Merge branch 'master' into 31156-environments-vue-service

* master: (91 commits)
  Move api lint out of static analysis job
  Fix project tree saver and fork spec failures
  Fix lazy error handling of cron parser
  Use gitlab-workhorse 2.0.0
  Revert to real click seeing as that was a bug with only the original branch
  Fixed issue_sidebar_spec.rb click as true click cannot hit the right element and removed sleep
  find and match first dropdown before clicking
  Elaborate on the usage of Spring
  Note Ghost user and refer to user deletion documentation
  Fix label creation from issuable for subgroup projects
  Detect already enabled DeployKeys in EnableDeployKeyService
  Extract common parts of snippet and blob pages into partial
  update article date
  link ldap-ee article from auth index
  add ldap article and changes from !10299
  Fix misaligned buttons in wiki pages
  Improve pipelines_finder.rb
  Improve documentation
  Correct typo in pipelines_spec.rb
  Avoid using sample
  ...

.gitlab-ci.yml

@@ -264,11 +264,15 @@ spinach mysql 9 10: *spinach-knapsack-mysql
 static-analysis:
   <<: *ruby-static-analysis
   <<: *dedicated-runner
+  <<: *except-docs
   stage: test
   script:
     - scripts/static-analysis
 
-docs:check:links:
+# Documentation checks:
+# - Check validity of relative links
+# - Make sure cURL examples in API docs use the full switches
+docs lint:
   image: "registry.gitlab.com/gitlab-org/gitlab-build-images:nanoc-bootstrap-ruby-2.4-alpine"
   stage: test
   <<: *dedicated-runner
@@ -276,6 +280,7 @@ docs:check:links:
   dependencies: []
   before_script: []
   script:
+    - scripts/lint-doc.sh
     - mv doc/ /nanoc/content/
     - cd /nanoc
     # Build HTML from Markdown

GITLAB_WORKHORSE_VERSION

-1.4.3
+2.0.0

app/assets/javascripts/milestone.js

@@ -19,12 +19,10 @@
       });
     };
 
-    Milestone.sortIssues = function(data) {
-      var sort_issues_url;
-      sort_issues_url = location.href + "/sort_issues";
+    Milestone.sortIssues = function(url, data) {
       return $.ajax({
         type: "PUT",
-        url: sort_issues_url,
+        url,
         data: data,
         success: function(_data) {
           return Milestone.successCallback(_data);
@@ -36,12 +34,10 @@
       });
     };
 
-    Milestone.sortMergeRequests = function(data) {
-      var sort_mr_url;
-      sort_mr_url = location.href + "/sort_merge_requests";
+    Milestone.sortMergeRequests = function(url, data) {
       return $.ajax({
         type: "PUT",
-        url: sort_mr_url,
+        url,
         data: data,
         success: function(_data) {
           return Milestone.successCallback(_data);
@@ -81,42 +77,55 @@
     };
 
     function Milestone() {
-      var oldMouseStart;
+      this.issuesSortEndpoint = $('#tab-issues').data('sort-endpoint');
+      this.mergeRequestsSortEndpoint = $('#tab-merge-requests').data('sort-endpoint');
+
       this.bindIssuesSorting();
-      this.bindMergeRequestSorting();
       this.bindTabsSwitching();
+
+      // Load merge request tab if it is active
+      // merge request tab is active based on different conditions in the backend
+      this.loadTab($('.js-milestone-tabs .active a'));
+
+      this.loadInitialTab();
     }
 
     Milestone.prototype.bindIssuesSorting = function() {
+      if (!this.issuesSortEndpoint) return;
+
       $('#issues-list-unassigned, #issues-list-ongoing, #issues-list-closed').each(function (i, el) {
         this.createSortable(el, {
           group: 'issue-list',
           listEls: $('.issues-sortable-list'),
           fieldName: 'issue',
-          sortCallback: Milestone.sortIssues,
+          sortCallback: (data) => {
+            Milestone.sortIssues(this.issuesSortEndpoint, data);
+          },
           updateCallback: Milestone.updateIssue,
         });
       }.bind(this));
     };
 
     Milestone.prototype.bindTabsSwitching = function() {
-      return $('a[data-toggle="tab"]').on('show.bs.tab', function(e) {
-        var currentTabClass, previousTabClass;
-        currentTabClass = $(e.target).data('show');
-        previousTabClass = $(e.relatedTarget).data('show');
-        $(previousTabClass).hide();
-        $(currentTabClass).removeClass('hidden');
-        return $(currentTabClass).show();
+      return $('a[data-toggle="tab"]').on('show.bs.tab', (e) => {
+        const $target = $(e.target);
+
+        location.hash = $target.attr('href');
+        this.loadTab($target);
       });
     };
 
     Milestone.prototype.bindMergeRequestSorting = function() {
+      if (!this.mergeRequestsSortEndpoint) return;
+
       $("#merge_requests-list-unassigned, #merge_requests-list-ongoing, #merge_requests-list-closed").each(function (i, el) {
         this.createSortable(el, {
           group: 'merge-request-list',
           listEls: $(".merge_requests-sortable-list:not(#merge_requests-list-merged)"),
           fieldName: 'merge_request',
-          sortCallback: Milestone.sortMergeRequests,
+          sortCallback: (data) => {
+            Milestone.sortMergeRequests(this.mergeRequestsSortEndpoint, data);
+          },
           updateCallback: Milestone.updateMergeRequest,
         });
       }.bind(this));
@@ -169,6 +178,35 @@
       });
     };
 
+    Milestone.prototype.loadInitialTab = function() {
+      const $target = $(`.js-milestone-tabs a[href="${location.hash}"]`);
+
+      if ($target.length) {
+        $target.tab('show');
+      }
+    };
+
+    Milestone.prototype.loadTab = function($target) {
+      const endpoint = $target.data('endpoint');
+      const tabElId = $target.attr('href');
+
+      if (endpoint && !$target.hasClass('is-loaded')) {
+        $.ajax({
+          url: endpoint,
+          dataType: 'JSON',
+        })
+        .fail(() => new Flash('Error loading milestone tab'))
+        .done((data) => {
+          $(tabElId).html(data.html);
+          $target.addClass('is-loaded');
+
+          if (tabElId === '#tab-merge-requests') {
+            this.bindMergeRequestSorting();
+          }
+        });
+      }
+    };
+
     return Milestone;
   })();
 }).call(window);

app/assets/stylesheets/pages/issuable.scss

@@ -6,7 +6,13 @@
 }
 
 .limit-container-width {
-  .detail-page-header {
+  .detail-page-header,
+  .page-content-header,
+  .commit-box,
+  .info-well,
+  .notes,
+  .commit-ci-menu,
+  .files-changed {
     @extend .fixed-width-container;
   }
 
@@ -36,8 +42,7 @@
   }
 
   .diffs {
-    .mr-version-controls,
-    .files-changed {
+    .mr-version-controls {
       @extend .fixed-width-container;
     }
   }

app/assets/stylesheets/pages/members.scss

@@ -133,3 +133,55 @@
     right: 160px;
   }
 }
+
+.flex-project-members-panel {
+  display: flex;
+  flex-direction: row;
+  align-items: center;
+  justify-content: center;
+
+  @media (max-width: $screen-sm-min) {
+    display: block;
+
+    .flex-project-title {
+      vertical-align: top;
+      display: inline-block;
+      max-width: 90%;
+    }
+  }
+
+  .flex-project-title {
+    overflow: hidden;
+    white-space: nowrap;
+    text-overflow: ellipsis;
+  }
+
+  .badge {
+    height: 17px;
+    line-height: 16px;
+    margin-right: 5px;
+    padding-top: 1px;
+    padding-bottom: 1px;
+  }
+
+  .flex-project-members-form {
+    flex-wrap: nowrap;
+    white-space: nowrap;
+    margin-left: auto;
+  }
+}
+
+.panel {
+  .panel-heading {
+    .badge {
+      margin-top: 0;
+    }
+
+    @media (max-width: $screen-sm-min) {
+      .badge {
+        margin-right: 0;
+        margin-left: 0;
+      }
+    }
+  }
+}
\ No newline at end of file

app/assets/stylesheets/pages/wiki.scss

@@ -71,7 +71,6 @@
     .nav-controls {
       width: auto;
       min-width: 50%;
-      white-space: nowrap;
     }
   }
 

app/controllers/concerns/milestone_actions.rb

+module MilestoneActions
+  extend ActiveSupport::Concern
+
+  def merge_requests
+    respond_to do |format|
+      format.html { redirect_to milestone_redirect_path }
+      format.json do
+        render json: tabs_json("shared/milestones/_merge_requests_tab", {
+          merge_requests: @milestone.merge_requests,
+          show_project_name: true
+        })
+      end
+    end
+  end
+
+  def participants
+    respond_to do |format|
+      format.html { redirect_to milestone_redirect_path }
+      format.json do
+        render json: tabs_json("shared/milestones/_participants_tab", {
+          users: @milestone.participants
+        })
+      end
+    end
+  end
+
+  def labels
+    respond_to do |format|
+      format.html { redirect_to milestone_redirect_path }
+      format.json do
+        render json: tabs_json("shared/milestones/_labels_tab", {
+          labels: @milestone.labels
+        })
+      end
+    end
+  end
+
+  private
+
+  def tabs_json(partial, data = {})
+    {
+      html: view_to_html_string(partial, data)
+    }
+  end
+
+  def milestone_redirect_path
+    if @project
+      namespace_project_milestone_path(@project.namespace, @project, @milestone)
+    else
+      group_milestone_path(@group, @milestone.safe_title, title: @milestone.title)
+    end
+  end
+end

app/controllers/groups/milestones_controller.rb

 class Groups::MilestonesController < Groups::ApplicationController
+  include MilestoneActions
+
   before_action :group_projects
-  before_action :milestone, only: [:show, :update]
+  before_action :milestone, only: [:show, :update, :merge_requests, :participants, :labels]
   before_action :authorize_admin_milestones!, only: [:new, :create, :update]
 
   def index

app/controllers/projects/milestones_controller.rb

 class Projects::MilestonesController < Projects::ApplicationController
+  include MilestoneActions
+
   before_action :module_enabled
-  before_action :milestone, only: [:edit, :update, :destroy, :show, :sort_issues, :sort_merge_requests]
+  before_action :milestone, only: [:edit, :update, :destroy, :show, :sort_issues, :sort_merge_requests, :merge_requests, :participants, :labels]
 
   # Allow read any milestone
   before_action :authorize_read_milestone!
 
   # Allow admin milestone
-  before_action :authorize_admin_milestone!, except: [:index, :show]
+  before_action :authorize_admin_milestone!, except: [:index, :show, :merge_requests, :participants, :labels]
 
   respond_to :html
 

app/controllers/projects/pipelines_controller.rb

@@ -9,19 +9,19 @@ class Projects::PipelinesController < Projects::ApplicationController
   def index
     @scope = params[:scope]
     @pipelines = PipelinesFinder
-      .new(project)
-      .execute(scope: @scope)
+      .new(project, scope: @scope)
+      .execute
       .page(params[:page])
       .per(30)
 
     @running_count = PipelinesFinder
-      .new(project).execute(scope: 'running').count
+      .new(project, scope: 'running').execute.count
 
     @pending_count = PipelinesFinder
-      .new(project).execute(scope: 'pending').count
+      .new(project, scope: 'pending').execute.count
 
     @finished_count = PipelinesFinder
-      .new(project).execute(scope: 'finished').count
+      .new(project, scope: 'finished').execute.count
 
     @pipelines_count = PipelinesFinder
       .new(project).execute.count

app/finders/pipelines_finder.rb

 class PipelinesFinder
-  attr_reader :project, :pipelines
+  attr_reader :project, :pipelines, :params
 
-  def initialize(project)
+  ALLOWED_INDEXED_COLUMNS = %w[id status ref user_id].freeze
+
+  def initialize(project, params = {})
     @project = project
     @pipelines = project.pipelines
+    @params = params
+  end
+
+  def execute
+    items = pipelines
+    items = by_scope(items)
+    items = by_status(items)
+    items = by_ref(items)
+    items = by_name(items)
+    items = by_username(items)
+    items = by_yaml_errors(items)
+    sort_items(items)
+  end
+
+  private
+
+  def ids_for_ref(refs)
+    pipelines.where(ref: refs).group(:ref).select('max(id)')
+  end
+
+  def from_ids(ids)
+    pipelines.unscoped.where(id: ids)
+  end
+
+  def branches
+    project.repository.branch_names
+  end
+
+  def tags
+    project.repository.tag_names
   end
 
-  def execute(scope: nil)
-    scoped_pipelines =
-      case scope
+  def by_scope(items)
+    case params[:scope]
     when 'running'
-        pipelines.running
+      items.running
     when 'pending'
-        pipelines.pending
+      items.pending
     when 'finished'
-        pipelines.finished
+      items.finished
     when 'branches'
       from_ids(ids_for_ref(branches))
     when 'tags'
       from_ids(ids_for_ref(tags))
     else
-        pipelines
+      items
     end
+  end
+
+  def by_status(items)
+    return items unless HasStatus::AVAILABLE_STATUSES.include?(params[:status])
 
-    scoped_pipelines.order(id: :desc)
+    items.where(status: params[:status])
   end
 
-  private
+  def by_ref(items)
+    if params[:ref].present?
+      items.where(ref: params[:ref])
+    else
+      items
+    end
+  end
 
-  def ids_for_ref(refs)
-    pipelines.where(ref: refs).group(:ref).select('max(id)')
+  def by_name(items)
+    if params[:name].present?
+      items.joins(:user).where(users: { name: params[:name] })
+    else
+      items
+    end
   end
 
-  def from_ids(ids)
-    pipelines.unscoped.where(id: ids)
+  def by_username(items)
+    if params[:username].present?
+      items.joins(:user).where(users: { username: params[:username] })
+    else
+      items
+    end
   end
 
-  def branches
-    project.repository.branch_names
+  def by_yaml_errors(items)
+    case Gitlab::Utils.to_boolean(params[:yaml_errors])
+    when true
+      items.where("yaml_errors IS NOT NULL")
+    when false
+      items.where("yaml_errors IS NULL")
+    else
+      items
+    end
   end
 
-  def tags
-    project.repository.tag_names
+  def sort_items(items)
+    order_by = if ALLOWED_INDEXED_COLUMNS.include?(params[:order_by])
+                 params[:order_by]
+               else
+                 :id
+               end
+
+    sort = if params[:sort] =~ /\A(ASC|DESC)\z/i
+             params[:sort]
+           else
+             :desc
+           end
+
+    items.order(order_by => sort)
   end
 end

app/helpers/milestones_helper.rb

@@ -115,4 +115,28 @@ module MilestonesHelper
       end
     end
   end
+
+  def milestone_merge_request_tab_path(milestone)
+    if @project
+      merge_requests_namespace_project_milestone_path(@project.namespace, @project, milestone, format: :json)
+    elsif @group
+      merge_requests_group_milestone_path(@group, milestone.safe_title, title: milestone.title, format: :json)
+    end
+  end
+
+  def milestone_participants_tab_path(milestone)
+    if @project
+      participants_namespace_project_milestone_path(@project.namespace, @project, milestone, format: :json)
+    elsif @group
+      participants_group_milestone_path(@group, milestone.safe_title, title: milestone.title, format: :json)
+    end
+  end
+
+  def milestone_labels_tab_path(milestone)
+    if @project
+      labels_namespace_project_milestone_path(@project.namespace, @project, milestone, format: :json)
+    elsif @group
+      labels_group_milestone_path(@group, milestone.safe_title, title: milestone.title, format: :json)
+    end
+  end
 end

app/services/projects/enable_deploy_key_service.rb

@@ -4,7 +4,10 @@ module Projects
       key = accessible_keys.find_by(id: params[:key_id] || params[:id])
       return unless key
 
+      unless project.deploy_keys.include?(key)
         project.deploy_keys << key
+      end
+
       key
     end
 

app/views/admin/users/show.html.haml

@@ -175,11 +175,7 @@
         .panel-body
           - if @user.can_be_removed? && can?(current_user, :destroy_user, @user)
             %p Deleting a user has the following effects:
-            %ul
-              %li All user content like authored issues, snippets, comments will be removed
-              - rp = @user.personal_projects.count
-              - unless rp.zero?
-                %li #{pluralize rp, 'personal project'} will be removed and cannot be restored
+            = render 'users/deletion_guidance', user: @user
             %br
             = link_to 'Remove user', [:admin, @user], data: { confirm: "USER #{@user.name} WILL BE REMOVED! Are you sure?" }, method: :delete, class: "btn btn-remove"
           - else

app/views/profiles/accounts/show.html.haml

@@ -118,11 +118,7 @@
       - if @user.can_be_removed? && can?(current_user, :destroy_user, @user)
         %p
           Deleting an account has the following effects:
-        %ul
-          %li All user content like authored issues, snippets, comments will be removed
-          - rp = current_user.personal_projects.count
-          - unless rp.zero?
-            %li #{pluralize rp, 'personal project'} will be removed and cannot be restored
+        = render 'users/deletion_guidance', user: current_user
         = link_to 'Delete account', user_registration_path, data: { confirm: "REMOVE #{current_user.name}? Are you sure?" }, method: :delete, class: "btn btn-remove"
       - else
         - if @user.solo_owned_groups.present?

app/views/projects/blob/_header.html.haml

 - blame = local_assigns.fetch(:blame, false)
 .js-file-title.file-title-flex-parent
-  .file-header-content
-    = blob_icon blob.mode, blob.name
-
-    %strong.file-title-name
-      = blob.name
-
-    = copy_file_path_button(blob.path)
-
-    %small
-      = number_to_human_size(blob.raw_size)
+  = render 'projects/blob/header_content', blob: blob
 
   .file-actions.hidden-xs
     = render 'projects/blob/viewer_switcher', blob: blob unless blame

app/views/projects/blob/_header_content.html.haml

+.file-header-content
+  = blob_icon blob.mode, blob.name
+
+  %strong.file-title-name
+    = blob.name
+
+  = copy_file_path_button(blob.path)
+
+  %small
+    = number_to_human_size(blob.raw_size)

app/views/projects/builds/_sidebar.html.haml

@@ -48,7 +48,7 @@
       - if @build.merge_request
         %p.build-detail-row
           %span.build-light-text Merge Request:
-          = link_to "#{@build.merge_request.to_reference}", merge_request_path(@build.merge_request)
+          = link_to "#{@build.merge_request.to_reference}", merge_request_path(@build.merge_request), class: 'bold'
       - if @build.duration
         %p.build-detail-row
           %span.build-light-text Duration:

app/views/projects/commit/show.html.haml

 - @no_container = true
+- container_class = !fluid_layout && diff_view == :inline ? 'container-limited' : ''
+- limited_container_width = fluid_layout || diff_view == :inline ? '' : 'limit-container-width'
 - page_title        "#{@commit.title} (#{@commit.short_id})", "Commits"
 - page_description  @commit.description
 = render "projects/commits/head"
 
-%div{ class: container_class }
+.container-fluid{ class: [limited_container_width, container_class] }
   = render "commit_box"
   - if @commit.status
     = render "ci_menu"

app/views/projects/project_members/_index.html.haml

@@ -6,6 +6,12 @@
       %p
         Add a new member to
         %strong= @project.name
+    - else
+      %p
+        Members can be added by project
+        %i Masters
+        or
+        %i Owners
   .col-lg-9
     .light.prepend-top-default
       - if can?(current_user, :admin_project_member, @project)

app/views/projects/project_members/_team.html.haml

 .panel.panel-default
-  .panel-heading
-    Members with access to
-    %strong= @project.name
+  .panel-heading.flex-project-members-panel
+    %span.flex-project-title
+      Members of
+      %strong
+        #{@project.name}
     %span.badge= @project_members.total_count
-    = form_tag namespace_project_settings_members_path(@project.namespace, @project), method: :get, class: 'form-inline member-search-form'  do
+    = form_tag namespace_project_settings_members_path(@project.namespace, @project), method: :get, class: 'form-inline member-search-form flex-project-members-form'  do
       .form-group
         = search_field_tag :search, params[:search], { placeholder: 'Find existing members by name', class: 'form-control', spellcheck: false }
         %button.member-search-btn{ type: "submit", "aria-label" => "Submit search" }

app/views/shared/issuable/_sidebar.html.haml

@@ -136,7 +136,7 @@
             - selected_labels.each do |label|
               = hidden_field_tag "#{issuable.to_ability_name}[label_names][]", label.id, id: nil
             .dropdown
-              %button.dropdown-menu-toggle.js-label-select.js-multiselect.js-label-sidebar-dropdown{ type: "button", data: {toggle: "dropdown", default_label: "Labels", field_name: "#{issuable.to_ability_name}[label_names][]", ability_name: issuable.to_ability_name, show_no: "true", show_any: "true", namespace_path: @project.try(:namespace).try(:path), project_path: @project.try(:path), issue_update: issuable_json_path(issuable), labels: (namespace_project_labels_path(@project.namespace, @project, :json) if @project) } }
+              %button.dropdown-menu-toggle.js-label-select.js-multiselect.js-label-sidebar-dropdown{ type: "button", data: {toggle: "dropdown", default_label: "Labels", field_name: "#{issuable.to_ability_name}[label_names][]", ability_name: issuable.to_ability_name, show_no: "true", show_any: "true", namespace_path: @project.try(:namespace).try(:full_path), project_path: @project.try(:path), issue_update: issuable_json_path(issuable), labels: (namespace_project_labels_path(@project.namespace, @project, :json) if @project) } }
                 %span.dropdown-toggle-text{ class: ("is-default" if selected_labels.empty?) }
                   = multi_label_name(selected_labels, "Labels")
                 = icon('chevron-down', 'aria-hidden': 'true')

app/views/shared/milestones/_tab_loading.html.haml

+.text-center.prepend-top-default
+  = icon('spin spinner 2x', 'aria-hidden': 'true', 'aria-label': 'Loading tab content')

app/views/shared/milestones/_tabs.html.haml

 .scrolling-tabs-container.inner-page-scroll-tabs.is-smaller
   .fade-left= icon('angle-left')
   .fade-right= icon('angle-right')
-  %ul.nav-links.scrolling-tabs
+  %ul.nav-links.scrolling-tabs.js-milestone-tabs
     - if milestone.is_a?(GlobalMilestone) || can?(current_user, :read_issue, @project)
       %li.active
         = link_to '#tab-issues', 'data-toggle' => 'tab', 'data-show' => '.tab-issues-buttons' do
           Issues
           %span.badge= milestone.issues_visible_to_user(current_user).size
       %li
-        = link_to '#tab-merge-requests', 'data-toggle' => 'tab', 'data-show' => '.tab-merge-requests-buttons' do
+        = link_to '#tab-merge-requests', 'data-toggle' => 'tab', 'data-endpoint': milestone_merge_request_tab_path(milestone) do
           Merge Requests
           %span.badge= milestone.merge_requests.size
     - else
       %li.active
-        = link_to '#tab-merge-requests', 'data-toggle' => 'tab', 'data-show' => '.tab-merge-requests-buttons' do
+        = link_to '#tab-merge-requests', 'data-toggle' => 'tab', 'data-endpoint': milestone_merge_request_tab_path(milestone) do
           Merge Requests
           %span.badge= milestone.merge_requests.size
     %li
-      = link_to '#tab-participants', 'data-toggle' => 'tab' do
+      = link_to '#tab-participants', 'data-toggle' => 'tab', 'data-endpoint': milestone_participants_tab_path(milestone) do
         Participants
         %span.badge= milestone.participants.count
     %li
-      = link_to '#tab-labels', 'data-toggle' => 'tab' do
+      = link_to '#tab-labels', 'data-toggle' => 'tab', 'data-endpoint': milestone_labels_tab_path(milestone) do
         Labels
         %span.badge= milestone.labels.count
 
@@ -30,14 +30,18 @@
 
 .tab-content.milestone-content
   - if milestone.is_a?(GlobalMilestone) || can?(current_user, :read_issue, @project)
-    .tab-pane.active#tab-issues
+    .tab-pane.active#tab-issues{ data: { sort_endpoint: (sort_issues_namespace_project_milestone_path(@project.namespace, @project, @milestone) if @project && current_user) } }
       = render 'shared/milestones/issues_tab', issues: milestone.issues_visible_to_user(current_user).include_associations, show_project_name: show_project_name, show_full_project_name: show_full_project_name
-    .tab-pane#tab-merge-requests
-      = render 'shared/milestones/merge_requests_tab', merge_requests: milestone.merge_requests, show_project_name: show_project_name, show_full_project_name: show_full_project_name
+    .tab-pane#tab-merge-requests{ data: { sort_endpoint: (sort_merge_requests_namespace_project_milestone_path(@project.namespace, @project, @milestone) if @project && current_user) } }
+      -# loaded async
+      = render "shared/milestones/tab_loading"
   - else
-    .tab-pane.active#tab-merge-requests
-      = render 'shared/milestones/merge_requests_tab', merge_requests: milestone.merge_requests, show_project_name: show_project_name, show_full_project_name: show_full_project_name
+    .tab-pane.active#tab-merge-requests{ data: { sort_endpoint: (sort_merge_requests_namespace_project_milestone_path(@project.namespace, @project, @milestone) if @project && current_user) } }
+      -# loaded async
+      = render "shared/milestones/tab_loading"
   .tab-pane#tab-participants
-    = render 'shared/milestones/participants_tab', users: milestone.participants
+    -# loaded async
+    = render "shared/milestones/tab_loading"
   .tab-pane#tab-labels
-    = render 'shared/milestones/labels_tab', labels: milestone.labels
+    -# loaded async
+    = render "shared/milestones/tab_loading"

app/views/shared/snippets/_blob.html.haml

 - blob = @snippet.blob
 .js-file-title.file-title-flex-parent
-  .file-header-content
-    = blob_icon blob.mode, blob.path
-
-    %strong.file-title-name
-      = blob.path
-
-    = copy_file_path_button(blob.path)
-
-    %small
-      = number_to_human_size(blob.raw_size)
+  = render 'projects/blob/header_content', blob: blob
 
   .file-actions.hidden-xs
     = render 'projects/blob/viewer_switcher', blob: blob

app/views/users/_deletion_guidance.html.haml

+- user = local_assigns.fetch(:user)
+
+%ul
+  %li
+    %p
+      Certain user content will be moved to a system-wide "Ghost User" in order to maintain content for posterity. For further information, please refer to the
+      = link_to 'user account deletion documentation.', help_page_path("user/profile/account/delete_account", anchor: "associated-records")
+  - personal_projects_count = user.personal_projects.count
+  - unless personal_projects_count.zero?
+    %li #{pluralize(personal_projects_count, 'personal project')} will be removed and cannot be restored

changelogs/unreleased/26883-members-page-layout-looks-broken.yml

+---
+title: Improved UX on project members settings view
+merge_request:
+author:

changelogs/unreleased/28408-feature-proposal-include-search-options-to-pipelines-api.yml

+---
+title: 'API: Add parameters to allow filtering project pipelines'
+merge_request: 9367
+author: dosuken123

changelogs/unreleased/29673-500-internal-server-error-when-enabling-a-deploy-key-more-than-once-through-api.yml

+---
+title: Detect already enabled DeployKeys in EnableDeployKeyService
+merge_request:
+author:

changelogs/unreleased/30667-creating-new-label-on-new-issue-causing-bug.yml

+---
+title: Fix label creation from issuable for subgroup projects
+merge_request:
+author:

changelogs/unreleased/31274-creating-schedule-trigger--causes-http-500-when-accessing-settings-ci_cd.yml

+---
+title: Fix error on CI/CD Settings page related to invalid pipeline trigger
+merge_request: 10948
+author: dosuken123

changelogs/unreleased/31383-admin-remove-user-text-incorrect.yml

+---
+title: Note Ghost user and refer to user deletion documentation
+merge_request:
+author:

changelogs/unreleased/31704-misaligned-buttons-in-wiki-pages.yml

+---
+title: Fix misaligned buttons in wiki pages
+merge_request: 11043
+author:

changelogs/unreleased/async-milestone-tabs.yml

+---
+title: Load milestone tabs asynchronously to increase initial load performance
+merge_request:
+author:

changelogs/unreleased/commit-limited-container-width.yml

+---
+title: Side-by-side view in commits correcly expands full window width
+merge_request:
+author:

changelogs/unreleased/tc-job-page-mr-bold.yml

+---
+title: Make MR link in build sidebar bold
+merge_request:
+author:

config/routes/group.rb

@@ -10,7 +10,13 @@ scope(path: 'groups/*group_id',
   end
 
   resource :avatar, only: [:destroy]
-  resources :milestones, constraints: { id: /[^\/]+/ }, only: [:index, :show, :update, :new, :create]
+  resources :milestones, constraints: { id: /[^\/]+/ }, only: [:index, :show, :update, :new, :create] do
+    member do
+      get :merge_requests
+      get :participants
+      get :labels
+    end
+  end
 
   resources :labels, except: [:show] do
     post :toggle_subscription, on: :member

config/routes/project.rb

@@ -207,6 +207,9 @@ constraints(ProjectUrlConstrainer.new) do
         member do
           put :sort_issues
           put :sort_merge_requests
+          get :merge_requests
+          get :participants
+          get :labels
         end
       end
 

doc/api/pipelines.md

@@ -11,6 +11,14 @@ GET /projects/:id/pipelines
 | Attribute | Type    | Required | Description         |
 |-----------|---------|----------|---------------------|
 | `id`      | integer/string | yes      | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user |
+| `scope`   | string  | no       | The scope of pipelines, one of: `running`, `pending`, `finished`, `branches`, `tags` |
+| `status`  | string  | no       | The status of pipelines, one of: `running`, `pending`, `success`, `failed`, `canceled`, `skipped` |
+| `ref`     | string  | no       | The ref of pipelines |
+| `yaml_errors`| boolean  | no       | Returns pipelines with invalid configurations |
+| `name`| string  | no       | The name of the user who triggered pipelines |
+| `username`| string  | no       | The username of the user who triggered pipelines |
+| `order_by`| string  | no       | Order pipelines by `id`, `status`, `ref`, or `user_id` (default: `id`) |
+| `sort`    | string  | no       | Sort pipelines in `asc` or `desc` order (default: `desc`) |
 
 ```
 curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/pipelines"

doc/articles/how_to_configure_ldap_gitlab_ce/index.md

+# How to configure LDAP with GitLab CE
+
+> **Type:** admin guide ||
+> **Level:** intermediary ||
+> **Author:** [Chris Wilson](https://gitlab.com/MrChrisW) ||
+> **Publication date:** 2017/05/03
+
+## Introduction
+
+Managing a large number of users in GitLab can become a burden for system administrators. As an organization grows so do user accounts. Keeping these user accounts in sync across multiple enterprise applications often becomes a time consuming task.
+
+In this guide we will focus on configuring GitLab with Active Directory. [Active Directory](https://en.wikipedia.org/wiki/Active_Directory) is a popular LDAP compatible directory service provided by Microsoft, included in all modern Windows Server operating systems.
+
+GitLab has supported LDAP integration since [version 2.2](https://about.gitlab.com/2012/02/22/gitlab-version-2-2/). With GitLab LDAP [group syncing](#group-syncing-ee) being added to GitLab Enterprise Edition in [version 6.0](https://about.gitlab.com/2013/08/20/gitlab-6-dot-0-released/). LDAP integration has become one of the most popular features in GitLab.
+
+## Getting started
+
+### Choosing an LDAP Server
+
+The main reason organizations choose to utilize a LDAP server is to keep the entire organization's user base consolidated into a central repository. Users can access multiple applications and systems across the  IT environment using a single login. Because LDAP is an open, vendor-neutral, industry standard application protocol, the number of applications using LDAP authentication continues to increase.
+
+There are many commercial and open source [directory servers](https://en.wikipedia.org/wiki/Directory_service#LDAP_implementations) that support the LDAP protocol. Deciding on the right directory server highly depends on the existing IT environment in which the server will be integrated with.
+
+For example, [Active Directory](https://technet.microsoft.com/en-us/library/hh831484(v=ws.11).aspx) is generally favored in a primarily Windows environment, as this allows quick integration with existing services. Other popular directory services include:
+
+- [Oracle Internet Directory](http://www.oracle.com/technetwork/middleware/id-mgmt/overview/index-082035.html)
+- [OpenLDAP](http://www.openldap.org/)
+- [389 Directory](http://directory.fedoraproject.org/)
+- [OpenDJ](https://forgerock.org/opendj/)
+- [ApacheDS](https://directory.apache.org/)
+
+> GitLab uses the [Net::LDAP](https://rubygems.org/gems/net-ldap) library under the hood. This means it supports all [IETF](https://tools.ietf.org/html/rfc2251) compliant LDAPv3 servers.
+
+### Active Directory (AD)
+
+We won't cover the installation and configuration of Windows Server or Active Directory Domain Services in this tutorial. There are a number of resources online to guide you through this process:
+
+- Install Windows Server 2012  - (_technet.microsoft.com_) - [Installing Windows Server 2012 ](https://technet.microsoft.com/en-us/library/jj134246(v=ws.11).aspx)
+
+- Install Active Directory Domain Services (AD DS) (_technet.microsoft.com_)- [Install Active Directory Domain Services](https://technet.microsoft.com/windows-server-docs/identity/ad-ds/deploy/install-active-directory-domain-services--level-100-#BKMK_PS)
+
+> **Shortcut:** You can quickly install AD DS via PowerShell using
+`Install-WindowsFeature AD-Domain-Services -IncludeManagementTools`
+
+### Creating an AD **OU** structure
+
+Configuring organizational units (**OU**s) is an important part of setting up Active Directory. **OU**s form the base for an entire organizational structure. Using GitLab as an example we have designed the **OU** structure below using the geographic **OU** model. In the Geographic Model we separate **OU**s for different geographic regions.
+
+| GitLab **OU** Design           |  GitLab AD Structure             |
+| :----------------------------: | :------------------------------: |
+| ![GitLab OU Design][gitlab_ou] |  ![GitLab AD Structure][ldap_ou] |
+
+[gitlab_ou]: img/gitlab_ou.png
+[ldap_ou]: img/ldap_ou.gif
+
+Using PowerShell you can output the **OU** structure as a table (_all names are examples only_):
+
+```ps
+Get-ADObject -LDAPFilter "(objectClass=*)" -SearchBase 'OU=GitLab INT,DC=GitLab,DC=org' -Properties CanonicalName | Format-Table Name,CanonicalName -A
+```
+
+```
+OU                CanonicalName
+----              -------------
+GitLab INT        GitLab.org/GitLab INT
+United States     GitLab.org/GitLab INT/United States
+Developers        GitLab.org/GitLab INT/United States/Developers
+Gary Johnson      GitLab.org/GitLab INT/United States/Developers/Gary Johnson
+Ellis Matthews    GitLab.org/GitLab INT/United States/Developers/Ellis Matthews
+William Collins   GitLab.org/GitLab INT/United States/Developers/William Collins
+People Ops        GitLab.org/GitLab INT/United States/People Ops
+Margaret Baker    GitLab.org/GitLab INT/United States/People Ops/Margaret Baker
+Libby Hartzler    GitLab.org/GitLab INT/United States/People Ops/Libby Hartzler
+Victoria Ryles    GitLab.org/GitLab INT/United States/People Ops/Victoria Ryles
+The Netherlands   GitLab.org/GitLab INT/The Netherlands
+Developers        GitLab.org/GitLab INT/The Netherlands/Developers
+John Doe          GitLab.org/GitLab INT/The Netherlands/Developers/John Doe
+Jon Mealy         GitLab.org/GitLab INT/The Netherlands/Developers/Jon Mealy
+Jane Weingarten   GitLab.org/GitLab INT/The Netherlands/Developers/Jane Weingarten
+Production        GitLab.org/GitLab INT/The Netherlands/Production
+Sarah Konopka     GitLab.org/GitLab INT/The Netherlands/Production/Sarah Konopka
+Cynthia Bruno     GitLab.org/GitLab INT/The Netherlands/Production/Cynthia Bruno
+David George      GitLab.org/GitLab INT/The Netherlands/Production/David George
+United Kingdom    GitLab.org/GitLab INT/United Kingdom
+Developers        GitLab.org/GitLab INT/United Kingdom/Developers
+Leroy Fox         GitLab.org/GitLab INT/United Kingdom/Developers/Leroy Fox
+Christopher Alley GitLab.org/GitLab INT/United Kingdom/Developers/Christopher Alley
+Norris Morita     GitLab.org/GitLab INT/United Kingdom/Developers/Norris Morita
+Support           GitLab.org/GitLab INT/United Kingdom/Support
+Laura Stanley     GitLab.org/GitLab INT/United Kingdom/Support/Laura Stanley
+Nikki Schuman     GitLab.org/GitLab INT/United Kingdom/Support/Nikki Schuman
+Harriet Butcher   GitLab.org/GitLab INT/United Kingdom/Support/Harriet Butcher
+Global Groups     GitLab.org/GitLab INT/Global Groups
+DevelopersNL      GitLab.org/GitLab INT/Global Groups/DevelopersNL
+DevelopersUK      GitLab.org/GitLab INT/Global Groups/DevelopersUK
+DevelopersUS      GitLab.org/GitLab INT/Global Groups/DevelopersUS
+ProductionNL      GitLab.org/GitLab INT/Global Groups/ProductionNL
+SupportUK         GitLab.org/GitLab INT/Global Groups/SupportUK
+People Ops US     GitLab.org/GitLab INT/Global Groups/People Ops US
+Global Admins     GitLab.org/GitLab INT/Global Groups/Global Admins
+```
+
+> See [more information](https://technet.microsoft.com/en-us/library/ff730967.aspx) on searching Active Directory with Windows PowerShell from [The Scripting Guys](https://technet.microsoft.com/en-us/scriptcenter/dd901334.aspx)
+
+## GitLab LDAP configuration
+
+The initial configuration of LDAP in GitLab requires changes to the `gitlab.rb` configuration file. Below is an example of a complete configuration using an Active Directory.
+
+The two Active Directory specific values are `active_directory: true` and `uid: 'sAMAccountName'`. `sAMAccountName` is an attribute returned by Active Directory used for GitLab usernames. See the example output from `ldapsearch` for a full list of attributes a "person" object (user) has in **AD** - [`ldapsearch` example](#using-ldapsearch-unix)
+
+> Both group_base and admin_group configuration options are only available in GitLab Enterprise Edition. See [GitLab EE - LDAP Features](#gitlab-enterprise-edition---ldap-features)
+
+### Example `gitlab.rb` LDAP
+
+```
+gitlab_rails['ldap_enabled'] = true
+gitlab_rails['ldap_servers'] = {
+'main' => {
+  'label' => 'GitLab AD',
+  'host' =>  'ad.example.org',
+  'port' => 636,
+  'uid' => 'sAMAccountName',
+  'method' => 'ssl',
+  'bind_dn' => 'CN=GitLabSRV,CN=Users,DC=GitLab,DC=org',
+  'password' => 'Password1',
+  'active_directory' => true,
+  'base' => 'OU=GitLab INT,DC=GitLab,DC=org',
+  'group_base' => 'OU=Global Groups,OU=GitLab INT,DC=GitLab,DC=org',
+  'admin_group' => 'Global Admins'
+  }
+}
+```
+
+> **Note:** Remember to run  `gitlab-ctl reconfigure` after modifying `gitlab.rb`
+
+## Security improvements (LDAPS)
+
+Security is an important aspect when deploying an LDAP server. By default, LDAP traffic is transmitted unsecured. LDAP can be secured using SSL/TLS called LDAPS, or commonly "LDAP over SSL".
+
+Securing LDAP (enabling LDAPS) on Windows Server 2012 involves installing a valid SSL certificate. For full details see Microsoft's guide [How to enable LDAP over SSL with a third-party certification authority](https://support.microsoft.com/en-us/help/321051/how-to-enable-ldap-over-ssl-with-a-third-party-certification-authority)
+
+> By default a LDAP service listens for connections on TCP and UDP port 389. LDAPS (LDAP over SSL) listens on port 636
+
+### Testing you AD server
+
+#### Using **AdFind** (Windows)
+
+You can use the [`AdFind`](https://social.technet.microsoft.com/wiki/contents/articles/7535.adfind-command-examples.aspx) utility (on Windows based systems) to test that your LDAP server is accessible and authentication is working correctly. This is a freeware utility built by [Joe Richards](http://www.joeware.net/freetools/tools/adfind/index.htm).
+
+**Return all objects**
+
+You can use the filter `objectclass=*` to return all directory objects.
+
+```sh
+adfind -h ad.example.org:636 -ssl -u "CN=GitLabSRV,CN=Users,DC=GitLab,DC=org" -up Password1 -b "OU=GitLab INT,DC=GitLab,DC=org" -f (objectClass=*)
+```
+
+**Return single object using filter**
+
+You can also retrieve a single object by **specifying** the object name or full **DN**. In this example we specify the object name only `CN=Leroy Fox`.
+
+```sh
+adfind -h ad.example.org:636 -ssl -u "CN=GitLabSRV,CN=Users,DC=GitLab,DC=org" -up Password1 -b "OU=GitLab INT,DC=GitLab,DC=org" -f (&(objectcategory=person)(CN=Leroy Fox))”
+```
+
+#### Using **ldapsearch** (Unix)
+
+You can use the `ldapsearch` utility (on Unix based systems) to test that your LDAP server is accessible and authentication is working correctly. This utility is included in the [`ldap-utils`](https://wiki.debian.org/LDAP/LDAPUtils) package.
+
+**Return all objects**
+
+You can use the filter `objectclass=*` to return all directory objects.
+
+```sh
+ldapsearch -D "CN=GitLabSRV,CN=Users,DC=GitLab,DC=org" \
+-w Password1 -p 636 -h ad.example.org \
+-b "OU=GitLab INT,DC=GitLab,DC=org" -Z \
+-s sub "(objectclass=*)"
+```
+
+**Return single object using filter**
+
+You can also retrieve a single object by **specifying** the object name or full **DN**. In this example we specify the object name only `CN=Leroy Fox`.
+
+```sh
+ldapsearch -D "CN=GitLabSRV,CN=Users,DC=GitLab,DC=org" -w Password1 -p 389 -h ad.example.org -b "OU=GitLab INT,DC=GitLab,DC=org" -Z -s sub "CN=Leroy Fox"
+```
+
+**Full output of `ldapsearch` command:** - Filtering for _CN=Leroy Fox_
+
+```
+# LDAPv3
+# base <OU=GitLab INT,DC=GitLab,DC=org> with scope subtree
+# filter: CN=Leroy Fox
+# requesting: ALL
+#
+
+# Leroy Fox, Developers, United Kingdom, GitLab INT, GitLab.org
+dn: CN=Leroy Fox,OU=Developers,OU=United Kingdom,OU=GitLab INT,DC=GitLab,DC=or
+ g
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: user
+cn: Leroy Fox
+sn: Fox
+givenName: Leroy
+distinguishedName: CN=Leroy Fox,OU=Developers,OU=United Kingdom,OU=GitLab INT,
+ DC=GitLab,DC=org
+instanceType: 4
+whenCreated: 20170210030500.0Z
+whenChanged: 20170213050128.0Z
+displayName: Leroy Fox
+uSNCreated: 16790
+memberOf: CN=DevelopersUK,OU=Global Groups,OU=GitLab INT,DC=GitLab,DC=org
+uSNChanged: 20812
+name: Leroy Fox
+objectGUID:: rBCAo6NR6E6vfSKgzcUILg==
+userAccountControl: 512
+badPwdCount: 0
+codePage: 0
+countryCode: 0
+badPasswordTime: 0
+lastLogoff: 0
+lastLogon: 0
+pwdLastSet: 131311695009850084
+primaryGroupID: 513
+objectSid:: AQUAAAAAAAUVAAAA9GMAb7tdJZvsATf7ZwQAAA==
+accountExpires: 9223372036854775807
+logonCount: 0
+sAMAccountName: Leroyf
+sAMAccountType: 805306368
+userPrincipalName: Leroyf@GitLab.org
+objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=GitLab,DC=org
+dSCorePropagationData: 16010101000000.0Z
+lastLogonTimestamp: 131314356887754250
+
+# search result
+search: 2
+result: 0 Success
+
+# numResponses: 2
+# numEntries: 1
+```
+
+## Basic user authentication
+
+After configuring LDAP, basic authentication will be available. Users can then login using their directory credentials. An extra tab is added to the GitLab login screen for the configured LDAP server (e.g "**GitLab AD**").
+
+![GitLab OU Structure](img/user_auth.gif)
+
+Users that are removed from the LDAP base group (e.g `OU=GitLab INT,DC=GitLab,DC=org`) will be **blocked** in GitLab. [More information](../../administration/auth/ldap.md#security) on LDAP security.
+
+If `allow_username_or_email_login` is enabled in the LDAP configuration, GitLab will ignore everything after the first '@' in the LDAP username used on login. Example: The username `jon.doe@example.com` is converted to `jon.doe` when authenticating with the LDAP server. Disable this setting if you use `userPrincipalName` as the `uid`.
+
+## LDAP extended features on GitLab EE
+
+With [GitLab Enterprise Edition (EE)](https://about.gitlab.com/giltab-ee/), besides everything we just described, you'll
+have extended functionalities with LDAP, such as:
+
+- Group sync
+- Group permissions
+- Updating user permissions
+- Multiple LDAP servers
+
+Read through the article on [LDAP for GitLab EE](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/) for an overview.

doc/articles/index.md

@@ -7,6 +7,11 @@ to provide the community with guidance on specific processes to achieve certain
 They are written by members of the GitLab Team and by
 [Community Writers](https://about.gitlab.com/handbook/product/technical-writing/community-writers/).
 
+## Authentication
+
+- **LDAP**
+  - [How to configure LDAP with GitLab CE](how_to_configure_ldap_gitlab_ce/index.md)
+
 ## GitLab Pages
 
 - **GitLab Pages from A to Z**

doc/development/rake_tasks.md

@@ -31,16 +31,26 @@ files it can find, also the ones in `/tmp`
 
 To run a single test file you can use:
 
-- `bundle exec rspec spec/controllers/commit_controller_spec.rb` for a rspec test
-- `bundle exec spinach features/project/issues/milestones.feature` for a spinach test
+- `bin/rspec spec/controllers/commit_controller_spec.rb` for a rspec test
+- `bin/spinach features/project/issues/milestones.feature` for a spinach test
 
 To run several tests inside one directory:
 
-- `bundle exec rspec spec/requests/api/` for the rspec tests if you want to test API only
-- `bundle exec spinach features/profile/` for the spinach tests if you want to test only profile pages
+- `bin/rspec spec/requests/api/` for the rspec tests if you want to test API only
+- `bin/spinach features/profile/` for the spinach tests if you want to test only profile pages
 
-If you want to use [Spring](https://github.com/rails/spring) set
-`ENABLE_SPRING=1` in your environment.
+### Speed-up tests, rake tasks, and migrations
+
+[Spring](https://github.com/rails/spring) is a Rails application preloader. It
+speeds up development by keeping your application running in the background so
+you don't need to boot it every time you run a test, rake task or migration.
+
+If you want to use it, you'll need to export the `ENABLE_SPRING` environment
+variable to `1`:
+
+```
+export ENABLE_SPRING=1
+```
 
 ## Compile Frontend Assets
 

doc/topics/authentication/index.md

@@ -18,6 +18,8 @@ This page gathers all the resources for the topic **Authentication** within GitL
 - [LDAP (Enterprise Edition)](https://docs.gitlab.com/ee/administration/auth/ldap-ee.html)
 - [Enforce Two-factor Authentication (2FA)](../../security/two_factor_authentication.md#enforce-two-factor-authentication-2fa)
 - **Articles:**
+  - [How to Configure LDAP with GitLab CE](../../articles/how_to_configure_ldap_gitlab_ce/index.md)
+  - [How to Configure LDAP with GitLab EE](https://docs.gitlab.com/articles/how_to_configure_ldap_gitlab_ee/)
   - [Feature Highlight: LDAP Integration](https://about.gitlab.com/2014/07/10/feature-highlight-ldap-sync/)
   - [Debugging LDAP](https://about.gitlab.com/handbook/support/workflows/ldap/debugging_ldap.html)
 - **Integrations:**

features/group/milestones.feature

@@ -38,6 +38,7 @@ Feature: Group Milestones
     And I should see the "feature" label
     And I should see the project name in the Issue row
 
+  @javascript
   Scenario: I should see the Labels tab
     Given Group has projects with milestones
     When I visit group "Owned" page

features/project/milestone.feature

@@ -7,14 +7,6 @@ Feature: Project Milestone
     And milestone has issue "Bugfix1" with labels: "bug", "feature"
     And milestone has issue "Bugfix2" with labels: "bug", "enhancement"
 
-
-  @javascript
-  Scenario: Listing issues from issues tab
-    Given I visit project "Shop" milestones page
-    And I click link "v2.2"
-    Then I should see the labels "bug", "enhancement" and "feature"
-    And I should see the "bug" label listed only once
-
   @javascript
   Scenario: Listing labels from labels tab
     Given I visit project "Shop" milestones page

features/steps/group/milestones.rb

 class Spinach::Features::GroupMilestones < Spinach::FeatureSteps
+  include WaitForAjax
   include SharedAuthentication
   include SharedPaths
   include SharedGroup
@@ -90,6 +91,8 @@ class Spinach::Features::GroupMilestones < Spinach::FeatureSteps
   end
 
   step 'I should see the list of labels' do
+    wait_for_ajax
+
     page.within('#tab-labels') do
       expect(page).to have_content 'bug'
       expect(page).to have_content 'feature'

features/steps/project/project_milestone.rb

@@ -2,6 +2,7 @@ class Spinach::Features::ProjectMilestone < Spinach::FeatureSteps
   include SharedAuthentication
   include SharedProject
   include SharedPaths
+  include WaitForAjax
 
   step 'milestone has issue "Bugfix1" with labels: "bug", "feature"' do
     project = Project.find_by(name: "Shop")
@@ -34,6 +35,8 @@ class Spinach::Features::ProjectMilestone < Spinach::FeatureSteps
   end
 
   step 'I should see the labels "bug", "enhancement" and "feature"' do
+    wait_for_ajax
+
     page.within('#tab-issues') do
       expect(page).to have_content 'bug'
       expect(page).to have_content 'enhancement'

lib/api/pipelines.rb

@@ -14,13 +14,23 @@ module API
       end
       params do
         use :pagination
-        optional :scope,    type: String, values: %w(running branches tags),
-                            desc: 'Either running, branches, or tags'
+        optional :scope,    type: String, values: %w[running pending finished branches tags],
+                            desc: 'The scope of pipelines'
+        optional :status,   type: String, values: HasStatus::AVAILABLE_STATUSES,
+                            desc: 'The status of pipelines'
+        optional :ref,      type: String, desc: 'The ref of pipelines'
+        optional :yaml_errors, type: Boolean, desc: 'Returns pipelines with invalid configurations'
+        optional :name,     type: String, desc: 'The name of the user who triggered pipelines'
+        optional :username, type: String, desc: 'The username of the user who triggered pipelines'
+        optional :order_by, type: String, values: PipelinesFinder::ALLOWED_INDEXED_COLUMNS, default: 'id',
+                            desc: 'Order pipelines'
+        optional :sort,     type: String, values: %w[asc desc], default: 'desc',
+                            desc: 'Sort pipelines'
       end
       get ':id/pipelines' do
         authorize! :read_pipeline, user_project
 
-        pipelines = PipelinesFinder.new(user_project).execute(scope: params[:scope])
+        pipelines = PipelinesFinder.new(user_project, params).execute
         present paginate(pipelines), with: Entities::PipelineBasic
       end
 

lib/api/v3/pipelines.rb

@@ -21,7 +21,7 @@ module API
         get ':id/pipelines' do
           authorize! :read_pipeline, user_project
 
-          pipelines = PipelinesFinder.new(user_project).execute(scope: params[:scope])
+          pipelines = PipelinesFinder.new(user_project, scope: params[:scope]).execute
           present paginate(pipelines), with: ::API::Entities::Pipeline
         end
       end

lib/gitlab/ci/cron_parser.rb

@@ -6,7 +6,7 @@ module Gitlab
 
       def initialize(cron, cron_timezone = 'UTC')
         @cron = cron
-        @cron_timezone = cron_timezone
+        @cron_timezone = ActiveSupport::TimeZone.find_tzinfo(cron_timezone).name
       end
 
       def next_time_from(time)
@@ -24,8 +24,23 @@ module Gitlab
 
       private
 
+      # NOTE:
+      # cron_timezone can only accept timezones listed in TZInfo::Timezone.
+      # Aliases of Timezones from ActiveSupport::TimeZone are NOT accepted,
+      # because Rufus::Scheduler only supports TZInfo::Timezone.
+      #
+      # For example, those codes have the same effect.
+      # Time.zone = 'Pacific Time (US & Canada)' (ActiveSupport::TimeZone)
+      # Time.zone = 'America/Los_Angeles' (TZInfo::Timezone)
+      #
+      # However, try_parse_cron only accepts the latter format.
+      # try_parse_cron('* * * * *', 'Pacific Time (US & Canada)') -> Doesn't work
+      # try_parse_cron('* * * * *', 'America/Los_Angeles') -> Works
+      # If you want to know more, please take a look
+      # https://github.com/rails/rails/blob/master/activesupport/lib/active_support/values/time_zone.rb
       def try_parse_cron(cron, cron_timezone)
-        Rufus::Scheduler.parse("#{cron} #{cron_timezone}")
+        cron_line = Rufus::Scheduler.parse("#{cron} #{cron_timezone}")
+        cron_line if cron_line.is_a?(Rufus::Scheduler::CronLine)
       rescue
         # noop
       end

lib/gitlab/import_export/import_export.yml

@@ -84,6 +84,7 @@ excluded_attributes:
     - :import_jid
     - :id
     - :star_count
+    - :last_activity_at
   snippets:
     - :expired_at
   merge_request_diff:

scripts/static-analysis

@@ -9,7 +9,6 @@ tasks = [
   %w[bundle exec rake scss_lint],
   %w[bundle exec rake brakeman],
   %w[bundle exec license_finder],
-  %w[scripts/lint-doc.sh],
   %w[yarn run eslint],
   %w[bundle exec rubocop --require rubocop-rspec]
 ]

spec/controllers/groups/milestones_controller_spec.rb

@@ -6,6 +6,16 @@ describe Groups::MilestonesController do
   let(:project2) { create(:empty_project, group: group) }
   let(:user)    { create(:user) }
   let(:title) { '肯定不是中文的问题' }
+  let(:milestone) do
+    project_milestone = create(:milestone, project: project)
+
+    GroupMilestone.build(
+      group,
+      [project],
+      project_milestone.title
+    )
+  end
+  let(:milestone_path) { group_milestone_path(group, milestone.safe_title, title: milestone.title) }
 
   before do
     sign_in(user)
@@ -14,6 +24,8 @@ describe Groups::MilestonesController do
     controller.instance_variable_set(:@group, group)
   end
 
+  it_behaves_like 'milestone tabs'
+
   describe "#create" do
     it "creates group milestone with Chinese title" do
       post :create,

spec/controllers/projects/milestones_controller_spec.rb

@@ -7,6 +7,7 @@ describe Projects::MilestonesController do
   let(:issue) { create(:issue, project: project, milestone: milestone) }
   let!(:label) { create(:label, project: project, title: 'Issue Label', issues: [issue]) }
   let!(:merge_request) { create(:merge_request, source_project: project, target_project: project, milestone: milestone) }
+  let(:milestone_path) { namespace_project_milestone_path }
 
   before do
     sign_in(user)
@@ -14,6 +15,8 @@ describe Projects::MilestonesController do
     controller.instance_variable_set(:@project, project)
   end
 
+  it_behaves_like 'milestone tabs'
+
   describe "#show" do
     render_views
 

spec/features/issues/issue_sidebar_spec.rb

@@ -3,7 +3,8 @@ require 'rails_helper'
 feature 'Issue Sidebar', feature: true do
   include MobileHelpers
 
-  let(:project) { create(:project, :public) }
+  let(:group) { create(:group, :nested) }
+  let(:project) { create(:project, :public, namespace: group) }
   let(:issue) { create(:issue, project: project) }
   let!(:user) { create(:user)}
   let!(:label) { create(:label, project: project, title: 'bug') }
@@ -151,9 +152,7 @@ feature 'Issue Sidebar', feature: true do
   end
 
   def open_issue_sidebar
-    page.within('aside.right-sidebar.right-sidebar-collapsed') do
-      find('.js-sidebar-toggle').click
-      sleep 1
-    end
+    find('aside.right-sidebar.right-sidebar-collapsed .js-sidebar-toggle').click
+    find('aside.right-sidebar.right-sidebar-expanded')
   end
 end

spec/features/merge_requests/create_new_mr_spec.rb

@@ -20,7 +20,6 @@ feature 'Create New Merge Request', feature: true, js: true do
     expect(page).to have_content('Target branch')
 
     first('.js-source-branch').click
-    first('.dropdown-source-branch .dropdown-content')
     find('.dropdown-source-branch .dropdown-content a', match: :first).click
 
     expect(page).to have_content "b83d6e3"
@@ -35,8 +34,7 @@ feature 'Create New Merge Request', feature: true, js: true do
     expect(page).to have_content('Target branch')
 
     first('.js-target-branch').click
-    first('.dropdown-target-branch .dropdown-content')
-    first('.dropdown-target-branch .dropdown-content a', text: 'v1.1.0').click
+    find('.dropdown-target-branch .dropdown-content a', text: 'v1.1.0', match: :first).click
 
     expect(page).to have_content "b83d6e3"
   end

spec/features/milestones/milestones_spec.rb

@@ -86,6 +86,9 @@ describe 'Milestone draggable', feature: true, js: true do
 
     visit namespace_project_milestone_path(project.namespace, project, milestone)
     page.find("a[href='#tab-merge-requests']").click
+
+    wait_for_ajax
+
     scroll_into_view('.milestone-content')
     drag_to(selector: '.merge_requests-sortable-list', list_to_index: 1)
 

spec/features/triggers_spec.rb

@@ -104,6 +104,24 @@ feature 'Triggers', feature: true, js: true do
 
           expect(page).to have_content 'The form contains the following errors'
         end
+
+        context 'when GitLab time_zone is ActiveSupport::TimeZone format' do
+          before do
+            allow(Time).to receive(:zone)
+              .and_return(ActiveSupport::TimeZone['Eastern Time (US & Canada)'])
+          end
+
+          scenario 'do fill form with valid data and save' do
+            find('#trigger_trigger_schedule_attributes_active').click
+            fill_in 'trigger_trigger_schedule_attributes_cron', with: '1 * * * *'
+            fill_in 'trigger_trigger_schedule_attributes_cron_timezone', with: 'UTC'
+            fill_in 'trigger_trigger_schedule_attributes_ref', with: 'master'
+            click_button 'Save trigger'
+
+            expect(page.find('.flash-notice'))
+              .to have_content 'Trigger was successfully updated.'
+          end
+        end
       end
 
       context 'disabling schedule' do

spec/finders/pipelines_finder_spec.rb

@@ -3,50 +3,205 @@ require 'spec_helper'
 describe PipelinesFinder do
   let(:project) { create(:project, :repository) }
 
-  let!(:tag_pipeline)    { create(:ci_pipeline, project: project, ref: 'v1.0.0') }
-  let!(:branch_pipeline) { create(:ci_pipeline, project: project) }
-
-  subject { described_class.new(project).execute(params) }
+  subject { described_class.new(project, params).execute }
 
   describe "#execute" do
-    context 'when a scope is passed' do
-      context 'when scope is nil' do
-        let(:params) { { scope: nil } }
+    context 'when params is empty' do
+      let(:params) { {} }
+      let!(:pipelines) { create_list(:ci_pipeline, 2, project: project) }
+
+      it 'returns all pipelines' do
+        is_expected.to match_array(pipelines)
+      end
+    end
+
+    %w[running pending].each do |target|
+      context "when scope is #{target}" do
+        let(:params) { { scope: target } }
+        let!(:pipeline) { create(:ci_pipeline, project: project, status: target) }
 
-        it 'selects all pipelines' do
-          expect(subject.count).to be 2
-          expect(subject).to include tag_pipeline
-          expect(subject).to include branch_pipeline
+        it 'returns matched pipelines' do
+          is_expected.to eq([pipeline])
         end
       end
+    end
+
+    context 'when scope is finished' do
+      let(:params) { { scope: 'finished' } }
+      let!(:pipelines) do
+        [create(:ci_pipeline, project: project, status: 'success'),
+         create(:ci_pipeline, project: project, status: 'failed'),
+         create(:ci_pipeline, project: project, status: 'canceled')]
+      end
 
-      context 'when selecting branches' do
+      it 'returns matched pipelines' do
+        is_expected.to match_array(pipelines)
+      end
+    end
+
+    context 'when scope is branches or tags' do
+      let!(:pipeline_branch) { create(:ci_pipeline, project: project) }
+      let!(:pipeline_tag) { create(:ci_pipeline, project: project, ref: 'v1.0.0', tag: true) }
+
+      context 'when scope is branches' do
         let(:params) { { scope: 'branches' } }
 
-        it 'excludes tags' do
-          expect(subject).not_to include tag_pipeline
-          expect(subject).to     include branch_pipeline
+        it 'returns matched pipelines' do
+          is_expected.to eq([pipeline_branch])
         end
       end
 
-      context 'when selecting tags' do
+      context 'when scope is tags' do
         let(:params) { { scope: 'tags' } }
 
-        it 'excludes branches' do
-          expect(subject).to     include tag_pipeline
-          expect(subject).not_to include branch_pipeline
+        it 'returns matched pipelines' do
+          is_expected.to eq([pipeline_tag])
+        end
+      end
+    end
+
+    HasStatus::AVAILABLE_STATUSES.each do |target|
+      context "when status is #{target}" do
+        let(:params) { { status: target } }
+        let!(:pipeline) { create(:ci_pipeline, project: project, status: target) }
+
+        before do
+          exception_status = HasStatus::AVAILABLE_STATUSES - [target]
+          create(:ci_pipeline, project: project, status: exception_status.first)
+        end
+
+        it 'returns matched pipelines' do
+          is_expected.to eq([pipeline])
+        end
+      end
+    end
+
+    context 'when ref is specified' do
+      let!(:pipeline) { create(:ci_pipeline, project: project) }
+
+      context 'when ref exists' do
+        let(:params) { { ref: 'master' } }
+
+        it 'returns matched pipelines' do
+          is_expected.to eq([pipeline])
+        end
+      end
+
+      context 'when ref does not exist' do
+        let(:params) { { ref: 'invalid-ref' } }
+
+        it 'returns empty' do
+          is_expected.to be_empty
+        end
+      end
+    end
+
+    context 'when name is specified' do
+      let(:user) { create(:user) }
+      let!(:pipeline) { create(:ci_pipeline, project: project, user: user) }
+
+      context 'when name exists' do
+        let(:params) { { name: user.name } }
+
+        it 'returns matched pipelines' do
+          is_expected.to eq([pipeline])
+        end
+      end
+
+      context 'when name does not exist' do
+        let(:params) { { name: 'invalid-name' } }
+
+        it 'returns empty' do
+          is_expected.to be_empty
+        end
+      end
+    end
+
+    context 'when username is specified' do
+      let(:user) { create(:user) }
+      let!(:pipeline) { create(:ci_pipeline, project: project, user: user) }
+
+      context 'when username exists' do
+        let(:params) { { username: user.username } }
+
+        it 'returns matched pipelines' do
+          is_expected.to eq([pipeline])
+        end
+      end
+
+      context 'when username does not exist' do
+        let(:params) { { username: 'invalid-username' } }
+
+        it 'returns empty' do
+          is_expected.to be_empty
+        end
+      end
+    end
+
+    context 'when yaml_errors is specified' do
+      let!(:pipeline1) { create(:ci_pipeline, project: project, yaml_errors: 'Syntax error') }
+      let!(:pipeline2) { create(:ci_pipeline, project: project) }
+
+      context 'when yaml_errors is true' do
+        let(:params) { { yaml_errors: true } }
+
+        it 'returns matched pipelines' do
+          is_expected.to eq([pipeline1])
+        end
+      end
+
+      context 'when yaml_errors is false' do
+        let(:params) { { yaml_errors: false } }
+
+        it 'returns matched pipelines' do
+          is_expected.to eq([pipeline2])
+        end
+      end
+
+      context 'when yaml_errors is invalid' do
+        let(:params) { { yaml_errors: "invalid-yaml_errors" } }
+
+        it 'returns all pipelines' do
+          is_expected.to match_array([pipeline1, pipeline2])
         end
       end
     end
 
-    # Scoping to pending will speed up the test as it doesn't hit the FS
-    let(:params) { { scope: 'pending' } }
+    context 'when order_by and sort are specified' do
+      context 'when order_by user_id' do
+        let(:params) { { order_by: 'user_id', sort: 'asc' } }
+        let!(:pipelines) { create_list(:ci_pipeline, 2, project: project, user: create(:user)) }
+
+        it 'sorts as user_id: :asc' do
+          is_expected.to match_array(pipelines)
+        end
 
-    it 'orders in descending order on ID' do
-      feature_pipeline = create(:ci_pipeline, project: project, ref: 'feature')
+        context 'when sort is invalid' do
+          let(:params) { { order_by: 'user_id', sort: 'invalid_sort' } }
 
-      expected_ids = [feature_pipeline.id, branch_pipeline.id, tag_pipeline.id].sort.reverse
-      expect(subject.map(&:id)).to eq expected_ids
+          it 'sorts as user_id: :desc' do
+            is_expected.to eq(pipelines.sort_by { |p| -p.user.id })
+          end
+        end
+      end
+
+      context 'when order_by is invalid' do
+        let(:params) { { order_by: 'invalid_column', sort: 'asc' } }
+        let!(:pipelines) { create_list(:ci_pipeline, 2, project: project) }
+
+        it 'sorts as id: :asc' do
+          is_expected.to eq(pipelines.sort_by { |p| p.id })
+        end
+      end
+
+      context 'when both are nil' do
+        let(:params) { { order_by: nil, sort: nil } }
+        let!(:pipelines) { create_list(:ci_pipeline, 2, project: project) }
+
+        it 'sorts as id: :desc' do
+          is_expected.to eq(pipelines.sort_by { |p| -p.id })
+        end
+      end
     end
   end
 end

spec/lib/gitlab/ci/cron_parser_spec.rb

@@ -60,14 +60,60 @@ describe Gitlab::Ci::CronParser do
         end
       end
 
+      context 'when cron_timezone is TZInfo format' do
+        before do
+          allow(Time).to receive(:zone)
+            .and_return(ActiveSupport::TimeZone['UTC'])
+        end
+
+        let(:hour_in_utc) do
+          ActiveSupport::TimeZone[cron_timezone]
+            .now.change(hour: 0).in_time_zone('UTC').hour
+        end
+
         context 'when cron_timezone is US/Pacific' do
-        let(:cron) { '0 0 * * *' }
+          let(:cron) { '* 0 * * *' }
           let(:cron_timezone) { 'US/Pacific' }
 
           it_behaves_like "returns time in the future"
 
           it 'converts time in server time zone' do
-          expect(subject.hour).to eq((Time.zone.now.in_time_zone(cron_timezone).utc_offset / 60 / 60).abs)
+            expect(subject.hour).to eq(hour_in_utc)
+          end
+        end
+      end
+
+      context 'when cron_timezone is ActiveSupport::TimeZone format' do
+        before do
+          allow(Time).to receive(:zone)
+            .and_return(ActiveSupport::TimeZone['UTC'])
+        end
+
+        let(:hour_in_utc) do
+          ActiveSupport::TimeZone[cron_timezone]
+            .now.change(hour: 0).in_time_zone('UTC').hour
+        end
+
+        context 'when cron_timezone is Berlin' do
+          let(:cron) { '* 0 * * *' }
+          let(:cron_timezone) { 'Berlin' }
+
+          it_behaves_like "returns time in the future"
+
+          it 'converts time in server time zone' do
+            expect(subject.hour).to eq(hour_in_utc)
+          end
+        end
+
+        context 'when cron_timezone is Eastern Time (US & Canada)' do
+          let(:cron) { '* 0 * * *' }
+          let(:cron_timezone) { 'Eastern Time (US & Canada)' }
+
+          it_behaves_like "returns time in the future"
+
+          it 'converts time in server time zone' do
+            expect(subject.hour).to eq(hour_in_utc)
+          end
         end
       end
     end
@@ -76,9 +122,21 @@ describe Gitlab::Ci::CronParser do
       let(:cron) { 'invalid_cron' }
       let(:cron_timezone) { 'invalid_cron_timezone' }
 
-      it 'returns nil' do
-        is_expected.to be_nil
+      it { is_expected.to be_nil }
     end
+
+    context 'when cron syntax is quoted' do
+      let(:cron) { "'0 * * * *'" }
+      let(:cron_timezone) { 'UTC' }
+
+      it { expect(subject).to be_nil }
+    end
+
+    context 'when cron syntax is rufus-scheduler syntax' do
+      let(:cron) { 'every 3h' }
+      let(:cron_timezone) { 'UTC' }
+
+      it { expect(subject).to be_nil }
     end
   end
 
@@ -96,6 +154,12 @@ describe Gitlab::Ci::CronParser do
 
       it { is_expected.to eq(false) }
     end
+
+    context 'when cron syntax is quoted' do
+      let(:cron) { "'0 * * * *'" }
+
+      it { is_expected.to eq(false) }
+    end
   end
 
   describe '#cron_timezone_valid?' do
@@ -112,5 +176,11 @@ describe Gitlab::Ci::CronParser do
 
       it { is_expected.to eq(false) }
     end
+
+    context 'when cron_timezone is ActiveSupport::TimeZone format' do
+      let(:cron_timezone) { 'Eastern Time (US & Canada)' }
+
+      it { is_expected.to eq(true) }
+    end
   end
 end

spec/lib/gitlab/import_export/project_tree_saver_spec.rb

@@ -6,7 +6,7 @@ describe Gitlab::ImportExport::ProjectTreeSaver, services: true do
     let(:project_tree_saver) { described_class.new(project: project, current_user: user, shared: shared) }
     let(:export_path) { "#{Dir.tmpdir}/project_tree_saver_spec" }
     let(:user) { create(:user) }
-    let(:project) { setup_project }
+    let!(:project) { setup_project }
 
     before do
       project.team << [user, :master]
@@ -219,7 +219,7 @@ describe Gitlab::ImportExport::ProjectTreeSaver, services: true do
                      releases: [release],
                      group: group
                     )
-    project.update(description_html: 'description')
+    project.update_column(:description_html, 'description')
     project_label = create(:label, project: project)
     group_label = create(:group_label, group: group)
     create(:label_link, label: project_label, target: issue)

spec/models/ci/trigger_schedule_spec.rb

@@ -73,4 +73,36 @@ describe Ci::TriggerSchedule, models: true do
       end
     end
   end
+
+  describe '#real_next_run' do
+    subject do
+      Ci::TriggerSchedule.last.real_next_run(worker_cron: worker_cron,
+                                             worker_time_zone: worker_time_zone)
+    end
+
+    context 'when GitLab time_zone is UTC' do
+      before do
+        allow(Time).to receive(:zone)
+          .and_return(ActiveSupport::TimeZone[worker_time_zone])
+      end
+
+      let(:worker_time_zone) { 'UTC' }
+
+      context 'when cron_timezone is Eastern Time (US & Canada)' do
+        before do
+          create(:ci_trigger_schedule, :nightly,
+                  cron_timezone: 'Eastern Time (US & Canada)')
+        end
+
+        let(:worker_cron) { '0 1 2 3 *' }
+
+        it 'returns the next time worker executes' do
+          expect(subject.min).to eq(0)
+          expect(subject.hour).to eq(1)
+          expect(subject.day).to eq(2)
+          expect(subject.month).to eq(3)
+        end
+      end
+    end
+  end
 end

spec/requests/api/pipelines_spec.rb

@@ -24,6 +24,245 @@ describe API::Pipelines do
         expect(json_response.first['id']).to eq pipeline.id
         expect(json_response.first.keys).to contain_exactly(*%w[id sha ref status])
       end
+
+      context 'when parameter is passed' do
+        %w[running pending].each do |target|
+          context "when scope is #{target}" do
+            before do
+              create(:ci_pipeline, project: project, status: target)
+            end
+
+            it 'returns matched pipelines' do
+              get api("/projects/#{project.id}/pipelines", user), scope: target
+
+              expect(response).to have_http_status(:ok)
+              expect(response).to include_pagination_headers
+              expect(json_response).not_to be_empty
+              json_response.each { |r| expect(r['status']).to eq(target) }
+            end
+          end
+        end
+
+        context 'when scope is finished' do
+          before do
+            create(:ci_pipeline, project: project, status: 'success')
+            create(:ci_pipeline, project: project, status: 'failed')
+            create(:ci_pipeline, project: project, status: 'canceled')
+          end
+
+          it 'returns matched pipelines' do
+            get api("/projects/#{project.id}/pipelines", user), scope: 'finished'
+
+            expect(response).to have_http_status(:ok)
+            expect(response).to include_pagination_headers
+            expect(json_response).not_to be_empty
+            json_response.each { |r| expect(r['status']).to be_in(%w[success failed canceled]) }
+          end
+        end
+
+        context 'when scope is branches or tags' do
+          let!(:pipeline_branch) { create(:ci_pipeline, project: project) }
+          let!(:pipeline_tag) { create(:ci_pipeline, project: project, ref: 'v1.0.0', tag: true) }
+
+          context 'when scope is branches' do
+            it 'returns matched pipelines' do
+              get api("/projects/#{project.id}/pipelines", user), scope: 'branches'
+
+              expect(response).to have_http_status(:ok)
+              expect(response).to include_pagination_headers
+              expect(json_response).not_to be_empty
+              expect(json_response.last['id']).to eq(pipeline_branch.id)
+            end
+          end
+
+          context 'when scope is tags' do
+            it 'returns matched pipelines' do
+              get api("/projects/#{project.id}/pipelines", user), scope: 'tags'
+
+              expect(response).to have_http_status(:ok)
+              expect(response).to include_pagination_headers
+              expect(json_response).not_to be_empty
+              expect(json_response.last['id']).to eq(pipeline_tag.id)
+            end
+          end
+        end
+
+        context 'when scope is invalid' do
+          it 'returns bad_request' do
+            get api("/projects/#{project.id}/pipelines", user), scope: 'invalid-scope'
+
+            expect(response).to have_http_status(:bad_request)
+          end
+        end
+
+        HasStatus::AVAILABLE_STATUSES.each do |target|
+          context "when status is #{target}" do
+            before do
+              create(:ci_pipeline, project: project, status: target)
+              exception_status = HasStatus::AVAILABLE_STATUSES - [target]
+              create(:ci_pipeline, project: project, status: exception_status.sample)
+            end
+
+            it 'returns matched pipelines' do
+              get api("/projects/#{project.id}/pipelines", user), status: target
+
+              expect(response).to have_http_status(:ok)
+              expect(response).to include_pagination_headers
+              expect(json_response).not_to be_empty
+              json_response.each { |r| expect(r['status']).to eq(target) }
+            end
+          end
+        end
+
+        context 'when status is invalid' do
+          it 'returns bad_request' do
+            get api("/projects/#{project.id}/pipelines", user), status: 'invalid-status'
+
+            expect(response).to have_http_status(:bad_request)
+          end
+        end
+
+        context 'when ref is specified' do
+          before do
+            create(:ci_pipeline, project: project)
+          end
+
+          context 'when ref exists' do
+            it 'returns matched pipelines' do
+              get api("/projects/#{project.id}/pipelines", user), ref: 'master'
+
+              expect(response).to have_http_status(:ok)
+              expect(response).to include_pagination_headers
+              expect(json_response).not_to be_empty
+              json_response.each { |r| expect(r['ref']).to eq('master') }
+            end
+          end
+
+          context 'when ref does not exist' do
+            it 'returns empty' do
+              get api("/projects/#{project.id}/pipelines", user), ref: 'invalid-ref'
+
+              expect(response).to have_http_status(:ok)
+              expect(response).to include_pagination_headers
+              expect(json_response).to be_empty
+            end
+          end
+        end
+
+        context 'when name is specified' do
+          let!(:pipeline) { create(:ci_pipeline, project: project, user: user) }
+
+          context 'when name exists' do
+            it 'returns matched pipelines' do
+              get api("/projects/#{project.id}/pipelines", user), name: user.name
+
+              expect(response).to have_http_status(:ok)
+              expect(response).to include_pagination_headers
+              expect(json_response.first['id']).to eq(pipeline.id)
+            end
+          end
+
+          context 'when name does not exist' do
+            it 'returns empty' do
+              get api("/projects/#{project.id}/pipelines", user), name: 'invalid-name'
+
+              expect(response).to have_http_status(:ok)
+              expect(response).to include_pagination_headers
+              expect(json_response).to be_empty
+            end
+          end
+        end
+
+        context 'when username is specified' do
+          let!(:pipeline) { create(:ci_pipeline, project: project, user: user) }
+
+          context 'when username exists' do
+            it 'returns matched pipelines' do
+              get api("/projects/#{project.id}/pipelines", user), username: user.username
+
+              expect(response).to have_http_status(:ok)
+              expect(response).to include_pagination_headers
+              expect(json_response.first['id']).to eq(pipeline.id)
+            end
+          end
+
+          context 'when username does not exist' do
+            it 'returns empty' do
+              get api("/projects/#{project.id}/pipelines", user), username: 'invalid-username'
+
+              expect(response).to have_http_status(:ok)
+              expect(response).to include_pagination_headers
+              expect(json_response).to be_empty
+            end
+          end
+        end
+
+        context 'when yaml_errors is specified' do
+          let!(:pipeline1) { create(:ci_pipeline, project: project, yaml_errors: 'Syntax error') }
+          let!(:pipeline2) { create(:ci_pipeline, project: project) }
+
+          context 'when yaml_errors is true' do
+            it 'returns matched pipelines' do
+              get api("/projects/#{project.id}/pipelines", user), yaml_errors: true
+
+              expect(response).to have_http_status(:ok)
+              expect(response).to include_pagination_headers
+              expect(json_response.first['id']).to eq(pipeline1.id)
+            end
+          end
+
+          context 'when yaml_errors is false' do
+            it 'returns matched pipelines' do
+              get api("/projects/#{project.id}/pipelines", user), yaml_errors: false
+
+              expect(response).to have_http_status(:ok)
+              expect(response).to include_pagination_headers
+              expect(json_response.first['id']).to eq(pipeline2.id)
+            end
+          end
+
+          context 'when yaml_errors is invalid' do
+            it 'returns bad_request' do
+              get api("/projects/#{project.id}/pipelines", user), yaml_errors: 'invalid-yaml_errors'
+
+              expect(response).to have_http_status(:bad_request)
+            end
+          end
+        end
+
+        context 'when order_by and sort are specified' do
+          context 'when order_by user_id' do
+            let!(:pipeline) { create_list(:ci_pipeline, 2, project: project, user: create(:user)) }
+
+            it 'sorts as user_id: :asc' do
+              get api("/projects/#{project.id}/pipelines", user), order_by: 'user_id', sort: 'asc'
+
+              expect(response).to have_http_status(:ok)
+              expect(response).to include_pagination_headers
+              expect(json_response).not_to be_empty
+              pipeline.sort_by { |p| p.user.id }.tap do |sorted_pipeline|
+                json_response.each_with_index { |r, i| expect(r['id']).to eq(sorted_pipeline[i].id) }
+              end
+            end
+
+            context 'when sort is invalid' do
+              it 'returns bad_request' do
+                get api("/projects/#{project.id}/pipelines", user), order_by: 'user_id', sort: 'invalid_sort'
+
+                expect(response).to have_http_status(:bad_request)
+              end
+            end
+          end
+
+          context 'when order_by is invalid' do
+            it 'returns bad_request' do
+              get api("/projects/#{project.id}/pipelines", user), order_by: 'lock_version', sort: 'asc'
+
+              expect(response).to have_http_status(:bad_request)
+            end
+          end
+        end
+      end
     end
 
     context 'unauthorized user' do

spec/services/projects/enable_deploy_key_service_spec.rb

@@ -21,6 +21,16 @@ describe Projects::EnableDeployKeyService, services: true do
     end
   end
 
+  context 'add the same key twice' do
+    before do
+      project.deploy_keys << deploy_key
+    end
+
+    it 'returns existing key' do
+      expect(service.execute).to eq(deploy_key)
+    end
+  end
+
   def service
     Projects::EnableDeployKeyService.new(project, user, params)
   end

spec/support/milestone_tabs_examples.rb

+shared_examples 'milestone tabs' do
+  def go(path, extra_params = {})
+    params = if milestone.is_a?(GlobalMilestone)
+               { group_id: group.id, id: milestone.safe_title, title: milestone.title }
+             else
+               { namespace_id: project.namespace.to_param, project_id: project, id: milestone.iid }
+             end
+
+    get path, params.merge(extra_params)
+  end
+
+  describe '#merge_requests' do
+    context 'as html' do
+      before { go(:merge_requests, format: 'html') }
+
+      it 'redirects to milestone#show' do
+        expect(response).to redirect_to(milestone_path)
+      end
+    end
+
+    context 'as json' do
+      before { go(:merge_requests, format: 'json') }
+
+      it 'renders the merge requests tab template to a string' do
+        expect(response).to render_template('shared/milestones/_merge_requests_tab')
+        expect(json_response).to have_key('html')
+      end
+    end
+  end
+
+  describe '#participants' do
+    context 'as html' do
+      before { go(:participants, format: 'html') }
+
+      it 'redirects to milestone#show' do
+        expect(response).to redirect_to(milestone_path)
+      end
+    end
+
+    context 'as json' do
+      before { go(:participants, format: 'json') }
+
+      it 'renders the participants tab template to a string' do
+        expect(response).to render_template('shared/milestones/_participants_tab')
+        expect(json_response).to have_key('html')
+      end
+    end
+  end
+
+  describe '#labels' do
+    context 'as html' do
+      before { go(:labels, format: 'html') }
+
+      it 'redirects to milestone#show' do
+        expect(response).to redirect_to(milestone_path)
+      end
+    end
+
+    context 'as json' do
+      before { go(:labels, format: 'json') }
+
+      it 'renders the labels tab template to a string' do
+        expect(response).to render_template('shared/milestones/_labels_tab')
+        expect(json_response).to have_key('html')
+      end
+    end
+  end
+end

spec/views/projects/commit/show.html.haml_spec.rb

+require 'spec_helper'
+
+describe 'projects/commit/show.html.haml', :view do
+  let(:project) { create(:project, :repository) }
+
+  before do
+    assign(:project, project)
+    assign(:repository, project.repository)
+    assign(:commit, project.commit)
+    assign(:noteable, project.commit)
+    assign(:notes, [])
+    assign(:diffs, project.commit.diffs)
+
+    allow(view).to receive(:current_user).and_return(nil)
+    allow(view).to receive(:can?).and_return(false)
+    allow(view).to receive(:can_collaborate_with_project?).and_return(false)
+    allow(view).to receive(:current_ref).and_return(project.repository.root_ref)
+    allow(view).to receive(:diff_btn).and_return('')
+  end
+
+  context 'inline diff view' do
+    before do
+      allow(view).to receive(:diff_view).and_return(:inline)
+
+      render
+    end
+
+    it 'keeps container-limited' do
+      expect(rendered).not_to have_selector('.limit-container-width')
+    end
+  end
+
+  context 'parallel diff view' do
+    before do
+      allow(view).to receive(:diff_view).and_return(:parallel)
+
+      render
+    end
+
+    it 'spans full width' do
+      expect(rendered).to have_selector('.limit-container-width')
+    end
+  end
+end