       it 'is initialized with the locked version' do
         expect(subject.version).to eq('v0.5.2')
diff --git a/spec/models/clusters/cluster_spec.rb b/spec/models/clusters/cluster_spec.rb
index 8f2f1b200e4..d9d25a1f7aa 100644
--- a/spec/models/clusters/cluster_spec.rb
+++ b/spec/models/clusters/cluster_spec.rb
@@ -496,7 +496,7 @@ describe Clusters::Cluster, :use_clean_rails_memory_store_caching do
     context 'when applications are created' do
       let!(:helm) { create(:clusters_applications_helm, cluster: cluster) }
       let!(:ingress) { create(:clusters_applications_ingress, cluster: cluster) }
-      let!(:cert_manager) { create(:clusters_applications_cert_managers, cluster: cluster) }
+      let!(:cert_manager) { create(:clusters_applications_cert_manager, cluster: cluster) }
       let!(:prometheus) { create(:clusters_applications_prometheus, cluster: cluster) }
       let!(:runner) { create(:clusters_applications_runner, cluster: cluster) }
       let!(:jupyter) { create(:clusters_applications_jupyter, cluster: cluster) }
-- 
cgit v1.2.1


From 5bb2f0c6fcd7bc195a18efa73420be7de0ce879b Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Tue, 23 Jul 2019 14:54:04 -0700
Subject: Add partial index on identities table to speed up LDAP lookups

For customers with thousands of entries in the table, lookups for an
LDAP identity dominated the PostgreSQL statistics because of sequential
scans. We can speed this up by adding a partial index with the
extern_uid and provider.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/59630
---
 changelogs/unreleased/sh-add-index-extern-uid.yml     |  5 +++++
 ...dex_on_identities_lower_extern_uid_and_provider.rb | 19 +++++++++++++++++++
 db/schema.rb                                          |  1 +
 3 files changed, 25 insertions(+)
 create mode 100644 changelogs/unreleased/sh-add-index-extern-uid.yml
 create mode 100644 db/post_migrate/20190723105753_add_index_on_identities_lower_extern_uid_and_provider.rb

diff --git a/changelogs/unreleased/sh-add-index-extern-uid.yml b/changelogs/unreleased/sh-add-index-extern-uid.yml
new file mode 100644
index 00000000000..531770237a8
--- /dev/null
+++ b/changelogs/unreleased/sh-add-index-extern-uid.yml
@@ -0,0 +1,5 @@
+---
+title: Add partial index on identities table to speed up LDAP lookups
+merge_request: 26710
+author:
+type: performance
diff --git a/db/post_migrate/20190723105753_add_index_on_identities_lower_extern_uid_and_provider.rb b/db/post_migrate/20190723105753_add_index_on_identities_lower_extern_uid_and_provider.rb
new file mode 100644
index 00000000000..36ecca4821f
--- /dev/null
+++ b/db/post_migrate/20190723105753_add_index_on_identities_lower_extern_uid_and_provider.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+class AddIndexOnIdentitiesLowerExternUidAndProvider < ActiveRecord::Migration[5.2]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  INDEX_NAME = "index_on_identities_lower_extern_uid_and_provider"
+
+  def up
+    add_concurrent_index(:identities, 'lower(extern_uid), provider', name: INDEX_NAME)
+  end
+
+  def down
+    remove_concurrent_index_by_name(:identities, INDEX_NAME)
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index f6b7e22fe09..6f5fc6c65eb 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1580,6 +1580,7 @@ ActiveRecord::Schema.define(version: 2019_07_29_090456) do
     t.datetime "updated_at"
     t.integer "saml_provider_id"
     t.string "secondary_extern_uid"
+    t.index "lower((extern_uid)::text), provider", name: "index_on_identities_lower_extern_uid_and_provider"
     t.index ["saml_provider_id"], name: "index_identities_on_saml_provider_id", where: "(saml_provider_id IS NOT NULL)"
     t.index ["user_id"], name: "index_identities_on_user_id"
   end
-- 
cgit v1.2.1


From e20538088bba75fa3193004b8695d4ffab7aca21 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Diego=20Louz=C3=A1n?= <diego.louzan@gmail.com>
Date: Tue, 30 Jul 2019 17:03:17 +0000
Subject: Add support page link in help menu

Creates a new item in help dropdown to show configured support page link
---
 .../application_settings/_help_page.html.haml      |  2 +-
 app/views/layouts/header/_help_dropdown.html.haml  |  2 ++
 .../feat-add-support-page-link-in-help-menu.yml    |  5 ++++
 doc/api/settings.md                                |  2 +-
 lib/api/settings.rb                                |  2 +-
 locale/gitlab.pot                                  |  5 +++-
 spec/features/admin/admin_settings_spec.rb         | 34 ++++++++++++++++++++--
 7 files changed, 46 insertions(+), 6 deletions(-)
 create mode 100644 changelogs/unreleased/feat-add-support-page-link-in-help-menu.yml

diff --git a/app/views/admin/application_settings/_help_page.html.haml b/app/views/admin/application_settings/_help_page.html.haml
index a869f1bd4df..5e5ab1e4269 100644
--- a/app/views/admin/application_settings/_help_page.html.haml
+++ b/app/views/admin/application_settings/_help_page.html.haml
@@ -16,6 +16,6 @@
     .form-group
       = f.label :help_page_support_url, _('Support page URL'), class: 'label-bold'
       = f.text_field :help_page_support_url, class: 'form-control', placeholder: 'http://company.example.com/getting-help', :'aria-describedby' => 'support_help_block'
-      %span.form-text.text-muted#support_help_block= _('Alternate support URL for help page')
+      %span.form-text.text-muted#support_help_block= _('Alternate support URL for help page and help dropdown')
 
   = f.submit _('Save changes'), class: "btn btn-success"
diff --git a/app/views/layouts/header/_help_dropdown.html.haml b/app/views/layouts/header/_help_dropdown.html.haml
index 5643a508ddc..41d7aa3741a 100644
--- a/app/views/layouts/header/_help_dropdown.html.haml
+++ b/app/views/layouts/header/_help_dropdown.html.haml
@@ -2,6 +2,8 @@
   - if current_user_menu?(:help)
     %li
       = link_to _("Help"), help_path
+    %li
+      = link_to _("Support"), support_url
     = render_if_exists "shared/learn_gitlab_menu_item"
     %li.divider
   %li
diff --git a/changelogs/unreleased/feat-add-support-page-link-in-help-menu.yml b/changelogs/unreleased/feat-add-support-page-link-in-help-menu.yml
new file mode 100644
index 00000000000..2cddd52212e
--- /dev/null
+++ b/changelogs/unreleased/feat-add-support-page-link-in-help-menu.yml
@@ -0,0 +1,5 @@
+---
+title: Add admin-configurable "Support page URL" link to top Help dropdown menu
+merge_request: 30459
+author: Diego Louzán
+type: added
diff --git a/doc/api/settings.md b/doc/api/settings.md
index 68da88af698..c3ac70f0579 100644
--- a/doc/api/settings.md
+++ b/doc/api/settings.md
@@ -230,7 +230,7 @@ are listed in the descriptions of the relevant settings.
 | `gravatar_enabled`                       | boolean          | no                                   | Enable Gravatar. |
 | `hashed_storage_enabled`                 | boolean          | no                                   | Create new projects using hashed storage paths: Enable immutable, hash-based paths and repository names to store repositories on disk. This prevents repositories from having to be moved or renamed when the Project URL changes and may improve disk I/O performance. (EXPERIMENTAL) |
 | `help_page_hide_commercial_content`      | boolean          | no                                   | Hide marketing-related entries from help. |
-| `help_page_support_url`                  | string           | no                                   | Alternate support URL for help page. |
+| `help_page_support_url`                  | string           | no                                   | Alternate support URL for help page and help dropdown. |
 | `help_page_text`                         | string           | no                                   | Custom text displayed on the help page. |
 | `help_text`                              | string           | no                                   | **(PREMIUM)** GitLab server administrator information |
 | `hide_third_party_offers`                | boolean          | no                                   | Do not display offers from third parties within GitLab. |
diff --git a/lib/api/settings.rb b/lib/api/settings.rb
index 4275d911708..aa9e879160d 100644
--- a/lib/api/settings.rb
+++ b/lib/api/settings.rb
@@ -59,7 +59,7 @@ module API
       optional :grafana_url, type: String, desc: 'Grafana URL'
       optional :gravatar_enabled, type: Boolean, desc: 'Flag indicating if the Gravatar service is enabled'
       optional :help_page_hide_commercial_content, type: Boolean, desc: 'Hide marketing-related entries from help'
-      optional :help_page_support_url, type: String, desc: 'Alternate support URL for help page'
+      optional :help_page_support_url, type: String, desc: 'Alternate support URL for help page and help dropdown'
       optional :help_page_text, type: String, desc: 'Custom text displayed on the help page'
       optional :home_page_url, type: String, desc: 'We will redirect non-logged in users to this page'
       optional :housekeeping_enabled, type: Boolean, desc: 'Enable automatic repository housekeeping (git repack, git gc)'
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 591dc2a7e39..feae99fb95a 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -966,7 +966,7 @@ msgstr ""
 msgid "Allows you to add and manage Kubernetes clusters."
 msgstr ""
 
-msgid "Alternate support URL for help page"
+msgid "Alternate support URL for help page and help dropdown"
 msgstr ""
 
 msgid "Alternatively, you can use a %{personal_access_token_link}. When you create your Personal Access Token, you will need to select the <code>repo</code> scope, so we can display a list of your public and private repositories which are available to import."
@@ -10586,6 +10586,9 @@ msgstr ""
 msgid "Sunday"
 msgstr ""
 
+msgid "Support"
+msgstr ""
+
 msgid "Support for custom certificates is disabled. Ask your system's administrator to enable it."
 msgstr ""
 
diff --git a/spec/features/admin/admin_settings_spec.rb b/spec/features/admin/admin_settings_spec.rb
index a074bbcff0a..c77605f3869 100644
--- a/spec/features/admin/admin_settings_spec.rb
+++ b/spec/features/admin/admin_settings_spec.rb
@@ -356,16 +356,18 @@ describe 'Admin updates settings' do
     end
 
     it 'Change Help page' do
+      new_support_url = 'http://example.com/help'
+
       page.within('.as-help-page') do
         fill_in 'Help page text', with: 'Example text'
         check 'Hide marketing-related entries from help'
-        fill_in 'Support page URL', with: 'http://example.com/help'
+        fill_in 'Support page URL', with: new_support_url
         click_button 'Save changes'
       end
 
       expect(current_settings.help_page_text).to eq "Example text"
       expect(current_settings.help_page_hide_commercial_content).to be_truthy
-      expect(current_settings.help_page_support_url).to eq "http://example.com/help"
+      expect(current_settings.help_page_support_url).to eq new_support_url
       expect(page).to have_content "Application settings saved successfully"
     end
 
@@ -415,6 +417,34 @@ describe 'Admin updates settings' do
     end
   end
 
+  context 'Nav bar' do
+    it 'Shows default help links in nav' do
+      default_support_url = 'https://about.gitlab.com/getting-help/'
+
+      visit root_dashboard_path
+
+      find('.header-help-dropdown-toggle').click
+
+      page.within '.header-help' do
+        expect(page).to have_link(text: 'Help', href: help_path)
+        expect(page).to have_link(text: 'Support', href: default_support_url)
+      end
+    end
+
+    it 'Shows custom support url in nav when set' do
+      new_support_url = 'http://example.com/help'
+      stub_application_setting(help_page_support_url: new_support_url)
+
+      visit root_dashboard_path
+
+      find('.header-help-dropdown-toggle').click
+
+      page.within '.header-help' do
+        expect(page).to have_link(text: 'Support', href: new_support_url)
+      end
+    end
+  end
+
   def check_all_events
     page.check('Active')
     page.check('Push')
-- 
cgit v1.2.1


From 8f501a74bde199723e1f01121a9a56e01aacaf1c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20Coutable?= <remy@rymai.me>
Date: Tue, 30 Jul 2019 17:33:00 +0200
Subject: Remove the wait_for_review_app_to_be_accessible step from
 review-deploy
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Rémy Coutable <remy@rymai.me>
---
 .gitlab/ci/review.gitlab-ci.yml    |  3 +--
 scripts/review_apps/review-apps.sh | 25 -------------------------
 2 files changed, 1 insertion(+), 27 deletions(-)

diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml
index 41d52c4e095..aa722f6ef33 100644
--- a/.gitlab/ci/review.gitlab-ci.yml
+++ b/.gitlab/ci/review.gitlab-ci.yml
@@ -101,8 +101,7 @@ schedule:review-build-cng:
     - install_tiller
     - install_external_dns
     - download_chart
-    - deploy || display_deployment_debug
-    - wait_for_review_app_to_be_accessible
+    - deploy || (display_deployment_debug && exit 1)
     - add_license
   artifacts:
     paths: [review_app_url.txt]
diff --git a/scripts/review_apps/review-apps.sh b/scripts/review_apps/review-apps.sh
index 408a0595f9e..4935c1342a3 100755
--- a/scripts/review_apps/review-apps.sh
+++ b/scripts/review_apps/review-apps.sh
@@ -340,31 +340,6 @@ function display_deployment_debug() {
   fi
 }
 
-function wait_for_review_app_to_be_accessible() {
-  echoinfo "Waiting for the Review App at ${CI_ENVIRONMENT_URL} to be accessible..." true
-
-  local interval=5
-  local elapsed_seconds=0
-  local max_seconds=$((2 * 60))
-  while true; do
-    local review_app_http_code
-    review_app_http_code=$(curl --silent --output /dev/null --max-time 5 --write-out "%{http_code}" "${CI_ENVIRONMENT_URL}/users/sign_in")
-    if [[ "${review_app_http_code}" -eq "200" ]] || [[ "${elapsed_seconds}" -gt "${max_seconds}" ]]; then
-      break
-    fi
-
-    let "elapsed_seconds+=interval"
-    sleep ${interval}
-  done
-
-  if [[ "${review_app_http_code}" -eq "200" ]]; then
-    echoinfo "The Review App at ${CI_ENVIRONMENT_URL} is ready after ${elapsed_seconds} seconds!"
-  else
-    echoerr "The Review App at ${CI_ENVIRONMENT_URL} isn't ready after ${max_seconds} seconds of polling..."
-    exit 1
-  fi
-}
-
 function add_license() {
   if [ -z "${REVIEW_APPS_EE_LICENSE}" ]; then echo "License not found" && return; fi
 
-- 
cgit v1.2.1


From 59a13560b337b3871d46aef460f47f05888813be Mon Sep 17 00:00:00 2001
From: Donald Cook <dcook@gitlab.com>
Date: Tue, 30 Jul 2019 13:59:38 -0500
Subject: Removed pendo poc code

---
 app/views/layouts/_head.html.haml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/app/views/layouts/_head.html.haml b/app/views/layouts/_head.html.haml
index 20b844f9fd8..ac774803f95 100644
--- a/app/views/layouts/_head.html.haml
+++ b/app/views/layouts/_head.html.haml
@@ -78,4 +78,3 @@
   = render 'layouts/google_analytics' if extra_config.has_key?('google_analytics_id')
   = render 'layouts/piwik' if extra_config.has_key?('piwik_url') && extra_config.has_key?('piwik_site_id')
   = render_if_exists 'layouts/snowplow'
-  = render_if_exists 'layouts/pendo' if Feature.enabled?(:pendo_tracking) && !Rails.env.test?
-- 
cgit v1.2.1


From d93da8888bd54531e5f5df2047902ae90635b8d0 Mon Sep 17 00:00:00 2001
From: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Date: Tue, 30 Jul 2019 19:43:16 +0000
Subject: Update CHANGELOG.md for 12.1.3

[ci skip]
---
 CHANGELOG.md                                        | 21 +++++++++++++++++++++
 changelogs/unreleased/64091-fix-sprockets-paths.yml |  5 -----
 .../64731-fix-project-auto-devops-api.yml           |  5 -----
 ...t-enabled-if-current-certificate-is-outdated.yml |  6 ------
 .../unreleased/65019-auto-devops-dind-tls-fix.yml   |  5 -----
 .../unreleased/65019-job-templates-dind-tls-fix.yml |  5 -----
 .../unreleased/dm-submodule-helper-routing.yml      |  5 -----
 changelogs/unreleased/dm-submodule-links-nil.yml    |  5 -----
 .../unreleased/optimise-import-performance.yml      |  5 -----
 .../unreleased/sh-fix-gitaly-access-control.yml     |  5 -----
 .../unreleased/sh-fix-pdfjs-page-ordering.yml       |  5 -----
 .../unreleased/sh-support-docker-oci-images.yml     |  5 -----
 12 files changed, 21 insertions(+), 56 deletions(-)
 delete mode 100644 changelogs/unreleased/64091-fix-sprockets-paths.yml
 delete mode 100644 changelogs/unreleased/64731-fix-project-auto-devops-api.yml
 delete mode 100644 changelogs/unreleased/64870-can-t-save-pages-domain-form-with-let-s-encrypt-enabled-if-current-certificate-is-outdated.yml
 delete mode 100644 changelogs/unreleased/65019-auto-devops-dind-tls-fix.yml
 delete mode 100644 changelogs/unreleased/65019-job-templates-dind-tls-fix.yml
 delete mode 100644 changelogs/unreleased/dm-submodule-helper-routing.yml
 delete mode 100644 changelogs/unreleased/dm-submodule-links-nil.yml
 delete mode 100644 changelogs/unreleased/optimise-import-performance.yml
 delete mode 100644 changelogs/unreleased/sh-fix-gitaly-access-control.yml
 delete mode 100644 changelogs/unreleased/sh-fix-pdfjs-page-ordering.yml
 delete mode 100644 changelogs/unreleased/sh-support-docker-oci-images.yml

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d93cc182c62..15b55f01c32 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,27 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 12.1.3
+
+### Fixed (11 changes)
+
+- Prevent multiple confirmation modals from opening when deleting a repository. !30532
+- Fix the project auto devops API. !30946
+- Fix "Certificate misses intermediates" UI error when enabling Let's Encrypt integration for pages domain. !30995
+- Fix xterm css not loading for environment terminal. !31023
+- Set DOCKER_TLS_CERTDIR in Auto Dev-Ops CI template to fix jobs using Docker-in-Docker. !31078
+- Set DOCKER_TLS_CERTDIR in CI job templates to fix Docker-in-Docker service. !31080
+- Support Docker OCI images. !31127
+- Fix error rendering submodules in MR diffs when there is no .gitmodules. !31162
+- Fix pdf.js rendering pages in the wrong order. !31222
+- Fix exception handling in Gitaly autodetection. !31285
+- Fix bug that caused diffs not to show on MRs with changes to submodules.
+
+### Performance (1 change)
+
+- Optimise import performance. !31045
+
+
 ## 12.1.2
 
 ### Security (1 change)
diff --git a/changelogs/unreleased/64091-fix-sprockets-paths.yml b/changelogs/unreleased/64091-fix-sprockets-paths.yml
deleted file mode 100644
index fcd8b2faa49..00000000000
--- a/changelogs/unreleased/64091-fix-sprockets-paths.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix xterm css not loading for environment terminal
-merge_request: 31023
-author:
-type: fixed
diff --git a/changelogs/unreleased/64731-fix-project-auto-devops-api.yml b/changelogs/unreleased/64731-fix-project-auto-devops-api.yml
deleted file mode 100644
index 7fe2c036773..00000000000
--- a/changelogs/unreleased/64731-fix-project-auto-devops-api.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix the project auto devops API
-merge_request: 30946
-author:
-type: fixed
diff --git a/changelogs/unreleased/64870-can-t-save-pages-domain-form-with-let-s-encrypt-enabled-if-current-certificate-is-outdated.yml b/changelogs/unreleased/64870-can-t-save-pages-domain-form-with-let-s-encrypt-enabled-if-current-certificate-is-outdated.yml
deleted file mode 100644
index 291901d64ed..00000000000
--- a/changelogs/unreleased/64870-can-t-save-pages-domain-form-with-let-s-encrypt-enabled-if-current-certificate-is-outdated.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: Fix "Certificate misses intermediates" UI error when enabling Let's Encrypt
-  integration for pages domain
-merge_request: 30995
-author:
-type: fixed
diff --git a/changelogs/unreleased/65019-auto-devops-dind-tls-fix.yml b/changelogs/unreleased/65019-auto-devops-dind-tls-fix.yml
deleted file mode 100644
index 3eea3e551ce..00000000000
--- a/changelogs/unreleased/65019-auto-devops-dind-tls-fix.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Set DOCKER_TLS_CERTDIR in Auto Dev-Ops CI template to fix jobs using Docker-in-Docker
-merge_request: 31078
-author:
-type: fixed
diff --git a/changelogs/unreleased/65019-job-templates-dind-tls-fix.yml b/changelogs/unreleased/65019-job-templates-dind-tls-fix.yml
deleted file mode 100644
index c7c02486d61..00000000000
--- a/changelogs/unreleased/65019-job-templates-dind-tls-fix.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Set DOCKER_TLS_CERTDIR in CI job templates to fix Docker-in-Docker service
-merge_request: 31080
-author:
-type: fixed
diff --git a/changelogs/unreleased/dm-submodule-helper-routing.yml b/changelogs/unreleased/dm-submodule-helper-routing.yml
deleted file mode 100644
index 779d4d167df..00000000000
--- a/changelogs/unreleased/dm-submodule-helper-routing.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix bug that caused diffs not to show on MRs with changes to submodules
-merge_request:
-author:
-type: fixed
diff --git a/changelogs/unreleased/dm-submodule-links-nil.yml b/changelogs/unreleased/dm-submodule-links-nil.yml
deleted file mode 100644
index c09ca41d01d..00000000000
--- a/changelogs/unreleased/dm-submodule-links-nil.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix error rendering submodules in MR diffs when there is no .gitmodules
-merge_request: 31162
-author:
-type: fixed
diff --git a/changelogs/unreleased/optimise-import-performance.yml b/changelogs/unreleased/optimise-import-performance.yml
deleted file mode 100644
index c63f44d5109..00000000000
--- a/changelogs/unreleased/optimise-import-performance.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Optimise import performance
-merge_request: 31045
-author:
-type: performance
diff --git a/changelogs/unreleased/sh-fix-gitaly-access-control.yml b/changelogs/unreleased/sh-fix-gitaly-access-control.yml
deleted file mode 100644
index bdd33f3ff45..00000000000
--- a/changelogs/unreleased/sh-fix-gitaly-access-control.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix exception handling in Gitaly autodetection
-merge_request: 31285
-author:
-type: fixed
diff --git a/changelogs/unreleased/sh-fix-pdfjs-page-ordering.yml b/changelogs/unreleased/sh-fix-pdfjs-page-ordering.yml
deleted file mode 100644
index 84161c51905..00000000000
--- a/changelogs/unreleased/sh-fix-pdfjs-page-ordering.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix pdf.js rendering pages in the wrong order
-merge_request: 31222
-author:
-type: fixed
diff --git a/changelogs/unreleased/sh-support-docker-oci-images.yml b/changelogs/unreleased/sh-support-docker-oci-images.yml
deleted file mode 100644
index 2dcf980fa50..00000000000
--- a/changelogs/unreleased/sh-support-docker-oci-images.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Support Docker OCI images
-merge_request: 31127
-author:
-type: fixed
-- 
cgit v1.2.1


From 21977d9a16abe4ee87307aed33777a2a18436842 Mon Sep 17 00:00:00 2001
From: Douglas Barbosa Alexandre <dbalexandre@gmail.com>
Date: Tue, 30 Jul 2019 17:10:23 -0300
Subject: Remove duplicated words

---
 doc/administration/custom_hooks.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/administration/custom_hooks.md b/doc/administration/custom_hooks.md
index 113514e1ee8..32462a95a1a 100644
--- a/doc/administration/custom_hooks.md
+++ b/doc/administration/custom_hooks.md
@@ -21,7 +21,7 @@ administrators can add custom git hooks to any GitLab project.
 ## Create a custom Git hook for a repository
 
 Server-side Git hooks are typically placed in the repository's `hooks`
-subdirectory. In GitLab, hook directories are are symlinked to the gitlab-shell
+subdirectory. In GitLab, hook directories are symlinked to the gitlab-shell
 `hooks` directory for ease of maintenance between gitlab-shell upgrades.
 Custom hooks are implemented differently, but the behavior is exactly the same
 once the hook is created. Follow the steps below to set up a custom hook for a
-- 
cgit v1.2.1


From 8b1a96e7dabdc57693da363ad62d525f331239f6 Mon Sep 17 00:00:00 2001
From: Lukas Eipert <leipert@gitlab.com>
Date: Tue, 30 Jul 2019 20:26:11 +0000
Subject: Update dependency @gitlab/ui to ^5.11.1

---
 package.json |  2 +-
 yarn.lock    | 32 +++++++++++++-------------------
 2 files changed, 14 insertions(+), 20 deletions(-)

diff --git a/package.json b/package.json
index dfa8e8fe4d7..c97046b0e84 100644
--- a/package.json
+++ b/package.json
@@ -38,7 +38,7 @@
     "@babel/preset-env": "^7.4.4",
     "@gitlab/csslab": "^1.9.0",
     "@gitlab/svgs": "^1.67.0",
-    "@gitlab/ui": "^5.9.0",
+    "@gitlab/ui": "^5.11.1",
     "apollo-cache-inmemory": "^1.5.1",
     "apollo-client": "^2.5.1",
     "apollo-link": "^1.2.11",
diff --git a/yarn.lock b/yarn.lock
index d0e43363977..6643b011dab 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -996,17 +996,16 @@
   resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-1.67.0.tgz#c7b94eca13b99fd3aaa737fb6dcc0abc41d3c579"
   integrity sha512-hJOmWEs6RkjzyKkb1vc9wwKGZIBIP0coHkxu/KgOoxhBVudpGk4CH7xJ6UuB2TKpb0SEh5CC1CzRZfBYaFhsaA==
 
-"@gitlab/ui@^5.9.0":
-  version "5.9.0"
-  resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-5.9.0.tgz#a38b1b57c365608b100b95969ae7a57ce1707542"
-  integrity sha512-cgvEPWVerYZNLqkHjg5dd0VhEDBWj8aNoISZCaGOWI9K4yVtpMPVRUv19o/xYm4vUexfFsG9vg9lBgd+4ZU6Yw==
+"@gitlab/ui@^5.11.1":
+  version "5.11.1"
+  resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-5.11.1.tgz#10ee8a4410eb249032142f85f6180b6c465c48d7"
+  integrity sha512-bxIB3//aaYZIT6fpDKhIW60gvVvOCbw6inqC8xffQmklFYFKgcZjEIBu3RH5oJ6t3zFxeelcPQG7+t2F+p3bIg==
   dependencies:
     "@babel/standalone" "^7.0.0"
     "@gitlab/vue-toasted" "^1.2.1"
     bootstrap "4.3.1"
-    bootstrap-vue "^2.0.0-rc.26"
+    bootstrap-vue "2.0.0-rc.27"
     copy-to-clipboard "^3.0.8"
-    core-js "^2.6.9"
     echarts "^4.2.0-rc.2"
     highlight.js "^9.13.1"
     js-beautify "^1.8.8"
@@ -2255,10 +2254,10 @@ bonjour@^3.5.0:
     multicast-dns "^6.0.1"
     multicast-dns-service-types "^1.1.0"
 
-bootstrap-vue@^2.0.0-rc.26:
-  version "2.0.0-rc.26"
-  resolved "https://registry.yarnpkg.com/bootstrap-vue/-/bootstrap-vue-2.0.0-rc.26.tgz#2b8b9116a452584ae20ba8310d143635bc9e1375"
-  integrity sha512-AzN+IRTmfR9rLFWNGt+v2XPmQjZiAlH4x5z2kStA3UoJ5LR91K34iZ8apaa6isDo+DfWDcwH4q7OwHM+VNxWwg==
+bootstrap-vue@2.0.0-rc.27:
+  version "2.0.0-rc.27"
+  resolved "https://registry.yarnpkg.com/bootstrap-vue/-/bootstrap-vue-2.0.0-rc.27.tgz#884a46a71948d13c9729134cb564467f79a7b2b9"
+  integrity sha512-gXdpt2IsKbmC3SU0bf/RgldWwgrXK7G47yslOtkk4OA1z6fOzb2orM2vU5L8NCNZQomYax9LapRucv+8PByfdA==
   dependencies:
     "@nuxt/opencollective" "^0.2.2"
     bootstrap "^4.3.1"
@@ -3236,21 +3235,16 @@ core-js-pure@3.1.4:
   resolved "https://registry.yarnpkg.com/core-js-pure/-/core-js-pure-3.1.4.tgz#5fa17dc77002a169a3566cc48dc774d2e13e3769"
   integrity sha512-uJ4Z7iPNwiu1foygbcZYJsJs1jiXrTTCvxfLDXNhI/I+NHbSIEyr548y4fcsCEyWY0XgfAG/qqaunJ1SThHenA==
 
-core-js@^2.2.0, core-js@^2.6.9:
-  version "2.6.9"
-  resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.6.9.tgz#6b4b214620c834152e179323727fc19741b084f2"
-  integrity sha512-HOpZf6eXmnl7la+cUdMnLvUxKNqLUzJvgIziQ0DiF3JwSImNphIqdGqzj6hIKyX04MmV0poclQ7+wjWvxQyR2A==
+core-js@^2.2.0, core-js@~2.3.0:
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.3.0.tgz#fab83fbb0b2d8dc85fa636c4b9d34c75420c6d65"
+  integrity sha1-+rg/uwstjchfpjbEudNMdUIMbWU=
 
 core-js@^3.1.3:
   version "3.1.3"
   resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.1.3.tgz#95700bca5f248f5f78c0ec63e784eca663ec4138"
   integrity sha512-PWZ+ZfuaKf178BIAg+CRsljwjIMRV8MY00CbZczkR6Zk5LfkSkjGoaab3+bqRQWVITNZxQB7TFYz+CFcyuamvA==
 
-core-js@~2.3.0:
-  version "2.3.0"
-  resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.3.0.tgz#fab83fbb0b2d8dc85fa636c4b9d34c75420c6d65"
-  integrity sha1-+rg/uwstjchfpjbEudNMdUIMbWU=
-
 core-util-is@1.0.2, core-util-is@~1.0.0:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7"
-- 
cgit v1.2.1


From ff61a003d5143a0a07c125aeaeba95f258779aab Mon Sep 17 00:00:00 2001
From: Anton Smith <asmith@gitlab.com>
Date: Tue, 30 Jul 2019 23:54:31 +0000
Subject: Fix copy config command for Puma

---
 doc/install/installation.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/install/installation.md b/doc/install/installation.md
index 46ee980841b..a12edef4e41 100644
--- a/doc/install/installation.md
+++ b/doc/install/installation.md
@@ -938,7 +938,7 @@ To use GitLab with Puma:
    cd /home/git/gitlab
 
    # Copy config file for the web server
-   sudo -u git -H config/puma.rb.example config/puma.rb
+   sudo -u git -H cp config/puma.rb.example config/puma.rb
    ```
 
 1. Edit the system `init.d` script to use `EXPERIMENTAL_PUMA=1` flag. If you have `/etc/default/gitlab`, then you should edit it instead.
-- 
cgit v1.2.1


From afa73f4d4e8b1e8106997f4eb11d82b31164fe48 Mon Sep 17 00:00:00 2001
From: drew <dscimino@gmail.com>
Date: Wed, 31 Jul 2019 00:11:17 +0000
Subject: Documentation: Added Semaphore Test Boosters example to CI YAML
 `parallel` docs

---
 doc/ci/yaml/README.md | 35 +++++++++++++++++++++++++++++------
 1 file changed, 29 insertions(+), 6 deletions(-)

diff --git a/doc/ci/yaml/README.md b/doc/ci/yaml/README.md
index 09b9fc87986..201047b70b9 100644
--- a/doc/ci/yaml/README.md
+++ b/doc/ci/yaml/README.md
@@ -1771,18 +1771,41 @@ sequentially from `job_name 1/N` to `job_name N/N`.
 
 For every job, `CI_NODE_INDEX` and `CI_NODE_TOTAL` [environment variables](../variables/README.md#predefined-environment-variables) are set.
 
-A simple example:
+Marking a job to be run in parallel requires only a simple addition to your configuration file:
 
-```yaml
-test:
-  script: rspec
-  parallel: 5
+```diff
+ test:
+   script: rspec
++  parallel: 5
 ```
-
 TIP: **Tip:**
 Parallelize tests suites across parallel jobs.
 Different languages have different tools to facilitate this.
 
+A simple example using [Sempahore Test Boosters](https://github.com/renderedtext/test-boosters) and RSpec to run some Ruby tests:
+
+```ruby
+# Gemfile
+source 'https://rubygems.org'
+
+gem 'rspec'
+gem 'semaphore_test_boosters'
+```
+
+```yaml
+test:
+  parallel: 3
+  script:
+    - bundle
+    - bundle exec rspec_booster --job $CI_NODE_INDEX/$CI_NODE_TOTAL
+```
+
+CAUTION: **Caution:**
+Please be aware that semaphore_test_boosters reports usages statistics to the author.
+
+You can then navigate to the **Jobs** tab of a new pipeline build and see your RSpec
+job split into three separate jobs.
+
 ### `trigger` **(PREMIUM)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/8997) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.8.
-- 
cgit v1.2.1


From f710c1d1c77db3c27156f45e6c81dc06d304d32c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= <matteeyah@gmail.com>
Date: Tue, 30 Jul 2019 16:10:29 +0200
Subject: Document multi-project variable precedence

---
 doc/ci/multi_project_pipelines.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/doc/ci/multi_project_pipelines.md b/doc/ci/multi_project_pipelines.md
index 463b9194c58..ced4344a0b0 100644
--- a/doc/ci/multi_project_pipelines.md
+++ b/doc/ci/multi_project_pipelines.md
@@ -171,6 +171,11 @@ In this scenario, the `UPSTREAM_BRANCH` variable with a value related to the
 upstream pipeline will be passed to the `downstream-job` job, and will be available
 within the context of all downstream builds.
 
+NOTE: **Tip:**
+Upstream pipelines take precedence over downstream ones. If there are two
+variables with the same name defined in both upstream and downstream projects,
+the ones defined in the upstream project will take precedence.
+
 ### Limitations
 
 Because bridge jobs are a little different to regular jobs, it is not
-- 
cgit v1.2.1


From e8c97e887164340559e458b1f294ef9a12a69e60 Mon Sep 17 00:00:00 2001
From: Cynthia Ng <cng@gitlab.com>
Date: Wed, 31 Jul 2019 00:44:36 +0000
Subject: Docs: Add SCIM troubleshooting for Azure mapping error

---
 doc/user/group/saml_sso/scim_setup.md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/doc/user/group/saml_sso/scim_setup.md b/doc/user/group/saml_sso/scim_setup.md
index ab48c9080a9..64ac4f15d5f 100644
--- a/doc/user/group/saml_sso/scim_setup.md
+++ b/doc/user/group/saml_sso/scim_setup.md
@@ -123,3 +123,17 @@ bottom of the **Provisioning** screen, together with a link to the audit logs.
 ### Testing Azure connection: invalid credentials
 
 When testing the connection, you may encounter an error: **You appear to have entered invalid credentials. Please confirm you are using the correct information for an administrative account**. If `Tenant URL` and `secret token` are correct, check whether your group path contains characters that may be considered invalid JSON primitives (such as `.`). Removing such characters from the group path typically resolves the error.
+
+### Azure: (Field) can't be blank sync error
+
+When checking the Audit Logs for the Provisioning, you can sometimes see the
+error `Namespace can't be blank, Name can't be blank, and User can't be blank.`
+
+This is likely caused because not all required fields (such as first name and 
+last name) are present for all users being mapped.
+
+As a workaround, try an alternate mapping:
+
+1. Follow the Azure mapping instructions from above.
+1. Delete the `name.formatted` target attribute entry.
+1. Change the `displayName` source attribute to have `name.formatted` target attribute.
-- 
cgit v1.2.1


From 0e6408ac1f176d8ef9ac08342018e5e01f578916 Mon Sep 17 00:00:00 2001
From: Tiger <twatson@gitlab.com>
Date: Thu, 21 Feb 2019 11:55:58 +1100
Subject: Remove unused cluster configuration logic

All cluster resources are now created on demand when
a deployment job starts.
---
 app/models/clusters/cluster.rb       | 16 -------------
 app/models/project.rb                |  6 -----
 spec/models/clusters/cluster_spec.rb | 45 ------------------------------------
 spec/models/project_spec.rb          | 18 ---------------
 4 files changed, 85 deletions(-)

diff --git a/app/models/clusters/cluster.rb b/app/models/clusters/cluster.rb
index 8c044c86c47..8bb44b0ce40 100644
--- a/app/models/clusters/cluster.rb
+++ b/app/models/clusters/cluster.rb
@@ -100,12 +100,6 @@ module Clusters
 
     scope :default_environment, -> { where(environment_scope: DEFAULT_ENVIRONMENT) }
 
-    scope :missing_kubernetes_namespace, -> (kubernetes_namespaces) do
-      subquery = kubernetes_namespaces.select('1').where('clusters_kubernetes_namespaces.cluster_id = clusters.id')
-
-      where('NOT EXISTS (?)', subquery)
-    end
-
     scope :with_knative_installed, -> { joins(:application_knative).merge(Clusters::Applications::Knative.available) }
 
     scope :preload_knative, -> {
@@ -161,16 +155,6 @@ module Clusters
       return platform_kubernetes if kubernetes?
     end
 
-    def all_projects
-      if project_type?
-        projects
-      elsif group_type?
-        first_group.all_projects
-      else
-        Project.none
-      end
-    end
-
     def first_project
       strong_memoize(:first_project) do
         projects.first
diff --git a/app/models/project.rb b/app/models/project.rb
index cca7da8c49a..8f234fba04f 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -415,12 +415,6 @@ class Project < ApplicationRecord
     .where(project_ci_cd_settings: { group_runners_enabled: true })
   end
 
-  scope :missing_kubernetes_namespace, -> (kubernetes_namespaces) do
-    subquery = kubernetes_namespaces.select('1').where('clusters_kubernetes_namespaces.project_id = projects.id')
-
-    where('NOT EXISTS (?)', subquery)
-  end
-
   enum auto_cancel_pending_pipelines: { disabled: 0, enabled: 1 }
 
   chronic_duration_attr :build_timeout_human_readable, :build_timeout,
diff --git a/spec/models/clusters/cluster_spec.rb b/spec/models/clusters/cluster_spec.rb
index 8f2f1b200e4..761695bfe91 100644
--- a/spec/models/clusters/cluster_spec.rb
+++ b/spec/models/clusters/cluster_spec.rb
@@ -121,26 +121,6 @@ describe Clusters::Cluster, :use_clean_rails_memory_store_caching do
     end
   end
 
-  describe '.missing_kubernetes_namespace' do
-    let!(:cluster) { create(:cluster, :provided_by_gcp, :project) }
-    let(:project) { cluster.project }
-    let(:kubernetes_namespaces) { project.kubernetes_namespaces }
-
-    subject do
-      described_class.joins(:projects).where(projects: { id: project.id }).missing_kubernetes_namespace(kubernetes_namespaces)
-    end
-
-    it { is_expected.to contain_exactly(cluster) }
-
-    context 'kubernetes namespace exists' do
-      before do
-        create(:cluster_kubernetes_namespace, project: project, cluster: cluster)
-      end
-
-      it { is_expected.to be_empty }
-    end
-  end
-
   describe 'validations' do
     subject { cluster.valid? }
 
@@ -423,31 +403,6 @@ describe Clusters::Cluster, :use_clean_rails_memory_store_caching do
     end
   end
 
-  describe '#all_projects' do
-    let(:project) { create(:project) }
-    let(:cluster) { create(:cluster, projects: [project]) }
-
-    subject { cluster.all_projects }
-
-    context 'project cluster' do
-      it 'returns project' do
-        is_expected.to eq([project])
-      end
-    end
-
-    context 'group cluster' do
-      let(:cluster) { create(:cluster, :group) }
-      let(:group) { cluster.group }
-      let(:project) { create(:project, group: group) }
-      let(:subgroup) { create(:group, parent: group) }
-      let(:subproject) { create(:project, group: subgroup) }
-
-      it 'returns all projects for group' do
-        is_expected.to contain_exactly(project, subproject)
-      end
-    end
-  end
-
   describe '#first_project' do
     subject { cluster.first_project }
 
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 24dfd0c5605..32fb0c0ff73 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -173,24 +173,6 @@ describe Project do
     it { is_expected.to include_module(Sortable) }
   end
 
-  describe '.missing_kubernetes_namespace' do
-    let!(:project) { create(:project) }
-    let!(:cluster) { create(:cluster, :provided_by_user, :group) }
-    let(:kubernetes_namespaces) { project.kubernetes_namespaces }
-
-    subject { described_class.missing_kubernetes_namespace(kubernetes_namespaces) }
-
-    it { is_expected.to contain_exactly(project) }
-
-    context 'kubernetes namespace exists' do
-      before do
-        create(:cluster_kubernetes_namespace, project: project, cluster: cluster)
-      end
-
-      it { is_expected.to be_empty }
-    end
-  end
-
   describe 'validation' do
     let!(:project) { create(:project) }
 
-- 
cgit v1.2.1


From 8a00c6b8778f0b50ede6bdcdbc8c3446f48efe4a Mon Sep 17 00:00:00 2001
From: Dan Davison <ddavison@gitlab.com>
Date: Wed, 31 Jul 2019 02:08:36 +0000
Subject: Add support for controlling amount of nodes

Nodes spun up in Gcloud defaults to '3' nodes
This number can be a lot considering the QA
autodevops spec does not need this many nodes
---
 qa/qa/runtime/env.rb                | 4 ++++
 qa/qa/service/kubernetes_cluster.rb | 1 +
 2 files changed, 5 insertions(+)

diff --git a/qa/qa/runtime/env.rb b/qa/qa/runtime/env.rb
index e78b9bece19..4e5610d69b7 100644
--- a/qa/qa/runtime/env.rb
+++ b/qa/qa/runtime/env.rb
@@ -181,6 +181,10 @@ module QA
         ENV.fetch('GCLOUD_REGION')
       end
 
+      def gcloud_num_nodes
+        ENV.fetch('GCLOUD_NUM_NODES', 3)
+      end
+
       def has_gcloud_credentials?
         %w[GCLOUD_ACCOUNT_KEY GCLOUD_ACCOUNT_EMAIL].none? { |var| ENV[var].to_s.empty? }
       end
diff --git a/qa/qa/service/kubernetes_cluster.rb b/qa/qa/service/kubernetes_cluster.rb
index 7b3451ed799..ac0b6313167 100644
--- a/qa/qa/service/kubernetes_cluster.rb
+++ b/qa/qa/service/kubernetes_cluster.rb
@@ -30,6 +30,7 @@ module QA
           --enable-basic-auth
           --region #{Runtime::Env.gcloud_region}
           --disk-size 10GB
+          --num-nodes #{Runtime::Env.gcloud_num_nodes}
           && gcloud container clusters
           get-credentials
           --region #{Runtime::Env.gcloud_region}
-- 
cgit v1.2.1


From 783b05959a1398cde3284c504af9b1d4f1e75fbd Mon Sep 17 00:00:00 2001
From: Russell Dickenson <rdickenson@gitlab.com>
Date: Wed, 31 Jul 2019 02:15:48 +0000
Subject: Edits to user Profile and Settings content

Each of these files were edited to ensure compliance
with the docs standard layout, as part of the SSOT epic.

In addition, some copy editing was done, to improve clarity,
and comply with the GitLab docs style guide.
---
 doc/user/profile/account/delete_account.md         |  26 ++++-
 .../profile/account/two_factor_authentication.md   |  18 +++-
 doc/user/profile/active_sessions.md                |  23 +++-
 doc/user/profile/index.md                          | 120 +++++++++++++--------
 doc/user/profile/personal_access_tokens.md         |  16 +++
 doc/user/profile/preferences.md                    |  30 ++++--
 6 files changed, 176 insertions(+), 57 deletions(-)

diff --git a/doc/user/profile/account/delete_account.md b/doc/user/profile/account/delete_account.md
index cbee79de493..5b0954195f8 100644
--- a/doc/user/profile/account/delete_account.md
+++ b/doc/user/profile/account/delete_account.md
@@ -1,3 +1,7 @@
+---
+type: howto
+---
+
 # Deleting a User account
 
 Users can be deleted from a GitLab instance, either by:
@@ -64,8 +68,20 @@ for such records. Any commits made by a deleted user will still display the
 username of the original user.
 
 When a user is deleted from an [abuse report](../../admin_area/abuse_reports.md)
-or spam log, these associated records are not ghosted and will be removed, along
-with any groups the user is a sole owner of.
-
-Administrators can also request this behavior when deleting users from the
-[API](../../../api/users.md#user-deletion) or the Admin Area.
+or spam log, these associated
+records are not ghosted and will be removed, along with any groups the user
+is a sole owner of. Administrators can also request this behavior when
+deleting users from the [API](../../../api/users.md#user-deletion) or the
+Admin Area.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/profile/account/two_factor_authentication.md b/doc/user/profile/account/two_factor_authentication.md
index d3a634c7b9d..e2b1a20a605 100644
--- a/doc/user/profile/account/two_factor_authentication.md
+++ b/doc/user/profile/account/two_factor_authentication.md
@@ -1,3 +1,7 @@
+---
+type: howto
+---
+
 # Two-Factor Authentication
 
 Two-factor Authentication (2FA) provides an additional level of security to your
@@ -15,7 +19,7 @@ When you enable 2FA, don't forget to back up your [recovery codes](#recovery-cod
 
 In addition to time-based one time passwords (TOTP), GitLab supports U2F
 (universal 2nd factor) devices as the second factor of authentication. Once
-enabled, in addition to supplying your username and password to login, you'll
+enabled, in addition to supplying your username and password to log in, you'll
 be prompted to activate your U2F device (usually by pressing a button on it),
 and it will perform secure authentication on your behalf.
 
@@ -238,3 +242,15 @@ Sign in and re-enable two-factor authentication as soon as possible.
   - The user logs out and attempts to log in via `first.host.xyz` - U2F authentication succeeds.
   - The user logs out and attempts to log in via `second.host.xyz` - U2F authentication fails, because
     the U2F key has only been registered on `first.host.xyz`.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/profile/active_sessions.md b/doc/user/profile/active_sessions.md
index 28e3f4904a9..2d7bd25fc27 100644
--- a/doc/user/profile/active_sessions.md
+++ b/doc/user/profile/active_sessions.md
@@ -1,14 +1,31 @@
+---
+type: howto
+---
+
 # Active Sessions
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/17867)
 >   in GitLab 10.8.
 
 GitLab lists all devices that have logged into your account. This allows you to
-review the sessions.
+review the sessions, and revoke any you don't recognize.
 
 ## Listing all active sessions
 
-1. On the upper right corner, click on your avatar and go to your **Settings**.
-1. Navigate to the **Active Sessions** tab.
+1. Click your avatar.
+1. Select **Settings**.
+1. Click **Active Sessions** in the sidebar.
 
 ![Active sessions list](img/active_sessions_list.png)
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/profile/index.md b/doc/user/profile/index.md
index fc5eb8c7b56..06710065dfd 100644
--- a/doc/user/profile/index.md
+++ b/doc/user/profile/index.md
@@ -1,7 +1,12 @@
+---
+type: index, howto
+---
+
 # User account
 
-When signed into their GitLab account, users can customize their
-experience according to the best approach to their cases.
+Each GitLab account has a user profile, and settings. Your [profile](#user-profile)
+contains information about you, and your GitLab activity. Your [settings](#profile-settings)
+allow you to customize some aspects of GitLab to suit yourself.
 
 ## Signing in
 
@@ -10,8 +15,10 @@ See the [authentication topic](../../topics/authentication/index.md) for more de
 
 ## User profile
 
-Your profile is available from the up-right corner menu bar (user's avatar) > **Profile**,
-or from `https://example.gitlab.com/username`.
+To access your profile:
+
+1. Click on your avatar.
+1. Select **Profile**.
 
 On your profile page, you will see the following information:
 
@@ -24,8 +31,10 @@ On your profile page, you will see the following information:
 
 ## Profile settings
 
-You can edit your account settings by navigating from the up-right corner menu bar
-(user's avatar) > **Settings**, or visiting `https://example.gitlab.com/profile`.
+To access your profile settings:
+
+1. Click on your avatar.
+1. Select **Settings**.
 
 From there, you can:
 
@@ -56,8 +65,8 @@ before proceeding.
 To change your `username`:
 
 1. Navigate to your [profile's](#profile-settings) **Settings > Account**.
-1. Enter a new username under "Change username".
-1. Hit **Update username**.
+1. Enter a new username under **Change username**.
+1. Click **Update username**.
 
 CAUTION: **Caution:**
 It is currently not possible to change your username if it contains a
@@ -86,12 +95,15 @@ The following information will be hidden from the user profile page (`https://gi
 
 To enable private profile:
 
-1. Navigate to your personal [profile settings](#profile-settings).
-1. Check the "Private profile" option.
-1. Hit **Update profile settings**.
+1. Click your avatar.
+1. Select **Profile**.
+1. Click **Edit profile** (pencil icon).
+1. Check the **Private profile** option in the **Main settings** section.
+1. Click **Update profile settings**.
 
 NOTE: **Note:**
-You and GitLab admins can see your the abovementioned information on your profile even if it is private.
+All your profile information can be seen by yourself, and GitLab admins, even if
+the **Private profile** option is enabled.
 
 ## Add details of external accounts
 
@@ -99,9 +111,15 @@ GitLab allows you to add links to certain other external accounts you might have
 
 To add links to other accounts:
 
-1. Navigate to your **User Settings > Profile**.
-1. In the **Main settings** section, locate and fill out fields for links to external accounts like Skype and Twitter.
-1. Click the **Update profile settings** button.
+1. Click your avatar.
+1. Select **Profile**.
+1. Click **Edit profile** (pencil icon).
+1. Complete the desired fields for external accounts, in the **Main settings**
+   section:
+   - Skype
+   - Twitter
+   - LinkedIn
+1. Click **Update profile settings**.
 
 ## Private contributions
 
@@ -111,9 +129,11 @@ Enabling private contributions will include contributions to private projects, i
 
 To enable private contributions:
 
-1. Navigate to your personal [profile settings](#profile-settings).
-1. Check the "Private contributions" option.
-1. Hit **Update profile settings**.
+1. Click on your avatar.
+1. Select **Profile**.
+1. Click **Edit profile** (pencil icon).
+1. Check the **Private contributions** option.
+1. Click **Update profile settings**.
 
 ## Current status
 
@@ -124,22 +144,24 @@ This may be helpful when you are out of office or otherwise not available.
 Other users can then take your status into consideration when responding to your issues or assigning work to you.
 Please be aware that your status is publicly visible even if your [profile is private](#private-profile).
 
+Status messages are restricted to 100 characters of plain text.
+They may however contain emoji codes such as `I'm on vacation :palm_tree:`.
+
 To set your current status:
 
-1. Open the user menu in the top-right corner of the navigation bar.
-1. Hit **Set status**, or **Edit status** if you have already set a status.
-1. Set the emoji and/or status message to your liking.
-1. Hit **Set status**. Alternatively, you can also hit **Remove status** to remove your user status entirely.
+1. Click your avatar.
+1. Click **Set status**, or **Edit status** if you have already set a status.
+1. Set the desired emoji and/or status message.
+1. Click **Set status**. Alternatively, you can click **Remove status** to remove your user status entirely.
 
 or
 
-1. Navigate to your personal [profile settings](#profile-settings).
-1. In the text field below `Your status`, enter your status message.
-1. Select an emoji from the dropdown if you like.
-1. Hit **Update profile settings**.
-
-Status messages are restricted to 100 characters of plain text.
-They may however contain emoji codes such as `I'm on vacation :palm_tree:`.
+1. Click your avatar.
+1. Select **Profile**.
+1. Click **Edit profile** (pencil icon).
+1. Enter your status message in the **Your status** text field.
+1. Click **Add status emoji** (smiley face), and select the desired emoji.
+1. Click **Update profile settings**.
 
 You can also set your current status [using the API](../../api/users.md#user-status).
 
@@ -153,34 +175,36 @@ Any of your own verified email addresses can be used as the commit email.
 
 To change your commit email:
 
-1. Click on your avatar at the top-right corner of the navigation bar.
-1. From the menu that appears, click **Settings**.
-1. In the **Main settings** section, locate  **Commit email** dropdown.
+1. Click your avatar.
+1. Select **Profile**.
+1. Click **Edit profile** (pencil icon).
+1. Click **Commit email** dropdown.
 1. Select any of the verified emails.
-1. Press **Update profile settings**.
+1. Click **Update profile settings**.
 
 ### Private commit email
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/22560) in GitLab 11.5.
 
-GitLab provides users with an automatically generated private commit email option,
-which allows the user to not make their email information public.
+GitLab provides the user with an automatically generated private commit email option,
+which allows the user to keep their email information private.
 
 To enable this option:
 
-1. Click on your avatar at the top-right corner of the navigation bar.
-1. From the menu that appears, click **Settings**.
-1. In the **Main settings** section, locate  **Commit email** dropdown.
-1. Select the "Use a private email" option.
-1. Press **Update profile settings**.
+1. Click your avatar.
+1. Select **Profile**.
+1. Click **Edit profile** (pencil icon).
+1. Click **Commit email** dropdown.
+1. Select **Use a private email** option.
+1. Click **Update profile settings**.
 
 Once this option is enabled, every Git-related action will be performed using the private commit email.
 
-In order to stay fully anonymous, you can also copy this private commit email
+To stay fully anonymous, you can also copy this private commit email
 and configure it on your local machine using the following command:
 
 ```sh
-git config --global user.email <YOUR_PRIVATE_COMMIT_EMAIL>
+git config --global user.email <your email address>
 ```
 
 ## Troubleshooting
@@ -203,3 +227,15 @@ to get you a new `_gitlab_session` and keep you signed in through browser restar
 
 After your `remember_user_token` expires and your `_gitlab_session` is cleared/expired,
 you will be asked to sign in again to verify your identity (which is for security reasons).
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/profile/personal_access_tokens.md b/doc/user/profile/personal_access_tokens.md
index 0b224fc7e01..248188a6457 100644
--- a/doc/user/profile/personal_access_tokens.md
+++ b/doc/user/profile/personal_access_tokens.md
@@ -1,3 +1,7 @@
+---
+type: concepts, howto
+---
+
 # Personal access tokens
 
 > [Introduced][ce-3749] in GitLab 8.8.
@@ -52,3 +56,15 @@ the following table.
 [container registry]: ../project/container_registry.md
 [users]: ../../api/users.md
 [usage]: ../../api/README.md#personal-access-tokens
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/profile/preferences.md b/doc/user/profile/preferences.md
index b1fde3b577b..5bd4b263a58 100644
--- a/doc/user/profile/preferences.md
+++ b/doc/user/profile/preferences.md
@@ -1,11 +1,17 @@
+---
+type: concepts, howto
+---
+
 # Profile preferences
 
 A user's profile preferences page allows the user to customize various aspects
 of GitLab to their liking.
 
-To navigate to your profile's preferences, click your avatar icon in the top
-right corner, select **Settings** and then choose **Preferences** from the
-left sidebar.
+To navigate to your profile's preferences:
+
+1. Click your avatar.
+1. Select **Settings**.
+1. Click **Preferences** in the sidebar.
 
 ## Navigation theme
 
@@ -15,7 +21,7 @@ and left side navigation.
 Using individual color themes might help you differentiate between your different
 GitLab instances.
 
-The default palette is Indigo. You can choose between 10 different themes:
+The default theme is Indigo. You can choose between 10 themes:
 
 - Indigo
 - Light Indigo
@@ -39,7 +45,7 @@ for syntax highlighting. For a list of supported languages visit the rouge websi
 Changing this setting allows you to customize the color theme when viewing any
 syntax highlighted code on GitLab.
 
-The default syntax theme is White, and you can choose among 5 different colors:
+The default syntax theme is White, and you can choose among 5 different themes:
 
 - White
 - Dark
@@ -102,7 +108,7 @@ Select your preferred language from a list of supported languages.
 
 ### First day of the week
 
-The first day of the week can be customised for calendar views and date pickers.
+The first day of the week can be customized for calendar views and date pickers.
 
 You can choose one of the following options as the first day of the week:
 
@@ -111,3 +117,15 @@ You can choose one of the following options as the first day of the week:
 - Monday
 
 If you select **System Default**, the system-wide default setting will be used.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
-- 
cgit v1.2.1


From 6dbf634e93837e45a3cdc5c7beb8641cf1f9bbd1 Mon Sep 17 00:00:00 2001
From: Mark Lapierre <mlapierre@gitlab.com>
Date: Wed, 31 Jul 2019 14:55:57 +1000
Subject: Fix push file size test

And remove it from quarantine
---
 .../repository/push_over_http_file_size_spec.rb    | 34 ++++++++++++++++++----
 1 file changed, 28 insertions(+), 6 deletions(-)

diff --git a/qa/qa/specs/features/browser_ui/3_create/repository/push_over_http_file_size_spec.rb b/qa/qa/specs/features/browser_ui/3_create/repository/push_over_http_file_size_spec.rb
index 11fd570d131..2027a3c16aa 100644
--- a/qa/qa/specs/features/browser_ui/3_create/repository/push_over_http_file_size_spec.rb
+++ b/qa/qa/specs/features/browser_ui/3_create/repository/push_over_http_file_size_spec.rb
@@ -1,8 +1,7 @@
 # frozen_string_literal: true
 
 module QA
-  # Failure issue: https://gitlab.com/gitlab-org/quality/nightly/issues/113
-  context 'Create', :requires_admin, :quarantine do
+  context 'Create', :requires_admin do
     describe 'push after setting the file size limit via admin/application_settings' do
       before(:context) do
         @project = Resource::Project.fabricate_via_api! do |p|
@@ -21,14 +20,21 @@ module QA
 
       it 'push successful when the file size is under the limit' do
         set_file_size_limit(5)
-        push = push_new_file('oversize_file_1.bin', wait_for_push: true)
-        expect(push.output).not_to have_content 'remote: fatal: pack exceeds maximum allowed size'
+
+        retry_on_fail do
+          push = push_new_file('oversize_file_1.bin', wait_for_push: true)
+
+          expect(push.output).not_to have_content 'remote: fatal: pack exceeds maximum allowed size'
+        end
       end
 
       it 'push fails when the file size is above the limit' do
         set_file_size_limit(1)
-        expect { push_new_file('oversize_file_2.bin', wait_for_push: false) }
-          .to raise_error(QA::Git::Repository::RepositoryCommandError, /remote: fatal: pack exceeds maximum allowed size/)
+
+        retry_on_fail do
+          expect { push_new_file('oversize_file_2.bin', wait_for_push: false) }
+            .to raise_error(QA::Git::Repository::RepositoryCommandError, /remote: fatal: pack exceeds maximum allowed size/)
+        end
       end
 
       def set_file_size_limit(limit)
@@ -54,6 +60,22 @@ module QA
 
         output
       end
+
+      # Application settings are cached for up to a minute. So when we change
+      # the `receive_max_input_size` setting, the setting might not be applied
+      # for minute. This caused the tests to intermittently fail.
+      # See https://gitlab.com/gitlab-org/quality/nightly/issues/113
+      #
+      # Instead of waiting a minute after changing the setting, we retry the
+      # attempt to push if it fails. Most of the time the setting is updated in
+      # under a minute, i.e., in fewer than 6 attempts with a 10 second sleep
+      # between attempts.
+      # See https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/30233#note_188616863
+      def retry_on_fail
+        Support::Retrier.retry_on_exception(max_attempts: 6, reload_page: nil, sleep_interval: 10) do
+          yield
+        end
+      end
     end
   end
 end
-- 
cgit v1.2.1


From 74563593b9c6e87bd5f1f5e85b1c68d78ee0296e Mon Sep 17 00:00:00 2001
From: Sarah Yasonik <syasonik@gitlab.com>
Date: Wed, 31 Jul 2019 06:32:47 +0000
Subject: Ensure default metrics embed is cached

---
 app/services/metrics/dashboard/default_embed_service.rb       | 2 +-
 spec/services/metrics/dashboard/default_embed_service_spec.rb | 6 ++++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/app/services/metrics/dashboard/default_embed_service.rb b/app/services/metrics/dashboard/default_embed_service.rb
index 0967c5bcfeb..8b01b44fc98 100644
--- a/app/services/metrics/dashboard/default_embed_service.rb
+++ b/app/services/metrics/dashboard/default_embed_service.rb
@@ -23,7 +23,7 @@ module Metrics
       # Returns a new dashboard with only the matching
       # metrics from the system dashboard, stripped of groups.
       # @return [Hash]
-      def raw_dashboard
+      def get_raw_dashboard
         panels = panel_groups.each_with_object([]) do |group, panels|
           matched_panels = group['panels'].select { |panel| matching_panel?(panel) }
 
diff --git a/spec/services/metrics/dashboard/default_embed_service_spec.rb b/spec/services/metrics/dashboard/default_embed_service_spec.rb
index 5b24b9b2a14..803b9a93be7 100644
--- a/spec/services/metrics/dashboard/default_embed_service_spec.rb
+++ b/spec/services/metrics/dashboard/default_embed_service_spec.rb
@@ -14,14 +14,16 @@ describe Metrics::Dashboard::DefaultEmbedService, :use_clean_rails_memory_store_
   end
 
   describe '#get_dashboard' do
-    let(:service_params) { [project, user, { environment: environment, dashboard_path: nil }] }
+    let(:service_params) { [project, user, { environment: environment }] }
     let(:service_call) { described_class.new(*service_params).get_dashboard }
 
     it_behaves_like 'valid embedded dashboard service response'
     it_behaves_like 'raises error for users with insufficient permissions'
 
     it 'caches the unprocessed dashboard for subsequent calls' do
-      expect(YAML).to receive(:safe_load).once.and_call_original
+      system_service = Metrics::Dashboard::SystemDashboardService
+
+      expect(system_service).to receive(:new).once.and_call_original
 
       described_class.new(*service_params).get_dashboard
       described_class.new(*service_params).get_dashboard
-- 
cgit v1.2.1


From 4c313725bee3687b6ced47522c47c08a614061fa Mon Sep 17 00:00:00 2001
From: Patrick Derichs <pderichs@gitlab.com>
Date: Mon, 29 Jul 2019 12:31:37 +0200
Subject: Add edit_note helper method

---
 spec/support/helpers/features/notes_helpers.rb | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/spec/support/helpers/features/notes_helpers.rb b/spec/support/helpers/features/notes_helpers.rb
index a2d8d71b541..8c27f81930d 100644
--- a/spec/support/helpers/features/notes_helpers.rb
+++ b/spec/support/helpers/features/notes_helpers.rb
@@ -23,6 +23,14 @@ module Spec
             end
           end
 
+          def edit_note(note_text_to_edit, new_note_text)
+            page.within('#notes-list li.note', text: note_text_to_edit) do
+              find('.js-note-edit').click
+              fill_in('note[note]', with: new_note_text)
+              find('.js-comment-button').click
+            end
+          end
+
           def preview_note(text)
             page.within('.js-main-target-form') do
               filled_text = fill_in('note[note]', with: text)
-- 
cgit v1.2.1


From 5c7f2853dc5a8eca874108a0217a115090f29e9b Mon Sep 17 00:00:00 2001
From: Reuben Pereira <rpereira@gitlab.com>
Date: Wed, 31 Jul 2019 06:54:03 +0000
Subject: Allow blank but not nil in validations

- The most common use case for qualified_domain_validator currently is
to allow blank ([]) but not allow nil. Modify the
qualified_domain_validator to support this use case.
---
 app/models/application_setting.rb                  |  6 ++---
 app/models/application_setting_implementation.rb   |  4 +++
 app/validators/qualified_domain_array_validator.rb |  4 +--
 .../admin/application_settings/_outbound.html.haml |  2 +-
 locale/gitlab.pot                                  |  6 ++---
 spec/models/application_setting_spec.rb            |  2 +-
 .../application_setting_examples.rb                | 11 ++++++++
 .../qualified_domain_array_validator_spec.rb       | 30 ++++++++--------------
 8 files changed, 36 insertions(+), 29 deletions(-)

diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb
index a769a8f07fd..9dbcef8abaa 100644
--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@@ -42,9 +42,9 @@ class ApplicationSetting < ApplicationRecord
   validates :uuid, presence: true
 
   validates :outbound_local_requests_whitelist,
-            length: { maximum: 1_000, message: N_('is too long (maximum is 1000 entries)') }
-
-  validates :outbound_local_requests_whitelist, qualified_domain_array: true, allow_blank: true
+            length: { maximum: 1_000, message: N_('is too long (maximum is 1000 entries)') },
+            allow_nil: false,
+            qualified_domain_array: true
 
   validates :session_expire_delay,
             presence: true,
diff --git a/app/models/application_setting_implementation.rb b/app/models/application_setting_implementation.rb
index 1e612bd0e78..6efd07a6008 100644
--- a/app/models/application_setting_implementation.rb
+++ b/app/models/application_setting_implementation.rb
@@ -163,6 +163,8 @@ module ApplicationSettingImplementation
 
   def outbound_local_requests_whitelist_arrays
     strong_memoize(:outbound_local_requests_whitelist_arrays) do
+      next [[], []] unless self.outbound_local_requests_whitelist
+
       ip_whitelist = []
       domain_whitelist = []
 
@@ -284,6 +286,8 @@ module ApplicationSettingImplementation
   end
 
   def domain_strings_to_array(values)
+    return [] unless values
+
     values
       .split(DOMAIN_LIST_SEPARATOR)
       .reject(&:empty?)
diff --git a/app/validators/qualified_domain_array_validator.rb b/app/validators/qualified_domain_array_validator.rb
index 986c146a9db..c3a79d21ac0 100644
--- a/app/validators/qualified_domain_array_validator.rb
+++ b/app/validators/qualified_domain_array_validator.rb
@@ -23,9 +23,9 @@ class QualifiedDomainArrayValidator < ActiveModel::EachValidator
   private
 
   def validate_value_present(record, attribute, value)
-    return unless value.blank?
+    return unless value.nil?
 
-    record.errors.add(attribute, _('entries cannot be blank'))
+    record.errors.add(attribute, _('entries cannot be nil'))
   end
 
   def validate_host_length(record, attribute, value)
diff --git a/app/views/admin/application_settings/_outbound.html.haml b/app/views/admin/application_settings/_outbound.html.haml
index e58bb526c11..4fecdb59e1d 100644
--- a/app/views/admin/application_settings/_outbound.html.haml
+++ b/app/views/admin/application_settings/_outbound.html.haml
@@ -13,7 +13,7 @@
         = _('Whitelist to allow requests to the local network from hooks and services')
       = f.text_area :outbound_local_requests_whitelist_raw, placeholder: "example.com, 192.168.1.1", class: 'form-control', rows: 8
       %span.form-text.text-muted
-        = _('Requests to these domain(s)/address(es) on the local network will be allowed when local requests from hooks and services are disabled. IP ranges such as 1:0:0:0:0:0:0:0/124 or 127.0.0.0/28 are supported. Domain wildcards are not supported currently. Use comma, semicolon, or newline to separate multiple entries. The whitelist can hold a maximum of 4000 entries. Domains should use IDNA encoding. Ex: domain.com, 192.168.1.1, 127.0.0.0/28.')
+        = _('Requests to these domain(s)/address(es) on the local network will be allowed when local requests from hooks and services are not allowed. IP ranges such as 1:0:0:0:0:0:0:0/124 or 127.0.0.0/28 are supported. Domain wildcards are not supported currently. Use comma, semicolon, or newline to separate multiple entries. The whitelist can hold a maximum of 1000 entries. Domains should use IDNA encoding. Ex: example.com, 192.168.1.1, 127.0.0.0/28, xn--itlab-j1a.com.')
 
     .form-group
       .form-check
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index feae99fb95a..878ee5bc344 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -9238,7 +9238,7 @@ msgstr ""
 msgid "Requests Profiles"
 msgstr ""
 
-msgid "Requests to these domain(s)/address(es) on the local network will be allowed when local requests from hooks and services are disabled. IP ranges such as 1:0:0:0:0:0:0:0/124 or 127.0.0.0/28 are supported. Domain wildcards are not supported currently. Use comma, semicolon, or newline to separate multiple entries. The whitelist can hold a maximum of 4000 entries. Domains should use IDNA encoding. Ex: domain.com, 192.168.1.1, 127.0.0.0/28."
+msgid "Requests to these domain(s)/address(es) on the local network will be allowed when local requests from hooks and services are not allowed. IP ranges such as 1:0:0:0:0:0:0:0/124 or 127.0.0.0/28 are supported. Domain wildcards are not supported currently. Use comma, semicolon, or newline to separate multiple entries. The whitelist can hold a maximum of 1000 entries. Domains should use IDNA encoding. Ex: example.com, 192.168.1.1, 127.0.0.0/28, xn--itlab-j1a.com."
 msgstr ""
 
 msgid "Require all users in this group to setup Two-factor authentication"
@@ -13137,10 +13137,10 @@ msgstr ""
 msgid "encrypted: needs to be a :required, :optional or :migrating!"
 msgstr ""
 
-msgid "entries cannot be blank"
+msgid "entries cannot be larger than 255 characters"
 msgstr ""
 
-msgid "entries cannot be larger than 255 characters"
+msgid "entries cannot be nil"
 msgstr ""
 
 msgid "entries cannot contain HTML tags"
diff --git a/spec/models/application_setting_spec.rb b/spec/models/application_setting_spec.rb
index bd87bbd8d68..db80b85360f 100644
--- a/spec/models/application_setting_spec.rb
+++ b/spec/models/application_setting_spec.rb
@@ -45,7 +45,7 @@ describe ApplicationSetting do
     it { is_expected.to allow_value(['xn--itlab-j1a.com']).for(:outbound_local_requests_whitelist) }
     it { is_expected.not_to allow_value(['<h1></h1>']).for(:outbound_local_requests_whitelist) }
     it { is_expected.to allow_value(['gitlab.com']).for(:outbound_local_requests_whitelist) }
-    it { is_expected.to allow_value(nil).for(:outbound_local_requests_whitelist) }
+    it { is_expected.not_to allow_value(nil).for(:outbound_local_requests_whitelist) }
     it { is_expected.to allow_value([]).for(:outbound_local_requests_whitelist) }
 
     context "when user accepted let's encrypt terms of service" do
diff --git a/spec/support/shared_examples/application_setting_examples.rb b/spec/support/shared_examples/application_setting_examples.rb
index 2c600785ad3..0e6a8059376 100644
--- a/spec/support/shared_examples/application_setting_examples.rb
+++ b/spec/support/shared_examples/application_setting_examples.rb
@@ -40,6 +40,11 @@ RSpec.shared_examples 'string of domains' do |attribute|
     setting.method("#{attribute}_raw=").call("example;34543:garbage:fdh5654;")
     expect(setting.method(attribute).call).to contain_exactly('example', '34543:garbage:fdh5654')
   end
+
+  it 'does not raise error with nil' do
+    setting.method("#{attribute}_raw=").call(nil)
+    expect(setting.method(attribute).call).to eq([])
+  end
 end
 
 RSpec.shared_examples 'application settings examples' do
@@ -75,6 +80,12 @@ RSpec.shared_examples 'application settings examples' do
 
       expect(setting.outbound_local_requests_whitelist_arrays).to contain_exactly(ip_whitelist, domain_whitelist)
     end
+
+    it 'does not raise error with nil' do
+      setting.outbound_local_requests_whitelist = nil
+
+      expect(setting.outbound_local_requests_whitelist_arrays).to contain_exactly([], [])
+    end
   end
 
   describe 'usage ping settings' do
diff --git a/spec/validators/qualified_domain_array_validator_spec.rb b/spec/validators/qualified_domain_array_validator_spec.rb
index a96b00bfd1d..6beb4c67f6f 100644
--- a/spec/validators/qualified_domain_array_validator_spec.rb
+++ b/spec/validators/qualified_domain_array_validator_spec.rb
@@ -19,20 +19,19 @@ describe QualifiedDomainArrayValidator do
 
   subject { validator.validate(record) }
 
-  shared_examples 'cannot be blank' do
-    it 'returns error when attribute is blank' do
-      record.domain_array = []
+  shared_examples 'can be nil' do
+    it 'allows when attribute is nil' do
+      record.domain_array = nil
 
       subject
 
-      expect(record.errors).to be_present
-      expect(record.errors.first[1]).to eq 'entries cannot be blank'
+      expect(record.errors).to be_empty
     end
   end
 
-  shared_examples 'can be nil' do
-    it 'allows when attribute is nil' do
-      record.domain_array = nil
+  shared_examples 'can be blank' do
+    it 'allows when attribute is blank' do
+      record.domain_array = []
 
       subject
 
@@ -43,7 +42,7 @@ describe QualifiedDomainArrayValidator do
   describe 'validations' do
     let(:validator) { described_class.new(attributes: [:domain_array]) }
 
-    it_behaves_like 'cannot be blank'
+    it_behaves_like 'can be blank'
 
     it 'returns error when attribute is nil' do
       record.domain_array = nil
@@ -51,6 +50,7 @@ describe QualifiedDomainArrayValidator do
       subject
 
       expect(record.errors).to be_present
+      expect(record.errors.first[1]).to eq('entries cannot be nil')
     end
 
     it 'allows when domain is valid' do
@@ -91,21 +91,13 @@ describe QualifiedDomainArrayValidator do
     let(:validator) { described_class.new(attributes: [:domain_array], allow_nil: true) }
 
     it_behaves_like 'can be nil'
-
-    it_behaves_like 'cannot be blank'
+    it_behaves_like 'can be blank'
   end
 
   context 'when allow_blank is set to true' do
     let(:validator) { described_class.new(attributes: [:domain_array], allow_blank: true) }
 
     it_behaves_like 'can be nil'
-
-    it 'allows when attribute is blank' do
-      record.domain_array = []
-
-      subject
-
-      expect(record.errors).to be_empty
-    end
+    it_behaves_like 'can be blank'
   end
 end
-- 
cgit v1.2.1


From cc76259e8d0101c8f2a890a7f6dcf41ec1c58e18 Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Wed, 31 Jul 2019 08:28:51 +0000
Subject: Fix whitespace in ci docs

Many code blocks are 4spaced, and they render in GitLab
without coloring as a result, even though they are
fenced with a language label. If in a list, other items
will render as being in a code block too, even if not
meant to. This fixes all these issues for most docs in
/development, and cleans up other whitespace issues too
---
 doc/development/documentation/index.md      |  54 +-
 doc/development/documentation/styleguide.md |  87 ++-
 doc/development/fe_guide/components.md      |  45 +-
 doc/development/fe_guide/performance.md     |  40 +-
 doc/development/fe_guide/style_guide_js.md  | 859 ++++++++++++++--------------
 doc/development/fe_guide/vuex.md            |  44 +-
 doc/development/i18n/externalization.md     | 221 +++----
 doc/development/utilities.md                | 128 ++---
 8 files changed, 750 insertions(+), 728 deletions(-)

diff --git a/doc/development/documentation/index.md b/doc/development/documentation/index.md
index d717b17136e..19b26618882 100644
--- a/doc/development/documentation/index.md
+++ b/doc/development/documentation/index.md
@@ -111,18 +111,18 @@ For example, if you were to move `doc/workflow/lfs/lfs_administration.md` to
 1. Copy `doc/workflow/lfs/lfs_administration.md` to `doc/administration/lfs.md`
 1. Replace the contents of `doc/workflow/lfs/lfs_administration.md` with:
 
-    ```md
-    This document was moved to [another location](../../administration/lfs.md).
-    ```
+   ```md
+   This document was moved to [another location](../../administration/lfs.md).
+   ```
 
 1. Find and replace any occurrences of the old location with the new one.
    A quick way to find them is to use `git grep`. First go to the root directory
    where you cloned the `gitlab-ce` repository and then do:
 
-    ```sh
-    git grep -n "workflow/lfs/lfs_administration"
-    git grep -n "lfs/lfs_administration"
-    ```
+   ```sh
+   git grep -n "workflow/lfs/lfs_administration"
+   git grep -n "lfs/lfs_administration"
+   ```
 
 NOTE: **Note:**
 If the document being moved has any Disqus comments on it, there are extra steps
@@ -296,45 +296,45 @@ You can combine one or more of the following:
 1. **Linking to an anchor link.** Use `anchor` as part of the `help_page_path`
    method:
 
-    ```haml
-    = link_to 'Help page', help_page_path('user/permissions', anchor: 'anchor-link')
-    ```
+   ```haml
+   = link_to 'Help page', help_page_path('user/permissions', anchor: 'anchor-link')
+   ```
 
 1. **Opening links in a new tab.** This should be the default behavior:
 
-    ```haml
-    = link_to 'Help page', help_page_path('user/permissions'), target: '_blank'
-    ```
+   ```haml
+   = link_to 'Help page', help_page_path('user/permissions'), target: '_blank'
+   ```
 
 1. **Linking to a circle icon.** Usually used in settings where a long
    description cannot be used, like near checkboxes. You can basically use
    any font awesome icon, but prefer the `question-circle`:
 
-    ```haml
-    = link_to icon('question-circle'), help_page_path('user/permissions')
-    ```
+   ```haml
+   = link_to icon('question-circle'), help_page_path('user/permissions')
+   ```
 
 1. **Using a button link.** Useful in places where text would be out of context
    with the rest of the page layout:
 
-    ```haml
-    = link_to 'Help page', help_page_path('user/permissions'),  class: 'btn btn-info'
-    ```
+   ```haml
+   = link_to 'Help page', help_page_path('user/permissions'),  class: 'btn btn-info'
+   ```
 
 1. **Using links inline of some text.**
 
-    ```haml
-    Description to #{link_to 'Help page', help_page_path('user/permissions')}.
-    ```
+   ```haml
+   Description to #{link_to 'Help page', help_page_path('user/permissions')}.
+   ```
 
 1. **Adding a period at the end of the sentence.** Useful when you don't want
    the period to be part of the link:
 
-    ```haml
-    = succeed '.' do
-      Learn more in the
-      = link_to 'Help page', help_page_path('user/permissions')
-    ```
+   ```haml
+   = succeed '.' do
+     Learn more in the
+     = link_to 'Help page', help_page_path('user/permissions')
+   ```
 
 ### GitLab `/help` tests
 
diff --git a/doc/development/documentation/styleguide.md b/doc/development/documentation/styleguide.md
index dd798777c12..e84d65f424e 100644
--- a/doc/development/documentation/styleguide.md
+++ b/doc/development/documentation/styleguide.md
@@ -36,8 +36,8 @@ For the Troubleshooting sections, people in GitLab Support can merge additions t
 
 Include any media types/sources if the content is relevant to readers. You can freely include or link presentations, diagrams, videos, etc.; no matter who it was originally composed for, if it is helpful to any of our audiences, we can include it.
 
-   - If you use an image that has a separate source file (for example, a vector or diagram format), link the image to the source file so that it may be reused or updated by anyone.
-   - Do not copy and paste content from other sources unless it is a limited quotation with the source cited. Typically it is better to either rephrase relevant information in your own words or link out to the other source.
+- If you use an image that has a separate source file (for example, a vector or diagram format), link the image to the source file so that it may be reused or updated by anyone.
+- Do not copy and paste content from other sources unless it is a limited quotation with the source cited. Typically it is better to either rephrase relevant information in your own words or link out to the other source.
 
 ### No special types
 
@@ -237,14 +237,14 @@ Do not include the same information in multiple places. [Link to a SSOT instead.
 - Use sentence case for titles, headings, labels, menu items, and buttons.
 - Insert an empty line between different markups (e.g., after every paragraph, header, list, etc). Example:
 
-    ```md
-    ## Header
+  ```md
+  ## Header
 
-    Paragraph.
+  Paragraph.
 
-    - List item 1
-    - List item 2
-    ```
+  - List item 1
+  - List item 2
+  ```
 
 ### Tables overlapping the TOC
 
@@ -303,12 +303,12 @@ Check specific punctuation rules for [list items](#list-items) below.
 - Be consistent throughout the list: if the majority of the items do not end in a period, do not end any of the items in a period, even if they consist of a complete sentence. The opposite is also valid: if the majority of the items end with a period, end all with a period.
 - Separate list items from explanatory text with a colon (`:`). For example:
 
-    ```md
-    The list is as follows:
+  ```md
+  The list is as follows:
 
-    - First item: this explains the first item.
-    - Second item: this explains the second item.
-    ```
+  - First item: this explains the first item.
+  - Second item: this explains the second item.
+  ```
 
 **Examples:**
 
@@ -520,16 +520,16 @@ To embed a video, follow the instructions below and make sure
 you have your MR reviewed and approved by a technical writer.
 
 1. Copy the code below and paste it into your markdown file.
-  Leave a blank line above and below it. Do NOT edit the code
-  (don't remove or add any spaces, etc).
+   Leave a blank line above and below it. Do NOT edit the code
+   (don't remove or add any spaces, etc).
 1. On YouTube, visit the video URL you want to display. Copy
-  the regular URL from your browser (`https://www.youtube.com/watch?v=VIDEO-ID`)
-  and replace the video title and link in the line under `<div class="video-fallback">`.
+   the regular URL from your browser (`https://www.youtube.com/watch?v=VIDEO-ID`)
+   and replace the video title and link in the line under `<div class="video-fallback">`.
 1. On YouTube, click **Share**, then **Embed**.
 1. Copy the `<iframe>` source (`src`) **URL only**
-  (`https://www.youtube.com/embed/VIDEO-ID`),
-  and paste it, replacing the content of the `src` field in the
-  `iframe` tag.
+   (`https://www.youtube.com/embed/VIDEO-ID`),
+   and paste it, replacing the content of the `src` field in the
+   `iframe` tag.
 
 ```html
 leave a blank line here
@@ -611,7 +611,7 @@ In most cases, content considered for a note should be included:
 #### When to use
 
 Use a note when there is a reason that most or all readers who browse the
-section should see the content. That is, if missed, it’s likely to cause 
+section should see the content. That is, if missed, it’s likely to cause
 major trouble for a minority of users or significant trouble for a majority
 of users.
 
@@ -747,24 +747,24 @@ a helpful link back to how the feature was developed.
 - For features that need to declare the GitLab version that the feature was introduced. Text similar
   to the following should be added immediately below the heading as a blockquote:
 
-    ```md
-    > Introduced in GitLab 11.3.
-    ```
+  ```md
+  > Introduced in GitLab 11.3.
+  ```
 
 - Whenever possible, version text should have a link to the issue, merge request, or epic that introduced the feature.
   An issue is preferred over a merge request, and a merge request is preferred over an epic. For example:
 
-    ```md
-    > [Introduced](<link-to-issue>) in GitLab 11.3.
-    ```
+  ```md
+  > [Introduced](<link-to-issue>) in GitLab 11.3.
+  ```
 
 - If the feature is only available in GitLab Enterprise Edition, mention
   the [paid tier](https://about.gitlab.com/handbook/marketing/product-marketing/#tiers)
   the feature is available in:
 
-    ```md
-    > [Introduced](<link-to-issue>) in [GitLab Starter](https://about.gitlab.com/pricing/) 11.3.
-    ```
+  ```md
+  > [Introduced](<link-to-issue>) in [GitLab Starter](https://about.gitlab.com/pricing/) 11.3.
+  ```
 
 ### Removing version text
 
@@ -871,14 +871,14 @@ When there is a list of steps to perform, usually that entails editing the
 configuration file and reconfiguring/restarting GitLab. In such case, follow
 the style below as a guide:
 
-```md
+````md
 **For Omnibus installations**
 
 1. Edit `/etc/gitlab/gitlab.rb`:
 
-    ```ruby
-    external_url "https://gitlab.example.com"
-    ```
+   ```ruby
+   external_url "https://gitlab.example.com"
+   ```
 
 1. Save the file and [reconfigure] GitLab for the changes to take effect.
 
@@ -888,17 +888,16 @@ the style below as a guide:
 
 1. Edit `config/gitlab.yml`:
 
-    ```yaml
-    gitlab:
-      host: "gitlab.example.com"
-    ```
+   ```yaml
+   gitlab:
+     host: "gitlab.example.com"
+   ```
 
 1. Save the file and [restart] GitLab for the changes to take effect.
 
-
 [reconfigure]: path/to/administration/restart_gitlab.md#omnibus-gitlab-reconfigure
 [restart]: path/to/administration/restart_gitlab.md#installations-from-source
-```
+````
 
 In this case:
 
@@ -917,9 +916,9 @@ on this document. Further explanation is given below.
 
 - Every method must have the REST API request. For example:
 
-    ```
-    GET /projects/:id/repository/branches
-    ```
+  ```
+  GET /projects/:id/repository/branches
+  ```
 
 - Every method must have a detailed
   [description of the parameters](#method-description).
@@ -971,7 +970,7 @@ You can use the following fake tokens as examples.
 
 | Token type            | Token value                                                        |
 |:----------------------|:-------------------------------------------------------------------|
-| Private user token    | `<your_access_token>`                                             |
+| Private user token    | `<your_access_token>`                                              |
 | Personal access token | `n671WNGecHugsdEDPsyo`                                             |
 | Application ID        | `2fcb195768c39e9a94cec2c2e32c59c0aad7a3365c10892e8116b5d83d4096b6` |
 | Application secret    | `04f294d1eaca42b8692017b426d53bbc8fe75f827734f0260710b83a556082df` |
diff --git a/doc/development/fe_guide/components.md b/doc/development/fe_guide/components.md
index 52462a4bec9..096ce8ca25a 100644
--- a/doc/development/fe_guide/components.md
+++ b/doc/development/fe_guide/components.md
@@ -14,28 +14,29 @@ See also the [corresponding UX guide](https://design.gitlab.com/#/components/dro
 1. Use the HTML structure provided by the [docs][bootstrap-dropdowns]
 1. Add a specific class to the top level `.dropdown` element
 
-    ```Haml
-    .dropdown.my-dropdown
-      %button{ type: 'button', data: { toggle: 'dropdown' }, 'aria-haspopup': true, 'aria-expanded': false }
-        %span.dropdown-toggle-text
-          Toggle Dropdown
-        = icon('chevron-down')
-
-      %ul.dropdown-menu
-        %li
-          %a
-            item!
-    ```
-
-    Or use the helpers
-    ```Haml
-    .dropdown.my-dropdown
-      = dropdown_toggle('Toogle!', { toggle: 'dropdown' })
-      = dropdown_content
-        %li
-          %a
-            item!
-    ```
+   ```Haml
+   .dropdown.my-dropdown
+     %button{ type: 'button', data: { toggle: 'dropdown' }, 'aria-haspopup': true, 'aria-expanded': false }
+       %span.dropdown-toggle-text
+         Toggle Dropdown
+       = icon('chevron-down')
+
+     %ul.dropdown-menu
+       %li
+         %a
+           item!
+   ```
+
+   Or use the helpers
+
+   ```Haml
+   .dropdown.my-dropdown
+     = dropdown_toggle('Toogle!', { toggle: 'dropdown' })
+     = dropdown_content
+       %li
+         %a
+           item!
+   ```
 
 [bootstrap-dropdowns]: https://getbootstrap.com/docs/3.3/javascript/#dropdowns
 
diff --git a/doc/development/fe_guide/performance.md b/doc/development/fe_guide/performance.md
index 2628e95dbc1..676bce32998 100644
--- a/doc/development/fe_guide/performance.md
+++ b/doc/development/fe_guide/performance.md
@@ -30,8 +30,8 @@ To improve the time to first render we are using lazy loading for images. This w
 the actual image source on the `data-src` attribute. After the HTML is rendered and JavaScript is loaded,
 the value of `data-src` will be moved to `src` automatically if the image is in the current viewport.
 
--  Prepare images in HTML for lazy loading by renaming the `src` attribute to `data-src` AND adding the class `lazy`.
--  If you are using the Rails `image_tag` helper, all images will be lazy-loaded by default unless `lazy: false` is provided.
+- Prepare images in HTML for lazy loading by renaming the `src` attribute to `data-src` AND adding the class `lazy`.
+- If you are using the Rails `image_tag` helper, all images will be lazy-loaded by default unless `lazy: false` is provided.
 
 If you are asynchronously adding content which contains lazy images then you need to call the function
 `gl.lazyLoader.searchLazyImages()` which will search for lazy images and load them if needed.
@@ -96,26 +96,26 @@ bundle and included on the page.
   DOM has loaded, you should attach an event handler to the `DOMContentLoaded`
   event with:
 
-    ```javascript
-    import initMyWidget from './my_widget';
+  ```javascript
+  import initMyWidget from './my_widget';
 
-    document.addEventListener('DOMContentLoaded', () => {
-      initMyWidget();
-    });
-    ```
+  document.addEventListener('DOMContentLoaded', () => {
+    initMyWidget();
+  });
+  ```
 
 - **Supporting Module Placement:**
-    - If a class or a module is _specific to a particular route_, try to locate
-      it close to the entry point it will be used. For instance, if
-      `my_widget.js` is only imported within `pages/widget/show/index.js`, you
-      should place the module at `pages/widget/show/my_widget.js` and import it
-      with a relative path (e.g. `import initMyWidget from './my_widget';`).
-    - If a class or module is _used by multiple routes_, place it within a
-      shared directory at the closest common parent directory for the entry
-      points that import it.  For example, if `my_widget.js` is imported within
-      both `pages/widget/show/index.js` and `pages/widget/run/index.js`, then
-      place the module at `pages/widget/shared/my_widget.js` and import it with
-      a relative path if possible (e.g. `../shared/my_widget`).
+  - If a class or a module is _specific to a particular route_, try to locate
+    it close to the entry point it will be used. For instance, if
+    `my_widget.js` is only imported within `pages/widget/show/index.js`, you
+    should place the module at `pages/widget/show/my_widget.js` and import it
+    with a relative path (e.g. `import initMyWidget from './my_widget';`).
+  - If a class or module is _used by multiple routes_, place it within a
+    shared directory at the closest common parent directory for the entry
+    points that import it.  For example, if `my_widget.js` is imported within
+    both `pages/widget/show/index.js` and `pages/widget/run/index.js`, then
+    place the module at `pages/widget/shared/my_widget.js` and import it with
+    a relative path if possible (e.g. `../shared/my_widget`).
 
 - **Enterprise Edition Caveats:**
   For GitLab Enterprise Edition, page-specific entry points will override their
@@ -161,7 +161,7 @@ General tips:
 - Use code-splitting dynamic imports wherever possible to lazy-load code that is not needed initially.
 - [High Performance Animations][high-perf-animations]
 
--------
+---
 
 ## Additional Resources
 
diff --git a/doc/development/fe_guide/style_guide_js.md b/doc/development/fe_guide/style_guide_js.md
index 18ef754642d..b0bbb4cc4b2 100644
--- a/doc/development/fe_guide/style_guide_js.md
+++ b/doc/development/fe_guide/style_guide_js.md
@@ -20,33 +20,33 @@ See [our current .eslintrc](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/
 
 1. **Never Ever EVER** disable eslint globally for a file
 
-    ```javascript
-      // bad
-      /* eslint-disable */
+   ```javascript
+     // bad
+     /* eslint-disable */
 
-      // better
-      /* eslint-disable some-rule, some-other-rule */
+     // better
+     /* eslint-disable some-rule, some-other-rule */
 
-      // best
-      // nothing :)
-    ```
+     // best
+     // nothing :)
+   ```
 
 1. If you do need to disable a rule for a single violation, try to do it as locally as possible
 
-    ```javascript
-      // bad
-      /* eslint-disable no-new */
+   ```javascript
+     // bad
+     /* eslint-disable no-new */
 
-      import Foo from 'foo';
+     import Foo from 'foo';
 
-      new Foo();
+     new Foo();
 
-      // better
-      import Foo from 'foo';
+     // better
+     import Foo from 'foo';
 
-      // eslint-disable-next-line no-new
-      new Foo();
-    ```
+     // eslint-disable-next-line no-new
+     new Foo();
+   ```
 
 1. There are few rules that we need to disable due to technical debt. Which are:
    1. [no-new][eslint-new]
@@ -55,113 +55,113 @@ See [our current .eslintrc](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/
 1. When they are needed _always_ place ESlint directive comment blocks on the first line of a script,
    followed by any global declarations, then a blank newline prior to any imports or code.
 
-    ```javascript
-      // bad
-      /* global Foo */
-      /* eslint-disable no-new */
-      import Bar from './bar';
+   ```javascript
+     // bad
+     /* global Foo */
+     /* eslint-disable no-new */
+     import Bar from './bar';
 
-      // good
-      /* eslint-disable no-new */
-      /* global Foo */
+     // good
+     /* eslint-disable no-new */
+     /* global Foo */
 
-      import Bar from './bar';
-    ```
+     import Bar from './bar';
+   ```
 
 1. **Never** disable the `no-undef` rule. Declare globals with `/* global Foo */` instead.
 
 1. When declaring multiple globals, always use one `/* global [name] */` line per variable.
 
-    ```javascript
-      // bad
-      /* globals Flash, Cookies, jQuery */
+   ```javascript
+     // bad
+     /* globals Flash, Cookies, jQuery */
 
-      // good
-      /* global Flash */
-      /* global Cookies */
-      /* global jQuery */
-    ```
+     // good
+     /* global Flash */
+     /* global Cookies */
+     /* global jQuery */
+   ```
 
 1. Use up to 3 parameters for a function or class. If you need more accept an Object instead.
 
-    ```javascript
-      // bad
-      fn(p1, p2, p3, p4) {}
+   ```javascript
+     // bad
+     fn(p1, p2, p3, p4) {}
 
-      // good
-      fn(options) {}
-    ```
+     // good
+     fn(options) {}
+   ```
 
 #### Modules, Imports, and Exports
 
 1. Use ES module syntax to import modules
 
-    ```javascript
-      // bad
-      const SomeClass = require('some_class');
+   ```javascript
+     // bad
+     const SomeClass = require('some_class');
 
-      // good
-      import SomeClass from 'some_class';
+     // good
+     import SomeClass from 'some_class';
 
-      // bad
-      module.exports = SomeClass;
+     // bad
+     module.exports = SomeClass;
 
-      // good
-      export default SomeClass;
-    ```
+     // good
+     export default SomeClass;
+   ```
 
-    Import statements are following usual naming guidelines, for example object literals use camel case:
+   Import statements are following usual naming guidelines, for example object literals use camel case:
 
-    ```javascript
-      // some_object file
-      export default {
-        key: 'value',
-      };
+   ```javascript
+     // some_object file
+     export default {
+       key: 'value',
+     };
 
-      // bad
-      import ObjectLiteral from 'some_object';
+     // bad
+     import ObjectLiteral from 'some_object';
 
-      // good
-      import objectLiteral from 'some_object';
-    ```
+     // good
+     import objectLiteral from 'some_object';
+   ```
 
 1. Relative paths: when importing a module in the same directory, a child
    directory, or an immediate parent directory prefer relative paths.  When
    importing a module which is two or more levels up, prefer either `~/` or `ee/`.
 
-    In **app/assets/javascripts/my-feature/subdir**:
+   In **app/assets/javascripts/my-feature/subdir**:
 
-    ```javascript
-    // bad
-    import Foo from '~/my-feature/foo';
-    import Bar from '~/my-feature/subdir/bar';
-    import Bin from '~/my-feature/subdir/lib/bin';
+   ```javascript
+   // bad
+   import Foo from '~/my-feature/foo';
+   import Bar from '~/my-feature/subdir/bar';
+   import Bin from '~/my-feature/subdir/lib/bin';
 
-    // good
-    import Foo from '../foo';
-    import Bar from './bar';
-    import Bin from './lib/bin';
-    ```
+   // good
+   import Foo from '../foo';
+   import Bar from './bar';
+   import Bin from './lib/bin';
+   ```
 
-    In **spec/javascripts**:
+   In **spec/javascripts**:
 
-    ```javascript
-    // bad
-    import Foo from '../../app/assets/javascripts/my-feature/foo';
+   ```javascript
+   // bad
+   import Foo from '../../app/assets/javascripts/my-feature/foo';
 
-    // good
-    import Foo from '~/my-feature/foo';
-    ```
+   // good
+   import Foo from '~/my-feature/foo';
+   ```
 
-    When referencing an **EE component**:
+   When referencing an **EE component**:
 
-    ```javascript
-    // bad
-    import Foo from '../../../../../ee/app/assets/javascripts/my-feature/ee-foo';
+   ```javascript
+   // bad
+   import Foo from '../../../../../ee/app/assets/javascripts/my-feature/ee-foo';
 
-    // good
-    import Foo from 'ee/my-feature/foo';
-    ```
+   // good
+   import Foo from 'ee/my-feature/foo';
+   ```
 
 1. Avoid using IIFE. Although we have a lot of examples of files which wrap their
    contents in IIFEs (immediately-invoked function expressions),
@@ -170,136 +170,136 @@ See [our current .eslintrc](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/
 
 1. Avoid adding to the global namespace.
 
-    ```javascript
-      // bad
-      window.MyClass = class { /* ... */ };
+   ```javascript
+     // bad
+     window.MyClass = class { /* ... */ };
 
-      // good
-      export default class MyClass { /* ... */ }
-    ```
+     // good
+     export default class MyClass { /* ... */ }
+   ```
 
 1. Side effects are forbidden in any script which contains export
 
-    ```javascript
-      // bad
-      export default class MyClass { /* ... */ }
+   ```javascript
+     // bad
+     export default class MyClass { /* ... */ }
 
-      document.addEventListener("DOMContentLoaded", function(event) {
-        new MyClass();
-      }
-    ```
+     document.addEventListener("DOMContentLoaded", function(event) {
+       new MyClass();
+     }
+   ```
 
 #### Data Mutation and Pure functions
 
 1. Strive to write many small pure functions, and minimize where mutations occur.
 
-    ```javascript
-    // bad
-    const values = {foo: 1};
+   ```javascript
+   // bad
+   const values = {foo: 1};
 
-    function impureFunction(items) {
-      const bar = 1;
+   function impureFunction(items) {
+     const bar = 1;
 
-      items.foo = items.a * bar + 2;
+     items.foo = items.a * bar + 2;
 
-      return items.a;
-    }
+     return items.a;
+   }
 
-    const c = impureFunction(values);
+   const c = impureFunction(values);
 
-    // good
-    var values = {foo: 1};
+   // good
+   var values = {foo: 1};
 
-    function pureFunction (foo) {
-      var bar = 1;
+   function pureFunction (foo) {
+     var bar = 1;
 
-      foo = foo * bar + 2;
+     foo = foo * bar + 2;
 
-      return foo;
-    }
+     return foo;
+   }
 
-    var c = pureFunction(values.foo);
+   var c = pureFunction(values.foo);
     ```
 
 1. Avoid constructors with side-effects.
    Although we aim for code without side-effects we need some side-effects for our code to run.
 
-    If the class won't do anything if we only instantiate it, it's ok to add side effects into the constructor (_Note:_ The following is just an example. If the only purpose of the class is to add an event listener and handle the callback a function will be more suitable.)
-
-    ```javascript
-    // Bad
-    export class Foo {
-      constructor() {
-        this.init();
-      }
-      init() {
-        document.addEventListener('click', this.handleCallback)
-      },
-      handleCallback() {
-
-      }
-    }
-
-    // Good
-    export class Foo {
-      constructor() {
-        document.addEventListener()
-      }
-      handleCallback() {
-      }
-    }
-    ```
-
-    On the other hand, if a class only needs to extend a third party/add event listeners in some specific cases, they should be initialized outside of the constructor.
+   If the class won't do anything if we only instantiate it, it's ok to add side effects into the constructor (_Note:_ The following is just an example. If the only purpose of the class is to add an event listener and handle the callback a function will be more suitable.)
+
+   ```javascript
+   // Bad
+   export class Foo {
+     constructor() {
+       this.init();
+     }
+     init() {
+       document.addEventListener('click', this.handleCallback)
+     },
+     handleCallback() {
+
+     }
+   }
+
+   // Good
+   export class Foo {
+     constructor() {
+       document.addEventListener()
+     }
+     handleCallback() {
+     }
+   }
+   ```
+
+   On the other hand, if a class only needs to extend a third party/add event listeners in some specific cases, they should be initialized outside of the constructor.
 
 1. Prefer `.map`, `.reduce` or `.filter` over `.forEach`
    A forEach will most likely cause side effects, it will be mutating the array being iterated. Prefer using `.map`,
    `.reduce` or `.filter`
 
-    ```javascript
-      const users = [ { name: 'Foo' }, { name: 'Bar' } ];
+   ```javascript
+     const users = [ { name: 'Foo' }, { name: 'Bar' } ];
 
-      // bad
-      users.forEach((user, index) => {
-        user.id = index;
-      });
+     // bad
+     users.forEach((user, index) => {
+       user.id = index;
+     });
 
-      // good
-      const usersWithId = users.map((user, index) => {
-        return Object.assign({}, user, { id: index });
-      });
-    ```
+     // good
+     const usersWithId = users.map((user, index) => {
+       return Object.assign({}, user, { id: index });
+     });
+   ```
 
 #### Parse Strings into Numbers
 
 1. `parseInt()` is preferable over `Number()` or `+`
 
-    ```javascript
-      // bad
-      +'10' // 10
+   ```javascript
+     // bad
+     +'10' // 10
 
-      // good
-      Number('10') // 10
+     // good
+     Number('10') // 10
 
-      // better
-      parseInt('10', 10);
-    ```
+     // better
+     parseInt('10', 10);
+   ```
 
 #### CSS classes used for JavaScript
 
 1. If the class is being used in Javascript it needs to be prepend with `js-`
 
-    ```html
-      // bad
-      <button class="add-user">
-        Add User
-      </button>
+   ```html
+     // bad
+     <button class="add-user">
+       Add User
+     </button>
 
-      // good
-      <button class="js-add-user">
-        Add User
-      </button>
-    ```
+     // good
+     <button class="js-add-user">
+       Add User
+     </button>
+   ```
 
 ### Vue.js
 
@@ -314,43 +314,44 @@ Please check this [rules][eslint-plugin-vue-rules] for more documentation.
 1. The store has it's own file
 1. Use a function in the bundle file to instantiate the Vue component:
 
-    ```javascript
-      // bad
-      class {
-        init() {
-          new Component({})
-        }
-      }
-
-      // good
-      document.addEventListener('DOMContentLoaded', () => new Vue({
-        el: '#element',
-        components: {
-          componentName
-        },
-        render: createElement => createElement('component-name'),
-      }));
-    ```
+   ```javascript
+     // bad
+     class {
+       init() {
+         new Component({})
+       }
+     }
+
+     // good
+     document.addEventListener('DOMContentLoaded', () => new Vue({
+       el: '#element',
+       components: {
+         componentName
+       },
+       render: createElement => createElement('component-name'),
+     }));
+   ```
 
 1. Do not use a singleton for the service or the store
 
-    ```javascript
-      // bad
-      class Store {
-        constructor() {
-          if (!this.prototype.singleton) {
-            // do something
-          }
-        }
-      }
-
-      // good
-      class Store {
-        constructor() {
-          // do something
-        }
-      }
-    ```
+   ```javascript
+     // bad
+     class Store {
+       constructor() {
+         if (!this.prototype.singleton) {
+           // do something
+         }
+       }
+     }
+
+     // good
+     class Store {
+       constructor() {
+         // do something
+       }
+     }
+   ```
+
 1. Use `.vue` for Vue templates. Do not use `%template` in HAML.
 
 #### Naming
@@ -358,38 +359,38 @@ Please check this [rules][eslint-plugin-vue-rules] for more documentation.
 1. **Extensions**: Use `.vue` extension for Vue components. Do not use `.js` as file extension ([#34371]).
 1. **Reference Naming**: Use PascalCase for their instances:
 
-    ```javascript
-      // bad
-      import cardBoard from 'cardBoard.vue'
+   ```javascript
+     // bad
+     import cardBoard from 'cardBoard.vue'
 
-      components: {
-        cardBoard,
-      };
+     components: {
+       cardBoard,
+     };
 
-      // good
-      import CardBoard from 'cardBoard.vue'
+     // good
+     import CardBoard from 'cardBoard.vue'
 
-      components: {
-        CardBoard,
-      };
-    ```
+     components: {
+       CardBoard,
+     };
+   ```
 
 1. **Props Naming:**  Avoid using DOM component prop names.
 1. **Props Naming:** Use kebab-case instead of camelCase to provide props in templates.
 
-    ```javascript
-      // bad
-      <component class="btn">
+   ```javascript
+     // bad
+     <component class="btn">
 
-      // good
-      <component css-class="btn">
+     // good
+     <component css-class="btn">
 
-      // bad
-      <component myProp="prop" />
+     // bad
+     <component myProp="prop" />
 
-      // good
-      <component my-prop="prop" />
-    ```
+     // good
+     <component my-prop="prop" />
+   ```
 
 [#34371]: https://gitlab.com/gitlab-org/gitlab-ce/issues/34371
 
@@ -399,205 +400,205 @@ Please check this [rules][eslint-plugin-vue-rules] for more documentation.
 
    1. With more than one attribute, all attributes should be on a new line:
 
-        ```javascript
-          // bad
-          <component v-if="bar"
-              param="baz" />
+      ```javascript
+        // bad
+        <component v-if="bar"
+            param="baz" />
 
-          <button class="btn">Click me</button>
+        <button class="btn">Click me</button>
 
-          // good
-          <component
-            v-if="bar"
-            param="baz"
-          />
+        // good
+        <component
+          v-if="bar"
+          param="baz"
+        />
 
-          <button class="btn">
-            Click me
-          </button>
-        ```
+        <button class="btn">
+          Click me
+        </button>
+      ```
 
    1. The tag can be inline if there is only one attribute:
 
-        ```javascript
-          // good
-            <component bar="bar" />
+      ```javascript
+        // good
+          <component bar="bar" />
 
-          // good
-            <component
-              bar="bar"
-              />
+        // good
+          <component
+            bar="bar"
+            />
 
-          // bad
-           <component
-              bar="bar" />
-        ```
+        // bad
+         <component
+            bar="bar" />
+      ```
 
 #### Quotes
 
 1. Always use double quotes `"` inside templates and single quotes `'` for all other JS.
 
-    ```javascript
-      // bad
-      template: `
-        <button :class='style'>Button</button>
-      `
+   ```javascript
+     // bad
+     template: `
+       <button :class='style'>Button</button>
+     `
 
-      // good
-      template: `
-        <button :class="style">Button</button>
-      `
-    ```
+     // good
+     template: `
+       <button :class="style">Button</button>
+     `
+   ```
 
 #### Props
 
 1. Props should be declared as an object
 
-    ```javascript
-      // bad
-      props: ['foo']
-
-      // good
-      props: {
-        foo: {
-          type: String,
-          required: false,
-          default: 'bar'
-        }
-      }
-    ```
+   ```javascript
+     // bad
+     props: ['foo']
+
+     // good
+     props: {
+       foo: {
+         type: String,
+         required: false,
+         default: 'bar'
+       }
+     }
+   ```
 
 1. Required key should always be provided when declaring a prop
 
-    ```javascript
-      // bad
-      props: {
-        foo: {
-          type: String,
-        }
-      }
-
-      // good
-      props: {
-        foo: {
-          type: String,
-          required: false,
-          default: 'bar'
-        }
-      }
-    ```
+   ```javascript
+     // bad
+     props: {
+       foo: {
+         type: String,
+       }
+     }
+
+     // good
+     props: {
+       foo: {
+         type: String,
+         required: false,
+         default: 'bar'
+       }
+     }
+   ```
 
 1. Default key should be provided if the prop is not required.
    _Note:_ There are some scenarios where we need to check for the existence of the property.
    On those a default key should not be provided.
 
-    ```javascript
-      // good
-      props: {
-        foo: {
-          type: String,
-          required: false,
-        }
-      }
-
-      // good
-      props: {
-        foo: {
-          type: String,
-          required: false,
-          default: 'bar'
-        }
-      }
-
-      // good
-      props: {
-        foo: {
-          type: String,
-          required: true
-        }
-      }
-    ```
+   ```javascript
+     // good
+     props: {
+       foo: {
+         type: String,
+         required: false,
+       }
+     }
+
+     // good
+     props: {
+       foo: {
+         type: String,
+         required: false,
+         default: 'bar'
+       }
+     }
+
+     // good
+     props: {
+       foo: {
+         type: String,
+         required: true
+       }
+     }
+   ```
 
 #### Data
 
 1. `data` method should always be a function
 
-    ```javascript
-      // bad
-      data: {
-        foo: 'foo'
-      }
-
-      // good
-      data() {
-        return {
-          foo: 'foo'
-        };
-      }
-    ```
+   ```javascript
+     // bad
+     data: {
+       foo: 'foo'
+     }
+
+     // good
+     data() {
+       return {
+         foo: 'foo'
+       };
+     }
+   ```
 
 #### Directives
 
 1. Shorthand `@` is preferable over `v-on`
 
-    ```javascript
-      // bad
-      <component v-on:click="eventHandler"/>
+   ```javascript
+     // bad
+     <component v-on:click="eventHandler"/>
 
-      // good
-      <component @click="eventHandler"/>
-    ```
+     // good
+     <component @click="eventHandler"/>
+   ```
 
 1. Shorthand `:` is preferable over `v-bind`
 
-    ```javascript
-      // bad
-      <component v-bind:class="btn"/>
+   ```javascript
+     // bad
+     <component v-bind:class="btn"/>
 
-      // good
-      <component :class="btn"/>
-    ```
+     // good
+     <component :class="btn"/>
+   ```
 
 1. Shorthand `#` is preferable over `v-slot`
 
-    ```javascript
-      // bad
-      <template v-slot:header></template>
+   ```javascript
+     // bad
+     <template v-slot:header></template>
 
-      // good
-      <template #header></template>
-    ```
+     // good
+     <template #header></template>
+   ```
 
 #### Closing tags
 
 1. Prefer self closing component tags
 
-    ```javascript
-      // bad
-      <component></component>
+   ```javascript
+     // bad
+     <component></component>
 
-      // good
-      <component />
-    ```
+     // good
+     <component />
+   ```
 
 #### Ordering
 
 1. Tag order in `.vue` file
 
-    ```
-    <script>
-      // ...
-    </script>
-
-    <template>
-      // ...
-    </template>
-
-    // We don't use scoped styles but there are few instances of this
-    <style>
-      // ...
-    </style>
-    ```
+   ```
+   <script>
+     // ...
+   </script>
+
+   <template>
+     // ...
+   </template>
+
+   // We don't use scoped styles but there are few instances of this
+   <style>
+     // ...
+   </style>
+   ```
 
 1. Properties in a Vue Component:
    Check [order of properties in components rule][vue-order].
@@ -608,50 +609,50 @@ When using `v-for` you need to provide a *unique* `:key` attribute for each item
 
 1. If the elements of the array being iterated have an unique `id` it is advised to use it:
 
-    ```html
-      <div
-        v-for="item in items"
-        :key="item.id"
-      >
-        <!-- content -->
-      </div>
-    ```
+   ```html
+     <div
+       v-for="item in items"
+       :key="item.id"
+     >
+       <!-- content -->
+     </div>
+   ```
 
 1. When the elements being iterated don't have a unique id, you can use the array index as the `:key` attribute
 
-    ```html
-      <div
-        v-for="(item, index) in items"
-        :key="index"
-      >
-        <!-- content -->
-      </div>
-    ```
+   ```html
+     <div
+       v-for="(item, index) in items"
+       :key="index"
+     >
+       <!-- content -->
+     </div>
+   ```
 
 1. When using `v-for` with `template` and there is more than one child element, the `:key` values must be unique. It's advised to use `kebab-case` namespaces.
 
-    ```html
-      <template v-for="(item, index) in items">
-        <span :key="`span-${index}`"></span>
-        <button :key="`button-${index}`"></button>
-      </template>
-    ```
+   ```html
+     <template v-for="(item, index) in items">
+       <span :key="`span-${index}`"></span>
+       <button :key="`button-${index}`"></button>
+     </template>
+   ```
 
 1. When dealing with nested `v-for` use the same guidelines as above.
 
-    ```html
-      <div
-        v-for="item in items"
-        :key="item.id"
-      >
-        <span
-          v-for="element in array"
-          :key="element.id"
-        >
-          <!-- content -->
-        </span>
-      </div>
-    ```
+   ```html
+     <div
+       v-for="item in items"
+       :key="item.id"
+     >
+       <span
+         v-for="element in array"
+         :key="element.id"
+       >
+         <!-- content -->
+       </span>
+     </div>
+   ```
 
 Useful links:
 
@@ -662,35 +663,35 @@ Useful links:
 
 1. Tooltips: Do not rely on `has-tooltip` class name for Vue components
 
-    ```javascript
-      // bad
-      <span
-        class="has-tooltip"
-        title="Some tooltip text">
-        Text
-      </span>
-
-      // good
-      <span
-        v-tooltip
-        title="Some tooltip text">
-        Text
-      </span>
-    ```
+   ```javascript
+     // bad
+     <span
+       class="has-tooltip"
+       title="Some tooltip text">
+       Text
+     </span>
+
+     // good
+     <span
+       v-tooltip
+       title="Some tooltip text">
+       Text
+     </span>
+   ```
 
 1. Tooltips: When using a tooltip, include the tooltip directive, `./app/assets/javascripts/vue_shared/directives/tooltip.js`
 
 1. Don't change `data-original-title`.
 
-    ```javascript
-      // bad
-      <span data-original-title="tooltip text">Foo</span>
+   ```javascript
+     // bad
+     <span data-original-title="tooltip text">Foo</span>
 
-      // good
-      <span title="tooltip text">Foo</span>
+     // good
+     <span title="tooltip text">Foo</span>
 
-      $('span').tooltip('_fixTitle');
-    ```
+     $('span').tooltip('_fixTitle');
+   ```
 
 ### The Javascript/Vue Accord
 
diff --git a/doc/development/fe_guide/vuex.md b/doc/development/fe_guide/vuex.md
index bf248b7f8af..9eeaee4482f 100644
--- a/doc/development/fe_guide/vuex.md
+++ b/doc/development/fe_guide/vuex.md
@@ -1,15 +1,18 @@
 # Vuex
+
 To manage the state of an application you should use [Vuex][vuex-docs].
 
 _Note:_ All of the below is explained in more detail in the official [Vuex documentation][vuex-docs].
 
 ## Separation of concerns
+
 Vuex is composed of State, Getters, Mutations, Actions and Modules.
 
 When a user clicks on an action, we need to `dispatch` it. This action will `commit` a mutation that will change the state.
 _Note:_ The action itself will not update the state, only a mutation should update the state.
 
 ## File structure
+
 When using Vuex at GitLab, separate this concerns into different files to improve readability:
 
 ```
@@ -21,10 +24,12 @@ When using Vuex at GitLab, separate this concerns into different files to improv
   ├── state.js          # state
   └── mutation_types.js # mutation types
 ```
+
 The following example shows an application that lists and adds users to the state.
 (For a more complex example implementation take a look at the security applications store in [here](https://gitlab.com/gitlab-org/gitlab-ee/tree/master/ee/app/assets/javascripts/vue_shared/security_reports/store))
 
 ### `index.js`
+
 This is the entry point for our store. You can use the following as a guide:
 
 ```javascript
@@ -47,6 +52,7 @@ export default createStore();
 ```
 
 ### `state.js`
+
 The first thing you should do before writing any code is to design the state.
 
 Often we need to provide data from haml to our Vue application. Let's store it in the state for better access.
@@ -66,9 +72,11 @@ Often we need to provide data from haml to our Vue application. Let's store it i
 ```
 
 #### Access `state` properties
+
 You can use `mapState` to access state properties in the components.
 
 ### `actions.js`
+
 An action is a payload of information to send data from our application to our store.
 
 An action is usually composed by a `type` and a `payload` and they describe what happened.
@@ -110,6 +118,7 @@ In this file, we will write the actions that will call the respective mutations:
 ```
 
 #### Actions Pattern: `request` and `receive` namespaces
+
 When a request is made we often want to show a loading state to the user.
 
 Instead of creating an action to toggle the loading state and dispatch it in the component,
@@ -136,6 +145,7 @@ By following this pattern we guarantee:
 1. Actions are simple and straightforward
 
 #### Dispatching actions
+
 To dispatch an action from a component, use the `mapActions` helper:
 
 ```javascript
@@ -154,6 +164,7 @@ import { mapActions } from 'vuex';
 ```
 
 ### `mutations.js`
+
 The mutations specify how the application state changes in response to actions sent to the store.
 The only way to change state in a Vuex store should be by committing a mutation.
 
@@ -193,6 +204,7 @@ Remember that actions only describe that something happened, they don't describe
 ```
 
 ### `getters.js`
+
 Sometimes we may need to get derived state based on store state, like filtering for a specific prop.
 Using a getter will also cache the result based on dependencies due to [how computed props work](https://vuejs.org/v2/guide/computed.html#Computed-Caching-vs-Methods)
 This can be done through the `getters`:
@@ -219,6 +231,7 @@ import { mapGetters } from 'vuex';
 ```
 
 ### `mutation_types.js`
+
 From [vuex mutations docs][vuex-mutations]:
 > It is a commonly seen pattern to use constants for mutation types in various Flux implementations. This allows the code to take advantage of tooling like linters, and putting all constants in a single file allows your collaborators to get an at-a-glance view of what mutations are possible in the entire application.
 
@@ -227,6 +240,7 @@ export const ADD_USER = 'ADD_USER';
 ```
 
 ### How to include the store in your application
+
 The store should be included in the main component of your application:
 
 ```javascript
@@ -241,6 +255,7 @@ The store should be included in the main component of your application:
 ```
 
 ### Communicating with the Store
+
 ```javascript
 <script>
 import { mapActions, mapState, mapGetters } from 'vuex';
@@ -298,29 +313,33 @@ export default {
 
 1. Do not call a mutation directly. Always use an action to commit a mutation. Doing so will keep consistency throughout the application. From Vuex docs:
 
-    >  why don't we just call store.commit('action') directly? Well, remember that mutations must be synchronous? Actions aren't. We can perform asynchronous operations inside an action.
+   >  why don't we just call store.commit('action') directly? Well, remember that mutations must be synchronous? Actions aren't. We can perform asynchronous operations inside an action.
 
-    ```javascript
-      // component.vue
+   ```javascript
+     // component.vue
 
-      // bad
-      created() {
-        this.$store.commit('mutation');
-      }
+     // bad
+     created() {
+       this.$store.commit('mutation');
+     }
+
+     // good
+     created() {
+       this.$store.dispatch('action');
+     }
+   ```
 
-      // good
-      created() {
-        this.$store.dispatch('action');
-      }
-    ```
 1. Use mutation types instead of hardcoding strings. It will be less error prone.
 1. The State will be accessible in all components descending from the use where the store is instantiated.
 
 ### Testing Vuex
+
 #### Testing Vuex concerns
+
 Refer to [vuex docs][vuex-testing] regarding testing Actions, Getters and Mutations.
 
 #### Testing components that need a store
+
 Smaller components might use `store` properties to access the data.
 In order to write unit tests for those components, we need to include the store and provide the correct state:
 
@@ -363,6 +382,7 @@ describe('component', () => {
 ```
 
 #### Testing Vuex actions and getters
+
 Because we're currently using [`babel-plugin-rewire`](https://github.com/speedskater/babel-plugin-rewire), you may encounter the following error when testing your Vuex actions and getters:
 `[vuex] actions should be function or object with "handler" function`
 
diff --git a/doc/development/i18n/externalization.md b/doc/development/i18n/externalization.md
index 17462887162..141f5a8d6d9 100644
--- a/doc/development/i18n/externalization.md
+++ b/doc/development/i18n/externalization.md
@@ -21,18 +21,18 @@ The following tools are used:
 1. [`gettext_i18n_rails`](https://github.com/grosser/gettext_i18n_rails): this
    gem allow us to translate content from models, views and controllers. Also
    it gives us access to the following raketasks:
-    - `rake gettext:find`: Parses almost all the files from the
-      Rails application looking for content that has been marked for
-      translation. Finally, it updates the PO files with the new content that
-      it has found.
-    - `rake gettext:pack`: Processes the PO files and generates the
-      MO files that are binary and are finally used by the application.
+   - `rake gettext:find`: Parses almost all the files from the
+     Rails application looking for content that has been marked for
+     translation. Finally, it updates the PO files with the new content that
+     it has found.
+   - `rake gettext:pack`: Processes the PO files and generates the
+     MO files that are binary and are finally used by the application.
 
 1. [`gettext_i18n_rails_js`](https://github.com/webhippie/gettext_i18n_rails_js):
    this gem is useful to make the translations available in JavaScript. It
    provides the following raketask:
-    - `rake gettext:po_to_json`: Reads the contents from the PO files and
-      generates JSON files containing all the available translations.
+   - `rake gettext:po_to_json`: Reads the contents from the PO files and
+     generates JSON files containing all the available translations.
 
 1. PO editor: there are multiple applications that can help us to work with PO
    files, a good option is [Poedit](https://poedit.net/download) which is
@@ -139,60 +139,61 @@ For example use `%{created_at}` in Ruby but `%{createdAt}` in JavaScript. Make s
 
 - In Ruby/HAML:
 
-    ```ruby
-    _("Hello %{name}") % { name: 'Joe' } => 'Hello Joe'
-    ```
+  ```ruby
+  _("Hello %{name}") % { name: 'Joe' } => 'Hello Joe'
+  ```
 
 - In JavaScript:
 
-    ```js
-    import { __, sprintf } from '~/locale';
+  ```js
+  import { __, sprintf } from '~/locale';
 
-    sprintf(__('Hello %{username}'), { username: 'Joe' }); // => 'Hello Joe'
-    ```
+  sprintf(__('Hello %{username}'), { username: 'Joe' }); // => 'Hello Joe'
+  ```
 
-    By default, `sprintf` escapes the placeholder values.
-    If you want to take care of that yourself, you can pass `false` as third argument.
+  By default, `sprintf` escapes the placeholder values.
+  If you want to take care of that yourself, you can pass `false` as third argument.
 
-    ```js
-    import { __, sprintf } from '~/locale';
+  ```js
+  import { __, sprintf } from '~/locale';
 
-    sprintf(__('This is %{value}'), { value: '<strong>bold</strong>' }); // => 'This is &lt;strong&gt;bold&lt;/strong&gt;'
-    sprintf(__('This is %{value}'), { value: '<strong>bold</strong>' }, false); // => 'This is <strong>bold</strong>'
-    ```
+  sprintf(__('This is %{value}'), { value: '<strong>bold</strong>' }); // => 'This is &lt;strong&gt;bold&lt;/strong&gt;'
+  sprintf(__('This is %{value}'), { value: '<strong>bold</strong>' }, false); // => 'This is <strong>bold</strong>'
+  ```
 
 ### Plurals
 
 - In Ruby/HAML:
 
-    ```ruby
-    n_('Apple', 'Apples', 3)
-    # => 'Apples'
-    ```
+  ```ruby
+  n_('Apple', 'Apples', 3)
+  # => 'Apples'
+  ```
 
-    Using interpolation:
-    ```ruby
-    n_("There is a mouse.", "There are %d mice.", size) % size
-    # => When size == 1: 'There is a mouse.'
-    # => When size == 2: 'There are 2 mice.'
-    ```
+  Using interpolation:
 
-    Avoid using `%d` or count variables in singular strings. This allows more natural translation in some languages.
+  ```ruby
+  n_("There is a mouse.", "There are %d mice.", size) % size
+  # => When size == 1: 'There is a mouse.'
+  # => When size == 2: 'There are 2 mice.'
+  ```
+
+  Avoid using `%d` or count variables in singular strings. This allows more natural translation in some languages.
 
 - In JavaScript:
 
-    ```js
-    n__('Apple', 'Apples', 3)
-    // => 'Apples'
-    ```
+  ```js
+  n__('Apple', 'Apples', 3)
+  // => 'Apples'
+  ```
 
-    Using interpolation:
+  Using interpolation:
 
-    ```js
-    n__('Last day', 'Last %d days', x)
-    // => When x == 1: 'Last day'
-    // => When x == 2: 'Last 2 days'
-    ```
+  ```js
+  n__('Last day', 'Last %d days', x)
+  // => When x == 1: 'Last day'
+  // => When x == 2: 'Last 2 days'
+  ```
 
 ### Namespaces
 
@@ -202,17 +203,17 @@ Namespaces should be PascalCase.
 
 - In Ruby/HAML:
 
-    ```ruby
-    s_('OpenedNDaysAgo|Opened')
-    ```
+  ```ruby
+  s_('OpenedNDaysAgo|Opened')
+  ```
 
-    In case the translation is not found it will return `Opened`.
+  In case the translation is not found it will return `Opened`.
 
 - In JavaScript:
 
-    ```js
-    s__('OpenedNDaysAgo|Opened')
-    ```
+  ```js
+  s__('OpenedNDaysAgo|Opened')
+  ```
 
 Note: The namespace should be removed from the translation. See the [translation
 guidelines for more details](translation.md#namespaced-strings).
@@ -235,12 +236,12 @@ This makes use of [`Intl.DateTimeFormat`].
 - In Ruby/HAML, we have two ways of adding format to dates and times:
 
   1. **Through the `l` helper**, i.e. `l(active_session.created_at, format: :short)`. We have some predefined formats for
-  [dates](https://gitlab.com/gitlab-org/gitlab-ce/blob/v11.7.0/config/locales/en.yml#L54) and [times](https://gitlab.com/gitlab-org/gitlab-ce/blob/v11.7.0/config/locales/en.yml#L261).
-  If you need to add a new format, because other parts of the code could benefit from it,
-  you'll need to add it to [en.yml](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/locales/en.yml) file.
+     [dates](https://gitlab.com/gitlab-org/gitlab-ce/blob/v11.7.0/config/locales/en.yml#L54) and [times](https://gitlab.com/gitlab-org/gitlab-ce/blob/v11.7.0/config/locales/en.yml#L261).
+     If you need to add a new format, because other parts of the code could benefit from it,
+     you'll need to add it to [en.yml](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/locales/en.yml) file.
   1. **Through `strftime`**, i.e. `milestone.start_date.strftime('%b %-d')`. We use `strftime` in case none of the formats
-  defined on [en.yml](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/locales/en.yml) matches the date/time
-  specifications we need, and if there is no need to add it as a new format because is very particular (i.e. it's only used in a single view).
+     defined on [en.yml](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/locales/en.yml) matches the date/time
+     specifications we need, and if there is no need to add it as a new format because is very particular (i.e. it's only used in a single view).
 
 ## Best practices
 
@@ -268,40 +269,40 @@ should be externalized as follows:
 This also applies when using links in between translated sentences, otherwise these texts are not translatable in certain languages.
 
 - In Ruby/HAML, instead of:
-    
-    ```haml
-    - zones_link = link_to(s_('ClusterIntegration|zones'), 'https://cloud.google.com/compute/docs/regions-zones/regions-zones', target: '_blank', rel: 'noopener noreferrer')
-    = s_('ClusterIntegration|Learn more about %{zones_link}').html_safe % { zones_link: zones_link }
-    ```
-    
-    Set the link starting and ending HTML fragments as variables like so:
-    
-    ```haml
-    - zones_link_url = 'https://cloud.google.com/compute/docs/regions-zones/regions-zones'
-    - zones_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: zones_link_url }
-    = s_('ClusterIntegration|Learn more about %{zones_link_start}zones%{zones_link_end}').html_safe % { zones_link_start: zones_link_start, zones_link_end: '</a>'.html_safe }
-    ```
+
+  ```haml
+  - zones_link = link_to(s_('ClusterIntegration|zones'), 'https://cloud.google.com/compute/docs/regions-zones/regions-zones', target: '_blank', rel: 'noopener noreferrer')
+  = s_('ClusterIntegration|Learn more about %{zones_link}').html_safe % { zones_link: zones_link }
+  ```
+
+  Set the link starting and ending HTML fragments as variables like so:
+
+  ```haml
+  - zones_link_url = 'https://cloud.google.com/compute/docs/regions-zones/regions-zones'
+  - zones_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: zones_link_url }
+  = s_('ClusterIntegration|Learn more about %{zones_link_start}zones%{zones_link_end}').html_safe % { zones_link_start: zones_link_start, zones_link_end: '</a>'.html_safe }
+  ```
 
 - In JavaScript, instead of:
 
-    ```js
-    {{
-        sprintf(s__("ClusterIntegration|Learn more about %{link}"), {
-            link: '<a href="https://cloud.google.com/compute/docs/regions-zones/regions-zones" target="_blank" rel="noopener noreferrer">zones</a>'
-        })
-    }}
-    ```
-
-    Set the link starting and ending HTML fragments as variables like so:
-
-    ```js
-    {{ 
-        sprintf(s__("ClusterIntegration|Learn more about %{linkStart}zones%{linkEnd}"), {
-            linkStart: '<a href="https://cloud.google.com/compute/docs/regions-zones/regions-zones" target="_blank" rel="noopener noreferrer">'
-            linkEnd: '</a>',
-        }) 
-    }}
-    ```
+  ```js
+  {{
+      sprintf(s__("ClusterIntegration|Learn more about %{link}"), {
+          link: '<a href="https://cloud.google.com/compute/docs/regions-zones/regions-zones" target="_blank" rel="noopener noreferrer">zones</a>'
+      })
+  }}
+  ```
+
+  Set the link starting and ending HTML fragments as variables like so:
+
+  ```js
+  {{
+      sprintf(s__("ClusterIntegration|Learn more about %{linkStart}zones%{linkEnd}"), {
+          linkStart: '<a href="https://cloud.google.com/compute/docs/regions-zones/regions-zones" target="_blank" rel="noopener noreferrer">'
+          linkEnd: '</a>',
+      })
+  }}
+  ```
 
 The reasoning behind this is that in some languages words change depending on context. For example in Japanese は is added to the subject of a sentence and を to the object. This is impossible to translate correctly if we extract individual words from the sentence.
 
@@ -374,29 +375,29 @@ Let's suppose you want to add translations for a new language, let's say French.
 
 1. The first step is to register the new language in `lib/gitlab/i18n.rb`:
 
-    ```ruby
-    ...
-    AVAILABLE_LANGUAGES = {
-      ...,
-      'fr' => 'Français'
-    }.freeze
-    ...
-    ```
+   ```ruby
+   ...
+   AVAILABLE_LANGUAGES = {
+     ...,
+     'fr' => 'Français'
+   }.freeze
+   ...
+   ```
 
 1. Next, you need to add the language:
 
-    ```sh
-    bin/rake gettext:add_language[fr]
-    ```
+   ```sh
+   bin/rake gettext:add_language[fr]
+   ```
 
-    If you want to add a new language for a specific region, the command is similar,
-    you just need to separate the region with an underscore (`_`). For example:
+   If you want to add a new language for a specific region, the command is similar,
+   you just need to separate the region with an underscore (`_`). For example:
 
-    ```sh
-    bin/rake gettext:add_language[en_GB]
-    ```
+   ```sh
+   bin/rake gettext:add_language[en_GB]
+   ```
 
-    Please note that you need to specify the region part in capitals.
+   Please note that you need to specify the region part in capitals.
 
 1. Now that the language is added, a new directory has been created under the
    path: `locale/fr/`. You can now start using your PO editor to edit the PO file
@@ -406,9 +407,9 @@ Let's suppose you want to add translations for a new language, let's say French.
    in order to generate the binary MO files and finally update the JSON files
    containing the translations:
 
-    ```sh
-    bin/rake gettext:compile
-    ```
+   ```sh
+   bin/rake gettext:compile
+   ```
 
 1. In order to see the translated content we need to change our preferred language
    which can be found under the user's **Settings** (`/profile`).
@@ -416,7 +417,7 @@ Let's suppose you want to add translations for a new language, let's say French.
 1. After checking that the changes are ok, you can proceed to commit the new files.
    For example:
 
-    ```sh
-    git add locale/fr/ app/assets/javascripts/locale/fr/
-    git commit -m "Add French translations for Cycle Analytics page"
-    ```
+   ```sh
+   git add locale/fr/ app/assets/javascripts/locale/fr/
+   git commit -m "Add French translations for Cycle Analytics page"
+   ```
diff --git a/doc/development/utilities.md b/doc/development/utilities.md
index 0e396baccff..4021756343c 100644
--- a/doc/development/utilities.md
+++ b/doc/development/utilities.md
@@ -6,44 +6,44 @@ We developed a number of utilities to ease development.
 
 - Deep merges an array of hashes:
 
-    ``` ruby
-    Gitlab::Utils::MergeHash.merge(
-      [{ hello: ["world"] },
-       { hello: "Everyone" },
-       { hello: { greetings: ['Bonjour', 'Hello', 'Hallo', 'Dzien dobry'] } },
-        "Goodbye", "Hallo"]
-    )
-    ```
-
-    Gives:
-
-    ``` ruby
-    [
-      {
-        hello:
-          [
-            "world",
-            "Everyone",
-            { greetings: ['Bonjour', 'Hello', 'Hallo', 'Dzien dobry'] }
-          ]
-      },
-      "Goodbye"
-    ]
-    ```
+  ``` ruby
+  Gitlab::Utils::MergeHash.merge(
+    [{ hello: ["world"] },
+     { hello: "Everyone" },
+     { hello: { greetings: ['Bonjour', 'Hello', 'Hallo', 'Dzien dobry'] } },
+      "Goodbye", "Hallo"]
+  )
+  ```
+
+  Gives:
+
+  ``` ruby
+  [
+    {
+      hello:
+        [
+          "world",
+          "Everyone",
+          { greetings: ['Bonjour', 'Hello', 'Hallo', 'Dzien dobry'] }
+        ]
+    },
+    "Goodbye"
+  ]
+  ```
 
 - Extracts all keys and values from a hash into an array:
 
-    ``` ruby
-    Gitlab::Utils::MergeHash.crush(
-      { hello: "world", this: { crushes: ["an entire", "hash"] } }
-    )
-    ```
+  ``` ruby
+  Gitlab::Utils::MergeHash.crush(
+    { hello: "world", this: { crushes: ["an entire", "hash"] } }
+  )
+  ```
 
-    Gives:
+  Gives:
 
-    ``` ruby
-    [:hello, "world", :this, :crushes, "an entire", "hash"]
-    ```
+  ``` ruby
+  [:hello, "world", :this, :crushes, "an entire", "hash"]
+  ```
 
 ## [`Override`](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/gitlab/utils/override.rb)
 
@@ -53,9 +53,9 @@ We developed a number of utilities to ease development.
   `ENV['STATIC_VERIFICATION']` is set to avoid production runtime overhead.
   This is useful to check:
 
-    - If we have typos in overriding methods.
-    - If we renamed the overridden methods, making original overriding methods
-      overrides nothing.
+  - If we have typos in overriding methods.
+  - If we renamed the overridden methods, making original overriding methods
+    overrides nothing.
 
     Here's a simple example:
 
@@ -94,47 +94,47 @@ We developed a number of utilities to ease development.
 
 - Memoize the value even if it is `nil` or `false`.
 
-    We often do `@value ||= compute`, however this doesn't work well if
-    `compute` might eventually give `nil` and we don't want to compute again.
-    Instead we could use `defined?` to check if the value is set or not.
-    However it's tedious to write such pattern, and `StrongMemoize` would
-    help us use such pattern.
+  We often do `@value ||= compute`, however this doesn't work well if
+  `compute` might eventually give `nil` and we don't want to compute again.
+  Instead we could use `defined?` to check if the value is set or not.
+  However it's tedious to write such pattern, and `StrongMemoize` would
+  help us use such pattern.
 
-    Instead of writing patterns like this:
+  Instead of writing patterns like this:
 
-    ``` ruby
-    class Find
-      def result
-        return @result if defined?(@result)
+  ``` ruby
+  class Find
+    def result
+      return @result if defined?(@result)
 
-        @result = search
-      end
+      @result = search
     end
-    ```
+  end
+  ```
 
-    We could write it like:
+  We could write it like:
 
-    ``` ruby
-    class Find
-      include Gitlab::Utils::StrongMemoize
+  ``` ruby
+  class Find
+    include Gitlab::Utils::StrongMemoize
 
-      def result
-        strong_memoize(:result) do
-          search
-        end
+    def result
+      strong_memoize(:result) do
+        search
       end
     end
-    ```
+  end
+  ```
 
 - Clear memoization
 
-    ``` ruby
-    class Find
-      include Gitlab::Utils::StrongMemoize
-    end
+  ``` ruby
+  class Find
+    include Gitlab::Utils::StrongMemoize
+  end
 
-    Find.new.clear_memoization(:result)
-    ```
+  Find.new.clear_memoization(:result)
+  ```
 
 ## [`RequestCache`](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/gitlab/cache/request_cache.rb)
 
-- 
cgit v1.2.1


From 47def8eb2f1cd2ff4b3ec45992f5fbb4497258d3 Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Wed, 31 Jul 2019 08:36:37 +0000
Subject: Move version info for Geo

---
 doc/administration/geo/replication/index.md | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/doc/administration/geo/replication/index.md b/doc/administration/geo/replication/index.md
index f0d329d5296..b5789c87e47 100644
--- a/doc/administration/geo/replication/index.md
+++ b/doc/administration/geo/replication/index.md
@@ -1,5 +1,11 @@
 # Geo Replication **(PREMIUM ONLY)**
 
+> - Introduced in GitLab Enterprise Edition 8.9.
+> - Using Geo in combination with
+>   [High Availability](../../high_availability/README.md)
+>   is considered **Generally Available** (GA) in
+>   [GitLab Premium](https://about.gitlab.com/pricing/) 10.4.
+
 Geo is the solution for widely distributed development teams.
 
 ## Overview
@@ -8,14 +14,14 @@ Fetching large repositories can take a long time for teams located far from a si
 
 Geo provides local, read-only instances of your GitLab instances, reducing the time it takes to clone and fetch large repositories and speeding up development.
 
+> **Notes:**
+>
 > - Geo is part of [GitLab Premium](https://about.gitlab.com/pricing/#self-managed).
-> - Introduced in GitLab Enterprise Edition 8.9.
 > - We recommend you use:
 >   - At least GitLab Enterprise Edition 10.0 for basic Geo features.
 >   - The latest version for a better experience.
 > - Make sure that all nodes run the same GitLab version.
 > - Geo requires PostgreSQL 9.6 and Git 2.9, in addition to GitLab's usual [minimum requirements](../../../install/requirements.md).
-> - Using Geo in combination with [High Availability](../../high_availability/README.md) is considered **Generally Available** (GA) in GitLab [GitLab Premium](https://about.gitlab.com/pricing/) 10.4.
 
 For a video introduction to Geo, see [Introduction to GitLab Geo - GitLab Features](https://www.youtube.com/watch?v=-HDLxSjEh6w).
 
-- 
cgit v1.2.1


From 759a3484ca787846f1fab9f86cd8105200ea722e Mon Sep 17 00:00:00 2001
From: Shinya Maeda <shinya@gitlab.com>
Date: Wed, 31 Jul 2019 15:43:52 +0700
Subject: Add project scope to live trace feature flag

Add project scope
---
 lib/gitlab/ci/trace.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/gitlab/ci/trace.rb b/lib/gitlab/ci/trace.rb
index cb617080c76..9550bc6d39c 100644
--- a/lib/gitlab/ci/trace.rb
+++ b/lib/gitlab/ci/trace.rb
@@ -126,7 +126,7 @@ module Gitlab
             raise AlreadyArchivedError, 'Could not write to the archived trace'
           elsif current_path
             File.open(current_path, mode)
-          elsif Feature.enabled?('ci_enable_live_trace')
+          elsif Feature.enabled?('ci_enable_live_trace', job.project)
             Gitlab::Ci::Trace::ChunkedIO.new(job)
           else
             File.open(ensure_path, mode)
-- 
cgit v1.2.1


From 87fd224fa27da2cc1b5b01c127e90ab4a8d78036 Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Wed, 31 Jul 2019 08:54:18 +0000
Subject: Help user to know what to do when deploying to cluster

---
 doc/user/project/clusters/index.md | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/doc/user/project/clusters/index.md b/doc/user/project/clusters/index.md
index 918944d72a1..f0d80dad94f 100644
--- a/doc/user/project/clusters/index.md
+++ b/doc/user/project/clusters/index.md
@@ -620,8 +620,16 @@ use an A record. If your external endpoint is a hostname, use a CNAME record.
 
 ## Deploying to a Kubernetes cluster
 
-A Kubernetes cluster can be the destination for a deployment job using special
-[deployment variables](#deployment-variables).
+A Kubernetes cluster can be the destination for a deployment job. If
+
+- The cluster is integrated with GitLab, special
+  [deployment variables](#deployment-variables) are made available to your job
+  and configuration is not required. You can immediately begin interacting with
+  the cluster from your jobs using tools such as `kubectl` or `helm`.
+- You don't use GitLab's cluster integration you can still deploy to your
+  cluster. However, you will need configure Kubernetes tools yourself
+  using [environment variables](../../../ci/variables/README.md#creating-a-custom-environment-variable)
+  before you can interact with the cluster from your jobs.
 
 ### Deployment variables
 
-- 
cgit v1.2.1


From c8be1e9271b7eeb5a4a07398fb1b73cc86e638d9 Mon Sep 17 00:00:00 2001
From: Marcia Ramos <marcia@gitlab.com>
Date: Wed, 31 Jul 2019 09:16:24 +0000
Subject: Update time tracking doc

- CORE ONLY badge
- Link 'introduced in' note
- Inline linking
---
 doc/workflow/time_tracking.md | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/doc/workflow/time_tracking.md b/doc/workflow/time_tracking.md
index b55c6b2e3df..fad853f8a44 100644
--- a/doc/workflow/time_tracking.md
+++ b/doc/workflow/time_tracking.md
@@ -22,8 +22,8 @@ below.
 
 ## How to enter data
 
-Time Tracking uses two [quick actions] that GitLab introduced with this new
-feature: `/spend` and `/estimate`.
+Time Tracking uses two [quick actions](../user/project/quick_actions.md)
+that GitLab introduced with this new feature: `/spend` and `/estimate`.
 
 Quick actions can be used in the body of an issue or a merge request, but also
 in a comment in both an issue or a merge request.
@@ -73,16 +73,15 @@ The following time units are available:
 
 Default conversion rates are 1mo = 4w, 1w = 5d and 1d = 8h.
 
-### Limit displayed units to hours
+### Limit displayed units to hours **(CORE ONLY)**
 
-> Introduced in GitLab 12.1.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/29469/) in GitLab 12.1.
 
-The display of time units can be limited to hours through the option in **Admin Area > Settings > Preferences** under 'Localization'.
+In GitLab self-managed instances, the display of time units can be limited to
+hours through the option in **Admin Area > Settings > Preferences** under **Localization**.
 
 With this option enabled, `75h` is displayed instead of `1w 4d 3h`.
 
 ## Other interesting links
 
 - [Time Tracking landing page on about.gitlab.com](https://about.gitlab.com/solutions/time-tracking/)
-
-[quick actions]: ../user/project/quick_actions.md
-- 
cgit v1.2.1


From 298252bb6be9cf9fe725701fe172fee774d7b33a Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Wed, 31 Jul 2019 10:29:10 +0000
Subject: Fix whitespace in topic, university, workflow docs

Many code blocks are 4spaced, and they render in GitLab
without coloring as a result, even though they are
fenced with a language label. If in a list, other items
will render as being in a code block too, even if not
meant to. This fixes all these issues, and cleans up
minor white space issues in /topic, /university, /update
and /workflow docs.
---
 .../numerous_undo_possibilities_in_git/index.md    |  92 ++++++-------
 doc/topics/git/troubleshooting_git.md              |  10 +-
 doc/university/training/end-user/README.md         | 152 ++++++++++++---------
 doc/university/training/topics/git_add.md          |  30 ++--
 doc/university/training/topics/git_log.md          |  30 ++--
 doc/university/training/topics/rollback_commits.md |  26 ++--
 doc/university/training/topics/stash.md            |  56 ++++----
 doc/university/training/topics/unstage.md          |  28 ++--
 doc/update/mysql_to_postgresql.md                  | 108 +++++++--------
 doc/workflow/git_annex.md                          |  30 ++--
 .../lfs/migrate_from_git_annex_to_git_lfs.md       | 145 ++++++++++----------
 doc/workflow/workflow.md                           |  38 +++---
 12 files changed, 383 insertions(+), 362 deletions(-)

diff --git a/doc/topics/git/numerous_undo_possibilities_in_git/index.md b/doc/topics/git/numerous_undo_possibilities_in_git/index.md
index 84201e11831..5cae532bf54 100644
--- a/doc/topics/git/numerous_undo_possibilities_in_git/index.md
+++ b/doc/topics/git/numerous_undo_possibilities_in_git/index.md
@@ -110,21 +110,21 @@ At this point there are 3 options to undo the local changes you have:
 
 - Discard all local changes, but save them for possible re-use [later](#quickly-save-local-changes):
 
-    ```shell
-    git stash
-    ```
+  ```shell
+  git stash
+  ```
 
 - Discarding local changes (permanently) to a file:
 
-    ```shell
-    git checkout -- <file>
-    ```
+  ```shell
+  git checkout -- <file>
+  ```
 
 - Discard all local changes to all files permanently:
 
-    ```shell
-    git reset --hard
-    ```
+  ```shell
+  git reset --hard
+  ```
 
 Before executing `git reset --hard`, keep in mind that there is also a way to
 just temporary store the changes without committing them using `git stash`.
@@ -182,27 +182,27 @@ Now you have 4 options to undo your changes:
 
 - Unstage the file to current commit (HEAD):
 
-    ```shell
-    git reset HEAD <file>
-    ```
+  ```shell
+  git reset HEAD <file>
+  ```
 
 - Unstage everything - retain changes:
 
-    ```shell
-    git reset
-    ```
+  ```shell
+  git reset
+  ```
 
 - Discard all local changes, but save them for [later](#quickly-save-local-changes):
 
-    ```shell
-    git stash
-    ```
+  ```shell
+  git stash
+  ```
 
 - Discard everything permanently:
 
-    ```shell
-    git reset --hard
-    ```
+  ```shell
+  git reset --hard
+  ```
 
 ## Committed local changes
 
@@ -240,21 +240,21 @@ In our example we will end up with commit `B`, that introduced bug/error. We hav
 
 - Undo (swap additions and deletions) changes introduced by commit `B`:
 
-    ```shell
-    git revert commit-B-id
-    ```
+  ```shell
+  git revert commit-B-id
+  ```
 
 - Undo changes on a single file or directory from commit `B`, but retain them in the staged state:
 
-    ```shell
-    git checkout commit-B-id <file>
-    ```
+  ```shell
+  git checkout commit-B-id <file>
+  ```
 
 - Undo changes on a single file or directory from commit `B`, but retain them in the unstaged state:
 
-    ```shell
-    git reset  commit-B-id <file>
-    ```
+  ```shell
+  git reset  commit-B-id <file>
+  ```
 
 - There is one command we also must not forget: **creating a new branch**
   from the point where changes are not applicable or where the development has hit a
@@ -270,14 +270,14 @@ In our example we will end up with commit `B`, that introduced bug/error. We hav
   you can [cherry-pick](../../../user/project/merge_requests/cherry_pick_changes.md#cherry-picking-a-commit)
   that commit into a new merge request.
 
-    ![Create a new branch to avoid clashing](img/branching.png)
+  ![Create a new branch to avoid clashing](img/branching.png)
 
-    ```shell
-    git checkout commit-B-id
-    git checkout -b new-path-of-feature
-    # Create <commit F>
-    git commit -a
-    ```
+  ```shell
+  git checkout commit-B-id
+  git checkout -b new-path-of-feature
+  # Create <commit F>
+  git commit -a
+  ```
 
 ### With history modification
 
@@ -297,9 +297,9 @@ delete commit `B`.
 
 - Rebase the range from current commit D to A:
 
-    ```shell
-    git rebase -i A
-    ```
+  ```shell
+  git rebase -i A
+  ```
 
 - Command opens your favorite editor where you write `drop` in front of commit
  `B`, but you leave default `pick` with all other commits. Save and exit the
@@ -310,9 +310,9 @@ In case you want to modify something introduced in commit `B`.
 
 - Rebase the range from current commit D to A:
 
-    ```shell
-    git rebase -i A
-    ```
+  ```shell
+  git rebase -i A
+  ```
 
 - Command opens your favorite text editor where you write `edit` in front of commit
  `B`, but leave default `pick` with all other commits. Save and exit the editor to
@@ -320,9 +320,9 @@ In case you want to modify something introduced in commit `B`.
 
 - Now do your edits and commit changes:
 
-    ```shell
-    git commit -a
-    ```
+  ```shell
+  git commit -a
+  ```
 
 You can find some more examples in [below section where we explain how to modify
 history](#how-modifying-history-is-done)
diff --git a/doc/topics/git/troubleshooting_git.md b/doc/topics/git/troubleshooting_git.md
index 417d91bf834..11284da30af 100644
--- a/doc/topics/git/troubleshooting_git.md
+++ b/doc/topics/git/troubleshooting_git.md
@@ -51,11 +51,11 @@ Configuring *both* the client and the server is unnecessary.
 - On UNIX, edit `~/.ssh/config` (create the file if it doesn’t exist) and
   add or edit:
 
-    ```text
-    Host your-gitlab-instance-url.com
-      ServerAliveInterval 60
-      ServerAliveCountMax 5
-    ```
+  ```text
+  Host your-gitlab-instance-url.com
+    ServerAliveInterval 60
+    ServerAliveCountMax 5
+  ```
 
 - On Windows, if you are using PuTTY, go to your session properties, then
   navigate to "Connection" and under "Sending of null packets to keep
diff --git a/doc/university/training/end-user/README.md b/doc/university/training/end-user/README.md
index 99fb5e83387..423ba1cfbd7 100644
--- a/doc/university/training/end-user/README.md
+++ b/doc/university/training/end-user/README.md
@@ -54,6 +54,7 @@ project.
 ---
 
 ## Git Setup
+
 Workshop Time!
 
 ---
@@ -88,7 +89,7 @@ git config --global --list
 ```
 
 - You might want or be required to use an SSH key.
-    - Instructions: [SSH](http://doc.gitlab.com/ce/ssh/README.html)
+  - Instructions: [SSH](http://doc.gitlab.com/ce/ssh/README.html)
 
 ---
 
@@ -119,13 +120,13 @@ cd ~/workspace
 ### Git Workflow
 
 - Untracked files
-    - New files that Git has not been told to track previously.
+  - New files that Git has not been told to track previously.
 - Working area (Workspace)
-    - Files that have been modified but are not committed.
+  - Files that have been modified but are not committed.
 - Staging area (Index)
-    - Modified files that have been marked to go in the next commit.
+  - Modified files that have been marked to go in the next commit.
 - Upstream
-    - Hosted repository on a shared server
+  - Hosted repository on a shared server
 
 ---
 
@@ -229,8 +230,6 @@ git push origin squash_some_bugs
 
 ---
 
-### Feedback and Collaboration
-
 - Review the Thoughtbot code-review guide for suggestions to follow when reviewing merge requests:[Thoughtbot](https://github.com/thoughtbot/guides/tree/master/code-review)
 - See GitLab merge requests for examples: [Merge Requests](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests)
 
@@ -266,20 +265,22 @@ git push origin squash_some_bugs
 
 ### Example 1/2
 
-    git checkout -b conflicts_branch
+```sh
+git checkout -b conflicts_branch
 
-    # vi conflicts.rb
-    # Add 'Line4' and 'Line5'
+# vi conflicts.rb
+# Add 'Line4' and 'Line5'
 
-    git commit -am "add line4 and line5"
-    git push origin conflicts_branch
+git commit -am "add line4 and line5"
+git push origin conflicts_branch
 
-    git checkout master
+git checkout master
 
-    # vi conflicts.rb
-    # Add 'Line6' and 'Line7'
-    git commit -am "add line6 and line7"
-    git push origin master
+# vi conflicts.rb
+# Add 'Line6' and 'Line7'
+git commit -am "add line6 and line7"
+git push origin master
+```
 
 ---
 
@@ -287,20 +288,22 @@ git push origin squash_some_bugs
 
 Create a merge request on the GitLab web UI. You'll see a conflict warning.
 
-    git checkout conflicts_branch
-    git fetch
-    git rebase master
+```sh
+git checkout conflicts_branch
+git fetch
+git rebase master
 
-    # Fix conflicts by editing the files.
+# Fix conflicts by editing the files.
 
-    git add conflicts.rb
-    # No need to commit this file
+git add conflicts.rb
+# No need to commit this file
 
-    git rebase --continue
+git rebase --continue
 
-    # Remember that we have rewritten our commit history so we
-    # need to force push so that our remote branch is restructured
-    git push origin conflicts_branch -f
+# Remember that we have rewritten our commit history so we
+# need to force push so that our remote branch is restructured
+git push origin conflicts_branch -f
+```
 
 ---
 
@@ -321,20 +324,28 @@ Create a merge request on the GitLab web UI. You'll see a conflict warning.
 
 To remove files from stage use reset HEAD. Where HEAD is the last commit of the current branch:
 
-    git reset HEAD <file>
+```sh
+git reset HEAD <file>
+```
 
 This will unstage the file but maintain the modifications. To revert the file back to the state it was in before the changes we can use:
 
-    git checkout -- <file>
+```sh
+git checkout -- <file>
+```
 
 To remove a file from disk and repo use 'git rm' and to rm a dir use the '-r' flag:
 
-    git rm '*.txt'
-    git rm -r <dirname>
+```sh
+git rm '*.txt'
+git rm -r <dirname>
+```
 
 If we want to remove a file from the repository but keep it on disk, say we forgot to add it to our .gitignore file then use `--cache`:
 
-    git rm <filename> --cache
+```sh
+git rm <filename> --cache
+```
 
 ---
 
@@ -342,19 +353,27 @@ If we want to remove a file from the repository but keep it on disk, say we forg
 
 Undo last commit putting everything back into the staging area:
 
-    git reset --soft HEAD^
+```sh
+git reset --soft HEAD^
+```
 
 Add files and change message with:
 
-    git commit --amend -m "New Message"
+```sh
+git commit --amend -m "New Message"
+```
 
 Undo last and remove changes
 
-    git reset --hard HEAD^
+```sh
+git reset --hard HEAD^
+```
 
 Same as last one but for two commits back:
 
-    git reset --hard HEAD^^
+```sh
+git reset --hard HEAD^^
+```
 
 Don't reset after pushing
 
@@ -373,35 +392,38 @@ Don't reset after pushing
 1. Pull for updates
 1. Push changes
 
-----
+---
 
-    # Change file edit_this_file.rb
-    git status
-    git commit -am "kjkfjkg"
-    git log
-    git commit --amend -m "New comment added"
-    git log
-    git reset --soft HEAD^
-    git log
-    git pull origin master
-    git push origin master
+```sh
+# Change file edit_this_file.rb
+git status
+git commit -am "kjkfjkg"
+git log
+git commit --amend -m "New comment added"
+git log
+git reset --soft HEAD^
+git log
+git pull origin master
+git push origin master
+```
 
 ---
 
-### Note
+### git revert vs git reset
 
-git revert vs git reset
 Reset removes the commit while revert removes the changes but leaves the commit
 Revert is safer considering we can revert a revert
 
-    # Changed file
-    git commit -am "bug introduced"
-    git revert HEAD
-    # New commit created reverting changes
-    # Now we want to re apply the reverted commit
-    git log # take hash from the revert commit
-    git revert <rev commit hash>
-    # reverted commit is back (new commit created again)
+```sh
+# Changed file
+git commit -am "bug introduced"
+git revert HEAD
+# New commit created reverting changes
+# Now we want to re apply the reverted commit
+git log # take hash from the revert commit
+git revert <rev commit hash>
+# reverted commit is back (new commit created again)
+```
 
 ---
 
@@ -415,11 +437,11 @@ Revert is safer considering we can revert a revert
 
 ### Version Control
 
- - Local VCS was used with a filesystem or a simple db.
- - Centralized VCS such as Subversion includes collaboration but
-   still is prone to data loss as the main server is the single point of
-   failure.
- - Distributed VCS enables the team to have a complete copy of the project
-   and work with little dependency to the main server. In case of a main
-   server failing the project can be recovered by any of the latest copies
-   from the team
+- Local VCS was used with a filesystem or a simple db.
+- Centralized VCS such as Subversion includes collaboration but
+  still is prone to data loss as the main server is the single point of
+  failure.
+- Distributed VCS enables the team to have a complete copy of the project
+  and work with little dependency to the main server. In case of a main
+  server failing the project can be recovered by any of the latest copies
+  from the team
diff --git a/doc/university/training/topics/git_add.md b/doc/university/training/topics/git_add.md
index 4c61d5eb175..7152fc2030b 100644
--- a/doc/university/training/topics/git_add.md
+++ b/doc/university/training/topics/git_add.md
@@ -10,32 +10,32 @@ Adds content to the index or staging area.
 
 - Adds a list of file:
 
-    ```bash
-    git add <files>
-    ```
+  ```bash
+  git add <files>
+  ```
 
 - Adds all files including deleted ones:
 
-    ```bash
-    git add -A
-    ```
+  ```bash
+  git add -A
+  ```
 
 ## Git add continued
 
 - Add all text files in current dir:
 
-    ```bash
-    git add *.txt
-    ```
+  ```bash
+  git add *.txt
+  ```
 
 - Add all text file in the project:
 
-    ```bash
-    git add "*.txt*"
-    ```
+  ```bash
+  git add "*.txt*"
+  ```
 
 - Adds all files in directory:
 
-    ```bash
-    git add views/layouts/
-    ```
+  ```bash
+  git add views/layouts/
+  ```
diff --git a/doc/university/training/topics/git_log.md b/doc/university/training/topics/git_log.md
index 11addcd3ee1..bae734554f5 100644
--- a/doc/university/training/topics/git_log.md
+++ b/doc/university/training/topics/git_log.md
@@ -8,33 +8,33 @@ Git log lists commit history. It allows searching and filtering.
 
 - Initiate log:
 
-    ```sh
-    git log
-    ```
+  ```sh
+  git log
+  ```
 
 - Retrieve set number of records:
 
-    ```sh
-    git log -n 2
-    ```
+  ```sh
+  git log -n 2
+  ```
 
 - Search commits by author. Allows user name or a regular expression.
 
-    ```sh
-    git log --author="user_name"
-    ```
+  ```sh
+  git log --author="user_name"
+  ```
 
 - Search by comment message:
 
-    ```sh
-    git log --grep="<pattern>"
-    ```
+  ```sh
+  git log --grep="<pattern>"
+  ```
 
 - Search by date:
 
-    ```sh
-    git log --since=1.month.ago --until=3.weeks.ago
-    ```
+  ```sh
+  git log --since=1.month.ago --until=3.weeks.ago
+  ```
 
 ## Git Log Workflow
 
diff --git a/doc/university/training/topics/rollback_commits.md b/doc/university/training/topics/rollback_commits.md
index 1e6602deef2..c17e8d59737 100644
--- a/doc/university/training/topics/rollback_commits.md
+++ b/doc/university/training/topics/rollback_commits.md
@@ -8,29 +8,29 @@ comments: false
 
 - Undo last commit putting everything back into the staging area:
 
-    ```sh
-    git reset --soft HEAD^
-    ```
+  ```sh
+  git reset --soft HEAD^
+  ```
 
 - Add files and change message with:
 
-    ```sh
-    git commit --amend -m "New Message"
-    ```
+  ```sh
+  git commit --amend -m "New Message"
+  ```
 
 - Undo last and remove changes:
 
-    ```sh
-    git reset --hard HEAD^
-    ```
+  ```sh
+  git reset --hard HEAD^
+  ```
 
 - Same as last one but for two commits back:
 
-    ```sh
-    git reset --hard HEAD^^
-    ```
+  ```sh
+  git reset --hard HEAD^^
+  ```
 
-** Don't reset after pushing **
+**Don't reset after pushing**
 
 ## Reset Workflow
 
diff --git a/doc/university/training/topics/stash.md b/doc/university/training/topics/stash.md
index 02b2f610266..21abad88cfa 100644
--- a/doc/university/training/topics/stash.md
+++ b/doc/university/training/topics/stash.md
@@ -9,47 +9,47 @@ and we need to change to a different branch.
 
 - Stash:
 
-    ```sh
-    git stash save
-    # or
-    git stash
-    # or with a message
-    git stash save "this is a message to display on the list"
-    ```
+  ```sh
+  git stash save
+  # or
+  git stash
+  # or with a message
+  git stash save "this is a message to display on the list"
+  ```
 
 - Apply stash to keep working on it:
 
-    ```sh
-    git stash apply
-    # or apply a specific one from out stack
-    git stash apply stash@{3}
-    ```
+  ```sh
+  git stash apply
+  # or apply a specific one from out stack
+  git stash apply stash@{3}
+  ```
 
 - Every time we save a stash it gets stacked so by using list we can see all our
   stashes.
 
-    ```sh
-    git stash list
-    # or for more information (log methods)
-    git stash list --stat
-    ```
+  ```sh
+  git stash list
+  # or for more information (log methods)
+  git stash list --stat
+  ```
 
 - To clean our stack we need to manually remove them:
 
-    ```sh
-    # drop top stash
-    git stash drop
-    # or
-    git stash drop <name>
-    # to clear all history we can use
-    git stash clear
-    ```
+  ```sh
+  # drop top stash
+  git stash drop
+  # or
+  git stash drop <name>
+  # to clear all history we can use
+  git stash clear
+  ```
 
 - Apply and drop on one command:
 
-    ```sh
-      git stash pop
-    ```
+  ```sh
+  git stash pop
+  ```
 
 - If we meet conflicts we need to either reset or commit our changes.
 - Conflicts through `pop` will not drop a stash afterwards.
diff --git a/doc/university/training/topics/unstage.md b/doc/university/training/topics/unstage.md
index af16afdc5d1..fa1f63f9ec4 100644
--- a/doc/university/training/topics/unstage.md
+++ b/doc/university/training/topics/unstage.md
@@ -6,27 +6,27 @@ comments: false
 
 ## Unstage
 
-- To remove files from stage use reset HEAD where HEAD is the last commit of the current branch. This will unstage the file but maintain the modifications. 
+- To remove files from stage use reset HEAD where HEAD is the last commit of the current branch. This will unstage the file but maintain the modifications.
 
-    ```bash
-    git reset HEAD <file>
-    ```
+  ```bash
+  git reset HEAD <file>
+  ```
 
 - To revert the file back to the state it was in before the changes we can use:
 
-    ```bash
-    git checkout -- <file>
-    ```
+  ```bash
+  git checkout -- <file>
+  ```
 
 - To remove a file from disk and repo use 'git rm' and to rm a dir use the '-r' flag:
 
-    ```sh
-    git rm '*.txt'
-    git rm -r <dirname>
-    ```
+  ```sh
+  git rm '*.txt'
+  git rm -r <dirname>
+  ```
 
 - If we want to remove a file from the repository but keep it on disk, say we forgot to add it to our `.gitignore` file then use `--cache`:
 
-    ```sh
-    git rm <filename> --cache
-    ```
+  ```sh
+  git rm <filename> --cache
+  ```
diff --git a/doc/update/mysql_to_postgresql.md b/doc/update/mysql_to_postgresql.md
index 1e424134242..f6a1b6abdbf 100644
--- a/doc/update/mysql_to_postgresql.md
+++ b/doc/update/mysql_to_postgresql.md
@@ -72,15 +72,15 @@ need to enable the bundled PostgreSQL:
 
 1. Stop GitLab:
 
-    ```bash
-    sudo gitlab-ctl stop
-    ```
+   ```bash
+   sudo gitlab-ctl stop
+   ```
 
 1. Edit `/etc/gitlab/gitlab.rb` to enable bundled PostgreSQL:
 
-    ```
-    postgresql['enable'] = true
-    ```
+   ```
+   postgresql['enable'] = true
+   ```
 
 1. Edit `/etc/gitlab/gitlab.rb` to use the bundled PostgreSQL. Please check
    all the settings beginning with `db_`, such as `gitlab_rails['db_adapter']`
@@ -91,22 +91,22 @@ need to enable the bundled PostgreSQL:
    for the changes to take effect.
 1. Start Unicorn and PostgreSQL so that we can prepare the schema:
 
-    ```bash
-    sudo gitlab-ctl start unicorn
-    sudo gitlab-ctl start postgresql
-    ```
+   ```bash
+   sudo gitlab-ctl start unicorn
+   sudo gitlab-ctl start postgresql
+   ```
 
 1. Run the following commands to prepare the schema:
 
-    ```bash
-    sudo gitlab-rake db:create db:migrate
-    ```
+   ```bash
+   sudo gitlab-rake db:create db:migrate
+   ```
 
 1. Stop Unicorn to prevent other database access from interfering with the loading of data:
 
-    ```bash
-    sudo gitlab-ctl stop unicorn
-    ```
+   ```bash
+   sudo gitlab-ctl stop unicorn
+   ```
 
 After these steps, you'll have a fresh PostgreSQL database with up-to-date schema.
 
@@ -116,57 +116,57 @@ new PostgreSQL one:
 1. Save the following snippet in a `commands.load` file, and edit with your
    MySQL database `username`, `password` and `host`:
 
-    ```
-    LOAD DATABASE
-         FROM mysql://username:password@host/gitlabhq_production
-         INTO postgresql://gitlab-psql@unix://var/opt/gitlab/postgresql:/gitlabhq_production
+   ```
+   LOAD DATABASE
+        FROM mysql://username:password@host/gitlabhq_production
+        INTO postgresql://gitlab-psql@unix://var/opt/gitlab/postgresql:/gitlabhq_production
 
-    WITH include no drop, truncate, disable triggers, create no tables,
-         create no indexes, preserve index names, no foreign keys,
-         data only
+   WITH include no drop, truncate, disable triggers, create no tables,
+        create no indexes, preserve index names, no foreign keys,
+        data only
 
-    ALTER SCHEMA 'gitlabhq_production' RENAME TO 'public'
+   ALTER SCHEMA 'gitlabhq_production' RENAME TO 'public'
 
-    ;
-    ```
+   ;
+   ```
 
 1. Start the migration:
 
-    ```bash
-    sudo -u gitlab-psql pgloader commands.load
-    ```
+   ```bash
+   sudo -u gitlab-psql pgloader commands.load
+   ```
 
 1. Once the migration finishes, you should see a summary table that looks like
    the following:
 
-    ```
-                                     table name       read   imported     errors      total time
-    -----------------------------------------------  ---------  ---------  ---------  --------------
-                                    fetch meta data        119        119          0          0.388s
-                                           Truncate        119        119          0          1.134s
-    -----------------------------------------------  ---------  ---------  ---------  --------------
-                               public.abuse_reports          0          0          0          0.490s
-                                 public.appearances          0          0          0          0.488s
-                                           .
-                                           .
-                                           .
-                               public.web_hook_logs          0          0          0          1.080s
-    -----------------------------------------------  ---------  ---------  ---------  --------------
-                            COPY Threads Completion          4          4          0          2.008s
-                                    Reset Sequences        113        113          0          0.304s
-                                   Install Comments          0          0          0          0.000s
-    -----------------------------------------------  ---------  ---------  ---------  --------------
-                                  Total import time       1894       1894          0         12.497s
-    ```
-
-    If there is no output for more than 30 minutes, it's possible `pgloader` encountered an error. See
-    the [troubleshooting guide](#troubleshooting) for more details.
+   ```
+                                    table name       read   imported     errors      total time
+   -----------------------------------------------  ---------  ---------  ---------  --------------
+                                   fetch meta data        119        119          0          0.388s
+                                          Truncate        119        119          0          1.134s
+   -----------------------------------------------  ---------  ---------  ---------  --------------
+                              public.abuse_reports          0          0          0          0.490s
+                                public.appearances          0          0          0          0.488s
+                                          .
+                                          .
+                                          .
+                              public.web_hook_logs          0          0          0          1.080s
+   -----------------------------------------------  ---------  ---------  ---------  --------------
+                           COPY Threads Completion          4          4          0          2.008s
+                                   Reset Sequences        113        113          0          0.304s
+                                  Install Comments          0          0          0          0.000s
+   -----------------------------------------------  ---------  ---------  ---------  --------------
+                                 Total import time       1894       1894          0         12.497s
+   ```
+
+   If there is no output for more than 30 minutes, it's possible `pgloader` encountered an error. See
+   the [troubleshooting guide](#troubleshooting) for more details.
 
 1. Start GitLab:
 
-    ```bash
-    sudo gitlab-ctl start
-    ```
+   ```bash
+   sudo gitlab-ctl start
+   ```
 
 You can now verify that everything works as expected by visiting GitLab.
 
diff --git a/doc/workflow/git_annex.md b/doc/workflow/git_annex.md
index 84d25951908..9543859f86f 100644
--- a/doc/workflow/git_annex.md
+++ b/doc/workflow/git_annex.md
@@ -54,13 +54,13 @@ sudo yum install epel-release && sudo yum install git-annex
 For omnibus-gitlab packages, only one configuration setting is needed.
 The Omnibus package will internally set the correct options in all locations.
 
-1.  In `/etc/gitlab/gitlab.rb` add the following line:
+1. In `/etc/gitlab/gitlab.rb` add the following line:
 
-    ```ruby
-    gitlab_shell['git_annex_enabled'] = true
-    ```
+   ```ruby
+   gitlab_shell['git_annex_enabled'] = true
+   ```
 
-1.  Save the file and [reconfigure GitLab][] for the changes to take effect.
+1. Save the file and [reconfigure GitLab][] for the changes to take effect.
 
 ### Configuration for installations from source
 
@@ -69,20 +69,20 @@ There are 2 settings to enable git-annex on your GitLab server.
 One is located in `config/gitlab.yml` of the GitLab repository and the other
 one is located in `config.yml` of gitlab-shell.
 
-1.  In `config/gitlab.yml` add or edit the following lines:
+1. In `config/gitlab.yml` add or edit the following lines:
 
-    ```yaml
-    gitlab_shell:
-      git_annex_enabled: true
-    ```
+   ```yaml
+   gitlab_shell:
+     git_annex_enabled: true
+   ```
 
-1.  In `config.yml` of gitlab-shell add or edit the following lines:
+1. In `config.yml` of gitlab-shell add or edit the following lines:
 
-    ```yaml
-    git_annex_enabled: true
-    ```
+   ```yaml
+   git_annex_enabled: true
+   ```
 
-1.  Save the files and [restart GitLab][] for the changes to take effect.
+1. Save the files and [restart GitLab][] for the changes to take effect.
 
 ## Using GitLab git-annex
 
diff --git a/doc/workflow/lfs/migrate_from_git_annex_to_git_lfs.md b/doc/workflow/lfs/migrate_from_git_annex_to_git_lfs.md
index 71c73e3dffe..75673d23799 100644
--- a/doc/workflow/lfs/migrate_from_git_annex_to_git_lfs.md
+++ b/doc/workflow/lfs/migrate_from_git_annex_to_git_lfs.md
@@ -46,25 +46,24 @@ need to do (we assume you have [git-annex enabled](../git_annex.md#using-gitlab-
 repository and that you have made backups in case something goes wrong).
 Fire up a terminal, navigate to your Git repository and:
 
-
 1. Disable `git-annex`:
 
-    ```bash
-    git annex sync --content
-    git annex direct
-    git annex uninit
-    git annex indirect
-    ```
+   ```bash
+   git annex sync --content
+   git annex direct
+   git annex uninit
+   git annex indirect
+   ```
 
 1. Enable `git-lfs`:
 
-    ```
-    git lfs install
-    git lfs track <files>
-    git add .
-    git commit -m "commit message"
-    git push
-    ```
+   ```
+   git lfs install
+   git lfs track <files>
+   git add .
+   git commit -m "commit message"
+   git push
+   ```
 
 ### Disabling Git Annex in your repo
 
@@ -86,72 +85,72 @@ if the server also has Git Annex 6 installed. Read more in the
 
 1. Backup your repository
 
-    ```bash
-    cd repository
-    git annex sync --content
-    cd ..
-    git clone repository repository-backup
-    cd repository-backup
-    git annex get
-    cd ..
-    ```
+   ```bash
+   cd repository
+   git annex sync --content
+   cd ..
+   git clone repository repository-backup
+   cd repository-backup
+   git annex get
+   cd ..
+   ```
 
 1. Use `annex direct`:
 
-    ```bash
-    cd repository
-    git annex direct
-    ```
+   ```bash
+   cd repository
+   git annex direct
+   ```
 
-    The output should be similar to this:
+   The output should be similar to this:
 
-    ```bash
-    commit
-    On branch master
-    Your branch is up-to-date with 'origin/master'.
-    nothing to commit, working tree clean
-    ok
-    direct debian.iso ok
-    direct  ok
-    ```
+   ```bash
+   commit
+   On branch master
+   Your branch is up-to-date with 'origin/master'.
+   nothing to commit, working tree clean
+   ok
+   direct debian.iso ok
+   direct  ok
+   ```
 
 1. Disable Git Annex with [`annex uninit`][uninit]:
 
-    ```bash
-    git annex uninit
-    ```
+   ```bash
+   git annex uninit
+   ```
 
-    The output should be similar to this:
+   The output should be similar to this:
 
-    ```bash
-    unannex debian.iso ok
-    Deleted branch git-annex (was 2534d2c).
-    ```
+   ```bash
+   unannex debian.iso ok
+   Deleted branch git-annex (was 2534d2c).
+   ```
 
-    This will `unannex` every file in the repository, leaving the original files.
+   This will `unannex` every file in the repository, leaving the original files.
 
 1. Switch back to `indirect` mode:
 
-    ```bash
-    git annex indirect
-    ```
-
-    The output should be similar to this:
+   ```bash
+   git annex indirect
+   ```
 
-    ```bash
-    (merging origin/git-annex into git-annex...)
-    (recording state in git...)
-    commit  (recording state in git...)
+   The output should be similar to this:
 
-    ok
-    (recording state in git...)
-    [master fac3194] commit before switching to indirect mode
-     1 file changed, 1 deletion(-)
-     delete mode 120000 alpine-virt-3.4.4-x86_64.iso
-    ok
-    indirect  ok
-    ok
-    ```
+   ```bash
+   (merging origin/git-annex into git-annex...)
+   (recording state in git...)
+   commit  (recording state in git...)
+
+   ok
+   (recording state in git...)
+   [master fac3194] commit before switching to indirect mode
+    1 file changed, 1 deletion(-)
+    delete mode 120000 alpine-virt-3.4.4-x86_64.iso
+   ok
+   indirect  ok
+   ok
+   ```
 
 ---
 
@@ -216,16 +215,16 @@ branches created by Git Annex: `git-annex`, and all under `synced/`.
 
 ![repository branches](images/git-annex-branches.png)
 
-You can also do this on the commandline with:
+You can also do this on the command line with:
 
-    ```bash
-    git branch -d synced/master
-    git branch -d synced/git-annex
-    git push origin :synced/master
-    git push origin :synced/git-annex
-    git push origin :git-annex
-    git remote prune origin
-    ```
+```bash
+git branch -d synced/master
+git branch -d synced/git-annex
+git push origin :synced/master
+git push origin :synced/git-annex
+git push origin :git-annex
+git remote prune origin
+```
 
 If there are still some Annex objects inside your repository (`.git/annex/`)
 or references inside `.git/config`, run `annex uninit` again:
diff --git a/doc/workflow/workflow.md b/doc/workflow/workflow.md
index f70e41df842..7fac41c3b6f 100644
--- a/doc/workflow/workflow.md
+++ b/doc/workflow/workflow.md
@@ -1,31 +1,31 @@
 # Feature branch workflow
 
-1.  Clone project:
+1. Clone project:
 
-    ```bash
-    git clone git@example.com:project-name.git
-    ```
+   ```bash
+   git clone git@example.com:project-name.git
+   ```
 
-1.  Create branch with your feature:
+1. Create branch with your feature:
 
-    ```bash
-    git checkout -b $feature_name
-    ```
+   ```bash
+   git checkout -b $feature_name
+   ```
 
-1.  Write code. Commit changes:
+1. Write code. Commit changes:
 
-    ```bash
-    git commit -am "My feature is ready"
-    ```
+   ```bash
+   git commit -am "My feature is ready"
+   ```
 
-1.  Push your branch to GitLab:
+1. Push your branch to GitLab:
 
-    ```bash
-    git push origin $feature_name
-    ```
+   ```bash
+   git push origin $feature_name
+   ```
 
-1.  Review your code on commits page.
+1. Review your code on commits page.
 
-1.  Create a merge request.
+1. Create a merge request.
 
-1.  Your team lead will review the code &amp; merge it to the main branch.
+1. Your team lead will review the code &amp; merge it to the main branch.
-- 
cgit v1.2.1


From d7c7ebf50a0c1c52d04ecaab78c652f7786423ed Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Cunha?= <j.a.cunha@gmail.com>
Date: Wed, 31 Jul 2019 11:58:38 +0000
Subject: Allow knative do be uninstalled:

- After uninstalling the knative helm chart it's necessary to also
remove some leftover resources to allow the cluster to be clean
and knative to be reinstalleable.
- Adds knative uninstall disclaimer
- Uninstall ksvc before uninstalling knative

Make list of Knative and Ingres resources explicit

- To avoid deleting unwanted resources we are listing exact
which resources will be deleted rather than simply deleting any
resource that contains istio or knative words.
---
 .../uninstall_application_confirmation_modal.vue   |  4 +-
 app/models/clusters/applications/cert_manager.rb   |  2 +-
 app/models/clusters/applications/knative.rb        | 54 ++++++++++++++++--
 app/models/clusters/applications/prometheus.rb     | 13 +++++
 ...8-kubernetes-applications-uninstall-knative.yml |  5 ++
 config/knative/api_resources.yml                   | 64 ++++++++++++++++++++++
 doc/user/clusters/applications.md                  |  1 +
 lib/gitlab/kubernetes/helm/delete_command.rb       |  9 ++-
 lib/gitlab/kubernetes/helm/install_command.rb      | 12 +---
 locale/gitlab.pot                                  |  2 +-
 .../projects/clusters/applications_spec.rb         |  2 +-
 .../clusters/applications/cert_manager_spec.rb     |  2 +-
 spec/models/clusters/applications/knative_spec.rb  | 42 +++++++++++++-
 13 files changed, 188 insertions(+), 24 deletions(-)
 create mode 100644 changelogs/unreleased/60668-kubernetes-applications-uninstall-knative.yml
 create mode 100644 config/knative/api_resources.yml

diff --git a/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue b/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue
index 920439ebb23..2ff6d5e32e2 100644
--- a/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue
+++ b/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue
@@ -13,7 +13,9 @@ const CUSTOM_APP_WARNING_TEXT = {
   ),
   [PROMETHEUS]: s__('ClusterIntegration|All data will be deleted and cannot be restored.'),
   [RUNNER]: s__('ClusterIntegration|Any running pipelines will be canceled.'),
-  [KNATIVE]: s__('ClusterIntegration|The associated IP will be deleted and cannot be restored.'),
+  [KNATIVE]: s__(
+    'ClusterIntegration|The associated IP and all deployed services will be deleted and cannot be restored. Uninstalling Knative will also remove Istio from your cluster. This will not effect any other applications.',
+  ),
   [JUPYTER]: s__(
     'ClusterIntegration|All data not committed to GitLab will be deleted and cannot be restored.',
   ),
diff --git a/app/models/clusters/applications/cert_manager.rb b/app/models/clusters/applications/cert_manager.rb
index d6a7d1d2bdd..7d5a6dec519 100644
--- a/app/models/clusters/applications/cert_manager.rb
+++ b/app/models/clusters/applications/cert_manager.rb
@@ -44,7 +44,7 @@ module Clusters
       private
 
       def post_install_script
-        ["/usr/bin/kubectl create -f /data/helm/certmanager/config/cluster_issuer.yaml"]
+        ["kubectl create -f /data/helm/certmanager/config/cluster_issuer.yaml"]
       end
 
       def cluster_issuer_file
diff --git a/app/models/clusters/applications/knative.rb b/app/models/clusters/applications/knative.rb
index 5df4812bd25..96f526e8a36 100644
--- a/app/models/clusters/applications/knative.rb
+++ b/app/models/clusters/applications/knative.rb
@@ -7,6 +7,7 @@ module Clusters
       REPOSITORY = 'https://storage.googleapis.com/triggermesh-charts'.freeze
       METRICS_CONFIG = 'https://storage.googleapis.com/triggermesh-charts/istio-metrics.yaml'.freeze
       FETCH_IP_ADDRESS_DELAY = 30.seconds
+      API_RESOURCES_PATH = 'config/knative/api_resources.yml'
 
       self.table_name = 'clusters_applications_knative'
 
@@ -46,12 +47,6 @@ module Clusters
         { "domain" => hostname }.to_yaml
       end
 
-      # Handled in a new issue:
-      # https://gitlab.com/gitlab-org/gitlab-ce/issues/59369
-      def allowed_to_uninstall?
-        false
-      end
-
       def install_command
         Gitlab::Kubernetes::Helm::InstallCommand.new(
           name: name,
@@ -76,12 +71,59 @@ module Clusters
         cluster.kubeclient.get_service('istio-ingressgateway', 'istio-system')
       end
 
+      def uninstall_command
+        Gitlab::Kubernetes::Helm::DeleteCommand.new(
+          name: name,
+          rbac: cluster.platform_kubernetes_rbac?,
+          files: files,
+          predelete: delete_knative_services_and_metrics,
+          postdelete: delete_knative_istio_leftovers
+        )
+      end
+
       private
 
+      def delete_knative_services_and_metrics
+        delete_knative_services + delete_knative_istio_metrics.to_a
+      end
+
+      def delete_knative_services
+        cluster.kubernetes_namespaces.map do |kubernetes_namespace|
+          "kubectl delete ksvc --all -n #{kubernetes_namespace.namespace}"
+        end
+      end
+
+      def delete_knative_istio_leftovers
+        delete_knative_namespaces + delete_knative_and_istio_crds
+      end
+
+      def delete_knative_namespaces
+        [
+          "kubectl delete --ignore-not-found ns knative-serving",
+          "kubectl delete --ignore-not-found ns knative-build"
+        ]
+      end
+
+      def delete_knative_and_istio_crds
+        api_resources.map do |crd|
+          "kubectl delete --ignore-not-found crd #{crd}"
+        end
+      end
+
+      # returns an array of CRDs to be postdelete since helm does not
+      # manage the CRDs it creates.
+      def api_resources
+        @api_resources ||= YAML.safe_load(File.read(Rails.root.join(API_RESOURCES_PATH)))
+      end
+
       def install_knative_metrics
         ["kubectl apply -f #{METRICS_CONFIG}"] if cluster.application_prometheus_available?
       end
 
+      def delete_knative_istio_metrics
+        ["kubectl delete --ignore-not-found -f #{METRICS_CONFIG}"] if cluster.application_prometheus_available?
+      end
+
       def verify_cluster?
         cluster&.application_helm_available? && cluster&.platform_kubernetes_rbac?
       end
diff --git a/app/models/clusters/applications/prometheus.rb b/app/models/clusters/applications/prometheus.rb
index 805c8a73f8c..f5375d29f3a 100644
--- a/app/models/clusters/applications/prometheus.rb
+++ b/app/models/clusters/applications/prometheus.rb
@@ -59,6 +59,15 @@ module Clusters
         )
       end
 
+      def uninstall_command
+        Gitlab::Kubernetes::Helm::DeleteCommand.new(
+          name: name,
+          rbac: cluster.platform_kubernetes_rbac?,
+          files: files,
+          predelete: delete_knative_istio_metrics.to_a
+        )
+      end
+
       # Returns a copy of files where the values of 'values.yaml'
       # are replaced by the argument.
       #
@@ -97,6 +106,10 @@ module Clusters
       def install_knative_metrics
         ["kubectl apply -f #{Clusters::Applications::Knative::METRICS_CONFIG}"] if cluster.application_knative_available?
       end
+
+      def delete_knative_istio_metrics
+        ["kubectl delete -f #{Clusters::Applications::Knative::METRICS_CONFIG}"] if cluster.application_knative_available?
+      end
     end
   end
 end
diff --git a/changelogs/unreleased/60668-kubernetes-applications-uninstall-knative.yml b/changelogs/unreleased/60668-kubernetes-applications-uninstall-knative.yml
new file mode 100644
index 00000000000..c33dc0f50cd
--- /dev/null
+++ b/changelogs/unreleased/60668-kubernetes-applications-uninstall-knative.yml
@@ -0,0 +1,5 @@
+---
+title: Allow Knative to be uninstalled from the UI
+merge_request: 30458
+author:
+type: added
diff --git a/config/knative/api_resources.yml b/config/knative/api_resources.yml
new file mode 100644
index 00000000000..43427b730db
--- /dev/null
+++ b/config/knative/api_resources.yml
@@ -0,0 +1,64 @@
+---
+
+- meshpolicies.authentication.istio.io
+- policies.authentication.istio.io
+- adapters.config.istio.io
+- apikeys.config.istio.io
+- attributemanifests.config.istio.io
+- authorizations.config.istio.io
+- bypasses.config.istio.io
+- podautoscalers.autoscaling.internal.knative.dev
+- builds.build.knative.dev
+- buildtemplates.build.knative.dev
+- clusterbuildtemplates.build.knative.dev
+- images.caching.internal.knative.dev
+- certificates.networking.internal.knative.dev
+- clusteringresses.networking.internal.knative.dev
+- serverlessservices.networking.internal.knative.dev
+- configurations.serving.knative.dev
+- revisions.serving.knative.dev
+- routes.serving.knative.dev
+- services.serving.knative.dev
+- checknothings.config.istio.io
+- circonuses.config.istio.io
+- deniers.config.istio.io
+- edges.config.istio.io
+- fluentds.config.istio.io
+- handlers.config.istio.io
+- httpapispecbindings.config.istio.io
+- httpapispecs.config.istio.io
+- instances.config.istio.io
+- kubernetesenvs.config.istio.io
+- kuberneteses.config.istio.io
+- listcheckers.config.istio.io
+- listentries.config.istio.io
+- logentries.config.istio.io
+- memquotas.config.istio.io
+- metrics.config.istio.io
+- noops.config.istio.io
+- opas.config.istio.io
+- prometheuses.config.istio.io
+- quotas.config.istio.io
+- quotaspecbindings.config.istio.io
+- quotaspecs.config.istio.io
+- rbacs.config.istio.io
+- redisquotas.config.istio.io
+- reportnothings.config.istio.io
+- rules.config.istio.io
+- servicecontrolreports.config.istio.io
+- servicecontrols.config.istio.io
+- signalfxs.config.istio.io
+- solarwindses.config.istio.io
+- stackdrivers.config.istio.io
+- statsds.config.istio.io
+- stdios.config.istio.io
+- templates.config.istio.io
+- tracespans.config.istio.io
+- destinationrules.networking.istio.io
+- envoyfilters.networking.istio.io
+- gateways.networking.istio.io
+- serviceentries.networking.istio.io
+- virtualservices.networking.istio.io
+- rbacconfigs.rbac.istio.io
+- servicerolebindings.rbac.istio.io
+- serviceroles.rbac.istio.io
\ No newline at end of file
diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md
index 1bc43f4b7a4..7c24f6db86f 100644
--- a/doc/user/clusters/applications.md
+++ b/doc/user/clusters/applications.md
@@ -255,6 +255,7 @@ The applications below can be uninstalled.
 | GitLab Runner  | 12.2+         | Any running pipelines will be canceled. |
 | Ingress  | 12.1+         | The associated load balancer and IP will be deleted and cannot be restored. Furthermore, it can only be uninstalled if JupyterHub is not installed. |
 | JupyterHub  | 12.1+         | All data not committed to GitLab will be deleted and cannot be restored. |
+| Knative  | 12.1+         | The associated IP will be deleted and cannot be restored. |
 | Prometheus  | 11.11+         | All data will be deleted and cannot be restored. |
 
 To uninstall an application:
diff --git a/lib/gitlab/kubernetes/helm/delete_command.rb b/lib/gitlab/kubernetes/helm/delete_command.rb
index 876994d2678..aeba4a54b6d 100644
--- a/lib/gitlab/kubernetes/helm/delete_command.rb
+++ b/lib/gitlab/kubernetes/helm/delete_command.rb
@@ -7,19 +7,24 @@ module Gitlab
         include BaseCommand
         include ClientCommand
 
+        attr_reader :predelete, :postdelete
         attr_accessor :name, :files
 
-        def initialize(name:, rbac:, files:)
+        def initialize(name:, rbac:, files:, predelete: nil, postdelete: nil)
           @name = name
           @files = files
           @rbac = rbac
+          @predelete = predelete
+          @postdelete = postdelete
         end
 
         def generate_script
           super + [
             init_command,
             wait_for_tiller_command,
-            delete_command
+            predelete,
+            delete_command,
+            postdelete
           ].compact.join("\n")
         end
 
diff --git a/lib/gitlab/kubernetes/helm/install_command.rb b/lib/gitlab/kubernetes/helm/install_command.rb
index 9744a5f3d8a..f572bc43533 100644
--- a/lib/gitlab/kubernetes/helm/install_command.rb
+++ b/lib/gitlab/kubernetes/helm/install_command.rb
@@ -27,9 +27,9 @@ module Gitlab
             wait_for_tiller_command,
             repository_command,
             repository_update_command,
-            preinstall_command,
+            preinstall,
             install_command,
-            postinstall_command
+            postinstall
           ].compact.join("\n")
         end
 
@@ -58,14 +58,6 @@ module Gitlab
           command.shelljoin
         end
 
-        def preinstall_command
-          preinstall.join("\n") if preinstall
-        end
-
-        def postinstall_command
-          postinstall.join("\n") if postinstall
-        end
-
         def install_flag
           ['--install']
         end
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 878ee5bc344..709226e686c 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -2815,7 +2815,7 @@ msgstr ""
 msgid "ClusterIntegration|The URL used to access the Kubernetes API."
 msgstr ""
 
-msgid "ClusterIntegration|The associated IP will be deleted and cannot be restored."
+msgid "ClusterIntegration|The associated IP and all deployed services will be deleted and cannot be restored. Uninstalling Knative will also remove Istio from your cluster. This will not effect any other applications."
 msgstr ""
 
 msgid "ClusterIntegration|The associated certifcate will be deleted and cannot be restored."
diff --git a/spec/features/projects/clusters/applications_spec.rb b/spec/features/projects/clusters/applications_spec.rb
index d0182270d82..de97c8a8bc0 100644
--- a/spec/features/projects/clusters/applications_spec.rb
+++ b/spec/features/projects/clusters/applications_spec.rb
@@ -126,7 +126,7 @@ describe 'Clusters Applications', :js do
             it 'shows status transition' do
               page.within('.js-cluster-application-row-knative') do
                 expect(domainname_form_value).to eq('domain.example.org')
-                expect(page).to have_css('.js-cluster-application-install-button', exact_text: 'Installed')
+                expect(page).to have_css('.js-cluster-application-uninstall-button', exact_text: 'Uninstall')
               end
 
               expect(page).to have_content('Knative was successfully installed on your Kubernetes cluster')
diff --git a/spec/models/clusters/applications/cert_manager_spec.rb b/spec/models/clusters/applications/cert_manager_spec.rb
index 8d853a04e33..6e1f80cadc2 100644
--- a/spec/models/clusters/applications/cert_manager_spec.rb
+++ b/spec/models/clusters/applications/cert_manager_spec.rb
@@ -48,7 +48,7 @@ describe Clusters::Applications::CertManager do
       expect(subject.version).to eq('v0.5.2')
       expect(subject).to be_rbac
       expect(subject.files).to eq(cert_manager.files.merge(cluster_issuer_file))
-      expect(subject.postinstall).to eq(['/usr/bin/kubectl create -f /data/helm/certmanager/config/cluster_issuer.yaml'])
+      expect(subject.postinstall).to eq(['kubectl create -f /data/helm/certmanager/config/cluster_issuer.yaml'])
     end
 
     context 'for a specific user' do
diff --git a/spec/models/clusters/applications/knative_spec.rb b/spec/models/clusters/applications/knative_spec.rb
index 7f4819cbb9a..342ed907854 100644
--- a/spec/models/clusters/applications/knative_spec.rb
+++ b/spec/models/clusters/applications/knative_spec.rb
@@ -39,7 +39,7 @@ describe Clusters::Applications::Knative do
   describe '#can_uninstall?' do
     subject { knative.can_uninstall? }
 
-    it { is_expected.to be_falsey }
+    it { is_expected.to be_truthy }
   end
 
   describe '#schedule_status_update with external_ip' do
@@ -129,6 +129,46 @@ describe Clusters::Applications::Knative do
     it_behaves_like 'a command'
   end
 
+  describe '#uninstall_command' do
+    subject { knative.uninstall_command }
+
+    it { is_expected.to be_an_instance_of(Gitlab::Kubernetes::Helm::DeleteCommand) }
+
+    it "removes knative deployed services before uninstallation" do
+      2.times do |i|
+        cluster_project = create(:cluster_project, cluster: knative.cluster)
+
+        create(:cluster_kubernetes_namespace,
+          cluster: cluster_project.cluster,
+          cluster_project: cluster_project,
+          project: cluster_project.project,
+          namespace: "namespace_#{i}")
+      end
+
+      remove_namespaced_services_script = [
+        "kubectl delete ksvc --all -n #{knative.cluster.kubernetes_namespaces.first.namespace}",
+        "kubectl delete ksvc --all -n #{knative.cluster.kubernetes_namespaces.second.namespace}"
+      ]
+
+      expect(subject.predelete).to match_array(remove_namespaced_services_script)
+    end
+
+    it "initializes command with all necessary postdelete script" do
+      api_resources = YAML.safe_load(File.read(Rails.root.join(Clusters::Applications::Knative::API_RESOURCES_PATH)))
+
+      remove_knative_istio_leftovers_script = [
+        "kubectl delete --ignore-not-found ns knative-serving",
+        "kubectl delete --ignore-not-found ns knative-build"
+      ]
+
+      full_delete_commands_size = api_resources.size + remove_knative_istio_leftovers_script.size
+
+      expect(subject.postdelete).to include(*remove_knative_istio_leftovers_script)
+      expect(subject.postdelete.size).to eq(full_delete_commands_size)
+      expect(subject.postdelete[2]).to eq("kubectl delete --ignore-not-found crd #{api_resources[0]}")
+    end
+  end
+
   describe '#files' do
     let(:application) { knative }
     let(:values) { subject[:'values.yaml'] }
-- 
cgit v1.2.1


From 5eb3c4af38959c3e9414053c954e397c0b03a26b Mon Sep 17 00:00:00 2001
From: drew <dscimino@gmail.com>
Date: Wed, 31 Jul 2019 12:06:01 +0000
Subject: Default dependency job stage index to Infinity, and correctly report
 it as undefined in prior stages

---
 .../unreleased/report-missing-job-dependency.yml   |  6 ++++++
 lib/gitlab/ci/yaml_processor.rb                    |  4 +++-
 spec/lib/gitlab/ci/yaml_processor_spec.rb          | 25 ++++++++++++++++++++++
 3 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/report-missing-job-dependency.yml

diff --git a/changelogs/unreleased/report-missing-job-dependency.yml b/changelogs/unreleased/report-missing-job-dependency.yml
new file mode 100644
index 00000000000..660cdfc856e
--- /dev/null
+++ b/changelogs/unreleased/report-missing-job-dependency.yml
@@ -0,0 +1,6 @@
+---
+title: Default dependency job stage index to Infinity, and correctly report it as
+  undefined in prior stages
+merge_request: 31116
+author:
+type: fixed
diff --git a/lib/gitlab/ci/yaml_processor.rb b/lib/gitlab/ci/yaml_processor.rb
index a5693dc4f81..a0bbf3c23a2 100644
--- a/lib/gitlab/ci/yaml_processor.rb
+++ b/lib/gitlab/ci/yaml_processor.rb
@@ -144,7 +144,9 @@ module Gitlab
         job[:dependencies].each do |dependency|
           raise ValidationError, "#{name} job: undefined dependency: #{dependency}" unless @jobs[dependency.to_sym]
 
-          unless @stages.index(@jobs[dependency.to_sym][:stage]) < stage_index
+          dependency_stage_index = @stages.index(@jobs[dependency.to_sym][:stage])
+
+          unless dependency_stage_index.present? && dependency_stage_index < stage_index
             raise ValidationError, "#{name} job: dependency #{dependency} is not defined in prior stages"
           end
         end
diff --git a/spec/lib/gitlab/ci/yaml_processor_spec.rb b/spec/lib/gitlab/ci/yaml_processor_spec.rb
index fc9d4f97bda..d3676ee03bf 100644
--- a/spec/lib/gitlab/ci/yaml_processor_spec.rb
+++ b/spec/lib/gitlab/ci/yaml_processor_spec.rb
@@ -1085,6 +1085,31 @@ module Gitlab
 
           it { expect { subject }.to raise_error(Gitlab::Ci::YamlProcessor::ValidationError, 'test1 job: dependency deploy is not defined in prior stages') }
         end
+
+        context 'when a job depends on another job that references a not-yet defined stage' do
+          let(:config) do
+            {
+              "stages" => [
+                "version"
+              ],
+              "version" => {
+                "stage" => "version",
+                "dependencies" => ["release:components:versioning"],
+                "script" => ["./versioning/versioning"]
+              },
+              ".release_go" => {
+                "stage" => "build",
+                "script" => ["cd versioning"]
+              },
+              "release:components:versioning" => {
+                "stage" => "build",
+                "script" => ["cd versioning"]
+              }
+            }
+          end
+
+          it { expect { subject }.to raise_error(Gitlab::Ci::YamlProcessor::ValidationError, /is not defined in prior stages/) }
+        end
       end
 
       describe "Hidden jobs" do
-- 
cgit v1.2.1


From ee828f09bfb063280695f8c3066e7906d5b13769 Mon Sep 17 00:00:00 2001
From: Andrew Newdigate <andrew@gitlab.com>
Date: Wed, 31 Jul 2019 12:07:47 +0000
Subject: Adds Sidekiq scheduling latency structured logging field

---
 .../unreleased/an-sidekiq-scheduling_latency.yml   |  5 +++
 lib/gitlab/sidekiq_logging/structured_logger.rb    |  6 +++
 .../sidekiq_logging/structured_logger_spec.rb      | 44 +++++++++++++++++++---
 3 files changed, 50 insertions(+), 5 deletions(-)
 create mode 100644 changelogs/unreleased/an-sidekiq-scheduling_latency.yml

diff --git a/changelogs/unreleased/an-sidekiq-scheduling_latency.yml b/changelogs/unreleased/an-sidekiq-scheduling_latency.yml
new file mode 100644
index 00000000000..2d6f462745e
--- /dev/null
+++ b/changelogs/unreleased/an-sidekiq-scheduling_latency.yml
@@ -0,0 +1,5 @@
+---
+title: Adds Sidekiq scheduling latency structured logging field
+merge_request: 30784
+author:
+type: other
diff --git a/lib/gitlab/sidekiq_logging/structured_logger.rb b/lib/gitlab/sidekiq_logging/structured_logger.rb
index fdc0d518c59..d556d5ef129 100644
--- a/lib/gitlab/sidekiq_logging/structured_logger.rb
+++ b/lib/gitlab/sidekiq_logging/structured_logger.rb
@@ -32,6 +32,12 @@ module Gitlab
         payload['message'] = "#{base_message(payload)}: start"
         payload['job_status'] = 'start'
 
+        # Old gitlab-shell messages don't provide enqueued_at/created_at attributes
+        enqueued_at = payload['enqueued_at'] || payload['created_at']
+        if enqueued_at
+          payload['scheduling_latency_s'] = elapsed(Time.iso8601(enqueued_at).to_f)
+        end
+
         payload
       end
 
diff --git a/spec/lib/gitlab/sidekiq_logging/structured_logger_spec.rb b/spec/lib/gitlab/sidekiq_logging/structured_logger_spec.rb
index 7bc4599e20f..98286eb432d 100644
--- a/spec/lib/gitlab/sidekiq_logging/structured_logger_spec.rb
+++ b/spec/lib/gitlab/sidekiq_logging/structured_logger_spec.rb
@@ -2,7 +2,10 @@ require 'spec_helper'
 
 describe Gitlab::SidekiqLogging::StructuredLogger do
   describe '#call' do
-    let(:timestamp) { Time.new('2018-01-01 12:00:00').utc }
+    let(:timestamp) { Time.iso8601('2018-01-01T12:00:00Z') }
+    let(:created_at) { timestamp }
+    let(:scheduling_latency_s) { 0.0 }
+
     let(:job) do
       {
         "class" => "TestWorker",
@@ -11,19 +14,21 @@ describe Gitlab::SidekiqLogging::StructuredLogger do
         "queue" => "cronjob:test_queue",
         "queue_namespace" => "cronjob",
         "jid" => "da883554ee4fe414012f5f42",
-        "created_at" => timestamp.to_f,
-        "enqueued_at" => timestamp.to_f,
+        "created_at" => created_at.to_f,
+        "enqueued_at" => created_at.to_f,
         "correlation_id" => 'cid'
       }
     end
+
     let(:logger) { double }
     let(:start_payload) do
       job.merge(
         'message' => 'TestWorker JID-da883554ee4fe414012f5f42: start',
         'job_status' => 'start',
         'pid' => Process.pid,
-        'created_at' => timestamp.iso8601(3),
-        'enqueued_at' => timestamp.iso8601(3)
+        'created_at' => created_at.iso8601(3),
+        'enqueued_at' => created_at.iso8601(3),
+        'scheduling_latency_s' => scheduling_latency_s
       )
     end
     let(:end_payload) do
@@ -118,6 +123,35 @@ describe Gitlab::SidekiqLogging::StructuredLogger do
           subject.call(job, 'test_queue') { }
         end
       end
+
+      it 'logs without created_at and enqueued_at fields' do
+        Timecop.freeze(timestamp) do
+          excluded_fields = %w(created_at enqueued_at args scheduling_latency_s)
+
+          expect(logger).to receive(:info).with(start_payload.except(*excluded_fields)).ordered
+          expect(logger).to receive(:info).with(end_payload.except(*excluded_fields)).ordered
+          expect(subject).to receive(:log_job_start).and_call_original
+          expect(subject).to receive(:log_job_done).and_call_original
+
+          subject.call(job.except("created_at", "enqueued_at"), 'test_queue') { }
+        end
+      end
+    end
+
+    context 'with latency' do
+      let(:created_at) { Time.iso8601('2018-01-01T10:00:00Z') }
+      let(:scheduling_latency_s) { 7200.0 }
+
+      it 'logs with scheduling latency' do
+        Timecop.freeze(timestamp) do
+          expect(logger).to receive(:info).with(start_payload.except('args')).ordered
+          expect(logger).to receive(:info).with(end_payload.except('args')).ordered
+          expect(subject).to receive(:log_job_start).and_call_original
+          expect(subject).to receive(:log_job_done).and_call_original
+
+          subject.call(job, 'test_queue') { }
+        end
+      end
     end
   end
 end
-- 
cgit v1.2.1


From b0d9b9fc7b7f40deb878ce286dde0c2bde35254b Mon Sep 17 00:00:00 2001
From: Ben Kochie <bjk@gitlab.com>
Date: Tue, 23 Jul 2019 18:14:35 +0200
Subject: Update HA resource descriptions

* Use `GiB memory` to describe memory needs.
* Add local storage recommendation for monitoring node.
* Better align CPU/Memory to match common cloud provider instnace types.
* Update requirements based on the new 10k user standard.
---
 doc/administration/high_availability/README.md | 16 ++++++++--------
 doc/install/requirements.md                    | 24 ++++++++++--------------
 2 files changed, 18 insertions(+), 22 deletions(-)

diff --git a/doc/administration/high_availability/README.md b/doc/administration/high_availability/README.md
index 42516d811a0..bb824c9259b 100644
--- a/doc/administration/high_availability/README.md
+++ b/doc/administration/high_availability/README.md
@@ -172,14 +172,14 @@ environment that supports about 10,000 users. The specifications below are a
 representation of the work so far. The specifications may be adjusted in the
 future based on additional testing and iteration.
 
-- 3 PostgreSQL - 4 CPU, 8GB RAM per node
-- 1 PgBouncer - 2 CPU, 4GB RAM
-- 2 Redis - 2 CPU, 8GB RAM per node
-- 3 Consul/Sentinel - 2 CPU, 2GB RAM per node
-- 4 Sidekiq - 4 CPU, 8GB RAM per node
-- 5 GitLab application nodes - 20 CPU, 64GB RAM per node
-- 1 Gitaly - 20 CPU, 64GB RAM
-- 1 Monitoring node - 4 CPU, 8GB RAM
+- 3 PostgreSQL - 4 CPU, 16GiB memory per node
+- 1 PgBouncer - 2 CPU, 4GiB memory
+- 2 Redis - 2 CPU, 8GiB memory per node
+- 3 Consul/Sentinel - 2 CPU, 2GiB memory per node
+- 4 Sidekiq - 4 CPU, 16GiB memory per node
+- 5 GitLab application nodes - 16 CPU, 64GiB memory per node
+- 1 Gitaly - 16 CPU, 64GiB memory
+- 1 Monitoring node - 2 CPU, 8GiB memory, 100GiB local storage
 
 ### Fully Distributed
 
diff --git a/doc/install/requirements.md b/doc/install/requirements.md
index 25ab608de3a..365609ef757 100644
--- a/doc/install/requirements.md
+++ b/doc/install/requirements.md
@@ -63,13 +63,11 @@ NOTE: **Note:** Since file system performance may affect GitLab's overall perfor
 ### CPU
 
 - 1 core supports up to 100 users but the application can be a bit slower due to having all workers and background jobs running on the same core
-- **2 cores** is the **recommended** number of cores and supports up to 500 users
-- 4 cores supports up to 2,000 users
-- 8 cores supports up to 5,000 users
-- 16 cores supports up to 10,000 users
-- 32 cores supports up to 20,000 users
-- 64 cores supports up to 40,000 users
-- More users? Run it on [multiple application servers](https://about.gitlab.com/high-availability/)
+- **2 cores** is the **recommended** minimum number of cores and supports up to 100 users
+- 4 cores supports up to 500 users
+- 8 cores supports up to 1,000 users
+- 32 cores supports up to 5,000 users
+- More users? Run it high-availability on [multiple application servers](https://about.gitlab.com/high-availability/)
 
 ### Memory
 
@@ -80,13 +78,11 @@ less memory GitLab will give strange errors during the reconfigure run and 500
 errors during usage.
 
 - 4GB RAM + 4GB swap supports up to 100 users but it will be very slow
-- **8GB RAM** is the **recommended** memory size for all installations and supports up to 100 users
-- 16GB RAM supports up to 2,000 users
-- 32GB RAM supports up to 4,000 users
-- 64GB RAM supports up to 8,000 users
-- 128GB RAM supports up to 16,000 users
-- 256GB RAM supports up to 32,000 users
-- More users? Run it on [multiple application servers](https://about.gitlab.com/high-availability/)
+- **8GB RAM** is the **recommended** minimum memory size for all installations and supports up to 100 users
+- 16GB RAM supports up to 500 users
+- 32GB RAM supports up to 1,000 users
+- 128GB RAM supports up to 5,000 users
+- More users? Run it high-availability on [multiple application servers](https://about.gitlab.com/high-availability/)
 
 We recommend having at least [2GB of swap on your server](https://askubuntu.com/a/505344/310789), even if you currently have
 enough available RAM. Having swap will help reduce the chance of errors occurring
-- 
cgit v1.2.1


From 25cfdd69d3fbdd44d4fc2588ea2c0413d3a089df Mon Sep 17 00:00:00 2001
From: Walmyr Lima <walmyr@gitlab.com>
Date: Wed, 31 Jul 2019 15:27:18 +0200
Subject: Update sections titles with right heading

---
 doc/development/testing_guide/end_to_end/style_guide.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/development/testing_guide/end_to_end/style_guide.md b/doc/development/testing_guide/end_to_end/style_guide.md
index 6a888142575..c9c375d4320 100644
--- a/doc/development/testing_guide/end_to_end/style_guide.md
+++ b/doc/development/testing_guide/end_to_end/style_guide.md
@@ -45,7 +45,7 @@ Notice that in the above example, before clicking the `:operations_environments_
 
 > We can create these methods as helpers to abstract multi-step navigation.
 
-### Element naming convention
+## Element naming convention
 
 When adding new elements to a page, it's important that we have a uniform element naming convention.
 
@@ -67,7 +67,7 @@ We follow a simple formula roughly based on hungarian notation.
 *Note: This list is a work in progress. This list will eventually be the end-all enumeration of all available types.
         I.e., any element that does not end with something in this list is bad form.*
 
-#### Examples
+### Examples
 
 **Good**
 
-- 
cgit v1.2.1


From 5d7b46d523bb2310ac33d5b4c06137e9a3fd17aa Mon Sep 17 00:00:00 2001
From: charlie ablett <cablett@gitlab.com>
Date: Wed, 31 Jul 2019 13:51:46 +0000
Subject: Port CE changes from EE

- DB migration of board milestone values
- issue finder & spec updates
---
 app/assets/javascripts/milestone_select.js         |  8 ++++---
 app/finders/issuable_finder.rb                     | 27 ++++++++++------------
 app/models/milestone.rb                            |  4 ++--
 ...-milestone-should-persist-any-none-properly.yml |  5 ++++
 .../20190703001120_default_milestone_to_nil.rb     | 24 +++++++++++++++++++
 spec/finders/issues_finder_spec.rb                 |  4 ++--
 .../requests/api/issues/get_project_issues_spec.rb |  2 +-
 7 files changed, 51 insertions(+), 23 deletions(-)
 create mode 100644 changelogs/unreleased/4221-board-milestone-should-persist-any-none-properly.yml
 create mode 100644 db/migrate/20190703001120_default_milestone_to_nil.rb

diff --git a/app/assets/javascripts/milestone_select.js b/app/assets/javascripts/milestone_select.js
index 43949d5cc86..01ed27c49fb 100644
--- a/app/assets/javascripts/milestone_select.js
+++ b/app/assets/javascripts/milestone_select.js
@@ -55,7 +55,7 @@ export default class MilestoneSelect {
       const $sidebarCollapsedValue = $block.find('.sidebar-collapsed-icon');
       const $value = $block.find('.value');
       const $loading = $block.find('.block-loading').fadeOut();
-      selectedMilestoneDefault = showAny ? '' : null;
+      selectedMilestoneDefault = showAny ? __('Any Milestone') : null;
       selectedMilestoneDefault =
         showNo && defaultNo ? __('No Milestone') : selectedMilestoneDefault;
       selectedMilestone = $dropdown.data('selected') || selectedMilestoneDefault;
@@ -74,14 +74,16 @@ export default class MilestoneSelect {
             if (showAny) {
               extraOptions.push({
                 id: null,
-                name: null,
+                // eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings
+                name: 'Any',
                 title: __('Any Milestone'),
               });
             }
             if (showNo) {
               extraOptions.push({
                 id: -1,
-                name: __('No Milestone'),
+                // eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings
+                name: 'None',
                 title: __('No Milestone'),
               });
             }
diff --git a/app/finders/issuable_finder.rb b/app/finders/issuable_finder.rb
index 1773ac2d508..86970ae3219 100644
--- a/app/finders/issuable_finder.rb
+++ b/app/finders/issuable_finder.rb
@@ -484,22 +484,19 @@ class IssuableFinder
 
   # rubocop: disable CodeReuse/ActiveRecord
   def by_milestone(items)
-    if milestones?
-      if filter_by_no_milestone?
-        items = items.left_joins_milestones.where(milestone_id: [-1, nil])
-      elsif filter_by_any_milestone?
-        items = items.any_milestone
-      elsif filter_by_upcoming_milestone?
-        upcoming_ids = Milestone.upcoming_ids(projects, related_groups)
-        items = items.left_joins_milestones.where(milestone_id: upcoming_ids)
-      elsif filter_by_started_milestone?
-        items = items.left_joins_milestones.merge(Milestone.started)
-      else
-        items = items.with_milestone(params[:milestone_title])
-      end
+    return items unless milestones?
+    return items if filter_by_any_milestone?
+
+    if filter_by_no_milestone?
+      items.left_joins_milestones.where(milestone_id: nil)
+    elsif filter_by_upcoming_milestone?
+      upcoming_ids = Milestone.upcoming_ids(projects, related_groups)
+      items.left_joins_milestones.where(milestone_id: upcoming_ids)
+    elsif filter_by_started_milestone?
+      items.left_joins_milestones.merge(Milestone.started)
+    else
+      items.with_milestone(params[:milestone_title])
     end
-
-    items
   end
   # rubocop: enable CodeReuse/ActiveRecord
 
diff --git a/app/models/milestone.rb b/app/models/milestone.rb
index 2ad2838111e..60266992ee1 100644
--- a/app/models/milestone.rb
+++ b/app/models/milestone.rb
@@ -4,8 +4,8 @@ class Milestone < ApplicationRecord
   # Represents a "No Milestone" state used for filtering Issues and Merge
   # Requests that have no milestone assigned.
   MilestoneStruct = Struct.new(:title, :name, :id)
-  None = MilestoneStruct.new('No Milestone', 'No Milestone', 0)
-  Any = MilestoneStruct.new('Any Milestone', '', -1)
+  None = MilestoneStruct.new('No Milestone', 'No Milestone', -1)
+  Any = MilestoneStruct.new('Any Milestone', '', nil)
   Upcoming = MilestoneStruct.new('Upcoming', '#upcoming', -2)
   Started = MilestoneStruct.new('Started', '#started', -3)
 
diff --git a/changelogs/unreleased/4221-board-milestone-should-persist-any-none-properly.yml b/changelogs/unreleased/4221-board-milestone-should-persist-any-none-properly.yml
new file mode 100644
index 00000000000..d50c59bf607
--- /dev/null
+++ b/changelogs/unreleased/4221-board-milestone-should-persist-any-none-properly.yml
@@ -0,0 +1,5 @@
+---
+title: For milestone filters, treat Any as No Filter (using null). Use -1 for No Milestone
+merge_request:
+author:
+type: changed
diff --git a/db/migrate/20190703001120_default_milestone_to_nil.rb b/db/migrate/20190703001120_default_milestone_to_nil.rb
new file mode 100644
index 00000000000..6a1c3603d9d
--- /dev/null
+++ b/db/migrate/20190703001120_default_milestone_to_nil.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+class DefaultMilestoneToNil < ActiveRecord::Migration[5.1]
+  DOWNTIME = false
+
+  def up
+    execute(update_board_milestones_query)
+  end
+
+  def down
+    # no-op
+  end
+
+  private
+
+  # Only 105 records to update, as of 2019/07/18
+  def update_board_milestones_query
+    <<~HEREDOC
+   UPDATE boards
+     SET milestone_id = NULL
+   WHERE boards.milestone_id = -1
+    HEREDOC
+  end
+end
diff --git a/spec/finders/issues_finder_spec.rb b/spec/finders/issues_finder_spec.rb
index 879ff01f294..bcde730c40b 100644
--- a/spec/finders/issues_finder_spec.rb
+++ b/spec/finders/issues_finder_spec.rb
@@ -113,13 +113,13 @@ describe IssuesFinder do
         let(:params) { { milestone_title: 'Any' } }
 
         it 'returns issues with any assigned milestone' do
-          expect(issues).to contain_exactly(issue1)
+          expect(issues).to contain_exactly(issue1, issue2, issue3, issue4)
         end
 
         it 'returns issues with any assigned milestone (deprecated)' do
           params[:milestone_title] = Milestone::Any.title
 
-          expect(issues).to contain_exactly(issue1)
+          expect(issues).to contain_exactly(issue1, issue2, issue3, issue4)
         end
       end
 
diff --git a/spec/requests/api/issues/get_project_issues_spec.rb b/spec/requests/api/issues/get_project_issues_spec.rb
index f7ca6fd1e0a..f11d8259d4a 100644
--- a/spec/requests/api/issues/get_project_issues_spec.rb
+++ b/spec/requests/api/issues/get_project_issues_spec.rb
@@ -389,7 +389,7 @@ describe API::Issues do
     it 'returns an array of issues with any milestone' do
       get api("#{base_url}/issues", user), params: { milestone: any_milestone_title }
 
-      expect_paginated_array_response([issue.id, closed_issue.id])
+      expect_paginated_array_response([issue.id, confidential_issue.id, closed_issue.id])
     end
 
     context 'without sort params' do
-- 
cgit v1.2.1


From 3d9c28af9331feb279053113677af2633e4b8e91 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Wed, 31 Jul 2019 06:49:56 -0700
Subject: Fix first-time contributor notes not rendering

https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/31117 enabled the
HashInefficientHash Rubocop rule that was fooled by the special
implementation of `SpecialRole`. We fix this by introducing a
`value?` method and adding unit tests.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/65383
---
 app/models/note.rb                                      |  4 ++++
 changelogs/unreleased/sh-fix-special-role-error-500.yml |  5 +++++
 spec/models/note_spec.rb                                | 16 ++++++++++++++++
 3 files changed, 25 insertions(+)
 create mode 100644 changelogs/unreleased/sh-fix-special-role-error-500.yml

diff --git a/app/models/note.rb b/app/models/note.rb
index 3f182c1f099..a12d1eb7243 100644
--- a/app/models/note.rb
+++ b/app/models/note.rb
@@ -27,6 +27,10 @@ class Note < ApplicationRecord
       def values
         constants.map {|const| self.const_get(const)}
       end
+
+      def value?(val)
+        values.include?(val)
+      end
     end
   end
 
diff --git a/changelogs/unreleased/sh-fix-special-role-error-500.yml b/changelogs/unreleased/sh-fix-special-role-error-500.yml
new file mode 100644
index 00000000000..9aed0710da3
--- /dev/null
+++ b/changelogs/unreleased/sh-fix-special-role-error-500.yml
@@ -0,0 +1,5 @@
+---
+title: Fix first-time contributor notes not rendering
+merge_request: 31340
+author:
+type: fixed
diff --git a/spec/models/note_spec.rb b/spec/models/note_spec.rb
index 03003e3dd7d..bfd0e5f0558 100644
--- a/spec/models/note_spec.rb
+++ b/spec/models/note_spec.rb
@@ -913,6 +913,22 @@ describe Note do
     end
   end
 
+  describe '#special_role=' do
+    let(:role) { Note::SpecialRole::FIRST_TIME_CONTRIBUTOR }
+
+    it 'assigns role' do
+      subject.special_role = role
+
+      expect(subject.special_role).to eq(role)
+    end
+
+    it 'does not assign unknown role' do
+      expect { subject.special_role = :bogus }.to raise_error(/Role is undefined/)
+
+      expect(subject.special_role).to be_nil
+    end
+  end
+
   describe '#parent' do
     it 'returns project for project notes' do
       project = create(:project)
-- 
cgit v1.2.1


From 8f9b2fcc64aad0041d16d63947321cd8c085d550 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Tue, 30 Jul 2019 13:34:50 -0700
Subject: Document required quotes in Mermaid subgraph titles

Mermaid v8.2.3 added support for styling in subgraphs, but if there are
multiple words in a title, quotes are required.

* https://github.com/knsv/mermaid/pull/845
* https://github.com/knsv/mermaid/issues/391#issuecomment-495602059

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/65338
---
 doc/user/markdown.md | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)

diff --git a/doc/user/markdown.md b/doc/user/markdown.md
index 9380dcf2a32..edb1e904f2b 100644
--- a/doc/user/markdown.md
+++ b/doc/user/markdown.md
@@ -185,6 +185,49 @@ graph TD;
   C-->D;
 ```
 
+#### Subgraphs
+
+NOTE: **Note:** GitLab 12.1 and up now [requires quotes around subgraph
+titles that contain multiple words](https://github.com/knsv/mermaid/pull/845).
+
+Subgraphs can also be included:
+
+~~~
+```mermaid
+graph TB
+
+  SubGraph1 --> SubGraph1Flow
+  subgraph "SubGraph 1 Flow"
+  SubGraph1Flow(SubNode 1)
+  SubGraph1Flow -- Choice1 --> DoChoice1
+  SubGraph1Flow -- Choice2 --> DoChoice2
+  end
+
+  subgraph "Main Graph"
+  Node1[Node 1] --> Node2[Node 2]
+  Node2 --> SubGraph1[Jump to SubGraph1]
+  SubGraph1 --> FinalThing[Final Thing]
+end
+```
+~~~
+
+```mermaid
+graph TB
+
+  SubGraph1 --> SubGraph1Flow
+  subgraph "SubGraph 1 Flow"
+  SubGraph1Flow(SubNode 1)
+  SubGraph1Flow -- Choice1 --> DoChoice1
+  SubGraph1Flow -- Choice2 --> DoChoice2
+  end
+
+  subgraph "Main Graph"
+  Node1[Node 1] --> Node2[Node 2]
+  Node2 --> SubGraph1[Jump to SubGraph1]
+  SubGraph1 --> FinalThing[Final Thing]
+end
+```
+
 ### Emoji
 
 > If this is not rendered correctly, [view it in GitLab itself](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/user/markdown.md#emoji).
-- 
cgit v1.2.1


From b0532ee36b52a3ac8f16b0b79f8596917ae2abc1 Mon Sep 17 00:00:00 2001
From: Nathan Friend <nathan@gitlab.com>
Date: Wed, 31 Jul 2019 11:38:23 -0300
Subject: Add percentage rollout support to feature flag UI (CE)

This commit updates the feature flags pages to includes support for the
percentage rollout strategy.
---
 app/assets/stylesheets/framework/common.scss | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/assets/stylesheets/framework/common.scss b/app/assets/stylesheets/framework/common.scss
index 6b44834cc52..f384a49e0ae 100644
--- a/app/assets/stylesheets/framework/common.scss
+++ b/app/assets/stylesheets/framework/common.scss
@@ -435,6 +435,7 @@ img.emoji {
 /** COMMON SIZING CLASSES **/
 .w-0 { width: 0; }
 .w-8em { width: 8em; }
+.w-3rem { width: 3rem; }
 
 .h-12em { height: 12em; }
 
-- 
cgit v1.2.1


From ca9d8bb952d01547be62326b0b51185c500e0e6d Mon Sep 17 00:00:00 2001
From: James Ramsay <james@jramsay.com.au>
Date: Wed, 31 Jul 2019 13:09:48 -0400
Subject: Fix mirroring help text

---
 app/views/projects/mirrors/_instructions.html.haml             | 2 +-
 changelogs/unreleased/jramsay-fix-mirroring-help-text-typo.yml | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/jramsay-fix-mirroring-help-text-typo.yml

diff --git a/app/views/projects/mirrors/_instructions.html.haml b/app/views/projects/mirrors/_instructions.html.haml
index 33e5a6e67c3..1a163cc4a54 100644
--- a/app/views/projects/mirrors/_instructions.html.haml
+++ b/app/views/projects/mirrors/_instructions.html.haml
@@ -2,7 +2,7 @@
   %ul
     %li
       = _('The repository must be accessible over <code>http://</code>,
-      <code>https://</code>, <code>ssh://</code> and <code>git://</code>.').html_safe
+      <code>https://</code>, <code>ssh://</code> or <code>git://</code>.').html_safe
     %li= _('Include the username in the URL if required: <code>https://username@gitlab.company.com/group/project.git</code>.').html_safe
     %li
       - minutes = Gitlab.config.gitlab_shell.git_timeout / 60
diff --git a/changelogs/unreleased/jramsay-fix-mirroring-help-text-typo.yml b/changelogs/unreleased/jramsay-fix-mirroring-help-text-typo.yml
new file mode 100644
index 00000000000..4c049dffc58
--- /dev/null
+++ b/changelogs/unreleased/jramsay-fix-mirroring-help-text-typo.yml
@@ -0,0 +1,5 @@
+---
+title: Fix mirroring help text
+merge_request: 31348
+author: jramsay
+type: other
-- 
cgit v1.2.1


From f5213a38cc6f9a80e98e1cbdf59f84352f0731cb Mon Sep 17 00:00:00 2001
From: Reuben Pereira <rpereira@gitlab.com>
Date: Wed, 31 Jul 2019 17:38:15 +0000
Subject: Add prometheus listen address to whitelist

- Add to whitelist so that even if local requests from hooks and
services are not allowed, the prometheus manual configuration will
still succeed.
---
 app/models/application_setting_implementation.rb   | 11 ++++
 .../application_settings/update_service.rb         |  9 ++++
 .../self_monitoring/project/create_service.rb      | 32 ++++++++---
 locale/gitlab.pot                                  |  6 +++
 .../application_settings/update_service_spec.rb    | 48 +++++++++++++++++
 .../self_monitoring/project/create_service_spec.rb | 24 ++++-----
 .../application_setting_examples.rb                | 62 +++++++++++++++++++++-
 7 files changed, 172 insertions(+), 20 deletions(-)

diff --git a/app/models/application_setting_implementation.rb b/app/models/application_setting_implementation.rb
index 6efd07a6008..4bb09bf3b53 100644
--- a/app/models/application_setting_implementation.rb
+++ b/app/models/application_setting_implementation.rb
@@ -158,9 +158,20 @@ module ApplicationSettingImplementation
   end
 
   def outbound_local_requests_whitelist_raw=(values)
+    clear_memoization(:outbound_local_requests_whitelist_arrays)
+
     self.outbound_local_requests_whitelist = domain_strings_to_array(values)
   end
 
+  def add_to_outbound_local_requests_whitelist(values_array)
+    clear_memoization(:outbound_local_requests_whitelist_arrays)
+
+    self.outbound_local_requests_whitelist ||= []
+    self.outbound_local_requests_whitelist += values_array
+
+    self.outbound_local_requests_whitelist.uniq!
+  end
+
   def outbound_local_requests_whitelist_arrays
     strong_memoize(:outbound_local_requests_whitelist_arrays) do
       next [[], []] unless self.outbound_local_requests_whitelist
diff --git a/app/services/application_settings/update_service.rb b/app/services/application_settings/update_service.rb
index 7eeaf8aade1..471df6e2d0c 100644
--- a/app/services/application_settings/update_service.rb
+++ b/app/services/application_settings/update_service.rb
@@ -15,6 +15,8 @@ module ApplicationSettings
 
       update_terms(@params.delete(:terms))
 
+      add_to_outbound_local_requests_whitelist(@params.delete(:add_to_outbound_local_requests_whitelist))
+
       if params.key?(:performance_bar_allowed_group_path)
         params[:performance_bar_allowed_group_id] = performance_bar_allowed_group_id
       end
@@ -32,6 +34,13 @@ module ApplicationSettings
       params.key?(:usage_ping_enabled) || params.key?(:version_check_enabled)
     end
 
+    def add_to_outbound_local_requests_whitelist(values)
+      values_array = Array(values).reject(&:empty?)
+      return if values_array.empty?
+
+      @application_setting.add_to_outbound_local_requests_whitelist(values_array)
+    end
+
     def update_terms(terms)
       return unless terms.present?
 
diff --git a/app/services/self_monitoring/project/create_service.rb b/app/services/self_monitoring/project/create_service.rb
index e5ef8c15456..8ffd22de127 100644
--- a/app/services/self_monitoring/project/create_service.rb
+++ b/app/services/self_monitoring/project/create_service.rb
@@ -14,6 +14,7 @@ module SelfMonitoring
       steps :validate_admins,
         :create_project,
         :add_project_members,
+        :add_to_whitelist,
         :add_prometheus_manual_configuration
 
       def initialize
@@ -59,15 +60,29 @@ module SelfMonitoring
         end
       end
 
-      def add_prometheus_manual_configuration
+      def add_to_whitelist
         return success unless prometheus_enabled?
         return success unless prometheus_listen_address.present?
 
-        # TODO: Currently, adding the internal prometheus server as a manual configuration
-        # is only possible if the setting to allow webhooks and services to connect
-        # to local network is on.
-        # https://gitlab.com/gitlab-org/gitlab-ce/issues/44496 will add
-        # a whitelist that will allow connections to certain ips on the local network.
+        uri = parse_url(internal_prometheus_listen_address_uri)
+        return error(_('Prometheus listen_address is not a valid URI')) unless uri
+
+        result = ApplicationSettings::UpdateService.new(
+          Gitlab::CurrentSettings.current_application_settings,
+          project_owner,
+          outbound_local_requests_whitelist: [uri.normalized_host]
+        ).execute
+
+        if result
+          success
+        else
+          error(_('Could not add prometheus URL to whitelist'))
+        end
+      end
+
+      def add_prometheus_manual_configuration
+        return success unless prometheus_enabled?
+        return success unless prometheus_listen_address.present?
 
         service = project.find_or_initialize_service('prometheus')
 
@@ -79,6 +94,11 @@ module SelfMonitoring
         success
       end
 
+      def parse_url(uri_string)
+        Addressable::URI.parse(uri_string)
+      rescue Addressable::URI::InvalidURIError, TypeError
+      end
+
       def prometheus_enabled?
         Gitlab.config.prometheus.enable
       rescue Settingslogic::MissingSetting
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 709226e686c..f64a9046ecb 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -3282,6 +3282,9 @@ msgstr ""
 msgid "Copy token to clipboard"
 msgstr ""
 
+msgid "Could not add prometheus URL to whitelist"
+msgstr ""
+
 msgid "Could not authorize chat nickname. Try again!"
 msgstr ""
 
@@ -8732,6 +8735,9 @@ msgstr ""
 msgid "ProjectsNew|Want to house several dependent projects under the same namespace? %{link_start}Create a group.%{link_end}"
 msgstr ""
 
+msgid "Prometheus listen_address is not a valid URI"
+msgstr ""
+
 msgid "PrometheusService|%{exporters} with %{metrics} were found"
 msgstr ""
 
diff --git a/spec/services/application_settings/update_service_spec.rb b/spec/services/application_settings/update_service_spec.rb
index 33cd1f37ff6..adb5219d691 100644
--- a/spec/services/application_settings/update_service_spec.rb
+++ b/spec/services/application_settings/update_service_spec.rb
@@ -62,6 +62,54 @@ describe ApplicationSettings::UpdateService do
     end
   end
 
+  describe 'updating outbound_local_requests_whitelist' do
+    context 'when params is blank' do
+      let(:params) { {} }
+
+      it 'does not add to whitelist' do
+        expect { subject.execute }.not_to change {
+          application_settings.outbound_local_requests_whitelist
+        }
+      end
+    end
+
+    context 'when param add_to_outbound_local_requests_whitelist contains values' do
+      before do
+        application_settings.outbound_local_requests_whitelist = ['127.0.0.1']
+      end
+
+      let(:params) { { add_to_outbound_local_requests_whitelist: ['example.com', ''] } }
+
+      it 'adds to whitelist' do
+        expect { subject.execute }.to change {
+          application_settings.outbound_local_requests_whitelist
+        }
+
+        expect(application_settings.outbound_local_requests_whitelist).to contain_exactly(
+          '127.0.0.1', 'example.com'
+        )
+      end
+    end
+
+    context 'when param outbound_local_requests_whitelist_raw is passed' do
+      before do
+        application_settings.outbound_local_requests_whitelist = ['127.0.0.1']
+      end
+
+      let(:params) { { outbound_local_requests_whitelist_raw: 'example.com;gitlab.com' } }
+
+      it 'overwrites the existing whitelist' do
+        expect { subject.execute }.to change {
+          application_settings.outbound_local_requests_whitelist
+        }
+
+        expect(application_settings.outbound_local_requests_whitelist).to contain_exactly(
+          'example.com', 'gitlab.com'
+        )
+      end
+    end
+  end
+
   describe 'performance bar settings' do
     using RSpec::Parameterized::TableSyntax
 
diff --git a/spec/services/self_monitoring/project/create_service_spec.rb b/spec/services/self_monitoring/project/create_service_spec.rb
index d11e27c6d52..a1e7aaf45f2 100644
--- a/spec/services/self_monitoring/project/create_service_spec.rb
+++ b/spec/services/self_monitoring/project/create_service_spec.rb
@@ -90,19 +90,17 @@ describe SelfMonitoring::Project::CreateService do
         )
       end
 
-      # This should pass when https://gitlab.com/gitlab-org/gitlab-ce/issues/44496
-      # is complete and the prometheus listen address is added to the whitelist.
-      # context 'when local requests from hooks and services are not allowed' do
-      #   before do
-      #     allow(ApplicationSetting)
-      #       .to receive(:current)
-      #       .and_return(
-      #         ApplicationSetting.build_from_defaults(allow_local_requests_from_hooks_and_services: false)
-      #       )
-      #   end
-
-      #   it_behaves_like 'has prometheus service', 'http://localhost:9090'
-      # end
+      context 'when local requests from hooks and services are not allowed' do
+        before do
+          allow(ApplicationSetting)
+            .to receive(:current)
+            .and_return(
+              ApplicationSetting.build_from_defaults(allow_local_requests_from_hooks_and_services: false)
+            )
+        end
+
+        it_behaves_like 'has prometheus service', 'http://localhost:9090'
+      end
 
       context 'with non default prometheus address' do
         before do
diff --git a/spec/support/shared_examples/application_setting_examples.rb b/spec/support/shared_examples/application_setting_examples.rb
index 0e6a8059376..a43d2a75082 100644
--- a/spec/support/shared_examples/application_setting_examples.rb
+++ b/spec/support/shared_examples/application_setting_examples.rb
@@ -63,6 +63,19 @@ RSpec.shared_examples 'application settings examples' do
 
   context 'outbound_local_requests_whitelist' do
     it_behaves_like 'string of domains', :outbound_local_requests_whitelist
+
+    it 'clears outbound_local_requests_whitelist_arrays memoization' do
+      setting.outbound_local_requests_whitelist_raw = 'example.com'
+
+      expect(setting.outbound_local_requests_whitelist_arrays).to contain_exactly(
+        [], ['example.com']
+      )
+
+      setting.outbound_local_requests_whitelist_raw = 'gitlab.com'
+      expect(setting.outbound_local_requests_whitelist_arrays).to contain_exactly(
+        [], ['gitlab.com']
+      )
+    end
   end
 
   context 'outbound_local_requests_whitelist_arrays' do
@@ -78,7 +91,54 @@ RSpec.shared_examples 'application settings examples' do
       ]
       domain_whitelist = ['www.example.com', 'example.com', 'subdomain.example.com']
 
-      expect(setting.outbound_local_requests_whitelist_arrays).to contain_exactly(ip_whitelist, domain_whitelist)
+      expect(setting.outbound_local_requests_whitelist_arrays).to contain_exactly(
+        ip_whitelist, domain_whitelist
+      )
+    end
+  end
+
+  context 'add_to_outbound_local_requests_whitelist' do
+    it 'adds entry to outbound_local_requests_whitelist' do
+      setting.outbound_local_requests_whitelist = ['example.com']
+
+      setting.add_to_outbound_local_requests_whitelist(
+        ['example.com', '127.0.0.1', 'gitlab.com']
+      )
+
+      expect(setting.outbound_local_requests_whitelist).to contain_exactly(
+        'example.com',
+        '127.0.0.1',
+        'gitlab.com'
+      )
+    end
+
+    it 'clears outbound_local_requests_whitelist_arrays memoization' do
+      setting.outbound_local_requests_whitelist = ['example.com']
+
+      expect(setting.outbound_local_requests_whitelist_arrays).to contain_exactly(
+        [],
+        ['example.com']
+      )
+
+      setting.add_to_outbound_local_requests_whitelist(
+        ['example.com', 'gitlab.com']
+      )
+
+      expect(setting.outbound_local_requests_whitelist_arrays).to contain_exactly(
+        [],
+        ['example.com', 'gitlab.com']
+      )
+    end
+
+    it 'does not raise error with nil' do
+      setting.outbound_local_requests_whitelist = nil
+
+      setting.add_to_outbound_local_requests_whitelist(['gitlab.com'])
+
+      expect(setting.outbound_local_requests_whitelist).to contain_exactly('gitlab.com')
+      expect(setting.outbound_local_requests_whitelist_arrays).to contain_exactly(
+        [], ['gitlab.com']
+      )
     end
 
     it 'does not raise error with nil' do
-- 
cgit v1.2.1


From 8992013689e358328d9ae74623b9b29d80f7b17b Mon Sep 17 00:00:00 2001
From: Heinrich Lee Yu <heinrich@gitlab.com>
Date: Thu, 1 Aug 2019 01:57:04 +0800
Subject: Fix bug when moving batches of items to the end

Starts from START_POSITION when there are no existing
positions.

Also improves the test to actually test the behavior
---
 app/controllers/boards/issues_controller.rb             |  2 +-
 app/models/concerns/relative_positioning.rb             |  4 ++--
 .../relative_positioning_shared_examples.rb             | 17 ++++++++++-------
 3 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/app/controllers/boards/issues_controller.rb b/app/controllers/boards/issues_controller.rb
index 90528f75ffd..1d1a72d21f1 100644
--- a/app/controllers/boards/issues_controller.rb
+++ b/app/controllers/boards/issues_controller.rb
@@ -26,7 +26,7 @@ module Boards
       list_service = Boards::Issues::ListService.new(board_parent, current_user, filter_params)
       issues = list_service.execute
       issues = issues.page(params[:page]).per(params[:per] || 20).without_count
-      Issue.move_to_end(issues) if Gitlab::Database.read_write?
+      Issue.move_nulls_to_end(issues) if Gitlab::Database.read_write?
       issues = issues.preload(:milestone,
                               :assignees,
                               project: [
diff --git a/app/models/concerns/relative_positioning.rb b/app/models/concerns/relative_positioning.rb
index 9cd7b8d6258..4a1441805fc 100644
--- a/app/models/concerns/relative_positioning.rb
+++ b/app/models/concerns/relative_positioning.rb
@@ -34,7 +34,7 @@ module RelativePositioning
   end
 
   class_methods do
-    def move_to_end(objects)
+    def move_nulls_to_end(objects)
       objects = objects.reject(&:relative_position)
 
       return if objects.empty?
@@ -43,7 +43,7 @@ module RelativePositioning
 
       self.transaction do
         objects.each do |object|
-          relative_position = position_between(max_relative_position, MAX_POSITION)
+          relative_position = position_between(max_relative_position || START_POSITION, MAX_POSITION)
           object.relative_position = relative_position
           max_relative_position = relative_position
           object.save(touch: false)
diff --git a/spec/support/shared_examples/relative_positioning_shared_examples.rb b/spec/support/shared_examples/relative_positioning_shared_examples.rb
index 5ee62644c54..45eacf3721e 100644
--- a/spec/support/shared_examples/relative_positioning_shared_examples.rb
+++ b/spec/support/shared_examples/relative_positioning_shared_examples.rb
@@ -9,24 +9,27 @@ RSpec.shared_examples "a class that supports relative positioning" do
     create(factory, params.merge(default_params))
   end
 
-  describe '.move_to_end' do
-    it 'moves the object to the end' do
-      item1.update(relative_position: 5)
-      item2.update(relative_position: 15)
-
-      described_class.move_to_end([item1, item2])
+  describe '.move_nulls_to_end' do
+    it 'moves items with null relative_position to the end' do
+      described_class.move_nulls_to_end([item1, item2])
 
       expect(item2.prev_relative_position).to eq item1.relative_position
       expect(item1.prev_relative_position).to eq nil
       expect(item2.next_relative_position).to eq nil
     end
 
+    it 'moves the item near the start position when there are no existing positions' do
+      described_class.move_nulls_to_end([item1])
+
+      expect(item1.relative_position).to eq(described_class::START_POSITION + described_class::IDEAL_DISTANCE)
+    end
+
     it 'does not perform any moves if all items have their relative_position set' do
       item1.update!(relative_position: 1)
 
       expect(item1).not_to receive(:save)
 
-      described_class.move_to_end([item1])
+      described_class.move_nulls_to_end([item1])
     end
   end
 
-- 
cgit v1.2.1


From 9241ba276d1d4396b5d3eb3e847a914eeeba55b2 Mon Sep 17 00:00:00 2001
From: Douglas Barbosa Alexandre <dbalexandre@gmail.com>
Date: Mon, 29 Jul 2019 21:05:24 -0300
Subject: Update list of unreplicated/unverified data types

---
 doc/administration/geo/replication/index.md | 67 +++++++++++++++++------------
 1 file changed, 40 insertions(+), 27 deletions(-)

diff --git a/doc/administration/geo/replication/index.md b/doc/administration/geo/replication/index.md
index b5789c87e47..dc49a95e008 100644
--- a/doc/administration/geo/replication/index.md
+++ b/doc/administration/geo/replication/index.md
@@ -245,35 +245,48 @@ This list of limitations only reflects the latest version of GitLab. If you are
 - Object pools for forked project deduplication work only on the **primary** node, and are duplicated on the **secondary** node.
 - [External merge request diffs](../../merge_request_diffs.md) will not be replicated if they are on-disk, and viewing merge requests will fail. However, external MR diffs in object storage **are** supported. The default configuration (in-database) does work.
 
-### Limitations on replication
-
-Only the following items are replicated to the **secondary** node:
-
-- All database content. For example, snippets, epics, issues, merge requests, groups, and project metadata.
-- Project repositories.
-- Project wiki repositories.
-- User uploads. For example, attachments to issues, merge requests, epics, and avatars.
-- CI job artifacts and traces.
+### Limitations on replication/verification
+
+The following table lists the GitLab features along with their replication
+and verification status on a **secondary** node.
+
+You can keep track of the progress to include the missing items in:
+
+- [ee-893](https://gitlab.com/groups/gitlab-org/-/epics/893).
+- [ee-1430](https://gitlab.com/groups/gitlab-org/-/epics/1430).
+
+| Feature | Replicated | Verified |
+|-----------|------------|----------|
+| All database content (e.g. snippets, epics, issues, merge requests, groups, and project metadata)  | Yes | Yes |
+| Project repository | Yes | Yes |
+| Project wiki repository | Yes | Yes |
+| Project designs repository | No | No |
+| Uploads (e.g. attachments to issues, merge requests, epics, and avatars) | Yes | Yes, only on transfer, or manually (1) |
+| LFS Objects | Yes | Yes, only on transfer, or manually (1) |
+| CI job artifacts (other than traces) | Yes | No, only manually (1) |
+| Archived traces | Yes | Yes, only on transfer, or manually (1) |
+| Personal snippets | Yes | Yes |
+| Version-controlled personal snippets ([unsupported](https://gitlab.com/gitlab-org/gitlab-ce/issues/13426)) | No | No |
+| Project snippets | Yes | Yes |
+| Version-controlled project snippets ([unsupported](https://gitlab.com/gitlab-org/gitlab-ce/issues/13426)) | No | No |
+| Object pools for forked project deduplication | No | No |
+| [Server-side Git Hooks](../../custom_hooks.md) | No | No |
+| [Elasticsearch integration](../../../integration/elasticsearch.md) | No | No |
+| [GitLab Pages](../../pages/index.md) | No | No |
+| [Container Registry](../../container_registry.md) ([track progress](https://gitlab.com/gitlab-org/gitlab-ee/issues/2870)) | No | No |
+| [NPM Registry](../../npm_registry.md) | No | No |
+| [Maven Packages](../../maven_packages.md) | No | No |
+| [External merge request diffs](../../merge_request_diffs.md) | No, if they are on-disk | No |
+| Content in object storage ([track progress](https://gitlab.com/groups/gitlab-org/-/epics/1526)) | No | No |
+
+1. The integrity can be verified manually using [Integrity Check Rake Task](../../raketasks/check.md) on both nodes and comparing the output between them.
 
 DANGER: **DANGER**
-Data not on this list is unavailable on the **secondary** node. Failing over without manually replicating data not on this list will cause the data to be **lost**.
-
-### Examples of data not replicated
-
-Take special note that these examples of GitLab features are both:
-
-- Commonly used.
-- **Not** replicated by Geo at present.
-
-Examples include:
-
-- [Elasticsearch integration](../../../integration/elasticsearch.md).
-- [Container Registry](../../container_registry.md). [Object Storage](object_storage.md) can mitigate this.
-- [GitLab Pages](../../pages/index.md).
-- [Mattermost integration](https://docs.gitlab.com/omnibus/gitlab-mattermost/).
-
-CAUTION: **Caution:**
-If you wish to use them on a **secondary** node, or to execute a failover successfully, you will need to replicate their data using some other means.
+Features not on this list, or with **No** in the **Replicated** column,
+are not replicated on the **secondary** node. Failing over without manually
+replicating data from those features will cause the data to be **lost**.
+If you wish to use those features on a **secondary** node, or to execute a failover
+successfully, you must replicate their data using some other means.
 
 ## Frequently Asked Questions
 
-- 
cgit v1.2.1


From 1c24ebb0f44e7281c578510848aeec9cdbec1ffd Mon Sep 17 00:00:00 2001
From: Brett Walker <bwalker@gitlab.com>
Date: Wed, 17 Jul 2019 09:38:22 -0500
Subject: Remove backend use of manual_sorting feature flag

---
 app/controllers/groups_controller.rb               | 4 ----
 app/controllers/projects/issues_controller.rb      | 4 ----
 app/views/shared/issuable/_sort_dropdown.html.haml | 2 +-
 3 files changed, 1 insertion(+), 9 deletions(-)

diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb
index dda321bac79..5472ef05d7c 100644
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -7,10 +7,6 @@ class GroupsController < Groups::ApplicationController
   include PreviewMarkdown
   include RecordUserLastActivity
 
-  before_action do
-    push_frontend_feature_flag(:manual_sorting, default_enabled: true)
-  end
-
   respond_to :html
 
   prepend_before_action(only: [:show, :issues]) { authenticate_sessionless_user!(:rss) }
diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb
index db7ca7ef0d7..bc9166b9df3 100644
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -10,10 +10,6 @@ class Projects::IssuesController < Projects::ApplicationController
   include SpammableActions
   include RecordUserLastActivity
 
-  before_action do
-    push_frontend_feature_flag(:manual_sorting, default_enabled: true)
-  end
-
   def issue_except_actions
     %i[index calendar new create bulk_update import_csv]
   end
diff --git a/app/views/shared/issuable/_sort_dropdown.html.haml b/app/views/shared/issuable/_sort_dropdown.html.haml
index df0523595f5..8260915c2ab 100644
--- a/app/views/shared/issuable/_sort_dropdown.html.haml
+++ b/app/views/shared/issuable/_sort_dropdown.html.haml
@@ -1,7 +1,7 @@
 - sort_value = @sort
 - sort_title = issuable_sort_option_title(sort_value)
 - viewing_issues = controller.controller_name == 'issues' || controller.action_name == 'issues'
-- manual_sorting = viewing_issues && controller.controller_name != 'dashboard' && Feature.enabled?(:manual_sorting, default_enabled: true)
+- manual_sorting = viewing_issues && controller.controller_name != 'dashboard'
 
 .dropdown.inline.prepend-left-10.issue-sort-dropdown
   .btn-group{ role: 'group' }
-- 
cgit v1.2.1


From 7b6c37946d23e19ac65c23fa79c9d9e41d0218af Mon Sep 17 00:00:00 2001
From: Rajat Jain <rjain@gitlab.com>
Date: Fri, 26 Jul 2019 13:55:36 +0530
Subject: Remove manual_sorting flag from FE

---
 app/assets/javascripts/manual_ordering.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/assets/javascripts/manual_ordering.js b/app/assets/javascripts/manual_ordering.js
index 012d1e70410..29a0e5a904a 100644
--- a/app/assets/javascripts/manual_ordering.js
+++ b/app/assets/javascripts/manual_ordering.js
@@ -21,7 +21,7 @@ const updateIssue = (url, issueList, { move_before_id, move_after_id }) =>
 const initManualOrdering = () => {
   const issueList = document.querySelector('.manual-ordering');
 
-  if (!issueList || !(gon.features && gon.features.manualSorting) || !(gon.current_user_id > 0)) {
+  if (!issueList || !(gon.current_user_id > 0)) {
     return;
   }
 
-- 
cgit v1.2.1


From e38c683e41b5d280145cc244fa2f3febad2f7c96 Mon Sep 17 00:00:00 2001
From: Nick Thomas <nick@gitlab.com>
Date: Wed, 31 Jul 2019 20:36:45 +0100
Subject: Run rake gettext:regenerate

---
 locale/gitlab.pot | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 709226e686c..18f016351c8 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -10969,7 +10969,7 @@ msgstr ""
 msgid "The repository must be accessible over <code>http://</code>, <code>https://</code> or <code>git://</code>."
 msgstr ""
 
-msgid "The repository must be accessible over <code>http://</code>, <code>https://</code>, <code>ssh://</code> and <code>git://</code>."
+msgid "The repository must be accessible over <code>http://</code>, <code>https://</code>, <code>ssh://</code> or <code>git://</code>."
 msgstr ""
 
 msgid "The review stage shows the time from creating the merge request to merging it. The data will automatically be added after you merge your first merge request."
-- 
cgit v1.2.1


From 31e419e945f8058be58487057bf77c338ca8f536 Mon Sep 17 00:00:00 2001
From: Ash McKenzie <amckenzie@gitlab.com>
Date: Wed, 31 Jul 2019 10:41:11 +1000
Subject: Add new Feature.remove method

---
 lib/feature.rb           |  7 +++++++
 spec/lib/feature_spec.rb | 16 ++++++++++++++++
 2 files changed, 23 insertions(+)

diff --git a/lib/feature.rb b/lib/feature.rb
index e28333aa58e..c70a6980f19 100644
--- a/lib/feature.rb
+++ b/lib/feature.rb
@@ -80,6 +80,13 @@ class Feature
       get(key).disable_group(group)
     end
 
+    def remove(key)
+      feature = get(key)
+      return unless persisted?(feature)
+
+      feature.remove
+    end
+
     def flipper
       if Gitlab::SafeRequestStore.active?
         Gitlab::SafeRequestStore[:flipper] ||= build_flipper_instance
diff --git a/spec/lib/feature_spec.rb b/spec/lib/feature_spec.rb
index 185abacf8e7..3d59b1f35a9 100644
--- a/spec/lib/feature_spec.rb
+++ b/spec/lib/feature_spec.rb
@@ -254,6 +254,22 @@ describe Feature do
     end
   end
 
+  describe '.remove' do
+    context 'for a non-persisted feature' do
+      it 'returns nil' do
+        expect(described_class.remove(:non_persisted_feature_flag)).to be_nil
+      end
+    end
+
+    context 'for a persisted feature' do
+      it 'returns true' do
+        described_class.enable(:persisted_feature_flag)
+
+        expect(described_class.remove(:persisted_feature_flag)).to be_truthy
+      end
+    end
+  end
+
   describe Feature::Target do
     describe '#targets' do
       let(:project) { create(:project) }
-- 
cgit v1.2.1


From 7a5c4cd0ca692e2fac0d648726b71dcd304602ec Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Wed, 31 Jul 2019 15:38:02 -0700
Subject: Fix SystemStackError when Peek bar is active with Rugged calls

Peek attempts to serialize results with `to_json`, which calls
`ActiveSupport::JSON`. If an object is passed to `to_json` that contains
instance variables, `ActiveSupport` will attempt to recursively traverse
all variables.

The problem is that we can get into an infinite loop if the instance
references to an instance that references to something else that points
back to the same instance.

To avoid this mess, we just call `to_s` on the object. It appears only
`Gitlab::Git::Repository` and `::Repository` are the culprits here.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/65404
---
 lib/peek/views/rugged.rb           |  8 ++++++--
 spec/lib/peek/views/rugged_spec.rb | 10 +++++++---
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/lib/peek/views/rugged.rb b/lib/peek/views/rugged.rb
index 6b9d3e7b1a3..18b3f422852 100644
--- a/lib/peek/views/rugged.rb
+++ b/lib/peek/views/rugged.rb
@@ -29,8 +29,12 @@ module Peek
 
       def format_args(args)
         args.map do |arg|
-          # Needed to avoid infinite as_json calls
-          if arg.is_a?(Gitlab::Git::Repository)
+          # ActiveSupport::JSON recursively calls as_json on all
+          # instance variables, and if that instance variable points to
+          # something that refers back to the same instance, we can wind
+          # up in an infinite loop. Currently this only seems to happen with
+          # Gitlab::Git::Repository and ::Repository.
+          if arg.instance_variables.present?
             arg.to_s
           else
             arg
diff --git a/spec/lib/peek/views/rugged_spec.rb b/spec/lib/peek/views/rugged_spec.rb
index 8bf996fc6bc..d07d6b51a1f 100644
--- a/spec/lib/peek/views/rugged_spec.rb
+++ b/spec/lib/peek/views/rugged_spec.rb
@@ -24,7 +24,7 @@ describe Peek::Views::Rugged, :request_store do
                                                      args: [project.repository.raw, 'HEAD'],
                                                      duration: 0.123)
     ::Gitlab::RuggedInstrumentation.add_call_details(feature: :rugged_test2,
-                                                     args: [project.repository.raw, 'refs/heads/master'],
+                                                     args: [project.repository, 'refs/heads/master'],
                                                      duration: 0.456)
 
     results = subject.results
@@ -32,7 +32,11 @@ describe Peek::Views::Rugged, :request_store do
     expect(results[:duration]).to eq('1234.00ms')
     expect(results[:details].count).to eq(2)
 
-    expect(results[:details][0][:args]).to eq([project.repository.raw.to_s, "refs/heads/master"])
-    expect(results[:details][1][:args]).to eq([project.repository.raw.to_s, "HEAD"])
+    expected = [
+      [project.repository.raw.to_s, "HEAD"],
+      [project.repository.to_s, "refs/heads/master"]
+    ]
+
+    expect(results[:details].map { |data| data[:args] }).to match_array(expected)
   end
 end
-- 
cgit v1.2.1


From f4cd926cf3eec069396ab995b3553f40617c19e6 Mon Sep 17 00:00:00 2001
From: Oswaldo Ferreira <oswaldo@gitlab.com>
Date: Tue, 23 Jul 2019 21:51:23 -0300
Subject: Add exclusive lease to mergeability check process

Concurrent calls to UserMergeToRef RPC updating a single ref
can lead to an opaque fail that is being rescued at Gitaly.

So this commit adds an exclusive lease to the mergeability
check process with the key as the current MR ID.
---
 app/models/merge_request.rb                        |  2 +-
 .../merge_requests/mergeability_check_service.rb   | 45 +++++++++++-
 .../osw-avoid-errors-due-to-concurrent-calls.yml   |  5 ++
 lib/gitlab/exclusive_lease_helpers.rb              |  5 +-
 spec/lib/gitlab/exclusive_lease_helpers_spec.rb    | 17 +++--
 spec/requests/api/merge_requests_spec.rb           |  2 +-
 .../mergeability_check_service_spec.rb             | 79 +++++++++++++++++-----
 7 files changed, 128 insertions(+), 27 deletions(-)
 create mode 100644 changelogs/unreleased/osw-avoid-errors-due-to-concurrent-calls.yml

diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb
index 8ade91933a4..5e8a6a7d5e5 100644
--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -752,7 +752,7 @@ class MergeRequest < ApplicationRecord
   end
 
   def check_mergeability
-    MergeRequests::MergeabilityCheckService.new(self).execute
+    MergeRequests::MergeabilityCheckService.new(self).execute(retry_lease: false)
   end
   # rubocop: enable CodeReuse/ServiceClass
 
diff --git a/app/services/merge_requests/mergeability_check_service.rb b/app/services/merge_requests/mergeability_check_service.rb
index 9fa50c9448f..962e2327b3e 100644
--- a/app/services/merge_requests/mergeability_check_service.rb
+++ b/app/services/merge_requests/mergeability_check_service.rb
@@ -3,6 +3,7 @@
 module MergeRequests
   class MergeabilityCheckService < ::BaseService
     include Gitlab::Utils::StrongMemoize
+    include Gitlab::ExclusiveLeaseHelpers
 
     delegate :project, to: :@merge_request
     delegate :repository, to: :project
@@ -21,13 +22,35 @@ module MergeRequests
     # where we need the current state of the merge ref in repository, the `recheck`
     # argument is required.
     #
+    # retry_lease - Concurrent calls wait for at least 10 seconds until the
+    # lease is granted (other process finishes running). Returns an error
+    # ServiceResponse if the lease is not granted during this time.
+    #
     # Returns a ServiceResponse indicating merge_status is/became can_be_merged
     # and the merge-ref is synced. Success in case of being/becoming mergeable,
     # error otherwise.
-    def execute(recheck: false)
+    def execute(recheck: false, retry_lease: true)
       return ServiceResponse.error(message: 'Invalid argument') unless merge_request
       return ServiceResponse.error(message: 'Unsupported operation') if Gitlab::Database.read_only?
+      return check_mergeability(recheck) unless merge_ref_auto_sync_lock_enabled?
+
+      in_write_lock(retry_lease: retry_lease) do |retried|
+        # When multiple calls are waiting for the same lock (retry_lease),
+        # it's possible that when granted, the MR status was already updated for
+        # that object, therefore we reset if there was a lease retry.
+        merge_request.reset if retried
+
+        check_mergeability(recheck)
+      end
+    rescue FailedToObtainLockError => error
+      ServiceResponse.error(message: error.message)
+    end
+
+    private
+
+    attr_reader :merge_request
 
+    def check_mergeability(recheck)
       recheck! if recheck
       update_merge_status
 
@@ -46,9 +69,21 @@ module MergeRequests
       ServiceResponse.success(payload: payload)
     end
 
-    private
+    # It's possible for this service to send concurrent requests to Gitaly in order
+    # to "git update-ref" the same ref. Therefore we handle a light exclusive
+    # lease here.
+    #
+    def in_write_lock(retry_lease:, &block)
+      lease_key = "mergeability_check:#{merge_request.id}"
 
-    attr_reader :merge_request
+      lease_opts = {
+        ttl:       1.minute,
+        retries:   retry_lease ? 10 : 0,
+        sleep_sec: retry_lease ? 1.second : 0
+      }
+
+      in_lock(lease_key, lease_opts, &block)
+    end
 
     def payload
       strong_memoize(:payload) do
@@ -116,5 +151,9 @@ module MergeRequests
     def merge_ref_auto_sync_enabled?
       Feature.enabled?(:merge_ref_auto_sync, project, default_enabled: true)
     end
+
+    def merge_ref_auto_sync_lock_enabled?
+      Feature.enabled?(:merge_ref_auto_sync_lock, project, default_enabled: true)
+    end
   end
 end
diff --git a/changelogs/unreleased/osw-avoid-errors-due-to-concurrent-calls.yml b/changelogs/unreleased/osw-avoid-errors-due-to-concurrent-calls.yml
new file mode 100644
index 00000000000..17ff1b012cf
--- /dev/null
+++ b/changelogs/unreleased/osw-avoid-errors-due-to-concurrent-calls.yml
@@ -0,0 +1,5 @@
+---
+title: Add exclusive lease to mergeability check process
+merge_request: 31082
+author:
+type: fixed
diff --git a/lib/gitlab/exclusive_lease_helpers.rb b/lib/gitlab/exclusive_lease_helpers.rb
index 7961d4bbd6e..61eb030563d 100644
--- a/lib/gitlab/exclusive_lease_helpers.rb
+++ b/lib/gitlab/exclusive_lease_helpers.rb
@@ -15,17 +15,18 @@ module Gitlab
       raise ArgumentError, 'Key needs to be specified' unless key
 
       lease = Gitlab::ExclusiveLease.new(key, timeout: ttl)
+      retried = false
 
       until uuid = lease.try_obtain
         # Keep trying until we obtain the lease. To prevent hammering Redis too
         # much we'll wait for a bit.
         sleep(sleep_sec)
-        break if (retries -= 1) < 0
+        (retries -= 1) < 0 ? break : retried ||= true
       end
 
       raise FailedToObtainLockError, 'Failed to obtain a lock' unless uuid
 
-      yield
+      yield(retried)
     ensure
       Gitlab::ExclusiveLease.cancel(key, uuid)
     end
diff --git a/spec/lib/gitlab/exclusive_lease_helpers_spec.rb b/spec/lib/gitlab/exclusive_lease_helpers_spec.rb
index 5107e1efbbd..c3b706fc538 100644
--- a/spec/lib/gitlab/exclusive_lease_helpers_spec.rb
+++ b/spec/lib/gitlab/exclusive_lease_helpers_spec.rb
@@ -25,13 +25,13 @@ describe Gitlab::ExclusiveLeaseHelpers, :clean_gitlab_redis_shared_state do
       end
 
       it 'calls the given block' do
-        expect { |b| class_instance.in_lock(unique_key, &b) }.to yield_control.once
+        expect { |b| class_instance.in_lock(unique_key, &b) }.to yield_with_args(false)
       end
 
       it 'calls the given block continuously' do
-        expect { |b| class_instance.in_lock(unique_key, &b) }.to yield_control.once
-        expect { |b| class_instance.in_lock(unique_key, &b) }.to yield_control.once
-        expect { |b| class_instance.in_lock(unique_key, &b) }.to yield_control.once
+        expect { |b| class_instance.in_lock(unique_key, &b) }.to yield_with_args(false)
+        expect { |b| class_instance.in_lock(unique_key, &b) }.to yield_with_args(false)
+        expect { |b| class_instance.in_lock(unique_key, &b) }.to yield_with_args(false)
       end
 
       it 'cancels the exclusive lease after the block' do
@@ -68,6 +68,15 @@ describe Gitlab::ExclusiveLeaseHelpers, :clean_gitlab_redis_shared_state do
 
           expect { subject }.to raise_error('Failed to obtain a lock')
         end
+
+        context 'when lease is granted after retry' do
+          it 'yields block with true' do
+            expect(lease).to receive(:try_obtain).exactly(3).times { nil }
+            expect(lease).to receive(:try_obtain).once { unique_key }
+
+            expect { |b| class_instance.in_lock(unique_key, &b) }.to yield_with_args(true)
+          end
+        end
       end
 
       context 'when sleep second is specified' do
diff --git a/spec/requests/api/merge_requests_spec.rb b/spec/requests/api/merge_requests_spec.rb
index 7a6f1cd548c..15d6db42760 100644
--- a/spec/requests/api/merge_requests_spec.rb
+++ b/spec/requests/api/merge_requests_spec.rb
@@ -1571,7 +1571,7 @@ describe API::MergeRequests do
     end
   end
 
-  describe "GET /projects/:id/merge_requests/:merge_request_iid/merge_ref" do
+  describe "GET /projects/:id/merge_requests/:merge_request_iid/merge_ref", :clean_gitlab_redis_shared_state do
     before do
       merge_request.mark_as_unchecked!
     end
diff --git a/spec/services/merge_requests/mergeability_check_service_spec.rb b/spec/services/merge_requests/mergeability_check_service_spec.rb
index 6e827f2ea5b..a864da0a6fb 100644
--- a/spec/services/merge_requests/mergeability_check_service_spec.rb
+++ b/spec/services/merge_requests/mergeability_check_service_spec.rb
@@ -2,7 +2,7 @@
 
 require 'spec_helper'
 
-describe MergeRequests::MergeabilityCheckService do
+describe MergeRequests::MergeabilityCheckService, :clean_gitlab_redis_shared_state do
   shared_examples_for 'unmergeable merge request' do
     it 'updates or keeps merge status as cannot_be_merged' do
       subject
@@ -60,24 +60,69 @@ describe MergeRequests::MergeabilityCheckService do
 
     subject { described_class.new(merge_request).execute }
 
+    def execute_within_threads(amount:, retry_lease: true)
+      threads = []
+
+      amount.times do
+        # Let's use a different object for each thread to get closer
+        # to a real world scenario.
+        mr = MergeRequest.find(merge_request.id)
+
+        threads << Thread.new do
+          described_class.new(mr).execute(retry_lease: retry_lease)
+        end
+      end
+
+      threads.each(&:join)
+      threads
+    end
+
     before do
       project.add_developer(merge_request.author)
     end
 
     it_behaves_like 'mergeable merge request'
 
-    context 'when multiple calls to the service' do
-      it 'returns success' do
-        subject
-        result = subject
+    context 'when lock is disabled' do
+      before do
+        stub_feature_flags(merge_ref_auto_sync_lock: false)
+      end
 
-        expect(result).to be_a(ServiceResponse)
-        expect(result.success?).to be(true)
+      it_behaves_like 'mergeable merge request'
+    end
+
+    context 'when concurrent calls' do
+      it 'waits first lock and returns "cached" result in subsequent calls' do
+        threads = execute_within_threads(amount: 3)
+        results = threads.map { |t| t.value.status }
+
+        expect(results).to contain_exactly(:success, :success, :success)
+      end
+
+      it 'writes the merge-ref once' do
+        service = instance_double(MergeRequests::MergeToRefService)
+
+        expect(MergeRequests::MergeToRefService).to receive(:new).once { service }
+        expect(service).to receive(:execute).once.and_return(success: true)
+
+        execute_within_threads(amount: 3)
       end
 
-      it 'second call does not change the merge-ref' do
-        expect { subject }.to change(merge_request, :merge_ref_head).from(nil)
-        expect { subject }.not_to change(merge_request.merge_ref_head, :id)
+      it 'resets one merge request upon execution' do
+        expect_any_instance_of(MergeRequest).to receive(:reset).once
+
+        execute_within_threads(amount: 2)
+      end
+
+      context 'when retry_lease flag is false' do
+        it 'the first call succeeds, subsequent concurrent calls get a lock error response' do
+          threads = execute_within_threads(amount: 3, retry_lease: false)
+          results = threads.map { |t| [t.value.status, t.value.message] }
+
+          expect(results).to contain_exactly([:error, 'Failed to obtain a lock'],
+                                             [:error, 'Failed to obtain a lock'],
+                                             [:success, nil])
+        end
       end
     end
 
@@ -102,8 +147,7 @@ describe MergeRequests::MergeabilityCheckService do
 
     context 'when broken' do
       before do
-        allow(merge_request).to receive(:broken?) { true }
-        allow(project.repository).to receive(:can_be_merged?) { false }
+        expect(merge_request).to receive(:broken?) { true }
       end
 
       it_behaves_like 'unmergeable merge request'
@@ -117,10 +161,13 @@ describe MergeRequests::MergeabilityCheckService do
       end
     end
 
-    context 'when it has conflicts' do
-      before do
-        allow(merge_request).to receive(:broken?) { false }
-        allow(project.repository).to receive(:can_be_merged?) { false }
+    context 'when it cannot be merged on git' do
+      let(:merge_request) do
+        create(:merge_request,
+               merge_status: :unchecked,
+               source_branch: 'conflict-resolvable',
+               source_project: project,
+               target_branch: 'conflict-start')
       end
 
       it_behaves_like 'unmergeable merge request'
-- 
cgit v1.2.1


From 8fcd24c822ea99b8a42bd73638219bd8fd154116 Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Wed, 31 Jul 2019 23:55:37 +0000
Subject: Update label documentation

Update label documentation with newer screenshots, cut long
lines, and touch up the text, especially the delete label
section. Also adds new screenshots for clarity
---
 doc/user/project/img/key_value_labels.png          | Bin 6208 -> 0 bytes
 doc/user/project/img/labels_default.png            | Bin 35620 -> 0 bytes
 doc/user/project/img/labels_default_v12_1.png      | Bin 0 -> 207994 bytes
 doc/user/project/img/labels_delete_v12_1.png       | Bin 0 -> 29186 bytes
 .../project/img/labels_drag_priority_v12_1.gif     | Bin 0 -> 958437 bytes
 doc/user/project/img/labels_epic_sidebar.png       | Bin 47869 -> 0 bytes
 doc/user/project/img/labels_epic_sidebar_v12_1.png | Bin 0 -> 318960 bytes
 doc/user/project/img/labels_generate_default.png   | Bin 25797 -> 0 bytes
 .../project/img/labels_generate_default_v12_1.png  | Bin 0 -> 244739 bytes
 doc/user/project/img/labels_group_issues.png       | Bin 92070 -> 0 bytes
 doc/user/project/img/labels_group_issues_v12_1.png | Bin 0 -> 391121 bytes
 doc/user/project/img/labels_key_value_v12_1.png    | Bin 0 -> 332077 bytes
 doc/user/project/img/labels_list.png               | Bin 75215 -> 0 bytes
 doc/user/project/img/labels_list_v12_1.png         | Bin 0 -> 360298 bytes
 .../project/img/labels_new_label_from_sidebar.gif  | Bin 0 -> 759243 bytes
 doc/user/project/img/labels_prioritized.png        | Bin 56353 -> 0 bytes
 doc/user/project/img/labels_prioritized_v12_1.png  | Bin 0 -> 178652 bytes
 doc/user/project/img/labels_promotion.png          | Bin 44021 -> 0 bytes
 doc/user/project/img/labels_promotion_v12_1.png    | Bin 0 -> 29215 bytes
 doc/user/project/img/labels_subscriptions.png      | Bin 31716 -> 0 bytes
 .../project/img/labels_subscriptions_v12_1.png     | Bin 0 -> 138684 bytes
 doc/user/project/img/new_label_from_sidebar.gif    | Bin 759243 -> 0 bytes
 doc/user/project/labels.md                         | 183 +++++++++++++++------
 23 files changed, 131 insertions(+), 52 deletions(-)
 delete mode 100644 doc/user/project/img/key_value_labels.png
 delete mode 100644 doc/user/project/img/labels_default.png
 create mode 100644 doc/user/project/img/labels_default_v12_1.png
 create mode 100644 doc/user/project/img/labels_delete_v12_1.png
 create mode 100644 doc/user/project/img/labels_drag_priority_v12_1.gif
 delete mode 100644 doc/user/project/img/labels_epic_sidebar.png
 create mode 100644 doc/user/project/img/labels_epic_sidebar_v12_1.png
 delete mode 100644 doc/user/project/img/labels_generate_default.png
 create mode 100644 doc/user/project/img/labels_generate_default_v12_1.png
 delete mode 100644 doc/user/project/img/labels_group_issues.png
 create mode 100644 doc/user/project/img/labels_group_issues_v12_1.png
 create mode 100644 doc/user/project/img/labels_key_value_v12_1.png
 delete mode 100644 doc/user/project/img/labels_list.png
 create mode 100644 doc/user/project/img/labels_list_v12_1.png
 create mode 100644 doc/user/project/img/labels_new_label_from_sidebar.gif
 delete mode 100644 doc/user/project/img/labels_prioritized.png
 create mode 100644 doc/user/project/img/labels_prioritized_v12_1.png
 delete mode 100644 doc/user/project/img/labels_promotion.png
 create mode 100644 doc/user/project/img/labels_promotion_v12_1.png
 delete mode 100644 doc/user/project/img/labels_subscriptions.png
 create mode 100644 doc/user/project/img/labels_subscriptions_v12_1.png
 delete mode 100644 doc/user/project/img/new_label_from_sidebar.gif

diff --git a/doc/user/project/img/key_value_labels.png b/doc/user/project/img/key_value_labels.png
deleted file mode 100644
index bec901f127f..00000000000
Binary files a/doc/user/project/img/key_value_labels.png and /dev/null differ
diff --git a/doc/user/project/img/labels_default.png b/doc/user/project/img/labels_default.png
deleted file mode 100644
index 221c5cf55a2..00000000000
Binary files a/doc/user/project/img/labels_default.png and /dev/null differ
diff --git a/doc/user/project/img/labels_default_v12_1.png b/doc/user/project/img/labels_default_v12_1.png
new file mode 100644
index 00000000000..4a0a6ba9ce0
Binary files /dev/null and b/doc/user/project/img/labels_default_v12_1.png differ
diff --git a/doc/user/project/img/labels_delete_v12_1.png b/doc/user/project/img/labels_delete_v12_1.png
new file mode 100644
index 00000000000..2e0ea934519
Binary files /dev/null and b/doc/user/project/img/labels_delete_v12_1.png differ
diff --git a/doc/user/project/img/labels_drag_priority_v12_1.gif b/doc/user/project/img/labels_drag_priority_v12_1.gif
new file mode 100644
index 00000000000..a568490da5f
Binary files /dev/null and b/doc/user/project/img/labels_drag_priority_v12_1.gif differ
diff --git a/doc/user/project/img/labels_epic_sidebar.png b/doc/user/project/img/labels_epic_sidebar.png
deleted file mode 100644
index f8162d89e9d..00000000000
Binary files a/doc/user/project/img/labels_epic_sidebar.png and /dev/null differ
diff --git a/doc/user/project/img/labels_epic_sidebar_v12_1.png b/doc/user/project/img/labels_epic_sidebar_v12_1.png
new file mode 100644
index 00000000000..7e05c6d1ce4
Binary files /dev/null and b/doc/user/project/img/labels_epic_sidebar_v12_1.png differ
diff --git a/doc/user/project/img/labels_generate_default.png b/doc/user/project/img/labels_generate_default.png
deleted file mode 100644
index 982a4df999c..00000000000
Binary files a/doc/user/project/img/labels_generate_default.png and /dev/null differ
diff --git a/doc/user/project/img/labels_generate_default_v12_1.png b/doc/user/project/img/labels_generate_default_v12_1.png
new file mode 100644
index 00000000000..48adc9a5699
Binary files /dev/null and b/doc/user/project/img/labels_generate_default_v12_1.png differ
diff --git a/doc/user/project/img/labels_group_issues.png b/doc/user/project/img/labels_group_issues.png
deleted file mode 100644
index cea1d304d31..00000000000
Binary files a/doc/user/project/img/labels_group_issues.png and /dev/null differ
diff --git a/doc/user/project/img/labels_group_issues_v12_1.png b/doc/user/project/img/labels_group_issues_v12_1.png
new file mode 100644
index 00000000000..bfe425f20ac
Binary files /dev/null and b/doc/user/project/img/labels_group_issues_v12_1.png differ
diff --git a/doc/user/project/img/labels_key_value_v12_1.png b/doc/user/project/img/labels_key_value_v12_1.png
new file mode 100644
index 00000000000..81d5c416c95
Binary files /dev/null and b/doc/user/project/img/labels_key_value_v12_1.png differ
diff --git a/doc/user/project/img/labels_list.png b/doc/user/project/img/labels_list.png
deleted file mode 100644
index 6940dde68bf..00000000000
Binary files a/doc/user/project/img/labels_list.png and /dev/null differ
diff --git a/doc/user/project/img/labels_list_v12_1.png b/doc/user/project/img/labels_list_v12_1.png
new file mode 100644
index 00000000000..c414ab42fbc
Binary files /dev/null and b/doc/user/project/img/labels_list_v12_1.png differ
diff --git a/doc/user/project/img/labels_new_label_from_sidebar.gif b/doc/user/project/img/labels_new_label_from_sidebar.gif
new file mode 100644
index 00000000000..572b29a86e1
Binary files /dev/null and b/doc/user/project/img/labels_new_label_from_sidebar.gif differ
diff --git a/doc/user/project/img/labels_prioritized.png b/doc/user/project/img/labels_prioritized.png
deleted file mode 100644
index 7ce2d08b38c..00000000000
Binary files a/doc/user/project/img/labels_prioritized.png and /dev/null differ
diff --git a/doc/user/project/img/labels_prioritized_v12_1.png b/doc/user/project/img/labels_prioritized_v12_1.png
new file mode 100644
index 00000000000..8ea69949d8e
Binary files /dev/null and b/doc/user/project/img/labels_prioritized_v12_1.png differ
diff --git a/doc/user/project/img/labels_promotion.png b/doc/user/project/img/labels_promotion.png
deleted file mode 100644
index 762a3773692..00000000000
Binary files a/doc/user/project/img/labels_promotion.png and /dev/null differ
diff --git a/doc/user/project/img/labels_promotion_v12_1.png b/doc/user/project/img/labels_promotion_v12_1.png
new file mode 100644
index 00000000000..238d50981ae
Binary files /dev/null and b/doc/user/project/img/labels_promotion_v12_1.png differ
diff --git a/doc/user/project/img/labels_subscriptions.png b/doc/user/project/img/labels_subscriptions.png
deleted file mode 100644
index f3c4235d051..00000000000
Binary files a/doc/user/project/img/labels_subscriptions.png and /dev/null differ
diff --git a/doc/user/project/img/labels_subscriptions_v12_1.png b/doc/user/project/img/labels_subscriptions_v12_1.png
new file mode 100644
index 00000000000..57c437ac8a4
Binary files /dev/null and b/doc/user/project/img/labels_subscriptions_v12_1.png differ
diff --git a/doc/user/project/img/new_label_from_sidebar.gif b/doc/user/project/img/new_label_from_sidebar.gif
deleted file mode 100644
index 572b29a86e1..00000000000
Binary files a/doc/user/project/img/new_label_from_sidebar.gif and /dev/null differ
diff --git a/doc/user/project/labels.md b/doc/user/project/labels.md
index fdfeb4aa4cd..a00c1c980d2 100644
--- a/doc/user/project/labels.md
+++ b/doc/user/project/labels.md
@@ -2,43 +2,52 @@
 
 ## Overview
 
-Labels allow you to categorize issues or merge requests using descriptive titles like `bug`, `feature request`, or `docs`. Each label also has a customizable color. They allow you to quickly and dynamically filter and manage issues or merge requests you care about, and are visible throughout GitLab in most places where issues and merge requests are located.
+Labels allow you to categorize issues or merge requests using descriptive titles like
+`bug`, `feature request`, or `docs`. Each label also has a customizable color. They
+allow you to quickly and dynamically filter and manage issues or merge requests you
+care about, and are visible throughout GitLab in most places where issues and merge
+requests are located.
 
 ## Project labels and group labels
 
 In GitLab, you can create project and group labels:
 
 - **Project labels** can be assigned to issues or merge requests in that project only.
-- **Group labels** can be assigned to any issue or merge request of any project in that group or any subgroups of the group.
+- **Group labels** can be assigned to any issue or merge request in any project in
+  that group, or any subgroups of the group.
 
 ## Scoped labels **(PREMIUM)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/9175) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.10.
 
-Scoped labels allow teams to use the simple and familiar feature of labels to
+Scoped labels allow teams to use the simple and familiar label feature to
 annotate their issues, merge requests, and epics to achieve custom fields and
 custom workflow states by leveraging a special label title syntax.
 
-A scoped label is a kind of label defined only by a special double-colon syntax
+A scoped label is a kind of label defined by a special double-colon syntax
 in the label’s title, using the format `key::value`. For example:
 
-![A sample scoped label](img/key_value_labels.png)
+![A sample scoped label](img/labels_key_value_v12_1.png)
 
 An issue, epic, or merge request cannot have two scoped labels with the same key.
-For example, if an issue is already labeled `priority::3` and you apply the label `priority::2` to it,
-`priority::3` is automatically removed.
+For example, if an issue is already labeled `priority::3`, and then you apply the
+`priority::2` label to it, `priority::3` is automatically removed.
 
 This functionality is demonstrated in a video titled [Use scoped labels in GitLab 11.10 for custom fields and custom workflows](https://www.youtube.com/watch?v=4BCBby6du3c).
 
 ### Labels with multiple colon pairs
 
-If labels have multiple instances of `::`, the longest path from left to right, until the last `::`, is considered the "key" or the "scope".
+If labels have multiple instances of `::`, the longest path from left to right, until
+the last `::`, is considered the "key" or the "scope".
 
-For example, `nested::key1::value1` and `nested::key1::value2` cannot both exist on the same issue. Adding the latter label will automatically remove the former due to the shared scope of `nested::key1`.
+For example, `nested::key1::value1` and `nested::key1::value2` cannot both exist on
+the same issue. Adding the latter label will automatically remove the former due to
+the shared scope of `nested::key1`.
 
-`nested::key1::value1` and `nested::key2::value1` can both exist on the same issue, as these are considered to use two different label scopes, `nested::key1` and `nested::key2`.
+`nested::key1::value1` and `nested::key2::value1` can both exist on the same issue,
+as these are considered to use two different label scopes, `nested::key1` and `nested::key2`.
 
-### Workflows with scoped labels **(PREMIUM)**
+### Workflows with scoped labels
 
 Suppose you wanted a custom field in issues to track the platform operating system
 that your features target, where each issue should only target one platform. You
@@ -58,101 +67,154 @@ be able to advance workflow states consistently in issues themselves.
 
 ## Creating labels
 
->**Note:**
+NOTE: **Note:**
 A permission level of Reporter or higher is required to create labels.
 
 ### New project label
 
 To create a **project label**, navigate to **Issues > Labels** in the project.
-This page only shows project labels in this project and group labels of this project's parent group.
+This page only shows the project labels in this project, and the group labels of the
+project's parent group.
 
-Click the **New label** button. Enter the title, an optional description, and the background color. Click **Create label** to create the label.
+Click the **New label** button. Enter the title, an optional description, and the
+background color. Click **Create label** to create the label.
 
-If a project has no labels, you can generate a default set of project labels from its empty label list page:
+If a project has no labels, you can generate a default set of project labels from
+its empty label list page:
 
-![Labels generate default](img/labels_generate_default.png)
+![Labels generate default](img/labels_generate_default_v12_1.png)
 
 GitLab will add the following default labels to the project:
 
-![Labels default](img/labels_default.png)
+![Labels default](img/labels_default_v12_1.png)
 
 ### New group label
 
-To create a **group label**, follow similar steps from above to project labels. Navigate to **Issues > Labels** in the group and create it from there.
-This page only shows group labels in this group.
-Alternatively, you can create group labels also from Epic sidebar. Please note that the created label will belong to the immediate group to which epic belongs.
+To create a **group label**, navigate to **Issues > Labels** in the **group** and create
+it from there. This page only shows group labels in this group.
+
+Alternatively, you can create group labels from the Epic sidebar. Please note that the
+created label will belong to the immediate group to which the epic belongs. **(ULTIMATE)**
 
-![Create Labels from Epic](img/labels_epic_sidebar.png)
+![Create Labels from Epic](img/labels_epic_sidebar_v12_1.png)
 
 Group labels appear in every label list page of the group's child projects.
 
-![Labels list](img/labels_list.png)
+![Labels list](img/labels_list_v12_1.png)
 
 ### New project label from sidebar
 
-From the sidebar of an issue or a merge request, you can create a new **project label** inline immediately, instead of navigating to the project label list page.
+From the sidebar of an issue or a merge request, you can create a new **project label**
+inline immediately, instead of navigating to the project label list page.
 
-![Labels inline](img/new_label_from_sidebar.gif)
+![Labels inline](img/labels_new_label_from_sidebar.gif)
 
 ## Editing labels
 
 NOTE: **Note:**
 A permission level of Reporter or higher is required to edit labels.
 
-You can update a label by navigating to **Issues > Labels** in the project or group and clicking the pencil icon.
+To update a label, navigate to **Issues > Labels** in the project or group
+and click the pencil icon. The title, description and color can be changed.
 
-You can delete a label by clicking the trash icon.
+To delete a label, click the three dots next to the `Subscribe` button, and select
+**Delete**.
+
+![Delete label](img/labels_delete_v12_1.png)
 
 ### Promoting project labels to group labels
 
-If you are expanding from a few projects to a larger number of projects within the same group, you may want to share the same label among multiple projects in the same group. If you previously created a project label and now want to make it available for other projects, you can promote it to a group label.
+If you are expanding from a few projects to a larger number of projects within the
+same group, you may want to share the same label among multiple projects in the same
+group. If you previously created a project label and now want to make it available
+for other projects, you can promote it to a group label.
 
-From the project label list page, you can promote a project label to a group label. This will merge all project labels across all projects in this group with the same name into a single group label. All issues and merge requests that previously were assigned one of these project labels will now be assigned the new group label. This action cannot be reversed and the changes are permanent.
+From the project label list page, you can promote a project label to a group label.
+This will merge all project labels with the same name into a single group label, across
+all projects in this group. All issues and merge requests that were previously
+assigned one of these project labels will now be assigned the new group label. This
+action cannot be reversed and the changes are permanent.
 
-![Labels promotion](img/labels_promotion.png)
+![Labels promotion](img/labels_promotion_v12_1.png)
 
 ## Assigning labels from the sidebar
 
-Every issue and merge request can be assigned any number of labels. The labels are visible on every issue and merge request page, in the sidebar. They are also visible in the issue board. From the sidebar, you can assign or unassign a label to the object (i.e. label or unlabel it). You can also perform this as a [quick action](quick_actions.md) in a comment.
+Every issue and merge request can be assigned any number of labels. The labels are
+visible on every issue and merge request page, in the sidebar. They are also visible on:
+
+- Every issue and merge request page in the sidebar.
+- The issue board.
+
+From the sidebar, you can assign or unassign a label to the object (i.e. label or
+unlabel it). You can also perform this as a [quick action](quick_actions.md),
+in a comment.
 
 | View labels in sidebar | Assign labels from sidebar |
-|:---:|:---:|
+|:----------------------:|:--------------------------:|
 | ![Labels sidebar](img/labels_sidebar.png) | ![Labels sidebar assign](img/labels_sidebar_assign.png) |
 
 ## Searching for project labels
 
-You can search for project labels by navigating from the left sidebar to your
-project's **Issues > Labels** and entering your query to the search bar on the
-top-right:
+To search for project labels, go to **Issues > Labels** in the left sidebar, and enter
+your search query in the **Filter** field.
 
 ![Labels project list search](img/labels_project_list_search.png)
 
-GitLab will consider the label title and description for the search.
+GitLab will check both the label titles and descriptions for the search.
+
+## Filtering by label
+
+The following can be filtered labels:
 
-## Filtering issues, merge requests and epics by label
+- Issue lists
+- Merge Request lists
+- Epic lists **(ULTIMATE)**
+- Issue Boards
 
 ### Filtering in list pages
 
-From the project issue list page and the project merge request list page, you can [filter](../search/index.md#issues-and-merge-requests) by both group (including subgroup ancestors) labels and project labels.
+- From the project issue list page and the project merge request list page, you can
+  [filter](../search/index.md#issues-and-merge-requests) by:
+  - Group labels (including subgroup ancestors)
+  - Project labels
 
-From the group issue list page and the group merge request list page, you can [filter](../search/index.md#issues-and-merge-requests) by both group labels (including subgroup ancestors and subgroup descendants) and project labels.
+- From the group issue list page and the group merge request list page, you can
+  [filter](../search/index.md#issues-and-merge-requests) by:
+  - Group labels (including subgroup ancestors and subgroup descendants)
+  - Project labels
 
-From the group epic list page, you can [filter](../search/index.md#issues-and-merge-requests) by both current group labels as well as descendant group labels.
+- You can [filter](../search/index.md#issues-and-merge-requests) the group epic list
+  page by: **(ULTIMATE)**
+  - Current group labels
+  - Descendant group labels
 
-![Labels group issues](img/labels_group_issues.png)
+![Labels group issues](img/labels_group_issues_v12_1.png)
 
 ### Filtering in issue boards
 
-- From [project boards](issue_board.md), you can filter by both group labels and project labels in the [search and filter bar](../search/index.md#issue-boards).
-- From [group issue boards](issue_board.md#group-issue-boards-premium), you can filter by only group labels in the [search and filter bar](../search/index.md#issue-boards). **(PREMIUM)**
-- From [project boards](issue_board.md), you can filter by both group labels and project labels in the [issue board configuration](issue_board.md#configurable-issue-boards-starter). **(STARTER)**
-- From [group issue boards](issue_board.md#group-issue-boards-premium), you can filter by only group labels in the [issue board configuration](issue_board.md#configurable-issue-boards-starter). **(STARTER)**
+- From [project boards](issue_board.md), you can use the [search and filter bar](../search/index.md#issue-boards)
+  to filter by:
+  - Group labels
+  - Project labels
+
+- From [group issue boards](issue_board.md#group-issue-boards-premium), you can use the
+  [search and filter bar](../search/index.md#issue-boards) to filter by group labels only. **(PREMIUM)**
+
+- From [project boards](issue_board.md), in the [issue board configuration](issue_board.md#configurable-issue-boards-starter),
+  you can filter by: **(STARTER)**
+  - Group labels
+  - Project labels
+
+- From [group issue boards](issue_board.md#group-issue-boards-premium), in the [issue board configuration](issue_board.md#configurable-issue-boards-starter),
+  you can filter by group labels only. **(STARTER)**
 
 ## Subscribing to labels
 
-From the project label list page and the group label list page, you can subscribe to [notifications](../../workflow/notifications.md) of a given label, to alert you that the label has been assigned to an issue or merge request.
+From the project label list page and the group label list page, you can subscribe
+to [notifications](../../workflow/notifications.md) of a given label, to alert you
+that the label has been assigned to an issue or merge request.
 
-![Labels subscriptions](img/labels_subscriptions.png)
+![Labels subscriptions](img/labels_subscriptions_v12_1.png)
 
 ## Label priority
 
@@ -161,26 +223,43 @@ From the project label list page and the group label list page, you can subscrib
 > - Introduced in GitLab 8.9.
 > - Priority sorting is based on the highest priority label only. [This discussion](https://gitlab.com/gitlab-org/gitlab-ce/issues/18554) considers changing this.
 
-Labels can have relative priorities, which are used in the "Label priority" and "Priority" sort orders of the issue and merge request list pages.
+Labels can have relative priorities, which are used in the "Label priority" and
+"Priority" sort orders of the issue and merge request list pages.
+
+From the project label list page, star a label to indicate that it has a priority.
+
+![Labels prioritized](img/labels_prioritized_v12_1.png)
+
+Drag starred labels up and down the list to change their priority. Higher in the list
+means higher priority. Prioritization happens at the project level, only on the project
+label list page, and not on the group label list page.
 
-From the project label list page, star a label to indicate that it has a priority. Drag starred labels up and down to change their priority. Higher means higher priority. Prioritization happens at the project level, only on the project label list page, and not on the group label list page. However, both project and group labels can be prioritized on the project label list page since both types are displayed on the project label list page.
+However, both project and group
+labels can be prioritized on the project label list page since both types are displayed
+on the project label list page.
 
-![Labels prioritized](img/labels_prioritized.png)
+![Drag to change label priority](img/labels_drag_priority_v12_1.gif)
 
-On the project and group issue and merge request list pages, you can sort by `Label priority` and `Priority`, which account for objects (issues and merge requests) that have prioritized labels assigned to them.
+On the merge request and issue pages, for both groups and projects, you can sort by `Label priority`
+and `Priority`, which account for objects (issues and merge requests) that have prioritized
+labels assigned to them.
 
 If you sort by `Label priority`, GitLab considers this sort comparison order:
 
 - Object with a higher priority prioritized label.
 - Object without a prioritized label.
 
-Ties are broken arbitrarily. (Note that we _only_ consider the highest prioritized label in an object, and not any of the lower prioritized labels. [This discussion](https://gitlab.com/gitlab-org/gitlab-ce/issues/18554) considers changing this.)
+Ties are broken arbitrarily. Note that we _only_ consider the highest prioritized label
+in an object, and not any of the lower prioritized labels. [This discussion](https://gitlab.com/gitlab-org/gitlab-ce/issues/18554)
+considers changing this.
 
 ![Labels sort label priority](img/labels_sort_label_priority.png)
 
 If you sort by `Priority`, GitLab considers this sort comparison order:
 
-- Object's assigned [milestone](milestones/index.md)'s due date is sooner, provided the object has a milestone and the milestone has a due date. If this isn't the case, consider the object having a due date in the infinite future.
+- Due date of the assigned [milestone](milestones/index.md) is sooner, provided
+  the object has a milestone and the milestone has a due date. If this isn't the case,
+  consider the object having a due date in the infinite future.
 - Object with a higher priority prioritized label.
 - Object without a prioritized label.
 
-- 
cgit v1.2.1


From a696695f31a2df748eed0b9cf9454a6046fdc71e Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Thu, 1 Aug 2019 02:29:16 +0000
Subject: Fix whitespace in ci docs

Many code blocks are 4spaced, and they render in GitLab
without coloring as a result, even though they are
fenced with a language label. If in a list, other items
will render as being in a code block too, even if not
meant to. This fixes all these issues for most docs in
/ci, and cleans up other minor whitespace issues too.
---
 .../bitbucket_integration.md                       | 198 ++++++------
 doc/ci/docker/using_docker_build.md                | 342 ++++++++++-----------
 doc/ci/docker/using_docker_images.md               | 131 ++++----
 doc/ci/examples/artifactory_and_gitlab/index.md    |  70 +++--
 .../test_phoenix_app_with_gitlab_ci_cd/index.md    | 111 ++++---
 doc/ci/ssh_keys/README.md                          |  82 ++---
 doc/ci/yaml/README.md                              |  16 +-
 7 files changed, 477 insertions(+), 473 deletions(-)

diff --git a/doc/ci/ci_cd_for_external_repos/bitbucket_integration.md b/doc/ci/ci_cd_for_external_repos/bitbucket_integration.md
index b3110b435db..8fe11140cc7 100644
--- a/doc/ci/ci_cd_for_external_repos/bitbucket_integration.md
+++ b/doc/ci/ci_cd_for_external_repos/bitbucket_integration.md
@@ -14,9 +14,9 @@ To use GitLab CI/CD with a Bitbucket Cloud repository:
 1. In GitLab create a **CI/CD for external repo**, select **Repo by URL** and
    create the project.
 
-    ![Create project](img/external_repository.png)
+   ![Create project](img/external_repository.png)
 
-    GitLab will import the repository and enable [Pull Mirroring][pull-mirroring].
+   GitLab will import the repository and enable [Pull Mirroring][pull-mirroring].
 
 1. In GitLab create a
    [Personal Access Token](../../user/profile/personal_access_tokens.md)
@@ -26,19 +26,19 @@ To use GitLab CI/CD with a Bitbucket Cloud repository:
 1. In Bitbucket, from **Settings > Webhooks**, create a new web hook to notify
    GitLab of new commits.
 
-    The web hook URL should be set to the GitLab API to trigger pull mirroring,
-    using the Personal Access Token we just generated for authentication.
+   The web hook URL should be set to the GitLab API to trigger pull mirroring,
+   using the Personal Access Token we just generated for authentication.
 
-    ```text
-    https://gitlab.com/api/v4/projects/<NAMESPACE>%2F<PROJECT>/mirror/pull?private_token=<PERSONAL_ACCESS_TOKEN>
-    ```
+   ```text
+   https://gitlab.com/api/v4/projects/<NAMESPACE>%2F<PROJECT>/mirror/pull?private_token=<PERSONAL_ACCESS_TOKEN>
+   ```
 
-    The web hook Trigger should be set to 'Repository Push'.
+   The web hook Trigger should be set to 'Repository Push'.
 
-    ![Bitbucket Cloud webhook](img/bitbucket_webhook.png)
+   ![Bitbucket Cloud webhook](img/bitbucket_webhook.png)
 
-    After saving, test the web hook by pushing a change to your Bitbucket
-    repository.
+   After saving, test the web hook by pushing a change to your Bitbucket
+   repository.
 
 1. In Bitbucket, create an **App Password** from **Bitbucket Settings > App
    Passwords** to authenticate the build status script setting commit build
@@ -49,104 +49,104 @@ To use GitLab CI/CD with a Bitbucket Cloud repository:
 1. In GitLab, from **Settings > CI/CD > Environment variables**, add variables to allow
    communication with Bitbucket via the Bitbucket API:
 
-    `BITBUCKET_ACCESS_TOKEN`: the Bitbucket app password created above.
+   `BITBUCKET_ACCESS_TOKEN`: the Bitbucket app password created above.
 
-    `BITBUCKET_USERNAME`: the username of the Bitbucket account.
+   `BITBUCKET_USERNAME`: the username of the Bitbucket account.
 
-    `BITBUCKET_NAMESPACE`: set this if your GitLab and Bitbucket namespaces differ.
+   `BITBUCKET_NAMESPACE`: set this if your GitLab and Bitbucket namespaces differ.
 
-    `BITBUCKET_REPOSITORY`: set this if your GitLab and Bitbucket project names differ.
+   `BITBUCKET_REPOSITORY`: set this if your GitLab and Bitbucket project names differ.
 
 1. In Bitbucket, add a script to push the pipeline status to Bitbucket.
 
-    > Note: changes made in GitLab will be overwritten by any changes made
-    > upstream in Bitbucket.
-
-    Create a file `build_status` and insert the script below and run
-    `chmod +x build_status` in your terminal to make the script executable.
-
-    ```bash
-    #!/usr/bin/env bash
-
-    # Push GitLab CI/CD build status to Bitbucket Cloud
-
-    if [ -z "$BITBUCKET_ACCESS_TOKEN" ]; then
-       echo "ERROR: BITBUCKET_ACCESS_TOKEN is not set"
-    exit 1
-    fi
-    if [ -z "$BITBUCKET_USERNAME" ]; then
-        echo "ERROR: BITBUCKET_USERNAME is not set"
-    exit 1
-    fi
-    if [ -z "$BITBUCKET_NAMESPACE" ]; then
-        echo "Setting BITBUCKET_NAMESPACE to $CI_PROJECT_NAMESPACE"
-        BITBUCKET_NAMESPACE=$CI_PROJECT_NAMESPACE
-    fi
-    if [ -z "$BITBUCKET_REPOSITORY" ]; then
-        echo "Setting BITBUCKET_REPOSITORY to $CI_PROJECT_NAME"
-        BITBUCKET_REPOSITORY=$CI_PROJECT_NAME
-    fi
-
-    BITBUCKET_API_ROOT="https://api.bitbucket.org/2.0"
-    BITBUCKET_STATUS_API="$BITBUCKET_API_ROOT/repositories/$BITBUCKET_NAMESPACE/$BITBUCKET_REPOSITORY/commit/$CI_COMMIT_SHA/statuses/build"
-    BITBUCKET_KEY="ci/gitlab-ci/$CI_JOB_NAME"
-
-    case "$BUILD_STATUS" in
-    running)
-       BITBUCKET_STATE="INPROGRESS"
-       BITBUCKET_DESCRIPTION="The build is running!"
-       ;;
-    passed)
-       BITBUCKET_STATE="SUCCESSFUL"
-       BITBUCKET_DESCRIPTION="The build passed!"
-       ;;
-    failed)
-       BITBUCKET_STATE="FAILED"
-       BITBUCKET_DESCRIPTION="The build failed."
-       ;;
-    esac
-
-    echo "Pushing status to $BITBUCKET_STATUS_API..."
-    curl --request POST $BITBUCKET_STATUS_API \
-    --user $BITBUCKET_USERNAME:$BITBUCKET_ACCESS_TOKEN \
-    --header "Content-Type:application/json" \
-    --silent \
-    --data "{ \"state\": \"$BITBUCKET_STATE\", \"key\": \"$BITBUCKET_KEY\", \"description\":
-    \"$BITBUCKET_DESCRIPTION\",\"url\": \"$CI_PROJECT_URL/-/jobs/$CI_JOB_ID\" }"
-    ```
+   > Note: changes made in GitLab will be overwritten by any changes made
+   > upstream in Bitbucket.
+
+   Create a file `build_status` and insert the script below and run
+   `chmod +x build_status` in your terminal to make the script executable.
+
+   ```bash
+   #!/usr/bin/env bash
+
+   # Push GitLab CI/CD build status to Bitbucket Cloud
+
+   if [ -z "$BITBUCKET_ACCESS_TOKEN" ]; then
+      echo "ERROR: BITBUCKET_ACCESS_TOKEN is not set"
+   exit 1
+   fi
+   if [ -z "$BITBUCKET_USERNAME" ]; then
+       echo "ERROR: BITBUCKET_USERNAME is not set"
+   exit 1
+   fi
+   if [ -z "$BITBUCKET_NAMESPACE" ]; then
+       echo "Setting BITBUCKET_NAMESPACE to $CI_PROJECT_NAMESPACE"
+       BITBUCKET_NAMESPACE=$CI_PROJECT_NAMESPACE
+   fi
+   if [ -z "$BITBUCKET_REPOSITORY" ]; then
+       echo "Setting BITBUCKET_REPOSITORY to $CI_PROJECT_NAME"
+       BITBUCKET_REPOSITORY=$CI_PROJECT_NAME
+   fi
+
+   BITBUCKET_API_ROOT="https://api.bitbucket.org/2.0"
+   BITBUCKET_STATUS_API="$BITBUCKET_API_ROOT/repositories/$BITBUCKET_NAMESPACE/$BITBUCKET_REPOSITORY/commit/$CI_COMMIT_SHA/statuses/build"
+   BITBUCKET_KEY="ci/gitlab-ci/$CI_JOB_NAME"
+
+   case "$BUILD_STATUS" in
+   running)
+      BITBUCKET_STATE="INPROGRESS"
+      BITBUCKET_DESCRIPTION="The build is running!"
+      ;;
+   passed)
+      BITBUCKET_STATE="SUCCESSFUL"
+      BITBUCKET_DESCRIPTION="The build passed!"
+      ;;
+   failed)
+      BITBUCKET_STATE="FAILED"
+      BITBUCKET_DESCRIPTION="The build failed."
+      ;;
+   esac
+
+   echo "Pushing status to $BITBUCKET_STATUS_API..."
+   curl --request POST $BITBUCKET_STATUS_API \
+   --user $BITBUCKET_USERNAME:$BITBUCKET_ACCESS_TOKEN \
+   --header "Content-Type:application/json" \
+   --silent \
+   --data "{ \"state\": \"$BITBUCKET_STATE\", \"key\": \"$BITBUCKET_KEY\", \"description\":
+   \"$BITBUCKET_DESCRIPTION\",\"url\": \"$CI_PROJECT_URL/-/jobs/$CI_JOB_ID\" }"
+   ```
 
 1. Still in Bitbucket, create a `.gitlab-ci.yml` file to use the script to push
    pipeline success and failures to Bitbucket.
 
-    ```yaml
-    stages:
-      - test
-      - ci_status
-
-    unit-tests:
-      script:
-        - echo "Success. Add your tests!"
-
-    success:
-      stage: ci_status
-      before_script:
-        - ""
-      after_script:
-        - ""
-      script:
-        - BUILD_STATUS=passed BUILD_KEY=push ./build_status
-      when: on_success
-
-    failure:
-      stage: ci_status
-      before_script:
-        - ""
-      after_script:
-        - ""
-      script:
-        - BUILD_STATUS=failed BUILD_KEY=push ./build_status
-      when: on_failure
-    ```
+   ```yaml
+   stages:
+     - test
+     - ci_status
+
+   unit-tests:
+     script:
+       - echo "Success. Add your tests!"
+
+   success:
+     stage: ci_status
+     before_script:
+       - ""
+     after_script:
+       - ""
+     script:
+       - BUILD_STATUS=passed BUILD_KEY=push ./build_status
+     when: on_success
+
+   failure:
+     stage: ci_status
+     before_script:
+       - ""
+     after_script:
+       - ""
+     script:
+       - BUILD_STATUS=failed BUILD_KEY=push ./build_status
+     when: on_failure
+   ```
 
 GitLab is now configured to mirror changes from Bitbucket, run CI/CD pipelines
 configured in `.gitlab-ci.yml` and push the status to Bitbucket.
diff --git a/doc/ci/docker/using_docker_build.md b/doc/ci/docker/using_docker_build.md
index 10a21edbd34..278a0d6e934 100644
--- a/doc/ci/docker/using_docker_build.md
+++ b/doc/ci/docker/using_docker_build.md
@@ -48,42 +48,42 @@ GitLab Runner then executes job scripts as the `gitlab-runner` user.
 
 1. During GitLab Runner installation select `shell` as method of executing job scripts or use command:
 
-    ```bash
-    sudo gitlab-runner register -n \
-      --url https://gitlab.com/ \
-      --registration-token REGISTRATION_TOKEN \
-      --executor shell \
-      --description "My Runner"
-    ```
+   ```bash
+   sudo gitlab-runner register -n \
+     --url https://gitlab.com/ \
+     --registration-token REGISTRATION_TOKEN \
+     --executor shell \
+     --description "My Runner"
+   ```
 
 1. Install Docker Engine on server.
 
-    For more information how to install Docker Engine on different systems
-    checkout the [Supported installations](https://docs.docker.com/engine/installation/).
+   For more information how to install Docker Engine on different systems
+   checkout the [Supported installations](https://docs.docker.com/engine/installation/).
 
 1. Add `gitlab-runner` user to `docker` group:
 
-    ```bash
-    sudo usermod -aG docker gitlab-runner
-    ```
+   ```bash
+   sudo usermod -aG docker gitlab-runner
+   ```
 
 1. Verify that `gitlab-runner` has access to Docker:
 
-    ```bash
-    sudo -u gitlab-runner -H docker info
-    ```
+   ```bash
+   sudo -u gitlab-runner -H docker info
+   ```
 
-    You can now verify that everything works by adding `docker info` to `.gitlab-ci.yml`:
+   You can now verify that everything works by adding `docker info` to `.gitlab-ci.yml`:
 
-    ```yaml
-    before_script:
-      - docker info
+   ```yaml
+   before_script:
+     - docker info
 
-    build_image:
-      script:
-        - docker build -t my-docker-image .
-        - docker run my-docker-image /script/to/run/tests
-    ```
+   build_image:
+     script:
+       - docker build -t my-docker-image .
+       - docker run my-docker-image /script/to/run/tests
+   ```
 
 1. You can now use `docker` command (and **install** `docker-compose` if needed).
 
@@ -107,83 +107,83 @@ In order to do that, follow the steps:
 1. Register GitLab Runner from the command line to use `docker` and `privileged`
    mode:
 
-    ```bash
-    sudo gitlab-runner register -n \
-      --url https://gitlab.com/ \
-      --registration-token REGISTRATION_TOKEN \
-      --executor docker \
-      --description "My Docker Runner" \
-      --docker-image "docker:stable" \
-      --docker-privileged
-    ```
-
-    The above command will register a new Runner to use the special
-    `docker:stable` image which is provided by Docker. **Notice that it's using
-    the `privileged` mode to start the build and service containers.** If you
-    want to use [docker-in-docker] mode, you always have to use `privileged = true`
-    in your Docker containers.
-
-    DANGER: **Danger:**
-    By enabling `--docker-privileged`, you are effectively disabling all of
-    the security mechanisms of containers and exposing your host to privilege
-    escalation which can lead to container breakout. For more information, check
-    out the official Docker documentation on
-    [Runtime privilege and Linux capabilities][docker-cap].
-
-    The above command will create a `config.toml` entry similar to this:
-
-    ```toml
-    [[runners]]
-      url = "https://gitlab.com/"
-      token = TOKEN
-      executor = "docker"
-      [runners.docker]
-        tls_verify = false
-        image = "docker:stable"
-        privileged = true
-        disable_cache = false
-        volumes = ["/cache"]
-      [runners.cache]
-        Insecure = false
-    ```
+   ```bash
+   sudo gitlab-runner register -n \
+     --url https://gitlab.com/ \
+     --registration-token REGISTRATION_TOKEN \
+     --executor docker \
+     --description "My Docker Runner" \
+     --docker-image "docker:stable" \
+     --docker-privileged
+   ```
+
+   The above command will register a new Runner to use the special
+   `docker:stable` image which is provided by Docker. **Notice that it's using
+   the `privileged` mode to start the build and service containers.** If you
+   want to use [docker-in-docker] mode, you always have to use `privileged = true`
+   in your Docker containers.
+
+   DANGER: **Danger:**
+   By enabling `--docker-privileged`, you are effectively disabling all of
+   the security mechanisms of containers and exposing your host to privilege
+   escalation which can lead to container breakout. For more information, check
+   out the official Docker documentation on
+   [Runtime privilege and Linux capabilities][docker-cap].
+
+   The above command will create a `config.toml` entry similar to this:
+
+   ```toml
+   [[runners]]
+     url = "https://gitlab.com/"
+     token = TOKEN
+     executor = "docker"
+     [runners.docker]
+       tls_verify = false
+       image = "docker:stable"
+       privileged = true
+       disable_cache = false
+       volumes = ["/cache"]
+     [runners.cache]
+       Insecure = false
+   ```
 
 1. You can now use `docker` in the build script (note the inclusion of the
    `docker:dind` service):
 
-    ```yaml
-    image: docker:stable
-
-    variables:
-      # When using dind service we need to instruct docker, to talk with the
-      # daemon started inside of the service. The daemon is available with
-      # a network connection instead of the default /var/run/docker.sock socket.
-      #
-      # The 'docker' hostname is the alias of the service container as described at
-      # https://docs.gitlab.com/ee/ci/docker/using_docker_images.html#accessing-the-services
-      #
-      # Note that if you're using the Kubernetes executor, the variable should be set to
-      # tcp://localhost:2375/ because of how the Kubernetes executor connects services
-      # to the job container
-      # DOCKER_HOST: tcp://localhost:2375/
-      #
-      # For non-Kubernetes executors, we use tcp://docker:2375/
-      DOCKER_HOST: tcp://docker:2375/
-      # When using dind, it's wise to use the overlayfs driver for
-      # improved performance.
-      DOCKER_DRIVER: overlay2
-
-    services:
-      - docker:dind
-
-    before_script:
-      - docker info
-
-    build:
-      stage: build
-      script:
-        - docker build -t my-docker-image .
-        - docker run my-docker-image /script/to/run/tests
-    ```
+   ```yaml
+   image: docker:stable
+
+   variables:
+     # When using dind service we need to instruct docker, to talk with the
+     # daemon started inside of the service. The daemon is available with
+     # a network connection instead of the default /var/run/docker.sock socket.
+     #
+     # The 'docker' hostname is the alias of the service container as described at
+     # https://docs.gitlab.com/ee/ci/docker/using_docker_images.html#accessing-the-services
+     #
+     # Note that if you're using the Kubernetes executor, the variable should be set to
+     # tcp://localhost:2375/ because of how the Kubernetes executor connects services
+     # to the job container
+     # DOCKER_HOST: tcp://localhost:2375/
+     #
+     # For non-Kubernetes executors, we use tcp://docker:2375/
+     DOCKER_HOST: tcp://docker:2375/
+     # When using dind, it's wise to use the overlayfs driver for
+     # improved performance.
+     DOCKER_DRIVER: overlay2
+
+   services:
+     - docker:dind
+
+   before_script:
+     - docker info
+
+   build:
+     stage: build
+     script:
+       - docker build -t my-docker-image .
+       - docker run my-docker-image /script/to/run/tests
+   ```
 
 Docker-in-Docker works well, and is the recommended configuration, but it is
 not without its own challenges:
@@ -202,14 +202,14 @@ not without its own challenges:
   and use it as your mount point (for a more thorough explanation, check [issue
   #41227](https://gitlab.com/gitlab-org/gitlab-ce/issues/41227)):
 
-    ```yaml
-    variables:
-      MOUNT_POINT: /builds/$CI_PROJECT_PATH/mnt
+   ```yaml
+   variables:
+     MOUNT_POINT: /builds/$CI_PROJECT_PATH/mnt
 
-    script:
-      - mkdir -p "$MOUNT_POINT"
-      - docker run -v "$MOUNT_POINT:/mnt" my-docker-image
-    ```
+   script:
+     - mkdir -p "$MOUNT_POINT"
+     - docker run -v "$MOUNT_POINT:/mnt" my-docker-image
+   ```
 
 An example project using this approach can be found here: <https://gitlab.com/gitlab-examples/docker>.
 
@@ -230,54 +230,54 @@ In order to do that, follow the steps:
 
 1. Register GitLab Runner from the command line to use `docker` and share `/var/run/docker.sock`:
 
-    ```bash
-    sudo gitlab-runner register -n \
-      --url https://gitlab.com/ \
-      --registration-token REGISTRATION_TOKEN \
-      --executor docker \
-      --description "My Docker Runner" \
-      --docker-image "docker:stable" \
-      --docker-volumes /var/run/docker.sock:/var/run/docker.sock
-    ```
-
-    The above command will register a new Runner to use the special
-    `docker:stable` image which is provided by Docker. **Notice that it's using
-    the Docker daemon of the Runner itself, and any containers spawned by docker
-    commands will be siblings of the Runner rather than children of the runner.**
-    This may have complications and limitations that are unsuitable for your workflow.
-
-    The above command will create a `config.toml` entry similar to this:
-
-    ```toml
-    [[runners]]
-      url = "https://gitlab.com/"
-      token = REGISTRATION_TOKEN
-      executor = "docker"
-      [runners.docker]
-        tls_verify = false
-        image = "docker:stable"
-        privileged = false
-        disable_cache = false
-        volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/cache"]
-      [runners.cache]
-        Insecure = false
-    ```
+   ```bash
+   sudo gitlab-runner register -n \
+     --url https://gitlab.com/ \
+     --registration-token REGISTRATION_TOKEN \
+     --executor docker \
+     --description "My Docker Runner" \
+     --docker-image "docker:stable" \
+     --docker-volumes /var/run/docker.sock:/var/run/docker.sock
+   ```
+
+   The above command will register a new Runner to use the special
+   `docker:stable` image which is provided by Docker. **Notice that it's using
+   the Docker daemon of the Runner itself, and any containers spawned by docker
+   commands will be siblings of the Runner rather than children of the runner.**
+   This may have complications and limitations that are unsuitable for your workflow.
+
+   The above command will create a `config.toml` entry similar to this:
+
+   ```toml
+   [[runners]]
+     url = "https://gitlab.com/"
+     token = REGISTRATION_TOKEN
+     executor = "docker"
+     [runners.docker]
+       tls_verify = false
+       image = "docker:stable"
+       privileged = false
+       disable_cache = false
+       volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/cache"]
+     [runners.cache]
+       Insecure = false
+   ```
 
 1. You can now use `docker` in the build script (note that you don't need to
    include the `docker:dind` service as when using the Docker in Docker executor):
 
-    ```yaml
-    image: docker:stable
+   ```yaml
+   image: docker:stable
 
-    before_script:
-      - docker info
+   before_script:
+     - docker info
 
-    build:
-      stage: build
-      script:
-        - docker build -t my-docker-image .
-        - docker run my-docker-image /script/to/run/tests
-    ```
+   build:
+     stage: build
+     script:
+       - docker build -t my-docker-image .
+       - docker run my-docker-image /script/to/run/tests
+   ```
 
 While the above method avoids using Docker in privileged mode, you should be
 aware of the following implications:
@@ -293,9 +293,9 @@ aware of the following implications:
   work as expected since volume mounting is done in the context of the host
   machine, not the build container. For example:
 
-    ```sh
-    docker run --rm -t -i -v $(pwd)/src:/home/app/src test-image:latest run_app_tests
-    ```
+   ```sh
+   docker run --rm -t -i -v $(pwd)/src:/home/app/src test-image:latest run_app_tests
+   ```
 
 ## Making docker-in-docker builds faster with Docker layer caching
 
@@ -366,23 +366,23 @@ which can be avoided if a different driver is used, for example `overlay2`.
 1. Make sure a recent kernel is used, preferably `>= 4.2`.
 1. Check whether the `overlay` module is loaded:
 
-    ```sh
-    sudo lsmod | grep overlay
-    ```
+   ```sh
+   sudo lsmod | grep overlay
+   ```
 
-    If you see no result, then it isn't loaded. To load it use:
+   If you see no result, then it isn't loaded. To load it use:
 
-    ```sh
-    sudo modprobe overlay
-    ```
+   ```sh
+   sudo modprobe overlay
+   ```
 
-    If everything went fine, you need to make sure module is loaded on reboot.
-    On Ubuntu systems, this is done by editing `/etc/modules`. Just add the
-    following line into it:
+   If everything went fine, you need to make sure module is loaded on reboot.
+   On Ubuntu systems, this is done by editing `/etc/modules`. Just add the
+   following line into it:
 
-    ```text
-    overlay
-    ```
+   ```text
+   overlay
+   ```
 
 ### Use driver per project
 
@@ -450,9 +450,9 @@ For all projects, mostly suitable for public ones:
   your Docker images and has read/write access to the Registry. This is ephemeral,
   so it's only valid for one job. You can use the following example as-is:
 
-    ```sh
-    docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
-    ```
+  ```sh
+  docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+  ```
 
 For private and internal projects:
 
@@ -465,9 +465,9 @@ For private and internal projects:
 
   Replace the `<username>` and `<access_token>` in the following example:
 
-    ```sh
-    docker login -u <username> -p <access_token> $CI_REGISTRY
-    ```
+  ```sh
+  docker login -u <username> -p <access_token> $CI_REGISTRY
+  ```
 
 - **Using the GitLab Deploy Token**: You can create and use a
   [special deploy token](../../user/project/deploy_tokens/index.md#gitlab-deploy-token)
@@ -475,9 +475,9 @@ For private and internal projects:
   Once created, you can use the special environment variables, and GitLab CI/CD
   will fill them in for you. You can use the following example as-is:
 
-    ```sh
-    docker login -u $CI_DEPLOY_USER -p $CI_DEPLOY_PASSWORD $CI_REGISTRY
-    ```
+  ```sh
+  docker login -u $CI_DEPLOY_USER -p $CI_DEPLOY_PASSWORD $CI_REGISTRY
+  ```
 
 ### Container Registry examples
 
diff --git a/doc/ci/docker/using_docker_images.md b/doc/ci/docker/using_docker_images.md
index f3896c5232c..d5056568dff 100644
--- a/doc/ci/docker/using_docker_images.md
+++ b/doc/ci/docker/using_docker_images.md
@@ -305,25 +305,25 @@ For example, the following two definitions are equal:
 
 1. Using a string as an option to `image` and `services`:
 
-    ```yaml
-    image: "registry.example.com/my/image:latest"
+   ```yaml
+   image: "registry.example.com/my/image:latest"
 
-    services:
-    - postgresql:9.4
-    - redis:latest
-    ```
+   services:
+   - postgresql:9.4
+   - redis:latest
+   ```
 
 1. Using a map as an option to `image` and `services`. The use of `image:name` is
    required:
 
-    ```yaml
-    image:
-      name: "registry.example.com/my/image:latest"
+   ```yaml
+   image:
+     name: "registry.example.com/my/image:latest"
 
-    services:
-    - name: postgresql:9.4
-    - name: redis:latest
-    ```
+   services:
+   - name: postgresql:9.4
+   - name: redis:latest
+   ```
 
 ### Available settings for `image`
 
@@ -526,6 +526,7 @@ it's provided as an environment variable. This is because GitLab Runnner uses **
 runtime.
 
 ### Using statically-defined credentials
+
 There are two approaches that you can take in order to access a
 private registry. Both require setting the environment variable
 `DOCKER_AUTH_CONFIG` with appropriate authentication info.
@@ -555,18 +556,18 @@ There are two ways to determine the value of `DOCKER_AUTH_CONFIG`:
 
 - **First way -** Do a `docker login` on your local machine:
 
-    ```bash
-    docker login registry.example.com:5000 --username my_username --password my_password
-    ```
+  ```bash
+  docker login registry.example.com:5000 --username my_username --password my_password
+  ```
 
-    Then copy the content of `~/.docker/config.json`.
+  Then copy the content of `~/.docker/config.json`.
 
-    If you don't need access to the registry from your computer, you
-    can do a `docker logout`:
+  If you don't need access to the registry from your computer, you
+  can do a `docker logout`:
 
-    ```bash
-    docker logout registry.example.com:5000
-    ```
+  ```bash
+  docker logout registry.example.com:5000
+  ```
 
 - **Second way -** In some setups, it's possible that Docker client
   will use the available system keystore to store the result of `docker
@@ -575,12 +576,12 @@ There are two ways to determine the value of `DOCKER_AUTH_CONFIG`:
   `${username}:${password}` manually. Open a terminal and execute the
   following command:
 
-    ```bash
-    echo -n "my_username:my_password" | base64
+  ```bash
+  echo -n "my_username:my_password" | base64
 
-    # Example output to copy
-    bXlfdXNlcm5hbWU6bXlfcGFzc3dvcmQ=
-    ```
+  # Example output to copy
+  bXlfdXNlcm5hbWU6bXlfcGFzc3dvcmQ=
+  ```
 
 #### Configuring a job
 
@@ -590,25 +591,25 @@ follow these steps:
 1. Create a [variable](../variables/README.md#gitlab-cicd-environment-variables) `DOCKER_AUTH_CONFIG` with the content of the
    Docker configuration file as the value:
 
-    ```json
-    {
-        "auths": {
-            "registry.example.com:5000": {
-                "auth": "bXlfdXNlcm5hbWU6bXlfcGFzc3dvcmQ="
-            }
-        }
-    }
-    ```
+   ```json
+   {
+       "auths": {
+           "registry.example.com:5000": {
+               "auth": "bXlfdXNlcm5hbWU6bXlfcGFzc3dvcmQ="
+           }
+       }
+   }
+   ```
 
 1. You can now use any private image from `registry.example.com:5000` defined in
    `image` and/or `services` in your `.gitlab-ci.yml` file:
 
-    ```yaml
-    image: registry.example.com:5000/namespace/image:tag
-    ```
+   ```yaml
+   image: registry.example.com:5000/namespace/image:tag
+   ```
 
-    In the example above, GitLab Runner will look at `registry.example.com:5000` for the
-    image `namespace/image:tag`.
+   In the example above, GitLab Runner will look at `registry.example.com:5000` for the
+   image `namespace/image:tag`.
 
 You can add configuration for as many registries as you want, adding more
 registries to the `"auths"` hash as described above.
@@ -637,10 +638,10 @@ To add `DOCKER_AUTH_CONFIG` to a Runner:
 
 1. Modify the Runner's `config.toml` file as follows:
 
-    ```toml
-    [[runners]]
-      environment = ["DOCKER_AUTH_CONFIG={\"auths\":{\"registry.example.com:5000\":{\"auth\":\"bXlfdXNlcm5hbWU6bXlfcGFzc3dvcmQ=\"}}}"]
-    ```
+   ```toml
+   [[runners]]
+     environment = ["DOCKER_AUTH_CONFIG={\"auths\":{\"registry.example.com:5000\":{\"auth\":\"bXlfdXNlcm5hbWU6bXlfcGFzc3dvcmQ=\"}}}"]
+   ```
 
 1. Restart the Runner service.
 
@@ -662,16 +663,17 @@ To configure credentials store, follow these steps:
    Make sure helper program is available in GitLab Runner `$PATH`.
 
 1. Make GitLab Runner use it. There are two ways to accomplish this. Either:
+
    - Create a
      [variable](../variables/README.md#gitlab-cicd-environment-variables)
      `DOCKER_AUTH_CONFIG` with the content of the
-   Docker configuration file as the value:
+     Docker configuration file as the value:
 
-    ```json
-      {
-        "credsStore": "osxkeychain"
-      }
-    ```
+     ```json
+       {
+         "credsStore": "osxkeychain"
+       }
+     ```
 
    - Or, if you are running self-hosted Runners, add the above JSON to
      `${GITLAB_RUNNER_HOME}/.docker/config.json`. GitLab Runner will read this config file
@@ -693,17 +695,18 @@ To configure access for `aws_account_id.dkr.ecr.region.amazonaws.com`, follow th
 1. Make sure `docker-credential-ecr-login` is available in GitLab Runner's `$PATH`.
 
 1. Make GitLab Runner use it. There are two ways to accomplish this. Either:
+
    - Create a [variable](../variables/README.md#gitlab-cicd-environment-variables)
      `DOCKER_AUTH_CONFIG` with the content of the
-   Docker configuration file as the value:
+     Docker configuration file as the value:
 
-    ```json
-    {
-      "credHelpers": {
-        "aws_account_id.dkr.ecr.region.amazonaws.com": "ecr-login"
-      }
-    }
-    ```
+     ```json
+     {
+       "credHelpers": {
+         "aws_account_id.dkr.ecr.region.amazonaws.com": "ecr-login"
+       }
+     }
+     ```
 
    - Or, if you are running self-hosted Runners,
      add the above JSON to `${GITLAB_RUNNER_HOME}/.docker/config.json`.
@@ -713,12 +716,12 @@ To configure access for `aws_account_id.dkr.ecr.region.amazonaws.com`, follow th
 1. You can now use any private image from `aws_account_id.dkr.ecr.region.amazonaws.com` defined in
    `image` and/or `services` in your `.gitlab-ci.yml` file:
 
-    ```yaml
-    image: aws_account_id.dkr.ecr.region.amazonaws.com/private/image:latest
-    ```
+   ```yaml
+   image: aws_account_id.dkr.ecr.region.amazonaws.com/private/image:latest
+   ```
 
-    In the example above, GitLab Runner will look at `aws_account_id.dkr.ecr.region.amazonaws.com` for the
-    image `private/image:latest`.
+   In the example above, GitLab Runner will look at `aws_account_id.dkr.ecr.region.amazonaws.com` for the
+   image `private/image:latest`.
 
 You can add configuration for as many registries as you want, adding more
 registries to the `"credHelpers"` hash as described above.
diff --git a/doc/ci/examples/artifactory_and_gitlab/index.md b/doc/ci/examples/artifactory_and_gitlab/index.md
index c9f700ed190..940c4711132 100644
--- a/doc/ci/examples/artifactory_and_gitlab/index.md
+++ b/doc/ci/examples/artifactory_and_gitlab/index.md
@@ -39,9 +39,10 @@ project:
 1. Create a new project by selecting **Import project from ➔ Repo by URL**
 1. Add the following URL:
 
-    ```
-    https://gitlab.com/gitlab-examples/maven/simple-maven-dep.git
-    ```
+   ```
+   https://gitlab.com/gitlab-examples/maven/simple-maven-dep.git
+   ```
+
 1. Click **Create project**
 
 This application is nothing more than a basic class with a stub for a JUnit based test suite.
@@ -63,15 +64,15 @@ The application is ready to use, but you need some additional steps to deploy it
 1. Copy the snippet in the `pom.xml` file for your project, just after the
    `dependencies` section. The snippet should look like this:
 
-    ```xml
-    <distributionManagement>
-      <repository>
-        <id>central</id>
-        <name>83d43b5afeb5-releases</name>
-        <url>${env.MAVEN_REPO_URL}/libs-release-local</url>
-      </repository>
-    </distributionManagement>
-    ```
+   ```xml
+   <distributionManagement>
+     <repository>
+       <id>central</id>
+       <name>83d43b5afeb5-releases</name>
+       <url>${env.MAVEN_REPO_URL}/libs-release-local</url>
+     </repository>
+   </distributionManagement>
+   ```
 
 Another step you need to do before you can deploy the dependency to Artifactory
 is to configure the authentication data. It is a simple task, but Maven requires
@@ -86,18 +87,18 @@ parameter in `.gitlab-ci.yml` to use the custom location instead of the default
 1. Create a file called `settings.xml` in the `.m2` folder
 1. Copy the following content into a `settings.xml` file:
 
-    ```xml
-    <settings xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd"
-        xmlns="http://maven.apache.org/SETTINGS/1.1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-      <servers>
-        <server>
-          <id>central</id>
-          <username>${env.MAVEN_REPO_USER}</username>
-          <password>${env.MAVEN_REPO_PASS}</password>
-        </server>
-      </servers>
-    </settings>
-    ```
+   ```xml
+   <settings xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd"
+       xmlns="http://maven.apache.org/SETTINGS/1.1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+     <servers>
+       <server>
+         <id>central</id>
+         <username>${env.MAVEN_REPO_USER}</username>
+         <password>${env.MAVEN_REPO_PASS}</password>
+       </server>
+     </servers>
+   </settings>
+   ```
 
     Username and password will be replaced by the correct values using variables.
 
@@ -187,9 +188,10 @@ We'll use again a Maven app that can be cloned from our example project:
 1. Create a new project by selecting **Import project from ➔ Repo by URL**
 1. Add the following URL:
 
-    ```
-    https://gitlab.com/gitlab-examples/maven/simple-maven-app.git
-    ```
+   ```
+   https://gitlab.com/gitlab-examples/maven/simple-maven-app.git
+   ```
+
 1. Click **Create project**
 
 This one is a simple app as well. If you look at the `src/main/java/com/example/app/App.java`
@@ -204,13 +206,13 @@ Since Maven doesn't know how to resolve the dependency, you need to modify the c
 1. Copy the snippet in the `dependencies` section of the `pom.xml` file.
    The snippet should look like this:
 
-    ```xml
-    <dependency>
-      <groupId>com.example.dep</groupId>
-      <artifactId>simple-maven-dep</artifactId>
-      <version>1.0</version>
-    </dependency>
-    ```
+   ```xml
+   <dependency>
+     <groupId>com.example.dep</groupId>
+     <artifactId>simple-maven-dep</artifactId>
+     <version>1.0</version>
+   </dependency>
+   ```
 
 ### Configure the Artifactory repository location
 
diff --git a/doc/ci/examples/test_phoenix_app_with_gitlab_ci_cd/index.md b/doc/ci/examples/test_phoenix_app_with_gitlab_ci_cd/index.md
index a5fed00972f..0e595e1a0be 100644
--- a/doc/ci/examples/test_phoenix_app_with_gitlab_ci_cd/index.md
+++ b/doc/ci/examples/test_phoenix_app_with_gitlab_ci_cd/index.md
@@ -188,28 +188,27 @@ when running our Phoenix in our `localhost`.
 - Open `hello_gitlab_ci/config/test.exs` on your favorite code editor
 - Go to **Configure your database** session and edit the block to include `System.get_env`:
 
-    ```elixir
-    # Configure your database
-    config :hello_gitlab_ci, HelloGitlabCi.Repo,
-      adapter: Ecto.Adapters.Postgres,
-      username: System.get_env("POSTGRES_USER") || "postgres",
-      password: System.get_env("POSTGRES_PASSWORD") || "postgres",
-      database: System.get_env("POSTGRES_DB") || "hello_gitlab_ci_test",
-      hostname: System.get_env("POSTGRES_HOST") || "localhost",
-      pool: Ecto.Adapters.SQL.Sandbox
-    ```
-
-    We'll need these system variables later on.
+  ```elixir
+  # Configure your database
+  config :hello_gitlab_ci, HelloGitlabCi.Repo,
+    adapter: Ecto.Adapters.Postgres,
+    username: System.get_env("POSTGRES_USER") || "postgres",
+    password: System.get_env("POSTGRES_PASSWORD") || "postgres",
+    database: System.get_env("POSTGRES_DB") || "hello_gitlab_ci_test",
+    hostname: System.get_env("POSTGRES_HOST") || "localhost",
+    pool: Ecto.Adapters.SQL.Sandbox
+  ```
+
+  We'll need these system variables later on.
 
 - Create an empty file named `.gitkeep` into `hello_gitlab_ci/priv/repo/migrations`
 
-    As our project is still fresh, we don't have any data on our database, so, the `migrations`
-directory will be empty.
-    Without `.gitkeep`, git will not upload this empty directory and we'll got an error when running our
-test on GitLab.
+  As our project is still fresh, we don't have any data on our database, so, the `migrations`
+  directory will be empty.
+  Without `.gitkeep`, git will not upload this empty directory and we'll got an error when running our
+  test on GitLab.
 
-    > **Note:**
-    If we add a folder via the GitLab UI, GitLab itself will add the `.gitkeep` to that new dir.
+  > **Note:** If we add a folder via the GitLab UI, GitLab itself will add the `.gitkeep` to that new dir.
 
 Now, let's run a local test and see if everything we did didn't break anything.
 
@@ -248,64 +247,64 @@ project.
 
 - The fastest and easiest way to do this, is to click on **Set up CI** on project's main page:
 
-    ![Set up CI](img/setup-ci.png)
+  ![Set up CI](img/setup-ci.png)
 
 - On next screen, we can select a template ready to go. Click on **Apply a GitLab CI/CD Yaml
   template** and select **Elixir**:
 
-    ![Select template](img/select-template.png)
+  ![Select template](img/select-template.png)
 
-    This template file tells GitLab CI/CD about what we wish to do every time a new commit is made.
-    However, we have to adapt it to run a Phoenix app.
+  This template file tells GitLab CI/CD about what we wish to do every time a new commit is made.
+  However, we have to adapt it to run a Phoenix app.
 
 - The first line tells GitLab what Docker image will be used.
 
-    Remember when we learn about Runners, the isolated virtual machine where GitLab CI/CD build and test
-    our application? This virtual machine must have all dependencies to run our application. This is
-    where a Docker image is needed. The correct image will provide the entire system for us.
+  Remember when we learn about Runners, the isolated virtual machine where GitLab CI/CD build and test
+  our application? This virtual machine must have all dependencies to run our application. This is
+  where a Docker image is needed. The correct image will provide the entire system for us.
 
-    As a suggestion, you can use [trenpixster's elixir image][docker-image], which already has all
-    dependencies for Phoenix installed, such as Elixir, Erlang, NodeJS and PostgreSQL:
+  As a suggestion, you can use [trenpixster's elixir image][docker-image], which already has all
+  dependencies for Phoenix installed, such as Elixir, Erlang, NodeJS and PostgreSQL:
 
-    ```yml
-    image: trenpixster/elixir:latest
-    ```
+  ```yml
+  image: trenpixster/elixir:latest
+  ```
 
 - At `services` session, we'll only use `postgres`, so we'll delete `mysql` and `redis` lines:
 
-    ```yml
-    services:
-      - postgres:latest
-    ```
+  ```yml
+  services:
+    - postgres:latest
+  ```
 
 - Now, we'll create a new entry called `variables`, before `before_script` session:
 
-    ```yml
-    variables:
-      POSTGRES_DB: hello_gitlab_ci_test
-      POSTGRES_HOST: postgres
-      POSTGRES_USER: postgres
-      POSTGRES_PASSWORD: "postgres"
-      MIX_ENV: "test"
-    ```
+  ```yml
+  variables:
+    POSTGRES_DB: hello_gitlab_ci_test
+    POSTGRES_HOST: postgres
+    POSTGRES_USER: postgres
+    POSTGRES_PASSWORD: "postgres"
+    MIX_ENV: "test"
+  ```
 
-    Here, we are setting up the values for GitLab CI/CD authenticate into PostgreSQL, as we did on
-    `config/test.exs` earlier.
+  Here, we are setting up the values for GitLab CI/CD authenticate into PostgreSQL, as we did on
+  `config/test.exs` earlier.
 
 - In `before_script` session, we'll add some commands to prepare everything to the test:
 
-    ```yml
-    before_script:
-      - apt-get update && apt-get -y install postgresql-client
-      - mix local.hex --force
-      - mix deps.get --only test
-      - mix ecto.create
-      - mix ecto.migrate
-    ```
-
-    It's important to install `postgresql-client` to let GitLab CI/CD access PostgreSQL and create our
-    database with the login information provided earlier. More important is to respect the indentation,
-    to avoid syntax errors when running the build.
+  ```yml
+  before_script:
+    - apt-get update && apt-get -y install postgresql-client
+    - mix local.hex --force
+    - mix deps.get --only test
+    - mix ecto.create
+    - mix ecto.migrate
+   ```
+
+  It's important to install `postgresql-client` to let GitLab CI/CD access PostgreSQL and create our
+  database with the login information provided earlier. More important is to respect the indentation,
+  to avoid syntax errors when running the build.
 
 - And finally, we'll let `mix` session intact.
 
diff --git a/doc/ci/ssh_keys/README.md b/doc/ci/ssh_keys/README.md
index 69591ed605c..d9f022a7125 100644
--- a/doc/ci/ssh_keys/README.md
+++ b/doc/ci/ssh_keys/README.md
@@ -57,44 +57,44 @@ to access it. This is where an SSH key pair comes in handy.
 1. Modify your `.gitlab-ci.yml` with a `before_script` action. In the following
    example, a Debian based image is assumed. Edit to your needs:
 
-    ```yaml
-    before_script:
-      ##
-      ## Install ssh-agent if not already installed, it is required by Docker.
-      ## (change apt-get to yum if you use an RPM-based image)
-      ##
-      - 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
-
-      ##
-      ## Run ssh-agent (inside the build environment)
-      ##
-      - eval $(ssh-agent -s)
-
-      ##
-      ## Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
-      ## We're using tr to fix line endings which makes ed25519 keys work
-      ## without extra base64 encoding.
-      ## https://gitlab.com/gitlab-examples/ssh-private-key/issues/1#note_48526556
-      ##
-      - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
-
-      ##
-      ## Create the SSH directory and give it the right permissions
-      ##
-      - mkdir -p ~/.ssh
-      - chmod 700 ~/.ssh
-
-      ##
-      ## Optionally, if you will be using any Git commands, set the user name and
-      ## and email.
-      ##
-      #- git config --global user.email "user@example.com"
-      #- git config --global user.name "User name"
-    ```
-
-    NOTE: **Note:**
-    The [`before_script`](../yaml/README.md#before_script-and-after_script) can be set globally
-    or per-job.
+   ```yaml
+   before_script:
+     ##
+     ## Install ssh-agent if not already installed, it is required by Docker.
+     ## (change apt-get to yum if you use an RPM-based image)
+     ##
+     - 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
+
+     ##
+     ## Run ssh-agent (inside the build environment)
+     ##
+     - eval $(ssh-agent -s)
+
+     ##
+     ## Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
+     ## We're using tr to fix line endings which makes ed25519 keys work
+     ## without extra base64 encoding.
+     ## https://gitlab.com/gitlab-examples/ssh-private-key/issues/1#note_48526556
+     ##
+     - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
+
+     ##
+     ## Create the SSH directory and give it the right permissions
+     ##
+     - mkdir -p ~/.ssh
+     - chmod 700 ~/.ssh
+
+     ##
+     ## Optionally, if you will be using any Git commands, set the user name and
+     ## and email.
+     ##
+     #- git config --global user.email "user@example.com"
+     #- git config --global user.name "User name"
+   ```
+
+   NOTE: **Note:**
+   The [`before_script`](../yaml/README.md#before_script-and-after_script) can be set globally
+   or per-job.
 
 1. Make sure the private server's [SSH host keys are verified](#verifying-the-ssh-host-keys).
 
@@ -118,9 +118,9 @@ on, and use that key for all projects that are run on this machine.
 
 1. Then from the terminal login as the `gitlab-runner` user:
 
-    ```
-    sudo su - gitlab-runner
-    ```
+   ```
+   sudo su - gitlab-runner
+   ```
 
 1. Generate the SSH key pair as described in the instructions to
    [generate an SSH key](../../ssh/README.md#generating-a-new-ssh-key-pair).
diff --git a/doc/ci/yaml/README.md b/doc/ci/yaml/README.md
index 201047b70b9..a6051e87366 100644
--- a/doc/ci/yaml/README.md
+++ b/doc/ci/yaml/README.md
@@ -2468,20 +2468,20 @@ There are three possible values: `none`, `normal`, and `recursive`:
 - `normal` means that only the top-level submodules will be included. It is
   equivalent to:
 
-    ```
-    git submodule sync
-    git submodule update --init
-    ```
+  ```
+  git submodule sync
+  git submodule update --init
+  ```
 
 - `recursive` means that all submodules (including submodules of submodules)
   will be included. This feature needs Git v1.8.1 and later. When using a
   GitLab Runner with an executor not based on Docker, make sure the Git version
   meets that requirement. It is equivalent to:
 
-    ```
-    git submodule sync --recursive
-    git submodule update --init --recursive
-    ```
+  ```
+  git submodule sync --recursive
+  git submodule update --init --recursive
+  ```
 
 Note that for this feature to work correctly, the submodules must be configured
 (in `.gitmodules`) with either:
-- 
cgit v1.2.1


From 8786f46c95cbc86c53880187f065adf6601061a6 Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Thu, 1 Aug 2019 02:52:28 +0000
Subject: Add error message troubleshooting to npm registry doc

Add contributed error message and possible solution to npm
registry doc, added to a new troubleshooting section added
to the end of the doc.
---
 doc/user/project/packages/npm_registry.md | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/doc/user/project/packages/npm_registry.md b/doc/user/project/packages/npm_registry.md
index ca0aa9965ef..e01bac6b26f 100644
--- a/doc/user/project/packages/npm_registry.md
+++ b/doc/user/project/packages/npm_registry.md
@@ -81,6 +81,10 @@ domain name.
 
 You should now be able to download and upload NPM packages to your project.
 
+NOTE: **Note:**
+If you encounter an error message with [Yarn](https://yarnpkg.com/en/), see the
+[troubleshooting section](#troubleshooting).
+
 ## Uploading packages
 
 Before you will be able to upload a package, you need to specify the registry
@@ -116,3 +120,29 @@ a given scope, you will receive a `403 Forbidden!` error.
 If you upload a package with a same name and version twice, GitLab will show
 both packages in the UI, but the GitLab NPM Registry will expose the most recent
 one as it supports only one package per version for `npm install`.
+
+## Troubleshooting
+
+### Error running yarn with NPM registry
+
+If you are using [yarn](https://yarnpkg.com/en/) with the NPM registry, you may get
+an error message like:
+
+```sh
+yarn install v1.15.2
+warning package.json: No license field
+info No lockfile found.
+warning XXX: No license field
+[1/4] 🔍  Resolving packages...
+[2/4] 🚚  Fetching packages...
+error An unexpected error occurred: "https://gitlab.com/api/v4/projects/XXX/packages/npm/XXX/XXX/-/XXX/XXX-X.X.X.tgz: Request failed \"404 Not Found\"".
+info If you think this is a bug, please open a bug report with the information provided in "/Users/XXX/gitlab-migration/module-util/yarn-error.log".
+info Visit https://yarnpkg.com/en/docs/cli/install for documentation about this command
+```
+
+In this case, try adding this to your `.npmrc` file (and replace `<your_oauth_token>`
+with your with your OAuth or personal access token):
+
+```text
+//gitlab.com/api/v4/projects/:_authToken=<your_oauth_token>
+```
-- 
cgit v1.2.1


From ad53457e09b7fee2fb7e7f2ae434aed31acb20fc Mon Sep 17 00:00:00 2001
From: Alexander Tanayno <atanayno@gitlab.com>
Date: Thu, 1 Aug 2019 03:01:56 +0000
Subject: Add note about private container registry

---
 doc/topics/autodevops/index.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md
index 1687a3aee72..63a72f8f193 100644
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -1069,6 +1069,12 @@ Container Registry. **Restarting a pod, scaling a service, or other actions whic
 require on-going access to the registry may fail**. On-going secure access is
 planned for a subsequent release.
 
+### Private registry support
+
+There is no documented way of using private container registry with Auto DevOps.
+We strongly advise using GitLab Container Registry with Auto DevOps in order to
+simplify configuration and prevent any unforeseen issues.
+
 ## Troubleshooting
 
 - Auto Build and Auto Test may fail in detecting your language/framework. There
-- 
cgit v1.2.1


From 1569dd5ba3163eba7098e3e50ee35c2e207ee4b8 Mon Sep 17 00:00:00 2001
From: Thong Kuah <tkuah@gitlab.com>
Date: Thu, 1 Aug 2019 16:06:03 +1200
Subject: Fix broken spec from file rename

b36323f3d26131405925bf86742b2b4acd786230
---
 spec/controllers/help_controller_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/controllers/help_controller_spec.rb b/spec/controllers/help_controller_spec.rb
index dbfacf4e42e..43c910da7a5 100644
--- a/spec/controllers/help_controller_spec.rb
+++ b/spec/controllers/help_controller_spec.rb
@@ -111,7 +111,7 @@ describe HelpController do
         it 'renders the raw file' do
           get :show,
               params: {
-                path: 'user/project/img/labels_default'
+                path: 'user/project/img/labels_default_v12_1'
               },
               format: :png
           expect(response).to be_success
-- 
cgit v1.2.1


From 23cc246066c6ba5242ff60049487983748679fd8 Mon Sep 17 00:00:00 2001
From: Jeremy Jackson <jjackson@gitlab.com>
Date: Thu, 1 Aug 2019 05:28:15 +0000
Subject: Adds new tracking interface for snowplow

This will ultimately replace the stats.js that
exists in EE.
---
 app/assets/javascripts/tracking.js          |  67 +++++++++++++++
 changelogs/unreleased/snowplow-ee-to-ce.yml |   5 ++
 doc/development/fe_guide/event_tracking.md  |  93 ++++++++++-----------
 spec/frontend/tracking_spec.js              | 123 ++++++++++++++++++++++++++++
 4 files changed, 240 insertions(+), 48 deletions(-)
 create mode 100644 app/assets/javascripts/tracking.js
 create mode 100644 changelogs/unreleased/snowplow-ee-to-ce.yml
 create mode 100644 spec/frontend/tracking_spec.js

diff --git a/app/assets/javascripts/tracking.js b/app/assets/javascripts/tracking.js
new file mode 100644
index 00000000000..2d0b099cf0b
--- /dev/null
+++ b/app/assets/javascripts/tracking.js
@@ -0,0 +1,67 @@
+import $ from 'jquery';
+
+const extractData = (el, opts = {}) => {
+  const { trackEvent, trackLabel = '', trackProperty = '' } = el.dataset;
+  let trackValue = el.dataset.trackValue || el.value || '';
+  if (el.type === 'checkbox' && !el.checked) trackValue = false;
+  return [
+    trackEvent + (opts.suffix || ''),
+    {
+      label: trackLabel,
+      property: trackProperty,
+      value: trackValue,
+    },
+  ];
+};
+
+export default class Tracking {
+  static enabled() {
+    return typeof window.snowplow === 'function';
+  }
+
+  static event(category = document.body.dataset.page, event = 'generic', data = {}) {
+    if (!this.enabled()) return false;
+    // eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings
+    if (!category) throw new Error('Tracking: no category provided for tracking.');
+
+    return window.snowplow(
+      'trackStructEvent',
+      category,
+      event,
+      Object.assign({}, { label: '', property: '', value: '' }, data),
+    );
+  }
+
+  constructor(category = document.body.dataset.page) {
+    this.category = category;
+  }
+
+  bind(container = document) {
+    if (!this.constructor.enabled()) return;
+    container.querySelectorAll(`[data-track-event]`).forEach(el => {
+      if (this.customHandlingFor(el)) return;
+      // jquery is required for select2, so we use it always
+      // see: https://github.com/select2/select2/issues/4686
+      $(el).on('click', this.eventHandler(this.category));
+    });
+  }
+
+  customHandlingFor(el) {
+    const classes = el.classList;
+
+    // bootstrap dropdowns
+    if (classes.contains('dropdown')) {
+      $(el).on('show.bs.dropdown', this.eventHandler(this.category, { suffix: '_show' }));
+      $(el).on('hide.bs.dropdown', this.eventHandler(this.category, { suffix: '_hide' }));
+      return true;
+    }
+
+    return false;
+  }
+
+  eventHandler(category = null, opts = {}) {
+    return e => {
+      this.constructor.event(category || this.category, ...extractData(e.currentTarget, opts));
+    };
+  }
+}
diff --git a/changelogs/unreleased/snowplow-ee-to-ce.yml b/changelogs/unreleased/snowplow-ee-to-ce.yml
new file mode 100644
index 00000000000..85c959f0510
--- /dev/null
+++ b/changelogs/unreleased/snowplow-ee-to-ce.yml
@@ -0,0 +1,5 @@
+---
+title: Moves snowplow tracking from ee to ce
+merge_request: 31160
+author: jejacks0n
+type: added
diff --git a/doc/development/fe_guide/event_tracking.md b/doc/development/fe_guide/event_tracking.md
index 716f6ad7f92..1e6287d8f6d 100644
--- a/doc/development/fe_guide/event_tracking.md
+++ b/doc/development/fe_guide/event_tracking.md
@@ -1,79 +1,76 @@
 # Event Tracking
 
-We use [Snowplow](https://github.com/snowplow/snowplow) for tracking custom events (available in GitLab [Enterprise Edition](https://about.gitlab.com/pricing/) only).
+We use a tracking interface that wraps up [Snowplow](https://github.com/snowplow/snowplow) for tracking custom events. Snowplow implements page tracking, but also exposes custom event tracking.
 
-## Generic tracking function
-
-In addition to Snowplow's built-in method for tracking page views, we use a generic tracking function which enables us to selectively apply listeners to events.
-
-The generic tracking function can be imported in EE-specific JS files as follows:
+The tracking interface can be imported in JS files as follows:
 
 ```javascript
-import { trackEvent } from `ee/stats`;
+import Tracking from `~/tracking`;
 ```
 
-This gives the user access to the `trackEvent` method, which takes the following parameters:
+## Tracking in HAML or Vue templates
 
-| parameter        | type   | description                                                                                                                                                                                                                                                                                                                            | required |
-| ---------------- | ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- |
-| `category`       | string | Describes the page that you're capturing click events on. Unless infeasible, please use the Rails page attribute `document.body.dataset.page` by default.                                                                                                                                                                              | true     |
-| `eventName`      | string | Describes the action the user is taking. The first word should always describe the action. For example, clicks should be `click` and activations should be `activate`. Use underscores to describe what was acted on. For example, activating a form field would be `activate_form_input`. Clicking on a dropdown is `click_dropdown`. | true     |
-| `additionalData` | object | Additional data such as `label`, `property`, and `value` as described [in our Feature Instrumentation taxonomy](https://about.gitlab.com/handbook/product/feature-instrumentation/#taxonomy).                                                                                                                                          | false    |
+To avoid having to do create a bunch of custom javascript event handlers, when working within HAML or Vue templates, we can add `data-track-*` attributes to elements of interest. This way, all elements that have a `data-track-event` attribute to automatically have event tracking bound.
 
-Read more about instrumentation and the taxonomy in the [Product Handbook](https://about.gitlab.com/handbook/product/feature-instrumentation).
-
-### Tracking in `.js` and `.vue` files
+Below is an example of `data-track-*` attributes assigned to a button in HAML:
 
-The most simple use case is to add tracking programmatically to an event of interest in Javascript.
+```haml
+%button.btn{ data: { track_event: "click_button", track_label: "template_preview", track_property: "my-template", track_value: "" } }
+```
 
-The following example demonstrates how to track a click on a button in Javascript by calling the `trackEvent` method explicitly:
+We can then setup tracking for large sections of a page, or an entire page by telling the Tracking interface to bind to it.
 
 ```javascript
-import { trackEvent } from `ee/stats`;
+import Tracking from '~/tracking';
 
-trackEvent('dashboard:projects:index', 'click_button', {
-    label: 'create_from_template',
-    property: 'template_preview',
-    value: 'rails',
+// for the entire document
+new Tracking().bind();
+
+// for a container element
+document.addEventListener('DOMContentLoaded', () => {
+  new Tracking('my_category').bind(document.getElementById('my-container'));
 });
+
 ```
 
-### Tracking in HAML templates
+When you instantiate a Tracking instance you can provide a category. If none is provided, `document.body.dataset.page` will be used. When you bind the Tracking instance you can provide an element. If no element is provided to bind to, the `document` is assumed.
 
-Sometimes we want to track clicks for multiple elements on a page. Creating event handlers for all elements could soon turn into a tedious task.
+Below is a list of supported `data-track-*` attributes:
 
-There's a more convenient solution to this problem. When working with HAML templates, we can add `data-track-*` attributes to elements of interest. This way, all elements that have both `data-track-label` and `data-track-event` attributes assigned get marked for event tracking. All we have to do is call the `bindTrackableContainer` method on a container which allows for better scoping.
+| attribute             | required | description |
+|:----------------------|:---------|:------------|
+| `data-track-event`    | true     | Action the user is taking. Clicks should be `click` and activations should be `activate`, so for example, focusing a form field would be `activate_form_input`, and clicking a button would be `click_button`. |
+| `data-track-label`    | false    | The `label` as described [in our Feature Instrumentation taxonomy](https://about.gitlab.com/handbook/product/feature-instrumentation/#taxonomy) |
+| `data-track-property` | false    | The `property` as described [in our Feature Instrumentation taxonomy](https://about.gitlab.com/handbook/product/feature-instrumentation/#taxonomy)
+| `data-track-value`    | false    | The `value` as described [in our Feature Instrumentation taxonomy](https://about.gitlab.com/handbook/product/feature-instrumentation/#taxonomy). If omitted, this will be the elements `value` property or an empty string. For checkboxes, the default value will be the element's checked attribute or `false` when unchecked. 
 
-Below is an example of `data-track-*` attributes assigned to a button in HAML:
 
-```ruby
-%button.btn{ data: { track_label: "template_preview", track_property: "my-template", track_event: "click_button", track_value: "" } }
-```
-
-By calling `bindTrackableContainer('.my-container')`, click handlers get bound to all elements located in `.my-container` provided that they have the necessary `data-track-*` attributes assigned to them.
+## Tracking in raw Javascript
 
-```javascript
-import Stats from 'ee/stats';
+Custom events can be tracked by directly calling the `Tracking.event` static function, which accepts the following arguments:
 
-document.addEventListener('DOMContentLoaded', () => {
-  Stats.bindTrackableContainer('.my-container', 'category');
-});
-```
+| argument   | type   | default value              | description |
+|:-----------|:-------|:---------------------------|:------------|
+| `category` | string | document.body.dataset.page | Page or subsection of a page that events are being captured within. |
+| `event`    | string | 'generic'                  | Action the user is taking. Clicks should be `click` and activations should be `activate`, so for example, focusing a form field would be `activate_form_input`, and clicking a button would be `click_button`. |
+| `data`     | object | {}                         | Additional data such as `label`, `property`, and `value` as described [in our Feature Instrumentation taxonomy](https://about.gitlab.com/handbook/product/feature-instrumentation/#taxonomy). These will be set as empty strings if you don't provide them. |
 
-The second parameter in `bindTrackableContainer` is optional. If omitted, the value of `document.body.dataset.page` will be used as category instead.
+Tracking can be programmatically added to an event of interest in Javascript, and the following example demonstrates tracking a click on a button by calling `Tracking.event` manually.
 
-Below is a list of supported `data-track-*` attributes:
+```javascript
+import Tracking from `~/tracking`;
 
-| attribute             | description                                                                                                                                                                                                     | required |
-| --------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- |
-| `data-track-label`    | The `label` in `trackEvent`                                                                                                                                                                                     | true     |
-| `data-track-event`    | The `eventName` in `trackEvent`                                                                                                                                                                                 | true     |
-| `data-track-property` | The `property` in `trackEvent`. If omitted, an empty string will be used as a default value.                                                                                                                    | false    |
-| `data-track-value`    | The `value` in `trackEvent`. If omitted, this will be `target.value` or empty string. For checkboxes, the default value being tracked will be the element's checked attribute if `data-track-value` is omitted. | false    |
+document.getElementById('my_button').addEventListener('click', () => {
+  Tracking.event('dashboard:projects:index', 'click_button', {
+    label: 'create_from_template',
+    property: 'template_preview',
+    value: 'rails',
+  });
+})
+```
 
-Since Snowplow is an Enterprise Edition feature, it's necessary to create a CE backport when adding `data-track-*` attributes to HAML templates in most cases.
 
-## Testing
+## Toggling tracking on or off
 
 Snowplow can be enabled by navigating to:
 
diff --git a/spec/frontend/tracking_spec.js b/spec/frontend/tracking_spec.js
new file mode 100644
index 00000000000..7e462e9a6ce
--- /dev/null
+++ b/spec/frontend/tracking_spec.js
@@ -0,0 +1,123 @@
+import $ from 'jquery';
+import { setHTMLFixture } from './helpers/fixtures';
+
+import Tracking from '~/tracking';
+
+describe('Tracking', () => {
+  beforeEach(() => {
+    window.snowplow = window.snowplow || (() => {});
+  });
+
+  describe('.event', () => {
+    let snowplowSpy = null;
+
+    beforeEach(() => {
+      snowplowSpy = jest.spyOn(window, 'snowplow');
+    });
+
+    it('tracks to snowplow (our current tracking system)', () => {
+      Tracking.event('_category_', '_eventName_', { label: '_label_' });
+
+      expect(snowplowSpy).toHaveBeenCalledWith('trackStructEvent', '_category_', '_eventName_', {
+        label: '_label_',
+        property: '',
+        value: '',
+      });
+    });
+
+    it('skips tracking if snowplow is unavailable', () => {
+      window.snowplow = false;
+      Tracking.event('_category_', '_eventName_');
+
+      expect(snowplowSpy).not.toHaveBeenCalled();
+    });
+
+    it('skips tracking if ', () => {
+      window.snowplow = false;
+      Tracking.event('_category_', '_eventName_');
+
+      expect(snowplowSpy).not.toHaveBeenCalled();
+    });
+  });
+
+  describe('tracking interface events', () => {
+    let eventSpy = null;
+    let subject = null;
+
+    beforeEach(() => {
+      eventSpy = jest.spyOn(Tracking, 'event');
+      subject = new Tracking('_category_');
+      setHTMLFixture(`
+        <input data-track-event="click_input1" data-track-label="_label_" value="_value_"/>
+        <input data-track-event="click_input2" data-track-value="_value_override_" value="_value_"/>
+        <input type="checkbox" data-track-event="toggle_checkbox" value="_value_" checked/>
+        <input class="dropdown" data-track-event="toggle_dropdown"/>
+        <div class="js-projects-list-holder"></div>
+      `);
+    });
+
+    it('binds to clicks on elements matching [data-track-event]', () => {
+      subject.bind(document);
+      $('[data-track-event="click_input1"]').click();
+
+      expect(eventSpy).toHaveBeenCalledWith('_category_', 'click_input1', {
+        label: '_label_',
+        value: '_value_',
+        property: '',
+      });
+    });
+
+    it('allows value override with the data-track-value attribute', () => {
+      subject.bind(document);
+      $('[data-track-event="click_input2"]').click();
+
+      expect(eventSpy).toHaveBeenCalledWith('_category_', 'click_input2', {
+        label: '',
+        value: '_value_override_',
+        property: '',
+      });
+    });
+
+    it('handles checkbox values correctly', () => {
+      subject.bind(document);
+      const $checkbox = $('[data-track-event="toggle_checkbox"]');
+
+      $checkbox.click(); // unchecking
+
+      expect(eventSpy).toHaveBeenCalledWith('_category_', 'toggle_checkbox', {
+        label: '',
+        property: '',
+        value: false,
+      });
+
+      $checkbox.click(); // checking
+
+      expect(eventSpy).toHaveBeenCalledWith('_category_', 'toggle_checkbox', {
+        label: '',
+        property: '',
+        value: '_value_',
+      });
+    });
+
+    it('handles bootstrap dropdowns', () => {
+      new Tracking('_category_').bind(document);
+      const $dropdown = $('[data-track-event="toggle_dropdown"]');
+
+      $dropdown.trigger('show.bs.dropdown'); // showing
+
+      expect(eventSpy).toHaveBeenCalledWith('_category_', 'toggle_dropdown_show', {
+        label: '',
+        property: '',
+        value: '',
+      });
+
+      $dropdown.trigger('hide.bs.dropdown'); // hiding
+
+      expect(eventSpy).toHaveBeenCalledWith('_category_', 'toggle_dropdown_hide', {
+        label: '',
+        property: '',
+        value: '',
+      });
+    });
+  });
+});
-- 
cgit v1.2.1


From 6bc6592a4360b437e6dd7943a37c068e595c57e8 Mon Sep 17 00:00:00 2001
From: Martin Wortschack <mwortschack@gitlab.com>
Date: Thu, 1 Aug 2019 06:00:08 +0000
Subject: (CE Port) Add filters for Productivity Analytics

---
 app/views/shared/issuable/_search_bar.html.haml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/views/shared/issuable/_search_bar.html.haml b/app/views/shared/issuable/_search_bar.html.haml
index e253413929a..c9458475aa5 100644
--- a/app/views/shared/issuable/_search_bar.html.haml
+++ b/app/views/shared/issuable/_search_bar.html.haml
@@ -1,6 +1,7 @@
 - type = local_assigns.fetch(:type)
 - board = local_assigns.fetch(:board, nil)
-- block_css_class = type != :boards_modal ? 'row-content-block second-block' : ''
+- is_not_boards_modal_or_productivity_analytics = type != :boards_modal && type != :productivity_analytics
+- block_css_class = is_not_boards_modal_or_productivity_analytics ? 'row-content-block second-block' : ''
 - user_can_admin_list = board && can?(current_user, :admin_list, board.parent)
 
 .issues-filters{ class: ("w-100" if type == :boards_modal) }
@@ -155,5 +156,5 @@
               - if @project
                 #js-add-issues-btn.prepend-left-10{ data: { can_admin_list: can?(current_user, :admin_list, @project) } }
             #js-toggle-focus-btn
-          - elsif type != :boards_modal
+          - elsif is_not_boards_modal_or_productivity_analytics
             = render 'shared/issuable/sort_dropdown'
-- 
cgit v1.2.1


From 9225eb13ca5b4cae1b09b622b26fafd1c45a9e9c Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Wed, 31 Jul 2019 23:07:42 -0700
Subject: Add additional paths to clean from backtrace

`Gitlab::Profiler` can also be used to profile Sidekiq jobs.
Add some call traces that can be omitted from the backtrace.
---
 lib/gitlab/profiler.rb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/gitlab/profiler.rb b/lib/gitlab/profiler.rb
index 615c0ec374c..ec7671f9a8b 100644
--- a/lib/gitlab/profiler.rb
+++ b/lib/gitlab/profiler.rb
@@ -21,6 +21,9 @@ module Gitlab
       lib/gitlab/profiler.rb
       lib/gitlab/correlation_id.rb
       lib/gitlab/webpack/dev_server_middleware.rb
+      lib/gitlab/sidekiq_status/
+      lib/gitlab/sidekiq_logging/
+      lib/gitlab/sidekiq_middleware/
     ].freeze
 
     # Takes a URL to profile (can be a fully-qualified URL, or an absolute path)
-- 
cgit v1.2.1


From 177a3c86896af4b1ddc9a457d1c4fbfe2e38d800 Mon Sep 17 00:00:00 2001
From: Mark Lapierre <mlapierre@gitlab.com>
Date: Thu, 1 Aug 2019 16:27:31 +1000
Subject: Quarantine flaky e2e test

---
 qa/qa/specs/features/browser_ui/1_manage/login/login_via_oauth_spec.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/qa/qa/specs/features/browser_ui/1_manage/login/login_via_oauth_spec.rb b/qa/qa/specs/features/browser_ui/1_manage/login/login_via_oauth_spec.rb
index a118176eb8a..db99488160b 100644
--- a/qa/qa/specs/features/browser_ui/1_manage/login/login_via_oauth_spec.rb
+++ b/qa/qa/specs/features/browser_ui/1_manage/login/login_via_oauth_spec.rb
@@ -1,7 +1,8 @@
 # frozen_string_literal: true
 
 module QA
-  context 'Manage', :orchestrated, :oauth do
+  # Failure issue: https://gitlab.com/gitlab-org/quality/nightly/issues/121
+  context 'Manage', :orchestrated, :oauth, :quarantine do
     describe 'OAuth login' do
       it 'User logs in to GitLab with GitHub OAuth' do
         Runtime::Browser.visit(:gitlab, Page::Main::Login)
-- 
cgit v1.2.1


From ad228df77421c1b312cdfc6288d1ec57c6a421df Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Thu, 1 Aug 2019 08:37:18 +0000
Subject: General improvements to LDAP docs

---
 doc/administration/auth/ldap-ee.md | 126 ++++++++++++++++++++-----------------
 doc/administration/auth/ldap.md    |  50 ++++++++++-----
 2 files changed, 103 insertions(+), 73 deletions(-)

diff --git a/doc/administration/auth/ldap-ee.md b/doc/administration/auth/ldap-ee.md
index 1b7af2d945a..34f3cfa353f 100644
--- a/doc/administration/auth/ldap-ee.md
+++ b/doc/administration/auth/ldap-ee.md
@@ -4,37 +4,27 @@ type: reference
 
 # LDAP Additions in GitLab EE **(STARTER ONLY)**
 
-This is a continuation of the main [LDAP documentation](ldap.md), detailing LDAP
-features specific to GitLab Enterprise Edition Starter, Premium and Ultimate.
+This section documents LDAP features specific to to GitLab Enterprise Edition
+[Starter](https://about.gitlab.com/pricing/#self-managed) and above.
 
-## Overview
-
-[LDAP](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol)
-stands for **Lightweight Directory Access Protocol**, which
-is a standard application protocol for
-accessing and maintaining distributed directory information services
-over an Internet Protocol (IP) network.
-
-GitLab integrates with LDAP to support **user authentication**. This integration
-works with most LDAP-compliant directory servers, including Microsoft Active
-Directory, Apple Open Directory, Open LDAP, and 389 Server.
-**GitLab Enterprise Edition** includes enhanced integration, including group
-membership syncing.
+For documentation relevant to both Community Edition and Enterprise Edition,
+see the main [LDAP documentation](ldap.md).
 
 ## Use cases
 
-- User sync: Once a day, GitLab will update users against LDAP
+- User sync: Once a day, GitLab will update users against LDAP.
 - Group sync: Once an hour, GitLab will update group membership
-  based on LDAP group members
+  based on LDAP group members.
 
-## Multiple LDAP servers
+## Multiple LDAP servers **(STARTER ONLY)**
 
 With GitLab Enterprise Edition Starter, you can configure multiple LDAP servers
 that your GitLab instance will connect to.
 
-To add another LDAP server, you can start by duplicating the settings under
-[the main configuration](ldap.md#configuration) and edit them to match the
-additional LDAP server.
+To add another LDAP server:
+
+1. Duplicating the settings under [the main configuration](ldap.md#configuration).
+1. Edit them to match the additional LDAP server.
 
 Be sure to choose a different provider ID made of letters a-z and numbers 0-9.
 This ID will be stored in the database so that GitLab can remember which LDAP
@@ -47,19 +37,19 @@ users against LDAP.
 
 The process will execute the following access checks:
 
-1. Ensure the user is still present in LDAP
-1. If the LDAP server is Active Directory, ensure the user is active (not
-   blocked/disabled state). This will only be checked if
-   `active_directory: true` is set in the LDAP configuration [^1]
+- Ensure the user is still present in LDAP.
+- If the LDAP server is Active Directory, ensure the user is active (not
+  blocked/disabled state). This will only be checked if
+  `active_directory: true` is set in the LDAP configuration. [^1]
 
 The user will be set to `ldap_blocked` state in GitLab if the above conditions
 fail. This means the user will not be able to login or push/pull code.
 
 The process will also update the following user information:
 
-1. Email address
-1. If `sync_ssh_keys` is set, SSH public keys
-1. If Kerberos is enabled, Kerberos identity
+- Email address.
+- If `sync_ssh_keys` is set, SSH public keys.
+- If Kerberos is enabled, Kerberos identity.
 
 NOTE: **Note:**
 The LDAP sync process updates existing users while new users will
@@ -72,9 +62,6 @@ first time GitLab will trigger a sync for groups the user should be a member of.
 That way they don't need to wait for the hourly sync to be granted
 access to their groups and projects.
 
-In GitLab Premium, we can also add a GitLab group to sync with one or multiple LDAP groups or we can
-also add a filter. The filter must comply with the syntax defined in [RFC 2254](https://tools.ietf.org/search/rfc2254).
-
 A group sync process will run every hour on the hour, and `group_base` must be set
 in LDAP configuration for LDAP synchronizations based on group CN to work. This allows
 GitLab group membership to be automatically updated based on LDAP group members.
@@ -120,13 +107,26 @@ following.
 
 1. [Restart GitLab][restart] for the changes to take effect.
 
----
-
 To take advantage of group sync, group owners or maintainers will need to create an
-LDAP group link in their group **Settings > LDAP Groups** page. Multiple LDAP
-groups and/or filters can be linked with a single GitLab group. When the link is
-created, an access level/role is specified (Guest, Reporter, Developer, Maintainer,
-or Owner).
+LDAP group link in their group **Settings > LDAP Groups** page.
+
+Multiple LDAP groups and [filters](#filters-premium-only) can be linked with
+a single GitLab group. When the link is created, an access level/role is
+specified (Guest, Reporter, Developer, Maintainer, or Owner).
+
+### Filters **(PREMIUM ONLY)**
+
+In GitLab Premium, you can add an LDAP user filter for group synchronization.
+Filters allow for complex logic without creating a special LDAP group.
+
+To sync GitLab group membership based on an LDAP filter:
+
+1. Open the **LDAP Synchronization** page for the GitLab group.
+1. Select **LDAP user filter** as the **Sync method**.
+1. Enter an LDAP user filter in the **LDAP user filter** field.
+
+The filter must comply with the
+syntax defined in [RFC 2254](https://tools.ietf.org/search/rfc2254).
 
 ## Administrator sync
 
@@ -190,10 +190,13 @@ group, as opposed to the full DN.
 ## Global group memberships lock
 
 "Lock memberships to LDAP synchronization" setting allows instance administrators
-to lock down user abilities to invite new members to a group. When enabled following happens:
+to lock down user abilities to invite new members to a group.
+
+When enabled, the following applies:
 
-1. Only administrator can manage memberships of any group including access levels.
-1. Users are not allowed to share project with other groups or invite members to a project created in a group.
+- Only administrator can manage memberships of any group including access levels.
+- Users are not allowed to share project with other groups or invite members to
+  a project created in a group.
 
 ## Adjusting LDAP user sync schedule
 
@@ -333,10 +336,18 @@ administrative duties.
 
 ### Supported LDAP group types/attributes
 
-GitLab supports LDAP groups that use member attributes `member`, `submember`,
-`uniquemember`, `memberof` and `memberuid`. This means group sync supports, at
-least, LDAP groups with object class `groupOfNames`, `posixGroup`, and
-`groupOfUniqueName`. Other object classes should work fine as long as members
+GitLab supports LDAP groups that use member attributes:
+
+- `member`
+- `submember`
+- `uniquemember`
+- `memberof`
+- `memberuid`.
+
+This means group sync supports, at least, LDAP groups with object class:
+`groupOfNames`, `posixGroup`, and `groupOfUniqueName`.
+
+Other object classes should work fine as long as members
 are defined as one of the mentioned attributes. This also means GitLab supports
 Microsoft Active Directory, Apple Open Directory, Open LDAP, and 389 Server.
 Other LDAP servers should work, too.
@@ -344,11 +355,12 @@ Other LDAP servers should work, too.
 Active Directory also supports nested groups. Group sync will recursively
 resolve membership if `active_directory: true` is set in the configuration file.
 
-> **Note:** Nested group membership will only be resolved if the nested group
-  also falls within the configured `group_base`. For example, if GitLab sees a
-  nested group with DN `cn=nested_group,ou=special_groups,dc=example,dc=com` but
-  the configured `group_base` is `ou=groups,dc=example,dc=com`, `cn=nested_group`
-  will be ignored.
+NOTE: **Note:**
+Nested group membership will only be resolved if the nested group
+also falls within the configured `group_base`. For example, if GitLab sees a
+nested group with DN `cn=nested_group,ou=special_groups,dc=example,dc=com` but
+the configured `group_base` is `ou=groups,dc=example,dc=com`, `cn=nested_group`
+will be ignored.
 
 ### Queries
 
@@ -403,7 +415,7 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
 
 [^1]: In Active Directory, a user is marked as disabled/blocked if the user
       account control attribute (`userAccountControl:1.2.840.113556.1.4.803`)
-      has bit 2 set. See https://ctogonewild.com/2009/09/03/bitmask-searches-in-ldap/
+      has bit 2 set. See <https://ctogonewild.com/2009/09/03/bitmask-searches-in-ldap/>
       for more information.
 
 ### User DN has changed
@@ -423,10 +435,10 @@ things to check to debug the situation.
 - Ensure LDAP configuration has a `group_base` specified. This configuration is
   required for group sync to work properly.
 - Ensure the correct LDAP group link is added to the GitLab group. Check group
-  links by visiting the GitLab group, then **Settings dropdown -> LDAP groups**.
-- Check that the user has an LDAP identity
+  links by visiting the GitLab group, then **Settings dropdown > LDAP groups**.
+- Check that the user has an LDAP identity:
   1. Sign in to GitLab as an administrator user.
-  1. Navigate to **Admin area -> Users**.
+  1. Navigate to **Admin area > Users**.
   1. Search for the user
   1. Open the user, by clicking on their name. Do not click 'Edit'.
   1. Navigate to the **Identities** tab. There should be an LDAP identity with
@@ -437,7 +449,7 @@ Often, the best way to learn more about why group sync is behaving a certain
 way is to enable debug logging. There is verbose output that details every
 step of the sync.
 
-1. Start a Rails console
+1. Start a Rails console:
 
    ```bash
    # For Omnibus installations
@@ -446,6 +458,7 @@ step of the sync.
    # For installations from source
    sudo -u git -H bundle exec rails console production
    ```
+
 1. Set the log level to debug (only for this session):
 
    ```ruby
@@ -540,8 +553,9 @@ and more DNs may be added, or existing entries modified, based on additional
 LDAP group lookups. The very last occurrence of this entry should indicate
 exactly which users GitLab believes should be added to the group.
 
-> **Note:** 10 is 'Guest', 20 is 'Reporter', 30 is 'Developer', 40 is 'Maintainer'
-  and 50 is 'Owner'
+NOTE: **Note:**
+10 is 'Guest', 20 is 'Reporter', 30 is 'Developer', 40 is 'Maintainer'
+and 50 is 'Owner'.
 
 ```bash
 Resolved 'my_group' group member access: {"uid=john0,ou=people,dc=example,dc=com"=>30,
diff --git a/doc/administration/auth/ldap.md b/doc/administration/auth/ldap.md
index be05a4d63a7..beacaa99d60 100644
--- a/doc/administration/auth/ldap.md
+++ b/doc/administration/auth/ldap.md
@@ -7,16 +7,29 @@ type: reference
 # LDAP
 
 GitLab integrates with LDAP to support user authentication.
-This integration works with most LDAP-compliant directory
-servers, including Microsoft Active Directory, Apple Open Directory, Open LDAP,
-and 389 Server. GitLab Enterprise Editions include enhanced integration,
+
+This integration works with most LDAP-compliant directory servers, including:
+
+- Microsoft Active Directory
+- Apple Open Directory
+- Open LDAP
+- 389 Server.
+
+GitLab Enterprise Editions (EE) include enhanced integration,
 including group membership syncing as well as multiple LDAP servers support.
 
-## GitLab EE
+For more details about EE-specific LDAP features, see the
+[LDAP Enterprise Edition documentation](ldap-ee.md).
 
-The information on this page is relevant for both GitLab CE and EE. For more
-details about EE-specific LDAP features, see the
-[LDAP Enterprise Edition documentation](ldap-ee.md). **(STARTER ONLY)**
+NOTE: **Note:**
+The information on this page is relevant for both GitLab CE and EE.
+
+## Overview
+
+[LDAP](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol)
+stands for **Lightweight Directory Access Protocol**, which is a standard
+application protocol for accessing and maintaining distributed directory
+information services over an Internet Protocol (IP) network.
 
 ## Security
 
@@ -64,9 +77,12 @@ NOTE: **Note**:
 In GitLab Enterprise Edition Starter, you can configure multiple LDAP servers
 to connect to one GitLab server.
 
-For a complete guide on configuring LDAP with GitLab Community Edition, please check
-the admin guide [How to configure LDAP with GitLab CE](how_to_configure_ldap_gitlab_ce/index.md).
-For GitLab Enterprise Editions, see also [How to configure LDAP with GitLab EE](how_to_configure_ldap_gitlab_ee/index.md). **(STARTER ONLY)**
+For a complete guide on configuring LDAP with:
+
+- GitLab Community Edition, see
+  [How to configure LDAP with GitLab CE](how_to_configure_ldap_gitlab_ce/index.md).
+- Enterprise Editions, see
+  [How to configure LDAP with GitLab EE](how_to_configure_ldap_gitlab_ee/index.md). **(STARTER ONLY)**
 
 To enable LDAP integration you need to add your LDAP server settings in
 `/etc/gitlab/gitlab.rb` or `/home/git/gitlab/config/gitlab.yml` for Omnibus
@@ -384,7 +400,7 @@ production:
 Tip: If you want to limit access to the nested members of an Active Directory
 group, you can use the following syntax:
 
-```
+```text
 (memberOf:1.2.840.113556.1.4.1941:=CN=My Group,DC=Example,DC=com)
 ```
 
@@ -402,13 +418,13 @@ The `user_filter` DN can contain special characters. For example:
 
 - A comma:
 
-  ```
+  ```text
   OU=GitLab, Inc,DC=gitlab,DC=com
   ```
 
 - Open and close brackets:
 
-  ```
+  ```text
   OU=Gitlab (Inc),DC=gitlab,DC=com
   ```
 
@@ -417,13 +433,13 @@ The `user_filter` DN can contain special characters. For example:
 
 - Escape commas with `\2C`. For example:
 
-  ```
+  ```text
   OU=GitLab\2C Inc,DC=gitlab,DC=com
   ```
 
 - Escape open and close brackets with `\28` and `\29`, respectively. For example:
 
-  ```
+  ```text
   OU=Gitlab \28Inc\29,DC=gitlab,DC=com
   ```
 
@@ -507,11 +523,11 @@ timeout), the login is rejected and a message will be logged to
 
 ### Debug LDAP user filter with ldapsearch
 
-This example uses ldapsearch and assumes you are using ActiveDirectory. The
+This example uses `ldapsearch` and assumes you are using ActiveDirectory. The
 following query returns the login names of the users that will be allowed to
 log in to GitLab if you configure your own user_filter.
 
-```
+```sh
 ldapsearch -H ldaps://$host:$port -D "$bind_dn" -y bind_dn_password.txt  -b "$base" "$user_filter" sAMAccountName
 ```
 
-- 
cgit v1.2.1


From 0e99daae4afdb90d74c4b0bfe5cb3e482bbb422e Mon Sep 17 00:00:00 2001
From: Patrick Derichs <pderichs@gitlab.com>
Date: Tue, 30 Jul 2019 20:25:49 +0200
Subject: Use NotesFinder in IssuableActions module

Remove project from NotesFinder constructor

Add project parameter to specs

Also look for methods in private scope

Fix specs to match new NotesFinder constructor
---
 app/controllers/concerns/issuable_actions.rb       |  22 ++--
 app/controllers/concerns/notes_actions.rb          |   2 +-
 app/controllers/projects/notes_controller.rb       |   2 +-
 app/controllers/snippets/notes_controller.rb       |   4 +-
 app/finders/notes_finder.rb                        |  42 +++++--
 lib/api/helpers/notes_helpers.rb                   |   2 +-
 lib/gitlab/project_search_results.rb               |   2 +-
 spec/controllers/concerns/issuable_actions_spec.rb |  69 ++++++++++++
 .../controllers/projects/issues_controller_spec.rb |  22 ++++
 .../projects/merge_requests_controller_spec.rb     |  16 +++
 spec/controllers/projects/notes_controller_spec.rb |   2 +-
 spec/finders/notes_finder_spec.rb                  | 123 ++++++++++++---------
 spec/fixtures/api/schemas/entities/discussion.json |  67 +++++++++++
 .../fixtures/api/schemas/entities/discussions.json |   4 +
 .../discussions_provider_shared_examples.rb        |  15 +++
 15 files changed, 316 insertions(+), 78 deletions(-)
 create mode 100644 spec/controllers/concerns/issuable_actions_spec.rb
 create mode 100644 spec/fixtures/api/schemas/entities/discussion.json
 create mode 100644 spec/fixtures/api/schemas/entities/discussions.json
 create mode 100644 spec/support/shared_examples/discussions_provider_shared_examples.rb

diff --git a/app/controllers/concerns/issuable_actions.rb b/app/controllers/concerns/issuable_actions.rb
index 6fa2f75be33..8a27b7f1c5f 100644
--- a/app/controllers/concerns/issuable_actions.rb
+++ b/app/controllers/concerns/issuable_actions.rb
@@ -98,13 +98,12 @@ module IssuableActions
     render json: { notice: "#{quantity} #{resource_name.pluralize(quantity)} updated" }
   end
 
-  # rubocop: disable CodeReuse/ActiveRecord
+  # rubocop:disable CodeReuse/ActiveRecord
   def discussions
-    notes = issuable.discussion_notes
-      .inc_relations_for_view
-      .with_notes_filter(notes_filter)
-      .includes(:noteable)
-      .fresh
+    notes = NotesFinder.new(current_user, finder_params_for_issuable).execute
+                .inc_relations_for_view
+                .includes(:noteable)
+                .fresh
 
     if notes_filter != UserPreference::NOTES_FILTERS[:only_comments]
       notes = ResourceEvents::MergeIntoNotesService.new(issuable, current_user).execute(notes)
@@ -117,7 +116,7 @@ module IssuableActions
 
     render json: discussion_serializer.represent(discussions, context: self)
   end
-  # rubocop: enable CodeReuse/ActiveRecord
+  # rubocop:enable CodeReuse/ActiveRecord
 
   private
 
@@ -222,4 +221,13 @@ module IssuableActions
   def parent
     @project || @group # rubocop:disable Gitlab/ModuleWithInstanceVariables
   end
+
+  # rubocop:disable Gitlab/ModuleWithInstanceVariables
+  def finder_params_for_issuable
+    {
+        target: @issuable,
+        notes_filter: notes_filter
+    }.tap { |hash| hash[:project] = project if respond_to?(:project, true) }
+  end
+  # rubocop:enable Gitlab/ModuleWithInstanceVariables
 end
diff --git a/app/controllers/concerns/notes_actions.rb b/app/controllers/concerns/notes_actions.rb
index 0098c4cdf4c..d2a961efff7 100644
--- a/app/controllers/concerns/notes_actions.rb
+++ b/app/controllers/concerns/notes_actions.rb
@@ -243,7 +243,7 @@ module NotesActions
   end
 
   def notes_finder
-    @notes_finder ||= NotesFinder.new(project, current_user, finder_params)
+    @notes_finder ||= NotesFinder.new(current_user, finder_params)
   end
 
   def note_serializer
diff --git a/app/controllers/projects/notes_controller.rb b/app/controllers/projects/notes_controller.rb
index 3152a38fd8e..65d9b074eee 100644
--- a/app/controllers/projects/notes_controller.rb
+++ b/app/controllers/projects/notes_controller.rb
@@ -68,7 +68,7 @@ class Projects::NotesController < Projects::ApplicationController
   alias_method :awardable, :note
 
   def finder_params
-    params.merge(last_fetched_at: last_fetched_at, notes_filter: notes_filter)
+    params.merge(project: project, last_fetched_at: last_fetched_at, notes_filter: notes_filter)
   end
 
   def authorize_admin_note!
diff --git a/app/controllers/snippets/notes_controller.rb b/app/controllers/snippets/notes_controller.rb
index 612897f27e6..1f016493c1f 100644
--- a/app/controllers/snippets/notes_controller.rb
+++ b/app/controllers/snippets/notes_controller.rb
@@ -27,7 +27,9 @@ class Snippets::NotesController < ApplicationController
   alias_method :noteable, :snippet
 
   def finder_params
-    params.merge(last_fetched_at: last_fetched_at, target_id: snippet.id, target_type: 'personal_snippet')
+    params.merge(last_fetched_at: last_fetched_at, target_id: snippet.id, target_type: 'personal_snippet').tap do |hash|
+      hash[:project] = project if respond_to?(:project)
+    end
   end
 
   def authorize_read_snippet!
diff --git a/app/finders/notes_finder.rb b/app/finders/notes_finder.rb
index 8f610d7dddb..f7d9100bb78 100644
--- a/app/finders/notes_finder.rb
+++ b/app/finders/notes_finder.rb
@@ -3,6 +3,8 @@
 class NotesFinder
   FETCH_OVERLAP = 5.seconds
 
+  attr_reader :target_type
+
   # Used to filter Notes
   # When used with target_type and target_id this returns notes specifically for the controller
   #
@@ -10,15 +12,17 @@ class NotesFinder
   #   current_user - which user check authorizations with
   #   project - which project to look for notes on
   #   params:
+  #     target: noteable
   #     target_type: string
   #     target_id: integer
   #     last_fetched_at: time
   #     search: string
   #
-  def initialize(project, current_user, params = {})
-    @project = project
+  def initialize(current_user, params = {})
+    @project = params[:project]
     @current_user = current_user
-    @params = params
+    @params = params.dup
+    @target_type = @params[:target_type]
   end
 
   def execute
@@ -32,7 +36,27 @@ class NotesFinder
   def target
     return @target if defined?(@target)
 
-    target_type = @params[:target_type]
+    if target_given?
+      use_explicit_target
+    else
+      find_target_by_type_and_ids
+    end
+  end
+
+  private
+
+  def target_given?
+    @params.key?(:target)
+  end
+
+  def use_explicit_target
+    @target = @params[:target]
+    @target_type = @target.class.name.underscore
+
+    @target
+  end
+
+  def find_target_by_type_and_ids
     target_id   = @params[:target_id]
     target_iid  = @params[:target_iid]
 
@@ -45,13 +69,11 @@ class NotesFinder
           @project.commit(target_id)
         end
       else
-        noteables_for_type_by_id(target_type, target_id, target_iid)
+        noteable_for_type_by_id(target_type, target_id, target_iid)
       end
   end
 
-  private
-
-  def noteables_for_type_by_id(type, id, iid)
+  def noteable_for_type_by_id(type, id, iid)
     query = if id
               { id: id }
             else
@@ -77,10 +99,6 @@ class NotesFinder
     search(notes)
   end
 
-  def target_type
-    @params[:target_type]
-  end
-
   # rubocop: disable CodeReuse/ActiveRecord
   def notes_of_any_type
     types = %w(commit issue merge_request snippet)
diff --git a/lib/api/helpers/notes_helpers.rb b/lib/api/helpers/notes_helpers.rb
index b03ac7deb71..7124ac0c5c3 100644
--- a/lib/api/helpers/notes_helpers.rb
+++ b/lib/api/helpers/notes_helpers.rb
@@ -76,7 +76,7 @@ module API
       def find_noteable(parent_type, parent_id, noteable_type, noteable_id)
         params = params_by_noteable_type_and_id(noteable_type, noteable_id)
 
-        noteable = NotesFinder.new(user_project, current_user, params).target
+        noteable = NotesFinder.new(current_user, params.merge(project: user_project)).target
         noteable = nil unless can?(current_user, noteable_read_ability_name(noteable), noteable)
         noteable || not_found!(noteable_type)
       end
diff --git a/lib/gitlab/project_search_results.rb b/lib/gitlab/project_search_results.rb
index 0f3b97e2317..827f4f77f36 100644
--- a/lib/gitlab/project_search_results.rb
+++ b/lib/gitlab/project_search_results.rb
@@ -108,7 +108,7 @@ module Gitlab
 
     # rubocop: disable CodeReuse/ActiveRecord
     def notes_finder(type)
-      NotesFinder.new(project, @current_user, search: query, target_type: type).execute.user.order('updated_at DESC')
+      NotesFinder.new(@current_user, search: query, target_type: type, project: project).execute.user.order('updated_at DESC')
     end
     # rubocop: enable CodeReuse/ActiveRecord
 
diff --git a/spec/controllers/concerns/issuable_actions_spec.rb b/spec/controllers/concerns/issuable_actions_spec.rb
new file mode 100644
index 00000000000..7b0b4497f3f
--- /dev/null
+++ b/spec/controllers/concerns/issuable_actions_spec.rb
@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe IssuableActions do
+  let(:project) { double('project') }
+  let(:user) { double('user') }
+  let(:issuable) { double('issuable') }
+  let(:finder_params_for_issuable) { {} }
+  let(:notes_result) { double('notes_result') }
+  let(:discussion_serializer) { double('discussion_serializer') }
+
+  let(:controller) do
+    klass = Class.new do
+      attr_reader :current_user, :project, :issuable
+
+      def self.before_action(action, params = nil)
+      end
+
+      include IssuableActions
+
+      def initialize(issuable, project, user, finder_params)
+        @issuable = issuable
+        @project = project
+        @current_user = user
+        @finder_params = finder_params
+      end
+
+      def finder_params_for_issuable
+        @finder_params
+      end
+
+      def params
+        {
+          notes_filter: 1
+        }
+      end
+
+      def prepare_notes_for_rendering(notes)
+        []
+      end
+
+      def render(options)
+      end
+    end
+
+    klass.new(issuable, project, user, finder_params_for_issuable)
+  end
+
+  describe '#discussions' do
+    before do
+      allow(user).to receive(:set_notes_filter)
+      allow(user).to receive(:user_preference)
+      allow(discussion_serializer).to receive(:represent)
+    end
+
+    it 'instantiates and calls NotesFinder as expected' do
+      expect(Discussion).to receive(:build_collection).and_return([])
+      expect(DiscussionSerializer).to receive(:new).and_return(discussion_serializer)
+      expect(NotesFinder).to receive(:new).with(user, finder_params_for_issuable).and_call_original
+
+      expect_any_instance_of(NotesFinder).to receive(:execute).and_return(notes_result)
+
+      expect(notes_result).to receive_messages(inc_relations_for_view: notes_result, includes: notes_result, fresh: notes_result)
+
+      controller.discussions
+    end
+  end
+end
diff --git a/spec/controllers/projects/issues_controller_spec.rb b/spec/controllers/projects/issues_controller_spec.rb
index 32d14dce936..0f885d776e1 100644
--- a/spec/controllers/projects/issues_controller_spec.rb
+++ b/spec/controllers/projects/issues_controller_spec.rb
@@ -1260,6 +1260,28 @@ describe Projects::IssuesController do
         sign_in(user)
       end
 
+      context do
+        it_behaves_like 'discussions provider' do
+          let!(:author) { create(:user) }
+          let!(:project) { create(:project) }
+
+          let!(:issue) { create(:issue, project: project, author: user) }
+
+          let!(:note_on_issue1) { create(:discussion_note_on_issue, noteable: issue, project: issue.project, author: create(:user)) }
+          let!(:note_on_issue2) { create(:discussion_note_on_issue, noteable: issue, project: issue.project, author: create(:user)) }
+
+          let(:requested_iid) { issue.iid }
+          let(:expected_discussion_count) { 3 }
+          let(:expected_discussion_ids) do
+            [
+              issue.notes.first.discussion_id,
+              note_on_issue1.discussion_id,
+              note_on_issue2.discussion_id
+            ]
+          end
+        end
+      end
+
       it 'returns discussion json' do
         get :discussions, params: { namespace_id: project.namespace, project_id: project, id: issue.iid }
 
diff --git a/spec/controllers/projects/merge_requests_controller_spec.rb b/spec/controllers/projects/merge_requests_controller_spec.rb
index 57a432de3f5..b1dc6a65dd4 100644
--- a/spec/controllers/projects/merge_requests_controller_spec.rb
+++ b/spec/controllers/projects/merge_requests_controller_spec.rb
@@ -1210,6 +1210,22 @@ describe Projects::MergeRequestsController do
         end
       end
     end
+
+    context do
+      it_behaves_like 'discussions provider' do
+        let!(:author) { create(:user) }
+        let!(:project) { create(:project) }
+
+        let!(:merge_request) { create(:merge_request, source_project: project) }
+
+        let!(:mr_note1) { create(:discussion_note_on_merge_request, noteable: merge_request, project: project) }
+        let!(:mr_note2) { create(:discussion_note_on_merge_request, noteable: merge_request, project: project) }
+
+        let(:requested_iid) { merge_request.iid }
+        let(:expected_discussion_count) { 2 }
+        let(:expected_discussion_ids) { [mr_note1.discussion_id, mr_note2.discussion_id] }
+      end
+    end
   end
 
   describe 'GET edit' do
diff --git a/spec/controllers/projects/notes_controller_spec.rb b/spec/controllers/projects/notes_controller_spec.rb
index 98aea9056dc..9ab565dc2e8 100644
--- a/spec/controllers/projects/notes_controller_spec.rb
+++ b/spec/controllers/projects/notes_controller_spec.rb
@@ -43,7 +43,7 @@ describe Projects::NotesController do
       request.headers['X-Last-Fetched-At'] = last_fetched_at
 
       expect(NotesFinder).to receive(:new)
-        .with(anything, anything, hash_including(last_fetched_at: last_fetched_at))
+        .with(anything, hash_including(last_fetched_at: last_fetched_at))
         .and_call_original
 
       get :index, params: request_params
diff --git a/spec/finders/notes_finder_spec.rb b/spec/finders/notes_finder_spec.rb
index 87bde4ca2f6..88906adfeeb 100644
--- a/spec/finders/notes_finder_spec.rb
+++ b/spec/finders/notes_finder_spec.rb
@@ -14,7 +14,7 @@ describe NotesFinder do
       let!(:system_note) { create(:note_on_issue, project: project, system: true) }
 
       it 'returns only user notes when using only_comments filter' do
-        finder = described_class.new(project, user, notes_filter: UserPreference::NOTES_FILTERS[:only_comments])
+        finder = described_class.new(user, project: project, notes_filter: UserPreference::NOTES_FILTERS[:only_comments])
 
         notes = finder.execute
 
@@ -22,7 +22,7 @@ describe NotesFinder do
       end
 
       it 'returns only system notes when using only_activity filters' do
-        finder = described_class.new(project, user, notes_filter: UserPreference::NOTES_FILTERS[:only_activity])
+        finder = described_class.new(user, project: project, notes_filter: UserPreference::NOTES_FILTERS[:only_activity])
 
         notes = finder.execute
 
@@ -30,7 +30,7 @@ describe NotesFinder do
       end
 
       it 'gets all notes' do
-        finder = described_class.new(project, user, notes_filter: UserPreference::NOTES_FILTERS[:all_activity])
+        finder = described_class.new(user, project: project, notes_filter: UserPreference::NOTES_FILTERS[:all_activity])
 
         notes = finder.execute
 
@@ -41,7 +41,7 @@ describe NotesFinder do
     it 'finds notes on merge requests' do
       create(:note_on_merge_request, project: project)
 
-      notes = described_class.new(project, user).execute
+      notes = described_class.new(user, project: project).execute
 
       expect(notes.count).to eq(1)
     end
@@ -49,7 +49,7 @@ describe NotesFinder do
     it 'finds notes on snippets' do
       create(:note_on_project_snippet, project: project)
 
-      notes = described_class.new(project, user).execute
+      notes = described_class.new(user, project: project).execute
 
       expect(notes.count).to eq(1)
     end
@@ -59,13 +59,13 @@ describe NotesFinder do
       note = create(:note_on_commit, project: project)
       params = { target_type: 'commit', target_id: note.noteable.id }
 
-      notes = described_class.new(project, create(:user), params).execute
+      notes = described_class.new(create(:user), params).execute
 
       expect(notes.count).to eq(0)
     end
 
     it 'succeeds when no notes found' do
-      notes = described_class.new(project, create(:user)).execute
+      notes = described_class.new(create(:user), project: project).execute
 
       expect(notes.count).to eq(0)
     end
@@ -82,7 +82,7 @@ describe NotesFinder do
       it 'publicly excludes notes on merge requests' do
         create(:note_on_merge_request, project: project)
 
-        notes = described_class.new(project, create(:user)).execute
+        notes = described_class.new(create(:user), project: project).execute
 
         expect(notes.count).to eq(0)
       end
@@ -90,7 +90,7 @@ describe NotesFinder do
       it 'publicly excludes notes on issues' do
         create(:note_on_issue, project: project)
 
-        notes = described_class.new(project, create(:user)).execute
+        notes = described_class.new(create(:user), project: project).execute
 
         expect(notes.count).to eq(0)
       end
@@ -98,7 +98,7 @@ describe NotesFinder do
       it 'publicly excludes notes on snippets' do
         create(:note_on_project_snippet, project: project)
 
-        notes = described_class.new(project, create(:user)).execute
+        notes = described_class.new(create(:user), project: project).execute
 
         expect(notes.count).to eq(0)
       end
@@ -110,7 +110,7 @@ describe NotesFinder do
       let!(:note2) { create :note_on_commit, project: project }
 
       it 'finds only notes for the selected type' do
-        notes = described_class.new(project, user, target_type: 'issue').execute
+        notes = described_class.new(user, project: project, target_type: 'issue').execute
 
         expect(notes).to eq([note1])
       end
@@ -118,56 +118,51 @@ describe NotesFinder do
 
     context 'for target' do
       let(:project) { create(:project, :repository) }
-      let(:note1) { create :note_on_commit, project: project }
-      let(:note2) { create :note_on_commit, project: project }
+      let!(:note1) { create :note_on_commit, project: project }
+      let!(:note2) { create :note_on_commit, project: project }
       let(:commit) { note1.noteable }
-      let(:params) { { target_id: commit.id, target_type: 'commit', last_fetched_at: 1.hour.ago.to_i } }
-
-      before do
-        note1
-        note2
-      end
+      let(:params) { { project: project, target_id: commit.id, target_type: 'commit', last_fetched_at: 1.hour.ago.to_i } }
 
       it 'finds all notes' do
-        notes = described_class.new(project, user, params).execute
+        notes = described_class.new(user, params).execute
         expect(notes.size).to eq(2)
       end
 
       it 'finds notes on merge requests' do
         note = create(:note_on_merge_request, project: project)
-        params = { target_type: 'merge_request', target_id: note.noteable.id }
+        params = { project: project, target_type: 'merge_request', target_id: note.noteable.id }
 
-        notes = described_class.new(project, user, params).execute
+        notes = described_class.new(user, params).execute
 
         expect(notes).to include(note)
       end
 
       it 'finds notes on snippets' do
         note = create(:note_on_project_snippet, project: project)
-        params = { target_type: 'snippet', target_id: note.noteable.id }
+        params = { project: project, target_type: 'snippet', target_id: note.noteable.id }
 
-        notes = described_class.new(project, user, params).execute
+        notes = described_class.new(user, params).execute
 
         expect(notes.count).to eq(1)
       end
 
       it 'finds notes on personal snippets' do
         note = create(:note_on_personal_snippet)
-        params = { target_type: 'personal_snippet', target_id: note.noteable_id }
+        params = { project: project, target_type: 'personal_snippet', target_id: note.noteable_id }
 
-        notes = described_class.new(project, user, params).execute
+        notes = described_class.new(user, params).execute
 
         expect(notes.count).to eq(1)
       end
 
       it 'raises an exception for an invalid target_type' do
         params[:target_type] = 'invalid'
-        expect { described_class.new(project, user, params).execute }.to raise_error("invalid target_type '#{params[:target_type]}'")
+        expect { described_class.new(user, params).execute }.to raise_error("invalid target_type '#{params[:target_type]}'")
       end
 
       it 'filters out old notes' do
         note2.update_attribute(:updated_at, 2.hours.ago)
-        notes = described_class.new(project, user, params).execute
+        notes = described_class.new(user, params).execute
         expect(notes).to eq([note1])
       end
 
@@ -175,25 +170,47 @@ describe NotesFinder do
         let(:confidential_issue) { create(:issue, :confidential, project: project, author: user) }
         let!(:confidential_note) { create(:note, noteable: confidential_issue, project: confidential_issue.project) }
 
-        let(:params) { { target_id: confidential_issue.id, target_type: 'issue', last_fetched_at: 1.hour.ago.to_i } }
+        let(:params) { { project: confidential_issue.project, target_id: confidential_issue.id, target_type: 'issue', last_fetched_at: 1.hour.ago.to_i } }
 
         it 'returns notes if user can see the issue' do
-          expect(described_class.new(project, user, params).execute).to eq([confidential_note])
+          expect(described_class.new(user, params).execute).to eq([confidential_note])
         end
 
         it 'raises an error if user can not see the issue' do
           user = create(:user)
-          expect { described_class.new(project, user, params).execute }.to raise_error(ActiveRecord::RecordNotFound)
+          expect { described_class.new(user, params).execute }.to raise_error(ActiveRecord::RecordNotFound)
         end
 
         it 'raises an error for project members with guest role' do
           user = create(:user)
           project.add_guest(user)
 
-          expect { described_class.new(project, user, params).execute }.to raise_error(ActiveRecord::RecordNotFound)
+          expect { described_class.new(user, params).execute }.to raise_error(ActiveRecord::RecordNotFound)
         end
       end
     end
+
+    context 'for explicit target' do
+      let(:project) { create(:project, :repository) }
+      let!(:note1) { create :note_on_commit, project: project, created_at: 1.day.ago, updated_at: 2.hours.ago }
+      let!(:note2) { create :note_on_commit, project: project }
+      let(:commit) { note1.noteable }
+      let(:params) { { project: project, target: commit } }
+
+      it 'returns the expected notes' do
+        expect(described_class.new(user, params).execute).to eq([note1, note2])
+      end
+
+      it 'returns the expected notes when last_fetched_at is given' do
+        params = { project: project, target: commit, last_fetched_at: 1.hour.ago.to_i }
+        expect(described_class.new(user, params).execute).to eq([note2])
+      end
+
+      it 'fails when nil is provided' do
+        params = { project: project, target: nil }
+        expect { described_class.new(user, params).execute }.to raise_error(RuntimeError)
+      end
+    end
   end
 
   describe '.search' do
@@ -201,17 +218,17 @@ describe NotesFinder do
     let(:note) { create(:note_on_issue, note: 'WoW', project: project) }
 
     it 'returns notes with matching content' do
-      expect(described_class.new(note.project, nil, search: note.note).execute).to eq([note])
+      expect(described_class.new(nil, project: note.project, search: note.note).execute).to eq([note])
     end
 
     it 'returns notes with matching content regardless of the casing' do
-      expect(described_class.new(note.project, nil, search: 'WOW').execute).to eq([note])
+      expect(described_class.new(nil, project: note.project, search: 'WOW').execute).to eq([note])
     end
 
     it 'returns commit notes user can access' do
       note = create(:note_on_commit, project: project)
 
-      expect(described_class.new(note.project, create(:user), search: note.note).execute).to eq([note])
+      expect(described_class.new(create(:user), project: note.project, search: note.note).execute).to eq([note])
     end
 
     context "confidential issues" do
@@ -220,27 +237,27 @@ describe NotesFinder do
       let(:confidential_note) { create(:note, note: "Random", noteable: confidential_issue, project: confidential_issue.project) }
 
       it "returns notes with matching content if user can see the issue" do
-        expect(described_class.new(confidential_note.project, user, search: confidential_note.note).execute).to eq([confidential_note])
+        expect(described_class.new(user, project: confidential_note.project, search: confidential_note.note).execute).to eq([confidential_note])
       end
 
       it "does not return notes with matching content if user can not see the issue" do
         user = create(:user)
-        expect(described_class.new(confidential_note.project, user, search: confidential_note.note).execute).to be_empty
+        expect(described_class.new(user, project: confidential_note.project, search: confidential_note.note).execute).to be_empty
       end
 
       it "does not return notes with matching content for project members with guest role" do
         user = create(:user)
         project.add_guest(user)
-        expect(described_class.new(confidential_note.project, user, search: confidential_note.note).execute).to be_empty
+        expect(described_class.new(user, project: confidential_note.project, search: confidential_note.note).execute).to be_empty
       end
 
       it "does not return notes with matching content for unauthenticated users" do
-        expect(described_class.new(confidential_note.project, nil, search: confidential_note.note).execute).to be_empty
+        expect(described_class.new(nil, project: confidential_note.project, search: confidential_note.note).execute).to be_empty
       end
     end
 
     context 'inlines SQL filters on subqueries for performance' do
-      let(:sql) { described_class.new(note.project, nil, search: note.note).execute.to_sql }
+      let(:sql) { described_class.new(nil, project: note.project, search: note.note).execute.to_sql }
       let(:number_of_noteable_types) { 4 }
 
       specify 'project_id check' do
@@ -254,11 +271,11 @@ describe NotesFinder do
   end
 
   describe '#target' do
-    subject { described_class.new(project, user, params) }
+    subject { described_class.new(user, params) }
 
     context 'for a issue target' do
       let(:issue) { create(:issue, project: project) }
-      let(:params) { { target_type: 'issue', target_id: issue.id } }
+      let(:params) { { project: project, target_type: 'issue', target_id: issue.id } }
 
       it 'returns the issue' do
         expect(subject.target).to eq(issue)
@@ -267,7 +284,7 @@ describe NotesFinder do
 
     context 'for a merge request target' do
       let(:merge_request) { create(:merge_request, source_project: project) }
-      let(:params) { { target_type: 'merge_request', target_id: merge_request.id } }
+      let(:params) { { project: project, target_type: 'merge_request', target_id: merge_request.id } }
 
       it 'returns the merge_request' do
         expect(subject.target).to eq(merge_request)
@@ -276,7 +293,7 @@ describe NotesFinder do
 
     context 'for a snippet target' do
       let(:snippet) { create(:project_snippet, project: project) }
-      let(:params) { { target_type: 'snippet', target_id: snippet.id } }
+      let(:params) { { project: project, target_type: 'snippet', target_id: snippet.id } }
 
       it 'returns the snippet' do
         expect(subject.target).to eq(snippet)
@@ -286,7 +303,7 @@ describe NotesFinder do
     context 'for a commit target' do
       let(:project) { create(:project, :repository) }
       let(:commit) { project.commit }
-      let(:params) { { target_type: 'commit', target_id: commit.id } }
+      let(:params) { { project: project, target_type: 'commit', target_id: commit.id } }
 
       it 'returns the commit' do
         expect(subject.target).to eq(commit)
@@ -298,24 +315,24 @@ describe NotesFinder do
       let(:merge_request) { create(:merge_request, source_project: project, target_project: project) }
 
       it 'finds issues by iid' do
-        iid_params = { target_type: 'issue', target_iid: issue.iid }
-        expect(described_class.new(project, user, iid_params).target).to eq(issue)
+        iid_params = { project: project, target_type: 'issue', target_iid: issue.iid }
+        expect(described_class.new(user, iid_params).target).to eq(issue)
       end
 
       it 'finds merge requests by iid' do
-        iid_params = { target_type: 'merge_request', target_iid: merge_request.iid }
-        expect(described_class.new(project, user, iid_params).target).to eq(merge_request)
+        iid_params = { project: project, target_type: 'merge_request', target_iid: merge_request.iid }
+        expect(described_class.new(user, iid_params).target).to eq(merge_request)
       end
 
       it 'returns nil if both target_id and target_iid are not given' do
-        params_without_any_id = { target_type: 'issue' }
-        expect(described_class.new(project, user, params_without_any_id).target).to be_nil
+        params_without_any_id = { project: project, target_type: 'issue' }
+        expect(described_class.new(user, params_without_any_id).target).to be_nil
       end
 
       it 'prioritizes target_id over target_iid' do
         issue2 = create(:issue, project: project)
-        iid_params = { target_type: 'issue', target_id: issue2.id, target_iid: issue.iid }
-        expect(described_class.new(project, user, iid_params).target).to eq(issue2)
+        iid_params = { project: project, target_type: 'issue', target_id: issue2.id, target_iid: issue.iid }
+        expect(described_class.new(user, iid_params).target).to eq(issue2)
       end
     end
   end
diff --git a/spec/fixtures/api/schemas/entities/discussion.json b/spec/fixtures/api/schemas/entities/discussion.json
new file mode 100644
index 00000000000..bcc1db79e83
--- /dev/null
+++ b/spec/fixtures/api/schemas/entities/discussion.json
@@ -0,0 +1,67 @@
+{
+  "type": "object",
+  "required" : [
+    "id",
+    "notes",
+    "individual_note"
+  ],
+  "properties" : {
+    "id": { "type": "string" },
+    "individual_note": { "type": "boolean" },
+    "notes": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "properties" : {
+          "id": { "type": "string" },
+          "type": { "type": ["string", "null"] },
+          "body": { "type": "string" },
+          "attachment": { "type": ["string", "null"]},
+          "award_emoji": { "type": "array" },
+          "author": {
+            "type": "object",
+            "properties": {
+              "name": { "type": "string" },
+              "username": { "type": "string" },
+              "id": { "type": "integer" },
+              "state": { "type": "string" },
+              "avatar_url": { "type": "uri" },
+              "web_url": { "type": "uri" },
+              "status_tooltip_html": { "type": ["string", "null"] },
+              "path": { "type": "string" }
+            },
+            "additionalProperties": false
+          },
+          "created_at": { "type": "date" },
+          "updated_at": { "type": "date" },
+          "system": { "type": "boolean" },
+          "noteable_id": { "type": "integer" },
+          "noteable_iid": { "type": "integer" },
+          "noteable_type": { "type": "string" },
+          "resolved": { "type": "boolean" },
+          "resolvable": { "type": "boolean" },
+          "resolved_by": { "type": ["string", "null"] },
+          "note": { "type": "string" },
+          "note_html": { "type": "string"  },
+          "current_user": { "type": "object" },
+          "suggestions": { "type": "array" },
+          "discussion_id": { "type": "string" },
+          "emoji_awardable": { "type": "boolean" },
+          "report_abuse_path": { "type": "string" },
+          "noteable_note_url": { "type": "string" },
+          "resolve_path": { "type": "string" },
+          "resolve_with_issue_path": { "type": "string" },
+          "cached_markdown_version": { "type": "integer" },
+          "human_access": { "type": ["string", "null"] },
+          "toggle_award_path": { "type": "string" },
+          "path": { "type": "string" }
+        },
+        "required": [
+          "id", "attachment", "author", "created_at", "updated_at",
+          "system", "noteable_id", "noteable_type"
+        ],
+        "additionalProperties": false
+      }
+    }
+  }
+}
diff --git a/spec/fixtures/api/schemas/entities/discussions.json b/spec/fixtures/api/schemas/entities/discussions.json
new file mode 100644
index 00000000000..5a837429776
--- /dev/null
+++ b/spec/fixtures/api/schemas/entities/discussions.json
@@ -0,0 +1,4 @@
+{
+  "type": "array",
+  "items": { "$ref": "discussion.json" }
+}
diff --git a/spec/support/shared_examples/discussions_provider_shared_examples.rb b/spec/support/shared_examples/discussions_provider_shared_examples.rb
new file mode 100644
index 00000000000..77cf1ac3f51
--- /dev/null
+++ b/spec/support/shared_examples/discussions_provider_shared_examples.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+shared_examples 'discussions provider' do
+  it 'returns the expected discussions' do
+    get :discussions, params: { namespace_id: project.namespace, project_id: project, id: requested_iid }
+
+    expect(response).to have_gitlab_http_status(200)
+    expect(response).to match_response_schema('entities/discussions')
+
+    expect(json_response.size).to eq(expected_discussion_count)
+    expect(json_response.pluck('id')).to eq(expected_discussion_ids)
+  end
+end
-- 
cgit v1.2.1


From e13b5dc7540b85673e066a7a7c26fc3abbecbfe7 Mon Sep 17 00:00:00 2001
From: Patrick Derichs <pderichs@gitlab.com>
Date: Thu, 1 Aug 2019 10:42:12 +0200
Subject: Change block parameter name to params

---
 app/controllers/concerns/issuable_actions.rb | 2 +-
 app/controllers/snippets/notes_controller.rb | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/controllers/concerns/issuable_actions.rb b/app/controllers/concerns/issuable_actions.rb
index 8a27b7f1c5f..398cb728e05 100644
--- a/app/controllers/concerns/issuable_actions.rb
+++ b/app/controllers/concerns/issuable_actions.rb
@@ -227,7 +227,7 @@ module IssuableActions
     {
         target: @issuable,
         notes_filter: notes_filter
-    }.tap { |hash| hash[:project] = project if respond_to?(:project, true) }
+    }.tap { |new_params| new_params[:project] = project if respond_to?(:project, true) }
   end
   # rubocop:enable Gitlab/ModuleWithInstanceVariables
 end
diff --git a/app/controllers/snippets/notes_controller.rb b/app/controllers/snippets/notes_controller.rb
index 1f016493c1f..551b37cb3d3 100644
--- a/app/controllers/snippets/notes_controller.rb
+++ b/app/controllers/snippets/notes_controller.rb
@@ -27,8 +27,8 @@ class Snippets::NotesController < ApplicationController
   alias_method :noteable, :snippet
 
   def finder_params
-    params.merge(last_fetched_at: last_fetched_at, target_id: snippet.id, target_type: 'personal_snippet').tap do |hash|
-      hash[:project] = project if respond_to?(:project)
+    params.merge(last_fetched_at: last_fetched_at, target_id: snippet.id, target_type: 'personal_snippet').tap do |merged_params|
+      merged_params[:project] = project if respond_to?(:project)
     end
   end
 
-- 
cgit v1.2.1


From a0ccab454667157a6f7717dd8ed7dc1641618fc0 Mon Sep 17 00:00:00 2001
From: Harish Ramachandran <harish@gitlab.com>
Date: Thu, 1 Aug 2019 09:27:04 +0000
Subject: Troubleshooting steps when there are different Gitaly node secrets

---
 doc/administration/gitaly/index.md | 91 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 91 insertions(+)

diff --git a/doc/administration/gitaly/index.md b/doc/administration/gitaly/index.md
index 0f547ef03bf..f6f02221fe3 100644
--- a/doc/administration/gitaly/index.md
+++ b/doc/administration/gitaly/index.md
@@ -510,3 +510,94 @@ implemented as calls to `gitaly-ruby`:
 ```
 sum(rate(grpc_client_handled_total[5m])) by (grpc_method) > 0
 ```
+
+### Repository changes fail with a `401 Unauthorized` error
+
+If you're running Gitaly on its own server and notice that users can
+successfully clone and fetch repositories (via both SSH and HTTPS), but can't
+push to them or make changes to the repository in the web UI without getting a
+`401 Unauthorized` message, then it's possible Gitaly is failing to authenticate
+with the other nodes due to having the [wrong secrets file](#3-gitaly-server-configuration).
+
+Confirm the following are all true:
+
+- When any user performs a `git push` to any repository on this Gitaly node, it
+  fails with the following error (note the `401 Unauthorized`):
+
+  ```sh
+  remote: GitLab: 401 Unauthorized
+  To <REMOTE_URL>
+  ! [remote rejected] branch-name -> branch-name (pre-receive hook declined)
+  error: failed to push some refs to '<REMOTE_URL>'
+  ```
+
+- When any user adds or modifies a file from the repository using the GitLab
+  UI, it immediatley fails with a red `401 Unauthorized` banner.
+- Creating a new project and [initializing it with a README](../../gitlab-basics/create-project.md#blank-projects)
+  successfully creates the project but doesn't create the README.
+- When [tailing the logs](https://docs.gitlab.com/omnibus/settings/logs.md#tail-logs-in-a-console-on-the-server) on an app node and reproducing the error, you get `401` errors
+  when reaching the `/api/v4/internal/allowed` endpoint:
+
+  ```sh
+  # api_json.log
+  {
+    "time": "2019-07-18T00:30:14.967Z",
+    "severity": "INFO",
+    "duration": 0.57,
+    "db": 0,
+    "view": 0.57,
+    "status": 401,
+    "method": "POST",
+    "path": "\/api\/v4\/internal\/allowed",
+    "params": [
+      {
+        "key": "action",
+        "value": "git-receive-pack"
+      },
+      {
+        "key": "changes",
+        "value": "REDACTED"
+      },
+      {
+        "key": "gl_repository",
+        "value": "REDACTED"
+      },
+      {
+        "key": "project",
+        "value": "\/path\/to\/project.git"
+      },
+      {
+        "key": "protocol",
+        "value": "web"
+      },
+      {
+        "key": "env",
+        "value": "{\"GIT_ALTERNATE_OBJECT_DIRECTORIES\":[],\"GIT_ALTERNATE_OBJECT_DIRECTORIES_RELATIVE\":[],\"GIT_OBJECT_DIRECTORY\":null,\"GIT_OBJECT_DIRECTORY_RELATIVE\":null}"
+      },
+      {
+        "key": "user_id",
+        "value": "2"
+      },
+      {
+        "key": "secret_token",
+        "value": "[FILTERED]"
+      }
+    ],
+    "host": "gitlab.example.com",
+    "ip": "REDACTED",
+    "ua": "Ruby",
+    "route": "\/api\/:version\/internal\/allowed",
+    "queue_duration": 4.24,
+    "gitaly_calls": 0,
+    "gitaly_duration": 0,
+    "correlation_id": "XPUZqTukaP3"
+  }
+
+  # nginx_access.log
+  [IP] - - [18/Jul/2019:00:30:14 +0000] "POST /api/v4/internal/allowed HTTP/1.1" 401 30 "" "Ruby"
+  ```
+
+To fix this problem, confirm that your [`gitlab-secrets.json` file](#3-gitaly-server-configuration)
+on the Gitaly node matches the one on all other nodes. If it doesn't match,
+update the secrets file on the Gitaly node to match the others, then
+[reconfigure the node](../restart_gitlab.md#omnibus-gitlab-reconfigure).
-- 
cgit v1.2.1


From 170f7906410984a04971a7b044356217c62cd19f Mon Sep 17 00:00:00 2001
From: Jason Goodman <jgoodman@gitlab.com>
Date: Thu, 1 Aug 2019 09:56:33 +0000
Subject: Use Array.join rather than URI.join

Add spec for cases where URI.join does not work as expected
---
 app/models/environment.rb                    |  2 +-
 changelogs/unreleased/double-slash-64592.yml |  5 +++++
 spec/models/environment_spec.rb              | 29 ++++++++++++++++++----------
 spec/models/project_spec.rb                  | 10 ++++++++++
 4 files changed, 35 insertions(+), 11 deletions(-)
 create mode 100644 changelogs/unreleased/double-slash-64592.yml

diff --git a/app/models/environment.rb b/app/models/environment.rb
index 392481ea0cc..513427ac2c5 100644
--- a/app/models/environment.rb
+++ b/app/models/environment.rb
@@ -204,7 +204,7 @@ class Environment < ApplicationRecord
     public_path = project.public_path_for_source_path(path, commit_sha)
     return unless public_path
 
-    [external_url, public_path].join('/')
+    [external_url.delete_suffix('/'), public_path.delete_prefix('/')].join('/')
   end
 
   def expire_etag_cache
diff --git a/changelogs/unreleased/double-slash-64592.yml b/changelogs/unreleased/double-slash-64592.yml
new file mode 100644
index 00000000000..e3b5b197ac5
--- /dev/null
+++ b/changelogs/unreleased/double-slash-64592.yml
@@ -0,0 +1,5 @@
+---
+title: Prevent double slash in review apps path
+merge_request: 31212
+author:
+type: fixed
diff --git a/spec/models/environment_spec.rb b/spec/models/environment_spec.rb
index ce0681c4331..d2e0bed721e 100644
--- a/spec/models/environment_spec.rb
+++ b/spec/models/environment_spec.rb
@@ -4,6 +4,7 @@ require 'spec_helper'
 
 describe Environment, :use_clean_rails_memory_store_caching do
   include ReactiveCachingHelpers
+  using RSpec::Parameterized::TableSyntax
 
   let(:project) { create(:project, :stubbed_repository) }
   subject(:environment) { create(:environment, project: project) }
@@ -782,12 +783,9 @@ describe Environment, :use_clean_rails_memory_store_caching do
     let(:source_path) { 'source/file.html' }
     let(:sha) { RepoHelpers.sample_commit.id }
 
-    before do
-      environment.external_url = 'http://example.com'
-    end
-
     context 'when the public path is not known' do
       before do
+        environment.external_url = 'http://example.com'
         allow(project).to receive(:public_path_for_source_path).with(source_path, sha).and_return(nil)
       end
 
@@ -797,12 +795,23 @@ describe Environment, :use_clean_rails_memory_store_caching do
     end
 
     context 'when the public path is known' do
-      before do
-        allow(project).to receive(:public_path_for_source_path).with(source_path, sha).and_return('file.html')
-      end
-
-      it 'returns the full external URL' do
-        expect(environment.external_url_for(source_path, sha)).to eq('http://example.com/file.html')
+      where(:external_url, :public_path, :full_url) do
+        'http://example.com'          | 'file.html'         | 'http://example.com/file.html'
+        'http://example.com/'         | 'file.html'         | 'http://example.com/file.html'
+        'http://example.com'          | '/file.html'        | 'http://example.com/file.html'
+        'http://example.com/'         | '/file.html'        | 'http://example.com/file.html'
+        'http://example.com/subpath'  | 'public/file.html'  | 'http://example.com/subpath/public/file.html'
+        'http://example.com/subpath/' | 'public/file.html'  | 'http://example.com/subpath/public/file.html'
+        'http://example.com/subpath'  | '/public/file.html' | 'http://example.com/subpath/public/file.html'
+        'http://example.com/subpath/' | '/public/file.html' | 'http://example.com/subpath/public/file.html'
+      end
+      with_them do
+        it 'returns the full external URL' do
+          environment.external_url = external_url
+          allow(project).to receive(:public_path_for_source_path).with(source_path, sha).and_return(public_path)
+
+          expect(environment.external_url_for(source_path, sha)).to eq(full_url)
+        end
       end
     end
   end
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 32fb0c0ff73..157103123ad 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -2950,6 +2950,16 @@ describe Project do
           expect(project.public_path_for_source_path('file.html', sha)).to be_nil
         end
       end
+
+      it 'returns a public path with a leading slash unmodified' do
+        route_map = Gitlab::RouteMap.new(<<-MAP.strip_heredoc)
+          - source: 'source/file.html'
+            public: '/public/file'
+        MAP
+        allow(project).to receive(:route_map_for).with(sha).and_return(route_map)
+
+        expect(project.public_path_for_source_path('source/file.html', sha)).to eq('/public/file')
+      end
     end
 
     context 'when there is no route map' do
-- 
cgit v1.2.1


From ab0a6455c790874cafd2deff9b7b2da8d82169f2 Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Mon, 29 Jul 2019 16:27:36 +0100
Subject: Add RSpec/TopLevelDescribePath cop

The RSpec/FilePath cop checks that a spec file's path is correct, but
only if the file describes a constant. We want to check, for any file
with a top-level `describe`, whether the file path ends in
`_spec.rb`. We don't care what comes before that; just that it will be
executed by RSpec at all.
---
 rubocop/cop/rspec/top_level_describe_path.rb       | 35 +++++++++++
 rubocop/rubocop.rb                                 |  1 +
 .../cop/rspec/top_level_describe_path_spec.rb      | 67 ++++++++++++++++++++++
 3 files changed, 103 insertions(+)
 create mode 100644 rubocop/cop/rspec/top_level_describe_path.rb
 create mode 100644 spec/rubocop/cop/rspec/top_level_describe_path_spec.rb

diff --git a/rubocop/cop/rspec/top_level_describe_path.rb b/rubocop/cop/rspec/top_level_describe_path.rb
new file mode 100644
index 00000000000..61796e23af0
--- /dev/null
+++ b/rubocop/cop/rspec/top_level_describe_path.rb
@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+require 'rubocop/rspec/top_level_describe'
+
+module RuboCop
+  module Cop
+    module RSpec
+      class TopLevelDescribePath < RuboCop::Cop::Cop
+        include RuboCop::RSpec::TopLevelDescribe
+
+        MESSAGE = 'A file with a top-level `describe` must end in _spec.rb.'
+        SHARED_EXAMPLES = %i[shared_examples shared_examples_for].freeze
+
+        def on_top_level_describe(node, args)
+          return if acceptable_file_path?(processed_source.buffer.name)
+          return if shared_example?(node)
+
+          add_offense(node, message: MESSAGE)
+        end
+
+        private
+
+        def acceptable_file_path?(path)
+          File.fnmatch?('*_spec.rb', path) || File.fnmatch?('*/frontend/fixtures/*', path)
+        end
+
+        def shared_example?(node)
+          node.ancestors.any? do |node|
+            node.respond_to?(:method_name) && SHARED_EXAMPLES.include?(node.method_name)
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/rubocop/rubocop.rb b/rubocop/rubocop.rb
index ba61a634d97..58a7ead6f13 100644
--- a/rubocop/rubocop.rb
+++ b/rubocop/rubocop.rb
@@ -32,6 +32,7 @@ require_relative 'cop/migration/update_large_table'
 require_relative 'cop/project_path_helper'
 require_relative 'cop/rspec/env_assignment'
 require_relative 'cop/rspec/factories_in_migration_specs'
+require_relative 'cop/rspec/top_level_describe_path'
 require_relative 'cop/qa/element_with_pattern'
 require_relative 'cop/sidekiq_options_queue'
 require_relative 'cop/destroy_all'
diff --git a/spec/rubocop/cop/rspec/top_level_describe_path_spec.rb b/spec/rubocop/cop/rspec/top_level_describe_path_spec.rb
new file mode 100644
index 00000000000..258144d4000
--- /dev/null
+++ b/spec/rubocop/cop/rspec/top_level_describe_path_spec.rb
@@ -0,0 +1,67 @@
+# frozen_string_literal: true
+
+require 'fast_spec_helper'
+
+require 'rubocop'
+require 'rubocop/rspec/support'
+
+require_relative '../../../../rubocop/cop/rspec/top_level_describe_path'
+
+describe RuboCop::Cop::RSpec::TopLevelDescribePath do
+  include RuboCop::RSpec::ExpectOffense
+  include CopHelper
+
+  subject(:cop) { described_class.new }
+
+  context 'when the file ends in _spec.rb' do
+    it 'registers no offenses' do
+      expect_no_offenses(<<~SOURCE.strip_indent, 'spec/foo_spec.rb')
+        describe 'Foo' do
+        end
+      SOURCE
+    end
+  end
+
+  context 'when the file is a frontend fixture' do
+    it 'registers no offenses' do
+      expect_no_offenses(<<~SOURCE.strip_indent, 'spec/frontend/fixtures/foo.rb')
+        describe 'Foo' do
+        end
+      SOURCE
+    end
+  end
+
+  context 'when the describe is in a shared example' do
+    context 'with shared_examples' do
+      it 'registers no offenses' do
+        expect_no_offenses(<<~SOURCE.strip_indent, 'spec/foo.rb')
+          shared_examples 'Foo' do
+            describe '#bar' do
+            end
+          end
+        SOURCE
+      end
+    end
+
+    context 'with shared_examples_for' do
+      it 'registers no offenses' do
+        expect_no_offenses(<<~SOURCE.strip_indent, 'spec/foo.rb')
+          shared_examples_for 'Foo' do
+            describe '#bar' do
+            end
+          end
+        SOURCE
+      end
+    end
+  end
+
+  context 'when the describe is at the top level' do
+    it 'marks the describe as offending' do
+      expect_offense(<<~SOURCE.strip_indent, 'spec/foo.rb')
+        describe 'Foo' do
+        ^^^^^^^^^^^^^^ #{described_class::MESSAGE}
+        end
+      SOURCE
+    end
+  end
+end
-- 
cgit v1.2.1


From c4a8f45f7d5f6873f912004e77af1da2f96fd831 Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Tue, 30 Jul 2019 10:11:48 +0100
Subject: Rename broken spec files

RSpec only executes files ending in _spec.rb.
---
 .../groups/labels/user_sees_links_to_issuables.rb  | 17 -----
 .../labels/user_sees_links_to_issuables_spec.rb    | 17 +++++
 .../instance_statistics/instance_statistics.rb     | 25 -------
 .../instance_statistics_spec.rb                    | 25 +++++++
 ..._tree_with_a_folder_containing_only_a_folder.rb | 22 -------
 ..._with_a_folder_containing_only_a_folder_spec.rb | 22 +++++++
 .../labels/user_sees_links_to_issuables.rb         | 77 ----------------------
 .../labels/user_sees_links_to_issuables_spec.rb    | 77 ++++++++++++++++++++++
 .../snippets/user_sees_breadcrumb_links.rb         | 19 ------
 .../snippets/user_sees_breadcrumb_links_spec.rb    | 19 ++++++
 spec/features/user_opens_link_to_comment.rb        | 33 ----------
 spec/features/user_opens_link_to_comment_spec.rb   | 33 ++++++++++
 .../users/add_email_to_existing_account.rb         | 17 -----
 .../users/add_email_to_existing_account_spec.rb    | 17 +++++
 .../gitlab/mail_google_schema_whitelisting.rb      | 27 --------
 .../gitlab/mail_google_schema_whitelisting_spec.rb | 27 ++++++++
 .../projects/_blank_state_admin_welcome.haml.rb    | 15 -----
 .../_blank_state_admin_welcome.haml_spec.rb        | 15 +++++
 spec/views/dashboard/projects/_nav.html.haml.rb    | 17 -----
 .../dashboard/projects/_nav.html.haml_spec.rb      | 17 +++++
 .../_confirm_rollback_modal_spec.html.rb           | 63 ------------------
 .../_confirm_rollback_modal_spec.html_spec.rb      | 63 ++++++++++++++++++
 spec/views/shared/_label_row.html.haml.rb          | 32 ---------
 spec/views/shared/_label_row.html.haml_spec.rb     | 32 +++++++++
 .../views/shared/milestones/_issuable.html.haml.rb | 19 ------
 .../shared/milestones/_issuable.html.haml_spec.rb  | 19 ++++++
 .../shared/milestones/_issuables.html.haml.rb      | 32 ---------
 .../shared/milestones/_issuables.html.haml_spec.rb | 32 +++++++++
 spec/views/shared/milestones/_top.html.haml.rb     | 35 ----------
 .../views/shared/milestones/_top.html.haml_spec.rb | 35 ++++++++++
 30 files changed, 450 insertions(+), 450 deletions(-)
 delete mode 100644 spec/features/groups/labels/user_sees_links_to_issuables.rb
 create mode 100644 spec/features/groups/labels/user_sees_links_to_issuables_spec.rb
 delete mode 100644 spec/features/instance_statistics/instance_statistics.rb
 create mode 100644 spec/features/instance_statistics/instance_statistics_spec.rb
 delete mode 100644 spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder.rb
 create mode 100644 spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder_spec.rb
 delete mode 100644 spec/features/projects/labels/user_sees_links_to_issuables.rb
 create mode 100644 spec/features/projects/labels/user_sees_links_to_issuables_spec.rb
 delete mode 100644 spec/features/snippets/user_sees_breadcrumb_links.rb
 create mode 100644 spec/features/snippets/user_sees_breadcrumb_links_spec.rb
 delete mode 100644 spec/features/user_opens_link_to_comment.rb
 create mode 100644 spec/features/user_opens_link_to_comment_spec.rb
 delete mode 100644 spec/features/users/add_email_to_existing_account.rb
 create mode 100644 spec/features/users/add_email_to_existing_account_spec.rb
 delete mode 100644 spec/tasks/gitlab/mail_google_schema_whitelisting.rb
 create mode 100644 spec/tasks/gitlab/mail_google_schema_whitelisting_spec.rb
 delete mode 100644 spec/views/dashboard/projects/_blank_state_admin_welcome.haml.rb
 create mode 100644 spec/views/dashboard/projects/_blank_state_admin_welcome.haml_spec.rb
 delete mode 100644 spec/views/dashboard/projects/_nav.html.haml.rb
 create mode 100644 spec/views/dashboard/projects/_nav.html.haml_spec.rb
 delete mode 100644 spec/views/projects/deployments/_confirm_rollback_modal_spec.html.rb
 create mode 100644 spec/views/projects/deployments/_confirm_rollback_modal_spec.html_spec.rb
 delete mode 100644 spec/views/shared/_label_row.html.haml.rb
 create mode 100644 spec/views/shared/_label_row.html.haml_spec.rb
 delete mode 100644 spec/views/shared/milestones/_issuable.html.haml.rb
 create mode 100644 spec/views/shared/milestones/_issuable.html.haml_spec.rb
 delete mode 100644 spec/views/shared/milestones/_issuables.html.haml.rb
 create mode 100644 spec/views/shared/milestones/_issuables.html.haml_spec.rb
 delete mode 100644 spec/views/shared/milestones/_top.html.haml.rb
 create mode 100644 spec/views/shared/milestones/_top.html.haml_spec.rb

diff --git a/spec/features/groups/labels/user_sees_links_to_issuables.rb b/spec/features/groups/labels/user_sees_links_to_issuables.rb
deleted file mode 100644
index e636f625b31..00000000000
--- a/spec/features/groups/labels/user_sees_links_to_issuables.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe 'Groups > Labels > User sees links to issuables' do
-  set(:group) { create(:group, :public) }
-
-  before do
-    create(:group_label, group: group, title: 'bug')
-    visit group_labels_path(group)
-  end
-
-  it 'shows links to MRs and issues' do
-    expect(page).to have_link('view merge requests')
-    expect(page).to have_link('view open issues')
-  end
-end
diff --git a/spec/features/groups/labels/user_sees_links_to_issuables_spec.rb b/spec/features/groups/labels/user_sees_links_to_issuables_spec.rb
new file mode 100644
index 00000000000..e636f625b31
--- /dev/null
+++ b/spec/features/groups/labels/user_sees_links_to_issuables_spec.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'Groups > Labels > User sees links to issuables' do
+  set(:group) { create(:group, :public) }
+
+  before do
+    create(:group_label, group: group, title: 'bug')
+    visit group_labels_path(group)
+  end
+
+  it 'shows links to MRs and issues' do
+    expect(page).to have_link('view merge requests')
+    expect(page).to have_link('view open issues')
+  end
+end
diff --git a/spec/features/instance_statistics/instance_statistics.rb b/spec/features/instance_statistics/instance_statistics.rb
deleted file mode 100644
index 40d0f1db207..00000000000
--- a/spec/features/instance_statistics/instance_statistics.rb
+++ /dev/null
@@ -1,25 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails_helper'
-
-describe 'Cohorts page', :js do
-  before do
-    sign_in(create(:admin))
-  end
-
-  it 'hides cohorts nav button when usage ping is disabled' do
-    stub_application_setting(usage_ping_enabled: false)
-
-    visit instance_statistics_root_path
-
-    expect(find('.nav-sidebar')).not_to have_content('Cohorts')
-  end
-
-  it 'shows cohorts nav button when usage ping is enabled' do
-    stub_application_setting(usage_ping_enabled: true)
-
-    visit instance_statistics_root_path
-
-    expect(find('.nav-sidebar')).to have_content('Cohorts')
-  end
-end
diff --git a/spec/features/instance_statistics/instance_statistics_spec.rb b/spec/features/instance_statistics/instance_statistics_spec.rb
new file mode 100644
index 00000000000..40d0f1db207
--- /dev/null
+++ b/spec/features/instance_statistics/instance_statistics_spec.rb
@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe 'Cohorts page', :js do
+  before do
+    sign_in(create(:admin))
+  end
+
+  it 'hides cohorts nav button when usage ping is disabled' do
+    stub_application_setting(usage_ping_enabled: false)
+
+    visit instance_statistics_root_path
+
+    expect(find('.nav-sidebar')).not_to have_content('Cohorts')
+  end
+
+  it 'shows cohorts nav button when usage ping is enabled' do
+    stub_application_setting(usage_ping_enabled: true)
+
+    visit instance_statistics_root_path
+
+    expect(find('.nav-sidebar')).to have_content('Cohorts')
+  end
+end
diff --git a/spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder.rb b/spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder.rb
deleted file mode 100644
index 934de2fde8f..00000000000
--- a/spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder.rb
+++ /dev/null
@@ -1,22 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-# This is a regression test for https://gitlab.com/gitlab-org/gitlab-ce/issues/37569
-describe 'Projects > Files > User browses a tree with a folder containing only a folder' do
-  let(:project) { create(:project, :empty_repo) }
-  let(:user) { project.owner }
-
-  before do
-    # We need to disable the tree.flat_path provided by Gitaly to reproduce the issue
-    allow(Gitlab::GitalyClient).to receive(:feature_enabled?).and_return(false)
-
-    project.repository.create_dir(user, 'foo/bar', branch_name: 'master', message: 'Add the foo/bar folder')
-    sign_in(user)
-    visit(project_tree_path(project, project.repository.root_ref))
-  end
-
-  it 'shows the nested folder on a single row' do
-    expect(page).to have_content('foo/bar')
-  end
-end
diff --git a/spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder_spec.rb b/spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder_spec.rb
new file mode 100644
index 00000000000..934de2fde8f
--- /dev/null
+++ b/spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder_spec.rb
@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+# This is a regression test for https://gitlab.com/gitlab-org/gitlab-ce/issues/37569
+describe 'Projects > Files > User browses a tree with a folder containing only a folder' do
+  let(:project) { create(:project, :empty_repo) }
+  let(:user) { project.owner }
+
+  before do
+    # We need to disable the tree.flat_path provided by Gitaly to reproduce the issue
+    allow(Gitlab::GitalyClient).to receive(:feature_enabled?).and_return(false)
+
+    project.repository.create_dir(user, 'foo/bar', branch_name: 'master', message: 'Add the foo/bar folder')
+    sign_in(user)
+    visit(project_tree_path(project, project.repository.root_ref))
+  end
+
+  it 'shows the nested folder on a single row' do
+    expect(page).to have_content('foo/bar')
+  end
+end
diff --git a/spec/features/projects/labels/user_sees_links_to_issuables.rb b/spec/features/projects/labels/user_sees_links_to_issuables.rb
deleted file mode 100644
index fd2151a1f8e..00000000000
--- a/spec/features/projects/labels/user_sees_links_to_issuables.rb
+++ /dev/null
@@ -1,77 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe 'Projects > Labels > User sees links to issuables' do
-  set(:user) { create(:user) }
-
-  before do
-    label # creates the label
-    project.add_developer(user)
-    sign_in user
-    visit project_labels_path(project)
-  end
-
-  context 'with a project label' do
-    let(:label) { create(:label, project: project, title: 'bug') }
-
-    context 'when merge requests and issues are enabled for the project' do
-      let(:project) { create(:project, :public) }
-
-      it 'shows links to MRs and issues' do
-        expect(page).to have_link('view merge requests')
-        expect(page).to have_link('view open issues')
-      end
-    end
-
-    context 'when issues are disabled for the project' do
-      let(:project) { create(:project, :public, issues_access_level: ProjectFeature::DISABLED) }
-
-      it 'shows links to MRs but not to issues' do
-        expect(page).to have_link('view merge requests')
-        expect(page).not_to have_link('view open issues')
-      end
-    end
-
-    context 'when merge requests are disabled for the project' do
-      let(:project) { create(:project, :public, merge_requests_access_level: ProjectFeature::DISABLED) }
-
-      it 'shows links to issues but not to MRs' do
-        expect(page).not_to have_link('view merge requests')
-        expect(page).to have_link('view open issues')
-      end
-    end
-  end
-
-  context 'with a group label' do
-    set(:group) { create(:group) }
-    let(:label) { create(:group_label, group: group, title: 'bug') }
-
-    context 'when merge requests and issues are enabled for the project' do
-      let(:project) { create(:project, :public, namespace: group) }
-
-      it 'shows links to MRs and issues' do
-        expect(page).to have_link('view merge requests')
-        expect(page).to have_link('view open issues')
-      end
-    end
-
-    context 'when issues are disabled for the project' do
-      let(:project) { create(:project, :public, namespace: group, issues_access_level: ProjectFeature::DISABLED) }
-
-      it 'shows links to MRs and issues' do
-        expect(page).to have_link('view merge requests')
-        expect(page).to have_link('view open issues')
-      end
-    end
-
-    context 'when merge requests are disabled for the project' do
-      let(:project) { create(:project, :public, namespace: group, merge_requests_access_level: ProjectFeature::DISABLED) }
-
-      it 'shows links to MRs and issues' do
-        expect(page).to have_link('view merge requests')
-        expect(page).to have_link('view open issues')
-      end
-    end
-  end
-end
diff --git a/spec/features/projects/labels/user_sees_links_to_issuables_spec.rb b/spec/features/projects/labels/user_sees_links_to_issuables_spec.rb
new file mode 100644
index 00000000000..fd2151a1f8e
--- /dev/null
+++ b/spec/features/projects/labels/user_sees_links_to_issuables_spec.rb
@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'Projects > Labels > User sees links to issuables' do
+  set(:user) { create(:user) }
+
+  before do
+    label # creates the label
+    project.add_developer(user)
+    sign_in user
+    visit project_labels_path(project)
+  end
+
+  context 'with a project label' do
+    let(:label) { create(:label, project: project, title: 'bug') }
+
+    context 'when merge requests and issues are enabled for the project' do
+      let(:project) { create(:project, :public) }
+
+      it 'shows links to MRs and issues' do
+        expect(page).to have_link('view merge requests')
+        expect(page).to have_link('view open issues')
+      end
+    end
+
+    context 'when issues are disabled for the project' do
+      let(:project) { create(:project, :public, issues_access_level: ProjectFeature::DISABLED) }
+
+      it 'shows links to MRs but not to issues' do
+        expect(page).to have_link('view merge requests')
+        expect(page).not_to have_link('view open issues')
+      end
+    end
+
+    context 'when merge requests are disabled for the project' do
+      let(:project) { create(:project, :public, merge_requests_access_level: ProjectFeature::DISABLED) }
+
+      it 'shows links to issues but not to MRs' do
+        expect(page).not_to have_link('view merge requests')
+        expect(page).to have_link('view open issues')
+      end
+    end
+  end
+
+  context 'with a group label' do
+    set(:group) { create(:group) }
+    let(:label) { create(:group_label, group: group, title: 'bug') }
+
+    context 'when merge requests and issues are enabled for the project' do
+      let(:project) { create(:project, :public, namespace: group) }
+
+      it 'shows links to MRs and issues' do
+        expect(page).to have_link('view merge requests')
+        expect(page).to have_link('view open issues')
+      end
+    end
+
+    context 'when issues are disabled for the project' do
+      let(:project) { create(:project, :public, namespace: group, issues_access_level: ProjectFeature::DISABLED) }
+
+      it 'shows links to MRs and issues' do
+        expect(page).to have_link('view merge requests')
+        expect(page).to have_link('view open issues')
+      end
+    end
+
+    context 'when merge requests are disabled for the project' do
+      let(:project) { create(:project, :public, namespace: group, merge_requests_access_level: ProjectFeature::DISABLED) }
+
+      it 'shows links to MRs and issues' do
+        expect(page).to have_link('view merge requests')
+        expect(page).to have_link('view open issues')
+      end
+    end
+  end
+end
diff --git a/spec/features/snippets/user_sees_breadcrumb_links.rb b/spec/features/snippets/user_sees_breadcrumb_links.rb
deleted file mode 100644
index 5b10984ce1d..00000000000
--- a/spec/features/snippets/user_sees_breadcrumb_links.rb
+++ /dev/null
@@ -1,19 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails_helper'
-
-describe 'New user snippet breadcrumbs' do
-  let(:user) { create(:user) }
-
-  before do
-    sign_in(user)
-    visit new_snippet_path
-  end
-
-  it 'display a link to user snippets and new user snippet pages' do
-    page.within '.breadcrumbs' do
-      expect(find_link('Snippets')[:href]).to end_with(dashboard_snippets_path)
-      expect(find_link('New')[:href]).to end_with(new_snippet_path)
-    end
-  end
-end
diff --git a/spec/features/snippets/user_sees_breadcrumb_links_spec.rb b/spec/features/snippets/user_sees_breadcrumb_links_spec.rb
new file mode 100644
index 00000000000..5b10984ce1d
--- /dev/null
+++ b/spec/features/snippets/user_sees_breadcrumb_links_spec.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe 'New user snippet breadcrumbs' do
+  let(:user) { create(:user) }
+
+  before do
+    sign_in(user)
+    visit new_snippet_path
+  end
+
+  it 'display a link to user snippets and new user snippet pages' do
+    page.within '.breadcrumbs' do
+      expect(find_link('Snippets')[:href]).to end_with(dashboard_snippets_path)
+      expect(find_link('New')[:href]).to end_with(new_snippet_path)
+    end
+  end
+end
diff --git a/spec/features/user_opens_link_to_comment.rb b/spec/features/user_opens_link_to_comment.rb
deleted file mode 100644
index f1e07e55799..00000000000
--- a/spec/features/user_opens_link_to_comment.rb
+++ /dev/null
@@ -1,33 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe 'User opens link to comment', :js do
-  let(:project) { create(:project, :public) }
-  let(:note) { create(:note_on_issue, project: project) }
-
-  context 'authenticated user' do
-    let(:user) { create(:user) }
-
-    before do
-      sign_in(user)
-    end
-
-    it 'switches to all activity and does not show error message' do
-      create(:user_preference, user: user, issue_notes_filter: UserPreference::NOTES_FILTERS[:only_activity])
-
-      visit Gitlab::UrlBuilder.build(note)
-
-      expect(page.find('#discussion-filter-dropdown')).to have_content('Show all activity')
-      expect(page).not_to have_content('Something went wrong while fetching comments')
-    end
-  end
-
-  context 'anonymous user' do
-    it 'does not show error message' do
-      visit Gitlab::UrlBuilder.build(note)
-
-      expect(page).not_to have_content('Something went wrong while fetching comments')
-    end
-  end
-end
diff --git a/spec/features/user_opens_link_to_comment_spec.rb b/spec/features/user_opens_link_to_comment_spec.rb
new file mode 100644
index 00000000000..f1e07e55799
--- /dev/null
+++ b/spec/features/user_opens_link_to_comment_spec.rb
@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'User opens link to comment', :js do
+  let(:project) { create(:project, :public) }
+  let(:note) { create(:note_on_issue, project: project) }
+
+  context 'authenticated user' do
+    let(:user) { create(:user) }
+
+    before do
+      sign_in(user)
+    end
+
+    it 'switches to all activity and does not show error message' do
+      create(:user_preference, user: user, issue_notes_filter: UserPreference::NOTES_FILTERS[:only_activity])
+
+      visit Gitlab::UrlBuilder.build(note)
+
+      expect(page.find('#discussion-filter-dropdown')).to have_content('Show all activity')
+      expect(page).not_to have_content('Something went wrong while fetching comments')
+    end
+  end
+
+  context 'anonymous user' do
+    it 'does not show error message' do
+      visit Gitlab::UrlBuilder.build(note)
+
+      expect(page).not_to have_content('Something went wrong while fetching comments')
+    end
+  end
+end
diff --git a/spec/features/users/add_email_to_existing_account.rb b/spec/features/users/add_email_to_existing_account.rb
deleted file mode 100644
index 42e352399a8..00000000000
--- a/spec/features/users/add_email_to_existing_account.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe 'AdditionalEmailToExistingAccount' do
-  describe 'add secondary email associated with account' do
-    let(:user) { create(:user) }
-
-    it 'verifies confirmation of additional email' do
-      sign_in(user)
-
-      email = create(:email, user: user)
-      visit email_confirmation_path(confirmation_token: email.confirmation_token)
-      expect(page).to have_content 'Your email address has been successfully confirmed.'
-    end
-  end
-end
diff --git a/spec/features/users/add_email_to_existing_account_spec.rb b/spec/features/users/add_email_to_existing_account_spec.rb
new file mode 100644
index 00000000000..42e352399a8
--- /dev/null
+++ b/spec/features/users/add_email_to_existing_account_spec.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'AdditionalEmailToExistingAccount' do
+  describe 'add secondary email associated with account' do
+    let(:user) { create(:user) }
+
+    it 'verifies confirmation of additional email' do
+      sign_in(user)
+
+      email = create(:email, user: user)
+      visit email_confirmation_path(confirmation_token: email.confirmation_token)
+      expect(page).to have_content 'Your email address has been successfully confirmed.'
+    end
+  end
+end
diff --git a/spec/tasks/gitlab/mail_google_schema_whitelisting.rb b/spec/tasks/gitlab/mail_google_schema_whitelisting.rb
deleted file mode 100644
index 8d1cff7a261..00000000000
--- a/spec/tasks/gitlab/mail_google_schema_whitelisting.rb
+++ /dev/null
@@ -1,27 +0,0 @@
-require 'spec_helper'
-require 'rake'
-
-describe 'gitlab:mail_google_schema_whitelisting rake task' do
-  before :all do
-    Rake.application.rake_require "tasks/gitlab/helpers"
-    Rake.application.rake_require "tasks/gitlab/mail_google_schema_whitelisting"
-    # empty task as env is already loaded
-    Rake::Task.define_task :environment
-  end
-
-  describe 'call' do
-    before do
-      # avoid writing task output to spec progress
-      allow($stdout).to receive :write
-    end
-
-    let :run_rake_task do
-      Rake::Task["gitlab:mail_google_schema_whitelisting"].reenable
-      Rake.application.invoke_task "gitlab:mail_google_schema_whitelisting"
-    end
-
-    it 'runs the task without errors' do
-      expect { run_rake_task }.not_to raise_error
-    end
-  end
-end
diff --git a/spec/tasks/gitlab/mail_google_schema_whitelisting_spec.rb b/spec/tasks/gitlab/mail_google_schema_whitelisting_spec.rb
new file mode 100644
index 00000000000..8d1cff7a261
--- /dev/null
+++ b/spec/tasks/gitlab/mail_google_schema_whitelisting_spec.rb
@@ -0,0 +1,27 @@
+require 'spec_helper'
+require 'rake'
+
+describe 'gitlab:mail_google_schema_whitelisting rake task' do
+  before :all do
+    Rake.application.rake_require "tasks/gitlab/helpers"
+    Rake.application.rake_require "tasks/gitlab/mail_google_schema_whitelisting"
+    # empty task as env is already loaded
+    Rake::Task.define_task :environment
+  end
+
+  describe 'call' do
+    before do
+      # avoid writing task output to spec progress
+      allow($stdout).to receive :write
+    end
+
+    let :run_rake_task do
+      Rake::Task["gitlab:mail_google_schema_whitelisting"].reenable
+      Rake.application.invoke_task "gitlab:mail_google_schema_whitelisting"
+    end
+
+    it 'runs the task without errors' do
+      expect { run_rake_task }.not_to raise_error
+    end
+  end
+end
diff --git a/spec/views/dashboard/projects/_blank_state_admin_welcome.haml.rb b/spec/views/dashboard/projects/_blank_state_admin_welcome.haml.rb
deleted file mode 100644
index 2f58eec86dc..00000000000
--- a/spec/views/dashboard/projects/_blank_state_admin_welcome.haml.rb
+++ /dev/null
@@ -1,15 +0,0 @@
-require 'spec_helper'
-
-describe 'dashboard/projects/_blank_state_admin_welcome.html.haml' do
-  let(:user) { create(:admin) }
-
-  before do
-    allow(view).to receive(:current_user).and_return(user)
-  end
-
-  it 'links to new group path' do
-    render
-
-    expect(rendered).to have_link('Create a group', href: new_group_path)
-  end
-end
diff --git a/spec/views/dashboard/projects/_blank_state_admin_welcome.haml_spec.rb b/spec/views/dashboard/projects/_blank_state_admin_welcome.haml_spec.rb
new file mode 100644
index 00000000000..2f58eec86dc
--- /dev/null
+++ b/spec/views/dashboard/projects/_blank_state_admin_welcome.haml_spec.rb
@@ -0,0 +1,15 @@
+require 'spec_helper'
+
+describe 'dashboard/projects/_blank_state_admin_welcome.html.haml' do
+  let(:user) { create(:admin) }
+
+  before do
+    allow(view).to receive(:current_user).and_return(user)
+  end
+
+  it 'links to new group path' do
+    render
+
+    expect(rendered).to have_link('Create a group', href: new_group_path)
+  end
+end
diff --git a/spec/views/dashboard/projects/_nav.html.haml.rb b/spec/views/dashboard/projects/_nav.html.haml.rb
deleted file mode 100644
index f6a8ca13040..00000000000
--- a/spec/views/dashboard/projects/_nav.html.haml.rb
+++ /dev/null
@@ -1,17 +0,0 @@
-require 'spec_helper'
-
-describe 'dashboard/projects/_nav.html.haml' do
-  it 'highlights All tab by default' do
-    render
-
-    expect(rendered).to have_css('li.active a', text: 'All')
-  end
-
-  it 'highlights Personal tab personal param is present' do
-    controller.params[:personal] = true
-
-    render
-
-    expect(rendered).to have_css('li.active a', text: 'Personal')
-  end
-end
diff --git a/spec/views/dashboard/projects/_nav.html.haml_spec.rb b/spec/views/dashboard/projects/_nav.html.haml_spec.rb
new file mode 100644
index 00000000000..f6a8ca13040
--- /dev/null
+++ b/spec/views/dashboard/projects/_nav.html.haml_spec.rb
@@ -0,0 +1,17 @@
+require 'spec_helper'
+
+describe 'dashboard/projects/_nav.html.haml' do
+  it 'highlights All tab by default' do
+    render
+
+    expect(rendered).to have_css('li.active a', text: 'All')
+  end
+
+  it 'highlights Personal tab personal param is present' do
+    controller.params[:personal] = true
+
+    render
+
+    expect(rendered).to have_css('li.active a', text: 'Personal')
+  end
+end
diff --git a/spec/views/projects/deployments/_confirm_rollback_modal_spec.html.rb b/spec/views/projects/deployments/_confirm_rollback_modal_spec.html.rb
deleted file mode 100644
index 54ec4f32856..00000000000
--- a/spec/views/projects/deployments/_confirm_rollback_modal_spec.html.rb
+++ /dev/null
@@ -1,63 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe 'projects/deployments/_confirm_rollback_modal' do
-  let(:environment) { create(:environment, :with_review_app) }
-  let(:deployments) { environment.deployments }
-  let(:project) { environment.project }
-
-  before do
-    assign(:environment, environment)
-    assign(:deployments, deployments)
-    assign(:project, project)
-  end
-
-  context 'when re-deploying last deployment' do
-    let(:deployment) { deployments.first }
-
-    before do
-      allow(view).to receive(:deployment).and_return(deployment)
-    end
-
-    it 'shows "re-deploy"' do
-      render
-
-      expect(rendered).to have_selector('h4', text: "Re-deploy environment #{environment.name}?")
-      expect(rendered).to have_selector('p', text: "This action will relaunch the job for commit #{deployment.short_sha}, putting the environment in a previous version. Are you sure you want to continue?")
-      expect(rendered).to have_selector('a.btn-danger', text: 'Re-deploy')
-    end
-
-    it 'links to re-deploying the environment' do
-      expected_link = retry_project_job_path(environment.project, deployment.deployable)
-
-      render
-
-      expect(rendered).to have_selector("a[href='#{expected_link}']", text: 'Re-deploy')
-    end
-  end
-
-  context 'when rolling back to previous deployment' do
-    let(:deployment) { create(:deployment, environment: environment) }
-
-    before do
-      allow(view).to receive(:deployment).and_return(deployment)
-    end
-
-    it 'shows "rollback"' do
-      render
-
-      expect(rendered).to have_selector('h4', text: "Rollback environment #{environment.name}?")
-      expect(rendered).to have_selector('p', text: "This action will run the job defined by staging for commit #{deployment.short_sha}, putting the environment in a previous version. You can revert it by re-deploying the latest version of your application. Are you sure you want to continue?")
-      expect(rendered).to have_selector('a.btn-danger', text: 'Rollback')
-    end
-
-    it 'links to re-deploying the environment' do
-      expected_link = retry_project_job_path(environment.project, deployment.deployable)
-
-      render
-
-      expect(rendered).to have_selector("a[href='#{expected_link}']", text: 'Rollback')
-    end
-  end
-end
diff --git a/spec/views/projects/deployments/_confirm_rollback_modal_spec.html_spec.rb b/spec/views/projects/deployments/_confirm_rollback_modal_spec.html_spec.rb
new file mode 100644
index 00000000000..54ec4f32856
--- /dev/null
+++ b/spec/views/projects/deployments/_confirm_rollback_modal_spec.html_spec.rb
@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'projects/deployments/_confirm_rollback_modal' do
+  let(:environment) { create(:environment, :with_review_app) }
+  let(:deployments) { environment.deployments }
+  let(:project) { environment.project }
+
+  before do
+    assign(:environment, environment)
+    assign(:deployments, deployments)
+    assign(:project, project)
+  end
+
+  context 'when re-deploying last deployment' do
+    let(:deployment) { deployments.first }
+
+    before do
+      allow(view).to receive(:deployment).and_return(deployment)
+    end
+
+    it 'shows "re-deploy"' do
+      render
+
+      expect(rendered).to have_selector('h4', text: "Re-deploy environment #{environment.name}?")
+      expect(rendered).to have_selector('p', text: "This action will relaunch the job for commit #{deployment.short_sha}, putting the environment in a previous version. Are you sure you want to continue?")
+      expect(rendered).to have_selector('a.btn-danger', text: 'Re-deploy')
+    end
+
+    it 'links to re-deploying the environment' do
+      expected_link = retry_project_job_path(environment.project, deployment.deployable)
+
+      render
+
+      expect(rendered).to have_selector("a[href='#{expected_link}']", text: 'Re-deploy')
+    end
+  end
+
+  context 'when rolling back to previous deployment' do
+    let(:deployment) { create(:deployment, environment: environment) }
+
+    before do
+      allow(view).to receive(:deployment).and_return(deployment)
+    end
+
+    it 'shows "rollback"' do
+      render
+
+      expect(rendered).to have_selector('h4', text: "Rollback environment #{environment.name}?")
+      expect(rendered).to have_selector('p', text: "This action will run the job defined by staging for commit #{deployment.short_sha}, putting the environment in a previous version. You can revert it by re-deploying the latest version of your application. Are you sure you want to continue?")
+      expect(rendered).to have_selector('a.btn-danger', text: 'Rollback')
+    end
+
+    it 'links to re-deploying the environment' do
+      expected_link = retry_project_job_path(environment.project, deployment.deployable)
+
+      render
+
+      expect(rendered).to have_selector("a[href='#{expected_link}']", text: 'Rollback')
+    end
+  end
+end
diff --git a/spec/views/shared/_label_row.html.haml.rb b/spec/views/shared/_label_row.html.haml.rb
deleted file mode 100644
index a58d5efc1e3..00000000000
--- a/spec/views/shared/_label_row.html.haml.rb
+++ /dev/null
@@ -1,32 +0,0 @@
-require 'spec_helper'
-
-describe 'shared/_label_row.html.haml' do
-  label_types = {
-    'project label': :label,
-    'group label': :group_label
-  }
-
-  label_types.each do |label_type, label_factory|
-    let!(:label) { create(label_factory) }
-
-    context "for a #{label_type}" do
-      it 'has a non-linked label title' do
-        render 'shared/label_row', label: label
-
-        expect(rendered).not_to have_css('a', text: label.title)
-      end
-
-      it "has Issues link for #{label_type}" do
-        render 'shared/label_row', label: label
-
-        expect(rendered).to have_css('a', text: 'Issues')
-      end
-
-      it "has Merge request link for #{label_type}" do
-        render 'shared/label_row', label: label
-
-        expect(rendered).to have_css('a', text: 'Merge requests')
-      end
-    end
-  end
-end
diff --git a/spec/views/shared/_label_row.html.haml_spec.rb b/spec/views/shared/_label_row.html.haml_spec.rb
new file mode 100644
index 00000000000..a58d5efc1e3
--- /dev/null
+++ b/spec/views/shared/_label_row.html.haml_spec.rb
@@ -0,0 +1,32 @@
+require 'spec_helper'
+
+describe 'shared/_label_row.html.haml' do
+  label_types = {
+    'project label': :label,
+    'group label': :group_label
+  }
+
+  label_types.each do |label_type, label_factory|
+    let!(:label) { create(label_factory) }
+
+    context "for a #{label_type}" do
+      it 'has a non-linked label title' do
+        render 'shared/label_row', label: label
+
+        expect(rendered).not_to have_css('a', text: label.title)
+      end
+
+      it "has Issues link for #{label_type}" do
+        render 'shared/label_row', label: label
+
+        expect(rendered).to have_css('a', text: 'Issues')
+      end
+
+      it "has Merge request link for #{label_type}" do
+        render 'shared/label_row', label: label
+
+        expect(rendered).to have_css('a', text: 'Merge requests')
+      end
+    end
+  end
+end
diff --git a/spec/views/shared/milestones/_issuable.html.haml.rb b/spec/views/shared/milestones/_issuable.html.haml.rb
deleted file mode 100644
index 0a3f877cae0..00000000000
--- a/spec/views/shared/milestones/_issuable.html.haml.rb
+++ /dev/null
@@ -1,19 +0,0 @@
-require 'spec_helper'
-
-describe 'shared/milestones/_issuable.html.haml' do
-  let(:project) { create(:project) }
-  let(:user) { create(:user) }
-  let(:milestone) { create(:milestone, project: project) }
-  let(:issuable) { create(:issue, project: project, assignees: [user]) }
-
-  before do
-    assign(:project, project)
-    assign(:milestone, milestone)
-  end
-
-  it 'avatar links to issues page' do
-    render 'shared/milestones/issuable', issuable: issuable, show_project_name: true
-
-    expect(rendered).to have_css("a[href='#{project_issues_path(project, milestone_title: milestone.title, assignee_id: user.id, state: 'all')}']")
-  end
-end
diff --git a/spec/views/shared/milestones/_issuable.html.haml_spec.rb b/spec/views/shared/milestones/_issuable.html.haml_spec.rb
new file mode 100644
index 00000000000..0a3f877cae0
--- /dev/null
+++ b/spec/views/shared/milestones/_issuable.html.haml_spec.rb
@@ -0,0 +1,19 @@
+require 'spec_helper'
+
+describe 'shared/milestones/_issuable.html.haml' do
+  let(:project) { create(:project) }
+  let(:user) { create(:user) }
+  let(:milestone) { create(:milestone, project: project) }
+  let(:issuable) { create(:issue, project: project, assignees: [user]) }
+
+  before do
+    assign(:project, project)
+    assign(:milestone, milestone)
+  end
+
+  it 'avatar links to issues page' do
+    render 'shared/milestones/issuable', issuable: issuable, show_project_name: true
+
+    expect(rendered).to have_css("a[href='#{project_issues_path(project, milestone_title: milestone.title, assignee_id: user.id, state: 'all')}']")
+  end
+end
diff --git a/spec/views/shared/milestones/_issuables.html.haml.rb b/spec/views/shared/milestones/_issuables.html.haml.rb
deleted file mode 100644
index cbbb984935f..00000000000
--- a/spec/views/shared/milestones/_issuables.html.haml.rb
+++ /dev/null
@@ -1,32 +0,0 @@
-require 'spec_helper'
-
-describe 'shared/milestones/_issuables.html.haml' do
-  let(:issuables_size) { 100 }
-
-  before do
-    allow(view).to receive_messages(title: nil, id: nil, show_project_name: nil,
-                                    show_full_project_name: nil, dom_class: '',
-                                    issuables: double(size: issuables_size).as_null_object)
-
-    stub_template 'shared/milestones/_issuable.html.haml' => ''
-  end
-
-  it 'shows the issuables count if show_counter is true' do
-    render 'shared/milestones/issuables', show_counter: true
-    expect(rendered).to have_content('100')
-  end
-
-  it 'does not show the issuables count if show_counter is false' do
-    render 'shared/milestones/issuables', show_counter: false
-    expect(rendered).not_to have_content('100')
-  end
-
-  describe 'a high issuables count' do
-    let(:issuables_size) { 1000 }
-
-    it 'shows a delimited number if show_counter is true' do
-      render 'shared/milestones/issuables', show_counter: true
-      expect(rendered).to have_content('1,000')
-    end
-  end
-end
diff --git a/spec/views/shared/milestones/_issuables.html.haml_spec.rb b/spec/views/shared/milestones/_issuables.html.haml_spec.rb
new file mode 100644
index 00000000000..cbbb984935f
--- /dev/null
+++ b/spec/views/shared/milestones/_issuables.html.haml_spec.rb
@@ -0,0 +1,32 @@
+require 'spec_helper'
+
+describe 'shared/milestones/_issuables.html.haml' do
+  let(:issuables_size) { 100 }
+
+  before do
+    allow(view).to receive_messages(title: nil, id: nil, show_project_name: nil,
+                                    show_full_project_name: nil, dom_class: '',
+                                    issuables: double(size: issuables_size).as_null_object)
+
+    stub_template 'shared/milestones/_issuable.html.haml' => ''
+  end
+
+  it 'shows the issuables count if show_counter is true' do
+    render 'shared/milestones/issuables', show_counter: true
+    expect(rendered).to have_content('100')
+  end
+
+  it 'does not show the issuables count if show_counter is false' do
+    render 'shared/milestones/issuables', show_counter: false
+    expect(rendered).not_to have_content('100')
+  end
+
+  describe 'a high issuables count' do
+    let(:issuables_size) { 1000 }
+
+    it 'shows a delimited number if show_counter is true' do
+      render 'shared/milestones/issuables', show_counter: true
+      expect(rendered).to have_content('1,000')
+    end
+  end
+end
diff --git a/spec/views/shared/milestones/_top.html.haml.rb b/spec/views/shared/milestones/_top.html.haml.rb
deleted file mode 100644
index 516d81c87ac..00000000000
--- a/spec/views/shared/milestones/_top.html.haml.rb
+++ /dev/null
@@ -1,35 +0,0 @@
-require 'spec_helper'
-
-describe 'shared/milestones/_top.html.haml' do
-  set(:group) { create(:group) }
-  let(:project) { create(:project, group: group) }
-  let(:milestone) { create(:milestone, project: project) }
-
-  before do
-    allow(milestone).to receive(:milestones) { [] }
-  end
-
-  it 'renders a deprecation message for a legacy milestone' do
-    allow(milestone).to receive(:legacy_group_milestone?) { true }
-
-    render 'shared/milestones/top', milestone: milestone
-
-    expect(rendered).to have_css('.milestone-deprecation-message')
-  end
-
-  it 'renders a deprecation message for a dashboard milestone' do
-    allow(milestone).to receive(:dashboard_milestone?) { true }
-
-    render 'shared/milestones/top', milestone: milestone
-
-    expect(rendered).to have_css('.milestone-deprecation-message')
-  end
-
-  it 'does not render a deprecation message for a non-legacy and non-dashboard milestone' do
-    assign :group, group
-
-    render 'shared/milestones/top', milestone: milestone
-
-    expect(rendered).not_to have_css('.milestone-deprecation-message')
-  end
-end
diff --git a/spec/views/shared/milestones/_top.html.haml_spec.rb b/spec/views/shared/milestones/_top.html.haml_spec.rb
new file mode 100644
index 00000000000..516d81c87ac
--- /dev/null
+++ b/spec/views/shared/milestones/_top.html.haml_spec.rb
@@ -0,0 +1,35 @@
+require 'spec_helper'
+
+describe 'shared/milestones/_top.html.haml' do
+  set(:group) { create(:group) }
+  let(:project) { create(:project, group: group) }
+  let(:milestone) { create(:milestone, project: project) }
+
+  before do
+    allow(milestone).to receive(:milestones) { [] }
+  end
+
+  it 'renders a deprecation message for a legacy milestone' do
+    allow(milestone).to receive(:legacy_group_milestone?) { true }
+
+    render 'shared/milestones/top', milestone: milestone
+
+    expect(rendered).to have_css('.milestone-deprecation-message')
+  end
+
+  it 'renders a deprecation message for a dashboard milestone' do
+    allow(milestone).to receive(:dashboard_milestone?) { true }
+
+    render 'shared/milestones/top', milestone: milestone
+
+    expect(rendered).to have_css('.milestone-deprecation-message')
+  end
+
+  it 'does not render a deprecation message for a non-legacy and non-dashboard milestone' do
+    assign :group, group
+
+    render 'shared/milestones/top', milestone: milestone
+
+    expect(rendered).not_to have_css('.milestone-deprecation-message')
+  end
+end
-- 
cgit v1.2.1


From 4d90aa83a0d718fb3f412e98f64963b623887004 Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Tue, 30 Jul 2019 13:29:17 +0100
Subject: Fix labels issuable link specs

---
 .../labels/user_sees_links_to_issuables_spec.rb    |  6 ++--
 .../labels/user_sees_links_to_issuables_spec.rb    | 36 ++++++++++++++--------
 spec/views/shared/_label_row.html.haml_spec.rb     | 13 +++++++-
 3 files changed, 40 insertions(+), 15 deletions(-)

diff --git a/spec/features/groups/labels/user_sees_links_to_issuables_spec.rb b/spec/features/groups/labels/user_sees_links_to_issuables_spec.rb
index e636f625b31..6199b566ebc 100644
--- a/spec/features/groups/labels/user_sees_links_to_issuables_spec.rb
+++ b/spec/features/groups/labels/user_sees_links_to_issuables_spec.rb
@@ -11,7 +11,9 @@ describe 'Groups > Labels > User sees links to issuables' do
   end
 
   it 'shows links to MRs and issues' do
-    expect(page).to have_link('view merge requests')
-    expect(page).to have_link('view open issues')
+    page.within('.labels-container') do
+      expect(page).to have_link('Merge requests')
+      expect(page).to have_link('Issues')
+    end
   end
 end
diff --git a/spec/features/projects/labels/user_sees_links_to_issuables_spec.rb b/spec/features/projects/labels/user_sees_links_to_issuables_spec.rb
index fd2151a1f8e..7a9b9e6eac2 100644
--- a/spec/features/projects/labels/user_sees_links_to_issuables_spec.rb
+++ b/spec/features/projects/labels/user_sees_links_to_issuables_spec.rb
@@ -19,8 +19,10 @@ describe 'Projects > Labels > User sees links to issuables' do
       let(:project) { create(:project, :public) }
 
       it 'shows links to MRs and issues' do
-        expect(page).to have_link('view merge requests')
-        expect(page).to have_link('view open issues')
+        page.within('.labels-container') do
+          expect(page).to have_link('Merge requests')
+          expect(page).to have_link('Issues')
+        end
       end
     end
 
@@ -28,8 +30,10 @@ describe 'Projects > Labels > User sees links to issuables' do
       let(:project) { create(:project, :public, issues_access_level: ProjectFeature::DISABLED) }
 
       it 'shows links to MRs but not to issues' do
-        expect(page).to have_link('view merge requests')
-        expect(page).not_to have_link('view open issues')
+        page.within('.labels-container') do
+          expect(page).to have_link('Merge requests')
+          expect(page).not_to have_link('Issues')
+        end
       end
     end
 
@@ -37,8 +41,10 @@ describe 'Projects > Labels > User sees links to issuables' do
       let(:project) { create(:project, :public, merge_requests_access_level: ProjectFeature::DISABLED) }
 
       it 'shows links to issues but not to MRs' do
-        expect(page).not_to have_link('view merge requests')
-        expect(page).to have_link('view open issues')
+        page.within('.labels-container') do
+          expect(page).not_to have_link('Merge requests')
+          expect(page).to have_link('Issues')
+        end
       end
     end
   end
@@ -51,8 +57,10 @@ describe 'Projects > Labels > User sees links to issuables' do
       let(:project) { create(:project, :public, namespace: group) }
 
       it 'shows links to MRs and issues' do
-        expect(page).to have_link('view merge requests')
-        expect(page).to have_link('view open issues')
+        page.within('.labels-container') do
+          expect(page).to have_link('Merge requests')
+          expect(page).to have_link('Issues')
+        end
       end
     end
 
@@ -60,8 +68,10 @@ describe 'Projects > Labels > User sees links to issuables' do
       let(:project) { create(:project, :public, namespace: group, issues_access_level: ProjectFeature::DISABLED) }
 
       it 'shows links to MRs and issues' do
-        expect(page).to have_link('view merge requests')
-        expect(page).to have_link('view open issues')
+        page.within('.labels-container') do
+          expect(page).to have_link('Merge requests')
+          expect(page).to have_link('Issues')
+        end
       end
     end
 
@@ -69,8 +79,10 @@ describe 'Projects > Labels > User sees links to issuables' do
       let(:project) { create(:project, :public, namespace: group, merge_requests_access_level: ProjectFeature::DISABLED) }
 
       it 'shows links to MRs and issues' do
-        expect(page).to have_link('view merge requests')
-        expect(page).to have_link('view open issues')
+        page.within('.labels-container') do
+          expect(page).to have_link('Merge requests')
+          expect(page).to have_link('Issues')
+        end
       end
     end
   end
diff --git a/spec/views/shared/_label_row.html.haml_spec.rb b/spec/views/shared/_label_row.html.haml_spec.rb
index a58d5efc1e3..4cce13aa37c 100644
--- a/spec/views/shared/_label_row.html.haml_spec.rb
+++ b/spec/views/shared/_label_row.html.haml_spec.rb
@@ -7,9 +7,20 @@ describe 'shared/_label_row.html.haml' do
   }
 
   label_types.each do |label_type, label_factory|
-    let!(:label) { create(label_factory) }
+    let!(:label) do
+      label_record = create(label_factory)
+      label_record.present(issuable_subject: label_record.subject)
+    end
 
     context "for a #{label_type}" do
+      before do
+        if label.project_label?
+          @project = label.project
+        else
+          @group = label.group
+        end
+      end
+
       it 'has a non-linked label title' do
         render 'shared/label_row', label: label
 
-- 
cgit v1.2.1


From 6eb192327e2aa4bcd9b697587f189967c8e2446d Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Tue, 30 Jul 2019 13:39:33 +0100
Subject: Fix milestone view specs

---
 app/views/shared/milestones/_top.html.haml                | 2 +-
 spec/views/shared/milestones/_issuables.html.haml_spec.rb | 2 +-
 spec/views/shared/milestones/_top.html.haml_spec.rb       | 1 +
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/views/shared/milestones/_top.html.haml b/app/views/shared/milestones/_top.html.haml
index 43503e1d08a..fd3317341f6 100644
--- a/app/views/shared/milestones/_top.html.haml
+++ b/app/views/shared/milestones/_top.html.haml
@@ -53,7 +53,7 @@
     - close_msg = group ? 'You may close the milestone now.' : 'Navigate to the project to close the milestone.'
     %span All issues for this milestone are closed. #{close_msg}
 
-= render_if_exists 'shared/milestones/burndown', milestone: @milestone, project: @project
+= render_if_exists 'shared/milestones/burndown', milestone: milestone, project: @project
 
 - if is_dynamic_milestone
   .table-holder
diff --git a/spec/views/shared/milestones/_issuables.html.haml_spec.rb b/spec/views/shared/milestones/_issuables.html.haml_spec.rb
index cbbb984935f..24b55338db3 100644
--- a/spec/views/shared/milestones/_issuables.html.haml_spec.rb
+++ b/spec/views/shared/milestones/_issuables.html.haml_spec.rb
@@ -6,7 +6,7 @@ describe 'shared/milestones/_issuables.html.haml' do
   before do
     allow(view).to receive_messages(title: nil, id: nil, show_project_name: nil,
                                     show_full_project_name: nil, dom_class: '',
-                                    issuables: double(size: issuables_size).as_null_object)
+                                    issuables: double(length: issuables_size).as_null_object)
 
     stub_template 'shared/milestones/_issuable.html.haml' => ''
   end
diff --git a/spec/views/shared/milestones/_top.html.haml_spec.rb b/spec/views/shared/milestones/_top.html.haml_spec.rb
index 516d81c87ac..f2ee8be5857 100644
--- a/spec/views/shared/milestones/_top.html.haml_spec.rb
+++ b/spec/views/shared/milestones/_top.html.haml_spec.rb
@@ -7,6 +7,7 @@ describe 'shared/milestones/_top.html.haml' do
 
   before do
     allow(milestone).to receive(:milestones) { [] }
+    allow(milestone).to receive(:milestone) { milestone }
   end
 
   it 'renders a deprecation message for a legacy milestone' do
-- 
cgit v1.2.1


From 930026f49b75b8d31b3c218923f9d0d2bb77a08a Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Tue, 30 Jul 2019 13:56:37 +0100
Subject: Remove mail_google_schema_whitelisting spec

This task was removed in 2014! The spec wasn't, probably because it
didn't fail as it was never executed. See
0fc5c80207a1ebcfbdae1d0d16b9aeb984bac271.
---
 .../gitlab/mail_google_schema_whitelisting_spec.rb | 27 ----------------------
 1 file changed, 27 deletions(-)
 delete mode 100644 spec/tasks/gitlab/mail_google_schema_whitelisting_spec.rb

diff --git a/spec/tasks/gitlab/mail_google_schema_whitelisting_spec.rb b/spec/tasks/gitlab/mail_google_schema_whitelisting_spec.rb
deleted file mode 100644
index 8d1cff7a261..00000000000
--- a/spec/tasks/gitlab/mail_google_schema_whitelisting_spec.rb
+++ /dev/null
@@ -1,27 +0,0 @@
-require 'spec_helper'
-require 'rake'
-
-describe 'gitlab:mail_google_schema_whitelisting rake task' do
-  before :all do
-    Rake.application.rake_require "tasks/gitlab/helpers"
-    Rake.application.rake_require "tasks/gitlab/mail_google_schema_whitelisting"
-    # empty task as env is already loaded
-    Rake::Task.define_task :environment
-  end
-
-  describe 'call' do
-    before do
-      # avoid writing task output to spec progress
-      allow($stdout).to receive :write
-    end
-
-    let :run_rake_task do
-      Rake::Task["gitlab:mail_google_schema_whitelisting"].reenable
-      Rake.application.invoke_task "gitlab:mail_google_schema_whitelisting"
-    end
-
-    it 'runs the task without errors' do
-      expect { run_rake_task }.not_to raise_error
-    end
-  end
-end
-- 
cgit v1.2.1


From 5f48792b9565d3b8f374f5f26c040a2e46f4f73e Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Tue, 30 Jul 2019 14:11:20 +0100
Subject: Fix project nav specs

---
 spec/views/dashboard/projects/_nav.html.haml_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/views/dashboard/projects/_nav.html.haml_spec.rb b/spec/views/dashboard/projects/_nav.html.haml_spec.rb
index f6a8ca13040..cbdd3c0acc3 100644
--- a/spec/views/dashboard/projects/_nav.html.haml_spec.rb
+++ b/spec/views/dashboard/projects/_nav.html.haml_spec.rb
@@ -4,7 +4,7 @@ describe 'dashboard/projects/_nav.html.haml' do
   it 'highlights All tab by default' do
     render
 
-    expect(rendered).to have_css('li.active a', text: 'All')
+    expect(rendered).to have_css('a.active', text: 'All')
   end
 
   it 'highlights Personal tab personal param is present' do
@@ -12,6 +12,6 @@ describe 'dashboard/projects/_nav.html.haml' do
 
     render
 
-    expect(rendered).to have_css('li.active a', text: 'Personal')
+    expect(rendered).to have_css('a.active', text: 'Personal')
   end
 end
-- 
cgit v1.2.1


From 2b58b202e162a07bd991a27b685d5cf409a9e890 Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Tue, 30 Jul 2019 14:16:05 +0100
Subject: Remove snippet breadcrumb spec

We removed the breadcrumbs in 0def36777e3f9e5f57fd0e1ebd023b43229622fc.
---
 .../snippets/user_sees_breadcrumb_links_spec.rb       | 19 -------------------
 1 file changed, 19 deletions(-)
 delete mode 100644 spec/features/snippets/user_sees_breadcrumb_links_spec.rb

diff --git a/spec/features/snippets/user_sees_breadcrumb_links_spec.rb b/spec/features/snippets/user_sees_breadcrumb_links_spec.rb
deleted file mode 100644
index 5b10984ce1d..00000000000
--- a/spec/features/snippets/user_sees_breadcrumb_links_spec.rb
+++ /dev/null
@@ -1,19 +0,0 @@
-# frozen_string_literal: true
-
-require 'rails_helper'
-
-describe 'New user snippet breadcrumbs' do
-  let(:user) { create(:user) }
-
-  before do
-    sign_in(user)
-    visit new_snippet_path
-  end
-
-  it 'display a link to user snippets and new user snippet pages' do
-    page.within '.breadcrumbs' do
-      expect(find_link('Snippets')[:href]).to end_with(dashboard_snippets_path)
-      expect(find_link('New')[:href]).to end_with(new_snippet_path)
-    end
-  end
-end
-- 
cgit v1.2.1


From 908b573194c8022c8c50ca349dc589a30aedd728 Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Tue, 30 Jul 2019 14:25:17 +0100
Subject: Quarantine folder containing only a folder spec

---
 .../user_browses_a_tree_with_a_folder_containing_only_a_folder_spec.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder_spec.rb b/spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder_spec.rb
index 934de2fde8f..c19e46da913 100644
--- a/spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder_spec.rb
+++ b/spec/features/projects/files/user_browses_a_tree_with_a_folder_containing_only_a_folder_spec.rb
@@ -3,7 +3,8 @@
 require 'spec_helper'
 
 # This is a regression test for https://gitlab.com/gitlab-org/gitlab-ce/issues/37569
-describe 'Projects > Files > User browses a tree with a folder containing only a folder' do
+# Quarantine: https://gitlab.com/gitlab-org/gitlab-ce/issues/65329
+describe 'Projects > Files > User browses a tree with a folder containing only a folder', :quarantine do
   let(:project) { create(:project, :empty_repo) }
   let(:user) { project.owner }
 
-- 
cgit v1.2.1


From d2083f8b3495b466ea563cdafccce4cfbfebc2b4 Mon Sep 17 00:00:00 2001
From: Mark Lapierre <mlapierre@gitlab.com>
Date: Thu, 1 Aug 2019 10:23:15 +0000
Subject: Implement review suggestions

Make package-and-qa manual so the default `on_success` doesn't need
to be set on package-and-qa-always.

Remove unnecessary `except: []`
---
 .gitlab/ci/qa.gitlab-ci.yml | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/.gitlab/ci/qa.gitlab-ci.yml b/.gitlab/ci/qa.gitlab-ci.yml
index ee9e467886a..dcc681294d2 100644
--- a/.gitlab/ci/qa.gitlab-ci.yml
+++ b/.gitlab/ci/qa.gitlab-ci.yml
@@ -1,7 +1,6 @@
-package-and-qa:
+.package-and-qa-base:
   image: ruby:2.6-alpine
   stage: review  # So even if review-deploy failed we can still run this
-  when: manual
   before_script: []
   dependencies: []
   cache: {}
@@ -13,5 +12,18 @@ package-and-qa:
     - install_gitlab_gem
     - ./scripts/trigger-build omnibus
   only:
-    - /.+/@gitlab-org/gitlab-ce
-    - /.+/@gitlab-org/gitlab-ee
+    - branches@gitlab-org/gitlab-ce
+    - branches@gitlab-org/gitlab-ee
+
+package-and-qa:
+  extends: .package-and-qa-base
+  when: manual
+  except:
+    - /(^qa[\/-].*|.*-qa$)/
+
+package-and-qa-always:
+  extends: .package-and-qa-base
+  allow_failure: true
+  only:
+    - /(^qa[\/-].*|.*-qa$)/@gitlab-org/gitlab-ce
+    - /(^qa[\/-].*|.*-qa$)/@gitlab-org/gitlab-ee
-- 
cgit v1.2.1


From 6dad5cc1944f970395d33f85b87c5287686c91f2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20Coutable?= <remy@rymai.me>
Date: Tue, 30 Jul 2019 13:49:41 +0200
Subject: Ensure review-stop can run even when the branch has been deleted
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Rémy Coutable <remy@rymai.me>
---
 .gitlab/ci/review.gitlab-ci.yml | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml
index aa722f6ef33..29ed41ce0c6 100644
--- a/.gitlab/ci/review.gitlab-ci.yml
+++ b/.gitlab/ci/review.gitlab-ci.yml
@@ -116,17 +116,21 @@ schedule:review-deploy:
   <<: *review-schedules-only
 
 review-stop:
-  <<: *review-base
+  <<: *review-only
+  extends: .single-script-job-dedicated-runner
+  image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
   stage: review
   when: manual
   allow_failure: true
   variables:
-    GIT_DEPTH: "1"
+    SCRIPT_NAME: review_apps/review-apps.sh
   environment:
     <<: *review-environment
     action: stop
   script:
-    - source scripts/review_apps/review-apps.sh
+    - wget $CI_PROJECT_URL/raw/$CI_COMMIT_SHA/scripts/utils.sh
+    - source utils.sh
+    - source $(basename $SCRIPT_NAME)
     - delete
 
 .review-qa-base: &review-qa-base
-- 
cgit v1.2.1


From f26bb243ccf4e05f3f231d3ed62eb862dc643f0c Mon Sep 17 00:00:00 2001
From: Walmyr Lima <walmyr@gitlab.com>
Date: Wed, 31 Jul 2019 15:29:06 +0200
Subject: Update e2e style guide with new guideline

---
 .../testing_guide/end_to_end/style_guide.md        | 44 ++++++++++++++++++++++
 1 file changed, 44 insertions(+)

diff --git a/doc/development/testing_guide/end_to_end/style_guide.md b/doc/development/testing_guide/end_to_end/style_guide.md
index c9c375d4320..97560e616a1 100644
--- a/doc/development/testing_guide/end_to_end/style_guide.md
+++ b/doc/development/testing_guide/end_to_end/style_guide.md
@@ -98,3 +98,47 @@ view '...' do
   element :ssh_clone_url
 end
 ```
+
+## Block argument naming
+
+To have a standard on how we call pages when using the `.perform` method, we use the name of page object being called, all lowercased, and separated by underscore, if needed (see good and bad examples below.) This also applies to resources. We chose not to simply use `page` because that would shadow the Capybara DSL, potentially leading to confusion and bugs.
+
+### Examples
+
+**Good**
+
+```ruby
+# qa/specs/features/browser_ui/1_manage/project/add_project_member_spec.rb
+
+Page::Project::Settings::Members.perform do |members|
+  members.do_something
+end
+```
+
+```ruby
+# qa/specs/features/ee/browser_ui/3_create/merge_request/add_batch_comments_in_merge_request_spec.rb
+
+Resource::MergeRequest.fabricate! do |merge_request|
+  merge_request.do_something_else
+end
+```
+
+**Bad**
+
+```ruby
+# qa/specs/features/browser_ui/1_manage/project/add_project_member_spec.rb
+
+Page::Project::Settings::Members.perform do |project_settings_members_page|
+  project_settings_members_page.do_something
+end
+```
+
+```ruby
+# qa/specs/features/ee/browser_ui/3_create/merge_request/add_batch_comments_in_merge_request_spec.rb
+
+Resource::MergeRequest.fabricate! do |merge_request_page|
+  merge_request_page.do_something_else
+end
+```
+
+> Besides the advantage of having a standard in place, by following this standard we also write shorter lines of code.
\ No newline at end of file
-- 
cgit v1.2.1


From cb76850037de23f24bab39886397040769f35aeb Mon Sep 17 00:00:00 2001
From: Vlad Stoianovici <vstoianovici@gitlab.com>
Date: Thu, 1 Aug 2019 11:29:44 +0000
Subject: Portray better use of types of variables in .gitlab-ci.yml

---
 doc/ci/variables/README.md | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/doc/ci/variables/README.md b/doc/ci/variables/README.md
index 4d6ca8cff6d..c48817a5e30 100644
--- a/doc/ci/variables/README.md
+++ b/doc/ci/variables/README.md
@@ -370,8 +370,11 @@ variables take precedence over those defined in `.gitlab-ci.yml`.
 ## Unsupported variables
 
 There are cases where some variables cannot be used in the context of a
-`.gitlab-ci.yml` definition (for example under `script`). Read more
-about which variables are [not supported](where_variables_can_be_used.md).
+`.gitlab-ci.yml` definition (for example under `script`). Read more about which variables are [not supported](where_variables_can_be_used.md).
+ 
+## Where variables can be used 
+
+Click [here](where_variables_can_be_used.md) for a section that describes where and how the different types of variables can be used.
 
 ## Advanced use
 
-- 
cgit v1.2.1


From 27194e08525fa2ef43aa9f3dbfda378a7b1258bd Mon Sep 17 00:00:00 2001
From: Yorick Peterse <yorickpeterse@gmail.com>
Date: Thu, 1 Aug 2019 14:41:37 +0200
Subject: Support X_if_ee methods for QA tests

For the QA tests to use the new injection methods, we must require the
initializer and ensure that the "constantize" method is available.
---
 config/initializers/0_inject_enterprise_edition_module.rb | 2 ++
 qa/qa.rb                                                  | 3 +++
 2 files changed, 5 insertions(+)

diff --git a/config/initializers/0_inject_enterprise_edition_module.rb b/config/initializers/0_inject_enterprise_edition_module.rb
index 4b21732e179..39595e23abe 100644
--- a/config/initializers/0_inject_enterprise_edition_module.rb
+++ b/config/initializers/0_inject_enterprise_edition_module.rb
@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'active_support/inflector'
+
 module InjectEnterpriseEditionModule
   def prepend_if_ee(constant)
     prepend(constant.constantize) if Gitlab.ee?
diff --git a/qa/qa.rb b/qa/qa.rb
index 18fb4509dce..8be2a289422 100644
--- a/qa/qa.rb
+++ b/qa/qa.rb
@@ -4,6 +4,9 @@ $: << File.expand_path(File.dirname(__FILE__))
 
 Encoding.default_external = 'UTF-8'
 
+require_relative '../lib/gitlab'
+require_relative '../config/initializers/0_inject_enterprise_edition_module'
+
 module QA
   ##
   # GitLab QA runtime classes, mostly singletons.
-- 
cgit v1.2.1


From e7ee84aad4237eaa16f2aba75b4d2c7860625c9d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kamil=20Trzci=C5=84ski?= <ayufan@ayufan.eu>
Date: Thu, 1 Aug 2019 14:26:49 +0000
Subject: Add support for DAG

This implements the support for `needs:` keyword
as part of GitLab CI. That makes some of the jobs
to be run out of order.
---
 app/models/ci/build.rb                            | 18 ++++-
 app/models/ci/build_need.rb                       | 14 ++++
 app/models/ci/pipeline.rb                         |  4 +-
 app/models/commit_status.rb                       |  8 +-
 app/models/concerns/ci/metadatable.rb             |  1 +
 app/services/ci/process_pipeline_service.rb       | 40 +++++++++-
 app/services/ci/retry_build_service.rb            |  2 +-
 app/workers/all_queues.yml                        |  1 +
 app/workers/build_process_worker.rb               | 16 ++++
 changelogs/unreleased/implement-dag.yml           |  5 ++
 db/migrate/20190731084415_add_build_need.rb       | 20 +++++
 db/schema.rb                                      |  9 ++-
 lib/gitlab/ci/config/entry/job.rb                 | 20 ++++-
 lib/gitlab/ci/config/normalizer.rb                | 64 ++++++++--------
 lib/gitlab/ci/yaml_processor.rb                   | 18 +++++
 spec/factories/ci/build_need.rb                   |  8 ++
 spec/lib/gitlab/ci/config/entry/job_spec.rb       | 53 +++++++++++++
 spec/lib/gitlab/ci/config/normalizer_spec.rb      | 59 ++++++++-------
 spec/lib/gitlab/ci/yaml_processor_spec.rb         | 80 ++++++++++++++++++++
 spec/models/ci/build_need_spec.rb                 | 13 ++++
 spec/models/ci/build_spec.rb                      | 69 ++++++++++++++++-
 spec/services/ci/process_pipeline_service_spec.rb | 92 +++++++++++++++++++++++
 spec/services/ci/retry_build_service_spec.rb      |  1 +
 spec/workers/build_process_worker_spec.rb         | 26 +++++++
 24 files changed, 567 insertions(+), 74 deletions(-)
 create mode 100644 app/models/ci/build_need.rb
 create mode 100644 app/workers/build_process_worker.rb
 create mode 100644 changelogs/unreleased/implement-dag.yml
 create mode 100644 db/migrate/20190731084415_add_build_need.rb
 create mode 100644 spec/factories/ci/build_need.rb
 create mode 100644 spec/models/ci/build_need_spec.rb
 create mode 100644 spec/workers/build_process_worker_spec.rb

diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb
index 07813e03f3a..dd2bfc42af9 100644
--- a/app/models/ci/build.rb
+++ b/app/models/ci/build.rb
@@ -38,6 +38,7 @@ module Ci
     has_one :deployment, as: :deployable, class_name: 'Deployment'
     has_many :trace_sections, class_name: 'Ci::BuildTraceSection'
     has_many :trace_chunks, class_name: 'Ci::BuildTraceChunk', foreign_key: :build_id
+    has_many :needs, class_name: 'Ci::BuildNeed', foreign_key: :build_id, inverse_of: :build
 
     has_many :job_artifacts, class_name: 'Ci::JobArtifact', foreign_key: :job_id, dependent: :destroy, inverse_of: :job # rubocop:disable Cop/ActiveRecordDependent
     has_many :job_variables, class_name: 'Ci::JobVariable', foreign_key: :job_id
@@ -50,6 +51,7 @@ module Ci
 
     accepts_nested_attributes_for :runner_session
     accepts_nested_attributes_for :job_variables
+    accepts_nested_attributes_for :needs
 
     delegate :url, to: :runner_session, prefix: true, allow_nil: true
     delegate :terminal_specification, to: :runner_session, allow_nil: true
@@ -713,11 +715,21 @@ module Ci
 
       depended_jobs = depends_on_builds
 
-      return depended_jobs unless options[:dependencies].present?
+      # find all jobs that are dependent on
+      if options[:dependencies].present?
+        depended_jobs = depended_jobs.select do |job|
+          options[:dependencies].include?(job.name)
+        end
+      end
 
-      depended_jobs.select do |job|
-        options[:dependencies].include?(job.name)
+      # find all jobs that are needed by this one
+      if options[:needs].present?
+        depended_jobs = depended_jobs.select do |job|
+          options[:needs].include?(job.name)
+        end
       end
+
+      depended_jobs
     end
 
     def empty_dependencies?
diff --git a/app/models/ci/build_need.rb b/app/models/ci/build_need.rb
new file mode 100644
index 00000000000..6531dfd332f
--- /dev/null
+++ b/app/models/ci/build_need.rb
@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module Ci
+  class BuildNeed < ApplicationRecord
+    extend Gitlab::Ci::Model
+
+    belongs_to :build, class_name: "Ci::Build", foreign_key: :build_id, inverse_of: :needs
+
+    validates :build, presence: true
+    validates :name, presence: true, length: { maximum: 128 }
+
+    scope :scoped_build, -> { where('ci_builds.id=ci_build_needs.build_id') }
+  end
+end
diff --git a/app/models/ci/pipeline.rb b/app/models/ci/pipeline.rb
index 1c76f401690..3515f0b83ee 100644
--- a/app/models/ci/pipeline.rb
+++ b/app/models/ci/pipeline.rb
@@ -611,8 +611,8 @@ module Ci
     end
 
     # rubocop: disable CodeReuse/ServiceClass
-    def process!
-      Ci::ProcessPipelineService.new(project, user).execute(self)
+    def process!(trigger_build_name = nil)
+      Ci::ProcessPipelineService.new(project, user).execute(self, trigger_build_name)
     end
     # rubocop: enable CodeReuse/ServiceClass
 
diff --git a/app/models/commit_status.rb b/app/models/commit_status.rb
index be6f3e9c5b0..d7eb78db5b8 100644
--- a/app/models/commit_status.rb
+++ b/app/models/commit_status.rb
@@ -43,6 +43,12 @@ class CommitStatus < ApplicationRecord
   scope :after_stage, -> (index) { where('stage_idx > ?', index) }
   scope :processables, -> { where(type: %w[Ci::Build Ci::Bridge]) }
 
+  scope :with_needs, -> (names = nil) do
+    needs = Ci::BuildNeed.scoped_build.select(1)
+    needs = needs.where(name: names) if names
+    where('EXISTS (?)', needs).preload(:needs)
+  end
+
   # We use `CommitStatusEnums.failure_reasons` here so that EE can more easily
   # extend this `Hash` with new values.
   enum_with_nil failure_reason: ::CommitStatusEnums.failure_reasons
@@ -116,7 +122,7 @@ class CommitStatus < ApplicationRecord
       commit_status.run_after_commit do
         if pipeline_id
           if complete? || manual?
-            PipelineProcessWorker.perform_async(pipeline_id)
+            BuildProcessWorker.perform_async(id)
           else
             PipelineUpdateWorker.perform_async(pipeline_id)
           end
diff --git a/app/models/concerns/ci/metadatable.rb b/app/models/concerns/ci/metadatable.rb
index 9eed9492b37..304cc71e9dc 100644
--- a/app/models/concerns/ci/metadatable.rb
+++ b/app/models/concerns/ci/metadatable.rb
@@ -29,6 +29,7 @@ module Ci
     def degenerate!
       self.class.transaction do
         self.update!(options: nil, yaml_variables: nil)
+        self.needs.all.delete_all
         self.metadata&.destroy
       end
     end
diff --git a/app/services/ci/process_pipeline_service.rb b/app/services/ci/process_pipeline_service.rb
index 207cc5017d0..e46615bcf75 100644
--- a/app/services/ci/process_pipeline_service.rb
+++ b/app/services/ci/process_pipeline_service.rb
@@ -4,19 +4,23 @@ module Ci
   class ProcessPipelineService < BaseService
     attr_reader :pipeline
 
-    def execute(pipeline)
+    def execute(pipeline, trigger_build_name = nil)
       @pipeline = pipeline
 
       update_retried
 
-      new_builds =
+      success =
         stage_indexes_of_created_processables.flat_map do |index|
           process_stage(index)
-        end
+        end.any?
+
+      # we evaluate dependent needs,
+      # only when the another job has finished
+      success = process_builds_with_needs(trigger_build_name) || success
 
       @pipeline.update_status
 
-      new_builds.any?
+      success
     end
 
     private
@@ -36,12 +40,40 @@ module Ci
       end
     end
 
+    def process_builds_with_needs(trigger_build_name)
+      return false unless trigger_build_name
+      return false unless Feature.enabled?(:ci_dag_support, project)
+
+      created_processables
+        .with_needs(trigger_build_name)
+        .find_each
+        .map(&method(:process_build_with_needs))
+        .any?
+    end
+
+    def process_build_with_needs(build)
+      current_status = status_for_build_needs(build.needs.map(&:name))
+
+      return unless HasStatus::COMPLETED_STATUSES.include?(current_status)
+
+      Gitlab::OptimisticLocking.retry_lock(build) do |subject|
+        Ci::ProcessBuildService.new(project, @user)
+          .execute(subject, current_status)
+      end
+    end
+
     # rubocop: disable CodeReuse/ActiveRecord
     def status_for_prior_stages(index)
       pipeline.builds.where('stage_idx < ?', index).latest.status || 'success'
     end
     # rubocop: enable CodeReuse/ActiveRecord
 
+    # rubocop: disable CodeReuse/ActiveRecord
+    def status_for_build_needs(needs)
+      pipeline.builds.where(name: needs).latest.status || 'success'
+    end
+    # rubocop: enable CodeReuse/ActiveRecord
+
     # rubocop: disable CodeReuse/ActiveRecord
     def stage_indexes_of_created_processables
       created_processables.order(:stage_idx).pluck(Arel.sql('DISTINCT stage_idx'))
diff --git a/app/services/ci/retry_build_service.rb b/app/services/ci/retry_build_service.rb
index fab8a179843..338495ba030 100644
--- a/app/services/ci/retry_build_service.rb
+++ b/app/services/ci/retry_build_service.rb
@@ -5,7 +5,7 @@ module Ci
     CLONE_ACCESSORS = %i[pipeline project ref tag options name
                          allow_failure stage stage_id stage_idx trigger_request
                          yaml_variables when environment coverage_regex
-                         description tag_list protected].freeze
+                         description tag_list protected needs].freeze
 
     def execute(build)
       reprocess!(build).tap do |new_build|
diff --git a/app/workers/all_queues.yml b/app/workers/all_queues.yml
index 991a177018e..400becdd023 100644
--- a/app/workers/all_queues.yml
+++ b/app/workers/all_queues.yml
@@ -88,6 +88,7 @@
 - pipeline_processing:ci_build_prepare
 - pipeline_processing:build_queue
 - pipeline_processing:build_success
+- pipeline_processing:build_process
 - pipeline_processing:pipeline_process
 - pipeline_processing:pipeline_success
 - pipeline_processing:pipeline_update
diff --git a/app/workers/build_process_worker.rb b/app/workers/build_process_worker.rb
new file mode 100644
index 00000000000..19e590ee1d7
--- /dev/null
+++ b/app/workers/build_process_worker.rb
@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+class BuildProcessWorker
+  include ApplicationWorker
+  include PipelineQueue
+
+  queue_namespace :pipeline_processing
+
+  # rubocop: disable CodeReuse/ActiveRecord
+  def perform(build_id)
+    CommitStatus.find_by(id: build_id).try do |build|
+      build.pipeline.process!(build.name)
+    end
+  end
+  # rubocop: enable CodeReuse/ActiveRecord
+end
diff --git a/changelogs/unreleased/implement-dag.yml b/changelogs/unreleased/implement-dag.yml
new file mode 100644
index 00000000000..72f3f9a510c
--- /dev/null
+++ b/changelogs/unreleased/implement-dag.yml
@@ -0,0 +1,5 @@
+---
+title: "Support creating DAGs in CI config through the `needs` key"
+merge_request: 31328
+author:
+type: added
diff --git a/db/migrate/20190731084415_add_build_need.rb b/db/migrate/20190731084415_add_build_need.rb
new file mode 100644
index 00000000000..45b8abb480d
--- /dev/null
+++ b/db/migrate/20190731084415_add_build_need.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class AddBuildNeed < ActiveRecord::Migration[5.2]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def change
+    create_table :ci_build_needs, id: :serial do |t|
+      t.integer :build_id, null: false
+      t.text :name, null: false
+
+      t.index [:build_id, :name], unique: true
+      t.foreign_key :ci_builds, column: :build_id, on_delete: :cascade
+    end
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 6f5fc6c65eb..df2662b770b 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2019_07_29_090456) do
+ActiveRecord::Schema.define(version: 2019_07_31_084415) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "pg_trgm"
@@ -454,6 +454,12 @@ ActiveRecord::Schema.define(version: 2019_07_29_090456) do
     t.index ["namespace_id"], name: "index_chat_teams_on_namespace_id", unique: true
   end
 
+  create_table "ci_build_needs", id: :serial, force: :cascade do |t|
+    t.integer "build_id", null: false
+    t.text "name", null: false
+    t.index ["build_id", "name"], name: "index_ci_build_needs_on_build_id_and_name", unique: true
+  end
+
   create_table "ci_build_trace_chunks", force: :cascade do |t|
     t.integer "build_id", null: false
     t.integer "chunk_index", null: false
@@ -3635,6 +3641,7 @@ ActiveRecord::Schema.define(version: 2019_07_29_090456) do
   add_foreign_key "boards", "namespaces", column: "group_id", on_delete: :cascade
   add_foreign_key "boards", "projects", name: "fk_f15266b5f9", on_delete: :cascade
   add_foreign_key "chat_teams", "namespaces", on_delete: :cascade
+  add_foreign_key "ci_build_needs", "ci_builds", column: "build_id", on_delete: :cascade
   add_foreign_key "ci_build_trace_chunks", "ci_builds", column: "build_id", on_delete: :cascade
   add_foreign_key "ci_build_trace_section_names", "projects", on_delete: :cascade
   add_foreign_key "ci_build_trace_sections", "ci_build_trace_section_names", column: "section_name_id", name: "fk_264e112c66", on_delete: :cascade
diff --git a/lib/gitlab/ci/config/entry/job.rb b/lib/gitlab/ci/config/entry/job.rb
index 5ab795359b8..2fd76bc3690 100644
--- a/lib/gitlab/ci/config/entry/job.rb
+++ b/lib/gitlab/ci/config/entry/job.rb
@@ -13,7 +13,7 @@ module Gitlab
 
           ALLOWED_KEYS = %i[tags script only except type image services
                             allow_failure type stage when start_in artifacts cache
-                            dependencies before_script after_script variables
+                            dependencies needs before_script after_script variables
                             environment coverage retry parallel extends].freeze
 
           validations do
@@ -34,11 +34,22 @@ module Gitlab
                              message: 'should be on_success, on_failure, ' \
                                       'always, manual or delayed' }
               validates :dependencies, array_of_strings: true
+              validates :needs, array_of_strings: true
               validates :extends, array_of_strings_or_string: true
             end
 
             validates :start_in, duration: { limit: '1 day' }, if: :delayed?
             validates :start_in, absence: true, unless: :delayed?
+
+            validate do
+              next unless dependencies.present?
+              next unless needs.present?
+
+              missing_needs = dependencies - needs
+              if missing_needs.any?
+                errors.add(:dependencies, "the #{missing_needs.join(", ")} should be part of needs")
+              end
+            end
           end
 
           entry :before_script, Entry::Script,
@@ -95,10 +106,10 @@ module Gitlab
           helpers :before_script, :script, :stage, :type, :after_script,
                   :cache, :image, :services, :only, :except, :variables,
                   :artifacts, :environment, :coverage, :retry,
-                  :parallel
+                  :parallel, :needs
 
           attributes :script, :tags, :allow_failure, :when, :dependencies,
-                     :retry, :parallel, :extends, :start_in
+                     :needs, :retry, :parallel, :extends, :start_in
 
           def self.matching?(name, config)
             !name.to_s.start_with?('.') &&
@@ -178,7 +189,8 @@ module Gitlab
               parallel: parallel_defined? ? parallel_value.to_i : nil,
               artifacts: artifacts_value,
               after_script: after_script_value,
-              ignore: ignored? }
+              ignore: ignored?,
+              needs: needs_defined? ? needs_value : nil }
           end
         end
       end
diff --git a/lib/gitlab/ci/config/normalizer.rb b/lib/gitlab/ci/config/normalizer.rb
index 99356226ef9..09f9bf5f69f 100644
--- a/lib/gitlab/ci/config/normalizer.rb
+++ b/lib/gitlab/ci/config/normalizer.rb
@@ -4,61 +4,63 @@ module Gitlab
   module Ci
     class Config
       class Normalizer
+        include Gitlab::Utils::StrongMemoize
+
         def initialize(jobs_config)
           @jobs_config = jobs_config
         end
 
         def normalize_jobs
-          extract_parallelized_jobs!
-          return @jobs_config if @parallelized_jobs.empty?
+          return @jobs_config if parallelized_jobs.empty?
+
+          expand_parallelize_jobs do |job_name, config|
+            if config[:dependencies]
+              config[:dependencies] = expand_names(config[:dependencies])
+            end
 
-          parallelized_config = parallelize_jobs
-          parallelize_dependencies(parallelized_config)
+            if config[:needs]
+              config[:needs] = expand_names(config[:needs])
+            end
+
+            config
+          end
         end
 
         private
 
-        def extract_parallelized_jobs!
-          @parallelized_jobs = {}
+        def expand_names(job_names)
+          return unless job_names
 
-          @jobs_config.each do |job_name, config|
-            if config[:parallel]
-              @parallelized_jobs[job_name] = self.class.parallelize_job_names(job_name, config[:parallel])
-            end
+          job_names.flat_map do |job_name|
+            parallelized_jobs[job_name.to_sym] || job_name
           end
-
-          @parallelized_jobs
         end
 
-        def parallelize_jobs
-          @jobs_config.each_with_object({}) do |(job_name, config), hash|
-            if @parallelized_jobs.key?(job_name)
-              @parallelized_jobs[job_name].each { |name, index| hash[name.to_sym] = config.merge(name: name, instance: index) }
-            else
-              hash[job_name] = config
-            end
+        def parallelized_jobs
+          strong_memoize(:parallelized_jobs) do
+            @jobs_config.each_with_object({}) do |(job_name, config), hash|
+              next unless config[:parallel]
 
-            hash
+              hash[job_name] = self.class.parallelize_job_names(job_name, config[:parallel])
+            end
           end
         end
 
-        def parallelize_dependencies(parallelized_config)
-          parallelized_job_names = @parallelized_jobs.keys.map(&:to_s)
-          parallelized_config.each_with_object({}) do |(job_name, config), hash|
-            if config[:dependencies] && (intersection = config[:dependencies] & parallelized_job_names).any?
-              parallelized_deps = intersection.flat_map { |dep| @parallelized_jobs[dep.to_sym].map(&:first) }
-              deps = config[:dependencies] - intersection + parallelized_deps
-              hash[job_name] = config.merge(dependencies: deps)
+        def expand_parallelize_jobs
+          @jobs_config.each_with_object({}) do |(job_name, config), hash|
+            if parallelized_jobs.key?(job_name)
+              parallelized_jobs[job_name].each_with_index do |name, index|
+                hash[name.to_sym] =
+                  yield(name, config.merge(name: name, instance: index + 1))
+              end
             else
-              hash[job_name] = config
+              hash[job_name] = yield(job_name, config)
             end
-
-            hash
           end
         end
 
         def self.parallelize_job_names(name, total)
-          Array.new(total) { |index| ["#{name} #{index + 1}/#{total}", index + 1] }
+          Array.new(total) { |index| "#{name} #{index + 1}/#{total}" }
         end
       end
     end
diff --git a/lib/gitlab/ci/yaml_processor.rb b/lib/gitlab/ci/yaml_processor.rb
index a0bbf3c23a2..998130e5bd0 100644
--- a/lib/gitlab/ci/yaml_processor.rb
+++ b/lib/gitlab/ci/yaml_processor.rb
@@ -40,6 +40,7 @@ module Gitlab
           environment: job[:environment_name],
           coverage_regex: job[:coverage],
           yaml_variables: yaml_variables(name),
+          needs_attributes: job[:needs]&.map { |need| { name: need } },
           options: {
             image: job[:image],
             services: job[:services],
@@ -108,6 +109,7 @@ module Gitlab
 
           validate_job_stage!(name, job)
           validate_job_dependencies!(name, job)
+          validate_job_needs!(name, job)
           validate_job_environment!(name, job)
         end
       end
@@ -152,6 +154,22 @@ module Gitlab
         end
       end
 
+      def validate_job_needs!(name, job)
+        return unless job[:needs]
+
+        stage_index = @stages.index(job[:stage])
+
+        job[:needs].each do |need|
+          raise ValidationError, "#{name} job: undefined need: #{need}" unless @jobs[need.to_sym]
+
+          needs_stage_index = @stages.index(@jobs[need.to_sym][:stage])
+
+          unless needs_stage_index.present? && needs_stage_index < stage_index
+            raise ValidationError, "#{name} job: need #{need} is not defined in prior stages"
+          end
+        end
+      end
+
       def validate_job_environment!(name, job)
         return unless job[:environment]
         return unless job[:environment].is_a?(Hash)
diff --git a/spec/factories/ci/build_need.rb b/spec/factories/ci/build_need.rb
new file mode 100644
index 00000000000..568aff45a91
--- /dev/null
+++ b/spec/factories/ci/build_need.rb
@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+FactoryBot.define do
+  factory :ci_build_need, class: Ci::BuildNeed do
+    build factory: :ci_build
+    sequence(:name) { |n| "build_#{n}" }
+  end
+end
diff --git a/spec/lib/gitlab/ci/config/entry/job_spec.rb b/spec/lib/gitlab/ci/config/entry/job_spec.rb
index d5861d5dd07..800ef122203 100644
--- a/spec/lib/gitlab/ci/config/entry/job_spec.rb
+++ b/spec/lib/gitlab/ci/config/entry/job_spec.rb
@@ -86,6 +86,22 @@ describe Gitlab::Ci::Config::Entry::Job do
           it { expect(entry).to be_valid }
         end
       end
+
+      context 'when has needs' do
+        let(:config) do
+          { script: 'echo', needs: ['another-job'] }
+        end
+
+        it { expect(entry).to be_valid }
+
+        context 'when has dependencies' do
+          let(:config) do
+            { script: 'echo', dependencies: ['another-job'], needs: ['another-job'] }
+          end
+
+          it { expect(entry).to be_valid }
+        end
+      end
     end
 
     context 'when entry value is not correct' do
@@ -223,6 +239,43 @@ describe Gitlab::Ci::Config::Entry::Job do
           expect(entry.errors).to include 'job start in must be blank'
         end
       end
+
+      context 'when has dependencies' do
+        context 'that are not a array of strings' do
+          let(:config) do
+            { script: 'echo', dependencies: 'build-job' }
+          end
+
+          it 'returns error about invalid type' do
+            expect(entry).not_to be_valid
+            expect(entry.errors).to include 'job dependencies should be an array of strings'
+          end
+        end
+      end
+
+      context 'when has needs' do
+        context 'that are not a array of strings' do
+          let(:config) do
+            { script: 'echo', needs: 'build-job' }
+          end
+
+          it 'returns error about invalid type' do
+            expect(entry).not_to be_valid
+            expect(entry.errors).to include 'job needs should be an array of strings'
+          end
+        end
+
+        context 'when have dependencies that are not subset of needs' do
+          let(:config) do
+            { script: 'echo', dependencies: ['another-job'], needs: ['build-job'] }
+          end
+
+          it 'returns error about invalid data' do
+            expect(entry).not_to be_valid
+            expect(entry.errors).to include 'job dependencies the another-job should be part of needs'
+          end
+        end
+      end
     end
   end
 
diff --git a/spec/lib/gitlab/ci/config/normalizer_spec.rb b/spec/lib/gitlab/ci/config/normalizer_spec.rb
index cd880177170..6b766cc37bf 100644
--- a/spec/lib/gitlab/ci/config/normalizer_spec.rb
+++ b/spec/lib/gitlab/ci/config/normalizer_spec.rb
@@ -49,37 +49,44 @@ describe Gitlab::Ci::Config::Normalizer do
       end
     end
 
-    context 'when jobs depend on parallelized jobs' do
-      let(:config) { { job_name => job_config, other_job: { script: 'echo 1', dependencies: [job_name.to_s] } } }
-
-      it 'parallelizes dependencies' do
-        job_names = ["rspec 1/5", "rspec 2/5", "rspec 3/5", "rspec 4/5", "rspec 5/5"]
-
-        expect(subject[:other_job][:dependencies]).to include(*job_names)
+    %i[dependencies needs].each do |context|
+      context "when job has #{context} on parallelized jobs" do
+        let(:config) do
+          {
+            job_name => job_config,
+            other_job: { script: 'echo 1', context => [job_name.to_s] }
+          }
+        end
+
+        it "parallelizes #{context}" do
+          job_names = ["rspec 1/5", "rspec 2/5", "rspec 3/5", "rspec 4/5", "rspec 5/5"]
+
+          expect(subject[:other_job][context]).to include(*job_names)
+        end
+
+        it "does not include original job name in #{context}" do
+          expect(subject[:other_job][context]).not_to include(job_name)
+        end
       end
 
-      it 'does not include original job name in dependencies' do
-        expect(subject[:other_job][:dependencies]).not_to include(job_name)
-      end
-    end
+      context "when there are #{context} which are both parallelized and not" do
+        let(:config) do
+          {
+            job_name => job_config,
+            other_job: { script: 'echo 1' },
+            final_job: { script: 'echo 1', context => [job_name.to_s, "other_job"] }
+          }
+        end
 
-    context 'when there are dependencies which are both parallelized and not' do
-      let(:config) do
-        {
-          job_name => job_config,
-          other_job: { script: 'echo 1' },
-          final_job: { script: 'echo 1', dependencies: [job_name.to_s, "other_job"] }
-        }
-      end
-
-      it 'parallelizes dependencies' do
-        job_names = ["rspec 1/5", "rspec 2/5", "rspec 3/5", "rspec 4/5", "rspec 5/5"]
+        it "parallelizes #{context}" do
+          job_names = ["rspec 1/5", "rspec 2/5", "rspec 3/5", "rspec 4/5", "rspec 5/5"]
 
-        expect(subject[:final_job][:dependencies]).to include(*job_names)
-      end
+          expect(subject[:final_job][context]).to include(*job_names)
+        end
 
-      it 'includes the regular job in dependencies' do
-        expect(subject[:final_job][:dependencies]).to include('other_job')
+        it "includes the regular job in #{context}" do
+          expect(subject[:final_job][context]).to include('other_job')
+        end
       end
     end
   end
diff --git a/spec/lib/gitlab/ci/yaml_processor_spec.rb b/spec/lib/gitlab/ci/yaml_processor_spec.rb
index d3676ee03bf..4ffa1fc9fd8 100644
--- a/spec/lib/gitlab/ci/yaml_processor_spec.rb
+++ b/spec/lib/gitlab/ci/yaml_processor_spec.rb
@@ -1112,6 +1112,86 @@ module Gitlab
         end
       end
 
+      describe "Needs" do
+        let(:needs) { }
+        let(:dependencies) { }
+
+        let(:config) do
+          {
+            build1: { stage: 'build', script: 'test' },
+            build2: { stage: 'build', script: 'test' },
+            test1: { stage: 'test', script: 'test', needs: needs, dependencies: dependencies },
+            test2: { stage: 'test', script: 'test' },
+            deploy: { stage: 'test', script: 'test' }
+          }
+        end
+
+        subject { Gitlab::Ci::YamlProcessor.new(YAML.dump(config)) }
+
+        context 'no needs' do
+          it { expect { subject }.not_to raise_error }
+        end
+
+        context 'needs to builds' do
+          let(:needs) { %w(build1 build2) }
+
+          it "does create jobs with valid specification" do
+            expect(subject.builds.size).to eq(5)
+            expect(subject.builds[0]).to eq(
+              stage: "build",
+              stage_idx: 0,
+              name: "build1",
+              options: {
+                script: ["test"]
+              },
+              when: "on_success",
+              allow_failure: false,
+              yaml_variables: []
+            )
+            expect(subject.builds[2]).to eq(
+              stage: "test",
+              stage_idx: 1,
+              name: "test1",
+              options: {
+                script: ["test"]
+              },
+              needs_attributes: [
+                { name: "build1" },
+                { name: "build2" }
+              ],
+              when: "on_success",
+              allow_failure: false,
+              yaml_variables: []
+            )
+          end
+        end
+
+        context 'needs to builds defined as symbols' do
+          let(:needs) { [:build1, :build2] }
+
+          it { expect { subject }.not_to raise_error }
+        end
+
+        context 'undefined need' do
+          let(:needs) { ['undefined'] }
+
+          it { expect { subject }.to raise_error(Gitlab::Ci::YamlProcessor::ValidationError, 'test1 job: undefined need: undefined') }
+        end
+
+        context 'needs to deploy' do
+          let(:needs) { ['deploy'] }
+
+          it { expect { subject }.to raise_error(Gitlab::Ci::YamlProcessor::ValidationError, 'test1 job: need deploy is not defined in prior stages') }
+        end
+
+        context 'needs and dependencies that are mismatching' do
+          let(:needs) { %w(build1) }
+          let(:dependencies) { %w(build2) }
+
+          it { expect { subject }.to raise_error(Gitlab::Ci::YamlProcessor::ValidationError, 'jobs:test1 dependencies the build2 should be part of needs') }
+        end
+      end
+
       describe "Hidden jobs" do
         let(:config_processor) { Gitlab::Ci::YamlProcessor.new(config) }
         subject { config_processor.stage_builds_attributes("test") }
diff --git a/spec/models/ci/build_need_spec.rb b/spec/models/ci/build_need_spec.rb
new file mode 100644
index 00000000000..450dd550a8f
--- /dev/null
+++ b/spec/models/ci/build_need_spec.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Ci::BuildNeed, model: true do
+  let(:build_need) { build(:ci_build_need) }
+
+  it { is_expected.to belong_to(:build) }
+
+  it { is_expected.to validate_presence_of(:build) }
+  it { is_expected.to validate_presence_of(:name) }
+  it { is_expected.to validate_length_of(:name).is_at_most(128) }
+end
diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb
index 17c7c05324a..9369f393b5e 100644
--- a/spec/models/ci/build_spec.rb
+++ b/spec/models/ci/build_spec.rb
@@ -19,7 +19,8 @@ describe Ci::Build do
   it { is_expected.to belong_to(:runner) }
   it { is_expected.to belong_to(:trigger_request) }
   it { is_expected.to belong_to(:erased_by) }
-  it { is_expected.to have_many(:trace_sections)}
+  it { is_expected.to have_many(:trace_sections) }
+  it { is_expected.to have_many(:needs) }
   it { is_expected.to have_one(:deployment) }
   it { is_expected.to have_one(:runner_session) }
   it { is_expected.to have_many(:job_variables) }
@@ -182,6 +183,30 @@ describe Ci::Build do
     end
   end
 
+  describe '.with_needs' do
+    let!(:build) { create(:ci_build) }
+    let!(:build_need_a) { create(:ci_build_need, build: build) }
+    let!(:build_need_b) { create(:ci_build_need, build: build) }
+
+    context 'when passing build name' do
+      subject { described_class.with_needs(build_need_a.name) }
+
+      it { is_expected.to contain_exactly(build) }
+    end
+
+    context 'when not passing any build name' do
+      subject { described_class.with_needs }
+
+      it { is_expected.to contain_exactly(build) }
+    end
+
+    context 'when not matching build name' do
+      subject { described_class.with_needs('undefined') }
+
+      it { is_expected.to be_empty }
+    end
+  end
+
   describe '#enqueue' do
     let(:build) { create(:ci_build, :created) }
 
@@ -595,6 +620,46 @@ describe Ci::Build do
       expect(staging.depends_on_builds.map(&:id))
         .to contain_exactly(build.id, retried_rspec.id, rubocop_test.id)
     end
+
+    describe '#dependencies' do
+      let(:dependencies) { }
+      let(:needs) { }
+
+      let!(:final) do
+        create(:ci_build,
+          pipeline: pipeline, name: 'final',
+          stage_idx: 3, stage: 'deploy', options: {
+            dependencies: dependencies,
+            needs: needs
+          }
+        )
+      end
+
+      subject { final.dependencies }
+
+      context 'when depedencies are defined' do
+        let(:dependencies) { %w(rspec staging) }
+
+        it { is_expected.to contain_exactly(rspec_test, staging) }
+      end
+
+      context 'when needs are defined' do
+        let(:needs) { %w(build rspec staging) }
+
+        it { is_expected.to contain_exactly(build, rspec_test, staging) }
+      end
+
+      context 'when needs and dependencies are defined' do
+        let(:dependencies) { %w(rspec staging) }
+        let(:needs) { %w(build rspec staging) }
+
+        it { is_expected.to contain_exactly(rspec_test, staging) }
+      end
+
+      context 'when nor dependencies or needs are defined' do
+        it { is_expected.to contain_exactly(build, rspec_test, rubocop_test, staging) }
+      end
+    end
   end
 
   describe '#triggered_by?' do
@@ -3614,6 +3679,7 @@ describe Ci::Build do
 
     before do
       build.ensure_metadata
+      build.needs.create!(name: 'another-job')
     end
 
     it 'drops metadata' do
@@ -3621,6 +3687,7 @@ describe Ci::Build do
 
       expect(build.reload).to be_degenerated
       expect(build.metadata).to be_nil
+      expect(build.needs).to be_empty
     end
   end
 
diff --git a/spec/services/ci/process_pipeline_service_spec.rb b/spec/services/ci/process_pipeline_service_spec.rb
index cadb519ccee..77f108b6ab8 100644
--- a/spec/services/ci/process_pipeline_service_spec.rb
+++ b/spec/services/ci/process_pipeline_service_spec.rb
@@ -700,6 +700,94 @@ describe Ci::ProcessPipelineService, '#execute' do
     end
   end
 
+  context 'when pipeline with needs is created' do
+    let!(:linux_build) { create_build('linux:build', stage: 'build', stage_idx: 0) }
+    let!(:mac_build) { create_build('mac:build', stage: 'build', stage_idx: 0) }
+    let!(:linux_rspec) { create_build('linux:rspec', stage: 'test', stage_idx: 1) }
+    let!(:linux_rubocop) { create_build('linux:rubocop', stage: 'test', stage_idx: 1) }
+    let!(:mac_rspec) { create_build('mac:rspec', stage: 'test', stage_idx: 1) }
+    let!(:mac_rubocop) { create_build('mac:rubocop', stage: 'test', stage_idx: 1) }
+    let!(:deploy) { create_build('deploy', stage: 'deploy', stage_idx: 2) }
+
+    let!(:linux_rspec_on_build) { create(:ci_build_need, build: linux_rspec, name: 'linux:build') }
+    let!(:linux_rubocop_on_build) { create(:ci_build_need, build: linux_rubocop, name: 'linux:build') }
+
+    let!(:mac_rspec_on_build) { create(:ci_build_need, build: mac_rspec, name: 'mac:build') }
+    let!(:mac_rubocop_on_build) { create(:ci_build_need, build: mac_rubocop, name: 'mac:build') }
+
+    it 'when linux:* finishes first it runs it out of order' do
+      expect(process_pipeline).to be_truthy
+
+      expect(stages).to eq(%w(pending created created))
+      expect(builds.pending).to contain_exactly(linux_build, mac_build)
+
+      # we follow the single path of linux
+      linux_build.reset.success!
+
+      expect(stages).to eq(%w(running pending created))
+      expect(builds.success).to contain_exactly(linux_build)
+      expect(builds.pending).to contain_exactly(mac_build, linux_rspec, linux_rubocop)
+
+      linux_rspec.reset.success!
+
+      expect(stages).to eq(%w(running running created))
+      expect(builds.success).to contain_exactly(linux_build, linux_rspec)
+      expect(builds.pending).to contain_exactly(mac_build, linux_rubocop)
+
+      linux_rubocop.reset.success!
+
+      expect(stages).to eq(%w(running running created))
+      expect(builds.success).to contain_exactly(linux_build, linux_rspec, linux_rubocop)
+      expect(builds.pending).to contain_exactly(mac_build)
+
+      mac_build.reset.success!
+      mac_rspec.reset.success!
+      mac_rubocop.reset.success!
+
+      expect(stages).to eq(%w(success success pending))
+      expect(builds.success).to contain_exactly(
+        linux_build, linux_rspec, linux_rubocop, mac_build, mac_rspec, mac_rubocop)
+      expect(builds.pending).to contain_exactly(deploy)
+    end
+
+    context 'when feature ci_dag_support is disabled' do
+      before do
+        stub_feature_flags(ci_dag_support: false)
+      end
+
+      it 'when linux:build finishes first it follows stages' do
+        expect(process_pipeline).to be_truthy
+
+        expect(stages).to eq(%w(pending created created))
+        expect(builds.pending).to contain_exactly(linux_build, mac_build)
+
+        # we follow the single path of linux
+        linux_build.reset.success!
+
+        expect(stages).to eq(%w(running created created))
+        expect(builds.success).to contain_exactly(linux_build)
+        expect(builds.pending).to contain_exactly(mac_build)
+
+        mac_build.reset.success!
+
+        expect(stages).to eq(%w(success pending created))
+        expect(builds.success).to contain_exactly(linux_build, mac_build)
+        expect(builds.pending).to contain_exactly(
+          linux_rspec, linux_rubocop, mac_rspec, mac_rubocop)
+
+        linux_rspec.reset.success!
+        linux_rubocop.reset.success!
+        mac_rspec.reset.success!
+        mac_rubocop.reset.success!
+
+        expect(stages).to eq(%w(success success pending))
+        expect(builds.success).to contain_exactly(
+          linux_build, linux_rspec, linux_rubocop, mac_build, mac_rspec, mac_rubocop)
+        expect(builds.pending).to contain_exactly(deploy)
+      end
+    end
+  end
+
   def process_pipeline
     described_class.new(pipeline.project, user).execute(pipeline)
   end
@@ -712,6 +800,10 @@ describe Ci::ProcessPipelineService, '#execute' do
     all_builds.where.not(status: [:created, :skipped])
   end
 
+  def stages
+    pipeline.reset.stages.map(&:status)
+  end
+
   def builds_names
     builds.pluck(:name)
   end
diff --git a/spec/services/ci/retry_build_service_spec.rb b/spec/services/ci/retry_build_service_spec.rb
index 915288cd916..fe7c6fe4700 100644
--- a/spec/services/ci/retry_build_service_spec.rb
+++ b/spec/services/ci/retry_build_service_spec.rb
@@ -67,6 +67,7 @@ describe Ci::RetryBuildService do
       end
 
       create(:ci_job_variable, job: build)
+      create(:ci_build_need, build: build)
 
       build.reload
     end
diff --git a/spec/workers/build_process_worker_spec.rb b/spec/workers/build_process_worker_spec.rb
new file mode 100644
index 00000000000..cceca40717c
--- /dev/null
+++ b/spec/workers/build_process_worker_spec.rb
@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe BuildProcessWorker do
+  describe '#perform' do
+    context 'when build exists' do
+      let(:pipeline) { create(:ci_pipeline) }
+      let(:build) { create(:ci_build, pipeline: pipeline) }
+
+      it 'processes build' do
+        expect_any_instance_of(Ci::Pipeline).to receive(:process!)
+          .with(build.name)
+
+        described_class.new.perform(build.id)
+      end
+    end
+
+    context 'when build does not exist' do
+      it 'does not raise exception' do
+        expect { described_class.new.perform(123) }
+          .not_to raise_error
+      end
+    end
+  end
+end
-- 
cgit v1.2.1


From f485686131b9fb2655856ddc35b011cb30dc90da Mon Sep 17 00:00:00 2001
From: Amit  Rathi <amit.juschill@gmail.com>
Date: Thu, 1 Aug 2019 14:36:16 +0000
Subject: Jupyter fix hostname editing and remove extra load balancer

---
 app/assets/javascripts/clusters/stores/clusters_store.js | 1 +
 changelogs/unreleased/jupyter-fixes-v1.yml               | 5 +++++
 vendor/jupyter/values.yaml                               | 4 ++++
 3 files changed, 10 insertions(+)
 create mode 100644 changelogs/unreleased/jupyter-fixes-v1.yml

diff --git a/app/assets/javascripts/clusters/stores/clusters_store.js b/app/assets/javascripts/clusters/stores/clusters_store.js
index f64f0ca616f..ada5a49e246 100644
--- a/app/assets/javascripts/clusters/stores/clusters_store.js
+++ b/app/assets/javascripts/clusters/stores/clusters_store.js
@@ -171,6 +171,7 @@ export default class ClusterStore {
           this.state.applications.cert_manager.email || serverAppEntry.email;
       } else if (appId === JUPYTER) {
         this.state.applications.jupyter.hostname =
+          this.state.applications.jupyter.hostname ||
           serverAppEntry.hostname ||
           (this.state.applications.ingress.externalIp
             ? `jupyter.${this.state.applications.ingress.externalIp}.nip.io`
diff --git a/changelogs/unreleased/jupyter-fixes-v1.yml b/changelogs/unreleased/jupyter-fixes-v1.yml
new file mode 100644
index 00000000000..7a34f273c90
--- /dev/null
+++ b/changelogs/unreleased/jupyter-fixes-v1.yml
@@ -0,0 +1,5 @@
+---
+title: Jupyter fixes
+merge_request: 31332
+author: Amit Rathi
+type: fixed
diff --git a/vendor/jupyter/values.yaml b/vendor/jupyter/values.yaml
index 2aadd3dbe1e..852c6c3f2b0 100644
--- a/vendor/jupyter/values.yaml
+++ b/vendor/jupyter/values.yaml
@@ -57,3 +57,7 @@ ingress:
  annotations:
    kubernetes.io/ingress.class: "nginx"
    kubernetes.io/tls-acme: "true"
+
+proxy:
+  service:
+    type: ClusterIP
-- 
cgit v1.2.1


From e2e878bdd8aa8d93b026234e4b6c873a891d0259 Mon Sep 17 00:00:00 2001
From: Aleksei Lipniagov <alipniagov@gitlab.com>
Date: Thu, 1 Aug 2019 15:28:45 +0300
Subject: Make `bin/web_puma` consider RAILS_ENV

---
 bin/web_puma                                                         | 2 +-
 .../unreleased/fix-bin-web-puma-script-to-consider-rails-env.yml     | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/fix-bin-web-puma-script-to-consider-rails-env.yml

diff --git a/bin/web_puma b/bin/web_puma
index 178fe84800d..29d72cd4a41 100755
--- a/bin/web_puma
+++ b/bin/web_puma
@@ -10,7 +10,7 @@ puma_config="$app_root/config/puma.rb"
 
 spawn_puma()
 {
-  exec bundle exec puma --config "${puma_config}" "$@"
+  exec bundle exec puma --config "${puma_config}" --environment "$RAILS_ENV" "$@"
 }
 
 get_puma_pid()
diff --git a/changelogs/unreleased/fix-bin-web-puma-script-to-consider-rails-env.yml b/changelogs/unreleased/fix-bin-web-puma-script-to-consider-rails-env.yml
new file mode 100644
index 00000000000..a0564369b02
--- /dev/null
+++ b/changelogs/unreleased/fix-bin-web-puma-script-to-consider-rails-env.yml
@@ -0,0 +1,5 @@
+---
+title: Make `bin/web_puma` consider RAILS_ENV
+merge_request: 31378
+author:
+type: fixed
-- 
cgit v1.2.1


From 52767ae18d42e98f203faa3927ceada088c2dcd6 Mon Sep 17 00:00:00 2001
From: Mayra Cabrera <mcabrera@gitlab.com>
Date: Thu, 1 Aug 2019 15:27:12 +0000
Subject: Hardcodes namespaces lease timing value to 1.5h

After measuring the response and performance of the workers on
https://gitlab.com/gitlab-org/gitlab-ce/issues/64092, we've decided 1.5
is fine for now. The time can be decreased later in the future when
enforcing the quota limits

Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/64092
---
 app/models/namespace/aggregation_schedule.rb       | 14 ++-------
 spec/models/namespace/aggregation_schedule_spec.rb | 34 ----------------------
 2 files changed, 3 insertions(+), 45 deletions(-)

diff --git a/app/models/namespace/aggregation_schedule.rb b/app/models/namespace/aggregation_schedule.rb
index 0bef352cf24..61a7eb4b576 100644
--- a/app/models/namespace/aggregation_schedule.rb
+++ b/app/models/namespace/aggregation_schedule.rb
@@ -6,21 +6,13 @@ class Namespace::AggregationSchedule < ApplicationRecord
 
   self.primary_key = :namespace_id
 
-  DEFAULT_LEASE_TIMEOUT = 3.hours
+  DEFAULT_LEASE_TIMEOUT = 1.5.hours.to_i
   REDIS_SHARED_KEY = 'gitlab:update_namespace_statistics_delay'.freeze
 
   belongs_to :namespace
 
   after_create :schedule_root_storage_statistics
 
-  def self.delay_timeout
-    redis_timeout = Gitlab::Redis::SharedState.with do |redis|
-      redis.get(REDIS_SHARED_KEY)
-    end
-
-    redis_timeout.nil? ? DEFAULT_LEASE_TIMEOUT : redis_timeout.to_i
-  end
-
   def schedule_root_storage_statistics
     run_after_commit_or_now do
       try_obtain_lease do
@@ -28,7 +20,7 @@ class Namespace::AggregationSchedule < ApplicationRecord
           .perform_async(namespace_id)
 
         Namespaces::RootStatisticsWorker
-          .perform_in(self.class.delay_timeout, namespace_id)
+          .perform_in(DEFAULT_LEASE_TIMEOUT, namespace_id)
       end
     end
   end
@@ -37,7 +29,7 @@ class Namespace::AggregationSchedule < ApplicationRecord
 
   # Used by ExclusiveLeaseGuard
   def lease_timeout
-    self.class.delay_timeout
+    DEFAULT_LEASE_TIMEOUT
   end
 
   # Used by ExclusiveLeaseGuard
diff --git a/spec/models/namespace/aggregation_schedule_spec.rb b/spec/models/namespace/aggregation_schedule_spec.rb
index 0f1283717e0..38bf8089411 100644
--- a/spec/models/namespace/aggregation_schedule_spec.rb
+++ b/spec/models/namespace/aggregation_schedule_spec.rb
@@ -7,24 +7,6 @@ RSpec.describe Namespace::AggregationSchedule, :clean_gitlab_redis_shared_state,
 
   it { is_expected.to belong_to :namespace }
 
-  describe '.delay_timeout' do
-    context 'when timeout is set on redis' do
-      it 'uses personalized timeout' do
-        Gitlab::Redis::SharedState.with do |redis|
-          redis.set(described_class::REDIS_SHARED_KEY, 1.hour)
-        end
-
-        expect(described_class.delay_timeout).to eq(1.hour)
-      end
-    end
-
-    context 'when timeout is not set on redis' do
-      it 'uses default timeout' do
-        expect(described_class.delay_timeout).to eq(3.hours)
-      end
-    end
-  end
-
   describe '#schedule_root_storage_statistics' do
     let(:namespace) { create(:namespace) }
     let(:aggregation_schedule) { namespace.build_aggregation_schedule }
@@ -87,21 +69,5 @@ RSpec.describe Namespace::AggregationSchedule, :clean_gitlab_redis_shared_state,
         aggregation_schedule.schedule_root_storage_statistics
       end
     end
-
-    context 'with a personalized lease timeout' do
-      before do
-        Gitlab::Redis::SharedState.with do |redis|
-          redis.set(described_class::REDIS_SHARED_KEY, 1.hour)
-        end
-      end
-
-      it 'uses a personalized time' do
-        expect(Namespaces::RootStatisticsWorker)
-          .to receive(:perform_in)
-          .with(1.hour, aggregation_schedule.namespace_id)
-
-        aggregation_schedule.save!
-      end
-    end
   end
 end
-- 
cgit v1.2.1


From aaefcb9c7e7e447a4434915ab3a84664a7f0dd4f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20Coutable?= <remy@rymai.me>
Date: Thu, 1 Aug 2019 17:52:19 +0200
Subject: Document the current state of the Review App clusters
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Rémy Coutable <remy@rymai.me>
---
 doc/development/testing_guide/review_apps.md | 31 ++++++++++++++++++++--------
 1 file changed, 22 insertions(+), 9 deletions(-)

diff --git a/doc/development/testing_guide/review_apps.md b/doc/development/testing_guide/review_apps.md
index 96761622cfe..d07a7045390 100644
--- a/doc/development/testing_guide/review_apps.md
+++ b/doc/development/testing_guide/review_apps.md
@@ -115,6 +115,28 @@ On every [pipeline][gitlab-pipeline] in the `qa` stage, the
 browser performance testing using a
 [Sitespeed.io Container](../../user/project/merge_requests/browser_performance_testing.md).
 
+## Cluster configuration
+
+### Node pools
+
+Both `review-apps-ce` and `review-apps-ee` clusters are currently set up with
+two node pools:
+
+- a node pool of non-preemptible `n1-standard-2` (2 vCPU, 7.5 GB memory) nodes
+  dedicated to the `tiller` deployment (see below) with a single node.
+- a node pool of preemptible `n1-standard-2` (2 vCPU, 7.5 GB memory) nodes,
+  with a minimum of 1 node and a maximum of 250 nodes.
+
+### Helm/Tiller
+
+The `tiller` deployment (the Helm server) is deployed to a dedicated node pool
+that has the `app=helm` label and a specific
+[taint](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/)
+to prevent other pods from being scheduled on this node pool.
+
+This is to ensure Tiller isn't affected by "noisy" neighbors that could put
+their node under pressure.
+
 ## How to:
 
 ### Log into my Review App
@@ -241,15 +263,6 @@ thousands of unused Docker images.**
   CNG-mirror project to store these Docker images so that we can just wipe out
   the registry at some point, and use a new fresh, empty one.
 
-**How big are the Kubernetes clusters (`review-apps-ce` and `review-apps-ee`)?**
-
-  > The clusters are currently set up with a single pool of preemptible nodes,
-  with a minimum of 1 node and a maximum of 500 nodes.
-
-**What are the machine running on the cluster?**
-
-  > We're currently using `n1-standard-1` (1 vCPU, 3.75 GB memory) machines.
-
 **How do we secure this from abuse? Apps are open to the world so we need to
 find a way to limit it to only us.**
 
-- 
cgit v1.2.1


From e3dd1adafa4d2bc27081184ed98f961a08c38268 Mon Sep 17 00:00:00 2001
From: Bob Van Landuyt <bob@vanlanduyt.co>
Date: Thu, 1 Aug 2019 17:59:16 +0200
Subject: Skip specs for default relative positions

If a model has a default relative position we don't need to test that
it is moved to the end, it will instead get the default value assigned.
---
 .../shared_examples/relative_positioning_shared_examples.rb        | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/spec/support/shared_examples/relative_positioning_shared_examples.rb b/spec/support/shared_examples/relative_positioning_shared_examples.rb
index 45eacf3721e..1c53e2602eb 100644
--- a/spec/support/shared_examples/relative_positioning_shared_examples.rb
+++ b/spec/support/shared_examples/relative_positioning_shared_examples.rb
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-RSpec.shared_examples "a class that supports relative positioning" do
+RSpec.shared_examples 'a class that supports relative positioning' do
   let(:item1) { create(factory, default_params) }
   let(:item2) { create(factory, default_params) }
   let(:new_item) { create(factory, default_params) }
@@ -11,6 +11,9 @@ RSpec.shared_examples "a class that supports relative positioning" do
 
   describe '.move_nulls_to_end' do
     it 'moves items with null relative_position to the end' do
+      skip("#{item1} has a default relative position") if item1.relative_position
+      skip("#{item2} has a default relative position") if item2.relative_position
+
       described_class.move_nulls_to_end([item1, item2])
 
       expect(item2.prev_relative_position).to eq item1.relative_position
@@ -19,6 +22,8 @@ RSpec.shared_examples "a class that supports relative positioning" do
     end
 
     it 'moves the item near the start position when there are no existing positions' do
+      skip("#{item1} has a default relative position") if item1.relative_position
+
       described_class.move_nulls_to_end([item1])
 
       expect(item1.relative_position).to eq(described_class::START_POSITION + described_class::IDEAL_DISTANCE)
-- 
cgit v1.2.1


From f74b33cf6e5ee415417d9f2ee255f97ab6fcf7ad Mon Sep 17 00:00:00 2001
From: Igor <idrozdov@gitlab.com>
Date: Thu, 1 Aug 2019 16:51:14 +0000
Subject: Add can_merge option to autocomplete response

It's used only if merge_request_iid param is provided
---
 app/controllers/autocomplete_controller.rb       |  2 +-
 app/serializers/user_serializer.rb               | 17 ++++++++++++++
 spec/controllers/autocomplete_controller_spec.rb | 14 +++++++++++
 spec/serializers/user_serializer_spec.rb         | 30 ++++++++++++++++++++++++
 4 files changed, 62 insertions(+), 1 deletion(-)
 create mode 100644 spec/serializers/user_serializer_spec.rb

diff --git a/app/controllers/autocomplete_controller.rb b/app/controllers/autocomplete_controller.rb
index 091327931c2..f111c7ca8cc 100644
--- a/app/controllers/autocomplete_controller.rb
+++ b/app/controllers/autocomplete_controller.rb
@@ -16,7 +16,7 @@ class AutocompleteController < ApplicationController
       .new(params: params, current_user: current_user, project: project, group: group)
       .execute
 
-    render json: UserSerializer.new.represent(users)
+    render json: UserSerializer.new(params).represent(users, project: project)
   end
 
   def user
diff --git a/app/serializers/user_serializer.rb b/app/serializers/user_serializer.rb
index 2111e1b5667..d988caea92d 100644
--- a/app/serializers/user_serializer.rb
+++ b/app/serializers/user_serializer.rb
@@ -2,4 +2,21 @@
 
 class UserSerializer < BaseSerializer
   entity UserEntity
+
+  def represent(resource, opts = {}, entity = nil)
+    if params[:merge_request_iid]
+      merge_request = opts[:project].merge_requests.find_by_iid!(params[:merge_request_iid])
+      preload_max_member_access(merge_request.project, Array(resource))
+
+      super(resource, opts.merge(merge_request: merge_request), MergeRequestAssigneeEntity)
+    else
+      super
+    end
+  end
+
+  private
+
+  def preload_max_member_access(project, users)
+    project.team.max_member_access_for_user_ids(users.map(&:id))
+  end
 end
diff --git a/spec/controllers/autocomplete_controller_spec.rb b/spec/controllers/autocomplete_controller_spec.rb
index eaa5d6cd073..6cdd61e7abd 100644
--- a/spec/controllers/autocomplete_controller_spec.rb
+++ b/spec/controllers/autocomplete_controller_spec.rb
@@ -222,6 +222,20 @@ describe AutocompleteController do
         expect(response_user_ids).to contain_exactly(non_member.id)
       end
     end
+
+    context 'merge_request_iid parameter included' do
+      before do
+        sign_in(user)
+      end
+
+      it 'includes can_merge option to users' do
+        merge_request = create(:merge_request, source_project: project)
+
+        get(:users, params: { merge_request_iid: merge_request.iid, project_id: project.id })
+
+        expect(json_response.first).to have_key('can_merge')
+      end
+    end
   end
 
   context 'GET projects' do
diff --git a/spec/serializers/user_serializer_spec.rb b/spec/serializers/user_serializer_spec.rb
new file mode 100644
index 00000000000..2e4a8c644fe
--- /dev/null
+++ b/spec/serializers/user_serializer_spec.rb
@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe UserSerializer do
+  let(:user1) { create(:user) }
+  let(:user2) { create(:user) }
+
+  context 'serializer with merge request context' do
+    let(:merge_request) { create(:merge_request) }
+    let(:project) { merge_request.project }
+    let(:serializer) { described_class.new(merge_request_iid: merge_request.iid) }
+
+    before do
+      allow(project).to(
+        receive_message_chain(:merge_requests, :find_by_iid!)
+          .with(merge_request.iid).and_return(merge_request)
+      )
+
+      project.add_maintainer(user1)
+    end
+
+    it 'returns a user with can_merge option' do
+      serialized_user1, serialized_user2 = serializer.represent([user1, user2], project: project).as_json
+
+      expect(serialized_user1).to include("id" => user1.id, "can_merge" => true)
+      expect(serialized_user2).to include("id" => user2.id, "can_merge" => false)
+    end
+  end
+end
-- 
cgit v1.2.1


From a3e18e7c97b2a5d1f5695c71ac55cc91931c992e Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Tue, 30 Jul 2019 23:22:22 -0700
Subject: Use Mermaid Markdown for testing guide docs

* Remove PNGs in favor of dynamically rendered graphs
* Eliminate <b> styling because this is no longer supported
* Change <br /> to <br> because the latter is only supported
* Add quotes around subgraph titles
---
 doc/development/testing_guide/end_to_end/index.md  |  24 +++++++++------------
 .../img/qa_on_merge_requests_cicd_architecture.png | Bin 64862 -> 0 bytes
 .../img/review_apps_cicd_architecture.png          | Bin 136431 -> 0 bytes
 doc/development/testing_guide/review_apps.md       |  23 ++++++++------------
 4 files changed, 19 insertions(+), 28 deletions(-)
 delete mode 100644 doc/development/testing_guide/img/qa_on_merge_requests_cicd_architecture.png
 delete mode 100644 doc/development/testing_guide/img/review_apps_cicd_architecture.png

diff --git a/doc/development/testing_guide/end_to_end/index.md b/doc/development/testing_guide/end_to_end/index.md
index 2dc06ba10a5..882e2230636 100644
--- a/doc/development/testing_guide/end_to_end/index.md
+++ b/doc/development/testing_guide/end_to_end/index.md
@@ -65,28 +65,24 @@ Below you can read more about how to use it and how does it work.
 Currently, we are using _multi-project pipeline_-like approach to run QA
 pipelines.
 
-![QA on merge requests CI/CD architecture](../img/qa_on_merge_requests_cicd_architecture.png)
-
-<details>
-<summary>Show mermaid source</summary>
-<pre>
+```mermaid
 graph LR
     A1 -.->|1. Triggers an omnibus-gitlab pipeline and wait for it to be done| A2
-    B2[<b>`Trigger-qa` stage</b><br />`Trigger:qa-test` job] -.->|2. Triggers a gitlab-qa pipeline and wait for it to be done| A3
+    B2[`Trigger-qa` stage<br>`Trigger:qa-test` job] -.->|2. Triggers a gitlab-qa pipeline and wait for it to be done| A3
 
-subgraph gitlab-ce/ee pipeline
-    A1[<b>`test` stage</b><br />`package-and-qa` job]
+subgraph "gitlab-ce/ee pipeline"
+    A1[`test` stage<br>`package-and-qa` job]
     end
 
-subgraph omnibus-gitlab pipeline
-    A2[<b>`Trigger-docker` stage</b><br />`Trigger:gitlab-docker` job] -->|once done| B2
+subgraph "omnibus-gitlab pipeline"
+    A2[`Trigger-docker` stage<br>`Trigger:gitlab-docker` job] -->|once done| B2
     end
 
-subgraph gitlab-qa pipeline
-    A3>QA jobs run] -.->|3. Reports back the pipeline result to the `package-and-qa` job<br />and post the result  on the original commit tested| A1
+subgraph "gitlab-qa pipeline"
+    A3>QA jobs run] -.->|3. Reports back the pipeline result to the `package-and-qa` job<br>and post the result  on the original commit tested| A1
     end
-</pre>
-</details>
+```
+
 
 1. Developer triggers a manual action, that can be found in CE / EE merge
    requests. This starts a chain of pipelines in multiple projects.
diff --git a/doc/development/testing_guide/img/qa_on_merge_requests_cicd_architecture.png b/doc/development/testing_guide/img/qa_on_merge_requests_cicd_architecture.png
deleted file mode 100644
index 5b93a05db96..00000000000
Binary files a/doc/development/testing_guide/img/qa_on_merge_requests_cicd_architecture.png and /dev/null differ
diff --git a/doc/development/testing_guide/img/review_apps_cicd_architecture.png b/doc/development/testing_guide/img/review_apps_cicd_architecture.png
deleted file mode 100644
index 1ee28d3db91..00000000000
Binary files a/doc/development/testing_guide/img/review_apps_cicd_architecture.png and /dev/null differ
diff --git a/doc/development/testing_guide/review_apps.md b/doc/development/testing_guide/review_apps.md
index d07a7045390..7843fc4c874 100644
--- a/doc/development/testing_guide/review_apps.md
+++ b/doc/development/testing_guide/review_apps.md
@@ -8,38 +8,33 @@ Review Apps are automatically deployed by each pipeline, both in
 
 ### CI/CD architecture diagram
 
-![Review Apps CI/CD architecture](img/review_apps_cicd_architecture.png)
-
-<details>
-<summary>Show mermaid source</summary>
-<pre>
+```mermaid
 graph TD
     build-qa-image -.->|once the `prepare` stage is done| gitlab:assets:compile
     review-build-cng -->|triggers a CNG-mirror pipeline and wait for it to be done| CNG-mirror
     review-build-cng -.->|once the `test` stage is done| review-deploy
     review-deploy -.->|once the `review` stage is done| review-qa-smoke
 
-subgraph 1. gitlab-ce/ee `prepare` stage
+subgraph "1. gitlab-ce/ee `prepare` stage"
     build-qa-image
     end
 
-subgraph 2. gitlab-ce/ee `test` stage
+subgraph "2. gitlab-ce/ee `test` stage"
     gitlab:assets:compile -->|plays dependent job once done| review-build-cng
     end
 
-subgraph 3. gitlab-ce/ee `review` stage
-    review-deploy["review-deploy<br /><br />Helm deploys the Review App using the Cloud<br/>Native images built by the CNG-mirror pipeline.<br /><br />Cloud Native images are deployed to the `review-apps-ce` or `review-apps-ee`<br />Kubernetes (GKE) cluster, in the GCP `gitlab-review-apps` project."]
+subgraph "3. gitlab-ce/ee `review` stage"
+    review-deploy["review-deploy<br><br>Helm deploys the Review App using the Cloud<br/>Native images built by the CNG-mirror pipeline.<br><br>Cloud Native images are deployed to the `review-apps-ce` or `review-apps-ee`<br>Kubernetes (GKE) cluster, in the GCP `gitlab-review-apps` project."]
     end
 
-subgraph 4. gitlab-ce/ee `qa` stage
-    review-qa-smoke[review-qa-smoke<br /><br />gitlab-qa runs the smoke suite against the Review App.]
+subgraph "4. gitlab-ce/ee `qa` stage"
+    review-qa-smoke[review-qa-smoke<br><br>gitlab-qa runs the smoke suite against the Review App.]
     end
 
-subgraph CNG-mirror pipeline
+subgraph "CNG-mirror pipeline"
     CNG-mirror>Cloud Native images are built];
     end
-</pre>
-</details>
+```
 
 ### Detailed explanation
 
-- 
cgit v1.2.1


From 84b6c7a5f3bf3d6f96331d73225903d3fd92b4e2 Mon Sep 17 00:00:00 2001
From: Paul Slaughter <pslaughter@gitlab.com>
Date: Thu, 1 Aug 2019 12:31:13 -0500
Subject: Revert "Merge branch 'mh/editor-indents' into 'master'"

This reverts commit 28f2225bdfee4d353f07a766c6c8b29ba6181397, reversing
changes made to 96ae5bd83da31350e9856a290127d7aa1469710a.
---
 app/assets/javascripts/commons/polyfills.js        |   1 -
 app/assets/javascripts/gl_form.js                  |  87 -----
 app/assets/javascripts/helpers/indent_helper.js    | 182 ----------
 app/assets/javascripts/lib/utils/common_utils.js   |  65 ----
 app/assets/javascripts/lib/utils/keycodes.js       |  10 +-
 app/assets/javascripts/lib/utils/undo_stack.js     | 105 ------
 .../vue_shared/components/markdown/toolbar.vue     |  41 +--
 app/views/shared/notes/_hints.html.haml            |  11 +-
 changelogs/unreleased/mh-editor-indents.yml        |   5 -
 locale/gitlab.pot                                  |  15 +-
 package.json                                       |   2 +-
 .../projects/wiki/user_creates_wiki_page_spec.rb   |  12 +-
 spec/frontend/helpers/indent_helper_spec.js        | 371 ---------------------
 spec/frontend/lib/utils/common_utils_spec.js       | 180 ----------
 spec/frontend/lib/utils/undo_stack_spec.js         | 237 -------------
 yarn.lock                                          |   2 +-
 16 files changed, 39 insertions(+), 1287 deletions(-)
 delete mode 100644 app/assets/javascripts/helpers/indent_helper.js
 delete mode 100644 app/assets/javascripts/lib/utils/undo_stack.js
 delete mode 100644 changelogs/unreleased/mh-editor-indents.yml
 delete mode 100644 spec/frontend/helpers/indent_helper_spec.js
 delete mode 100644 spec/frontend/lib/utils/common_utils_spec.js
 delete mode 100644 spec/frontend/lib/utils/undo_stack_spec.js

diff --git a/app/assets/javascripts/commons/polyfills.js b/app/assets/javascripts/commons/polyfills.js
index daa941a63cd..7a6ad3dc771 100644
--- a/app/assets/javascripts/commons/polyfills.js
+++ b/app/assets/javascripts/commons/polyfills.js
@@ -12,7 +12,6 @@ import 'core-js/es/promise/finally';
 import 'core-js/es/string/code-point-at';
 import 'core-js/es/string/from-code-point';
 import 'core-js/es/string/includes';
-import 'core-js/es/string/repeat';
 import 'core-js/es/string/starts-with';
 import 'core-js/es/string/ends-with';
 import 'core-js/es/symbol';
diff --git a/app/assets/javascripts/gl_form.js b/app/assets/javascripts/gl_form.js
index b98fe9f6ce2..a66555838ba 100644
--- a/app/assets/javascripts/gl_form.js
+++ b/app/assets/javascripts/gl_form.js
@@ -3,16 +3,9 @@ import autosize from 'autosize';
 import GfmAutoComplete, { defaultAutocompleteConfig } from 'ee_else_ce/gfm_auto_complete';
 import dropzoneInput from './dropzone_input';
 import { addMarkdownListeners, removeMarkdownListeners } from './lib/utils/text_markdown';
-import IndentHelper from './helpers/indent_helper';
-import { keystroke } from './lib/utils/common_utils';
-import * as keys from './lib/utils/keycodes';
-import UndoStack from './lib/utils/undo_stack';
 
 export default class GLForm {
   constructor(form, enableGFM = {}) {
-    this.handleKeyShortcuts = this.handleKeyShortcuts.bind(this);
-    this.setState = this.setState.bind(this);
-
     this.form = form;
     this.textarea = this.form.find('textarea.js-gfm-input');
     this.enableGFM = Object.assign({}, defaultAutocompleteConfig, enableGFM);
@@ -23,10 +16,6 @@ export default class GLForm {
         this.enableGFM[item] = Boolean(dataSources[item]);
       }
     });
-
-    this.undoStack = new UndoStack();
-    this.indentHelper = new IndentHelper(this.textarea[0]);
-
     // Before we start, we should clean up any previous data for this form
     this.destroy();
     // Set up the form
@@ -96,84 +85,9 @@ export default class GLForm {
   clearEventListeners() {
     this.textarea.off('focus');
     this.textarea.off('blur');
-    this.textarea.off('keydown');
     removeMarkdownListeners(this.form);
   }
 
-  setState(state) {
-    const selection = [this.textarea[0].selectionStart, this.textarea[0].selectionEnd];
-    this.textarea.val(state);
-    this.textarea[0].setSelectionRange(selection[0], selection[1]);
-  }
-
-  /*
-   Handle keypresses for a custom undo/redo stack.
-   We need this because the toolbar buttons and indentation helpers mess with the browser's
-   native undo/redo capability.
-   */
-  handleUndo(event) {
-    const content = this.textarea.val();
-    const { selectionStart, selectionEnd } = this.textarea[0];
-    const stack = this.undoStack;
-
-    if (stack.isEmpty()) {
-      // ==== Save initial state in undo history ====
-      stack.save(content);
-    }
-
-    if (keystroke(event, keys.Z_KEY_CODE, 'l')) {
-      // ==== Undo ====
-      event.preventDefault();
-      stack.save(content);
-      if (stack.canUndo()) {
-        this.setState(stack.undo());
-      }
-    } else if (keystroke(event, keys.Z_KEY_CODE, 'ls') || keystroke(event, keys.Y_KEY_CODE, 'l')) {
-      // ==== Redo ====
-      event.preventDefault();
-      if (stack.canRedo()) {
-        this.setState(stack.redo());
-      }
-    } else if (
-      keystroke(event, keys.SPACE_KEY_CODE) ||
-      keystroke(event, keys.ENTER_KEY_CODE) ||
-      selectionStart !== selectionEnd
-    ) {
-      // ==== Save after finishing a word or before deleting a large selection ====
-      stack.save(content);
-    } else if (content === '') {
-      // ==== Save after deleting everything ====
-      stack.save('');
-    } else {
-      // ==== Save after 1 second of inactivity ====
-      stack.scheduleSave(content);
-    }
-  }
-
-  handleIndent(event) {
-    if (keystroke(event, keys.LEFT_BRACKET_KEY_CODE, 'l')) {
-      // ==== Unindent selected lines ====
-      event.preventDefault();
-      this.indentHelper.unindent();
-    } else if (keystroke(event, keys.RIGHT_BRACKET_KEY_CODE, 'l')) {
-      // ==== Indent selected lines ====
-      event.preventDefault();
-      this.indentHelper.indent();
-    } else if (keystroke(event, keys.ENTER_KEY_CODE)) {
-      // ==== Auto-indent new lines ====
-      event.preventDefault();
-      this.indentHelper.newline();
-    } else if (keystroke(event, keys.BACKSPACE_KEY_CODE)) {
-      // ==== Auto-delete indents at the beginning of the line ====
-      this.indentHelper.backspace(event);
-    }
-  }
-
-  handleKeyShortcuts(event) {
-    this.handleIndent(event);
-    this.handleUndo(event);
-  }
-
   addEventListeners() {
     this.textarea.on('focus', function focusTextArea() {
       $(this)
@@ -185,6 +99,5 @@ export default class GLForm {
         .closest('.md-area')
         .removeClass('is-focused');
     });
-    this.textarea.on('keydown', e => this.handleKeyShortcuts(e.originalEvent));
   }
 }
diff --git a/app/assets/javascripts/helpers/indent_helper.js b/app/assets/javascripts/helpers/indent_helper.js
deleted file mode 100644
index a8815fac04e..00000000000
--- a/app/assets/javascripts/helpers/indent_helper.js
+++ /dev/null
@@ -1,182 +0,0 @@
-const INDENT_SEQUENCE = '    ';
-
-function countLeftSpaces(text) {
-  const i = text.split('').findIndex(c => c !== ' ');
-  return i === -1 ? text.length : i;
-}
-
-/**
- * IndentHelper provides methods that allow manual and smart indentation in
- * textareas. It supports line indent/unindent, selection indent/unindent,
- * auto indentation on newlines, and smart deletion of indents with backspace.
- */
-export default class IndentHelper {
-  /**
-   * Creates a new IndentHelper and binds it to the given `textarea`. You can provide a custom indent sequence in the second parameter, but the `newline` and `backspace` operations may work funny if the indent sequence isn't spaces only.
-   */
-  constructor(textarea, indentSequence = INDENT_SEQUENCE) {
-    this.element = textarea;
-    this.seq = indentSequence;
-  }
-
-  getSelection() {
-    return { start: this.element.selectionStart, end: this.element.selectionEnd };
-  }
-
-  isRangeSelection() {
-    return this.element.selectionStart !== this.element.selectionEnd;
-  }
-
-  /**
-   * Re-implementation of textarea's setRangeText method, because IE/Edge don't support it.
-   *
-   * @see https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#dom-textarea%2Finput-setrangetext
-   */
-  setRangeText(replacement, start, end, selectMode) {
-    // Disable eslint to remain as faithful as possible to the above linked spec
-    /* eslint-disable no-param-reassign, no-case-declarations */
-    const text = this.element.value;
-
-    if (start > end) {
-      throw new RangeError('setRangeText: start index must be less than or equal to end index');
-    }
-
-    // Clamp to [0, len]
-    start = Math.max(0, Math.min(start, text.length));
-    end = Math.max(0, Math.min(end, text.length));
-
-    let selection = { start: this.element.selectionStart, end: this.element.selectionEnd };
-
-    this.element.value = text.slice(0, start) + replacement + text.slice(end);
-
-    const newLength = replacement.length;
-    const newEnd = start + newLength;
-
-    switch (selectMode) {
-      case 'select':
-        selection = { start, newEnd };
-        break;
-      case 'start':
-        selection = { start, end: start };
-        break;
-      case 'end':
-        selection = { start: newEnd, end: newEnd };
-        break;
-      case 'preserve':
-      default:
-        const oldLength = end - start;
-        const delta = newLength - oldLength;
-        if (selection.start > end) {
-          selection.start += delta;
-        } else if (selection.start > start) {
-          selection.start = start;
-        }
-        if (selection.end > end) {
-          selection.end += delta;
-        } else if (selection.end > start) {
-          selection.end = newEnd;
-        }
-    }
-
-    this.element.setSelectionRange(selection.start, selection.end);
-
-    /* eslint-enable no-param-reassign, no-case-declarations */
-  }
-
-  /**
-   * Returns an array of lines in the textarea, with information about their
-   * start/end offsets and whether they are included in the current selection.
-   */
-  splitLines() {
-    const { start, end } = this.getSelection();
-
-    const lines = this.element.value.split('\n');
-    let textStart = 0;
-    const lineObjects = [];
-    lines.forEach(line => {
-      const lineObj = {
-        text: line,
-        start: textStart,
-        end: textStart + line.length,
-      };
-      lineObj.inSelection = lineObj.start <= end && lineObj.end >= start;
-      lineObjects.push(lineObj);
-      textStart += line.length + 1;
-    });
-    return lineObjects;
-  }
-
-  /**
-   * Indents selected lines by one level.
-   */
-  indent() {
-    const { start } = this.getSelection();
-
-    const selectedLines = this.splitLines().filter(line => line.inSelection);
-    if (!this.isRangeSelection() && start === selectedLines[0].start) {
-      // Special case: if cursor is at the beginning of the line, move it one
-      // indent right.
-      const line = selectedLines[0];
-      this.setRangeText(this.seq, line.start, line.start, 'end');
-    } else {
-      selectedLines.reverse();
-      selectedLines.forEach(line => {
-        this.setRangeText(INDENT_SEQUENCE, line.start, line.start, 'preserve');
-      });
-    }
-  }
-
-  /**
-   * Unindents selected lines by one level.
-   */
-  unindent() {
-    const lines = this.splitLines().filter(line => line.inSelection);
-    lines.reverse();
-    lines
-      .filter(line => line.text.startsWith(this.seq))
-      .forEach(line => {
-        this.setRangeText('', line.start, line.start + this.seq.length, 'preserve');
-      });
-  }
-
-  /**
-   * Emulates a newline keypress, automatically indenting the new line.
-   */
-  newline() {
-    const { start, end } = this.getSelection();
-
-    if (this.isRangeSelection()) {
-      // Manually kill the selection before calculating the indent
-      this.setRangeText('', start, end, 'start');
-    }
-
-    // Auto-indent the next line
-    const currentLine = this.splitLines().find(line => line.end >= start);
-    const spaces = countLeftSpaces(currentLine.text);
-    this.setRangeText(`\n${' '.repeat(spaces)}`, start, start, 'end');
-  }
-
-  /**
-   * If the cursor is positioned at the end of a line's leading indents,
-   * emulates a backspace keypress by deleting a single level of indents.
-   * @param event The DOM KeyboardEvent that triggers this action, or null.
-   */
-  backspace(event) {
-    const { start } = this.getSelection();
-
-    // If the cursor is at the end of leading indents, delete an indent.
-    if (!this.isRangeSelection()) {
-      const currentLine = this.splitLines().find(line => line.end >= start);
-      const cursorPosition = start - currentLine.start;
-      if (countLeftSpaces(currentLine.text) === cursorPosition && cursorPosition > 0) {
-        if (event) event.preventDefault();
-
-        let spacesToDelete = cursorPosition % this.seq.length;
-        if (spacesToDelete === 0) {
-          spacesToDelete = this.seq.length;
-        }
-        this.setRangeText('', start - spacesToDelete, start, 'start');
-      }
-    }
-  }
-}
diff --git a/app/assets/javascripts/lib/utils/common_utils.js b/app/assets/javascripts/lib/utils/common_utils.js
index 1a94aee2398..5e90893b684 100644
--- a/app/assets/javascripts/lib/utils/common_utils.js
+++ b/app/assets/javascripts/lib/utils/common_utils.js
@@ -203,71 +203,6 @@ export const isMetaKey = e => e.metaKey || e.ctrlKey || e.altKey || e.shiftKey;
 // 3) Middle-click or Mouse Wheel Click (e.which is 2)
 export const isMetaClick = e => e.metaKey || e.ctrlKey || e.which === 2;
 
-export const getPlatformLeaderKey = () => {
-  // eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings
-  if (navigator && navigator.platform && navigator.platform.startsWith('Mac')) {
-    return 'meta';
-  }
-  return 'ctrl';
-};
-
-export const getPlatformLeaderKeyHTML = () => {
-  if (getPlatformLeaderKey() === 'meta') {
-    return '&#8984;';
-  }
-  // eslint-disable-next-line @gitlab/i18n/no-non-i18n-strings
-  return 'Ctrl';
-};
-
-export const isPlatformLeaderKey = e => {
-  if (getPlatformLeaderKey() === 'meta') {
-    return Boolean(e.metaKey);
-  }
-  return Boolean(e.ctrlKey);
-};
-
-/**
- * Tests if a KeyboardEvent corresponds exactly to a keystroke.
- *
- * This function avoids hacking around an old version of Mousetrap, which we ship at the moment. It should be removed after we upgrade to the newest Mousetrap. See:
- * - https://gitlab.com/gitlab-org/gitlab-ce/issues/63182
- * - https://gitlab.com/gitlab-org/gitlab-ce/issues/64246
- *
- * @example
- *     // Matches the enter key with exactly zero modifiers
- *     keystroke(event, 13)
- *
- * @example
- *     // Matches Control-Shift-Z
- *     keystroke(event, 90, 'cs')
- *
- * @param e The KeyboardEvent to test.
- * @param keyCode The key code of the key to test. Why keycodes? IE/Edge don't support the more convenient `key` and `code` properties.
- * @param modifiers A string of modifiers keys. Each modifier key is represented by one character. The set of pressed modifier keys must match the given string exactly. Available options are 'a' for Alt/Option, 'c' for Control, 'm' for Meta/Command, 's' for Shift, and 'l' for the leader key (Meta on MacOS and Control otherwise).
- * @returns {boolean} True if the KeyboardEvent corresponds to the given keystroke.
- */
-export const keystroke = (e, keyCode, modifiers = '') => {
-  if (!e || !keyCode) {
-    return false;
-  }
-
-  const leader = getPlatformLeaderKey();
-  const mods = modifiers.toLowerCase().replace('l', leader.charAt(0));
-
-  // Match depressed modifier keys
-  if (
-    e.altKey !== mods.includes('a') ||
-    e.ctrlKey !== mods.includes('c') ||
-    e.metaKey !== mods.includes('m') ||
-    e.shiftKey !== mods.includes('s')
-  ) {
-    return false;
-  }
-
-  // Match the depressed key
-  return keyCode === (e.keyCode || e.which);
-};
-
 export const contentTop = () => {
   const perfBar = $('#js-peek').outerHeight() || 0;
   const mrTabsHeight = $('.merge-request-tabs').outerHeight() || 0;
diff --git a/app/assets/javascripts/lib/utils/keycodes.js b/app/assets/javascripts/lib/utils/keycodes.js
index e24fcf47d71..5e0f9b612a2 100644
--- a/app/assets/javascripts/lib/utils/keycodes.js
+++ b/app/assets/javascripts/lib/utils/keycodes.js
@@ -1,10 +1,4 @@
-export const BACKSPACE_KEY_CODE = 8;
-export const ENTER_KEY_CODE = 13;
-export const ESC_KEY_CODE = 27;
-export const SPACE_KEY_CODE = 32;
 export const UP_KEY_CODE = 38;
 export const DOWN_KEY_CODE = 40;
-export const Y_KEY_CODE = 89;
-export const Z_KEY_CODE = 90;
-export const LEFT_BRACKET_KEY_CODE = 219;
-export const RIGHT_BRACKET_KEY_CODE = 221;
+export const ENTER_KEY_CODE = 13;
+export const ESC_KEY_CODE = 27;
diff --git a/app/assets/javascripts/lib/utils/undo_stack.js b/app/assets/javascripts/lib/utils/undo_stack.js
deleted file mode 100644
index 6cfdc2a0a0f..00000000000
--- a/app/assets/javascripts/lib/utils/undo_stack.js
+++ /dev/null
@@ -1,105 +0,0 @@
-/**
- * UndoStack provides a custom implementation of an undo/redo engine. It was originally written for GitLab's Markdown editor (`gl_form.js`), whose rich text editing capabilities broke native browser undo/redo behaviour.
- *
- * UndoStack supports predictable undos/redos, debounced saves, maximum history length, and duplicate detection.
- *
- * Usage:
- *   - `stack = new UndoStack();`
- *   - Saves a state to the stack with `stack.save(state)`.
- *   - Get the current state with `stack.current()`.
- *   - Revert to the previous state with `stack.undo()`.
- *   - Redo a previous undo with `stack.redo()`;
- *   - Queue a future save with `stack.scheduleSave(state, delay)`. Useful for text editors.
- *   - See the full undo history in `stack.history`.
- */
-export default class UndoStack {
-  constructor(maxLength = 1000) {
-    this.clear();
-    this.maxLength = maxLength;
-
-    // If you're storing reference-types in the undo stack, you might want to
-    // reassign this property to some deep-equals function.
-    this.comparator = (a, b) => a === b;
-  }
-
-  current() {
-    if (this.cursor === -1) {
-      return undefined;
-    }
-    return this.history[this.cursor];
-  }
-
-  isEmpty() {
-    return this.history.length === 0;
-  }
-
-  clear() {
-    this.clearPending();
-    this.history = [];
-    this.cursor = -1;
-  }
-
-  save(state) {
-    this.clearPending();
-    if (this.comparator(state, this.current())) {
-      // Don't save state if it's the same as the current state
-      return;
-    }
-
-    this.history.length = this.cursor + 1;
-    this.history.push(state);
-    this.cursor += 1;
-
-    if (this.history.length > this.maxLength) {
-      this.history.shift();
-      this.cursor -= 1;
-    }
-  }
-
-  scheduleSave(state, delay = 1000) {
-    this.clearPending();
-    this.pendingState = state;
-    this.timeout = setTimeout(this.saveNow.bind(this), delay);
-  }
-
-  saveNow() {
-    // Persists scheduled saves immediately
-    this.save(this.pendingState);
-    this.clearPending();
-  }
-
-  clearPending() {
-    // Cancels any scheduled saves
-    if (this.timeout) {
-      clearTimeout(this.timeout);
-      delete this.timeout;
-      delete this.pendingState;
-    }
-  }
-
-  canUndo() {
-    return this.cursor > 0;
-  }
-
-  undo() {
-    this.clearPending();
-    if (!this.canUndo()) {
-      return undefined;
-    }
-    this.cursor -= 1;
-    return this.history[this.cursor];
-  }
-
-  canRedo() {
-    return this.cursor >= 0 && this.cursor < this.history.length - 1;
-  }
-
-  redo() {
-    this.clearPending();
-    if (!this.canRedo()) {
-      return undefined;
-    }
-    this.cursor += 1;
-    return this.history[this.cursor];
-  }
-}
diff --git a/app/assets/javascripts/vue_shared/components/markdown/toolbar.vue b/app/assets/javascripts/vue_shared/components/markdown/toolbar.vue
index 21c44b59520..8ce5b615795 100644
--- a/app/assets/javascripts/vue_shared/components/markdown/toolbar.vue
+++ b/app/assets/javascripts/vue_shared/components/markdown/toolbar.vue
@@ -1,6 +1,5 @@
 <script>
 import { GlLink } from '@gitlab/ui';
-import { s__, sprintf } from '~/locale';
 
 export default {
   components: {
@@ -23,28 +22,8 @@ export default {
     },
   },
   computed: {
-    toolbarHelpHtml() {
-      const mdLinkStart = `<a href="${this.markdownDocsPath}" target="_blank" rel="noopener noreferrer" tabindex="-1">`;
-      const actionsLinkStart = `<a href="${this.quickActionsDocsPath}" target="_blank" rel="noopener noreferrer" tabindex="-1">`;
-      const linkEnd = '</a>';
-
-      if (this.markdownDocsPath && !this.quickActionsDocsPath) {
-        return sprintf(
-          s__('Editor|%{mdLinkStart}Markdown is supported%{mdLinkEnd}'),
-          { mdLinkStart, mdLinkEnd: linkEnd },
-          false,
-        );
-      } else if (this.markdownDocsPath && this.quickActionsDocsPath) {
-        return sprintf(
-          s__(
-            'Editor|%{mdLinkStart}Markdown%{mdLinkEnd} and %{actionsLinkStart}quick actions%{actionsLinkEnd} are supported',
-          ),
-          { mdLinkStart, mdLinkEnd: linkEnd, actionsLinkStart, actionsLinkEnd: linkEnd },
-          false,
-        );
-      }
-
-      return null;
+    hasQuickActionsDocsPath() {
+      return this.quickActionsDocsPath !== '';
     },
   },
 };
@@ -53,7 +32,21 @@ export default {
 <template>
   <div class="comment-toolbar clearfix">
     <div class="toolbar-text">
-      <span v-html="toolbarHelpHtml"></span>
+      <template v-if="!hasQuickActionsDocsPath && markdownDocsPath">
+        <gl-link :href="markdownDocsPath" target="_blank" tabindex="-1">{{
+          __('Markdown is supported')
+        }}</gl-link>
+      </template>
+      <template v-if="hasQuickActionsDocsPath && markdownDocsPath">
+        <gl-link :href="markdownDocsPath" target="_blank" tabindex="-1">{{
+          __('Markdown')
+        }}</gl-link>
+        and
+        <gl-link :href="quickActionsDocsPath" target="_blank" tabindex="-1">{{
+          __('quick actions')
+        }}</gl-link>
+        are supported
+      </template>
     </div>
     <span v-if="canAttachFile" class="uploading-container">
       <span class="uploading-progress-container hide">
diff --git a/app/views/shared/notes/_hints.html.haml b/app/views/shared/notes/_hints.html.haml
index 72ede50dd8c..fae7d6526e8 100644
--- a/app/views/shared/notes/_hints.html.haml
+++ b/app/views/shared/notes/_hints.html.haml
@@ -1,13 +1,14 @@
 - supports_quick_actions = local_assigns.fetch(:supports_quick_actions, false)
 .comment-toolbar.clearfix
   .toolbar-text
-    - md_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer" tabindex="-1">'.html_safe % { url: help_page_path('user/markdown') }
-    - actions_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer" tabindex="-1">'.html_safe % { url: help_page_path('user/project/quick_actions') }
-    - link_end = '</a>'.html_safe
+    = link_to _('Markdown'), help_page_path('user/markdown'), target: '_blank', tabindex: -1
     - if supports_quick_actions
-      = s_('Editor|%{mdLinkStart}Markdown%{mdLinkEnd} and %{actionsLinkStart}quick actions%{actionsLinkEnd} are supported').html_safe % { mdLinkStart: md_link_start, mdLinkEnd: link_end, actionsLinkStart: actions_link_start, actionsLinkEnd: link_end }
+      and
+      = link_to _('quick actions'), help_page_path('user/project/quick_actions'), target: '_blank', tabindex: -1
+      are
     - else
-      = s_('Editor|%{mdLinkStart}Markdown is supported%{mdLinkEnd}').html_safe % { mdLinkStart: md_link_start, mdLinkEnd: link_end }
+      is
+    supported
 
   %span.uploading-container
     %span.uploading-progress-container.hide
diff --git a/changelogs/unreleased/mh-editor-indents.yml b/changelogs/unreleased/mh-editor-indents.yml
deleted file mode 100644
index a282c0f505d..00000000000
--- a/changelogs/unreleased/mh-editor-indents.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Markdown editors now have indentation shortcuts and auto-indentation
-merge_request: 28914
-author:
-type: added
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 4921b3c835b..5e9e371a5fc 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -4052,12 +4052,6 @@ msgstr ""
 msgid "Edit public deploy key"
 msgstr ""
 
-msgid "Editor|%{mdLinkStart}Markdown is supported%{mdLinkEnd}"
-msgstr ""
-
-msgid "Editor|%{mdLinkStart}Markdown%{mdLinkEnd} and %{actionsLinkStart}quick actions%{actionsLinkEnd} are supported"
-msgstr ""
-
 msgid "Email"
 msgstr ""
 
@@ -6508,12 +6502,18 @@ msgstr ""
 msgid "Mark to do as done"
 msgstr ""
 
+msgid "Markdown"
+msgstr ""
+
 msgid "Markdown Help"
 msgstr ""
 
 msgid "Markdown enabled"
 msgstr ""
 
+msgid "Markdown is supported"
+msgstr ""
+
 msgid "Marked this %{noun} as Work In Progress."
 msgstr ""
 
@@ -13566,6 +13566,9 @@ msgstr ""
 msgid "project avatar"
 msgstr ""
 
+msgid "quick actions"
+msgstr ""
+
 msgid "register"
 msgstr ""
 
diff --git a/package.json b/package.json
index c97046b0e84..056f7616cde 100644
--- a/package.json
+++ b/package.json
@@ -100,7 +100,7 @@
     "mermaid": "^8.2.3",
     "monaco-editor": "^0.15.6",
     "monaco-editor-webpack-plugin": "^1.7.0",
-    "mousetrap": "1.4.6",
+    "mousetrap": "^1.4.6",
     "pdfjs-dist": "^2.0.943",
     "pikaday": "^1.6.1",
     "popper.js": "^1.14.7",
diff --git a/spec/features/projects/wiki/user_creates_wiki_page_spec.rb b/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
index 1080976f7ce..cc6dbaa6eb8 100644
--- a/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
+++ b/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
@@ -134,15 +134,9 @@ describe "User creates wiki page" do
 
         fill_in(:wiki_content, with: ascii_content)
 
-        # This is the dumbest bug in the world:
-        # When the #wiki_content textarea is filled in, JS captures the `Enter` keydown event in order to do
-        # auto-indentation and manually inserts a newline. However, for whatever reason, when you try to click on the
-        # submit button in Capybara, it will not trigger the `click` event if a \n or \r character has been manually
-        # added to the textarea. It will, however, trigger ALL OTHER EVENTS, including `mouseover`/down/up, focus, and
-        # blur. Just not `click`. But only when you manually insert \n or \r - if you manually insert any other sequence
-        # then `click` is fired normally. And it's only Capybara. Browsers and JSDOM don't have this issue.
-        # So that's why the next line performs the click via JS.
-        page.execute_script("document.querySelector('.rspec-create-page-button').click()")
+        page.within(".wiki-form") do
+          click_button("Create page")
+        end
 
         page.within ".md" do
           expect(page).to have_selector(".katex", count: 3).and have_content("2+2 is 4")
diff --git a/spec/frontend/helpers/indent_helper_spec.js b/spec/frontend/helpers/indent_helper_spec.js
deleted file mode 100644
index fca12f0d1ef..00000000000
--- a/spec/frontend/helpers/indent_helper_spec.js
+++ /dev/null
@@ -1,371 +0,0 @@
-import IndentHelper from '~/helpers/indent_helper';
-
-function createMockTextarea() {
-  const el = document.createElement('textarea');
-  el.setCursor = pos => el.setSelectionRange(pos, pos);
-  el.setCursorToEnd = () => el.setCursor(el.value.length);
-  el.selection = () => [el.selectionStart, el.selectionEnd];
-  el.cursor = () => {
-    const [start, end] = el.selection();
-    return start === end ? start : undefined;
-  };
-  return el;
-}
-
-describe('indent_helper', () => {
-  let element;
-  let ih;
-
-  beforeEach(() => {
-    element = createMockTextarea();
-    ih = new IndentHelper(element);
-  });
-
-  describe('indents', () => {
-    describe('a single line', () => {
-      it('when on an empty line; and cursor follows', () => {
-        element.value = '';
-        ih.indent();
-        expect(element.value).toBe('    ');
-        expect(element.cursor()).toBe(4);
-        ih.indent();
-        expect(element.value).toBe('        ');
-        expect(element.cursor()).toBe(8);
-      });
-
-      it('when at the start of a line; and cursor stays at start', () => {
-        element.value = 'foobar';
-        element.setCursor(0);
-        ih.indent();
-        expect(element.value).toBe('    foobar');
-        expect(element.cursor()).toBe(4);
-      });
-
-      it('when the cursor is in the middle; and cursor follows', () => {
-        element.value = 'foobar';
-        element.setCursor(3);
-        ih.indent();
-        expect(element.value).toBe('    foobar');
-        expect(element.cursor()).toBe(7);
-      });
-    });
-
-    describe('several lines', () => {
-      it('when everything is selected; and everything remains selected', () => {
-        element.value = 'foo\nbar\nbaz';
-        element.setSelectionRange(0, 11);
-        ih.indent();
-        expect(element.value).toBe('    foo\n    bar\n    baz');
-        expect(element.selection()).toEqual([0, 23]);
-      });
-
-      it('when all lines are partially selected; and the selection adapts', () => {
-        element.value = 'foo\nbar\nbaz';
-        element.setSelectionRange(2, 9);
-        ih.indent();
-        expect(element.value).toBe('    foo\n    bar\n    baz');
-        expect(element.selection()).toEqual([6, 21]);
-      });
-
-      it('when some lines are entirely selected; and entire lines remain selected', () => {
-        element.value = 'foo\nbar\nbaz';
-        element.setSelectionRange(4, 11);
-        ih.indent();
-        expect(element.value).toBe('foo\n    bar\n    baz');
-        expect(element.selection()).toEqual([4, 19]);
-      });
-
-      it('when some lines are partially selected; and the selection adapts', () => {
-        element.value = 'foo\nbar\nbaz';
-        element.setSelectionRange(5, 9);
-        ih.indent();
-        expect(element.value).toBe('foo\n    bar\n    baz');
-        expect(element.selection()).toEqual([5 + 4, 9 + 2 * 4]);
-      });
-
-      it('having different indentation when some lines are entirely selected; and entire lines remain selected', () => {
-        element.value = '    foo\nbar\n    baz';
-        element.setSelectionRange(8, 19);
-        ih.indent();
-        expect(element.value).toBe('    foo\n    bar\n        baz');
-        expect(element.selection()).toEqual([8, 27]);
-      });
-
-      it('having different indentation when some lines are partially selected; and the selection adapts', () => {
-        element.value = '    foo\nbar\n    baz';
-        element.setSelectionRange(9, 14);
-        ih.indent();
-        expect(element.value).toBe('    foo\n    bar\n        baz');
-        expect(element.selection()).toEqual([13, 22]);
-      });
-    });
-  });
-
-  describe('unindents', () => {
-    describe('a single line', () => {
-      it('but does nothing if there is not indent', () => {
-        element.value = 'foobar';
-        element.setCursor(2);
-        ih.unindent();
-        expect(element.value).toBe('foobar');
-        expect(element.cursor()).toBe(2);
-      });
-
-      it('but does nothing if there is a partial indent', () => {
-        element.value = '  foobar';
-        element.setCursor(1);
-        ih.unindent();
-        expect(element.value).toBe('  foobar');
-        expect(element.cursor()).toBe(1);
-      });
-
-      it('when the cursor is in the line text; cursor follows', () => {
-        element.value = '    foobar';
-        element.setCursor(6);
-        ih.unindent();
-        expect(element.value).toBe('foobar');
-        expect(element.cursor()).toBe(2);
-      });
-
-      it('when the cursor is in the indent; and cursor goes to start', () => {
-        element.value = '    foobar';
-        element.setCursor(2);
-        ih.unindent();
-        expect(element.value).toBe('foobar');
-        expect(element.cursor()).toBe(0);
-      });
-
-      it('when the cursor is at line start; and cursor stays at start', () => {
-        element.value = '    foobar';
-        element.setCursor(0);
-        ih.unindent();
-        expect(element.value).toBe('foobar');
-        expect(element.cursor()).toBe(0);
-      });
-
-      it('when a selection includes part of the indent and text', () => {
-        element.value = '    foobar';
-        element.setSelectionRange(2, 8);
-        ih.unindent();
-        expect(element.value).toBe('foobar');
-        expect(element.selection()).toEqual([0, 4]);
-      });
-
-      it('when a selection includes part of the indent only', () => {
-        element.value = '    foobar';
-        element.setSelectionRange(0, 4);
-        ih.unindent();
-        expect(element.value).toBe('foobar');
-        expect(element.cursor()).toBe(0);
-
-        element.value = '    foobar';
-        element.setSelectionRange(1, 3);
-        ih.unindent();
-        expect(element.value).toBe('foobar');
-        expect(element.cursor()).toBe(0);
-      });
-    });
-
-    describe('several lines', () => {
-      it('when everything is selected', () => {
-        element.value = '    foo\n        bar\n    baz';
-        element.setSelectionRange(0, 27);
-        ih.unindent();
-        expect(element.value).toBe('foo\n    bar\nbaz');
-        expect(element.selection()).toEqual([0, 15]);
-      });
-
-      it('when all lines are partially selected', () => {
-        element.value = '    foo\n        bar\n    baz';
-        element.setSelectionRange(5, 26);
-        ih.unindent();
-        expect(element.value).toBe('foo\n    bar\nbaz');
-        expect(element.selection()).toEqual([1, 14]);
-      });
-
-      it('when all lines are entirely selected', () => {
-        element.value = '    foo\n        bar\n    baz';
-        element.setSelectionRange(8, 27);
-        ih.unindent();
-        expect(element.value).toBe('    foo\n    bar\nbaz');
-        expect(element.selection()).toEqual([8, 19]);
-      });
-
-      it('when some lines are entirely selected', () => {
-        element.value = '    foo\n        bar\n    baz';
-        element.setSelectionRange(8, 27);
-        ih.unindent();
-        expect(element.value).toBe('    foo\n    bar\nbaz');
-        expect(element.selection()).toEqual([8, 19]);
-      });
-
-      it('when some lines are partially selected', () => {
-        element.value = '    foo\n        bar\n    baz';
-        element.setSelectionRange(17, 26);
-        ih.unindent();
-        expect(element.value).toBe('    foo\n    bar\nbaz');
-        expect(element.selection()).toEqual([13, 18]);
-      });
-
-      it('when some lines are partially selected within their indents', () => {
-        element.value = '    foo\n        bar\n    baz';
-        element.setSelectionRange(10, 22);
-        ih.unindent();
-        expect(element.value).toBe('    foo\n    bar\nbaz');
-        expect(element.selection()).toEqual([8, 16]);
-      });
-    });
-  });
-
-  describe('newline', () => {
-    describe('on a single line', () => {
-      it('auto-indents the new line', () => {
-        element.value = 'foo\n bar\n    baz\n        qux';
-
-        element.setCursor(3);
-        ih.newline();
-        expect(element.value).toBe('foo\n\n bar\n    baz\n        qux');
-        expect(element.cursor()).toBe(4);
-
-        element.setCursor(9);
-        ih.newline();
-        expect(element.value).toBe('foo\n\n bar\n \n    baz\n        qux');
-        expect(element.cursor()).toBe(11);
-
-        element.setCursor(19);
-        ih.newline();
-        expect(element.value).toBe('foo\n\n bar\n \n    baz\n    \n        qux');
-        expect(element.cursor()).toBe(24);
-
-        element.setCursor(36);
-        ih.newline();
-        expect(element.value).toBe('foo\n\n bar\n \n    baz\n    \n        qux\n        ');
-        expect(element.cursor()).toBe(45);
-      });
-
-      it('splits a line and auto-indents', () => {
-        element.value = '    foobar';
-        element.setCursor(7);
-        ih.newline();
-        expect(element.value).toBe('    foo\n    bar');
-        expect(element.cursor()).toBe(12);
-      });
-
-      it('replaces selection with an indented newline', () => {
-        element.value = '    foobarbaz';
-        element.setSelectionRange(7, 10);
-        ih.newline();
-        expect(element.value).toBe('    foo\n    baz');
-        expect(element.cursor()).toBe(12);
-      });
-    });
-
-    it('on several lines.replaces selection with indented newline', () => {
-      element.value = '  foo\n    bar\n  baz';
-      element.setSelectionRange(4, 17);
-      ih.newline();
-      expect(element.value).toBe('  fo\n  az');
-      expect(element.cursor()).toBe(7);
-    });
-  });
-
-  describe('backspace', () => {
-    let event;
-
-    // This suite tests only the special indent-removing behaviour of the
-    // backspace() method, since non-special cases are handled natively as a
-    // backspace keypress.
-
-    beforeEach(() => {
-      event = { preventDefault: jest.fn() };
-    });
-
-    describe('on a single line', () => {
-      it('does nothing special if in the line text', () => {
-        element.value = '    foobar';
-        element.setCursor(7);
-        ih.backspace(event);
-        expect(event.preventDefault).not.toHaveBeenCalled();
-      });
-
-      it('does nothing special if after a non-leading indent', () => {
-        element.value = '    foo    bar';
-        element.setCursor(11);
-        ih.backspace(event);
-        expect(event.preventDefault).not.toHaveBeenCalled();
-      });
-
-      it('deletes one leading indent', () => {
-        element.value = '        foo';
-        element.setCursor(8);
-        ih.backspace(event);
-        expect(event.preventDefault).toHaveBeenCalled();
-        expect(element.value).toBe('    foo');
-        expect(element.cursor()).toBe(4);
-      });
-
-      it('does nothing if cursor is inside the leading indent', () => {
-        element.value = '        foo';
-        element.setCursor(4);
-        ih.backspace(event);
-        expect(event.preventDefault).not.toHaveBeenCalled();
-      });
-
-      it('does nothing if cursor is at the start of the line', () => {
-        element.value = '    foo';
-        element.setCursor(0);
-        ih.backspace(event);
-        expect(event.preventDefault).not.toHaveBeenCalled();
-      });
-
-      it('deletes one partial indent', () => {
-        element.value = '      foo';
-        element.setCursor(6);
-        ih.backspace(event);
-        expect(event.preventDefault).toHaveBeenCalled();
-        expect(element.value).toBe('    foo');
-        expect(element.cursor()).toBe(4);
-      });
-
-      it('deletes indents sequentially', () => {
-        element.value = '          foo';
-        element.setCursor(10);
-        ih.backspace(event);
-        ih.backspace(event);
-        ih.backspace(event);
-        expect(event.preventDefault).toHaveBeenCalled();
-        expect(element.value).toBe('foo');
-        expect(element.cursor()).toBe(0);
-      });
-    });
-
-    describe('on several lines', () => {
-      it('deletes indent only on its own line', () => {
-        element.value = '    foo\n        bar\n    baz';
-        element.setCursor(16);
-        ih.backspace(event);
-        expect(event.preventDefault).toHaveBeenCalled();
-        expect(element.value).toBe('    foo\n    bar\n    baz');
-        expect(element.cursor()).toBe(12);
-      });
-
-      it('has no special behaviour with any range selection', () => {
-        const text = '  foo\n    bar\n  baz';
-        for (let start = 0; start < text.length; start += 1) {
-          for (let end = start + 1; end < text.length; end += 1) {
-            element.value = text;
-            element.setSelectionRange(start, end);
-            ih.backspace(event);
-            expect(event.preventDefault).not.toHaveBeenCalled();
-
-            // Ensure that the backspace() method doesn't change state
-            // In reality, these two statements won't hold because the browser
-            // will natively process the backspace event.
-            expect(element.value).toBe(text);
-            expect(element.selection()).toEqual([start, end]);
-          }
-        }
-      });
-    });
-  });
-});
diff --git a/spec/frontend/lib/utils/common_utils_spec.js b/spec/frontend/lib/utils/common_utils_spec.js
deleted file mode 100644
index e3d3b82d2f3..00000000000
--- a/spec/frontend/lib/utils/common_utils_spec.js
+++ /dev/null
@@ -1,180 +0,0 @@
-import * as cu from '~/lib/utils/common_utils';
-
-const CMD_ENTITY = '&#8984;';
-
-// Redefine `navigator.platform` because it's unsettable by default in JSDOM.
-let platform;
-Object.defineProperty(navigator, 'platform', {
-  configurable: true,
-  get: () => platform,
-  set: val => {
-    platform = val;
-  },
-});
-
-describe('common_utils', () => {
-  describe('platform leader key helpers', () => {
-    const CTRL_EVENT = { ctrlKey: true };
-    const META_EVENT = { metaKey: true };
-    const BOTH_EVENT = { ctrlKey: true, metaKey: true };
-
-    it('should return "ctrl" if navigator.platform is unset', () => {
-      expect(cu.getPlatformLeaderKey()).toBe('ctrl');
-      expect(cu.getPlatformLeaderKeyHTML()).toBe('Ctrl');
-      expect(cu.isPlatformLeaderKey(CTRL_EVENT)).toBe(true);
-      expect(cu.isPlatformLeaderKey(META_EVENT)).toBe(false);
-      expect(cu.isPlatformLeaderKey(BOTH_EVENT)).toBe(true);
-    });
-
-    it('should return "meta" on MacOS', () => {
-      navigator.platform = 'MacIntel';
-      expect(cu.getPlatformLeaderKey()).toBe('meta');
-      expect(cu.getPlatformLeaderKeyHTML()).toBe(CMD_ENTITY);
-      expect(cu.isPlatformLeaderKey(CTRL_EVENT)).toBe(false);
-      expect(cu.isPlatformLeaderKey(META_EVENT)).toBe(true);
-      expect(cu.isPlatformLeaderKey(BOTH_EVENT)).toBe(true);
-    });
-
-    it('should return "ctrl" on Linux', () => {
-      navigator.platform = 'Linux is great';
-      expect(cu.getPlatformLeaderKey()).toBe('ctrl');
-      expect(cu.getPlatformLeaderKeyHTML()).toBe('Ctrl');
-      expect(cu.isPlatformLeaderKey(CTRL_EVENT)).toBe(true);
-      expect(cu.isPlatformLeaderKey(META_EVENT)).toBe(false);
-      expect(cu.isPlatformLeaderKey(BOTH_EVENT)).toBe(true);
-    });
-
-    it('should return "ctrl" on Windows', () => {
-      navigator.platform = 'Win32';
-      expect(cu.getPlatformLeaderKey()).toBe('ctrl');
-      expect(cu.getPlatformLeaderKeyHTML()).toBe('Ctrl');
-      expect(cu.isPlatformLeaderKey(CTRL_EVENT)).toBe(true);
-      expect(cu.isPlatformLeaderKey(META_EVENT)).toBe(false);
-      expect(cu.isPlatformLeaderKey(BOTH_EVENT)).toBe(true);
-    });
-  });
-
-  describe('keystroke', () => {
-    const CODE_BACKSPACE = 8;
-    const CODE_TAB = 9;
-    const CODE_ENTER = 13;
-    const CODE_SPACE = 32;
-    const CODE_4 = 52;
-    const CODE_F = 70;
-    const CODE_Z = 90;
-
-    // Helper function that quickly creates KeyboardEvents
-    const k = (code, modifiers = '') => ({
-      keyCode: code,
-      which: code,
-      altKey: modifiers.includes('a'),
-      ctrlKey: modifiers.includes('c'),
-      metaKey: modifiers.includes('m'),
-      shiftKey: modifiers.includes('s'),
-    });
-
-    const EV_F = k(CODE_F);
-    const EV_ALT_F = k(CODE_F, 'a');
-    const EV_CONTROL_F = k(CODE_F, 'c');
-    const EV_META_F = k(CODE_F, 'm');
-    const EV_SHIFT_F = k(CODE_F, 's');
-    const EV_CONTROL_SHIFT_F = k(CODE_F, 'cs');
-    const EV_ALL_F = k(CODE_F, 'scma');
-    const EV_ENTER = k(CODE_ENTER);
-    const EV_TAB = k(CODE_TAB);
-    const EV_SPACE = k(CODE_SPACE);
-    const EV_BACKSPACE = k(CODE_BACKSPACE);
-    const EV_4 = k(CODE_4);
-    const EV_$ = k(CODE_4, 's');
-
-    const { keystroke } = cu;
-
-    it('short-circuits with bad arguments', () => {
-      expect(keystroke()).toBe(false);
-      expect(keystroke({})).toBe(false);
-    });
-
-    it('handles keystrokes using key codes', () => {
-      // Test a letter key with modifiers
-      expect(keystroke(EV_F, CODE_F)).toBe(true);
-      expect(keystroke(EV_F, CODE_F, '')).toBe(true);
-      expect(keystroke(EV_ALT_F, CODE_F, 'a')).toBe(true);
-      expect(keystroke(EV_CONTROL_F, CODE_F, 'c')).toBe(true);
-      expect(keystroke(EV_META_F, CODE_F, 'm')).toBe(true);
-      expect(keystroke(EV_SHIFT_F, CODE_F, 's')).toBe(true);
-      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 'cs')).toBe(true);
-      expect(keystroke(EV_ALL_F, CODE_F, 'acms')).toBe(true);
-
-      // Test non-letter keys
-      expect(keystroke(EV_TAB, CODE_TAB)).toBe(true);
-      expect(keystroke(EV_ENTER, CODE_ENTER)).toBe(true);
-      expect(keystroke(EV_SPACE, CODE_SPACE)).toBe(true);
-      expect(keystroke(EV_BACKSPACE, CODE_BACKSPACE)).toBe(true);
-
-      // Test a number/symbol key
-      expect(keystroke(EV_4, CODE_4)).toBe(true);
-      expect(keystroke(EV_$, CODE_4, 's')).toBe(true);
-
-      // Test wrong input
-      expect(keystroke(EV_F, CODE_Z)).toBe(false);
-      expect(keystroke(EV_SHIFT_F, CODE_F)).toBe(false);
-      expect(keystroke(EV_SHIFT_F, CODE_F, 'c')).toBe(false);
-    });
-
-    it('is case-insensitive', () => {
-      expect(keystroke(EV_ALL_F, CODE_F, 'ACMS')).toBe(true);
-    });
-
-    it('handles bogus inputs', () => {
-      expect(keystroke(EV_F, 'not a keystroke')).toBe(false);
-      expect(keystroke(EV_F, null)).toBe(false);
-    });
-
-    it('handles exact modifier keys, in any order', () => {
-      // Test permutations of modifiers
-      expect(keystroke(EV_ALL_F, CODE_F, 'acms')).toBe(true);
-      expect(keystroke(EV_ALL_F, CODE_F, 'smca')).toBe(true);
-      expect(keystroke(EV_ALL_F, CODE_F, 'csma')).toBe(true);
-      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 'cs')).toBe(true);
-      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 'sc')).toBe(true);
-
-      // Test wrong modifiers
-      expect(keystroke(EV_ALL_F, CODE_F, 'smca')).toBe(true);
-      expect(keystroke(EV_ALL_F, CODE_F)).toBe(false);
-      expect(keystroke(EV_ALL_F, CODE_F, '')).toBe(false);
-      expect(keystroke(EV_ALL_F, CODE_F, 'c')).toBe(false);
-      expect(keystroke(EV_ALL_F, CODE_F, 'ca')).toBe(false);
-      expect(keystroke(EV_ALL_F, CODE_F, 'ms')).toBe(false);
-      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 'cs')).toBe(true);
-      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 'c')).toBe(false);
-      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 's')).toBe(false);
-      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 'csa')).toBe(false);
-      expect(keystroke(EV_CONTROL_SHIFT_F, CODE_F, 'm')).toBe(false);
-      expect(keystroke(EV_SHIFT_F, CODE_F, 's')).toBe(true);
-      expect(keystroke(EV_SHIFT_F, CODE_F, 'c')).toBe(false);
-      expect(keystroke(EV_SHIFT_F, CODE_F, 'csm')).toBe(false);
-    });
-
-    it('handles the platform-dependent leader key', () => {
-      navigator.platform = 'Win32';
-      let EV_UNDO = k(CODE_Z, 'c');
-      let EV_REDO = k(CODE_Z, 'cs');
-      expect(keystroke(EV_UNDO, CODE_Z, 'l')).toBe(true);
-      expect(keystroke(EV_UNDO, CODE_Z, 'c')).toBe(true);
-      expect(keystroke(EV_UNDO, CODE_Z, 'm')).toBe(false);
-      expect(keystroke(EV_REDO, CODE_Z, 'sl')).toBe(true);
-      expect(keystroke(EV_REDO, CODE_Z, 'sc')).toBe(true);
-      expect(keystroke(EV_REDO, CODE_Z, 'sm')).toBe(false);
-
-      navigator.platform = 'MacIntel';
-      EV_UNDO = k(CODE_Z, 'm');
-      EV_REDO = k(CODE_Z, 'ms');
-      expect(keystroke(EV_UNDO, CODE_Z, 'l')).toBe(true);
-      expect(keystroke(EV_UNDO, CODE_Z, 'c')).toBe(false);
-      expect(keystroke(EV_UNDO, CODE_Z, 'm')).toBe(true);
-      expect(keystroke(EV_REDO, CODE_Z, 'sl')).toBe(true);
-      expect(keystroke(EV_REDO, CODE_Z, 'sc')).toBe(false);
-      expect(keystroke(EV_REDO, CODE_Z, 'sm')).toBe(true);
-    });
-  });
-});
diff --git a/spec/frontend/lib/utils/undo_stack_spec.js b/spec/frontend/lib/utils/undo_stack_spec.js
deleted file mode 100644
index 31ad0e77d6f..00000000000
--- a/spec/frontend/lib/utils/undo_stack_spec.js
+++ /dev/null
@@ -1,237 +0,0 @@
-import UndoStack from '~/lib/utils/undo_stack';
-
-import { isEqual } from 'underscore';
-
-describe('UndoStack', () => {
-  let stack;
-
-  beforeEach(() => {
-    stack = new UndoStack();
-  });
-
-  afterEach(() => {
-    // Make sure there's not pending saves
-    const history = Array.from(stack.history);
-    jest.runAllTimers();
-    expect(stack.history).toEqual(history);
-  });
-
-  it('is blank on construction', () => {
-    expect(stack.isEmpty()).toBe(true);
-    expect(stack.history).toEqual([]);
-    expect(stack.cursor).toBe(-1);
-    expect(stack.canUndo()).toBe(false);
-    expect(stack.canRedo()).toBe(false);
-  });
-
-  it('handles simple undo/redo behaviour', () => {
-    stack.save(10);
-    stack.save(11);
-    stack.save(12);
-
-    expect(stack.history).toEqual([10, 11, 12]);
-    expect(stack.cursor).toBe(2);
-    expect(stack.current()).toBe(12);
-    expect(stack.isEmpty()).toBe(false);
-    expect(stack.canUndo()).toBe(true);
-    expect(stack.canRedo()).toBe(false);
-
-    stack.undo();
-    expect(stack.history).toEqual([10, 11, 12]);
-    expect(stack.current()).toBe(11);
-    expect(stack.canUndo()).toBe(true);
-    expect(stack.canRedo()).toBe(true);
-
-    stack.undo();
-    expect(stack.current()).toBe(10);
-    expect(stack.canUndo()).toBe(false);
-    expect(stack.canRedo()).toBe(true);
-
-    stack.redo();
-    expect(stack.current()).toBe(11);
-
-    stack.redo();
-    expect(stack.current()).toBe(12);
-    expect(stack.isEmpty()).toBe(false);
-    expect(stack.canUndo()).toBe(true);
-    expect(stack.canRedo()).toBe(false);
-
-    // Saving should clear the redo stack
-    stack.undo();
-    stack.save(13);
-    expect(stack.history).toEqual([10, 11, 13]);
-    expect(stack.current()).toBe(13);
-  });
-
-  it('clear() should clear the undo history', () => {
-    stack.save(0);
-    stack.save(1);
-    stack.save(2);
-    stack.clear();
-    expect(stack.history).toEqual([]);
-    expect(stack.current()).toBeUndefined();
-  });
-
-  it('undo and redo are no-ops if unavailable', () => {
-    stack.save(10);
-    expect(stack.canRedo()).toBe(false);
-    expect(stack.canUndo()).toBe(false);
-
-    stack.save(11);
-    expect(stack.canRedo()).toBe(false);
-    expect(stack.canUndo()).toBe(true);
-
-    expect(stack.redo()).toBeUndefined();
-    expect(stack.history).toEqual([10, 11]);
-    expect(stack.current()).toBe(11);
-    expect(stack.canRedo()).toBe(false);
-    expect(stack.canUndo()).toBe(true);
-
-    expect(stack.undo()).toBe(10);
-    expect(stack.undo()).toBeUndefined();
-    expect(stack.history).toEqual([10, 11]);
-    expect(stack.current()).toBe(10);
-    expect(stack.canRedo()).toBe(true);
-    expect(stack.canUndo()).toBe(false);
-  });
-
-  it('should not save a duplicate state', () => {
-    stack.save(10);
-    stack.save(11);
-    stack.save(11);
-    stack.save(10);
-    stack.save(10);
-
-    expect(stack.history).toEqual([10, 11, 10]);
-  });
-
-  it('uses the === operator to detect duplicates', () => {
-    stack.save(10);
-    stack.save(10);
-    expect(stack.history).toEqual([10]);
-
-    // eslint-disable-next-line eqeqeq
-    expect(2 == '2' && '2' == 2).toBe(true);
-    stack.clear();
-    stack.save(2);
-    stack.save(2);
-    stack.save('2');
-    stack.save('2');
-    stack.save(2);
-    expect(stack.history).toEqual([2, '2', 2]);
-
-    const obj = {};
-    stack.clear();
-    stack.save(obj);
-    stack.save(obj);
-    stack.save({});
-    stack.save({});
-    expect(stack.history).toEqual([{}, {}, {}]);
-  });
-
-  it('should allow custom comparators', () => {
-    stack.comparator = isEqual;
-    const obj = {};
-    stack.clear();
-    stack.save(obj);
-    stack.save(obj);
-    stack.save({});
-    stack.save({});
-    expect(stack.history).toEqual([{}]);
-  });
-
-  it('should enforce a max number of undo states', () => {
-    // Try 2000 saves. Only the last 1000 should be preserved.
-    const sequence = Array(2000)
-      .fill(0)
-      .map((el, i) => i);
-    sequence.forEach(stack.save.bind(stack));
-    expect(stack.history.length).toBe(1000);
-    expect(stack.history).toEqual(sequence.slice(1000));
-    expect(stack.current()).toBe(1999);
-    expect(stack.canUndo()).toBe(true);
-    expect(stack.canRedo()).toBe(false);
-
-    // Saving drops the oldest elements from the stack
-    stack.save('end');
-    expect(stack.history.length).toBe(1000);
-    expect(stack.current()).toBe('end');
-    expect(stack.history).toEqual([...sequence.slice(1001), 'end']);
-
-    // If states were undone but the history is full, can still add.
-    stack.undo();
-    stack.undo();
-    expect(stack.current()).toBe(1998);
-    stack.save(3000);
-    expect(stack.history.length).toBe(999);
-    // should be [1001, 1002, ..., 1998, 3000]
-    expect(stack.history).toEqual([...sequence.slice(1001, 1999), 3000]);
-
-    // Try a different max length
-    stack = new UndoStack(2);
-    stack.save(0);
-    expect(stack.history).toEqual([0]);
-    stack.save(1);
-    expect(stack.history).toEqual([0, 1]);
-    stack.save(2);
-    expect(stack.history).toEqual([1, 2]);
-  });
-
-  describe('scheduled saves', () => {
-    it('should work', () => {
-      // Schedules 1000 ms ahead by default
-      stack.save(0);
-      stack.scheduleSave(1);
-      expect(stack.history).toEqual([0]);
-      jest.advanceTimersByTime(999);
-      expect(stack.history).toEqual([0]);
-      jest.advanceTimersByTime(1);
-      expect(stack.history).toEqual([0, 1]);
-    });
-
-    it('should have an adjustable delay', () => {
-      stack.scheduleSave(2, 100);
-      jest.advanceTimersByTime(100);
-      expect(stack.history).toEqual([2]);
-    });
-
-    it('should cancel previous scheduled saves', () => {
-      stack.scheduleSave(3);
-      jest.advanceTimersByTime(100);
-      stack.scheduleSave(4);
-      jest.runAllTimers();
-      expect(stack.history).toEqual([4]);
-    });
-
-    it('should be canceled by explicit saves', () => {
-      stack.scheduleSave(5);
-      stack.save(6);
-      jest.runAllTimers();
-      expect(stack.history).toEqual([6]);
-    });
-
-    it('should be canceled by undos and redos', () => {
-      stack.save(1);
-      stack.save(2);
-      stack.scheduleSave(3);
-      stack.undo();
-      jest.runAllTimers();
-      expect(stack.history).toEqual([1, 2]);
-      expect(stack.current()).toBe(1);
-
-      stack.scheduleSave(4);
-      stack.redo();
-      jest.runAllTimers();
-      expect(stack.history).toEqual([1, 2]);
-      expect(stack.current()).toBe(2);
-    });
-
-    it('should be persisted immediately with saveNow()', () => {
-      stack.scheduleSave(7);
-      stack.scheduleSave(8);
-      stack.saveNow();
-      jest.runAllTimers();
-      expect(stack.history).toEqual([8]);
-    });
-  });
-});
diff --git a/yarn.lock b/yarn.lock
index 6643b011dab..22145f5a5af 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -8371,7 +8371,7 @@ monaco-editor@^0.15.6:
   resolved "https://registry.yarnpkg.com/monaco-editor/-/monaco-editor-0.15.6.tgz#d63b3b06f86f803464f003b252627c3eb4a09483"
   integrity sha512-JoU9V9k6KqT9R9Tiw1RTU8ohZ+Xnf9DMg6Ktqqw5hILumwmq7xqa/KLXw513uTUsWbhtnHoSJYYR++u3pkyxJg==
 
-mousetrap@1.4.6:
+mousetrap@^1.4.6:
   version "1.4.6"
   resolved "https://registry.yarnpkg.com/mousetrap/-/mousetrap-1.4.6.tgz#eaca72e22e56d5b769b7555873b688c3332e390a"
   integrity sha1-6spy4i5W1bdpt1VYc7aIwzMuOQo=
-- 
cgit v1.2.1


From f519a4b72f81a1e3c81e5e684d236bbe30e0dd2d Mon Sep 17 00:00:00 2001
From: Valery Sizov <valery@gitlab.com>
Date: Thu, 1 Aug 2019 15:03:08 +0300
Subject: Backport of
 https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/3809

Introducing Docker Registry replication
---
 app/models/container_repository.rb                          |  6 +++++-
 .../auth/container_registry_authentication_service.rb       | 10 +++++++++-
 config/gitlab.yml.example                                   |  5 +++++
 config/initializers/0_inflections.rb                        |  1 +
 config/initializers/1_settings.rb                           |  9 +++++++++
 .../20190612111404_add_geo_container_sync_capacity.rb       | 13 +++++++++++++
 db/schema.rb                                                |  1 +
 spec/factories/container_repositories.rb                    |  2 +-
 .../auth/container_registry_authentication_service_spec.rb  | 13 +++++++++++++
 9 files changed, 57 insertions(+), 3 deletions(-)
 create mode 100644 db/migrate/20190612111404_add_geo_container_sync_capacity.rb

diff --git a/app/models/container_repository.rb b/app/models/container_repository.rb
index facd81dde80..2a5ae7930e6 100644
--- a/app/models/container_repository.rb
+++ b/app/models/container_repository.rb
@@ -70,10 +70,14 @@ class ContainerRepository < ApplicationRecord
     digests = tags.map { |tag| tag.digest }.to_set
 
     digests.all? do |digest|
-      client.delete_repository_tag(self.path, digest)
+      delete_tag_by_digest(digest)
     end
   end
 
+  def delete_tag_by_digest(digest)
+    client.delete_repository_tag(self.path, digest)
+  end
+
   def self.build_from_path(path)
     self.new(project: path.repository_project,
              name: path.repository_name)
diff --git a/app/services/auth/container_registry_authentication_service.rb b/app/services/auth/container_registry_authentication_service.rb
index 707caee482c..0a069320936 100644
--- a/app/services/auth/container_registry_authentication_service.rb
+++ b/app/services/auth/container_registry_authentication_service.rb
@@ -17,6 +17,14 @@ module Auth
     end
 
     def self.full_access_token(*names)
+      access_token(%w(*), names)
+    end
+
+    def self.pull_access_token(*names)
+      access_token(['pull'], names)
+    end
+
+    def self.access_token(actions, names)
       names = names.flatten
       registry = Gitlab.config.registry
       token = JSONWebToken::RSAToken.new(registry.key)
@@ -25,7 +33,7 @@ module Auth
       token.expire_time = token_expire_at
 
       token[:access] = names.map do |name|
-        { type: 'repository', name: name, actions: %w(*) }
+        { type: 'repository', name: name, actions: actions }
       end
 
       token.encoded
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index dd53127ac2c..39b719a5978 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -427,6 +427,11 @@ production: &base
     # If it is blank, it defaults to external_url.
     node_name: ''
 
+    registry_replication:
+      # enabled: true
+      # primary_api_url: http://localhost:5000/ # internal address to the primary registry, will be used by GitLab to directly communicate with primary registry API
+
+
   #
   # 2. GitLab CI settings
   # ==========================
diff --git a/config/initializers/0_inflections.rb b/config/initializers/0_inflections.rb
index 4d1f4917275..d317825c1b8 100644
--- a/config/initializers/0_inflections.rb
+++ b/config/initializers/0_inflections.rb
@@ -19,6 +19,7 @@ ActiveSupport::Inflector.inflections do |inflect|
     project_registry
     file_registry
     job_artifact_registry
+    container_repository_registry
     vulnerability_feedback
     vulnerabilities_feedback
     group_view
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 32fec7c3d22..659801f787d 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -296,6 +296,12 @@ Gitlab.ee do
   Settings['geo'] ||= Settingslogic.new({})
   # For backwards compatibility, default to gitlab_url and if so, ensure it ends with "/"
   Settings.geo['node_name'] = Settings.geo['node_name'].presence || Settings.gitlab['url'].chomp('/').concat('/')
+
+  #
+  # Registry replication
+  #
+  Settings.geo['registry_replication'] ||= Settingslogic.new({})
+  Settings.geo.registry_replication['enabled'] ||= false
 end
 
 #
@@ -473,6 +479,9 @@ Gitlab.ee do
   Settings.cron_jobs['geo_repository_verification_secondary_scheduler_worker'] ||= Settingslogic.new({})
   Settings.cron_jobs['geo_repository_verification_secondary_scheduler_worker']['cron'] ||= '*/1 * * * *'
   Settings.cron_jobs['geo_repository_verification_secondary_scheduler_worker']['job_class'] ||= 'Geo::RepositoryVerification::Secondary::SchedulerWorker'
+  Settings.cron_jobs['geo_container_repository_sync_worker'] ||= Settingslogic.new({})
+  Settings.cron_jobs['geo_container_repository_sync_worker']['cron'] ||= '*/1 * * * *'
+  Settings.cron_jobs['geo_container_repository_sync_worker']['job_class'] ||= 'Geo::ContainerRepositorySyncDispatchWorker'
   Settings.cron_jobs['historical_data_worker'] ||= Settingslogic.new({})
   Settings.cron_jobs['historical_data_worker']['cron'] ||= '0 12 * * *'
   Settings.cron_jobs['historical_data_worker']['job_class'] = 'HistoricalDataWorker'
diff --git a/db/migrate/20190612111404_add_geo_container_sync_capacity.rb b/db/migrate/20190612111404_add_geo_container_sync_capacity.rb
new file mode 100644
index 00000000000..d4cd569f460
--- /dev/null
+++ b/db/migrate/20190612111404_add_geo_container_sync_capacity.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class AddGeoContainerSyncCapacity < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def change
+    change_table :geo_nodes do |t|
+      t.column :container_repositories_max_capacity, :integer, default: 10, null: false
+    end
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 6f5fc6c65eb..804f77b91de 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1435,6 +1435,7 @@ ActiveRecord::Schema.define(version: 2019_07_29_090456) do
     t.integer "minimum_reverification_interval", default: 7, null: false
     t.string "internal_url"
     t.string "name", null: false
+    t.integer "container_repositories_max_capacity", default: 10, null: false
     t.index ["access_key"], name: "index_geo_nodes_on_access_key"
     t.index ["name"], name: "index_geo_nodes_on_name", unique: true
     t.index ["primary"], name: "index_geo_nodes_on_primary"
diff --git a/spec/factories/container_repositories.rb b/spec/factories/container_repositories.rb
index a9771200d6e..0b756220d68 100644
--- a/spec/factories/container_repositories.rb
+++ b/spec/factories/container_repositories.rb
@@ -2,7 +2,7 @@
 
 FactoryBot.define do
   factory :container_repository do
-    name 'test_image'
+    sequence(:name) { |n| "test_image_#{n}" }
     project
 
     transient do
diff --git a/spec/services/auth/container_registry_authentication_service_spec.rb b/spec/services/auth/container_registry_authentication_service_spec.rb
index 4f4776bbb27..3ca389ba25b 100644
--- a/spec/services/auth/container_registry_authentication_service_spec.rb
+++ b/spec/services/auth/container_registry_authentication_service_spec.rb
@@ -145,6 +145,19 @@ describe Auth::ContainerRegistryAuthenticationService do
     it_behaves_like 'not a container repository factory'
   end
 
+  describe '#pull_access_token' do
+    let(:project) { create(:project) }
+    let(:token) { described_class.pull_access_token(project.full_path) }
+
+    subject { { token: token } }
+
+    it_behaves_like 'an accessible' do
+      let(:actions) { ['pull'] }
+    end
+
+    it_behaves_like 'not a container repository factory'
+  end
+
   context 'user authorization' do
     let(:current_user) { create(:user) }
 
-- 
cgit v1.2.1


From d7e13579834f34a345081d1c62c97e37b7776406 Mon Sep 17 00:00:00 2001
From: Patrick Bajao <ebajao@gitlab.com>
Date: Wed, 3 Jul 2019 13:01:05 +0800
Subject: Add commit_id to draft_notes table

CE port of https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/14520
---
 db/migrate/20190703043358_add_commit_id_to_draft_notes.rb | 11 +++++++++++
 db/schema.rb                                              |  1 +
 spec/db/schema_spec.rb                                    |  2 +-
 3 files changed, 13 insertions(+), 1 deletion(-)
 create mode 100644 db/migrate/20190703043358_add_commit_id_to_draft_notes.rb

diff --git a/db/migrate/20190703043358_add_commit_id_to_draft_notes.rb b/db/migrate/20190703043358_add_commit_id_to_draft_notes.rb
new file mode 100644
index 00000000000..022400ce585
--- /dev/null
+++ b/db/migrate/20190703043358_add_commit_id_to_draft_notes.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class AddCommitIdToDraftNotes < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def change
+    add_column :draft_notes, :commit_id, :binary
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 3d229c2353b..709f9ce2541 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1136,6 +1136,7 @@ ActiveRecord::Schema.define(version: 2019_07_31_084415) do
     t.text "position"
     t.text "original_position"
     t.text "change_position"
+    t.binary "commit_id"
     t.index ["author_id"], name: "index_draft_notes_on_author_id"
     t.index ["discussion_id"], name: "index_draft_notes_on_discussion_id"
     t.index ["merge_request_id"], name: "index_draft_notes_on_merge_request_id"
diff --git a/spec/db/schema_spec.rb b/spec/db/schema_spec.rb
index 13fad1b6dc9..232890b1bba 100644
--- a/spec/db/schema_spec.rb
+++ b/spec/db/schema_spec.rb
@@ -27,7 +27,7 @@ describe 'Database schema' do
     cluster_providers_gcp: %w[gcp_project_id operation_id],
     deploy_keys_projects: %w[deploy_key_id],
     deployments: %w[deployable_id environment_id user_id],
-    draft_notes: %w[discussion_id],
+    draft_notes: %w[discussion_id commit_id],
     emails: %w[user_id],
     events: %w[target_id],
     epics: %w[updated_by_id last_edited_by_id start_date_sourcing_milestone_id due_date_sourcing_milestone_id],
-- 
cgit v1.2.1


From 70626f324b53b0fc010cbbefcae7095201bf0f82 Mon Sep 17 00:00:00 2001
From: Patrick Bajao <ebajao@gitlab.com>
Date: Thu, 18 Jul 2019 20:09:35 +0800
Subject: Make diff_refs_match_commit validation reusable

Move it to DiffPositionableNote concern which will be re-used
in EE in DraftNote model.
---
 app/models/concerns/diff_positionable_note.rb      |  8 ++++
 app/models/diff_note.rb                            |  7 ---
 spec/models/diff_note_spec.rb                      |  4 ++
 .../diff_positionable_note_shared_examples.rb      | 52 ++++++++++++++++++++++
 4 files changed, 64 insertions(+), 7 deletions(-)
 create mode 100644 spec/support/shared_examples/models/diff_positionable_note_shared_examples.rb

diff --git a/app/models/concerns/diff_positionable_note.rb b/app/models/concerns/diff_positionable_note.rb
index 2d09eff0111..195d9e107c5 100644
--- a/app/models/concerns/diff_positionable_note.rb
+++ b/app/models/concerns/diff_positionable_note.rb
@@ -10,6 +10,8 @@ module DiffPositionableNote
     serialize :original_position, Gitlab::Diff::Position # rubocop:disable Cop/ActiveRecordSerialize
     serialize :position, Gitlab::Diff::Position # rubocop:disable Cop/ActiveRecordSerialize
     serialize :change_position, Gitlab::Diff::Position # rubocop:disable Cop/ActiveRecordSerialize
+
+    validate :diff_refs_match_commit, if: :for_commit?
   end
 
   %i(original_position position change_position).each do |meth|
@@ -71,4 +73,10 @@ module DiffPositionableNote
       self.position = result[:position]
     end
   end
+
+  def diff_refs_match_commit
+    return if self.original_position.diff_refs == commit&.diff_refs
+
+    errors.add(:commit_id, 'does not match the diff refs')
+  end
 end
diff --git a/app/models/diff_note.rb b/app/models/diff_note.rb
index f75c32633b1..861185dc222 100644
--- a/app/models/diff_note.rb
+++ b/app/models/diff_note.rb
@@ -20,7 +20,6 @@ class DiffNote < Note
   validates :noteable_type, inclusion: { in: -> (_note) { noteable_types } }
   validate :positions_complete
   validate :verify_supported
-  validate :diff_refs_match_commit, if: :for_commit?
 
   before_validation :set_line_code, if: :on_text?
   after_save :keep_around_commits
@@ -154,12 +153,6 @@ class DiffNote < Note
     errors.add(:position, "is invalid")
   end
 
-  def diff_refs_match_commit
-    return if self.original_position.diff_refs == self.commit.diff_refs
-
-    errors.add(:commit_id, 'does not match the diff refs')
-  end
-
   def keep_around_commits
     shas = [
       self.original_position.base_sha,
diff --git a/spec/models/diff_note_spec.rb b/spec/models/diff_note_spec.rb
index d9e1fe4b165..8d7dafc523d 100644
--- a/spec/models/diff_note_spec.rb
+++ b/spec/models/diff_note_spec.rb
@@ -34,6 +34,10 @@ describe DiffNote do
 
   subject { create(:diff_note_on_merge_request, project: project, position: position, noteable: merge_request) }
 
+  describe 'validations' do
+    it_behaves_like 'a valid diff positionable note', :diff_note_on_commit
+  end
+
   describe "#position=" do
     context "when provided a string" do
       it "sets the position" do
diff --git a/spec/support/shared_examples/models/diff_positionable_note_shared_examples.rb b/spec/support/shared_examples/models/diff_positionable_note_shared_examples.rb
new file mode 100644
index 00000000000..8b298c5c974
--- /dev/null
+++ b/spec/support/shared_examples/models/diff_positionable_note_shared_examples.rb
@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+shared_examples_for 'a valid diff positionable note' do |factory_on_commit|
+  context 'for commit' do
+    let(:project) { create(:project, :repository) }
+    let(:commit) { project.commit(sample_commit.id) }
+    let(:commit_id) { commit.id }
+    let(:diff_refs) { commit.diff_refs }
+
+    let(:position) do
+      Gitlab::Diff::Position.new(
+        old_path: "files/ruby/popen.rb",
+        new_path: "files/ruby/popen.rb",
+        old_line: nil,
+        new_line: 14,
+        diff_refs: diff_refs
+      )
+    end
+
+    subject { build(factory_on_commit, commit_id: commit_id, position: position) }
+
+    context 'position diff refs matches commit diff refs' do
+      it 'is valid' do
+        expect(subject).to be_valid
+        expect(subject.errors).not_to have_key(:commit_id)
+      end
+    end
+
+    context 'position diff refs does not match commit diff refs' do
+      let(:diff_refs) do
+        Gitlab::Diff::DiffRefs.new(
+          base_sha: "not_existing_sha",
+          head_sha: "existing_sha"
+        )
+      end
+
+      it 'is invalid' do
+        expect(subject).to be_invalid
+        expect(subject.errors).to have_key(:commit_id)
+      end
+    end
+
+    context 'commit does not exist' do
+      let(:commit_id) { 'non-existing' }
+
+      it 'is invalid' do
+        expect(subject).to be_invalid
+        expect(subject.errors).to have_key(:commit_id)
+      end
+    end
+  end
+end
-- 
cgit v1.2.1


From d90865a9607a8fed4ebc9669aad6f0cf939720b5 Mon Sep 17 00:00:00 2001
From: jboyson1 <jboyson@gitlab.com>
Date: Thu, 1 Aug 2019 14:54:26 -0500
Subject: Backport from EE

---
 spec/javascripts/diffs/mock_data/diff_file.js | 2 ++
 spec/javascripts/notes/mock_data.js           | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/spec/javascripts/diffs/mock_data/diff_file.js b/spec/javascripts/diffs/mock_data/diff_file.js
index 27428197c1c..531686efff1 100644
--- a/spec/javascripts/diffs/mock_data/diff_file.js
+++ b/spec/javascripts/diffs/mock_data/diff_file.js
@@ -1,3 +1,5 @@
+// Copied to ee/spec/frontend/diffs/mock_data/diff_file.js
+
 export default {
   submodule: false,
   submodule_link: null,
diff --git a/spec/javascripts/notes/mock_data.js b/spec/javascripts/notes/mock_data.js
index 1df5cf9ef68..5f81a168498 100644
--- a/spec/javascripts/notes/mock_data.js
+++ b/spec/javascripts/notes/mock_data.js
@@ -1,3 +1,5 @@
+// Copied to ee/spec/frontend/notes/mock_data.js
+
 export const notesDataMock = {
   discussionsPath: '/gitlab-org/gitlab-ce/issues/26/discussions.json',
   lastFetchedAt: 1501862675,
-- 
cgit v1.2.1


From 3b1da9be250560c9a2e4ca69c6fa89e8b36f01e1 Mon Sep 17 00:00:00 2001
From: Heinrich Lee Yu <heinrich@gitlab.com>
Date: Thu, 1 Aug 2019 02:53:33 +0800
Subject: Fix inline rendering of SVGs from current repo

Changes generated URL to raw instead of blob
---
 .../17276-breakage-in-displaying-svg-in-the-same-repository.yml      | 5 +++++
 lib/gitlab/blob_helper.rb                                            | 2 +-
 spec/models/commit_spec.rb                                           | 1 +
 3 files changed, 7 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/17276-breakage-in-displaying-svg-in-the-same-repository.yml

diff --git a/changelogs/unreleased/17276-breakage-in-displaying-svg-in-the-same-repository.yml b/changelogs/unreleased/17276-breakage-in-displaying-svg-in-the-same-repository.yml
new file mode 100644
index 00000000000..93936d441e7
--- /dev/null
+++ b/changelogs/unreleased/17276-breakage-in-displaying-svg-in-the-same-repository.yml
@@ -0,0 +1,5 @@
+---
+title: Fix inline rendering of relative paths to SVGs from the current repository
+merge_request: 31352
+author:
+type: fixed
diff --git a/lib/gitlab/blob_helper.rb b/lib/gitlab/blob_helper.rb
index d3e15a79a8b..fc579ad8d2a 100644
--- a/lib/gitlab/blob_helper.rb
+++ b/lib/gitlab/blob_helper.rb
@@ -45,7 +45,7 @@ module Gitlab
     end
 
     def image?
-      ['.png', '.jpg', '.jpeg', '.gif'].include?(extname.downcase)
+      ['.png', '.jpg', '.jpeg', '.gif', '.svg'].include?(extname.downcase)
     end
 
     # Internal: Lookup mime type for extension.
diff --git a/spec/models/commit_spec.rb b/spec/models/commit_spec.rb
index e76186fb280..7b35c2ffd36 100644
--- a/spec/models/commit_spec.rb
+++ b/spec/models/commit_spec.rb
@@ -556,6 +556,7 @@ eos
     it 'returns the URI type at the given path' do
       expect(commit.uri_type('files/html')).to be(:tree)
       expect(commit.uri_type('files/images/logo-black.png')).to be(:raw)
+      expect(commit.uri_type('files/images/wm.svg')).to be(:raw)
       expect(project.commit('video').uri_type('files/videos/intro.mp4')).to be(:raw)
       expect(commit.uri_type('files/js/application.js')).to be(:blob)
     end
-- 
cgit v1.2.1


From 65f188887bdac150616050ca023bc694de9f3ed2 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Thu, 1 Aug 2019 16:07:50 -0700
Subject: Fix performance bar warnings when Rugged is disabled

`detailed_metric.vue` was attempting to read the `duration` field even
when the metric did not exist in the JSON payload. We now check for the
existence of the metrics before attempting to display the value.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/65491
---
 app/assets/javascripts/performance_bar/components/detailed_metric.vue | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/assets/javascripts/performance_bar/components/detailed_metric.vue b/app/assets/javascripts/performance_bar/components/detailed_metric.vue
index 5bc1d5e0533..73524827c5d 100644
--- a/app/assets/javascripts/performance_bar/components/detailed_metric.vue
+++ b/app/assets/javascripts/performance_bar/components/detailed_metric.vue
@@ -44,7 +44,7 @@ export default {
 </script>
 <template>
   <div
-    v-if="currentRequest.details"
+    v-if="currentRequest.details && metricDetails"
     :id="`peek-view-${metric}`"
     class="view qa-performance-bar-detailed-metric"
   >
-- 
cgit v1.2.1


From f487e108e8f9ed8adee85d64a3279af69a8c2ad5 Mon Sep 17 00:00:00 2001
From: Martin Wortschack <mwortschack@gitlab.com>
Date: Thu, 1 Aug 2019 23:15:54 +0000
Subject: Remove local echarts dependency

- Update package.json and yarn.lock
---
 package.json |  1 -
 yarn.lock    | 16 ++++++++--------
 2 files changed, 8 insertions(+), 9 deletions(-)

diff --git a/package.json b/package.json
index 056f7616cde..f0a7f3e47af 100644
--- a/package.json
+++ b/package.json
@@ -76,7 +76,6 @@
     "diff": "^3.4.0",
     "document-register-element": "1.13.1",
     "dropzone": "^4.2.0",
-    "echarts": "^4.2.0-rc.2",
     "emoji-regex": "^7.0.3",
     "emoji-unicode-version": "^0.2.1",
     "exports-loader": "^0.7.0",
diff --git a/yarn.lock b/yarn.lock
index 22145f5a5af..221ffa27f6c 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -4310,11 +4310,11 @@ ecc-jsbn@~0.1.1:
     safer-buffer "^2.1.0"
 
 echarts@^4.2.0-rc.2:
-  version "4.2.0-rc.2"
-  resolved "https://registry.yarnpkg.com/echarts/-/echarts-4.2.0-rc.2.tgz#6a98397aafa81b65cbf0bc15d9afdbfb244df91e"
-  integrity sha512-5Y4Kyi4eNsRM9Cnl7Q8C6PFVjznBJv1VIiMm/VSQ9zyqeo+ce1695GqUd9v4zfVx+Ow1gnwMJX67h0FNvarScw==
+  version "4.2.1"
+  resolved "https://registry.yarnpkg.com/echarts/-/echarts-4.2.1.tgz#9a8ea3b03354f86f824d97625c334cf16965ef03"
+  integrity sha512-pw4xScRPsLegD/cqEcoXRKeA2SD4+s+Kyo0Na166NamOWhzNl2yI5RZ2rE97tBlAopNmhyMeBVpAeD5qb+ee1A==
   dependencies:
-    zrender "4.0.5"
+    zrender "4.0.7"
 
 editions@^1.3.3:
   version "1.3.4"
@@ -13217,7 +13217,7 @@ zen-observable@^0.8.0:
   resolved "https://registry.yarnpkg.com/zen-observable/-/zen-observable-0.8.11.tgz#d3415885eeeb42ee5abb9821c95bb518fcd6d199"
   integrity sha512-N3xXQVr4L61rZvGMpWe8XoCGX8vhU35dPyQ4fm5CY/KDlG0F75un14hjbckPXTDuKUY6V0dqR2giT6xN8Y4GEQ==
 
-zrender@4.0.5:
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/zrender/-/zrender-4.0.5.tgz#6e8f738971ce2cd624aac82b2156729b1c0e5a82"
-  integrity sha512-SintgipGEJPT9Sz2ABRoE4ZD7Yzy7oR7j7KP6H+C9FlbHWnLUfGVK7E8UV27pGwlxAMB0EsnrqhXx5XjAfv/KA==
+zrender@4.0.7:
+  version "4.0.7"
+  resolved "https://registry.yarnpkg.com/zrender/-/zrender-4.0.7.tgz#15ae960822f5efed410995d37e5107fe3de10e6d"
+  integrity sha512-TNloHe0ums6zxbHfnaCryM61J4IWDajZwNq6dHk9vfWhhysO/OeFvvR0drBs/nbXha2YxSzfQj2FiCd6RVBe+Q==
-- 
cgit v1.2.1


From 0fadca7fa99a77159b57add58af5adfe1eb3fffb Mon Sep 17 00:00:00 2001
From: Lucas Charles <me@lucascharles.me>
Date: Fri, 2 Aug 2019 00:10:34 +0000
Subject: Add documentation for Security Approvals for MRs

Documents how to enable security approvals
---
 doc/user/application_security/index.md             | 32 ++++++++++++++++++++++
 .../merge_requests/merge_request_approvals.md      | 10 +++++++
 2 files changed, 42 insertions(+)

diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md
index 31f0b5a050c..4dcb416c110 100644
--- a/doc/user/application_security/index.md
+++ b/doc/user/application_security/index.md
@@ -148,6 +148,38 @@ Clicking on this button will create a merge request to apply the solution onto t
 
 ![Create merge request from vulnerability](img/create_issue_with_list_hover.png)
 
+## Security approvals in merge requests **(ULTIMATE)**
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/9928) in [GitLab Ultimate](https://about.gitlab.com/pricing) 12.2.
+
+Merge Request Approvals can be configured to require approval from a member 
+of your security team when a vulnerability would be introduced by a merge request.
+
+This threshold is defined as `high`, `critical`, or `unknown`
+severity. When any vulnerabilities are present within a merge request, an
+approval will be required from the `Vulnerability-Check` approver group.
+
+### Enabling Security Approvals within a project
+
+To enable Security Approvals, a [project approval rule](../project/merge_requests/merge_request_approvals.md#multiple-approval-rules-premium)
+must be created with the case-sensitive name `Vulnerability-Check`. This approval
+group must be set with an "Approvals required" count greater than zero.
+
+Once this group has been added to your project, the approval rule will be enabled
+for all Merge Requests.
+
+Any code changes made will cause the count of approvals required to reset.
+
+An approval will be required when a security report:
+
+- Contains a new vulnerability of `high`, `critical`, or `unknown` severity.
+- Is not generated during pipeline execution.
+
+An approval will be optional when a security report:
+
+- Contains no new vulnerabilities.
+- Contains only new vulnerabilities of `low` or `medium` severity.
+
 <!-- ## Troubleshooting
 
 Include any troubleshooting steps that you can foresee. If you know beforehand what issues
diff --git a/doc/user/project/merge_requests/merge_request_approvals.md b/doc/user/project/merge_requests/merge_request_approvals.md
index 220795d6f15..656459b3b03 100644
--- a/doc/user/project/merge_requests/merge_request_approvals.md
+++ b/doc/user/project/merge_requests/merge_request_approvals.md
@@ -331,6 +331,16 @@ the dropdown) `approver` and select the user.
 
 ![Filter MRs by an approver](img/filter_approver_merge_requests.png)
 
+## Security approvals in merge requests **(ULTIMATE)**
+
+> Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing) 12.2.
+
+Merge Request Approvals can be configured to require approval from a member
+of your security team when a vulnerability would be introduced by a merge request.
+
+For more information, see 
+[Security approvals in merge requests](../../application_security/index.md#security-approvals-in-merge-requests-ultimate).
+
 <!-- ## Troubleshooting
 
 Include any troubleshooting steps that you can foresee. If you know beforehand what issues
-- 
cgit v1.2.1


From 218d2a27e50549bb73d69b9db6ac63db807f12ad Mon Sep 17 00:00:00 2001
From: Nishad Sohoni <nishad.sohoni@cmrsurgical.com>
Date: Fri, 2 Aug 2019 02:08:34 +0000
Subject: Update global dashboard shortcuts

Needs shift keypress
---
 doc/workflow/shortcuts.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/doc/workflow/shortcuts.md b/doc/workflow/shortcuts.md
index fd67ea8ce87..d61d7eafd18 100644
--- a/doc/workflow/shortcuts.md
+++ b/doc/workflow/shortcuts.md
@@ -35,11 +35,11 @@ You can see GitLab's keyboard shortcuts by using <kbd>shift</kbd> + <kbd>?</kbd>
 
 | Keyboard Shortcut | Description |
 | ----------------- | ----------- |
-| <kbd>g</kbd> + <kbd>a</kbd> | Go to the activity feed |
-| <kbd>g</kbd> + <kbd>p</kbd> | Go to projects |
-| <kbd>g</kbd> + <kbd>i</kbd> | Go to issues |
-| <kbd>g</kbd> + <kbd>m</kbd> | Go to merge requests |
-| <kbd>g</kbd> + <kbd>t</kbd> | Go to todos |
+| <kbd>Shift</kbd> + <kbd>a</kbd> | Go to the activity feed |
+| <kbd>Shift</kbd> + <kbd>p</kbd> | Go to projects |
+| <kbd>Shift</kbd> + <kbd>i</kbd> | Go to issues |
+| <kbd>Shift</kbd> + <kbd>m</kbd> | Go to merge requests |
+| <kbd>Shift</kbd> + <kbd>t</kbd> | Go to todos |
 
 ## Project
 
-- 
cgit v1.2.1


From af166501a5bb045c5e5ec6a711778134bad4d53b Mon Sep 17 00:00:00 2001
From: Russell Dickenson <rdickenson@gitlab.com>
Date: Fri, 2 Aug 2019 02:10:29 +0000
Subject: Corrected name of Jira group

---
 doc/user/project/integrations/jira_server_configuration.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/user/project/integrations/jira_server_configuration.md b/doc/user/project/integrations/jira_server_configuration.md
index 5116cbfe9ac..1efd0ff3944 100644
--- a/doc/user/project/integrations/jira_server_configuration.md
+++ b/doc/user/project/integrations/jira_server_configuration.md
@@ -3,8 +3,8 @@
 We need to create a user in Jira which will have access to all projects that
 need to integrate with GitLab.
 
-As an example, we'll create a user named `gitlab` and add it to the `Jira-developers`
-group.
+As an example, we'll create a user named `gitlab` and add it to a new group
+named `gitlab-developers`.
 
 NOTE: **Note**
 It is important that the Jira user created for the integration is given 'write'
-- 
cgit v1.2.1


From 144268daa87ed2680db2d4c01b121598de91291c Mon Sep 17 00:00:00 2001
From: Miranda Fluharty <mfluharty@gitlab.com>
Date: Fri, 2 Aug 2019 02:25:13 +0000
Subject: Only render job sidebar block if it has content

Change sidebar's renderBlock() to return true only if
any of the block's <detail-row>s will be rendered
Change block to render only if renderBlock() returns true
---
 app/assets/javascripts/jobs/components/sidebar.vue |  9 ++++----
 .../59521-job-sidebar-has-a-blank-block.yml        |  5 +++++
 spec/javascripts/jobs/components/job_app_spec.js   | 25 ++++++++++++++++++++++
 3 files changed, 34 insertions(+), 5 deletions(-)
 create mode 100644 changelogs/unreleased/59521-job-sidebar-has-a-blank-block.yml

diff --git a/app/assets/javascripts/jobs/components/sidebar.vue b/app/assets/javascripts/jobs/components/sidebar.vue
index e9704584c9f..06477477aad 100644
--- a/app/assets/javascripts/jobs/components/sidebar.vue
+++ b/app/assets/javascripts/jobs/components/sidebar.vue
@@ -73,15 +73,14 @@ export default {
     },
     renderBlock() {
       return (
-        this.job.merge_request ||
         this.job.duration ||
-        this.job.finished_data ||
+        this.job.finished_at ||
         this.job.erased_at ||
         this.job.queued ||
+        this.hasTimeout ||
         this.job.runner ||
         this.job.coverage ||
-        this.job.tags.length ||
-        this.job.cancel_path
+        this.job.tags.length
       );
     },
     hasArtifact() {
@@ -160,7 +159,7 @@ export default {
           </gl-link>
         </div>
 
-        <div :class="{ block: renderBlock }">
+        <div v-if="renderBlock" class="block">
           <detail-row
             v-if="job.duration"
             :value="duration"
diff --git a/changelogs/unreleased/59521-job-sidebar-has-a-blank-block.yml b/changelogs/unreleased/59521-job-sidebar-has-a-blank-block.yml
new file mode 100644
index 00000000000..4c93a108f2b
--- /dev/null
+++ b/changelogs/unreleased/59521-job-sidebar-has-a-blank-block.yml
@@ -0,0 +1,5 @@
+---
+title: Remove blank block from job sidebar
+merge_request: 30754
+author:
+type: fixed
diff --git a/spec/javascripts/jobs/components/job_app_spec.js b/spec/javascripts/jobs/components/job_app_spec.js
index c58d59b4b16..40decbb5643 100644
--- a/spec/javascripts/jobs/components/job_app_spec.js
+++ b/spec/javascripts/jobs/components/job_app_spec.js
@@ -486,6 +486,31 @@ describe('Job App ', () => {
         });
       });
     });
+
+    describe('sidebar', () => {
+      it('has no blank blocks', done => {
+        mock.onGet(props.endpoint).replyOnce(
+          200,
+          Object.assign({}, job, {
+            duration: null,
+            finished_at: null,
+            erased_at: null,
+            queued: null,
+            runner: null,
+            coverage: null,
+            tags: [],
+            cancel_path: null,
+          }),
+        );
+
+        vm.$nextTick(() => {
+          vm.$el.querySelectorAll('.blocks-container > *').forEach(block => {
+            expect(block.textContent.trim()).not.toBe('');
+          });
+          done();
+        });
+      });
+    });
   });
 
   describe('archived job', () => {
-- 
cgit v1.2.1


From 7cfbeaac506b346f65f0549770f59c127ca1b6db Mon Sep 17 00:00:00 2001
From: Michael Kozono <mkozono@gmail.com>
Date: Fri, 2 Aug 2019 02:41:52 +0000
Subject: Add rate limit docs

---
 doc/api/README.md                                  |   7 ++
 doc/security/README.md                             |   2 +-
 doc/security/rack_attack.md                        |  77 ++++++++++++++++++---
 doc/security/rate_limits.md                        |  32 +++++++++
 .../settings/img/user_and_ip_rate_limits.png       | Bin 0 -> 232777 bytes
 doc/user/admin_area/settings/index.md              |   1 +
 .../admin_area/settings/user_and_ip_rate_limits.md |  32 +++++++++
 doc/user/gitlab_com/index.md                       |  73 +++++++++++++++++++
 8 files changed, 212 insertions(+), 12 deletions(-)
 create mode 100644 doc/security/rate_limits.md
 create mode 100644 doc/user/admin_area/settings/img/user_and_ip_rate_limits.png
 create mode 100644 doc/user/admin_area/settings/user_and_ip_rate_limits.md

diff --git a/doc/api/README.md b/doc/api/README.md
index 70540420544..6cd89e34921 100644
--- a/doc/api/README.md
+++ b/doc/api/README.md
@@ -695,6 +695,13 @@ The correct encoding for the query parameter would be:
 There are many unofficial GitLab API Clients for most of the popular
 programming languages. Visit the [GitLab website] for a complete list.
 
+## Rate limits
+
+For administrator documentation on rate limit settings, check out
+[Rate limits](../security/rate_limits.md). To find the settings that are
+specifically used by GitLab.com, see
+[GitLab.com-specific rate limits](../user/gitlab_com/index.md).
+
 [GitLab website]: https://about.gitlab.com/applications/#api-clients "Clients using the GitLab API"
 [lib-api-url]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/api/api.rb
 [ce-3749]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3749
diff --git a/doc/security/README.md b/doc/security/README.md
index c48d5bc2065..5d498ac7602 100644
--- a/doc/security/README.md
+++ b/doc/security/README.md
@@ -7,7 +7,7 @@ type: index
 
 - [Password length limits](password_length_limits.md)
 - [Restrict SSH key technologies and minimum length](ssh_keys_restrictions.md)
-- [Rack attack](rack_attack.md)
+- [Rate limits](rate_limits.md)
 - [Webhooks and insecure internal web services](webhooks.md)
 - [Information exclusivity](information_exclusivity.md)
 - [Reset your root password](reset_root_password.md)
diff --git a/doc/security/rack_attack.md b/doc/security/rack_attack.md
index 1e5678ec47c..c772f783f71 100644
--- a/doc/security/rack_attack.md
+++ b/doc/security/rack_attack.md
@@ -2,7 +2,9 @@
 type: reference, howto
 ---
 
-# Rack Attack
+# Rack Attack initializer
+
+## Overview
 
 [Rack Attack](https://github.com/kickstarter/rack-attack), also known as Rack::Attack, is a Ruby gem
 that is meant to protect GitLab with the ability to customize throttling and
@@ -14,19 +16,72 @@ If you find throttling is not enough to protect you against abusive clients,
 Rack Attack offers IP whitelisting, blacklisting, Fail2ban style filtering, and
 tracking.
 
-**Note:** Starting with 11.2, Rack Attack is disabled by default. To continue
-using Rack Attack, please enable it by [configuring `gitlab.rb` as described in Settings](#settings).
+For more information on how to use these options see the [Rack Attack README](https://github.com/kickstarter/rack-attack/blob/master/README.md).
+
+NOTE: **Note:** See
+[User and IP rate limits](../user/admin_area/settings/user_and_ip_rate_limits.md)
+for simpler throttles that are configured in UI.
+
+NOTE: **Note:** Starting with 11.2, Rack Attack is disabled by default. If your
+instance is not exposed to the public internet, it is recommended that you leave
+Rack Attack disabled.
+
+## Behavior
+
+If set up as described in the [Settings](#settings) section below, two behaviors
+will be enabled:
+
+- Protected paths will be throttled
+- Failed authentications for Git and container registry requests will trigger a temporary IP ban
+
+### Protected paths throttle
+
+GitLab responds with HTTP status code 429 to POST requests at protected paths
+over 10 requests per minute per IP address.
+
+By default, protected paths are:
+
+```ruby
+default['gitlab']['gitlab-rails']['rack_attack_protected_paths'] = [
+  '/users/password',
+  '/users/sign_in',
+  '/api/#{API::API.version}/session.json',
+  '/api/#{API::API.version}/session',
+  '/users',
+  '/users/confirmation',
+  '/unsubscribes/',
+  '/import/github/personal_access_token'
+]
+```
+
+This header is included in responses to blocked requests:
+
+```
+Retry-After: 60
+```
+
+For example, the following are limited to a maximum 10 requests per minute:
+
+- user sign-in
+- user sign-up (if enabled)
+- user password reset
+
+After trying for 10 times, the client will
+have to wait a minute before to be able to try again.
+
+### Git and container registry failed authentication ban
+
+GitLab responds with HTTP status code 403 for 1 hour, if 30 failed
+authentication requests were received in a 3-minute period from a single IP address.
 
-By default, user sign-in, user sign-up (if enabled), and user password reset is
-limited to 6 requests per minute. After trying for 6 times, the client will
-have to wait for the next minute to be able to try again.
+This applies only to Git requests and container registry (`/jwt/auth`) requests
+(combined).
 
-If you installed or upgraded GitLab by following the [official guides](../install/README.md),
-Rack Attack should be disabled by default. If your instance is not exposed to any incoming
-connections, it is recommended that you leave Rack Attack disabled.
+This limit is reset by requests that authenticate successfully. For example, 29
+failed authentication requests followed by 1 successful request, followed by 29
+more failed authentication requests would not trigger a ban.
 
-For more information on how to use these options check out
-[rack-attack README](https://github.com/kickstarter/rack-attack/blob/master/README.md).
+No response headers are provided.
 
 ## Settings
 
diff --git a/doc/security/rate_limits.md b/doc/security/rate_limits.md
new file mode 100644
index 00000000000..0e5bdcd9c79
--- /dev/null
+++ b/doc/security/rate_limits.md
@@ -0,0 +1,32 @@
+---
+type: reference, howto
+---
+
+# Rate limits
+
+NOTE: **Note:**
+For GitLab.com, please see
+[GitLab.com-specific rate limits](../user/gitlab_com/index.md#gitlabcom-specific-rate-limits).
+
+Rate limiting is a common technique used to improve the security and durability
+of a web application.
+
+For example, a simple script can make thousands of web requests per second.
+Whether malicious, apathetic, or just a bug, your application and infrastructure
+may not be able to cope with the load. For more details, see
+[Denial-of-service attack](https://en.wikipedia.org/wiki/Denial-of-service_attack).
+Most cases can be mitigated by limiting the rate of requests from a single IP address.
+
+Most [brute-force attacks](https://en.wikipedia.org/wiki/Brute-force_attack) are
+similarly mitigated by a rate limit.
+
+## Admin Area settings
+
+See
+[User and IP rate limits](../user/admin_area/settings/user_and_ip_rate_limits.md).
+
+## Rack Attack initializer
+
+This method of rate limiting is cumbersome, but has some advantages. It allows
+throttling of specific paths, and is also integrated into Git and container
+registry requests. See [Rack Attack initializer](rack_attack.md).
diff --git a/doc/user/admin_area/settings/img/user_and_ip_rate_limits.png b/doc/user/admin_area/settings/img/user_and_ip_rate_limits.png
new file mode 100644
index 00000000000..2bd85a2fd96
Binary files /dev/null and b/doc/user/admin_area/settings/img/user_and_ip_rate_limits.png differ
diff --git a/doc/user/admin_area/settings/index.md b/doc/user/admin_area/settings/index.md
index 5427d04cd7d..2a12614e325 100644
--- a/doc/user/admin_area/settings/index.md
+++ b/doc/user/admin_area/settings/index.md
@@ -18,6 +18,7 @@ include:
 - [Third party offers](third_party_offers.md)
 - [Usage statistics](usage_statistics.md)
 - [Visibility and access controls](visibility_and_access_controls.md)
+- [User and IP rate limits](user_and_ip_rate_limits.md)
 - [Custom templates repository](instance_template_repository.md) **(PREMIUM)**
 
 NOTE: **Note:**
diff --git a/doc/user/admin_area/settings/user_and_ip_rate_limits.md b/doc/user/admin_area/settings/user_and_ip_rate_limits.md
new file mode 100644
index 00000000000..e3a495750f2
--- /dev/null
+++ b/doc/user/admin_area/settings/user_and_ip_rate_limits.md
@@ -0,0 +1,32 @@
+---
+type: reference
+---
+
+# User and IP rate limits
+
+Rate limiting is a common technique used to improve the security and durability
+of a web application. For more details, see
+[Rate limits](../../../security/rate_limits.md).
+
+The following limits can be enforced in **Admin Area > Network > User and
+IP rate limits**:
+
+- Unauthenticated requests
+- Authenticated API requests
+- Authenticated web requests
+
+These limits are disabled by default.
+
+![user-and-ip-rate-limits](img/user_and_ip_rate_limits.png)
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
diff --git a/doc/user/gitlab_com/index.md b/doc/user/gitlab_com/index.md
index 7858c419e04..e6c27c33654 100644
--- a/doc/user/gitlab_com/index.md
+++ b/doc/user/gitlab_com/index.md
@@ -298,6 +298,79 @@ Web front-ends:
 - `memory_limit_min` = 1024MiB
 - `memory_limit_max` = 1280MiB
 
+## GitLab.com-specific rate limits
+
+NOTE: **Note:**
+See [Rate limits](../../security/rate_limits.md) for administrator
+documentation.
+
+IP blocks usually happen when GitLab.com receives unusual traffic from a single
+IP address that the system views as potentially malicious based on rate limit
+settings. After the unusual traffic ceases, the IP address will be automatically
+released depending on the type of block, as described below.
+
+If you receive a `403 Forbidden` error for all requests to GitLab.com, please
+check for any automated processes that may be triggering a block. For
+assistance, contact [GitLab Support](https://support.gitlab.com)
+with details, such as the affected IP address.
+
+### HAProxy API throttle
+
+GitLab.com responds with HTTP status code 429 to API requests over 10 requests
+per second per IP address.
+
+The following example headers are included for all API requests:
+
+```
+RateLimit-Limit: 600
+RateLimit-Observed: 6
+RateLimit-Remaining: 594
+RateLimit-Reset: 1563325137
+RateLimit-ResetTime: Wed, 17 Jul 2019 00:58:57 GMT
+```
+
+Source:
+
+- Search for `rate_limit_http_rate_per_minute` and `rate_limit_sessions_per_second` in [GitLab.com's current HAProxy settings](https://gitlab.com/gitlab-cookbooks/gitlab-haproxy/blob/master/attributes/default.rb).
+
+### Rack Attack initializer
+
+#### Protected paths throttle
+
+GitLab.com responds with HTTP status code 429 to POST requests at protected
+paths over 10 requests per **minute** per IP address.
+
+See the source below for which paths are protected. This includes user creation,
+user confirmation, user sign in, and password reset.
+
+This header is included in responses to blocked requests:
+
+```
+Retry-After: 60
+```
+
+Source:
+
+- Search for `rate_limit_requests_per_period`, `rate_limit_period`, and `rack_attack_protected_paths` in [GitLab.com's current Rails app settings](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/attributes/default.rb).
+
+#### Git and container registry failed authentication ban
+
+GitLab.com responds with HTTP status code 403 for 1 hour, if 30 failed
+authentication requests were received in a 3-minute period from a single IP address.
+
+This applies only to Git requests and container registry (`/jwt/auth`) requests
+(combined).
+
+This limit is reset by requests that authenticate successfully. For example, 29
+failed authentication requests followed by 1 successful request, followed by 29
+more failed authentication requests would not trigger a ban.
+
+No response headers are provided.
+
+### Admin Area settings
+
+GitLab.com does not currently use these settings.
+
 ## GitLab.com at scale
 
 In addition to the GitLab Enterprise Edition Omnibus install, GitLab.com uses
-- 
cgit v1.2.1


From 4fb4514422d9238816b716eb35b7ca720ccd03b8 Mon Sep 17 00:00:00 2001
From: Paul Slaughter <pslaughter@gitlab.com>
Date: Thu, 1 Aug 2019 22:53:07 -0500
Subject: Clean up job_app_spec

- Remove setTimeout calls
- Add helper function to encapsulate setup
---
 spec/javascripts/jobs/components/job_app_spec.js | 683 ++++++++++-------------
 1 file changed, 287 insertions(+), 396 deletions(-)

diff --git a/spec/javascripts/jobs/components/job_app_spec.js b/spec/javascripts/jobs/components/job_app_spec.js
index 40decbb5643..b53890f8348 100644
--- a/spec/javascripts/jobs/components/job_app_spec.js
+++ b/spec/javascripts/jobs/components/job_app_spec.js
@@ -3,7 +3,9 @@ import MockAdapter from 'axios-mock-adapter';
 import axios from '~/lib/utils/axios_utils';
 import jobApp from '~/jobs/components/job_app.vue';
 import createStore from '~/jobs/store';
+import * as types from '~/jobs/store/mutation_types';
 import { mountComponentWithStore } from 'spec/helpers/vue_mount_component_helper';
+import { waitForMutation } from 'spec/helpers/vue_test_utils_helper';
 import { resetStore } from '../store/helpers';
 import job from '../mock_data';
 
@@ -26,6 +28,16 @@ describe('Job App ', () => {
       'eyJvZmZzZXQiOjE3NDUxLCJuX29wZW5fdGFncyI6MCwiZmdfY29sb3IiOm51bGwsImJnX2NvbG9yIjpudWxsLCJzdHlsZV9tYXNrIjowfQ%3D%3D',
   };
 
+  const waitForJobReceived = () => waitForMutation(store, types.RECEIVE_JOB_SUCCESS);
+  const setupAndMount = ({ jobData = {}, traceData = {} } = {}) => {
+    mock.onGet(props.endpoint).replyOnce(200, { ...job, ...jobData });
+    mock.onGet(`${props.pagePath}/trace.json`).reply(200, traceData);
+
+    vm = mountComponentWithStore(Component, { props, store });
+
+    return waitForJobReceived();
+  };
+
   beforeEach(() => {
     mock = new MockAdapter(axios);
     store = createStore();
@@ -39,103 +51,81 @@ describe('Job App ', () => {
 
   describe('while loading', () => {
     beforeEach(() => {
-      mock.onGet(props.endpoint).reply(200, job, {});
-      mock.onGet(`${props.pagePath}/trace.json`).reply(200, {});
-      vm = mountComponentWithStore(Component, { props, store });
+      setupAndMount();
     });
 
-    it('renders loading icon', done => {
+    it('renders loading icon', () => {
       expect(vm.$el.querySelector('.js-job-loading')).not.toBeNull();
       expect(vm.$el.querySelector('.js-job-sidebar')).toBeNull();
       expect(vm.$el.querySelector('.js-job-content')).toBeNull();
-
-      setTimeout(() => {
-        done();
-      }, 0);
     });
   });
 
   describe('with successful request', () => {
-    beforeEach(() => {
-      mock.onGet(`${props.pagePath}/trace.json`).replyOnce(200, {});
-    });
-
     describe('Header section', () => {
       describe('job callout message', () => {
         it('should not render the reason when reason is absent', done => {
-          mock.onGet(props.endpoint).replyOnce(200, job);
-          vm = mountComponentWithStore(Component, { props, store });
-
-          setTimeout(() => {
-            expect(vm.shouldRenderCalloutMessage).toBe(false);
-
-            done();
-          }, 0);
+          setupAndMount()
+            .then(() => {
+              expect(vm.shouldRenderCalloutMessage).toBe(false);
+            })
+            .then(done)
+            .catch(done.fail);
         });
 
         it('should render the reason when reason is present', done => {
-          mock.onGet(props.endpoint).replyOnce(
-            200,
-            Object.assign({}, job, {
-              callout_message: 'There is an unknown failure, please try again',
-            }),
-          );
-
-          vm = mountComponentWithStore(Component, { props, store });
-          setTimeout(() => {
-            expect(vm.shouldRenderCalloutMessage).toBe(true);
-            done();
-          }, 0);
+          setupAndMount({
+            jobData: {
+              callout_message: 'There is an unkown failure, please try again',
+            },
+          })
+            .then(() => {
+              expect(vm.shouldRenderCalloutMessage).toBe(true);
+            })
+            .then(done)
+            .catch(done.fail);
         });
       });
 
       describe('triggered job', () => {
-        beforeEach(() => {
+        beforeEach(done => {
           const aYearAgo = new Date();
           aYearAgo.setFullYear(aYearAgo.getFullYear() - 1);
 
-          mock
-            .onGet(props.endpoint)
-            .replyOnce(200, Object.assign({}, job, { started: aYearAgo.toISOString() }));
-          vm = mountComponentWithStore(Component, { props, store });
+          setupAndMount({ jobData: { started: aYearAgo.toISOString() } })
+            .then(done)
+            .catch(done.fail);
         });
 
-        it('should render provided job information', done => {
-          setTimeout(() => {
-            expect(
-              vm.$el
-                .querySelector('.header-main-content')
-                .textContent.replace(/\s+/g, ' ')
-                .trim(),
-            ).toContain('passed Job #4757 triggered 1 year ago by Root');
-            done();
-          }, 0);
+        it('should render provided job information', () => {
+          expect(
+            vm.$el
+              .querySelector('.header-main-content')
+              .textContent.replace(/\s+/g, ' ')
+              .trim(),
+          ).toContain('passed Job #4757 triggered 1 year ago by Root');
         });
 
-        it('should render new issue link', done => {
-          setTimeout(() => {
-            expect(vm.$el.querySelector('.js-new-issue').getAttribute('href')).toEqual(
-              job.new_issue_path,
-            );
-            done();
-          }, 0);
+        it('should render new issue link', () => {
+          expect(vm.$el.querySelector('.js-new-issue').getAttribute('href')).toEqual(
+            job.new_issue_path,
+          );
         });
       });
 
       describe('created job', () => {
         it('should render created key', done => {
-          mock.onGet(props.endpoint).replyOnce(200, job);
-          vm = mountComponentWithStore(Component, { props, store });
-
-          setTimeout(() => {
-            expect(
-              vm.$el
-                .querySelector('.header-main-content')
-                .textContent.replace(/\s+/g, ' ')
-                .trim(),
-            ).toContain('passed Job #4757 created 3 weeks ago by Root');
-            done();
-          }, 0);
+          setupAndMount()
+            .then(() => {
+              expect(
+                vm.$el
+                  .querySelector('.header-main-content')
+                  .textContent.replace(/\s+/g, ' ')
+                  .trim(),
+              ).toContain('passed Job #4757 created 3 weeks ago by Root');
+            })
+            .then(done)
+            .catch(done.fail);
         });
       });
     });
@@ -143,9 +133,8 @@ describe('Job App ', () => {
     describe('stuck block', () => {
       describe('without active runners availabl', () => {
         it('renders stuck block when there are no runners', done => {
-          mock.onGet(props.endpoint).replyOnce(
-            200,
-            Object.assign({}, job, {
+          setupAndMount({
+            jobData: {
               status: {
                 group: 'pending',
                 icon: 'status_pending',
@@ -159,23 +148,23 @@ describe('Job App ', () => {
                 online: false,
               },
               tags: [],
-            }),
-          );
-          vm = mountComponentWithStore(Component, { props, store });
-
-          setTimeout(() => {
-            expect(vm.$el.querySelector('.js-job-stuck')).not.toBeNull();
-            expect(vm.$el.querySelector('.js-job-stuck .js-stuck-no-active-runner')).not.toBeNull();
-            done();
-          }, 0);
+            },
+          })
+            .then(() => {
+              expect(vm.$el.querySelector('.js-job-stuck')).not.toBeNull();
+              expect(
+                vm.$el.querySelector('.js-job-stuck .js-stuck-no-active-runner'),
+              ).not.toBeNull();
+            })
+            .then(done)
+            .catch(done.fail);
         });
       });
 
       describe('when available runners can not run specified tag', () => {
         it('renders tags in stuck block when there are no runners', done => {
-          mock.onGet(props.endpoint).replyOnce(
-            200,
-            Object.assign({}, job, {
+          setupAndMount({
+            jobData: {
               status: {
                 group: 'pending',
                 icon: 'status_pending',
@@ -188,27 +177,21 @@ describe('Job App ', () => {
                 available: false,
                 online: false,
               },
-            }),
-          );
-
-          vm = mountComponentWithStore(Component, {
-            props,
-            store,
-          });
-
-          setTimeout(() => {
-            expect(vm.$el.querySelector('.js-job-stuck').textContent).toContain(job.tags[0]);
-            expect(vm.$el.querySelector('.js-job-stuck .js-stuck-with-tags')).not.toBeNull();
-            done();
-          }, 0);
+            },
+          })
+            .then(() => {
+              expect(vm.$el.querySelector('.js-job-stuck').textContent).toContain(job.tags[0]);
+              expect(vm.$el.querySelector('.js-job-stuck .js-stuck-with-tags')).not.toBeNull();
+            })
+            .then(done)
+            .catch(done.fail);
         });
       });
 
       describe('when runners are offline and build has tags', () => {
         it('renders message about job being stuck because of no runners with the specified tags', done => {
-          mock.onGet(props.endpoint).replyOnce(
-            200,
-            Object.assign({}, job, {
+          setupAndMount({
+            jobData: {
               status: {
                 group: 'pending',
                 icon: 'status_pending',
@@ -221,48 +204,35 @@ describe('Job App ', () => {
                 available: true,
                 online: true,
               },
-            }),
-          );
-
-          vm = mountComponentWithStore(Component, {
-            props,
-            store,
-          });
-
-          setTimeout(() => {
-            expect(vm.$el.querySelector('.js-job-stuck').textContent).toContain(job.tags[0]);
-            expect(vm.$el.querySelector('.js-job-stuck .js-stuck-with-tags')).not.toBeNull();
-            done();
-          }, 0);
+            },
+          })
+            .then(() => {
+              expect(vm.$el.querySelector('.js-job-stuck').textContent).toContain(job.tags[0]);
+              expect(vm.$el.querySelector('.js-job-stuck .js-stuck-with-tags')).not.toBeNull();
+            })
+            .then(done)
+            .catch(done.fail);
         });
       });
 
       it('does not renders stuck block when there are no runners', done => {
-        mock.onGet(props.endpoint).replyOnce(
-          200,
-          Object.assign({}, job, {
+        setupAndMount({
+          jobData: {
             runners: { available: true },
-          }),
-        );
-
-        vm = mountComponentWithStore(Component, {
-          props,
-          store,
-        });
-
-        setTimeout(() => {
-          expect(vm.$el.querySelector('.js-job-stuck')).toBeNull();
-
-          done();
-        }, 0);
+          },
+        })
+          .then(() => {
+            expect(vm.$el.querySelector('.js-job-stuck')).toBeNull();
+          })
+          .then(done)
+          .catch(done.fail);
       });
     });
 
     describe('unmet prerequisites block', () => {
       it('renders unmet prerequisites block when there is an unmet prerequisites failure', done => {
-        mock.onGet(props.endpoint).replyOnce(
-          200,
-          Object.assign({}, job, {
+        setupAndMount({
+          jobData: {
             status: {
               group: 'failed',
               icon: 'status_failed',
@@ -282,104 +252,81 @@ describe('Job App ', () => {
               available: true,
             },
             tags: [],
-          }),
-        );
-        vm = mountComponentWithStore(Component, { props, store });
-
-        setTimeout(() => {
-          expect(vm.$el.querySelector('.js-job-failed')).not.toBeNull();
-          done();
-        }, 0);
+          },
+        })
+          .then(() => {
+            expect(vm.$el.querySelector('.js-job-failed')).not.toBeNull();
+          })
+          .then(done)
+          .catch(done.fail);
       });
     });
 
     describe('environments block', () => {
       it('renders environment block when job has environment', done => {
-        mock.onGet(props.endpoint).replyOnce(
-          200,
-          Object.assign({}, job, {
+        setupAndMount({
+          jobData: {
             deployment_status: {
               environment: {
                 environment_path: '/path',
                 name: 'foo',
               },
             },
-          }),
-        );
-
-        vm = mountComponentWithStore(Component, {
-          props,
-          store,
-        });
-
-        setTimeout(() => {
-          expect(vm.$el.querySelector('.js-job-environment')).not.toBeNull();
-
-          done();
-        }, 0);
+          },
+        })
+          .then(() => {
+            expect(vm.$el.querySelector('.js-job-environment')).not.toBeNull();
+          })
+          .then(done)
+          .catch(done.fail);
       });
 
       it('does not render environment block when job has environment', done => {
-        mock.onGet(props.endpoint).replyOnce(200, job);
-
-        vm = mountComponentWithStore(Component, {
-          props,
-          store,
-        });
-
-        setTimeout(() => {
-          expect(vm.$el.querySelector('.js-job-environment')).toBeNull();
-          done();
-        }, 0);
+        setupAndMount()
+          .then(() => {
+            expect(vm.$el.querySelector('.js-job-environment')).toBeNull();
+          })
+          .then(done)
+          .catch(done.fail);
       });
     });
 
     describe('erased block', () => {
       it('renders erased block when `erased` is true', done => {
-        mock.onGet(props.endpoint).replyOnce(
-          200,
-          Object.assign({}, job, {
+        setupAndMount({
+          jobData: {
             erased_by: {
               username: 'root',
               web_url: 'gitlab.com/root',
             },
             erased_at: '2016-11-07T11:11:16.525Z',
-          }),
-        );
-
-        vm = mountComponentWithStore(Component, {
-          props,
-          store,
-        });
-
-        setTimeout(() => {
-          expect(vm.$el.querySelector('.js-job-erased-block')).not.toBeNull();
-
-          done();
-        }, 0);
+          },
+        })
+          .then(() => {
+            expect(vm.$el.querySelector('.js-job-erased-block')).not.toBeNull();
+          })
+          .then(done)
+          .catch(done.fail);
       });
 
       it('does not render erased block when `erased` is false', done => {
-        mock.onGet(props.endpoint).replyOnce(200, Object.assign({}, job, { erased_at: null }));
-
-        vm = mountComponentWithStore(Component, {
-          props,
-          store,
-        });
-
-        setTimeout(() => {
-          expect(vm.$el.querySelector('.js-job-erased-block')).toBeNull();
-
-          done();
-        }, 0);
+        setupAndMount({
+          jobData: {
+            erased_at: null,
+          },
+        })
+          .then(() => {
+            expect(vm.$el.querySelector('.js-job-erased-block')).toBeNull();
+          })
+          .then(done)
+          .catch(done.fail);
       });
     });
 
     describe('empty states block', () => {
       it('renders empty state when job does not have trace and is not running', done => {
-        mock.onGet(props.endpoint).replyOnce(
-          200,
-          Object.assign({}, job, {
+        setupAndMount({
+          jobData: {
             has_trace: false,
             status: {
               group: 'pending',
@@ -399,25 +346,18 @@ describe('Job App ', () => {
                 path: '/path',
               },
             },
-          }),
-        );
-
-        vm = mountComponentWithStore(Component, {
-          props,
-          store,
-        });
-
-        setTimeout(() => {
-          expect(vm.$el.querySelector('.js-job-empty-state')).not.toBeNull();
-
-          done();
-        }, 0);
+          },
+        })
+          .then(() => {
+            expect(vm.$el.querySelector('.js-job-empty-state')).not.toBeNull();
+          })
+          .then(done)
+          .catch(done.fail);
       });
 
       it('does not render empty state when job does not have trace but it is running', done => {
-        mock.onGet(props.endpoint).replyOnce(
-          200,
-          Object.assign({}, job, {
+        setupAndMount({
+          jobData: {
             has_trace: false,
             status: {
               group: 'running',
@@ -426,34 +366,23 @@ describe('Job App ', () => {
               text: 'running',
               details_path: 'path',
             },
-          }),
-        );
-
-        vm = mountComponentWithStore(Component, {
-          props,
-          store,
-        });
-
-        setTimeout(() => {
-          expect(vm.$el.querySelector('.js-job-empty-state')).toBeNull();
-
-          done();
-        }, 0);
+          },
+        })
+          .then(() => {
+            expect(vm.$el.querySelector('.js-job-empty-state')).toBeNull();
+          })
+          .then(done)
+          .catch(done.fail);
       });
 
       it('does not render empty state when job has trace but it is not running', done => {
-        mock.onGet(props.endpoint).replyOnce(200, Object.assign({}, job, { has_trace: true }));
-
-        vm = mountComponentWithStore(Component, {
-          props,
-          store,
-        });
-
-        setTimeout(() => {
-          expect(vm.$el.querySelector('.js-job-empty-state')).toBeNull();
-
-          done();
-        }, 0);
+        setupAndMount({ jobData: { has_trace: true } })
+          .then(() => {
+            expect(vm.$el.querySelector('.js-job-empty-state')).toBeNull();
+          })
+          .then(done)
+          .catch(done.fail);
+        done();
       });
 
       it('displays remaining time for a delayed job', done => {
@@ -461,37 +390,23 @@ describe('Job App ', () => {
         spyOn(Date, 'now').and.callFake(
           () => new Date(delayedJobFixture.scheduled_at).getTime() - oneHourInMilliseconds,
         );
-        mock.onGet(props.endpoint).replyOnce(200, { ...delayedJobFixture });
+        setupAndMount({ jobData: delayedJobFixture })
+          .then(() => {
+            expect(vm.$el.querySelector('.js-job-empty-state')).not.toBeNull();
 
-        vm = mountComponentWithStore(Component, {
-          props,
-          store,
-        });
-
-        store.subscribeAction(action => {
-          if (action.type !== 'receiveJobSuccess') {
-            return;
-          }
-
-          Vue.nextTick()
-            .then(() => {
-              expect(vm.$el.querySelector('.js-job-empty-state')).not.toBeNull();
-
-              const title = vm.$el.querySelector('.js-job-empty-state-title');
+            const title = vm.$el.querySelector('.js-job-empty-state-title');
 
-              expect(title).toContainText('01:00:00');
-              done();
-            })
-            .catch(done.fail);
-        });
+            expect(title).toContainText('01:00:00');
+          })
+          .then(done)
+          .catch(done.fail);
       });
     });
 
     describe('sidebar', () => {
       it('has no blank blocks', done => {
-        mock.onGet(props.endpoint).replyOnce(
-          200,
-          Object.assign({}, job, {
+        setupAndMount({
+          jobData: {
             duration: null,
             finished_at: null,
             erased_at: null,
@@ -500,106 +415,89 @@ describe('Job App ', () => {
             coverage: null,
             tags: [],
             cancel_path: null,
-          }),
-        );
-
-        vm.$nextTick(() => {
-          vm.$el.querySelectorAll('.blocks-container > *').forEach(block => {
-            expect(block.textContent.trim()).not.toBe('');
-          });
-          done();
-        });
+          },
+        })
+          .then(() => {
+            vm.$el.querySelectorAll('.blocks-container > *').forEach(block => {
+              expect(block.textContent.trim()).not.toBe('');
+            });
+          })
+          .then(done)
+          .catch(done.fail);
       });
     });
   });
 
   describe('archived job', () => {
-    beforeEach(() => {
-      mock.onGet(props.endpoint).reply(200, Object.assign({}, job, { archived: true }), {});
-      vm = mountComponentWithStore(Component, {
-        props,
-        store,
-      });
+    beforeEach(done => {
+      setupAndMount({ jobData: { archived: true } })
+        .then(done)
+        .catch(done.fail);
     });
 
-    it('renders warning about job being archived', done => {
-      setTimeout(() => {
-        expect(vm.$el.querySelector('.js-archived-job ')).not.toBeNull();
-        done();
-      }, 0);
+    it('renders warning about job being archived', () => {
+      expect(vm.$el.querySelector('.js-archived-job ')).not.toBeNull();
     });
   });
 
   describe('non-archived job', () => {
-    beforeEach(() => {
-      mock.onGet(props.endpoint).reply(200, job, {});
-      vm = mountComponentWithStore(Component, {
-        props,
-        store,
-      });
+    beforeEach(done => {
+      setupAndMount()
+        .then(done)
+        .catch(done.fail);
     });
 
-    it('does not warning about job being archived', done => {
-      setTimeout(() => {
-        expect(vm.$el.querySelector('.js-archived-job ')).toBeNull();
-        done();
-      }, 0);
+    it('does not warning about job being archived', () => {
+      expect(vm.$el.querySelector('.js-archived-job ')).toBeNull();
     });
   });
 
   describe('trace output', () => {
-    beforeEach(() => {
-      mock.onGet(props.endpoint).reply(200, job, {});
-    });
-
     describe('with append flag', () => {
       it('appends the log content to the existing one', done => {
-        mock.onGet(`${props.pagePath}/trace.json`).reply(200, {
-          html: '<span>More<span>',
-          status: 'running',
-          state: 'newstate',
-          append: true,
-          complete: true,
-        });
-
-        vm = mountComponentWithStore(Component, {
-          props,
-          store,
-        });
-
-        vm.$store.state.trace = 'Update';
-
-        setTimeout(() => {
-          expect(vm.$el.querySelector('.js-build-trace').textContent.trim()).toContain('Update');
-
-          done();
-        }, 0);
+        setupAndMount({
+          traceData: {
+            html: '<span>More<span>',
+            status: 'running',
+            state: 'newstate',
+            append: true,
+            complete: true,
+          },
+        })
+          .then(() => {
+            vm.$store.state.trace = 'Update';
+
+            return vm.$nextTick();
+          })
+          .then(() => {
+            expect(vm.$el.querySelector('.js-build-trace').textContent.trim()).toContain('Update');
+          })
+          .then(done)
+          .catch(done.fail);
       });
     });
 
     describe('without append flag', () => {
       it('replaces the trace', done => {
-        mock.onGet(`${props.pagePath}/trace.json`).reply(200, {
-          html: '<span>Different<span>',
-          status: 'running',
-          append: false,
-          complete: true,
-        });
-
-        vm = mountComponentWithStore(Component, {
-          props,
-          store,
-        });
-        vm.$store.state.trace = 'Update';
-
-        setTimeout(() => {
-          expect(vm.$el.querySelector('.js-build-trace').textContent.trim()).not.toContain(
-            'Update',
-          );
+        setupAndMount({
+          traceData: {
+            html: '<span>Different<span>',
+            status: 'running',
+            append: false,
+            complete: true,
+          },
+        })
+          .then(() => {
+            expect(vm.$el.querySelector('.js-build-trace').textContent.trim()).not.toContain(
+              'Update',
+            );
 
-          expect(vm.$el.querySelector('.js-build-trace').textContent.trim()).toContain('Different');
-          done();
-        }, 0);
+            expect(vm.$el.querySelector('.js-build-trace').textContent.trim()).toContain(
+              'Different',
+            );
+          })
+          .then(done)
+          .catch(done.fail);
       });
     });
 
@@ -615,83 +513,76 @@ describe('Job App ', () => {
             complete: true,
           });
 
-          vm = mountComponentWithStore(Component, {
-            props,
-            store,
-          });
-
-          setTimeout(() => {
-            expect(vm.$el.querySelector('.js-truncated-info').textContent.trim()).toContain(
-              '50 bytes',
-            );
-            done();
-          }, 0);
+          setupAndMount({
+            traceData: {
+              html: '<span>Update</span>',
+              status: 'success',
+              append: false,
+              size: 50,
+              total: 100,
+              complete: true,
+            },
+          })
+            .then(() => {
+              expect(vm.$el.querySelector('.js-truncated-info').textContent.trim()).toContain(
+                '50 bytes',
+              );
+            })
+            .then(done)
+            .catch(done.fail);
         });
       });
 
       describe('when size is equal than total', () => {
         it('does not show the truncated information', done => {
-          mock.onGet(`${props.pagePath}/trace.json`).reply(200, {
-            html: '<span>Update</span>',
-            status: 'success',
-            append: false,
-            size: 100,
-            total: 100,
-            complete: true,
-          });
-
-          vm = mountComponentWithStore(Component, {
-            props,
-            store,
-          });
-
-          setTimeout(() => {
-            expect(vm.$el.querySelector('.js-truncated-info').textContent.trim()).not.toContain(
-              '50 bytes',
-            );
-            done();
-          }, 0);
+          setupAndMount({
+            traceData: {
+              html: '<span>Update</span>',
+              status: 'success',
+              append: false,
+              size: 100,
+              total: 100,
+              complete: true,
+            },
+          })
+            .then(() => {
+              expect(vm.$el.querySelector('.js-truncated-info').textContent.trim()).not.toContain(
+                '50 bytes',
+              );
+            })
+            .then(done)
+            .catch(done.fail);
         });
       });
     });
 
     describe('trace controls', () => {
-      beforeEach(() => {
-        mock.onGet(`${props.pagePath}/trace.json`).reply(200, {
-          html: '<span>Update</span>',
-          status: 'success',
-          append: false,
-          size: 50,
-          total: 100,
-          complete: true,
-        });
-
-        vm = mountComponentWithStore(Component, {
-          props,
-          store,
-        });
+      beforeEach(done => {
+        setupAndMount({
+          traceData: {
+            html: '<span>Update</span>',
+            status: 'success',
+            append: false,
+            size: 50,
+            total: 100,
+            complete: true,
+          },
+        })
+          .then(done)
+          .catch(done.fail);
       });
 
-      it('should render scroll buttons', done => {
-        setTimeout(() => {
-          expect(vm.$el.querySelector('.js-scroll-top')).not.toBeNull();
-          expect(vm.$el.querySelector('.js-scroll-bottom')).not.toBeNull();
-          done();
-        }, 0);
+      it('should render scroll buttons', () => {
+        expect(vm.$el.querySelector('.js-scroll-top')).not.toBeNull();
+        expect(vm.$el.querySelector('.js-scroll-bottom')).not.toBeNull();
       });
 
-      it('should render link to raw ouput', done => {
-        setTimeout(() => {
-          expect(vm.$el.querySelector('.js-raw-link-controller')).not.toBeNull();
-          done();
-        }, 0);
+      it('should render link to raw ouput', () => {
+        expect(vm.$el.querySelector('.js-raw-link-controller')).not.toBeNull();
       });
 
-      it('should render link to erase job', done => {
-        setTimeout(() => {
-          expect(vm.$el.querySelector('.js-erase-link')).not.toBeNull();
-          done();
-        }, 0);
+      it('should render link to erase job', () => {
+        expect(vm.$el.querySelector('.js-erase-link')).not.toBeNull();
       });
     });
   });
-- 
cgit v1.2.1


From 98d6db4b43e4e40ea02d97fc9a03d0e9e3a3f762 Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Fri, 2 Aug 2019 06:24:07 +0000
Subject: Update regex for docs branches in ci

Changes * to + to be more precise with acceptable branch names
---
 .gitlab/ci/docs.gitlab-ci.yml          | 4 ++--
 .gitlab/ci/frontend.gitlab-ci.yml      | 4 ++--
 .gitlab/ci/global.gitlab-ci.yml        | 4 ++--
 .gitlab/ci/rails.gitlab-ci.yml         | 3 ++-
 .gitlab/ci/review.gitlab-ci.yml        | 4 ++--
 .gitlab/ci/test-metadata.gitlab-ci.yml | 2 +-
 lib/gitlab/ee_compat_check.rb          | 2 +-
 7 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/.gitlab/ci/docs.gitlab-ci.yml b/.gitlab/ci/docs.gitlab-ci.yml
index de1110f39fa..5a3940bdac2 100644
--- a/.gitlab/ci/docs.gitlab-ci.yml
+++ b/.gitlab/ci/docs.gitlab-ci.yml
@@ -33,8 +33,8 @@ review-docs-deploy:
     - gem install gitlab --no-document
     - ./$SCRIPT_NAME deploy
   only:
-    - /(^docs[\/-].*|.*-docs$)/@gitlab-org/gitlab-ce
-    - /(^docs[\/-].*|.*-docs$)/@gitlab-org/gitlab-ee
+    - /(^docs[\/-].+|.+-docs$)/@gitlab-org/gitlab-ce
+    - /(^docs[\/-].+|.+-docs$)/@gitlab-org/gitlab-ee
   except:
     - /(^qa[\/-].*|.*-qa$)/
 
diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml
index fe369ffec13..2bdde9fedaf 100644
--- a/.gitlab/ci/frontend.gitlab-ci.yml
+++ b/.gitlab/ci/frontend.gitlab-ci.yml
@@ -73,7 +73,7 @@ gitlab:assets:compile pull-cache:
     refs:
       - master@gitlab-org/gitlab-ce
       - master@gitlab-org/gitlab-ee
-      - /(^docs[\/-].*|.*-docs$)/
+      - /(^docs[\/-].+|.+-docs$)/
 
 .compile-assets-metadata:
   extends: .dedicated-runner
@@ -111,7 +111,7 @@ compile-assets pull-cache:
     refs:
       - master@gitlab-org/gitlab-ce
       - master@gitlab-org/gitlab-ee
-      - /(^docs[\/-].*|.*-docs$)/
+      - /(^docs[\/-].+|.+-docs$)/
 
 karma:
   extends: .dedicated-no-docs-pull-cache-job
diff --git a/.gitlab/ci/global.gitlab-ci.yml b/.gitlab/ci/global.gitlab-ci.yml
index 4da7f404767..78ef346d417 100644
--- a/.gitlab/ci/global.gitlab-ci.yml
+++ b/.gitlab/ci/global.gitlab-ci.yml
@@ -31,12 +31,12 @@
 .no-docs:
   except:
     refs:
-      - /(^docs[\/-].*|.*-docs$)/
+      - /(^docs[\/-].+|.+-docs$)/
 
 .no-docs-and-no-qa:
   except:
     refs:
-      - /(^docs[\/-].*|.*-docs$)/
+      - /(^docs[\/-].+|.+-docs$)/
       - /(^qa[\/-].*|.*-qa$)/
 
 .dedicated-no-docs-pull-cache-job:
diff --git a/.gitlab/ci/rails.gitlab-ci.yml b/.gitlab/ci/rails.gitlab-ci.yml
index 1392768127b..24b4eb3a4c1 100644
--- a/.gitlab/ci/rails.gitlab-ci.yml
+++ b/.gitlab/ci/rails.gitlab-ci.yml
@@ -207,7 +207,7 @@ downtime_check:
       - master
       - tags
       - /^[\d-]+-stable(-ee)?$/
-      - /(^docs[\/-].*|.*-docs$)/
+      - /(^docs[\/-].+|.+-docs$)/
       - /(^qa[\/-].*|.*-qa$)/
   dependencies:
     - setup-test-env
@@ -223,6 +223,7 @@ ee_compat_check:
       - /^security-/
       - branches@gitlab-org/gitlab-ee
       - branches@gitlab/gitlab-ee
+      - /(^docs[\/-].+|.+-docs$)/
   retry: 0
   artifacts:
     name: "${CI_JOB_NAME}_${CI_COMIT_REF_NAME}_${CI_COMMIT_SHA}"
diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml
index 29ed41ce0c6..076858e6c8a 100644
--- a/.gitlab/ci/review.gitlab-ci.yml
+++ b/.gitlab/ci/review.gitlab-ci.yml
@@ -7,7 +7,7 @@
   except:
     refs:
       - master
-      - /(^docs[\/-].*|.*-docs$)/
+      - /(^docs[\/-].+|.+-docs$)/
 
 .review-schedules-only: &review-schedules-only
   only:
@@ -20,7 +20,7 @@
   except:
     refs:
       - tags
-      - /(^docs[\/-].*|.*-docs$)/
+      - /(^docs[\/-].+|.+-docs$)/
 
 .review-base: &review-base
   extends: .dedicated-runner
diff --git a/.gitlab/ci/test-metadata.gitlab-ci.yml b/.gitlab/ci/test-metadata.gitlab-ci.yml
index 3a5735a2be9..4c97a4feb18 100644
--- a/.gitlab/ci/test-metadata.gitlab-ci.yml
+++ b/.gitlab/ci/test-metadata.gitlab-ci.yml
@@ -71,7 +71,7 @@ flaky-examples-check:
   except:
     refs:
       - master
-      - /(^docs[\/-].*|.*-docs$)/
+      - /(^docs[\/-].+|.+-docs$)/
       - /(^qa[\/-].*|.*-qa$)/
   artifacts:
     expire_in: 30d
diff --git a/lib/gitlab/ee_compat_check.rb b/lib/gitlab/ee_compat_check.rb
index 01fd261404b..86e532766b1 100644
--- a/lib/gitlab/ee_compat_check.rb
+++ b/lib/gitlab/ee_compat_check.rb
@@ -7,7 +7,7 @@ module Gitlab
     CANONICAL_CE_PROJECT_URL = 'https://gitlab.com/gitlab-org/gitlab-ce'.freeze
     CANONICAL_EE_REPO_URL = 'https://gitlab.com/gitlab-org/gitlab-ee.git'.freeze
     CHECK_DIR = Rails.root.join('ee_compat_check')
-    IGNORED_FILES_REGEX = /VERSION|CHANGELOG\.md/i.freeze
+    IGNORED_FILES_REGEX = /VERSION|CHANGELOG\.md|doc\/.+/i.freeze
     PLEASE_READ_THIS_BANNER = %Q{
       ============================================================
       ===================== PLEASE READ THIS =====================
-- 
cgit v1.2.1


From 3519111296c9f05ec7202b1a9c75cb09c65948d3 Mon Sep 17 00:00:00 2001
From: George Koltsov <koltsov.george@gmail.com>
Date: Fri, 2 Aug 2019 06:32:03 +0000
Subject: Update ldap#security section

---
 doc/administration/auth/ldap.md | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/doc/administration/auth/ldap.md b/doc/administration/auth/ldap.md
index beacaa99d60..186bf4c4825 100644
--- a/doc/administration/auth/ldap.md
+++ b/doc/administration/auth/ldap.md
@@ -33,15 +33,18 @@ information services over an Internet Protocol (IP) network.
 
 ## Security
 
-GitLab assumes that LDAP users are not able to change their LDAP 'mail', 'email'
-or 'userPrincipalName' attribute. An LDAP user who is allowed to change their
-email on the LDAP server can potentially
-[take over any account](#enabling-ldap-sign-in-for-existing-gitlab-users)
-on your GitLab server.
+GitLab assumes that LDAP users:
+
+- Are not able to change their LDAP `mail`, `email`, or `userPrincipalName` attribute.
+  An LDAP user who is allowed to change their email on the LDAP server can potentially
+  [take over any account](#enabling-ldap-sign-in-for-existing-gitlab-users)
+  on your GitLab server.
+- Have unique email addresses, otherwise it is possible for LDAP users with the same
+  email address to share the same GitLab account.
 
 We recommend against using LDAP integration if your LDAP users are
-allowed to change their 'mail', 'email' or 'userPrincipalName'  attribute on
-the LDAP server.
+allowed to change their 'mail', 'email' or 'userPrincipalName' attribute on
+the LDAP server or share email addresses.
 
 ### User deletion
 
-- 
cgit v1.2.1


From 2330ad3c3b453a3605094403396b354ddaafca19 Mon Sep 17 00:00:00 2001
From: Dennis Tang <750946-dennis@users.noreply.gitlab.com>
Date: Fri, 2 Aug 2019 06:43:31 +0000
Subject: Resolve Incorrect empty state message on "Explore projects"

---
 app/views/explore/projects/_projects.html.haml                       | 3 ++-
 app/views/explore/projects/trending.html.haml                        | 2 +-
 app/views/shared/projects/_list.html.haml                            | 3 ++-
 ...correct-empty-state-message-displayed-on-explore-projects-tab.yml | 5 +++++
 spec/features/dashboard/shortcuts_spec.rb                            | 2 +-
 5 files changed, 11 insertions(+), 4 deletions(-)
 create mode 100644 changelogs/unreleased/58256-incorrect-empty-state-message-displayed-on-explore-projects-tab.yml

diff --git a/app/views/explore/projects/_projects.html.haml b/app/views/explore/projects/_projects.html.haml
index 67f2f897137..35b32662b8a 100644
--- a/app/views/explore/projects/_projects.html.haml
+++ b/app/views/explore/projects/_projects.html.haml
@@ -1 +1,2 @@
-= render 'shared/projects/list', projects: projects, user: current_user
+- is_explore_page = defined?(explore_page) && explore_page
+= render 'shared/projects/list', projects: projects, user: current_user, explore_page: is_explore_page
diff --git a/app/views/explore/projects/trending.html.haml b/app/views/explore/projects/trending.html.haml
index ed508fa2506..153c90e534e 100644
--- a/app/views/explore/projects/trending.html.haml
+++ b/app/views/explore/projects/trending.html.haml
@@ -10,4 +10,4 @@
   = render 'explore/head'
 
 = render 'explore/projects/nav' unless Feature.enabled?(:project_list_filter_bar) && current_user
-= render 'projects', projects: @projects
+= render 'projects', projects: @projects, explore_page: true
diff --git a/app/views/shared/projects/_list.html.haml b/app/views/shared/projects/_list.html.haml
index 576ec3e1782..67cb1aa549c 100644
--- a/app/views/shared/projects/_list.html.haml
+++ b/app/views/shared/projects/_list.html.haml
@@ -21,6 +21,7 @@
 - own_projects_current_user_empty_message_header = s_('UserProfile|You haven\'t created any personal projects.')
 - own_projects_current_user_empty_message_description = s_('UserProfile|Your projects can be available publicly, internally, or privately, at your choice.')
 - own_projects_visitor_empty_message = s_('UserProfile|This user doesn\'t have any personal projects')
+- explore_page_empty_message = s_('UserProfile|Explore public groups to find projects to contribute to.')
 - primary_button_label = _('New project')
 - primary_button_link = new_project_path
 - secondary_button_label = _('Explore groups')
@@ -58,4 +59,4 @@
         current_user_empty_message_description: own_projects_current_user_empty_message_description,
         primary_button_label: primary_button_label,
         primary_button_link: primary_button_link,
-        visitor_empty_message: own_projects_visitor_empty_message }
+        visitor_empty_message: defined?(explore_page) && explore_page ? explore_page_empty_message : own_projects_visitor_empty_message }
diff --git a/changelogs/unreleased/58256-incorrect-empty-state-message-displayed-on-explore-projects-tab.yml b/changelogs/unreleased/58256-incorrect-empty-state-message-displayed-on-explore-projects-tab.yml
new file mode 100644
index 00000000000..f719338b9cb
--- /dev/null
+++ b/changelogs/unreleased/58256-incorrect-empty-state-message-displayed-on-explore-projects-tab.yml
@@ -0,0 +1,5 @@
+---
+title: Resolve Incorrect empty state message on Explore projects
+merge_request: 25578
+author:
+type: fixed
diff --git a/spec/features/dashboard/shortcuts_spec.rb b/spec/features/dashboard/shortcuts_spec.rb
index 659bec177ab..3a47475da2b 100644
--- a/spec/features/dashboard/shortcuts_spec.rb
+++ b/spec/features/dashboard/shortcuts_spec.rb
@@ -51,7 +51,7 @@ describe 'Dashboard shortcuts', :js do
       find('body').send_keys([:shift, 'P'])
 
       find('.nothing-here-block')
-      expect(page).to have_content('This user doesn\'t have any personal projects')
+      expect(page).to have_content('Explore public groups to find projects to contribute to.')
     end
   end
 
-- 
cgit v1.2.1


From 4a7c827f6e347065536f4640a63f5785982c647b Mon Sep 17 00:00:00 2001
From: Evan Read <eread@gitlab.com>
Date: Fri, 2 Aug 2019 06:55:01 +0000
Subject: Custom project templates also on GitLab.com

---
 doc/gitlab-basics/create-project.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/gitlab-basics/create-project.md b/doc/gitlab-basics/create-project.md
index 1833b27a292..8bbaf5d1927 100644
--- a/doc/gitlab-basics/create-project.md
+++ b/doc/gitlab-basics/create-project.md
@@ -53,7 +53,7 @@ There are two types of project templates:
 - [Built-in templates](#built-in-templates), sourced from the following groups:
   - [`project-templates`](https://gitlab.com/gitlab-org/project-templates)
   - [`pages`](https://gitlab.com/pages)
-- [Custom project templates](#custom-project-templates-premium-only), for custom templates
+- [Custom project templates](#custom-project-templates-premium), for custom templates
   configured by GitLab administrators and users.
 
 #### Built-in templates
@@ -78,7 +78,7 @@ You can improve the existing built-in templates or contribute new ones in the
 [`project-templates`](https://gitlab.com/gitlab-org/project-templates) and
 [`pages`](https://gitlab.com/pages) groups.
 
-#### Custom project templates **(PREMIUM ONLY)**
+#### Custom project templates **(PREMIUM)**
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/6860) in
 [GitLab Premium](https://about.gitlab.com/pricing) 11.2.
-- 
cgit v1.2.1


From 0f91eadc8742054823ec5ea2767f843449fdee93 Mon Sep 17 00:00:00 2001
From: Ben Kochie <bjk@gitlab.com>
Date: Fri, 2 Aug 2019 09:58:08 +0200
Subject: Update Unicorn Worker recommendation

Update the Unicorn worker documentation based on the new scaling
formula.

https://gitlab.com/gitlab-org/omnibus-gitlab/issues/4535
---
 doc/install/requirements.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/install/requirements.md b/doc/install/requirements.md
index 25ab608de3a..2e3eedad992 100644
--- a/doc/install/requirements.md
+++ b/doc/install/requirements.md
@@ -146,8 +146,8 @@ CREATE EXTENSION postgres_fdw;
 
 ## Unicorn Workers
 
-For most instances we recommend using: CPU cores + 1 = unicorn workers.
-So for a machine with 2 cores, 3 unicorn workers is ideal.
+For most instances we recommend using: (CPU cores * 1.5) + 1 = unicorn workers.
+For example a node with 4 cores would have 7 unicorn workers.
 
 For all machines that have 2GB and up we recommend a minimum of three unicorn workers.
 If you have a 1GB machine we recommend to configure only two Unicorn workers to prevent excessive swapping.
-- 
cgit v1.2.1


From 1f9edb7c4a393a6ebe78e6f98e46515ad655cece Mon Sep 17 00:00:00 2001
From: Aleksei Lipniagov <alipniagov@gitlab.com>
Date: Fri, 2 Aug 2019 09:04:32 +0000
Subject: Call `GC::Profiler.clear` only in one place

Previously, both InfluxSampler and RubySampler were relying on the
`GC::Profiler.total_time` data which is the sum over the list
of captured GC events. Also, both samplers asynchronously called
`GC::Profiler.clear` which led to incorrect metric data because
each sampler has the wrong assumption it is the only object who calls
`GC::Profiler.clear` and thus could rely on the gathered results between
such calls.

We should ensure that `GC::Profiler.total_time` is called only in one
place making it possible to rely on accumulated data between such wipes.

Also, we need to track the amount of profiler reports we lost.
---
 .../63571-fix-gc-profiler-data-being-wiped.yml     |  5 +++++
 config/initializers/peek.rb                        |  7 ++++++-
 lib/gitlab/metrics/samplers/influx_sampler.rb      | 22 ---------------------
 lib/gitlab/metrics/samplers/ruby_sampler.rb        | 23 ++++++++++++++++------
 .../gitlab/metrics/samplers/influx_sampler_spec.rb | 20 -------------------
 .../gitlab/metrics/samplers/ruby_sampler_spec.rb   | 20 +++++++++++++++----
 6 files changed, 44 insertions(+), 53 deletions(-)
 create mode 100644 changelogs/unreleased/63571-fix-gc-profiler-data-being-wiped.yml

diff --git a/changelogs/unreleased/63571-fix-gc-profiler-data-being-wiped.yml b/changelogs/unreleased/63571-fix-gc-profiler-data-being-wiped.yml
new file mode 100644
index 00000000000..7943d9573f3
--- /dev/null
+++ b/changelogs/unreleased/63571-fix-gc-profiler-data-being-wiped.yml
@@ -0,0 +1,5 @@
+---
+title: Fix GC::Profiler metrics fetching
+merge_request: 31331
+author:
+type: fixed
diff --git a/config/initializers/peek.rb b/config/initializers/peek.rb
index 4a2b7931f30..b6c7f1ff4fc 100644
--- a/config/initializers/peek.rb
+++ b/config/initializers/peek.rb
@@ -9,5 +9,10 @@ Peek.into Peek::Views::ActiveRecord
 Peek.into Peek::Views::Gitaly
 Peek.into Peek::Views::RedisDetailed
 Peek.into Peek::Views::Rugged
-Peek.into Peek::Views::GC
+
+# `Peek::Views::GC` is currently disabled in production, as it runs with every request
+# even if PerformanceBar is inactive and clears `GC::Profiler` reports we need for metrics.
+# Check https://gitlab.com/gitlab-org/gitlab-ce/issues/65455
+Peek.into Peek::Views::GC if Rails.env.development?
+
 Peek.into Peek::Views::Tracing if Labkit::Tracing.tracing_url_enabled?
diff --git a/lib/gitlab/metrics/samplers/influx_sampler.rb b/lib/gitlab/metrics/samplers/influx_sampler.rb
index 5138b37f83e..1eae0a7bf45 100644
--- a/lib/gitlab/metrics/samplers/influx_sampler.rb
+++ b/lib/gitlab/metrics/samplers/influx_sampler.rb
@@ -15,19 +15,14 @@ module Gitlab
           @last_step = nil
 
           @metrics = []
-
-          @last_minor_gc = Delta.new(GC.stat[:minor_gc_count])
-          @last_major_gc = Delta.new(GC.stat[:major_gc_count])
         end
 
         def sample
           sample_memory_usage
           sample_file_descriptors
-          sample_gc
 
           flush
         ensure
-          GC::Profiler.clear
           @metrics.clear
         end
 
@@ -43,23 +38,6 @@ module Gitlab
           add_metric('file_descriptors', value: System.file_descriptor_count)
         end
 
-        def sample_gc
-          time = GC::Profiler.total_time * 1000.0
-          stats = GC.stat.merge(total_time: time)
-
-          # We want the difference of GC runs compared to the last sample, not the
-          # total amount since the process started.
-          stats[:minor_gc_count] =
-            @last_minor_gc.compared_with(stats[:minor_gc_count])
-
-          stats[:major_gc_count] =
-            @last_major_gc.compared_with(stats[:major_gc_count])
-
-          stats[:count] = stats[:minor_gc_count] + stats[:major_gc_count]
-
-          add_metric('gc_statistics', stats)
-        end
-
         def add_metric(series, values, tags = {})
           prefix = sidekiq? ? 'sidekiq_' : 'rails_'
 
diff --git a/lib/gitlab/metrics/samplers/ruby_sampler.rb b/lib/gitlab/metrics/samplers/ruby_sampler.rb
index 1e200db0baf..3bfa3da35e0 100644
--- a/lib/gitlab/metrics/samplers/ruby_sampler.rb
+++ b/lib/gitlab/metrics/samplers/ruby_sampler.rb
@@ -6,7 +6,11 @@ module Gitlab
   module Metrics
     module Samplers
       class RubySampler < BaseSampler
+        GC_REPORT_BUCKETS = [0.001, 0.002, 0.005, 0.01, 0.05, 0.1, 0.5].freeze
+
         def initialize(interval)
+          GC::Profiler.clear
+
           metrics[:process_start_time_seconds].set(labels, Time.now.to_i)
 
           super
@@ -37,7 +41,7 @@ module Gitlab
             process_resident_memory_bytes:  ::Gitlab::Metrics.gauge(with_prefix(:process, :resident_memory_bytes), 'Memory used', labels),
             process_start_time_seconds:     ::Gitlab::Metrics.gauge(with_prefix(:process, :start_time_seconds), 'Process start time seconds'),
             sampler_duration:               ::Gitlab::Metrics.counter(with_prefix(:sampler, :duration_seconds_total), 'Sampler time', labels),
-            total_time:                     ::Gitlab::Metrics.counter(with_prefix(:gc, :duration_seconds_total), 'Total GC time', labels)
+            gc_duration_seconds:            ::Gitlab::Metrics.histogram(with_prefix(:gc, :duration_seconds), 'GC time', labels, GC_REPORT_BUCKETS)
           }
 
           GC.stat.keys.each do |key|
@@ -57,20 +61,27 @@ module Gitlab
           sample_gc
 
           metrics[:sampler_duration].increment(labels, System.monotonic_time - start_time)
-        ensure
-          GC::Profiler.clear
         end
 
         private
 
         def sample_gc
-          # Collect generic GC stats.
+          # Observe all GC samples
+          sample_gc_reports.each do |report|
+            metrics[:gc_duration_seconds].observe(labels, report[:GC_TIME])
+          end
+
+          # Collect generic GC stats
           GC.stat.each do |key, value|
             metrics[key].set(labels, value)
           end
+        end
 
-          # Collect the GC time since last sample in float seconds.
-          metrics[:total_time].increment(labels, GC::Profiler.total_time)
+        def sample_gc_reports
+          GC::Profiler.enable
+          GC::Profiler.raw_data
+        ensure
+          GC::Profiler.clear
         end
 
         def set_memory_usage_metrics
diff --git a/spec/lib/gitlab/metrics/samplers/influx_sampler_spec.rb b/spec/lib/gitlab/metrics/samplers/influx_sampler_spec.rb
index 81954fcf8c5..2923048f742 100644
--- a/spec/lib/gitlab/metrics/samplers/influx_sampler_spec.rb
+++ b/spec/lib/gitlab/metrics/samplers/influx_sampler_spec.rb
@@ -17,18 +17,10 @@ describe Gitlab::Metrics::Samplers::InfluxSampler do
     it 'samples various statistics' do
       expect(sampler).to receive(:sample_memory_usage)
       expect(sampler).to receive(:sample_file_descriptors)
-      expect(sampler).to receive(:sample_gc)
       expect(sampler).to receive(:flush)
 
       sampler.sample
     end
-
-    it 'clears any GC profiles' do
-      expect(sampler).to receive(:flush)
-      expect(GC::Profiler).to receive(:clear)
-
-      sampler.sample
-    end
   end
 
   describe '#flush' do
@@ -67,18 +59,6 @@ describe Gitlab::Metrics::Samplers::InfluxSampler do
     end
   end
 
-  describe '#sample_gc' do
-    it 'adds a metric containing garbage collection statistics' do
-      expect(GC::Profiler).to receive(:total_time).and_return(0.24)
-
-      expect(sampler).to receive(:add_metric)
-        .with(/gc_statistics/, an_instance_of(Hash))
-        .and_call_original
-
-      sampler.sample_gc
-    end
-  end
-
   describe '#add_metric' do
     it 'prefixes the series name for a Rails process' do
       expect(sampler).to receive(:sidekiq?).and_return(false)
diff --git a/spec/lib/gitlab/metrics/samplers/ruby_sampler_spec.rb b/spec/lib/gitlab/metrics/samplers/ruby_sampler_spec.rb
index 4d93b70e6e3..5005a5d9ebc 100644
--- a/spec/lib/gitlab/metrics/samplers/ruby_sampler_spec.rb
+++ b/spec/lib/gitlab/metrics/samplers/ruby_sampler_spec.rb
@@ -59,17 +59,29 @@ describe Gitlab::Metrics::Samplers::RubySampler do
     end
 
     it 'clears any GC profiles' do
-      expect(GC::Profiler).to receive(:clear)
+      expect(GC::Profiler).to receive(:clear).at_least(:once)
 
       sampler.sample
     end
   end
 
   describe '#sample_gc' do
-    it 'adds a metric containing garbage collection time statistics' do
-      expect(GC::Profiler).to receive(:total_time).and_return(0.24)
+    let!(:sampler) { described_class.new(5) }
 
-      expect(sampler.metrics[:total_time]).to receive(:increment).with({}, 0.24)
+    let(:gc_reports) { [{ GC_TIME: 0.1 }, { GC_TIME: 0.2 }, { GC_TIME: 0.3 }] }
+
+    it 're-enables GC::Profiler if needed' do
+      expect(GC::Profiler).to receive(:enable)
+
+      sampler.sample
+    end
+
+    it 'observes GC cycles time' do
+      expect(sampler).to receive(:sample_gc_reports).and_return(gc_reports)
+
+      expect(sampler.metrics[:gc_duration_seconds]).to receive(:observe).with({}, 0.1).ordered
+      expect(sampler.metrics[:gc_duration_seconds]).to receive(:observe).with({}, 0.2).ordered
+      expect(sampler.metrics[:gc_duration_seconds]).to receive(:observe).with({}, 0.3).ordered
 
       sampler.sample
     end
-- 
cgit v1.2.1


From 8f653f098394d3f048c0abdecda2a0de54b48e08 Mon Sep 17 00:00:00 2001
From: Toon Claes <toon@gitlab.com>
Date: Fri, 2 Aug 2019 11:54:40 +0200
Subject: Again run quarantine specs if tag provided

In f59438c0a9da7bb4d98291d2adedfc5a13a50798 we changed how quarantined
specs are excluded. But that made it impossible to run them by
providing `--tag quarantine`, this changes that.
---
 spec/spec_helper.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 6994b6687fc..bcc133790d1 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -148,9 +148,9 @@ RSpec.configure do |config|
     Gitlab::ThreadMemoryCache.cache_backend.clear
   end
 
-  config.around(:example, :quarantine) do
+  config.around(:example, :quarantine) do |example|
     # Skip tests in quarantine unless we explicitly focus on them.
-    skip('In quarantine') unless config.inclusion_filter[:quarantine]
+    example.run if config.inclusion_filter[:quarantine]
   end
 
   config.before(:example, :request_store) do
-- 
cgit v1.2.1


From db104aaf9236050ea5fd921efab664892a6b1880 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kamil=20Trzci=C5=84ski?= <ayufan@ayufan.eu>
Date: Thu, 1 Aug 2019 15:30:06 +0200
Subject: Improve test for .with_needs

---
 spec/models/ci/build_spec.rb | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb
index 9369f393b5e..8768e914284 100644
--- a/spec/models/ci/build_spec.rb
+++ b/spec/models/ci/build_spec.rb
@@ -185,8 +185,9 @@ describe Ci::Build do
 
   describe '.with_needs' do
     let!(:build) { create(:ci_build) }
+    let!(:build_b) { create(:ci_build) }
     let!(:build_need_a) { create(:ci_build_need, build: build) }
-    let!(:build_need_b) { create(:ci_build_need, build: build) }
+    let!(:build_need_b) { create(:ci_build_need, build: build_b) }
 
     context 'when passing build name' do
       subject { described_class.with_needs(build_need_a.name) }
@@ -197,7 +198,7 @@ describe Ci::Build do
     context 'when not passing any build name' do
       subject { described_class.with_needs }
 
-      it { is_expected.to contain_exactly(build) }
+      it { is_expected.to contain_exactly(build, build_b) }
     end
 
     context 'when not matching build name' do
-- 
cgit v1.2.1


From 181b9b3e7328070f6846c9547d166ba0128e415c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kamil=20Trzci=C5=84ski?= <ayufan@ayufan.eu>
Date: Fri, 2 Aug 2019 13:28:59 +0200
Subject: Respect needs for artifacts

When `needs:` is defined, the value of it is
not respected when returning a list of artifacts
to the runner from the job.
---
 app/models/ci/build.rb       | 16 ++++++----------
 spec/models/ci/build_spec.rb | 17 +++++++++++++++--
 2 files changed, 21 insertions(+), 12 deletions(-)

diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb
index dd2bfc42af9..ac88d9714ac 100644
--- a/app/models/ci/build.rb
+++ b/app/models/ci/build.rb
@@ -715,18 +715,14 @@ module Ci
 
       depended_jobs = depends_on_builds
 
-      # find all jobs that are dependent on
-      if options[:dependencies].present?
-        depended_jobs = depended_jobs.select do |job|
-          options[:dependencies].include?(job.name)
-        end
+      # find all jobs that are needed
+      if Feature.enabled?(:ci_dag_support, project) && needs.exists?
+        depended_jobs = depended_jobs.where(name: needs.select(:name))
       end
 
-      # find all jobs that are needed by this one
-      if options[:needs].present?
-        depended_jobs = depended_jobs.select do |job|
-          options[:needs].include?(job.name)
-        end
+      # find all jobs that are dependent on
+      if options[:dependencies].present?
+        depended_jobs = depended_jobs.where(name: options[:dependencies])
       end
 
       depended_jobs
diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb
index 8768e914284..0387073cffb 100644
--- a/spec/models/ci/build_spec.rb
+++ b/spec/models/ci/build_spec.rb
@@ -630,12 +630,17 @@ describe Ci::Build do
         create(:ci_build,
           pipeline: pipeline, name: 'final',
           stage_idx: 3, stage: 'deploy', options: {
-            dependencies: dependencies,
-            needs: needs
+            dependencies: dependencies
           }
         )
       end
 
+      before do
+        needs.to_a.each do |need|
+          create(:ci_build_need, build: final, name: need)
+        end
+      end
+
       subject { final.dependencies }
 
       context 'when depedencies are defined' do
@@ -648,6 +653,14 @@ describe Ci::Build do
         let(:needs) { %w(build rspec staging) }
 
         it { is_expected.to contain_exactly(build, rspec_test, staging) }
+
+        context 'when ci_dag_support is disabled' do
+          before do
+            stub_feature_flags(ci_dag_support: false)
+          end
+
+          it { is_expected.to contain_exactly(build, rspec_test, rubocop_test, staging) }
+        end
       end
 
       context 'when needs and dependencies are defined' do
-- 
cgit v1.2.1


From 7b4c88edee1a7f41fd65eff59fb62e39dc641049 Mon Sep 17 00:00:00 2001
From: Lukas Eipert <leipert@gitlab.com>
Date: Fri, 2 Aug 2019 14:46:06 +0200
Subject: Use stable image version for dind

See https://gitlab.com/gitlab-com/gl-infra/production/issues/1023

This also has been suggested by Tomasz in the MR
---
 .gitlab/ci/frontend.gitlab-ci.yml | 2 +-
 .gitlab/ci/review.gitlab-ci.yml   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml
index 2bdde9fedaf..a0db84bd25a 100644
--- a/.gitlab/ci/frontend.gitlab-ci.yml
+++ b/.gitlab/ci/frontend.gitlab-ci.yml
@@ -19,7 +19,7 @@
   dependencies:
     - setup-test-env
   services:
-    - docker:stable-dind
+    - docker:19.03.0-dind
   variables:
     NODE_ENV: "production"
     RAILS_ENV: "production"
diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml
index 076858e6c8a..6b60c993640 100644
--- a/.gitlab/ci/review.gitlab-ci.yml
+++ b/.gitlab/ci/review.gitlab-ci.yml
@@ -35,7 +35,7 @@
   <<: *review-base
   image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine
   services:
-    - docker:stable-dind
+    - docker:19.03.0-dind
   tags:
     - gitlab-org
     - docker
-- 
cgit v1.2.1


From 97699bbda6077a6f3adfb6a6f2079a0890818a5d Mon Sep 17 00:00:00 2001
From: Sam Beckham <sbeckham@gitlab.com>
Date: Fri, 2 Aug 2019 13:11:37 +0000
Subject: Syncs the vue test utils helpers

---
 spec/frontend/helpers/vue_test_utils_helper.js     | 18 +++++++-
 .../frontend/helpers/vue_test_utils_helper_spec.js | 48 ++++++++++++++++++++++
 spec/javascripts/helpers/vue_test_utils_helper.js  | 38 ++---------------
 .../helpers/vue_test_utils_helper_spec.js          | 48 ----------------------
 4 files changed, 68 insertions(+), 84 deletions(-)
 create mode 100644 spec/frontend/helpers/vue_test_utils_helper_spec.js
 delete mode 100644 spec/javascripts/helpers/vue_test_utils_helper_spec.js

diff --git a/spec/frontend/helpers/vue_test_utils_helper.js b/spec/frontend/helpers/vue_test_utils_helper.js
index 121e99c9783..68326e37ae7 100644
--- a/spec/frontend/helpers/vue_test_utils_helper.js
+++ b/spec/frontend/helpers/vue_test_utils_helper.js
@@ -1,5 +1,3 @@
-/* eslint-disable import/prefer-default-export */
-
 const vNodeContainsText = (vnode, text) =>
   (vnode.text && vnode.text.includes(text)) ||
   (vnode.children && vnode.children.filter(child => vNodeContainsText(child, text)).length);
@@ -19,3 +17,19 @@ export const shallowWrapperContainsSlotText = (shallowWrapper, slotName, text) =
   Boolean(
     shallowWrapper.vm.$slots[slotName].filter(vnode => vNodeContainsText(vnode, text)).length,
   );
+
+/**
+ * Returns a promise that waits for a mutation to be fired before resolving
+ * NOTE: There's no reject action here so it will hang if it waits for a mutation that won't happen.
+ * @param {Object} store - The Vue store that contains the mutations
+ * @param {String} expectedMutationType - The Mutation to wait for
+ */
+export const waitForMutation = (store, expectedMutationType) =>
+  new Promise(resolve => {
+    const unsubscribe = store.subscribe(mutation => {
+      if (mutation.type === expectedMutationType) {
+        unsubscribe();
+        resolve();
+      }
+    });
+  });
diff --git a/spec/frontend/helpers/vue_test_utils_helper_spec.js b/spec/frontend/helpers/vue_test_utils_helper_spec.js
new file mode 100644
index 00000000000..41714066da5
--- /dev/null
+++ b/spec/frontend/helpers/vue_test_utils_helper_spec.js
@@ -0,0 +1,48 @@
+import { shallowMount } from '@vue/test-utils';
+import { shallowWrapperContainsSlotText } from './vue_test_utils_helper';
+
+describe('Vue test utils helpers', () => {
+  describe('shallowWrapperContainsSlotText', () => {
+    const mockText = 'text';
+    const mockSlot = `<div>${mockText}</div>`;
+    let mockComponent;
+
+    beforeEach(() => {
+      mockComponent = shallowMount(
+        {
+          render(h) {
+            h(`<div>mockedComponent</div>`);
+          },
+        },
+        {
+          slots: {
+            default: mockText,
+            namedSlot: mockSlot,
+          },
+        },
+      );
+    });
+
+    it('finds text within shallowWrapper default slot', () => {
+      expect(shallowWrapperContainsSlotText(mockComponent, 'default', mockText)).toBe(true);
+    });
+
+    it('finds text within shallowWrapper named slot', () => {
+      expect(shallowWrapperContainsSlotText(mockComponent, 'namedSlot', mockText)).toBe(true);
+    });
+
+    it('returns false when text is not present', () => {
+      const searchText = 'absent';
+
+      expect(shallowWrapperContainsSlotText(mockComponent, 'default', searchText)).toBe(false);
+      expect(shallowWrapperContainsSlotText(mockComponent, 'namedSlot', searchText)).toBe(false);
+    });
+
+    it('searches with case-sensitivity', () => {
+      const searchText = mockText.toUpperCase();
+
+      expect(shallowWrapperContainsSlotText(mockComponent, 'default', searchText)).toBe(false);
+      expect(shallowWrapperContainsSlotText(mockComponent, 'namedSlot', searchText)).toBe(false);
+    });
+  });
+});
diff --git a/spec/javascripts/helpers/vue_test_utils_helper.js b/spec/javascripts/helpers/vue_test_utils_helper.js
index 68326e37ae7..5b749b11246 100644
--- a/spec/javascripts/helpers/vue_test_utils_helper.js
+++ b/spec/javascripts/helpers/vue_test_utils_helper.js
@@ -1,35 +1,5 @@
-const vNodeContainsText = (vnode, text) =>
-  (vnode.text && vnode.text.includes(text)) ||
-  (vnode.children && vnode.children.filter(child => vNodeContainsText(child, text)).length);
+// No new code should be added to this file. Instead, modify the
+// file this one re-exports from. For more detail about why, see:
+// https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/31349
 
-/**
- * Determines whether a `shallowMount` Wrapper contains text
- * within one of it's slots. This will also work on Wrappers
- * acquired with `find()`, but only if it's parent Wrapper
- * was shallowMounted.
- * NOTE: Prefer checking the rendered output of a component
- * wherever possible using something like `text()` instead.
- * @param {Wrapper} shallowWrapper - Vue test utils wrapper (shallowMounted)
- * @param {String} slotName
- * @param {String} text
- */
-export const shallowWrapperContainsSlotText = (shallowWrapper, slotName, text) =>
-  Boolean(
-    shallowWrapper.vm.$slots[slotName].filter(vnode => vNodeContainsText(vnode, text)).length,
-  );
-
-/**
- * Returns a promise that waits for a mutation to be fired before resolving
- * NOTE: There's no reject action here so it will hang if it waits for a mutation that won't happen.
- * @param {Object} store - The Vue store that contains the mutations
- * @param {String} expectedMutationType - The Mutation to wait for
- */
-export const waitForMutation = (store, expectedMutationType) =>
-  new Promise(resolve => {
-    const unsubscribe = store.subscribe(mutation => {
-      if (mutation.type === expectedMutationType) {
-        unsubscribe();
-        resolve();
-      }
-    });
-  });
+export * from '../../frontend/helpers/vue_test_utils_helper';
diff --git a/spec/javascripts/helpers/vue_test_utils_helper_spec.js b/spec/javascripts/helpers/vue_test_utils_helper_spec.js
deleted file mode 100644
index 41714066da5..00000000000
--- a/spec/javascripts/helpers/vue_test_utils_helper_spec.js
+++ /dev/null
@@ -1,48 +0,0 @@
-import { shallowMount } from '@vue/test-utils';
-import { shallowWrapperContainsSlotText } from './vue_test_utils_helper';
-
-describe('Vue test utils helpers', () => {
-  describe('shallowWrapperContainsSlotText', () => {
-    const mockText = 'text';
-    const mockSlot = `<div>${mockText}</div>`;
-    let mockComponent;
-
-    beforeEach(() => {
-      mockComponent = shallowMount(
-        {
-          render(h) {
-            h(`<div>mockedComponent</div>`);
-          },
-        },
-        {
-          slots: {
-            default: mockText,
-            namedSlot: mockSlot,
-          },
-        },
-      );
-    });
-
-    it('finds text within shallowWrapper default slot', () => {
-      expect(shallowWrapperContainsSlotText(mockComponent, 'default', mockText)).toBe(true);
-    });
-
-    it('finds text within shallowWrapper named slot', () => {
-      expect(shallowWrapperContainsSlotText(mockComponent, 'namedSlot', mockText)).toBe(true);
-    });
-
-    it('returns false when text is not present', () => {
-      const searchText = 'absent';
-
-      expect(shallowWrapperContainsSlotText(mockComponent, 'default', searchText)).toBe(false);
-      expect(shallowWrapperContainsSlotText(mockComponent, 'namedSlot', searchText)).toBe(false);
-    });
-
-    it('searches with case-sensitivity', () => {
-      const searchText = mockText.toUpperCase();
-
-      expect(shallowWrapperContainsSlotText(mockComponent, 'default', searchText)).toBe(false);
-      expect(shallowWrapperContainsSlotText(mockComponent, 'namedSlot', searchText)).toBe(false);
-    });
-  });
-});
-- 
cgit v1.2.1


From c6acb77d8a19063f26f8dfcda85beead50fe6e96 Mon Sep 17 00:00:00 2001
From: Mayra Cabrera <mcabrera@gitlab.com>
Date: Thu, 1 Aug 2019 15:14:21 -0500
Subject: Removes update_statistics_namespace feature flag

After measuring the impact of the namespace storage on
https://gitlab.com/gitlab-org/gitlab-ce/issues/64092. It was decided
that it's performant enough. So we can freely remove the feature flag

Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/64092
---
 app/models/concerns/update_project_statistics.rb   |  7 +---
 app/models/project_statistics.rb                   |  6 ----
 app/workers/namespaces/root_statistics_worker.rb   |  6 +---
 .../namespaces/schedule_aggregation_worker.rb      |  6 +---
 ...es-update-statistics-namespace-feature-flag.yml |  5 +++
 spec/models/project_statistics_spec.rb             | 13 +------
 .../update_project_statistics_shared_examples.rb   | 40 ----------------------
 .../namespaces/root_statistics_worker_spec.rb      | 11 ------
 .../namespaces/schedule_aggregation_worker_spec.rb | 10 ------
 9 files changed, 9 insertions(+), 95 deletions(-)
 create mode 100644 changelogs/unreleased/64092-removes-update-statistics-namespace-feature-flag.yml

diff --git a/app/models/concerns/update_project_statistics.rb b/app/models/concerns/update_project_statistics.rb
index 570a735973f..869b3490f3f 100644
--- a/app/models/concerns/update_project_statistics.rb
+++ b/app/models/concerns/update_project_statistics.rb
@@ -73,15 +73,10 @@ module UpdateProjectStatistics
 
     def schedule_namespace_aggregation_worker
       run_after_commit do
-        next unless schedule_aggregation_worker?
+        next if project.nil?
 
         Namespaces::ScheduleAggregationWorker.perform_async(project.namespace_id)
       end
     end
-
-    def schedule_aggregation_worker?
-      !project.nil? &&
-        Feature.enabled?(:update_statistics_namespace, project.root_ancestor)
-    end
   end
 end
diff --git a/app/models/project_statistics.rb b/app/models/project_statistics.rb
index 3802d258664..47999a3694e 100644
--- a/app/models/project_statistics.rb
+++ b/app/models/project_statistics.rb
@@ -93,13 +93,7 @@ class ProjectStatistics < ApplicationRecord
 
   def schedule_namespace_aggregation_worker
     run_after_commit do
-      next unless schedule_aggregation_worker?
-
       Namespaces::ScheduleAggregationWorker.perform_async(project.namespace_id)
     end
   end
-
-  def schedule_aggregation_worker?
-    Feature.enabled?(:update_statistics_namespace, project&.root_ancestor)
-  end
 end
diff --git a/app/workers/namespaces/root_statistics_worker.rb b/app/workers/namespaces/root_statistics_worker.rb
index 48876825564..0c1ca5eb975 100644
--- a/app/workers/namespaces/root_statistics_worker.rb
+++ b/app/workers/namespaces/root_statistics_worker.rb
@@ -9,7 +9,7 @@ module Namespaces
     def perform(namespace_id)
       namespace = Namespace.find(namespace_id)
 
-      return unless update_statistics_enabled_for?(namespace) && namespace.aggregation_scheduled?
+      return unless namespace.aggregation_scheduled?
 
       Namespaces::StatisticsRefresherService.new.execute(namespace)
 
@@ -23,9 +23,5 @@ module Namespaces
     def log_error(namespace_path, error_message)
       Gitlab::SidekiqLogger.error("Namespace statistics can't be updated for #{namespace_path}: #{error_message}")
     end
-
-    def update_statistics_enabled_for?(namespace)
-      Feature.enabled?(:update_statistics_namespace, namespace)
-    end
   end
 end
diff --git a/app/workers/namespaces/schedule_aggregation_worker.rb b/app/workers/namespaces/schedule_aggregation_worker.rb
index a4594b84b13..983ce4bef4a 100644
--- a/app/workers/namespaces/schedule_aggregation_worker.rb
+++ b/app/workers/namespaces/schedule_aggregation_worker.rb
@@ -12,7 +12,7 @@ module Namespaces
       namespace = Namespace.find(namespace_id)
       root_ancestor = namespace.root_ancestor
 
-      return unless update_statistics_enabled_for?(root_ancestor) && !root_ancestor.aggregation_scheduled?
+      return if root_ancestor.aggregation_scheduled?
 
       Namespace::AggregationSchedule.safe_find_or_create_by!(namespace_id: root_ancestor.id)
     rescue ActiveRecord::RecordNotFound
@@ -37,9 +37,5 @@ module Namespaces
     def log_error(root_ancestor_id)
       Gitlab::SidekiqLogger.error("Namespace can't be scheduled for aggregation: #{root_ancestor_id} does not exist")
     end
-
-    def update_statistics_enabled_for?(root_ancestor)
-      Feature.enabled?(:update_statistics_namespace, root_ancestor)
-    end
   end
 end
diff --git a/changelogs/unreleased/64092-removes-update-statistics-namespace-feature-flag.yml b/changelogs/unreleased/64092-removes-update-statistics-namespace-feature-flag.yml
new file mode 100644
index 00000000000..272c830a914
--- /dev/null
+++ b/changelogs/unreleased/64092-removes-update-statistics-namespace-feature-flag.yml
@@ -0,0 +1,5 @@
+---
+title: Enables storage statistics for root namespaces on database
+merge_request: 31392
+author:
+type: other
diff --git a/spec/models/project_statistics_spec.rb b/spec/models/project_statistics_spec.rb
index db3e4902c64..a164ed9bbea 100644
--- a/spec/models/project_statistics_spec.rb
+++ b/spec/models/project_statistics_spec.rb
@@ -140,18 +140,7 @@ describe ProjectStatistics do
       let(:namespace) { create(:group) }
       let(:project) { create(:project, namespace: namespace) }
 
-      context 'when the feature flag is off' do
-        it 'does not schedule the aggregation worker' do
-          stub_feature_flags(update_statistics_namespace: false, namespace: namespace)
-
-          expect(Namespaces::ScheduleAggregationWorker)
-            .not_to receive(:perform_async)
-
-          statistics.refresh!(only: [:lfs_objects_size])
-        end
-      end
-
-      context 'when the feature flag is on' do
+      context 'when arguments are passed' do
         it 'schedules the aggregation worker' do
           expect(Namespaces::ScheduleAggregationWorker)
             .to receive(:perform_async)
diff --git a/spec/support/shared_examples/models/update_project_statistics_shared_examples.rb b/spec/support/shared_examples/models/update_project_statistics_shared_examples.rb
index aad63982e7a..e03435cafe8 100644
--- a/spec/support/shared_examples/models/update_project_statistics_shared_examples.rb
+++ b/spec/support/shared_examples/models/update_project_statistics_shared_examples.rb
@@ -32,19 +32,6 @@ shared_examples_for 'UpdateProjectStatistics' do
 
       subject.save!
     end
-
-    context 'when feature flag is disabled for the namespace' do
-      it 'does not schedules a namespace statistics worker' do
-        namespace = subject.project.root_ancestor
-
-        stub_feature_flags(update_statistics_namespace: false, namespace: namespace)
-
-        expect(Namespaces::ScheduleAggregationWorker)
-          .not_to receive(:perform_async)
-
-        subject.save!
-      end
-    end
   end
 
   context 'when updating' do
@@ -87,20 +74,6 @@ shared_examples_for 'UpdateProjectStatistics' do
         subject.save!
       end.not_to exceed_query_limit(control_count)
     end
-
-    context 'when the feature flag is disabled for the namespace' do
-      it 'does not schedule a namespace statistics worker' do
-        namespace = subject.project.root_ancestor
-
-        stub_feature_flags(update_statistics_namespace: false, namespace: namespace)
-
-        expect(Namespaces::ScheduleAggregationWorker)
-          .not_to receive(:perform_async)
-
-        subject.write_attribute(statistic_attribute, read_attribute + delta)
-        subject.save!
-      end
-    end
   end
 
   context 'when destroying' do
@@ -144,18 +117,5 @@ shared_examples_for 'UpdateProjectStatistics' do
         project.destroy!
       end
     end
-
-    context 'when feature flag is disabled for the namespace' do
-      it 'does not schedule a namespace statistics worker' do
-        namespace = subject.project.root_ancestor
-
-        stub_feature_flags(update_statistics_namespace: false, namespace: namespace)
-
-        expect(Namespaces::ScheduleAggregationWorker)
-          .not_to receive(:perform_async)
-
-        subject.destroy!
-      end
-    end
   end
 end
diff --git a/spec/workers/namespaces/root_statistics_worker_spec.rb b/spec/workers/namespaces/root_statistics_worker_spec.rb
index 8dd74b96d49..6bbdfe03ceb 100644
--- a/spec/workers/namespaces/root_statistics_worker_spec.rb
+++ b/spec/workers/namespaces/root_statistics_worker_spec.rb
@@ -74,15 +74,4 @@ describe Namespaces::RootStatisticsWorker, '#perform' do
       worker.perform(group.id)
     end
   end
-
-  context 'when update_statistics_namespace is off' do
-    it 'does not create a new one' do
-      stub_feature_flags(update_statistics_namespace: false, namespace: group)
-
-      expect_any_instance_of(Namespaces::StatisticsRefresherService)
-        .not_to receive(:execute)
-
-      worker.perform(group.id)
-    end
-  end
 end
diff --git a/spec/workers/namespaces/schedule_aggregation_worker_spec.rb b/spec/workers/namespaces/schedule_aggregation_worker_spec.rb
index d4a49a3f53a..be722f451e0 100644
--- a/spec/workers/namespaces/schedule_aggregation_worker_spec.rb
+++ b/spec/workers/namespaces/schedule_aggregation_worker_spec.rb
@@ -31,16 +31,6 @@ describe Namespaces::ScheduleAggregationWorker, '#perform', :clean_gitlab_redis_
         expect(group.aggregation_schedule).to be_present
       end
     end
-
-    context 'when update_statistics_namespace is off' do
-      it 'does not create a new one' do
-        stub_feature_flags(update_statistics_namespace: false, namespace: group)
-
-        expect do
-          worker.perform(group.id)
-        end.not_to change(Namespace::AggregationSchedule, :count)
-      end
-    end
   end
 
   context 'when group is not the root ancestor' do
-- 
cgit v1.2.1


From fc9f099884f6b98dea3f4e6110ecba6151fa75b8 Mon Sep 17 00:00:00 2001
From: "Lukas '+ alert('Eipi') + ' Eipert" <leipert@gitlab.com>
Date: Fri, 2 Aug 2019 14:38:50 +0000
Subject: Prevent empty classes in ansi2html conversion

Currently we write out empty CSS classes (`class=""`) every time we
create a new tag. This adds 9 unnecessary bytes per span element. In a
recent trace, I have counted 11950 span elements. So we transported 105
unnecessary kilobytes!
---
 app/assets/stylesheets/pages/builds.scss           |  1 +
 .../unreleased/leipert-improve-ansi2html.yml       |  5 +++
 lib/gitlab/ci/ansi2html.rb                         | 27 +++++++++-----
 spec/controllers/projects/jobs_controller_spec.rb  |  2 +-
 spec/lib/gitlab/ci/ansi2html_spec.rb               | 43 +++++++++++-----------
 spec/lib/gitlab/ci/trace/stream_spec.rb            | 16 ++++----
 .../shared_examples/ci_trace_shared_examples.rb    |  4 +-
 7 files changed, 54 insertions(+), 44 deletions(-)
 create mode 100644 changelogs/unreleased/leipert-improve-ansi2html.yml

diff --git a/app/assets/stylesheets/pages/builds.scss b/app/assets/stylesheets/pages/builds.scss
index 6e98908eeed..262c0bf5ed2 100644
--- a/app/assets/stylesheets/pages/builds.scss
+++ b/app/assets/stylesheets/pages/builds.scss
@@ -127,6 +127,7 @@
 
   .section-header ~ .section.line {
     margin-left: $gl-padding;
+    display: block;
   }
 }
 
diff --git a/changelogs/unreleased/leipert-improve-ansi2html.yml b/changelogs/unreleased/leipert-improve-ansi2html.yml
new file mode 100644
index 00000000000..dd3582b3434
--- /dev/null
+++ b/changelogs/unreleased/leipert-improve-ansi2html.yml
@@ -0,0 +1,5 @@
+---
+title: Improve job log rendering performance
+merge_request: 31262
+author:
+type: performance
diff --git a/lib/gitlab/ci/ansi2html.rb b/lib/gitlab/ci/ansi2html.rb
index fc3223e7442..7e348763e81 100644
--- a/lib/gitlab/ci/ansi2html.rb
+++ b/lib/gitlab/ci/ansi2html.rb
@@ -194,16 +194,10 @@ module Gitlab
         end
 
         def handle_new_line
-          css_classes = []
-
-          if @sections.any?
-            css_classes = %w[section line] + sections.map { |section| "s_#{section}" }
-          end
-
           write_in_tag %{<br/>}
-          write_raw %{<span class="#{css_classes.join(' ')}"></span>} if css_classes.any?
+
+          close_open_tags if @sections.any? && @lineno_in_section == 0
           @lineno_in_section += 1
-          open_new_tag
         end
 
         def handle_section(scanner)
@@ -310,11 +304,24 @@ module Gitlab
 
           if @sections.any?
             css_classes << "section"
-            css_classes << "js-section-header section-header" if @lineno_in_section == 0
+
+            css_classes << if @lineno_in_section == 0
+                             "js-section-header section-header"
+                           else
+                             "line"
+                           end
+
             css_classes += sections.map { |section| "js-s-#{section}" }
           end
 
-          @out << %{<span class="#{css_classes.join(' ')}">}
+          close_open_tags
+
+          @out << if css_classes.any?
+                    %{<span class="#{css_classes.join(' ')}">}
+                  else
+                    %{<span>}
+                  end
+
           @n_open_tags += 1
         end
 
diff --git a/spec/controllers/projects/jobs_controller_spec.rb b/spec/controllers/projects/jobs_controller_spec.rb
index 39ebf02dcf5..f076a5e769f 100644
--- a/spec/controllers/projects/jobs_controller_spec.rb
+++ b/spec/controllers/projects/jobs_controller_spec.rb
@@ -546,7 +546,7 @@ describe Projects::JobsController, :clean_gitlab_redis_shared_state do
         expect(response).to have_gitlab_http_status(:ok)
         expect(json_response['id']).to eq job.id
         expect(json_response['status']).to eq job.status
-        expect(json_response['html']).to eq('<span class="">BUILD TRACE</span>')
+        expect(json_response['html']).to eq('<span>BUILD TRACE</span>')
       end
     end
 
diff --git a/spec/lib/gitlab/ci/ansi2html_spec.rb b/spec/lib/gitlab/ci/ansi2html_spec.rb
index 651fdaaabca..eaf06ed8992 100644
--- a/spec/lib/gitlab/ci/ansi2html_spec.rb
+++ b/spec/lib/gitlab/ci/ansi2html_spec.rb
@@ -6,11 +6,11 @@ describe Gitlab::Ci::Ansi2html do
   subject { described_class }
 
   it "prints non-ansi as-is" do
-    expect(convert_html("Hello")).to eq('<span class="">Hello</span>')
+    expect(convert_html("Hello")).to eq('<span>Hello</span>')
   end
 
   it "strips non-color-changing control sequences" do
-    expect(convert_html("Hello \e[2Kworld")).to eq('<span class="">Hello world</span>')
+    expect(convert_html("Hello \e[2Kworld")).to eq('<span>Hello world</span>')
   end
 
   it "prints simply red" do
@@ -34,7 +34,7 @@ describe Gitlab::Ci::Ansi2html do
   end
 
   it "resets colors after red on blue" do
-    expect(convert_html("\e[31;44mHello\e[0m world")).to eq('<span class="term-fg-red term-bg-blue">Hello</span><span class=""> world</span>')
+    expect(convert_html("\e[31;44mHello\e[0m world")).to eq('<span class="term-fg-red term-bg-blue">Hello</span><span> world</span>')
   end
 
   it "performs color change from red/blue to yellow/blue" do
@@ -46,11 +46,11 @@ describe Gitlab::Ci::Ansi2html do
   end
 
   it "performs color change from red/blue to reset to yellow/green" do
-    expect(convert_html("\e[31;44mHello\e[0m \e[33;42mworld")).to eq('<span class="term-fg-red term-bg-blue">Hello</span><span class=""> </span><span class="term-fg-yellow term-bg-green">world</span>')
+    expect(convert_html("\e[31;44mHello\e[0m \e[33;42mworld")).to eq('<span class="term-fg-red term-bg-blue">Hello</span><span> </span><span class="term-fg-yellow term-bg-green">world</span>')
   end
 
   it "ignores unsupported codes" do
-    expect(convert_html("\e[51mHello\e[0m")).to eq('<span class="">Hello</span>')
+    expect(convert_html("\e[51mHello\e[0m")).to eq('<span>Hello</span>')
   end
 
   it "prints light red" do
@@ -74,8 +74,8 @@ describe Gitlab::Ci::Ansi2html do
   end
 
   it "resets bold text" do
-    expect(convert_html("\e[1mHello\e[21m world")).to eq('<span class="term-bold">Hello</span><span class=""> world</span>')
-    expect(convert_html("\e[1mHello\e[22m world")).to eq('<span class="term-bold">Hello</span><span class=""> world</span>')
+    expect(convert_html("\e[1mHello\e[21m world")).to eq('<span class="term-bold">Hello</span><span> world</span>')
+    expect(convert_html("\e[1mHello\e[22m world")).to eq('<span class="term-bold">Hello</span><span> world</span>')
   end
 
   it "prints italic text" do
@@ -83,7 +83,7 @@ describe Gitlab::Ci::Ansi2html do
   end
 
   it "resets italic text" do
-    expect(convert_html("\e[3mHello\e[23m world")).to eq('<span class="term-italic">Hello</span><span class=""> world</span>')
+    expect(convert_html("\e[3mHello\e[23m world")).to eq('<span class="term-italic">Hello</span><span> world</span>')
   end
 
   it "prints underlined text" do
@@ -91,7 +91,7 @@ describe Gitlab::Ci::Ansi2html do
   end
 
   it "resets underlined text" do
-    expect(convert_html("\e[4mHello\e[24m world")).to eq('<span class="term-underline">Hello</span><span class=""> world</span>')
+    expect(convert_html("\e[4mHello\e[24m world")).to eq('<span class="term-underline">Hello</span><span> world</span>')
   end
 
   it "prints concealed text" do
@@ -99,7 +99,7 @@ describe Gitlab::Ci::Ansi2html do
   end
 
   it "resets concealed text" do
-    expect(convert_html("\e[8mHello\e[28m world")).to eq('<span class="term-conceal">Hello</span><span class=""> world</span>')
+    expect(convert_html("\e[8mHello\e[28m world")).to eq('<span class="term-conceal">Hello</span><span> world</span>')
   end
 
   it "prints crossed-out text" do
@@ -107,7 +107,7 @@ describe Gitlab::Ci::Ansi2html do
   end
 
   it "resets crossed-out text" do
-    expect(convert_html("\e[9mHello\e[29m world")).to eq('<span class="term-cross">Hello</span><span class=""> world</span>')
+    expect(convert_html("\e[9mHello\e[29m world")).to eq('<span class="term-cross">Hello</span><span> world</span>')
   end
 
   it "can print 256 xterm fg colors" do
@@ -139,15 +139,15 @@ describe Gitlab::Ci::Ansi2html do
   end
 
   it "prints &lt;" do
-    expect(convert_html("<")).to eq('<span class="">&lt;</span>')
+    expect(convert_html("<")).to eq('<span>&lt;</span>')
   end
 
   it "replaces newlines with line break tags" do
-    expect(convert_html("\n")).to eq('<span class=""><br/><span class=""></span></span>')
+    expect(convert_html("\n")).to eq('<span><br/></span>')
   end
 
   it "groups carriage returns with newlines" do
-    expect(convert_html("\r\n")).to eq('<span class=""><br/><span class=""></span></span>')
+    expect(convert_html("\r\n")).to eq('<span><br/></span>')
   end
 
   describe "incremental update" do
@@ -184,7 +184,7 @@ describe Gitlab::Ci::Ansi2html do
 
     context "with partial sequence" do
       let(:pre_text) { "Hello\e" }
-      let(:pre_html) { "<span class=\"\">Hello</span>" }
+      let(:pre_html) { "<span>Hello</span>" }
       let(:text) { "[1m World" }
       let(:html) { "<span class=\"term-bold\"> World</span>" }
 
@@ -193,9 +193,9 @@ describe Gitlab::Ci::Ansi2html do
 
     context 'with new line' do
       let(:pre_text) { "Hello\r" }
-      let(:pre_html) { "<span class=\"\">Hello\r</span>" }
+      let(:pre_html) { "<span>Hello\r</span>" }
       let(:text) { "\nWorld" }
-      let(:html) { "<span class=\"\"><br/><span class=\"\">World</span></span>" }
+      let(:html) { "<span><br/>World</span>" }
 
       it_behaves_like 'stateable converter'
     end
@@ -222,7 +222,7 @@ describe Gitlab::Ci::Ansi2html do
         text = "#{section_start}Some text#{section_end}"
         class_name_start = section_start.gsub("\033[0K", '').gsub('<', '&lt;')
         class_name_end = section_end.gsub("\033[0K", '').gsub('<', '&lt;')
-        html = %{<span class="">#{class_name_start}Some text#{class_name_end}</span>}
+        html = %{<span>#{class_name_start}Some text#{class_name_end}</span>}
 
         expect(convert_html(text)).to eq(html)
       end
@@ -232,12 +232,11 @@ describe Gitlab::Ci::Ansi2html do
       let(:text) { "#{section_start}Some text#{section_end}" }
 
       it 'prints light red' do
-        text = "#{section_start}\e[91mHello\e[0m\n#{section_end}"
+        text = "#{section_start}\e[91mHello\e[0m\nLine 1\nLine 2\nLine 3\n#{section_end}"
         header = %{<span class="term-fg-l-red section js-section-header section-header js-s-#{class_name(section_name)}">Hello</span>}
         line_break = %{<span class="section js-section-header section-header js-s-#{class_name(section_name)}"><br/></span>}
-        line = %{<span class="section line s_#{class_name(section_name)}"></span>}
-        empty_line = %{<span class="section js-s-#{class_name(section_name)}"></span>}
-        html = "#{section_start_html}#{header}#{line_break}#{line}#{empty_line}#{section_end_html}"
+        output_line = %{<span class="section line js-s-#{class_name(section_name)}">Line 1<br/>Line 2<br/>Line 3<br/></span>}
+        html = "#{section_start_html}#{header}#{line_break}#{output_line}#{section_end_html}"
 
         expect(convert_html(text)).to eq(html)
       end
diff --git a/spec/lib/gitlab/ci/trace/stream_spec.rb b/spec/lib/gitlab/ci/trace/stream_spec.rb
index 35250632e86..af519f4bae6 100644
--- a/spec/lib/gitlab/ci/trace/stream_spec.rb
+++ b/spec/lib/gitlab/ci/trace/stream_spec.rb
@@ -65,9 +65,9 @@ describe Gitlab::Ci::Trace::Stream, :clean_gitlab_redis_cache do
           result = stream.html
 
           expect(result).to eq(
-            "<span class=\"\">ヾ(´༎ຶД༎ຶ`)ﾉ<br/><span class=\"\"></span></span>"\
-            "<span class=\"term-fg-green\">許功蓋</span><span class=\"\"><br/>"\
-            "<span class=\"\"></span></span>")
+            "<span>ヾ(´༎ຶД༎ຶ`)ﾉ<br/></span>"\
+            "<span class=\"term-fg-green\">許功蓋</span>"\
+            "<span><br/></span>")
           expect(result.encoding).to eq(Encoding.default_external)
         end
       end
@@ -253,7 +253,7 @@ describe Gitlab::Ci::Trace::Stream, :clean_gitlab_redis_cache do
       it 'returns html content with state' do
         result = stream.html_with_state
 
-        expect(result.html).to eq("<span class=\"\">1234</span>")
+        expect(result.html).to eq("<span>1234</span>")
       end
 
       context 'follow-up state' do
@@ -269,7 +269,7 @@ describe Gitlab::Ci::Trace::Stream, :clean_gitlab_redis_cache do
           result = stream.html_with_state(last_result.state)
 
           expect(result.append).to be_truthy
-          expect(result.html).to eq("<span class=\"\">5678</span>")
+          expect(result.html).to eq("<span>5678</span>")
         end
       end
     end
@@ -305,13 +305,11 @@ describe Gitlab::Ci::Trace::Stream, :clean_gitlab_redis_cache do
   describe '#html' do
     shared_examples_for 'htmls' do
       it "returns html" do
-        expect(stream.html).to eq(
-          "<span class=\"\">12<br/><span class=\"\">34<br/>"\
-          "<span class=\"\">56</span></span></span>")
+        expect(stream.html).to eq("<span>12<br/>34<br/>56</span>")
       end
 
       it "returns html for last line only" do
-        expect(stream.html(last_lines: 1)).to eq("<span class=\"\">56</span>")
+        expect(stream.html(last_lines: 1)).to eq("<span>56</span>")
       end
     end
 
diff --git a/spec/support/shared_examples/ci_trace_shared_examples.rb b/spec/support/shared_examples/ci_trace_shared_examples.rb
index 6fd4b14d51d..e2b4b50d41d 100644
--- a/spec/support/shared_examples/ci_trace_shared_examples.rb
+++ b/spec/support/shared_examples/ci_trace_shared_examples.rb
@@ -7,11 +7,11 @@ shared_examples_for 'common trace features' do
     end
 
     it "returns formatted html" do
-      expect(trace.html).to eq("<span class=\"\">12<br/><span class=\"\">34</span></span>")
+      expect(trace.html).to eq("<span>12<br/>34</span>")
     end
 
     it "returns last line of formatted html" do
-      expect(trace.html(last_lines: 1)).to eq("<span class=\"\">34</span>")
+      expect(trace.html(last_lines: 1)).to eq("<span>34</span>")
     end
   end
 
-- 
cgit v1.2.1


From e5e1c907c01b53194f77e8d8de53554ba1824e7c Mon Sep 17 00:00:00 2001
From: George Koltsov <gkoltsov@gitlab.com>
Date: Fri, 26 Jul 2019 11:21:52 +0100
Subject: Add outbound requests setting for system hooks

This MR adds new application setting to network section
`allow_local_requests_from_system_hooks`. Prior to this change
system hooks were allowed to do local network requests by default
and we are adding an ability for admins to control it.
---
 app/helpers/application_settings_helper.rb         |  3 +-
 app/models/application_setting_implementation.rb   |  3 +-
 app/models/hooks/system_hook.rb                    |  5 ++-
 app/models/hooks/web_hook.rb                       |  2 +-
 app/services/web_hook_service.rb                   |  6 ++-
 app/validators/addressable_url_validator.rb        |  2 +-
 app/validators/system_hook_url_validator.rb        | 30 +++++++++++++++
 .../admin/application_settings/_outbound.html.haml | 10 +++--
 ..._from_hooks_and_services_application_setting.rb | 15 ++++++++
 ...ts_from_system_hooks_to_application_settings.rb | 18 +++++++++
 db/schema.rb                                       |  3 +-
 doc/api/settings.md                                |  3 +-
 lib/gitlab/http_connection_adapter.rb              |  4 +-
 lib/gitlab/kubernetes/kube_client.rb               |  2 +-
 locale/gitlab.pot                                  |  5 ++-
 spec/features/admin/admin_settings_spec.rb         |  7 +++-
 spec/lib/gitlab/http_spec.rb                       |  6 +--
 spec/lib/gitlab/kubernetes/kube_client_spec.rb     |  2 +-
 spec/models/clusters/platforms/kubernetes_spec.rb  |  2 +-
 spec/models/lfs_download_object_spec.rb            |  2 +-
 .../lfs_pointers/lfs_download_service_spec.rb      |  2 +-
 .../self_monitoring/project/create_service_spec.rb |  2 +-
 spec/services/web_hook_service_spec.rb             | 44 ++++++++++++++++++----
 23 files changed, 144 insertions(+), 34 deletions(-)
 create mode 100644 app/validators/system_hook_url_validator.rb
 create mode 100644 db/migrate/20190726101050_rename_allow_local_requests_from_hooks_and_services_application_setting.rb
 create mode 100644 db/migrate/20190726101133_add_allow_local_requests_from_system_hooks_to_application_settings.rb

diff --git a/app/helpers/application_settings_helper.rb b/app/helpers/application_settings_helper.rb
index 3847a35fbab..a646b62027a 100644
--- a/app/helpers/application_settings_helper.rb
+++ b/app/helpers/application_settings_helper.rb
@@ -159,7 +159,8 @@ module ApplicationSettingsHelper
       :after_sign_up_text,
       :akismet_api_key,
       :akismet_enabled,
-      :allow_local_requests_from_hooks_and_services,
+      :allow_local_requests_from_web_hooks_and_services,
+      :allow_local_requests_from_system_hooks,
       :dns_rebinding_protection_enabled,
       :archive_builds_in_human_readable,
       :authorized_keys_enabled,
diff --git a/app/models/application_setting_implementation.rb b/app/models/application_setting_implementation.rb
index 4bb09bf3b53..b7a4d7aa803 100644
--- a/app/models/application_setting_implementation.rb
+++ b/app/models/application_setting_implementation.rb
@@ -21,7 +21,8 @@ module ApplicationSettingImplementation
       {
         after_sign_up_text: nil,
         akismet_enabled: false,
-        allow_local_requests_from_hooks_and_services: false,
+        allow_local_requests_from_web_hooks_and_services: false,
+        allow_local_requests_from_system_hooks: true,
         dns_rebinding_protection_enabled: true,
         authorized_keys_enabled: true, # TODO default to false if the instance is configured to use AuthorizedKeysCommand
         container_registry_token_expire_delay: 5,
diff --git a/app/models/hooks/system_hook.rb b/app/models/hooks/system_hook.rb
index 90b4588a325..b83913c845f 100644
--- a/app/models/hooks/system_hook.rb
+++ b/app/models/hooks/system_hook.rb
@@ -14,8 +14,11 @@ class SystemHook < WebHook
   default_value_for :repository_update_events, true
   default_value_for :merge_requests_events, false
 
+  validates :url, presence: true, public_url: false, system_hook_url: { allow_localhost: lambda(&:allow_local_requests?),
+                                                                        allow_local_network: lambda(&:allow_local_requests?) }
+
   # Allow urls pointing localhost and the local network
   def allow_local_requests?
-    true
+    Gitlab::CurrentSettings.allow_local_requests_from_system_hooks?
   end
 end
diff --git a/app/models/hooks/web_hook.rb b/app/models/hooks/web_hook.rb
index daf7ff4b771..3203bb024ab 100644
--- a/app/models/hooks/web_hook.rb
+++ b/app/models/hooks/web_hook.rb
@@ -35,6 +35,6 @@ class WebHook < ApplicationRecord
 
   # Allow urls pointing localhost and the local network
   def allow_local_requests?
-    false
+    Gitlab::CurrentSettings.allow_local_requests_from_web_hooks_and_services?
   end
 end
diff --git a/app/services/web_hook_service.rb b/app/services/web_hook_service.rb
index 6d675c026bb..8c294218708 100644
--- a/app/services/web_hook_service.rb
+++ b/app/services/web_hook_service.rb
@@ -17,8 +17,10 @@ class WebHookService
     @hook = hook
     @data = data
     @hook_name = hook_name.to_s
-    @request_options = { timeout: Gitlab.config.gitlab.webhook_timeout }
-    @request_options.merge!(allow_local_requests: true) if @hook.is_a?(SystemHook)
+    @request_options = {
+      timeout: Gitlab.config.gitlab.webhook_timeout,
+      allow_local_requests: hook.allow_local_requests?
+    }
   end
 
   def execute
diff --git a/app/validators/addressable_url_validator.rb b/app/validators/addressable_url_validator.rb
index 273e15ef925..bb445499cee 100644
--- a/app/validators/addressable_url_validator.rb
+++ b/app/validators/addressable_url_validator.rb
@@ -107,6 +107,6 @@ class AddressableUrlValidator < ActiveModel::EachValidator
     # calls this validator.
     #
     # See https://gitlab.com/gitlab-org/gitlab-ee/issues/9833
-    ApplicationSetting.current&.allow_local_requests_from_hooks_and_services?
+    ApplicationSetting.current&.allow_local_requests_from_web_hooks_and_services?
   end
 end
diff --git a/app/validators/system_hook_url_validator.rb b/app/validators/system_hook_url_validator.rb
new file mode 100644
index 00000000000..c8c0007e35b
--- /dev/null
+++ b/app/validators/system_hook_url_validator.rb
@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+# SystemHookUrlValidator
+#
+# Custom validator specifically for SystemHook URLs. This validator works like AddressableUrlValidator but
+# it blocks urls pointing to localhost or the local network depending on
+# ApplicationSetting.allow_local_requests_from_system_hooks
+#
+# Example:
+#
+#   class SystemHook < WebHook
+#     validates :url, system_hook_url: { allow_localhost: true, allow_local_network: true }
+#   end
+#
+class SystemHookUrlValidator < AddressableUrlValidator
+  DEFAULT_OPTIONS = {
+    allow_localhost: true,
+    allow_local_network: true
+  }.freeze
+
+  def initialize(options)
+    options.reverse_merge!(DEFAULT_OPTIONS)
+
+    super(options)
+  end
+
+  def self.allow_setting_local_requests?
+    ApplicationSetting.current&.allow_local_requests_from_system_hooks?
+  end
+end
diff --git a/app/views/admin/application_settings/_outbound.html.haml b/app/views/admin/application_settings/_outbound.html.haml
index 4fecdb59e1d..d39e192d604 100644
--- a/app/views/admin/application_settings/_outbound.html.haml
+++ b/app/views/admin/application_settings/_outbound.html.haml
@@ -4,9 +4,13 @@
   %fieldset
     .form-group
       .form-check
-        = f.check_box :allow_local_requests_from_hooks_and_services, class: 'form-check-input'
-        = f.label :allow_local_requests_from_hooks_and_services, class: 'form-check-label' do
-          Allow requests to the local network from hooks and services
+        = f.check_box :allow_local_requests_from_web_hooks_and_services, class: 'form-check-input'
+        = f.label :allow_local_requests_from_web_hooks_and_services, class: 'form-check-label' do
+          Allow requests to the local network from web hooks and services
+      .form-check
+        = f.check_box :allow_local_requests_from_system_hooks, class: 'form-check-input'
+        = f.label :allow_local_requests_from_system_hooks, class: 'form-check-label' do
+          Allow requests to the local network from system hooks
 
     .form-group
       = f.label :outbound_local_requests_whitelist_raw, class: 'label-bold' do
diff --git a/db/migrate/20190726101050_rename_allow_local_requests_from_hooks_and_services_application_setting.rb b/db/migrate/20190726101050_rename_allow_local_requests_from_hooks_and_services_application_setting.rb
new file mode 100644
index 00000000000..f1ba7da9fc7
--- /dev/null
+++ b/db/migrate/20190726101050_rename_allow_local_requests_from_hooks_and_services_application_setting.rb
@@ -0,0 +1,15 @@
+class RenameAllowLocalRequestsFromHooksAndServicesApplicationSetting < ActiveRecord::Migration[5.2]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    rename_column :application_settings, :allow_local_requests_from_hooks_and_services, :allow_local_requests_from_web_hooks_and_services
+  end
+
+  def down
+    rename_column :application_settings, :allow_local_requests_from_web_hooks_and_services, :allow_local_requests_from_hooks_and_services
+  end
+end
diff --git a/db/migrate/20190726101133_add_allow_local_requests_from_system_hooks_to_application_settings.rb b/db/migrate/20190726101133_add_allow_local_requests_from_system_hooks_to_application_settings.rb
new file mode 100644
index 00000000000..ed58d4e57fc
--- /dev/null
+++ b/db/migrate/20190726101133_add_allow_local_requests_from_system_hooks_to_application_settings.rb
@@ -0,0 +1,18 @@
+class AddAllowLocalRequestsFromSystemHooksToApplicationSettings < ActiveRecord::Migration[5.2]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_column_with_default(:application_settings, :allow_local_requests_from_system_hooks,
+                            :boolean,
+                            default: true,
+                            allow_null: false)
+  end
+
+  def down
+    remove_column(:application_settings, :allow_local_requests_from_system_hooks)
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 709f9ce2541..e2ae13174cd 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -183,7 +183,7 @@ ActiveRecord::Schema.define(version: 2019_07_31_084415) do
     t.string "external_authorization_service_default_label"
     t.boolean "pages_domain_verification_enabled", default: true, null: false
     t.string "user_default_internal_regex"
-    t.boolean "allow_local_requests_from_hooks_and_services", default: false, null: false
+    t.boolean "allow_local_requests_from_web_hooks_and_services", default: false, null: false
     t.float "external_authorization_service_timeout", default: 0.5
     t.text "external_auth_client_cert"
     t.text "encrypted_external_auth_client_key"
@@ -230,6 +230,7 @@ ActiveRecord::Schema.define(version: 2019_07_31_084415) do
     t.string "grafana_url", default: "/-/grafana", null: false
     t.string "outbound_local_requests_whitelist", limit: 255, default: [], null: false, array: true
     t.integer "raw_blob_request_limit", default: 300, null: false
+    t.boolean "allow_local_requests_from_system_hooks", default: true, null: false
     t.index ["custom_project_templates_group_id"], name: "index_application_settings_on_custom_project_templates_group_id"
     t.index ["file_template_project_id"], name: "index_application_settings_on_file_template_project_id"
     t.index ["usage_stats_set_by_user_id"], name: "index_application_settings_on_usage_stats_set_by_user_id"
diff --git a/doc/api/settings.md b/doc/api/settings.md
index c3ac70f0579..f17a49cfc89 100644
--- a/doc/api/settings.md
+++ b/doc/api/settings.md
@@ -177,7 +177,8 @@ are listed in the descriptions of the relevant settings.
 | `akismet_api_key`                        | string           | required by: `akismet_enabled`       | API key for akismet spam protection. |
 | `akismet_enabled`                        | boolean          | no                                   | (**If enabled, requires:** `akismet_api_key`) Enable or disable akismet spam protection. |
 | `allow_group_owners_to_manage_ldap`      | boolean          | no                                   | **(PREMIUM)** Set to `true` to allow group owners to manage LDAP |
-| `allow_local_requests_from_hooks_and_services` | boolean    | no                                   | Allow requests to the local network from hooks and services. |
+| `allow_local_requests_from_web_hooks_and_services` | boolean    | no                                   | Allow requests to the local network from web hooks and services. |
+| `allow_local_requests_from_system_hooks` | boolean    | no                                   | Allow requests to the local network from system hooks. |
 | `authorized_keys_enabled`                | boolean          | no                                   | By default, we write to the `authorized_keys` file to support Git over SSH without additional configuration. GitLab can be optimized to authenticate SSH keys via the database file. Only disable this if you have configured your OpenSSH server to use the AuthorizedKeysCommand. |
 | `auto_devops_domain`                     | string           | no                                   | Specify a domain to use by default for every project's Auto Review Apps and Auto Deploy stages. |
 | `auto_devops_enabled`                    | boolean          | no                                   | Enable Auto DevOps for projects by default. It will automatically build, test, and deploy applications based on a predefined CI/CD configuration. |
diff --git a/lib/gitlab/http_connection_adapter.rb b/lib/gitlab/http_connection_adapter.rb
index 41eab3658bc..84eb60f3a5d 100644
--- a/lib/gitlab/http_connection_adapter.rb
+++ b/lib/gitlab/http_connection_adapter.rb
@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # This class is part of the Gitlab::HTTP wrapper. Depending on the value
-# of the global setting allow_local_requests_from_hooks_and_services this adapter
+# of the global setting allow_local_requests_from_web_hooks_and_services this adapter
 # will allow/block connection to internal IPs and/or urls.
 #
 # This functionality can be overridden by providing the setting the option
@@ -38,7 +38,7 @@ module Gitlab
     end
 
     def allow_settings_local_requests?
-      Gitlab::CurrentSettings.allow_local_requests_from_hooks_and_services?
+      Gitlab::CurrentSettings.allow_local_requests_from_web_hooks_and_services?
     end
   end
 end
diff --git a/lib/gitlab/kubernetes/kube_client.rb b/lib/gitlab/kubernetes/kube_client.rb
index 1350924cd76..64317225ec6 100644
--- a/lib/gitlab/kubernetes/kube_client.rb
+++ b/lib/gitlab/kubernetes/kube_client.rb
@@ -128,7 +128,7 @@ module Gitlab
       private
 
       def validate_url!
-        return if Gitlab::CurrentSettings.allow_local_requests_from_hooks_and_services?
+        return if Gitlab::CurrentSettings.allow_local_requests_from_web_hooks_and_services?
 
         Gitlab::UrlBlocker.validate!(api_prefix, allow_local_network: false)
       end
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 5e9e371a5fc..cca55aeb8bd 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -945,7 +945,10 @@ msgstr ""
 msgid "Allow rendering of PlantUML diagrams in Asciidoc documents."
 msgstr ""
 
-msgid "Allow requests to the local network from hooks and services."
+msgid "Allow requests to the local network from web hooks and services."
+msgstr ""
+
+msgid "Allow requests to the local network from system hooks."
 msgstr ""
 
 msgid "Allow this key to push to repository as well? (Default only allows pull access.)"
diff --git a/spec/features/admin/admin_settings_spec.rb b/spec/features/admin/admin_settings_spec.rb
index c77605f3869..ddd87404003 100644
--- a/spec/features/admin/admin_settings_spec.rb
+++ b/spec/features/admin/admin_settings_spec.rb
@@ -338,14 +338,17 @@ describe 'Admin updates settings' do
       visit network_admin_application_settings_path
 
       page.within('.as-outbound') do
-        check 'Allow requests to the local network from hooks and services'
+        check 'Allow requests to the local network from web hooks and services'
+        # Enabled by default
+        uncheck 'Allow requests to the local network from system hooks'
         # Enabled by default
         uncheck 'Enforce DNS rebinding attack protection'
         click_button 'Save changes'
       end
 
       expect(page).to have_content "Application settings saved successfully"
-      expect(current_settings.allow_local_requests_from_hooks_and_services).to be true
+      expect(current_settings.allow_local_requests_from_web_hooks_and_services).to be true
+      expect(current_settings.allow_local_requests_from_system_hooks).to be false
       expect(current_settings.dns_rebinding_protection_enabled).to be false
     end
   end
diff --git a/spec/lib/gitlab/http_spec.rb b/spec/lib/gitlab/http_spec.rb
index 158f77cab2c..d3f9be845dd 100644
--- a/spec/lib/gitlab/http_spec.rb
+++ b/spec/lib/gitlab/http_spec.rb
@@ -23,14 +23,14 @@ describe Gitlab::HTTP do
     end
   end
 
-  describe 'allow_local_requests_from_hooks_and_services is' do
+  describe 'allow_local_requests_from_web_hooks_and_services is' do
     before do
       WebMock.stub_request(:get, /.*/).to_return(status: 200, body: 'Success')
     end
 
     context 'disabled' do
       before do
-        allow(Gitlab::CurrentSettings).to receive(:allow_local_requests_from_hooks_and_services?).and_return(false)
+        allow(Gitlab::CurrentSettings).to receive(:allow_local_requests_from_web_hooks_and_services?).and_return(false)
       end
 
       it 'deny requests to localhost' do
@@ -52,7 +52,7 @@ describe Gitlab::HTTP do
 
     context 'enabled' do
       before do
-        allow(Gitlab::CurrentSettings).to receive(:allow_local_requests_from_hooks_and_services?).and_return(true)
+        allow(Gitlab::CurrentSettings).to receive(:allow_local_requests_from_web_hooks_and_services?).and_return(true)
       end
 
       it 'allow requests to localhost' do
diff --git a/spec/lib/gitlab/kubernetes/kube_client_spec.rb b/spec/lib/gitlab/kubernetes/kube_client_spec.rb
index 97ebb5f1554..f49d4e23e39 100644
--- a/spec/lib/gitlab/kubernetes/kube_client_spec.rb
+++ b/spec/lib/gitlab/kubernetes/kube_client_spec.rb
@@ -58,7 +58,7 @@ describe Gitlab::Kubernetes::KubeClient do
 
       context 'when local requests are allowed' do
         before do
-          stub_application_setting(allow_local_requests_from_hooks_and_services: true)
+          stub_application_setting(allow_local_requests_from_web_hooks_and_services: true)
         end
 
         it 'allows local addresses' do
diff --git a/spec/models/clusters/platforms/kubernetes_spec.rb b/spec/models/clusters/platforms/kubernetes_spec.rb
index 471769e4aab..5811016ea4d 100644
--- a/spec/models/clusters/platforms/kubernetes_spec.rb
+++ b/spec/models/clusters/platforms/kubernetes_spec.rb
@@ -106,7 +106,7 @@ describe Clusters::Platforms::Kubernetes do
           before do
             allow(ApplicationSetting)
               .to receive(:current)
-              .and_return(ApplicationSetting.build_from_defaults(allow_local_requests_from_hooks_and_services: true))
+              .and_return(ApplicationSetting.build_from_defaults(allow_local_requests_from_web_hooks_and_services: true))
           end
 
           it { expect(kubernetes.save).to be_truthy }
diff --git a/spec/models/lfs_download_object_spec.rb b/spec/models/lfs_download_object_spec.rb
index effd8b08124..8b53effe98f 100644
--- a/spec/models/lfs_download_object_spec.rb
+++ b/spec/models/lfs_download_object_spec.rb
@@ -50,7 +50,7 @@ describe LfsDownloadObject do
         before do
           allow(ApplicationSetting)
             .to receive(:current)
-              .and_return(ApplicationSetting.build_from_defaults(allow_local_requests_from_hooks_and_services: setting))
+              .and_return(ApplicationSetting.build_from_defaults(allow_local_requests_from_web_hooks_and_services: setting))
         end
 
         context 'are allowed' do
diff --git a/spec/services/projects/lfs_pointers/lfs_download_service_spec.rb b/spec/services/projects/lfs_pointers/lfs_download_service_spec.rb
index 75d534c59bf..970e82e7107 100644
--- a/spec/services/projects/lfs_pointers/lfs_download_service_spec.rb
+++ b/spec/services/projects/lfs_pointers/lfs_download_service_spec.rb
@@ -17,7 +17,7 @@ describe Projects::LfsPointers::LfsDownloadService do
   before do
     ApplicationSetting.create_from_defaults
 
-    stub_application_setting(allow_local_requests_from_hooks_and_services: local_request_setting)
+    stub_application_setting(allow_local_requests_from_web_hooks_and_services: local_request_setting)
     allow(project).to receive(:lfs_enabled?).and_return(true)
   end
 
diff --git a/spec/services/self_monitoring/project/create_service_spec.rb b/spec/services/self_monitoring/project/create_service_spec.rb
index a1e7aaf45f2..87d7d776a69 100644
--- a/spec/services/self_monitoring/project/create_service_spec.rb
+++ b/spec/services/self_monitoring/project/create_service_spec.rb
@@ -37,7 +37,7 @@ describe SelfMonitoring::Project::CreateService do
         allow(ApplicationSetting)
           .to receive(:current)
           .and_return(
-            ApplicationSetting.build_from_defaults(allow_local_requests_from_hooks_and_services: true)
+            ApplicationSetting.build_from_defaults(allow_local_requests_from_web_hooks_and_services: true)
           )
       end
 
diff --git a/spec/services/web_hook_service_spec.rb b/spec/services/web_hook_service_spec.rb
index 37bafc0c002..8353fade5ea 100644
--- a/spec/services/web_hook_service_spec.rb
+++ b/spec/services/web_hook_service_spec.rb
@@ -19,15 +19,43 @@ describe WebHookService do
   let(:service_instance) { described_class.new(project_hook, data, :push_hooks) }
 
   describe '#initialize' do
-    it 'allow_local_requests is true if hook is a SystemHook' do
-      instance = described_class.new(build(:system_hook), data, :system_hook)
-      expect(instance.request_options[:allow_local_requests]).to be_truthy
-    end
+    context 'when SystemHook' do
+      context 'when allow_local_requests_from_system_hooks application setting is true' do
+        it 'allows local requests' do
+          stub_application_setting(allow_local_requests_from_system_hooks: true)
+          instance = described_class.new(build(:system_hook), data, :system_hook)
+
+          expect(instance.request_options[:allow_local_requests]).to be_truthy
+        end
+      end
 
-    it 'allow_local_requests is false if hook is not a SystemHook' do
-      %i(project_hook service_hook web_hook_log).each do |hook|
-        instance = described_class.new(build(hook), data, hook)
-        expect(instance.request_options[:allow_local_requests]).to be_falsey
+      context 'when allow_local_requests_from_system_hooks application setting is false' do
+        it 'denies local requests' do
+          stub_application_setting(allow_local_requests_from_system_hooks: false)
+          instance = described_class.new(build(:system_hook), data, :system_hook)
+
+          expect(instance.request_options[:allow_local_requests]).to be_falsey
+        end
+      end
+
+      context 'when ProjectHook' do
+        context 'when allow_local_requests_from_web_hooks_and_services application setting is true' do
+          it 'allows local requests' do
+            stub_application_setting(allow_local_requests_from_web_hooks_and_services: true)
+            instance = described_class.new(build(:project_hook), data, :project_hook)
+
+            expect(instance.request_options[:allow_local_requests]).to be_truthy
+          end
+        end
+
+        context 'when allow_local_requests_from_system_hooks application setting is false' do
+          it 'denies local requests' do
+            stub_application_setting(allow_local_requests_from_web_hooks_and_services: false)
+            instance = described_class.new(build(:project_hook), data, :project_hook)
+
+            expect(instance.request_options[:allow_local_requests]).to be_falsey
+          end
+        end
       end
     end
   end
-- 
cgit v1.2.1


From 6c42088fe2fb1970550d9b418dab785af26fcbf5 Mon Sep 17 00:00:00 2001
From: George Koltsov <gkoltsov@gitlab.com>
Date: Fri, 26 Jul 2019 11:59:05 +0100
Subject: Add changelog entry

---
 .../unreleased/georgekoltsov-55474-outbound-setting-system-hooks.yml | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changelogs/unreleased/georgekoltsov-55474-outbound-setting-system-hooks.yml

diff --git a/changelogs/unreleased/georgekoltsov-55474-outbound-setting-system-hooks.yml b/changelogs/unreleased/georgekoltsov-55474-outbound-setting-system-hooks.yml
new file mode 100644
index 00000000000..46b4a408a27
--- /dev/null
+++ b/changelogs/unreleased/georgekoltsov-55474-outbound-setting-system-hooks.yml
@@ -0,0 +1,5 @@
+---
+title: Add new outbound network requests application setting for system hooks
+merge_request: 31177
+author:
+type: changed
-- 
cgit v1.2.1


From 7fe145b1b5854a0918d0c04e8f79d8aacd81561e Mon Sep 17 00:00:00 2001
From: George Koltsov <gkoltsov@gitlab.com>
Date: Fri, 26 Jul 2019 12:23:38 +0100
Subject: Add SystemHookUrlValidator spec

---
 spec/validators/system_hook_url_validator_spec.rb | 51 +++++++++++++++++++++++
 1 file changed, 51 insertions(+)
 create mode 100644 spec/validators/system_hook_url_validator_spec.rb

diff --git a/spec/validators/system_hook_url_validator_spec.rb b/spec/validators/system_hook_url_validator_spec.rb
new file mode 100644
index 00000000000..0862a67df9f
--- /dev/null
+++ b/spec/validators/system_hook_url_validator_spec.rb
@@ -0,0 +1,51 @@
+require 'spec_helper'
+
+describe SystemHookUrlValidator do
+  include_examples 'url validator examples', AddressableUrlValidator::DEFAULT_OPTIONS[:schemes]
+
+  context 'by default' do
+    let(:validator) { described_class.new(attributes: [:link_url]) }
+    let!(:badge) { build(:badge, link_url: 'http://www.example.com') }
+
+    subject { validator.validate(badge) }
+
+    it 'does not block urls pointing to localhost' do
+      badge.link_url = 'https://127.0.0.1'
+
+      subject
+
+      expect(badge.errors).not_to be_present
+    end
+
+    it 'does not block urls pointing to the local network' do
+      badge.link_url = 'https://192.168.1.1'
+
+      subject
+
+      expect(badge.errors).not_to be_present
+    end
+  end
+
+  context 'when local requests are not allowed' do
+    let(:validator) { described_class.new(attributes: [:link_url], allow_localhost: false, allow_local_network: false) }
+    let!(:badge) { build(:badge, link_url: 'http://www.example.com') }
+
+    subject { validator.validate(badge) }
+
+    it 'blocks urls pointing to localhost' do
+      badge.link_url = 'https://127.0.0.1'
+
+      subject
+
+      expect(badge.errors).to be_present
+    end
+
+    it 'blocks urls pointing to the local network' do
+      badge.link_url = 'https://192.168.1.1'
+
+      subject
+
+      expect(badge.errors).to be_present
+    end
+  end
+end
-- 
cgit v1.2.1


From 5a19a43a13031de83af2d241498465a882421270 Mon Sep 17 00:00:00 2001
From: George Koltsov <gkoltsov@gitlab.com>
Date: Fri, 26 Jul 2019 13:08:05 +0100
Subject: Update translations in gitlab.pot

---
 app/views/admin/application_settings/_outbound.html.haml           | 4 ++--
 ...w_local_requests_from_hooks_and_services_application_setting.rb | 2 ++
 ...low_local_requests_from_system_hooks_to_application_settings.rb | 2 ++
 locale/gitlab.pot                                                  | 7 +++++--
 spec/validators/system_hook_url_validator_spec.rb                  | 2 ++
 5 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/app/views/admin/application_settings/_outbound.html.haml b/app/views/admin/application_settings/_outbound.html.haml
index d39e192d604..ad26f52aea7 100644
--- a/app/views/admin/application_settings/_outbound.html.haml
+++ b/app/views/admin/application_settings/_outbound.html.haml
@@ -6,11 +6,11 @@
       .form-check
         = f.check_box :allow_local_requests_from_web_hooks_and_services, class: 'form-check-input'
         = f.label :allow_local_requests_from_web_hooks_and_services, class: 'form-check-label' do
-          Allow requests to the local network from web hooks and services
+          = _('Allow requests to the local network from web hooks and services')
       .form-check
         = f.check_box :allow_local_requests_from_system_hooks, class: 'form-check-input'
         = f.label :allow_local_requests_from_system_hooks, class: 'form-check-label' do
-          Allow requests to the local network from system hooks
+          = _('Allow requests to the local network from system hooks')
 
     .form-group
       = f.label :outbound_local_requests_whitelist_raw, class: 'label-bold' do
diff --git a/db/migrate/20190726101050_rename_allow_local_requests_from_hooks_and_services_application_setting.rb b/db/migrate/20190726101050_rename_allow_local_requests_from_hooks_and_services_application_setting.rb
index f1ba7da9fc7..e3e8514427c 100644
--- a/db/migrate/20190726101050_rename_allow_local_requests_from_hooks_and_services_application_setting.rb
+++ b/db/migrate/20190726101050_rename_allow_local_requests_from_hooks_and_services_application_setting.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class RenameAllowLocalRequestsFromHooksAndServicesApplicationSetting < ActiveRecord::Migration[5.2]
   include Gitlab::Database::MigrationHelpers
 
diff --git a/db/migrate/20190726101133_add_allow_local_requests_from_system_hooks_to_application_settings.rb b/db/migrate/20190726101133_add_allow_local_requests_from_system_hooks_to_application_settings.rb
index ed58d4e57fc..c0ecdbf4e37 100644
--- a/db/migrate/20190726101133_add_allow_local_requests_from_system_hooks_to_application_settings.rb
+++ b/db/migrate/20190726101133_add_allow_local_requests_from_system_hooks_to_application_settings.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class AddAllowLocalRequestsFromSystemHooksToApplicationSettings < ActiveRecord::Migration[5.2]
   include Gitlab::Database::MigrationHelpers
 
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index cca55aeb8bd..c4ee722c4a2 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -945,10 +945,13 @@ msgstr ""
 msgid "Allow rendering of PlantUML diagrams in Asciidoc documents."
 msgstr ""
 
-msgid "Allow requests to the local network from web hooks and services."
+msgid "Allow requests to the local network from hooks and services."
 msgstr ""
 
-msgid "Allow requests to the local network from system hooks."
+msgid "Allow requests to the local network from system hooks"
+msgstr ""
+
+msgid "Allow requests to the local network from web hooks and services"
 msgstr ""
 
 msgid "Allow this key to push to repository as well? (Default only allows pull access.)"
diff --git a/spec/validators/system_hook_url_validator_spec.rb b/spec/validators/system_hook_url_validator_spec.rb
index 0862a67df9f..fc4261666e7 100644
--- a/spec/validators/system_hook_url_validator_spec.rb
+++ b/spec/validators/system_hook_url_validator_spec.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe SystemHookUrlValidator do
-- 
cgit v1.2.1


From ac7661924eebd6eb0fa72848e2b4bf4391ebf113 Mon Sep 17 00:00:00 2001
From: George Koltsov <gkoltsov@gitlab.com>
Date: Fri, 26 Jul 2019 14:03:06 +0100
Subject: Update security/webhooks.md doc page & specs

Updating security/webhooks.md to match new behaviour
as well as drying up few specs to extract shared
examples
---
 app/validators/system_hook_url_validator.rb       |   6 +--
 doc/security/img/outbound_requests_section_v2.png | Bin 0 -> 21108 bytes
 doc/security/webhooks.md                          |   8 ++--
 spec/services/web_hook_service_spec.rb            |  50 +++++++++-------------
 spec/validators/system_hook_url_validator_spec.rb |  25 ++++++-----
 5 files changed, 43 insertions(+), 46 deletions(-)
 create mode 100644 doc/security/img/outbound_requests_section_v2.png

diff --git a/app/validators/system_hook_url_validator.rb b/app/validators/system_hook_url_validator.rb
index c8c0007e35b..e482828685d 100644
--- a/app/validators/system_hook_url_validator.rb
+++ b/app/validators/system_hook_url_validator.rb
@@ -2,7 +2,7 @@
 
 # SystemHookUrlValidator
 #
-# Custom validator specifically for SystemHook URLs. This validator works like AddressableUrlValidator but
+# Custom validator specific to SystemHook URLs. This validator works like AddressableUrlValidator but
 # it blocks urls pointing to localhost or the local network depending on
 # ApplicationSetting.allow_local_requests_from_system_hooks
 #
@@ -14,8 +14,8 @@
 #
 class SystemHookUrlValidator < AddressableUrlValidator
   DEFAULT_OPTIONS = {
-    allow_localhost: true,
-    allow_local_network: true
+    allow_localhost: false,
+    allow_local_network: false
   }.freeze
 
   def initialize(options)
diff --git a/doc/security/img/outbound_requests_section_v2.png b/doc/security/img/outbound_requests_section_v2.png
new file mode 100644
index 00000000000..4fd3c7d9fce
Binary files /dev/null and b/doc/security/img/outbound_requests_section_v2.png differ
diff --git a/doc/security/webhooks.md b/doc/security/webhooks.md
index 1194234a295..401df02e5c3 100644
--- a/doc/security/webhooks.md
+++ b/doc/security/webhooks.md
@@ -34,15 +34,15 @@ to 127.0.0.1, ::1 and 0.0.0.0, as well as IPv4 10.0.0.0/8, 172.16.0.0/12,
 192.168.0.0/16 and IPv6 site-local (ffc0::/10) addresses won't be allowed.
 
 This behavior can be overridden by enabling the option *"Allow requests to the
-local network from hooks and services"* in the *"Outbound requests"* section
+local network from web hooks and services"* in the *"Outbound requests"* section
 inside the Admin area under **Settings**
 (`/admin/application_settings/network`):
 
-![Outbound requests admin settings](img/outbound_requests_section.png)
+![Outbound requests admin settings](img/outbound_requests_section_v2.png)
 
 >**Note:**
-*System hooks* are exempt from this protection because they are set up by
-admins.
+*System hooks* are enabled to make requests to local network by default since they are set up by admins. 
+However, it can be turned off by disabling *"Allow requests to the local network from system hooks"* option.
 
 <!-- ## Troubleshooting
 
diff --git a/spec/services/web_hook_service_spec.rb b/spec/services/web_hook_service_spec.rb
index 8353fade5ea..115599bd1a4 100644
--- a/spec/services/web_hook_service_spec.rb
+++ b/spec/services/web_hook_service_spec.rb
@@ -19,44 +19,36 @@ describe WebHookService do
   let(:service_instance) { described_class.new(project_hook, data, :push_hooks) }
 
   describe '#initialize' do
-    context 'when SystemHook' do
-      context 'when allow_local_requests_from_system_hooks application setting is true' do
-        it 'allows local requests' do
-          stub_application_setting(allow_local_requests_from_system_hooks: true)
-          instance = described_class.new(build(:system_hook), data, :system_hook)
+    before do
+      stub_application_setting(setting_name => setting)
+    end
 
-          expect(instance.request_options[:allow_local_requests]).to be_truthy
-        end
+    shared_examples_for 'respecting outbound network setting' do
+      context 'local requests are allowed' do
+        let(:setting) { true }
+
+        it { expect(hook.request_options[:allow_local_requests]).to be_truthy }
       end
 
-      context 'when allow_local_requests_from_system_hooks application setting is false' do
-        it 'denies local requests' do
-          stub_application_setting(allow_local_requests_from_system_hooks: false)
-          instance = described_class.new(build(:system_hook), data, :system_hook)
+      context 'local requests are not allowed' do
+        let(:setting) { false }
 
-          expect(instance.request_options[:allow_local_requests]).to be_falsey
-        end
+        it { expect(hook.request_options[:allow_local_requests]).to be_falsey }
       end
+    end
 
-      context 'when ProjectHook' do
-        context 'when allow_local_requests_from_web_hooks_and_services application setting is true' do
-          it 'allows local requests' do
-            stub_application_setting(allow_local_requests_from_web_hooks_and_services: true)
-            instance = described_class.new(build(:project_hook), data, :project_hook)
+    context 'when SystemHook' do
+      let(:setting_name) { :allow_local_requests_from_system_hooks }
+      let(:hook) { described_class.new(build(:system_hook), data, :system_hook) }
 
-            expect(instance.request_options[:allow_local_requests]).to be_truthy
-          end
-        end
+      include_examples 'respecting outbound network setting'
+    end
 
-        context 'when allow_local_requests_from_system_hooks application setting is false' do
-          it 'denies local requests' do
-            stub_application_setting(allow_local_requests_from_web_hooks_and_services: false)
-            instance = described_class.new(build(:project_hook), data, :project_hook)
+    context 'when ProjectHook' do
+      let(:setting_name) { :allow_local_requests_from_web_hooks_and_services }
+      let(:hook) { described_class.new(build(:project_hook), data, :project_hook) }
 
-            expect(instance.request_options[:allow_local_requests]).to be_falsey
-          end
-        end
-      end
+      include_examples 'respecting outbound network setting'
     end
   end
 
diff --git a/spec/validators/system_hook_url_validator_spec.rb b/spec/validators/system_hook_url_validator_spec.rb
index fc4261666e7..78e95db2b47 100644
--- a/spec/validators/system_hook_url_validator_spec.rb
+++ b/spec/validators/system_hook_url_validator_spec.rb
@@ -11,43 +11,48 @@ describe SystemHookUrlValidator do
 
     subject { validator.validate(badge) }
 
-    it 'does not block urls pointing to localhost' do
+    it 'blocks urls pointing to localhost' do
       badge.link_url = 'https://127.0.0.1'
 
       subject
 
-      expect(badge.errors).not_to be_present
+      expect(badge.errors).to be_present
     end
 
-    it 'does not block urls pointing to the local network' do
+    it 'blocks urls pointing to the local network' do
       badge.link_url = 'https://192.168.1.1'
 
       subject
 
-      expect(badge.errors).not_to be_present
+      expect(badge.errors).to be_present
     end
   end
 
-  context 'when local requests are not allowed' do
-    let(:validator) { described_class.new(attributes: [:link_url], allow_localhost: false, allow_local_network: false) }
+  context 'when local requests are allowed' do
+    let(:validator) { described_class.new(attributes: [:link_url]) }
     let!(:badge) { build(:badge, link_url: 'http://www.example.com') }
+    let!(:settings) { create(:application_setting) }
 
     subject { validator.validate(badge) }
 
-    it 'blocks urls pointing to localhost' do
+    before do
+      stub_application_setting(allow_local_requests_from_system_hooks: true)
+    end
+
+    it 'does not block urls pointing to localhost' do
       badge.link_url = 'https://127.0.0.1'
 
       subject
 
-      expect(badge.errors).to be_present
+      expect(badge.errors).not_to be_present
     end
 
-    it 'blocks urls pointing to the local network' do
+    it 'does not block urls pointing to the local network' do
       badge.link_url = 'https://192.168.1.1'
 
       subject
 
-      expect(badge.errors).to be_present
+      expect(badge.errors).not_to be_present
     end
   end
 end
-- 
cgit v1.2.1


From 8abf920d1f55e9117dd3b05d81ee9ebf7721f2bd Mon Sep 17 00:00:00 2001
From: George Koltsov <gkoltsov@gitlab.com>
Date: Tue, 30 Jul 2019 11:53:23 +0100
Subject: Refactor SystemHookUrlValidator and specs

Simplify SystemHookUrlValidator to inherit from PublicUrlValidator
Refactor specs to move out shared examples to be used in both
system hooks and public url validators.
---
 app/models/hooks/system_hook.rb                    |   3 +-
 app/models/hooks/web_hook.rb                       |   4 +-
 app/validators/system_hook_url_validator.rb        |  16 +-----
 ...koltsov-55474-outbound-setting-system-hooks.yml |   2 +-
 ..._from_hooks_and_services_application_setting.rb |   4 +-
 ...ooks_and_services_application_setting_rename.rb |  15 ++++++
 db/schema.rb                                       |   2 +-
 doc/security/img/outbound_requests_section.png     | Bin 7314 -> 0 bytes
 .../img/outbound_requests_section_v12_2.png        | Bin 0 -> 21108 bytes
 doc/security/img/outbound_requests_section_v2.png  | Bin 21108 -> 0 bytes
 doc/security/webhooks.md                           |   9 ++--
 lib/gitlab/octokit/middleware.rb                   |   2 +-
 spec/lib/gitlab/octokit/middleware_spec.rb         |   8 +--
 spec/services/web_hook_service_spec.rb             |  10 ++--
 .../shared_examples/url_validator_examples.rb      |  57 +++++++++++++++++++--
 spec/validators/public_url_validator_spec.rb       |  24 +--------
 spec/validators/system_hook_url_validator_spec.rb  |  52 +------------------
 17 files changed, 94 insertions(+), 114 deletions(-)
 create mode 100644 db/post_migrate/20190801114109_cleanup_allow_local_requests_from_hooks_and_services_application_setting_rename.rb
 delete mode 100644 doc/security/img/outbound_requests_section.png
 create mode 100644 doc/security/img/outbound_requests_section_v12_2.png
 delete mode 100644 doc/security/img/outbound_requests_section_v2.png

diff --git a/app/models/hooks/system_hook.rb b/app/models/hooks/system_hook.rb
index b83913c845f..3d54d17e787 100644
--- a/app/models/hooks/system_hook.rb
+++ b/app/models/hooks/system_hook.rb
@@ -14,8 +14,7 @@ class SystemHook < WebHook
   default_value_for :repository_update_events, true
   default_value_for :merge_requests_events, false
 
-  validates :url, presence: true, public_url: false, system_hook_url: { allow_localhost: lambda(&:allow_local_requests?),
-                                                                        allow_local_network: lambda(&:allow_local_requests?) }
+  validates :url, system_hook_url: true
 
   # Allow urls pointing localhost and the local network
   def allow_local_requests?
diff --git a/app/models/hooks/web_hook.rb b/app/models/hooks/web_hook.rb
index 3203bb024ab..16fc7fdbd48 100644
--- a/app/models/hooks/web_hook.rb
+++ b/app/models/hooks/web_hook.rb
@@ -15,8 +15,8 @@ class WebHook < ApplicationRecord
 
   has_many :web_hook_logs, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
 
-  validates :url, presence: true, public_url: { allow_localhost: lambda(&:allow_local_requests?),
-                                                allow_local_network: lambda(&:allow_local_requests?) }
+  validates :url, presence: true
+  validates :url, public_url: true, unless: ->(hook) { hook.is_a?(SystemHook) }
 
   validates :token, format: { without: /\n/ }
   validates :push_events_branch_filter, branch_filter: true
diff --git a/app/validators/system_hook_url_validator.rb b/app/validators/system_hook_url_validator.rb
index e482828685d..f4253006dad 100644
--- a/app/validators/system_hook_url_validator.rb
+++ b/app/validators/system_hook_url_validator.rb
@@ -7,23 +7,11 @@
 # ApplicationSetting.allow_local_requests_from_system_hooks
 #
 # Example:
-#
 #   class SystemHook < WebHook
-#     validates :url, system_hook_url: { allow_localhost: true, allow_local_network: true }
+#     validates :url, system_hook_url: true
 #   end
 #
-class SystemHookUrlValidator < AddressableUrlValidator
-  DEFAULT_OPTIONS = {
-    allow_localhost: false,
-    allow_local_network: false
-  }.freeze
-
-  def initialize(options)
-    options.reverse_merge!(DEFAULT_OPTIONS)
-
-    super(options)
-  end
-
+class SystemHookUrlValidator < PublicUrlValidator
   def self.allow_setting_local_requests?
     ApplicationSetting.current&.allow_local_requests_from_system_hooks?
   end
diff --git a/changelogs/unreleased/georgekoltsov-55474-outbound-setting-system-hooks.yml b/changelogs/unreleased/georgekoltsov-55474-outbound-setting-system-hooks.yml
index 46b4a408a27..fb1acb1e9f5 100644
--- a/changelogs/unreleased/georgekoltsov-55474-outbound-setting-system-hooks.yml
+++ b/changelogs/unreleased/georgekoltsov-55474-outbound-setting-system-hooks.yml
@@ -2,4 +2,4 @@
 title: Add new outbound network requests application setting for system hooks
 merge_request: 31177
 author:
-type: changed
+type: added
diff --git a/db/migrate/20190726101050_rename_allow_local_requests_from_hooks_and_services_application_setting.rb b/db/migrate/20190726101050_rename_allow_local_requests_from_hooks_and_services_application_setting.rb
index e3e8514427c..ac65e8d745c 100644
--- a/db/migrate/20190726101050_rename_allow_local_requests_from_hooks_and_services_application_setting.rb
+++ b/db/migrate/20190726101050_rename_allow_local_requests_from_hooks_and_services_application_setting.rb
@@ -8,10 +8,10 @@ class RenameAllowLocalRequestsFromHooksAndServicesApplicationSetting < ActiveRec
   disable_ddl_transaction!
 
   def up
-    rename_column :application_settings, :allow_local_requests_from_hooks_and_services, :allow_local_requests_from_web_hooks_and_services
+    rename_column_concurrently :application_settings, :allow_local_requests_from_hooks_and_services, :allow_local_requests_from_web_hooks_and_services
   end
 
   def down
-    rename_column :application_settings, :allow_local_requests_from_web_hooks_and_services, :allow_local_requests_from_hooks_and_services
+    cleanup_concurrent_column_rename :application_settings, :allow_local_requests_from_web_hooks_and_services, :allow_local_requests_from_hooks_and_services
   end
 end
diff --git a/db/post_migrate/20190801114109_cleanup_allow_local_requests_from_hooks_and_services_application_setting_rename.rb b/db/post_migrate/20190801114109_cleanup_allow_local_requests_from_hooks_and_services_application_setting_rename.rb
new file mode 100644
index 00000000000..397d3bce60a
--- /dev/null
+++ b/db/post_migrate/20190801114109_cleanup_allow_local_requests_from_hooks_and_services_application_setting_rename.rb
@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+class CleanupAllowLocalRequestsFromHooksAndServicesApplicationSettingRename < ActiveRecord::Migration[5.2]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def up
+    cleanup_concurrent_column_rename :application_settings, :allow_local_requests_from_hooks_and_services, :allow_local_requests_from_web_hooks_and_services
+  end
+
+  def down
+    rename_column_concurrently :application_settings, :allow_local_requests_from_web_hooks_and_services, :allow_local_requests_from_hooks_and_services
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index e2ae13174cd..c88fe55277e 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -183,7 +183,6 @@ ActiveRecord::Schema.define(version: 2019_07_31_084415) do
     t.string "external_authorization_service_default_label"
     t.boolean "pages_domain_verification_enabled", default: true, null: false
     t.string "user_default_internal_regex"
-    t.boolean "allow_local_requests_from_web_hooks_and_services", default: false, null: false
     t.float "external_authorization_service_timeout", default: 0.5
     t.text "external_auth_client_cert"
     t.text "encrypted_external_auth_client_key"
@@ -230,6 +229,7 @@ ActiveRecord::Schema.define(version: 2019_07_31_084415) do
     t.string "grafana_url", default: "/-/grafana", null: false
     t.string "outbound_local_requests_whitelist", limit: 255, default: [], null: false, array: true
     t.integer "raw_blob_request_limit", default: 300, null: false
+    t.boolean "allow_local_requests_from_web_hooks_and_services", default: false, null: false
     t.boolean "allow_local_requests_from_system_hooks", default: true, null: false
     t.index ["custom_project_templates_group_id"], name: "index_application_settings_on_custom_project_templates_group_id"
     t.index ["file_template_project_id"], name: "index_application_settings_on_file_template_project_id"
diff --git a/doc/security/img/outbound_requests_section.png b/doc/security/img/outbound_requests_section.png
deleted file mode 100644
index f7783f34cdd..00000000000
Binary files a/doc/security/img/outbound_requests_section.png and /dev/null differ
diff --git a/doc/security/img/outbound_requests_section_v12_2.png b/doc/security/img/outbound_requests_section_v12_2.png
new file mode 100644
index 00000000000..4fd3c7d9fce
Binary files /dev/null and b/doc/security/img/outbound_requests_section_v12_2.png differ
diff --git a/doc/security/img/outbound_requests_section_v2.png b/doc/security/img/outbound_requests_section_v2.png
deleted file mode 100644
index 4fd3c7d9fce..00000000000
Binary files a/doc/security/img/outbound_requests_section_v2.png and /dev/null differ
diff --git a/doc/security/webhooks.md b/doc/security/webhooks.md
index 401df02e5c3..7ece9407ac0 100644
--- a/doc/security/webhooks.md
+++ b/doc/security/webhooks.md
@@ -38,11 +38,12 @@ local network from web hooks and services"* in the *"Outbound requests"* section
 inside the Admin area under **Settings**
 (`/admin/application_settings/network`):
 
-![Outbound requests admin settings](img/outbound_requests_section_v2.png)
+![Outbound requests admin settings](img/outbound_requests_section_v12_2.png)
 
->**Note:**
-*System hooks* are enabled to make requests to local network by default since they are set up by admins. 
-However, it can be turned off by disabling *"Allow requests to the local network from system hooks"* option.
+NOTE: **Note:**
+*System hooks* are enabled to make requests to local network by default since they are
+set up by administrators. However, you can turn this off by disabling the
+**Allow requests to the local network from system hooks** option.
 
 <!-- ## Troubleshooting
 
diff --git a/lib/gitlab/octokit/middleware.rb b/lib/gitlab/octokit/middleware.rb
index 2f762957d1b..2dd7d08a58b 100644
--- a/lib/gitlab/octokit/middleware.rb
+++ b/lib/gitlab/octokit/middleware.rb
@@ -16,7 +16,7 @@ module Gitlab
       private
 
       def allow_local_requests?
-        Gitlab::CurrentSettings.allow_local_requests_from_hooks_and_services?
+        Gitlab::CurrentSettings.allow_local_requests_from_web_hooks_and_services?
       end
     end
   end
diff --git a/spec/lib/gitlab/octokit/middleware_spec.rb b/spec/lib/gitlab/octokit/middleware_spec.rb
index 7f2b523f5b7..43f6d13f7ba 100644
--- a/spec/lib/gitlab/octokit/middleware_spec.rb
+++ b/spec/lib/gitlab/octokit/middleware_spec.rb
@@ -30,7 +30,7 @@ describe Gitlab::Octokit::Middleware do
 
       context 'when localhost requests are not allowed' do
         before do
-          stub_application_setting(allow_local_requests_from_hooks_and_services: false)
+          stub_application_setting(allow_local_requests_from_web_hooks_and_services: false)
         end
 
         it_behaves_like 'Local URL'
@@ -38,7 +38,7 @@ describe Gitlab::Octokit::Middleware do
 
       context 'when localhost requests are allowed' do
         before do
-          stub_application_setting(allow_local_requests_from_hooks_and_services: true)
+          stub_application_setting(allow_local_requests_from_web_hooks_and_services: true)
         end
 
         it_behaves_like 'Public URL'
@@ -50,7 +50,7 @@ describe Gitlab::Octokit::Middleware do
 
       context 'when local network requests are not allowed' do
         before do
-          stub_application_setting(allow_local_requests_from_hooks_and_services: false)
+          stub_application_setting(allow_local_requests_from_web_hooks_and_services: false)
         end
 
         it_behaves_like 'Local URL'
@@ -58,7 +58,7 @@ describe Gitlab::Octokit::Middleware do
 
       context 'when local network requests are allowed' do
         before do
-          stub_application_setting(allow_local_requests_from_hooks_and_services: true)
+          stub_application_setting(allow_local_requests_from_web_hooks_and_services: true)
         end
 
         it_behaves_like 'Public URL'
diff --git a/spec/services/web_hook_service_spec.rb b/spec/services/web_hook_service_spec.rb
index 115599bd1a4..50167a2e059 100644
--- a/spec/services/web_hook_service_spec.rb
+++ b/spec/services/web_hook_service_spec.rb
@@ -23,14 +23,14 @@ describe WebHookService do
       stub_application_setting(setting_name => setting)
     end
 
-    shared_examples_for 'respecting outbound network setting' do
-      context 'local requests are allowed' do
+    shared_examples_for 'respects outbound network setting' do
+      context 'when local requests are allowed' do
         let(:setting) { true }
 
         it { expect(hook.request_options[:allow_local_requests]).to be_truthy }
       end
 
-      context 'local requests are not allowed' do
+      context 'when local requests are not allowed' do
         let(:setting) { false }
 
         it { expect(hook.request_options[:allow_local_requests]).to be_falsey }
@@ -41,14 +41,14 @@ describe WebHookService do
       let(:setting_name) { :allow_local_requests_from_system_hooks }
       let(:hook) { described_class.new(build(:system_hook), data, :system_hook) }
 
-      include_examples 'respecting outbound network setting'
+      include_examples 'respects outbound network setting'
     end
 
     context 'when ProjectHook' do
       let(:setting_name) { :allow_local_requests_from_web_hooks_and_services }
       let(:hook) { described_class.new(build(:project_hook), data, :project_hook) }
 
-      include_examples 'respecting outbound network setting'
+      include_examples 'respects outbound network setting'
     end
   end
 
diff --git a/spec/support/shared_examples/url_validator_examples.rb b/spec/support/shared_examples/url_validator_examples.rb
index 16fceddb605..c5a775fefb6 100644
--- a/spec/support/shared_examples/url_validator_examples.rb
+++ b/spec/support/shared_examples/url_validator_examples.rb
@@ -1,12 +1,12 @@
 # frozen_string_literal: true
 
 RSpec.shared_examples 'url validator examples' do |schemes|
-  let(:validator) { described_class.new(attributes: [:link_url], **options) }
-  let!(:badge) { build(:badge, link_url: 'http://www.example.com') }
+  describe '#validate' do
+    let(:validator) { described_class.new(attributes: [:link_url], **options) }
+    let(:badge) { build(:badge, link_url: 'http://www.example.com') }
 
-  subject { validator.validate(badge) }
+    subject { validator.validate(badge) }
 
-  describe '#validate' do
     context 'with no options' do
       let(:options) { {} }
 
@@ -42,3 +42,52 @@ RSpec.shared_examples 'url validator examples' do |schemes|
     end
   end
 end
+
+RSpec.shared_examples 'public url validator examples' do |setting|
+  let(:validator) { described_class.new(attributes: [:link_url]) }
+  let(:badge) { build(:badge, link_url: 'http://www.example.com') }
+
+  subject { validator.validate(badge) }
+
+  context 'by default' do
+    it 'blocks urls pointing to localhost' do
+      badge.link_url = 'https://127.0.0.1'
+
+      subject
+
+      expect(badge.errors).to be_present
+    end
+
+    it 'blocks urls pointing to the local network' do
+      badge.link_url = 'https://192.168.1.1'
+
+      subject
+
+      expect(badge.errors).to be_present
+    end
+  end
+
+  context 'when local requests are allowed' do
+    let!(:settings) { create(:application_setting) }
+
+    before do
+      stub_application_setting(setting)
+    end
+
+    it 'does not block urls pointing to localhost' do
+      badge.link_url = 'https://127.0.0.1'
+
+      subject
+
+      expect(badge.errors).not_to be_present
+    end
+
+    it 'does not block urls pointing to the local network' do
+      badge.link_url = 'https://192.168.1.1'
+
+      subject
+
+      expect(badge.errors).not_to be_present
+    end
+  end
+end
diff --git a/spec/validators/public_url_validator_spec.rb b/spec/validators/public_url_validator_spec.rb
index f6364fb1dd5..3cbf1002730 100644
--- a/spec/validators/public_url_validator_spec.rb
+++ b/spec/validators/public_url_validator_spec.rb
@@ -2,27 +2,5 @@ require 'spec_helper'
 
 describe PublicUrlValidator do
   include_examples 'url validator examples', AddressableUrlValidator::DEFAULT_OPTIONS[:schemes]
-
-  context 'by default' do
-    let(:validator) { described_class.new(attributes: [:link_url]) }
-    let!(:badge) { build(:badge, link_url: 'http://www.example.com') }
-
-    subject { validator.validate(badge) }
-
-    it 'blocks urls pointing to localhost' do
-      badge.link_url = 'https://127.0.0.1'
-
-      subject
-
-      expect(badge.errors).to be_present
-    end
-
-    it 'blocks urls pointing to the local network' do
-      badge.link_url = 'https://192.168.1.1'
-
-      subject
-
-      expect(badge.errors).to be_present
-    end
-  end
+  include_examples 'public url validator examples', allow_local_requests_from_web_hooks_and_services: true
 end
diff --git a/spec/validators/system_hook_url_validator_spec.rb b/spec/validators/system_hook_url_validator_spec.rb
index 78e95db2b47..02384bbd1ce 100644
--- a/spec/validators/system_hook_url_validator_spec.rb
+++ b/spec/validators/system_hook_url_validator_spec.rb
@@ -4,55 +4,5 @@ require 'spec_helper'
 
 describe SystemHookUrlValidator do
   include_examples 'url validator examples', AddressableUrlValidator::DEFAULT_OPTIONS[:schemes]
-
-  context 'by default' do
-    let(:validator) { described_class.new(attributes: [:link_url]) }
-    let!(:badge) { build(:badge, link_url: 'http://www.example.com') }
-
-    subject { validator.validate(badge) }
-
-    it 'blocks urls pointing to localhost' do
-      badge.link_url = 'https://127.0.0.1'
-
-      subject
-
-      expect(badge.errors).to be_present
-    end
-
-    it 'blocks urls pointing to the local network' do
-      badge.link_url = 'https://192.168.1.1'
-
-      subject
-
-      expect(badge.errors).to be_present
-    end
-  end
-
-  context 'when local requests are allowed' do
-    let(:validator) { described_class.new(attributes: [:link_url]) }
-    let!(:badge) { build(:badge, link_url: 'http://www.example.com') }
-    let!(:settings) { create(:application_setting) }
-
-    subject { validator.validate(badge) }
-
-    before do
-      stub_application_setting(allow_local_requests_from_system_hooks: true)
-    end
-
-    it 'does not block urls pointing to localhost' do
-      badge.link_url = 'https://127.0.0.1'
-
-      subject
-
-      expect(badge.errors).not_to be_present
-    end
-
-    it 'does not block urls pointing to the local network' do
-      badge.link_url = 'https://192.168.1.1'
-
-      subject
-
-      expect(badge.errors).not_to be_present
-    end
-  end
+  include_examples 'public url validator examples', allow_local_requests_from_system_hooks: true
 end
-- 
cgit v1.2.1


From 5e3a208f58a7a887370888055da180f64b3692a3 Mon Sep 17 00:00:00 2001
From: George Koltsov <gkoltsov@gitlab.com>
Date: Thu, 1 Aug 2019 14:22:54 +0100
Subject: Add backwards compatibility for legacy setting

`allow_local_requests_for_hooks_and_services` was renamed to
`allow_local_requests_for_web_hooks_and_services`.
---
 app/helpers/application_settings_helper.rb              |  1 +
 ...rom_hooks_and_services_application_setting_rename.rb |  2 ++
 db/schema.rb                                            |  2 +-
 doc/api/settings.md                                     | 11 +++++++++--
 lib/api/entities.rb                                     |  2 ++
 lib/api/settings.rb                                     |  6 ++++++
 spec/requests/api/settings_spec.rb                      | 17 ++++++++++++++++-
 .../self_monitoring/project/create_service_spec.rb      |  2 +-
 8 files changed, 38 insertions(+), 5 deletions(-)

diff --git a/app/helpers/application_settings_helper.rb b/app/helpers/application_settings_helper.rb
index a646b62027a..acbcf0ded17 100644
--- a/app/helpers/application_settings_helper.rb
+++ b/app/helpers/application_settings_helper.rb
@@ -159,6 +159,7 @@ module ApplicationSettingsHelper
       :after_sign_up_text,
       :akismet_api_key,
       :akismet_enabled,
+      :allow_local_requests_from_hooks_and_services,
       :allow_local_requests_from_web_hooks_and_services,
       :allow_local_requests_from_system_hooks,
       :dns_rebinding_protection_enabled,
diff --git a/db/post_migrate/20190801114109_cleanup_allow_local_requests_from_hooks_and_services_application_setting_rename.rb b/db/post_migrate/20190801114109_cleanup_allow_local_requests_from_hooks_and_services_application_setting_rename.rb
index 397d3bce60a..127e44254ac 100644
--- a/db/post_migrate/20190801114109_cleanup_allow_local_requests_from_hooks_and_services_application_setting_rename.rb
+++ b/db/post_migrate/20190801114109_cleanup_allow_local_requests_from_hooks_and_services_application_setting_rename.rb
@@ -5,6 +5,8 @@ class CleanupAllowLocalRequestsFromHooksAndServicesApplicationSettingRename < Ac
 
   DOWNTIME = false
 
+  disable_ddl_transaction!
+
   def up
     cleanup_concurrent_column_rename :application_settings, :allow_local_requests_from_hooks_and_services, :allow_local_requests_from_web_hooks_and_services
   end
diff --git a/db/schema.rb b/db/schema.rb
index c88fe55277e..fe3fa597006 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2019_07_31_084415) do
+ActiveRecord::Schema.define(version: 2019_08_01_114109) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "pg_trgm"
diff --git a/doc/api/settings.md b/doc/api/settings.md
index f17a49cfc89..83125aff264 100644
--- a/doc/api/settings.md
+++ b/doc/api/settings.md
@@ -64,7 +64,10 @@ Example response:
    "performance_bar_allowed_group_id": 42,
    "instance_statistics_visibility_private": false,
    "user_show_add_ssh_key_message": true,
-   "local_markdown_version": 0
+   "local_markdown_version": 0,
+   "allow_local_requests_from_hooks_and_services": true,
+   "allow_local_requests_from_web_hooks_and_services": true,
+   "allow_local_requests_from_system_hooks": false
 }
 ```
 
@@ -138,7 +141,10 @@ Example response:
   "user_show_add_ssh_key_message": true,
   "file_template_project_id": 1,
   "local_markdown_version": 0,
-  "geo_node_allowed_ips": "0.0.0.0/0, ::/0"
+  "geo_node_allowed_ips": "0.0.0.0/0, ::/0",
+  "allow_local_requests_from_hooks_and_services": true,
+  "allow_local_requests_from_web_hooks_and_services": true,
+  "allow_local_requests_from_system_hooks": false
 }
 ```
 
@@ -177,6 +183,7 @@ are listed in the descriptions of the relevant settings.
 | `akismet_api_key`                        | string           | required by: `akismet_enabled`       | API key for akismet spam protection. |
 | `akismet_enabled`                        | boolean          | no                                   | (**If enabled, requires:** `akismet_api_key`) Enable or disable akismet spam protection. |
 | `allow_group_owners_to_manage_ldap`      | boolean          | no                                   | **(PREMIUM)** Set to `true` to allow group owners to manage LDAP |
+| `allow_local_requests_from_hooks_and_services` | boolean    | no                                   | (Deprecated: Use `allow_local_requests_from_web_hooks_and_services` instead) Allow requests to the local network from hooks and services. |
 | `allow_local_requests_from_web_hooks_and_services` | boolean    | no                                   | Allow requests to the local network from web hooks and services. |
 | `allow_local_requests_from_system_hooks` | boolean    | no                                   | Allow requests to the local network from system hooks. |
 | `authorized_keys_enabled`                | boolean          | no                                   | By default, we write to the `authorized_keys` file to support Git over SSH without additional configuration. GitLab can be optimized to authenticate SSH keys via the database file. Only disable this if you have configured your OpenSSH server to use the AuthorizedKeysCommand. |
diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index 2d6dd18d4ea..2f5ce3d4003 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -1162,6 +1162,7 @@ module API
         attributes = ::ApplicationSettingsHelper.visible_attributes
         attributes.delete(:performance_bar_allowed_group_path)
         attributes.delete(:performance_bar_enabled)
+        attributes.delete(:allow_local_requests_from_hooks_and_services)
 
         attributes
       end
@@ -1180,6 +1181,7 @@ module API
       # support legacy names, can be removed in v5
       expose :password_authentication_enabled_for_web, as: :password_authentication_enabled
       expose :password_authentication_enabled_for_web, as: :signin_enabled
+      expose :allow_local_requests_from_web_hooks_and_services, as: :allow_local_requests_from_hooks_and_services
     end
 
     # deprecated old Release representation
diff --git a/lib/api/settings.rb b/lib/api/settings.rb
index aa9e879160d..196ef1fcdfa 100644
--- a/lib/api/settings.rb
+++ b/lib/api/settings.rb
@@ -124,6 +124,7 @@ module API
       optional :usage_ping_enabled, type: Boolean, desc: 'Every week GitLab will report license usage back to GitLab, Inc.'
       optional :instance_statistics_visibility_private, type: Boolean, desc: 'When set to `true` Instance statistics will only be available to admins'
       optional :local_markdown_version, type: Integer, desc: "Local markdown version, increase this value when any cached markdown should be invalidated"
+      optional :allow_local_requests_from_hooks_and_services, type: Boolean, desc: 'Deprecated: Use :allow_local_requests_from_web_hooks_and_services instead. Allow requests to the local network from hooks and services.' # support legacy names, can be removed in v5
 
       ApplicationSetting::SUPPORTED_KEY_TYPES.each do |type|
         optional :"#{type}_key_restriction",
@@ -158,6 +159,11 @@ module API
         attrs[:password_authentication_enabled_for_web] = attrs.delete(:password_authentication_enabled)
       end
 
+      # support legacy names, can be removed in v5
+      if attrs.has_key?(:allow_local_requests_from_hooks_and_services)
+        attrs[:allow_local_requests_from_web_hooks_and_services] = attrs.delete(:allow_local_requests_from_hooks_and_services)
+      end
+
       attrs = filter_attributes_using_license(attrs)
 
       if ApplicationSettings::UpdateService.new(current_settings, current_user, attrs).execute
diff --git a/spec/requests/api/settings_spec.rb b/spec/requests/api/settings_spec.rb
index 8a60980fe80..184c00a356a 100644
--- a/spec/requests/api/settings_spec.rb
+++ b/spec/requests/api/settings_spec.rb
@@ -25,6 +25,9 @@ describe API::Settings, 'Settings' do
       expect(json_response['ed25519_key_restriction']).to eq(0)
       expect(json_response['performance_bar_allowed_group_id']).to be_nil
       expect(json_response['instance_statistics_visibility_private']).to be(false)
+      expect(json_response['allow_local_requests_from_hooks_and_services']).to be(false)
+      expect(json_response['allow_local_requests_from_web_hooks_and_services']).to be(false)
+      expect(json_response['allow_local_requests_from_system_hooks']).to be(true)
       expect(json_response).not_to have_key('performance_bar_allowed_group_path')
       expect(json_response).not_to have_key('performance_bar_enabled')
     end
@@ -67,7 +70,9 @@ describe API::Settings, 'Settings' do
             instance_statistics_visibility_private: true,
             diff_max_patch_bytes: 150_000,
             default_branch_protection: ::Gitlab::Access::PROTECTION_DEV_CAN_MERGE,
-            local_markdown_version: 3
+            local_markdown_version: 3,
+            allow_local_requests_from_web_hooks_and_services: true,
+            allow_local_requests_from_system_hooks: false
           }
 
         expect(response).to have_gitlab_http_status(200)
@@ -95,6 +100,8 @@ describe API::Settings, 'Settings' do
         expect(json_response['diff_max_patch_bytes']).to eq(150_000)
         expect(json_response['default_branch_protection']).to eq(Gitlab::Access::PROTECTION_DEV_CAN_MERGE)
         expect(json_response['local_markdown_version']).to eq(3)
+        expect(json_response['allow_local_requests_from_web_hooks_and_services']).to eq(true)
+        expect(json_response['allow_local_requests_from_system_hooks']).to eq(false)
       end
     end
 
@@ -117,6 +124,14 @@ describe API::Settings, 'Settings' do
       expect(json_response['performance_bar_allowed_group_id']).to be_nil
     end
 
+    it 'supports legacy allow_local_requests_from_hooks_and_services' do
+      put api("/application/settings", admin),
+          params: { allow_local_requests_from_hooks_and_services: true }
+
+      expect(response).to have_gitlab_http_status(200)
+      expect(json_response['allow_local_requests_from_hooks_and_services']).to eq(true)
+    end
+
     context 'external policy classification settings' do
       let(:settings) do
         {
diff --git a/spec/services/self_monitoring/project/create_service_spec.rb b/spec/services/self_monitoring/project/create_service_spec.rb
index 87d7d776a69..7d4faba526b 100644
--- a/spec/services/self_monitoring/project/create_service_spec.rb
+++ b/spec/services/self_monitoring/project/create_service_spec.rb
@@ -95,7 +95,7 @@ describe SelfMonitoring::Project::CreateService do
           allow(ApplicationSetting)
             .to receive(:current)
             .and_return(
-              ApplicationSetting.build_from_defaults(allow_local_requests_from_hooks_and_services: false)
+              ApplicationSetting.build_from_defaults(allow_local_requests_from_web_hooks_and_services: false)
             )
         end
 
-- 
cgit v1.2.1


From 260225eb5753a18e9e33ec2bb9c1bfc76d613448 Mon Sep 17 00:00:00 2001
From: George Koltsov <gkoltsov@gitlab.com>
Date: Fri, 2 Aug 2019 11:21:37 +0100
Subject: Replace add_column_with_default to add_column

---
 ...local_requests_from_system_hooks_to_application_settings.rb | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/db/migrate/20190726101133_add_allow_local_requests_from_system_hooks_to_application_settings.rb b/db/migrate/20190726101133_add_allow_local_requests_from_system_hooks_to_application_settings.rb
index c0ecdbf4e37..95d4f956f93 100644
--- a/db/migrate/20190726101133_add_allow_local_requests_from_system_hooks_to_application_settings.rb
+++ b/db/migrate/20190726101133_add_allow_local_requests_from_system_hooks_to_application_settings.rb
@@ -5,13 +5,11 @@ class AddAllowLocalRequestsFromSystemHooksToApplicationSettings < ActiveRecord::
 
   DOWNTIME = false
 
-  disable_ddl_transaction!
-
   def up
-    add_column_with_default(:application_settings, :allow_local_requests_from_system_hooks,
-                            :boolean,
-                            default: true,
-                            allow_null: false)
+    add_column(:application_settings, :allow_local_requests_from_system_hooks,
+               :boolean,
+               default: true,
+               null: false)
   end
 
   def down
-- 
cgit v1.2.1


From 684751d3c2233ee1ac33cf623e8b7822c60209d3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kamil=20Trzci=C5=84ski?= <ayufan@ayufan.eu>
Date: Fri, 2 Aug 2019 16:32:52 +0200
Subject: Make needs: to require previous jobs

This changes `needs:` from weak reference
to have a strong reference.

This means that job will not be created
unless all needs are present as part of
a pipeline.
---
 app/models/ci/pipeline.rb                          |  5 +-
 lib/gitlab/ci/pipeline/seed/build.rb               | 31 ++++++++++--
 lib/gitlab/ci/pipeline/seed/stage.rb               | 19 ++++----
 spec/lib/gitlab/ci/pipeline/chain/populate_spec.rb |  8 ++--
 spec/lib/gitlab/ci/pipeline/seed/build_spec.rb     | 38 ++++++++++++++-
 spec/lib/gitlab/ci/pipeline/seed/stage_spec.rb     | 14 +++++-
 spec/services/ci/create_pipeline_service_spec.rb   | 56 ++++++++++++++++++++++
 7 files changed, 151 insertions(+), 20 deletions(-)

diff --git a/app/models/ci/pipeline.rb b/app/models/ci/pipeline.rb
index 3515f0b83ee..ffab4e82f90 100644
--- a/app/models/ci/pipeline.rb
+++ b/app/models/ci/pipeline.rb
@@ -504,8 +504,9 @@ module Ci
       return [] unless config_processor
 
       strong_memoize(:stage_seeds) do
-        seeds = config_processor.stages_attributes.map do |attributes|
-          Gitlab::Ci::Pipeline::Seed::Stage.new(self, attributes)
+        seeds = config_processor.stages_attributes.inject([]) do |previous_stages, attributes|
+          seed = Gitlab::Ci::Pipeline::Seed::Stage.new(self, attributes, previous_stages)
+          previous_stages + [seed]
         end
 
         seeds.select(&:included?)
diff --git a/lib/gitlab/ci/pipeline/seed/build.rb b/lib/gitlab/ci/pipeline/seed/build.rb
index d8296940a04..ab0d4c38ab6 100644
--- a/lib/gitlab/ci/pipeline/seed/build.rb
+++ b/lib/gitlab/ci/pipeline/seed/build.rb
@@ -9,9 +9,10 @@ module Gitlab
 
           delegate :dig, to: :@attributes
 
-          def initialize(pipeline, attributes)
+          def initialize(pipeline, attributes, previous_stages)
             @pipeline = pipeline
             @attributes = attributes
+            @previous_stages = previous_stages
 
             @only = Gitlab::Ci::Build::Policy
               .fabricate(attributes.delete(:only))
@@ -19,10 +20,15 @@ module Gitlab
               .fabricate(attributes.delete(:except))
           end
 
+          def name
+            dig(:name)
+          end
+
           def included?
             strong_memoize(:inclusion) do
-              @only.all? { |spec| spec.satisfied_by?(@pipeline, self) } &&
-                @except.none? { |spec| spec.satisfied_by?(@pipeline, self) }
+              all_of_only? &&
+                none_of_except? &&
+                all_of_needs?
             end
           end
 
@@ -42,6 +48,25 @@ module Gitlab
             @attributes.to_h.dig(:options, :trigger).present?
           end
 
+          def all_of_only?
+            @only.all? { |spec| spec.satisfied_by?(@pipeline, self) }
+          end
+
+          def none_of_except?
+            @except.none? { |spec| spec.satisfied_by?(@pipeline, self) }
+          end
+
+          def all_of_needs?
+            return true unless Feature.enabled?(:ci_dag_support, @pipeline.project)
+            return true if dig(:needs_attributes).nil?
+
+            dig(:needs_attributes).all? do |need|
+              @previous_stages.any? do |stage|
+                stage.seeds_names.include?(need[:name])
+              end
+            end
+          end
+
           def to_resource
             strong_memoize(:resource) do
               if bridge?
diff --git a/lib/gitlab/ci/pipeline/seed/stage.rb b/lib/gitlab/ci/pipeline/seed/stage.rb
index 9c15064756a..7c737027445 100644
--- a/lib/gitlab/ci/pipeline/seed/stage.rb
+++ b/lib/gitlab/ci/pipeline/seed/stage.rb
@@ -10,12 +10,13 @@ module Gitlab
           delegate :size, to: :seeds
           delegate :dig, to: :seeds
 
-          def initialize(pipeline, attributes)
+          def initialize(pipeline, attributes, previous_stages)
             @pipeline = pipeline
             @attributes = attributes
+            @previous_stages = previous_stages
 
             @builds = attributes.fetch(:builds).map do |attributes|
-              Seed::Build.new(@pipeline, attributes)
+              Seed::Build.new(@pipeline, attributes, previous_stages)
             end
           end
 
@@ -32,6 +33,12 @@ module Gitlab
             end
           end
 
+          def seeds_names
+            strong_memoize(:seeds_names) do
+              seeds.map(&:name).to_set
+            end
+          end
+
           def included?
             seeds.any?
           end
@@ -39,13 +46,7 @@ module Gitlab
           def to_resource
             strong_memoize(:stage) do
               ::Ci::Stage.new(attributes).tap do |stage|
-                seeds.each do |seed|
-                  if seed.bridge?
-                    stage.bridges << seed.to_resource
-                  else
-                    stage.builds << seed.to_resource
-                  end
-                end
+                stage.statuses = seeds.map(&:to_resource)
               end
             end
           end
diff --git a/spec/lib/gitlab/ci/pipeline/chain/populate_spec.rb b/spec/lib/gitlab/ci/pipeline/chain/populate_spec.rb
index 417a2d119ff..9bccd5be4fe 100644
--- a/spec/lib/gitlab/ci/pipeline/chain/populate_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/chain/populate_spec.rb
@@ -38,8 +38,8 @@ describe Gitlab::Ci::Pipeline::Chain::Populate do
     it 'populates pipeline with stages' do
       expect(pipeline.stages).to be_one
       expect(pipeline.stages.first).not_to be_persisted
-      expect(pipeline.stages.first.builds).to be_one
-      expect(pipeline.stages.first.builds.first).not_to be_persisted
+      expect(pipeline.stages.first.statuses).to be_one
+      expect(pipeline.stages.first.statuses.first).not_to be_persisted
     end
 
     it 'correctly assigns user' do
@@ -191,8 +191,8 @@ describe Gitlab::Ci::Pipeline::Chain::Populate do
         step.perform!
 
         expect(pipeline.stages.size).to eq 1
-        expect(pipeline.stages.first.builds.size).to eq 1
-        expect(pipeline.stages.first.builds.first.name).to eq 'rspec'
+        expect(pipeline.stages.first.statuses.size).to eq 1
+        expect(pipeline.stages.first.statuses.first.name).to eq 'rspec'
       end
     end
 
diff --git a/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb b/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb
index 46ea0d7554b..762025f9bd9 100644
--- a/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/seed/build_spec.rb
@@ -6,8 +6,9 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
   let(:project) { create(:project, :repository) }
   let(:pipeline) { create(:ci_empty_pipeline, project: project) }
   let(:attributes) { { name: 'rspec', ref: 'master' } }
+  let(:previous_stages) { [] }
 
-  let(:seed_build) { described_class.new(pipeline, attributes) }
+  let(:seed_build) { described_class.new(pipeline, attributes, previous_stages) }
 
   describe '#attributes' do
     subject { seed_build.attributes }
@@ -381,4 +382,39 @@ describe Gitlab::Ci::Pipeline::Seed::Build do
       end
     end
   end
+
+  describe 'applying needs: dependency' do
+    subject { seed_build }
+
+    let(:attributes) do
+      {
+        name: 'rspec',
+        needs_attributes: [{
+          name: 'build'
+        }]
+      }
+    end
+
+    context 'when build job is not present in prior stages' do
+      it { is_expected.not_to be_included }
+    end
+
+    context 'when build job is part of prior stages' do
+      let(:stage_attributes) do
+        {
+          name: 'build',
+          index: 0,
+          builds: [{ name: 'build' }]
+        }
+      end
+
+      let(:stage_seed) do
+        Gitlab::Ci::Pipeline::Seed::Stage.new(pipeline, stage_attributes, [])
+      end
+
+      let(:previous_stages) { [stage_seed] }
+
+      it { is_expected.to be_included }
+    end
+  end
 end
diff --git a/spec/lib/gitlab/ci/pipeline/seed/stage_spec.rb b/spec/lib/gitlab/ci/pipeline/seed/stage_spec.rb
index ad864d0d56e..6fba9f37d91 100644
--- a/spec/lib/gitlab/ci/pipeline/seed/stage_spec.rb
+++ b/spec/lib/gitlab/ci/pipeline/seed/stage_spec.rb
@@ -5,6 +5,7 @@ require 'spec_helper'
 describe Gitlab::Ci::Pipeline::Seed::Stage do
   let(:project) { create(:project, :repository) }
   let(:pipeline) { create(:ci_empty_pipeline, project: project) }
+  let(:previous_stages) { [] }
 
   let(:attributes) do
     { name: 'test',
@@ -15,7 +16,7 @@ describe Gitlab::Ci::Pipeline::Seed::Stage do
   end
 
   subject do
-    described_class.new(pipeline, attributes)
+    described_class.new(pipeline, attributes, previous_stages)
   end
 
   describe '#size' do
@@ -109,6 +110,17 @@ describe Gitlab::Ci::Pipeline::Seed::Stage do
     end
   end
 
+  describe '#seeds_names' do
+    it 'returns all job names' do
+      expect(subject.seeds_names).to contain_exactly(
+        'rspec', 'spinach')
+    end
+
+    it 'returns a set' do
+      expect(subject.seeds_names).to be_a(Set)
+    end
+  end
+
   describe '#to_resource' do
     it 'builds a valid stage object with all builds' do
       subject.to_resource.save!
diff --git a/spec/services/ci/create_pipeline_service_spec.rb b/spec/services/ci/create_pipeline_service_spec.rb
index d9b61dfe503..7e2f311a065 100644
--- a/spec/services/ci/create_pipeline_service_spec.rb
+++ b/spec/services/ci/create_pipeline_service_spec.rb
@@ -1099,6 +1099,62 @@ describe Ci::CreatePipelineService do
         end
       end
     end
+
+    context 'when needs is used' do
+      let(:pipeline) { execute_service }
+
+      let(:config) do
+        {
+          build_a: {
+            stage: "build",
+            script: "ls",
+            only: %w[master]
+          },
+          test_a: {
+            stage: "test",
+            script: "ls",
+            only: %w[master feature tags],
+            needs: %w[build_a]
+          },
+          deploy: {
+            stage: "deploy",
+            script: "ls",
+            only: %w[tags]
+          }
+        }
+      end
+
+      before do
+        stub_ci_pipeline_yaml_file(YAML.dump(config))
+      end
+
+      context 'when pipeline on master is created' do
+        let(:ref_name) { 'refs/heads/master' }
+
+        it 'creates a pipeline with build_a and test_a' do
+          expect(pipeline).to be_persisted
+          expect(pipeline.builds.map(&:name)).to contain_exactly("build_a", "test_a")
+        end
+      end
+
+      context 'when pipeline on feature is created' do
+        let(:ref_name) { 'refs/heads/feature' }
+
+        it 'does not create a pipeline as test_a depends on build_a' do
+          expect(pipeline).not_to be_persisted
+          expect(pipeline.builds).to be_empty
+        end
+      end
+
+      context 'when pipeline on v1.0.0 is created' do
+        let(:ref_name) { 'refs/tags/v1.0.0' }
+
+        it 'does create a pipeline only with deploy' do
+          expect(pipeline).to be_persisted
+          expect(pipeline.builds.map(&:name)).to contain_exactly("deploy")
+        end
+      end
+    end
   end
 
   describe '#execute!' do
-- 
cgit v1.2.1


From 4e23f45e0d6326940787e368030adeb4a9a417ee Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cindy=20Pallares=20=F0=9F=A6=89?= <cindy@gitlab.com>
Date: Fri, 2 Aug 2019 16:56:58 +0000
Subject: Remove CephFS from example

We recommend avoiding CephFS https://docs.gitlab.com/ee/administration/high_availability/nfs.html#avoid-using-cephfs-and-glusterfs
---
 doc/administration/repository_storage_paths.md | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/doc/administration/repository_storage_paths.md b/doc/administration/repository_storage_paths.md
index ad3a9b19c3c..b1a870210a8 100644
--- a/doc/administration/repository_storage_paths.md
+++ b/doc/administration/repository_storage_paths.md
@@ -57,10 +57,10 @@ storage2:
 
 Now that you've read that big fat warning above, let's edit the configuration
 files and add the full paths of the alternative repository storage paths. In
-the example below, we add two more mountpoints that are named `nfs` and `cephfs`
+the example below, we add two more mountpoints that are named `nfs_1` and `nfs_2`
 respectively.
 
-NOTE: **Note:** This example uses NFS and CephFS. We do not recommend using EFS for storage as it may impact GitLab's performance. See the [relevant documentation](high_availability/nfs.md#avoid-using-awss-elastic-file-system-efs) for more details.
+NOTE: **Note:** This example uses NFS. We do not recommend using EFS for storage as it may impact GitLab's performance. See the [relevant documentation](high_availability/nfs.md#avoid-using-awss-elastic-file-system-efs) for more details.
 
 **For installations from source**
 
@@ -73,10 +73,10 @@ NOTE: **Note:** This example uses NFS and CephFS. We do not recommend using EFS
      storages: # You must have at least a 'default' storage path.
        default:
          path: /home/git/repositories
-       nfs:
-         path: /mnt/nfs/repositories
-       cephfs:
-         path: /mnt/cephfs/repositories
+       nfs_1:
+         path: /mnt/nfs1/repositories
+       nfs_2:
+         path: /mnt/nfs2/repositories
    ```
 
 1. [Restart GitLab][restart-gitlab] for the changes to take effect.
@@ -96,8 +96,8 @@ working, you can remove the `repos_path` line.
    ```ruby
    git_data_dirs({
      "default" => { "path" => "/var/opt/gitlab/git-data" },
-     "nfs" => { "path" => "/mnt/nfs/git-data" },
-     "cephfs" => { "path" => "/mnt/cephfs/git-data" }
+     "nfs_1" => { "path" => "/mnt/nfs1/git-data" },
+     "nfs_2" => { "path" => "/mnt/nfs2/git-data" }
    })
    ```
 
-- 
cgit v1.2.1


From a2bbf7b8c197922067d1266249197e5f60e0fd7f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kamil=20Trzci=C5=84ski?= <ayufan@ayufan.eu>
Date: Fri, 2 Aug 2019 18:12:24 +0200
Subject: Properly process `needs:` with `when:`

Currently, some of the jobs with `needs:`
would be processed in stages, it means
that `when:` for such jobs would not be
respected.

This changes the behavior to have a separate
execution paths for jobs with `needs:`.
---
 app/models/commit_status.rb                       |  4 ++
 app/services/ci/process_pipeline_service.rb       | 46 ++++++++++++++---------
 spec/models/ci/build_spec.rb                      | 16 ++++++++
 spec/services/ci/process_pipeline_service_spec.rb | 44 ++++++++++++++++++++++
 4 files changed, 93 insertions(+), 17 deletions(-)

diff --git a/app/models/commit_status.rb b/app/models/commit_status.rb
index d7eb78db5b8..a9c29fb390b 100644
--- a/app/models/commit_status.rb
+++ b/app/models/commit_status.rb
@@ -49,6 +49,10 @@ class CommitStatus < ApplicationRecord
     where('EXISTS (?)', needs).preload(:needs)
   end
 
+  scope :without_needs, -> do
+    where('NOT EXISTS (?)', Ci::BuildNeed.scoped_build.select(1))
+  end
+
   # We use `CommitStatusEnums.failure_reasons` here so that EE can more easily
   # extend this `Hash` with new values.
   enum_with_nil failure_reason: ::CommitStatusEnums.failure_reasons
diff --git a/app/services/ci/process_pipeline_service.rb b/app/services/ci/process_pipeline_service.rb
index e46615bcf75..a6d87101163 100644
--- a/app/services/ci/process_pipeline_service.rb
+++ b/app/services/ci/process_pipeline_service.rb
@@ -9,10 +9,7 @@ module Ci
 
       update_retried
 
-      success =
-        stage_indexes_of_created_processables.flat_map do |index|
-          process_stage(index)
-        end.any?
+      success = process_stages_without_needs
 
       # we evaluate dependent needs,
       # only when the another job has finished
@@ -25,18 +22,19 @@ module Ci
 
     private
 
-    def process_stage(index)
+    def process_stages_without_needs
+      stage_indexes_of_created_processables_without_needs.flat_map do |index|
+        process_stage_without_needs(index)
+      end.any?
+    end
+
+    def process_stage_without_needs(index)
       current_status = status_for_prior_stages(index)
 
-      return if HasStatus::BLOCKED_STATUS.include?(current_status)
+      return unless HasStatus::COMPLETED_STATUSES.include?(current_status)
 
-      if HasStatus::COMPLETED_STATUSES.include?(current_status)
-        created_processables_in_stage(index).select do |build|
-          Gitlab::OptimisticLocking.retry_lock(build) do |subject|
-            Ci::ProcessBuildService.new(project, @user)
-              .execute(build, current_status)
-          end
-        end
+      created_processables_in_stage_without_needs(index).select do |build|
+        process_build(build, current_status)
       end
     end
 
@@ -56,6 +54,10 @@ module Ci
 
       return unless HasStatus::COMPLETED_STATUSES.include?(current_status)
 
+      process_build(build, current_status)
+    end
+
+    def process_build(build, current_status)
       Gitlab::OptimisticLocking.retry_lock(build) do |subject|
         Ci::ProcessBuildService.new(project, @user)
           .execute(subject, current_status)
@@ -75,17 +77,27 @@ module Ci
     # rubocop: enable CodeReuse/ActiveRecord
 
     # rubocop: disable CodeReuse/ActiveRecord
-    def stage_indexes_of_created_processables
-      created_processables.order(:stage_idx).pluck(Arel.sql('DISTINCT stage_idx'))
+    def stage_indexes_of_created_processables_without_needs
+      created_processables_without_needs.order(:stage_idx)
+        .pluck(Arel.sql('DISTINCT stage_idx'))
     end
     # rubocop: enable CodeReuse/ActiveRecord
 
     # rubocop: disable CodeReuse/ActiveRecord
-    def created_processables_in_stage(index)
-      created_processables.where(stage_idx: index)
+    def created_processables_in_stage_without_needs(index)
+      created_processables_without_needs
+        .where(stage_idx: index)
     end
     # rubocop: enable CodeReuse/ActiveRecord
 
+    def created_processables_without_needs
+      if Feature.enabled?(:ci_dag_support, project)
+        pipeline.processables.created.without_needs
+      else
+        pipeline.processables.created
+      end
+    end
+
     def created_processables
       pipeline.processables.created
     end
diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb
index 0387073cffb..b7e005e3883 100644
--- a/spec/models/ci/build_spec.rb
+++ b/spec/models/ci/build_spec.rb
@@ -208,6 +208,22 @@ describe Ci::Build do
     end
   end
 
+  describe '.without_needs' do
+    let!(:build) { create(:ci_build) }
+
+    subject { described_class.without_needs }
+
+    context 'when no build_need is created' do
+      it { is_expected.to contain_exactly(build) }
+    end
+
+    context 'when a build_need is created' do
+      let!(:need_a) { create(:ci_build_need, build: build) }
+
+      it { is_expected.to be_empty }
+    end
+  end
+
   describe '#enqueue' do
     let(:build) { create(:ci_build, :created) }
 
diff --git a/spec/services/ci/process_pipeline_service_spec.rb b/spec/services/ci/process_pipeline_service_spec.rb
index 77f108b6ab8..1b28d2d4d02 100644
--- a/spec/services/ci/process_pipeline_service_spec.rb
+++ b/spec/services/ci/process_pipeline_service_spec.rb
@@ -786,6 +786,50 @@ describe Ci::ProcessPipelineService, '#execute' do
         expect(builds.pending).to contain_exactly(deploy)
       end
     end
+
+    context 'when one of the jobs is run on a failure' do
+      let!(:linux_notify) { create_build('linux:notify', stage: 'deploy', stage_idx: 2, when: 'on_failure') }
+
+      let!(:linux_notify_on_build) { create(:ci_build_need, build: linux_notify, name: 'linux:build') }
+
+      context 'when another job in build phase fails first' do
+        context 'when ci_dag_support is enabled' do
+          it 'does skip linux:notify' do
+            expect(process_pipeline).to be_truthy
+
+            mac_build.reset.drop!
+            linux_build.reset.success!
+
+            expect(linux_notify.reset).to be_skipped
+          end
+        end
+
+        context 'when ci_dag_support is disabled' do
+          before do
+            stub_feature_flags(ci_dag_support: false)
+          end
+
+          it 'does run linux:notify' do
+            expect(process_pipeline).to be_truthy
+
+            mac_build.reset.drop!
+            linux_build.reset.success!
+
+            expect(linux_notify.reset).to be_pending
+          end
+        end
+      end
+
+      context 'when linux:build job fails first' do
+        it 'does run linux:notify' do
+          expect(process_pipeline).to be_truthy
+
+          linux_build.reset.drop!
+
+          expect(linux_notify.reset).to be_pending
+        end
+      end
+    end
   end
 
   def process_pipeline
-- 
cgit v1.2.1


From 788ff54816769117279e64dde7b9578c62b03ecf Mon Sep 17 00:00:00 2001
From: Bob Van Landuyt <bob@vanlanduyt.co>
Date: Fri, 2 Aug 2019 19:11:30 +0200
Subject: Group `parent not preloaded` errors in sentry

I still haven't found a moment to look into the exact cases that
causes this error, but we're not loosing any information this way.

In fact, it will be easier to find the right information as we only
need to look to one entry in Sentry.
---
 app/models/concerns/group_descendant.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/models/concerns/group_descendant.rb b/app/models/concerns/group_descendant.rb
index cfffd845e43..ed14b73ac1b 100644
--- a/app/models/concerns/group_descendant.rb
+++ b/app/models/concerns/group_descendant.rb
@@ -42,7 +42,7 @@ module GroupDescendant
       parent = child.parent
 
       exception = ArgumentError.new <<~MSG
-        parent: [GroupDescendant: #{parent.inspect}] was not preloaded for [#{child.inspect}]")
+        Parent was not preloaded for child when rendering group hierarchy.
         This error is not user facing, but causes a +1 query.
       MSG
       extras = {
@@ -50,7 +50,7 @@ module GroupDescendant
         child: child.inspect,
         preloaded: preloaded.map(&:full_path)
       }
-      issue_url = 'https://gitlab.com/gitlab-org/gitlab-ce/issues/40785'
+      issue_url = 'https://gitlab.com/gitlab-org/gitlab-ce/issues/49404'
 
       Gitlab::Sentry.track_exception(exception, issue_url: issue_url, extra: extras)
     end
-- 
cgit v1.2.1


From 615a94435318717e1d18e79d2acfd21529c3fe1b Mon Sep 17 00:00:00 2001
From: Cody West <cwest@gitlab.com>
Date: Fri, 2 Aug 2019 12:42:47 -0500
Subject: Update requirements wording

I'm adding some wording to our hardware requirements to explain that needs vary
by workload. I also included some examples of factors that may influence the
workload.
---
 doc/administration/high_availability/README.md | 2 ++
 doc/install/requirements.md                    | 4 ++++
 2 files changed, 6 insertions(+)

diff --git a/doc/administration/high_availability/README.md b/doc/administration/high_availability/README.md
index bb824c9259b..56665ba8b9a 100644
--- a/doc/administration/high_availability/README.md
+++ b/doc/administration/high_availability/README.md
@@ -172,6 +172,8 @@ environment that supports about 10,000 users. The specifications below are a
 representation of the work so far. The specifications may be adjusted in the
 future based on additional testing and iteration.
 
+NOTE: **Note:** The specifications here were performance tested against a specific coded workload. Your exact needs may be more, depending on your workload. Your workload is influenced by factors such as - but not limited to - how active your users are, how much automation you use, mirroring, and repo/change size.
+
 - 3 PostgreSQL - 4 CPU, 16GiB memory per node
 - 1 PgBouncer - 2 CPU, 4GiB memory
 - 2 Redis - 2 CPU, 8GiB memory per node
diff --git a/doc/install/requirements.md b/doc/install/requirements.md
index 365609ef757..ed5b23a122f 100644
--- a/doc/install/requirements.md
+++ b/doc/install/requirements.md
@@ -62,6 +62,8 @@ NOTE: **Note:** Since file system performance may affect GitLab's overall perfor
 
 ### CPU
 
+This is the recommended minimum hardware for a handful of example GitLab user base sizes. Your exact needs may be more, depending on your workload. Your workload is influenced by factors such as - but not limited to - how active your users are, how much automation you use, mirroring, and repo/change size.
+
 - 1 core supports up to 100 users but the application can be a bit slower due to having all workers and background jobs running on the same core
 - **2 cores** is the **recommended** minimum number of cores and supports up to 100 users
 - 4 cores supports up to 500 users
@@ -71,6 +73,8 @@ NOTE: **Note:** Since file system performance may affect GitLab's overall perfor
 
 ### Memory
 
+This is the recommended minimum hardware for a handful of example GitLab user base sizes. Your exact needs may be more, depending on your workload. Your workload is influenced by factors such as - but not limited to - how active your users are, how much automation you use, mirroring, and repo/change size.
+
 You need at least 8GB of addressable memory (RAM + swap) to install and use GitLab!
 The operating system and any other running applications will also be using memory
 so keep in mind that you need at least 4GB available before running GitLab. With
-- 
cgit v1.2.1


From 35eeb7f854f25009c39a1cd6d8ab78dba8e59acb Mon Sep 17 00:00:00 2001
From: shampton <shampton@gitlab.com>
Date: Fri, 2 Aug 2019 10:45:07 -0700
Subject: Remove visual review app feature flag

This is the CE backport for
https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/14958

Now that we are confident with the visual review
app link being there, we are removing the
feature flag entirely.
---
 .../components/mr_widget_pipeline_container.vue                         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_pipeline_container.vue b/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_pipeline_container.vue
index 17ac8ada32d..76b96c8c1c0 100644
--- a/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_pipeline_container.vue
+++ b/app/assets/javascripts/vue_merge_request_widget/components/mr_widget_pipeline_container.vue
@@ -60,7 +60,7 @@ export default {
       return this.isPostMerge ? this.mr.mergePipeline : this.mr.pipeline;
     },
     showVisualReviewAppLink() {
-      return Boolean(this.mr.visualReviewFF && this.mr.visualReviewAppAvailable);
+      return this.mr.visualReviewAppAvailable;
     },
     showMergeTrainInfo() {
       return _.isNumber(this.mr.mergeTrainIndex);
-- 
cgit v1.2.1


From 3a3476d4fa61a0c7a236a83724ff5d67ef91ed61 Mon Sep 17 00:00:00 2001
From: Lukas Eipert <leipert@gitlab.com>
Date: Fri, 2 Aug 2019 19:51:33 +0200
Subject: Don't run danger on stable branches

---
 .gitlab/ci/review.gitlab-ci.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitlab/ci/review.gitlab-ci.yml b/.gitlab/ci/review.gitlab-ci.yml
index 6b60c993640..ed6690c1023 100644
--- a/.gitlab/ci/review.gitlab-ci.yml
+++ b/.gitlab/ci/review.gitlab-ci.yml
@@ -264,6 +264,7 @@ danger-review:
   except:
     refs:
       - master
+      - /^[\d-]+-stable(-ee)?$/
     variables:
       - $CI_COMMIT_REF_NAME =~ /^ce-to-ee-.*/
       - $CI_COMMIT_REF_NAME =~ /.*-stable(-ee)?-prepare-.*/
-- 
cgit v1.2.1


From 593490e5ac6ec5a92fdcc9b82eebbb455ea6cf48 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kamil=20Trzci=C5=84ski?= <ayufan@ayufan.eu>
Date: Fri, 2 Aug 2019 19:31:01 +0200
Subject: Extend PipelineProcessWorker to accept a list of builds

This changes used worker from `BuildProcessWorker`
to `PipelineProcessWorker` to make pipeline
processing much simpler. We process `pipeline_id`,
based on some triggers.
---
 app/models/ci/pipeline.rb                    |  4 ++--
 app/models/commit_status.rb                  |  2 +-
 app/services/ci/process_pipeline_service.rb  | 16 +++++++++++-----
 app/workers/build_process_worker.rb          |  2 +-
 app/workers/pipeline_process_worker.rb       |  7 ++++---
 spec/workers/build_process_worker_spec.rb    |  2 +-
 spec/workers/pipeline_process_worker_spec.rb | 11 +++++++++++
 7 files changed, 31 insertions(+), 13 deletions(-)

diff --git a/app/models/ci/pipeline.rb b/app/models/ci/pipeline.rb
index 3515f0b83ee..217061c6814 100644
--- a/app/models/ci/pipeline.rb
+++ b/app/models/ci/pipeline.rb
@@ -611,8 +611,8 @@ module Ci
     end
 
     # rubocop: disable CodeReuse/ServiceClass
-    def process!(trigger_build_name = nil)
-      Ci::ProcessPipelineService.new(project, user).execute(self, trigger_build_name)
+    def process!(trigger_build_ids = nil)
+      Ci::ProcessPipelineService.new(project, user).execute(self, trigger_build_ids)
     end
     # rubocop: enable CodeReuse/ServiceClass
 
diff --git a/app/models/commit_status.rb b/app/models/commit_status.rb
index d7eb78db5b8..004ff037558 100644
--- a/app/models/commit_status.rb
+++ b/app/models/commit_status.rb
@@ -122,7 +122,7 @@ class CommitStatus < ApplicationRecord
       commit_status.run_after_commit do
         if pipeline_id
           if complete? || manual?
-            BuildProcessWorker.perform_async(id)
+            PipelineProcessWorker.perform_async(pipeline_id, [id])
           else
             PipelineUpdateWorker.perform_async(pipeline_id)
           end
diff --git a/app/services/ci/process_pipeline_service.rb b/app/services/ci/process_pipeline_service.rb
index e46615bcf75..184d5321020 100644
--- a/app/services/ci/process_pipeline_service.rb
+++ b/app/services/ci/process_pipeline_service.rb
@@ -4,7 +4,7 @@ module Ci
   class ProcessPipelineService < BaseService
     attr_reader :pipeline
 
-    def execute(pipeline, trigger_build_name = nil)
+    def execute(pipeline, trigger_build_ids = nil)
       @pipeline = pipeline
 
       update_retried
@@ -16,7 +16,7 @@ module Ci
 
       # we evaluate dependent needs,
       # only when the another job has finished
-      success = process_builds_with_needs(trigger_build_name) || success
+      success = process_builds_with_needs(trigger_build_ids) || success
 
       @pipeline.update_status
 
@@ -40,12 +40,18 @@ module Ci
       end
     end
 
-    def process_builds_with_needs(trigger_build_name)
-      return false unless trigger_build_name
+    def process_builds_with_needs(trigger_build_ids)
+      return false unless trigger_build_ids.present?
       return false unless Feature.enabled?(:ci_dag_support, project)
 
+      # rubocop: disable CodeReuse/ActiveRecord
+      trigger_build_names = pipeline.statuses
+        .where(id: trigger_build_ids)
+        .select(:name)
+      # rubocop: enable CodeReuse/ActiveRecord
+
       created_processables
-        .with_needs(trigger_build_name)
+        .with_needs(trigger_build_names)
         .find_each
         .map(&method(:process_build_with_needs))
         .any?
diff --git a/app/workers/build_process_worker.rb b/app/workers/build_process_worker.rb
index 19e590ee1d7..9cd9519df1f 100644
--- a/app/workers/build_process_worker.rb
+++ b/app/workers/build_process_worker.rb
@@ -9,7 +9,7 @@ class BuildProcessWorker
   # rubocop: disable CodeReuse/ActiveRecord
   def perform(build_id)
     CommitStatus.find_by(id: build_id).try do |build|
-      build.pipeline.process!(build.name)
+      build.pipeline.process!([build_id])
     end
   end
   # rubocop: enable CodeReuse/ActiveRecord
diff --git a/app/workers/pipeline_process_worker.rb b/app/workers/pipeline_process_worker.rb
index f2aa17acb51..96524d93f8d 100644
--- a/app/workers/pipeline_process_worker.rb
+++ b/app/workers/pipeline_process_worker.rb
@@ -7,9 +7,10 @@ class PipelineProcessWorker
   queue_namespace :pipeline_processing
 
   # rubocop: disable CodeReuse/ActiveRecord
-  def perform(pipeline_id)
-    Ci::Pipeline.find_by(id: pipeline_id)
-      .try(:process!)
+  def perform(pipeline_id, build_ids = nil)
+    Ci::Pipeline.find_by(id: pipeline_id).try do |pipeline|
+      pipeline.process!(build_ids)
+    end
   end
   # rubocop: enable CodeReuse/ActiveRecord
 end
diff --git a/spec/workers/build_process_worker_spec.rb b/spec/workers/build_process_worker_spec.rb
index cceca40717c..d9a02ece142 100644
--- a/spec/workers/build_process_worker_spec.rb
+++ b/spec/workers/build_process_worker_spec.rb
@@ -10,7 +10,7 @@ describe BuildProcessWorker do
 
       it 'processes build' do
         expect_any_instance_of(Ci::Pipeline).to receive(:process!)
-          .with(build.name)
+          .with([build.id])
 
         described_class.new.perform(build.id)
       end
diff --git a/spec/workers/pipeline_process_worker_spec.rb b/spec/workers/pipeline_process_worker_spec.rb
index d33cf72e51e..ac677e3b555 100644
--- a/spec/workers/pipeline_process_worker_spec.rb
+++ b/spec/workers/pipeline_process_worker_spec.rb
@@ -12,6 +12,17 @@ describe PipelineProcessWorker do
 
         described_class.new.perform(pipeline.id)
       end
+
+      context 'when build_ids are passed' do
+        let(:build) { create(:ci_build, pipeline: pipeline, name: 'my-build') }
+
+        it 'processes pipeline with a list of builds' do
+          expect_any_instance_of(Ci::Pipeline).to receive(:process!)
+            .with([build.id])
+
+          described_class.new.perform(pipeline.id, [build.id])
+        end
+      end
     end
 
     context 'when pipeline does not exist' do
-- 
cgit v1.2.1


From bc89bf56a022753a676f76fdd5d581f59f14b3c1 Mon Sep 17 00:00:00 2001
From: Justin Boyson <jboyson@gitlab.com>
Date: Fri, 2 Aug 2019 18:45:21 +0000
Subject: Add md files to .prettierignore

This is to prevent prettier from auto formatting doc files.
---
 .prettierignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.prettierignore b/.prettierignore
index dc9e572ab54..c9b945ac96d 100644
--- a/.prettierignore
+++ b/.prettierignore
@@ -7,3 +7,4 @@
 # ignore stylesheets for now as this clashes with our linter
 *.css
 *.scss
+*.md
-- 
cgit v1.2.1


From 96ccee2e7e80e1ede285cf5e22e7de18b72d42be Mon Sep 17 00:00:00 2001
From: Jeffrey Cafferata <jeffrey@jcid.nl>
Date: Fri, 2 Aug 2019 18:53:11 +0000
Subject: Documentation - Services slack

---
 doc/api/services.md | 24 +++++++++++++++---------
 1 file changed, 15 insertions(+), 9 deletions(-)

diff --git a/doc/api/services.md b/doc/api/services.md
index df15e6892b0..45b49d7eb92 100644
--- a/doc/api/services.md
+++ b/doc/api/services.md
@@ -972,22 +972,28 @@ Parameters:
 | `channel` | string | false | Default channel to use if others are not configured |
 | `notify_only_broken_pipelines` | boolean | false | Send notifications for broken pipelines |
 | `notify_only_default_branch` | boolean | false | Send notifications only for the default branch |
-| `push_events` | boolean | false | Enable notifications for push events |
-| `issues_events` | boolean | false | Enable notifications for issue events |
+| `commit_events` | boolean | false | Enable notifications for commit events |
+| `confidential_issue_channel` | string | false | The name of the channel to receive confidential issues events notifications |
 | `confidential_issues_events` | boolean | false | Enable notifications for confidential issue events |
+| `confidential_note_channel` | string | false | The name of the channel to receive confidential note events notifications |
+| `confidential_note_events` | boolean | false | Enable notifications for confidential note events |
+| `deployment_channel` | string | false | The name of the channel to receive deployment events notifications |
+| `deployment_events` | boolean | false | Enable notifications for deployment events |
+| `issue_channel` | string | false | The name of the channel to receive issues events notifications |
+| `issues_events` | boolean | false | Enable notifications for issue events |
+| `job_events` | boolean | false | Enable notifications for job events |
+| `merge_request_channel` | string | false | The name of the channel to receive merge request events notifications |
 | `merge_requests_events` | boolean | false | Enable notifications for merge request events |
-| `tag_push_events` | boolean | false | Enable notifications for tag push events |
+| `note_channel` | string | false | The name of the channel to receive note events notifications |
 | `note_events` | boolean | false | Enable notifications for note events |
+| `pipeline_channel` | string | false | The name of the channel to receive pipeline events notifications |
 | `pipeline_events` | boolean | false | Enable notifications for pipeline events |
-| `wiki_page_events` | boolean | false | Enable notifications for wiki page events |
 | `push_channel` | string | false | The name of the channel to receive push events notifications |
-| `issue_channel` | string | false | The name of the channel to receive issues events notifications |
-| `confidential_issue_channel` | string | false | The name of the channel to receive confidential issues events notifications |
-| `merge_request_channel` | string | false | The name of the channel to receive merge request events notifications |
-| `note_channel` | string | false | The name of the channel to receive note events notifications |
+| `push_events` | boolean | false | Enable notifications for push events |
 | `tag_push_channel` | string | false | The name of the channel to receive tag push events notifications |
-| `pipeline_channel` | string | false | The name of the channel to receive pipeline events notifications |
+| `tag_push_events` | boolean | false | Enable notifications for tag push events |
 | `wiki_page_channel` | string | false | The name of the channel to receive wiki page events notifications |
+| `wiki_page_events` | boolean | false | Enable notifications for wiki page events |
 
 ### Delete Slack service
 
-- 
cgit v1.2.1


From 5027979b9ba0ebfb6376cfa78114e942f5054c5c Mon Sep 17 00:00:00 2001
From: Dylan Griffith <dyl.griffith@gmail.com>
Date: Fri, 2 Aug 2019 19:02:57 +0000
Subject: Implement Helm ResetCommand for removing Tiller

Also creates specs

Only allow Helm to be uninstalled if it's the only app

- Remove Tiller leftovers after reser command
- Fixes specs and offenses

Adds changelog file

Fix reset_command specs
---
 .../uninstall_application_confirmation_modal.vue   |  5 +-
 app/models/clusters/applications/helm.rb           | 28 ++++++++--
 changelogs/unreleased/60516-uninstall-tiller.yml   |  5 ++
 doc/user/clusters/applications.md                  |  1 +
 lib/gitlab/kubernetes/helm/delete_command.rb       | 11 ----
 lib/gitlab/kubernetes/helm/reset_command.rb        | 54 ++++++++++++++++++
 locale/gitlab.pot                                  |  3 +
 .../projects/clusters/applications_spec.rb         |  3 +-
 .../gitlab/kubernetes/helm/reset_command_spec.rb   | 65 ++++++++++++++++++++++
 spec/models/clusters/applications/helm_spec.rb     | 59 +++++++++++++++++++-
 .../serializers/cluster_application_entity_spec.rb |  2 +-
 11 files changed, 215 insertions(+), 21 deletions(-)
 create mode 100644 changelogs/unreleased/60516-uninstall-tiller.yml
 create mode 100644 lib/gitlab/kubernetes/helm/reset_command.rb
 create mode 100644 spec/lib/gitlab/kubernetes/helm/reset_command_spec.rb

diff --git a/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue b/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue
index 2ff6d5e32e2..e067eb13c54 100644
--- a/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue
+++ b/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue
@@ -2,9 +2,12 @@
 import { GlModal } from '@gitlab/ui';
 import { sprintf, s__ } from '~/locale';
 import trackUninstallButtonClickMixin from 'ee_else_ce/clusters/mixins/track_uninstall_button_click';
-import { INGRESS, CERT_MANAGER, PROMETHEUS, RUNNER, KNATIVE, JUPYTER } from '../constants';
+import { HELM, INGRESS, CERT_MANAGER, PROMETHEUS, RUNNER, KNATIVE, JUPYTER } from '../constants';
 
 const CUSTOM_APP_WARNING_TEXT = {
+  [HELM]: s__(
+    'ClusterIntegration|The associated Tiller pod will be deleted and cannot be restored.',
+  ),
   [INGRESS]: s__(
     'ClusterIntegration|The associated load balancer and IP will be deleted and cannot be restored.',
   ),
diff --git a/app/models/clusters/applications/helm.rb b/app/models/clusters/applications/helm.rb
index a83d06c4b00..3a175fec148 100644
--- a/app/models/clusters/applications/helm.rb
+++ b/app/models/clusters/applications/helm.rb
@@ -14,6 +14,7 @@ module Clusters
 
       include ::Clusters::Concerns::ApplicationCore
       include ::Clusters::Concerns::ApplicationStatus
+      include ::Gitlab::Utils::StrongMemoize
 
       default_value_for :version, Gitlab::Kubernetes::Helm::HELM_VERSION
 
@@ -29,11 +30,22 @@ module Clusters
         self.status = 'installable' if cluster&.platform_kubernetes_active?
       end
 
-      # We will implement this in future MRs.
-      # Basically we need to check all other applications are not installed
-      # first.
+      # It can only be uninstalled if there are no other applications installed
+      # or with intermitent installation statuses in the database.
       def allowed_to_uninstall?
-        false
+        strong_memoize(:allowed_to_uninstall) do
+          applications = nil
+
+          Clusters::Cluster::APPLICATIONS.each do |application_name, klass|
+            next if application_name == 'helm'
+
+            extra_apps = Clusters::Applications::Helm.where('EXISTS (?)', klass.select(1).where(cluster_id: cluster_id))
+
+            applications = applications.present? ? applications.or(extra_apps) : extra_apps
+          end
+
+          !applications.exists?
+        end
       end
 
       def install_command
@@ -44,6 +56,14 @@ module Clusters
         )
       end
 
+      def uninstall_command
+        Gitlab::Kubernetes::Helm::ResetCommand.new(
+          name: name,
+          files: files,
+          rbac: cluster.platform_kubernetes_rbac?
+        )
+      end
+
       def has_ssl?
         ca_key.present? && ca_cert.present?
       end
diff --git a/changelogs/unreleased/60516-uninstall-tiller.yml b/changelogs/unreleased/60516-uninstall-tiller.yml
new file mode 100644
index 00000000000..db25e7b3338
--- /dev/null
+++ b/changelogs/unreleased/60516-uninstall-tiller.yml
@@ -0,0 +1,5 @@
+---
+title: Allow Helm to be uninstalled from the UI
+merge_request: 27359
+author:
+type: added
diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md
index 7c24f6db86f..a29df76f4b7 100644
--- a/doc/user/clusters/applications.md
+++ b/doc/user/clusters/applications.md
@@ -253,6 +253,7 @@ The applications below can be uninstalled.
 | Application | GitLab version | Notes |
 | ----------- | -------------- | ----- |
 | GitLab Runner  | 12.2+         | Any running pipelines will be canceled. |
+| Helm  | 12.2+         | The associated Tiller pod will be deleted and cannot be restored. |
 | Ingress  | 12.1+         | The associated load balancer and IP will be deleted and cannot be restored. Furthermore, it can only be uninstalled if JupyterHub is not installed. |
 | JupyterHub  | 12.1+         | All data not committed to GitLab will be deleted and cannot be restored. |
 | Knative  | 12.1+         | The associated IP will be deleted and cannot be restored. |
diff --git a/lib/gitlab/kubernetes/helm/delete_command.rb b/lib/gitlab/kubernetes/helm/delete_command.rb
index aeba4a54b6d..dcf22e7abb6 100644
--- a/lib/gitlab/kubernetes/helm/delete_command.rb
+++ b/lib/gitlab/kubernetes/helm/delete_command.rb
@@ -43,17 +43,6 @@ module Gitlab
 
           command.shelljoin
         end
-
-        def optional_tls_flags
-          return [] unless files.key?(:'ca.pem')
-
-          [
-            '--tls',
-            '--tls-ca-cert', "#{files_dir}/ca.pem",
-            '--tls-cert', "#{files_dir}/cert.pem",
-            '--tls-key', "#{files_dir}/key.pem"
-          ]
-        end
       end
     end
   end
diff --git a/lib/gitlab/kubernetes/helm/reset_command.rb b/lib/gitlab/kubernetes/helm/reset_command.rb
new file mode 100644
index 00000000000..37e1d8573ab
--- /dev/null
+++ b/lib/gitlab/kubernetes/helm/reset_command.rb
@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Kubernetes
+    module Helm
+      class ResetCommand
+        include BaseCommand
+        include ClientCommand
+
+        attr_reader :name, :files
+
+        def initialize(name:, rbac:, files:)
+          @name = name
+          @files = files
+          @rbac = rbac
+        end
+
+        def generate_script
+          super + [
+            reset_helm_command,
+            delete_tiller_replicaset
+          ].join("\n")
+        end
+
+        def rbac?
+          @rbac
+        end
+
+        def pod_name
+          "uninstall-#{name}"
+        end
+
+        private
+
+        # This method can be delete once we upgrade Helm to > 12.13.0
+        # https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/27096#note_159695900
+        #
+        # Tracking this method to be removed here:
+        # https://gitlab.com/gitlab-org/gitlab-ce/issues/52791#note_199374155
+        def delete_tiller_replicaset
+          command = %w[kubectl delete replicaset -n gitlab-managed-apps -l name=tiller]
+
+          command.shelljoin
+        end
+
+        def reset_helm_command
+          command = %w[helm reset] + optional_tls_flags
+
+          command.shelljoin
+        end
+      end
+    end
+  end
+end
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 5e9e371a5fc..45a73004954 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -2818,6 +2818,9 @@ msgstr ""
 msgid "ClusterIntegration|The associated IP and all deployed services will be deleted and cannot be restored. Uninstalling Knative will also remove Istio from your cluster. This will not effect any other applications."
 msgstr ""
 
+msgid "ClusterIntegration|The associated Tiller pod will be deleted and cannot be restored."
+msgstr ""
+
 msgid "ClusterIntegration|The associated certifcate will be deleted and cannot be restored."
 msgstr ""
 
diff --git a/spec/features/projects/clusters/applications_spec.rb b/spec/features/projects/clusters/applications_spec.rb
index de97c8a8bc0..217bf1f5506 100644
--- a/spec/features/projects/clusters/applications_spec.rb
+++ b/spec/features/projects/clusters/applications_spec.rb
@@ -63,7 +63,8 @@ describe 'Clusters Applications', :js do
 
             Clusters::Cluster.last.application_helm.make_installed!
 
-            expect(page).to have_css('.js-cluster-application-install-button[disabled]', exact_text: 'Installed')
+            expect(page).not_to have_css('.js-cluster-application-install-button')
+            expect(page).to have_css('.js-cluster-application-uninstall-button:not([disabled])', exact_text: 'Uninstall')
           end
 
           expect(page).to have_content('Helm Tiller was successfully installed on your Kubernetes cluster')
diff --git a/spec/lib/gitlab/kubernetes/helm/reset_command_spec.rb b/spec/lib/gitlab/kubernetes/helm/reset_command_spec.rb
new file mode 100644
index 00000000000..d49d4779735
--- /dev/null
+++ b/spec/lib/gitlab/kubernetes/helm/reset_command_spec.rb
@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::Kubernetes::Helm::ResetCommand do
+  let(:rbac) { true }
+  let(:name) { 'helm' }
+  let(:files) { {} }
+  let(:reset_command) { described_class.new(name: name, rbac: rbac, files: files) }
+
+  subject { reset_command }
+
+  it_behaves_like 'helm commands' do
+    let(:commands) do
+      <<~EOS
+      helm reset
+      kubectl delete replicaset -n gitlab-managed-apps -l name\\=tiller
+      EOS
+    end
+  end
+
+  context 'when there is a ca.pem file' do
+    let(:files) { { 'ca.pem': 'some file content' } }
+
+    it_behaves_like 'helm commands' do
+      let(:commands) do
+        <<~EOS1.squish + "\n" + <<~EOS2
+        helm reset
+        --tls
+        --tls-ca-cert /data/helm/helm/config/ca.pem
+        --tls-cert /data/helm/helm/config/cert.pem
+        --tls-key /data/helm/helm/config/key.pem
+        EOS1
+          kubectl delete replicaset -n gitlab-managed-apps -l name\\=tiller
+        EOS2
+      end
+    end
+  end
+
+  describe '#pod_resource' do
+    subject { reset_command.pod_resource }
+
+    context 'rbac is enabled' do
+      let(:rbac) { true }
+
+      it 'generates a pod that uses the tiller serviceAccountName' do
+        expect(subject.spec.serviceAccountName).to eq('tiller')
+      end
+    end
+
+    context 'rbac is not enabled' do
+      let(:rbac) { false }
+
+      it 'generates a pod that uses the default serviceAccountName' do
+        expect(subject.spec.serviceAcccountName).to be_nil
+      end
+    end
+  end
+
+  describe '#pod_name' do
+    subject { reset_command.pod_name }
+
+    it { is_expected.to eq('uninstall-helm') }
+  end
+end
diff --git a/spec/models/clusters/applications/helm_spec.rb b/spec/models/clusters/applications/helm_spec.rb
index 6ea6c110d62..d4f8b552088 100644
--- a/spec/models/clusters/applications/helm_spec.rb
+++ b/spec/models/clusters/applications/helm_spec.rb
@@ -19,11 +19,27 @@ describe Clusters::Applications::Helm do
   end
 
   describe '#can_uninstall?' do
-    let(:helm) { create(:clusters_applications_helm) }
+    context "with other existing applications" do
+      Clusters::Cluster::APPLICATIONS.keys.each do |application_name|
+        next if application_name == 'helm'
+
+        it do
+          cluster_application = create("clusters_applications_#{application_name}".to_sym)
+
+          helm = cluster_application.cluster.application_helm
 
-    subject { helm.can_uninstall? }
+          expect(helm.allowed_to_uninstall?).to be_falsy
+        end
+      end
+    end
 
-    it { is_expected.to be_falsey }
+    context "without other existing applications" do
+      subject { helm.can_uninstall? }
+
+      let(:helm) { create(:clusters_applications_helm) }
+
+      it { is_expected.to be_truthy }
+    end
   end
 
   describe '#issue_client_cert' do
@@ -73,4 +89,41 @@ describe Clusters::Applications::Helm do
       end
     end
   end
+
+  describe '#uninstall_command' do
+    let(:helm) { create(:clusters_applications_helm) }
+
+    subject { helm.uninstall_command }
+
+    it { is_expected.to be_an_instance_of(Gitlab::Kubernetes::Helm::ResetCommand) }
+
+    it 'has name' do
+      expect(subject.name).to eq('helm')
+    end
+
+    it 'has cert files' do
+      expect(subject.files[:'ca.pem']).to be_present
+      expect(subject.files[:'ca.pem']).to eq(helm.ca_cert)
+
+      expect(subject.files[:'cert.pem']).to be_present
+      expect(subject.files[:'key.pem']).to be_present
+
+      cert = OpenSSL::X509::Certificate.new(subject.files[:'cert.pem'])
+      expect(cert.not_after).to be > 999.years.from_now
+    end
+
+    describe 'rbac' do
+      context 'rbac cluster' do
+        it { expect(subject).to be_rbac }
+      end
+
+      context 'non rbac cluster' do
+        before do
+          helm.cluster.platform_kubernetes.abac!
+        end
+
+        it { expect(subject).not_to be_rbac }
+      end
+    end
+  end
 end
diff --git a/spec/serializers/cluster_application_entity_spec.rb b/spec/serializers/cluster_application_entity_spec.rb
index f38a18fcf59..76ecca06522 100644
--- a/spec/serializers/cluster_application_entity_spec.rb
+++ b/spec/serializers/cluster_application_entity_spec.rb
@@ -22,7 +22,7 @@ describe ClusterApplicationEntity do
     end
 
     it 'has can_uninstall' do
-      expect(subject[:can_uninstall]).to be_falsey
+      expect(subject[:can_uninstall]).to be_truthy
     end
 
     context 'non-helm application' do
-- 
cgit v1.2.1


From 1e83b5138daa4cf6221a7d4be9217e6c041b22f5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Enrique=20Alc=C3=A1ntara?= <ealcantara@gitlab.com>
Date: Fri, 2 Aug 2019 19:06:51 +0000
Subject: Upgrade gitlab-ui to 5.12

- Also, include pikaday styles through gitlab-ui
---
 app/assets/stylesheets/application.scss |  1 -
 package.json                            |  4 ++--
 yarn.lock                               | 20 +++++++++-----------
 3 files changed, 11 insertions(+), 14 deletions(-)

diff --git a/app/assets/stylesheets/application.scss b/app/assets/stylesheets/application.scss
index fbf16aa324a..e98030f1511 100644
--- a/app/assets/stylesheets/application.scss
+++ b/app/assets/stylesheets/application.scss
@@ -12,7 +12,6 @@
 // If you need to add unique style that should affect only one page - use pages/
 // directory.
 @import "at.js/dist/css/jquery.atwho";
-@import "pikaday/scss/pikaday";
 @import "dropzone/dist/basic";
 @import "select2/select2";
 
diff --git a/package.json b/package.json
index f0a7f3e47af..ebaa3811295 100644
--- a/package.json
+++ b/package.json
@@ -38,7 +38,7 @@
     "@babel/preset-env": "^7.4.4",
     "@gitlab/csslab": "^1.9.0",
     "@gitlab/svgs": "^1.67.0",
-    "@gitlab/ui": "^5.11.1",
+    "@gitlab/ui": "5.12.0",
     "apollo-cache-inmemory": "^1.5.1",
     "apollo-client": "^2.5.1",
     "apollo-link": "^1.2.11",
@@ -101,7 +101,7 @@
     "monaco-editor-webpack-plugin": "^1.7.0",
     "mousetrap": "^1.4.6",
     "pdfjs-dist": "^2.0.943",
-    "pikaday": "^1.6.1",
+    "pikaday": "^1.8.0",
     "popper.js": "^1.14.7",
     "prismjs": "^1.6.0",
     "prosemirror-markdown": "^1.3.0",
diff --git a/yarn.lock b/yarn.lock
index 221ffa27f6c..11e51d7690d 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -996,10 +996,10 @@
   resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-1.67.0.tgz#c7b94eca13b99fd3aaa737fb6dcc0abc41d3c579"
   integrity sha512-hJOmWEs6RkjzyKkb1vc9wwKGZIBIP0coHkxu/KgOoxhBVudpGk4CH7xJ6UuB2TKpb0SEh5CC1CzRZfBYaFhsaA==
 
-"@gitlab/ui@^5.11.1":
-  version "5.11.1"
-  resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-5.11.1.tgz#10ee8a4410eb249032142f85f6180b6c465c48d7"
-  integrity sha512-bxIB3//aaYZIT6fpDKhIW60gvVvOCbw6inqC8xffQmklFYFKgcZjEIBu3RH5oJ6t3zFxeelcPQG7+t2F+p3bIg==
+"@gitlab/ui@5.12.0":
+  version "5.12.0"
+  resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-5.12.0.tgz#e44a227de3df287c63eb36162361fb451e344f69"
+  integrity sha512-QCKG3gaO4UL5yqGNqcioPPFz3rJl6J22tt8DwgARAFREGu20KK0VChHEY0xOyShCU595mKz0XgJZF+8NuxXUtw==
   dependencies:
     "@babel/standalone" "^7.0.0"
     "@gitlab/vue-toasted" "^1.2.1"
@@ -8354,7 +8354,7 @@ moment-mini@^2.22.1:
   resolved "https://registry.yarnpkg.com/moment-mini/-/moment-mini-2.22.1.tgz#bc32d73e43a4505070be6b53494b17623183420d"
   integrity sha512-OUCkHOz7ehtNMYuZjNciXUfwTuz8vmF1MTbAy59ebf+ZBYZO5/tZKuChVWCX+uDo+4idJBpGltNfV8st+HwsGw==
 
-moment@2.x, moment@^2.10.2:
+moment@^2.10.2:
   version "2.24.0"
   resolved "https://registry.yarnpkg.com/moment/-/moment-2.24.0.tgz#0d055d53f5052aa653c9f6eb68bb5d12bf5c2b5b"
   integrity sha512-bV7f+6l2QigeBBZSM/6yTNq4P2fNpSWj/0e7jQcy87A8e7o2nAfP/34/2ky5Vw4B9S446EtIhodAzkFCcR4dQg==
@@ -9308,12 +9308,10 @@ pify@^4.0.0, pify@^4.0.1:
   resolved "https://registry.yarnpkg.com/pify/-/pify-4.0.1.tgz#4b2cd25c50d598735c50292224fd8c6df41e3231"
   integrity sha512-uB80kBFb/tfd68bVleG9T5GGsGPjJrLAUpR5PZIrhBnIaRTQRjqdJSsIKkOP6OAIFbj7GOrcudc5pNjZ+geV2g==
 
-pikaday@^1.6.1:
-  version "1.6.1"
-  resolved "https://registry.yarnpkg.com/pikaday/-/pikaday-1.6.1.tgz#b91bcb9b8539cedd8d6d08e4e7465e12095671b0"
-  integrity sha512-B+pxVcSGuzLblMe4dnhCF3dnI2zkyj5GAqanGX9cVcOk90fp2ULo1OZFUPRXQXUE5tmcimnk1tPOFs8tUHQetQ==
-  optionalDependencies:
-    moment "2.x"
+pikaday@^1.8.0:
+  version "1.8.0"
+  resolved "https://registry.yarnpkg.com/pikaday/-/pikaday-1.8.0.tgz#ce930e257042e852e6aadee1115e01554b2d71c5"
+  integrity sha512-SgGxMYX0NHj9oQnMaSyAipr2gOrbB4Lfs/TJTb6H6hRHs39/5c5VZi73Q8hr53+vWjdn6HzkWcj8Vtl3c9ziaA==
 
 pinkie-promise@^2.0.0:
   version "2.0.1"
-- 
cgit v1.2.1


From 08188285cbfe2f0791d8cb913b7d19b216ff1c85 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Cunha?= <j.a.cunha@gmail.com>
Date: Fri, 2 Aug 2019 19:45:43 +0000
Subject: All Kubectl command should return array by default

---
 app/models/clusters/applications/knative.rb          | 10 +++++++---
 app/models/clusters/applications/prometheus.rb       | 10 +++++++---
 spec/models/clusters/applications/knative_spec.rb    |  4 ++--
 spec/models/clusters/applications/prometheus_spec.rb |  2 +-
 4 files changed, 17 insertions(+), 9 deletions(-)

diff --git a/app/models/clusters/applications/knative.rb b/app/models/clusters/applications/knative.rb
index 96f526e8a36..5eae23659ae 100644
--- a/app/models/clusters/applications/knative.rb
+++ b/app/models/clusters/applications/knative.rb
@@ -84,7 +84,7 @@ module Clusters
       private
 
       def delete_knative_services_and_metrics
-        delete_knative_services + delete_knative_istio_metrics.to_a
+        delete_knative_services + delete_knative_istio_metrics
       end
 
       def delete_knative_services
@@ -117,11 +117,15 @@ module Clusters
       end
 
       def install_knative_metrics
-        ["kubectl apply -f #{METRICS_CONFIG}"] if cluster.application_prometheus_available?
+        return [] unless cluster.application_prometheus_available?
+
+        ["kubectl apply -f #{METRICS_CONFIG}"]
       end
 
       def delete_knative_istio_metrics
-        ["kubectl delete --ignore-not-found -f #{METRICS_CONFIG}"] if cluster.application_prometheus_available?
+        return [] unless cluster.application_prometheus_available?
+
+        ["kubectl delete --ignore-not-found -f #{METRICS_CONFIG}"]
       end
 
       def verify_cluster?
diff --git a/app/models/clusters/applications/prometheus.rb b/app/models/clusters/applications/prometheus.rb
index f5375d29f3a..5eb535cab58 100644
--- a/app/models/clusters/applications/prometheus.rb
+++ b/app/models/clusters/applications/prometheus.rb
@@ -64,7 +64,7 @@ module Clusters
           name: name,
           rbac: cluster.platform_kubernetes_rbac?,
           files: files,
-          predelete: delete_knative_istio_metrics.to_a
+          predelete: delete_knative_istio_metrics
         )
       end
 
@@ -104,11 +104,15 @@ module Clusters
       end
 
       def install_knative_metrics
-        ["kubectl apply -f #{Clusters::Applications::Knative::METRICS_CONFIG}"] if cluster.application_knative_available?
+        return [] unless cluster.application_knative_available?
+
+        ["kubectl apply -f #{Clusters::Applications::Knative::METRICS_CONFIG}"]
       end
 
       def delete_knative_istio_metrics
-        ["kubectl delete -f #{Clusters::Applications::Knative::METRICS_CONFIG}"] if cluster.application_knative_available?
+        return [] unless cluster.application_knative_available?
+
+        ["kubectl delete -f #{Clusters::Applications::Knative::METRICS_CONFIG}"]
       end
     end
   end
diff --git a/spec/models/clusters/applications/knative_spec.rb b/spec/models/clusters/applications/knative_spec.rb
index 342ed907854..334f10526cb 100644
--- a/spec/models/clusters/applications/knative_spec.rb
+++ b/spec/models/clusters/applications/knative_spec.rb
@@ -91,7 +91,7 @@ describe Clusters::Applications::Knative do
     end
 
     it 'does not install metrics for prometheus' do
-      expect(subject.postinstall).to be_nil
+      expect(subject.postinstall).to be_empty
     end
 
     context 'with prometheus installed' do
@@ -101,7 +101,7 @@ describe Clusters::Applications::Knative do
       subject { knative.install_command }
 
       it 'installs metrics' do
-        expect(subject.postinstall).not_to be_nil
+        expect(subject.postinstall).not_to be_empty
         expect(subject.postinstall.length).to be(1)
         expect(subject.postinstall[0]).to eql("kubectl apply -f #{Clusters::Applications::Knative::METRICS_CONFIG}")
       end
diff --git a/spec/models/clusters/applications/prometheus_spec.rb b/spec/models/clusters/applications/prometheus_spec.rb
index 26267c64112..d9f31c46f59 100644
--- a/spec/models/clusters/applications/prometheus_spec.rb
+++ b/spec/models/clusters/applications/prometheus_spec.rb
@@ -142,7 +142,7 @@ describe Clusters::Applications::Prometheus do
     end
 
     it 'does not install knative metrics' do
-      expect(subject.postinstall).to be_nil
+      expect(subject.postinstall).to be_empty
     end
 
     context 'with knative installed' do
-- 
cgit v1.2.1


From e0d7df6561d5a89d94dde933e935e884fa786dfc Mon Sep 17 00:00:00 2001
From: mo <mo.khan@gmail.com>
Date: Tue, 16 Jul 2019 12:57:53 -0600
Subject: increase clair from v11 to v12

---
 lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
index 5ad624bb15f..c5175a8c977 100644
--- a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
@@ -23,7 +23,7 @@ container_scanning:
     DOCKER_HOST: tcp://${DOCKER_SERVICE}:2375/
     # https://hub.docker.com/r/arminc/clair-local-scan/tags
     CLAIR_LOCAL_SCAN_VERSION: v2.0.8_fe9b059d930314b54c78f75afe265955faf4fdc1
-    CLAIR_EXECUTABLE_VERSION: v11
+    CLAIR_EXECUTABLE_VERSION: v12
     ## Disable the proxy for clair-local-scan, otherwise Container Scanning will
     ## fail when a proxy is used.
     NO_PROXY: ${DOCKER_SERVICE},localhost
-- 
cgit v1.2.1


From 6a6be879e028a948e33da477bd3832575b4af64f Mon Sep 17 00:00:00 2001
From: mo <mo.khan@gmail.com>
Date: Tue, 16 Jul 2019 13:01:30 -0600
Subject: increase clair local scan version

---
 lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
index c5175a8c977..896aa207533 100644
--- a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
@@ -22,7 +22,7 @@ container_scanning:
     DOCKER_SERVICE: docker
     DOCKER_HOST: tcp://${DOCKER_SERVICE}:2375/
     # https://hub.docker.com/r/arminc/clair-local-scan/tags
-    CLAIR_LOCAL_SCAN_VERSION: v2.0.8_fe9b059d930314b54c78f75afe265955faf4fdc1
+    CLAIR_LOCAL_SCAN_VERSION: v2.0.8_0ed98e9ead65a51ba53f7cc53fa5e80c92169207
     CLAIR_EXECUTABLE_VERSION: v12
     ## Disable the proxy for clair-local-scan, otherwise Container Scanning will
     ## fail when a proxy is used.
-- 
cgit v1.2.1


From d8ac737d5d551e5ebf1672d19440aa82333c44e7 Mon Sep 17 00:00:00 2001
From: mo <mo.khan@gmail.com>
Date: Tue, 16 Jul 2019 13:21:36 -0600
Subject: add changelog entry

---
 changelogs/unreleased/GL-12757.yml | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changelogs/unreleased/GL-12757.yml

diff --git a/changelogs/unreleased/GL-12757.yml b/changelogs/unreleased/GL-12757.yml
new file mode 100644
index 00000000000..e5013b084ff
--- /dev/null
+++ b/changelogs/unreleased/GL-12757.yml
@@ -0,0 +1,5 @@
+---
+title: Update clair scanner from v11 to v12
+merge_request: 12760
+author:
+type: changed
-- 
cgit v1.2.1


From bdb998a5ebee9454cfd2bc940817472a548400d4 Mon Sep 17 00:00:00 2001
From: mo khan <mkhan@gitlab.com>
Date: Thu, 18 Jul 2019 11:01:59 -0600
Subject: change merge request id

---
 changelogs/unreleased/GL-12757.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changelogs/unreleased/GL-12757.yml b/changelogs/unreleased/GL-12757.yml
index e5013b084ff..89dff6b1b33 100644
--- a/changelogs/unreleased/GL-12757.yml
+++ b/changelogs/unreleased/GL-12757.yml
@@ -1,5 +1,5 @@
 ---
 title: Update clair scanner from v11 to v12
-merge_request: 12760
+merge_request: 30809
 author:
 type: changed
-- 
cgit v1.2.1


From b7733d5f21be8cea680f9b16722e96f9c54383f9 Mon Sep 17 00:00:00 2001
From: mo khan <mkhan@gitlab.com>
Date: Thu, 18 Jul 2019 12:23:49 -0600
Subject: provide a more descriptive changelog entry

---
 changelogs/unreleased/GL-12757.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/changelogs/unreleased/GL-12757.yml b/changelogs/unreleased/GL-12757.yml
index 89dff6b1b33..e58ecf9259f 100644
--- a/changelogs/unreleased/GL-12757.yml
+++ b/changelogs/unreleased/GL-12757.yml
@@ -1,5 +1,5 @@
 ---
-title: Update clair scanner from v11 to v12
+title: Update the container scanning CI template to use v12 of the clair scanner.
 merge_request: 30809
 author:
 type: changed
-- 
cgit v1.2.1


From 9fb1df8f9781ea5f1c5db71ef4baeabc9b369528 Mon Sep 17 00:00:00 2001
From: Mike Greiling <mike@pixelcog.com>
Date: Fri, 2 Aug 2019 20:08:53 +0000
Subject: Hide cluster details until cluster is created

Only display the details of the cluster page when the cluster
exists. If it is in "creating" state, show a message and a spinner
---
 app/assets/javascripts/clusters/clusters_bundle.js | 62 +++++++++++++++-------
 .../projects/gke_cluster_namespace/index.js        |  6 ++-
 app/views/clusters/clusters/_banner.html.haml      |  5 +-
 app/views/clusters/clusters/show.html.haml         | 49 +++++++++--------
 ...date-automatically-after-cluster-is-created.yml |  5 ++
 locale/gitlab.pot                                  |  2 +-
 .../projects/clusters/applications_spec.rb         |  5 +-
 spec/frontend/clusters/clusters_bundle_spec.js     | 51 ++++++++++++++----
 8 files changed, 126 insertions(+), 59 deletions(-)
 create mode 100644 changelogs/unreleased/50130-cluster-cluster-details-update-automatically-after-cluster-is-created.yml

diff --git a/app/assets/javascripts/clusters/clusters_bundle.js b/app/assets/javascripts/clusters/clusters_bundle.js
index aacfa0d87e6..5f5c8044b49 100644
--- a/app/assets/javascripts/clusters/clusters_bundle.js
+++ b/app/assets/javascripts/clusters/clusters_bundle.js
@@ -48,6 +48,9 @@ export default class Clusters {
     } = document.querySelector('.js-edit-cluster-form').dataset;
 
     this.clusterId = clusterId;
+    this.clusterNewlyCreatedKey = `cluster_${this.clusterId}_newly_created`;
+    this.clusterBannerDismissedKey = `cluster_${this.clusterId}_banner_dismissed`;
+
     this.store = new ClustersStore();
     this.store.setHelpPaths(helpPath, ingressHelpPath, ingressDnsHelpPath);
     this.store.setManagePrometheusPath(managePrometheusPath);
@@ -81,18 +84,19 @@ export default class Clusters {
     this.showTokenButton = document.querySelector('.js-show-cluster-token');
     this.tokenField = document.querySelector('.js-cluster-token');
     this.ingressDomainHelpText = document.querySelector('.js-ingress-domain-help-text');
-    this.ingressDomainSnippet = this.ingressDomainHelpText.querySelector(
-      '.js-ingress-domain-snippet',
-    );
+    this.ingressDomainSnippet =
+      this.ingressDomainHelpText &&
+      this.ingressDomainHelpText.querySelector('.js-ingress-domain-snippet');
 
     Clusters.initDismissableCallout();
     initSettingsPanels();
-    setupToggleButtons(document.querySelector('.js-cluster-enable-toggle-area'));
+    const toggleButtonsContainer = document.querySelector('.js-cluster-enable-toggle-area');
+    if (toggleButtonsContainer) {
+      setupToggleButtons(toggleButtonsContainer);
+    }
     this.initApplications(clusterType);
 
-    if (this.store.state.status !== 'created') {
-      this.updateContainer(null, this.store.state.status, this.store.state.statusReason);
-    }
+    this.updateContainer(null, this.store.state.status, this.store.state.statusReason);
 
     this.addListeners();
     if (statusPath) {
@@ -247,35 +251,56 @@ export default class Clusters {
 
   setBannerDismissedState(status, isDismissed) {
     if (AccessorUtilities.isLocalStorageAccessSafe()) {
-      window.localStorage.setItem(
-        `cluster_${this.clusterId}_banner_dismissed`,
-        `${status}_${isDismissed}`,
-      );
+      window.localStorage.setItem(this.clusterBannerDismissedKey, `${status}_${isDismissed}`);
     }
   }
 
   isBannerDismissed(status) {
     let bannerState;
     if (AccessorUtilities.isLocalStorageAccessSafe()) {
-      bannerState = window.localStorage.getItem(`cluster_${this.clusterId}_banner_dismissed`);
+      bannerState = window.localStorage.getItem(this.clusterBannerDismissedKey);
     }
 
     return bannerState === `${status}_true`;
   }
 
-  updateContainer(prevStatus, status, error) {
-    this.hideAll();
+  setClusterNewlyCreated(state) {
+    if (AccessorUtilities.isLocalStorageAccessSafe()) {
+      window.localStorage.setItem(this.clusterNewlyCreatedKey, Boolean(state));
+    }
+  }
+
+  isClusterNewlyCreated() {
+    // once this is true, it will always be true for a given page load
+    if (!this.isNewlyCreated) {
+      let newlyCreated;
+      if (AccessorUtilities.isLocalStorageAccessSafe()) {
+        newlyCreated = window.localStorage.getItem(this.clusterNewlyCreatedKey);
+      }
+
+      this.isNewlyCreated = newlyCreated === 'true';
+    }
+    return this.isNewlyCreated;
+  }
 
-    if (this.isBannerDismissed(status)) {
+  updateContainer(prevStatus, status, error) {
+    if (status !== 'created' && this.isBannerDismissed(status)) {
       return;
     }
     this.setBannerDismissedState(status, false);
 
-    // We poll all the time but only want the `created` banner to show when newly created
-    if (this.store.state.status !== 'created' || prevStatus !== this.store.state.status) {
+    if (prevStatus !== status) {
+      this.hideAll();
+
       switch (status) {
         case 'created':
-          this.successContainer.classList.remove('hidden');
+          if (this.isClusterNewlyCreated()) {
+            this.setClusterNewlyCreated(false);
+            this.successContainer.classList.remove('hidden');
+          } else if (prevStatus) {
+            this.setClusterNewlyCreated(true);
+            window.location.reload();
+          }
           break;
         case 'errored':
           this.errorContainer.classList.remove('hidden');
@@ -292,7 +317,6 @@ export default class Clusters {
           this.creatingContainer.classList.remove('hidden');
           break;
         default:
-          this.hideAll();
       }
     }
   }
diff --git a/app/assets/javascripts/projects/gke_cluster_namespace/index.js b/app/assets/javascripts/projects/gke_cluster_namespace/index.js
index 288740203ad..0ec4d8807b0 100644
--- a/app/assets/javascripts/projects/gke_cluster_namespace/index.js
+++ b/app/assets/javascripts/projects/gke_cluster_namespace/index.js
@@ -28,8 +28,10 @@ const setState = glManagedCheckbox => {
 const initGkeNamespace = () => {
   const glManagedCheckbox = document.querySelector('.js-gl-managed');
 
-  setState(glManagedCheckbox); // this is needed in order to set the initial state
-  glManagedCheckbox.addEventListener('change', () => setState(glManagedCheckbox));
+  if (glManagedCheckbox) {
+    setState(glManagedCheckbox); // this is needed in order to set the initial state
+    glManagedCheckbox.addEventListener('change', () => setState(glManagedCheckbox));
+  }
 };
 
 export default initGkeNamespace;
diff --git a/app/views/clusters/clusters/_banner.html.haml b/app/views/clusters/clusters/_banner.html.haml
index a5de67be96b..4b4278075a6 100644
--- a/app/views/clusters/clusters/_banner.html.haml
+++ b/app/views/clusters/clusters/_banner.html.haml
@@ -3,7 +3,8 @@
   %p.js-error-reason
 
 .hidden.js-cluster-creating.bs-callout.bs-callout-info{ role: 'alert' }
-  = s_('ClusterIntegration|Kubernetes cluster is being created on Google Kubernetes Engine...')
+  %span.spinner.spinner-dark.spinner-sm{ 'aria-label': 'Loading' }
+  %span.prepend-left-4= s_('ClusterIntegration|Kubernetes cluster is being created on Google Kubernetes Engine...')
 
 .hidden.row.js-cluster-api-unreachable.bs-callout.bs-callout-warning{ role: 'alert' }
   .col-11
@@ -18,4 +19,4 @@
     %button.js-close-banner.close.cluster-application-banner-close.h-100.m-0= "×"
 
 .hidden.js-cluster-success.bs-callout.bs-callout-success{ role: 'alert' }
-  = s_("ClusterIntegration|Kubernetes cluster was successfully created on Google Kubernetes Engine. Refresh the page to see Kubernetes cluster's details")
+  = s_("ClusterIntegration|Kubernetes cluster was successfully created on Google Kubernetes Engine.")
diff --git a/app/views/clusters/clusters/show.html.haml b/app/views/clusters/clusters/show.html.haml
index 4dfbb310142..913d4caa0bc 100644
--- a/app/views/clusters/clusters/show.html.haml
+++ b/app/views/clusters/clusters/show.html.haml
@@ -33,26 +33,29 @@
   %section#cluster-integration
     %h4= @cluster.name
     = render 'banner'
-    = render 'form'
-
-  = render_if_exists 'projects/clusters/prometheus_graphs'
-
-  .cluster-applications-table#js-cluster-applications
-
-  %section.settings#js-cluster-details{ class: ('expanded' if expanded) }
-    .settings-header
-      %h4= s_('ClusterIntegration|Kubernetes cluster details')
-      %button.btn.js-settings-toggle{ type: 'button' }
-        = expanded ? _('Collapse') : _('Expand')
-      %p= s_('ClusterIntegration|See and edit the details for your Kubernetes cluster')
-    .settings-content
-      = render 'clusters/platforms/kubernetes/form', cluster: @cluster, platform: @cluster.platform_kubernetes, update_cluster_url_path: clusterable.cluster_path(@cluster)
-
-  %section.settings.no-animate#js-cluster-advanced-settings{ class: ('expanded' if expanded) }
-    .settings-header
-      %h4= _('Advanced settings')
-      %button.btn.js-settings-toggle{ type: 'button' }
-        = expanded ? _('Collapse') : _('Expand')
-      %p= s_("ClusterIntegration|Advanced options on this Kubernetes cluster's integration")
-    .settings-content#advanced-settings-section
-      = render 'advanced_settings'
+
+    - unless @cluster.status_name.in? %i/scheduled creating/
+      = render 'form'
+
+  - unless @cluster.status_name.in? %i/scheduled creating/
+    = render_if_exists 'projects/clusters/prometheus_graphs'
+
+    .cluster-applications-table#js-cluster-applications
+
+    %section.settings#js-cluster-details{ class: ('expanded' if expanded) }
+      .settings-header
+        %h4= s_('ClusterIntegration|Kubernetes cluster details')
+        %button.btn.js-settings-toggle{ type: 'button' }
+          = expanded ? _('Collapse') : _('Expand')
+        %p= s_('ClusterIntegration|See and edit the details for your Kubernetes cluster')
+      .settings-content
+        = render 'clusters/platforms/kubernetes/form', cluster: @cluster, platform: @cluster.platform_kubernetes, update_cluster_url_path: clusterable.cluster_path(@cluster)
+
+    %section.settings.no-animate#js-cluster-advanced-settings{ class: ('expanded' if expanded) }
+      .settings-header
+        %h4= _('Advanced settings')
+        %button.btn.js-settings-toggle{ type: 'button' }
+          = expanded ? _('Collapse') : _('Expand')
+        %p= s_("ClusterIntegration|Advanced options on this Kubernetes cluster's integration")
+      .settings-content#advanced-settings-section
+        = render 'advanced_settings'
diff --git a/changelogs/unreleased/50130-cluster-cluster-details-update-automatically-after-cluster-is-created.yml b/changelogs/unreleased/50130-cluster-cluster-details-update-automatically-after-cluster-is-created.yml
new file mode 100644
index 00000000000..dc718572cfb
--- /dev/null
+++ b/changelogs/unreleased/50130-cluster-cluster-details-update-automatically-after-cluster-is-created.yml
@@ -0,0 +1,5 @@
+---
+title: Update cluster page automatically when cluster is created
+merge_request: 27189
+author:
+type: changed
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 45a73004954..117625e717f 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -2647,7 +2647,7 @@ msgstr ""
 msgid "ClusterIntegration|Kubernetes cluster name"
 msgstr ""
 
-msgid "ClusterIntegration|Kubernetes cluster was successfully created on Google Kubernetes Engine. Refresh the page to see Kubernetes cluster's details"
+msgid "ClusterIntegration|Kubernetes cluster was successfully created on Google Kubernetes Engine."
 msgstr ""
 
 msgid "ClusterIntegration|Kubernetes clusters allow you to use review apps, deploy your applications, run your pipelines, and much more in an easy way."
diff --git a/spec/features/projects/clusters/applications_spec.rb b/spec/features/projects/clusters/applications_spec.rb
index 217bf1f5506..8cfd23d16df 100644
--- a/spec/features/projects/clusters/applications_spec.rb
+++ b/spec/features/projects/clusters/applications_spec.rb
@@ -22,9 +22,8 @@ describe 'Clusters Applications', :js do
       let(:cluster) { create(:cluster, :providing_by_gcp, projects: [project]) }
 
       it 'user is unable to install applications' do
-        page.within('.js-cluster-application-row-helm') do
-          expect(page).to have_css('.js-cluster-application-install-button[disabled]', exact_text: 'Install')
-        end
+        expect(page).not_to have_css('.js-cluster-application-row-helm')
+        expect(page).not_to have_css('.js-cluster-application-install-button')
       end
     end
 
diff --git a/spec/frontend/clusters/clusters_bundle_spec.js b/spec/frontend/clusters/clusters_bundle_spec.js
index 6de06a9e2d5..80816faa5fc 100644
--- a/spec/frontend/clusters/clusters_bundle_spec.js
+++ b/spec/frontend/clusters/clusters_bundle_spec.js
@@ -147,47 +147,80 @@ describe('Clusters', () => {
   });
 
   describe('updateContainer', () => {
+    const { location } = window;
+
+    beforeEach(() => {
+      delete window.location;
+      window.location = {
+        reload: jest.fn(),
+        hash: location.hash,
+      };
+    });
+
+    afterEach(() => {
+      window.location = location;
+    });
+
     describe('when creating cluster', () => {
       it('should show the creating container', () => {
         cluster.updateContainer(null, 'creating');
 
         expect(cluster.creatingContainer.classList.contains('hidden')).toBeFalsy();
-
         expect(cluster.successContainer.classList.contains('hidden')).toBeTruthy();
-
         expect(cluster.errorContainer.classList.contains('hidden')).toBeTruthy();
+        expect(window.location.reload).not.toHaveBeenCalled();
       });
 
       it('should continue to show `creating` banner with subsequent updates of the same status', () => {
+        cluster.updateContainer(null, 'creating');
         cluster.updateContainer('creating', 'creating');
 
         expect(cluster.creatingContainer.classList.contains('hidden')).toBeFalsy();
-
         expect(cluster.successContainer.classList.contains('hidden')).toBeTruthy();
-
         expect(cluster.errorContainer.classList.contains('hidden')).toBeTruthy();
+        expect(window.location.reload).not.toHaveBeenCalled();
       });
     });
 
     describe('when cluster is created', () => {
-      it('should show the success container and fresh the page', () => {
-        cluster.updateContainer(null, 'created');
+      it('should hide the "creating" banner and refresh the page', () => {
+        jest.spyOn(cluster, 'setClusterNewlyCreated');
+        cluster.updateContainer(null, 'creating');
+        cluster.updateContainer('creating', 'created');
 
         expect(cluster.creatingContainer.classList.contains('hidden')).toBeTruthy();
+        expect(cluster.successContainer.classList.contains('hidden')).toBeTruthy();
+        expect(cluster.errorContainer.classList.contains('hidden')).toBeTruthy();
+        expect(window.location.reload).toHaveBeenCalled();
+        expect(cluster.setClusterNewlyCreated).toHaveBeenCalledWith(true);
+      });
 
-        expect(cluster.successContainer.classList.contains('hidden')).toBeFalsy();
+      it('when the page is refreshed, it should show the "success" banner', () => {
+        jest.spyOn(cluster, 'setClusterNewlyCreated');
+        jest.spyOn(cluster, 'isClusterNewlyCreated').mockReturnValue(true);
+
+        cluster.updateContainer(null, 'created');
+        cluster.updateContainer('created', 'created');
 
+        expect(cluster.creatingContainer.classList.contains('hidden')).toBeTruthy();
+        expect(cluster.successContainer.classList.contains('hidden')).toBeFalsy();
         expect(cluster.errorContainer.classList.contains('hidden')).toBeTruthy();
+        expect(window.location.reload).not.toHaveBeenCalled();
+        expect(cluster.setClusterNewlyCreated).toHaveBeenCalledWith(false);
       });
 
       it('should not show a banner when status is already `created`', () => {
+        jest.spyOn(cluster, 'setClusterNewlyCreated');
+        jest.spyOn(cluster, 'isClusterNewlyCreated').mockReturnValue(false);
+
+        cluster.updateContainer(null, 'created');
         cluster.updateContainer('created', 'created');
 
         expect(cluster.creatingContainer.classList.contains('hidden')).toBeTruthy();
-
         expect(cluster.successContainer.classList.contains('hidden')).toBeTruthy();
-
         expect(cluster.errorContainer.classList.contains('hidden')).toBeTruthy();
+        expect(window.location.reload).not.toHaveBeenCalled();
+        expect(cluster.setClusterNewlyCreated).not.toHaveBeenCalled();
       });
     });
 
-- 
cgit v1.2.1


From 6a472da4f852ca681bf7c149c635ee57eb925060 Mon Sep 17 00:00:00 2001
From: Dustin Hemard <dphemard@gmail.com>
Date: Sat, 3 Aug 2019 22:52:17 +0000
Subject: fix misspelled url

---
 doc/user/project/pages/custom_domains_ssl_tls_certification/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md b/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md
index 54ecc42d2b9..6a9900d48f9 100644
--- a/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md
+++ b/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md
@@ -191,7 +191,7 @@ can use the following setup:
 1. In Cloudflare, create a DNS `TXT` record to verify your domain.
 1. In GitLab, verify your domain.
 1. In Cloudflare, create a DNS `CNAME` record pointing `www` to `domain.com`.
-1. In Cloudflare, add a Page Rule pointing `www.domain,com` to `domain.com`:
+1. In Cloudflare, add a Page Rule pointing `www.domain.com` to `domain.com`:
     - Navigate to your domain's dashboard and click **Page Rules**
       on the top nav.
     - Click **Create Page Rule**.
-- 
cgit v1.2.1


From 578972f9ec6ca224612895463902929dbb7c77c3 Mon Sep 17 00:00:00 2001
From: Mek Stittri <mstittri@gitlab.com>
Date: Sat, 3 Aug 2019 23:57:27 +0000
Subject: Clarify that we now use group based teams

---
 doc/development/contributing/issue_workflow.md | 25 ++++++++++---------------
 1 file changed, 10 insertions(+), 15 deletions(-)

diff --git a/doc/development/contributing/issue_workflow.md b/doc/development/contributing/issue_workflow.md
index 79c701d7abf..39f12e6886e 100644
--- a/doc/development/contributing/issue_workflow.md
+++ b/doc/development/contributing/issue_workflow.md
@@ -92,9 +92,6 @@ The following team labels are **true** teams per our [organization structure](ht
 The descriptions on the [labels page](https://gitlab.com/gitlab-org/gitlab-ce/-/labels) explain what falls under the
 responsibility of each team.
 
-Within those team labels, we also have the ~backend and ~frontend labels to
-indicate if an issue needs backend work, frontend work, or both.
-
 Team labels are always capitalized so that they show up as the first label for
 any issue.
 
@@ -107,15 +104,6 @@ The current stage labels can be found by [searching the labels list for `devops:
 These labels are [scoped labels](../../user/project/labels.md#scoped-labels-premium)
 and thus are mutually exclusive.
 
-They differ from the [Team labels](#team-labels) because teams may work on
-issues outside their stage.
-
-Normally there is a 1:1 relationship between Stage labels and Team labels, but
-any issue can be picked up by any team, depending on current priorities.
-So, an issue labeled ~"devops:create" may be scheduled by the ~Plan team, for
-example. In such cases, it's usual to include both team labels so each team can
-be aware of the progress.
-
 The Stage labels are used to generate the [direction pages][direction-pages] automatically.
 
 [devops-stages]: https://about.gitlab.com/direction/#devops-stages
@@ -130,9 +118,16 @@ The current group labels can be found by [searching the labels list for `group::
 These labels are [scoped labels](../../user/project/labels.md#scoped-labels-premium)
 and thus are mutually exclusive.
 
-Groups are nested beneath a particular stage, so only one stage label and one group label
-can be applied to a single issue. You can find the groups listed in the
-[Product Categories pages][product-categories].
+You can find the groups listed in the [Product Stages, Groups, and Categories][product-categories] page.
+
+We use the term group to map down product requirements from our product stages. 
+As a team needs some way to collect the work their members are planning to be assigned to, we use the `~group::` labels to do so.
+
+Normally there is a 1:1 relationship between Stage labels and Group labels. In the spirit of "Everyone can contribute",
+any issue can be picked up by any group, depending on current priorities. For example, an issue labeled ~"devops::create" may be picked up by the ~"group::access" group.
+
+We also use stage and group labels to help quantify our [throughput](https://about.gitlab.com/handbook/engineering/management/throughput). 
+Please read [Stage and Group labels in Throughtput](https://about.gitlab.com/handbook/engineering/management/throughput/#stage-and-group-labels-in-throughput) for more information on how the labels are used in this context.
 
 [structure-groups]: https://about.gitlab.com/company/team/structure/#groups
 [product-categories]: https://about.gitlab.com/handbook/product/categories/
-- 
cgit v1.2.1


From 9775b30c815d80b49c5753cad9f1c1b37eac1ab4 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Sun, 4 Aug 2019 09:12:42 -0700
Subject: Upgrade PostgreSQL versions in CI

* 9.6.11 -> 9.6.14
* 10.7 -> 10.9

This is done in preparation for upgrading PostgreSQL in Omnibus:
https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/3492
---
 .gitlab/ci/frontend.gitlab-ci.yml | 2 +-
 .gitlab/ci/rails.gitlab-ci.yml    | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.gitlab/ci/frontend.gitlab-ci.yml b/.gitlab/ci/frontend.gitlab-ci.yml
index a0db84bd25a..d2148f01441 100644
--- a/.gitlab/ci/frontend.gitlab-ci.yml
+++ b/.gitlab/ci/frontend.gitlab-ci.yml
@@ -8,7 +8,7 @@
 
 .use-pg: &use-pg
   services:
-    - name: postgres:9.6.11
+    - name: postgres:9.6.14
       command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
     - name: redis:alpine
 
diff --git a/.gitlab/ci/rails.gitlab-ci.yml b/.gitlab/ci/rails.gitlab-ci.yml
index 24b4eb3a4c1..8a89232fdd4 100644
--- a/.gitlab/ci/rails.gitlab-ci.yml
+++ b/.gitlab/ci/rails.gitlab-ci.yml
@@ -1,12 +1,12 @@
 .use-pg: &use-pg
   services:
-    - name: postgres:9.6.11
+    - name: postgres:9.6.14
       command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
     - name: redis:alpine
 
 .use-pg-10: &use-pg-10
   services:
-    - name: postgres:10.7
+    - name: postgres:10.9
       command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
     - name: redis:alpine
 
-- 
cgit v1.2.1


From cfe8024e70ed45517311f1700f9e69a2f15d395e Mon Sep 17 00:00:00 2001
From: Tiger <twatson@gitlab.com>
Date: Thu, 25 Jul 2019 16:23:50 +1000
Subject: Allow Cert-Manager to be uninstalled

Our current version of Cert-Manager does not uninstall
cleanly, and we must manually remove custom resource
definitions.
---
 .../uninstall_application_confirmation_modal.vue   |  2 +-
 app/models/clusters/applications/cert_manager.rb   | 36 +++++++++++++++----
 ...ernetes-applications-uninstall-cert-manager.yml |  5 +++
 doc/user/clusters/applications.md                  |  1 +
 locale/gitlab.pot                                  |  4 +--
 .../projects/clusters/applications_spec.rb         |  2 +-
 .../clusters/applications/cert_manager_spec.rb     | 40 +++++++++++++++++++++-
 7 files changed, 79 insertions(+), 11 deletions(-)
 create mode 100644 changelogs/unreleased/60664-kubernetes-applications-uninstall-cert-manager.yml

diff --git a/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue b/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue
index e067eb13c54..4f60e543666 100644
--- a/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue
+++ b/app/assets/javascripts/clusters/components/uninstall_application_confirmation_modal.vue
@@ -12,7 +12,7 @@ const CUSTOM_APP_WARNING_TEXT = {
     'ClusterIntegration|The associated load balancer and IP will be deleted and cannot be restored.',
   ),
   [CERT_MANAGER]: s__(
-    'ClusterIntegration|The associated certifcate will be deleted and cannot be restored.',
+    'ClusterIntegration|The associated private key will be deleted and cannot be restored.',
   ),
   [PROMETHEUS]: s__('ClusterIntegration|All data will be deleted and cannot be restored.'),
   [RUNNER]: s__('ClusterIntegration|Any running pipelines will be canceled.'),
diff --git a/app/models/clusters/applications/cert_manager.rb b/app/models/clusters/applications/cert_manager.rb
index 7d5a6dec519..2fc1b67dfd2 100644
--- a/app/models/clusters/applications/cert_manager.rb
+++ b/app/models/clusters/applications/cert_manager.rb
@@ -24,12 +24,6 @@ module Clusters
         'stable/cert-manager'
       end
 
-      # We will implement this in future MRs.
-      # Need to reverse postinstall step
-      def allowed_to_uninstall?
-        false
-      end
-
       def install_command
         Gitlab::Kubernetes::Helm::InstallCommand.new(
           name: 'certmanager',
@@ -41,12 +35,42 @@ module Clusters
         )
       end
 
+      def uninstall_command
+        Gitlab::Kubernetes::Helm::DeleteCommand.new(
+          name: 'certmanager',
+          rbac: cluster.platform_kubernetes_rbac?,
+          files: files,
+          postdelete: post_delete_script
+        )
+      end
+
       private
 
       def post_install_script
         ["kubectl create -f /data/helm/certmanager/config/cluster_issuer.yaml"]
       end
 
+      def post_delete_script
+        [
+          delete_private_key,
+          delete_crd('certificates.certmanager.k8s.io'),
+          delete_crd('clusterissuers.certmanager.k8s.io'),
+          delete_crd('issuers.certmanager.k8s.io')
+        ].compact
+      end
+
+      def private_key_name
+        @private_key_name ||= cluster_issuer_content.dig('spec', 'acme', 'privateKeySecretRef', 'name')
+      end
+
+      def delete_private_key
+        "kubectl delete secret -n #{Gitlab::Kubernetes::Helm::NAMESPACE} #{private_key_name} --ignore-not-found" if private_key_name.present?
+      end
+
+      def delete_crd(definition)
+        "kubectl delete crd #{definition} --ignore-not-found"
+      end
+
       def cluster_issuer_file
         {
           'cluster_issuer.yaml': cluster_issuer_yaml_content
diff --git a/changelogs/unreleased/60664-kubernetes-applications-uninstall-cert-manager.yml b/changelogs/unreleased/60664-kubernetes-applications-uninstall-cert-manager.yml
new file mode 100644
index 00000000000..efc3ec241e2
--- /dev/null
+++ b/changelogs/unreleased/60664-kubernetes-applications-uninstall-cert-manager.yml
@@ -0,0 +1,5 @@
+---
+title: Allow Cert-Manager to be uninstalled
+merge_request: 31166
+author:
+type: added
diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md
index a29df76f4b7..c0106b2cb9e 100644
--- a/doc/user/clusters/applications.md
+++ b/doc/user/clusters/applications.md
@@ -252,6 +252,7 @@ The applications below can be uninstalled.
 
 | Application | GitLab version | Notes |
 | ----------- | -------------- | ----- |
+| Cert-Manager | 12.2+         | The associated private key will be deleted and cannot be restored. Deployed applications will continue to use HTTPS, but certificates will not be renewed. Before uninstalling, you may wish to [back up your configuration](https://docs.cert-manager.io/en/latest/tasks/backup-restore-crds.html) or [revoke your certificates](https://letsencrypt.org/docs/revoking/) |
 | GitLab Runner  | 12.2+         | Any running pipelines will be canceled. |
 | Helm  | 12.2+         | The associated Tiller pod will be deleted and cannot be restored. |
 | Ingress  | 12.1+         | The associated load balancer and IP will be deleted and cannot be restored. Furthermore, it can only be uninstalled if JupyterHub is not installed. |
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 117625e717f..3ddfb6b63a1 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -2821,10 +2821,10 @@ msgstr ""
 msgid "ClusterIntegration|The associated Tiller pod will be deleted and cannot be restored."
 msgstr ""
 
-msgid "ClusterIntegration|The associated certifcate will be deleted and cannot be restored."
+msgid "ClusterIntegration|The associated load balancer and IP will be deleted and cannot be restored."
 msgstr ""
 
-msgid "ClusterIntegration|The associated load balancer and IP will be deleted and cannot be restored."
+msgid "ClusterIntegration|The associated private key will be deleted and cannot be restored."
 msgstr ""
 
 msgid "ClusterIntegration|The endpoint is in the process of being assigned. Please check your Kubernetes cluster or Quotas on Google Kubernetes Engine if it takes a long time."
diff --git a/spec/features/projects/clusters/applications_spec.rb b/spec/features/projects/clusters/applications_spec.rb
index 8cfd23d16df..3d15095e2da 100644
--- a/spec/features/projects/clusters/applications_spec.rb
+++ b/spec/features/projects/clusters/applications_spec.rb
@@ -183,7 +183,7 @@ describe 'Clusters Applications', :js do
             Clusters::Cluster.last.application_cert_manager.make_installed!
 
             expect(email_form_value).to eq('new_email@example.org')
-            expect(page).to have_css('.js-cluster-application-install-button', exact_text: 'Installed')
+            expect(page).to have_css('.js-cluster-application-uninstall-button', exact_text: 'Uninstall')
           end
 
           expect(page).to have_content('Cert-Manager was successfully installed on your Kubernetes cluster')
diff --git a/spec/models/clusters/applications/cert_manager_spec.rb b/spec/models/clusters/applications/cert_manager_spec.rb
index e956a2355db..93050e80b07 100644
--- a/spec/models/clusters/applications/cert_manager_spec.rb
+++ b/spec/models/clusters/applications/cert_manager_spec.rb
@@ -13,7 +13,7 @@ describe Clusters::Applications::CertManager do
   describe '#can_uninstall?' do
     subject { cert_manager.can_uninstall? }
 
-    it { is_expected.to be_falsey }
+    it { is_expected.to be_truthy }
   end
 
   describe '#install_command' do
@@ -80,6 +80,44 @@ describe Clusters::Applications::CertManager do
     end
   end
 
+  describe '#uninstall_command' do
+    subject { cert_manager.uninstall_command }
+
+    it { is_expected.to be_an_instance_of(Gitlab::Kubernetes::Helm::DeleteCommand) }
+
+    it 'is initialized with cert_manager arguments' do
+      expect(subject.name).to eq('certmanager')
+      expect(subject).to be_rbac
+      expect(subject.files).to eq(cert_manager.files)
+    end
+
+    it 'specifies a post delete command to remove custom resource definitions' do
+      expect(subject.postdelete).to eq([
+        "kubectl delete secret -n gitlab-managed-apps letsencrypt-prod --ignore-not-found",
+        'kubectl delete crd certificates.certmanager.k8s.io --ignore-not-found',
+        'kubectl delete crd clusterissuers.certmanager.k8s.io --ignore-not-found',
+        'kubectl delete crd issuers.certmanager.k8s.io --ignore-not-found'
+      ])
+    end
+
+    context 'secret key name is not found' do
+      before do
+        allow(File).to receive(:read).and_call_original
+        expect(File).to receive(:read)
+          .with(Rails.root.join('vendor', 'cert_manager', 'cluster_issuer.yaml'))
+          .and_return('key: value')
+      end
+
+      it 'does not try and delete the secret' do
+        expect(subject.postdelete).to eq([
+          'kubectl delete crd certificates.certmanager.k8s.io --ignore-not-found',
+          'kubectl delete crd clusterissuers.certmanager.k8s.io --ignore-not-found',
+          'kubectl delete crd issuers.certmanager.k8s.io --ignore-not-found'
+        ])
+      end
+    end
+  end
+
   describe '#files' do
     let(:application) { cert_manager }
     let(:values) { subject[:'values.yaml'] }
-- 
cgit v1.2.1


From 295ed86676bc172ab9b44bc7ef3245f95ac8364b Mon Sep 17 00:00:00 2001
From: Marcia Ramos <marcia@gitlab.com>
Date: Mon, 5 Aug 2019 01:33:08 +0000
Subject: Add tutorial - migrate repo to LFS

- Link new doc to and from other docs
- Add tbs section
---
 doc/topics/git/index.md                            |   4 +-
 doc/topics/git/migrate_to_git_lfs/index.md         | 174 +++++++++++++++++++++
 .../lfs/manage_large_binaries_with_git_lfs.md      |   4 +
 3 files changed, 181 insertions(+), 1 deletion(-)
 create mode 100644 doc/topics/git/migrate_to_git_lfs/index.md

diff --git a/doc/topics/git/index.md b/doc/topics/git/index.md
index cdcd8215b23..8b7fb061afc 100644
--- a/doc/topics/git/index.md
+++ b/doc/topics/git/index.md
@@ -82,6 +82,8 @@ Git-related queries from GitLab.
 The following relate to Git Large File Storage:
 
 - [Getting Started with Git LFS](https://about.gitlab.com/2017/01/30/getting-started-with-git-lfs-tutorial/)
-- [GitLab Git LFS documentation](../../workflow/lfs/manage_large_binaries_with_git_lfs.md)
+- [Migrate an existing Git repo with Git LFS](migrate_to_git_lfs/index.md)
+- [GitLab Git LFS user documentation](../../workflow/lfs/manage_large_binaries_with_git_lfs.md)
+- [GitLab Git LFS admin documentation](../../workflow/lfs/lfs_administration.md)
 - [Git-Annex to Git-LFS migration guide](../../workflow/lfs/migrate_from_git_annex_to_git_lfs.md)
 - [Towards a production quality open source Git LFS server](https://about.gitlab.com/2015/08/13/towards-a-production-quality-open-source-git-lfs-server/)
diff --git a/doc/topics/git/migrate_to_git_lfs/index.md b/doc/topics/git/migrate_to_git_lfs/index.md
new file mode 100644
index 00000000000..c879e404997
--- /dev/null
+++ b/doc/topics/git/migrate_to_git_lfs/index.md
@@ -0,0 +1,174 @@
+---
+type: tutorial, concepts
+description: "How to migrate an existing Git repository to Git LFS with BFG."
+last_updated: 2019-07-11
+---
+
+# Migrate a Git repo into Git LFS with BFG
+
+Using Git LFS can help you to reduce the size of your Git
+repository and improve its performance.
+
+However, simply adding the
+large files that are already in your repository to Git LFS,
+will not actually reduce the size of your repository because
+the files are still referenced by previous commits.
+
+Through the method described on this document, first migrate
+to Git LFS with [BFG](https://rtyley.github.io/bfg-repo-cleaner/)
+through a mirror repo, then clean up the repository's history,
+and lastly create LFS tracking rules to prevent new binary files
+from being added.
+
+This tutorial was inspired by the guide
+[Use BFG to migrate a repo to Git LFS](https://confluence.atlassian.com/bitbucket/use-bfg-to-migrate-a-repo-to-git-lfs-834233484.html).
+For more information on Git LFS, see the [references](#references)
+below.
+
+CAUTION: **Warning:**
+The method described on this guide rewrites Git history. Make
+sure to back up your repo before beginning and use it at your
+own risk.
+
+## Requirements
+
+Before beginning, make sure:
+
+- You have enough LFS storage for the files you want to convert.
+  Storage is required for the entire history of all files.
+- All the team members you share the repository with have pushed all changes.
+  Branches based on the repository before applying this method cannot be merged.
+  Branches based on the repo before applying this method cannot be merged.
+
+To follow this tutorial, you'll need:
+
+- Maintainer permissions to the existing Git repository
+  you'd like to migrate to LFS with access through the command line.
+- [Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git)
+  and [Java Runtime Environment](https://www.java.com/en/download/manual.jsp)
+  (Java 7 or above) installed locally.
+- BFG installed locally:
+
+   ```bash
+   brew install bfg
+   ```
+
+- Git LFS installed locally:
+
+   ```bash
+   brew install git-lfs
+   ```
+
+NOTE: **Note:**
+This guide was tested on macOS Mojave.
+
+## Steps
+
+Consider an example upstream project, `git@gitlab.com:gitlab-tests/test-git-lfs-repo-migration.git`.
+
+1. Back up your repository:
+
+   Create a copy of your repository so that you can
+   recover it in case something goes wrong.
+
+1. Clone `--mirror` the repo:
+
+   Cloning with the mirror flag will create a bare repository.
+   This ensures you get all the branches within the repo.
+
+   It creates a directory called `<repo-name>.git`
+   (in our example, `test-git-lfs-repo-migration.git`),
+   mirroring the upstream project:
+
+   ```bash
+   git clone --mirror git@gitlab.com:gitlab-tests/test-git-lfs-repo-migration.git
+   ```
+
+1. Convert the Git history with BFG:
+
+   ```bash
+   bfg --convert-to-git-lfs "*.{png,mp4,jpg,gif}" --no-blob-protection test-git-lfs-repo-migration.git
+   ```
+
+   It is scanning all the history, and looking for any files with
+   that extension, and then converting them to an LFS pointer.
+
+1. Clean up the repository:
+
+   ```bash
+   # cd path/to/mirror/repo:
+   cd test-git-lfs-repo-migration.git
+   # clean up the repo:
+   git reflog expire --expire=now --all && git gc --prune=now --aggressive
+   ```
+
+   You can also take a look on how to further [clean the repo](../../../user/project/repository/reducing_the_repo_size_using_git.md),
+   but it's not necessary for the purposes of this guide.
+
+1. Install Git LFS in the mirror repository:
+
+   ```bash
+   git lfs install
+   ```
+
+1. [Unprotect the default branch](../../../user/project/protected_branches.md),
+   so that we can force-push the rewritten repository:
+
+   1. Navigate to your project's **Settings > Repository** and
+   expand **Protected Branches**.
+   1. Scroll down to locate the protected branches and click
+   **Unprotect** the default branch.
+
+1. Force-push to GitLab:
+
+   ```bash
+   git push --force
+   ```
+
+1. Track the files you want with LFS:
+
+   ```bash
+   # cd path/to/upstream/repo:
+   cd test-git-lfs-repo-migration
+   # You may need to reset your local copy with upstream's `master` after force-pushing from the mirror:
+   git reset --hard origin/master
+   # Track the files with LFS:
+   git lfs track "*.gif" "*.png" "*.jpg" "*.psd" "*.mp4" ".gitattributes" "img/"
+   ```
+
+   Now all existing the files you converted, as well as the new
+   ones you add, will be properly tracked with LFS.
+
+1. [Re-protect the default branch](../../../user/project/protected_branches.md):
+
+   1. Navigate to your project's **Settings > Repository** and
+   expand **Protected Branches**.
+   1. Select the default branch from the **Branch** dropdown menu,
+   and set up the
+   **Allowed to push** and **Allowed to merge** rules.
+   1. Click **Protect**.
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
+
+## References
+
+- [Getting Started with Git LFS](https://about.gitlab.com/2017/01/30/getting-started-with-git-lfs-tutorial/)
+- [Migrate from Git Annex to Git LFS](../../../workflow/lfs/migrate_from_git_annex_to_git_lfs.md)
+- [GitLab's Git LFS user documentation](../../../workflow/lfs/manage_large_binaries_with_git_lfs.md)
+- [GitLab's Git LFS administrator documentation](../../../workflow/lfs/lfs_administration.md)
+- Alternative method to [migrate an existing repo to Git LFS](https://github.com/git-lfs/git-lfs/wiki/Tutorial#migrating-existing-repository-data-to-lfs)
+
+<!--
+Test project:
+https://gitlab.com/gitlab-tests/test-git-lfs-repo-migration
+-->
diff --git a/doc/workflow/lfs/manage_large_binaries_with_git_lfs.md b/doc/workflow/lfs/manage_large_binaries_with_git_lfs.md
index b6bba57049d..264372a512d 100644
--- a/doc/workflow/lfs/manage_large_binaries_with_git_lfs.md
+++ b/doc/workflow/lfs/manage_large_binaries_with_git_lfs.md
@@ -84,6 +84,10 @@ that are on the remote repository, eg. for a branch from origin:
 git lfs fetch origin master
 ```
 
+### Migrate an existing repo to Git LFS
+
+Read the documentation on how to [migrate an existing Git repo with Git LFS](../../topics/git/migrate_to_git_lfs/index.md).
+
 ## File Locking
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/35856) in GitLab 10.5.
-- 
cgit v1.2.1


From 61e1a1492507ad2b77a48ef0a890de62caa590b3 Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Mon, 5 Aug 2019 02:13:46 +0000
Subject: Expand markdown linting rules for docs

MD002 - First header should be level 1
MD006 - Start bullets at beginning of line
MD019 - No multiple spaces after header style
MD022 - Headers surrounded by blank lines
MD025 - Only 1 level 1 header
MD028 - No blank lines within blockquote
MD038 - Spaces inside code span elements
---
 .mdlrc.style                                       |  7 ++
 .../operations/fast_ssh_key_lookup.md              |  4 +-
 doc/ci/variables/README.md                         | 97 ++++++++++++----------
 .../testing_guide/end_to_end/quick_start_guide.md  | 18 ++--
 doc/development/what_requires_downtime.md          |  2 +-
 doc/user/group/bulk_editing/index.md               | 15 ++--
 doc/user/project/issues/related_issues.md          |  2 +-
 7 files changed, 77 insertions(+), 68 deletions(-)

diff --git a/.mdlrc.style b/.mdlrc.style
index 0ca3611df0b..36fbba3543b 100644
--- a/.mdlrc.style
+++ b/.mdlrc.style
@@ -5,12 +5,19 @@
 # for more detailed information on the rules and styles.
 
 rule "MD001"
+rule "MD002"
 rule "MD003", :style => :atx
+rule "MD006"
 rule "MD011"
+rule "MD019"
+rule "MD022"
 rule "MD023"
+rule "MD025"
+rule "MD028"
 rule "MD032"
 rule "MD034"
 rule "MD037"
+rule "MD038"
 
 # Should not be used currently:
 
diff --git a/doc/administration/operations/fast_ssh_key_lookup.md b/doc/administration/operations/fast_ssh_key_lookup.md
index ea69378b249..e787af798bc 100644
--- a/doc/administration/operations/fast_ssh_key_lookup.md
+++ b/doc/administration/operations/fast_ssh_key_lookup.md
@@ -71,10 +71,10 @@ sudo service sshd reload
 Confirm that SSH is working by removing your user's SSH key in the UI, adding a
 new one, and attempting to pull a repo.
 
-> **Note:** For Omnibus Docker, `AuthorizedKeysCommand` is setup by default in
+NOTE: **Note:** For Omnibus Docker, `AuthorizedKeysCommand` is setup by default in
 GitLab 11.11 and later.
 
-> **Warning:** Do not disable writes until SSH is confirmed to be working
+CAUTION: **Caution:** Do not disable writes until SSH is confirmed to be working
 perfectly, because the file will quickly become out-of-date.
 
 In the case of lookup failures (which are common), the `authorized_keys`
diff --git a/doc/ci/variables/README.md b/doc/ci/variables/README.md
index c48817a5e30..c63b1e104ed 100644
--- a/doc/ci/variables/README.md
+++ b/doc/ci/variables/README.md
@@ -371,8 +371,8 @@ variables take precedence over those defined in `.gitlab-ci.yml`.
 
 There are cases where some variables cannot be used in the context of a
 `.gitlab-ci.yml` definition (for example under `script`). Read more about which variables are [not supported](where_variables_can_be_used.md).
- 
-## Where variables can be used 
+
+## Where variables can be used
 
 Click [here](where_variables_can_be_used.md) for a section that describes where and how the different types of variables can be used.
 
@@ -484,81 +484,86 @@ Below you can find supported syntax reference:
 
 1. Equality matching using a string
 
-    > Example: `$VARIABLE == "some value"`
+   Examples:
 
-    > Example: `$VARIABLE != "some value"` (introduced in GitLab 11.11)
+   - `$VARIABLE == "some value"`
+   - `$VARIABLE != "some value"` (introduced in GitLab 11.11)
 
-    You can use equality operator `==` or `!=` to compare a variable content to a
-    string. We support both, double quotes and single quotes to define a string
-    value, so both `$VARIABLE == "some value"` and `$VARIABLE == 'some value'`
-    are supported. `"some value" == $VARIABLE` is correct too.
+   You can use equality operator `==` or `!=` to compare a variable content to a
+   string. We support both, double quotes and single quotes to define a string
+   value, so both `$VARIABLE == "some value"` and `$VARIABLE == 'some value'`
+   are supported. `"some value" == $VARIABLE` is correct too.
 
 1. Checking for an undefined value
 
-    > Example: `$VARIABLE == null`
+   Examples:
 
-    > Example: `$VARIABLE != null` (introduced in GitLab 11.11)
+   - `$VARIABLE == null`
+   - `$VARIABLE != null` (introduced in GitLab 11.11)
 
-    It sometimes happens that you want to check whether a variable is defined
-    or not. To do that, you can compare a variable to `null` keyword, like
-    `$VARIABLE == null`. This expression is going to evaluate to truth if
-    variable is not defined when `==` is used, or to falsey if `!=` is used.
+   It sometimes happens that you want to check whether a variable is defined
+   or not. To do that, you can compare a variable to `null` keyword, like
+   `$VARIABLE == null`. This expression is going to evaluate to truth if
+   variable is not defined when `==` is used, or to falsey if `!=` is used.
 
 1. Checking for an empty variable
 
-    > Example: `$VARIABLE == ""`
-
-    > Example: `$VARIABLE != ""` (introduced in GitLab 11.11)
+   Examples:
+  
+   - `$VARIABLE == ""`
+   - `$VARIABLE != ""` (introduced in GitLab 11.11)
 
-    If you want to check whether a variable is defined, but is empty, you can
-    simply compare it against an empty string, like `$VAR == ''` or non-empty
-    string `$VARIABLE != ""`.
+   If you want to check whether a variable is defined, but is empty, you can
+   simply compare it against an empty string, like `$VAR == ''` or non-empty
+   string `$VARIABLE != ""`.
 
 1. Comparing two variables
 
-    > Example: `$VARIABLE_1 == $VARIABLE_2`
+   Examples:
 
-    > Example: `$VARIABLE_1 != $VARIABLE_2` (introduced in GitLab 11.11)
+   - `$VARIABLE_1 == $VARIABLE_2`
+   - `$VARIABLE_1 != $VARIABLE_2` (introduced in GitLab 11.11)
 
-    It is possible to compare two variables. This is going to compare values
-    of these variables.
+   It is possible to compare two variables. This is going to compare values
+   of these variables.
 
 1. Variable presence check
 
-    > Example: `$STAGING`
+   Example: `$STAGING`
 
-    If you only want to create a job when there is some variable present,
-    which means that it is defined and non-empty, you can simply use
-    variable name as an expression, like `$STAGING`. If `$STAGING` variable
-    is defined, and is non empty, expression will evaluate to truth.
-    `$STAGING` value needs to a string, with length higher than zero.
-    Variable that contains only whitespace characters is not an empty variable.
+   If you only want to create a job when there is some variable present,
+   which means that it is defined and non-empty, you can simply use
+   variable name as an expression, like `$STAGING`. If `$STAGING` variable
+   is defined, and is non empty, expression will evaluate to truth.
+   `$STAGING` value needs to a string, with length higher than zero.
+   Variable that contains only whitespace characters is not an empty variable.
 
 1. Pattern matching (introduced in GitLab 11.0)
 
-    > Example: `$VARIABLE =~ /^content.*/`
+   Examples:
 
-    > Example: `$VARIABLE_1 !~ /^content.*/` (introduced in GitLab 11.11)
+   - `$VARIABLE =~ /^content.*/`
+   - `$VARIABLE_1 !~ /^content.*/` (introduced in GitLab 11.11)
 
-    It is possible perform pattern matching against a variable and regular
-    expression. Expression like this evaluates to truth if matches are found
-    when using `=~`. It evaluates to truth if matches are not found when `!~` is used.
+   It is possible perform pattern matching against a variable and regular
+   expression. Expression like this evaluates to truth if matches are found
+   when using `=~`. It evaluates to truth if matches are not found when `!~` is used.
 
-    Pattern matching is case-sensitive by default. Use `i` flag modifier, like
-    `/pattern/i` to make a pattern case-insensitive.
+   Pattern matching is case-sensitive by default. Use `i` flag modifier, like
+   `/pattern/i` to make a pattern case-insensitive.
 
 1. Conjunction / Disjunction ([introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/27925) in GitLab 12.0)
 
-    > Example: `$VARIABLE1 =~ /^content.*/ && $VARIABLE2 == "something"`
-
-    > Example: `$VARIABLE1 =~ /^content.*/ && $VARIABLE2 =~ /thing$/ && $VARIABLE3`
+   Examples:
 
-    > Example: `$VARIABLE1 =~ /^content.*/ || $VARIABLE2 =~ /thing$/ && $VARIABLE3`
+   - `$VARIABLE1 =~ /^content.*/ && $VARIABLE2 == "something"`
+   - `$VARIABLE1 =~ /^content.*/ && $VARIABLE2 =~ /thing$/ && $VARIABLE3`
+   - `$VARIABLE1 =~ /^content.*/ || $VARIABLE2 =~ /thing$/ && $VARIABLE3`
 
-    It is possible to join multiple conditions using `&&` or `||`. Any of the otherwise
-    supported syntax may be used in a conjunctive or disjunctive statement.
-    Precedence of operators follows standard Ruby 2.5 operation
-    [precedence](https://ruby-doc.org/core-2.5.0/doc/syntax/precedence_rdoc.html).
+   It is possible to join multiple conditions using `&&` or `||`. Any of the otherwise
+   supported syntax may be used in a conjunctive or disjunctive statement.
+   Precedence of operators follows standard Ruby 2.5 operation
+   [precedence](https://ruby-doc.org/core-2.5.0/doc/syntax/precedence_rdoc.html).
 
 ## Debug tracing
 
diff --git a/doc/development/testing_guide/end_to_end/quick_start_guide.md b/doc/development/testing_guide/end_to_end/quick_start_guide.md
index 14a169dcc1d..e1df8be8b6f 100644
--- a/doc/development/testing_guide/end_to_end/quick_start_guide.md
+++ b/doc/development/testing_guide/end_to_end/quick_start_guide.md
@@ -110,7 +110,7 @@ end
 ```
 
 > Notice that the test itself is simple. The most challenging part is the creation of the application state, which will be covered later.
-
+>
 > The exemplified test case's MVC is not enough for the change to be merged, but it helps to build up the test logic. The reason is that we do not want to use locators directly in the tests, and tests **must** use [Page Objects] before they can be merged. This way we better separate the responsibilities, where the Page Objects encapsulate elements and methods that allow us to interact with pages, while the spec files describe the test cases in more business-related language.
 
 Below are the steps that the test covers:
@@ -211,7 +211,7 @@ A pre-condition for the entire test suite is defined in the `before :context` bl
 
 > For our test suite, due to the need of the tests being completely independent of each other, we won't use the `before :context` block. The `before :context` block would make the tests dependent on each other because the first test changes the label of the issue, and the second one depends on the `'animal::fox'` label being set.
 
-> **Tip:** In case of a test suite with only one `it` block it's ok to use only the `before` block (see below) with all the test's pre-conditions.
+TIP: **Tip:** In case of a test suite with only one `it` block it's ok to use only the `before` block (see below) with all the test's pre-conditions.
 
 #### `before`
 
@@ -274,11 +274,11 @@ end
 In the `before` block we create all the application state needed for the tests to run. We do that by using the `Runtime::Browser.visit` method to go to the login page, by performing a `sign_in_using_credentials` from the `Login` Page Object, by fabricating resources via APIs (`issue`, and `Resource::Label`), and by using the `issue.visit!` to visit the issue page.
 
 > A project is created in the background by creating the `issue` resource.
-
+>
 > When creating the [Resources], notice that when calling the `fabricate_via_api` method, we pass some attribute:values, like `title`, and `labels` for the `issue` resource; and `project` and `title` for the `label` resource.
-
+>
 > What's important to understand here is that by creating the application state mostly using the public APIs we save a lot of time in the test suite setup stage.
-
+>
 > Soon we will cover the use of the already existing resources' methods and the creation of your own `fabricate_via_api` methods for resources where this is still not available, but first, let's optimize our implementation.
 
 ### 6. Optimization
@@ -362,7 +362,7 @@ First, in the [issue resource](https://gitlab.com/gitlab-org/gitlab-ee/blob/d358
 Add the following `attribute :id` and `attribute :labels` right above the [`attribute :title`](https://gitlab.com/gitlab-org/gitlab-ee/blob/d3584e80b4236acdf393d815d604801573af72cc/qa/qa/resource/issue.rb#L15).
 
 > This line is needed to allow for the issue fabrication, and for labels to be automatically added to the issue when fabricating it via API.
-
+>
 > We add the attributes above the existing attribute to keep them alphabetically organized.
 
 Then, let's initialize an instance variable for labels to allow an empty array as default value when such information is not passed during the resource fabrication, since this optional. [Between the attributes and the `fabricate!` method](https://gitlab.com/gitlab-org/gitlab-ee/blob/1a1f1408728f19b2aa15887cd20bddab7e70c8bd/qa/qa/resource/issue.rb#L18), add the following:
@@ -437,7 +437,7 @@ By defining the `resource_web_url(resource)` method, we override the one from th
 
 By defining the `api_get_path` method, we **would** allow for the [`ApiFabricator`](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/qa/qa/resource/api_fabricator.rb) module to know which path to use to get a single label, but since there's no path available for that in the publich API, we raise a `NotImplementedError` instead.
 
-By defining the `api_post_path` method, we allow for the [`ApiFabricator `](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/qa/qa/resource/api_fabricator.rb) module to know which path to use to create a new label in a specific project.
+By defining the `api_post_path` method, we allow for the [`ApiFabricator`](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/qa/qa/resource/api_fabricator.rb) module to know which path to use to create a new label in a specific project.
 
 By defining the `api_post_body` method, we we allow for the [`ApiFabricator.api_post`](https://gitlab.com/gitlab-org/gitlab-ee/blob/a9177ca1812bac57e2b2fa4560e1d5dd8ffac38b/qa/qa/resource/api_fabricator.rb#L68) method to know which data to send when making the `POST` request.
 
@@ -580,7 +580,7 @@ filter_output = search_field_tag search_id, nil, class: "dropdown-input-field",
 
 > `data-qa-*` data attributes and CSS classes starting with `qa-` are used solely for the purpose of QA and testing.
 > By defining these, we add **testability** to the application.
-
+>
 > When defining a data attribute like: `qa_selector: 'labels_block'`, it should match the element definition: `element :labels_block`. We use a [sanity test](https://gitlab.com/gitlab-org/gitlab-ce/tree/master/qa/qa/page#how-did-we-solve-fragile-tests-problem) to check that defined elements have their respective selectors in the specified views.
 
 #### Updates in the `QA::Page::Base` class
@@ -599,8 +599,6 @@ This method receives an element (`name`) and the `keys` that it will send to tha
 
 As you might remember, in the Issue Page Object we call this method like this: `send_keys_to_element(:dropdown_input_field, [label, :enter])`.
 
-___
-
 With that, you should be able to start writing end-to-end tests yourself. *Congratulations!*
 
 [Page Objects]: page_objects.md
diff --git a/doc/development/what_requires_downtime.md b/doc/development/what_requires_downtime.md
index 24edd05da2f..f0da1cc2ddc 100644
--- a/doc/development/what_requires_downtime.md
+++ b/doc/development/what_requires_downtime.md
@@ -140,7 +140,7 @@ done without requiring downtime. However, this does require that any application
 changes are deployed _first_. Thus, changing the constraints of a column should
 happen in a post-deployment migration.
 NOTE: Avoid using `change_column` as it produces inefficient query because it re-defines
-the whole column type. For example, to add a NOT NULL constraint, prefer `change_column_null `
+the whole column type. For example, to add a NOT NULL constraint, prefer `change_column_null`
 
 ## Changing Column Types
 
diff --git a/doc/user/group/bulk_editing/index.md b/doc/user/group/bulk_editing/index.md
index 5b5f75c2dd9..c8715577eb2 100644
--- a/doc/user/group/bulk_editing/index.md
+++ b/doc/user/group/bulk_editing/index.md
@@ -5,22 +5,21 @@
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/12719) for merge
   requests in GitLab [GitLab Premium](https://about.gitlab.com/pricing/) 12.2.
 
-> NOTE: **Note:**
->
-> - A permission level of `Reporter` or higher is required in order to manage issues.
-> - A permission level of `Developer` or higher is required in order to manage merge requests.
-
 Milestones can be updated simultaneously across multiple issues or merge requests by using the bulk editing feature.
 
 ![Bulk editing](img/bulk-editing.png)
 
+NOTE: **Note:**
+A permission level of `Reporter` or higher is required in order to manage issues, and
+a permission level of `Developer` or higher is required in order to manage merge requests.
+
 To bulk update group issue or merge request milestones:
 
 1. Navigate to the issues or merge requests list.
 1. Click the **Edit issues** or **Edit merge requests** button.
-    - This will open a sidebar on the right-hand side of your screen where an editable field
-  for milestones will be displayed.
-    - Checkboxes will also appear beside each issue or merge request.
+   - This will open a sidebar on the right-hand side of your screen where an editable field
+     for milestones will be displayed.
+   - Checkboxes will also appear beside each issue or merge request.
 1. Check the checkbox beside each issue to be edited.
 1. Select the desired milestone from the sidebar.
 1. Click **Update all**.
diff --git a/doc/user/project/issues/related_issues.md b/doc/user/project/issues/related_issues.md
index 9c72fe33d0d..d7178506b64 100644
--- a/doc/user/project/issues/related_issues.md
+++ b/doc/user/project/issues/related_issues.md
@@ -19,7 +19,7 @@ Issues from a different project require additional information like the
 group and the project name. For example:
 
 - same project: `#44`
-- same group: `project#44 `
+- same group: `project#44`
 - different group: `group/project#44`
 
 Valid references will be added to a temporary list that you can review.
-- 
cgit v1.2.1


From 228833588ad283e821fbbfcc5738faff0b7924bd Mon Sep 17 00:00:00 2001
From: Heinrich Lee Yu <heinrich@gitlab.com>
Date: Mon, 5 Aug 2019 11:16:25 +0800
Subject: Fix flaky spec due to image lazy-loading

---
 spec/features/snippets/user_edits_snippet_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/features/snippets/user_edits_snippet_spec.rb b/spec/features/snippets/user_edits_snippet_spec.rb
index 92e34a1f510..5ff12c37aff 100644
--- a/spec/features/snippets/user_edits_snippet_spec.rb
+++ b/spec/features/snippets/user_edits_snippet_spec.rb
@@ -34,7 +34,7 @@ describe 'User edits snippet', :js do
     click_button('Save changes')
     wait_for_requests
 
-    link = find('a.no-attachment-icon img[alt="banana_sample"]')['src']
+    link = find('a.no-attachment-icon img:not(.lazy)[alt="banana_sample"]')['src']
     expect(link).to match(%r{/uploads/-/system/personal_snippet/#{snippet.id}/\h{32}/banana_sample\.gif\z})
   end
 
-- 
cgit v1.2.1


From 011a3063a2225d055af3ef5a94366db9c2c74594 Mon Sep 17 00:00:00 2001
From: Mike Lewis <mlewis@gitlab.com>
Date: Mon, 5 Aug 2019 03:43:35 +0000
Subject: Apply updates to git_tricks.md

Change code references to codeblocks so they can be copied
more easily, and add link to doc from git topic index. Also
applies suggested changes.
---
 doc/topics/git/index.md               |   1 +
 doc/topics/git/useful_git_commands.md | 210 ++++++++++++++++++++++++++++++++++
 2 files changed, 211 insertions(+)
 create mode 100644 doc/topics/git/useful_git_commands.md

diff --git a/doc/topics/git/index.md b/doc/topics/git/index.md
index 8b7fb061afc..5b227ebebe0 100644
--- a/doc/topics/git/index.md
+++ b/doc/topics/git/index.md
@@ -48,6 +48,7 @@ The following are resources about version control concepts:
 
 The following resources may help you become more efficient at using Git:
 
+- [Useful Git commands](useful_git_commands.md) collected by the GitLab support team.
 - [Git Tips & Tricks](https://about.gitlab.com/2016/12/08/git-tips-and-tricks/)
 - [Eight Tips to help you work better with Git](https://about.gitlab.com/2015/02/19/8-tips-to-help-you-work-better-with-git/)
 
diff --git a/doc/topics/git/useful_git_commands.md b/doc/topics/git/useful_git_commands.md
new file mode 100644
index 00000000000..84406805350
--- /dev/null
+++ b/doc/topics/git/useful_git_commands.md
@@ -0,0 +1,210 @@
+---
+type: reference
+---
+
+# Useful Git commands
+
+Here are some useful Git commands collected by the GitLab support team. You may not
+need to use often, but they can can come in handy when needed.
+
+## Remotes
+
+### Add another URL to a remote, so both remotes get updated on each push
+
+```sh
+git remote set-url --add <remote_name> <remote_url>
+```
+
+## Staging and reverting changes
+
+### Remove last commit and leave the changes in unstaged
+
+```sh
+git reset --soft HEAD^
+```
+
+### Unstage a certain number of commits from HEAD
+
+To unstage 3 commits, for example, run:
+
+```sh
+git reset HEAD^3
+```
+
+### Unstage changes to a certain file from HEAD
+
+```sh
+git reset <filename>
+```
+
+### Revert a file to HEAD state and remove changes
+
+There are two options to revert changes to a file:
+
+- `git checkout <filename>`
+- `git reset --hard <filename>`
+
+### Undo a previous commit by creating a new replacement commit
+
+```sh
+git revert <commit-sha>
+```
+
+### Create a new message for last commit
+
+```sh
+git commit --amend
+```
+
+### Add a file to the last commit
+
+```sh
+git add <filename>
+git commit --amend
+```
+
+Append `--no-edit` to the `commit` command if you do not want to edit the commit
+message.
+
+## Stashing
+
+### Stash changes
+
+```sh
+git stash save
+```
+
+The default behavor of `stash` is to save, so you can also use just:
+
+```sh
+git stash
+```
+
+### Unstash your changes
+
+```sh
+git stash apply
+```
+
+### Discard your stashed changes
+
+```sh
+git stash drop
+```
+
+### Apply and drop your stashed changes
+
+```sh
+git stash pop
+```
+
+## Refs and Log
+
+### Use reflog to show the log of reference changes to HEAD
+
+```sh
+git reflog
+```
+
+### Check the Git history of a file
+
+The basic command to check the git history of a file:
+
+```sh
+git log <file>
+```
+
+If you get this error message:
+
+```text
+fatal: ambiguous argument <file_name>: unknown revision or path not in the working tree.
+Use '--' to separate paths from revisions, like this:
+```
+
+Use this to check the Git history of the file:
+
+```sh
+git log -- <file>
+```
+
+### Find the tags that contain a particular SHA
+
+```sh
+git tag --contains <sha>
+```
+
+### Check the content of each change to a file
+
+```sh
+gitk <file>
+```
+
+### Check the content of each change to a file, follows it past file renames
+
+```sh
+gitk --follow <file>
+```
+
+## Debugging
+
+### Use a custom SSH key for a git command
+
+```text
+GIT_SSH_COMMAND="ssh -i ~/.ssh/gitlabadmin" git <command>
+```
+
+### Debug cloning
+
+With SSH:
+
+```text
+GIT_SSH_COMMAND="ssh -vvv" git clone <git@url>
+```
+
+With HTTPS:
+
+```text
+GIT_TRACE_PACKET=1 GIT_TRACE=2 GIT_CURL_VERBOSE=1 git clone <url>
+```
+
+## Rebasing
+
+### Rebase your branch onto master
+
+The -i flag stands for 'interactive':
+
+```sh
+git rebase -i master
+```
+
+### Continue the rebase if paused
+
+```sh
+git rebase --continue
+```
+
+### Use git rerere
+
+To _reuse_ recorded solutions to the same problems when repeated:
+
+```sh
+git rerere
+```
+
+To enable `rerere` functionality:
+
+```sh
+git config --global rerere.enabled true
+```
+
+<!-- ## Troubleshooting
+
+Include any troubleshooting steps that you can foresee. If you know beforehand what issues
+one might have when setting this up, or when something is changed, or on upgrading, it's
+important to describe those, too. Think of things that may go wrong and include them here.
+This is important to minimize requests for support, and to avoid doc comments with
+questions that you know someone might ask.
+
+Each scenario can be a third-level heading, e.g. `### Getting error message X`.
+If you have none to add when creating a doc, leave this section in place
+but commented out to help encourage others to add to it in the future. -->
-- 
cgit v1.2.1


From 4b76d631e44a339f5301ed151fd8ce6af1443aa8 Mon Sep 17 00:00:00 2001
From: Cameron Boulton <cameron@safecorp.com>
Date: Mon, 5 Aug 2019 03:47:24 +0000
Subject: Set DOCKER_TLS_CERTDIR in CI job templates

---
 changelogs/unreleased/patch-72.yml                                | 5 +++++
 lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml | 1 +
 2 files changed, 6 insertions(+)
 create mode 100644 changelogs/unreleased/patch-72.yml

diff --git a/changelogs/unreleased/patch-72.yml b/changelogs/unreleased/patch-72.yml
new file mode 100644
index 00000000000..ff2bac2fc29
--- /dev/null
+++ b/changelogs/unreleased/patch-72.yml
@@ -0,0 +1,5 @@
+---
+title: Fix Docker in Docker (DIND) listen port behavior change by adding DOCKER_TLS_CERTDIR in CI job templates.
+merge_request: 31201
+author: Cameron Boulton
+type: fixed
diff --git a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
index 5ad624bb15f..3e006194236 100644
--- a/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml
@@ -5,6 +5,7 @@ container_scanning:
   image: docker:stable
   variables:
     DOCKER_DRIVER: overlay2
+    DOCKER_TLS_CERTDIR: ""
     # Defining two new variables based on GitLab's CI/CD predefined variables
     # https://docs.gitlab.com/ee/ci/variables/#predefined-environment-variables
     CI_APPLICATION_REPOSITORY: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG
-- 
cgit v1.2.1


From 8ff68917b8b78dbf34785bda370692ac8b97c414 Mon Sep 17 00:00:00 2001
From: Mark Lapierre <mlapierre@gitlab.com>
Date: Mon, 5 Aug 2019 04:02:08 +0000
Subject: Revert "Merge branch 'backport-fix-remaining-prepend-lines' into
 'master'"

This reverts merge request !31379
---
 config/initializers/0_inject_enterprise_edition_module.rb | 2 --
 qa/qa.rb                                                  | 3 ---
 2 files changed, 5 deletions(-)

diff --git a/config/initializers/0_inject_enterprise_edition_module.rb b/config/initializers/0_inject_enterprise_edition_module.rb
index 39595e23abe..4b21732e179 100644
--- a/config/initializers/0_inject_enterprise_edition_module.rb
+++ b/config/initializers/0_inject_enterprise_edition_module.rb
@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require 'active_support/inflector'
-
 module InjectEnterpriseEditionModule
   def prepend_if_ee(constant)
     prepend(constant.constantize) if Gitlab.ee?
diff --git a/qa/qa.rb b/qa/qa.rb
index 8be2a289422..18fb4509dce 100644
--- a/qa/qa.rb
+++ b/qa/qa.rb
@@ -4,9 +4,6 @@ $: << File.expand_path(File.dirname(__FILE__))
 
 Encoding.default_external = 'UTF-8'
 
-require_relative '../lib/gitlab'
-require_relative '../config/initializers/0_inject_enterprise_edition_module'
-
 module QA
   ##
   # GitLab QA runtime classes, mostly singletons.
-- 
cgit v1.2.1


From ef1237014adf7f36a0bdfe496398f463c66590dd Mon Sep 17 00:00:00 2001
From: Luke Duncalfe <lduncalfe@eml.cc>
Date: Thu, 18 Jul 2019 16:18:12 +1200
Subject: CE-backport of designs route

https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/14741
---
 config/routes/project.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/config/routes/project.rb b/config/routes/project.rb
index 1f632765317..3113cb172f7 100644
--- a/config/routes/project.rb
+++ b/config/routes/project.rb
@@ -500,6 +500,10 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
           get :realtime_changes
           post :create_merge_request
           get :discussions, format: :json
+
+          Gitlab.ee do
+            get 'designs(/*vueroute)', to: 'issues#show', format: false
+          end
         end
 
         collection do
-- 
cgit v1.2.1


From 6ba99cf8b5cc37184812ec98af4fc37a026da2f8 Mon Sep 17 00:00:00 2001
From: Luke Duncalfe <lduncalfe@eml.cc>
Date: Thu, 25 Jul 2019 13:35:45 +1200
Subject: Rewrite issues show spec as a feature spec

This spec needs to run as a request-style spec in order to invoke the
Rails router.

A controller-style spec matches the wrong route, and
`session['user_return_to']` becomes incorrect.
---
 spec/controllers/projects/issues_controller_spec.rb | 21 +++++++--------------
 1 file changed, 7 insertions(+), 14 deletions(-)

diff --git a/spec/controllers/projects/issues_controller_spec.rb b/spec/controllers/projects/issues_controller_spec.rb
index 0f885d776e1..fab47aa4701 100644
--- a/spec/controllers/projects/issues_controller_spec.rb
+++ b/spec/controllers/projects/issues_controller_spec.rb
@@ -251,15 +251,13 @@ describe Projects::IssuesController do
     end
   end
 
-  describe 'Redirect after sign in' do
+  # This spec runs as a request-style spec in order to invoke the
+  # Rails router. A controller-style spec matches the wrong route, and
+  # session['user_return_to'] becomes incorrect.
+  describe 'Redirect after sign in', type: :request do
     context 'with an AJAX request' do
       it 'does not store the visited URL' do
-        get :show, params: {
-          format: :json,
-          namespace_id: project.namespace,
-          project_id: project,
-          id: issue.iid
-        }, xhr: true
+        get project_issue_path(project, issue), xhr: true
 
         expect(session['user_return_to']).to be_blank
       end
@@ -267,14 +265,9 @@ describe Projects::IssuesController do
 
     context 'without an AJAX request' do
       it 'stores the visited URL' do
-        get :show,
-          params: {
-            namespace_id: project.namespace.to_param,
-            project_id: project,
-            id: issue.iid
-          }
+        get project_issue_path(project, issue)
 
-        expect(session['user_return_to']).to eq("/#{project.namespace.to_param}/#{project.to_param}/issues/#{issue.iid}")
+        expect(session['user_return_to']).to eq(project_issue_path(project, issue))
       end
     end
   end
-- 
cgit v1.2.1


From 8d5bd2ce9f5d83d80d994aaad889548662b6aa17 Mon Sep 17 00:00:00 2001
From: Lukas Eipert <leipert@gitlab.com>
Date: Mon, 5 Aug 2019 05:40:39 +0000
Subject: Update dependency @gitlab/ui to v5.12.1

---
 package.json |  2 +-
 yarn.lock    | 12 ++++++------
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/package.json b/package.json
index ebaa3811295..bf6000dc53d 100644
--- a/package.json
+++ b/package.json
@@ -38,7 +38,7 @@
     "@babel/preset-env": "^7.4.4",
     "@gitlab/csslab": "^1.9.0",
     "@gitlab/svgs": "^1.67.0",
-    "@gitlab/ui": "5.12.0",
+    "@gitlab/ui": "5.12.1",
     "apollo-cache-inmemory": "^1.5.1",
     "apollo-client": "^2.5.1",
     "apollo-link": "^1.2.11",
diff --git a/yarn.lock b/yarn.lock
index 11e51d7690d..d8193af1310 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -996,17 +996,17 @@
   resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-1.67.0.tgz#c7b94eca13b99fd3aaa737fb6dcc0abc41d3c579"
   integrity sha512-hJOmWEs6RkjzyKkb1vc9wwKGZIBIP0coHkxu/KgOoxhBVudpGk4CH7xJ6UuB2TKpb0SEh5CC1CzRZfBYaFhsaA==
 
-"@gitlab/ui@5.12.0":
-  version "5.12.0"
-  resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-5.12.0.tgz#e44a227de3df287c63eb36162361fb451e344f69"
-  integrity sha512-QCKG3gaO4UL5yqGNqcioPPFz3rJl6J22tt8DwgARAFREGu20KK0VChHEY0xOyShCU595mKz0XgJZF+8NuxXUtw==
+"@gitlab/ui@5.12.1":
+  version "5.12.1"
+  resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-5.12.1.tgz#70035747cec96a729e012924ab2d3e3b6067a558"
+  integrity sha512-W4rvZj2Fab1UpXR0Wyi7wSvj+5Ko+TWHibC/q/FSRHMsbeSLq77lljd7rQWeXXNMBvEKwr4NqSmckWsjaSOLfw==
   dependencies:
     "@babel/standalone" "^7.0.0"
     "@gitlab/vue-toasted" "^1.2.1"
     bootstrap "4.3.1"
     bootstrap-vue "2.0.0-rc.27"
     copy-to-clipboard "^3.0.8"
-    echarts "^4.2.0-rc.2"
+    echarts "^4.2.1"
     highlight.js "^9.13.1"
     js-beautify "^1.8.8"
     lodash "^4.17.14"
@@ -4309,7 +4309,7 @@ ecc-jsbn@~0.1.1:
     jsbn "~0.1.0"
     safer-buffer "^2.1.0"
 
-echarts@^4.2.0-rc.2:
+echarts@^4.2.1:
   version "4.2.1"
   resolved "https://registry.yarnpkg.com/echarts/-/echarts-4.2.1.tgz#9a8ea3b03354f86f824d97625c334cf16965ef03"
   integrity sha512-pw4xScRPsLegD/cqEcoXRKeA2SD4+s+Kyo0Na166NamOWhzNl2yI5RZ2rE97tBlAopNmhyMeBVpAeD5qb+ee1A==
-- 
cgit v1.2.1


From c01ed60b39f683498946ee4e1de480d2db49d254 Mon Sep 17 00:00:00 2001
From: Lucas Charles <me@lucascharles.me>
Date: Mon, 5 Aug 2019 05:43:06 +0000
Subject: Add pmd-apex sast analyzer to sast docs

Includes documentation for new Apex (Salesforce) analyzer
---
 doc/user/application_security/sast/analyzers.md | 37 +++++++++++++------------
 doc/user/application_security/sast/index.md     |  1 +
 2 files changed, 20 insertions(+), 18 deletions(-)

diff --git a/doc/user/application_security/sast/analyzers.md b/doc/user/application_security/sast/analyzers.md
index 59835aeba01..cb533538047 100644
--- a/doc/user/application_security/sast/analyzers.md
+++ b/doc/user/application_security/sast/analyzers.md
@@ -29,6 +29,7 @@ SAST supports the following official analyzers:
 - [Security Code Scan (.NET)](https://gitlab.com/gitlab-org/security-products/analyzers/security-code-scan)
 - [TSLint (Typescript)](https://gitlab.com/gitlab-org/security-products/analyzers/tslint)
 - [Sobelow (Elixir Phoenix)](https://gitlab.com/gitlab-org/security-products/analyzers/sobelow)
+- [PMD (Apex only)](https://gitlab.com/gitlab-org/security-products/analyzers/pmd-apex)
 
 The analyzers are published as Docker images that SAST will use to launch
 dedicated containers for each analysis.
@@ -116,24 +117,24 @@ custom analyzer can scan the source code.
 
 ## Analyzers Data
 
-| Property \ Tool                         | Bandit               | Brakeman             | ESLint security      | Find Sec Bugs        | Flawfinder           | Go AST Scanner       | NodeJsScan           | Php CS Security Audit   | Security code Scan (.NET)   | TSLint Security    | Sobelow            |
-| --------------------------------------- | :------------------: | :------------------: | :------------------: | :------------------: | :------------------: | :------------------: | :------------------: | :---------------------: | :-------------------------: | :-------------:    | :----------------: |
-| Severity                                | ✓   | 𐄂                  | 𐄂                  | ✓   | 𐄂                  | ✓   | 𐄂                  | ✓      | 𐄂                         | ✓ | 𐄂                |
-| Title                                   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓      | ✓          | ✓ | ✓ |
-| Description                             | 𐄂                  | 𐄂                  | ✓   | ✓   | 𐄂                  | 𐄂                  | ✓   | 𐄂                     | 𐄂                         | ✓ | ✓ |
-| File                                    | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓      | ✓          | ✓ | ✓ |
-| Start line                              | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓      | ✓          | ✓ | ✓ |
-| End line                                | ✓   | 𐄂                  | ✓   | ✓   | 𐄂                  | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | ✓ | 𐄂                |
-| Start column                            | 𐄂                  | 𐄂                  | ✓   | ✓   | ✓   | ✓   | 𐄂                  | ✓      | ✓          | ✓ | 𐄂                |
-| End column                              | 𐄂                  | 𐄂                  | ✓   | ✓   | 𐄂                  | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | ✓ | 𐄂                |
-| External id (e.g. CVE)                  | 𐄂                  | ⚠            | 𐄂                  | ⚠            | ✓   | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | 𐄂                |
-| URLs                                    | 𐄂                  | ✓   | 𐄂                  | ⚠            | 𐄂                  | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | 𐄂                |
-| Internal doc/explanation                | ⚠            | ✓   | 𐄂                  | ✓   | 𐄂                  | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | ✓ |
-| Solution                                | 𐄂                  | 𐄂                  | 𐄂                  | ⚠            | ✓   | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | 𐄂                |
-| Confidence                              | ✓   | ✓   | 𐄂                  | ✓   | ✓   | ✓   | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | ✓ |
-| Affected item (e.g. class or package)   | 𐄂                  | ✓   | 𐄂                  | ✓   | ✓   | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | 𐄂                |
-| Source code extract                     | ✓   | ✓   | ✓   | 𐄂                  | ✓   | ✓   | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | 𐄂                |
-| Internal ID                             | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | 𐄂                  | ✓      | ✓          | ✓ | ✓ |
+| Property \ Tool                         | Apex                 | Bandit               | Brakeman             | ESLint security      | Find Sec Bugs        | Flawfinder           | Go AST Scanner       | NodeJsScan           | Php CS Security Audit   | Security code Scan (.NET)   | TSLint Security    | Sobelow            |
+| --------------------------------------- | :------------------: | :------------------: | :------------------: | :------------------: | :------------------: | :------------------: | :------------------: | :------------------: | :---------------------: | :-------------------------: | :-------------:    | :----------------: |
+| Severity                                | ✓   | ✓   | 𐄂                  | 𐄂                  | ✓   | 𐄂                  | ✓   | 𐄂                  | ✓      | 𐄂                         | ✓ | 𐄂                |
+| Title                                   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓      | ✓          | ✓ | ✓ |
+| Description                             | ✓   | 𐄂                  | 𐄂                  | ✓   | ✓   | 𐄂                  | 𐄂                  | ✓   | 𐄂                     | 𐄂                         | ✓ | ✓ |
+| File                                    | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓      | ✓          | ✓ | ✓ |
+| Start line                              | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓      | ✓          | ✓ | ✓ |
+| End line                                | ✓   | ✓   | 𐄂                  | ✓   | ✓   | 𐄂                  | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | ✓ | 𐄂                |
+| Start column                            | ✓   | 𐄂                  | 𐄂                  | ✓   | ✓   | ✓   | ✓   | 𐄂                  | ✓      | ✓          | ✓ | 𐄂                |
+| End column                              | ✓   | 𐄂                  | 𐄂                  | ✓   | ✓   | 𐄂                  | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | ✓ | 𐄂                |
+| External id (e.g. CVE)                  | 𐄂   | 𐄂                  | ⚠            | 𐄂                  | ⚠            | ✓   | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | 𐄂                |
+| URLs                                    | ✓   | 𐄂                  | ✓   | 𐄂                  | ⚠            | 𐄂                  | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | 𐄂                |
+| Internal doc/explanation                | ✓   | ⚠            | ✓   | 𐄂                  | ✓   | 𐄂                  | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | ✓ |
+| Solution                                | ✓   | 𐄂                  | 𐄂                  | 𐄂                  | ⚠            | ✓   | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | 𐄂                |
+| Confidence                              | 𐄂   | ✓   | ✓   | 𐄂                  | ✓   | ✓   | ✓   | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | ✓ |
+| Affected item (e.g. class or package)   | ✓   | 𐄂                  | ✓   | 𐄂                  | ✓   | ✓   | 𐄂                  | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | 𐄂                |
+| Source code extract                     | 𐄂   | ✓   | ✓   | ✓   | 𐄂                  | ✓   | ✓   | 𐄂                  | 𐄂                     | 𐄂                         | 𐄂                | 𐄂                |
+| Internal ID                             | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | ✓   | 𐄂                  | ✓      | ✓          | ✓ | ✓ |
 
 - ✓ => we have that data
 - ⚠ => we have that data but it's partially reliable, or we need to extract it from unstructured content
diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md
index aac881112ff..5149f628345 100644
--- a/doc/user/application_security/sast/index.md
+++ b/doc/user/application_security/sast/index.md
@@ -59,6 +59,7 @@ The following table shows which languages, package managers and frameworks are s
 |-----------------------------------------------------------------------------|----------------------------------------------------------------------------------------|------------------------------|
 | .NET                                                                        | [Security Code Scan](https://security-code-scan.github.io)                             | 11.0                         |
 | Any                                                                         | [Gitleaks](https://github.com/zricethezav/gitleaks) and [TruffleHog](https://github.com/dxa4481/truffleHog) | 11.9 |
+| Apex (Salesforce)                                                           | [pmd](https://pmd.github.io/pmd/index.html)                                            | 12.1                         |
 | C/C++                                                                       | [Flawfinder](https://www.dwheeler.com/flawfinder/)                                     | 10.7                         |
 | Elixir (Phoenix)                                                            | [Sobelow](https://github.com/nccgroup/sobelow)                                         | 11.10                        |
 | Go                                                                          | [Gosec](https://github.com/securego/gosec)                                             | 10.7                         |
-- 
cgit v1.2.1


From bcfef87afc08a64d460315d2f80c7cd3be0f0b8c Mon Sep 17 00:00:00 2001
From: Gabriel Mazetto <gabriel@gitlab.com>
Date: Mon, 5 Aug 2019 06:45:43 +0000
Subject: Geo: Some update instructions should be for 9.0.x only

---
 .../geo/replication/updating_the_geo_nodes.md      | 34 ++++++++++------------
 1 file changed, 16 insertions(+), 18 deletions(-)

diff --git a/doc/administration/geo/replication/updating_the_geo_nodes.md b/doc/administration/geo/replication/updating_the_geo_nodes.md
index 550b3b07a95..39174780e24 100644
--- a/doc/administration/geo/replication/updating_the_geo_nodes.md
+++ b/doc/administration/geo/replication/updating_the_geo_nodes.md
@@ -10,10 +10,23 @@ all you need to do is update GitLab itself:
 
 1. Log into each node (**primary** and **secondary** nodes).
 1. [Update GitLab][update].
-1. [Update tracking database on **secondary** node](#update-tracking-database-on-secondary-node) when
-   the tracking database is enabled.
 1. [Test](#check-status-after-updating) **primary** and **secondary** nodes, and check version in each.
 
+### Check status after updating
+
+Now that the update process is complete, you may want to check whether
+everything is working correctly:
+
+1. Run the Geo raketask on all nodes, everything should be green:
+
+   ```sh
+   sudo gitlab-rake gitlab:geo:check
+   ```
+
+1. Check the **primary** node's Geo dashboard for any errors.
+1. Test the data replication by pushing code to the **primary** node and see if it
+   is received by **secondary** nodes.
+
 ## Upgrading to GitLab 12.1
 
 By default, GitLab 12.1 will attempt to automatically upgrade the embedded PostgreSQL server to 10.7 from 9.6. Please see [the omnibus documentation](https://docs.gitlab.com/omnibus/settings/database.html#upgrading-a-geo-instance) for the recommended procedure.
@@ -419,22 +432,7 @@ is prepended with the relevant node for better clarity:
    sudo gitlab-ctl start
    ```
 
-## Check status after updating
-
-Now that the update process is complete, you may want to check whether
-everything is working correctly:
-
-1. Run the Geo raketask on all nodes, everything should be green:
-
-   ```sh
-   sudo gitlab-rake gitlab:geo:check
-   ```
-
-1. Check the **primary** node's Geo dashboard for any errors.
-1. Test the data replication by pushing code to the **primary** node and see if it
-   is received by **secondary** nodes.
-
-## Update tracking database on **secondary** node
+### Update tracking database on **secondary** node
 
 After updating a **secondary** node, you might need to run migrations on
 the tracking database. The tracking database was added in GitLab 9.1,
-- 
cgit v1.2.1


From 5c8417b343cadc4862c6c8b1007cf57010b79b3b Mon Sep 17 00:00:00 2001
From: Martin Wortschack <mwortschack@gitlab.com>
Date: Mon, 5 Aug 2019 09:47:49 +0200
Subject: Upgrade gitlab-ui to 5.12.1

- Update yarn.lock
---
 package.json |  2 +-
 yarn.lock    | 12 ++++++------
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/package.json b/package.json
index ebaa3811295..bf6000dc53d 100644
--- a/package.json
+++ b/package.json
@@ -38,7 +38,7 @@
     "@babel/preset-env": "^7.4.4",
     "@gitlab/csslab": "^1.9.0",
     "@gitlab/svgs": "^1.67.0",
-    "@gitlab/ui": "5.12.0",
+    "@gitlab/ui": "5.12.1",
     "apollo-cache-inmemory": "^1.5.1",
     "apollo-client": "^2.5.1",
     "apollo-link": "^1.2.11",
diff --git a/yarn.lock b/yarn.lock
index 11e51d7690d..d8193af1310 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -996,17 +996,17 @@
   resolved "https://registry.yarnpkg.com/@gitlab/svgs/-/svgs-1.67.0.tgz#c7b94eca13b99fd3aaa737fb6dcc0abc41d3c579"
   integrity sha512-hJOmWEs6RkjzyKkb1vc9wwKGZIBIP0coHkxu/KgOoxhBVudpGk4CH7xJ6UuB2TKpb0SEh5CC1CzRZfBYaFhsaA==
 
-"@gitlab/ui@5.12.0":
-  version "5.12.0"
-  resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-5.12.0.tgz#e44a227de3df287c63eb36162361fb451e344f69"
-  integrity sha512-QCKG3gaO4UL5yqGNqcioPPFz3rJl6J22tt8DwgARAFREGu20KK0VChHEY0xOyShCU595mKz0XgJZF+8NuxXUtw==
+"@gitlab/ui@5.12.1":
+  version "5.12.1"
+  resolved "https://registry.yarnpkg.com/@gitlab/ui/-/ui-5.12.1.tgz#70035747cec96a729e012924ab2d3e3b6067a558"
+  integrity sha512-W4rvZj2Fab1UpXR0Wyi7wSvj+5Ko+TWHibC/q/FSRHMsbeSLq77lljd7rQWeXXNMBvEKwr4NqSmckWsjaSOLfw==
   dependencies:
     "@babel/standalone" "^7.0.0"
     "@gitlab/vue-toasted" "^1.2.1"
     bootstrap "4.3.1"
     bootstrap-vue "2.0.0-rc.27"
     copy-to-clipboard "^3.0.8"
-    echarts "^4.2.0-rc.2"
+    echarts "^4.2.1"
     highlight.js "^9.13.1"
     js-beautify "^1.8.8"
     lodash "^4.17.14"
@@ -4309,7 +4309,7 @@ ecc-jsbn@~0.1.1:
     jsbn "~0.1.0"
     safer-buffer "^2.1.0"
 
-echarts@^4.2.0-rc.2:
+echarts@^4.2.1:
   version "4.2.1"
   resolved "https://registry.yarnpkg.com/echarts/-/echarts-4.2.1.tgz#9a8ea3b03354f86f824d97625c334cf16965ef03"
   integrity sha512-pw4xScRPsLegD/cqEcoXRKeA2SD4+s+Kyo0Na166NamOWhzNl2yI5RZ2rE97tBlAopNmhyMeBVpAeD5qb+ee1A==
-- 
cgit v1.2.1


From 4f12a4dde1aac5c5c7fa83e42180d01a1fdb5b30 Mon Sep 17 00:00:00 2001
From: Dennis Tang <750946-dennis@users.noreply.gitlab.com>
Date: Mon, 5 Aug 2019 09:00:34 +0000
Subject: Add support for deferred links in persistent user callouts

Persistent user callouts now support deferred links, which are links
that can be used to dismiss the callout, and then proceed to follow
the link's original location.

This ensures that the callout dismissal is properly recorded
before the user leaves the page.
---
 app/assets/javascripts/persistent_user_callout.js  | 25 ++++++-
 .../javascripts/privacy_policy_update_callout.js   |  8 ++
 .../64341-user-callout-deferred-link-support.yml   |  5 ++
 spec/javascripts/persistent_user_callout_spec.js   | 87 ++++++++++++++++++++++
 4 files changed, 123 insertions(+), 2 deletions(-)
 create mode 100644 app/assets/javascripts/privacy_policy_update_callout.js
 create mode 100644 changelogs/unreleased/64341-user-callout-deferred-link-support.yml

diff --git a/app/assets/javascripts/persistent_user_callout.js b/app/assets/javascripts/persistent_user_callout.js
index 4a08e158f6b..8d6a3781048 100644
--- a/app/assets/javascripts/persistent_user_callout.js
+++ b/app/assets/javascripts/persistent_user_callout.js
@@ -1,13 +1,17 @@
+import { parseBoolean } from './lib/utils/common_utils';
 import axios from './lib/utils/axios_utils';
 import { __ } from './locale';
 import Flash from './flash';
 
+const DEFERRED_LINK_CLASS = 'deferred-link';
+
 export default class PersistentUserCallout {
   constructor(container) {
-    const { dismissEndpoint, featureId } = container.dataset;
+    const { dismissEndpoint, featureId, deferLinks } = container.dataset;
     this.container = container;
     this.dismissEndpoint = dismissEndpoint;
     this.featureId = featureId;
+    this.deferLinks = parseBoolean(deferLinks);
 
     this.init();
   }
@@ -15,9 +19,21 @@ export default class PersistentUserCallout {
   init() {
     const closeButton = this.container.querySelector('.js-close');
     closeButton.addEventListener('click', event => this.dismiss(event));
+
+    if (this.deferLinks) {
+      this.container.addEventListener('click', event => {
+        const isDeferredLink = event.target.classList.contains(DEFERRED_LINK_CLASS);
+
+        if (isDeferredLink) {
+          const { href, target } = event.target;
+
+          this.dismiss(event, { href, target });
+        }
+      });
+    }
   }
 
-  dismiss(event) {
+  dismiss(event, deferredLinkOptions = null) {
     event.preventDefault();
 
     axios
@@ -26,6 +42,11 @@ export default class PersistentUserCallout {
       })
       .then(() => {
         this.container.remove();
+
+        if (deferredLinkOptions) {
+          const { href, target } = deferredLinkOptions;
+          window.open(href, target);
+        }
       })
       .catch(() => {
         Flash(__('An error occurred while dismissing the alert. Refresh the page and try again.'));
diff --git a/app/assets/javascripts/privacy_policy_update_callout.js b/app/assets/javascripts/privacy_policy_update_callout.js
new file mode 100644
index 00000000000..126b1ee1132
--- /dev/null
+++ b/app/assets/javascripts/privacy_policy_update_callout.js
@@ -0,0 +1,8 @@
+import PersistentUserCallout from '~/persistent_user_callout';
+
+function initPrivacyPolicyUpdateCallout() {
+  const callout = document.querySelector('.privacy-policy-update-64341');
+  PersistentUserCallout.factory(callout);
+}
+
+export default initPrivacyPolicyUpdateCallout;
diff --git a/changelogs/unreleased/64341-user-callout-deferred-link-support.yml b/changelogs/unreleased/64341-user-callout-deferred-link-support.yml
new file mode 100644
index 00000000000..05230ddc124
--- /dev/null
+++ b/changelogs/unreleased/64341-user-callout-deferred-link-support.yml
@@ -0,0 +1,5 @@
+---
+title: Add support for deferred links in persistent user callouts.
+merge_request: 30818
+author:
+type: added
diff --git a/spec/javascripts/persistent_user_callout_spec.js b/spec/javascripts/persistent_user_callout_spec.js
index 2fdfff3db03..d15758be5d2 100644
--- a/spec/javascripts/persistent_user_callout_spec.js
+++ b/spec/javascripts/persistent_user_callout_spec.js
@@ -22,6 +22,24 @@ describe('PersistentUserCallout', () => {
     return fixture;
   }
 
+  function createDeferredLinkFixture() {
+    const fixture = document.createElement('div');
+    fixture.innerHTML = `
+      <div
+        class="container"
+        data-dismiss-endpoint="${dismissEndpoint}"
+        data-feature-id="${featureName}"
+        data-defer-links="true"
+      >
+        <button type="button" class="js-close"></button>
+        <a href="/somewhere-pleasant" target="_blank" class="deferred-link">A link</a>
+        <a href="/somewhere-else" target="_blank" class="normal-link">Another link</a>
+      </div>
+    `;
+
+    return fixture;
+  }
+
   describe('dismiss', () => {
     let button;
     let mockAxios;
@@ -74,6 +92,75 @@ describe('PersistentUserCallout', () => {
     });
   });
 
+  describe('deferred links', () => {
+    let button;
+    let deferredLink;
+    let normalLink;
+    let mockAxios;
+    let persistentUserCallout;
+    let windowSpy;
+
+    beforeEach(() => {
+      const fixture = createDeferredLinkFixture();
+      const container = fixture.querySelector('.container');
+      button = fixture.querySelector('.js-close');
+      deferredLink = fixture.querySelector('.deferred-link');
+      normalLink = fixture.querySelector('.normal-link');
+      mockAxios = new MockAdapter(axios);
+      persistentUserCallout = new PersistentUserCallout(container);
+      spyOn(persistentUserCallout.container, 'remove');
+      windowSpy = spyOn(window, 'open').and.callFake(() => {});
+    });
+
+    afterEach(() => {
+      mockAxios.restore();
+    });
+
+    it('defers loading of a link until callout is dismissed', done => {
+      const { href, target } = deferredLink;
+      mockAxios.onPost(dismissEndpoint).replyOnce(200);
+
+      deferredLink.click();
+
+      setTimeoutPromise()
+        .then(() => {
+          expect(windowSpy).toHaveBeenCalledWith(href, target);
+          expect(persistentUserCallout.container.remove).toHaveBeenCalled();
+          expect(mockAxios.history.post[0].data).toBe(
+            JSON.stringify({ feature_name: featureName }),
+          );
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+
+    it('does not dismiss callout on non-deferred links', done => {
+      normalLink.click();
+
+      setTimeoutPromise()
+        .then(() => {
+          expect(windowSpy).not.toHaveBeenCalled();
+          expect(persistentUserCallout.container.remove).not.toHaveBeenCalled();
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+
+    it('does not follow link when notification is closed', done => {
+      mockAxios.onPost(dismissEndpoint).replyOnce(200);
+
+      button.click();
+
+      setTimeoutPromise()
+        .then(() => {
+          expect(windowSpy).not.toHaveBeenCalled();
+          expect(persistentUserCallout.container.remove).toHaveBeenCalled();
+        })
+        .then(done)
+        .catch(done.fail);
+    });
+  });
+
   describe('factory', () => {
     it('returns an instance of PersistentUserCallout with the provided container property', () => {
       const fixture = createFixture();
-- 
cgit v1.2.1


From 27560cb74bad1351fa6b6a298d0c8fed338665b5 Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Mon, 5 Aug 2019 09:05:01 +0000
Subject: Fix display of performance bar shortcut help text

---
 app/views/help/_shortcuts.html.haml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/app/views/help/_shortcuts.html.haml b/app/views/help/_shortcuts.html.haml
index efb3815b257..46d7c367aa7 100644
--- a/app/views/help/_shortcuts.html.haml
+++ b/app/views/help/_shortcuts.html.haml
@@ -24,11 +24,11 @@
                   %td.shortcut
                     %kbd f
                   %td Focus Filter
-                - if performance_bar_enabled?
-                  %tr
-                    %td.shortcut
-                      %kbd p b
-                    %td Show/hide the Performance Bar
+                %tr
+                  %td.shortcut
+                    %kbd p
+                    %kbd b
+                  %td Toggle the Performance Bar
                 %tr
                   %td.shortcut
                     %kbd ?
-- 
cgit v1.2.1


From afbe0b616b1e17f88bacc283a7a8fbe0bece580a Mon Sep 17 00:00:00 2001
From: Jan Provaznik <jprovaznik@gitlab.com>
Date: Fri, 19 Jul 2019 10:16:41 +0200
Subject: Optimize rebalancing of relative positioning

Moving of neighbour items was done recursively - this
was extremely expensive when multiple items had to be moved.

This change optimizes the code to find nearest possible gap where
items can be moved and moves all of them with single update query.
---
 app/models/concerns/relative_positioning.rb        | 114 ++++++++++++++++-----
 changelogs/unreleased/jprovazn-fix-positioning.yml |   5 +
 .../relative_positioning_shared_examples.rb        |  76 ++++++++++++++
 3 files changed, 170 insertions(+), 25 deletions(-)
 create mode 100644 changelogs/unreleased/jprovazn-fix-positioning.yml

diff --git a/app/models/concerns/relative_positioning.rb b/app/models/concerns/relative_positioning.rb
index 4a1441805fc..5395db509b5 100644
--- a/app/models/concerns/relative_positioning.rb
+++ b/app/models/concerns/relative_positioning.rb
@@ -28,9 +28,12 @@ module RelativePositioning
   START_POSITION = Gitlab::Database::MAX_INT_VALUE / 2
   MAX_POSITION = Gitlab::Database::MAX_INT_VALUE
   IDEAL_DISTANCE = 500
+  MAX_SEQUENCE_LIMIT = 1000
 
-  included do
-    after_save :save_positionable_neighbours
+  class GapNotFound < StandardError
+    def message
+      'Could not find a gap in the sequence of relative positions.'
+    end
   end
 
   class_methods do
@@ -116,9 +119,10 @@ module RelativePositioning
 
     # If there is no place to insert an item we need to create one by moving the before item closer
     # to its predecessor. This process will recursively move all the predecessors until we have a place
+    before, after = after, before if after.relative_position < before.relative_position
     if (after.relative_position - before.relative_position) < 2
-      before.move_before
-      @positionable_neighbours = [before] # rubocop:disable Gitlab/ModuleWithInstanceVariables
+      after.move_sequence_before
+      before.reset
     end
 
     self.relative_position = self.class.position_between(before.relative_position, after.relative_position)
@@ -129,11 +133,7 @@ module RelativePositioning
     pos_after = before.next_relative_position
 
     if before.shift_after?
-      item_to_move = self.class.relative_positioning_query_base(self).find_by!(relative_position: pos_after)
-      item_to_move.move_after
-      @positionable_neighbours = [item_to_move] # rubocop:disable Gitlab/ModuleWithInstanceVariables
-
-      pos_after = item_to_move.relative_position
+      before.move_sequence_after
     end
 
     self.relative_position = self.class.position_between(pos_before, pos_after)
@@ -144,11 +144,7 @@ module RelativePositioning
     pos_before = after.prev_relative_position
 
     if after.shift_before?
-      item_to_move = self.class.relative_positioning_query_base(self).find_by!(relative_position: pos_before)
-      item_to_move.move_before
-      @positionable_neighbours = [item_to_move] # rubocop:disable Gitlab/ModuleWithInstanceVariables
-
-      pos_before = item_to_move.relative_position
+      after.move_sequence_before
     end
 
     self.relative_position = self.class.position_between(pos_before, pos_after)
@@ -174,24 +170,23 @@ module RelativePositioning
     prev_pos && (relative_position - prev_pos) == 1
   end
 
-  private
-
-  # rubocop:disable Gitlab/ModuleWithInstanceVariables
-  def save_positionable_neighbours
-    return unless @positionable_neighbours
-
-    status = @positionable_neighbours.all? { |item| item.save(touch: false) }
-    @positionable_neighbours = nil
+  def move_sequence_before
+    items_to_move = scoped_items_batch.where('relative_position <= ?', relative_position).order('relative_position DESC')
+    move_nearest_sequence(items_to_move, MIN_POSITION)
+  end
 
-    status
+  def move_sequence_after
+    items_to_move = scoped_items_batch.where('relative_position >= ?', relative_position).order(:relative_position)
+    move_nearest_sequence(items_to_move, MAX_POSITION)
   end
-  # rubocop:enable Gitlab/ModuleWithInstanceVariables
+
+  private
 
   def calculate_relative_position(calculation)
     # When calculating across projects, this is much more efficient than
     # MAX(relative_position) without the GROUP BY, due to index usage:
     # https://gitlab.com/gitlab-org/gitlab-ce/issues/54276#note_119340977
-    relation = self.class.relative_positioning_query_base(self)
+    relation = scoped_items
                  .order(Gitlab::Database.nulls_last_order('position', 'DESC'))
                  .group(self.class.relative_positioning_parent_column)
                  .limit(1)
@@ -203,4 +198,73 @@ module RelativePositioning
       .first&.
       last
   end
+
+  def scoped_items
+    self.class.relative_positioning_query_base(self)
+  end
+
+  def scoped_items_batch
+    scoped_items.limit(MAX_SEQUENCE_LIMIT).select(:id, :relative_position).where.not(id: self.id)
+  end
+
+  # Supposing that we have a sequence of positions: 5 11 12 13 14 15,
+  # and we want to move another item between 14 and 15, then
+  # we shift previous positions at least by one item, but ideally to the middle
+  # of the nearest gap. In this case gap is between 5 and 11 so
+  # this would move 11 12 13 14 to 8 9 10 11.
+  def move_nearest_sequence(items, end_position)
+    gap_idx, gap_size = find_gap_in_sequence(items)
+
+    # If we didn't find a gap in the sequence, it's still possible that there
+    # are some free positions before the first item
+    if gap_idx.nil? && !items.empty? && items.size < MAX_SEQUENCE_LIMIT &&
+        items.last.relative_position != end_position
+
+      gap_idx = items.size
+      gap_size = end_position - items.last.relative_position
+    end
+
+    # The chance that there is a sequence of 1000 positions w/o gap is really
+    # low, but it would be good to rebalance all positions in the scope instead
+    # of raising an exception:
+    # https://gitlab.com/gitlab-org/gitlab-ce/issues/64514#note_192657097
+    raise GapNotFound if gap_idx.nil?
+    # No shift is needed if gap is next to the item being moved
+    return true if gap_idx == 0
+
+    delta = max_delta_for_sequence(gap_size)
+    sequence_ids = items.first(gap_idx).map(&:id)
+    move_ids_by_delta(sequence_ids, delta)
+  end
+
+  def max_delta_for_sequence(gap_size)
+    delta = gap_size / 2
+
+    if delta.abs > IDEAL_DISTANCE
+      delta = delta < 0 ? -IDEAL_DISTANCE : IDEAL_DISTANCE
+    end
+
+    delta
+  end
+
+  def move_ids_by_delta(ids, delta)
+    self.class.where(id: ids).update_all("relative_position=relative_position+#{delta}")
+  end
+
+  def find_gap_in_sequence(items)
+    prev = relative_position
+    gap = nil
+
+    items.each_with_index do |rec, idx|
+      size = rec.relative_position - prev
+      if size.abs > 1
+        gap = [idx, size]
+        break
+      end
+
+      prev = rec.relative_position
+    end
+
+    gap
+  end
 end
diff --git a/changelogs/unreleased/jprovazn-fix-positioning.yml b/changelogs/unreleased/jprovazn-fix-positioning.yml
new file mode 100644
index 00000000000..5d703008bba
--- /dev/null
+++ b/changelogs/unreleased/jprovazn-fix-positioning.yml
@@ -0,0 +1,5 @@
+---
+title: Optimize relative re-positioning when moving issues.
+merge_request: 30938
+author:
+type: fixed
diff --git a/spec/support/shared_examples/relative_positioning_shared_examples.rb b/spec/support/shared_examples/relative_positioning_shared_examples.rb
index 1c53e2602eb..417ef4f315b 100644
--- a/spec/support/shared_examples/relative_positioning_shared_examples.rb
+++ b/spec/support/shared_examples/relative_positioning_shared_examples.rb
@@ -9,6 +9,12 @@ RSpec.shared_examples 'a class that supports relative positioning' do
     create(factory, params.merge(default_params))
   end
 
+  def create_items_with_positions(positions)
+    positions.map do |position|
+      create_item(relative_position: position)
+    end
+  end
+
   describe '.move_nulls_to_end' do
     it 'moves items with null relative_position to the end' do
       skip("#{item1} has a default relative position") if item1.relative_position
@@ -257,5 +263,75 @@ RSpec.shared_examples 'a class that supports relative positioning' do
 
       expect(new_item.relative_position).to be(100)
     end
+
+    it 'avoids N+1 queries when rebalancing other items' do
+      items = create_items_with_positions([100, 101, 102])
+
+      count = ActiveRecord::QueryRecorder.new do
+        new_item.move_between(items[-2], items[-1])
+      end
+
+      items = create_items_with_positions([150, 151, 152, 153, 154])
+
+      expect { new_item.move_between(items[-2], items[-1]) }.not_to exceed_query_limit(count)
+    end
+  end
+
+  describe '#move_sequence_before' do
+    it 'moves the whole sequence of items to the middle of the nearest gap' do
+      items = create_items_with_positions([90, 100, 101, 102])
+
+      items.last.move_sequence_before
+      items.last.save!
+
+      positions = items.map { |item| item.reload.relative_position }
+      expect(positions).to eq([90, 95, 96, 102])
+    end
+
+    it 'finds a gap if there are unused positions' do
+      items = create_items_with_positions([100, 101, 102])
+
+      items.last.move_sequence_before
+      items.last.save!
+
+      positions = items.map { |item| item.reload.relative_position }
+      expect(positions).to eq([50, 51, 102])
+    end
+
+    it 'if raises an exception if gap is not found' do
+      stub_const('RelativePositioning::MAX_SEQUENCE_LIMIT', 2)
+      items = create_items_with_positions([100, 101, 102])
+
+      expect { items.last.move_sequence_before }.to raise_error(RelativePositioning::GapNotFound)
+    end
+  end
+
+  describe '#move_sequence_after' do
+    it 'moves the whole sequence of items to the middle of the nearest gap' do
+      items = create_items_with_positions([100, 101, 102, 110])
+
+      items.first.move_sequence_after
+      items.first.save!
+
+      positions = items.map { |item| item.reload.relative_position }
+      expect(positions).to eq([100, 105, 106, 110])
+    end
+
+    it 'finds a gap if there are unused positions' do
+      items = create_items_with_positions([100, 101, 102])
+
+      items.first.move_sequence_after
+      items.first.save!
+
+      positions = items.map { |item| item.reload.relative_position }
+      expect(positions).to eq([100, 601, 602])
+    end
+
+    it 'if raises an exception if gap is not found' do
+      stub_const('RelativePositioning::MAX_SEQUENCE_LIMIT', 2)
+      items = create_items_with_positions([100, 101, 102])
+
+      expect { items.first.move_sequence_after }.to raise_error(RelativePositioning::GapNotFound)
+    end
   end
 end
-- 
cgit v1.2.1


From 3f9b1ecdb3bbaab6ec35d28d066759985ce25e0e Mon Sep 17 00:00:00 2001
From: Heinrich Lee Yu <heinrich@gitlab.com>
Date: Wed, 24 Jul 2019 22:36:39 +0800
Subject: Use SQL to find the gap instead of iterating

Also removes unnecessary methods causing extra queries
---
 app/models/concerns/relative_positioning.rb        | 157 +++++++++------------
 ...er_issues_project_id_relative_position_index.rb |  24 ++++
 db/schema.rb                                       |   4 +-
 .../relative_positioning_shared_examples.rb        |  54 -------
 4 files changed, 92 insertions(+), 147 deletions(-)
 create mode 100644 db/migrate/20190802012622_reorder_issues_project_id_relative_position_index.rb

diff --git a/app/models/concerns/relative_positioning.rb b/app/models/concerns/relative_positioning.rb
index 5395db509b5..6d3c7a7ed68 100644
--- a/app/models/concerns/relative_positioning.rb
+++ b/app/models/concerns/relative_positioning.rb
@@ -28,13 +28,6 @@ module RelativePositioning
   START_POSITION = Gitlab::Database::MAX_INT_VALUE / 2
   MAX_POSITION = Gitlab::Database::MAX_INT_VALUE
   IDEAL_DISTANCE = 500
-  MAX_SEQUENCE_LIMIT = 1000
-
-  class GapNotFound < StandardError
-    def message
-      'Could not find a gap in the sequence of relative positions.'
-    end
-  end
 
   class_methods do
     def move_nulls_to_end(objects)
@@ -117,8 +110,8 @@ module RelativePositioning
     return move_after(before) unless after
     return move_before(after) unless before
 
-    # If there is no place to insert an item we need to create one by moving the before item closer
-    # to its predecessor. This process will recursively move all the predecessors until we have a place
+    # If there is no place to insert an item we need to create one by moving the item
+    # before this and all preceding items until there is a gap
     before, after = after, before if after.relative_position < before.relative_position
     if (after.relative_position - before.relative_position) < 2
       after.move_sequence_before
@@ -132,7 +125,7 @@ module RelativePositioning
     pos_before = before.relative_position
     pos_after = before.next_relative_position
 
-    if before.shift_after?
+    if pos_after && (pos_after - pos_before) < 2
       before.move_sequence_after
     end
 
@@ -143,7 +136,7 @@ module RelativePositioning
     pos_after = after.relative_position
     pos_before = after.prev_relative_position
 
-    if after.shift_before?
+    if pos_before && (pos_after - pos_before) < 2
       after.move_sequence_before
     end
 
@@ -158,29 +151,76 @@ module RelativePositioning
     self.relative_position = self.class.position_between(min_relative_position || START_POSITION, MIN_POSITION)
   end
 
-  # Indicates if there is an item that should be shifted to free the place
-  def shift_after?
-    next_pos = next_relative_position
-    next_pos && (next_pos - relative_position) == 1
+  # Moves the sequence before the current item to the middle of the next gap
+  # For example, we have 5 11 12 13 14 15 and the current item is 15
+  # This moves the sequence 11 12 13 14 to 8 9 10 11
+  def move_sequence_before
+    next_gap = find_next_gap_before
+    delta = optimum_delta_for_gap(next_gap)
+
+    move_sequence(next_gap[:start], relative_position, -delta)
   end
 
-  # Indicates if there is an item that should be shifted to free the place
-  def shift_before?
-    prev_pos = prev_relative_position
-    prev_pos && (relative_position - prev_pos) == 1
+  # Moves the sequence after the current item to the middle of the next gap
+  # For example, we have 11 12 13 14 15 21 and the current item is 11
+  # This moves the sequence 12 13 14 15 to 15 16 17 18
+  def move_sequence_after
+    next_gap = find_next_gap_after
+    delta = optimum_delta_for_gap(next_gap)
+
+    move_sequence(relative_position, next_gap[:start], delta)
   end
 
-  def move_sequence_before
-    items_to_move = scoped_items_batch.where('relative_position <= ?', relative_position).order('relative_position DESC')
-    move_nearest_sequence(items_to_move, MIN_POSITION)
+  private
+
+  # Supposing that we have a sequence of items: 1 5 11 12 13 and the current item is 13
+  # This would return: `{ start: 11, end: 5 }`
+  def find_next_gap_before
+    items_with_next_pos = scoped_items
+                            .select('relative_position AS pos, LEAD(relative_position) OVER (ORDER BY relative_position DESC) AS next_pos')
+                            .where('relative_position <= ?', relative_position)
+                            .order(relative_position: :desc)
+
+    find_next_gap(items_with_next_pos).tap do |gap|
+      gap[:end] ||= MIN_POSITION
+    end
   end
 
-  def move_sequence_after
-    items_to_move = scoped_items_batch.where('relative_position >= ?', relative_position).order(:relative_position)
-    move_nearest_sequence(items_to_move, MAX_POSITION)
+  # Supposing that we have a sequence of items: 13 14 15 20 24 and the current item is 13
+  # This would return: `{ start: 15, end: 20 }`
+  def find_next_gap_after
+    items_with_next_pos = scoped_items
+                            .select('relative_position AS pos, LEAD(relative_position) OVER (ORDER BY relative_position ASC) AS next_pos')
+                            .where('relative_position >= ?', relative_position)
+                            .order(:relative_position)
+
+    find_next_gap(items_with_next_pos).tap do |gap|
+      gap[:end] ||= MAX_POSITION
+    end
   end
 
-  private
+  def find_next_gap(items_with_next_pos)
+    gap = self.class.from(items_with_next_pos, :items_with_next_pos)
+                    .where('ABS(pos - next_pos) > 1 OR next_pos IS NULL')
+                    .limit(1)
+                    .pluck(:pos, :next_pos)
+                    .first
+
+    { start: gap[0], end: gap[1] }
+  end
+
+  def optimum_delta_for_gap(gap)
+    delta = ((gap[:start] - gap[:end]) / 2.0).abs.ceil
+
+    [delta, IDEAL_DISTANCE].min
+  end
+
+  def move_sequence(start_pos, end_pos, delta)
+    scoped_items
+      .where.not(id: self.id)
+      .where('relative_position BETWEEN ? AND ?', start_pos, end_pos)
+      .update_all("relative_position = relative_position + #{delta}")
+  end
 
   def calculate_relative_position(calculation)
     # When calculating across projects, this is much more efficient than
@@ -202,69 +242,4 @@ module RelativePositioning
   def scoped_items
     self.class.relative_positioning_query_base(self)
   end
-
-  def scoped_items_batch
-    scoped_items.limit(MAX_SEQUENCE_LIMIT).select(:id, :relative_position).where.not(id: self.id)
-  end
-
-  # Supposing that we have a sequence of positions: 5 11 12 13 14 15,
-  # and we want to move another item between 14 and 15, then
-  # we shift previous positions at least by one item, but ideally to the middle
-  # of the nearest gap. In this case gap is between 5 and 11 so
-  # this would move 11 12 13 14 to 8 9 10 11.
-  def move_nearest_sequence(items, end_position)
-    gap_idx, gap_size = find_gap_in_sequence(items)
-
-    # If we didn't find a gap in the sequence, it's still possible that there
-    # are some free positions before the first item
-    if gap_idx.nil? && !items.empty? && items.size < MAX_SEQUENCE_LIMIT &&
-        items.last.relative_position != end_position
-
-      gap_idx = items.size
-      gap_size = end_position - items.last.relative_position
-    end
-
-    # The chance that there is a sequence of 1000 positions w/o gap is really
-    # low, but it would be good to rebalance all positions in the scope instead
-    # of raising an exception:
-    # https://gitlab.com/gitlab-org/gitlab-ce/issues/64514#note_192657097
-    raise GapNotFound if gap_idx.nil?
-    # No shift is needed if gap is next to the item being moved
-    return true if gap_idx == 0
-
-    delta = max_delta_for_sequence(gap_size)
-    sequence_ids = items.first(gap_idx).map(&:id)
-    move_ids_by_delta(sequence_ids, delta)
-  end
-
-  def max_delta_for_sequence(gap_size)
-    delta = gap_size / 2
-
-    if delta.abs > IDEAL_DISTANCE
-      delta = delta < 0 ? -IDEAL_DISTANCE : IDEAL_DISTANCE
-    end
-
-    delta
-  end
-
-  def move_ids_by_delta(ids, delta)
-    self.class.where(id: ids).update_all("relative_position=relative_position+#{delta}")
-  end
-
-  def find_gap_in_sequence(items)
-    prev = relative_position
-    gap = nil
-
-    items.each_with_index do |rec, idx|
-      size = rec.relative_position - prev
-      if size.abs > 1
-        gap = [idx, size]
-        break
-      end
-
-      prev = rec.relative_position
-    end
-
-    gap
-  end
 end
diff --git a/db/migrate/20190802012622_reorder_issues_project_id_relative_position_index.rb b/db/migrate/20190802012622_reorder_issues_project_id_relative_position_index.rb
new file mode 100644
index 00000000000..12088dd763f
--- /dev/null
+++ b/db/migrate/20190802012622_reorder_issues_project_id_relative_position_index.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+class ReorderIssuesProjectIdRelativePositionIndex < ActiveRecord::Migration[5.2]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  OLD_INDEX_NAME = 'index_issues_on_project_id_and_state_and_rel_position_and_id'
+  NEW_INDEX_NAME = 'index_issues_on_project_id_and_rel_position_and_state_and_id'
+
+  def up
+    add_concurrent_index :issues, [:project_id, :relative_position, :state, :id], order: { id: :desc }, name: NEW_INDEX_NAME
+
+    remove_concurrent_index_by_name :issues, OLD_INDEX_NAME
+  end
+
+  def down
+    add_concurrent_index :issues, [:project_id, :state, :relative_position, :id], order: { id: :desc }, name: OLD_INDEX_NAME
+
+    remove_concurrent_index_by_name :issues, NEW_INDEX_NAME
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index fe3fa597006..a9b7c1930e3 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2019_08_01_114109) do
+ActiveRecord::Schema.define(version: 2019_08_02_012622) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "pg_trgm"
@@ -1716,7 +1716,7 @@ ActiveRecord::Schema.define(version: 2019_08_01_114109) do
     t.index ["project_id", "created_at", "id", "state"], name: "index_issues_on_project_id_and_created_at_and_id_and_state"
     t.index ["project_id", "due_date", "id", "state"], name: "idx_issues_on_project_id_and_due_date_and_id_and_state_partial", where: "(due_date IS NOT NULL)"
     t.index ["project_id", "iid"], name: "index_issues_on_project_id_and_iid", unique: true
-    t.index ["project_id", "state", "relative_position", "id"], name: "index_issues_on_project_id_and_state_and_rel_position_and_id", order: { id: :desc }
+    t.index ["project_id", "relative_position", "state", "id"], name: "index_issues_on_project_id_and_rel_position_and_state_and_id", order: { id: :desc }
     t.index ["project_id", "updated_at", "id", "state"], name: "index_issues_on_project_id_and_updated_at_and_id_and_state"
     t.index ["relative_position"], name: "index_issues_on_relative_position"
     t.index ["state"], name: "index_issues_on_state"
diff --git a/spec/support/shared_examples/relative_positioning_shared_examples.rb b/spec/support/shared_examples/relative_positioning_shared_examples.rb
index 417ef4f315b..9837ba806db 100644
--- a/spec/support/shared_examples/relative_positioning_shared_examples.rb
+++ b/spec/support/shared_examples/relative_positioning_shared_examples.rb
@@ -110,46 +110,6 @@ RSpec.shared_examples 'a class that supports relative positioning' do
     end
   end
 
-  describe '#shift_after?' do
-    before do
-      [item1, item2].each do |item1|
-        item1.move_to_end && item1.save
-      end
-    end
-
-    it 'returns true' do
-      item1.update(relative_position: item2.relative_position - 1)
-
-      expect(item1.shift_after?).to be_truthy
-    end
-
-    it 'returns false' do
-      item1.update(relative_position: item2.relative_position - 2)
-
-      expect(item1.shift_after?).to be_falsey
-    end
-  end
-
-  describe '#shift_before?' do
-    before do
-      [item1, item2].each do |item1|
-        item1.move_to_end && item1.save
-      end
-    end
-
-    it 'returns true' do
-      item1.update(relative_position: item2.relative_position + 1)
-
-      expect(item1.shift_before?).to be_truthy
-    end
-
-    it 'returns false' do
-      item1.update(relative_position: item2.relative_position + 2)
-
-      expect(item1.shift_before?).to be_falsey
-    end
-  end
-
   describe '#move_between' do
     before do
       [item1, item2].each do |item1|
@@ -297,13 +257,6 @@ RSpec.shared_examples 'a class that supports relative positioning' do
       positions = items.map { |item| item.reload.relative_position }
       expect(positions).to eq([50, 51, 102])
     end
-
-    it 'if raises an exception if gap is not found' do
-      stub_const('RelativePositioning::MAX_SEQUENCE_LIMIT', 2)
-      items = create_items_with_positions([100, 101, 102])
-
-      expect { items.last.move_sequence_before }.to raise_error(RelativePositioning::GapNotFound)
-    end
   end
 
   describe '#move_sequence_after' do
@@ -326,12 +279,5 @@ RSpec.shared_examples 'a class that supports relative positioning' do
       positions = items.map { |item| item.reload.relative_position }
       expect(positions).to eq([100, 601, 602])
     end
-
-    it 'if raises an exception if gap is not found' do
-      stub_const('RelativePositioning::MAX_SEQUENCE_LIMIT', 2)
-      items = create_items_with_positions([100, 101, 102])
-
-      expect { items.first.move_sequence_after }.to raise_error(RelativePositioning::GapNotFound)
-    end
   end
 end
-- 
cgit v1.2.1


From 42daabf6e48c8801637bb77b3f19dbbdf2a1e2af Mon Sep 17 00:00:00 2001
From: Ammar Alakkad <aalakkad@gitlab.com>
Date: Mon, 5 Aug 2019 10:10:43 +0000
Subject: Enhance style of the shared runners limit

It also prepare for the EE merge request https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/14786
---
 app/assets/javascripts/jobs/components/job_app.vue                   | 5 +++++
 app/assets/javascripts/jobs/index.js                                 | 1 +
 app/views/projects/_flash_messages.html.haml                         | 2 +-
 app/views/projects/jobs/show.html.haml                               | 2 +-
 ...te-pipelines-minutes-expiry-banner-to-an-alert-component-type.yml | 5 +++++
 spec/javascripts/jobs/components/job_app_spec.js                     | 1 +
 6 files changed, 14 insertions(+), 2 deletions(-)
 create mode 100644 changelogs/unreleased/update-pipelines-minutes-expiry-banner-to-an-alert-component-type.yml

diff --git a/app/assets/javascripts/jobs/components/job_app.vue b/app/assets/javascripts/jobs/components/job_app.vue
index ef9fb6d08d1..8da87f424c4 100644
--- a/app/assets/javascripts/jobs/components/job_app.vue
+++ b/app/assets/javascripts/jobs/components/job_app.vue
@@ -73,6 +73,10 @@ export default {
       type: String,
       required: true,
     },
+    projectPath: {
+      type: String,
+      required: true,
+    },
     logState: {
       type: String,
       required: true,
@@ -258,6 +262,7 @@ export default {
           :quota-used="job.runners.quota.used"
           :quota-limit="job.runners.quota.limit"
           :runners-path="runnerHelpUrl"
+          :project-path="projectPath"
         />
 
         <environments-block
diff --git a/app/assets/javascripts/jobs/index.js b/app/assets/javascripts/jobs/index.js
index 06514fcce1d..8c1758b6322 100644
--- a/app/assets/javascripts/jobs/index.js
+++ b/app/assets/javascripts/jobs/index.js
@@ -20,6 +20,7 @@ export default () => {
           pagePath: element.dataset.buildOptionsPagePath,
           logState: element.dataset.buildOptionsLogState,
           buildStatus: element.dataset.buildOptionsBuildStatus,
+          projectPath: element.dataset.projectPath,
         },
       });
     },
diff --git a/app/views/projects/_flash_messages.html.haml b/app/views/projects/_flash_messages.html.haml
index d95045c9cce..f9222387e97 100644
--- a/app/views/projects/_flash_messages.html.haml
+++ b/app/views/projects/_flash_messages.html.haml
@@ -5,7 +5,7 @@
   - if current_user && can?(current_user, :download_code, project)
     = render 'shared/no_ssh'
     = render 'shared/no_password'
-    = render_if_exists 'shared/shared_runners_minutes_limit', project: project
     - unless project.empty_repo?
       = render 'shared/auto_devops_implicitly_enabled_banner', project: project
     = render_if_exists 'projects/above_size_limit_warning', project: project
+    = render_if_exists 'shared/shared_runners_minutes_limit', project: project, classes: [container_class, ("limit-container-width" unless fluid_layout)]
diff --git a/app/views/projects/jobs/show.html.haml b/app/views/projects/jobs/show.html.haml
index c7fab87a593..a743e656402 100644
--- a/app/views/projects/jobs/show.html.haml
+++ b/app/views/projects/jobs/show.html.haml
@@ -7,7 +7,7 @@
   = stylesheet_link_tag 'page_bundles/xterm'
 
 %div{ class: container_class }
-  #js-job-vue-app{ data: { endpoint: project_job_path(@project, @build, format: :json),
+  #js-job-vue-app{ data: { endpoint: project_job_path(@project, @build, format: :json), project_path: @project.full_path,
     deployment_help_url: help_page_path('user/project/clusters/index.html', anchor: 'troubleshooting-failed-deployment-jobs'),
     runner_help_url: help_page_path('ci/runners/README.html', anchor: 'setting-maximum-job-timeout-for-a-runner'),
     runner_settings_url: project_runners_path(@build.project, anchor: 'js-runners-settings'),
diff --git a/changelogs/unreleased/update-pipelines-minutes-expiry-banner-to-an-alert-component-type.yml b/changelogs/unreleased/update-pipelines-minutes-expiry-banner-to-an-alert-component-type.yml
new file mode 100644
index 00000000000..8c1a033dd29
--- /dev/null
+++ b/changelogs/unreleased/update-pipelines-minutes-expiry-banner-to-an-alert-component-type.yml
@@ -0,0 +1,5 @@
+---
+title: Enhance style of the shared runners limit
+merge_request: 31386
+author:
+type: other
diff --git a/spec/javascripts/jobs/components/job_app_spec.js b/spec/javascripts/jobs/components/job_app_spec.js
index b53890f8348..d3c1cf831bb 100644
--- a/spec/javascripts/jobs/components/job_app_spec.js
+++ b/spec/javascripts/jobs/components/job_app_spec.js
@@ -24,6 +24,7 @@ describe('Job App ', () => {
     variablesSettingsUrl: 'settings/ci-cd/variables',
     terminalPath: 'jobs/123/terminal',
     pagePath: `${gl.TEST_HOST}jobs/123`,
+    projectPath: 'user-name/project-name',
     logState:
       'eyJvZmZzZXQiOjE3NDUxLCJuX29wZW5fdGFncyI6MCwiZmdfY29sb3IiOm51bGwsImJnX2NvbG9yIjpudWxsLCJzdHlsZV9tYXNrIjowfQ%3D%3D',
   };
-- 
cgit v1.2.1


From 399087c8dbad4faba2702dbcbce816c693db4015 Mon Sep 17 00:00:00 2001
From: Marcel Amirault <mamirault@gitlab.com>
Date: Mon, 5 Aug 2019 11:07:14 +0000
Subject: Fix docs review-app stages in the pipeline

---
 .gitlab-ci.yml                | 1 -
 .gitlab/ci/docs.gitlab-ci.yml | 6 +++---
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 5b39304444c..9086da10283 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -29,7 +29,6 @@ stages:
   - qa
   - post-test
   - pages
-  - post-cleanup
 
 include:
   - local: .gitlab/ci/global.gitlab-ci.yml
diff --git a/.gitlab/ci/docs.gitlab-ci.yml b/.gitlab/ci/docs.gitlab-ci.yml
index 5a3940bdac2..39ae62a43c9 100644
--- a/.gitlab/ci/docs.gitlab-ci.yml
+++ b/.gitlab/ci/docs.gitlab-ci.yml
@@ -15,7 +15,7 @@ review-docs-deploy-manual:
   extends:
     - .review-docs
     - .no-docs-and-no-qa
-  stage: build
+  stage: review
   script:
     - gem install gitlab --no-document
     - ./$SCRIPT_NAME deploy
@@ -28,7 +28,7 @@ review-docs-deploy-manual:
 # Useful to preview the docs changes live.
 review-docs-deploy:
   <<: *review-docs
-  stage: post-test
+  stage: review
   script:
     - gem install gitlab --no-document
     - ./$SCRIPT_NAME deploy
@@ -41,7 +41,7 @@ review-docs-deploy:
 # Cleanup remote environment of gitlab-docs
 review-docs-cleanup:
   <<: *review-docs
-  stage: post-cleanup
+  stage: review
   environment:
     name: review-docs/$CI_COMMIT_REF_SLUG
     action: stop
-- 
cgit v1.2.1


From 9cbd5994c059769ecd5794574b5df84082f06600 Mon Sep 17 00:00:00 2001
From: James Ramsay <jramsay@gitlab.com>
Date: Mon, 5 Aug 2019 11:41:31 +0000
Subject: Add minimal partial clone docs

Partial Clone and Sparse Checkout are the native Git approach to enormous
repositories. We should document the state of these features and update as our
support and Git's support for these features improves.
---
 doc/topics/git/index.md         |   1 +
 doc/topics/git/partial_clone.md | 147 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 148 insertions(+)
 create mode 100644 doc/topics/git/partial_clone.md

diff --git a/doc/topics/git/index.md b/doc/topics/git/index.md
index 5b227ebebe0..6a539b526f3 100644
--- a/doc/topics/git/index.md
+++ b/doc/topics/git/index.md
@@ -72,6 +72,7 @@ The following are advanced topics for those who want to get the most out of Git:
 - [Custom Git Hooks](../../administration/custom_hooks.md)
 - [Git Attributes](../../user/project/git_attributes.md)
 - Git Submodules: [Using Git submodules with GitLab CI](../../ci/git_submodules.md#using-git-submodules-with-gitlab-ci)
+- [Partial Clone](partial_clone.md)
 
 ## API
 
diff --git a/doc/topics/git/partial_clone.md b/doc/topics/git/partial_clone.md
new file mode 100644
index 00000000000..9b8cf269684
--- /dev/null
+++ b/doc/topics/git/partial_clone.md
@@ -0,0 +1,147 @@
+# Partial Clone for Large Repositories
+
+CAUTION: **Alpha:**
+Partial Clone is an experimental feature, and will significantly increase
+Gitaly resource utilization when performing a partial clone, and decrease
+performance of subsequent fetch operations.
+
+As Git repositories become very large, usability decreases as performance
+decreases. One major challenge is cloning the repository, because Git will
+download the entire repository including every commit and every version of
+every object. This can be slow to transfer, and require large amounts of disk
+space.
+
+Historically, performing a **shallow clone**
+([`--depth`](https://www.git-scm.com/docs/git-clone#Documentation/git-clone.txt---depthltdepthgt))
+has been the only way to reduce the amount of data transferred when cloning
+a Git repository. This does not, however, allow filtering by sub-tree which is
+important for monolithic repositories containing many projects, or by object
+size preventing unnecessary large objects being downloaded.
+
+[Partial clone](https://github.com/git/git/blob/master/Documentation/technical/partial-clone.txt)
+is a performance optimization that "allows Git to function without having a
+complete copy of the repository. The goal of this work is to allow Git better
+handle extremely large repositories."
+
+Specifically, using partial clone, it should be possible for Git to natively
+support:
+
+- large objects, instead of using [Git LFS](https://git-lfs.github.com/)
+- enormous repositories
+
+Briefly, partial clone works by:
+
+- excluding objects from being transferred when cloning or fetching a
+repository using a new `--filter` flag
+- downloading missing objects on demand
+
+Follow [Git for enormous repositories](https://gitlab.com/groups/gitlab-org/-/epics/773) for roadmap and updates.
+
+## Enabling partial clone
+
+GitLab 12.1 uses Git 2.21.0 which has an arbitrary file access security
+vulnerability when `uploadpack.allowFilter` is enabled, and should not be
+enabled in production environments.
+
+A feature flag is planned to enable `uploadpack.allowFilter` and
+`uploadpack.allowAnySHA1InWant` once the version of Git used by GitLab has been
+updated to Git 2.22.0.
+
+Follow [this issue](https://gitlab.com/gitlab-org/gitaly/issues/1553) for
+updated.
+
+## Excluding objects by size
+
+Partial Clone allows large objects to be stored directly in the Git repository,
+and be excluded from clones as desired by the user. This eliminates the error
+prone process of deciding which objects should be stored in LFS or not. Using
+partial clone, all files – large or small – may be treated the same.
+
+With the `uploadpack.allowFilter` and `uploadpack.allowAnySHA1InWant` options
+enabled on the Git server:
+
+```bash
+# clone the repo, excluding blobs larger than 1 megabyte
+git clone --filter=blob:limit=1m <url>
+
+# in the checkout step of the clone, and any subsequent operations
+# any blobs that are needed will be downloaded on demand
+git checkout feature-branch
+```
+
+## Excluding objects by path
+
+Partial Clone allows clones to be filtered by path using a format similar to a
+`.gitignore` file stored inside the repository.
+
+With the `uploadpack.allowFilter` and `uploadpack.allowAnySHA1InWant` options
+enabled on the Git server:
+
+1. **Create a filter spec.** For example, consider a monolithic repository with
+many applications, each in a different subdirectory in the root. Create a file
+`shiny-app/.filterspec` using the GitLab web interface:
+
+    ```.gitignore
+    # Only the paths listed in the file will be downloaded when performing a
+    # partial clone using `--filter=sparse:oid=shiny-app/.gitfilterspec`
+    
+    # Explicitly include filterspec needed to configure sparse checkout with
+    # git config --local core.sparsecheckout true
+    # git show master:snazzy-app/.gitfilterspec >> .git/info/sparse-checkout
+    shiny-app/.gitfilterspec
+    
+    # Shiny App
+    shiny-app/
+    
+    # Dependencies
+    shimmery-app/
+    shared-component-a/
+    shared-component-b/
+    ```
+
+2. *Create a new Git repository and fetch.* Support for `--filter=sparse:oid`
+using the clone command is incomplete, so we will emulate the clone command
+by hand, using `git init` and `git fetch`. Follow
+[gitaly#1769](https://gitlab.com/gitlab-org/gitaly/issues/1769) for updates.
+
+    ```bash
+    # Create a new directory for the Git repository
+    mkdir jumbo-repo && cd jumbo-repo
+    
+    # Initialize a new Git repository
+    git init
+    
+    # Add the remote
+    git remote add origin git@gitlab.com/example/jumbo-repo
+    
+    # Enable partial clone support for the remote
+    git config --local extensions.partialClone origin
+    
+    # Fetch the filtered set of objects using the filterspec stored on the
+    # server. WARNING: this step is slow!
+    git fetch --filter=sparse:oid=master:shiny-app/.gitfilterspec origin
+    
+    # Optional: observe there are missing objects that we have not fetched
+    git rev-list --all --quiet --objects --missing=print | wc -l
+    ```
+    
+    CAUTION: **IDE and Shell integrations:**
+    Git integrations with `bash`, `zsh`, etc and editors that automatically
+    show Git status information often run `git fetch` which will fetch the
+    entire repository. You many need to disable or reconfigure these
+    integrations.
+
+3. **Sparse checkout** must be enabled and configured to prevent objects from
+other paths being downloaded automatically when checking out branches. Follow
+[gitaly#1765](https://gitlab.com/gitlab-org/gitaly/issues/1765) for updates.
+
+    ```bash
+    # Enable sparse checkout
+    git config --local core.sparsecheckout true
+    
+    # Configure sparse checkout
+    git show master:snazzy-app/.gitfilterspec >> .git/info/sparse-checkout
+
+    # Checkout master
+    git checkout master
+    ```
-- 
cgit v1.2.1


From 3b6fd6618cec17a32b2bb0a48b20aed3f62241cd Mon Sep 17 00:00:00 2001
From: Tetiana Chupryna <tchupryna@gitlab.com>
Date: Mon, 5 Aug 2019 11:49:00 +0000
Subject: Update rules for secure features

---
 doc/user/permissions.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index e6822f0c52c..d92435ef724 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -64,7 +64,6 @@ The following table depicts the various user permission levels in a project.
 | Lock issue threads                                |         | ✓          | ✓           | ✓        | ✓      |
 | Manage issue tracker                              |         | ✓          | ✓           | ✓        | ✓      |
 | Manage related issues **(STARTER)**               |         | ✓          | ✓           | ✓        | ✓      |
-| Create issue from vulnerability **(ULTIMATE)**    |         | ✓          | ✓           | ✓        | ✓      |
 | Manage labels                                     |         | ✓          | ✓           | ✓        | ✓      |
 | Create code snippets                              |         | ✓          | ✓           | ✓        | ✓      |
 | See a commit status                               |         | ✓          | ✓           | ✓        | ✓      |
@@ -94,6 +93,8 @@ The following table depicts the various user permission levels in a project.
 | Remove a container registry image                 |         |            | ✓           | ✓        | ✓      |
 | Create/edit/delete project milestones             |         |            | ✓           | ✓        | ✓      |
 | Use security dashboard **(ULTIMATE)**             |         |            | ✓           | ✓        | ✓      |
+| View dependency list **(ULTIMATE)**               |         |            | ✓           | ✓        | ✓      |
+| Create issue from vulnerability **(ULTIMATE)**    |         |            | ✓           | ✓        | ✓      |
 | Dismiss vulnerability **(ULTIMATE)**              |         |            | ✓           | ✓        | ✓      |
 | Apply code change suggestions                     |         |            | ✓           | ✓        | ✓      |
 | Create and edit wiki pages                        |         |            | ✓           | ✓        | ✓      |
@@ -211,7 +212,8 @@ group.
 | Create project in group                         |       |          | ✓         | ✓          | ✓     |
 | Create/edit/delete group milestones             |       |          | ✓         | ✓          | ✓     |
 | Enable/disable a dependency proxy **(PREMIUM)** |       |          | ✓         | ✓          | ✓     |
-| Create subgroup                                 |       |          |           | ✓ (1)        | ✓     |
+| Use security dashboard **(ULTIMATE)**           |       |          | ✓         | ✓          | ✓     |
+| Create subgroup                                 |       |          |           | ✓ (1)      | ✓     |
 | Edit group                                      |       |          |           |            | ✓     |
 | Manage group members                            |       |          |           |            | ✓     |
 | Remove group                                    |       |          |           |            | ✓     |
-- 
cgit v1.2.1


From 9eb4004f74f6451f2e4272a22075e292f0c098d7 Mon Sep 17 00:00:00 2001
From: Ammar Alakkad <aalakkad@gitlab.com>
Date: Mon, 5 Aug 2019 15:12:47 +0300
Subject: Refactor passing props to jobs/index.js

---
 app/assets/javascripts/jobs/index.js   | 30 +++++++++++++++++++++---------
 app/views/projects/jobs/show.html.haml |  1 +
 2 files changed, 22 insertions(+), 9 deletions(-)

diff --git a/app/assets/javascripts/jobs/index.js b/app/assets/javascripts/jobs/index.js
index 8c1758b6322..add7f9b710a 100644
--- a/app/assets/javascripts/jobs/index.js
+++ b/app/assets/javascripts/jobs/index.js
@@ -10,17 +10,29 @@ export default () => {
       JobApp,
     },
     render(createElement) {
+      const {
+        deploymentHelpUrl,
+        runnerHelpUrl,
+        runnerSettingsUrl,
+        variablesSettingsUrl,
+        endpoint,
+        pagePath,
+        logState,
+        buildStatus,
+        projectPath,
+      } = element.dataset;
+
       return createElement('job-app', {
         props: {
-          deploymentHelpUrl: element.dataset.deploymentHelpUrl,
-          runnerHelpUrl: element.dataset.runnerHelpUrl,
-          runnerSettingsUrl: element.dataset.runnerSettingsUrl,
-          variablesSettingsUrl: element.dataset.variablesSettingsUrl,
-          endpoint: element.dataset.endpoint,
-          pagePath: element.dataset.buildOptionsPagePath,
-          logState: element.dataset.buildOptionsLogState,
-          buildStatus: element.dataset.buildOptionsBuildStatus,
-          projectPath: element.dataset.projectPath,
+          deploymentHelpUrl,
+          runnerHelpUrl,
+          runnerSettingsUrl,
+          variablesSettingsUrl,
+          endpoint,
+          pagePath,
+          logState,
+          buildStatus,
+          projectPath,
         },
       });
     },
diff --git a/app/views/projects/jobs/show.html.haml b/app/views/projects/jobs/show.html.haml
index a743e656402..a3688c17041 100644
--- a/app/views/projects/jobs/show.html.haml
+++ b/app/views/projects/jobs/show.html.haml
@@ -12,4 +12,5 @@
     runner_help_url: help_page_path('ci/runners/README.html', anchor: 'setting-maximum-job-timeout-for-a-runner'),
     runner_settings_url: project_runners_path(@build.project, anchor: 'js-runners-settings'),
     variables_settings_url: project_variables_path(@build.project, anchor: 'js-cicd-variables-settings'),
+    page_path: project_job_path(@project, @build), build_status: @build.status, build_stage: @build.stage, log_state: '',
     build_options: javascript_build_options } }
-- 
cgit v1.2.1


From 828c52d092744e6381f7c1534d932ff4127e864e Mon Sep 17 00:00:00 2001
From: Achilleas Pipinellis <axil@gitlab.com>
Date: Mon, 5 Aug 2019 12:27:58 +0000
Subject: Fix some Markdown lint errors

Introduced in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/30295
---
 doc/topics/git/partial_clone.md | 66 ++++++++++++++++++++---------------------
 1 file changed, 33 insertions(+), 33 deletions(-)

diff --git a/doc/topics/git/partial_clone.md b/doc/topics/git/partial_clone.md
index 9b8cf269684..f2951308ba1 100644
--- a/doc/topics/git/partial_clone.md
+++ b/doc/topics/git/partial_clone.md
@@ -32,7 +32,7 @@ support:
 Briefly, partial clone works by:
 
 - excluding objects from being transferred when cloning or fetching a
-repository using a new `--filter` flag
+  repository using a new `--filter` flag
 - downloading missing objects on demand
 
 Follow [Git for enormous repositories](https://gitlab.com/groups/gitlab-org/-/epics/773) for roadmap and updates.
@@ -78,53 +78,53 @@ With the `uploadpack.allowFilter` and `uploadpack.allowAnySHA1InWant` options
 enabled on the Git server:
 
 1. **Create a filter spec.** For example, consider a monolithic repository with
-many applications, each in a different subdirectory in the root. Create a file
-`shiny-app/.filterspec` using the GitLab web interface:
-
-    ```.gitignore
-    # Only the paths listed in the file will be downloaded when performing a
-    # partial clone using `--filter=sparse:oid=shiny-app/.gitfilterspec`
-    
-    # Explicitly include filterspec needed to configure sparse checkout with
-    # git config --local core.sparsecheckout true
-    # git show master:snazzy-app/.gitfilterspec >> .git/info/sparse-checkout
-    shiny-app/.gitfilterspec
-    
-    # Shiny App
-    shiny-app/
-    
-    # Dependencies
-    shimmery-app/
-    shared-component-a/
-    shared-component-b/
-    ```
+   many applications, each in a different subdirectory in the root. Create a file
+   `shiny-app/.filterspec` using the GitLab web interface:
+
+   ```.gitignore
+   # Only the paths listed in the file will be downloaded when performing a
+   # partial clone using `--filter=sparse:oid=shiny-app/.gitfilterspec`
+
+   # Explicitly include filterspec needed to configure sparse checkout with
+   # git config --local core.sparsecheckout true
+   # git show master:snazzy-app/.gitfilterspec >> .git/info/sparse-checkout
+   shiny-app/.gitfilterspec
+
+   # Shiny App
+   shiny-app/
+
+   # Dependencies
+   shimmery-app/
+   shared-component-a/
+   shared-component-b/
+   ```
 
 2. *Create a new Git repository and fetch.* Support for `--filter=sparse:oid`
-using the clone command is incomplete, so we will emulate the clone command
-by hand, using `git init` and `git fetch`. Follow
-[gitaly#1769](https://gitlab.com/gitlab-org/gitaly/issues/1769) for updates.
+   using the clone command is incomplete, so we will emulate the clone command
+   by hand, using `git init` and `git fetch`. Follow
+   [gitaly#1769](https://gitlab.com/gitlab-org/gitaly/issues/1769) for updates.
 
     ```bash
     # Create a new directory for the Git repository
     mkdir jumbo-repo && cd jumbo-repo
-    
+
     # Initialize a new Git repository
     git init
-    
+
     # Add the remote
     git remote add origin git@gitlab.com/example/jumbo-repo
-    
+
     # Enable partial clone support for the remote
     git config --local extensions.partialClone origin
-    
+
     # Fetch the filtered set of objects using the filterspec stored on the
     # server. WARNING: this step is slow!
     git fetch --filter=sparse:oid=master:shiny-app/.gitfilterspec origin
-    
+
     # Optional: observe there are missing objects that we have not fetched
     git rev-list --all --quiet --objects --missing=print | wc -l
     ```
-    
+
     CAUTION: **IDE and Shell integrations:**
     Git integrations with `bash`, `zsh`, etc and editors that automatically
     show Git status information often run `git fetch` which will fetch the
@@ -132,13 +132,13 @@ by hand, using `git init` and `git fetch`. Follow
     integrations.
 
 3. **Sparse checkout** must be enabled and configured to prevent objects from
-other paths being downloaded automatically when checking out branches. Follow
-[gitaly#1765](https://gitlab.com/gitlab-org/gitaly/issues/1765) for updates.
+   other paths being downloaded automatically when checking out branches. Follow
+   [gitaly#1765](https://gitlab.com/gitlab-org/gitaly/issues/1765) for updates.
 
     ```bash
     # Enable sparse checkout
     git config --local core.sparsecheckout true
-    
+
     # Configure sparse checkout
     git show master:snazzy-app/.gitfilterspec >> .git/info/sparse-checkout
 
-- 
cgit v1.2.1


From 969e6b3318c3f663ae378c2b470c5fa022f2652a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cindy=20Pallares=20=F0=9F=A6=89?= <cindy@gitlab.com>
Date: Mon, 5 Aug 2019 13:30:07 +0000
Subject: Update Gitaly troubleshooting

---
 doc/administration/gitaly/index.md | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/doc/administration/gitaly/index.md b/doc/administration/gitaly/index.md
index f6f02221fe3..432056d48c7 100644
--- a/doc/administration/gitaly/index.md
+++ b/doc/administration/gitaly/index.md
@@ -469,7 +469,16 @@ One current feature of GitLab that still requires a shared directory (NFS) is
 There is [work in progress](https://gitlab.com/gitlab-org/gitlab-pages/issues/196)
 to eliminate the need for NFS to support GitLab Pages.
 
-## Troubleshooting
+## Troubleshooting Gitaly
+
+### Commits, pushes, and clones return a 401
+
+```
+remote: GitLab: 401 Unauthorized
+```
+
+You will need to sync your `gitlab-secrets.json` file with your GitLab
+app nodes.
 
 ### `gitaly-debug`
 
-- 
cgit v1.2.1


From 279bad2efb07d5a8dad1c1e5559c701ca816e751 Mon Sep 17 00:00:00 2001
From: Reuben Pereira <rpereira@gitlab.com>
Date: Mon, 5 Aug 2019 13:32:20 +0000
Subject: Add help text next to Custom Metrics section

- Also add requirements to the docs for custom metrics.
---
 .../services/prometheus/_metrics.html.haml         | 56 ++++++++++++----------
 .../projects/services/prometheus/_show.html.haml   |  9 ++--
 doc/user/project/integrations/prometheus.md        |  5 +-
 3 files changed, 38 insertions(+), 32 deletions(-)

diff --git a/app/views/projects/services/prometheus/_metrics.html.haml b/app/views/projects/services/prometheus/_metrics.html.haml
index a1d74b91002..3aefb3fdbb9 100644
--- a/app/views/projects/services/prometheus/_metrics.html.haml
+++ b/app/views/projects/services/prometheus/_metrics.html.haml
@@ -1,28 +1,34 @@
 - project = local_assigns.fetch(:project)
 
-.card.js-panel-monitored-metrics{ data: { active_metrics: active_common_project_prometheus_metrics_path(project, :json), metrics_help_path: help_page_path('user/project/integrations/prometheus_library/index') } }
-  .card-header
-    = s_('PrometheusService|Common metrics')
-    %span.badge.badge-pill.js-monitored-count 0
-  .card-body
-    .loading-metrics.js-loading-metrics
-      %p.prepend-top-10.prepend-left-10
-        = icon('spinner spin', class: 'metrics-load-spinner')
-        = s_('PrometheusService|Finding and configuring metrics...')
-    .empty-metrics.hidden.js-empty-metrics
-      %p.text-tertiary.prepend-top-10.prepend-left-10
-        = s_('PrometheusService|Waiting for your first deployment to an environment to find common metrics')
-    %ul.list-unstyled.metrics-list.hidden.js-metrics-list
+.col-lg-3
+  %p
+    = s_('PrometheusService|Common metrics are automatically monitored based on a library of metrics from popular exporters.')
+    = link_to s_('PrometheusService|More information'), help_page_path('user/project/integrations/prometheus_library/index'), target: '_blank', rel: "noopener noreferrer"
 
-.card.hidden.js-panel-missing-env-vars
-  .card-header
-    = icon('caret-right lg fw', class: 'panel-toggle js-panel-toggle', 'aria-label' => 'Toggle panel')
-    = s_('PrometheusService|Missing environment variable')
-    %span.badge.badge-pill.js-env-var-count 0
-  .card-body.hidden
-    .flash-container
-      .flash-notice
-        .flash-text
-          = s_("PrometheusService|To set up automatic monitoring, add the environment variable %{variable} to exporter's queries." % { variable: "<code>$CI_ENVIRONMENT_SLUG</code>" }).html_safe
-          = link_to s_('PrometheusService|More information'), help_page_path('user/project/integrations/prometheus', anchor: 'metrics-and-labels')
-    %ul.list-unstyled.metrics-list.js-missing-var-metrics-list
+.col-lg-9
+  .card.js-panel-monitored-metrics{ data: { active_metrics: active_common_project_prometheus_metrics_path(project, :json), metrics_help_path: help_page_path('user/project/integrations/prometheus_library/index') } }
+    .card-header
+      = s_('PrometheusService|Common metrics')
+      %span.badge.badge-pill.js-monitored-count 0
+    .card-body
+      .loading-metrics.js-loading-metrics
+        %p.prepend-top-10.prepend-left-10
+          = icon('spinner spin', class: 'metrics-load-spinner')
+          = s_('PrometheusService|Finding and configuring metrics...')
+      .empty-metrics.hidden.js-empty-metrics
+        %p.text-tertiary.prepend-top-10.prepend-left-10
+          = s_('PrometheusService|Waiting for your first deployment to an environment to find common metrics')
+      %ul.list-unstyled.metrics-list.hidden.js-metrics-list
+
+  .card.hidden.js-panel-missing-env-vars
+    .card-header
+      = icon('caret-right lg fw', class: 'panel-toggle js-panel-toggle', 'aria-label' => 'Toggle panel')
+      = s_('PrometheusService|Missing environment variable')
+      %span.badge.badge-pill.js-env-var-count 0
+    .card-body.hidden
+      .flash-container
+        .flash-notice
+          .flash-text
+            = s_("PrometheusService|To set up automatic monitoring, add the environment variable %{variable} to exporter's queries." % { variable: "<code>$CI_ENVIRONMENT_SLUG</code>" }).html_safe
+            = link_to s_('PrometheusService|More information'), help_page_path('user/project/integrations/prometheus', anchor: 'metrics-and-labels')
+      %ul.list-unstyled.metrics-list.js-missing-var-metrics-list
diff --git a/app/views/projects/services/prometheus/_show.html.haml b/app/views/projects/services/prometheus/_show.html.haml
index 6aafa85e99a..c719661d8e8 100644
--- a/app/views/projects/services/prometheus/_show.html.haml
+++ b/app/views/projects/services/prometheus/_show.html.haml
@@ -1,12 +1,9 @@
-.row.prepend-top-default.append-bottom-default.prometheus-metrics-monitoring.js-prometheus-metrics-monitoring
+.row
   .col-lg-3
     %h4.prepend-top-0
       = s_('PrometheusService|Metrics')
-    %p
-      = s_('PrometheusService|Common metrics are automatically monitored based on a library of metrics from popular exporters.')
-      = link_to s_('PrometheusService|More information'), help_page_path('user/project/integrations/prometheus_library/index'), target: '_blank', rel: "noopener noreferrer"
 
-  .col-lg-9
-    = render 'projects/services/prometheus/metrics', project: @project
+.row.append-bottom-default.prometheus-metrics-monitoring.js-prometheus-metrics-monitoring
+  = render 'projects/services/prometheus/metrics', project: @project
 
 = render_if_exists 'projects/services/prometheus/external_alerts', project: @project
diff --git a/doc/user/project/integrations/prometheus.md b/doc/user/project/integrations/prometheus.md
index e609fe43507..44439b59e77 100644
--- a/doc/user/project/integrations/prometheus.md
+++ b/doc/user/project/integrations/prometheus.md
@@ -98,7 +98,10 @@ You can view the performance dashboard for an environment by [clicking on the mo
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/3799) in [GitLab Premium](https://about.gitlab.com/pricing/) 10.6.
 
-Additional metrics can be monitored by adding them on the Prometheus integration page. Once saved, they will be displayed on the environment performance dashboard.
+Custom metrics can be monitored by adding them on the Prometheus integration page. Once saved, they will be displayed on the environment performance dashboard provided that either:
+
+- A [connected Kubernetes cluster](../clusters/index.md#adding-and-removing-clusters) with the environment scope of `*` is used and [Prometheus installed on the cluster](#enabling-prometheus-integration), or
+- Prometheus is [manually configured](#manual-configuration-of-prometheus).
 
 ![Add New Metric](img/prometheus_add_metric.png)
 
-- 
cgit v1.2.1


From d3d9873eedf04a085f6a20d30ef259edc5e94563 Mon Sep 17 00:00:00 2001
From: Bob Van Landuyt <bob@vanlanduyt.co>
Date: Mon, 5 Aug 2019 15:35:02 +0200
Subject: Use groups in CODEOWNERS file

Let's dogfood https://gitlab.com/gitlab-org/gitlab-ce/issues/53182

That way we don't need to keep this file up to date.
---
 .gitlab/CODEOWNERS | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS
index 13c8b4a8458..cb3bc544132 100644
--- a/.gitlab/CODEOWNERS
+++ b/.gitlab/CODEOWNERS
@@ -1,6 +1,6 @@
 # Backend Maintainers are the default for all ruby files
-*.rb @ashmckenzie @ayufan @dbalexandre @DouweM @dzaporozhets @godfat @grzesiek @mkozono @mayra-cabrera @nick.thomas @rspeicher @rymai @reprazent @smcgivern @tkuah
-*.rake @ashmckenzie @ayufan @dbalexandre @DouweM @dzaporozhets @godfat @grzesiek @mkozono @mayra-cabrera @nick.thomas @rspeicher @rymai @reprazent @smcgivern @tkuah
+*.rb @gitlab-org/maintainers/rails-backend
+*.rake @gitlab-org/maintainers/rails-backend
 
 # Technical writing team are the default reviewers for everything in `doc/`
 /doc/ @axil @marcia @eread @mikelewis
@@ -10,11 +10,11 @@ app/assets/ @ClemMakesApps @fatihacet @filipa @iamphill @mikegreiling @timzallma
 *.scss @annabeldunstone @ClemMakesApps @fatihacet @filipa @iamphill @mikegreiling @timzallmann @kushalpandya @pslaughter
 
 # Maintainers from the Database team should review changes in `db/`
-db/ @abrandl @NikolayS
-lib/gitlab/background_migration/ @abrandl @NikolayS
-lib/gitlab/database/ @abrandl @NikolayS
-lib/gitlab/sql/ @abrandl @NikolayS
-/ee/db/ @abrandl @NikolayS
+db/ @gl-database
+lib/gitlab/background_migration/ @gl-database
+lib/gitlab/database/ @gl-database
+lib/gitlab/sql/ @gl-database
+/ee/db/ @gl-database
 
 # Feature specific owners
 /ee/lib/gitlab/code_owners/ @reprazent
-- 
cgit v1.2.1


From 221f309dd6b3033f608615cdd28958a85c44d427 Mon Sep 17 00:00:00 2001
From: Alexander Strachan <astrachan@gitlab.com>
Date: Mon, 5 Aug 2019 13:59:21 +0000
Subject: Resolve "Update troubleshooting for gzip error in backup docs"

---
 doc/raketasks/backup_restore.md | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/doc/raketasks/backup_restore.md b/doc/raketasks/backup_restore.md
index 0d86df04367..f8da09e5fe1 100644
--- a/doc/raketasks/backup_restore.md
+++ b/doc/raketasks/backup_restore.md
@@ -960,3 +960,22 @@ want to run the chown against your custom location instead of
 
 [reconfigure GitLab]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
 [restart GitLab]: ../administration/restart_gitlab.md#installations-from-source
+
+### Backup fails to complete with Gzip error
+
+While running the backup, you may receive a gzip error:
+
+```sh
+sudo /opt/gitlab/bin/gitlab-rake gitlab:backup:create
+Dumping ...
+...
+gzip: stdout: Input/output error
+
+Backup failed
+```
+
+If this happens, check the following:
+
+1. Confirm there is sufficent diskspace for the gzip operation.
+1. If NFS is being used, check if the mount option `timeo` is set. The default is `600`, and changing this to smaller values have resulted in this error.
+
-- 
cgit v1.2.1


From 031f0221a5d42ba2602abe94b7ba5baf38c5f1bc Mon Sep 17 00:00:00 2001
From: Ronald van Zon <rvzon84@gmail.com>
Date: Mon, 5 Aug 2019 14:35:03 +0000
Subject: Docs - Strongly discourage installing ES on the same server as GitLab

---
 doc/integration/elasticsearch.md | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/doc/integration/elasticsearch.md b/doc/integration/elasticsearch.md
index 626bd259ed6..1c80fc543af 100644
--- a/doc/integration/elasticsearch.md
+++ b/doc/integration/elasticsearch.md
@@ -24,18 +24,21 @@ special searches:
 ## Installing Elasticsearch
 
 Elasticsearch is _not_ included in the Omnibus packages. You will have to
-install it yourself whether you are using the Omnibus package or installed
-GitLab from source. Providing detailed information on installing Elasticsearch
-is out of the scope of this document.
+[install it yourself](https://www.elastic.co/guide/en/elasticsearch/reference/current/install-elasticsearch.html "Elasticsearch installation documentation")
+whether you are using the Omnibus package or installed GitLab from source.
+Providing detailed information on installing Elasticsearch is out of the scope
+of this document.
+
+NOTE: **Note:**
+Elasticsearch should be installed on a separate server, whether you install
+it yourself or by using the
+[Amazon Elasticsearch](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-gsg.html)
+service. Running Elasticsearch on the same server as GitLab is not recommended
+and it will likely cause performance degradation on the GitLab installation.
 
 Once the data is added to the database or repository and [Elasticsearch is
 enabled in the admin area](#enabling-elasticsearch) the search index will be
-updated automatically. Elasticsearch can be installed on the same machine as
-GitLab or on a separate server, or you can use the [Amazon Elasticsearch](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-gsg.html)
-service.
-
-You can follow the steps as described in the [official web site](https://www.elastic.co/guide/en/elasticsearch/reference/current/install-elasticsearch.html "Elasticsearch installation documentation") or
-use the packages that are available for your OS.
+updated automatically.
 
 ## Elasticsearch repository indexer (beta)
 
-- 
cgit v1.2.1


From e5304cf630cbb3c7d2791396d70d5ce5fdf246fa Mon Sep 17 00:00:00 2001
From: Victor Zagorodny <vzagorodny@gitlab.com>
Date: Mon, 5 Aug 2019 14:47:46 +0000
Subject: Add shell scripting guides to development README

---
 doc/development/README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/doc/development/README.md b/doc/development/README.md
index 99c88146be5..44283a3ab0c 100644
--- a/doc/development/README.md
+++ b/doc/development/README.md
@@ -150,6 +150,10 @@ description: 'Learn how to contribute to GitLab.'
 
 - [Go Guidelines](go_guide/index.md)
 
+## Shell Scripting guides
+
+- [Shell scripting standards and style guidelines](shell_scripting_guide/index.md)
+
 ## Other GitLab Development Kit (GDK) guides
 
 - [Run full Auto DevOps cycle in a GDK instance](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/auto_devops.md)
-- 
cgit v1.2.1