Add latest changes from gitlab-org/gitlab@master

doc/development/experiment_guide/index.md

@@ -55,7 +55,7 @@ The author then adds a comment to this piece of code and adds a link to the issu
   end
   ```
-- [ ] Track necessery events. See the [event tracking guide](../event_tracking/index.md) for details.
+- [ ] Track necessary events. See the [event tracking guide](../event_tracking/index.md) for details.
 - [ ] After the merge request is merged, use [`chatops`](../../ci/chatops/README.md) to enable the feature flag and start the experiment. For visibility, please run the command in the `#s_growth` channel:
   ```

doc/development/testing_guide/frontend_testing.md

@@ -26,7 +26,7 @@ If you need to update an existing Karma test file (found in `spec/javascripts`),
 need to migrate the whole spec to Jest. Simply updating the Karma spec to test your change
 is fine. It is probably more appropriate to migrate to Jest in a separate merge request.
-If you need to create a new test file, we strongly recommend creating one in Jest. This will
+If you create a new test file, it needs to be created in Jest. This will
 help support our migration and we think you'll love using Jest.
 As always, please use discretion. Jest solves a lot of issues we experienced in Karma and

doc/user/admin_area/license.md

@@ -67,7 +67,7 @@ Omnibus installations should add this entry to `gitlab.rb`:
 gitlab_rails['license_file'] = "/path/to/license/file"
 ```
-CAUTION:: **Caution:**
+CAUTION: **Caution:**
 These methods will only add a license at the time of installation. Use the
 admin area in the web ui to renew or upgrade licenses.

doc/user/project/clusters/serverless/index.md

@@ -116,7 +116,8 @@ You must do the following:
 1. Ensure GitLab can manage Knative:
    - For a non-GitLab managed cluster, ensure that the service account for the token
-     provided can manage resources in the `serving.knative.dev` API group.
+     provided can manage resources in the `serving.knative.dev` API group. It will also
+     need list access to the deployments in the `knative-serving` namespace.
    - For a GitLab managed cluster, if you added the cluster in [GitLab 12.1 or later](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/30235),
      then GitLab will already have the required access and you can proceed to the next step.
@@ -153,6 +154,19 @@ You must do the following:
        - delete
        - patch
        - watch
+     ---
+     apiVersion: rbac.authorization.k8s.io/v1
+     kind: ClusterRole
+     metadata:
+       name: gitlab-knative-version-role
+     rules:
+     - apiGroups:
+       - apps
+       resources:
+       - deployments
+       verbs:
+       - list
+       - get
      ```
      Then run the following command:

lib/api/branches.rb

@@ -137,7 +137,7 @@ module API
       post ':id/repository/branches' do
         authorize_push_project
-        result = CreateBranchService.new(user_project, current_user)
+        result = ::Branches::CreateService.new(user_project, current_user)
                  .execute(params[:branch], params[:ref])
         if result[:status] == :success
@@ -162,7 +162,7 @@ module API
         commit = user_project.repository.commit(branch.dereferenced_target)
         destroy_conditionally!(commit, last_updated: commit.authored_date) do
-          result = DeleteBranchService.new(user_project, current_user)
+          result = ::Branches::DeleteService.new(user_project, current_user)
                     .execute(params[:branch])
           if result.error?
@@ -173,7 +173,7 @@ module API
       desc 'Delete all merged branches'
       delete ':id/repository/merged_branches' do
-        DeleteMergedBranchesService.new(user_project, current_user).async_execute
+        ::Branches::DeleteMergedService.new(user_project, current_user).async_execute
         accepted!
       end

lib/gitlab/ci/build/prerequisite/kubernetes_namespace.rb

@@ -8,7 +8,7 @@ module Gitlab
           def unmet?
             deployment_cluster.present? &&
               deployment_cluster.managed? &&
-              missing_namespace?
+              (missing_namespace? || missing_knative_version_role_binding?)
           end
           def complete!
@@ -23,6 +23,10 @@ module Gitlab
             kubernetes_namespace.nil? || kubernetes_namespace.service_account_token.blank?
           end
+          def missing_knative_version_role_binding?
+            knative_version_role_binding.nil?
+          end
+
           def deployment_cluster
             build.deployment&.cluster
           end
@@ -31,6 +35,14 @@ module Gitlab
             build.deployment.environment
           end
+          def knative_version_role_binding
+            strong_memoize(:knative_version_role_binding) do
+              Clusters::KnativeVersionRoleBindingFinder.new(
+                deployment_cluster
+              ).execute
+            end
+          end
+
           def kubernetes_namespace
             strong_memoize(:kubernetes_namespace) do
               Clusters::KubernetesNamespaceFinder.new(

lib/gitlab/git/commit.rb

@@ -370,15 +370,26 @@ module Gitlab
         # subject from the message to make it clearer when there's one
         # available but not the other.
         @message = message_from_gitaly_body
-        @authored_date = Time.at(commit.author.date.seconds).utc
+        @authored_date = init_date_from_gitaly(commit.author)
         @author_name = commit.author.name.dup
         @author_email = commit.author.email.dup
-        @committed_date = Time.at(commit.committer.date.seconds).utc
+
+        @committed_date = init_date_from_gitaly(commit.committer)
         @committer_name = commit.committer.name.dup
         @committer_email = commit.committer.email.dup
         @parent_ids = Array(commit.parent_ids)
       end
+      # Gitaly provides a UNIX timestamp in author.date.seconds, and a timezone
+      # offset in author.timezone. If the latter isn't present, assume UTC.
+      def init_date_from_gitaly(author)
+        if author.timezone.present?
+          Time.strptime("#{author.date.seconds} #{author.timezone}", '%s %z')
+        else
+          Time.at(author.date.seconds).utc
+        end
+      end
+
       def serialize_keys
         SERIALIZE_KEYS
       end

lib/gitlab/kubernetes/cluster_role.rb

+# frozen_string_literal: true
+
+module Gitlab
+  module Kubernetes
+    class ClusterRole
+      attr_reader :name, :rules
+
+      def initialize(name:, rules:)
+        @name = name
+        @rules = rules
+      end
+
+      def generate
+        ::Kubeclient::Resource.new(
+          metadata: metadata,
+          rules: rules
+        )
+      end
+
+      private
+
+      def metadata
+        {
+          name: name
+        }
+      end
+    end
+  end
+end

lib/gitlab/kubernetes/kube_client.rb

@@ -56,6 +56,7 @@ module Gitlab
       # group client
       delegate :create_cluster_role_binding,
         :get_cluster_role_binding,
+        :get_cluster_role_bindings,
         :update_cluster_role_binding,
         to: :rbac_client
@@ -66,6 +67,13 @@ module Gitlab
       :update_role,
       to: :rbac_client
+      # RBAC methods delegates to the apis/rbac.authorization.k8s.io api
+      # group client
+      delegate :create_cluster_role,
+      :get_cluster_role,
+      :update_cluster_role,
+      to: :rbac_client
+
       # RBAC methods delegates to the apis/rbac.authorization.k8s.io api
       # group client
       delegate :create_role_binding,

rubocop/cop/avoid_route_redirect_leading_slash.rb

@@ -7,10 +7,10 @@ module RuboCop
     #
     # @example
     #   # bad
-    #   root to: redirect('/-/instance/statistics/conversational_development_index')
+    #   root to: redirect('/-/instance/statistics/dev_ops_score')
     #
     #   # good
-    #   root to: redirect('-/instance/statistics/conversational_development_index')
+    #   root to: redirect('-/instance/statistics/dev_ops_score')
     #
     class AvoidRouteRedirectLeadingSlash < RuboCop::Cop::Cop

spec/controllers/application_controller_spec.rb

@@ -90,14 +90,6 @@ describe ApplicationController do
       let(:format) { :html }
       it_behaves_like 'setting gon variables'
-
-      context 'for peek requests' do
-        before do
-          request.path = '/-/peek'
-        end
-
-        it_behaves_like 'not setting gon variables'
-      end
     end
     context 'with json format' do
@@ -105,6 +97,12 @@ describe ApplicationController do
       it_behaves_like 'not setting gon variables'
     end
+
+    context 'with atom format' do
+      let(:format) { :atom }
+
+      it_behaves_like 'not setting gon variables'
+    end
   end
   describe 'session expiration' do

spec/controllers/instance_statistics/conversational_development_index_controller_spec.rb → spec/controllers/instance_statistics/dev_ops_score_controller_spec.rb

@@ -2,6 +2,6 @@
 require 'spec_helper'
-describe InstanceStatistics::ConversationalDevelopmentIndexController do
+describe InstanceStatistics::DevOpsScoreController do
   it_behaves_like 'instance statistics availability'
 end

spec/controllers/projects/branches_controller_spec.rb

@@ -178,7 +178,7 @@ describe Projects::BranchesController do
         it 'redirects to newly created branch' do
           result = { status: :success, branch: double(name: branch) }
-          expect_any_instance_of(CreateBranchService).to receive(:execute).and_return(result)
+          expect_any_instance_of(::Branches::CreateService).to receive(:execute).and_return(result)
           expect(SystemNoteService).to receive(:new_issue_branch).and_return(true)
           post :create,
@@ -200,7 +200,7 @@ describe Projects::BranchesController do
           it 'redirects to autodeploy setup page' do
             result = { status: :success, branch: double(name: branch) }
-            expect_any_instance_of(CreateBranchService).to receive(:execute).and_return(result)
+            expect_any_instance_of(::Branches::CreateService).to receive(:execute).and_return(result)
             expect(SystemNoteService).to receive(:new_issue_branch).and_return(true)
             post :create,
@@ -221,7 +221,7 @@ describe Projects::BranchesController do
           create(:cluster, :provided_by_gcp, projects: [project])
-          expect_any_instance_of(CreateBranchService).to receive(:execute).and_return(result)
+          expect_any_instance_of(::Branches::CreateService).to receive(:execute).and_return(result)
           expect(SystemNoteService).to receive(:new_issue_branch).and_return(true)
           post :create,
@@ -459,7 +459,7 @@ describe Projects::BranchesController do
       end
       it 'starts worker to delete merged branches' do
-        expect_any_instance_of(DeleteMergedBranchesService).to receive(:async_execute)
+        expect_any_instance_of(::Branches::DeleteMergedService).to receive(:async_execute)
         destroy_all_merged
       end

spec/controllers/uploads_controller_spec.rb

@@ -228,10 +228,10 @@ describe UploadsController do
             user.block
           end
-          it "redirects to the sign in page" do
+          it "responds with status 401" do
             get :show, params: { model: "user", mounted_as: "avatar", id: user.id, filename: "dk.png" }
-            expect(response).to redirect_to(new_user_session_path)
+            expect(response).to have_gitlab_http_status(401)
           end
         end
@@ -320,10 +320,10 @@ describe UploadsController do
         end
         context "when not signed in" do
-          it "redirects to the sign in page" do
+          it "responds with status 401" do
             get :show, params: { model: "project", mounted_as: "avatar", id: project.id, filename: "dk.png" }
-            expect(response).to redirect_to(new_user_session_path)
+            expect(response).to have_gitlab_http_status(401)
           end
         end
@@ -343,10 +343,10 @@ describe UploadsController do
                 project.add_maintainer(user)
               end
-              it "redirects to the sign in page" do
+              it "responds with status 401" do
                 get :show, params: { model: "project", mounted_as: "avatar", id: project.id, filename: "dk.png" }
-                expect(response).to redirect_to(new_user_session_path)
+                expect(response).to have_gitlab_http_status(401)
               end
             end
@@ -439,10 +439,10 @@ describe UploadsController do
                 user.block
               end
-              it "redirects to the sign in page" do
+              it "responds with status 401" do
                 get :show, params: { model: "group", mounted_as: "avatar", id: group.id, filename: "dk.png" }
-                expect(response).to redirect_to(new_user_session_path)
+                expect(response).to have_gitlab_http_status(401)
               end
             end
@@ -526,10 +526,10 @@ describe UploadsController do
         end
         context "when not signed in" do
-          it "redirects to the sign in page" do
+          it "responds with status 401" do
             get :show, params: { model: "note", mounted_as: "attachment", id: note.id, filename: "dk.png" }
-            expect(response).to redirect_to(new_user_session_path)
+            expect(response).to have_gitlab_http_status(401)
           end
         end
@@ -549,10 +549,10 @@ describe UploadsController do
                 project.add_maintainer(user)
               end
-              it "redirects to the sign in page" do
+              it "responds with status 401" do
                 get :show, params: { model: "note", mounted_as: "attachment", id: note.id, filename: "dk.png" }
-                expect(response).to redirect_to(new_user_session_path)
+                expect(response).to have_gitlab_http_status(401)
               end
             end

spec/features/dashboard/milestones_spec.rb

@@ -30,6 +30,7 @@ describe 'Dashboard > Milestones' do
       expect(current_path).to eq dashboard_milestones_path
       expect(page).to have_content(milestone.title)
       expect(page).to have_content(group.name)
+      expect(first('.milestone')).to have_content('Merge Requests')
     end
     describe 'new milestones dropdown', :js do
@@ -46,4 +47,23 @@ describe 'Dashboard > Milestones' do
       end
     end
   end
+
+  describe 'with merge requests disabled' do
+    let(:user) { create(:user) }
+    let(:group) { create(:group) }
+    let(:project) { create(:project, :merge_requests_disabled, namespace: user.namespace) }
+    let!(:milestone) { create(:milestone, project: project) }
+
+    before do
+      group.add_developer(user)
+      sign_in(user)
+      visit dashboard_milestones_path
+    end
+
+    it 'does not see milestones' do
+      expect(current_path).to eq dashboard_milestones_path
+      expect(page).to have_content(milestone.title)
+      expect(first('.milestone')).to have_no_content('Merge Requests')
+    end
+  end
 end

spec/features/instance_statistics/conversational_development_index_spec.rb → spec/features/instance_statistics/dev_ops_score_spec.rb

@@ -2,13 +2,13 @@
 require 'spec_helper'
-describe 'Conversational Development Index' do
+describe 'Dev Ops Score' do
   before do
     sign_in(create(:admin))
   end
   it 'has dismissable intro callout', :js do
-    visit instance_statistics_conversational_development_index_index_path
+    visit instance_statistics_dev_ops_score_index_path
     expect(page).to have_content 'Introducing Your Conversational Development Index'
@@ -23,13 +23,13 @@ describe 'Conversational Development Index' do
     end
     it 'shows empty state' do
-      visit instance_statistics_conversational_development_index_index_path
+      visit instance_statistics_dev_ops_score_index_path
       expect(page).to have_content('Usage ping is not enabled')
     end
     it 'hides the intro callout' do
-      visit instance_statistics_conversational_development_index_index_path
+      visit instance_statistics_dev_ops_score_index_path
       expect(page).not_to have_content 'Introducing Your Conversational Development Index'
     end
@@ -39,7 +39,7 @@ describe 'Conversational Development Index' do
     it 'shows empty state' do
       stub_application_setting(usage_ping_enabled: true)
-      visit instance_statistics_conversational_development_index_index_path
+      visit instance_statistics_dev_ops_score_index_path
       expect(page).to have_content('Data is still calculating')
     end
@@ -50,7 +50,7 @@ describe 'Conversational Development Index' do
       stub_application_setting(usage_ping_enabled: true)
       create(:dev_ops_score_metric)
-      visit instance_statistics_conversational_development_index_index_path
+      visit instance_statistics_dev_ops_score_index_path
       expect(page).to have_content(
         'Issues created per active user 1.2 You 9.3 Lead 13.3%'

spec/features/merge_request/user_sees_deleted_target_branch_spec.rb

@@ -9,7 +9,7 @@ describe 'Merge request > User sees deleted target branch', :js do
   before do
     project.add_maintainer(user)
-    DeleteBranchService.new(project, user).execute('feature')
+    ::Branches::DeleteService.new(project, user).execute('feature')
     sign_in(user)
     visit project_merge_request_path(project, merge_request)
   end

spec/features/merge_request/user_selects_branches_for_new_mr_spec.rb

@@ -178,10 +178,11 @@ describe 'Merge request > User selects branches for new MR', :js do
   end
   context 'with special characters in branch names' do
+    let(:create_branch_service) { ::Branches::CreateService.new(project, user) }
+
     it 'escapes quotes in branch names' do
       special_branch_name = '"with-quotes"'
-      CreateBranchService.new(project, user)
-        .execute(special_branch_name, 'add-pdf-file')
+      create_branch_service.execute(special_branch_name, 'add-pdf-file')
       visit project_new_merge_request_path(project)
       select_source_branch(special_branch_name)
@@ -192,8 +193,7 @@ describe 'Merge request > User selects branches for new MR', :js do
     it 'does not escape unicode in branch names' do
       special_branch_name = 'ʕ•ᴥ•ʔ'
-      CreateBranchService.new(project, user)
-        .execute(special_branch_name, 'add-pdf-file')
+      create_branch_service.execute(special_branch_name, 'add-pdf-file')
       visit project_new_merge_request_path(project)
       select_source_branch(special_branch_name)

spec/features/milestones/user_views_milestones_spec.rb

@@ -18,6 +18,7 @@ describe "User views milestones" do
     expect(page).to have_content(milestone.title)
       .and have_content(milestone.expires_at)
       .and have_content("Issues")
+      .and have_content("Merge Requests")
   end
   context "with issues" do
@@ -32,6 +33,7 @@ describe "User views milestones" do
         .and have_selector("#tab-issues li.issuable-row", count: 2)
         .and have_content(issue.title)
         .and have_content(closed_issue.title)
+        .and have_selector("#tab-merge-requests")
     end
   end
@@ -62,3 +64,32 @@ describe "User views milestones" do
     end
   end
 end
+
+describe "User views milestones with no MR" do
+  set(:user) { create(:user) }
+  set(:project) { create(:project, :merge_requests_disabled) }
+  set(:milestone) { create(:milestone, project: project) }
+
+  before do
+    project.add_developer(user)
+    sign_in(user)
+
+    visit(project_milestones_path(project))
+  end
+
+  it "shows milestone" do
+    expect(page).to have_content(milestone.title)
+      .and have_content(milestone.expires_at)
+      .and have_content("Issues")
+      .and have_no_content("Merge Requests")
+  end
+
+  it "opens milestone" do
+    click_link(milestone.title)
+
+    expect(current_path).to eq(project_milestone_path(project, milestone))
+    expect(page).to have_content(milestone.title)
+      .and have_selector("#tab-issues")
+      .and have_no_selector("#tab-merge-requests")
+  end
+end

spec/frontend/environment.js

@@ -31,6 +31,7 @@ class CustomEnvironment extends JSDOMEnvironment {
     this.global.gon = {
       ee: IS_EE,
     };
+    this.global.IS_EE = IS_EE;
     this.rejectedPromises = [];