diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb
index 0b017c989160d70cfdc21811a450d183b1fb8e43..57ef4646d24bd91153bd63b4c7897a5ccd8ef642 100644
--- a/app/models/ci/build.rb
+++ b/app/models/ci/build.rb
@@ -179,7 +179,7 @@ module Ci
     end
 
     def repo_url
-      auth = "gitlab-ci-token:#{ensure_token}@"
+      auth = "gitlab-ci-token:#{ensure_token!}@"
       project.http_url_to_repo.sub(/^https?:\/\//) do |prefix|
         prefix + auth
       end
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index ce686af2adef094dc8f2e2b6df4e60ff9f653cd1..00c4c7b1440847042cdc1afd2a2a17d9a7cd3f98 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -64,7 +64,7 @@ class ProjectPolicy < BasePolicy
     can! :read_deployment
   end
 
-  # Permissions given when an user is direct member of a group
+  # Permissions given when an user is team member of a project
   def team_member_reporter_access!
     can! :build_download_code
     can! :build_read_container_image
diff --git a/app/services/auth/container_registry_authentication_service.rb b/app/services/auth/container_registry_authentication_service.rb
index 36120a5bc99747ce0b8f3714a1505a694356620a..98da65639475438a96ca575f7a6360bd7fd7927d 100644
--- a/app/services/auth/container_registry_authentication_service.rb
+++ b/app/services/auth/container_registry_authentication_service.rb
@@ -90,7 +90,7 @@ module Auth
 
     def build_can_pull?(requested_project)
       # Build can:
-      # 1. pull from it's own project (for ex. a build)
+      # 1. pull from its own project (for ex. a build)
       # 2. read images from dependent projects if creator of build is a team member
       @authentication_abilities.include?(:build_read_container_image) &&
         (requested_project == project || can?(current_user, :build_read_container_image, requested_project))
@@ -102,7 +102,7 @@ module Auth
     end
 
     def build_can_push?(requested_project)
-      # Build can push only to project to from which he originates
+      # Build can push only to the project from which it originates
       @authentication_abilities.include?(:build_create_container_image) &&
         requested_project == project
     end