Merge branch 'ee-resolve-lib-gitlab-differences' into 'master'

EE: Move EE specific code out of lib/gitlab

Closes #5964, #6023, #6661, and #6662

See merge request gitlab-org/gitlab-ee!9831

ee/lib/ee/audit/group_changes_auditor.rb

@@ -33,8 +33,8 @@ module EE
           }
         when :project_creation_level
           {
-            from: ::EE::Gitlab::Access.level_name(old),
-            to: ::EE::Gitlab::Access.level_name(new)
+            from: ::Gitlab::Access.level_name(old),
+            to: ::Gitlab::Access.level_name(new)
           }
         when :plan_id
           {

ee/lib/ee/gitlab/access.rb

@@ -8,23 +8,26 @@
 module EE
   module Gitlab
     module Access
-      extend self
+      extend ActiveSupport::Concern
 
       # Default project creation level
       NO_ONE_PROJECT_ACCESS = 0
       MAINTAINER_PROJECT_ACCESS = 1
       DEVELOPER_MAINTAINER_PROJECT_ACCESS = 2
+      ADMIN = 60
 
-      def project_creation_options
-        {
-          s_('ProjectCreationLevel|No one') => NO_ONE_PROJECT_ACCESS,
-          s_('ProjectCreationLevel|Maintainers') => MAINTAINER_PROJECT_ACCESS,
-          s_('ProjectCreationLevel|Developers + Maintainers') => DEVELOPER_MAINTAINER_PROJECT_ACCESS
-        }
-      end
+      class_methods do
+        def project_creation_options
+          {
+            s_('ProjectCreationLevel|No one') => NO_ONE_PROJECT_ACCESS,
+            s_('ProjectCreationLevel|Maintainers') => MAINTAINER_PROJECT_ACCESS,
+            s_('ProjectCreationLevel|Developers + Maintainers') => DEVELOPER_MAINTAINER_PROJECT_ACCESS
+          }
+        end
 
-      def level_name(name)
-        project_creation_options.key(name)
+        def level_name(name)
+          project_creation_options.key(name)
+        end
       end
     end
   end

ee/lib/ee/gitlab/background_migration/populate_import_state.rb

+# frozen_string_literal: true
+
+module EE
+  module Gitlab
+    module BackgroundMigration
+      module PopulateImportState
+        extend ::Gitlab::Utils::Override
+
+        override :move_attributes_data_to_import_state
+        def move_attributes_data_to_import_state(start_id, end_id)
+          Rails.logger.info("#{self.class.name} - Moving import attributes data to project mirror data table: #{start_id} - #{end_id}")
+
+          ActiveRecord::Base.connection.execute <<~SQL
+            INSERT INTO project_mirror_data (project_id, status, jid, last_update_at, last_successful_update_at, last_error)
+            SELECT id, import_status, import_jid, mirror_last_update_at, mirror_last_successful_update_at, import_error
+            FROM projects
+            WHERE projects.import_status != 'none'
+            AND projects.id BETWEEN #{start_id} AND #{end_id}
+            AND NOT EXISTS (
+              SELECT id
+              FROM project_mirror_data
+              WHERE project_id = projects.id
+            )
+          SQL
+
+          ActiveRecord::Base.connection.execute <<~SQL
+            UPDATE projects
+            SET import_status = 'none'
+            WHERE import_status != 'none'
+            AND id BETWEEN #{start_id} AND #{end_id}
+          SQL
+        end
+      end
+    end
+  end
+end

ee/lib/ee/gitlab/background_migration/rollback_import_state_data.rb

+# frozen_string_literal: true
+
+module EE
+  module Gitlab
+    module BackgroundMigration
+      module RollbackImportStateData
+        extend ::Gitlab::Utils::Override
+
+        override :move_attributes_data_to_project
+        def move_attributes_data_to_project(start_id, end_id)
+          Rails.logger.info("#{self.class.name} - Moving import attributes data to projects table: #{start_id} - #{end_id}")
+
+          if ::Gitlab::Database.mysql?
+            ActiveRecord::Base.connection.execute <<~SQL
+              UPDATE projects, project_mirror_data
+              SET
+                projects.import_status = project_mirror_data.status,
+                projects.import_jid = project_mirror_data.jid,
+                projects.mirror_last_update_at = project_mirror_data.last_update_at,
+                projects.mirror_last_successful_update_at = project_mirror_data.last_successful_update_at,
+                projects.import_error = project_mirror_data.last_error
+              WHERE project_mirror_data.project_id = projects.id
+              AND project_mirror_data.id BETWEEN #{start_id} AND #{end_id}
+            SQL
+          else
+            ActiveRecord::Base.connection.execute <<~SQL
+              UPDATE projects
+              SET
+                import_status = project_mirror_data.status,
+                import_jid = project_mirror_data.jid,
+                mirror_last_update_at = project_mirror_data.last_update_at,
+                mirror_last_successful_update_at = project_mirror_data.last_successful_update_at,
+                import_error = project_mirror_data.last_error
+              FROM project_mirror_data
+              WHERE project_mirror_data.project_id = projects.id
+              AND project_mirror_data.id BETWEEN #{start_id} AND #{end_id}
+            SQL
+          end
+        end
+      end
+    end
+  end
+end

ee/lib/ee/gitlab/ci/pipeline/chain/validate/abilities.rb

+# frozen_string_literal: true
+
+module EE
+  module Gitlab
+    module Ci
+      module Pipeline
+        module Chain
+          module Validate
+            module Abilities
+              extend ::Gitlab::Utils::Override
+
+              override :perform!
+              def perform!
+                # We check for `builds_enabled?` here so that this error does
+                # not get produced before the "pipelines are disabled" error.
+                if project.builds_enabled? &&
+                    (command.allow_mirror_update && !project.mirror_trigger_builds?)
+                  return error('Pipeline is disabled for mirror updates')
+                end
+
+                super
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

ee/lib/ee/gitlab/database.rb

@@ -3,41 +3,45 @@
 module EE
   module Gitlab
     module Database
-      extend ::Gitlab::Utils::Override
+      extend ActiveSupport::Concern
 
-      override :read_only?
-      def read_only?
-        ::Gitlab::Geo.secondary?
-      end
+      class_methods do
+        extend ::Gitlab::Utils::Override
 
-      def healthy?
-        return true unless postgresql?
+        override :read_only?
+        def read_only?
+          ::Gitlab::Geo.secondary?
+        end
 
-        !Postgresql::ReplicationSlot.lag_too_great?
-      end
+        def healthy?
+          return true unless postgresql?
 
-      # Disables prepared statements for the current database connection.
-      def disable_prepared_statements
-        config = ActiveRecord::Base.configurations[Rails.env]
-        config['prepared_statements'] = false
+          !Postgresql::ReplicationSlot.lag_too_great?
+        end
 
-        ActiveRecord::Base.establish_connection(config)
-      end
+        # Disables prepared statements for the current database connection.
+        def disable_prepared_statements
+          config = ActiveRecord::Base.configurations[Rails.env]
+          config['prepared_statements'] = false
+
+          ActiveRecord::Base.establish_connection(config)
+        end
 
-      override :add_post_migrate_path_to_rails
-      def add_post_migrate_path_to_rails(force: false)
-        super
+        override :add_post_migrate_path_to_rails
+        def add_post_migrate_path_to_rails(force: false)
+          super
 
-        migrate_paths = Rails.application.config.paths['db/migrate'].to_a
-        migrate_paths.each do |migrate_path|
-          relative_migrate_path = Pathname.new(migrate_path).realpath(Rails.root).relative_path_from(Rails.root)
-          ee_migrate_path = Rails.root.join('ee/', relative_migrate_path)
+          migrate_paths = Rails.application.config.paths['db/migrate'].to_a
+          migrate_paths.each do |migrate_path|
+            relative_migrate_path = Pathname.new(migrate_path).realpath(Rails.root).relative_path_from(Rails.root)
+            ee_migrate_path = Rails.root.join('ee/', relative_migrate_path)
 
-          next if relative_migrate_path.to_s.start_with?('ee/') ||
-              Rails.application.config.paths['db/migrate'].include?(ee_migrate_path.to_s)
+            next if relative_migrate_path.to_s.start_with?('ee/') ||
+                Rails.application.config.paths['db/migrate'].include?(ee_migrate_path.to_s)
 
-          Rails.application.config.paths['db/migrate'] << ee_migrate_path.to_s
-          ActiveRecord::Migrator.migrations_paths << ee_migrate_path.to_s
+            Rails.application.config.paths['db/migrate'] << ee_migrate_path.to_s
+            ActiveRecord::Migrator.migrations_paths << ee_migrate_path.to_s
+          end
         end
       end
     end

ee/lib/ee/gitlab/exclusive_lease.rb

+# frozen_string_literal: true
+
+module EE
+  module Gitlab
+    module ExclusiveLease
+      # Try to obtain the lease. Returns the UUID and current TTL, which will be
+      # zero if it's not taken.
+      # rubocop: disable Gitlab/ModuleWithInstanceVariables
+      def try_obtain_with_ttl
+        ::Gitlab::Redis::SharedState.with do |redis|
+          output = redis.set(@redis_shared_state_key, @uuid, nx: true, ex: @timeout) && @uuid
+
+          ttl = output ? 0 : redis.ttl(@redis_shared_state_key)
+
+          { ttl: [ttl, 0].max, uuid: output }
+        end
+      end
+      # rubocop: enable Gitlab/ModuleWithInstanceVariables
+
+      # Returns true if the UUID for the key hasn't changed.
+      # rubocop: disable Gitlab/ModuleWithInstanceVariables
+      def same_uuid?
+        ::Gitlab::Redis::SharedState.with do |redis|
+          redis.get(@redis_shared_state_key) == @uuid
+        end
+      end
+      # rubocop: enable Gitlab/ModuleWithInstanceVariables
+    end
+  end
+end

ee/lib/ee/gitlab/favicon.rb

+# frozen_string_literal: true
+
+module EE
+  module Gitlab
+    module Favicon
+      extend ActiveSupport::Concern
+
+      class_methods do
+        extend ::Gitlab::Utils::Override
+
+        override :development_favicon
+        def development_favicon
+          'favicon-green.png'
+        end
+      end
+    end
+  end
+end

ee/lib/ee/gitlab/git_access.rb

@@ -5,6 +5,8 @@ module EE
     module GitAccess
       prepend GeoGitAccess
       extend ::Gitlab::Utils::Override
+      include ActionView::Helpers::SanitizeHelper
+      include PathLocksHelper
 
       override :check
       def check(cmd, changes)

ee/lib/ee/gitlab/object_hierarchy.rb

+# frozen_string_literal: true
+
+module EE
+  module Gitlab
+    module ObjectHierarchy
+      # rubocop: disable CodeReuse/ActiveRecord
+      def roots
+        base_and_ancestors.where(namespaces: { parent_id: nil })
+      end
+      # rubocop: enable CodeReuse/ActiveRecord
+    end
+  end
+end

ee/lib/ee/gitlab/path_regex.rb

+# frozen_string_literal: true
+
+module EE
+  module Gitlab
+    module PathRegex
+      extend ActiveSupport::Concern
+
+      class_methods do
+        def saml_callback_regex
+          @saml_callback_regex ||= %r(\A\/groups\/(?<group>#{full_namespace_route_regex})\/\-\/saml\/callback\z).freeze
+        end
+      end
+    end
+  end
+end

ee/lib/ee/gitlab/regex.rb

@@ -3,41 +3,45 @@
 module EE
   module Gitlab
     module Regex
-      def environment_scope_regex_chars
-        "#{environment_name_regex_chars}\\*"
-      end
+      extend ActiveSupport::Concern
 
-      def environment_scope_regex
-        @environment_scope_regex ||= /\A[#{environment_scope_regex_chars}]+\z/.freeze
-      end
+      class_methods do
+        def environment_scope_regex_chars
+          "#{environment_name_regex_chars}\\*"
+        end
 
-      def environment_scope_regex_message
-        "can contain only letters, digits, '-', '_', '/', '$', '{', '}', '.', '*' and spaces"
-      end
+        def environment_scope_regex
+          @environment_scope_regex ||= /\A[#{environment_scope_regex_chars}]+\z/.freeze
+        end
 
-      def package_name_regex
-        @package_name_regex ||= %r{\A\@?(([\w\-\.]*)/)*([\w\-\.]*)\z}.freeze
-      end
+        def environment_scope_regex_message
+          "can contain only letters, digits, '-', '_', '/', '$', '{', '}', '.', '*' and spaces"
+        end
 
-      def maven_path_regex
-        @maven_path_regex ||= %r{\A\@?(([\w\-\.]*)/)*([\w\-\.\+]*)\z}.freeze
-      end
+        def package_name_regex
+          @package_name_regex ||= %r{\A\@?(([\w\-\.]*)/)*([\w\-\.]*)\z}.freeze
+        end
 
-      def maven_app_name_regex
-        @maven_app_name_regex ||= /\A[\w\-\.]+\z/.freeze
-      end
+        def maven_path_regex
+          @maven_path_regex ||= %r{\A\@?(([\w\-\.]*)/)*([\w\-\.\+]*)\z}.freeze
+        end
 
-      def maven_app_group_regex
-        maven_app_name_regex
-      end
+        def maven_app_name_regex
+          @maven_app_name_regex ||= /\A[\w\-\.]+\z/.freeze
+        end
 
-      def feature_flag_regex
-        /\A[a-z]([-_a-z0-9]*[a-z0-9])?\z/
-      end
+        def maven_app_group_regex
+          maven_app_name_regex
+        end
+
+        def feature_flag_regex
+          /\A[a-z]([-_a-z0-9]*[a-z0-9])?\z/
+        end
 
-      def feature_flag_regex_message
-        "can contain only lowercase letters, digits, '_' and '-'. " \
-        "Must start with a letter, and cannot end with '-' or '_'"
+        def feature_flag_regex_message
+          "can contain only lowercase letters, digits, '_' and '-'. " \
+          "Must start with a letter, and cannot end with '-' or '_'"
+        end
       end
     end
   end

ee/lib/ee/gitlab/usage_data.rb

@@ -3,142 +3,146 @@
 module EE
   module Gitlab
     module UsageData
-      extend ::Gitlab::Utils::Override
+      extend ActiveSupport::Concern
 
-      override :features_usage_data
-      def features_usage_data
-        super.merge(features_usage_data_ee)
-      end
-
-      def features_usage_data_ee
-        {
-          elasticsearch_enabled: ::Gitlab::CurrentSettings.elasticsearch_search?,
-          geo_enabled: ::Gitlab::Geo.enabled?
-        }
-      end
+      class_methods do
+        extend ::Gitlab::Utils::Override
 
-      override :license_usage_data
-      def license_usage_data
-        usage_data = super
-        license = ::License.current
-        usage_data[:edition] =
-          if license
-            license.edition
-          else
-            'EE Free'
-          end
-
-        if license
-          usage_data[:license_md5] = license.md5
-          usage_data[:license_id] = license.license_id
-          usage_data[:historical_max_users] = ::HistoricalData.max_historical_user_count
-          usage_data[:licensee] = license.licensee
-          usage_data[:license_user_count] = license.restricted_user_count
-          usage_data[:license_starts_at] = license.starts_at
-          usage_data[:license_expires_at] = license.expires_at
-          usage_data[:license_plan] = license.plan
-          usage_data[:license_add_ons] = license.add_ons
-          usage_data[:license_trial] = license.trial?
+        override :features_usage_data
+        def features_usage_data
+          super.merge(features_usage_data_ee)
         end
 
-        usage_data
-      end
+        def features_usage_data_ee
+          {
+            elasticsearch_enabled: ::Gitlab::CurrentSettings.elasticsearch_search?,
+            geo_enabled: ::Gitlab::Geo.enabled?
+          }
+        end
 
-      # rubocop: disable CodeReuse/ActiveRecord
-      def projects_mirrored_with_pipelines_enabled
-        count(::Project.joins(:project_feature).where(
-                mirror: true,
-                mirror_trigger_builds: true,
-                project_features: {
-                  builds_access_level: ::ProjectFeature::ENABLED
-                }
-        ))
-      end
-      # rubocop: enable CodeReuse/ActiveRecord
+        override :license_usage_data
+        def license_usage_data
+          usage_data = super
+          license = ::License.current
+          usage_data[:edition] =
+            if license
+              license.edition
+            else
+              'EE Free'
+            end
 
-      # rubocop: disable CodeReuse/ActiveRecord
-      def service_desk_counts
-        return {} unless ::License.feature_available?(:service_desk)
+          if license
+            usage_data[:license_md5] = license.md5
+            usage_data[:license_id] = license.license_id
+            usage_data[:historical_max_users] = ::HistoricalData.max_historical_user_count
+            usage_data[:licensee] = license.licensee
+            usage_data[:license_user_count] = license.restricted_user_count
+            usage_data[:license_starts_at] = license.starts_at
+            usage_data[:license_expires_at] = license.expires_at
+            usage_data[:license_plan] = license.plan
+            usage_data[:license_add_ons] = license.add_ons
+            usage_data[:license_trial] = license.trial?
+          end
 
-        projects_with_service_desk = ::Project.where(service_desk_enabled: true)
+          usage_data
+        end
 
-        {
-          service_desk_enabled_projects: count(projects_with_service_desk),
-          service_desk_issues: count(::Issue.where(
-                                       project: projects_with_service_desk,
-                                       author: ::User.support_bot,
-                                       confidential: true
+        # rubocop: disable CodeReuse/ActiveRecord
+        def projects_mirrored_with_pipelines_enabled
+          count(::Project.joins(:project_feature).where(
+                  mirror: true,
+                  mirror_trigger_builds: true,
+                  project_features: {
+                    builds_access_level: ::ProjectFeature::ENABLED
+                  }
           ))
-        }
-      end
-      # rubocop: enable CodeReuse/ActiveRecord
-
-      # rubocop: disable CodeReuse/ActiveRecord
-      def security_products_usage
-        types = {
-          container_scanning: :container_scanning_jobs,
-          dast: :dast_jobs,
-          dependency_scanning: :dependency_scanning_jobs,
-          license_management: :license_management_jobs,
-          sast: :sast_jobs
-        }
-
-        results = count(::Ci::Build.where(name: types.keys).group(:name), fallback: Hash.new(-1))
-        results.each_with_object({}) { |(key, value), response| response[types[key.to_sym]] = value }
-      end
-      # rubocop: enable CodeReuse/ActiveRecord
-
-      # Note: when adding a preference, check if it's mapped to an attribute of a User model. If so, name
-      # the base key part after a corresponding User model attribute, use its possible values as suffix values.
-      override :user_preferences_usage
-      def user_preferences_usage
-        super.tap do |user_prefs_usage|
-          if ::Feature.enabled?(:group_overview_security_dashboard)
-            user_prefs_usage.merge!(
-              group_overview_details: count(::User.active.group_view_details),
-              group_overview_security_dashboard: count(::User.active.group_view_security_dashboard)
-            )
+        end
+        # rubocop: enable CodeReuse/ActiveRecord
+
+        # rubocop: disable CodeReuse/ActiveRecord
+        def service_desk_counts
+          return {} unless ::License.feature_available?(:service_desk)
+
+          projects_with_service_desk = ::Project.where(service_desk_enabled: true)
+
+          {
+            service_desk_enabled_projects: count(projects_with_service_desk),
+            service_desk_issues: count(::Issue.where(
+                                         project: projects_with_service_desk,
+                                         author: ::User.support_bot,
+                                         confidential: true
+            ))
+          }
+        end
+        # rubocop: enable CodeReuse/ActiveRecord
+
+        # rubocop: disable CodeReuse/ActiveRecord
+        def security_products_usage
+          types = {
+            container_scanning: :container_scanning_jobs,
+            dast: :dast_jobs,
+            dependency_scanning: :dependency_scanning_jobs,
+            license_management: :license_management_jobs,
+            sast: :sast_jobs
+          }
+
+          results = count(::Ci::Build.where(name: types.keys).group(:name), fallback: Hash.new(-1))
+          results.each_with_object({}) { |(key, value), response| response[types[key.to_sym]] = value }
+        end
+        # rubocop: enable CodeReuse/ActiveRecord
+
+        # Note: when adding a preference, check if it's mapped to an attribute of a User model. If so, name
+        # the base key part after a corresponding User model attribute, use its possible values as suffix values.
+        override :user_preferences_usage
+        def user_preferences_usage
+          super.tap do |user_prefs_usage|
+            if ::Feature.enabled?(:group_overview_security_dashboard)
+              user_prefs_usage.merge!(
+                group_overview_details: count(::User.active.group_view_details),
+                group_overview_security_dashboard: count(::User.active.group_view_security_dashboard)
+              )
+            end
           end
         end
-      end
 
-      override :system_usage_data
-      def system_usage_data
-        usage_data = super
-
-        usage_data[:counts] = usage_data[:counts].merge({
-          epics: count(::Epic),
-          feature_flags: count(Operations::FeatureFlag),
-          geo_nodes: count(::GeoNode),
-          ldap_group_links: count(::LdapGroupLink),
-          ldap_keys: count(::LDAPKey),
-          ldap_users: count(::User.ldap),
-          projects_reporting_ci_cd_back_to_github: count(::GithubService.without_defaults.active),
-          projects_mirrored_with_pipelines_enabled: projects_mirrored_with_pipelines_enabled,
-          projects_with_prometheus_alerts: count(PrometheusAlert.distinct_projects),
-          projects_with_packages: count(::Packages::Package.select('distinct project_id')),
-          projects_with_tracing_enabled: count(ProjectTracingSetting),
-          projects_enforcing_code_owner_approval: count(::Project.without_deleted.non_archived.requiring_code_owner_approval)
-        }).merge(service_desk_counts).merge(security_products_usage)
-
-        # MySql does not support recursive queries so we can't retrieve epics relationship depth
-        if ::Group.supports_nested_objects?
-          usage_data[:counts] = usage_data[:counts].merge(epics_deepest_relationship_level)
-        end
+        override :system_usage_data
+        def system_usage_data
+          usage_data = super
+
+          usage_data[:counts] = usage_data[:counts].merge({
+            epics: count(::Epic),
+            feature_flags: count(Operations::FeatureFlag),
+            geo_nodes: count(::GeoNode),
+            ldap_group_links: count(::LdapGroupLink),
+            ldap_keys: count(::LDAPKey),
+            ldap_users: count(::User.ldap),
+            projects_reporting_ci_cd_back_to_github: count(::GithubService.without_defaults.active),
+            projects_mirrored_with_pipelines_enabled: projects_mirrored_with_pipelines_enabled,
+            projects_with_prometheus_alerts: count(PrometheusAlert.distinct_projects),
+            projects_with_packages: count(::Packages::Package.select('distinct project_id')),
+            projects_with_tracing_enabled: count(ProjectTracingSetting),
+            projects_enforcing_code_owner_approval: count(::Project.without_deleted.non_archived.requiring_code_owner_approval)
+          }).merge(service_desk_counts).merge(security_products_usage)
+
+          # MySql does not support recursive queries so we can't retrieve epics relationship depth
+          if ::Group.supports_nested_objects?
+            usage_data[:counts] = usage_data[:counts].merge(epics_deepest_relationship_level)
+          end
 
-        usage_data
-      end
+          usage_data
+        end
 
-      override :jira_usage
-      def jira_usage
-        super.merge(
-          projects_jira_dvcs_cloud_active: count(ProjectFeatureUsage.with_jira_dvcs_integration_enabled),
-          projects_jira_dvcs_server_active: count(ProjectFeatureUsage.with_jira_dvcs_integration_enabled(cloud: false))
-        )
-      end
+        override :jira_usage
+        def jira_usage
+          super.merge(
+            projects_jira_dvcs_cloud_active: count(ProjectFeatureUsage.with_jira_dvcs_integration_enabled),
+            projects_jira_dvcs_server_active: count(ProjectFeatureUsage.with_jira_dvcs_integration_enabled(cloud: false))
+          )
+        end
 
-      def epics_deepest_relationship_level
-        { epics_deepest_relationship_level: ::Epic.deepest_relationship_level }
+        def epics_deepest_relationship_level
+          { epics_deepest_relationship_level: ::Epic.deepest_relationship_level }
+        end
       end
     end
   end

ee/spec/lib/ee/gitlab/ci/pipeline/chain/validate/abilities_spec.rb

+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::Ci::Pipeline::Chain::Validate::Abilities do
+  set(:project) { create(:project, :repository) }
+  set(:user) { create(:user) }
+
+  let(:pipeline) do
+    build_stubbed(:ci_pipeline, project: project)
+  end
+
+  let(:command) do
+    Gitlab::Ci::Pipeline::Chain::Command
+      .new(project: project, current_user: user, origin_ref: ref)
+  end
+
+  let(:step) { described_class.new(pipeline, command) }
+  let(:ref) { 'master' }
+
+  describe '#perform!' do
+    context 'when triggering builds for project mirrors is disabled' do
+      it 'returns an error' do
+        project.add_developer(user)
+
+        allow(command)
+          .to receive(:allow_mirror_update)
+          .and_return(true)
+
+        allow(project)
+          .to receive(:mirror_trigger_builds?)
+          .and_return(false)
+
+        step.perform!
+
+        expect(pipeline.errors.to_a)
+          .to include('Pipeline is disabled for mirror updates')
+      end
+    end
+  end
+end

lib/gitlab/access.rb

@@ -7,8 +7,6 @@
 #
 module Gitlab
   module Access
-    extend ::EE::Gitlab::Access # rubocop: disable Cop/InjectEnterpriseEditionModule
-
     AccessDeniedError = Class.new(StandardError)
 
     NO_ACCESS  = 0
@@ -19,7 +17,6 @@ module Gitlab
     # @deprecated
     MASTER     = MAINTAINER
     OWNER      = 50
-    ADMIN      = 60
 
     # Branch protection settings
     PROTECTION_NONE          = 0
@@ -89,3 +86,5 @@ module Gitlab
     end
   end
 end
+
+Gitlab::Access.prepend(EE::Gitlab::Access)

lib/gitlab/background_migration/populate_import_state.rb

@@ -15,8 +15,8 @@ module Gitlab
         Rails.logger.info("#{self.class.name} - Moving import attributes data to project mirror data table: #{start_id} - #{end_id}")
 
         ActiveRecord::Base.connection.execute <<~SQL
-          INSERT INTO project_mirror_data (project_id, status, jid, last_update_at, last_successful_update_at, last_error)
-          SELECT id, import_status, import_jid, mirror_last_update_at, mirror_last_successful_update_at, import_error
+          INSERT INTO project_mirror_data (project_id, status, jid, last_error)
+          SELECT id, import_status, import_jid, import_error
           FROM projects
           WHERE projects.import_status != 'none'
           AND projects.id BETWEEN #{start_id} AND #{end_id}
@@ -37,3 +37,5 @@ module Gitlab
     end
   end
 end
+
+Gitlab::BackgroundMigration::PopulateImportState.prepend(EE::Gitlab::BackgroundMigration::PopulateImportState)

lib/gitlab/background_migration/rollback_import_state_data.rb

@@ -18,8 +18,6 @@ module Gitlab
             SET
               projects.import_status = project_mirror_data.status,
               projects.import_jid = project_mirror_data.jid,
-              projects.mirror_last_update_at = project_mirror_data.last_update_at,
-              projects.mirror_last_successful_update_at = project_mirror_data.last_successful_update_at,
               projects.import_error = project_mirror_data.last_error
             WHERE project_mirror_data.project_id = projects.id
             AND project_mirror_data.id BETWEEN #{start_id} AND #{end_id}
@@ -30,8 +28,6 @@ module Gitlab
             SET
               import_status = project_mirror_data.status,
               import_jid = project_mirror_data.jid,
-              mirror_last_update_at = project_mirror_data.last_update_at,
-              mirror_last_successful_update_at = project_mirror_data.last_successful_update_at,
               import_error = project_mirror_data.last_error
             FROM project_mirror_data
             WHERE project_mirror_data.project_id = projects.id
@@ -42,3 +38,5 @@ module Gitlab
     end
   end
 end
+
+Gitlab::BackgroundMigration::RollbackImportStateData.prepend(EE::Gitlab::BackgroundMigration::RollbackImportStateData)

lib/gitlab/ci/pipeline/chain/command.rb

@@ -11,10 +11,7 @@ module Gitlab
           :trigger_request, :schedule, :merge_request,
           :ignore_skip_ci, :save_incompleted,
           :seeds_block, :variables_attributes, :push_options,
-          :chat_data,
-
-          # EE specific
-          :allow_mirror_update
+          :chat_data, :allow_mirror_update
         ) do
           include Gitlab::Utils::StrongMemoize
 

lib/gitlab/ci/pipeline/chain/validate/abilities.rb

@@ -14,10 +14,6 @@ module Gitlab
                 return error('Pipelines are disabled!')
               end
 
-              if @command.allow_mirror_update && !project.mirror_trigger_builds?
-                return error('Pipeline is disabled for mirror updates')
-              end
-
               unless allowed_to_trigger_pipeline?
                 if can?(current_user, :create_pipeline, project)
                   return error("Insufficient permissions for protected ref '#{command.ref}'")
@@ -58,3 +54,5 @@ module Gitlab
     end
   end
 end
+
+Gitlab::Ci::Pipeline::Chain::Validate::Abilities.prepend(EE::Gitlab::Ci::Pipeline::Chain::Validate::Abilities)

lib/gitlab/database.rb

@@ -11,10 +11,6 @@ module Gitlab
     # https://dev.mysql.com/doc/refman/5.7/en/datetime.html
     MAX_TIMESTAMP_VALUE = Time.at((1 << 31) - 1).freeze
 
-    class << self
-      prepend EE::Gitlab::Database # rubocop: disable Cop/InjectEnterpriseEditionModule
-    end
-
     def self.config
       ActiveRecord::Base.configurations[Rails.env]
     end
@@ -274,3 +270,5 @@ module Gitlab
     end
   end
 end
+
+Gitlab::Database.prepend(EE::Gitlab::Database)

lib/gitlab/exclusive_lease.rb

@@ -68,18 +68,6 @@ module Gitlab
       end
     end
 
-    # Try to obtain the lease. Returns the UUID and current TTL, which will be
-    # zero if it's not taken.
-    def try_obtain_with_ttl
-      Gitlab::Redis::SharedState.with do |redis|
-        output = redis.set(@redis_shared_state_key, @uuid, nx: true, ex: @timeout) && @uuid
-
-        ttl = output ? 0 : redis.ttl(@redis_shared_state_key)
-
-        { ttl: [ttl, 0].max, uuid: output }
-      end
-    end
-
     # Try to renew an existing lease. Return lease UUID on success,
     # false if the lease is taken by a different UUID or inexistent.
     def renew
@@ -106,12 +94,7 @@ module Gitlab
         ttl if ttl.positive?
       end
     end
-
-    # Returns true if the UUID for the key hasn't changed.
-    def same_uuid?
-      Gitlab::Redis::SharedState.with do |redis|
-        redis.get(@redis_shared_state_key) == @uuid
-      end
-    end
   end
 end
+
+Gitlab::ExclusiveLease.prepend(EE::Gitlab::ExclusiveLease)

lib/gitlab/favicon.rb

@@ -10,7 +10,7 @@ module Gitlab
           elsif Gitlab::Utils.to_boolean(ENV['CANARY'])
             'favicon-yellow.png'
           elsif Rails.env.development?
-            'favicon-green.png'
+            development_favicon
           else
             'favicon.png'
           end
@@ -18,6 +18,12 @@ module Gitlab
         ActionController::Base.helpers.image_path(image_name, host: host)
       end
 
+      def development_favicon
+        # This is a separate method so that EE can return a different favicon
+        # for development environments.
+        'favicon-blue.png'
+      end
+
       def status_overlay(status_name)
         path = File.join(
           'ci_favicons',
@@ -58,3 +64,5 @@ module Gitlab
     end
   end
 end
+
+Gitlab::Favicon.prepend(EE::Gitlab::Favicon)

lib/gitlab/git_access.rb

@@ -4,9 +4,6 @@
 # class return an instance of `GitlabAccessStatus`
 module Gitlab
   class GitAccess
-    prepend ::EE::Gitlab::GitAccess # rubocop: disable Cop/InjectEnterpriseEditionModule
-    include ActionView::Helpers::SanitizeHelper
-    include PathLocksHelper
     include Gitlab::Utils::StrongMemoize
 
     UnauthorizedError = Class.new(StandardError)
@@ -249,22 +246,18 @@ module Gitlab
       end
     end
 
-    # TODO: please clean this up
     def check_push_access!
       if project.repository_read_only?
-        # The repository is temporarily read-only. Please try again later.
         raise UnauthorizedError, ERROR_MESSAGES[:read_only]
       end
 
       if deploy_key?
         unless deploy_key.can_push_to?(project)
-          # This deploy key does not have write access to this project.
           raise UnauthorizedError, ERROR_MESSAGES[:deploy_key_upload]
         end
       elsif user
         # User access is verified in check_change_access!
       else
-        # You are not allowed to upload code for this project.
         raise UnauthorizedError, ERROR_MESSAGES[:upload]
       end
 
@@ -407,3 +400,5 @@ module Gitlab
     end
   end
 end
+
+Gitlab::GitAccess.prepend(EE::Gitlab::GitAccess)

lib/gitlab/hook_data/issue_builder.rb

@@ -3,8 +3,6 @@
 module Gitlab
   module HookData
     class IssueBuilder < BaseBuilder
-      prepend ::EE::Gitlab::HookData::IssueBuilder # rubocop: disable Cop/InjectEnterpriseEditionModule
-
       SAFE_HOOK_RELATIONS = %i[
         assignees
         labels
@@ -55,3 +53,5 @@ module Gitlab
     end
   end
 end
+
+Gitlab::HookData::IssueBuilder.prepend(EE::Gitlab::HookData::IssueBuilder)

lib/gitlab/object_hierarchy.rb

@@ -39,12 +39,6 @@ module Gitlab
     end
     # rubocop: enable CodeReuse/ActiveRecord
 
-    # rubocop: disable CodeReuse/ActiveRecord
-    def roots
-      base_and_ancestors.where(namespaces: { parent_id: nil })
-    end
-    # rubocop: enable CodeReuse/ActiveRecord
-
     # Returns a relation that includes the ancestors_base set of objects
     # and all their ancestors (recursively).
     #
@@ -179,3 +173,5 @@ module Gitlab
     end
   end
 end
+
+Gitlab::ObjectHierarchy.prepend(EE::Gitlab::ObjectHierarchy)

lib/gitlab/path_regex.rb

@@ -233,10 +233,6 @@ module Gitlab
       }x
     end
 
-    def saml_callback_regex
-      @saml_callback_regex ||= %r(\A\/groups\/(?<group>#{full_namespace_route_regex})\/\-\/saml\/callback\z).freeze
-    end
-
     private
 
     def single_line_regexp(regex)
@@ -246,3 +242,5 @@ module Gitlab
     end
   end
 end
+
+Gitlab::PathRegex.prepend(EE::Gitlab::PathRegex)

lib/gitlab/regex.rb

@@ -3,7 +3,6 @@
 module Gitlab
   module Regex
     extend self
-    extend EE::Gitlab::Regex # rubocop: disable Cop/InjectEnterpriseEditionModule
 
     def namespace_name_regex
       @namespace_name_regex ||= /\A[\p{Alnum}\p{Pd}_\. ]*\z/.freeze
@@ -108,3 +107,5 @@ module Gitlab
     end
   end
 end
+
+Gitlab::Regex.prepend(EE::Gitlab::Regex)

lib/gitlab/usage_data.rb

@@ -5,8 +5,6 @@ module Gitlab
     APPROXIMATE_COUNT_MODELS = [Label, MergeRequest, Note, Todo].freeze
 
     class << self
-      prepend EE::Gitlab::UsageData # rubocop: disable Cop/InjectEnterpriseEditionModule
-
       def data(force_refresh: false)
         Rails.cache.fetch('usage_data', force: force_refresh, expires_in: 2.weeks) { uncached_data }
       end
@@ -31,7 +29,7 @@ module Gitlab
           installation_type: Gitlab::INSTALLATION_TYPE,
           active_user_count: count(User.active),
           recorded_at: Time.now,
-          edition: 'EE'
+          edition: 'CE'
         }
 
         usage_data
@@ -192,3 +190,5 @@ module Gitlab
     end
   end
 end
+
+Gitlab::UsageData.prepend(EE::Gitlab::UsageData)

lib/gitlab/utils.rb

@@ -104,7 +104,6 @@ module Gitlab
       nil
     end
 
-    # EE below
     def try_megabytes_to_bytes(size)
       Integer(size).megabytes
     rescue ArgumentError

spec/lib/gitlab/utils_spec.rb

@@ -213,4 +213,22 @@ describe Gitlab::Utils do
       expect(subject[:variables].first[:key]).to eq('VAR1')
     end
   end
+
+  describe '.try_megabytes_to_bytes' do
+    context 'when the size can be converted to megabytes' do
+      it 'returns the size in megabytes' do
+        size = described_class.try_megabytes_to_bytes(1)
+
+        expect(size).to eq(1.megabytes)
+      end
+    end
+
+    context 'when the size can not be converted to megabytes' do
+      it 'returns the input size' do
+        size = described_class.try_megabytes_to_bytes('foo')
+
+        expect(size).to eq('foo')
+      end
+    end
+  end
 end