Resolve offenses for EE

7d5eb7d0 · Lin Jen-Shin · 932c1ae8 · 7d5eb7d0 · 7d5eb7d0 · 7d5eb7d0
Commit 7d5eb7d0 authored Dec 15, 2017 by Lin Jen-Shin
37 changed files
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -1196,9 +1196,11 @@ Gitlab/ModuleWithInstanceVariables:
  Enable: true
  Exclude:
    # We ignore Rails helpers right now because it's hard to workaround it
-    - app/helpers/*_helper.rb
+    - app/helpers/**/*_helper.rb
+    - ee/app/helpers/**/*_helper.rb
    # We ignore Rails mailers right now because it's hard to workaround it
-    - app/mailers/emails/*.rb
+    - app/mailers/emails/**/*.rb
+    - ee/**/emails/**/*.rb
    # We ignore spec helpers because it usually doesn't matter
    - spec/support/**/*.rb
    - features/steps/**/*.rb

--- a/app/controllers/concerns/issuable_actions.rb
+++ b/app/controllers/concerns/issuable_actions.rb
@@ -81,7 +81,7 @@ module IssuableActions
  private
  def recaptcha_check_if_spammable(should_redirect = true, &block)
-    return yield unless @issuable.is_a? Spammable
+    return yield unless issuable.is_a? Spammable
    recaptcha_check_with_fallback(should_redirect, &block)
  end

--- a/app/models/audit_event.rb
+++ b/app/models/audit_event.rb
 class AuditEvent < ActiveRecord::Base
  prepend EE::AuditEvent
+  include Gitlab::Utils::StrongMemoize
  serialize :details, Hash # rubocop:disable Cop/ActiveRecordSerialize

--- a/config/initializers/0_as_concern.rb
+++ b/config/initializers/0_as_concern.rb
@@ -10,8 +10,8 @@ module Prependable
      super
      base.singleton_class.send(:prepend, const_get('ClassMethods')) if const_defined?(:ClassMethods)
-      @_dependencies.each { |dep| base.send(:prepend, dep) }
+      @_dependencies.each { |dep| base.send(:prepend, dep) } # rubocop:disable Gitlab/ModuleWithInstanceVariables
-      base.class_eval(&@_included_block) if instance_variable_defined?(:@_included_block)
+      base.class_eval(&@_included_block) if instance_variable_defined?(:@_included_block) # rubocop:disable Gitlab/ModuleWithInstanceVariables
    end
  end
 end

--- a/ee/app/controllers/concerns/ee/lfs_request.rb
+++ b/ee/app/controllers/concerns/ee/lfs_request.rb
 module EE
  module LfsRequest
    extend ActiveSupport::Concern
+    include ::Gitlab::Utils::StrongMemoize
    def lfs_forbidden!
      if project.above_size_limit? || objects_exceed_repo_limit?
@@ -13,7 +14,7 @@ module EE
    def render_size_error
      render(
        json: {
-          message: ::Gitlab::RepositorySizeError.new(project).push_error(@exceeded_limit),
+          message: ::Gitlab::RepositorySizeError.new(project).push_error(@exceeded_limit), # rubocop:disable Gitlab/ModuleWithInstanceVariables
          documentation_url: help_url
        },
        content_type: "application/vnd.git-lfs+json",
@@ -23,13 +24,14 @@ module EE
    def objects_exceed_repo_limit?
      return false unless project.size_limit_enabled?
-      return @limit_exceeded if defined?(@limit_exceeded)
-      lfs_push_size = objects.sum { |o| o[:size] }
+      strong_memoize(:limit_exceeded) do
-      size_with_lfs_push = project.repository_and_lfs_size + lfs_push_size
+        lfs_push_size = objects.sum { |o| o[:size] }
+        size_with_lfs_push = project.repository_and_lfs_size + lfs_push_size
-      @exceeded_limit = size_with_lfs_push - project.actual_size_limit
+        @exceeded_limit = size_with_lfs_push - project.actual_size_limit # rubocop:disable Gitlab/ModuleWithInstanceVariables
-      @limit_exceeded = @exceeded_limit > 0
+        @exceeded_limit > 0 # rubocop:disable Gitlab/ModuleWithInstanceVariables
+      end
    end
  end
 end
--- a/ee/app/controllers/concerns/safe_mirror_params.rb
+++ b/ee/app/controllers/concerns/safe_mirror_params.rb
@@ -14,6 +14,6 @@ module SafeMirrorParams
  end
  def default_mirror_users
-    [current_user, @project.mirror_user].compact.uniq
+    [current_user, project.mirror_user].compact.uniq
  end
 end
--- a/ee/app/controllers/ee/admin/logs_controller.rb
+++ b/ee/app/controllers/ee/admin/logs_controller.rb
 module EE::Admin::LogsController
+  include ::Gitlab::Utils::StrongMemoize
  def loggers
    raise NotImplementedError unless defined?(super)
-    @loggers ||= super + [
+    strong_memoize(:loggers) do
-      Gitlab::GeoLogger
+      super + [
-    ]
+        Gitlab::GeoLogger
+      ]
+    end
  end
 end
--- a/ee/app/controllers/ee/boards/boards_controller.rb
+++ b/ee/app/controllers/ee/boards/boards_controller.rb
@@ -24,6 +24,7 @@ module EE
        end
      end
+      # rubocop:disable Gitlab/ModuleWithInstanceVariables
      def update
        service = ::Boards::UpdateService.new(parent, current_user, board_params)
@@ -40,10 +41,11 @@ module EE
          end
        end
      end
+      # rubocop:enable Gitlab/ModuleWithInstanceVariables
      def destroy
        service = ::Boards::DestroyService.new(parent, current_user)
-        service.execute(@board)
+        service.execute(@board) # rubocop:disable Gitlab/ModuleWithInstanceVariables
        respond_to do |format|
          format.json { head :ok }
@@ -62,15 +64,15 @@ module EE
      end
      def find_board
-        @board = parent.boards.find(params[:id])
+        @board = parent.boards.find(params[:id]) # rubocop:disable Gitlab/ModuleWithInstanceVariables
      end
      def parent
-        @parent ||= @project || @group
+        @parent ||= @project || @group # rubocop:disable Gitlab/ModuleWithInstanceVariables
      end
      def boards_path
-        if @group
+        if @group # rubocop:disable Gitlab/ModuleWithInstanceVariables
          group_boards_path(parent)
        else
          project_boards_path(parent)
@@ -78,7 +80,7 @@ module EE
      end
      def board_path(board)
-        if @group
+        if @group # rubocop:disable Gitlab/ModuleWithInstanceVariables
          group_board_path(parent, board)
        else
          project_board_path(parent, board)

--- a/ee/app/controllers/ee/groups/group_members_controller.rb
+++ b/ee/app/controllers/ee/groups/group_members_controller.rb
 module EE
  module Groups
    module GroupMembersController
+      # rubocop:disable Gitlab/ModuleWithInstanceVariables
      def override
        @group_member = @group.group_members.find(params[:id])
@@ -14,6 +15,7 @@ module EE
          end
        end
      end
+      # rubocop:enable Gitlab/ModuleWithInstanceVariables
      protected

--- a/ee/app/controllers/ee/omniauth_callbacks_controller.rb
+++ b/ee/app/controllers/ee/omniauth_callbacks_controller.rb
@@ -3,7 +3,7 @@ module EE
    protected
    def fail_login
-      log_failed_login(@user.username, oauth['provider'])
+      log_failed_login(@user.username, oauth['provider']) # rubocop:disable Gitlab/ModuleWithInstanceVariables
      super
    end

--- a/ee/app/controllers/ee/projects/git_http_controller.rb
+++ b/ee/app/controllers/ee/projects/git_http_controller.rb
@@ -33,7 +33,7 @@ module EE
        payload = ::Gitlab::Geo::JwtRequestDecoder.new(request.headers['Authorization']).decode
        if payload
-          @authentication_result = ::Gitlab::Auth::Result.new(nil, project, :geo, [:download_code])
+          @authentication_result = ::Gitlab::Auth::Result.new(nil, project, :geo, [:download_code]) # rubocop:disable Gitlab/ModuleWithInstanceVariables
          return # grant access
        end

--- a/ee/app/controllers/ee/projects/issues_controller.rb
+++ b/ee/app/controllers/ee/projects/issues_controller.rb
@@ -11,8 +11,8 @@ module EE
      end
      def service_desk
-        @issues = @issuables
+        @issues = @issuables # rubocop:disable Gitlab/ModuleWithInstanceVariables
-        @users.push(::User.support_bot)
+        @users.push(::User.support_bot) # rubocop:disable Gitlab/ModuleWithInstanceVariables
      end
      def export_csv

--- a/ee/app/controllers/ee/projects/merge_requests/application_controller.rb
+++ b/ee/app/controllers/ee/projects/merge_requests/application_controller.rb
@@ -7,11 +7,11 @@ module EE
        private
        def set_suggested_approvers
-          if @merge_request.requires_approve?
+          if merge_request.requires_approve?
-            @suggested_approvers = ::Gitlab::AuthorityAnalyzer.new(
+            @suggested_approvers = ::Gitlab::AuthorityAnalyzer.new( # rubocop:disable Gitlab/ModuleWithInstanceVariables
-              @merge_request,
+              merge_request,
-              @merge_request.author || current_user
+              merge_request.author || current_user
-            ).calculate(@merge_request.approvals_required)
+            ).calculate(merge_request.approvals_required)
          end
        end
@@ -38,12 +38,12 @@ module EE
          # Target the MR target project in priority, else it depends whether the project
          # is forked.
-          target_project = if @merge_request
+          target_project = if merge_request
-                             @merge_request.target_project
+                             merge_request.target_project
-                           elsif @project.forked? && @project.id.to_s != mr_params[:target_project_id]
+                           elsif project.forked? && project.id.to_s != mr_params[:target_project_id]
-                             @project.forked_from_project
+                             project.forked_from_project
                           else
-                             @project
+                             project
                           end
          if mr_params[:approvals_before_merge].to_i <= target_project.approvals_before_merge

--- a/ee/app/controllers/ee/projects/merge_requests_controller.rb
+++ b/ee/app/controllers/ee/projects/merge_requests_controller.rb
@@ -9,19 +9,19 @@ module EE
      end
      def rebase
-        RebaseWorker.perform_async(@merge_request.id, current_user.id)
+        RebaseWorker.perform_async(merge_request.id, current_user.id)
        render nothing: true, status: 200
      end
      def approve
-        unless @merge_request.can_approve?(current_user)
+        unless merge_request.can_approve?(current_user)
          return render_404
        end
        ::MergeRequests::ApprovalService
          .new(project, current_user)
-          .execute(@merge_request)
+          .execute(merge_request)
        render_approvals_json
      end
@@ -31,10 +31,10 @@ module EE
      end
      def unapprove
-        if @merge_request.has_approved?(current_user)
+        if merge_request.has_approved?(current_user)
          ::MergeRequests::RemoveApprovalService
            .new(project, current_user)
-            .execute(@merge_request)
+            .execute(merge_request)
        end
        render_approvals_json
@@ -51,7 +51,7 @@ module EE
      def render_approvals_json
        respond_to do |format|
          format.json do
-            entity = ::API::Entities::MergeRequestApprovals.new(@merge_request, current_user: current_user)
+            entity = ::API::Entities::MergeRequestApprovals.new(merge_request, current_user: current_user)
            render json: entity
          end
        end
@@ -65,11 +65,11 @@ module EE
      end
      def check_user_can_push_to_source_branch!
-        return access_denied! unless @merge_request.source_branch_exists?
+        return access_denied! unless merge_request.source_branch_exists?
        access_check = ::Gitlab::UserAccess
-          .new(current_user, project: @merge_request.source_project)
+          .new(current_user, project: merge_request.source_project)
-          .can_push_to_branch?(@merge_request.source_branch)
+          .can_push_to_branch?(merge_request.source_branch)
        access_denied! unless access_check
      end

--- a/ee/app/controllers/ee/projects/settings/repository_controller.rb
+++ b/ee/app/controllers/ee/projects/settings/repository_controller.rb
@@ -15,15 +15,16 @@ module EE
          return unless project.feature_available?(:push_rules)
          project.create_push_rule unless project.push_rule
-          @push_rule = project.push_rule
+          @push_rule = project.push_rule # rubocop:disable Gitlab/ModuleWithInstanceVariables
        end
        def remote_mirror
          return unless project.feature_available?(:repository_mirrors)
-          @remote_mirror = @project.remote_mirrors.first_or_initialize
+          @remote_mirror = project.remote_mirrors.first_or_initialize # rubocop:disable Gitlab/ModuleWithInstanceVariables
        end
+        # rubocop:disable Gitlab/ModuleWithInstanceVariables
        def acces_levels_options
          super.merge(
            selected_merge_access_levels: @protected_branch.merge_access_levels.map { |access_level| access_level.user_id || access_level.access_level },
@@ -31,11 +32,12 @@ module EE
            selected_create_access_levels: @protected_tag.create_access_levels.map { |access_level| access_level.user_id || access_level.access_level }
          )
        end
+        # rubocop:enable Gitlab/ModuleWithInstanceVariables
        def load_gon_index
          super
-          gon.push(current_project_id: @project.id) if @project
+          gon.push(current_project_id: project.id) if project
        end
      end
    end

--- a/ee/app/controllers/ee/sessions_controller.rb
+++ b/ee/app/controllers/ee/sessions_controller.rb
@@ -26,7 +26,7 @@ module EE
      return unless ::Gitlab::Geo.secondary?
      oauth = ::Gitlab::Geo::OauthSession.new(access_token: session[:access_token])
-      @geo_logout_state = oauth.generate_logout_state
+      @geo_logout_state = oauth.generate_logout_state # rubocop:disable Gitlab/ModuleWithInstanceVariables
    end
    def log_failed_login

--- a/ee/app/models/ee/audit_event.rb
+++ b/ee/app/models/ee/audit_event.rb
@@ -10,7 +10,7 @@ module EE
      return unless entity_type && entity_id
      # Avoiding exception if the record doesn't exist
-      @entity ||= entity_type.constantize.find_by_id(entity_id)
+      @entity ||= entity_type.constantize.find_by_id(entity_id) # rubocop:disable Gitlab/ModuleWithInstanceVariables
    end
    def present

--- a/ee/app/models/ee/namespace.rb
+++ b/ee/app/models/ee/namespace.rb
@@ -5,6 +5,7 @@ module EE
  # and be prepended in the `Namespace` model
  module Namespace
    extend ActiveSupport::Concern
+    include ::Gitlab::Utils::StrongMemoize
    FREE_PLAN = 'free'.freeze
@@ -67,19 +68,23 @@ module EE
    # for a given Namespace plan. This method should consider ancestor groups
    # being licensed.
    def feature_available?(feature)
-      @feature_available ||= Hash.new do |h, feature|
+      available_features = strong_memoize(:feature_available) do
-        h[feature] = load_feature_available(feature)
+        Hash.new do |h, feature|
+          h[feature] = load_feature_available(feature)
+        end
      end
-      @feature_available[feature]
+      available_features[feature]
    end
    def feature_available_in_plan?(feature)
-      @features_available_in_plan ||= Hash.new do |h, feature|
+      available_features = strong_memoize(:features_available_in_plan) do
-        h[feature] = (plans.map(&:name) & self.class.plans_with_feature(feature)).any?
+        Hash.new do |h, feature|
+          h[feature] = (plans.map(&:name) & self.class.plans_with_feature(feature)).any?
+        end
      end
-      @features_available_in_plan[feature]
+      available_features[feature]
    end
    # The main difference between the "plan" column and this method is that "plan"
@@ -128,9 +133,9 @@ module EE
    # These helper methods are required to not break the Namespace API.
    def plan=(plan_name)
      if plan_name.is_a?(String)
-        @plan_name = plan_name
+        @plan_name = plan_name # rubocop:disable Gitlab/ModuleWithInstanceVariables
-        super(Plan.find_by(name: @plan_name))
+        super(Plan.find_by(name: @plan_name)) # rubocop:disable Gitlab/ModuleWithInstanceVariables
      else
        super
      end
@@ -149,7 +154,7 @@ module EE
    private
    def validate_plan_name
-      if @plan_name.present? && PLANS.exclude?(@plan_name)
+      if @plan_name.present? && PLANS.exclude?(@plan_name) # rubocop:disable Gitlab/ModuleWithInstanceVariables
        errors.add(:plan, 'is not included in the list')
      end
    end

--- a/ee/app/models/ee/project.rb
+++ b/ee/app/models/ee/project.rb
@@ -5,6 +5,7 @@ module EE
  # and be prepended in the `Project` model
  module Project
    extend ActiveSupport::Concern
+    include ::Gitlab::Utils::StrongMemoize
    prepended do
      include Elastic::ProjectsSearch
@@ -258,8 +259,9 @@ module EE
    def deployment_platform(environment: nil)
      return super unless environment && feature_available?(:multiple_clusters)
-      @deployment_platform ||= clusters.enabled.on_environment(environment.name)
+      @deployment_platform ||= # rubocop:disable Gitlab/ModuleWithInstanceVariables
-                                               .last&.platform_kubernetes
+        clusters.enabled.on_environment(environment.name)
+          .last&.platform_kubernetes
      super # Wildcard or KubernetesService
    end
@@ -323,8 +325,11 @@ module EE
    end
    def find_path_lock(path, exact_match: false, downstream: false)
-      @path_lock_finder ||= ::Gitlab::PathLocksFinder.new(self)
+      path_lock_finder = strong_memoize(:path_lock_finder) do
-      @path_lock_finder.find(path, exact_match: exact_match, downstream: downstream)
+        ::Gitlab::PathLocksFinder.new(self)
+      end
+      path_lock_finder.find(path, exact_match: exact_match, downstream: downstream)
    end
    def import_url_updated?
@@ -450,15 +455,15 @@ module EE
    end
    def disabled_services
-      return @disabled_services if defined?(@disabled_services)
+      strong_memoize(:disabled_services) do
+        disabled_services = []
-      @disabled_services = []
+        unless feature_available?(:jenkins_integration)
+          disabled_services.push('jenkins', 'jenkins_deprecated')
+        end
-      unless feature_available?(:jenkins_integration)
+        disabled_services
-        @disabled_services.push('jenkins', 'jenkins_deprecated')
      end
-      @disabled_services
    end
    def remote_mirror_available?
@@ -479,11 +484,13 @@ module EE
    end
    def licensed_feature_available?(feature)
-      @licensed_feature_available ||= Hash.new do |h, feature|
+      available_features = strong_memoize(:licensed_feature_available) do
-        h[feature] = load_licensed_feature_available(feature)
+        Hash.new do |h, feature|
+          h[feature] = load_licensed_feature_available(feature)
+        end
      end
-      @licensed_feature_available[feature]
+      available_features[feature]
    end
    def load_licensed_feature_available(feature)

--- a/ee/app/services/ee/applications/create_service.rb
+++ b/ee/app/services/ee/applications/create_service.rb
 module EE
  module Applications
+    # rubocop:disable Gitlab/ModuleWithInstanceVariables
    module CreateService
      def execute(request)
        super.tap do |application|

--- a/ee/app/services/ee/audit_event_service.rb
+++ b/ee/app/services/ee/audit_event_service.rb
 module EE
  module AuditEventService
+    # rubocop:disable Gitlab/ModuleWithInstanceVariables
    def for_member(member)
      action = @details[:action]
      old_access_level = @details[:old_access_level]
@@ -199,5 +200,6 @@ module EE
        }
      end
    end
+    # rubocop:enable Gitlab/ModuleWithInstanceVariables
  end
 end
--- a/ee/app/services/ee/boards/issues/list_service.rb
+++ b/ee/app/services/ee/boards/issues/list_service.rb
@@ -3,8 +3,8 @@ module EE
    module Issues
      module ListService
        def set_parent
-          if @parent.is_a?(Group)
+          if parent.is_a?(Group)
-            params[:group_id] = @parent.id
+            params[:group_id] = parent.id
          else
            super
          end

--- a/ee/app/services/ee/keys/create_service.rb
+++ b/ee/app/services/ee/keys/create_service.rb
@@ -12,11 +12,11 @@ module EE
      end
      def audit_event_service
-        ::AuditEventService.new(@user,
+        ::AuditEventService.new(user,
-                                @user,
+                                user,
                                action: :custom,
                                custom_message: 'Added SSH key',
-                                ip_address: @ip_address)
+                                ip_address: @ip_address) # rubocop:disable Gitlab/ModuleWithInstanceVariables
      end
    end
  end

--- a/ee/app/services/ee/merge_requests/merge_service.rb
+++ b/ee/app/services/ee/merge_requests/merge_service.rb
@@ -25,8 +25,8 @@ module EE
      private
      def check_size_limit
-        if @merge_request.target_project.above_size_limit?
+        if merge_request.target_project.above_size_limit?
-          message = ::Gitlab::RepositorySizeError.new(@merge_request.target_project).merge_error
+          message = ::Gitlab::RepositorySizeError.new(merge_request.target_project).merge_error
          raise ::MergeRequests::MergeService::MergeError, message
        end

--- a/ee/app/services/ee/projects/create_service.rb
+++ b/ee/app/services/ee/projects/create_service.rb
@@ -41,7 +41,7 @@ module EE
        create_predefined_push_rule
-        @project.group&.refresh_members_authorized_projects
+        project.group&.refresh_members_authorized_projects
      end
      def create_predefined_push_rule

--- a/ee/app/services/ee/projects/transfer_service.rb
+++ b/ee/app/services/ee/projects/transfer_service.rb
@@ -8,12 +8,12 @@ module EE
        super
-        EE::Audit::ProjectChangesAuditor.new(@current_user, project).execute
+        EE::Audit::ProjectChangesAuditor.new(current_user, project).execute
        ::Geo::RepositoryRenamedEventStore.new(
          project,
          old_path: project.path,
-          old_path_with_namespace: @old_path
+          old_path_with_namespace: @old_path # rubocop:disable Gitlab/ModuleWithInstanceVariables
        ).create
      end
    end

--- a/ee/app/services/ee/protected_branches/api_service.rb
+++ b/ee/app/services/ee/protected_branches/api_service.rb
@@ -26,15 +26,15 @@ module EE
      end
      def groups_accessible?
-        group_ids = @merge_params.group_ids + @push_params.group_ids
+        group_ids = @merge_params.group_ids + @push_params.group_ids # rubocop:disable Gitlab/ModuleWithInstanceVariables
-        allowed_groups = @project.invited_groups.where(id: group_ids)
+        allowed_groups = @project.invited_groups.where(id: group_ids) # rubocop:disable Gitlab/ModuleWithInstanceVariables
        group_ids.count == allowed_groups.count
      end
      def users_accessible?
-        user_ids = @merge_params.user_ids + @push_params.user_ids
+        user_ids = @merge_params.user_ids + @push_params.user_ids # rubocop:disable Gitlab/ModuleWithInstanceVariables
-        allowed_users = @project.team.users.where(id: user_ids)
+        allowed_users = @project.team.users.where(id: user_ids) # rubocop:disable Gitlab/ModuleWithInstanceVariables
        user_ids.count == allowed_users.count
      end

--- a/ee/app/services/ee/user_project_access_changed_service.rb
+++ b/ee/app/services/ee/user_project_access_changed_service.rb
@@ -3,7 +3,7 @@ module EE
    def execute(blocking: true)
      result = super
-      @user_ids.each do |id|
+      @user_ids.each do |id| # rubocop:disable Gitlab/ModuleWithInstanceVariables
        ::Gitlab::Database::LoadBalancing::Sticking.stick(:user, id)
      end

--- a/ee/app/services/ee/users/update_service.rb
+++ b/ee/app/services/ee/users/update_service.rb
@@ -6,7 +6,7 @@ module EE
      private
      def notify_success(user_exists)
-        notify_new_user(@user, nil) unless user_exists
+        notify_new_user(@user, nil) unless user_exists # rubocop:disable Gitlab/ModuleWithInstanceVariables
        audit_changes(:email, as: 'email address')
        audit_changes(:encrypted_password, as: 'password', skip_changes: true)

--- a/ee/lib/ee/api/helpers.rb
+++ b/ee/lib/ee/api/helpers.rb
@@ -2,14 +2,14 @@ module EE
  module API
    module Helpers
      def current_user
-        return @current_user if defined?(@current_user)
+        strong_memoize(:current_user) do
+          user = super
-        user = super
+          ::Gitlab::Database::LoadBalancing::RackMiddleware
+            .stick_or_unstick(env, :user, user.id) if user
-        ::Gitlab::Database::LoadBalancing::RackMiddleware
+          user
-          .stick_or_unstick(env, :user, user.id) if user
+        end
-        user
      end
      def check_project_feature_available!(feature)

--- a/ee/lib/ee/gitlab/git_access_wiki.rb
+++ b/ee/lib/ee/gitlab/git_access_wiki.rb
@@ -6,7 +6,7 @@ module EE
      private
      def project_or_wiki
-        @project.wiki
+        project.wiki
      end
    end
  end

--- a/ee/lib/ee/gitlab/o_auth/auth_hash.rb
+++ b/ee/lib/ee/gitlab/o_auth/auth_hash.rb
@@ -2,24 +2,26 @@ module EE
  module Gitlab
    module OAuth
      module AuthHash
+        include ::Gitlab::Utils::StrongMemoize
        def kerberos_default_realm
          ::Gitlab::Kerberos::Authentication.kerberos_default_realm
        end
        def uid
-          return @ee_uid if defined?(@ee_uid)
+          strong_memoize(:ee_uid) do
+            ee_uid = super
-          ee_uid = super
+            # For Kerberos, usernames `principal` and `principal@DEFAULT.REALM`
+            # are equivalent and may be used indifferently, but omniauth_kerberos
+            # does not normalize them as of version 0.3.0, so add the default
+            # realm ourselves if appropriate
+            if provider == 'kerberos' && ee_uid.present?
+              ee_uid += "@#{kerberos_default_realm}" unless ee_uid.include?('@')
+            end
-          # For Kerberos, usernames `principal` and `principal@DEFAULT.REALM`
+            ee_uid
-          # are equivalent and may be used indifferently, but omniauth_kerberos
-          # does not normalize them as of version 0.3.0, so add the default
-          # realm ourselves if appropriate
-          if provider == 'kerberos' && ee_uid.present?
-            ee_uid += "@#{kerberos_default_realm}" unless ee_uid.include?('@')
          end
-          @ee_uid = ee_uid
        end
      end
    end

--- a/ee/lib/gitlab/geo/database_tasks.rb
+++ b/ee/lib/gitlab/geo/database_tasks.rb
@@ -44,9 +44,9 @@ module Gitlab
      end
      def abort_if_no_geo_config!
-        @geo_config_exists ||= File.exist?(Rails.root.join(GEO_DATABASE_CONFIG))
+        @geo_config_exists ||= File.exist?(Rails.root.join(GEO_DATABASE_CONFIG)) # rubocop:disable Gitlab/ModuleWithInstanceVariables
-        unless @geo_config_exists
+        unless @geo_config_exists # rubocop:disable Gitlab/ModuleWithInstanceVariables
          abort("Failed to open #{GEO_DATABASE_CONFIG}. Consult the documentation on how to set up GitLab Geo.")
        end
      end

--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -3,6 +3,7 @@ module API
    prepend EE::API::Helpers
    include Gitlab::Utils
+    include Gitlab::Utils::StrongMemoize
    include Helpers::Pagination
    SUDO_HEADER = "HTTP_SUDO".freeze

--- a/lib/ee/audit/changes.rb
+++ b/lib/ee/audit/changes.rb
@@ -3,7 +3,7 @@ module EE
    module Changes
      def audit_changes(column, options = {})
        column = options[:column] || column
-        @model = options[:model]
+        @model = options[:model] # rubocop:disable Gitlab/ModuleWithInstanceVariables
        return unless changed?(column)
@@ -39,7 +39,7 @@ module EE
      end
      def audit_event(options)
-        ::AuditEventService.new(@current_user, model, options)
+        ::AuditEventService.new(@current_user, model, options) # rubocop:disable Gitlab/ModuleWithInstanceVariables
          .for_changes.security_event
      end
    end

--- a/lib/gitlab/auth/user_auth_finders.rb
+++ b/lib/gitlab/auth/user_auth_finders.rb
@@ -57,7 +57,7 @@ module Gitlab
        job = ::Ci::Build.find_by(token: token)
        raise UnauthorizedError unless job
-        @job_token_authentication = true
+        @job_token_authentication = true # rubocop:disable Gitlab/ModuleWithInstanceVariables
        job.user
      end

--- a/lib/gitlab/slash_commands/presenters/issue_base.rb
+++ b/lib/gitlab/slash_commands/presenters/issue_base.rb
@@ -37,7 +37,7 @@ module Gitlab
            },
            {
              title: "Weight",
-              value: @resource.weight? ? @resource.weight : "_None_",
+              value: resource.weight? ? resource.weight : "_None_",
              short: true
            }
          ]