Add latest changes from gitlab-org/gitlab@master

18 files changed, 93 insertions, 119 deletions

diff --git a/app/controllers/projects/alerting/notifications_controller.rb b/app/controllers/projects/alerting/notifications_controller.rb
index 1fe31863469..358e7629958 100644
--- a/app/controllers/projects/alerting/notifications_controller.rb
+++ b/app/controllers/projects/alerting/notifications_controller.rb
@@ -14,7 +14,7 @@ module Projects
         token = extract_alert_manager_token(request)
         result = notify_service.execute(token)
 
-        head(response_status(result))
+        head result.http_status
       end
 
       private
@@ -33,12 +33,6 @@ module Projects
           .new(project, current_user, notification_payload)
       end
 
-      def response_status(result)
-        return :ok if result.success?
-
-        result.http_status
-      end
-
       def notification_payload
         params.permit![:notification]
       end
diff --git a/app/controllers/projects/prometheus/alerts_controller.rb b/app/controllers/projects/prometheus/alerts_controller.rb
index 8c74c730de9..2c0521edece 100644
--- a/app/controllers/projects/prometheus/alerts_controller.rb
+++ b/app/controllers/projects/prometheus/alerts_controller.rb
@@ -26,12 +26,9 @@ module Projects
 
       def notify
         token = extract_alert_manager_token(request)
+        result = notify_service.execute(token)
 
-        if notify_service.execute(token)
-          head :ok
-        else
-          head :unprocessable_entity
-        end
+        head result.http_status
       end
 
       def create
diff --git a/app/helpers/submodule_helper.rb b/app/helpers/submodule_helper.rb
index e9554300075..06ea3dd8a81 100644
--- a/app/helpers/submodule_helper.rb
+++ b/app/helpers/submodule_helper.rb
@@ -72,7 +72,7 @@ module SubmoduleHelper
                                      project].join('')
 
     url_with_dotgit = url_no_dotgit + '.git'
-    url_with_dotgit == Gitlab::Shell.url_to_repo([namespace, '/', project].join(''))
+    url_with_dotgit == Gitlab::RepositoryUrlBuilder.build([namespace, '/', project].join(''))
   end
 
   def relative_self_url?(url)
diff --git a/app/models/concerns/has_repository.rb b/app/models/concerns/has_repository.rb
index 6a09741b903..af7afd6604a 100644
--- a/app/models/concerns/has_repository.rb
+++ b/app/models/concerns/has_repository.rb
@@ -87,26 +87,15 @@ module HasRepository
   end
 
   def url_to_repo
-    Gitlab::Shell.url_to_repo(full_path)
+    ssh_url_to_repo
   end
 
   def ssh_url_to_repo
-    url_to_repo
+    Gitlab::RepositoryUrlBuilder.build(repository.full_path, protocol: :ssh)
   end
 
   def http_url_to_repo
-    custom_root = Gitlab::CurrentSettings.custom_http_clone_url_root
-
-    url = if custom_root.present?
-            Gitlab::Utils.append_path(
-              custom_root,
-              web_url(only_path: true)
-            )
-          else
-            web_url
-          end
-
-    "#{url}.git"
+    Gitlab::RepositoryUrlBuilder.build(repository.full_path, protocol: :http)
   end
 
   def web_url(only_path: nil)
diff --git a/app/models/concerns/update_highest_role.rb b/app/models/concerns/update_highest_role.rb
new file mode 100644
index 00000000000..7efc436c6c8
--- /dev/null
+++ b/app/models/concerns/update_highest_role.rb
@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module UpdateHighestRole
+  extend ActiveSupport::Concern
+
+  HIGHEST_ROLE_LEASE_TIMEOUT = 10.minutes.to_i
+  HIGHEST_ROLE_JOB_DELAY = 10.minutes
+
+  included do
+    after_commit :update_highest_role
+  end
+
+  private
+
+  # Schedule a Sidekiq job to update the highest role for a User
+  #
+  # The job will be called outside of a transaction in order to ensure the changes
+  # to be commited before attempting to update the highest role.
+  # The exlusive lease will not be released after completion to prevent multiple jobs
+  # being executed during the defined timeout.
+  def update_highest_role
+    return unless update_highest_role?
+
+    run_after_commit_or_now do
+      lease_key = "update_highest_role:#{update_highest_role_attribute}"
+      lease = Gitlab::ExclusiveLease.new(lease_key, timeout: HIGHEST_ROLE_LEASE_TIMEOUT)
+
+      if lease.try_obtain
+        UpdateHighestRoleWorker.perform_in(HIGHEST_ROLE_JOB_DELAY, update_highest_role_attribute)
+      else
+        # use same logging as ExclusiveLeaseGuard
+        # rubocop:disable Gitlab/RailsLogger
+        Rails.logger.error('Cannot obtain an exclusive lease. There must be another instance already in execution.')
+        # rubocop:enable Gitlab/RailsLogger
+      end
+    end
+  end
+end
diff --git a/app/models/concerns/versioned_description.rb b/app/models/concerns/versioned_description.rb
index ee8d2d45357..dd602efea1c 100644
--- a/app/models/concerns/versioned_description.rb
+++ b/app/models/concerns/versioned_description.rb
@@ -16,7 +16,6 @@ module VersionedDescription
   def save_description_version
     self.saved_description_version = nil
 
-    return unless Feature.enabled?(:save_description_versions, issuing_parent, default_enabled: true)
     return unless saved_change_to_description?
 
     unless description_versions.exists?
diff --git a/app/models/member.rb b/app/models/member.rb
index d7c515b650b..5b33333aa23 100644
--- a/app/models/member.rb
+++ b/app/models/member.rb
@@ -9,6 +9,7 @@ class Member < ApplicationRecord
   include Presentable
   include Gitlab::Utils::StrongMemoize
   include FromUnion
+  include UpdateHighestRole
 
   attr_accessor :raw_invite_token
 
@@ -100,7 +101,6 @@ class Member < ApplicationRecord
   after_destroy :destroy_notification_setting
   after_destroy :post_destroy_hook, unless: :pending?
   after_commit :refresh_member_authorized_projects
-  after_commit :update_highest_role
 
   default_value_for :notification_level, NotificationSetting.levels[:global]
 
@@ -463,21 +463,15 @@ class Member < ApplicationRecord
     end
   end
 
-  # Triggers the service to schedule a Sidekiq job to update the highest role
-  # for a User
-  #
-  # The job will be called outside of a transaction in order to ensure the changes
-  # for a Member to be commited before attempting to update the highest role.
-  # rubocop: disable CodeReuse/ServiceClass
-  def update_highest_role
+  def update_highest_role?
     return unless user_id.present?
-    return unless previous_changes[:access_level].present?
 
-    run_after_commit_or_now do
-      Members::UpdateHighestRoleService.new(user_id).execute
-    end
+    previous_changes[:access_level].present?
+  end
+
+  def update_highest_role_attribute
+    user_id
   end
-  # rubocop: enable CodeReuse/ServiceClass
 end
 
 Member.prepend_if_ee('EE::Member')
diff --git a/app/models/project_wiki.rb b/app/models/project_wiki.rb
index 4b888648b9e..708b45cf5f0 100644
--- a/app/models/project_wiki.rb
+++ b/app/models/project_wiki.rb
@@ -49,15 +49,15 @@ class ProjectWiki
   end
 
   def url_to_repo
-    Gitlab::Shell.url_to_repo(full_path)
+    ssh_url_to_repo
   end
 
   def ssh_url_to_repo
-    url_to_repo
+    Gitlab::RepositoryUrlBuilder.build(repository.full_path, protocol: :ssh)
   end
 
   def http_url_to_repo
-    @project.http_url_to_repo.sub(%r{git\z}, 'wiki.git')
+    Gitlab::RepositoryUrlBuilder.build(repository.full_path, protocol: :http)
   end
 
   def wiki_base_path
diff --git a/app/models/snippet.rb b/app/models/snippet.rb
index cfe1c77ec48..821de70f9d9 100644
--- a/app/models/snippet.rb
+++ b/app/models/snippet.rb
@@ -258,10 +258,12 @@ class Snippet < ApplicationRecord
     super
   end
 
+  override :repository
   def repository
     @repository ||= Repository.new(full_path, self, shard: repository_storage, disk_path: disk_path, repo_type: Gitlab::GlRepository::SNIPPET)
   end
 
+  override :repository_size_checker
   def repository_size_checker
     strong_memoize(:repository_size_checker) do
       ::Gitlab::RepositorySizeChecker.new(
@@ -271,6 +273,7 @@ class Snippet < ApplicationRecord
     end
   end
 
+  override :storage
   def storage
     @storage ||= Storage::Hashed.new(self, prefix: Storage::Hashed::SNIPPET_REPOSITORY_PATH_PREFIX)
   end
@@ -278,6 +281,7 @@ class Snippet < ApplicationRecord
   # This is the full_path used to identify the
   # the snippet repository. It will be used mostly
   # for logging purposes.
+  override :full_path
   def full_path
     return unless persisted?
 
@@ -290,10 +294,6 @@ class Snippet < ApplicationRecord
     end
   end
 
-  def url_to_repo
-    Gitlab::Shell.url_to_repo(full_path.delete('@'))
-  end
-
   def repository_storage
     snippet_repository&.shard_name || self.class.pick_repository_storage
   end
diff --git a/app/models/user.rb b/app/models/user.rb
index 68c52751804..42972477d97 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -23,6 +23,7 @@ class User < ApplicationRecord
   include BatchDestroyDependentAssociations
   include HasUniqueInternalUsers
   include IgnorableColumns
+  include UpdateHighestRole
 
   DEFAULT_NOTIFICATION_LEVEL = :participating
 
@@ -238,7 +239,6 @@ class User < ApplicationRecord
       end
     end
   end
-  after_commit :update_highest_role, on: [:create, :update]
 
   after_initialize :set_projects_limit
 
@@ -1854,20 +1854,15 @@ class User < ApplicationRecord
     last_active_at.to_i <= MINIMUM_INACTIVE_DAYS.days.ago.to_i
   end
 
-  # Triggers the service to schedule a Sidekiq job to update the highest role
-  # for a User
-  #
-  # The job will be called outside of a transaction in order to ensure the changes
-  # for a Member to be commited before attempting to update the highest role.
-  # rubocop: disable CodeReuse/ServiceClass
-  def update_highest_role
-    return unless (previous_changes.keys & %w(state user_type ghost)).any?
+  def update_highest_role?
+    return false unless persisted?
 
-    run_after_commit_or_now do
-      Members::UpdateHighestRoleService.new(id).execute
-    end
+    (previous_changes.keys & %w(state user_type ghost)).any?
+  end
+
+  def update_highest_role_attribute
+    id
   end
-  # rubocop: enable CodeReuse/ServiceClass
 end
 
 User.prepend_if_ee('EE::User')
diff --git a/app/serializers/merge_request_widget_entity.rb b/app/serializers/merge_request_widget_entity.rb
index 7ba15dd9acf..74f29b36209 100644
--- a/app/serializers/merge_request_widget_entity.rb
+++ b/app/serializers/merge_request_widget_entity.rb
@@ -96,7 +96,7 @@ class MergeRequestWidgetEntity < Grape::Entity
 
   def can_add_ci_config_path?(merge_request)
     merge_request.source_project&.uses_default_ci_config? &&
-      merge_request.all_pipelines.none? &&
+      !merge_request.source_project.has_ci? &&
       merge_request.commits_count.positive? &&
       can?(current_user, :read_build, merge_request.source_project) &&
       can?(current_user, :create_pipeline, merge_request.source_project)
diff --git a/app/services/members/update_highest_role_service.rb b/app/services/members/update_highest_role_service.rb
deleted file mode 100644
index 5ebd2e03df1..00000000000
--- a/app/services/members/update_highest_role_service.rb
+++ /dev/null
@@ -1,39 +0,0 @@
-# frozen_string_literal: true
-
-module Members
-  class UpdateHighestRoleService < ::BaseService
-    include ExclusiveLeaseGuard
-
-    LEASE_TIMEOUT = 10.minutes.to_i
-    DELAY = 10.minutes
-
-    attr_reader :user_id
-
-    def initialize(user_id)
-      @user_id = user_id
-    end
-
-    def execute
-      try_obtain_lease do
-        UpdateHighestRoleWorker.perform_in(DELAY, user_id)
-      end
-    end
-
-    private
-
-    def lease_key
-      "update_highest_role:#{user_id}"
-    end
-
-    def lease_timeout
-      LEASE_TIMEOUT
-    end
-
-    # Do not release the lease before the timeout to
-    # prevent multiple jobs being executed during the
-    # defined timeout
-    def lease_release?
-      false
-    end
-  end
-end
diff --git a/app/services/projects/alerting/notify_service.rb b/app/services/projects/alerting/notify_service.rb
index d34d6f6a915..1ce1ef7a1cd 100644
--- a/app/services/projects/alerting/notify_service.rb
+++ b/app/services/projects/alerting/notify_service.rb
@@ -46,15 +46,15 @@ module Projects
       end
 
       def bad_request
-        ServiceResponse.error(message: 'Bad Request', http_status: 400)
+        ServiceResponse.error(message: 'Bad Request', http_status: :bad_request)
       end
 
       def unauthorized
-        ServiceResponse.error(message: 'Unauthorized', http_status: 401)
+        ServiceResponse.error(message: 'Unauthorized', http_status: :unauthorized)
       end
 
       def forbidden
-        ServiceResponse.error(message: 'Forbidden', http_status: 403)
+        ServiceResponse.error(message: 'Forbidden', http_status: :forbidden)
       end
     end
   end
diff --git a/app/services/projects/import_export/export_service.rb b/app/services/projects/import_export/export_service.rb
index fa098e7417c..8893bf18e1f 100644
--- a/app/services/projects/import_export/export_service.rb
+++ b/app/services/projects/import_export/export_service.rb
@@ -58,12 +58,7 @@ module Projects
       end
 
       def tree_saver_class
-        if ::Feature.enabled?(:streaming_serializer, project, default_enabled: true)
-          Gitlab::ImportExport::Project::TreeSaver
-        else
-          # Once we remove :streaming_serializer feature flag, Project::LegacyTreeSaver should be removed as well
-          Gitlab::ImportExport::Project::LegacyTreeSaver
-        end
+        Gitlab::ImportExport::Project::TreeSaver
       end
 
       def uploads_saver
diff --git a/app/services/projects/prometheus/alerts/notify_service.rb b/app/services/projects/prometheus/alerts/notify_service.rb
index 89791aecabb..6ebc061c2e3 100644
--- a/app/services/projects/prometheus/alerts/notify_service.rb
+++ b/app/services/projects/prometheus/alerts/notify_service.rb
@@ -8,15 +8,15 @@ module Projects
         include IncidentManagement::Settings
 
         def execute(token)
-          return false unless valid_payload_size?
-          return false unless valid_version?
-          return false unless valid_alert_manager_token?(token)
+          return bad_request unless valid_payload_size?
+          return unprocessable_entity unless valid_version?
+          return unauthorized unless valid_alert_manager_token?(token)
 
           persist_events
           send_alert_email if send_email?
           process_incident_issues if process_issues?
 
-          true
+          ServiceResponse.success
         end
 
         private
@@ -118,6 +118,18 @@ module Projects
         def persist_events
           CreateEventsService.new(project, nil, params).execute
         end
+
+        def bad_request
+          ServiceResponse.error(message: 'Bad Request', http_status: :bad_request)
+        end
+
+        def unauthorized
+          ServiceResponse.error(message: 'Unauthorized', http_status: :unauthorized)
+        end
+
+        def unprocessable_entity
+          ServiceResponse.error(message: 'Unprocessable Entity', http_status: :unprocessable_entity)
+        end
       end
     end
   end
diff --git a/app/views/projects/mirrors/_authentication_method.html.haml b/app/views/projects/mirrors/_authentication_method.html.haml
index a6978cba495..c4f564e26f4 100644
--- a/app/views/projects/mirrors/_authentication_method.html.haml
+++ b/app/views/projects/mirrors/_authentication_method.html.haml
@@ -12,7 +12,7 @@
 
 .form-group
   .collapse.js-well-changing-auth
-    .changing-auth-method= icon('spinner spin lg')
+    .changing-auth-method
   .well-password-auth.collapse.js-well-password-auth
     = f.label :password, _("Password"), class: "label-bold"
     = f.password_field :password, value: mirror.password, class: 'form-control qa-password', autocomplete: 'new-password'
diff --git a/app/views/projects/mirrors/_ssh_host_keys.html.haml b/app/views/projects/mirrors/_ssh_host_keys.html.haml
index 3279d3eb251..90236dc0c48 100644
--- a/app/views/projects/mirrors/_ssh_host_keys.html.haml
+++ b/app/views/projects/mirrors/_ssh_host_keys.html.haml
@@ -4,7 +4,7 @@
 
 .form-group.js-ssh-host-keys-section{ class: ('collapse' unless mirror.ssh_mirror_url?) }
   %button.btn.btn-inverted.btn-secondary.inline.js-detect-host-keys.append-right-10{ type: 'button', data: { qa_selector: 'detect_host_keys' } }
-    = icon('spinner spin', class: 'js-spinner d-none')
+    .js-spinner.d-none.spinner.mr-1
     = _('Detect host keys')
   .fingerprint-ssh-info.js-fingerprint-ssh-info.prepend-top-10.append-bottom-10{ class: ('collapse' unless mirror.ssh_mirror_url?) }
     %label.label-bold
diff --git a/app/views/shared/_personal_access_tokens_form.html.haml b/app/views/shared/_personal_access_tokens_form.html.haml
index 16f8a692635..71f3447ebc7 100644
--- a/app/views/shared/_personal_access_tokens_form.html.haml
+++ b/app/views/shared/_personal_access_tokens_form.html.haml
@@ -12,7 +12,7 @@
   .row
     .form-group.col-md-6
       = f.label :name, _('Name'), class: 'label-bold'
-      = f.text_field :name, class: "form-control qa-personal-access-token-name-field", required: true
+      = f.text_field :name, class: "form-control", required: true, data: { qa_selector: 'personal_access_token_name_field' }
 
   .row
     .form-group.col-md-6
@@ -21,11 +21,11 @@
 
         = render_if_exists 'personal_access_tokens/callout_max_personal_access_token_lifetime'
 
-        = f.text_field :expires_at, class: "datepicker form-control", placeholder: 'YYYY-MM-DD'
+        = f.text_field :expires_at, class: "datepicker form-control", placeholder: 'YYYY-MM-DD', data: { qa_selector: 'expiry_date_field' }
 
   .form-group
     = f.label :scopes, _('Scopes'), class: 'label-bold'
     = render 'shared/tokens/scopes_form', prefix: 'personal_access_token', token: token, scopes: scopes
 
   .prepend-top-default
-    = f.submit _('Create %{type} token') % { type: type }, class: "btn btn-success qa-create-token-button"
+    = f.submit _('Create %{type} token') % { type: type }, class: "btn btn-success", data: { qa_selector: 'create_token_button' }