diff --git a/.rubocop.yml b/.rubocop.yml
index c1a5d06770fb78f2eaf648a72e8ab01f9c7147d4..369e55abcdbb36ef1a378ea90a27f7555252b2f1 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -140,7 +140,7 @@ Style/CommentAnnotation:
 
 Style/CommentIndentation:
   Description: 'Indentation of comments.'
-  Enabled: false
+  Enabled: true
 
 Style/ConstantName:
   Description: 'Constants should use SCREAMING_SNAKE_CASE.'
diff --git a/app/helpers/notes_helper.rb b/app/helpers/notes_helper.rb
index d41d56173969efb9698eb147e6e7659983bb88d9..8edcb8e6a80b2fa2ab20dab417c1e420cb6084d4 100644
--- a/app/helpers/notes_helper.rb
+++ b/app/helpers/notes_helper.rb
@@ -1,5 +1,5 @@
 module NotesHelper
-   # Helps to distinguish e.g. commit notes in mr notes list
+  # Helps to distinguish e.g. commit notes in mr notes list
   def note_for_main_target?(note)
     (@noteable.class.name == note.noteable_type && !note.for_diff_line?)
   end
diff --git a/config/initializers/carrierwave.rb b/config/initializers/carrierwave.rb
index 667f198667cba6fb2551fb970e07d9eaa0efb60a..bfb8656df552da088bf7848deaa77540945bead2 100644
--- a/config/initializers/carrierwave.rb
+++ b/config/initializers/carrierwave.rb
@@ -12,11 +12,19 @@ if File.exists?(aws_file)
       aws_secret_access_key: AWS_CONFIG['secret_access_key'], # required
       region: AWS_CONFIG['region'],                           # optional, defaults to 'us-east-1'
     }
-    config.fog_directory  = AWS_CONFIG['bucket']                    # required
-    config.fog_public     = false                                   # optional, defaults to true
-    config.fog_attributes = { 'Cache-Control'=>'max-age=315576000' }  # optional, defaults to {}
-    config.fog_authenticated_url_expiration = 1 << 29               # optional time (in seconds) that authenticated urls will be valid.
-                                                                    # when fog_public is false and provider is AWS or Google, defaults to 600
+
+    # required
+    config.fog_directory = AWS_CONFIG['bucket']
+
+    # optional, defaults to true
+    config.fog_public = false
+
+    # optional, defaults to {}
+    config.fog_attributes = { 'Cache-Control'=>'max-age=315576000' }
+
+    # optional time (in seconds) that authenticated urls will be valid.
+    # when fog_public is false and provider is AWS or Google, defaults to 600
+    config.fog_authenticated_url_expiration = 1 << 29
   end
 
   # Mocking Fog requests, based on: https://github.com/carrierwaveuploader/carrierwave/wiki/How-to%3A-Test-Fog-based-uploaders
diff --git a/lib/gitlab/git_access.rb b/lib/gitlab/git_access.rb
index ea96d04c5aba4c02ccf9fea7044ee4782a94bc47..0530923b2028fbc8f267f05a3c2d63e343d5f06c 100644
--- a/lib/gitlab/git_access.rb
+++ b/lib/gitlab/git_access.rb
@@ -113,8 +113,8 @@ module Gitlab
       # we dont allow force push to protected branch
       if forced_push?(project, oldrev, newrev)
        :force_push_code_to_protected_branches
-       # and we dont allow remove of protected branch
       elsif newrev == Gitlab::Git::BLANK_SHA
+       # and we dont allow remove of protected branch
        :remove_protected_branches
       elsif project.developers_can_push_to_protected_branch?(branch_name)
        :push_code