Add latest changes from gitlab-org/gitlab@master

app/controllers/projects/pages_domains_controller.rb

@@ -62,6 +62,14 @@ class Projects::PagesDomainsController < Projects::ApplicationController
     end
   end
 
+  def clean_certificate
+    unless @domain.update(user_provided_certificate: nil, user_provided_key: nil)
+      flash[:alert] = @domain.errors.full_messages.join(', ')
+    end
+
+    redirect_to edit_project_pages_domain_path(@project, @domain)
+  end
+
   private
 
   def create_params

app/models/clusters/instance.rb

@@ -9,5 +9,9 @@ module Clusters
     def feature_available?(feature)
       ::Feature.enabled?(feature, default_enabled: true)
     end
+
+    def flipper_id
+      self.class.to_s
+    end
   end
 end

app/services/issuable_base_service.rb

@@ -355,7 +355,7 @@ class IssuableBaseService < BaseService
     associations =
       {
         labels: issuable.labels.to_a,
-        mentioned_users: issuable.mentioned_users.to_a,
+        mentioned_users: issuable.mentioned_users(current_user).to_a,
         assignees: issuable.assignees.to_a
       }
     associations[:total_time_spent] = issuable.total_time_spent if issuable.respond_to?(:total_time_spent)

app/views/clusters/clusters/gcp/_form.html.haml

@@ -64,12 +64,13 @@
       %p.form-text.text-muted
         = s_('ClusterIntegration|Learn more about %{help_link_start_machine_type}machine types%{help_link_end} and %{help_link_start_pricing}pricing%{help_link_end}.').html_safe % { help_link_start_machine_type: help_link_start % { url: machine_type_link_url }, help_link_start_pricing: help_link_start % { url: pricing_link_url }, help_link_end: help_link_end }
 
-    .form-group
-      = provider_gcp_field.check_box :cloud_run, { label: s_('ClusterIntegration|Enable Cloud Run on GKE (beta)'),
-        label_class: 'label-bold' }
-      .form-text.text-muted
-        = s_('ClusterIntegration|Uses the Cloud Run, Istio, and HTTP Load Balancing addons for this cluster.')
-        = link_to _('More information'), help_page_path('user/project/clusters/index.md', anchor: 'cloud-run-on-gke'), target: '_blank'
+    - if Feature.enabled?(:create_cloud_run_clusters, clusterable)
+      .form-group
+        = provider_gcp_field.check_box :cloud_run, { label: s_('ClusterIntegration|Enable Cloud Run on GKE (beta)'),
+          label_class: 'label-bold' }
+        .form-text.text-muted
+          = s_('ClusterIntegration|Uses the Cloud Run, Istio, and HTTP Load Balancing addons for this cluster.')
+          = link_to _('More information'), help_page_path('user/project/clusters/index.md', anchor: 'cloud-run-on-gke'), target: '_blank'
 
   .form-group
     = field.check_box :managed, { label: s_('ClusterIntegration|GitLab-managed cluster'),

changelogs/unreleased/33902-fix-private-group-todo-mentions.yml

+---
+title: Do not generate To-Dos additional when editing group mentions
+merge_request: 19037
+author:
+type: fixed

changelogs/unreleased/sh-change-throttle-protected-paths-default.yml

+---
+title: Disable protected path throttling by default
+merge_request: 19185
+author:
+type: fixed

config/initializers/0_inflections.rb

@@ -12,18 +12,19 @@
 ActiveSupport::Inflector.inflections do |inflect|
   inflect.uncountable %w(
     award_emoji
-    project_statistics
-    system_note_metadata
+    container_repository_registry
+    design_registry
     event_log
-    project_auto_devops
-    project_registry
     file_registry
+    group_view
     job_artifact_registry
-    container_repository_registry
-    design_registry
-    vulnerability_feedback
+    lfs_object_registry
+    project_auto_devops
+    project_registry
+    project_statistics
+    system_note_metadata
     vulnerabilities_feedback
-    group_view
+    vulnerability_feedback
   )
   inflect.acronym 'EE'
 end

config/routes/project.rb

@@ -222,6 +222,7 @@ constraints(::Constraints::ProjectUrlConstrainer.new) do
         resources :domains, except: :index, controller: 'pages_domains', constraints: { id: %r{[^/]+} } do
           member do
             post :verify
+            delete :clean_certificate
           end
         end
       end

db/migrate/20191026041447_change_default_value_of_throttle_protected_paths.rb

+# frozen_string_literal: true
+
+class ChangeDefaultValueOfThrottleProtectedPaths < ActiveRecord::Migration[5.2]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def up
+    change_column_default :application_settings, :throttle_protected_paths_enabled, false
+
+    # Because we already set the value to true in the previous
+    # migration, this feature was switched on inadvertently in GitLab
+    # 12.4. This migration toggles it back off to ensure we don't
+    # inadvertently block legitimate users. The admin will have to
+    # re-enable it in the application settings.
+    unless omnibus_protected_paths_present?
+      execute "UPDATE application_settings SET throttle_protected_paths_enabled = #{false_value}"
+    end
+  end
+
+  def down
+    change_column_default :application_settings, :throttle_protected_paths_enabled, true
+
+    execute "UPDATE application_settings SET throttle_protected_paths_enabled = #{true_value}"
+  end
+
+  private
+
+  def omnibus_protected_paths_present?
+    Rack::Attack.throttles.key?('protected paths')
+  rescue e
+    say "Error while checking if Omnibus protected paths were already enabled: #{e.message}"
+    say 'Continuing. Protected paths will remain enabled.'
+
+    # Return true so we don't take a risk
+    true
+  end
+end

db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2019_10_17_180026) do
+ActiveRecord::Schema.define(version: 2019_10_26_041447) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "pg_trgm"
@@ -331,7 +331,7 @@ ActiveRecord::Schema.define(version: 2019_10_17_180026) do
     t.string "encrypted_asset_proxy_secret_key_iv"
     t.string "static_objects_external_storage_url", limit: 255
     t.string "static_objects_external_storage_auth_token", limit: 255
-    t.boolean "throttle_protected_paths_enabled", default: true, null: false
+    t.boolean "throttle_protected_paths_enabled", default: false, null: false
     t.integer "throttle_protected_paths_requests_per_period", default: 10, null: false
     t.integer "throttle_protected_paths_period_in_seconds", default: 60, null: false
     t.string "protected_paths", limit: 255, default: ["/users/password", "/users/sign_in", "/api/v3/session.json", "/api/v3/session", "/api/v4/session.json", "/api/v4/session", "/users", "/users/confirmation", "/unsubscribes/", "/import/github/personal_access_token"], array: true

doc/user/markdown.md

@@ -417,9 +417,10 @@ GFM will recognize the following:
 
 > If this is not rendered correctly, [view it in GitLab itself](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/user/markdown.md#task-lists).
 
-You can add task lists anywhere markdown is supported, but you can only "click" to
-toggle the boxes if they are in issues, merge requests, or comments. In other places
-you must edit the markdown manually to change the status by adding or removing the `x`.
+You can add task lists anywhere Markdown is supported, but you can only "click"
+to toggle the boxes if they are in issues, merge requests, or comments. In other
+places you must edit the Markdown manually to change the status by adding or
+removing an `x` within the square brackets.
 
 To create a task list, add a specially-formatted Markdown list. You can use either
 unordered or ordered lists:

doc/user/search/advanced_search_syntax.md

@@ -17,6 +17,8 @@ The Advanced Syntax Search is a subset of the
 [Advanced Global Search](advanced_global_search.md), which you can use if you
 want to have more specific search results.
 
+Advanced Global Search only supports searching the [default branch](../project/repository/branches/index.md#default-branch).
+
 ## Use cases
 
 Let's say for example that the product you develop relies on the code of another

spec/controllers/projects/pages_domains_controller_spec.rb

@@ -190,6 +190,56 @@ describe Projects::PagesDomainsController do
     end
   end
 
+  describe 'DELETE #clean_certificate' do
+    subject do
+      delete(:clean_certificate, params: request_params.merge(id: pages_domain.domain))
+    end
+
+    it 'redirects to edit page' do
+      subject
+
+      expect(response).to redirect_to(edit_project_pages_domain_path(project, pages_domain))
+    end
+
+    it 'removes certificate' do
+      expect do
+        subject
+      end.to change { pages_domain.reload.certificate }.to(nil)
+        .and change { pages_domain.reload.key }.to(nil)
+    end
+
+    it 'sets certificate source to user_provided' do
+      pages_domain.update!(certificate_source: :gitlab_provided)
+
+      expect do
+        subject
+      end.to change { pages_domain.reload.certificate_source }.from("gitlab_provided").to("user_provided")
+    end
+
+    context 'when pages_https_only is set' do
+      before do
+        project.update!(pages_https_only: true)
+        stub_pages_setting(external_https: '127.0.0.1')
+      end
+
+      it 'does not remove certificate' do
+        subject
+
+        pages_domain.reload
+        expect(pages_domain.certificate).to be_present
+        expect(pages_domain.key).to be_present
+      end
+
+      it 'redirects to edit page with a flash message' do
+        subject
+
+        expect(flash[:alert]).to include('Certificate')
+        expect(flash[:alert]).to include('Key')
+        expect(response).to redirect_to(edit_project_pages_domain_path(project, pages_domain))
+      end
+    end
+  end
+
   context 'pages disabled' do
     before do
       allow(Gitlab.config.pages).to receive(:enabled).and_return(false)

spec/requests/api/access_requests_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::AccessRequests do

spec/requests/api/applications_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Applications, :api do

spec/requests/api/avatar_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Avatar do

spec/requests/api/award_emoji_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::AwardEmoji do

spec/requests/api/badges_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Badges do

spec/requests/api/boards_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Boards do

spec/requests/api/branches_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Branches do

spec/requests/api/broadcast_messages_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::BroadcastMessages do

spec/requests/api/commit_statuses_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::CommitStatuses do

spec/requests/api/commits_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'mime/types'
 

spec/requests/api/deploy_keys_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::DeployKeys do

spec/requests/api/discussions_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Discussions do

spec/requests/api/doorkeeper_access_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'doorkeeper access' do

spec/requests/api/environments_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Environments do

spec/requests/api/events_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Events do

spec/requests/api/features_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Features do

spec/requests/api/files_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Files do

spec/requests/api/graphql/gitlab_schema_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'GitlabSchema configurations' do

spec/requests/api/graphql/mutations/merge_requests/set_wip_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Setting WIP status of a merge request' do

spec/requests/api/graphql/project/issues_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'getting an issue list for a project' do

spec/requests/api/graphql/project/merge_request_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'getting merge request information nested in a project' do

spec/requests/api/graphql/project_query_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'getting project information' do

spec/requests/api/group_boards_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::GroupBoards do

spec/requests/api/group_milestones_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::GroupMilestones do

spec/requests/api/group_variables_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::GroupVariables do

spec/requests/api/groups_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Groups do

spec/requests/api/helpers_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'raven/transports/dummy'
 require_relative '../../../config/initializers/sentry'

spec/requests/api/import_github_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::ImportGithub do

spec/requests/api/internal/base_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Internal::Base do

spec/requests/api/jobs_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Jobs do

spec/requests/api/keys_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Keys do

spec/requests/api/labels_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Labels do

spec/requests/api/lint_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Lint do

spec/requests/api/markdown_spec.rb

+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe API::Markdown do

spec/requests/api/members_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Members do
@@ -24,7 +26,7 @@ describe API::Members do
 
   shared_examples 'GET /:source_type/:id/members/(all)' do |source_type, all|
     let(:members_url) do
-      "/#{source_type.pluralize}/#{source.id}/members".tap do |url|
+      (+"/#{source_type.pluralize}/#{source.id}/members").tap do |url|
         url << "/all" if all
       end
     end

spec/requests/api/merge_request_diffs_spec.rb

+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe API::MergeRequestDiffs, 'MergeRequestDiffs' do

spec/requests/api/merge_requests_spec.rb

+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe API::MergeRequests do

spec/requests/api/namespaces_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Namespaces do

spec/requests/api/notes_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Notes do

spec/requests/api/notification_settings_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::NotificationSettings do

spec/requests/api/oauth_tokens_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'OAuth tokens' do

spec/requests/api/pages/internal_access_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Internal Project Pages Access" do

spec/requests/api/pages/private_access_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Private Project Pages Access" do

spec/requests/api/pages/public_access_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe "Public Project Pages Access" do

spec/requests/api/pages_domains_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::PagesDomains do

spec/requests/api/pipeline_schedules_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::PipelineSchedules do

spec/requests/api/project_container_repositories_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::ProjectContainerRepositories do

spec/requests/api/project_events_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::ProjectEvents do

spec/requests/api/project_export_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::ProjectExport do

spec/requests/api/project_hooks_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::ProjectHooks, 'ProjectHooks' do

spec/requests/api/project_import_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::ProjectImport do

spec/requests/api/project_milestones_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::ProjectMilestones do

spec/requests/api/project_snapshots_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::ProjectSnapshots do

spec/requests/api/project_snippets_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::ProjectSnippets do

spec/requests/api/project_templates_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::ProjectTemplates do

spec/requests/api/projects_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 shared_examples 'languages and percentages JSON response' do

spec/requests/api/protected_branches_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::ProtectedBranches do

spec/requests/api/protected_tags_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::ProtectedTags do

spec/requests/api/releases_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Releases do

spec/requests/api/repositories_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 require 'mime/types'
 

spec/requests/api/runner_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Runner, :clean_gitlab_redis_shared_state do

spec/requests/api/runners_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Runners do

spec/requests/api/search_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Search do

spec/requests/api/services_spec.rb

+# frozen_string_literal: true
+
 require "spec_helper"
 
 describe API::Services do

spec/requests/api/settings_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Settings, 'Settings' do

spec/requests/api/sidekiq_metrics_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::SidekiqMetrics do

spec/requests/api/snippets_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Snippets do

spec/requests/api/system_hooks_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::SystemHooks do

spec/requests/api/tags_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Tags do

spec/requests/api/templates_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Templates do

spec/requests/api/todos_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Todos do

spec/requests/api/triggers_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Triggers do

spec/requests/api/users_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Users do

spec/requests/api/variables_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Variables do

spec/requests/api/version_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe API::Version do

spec/requests/api/wikis_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 # For every API endpoint we test 3 states of wikis:

spec/requests/git_http_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Git HTTP requests' do

spec/requests/groups/milestones_controller_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe Groups::MilestonesController do

spec/requests/jwt_controller_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe JwtController do

spec/requests/lfs_locks_api_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Git LFS File Locking API' do

spec/requests/oauth_tokens_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'OAuth Tokens requests' do

spec/requests/openid_connect_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'OpenID Connect requests' do

spec/requests/projects/cycle_analytics_events_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'cycle analytics events' do

spec/requests/rack_attack_global_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Rack Attack global throttles' do

spec/requests/request_profiler_spec.rb

+# frozen_string_literal: true
+
 require 'spec_helper'
 
 describe 'Request Profiler' do

spec/support/shared_examples/updating_mentions_shared_examples.rb

@@ -58,9 +58,25 @@ RSpec.shared_examples 'updating mentions' do |service_class|
       end
     end
 
+    shared_examples 'updating attribute with existing group mention' do |attribute|
+      before do
+        mentionable.update!({ attribute => "FYI: #{group.to_reference}" })
+      end
+
+      it 'creates todos for only newly mentioned users' do
+        expect do
+          update_mentionable(
+            { attribute => "For #{group.to_reference}, cc: #{mentioned_user.to_reference}" }
+          )
+        end.to change { Todo.count }.by(1)
+      end
+    end
+
     context 'when group is public' do
       it_behaves_like 'updating attribute with allowed mentions', :title
       it_behaves_like 'updating attribute with allowed mentions', :description
+      it_behaves_like 'updating attribute with existing group mention', :title
+      it_behaves_like 'updating attribute with existing group mention', :description
     end
 
     context 'when the group is private' do
@@ -70,6 +86,8 @@ RSpec.shared_examples 'updating mentions' do |service_class|
 
       it_behaves_like 'updating attribute with allowed mentions', :title
       it_behaves_like 'updating attribute with allowed mentions', :description
+      it_behaves_like 'updating attribute with existing group mention', :title
+      it_behaves_like 'updating attribute with existing group mention', :description
     end
   end
 

spec/views/projects/clusters/clusters/gcp/_form.html.haml_spec.rb

+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'clusters/clusters/gcp/_form' do
+  let(:admin) { create(:admin) }
+  let(:environment) { create(:environment) }
+  let(:gcp_cluster) { create(:cluster, :provided_by_gcp) }
+  let(:clusterable) { ClusterablePresenter.fabricate(environment.project, current_user: admin) }
+
+  before do
+    assign(:environment, environment)
+    assign(:gcp_cluster, gcp_cluster)
+    allow(view).to receive(:clusterable).and_return(clusterable)
+    allow(view).to receive(:url_for).and_return('#')
+    allow(view).to receive(:token_in_session).and_return('')
+  end
+
+  context 'with all feature flags enabled' do
+    it 'has a cloud run checkbox' do
+      render
+
+      expect(rendered).to have_selector("input[id='cluster_provider_gcp_attributes_cloud_run']")
+    end
+  end
+
+  context 'with cloud run feature flag disabled' do
+    before do
+      stub_feature_flags(create_cloud_run_clusters: false)
+    end
+
+    it 'does not have a cloud run checkbox' do
+      render
+
+      expect(rendered).not_to have_selector("input[id='cluster_provider_gcp_attributes_cloud_run']")
+    end
+  end
+end