Merge branch 'master' into ee-remove-ide

GITALY_SERVER_VERSION

-0.85.0
+0.87.0

Gemfile

@@ -426,7 +426,7 @@ group :ed25519 do
 end
 
 # Gitaly GRPC client
-gem 'gitaly-proto', '~> 0.85.0', require: 'gitaly'
+gem 'gitaly-proto', '~> 0.87.0', require: 'gitaly'
 # Locked until https://github.com/google/protobuf/issues/4210 is closed
 gem 'google-protobuf', '= 3.5.1'
 

Gemfile.lock

@@ -309,7 +309,7 @@ GEM
       po_to_json (>= 1.0.0)
       rails (>= 3.2.0)
     gherkin-ruby (0.3.2)
-    gitaly-proto (0.85.0)
+    gitaly-proto (0.87.0)
       google-protobuf (~> 3.1)
       grpc (~> 1.0)
     github-linguist (5.3.3)
@@ -1091,7 +1091,7 @@ DEPENDENCIES
   gettext (~> 3.2.2)
   gettext_i18n_rails (~> 1.8.0)
   gettext_i18n_rails_js (~> 1.2.0)
-  gitaly-proto (~> 0.85.0)
+  gitaly-proto (~> 0.87.0)
   github-linguist (~> 5.3.3)
   gitlab-flowdock-git-hook (~> 1.0.1)
   gitlab-license (~> 1.0)

app/assets/javascripts/clusters/clusters_bundle.js

@@ -37,10 +37,11 @@ export default class Clusters {
       clusterStatusReason,
       helpPath,
       ingressHelpPath,
+      ingressDnsHelpPath,
     } = document.querySelector('.js-edit-cluster-form').dataset;
 
     this.store = new ClustersStore();
-    this.store.setHelpPaths(helpPath, ingressHelpPath);
+    this.store.setHelpPaths(helpPath, ingressHelpPath, ingressDnsHelpPath);
     this.store.setManagePrometheusPath(managePrometheusPath);
     this.store.updateStatus(clusterStatus);
     this.store.updateStatusReason(clusterStatusReason);
@@ -98,6 +99,7 @@ export default class Clusters {
             helpPath: this.state.helpPath,
             ingressHelpPath: this.state.ingressHelpPath,
             managePrometheusPath: this.state.managePrometheusPath,
+            ingressDnsHelpPath: this.state.ingressDnsHelpPath,
           },
         });
       },

app/assets/javascripts/clusters/components/application_row.vue

@@ -36,10 +36,6 @@
         type: String,
         required: false,
       },
-      description: {
-        type: String,
-        required: true,
-      },
       status: {
         type: String,
         required: false,
@@ -148,7 +144,7 @@
         class="table-section section-wrap"
         role="gridcell"
       >
-        <div v-html="description"></div>
+        <slot name="description"></slot>
       </div>
       <div
         class="table-section table-button-footer section-align-top"

app/assets/javascripts/clusters/components/applications.vue

@@ -2,10 +2,16 @@
   import _ from 'underscore';
   import { s__, sprintf } from '../../locale';
   import applicationRow from './application_row.vue';
+  import clipboardButton from '../../vue_shared/components/clipboard_button.vue';
+  import {
+    APPLICATION_INSTALLED,
+    INGRESS,
+  } from '../constants';
 
   export default {
     components: {
       applicationRow,
+      clipboardButton,
     },
     props: {
       applications: {
@@ -23,6 +29,11 @@
         required: false,
         default: '',
       },
+      ingressDnsHelpPath: {
+        type: String,
+        required: false,
+        default: '',
+      },
       managePrometheusPath: {
         type: String,
         required: false,
@@ -43,19 +54,16 @@
           false,
         );
       },
-      helmTillerDescription() {
-        return _.escape(s__(
-          `ClusterIntegration|Helm streamlines installing and managing Kubernetes applications.
-          Tiller runs inside of your Kubernetes Cluster, and manages
-          releases of your charts.`,
-        ));
+      ingressId() {
+        return INGRESS;
+      },
+      ingressInstalled() {
+        return this.applications.ingress.status === APPLICATION_INSTALLED;
+      },
+      ingressExternalIp() {
+        return this.applications.ingress.externalIp;
       },
       ingressDescription() {
-        const descriptionParagraph = _.escape(s__(
-          `ClusterIntegration|Ingress gives you a way to route requests to services based on the
-          request host or path, centralizing a number of services into a single entrypoint.`,
-        ));
-
         const extraCostParagraph = sprintf(
           _.escape(s__(
             `ClusterIntegration|%{boldNotice} This will add some extra resources
@@ -83,9 +91,6 @@
         );
 
         return `
-          <p>
-            ${descriptionParagraph}
-          </p>
           <p>
             ${extraCostParagraph}
           </p>
@@ -94,12 +99,6 @@
           </p>
         `;
       },
-      gitlabRunnerDescription() {
-        return _.escape(s__(
-          `ClusterIntegration|GitLab Runner is the open source project that is used to run your jobs
-          and send the results back to GitLab.`,
-        ));
-      },
       prometheusDescription() {
         return sprintf(
           _.escape(s__(
@@ -136,33 +135,137 @@
           id="helm"
           :title="applications.helm.title"
           title-link="https://docs.helm.sh/"
-          :description="helmTillerDescription"
           :status="applications.helm.status"
           :status-reason="applications.helm.statusReason"
           :request-status="applications.helm.requestStatus"
           :request-reason="applications.helm.requestReason"
-        />
+        >
+          <div slot="description">
+            {{ s__(`ClusterIntegration|Helm streamlines installing
+              and managing Kubernetes applications.
+              Tiller runs inside of your Kubernetes Cluster,
+              and manages releases of your charts.`) }}
+          </div>
+        </application-row>
         <application-row
-          id="ingress"
+          :id="ingressId"
           :title="applications.ingress.title"
           title-link="https://kubernetes.io/docs/concepts/services-networking/ingress/"
-          :description="ingressDescription"
           :status="applications.ingress.status"
           :status-reason="applications.ingress.statusReason"
           :request-status="applications.ingress.requestStatus"
           :request-reason="applications.ingress.requestReason"
-        />
+        >
+          <div slot="description">
+            <p>
+              {{ s__(`ClusterIntegration|Ingress gives you a way to route
+                requests to services based on the request host or path,
+                centralizing a number of services into a single entrypoint.`) }}
+            </p>
+
+            <template v-if="ingressInstalled">
+              <div class="form-group">
+                <label for="ingress-ip-address">
+                  {{ s__('ClusterIntegration|Ingress IP Address') }}
+                </label>
+                <div
+                  v-if="ingressExternalIp"
+                  class="input-group"
+                >
+                  <input
+                    type="text"
+                    id="ingress-ip-address"
+                    class="form-control js-ip-address"
+                    :value="ingressExternalIp"
+                    readonly
+                  />
+                  <span class="input-group-btn">
+                    <clipboard-button
+                      :text="ingressExternalIp"
+                      :title="s__('ClusterIntegration|Copy Ingress IP Address to clipboard')"
+                      css-class="btn btn-default js-clipboard-btn"
+                    />
+                  </span>
+                </div>
+                <input
+                  v-else
+                  type="text"
+                  class="form-control js-ip-address"
+                  readonly
+                  value="?"
+                />
+              </div>
+
+              <p
+                v-if="!ingressExternalIp"
+                class="settings-message js-no-ip-message"
+              >
+                {{ s__(`ClusterIntegration|The IP address is in
+                the process of being assigned. Please check your Kubernetes
+                cluster or Quotas on GKE if it takes a long time.`) }}
+
+                <a
+                  :href="ingressHelpPath"
+                  target="_blank"
+                  rel="noopener noreferrer"
+                >
+                  {{ __('More information') }}
+                </a>
+              </p>
+
+              <p>
+                {{ s__(`ClusterIntegration|Point a wildcard DNS to this
+                generated IP address in order to access
+                your application after it has been deployed.`) }}
+                <a
+                  :href="ingressDnsHelpPath"
+                  target="_blank"
+                  rel="noopener noreferrer"
+                >
+                  {{ __('More information') }}
+                </a>
+              </p>
+
+            </template>
+            <div
+              v-else
+              v-html="ingressDescription"
+            >
+            </div>
+          </div>
+        </application-row>
         <application-row
           id="prometheus"
           :title="applications.prometheus.title"
           title-link="https://prometheus.io/docs/introduction/overview/"
           :manage-link="managePrometheusPath"
-          :description="prometheusDescription"
           :status="applications.prometheus.status"
           :status-reason="applications.prometheus.statusReason"
           :request-status="applications.prometheus.requestStatus"
           :request-reason="applications.prometheus.requestReason"
-        />
+        >
+          <div
+            slot="description"
+            v-html="prometheusDescription"
+          >
+          </div>
+        </application-row>
+        <application-row
+          id="runner"
+          :title="applications.runner.title"
+          title-link="https://docs.gitlab.com/runner/"
+          :status="applications.runner.status"
+          :status-reason="applications.runner.statusReason"
+          :request-status="applications.runner.requestStatus"
+          :request-reason="applications.runner.requestReason"
+        >
+          <div slot="description">
+            {{ s__(`ClusterIntegration|GitLab Runner connects to this
+              project's repository and executes CI/CD jobs,
+              pushing results back and deploying,
+              applications to production.`) }}
+          </div>
+        </application-row>
         <!--
           NOTE: Don't forget to update `clusters.scss`
           min-height for this block and uncomment `application_spec` tests

app/assets/javascripts/clusters/constants.js

@@ -10,3 +10,4 @@ export const APPLICATION_ERROR = 'errored';
 export const REQUEST_LOADING = 'request-loading';
 export const REQUEST_SUCCESS = 'request-success';
 export const REQUEST_FAILURE = 'request-failure';
+export const INGRESS = 'ingress';

app/assets/javascripts/clusters/stores/clusters_store.js

 import { s__ } from '../../locale';
+import { INGRESS } from '../constants';
 
 export default class ClusterStore {
   constructor() {
@@ -21,6 +22,7 @@ export default class ClusterStore {
           statusReason: null,
           requestStatus: null,
           requestReason: null,
+          externalIp: null,
         },
         runner: {
           title: s__('ClusterIntegration|GitLab Runner'),
@@ -40,9 +42,10 @@ export default class ClusterStore {
     };
   }
 
-  setHelpPaths(helpPath, ingressHelpPath) {
+  setHelpPaths(helpPath, ingressHelpPath, ingressDnsHelpPath) {
     this.state.helpPath = helpPath;
     this.state.ingressHelpPath = ingressHelpPath;
+    this.state.ingressDnsHelpPath = ingressDnsHelpPath;
   }
 
   setManagePrometheusPath(managePrometheusPath) {
@@ -64,6 +67,7 @@ export default class ClusterStore {
   updateStateFromServer(serverState = {}) {
     this.state.status = serverState.status;
     this.state.statusReason = serverState.status_reason;
+
     serverState.applications.forEach((serverAppEntry) => {
       const {
         name: appId,
@@ -76,6 +80,10 @@ export default class ClusterStore {
         status,
         statusReason,
       };
+
+      if (appId === INGRESS) {
+        this.state.applications.ingress.externalIp = serverAppEntry.external_ip;
+      }
     });
   }
 }

app/assets/javascripts/filtered_search/filtered_search_dropdown_manager.js

@@ -16,6 +16,7 @@ export default class FilteredSearchDropdownManager {
     page,
     isGroup,
     isGroupAncestor,
+    isGroupDecendent,
     filteredSearchTokenKeys,
   }) {
     this.container = FilteredSearchContainer.container;
@@ -26,6 +27,7 @@ export default class FilteredSearchDropdownManager {
     this.page = page;
     this.groupsOnly = isGroup;
     this.groupAncestor = isGroupAncestor;
+    this.isGroupDecendent = isGroupDecendent;
 
     this.setupMapping();
 

app/assets/javascripts/filtered_search/filtered_search_manager.js

@@ -22,11 +22,13 @@ export default class FilteredSearchManager {
     page,
     isGroup = false,
     isGroupAncestor = false,
+    isGroupDecendent = false,
     filteredSearchTokenKeys = FilteredSearchTokenKeys,
     stateFiltersSelector = '.issues-state-filters',
   }) {
     this.isGroup = isGroup;
     this.isGroupAncestor = isGroupAncestor;
+    this.isGroupDecendent = isGroupDecendent;
     this.states = ['opened', 'closed', 'merged', 'all'];
 
     this.page = page;

app/assets/javascripts/filtered_search/filtered_search_visual_tokens.js

 import _ from 'underscore';
-import AjaxCache from '../lib/utils/ajax_cache';
+import AjaxCache from '~/lib/utils/ajax_cache';
+import { objectToQueryString } from '~/lib/utils/common_utils';
 import Flash from '../flash';
 import FilteredSearchContainer from './container';
 import UsersCache from '../lib/utils/users_cache';
@@ -16,6 +17,21 @@ export default class FilteredSearchVisualTokens {
     };
   }
 
+  /**
+   * Returns a computed API endpoint
+   * and query string composed of values from endpointQueryParams
+   * @param {String} endpoint
+   * @param {String} endpointQueryParams
+   */
+  static getEndpointWithQueryParams(endpoint, endpointQueryParams) {
+    if (!endpointQueryParams) {
+      return endpoint;
+    }
+
+    const queryString = objectToQueryString(JSON.parse(endpointQueryParams));
+    return `${endpoint}?${queryString}`;
+  }
+
   static unselectTokens() {
     const otherTokens = FilteredSearchContainer.container.querySelectorAll('.js-visual-token .selectable.selected');
     [].forEach.call(otherTokens, t => t.classList.remove('selected'));
@@ -86,7 +102,10 @@ export default class FilteredSearchVisualTokens {
   static updateLabelTokenColor(tokenValueContainer, tokenValue) {
     const filteredSearchInput = FilteredSearchContainer.container.querySelector('.filtered-search');
     const baseEndpoint = filteredSearchInput.dataset.baseEndpoint;
-    const labelsEndpoint = `${baseEndpoint}/labels.json`;
+    const labelsEndpoint = FilteredSearchVisualTokens.getEndpointWithQueryParams(
+      `${baseEndpoint}/labels.json`,
+      filteredSearchInput.dataset.endpointQueryParams,
+    );
 
     return AjaxCache.retrieve(labelsEndpoint)
       .then(FilteredSearchVisualTokens.preprocessLabel.bind(null, labelsEndpoint))

app/assets/javascripts/lib/utils/common_utils.js

@@ -302,6 +302,14 @@ export const parseQueryStringIntoObject = (query = '') => {
     }, {});
 };
 
+/**
+ * Converts object with key-value pairs
+ * into query-param string
+ *
+ * @param {Object} params
+ */
+export const objectToQueryString = (params = {}) => Object.keys(params).map(param => `${param}=${params[param]}`).join('&');
+
 export const buildUrlWithCurrentLocation = param => (param ? `${window.location.pathname}${param}` : window.location.pathname);
 
 /**

app/assets/javascripts/main.js

@@ -39,8 +39,11 @@ import 'ee/main';
 
 import initDispatcher from './dispatcher';
 
-// eslint-disable-next-line global-require, import/no-commonjs
-if (process.env.NODE_ENV !== 'production') require('./test_utils/');
+// inject test utilities if necessary
+if (process.env.NODE_ENV !== 'production' && gon && gon.test_env) {
+  $.fx.off = true;
+  import(/* webpackMode: "eager" */ './test_utils/');
+}
 
 svg4everybody();
 

app/assets/javascripts/mr_notes/index.js

@@ -3,7 +3,7 @@ import notesApp from '../notes/components/notes_app.vue';
 import discussionCounter from '../notes/components/discussion_counter.vue';
 import store from '../notes/stores';
 
-document.addEventListener('DOMContentLoaded', () => {
+export default function initMrNotes() {
   new Vue({ // eslint-disable-line
     el: '#js-vue-mr-discussions',
     components: {
@@ -38,4 +38,4 @@ document.addEventListener('DOMContentLoaded', () => {
       return createElement('discussion-counter');
     },
   });
-});
+}

app/assets/javascripts/two_factor_auth.js → app/assets/javascripts/pages/profiles/two_factor_auths/index.js

-import U2FRegister from './u2f/register';
+import U2FRegister from '~/u2f/register';
 
 document.addEventListener('DOMContentLoaded', () => {
   const twoFactorNode = document.querySelector('.js-two-factor-auth');

app/assets/javascripts/pages/projects/environments/terminal/index.js

+import initTerminal from '~/terminal/';
+
+document.addEventListener('DOMContentLoaded', initTerminal);

app/assets/javascripts/pages/projects/merge_requests/show/index.js

+import { hasVueMRDiscussionsCookie } from '~/lib/utils/common_utils';
+import initMrNotes from '~/mr_notes';
 import initSidebarBundle from '~/sidebar/sidebar_bundle';
 import initShow from '../init_merge_request_show';
 
 document.addEventListener('DOMContentLoaded', () => {
   initShow();
   initSidebarBundle();
+
+  if (hasVueMRDiscussionsCookie()) {
+    initMrNotes();
+  }
 });

app/assets/javascripts/pages/search/init_filtered_search.js

@@ -5,6 +5,7 @@ export default ({
   filteredSearchTokenKeys,
   isGroup,
   isGroupAncestor,
+  isGroupDecendent,
   stateFiltersSelector,
 }) => {
   const filteredSearchEnabled = FilteredSearchManager && document.querySelector('.filtered-search');
@@ -13,6 +14,7 @@ export default ({
       page,
       isGroup,
       isGroupAncestor,
+      isGroupDecendent,
       filteredSearchTokenKeys,
       stateFiltersSelector,
     });

app/assets/javascripts/terminal/terminal_bundle.js → app/assets/javascripts/terminal/index.js

@@ -6,4 +6,4 @@ import './terminal';
 
 window.Terminal = Terminal;
 
-$(() => new gl.Terminal({ selector: '#terminal' }));
+export default () => new gl.Terminal({ selector: '#terminal' });

app/assets/javascripts/test.js

-$.fx.off = true;

app/assets/javascripts/u2f/authenticate.js

-/* eslint-disable func-names, wrap-iife */
-/* global u2f */
 import _ from 'underscore';
-import isU2FSupported from './util';
+import importU2FLibrary from './util';
 import U2FError from './error';
 
 // Authenticate U2F (universal 2nd factor) devices for users to authenticate with.
@@ -10,6 +8,7 @@ import U2FError from './error';
 // State Flow #2: setup -> in_progress -> error -> setup
 export default class U2FAuthenticate {
   constructor(container, form, u2fParams, fallbackButton, fallbackUI) {
+    this.u2fUtils = null;
     this.container = container;
     this.renderNotSupported = this.renderNotSupported.bind(this);
     this.renderAuthenticated = this.renderAuthenticated.bind(this);
@@ -50,22 +49,23 @@ export default class U2FAuthenticate {
   }
 
   start() {
-    if (isU2FSupported()) {
-      return this.renderInProgress();
-    }
-    return this.renderNotSupported();
+    return importU2FLibrary()
+      .then((utils) => {
+        this.u2fUtils = utils;
+        this.renderInProgress();
+      })
+      .catch(() => this.renderNotSupported());
   }
 
   authenticate() {
-    return u2f.sign(this.appId, this.challenge, this.signRequests, (function (_this) {
-      return function (response) {
+    return this.u2fUtils.sign(this.appId, this.challenge, this.signRequests,
+      (response) => {
         if (response.errorCode) {
           const error = new U2FError(response.errorCode, 'authenticate');
-          return _this.renderError(error);
+          return this.renderError(error);
         }
-        return _this.renderAuthenticated(JSON.stringify(response));
-      };
-    })(this), 10);
+        return this.renderAuthenticated(JSON.stringify(response));
+      }, 10);
   }
 
   renderTemplate(name, params) {

app/assets/javascripts/u2f/register.js

-/* eslint-disable func-names, wrap-iife */
-/* global u2f */
-
 import _ from 'underscore';
-import isU2FSupported from './util';
+import importU2FLibrary from './util';
 import U2FError from './error';
 
 // Register U2F (universal 2nd factor) devices for users to authenticate with.
@@ -11,6 +8,7 @@ import U2FError from './error';
 // State Flow #2: setup -> in_progress -> error -> setup
 export default class U2FRegister {
   constructor(container, u2fParams) {
+    this.u2fUtils = null;
     this.container = container;
     this.renderNotSupported = this.renderNotSupported.bind(this);
     this.renderRegistered = this.renderRegistered.bind(this);
@@ -34,22 +32,23 @@ export default class U2FRegister {
   }
 
   start() {
-    if (isU2FSupported()) {
-      return this.renderSetup();
-    }
-    return this.renderNotSupported();
+    return importU2FLibrary()
+      .then((utils) => {
+        this.u2fUtils = utils;
+        this.renderSetup();
+      })
+      .catch(() => this.renderNotSupported());
   }
 
   register() {
-    return u2f.register(this.appId, this.registerRequests, this.signRequests, (function (_this) {
-      return function (response) {
+    return this.u2fUtils.register(this.appId, this.registerRequests, this.signRequests,
+      (response) => {
         if (response.errorCode) {
           const error = new U2FError(response.errorCode, 'register');
-          return _this.renderError(error);
+          return this.renderError(error);
         }
-        return _this.renderRegistered(JSON.stringify(response));
-      };
-    })(this), 10);
+        return this.renderRegistered(JSON.stringify(response));
+      }, 10);
   }
 
   renderTemplate(name, params) {

app/assets/javascripts/u2f/util.js

-export default function isU2FSupported() {
-  return window.u2f;
+function isOpera(userAgent) {
+  return userAgent.indexOf('Opera') >= 0 || userAgent.indexOf('OPR') >= 0;
+}
+
+function getOperaVersion(userAgent) {
+  const match = userAgent.match(/OPR[^0-9]*([0-9]+)[^0-9]+/);
+  return match ? parseInt(match[1], 10) : false;
+}
+
+function isChrome(userAgent) {
+  return userAgent.indexOf('Chrom') >= 0 && !isOpera(userAgent);
+}
+
+function getChromeVersion(userAgent) {
+  const match = userAgent.match(/Chrom(?:e|ium)\/([0-9]+)\./);
+  return match ? parseInt(match[1], 10) : false;
+}
+
+export function canInjectU2fApi(userAgent) {
+  const isSupportedChrome = isChrome(userAgent) && getChromeVersion(userAgent) >= 41;
+  const isSupportedOpera = isOpera(userAgent) && getOperaVersion(userAgent) >= 40;
+  const isMobile = (
+    userAgent.indexOf('droid') >= 0 ||
+    userAgent.indexOf('CriOS') >= 0 ||
+    /\b(iPad|iPhone|iPod)(?=;)/.test(userAgent)
+  );
+  return (isSupportedChrome || isSupportedOpera) && !isMobile;
+}
+
+export default function importU2FLibrary() {
+  if (window.u2f) {
+    return Promise.resolve(window.u2f);
+  }
+
+  const userAgent = typeof navigator !== 'undefined' ? navigator.userAgent : '';
+  if (canInjectU2fApi(userAgent) || (gon && gon.test_env)) {
+    return import(/* webpackMode: "eager" */ 'vendor/u2f').then(() => window.u2f);
+  }
+
+  return Promise.reject();
 }

app/assets/javascripts/vue_shared/components/clipboard_button.vue

@@ -28,6 +28,11 @@
         required: false,
         default: false,
       },
+      cssClass: {
+        type: String,
+        required: false,
+        default: 'btn btn-default btn-transparent btn-clipboard',
+      },
     },
   };
 </script>
@@ -35,7 +40,7 @@
 <template>
   <button
     type="button"
-    class="btn btn-transparent btn-clipboard"
+    :class="cssClass"
     :title="title"
     :data-clipboard-text="text"
     v-tooltip

app/controllers/concerns/issuable_collections.rb

@@ -17,7 +17,7 @@ module IssuableCollections
     set_pagination
     return if redirect_out_of_range(@total_pages)
 
-    if params[:label_name].present?
+    if params[:label_name].present? && @project
       labels_params = { project_id: @project.id, title: params[:label_name] }
       @labels = LabelsFinder.new(current_user, labels_params).execute
     end

app/controllers/concerns/uploads_actions.rb

@@ -62,19 +62,27 @@ module UploadsActions
   end
 
   def build_uploader_from_upload
-    return nil unless params[:secret] && params[:filename]
+    return unless uploader = build_uploader
 
-    upload_path = uploader_class.upload_path(params[:secret], params[:filename])
-    upload = Upload.find_by(uploader: uploader_class.to_s, path: upload_path)
+    upload_paths = uploader.upload_paths(params[:filename])
+    upload = Upload.find_by(uploader: uploader_class.to_s, path: upload_paths)
     upload&.build_uploader
   end
 
   def build_uploader_from_params
+    return unless uploader = build_uploader
+
+    uploader.retrieve_from_store!(params[:filename])
+    uploader
+  end
+
+  def build_uploader
+    return unless params[:secret] && params[:filename]
+
     uploader = uploader_class.new(model, secret: params[:secret])
 
-    return nil unless uploader.model_valid?
+    return unless uploader.model_valid?
 
-    uploader.retrieve_from_store!(params[:filename])
     uploader
   end
 

app/controllers/groups/labels_controller.rb

@@ -14,12 +14,13 @@ class Groups::LabelsController < Groups::ApplicationController
       end
 
       format.json do
-        available_labels =
-          if params[:only_group_labels]
-            group.labels
-          else
-            LabelsFinder.new(current_user, group_id: @group.id).execute
-          end
+        available_labels = LabelsFinder.new(
+          current_user,
+          group_id: @group.id,
+          only_group_labels: params[:only_group_labels],
+          include_ancestor_groups: params[:include_ancestor_groups],
+          include_descendant_groups: params[:include_descendant_groups]
+        ).execute
 
         render json: LabelSerializer.new.represent_appearance(available_labels)
       end

app/controllers/projects/clusters_controller.rb

@@ -4,6 +4,7 @@ class Projects::ClustersController < Projects::ApplicationController
   before_action :authorize_create_cluster!, only: [:new]
   before_action :authorize_update_cluster!, only: [:update]
   before_action :authorize_admin_cluster!, only: [:destroy]
+  before_action :update_applications_status, only: [:status]
 
   STATUS_POLLING_INTERVAL = 10_000
 
@@ -101,4 +102,8 @@ class Projects::ClustersController < Projects::ApplicationController
   def authorize_admin_cluster!
     access_denied! unless can?(current_user, :admin_cluster, cluster)
   end
+
+  def update_applications_status
+    @cluster.applications.each(&:schedule_status_update)
+  end
 end

app/controllers/projects/commits_controller.rb

@@ -14,37 +14,31 @@ class Projects::CommitsController < Projects::ApplicationController
     @merge_request = MergeRequestsFinder.new(current_user, project_id: @project.id).execute.opened
       .find_by(source_project: @project, source_branch: @ref, target_branch: @repository.root_ref)
 
-    # https://gitlab.com/gitlab-org/gitaly/issues/931
-    Gitlab::GitalyClient.allow_n_plus_1_calls do
-      respond_to do |format|
-        format.html
-        format.atom { render layout: 'xml.atom' }
+    respond_to do |format|
+      format.html
+      format.atom { render layout: 'xml.atom' }
 
-        format.json do
-          pager_json(
-            'projects/commits/_commits',
-            @commits.size,
-            project: @project,
-            ref: @ref)
-        end
+      format.json do
+        pager_json(
+          'projects/commits/_commits',
+          @commits.size,
+          project: @project,
+          ref: @ref)
       end
     end
   end
 
   def signatures
-    # https://gitlab.com/gitlab-org/gitaly/issues/931
-    Gitlab::GitalyClient.allow_n_plus_1_calls do
-      respond_to do |format|
-        format.json do
-          render json: {
-            signatures: @commits.select(&:has_signature?).map do |commit|
-              {
-                commit_sha: commit.sha,
-                html: view_to_html_string('projects/commit/_signature', signature: commit.signature)
-              }
-            end
-          }
-        end
+    respond_to do |format|
+      format.json do
+        render json: {
+          signatures: @commits.select(&:has_signature?).map do |commit|
+            {
+              commit_sha: commit.sha,
+              html: view_to_html_string('projects/commit/_signature', signature: commit.signature)
+            }
+          end
+        }
       end
     end
   end

app/finders/labels_finder.rb

@@ -61,12 +61,20 @@ class LabelsFinder < UnionFinder
 
   def group_ids
     strong_memoize(:group_ids) do
-      group = Group.find(params[:group_id])
-      groups = params[:include_ancestor_groups].present? ? group.self_and_ancestors : [group]
-      groups_user_can_read_labels(groups).map(&:id)
+      groups_user_can_read_labels(groups_to_include).map(&:id)
     end
   end
 
+  def groups_to_include
+    group = Group.find(params[:group_id])
+    groups = [group]
+
+    groups += group.ancestors if params[:include_ancestor_groups].present?
+    groups += group.descendants if params[:include_descendant_groups].present?
+
+    groups
+  end
+
   def group?
     params[:group_id].present?
   end

app/finders/snippets_finder.rb

@@ -58,11 +58,37 @@ class SnippetsFinder < UnionFinder
       .public_or_visible_to_user(current_user)
   end
 
+  # Returns a collection of projects that is either public or visible to the
+  # logged in user.
+  #
+  # A caller must pass in a block to modify individual parts of
+  # the query, e.g. to apply .with_feature_available_for_user on top of it.
+  # This is useful for performance as we can stick those additional filters
+  # at the bottom of e.g. the UNION.
+  def projects_for_user
+    return yield(Project.public_to_user) unless current_user
+
+    # If the current_user is allowed to see all projects,
+    # we can shortcut and just return.
+    return yield(Project.all) if current_user.full_private_access?
+
+    authorized_projects = yield(Project.where('EXISTS (?)', current_user.authorizations_for_projects))
+
+    levels = Gitlab::VisibilityLevel.levels_for_user(current_user)
+    visible_projects = yield(Project.where(visibility_level: levels))
+
+    # We use a UNION here instead of OR clauses since this results in better
+    # performance.
+    union = Gitlab::SQL::Union.new([authorized_projects.select('projects.id'), visible_projects.select('projects.id')])
+
+    Project.from("(#{union.to_sql}) AS #{Project.table_name}")
+  end
+
   def feature_available_projects
     # Don't return any project related snippets if the user cannot read cross project
     return table[:id].eq(nil) unless Ability.allowed?(current_user, :read_cross_project)
 
-    projects = Project.public_or_visible_to_user(current_user, use_where_in: false) do |part|
+    projects = projects_for_user do |part|
       part.with_feature_available_for_user(:snippets, current_user)
     end.select(:id)
 

app/helpers/u2f_helper.rb

-module U2fHelper
-  def inject_u2f_api?
-    ((browser.chrome? && browser.version.to_i >= 41) || (browser.opera? && browser.version.to_i >= 40)) && !browser.device.mobile?
-  end
-end

app/models/clusters/applications/helm.rb

@@ -15,7 +15,7 @@ module Clusters
       end
 
       def install_command
-        Gitlab::Kubernetes::Helm::InstallCommand.new(name, install_helm: true)
+        Gitlab::Kubernetes::Helm::InitCommand.new(name)
       end
     end
   end

app/models/clusters/applications/ingress.rb

@@ -5,6 +5,8 @@ module Clusters
 
       include ::Clusters::Concerns::ApplicationCore
       include ::Clusters::Concerns::ApplicationStatus
+      include ::Clusters::Concerns::ApplicationData
+      include AfterCommitQueue
 
       default_value_for :ingress_type, :nginx
       default_value_for :version, :nginx
@@ -13,16 +15,34 @@ module Clusters
         nginx: 1
       }
 
+      FETCH_IP_ADDRESS_DELAY = 30.seconds
+
+      state_machine :status do
+        before_transition any => [:installed] do |application|
+          application.run_after_commit do
+            ClusterWaitForIngressIpAddressWorker.perform_in(
+              FETCH_IP_ADDRESS_DELAY, application.name, application.id)
+          end
+        end
+      end
+
       def chart
         'stable/nginx-ingress'
       end
 
-      def chart_values_file
-        "#{Rails.root}/vendor/#{name}/values.yaml"
+      def install_command
+        Gitlab::Kubernetes::Helm::InstallCommand.new(
+          name,
+          chart: chart,
+          values: values
+        )
       end
 
-      def install_command
-        Gitlab::Kubernetes::Helm::InstallCommand.new(name, chart: chart, chart_values_file: chart_values_file)
+      def schedule_status_update
+        return unless installed?
+        return if external_ip
+
+        ClusterWaitForIngressIpAddressWorker.perform_async(name, id)
       end
     end
   end

app/models/clusters/applications/prometheus.rb

@@ -7,6 +7,7 @@ module Clusters
 
       include ::Clusters::Concerns::ApplicationCore
       include ::Clusters::Concerns::ApplicationStatus
+      include ::Clusters::Concerns::ApplicationData
 
       default_value_for :version, VERSION
 
@@ -30,12 +31,12 @@ module Clusters
         80
       end
 
-      def chart_values_file
-        "#{Rails.root}/vendor/#{name}/values.yaml"
-      end
-
       def install_command
-        Gitlab::Kubernetes::Helm::InstallCommand.new(name, chart: chart, chart_values_file: chart_values_file)
+        Gitlab::Kubernetes::Helm::InstallCommand.new(
+          name,
+          chart: chart,
+          values: values
+        )
       end
 
       def proxy_client

app/models/clusters/applications/runner.rb

+module Clusters
+  module Applications
+    class Runner < ActiveRecord::Base
+      VERSION = '0.1.13'.freeze
+
+      self.table_name = 'clusters_applications_runners'
+
+      include ::Clusters::Concerns::ApplicationCore
+      include ::Clusters::Concerns::ApplicationStatus
+      include ::Clusters::Concerns::ApplicationData
+
+      belongs_to :runner, class_name: 'Ci::Runner', foreign_key: :runner_id
+      delegate :project, to: :cluster
+
+      default_value_for :version, VERSION
+
+      def chart
+        "#{name}/gitlab-runner"
+      end
+
+      def repository
+        'https://charts.gitlab.io'
+      end
+
+      def values
+        content_values.to_yaml
+      end
+
+      def install_command
+        Gitlab::Kubernetes::Helm::InstallCommand.new(
+          name,
+          chart: chart,
+          values: values,
+          repository: repository
+        )
+      end
+
+      private
+
+      def ensure_runner
+        runner || create_and_assign_runner
+      end
+
+      def create_and_assign_runner
+        transaction do
+          project.runners.create!(name: 'kubernetes-cluster', tag_list: %w(kubernetes cluster)).tap do |runner|
+            update!(runner_id: runner.id)
+          end
+        end
+      end
+
+      def gitlab_url
+        Gitlab::Routing.url_helpers.root_url(only_path: false)
+      end
+
+      def specification
+        {
+          "gitlabUrl" => gitlab_url,
+          "runnerToken" => ensure_runner.token
+        }
+      end
+
+      def content_values
+        specification.merge(YAML.load_file(chart_values_file))
+      end
+    end
+  end
+end

app/models/clusters/cluster.rb

@@ -8,7 +8,8 @@ module Clusters
     APPLICATIONS = {
       Applications::Helm.application_name => Applications::Helm,
       Applications::Ingress.application_name => Applications::Ingress,
-      Applications::Prometheus.application_name => Applications::Prometheus
+      Applications::Prometheus.application_name => Applications::Prometheus,
+      Applications::Runner.application_name => Applications::Runner
     }.freeze
 
     belongs_to :user
@@ -24,6 +25,7 @@ module Clusters
     has_one :application_helm, class_name: 'Clusters::Applications::Helm'
     has_one :application_ingress, class_name: 'Clusters::Applications::Ingress'
     has_one :application_prometheus, class_name: 'Clusters::Applications::Prometheus'
+    has_one :application_runner, class_name: 'Clusters::Applications::Runner'
 
     accepts_nested_attributes_for :provider_gcp, update_only: true
     accepts_nested_attributes_for :platform_kubernetes, update_only: true
@@ -70,7 +72,8 @@ module Clusters
       [
         application_helm || build_application_helm,
         application_ingress || build_application_ingress,
-        application_prometheus || build_application_prometheus
+        application_prometheus || build_application_prometheus,
+        application_runner || build_application_runner
       ]
     end
 

app/models/clusters/concerns/application_core.rb

@@ -23,6 +23,11 @@ module Clusters
         def name
           self.class.application_name
         end
+
+        def schedule_status_update
+          # Override if you need extra data synchronized
+          # from K8s after installation
+        end
       end
     end
   end

app/models/clusters/concerns/application_data.rb

+module Clusters
+  module Concerns
+    module ApplicationData
+      extend ActiveSupport::Concern
+
+      included do
+        def repository
+          nil
+        end
+
+        def values
+          File.read(chart_values_file)
+        end
+
+        private
+
+        def chart_values_file
+          "#{Rails.root}/vendor/#{name}/values.yaml"
+        end
+      end
+    end
+  end
+end

app/models/commit.rb

@@ -19,6 +19,7 @@ class Commit
   attr_accessor :project, :author
   attr_accessor :redacted_description_html
   attr_accessor :redacted_title_html
+  attr_reader :gpg_commit
 
   DIFF_SAFE_LINES = Gitlab::Git::DiffCollection::DEFAULT_LIMITS[:max_lines]
 
@@ -110,6 +111,7 @@ class Commit
     @raw = raw_commit
     @project = project
     @statuses = {}
+    @gpg_commit = Gitlab::Gpg::Commit.new(self) if project
   end
 
   def id
@@ -452,8 +454,4 @@ class Commit
   def merged_merge_request_no_cache(user)
     MergeRequestsFinder.new(user, project_id: project.id).find_by(merge_commit_sha: id) if merge_commit?
   end
-
-  def gpg_commit
-    @gpg_commit ||= Gitlab::Gpg::Commit.new(self)
-  end
 end

app/models/commit_status.rb

@@ -141,7 +141,7 @@ class CommitStatus < ActiveRecord::Base
   end
 
   def group_name
-    name.to_s.gsub(%r{\d+[\s:/\\]+\d+\s*}, '').strip
+    name.to_s.gsub(%r{\d+[\.\s:/\\]+\d+\s*}, '').strip
   end
 
   def failed_but_allowed?

app/models/cycle_analytics.rb

@@ -6,6 +6,12 @@ class CycleAnalytics
     @options = options
   end
 
+  def all_medians_per_stage
+    STAGES.each_with_object({}) do |stage_name, medians_per_stage|
+      medians_per_stage[stage_name] = self[stage_name].median
+    end
+  end
+
   def summary
     @summary ||= ::Gitlab::CycleAnalytics::StageSummary.new(@project,
                                                             from: @options[:from],

app/models/project.rb

@@ -322,42 +322,13 @@ class Project < ActiveRecord::Base
 
   # Returns a collection of projects that is either public or visible to the
   # logged in user.
-  #
-  # A caller may pass in a block to modify individual parts of
-  # the query, e.g. to apply .with_feature_available_for_user on top of it.
-  # This is useful for performance as we can stick those additional filters
-  # at the bottom of e.g. the UNION.
-  #
-  # Optionally, turning `use_where_in` off leads to returning a
-  # relation using #from instead of #where. This can perform much better
-  # but leads to trouble when used in conjunction with AR's #merge method.
-  def self.public_or_visible_to_user(user = nil, use_where_in: true, &block)
-    # If we don't get a block passed, use identity to avoid if/else repetitions
-    block = ->(part) { part } unless block_given?
-
-    return block.call(public_to_user) unless user
-
-    # If the user is allowed to see all projects,
-    # we can shortcut and just return.
-    return block.call(all) if user.full_private_access?
-
-    authorized = user
-      .project_authorizations
-      .select(1)
-      .where('project_authorizations.project_id = projects.id')
-    authorized_projects = block.call(where('EXISTS (?)', authorized))
-
-    levels = Gitlab::VisibilityLevel.levels_for_user(user)
-    visible_projects = block.call(where(visibility_level: levels))
-
-    # We use a UNION here instead of OR clauses since this results in better
-    # performance.
-    union = Gitlab::SQL::Union.new([authorized_projects.select('projects.id'), visible_projects.select('projects.id')])
-
-    if use_where_in
-      where("projects.id IN (#{union.to_sql})") # rubocop:disable GitlabSecurity/SqlInjection
+  def self.public_or_visible_to_user(user = nil)
+    if user
+      where('EXISTS (?) OR projects.visibility_level IN (?)',
+            user.authorizations_for_projects,
+            Gitlab::VisibilityLevel.levels_for_user(user))
     else
-      from("(#{union.to_sql}) AS #{table_name}")
+      public_to_user
     end
   end
 
@@ -376,14 +347,11 @@ class Project < ActiveRecord::Base
     elsif user
       column = ProjectFeature.quoted_access_level_column(feature)
 
-      authorized = user.project_authorizations.select(1)
-        .where('project_authorizations.project_id = projects.id')
-
       with_project_feature
         .where("#{column} IN (?) OR (#{column} = ? AND EXISTS (?))",
               visible,
               ProjectFeature::PRIVATE,
-              authorized)
+              user.authorizations_for_projects)
     else
       with_feature_access_level(feature, visible)
     end

app/models/project_services/chat_notification_service.rb

@@ -99,7 +99,7 @@ class ChatNotificationService < Service
   def get_message(object_kind, data)
     case object_kind
     when "push", "tag_push"
-      ChatMessage::PushMessage.new(data)
+      ChatMessage::PushMessage.new(data) if notify_for_ref?(data)
     when "issue"
       ChatMessage::IssueMessage.new(data) unless update?(data)
     when "merge_request"
@@ -145,10 +145,16 @@ class ChatNotificationService < Service
   end
 
   def notify_for_ref?(data)
-    return true if data[:object_attributes][:tag]
+    return true if data.dig(:object_attributes, :tag)
     return true unless notify_only_default_branch?
 
-    data[:object_attributes][:ref] == project.default_branch
+    ref = if data[:ref]
+            Gitlab::Git.ref_name(data[:ref])
+          else
+            data.dig(:object_attributes, :ref)
+          end
+
+    ref == project.default_branch
   end
 
   def notify_for_pipeline?(data)

app/models/repository.rb

@@ -597,15 +597,7 @@ class Repository
   def license_key
     return unless exists?
 
-    # The licensee gem creates a Rugged object from the path:
-    # https://github.com/benbalter/licensee/blob/v8.7.0/lib/licensee/projects/git_project.rb
-    begin
-      Licensee.license(path).try(:key)
-    # Normally we would rescue Rugged::Error, but that is banned by lint-rugged
-    # and we need to migrate this endpoint to Gitaly:
-    # https://gitlab.com/gitlab-org/gitaly/issues/1026
-    rescue
-    end
+    raw_repository.license_short_name
   end
   cache_method :license_key
 

app/models/user.rb

@@ -619,6 +619,15 @@ class User < ActiveRecord::Base
     authorized_projects(min_access_level).exists?({ id: project.id })
   end
 
+  # Typically used in conjunction with projects table to get projects
+  # a user has been given access to.
+  #
+  # Example use:
+  # `Project.where('EXISTS(?)', user.authorizations_for_projects)`
+  def authorizations_for_projects
+    project_authorizations.select(1).where('project_authorizations.project_id = projects.id')
+  end
+
   # Returns the projects this user has reporter (or greater) access to, limited
   # to at most the given projects.
   #

app/serializers/analytics_stage_entity.rb

@@ -7,6 +7,7 @@ class AnalyticsStageEntity < Grape::Entity
   expose :description
 
   expose :median, as: :value do |stage|
-    stage.median && !stage.median.zero? ? distance_of_time_in_words(stage.median) : nil
+    # median returns a BatchLoader instance which we first have to unwrap by using to_i
+    !stage.median.to_i.zero? ? distance_of_time_in_words(stage.median) : nil
   end
 end

app/serializers/cluster_application_entity.rb

@@ -2,4 +2,5 @@ class ClusterApplicationEntity < Grape::Entity
   expose :name
   expose :status_name, as: :status
   expose :status_reason
+  expose :external_ip, if: -> (e, _) { e.respond_to?(:external_ip) }
 end

app/services/clusters/applications/check_ingress_ip_address_service.rb

+module Clusters
+  module Applications
+    class CheckIngressIpAddressService < BaseHelmService
+      include Gitlab::Utils::StrongMemoize
+
+      Error = Class.new(StandardError)
+
+      LEASE_TIMEOUT = 15.seconds.to_i
+
+      def execute
+        return if app.external_ip
+        return unless try_obtain_lease
+
+        app.update!(external_ip: ingress_ip) if ingress_ip
+      end
+
+      private
+
+      def try_obtain_lease
+        Gitlab::ExclusiveLease
+          .new("check_ingress_ip_address_service:#{app.id}", timeout: LEASE_TIMEOUT)
+          .try_obtain
+      end
+
+      def ingress_ip
+        service.status.loadBalancer.ingress&.first&.ip
+      end
+
+      def service
+        strong_memoize(:ingress_service) do
+          kubeclient.get_service('ingress-nginx-ingress-controller', Gitlab::Kubernetes::Helm::NAMESPACE)
+        end
+      end
+    end
+  end
+end

app/uploaders/file_uploader.rb

@@ -32,8 +32,11 @@ class FileUploader < GitlabUploader
     )
   end
 
-  def self.base_dir(model)
-    model_path_segment(model)
+  def self.base_dir(model, store = Store::LOCAL)
+    decorated_model = model
+    decorated_model = Storage::HashedProject.new(model) if store == Store::REMOTE
+
+    model_path_segment(decorated_model)
   end
 
   # used in migrations and import/exports
@@ -51,21 +54,24 @@ class FileUploader < GitlabUploader
   #
   # Returns a String without a trailing slash
   def self.model_path_segment(model)
-    if model.hashed_storage?(:attachments)
-      model.disk_path
+    case model
+    when Storage::HashedProject then model.disk_path
     else
-      model.full_path
+      model.hashed_storage?(:attachments) ? model.disk_path : model.full_path
     end
   end
 
-  def self.upload_path(secret, identifier)
-    File.join(secret, identifier)
-  end
-
   def self.generate_secret
     SecureRandom.hex
   end
 
+  def upload_paths(filename)
+    [
+      File.join(secret, filename),
+      File.join(base_dir(Store::REMOTE), secret, filename)
+    ]
+  end
+
   attr_accessor :model
 
   def initialize(model, mounted_as = nil, **uploader_context)
@@ -75,8 +81,10 @@ class FileUploader < GitlabUploader
     apply_context!(uploader_context)
   end
 
-  def base_dir
-    self.class.base_dir(@model)
+  # enforce the usage of Hashed storage when storing to
+  # remote store as the FileMover doesn't support OS
+  def base_dir(store = nil)
+    self.class.base_dir(@model, store || object_store)
   end
 
   # we don't need to know the actual path, an uploader instance should be
@@ -86,15 +94,19 @@ class FileUploader < GitlabUploader
   end
 
   def upload_path
-    self.class.upload_path(dynamic_segment, identifier)
-  end
-
-  def model_path_segment
-    self.class.model_path_segment(@model)
+    if file_storage?
+      # Legacy path relative to project.full_path
+      File.join(dynamic_segment, identifier)
+    else
+      File.join(store_dir, identifier)
+    end
   end
 
-  def store_dir
-    File.join(base_dir, dynamic_segment)
+  def store_dirs
+    {
+      Store::LOCAL => File.join(base_dir, dynamic_segment),
+      Store::REMOTE => File.join(base_dir(ObjectStorage::Store::REMOTE), dynamic_segment)
+    }
   end
 
   def markdown_link

app/uploaders/namespace_file_uploader.rb

@@ -4,7 +4,7 @@ class NamespaceFileUploader < FileUploader
     options.storage_path
   end
 
-  def self.base_dir(model)
+  def self.base_dir(model, _store = nil)
     File.join(options.base_dir, 'namespace', model_path_segment(model))
   end
 
@@ -20,7 +20,7 @@ class NamespaceFileUploader < FileUploader
   def store_dirs
     {
       Store::LOCAL => File.join(base_dir, dynamic_segment),
-      Store::REMOTE => File.join('namespace', model_path_segment, dynamic_segment)
+      Store::REMOTE => File.join('namespace', self.class.model_path_segment(model), dynamic_segment)
     }
   end
 end

app/uploaders/personal_file_uploader.rb

@@ -4,7 +4,7 @@ class PersonalFileUploader < FileUploader
     options.storage_path
   end
 
-  def self.base_dir(model)
+  def self.base_dir(model, _store = nil)
     File.join(options.base_dir, model_path_segment(model))
   end
 
@@ -34,7 +34,7 @@ class PersonalFileUploader < FileUploader
   def store_dirs
     {
       Store::LOCAL => File.join(base_dir, dynamic_segment),
-      Store::REMOTE => File.join(model_path_segment, dynamic_segment)
+      Store::REMOTE => File.join(self.class.model_path_segment(model), dynamic_segment)
     }
   end
 

app/views/admin/application_settings/_form.html.haml

@@ -706,15 +706,15 @@
         .checkbox
           = f.label :usage_ping_enabled do
             = f.check_box :usage_ping_enabled, disabled: !can_be_configured
-            Usage ping enabled
-            = link_to icon('question-circle'), help_page_path("user/admin_area/settings/usage_statistics", anchor: "usage-ping")
+            Enable usage ping
           .help-block
             - if can_be_configured
-              Every week GitLab will report license usage back to GitLab, Inc.
-              Disable this option if you do not want this to occur. To see the
-              JSON payload that will be sent, visit the
-              = succeed '.' do
-                = link_to "Cohorts page", admin_cohorts_path(anchor: 'usage-ping')
+              To help improve GitLab and its user experience, GitLab will
+              periodically collect usage information.
+              = link_to 'Learn more', help_page_path("user/admin_area/settings/usage_statistics", anchor: "usage-ping")
+              about what information is shared with GitLab Inc. Visit
+              = link_to 'Cohorts', admin_cohorts_path(anchor: 'usage-ping')
+              to see the JSON payload sent.
             - else
               The usage ping is disabled, and cannot be configured through this
               form. For more information, see the documentation on

app/views/devise/sessions/two_factor.html.haml

-- if inject_u2f_api?
-  - content_for :page_specific_javascripts do
-    = webpack_bundle_tag('u2f')
-
 %div
   = render 'devise/shared/tab_single', tab_title: 'Two-Factor Authentication'
   .login-box

app/views/layouts/_head.html.haml

@@ -42,7 +42,6 @@
   = webpack_bundle_tag "common"
   = webpack_bundle_tag "main"
   = webpack_bundle_tag "raven" if Gitlab::CurrentSettings.clientside_sentry_enabled
-  = webpack_bundle_tag "test" if Rails.env.test?
 
   - if content_for?(:page_specific_javascripts)
     = yield :page_specific_javascripts

app/views/profiles/two_factor_auths/show.html.haml

@@ -2,12 +2,6 @@
 - add_to_breadcrumbs("Two-Factor Authentication", profile_account_path)
 - @content_class = "limit-container-width" unless fluid_layout
 
-
-- content_for :page_specific_javascripts do
-  - if inject_u2f_api?
-    = webpack_bundle_tag('u2f')
-  = webpack_bundle_tag('two_factor_auth')
-
 .js-two-factor-auth{ 'data-two-factor-skippable' => "#{two_factor_skippable?}", 'data-two_factor_skip_url' => skip_profile_two_factor_auth_path }
   .row.prepend-top-default
     .col-lg-4

app/views/projects/_issuable_by_email.html.haml

@@ -18,7 +18,14 @@
         .email-modal-input-group.input-group
           = text_field_tag :issuable_email, email, class: "monospace js-select-on-focus form-control", readonly: true
           .input-group-btn
-            = clipboard_button(target: '#issuable_email')
+            = clipboard_button(target: '#issuable_email', class: 'btn btn-clipboard btn-transparent hidden-xs')
+            = mail_to email, class: 'btn btn-clipboard btn-transparent',
+              subject: _("Enter the #{name} title"),
+              body: _("Enter the #{name} description"),
+              title: _('Send email'),
+              data: { toggle: 'tooltip', placement: 'bottom' } do
+              = sprite_icon('mail')
+
         %p
           = render 'by_email_description'
         %p

app/views/projects/clusters/show.html.haml

@@ -10,11 +10,13 @@
   install_helm_path: install_applications_namespace_project_cluster_path(@cluster.project.namespace, @cluster.project, @cluster, :helm),
   install_ingress_path: install_applications_namespace_project_cluster_path(@cluster.project.namespace, @cluster.project, @cluster, :ingress),
   install_prometheus_path: install_applications_namespace_project_cluster_path(@cluster.project.namespace, @cluster.project, @cluster, :prometheus),
+  install_runner_path: install_applications_namespace_project_cluster_path(@cluster.project.namespace, @cluster.project, @cluster, :runner),
   toggle_status: @cluster.enabled? ? 'true': 'false',
   cluster_status: @cluster.status_name,
   cluster_status_reason: @cluster.status_reason,
   help_path: help_page_path('user/project/clusters/index.md', anchor: 'installing-applications'),
   ingress_help_path: help_page_path('user/project/clusters/index.md', anchor: 'getting-the-external-ip-address'),
+  ingress_dns_help_path: help_page_path('topics/autodevops/quick_start_guide.md', anchor: 'point-dns-at-cluster-ip'),
   manage_prometheus_path: edit_project_service_path(@cluster.project, 'prometheus') } }
 
   .js-cluster-application-notice

app/views/projects/environments/terminal.html.haml

@@ -3,7 +3,6 @@
 
 - content_for :page_specific_javascripts do
   = stylesheet_link_tag "xterm/xterm"
-  = webpack_bundle_tag("terminal")
 
 %div{ class: container_class }
   .top-area

app/views/projects/merge_requests/show.html.haml

@@ -5,9 +5,6 @@
 - page_title "#{@merge_request.title} (#{@merge_request.to_reference})", "Merge Requests"
 - page_description @merge_request.description
 - page_card_attributes @merge_request.card_attributes
-- if has_vue_discussions_cookie?
-  - content_for :page_specific_javascripts do
-    = webpack_bundle_tag('mr_notes')
 
 .merge-request{ data: { mr_action: j(params[:tab].presence || 'show'), url: merge_request_path(@merge_request, format: :json), project_path: project_path(@merge_request.project) } }
   = render "projects/merge_requests/mr_title"

app/workers/all_queues.yml

@@ -24,6 +24,7 @@
 - gcp_cluster:cluster_wait_for_app_installation
 - gcp_cluster:wait_for_cluster_creation
 - gcp_cluster:check_gcp_project_billing
+- gcp_cluster:cluster_wait_for_ingress_ip_address
 
 - github_import_advance_stage
 - github_importer:github_import_import_diff_note

app/workers/cluster_wait_for_ingress_ip_address_worker.rb

+class ClusterWaitForIngressIpAddressWorker
+  include ApplicationWorker
+  include ClusterQueue
+  include ClusterApplications
+
+  def perform(app_name, app_id)
+    find_application(app_name, app_id) do |app|
+      Clusters::Applications::CheckIngressIpAddressService.new(app).execute
+    end
+  end
+end

changelogs/unreleased/30665-add-email-button-to-new-issue-by-email.yml

+---
+title: Add email button to new issue by email
+merge_request: 10942
+author: Islam Wazery

changelogs/unreleased/32831-single-deploy-of-runner-in-k8s-cluster.yml

+---
+title: Allow installation of GitLab Runner with a single click
+merge_request: 17134
+author:
+type: added

changelogs/unreleased/33570-slack-notify-default-branch.yml

+---
+title: Fix Slack/Mattermost notifications not respecting `notify_only_default_branch` setting for pushes
+merge_request: 17345
+author:
+type: fixed

changelogs/unreleased/41777-include-cycle-time-in-usage-ping.yml

+---
+title: Include cycle time in usage ping data
+merge_request: 16973
+author:
+type: added

changelogs/unreleased/41905_merge_request_and_issue_metrics.yml

+---
+title: expose more metrics in merge requests api
+merge_request: 16589
+author: haseebeqx
+type: added

changelogs/unreleased/42643-persist-external-ip-of-ingress-controller-gke.yml

+---
+title: Display ingress IP address in the Kubernetes page
+merge_request: 17052
+author:
+type: added

changelogs/unreleased/revert-project-visibility-changes.yml

+---
+title: Revert Project.public_or_visible_to_user changes and only apply to snippets
+merge_request:
+author:
+type: fixed

changelogs/unreleased/zj-version-string-grouping-ci.yml

+---
+title: Allow CI/CD Jobs being grouped on version strings
+merge_request:
+author:
+type: added

config/webpack.config.js

@@ -48,27 +48,16 @@ function generateEntries() {
   autoEntriesCount = Object.keys(autoEntries).length;
 
   const manualEntries = {
-    monitoring:           './monitoring/monitoring_bundle.js',
-    mr_notes:             './mr_notes/index.js',
-    terminal:             './terminal/terminal_bundle.js',
-    two_factor_auth:      './two_factor_auth.js',
-
     common:               './commons/index.js',
     common_vue:           './vue_shared/vue_resource_interceptor.js',
     locale:               './locale/index.js',
     main:                 './main.js',
     raven:                './raven/index.js',
-    test:                 './test.js',
-    u2f:                  ['vendor/u2f'],
     webpack_runtime:      './webpack.js',
 
     // EE-only
     ide:                  'ee/ide/index.js',
-    add_gitlab_slack_application: 'ee/add_gitlab_slack_application/index.js',
-    burndown_chart:       'ee/burndown_chart/index.js',
     geo_nodes:            'ee/geo_nodes',
-    ldap_group_links:     'ee/groups/ldap_group_links.js',
-    mirrors:              'ee/mirrors',
     service_desk:         'ee/projects/settings_service_desk/service_desk_bundle.js',
   };
 

db/migrate/20180212030105_add_external_ip_to_clusters_applications_ingress.rb

+class AddExternalIpToClustersApplicationsIngress < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def change
+    add_column :clusters_applications_ingress, :external_ip, :string
+  end
+end

db/migrate/20180214155405_create_clusters_applications_runners.rb

+class CreateClustersApplicationsRunners < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    create_table :clusters_applications_runners do |t|
+      t.references :cluster, null: false, foreign_key: { on_delete: :cascade }
+      t.references :runner, references: :ci_runners
+      t.index :runner_id
+      t.index :cluster_id, unique: true
+      t.integer :status, null: false
+      t.timestamps_with_timezone null: false
+      t.string :version, null: false
+      t.text :status_reason
+    end
+
+    add_concurrent_foreign_key :clusters_applications_runners, :ci_runners,
+      column: :runner_id,
+      on_delete: :nullify
+  end
+
+  def down
+    if foreign_keys_for(:clusters_applications_runners, :runner_id).any?
+      remove_foreign_key :clusters_applications_runners, column: :runner_id
+    end
+
+    drop_table :clusters_applications_runners
+  end
+end

db/schema.rb

@@ -665,6 +665,7 @@ ActiveRecord::Schema.define(version: 20180301084653) do
     t.string "version", null: false
     t.string "cluster_ip"
     t.text "status_reason"
+    t.string "external_ip"
   end
 
   create_table "clusters_applications_prometheus", force: :cascade do |t|
@@ -676,6 +677,19 @@ ActiveRecord::Schema.define(version: 20180301084653) do
     t.datetime_with_timezone "updated_at", null: false
   end
 
+  create_table "clusters_applications_runners", force: :cascade do |t|
+    t.integer "cluster_id", null: false
+    t.integer "runner_id"
+    t.integer "status", null: false
+    t.datetime_with_timezone "created_at", null: false
+    t.datetime_with_timezone "updated_at", null: false
+    t.string "version", null: false
+    t.text "status_reason"
+  end
+
+  add_index "clusters_applications_runners", ["cluster_id"], name: "index_clusters_applications_runners_on_cluster_id", unique: true, using: :btree
+  add_index "clusters_applications_runners", ["runner_id"], name: "index_clusters_applications_runners_on_runner_id", using: :btree
+
   create_table "container_repositories", force: :cascade do |t|
     t.integer "project_id", null: false
     t.string "name", null: false
@@ -2530,6 +2544,8 @@ ActiveRecord::Schema.define(version: 20180301084653) do
   add_foreign_key "clusters", "users", on_delete: :nullify
   add_foreign_key "clusters_applications_helm", "clusters", on_delete: :cascade
   add_foreign_key "clusters_applications_ingress", "clusters", on_delete: :cascade
+  add_foreign_key "clusters_applications_runners", "ci_runners", column: "runner_id", name: "fk_02de2ded36", on_delete: :nullify
+  add_foreign_key "clusters_applications_runners", "clusters", on_delete: :cascade
   add_foreign_key "container_repositories", "projects"
   add_foreign_key "deploy_keys_projects", "projects", name: "fk_58a901ca7e", on_delete: :cascade
   add_foreign_key "deployments", "projects", name: "fk_b9a3851b82", on_delete: :cascade

doc/administration/index.md

@@ -89,18 +89,24 @@ created in snippets, wikis, and repos.
 - [Authentication/Authorization](../topics/authentication/index.md#gitlab-administrators): Enforce 2FA, configure external authentication with LDAP, SAML, CAS and additional Omniauth providers.
   - **(Starter/Premium)** [Sync LDAP](auth/ldap-ee.md)
   - **(Starter/Premium)** [Kerberos authentication](../integration/kerberos.md)
-- [Reply by email](reply_by_email.md): Allow users to comment on issues and merge requests by replying to notification emails.
-  - [Postfix for Reply by email](reply_by_email_postfix_setup.md): Set up a basic Postfix mail
-server with IMAP authentication on Ubuntu, to be used with Reply by email.
 - **(Starter/Premium)** [Email users](../tools/email.md): Email GitLab users from within GitLab.
 - [User Cohorts](../user/admin_area/user_cohorts.md): Display the monthly cohorts of new users and their activities over time.
 - **(Starter/Premium)** [Audit logs and events](audit_events.md): View the changes made within the GitLab server.
 - **(Premium)** [Auditor users](auditor_users.md): Users with read-only access to all projects, groups, and other resources on the GitLab instance.
-- [Reply by email](reply_by_email.md): Allow users to comment on issues and merge requests by replying to notification emails.
-  - [Postfix for Reply by email](reply_by_email_postfix_setup.md): Set up a basic Postfix mail
+- [Incoming email](incoming_email.md): Configure incoming emails to allow
+  users to [reply by email], create [issues by email] and
+  [merge requests by email], and to enable [Service Desk].
+  - [Postfix for incoming email](reply_by_email_postfix_setup.md): Set up a
+  basic Postfix mail server with IMAP authentication on Ubuntu for incoming
+  emails.
 server with IMAP authentication on Ubuntu, to be used with Reply by email.
 - [User Cohorts](../user/admin_area/user_cohorts.md): Display the monthly cohorts of new users and their activities over time.
 
+[reply by email]: reply_by_email.md
+[issues by email]: ../user/project/issues/create_new_issue.md#new-issue-via-email
+[merge requests by email]: ../user/project/merge_requests/index.md#create-new-merge-requests-by-email
+[Service Desk]: ../user/project/service_desk.md
+
 ## Project settings
 
 - [Container Registry](container_registry.md): Configure Container Registry with GitLab.

doc/administration/logs.md

@@ -23,7 +23,7 @@ requests from the API are logged to a separate file in `api_json.log`.
 Each line contains a JSON line that can be ingested by Elasticsearch, Splunk, etc. For example:
 
 ```json
-{"method":"GET","path":"/gitlab/gitlab-ce/issues/1234","format":"html","controller":"Projects::IssuesController","action":"show","status":200,"duration":229.03,"view":174.07,"db":13.24,"time":"2017-08-08T20:15:54.821Z","params":{"namespace_id":"gitlab","project_id":"gitlab-ce","id":"1234"},"remote_ip":"18.245.0.1","user_id":1,"username":"admin"}
+{"method":"GET","path":"/gitlab/gitlab-ce/issues/1234","format":"html","controller":"Projects::IssuesController","action":"show","status":200,"duration":229.03,"view":174.07,"db":13.24,"time":"2017-08-08T20:15:54.821Z","params":[{"key":"param_key","value":"param_value"}],"remote_ip":"18.245.0.1","user_id":1,"username":"admin","gitaly_calls":76}
 ```
 
 In this example, you can see this was a GET request for a specific issue. Notice each line also contains performance data:
@@ -31,6 +31,7 @@ In this example, you can see this was a GET request for a specific issue. Notice
 1. `duration`: the total time taken to retrieve the request
 2. `view`: total time taken inside the Rails views
 3. `db`: total time to retrieve data from the database
+4. `gitaly_calls`: total number of calls made to Gitaly
 
 User clone/fetch activity using http transport appears in this log as `action: git_upload_pack`.
 

doc/administration/reply_by_email_postfix_setup.md

-# Set up Postfix for Reply by email
+# Set up Postfix for incoming email
 
 This document will take you through the steps of setting up a basic Postfix mail
-server with IMAP authentication on Ubuntu, to be used with [Reply by email].
+server with IMAP authentication on Ubuntu, to be used with [incoming email].
 
 The instructions make the assumption that you will be using the email address `incoming@gitlab.example.com`, that is, username `incoming` on host `gitlab.example.com`. Don't forget to change it to your actual host when executing the example code snippets.
 
@@ -177,12 +177,12 @@ Courier, which we will install later to add IMAP authentication, requires mailbo
     ```sh
     sudo apt-get install courier-imap
     ```
-    
+
     And start `imapd`:
     ```sh
     imapd start
     ```
-    
+
 1. The courier-authdaemon isn't started after installation. Without it, imap authentication will fail:
     ```sh
     sudo service courier-authdaemon start
@@ -329,10 +329,10 @@ Courier, which we will install later to add IMAP authentication, requires mailbo
 
 ## Done!
 
-If all the tests were successful, Postfix is all set up and ready to receive email! Continue with the [Reply by email](./reply_by_email.md) guide to configure GitLab.
+If all the tests were successful, Postfix is all set up and ready to receive email! Continue with the [incoming email] guide to configure GitLab.
 
 ---
 
 _This document was adapted from https://help.ubuntu.com/community/PostfixBasicSetupHowto, by contributors to the Ubuntu documentation wiki._
 
-[reply by email]: reply_by_email.md
+[incoming email]: incoming_email.md

doc/api/merge_requests.md

@@ -263,20 +263,20 @@ Parameters:
   "upvotes": 0,
   "downvotes": 0,
   "author": {
-    "id": 1,
-    "username": "admin",
-    "email": "admin@example.com",
-    "name": "Administrator",
-    "state": "active",
-    "created_at": "2012-04-29T08:46:00Z"
+    "state" : "active",
+    "web_url" : "https://gitlab.example.com/root",
+    "avatar_url" : null,
+    "username" : "root",
+    "id" : 1,
+    "name" : "Administrator"
   },
   "assignee": {
-    "id": 1,
-    "username": "admin",
-    "email": "admin@example.com",
-    "name": "Administrator",
-    "state": "active",
-    "created_at": "2012-04-29T08:46:00Z"
+    "state" : "active",
+    "web_url" : "https://gitlab.example.com/root",
+    "avatar_url" : null,
+    "username" : "root",
+    "id" : 1,
+    "name" : "Administrator"
   },
   "source_project_id": 2,
   "target_project_id": 3,
@@ -312,7 +312,27 @@ Parameters:
     "human_time_estimate": null,
     "human_total_time_spent": null
   },
-  "approvals_before_merge": null
+  "approvals_before_merge": null,
+  "closed_at": "2018-01-19T14:36:11.086Z",
+  "latest_build_started_at": null,
+  "latest_build_finished_at": null,
+  "first_deployed_to_production_at": null,
+  "pipeline": {
+    "id": 8,
+    "ref": "master",
+    "sha": "2dc6aa325a317eda67812f05600bdf0fcdc70ab0",
+    "status": "created"
+  },
+  "merged_by": null,
+  "merged_at": null,
+  "closed_by": {
+    "state" : "active",
+    "web_url" : "https://gitlab.example.com/root",
+    "avatar_url" : null,
+    "username" : "root",
+    "id" : 1,
+    "name" : "Administrator"
+  }
 }
 ```
 

doc/ci/pipelines.md

@@ -121,8 +121,9 @@ The basic requirements is that there are two numbers separated with one of
 the following (you can even use them interchangeably):
 
 - a space
-- a backslash (`/`)
+- a forward slash (`/`)
 - a colon (`:`)
+- a dot (`.`)
 
 >**Note:**
 More specifically, [it uses][regexp] this regular expression: `\d+[\s:\/\\]+\d+\s*`.

doc/development/database_debugging.md

@@ -53,3 +53,38 @@ bundle exec rails db RAILS_ENV=development
  - `CREATE TABLE board_labels();`: Create a table called `board_labels`
  - `SELECT * FROM schema_migrations WHERE version = '20170926203418';`: Check if a migration was run
  - `DELETE FROM schema_migrations WHERE version = '20170926203418';`: Manually remove a migration
+
+
+## FAQ
+
+### `ActiveRecord::PendingMigrationError` with Spring
+
+When running specs with the [Spring preloader](./rake_tasks.md#speed-up-tests-rake-tasks-and-migrations),
+the test database can get into a corrupted state. Trying to run the migration or
+dropping/resetting the test database has no effect.
+
+```sh
+$ bundle exec spring rspec some_spec.rb
+...
+Failure/Error: ActiveRecord::Migration.maintain_test_schema!
+
+ActiveRecord::PendingMigrationError:
+
+
+  Migrations are pending. To resolve this issue, run:
+
+    bin/rake db:migrate RAILS_ENV=test
+# ~/.rvm/gems/ruby-2.3.3/gems/activerecord-4.2.10/lib/active_record/migration.rb:392:in `check_pending!'
+...
+0 examples, 0 failures, 1 error occurred outside of examples
+```
+
+To resolve, you can kill the spring server and app that lives between spec runs.
+
+```sh
+$ ps aux | grep spring
+eric             87304   1.3  2.9  3080836 482596   ??  Ss   10:12AM   4:08.36 spring app    | gitlab | started 6 hours ago | test mode
+eric             37709   0.0  0.0  2518640   7524 s006  S    Wed11AM   0:00.79 spring server | gitlab | started 29 hours ago
+$ kill 87304
+$ kill 37709
+```

doc/development/emails.md

@@ -18,6 +18,68 @@ See the [Rails guides] for more info.
 [previews]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/spec/mailers/previews
 [Rails guides]: http://guides.rubyonrails.org/action_mailer_basics.html#previewing-emails
 
+## Incoming email
+
+1. Go to the GitLab installation directory.
+
+1. Find the `incoming_email` section in `config/gitlab.yml`, enable the
+   feature and fill in the details for your specific IMAP server and email
+   account:
+
+    Configuration for Gmail / Google Apps, assumes mailbox gitlab-incoming@gmail.com
+
+    ```yaml
+    incoming_email:
+      enabled: true
+
+      # The email address including the `%{key}` placeholder that will be replaced to reference the item being replied to.
+      # The placeholder can be omitted but if present, it must appear in the "user" part of the address (before the `@`).
+      address: "gitlab-incoming+%{key}@gmail.com"
+
+      # Email account username
+      # With third party providers, this is usually the full email address.
+      # With self-hosted email servers, this is usually the user part of the email address.
+      user: "gitlab-incoming@gmail.com"
+      # Email account password
+      password: "[REDACTED]"
+
+      # IMAP server host
+      host: "imap.gmail.com"
+      # IMAP server port
+      port: 993
+      # Whether the IMAP server uses SSL
+      ssl: true
+      # Whether the IMAP server uses StartTLS
+      start_tls: false
+
+      # The mailbox where incoming mail will end up. Usually "inbox".
+      mailbox: "inbox"
+      # The IDLE command timeout.
+      idle_timeout: 60
+    ```
+
+    As mentioned, the part after `+` is ignored, and this will end up in the mailbox for `gitlab-incoming@gmail.com`.
+
+1. Uncomment the `mail_room` line in your `Procfile`:
+
+    ```yaml
+    mail_room: bundle exec mail_room -q -c config/mail_room.yml
+    ```
+
+1. Restart GitLab:
+
+    ```sh
+    bundle exec foreman start
+    ```
+
+1. Verify that everything is configured correctly:
+
+    ```sh
+    bundle exec rake gitlab:incoming_email:check RAILS_ENV=development
+    ```
+
+1. Reply by email should now be working.
+
 ---
 
 [Return to Development documentation](README.md)

doc/development/fe_guide/vue.md

@@ -508,7 +508,7 @@ import Vue from 'vue';
 import Vuex from 'vuex';
 import * as actions from './actions';
 import * as getters from './getters';
-import * as mutations from './mutations';
+import mutations from './mutations';
 
 Vue.use(Vuex);
 
@@ -527,7 +527,7 @@ _Note:_ If the state of the application is too complex, an individual file for t
 An action commits a mutatation. In this file, we will write the actions that will call the respective mutation:
 
 ```javascript
-  import * as types from './mutation-types'
+  import * as types from './mutation_types';
 
   export const addUser = ({ commit }, user) => {
     commit(types.ADD_USER, user);
@@ -577,7 +577,8 @@ import { mapGetters } from 'vuex';
 The only way to actually change state in a Vuex store is by committing a mutation.
 
 ```javascript
-  import * as types from './mutation-types'
+  import * as types from './mutation_types';
+
   export default {
     [types.ADD_USER](state, user) {
       state.users.push(user);
@@ -686,4 +687,3 @@ describe('component', () => {
 [vuex-testing]: https://vuex.vuejs.org/en/testing.html
 [axios]: https://github.com/axios/axios
 [axios-interceptors]: https://github.com/axios/axios#interceptors
-

doc/development/i18n/proofreader.md

@@ -22,6 +22,8 @@ are very appreciative of the work done by translators and proofreaders!
 - Japanese
 - Korean
   - Huang Tao - [GitLab](https://gitlab.com/htve), [Crowdin](https://crowdin.com/profile/htve)
+- Polish
+  - Filip Mech - [GitLab](https://gitlab.com/mehenz), [Crowdin](https://crowdin.com/profile/mehenz)
 - Portuguese, Brazilian
   - Paulo George Gomes Bezerra - [GitLab](https://gitlab.com/paulobezerra), [Crowdin](https://crowdin.com/profile/paulogomes.rep)
 - Russian

doc/development/rake_tasks.md

@@ -102,6 +102,12 @@ variable to `1`:
 export ENABLE_SPRING=1
 ```
 
+Alternatively you can use the following on each spec run,
+
+```
+bundle exec spring rspec some_spec.rb
+```
+
 ## Compile Frontend Assets
 
 You shouldn't ever need to compile frontend assets manually in development, but

doc/user/project/clusters/index.md

@@ -120,6 +120,7 @@ added directly to your configured cluster. Those applications are needed for
 | [Helm Tiller](https://docs.helm.sh/) | 10.2+ | Helm is a package manager for Kubernetes and is required to install all the other applications. It will be automatically installed as a dependency when you try to install a different app. It is installed in its own pod inside the cluster which can run the `helm` CLI in a safe environment. |
 | [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) | 10.2+ | Ingress can provide load balancing, SSL termination, and name-based virtual hosting. It acts as a web proxy for your applications and is useful if you want to use [Auto DevOps](../../../topics/autodevops/index.md) or deploy your own web apps. |
 | [Prometheus](https://prometheus.io/docs/introduction/overview/) | 10.4+ | Prometheus is an open-source monitoring and alerting system useful to supervise your deployed applications |
+| [GitLab Runner](https://docs.gitlab.com/runner/) | 10.6+ | GitLab Runner is the open source project that is used to run your jobs and send the results back to GitLab. It is used in conjunction with [GitLab CI](https://about.gitlab.com/features/gitlab-ci-cd/), the open-source continuous integration service included with GitLab that coordinates the jobs. |
 
 ## Getting the external IP address
 

doc/user/project/issues/create_new_issue.md

@@ -37,6 +37,28 @@ It opens a new issue for that project labeled after its respective list.
 
 ![From the issue board](img/new_issue_from_issue_board.png)
 
+## New issue via email
+
+*This feature needs [incoming email](../../../administration/incoming_email.md)
+to be configured by a GitLab administrator to be available for CE/EE users, and
+it's available on GitLab.com.*
+
+At the bottom of a project's issue page, click
+**Email a new issue to this project**, and you will find an email address
+which belongs to you. You could add this address to your contact.
+
+This is a private email address, generated just for you.
+**Keep it to yourself** as anyone who gets ahold of it can create issues or
+merge requests as if they were you. You can add this address to your contact
+list for easy access.
+
+Sending an email to this address will create a new issue on your behalf for
+this project, where the email subject becomes the issue title, and the email
+body becomes the issue description. [Markdown] and [quick actions] are
+supported.
+
+![Bottom of a project issues page](img/new_issue_from_email.png)
+
 ## New issue via Service Desk
 
 Enable [Service Desk](../service_desk.md) to your project and offer email support.
@@ -60,5 +82,5 @@ create issues for the same project.
 
 ![Create issue from group-level issue tracker](img/create_issue_from_group_level_issue_tracker.png)
 
-
-
+[Markdown]: ../../markdown.md
+[quick actions]: ../quick_actions.md

doc/user/project/merge_requests/index.md

@@ -142,6 +142,10 @@ those conflicts in the GitLab UI.
 
 ## Create new merge requests by email
 
+*This feature needs [incoming email](../../../administration/incoming_email.md)
+to be configured by a GitLab administrator to be available for CE/EE users, and
+it's available on GitLab.com.*
+
 You can create a new merge request by sending an email to a user-specific email
 address. The address can be obtained on the merge requests page by clicking on
 a **Email a new merge request to this project** button.  The subject will be

doc/user/project/service_desk.md

@@ -53,7 +53,7 @@ Service Desk is enabled on GitLab.com. If you're a
 [Silver subscriber](https://about.gitlab.com/gitlab-com/),
 you can skip the step 1 below; you only need to enable it per project.
 
-1.   [Set up reply by email][reply-by-email] for the GitLab instance. This must
+1.   [Set up incoming email][incoming-email] for the GitLab instance. This must
      support [email sub-addressing][email-sub-addressing].
 2.   Navigate to your project's **Settings** and scroll down to the **Service Desk**
      section.
@@ -119,7 +119,7 @@ does not count toward the license limit count.
 [ee-149]: https://gitlab.com/gitlab-org/gitlab-ee/issues/149 "Service Desk with email"
 [ee]: https://about.gitlab.com/products/ "GitLab Enterprise Edition landing page"
 [eep-9.1]: https://about.gitlab.com/2017/04/22/gitlab-9-1-released/#service-desk-eep
-[reply-by-email]: ../../administration/reply_by_email.md#set-it-up
+[incoming-email]: ../../administration/incoming_email.md#set-it-up
 [email-sub-addressing]: ../../administration/reply_by_email.md#email-sub-addressing
 [confidential]: ./issues/confidential_issues.md "Confidential issues"
 [akismet]: ../../integration/akismet.md

ee/app/assets/javascripts/add_gitlab_slack_application/index.js

 import Vue from 'vue';
 import AddGitlabSlackApplication from './components/add_gitlab_slack_application.vue';
 
-function mountAddGitlabSlackApplication() {
+export default () => {
   const el = document.getElementById('js-add-gitlab-slack-application-entry-point');
 
   if (!el) return;
@@ -23,8 +23,4 @@ function mountAddGitlabSlackApplication() {
       docsPath: initialData.docs_path,
     },
   }).$mount(el);
-}
-
-document.addEventListener('DOMContentLoaded', mountAddGitlabSlackApplication);
-
-export default mountAddGitlabSlackApplication;
+};

ee/app/assets/javascripts/burndown_chart/index.js

 import Cookies from 'js-cookie';
 import BurndownChart from './burndown_chart';
 
-$(() => {
+export default () => {
   // handle hint dismissal
   const hint = $('.burndown-hint');
   hint.on('click', '.dismiss-icon', () => {
@@ -47,4 +47,4 @@ $(() => {
     window.addEventListener('resize', () => chart.animateResize(1));
     $(document).on('click', '.js-sidebar-toggle', () => chart.animateResize(2));
   }
-});
+};

ee/app/assets/javascripts/groups/ldap_group_links.js

-document.addEventListener('DOMContentLoaded', () => {
+export default () => {
   const showGroupLink = () => {
     const $cnLink = $('.cn-link');
     const $filterLink = $('.filter-link');
@@ -12,4 +12,4 @@ document.addEventListener('DOMContentLoaded', () => {
 
   $('input[name="sync_method"]').on('change', showGroupLink);
   showGroupLink();
-});
+};

ee/app/assets/javascripts/ide/components/repo_editor.vue

@@ -19,9 +19,6 @@ export default {
     shouldHideEditor() {
       return this.activeFile && this.activeFile.binary && !this.activeFile.raw;
     },
-    activeFileChanged() {
-      return this.activeFile && this.activeFile.changed;
-    },
   },
   watch: {
     activeFile(oldVal, newVal) {
@@ -29,13 +26,6 @@ export default {
         this.initMonaco();
       }
     },
-    activeFileChanged(newVal) {
-      if (!this.editor) return;
-
-      if (!newVal && this.model) {
-        this.model.setValue(this.model.getOriginalModel().getValue());
-      }
-    },
     leftPanelCollapsed() {
       this.editor.updateDimensions();
     },
@@ -92,11 +82,13 @@ export default {
 
       this.editor.attachModel(this.model);
 
-      this.model.onChange((m) => {
-        if (this.model.file.active) {
+      this.model.onChange((model) => {
+        const { file } = this.model;
+
+        if (file.active) {
           this.changeFileContent({
-            file: this.model.file,
-            content: m.getValue(),
+            file,
+            content: model.getValue(),
           });
         }
       });

ee/app/assets/javascripts/ide/lib/common/model_manager.js

@@ -12,9 +12,13 @@ export default class ModelManager {
     return this.models.has(path);
   }
 
+  getModel(path) {
+    return this.models.get(path);
+  }
+
   addModel(file) {
     if (this.hasCachedModel(file.path)) {
-      return this.models.get(file.path);
+      return this.getModel(file.path);
     }
 
     const model = new Model(this.monaco, file);

ee/app/assets/javascripts/ide/lib/diff/controller.js

@@ -59,7 +59,8 @@ export default class DirtyDiffController {
 
   decorate({ data }) {
     const decorations = data.changes.map(change => getDecorator(change));
-    this.decorationsController.addDecorations(data.path, 'dirtyDiff', decorations);
+    const model = this.modelManager.getModel(data.path);
+    this.decorationsController.addDecorations(model, 'dirtyDiff', decorations);
   }
 
   dispose() {

ee/app/assets/javascripts/ide/lib/editor.js

@@ -9,6 +9,8 @@ import gitlabTheme from 'ee/ide/lib/themes/gl_theme'; // eslint-disable-line imp
 
 export default class Editor {
   static create(monaco) {
+    if (this.editorInstance) return this.editorInstance;
+
     this.editorInstance = new Editor(monaco);
 
     return this.editorInstance;
@@ -20,18 +22,14 @@ export default class Editor {
     this.instance = null;
     this.dirtyDiffController = null;
     this.disposable = new Disposable();
-
-    this.disposable.add(
-      this.modelManager = new ModelManager(this.monaco),
-      this.decorationsController = new DecorationsController(this),
-    );
+    this.modelManager = new ModelManager(this.monaco);
+    this.decorationsController = new DecorationsController(this);
 
     this.setupMonacoTheme();
 
     this.debouncedUpdate = _.debounce(() => {
       this.updateDimensions();
     }, 200);
-    window.addEventListener('resize', this.debouncedUpdate, false);
   }
 
   createInstance(domElement) {
@@ -50,6 +48,8 @@ export default class Editor {
           this.modelManager, this.decorationsController,
         ),
       );
+
+      window.addEventListener('resize', this.debouncedUpdate, false);
     }
   }
 

ee/app/assets/javascripts/ide/stores/utils.js

@@ -121,8 +121,8 @@ export const getTreeEntry = (store, treeId, path) => {
   return fileList ? fileList.find(file => file.path === path) : null;
 };
 
-export const findEntry = (tree, type, name) => tree.find(
-  f => f.type === type && f.name === name,
+export const findEntry = (tree, type, name, prop = 'name') => tree.find(
+  f => f.type === type && f[prop] === name,
 );
 
 export const findIndexOfFile = (state, file) => state.findIndex(f => f.path === file.path);
@@ -163,7 +163,7 @@ export const createOrMergeEntry = ({ projectId,
                                      level,
                                      state }) => {
   if (state.changedFiles.length) {
-    const foundChangedFile = findEntry(state.changedFiles, type, entry.name);
+    const foundChangedFile = findEntry(state.changedFiles, type, entry.path, 'path');
 
     if (foundChangedFile) {
       return foundChangedFile;
@@ -171,7 +171,7 @@ export const createOrMergeEntry = ({ projectId,
   }
 
   if (state.openFiles.length) {
-    const foundOpenFile = findEntry(state.openFiles, type, entry.name);
+    const foundOpenFile = findEntry(state.openFiles, type, entry.path, 'path');
 
     if (foundOpenFile) {
       return foundOpenFile;

ee/app/assets/javascripts/mirrors/index.js

-import MirrorPull from './mirror_pull';
-
-document.addEventListener('DOMContentLoaded', () => {
-  const mirrorPull = new MirrorPull('.js-project-mirror-push-form');
-  mirrorPull.init();
-});