Merge branch 'master' into 5845-extract-ee-environments-files

* master: (79 commits)
  Project Sidebar: Split CI/CD into CI/CD and Operations
  Fix GPM content types for Doorkeeper
  Remove docker pull prefix from registry clipboard feature
  Remove unnecessary section-100 css class from application_row.vue
  Document the 3h timeout for GitLab.com shared Runners
  edit GitLab license info in regards to CC licensing
  Fix bug with long strings in issue boards
  Fix setting Gitlab metrics content types
  Add documentation for bulk editing of issues and merge requests
  Remove authentication for readonly endpoints in issues API
  Remote table-section from div holding cluster error messages
  Improve testing best practices guidelines
  Add a unique and not null constraint on the project_features.project_id column
  fix typos Frontend Guide, development_process.md
  Disable greedy mode when matching filename
  Add index on runner_type for ci_runners
  Improve the squash step in the 'Database Changes' MR template
  Update docs describing `fast_spec_helper` best practices
  Display help text below auto devops domain with nip.io domain name (#45561)
  Enable update_(build|pipeline) for maintainers
  ...

.gitlab/merge_request_templates/Database Changes.md

@@ -37,12 +37,14 @@ When removing columns, tables, indexes or other structures:
 - [ ] [Documentation created/updated](https://docs.gitlab.com/ee/development/doc_styleguide.html)
 - [ ] API support added
 - [ ] Tests added for this feature/bug
-- Review
-  - [ ] Has been reviewed by Backend
-  - [ ] Has been reviewed by Database
+- Conform by the [code review guidelines](https://docs.gitlab.com/ee/development/code_review.html)
+  - [ ] Has been reviewed by a Backend maintainer
+  - [ ] Has been reviewed by a Database specialist
 - [ ] Conform by the [merge request performance guides](https://docs.gitlab.com/ee/development/merge_request_performance_guidelines.html)
 - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/CONTRIBUTING.md#style-guides)
-- [ ] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
+- [ ] If you have multiple commits, please combine them into a few logically organized commits by [squashing them](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
 - [ ] Internationalization required/considered
 - [ ] If paid feature, have we considered GitLab.com plan and how it works for groups and is there a design for promoting it to users who aren't on the correct plan
 - [ ] End-to-end tests pass (`package-and-qa` manual pipeline job)
+
+/label ~database

CONTRIBUTING.md

@@ -31,8 +31,8 @@ _This notice should stay as the first item in the CONTRIBUTING.md file._
   - [Subject labels (~wiki, ~"container registry", ~ldap, ~api, etc.)](#subject-labels-wiki-container-registry-ldap-api-etc)
   - [Team labels (~"CI/CD", ~Discussion, ~Quality, ~Platform, etc.)](#team-labels-cicd-discussion-quality-platform-etc)
   - [Milestone labels (~Deliverable, ~Stretch, ~"Next Patch Release")](#milestone-labels-deliverable-stretch-next-patch-release)
-  - [Priority labels (~Deliverable, ~Stretch, ~"Next Patch Release")](#bug-priority-labels-p1-p2-p3-etc)
-  - [Severity labels (~Deliverable, ~Stretch, ~"Next Patch Release")](#bug-severity-labels-s1-s2-s3-etc)
+  - [Priority labels (~P1, ~P2, ~P3 , ~P4)](#bug-priority-labels-p1-p2-p3-p4)
+  - [Severity labels (~S1, ~S2, ~S3 , ~S4)](#bug-severity-labels-s1-s2-s3-s4)
   - [Label for community contributors (~"Accepting Merge Requests")](#label-for-community-contributors-accepting-merge-requests)
 - [Implement design & UI elements](#implement-design--ui-elements)
 - [Issue tracker](#issue-tracker)
@@ -211,9 +211,10 @@ Each issue scheduled for the current milestone should be labeled ~Deliverable
 or ~"Stretch". Any open issue for a previous milestone should be labeled
 ~"Next Patch Release", or otherwise rescheduled to a different milestone.
 
-### Bug Priority labels (~P1, ~P2, ~P3 & etc.)
+### Bug Priority labels (~P1, ~P2, ~P3, ~P4)
 
-Bug Priority labels help us define the time a ~bug fix should be completed. Priority determines how quickly the defect turnaround time must be. If there are multiple defects, the priority decides which defect has to be fixed immediately versus later.
+Bug Priority labels help us define the time a ~bug fix should be completed. Priority determines how quickly the defect turnaround time must be. 
+If there are multiple defects, the priority decides which defect has to be fixed immediately versus later.
 This label documents the planned timeline & urgency which is used to measure against our actual SLA on delivering ~bug fixes.
 
 | Label | Meaning         | Estimate time to fix                                             | Guidance |
@@ -223,16 +224,7 @@ This label documents the planned timeline & urgency which is used to measure aga
 | ~P3   | Medium Priority | Within the next 3 releases (approx one quarter)                  |  |
 | ~P4   | Low Priority    | Anything outside the next 3 releases (approx beyond one quarter) | The issue is prominent but does not impact user workflow and a workaround is documented  |
 
-#### Specific Priority guidance
-
-| Label | Availability / Performance                                   |
-|-------|--------------------------------------------------------------|
-| ~P1   |                                                              |
-| ~P2   | The issue is (almost) guaranteed to occur in the near future |  
-| ~P3   | The issue is likely to occur in the near future              |
-| ~P4   | The issue _may_ occur but it's not likely                    |
-
-### Bug Severity labels (~S1, ~S2, ~S3 & etc.)
+### Bug Severity labels (~S1, ~S2, ~S3, ~S4)
 
 Severity labels help us clearly communicate the impact of a ~bug on users.
 
@@ -243,14 +235,14 @@ Severity labels help us clearly communicate the impact of a ~bug on users.
 | ~S3   | Major Severity    | Broken Feature, workaround acceptable                 | Can create merge requests only from the Merge Requests page, not through the Issue. |
 | ~S4   | Low Severity      | Functionality inconvenience or cosmetic issue         | Label colors are incorrect / not being displayed. |
 
-#### Specific Severity guidance
+#### Severity impact guidance
 
-| Label | Security Impact                                                   |
-|-------|-------------------------------------------------------------------|
-| ~S1   | >50% customers impacted (possible company extinction level event) |
-| ~S2   | Multiple customers impacted (but not apocalyptic)                 |  
-| ~S3   | A single customer impacted                                        |
-| ~S4   | No customer impact, or expected impact within 30 days             |
+| Label | Security Impact                                                     | Availability / Performance Impact                            |
+|-------|---------------------------------------------------------------------|--------------------------------------------------------------|
+| ~S1   | >50% users impacted (possible company extinction level event)       |                                                              |
+| ~S2   | Many users or multiple paid customers impacted (but not apocalyptic)| The issue is (almost) guaranteed to occur in the near future |  
+| ~S3   | A few users or a single paid customer impacted                      | The issue is likely to occur in the near future              |
+| ~S4   | No paid users/customer impacted, or expected impact within 30 days  | The issue _may_ occur but it's not likely                    |
 
 ### Label for community contributors (~"Accepting Merge Requests")
 

Gemfile

@@ -325,8 +325,6 @@ group :development, :test do
   gem 'factory_bot_rails', '~> 4.8.2'
   gem 'rspec-rails', '~> 3.6.0'
   gem 'rspec-retry', '~> 0.4.5'
-  gem 'spinach-rails', '~> 0.2.1'
-  gem 'spinach-rerun-reporter', '~> 0.0.2'
   gem 'rspec_profiling', '~> 0.0.5'
   gem 'rspec-set', '~> 0.1.3'
   gem 'rspec-parameterized', require: false
@@ -343,7 +341,6 @@ group :development, :test do
 
   gem 'spring', '~> 2.0.0'
   gem 'spring-commands-rspec', '~> 1.0.4'
-  gem 'spring-commands-spinach', '~> 1.1.0'
 
   gem 'gitlab-styles', '~> 2.3', require: false
   # Pin these dependencies, otherwise a new rule could break the CI pipelines

Gemfile.lock

@@ -131,7 +131,6 @@ GEM
     coderay (1.1.1)
     coercible (1.0.0)
       descendants_tracker (~> 0.0.1)
-    colorize (0.7.7)
     commonmarker (0.17.8)
       ruby-enum (~> 0.5)
     concord (0.1.5)
@@ -288,7 +287,6 @@ GEM
       gettext_i18n_rails (>= 0.7.1)
       po_to_json (>= 1.0.0)
       rails (>= 3.2.0)
-    gherkin-ruby (0.3.2)
     gitaly-proto (0.99.0)
       google-protobuf (~> 3.1)
       grpc (~> 1.10)
@@ -869,22 +867,10 @@ GEM
     simplecov-html (0.10.0)
     slack-notifier (1.5.1)
     slop (3.6.0)
-    spinach (0.8.10)
-      colorize
-      gherkin-ruby (>= 0.3.2)
-      json
-    spinach-rails (0.2.1)
-      capybara (>= 2.0.0)
-      railties (>= 3)
-      spinach (>= 0.4)
-    spinach-rerun-reporter (0.0.2)
-      spinach (~> 0.8)
     spring (2.0.1)
       activesupport (>= 4.2)
     spring-commands-rspec (1.0.4)
       spring (>= 0.9.1)
-    spring-commands-spinach (1.1.0)
-      spring (>= 0.9.1)
     sprockets (3.7.1)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
@@ -1183,11 +1169,8 @@ DEPENDENCIES
   simple_po_parser (~> 1.1.2)
   simplecov (~> 0.14.0)
   slack-notifier (~> 1.5.1)
-  spinach-rails (~> 0.2.1)
-  spinach-rerun-reporter (~> 0.0.2)
   spring (~> 2.0.0)
   spring-commands-rspec (~> 1.0.4)
-  spring-commands-spinach (~> 1.1.0)
   sprockets (~> 3.7.0)
   sshkey (~> 1.9.0)
   stackprof (~> 0.2.10)

Gemfile.rails5.lock

@@ -132,7 +132,6 @@ GEM
     coderay (1.1.2)
     coercible (1.0.0)
       descendants_tracker (~> 0.0.1)
-    colorize (0.8.1)
     commonmarker (0.17.9)
       ruby-enum (~> 0.5)
     concord (0.1.5)
@@ -289,7 +288,6 @@ GEM
       gettext_i18n_rails (>= 0.7.1)
       po_to_json (>= 1.0.0)
       rails (>= 3.2.0)
-    gherkin-ruby (0.3.2)
     gitaly-proto (0.99.0)
       google-protobuf (~> 3.1)
       grpc (~> 1.10)
@@ -871,22 +869,10 @@ GEM
       simplecov-html (~> 0.10.0)
     simplecov-html (0.10.2)
     slack-notifier (1.5.1)
-    spinach (0.8.10)
-      colorize
-      gherkin-ruby (>= 0.3.2)
-      json
-    spinach-rails (0.2.1)
-      capybara (>= 2.0.0)
-      railties (>= 3)
-      spinach (>= 0.4)
-    spinach-rerun-reporter (0.0.2)
-      spinach (~> 0.8)
     spring (2.0.2)
       activesupport (>= 4.2)
     spring-commands-rspec (1.0.4)
       spring (>= 0.9.1)
-    spring-commands-spinach (1.1.0)
-      spring (>= 0.9.1)
     sprockets (3.7.1)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
@@ -1187,11 +1173,8 @@ DEPENDENCIES
   simple_po_parser (~> 1.1.2)
   simplecov (~> 0.14.0)
   slack-notifier (~> 1.5.1)
-  spinach-rails (~> 0.2.1)
-  spinach-rerun-reporter (~> 0.0.2)
   spring (~> 2.0.0)
   spring-commands-rspec (~> 1.0.4)
-  spring-commands-spinach (~> 1.1.0)
   sprockets (~> 3.7.0)
   sshkey (~> 1.9.0)
   stackprof (~> 0.2.10)

LICENSE

@@ -5,8 +5,3 @@ Permission is hereby granted, free of charge, to any person obtaining a copy of
 The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
 
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
\ No newline at end of file
-
----
-
-All Documentation content that resides under the doc/ directory of this
-repository is licensed under Creative Commons: CC BY-SA 4.0.

README.md

@@ -73,6 +73,8 @@ GitLab Community Edition (CE) is available freely under the MIT Expat license.
 
 All third party components incorporated into the GitLab Software are licensed under the original license provided by the owner of the applicable component.
 
+All Documentation content that resides under the doc/ directory of this repository is licensed under Creative Commons: CC BY-SA 4.0.
+
 ## Install a development environment
 
 To work on GitLab itself, we recommend setting up your development environment with [the GitLab Development Kit](https://gitlab.com/gitlab-org/gitlab-development-kit).

app/assets/javascripts/clusters/components/application_row.vue

@@ -179,7 +179,7 @@
       role="row"
     >
       <div
-        class="alert alert-danger alert-block append-bottom-0 table-section section-100"
+        class="alert alert-danger alert-block append-bottom-0"
         role="gridcell"
       >
         <div>

app/assets/javascripts/notes/components/note_edited_text.vue

@@ -32,17 +32,17 @@ export default {
 <template>
   <div :class="className">
     {{ actionText }}
-    <time-ago-tooltip
-      :time="editedAt"
-      tooltip-placement="bottom"
-    />
     <template v-if="editedBy">
-      by
+      {{ s__('ByAuthor|by') }}
       <a
         :href="editedBy.path"
         class="js-vue-author author_link">
         {{ editedBy.name }}
       </a>
     </template>
+    <time-ago-tooltip
+      :time="editedAt"
+      tooltip-placement="bottom"
+    />
   </div>
 </template>

app/assets/javascripts/notes/components/note_header.vue

@@ -62,6 +62,21 @@ export default {
 
 <template>
   <div class="note-header-info">
+    <div
+      v-if="includeToggle"
+      class="discussion-actions">
+      <button
+        @click="handleToggle"
+        class="note-action-button discussion-toggle-button js-vue-toggle-button"
+        type="button">
+        <i
+          :class="toggleChevronClass"
+          class="fa"
+          aria-hidden="true">
+        </i>
+        {{ __('Toggle discussion') }}
+      </button>
+    </div>
     <a :href="author.path">
       <span class="note-header-author-name">{{ author.name }}</span>
       <span class="note-headline-light">
@@ -95,20 +110,5 @@ export default {
         </i>
       </span>
     </span>
-    <div
-      v-if="includeToggle"
-      class="discussion-actions">
-      <button
-        @click="handleToggle"
-        class="note-action-button discussion-toggle-button js-vue-toggle-button"
-        type="button">
-        <i
-          :class="toggleChevronClass"
-          class="fa"
-          aria-hidden="true">
-        </i>
-        Toggle discussion
-      </button>
-    </div>
   </div>
 </template>

app/assets/javascripts/pages/projects/wikis/components/delete_wiki_modal.vue

+<script>
+import _ from 'underscore';
+import GlModal from '~/vue_shared/components/gl_modal.vue';
+import { s__, sprintf } from '~/locale';
+
+export default {
+  components: {
+    GlModal,
+  },
+  props: {
+    deleteWikiUrl: {
+      type: String,
+      required: true,
+      default: '',
+    },
+    pageTitle: {
+      type: String,
+      required: true,
+      default: '',
+    },
+    csrfToken: {
+      type: String,
+      required: true,
+      default: '',
+    },
+  },
+  computed: {
+    message() {
+      return s__('WikiPageConfirmDelete|Are you sure you want to delete this page?');
+    },
+    title() {
+      return sprintf(
+        s__('WikiPageConfirmDelete|Delete page %{pageTitle}?'),
+        {
+          pageTitle: _.escape(this.pageTitle),
+        },
+        false,
+      );
+    },
+  },
+  methods: {
+    onSubmit() {
+      this.$refs.form.submit();
+    },
+  },
+};
+</script>
+
+<template>
+  <gl-modal
+    id="delete-wiki-modal"
+    :header-title-text="title"
+    footer-primary-button-variant="danger"
+    :footer-primary-button-text="s__('WikiPageConfirmDelete|Delete page')"
+    @submit="onSubmit"
+  >
+    {{ message }}
+    <form
+      ref="form"
+      :action="deleteWikiUrl"
+      method="post"
+      class="form-horizontal js-requires-input"
+    >
+      <input
+        ref="method"
+        type="hidden"
+        name="_method"
+        value="delete"
+      />
+      <input
+        type="hidden"
+        name="authenticity_token"
+        :value="csrfToken"
+      />
+    </form>
+  </gl-modal>
+</template>

app/assets/javascripts/pages/projects/wikis/index.js

 import $ from 'jquery';
+import Vue from 'vue';
+import Translate from '~/vue_shared/translate';
+import csrf from '~/lib/utils/csrf';
 import Wikis from './wikis';
 import ShortcutsWiki from '../../../shortcuts_wiki';
 import ZenMode from '../../../zen_mode';
 import GLForm from '../../../gl_form';
+import deleteWikiModal from './components/delete_wiki_modal.vue';
 
 document.addEventListener('DOMContentLoaded', () => {
   new Wikis(); // eslint-disable-line no-new
   new ShortcutsWiki(); // eslint-disable-line no-new
   new ZenMode(); // eslint-disable-line no-new
   new GLForm($('.wiki-form'), true); // eslint-disable-line no-new
+
+  const deleteWikiButton = document.getElementById('delete-wiki-button');
+
+  if (deleteWikiButton) {
+    Vue.use(Translate);
+
+    const { deleteWikiUrl, pageTitle } = deleteWikiButton.dataset;
+    const deleteWikiModalEl = document.getElementById('delete-wiki-modal');
+    const deleteModal = new Vue({ // eslint-disable-line
+      el: deleteWikiModalEl,
+      data: {
+        deleteWikiUrl: '',
+      },
+      render(createElement) {
+        return createElement(deleteWikiModal, {
+          props: {
+            pageTitle,
+            deleteWikiUrl,
+            csrfToken: csrf.token,
+          },
+        });
+      },
+    });
+  }
 });

app/assets/javascripts/registry/components/collapsible_container.vue

@@ -28,11 +28,6 @@
         isOpen: false,
       };
     },
-    computed: {
-      clipboardText() {
-        return `docker pull ${this.repo.location}`;
-      },
-    },
     methods: {
       ...mapActions([
         'fetchRepos',
@@ -84,7 +79,7 @@
 
       <clipboard-button
         v-if="repo.location"
-        :text="clipboardText"
+        :text="repo.location"
         :title="repo.location"
         css-class="btn-default btn-transparent btn-clipboard"
       />

app/assets/javascripts/registry/components/table_registry.vue

@@ -56,10 +56,6 @@
           .catch(() => this.showError(errorMessagesTypes.FETCH_REGISTRY));
       },
 
-      clipboardText(text) {
-        return `docker pull ${text}`;
-      },
-
       showError(message) {
         Flash(errorMessages[message]);
       },
@@ -89,7 +85,7 @@
             <clipboard-button
               v-if="item.location"
               :title="item.location"
-              :text="clipboardText(item.location)"
+              :text="item.location"
               css-class="btn-default btn-transparent btn-clipboard"
             />
           </td>

app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_squash_before_merge.js → app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_squash_before_merge.vue

@@ -10,6 +10,6 @@ In EE, the configuration extends this object to add a functioning squash-before-
 button.
 */
 
-export default {
-  template: '',
-};
+<script>
+  export default {};
+</script>

app/assets/javascripts/vue_merge_request_widget/dependencies.js

@@ -40,7 +40,7 @@ export { default as MRWidgetService } from './services/mr_widget_service';
 export { default as eventHub } from './event_hub';
 export { default as getStateKey } from './stores/get_state_key';
 export { default as stateMaps } from './stores/state_maps';
-export { default as SquashBeforeMerge } from './components/states/mr_widget_squash_before_merge';
+export { default as SquashBeforeMerge } from './components/states/mr_widget_squash_before_merge.vue';
 export { default as notify } from '../lib/utils/notify';
 export { default as SourceBranchRemovalStatus } from './components/source_branch_removal_status.vue';
 

app/assets/stylesheets/framework/mixins.scss

@@ -210,3 +210,15 @@
     margin-left: -$size;
   }
 }
+
+/*
+ * Mixin that fixes wrapping issues with long strings (e.g. URLs)
+ *
+ * Note: the width needs to be set for it to work in Firefox
+ */
+@mixin overflow-break-word {
+  overflow-wrap: break-word;
+  word-wrap: break-word;
+  word-break: break-word;
+  max-width: 100%;
+}

app/assets/stylesheets/pages/boards.scss

@@ -284,6 +284,9 @@
   box-shadow: 0 1px 2px $issue-boards-card-shadow;
   list-style: none;
 
+  // as a fallback, hide overflow content so that dragging and dropping still works
+  overflow: hidden;
+
   &:not(:last-child) {
     margin-bottom: 5px;
   }
@@ -310,14 +313,13 @@
 }
 
 .card-title {
+  @include overflow-break-word();
   margin: 0 30px 0 0;
   font-size: 1em;
   line-height: inherit;
 
   a {
     color: $gl-text-color;
-    word-wrap: break-word;
-    word-break: break-word;
     margin-right: 2px;
   }
 }
@@ -462,8 +464,8 @@
   }
 
   .issuable-header-text {
+    @include overflow-break-word();
     padding-right: 35px;
-    word-break: break-word;
 
     > strong {
       font-weight: $gl-font-weight-bold;

app/assets/stylesheets/pages/notes.scss

@@ -407,10 +407,6 @@ ul.notes {
 .note-header {
   display: flex;
   justify-content: space-between;
-
-  @include notes-media('max', $screen-xs-max) {
-    flex-flow: row wrap;
-  }
 }
 
 .note-header-info {
@@ -473,11 +469,6 @@ ul.notes {
   margin-left: 10px;
   color: $gray-darkest;
 
-  @include notes-media('max', $screen-md-max) {
-    float: none;
-    margin-left: 0;
-  }
-
   .btn-group > .discussion-next-btn {
     margin-left: -1px;
   }

app/controllers/concerns/send_file_upload.rb

@@ -2,6 +2,10 @@ module SendFileUpload
   def send_upload(file_upload, send_params: {}, redirect_params: {}, attachment: nil, disposition: 'attachment')
     if attachment
       redirect_params[:query] = { "response-content-disposition" => "#{disposition};filename=#{attachment.inspect}" }
+      # By default, Rails will send uploads with an extension of .js with a
+      # content-type of text/javascript, which will trigger Rails'
+      # cross-origin JavaScript protection.
+      send_params[:content_type] = 'text/plain' if File.extname(attachment) == '.js'
       send_params.merge!(filename: attachment, disposition: disposition)
     end
 

app/controllers/projects/notes_controller.rb

@@ -8,19 +8,6 @@ class Projects::NotesController < Projects::ApplicationController
   before_action :authorize_create_note!, only: [:create]
   before_action :authorize_resolve_note!, only: [:resolve, :unresolve]
 
-  #
-  # This is a fix to make spinach feature tests passing:
-  # Controller actions are returned from AbstractController::Base and methods of parent classes are
-  #   excluded in order to return only specific controller related methods.
-  # That is ok for the app (no :create method in ancestors)
-  #   but fails for tests because there is a :create method on FactoryBot (one of the ancestors)
-  #
-  # see https://github.com/rails/rails/blob/v4.2.7/actionpack/lib/abstract_controller/base.rb#L78
-  #
-  def create
-    super
-  end
-
   def delete_attachment
     note.remove_attachment!
     note.update_attribute(:attachment, nil)

app/controllers/projects/pipelines_controller.rb

@@ -181,4 +181,8 @@ class Projects::PipelinesController < Projects::ApplicationController
     # Also see https://gitlab.com/gitlab-org/gitlab-ce/issues/42343
     Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42339')
   end
+
+  def authorize_update_pipeline!
+    return access_denied! unless can?(current_user, :update_pipeline, @pipeline)
+  end
 end

app/helpers/auto_devops_helper.rb

@@ -24,6 +24,15 @@ module AutoDevopsHelper
     end
   end
 
+  def cluster_ingress_ip(project)
+    project
+      .cluster_ingresses
+      .where("external_ip is not null")
+      .limit(1)
+      .pluck(:external_ip)
+      .first
+  end
+
   private
 
   def missing_auto_devops_domain?(project)

app/helpers/projects_helper.rb

@@ -257,6 +257,7 @@ module ProjectsHelper
 
     if project.builds_enabled? && can?(current_user, :read_pipeline, project)
       nav_tabs << :pipelines
+      nav_tabs << :operations
     end
 
     if project.external_issue_tracker

app/models/project.rb

@@ -217,6 +217,7 @@ class Project < ActiveRecord::Base
 
   has_one :cluster_project, class_name: 'Clusters::Project'
   has_many :clusters, through: :cluster_project, class_name: 'Clusters::Cluster'
+  has_many :cluster_ingresses, through: :clusters, source: :application_ingress, class_name: 'Clusters::Applications::Ingress'
 
   # Container repositories need to remove data from the container registry,
   # which is not managed by the DB. Hence we're still using dependent: :destroy

app/models/user.rb

@@ -1097,8 +1097,11 @@ class User < ActiveRecord::Base
   #   <https://github.com/plataformatec/devise/blob/v4.0.0/lib/devise/models/lockable.rb#L92>
   #
   def increment_failed_attempts!
+    return if ::Gitlab::Database.read_only?
+
     self.failed_attempts ||= 0
     self.failed_attempts += 1
+
     if attempts_exceeded?
       lock_access! unless access_locked?
     else

app/policies/ci/build_policy.rb

@@ -14,11 +14,20 @@ module Ci
       @subject.triggered_by?(@user)
     end
 
+    condition(:branch_allows_maintainer_push) do
+      @subject.project.branch_allows_maintainer_push?(@user, @subject.ref)
+    end
+
     rule { protected_ref }.policy do
       prevent :update_build
       prevent :erase_build
     end
 
     rule { can?(:admin_build) | (can?(:update_build) & owner_of_job) }.enable :erase_build
+
+    rule { can?(:public_access) & branch_allows_maintainer_push }.policy do
+      enable :update_build
+      enable :update_commit_status
+    end
   end
 end

app/policies/ci/pipeline_policy.rb

@@ -4,8 +4,16 @@ module Ci
 
     condition(:protected_ref) { ref_protected?(@user, @subject.project, @subject.tag?, @subject.ref) }
 
+    condition(:branch_allows_maintainer_push) do
+      @subject.project.branch_allows_maintainer_push?(@user, @subject.ref)
+    end
+
     rule { protected_ref }.prevent :update_pipeline
 
+    rule { can?(:public_access) & branch_allows_maintainer_push }.policy do
+      enable :update_pipeline
+    end
+
     def ref_protected?(user, project, tag, ref)
       access = ::Gitlab::UserAccess.new(user, project: project)
 

app/policies/project_policy.rb

@@ -76,7 +76,7 @@ class ProjectPolicy < BasePolicy
   condition(:request_access_enabled, scope: :subject, score: 0) { project.request_access_enabled }
 
   desc "Has merge requests allowing pushes to user"
-  condition(:has_merge_requests_allowing_pushes, scope: :subject) do
+  condition(:has_merge_requests_allowing_pushes) do
     project.merge_requests_allowing_push_to_user(user).any?
   end
 
@@ -354,9 +354,7 @@ class ProjectPolicy < BasePolicy
   # to run pipelines for the branches they have access to.
   rule { can?(:public_access) & has_merge_requests_allowing_pushes }.policy do
     enable :create_build
-    enable :update_build
     enable :create_pipeline
-    enable :update_pipeline
   end
 
   rule do

app/views/discussions/_discussion.html.haml

@@ -13,7 +13,7 @@
                 = icon("chevron-up")
               - else
                 = icon("chevron-down")
-              Toggle discussion
+              = _('Toggle discussion')
           = link_to_member(@project, discussion.author, avatar: false)
 
           .inline.discussion-headline-light

app/views/projects/settings/ci_cd/_autodevops_form.html.haml

@@ -35,7 +35,9 @@
               = _('Domain')
             = form.text_field :domain, class: 'form-control', placeholder: 'domain.com'
             .help-block
-              = s_('CICD|You need to specify a domain if you want to use Auto Review Apps and Auto Deploy stages.')
+              = s_('CICD|A domain is required to use Auto Review Apps and Auto Deploy Stages.')
+              - if cluster_ingress_ip = cluster_ingress_ip(@project)
+                = s_('%{nip_domain} can be used as an alternative to a custom domain.').html_safe % { nip_domain: "<code>#{cluster_ingress_ip}.nip.io</code>".html_safe }
               = link_to icon('question-circle'), help_page_path('topics/autodevops/index.md', anchor: 'auto-devops-base-domain'), target: '_blank'
 
           = f.submit 'Save changes', class: "btn btn-success prepend-top-15"

app/views/projects/wikis/edit.html.haml

@@ -28,9 +28,16 @@
       = link_to project_wiki_history_path(@project, @page), class: "btn" do
         = s_("Wiki|Page history")
       - if can?(current_user, :admin_wiki, @project)
-        = link_to project_wiki_path(@project, @page), data: { confirm: s_("WikiPageConfirmDelete|Are you sure you want to delete this page?")}, method: :delete, class: "btn btn-danger" do
-          = _("Delete")
+        %button.btn.btn-danger{ data: { toggle: 'modal',
+          target: '#delete-wiki-modal',
+          delete_wiki_url: project_wiki_path(@project, @page),
+          page_title: @page.title.capitalize },
+          id: 'delete-wiki-button',
+          type: 'button' }
+          = _('Delete')
 
 = render 'form'
 
 = render 'sidebar'
+
+#delete-wiki-modal.modal.fade

bin/spinach

-#!/usr/bin/env ruby
-
-# Remove this block when removing rails5? code.
-gemfile = %w[1 true].include?(ENV["RAILS5"]) ? "Gemfile.rails5" : "Gemfile"
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../#{gemfile}", __dir__)
-
-begin
-  load File.expand_path('../spring', __FILE__)
-rescue LoadError => e
-  raise unless e.message.include?('spring')
-end
-require 'bundler/setup'
-load Gem.bin_path('spinach', 'spinach')

changelogs/unreleased/40855_remove_authentication_in_readonly_issue_api.yml

+---
+title: made listing and showing public issue apis available without authentication
+merge_request: 18638
+author: haseebeqx
+type: changed

changelogs/unreleased/43367-fix-board-long-strings.yml

+---
+title: Fix issue board bug with long strings in titles
+merge_request: 18924
+author:
+type: fixed

changelogs/unreleased/43673-operations-tab-mvc.yml

+---
+title: Move project sidebar sub-entries 'Environments' and 'Kubernetes' from 'CI/CD' to a new entry 'Operations'
+merge_request: 18941
+author:
+type: changed

changelogs/unreleased/45584-add-nip-io-domain-suggestion-in-auto-devops.yml

+---
+title: Display help text below auto devops domain with nip.io domain name (#45561)
+merge_request: 18496
+author:
+type: added

changelogs/unreleased/46010-add-index-to-runner-type.yml

+---
+title: Add index on runner_type for ci_runners
+merge_request: 18897
+author:
+type: performance

changelogs/unreleased/46286-fix-ingress-rbac-default-value.yml

+---
+title: Disables RBAC on nginx-ingress
+merge_request: 18947
+author:
+type: fixed

changelogs/unreleased/46345-kubernetes-popover-illustration-skewed.yml

+---
+title: Correct skewed Kubernetes popover illustration
+merge_request: 18949
+author:
+type: fixed

changelogs/unreleased/46361-does-not-log-failed-sign-in-attempts-when-the-database-is-in-read-only-mode.yml

+---
+title: Does not log failed sign-in attempts when the database is in read-only mode
+merge_request: 18957
+author:
+type: fixed

changelogs/unreleased/blackst0ne-remove-spinach.yml

+---
+title: Remove Spinach
+merge_request: 18869
+author: '@blackst0ne'
+type: other

changelogs/unreleased/fix-metrics-content-types.yml

+---
+title: Fix setting Gitlab metrics content types
+merge_request:
+author:
+type: fixed

changelogs/unreleased/jprovazn-null-byte.yml

+---
+title: Fix filename matching when processing file or blob search results
+merge_request:
+author:
+type: fixed

changelogs/unreleased/jprovazn-pipeline-policy.yml

+---
+title: Allow maintainers to retry pipelines on forked projects (if allowed in merge
+  request)
+merge_request:
+author:
+type: fixed

changelogs/unreleased/move-disussion-actions-to-the-right.yml

+---
+title: Move discussion actions to the right for small viewports
+merge_request: 18476
+author: George Tsiolis
+type: changed

changelogs/unreleased/refactor-move-squash-before-merge-vue-component.yml

+---
+title: Move SquashBeforeMerge vue component
+merge_request: 18813
+author: George Tsiolis
+type: performance

changelogs/unreleased/registry-ux-improvements-remove-clipboard-prefix.yml

+---
+title: Remove docker pull prefix from registry clipboard feature
+merge_request: 18933
+author: Lars Greiss
+type: changed

changelogs/unreleased/sh-enforce-unique-and-not-null-project-ids-project-features.yml

+---
+title: Add a unique and not null constraint on the project_features.project_id column
+merge_request:
+author:
+type: fixed

changelogs/unreleased/sh-fix-cross-site-origin-uploads-js.yml

+---
+title: Fix cross-origin errors when attempting to download JavaScript attachments
+merge_request:
+author:
+type: fixed

changelogs/unreleased/update-wiki-modal.yml

+---
+title: New design for wiki page deletion confirmation
+merge_request: 18712
+author: Constance Okoghenun
+type: added

changelogs/unreleased/zj-add-branch-mandatory.yml

+---
+title: Adding branches through the WebUI is handled by Gitaly
+merge_request:
+author:
+type: other

changelogs/unreleased/zj-ref-contains-sha-mandatory.yml

+---
+title: Refs containting sha checks are done by Gitaly
+merge_request:
+author:
+type: other

config/initializers/deprecations.rb

-deprecator = ActiveSupport::Deprecation.new('11.0', 'GitLab')
-
 if Gitlab.dev_env_or_com?
+  deprecator = ActiveSupport::Deprecation.new('11.0', 'GitLab')
+
+  deprecator.behavior = -> (message, callstack) {
+    Rails.logger.warn("#{message}: #{callstack[1..20].join}")
+  }
+
   ActiveSupport::Deprecation.deprecate_methods(Gitlab::GitalyClient::StorageSettings, :legacy_disk_path, deprecator: deprecator)
 end

db/migrate/20180511090724_add_index_on_ci_runners_runner_type.rb

+class AddIndexOnCiRunnersRunnerType < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    add_concurrent_index :ci_runners, :runner_type
+  end
+
+  def down
+    remove_index :ci_runners, :runner_type
+  end
+end

db/post_migrate/20180511174224_add_unique_constraint_to_project_features_project_id.rb

+class AddUniqueConstraintToProjectFeaturesProjectId < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  class ProjectFeature < ActiveRecord::Base
+    self.table_name = 'project_features'
+
+    include EachBatch
+  end
+
+  def up
+    remove_duplicates
+
+    add_concurrent_index :project_features, :project_id, unique: true, name: 'index_project_features_on_project_id_unique'
+    remove_concurrent_index_by_name :project_features, 'index_project_features_on_project_id'
+    rename_index :project_features, 'index_project_features_on_project_id_unique', 'index_project_features_on_project_id'
+  end
+
+  def down
+    rename_index :project_features, 'index_project_features_on_project_id', 'index_project_features_on_project_id_old'
+    add_concurrent_index :project_features, :project_id
+    remove_concurrent_index_by_name :project_features, 'index_project_features_on_project_id_old'
+  end
+
+  private
+
+  def remove_duplicates
+    features = ProjectFeature
+               .select('MAX(id) AS max, COUNT(id), project_id')
+               .group(:project_id)
+               .having('COUNT(id) > 1')
+
+    features.each do |feature|
+      ProjectFeature
+        .where(project_id: feature['project_id'])
+        .where('id <> ?', feature['max'])
+        .each_batch { |batch| batch.delete_all }
+    end
+  end
+end

db/post_migrate/20180512061621_add_not_null_constraint_to_project_features_project_id.rb

+class AddNotNullConstraintToProjectFeaturesProjectId < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  class ProjectFeature < ActiveRecord::Base
+    include EachBatch
+
+    self.table_name = 'project_features'
+  end
+
+  def up
+    ProjectFeature.where(project_id: nil).delete_all
+
+    change_column_null :project_features, :project_id, false
+  end
+
+  def down
+    change_column_null :project_features, :project_id, true
+  end
+end

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20180508135515) do
+ActiveRecord::Schema.define(version: 20180512061621) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -503,6 +503,7 @@ ActiveRecord::Schema.define(version: 20180508135515) do
   add_index "ci_runners", ["contacted_at"], name: "index_ci_runners_on_contacted_at", using: :btree
   add_index "ci_runners", ["is_shared"], name: "index_ci_runners_on_is_shared", using: :btree
   add_index "ci_runners", ["locked"], name: "index_ci_runners_on_locked", using: :btree
+  add_index "ci_runners", ["runner_type"], name: "index_ci_runners_on_runner_type", using: :btree
   add_index "ci_runners", ["token"], name: "index_ci_runners_on_token", using: :btree
 
   create_table "ci_stages", force: :cascade do |t|
@@ -1493,7 +1494,7 @@ ActiveRecord::Schema.define(version: 20180508135515) do
   add_index "project_deploy_tokens", ["project_id", "deploy_token_id"], name: "index_project_deploy_tokens_on_project_id_and_deploy_token_id", unique: true, using: :btree
 
   create_table "project_features", force: :cascade do |t|
-    t.integer "project_id"
+    t.integer "project_id", null: false
     t.integer "merge_requests_access_level"
     t.integer "issues_access_level"
     t.integer "wiki_access_level"
@@ -1504,7 +1505,7 @@ ActiveRecord::Schema.define(version: 20180508135515) do
     t.integer "repository_access_level", default: 20, null: false
   end
 
-  add_index "project_features", ["project_id"], name: "index_project_features_on_project_id", using: :btree
+  add_index "project_features", ["project_id"], name: "index_project_features_on_project_id", unique: true, using: :btree
 
   create_table "project_group_links", force: :cascade do |t|
     t.integer "project_id", null: false

doc/administration/high_availability/nfs.md

 # NFS
 
 You can view information and options set for each of the mounted NFS file
-systems by running `sudo nfsstat -m`.
+systems by running `nfsstat -m` and `cat /etc/fstab`.
 
 ## NFS Server features
 

doc/api/jobs.md

@@ -82,7 +82,7 @@ Example of response
     "artifacts_file": null,
     "finished_at": "2015-12-24T17:54:24.921Z",
     "id": 6,
-    "name": "spinach:other",
+    "name": "rspec:other",
     "pipeline": {
       "id": 6,
       "ref": "master",
@@ -196,7 +196,7 @@ Example of response
     "artifacts_file": null,
     "finished_at": "2015-12-24T17:54:24.921Z",
     "id": 6,
-    "name": "spinach:other",
+    "name": "rspec:other",
     "pipeline": {
       "id": 6,
       "ref": "master",

doc/ci/quick_start/README.md

@@ -151,7 +151,8 @@ The next step is to configure a Runner so that it picks the pending jobs.
 In GitLab, Runners run the jobs that you define in `.gitlab-ci.yml`. A Runner
 can be a virtual machine, a VPS, a bare-metal machine, a docker container or
 even a cluster of containers. GitLab and the Runners communicate through an API,
-so the only requirement is that the Runner's machine has [Internet] access.
+so the only requirement is that the Runner's machine has network access to the
+GitLab server.
 
 A Runner can be specific to a certain project or serve multiple projects in
 GitLab. If it serves all projects it's called a _Shared Runner_.
@@ -226,4 +227,3 @@ CI with various languages.
 [enabled]: ../enable_or_disable_ci.md
 [stages]: ../yaml/README.md#stages
 [pipeline]: ../pipelines.md
-[internet]: https://about.gitlab.com/images/theinternet.png

doc/development/database_debugging.md

@@ -11,7 +11,7 @@ Available `RAILS_ENV`
 
  - `production` (generally not for your main GDK db, but you may need this for e.g. omnibus)
  - `development` (this is your main GDK db)
- - `test` (used for tests like rspec and spinach)
+ - `test` (used for tests like rspec)
 
 
 ## Nuke everything and start over

doc/development/fe_guide/development_process.md

@@ -22,9 +22,9 @@ Please use your best judgement when to use it and please contribute new points t
 - [ ] Are all [departments](https://about.gitlab.com/handbook/engineering/#engineering-teams) that are needed from your perspective already involved in the issue? (For example is UX missing?)
 - [ ] Is the specification complete? Are you missing decisions? How about error handling/defaults/edge cases? Take your time to understand the needed implementation and go through its flow.
 - [ ] Are all necessary UX specifications available that you will need in order to implement? Are there new UX components/patterns in the designs? Then contact the UI component team early on. How should error messages or validation be handled?
-- [ ] **Library usage** Use Vuex as soon as you have even a medium state to manage, use Vue router if you need to have different views internally and want to link from the outside. Check what libraries we already have for which occassions.
+- [ ] **Library usage** Use Vuex as soon as you have even a medium state to manage, use Vue router if you need to have different views internally and want to link from the outside. Check what libraries we already have for which occasions.
 - [ ] **Plan your implementation:**
-    - [ ] **Architecture plan:** Create a plan aligned with GitLab's architecture, how you are going to do the implementation, for example Vue application setup and its components (through [onion skinning](https://gitlab.com/gitlab-org/gitlab-ce/issues/35873#note_39994091)), Store structure and data flow, which existing Vue components can you reuse. Its a good idea to go through your plan with another engineer to refine it.
+    - [ ] **Architecture plan:** Create a plan aligned with GitLab's architecture, how you are going to do the implementation, for example Vue application setup and its components (through [onion skinning](https://gitlab.com/gitlab-org/gitlab-ce/issues/35873#note_39994091)), Store structure and data flow, which existing Vue components can you reuse. It's a good idea to go through your plan with another engineer to refine it.
     - [ ] **Backend:** The best way is to kickoff the implementation in a call and discuss with the assigned Backend engineer what you will need from the backend and also when. Can you reuse existing API's? How is the performance with the planned architecture? Maybe create together a JSON mock object to already start with development.
     - [ ] **Communication:** It also makes sense to have for bigger features an own slack channel (normally called #f_{feature_name}) and even weekly demo calls with all people involved.
     - [ ] **Dependency Plan:** Are there big dependencies in the plan between you and others, then maybe create an execution diagram to show what is blocking which part and the order of the different parts.
@@ -56,7 +56,7 @@ Please use your best judgement when to use it and please contribute new points t
 - [ ] If you have multiple MR's then also smoke test against the final merge.
 - [ ] Are there any big changes on how and especially how frequently we use the API then let production know about it
 - [ ] Smoke test of the RC on dev., staging., canary deployments and .com
-- [ ] Follow up on issues that came out of the review. Create isssues for discovered edge cases that should be covered in future iterations.
+- [ ] Follow up on issues that came out of the review. Create issues for discovered edge cases that should be covered in future iterations.
 
 ---
 

doc/development/fe_guide/vuex.md

@@ -68,10 +68,10 @@ Often we need to provide data from haml to our Vue application. Let's store it i
 You can use `mapState` to access state properties in the components.
 
 ### `actions.js`
-An action is a playload of information to send data from our application to our store.
+An action is a payload of information to send data from our application to our store.
 
 An action is usually composed by a `type` and a `payload` and they describe what happened.
-Enforcing that every change is described as an action lets us have a clear understanting of what is going on in the app.
+Enforcing that every change is described as an action lets us have a clear understanding of what is going on in the app.
 
 In this file, we will write the actions that will call the respective mutations:
 
@@ -87,7 +87,7 @@ In this file, we will write the actions that will call the respective mutations:
   export const fetchUsers = ({ state, dispatch }) => {
     dispatch('requestUsers');
 
-    axios.get(state.endoint)
+    axios.get(state.endpoint)
       .then(({ data }) => dispatch('receiveUsersSuccess', data))
       .catch((error) => {
         dispatch('receiveUsersError', error)
@@ -102,7 +102,7 @@ In this file, we will write the actions that will call the respective mutations:
   export const addUser = ({ state, dispatch }, user) => {
     dispatch('requestAddUser');
 
-    axios.post(state.endoint, user)
+    axios.post(state.endpoint, user)
       .then(({ data }) => dispatch('receiveAddUserSuccess', data))
       .catch((error) => dispatch('receiveAddUserError', error));
   }
@@ -126,7 +126,7 @@ The component MUST only dispatch the `fetchNamespace` action. Actions namespaced
 The `fetch` action will be responsible to dispatch `requestNamespace`, `receiveNamespaceSuccess` and `receiveNamespaceError`
 
 By following this pattern we guarantee:
-1. All aplications follow the same pattern, making it easier for anyone to maintain the code
+1. All applications follow the same pattern, making it easier for anyone to maintain the code
 1. All data in the application follows the same lifecycle pattern
 1. Actions are contained and human friendly
 1. Unit tests are easier
@@ -149,7 +149,7 @@ import { mapActions } from 'vuex';
 };
 ```
 
-#### `mutations.js`
+### `mutations.js`
 The mutations specify how the application state changes in response to actions sent to the store.
 The only way to change state in a Vuex store should be by committing a mutation.
 
@@ -183,12 +183,12 @@ Remember that actions only describe that something happened, they don't describe
     },
     [types.REQUEST_ADD_USER_ERROR](state, error) {
       state.isAddingUser = true;
-      state.errorAddingUser = error∂;
+      state.errorAddingUser = error;
     },
   };
 ```
 
-#### `getters.js`
+### `getters.js`
 Sometimes we may need to get derived state based on store state, like filtering for a specific prop.
 Using a getter will also cache the result based on dependencies due to [how computed props work](https://vuejs.org/v2/guide/computed.html#Computed-Caching-vs-Methods)
 This can be done through the `getters`:
@@ -213,7 +213,7 @@ import { mapGetters } from 'vuex';
 };
 ```
 
-#### `mutations_types.js`
+### `mutations_types.js`
 From [vuex mutations docs][vuex-mutations]:
 > It is a commonly seen pattern to use constants for mutation types in various Flux implementations. This allows the code to take advantage of tooling like linters, and putting all constants in a single file allows your collaborators to get an at-a-glance view of what mutations are possible in the entire application.
 
@@ -289,7 +289,7 @@ export default {
 ```
 
 ### Vuex Gotchas
-1. Do not call a mutation directly. Always use an action to commit a mutation. Doing so will keep consistency through out the application. From Vuex docs:
+1. Do not call a mutation directly. Always use an action to commit a mutation. Doing so will keep consistency throughout the application. From Vuex docs:
 
   >  why don't we just call store.commit('action') directly? Well, remember that mutations must be synchronous? Actions aren't. We can perform asynchronous operations inside an action.
 
@@ -342,7 +342,7 @@ describe('component', () => {
     };
 
     // populate the store
-    store.dipatch('addUser', user);
+    store.dispatch('addUser', user);
 
     vm = new Component({
       store,
@@ -352,6 +352,18 @@ describe('component', () => {
 });
 ```
 
+#### Testing Vuex actions and getters
+Because we're currently using [`babel-plugin-rewire`](https://github.com/speedskater/babel-plugin-rewire), you may encounter the following error when testing your Vuex actions and getters:
+`[vuex] actions should be function or object with "handler" function`
+
+To prevent this error from happening, you need to export an empty function as `default`:
+```
+// getters.js or actions.js
+
+// prevent babel-plugin-rewire from generating an invalid default during karma tests
+export default () => {};
+```
+
 [vuex-docs]: https://vuex.vuejs.org
 [vuex-structure]: https://vuex.vuejs.org/en/structure.html
 [vuex-mutations]: https://vuex.vuejs.org/en/mutations.html

doc/development/query_recorder.md

@@ -2,7 +2,7 @@
 
 QueryRecorder is a tool for detecting the [N+1 queries problem](http://guides.rubyonrails.org/active_record_querying.html#eager-loading-associations) from tests.
 
-> Implemented in [spec/support/query_recorder.rb](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/spec/support/query_recorder.rb) via [9c623e3e](https://gitlab.com/gitlab-org/gitlab-ce/commit/9c623e3e5d7434f2e30f7c389d13e5af4ede770a)
+> Implemented in [spec/support/query_recorder.rb](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/spec/support/helpers/query_recorder.rb) via [9c623e3e](https://gitlab.com/gitlab-org/gitlab-ce/commit/9c623e3e5d7434f2e30f7c389d13e5af4ede770a)
 
 As a rule, merge requests [should not increase query counts](merge_request_performance_guidelines.md#query-counts). If you find yourself adding something like `.includes(:author, :assignee)` to avoid having `N+1` queries, consider using QueryRecorder to enforce this with a test. Without this, a new feature which causes an additional model to be accessed will silently reintroduce the problem.
 

doc/development/rake_tasks.md

@@ -65,12 +65,11 @@ To make sure that indices still fit. You could find great details in:
 ## Run tests
 
 In order to run the test you can use the following commands:
-- `rake spinach` to run the spinach suite
 - `rake spec` to run the rspec suite
 - `rake karma` to run the karma test suite
 - `rake gitlab:test` to run all the tests
 
-Note: Both `rake spinach` and `rake spec` takes significant time to pass.
+Note: `rake spec` takes significant time to pass.
 Instead of running full test suite locally you can save a lot of time by running
 a single test or directory related to your changes. After you submit merge request
 CI will run full test suite for you. Green CI status in the merge request means
@@ -82,12 +81,10 @@ files it can find, also the ones in `/tmp`
 To run a single test file you can use:
 
 - `bin/rspec spec/controllers/commit_controller_spec.rb` for a rspec test
-- `bin/spinach features/project/issues/milestones.feature` for a spinach test
 
 To run several tests inside one directory:
 
 - `bin/rspec spec/requests/api/` for the rspec tests if you want to test API only
-- `bin/spinach features/profile/` for the spinach tests if you want to test only profile pages
 
 ### Speed-up tests, rake tasks, and migrations
 

doc/development/testing_guide/best_practices.md

@@ -12,8 +12,7 @@ Here are some things to keep in mind regarding test performance:
 - `FactoryBot.build(...)` and `.build_stubbed` are faster than `.create`.
 - Don't `create` an object when `build`, `build_stubbed`, `attributes_for`,
   `spy`, or `double` will do. Database persistence is slow!
-- Don't mark a feature as requiring JavaScript (through `@javascript` in
-  Spinach or `:js` in RSpec) unless it's _actually_ required for the test
+- Don't mark a feature as requiring JavaScript (through `:js` in RSpec) unless it's _actually_ required for the test
   to be valid. Headless browser testing is slow!
 
 [parallelization]: ci.md#test-suite-parallelization-on-the-ci
@@ -134,11 +133,24 @@ really fast since:
 - gitlab-shell and Gitaly setup are skipped
 - Test repositories setup are skipped
 
-Note that in some cases, you might have to add some `require_dependency 'foo'`
-in your file under test since Rails autoloading is not available in these cases.
+`fast_spec_helper` also support autoloading classes that are located inside the
+`lib/` directory. It means that as long as your class / module is using only
+code from the `lib/` directory you will not need to explicitly load any
+dependencies. `fast_spec_helper` also loads all ActiveSupport extensions,
+including core extensions that are commonly used in the Rails environment.
 
-This shouldn't be a problem since explicitely listing dependencies should be
-considered a good practice anyway.
+Note that in some cases, you might still have to load some dependencies using
+`require_dependency` when a code is using gems or a dependency is not located
+in `lib/`.
+
+For example, if you want to test your code that is calling the
+`Gitlab::UntrustedRegexp` class, which under the hood uses `re2` library, you
+should either add `require_dependency 're2'` to files in your library that
+need `re2` gem, to make this requirement explicit, or you can add it to the
+spec itself, but the former is preferred.
+
+It takes around one second to load tests that are using `fast_spec_helper`
+instead of 30+ seconds in case of a regular `spec_helper`.
 
 ### `let` variables
 

doc/development/testing_guide/ci.md

@@ -24,8 +24,7 @@ Our current CI parallelization setup is as follows:
   uploaded to S3.
 
 After that, the next pipeline will use the up-to-date
-`knapsack/${CI_PROJECT_NAME}/rspec_report-master.json` file. The same strategy
-is used for Spinach tests as well.
+`knapsack/${CI_PROJECT_NAME}/rspec_report-master.json` file. 
 
 ### Monitoring
 

doc/development/testing_guide/frontend_testing.md

@@ -280,26 +280,6 @@ describe "Admin::AbuseReports", :js do
 end
 ```
 
-### Spinach errors due to missing JavaScript
-
-NOTE: **Note:** Since we are discouraging the use of Spinach when writing new
-feature tests, you shouldn't ever need to use this. This information is kept
-available for legacy purposes only.
-
-In Spinach, the JavaScript driver is enabled differently. In the `*.feature`
-file for the failing spec, add the `@javascript` flag above the Scenario:
-
-```
-@javascript
-Scenario: Developer can approve merge request
-  Given I am a "Shop" developer
-  And I visit project "Shop" merge requests page
-  And merge request 'Bug NS-04' must be approved
-  And I click link "Bug NS-04"
-  When I click link "Approve"
-  Then I should see approved merge request "Bug NS-04"
-```
-
 [jasmine-focus]: https://jasmine.github.io/2.5/focused_specs.html
 [jasmine-jquery]: https://github.com/velesin/jasmine-jquery
 [karma]: http://karma-runner.github.io/

doc/development/testing_guide/index.md

@@ -72,21 +72,6 @@ Everything you should know about how to run end-to-end tests using
 
 ---
 
-## Spinach (feature) tests
-
-GitLab [moved from Cucumber to Spinach](https://github.com/gitlabhq/gitlabhq/pull/1426)
-for its feature/integration tests in September 2012.
-
-As of March 2016, we are [trying to avoid adding new Spinach
-tests](https://gitlab.com/gitlab-org/gitlab-ce/issues/14121) going forward,
-opting for [RSpec feature](#features-integration) specs.
-
-Adding new Spinach scenarios is acceptable _only if_ the new scenario requires
-no more than one new `step` definition. If more than that is required, the
-test should be re-implemented using RSpec instead.
-
----
-
 [Return to Development documentation](../README.md)
 
 [^1]: /ci/yaml/README.html#dependencies

doc/development/testing_guide/testing_levels.md

@@ -81,7 +81,6 @@ possible).
 | Tests path | Testing engine | Notes |
 | ---------- | -------------- | ----- |
 | `spec/features/` | [Capybara] + [RSpec] | If your spec has the `:js` metadata, the browser driver will be [Poltergeist], otherwise it's using [RackTest]. |
-| `features/` | Spinach | Spinach tests are deprecated, [you shouldn't add new Spinach tests](#spinach-feature-tests). |
 
 ### Consider **not** writing a system test!
 

doc/user/gitlab_com/index.md

@@ -75,7 +75,6 @@ Shared Runners on GitLab.com run in [autoscale mode] and powered by
 Google Cloud Platform and DigitalOcean. Autoscaling means reduced
 waiting times to spin up CI/CD jobs, and isolated VMs for each project,
 thus maximizing security.
-
 They're free to use for public open source projects and limited to 2000 CI
 minutes per month per group for private projects. Read about all
 [GitLab.com plans](https://about.gitlab.com/pricing/).
@@ -90,6 +89,10 @@ ephemeral instances with 3.75GB of RAM, CoreOS and the latest Docker Engine
 installed. Instances provide 1 vCPU and 25GB of HDD disk space. The default
 region of the VMs is US East1.
 
+Jobs handled by the shared Runners on GitLab.com (`shared-runners-manager-X.gitlab.com`),
+**will be timed out after 3 hours**, regardless of the timeout configured in a
+project. Check the issues [4010] and [4070] for the reference.
+
 Below are the shared Runners settings.
 
 | Setting                               | GitLab.com                                        | Default    |
@@ -340,3 +343,5 @@ High Performance TCP/HTTP Load Balancer:
 [mailgun]: https://www.mailgun.com/ "Mailgun website"
 [sidekiq]: http://sidekiq.org/ "Sidekiq website"
 [unicorn-worker-killer]: https://rubygems.org/gems/unicorn-worker-killer "unicorn-worker-killer"
+[4010]: https://gitlab.com/gitlab-com/infrastructure/issues/4010 "Find a good value for maximum timeout for Shared Runners"
+[4070]: https://gitlab.com/gitlab-com/infrastructure/issues/4070 "Configure per-runner timeout for shared-runners-manager-X on GitLab.com"

doc/user/project/bulk_editing.md

+# Bulk Editing
+
+>**Note:**
+- A permission level of `Reporter` or higher is required in order to manage
+issues.
+- A permission level of `Developer` or higher is required in order to manage
+merge requests.
+
+Fields across multiple issues or merge requests can be updated simutaneously by using the bulk edit feature.
+
+>**Note:**
+- Bulk editing of issues and merge requests is only available at the project level.
+
+To access the feature, navigate to either the issue or merge request list for the project and click 'Edit Issues' or 'Edit Merge Requests'. This will cause a sidebar to be shown on the right-hand side of the screen, where the available, editable fields are displayed. Checkboxes will also appear to the left-hand side of each issue or merge request, ready to be selected.
+
+Once all items have been selected, choose the appropriate fields and their values from the sidebar and click 'Update All' to apply these changes.
+

doc/user/project/issues/index.md

@@ -151,3 +151,7 @@ or Bugzilla.
 ### Issue's API
 
 Read through the [API documentation](../../../api/issues.md).
+
+### Bulk editing issues
+
+Find out about [bulk editing issues](../../project/bulk_editing.md).

doc/user/project/merge_requests/index.md

@@ -233,6 +233,10 @@ all your changes will be available to preview by anyone with the Review Apps lin
 
 [Read more about Review Apps.](../../../ci/review_apps/index.md)
 
+## Bulk editing merge requests
+
+Find out about [bulk editing merge requests](../../project/bulk_editing.md).
+
 ## Tips
 
 Here are some tips that will help you be more efficient with merge requests in

doc/user/project/merge_requests/maintainer_access.md

@@ -16,3 +16,5 @@ source project, and only lasts while the merge request is open.
 Enable this functionality while creating a merge request:
 
 ![Enable maintainer edits](./img/allow_maintainer_push.png)
+
+[ce-17395]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/17395

doc/user/project/web_ide/index.md

@@ -13,15 +13,27 @@ and from merge requests.
 
 ![Open Web IDE](img/open_web_ide.png)
 
-## Commit changes
+## File finder
 
-Changed files are shown on the right in the commit panel. All changes are
-automatically staged. To commit your changes, add a commit message and click
-the 'Commit Button'.
+> [Introduced in](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/18323) [GitLab Core][ce] 10.8.
+
+The file finder allows you to quickly open files in the current branch by
+searching. The file finder is launched using the keyboard shortcut `Command-p`,
+`Control-p`, or `t` (when editor is not in focus). Type the filename or
+file path fragments to start seeing results.
+
+## Stage and commit changes
+
+After making your changes, click the Commit button in the bottom left to
+review the list of changed files. Click on each file to review the changes and
+click the tick icon to stage the file. 
+
+Once you have staged some changes, you can add a commit message and commit the
+staged changes. Unstaged changes will not be commited.
 
 ![Commit changes](img/commit_changes.png)
 
-## Comparing changes
+## Reviewing changes
 
 Before you commit your changes, you can compare them with the previous commit
 by switching to the review mode or selecting the file from the staged files
@@ -30,4 +42,5 @@ list.
 An additional review mode is available when you open a merge request, which
 shows you a preview of the merge request diff if you commit your changes.
 
+[ce]: https://about.gitlab.com/pricing/
 [ee]: https://about.gitlab.com/pricing/

features/steps/group/members.rb

-class Spinach::Features::GroupMembers < Spinach::FeatureSteps
-  include WaitForRequests
-  include SharedAuthentication
-  include SharedPaths
-  include SharedGroup
-  include SharedUser
-
-  step 'I should see user "John Doe" in team list' do
-    expect(group_members_list).to have_content("John Doe")
-  end
-
-  step 'I should not see user "Mary Jane" in team list' do
-    expect(group_members_list).not_to have_content("Mary Jane")
-  end
-
-  step 'I click on the "Remove User From Group" button for "John Doe"' do
-    find(:css, '.project-members-page li', text: "John Doe").find(:css, 'a.btn-remove').click
-    # poltergeist always confirms popups.
-  end
-
-  step 'I click on the "Remove User From Group" button for "Mary Jane"' do
-    find(:css, 'li', text: "Mary Jane").find(:css, 'a.btn-remove').click
-    # poltergeist always confirms popups.
-  end
-
-  step 'I should not see the "Remove User From Group" button for "John Doe"' do
-    expect(find(:css, '.project-members-page li', text: "John Doe")).not_to have_selector(:css, 'a.btn-remove')
-    # poltergeist always confirms popups.
-  end
-
-  step 'I should not see the "Remove User From Group" button for "Mary Jane"' do
-    expect(find(:css, 'li', text: "Mary Jane")).not_to have_selector(:css, 'a.btn-remove')
-    # poltergeist always confirms popups.
-  end
-
-  step 'I change the "Mary Jane" role to "Developer"' do
-    member = mary_jane_member
-
-    page.within "#group_member_#{member.id}" do
-      click_button member.human_access
-
-      page.within '.dropdown-menu' do
-        click_link 'Developer'
-      end
-
-      wait_for_requests
-    end
-  end
-
-  step 'I should see "Mary Jane" as "Developer"' do
-    member = mary_jane_member
-
-    page.within "#group_member_#{member.id}" do
-      expect(page).to have_content "Developer"
-    end
-  end
-
-  private
-
-  def mary_jane_member
-    user = User.find_by(name: "Mary Jane")
-    owned_group.members.find_by(user_id: user.id)
-  end
-
-  def group_members_list
-    find(".panel .content-list")
-  end
-end

features/steps/profile/notifications.rb

-class Spinach::Features::ProfileNotifications < Spinach::FeatureSteps
-  include SharedAuthentication
-  include SharedProject
-
-  step 'I visit profile notifications page' do
-    visit profile_notifications_path
-  end
-
-  step 'I should see global notifications settings' do
-    expect(page).to have_content "Notifications"
-  end
-
-  step 'I select Mention setting from dropdown' do
-    first(:link, "On mention").click
-  end
-
-  step 'I should see Notification saved message' do
-    expect(page).to have_content 'On mention'
-  end
-end

features/steps/project/commits/branches.rb

-class Spinach::Features::ProjectCommitsBranches < Spinach::FeatureSteps
-  include SharedAuthentication
-  include SharedProject
-  include SharedPaths
-
-  step 'I click link "All"' do
-    click_link "All"
-  end
-
-  step 'I click link "Protected"' do
-    click_link "Protected"
-  end
-
-  step 'I click new branch link' do
-    click_link "New branch"
-  end
-
-  step 'I submit new branch form with invalid name' do
-    fill_in 'branch_name', with: '1.0 stable'
-    page.find("body").click # defocus the branch_name input
-    select_branch('master')
-    click_button 'Create branch'
-  end
-
-  def select_branch(branch_name)
-    find('.git-revision-dropdown-toggle').click
-
-    page.within '#new-branch-form .dropdown-menu' do
-      click_link branch_name
-    end
-  end
-end

features/steps/project/commits/comments.rb

-class Spinach::Features::ProjectCommitsComments < Spinach::FeatureSteps
-  include SharedAuthentication
-  include SharedNote
-  include SharedPaths
-  include SharedProject
-end

features/steps/project/commits/diff_comments.rb

-class Spinach::Features::ProjectCommitsDiffComments < Spinach::FeatureSteps
-  include SharedAuthentication
-  include SharedDiffNote
-  include SharedPaths
-  include SharedProject
-end

features/steps/project/create.rb

-class Spinach::Features::ProjectCreate < Spinach::FeatureSteps
-  include SharedAuthentication
-  include SharedPaths
-  include SharedUser
-
-  step 'fill project form with valid data' do
-    fill_in 'project_path', with: 'Empty'
-    page.within '#content-body' do
-      click_button "Create project"
-    end
-  end
-
-  step 'I should see project page' do
-    expect(page).to have_content "Empty"
-    expect(current_path).to eq project_path(Project.last)
-  end
-
-  step 'I should see empty project instructions' do
-    expect(page).to have_content "git init"
-    expect(page).to have_content "git remote"
-    expect(page).to have_content Project.last.url_to_repo
-  end
-end

features/steps/project/issues/filter_labels.rb

-class Spinach::Features::ProjectIssuesFilterLabels < Spinach::FeatureSteps
-  include SharedAuthentication
-  include SharedProject
-  include SharedPaths
-  include Select2Helper
-
-  step 'I should see "Bugfix1" in issues list' do
-    page.within ".issues-list" do
-      expect(page).to have_content "Bugfix1"
-    end
-  end
-
-  step 'I should see "Bugfix2" in issues list' do
-    page.within ".issues-list" do
-      expect(page).to have_content "Bugfix2"
-    end
-  end
-
-  step 'I should not see "Bugfix2" in issues list' do
-    page.within ".issues-list" do
-      expect(page).not_to have_content "Bugfix2"
-    end
-  end
-
-  step 'I should not see "Feature1" in issues list' do
-    page.within ".issues-list" do
-      expect(page).not_to have_content "Feature1"
-    end
-  end
-
-  step 'I click "dropdown close button"' do
-    page.first('.labels-filter .dropdown-title .dropdown-menu-close-icon').click
-    sleep 2
-  end
-
-  step 'I click link "feature"' do
-    page.within ".labels-filter" do
-      click_link "feature"
-    end
-  end
-
-  step 'project "Shop" has issue "Bugfix1" with labels: "bug", "feature"' do
-    project = Project.find_by(name: "Shop")
-    issue = create(:issue, title: "Bugfix1", project: project)
-    issue.labels << project.labels.find_by(title: 'bug')
-    issue.labels << project.labels.find_by(title: 'feature')
-  end
-
-  step 'project "Shop" has issue "Bugfix2" with labels: "bug", "enhancement"' do
-    project = Project.find_by(name: "Shop")
-    issue = create(:issue, title: "Bugfix2", project: project)
-    issue.labels << project.labels.find_by(title: 'bug')
-    issue.labels << project.labels.find_by(title: 'enhancement')
-  end
-
-  step 'project "Shop" has issue "Feature1" with labels: "feature"' do
-    project = Project.find_by(name: "Shop")
-    issue = create(:issue, title: "Feature1", project: project)
-    issue.labels << project.labels.find_by(title: 'feature')
-  end
-end

features/steps/project/issues/issues.rb

-class Spinach::Features::ProjectIssues < Spinach::FeatureSteps
-  include SharedAuthentication
-  include SharedIssuable
-  include SharedProject
-  include SharedNote
-  include SharedPaths
-  include SharedMarkdown
-  include SharedUser
-
-  step 'I should not see "Release 0.3" in issues' do
-    expect(page).not_to have_content "Release 0.3"
-  end
-
-  step 'I click link "Closed"' do
-    find('.issues-state-filters [data-state="closed"] span', text: 'Closed').click
-  end
-
-  step 'I should see "Release 0.3" in issues' do
-    expect(page).to have_content "Release 0.3"
-  end
-
-  step 'I should not see "Release 0.4" in issues' do
-    expect(page).not_to have_content "Release 0.4"
-  end
-
-  step 'I click link "All"' do
-    find('.issues-state-filters [data-state="all"] span', text: 'All').click
-    # Waits for load
-    expect(find('.issues-state-filters > .active')).to have_content 'All'
-  end
-
-  step 'I should see issue "Tweet control"' do
-    expect(page).to have_content "Tweet control"
-  end
-
-  step 'I click "author" dropdown' do
-    page.find('.js-author-search').click
-    sleep 1
-  end
-
-  step 'I see current user as the first user' do
-    expect(page).to have_selector('.dropdown-content', visible: true)
-    users = page.all('.dropdown-menu-author .dropdown-content li a')
-    expect(users[0].text).to eq 'Any Author'
-    expect(users[1].text).to eq "#{current_user.name} #{current_user.to_reference}"
-  end
-
-  step 'I click link "500 error on profile"' do
-    click_link "500 error on profile"
-  end
-
-  step 'I should see label \'bug\' with issue' do
-    page.within '.issuable-show-labels' do
-      expect(page).to have_content 'bug'
-    end
-  end
-
-  step 'I fill in issue search with "Re"' do
-    filter_issue "Re"
-  end
-
-  step 'I fill in issue search with "Bu"' do
-    filter_issue "Bu"
-  end
-
-  step 'I fill in issue search with ".3"' do
-    filter_issue ".3"
-  end
-
-  step 'I fill in issue search with "Something"' do
-    filter_issue "Something"
-  end
-
-  step 'I fill in issue search with ""' do
-    filter_issue ""
-  end
-
-  step 'project "Shop" has milestone "v2.2"' do
-    milestone = create(:milestone, title: "v2.2", project: project)
-
-    3.times { create(:issue, project: project, milestone: milestone) }
-  end
-
-  step 'project "Shop" has milestone "v3.0"' do
-    milestone = create(:milestone, title: "v3.0", project: project)
-
-    3.times { create(:issue, project: project, milestone: milestone) }
-  end
-
-  When 'I select milestone "v3.0"' do
-    select "v3.0", from: "milestone_id"
-  end
-
-  step 'I should see selected milestone with title "v3.0"' do
-    issues_milestone_selector = "#issue_milestone_id_chzn > a"
-    expect(find(issues_milestone_selector)).to have_content("v3.0")
-  end
-
-  When 'I select first assignee from "Shop" project' do
-    first_assignee = project.users.first
-    select first_assignee.name, from: "assignee_id"
-  end
-
-  step 'I should see first assignee from "Shop" as selected assignee' do
-    issues_assignee_selector = "#issue_assignee_id_chzn > a"
-
-    assignee_name = project.users.first.name
-    expect(find(issues_assignee_selector)).to have_content(assignee_name)
-  end
-
-  step 'The list should be sorted by "Least popular"' do
-    page.within '.issues-list' do
-      page.within 'li.issue:nth-child(1)' do
-        expect(page).to have_content 'Tweet control'
-        expect(page).to have_content '1 2'
-      end
-
-      page.within 'li.issue:nth-child(2)' do
-        expect(page).to have_content 'Release 0.4'
-        expect(page).to have_content '2 1'
-      end
-
-      page.within 'li.issue:nth-child(3)' do
-        expect(page).to have_content 'Bugfix'
-        expect(page).not_to have_content '0 0'
-      end
-    end
-  end
-
-  When 'I visit empty project page' do
-    project = Project.find_by(name: 'Empty Project')
-    visit project_path(project)
-  end
-
-  When "I visit project \"Community\" issues page" do
-    project = Project.find_by(name: 'Community')
-    visit project_issues_path(project)
-  end
-
-  step 'project \'Shop\' has issue \'Bugfix1\' with description: \'Description for issue1\'' do
-    create(:issue, title: 'Bugfix1', description: 'Description for issue1', project: project)
-  end
-
-  step 'project \'Shop\' has issue \'Feature1\' with description: \'Feature submitted for issue1\'' do
-    create(:issue, title: 'Feature1', description: 'Feature submitted for issue1', project: project)
-  end
-
-  step 'I fill in issue search with \'Description for issue1\'' do
-    filter_issue 'Description for issue'
-  end
-
-  step 'I fill in issue search with \'issue1\'' do
-    filter_issue 'issue1'
-  end
-
-  step 'I fill in issue search with \'Rock and roll\'' do
-    filter_issue 'Rock and roll'
-  end
-
-  step 'I should see \'Bugfix1\' in issues' do
-    expect(page).to have_content 'Bugfix1'
-  end
-
-  step 'I should see \'Feature1\' in issues' do
-    expect(page).to have_content 'Feature1'
-  end
-
-  step 'I should not see \'Bugfix1\' in issues' do
-    expect(page).not_to have_content 'Bugfix1'
-  end
-
-  def filter_issue(text)
-    fill_in 'issuable_search', with: text
-  end
-end

features/steps/project/issues/milestones.rb

-class Spinach::Features::ProjectIssuesMilestones < Spinach::FeatureSteps
-  include SharedAuthentication
-  include SharedProject
-  include SharedPaths
-  include SharedMarkdown
-
-  step 'project "Shop" has milestone "v2.2"' do
-    project = Project.find_by(name: "Shop")
-    milestone = create(:milestone,
-                       title: "v2.2",
-                       project: project,
-                       description: "# Description header"
-                      )
-    3.times { create(:issue, project: project, milestone: milestone) }
-  end
-
-  When 'I click link "All Issues"' do
-    click_link 'All Issues'
-  end
-end

features/steps/project/issues/references.rb

-class Spinach::Features::ProjectIssuesReferences < Spinach::FeatureSteps
-  include SharedAuthentication
-  include SharedIssuable
-  include SharedNote
-  include SharedProject
-  include SharedUser
-end

features/steps/project/merge_requests/references.rb

-class Spinach::Features::ProjectMergeRequestsReferences < Spinach::FeatureSteps
-  include SharedAuthentication
-  include SharedIssuable
-  include SharedNote
-  include SharedProject
-  include SharedUser
-end

features/steps/shared/active_tab.rb

-module SharedActiveTab
-  include Spinach::DSL
-  include WaitForRequests
-
-  after do
-    wait_for_requests if javascript_test?
-  end
-
-  def ensure_active_main_tab(content)
-    expect(find('.sidebar-top-level-items > li.active')).to have_content(content)
-  end
-
-  def ensure_active_sub_tab(content)
-    expect(find('.sidebar-sub-level-items > li.active:not(.fly-out-top-item)')).to have_content(content)
-  end
-
-  def ensure_active_sub_nav(content)
-    expect(find('.layout-nav .controls li.active')).to have_content(content)
-  end
-
-  step 'no other main tabs should be active' do
-    expect(page).to have_selector('.sidebar-top-level-items > li.active', count: 1)
-  end
-
-  step 'no other sub tabs should be active' do
-    expect(page).to have_selector('.sidebar-sub-level-items  > li.active:not(.fly-out-top-item)', count: 1)
-  end
-
-  step 'no other sub navs should be active' do
-    expect(page).to have_selector('.layout-nav .controls li.active', count: 1)
-  end
-end

features/steps/shared/admin.rb

-module SharedAdmin
-  include Spinach::DSL
-
-  step 'there are projects in system' do
-    2.times { create(:project, :repository) }
-  end
-
-  step 'system has users' do
-    2.times { create(:user) }
-  end
-end

features/steps/shared/authentication.rb

-require Rails.root.join('features', 'support', 'login_helpers')
-
-module SharedAuthentication
-  include Spinach::DSL
-  include LoginHelpers
-
-  step 'I sign in as a user' do
-    sign_out(@user) if @user
-
-    @user = create(:user)
-    sign_in(@user)
-  end
-
-  step 'I sign in via the UI' do
-    gitlab_sign_in(create(:user))
-  end
-
-  step 'I should be redirected to sign in page' do
-    expect(current_path).to eq new_user_session_path
-  end
-
-  step "I logout directly" do
-    gitlab_sign_out
-  end
-
-  def current_user
-    @user || User.reorder(nil).first
-  end
-
-  private
-
-  def gitlab_sign_in(user)
-    visit new_user_session_path
-
-    fill_in "user_login", with: user.email
-    fill_in "user_password", with: "12345678"
-    check 'user_remember_me'
-    click_button "Sign in"
-
-    @user = user
-  end
-
-  def gitlab_sign_out
-    return unless @user
-
-    if Capybara.current_driver == Capybara.javascript_driver
-      find('.header-user-dropdown-toggle').click
-      click_link 'Sign out'
-      expect(page).to have_button('Sign in')
-    else
-      sign_out(@user)
-    end
-
-    @user = nil
-  end
-end

features/steps/shared/diff_note.rb

-module SharedDiffNote
-  include Spinach::DSL
-  include RepoHelpers
-  include WaitForRequests
-
-  after do
-    wait_for_requests if javascript_test?
-  end
-
-  step 'I delete a diff comment' do
-    find('.note').hover
-    find(".js-note-delete").click
-  end
-
-  step 'I haven\'t written any diff comment text' do
-    page.within(diff_file_selector) do
-      fill_in "note[note]", with: ""
-    end
-  end
-
-  step 'The diff comment preview tab should say there is nothing to do' do
-    page.within(diff_file_selector) do
-      find('.js-md-preview-button').click
-      expect(find('.js-md-preview')).to have_content('Nothing to preview.')
-    end
-  end
-
-  step 'I see side-by-side diff button' do
-    expect(page).to have_content "Side-by-side"
-  end
-
-  def diff_file_selector
-    '.diff-file:nth-of-type(1)'
-  end
-
-  def click_diff_line(code)
-    find(".line_holder[id='#{code}'] button").click
-  end
-
-  def click_parallel_diff_line(code, line_type)
-    find(".line_holder.parallel td[id='#{code}']").find(:xpath, 'preceding-sibling::*[1][self::td]').hover
-    find(".line_holder.parallel button[data-line-code='#{code}']").click
-  end
-end

features/steps/shared/group.rb

-module SharedGroup
-  include Spinach::DSL
-
-  step 'current user is developer of group "Owned"' do
-    is_member_of(current_user.name, "Owned", Gitlab::Access::DEVELOPER)
-  end
-
-  step '"John Doe" is guest of group "Guest"' do
-    is_member_of("John Doe", "Guest", Gitlab::Access::GUEST)
-  end
-
-  step '"Mary Jane" is owner of group "Owned"' do
-    is_member_of("Mary Jane", "Owned", Gitlab::Access::OWNER)
-  end
-
-  step '"Mary Jane" is guest of group "Owned"' do
-    is_member_of("Mary Jane", "Owned", Gitlab::Access::GUEST)
-  end
-
-  step '"Mary Jane" is guest of group "Guest"' do
-    is_member_of("Mary Jane", "Guest", Gitlab::Access::GUEST)
-  end
-
-  step 'I should see group "TestGroup"' do
-    expect(page).to have_content "TestGroup"
-  end
-
-  step 'I should not see group "TestGroup"' do
-    expect(page).not_to have_content "TestGroup"
-  end
-
-  protected
-
-  def is_member_of(username, groupname, role)
-    user = User.find_by(name: username) || create(:user, name: username)
-    group = Group.find_by(name: groupname) || create(:group, name: groupname)
-    group.add_user(user, role)
-    project ||= create(:project, :repository, namespace: group)
-    create(:closed_issue_event, project: project)
-    project.add_master(user)
-  end
-
-  def owned_group
-    @owned_group ||= Group.find_by(name: "Owned")
-  end
-end

features/steps/shared/issuable.rb

-module SharedIssuable
-  include Spinach::DSL
-
-  def edit_issuable
-    find('.js-issuable-edit', visible: true).click
-  end
-
-  step 'I leave a comment referencing issue "Community issue"' do
-    leave_reference_comment(
-      issuable: Issue.find_by(title: 'Community issue'),
-      from_project_name: 'Enterprise'
-    )
-  end
-
-  step 'I click link "Edit" for the merge request' do
-    edit_issuable
-  end
-
-  step 'I sort the list by "Least popular"' do
-    find('button.dropdown-toggle').click
-
-    page.within('.content ul.dropdown-menu.dropdown-menu-align-right li') do
-      click_link 'Least popular'
-    end
-  end
-
-  step 'I click link "Next" in the sidebar' do
-    page.within '.issuable-sidebar' do
-      click_link 'Next'
-    end
-  end
-
-  def create_issuable_for_project(project_name:, title:, type: :issue)
-    project = Project.find_by(name: project_name)
-
-    attrs = {
-      title: title,
-      author: project.users.first,
-      description: '# Description header'
-    }
-
-    case type
-    when :issue
-      attrs[:project] = project
-    when :merge_request
-      attrs.merge!(
-        source_project: project,
-        target_project: project,
-        source_branch: 'fix',
-        target_branch: 'master'
-      )
-    end
-
-    create(type, attrs)
-  end
-
-  def leave_reference_comment(issuable:, from_project_name:)
-    project = Project.find_by(name: from_project_name)
-
-    page.within('.js-main-target-form') do
-      fill_in 'note[note]', with: "##{issuable.to_reference(project)}"
-      click_button 'Comment'
-    end
-  end
-
-  def visible_note(issuable:, from_project_name:, user_name:)
-    project = Project.find_by(name: from_project_name)
-
-    expect(page).to have_content(user_name)
-    expect(page).to have_content("mentioned in #{issuable.class.to_s.titleize.downcase} #{issuable.to_reference(project)}")
-  end
-
-  def expect_sidebar_content(content)
-    page.within '.issuable-sidebar' do
-      expect(page).to have_content content
-    end
-  end
-end

features/steps/shared/markdown.rb

-module SharedMarkdown
-  include Spinach::DSL
-
-  step 'I should not see the Markdown preview' do
-    expect(find('.gfm-form .js-md-preview')).not_to be_visible
-  end
-
-  step 'I haven\'t written any description text' do
-    find('.gfm-form').fill_in 'Description', with: ''
-  end
-end

features/steps/shared/note.rb

-module SharedNote
-  include Spinach::DSL
-  include WaitForRequests
-
-  after do
-    wait_for_requests if javascript_test?
-  end
-
-  step 'I haven\'t written any comment text' do
-    page.within(".js-main-target-form") do
-      fill_in "note[note]", with: ""
-    end
-  end
-
-  step 'The comment preview tab should say there is nothing to do' do
-    page.within(".js-main-target-form") do
-      find('.js-md-preview-button').click
-      expect(find('.js-md-preview')).to have_content('Nothing to preview.')
-    end
-  end
-end