diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 49c4b059dbc..610a5ecba6d 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -327,7 +327,7 @@ cloud-native-image:
   cache: {}
   script:
     - gem install gitlab --no-ri --no-rdoc
-    - ./trigger-build cng
+    - ./scripts/trigger-build cng
   only:
     - tags@gitlab-org/gitlab-ce
     - tags@gitlab-org/gitlab-ee
diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml
index 3e1713f845e..8a1ca6747a8 100644
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@@ -199,12 +199,6 @@ Naming/HeredocDelimiterCase:
 Naming/HeredocDelimiterNaming:
   Enabled: false
 
-# Offense count: 27
-# Cop supports --auto-correct.
-# Configuration parameters: AutoCorrect.
-Performance/HashEachMethods:
-  Enabled: false
-
 # Offense count: 1
 Performance/UnfreezeString:
   Exclude:
diff --git a/Gemfile b/Gemfile
index 1fbc240bf6f..d575568adaa 100644
--- a/Gemfile
+++ b/Gemfile
@@ -104,7 +104,7 @@ gem 'hashie-forbidden_attributes'
 gem 'kaminari', '~> 1.0'
 
 # HAML
-gem 'hamlit', '~> 2.6.1'
+gem 'hamlit', '~> 2.8.8'
 
 # Files attachments
 gem 'carrierwave', '~> 1.2'
@@ -351,9 +351,9 @@ group :development, :test do
   gem 'spring', '~> 2.0.0'
   gem 'spring-commands-rspec', '~> 1.0.4'
 
-  gem 'gitlab-styles', '~> 2.3', require: false
+  gem 'gitlab-styles', '~> 2.4', require: false
   # Pin these dependencies, otherwise a new rule could break the CI pipelines
-  gem 'rubocop', '~> 0.52.1'
+  gem 'rubocop', '~> 0.54.0'
   gem 'rubocop-rspec', '~> 1.22.1'
 
   gem 'scss_lint', '~> 0.56.0', require: false
diff --git a/Gemfile.lock b/Gemfile.lock
index a889c4dc3a0..1b8a777ceb4 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -312,8 +312,8 @@ GEM
       mime-types (>= 1.16)
       posix-spawn (~> 0.3)
     gitlab-markup (1.6.4)
-    gitlab-styles (2.3.2)
-      rubocop (~> 0.51)
+    gitlab-styles (2.4.1)
+      rubocop (~> 0.54.0)
       rubocop-gitlab-security (~> 0.1.0)
       rubocop-rspec (~> 1.19)
     gitlab_omniauth-ldap (2.0.4)
@@ -381,8 +381,8 @@ GEM
       rake (>= 10, < 13)
       rubocop (>= 0.49.0)
       sysexits (~> 1.1)
-    hamlit (2.6.1)
-      temple (~> 0.7.6)
+    hamlit (2.8.8)
+      temple (>= 0.8.0)
       thor
       tilt
     hashdiff (0.3.4)
@@ -776,16 +776,16 @@ GEM
       pg
       rails
       sqlite3
-    rubocop (0.52.1)
+    rubocop (0.54.0)
       parallel (~> 1.10)
-      parser (>= 2.4.0.2, < 3.0)
+      parser (>= 2.5)
       powerpack (~> 0.1)
       rainbow (>= 2.2.2, < 4.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (~> 1.0, >= 1.0.1)
     rubocop-gitlab-security (0.1.1)
       rubocop (>= 0.51)
-    rubocop-rspec (1.22.1)
+    rubocop-rspec (1.22.2)
       rubocop (>= 0.52.1)
     ruby-enum (0.7.2)
       i18n
@@ -889,7 +889,7 @@ GEM
     sys-filesystem (1.1.6)
       ffi
     sysexits (1.2.0)
-    temple (0.7.7)
+    temple (0.8.0)
     test-prof (0.2.5)
     test_after_commit (1.1.0)
       activerecord (>= 3.2)
@@ -900,7 +900,7 @@ GEM
       rack (>= 1, < 3)
     thor (0.19.4)
     thread_safe (0.3.6)
-    tilt (2.0.6)
+    tilt (2.0.8)
     timecop (0.8.1)
     timfel-krb5-auth (0.8.3)
     toml (0.1.2)
@@ -1043,7 +1043,7 @@ DEPENDENCIES
   gitlab-gollum-lib (~> 4.2)
   gitlab-gollum-rugged_adapter (~> 0.4.4)
   gitlab-markup (~> 1.6.4)
-  gitlab-styles (~> 2.3)
+  gitlab-styles (~> 2.4)
   gitlab_omniauth-ldap (~> 2.0.4)
   gon (~> 6.2)
   google-api-client (~> 0.19.8)
@@ -1057,7 +1057,7 @@ DEPENDENCIES
   graphql (~> 1.8.0)
   grpc (~> 1.11.0)
   haml_lint (~> 0.26.0)
-  hamlit (~> 2.6.1)
+  hamlit (~> 2.8.8)
   hashie-forbidden_attributes
   health_check (~> 2.6.0)
   hipchat (~> 1.5.0)
@@ -1143,7 +1143,7 @@ DEPENDENCIES
   rspec-retry (~> 0.4.5)
   rspec-set (~> 0.1.3)
   rspec_profiling (~> 0.0.5)
-  rubocop (~> 0.52.1)
+  rubocop (~> 0.54.0)
   rubocop-rspec (~> 1.22.1)
   ruby-fogbugz (~> 0.2.1)
   ruby-prof (~> 0.17.0)
diff --git a/Gemfile.rails5.lock b/Gemfile.rails5.lock
index 8c46b8c5916..766f2479ea5 100644
--- a/Gemfile.rails5.lock
+++ b/Gemfile.rails5.lock
@@ -79,7 +79,7 @@ GEM
     babosa (1.0.2)
     base32 (0.3.2)
     batch-loader (1.2.1)
-    bcrypt (3.1.11)
+    bcrypt (3.1.12)
     bcrypt_pbkdf (1.0.0)
     benchmark-ips (2.3.0)
     better_errors (2.1.1)
@@ -111,7 +111,7 @@ GEM
     capybara-screenshot (1.0.14)
       capybara (>= 1.0, < 3)
       launchy
-    carrierwave (1.2.1)
+    carrierwave (1.2.3)
       activemodel (>= 4.0.0)
       activesupport (>= 4.0.0)
       mime-types (>= 1.16)
@@ -315,8 +315,8 @@ GEM
       mime-types (>= 1.16)
       posix-spawn (~> 0.3)
     gitlab-markup (1.6.4)
-    gitlab-styles (2.3.2)
-      rubocop (~> 0.51)
+    gitlab-styles (2.4.1)
+      rubocop (~> 0.54.0)
       rubocop-gitlab-security (~> 0.1.0)
       rubocop-rspec (~> 1.19)
     gitlab_omniauth-ldap (2.0.4)
@@ -384,8 +384,8 @@ GEM
       rake (>= 10, < 13)
       rubocop (>= 0.49.0)
       sysexits (~> 1.1)
-    hamlit (2.6.1)
-      temple (~> 0.7.6)
+    hamlit (2.8.8)
+      temple (>= 0.8.0)
       thor
       tilt
     hashdiff (0.3.4)
@@ -514,7 +514,7 @@ GEM
     net-ssh (5.0.1)
     netrc (0.11.0)
     nio4r (2.3.1)
-    nokogiri (1.8.2)
+    nokogiri (1.8.3)
       mini_portile2 (~> 2.3.0)
     nokogumbo (1.5.0)
       nokogiri
@@ -785,16 +785,16 @@ GEM
       pg
       rails
       sqlite3
-    rubocop (0.52.1)
+    rubocop (0.54.0)
       parallel (~> 1.10)
-      parser (>= 2.4.0.2, < 3.0)
+      parser (>= 2.5)
       powerpack (~> 0.1)
       rainbow (>= 2.2.2, < 4.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (~> 1.0, >= 1.0.1)
     rubocop-gitlab-security (0.1.1)
       rubocop (>= 0.51)
-    rubocop-rspec (1.22.1)
+    rubocop-rspec (1.22.2)
       rubocop (>= 0.52.1)
     ruby-enum (0.7.2)
       i18n
@@ -811,7 +811,7 @@ GEM
     rubyzip (1.2.1)
     rufus-scheduler (3.4.0)
       et-orbi (~> 1.0)
-    rugged (0.27.1)
+    rugged (0.27.2)
     safe_yaml (1.0.4)
     sanitize (4.6.5)
       crass (~> 1.0.2)
@@ -877,7 +877,7 @@ GEM
       activesupport (>= 4.2)
     spring-commands-rspec (1.0.4)
       spring (>= 0.9.1)
-    sprockets (3.7.1)
+    sprockets (3.7.2)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
     sprockets-rails (3.2.1)
@@ -898,7 +898,7 @@ GEM
     sys-filesystem (1.1.6)
       ffi
     sysexits (1.2.0)
-    temple (0.7.7)
+    temple (0.8.0)
     test-prof (0.2.5)
     text (1.3.1)
     thin (1.7.0)
@@ -1053,7 +1053,7 @@ DEPENDENCIES
   gitlab-gollum-lib (~> 4.2)
   gitlab-gollum-rugged_adapter (~> 0.4.4)
   gitlab-markup (~> 1.6.4)
-  gitlab-styles (~> 2.3)
+  gitlab-styles (~> 2.4)
   gitlab_omniauth-ldap (~> 2.0.4)
   gon (~> 6.2)
   google-api-client (~> 0.19.8)
@@ -1067,7 +1067,7 @@ DEPENDENCIES
   graphql (~> 1.8.0)
   grpc (~> 1.11.0)
   haml_lint (~> 0.26.0)
-  hamlit (~> 2.6.1)
+  hamlit (~> 2.8.8)
   hashie-forbidden_attributes
   health_check (~> 2.6.0)
   hipchat (~> 1.5.0)
@@ -1154,7 +1154,7 @@ DEPENDENCIES
   rspec-retry (~> 0.4.5)
   rspec-set (~> 0.1.3)
   rspec_profiling (~> 0.0.5)
-  rubocop (~> 0.52.1)
+  rubocop (~> 0.54.0)
   rubocop-rspec (~> 1.22.1)
   ruby-fogbugz (~> 0.2.1)
   ruby-prof (~> 0.17.0)
diff --git a/README.md b/README.md
index 77f03b791f2..b6e1cc9a432 100644
--- a/README.md
+++ b/README.md
@@ -1,11 +1,5 @@
 # GitLab
 
-[![Build status](https://gitlab.com/gitlab-org/gitlab-ce/badges/master/build.svg)](https://gitlab.com/gitlab-org/gitlab-ce/commits/master)
-[![Overall test coverage](https://gitlab.com/gitlab-org/gitlab-ce/badges/master/coverage.svg)](https://gitlab.com/gitlab-org/gitlab-ce/pipelines)
-[![Code Climate](https://codeclimate.com/github/gitlabhq/gitlabhq.svg)](https://codeclimate.com/github/gitlabhq/gitlabhq)
-[![Core Infrastructure Initiative Best Practices](https://bestpractices.coreinfrastructure.org/projects/42/badge)](https://bestpractices.coreinfrastructure.org/projects/42)
-[![Gitter](https://badges.gitter.im/gitlabhq/gitlabhq.svg)](https://gitter.im/gitlabhq/gitlabhq?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge)
-
 ## Test coverage
 
 - [![Ruby coverage](https://gitlab.com/gitlab-org/gitlab-ce/badges/master/coverage.svg?job=coverage)](https://gitlab-org.gitlab.io/gitlab-ce/coverage-ruby) Ruby
diff --git a/Rakefile b/Rakefile
index 85fff2d51eb..de0d6695c7b 100755
--- a/Rakefile
+++ b/Rakefile
@@ -2,9 +2,9 @@
 # Add your own tasks in files placed in lib/tasks ending in .rake,
 # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
 
-require File.expand_path('../config/application', __FILE__)
+require File.expand_path('config/application', __dir__)
 
-relative_url_conf = File.expand_path('../config/initializers/relative_url', __FILE__)
+relative_url_conf = File.expand_path('config/initializers/relative_url', __dir__)
 require relative_url_conf if File.exist?("#{relative_url_conf}.rb")
 
 Gitlab::Application.load_tasks
diff --git a/app/assets/javascripts/diffs/components/diff_file_header.vue b/app/assets/javascripts/diffs/components/diff_file_header.vue
index ac4f37512ec..c5abd0a9568 100644
--- a/app/assets/javascripts/diffs/components/diff_file_header.vue
+++ b/app/assets/javascripts/diffs/components/diff_file_header.vue
@@ -39,11 +39,6 @@ export default {
       required: false,
       default: true,
     },
-    discussionsExpanded: {
-      type: Boolean,
-      required: false,
-      default: true,
-    },
     currentUser: {
       type: Object,
       required: true,
@@ -116,7 +111,7 @@ export default {
   },
   methods: {
     ...mapActions('diffs', ['toggleFileDiscussions']),
-    handleToggle(e, checkTarget) {
+    handleToggleFile(e, checkTarget) {
       if (
         !checkTarget ||
         e.target === this.$refs.header ||
@@ -128,7 +123,7 @@ export default {
     showForkMessage() {
       this.$emit('showForkMessage');
     },
-    handleToggleDiscussions(){
+    handleToggleDiscussions() {
       this.toggleFileDiscussions(this.diffFile);
     },
   },
@@ -139,7 +134,7 @@ export default {
   <div
     ref="header"
     class="js-file-title file-title file-title-flex-parent"
-    @click="handleToggle($event, true)"
+    @click="handleToggleFile($event, true)"
   >
     <div class="file-header-content">
       <icon
@@ -224,9 +219,9 @@ export default {
         <button
           :class="{ active: hasExpandedDiscussions }"
           :title="s__('MergeRequests|Toggle comments for this file')"
-          @click="handleToggleDiscussions"
-          class="btn"
+          class="js-btn-vue-toggle-comments btn"
           type="button"
+          @click="handleToggleDiscussions"
         >
           <icon name="comment" />
         </button>
diff --git a/app/assets/javascripts/diffs/store/actions.js b/app/assets/javascripts/diffs/store/actions.js
index 2e6092d7e87..18caf87d6da 100644
--- a/app/assets/javascripts/diffs/store/actions.js
+++ b/app/assets/javascripts/diffs/store/actions.js
@@ -112,15 +112,5 @@ export const toggleFileDiscussions = ({ getters, dispatch }, diff) => {
   });
 };
 
-export default {
-  setBaseConfig,
-  fetchDiffFiles,
-  setInlineDiffViewType,
-  setParallelDiffViewType,
-  showCommentForm,
-  cancelCommentForm,
-  loadMoreLines,
-  loadCollapsedDiff,
-  expandAllFiles,
-  toggleFileDiscussions,
-};
+// prevent babel-plugin-rewire from generating an invalid default during karma tests
+export default () => {};
diff --git a/app/assets/javascripts/diffs/store/getters.js b/app/assets/javascripts/diffs/store/getters.js
index 9a8d27d0b04..f89acb73ed8 100644
--- a/app/assets/javascripts/diffs/store/getters.js
+++ b/app/assets/javascripts/diffs/store/getters.js
@@ -31,6 +31,20 @@ export const diffHasAllCollpasedDiscussions = (state, getters) => diff => {
   return (discussions.length && discussions.every(discussion => !discussion.expanded)) || false;
 };
 
+/**
+ * Checks if the diff has any open discussions
+ * @param {Object} diff
+ * @returns {Boolean}
+ */
+export const diffHasExpandedDiscussions = (state, getters) => diff => {
+  const discussions = getters.getDiffFileDiscussions(diff);
+
+  return (
+    (discussions.length && discussions.find(discussion => discussion.expanded) !== undefined) ||
+    false
+  );
+};
+
 /**
  * Returns an array with the discussions of the given diff
  * @param {Object} diff
diff --git a/app/assets/javascripts/diffs/store/index.js b/app/assets/javascripts/diffs/store/index.js
deleted file mode 100644
index e6aa8f5b12a..00000000000
--- a/app/assets/javascripts/diffs/store/index.js
+++ /dev/null
@@ -1,11 +0,0 @@
-import Vue from 'vue';
-import Vuex from 'vuex';
-import diffsModule from './modules';
-
-Vue.use(Vuex);
-
-export default new Vuex.Store({
-  modules: {
-    diffs: diffsModule,
-  },
-});
diff --git a/app/assets/javascripts/diffs/store/modules/index.js b/app/assets/javascripts/diffs/store/modules/index.js
index 90505f83b60..20d1ebbe049 100644
--- a/app/assets/javascripts/diffs/store/modules/index.js
+++ b/app/assets/javascripts/diffs/store/modules/index.js
@@ -1,4 +1,4 @@
-import actions from '../actions';
+import * as actions from '../actions';
 import * as getters from '../getters';
 import mutations from '../mutations';
 import createState from './diff_state';
diff --git a/app/assets/javascripts/due_date_select.js b/app/assets/javascripts/due_date_select.js
index 17ea3bdb179..8abd8bc581a 100644
--- a/app/assets/javascripts/due_date_select.js
+++ b/app/assets/javascripts/due_date_select.js
@@ -171,6 +171,8 @@ export default class DueDateSelectors {
   initMilestoneDatePicker() {
     $('.datepicker').each(function initPikadayMilestone() {
       const $datePicker = $(this);
+      const datePickerVal = $datePicker.val();
+
       const calendar = new Pikaday({
         field: $datePicker.get(0),
         theme: 'gitlab-theme animate-picker',
@@ -183,7 +185,7 @@ export default class DueDateSelectors {
         },
       });
 
-      calendar.setDate(parsePikadayDate($datePicker.val()));
+      calendar.setDate(parsePikadayDate(datePickerVal));
 
       $datePicker.data('pikaday', calendar);
     });
diff --git a/app/assets/javascripts/environments/components/environment_actions.vue b/app/assets/javascripts/environments/components/environment_actions.vue
index e3652fe739e..63d83e307ee 100644
--- a/app/assets/javascripts/environments/components/environment_actions.vue
+++ b/app/assets/javascripts/environments/components/environment_actions.vue
@@ -1,50 +1,50 @@
 <script>
-  import Icon from '~/vue_shared/components/icon.vue';
-  import eventHub from '../event_hub';
-  import loadingIcon from '../../vue_shared/components/loading_icon.vue';
-  import tooltip from '../../vue_shared/directives/tooltip';
+import Icon from '~/vue_shared/components/icon.vue';
+import eventHub from '../event_hub';
+import loadingIcon from '../../vue_shared/components/loading_icon.vue';
+import tooltip from '../../vue_shared/directives/tooltip';
 
-  export default {
-    directives: {
-      tooltip,
+export default {
+  directives: {
+    tooltip,
+  },
+  components: {
+    loadingIcon,
+    Icon,
+  },
+  props: {
+    actions: {
+      type: Array,
+      required: false,
+      default: () => [],
     },
-    components: {
-      loadingIcon,
-      Icon,
+  },
+  data() {
+    return {
+      isLoading: false,
+    };
+  },
+  computed: {
+    title() {
+      return 'Deploy to...';
     },
-    props: {
-      actions: {
-        type: Array,
-        required: false,
-        default: () => [],
-      },
-    },
-    data() {
-      return {
-        isLoading: false,
-      };
-    },
-    computed: {
-      title() {
-        return 'Deploy to...';
-      },
-    },
-    methods: {
-      onClickAction(endpoint) {
-        this.isLoading = true;
+  },
+  methods: {
+    onClickAction(endpoint) {
+      this.isLoading = true;
 
-        eventHub.$emit('postAction', endpoint);
-      },
-
-      isActionDisabled(action) {
-        if (action.playable === undefined) {
-          return false;
-        }
-
-        return !action.playable;
-      },
+      eventHub.$emit('postAction', { endpoint });
     },
-  };
+
+    isActionDisabled(action) {
+      if (action.playable === undefined) {
+        return false;
+      }
+
+      return !action.playable;
+    },
+  },
+};
 </script>
 <template>
   <div
@@ -61,10 +61,7 @@
       data-toggle="dropdown"
     >
       <span>
-        <icon
-          :size="12"
-          name="play"
-        />
+        <icon name="play" />
         <i
           class="fa fa-caret-down"
           aria-hidden="true"
@@ -85,10 +82,6 @@
           class="js-manual-action-link no-btn btn"
           @click="onClickAction(action.play_path)"
         >
-          <icon
-            :size="12"
-            name="play"
-          />
           <span>
             {{ action.name }}
           </span>
diff --git a/app/assets/javascripts/environments/components/environment_external_url.vue b/app/assets/javascripts/environments/components/environment_external_url.vue
index 68195225d50..7446196de13 100644
--- a/app/assets/javascripts/environments/components/environment_external_url.vue
+++ b/app/assets/javascripts/environments/components/environment_external_url.vue
@@ -1,30 +1,30 @@
 <script>
-  import Icon from '~/vue_shared/components/icon.vue';
-  import tooltip from '../../vue_shared/directives/tooltip';
-  import { s__ } from '../../locale';
+import Icon from '~/vue_shared/components/icon.vue';
+import tooltip from '../../vue_shared/directives/tooltip';
+import { s__ } from '../../locale';
 
-  /**
-  * Renders the external url link in environments table.
-  */
-  export default {
-    components: {
-      Icon,
+/**
+ * Renders the external url link in environments table.
+ */
+export default {
+  components: {
+    Icon,
+  },
+  directives: {
+    tooltip,
+  },
+  props: {
+    externalUrl: {
+      type: String,
+      required: true,
     },
-    directives: {
-      tooltip,
+  },
+  computed: {
+    title() {
+      return s__('Environments|Open live environment');
     },
-    props: {
-      externalUrl: {
-        type: String,
-        required: true,
-      },
-    },
-    computed: {
-      title() {
-        return s__('Environments|Open');
-      },
-    },
-  };
+  },
+};
 </script>
 <template>
   <a
@@ -37,9 +37,6 @@
     target="_blank"
     rel="noopener noreferrer nofollow"
   >
-    <icon
-      :size="12"
-      name="external-link"
-    />
+    <icon name="external-link" />
   </a>
 </template>
diff --git a/app/assets/javascripts/environments/components/environment_item.vue b/app/assets/javascripts/environments/components/environment_item.vue
index 5ecdccf63ad..39f3790a286 100644
--- a/app/assets/javascripts/environments/components/environment_item.vue
+++ b/app/assets/javascripts/environments/components/environment_item.vue
@@ -1,429 +1,450 @@
 <script>
-  import Timeago from 'timeago.js';
-  import _ from 'underscore';
-  import tooltip from '~/vue_shared/directives/tooltip';
-  import UserAvatarLink from '~/vue_shared/components/user_avatar/user_avatar_link.vue';
-  import { humanize } from '~/lib/utils/text_utility';
-  import ActionsComponent from './environment_actions.vue';
-  import ExternalUrlComponent from './environment_external_url.vue';
-  import StopComponent from './environment_stop.vue';
-  import RollbackComponent from './environment_rollback.vue';
-  import TerminalButtonComponent from './environment_terminal_button.vue';
-  import MonitoringButtonComponent from './environment_monitoring.vue';
-  import CommitComponent from '../../vue_shared/components/commit.vue';
-  import eventHub from '../event_hub';
+import Timeago from 'timeago.js';
+import _ from 'underscore';
+import tooltip from '~/vue_shared/directives/tooltip';
+import UserAvatarLink from '~/vue_shared/components/user_avatar/user_avatar_link.vue';
+import { humanize } from '~/lib/utils/text_utility';
+import ActionsComponent from './environment_actions.vue';
+import ExternalUrlComponent from './environment_external_url.vue';
+import StopComponent from './environment_stop.vue';
+import RollbackComponent from './environment_rollback.vue';
+import TerminalButtonComponent from './environment_terminal_button.vue';
+import MonitoringButtonComponent from './environment_monitoring.vue';
+import CommitComponent from '../../vue_shared/components/commit.vue';
+import eventHub from '../event_hub';
 
-  /**
-  * Envrionment Item Component
-  *
-  * Renders a table row for each environment.
-  */
-  const timeagoInstance = new Timeago();
+/**
+ * Envrionment Item Component
+ *
+ * Renders a table row for each environment.
+ */
+const timeagoInstance = new Timeago();
 
-  export default {
-    components: {
-      UserAvatarLink,
-      CommitComponent,
-      ActionsComponent,
-      ExternalUrlComponent,
-      StopComponent,
-      RollbackComponent,
-      TerminalButtonComponent,
-      MonitoringButtonComponent,
+export default {
+  components: {
+    UserAvatarLink,
+    CommitComponent,
+    ActionsComponent,
+    ExternalUrlComponent,
+    StopComponent,
+    RollbackComponent,
+    TerminalButtonComponent,
+    MonitoringButtonComponent,
+  },
+
+  directives: {
+    tooltip,
+  },
+
+  props: {
+    model: {
+      type: Object,
+      required: true,
+      default: () => ({}),
     },
 
-    directives: {
-      tooltip,
+    canCreateDeployment: {
+      type: Boolean,
+      required: false,
+      default: false,
     },
 
-    props: {
-      model: {
-        type: Object,
-        required: true,
-        default: () => ({}),
-      },
+    canReadEnvironment: {
+      type: Boolean,
+      required: false,
+      default: false,
+    },
+  },
 
-      canCreateDeployment: {
-        type: Boolean,
-        required: false,
-        default: false,
-      },
-
-      canReadEnvironment: {
-        type: Boolean,
-        required: false,
-        default: false,
-      },
+  computed: {
+    /**
+     * Verifies if `last_deployment` key exists in the current Envrionment.
+     * This key is required to render most of the html - this method works has
+     * an helper.
+     *
+     * @returns {Boolean}
+     */
+    hasLastDeploymentKey() {
+      if (this.model && this.model.last_deployment && !_.isEmpty(this.model.last_deployment)) {
+        return true;
+      }
+      return false;
     },
 
-    computed: {
-      /**
-      * Verifies if `last_deployment` key exists in the current Envrionment.
-      * This key is required to render most of the html - this method works has
-      * an helper.
-      *
-      * @returns {Boolean}
-      */
-      hasLastDeploymentKey() {
-        if (this.model &&
-          this.model.last_deployment &&
-          !_.isEmpty(this.model.last_deployment)) {
-          return true;
-        }
-        return false;
-      },
-
-      /**
-      * Verifies is the given environment has manual actions.
-      * Used to verify if we should render them or nor.
-      *
-      * @returns {Boolean|Undefined}
-      */
-      hasManualActions() {
-        return this.model &&
-          this.model.last_deployment &&
-          this.model.last_deployment.manual_actions &&
-          this.model.last_deployment.manual_actions.length > 0;
-      },
-
-      /**
-      * Returns the value of the `stop_action?` key provided in the response.
-      *
-      * @returns {Boolean}
-      */
-      hasStopAction() {
-        return this.model && this.model['stop_action?'];
-      },
-
-      /**
-      * Verifies if the `deployable` key is present in `last_deployment` key.
-      * Used to verify whether we should or not render the rollback partial.
-      *
-      * @returns {Boolean|Undefined}
-      */
-      canRetry() {
-        return this.model &&
-          this.hasLastDeploymentKey &&
-          this.model.last_deployment &&
-          this.model.last_deployment.deployable;
-      },
-
-      /**
-      * Verifies if the date to be shown is present.
-      *
-      * @returns {Boolean|Undefined}
-      */
-      canShowDate() {
-        return this.model &&
-          this.model.last_deployment &&
-          this.model.last_deployment.deployable &&
-          this.model.last_deployment.deployable !== undefined;
-      },
-
-      /**
-      * Human readable date.
-      *
-      * @returns {String}
-      */
-      createdDate() {
-        if (this.model &&
-          this.model.last_deployment &&
-          this.model.last_deployment.deployable &&
-          this.model.last_deployment.deployable.created_at) {
-          return timeagoInstance.format(this.model.last_deployment.deployable.created_at);
-        }
-        return '';
-      },
-
-      /**
-      * Returns the manual actions with the name parsed.
-      *
-      * @returns {Array.<Object>|Undefined}
-      */
-      manualActions() {
-        if (this.hasManualActions) {
-          return this.model.last_deployment.manual_actions.map((action) => {
-            const parsedAction = {
-              name: humanize(action.name),
-              play_path: action.play_path,
-              playable: action.playable,
-            };
-            return parsedAction;
-          });
-        }
-        return [];
-      },
-
-      /**
-      * Builds the string used in the user image alt attribute.
-      *
-      * @returns {String}
-      */
-      userImageAltDescription() {
-        if (this.model &&
-          this.model.last_deployment &&
-          this.model.last_deployment.user &&
-          this.model.last_deployment.user.username) {
-          return `${this.model.last_deployment.user.username}'s avatar'`;
-        }
-        return '';
-      },
-
-      /**
-      * If provided, returns the commit tag.
-      *
-      * @returns {String|Undefined}
-      */
-      commitTag() {
-        if (this.model &&
-          this.model.last_deployment &&
-          this.model.last_deployment.tag) {
-          return this.model.last_deployment.tag;
-        }
-        return undefined;
-      },
-
-      /**
-      * If provided, returns the commit ref.
-      *
-      * @returns {Object|Undefined}
-      */
-      commitRef() {
-        if (this.model &&
-          this.model.last_deployment &&
-          this.model.last_deployment.ref) {
-          return this.model.last_deployment.ref;
-        }
-        return undefined;
-      },
-
-      /**
-      * If provided, returns the commit url.
-      *
-      * @returns {String|Undefined}
-      */
-      commitUrl() {
-        if (this.model &&
-          this.model.last_deployment &&
-          this.model.last_deployment.commit &&
-          this.model.last_deployment.commit.commit_path) {
-          return this.model.last_deployment.commit.commit_path;
-        }
-        return undefined;
-      },
-
-      /**
-      * If provided, returns the commit short sha.
-      *
-      * @returns {String|Undefined}
-      */
-      commitShortSha() {
-        if (this.model &&
-          this.model.last_deployment &&
-          this.model.last_deployment.commit &&
-          this.model.last_deployment.commit.short_id) {
-          return this.model.last_deployment.commit.short_id;
-        }
-        return undefined;
-      },
-
-      /**
-      * If provided, returns the commit title.
-      *
-      * @returns {String|Undefined}
-      */
-      commitTitle() {
-        if (this.model &&
-          this.model.last_deployment &&
-          this.model.last_deployment.commit &&
-          this.model.last_deployment.commit.title) {
-          return this.model.last_deployment.commit.title;
-        }
-        return undefined;
-      },
-
-      /**
-      * If provided, returns the commit tag.
-      *
-      * @returns {Object|Undefined}
-      */
-      commitAuthor() {
-        if (this.model &&
-          this.model.last_deployment &&
-          this.model.last_deployment.commit &&
-          this.model.last_deployment.commit.author) {
-          return this.model.last_deployment.commit.author;
-        }
-
-        return undefined;
-      },
-
-      /**
-      * Verifies if the `retry_path` key is present and returns its value.
-      *
-      * @returns {String|Undefined}
-      */
-      retryUrl() {
-        if (this.model &&
-          this.model.last_deployment &&
-          this.model.last_deployment.deployable &&
-          this.model.last_deployment.deployable.retry_path) {
-          return this.model.last_deployment.deployable.retry_path;
-        }
-        return undefined;
-      },
-
-      /**
-      * Verifies if the `last?` key is present and returns its value.
-      *
-      * @returns {Boolean|Undefined}
-      */
-      isLastDeployment() {
-        return this.model && this.model.last_deployment &&
-          this.model.last_deployment['last?'];
-      },
-
-      /**
-      * Builds the name of the builds needed to display both the name and the id.
-      *
-      * @returns {String}
-      */
-      buildName() {
-        if (this.model &&
-          this.model.last_deployment &&
-          this.model.last_deployment.deployable) {
-          const { deployable } = this.model.last_deployment;
-          return `${deployable.name} #${deployable.id}`;
-        }
-        return '';
-      },
-
-      /**
-      * Builds the needed string to show the internal id.
-      *
-      * @returns {String}
-      */
-      deploymentInternalId() {
-        if (this.model &&
-          this.model.last_deployment &&
-          this.model.last_deployment.iid) {
-          return `#${this.model.last_deployment.iid}`;
-        }
-        return '';
-      },
-
-      /**
-      * Verifies if the user object is present under last_deployment object.
-      *
-      * @returns {Boolean}
-      */
-      deploymentHasUser() {
-        return this.model &&
-          !_.isEmpty(this.model.last_deployment) &&
-          !_.isEmpty(this.model.last_deployment.user);
-      },
-
-      /**
-      * Returns the user object nested with the last_deployment object.
-      * Used to render the template.
-      *
-      * @returns {Object}
-      */
-      deploymentUser() {
-        if (this.model &&
-          !_.isEmpty(this.model.last_deployment) &&
-          !_.isEmpty(this.model.last_deployment.user)) {
-          return this.model.last_deployment.user;
-        }
-        return {};
-      },
-
-      /**
-      * Verifies if the build name column should be rendered by verifing
-      * if all the information needed is present
-      * and if the environment is not a folder.
-      *
-      * @returns {Boolean}
-      */
-      shouldRenderBuildName() {
-        return !this.model.isFolder &&
-          !_.isEmpty(this.model.last_deployment) &&
-          !_.isEmpty(this.model.last_deployment.deployable);
-      },
-
-      /**
-      * Verifies the presence of all the keys needed to render the buil_path.
-      *
-      * @return {String}
-      */
-      buildPath() {
-        if (this.model &&
-          this.model.last_deployment &&
-          this.model.last_deployment.deployable &&
-          this.model.last_deployment.deployable.build_path) {
-          return this.model.last_deployment.deployable.build_path;
-        }
-
-        return '';
-      },
-
-      /**
-      * Verifies the presence of all the keys needed to render the external_url.
-      *
-      * @return {String}
-      */
-      externalURL() {
-        if (this.model && this.model.external_url) {
-          return this.model.external_url;
-        }
-
-        return '';
-      },
-
-      /**
-      * Verifies if deplyment internal ID should be rendered by verifing
-      * if all the information needed is present
-      * and if the environment is not a folder.
-      *
-      * @returns {Boolean}
-      */
-      shouldRenderDeploymentID() {
-        return !this.model.isFolder &&
-          !_.isEmpty(this.model.last_deployment) &&
-          this.model.last_deployment.iid !== undefined;
-      },
-
-      environmentPath() {
-        if (this.model && this.model.environment_path) {
-          return this.model.environment_path;
-        }
-
-        return '';
-      },
-
-      monitoringUrl() {
-        if (this.model && this.model.metrics_path) {
-          return this.model.metrics_path;
-        }
-
-        return '';
-      },
-
-      displayEnvironmentActions() {
-        return this.hasManualActions ||
-              this.externalURL ||
-              this.monitoringUrl ||
-              this.hasStopAction ||
-              this.canRetry;
-      },
+    /**
+     * Verifies is the given environment has manual actions.
+     * Used to verify if we should render them or nor.
+     *
+     * @returns {Boolean|Undefined}
+     */
+    hasManualActions() {
+      return (
+        this.model &&
+        this.model.last_deployment &&
+        this.model.last_deployment.manual_actions &&
+        this.model.last_deployment.manual_actions.length > 0
+      );
     },
 
-    methods: {
-      onClickFolder() {
-        eventHub.$emit('toggleFolder', this.model);
-      },
+    /**
+     * Returns whether the environment can be stopped.
+     *
+     * @returns {Boolean}
+     */
+    canStopEnvironment() {
+      return this.model && this.model.can_stop;
     },
-  };
+
+    /**
+     * Verifies if the `deployable` key is present in `last_deployment` key.
+     * Used to verify whether we should or not render the rollback partial.
+     *
+     * @returns {Boolean|Undefined}
+     */
+    canRetry() {
+      return (
+        this.model &&
+        this.hasLastDeploymentKey &&
+        this.model.last_deployment &&
+        this.model.last_deployment.deployable
+      );
+    },
+
+    /**
+     * Verifies if the date to be shown is present.
+     *
+     * @returns {Boolean|Undefined}
+     */
+    canShowDate() {
+      return (
+        this.model &&
+        this.model.last_deployment &&
+        this.model.last_deployment.deployable &&
+        this.model.last_deployment.deployable !== undefined
+      );
+    },
+
+    /**
+     * Human readable date.
+     *
+     * @returns {String}
+     */
+    createdDate() {
+      if (
+        this.model &&
+        this.model.last_deployment &&
+        this.model.last_deployment.deployable &&
+        this.model.last_deployment.deployable.created_at
+      ) {
+        return timeagoInstance.format(this.model.last_deployment.deployable.created_at);
+      }
+      return '';
+    },
+
+    /**
+     * Returns the manual actions with the name parsed.
+     *
+     * @returns {Array.<Object>|Undefined}
+     */
+    manualActions() {
+      if (this.hasManualActions) {
+        return this.model.last_deployment.manual_actions.map(action => {
+          const parsedAction = {
+            name: humanize(action.name),
+            play_path: action.play_path,
+            playable: action.playable,
+          };
+          return parsedAction;
+        });
+      }
+      return [];
+    },
+
+    /**
+     * Builds the string used in the user image alt attribute.
+     *
+     * @returns {String}
+     */
+    userImageAltDescription() {
+      if (
+        this.model &&
+        this.model.last_deployment &&
+        this.model.last_deployment.user &&
+        this.model.last_deployment.user.username
+      ) {
+        return `${this.model.last_deployment.user.username}'s avatar'`;
+      }
+      return '';
+    },
+
+    /**
+     * If provided, returns the commit tag.
+     *
+     * @returns {String|Undefined}
+     */
+    commitTag() {
+      if (this.model && this.model.last_deployment && this.model.last_deployment.tag) {
+        return this.model.last_deployment.tag;
+      }
+      return undefined;
+    },
+
+    /**
+     * If provided, returns the commit ref.
+     *
+     * @returns {Object|Undefined}
+     */
+    commitRef() {
+      if (this.model && this.model.last_deployment && this.model.last_deployment.ref) {
+        return this.model.last_deployment.ref;
+      }
+      return undefined;
+    },
+
+    /**
+     * If provided, returns the commit url.
+     *
+     * @returns {String|Undefined}
+     */
+    commitUrl() {
+      if (
+        this.model &&
+        this.model.last_deployment &&
+        this.model.last_deployment.commit &&
+        this.model.last_deployment.commit.commit_path
+      ) {
+        return this.model.last_deployment.commit.commit_path;
+      }
+      return undefined;
+    },
+
+    /**
+     * If provided, returns the commit short sha.
+     *
+     * @returns {String|Undefined}
+     */
+    commitShortSha() {
+      if (
+        this.model &&
+        this.model.last_deployment &&
+        this.model.last_deployment.commit &&
+        this.model.last_deployment.commit.short_id
+      ) {
+        return this.model.last_deployment.commit.short_id;
+      }
+      return undefined;
+    },
+
+    /**
+     * If provided, returns the commit title.
+     *
+     * @returns {String|Undefined}
+     */
+    commitTitle() {
+      if (
+        this.model &&
+        this.model.last_deployment &&
+        this.model.last_deployment.commit &&
+        this.model.last_deployment.commit.title
+      ) {
+        return this.model.last_deployment.commit.title;
+      }
+      return undefined;
+    },
+
+    /**
+     * If provided, returns the commit tag.
+     *
+     * @returns {Object|Undefined}
+     */
+    commitAuthor() {
+      if (
+        this.model &&
+        this.model.last_deployment &&
+        this.model.last_deployment.commit &&
+        this.model.last_deployment.commit.author
+      ) {
+        return this.model.last_deployment.commit.author;
+      }
+
+      return undefined;
+    },
+
+    /**
+     * Verifies if the `retry_path` key is present and returns its value.
+     *
+     * @returns {String|Undefined}
+     */
+    retryUrl() {
+      if (
+        this.model &&
+        this.model.last_deployment &&
+        this.model.last_deployment.deployable &&
+        this.model.last_deployment.deployable.retry_path
+      ) {
+        return this.model.last_deployment.deployable.retry_path;
+      }
+      return undefined;
+    },
+
+    /**
+     * Verifies if the `last?` key is present and returns its value.
+     *
+     * @returns {Boolean|Undefined}
+     */
+    isLastDeployment() {
+      return this.model && this.model.last_deployment && this.model.last_deployment['last?'];
+    },
+
+    /**
+     * Builds the name of the builds needed to display both the name and the id.
+     *
+     * @returns {String}
+     */
+    buildName() {
+      if (this.model && this.model.last_deployment && this.model.last_deployment.deployable) {
+        const { deployable } = this.model.last_deployment;
+        return `${deployable.name} #${deployable.id}`;
+      }
+      return '';
+    },
+
+    /**
+     * Builds the needed string to show the internal id.
+     *
+     * @returns {String}
+     */
+    deploymentInternalId() {
+      if (this.model && this.model.last_deployment && this.model.last_deployment.iid) {
+        return `#${this.model.last_deployment.iid}`;
+      }
+      return '';
+    },
+
+    /**
+     * Verifies if the user object is present under last_deployment object.
+     *
+     * @returns {Boolean}
+     */
+    deploymentHasUser() {
+      return (
+        this.model &&
+        !_.isEmpty(this.model.last_deployment) &&
+        !_.isEmpty(this.model.last_deployment.user)
+      );
+    },
+
+    /**
+     * Returns the user object nested with the last_deployment object.
+     * Used to render the template.
+     *
+     * @returns {Object}
+     */
+    deploymentUser() {
+      if (
+        this.model &&
+        !_.isEmpty(this.model.last_deployment) &&
+        !_.isEmpty(this.model.last_deployment.user)
+      ) {
+        return this.model.last_deployment.user;
+      }
+      return {};
+    },
+
+    /**
+     * Verifies if the build name column should be rendered by verifing
+     * if all the information needed is present
+     * and if the environment is not a folder.
+     *
+     * @returns {Boolean}
+     */
+    shouldRenderBuildName() {
+      return (
+        !this.model.isFolder &&
+        !_.isEmpty(this.model.last_deployment) &&
+        !_.isEmpty(this.model.last_deployment.deployable)
+      );
+    },
+
+    /**
+     * Verifies the presence of all the keys needed to render the buil_path.
+     *
+     * @return {String}
+     */
+    buildPath() {
+      if (
+        this.model &&
+        this.model.last_deployment &&
+        this.model.last_deployment.deployable &&
+        this.model.last_deployment.deployable.build_path
+      ) {
+        return this.model.last_deployment.deployable.build_path;
+      }
+
+      return '';
+    },
+
+    /**
+     * Verifies the presence of all the keys needed to render the external_url.
+     *
+     * @return {String}
+     */
+    externalURL() {
+      if (this.model && this.model.external_url) {
+        return this.model.external_url;
+      }
+
+      return '';
+    },
+
+    /**
+     * Verifies if deplyment internal ID should be rendered by verifing
+     * if all the information needed is present
+     * and if the environment is not a folder.
+     *
+     * @returns {Boolean}
+     */
+    shouldRenderDeploymentID() {
+      return (
+        !this.model.isFolder &&
+        !_.isEmpty(this.model.last_deployment) &&
+        this.model.last_deployment.iid !== undefined
+      );
+    },
+
+    environmentPath() {
+      if (this.model && this.model.environment_path) {
+        return this.model.environment_path;
+      }
+
+      return '';
+    },
+
+    monitoringUrl() {
+      if (this.model && this.model.metrics_path) {
+        return this.model.metrics_path;
+      }
+
+      return '';
+    },
+
+    displayEnvironmentActions() {
+      return (
+        this.hasManualActions ||
+        this.externalURL ||
+        this.monitoringUrl ||
+        this.canStopEnvironment ||
+        this.canRetry
+      );
+    },
+  },
+
+  methods: {
+    onClickFolder() {
+      eventHub.$emit('toggleFolder', this.model);
+    },
+  },
+};
 </script>
 <template>
   <div
@@ -580,11 +601,6 @@
         class="btn-group table-action-buttons"
         role="group">
 
-        <actions-component
-          v-if="hasManualActions && canCreateDeployment"
-          :actions="manualActions"
-        />
-
         <external-url-component
           v-if="externalURL && canReadEnvironment"
           :external-url="externalURL"
@@ -595,21 +611,26 @@
           :monitoring-url="monitoringUrl"
         />
 
+        <actions-component
+          v-if="hasManualActions && canCreateDeployment"
+          :actions="manualActions"
+        />
+
         <terminal-button-component
           v-if="model && model.terminal_path"
           :terminal-path="model.terminal_path"
         />
 
-        <stop-component
-          v-if="hasStopAction && canCreateDeployment"
-          :stop-url="model.stop_path"
-        />
-
         <rollback-component
           v-if="canRetry && canCreateDeployment"
           :is-last-deployment="isLastDeployment"
           :retry-url="retryUrl"
         />
+
+        <stop-component
+          v-if="canStopEnvironment"
+          :environment="model"
+        />
       </div>
     </div>
   </div>
diff --git a/app/assets/javascripts/environments/components/environment_monitoring.vue b/app/assets/javascripts/environments/components/environment_monitoring.vue
index 947e8c901e9..ccc8419ca6d 100644
--- a/app/assets/javascripts/environments/components/environment_monitoring.vue
+++ b/app/assets/javascripts/environments/components/environment_monitoring.vue
@@ -1,29 +1,29 @@
 <script>
-  /**
-  * Renders the Monitoring (Metrics) link in environments table.
-  */
-  import Icon from '~/vue_shared/components/icon.vue';
-  import tooltip from '../../vue_shared/directives/tooltip';
+/**
+ * Renders the Monitoring (Metrics) link in environments table.
+ */
+import Icon from '~/vue_shared/components/icon.vue';
+import tooltip from '../../vue_shared/directives/tooltip';
 
-  export default {
-    components: {
-      Icon,
+export default {
+  components: {
+    Icon,
+  },
+  directives: {
+    tooltip,
+  },
+  props: {
+    monitoringUrl: {
+      type: String,
+      required: true,
     },
-    directives: {
-      tooltip,
+  },
+  computed: {
+    title() {
+      return 'Monitoring';
     },
-    props: {
-      monitoringUrl: {
-        type: String,
-        required: true,
-      },
-    },
-    computed: {
-      title() {
-        return 'Monitoring';
-      },
-    },
-  };
+  },
+};
 </script>
 <template>
   <a
@@ -35,9 +35,6 @@
     data-container="body"
     rel="noopener noreferrer nofollow"
   >
-    <icon
-      :size="12"
-      name="chart"
-    />
+    <icon name="chart" />
   </a>
 </template>
diff --git a/app/assets/javascripts/environments/components/environment_rollback.vue b/app/assets/javascripts/environments/components/environment_rollback.vue
index 310835c5ea9..4deeef4beb9 100644
--- a/app/assets/javascripts/environments/components/environment_rollback.vue
+++ b/app/assets/javascripts/environments/components/environment_rollback.vue
@@ -1,56 +1,74 @@
 <script>
-  /**
-  * Renders Rollback or Re deploy button in environments table depending
-  * of the provided property `isLastDeployment`.
-  *
-  * Makes a post request when the button is clicked.
-  */
-  import eventHub from '../event_hub';
-  import loadingIcon from '../../vue_shared/components/loading_icon.vue';
+/**
+ * Renders Rollback or Re deploy button in environments table depending
+ * of the provided property `isLastDeployment`.
+ *
+ * Makes a post request when the button is clicked.
+ */
+import { s__ } from '~/locale';
+import Icon from '~/vue_shared/components/icon.vue';
+import tooltip from '~/vue_shared/directives/tooltip';
+import eventHub from '../event_hub';
+import LoadingIcon from '../../vue_shared/components/loading_icon.vue';
 
-  export default {
-    components: {
-      loadingIcon,
-    },
-    props: {
-      retryUrl: {
-        type: String,
-        default: '',
-      },
+export default {
+  components: {
+    Icon,
+    LoadingIcon,
+  },
 
-      isLastDeployment: {
-        type: Boolean,
-        default: true,
-      },
-    },
-    data() {
-      return {
-        isLoading: false,
-      };
-    },
-    methods: {
-      onClick() {
-        this.isLoading = true;
+  directives: {
+    tooltip,
+  },
 
-        eventHub.$emit('postAction', this.retryUrl);
-      },
+  props: {
+    retryUrl: {
+      type: String,
+      default: '',
     },
-  };
+
+    isLastDeployment: {
+      type: Boolean,
+      default: true,
+    },
+  },
+  data() {
+    return {
+      isLoading: false,
+    };
+  },
+
+  computed: {
+    title() {
+      return this.isLastDeployment ? s__('Environments|Re-deploy to environment') : s__('Environments|Rollback environment');
+    },
+  },
+
+  methods: {
+    onClick() {
+      this.isLoading = true;
+
+      eventHub.$emit('postAction', { endpoint: this.retryUrl });
+    },
+  },
+};
 </script>
 <template>
   <button
+    v-tooltip
     :disabled="isLoading"
+    :title="title"
     type="button"
     class="btn d-none d-sm-none d-md-block"
     @click="onClick"
   >
 
-    <span v-if="isLastDeployment">
-      {{ s__("Environments|Re-deploy") }}
-    </span>
-    <span v-else>
-      {{ s__("Environments|Rollback") }}
-    </span>
+    <icon
+      v-if="isLastDeployment"
+      name="repeat" />
+    <icon
+      v-else
+      name="redo"/>
 
     <loading-icon v-if="isLoading" />
   </button>
diff --git a/app/assets/javascripts/environments/components/environment_stop.vue b/app/assets/javascripts/environments/components/environment_stop.vue
index eba58bedd6d..a814b3405f5 100644
--- a/app/assets/javascripts/environments/components/environment_stop.vue
+++ b/app/assets/javascripts/environments/components/environment_stop.vue
@@ -1,72 +1,78 @@
 <script>
-  /**
-  * Renders the stop "button" that allows stop an environment.
-  * Used in environments table.
-  */
+/**
+ * Renders the stop "button" that allows stop an environment.
+ * Used in environments table.
+ */
 
-  import $ from 'jquery';
-  import eventHub from '../event_hub';
-  import loadingIcon from '../../vue_shared/components/loading_icon.vue';
-  import tooltip from '../../vue_shared/directives/tooltip';
+import $ from 'jquery';
+import Icon from '~/vue_shared/components/icon.vue';
+import { s__ } from '~/locale';
+import eventHub from '../event_hub';
+import LoadingButton from '../../vue_shared/components/loading_button.vue';
+import tooltip from '../../vue_shared/directives/tooltip';
 
-  export default {
-    components: {
-      loadingIcon,
+export default {
+  components: {
+    Icon,
+    LoadingButton,
+  },
+
+  directives: {
+    tooltip,
+  },
+
+  props: {
+    environment: {
+      type: Object,
+      required: true,
     },
+  },
 
-    directives: {
-      tooltip,
+  data() {
+    return {
+      isLoading: false,
+    };
+  },
+
+  computed: {
+    title() {
+      return s__('Environments|Stop environment');
     },
+  },
 
-    props: {
-      stopUrl: {
-        type: String,
-        default: '',
-      },
+  mounted() {
+    eventHub.$on('stopEnvironment', this.onStopEnvironment);
+  },
+
+  beforeDestroy() {
+    eventHub.$off('stopEnvironment', this.onStopEnvironment);
+  },
+
+  methods: {
+    onClick() {
+      $(this.$el).tooltip('dispose');
+      eventHub.$emit('requestStopEnvironment', this.environment);
     },
-
-    data() {
-      return {
-        isLoading: false,
-      };
+    onStopEnvironment(environment) {
+      if (this.environment.id === environment.id) {
+        this.isLoading = true;
+      }
     },
-
-    computed: {
-      title() {
-        return 'Stop';
-      },
-    },
-
-    methods: {
-      onClick() {
-        // eslint-disable-next-line no-alert
-        if (window.confirm('Are you sure you want to stop this environment?')) {
-          this.isLoading = true;
-
-          $(this.$el).tooltip('dispose');
-
-          eventHub.$emit('postAction', this.stopUrl);
-        }
-      },
-    },
-  };
+  },
+};
 </script>
 <template>
-  <button
+  <loading-button
     v-tooltip
-    :disabled="isLoading"
+    :loading="isLoading"
     :title="title"
     :aria-label="title"
-    type="button"
-    class="btn stop-env-link d-none d-sm-none d-md-block"
+    container-class="btn btn-danger d-none d-sm-none d-md-block"
     data-container="body"
+    data-toggle="modal"
+    data-target="#stop-environment-modal"
     @click="onClick"
   >
-    <i
-      class="fa fa-stop stop-env-icon"
-      aria-hidden="true"
-    >
-    </i>
-    <loading-icon v-if="isLoading" />
-  </button>
+    <icon name="stop"/>
+  </loading-button>
 </template>
diff --git a/app/assets/javascripts/environments/components/environment_terminal_button.vue b/app/assets/javascripts/environments/components/environment_terminal_button.vue
index f8e3165f8cd..350417e5ad0 100644
--- a/app/assets/javascripts/environments/components/environment_terminal_button.vue
+++ b/app/assets/javascripts/environments/components/environment_terminal_button.vue
@@ -1,31 +1,31 @@
 <script>
-  /**
-  * Renders a terminal button to open a web terminal.
-  * Used in environments table.
-  */
-  import Icon from '~/vue_shared/components/icon.vue';
-  import tooltip from '../../vue_shared/directives/tooltip';
+/**
+ * Renders a terminal button to open a web terminal.
+ * Used in environments table.
+ */
+import Icon from '~/vue_shared/components/icon.vue';
+import tooltip from '../../vue_shared/directives/tooltip';
 
-  export default {
-    components: {
-      Icon,
+export default {
+  components: {
+    Icon,
+  },
+  directives: {
+    tooltip,
+  },
+  props: {
+    terminalPath: {
+      type: String,
+      required: false,
+      default: '',
     },
-    directives: {
-      tooltip,
+  },
+  computed: {
+    title() {
+      return 'Terminal';
     },
-    props: {
-      terminalPath: {
-        type: String,
-        required: false,
-        default: '',
-      },
-    },
-    computed: {
-      title() {
-        return 'Terminal';
-      },
-    },
-  };
+  },
+};
 </script>
 <template>
   <a
@@ -36,9 +36,6 @@
     class="btn terminal-button d-none d-sm-none d-md-block"
     data-container="body"
   >
-    <icon
-      :size="12"
-      name="terminal"
-    />
+    <icon name="terminal" />
   </a>
 </template>
diff --git a/app/assets/javascripts/environments/components/environments_app.vue b/app/assets/javascripts/environments/components/environments_app.vue
index b18f02343d6..8efdfb8abe0 100644
--- a/app/assets/javascripts/environments/components/environments_app.vue
+++ b/app/assets/javascripts/environments/components/environments_app.vue
@@ -5,10 +5,12 @@
   import eventHub from '../event_hub';
   import environmentsMixin from '../mixins/environments_mixin';
   import CIPaginationMixin from '../../vue_shared/mixins/ci_pagination_api_mixin';
+  import StopEnvironmentModal from './stop_environment_modal.vue';
 
   export default {
     components: {
       emptyState,
+      StopEnvironmentModal,
     },
 
     mixins: [
@@ -90,6 +92,8 @@
 </script>
 <template>
   <div :class="cssContainerClass">
+    <stop-environment-modal :environment="environmentInStopModal" />
+
     <div class="top-area">
       <tabs
         :tabs="tabs"
diff --git a/app/assets/javascripts/environments/components/stop_environment_modal.vue b/app/assets/javascripts/environments/components/stop_environment_modal.vue
new file mode 100644
index 00000000000..657cc8cd1aa
--- /dev/null
+++ b/app/assets/javascripts/environments/components/stop_environment_modal.vue
@@ -0,0 +1,92 @@
+<script>
+import GlModal from '~/vue_shared/components/gl_modal.vue';
+import { s__, sprintf } from '~/locale';
+import tooltip from '~/vue_shared/directives/tooltip';
+import LoadingButton from '~/vue_shared/components/loading_button.vue';
+import eventHub from '../event_hub';
+
+export default {
+  id: 'stop-environment-modal',
+  name: 'StopEnvironmentModal',
+
+  components: {
+    GlModal,
+    LoadingButton,
+  },
+
+  directives: {
+    tooltip,
+  },
+
+  props: {
+    environment: {
+      type: Object,
+      required: true,
+    },
+  },
+
+  computed: {
+    noStopActionMessage() {
+      return sprintf(
+        s__(
+          `Environments|Note that this action will stop the environment,
+        but it will %{emphasisStart}not%{emphasisEnd} have an effect on any existing deployment
+        due to no “stop environment action” being defined
+        in the %{ciConfigLinkStart}.gitlab-ci.yml%{ciConfigLinkEnd} file.`,
+        ),
+        {
+          emphasisStart: '<strong>',
+          emphasisEnd: '</strong>',
+          ciConfigLinkStart:
+            '<a href="https://docs.gitlab.com/ee/ci/yaml/" target="_blank" rel="noopener noreferrer">',
+          ciConfigLinkEnd: '</a>',
+        },
+        false,
+      );
+    },
+  },
+
+  methods: {
+    onSubmit() {
+      eventHub.$emit('stopEnvironment', this.environment);
+    },
+  },
+};
+</script>
+
+<template>
+  <gl-modal
+    :id="$options.id"
+    :footer-primary-button-text="s__('Environments|Stop environment')"
+    footer-primary-button-variant="danger"
+    @submit="onSubmit"
+  >
+    <template slot="header">
+      <h4
+        class="modal-title d-flex mw-100"
+      >
+        Stopping
+        <span
+          v-tooltip
+          :title="environment.name"
+          class="text-truncate ml-1 mr-1 flex-fill"
+        >{{ environment.name }}</span>
+        ?
+      </h4>
+    </template>
+
+    <p>{{ s__('Environments|Are you sure you want to stop this environment?') }}</p>
+
+    <div
+      v-if="!environment.has_stop_action"
+      class="warning_message"
+    >
+      <p v-html="noStopActionMessage"></p>
+      <a
+        href="https://docs.gitlab.com/ee/ci/environments.html#stopping-an-environment"
+        target="_blank"
+        rel="noopener noreferrer"
+      >{{ s__('Environments|Learn more about stopping environments') }}</a>
+    </div>
+  </gl-modal>
+</template>
diff --git a/app/assets/javascripts/environments/folder/environments_folder_view.vue b/app/assets/javascripts/environments/folder/environments_folder_view.vue
index 5f72a39c5cb..e69bfa0b2cc 100644
--- a/app/assets/javascripts/environments/folder/environments_folder_view.vue
+++ b/app/assets/javascripts/environments/folder/environments_folder_view.vue
@@ -1,12 +1,18 @@
 <script>
   import environmentsMixin from '../mixins/environments_mixin';
   import CIPaginationMixin from '../../vue_shared/mixins/ci_pagination_api_mixin';
+  import StopEnvironmentModal from '../components/stop_environment_modal.vue';
 
   export default {
+    components: {
+      StopEnvironmentModal,
+    },
+
     mixins: [
       environmentsMixin,
       CIPaginationMixin,
     ],
+
     props: {
       endpoint: {
         type: String,
@@ -38,6 +44,8 @@
 </script>
 <template>
   <div :class="cssContainerClass">
+    <stop-environment-modal :environment="environmentInStopModal" />
+
     <div
       v-if="!isLoading"
       class="top-area"
diff --git a/app/assets/javascripts/environments/mixins/environments_mixin.js b/app/assets/javascripts/environments/mixins/environments_mixin.js
index a7a79dbca70..d88624f7f8d 100644
--- a/app/assets/javascripts/environments/mixins/environments_mixin.js
+++ b/app/assets/javascripts/environments/mixins/environments_mixin.js
@@ -40,6 +40,7 @@ export default {
       scope: getParameterByName('scope') || 'available',
       page: getParameterByName('page') || '1',
       requestData: {},
+      environmentInStopModal: {},
     };
   },
 
@@ -85,7 +86,7 @@ export default {
       Flash(s__('Environments|An error occurred while fetching the environments.'));
     },
 
-    postAction(endpoint) {
+    postAction({ endpoint, errorMessage }) {
       if (!this.isMakingRequest) {
         this.isLoading = true;
 
@@ -93,7 +94,7 @@ export default {
           .then(() => this.fetchEnvironments())
           .catch(() => {
             this.isLoading = false;
-            Flash(s__('Environments|An error occurred while making the request.'));
+            Flash(errorMessage || s__('Environments|An error occurred while making the request.'));
           });
       }
     },
@@ -106,6 +107,15 @@ export default {
         .catch(this.errorCallback);
     },
 
+    updateStopModal(environment) {
+      this.environmentInStopModal = environment;
+    },
+
+    stopEnvironment(environment) {
+      const endpoint = environment.stop_path;
+      const errorMessage = s__('Environments|An error occurred while stopping the environment, please try again');
+      this.postAction({ endpoint, errorMessage });
+    },
   },
 
   computed: {
@@ -162,9 +172,13 @@ export default {
     });
 
     eventHub.$on('postAction', this.postAction);
+    eventHub.$on('requestStopEnvironment', this.updateStopModal);
+    eventHub.$on('stopEnvironment', this.stopEnvironment);
   },
 
-  beforeDestroyed() {
-    eventHub.$off('postAction');
+  beforeDestroy() {
+    eventHub.$off('postAction', this.postAction);
+    eventHub.$off('requestStopEnvironment', this.updateStopModal);
+    eventHub.$off('stopEnvironment', this.stopEnvironment);
   },
 };
diff --git a/app/assets/javascripts/environments/services/environments_service.js b/app/assets/javascripts/environments/services/environments_service.js
index 3b121551aca..4e07ccba91a 100644
--- a/app/assets/javascripts/environments/services/environments_service.js
+++ b/app/assets/javascripts/environments/services/environments_service.js
@@ -13,7 +13,7 @@ export default class EnvironmentsService {
 
   // eslint-disable-next-line class-methods-use-this
   postAction(endpoint) {
-    return axios.post(endpoint, {}, { emulateJSON: true });
+    return axios.post(endpoint, {});
   }
 
   getFolderContent(folderUrl) {
diff --git a/app/assets/javascripts/notes/stores/mutation_types.js b/app/assets/javascripts/notes/stores/mutation_types.js
index 6c1ffdf266b..6f374f78691 100644
--- a/app/assets/javascripts/notes/stores/mutation_types.js
+++ b/app/assets/javascripts/notes/stores/mutation_types.js
@@ -1,7 +1,6 @@
 export const ADD_NEW_NOTE = 'ADD_NEW_NOTE';
 export const ADD_NEW_REPLY_TO_DISCUSSION = 'ADD_NEW_REPLY_TO_DISCUSSION';
 export const DELETE_NOTE = 'DELETE_NOTE';
-export const EXPAND_DISCUSSION = 'EXPAND_DISCUSSION';
 export const REMOVE_PLACEHOLDER_NOTES = 'REMOVE_PLACEHOLDER_NOTES';
 export const SET_NOTES_DATA = 'SET_NOTES_DATA';
 export const SET_NOTEABLE_DATA = 'SET_NOTEABLE_DATA';
@@ -11,15 +10,15 @@ export const SET_LAST_FETCHED_AT = 'SET_LAST_FETCHED_AT';
 export const SET_TARGET_NOTE_HASH = 'SET_TARGET_NOTE_HASH';
 export const SHOW_PLACEHOLDER_NOTE = 'SHOW_PLACEHOLDER_NOTE';
 export const TOGGLE_AWARD = 'TOGGLE_AWARD';
-export const TOGGLE_DISCUSSION = 'TOGGLE_DISCUSSION';
 export const UPDATE_NOTE = 'UPDATE_NOTE';
 export const UPDATE_DISCUSSION = 'UPDATE_DISCUSSION';
 export const SET_DISCUSSION_DIFF_LINES = 'SET_DISCUSSION_DIFF_LINES';
 export const SET_NOTES_FETCHED_STATE = 'SET_NOTES_FETCHED_STATE';
 
 // DISCUSSION
-
 export const COLLAPSE_DISCUSSION = 'COLLAPSE_DISCUSSION';
+export const EXPAND_DISCUSSION = 'EXPAND_DISCUSSION';
+export const TOGGLE_DISCUSSION = 'TOGGLE_DISCUSSION';
 
 // Issue
 export const CLOSE_ISSUE = 'CLOSE_ISSUE';
diff --git a/app/assets/stylesheets/framework/filters.scss b/app/assets/stylesheets/framework/filters.scss
index 551a7e852ae..5d79610b21e 100644
--- a/app/assets/stylesheets/framework/filters.scss
+++ b/app/assets/stylesheets/framework/filters.scss
@@ -224,7 +224,10 @@
   .form-control {
     position: relative;
     min-width: 200px;
-    padding: 5px 25px 6px 0;
+    padding-right: 25px;
+    padding-left: 0;
+    height: $input-height;
+    line-height: inherit;
     border-color: transparent;
 
     &:focus,
diff --git a/app/assets/stylesheets/pages/environments.scss b/app/assets/stylesheets/pages/environments.scss
index 199039f38f7..3144dcc4dc0 100644
--- a/app/assets/stylesheets/pages/environments.scss
+++ b/app/assets/stylesheets/pages/environments.scss
@@ -23,7 +23,7 @@
     }
 
     .btn-group {
-      > a {
+      > .btn:not(.btn-danger) {
         color: $gl-text-color-secondary;
       }
 
diff --git a/app/controllers/admin/deploy_keys_controller.rb b/app/controllers/admin/deploy_keys_controller.rb
index b0c4c31cffc..5c2025c1988 100644
--- a/app/controllers/admin/deploy_keys_controller.rb
+++ b/app/controllers/admin/deploy_keys_controller.rb
@@ -22,7 +22,7 @@ class Admin::DeployKeysController < Admin::ApplicationController
   end
 
   def update
-    if deploy_key.update_attributes(update_params)
+    if deploy_key.update(update_params)
       flash[:notice] = 'Deploy key was successfully updated.'
       redirect_to admin_deploy_keys_path
     else
@@ -34,7 +34,7 @@ class Admin::DeployKeysController < Admin::ApplicationController
     deploy_key.destroy
 
     respond_to do |format|
-      format.html { redirect_to admin_deploy_keys_path, status: 302 }
+      format.html { redirect_to admin_deploy_keys_path, status: :found }
       format.json { head :ok }
     end
   end
diff --git a/app/controllers/admin/groups_controller.rb b/app/controllers/admin/groups_controller.rb
index 96b7bc65ac9..d7a5b745d3f 100644
--- a/app/controllers/admin/groups_controller.rb
+++ b/app/controllers/admin/groups_controller.rb
@@ -39,7 +39,7 @@ class Admin::GroupsController < Admin::ApplicationController
   end
 
   def update
-    if @group.update_attributes(group_params)
+    if @group.update(group_params)
       redirect_to [:admin, @group], notice: 'Group was successfully updated.'
     else
       render "edit"
diff --git a/app/controllers/admin/hooks_controller.rb b/app/controllers/admin/hooks_controller.rb
index 6944857bd33..a98c355c7ba 100644
--- a/app/controllers/admin/hooks_controller.rb
+++ b/app/controllers/admin/hooks_controller.rb
@@ -23,7 +23,7 @@ class Admin::HooksController < Admin::ApplicationController
   end
 
   def update
-    if hook.update_attributes(hook_params)
+    if hook.update(hook_params)
       flash[:notice] = 'System hook was successfully updated.'
       redirect_to admin_hooks_path
     else
@@ -34,7 +34,7 @@ class Admin::HooksController < Admin::ApplicationController
   def destroy
     hook.destroy
 
-    redirect_to admin_hooks_path, status: 302
+    redirect_to admin_hooks_path, status: :found
   end
 
   def test
diff --git a/app/controllers/admin/identities_controller.rb b/app/controllers/admin/identities_controller.rb
index 43b4e3a2cc3..ceb45865804 100644
--- a/app/controllers/admin/identities_controller.rb
+++ b/app/controllers/admin/identities_controller.rb
@@ -25,7 +25,7 @@ class Admin::IdentitiesController < Admin::ApplicationController
   end
 
   def update
-    if @identity.update_attributes(identity_params)
+    if @identity.update(identity_params)
       RepairLdapBlockedUserService.new(@user).execute
       redirect_to admin_user_identities_path(@user), notice: 'User identity was successfully updated.'
     else
diff --git a/app/controllers/admin/impersonations_controller.rb b/app/controllers/admin/impersonations_controller.rb
index 39dbf85f6c0..d2f947d2c66 100644
--- a/app/controllers/admin/impersonations_controller.rb
+++ b/app/controllers/admin/impersonations_controller.rb
@@ -11,7 +11,7 @@ class Admin::ImpersonationsController < Admin::ApplicationController
 
     session[:impersonator_id] = nil
 
-    redirect_to admin_user_path(original_user), status: 302
+    redirect_to admin_user_path(original_user), status: :found
   end
 
   private
diff --git a/app/controllers/admin/jobs_controller.rb b/app/controllers/admin/jobs_controller.rb
index ae7a7f6279c..ac1ae0f16b3 100644
--- a/app/controllers/admin/jobs_controller.rb
+++ b/app/controllers/admin/jobs_controller.rb
@@ -20,6 +20,6 @@ class Admin::JobsController < Admin::ApplicationController
   def cancel_all
     Ci::Build.running_or_pending.each(&:cancel)
 
-    redirect_to admin_jobs_path, status: 303
+    redirect_to admin_jobs_path, status: :see_other
   end
 end
diff --git a/app/controllers/admin/runner_projects_controller.rb b/app/controllers/admin/runner_projects_controller.rb
index 7aba77d8129..51d5799cd89 100644
--- a/app/controllers/admin/runner_projects_controller.rb
+++ b/app/controllers/admin/runner_projects_controller.rb
@@ -16,7 +16,7 @@ class Admin::RunnerProjectsController < Admin::ApplicationController
     runner = rp.runner
     rp.destroy
 
-    redirect_to admin_runner_path(runner), status: 302
+    redirect_to admin_runner_path(runner), status: :found
   end
 
   private
diff --git a/app/controllers/admin/runners_controller.rb b/app/controllers/admin/runners_controller.rb
index 4b01904f2a1..6c76c55a9d4 100644
--- a/app/controllers/admin/runners_controller.rb
+++ b/app/controllers/admin/runners_controller.rb
@@ -28,7 +28,7 @@ class Admin::RunnersController < Admin::ApplicationController
   def destroy
     @runner.destroy
 
-    redirect_to admin_runners_path, status: 302
+    redirect_to admin_runners_path, status: :found
   end
 
   def resume
diff --git a/app/controllers/admin/services_controller.rb b/app/controllers/admin/services_controller.rb
index a7025b62ad7..e70aa549140 100644
--- a/app/controllers/admin/services_controller.rb
+++ b/app/controllers/admin/services_controller.rb
@@ -16,7 +16,7 @@ class Admin::ServicesController < Admin::ApplicationController
   end
 
   def update
-    if service.update_attributes(service_params[:service])
+    if service.update(service_params[:service])
       PropagateServiceTemplateWorker.perform_async(service.id) if service.active?
 
       redirect_to admin_application_settings_services_path,
diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
index 653f3dfffc4..a51a8c3ed4a 100644
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -163,7 +163,7 @@ class Admin::UsersController < Admin::ApplicationController
         format.json { head :ok }
       else
         format.html { redirect_back_or_admin_user(alert: 'There was an error removing the e-mail.') }
-        format.json { render json: 'There was an error removing the e-mail.', status: 400 }
+        format.json { render json: 'There was an error removing the e-mail.', status: :bad_request }
       end
     end
   end
diff --git a/app/controllers/concerns/issuable_actions.rb b/app/controllers/concerns/issuable_actions.rb
index ba510968684..37e03d70b6f 100644
--- a/app/controllers/concerns/issuable_actions.rb
+++ b/app/controllers/concerns/issuable_actions.rb
@@ -127,7 +127,7 @@ module IssuableActions
           errors: [
             "Someone edited this #{issuable.human_class_name} at the same time you did. Please refresh your browser and make sure your changes will not unintentionally remove theirs."
           ]
-        }, status: 409
+        }, status: :conflict
       end
     end
   end
diff --git a/app/controllers/concerns/lfs_request.rb b/app/controllers/concerns/lfs_request.rb
index 5e4e8a87153..79ee5b2f91e 100644
--- a/app/controllers/concerns/lfs_request.rb
+++ b/app/controllers/concerns/lfs_request.rb
@@ -27,7 +27,7 @@ module LfsRequest
         message: 'Git LFS is not enabled on this GitLab server, contact your admin.',
         documentation_url: help_url
       },
-      status: 501
+      status: :not_implemented
     )
   end
 
diff --git a/app/controllers/groups/avatars_controller.rb b/app/controllers/groups/avatars_controller.rb
index cc5ba5878f8..35a61b359c8 100644
--- a/app/controllers/groups/avatars_controller.rb
+++ b/app/controllers/groups/avatars_controller.rb
@@ -7,6 +7,6 @@ class Groups::AvatarsController < Groups::ApplicationController
     @group.remove_avatar!
     @group.save
 
-    redirect_to edit_group_path(@group), status: 302
+    redirect_to edit_group_path(@group), status: :found
   end
 end
diff --git a/app/controllers/groups/runners_controller.rb b/app/controllers/groups/runners_controller.rb
index 78992ec7f46..1036b4e6ed3 100644
--- a/app/controllers/groups/runners_controller.rb
+++ b/app/controllers/groups/runners_controller.rb
@@ -23,7 +23,7 @@ class Groups::RunnersController < Groups::ApplicationController
   def destroy
     @runner.destroy
 
-    redirect_to group_settings_ci_cd_path(@group, anchor: 'runners-settings'), status: 302
+    redirect_to group_settings_ci_cd_path(@group, anchor: 'runners-settings'), status: :found
   end
 
   def resume
diff --git a/app/controllers/jwt_controller.rb b/app/controllers/jwt_controller.rb
index 67057b5b126..3cb9e46b548 100644
--- a/app/controllers/jwt_controller.rb
+++ b/app/controllers/jwt_controller.rb
@@ -41,7 +41,7 @@ class JwtController < ApplicationController
                    "You must use a personal access token with 'api' scope for Git over HTTP.\n" \
                    "You can generate one at #{profile_personal_access_tokens_url}" }
       ]
-    }, status: 401
+    }, status: :unauthorized
   end
 
   def render_unauthorized
@@ -50,7 +50,7 @@ class JwtController < ApplicationController
         { code: 'UNAUTHORIZED',
           message: 'HTTP Basic: Access denied' }
       ]
-    }, status: 401
+    }, status: :unauthorized
   end
 
   def auth_params
diff --git a/app/controllers/notification_settings_controller.rb b/app/controllers/notification_settings_controller.rb
index 8ec4bb1233f..ed20302487c 100644
--- a/app/controllers/notification_settings_controller.rb
+++ b/app/controllers/notification_settings_controller.rb
@@ -5,14 +5,14 @@ class NotificationSettingsController < ApplicationController
     return render_404 unless can_read?(resource)
 
     @notification_setting = current_user.notification_settings_for(resource)
-    @saved = @notification_setting.update_attributes(notification_setting_params)
+    @saved = @notification_setting.update(notification_setting_params)
 
     render_response
   end
 
   def update
     @notification_setting = current_user.notification_settings.find(params[:id])
-    @saved = @notification_setting.update_attributes(notification_setting_params)
+    @saved = @notification_setting.update(notification_setting_params)
 
     render_response
   end
diff --git a/app/controllers/profiles/active_sessions_controller.rb b/app/controllers/profiles/active_sessions_controller.rb
index f0cdc228366..f1e77d68acd 100644
--- a/app/controllers/profiles/active_sessions_controller.rb
+++ b/app/controllers/profiles/active_sessions_controller.rb
@@ -7,7 +7,7 @@ class Profiles::ActiveSessionsController < Profiles::ApplicationController
     ActiveSession.destroy(current_user, params[:id])
 
     respond_to do |format|
-      format.html { redirect_to profile_active_sessions_url, status: 302 }
+      format.html { redirect_to profile_active_sessions_url, status: :found }
       format.js { head :ok }
     end
   end
diff --git a/app/controllers/profiles/avatars_controller.rb b/app/controllers/profiles/avatars_controller.rb
index 39b9f8a84d1..4f030ded80f 100644
--- a/app/controllers/profiles/avatars_controller.rb
+++ b/app/controllers/profiles/avatars_controller.rb
@@ -4,6 +4,6 @@ class Profiles::AvatarsController < Profiles::ApplicationController
 
     Users::UpdateService.new(current_user, user: @user).execute { |user| user.remove_avatar! }
 
-    redirect_to profile_path, status: 302
+    redirect_to profile_path, status: :found
   end
 end
diff --git a/app/controllers/profiles/chat_names_controller.rb b/app/controllers/profiles/chat_names_controller.rb
index 2353f0840d6..a186c5f36a8 100644
--- a/app/controllers/profiles/chat_names_controller.rb
+++ b/app/controllers/profiles/chat_names_controller.rb
@@ -39,7 +39,7 @@ class Profiles::ChatNamesController < Profiles::ApplicationController
       flash[:alert] = "Could not delete chat nickname #{@chat_name.chat_name}."
     end
 
-    redirect_to profile_chat_names_path, status: 302
+    redirect_to profile_chat_names_path, status: :found
   end
 
   private
diff --git a/app/controllers/profiles/emails_controller.rb b/app/controllers/profiles/emails_controller.rb
index bbd7ba49d77..a39824ec9c8 100644
--- a/app/controllers/profiles/emails_controller.rb
+++ b/app/controllers/profiles/emails_controller.rb
@@ -19,7 +19,7 @@ class Profiles::EmailsController < Profiles::ApplicationController
     Emails::DestroyService.new(current_user, user: current_user).execute(@email)
 
     respond_to do |format|
-      format.html { redirect_to profile_emails_url, status: 302 }
+      format.html { redirect_to profile_emails_url, status: :found }
       format.js { head :ok }
     end
   end
diff --git a/app/controllers/profiles/gpg_keys_controller.rb b/app/controllers/profiles/gpg_keys_controller.rb
index 38e3eacd229..c32507756e8 100644
--- a/app/controllers/profiles/gpg_keys_controller.rb
+++ b/app/controllers/profiles/gpg_keys_controller.rb
@@ -21,7 +21,7 @@ class Profiles::GpgKeysController < Profiles::ApplicationController
     @gpg_key.destroy
 
     respond_to do |format|
-      format.html { redirect_to profile_gpg_keys_url, status: 302 }
+      format.html { redirect_to profile_gpg_keys_url, status: :found }
       format.js { head :ok }
     end
   end
@@ -30,7 +30,7 @@ class Profiles::GpgKeysController < Profiles::ApplicationController
     @gpg_key.revoke
 
     respond_to do |format|
-      format.html { redirect_to profile_gpg_keys_url, status: 302 }
+      format.html { redirect_to profile_gpg_keys_url, status: :found }
       format.js { head :ok }
     end
   end
diff --git a/app/controllers/profiles/keys_controller.rb b/app/controllers/profiles/keys_controller.rb
index 12a6cd11f80..6035258667e 100644
--- a/app/controllers/profiles/keys_controller.rb
+++ b/app/controllers/profiles/keys_controller.rb
@@ -26,7 +26,7 @@ class Profiles::KeysController < Profiles::ApplicationController
     Keys::DestroyService.new(current_user).execute(@key)
 
     respond_to do |format|
-      format.html { redirect_to profile_keys_url, status: 302 }
+      format.html { redirect_to profile_keys_url, status: :found }
       format.js { head :ok }
     end
   end
diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb
index aa9789f8a0f..29ff18a1219 100644
--- a/app/controllers/profiles/two_factor_auths_controller.rb
+++ b/app/controllers/profiles/two_factor_auths_controller.rb
@@ -78,7 +78,7 @@ class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
   def destroy
     current_user.disable_two_factor!
 
-    redirect_to profile_account_path, status: 302
+    redirect_to profile_account_path, status: :found
   end
 
   def skip
diff --git a/app/controllers/projects/application_controller.rb b/app/controllers/projects/application_controller.rb
index 5ab6d103c89..b4f814fd3a4 100644
--- a/app/controllers/projects/application_controller.rb
+++ b/app/controllers/projects/application_controller.rb
@@ -61,7 +61,7 @@ class Projects::ApplicationController < ApplicationController
   def require_non_empty_project
     # Be sure to return status code 303 to avoid a double DELETE:
     # http://api.rubyonrails.org/classes/ActionController/Redirecting.html
-    redirect_to project_path(@project), status: 303 if @project.empty_repo?
+    redirect_to project_path(@project), status: :see_other if @project.empty_repo?
   end
 
   def require_branch_head
diff --git a/app/controllers/projects/avatars_controller.rb b/app/controllers/projects/avatars_controller.rb
index 21a403f3765..a13d552dbd8 100644
--- a/app/controllers/projects/avatars_controller.rb
+++ b/app/controllers/projects/avatars_controller.rb
@@ -21,6 +21,6 @@ class Projects::AvatarsController < Projects::ApplicationController
 
     @project.save
 
-    redirect_to edit_project_path(@project), status: 302
+    redirect_to edit_project_path(@project), status: :found
   end
 end
diff --git a/app/controllers/projects/branches_controller.rb b/app/controllers/projects/branches_controller.rb
index cd7250b10fc..d1dc9fe9600 100644
--- a/app/controllers/projects/branches_controller.rb
+++ b/app/controllers/projects/branches_controller.rb
@@ -98,7 +98,7 @@ class Projects::BranchesController < Projects::ApplicationController
         flash_type = result[:status] == :error ? :alert : :notice
         flash[flash_type] = result[:message]
 
-        redirect_to project_branches_path(@project), status: 303
+        redirect_to project_branches_path(@project), status: :see_other
       end
 
       format.js { render nothing: true, status: result[:return_code] }
diff --git a/app/controllers/projects/clusters_controller.rb b/app/controllers/projects/clusters_controller.rb
index 62193257940..358fe59618b 100644
--- a/app/controllers/projects/clusters_controller.rb
+++ b/app/controllers/projects/clusters_controller.rb
@@ -62,7 +62,7 @@ class Projects::ClustersController < Projects::ApplicationController
   def destroy
     if cluster.destroy
       flash[:notice] = _('Kubernetes cluster integration was successfully removed.')
-      redirect_to project_clusters_path(project), status: 302
+      redirect_to project_clusters_path(project), status: :found
     else
       flash[:notice] = _('Kubernetes cluster integration was not removed.')
       render :show
diff --git a/app/controllers/projects/deploy_keys_controller.rb b/app/controllers/projects/deploy_keys_controller.rb
index f43ef2e5f2f..06739d8fd4a 100644
--- a/app/controllers/projects/deploy_keys_controller.rb
+++ b/app/controllers/projects/deploy_keys_controller.rb
@@ -35,7 +35,7 @@ class Projects::DeployKeysController < Projects::ApplicationController
   end
 
   def update
-    if deploy_key.update_attributes(update_params)
+    if deploy_key.update(update_params)
       flash[:notice] = 'Deploy key was successfully updated.'
       redirect_to_repository_settings(@project)
     else
diff --git a/app/controllers/projects/environments_controller.rb b/app/controllers/projects/environments_controller.rb
index 27b7425b965..68353e6a210 100644
--- a/app/controllers/projects/environments_controller.rb
+++ b/app/controllers/projects/environments_controller.rb
@@ -2,7 +2,7 @@ class Projects::EnvironmentsController < Projects::ApplicationController
   layout 'project'
   before_action :authorize_read_environment!
   before_action :authorize_create_environment!, only: [:new, :create]
-  before_action :authorize_create_deployment!, only: [:stop]
+  before_action :authorize_stop_environment!, only: [:stop]
   before_action :authorize_update_environment!, only: [:edit, :update]
   before_action :authorize_admin_environment!, only: [:terminal, :terminal_websocket_authorize]
   before_action :environment, only: [:show, :edit, :update, :stop, :terminal, :terminal_websocket_authorize, :metrics]
@@ -116,7 +116,7 @@ class Projects::EnvironmentsController < Projects::ApplicationController
       set_workhorse_internal_api_content_type
       render json: Gitlab::Workhorse.terminal_websocket(terminal)
     else
-      render text: 'Not found', status: 404
+      render text: 'Not found', status: :not_found
     end
   end
 
@@ -175,4 +175,8 @@ class Projects::EnvironmentsController < Projects::ApplicationController
   def environment
     @environment ||= project.environments.find(params[:id])
   end
+
+  def authorize_stop_environment!
+    access_denied! unless can?(current_user, :stop_environment, environment)
+  end
 end
diff --git a/app/controllers/projects/git_http_client_controller.rb b/app/controllers/projects/git_http_client_controller.rb
index 07249fe3182..a52814e6e52 100644
--- a/app/controllers/projects/git_http_client_controller.rb
+++ b/app/controllers/projects/git_http_client_controller.rb
@@ -53,7 +53,7 @@ class Projects::GitHttpClientController < Projects::ApplicationController
     end
 
     send_challenges
-    render plain: "HTTP Basic: Access denied\n", status: 401
+    render plain: "HTTP Basic: Access denied\n", status: :unauthorized
   rescue Gitlab::Auth::MissingPersonalAccessTokenError
     render_missing_personal_access_token
   end
@@ -83,7 +83,7 @@ class Projects::GitHttpClientController < Projects::ApplicationController
     render plain: "HTTP Basic: Access denied\n" \
                   "You must use a personal access token with 'api' scope for Git over HTTP.\n" \
                   "You can generate one at #{profile_personal_access_tokens_url}",
-           status: 401
+           status: :unauthorized
   end
 
   def repository
diff --git a/app/controllers/projects/group_links_controller.rb b/app/controllers/projects/group_links_controller.rb
index f58ee3e9109..bc5f38f3c2b 100644
--- a/app/controllers/projects/group_links_controller.rb
+++ b/app/controllers/projects/group_links_controller.rb
@@ -24,7 +24,7 @@ class Projects::GroupLinksController < Projects::ApplicationController
   def update
     @group_link = @project.project_group_links.find(params[:id])
 
-    @group_link.update_attributes(group_link_params)
+    @group_link.update(group_link_params)
   end
 
   def destroy
@@ -34,7 +34,7 @@ class Projects::GroupLinksController < Projects::ApplicationController
 
     respond_to do |format|
       format.html do
-        redirect_to project_project_members_path(project), status: 302
+        redirect_to project_project_members_path(project), status: :found
       end
       format.js { head :ok }
     end
diff --git a/app/controllers/projects/hooks_controller.rb b/app/controllers/projects/hooks_controller.rb
index 6800d742b0a..2da2aad9b33 100644
--- a/app/controllers/projects/hooks_controller.rb
+++ b/app/controllers/projects/hooks_controller.rb
@@ -29,7 +29,7 @@ class Projects::HooksController < Projects::ApplicationController
   end
 
   def update
-    if hook.update_attributes(hook_params)
+    if hook.update(hook_params)
       flash[:notice] = 'Hook was successfully updated.'
       redirect_to project_settings_integrations_path(@project)
     else
@@ -48,7 +48,7 @@ class Projects::HooksController < Projects::ApplicationController
   def destroy
     hook.destroy
 
-    redirect_to project_settings_integrations_path(@project), status: 302
+    redirect_to project_settings_integrations_path(@project), status: :found
   end
 
   private
diff --git a/app/controllers/projects/labels_controller.rb b/app/controllers/projects/labels_controller.rb
index 91016f6494e..21d3c918581 100644
--- a/app/controllers/projects/labels_controller.rb
+++ b/app/controllers/projects/labels_controller.rb
@@ -39,7 +39,7 @@ class Projects::LabelsController < Projects::ApplicationController
     else
       respond_to do |format|
         format.html { render :new }
-        format.json { render json: { message: @label.errors.messages }, status: 400 }
+        format.json { render json: { message: @label.errors.messages }, status: :bad_request }
       end
     end
   end
@@ -115,7 +115,7 @@ class Projects::LabelsController < Projects::ApplicationController
       flash[:notice] = "#{@label.title} promoted to <a href=\"#{group_labels_path(@project.group)}\">group label</a>.".html_safe
       respond_to do |format|
         format.html do
-          redirect_to(project_labels_path(@project), status: 303)
+          redirect_to(project_labels_path(@project), status: :see_other)
         end
         format.json do
           render json: { url: project_labels_path(@project) }
diff --git a/app/controllers/projects/lfs_api_controller.rb b/app/controllers/projects/lfs_api_controller.rb
index 3f4962b543d..c64ccc3d473 100644
--- a/app/controllers/projects/lfs_api_controller.rb
+++ b/app/controllers/projects/lfs_api_controller.rb
@@ -25,7 +25,7 @@ class Projects::LfsApiController < Projects::GitHttpClientController
         message: 'Server supports batch API only, please update your Git LFS client to version 1.0.1 and up.',
         documentation_url: "#{Gitlab.config.gitlab.url}/help"
       },
-      status: 501
+      status: :not_implemented
     )
   end
 
diff --git a/app/controllers/projects/lfs_storage_controller.rb b/app/controllers/projects/lfs_storage_controller.rb
index 45c98d60822..dd7e673ec75 100644
--- a/app/controllers/projects/lfs_storage_controller.rb
+++ b/app/controllers/projects/lfs_storage_controller.rb
@@ -28,7 +28,7 @@ class Projects::LfsStorageController < Projects::GitHttpClientController
     if store_file!(oid, size)
       head 200
     else
-      render plain: 'Unprocessable entity', status: 422
+      render plain: 'Unprocessable entity', status: :unprocessable_entity
     end
   rescue ActiveRecord::RecordInvalid
     render_lfs_forbidden
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index a7c5f858c42..dc6551fc761 100644
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -192,7 +192,7 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
           deployment = environment.first_deployment_for(@merge_request.diff_head_sha)
 
           stop_url =
-            if environment.stop_action? && can?(current_user, :create_deployment, environment)
+            if can?(current_user, :stop_environment, environment)
               stop_project_environment_path(project, environment)
             end
 
@@ -227,7 +227,7 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
   def rebase
     RebaseWorker.perform_async(@merge_request.id, current_user.id)
 
-    render nothing: true, status: 200
+    render nothing: true, status: :ok
   end
 
   protected
diff --git a/app/controllers/projects/milestones_controller.rb b/app/controllers/projects/milestones_controller.rb
index 594563d1f6f..5e86ec93f34 100644
--- a/app/controllers/projects/milestones_controller.rb
+++ b/app/controllers/projects/milestones_controller.rb
@@ -96,7 +96,7 @@ class Projects::MilestonesController < Projects::ApplicationController
     Milestones::DestroyService.new(project, current_user).execute(milestone)
 
     respond_to do |format|
-      format.html { redirect_to namespace_project_milestones_path, status: 303 }
+      format.html { redirect_to namespace_project_milestones_path, status: :see_other }
       format.js { head :ok }
     end
   end
diff --git a/app/controllers/projects/mirrors_controller.rb b/app/controllers/projects/mirrors_controller.rb
index 5698ff4e706..3b24d231f3d 100644
--- a/app/controllers/projects/mirrors_controller.rb
+++ b/app/controllers/projects/mirrors_controller.rb
@@ -13,7 +13,7 @@ class Projects::MirrorsController < Projects::ApplicationController
   end
 
   def update
-    if project.update_attributes(mirror_params)
+    if project.update(mirror_params)
       flash[:notice] = 'Mirroring settings were successfully updated.'
     else
       flash[:alert] = project.errors.full_messages.join(', ').html_safe
diff --git a/app/controllers/projects/pipeline_schedules_controller.rb b/app/controllers/projects/pipeline_schedules_controller.rb
index fa258f3d9af..aeda7b3edf5 100644
--- a/app/controllers/projects/pipeline_schedules_controller.rb
+++ b/app/controllers/projects/pipeline_schedules_controller.rb
@@ -64,7 +64,7 @@ class Projects::PipelineSchedulesController < Projects::ApplicationController
 
   def destroy
     if schedule.destroy
-      redirect_to pipeline_schedules_path(@project), status: 302
+      redirect_to pipeline_schedules_path(@project), status: :found
     else
       redirect_to pipeline_schedules_path(@project),
                   status: :forbidden,
diff --git a/app/controllers/projects/releases_controller.rb b/app/controllers/projects/releases_controller.rb
index 3e0a530fdb9..19e09b3af6f 100644
--- a/app/controllers/projects/releases_controller.rb
+++ b/app/controllers/projects/releases_controller.rb
@@ -14,7 +14,7 @@ class Projects::ReleasesController < Projects::ApplicationController
     # it exists only to save a description to each Tag.
     # If description is empty we should destroy the existing record.
     if release_params[:description].present?
-      release.update_attributes(release_params)
+      release.update(release_params)
     else
       release.destroy
     end
diff --git a/app/controllers/projects/repositories_controller.rb b/app/controllers/projects/repositories_controller.rb
index d01f324e6fd..ecb2ece7532 100644
--- a/app/controllers/projects/repositories_controller.rb
+++ b/app/controllers/projects/repositories_controller.rb
@@ -24,7 +24,7 @@ class Projects::RepositoriesController < Projects::ApplicationController
     send_git_archive @repository, ref: @ref, format: params[:format], append_sha: append_sha
   rescue => ex
     logger.error("#{self.class.name}: #{ex}")
-    return git_not_found!
+    git_not_found!
   end
 
   def assign_archive_vars
diff --git a/app/controllers/projects/runner_projects_controller.rb b/app/controllers/projects/runner_projects_controller.rb
index a080724634b..c098c82081e 100644
--- a/app/controllers/projects/runner_projects_controller.rb
+++ b/app/controllers/projects/runner_projects_controller.rb
@@ -21,6 +21,6 @@ class Projects::RunnerProjectsController < Projects::ApplicationController
     runner_project = project.runner_projects.find(params[:id])
     runner_project.destroy
 
-    redirect_to project_runners_path(project), status: 302
+    redirect_to project_runners_path(project), status: :found
   end
 end
diff --git a/app/controllers/projects/runners_controller.rb b/app/controllers/projects/runners_controller.rb
index bef94cea989..cc7cce887bf 100644
--- a/app/controllers/projects/runners_controller.rb
+++ b/app/controllers/projects/runners_controller.rb
@@ -24,7 +24,7 @@ class Projects::RunnersController < Projects::ApplicationController
       @runner.destroy
     end
 
-    redirect_to project_runners_path(@project), status: 302
+    redirect_to project_runners_path(@project), status: :found
   end
 
   def resume
diff --git a/app/controllers/projects/services_controller.rb b/app/controllers/projects/services_controller.rb
index 690596b12db..d55046047ae 100644
--- a/app/controllers/projects/services_controller.rb
+++ b/app/controllers/projects/services_controller.rb
@@ -34,7 +34,7 @@ class Projects::ServicesController < Projects::ApplicationController
   private
 
   def service_test_response
-    if @service.update_attributes(service_params[:service])
+    if @service.update(service_params[:service])
       data = @service.test_data(project, current_user)
       outcome = @service.test(data)
 
diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb
index 208a1d19862..f742d7edf83 100644
--- a/app/controllers/projects/snippets_controller.rb
+++ b/app/controllers/projects/snippets_controller.rb
@@ -82,7 +82,7 @@ class Projects::SnippetsController < Projects::ApplicationController
 
     @snippet.destroy
 
-    redirect_to project_snippets_path(@project), status: 302
+    redirect_to project_snippets_path(@project), status: :found
   end
 
   protected
diff --git a/app/controllers/projects/tags_controller.rb b/app/controllers/projects/tags_controller.rb
index b62d7d9b7c5..b17753222a0 100644
--- a/app/controllers/projects/tags_controller.rb
+++ b/app/controllers/projects/tags_controller.rb
@@ -50,7 +50,7 @@ class Projects::TagsController < Projects::ApplicationController
     respond_to do |format|
       if result[:status] == :success
         format.html do
-          redirect_to project_tags_path(@project), status: 303
+          redirect_to project_tags_path(@project), status: :see_other
         end
 
         format.js
diff --git a/app/controllers/projects/templates_controller.rb b/app/controllers/projects/templates_controller.rb
index 694b468c8d3..52d6fb82093 100644
--- a/app/controllers/projects/templates_controller.rb
+++ b/app/controllers/projects/templates_controller.rb
@@ -14,6 +14,6 @@ class Projects::TemplatesController < Projects::ApplicationController
   def get_template_class
     template_types = { issue: Gitlab::Template::IssueTemplate, merge_request: Gitlab::Template::MergeRequestTemplate }.with_indifferent_access
     @template_type = template_types[params[:template_type]]
-    render json: [], status: 404 unless @template_type
+    render json: [], status: :not_found unless @template_type
   end
 end
diff --git a/app/controllers/projects/triggers_controller.rb b/app/controllers/projects/triggers_controller.rb
index e04145dd0b3..6f3de43f85a 100644
--- a/app/controllers/projects/triggers_controller.rb
+++ b/app/controllers/projects/triggers_controller.rb
@@ -50,7 +50,7 @@ class Projects::TriggersController < Projects::ApplicationController
       flash[:alert] = "Could not remove the trigger."
     end
 
-    redirect_to project_settings_ci_cd_path(@project), status: 302
+    redirect_to project_settings_ci_cd_path(@project), status: :found
   end
 
   private
diff --git a/app/controllers/projects/wikis_controller.rb b/app/controllers/projects/wikis_controller.rb
index aa844e94d89..c01066c688a 100644
--- a/app/controllers/projects/wikis_controller.rb
+++ b/app/controllers/projects/wikis_controller.rb
@@ -120,7 +120,7 @@ class Projects::WikisController < Projects::ApplicationController
   rescue ProjectWiki::CouldNotCreateWikiError
     flash[:notice] = "Could not create Wiki Repository at this time. Please try again later."
     redirect_to project_path(@project)
-    return false
+    false
   end
 
   def wiki_params
@@ -129,7 +129,7 @@ class Projects::WikisController < Projects::ApplicationController
 
   def build_page(args)
     WikiPage.new(@project_wiki).tap do |page|
-      page.update_attributes(args)
+      page.update_attributes(args) # rubocop:disable Rails/ActiveRecordAliases
     end
   end
 end
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
index f2abe27f60e..9d1c44db137 100644
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -133,7 +133,7 @@ class ProjectsController < Projects::ApplicationController
     ::Projects::DestroyService.new(@project, current_user, {}).async_execute
     flash[:notice] = _("Project '%{project_name}' is in the process of being deleted.") % { project_name: @project.full_name }
 
-    redirect_to dashboard_projects_path, status: 302
+    redirect_to dashboard_projects_path, status: :found
   rescue Projects::DestroyService::DestroyError => ex
     redirect_to edit_project_path(@project), status: 302, alert: ex.message
   end
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 1de6ae24622..9dd652206fe 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -32,8 +32,8 @@ class SessionsController < Devise::SessionsController
     super do |resource|
       # User has successfully signed in, so clear any unused reset token
       if resource.reset_password_token.present?
-        resource.update_attributes(reset_password_token: nil,
-                                   reset_password_sent_at: nil)
+        resource.update(reset_password_token: nil,
+                        reset_password_sent_at: nil)
       end
 
       # hide the signed-in notification
diff --git a/app/controllers/sherlock/transactions_controller.rb b/app/controllers/sherlock/transactions_controller.rb
index cb6c3a7cd98..ae4953c3259 100644
--- a/app/controllers/sherlock/transactions_controller.rb
+++ b/app/controllers/sherlock/transactions_controller.rb
@@ -13,7 +13,7 @@ module Sherlock
     def destroy_all
       Gitlab::Sherlock.collection.clear
 
-      redirect_to :back, status: 302
+      redirect_to :back, status: :found
     end
   end
 end
diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb
index 3d51520ddf4..1d6d0943674 100644
--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -89,7 +89,7 @@ class SnippetsController < ApplicationController
 
     @snippet.destroy
 
-    redirect_to snippets_path, status: 302
+    redirect_to snippets_path, status: :found
   end
 
   protected
diff --git a/app/helpers/time_helper.rb b/app/helpers/time_helper.rb
index 271e839692a..336385f6798 100644
--- a/app/helpers/time_helper.rb
+++ b/app/helpers/time_helper.rb
@@ -5,9 +5,13 @@ module TimeHelper
     seconds = interval_in_seconds - minutes * 60
 
     if minutes >= 1
-      "#{pluralize(minutes, "minute")} #{pluralize(seconds, "second")}"
+      if seconds % 60 == 0
+        pluralize(minutes, "minute")
+      else
+        [pluralize(minutes, "minute"), pluralize(seconds, "second")].to_sentence
+      end
     else
-      "#{pluralize(seconds, "second")}"
+      pluralize(seconds, "second")
     end
   end
 
diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb
index 19949f83351..d8ddb4bc667 100644
--- a/app/models/ci/build.rb
+++ b/app/models/ci/build.rb
@@ -371,7 +371,7 @@ module Ci
 
     def update_coverage
       coverage = trace.extract_coverage(coverage_regex)
-      update_attributes(coverage: coverage) if coverage.present?
+      update(coverage: coverage) if coverage.present?
     end
 
     def parse_trace_sections!
@@ -437,9 +437,9 @@ module Ci
     end
 
     def artifacts_metadata_entry(path, **options)
-      artifacts_metadata.use_file do |metadata_path|
+      artifacts_metadata.open do |metadata_stream|
         metadata = Gitlab::Ci::Build::Artifacts::Metadata.new(
-          metadata_path,
+          metadata_stream,
           path,
           **options)
 
diff --git a/app/models/concerns/protected_ref.rb b/app/models/concerns/protected_ref.rb
index 94eef4ff7cd..dbe8d31de37 100644
--- a/app/models/concerns/protected_ref.rb
+++ b/app/models/concerns/protected_ref.rb
@@ -23,7 +23,7 @@ module ProtectedRef
         # If we don't `protected_branch` or `protected_tag` would be empty and
         # `project` cannot be delegated to it, which in turn would cause validations
         # to fail.
-        has_many :"#{type}_access_levels", inverse_of: self.model_name.singular # rubocop:disable Cop/ActiveRecordDependent
+        has_many :"#{type}_access_levels", inverse_of: self.model_name.singular
 
         validates :"#{type}_access_levels", length: { is: 1, message: "are restricted to a single instance per #{self.model_name.human}." }
 
diff --git a/app/models/network/commit.rb b/app/models/network/commit.rb
index 22d48c9e661..d667948deae 100644
--- a/app/models/network/commit.rb
+++ b/app/models/network/commit.rb
@@ -11,8 +11,8 @@ module Network
       @parent_spaces = []
     end
 
-    def method_missing(m, *args, &block)
-      @commit.__send__(m, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
+    def method_missing(msg, *args, &block)
+      @commit.__send__(msg, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
     end
 
     def space
diff --git a/app/models/project_wiki.rb b/app/models/project_wiki.rb
index a6f94b3e3b0..fc868c3ebb7 100644
--- a/app/models/project_wiki.rb
+++ b/app/models/project_wiki.rb
@@ -107,7 +107,7 @@ class ProjectWiki
     update_project_activity
   rescue Gitlab::Git::Wiki::DuplicatePageError => e
     @error_message = "Duplicate page: #{e.message}"
-    return false
+    false
   end
 
   def update_page(page, content:, title: nil, format: :markdown, message: nil)
diff --git a/app/models/remote_mirror.rb b/app/models/remote_mirror.rb
index c4b5dd2dc96..976b501e297 100644
--- a/app/models/remote_mirror.rb
+++ b/app/models/remote_mirror.rb
@@ -57,7 +57,7 @@ class RemoteMirror < ActiveRecord::Base
       Gitlab::Metrics.add_event(:remote_mirrors_finished, path: remote_mirror.project.full_path)
 
       timestamp = Time.now
-      remote_mirror.update_attributes!(
+      remote_mirror.update!(
         last_update_at: timestamp, last_successful_update_at: timestamp, last_error: nil
       )
     end
diff --git a/app/models/repository.rb b/app/models/repository.rb
index 7cd600fec5b..5ed2a7b4068 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -462,12 +462,12 @@ class Repository
     expire_branches_cache
   end
 
-  def method_missing(m, *args, &block)
-    if m == :lookup && !block_given?
-      lookup_cache[m] ||= {}
-      lookup_cache[m][args.join(":")] ||= raw_repository.__send__(m, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
+  def method_missing(msg, *args, &block)
+    if msg == :lookup && !block_given?
+      lookup_cache[msg] ||= {}
+      lookup_cache[msg][args.join(":")] ||= raw_repository.__send__(msg, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
     else
-      raw_repository.__send__(m, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
+      raw_repository.__send__(msg, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
     end
   end
 
diff --git a/app/models/user.rb b/app/models/user.rb
index 27a5d0278b7..1c5d39db118 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -496,7 +496,7 @@ class User < ActiveRecord::Base
 
   def disable_two_factor!
     transaction do
-      update_attributes(
+      update(
         otp_required_for_login:      false,
         encrypted_otp_secret:        nil,
         encrypted_otp_secret_iv:     nil,
@@ -1053,7 +1053,7 @@ class User < ActiveRecord::Base
     return @global_notification_setting if defined?(@global_notification_setting)
 
     @global_notification_setting = notification_settings.find_or_initialize_by(source: nil)
-    @global_notification_setting.update_attributes(level: NotificationSetting.levels[DEFAULT_NOTIFICATION_LEVEL]) unless @global_notification_setting.persisted?
+    @global_notification_setting.update(level: NotificationSetting.levels[DEFAULT_NOTIFICATION_LEVEL]) unless @global_notification_setting.persisted?
 
     @global_notification_setting
   end
@@ -1333,8 +1333,8 @@ class User < ActiveRecord::Base
     end
   end
 
-  def self.unique_internal(scope, username, email_pattern, &b)
-    scope.first || create_unique_internal(scope, username, email_pattern, &b)
+  def self.unique_internal(scope, username, email_pattern, &block)
+    scope.first || create_unique_internal(scope, username, email_pattern, &block)
   end
 
   def self.create_unique_internal(scope, username, email_pattern, &creation_block)
diff --git a/app/models/wiki_page.rb b/app/models/wiki_page.rb
index cde79b95062..4b49edb01a5 100644
--- a/app/models/wiki_page.rb
+++ b/app/models/wiki_page.rb
@@ -1,3 +1,4 @@
+# rubocop:disable Rails/ActiveRecordAliases
 class WikiPage
   PageChangedError = Class.new(StandardError)
   PageRenameError = Class.new(StandardError)
diff --git a/app/policies/environment_policy.rb b/app/policies/environment_policy.rb
index 375a5535359..978dc3a7c81 100644
--- a/app/policies/environment_policy.rb
+++ b/app/policies/environment_policy.rb
@@ -1,9 +1,13 @@
 class EnvironmentPolicy < BasePolicy
   delegate { @subject.project }
 
-  condition(:stop_action_allowed) do
-    @subject.stop_action? && can?(:update_build, @subject.stop_action)
+  condition(:stop_with_deployment_allowed) do
+    @subject.stop_action? && can?(:create_deployment) && can?(:update_build, @subject.stop_action)
   end
 
-  rule { can?(:create_deployment) & stop_action_allowed }.enable :stop_environment
+  condition(:stop_with_update_allowed) do
+    !@subject.stop_action? && can?(:update_environment, @subject)
+  end
+
+  rule { stop_with_deployment_allowed | stop_with_update_allowed }.enable :stop_environment
 end
diff --git a/app/serializers/environment_entity.rb b/app/serializers/environment_entity.rb
index ba0ae6ba8a0..0fc3f92b151 100644
--- a/app/serializers/environment_entity.rb
+++ b/app/serializers/environment_entity.rb
@@ -7,7 +7,7 @@ class EnvironmentEntity < Grape::Entity
   expose :external_url
   expose :environment_type
   expose :last_deployment, using: DeploymentEntity
-  expose :stop_action?
+  expose :stop_action?, as: :has_stop_action
 
   expose :metrics_path, if: -> (environment, _) { environment.has_metrics? } do |environment|
     metrics_project_environment_path(environment.project, environment)
@@ -31,4 +31,14 @@ class EnvironmentEntity < Grape::Entity
   end
 
   expose :created_at, :updated_at
+
+  expose :can_stop do |environment|
+    environment.available? && can?(current_user, :stop_environment, environment)
+  end
+
+  private
+
+  def current_user
+    request.current_user
+  end
 end
diff --git a/app/services/badges/update_service.rb b/app/services/badges/update_service.rb
index 7ca84b5df31..495a4a2c99d 100644
--- a/app/services/badges/update_service.rb
+++ b/app/services/badges/update_service.rb
@@ -3,7 +3,7 @@ module Badges
     # returns the updated badge
     def execute(badge)
       if params.present?
-        badge.update_attributes(params)
+        badge.update(params)
       end
 
       badge
diff --git a/app/services/commits/change_service.rb b/app/services/commits/change_service.rb
index b9d0173a2d0..1ce6ab36cbf 100644
--- a/app/services/commits/change_service.rb
+++ b/app/services/commits/change_service.rb
@@ -13,8 +13,6 @@ module Commits
 
       # rubocop:disable GitlabSecurity/PublicSend
       message = @commit.public_send(:"#{action}_message", current_user)
-
-      # rubocop:disable GitlabSecurity/PublicSend
       repository.public_send(
         action,
         current_user,
diff --git a/app/services/issuable_base_service.rb b/app/services/issuable_base_service.rb
index 683f64e82ad..5e06e0c61cf 100644
--- a/app/services/issuable_base_service.rb
+++ b/app/services/issuable_base_service.rb
@@ -130,7 +130,7 @@ class IssuableBaseService < BaseService
   def create_issuable(issuable, attributes, label_ids:)
     issuable.with_transaction_returning_status do
       if issuable.save
-        issuable.update_attributes(label_ids: label_ids)
+        issuable.update(label_ids: label_ids)
       end
     end
   end
diff --git a/app/services/members/update_service.rb b/app/services/members/update_service.rb
index 48b3d59f7bd..cb19cf01dd7 100644
--- a/app/services/members/update_service.rb
+++ b/app/services/members/update_service.rb
@@ -6,7 +6,7 @@ module Members
 
       old_access_level = member.human_access
 
-      if member.update_attributes(params)
+      if member.update(params)
         after_execute(action: permission, old_access_level: old_access_level, member: member)
       end
 
diff --git a/app/services/merge_requests/rebase_service.rb b/app/services/merge_requests/rebase_service.rb
index 5b4bc86b9ba..c741e913860 100644
--- a/app/services/merge_requests/rebase_service.rb
+++ b/app/services/merge_requests/rebase_service.rb
@@ -26,7 +26,7 @@ module MergeRequests
 
       Gitlab::GitLogger.info("#{log_prefix} rebased to #{rebase_sha}")
 
-      merge_request.update_attributes(rebase_commit_sha: rebase_sha)
+      merge_request.update(rebase_commit_sha: rebase_sha)
 
       Gitlab::GitLogger.info("#{log_prefix} rebase SHA saved: #{rebase_sha}")
 
diff --git a/app/services/milestones/update_service.rb b/app/services/milestones/update_service.rb
index 31b441ed476..74edbf9b41d 100644
--- a/app/services/milestones/update_service.rb
+++ b/app/services/milestones/update_service.rb
@@ -11,7 +11,7 @@ module Milestones
       end
 
       if params.present?
-        milestone.update_attributes(params.except(:state_event))
+        milestone.update(params.except(:state_event))
       end
 
       milestone
diff --git a/app/services/notes/update_service.rb b/app/services/notes/update_service.rb
index 75fd08ea0a9..e16ef398184 100644
--- a/app/services/notes/update_service.rb
+++ b/app/services/notes/update_service.rb
@@ -5,7 +5,7 @@ module Notes
 
       old_mentioned_users = note.mentioned_users.to_a
 
-      note.update_attributes(params.merge(updated_by: current_user))
+      note.update(params.merge(updated_by: current_user))
       note.create_new_cross_references!(current_user)
 
       if note.previous_changes.include?('note')
diff --git a/app/services/notification_recipient_service.rb b/app/services/notification_recipient_service.rb
index 4fa38665abc..d9834fd0ccc 100644
--- a/app/services/notification_recipient_service.rb
+++ b/app/services/notification_recipient_service.rb
@@ -10,16 +10,16 @@ module NotificationRecipientService
     NotificationRecipient.new(user, *args).notifiable?
   end
 
-  def self.build_recipients(*a)
-    Builder::Default.new(*a).notification_recipients
+  def self.build_recipients(*args)
+    Builder::Default.new(*args).notification_recipients
   end
 
-  def self.build_new_note_recipients(*a)
-    Builder::NewNote.new(*a).notification_recipients
+  def self.build_new_note_recipients(*args)
+    Builder::NewNote.new(*args).notification_recipients
   end
 
-  def self.build_merge_request_unmergeable_recipients(*a)
-    Builder::MergeRequestUnmergeable.new(*a).notification_recipients
+  def self.build_merge_request_unmergeable_recipients(*args)
+    Builder::MergeRequestUnmergeable.new(*args).notification_recipients
   end
 
   module Builder
@@ -44,7 +44,6 @@ module NotificationRecipientService
         raise 'abstract'
       end
 
-      # rubocop:disable Rails/Delegate
       def project
         target.project
       end
diff --git a/app/services/projects/destroy_service.rb b/app/services/projects/destroy_service.rb
index 02769e72229..87173cc79ec 100644
--- a/app/services/projects/destroy_service.rb
+++ b/app/services/projects/destroy_service.rb
@@ -124,7 +124,7 @@ module Projects
       # It's possible that the project was destroyed, but some after_commit
       # hook failed and caused us to end up here. A destroyed model will be a frozen hash,
       # which cannot be altered.
-      project.update_attributes(delete_error: message, pending_delete: false) unless project.destroyed?
+      project.update(delete_error: message, pending_delete: false) unless project.destroyed?
 
       log_error("Deletion failed on #{project.full_path} with the following message: #{message}")
     end
diff --git a/app/services/projects/fork_service.rb b/app/services/projects/fork_service.rb
index 348eb0bf8d8..a8aafa9fb4f 100644
--- a/app/services/projects/fork_service.rb
+++ b/app/services/projects/fork_service.rb
@@ -37,7 +37,7 @@ module Projects
       return new_project unless new_project.persisted?
 
       builds_access_level = @project.project_feature.builds_access_level
-      new_project.project_feature.update_attributes(builds_access_level: builds_access_level)
+      new_project.project_feature.update(builds_access_level: builds_access_level)
 
       link_fork_network(new_project)
 
diff --git a/app/services/projects/lfs_pointers/lfs_download_service.rb b/app/services/projects/lfs_pointers/lfs_download_service.rb
index 6ea43561d61..618c30b971f 100644
--- a/app/services/projects/lfs_pointers/lfs_download_service.rb
+++ b/app/services/projects/lfs_pointers/lfs_download_service.rb
@@ -22,7 +22,7 @@ module Projects
       private
 
       def download_and_save_file(file, sanitized_uri)
-        IO.copy_stream(open(sanitized_uri.sanitized_url, headers(sanitized_uri)), file)
+        IO.copy_stream(open(sanitized_uri.sanitized_url, headers(sanitized_uri)), file) # rubocop:disable Security/Open
       end
 
       def headers(sanitized_uri)
diff --git a/app/services/projects/update_service.rb b/app/services/projects/update_service.rb
index d8250cd8102..f4fbaacc08b 100644
--- a/app/services/projects/update_service.rb
+++ b/app/services/projects/update_service.rb
@@ -22,7 +22,7 @@ module Projects
       # If the block added errors, don't try to save the project
       return validation_failed! if project.errors.any?
 
-      if project.update_attributes(params.except(:default_branch))
+      if project.update(params.except(:default_branch))
         if project.previous_changes.include?('path')
           project.rename_repo
         else
diff --git a/app/services/update_release_service.rb b/app/services/update_release_service.rb
index b7c36651968..dc696e9c440 100644
--- a/app/services/update_release_service.rb
+++ b/app/services/update_release_service.rb
@@ -7,7 +7,7 @@ class UpdateReleaseService < BaseService
       release = project.releases.find_by(tag: tag_name)
 
       if release
-        release.update_attributes(description: release_description)
+        release.update(description: release_description)
 
         success(release)
       else
diff --git a/app/uploaders/gitlab_uploader.rb b/app/uploaders/gitlab_uploader.rb
index 7919f126075..719bd6ef418 100644
--- a/app/uploaders/gitlab_uploader.rb
+++ b/app/uploaders/gitlab_uploader.rb
@@ -71,6 +71,28 @@ class GitlabUploader < CarrierWave::Uploader::Base
     File.join('/', self.class.base_dir, dynamic_segment, filename)
   end
 
+  def cached_size
+    size
+  end
+
+  def open
+    stream =
+      if file_storage?
+        File.open(path, "rb") if path
+      else
+        ::Gitlab::HttpIO.new(url, cached_size) if url
+      end
+
+    return unless stream
+    return stream unless block_given?
+
+    begin
+      yield(stream)
+    ensure
+      stream.close
+    end
+  end
+
   private
 
   # Designed to be overridden by child uploaders that have a dynamic path
diff --git a/app/uploaders/job_artifact_uploader.rb b/app/uploaders/job_artifact_uploader.rb
index 855cf2fc21c..f6af023e0f9 100644
--- a/app/uploaders/job_artifact_uploader.rb
+++ b/app/uploaders/job_artifact_uploader.rb
@@ -18,14 +18,6 @@ class JobArtifactUploader < GitlabUploader
     dynamic_segment
   end
 
-  def open
-    if file_storage?
-      File.open(path, "rb") if path
-    else
-      ::Gitlab::Ci::Trace::HttpIO.new(url, cached_size) if url
-    end
-  end
-
   private
 
   def dynamic_segment
diff --git a/app/views/projects/deployments/_actions.haml b/app/views/projects/deployments/_actions.haml
index e0ecf56525a..f4c91377ecb 100644
--- a/app/views/projects/deployments/_actions.haml
+++ b/app/views/projects/deployments/_actions.haml
@@ -3,13 +3,12 @@
   - if actions.present?
     .btn-group
       .dropdown
-        %button.dropdown.dropdown-new.btn.btn-default{ type: 'button', 'data-toggle' => 'dropdown' }
-          = custom_icon('icon_play')
+        %button.dropdown.dropdown-new.btn.btn-default.has-tooltip{ type: 'button', 'data-toggle' => 'dropdown', title: s_('Environments|Deploy to...') }
+          = sprite_icon('play')
           = icon('caret-down')
         %ul.dropdown-menu.dropdown-menu-right
           - actions.each do |action|
             - next unless can?(current_user, :update_build, action)
             %li
-              = link_to [:play, @project.namespace.becomes(Namespace), @project, action], method: :post, rel: 'nofollow' do
-                = custom_icon('icon_play')
+              = link_to [:play, @project.namespace.becomes(Namespace), @project, action], method: :post, rel: 'nofollow', class: 'btn' do
                 %span= action.name.humanize
diff --git a/app/views/projects/deployments/_rollback.haml b/app/views/projects/deployments/_rollback.haml
index 95f950948ab..281e042c915 100644
--- a/app/views/projects/deployments/_rollback.haml
+++ b/app/views/projects/deployments/_rollback.haml
@@ -1,6 +1,7 @@
 - if can?(current_user, :create_deployment, deployment) && deployment.deployable
-  = link_to [:retry, @project.namespace.becomes(Namespace), @project, deployment.deployable], method: :post, class: 'btn btn-build' do
+  - tooltip = deployment.last? ? s_('Environments|Re-deploy to environment') : s_('Environments|Rollback environment')
+  = link_to [:retry, @project.namespace.becomes(Namespace), @project, deployment.deployable], method: :post, class: 'btn btn-build has-tooltip', title: tooltip do
     - if deployment.last?
-      = _("Re-deploy")
+      = sprite_icon('repeat')
     - else
-      = _("Rollback")
+      = sprite_icon('redo')
diff --git a/app/views/projects/environments/_external_url.html.haml b/app/views/projects/environments/_external_url.html.haml
index a264252e095..4694bc39d54 100644
--- a/app/views/projects/environments/_external_url.html.haml
+++ b/app/views/projects/environments/_external_url.html.haml
@@ -1,4 +1,4 @@
 - if environment.external_url && can?(current_user, :read_environment, environment)
-  = link_to environment.external_url, target: '_blank', rel: 'noopener noreferrer', class: 'btn external-url' do
+  = link_to environment.external_url, target: '_blank', rel: 'noopener noreferrer', class: 'btn external-url has-tooltip', title: s_('Environments|Open live environment') do
     = sprite_icon('external-link')
     View deployment
diff --git a/app/views/projects/environments/_stop.html.haml b/app/views/projects/environments/_stop.html.haml
deleted file mode 100644
index c35f9af2873..00000000000
--- a/app/views/projects/environments/_stop.html.haml
+++ /dev/null
@@ -1,5 +0,0 @@
-- if can?(current_user, :create_deployment, environment) && environment.stop_action?
-  .inline
-    = link_to stop_project_environment_path(@project, environment), method: :post,
-      class: 'btn stop-env-link', rel: 'nofollow', data: { confirm: 'Are you sure you want to stop this environment?' } do
-      = icon('stop', class: 'stop-env-icon')
diff --git a/app/views/projects/environments/show.html.haml b/app/views/projects/environments/show.html.haml
index add394a6356..a33bc9d4ce6 100644
--- a/app/views/projects/environments/show.html.haml
+++ b/app/views/projects/environments/show.html.haml
@@ -4,6 +4,33 @@
 - page_title "Environments"
 
 %div{ class: container_class }
+  - if can?(current_user, :stop_environment, @environment)
+    #stop-environment-modal.modal.fade{ tabindex: -1 }
+      .modal-dialog
+        .modal-content
+          .modal-header
+            %h4.modal-title.d-flex.mw-100
+              Stopping
+              %span.has-tooltip.text-truncate.ml-1.mr-1.flex-fill{ title: @environment.name, data: { container: '#stop-environment-modal' } }
+                = @environment.name
+              ?
+          .modal-body
+            %p= s_('Environments|Are you sure you want to stop this environment?')
+            - unless @environment.stop_action?
+              .warning_message
+                %p= s_('Environments|Note that this action will stop the environment, but it will %{emphasis_start}not%{emphasis_end} have an effect on any existing deployment due to no “stop environment action” being defined in the %{ci_config_link_start}.gitlab-ci.yml%{ci_config_link_end} file.').html_safe % { emphasis_start: '<strong>'.html_safe,
+                  emphasis_end: '</strong>'.html_safe,
+                  ci_config_link_start: '<a href="https://docs.gitlab.com/ee/ci/yaml/" target="_blank" rel="noopener noreferrer">'.html_safe,
+                  ci_config_link_end: '</a>'.html_safe }
+                %a{ href: 'https://docs.gitlab.com/ee/ci/environments.html#stopping-an-environment',
+                  target: '_blank',
+                  rel: 'noopener noreferrer' }
+                  = s_('Environments|Learn more about stopping environments')
+          .modal-footer
+            = button_tag _('Cancel'), type: 'button', class: 'btn btn-cancel', data: { dismiss: 'modal' }
+            = button_to stop_project_environment_path(@project, @environment), class: 'btn btn-danger has-tooltip', method: :post do
+              = s_('Environments|Stop environment')
+
   .row.top-area.adjust
     .col-md-7
       %h3.page-title= @environment.name
@@ -15,7 +42,10 @@
         - if can?(current_user, :update_environment, @environment)
           = link_to 'Edit', edit_project_environment_path(@project, @environment), class: 'btn'
         - if can?(current_user, :stop_environment, @environment)
-          = link_to 'Stop', stop_project_environment_path(@project, @environment), data: { confirm: 'Are you sure you want to stop this environment?' }, class: 'btn btn-danger', method: :post
+          = button_tag class: 'btn btn-danger', type: 'button', data: { toggle: 'modal',
+            target: '#stop-environment-modal' } do
+            = sprite_icon('stop')
+            = s_('Environments|Stop')
 
   .environments-container
     - if @deployments.blank?
diff --git a/app/views/shared/hook_logs/_content.html.haml b/app/views/shared/hook_logs/_content.html.haml
index 532712ee6d1..f3b56df0c96 100644
--- a/app/views/shared/hook_logs/_content.html.haml
+++ b/app/views/shared/hook_logs/_content.html.haml
@@ -30,7 +30,7 @@
 
 %h5 Request body:
 %pre
-  :plain
+  :escaped
     #{JSON.pretty_generate(hook_log.request_data)}
 %h5 Response headers:
 %pre
@@ -40,5 +40,5 @@
 
 %h5 Response body:
 %pre
-  :plain
+  :escaped
     #{hook_log.response_body}
diff --git a/app/workers/email_receiver_worker.rb b/app/workers/email_receiver_worker.rb
index f9f0efb302a..12706613ac2 100644
--- a/app/workers/email_receiver_worker.rb
+++ b/app/workers/email_receiver_worker.rb
@@ -15,14 +15,14 @@ class EmailReceiverWorker
 
   private
 
-  def handle_failure(raw, e)
-    Rails.logger.warn("Email can not be processed: #{e}\n\n#{raw}")
+  def handle_failure(raw, error)
+    Rails.logger.warn("Email can not be processed: #{error}\n\n#{raw}")
 
     return unless raw.present?
 
     can_retry = false
     reason =
-      case e
+      case error
       when Gitlab::Email::UnknownIncomingEmail
         "We couldn't figure out what the email is for. Please create your issue or comment through the web interface."
       when Gitlab::Email::SentNotificationNotFoundError
@@ -42,7 +42,7 @@ class EmailReceiverWorker
         "The thread you are replying to no longer exists, perhaps it was deleted? If you believe this is in error, contact a staff member."
       when Gitlab::Email::InvalidRecordError
         can_retry = true
-        e.message
+        error.message
       end
 
     if reason
diff --git a/app/workers/object_storage/migrate_uploads_worker.rb b/app/workers/object_storage/migrate_uploads_worker.rb
index a3ecfa8e711..01d03ec7888 100644
--- a/app/workers/object_storage/migrate_uploads_worker.rb
+++ b/app/workers/object_storage/migrate_uploads_worker.rb
@@ -1,6 +1,4 @@
 # frozen_string_literal: true
-# rubocop:disable Metrics/LineLength
-# rubocop:disable Style/Documentation
 
 module ObjectStorage
   class MigrateUploadsWorker
diff --git a/changelogs/unreleased/41671-fixing-milestone-date-change-when-editing.yml b/changelogs/unreleased/41671-fixing-milestone-date-change-when-editing.yml
new file mode 100644
index 00000000000..c6a0dc4f129
--- /dev/null
+++ b/changelogs/unreleased/41671-fixing-milestone-date-change-when-editing.yml
@@ -0,0 +1,5 @@
+---
+title: "Fixing milestone date change when editing"
+merge_request: 20279
+author: Orlando Del Aguila
+type: fixed
\ No newline at end of file
diff --git a/changelogs/unreleased/42415-omit-projects-from-get-group-endpoint.yml b/changelogs/unreleased/42415-omit-projects-from-get-group-endpoint.yml
new file mode 100644
index 00000000000..cabe5216045
--- /dev/null
+++ b/changelogs/unreleased/42415-omit-projects-from-get-group-endpoint.yml
@@ -0,0 +1,5 @@
+---
+title: Adds with_projects optional parameter to GET /groups/:id API endpoint
+merge_request: 20494
+author:
+type: changed
diff --git a/changelogs/unreleased/48237-toggle-file-comments.yml b/changelogs/unreleased/48237-toggle-file-comments.yml
index 9c9b8e95691..2e893aad0b2 100644
--- a/changelogs/unreleased/48237-toggle-file-comments.yml
+++ b/changelogs/unreleased/48237-toggle-file-comments.yml
@@ -1,5 +1,5 @@
 ---
 title: Fixes toggle discussion button not expanding collapsed discussions
-merge_request:
+merge_request: 20452
 author:
 type: fixed
diff --git a/changelogs/unreleased/48537-update-avatar-only-via-api.yml b/changelogs/unreleased/48537-update-avatar-only-via-api.yml
new file mode 100644
index 00000000000..9b3ab946cc1
--- /dev/null
+++ b/changelogs/unreleased/48537-update-avatar-only-via-api.yml
@@ -0,0 +1,5 @@
+---
+title: Allow updating a project's avatar without other params
+merge_request:
+author: Jamie Schembri
+type: fixed
diff --git a/changelogs/unreleased/48951-clean-up.yml b/changelogs/unreleased/48951-clean-up.yml
new file mode 100644
index 00000000000..0102cd43f96
--- /dev/null
+++ b/changelogs/unreleased/48951-clean-up.yml
@@ -0,0 +1,5 @@
+---
+title: Removes unused vuex code in mr refactor and removes unneeded dependencies
+merge_request: 20499
+author:
+type: other
diff --git a/changelogs/unreleased/48976-rails5-invalid-single-table-inheritance-type-group-is-not-a-subclass-of-gitlab-backgroundmigration-fixcrossprojectlabellinks-namespace.yml b/changelogs/unreleased/48976-fix-sti-background-migration.yml
similarity index 100%
rename from changelogs/unreleased/48976-rails5-invalid-single-table-inheritance-type-group-is-not-a-subclass-of-gitlab-backgroundmigration-fixcrossprojectlabellinks-namespace.yml
rename to changelogs/unreleased/48976-fix-sti-background-migration.yml
diff --git a/changelogs/unreleased/fix-search-bar.yml b/changelogs/unreleased/fix-search-bar.yml
new file mode 100644
index 00000000000..d4c0c1efddf
--- /dev/null
+++ b/changelogs/unreleased/fix-search-bar.yml
@@ -0,0 +1,5 @@
+---
+title: Fix search bar text input alignment
+merge_request:
+author:
+type: fixed
diff --git a/changelogs/unreleased/improve-metadata-access-performance.yml b/changelogs/unreleased/improve-metadata-access-performance.yml
new file mode 100644
index 00000000000..b16fa99dd3b
--- /dev/null
+++ b/changelogs/unreleased/improve-metadata-access-performance.yml
@@ -0,0 +1,5 @@
+---
+title: Access metadata directly from Object Storage
+merge_request:
+author:
+type: performance
diff --git a/changelogs/unreleased/jprovazn-upload-symlink.yml b/changelogs/unreleased/jprovazn-upload-symlink.yml
new file mode 100644
index 00000000000..265791d332f
--- /dev/null
+++ b/changelogs/unreleased/jprovazn-upload-symlink.yml
@@ -0,0 +1,5 @@
+---
+title: Add /uploads subdirectory to allowed upload paths.
+merge_request:
+author:
+type: fixed
diff --git a/changelogs/unreleased/rails5-fix-48977.yml b/changelogs/unreleased/rails5-fix-48977.yml
new file mode 100644
index 00000000000..bfd86f20e24
--- /dev/null
+++ b/changelogs/unreleased/rails5-fix-48977.yml
@@ -0,0 +1,5 @@
+---
+title: Rails5 fix mysql milliseconds problem in specs
+merge_request: 20464
+author: Jasper Maes
+type: fixed
diff --git a/changelogs/unreleased/rails5-mysql-fix-pr-importer-spec.yml b/changelogs/unreleased/rails5-mysql-fix-pr-importer-spec.yml
new file mode 100644
index 00000000000..afd9865ee45
--- /dev/null
+++ b/changelogs/unreleased/rails5-mysql-fix-pr-importer-spec.yml
@@ -0,0 +1,5 @@
+---
+title: Rails5 mysql fix milliseconds problem in pull request importer spec
+merge_request: 20475
+author: Jasper Maes
+type: fixed
diff --git a/changelogs/unreleased/rails5-update-gemfile-lock.yml b/changelogs/unreleased/rails5-update-gemfile-lock.yml
new file mode 100644
index 00000000000..58931587fff
--- /dev/null
+++ b/changelogs/unreleased/rails5-update-gemfile-lock.yml
@@ -0,0 +1,5 @@
+---
+title: Update Gemfile.rails5.lock with latest Gemfile.lock changes
+merge_request: 20466
+author: Jasper Maes
+type: fixed
diff --git a/changelogs/unreleased/upgrade-hamlit-for-ruby25.yml b/changelogs/unreleased/upgrade-hamlit-for-ruby25.yml
new file mode 100644
index 00000000000..39e10121507
--- /dev/null
+++ b/changelogs/unreleased/upgrade-hamlit-for-ruby25.yml
@@ -0,0 +1,5 @@
+---
+title: 'Update hamlit to fix ruby 2.5 incompatibilities, fixes #42045'
+merge_request:
+author: Matthew Dawson
+type: fixed
diff --git a/changelogs/unreleased/winh-stop-all-environments.yml b/changelogs/unreleased/winh-stop-all-environments.yml
new file mode 100644
index 00000000000..6e5f2f506d9
--- /dev/null
+++ b/changelogs/unreleased/winh-stop-all-environments.yml
@@ -0,0 +1,5 @@
+---
+title: Support manually stopping any environment from the UI
+merge_request: 20077
+author:
+type: changed
diff --git a/config/application.rb b/config/application.rb
index 97bc86b3e3a..0304f466734 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -1,4 +1,4 @@
-require File.expand_path('../boot', __FILE__)
+require File.expand_path('boot', __dir__)
 
 require 'rails/all'
 
@@ -211,7 +211,7 @@ module Gitlab
           next unless name.include?('namespace_project')
 
           define_method(name.sub('namespace_project', 'project')) do |project, *args|
-            send(name, project&.namespace, project, *args) # rubocop:disable GitlabSecurity/PublicSend
+            send(name, project&.namespace, project, *args)
           end
         end
       end
diff --git a/config/environment.rb b/config/environment.rb
index 487a4564b47..5d35937f7c6 100644
--- a/config/environment.rb
+++ b/config/environment.rb
@@ -4,7 +4,7 @@
 if %w[1 true].include?(ENV["RAILS5"])
   require_relative 'application'
 else
-  require File.expand_path('../application', __FILE__)
+  require File.expand_path('application', __dir__)
 end
 
 # Initialize the rails application
diff --git a/config/initializers/active_record_locking.rb b/config/initializers/active_record_locking.rb
index 0861544c5a4..21ff323927b 100644
--- a/config/initializers/active_record_locking.rb
+++ b/config/initializers/active_record_locking.rb
@@ -17,7 +17,7 @@ module ActiveRecord
 
         lock_col = self.class.locking_column
 
-        previous_lock_value = send(lock_col).to_i # rubocop:disable GitlabSecurity/PublicSend
+        previous_lock_value = send(lock_col).to_i
 
         # This line is added as a patch
         previous_lock_value = nil if previous_lock_value == '0' || previous_lock_value == 0
@@ -47,7 +47,7 @@ module ActiveRecord
 
         # If something went wrong, revert the version.
         rescue Exception
-          send(lock_col + '=', previous_lock_value)  # rubocop:disable GitlabSecurity/PublicSend
+          send(lock_col + '=', previous_lock_value)
           raise
         end
       end
diff --git a/doc/administration/pages/index.md b/doc/administration/pages/index.md
index 9b1297ca4ba..c0a281382a5 100644
--- a/doc/administration/pages/index.md
+++ b/doc/administration/pages/index.md
@@ -49,8 +49,8 @@ supporting custom domains a secondary IP is not needed.
 
 Before proceeding with the Pages configuration, you will need to:
 
-1. Have a separate domain under which the GitLab Pages will be served. In this
-   document we assume that to be `example.io`.
+1. Have an exclusive root domain for serving GitLab Pages. Note that you cannot
+   use a subdomain of your GitLab's instance domain.
 1. Configure a **wildcard DNS record**.
 1. (Optional) Have a **wildcard certificate** for that domain if you decide to
    serve Pages under HTTPS.
diff --git a/doc/api/groups.md b/doc/api/groups.md
index 53d72509423..11de75039ee 100644
--- a/doc/api/groups.md
+++ b/doc/api/groups.md
@@ -210,6 +210,7 @@ Parameters:
 | --------- | ---- | -------- | ----------- |
 | `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user |
 | `with_custom_attributes` | boolean | no | Include [custom attributes](custom_attributes.md) in response (admins only) |
+| `with_projects` | boolean | no | Include details from projects that belong to the specified group (defaults to `true`). |
 
 ```bash
 curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/4
@@ -361,6 +362,30 @@ Example response:
 }
 ```
 
+When adding the parameter `with_projects=false`, projects will not be returned.
+
+```bash
+curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v4/groups/4?with_projects=false
+```
+
+Example response:
+
+```json
+{
+  "id": 4,
+  "name": "Twitter",
+  "path": "twitter",
+  "description": "Aliquid qui quis dignissimos distinctio ut commodi voluptas est.",
+  "visibility": "public",
+  "avatar_url": null,
+  "web_url": "https://gitlab.example.com/groups/twitter",
+  "request_access_enabled": false,
+  "full_name": "Twitter",
+  "full_path": "twitter",
+  "parent_id": null
+}
+```
+
 ## New group
 
 Creates a new project group. Available only for users who can create groups.
diff --git a/doc/api/projects.md b/doc/api/projects.md
index 1e06f6d01f3..a35c2a56992 100644
--- a/doc/api/projects.md
+++ b/doc/api/projects.md
@@ -34,7 +34,7 @@ There are currently three options for `merge_method` to choose from:
 ## List all projects
 
 Get a list of all visible projects across GitLab for the authenticated user.
-When accessed without authentication, only public projects are returned.
+When accessed without authentication, only public projects with "simple" fields are returned.
 
 ```
 GET /projects
@@ -47,7 +47,7 @@ GET /projects
 | `order_by` | string | no | Return projects ordered by `id`, `name`, `path`, `created_at`, `updated_at`, or `last_activity_at` fields. Default is `created_at` |
 | `sort` | string | no | Return projects sorted in `asc` or `desc` order. Default is `desc` |
 | `search` | string | no | Return list of projects matching the search criteria |
-| `simple` | boolean | no | Return only the ID, URL, name, and path of each project |
+| `simple` | boolean | no | Return only limited fields for each project. This is a no-op without authentication as then _only_ simple fields are returned. |
 | `owned` | boolean | no | Limit by projects owned by the current user |
 | `membership` | boolean | no | Limit by projects that the current user is a member of |
 | `starred` | boolean | no | Limit by projects starred by the current user |
@@ -56,6 +56,41 @@ GET /projects
 | `with_issues_enabled` | boolean | no | Limit by enabled issues feature |
 | `with_merge_requests_enabled` | boolean | no | Limit by enabled merge requests feature |
 
+When `simple=true` or the user is unauthenticated this returns something like:
+
+```json
+[
+  {
+    "id": 4,
+    "description": null,
+    "default_branch": "master",
+    "ssh_url_to_repo": "git@example.com:diaspora/diaspora-client.git",
+    "http_url_to_repo": "http://example.com/diaspora/diaspora-client.git",
+    "web_url": "http://example.com/diaspora/diaspora-client",
+    "readme_url": "http://example.com/diaspora/diaspora-client/blob/master/README.md",
+    "tag_list": [
+      "example",
+      "disapora client"
+    ],
+    "name": "Diaspora Client",
+    "name_with_namespace": "Diaspora / Diaspora Client",
+    "path": "diaspora-client",
+    "path_with_namespace": "diaspora/diaspora-client",
+    "created_at": "2013-09-30T13:46:02Z",
+    "last_activity_at": "2013-09-30T13:46:02Z",
+    "forks_count": 0,
+    "avatar_url": "http://example.com/uploads/project/avatar/4/uploads/avatar.png",
+    "star_count": 0,
+  },
+  {
+    "id": 6,
+    "description": null,
+    "default_branch": "master",
+...
+```
+
+When the user is authenticated and `simple` is not set this returns something like:
+
 ```json
 [
   {
@@ -235,7 +270,7 @@ GET /users/:user_id/projects
 | `order_by` | string | no | Return projects ordered by `id`, `name`, `path`, `created_at`, `updated_at`, or `last_activity_at` fields. Default is `created_at` |
 | `sort` | string | no | Return projects sorted in `asc` or `desc` order. Default is `desc` |
 | `search` | string | no | Return list of projects matching the search criteria |
-| `simple` | boolean | no | Return only the ID, URL, name, and path of each project |
+| `simple` | boolean | no | Return only limited fields for each project. This is a no-op without authentication as then _only_ simple fields are returned. |
 | `owned` | boolean | no | Limit by projects owned by the current user |
 | `membership` | boolean | no | Limit by projects that the current user is a member of |
 | `starred` | boolean | no | Limit by projects starred by the current user |
@@ -723,7 +758,7 @@ GET /projects/:id/forks
 | `order_by` | string | no | Return projects ordered by `id`, `name`, `path`, `created_at`, `updated_at`, or `last_activity_at` fields. Default is `created_at` |
 | `sort` | string | no | Return projects sorted in `asc` or `desc` order. Default is `desc` |
 | `search` | string | no | Return list of projects matching the search criteria |
-| `simple` | boolean | no | Return only the ID, URL, name, and path of each project |
+| `simple` | boolean | no | Return only limited fields for each project. This is a no-op without authentication as then _only_ simple fields are returned. |
 | `owned` | boolean | no | Limit by projects owned by the current user |
 | `membership` | boolean | no | Limit by projects that the current user is a member of |
 | `starred` | boolean | no | Limit by projects starred by the current user |
diff --git a/doc/development/fe_guide/development_process.md b/doc/development/fe_guide/development_process.md
index d240dbe8b02..905668eef58 100644
--- a/doc/development/fe_guide/development_process.md
+++ b/doc/development/fe_guide/development_process.md
@@ -1,6 +1,6 @@
 # Frontend Development Process
 
-You can find more about the organization of the frontend team in the [handbook](https://about.gitlab.com/handbook/frontend/).
+You can find more about the organization of the frontend team in the [handbook](https://about.gitlab.com/handbook/engineering/frontend/).
 
 ## Development Checklist
 
@@ -34,7 +34,7 @@ Please use your best judgement when to use it and please contribute new points t
     - [ ] **Cookie Mode** Think about hiding the feature behind a cookie flag if the implementation is on top of existing features
     - [ ] **New route** Are you refactoring something big then you might consider adding a new route where you implement the new feature and when finished delete the current route and rename the new one. (for example 'merge_request' and 'new_merge_request')
 - [ ] **Setup** Is there any specific setup needed for your implementation (for example a kubernetes cluster)? Then let everyone know if it is not already mentioned where they can find documentation (if it doesn't exist - create it)
-- [ ] **Security** Are there any new security relevant implementations? Then please contact the security team for an app security review. If you are not sure ask our [domain expert](https://about.gitlab.com/handbook/frontend/#frontend-domain-experts)
+- [ ] **Security** Are there any new security relevant implementations? Then please contact the security team for an app security review. If you are not sure ask our [domain expert](https://about.gitlab.com/handbook/engineering/frontend/#frontend-domain-experts)
 
 #### During development
 
@@ -51,7 +51,7 @@ Please use your best judgement when to use it and please contribute new points t
 - [ ] **Performance** Have you checked performance? For example do the same thing with 500 comments instead of 1. Document the tests and possible findings in the MR so a reviewer can directly see it.
 - [ ] Have you tested with a variety of our [supported browsers](../../install/requirements.md#supported-web-browsers)? You can use [browserstack](https://www.browserstack.com/) to be able to access a wide variety of browsers and operating systems.
 - [ ] Did you check the mobile view?
-- [ ] Check the built webpack bundle (For the report run `WEBPACK_REPORT=true gdk run`, then open `webpack-report/index.html`) if we have unnecessary bloat due to wrong references, including libraries multiple times, etc.. If you need help contact the webpack [domain expert](https://about.gitlab.com/handbook/frontend/#frontend-domain-experts)
+- [ ] Check the built webpack bundle (For the report run `WEBPACK_REPORT=true gdk run`, then open `webpack-report/index.html`) if we have unnecessary bloat due to wrong references, including libraries multiple times, etc.. If you need help contact the webpack [domain expert](https://about.gitlab.com/handbook/engineering/frontend/#frontend-domain-experts)
 - [ ] **Tests** Not only greenfield tests - Test also all bad cases that come to your mind.
 - [ ] If you have multiple MR's then also smoke test against the final merge.
 - [ ] Are there any big changes on how and especially how frequently we use the API then let production know about it
diff --git a/doc/development/fe_guide/vue.md b/doc/development/fe_guide/vue.md
index e31ee087358..219b98ac696 100644
--- a/doc/development/fe_guide/vue.md
+++ b/doc/development/fe_guide/vue.md
@@ -425,7 +425,7 @@ There is a helper in `spec/javascripts/helpers/vue_mount_component_helper.js` th
 
 ```javascript
 import Vue from 'vue';
-import mountComponent from 'helpers/vue_mount_component_helper.js'
+import mountComponent from 'spec/helpers/vue_mount_component_helper'
 import component from 'component.vue'
 
 const Component = Vue.extend(component);
diff --git a/doc/development/i18n/proofreader.md b/doc/development/i18n/proofreader.md
index 9d0d7348df9..ca8ebcdc984 100644
--- a/doc/development/i18n/proofreader.md
+++ b/doc/development/i18n/proofreader.md
@@ -11,6 +11,7 @@ are very appreciative of the work done by translators and proofreaders!
 - Chinese Traditional
   - Huang Tao - [GitLab](https://gitlab.com/htve), [Crowdin](https://crowdin.com/profile/htve)
   - Weizhe Ding - [GitLab](https://gitlab.com/d.weizhe), [Crowdin](https://crowdin.com/profile/d.weizhe)
+  - Yi-Jyun Pan - [GitLab](https://gitlab.com/pan93412), [Crowdin](https://crowdin.com/profile/pan93412)
 - Chinese Traditional, Hong Kong
   - Huang Tao - [GitLab](https://gitlab.com/htve), [Crowdin](https://crowdin.com/profile/htve)
 - Dutch
diff --git a/doc/development/testing_guide/frontend_testing.md b/doc/development/testing_guide/frontend_testing.md
index 3b2b9c8c947..f8993653aec 100644
--- a/doc/development/testing_guide/frontend_testing.md
+++ b/doc/development/testing_guide/frontend_testing.md
@@ -172,6 +172,10 @@ object which can be treated like any other jasmine spy object.
 Further documentation on the babel rewire pluign API can be found on
 [its repository Readme doc](https://github.com/speedskater/babel-plugin-rewire#babel-plugin-rewire).
 
+#### Waiting in tests
+
+If you cannot avoid using [`setTimeout`](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/setTimeout) in tests, please use the [Jasmine mock clock](https://jasmine.github.io/api/2.9/Clock.html).
+
 ### Vue.js unit tests
 
 See this [section][vue-test].
diff --git a/doc/install/installation.md b/doc/install/installation.md
index 259d8f73a22..4b68090f8d3 100644
--- a/doc/install/installation.md
+++ b/doc/install/installation.md
@@ -447,6 +447,15 @@ You can specify a different Git repository by providing it as an extra parameter
 
     sudo -u git -H bundle exec rake "gitlab:workhorse:install[/home/git/gitlab-workhorse,https://example.com/gitlab-workhorse.git]" RAILS_ENV=production
 
+### Install gitlab-pages
+
+GitLab-Pages uses [GNU Make](https://www.gnu.org/software/make/). This step is optional and only needed if you wish to host static sites from within GitLab. The following commands will install GitLab-Pages in `/home/git/gitlab-pages`. For additional setup steps, please consult the [administration guide](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/administration/pages/source.md) for your version of GitLab as the GitLab Pages daemon can be ran several different ways.
+
+    cd /home/git
+    sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-pages.git
+    cd gitlab-pages
+    sudo -u git -H git checkout v$(</home/git/gitlab/GITLAB_PAGES_VERSION)
+    sudo -u git -H make
 
 ### Initialize Database and Activate Advanced Features
 
diff --git a/doc/integration/bitbucket.md b/doc/integration/bitbucket.md
index 9094d1f2419..2afcb052536 100644
--- a/doc/integration/bitbucket.md
+++ b/doc/integration/bitbucket.md
@@ -22,8 +22,8 @@ Bitbucket.org.
 
 > **Note:**
 GitLab 8.15 significantly simplified the way to integrate Bitbucket.org with
-GitLab. You are encouraged to upgrade your GitLab instance if you haven't done
-already. If you're using GitLab 8.14 and below, [use the previous integration
+GitLab. You are encouraged to upgrade your GitLab instance if you haven't done so
+already. If you're using GitLab 8.14 or below, [use the previous integration
 docs][bb-old].
 
 To enable the Bitbucket OmniAuth provider you must register your application
@@ -64,7 +64,7 @@ you to use.
 
 1.  Select **Save**.
 1.  Select your newly created OAuth consumer and you should now see a Key and
-    Secret in the list of OAuth customers. Keep this page open as you continue
+    Secret in the list of OAuth consumers. Keep this page open as you continue
     the configuration.
 
       ![Bitbucket OAuth key](img/bitbucket_oauth_keys.png)
@@ -114,8 +114,8 @@ you to use.
     from the Bitbucket application page.
 
 1.  Save the configuration file.
-1.  [Reconfigure][] or [restart GitLab][] for the changes to take effect if you
-    installed GitLab via Omnibus or from source respectively.
+1.  For the changes to take effect, [reconfigure GitLab][] if you installed via
+    Omnibus, or [restart][] if installed from source.
 
 On the sign in page there should now be a Bitbucket icon below the regular sign
 in form. Click the icon to begin the authentication process. Bitbucket will ask
@@ -127,12 +127,12 @@ well, the user will be returned to GitLab and will be signed in.
 Once the above configuration is set up, you can use Bitbucket to sign into
 GitLab and [start importing your projects][bb-import].
 
-If you don't want to enable signing in with Bitbucket but just want to import
-projects from Bitbucket, you could [disable it in the admin panel](omniauth.md#enable-or-disable-sign-in-with-an-omniauth-provider-without-disabling-import-sources).
+If you want to import projects from Bitbucket, but don't want to enable signing in,
+you can [disable Sign-Ins in the admin panel](omniauth.md#enable-or-disable-sign-in-with-an-omniauth-provider-without-disabling-import-sources).
 
 [init-oauth]: omniauth.md#initial-omniauth-configuration
 [bb-import]: ../workflow/importing/import_projects_from_bitbucket.md
 [bb-old]: https://gitlab.com/gitlab-org/gitlab-ce/blob/8-14-stable/doc/integration/bitbucket.md
 [bitbucket-docs]: https://confluence.atlassian.com/bitbucket/use-the-ssh-protocol-with-bitbucket-cloud-221449711.html#UsetheSSHprotocolwithBitbucketCloud-KnownhostorBitbucket%27spublickeyfingerprints
-[reconfigure]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
-[restart GitLab]: ../administration/restart_gitlab.md#installations-from-source
+[reconfigure GitLab]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
+[restart]: ../administration/restart_gitlab.md#installations-from-source
diff --git a/doc/ssh/README.md b/doc/ssh/README.md
index bab196e7609..63f0a654fcf 100644
--- a/doc/ssh/README.md
+++ b/doc/ssh/README.md
@@ -77,6 +77,8 @@ Note that Public SSH key may also be named as follows:
      If you want to change the password of your SSH key pair, you can use
      `ssh-keygen -p <keyname>`.
 
+## Adding a SSH key to your GitLab account
+
 1. The next step is to copy the public SSH key as we will need it afterwards.
 
     To copy your public SSH key to the clipboard, use the appropriate code below:
diff --git a/doc/update/11.0-to-11.1.md b/doc/update/11.0-to-11.1.md
index 306bd417ebf..3f10a7edb8a 100644
--- a/doc/update/11.0-to-11.1.md
+++ b/doc/update/11.0-to-11.1.md
@@ -187,7 +187,24 @@ sudo -u git -H git checkout v$(</home/git/gitlab/GITALY_SERVER_VERSION)
 sudo -u git -H make
 ```
 
-### 10. Update MySQL permissions
+### 10. Update gitlab-pages
+
+#### Only needed if you use GitLab Pages.
+
+Install and compile gitlab-pages. GitLab-Pages uses
+[GNU Make](https://www.gnu.org/software/make/).
+If you are not using Linux you may have to run `gmake` instead of
+`make` below.
+
+```bash
+cd /home/git/gitlab-pages
+
+sudo -u git -H git fetch --all --tags --prune
+sudo -u git -H git checkout v$(</home/git/gitlab/GITLAB_PAGES_VERSION)
+sudo -u git -H make
+```
+
+### 11. Update MySQL permissions
 
 If you are using MySQL you need to grant the GitLab user the necessary
 permissions on the database:
@@ -209,7 +226,7 @@ You can make this setting permanent by adding it to your `my.cnf`:
 log_bin_trust_function_creators=1
 ```
 
-### 11. Update configuration files
+### 12. Update configuration files
 
 #### New configuration options for `gitlab.yml`
 
@@ -283,7 +300,7 @@ For Ubuntu 16.04.1 LTS:
 sudo systemctl daemon-reload
 ```
 
-### 12. Install libs, migrations, etc.
+### 13. Install libs, migrations, etc.
 
 ```bash
 cd /home/git/gitlab
@@ -313,14 +330,14 @@ sudo -u git -H bundle exec rake cache:clear RAILS_ENV=production
 
 **MySQL installations**: Run through the `MySQL strings limits` and `Tables and data conversion to utf8mb4` [tasks](../install/database_mysql.md).
 
-### 13. Start application
+### 14. Start application
 
 ```bash
 sudo service gitlab start
 sudo service nginx restart
 ```
 
-### 14. Check application status
+### 15. Check application status
 
 Check if GitLab and its environment are configured correctly:
 
diff --git a/doc/user/markdown.md b/doc/user/markdown.md
index 8e87c896a72..bd199b55a61 100644
--- a/doc/user/markdown.md
+++ b/doc/user/markdown.md
@@ -9,7 +9,7 @@
 > For the best result, we encourage you to check this document out as rendered
 by GitLab: [markdown.md]
 
-_GitLab uses (as of 11.1) the [CommonMark Ruby Library][commonmarker] for Markdown processing of all new issues, merge requests, comments, and other Markdown content in the GitLab system.  Previous content and Markdown files `.md` in the repositories are still processed using the [Redcarpet Ruby library][redcarpet]._
+_GitLab uses (as of 11.1) the [CommonMark Ruby Library][commonmarker] for Markdown processing of all new issues, merge requests, comments, and other Markdown content in the GitLab system.  Previous content, wiki pages and Markdown files (`.md`) in the repositories are still processed using the [Redcarpet Ruby library][redcarpet]._
 
 _Where there are significant differences, we will try to call them out in this document._
 
@@ -22,7 +22,7 @@ You can use GFM in the following areas:
 - merge requests
 - milestones
 - snippets (the snippet must be named with a `.md` extension)
-- wiki pages
+- wiki pages (currently only rendered by Redcarpet)
 - markdown documents inside the repository (currently only rendered by Redcarpet)
 
 You can also use other rich text files in GitLab. You might have to install a
diff --git a/lib/api/deploy_keys.rb b/lib/api/deploy_keys.rb
index b7aadc27e71..6769855b899 100644
--- a/lib/api/deploy_keys.rb
+++ b/lib/api/deploy_keys.rb
@@ -112,9 +112,9 @@ module API
         can_push = params[:can_push].nil? ? deploy_keys_project.can_push : params[:can_push]
         title = params[:title] || deploy_keys_project.deploy_key.title
 
-        result = deploy_keys_project.update_attributes(can_push: can_push,
-                                                       deploy_key_attributes: { id: params[:key_id],
-                                                                                title: title })
+        result = deploy_keys_project.update(can_push: can_push,
+                                            deploy_key_attributes: { id: params[:key_id],
+                                                                     title: title })
 
         if result
           present deploy_keys_project, with: Entities::DeployKeysProject
diff --git a/lib/api/environments.rb b/lib/api/environments.rb
index 5c63ec028d9..fa828f43001 100644
--- a/lib/api/environments.rb
+++ b/lib/api/environments.rb
@@ -89,9 +89,10 @@ module API
         requires :environment_id, type: Integer,  desc: 'The environment ID'
       end
       post ':id/environments/:environment_id/stop' do
-        authorize! :create_deployment, user_project
+        authorize! :read_environment, user_project
 
         environment = user_project.environments.find(params[:environment_id])
+        authorize! :stop_environment, environment
 
         environment.stop_with_action!(current_user)
 
diff --git a/lib/api/groups.rb b/lib/api/groups.rb
index f633dd88d06..797b04df059 100644
--- a/lib/api/groups.rb
+++ b/lib/api/groups.rb
@@ -150,12 +150,13 @@ module API
       end
       params do
         use :with_custom_attributes
+        optional :with_projects, type: Boolean, default: true, desc: 'Omit project details'
       end
       get ":id" do
         group = find_group!(params[:id])
 
         options = {
-          with: Entities::GroupDetail,
+          with: params[:with_projects] ? Entities::GroupDetail : Entities::Group,
           current_user: current_user
         }
 
diff --git a/lib/api/project_hooks.rb b/lib/api/project_hooks.rb
index 68921ae439b..4760a1c08d7 100644
--- a/lib/api/project_hooks.rb
+++ b/lib/api/project_hooks.rb
@@ -80,7 +80,7 @@ module API
 
         update_params = declared_params(include_missing: false)
 
-        if hook.update_attributes(update_params)
+        if hook.update(update_params)
           present hook, with: Entities::ProjectHook
         else
           error!("Invalid url given", 422) if hook.errors[:url].present?
diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index b83da00502d..8273abe48c9 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -260,7 +260,8 @@ module API
             :snippets_enabled,
             :tag_list,
             :visibility,
-            :wiki_enabled
+            :wiki_enabled,
+            :avatar
           ]
         optional :name, type: String, desc: 'The name of the project'
         optional :default_branch, type: String, desc: 'The default branch of the project'
diff --git a/lib/api/services.rb b/lib/api/services.rb
index 794fdab8f2b..553e8dff4b9 100644
--- a/lib/api/services.rb
+++ b/lib/api/services.rb
@@ -787,7 +787,7 @@ module API
           service = user_project.find_or_initialize_service(service_slug.underscore)
           service_params = declared_params(include_missing: false).merge(active: true)
 
-          if service.update_attributes(service_params)
+          if service.update(service_params)
             present service, with: Entities::ProjectService
           else
             render_api_error!('400 Bad Request', 400)
@@ -807,7 +807,7 @@ module API
             hash.merge!(key => nil)
           end
 
-          unless service.update_attributes(attrs.merge(active: false))
+          unless service.update(attrs.merge(active: false))
             render_api_error!('400 Bad Request', 400)
           end
         end
diff --git a/lib/api/users.rb b/lib/api/users.rb
index e8df2c5a74a..5aaaf104dff 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -186,7 +186,7 @@ module API
           identity = user.identities.find_by(provider: identity_attrs[:provider])
 
           if identity
-            identity.update_attributes(identity_attrs)
+            identity.update(identity_attrs)
           else
             identity = user.identities.build(identity_attrs)
             identity.save
diff --git a/lib/banzai/filter/markdown_engines/common_mark.rb b/lib/banzai/filter/markdown_engines/common_mark.rb
index bc9597df894..dbb25280849 100644
--- a/lib/banzai/filter/markdown_engines/common_mark.rb
+++ b/lib/banzai/filter/markdown_engines/common_mark.rb
@@ -18,7 +18,7 @@ module Banzai
         PARSE_OPTIONS = [
           :FOOTNOTES,                  # parse footnotes.
           :STRIKETHROUGH_DOUBLE_TILDE, # parse strikethroughs by double tildes (as redcarpet does).
-          :VALIDATE_UTF8	             # replace illegal sequences with the replacement character U+FFFD.
+          :VALIDATE_UTF8               # replace illegal sequences with the replacement character U+FFFD.
         ].freeze
 
         # The `:GITHUB_PRE_LANG` option is not used intentionally because
diff --git a/lib/declarative_policy/base.rb b/lib/declarative_policy/base.rb
index 47542194497..da3fabba39b 100644
--- a/lib/declarative_policy/base.rb
+++ b/lib/declarative_policy/base.rb
@@ -119,8 +119,8 @@ module DeclarativePolicy
       # a PolicyDsl which is used for registering the rule with
       # this class. PolicyDsl will call back into Base.enable_when,
       # Base.prevent_when, and Base.prevent_all_when.
-      def rule(&b)
-        rule = RuleDsl.new(self).instance_eval(&b)
+      def rule(&block)
+        rule = RuleDsl.new(self).instance_eval(&block)
         PolicyDsl.new(self, rule)
       end
 
@@ -222,8 +222,8 @@ module DeclarativePolicy
 
     # computes the given ability and prints a helpful debugging output
     # showing which
-    def debug(ability, *a)
-      runner(ability).debug(*a)
+    def debug(ability, *args)
+      runner(ability).debug(*args)
     end
 
     desc "Unknown user"
@@ -274,7 +274,7 @@ module DeclarativePolicy
     #
     # NOTE we can't use ||= here because the value might be the
     # boolean `false`
-    def cache(key, &b)
+    def cache(key)
       return @cache[key] if cached?(key)
 
       @cache[key] = yield
diff --git a/lib/declarative_policy/delegate_dsl.rb b/lib/declarative_policy/delegate_dsl.rb
index f544dffe888..ca2eb98e3e8 100644
--- a/lib/declarative_policy/delegate_dsl.rb
+++ b/lib/declarative_policy/delegate_dsl.rb
@@ -7,10 +7,10 @@ module DeclarativePolicy
       @delegate_name = delegate_name
     end
 
-    def method_missing(m, *a, &b)
-      return super unless a.empty? && !block_given?
+    def method_missing(msg, *args)
+      return super unless args.empty? && !block_given?
 
-      @rule_dsl.delegate(@delegate_name, m)
+      @rule_dsl.delegate(@delegate_name, msg)
     end
   end
 end
diff --git a/lib/declarative_policy/policy_dsl.rb b/lib/declarative_policy/policy_dsl.rb
index f11b6e9f730..c96049768a1 100644
--- a/lib/declarative_policy/policy_dsl.rb
+++ b/lib/declarative_policy/policy_dsl.rb
@@ -15,8 +15,8 @@ module DeclarativePolicy
       @rule = rule
     end
 
-    def policy(&b)
-      instance_eval(&b)
+    def policy(&block)
+      instance_eval(&block)
     end
 
     def enable(*abilities)
@@ -31,14 +31,14 @@ module DeclarativePolicy
       @context_class.prevent_all_when(@rule)
     end
 
-    def method_missing(m, *a, &b)
-      return super unless @context_class.respond_to?(m)
+    def method_missing(msg, *args, &block)
+      return super unless @context_class.respond_to?(msg)
 
-      @context_class.__send__(m, *a, &b) # rubocop:disable GitlabSecurity/PublicSend
+      @context_class.__send__(msg, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
     end
 
-    def respond_to_missing?(m)
-      @context_class.respond_to?(m) || super
+    def respond_to_missing?(msg)
+      @context_class.respond_to?(msg) || super
     end
   end
 end
diff --git a/lib/declarative_policy/preferred_scope.rb b/lib/declarative_policy/preferred_scope.rb
index 5c214408dd0..c77784cb49d 100644
--- a/lib/declarative_policy/preferred_scope.rb
+++ b/lib/declarative_policy/preferred_scope.rb
@@ -2,7 +2,7 @@ module DeclarativePolicy # rubocop:disable Naming/FileName
   PREFERRED_SCOPE_KEY = :"DeclarativePolicy.preferred_scope"
 
   class << self
-    def with_preferred_scope(scope, &b)
+    def with_preferred_scope(scope)
       Thread.current[PREFERRED_SCOPE_KEY], old_scope = scope, Thread.current[PREFERRED_SCOPE_KEY]
       yield
     ensure
@@ -13,12 +13,12 @@ module DeclarativePolicy # rubocop:disable Naming/FileName
       Thread.current[PREFERRED_SCOPE_KEY]
     end
 
-    def user_scope(&b)
-      with_preferred_scope(:user, &b)
+    def user_scope(&block)
+      with_preferred_scope(:user, &block)
     end
 
-    def subject_scope(&b)
-      with_preferred_scope(:subject, &b)
+    def subject_scope(&block)
+      with_preferred_scope(:subject, &block)
     end
 
     def preferred_scope=(scope)
diff --git a/lib/declarative_policy/rule.rb b/lib/declarative_policy/rule.rb
index e309244a3b3..407398cc770 100644
--- a/lib/declarative_policy/rule.rb
+++ b/lib/declarative_policy/rule.rb
@@ -8,8 +8,8 @@ module DeclarativePolicy
     # how that affects the actual ability decision - for that, a
     # `Step` is used.
     class Base
-      def self.make(*a)
-        new(*a).simplify
+      def self.make(*args)
+        new(*args).simplify
       end
 
       # true or false whether this rule passes.
diff --git a/lib/declarative_policy/rule_dsl.rb b/lib/declarative_policy/rule_dsl.rb
index e948b7f2de1..7254b08eda5 100644
--- a/lib/declarative_policy/rule_dsl.rb
+++ b/lib/declarative_policy/rule_dsl.rb
@@ -32,13 +32,13 @@ module DeclarativePolicy
       Rule::DelegatedCondition.new(delegate_name, condition)
     end
 
-    def method_missing(m, *a, &b)
-      return super unless a.empty? && !block_given?
+    def method_missing(msg, *args)
+      return super unless args.empty? && !block_given?
 
-      if @context_class.delegations.key?(m)
-        DelegateDsl.new(self, m)
+      if @context_class.delegations.key?(msg)
+        DelegateDsl.new(self, msg)
       else
-        cond(m.to_sym)
+        cond(msg.to_sym)
       end
     end
   end
diff --git a/lib/declarative_policy/runner.rb b/lib/declarative_policy/runner.rb
index 87f14b3b0d2..fec672f4b8c 100644
--- a/lib/declarative_policy/runner.rb
+++ b/lib/declarative_policy/runner.rb
@@ -127,7 +127,7 @@ module DeclarativePolicy
     #
     # For each step, we yield the step object along with the computed score
     # for debugging purposes.
-    def steps_by_score(&b)
+    def steps_by_score
       flatten_steps!
 
       if @steps.size > 50
diff --git a/lib/gitlab/auth/o_auth/user.rb b/lib/gitlab/auth/o_auth/user.rb
index e7283b2f9e8..589e8062226 100644
--- a/lib/gitlab/auth/o_auth/user.rb
+++ b/lib/gitlab/auth/o_auth/user.rb
@@ -48,7 +48,7 @@ module Gitlab
           gl_user
         rescue ActiveRecord::RecordInvalid => e
           log.info "(#{provider}) Error saving user #{auth_hash.uid} (#{auth_hash.email}): #{gl_user.errors.full_messages}"
-          return self, e.record.errors
+          [self, e.record.errors]
         end
 
         def gl_user
diff --git a/lib/gitlab/background_migration/add_merge_request_diff_commits_count.rb b/lib/gitlab/background_migration/add_merge_request_diff_commits_count.rb
index d5cf9e0d53a..cb2bdea755c 100644
--- a/lib/gitlab/background_migration/add_merge_request_diff_commits_count.rb
+++ b/lib/gitlab/background_migration/add_merge_request_diff_commits_count.rb
@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 # rubocop:disable Style/Documentation
-# rubocop:disable Metrics/LineLength
 
 module Gitlab
   module BackgroundMigration
diff --git a/lib/gitlab/background_migration/archive_legacy_traces.rb b/lib/gitlab/background_migration/archive_legacy_traces.rb
index 5a4e5b2c471..92096e29ef1 100644
--- a/lib/gitlab/background_migration/archive_legacy_traces.rb
+++ b/lib/gitlab/background_migration/archive_legacy_traces.rb
@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-# rubocop:disable Metrics/AbcSize
 # rubocop:disable Style/Documentation
 
 module Gitlab
diff --git a/lib/gitlab/background_migration/create_fork_network_memberships_range.rb b/lib/gitlab/background_migration/create_fork_network_memberships_range.rb
index 1b4a9e8a194..ccd1f9b4dba 100644
--- a/lib/gitlab/background_migration/create_fork_network_memberships_range.rb
+++ b/lib/gitlab/background_migration/create_fork_network_memberships_range.rb
@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-# rubocop:disable Metrics/LineLength
 # rubocop:disable Style/Documentation
 
 module Gitlab
diff --git a/lib/gitlab/background_migration/create_gpg_key_subkeys_from_gpg_keys.rb b/lib/gitlab/background_migration/create_gpg_key_subkeys_from_gpg_keys.rb
index c2bf42f846d..da8265a3a5f 100644
--- a/lib/gitlab/background_migration/create_gpg_key_subkeys_from_gpg_keys.rb
+++ b/lib/gitlab/background_migration/create_gpg_key_subkeys_from_gpg_keys.rb
@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-# rubocop:disable Metrics/LineLength
 # rubocop:disable Style/Documentation
 
 class Gitlab::BackgroundMigration::CreateGpgKeySubkeysFromGpgKeys
diff --git a/lib/gitlab/background_migration/delete_diff_files.rb b/lib/gitlab/background_migration/delete_diff_files.rb
index 0b785e1b056..8fb2c334048 100644
--- a/lib/gitlab/background_migration/delete_diff_files.rb
+++ b/lib/gitlab/background_migration/delete_diff_files.rb
@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-# rubocop:disable Metrics/AbcSize
 # rubocop:disable Style/Documentation
 
 module Gitlab
diff --git a/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits.rb b/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits.rb
index a357538a885..58df74cfa9b 100644
--- a/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits.rb
+++ b/lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits.rb
@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 # rubocop:disable Metrics/MethodLength
-# rubocop:disable Metrics/LineLength
 # rubocop:disable Metrics/AbcSize
 # rubocop:disable Style/Documentation
 
diff --git a/lib/gitlab/background_migration/fill_file_store_job_artifact.rb b/lib/gitlab/background_migration/fill_file_store_job_artifact.rb
index 22b0ac71920..103bd98af14 100644
--- a/lib/gitlab/background_migration/fill_file_store_job_artifact.rb
+++ b/lib/gitlab/background_migration/fill_file_store_job_artifact.rb
@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-# rubocop:disable Metrics/AbcSize
 # rubocop:disable Style/Documentation
 
 module Gitlab
diff --git a/lib/gitlab/background_migration/fill_file_store_lfs_object.rb b/lib/gitlab/background_migration/fill_file_store_lfs_object.rb
index d0816ae3ed5..77c1f1ffaf0 100644
--- a/lib/gitlab/background_migration/fill_file_store_lfs_object.rb
+++ b/lib/gitlab/background_migration/fill_file_store_lfs_object.rb
@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-# rubocop:disable Metrics/AbcSize
 # rubocop:disable Style/Documentation
 
 module Gitlab
diff --git a/lib/gitlab/background_migration/fill_store_upload.rb b/lib/gitlab/background_migration/fill_store_upload.rb
index 94c65459a67..cba3e21cea6 100644
--- a/lib/gitlab/background_migration/fill_store_upload.rb
+++ b/lib/gitlab/background_migration/fill_store_upload.rb
@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-# rubocop:disable Metrics/AbcSize
 # rubocop:disable Style/Documentation
 
 module Gitlab
diff --git a/lib/gitlab/background_migration/migrate_build_stage.rb b/lib/gitlab/background_migration/migrate_build_stage.rb
index 242e3143e71..268c6083d3c 100644
--- a/lib/gitlab/background_migration/migrate_build_stage.rb
+++ b/lib/gitlab/background_migration/migrate_build_stage.rb
@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-# rubocop:disable Metrics/AbcSize
 # rubocop:disable Style/Documentation
 
 module Gitlab
diff --git a/lib/gitlab/background_migration/migrate_events_to_push_event_payloads.rb b/lib/gitlab/background_migration/migrate_events_to_push_event_payloads.rb
index 7088aa0860a..38fecac1bfe 100644
--- a/lib/gitlab/background_migration/migrate_events_to_push_event_payloads.rb
+++ b/lib/gitlab/background_migration/migrate_events_to_push_event_payloads.rb
@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-# rubocop:disable Metrics/LineLength
 # rubocop:disable Style/Documentation
 
 module Gitlab
diff --git a/lib/gitlab/background_migration/migrate_system_uploads_to_new_folder.rb b/lib/gitlab/background_migration/migrate_system_uploads_to_new_folder.rb
index 7f243073fd0..ef50fe4adb1 100644
--- a/lib/gitlab/background_migration/migrate_system_uploads_to_new_folder.rb
+++ b/lib/gitlab/background_migration/migrate_system_uploads_to_new_folder.rb
@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-# rubocop:disable Metrics/LineLength
 # rubocop:disable Style/Documentation
 
 module Gitlab
diff --git a/lib/gitlab/background_migration/move_personal_snippet_files.rb b/lib/gitlab/background_migration/move_personal_snippet_files.rb
index a4ef51fd0e8..5b2b2af718a 100644
--- a/lib/gitlab/background_migration/move_personal_snippet_files.rb
+++ b/lib/gitlab/background_migration/move_personal_snippet_files.rb
@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-# rubocop:disable Metrics/LineLength
 # rubocop:disable Style/Documentation
 
 module Gitlab
diff --git a/lib/gitlab/background_migration/normalize_ldap_extern_uids_range.rb b/lib/gitlab/background_migration/normalize_ldap_extern_uids_range.rb
index d9d3d2e667b..698f5e46c0c 100644
--- a/lib/gitlab/background_migration/normalize_ldap_extern_uids_range.rb
+++ b/lib/gitlab/background_migration/normalize_ldap_extern_uids_range.rb
@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 # rubocop:disable Metrics/MethodLength
-# rubocop:disable Metrics/LineLength
 # rubocop:disable Metrics/ClassLength
 # rubocop:disable Metrics/BlockLength
 # rubocop:disable Style/Documentation
diff --git a/lib/gitlab/background_migration/populate_fork_networks_range.rb b/lib/gitlab/background_migration/populate_fork_networks_range.rb
index a976cb4c243..aa4f130538c 100644
--- a/lib/gitlab/background_migration/populate_fork_networks_range.rb
+++ b/lib/gitlab/background_migration/populate_fork_networks_range.rb
@@ -19,7 +19,7 @@ module Gitlab
         create_fork_networks_for_missing_projects(start_id, end_id)
         create_fork_networks_memberships_for_root_projects(start_id, end_id)
 
-        delay = BackgroundMigration::CreateForkNetworkMembershipsRange::RESCHEDULE_DELAY # rubocop:disable Metrics/LineLength
+        delay = BackgroundMigration::CreateForkNetworkMembershipsRange::RESCHEDULE_DELAY
         BackgroundMigrationWorker.perform_in(
           delay, "CreateForkNetworkMembershipsRange", [start_id, end_id]
         )
diff --git a/lib/gitlab/background_migration/populate_merge_request_metrics_with_events_data.rb b/lib/gitlab/background_migration/populate_merge_request_metrics_with_events_data.rb
index 8a901a9bf39..d89ce358bb9 100644
--- a/lib/gitlab/background_migration/populate_merge_request_metrics_with_events_data.rb
+++ b/lib/gitlab/background_migration/populate_merge_request_metrics_with_events_data.rb
@@ -1,7 +1,4 @@
 # frozen_string_literal: true
-# rubocop:disable Metrics/LineLength
-# rubocop:disable Metrics/MethodLength
-# rubocop:disable Metrics/ClassLength
 # rubocop:disable Style/Documentation
 
 module Gitlab
diff --git a/lib/gitlab/background_migration/populate_untracked_uploads.rb b/lib/gitlab/background_migration/populate_untracked_uploads.rb
index 9232f20a063..a19dc9747fb 100644
--- a/lib/gitlab/background_migration/populate_untracked_uploads.rb
+++ b/lib/gitlab/background_migration/populate_untracked_uploads.rb
@@ -4,7 +4,7 @@ module Gitlab
   module BackgroundMigration
     # This class processes a batch of rows in `untracked_files_for_uploads` by
     # adding each file to the `uploads` table if it does not exist.
-    class PopulateUntrackedUploads # rubocop:disable Metrics/ClassLength
+    class PopulateUntrackedUploads
       def perform(start_id, end_id)
         return unless migrate?
 
diff --git a/lib/gitlab/background_migration/populate_untracked_uploads_dependencies.rb b/lib/gitlab/background_migration/populate_untracked_uploads_dependencies.rb
index a2c5acbde71..4a9a62aaeb5 100644
--- a/lib/gitlab/background_migration/populate_untracked_uploads_dependencies.rb
+++ b/lib/gitlab/background_migration/populate_untracked_uploads_dependencies.rb
@@ -4,7 +4,7 @@ module Gitlab
     module PopulateUntrackedUploadsDependencies
       # This class is responsible for producing the attributes necessary to
       # track an uploaded file in the `uploads` table.
-      class UntrackedFile < ActiveRecord::Base # rubocop:disable Metrics/ClassLength, Metrics/LineLength
+      class UntrackedFile < ActiveRecord::Base # rubocop:disable Metrics/ClassLength
         self.table_name = 'untracked_files_for_uploads'
 
         # Ends with /:random_hex/:filename
@@ -134,7 +134,7 @@ module Gitlab
 
         # Not including a leading slash
         def path_relative_to_upload_dir
-          upload_dir = Gitlab::BackgroundMigration::PrepareUntrackedUploads::RELATIVE_UPLOAD_DIR # rubocop:disable Metrics/LineLength
+          upload_dir = Gitlab::BackgroundMigration::PrepareUntrackedUploads::RELATIVE_UPLOAD_DIR
           base = %r{\A#{Regexp.escape(upload_dir)}/}
           @path_relative_to_upload_dir ||= path.sub(base, '')
         end
diff --git a/lib/gitlab/background_migration/prepare_untracked_uploads.rb b/lib/gitlab/background_migration/prepare_untracked_uploads.rb
index 522c69a0bb1..81ca2b0a9b7 100644
--- a/lib/gitlab/background_migration/prepare_untracked_uploads.rb
+++ b/lib/gitlab/background_migration/prepare_untracked_uploads.rb
@@ -144,7 +144,7 @@ module Gitlab
 
       def table_columns_and_values_for_insert(file_paths)
         values = file_paths.map do |file_path|
-          ActiveRecord::Base.send(:sanitize_sql_array, ['(?)', file_path]) # rubocop:disable GitlabSecurity/PublicSend, Metrics/LineLength
+          ActiveRecord::Base.send(:sanitize_sql_array, ['(?)', file_path]) # rubocop:disable GitlabSecurity/PublicSend
         end.join(', ')
 
         "#{UntrackedFile.table_name} (path) VALUES #{values}"
diff --git a/lib/gitlab/ci/ansi2html.rb b/lib/gitlab/ci/ansi2html.rb
index 35eadf6fa93..e780f8c646b 100644
--- a/lib/gitlab/ci/ansi2html.rb
+++ b/lib/gitlab/ci/ansi2html.rb
@@ -29,105 +29,105 @@ module Gitlab
       end
 
       class Converter
-        def on_0(s) reset()                            end
+        def on_0(_) reset()                            end
 
-        def on_1(s) enable(STYLE_SWITCHES[:bold])      end
+        def on_1(_) enable(STYLE_SWITCHES[:bold])      end
 
-        def on_3(s) enable(STYLE_SWITCHES[:italic])    end
+        def on_3(_) enable(STYLE_SWITCHES[:italic])    end
 
-        def on_4(s) enable(STYLE_SWITCHES[:underline]) end
+        def on_4(_) enable(STYLE_SWITCHES[:underline]) end
 
-        def on_8(s) enable(STYLE_SWITCHES[:conceal])   end
+        def on_8(_) enable(STYLE_SWITCHES[:conceal])   end
 
-        def on_9(s) enable(STYLE_SWITCHES[:cross])     end
+        def on_9(_) enable(STYLE_SWITCHES[:cross])     end
 
-        def on_21(s) disable(STYLE_SWITCHES[:bold])      end
+        def on_21(_) disable(STYLE_SWITCHES[:bold])      end
 
-        def on_22(s) disable(STYLE_SWITCHES[:bold])      end
+        def on_22(_) disable(STYLE_SWITCHES[:bold])      end
 
-        def on_23(s) disable(STYLE_SWITCHES[:italic])    end
+        def on_23(_) disable(STYLE_SWITCHES[:italic])    end
 
-        def on_24(s) disable(STYLE_SWITCHES[:underline]) end
+        def on_24(_) disable(STYLE_SWITCHES[:underline]) end
 
-        def on_28(s) disable(STYLE_SWITCHES[:conceal])   end
+        def on_28(_) disable(STYLE_SWITCHES[:conceal])   end
 
-        def on_29(s) disable(STYLE_SWITCHES[:cross])     end
+        def on_29(_) disable(STYLE_SWITCHES[:cross])     end
 
-        def on_30(s) set_fg_color(0) end
+        def on_30(_) set_fg_color(0) end
 
-        def on_31(s) set_fg_color(1) end
+        def on_31(_) set_fg_color(1) end
 
-        def on_32(s) set_fg_color(2) end
+        def on_32(_) set_fg_color(2) end
 
-        def on_33(s) set_fg_color(3) end
+        def on_33(_) set_fg_color(3) end
 
-        def on_34(s) set_fg_color(4) end
+        def on_34(_) set_fg_color(4) end
 
-        def on_35(s) set_fg_color(5) end
+        def on_35(_) set_fg_color(5) end
 
-        def on_36(s) set_fg_color(6) end
+        def on_36(_) set_fg_color(6) end
 
-        def on_37(s) set_fg_color(7) end
+        def on_37(_) set_fg_color(7) end
 
-        def on_38(s) set_fg_color_256(s) end
+        def on_38(stack) set_fg_color_256(stack) end
 
-        def on_39(s) set_fg_color(9) end
+        def on_39(_) set_fg_color(9) end
 
-        def on_40(s) set_bg_color(0) end
+        def on_40(_) set_bg_color(0) end
 
-        def on_41(s) set_bg_color(1) end
+        def on_41(_) set_bg_color(1) end
 
-        def on_42(s) set_bg_color(2) end
+        def on_42(_) set_bg_color(2) end
 
-        def on_43(s) set_bg_color(3) end
+        def on_43(_) set_bg_color(3) end
 
-        def on_44(s) set_bg_color(4) end
+        def on_44(_) set_bg_color(4) end
 
-        def on_45(s) set_bg_color(5) end
+        def on_45(_) set_bg_color(5) end
 
-        def on_46(s) set_bg_color(6) end
+        def on_46(_) set_bg_color(6) end
 
-        def on_47(s) set_bg_color(7) end
+        def on_47(_) set_bg_color(7) end
 
-        def on_48(s) set_bg_color_256(s) end
+        def on_48(stack) set_bg_color_256(stack) end
 
-        def on_49(s) set_bg_color(9) end
+        def on_49(_) set_bg_color(9) end
 
-        def on_90(s) set_fg_color(0, 'l') end
+        def on_90(_) set_fg_color(0, 'l') end
 
-        def on_91(s) set_fg_color(1, 'l') end
+        def on_91(_) set_fg_color(1, 'l') end
 
-        def on_92(s) set_fg_color(2, 'l') end
+        def on_92(_) set_fg_color(2, 'l') end
 
-        def on_93(s) set_fg_color(3, 'l') end
+        def on_93(_) set_fg_color(3, 'l') end
 
-        def on_94(s) set_fg_color(4, 'l') end
+        def on_94(_) set_fg_color(4, 'l') end
 
-        def on_95(s) set_fg_color(5, 'l') end
+        def on_95(_) set_fg_color(5, 'l') end
 
-        def on_96(s) set_fg_color(6, 'l') end
+        def on_96(_) set_fg_color(6, 'l') end
 
-        def on_97(s) set_fg_color(7, 'l') end
+        def on_97(_) set_fg_color(7, 'l') end
 
-        def on_99(s) set_fg_color(9, 'l') end
+        def on_99(_) set_fg_color(9, 'l') end
 
-        def on_100(s) set_bg_color(0, 'l') end
+        def on_100(_) set_bg_color(0, 'l') end
 
-        def on_101(s) set_bg_color(1, 'l') end
+        def on_101(_) set_bg_color(1, 'l') end
 
-        def on_102(s) set_bg_color(2, 'l') end
+        def on_102(_) set_bg_color(2, 'l') end
 
-        def on_103(s) set_bg_color(3, 'l') end
+        def on_103(_) set_bg_color(3, 'l') end
 
-        def on_104(s) set_bg_color(4, 'l') end
+        def on_104(_) set_bg_color(4, 'l') end
 
-        def on_105(s) set_bg_color(5, 'l') end
+        def on_105(_) set_bg_color(5, 'l') end
 
-        def on_106(s) set_bg_color(6, 'l') end
+        def on_106(_) set_bg_color(6, 'l') end
 
-        def on_107(s) set_bg_color(7, 'l') end
+        def on_107(_) set_bg_color(7, 'l') end
 
-        def on_109(s) set_bg_color(9, 'l') end
+        def on_109(_) set_bg_color(9, 'l') end
 
         attr_accessor :offset, :n_open_tags, :fg_color, :bg_color, :style_mask
 
@@ -188,19 +188,19 @@ module Gitlab
           )
         end
 
-        def handle_section(s)
-          action = s[1]
-          timestamp = s[2]
-          section = s[3]
-          line = s.matched()[0...-5] # strips \r\033[0K
+        def handle_section(scanner)
+          action = scanner[1]
+          timestamp = scanner[2]
+          section = scanner[3]
+          line = scanner.matched()[0...-5] # strips \r\033[0K
 
           @out << %{<div class="hidden" data-action="#{action}" data-timestamp="#{timestamp}" data-section="#{section}">#{line}</div>}
         end
 
-        def handle_sequence(s)
-          indicator = s[1]
-          commands = s[2].split ';'
-          terminator = s[3]
+        def handle_sequence(scanner)
+          indicator = scanner[1]
+          commands = scanner[2].split ';'
+          terminator = scanner[3]
 
           # We are only interested in color and text style changes - triggered by
           # sequences starting with '\e[' and ending with 'm'. Any other control
diff --git a/lib/gitlab/ci/build/artifacts/metadata.rb b/lib/gitlab/ci/build/artifacts/metadata.rb
index 0bbd60d8ffe..375d8bc1ff5 100644
--- a/lib/gitlab/ci/build/artifacts/metadata.rb
+++ b/lib/gitlab/ci/build/artifacts/metadata.rb
@@ -7,14 +7,15 @@ module Gitlab
       module Artifacts
         class Metadata
           ParserError = Class.new(StandardError)
+          InvalidStreamError = Class.new(StandardError)
 
           VERSION_PATTERN = /^[\w\s]+(\d+\.\d+\.\d+)/
           INVALID_PATH_PATTERN = %r{(^\.?\.?/)|(/\.?\.?/)}
 
-          attr_reader :file, :path, :full_version
+          attr_reader :stream, :path, :full_version
 
-          def initialize(file, path, **opts)
-            @file, @path, @opts = file, path, opts
+          def initialize(stream, path, **opts)
+            @stream, @path, @opts = stream, path, opts
             @full_version = read_version
           end
 
@@ -103,7 +104,17 @@ module Gitlab
           end
 
           def gzip(&block)
-            Zlib::GzipReader.open(@file, &block)
+            raise InvalidStreamError, "Invalid stream" unless @stream
+
+            # restart gzip reading
+            @stream.seek(0)
+
+            gz = Zlib::GzipReader.new(@stream)
+            yield(gz)
+          rescue Zlib::Error => e
+            raise InvalidStreamError, e.message
+          ensure
+            gz&.finish
           end
         end
       end
diff --git a/lib/gitlab/ci/config/entry/configurable.rb b/lib/gitlab/ci/config/entry/configurable.rb
index db47c2f6185..7cddd2c7b7e 100644
--- a/lib/gitlab/ci/config/entry/configurable.rb
+++ b/lib/gitlab/ci/config/entry/configurable.rb
@@ -47,7 +47,7 @@ module Gitlab
               Hash[(@nodes || {}).map { |key, factory| [key, factory.dup] }]
             end
 
-            private # rubocop:disable Lint/UselessAccessModifier
+            private
 
             def entry(key, entry, metadata)
               factory = Entry::Factory.new(entry)
diff --git a/lib/gitlab/ci/trace/http_io.rb b/lib/gitlab/ci/trace/http_io.rb
deleted file mode 100644
index 8788af57a67..00000000000
--- a/lib/gitlab/ci/trace/http_io.rb
+++ /dev/null
@@ -1,197 +0,0 @@
-##
-# This class is compatible with IO class (https://ruby-doc.org/core-2.3.1/IO.html)
-# source: https://gitlab.com/snippets/1685610
-module Gitlab
-  module Ci
-    class Trace
-      class HttpIO
-        BUFFER_SIZE = 128.kilobytes
-
-        InvalidURLError = Class.new(StandardError)
-        FailedToGetChunkError = Class.new(StandardError)
-
-        attr_reader :uri, :size
-        attr_reader :tell
-        attr_reader :chunk, :chunk_range
-
-        alias_method :pos, :tell
-
-        def initialize(url, size)
-          raise InvalidURLError unless ::Gitlab::UrlSanitizer.valid?(url)
-
-          @uri = URI(url)
-          @size = size
-          @tell = 0
-        end
-
-        def close
-          # no-op
-        end
-
-        def binmode
-          # no-op
-        end
-
-        def binmode?
-          true
-        end
-
-        def path
-          nil
-        end
-
-        def url
-          @uri.to_s
-        end
-
-        def seek(pos, where = IO::SEEK_SET)
-          new_pos =
-            case where
-            when IO::SEEK_END
-              size + pos
-            when IO::SEEK_SET
-              pos
-            when IO::SEEK_CUR
-              tell + pos
-            else
-              -1
-            end
-
-          raise 'new position is outside of file' if new_pos < 0 || new_pos > size
-
-          @tell = new_pos
-        end
-
-        def eof?
-          tell == size
-        end
-
-        def each_line
-          until eof?
-            line = readline
-            break if line.nil?
-
-            yield(line)
-          end
-        end
-
-        def read(length = nil, outbuf = "")
-          out = ""
-
-          length ||= size - tell
-
-          until length <= 0 || eof?
-            data = get_chunk
-            break if data.empty?
-
-            chunk_bytes = [BUFFER_SIZE - chunk_offset, length].min
-            chunk_data = data.byteslice(0, chunk_bytes)
-
-            out << chunk_data
-            @tell += chunk_data.bytesize
-            length -= chunk_data.bytesize
-          end
-
-          # If outbuf is passed, we put the output into the buffer. This supports IO.copy_stream functionality
-          if outbuf
-            outbuf.slice!(0, outbuf.bytesize)
-            outbuf << out
-          end
-
-          out
-        end
-
-        def readline
-          out = ""
-
-          until eof?
-            data = get_chunk
-            new_line = data.index("\n")
-
-            if !new_line.nil?
-              out << data[0..new_line]
-              @tell += new_line + 1
-              break
-            else
-              out << data
-              @tell += data.bytesize
-            end
-          end
-
-          out
-        end
-
-        def write(data)
-          raise NotImplementedError
-        end
-
-        def truncate(offset)
-          raise NotImplementedError
-        end
-
-        def flush
-          raise NotImplementedError
-        end
-
-        def present?
-          true
-        end
-
-        private
-
-        ##
-        # The below methods are not implemented in IO class
-        #
-        def in_range?
-          @chunk_range&.include?(tell)
-        end
-
-        def get_chunk
-          unless in_range?
-            response = Net::HTTP.start(uri.hostname, uri.port, proxy_from_env: true, use_ssl: uri.scheme == 'https') do |http|
-              http.request(request)
-            end
-
-            raise FailedToGetChunkError unless response.code == '200' || response.code == '206'
-
-            @chunk = response.body.force_encoding(Encoding::BINARY)
-            @chunk_range = response.content_range
-
-            ##
-            # Note: If provider does not return content_range, then we set it as we requested
-            # Provider: minio
-            # - When the file size is larger than requested Content-range, the Content-range is included in responces with Net::HTTPPartialContent 206
-            # - When the file size is smaller than requested Content-range, the Content-range is included in responces with Net::HTTPPartialContent 206
-            # Provider: AWS
-            # - When the file size is larger than requested Content-range, the Content-range is included in responces with Net::HTTPPartialContent 206
-            # - When the file size is smaller than requested Content-range, the Content-range is included in responces with Net::HTTPPartialContent 206
-            # Provider: GCS
-            # - When the file size is larger than requested Content-range, the Content-range is included in responces with Net::HTTPPartialContent 206
-            # - When the file size is smaller than requested Content-range, the Content-range is included in responces with Net::HTTPOK 200
-            @chunk_range ||= (chunk_start...(chunk_start + @chunk.bytesize))
-          end
-
-          @chunk[chunk_offset..BUFFER_SIZE]
-        end
-
-        def request
-          Net::HTTP::Get.new(uri).tap do |request|
-            request.set_range(chunk_start, BUFFER_SIZE)
-          end
-        end
-
-        def chunk_offset
-          tell % BUFFER_SIZE
-        end
-
-        def chunk_start
-          (tell / BUFFER_SIZE) * BUFFER_SIZE
-        end
-
-        def chunk_end
-          [chunk_start + BUFFER_SIZE, size].min
-        end
-      end
-    end
-  end
-end
diff --git a/lib/gitlab/ci/trace/section_parser.rb b/lib/gitlab/ci/trace/section_parser.rb
index 9bb0166c9e3..c09089d6475 100644
--- a/lib/gitlab/ci/trace/section_parser.rb
+++ b/lib/gitlab/ci/trace/section_parser.rb
@@ -75,19 +75,19 @@ module Gitlab
           @beginning_of_section_regex ||= /section_/.freeze
         end
 
-        def find_next_marker(s)
+        def find_next_marker(scanner)
           beginning_of_section_len = 8
-          maybe_marker = s.exist?(beginning_of_section_regex)
+          maybe_marker = scanner.exist?(beginning_of_section_regex)
 
           if maybe_marker.nil?
-            s.terminate
+            scanner.terminate
           else
             # repositioning at the beginning of the match
-            s.pos += maybe_marker - beginning_of_section_len
+            scanner.pos += maybe_marker - beginning_of_section_len
             if block_given?
-              good_marker = yield(s)
+              good_marker = yield(scanner)
               # if not a good marker: Consuming the matched beginning_of_section_regex
-              s.pos += beginning_of_section_len unless good_marker
+              scanner.pos += beginning_of_section_len unless good_marker
             end
           end
         end
diff --git a/lib/gitlab/current_settings.rb b/lib/gitlab/current_settings.rb
index 3cf35f499cd..9147ef401da 100644
--- a/lib/gitlab/current_settings.rb
+++ b/lib/gitlab/current_settings.rb
@@ -60,7 +60,7 @@ module Gitlab
 
       def in_memory_application_settings
         with_fallback_to_fake_application_settings do
-          @in_memory_application_settings ||= ::ApplicationSetting.build_from_defaults # rubocop:disable Gitlab/ModuleWithInstanceVariables
+          @in_memory_application_settings ||= ::ApplicationSetting.build_from_defaults
         end
       end
 
diff --git a/lib/gitlab/diff/image_point.rb b/lib/gitlab/diff/image_point.rb
index 65332dfd239..1f157354ea4 100644
--- a/lib/gitlab/diff/image_point.rb
+++ b/lib/gitlab/diff/image_point.rb
@@ -3,11 +3,11 @@ module Gitlab
     class ImagePoint
       attr_reader :width, :height, :x, :y
 
-      def initialize(width, height, x, y)
+      def initialize(width, height, new_x, new_y)
         @width = width
         @height = height
-        @x = x
-        @y = y
+        @x = new_x
+        @y = new_y
       end
 
       def to_h
diff --git a/lib/gitlab/diff/inline_diff.rb b/lib/gitlab/diff/inline_diff.rb
index 54783a07919..99970779c67 100644
--- a/lib/gitlab/diff/inline_diff.rb
+++ b/lib/gitlab/diff/inline_diff.rb
@@ -93,7 +93,7 @@ module Gitlab
 
       private
 
-      def longest_common_prefix(a, b)
+      def longest_common_prefix(a, b) # rubocop:disable Naming/UncommunicativeMethodParamName
         max_length = [a.length, b.length].max
 
         length = 0
@@ -109,7 +109,7 @@ module Gitlab
         length
       end
 
-      def longest_common_suffix(a, b)
+      def longest_common_suffix(a, b) # rubocop:disable Naming/UncommunicativeMethodParamName
         longest_common_prefix(a.reverse, b.reverse)
       end
     end
diff --git a/lib/gitlab/encoding_helper.rb b/lib/gitlab/encoding_helper.rb
index 0b8f6cfe3cb..d1fd5dfe0cb 100644
--- a/lib/gitlab/encoding_helper.rb
+++ b/lib/gitlab/encoding_helper.rb
@@ -65,17 +65,17 @@ module Gitlab
         clean(message)
       end
     rescue ArgumentError
-      return nil
+      nil
     end
 
-    def encode_binary(s)
-      return "" if s.nil?
+    def encode_binary(str)
+      return "" if str.nil?
 
-      s.dup.force_encoding(Encoding::ASCII_8BIT)
+      str.dup.force_encoding(Encoding::ASCII_8BIT)
     end
 
-    def binary_stringio(s)
-      StringIO.new(s || '').tap { |io| io.set_encoding(Encoding::ASCII_8BIT) }
+    def binary_stringio(str)
+      StringIO.new(str || '').tap { |io| io.set_encoding(Encoding::ASCII_8BIT) }
     end
 
     private
diff --git a/lib/gitlab/exclusive_lease_helpers.rb b/lib/gitlab/exclusive_lease_helpers.rb
index ab6838adc6d..e998548cff9 100644
--- a/lib/gitlab/exclusive_lease_helpers.rb
+++ b/lib/gitlab/exclusive_lease_helpers.rb
@@ -21,7 +21,7 @@ module Gitlab
 
       raise FailedToObtainLockError, 'Failed to obtain a lock' unless uuid
 
-      return yield
+      yield
     ensure
       Gitlab::ExclusiveLease.cancel(key, uuid)
     end
diff --git a/lib/gitlab/fogbugz_import/importer.rb b/lib/gitlab/fogbugz_import/importer.rb
index 8953bc8c148..a91de278cf3 100644
--- a/lib/gitlab/fogbugz_import/importer.rb
+++ b/lib/gitlab/fogbugz_import/importer.rb
@@ -191,19 +191,19 @@ module Gitlab
         end
       end
 
-      def linkify_issues(s)
-        s = s.gsub(/([Ii]ssue) ([0-9]+)/, '\1 #\2')
-        s = s.gsub(/([Cc]ase) ([0-9]+)/, '\1 #\2')
-        s
+      def linkify_issues(str)
+        str = str.gsub(/([Ii]ssue) ([0-9]+)/, '\1 #\2')
+        str = str.gsub(/([Cc]ase) ([0-9]+)/, '\1 #\2')
+        str
       end
 
-      def escape_for_markdown(s)
-        s = s.gsub(/^#/, "\\#")
-        s = s.gsub(/^-/, "\\-")
-        s = s.gsub("`", "\\~")
-        s = s.delete("\r")
-        s = s.gsub("\n", "  \n")
-        s
+      def escape_for_markdown(str)
+        str = str.gsub(/^#/, "\\#")
+        str = str.gsub(/^-/, "\\-")
+        str = str.gsub("`", "\\~")
+        str = str.delete("\r")
+        str = str.gsub("\n", "  \n")
+        str
       end
 
       def format_content(raw_content)
diff --git a/lib/gitlab/git/repository.rb b/lib/gitlab/git/repository.rb
index 420790f45d0..897adbd5ec9 100644
--- a/lib/gitlab/git/repository.rb
+++ b/lib/gitlab/git/repository.rb
@@ -625,7 +625,13 @@ module Gitlab
       end
 
       def update_branch(branch_name, user:, newrev:, oldrev:)
-        OperationService.new(user, self).update_branch(branch_name, newrev, oldrev)
+        gitaly_migrate(:operation_user_update_branch) do |is_enabled|
+          if is_enabled
+            gitaly_operations_client.user_update_branch(branch_name, user, newrev, oldrev)
+          else
+            OperationService.new(user, self).update_branch(branch_name, newrev, oldrev)
+          end
+        end
       end
 
       def rm_branch(branch_name, user:)
@@ -898,12 +904,8 @@ module Gitlab
       end
 
       def fetch_source_branch!(source_repository, source_branch, local_ref)
-        Gitlab::GitalyClient.migrate(:fetch_source_branch) do |is_enabled|
-          if is_enabled
-            gitaly_repository_client.fetch_source_branch(source_repository, source_branch, local_ref)
-          else
-            rugged_fetch_source_branch(source_repository, source_branch, local_ref)
-          end
+        wrapped_gitaly_errors do
+          gitaly_repository_client.fetch_source_branch(source_repository, source_branch, local_ref)
         end
       end
 
@@ -1058,18 +1060,13 @@ module Gitlab
       end
 
       def bundle_to_disk(save_path)
-        gitaly_migrate(:bundle_to_disk) do |is_enabled|
-          if is_enabled
-            gitaly_repository_client.create_bundle(save_path)
-          else
-            run_git!(%W(bundle create #{save_path} --all))
-          end
+        wrapped_gitaly_errors do
+          gitaly_repository_client.create_bundle(save_path)
         end
 
         true
       end
 
-      # rubocop:disable Metrics/ParameterLists
       def multi_action(
         user, branch_name:, message:, actions:,
         author_email: nil, author_name: nil,
@@ -1081,7 +1078,6 @@ module Gitlab
               start_branch_name, start_repository)
         end
       end
-      # rubocop:enable Metrics/ParameterLists
 
       def write_config(full_path:)
         return unless full_path.present?
diff --git a/lib/gitlab/gitaly_client.rb b/lib/gitlab/gitaly_client.rb
index 66e781a8e5b..58a4060cc96 100644
--- a/lib/gitlab/gitaly_client.rb
+++ b/lib/gitlab/gitaly_client.rb
@@ -401,8 +401,8 @@ module Gitlab
       path.read.chomp
     end
 
-    def self.timestamp(t)
-      Google::Protobuf::Timestamp.new(seconds: t.to_i)
+    def self.timestamp(time)
+      Google::Protobuf::Timestamp.new(seconds: time.to_i)
     end
 
     # The default timeout on all Gitaly calls
diff --git a/lib/gitlab/gitaly_client/commit_service.rb b/lib/gitlab/gitaly_client/commit_service.rb
index 72e1e59d8df..6a97cd8ed17 100644
--- a/lib/gitlab/gitaly_client/commit_service.rb
+++ b/lib/gitlab/gitaly_client/commit_service.rb
@@ -399,8 +399,8 @@ module Gitlab
         end
       end
 
-      def encode_repeated(a)
-        Google::Protobuf::RepeatedField.new(:bytes, a.map { |s| encode_binary(s) } )
+      def encode_repeated(array)
+        Google::Protobuf::RepeatedField.new(:bytes, array.map { |s| encode_binary(s) } )
       end
 
       def call_find_commit(revision)
diff --git a/lib/gitlab/gitaly_client/operation_service.rb b/lib/gitlab/gitaly_client/operation_service.rb
index ab2c61f6782..555733d1834 100644
--- a/lib/gitlab/gitaly_client/operation_service.rb
+++ b/lib/gitlab/gitaly_client/operation_service.rb
@@ -68,6 +68,22 @@ module Gitlab
         raise Gitlab::Git::Repository::InvalidRef, ex
       end
 
+      def user_update_branch(branch_name, user, newrev, oldrev)
+        request = Gitaly::UserUpdateBranchRequest.new(
+          repository: @gitaly_repo,
+          branch_name: encode_binary(branch_name),
+          user: Gitlab::Git::User.from_gitlab(user).to_gitaly,
+          newrev: encode_binary(newrev),
+          oldrev: encode_binary(oldrev)
+        )
+
+        response = GitalyClient.call(@repository.storage, :operation_service, :user_update_branch, request)
+
+        if pre_receive_error = response.pre_receive_error.presence
+          raise Gitlab::Git::PreReceiveError, pre_receive_error
+        end
+      end
+
       def user_delete_branch(branch_name, user)
         request = Gitaly::UserDeleteBranchRequest.new(
           repository: @gitaly_repo,
diff --git a/lib/gitlab/gitaly_client/storage_settings.rb b/lib/gitlab/gitaly_client/storage_settings.rb
index 02fcb413abd..8e530de174d 100644
--- a/lib/gitlab/gitaly_client/storage_settings.rb
+++ b/lib/gitlab/gitaly_client/storage_settings.rb
@@ -60,8 +60,8 @@ module Gitlab
 
       private
 
-      def method_missing(m, *args, &block)
-        @hash.public_send(m, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
+      def method_missing(msg, *args, &block)
+        @hash.public_send(msg, *args, &block) # rubocop:disable GitlabSecurity/PublicSend
       end
     end
   end
diff --git a/lib/gitlab/google_code_import/importer.rb b/lib/gitlab/google_code_import/importer.rb
index 46b49128140..5070f4e3cfe 100644
--- a/lib/gitlab/google_code_import/importer.rb
+++ b/lib/gitlab/google_code_import/importer.rb
@@ -200,27 +200,27 @@ module Gitlab
         "Status: #{name}"
       end
 
-      def linkify_issues(s)
-        s = s.gsub(/([Ii]ssue) ([0-9]+)/, '\1 #\2')
-        s = s.gsub(/([Cc]omment) #([0-9]+)/, '\1 \2')
-        s
+      def linkify_issues(str)
+        str = str.gsub(/([Ii]ssue) ([0-9]+)/, '\1 #\2')
+        str = str.gsub(/([Cc]omment) #([0-9]+)/, '\1 \2')
+        str
       end
 
-      def escape_for_markdown(s)
+      def escape_for_markdown(str)
         # No headings and lists
-        s = s.gsub(/^#/, "\\#")
-        s = s.gsub(/^-/, "\\-")
+        str = str.gsub(/^#/, "\\#")
+        str = str.gsub(/^-/, "\\-")
 
         # No inline code
-        s = s.gsub("`", "\\`")
+        str = str.gsub("`", "\\`")
 
         # Carriage returns make me sad
-        s = s.delete("\r")
+        str = str.delete("\r")
 
         # Markdown ignores single newlines, but we need them as <br />.
-        s = s.gsub("\n", "  \n")
+        str = str.gsub("\n", "  \n")
 
-        s
+        str
       end
 
       def create_label(name)
diff --git a/lib/gitlab/gpg/commit.rb b/lib/gitlab/gpg/commit.rb
index 6d2278d0876..2716834f566 100644
--- a/lib/gitlab/gpg/commit.rb
+++ b/lib/gitlab/gpg/commit.rb
@@ -39,7 +39,7 @@ module Gitlab
 
       def update_signature!(cached_signature)
         using_keychain do |gpg_key|
-          cached_signature.update_attributes!(attributes(gpg_key))
+          cached_signature.update!(attributes(gpg_key))
         end
 
         @signature = cached_signature
diff --git a/lib/gitlab/http_io.rb b/lib/gitlab/http_io.rb
new file mode 100644
index 00000000000..ce24817db54
--- /dev/null
+++ b/lib/gitlab/http_io.rb
@@ -0,0 +1,193 @@
+##
+# This class is compatible with IO class (https://ruby-doc.org/core-2.3.1/IO.html)
+# source: https://gitlab.com/snippets/1685610
+module Gitlab
+  class HttpIO
+    BUFFER_SIZE = 128.kilobytes
+
+    InvalidURLError = Class.new(StandardError)
+    FailedToGetChunkError = Class.new(StandardError)
+
+    attr_reader :uri, :size
+    attr_reader :tell
+    attr_reader :chunk, :chunk_range
+
+    alias_method :pos, :tell
+
+    def initialize(url, size)
+      raise InvalidURLError unless ::Gitlab::UrlSanitizer.valid?(url)
+
+      @uri = URI(url)
+      @size = size
+      @tell = 0
+    end
+
+    def close
+      # no-op
+    end
+
+    def binmode
+      # no-op
+    end
+
+    def binmode?
+      true
+    end
+
+    def path
+      nil
+    end
+
+    def url
+      @uri.to_s
+    end
+
+    def seek(pos, where = IO::SEEK_SET)
+      new_pos =
+        case where
+        when IO::SEEK_END
+          size + pos
+        when IO::SEEK_SET
+          pos
+        when IO::SEEK_CUR
+          tell + pos
+        else
+          -1
+        end
+
+      raise 'new position is outside of file' if new_pos < 0 || new_pos > size
+
+      @tell = new_pos
+    end
+
+    def eof?
+      tell == size
+    end
+
+    def each_line
+      until eof?
+        line = readline
+        break if line.nil?
+
+        yield(line)
+      end
+    end
+
+    def read(length = nil, outbuf = "")
+      out = ""
+
+      length ||= size - tell
+
+      until length <= 0 || eof?
+        data = get_chunk
+        break if data.empty?
+
+        chunk_bytes = [BUFFER_SIZE - chunk_offset, length].min
+        chunk_data = data.byteslice(0, chunk_bytes)
+
+        out << chunk_data
+        @tell += chunk_data.bytesize
+        length -= chunk_data.bytesize
+      end
+
+      # If outbuf is passed, we put the output into the buffer. This supports IO.copy_stream functionality
+      if outbuf
+        outbuf.slice!(0, outbuf.bytesize)
+        outbuf << out
+      end
+
+      out
+    end
+
+    def readline
+      out = ""
+
+      until eof?
+        data = get_chunk
+        new_line = data.index("\n")
+
+        if !new_line.nil?
+          out << data[0..new_line]
+          @tell += new_line + 1
+          break
+        else
+          out << data
+          @tell += data.bytesize
+        end
+      end
+
+      out
+    end
+
+    def write(data)
+      raise NotImplementedError
+    end
+
+    def truncate(offset)
+      raise NotImplementedError
+    end
+
+    def flush
+      raise NotImplementedError
+    end
+
+    def present?
+      true
+    end
+
+    private
+
+    ##
+    # The below methods are not implemented in IO class
+    #
+    def in_range?
+      @chunk_range&.include?(tell)
+    end
+
+    def get_chunk
+      unless in_range?
+        response = Net::HTTP.start(uri.hostname, uri.port, proxy_from_env: true, use_ssl: uri.scheme == 'https') do |http|
+          http.request(request)
+        end
+
+        raise FailedToGetChunkError unless response.code == '200' || response.code == '206'
+
+        @chunk = response.body.force_encoding(Encoding::BINARY)
+        @chunk_range = response.content_range
+
+        ##
+        # Note: If provider does not return content_range, then we set it as we requested
+        # Provider: minio
+        # - When the file size is larger than requested Content-range, the Content-range is included in responces with Net::HTTPPartialContent 206
+        # - When the file size is smaller than requested Content-range, the Content-range is included in responces with Net::HTTPPartialContent 206
+        # Provider: AWS
+        # - When the file size is larger than requested Content-range, the Content-range is included in responces with Net::HTTPPartialContent 206
+        # - When the file size is smaller than requested Content-range, the Content-range is included in responces with Net::HTTPPartialContent 206
+        # Provider: GCS
+        # - When the file size is larger than requested Content-range, the Content-range is included in responces with Net::HTTPPartialContent 206
+        # - When the file size is smaller than requested Content-range, the Content-range is included in responces with Net::HTTPOK 200
+        @chunk_range ||= (chunk_start...(chunk_start + @chunk.bytesize))
+      end
+
+      @chunk[chunk_offset..BUFFER_SIZE]
+    end
+
+    def request
+      Net::HTTP::Get.new(uri).tap do |request|
+        request.set_range(chunk_start, BUFFER_SIZE)
+      end
+    end
+
+    def chunk_offset
+      tell % BUFFER_SIZE
+    end
+
+    def chunk_start
+      (tell / BUFFER_SIZE) * BUFFER_SIZE
+    end
+
+    def chunk_end
+      [chunk_start + BUFFER_SIZE, size].min
+    end
+  end
+end
diff --git a/lib/gitlab/mail_room.rb b/lib/gitlab/mail_room.rb
index 344784c866f..db04356a5e9 100644
--- a/lib/gitlab/mail_room.rb
+++ b/lib/gitlab/mail_room.rb
@@ -53,7 +53,7 @@ module Gitlab
       end
 
       def config_file
-        ENV['MAIL_ROOM_GITLAB_CONFIG_FILE'] || File.expand_path('../../../config/gitlab.yml', __FILE__)
+        ENV['MAIL_ROOM_GITLAB_CONFIG_FILE'] || File.expand_path('../../config/gitlab.yml', __dir__)
       end
     end
   end
diff --git a/lib/gitlab/metrics/influx_db.rb b/lib/gitlab/metrics/influx_db.rb
index 66f30e3b397..04135dac4ff 100644
--- a/lib/gitlab/metrics/influx_db.rb
+++ b/lib/gitlab/metrics/influx_db.rb
@@ -162,7 +162,6 @@ module Gitlab
 
         # When enabled this should be set before being used as the usual pattern
         # "@foo ||= bar" is _not_ thread-safe.
-        # rubocop:disable Gitlab/ModuleWithInstanceVariables
         def pool
           if influx_metrics_enabled?
             if @pool.nil?
@@ -180,7 +179,6 @@ module Gitlab
             @pool
           end
         end
-        # rubocop:enable Gitlab/ModuleWithInstanceVariables
       end
     end
   end
diff --git a/lib/gitlab/metrics/method_call.rb b/lib/gitlab/metrics/method_call.rb
index b11520a79bb..f3290e3149c 100644
--- a/lib/gitlab/metrics/method_call.rb
+++ b/lib/gitlab/metrics/method_call.rb
@@ -1,5 +1,3 @@
-# rubocop:disable Style/ClassVars
-
 module Gitlab
   module Metrics
     # Class for tracking timing information about method calls
diff --git a/lib/gitlab/middleware/multipart.rb b/lib/gitlab/middleware/multipart.rb
index 9753be6d5c3..18f91db98fc 100644
--- a/lib/gitlab/middleware/multipart.rb
+++ b/lib/gitlab/middleware/multipart.rb
@@ -84,7 +84,7 @@ module Gitlab
         def open_file(params, key)
           ::UploadedFile.from_params(
             params, key,
-            Gitlab.config.uploads.storage_path)
+            [FileUploader.root, Gitlab.config.uploads.storage_path])
         end
       end
 
diff --git a/lib/gitlab/shell.rb b/lib/gitlab/shell.rb
index e222541992a..a17cd27e82d 100644
--- a/lib/gitlab/shell.rb
+++ b/lib/gitlab/shell.rb
@@ -92,21 +92,13 @@ module Gitlab
     # Ex.
     #   import_repository("nfs-file06", "gitlab/gitlab-ci", "https://gitlab.com/gitlab-org/gitlab-test.git")
     #
-    # Gitaly migration: https://gitlab.com/gitlab-org/gitaly/issues/874
     def import_repository(storage, name, url)
       if url.start_with?('.', '/')
         raise Error.new("don't use disk paths with import_repository: #{url.inspect}")
       end
 
       relative_path = "#{name}.git"
-      cmd = gitaly_migrate(:import_repository, status: Gitlab::GitalyClient::MigrationStatus::OPT_OUT) do |is_enabled|
-        if is_enabled
-          GitalyGitlabProjects.new(storage, relative_path)
-        else
-          # The timeout ensures the subprocess won't hang forever
-          gitlab_projects(storage, relative_path)
-        end
-      end
+      cmd = GitalyGitlabProjects.new(storage, relative_path)
 
       success = cmd.import_project(url, git_timeout)
       raise Error, cmd.output unless success
@@ -126,12 +118,8 @@ module Gitlab
     #   fetch_remote(my_repo, "upstream")
     #
     def fetch_remote(repository, remote, ssh_auth: nil, forced: false, no_tags: false, prune: true)
-      gitaly_migrate(:fetch_remote) do |is_enabled|
-        if is_enabled
-          repository.gitaly_repository_client.fetch_remote(remote, ssh_auth: ssh_auth, forced: forced, no_tags: no_tags, timeout: git_timeout, prune: prune)
-        else
-          local_fetch_remote(repository.storage, repository.relative_path, remote, ssh_auth: ssh_auth, forced: forced, no_tags: no_tags, prune: prune)
-        end
+      wrapped_gitaly_errors do
+        repository.gitaly_repository_client.fetch_remote(remote, ssh_auth: ssh_auth, forced: forced, no_tags: no_tags, timeout: git_timeout, prune: prune)
       end
     end
 
@@ -389,28 +377,6 @@ module Gitlab
       )
     end
 
-    def local_fetch_remote(storage_name, repository_relative_path, remote, ssh_auth: nil, forced: false, no_tags: false, prune: true)
-      vars = { force: forced, tags: !no_tags, prune: prune }
-
-      if ssh_auth&.ssh_import?
-        if ssh_auth.ssh_key_auth? && ssh_auth.ssh_private_key.present?
-          vars[:ssh_key] = ssh_auth.ssh_private_key
-        end
-
-        if ssh_auth.ssh_known_hosts.present?
-          vars[:known_hosts] = ssh_auth.ssh_known_hosts
-        end
-      end
-
-      cmd = gitlab_projects(storage_name, repository_relative_path)
-
-      success = cmd.fetch_remote(remote, git_timeout, vars)
-
-      raise Error, cmd.output unless success
-
-      success
-    end
-
     def gitlab_shell_fast_execute(cmd)
       output, status = gitlab_shell_fast_execute_helper(cmd)
 
@@ -440,10 +406,6 @@ module Gitlab
       Gitlab.config.gitlab_shell.git_timeout
     end
 
-    def gitaly_migrate(method, status: Gitlab::GitalyClient::MigrationStatus::OPT_IN, &block)
-      wrapped_gitaly_errors { Gitlab::GitalyClient.migrate(method, status: status, &block) }
-    end
-
     def wrapped_gitaly_errors
       yield
     rescue GRPC::NotFound, GRPC::BadStatus => e
diff --git a/lib/rouge/formatters/html_gitlab.rb b/lib/rouge/formatters/html_gitlab.rb
index be0d97370d0..e877ab10248 100644
--- a/lib/rouge/formatters/html_gitlab.rb
+++ b/lib/rouge/formatters/html_gitlab.rb
@@ -11,7 +11,7 @@ module Rouge
         @tag = tag
       end
 
-      def stream(tokens, &b)
+      def stream(tokens)
         is_first = true
         token_lines(tokens) do |line|
           yield "\n" unless is_first
diff --git a/lib/tasks/gitlab/uploads/migrate.rake b/lib/tasks/gitlab/uploads/migrate.rake
index 78e18992a8e..f548a266b99 100644
--- a/lib/tasks/gitlab/uploads/migrate.rake
+++ b/lib/tasks/gitlab/uploads/migrate.rake
@@ -8,7 +8,7 @@ namespace :gitlab do
       @uploader_class = args.uploader_class.constantize
       @model_class    = args.model_class.constantize
 
-      uploads.each_batch(of: batch_size, &method(:enqueue_batch)) # rubocop: disable Cop/InBatches
+      uploads.each_batch(of: batch_size, &method(:enqueue_batch))
     end
 
     def enqueue_batch(batch, index)
diff --git a/lib/uploaded_file.rb b/lib/uploaded_file.rb
index 5dc85b2baea..4b9cb59eab5 100644
--- a/lib/uploaded_file.rb
+++ b/lib/uploaded_file.rb
@@ -28,7 +28,7 @@ class UploadedFile
     @tempfile = File.new(path, 'rb')
   end
 
-  def self.from_params(params, field, upload_path)
+  def self.from_params(params, field, upload_paths)
     unless params["#{field}.path"]
       raise InvalidPathError, "file is invalid" if params["#{field}.remote_id"]
 
@@ -37,7 +37,8 @@ class UploadedFile
 
     file_path = File.realpath(params["#{field}.path"])
 
-    unless self.allowed_path?(file_path, [upload_path, Dir.tmpdir].compact)
+    paths = Array(upload_paths) << Dir.tmpdir
+    unless self.allowed_path?(file_path, paths.compact)
       raise InvalidPathError, "insecure path used '#{file_path}'"
     end
 
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index ca488053a1f..b6fd7ccc1bb 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -8,8 +8,8 @@ msgid ""
 msgstr ""
 "Project-Id-Version: gitlab 1.0.0\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2018-07-09 08:28+0200\n"
-"PO-Revision-Date: 2018-07-09 08:28+0200\n"
+"POT-Creation-Date: 2018-07-09 19:16+0200\n"
+"PO-Revision-Date: 2018-07-09 19:16+0200\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
 "Language: \n"
@@ -2099,9 +2099,18 @@ msgstr ""
 msgid "Environments|An error occurred while making the request."
 msgstr ""
 
+msgid "Environments|An error occurred while stopping the environment, please try again"
+msgstr ""
+
+msgid "Environments|Are you sure you want to stop this environment?"
+msgstr ""
+
 msgid "Environments|Commit"
 msgstr ""
 
+msgid "Environments|Deploy to..."
+msgstr ""
+
 msgid "Environments|Deployment"
 msgstr ""
 
@@ -2114,27 +2123,39 @@ msgstr ""
 msgid "Environments|Job"
 msgstr ""
 
+msgid "Environments|Learn more about stopping environments"
+msgstr ""
+
 msgid "Environments|New environment"
 msgstr ""
 
 msgid "Environments|No deployments yet"
 msgstr ""
 
-msgid "Environments|Open"
+msgid "Environments|Note that this action will stop the environment, but it will %{emphasis_start}not%{emphasis_end} have an effect on any existing deployment due to no “stop environment action” being defined in the %{ci_config_link_start}.gitlab-ci.yml%{ci_config_link_end} file."
 msgstr ""
 
-msgid "Environments|Re-deploy"
+msgid "Environments|Open live environment"
+msgstr ""
+
+msgid "Environments|Re-deploy to environment"
 msgstr ""
 
 msgid "Environments|Read more about environments"
 msgstr ""
 
-msgid "Environments|Rollback"
+msgid "Environments|Rollback environment"
 msgstr ""
 
 msgid "Environments|Show all"
 msgstr ""
 
+msgid "Environments|Stop"
+msgstr ""
+
+msgid "Environments|Stop environment"
+msgstr ""
+
 msgid "Environments|Updated"
 msgstr ""
 
@@ -3799,9 +3820,6 @@ msgstr ""
 msgid "Quick actions can be used in the issues description and comment boxes."
 msgstr ""
 
-msgid "Re-deploy"
-msgstr ""
-
 msgid "Read more"
 msgstr ""
 
@@ -3936,9 +3954,6 @@ msgstr ""
 msgid "Reviewing (merge request !%{mergeRequestId})"
 msgstr ""
 
-msgid "Rollback"
-msgstr ""
-
 msgid "Runner token"
 msgstr ""
 
diff --git a/qa/qa/runtime/release.rb b/qa/qa/runtime/release.rb
index 12e56404cf6..4f83a773645 100644
--- a/qa/qa/runtime/release.rb
+++ b/qa/qa/runtime/release.rb
@@ -21,7 +21,7 @@ module QA
       end
 
       def self.method_missing(name, *args)
-        self.new.strategy.public_send(name, *args) # rubocop:disable GitlabSecurity/PublicSend
+        self.new.strategy.public_send(name, *args)
       end
     end
   end
diff --git a/rubocop/cop/line_break_around_conditional_block.rb b/rubocop/cop/line_break_around_conditional_block.rb
index 8b6052fee1b..011f2bcf8bf 100644
--- a/rubocop/cop/line_break_around_conditional_block.rb
+++ b/rubocop/cop/line_break_around_conditional_block.rb
@@ -43,6 +43,8 @@ module RuboCop
     #      end
     #    end
     class LineBreakAroundConditionalBlock < RuboCop::Cop::Cop
+      include RangeHelp
+
       MSG = 'Add a line break around conditional blocks'
 
       def on_if(node)
diff --git a/spec/controllers/projects/forks_controller_spec.rb b/spec/controllers/projects/forks_controller_spec.rb
index e20623c0ac1..945b6142abf 100644
--- a/spec/controllers/projects/forks_controller_spec.rb
+++ b/spec/controllers/projects/forks_controller_spec.rb
@@ -31,7 +31,7 @@ describe Projects::ForksController do
 
     context 'when fork is private' do
       before do
-        forked_project.update_attributes(visibility_level: Project::PRIVATE, group: group)
+        forked_project.update(visibility_level: Project::PRIVATE, group: group)
       end
 
       it 'is not be visible for non logged in users' do
diff --git a/spec/controllers/projects/group_links_controller_spec.rb b/spec/controllers/projects/group_links_controller_spec.rb
index 72f6af112b3..78c6f7839b4 100644
--- a/spec/controllers/projects/group_links_controller_spec.rb
+++ b/spec/controllers/projects/group_links_controller_spec.rb
@@ -23,7 +23,7 @@ describe Projects::GroupLinksController do
 
     context 'when project is not allowed to be shared with a group' do
       before do
-        group.update_attributes(share_with_group_lock: false)
+        group.update(share_with_group_lock: false)
       end
 
       include_context 'link project to group'
diff --git a/spec/controllers/projects/imports_controller_spec.rb b/spec/controllers/projects/imports_controller_spec.rb
index 812833cc86b..6f06210f3de 100644
--- a/spec/controllers/projects/imports_controller_spec.rb
+++ b/spec/controllers/projects/imports_controller_spec.rb
@@ -29,7 +29,7 @@ describe Projects::ImportsController do
 
       context 'when import is in progress' do
         before do
-          project.update_attributes(import_status: :started)
+          project.update(import_status: :started)
         end
 
         it 'renders template' do
@@ -47,7 +47,7 @@ describe Projects::ImportsController do
 
       context 'when import failed' do
         before do
-          project.update_attributes(import_status: :failed)
+          project.update(import_status: :failed)
         end
 
         it 'redirects to new_namespace_project_import_path' do
@@ -59,7 +59,7 @@ describe Projects::ImportsController do
 
       context 'when import finished' do
         before do
-          project.update_attributes(import_status: :finished)
+          project.update(import_status: :finished)
         end
 
         context 'when project is a fork' do
@@ -108,7 +108,7 @@ describe Projects::ImportsController do
 
       context 'when import never happened' do
         before do
-          project.update_attributes(import_status: :none)
+          project.update(import_status: :none)
         end
 
         it 'redirects to namespace_project_path' do
diff --git a/spec/controllers/projects/jobs_controller_spec.rb b/spec/controllers/projects/jobs_controller_spec.rb
index e6332a10265..6be27126383 100644
--- a/spec/controllers/projects/jobs_controller_spec.rb
+++ b/spec/controllers/projects/jobs_controller_spec.rb
@@ -216,17 +216,19 @@ describe Projects::JobsController, :clean_gitlab_redis_shared_state do
     end
 
     context 'when trace artifact is in ObjectStorage' do
+      let(:url) { 'http://object-storage/trace' }
+      let(:file_path) { expand_fixture_path('trace/sample_trace') }
       let!(:job) { create(:ci_build, :success, :trace_artifact, pipeline: pipeline) }
 
       before do
         allow_any_instance_of(JobArtifactUploader).to receive(:file_storage?) { false }
-        allow_any_instance_of(JobArtifactUploader).to receive(:url) { remote_trace_url }
-        allow_any_instance_of(JobArtifactUploader).to receive(:size) { remote_trace_size }
+        allow_any_instance_of(JobArtifactUploader).to receive(:url) { url }
+        allow_any_instance_of(JobArtifactUploader).to receive(:size) { File.size(file_path) }
       end
 
       context 'when there are no network issues' do
         before do
-          stub_remote_trace_206
+          stub_remote_url_206(url, file_path)
 
           get_trace
         end
@@ -241,11 +243,11 @@ describe Projects::JobsController, :clean_gitlab_redis_shared_state do
 
       context 'when there is a network issue' do
         before do
-          stub_remote_trace_500
+          stub_remote_url_500(url)
         end
 
         it 'returns a trace' do
-          expect { get_trace }.to raise_error(Gitlab::Ci::Trace::HttpIO::FailedToGetChunkError)
+          expect { get_trace }.to raise_error(Gitlab::HttpIO::FailedToGetChunkError)
         end
       end
     end
diff --git a/spec/controllers/projects/merge_requests_controller_spec.rb b/spec/controllers/projects/merge_requests_controller_spec.rb
index 7f5f0b76c51..444415011a9 100644
--- a/spec/controllers/projects/merge_requests_controller_spec.rb
+++ b/spec/controllers/projects/merge_requests_controller_spec.rb
@@ -315,7 +315,7 @@ describe Projects::MergeRequestsController do
 
     context 'when the merge request is not mergeable' do
       before do
-        merge_request.update_attributes(title: "WIP: #{merge_request.title}")
+        merge_request.update(title: "WIP: #{merge_request.title}")
 
         post :merge, base_params
       end
diff --git a/spec/controllers/projects_controller_spec.rb b/spec/controllers/projects_controller_spec.rb
index a2dfc43e9f7..fd7d867f9e5 100644
--- a/spec/controllers/projects_controller_spec.rb
+++ b/spec/controllers/projects_controller_spec.rb
@@ -166,7 +166,7 @@ describe ProjectsController do
       User.project_views.keys.each do |project_view|
         context "with #{project_view} view set" do
           before do
-            user.update_attributes(project_view: project_view)
+            user.update(project_view: project_view)
 
             get :show, namespace_id: empty_project.namespace, id: empty_project
           end
@@ -188,7 +188,7 @@ describe ProjectsController do
       User.project_views.keys.each do |project_view|
         context "with #{project_view} view set" do
           before do
-            user.update_attributes(project_view: project_view)
+            user.update(project_view: project_view)
 
             get :show, namespace_id: empty_project.namespace, id: empty_project
           end
diff --git a/spec/factories/issues.rb b/spec/factories/issues.rb
index 3a35bdd25de..4d4f74e101e 100644
--- a/spec/factories/issues.rb
+++ b/spec/factories/issues.rb
@@ -27,7 +27,7 @@ FactoryBot.define do
       end
 
       after(:create) do |issue, evaluator|
-        issue.update_attributes(labels: evaluator.labels)
+        issue.update(labels: evaluator.labels)
       end
     end
   end
diff --git a/spec/factories/merge_requests.rb b/spec/factories/merge_requests.rb
index 3441ce1b8cb..f722bb9cb0d 100644
--- a/spec/factories/merge_requests.rb
+++ b/spec/factories/merge_requests.rb
@@ -117,7 +117,7 @@ FactoryBot.define do
       end
 
       after(:create) do |merge_request, evaluator|
-        merge_request.update_attributes(labels: evaluator.labels)
+        merge_request.update(labels: evaluator.labels)
       end
     end
   end
diff --git a/spec/features/commits_spec.rb b/spec/features/commits_spec.rb
index 87fa3f60826..29fcf89fa7a 100644
--- a/spec/features/commits_spec.rb
+++ b/spec/features/commits_spec.rb
@@ -89,7 +89,7 @@ describe 'Commits' do
 
         context 'Download artifacts' do
           before do
-            build.update_attributes(legacy_artifacts_file: artifacts_file)
+            build.update(legacy_artifacts_file: artifacts_file)
           end
 
           it do
@@ -146,7 +146,7 @@ describe 'Commits' do
       context "when logged as reporter" do
         before do
           project.add_reporter(user)
-          build.update_attributes(legacy_artifacts_file: artifacts_file)
+          build.update(legacy_artifacts_file: artifacts_file)
           visit pipeline_path(pipeline)
         end
 
@@ -168,7 +168,7 @@ describe 'Commits' do
           project.update(
             visibility_level: Gitlab::VisibilityLevel::INTERNAL,
             public_builds: false)
-          build.update_attributes(legacy_artifacts_file: artifacts_file)
+          build.update(legacy_artifacts_file: artifacts_file)
           visit pipeline_path(pipeline)
         end
 
diff --git a/spec/features/dashboard/projects_spec.rb b/spec/features/dashboard/projects_spec.rb
index 8647616101b..4daacc61d85 100644
--- a/spec/features/dashboard/projects_spec.rb
+++ b/spec/features/dashboard/projects_spec.rb
@@ -59,7 +59,7 @@ describe 'Dashboard Projects' do
 
   context 'when last_repository_updated_at, last_activity_at and update_at are present' do
     it 'shows the last_repository_updated_at attribute as the update date' do
-      project.update_attributes!(last_repository_updated_at: Time.now, last_activity_at: 1.hour.ago)
+      project.update!(last_repository_updated_at: Time.now, last_activity_at: 1.hour.ago)
 
       visit dashboard_projects_path
 
@@ -67,7 +67,7 @@ describe 'Dashboard Projects' do
     end
 
     it 'shows the last_activity_at attribute as the update date' do
-      project.update_attributes!(last_repository_updated_at: 1.hour.ago, last_activity_at: Time.now)
+      project.update!(last_repository_updated_at: 1.hour.ago, last_activity_at: Time.now)
 
       visit dashboard_projects_path
 
@@ -77,7 +77,7 @@ describe 'Dashboard Projects' do
 
   context 'when last_repository_updated_at and last_activity_at are missing' do
     it 'shows the updated_at attribute as the update date' do
-      project.update_attributes!(last_repository_updated_at: nil, last_activity_at: nil)
+      project.update!(last_repository_updated_at: nil, last_activity_at: nil)
       project.touch
 
       visit dashboard_projects_path
diff --git a/spec/features/groups/members/request_access_spec.rb b/spec/features/groups/members/request_access_spec.rb
index 1c833c36a61..94510f917a3 100644
--- a/spec/features/groups/members/request_access_spec.rb
+++ b/spec/features/groups/members/request_access_spec.rb
@@ -13,7 +13,7 @@ describe 'Groups > Members > Request access' do
   end
 
   it 'request access feature is disabled' do
-    group.update_attributes(request_access_enabled: false)
+    group.update(request_access_enabled: false)
     visit group_path(group)
 
     expect(page).not_to have_content 'Request Access'
diff --git a/spec/features/issues/issue_sidebar_spec.rb b/spec/features/issues/issue_sidebar_spec.rb
index b4cb3835a13..3050f23c130 100644
--- a/spec/features/issues/issue_sidebar_spec.rb
+++ b/spec/features/issues/issue_sidebar_spec.rb
@@ -112,7 +112,7 @@ describe 'Issue Sidebar' do
 
     context 'editing issue labels', :js do
       before do
-        issue.update_attributes(labels: [label])
+        issue.update(labels: [label])
         page.within('.block.labels') do
           find('.edit-link').click
         end
diff --git a/spec/features/merge_request/user_posts_diff_notes_spec.rb b/spec/features/merge_request/user_posts_diff_notes_spec.rb
index 13cc5f256eb..02d19db3828 100644
--- a/spec/features/merge_request/user_posts_diff_notes_spec.rb
+++ b/spec/features/merge_request/user_posts_diff_notes_spec.rb
@@ -198,7 +198,7 @@ describe 'Merge request > User posts diff notes', :js do
 
   context 'when the MR only supports legacy diff notes' do
     before do
-      merge_request.merge_request_diff.update_attributes(start_commit_sha: nil)
+      merge_request.merge_request_diff.update(start_commit_sha: nil)
       visit diffs_project_merge_request_path(project, merge_request, view: 'inline')
     end
 
diff --git a/spec/features/milestones/user_edits_milestone_spec.rb b/spec/features/milestones/user_edits_milestone_spec.rb
new file mode 100644
index 00000000000..077295f1cc0
--- /dev/null
+++ b/spec/features/milestones/user_edits_milestone_spec.rb
@@ -0,0 +1,22 @@
+require "rails_helper"
+
+describe "User edits milestone", :js do
+  set(:user) { create(:user) }
+  set(:project) { create(:project) }
+  set(:milestone) { create(:milestone, project: project, start_date: Date.today, due_date: 5.days.from_now) }
+
+  before do
+    project.add_developer(user)
+    sign_in(user)
+
+    visit(edit_project_milestone_path(project, milestone))
+  end
+
+  it "shows the right start date and due date" do
+    start_date = milestone.start_date.strftime("%F")
+    due_date = milestone.due_date.strftime("%F")
+
+    expect(page).to have_field(with: start_date)
+    expect(page).to have_field(with: due_date)
+  end
+end
diff --git a/spec/features/profiles/password_spec.rb b/spec/features/profiles/password_spec.rb
index f9c6ff90ca1..5e3569e4beb 100644
--- a/spec/features/profiles/password_spec.rb
+++ b/spec/features/profiles/password_spec.rb
@@ -117,7 +117,7 @@ describe 'Profile > Password' do
     before do
       sign_in(user)
 
-      user.update_attributes(password_expires_at: 1.hour.ago)
+      user.update(password_expires_at: 1.hour.ago)
       user.identities.delete
       expect(user.ldap_user?).to eq false
     end
diff --git a/spec/features/projects/environments/environment_spec.rb b/spec/features/projects/environments/environment_spec.rb
index 0c34309c1f4..624f7139605 100644
--- a/spec/features/projects/environments/environment_spec.rb
+++ b/spec/features/projects/environments/environment_spec.rb
@@ -166,7 +166,8 @@ describe 'Environment' do
                 end
 
                 it 'allows to stop environment' do
-                  click_link('Stop')
+                  click_button('Stop')
+                  click_button('Stop environment') # confirm modal
 
                   expect(page).to have_content('close_app')
                 end
@@ -174,7 +175,7 @@ describe 'Environment' do
 
               context 'when user has no ability to stop environment' do
                 it 'does not allow to stop environment' do
-                  expect(page).to have_no_link('Stop')
+                  expect(page).not_to have_button('Stop')
                 end
               end
 
@@ -182,7 +183,7 @@ describe 'Environment' do
                 let(:role) { :reporter }
 
                 it 'does not show stop button' do
-                  expect(page).not_to have_link('Stop')
+                  expect(page).not_to have_button('Stop')
                 end
               end
             end
@@ -192,7 +193,7 @@ describe 'Environment' do
             let(:environment) { create(:environment, project: project, state: :stopped) }
 
             it 'does not show stop button' do
-              expect(page).not_to have_link('Stop')
+              expect(page).not_to have_button('Stop')
             end
           end
         end
@@ -230,7 +231,7 @@ describe 'Environment' do
     it 'user visits environment page' do
       visit_environment(environment)
 
-      expect(page).to have_link('Stop')
+      expect(page).to have_button('Stop')
     end
 
     it 'user deletes the branch with running environment' do
@@ -242,7 +243,7 @@ describe 'Environment' do
 
       visit_environment(environment)
 
-      expect(page).to have_no_link('Stop')
+      expect(page).not_to have_button('Stop')
     end
 
     ##
diff --git a/spec/features/projects/environments/environments_spec.rb b/spec/features/projects/environments/environments_spec.rb
index 9900c13095e..c2ed753c409 100644
--- a/spec/features/projects/environments/environments_spec.rb
+++ b/spec/features/projects/environments/environments_spec.rb
@@ -10,6 +10,10 @@ describe 'Environments page', :js do
     sign_in(user)
   end
 
+  def stop_button_selector
+    %q{button[data-original-title="Stop environment"]}
+  end
+
   describe 'page tabs' do
     it 'shows "Available" and "Stopped" tab with links' do
       visit_environments(project)
@@ -120,7 +124,7 @@ describe 'Environments page', :js do
       end
 
       it 'does not show stip button when environment is not stoppable' do
-        expect(page).not_to have_selector('.stop-env-link')
+        expect(page).not_to have_selector(stop_button_selector)
       end
     end
 
@@ -178,7 +182,7 @@ describe 'Environments page', :js do
         end
 
         it 'shows a stop button' do
-          expect(page).not_to have_selector('.stop-env-link')
+          expect(page).not_to have_selector(stop_button_selector)
         end
 
         it 'does not show external link button' do
@@ -211,14 +215,14 @@ describe 'Environments page', :js do
           end
 
           it 'shows a stop button' do
-            expect(page).to have_selector('.stop-env-link')
+            expect(page).to have_selector(stop_button_selector)
           end
 
           context 'when user is a reporter' do
             let(:role) { :reporter }
 
             it 'does not show stop button' do
-              expect(page).not_to have_selector('.stop-env-link')
+              expect(page).not_to have_selector(stop_button_selector)
             end
           end
         end
diff --git a/spec/features/projects/files/user_browses_files_spec.rb b/spec/features/projects/files/user_browses_files_spec.rb
index 41f6c52fb8a..f56174fc85c 100644
--- a/spec/features/projects/files/user_browses_files_spec.rb
+++ b/spec/features/projects/files/user_browses_files_spec.rb
@@ -147,11 +147,8 @@ describe "User browses files" do
         page.within(".tree-table") do
           click_link("README.md")
         end
-
-        # rubocop:disable Lint/Void
         # Test the full URLs of links instead of relative paths by `have_link(text: "...", href: "...")`.
         find("a", text: /^empty$/)["href"] == project_blob_url(project, "markdown/d/README.md")
-        # rubocop:enable Lint/Void
       end
 
       it "shows correct content of directory" do
diff --git a/spec/features/projects/jobs/permissions_spec.rb b/spec/features/projects/jobs/permissions_spec.rb
index e9588daf37d..e639f0cf82e 100644
--- a/spec/features/projects/jobs/permissions_spec.rb
+++ b/spec/features/projects/jobs/permissions_spec.rb
@@ -90,7 +90,7 @@ describe 'Project Jobs Permissions' do
       before do
         archive = fixture_file_upload('spec/fixtures/ci_build_artifacts.zip')
 
-        job.update_attributes(legacy_artifacts_file: archive)
+        job.update(legacy_artifacts_file: archive)
       end
 
       context 'when public access for jobs is disabled' do
diff --git a/spec/features/projects/jobs_spec.rb b/spec/features/projects/jobs_spec.rb
index c742eb79392..35b1c46ecf6 100644
--- a/spec/features/projects/jobs_spec.rb
+++ b/spec/features/projects/jobs_spec.rb
@@ -187,7 +187,7 @@ describe 'Jobs', :clean_gitlab_redis_shared_state do
 
     context "Download artifacts" do
       before do
-        job.update_attributes(legacy_artifacts_file: artifacts_file)
+        job.update(legacy_artifacts_file: artifacts_file)
         visit project_job_path(project, job)
       end
 
@@ -198,8 +198,8 @@ describe 'Jobs', :clean_gitlab_redis_shared_state do
 
     context 'Artifacts expire date' do
       before do
-        job.update_attributes(legacy_artifacts_file: artifacts_file,
-                              artifacts_expire_at: expire_at)
+        job.update(legacy_artifacts_file: artifacts_file,
+                   artifacts_expire_at: expire_at)
 
         visit project_job_path(project, job)
       end
@@ -530,14 +530,14 @@ describe 'Jobs', :clean_gitlab_redis_shared_state do
 
   describe "GET /:project/jobs/:id/download" do
     before do
-      job.update_attributes(legacy_artifacts_file: artifacts_file)
+      job.update(legacy_artifacts_file: artifacts_file)
       visit project_job_path(project, job)
       click_link 'Download'
     end
 
     context "Build from other project" do
       before do
-        job2.update_attributes(legacy_artifacts_file: artifacts_file)
+        job2.update(legacy_artifacts_file: artifacts_file)
         visit download_project_job_artifacts_path(project, job2)
       end
 
diff --git a/spec/features/projects/members/user_requests_access_spec.rb b/spec/features/projects/members/user_requests_access_spec.rb
index 35d6ac1c650..5599cc9bf1b 100644
--- a/spec/features/projects/members/user_requests_access_spec.rb
+++ b/spec/features/projects/members/user_requests_access_spec.rb
@@ -11,7 +11,7 @@ describe 'Projects > Members > User requests access', :js do
   end
 
   it 'request access feature is disabled' do
-    project.update_attributes(request_access_enabled: false)
+    project.update(request_access_enabled: false)
     visit project_path(project)
 
     expect(page).not_to have_content 'Request Access'
diff --git a/spec/features/projects/merge_requests/user_comments_on_diff_spec.rb b/spec/features/projects/merge_requests/user_comments_on_diff_spec.rb
index 1828b60fec7..95666a667ac 100644
--- a/spec/features/projects/merge_requests/user_comments_on_diff_spec.rb
+++ b/spec/features/projects/merge_requests/user_comments_on_diff_spec.rb
@@ -31,7 +31,7 @@ describe 'User comments on a diff', :js do
           page.within('.files > div:nth-child(3)') do
             expect(page).to have_content('Line is wrong')
 
-            find('.js-toggle-diff-comments').click
+            find('.js-btn-vue-toggle-comments').click
 
             expect(page).not_to have_content('Line is wrong')
           end
@@ -64,7 +64,7 @@ describe 'User comments on a diff', :js do
 
           # Hide the comment.
           page.within('.files > div:nth-child(3)') do
-            find('.js-toggle-diff-comments').click
+            find('.js-btn-vue-toggle-comments').click
 
             expect(page).not_to have_content('Line is wrong')
           end
@@ -77,7 +77,7 @@ describe 'User comments on a diff', :js do
 
           # Show the comment.
           page.within('.files > div:nth-child(3)') do
-            find('.js-toggle-diff-comments').click
+            find('.js-btn-vue-toggle-comments').click
           end
 
           # Now both the comments should be shown.
diff --git a/spec/features/projects/pipelines/pipelines_spec.rb b/spec/features/projects/pipelines/pipelines_spec.rb
index 9c165b17704..7d47e342e92 100644
--- a/spec/features/projects/pipelines/pipelines_spec.rb
+++ b/spec/features/projects/pipelines/pipelines_spec.rb
@@ -606,7 +606,7 @@ describe 'Pipelines', :js do
       describe 'user clicks the button' do
         context 'when project already has jobs_cache_index' do
           before do
-            project.update_attributes(jobs_cache_index: 1)
+            project.update(jobs_cache_index: 1)
           end
 
           it 'increments jobs_cache_index' do
diff --git a/spec/features/projects/remote_mirror_spec.rb b/spec/features/projects/remote_mirror_spec.rb
index 53a3f6f474b..97db4a2b8f2 100644
--- a/spec/features/projects/remote_mirror_spec.rb
+++ b/spec/features/projects/remote_mirror_spec.rb
@@ -13,7 +13,7 @@ describe 'Project remote mirror', :feature do
 
     context 'when last_error is present but last_update_at is not' do
       it 'renders error message without timstamp' do
-        remote_mirror.update_attributes(last_error: 'Some new error', last_update_at: nil)
+        remote_mirror.update(last_error: 'Some new error', last_update_at: nil)
 
         visit project_mirror_path(project)
 
@@ -23,7 +23,7 @@ describe 'Project remote mirror', :feature do
 
     context 'when last_error and last_update_at are present' do
       it 'renders error message with timestamp' do
-        remote_mirror.update_attributes(last_error: 'Some new error', last_update_at: Time.now - 5.minutes)
+        remote_mirror.update(last_error: 'Some new error', last_update_at: Time.now - 5.minutes)
 
         visit project_mirror_path(project)
 
diff --git a/spec/features/projects/services/user_activates_slack_notifications_spec.rb b/spec/features/projects/services/user_activates_slack_notifications_spec.rb
index fae9ebd1bd6..727b1fe2d11 100644
--- a/spec/features/projects/services/user_activates_slack_notifications_spec.rb
+++ b/spec/features/projects/services/user_activates_slack_notifications_spec.rb
@@ -29,7 +29,7 @@ describe 'User activates Slack notifications' do
   context 'when service is already configured' do
     before do
       service.fields
-      service.update_attributes(
+      service.update(
         push_channel: 1,
         issue_channel: 2,
         merge_request_channel: 3,
diff --git a/spec/features/projects/show/user_sees_deletion_failure_message_spec.rb b/spec/features/projects/show/user_sees_deletion_failure_message_spec.rb
index aa23bef6fd8..d9d57298929 100644
--- a/spec/features/projects/show/user_sees_deletion_failure_message_spec.rb
+++ b/spec/features/projects/show/user_sees_deletion_failure_message_spec.rb
@@ -8,7 +8,7 @@ describe 'Projects > Show > User sees a deletion failure message' do
   end
 
   it 'shows error message if deletion for project fails' do
-    project.update_attributes(delete_error: "Something went wrong", pending_delete: false)
+    project.update(delete_error: "Something went wrong", pending_delete: false)
 
     visit project_path(project)
 
diff --git a/spec/features/signed_commits_spec.rb b/spec/features/signed_commits_spec.rb
index db141ef7096..bc9443c6093 100644
--- a/spec/features/signed_commits_spec.rb
+++ b/spec/features/signed_commits_spec.rb
@@ -23,7 +23,7 @@ describe 'GPG signed commits', :js do
     # user changes his email which makes the gpg key verified
     Sidekiq::Testing.inline! do
       user.skip_reconfirmation!
-      user.update_attributes!(email: GpgHelpers::User1.emails.first)
+      user.update!(email: GpgHelpers::User1.emails.first)
     end
 
     visit project_commits_path(project, :'signed-commits')
diff --git a/spec/finders/group_projects_finder_spec.rb b/spec/finders/group_projects_finder_spec.rb
index be80ee7d767..0a69c03e491 100644
--- a/spec/finders/group_projects_finder_spec.rb
+++ b/spec/finders/group_projects_finder_spec.rb
@@ -81,7 +81,7 @@ describe GroupProjectsFinder do
 
       context "with external user" do
         before do
-          current_user.update_attributes(external: true)
+          current_user.update(external: true)
         end
 
         it { is_expected.to match_array([shared_project_2, shared_project_1]) }
@@ -112,7 +112,7 @@ describe GroupProjectsFinder do
 
       context "with external user" do
         before do
-          current_user.update_attributes(external: true)
+          current_user.update(external: true)
         end
 
         context 'with subgroups projects', :nested_groups do
diff --git a/spec/finders/joined_groups_finder_spec.rb b/spec/finders/joined_groups_finder_spec.rb
index 29a47e005a6..7f77a713b12 100644
--- a/spec/finders/joined_groups_finder_spec.rb
+++ b/spec/finders/joined_groups_finder_spec.rb
@@ -53,7 +53,7 @@ describe JoinedGroupsFinder do
 
       context 'external users' do
         before do
-          profile_visitor.update_attributes(external: true)
+          profile_visitor.update(external: true)
         end
 
         context 'if not a member' do
diff --git a/spec/finders/move_to_project_finder_spec.rb b/spec/finders/move_to_project_finder_spec.rb
index 74639d4147f..e1faf3d569c 100644
--- a/spec/finders/move_to_project_finder_spec.rb
+++ b/spec/finders/move_to_project_finder_spec.rb
@@ -45,7 +45,7 @@ describe MoveToProjectFinder do
 
       it 'does not return projects for which issues are disabled' do
         reporter_project.add_reporter(user)
-        reporter_project.update_attributes(issues_enabled: false)
+        reporter_project.update(issues_enabled: false)
         other_reporter_project = create(:project)
         other_reporter_project.add_reporter(user)
 
diff --git a/spec/finders/personal_projects_finder_spec.rb b/spec/finders/personal_projects_finder_spec.rb
index 00c551a1f65..ef7dd0cd4a8 100644
--- a/spec/finders/personal_projects_finder_spec.rb
+++ b/spec/finders/personal_projects_finder_spec.rb
@@ -35,7 +35,7 @@ describe PersonalProjectsFinder do
 
     context 'external' do
       before do
-        current_user.update_attributes(external: true)
+        current_user.update(external: true)
       end
 
       it { is_expected.to eq([public_project, private_project]) }
diff --git a/spec/helpers/blob_helper_spec.rb b/spec/helpers/blob_helper_spec.rb
index a3e010c3206..1c216b3fe97 100644
--- a/spec/helpers/blob_helper_spec.rb
+++ b/spec/helpers/blob_helper_spec.rb
@@ -65,9 +65,9 @@ describe BlobHelper do
 
   describe "#sanitize_svg_data" do
     let(:input_svg_path) { File.join(Rails.root, 'spec', 'fixtures', 'unsanitized.svg') }
-    let(:data) { open(input_svg_path).read }
+    let(:data) { File.read(input_svg_path) }
     let(:expected_svg_path) { File.join(Rails.root, 'spec', 'fixtures', 'sanitized.svg') }
-    let(:expected) { open(expected_svg_path).read }
+    let(:expected) { File.read(expected_svg_path) }
 
     it 'retains essential elements' do
       expect(sanitize_svg_data(data)).to eq(expected)
diff --git a/spec/helpers/time_helper_spec.rb b/spec/helpers/time_helper_spec.rb
index 21f35585367..0b371d69ecf 100644
--- a/spec/helpers/time_helper_spec.rb
+++ b/spec/helpers/time_helper_spec.rb
@@ -4,10 +4,12 @@ describe TimeHelper do
   describe "#time_interval_in_words" do
     it "returns minutes and seconds" do
       intervals_in_words = {
-        100 => "1 minute 40 seconds",
-        100.32 => "1 minute 40 seconds",
-        121 => "2 minutes 1 second",
-        3721 => "62 minutes 1 second",
+        60 => "1 minute",
+        100 => "1 minute and 40 seconds",
+        100.32 => "1 minute and 40 seconds",
+        120 => "2 minutes",
+        121 => "2 minutes and 1 second",
+        3721 => "62 minutes and 1 second",
         0 => "0 seconds"
       }
 
diff --git a/spec/javascripts/diffs/components/changed_files_spec.js b/spec/javascripts/diffs/components/changed_files_spec.js
index 2d57af6137c..f737e8fa38e 100644
--- a/spec/javascripts/diffs/components/changed_files_spec.js
+++ b/spec/javascripts/diffs/components/changed_files_spec.js
@@ -1,12 +1,17 @@
 import Vue from 'vue';
-import $ from 'jquery';
+import Vuex from 'vuex';
 import { mountComponentWithStore } from 'spec/helpers';
-import store from '~/diffs/store';
-import ChangedFiles from '~/diffs/components/changed_files.vue';
+import diffsModule from '~/diffs/store/modules';
+import changedFiles from '~/diffs/components/changed_files.vue';
 
 describe('ChangedFiles', () => {
-  const Component = Vue.extend(ChangedFiles);
-  const createComponent = props => mountComponentWithStore(Component, { props, store });
+  const Component = Vue.extend(changedFiles);
+  const store = new Vuex.Store({
+    modules: {
+      diffs: diffsModule,
+    },
+  });
+
   let vm;
 
   beforeEach(() => {
@@ -14,6 +19,7 @@ describe('ChangedFiles', () => {
       <div id="dummy-element"></div>
       <div class="js-tabs-affix"></div>
     `);
+
     const props = {
       diffFiles: [
         {
@@ -26,7 +32,8 @@ describe('ChangedFiles', () => {
         },
       ],
     };
-    vm = createComponent(props);
+
+    vm = mountComponentWithStore(Component, { props, store });
   });
 
   describe('with single file added', () => {
@@ -40,58 +47,56 @@ describe('ChangedFiles', () => {
     });
   });
 
-  describe('template', () => {
-    describe('diff view mode buttons', () => {
-      let inlineButton;
-      let parallelButton;
+  describe('diff view mode buttons', () => {
+    let inlineButton;
+    let parallelButton;
 
-      beforeEach(() => {
-        inlineButton = vm.$el.querySelector('.js-inline-diff-button');
-        parallelButton = vm.$el.querySelector('.js-parallel-diff-button');
+    beforeEach(() => {
+      inlineButton = vm.$el.querySelector('.js-inline-diff-button');
+      parallelButton = vm.$el.querySelector('.js-parallel-diff-button');
+    });
+
+    it('should have Inline and Side-by-side buttons', () => {
+      expect(inlineButton).toBeDefined();
+      expect(parallelButton).toBeDefined();
+    });
+
+    it('should add active class to Inline button', done => {
+      vm.$store.state.diffs.diffViewType = 'inline';
+
+      vm.$nextTick(() => {
+        expect(inlineButton.classList.contains('active')).toEqual(true);
+        expect(parallelButton.classList.contains('active')).toEqual(false);
+
+        done();
       });
+    });
 
-      it('should have Inline and Side-by-side buttons', () => {
-        expect(inlineButton).toBeDefined();
-        expect(parallelButton).toBeDefined();
+    it('should toggle active state of buttons when diff view type changed', done => {
+      vm.$store.state.diffs.diffViewType = 'parallel';
+
+      vm.$nextTick(() => {
+        expect(inlineButton.classList.contains('active')).toEqual(false);
+        expect(parallelButton.classList.contains('active')).toEqual(true);
+
+        done();
       });
+    });
 
-      it('should add active class to Inline button', done => {
-        vm.$store.state.diffs.diffViewType = 'inline';
-
-        vm.$nextTick(() => {
-          expect(inlineButton.classList.contains('active')).toEqual(true);
-          expect(parallelButton.classList.contains('active')).toEqual(false);
-
-          done();
-        });
-      });
-
-      it('should toggle active state of buttons when diff view type changed', done => {
-        vm.$store.state.diffs.diffViewType = 'parallel';
+    describe('clicking them', () => {
+      it('should toggle the diff view type', done => {
+        parallelButton.click();
 
         vm.$nextTick(() => {
           expect(inlineButton.classList.contains('active')).toEqual(false);
           expect(parallelButton.classList.contains('active')).toEqual(true);
 
-          done();
-        });
-      });
-
-      describe('clicking them', () => {
-        it('should toggle the diff view type', done => {
-          $(parallelButton).click();
+          inlineButton.click();
 
           vm.$nextTick(() => {
-            expect(inlineButton.classList.contains('active')).toEqual(false);
-            expect(parallelButton.classList.contains('active')).toEqual(true);
-
-            $(inlineButton).click();
-
-            vm.$nextTick(() => {
-              expect(inlineButton.classList.contains('active')).toEqual(true);
-              expect(parallelButton.classList.contains('active')).toEqual(false);
-              done();
-            });
+            expect(inlineButton.classList.contains('active')).toEqual(true);
+            expect(parallelButton.classList.contains('active')).toEqual(false);
+            done();
           });
         });
       });
diff --git a/spec/javascripts/diffs/components/diff_file_header_spec.js b/spec/javascripts/diffs/components/diff_file_header_spec.js
index 05f5d47ce42..e4658a635f5 100644
--- a/spec/javascripts/diffs/components/diff_file_header_spec.js
+++ b/spec/javascripts/diffs/components/diff_file_header_spec.js
@@ -1,7 +1,10 @@
 import Vue from 'vue';
+import Vuex from 'vuex';
+import diffsModule from '~/diffs/store/modules';
+import notesModule from '~/notes/stores/modules';
 import DiffFileHeader from '~/diffs/components/diff_file_header.vue';
 import { convertObjectPropsToCamelCase } from '~/lib/utils/common_utils';
-import mountComponent from 'spec/helpers/vue_mount_component_helper';
+import mountComponent, { mountComponentWithStore } from 'spec/helpers/vue_mount_component_helper';
 
 const discussionFixture = 'merge_requests/diff_discussion.json';
 
@@ -9,6 +12,12 @@ describe('diff_file_header', () => {
   let vm;
   let props;
   const Component = Vue.extend(DiffFileHeader);
+  const store = new Vuex.Store({
+    modules: {
+      diffs: diffsModule,
+      notes: notesModule,
+    },
+  });
 
   beforeEach(() => {
     const diffDiscussionMock = getJSONFixture(discussionFixture)[0];
@@ -26,13 +35,13 @@ describe('diff_file_header', () => {
   describe('computed', () => {
     describe('icon', () => {
       beforeEach(() => {
-        props.diffFile.blob.icon = 'dummy icon';
+        props.diffFile.blob.icon = 'file-text-o';
       });
 
       it('returns the blob icon for files', () => {
         props.diffFile.submodule = false;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.icon).toBe(props.diffFile.blob.icon);
       });
@@ -40,7 +49,7 @@ describe('diff_file_header', () => {
       it('returns the archive icon for submodules', () => {
         props.diffFile.submodule = true;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.icon).toBe('archive');
       });
@@ -58,7 +67,7 @@ describe('diff_file_header', () => {
       it('returns the fileHash for files', () => {
         props.diffFile.submodule = false;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.titleLink).toBe(`#${props.diffFile.fileHash}`);
       });
@@ -66,7 +75,7 @@ describe('diff_file_header', () => {
       it('returns the submoduleTreeUrl for submodules', () => {
         props.diffFile.submodule = true;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.titleLink).toBe(props.diffFile.submoduleTreeUrl);
       });
@@ -77,7 +86,7 @@ describe('diff_file_header', () => {
           submoduleTreeUrl: null,
         });
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.titleLink).toBe(props.diffFile.submoduleLink);
       });
@@ -94,7 +103,7 @@ describe('diff_file_header', () => {
       it('returns the filePath for files', () => {
         props.diffFile.submodule = false;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.filePath).toBe(props.diffFile.filePath);
       });
@@ -102,7 +111,7 @@ describe('diff_file_header', () => {
       it('appends the truncated blob id for submodules', () => {
         props.diffFile.submodule = true;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.filePath).toBe(
           `${props.diffFile.filePath} @ ${props.diffFile.blob.id.substr(0, 8)}`,
@@ -114,7 +123,7 @@ describe('diff_file_header', () => {
       it('returns a link tag if fileHash is set', () => {
         props.diffFile.fileHash = 'some hash';
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.titleTag).toBe('a');
       });
@@ -122,7 +131,7 @@ describe('diff_file_header', () => {
       it('returns a span tag if fileHash is not set', () => {
         props.diffFile.fileHash = null;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.titleTag).toBe('span');
       });
@@ -137,7 +146,7 @@ describe('diff_file_header', () => {
       });
 
       it('returns true if file is stored in LFS', () => {
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.isUsingLfs).toBe(true);
       });
@@ -145,7 +154,7 @@ describe('diff_file_header', () => {
       it('returns false if file is not stored externally', () => {
         props.diffFile.storedExternally = false;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.isUsingLfs).toBe(false);
       });
@@ -153,7 +162,7 @@ describe('diff_file_header', () => {
       it('returns false if file is not stored in LFS', () => {
         props.diffFile.externalStorage = 'not lfs';
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.isUsingLfs).toBe(false);
       });
@@ -163,7 +172,7 @@ describe('diff_file_header', () => {
       it('returns chevron-down if the diff is expanded', () => {
         props.expanded = true;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.collapseIcon).toBe('chevron-down');
       });
@@ -171,49 +180,18 @@ describe('diff_file_header', () => {
       it('returns chevron-right if the diff is collapsed', () => {
         props.expanded = false;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.collapseIcon).toBe('chevron-right');
       });
     });
 
-    describe('isDiscussionsExpanded', () => {
-      beforeEach(() => {
-        Object.assign(props, {
-          discussionsExpanded: true,
-          expanded: true,
-        });
-      });
-
-      it('returns true if diff and discussion are expanded', () => {
-        vm = mountComponent(Component, props);
-
-        expect(vm.isDiscussionsExpanded).toBe(true);
-      });
-
-      it('returns false if discussion is collapsed', () => {
-        props.discussionsExpanded = false;
-
-        vm = mountComponent(Component, props);
-
-        expect(vm.isDiscussionsExpanded).toBe(false);
-      });
-
-      it('returns false if diff is collapsed', () => {
-        props.expanded = false;
-
-        vm = mountComponent(Component, props);
-
-        expect(vm.isDiscussionsExpanded).toBe(false);
-      });
-    });
-
     describe('viewFileButtonText', () => {
       it('contains the truncated content SHA', () => {
         const dummySha = 'deebd00f is no SHA';
         props.diffFile.contentSha = dummySha;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.viewFileButtonText).not.toContain(dummySha);
         expect(vm.viewFileButtonText).toContain(dummySha.substr(0, 8));
@@ -225,7 +203,7 @@ describe('diff_file_header', () => {
         const dummySha = 'deadabba sings no more';
         props.diffFile.diffRefs.baseSha = dummySha;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.viewReplacedFileButtonText).not.toContain(dummySha);
         expect(vm.viewReplacedFileButtonText).toContain(dummySha.substr(0, 8));
@@ -234,25 +212,25 @@ describe('diff_file_header', () => {
   });
 
   describe('methods', () => {
-    describe('handleToggle', () => {
+    describe('handleToggleFile', () => {
       beforeEach(() => {
         spyOn(vm, '$emit').and.stub();
       });
 
       it('emits toggleFile if checkTarget is false', () => {
-        vm.handleToggle(null, false);
+        vm.handleToggleFile(null, false);
 
         expect(vm.$emit).toHaveBeenCalledWith('toggleFile');
       });
 
       it('emits toggleFile if checkTarget is true and event target is header', () => {
-        vm.handleToggle({ target: vm.$refs.header }, true);
+        vm.handleToggleFile({ target: vm.$refs.header }, true);
 
         expect(vm.$emit).toHaveBeenCalledWith('toggleFile');
       });
 
       it('does not emit toggleFile if checkTarget is true and event target is not header', () => {
-        vm.handleToggle({ target: 'not header' }, true);
+        vm.handleToggleFile({ target: 'not header' }, true);
 
         expect(vm.$emit).not.toHaveBeenCalled();
       });
@@ -266,7 +244,7 @@ describe('diff_file_header', () => {
       it('is visible if collapsible is true', () => {
         props.collapsible = true;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(collapseToggle()).not.toBe(null);
       });
@@ -274,14 +252,14 @@ describe('diff_file_header', () => {
       it('is hidden if collapsible is false', () => {
         props.collapsible = false;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(collapseToggle()).toBe(null);
       });
     });
 
     it('displays an file icon in the title', () => {
-      vm = mountComponent(Component, props);
+      vm = mountComponentWithStore(Component, { props, store });
       expect(vm.$el.querySelector('svg.js-file-icon use').getAttribute('xlink:href')).toContain(
         'ruby',
       );
@@ -293,7 +271,7 @@ describe('diff_file_header', () => {
       it('displays the path of a added file', () => {
         props.diffFile.renamedFile = false;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(filePaths()).toHaveLength(1);
         expect(filePaths()[0]).toHaveText(props.diffFile.filePath);
@@ -303,7 +281,7 @@ describe('diff_file_header', () => {
         props.diffFile.renamedFile = false;
         props.diffFile.deletedFile = true;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(filePaths()).toHaveLength(1);
         expect(filePaths()[0]).toHaveText(`${props.diffFile.filePath} deleted`);
@@ -312,7 +290,7 @@ describe('diff_file_header', () => {
       it('displays old and new path if the file was renamed', () => {
         props.diffFile.renamedFile = true;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(filePaths()).toHaveLength(2);
         expect(filePaths()[0]).toHaveText(props.diffFile.oldPath);
@@ -321,7 +299,7 @@ describe('diff_file_header', () => {
     });
 
     it('displays a copy to clipboard button', () => {
-      vm = mountComponent(Component, props);
+      vm = mountComponentWithStore(Component, { props, store });
 
       const button = vm.$el.querySelector('.btn-clipboard');
       expect(button).not.toBe(null);
@@ -332,7 +310,7 @@ describe('diff_file_header', () => {
       it('it displays old and new file mode if it changed', () => {
         props.diffFile.modeChanged = true;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         const { fileMode } = vm.$refs;
         expect(fileMode).not.toBe(undefined);
@@ -343,7 +321,7 @@ describe('diff_file_header', () => {
       it('does not display the file mode if it has not changed', () => {
         props.diffFile.modeChanged = false;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         const { fileMode } = vm.$refs;
         expect(fileMode).toBe(undefined);
@@ -359,7 +337,7 @@ describe('diff_file_header', () => {
           externalStorage: 'lfs',
         });
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(lfsLabel()).not.toBe(null);
         expect(lfsLabel()).toHaveText('LFS');
@@ -368,7 +346,7 @@ describe('diff_file_header', () => {
       it('does not display the LFS label for files stored in repository', () => {
         props.diffFile.storedExternally = false;
 
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(lfsLabel()).toBe(null);
       });
@@ -376,7 +354,7 @@ describe('diff_file_header', () => {
 
     describe('edit button', () => {
       it('should not render edit button if addMergeRequestButtons is not true', () => {
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.$el.querySelector('.js-edit-blob')).toEqual(null);
       });
@@ -384,7 +362,7 @@ describe('diff_file_header', () => {
       it('should show edit button when file is editable', () => {
         props.addMergeRequestButtons = true;
         props.diffFile.editPath = '/';
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.$el.querySelector('.js-edit-blob')).toContainText('Edit');
       });
@@ -393,7 +371,7 @@ describe('diff_file_header', () => {
         props.addMergeRequestButtons = true;
         props.diffFile.deletedFile = true;
         props.diffFile.editPath = '/';
-        vm = mountComponent(Component, props);
+        vm = mountComponentWithStore(Component, { props, store });
 
         expect(vm.$el.querySelector('.js-edit-blob')).toEqual(null);
       });
@@ -413,7 +391,7 @@ describe('diff_file_header', () => {
           props.diffFile.externalUrl = url;
           props.diffFile.formattedExternalUrl = title;
 
-          vm = mountComponent(Component, props);
+          vm = mountComponentWithStore(Component, { props, store });
 
           expect(vm.$el.querySelector(`a[href="${url}"]`)).not.toBe(null);
           expect(vm.$el.querySelector(`a[data-original-title="View on ${title}"]`)).not.toBe(null);
@@ -423,11 +401,39 @@ describe('diff_file_header', () => {
           props.diffFile.externalUrl = '';
           props.diffFile.formattedExternalUrl = title;
 
-          vm = mountComponent(Component, props);
+          vm = mountComponentWithStore(Component, { props, store });
 
           expect(vm.$el.querySelector(`a[data-original-title="View on ${title}"]`)).toBe(null);
         });
       });
     });
+
+    describe('handles toggle discussions', () => {
+      it('dispatches toggleFileDiscussions when user clicks on toggle discussions button', () => {
+        const propsCopy = Object.assign({}, props);
+        propsCopy.diffFile.submodule = false;
+        propsCopy.diffFile.blob = {
+          id: '848ed9407c6730ff16edb3dd24485a0eea24292a',
+          path: 'lib/base.js',
+          name: 'base.js',
+          mode: '100644',
+          readableText: true,
+          icon: 'file-text-o',
+        };
+        propsCopy.addMergeRequestButtons = true;
+        propsCopy.diffFile.deletedFile = true;
+
+        vm = mountComponentWithStore(Component, {
+          props: propsCopy,
+          store,
+        });
+
+        spyOn(vm, 'toggleFileDiscussions');
+
+        vm.$el.querySelector('.js-btn-vue-toggle-comments').click();
+
+        expect(vm.toggleFileDiscussions).toHaveBeenCalled();
+      });
+    });
   });
 });
diff --git a/spec/javascripts/diffs/store/getters_spec.js b/spec/javascripts/diffs/store/getters_spec.js
index 7a94f18778b..bddf4d2aeac 100644
--- a/spec/javascripts/diffs/store/getters_spec.js
+++ b/spec/javascripts/diffs/store/getters_spec.js
@@ -1,8 +1,9 @@
 import * as getters from '~/diffs/store/getters';
 import state from '~/diffs/store/modules/diff_state';
 import { PARALLEL_DIFF_VIEW_TYPE, INLINE_DIFF_VIEW_TYPE } from '~/diffs/constants';
+import discussion from '../mock_data/diff_discussions';
 
-describe('DiffsStoreGetters', () => {
+describe('Diffs Module Getters', () => {
   let localState;
 
   beforeEach(() => {
@@ -63,4 +64,188 @@ describe('DiffsStoreGetters', () => {
       expect(getters.commitId(localState)).toEqual(null);
     });
   });
+
+  describe('diffHasAllExpandedDiscussions', () => {
+    it('returns true when all discussions are expanded', () => {
+      const diffFileMock = {
+        fileHash: '9732849daca6ae818696d9575f5d1207d1a7f8bb',
+      };
+
+      const discussionMock = Object.assign({}, discussion);
+      discussionMock.diff_file.file_hash = diffFileMock.fileHash;
+
+      expect(
+        getters.diffHasAllExpandedDiscussions(localState, {
+          getDiffFileDiscussions: () => [discussionMock, discussionMock],
+        })(diffFileMock),
+      ).toEqual(true);
+    });
+
+    it('returns false when there are no discussions', () => {
+      const diffFileMock = {
+        fileHash: '9732849daca6ae818696d9575f5d1207d1a7f8bb',
+      };
+
+      expect(
+        getters.diffHasAllExpandedDiscussions(localState, {
+          getDiffFileDiscussions: () => [],
+        })(diffFileMock),
+      ).toEqual(false);
+    });
+
+    it('returns false when one discussions is collapsed', () => {
+      const diffFileMock = {
+        fileHash: '9732849daca6ae818696d9575f5d1207d1a7f8bb',
+      };
+
+      const discussionMock = Object.assign({}, discussion);
+      discussionMock.diff_file.file_hash = diffFileMock.fileHash;
+      const discussionMock1 = Object.assign({}, discussion);
+      discussionMock1.diff_file.file_hash = diffFileMock.fileHash;
+
+      discussionMock1.expanded = false;
+
+      expect(
+        getters.diffHasAllExpandedDiscussions(localState, {
+          getDiffFileDiscussions: () => [discussionMock, discussionMock1],
+        })(diffFileMock),
+      ).toEqual(false);
+    });
+  });
+
+  describe('diffHasAllCollpasedDiscussions', () => {
+    it('returns true when all discussions are collapsed', () => {
+      const diffFileMock = {
+        fileHash: '9732849daca6ae818696d9575f5d1207d1a7f8bb',
+      };
+
+      const discussionMock = Object.assign({}, discussion);
+      discussionMock.diff_file.file_hash = diffFileMock.fileHash;
+      discussionMock.expanded = false;
+
+      expect(
+        getters.diffHasAllCollpasedDiscussions(localState, {
+          getDiffFileDiscussions: () => [discussionMock],
+        })(diffFileMock),
+      ).toEqual(true);
+    });
+
+    it('returns false when there are no discussions', () => {
+      const diffFileMock = {
+        fileHash: '9732849daca6ae818696d9575f5d1207d1a7f8bb',
+      };
+
+      expect(
+        getters.diffHasAllCollpasedDiscussions(localState, {
+          getDiffFileDiscussions: () => [],
+        })(diffFileMock),
+      ).toEqual(false);
+    });
+
+    it('returns false when one discussions is expanded', () => {
+      const diffFileMock = {
+        fileHash: '9732849daca6ae818696d9575f5d1207d1a7f8bb',
+      };
+
+      const discussionMock = Object.assign({}, discussion);
+      discussionMock.diff_file.file_hash = diffFileMock.fileHash;
+      const discussionMock1 = Object.assign({}, discussion);
+      discussionMock1.diff_file.file_hash = diffFileMock.fileHash;
+      discussionMock1.expanded = false;
+
+      expect(
+        getters.diffHasAllCollpasedDiscussions(localState, {
+          getDiffFileDiscussions: () => [discussionMock, discussionMock1],
+        })(diffFileMock),
+      ).toEqual(false);
+    });
+  });
+
+  describe('diffHasExpandedDiscussions', () => {
+    it('returns true when one of the discussions is expanded', () => {
+      const diffFileMock = {
+        fileHash: '9732849daca6ae818696d9575f5d1207d1a7f8bb',
+      };
+
+      const discussionMock = Object.assign({}, discussion);
+      discussionMock.diff_file.file_hash = diffFileMock.fileHash;
+      const discussionMock1 = Object.assign({}, discussion);
+      discussionMock1.diff_file.file_hash = diffFileMock.fileHash;
+      discussionMock1.expanded = false;
+
+      expect(
+        getters.diffHasExpandedDiscussions(localState, {
+          getDiffFileDiscussions: () => [discussionMock, discussionMock],
+        })(diffFileMock),
+      ).toEqual(true);
+    });
+
+    it('returns false when there are no discussions', () => {
+      const diffFileMock = {
+        fileHash: '9732849daca6ae818696d9575f5d1207d1a7f8bb',
+      };
+
+      expect(
+        getters.diffHasExpandedDiscussions(localState, { getDiffFileDiscussions: () => [] })(
+          diffFileMock,
+        ),
+      ).toEqual(false);
+    });
+
+    it('returns false when no discussion is expanded', () => {
+      const diffFileMock = {
+        fileHash: '9732849daca6ae818696d9575f5d1207d1a7f8bb',
+      };
+
+      const discussionMock = Object.assign({}, discussion);
+      discussion.diff_file.file_hash = diffFileMock.fileHash;
+      discussionMock.expanded = false;
+
+      const discussionMock1 = Object.assign({}, discussion);
+      discussionMock1.diff_file.file_hash = diffFileMock.fileHash;
+
+      discussionMock1.expanded = false;
+
+      expect(
+        getters.diffHasExpandedDiscussions(localState, {
+          getDiffFileDiscussions: () => [discussionMock, discussionMock1],
+        })(diffFileMock),
+      ).toEqual(false);
+    });
+  });
+
+  // describe('getDiffFileDiscussions', () => {
+  //   it('returns an array with discussions when fileHash matches and the discussion belongs to a diff', () => {
+  //     const diffFileMock = {
+  //       fileHash: '9732849daca6ae818696d9575f5d1207d1a7f8bb',
+  //     };
+
+  //     const discussionMock = Object.assign({}, discussion);
+  //     discussionMock.diff_file.file_hash = diffFileMock.fileHash;
+
+  //     expect(
+  //       getters.getDiffFileDiscussions(
+  //         localState,
+  //         {},
+  //         {},
+  //         { discussions: [discussionMock] },
+  //       )(diffFileMock).length,
+  //     ).toEqual(1);
+  //   });
+
+  //   it('returns an empty array when no discussions are found in the given diff', () => {
+  //     const diffFileMock = {
+  //       fileHash: '9732849daca6ae818696d9575f5d1207d1a7f8bb',
+  //     };
+
+  //     expect(
+  //       getters.getDiffFileDiscussions(
+  //         localState,
+  //         {},
+  //         {},
+  //         { discussions: () => ([]) },
+  //       )(diffFileMock).length,
+  //     ).toEqual(0);
+  //   });
+  // });
 });
diff --git a/spec/javascripts/environments/environment_rollback_spec.js b/spec/javascripts/environments/environment_rollback_spec.js
index eb8e49d81fe..79f33c5bc8a 100644
--- a/spec/javascripts/environments/environment_rollback_spec.js
+++ b/spec/javascripts/environments/environment_rollback_spec.js
@@ -18,7 +18,7 @@ describe('Rollback Component', () => {
       },
     }).$mount();
 
-    expect(component.$el.querySelector('span').textContent).toContain('Re-deploy');
+    expect(component.$el).toHaveSpriteIcon('repeat');
   });
 
   it('Should render Rollback label when isLastDeployment is false', () => {
@@ -30,6 +30,6 @@ describe('Rollback Component', () => {
       },
     }).$mount();
 
-    expect(component.$el.querySelector('span').textContent).toContain('Rollback');
+    expect(component.$el).toHaveSpriteIcon('redo');
   });
 });
diff --git a/spec/javascripts/environments/environment_stop_spec.js b/spec/javascripts/environments/environment_stop_spec.js
index 3f95faf466a..4d9caa57566 100644
--- a/spec/javascripts/environments/environment_stop_spec.js
+++ b/spec/javascripts/environments/environment_stop_spec.js
@@ -4,7 +4,6 @@ import stopComp from '~/environments/components/environment_stop.vue';
 describe('Stop Component', () => {
   let StopComponent;
   let component;
-  const stopURL = '/stop';
 
   beforeEach(() => {
     StopComponent = Vue.extend(stopComp);
@@ -12,20 +11,13 @@ describe('Stop Component', () => {
 
     component = new StopComponent({
       propsData: {
-        stopUrl: stopURL,
+        environment: {},
       },
     }).$mount();
   });
 
-  describe('computed', () => {
-    it('title', () => {
-      expect(component.title).toEqual('Stop');
-    });
-  });
-
   it('should render a button to stop the environment', () => {
     expect(component.$el.tagName).toEqual('BUTTON');
-    expect(component.$el.getAttribute('data-original-title')).toEqual('Stop');
-    expect(component.$el.getAttribute('aria-label')).toEqual('Stop');
+    expect(component.$el.getAttribute('data-original-title')).toEqual('Stop environment');
   });
 });
diff --git a/spec/javascripts/notes/stores/actions_spec.js b/spec/javascripts/notes/stores/actions_spec.js
index 71ef3aa9b03..b66e8e1ceb3 100644
--- a/spec/javascripts/notes/stores/actions_spec.js
+++ b/spec/javascripts/notes/stores/actions_spec.js
@@ -128,6 +128,19 @@ describe('Actions Notes Store', () => {
     });
   });
 
+  describe('collapseDiscussion', () => {
+    it('should commit collapse discussion', done => {
+      testAction(
+        actions.collapseDiscussion,
+        { discussionId: discussionMock.id },
+        { notes: [discussionMock] },
+        [{ type: 'COLLAPSE_DISCUSSION', payload: { discussionId: discussionMock.id } }],
+        [],
+        done,
+      );
+    });
+  });
+
   describe('async methods', () => {
     const interceptor = (request, next) => {
       next(
diff --git a/spec/javascripts/notes/stores/mutation_spec.js b/spec/javascripts/notes/stores/mutation_spec.js
index ccc7328447b..a15ff1a5888 100644
--- a/spec/javascripts/notes/stores/mutation_spec.js
+++ b/spec/javascripts/notes/stores/mutation_spec.js
@@ -74,6 +74,20 @@ describe('Notes Store mutations', () => {
     });
   });
 
+  describe('COLLAPSE_DISCUSSION', () => {
+    it('should collpase an expanded discussion', () => {
+      const discussion = Object.assign({}, discussionMock, { expanded: true });
+
+      const state = {
+        discussions: [discussion],
+      };
+
+      mutations.COLLAPSE_DISCUSSION(state, { discussionId: discussion.id });
+
+      expect(state.discussions[0].expanded).toEqual(false);
+    });
+  });
+
   describe('REMOVE_PLACEHOLDER_NOTES', () => {
     it('should remove all placeholder notes in indivudal notes and discussion', () => {
       const placeholderNote = Object.assign({}, individualNote, { isPlaceholderNote: true });
diff --git a/spec/lib/gitlab/background_migration/move_personal_snippet_files_spec.rb b/spec/lib/gitlab/background_migration/move_personal_snippet_files_spec.rb
index ee60e498b59..2e77e80ee46 100644
--- a/spec/lib/gitlab/background_migration/move_personal_snippet_files_spec.rb
+++ b/spec/lib/gitlab/background_migration/move_personal_snippet_files_spec.rb
@@ -7,7 +7,7 @@ describe Gitlab::BackgroundMigration::MovePersonalSnippetFiles do
   let(:snippet) do
     snippet = create(:personal_snippet)
     create_upload_for_snippet(snippet)
-    snippet.update_attributes!(description: markdown_linking_file(snippet))
+    snippet.update!(description: markdown_linking_file(snippet))
     snippet
   end
 
diff --git a/spec/lib/gitlab/ci/build/artifacts/metadata_spec.rb b/spec/lib/gitlab/ci/build/artifacts/metadata_spec.rb
index 6a52ae01b2f..e327399d82d 100644
--- a/spec/lib/gitlab/ci/build/artifacts/metadata_spec.rb
+++ b/spec/lib/gitlab/ci/build/artifacts/metadata_spec.rb
@@ -2,13 +2,21 @@ require 'spec_helper'
 
 describe Gitlab::Ci::Build::Artifacts::Metadata do
   def metadata(path = '', **opts)
-    described_class.new(metadata_file_path, path, **opts)
+    described_class.new(metadata_file_stream, path, **opts)
   end
 
   let(:metadata_file_path) do
     Rails.root + 'spec/fixtures/ci_build_artifacts_metadata.gz'
   end
 
+  let(:metadata_file_stream) do
+    File.open(metadata_file_path) if metadata_file_path
+  end
+
+  after do
+    metadata_file_stream&.close
+  end
+
   context 'metadata file exists' do
     describe '#find_entries! empty string' do
       subject { metadata('').find_entries! }
@@ -86,11 +94,21 @@ describe Gitlab::Ci::Build::Artifacts::Metadata do
   end
 
   context 'metadata file does not exist' do
-    let(:metadata_file_path) { '' }
+    let(:metadata_file_path) { nil }
 
     describe '#find_entries!' do
       it 'raises error' do
-        expect { metadata.find_entries! }.to raise_error(Errno::ENOENT)
+        expect { metadata.find_entries! }.to raise_error(described_class::InvalidStreamError, /Invalid stream/)
+      end
+    end
+  end
+
+  context 'metadata file is invalid' do
+    let(:metadata_file_path) { Rails.root + 'spec/fixtures/ci_build_artifacts.zip' }
+
+    describe '#find_entries!' do
+      it 'raises error' do
+        expect { metadata.find_entries! }.to raise_error(described_class::InvalidStreamError, /not in gzip format/)
       end
     end
   end
diff --git a/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_namespaces_spec.rb b/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_namespaces_spec.rb
index b411aaa19da..0a8c77b0ad9 100644
--- a/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_namespaces_spec.rb
+++ b/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_namespaces_spec.rb
@@ -281,7 +281,7 @@ describe Gitlab::Database::RenameReservedPathsMigration::V1::RenameNamespaces, :
 
     it "doesn't break when the namespace was renamed" do
       subject.rename_namespace(namespace)
-      namespace.update_attributes!(path: 'renamed-afterwards')
+      namespace.update!(path: 'renamed-afterwards')
 
       expect { subject.revert_renames }.not_to raise_error
     end
diff --git a/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_projects_spec.rb b/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_projects_spec.rb
index b4896d69077..d4d7a83921c 100644
--- a/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_projects_spec.rb
+++ b/spec/lib/gitlab/database/rename_reserved_paths_migration/v1/rename_projects_spec.rb
@@ -169,7 +169,7 @@ describe Gitlab::Database::RenameReservedPathsMigration::V1::RenameProjects, :de
 
     it "doesn't break when the project was renamed" do
       subject.rename_project(project)
-      project.update_attributes!(path: 'renamed-afterwards')
+      project.update!(path: 'renamed-afterwards')
 
       expect { subject.revert_renames }.not_to raise_error
     end
diff --git a/spec/lib/gitlab/git/repository_spec.rb b/spec/lib/gitlab/git/repository_spec.rb
index e6268a05d44..4f8e6f29255 100644
--- a/spec/lib/gitlab/git/repository_spec.rb
+++ b/spec/lib/gitlab/git/repository_spec.rb
@@ -1716,59 +1716,51 @@ describe Gitlab::Git::Repository, seed_helper: true do
   end
 
   describe '#fetch_source_branch!' do
-    shared_examples '#fetch_source_branch!' do
-      let(:local_ref) { 'refs/merge-requests/1/head' }
-      let(:repository) { Gitlab::Git::Repository.new('default', TEST_REPO_PATH, '') }
-      let(:source_repository) { Gitlab::Git::Repository.new('default', TEST_MUTABLE_REPO_PATH, '') }
+    let(:local_ref) { 'refs/merge-requests/1/head' }
+    let(:repository) { Gitlab::Git::Repository.new('default', TEST_REPO_PATH, '') }
+    let(:source_repository) { Gitlab::Git::Repository.new('default', TEST_MUTABLE_REPO_PATH, '') }
 
-      after do
-        ensure_seeds
-      end
+    after do
+      ensure_seeds
+    end
 
-      context 'when the branch exists' do
-        context 'when the commit does not exist locally' do
-          let(:source_branch) { 'new-branch-for-fetch-source-branch' }
-          let(:source_rugged) { Gitlab::GitalyClient::StorageSettings.allow_disk_access { source_repository.rugged } }
-          let(:new_oid) { new_commit_edit_old_file(source_rugged).oid }
+    context 'when the branch exists' do
+      context 'when the commit does not exist locally' do
+        let(:source_branch) { 'new-branch-for-fetch-source-branch' }
+        let(:source_rugged) { Gitlab::GitalyClient::StorageSettings.allow_disk_access { source_repository.rugged } }
+        let(:new_oid) { new_commit_edit_old_file(source_rugged).oid }
 
-          before do
-            source_rugged.branches.create(source_branch, new_oid)
-          end
-
-          it 'writes the ref' do
-            expect(repository.fetch_source_branch!(source_repository, source_branch, local_ref)).to eq(true)
-            expect(repository.commit(local_ref).sha).to eq(new_oid)
-          end
+        before do
+          source_rugged.branches.create(source_branch, new_oid)
         end
 
-        context 'when the commit exists locally' do
-          let(:source_branch) { 'master' }
-          let(:expected_oid) { SeedRepo::LastCommit::ID }
-
-          it 'writes the ref' do
-            # Sanity check: the commit should already exist
-            expect(repository.commit(expected_oid)).not_to be_nil
-
-            expect(repository.fetch_source_branch!(source_repository, source_branch, local_ref)).to eq(true)
-            expect(repository.commit(local_ref).sha).to eq(expected_oid)
-          end
+        it 'writes the ref' do
+          expect(repository.fetch_source_branch!(source_repository, source_branch, local_ref)).to eq(true)
+          expect(repository.commit(local_ref).sha).to eq(new_oid)
         end
       end
 
-      context 'when the branch does not exist' do
-        let(:source_branch) { 'definitely-not-master' }
+      context 'when the commit exists locally' do
+        let(:source_branch) { 'master' }
+        let(:expected_oid) { SeedRepo::LastCommit::ID }
 
-        it 'does not write the ref' do
-          expect(repository.fetch_source_branch!(source_repository, source_branch, local_ref)).to eq(false)
-          expect(repository.commit(local_ref)).to be_nil
+        it 'writes the ref' do
+          # Sanity check: the commit should already exist
+          expect(repository.commit(expected_oid)).not_to be_nil
+
+          expect(repository.fetch_source_branch!(source_repository, source_branch, local_ref)).to eq(true)
+          expect(repository.commit(local_ref).sha).to eq(expected_oid)
         end
       end
     end
 
-    it_behaves_like '#fetch_source_branch!'
+    context 'when the branch does not exist' do
+      let(:source_branch) { 'definitely-not-master' }
 
-    context 'without gitaly', :skip_gitaly_mock do
-      it_behaves_like '#fetch_source_branch!'
+      it 'does not write the ref' do
+        expect(repository.fetch_source_branch!(source_repository, source_branch, local_ref)).to eq(false)
+        expect(repository.commit(local_ref)).to be_nil
+      end
     end
   end
 
diff --git a/spec/lib/gitlab/gitaly_client/operation_service_spec.rb b/spec/lib/gitlab/gitaly_client/operation_service_spec.rb
index 9709f1f5646..031d1e87dc1 100644
--- a/spec/lib/gitlab/gitaly_client/operation_service_spec.rb
+++ b/spec/lib/gitlab/gitaly_client/operation_service_spec.rb
@@ -53,6 +53,47 @@ describe Gitlab::GitalyClient::OperationService do
     end
   end
 
+  describe '#user_update_branch' do
+    let(:branch_name) { 'my-branch' }
+    let(:newrev) { '01e' }
+    let(:oldrev) { '01d' }
+    let(:request) do
+      Gitaly::UserUpdateBranchRequest.new(
+        repository: repository.gitaly_repository,
+        branch_name: branch_name,
+        newrev: newrev,
+        oldrev: oldrev,
+        user: gitaly_user
+      )
+    end
+    let(:response) { Gitaly::UserUpdateBranchResponse.new }
+
+    subject { client.user_update_branch(branch_name, user, newrev, oldrev) }
+
+    it 'sends a user_update_branch message' do
+      expect_any_instance_of(Gitaly::OperationService::Stub)
+        .to receive(:user_update_branch).with(request, kind_of(Hash))
+        .and_return(response)
+
+      subject
+    end
+
+    context "when pre_receive_error is present" do
+      let(:response) do
+        Gitaly::UserUpdateBranchResponse.new(pre_receive_error: "something failed")
+      end
+
+      it "throws a PreReceive exception" do
+        expect_any_instance_of(Gitaly::OperationService::Stub)
+          .to receive(:user_update_branch).with(request, kind_of(Hash))
+          .and_return(response)
+
+        expect { subject }.to raise_error(
+          Gitlab::Git::PreReceiveError, "something failed")
+      end
+    end
+  end
+
   describe '#user_delete_branch' do
     let(:branch_name) { 'my-branch' }
     let(:request) do
diff --git a/spec/lib/gitlab/github_import/importer/pull_requests_importer_spec.rb b/spec/lib/gitlab/github_import/importer/pull_requests_importer_spec.rb
index 51fad6c6838..b2e544e6fed 100644
--- a/spec/lib/gitlab/github_import/importer/pull_requests_importer_spec.rb
+++ b/spec/lib/gitlab/github_import/importer/pull_requests_importer_spec.rb
@@ -27,9 +27,9 @@ describe Gitlab::GithubImport::Importer::PullRequestsImporter do
       milestone: double(:milestone, number: 4),
       user: double(:user, id: 4, login: 'alice'),
       assignee: double(:user, id: 4, login: 'alice'),
-      created_at: Time.zone.now,
-      updated_at: Time.zone.now,
-      merged_at: Time.zone.now
+      created_at: 1.second.ago,
+      updated_at: 1.second.ago,
+      merged_at: 1.second.ago
     )
   end
 
diff --git a/spec/lib/gitlab/gpg/invalid_gpg_signature_updater_spec.rb b/spec/lib/gitlab/gpg/invalid_gpg_signature_updater_spec.rb
index 6fbffc38444..1a2c6ef25c4 100644
--- a/spec/lib/gitlab/gpg/invalid_gpg_signature_updater_spec.rb
+++ b/spec/lib/gitlab/gpg/invalid_gpg_signature_updater_spec.rb
@@ -141,7 +141,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
         expect(invalid_gpg_signature.reload.verification_status).to eq 'unverified_key'
 
         # InvalidGpgSignatureUpdater is called by the after_update hook
-        user.update_attributes!(email: GpgHelpers::User1.emails.first)
+        user.update!(email: GpgHelpers::User1.emails.first)
 
         expect(invalid_gpg_signature.reload).to have_attributes(
           project: project,
@@ -166,7 +166,7 @@ RSpec.describe Gitlab::Gpg::InvalidGpgSignatureUpdater do
         )
 
         # InvalidGpgSignatureUpdater is called by the after_update hook
-        user.update_attributes!(email: 'still.unrelated@example.com')
+        user.update!(email: 'still.unrelated@example.com')
 
         expect(invalid_gpg_signature.reload).to have_attributes(
           project: project,
diff --git a/spec/lib/gitlab/ci/trace/http_io_spec.rb b/spec/lib/gitlab/http_io_spec.rb
similarity index 85%
rename from spec/lib/gitlab/ci/trace/http_io_spec.rb
rename to spec/lib/gitlab/http_io_spec.rb
index 5474e2f518c..788bddb8f59 100644
--- a/spec/lib/gitlab/ci/trace/http_io_spec.rb
+++ b/spec/lib/gitlab/http_io_spec.rb
@@ -1,11 +1,14 @@
 require 'spec_helper'
 
-describe Gitlab::Ci::Trace::HttpIO do
+describe Gitlab::HttpIO do
   include HttpIOHelpers
 
   let(:http_io) { described_class.new(url, size) }
-  let(:url) { remote_trace_url }
-  let(:size) { remote_trace_size }
+
+  let(:url) { 'http://object-storage/trace' }
+  let(:file_path) { expand_fixture_path('trace/sample_trace') }
+  let(:file_body) { File.read(file_path).force_encoding(Encoding::BINARY) }
+  let(:size) { File.size(file_path) }
 
   describe '#close' do
     subject { http_io.close }
@@ -86,10 +89,10 @@ describe Gitlab::Ci::Trace::HttpIO do
   describe '#each_line' do
     subject { http_io.each_line }
 
-    let(:string_io) { StringIO.new(remote_trace_body) }
+    let(:string_io) { StringIO.new(file_body) }
 
     before do
-      stub_remote_trace_206
+      stub_remote_url_206(url, file_path)
     end
 
     it 'yields lines' do
@@ -99,7 +102,7 @@ describe Gitlab::Ci::Trace::HttpIO do
     context 'when buckets on GCS' do
       context 'when BUFFER_SIZE is larger than file size' do
         before do
-          stub_remote_trace_200
+          stub_remote_url_200(url, file_path)
           set_larger_buffer_size_than(size)
         end
 
@@ -117,7 +120,7 @@ describe Gitlab::Ci::Trace::HttpIO do
 
     context 'when there are no network issue' do
       before do
-        stub_remote_trace_206
+        stub_remote_url_206(url, file_path)
       end
 
       context 'when read whole size' do
@@ -129,7 +132,7 @@ describe Gitlab::Ci::Trace::HttpIO do
           end
 
           it 'reads a trace' do
-            is_expected.to eq(remote_trace_body)
+            is_expected.to eq(file_body)
           end
         end
 
@@ -139,7 +142,7 @@ describe Gitlab::Ci::Trace::HttpIO do
           end
 
           it 'reads a trace' do
-            is_expected.to eq(remote_trace_body)
+            is_expected.to eq(file_body)
           end
         end
       end
@@ -153,7 +156,7 @@ describe Gitlab::Ci::Trace::HttpIO do
           end
 
           it 'reads a trace' do
-            is_expected.to eq(remote_trace_body[0, length])
+            is_expected.to eq(file_body[0, length])
           end
         end
 
@@ -163,7 +166,7 @@ describe Gitlab::Ci::Trace::HttpIO do
           end
 
           it 'reads a trace' do
-            is_expected.to eq(remote_trace_body[0, length])
+            is_expected.to eq(file_body[0, length])
           end
         end
       end
@@ -177,7 +180,7 @@ describe Gitlab::Ci::Trace::HttpIO do
           end
 
           it 'reads a trace' do
-            is_expected.to eq(remote_trace_body)
+            is_expected.to eq(file_body)
           end
         end
 
@@ -187,7 +190,7 @@ describe Gitlab::Ci::Trace::HttpIO do
           end
 
           it 'reads a trace' do
-            is_expected.to eq(remote_trace_body)
+            is_expected.to eq(file_body)
           end
         end
       end
@@ -221,11 +224,11 @@ describe Gitlab::Ci::Trace::HttpIO do
       let(:length) { nil }
 
       before do
-        stub_remote_trace_500
+        stub_remote_url_500(url)
       end
 
       it 'reads a trace' do
-        expect { subject }.to raise_error(Gitlab::Ci::Trace::HttpIO::FailedToGetChunkError)
+        expect { subject }.to raise_error(Gitlab::HttpIO::FailedToGetChunkError)
       end
     end
   end
@@ -233,15 +236,15 @@ describe Gitlab::Ci::Trace::HttpIO do
   describe '#readline' do
     subject { http_io.readline }
 
-    let(:string_io) { StringIO.new(remote_trace_body) }
+    let(:string_io) { StringIO.new(file_body) }
 
     before do
-      stub_remote_trace_206
+      stub_remote_url_206(url, file_path)
     end
 
     shared_examples 'all line matching' do
       it 'reads a line' do
-        (0...remote_trace_body.lines.count).each do
+        (0...file_body.lines.count).each do
           expect(http_io.readline).to eq(string_io.readline)
         end
       end
@@ -251,11 +254,11 @@ describe Gitlab::Ci::Trace::HttpIO do
       let(:length) { nil }
 
       before do
-        stub_remote_trace_500
+        stub_remote_url_500(url)
       end
 
       it 'reads a trace' do
-        expect { subject }.to raise_error(Gitlab::Ci::Trace::HttpIO::FailedToGetChunkError)
+        expect { subject }.to raise_error(Gitlab::HttpIO::FailedToGetChunkError)
       end
     end
 
diff --git a/spec/lib/gitlab/middleware/multipart_spec.rb b/spec/lib/gitlab/middleware/multipart_spec.rb
index b4837a1689a..f788f8ee276 100644
--- a/spec/lib/gitlab/middleware/multipart_spec.rb
+++ b/spec/lib/gitlab/middleware/multipart_spec.rb
@@ -75,6 +75,33 @@ describe Gitlab::Middleware::Multipart do
     it_behaves_like 'multipart upload files'
   end
 
+  it 'allows symlinks for uploads dir' do
+    Tempfile.open('two-levels') do |tempfile|
+      symlinked_dir = '/some/dir/uploads'
+      symlinked_path = File.join(symlinked_dir, File.basename(tempfile.path))
+      env = post_env({ 'file' => symlinked_path }, { 'file.name' => original_filename, 'file.path' => symlinked_path }, Gitlab::Workhorse.secret, 'gitlab-workhorse')
+
+      allow(FileUploader).to receive(:root).and_return(symlinked_dir)
+      allow(UploadedFile).to receive(:allowed_paths).and_return([symlinked_dir, Gitlab.config.uploads.storage_path])
+      allow(File).to receive(:realpath).and_call_original
+      allow(File).to receive(:realpath).with(symlinked_dir).and_return(Dir.tmpdir)
+      allow(File).to receive(:realpath).with(symlinked_path).and_return(tempfile.path)
+      allow(File).to receive(:exist?).and_call_original
+      allow(File).to receive(:exist?).with(symlinked_dir).and_return(true)
+
+      # override Dir.tmpdir because this dir is in the list of allowed paths
+      # and it would match FileUploader.root path (which in this test is linked
+      # to /tmp too)
+      allow(Dir).to receive(:tmpdir).and_return(File.join(Dir.tmpdir, 'tmpsubdir'))
+
+      expect(app).to receive(:call) do |env|
+        expect(Rack::Request.new(env).params['file']).to be_a(::UploadedFile)
+      end
+
+      middleware.call(env)
+    end
+  end
+
   def post_env(rewritten_fields, params, secret, issuer)
     token = JWT.encode({ 'iss' => issuer, 'rewritten_fields' => rewritten_fields }, secret, 'HS256')
     Rack::MockRequest.env_for(
diff --git a/spec/lib/gitlab/sanitizers/svg_spec.rb b/spec/lib/gitlab/sanitizers/svg_spec.rb
index 030c2063ab2..df46a874528 100644
--- a/spec/lib/gitlab/sanitizers/svg_spec.rb
+++ b/spec/lib/gitlab/sanitizers/svg_spec.rb
@@ -7,9 +7,9 @@ describe Gitlab::Sanitizers::SVG do
 
   describe '.clean' do
     let(:input_svg_path) { File.join(Rails.root, 'spec', 'fixtures', 'unsanitized.svg') }
-    let(:data) { open(input_svg_path).read }
+    let(:data) { File.read(input_svg_path) }
     let(:sanitized_svg_path) { File.join(Rails.root, 'spec', 'fixtures', 'sanitized.svg') }
-    let(:sanitized) { open(sanitized_svg_path).read }
+    let(:sanitized) { File.read(sanitized_svg_path) }
 
     it 'delegates sanitization to scrubber' do
       expect_any_instance_of(Gitlab::Sanitizers::SVG::Scrubber).to receive(:scrub).at_least(:once)
diff --git a/spec/lib/gitlab/shell_spec.rb b/spec/lib/gitlab/shell_spec.rb
index c435f988cdd..f8bf896950e 100644
--- a/spec/lib/gitlab/shell_spec.rb
+++ b/spec/lib/gitlab/shell_spec.rb
@@ -403,46 +403,36 @@ describe Gitlab::Shell do
     end
 
     describe '#create_repository' do
-      shared_examples '#create_repository' do
-        let(:repository_storage) { 'default' }
-        let(:repository_storage_path) do
-          Gitlab::GitalyClient::StorageSettings.allow_disk_access do
-            Gitlab.config.repositories.storages[repository_storage].legacy_disk_path
-          end
-        end
-        let(:repo_name) { 'project/path' }
-        let(:created_path) { File.join(repository_storage_path, repo_name + '.git') }
-
-        after do
-          FileUtils.rm_rf(created_path)
-        end
-
-        it 'creates a repository' do
-          expect(gitlab_shell.create_repository(repository_storage, repo_name)).to be_truthy
-
-          expect(File.stat(created_path).mode & 0o777).to eq(0o770)
-
-          hooks_path = File.join(created_path, 'hooks')
-          expect(File.lstat(hooks_path)).to be_symlink
-          expect(File.realpath(hooks_path)).to eq(gitlab_shell_hooks_path)
-        end
-
-        it 'returns false when the command fails' do
-          FileUtils.mkdir_p(File.dirname(created_path))
-          # This file will block the creation of the repo's .git directory. That
-          # should cause #create_repository to fail.
-          FileUtils.touch(created_path)
-
-          expect(gitlab_shell.create_repository(repository_storage, repo_name)).to be_falsy
+      let(:repository_storage) { 'default' }
+      let(:repository_storage_path) do
+        Gitlab::GitalyClient::StorageSettings.allow_disk_access do
+          Gitlab.config.repositories.storages[repository_storage].legacy_disk_path
         end
       end
+      let(:repo_name) { 'project/path' }
+      let(:created_path) { File.join(repository_storage_path, repo_name + '.git') }
 
-      context 'with gitaly' do
-        it_behaves_like '#create_repository'
+      after do
+        FileUtils.rm_rf(created_path)
       end
 
-      context 'without gitaly', :skip_gitaly_mock do
-        it_behaves_like '#create_repository'
+      it 'creates a repository' do
+        expect(gitlab_shell.create_repository(repository_storage, repo_name)).to be_truthy
+
+        expect(File.stat(created_path).mode & 0o777).to eq(0o770)
+
+        hooks_path = File.join(created_path, 'hooks')
+        expect(File.lstat(hooks_path)).to be_symlink
+        expect(File.realpath(hooks_path)).to eq(gitlab_shell_hooks_path)
+      end
+
+      it 'returns false when the command fails' do
+        FileUtils.mkdir_p(File.dirname(created_path))
+        # This file will block the creation of the repo's .git directory. That
+        # should cause #create_repository to fail.
+        FileUtils.touch(created_path)
+
+        expect(gitlab_shell.create_repository(repository_storage, repo_name)).to be_falsy
       end
     end
 
@@ -513,22 +503,12 @@ describe Gitlab::Shell do
       end
     end
 
-    shared_examples 'fetch_remote' do |gitaly_on|
+    describe '#fetch_remote' do
       def fetch_remote(ssh_auth = nil, prune = true)
         gitlab_shell.fetch_remote(repository.raw_repository, 'remote-name', ssh_auth: ssh_auth, prune: prune)
       end
 
-      def expect_gitlab_projects(fail = false, options = {})
-        expect(gitlab_projects).to receive(:fetch_remote).with(
-          'remote-name',
-          timeout,
-          options
-        ).and_return(!fail)
-
-        allow(gitlab_projects).to receive(:output).and_return('error') if fail
-      end
-
-      def expect_gitaly_call(fail, options = {})
+      def expect_call(fail, options = {})
         receive_fetch_remote =
           if fail
             receive(:fetch_remote).and_raise(GRPC::NotFound)
@@ -539,16 +519,6 @@ describe Gitlab::Shell do
         expect_any_instance_of(Gitlab::GitalyClient::RepositoryService).to receive_fetch_remote
       end
 
-      if gitaly_on
-        def expect_call(fail, options = {})
-          expect_gitaly_call(fail, options)
-        end
-      else
-        def expect_call(fail, options = {})
-          expect_gitlab_projects(fail, options)
-        end
-      end
-
       def build_ssh_auth(opts = {})
         defaults = {
           ssh_import?: true,
@@ -634,14 +604,6 @@ describe Gitlab::Shell do
           expect(fetch_remote(ssh_auth)).to be_truthy
         end
       end
-    end
-
-    describe '#fetch_remote local', :skip_gitaly_mock do
-      it_should_behave_like 'fetch_remote', false
-    end
-
-    describe '#fetch_remote gitaly' do
-      it_should_behave_like 'fetch_remote', true
 
       context 'gitaly call' do
         let(:remote_name) { 'remote-name' }
@@ -683,25 +645,6 @@ describe Gitlab::Shell do
           end.to raise_error(Gitlab::Shell::Error, "error")
         end
       end
-
-      context 'without gitaly', :disable_gitaly do
-        it 'returns true when the command succeeds' do
-          expect(gitlab_projects).to receive(:import_project).with(import_url, timeout) { true }
-
-          result = gitlab_shell.import_repository(project.repository_storage, project.disk_path, import_url)
-
-          expect(result).to be_truthy
-        end
-
-        it 'raises an exception when the command fails' do
-          allow(gitlab_projects).to receive(:output) { 'error' }
-          expect(gitlab_projects).to receive(:import_project) { false }
-
-          expect do
-            gitlab_shell.import_repository(project.repository_storage, project.disk_path, import_url)
-          end.to raise_error(Gitlab::Shell::Error, "error")
-        end
-      end
     end
   end
 
diff --git a/spec/lib/gitlab/workhorse_spec.rb b/spec/lib/gitlab/workhorse_spec.rb
index 8fdcfe79fb5..98a1865d347 100644
--- a/spec/lib/gitlab/workhorse_spec.rb
+++ b/spec/lib/gitlab/workhorse_spec.rb
@@ -36,22 +36,20 @@ describe Gitlab::Workhorse do
       allow(described_class).to receive(:git_archive_cache_disabled?).and_return(cache_disabled)
     end
 
-    context 'when Gitaly workhorse_archive feature is enabled' do
-      it 'sets the header correctly' do
-        key, command, params = decode_workhorse_header(subject)
+    it 'sets the header correctly' do
+      key, command, params = decode_workhorse_header(subject)
 
-        expect(key).to eq('Gitlab-Workhorse-Send-Data')
-        expect(command).to eq('git-archive')
-        expect(params).to include(gitaly_params)
-      end
+      expect(key).to eq('Gitlab-Workhorse-Send-Data')
+      expect(command).to eq('git-archive')
+      expect(params).to include(gitaly_params)
+    end
 
-      context 'when archive caching is disabled' do
-        let(:cache_disabled) { true }
+    context 'when archive caching is disabled' do
+      let(:cache_disabled) { true }
 
-        it 'tells workhorse not to use the cache' do
-          _, _, params = decode_workhorse_header(subject)
-          expect(params).to include({ 'DisableCache' => true })
-        end
+      it 'tells workhorse not to use the cache' do
+        _, _, params = decode_workhorse_header(subject)
+        expect(params).to include({ 'DisableCache' => true })
       end
     end
 
@@ -177,7 +175,7 @@ describe Gitlab::Workhorse do
     end
 
     it 'accepts a trailing newline' do
-      open(described_class.secret_path, 'a') { |f| f.write "\n" }
+      File.open(described_class.secret_path, 'a') { |f| f.write "\n" }
       expect(subject.length).to eq(32)
     end
 
diff --git a/spec/migrations/issues_moved_to_id_foreign_key_spec.rb b/spec/migrations/issues_moved_to_id_foreign_key_spec.rb
index dd2b08099f2..495e86ee888 100644
--- a/spec/migrations/issues_moved_to_id_foreign_key_spec.rb
+++ b/spec/migrations/issues_moved_to_id_foreign_key_spec.rb
@@ -14,7 +14,7 @@ describe IssuesMovedToIdForeignKey, :migration, schema: 20171114150259 do
   it 'removes the orphaned moved_to_id' do
     subject.down
 
-    issue_third.update_attributes(moved_to_id: 100000)
+    issue_third.update(moved_to_id: 100000)
 
     subject.up
 
diff --git a/spec/migrations/migrate_gcp_clusters_to_new_clusters_architectures_spec.rb b/spec/migrations/migrate_gcp_clusters_to_new_clusters_architectures_spec.rb
index df009cec25c..ba4c66057d4 100644
--- a/spec/migrations/migrate_gcp_clusters_to_new_clusters_architectures_spec.rb
+++ b/spec/migrations/migrate_gcp_clusters_to_new_clusters_architectures_spec.rb
@@ -12,7 +12,7 @@ describe MigrateGcpClustersToNewClustersArchitectures, :migration do
     class KubernetesService < ActiveRecord::Base
       self.table_name = 'services'
 
-      serialize :properties, JSON # rubocop:disable Cop/ActiveRecordSerialize
+      serialize :properties, JSON
 
       default_value_for :active, true
       default_value_for :type, 'KubernetesService'
@@ -175,7 +175,7 @@ describe MigrateGcpClustersToNewClustersArchitectures, :migration do
     end
   end
 
-  def tr(s)
-    s.delete("'")
+  def tr(str)
+    str.delete("'")
   end
 end
diff --git a/spec/models/ci/build_metadata_spec.rb b/spec/models/ci/build_metadata_spec.rb
index 7e75d5a5411..6dba132184c 100644
--- a/spec/models/ci/build_metadata_spec.rb
+++ b/spec/models/ci/build_metadata_spec.rb
@@ -30,7 +30,7 @@ describe Ci::BuildMetadata do
 
     context 'when runner is assigned to the job' do
       before do
-        build.update_attributes(runner: runner)
+        build.update(runner: runner)
       end
 
       context 'when runner timeout is lower than project timeout' do
diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb
index 090ca159e08..3c96fe76829 100644
--- a/spec/models/ci/build_spec.rb
+++ b/spec/models/ci/build_spec.rb
@@ -186,18 +186,18 @@ describe Ci::Build do
       let(:runner) { create(:ci_runner, :project, projects: [build.project]) }
 
       before do
-        runner.update_attributes(contacted_at: 1.second.ago)
+        runner.update(contacted_at: 1.second.ago)
       end
 
       it { is_expected.to be_truthy }
 
       it 'that is inactive' do
-        runner.update_attributes(active: false)
+        runner.update(active: false)
         is_expected.to be_falsey
       end
 
       it 'that is not online' do
-        runner.update_attributes(contacted_at: nil)
+        runner.update(contacted_at: nil)
         is_expected.to be_falsey
       end
 
@@ -261,7 +261,7 @@ describe Ci::Build do
 
     context 'artifacts metadata does not exist' do
       before do
-        build.update_attributes(legacy_artifacts_metadata: nil)
+        build.update(legacy_artifacts_metadata: nil)
       end
 
       it { is_expected.to be_falsy }
@@ -1535,7 +1535,7 @@ describe Ci::Build do
         expect(ProjectStatistics)
           .not_to receive(:increment_statistic)
 
-        build.project.update_attributes(pending_delete: true)
+        build.project.update(pending_delete: true)
         build.project.destroy!
       end
     end
@@ -1662,7 +1662,7 @@ describe Ci::Build do
       end
 
       before do
-        build.update_attributes(user: user)
+        build.update(user: user)
       end
 
       it { user_variables.each { |v| is_expected.to include(v) } }
@@ -1740,7 +1740,7 @@ describe Ci::Build do
 
     context 'when build started manually' do
       before do
-        build.update_attributes(when: :manual)
+        build.update(when: :manual)
       end
 
       let(:manual_variable) do
@@ -1756,7 +1756,7 @@ describe Ci::Build do
       end
 
       before do
-        build.update_attributes(tag: true)
+        build.update(tag: true)
       end
 
       it { is_expected.to include(tag_variable) }
@@ -2687,4 +2687,58 @@ describe Ci::Build do
       end
     end
   end
+
+  describe '#artifacts_metadata_entry' do
+    set(:build) { create(:ci_build, project: project) }
+    let(:path) { 'other_artifacts_0.1.2/another-subdirectory/banana_sample.gif' }
+
+    before do
+      stub_artifacts_object_storage
+    end
+
+    subject { build.artifacts_metadata_entry(path) }
+
+    context 'when using local storage' do
+      let!(:metadata) { create(:ci_job_artifact, :metadata, job: build) }
+
+      context 'for existing file' do
+        it 'does exist' do
+          is_expected.to be_exists
+        end
+      end
+
+      context 'for non-existing file' do
+        let(:path) { 'invalid-file' }
+
+        it 'does not exist' do
+          is_expected.not_to be_exists
+        end
+      end
+    end
+
+    context 'when using remote storage' do
+      include HttpIOHelpers
+
+      let!(:metadata) { create(:ci_job_artifact, :remote_store, :metadata, job: build) }
+      let(:file_path) { expand_fixture_path('ci_build_artifacts_metadata.gz') }
+
+      before do
+        stub_remote_url_206(metadata.file.url, file_path)
+      end
+
+      context 'for existing file' do
+        it 'does exist' do
+          is_expected.to be_exists
+        end
+      end
+
+      context 'for non-existing file' do
+        let(:path) { 'invalid-file' }
+
+        it 'does not exist' do
+          is_expected.not_to be_exists
+        end
+      end
+    end
+  end
 end
diff --git a/spec/models/ci/job_artifact_spec.rb b/spec/models/ci/job_artifact_spec.rb
index 2f87fb5f25d..0fd7612c011 100644
--- a/spec/models/ci/job_artifact_spec.rb
+++ b/spec/models/ci/job_artifact_spec.rb
@@ -163,7 +163,7 @@ describe Ci::JobArtifact do
         expect(ProjectStatistics)
           .not_to receive(:increment_statistic)
 
-        project.update_attributes(pending_delete: true)
+        project.update(pending_delete: true)
         project.destroy!
       end
     end
diff --git a/spec/models/concerns/batch_destroy_dependent_associations_spec.rb b/spec/models/concerns/batch_destroy_dependent_associations_spec.rb
index c16b245bea8..e5392fe0462 100644
--- a/spec/models/concerns/batch_destroy_dependent_associations_spec.rb
+++ b/spec/models/concerns/batch_destroy_dependent_associations_spec.rb
@@ -4,8 +4,8 @@ describe BatchDestroyDependentAssociations do
   class TestProject < ActiveRecord::Base
     self.table_name = 'projects'
 
-    has_many :builds, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
-    has_many :notification_settings, as: :source, dependent: :delete_all # rubocop:disable Cop/ActiveRecordDependent
+    has_many :builds, dependent: :destroy
+    has_many :notification_settings, as: :source, dependent: :delete_all
     has_many :pages_domains
     has_many :todos
 
diff --git a/spec/models/concerns/mentionable_spec.rb b/spec/models/concerns/mentionable_spec.rb
index c73ea6aa94c..a9b237fa9ea 100644
--- a/spec/models/concerns/mentionable_spec.rb
+++ b/spec/models/concerns/mentionable_spec.rb
@@ -136,7 +136,7 @@ describe Issue, "Mentionable" do
 
         expect(SystemNoteService).not_to receive(:cross_reference)
 
-        issue.update_attributes(description: 'New description')
+        issue.update(description: 'New description')
         issue.create_new_cross_references!
       end
 
@@ -145,7 +145,7 @@ describe Issue, "Mentionable" do
 
         expect(SystemNoteService).to receive(:cross_reference).with(issues[1], any_args)
 
-        issue.update_attributes(description: issues[1].to_reference)
+        issue.update(description: issues[1].to_reference)
         issue.create_new_cross_references!
       end
 
@@ -155,7 +155,7 @@ describe Issue, "Mentionable" do
 
         expect(SystemNoteService).to receive(:cross_reference).with(issues[1], any_args)
 
-        note.update_attributes(note: issues[1].to_reference)
+        note.update(note: issues[1].to_reference)
         note.create_new_cross_references!
       end
     end
diff --git a/spec/models/concerns/routable_spec.rb b/spec/models/concerns/routable_spec.rb
index 8cb50d7465c..ed3e28fbeca 100644
--- a/spec/models/concerns/routable_spec.rb
+++ b/spec/models/concerns/routable_spec.rb
@@ -29,7 +29,7 @@ describe Group, 'Routable' do
     end
 
     it 'updates route record on path change' do
-      group.update_attributes(path: 'wow', name: 'much')
+      group.update(path: 'wow', name: 'much')
 
       expect(group.route.path).to eq('wow')
       expect(group.route.name).to eq('much')
diff --git a/spec/models/environment_spec.rb b/spec/models/environment_spec.rb
index 25d6597084c..4bded9efe91 100644
--- a/spec/models/environment_spec.rb
+++ b/spec/models/environment_spec.rb
@@ -562,7 +562,7 @@ describe Environment do
 
     it "is not regenerated if name changes" do
       original_slug = environment.slug
-      environment.update_attributes!(name: environment.name.reverse)
+      environment.update!(name: environment.name.reverse)
 
       expect(environment.slug).to eq(original_slug)
     end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 9fe1186a8c9..aeec485358e 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -617,7 +617,7 @@ describe Group do
           expect(group).to receive(:system_hook_service).and_return(system_hook_service)
           expect(system_hook_service).to receive(:execute_hooks_for).with(group, :rename)
 
-          group.update_attributes!(path: new_path)
+          group.update!(path: new_path)
         end
       end
 
@@ -625,7 +625,7 @@ describe Group do
         it 'does not trigger system hook' do
           expect(group).not_to receive(:system_hook_service)
 
-          group.update_attributes!(name: 'new name')
+          group.update!(name: 'new name')
         end
       end
     end
diff --git a/spec/models/merge_request_spec.rb b/spec/models/merge_request_spec.rb
index 8c6b411ec9a..c7eead2bdaa 100644
--- a/spec/models/merge_request_spec.rb
+++ b/spec/models/merge_request_spec.rb
@@ -1891,7 +1891,7 @@ describe MergeRequest do
         end
 
         it 'returns false if the merge request is merged' do
-          merge_request.update_attributes(state: 'merged')
+          merge_request.update(state: 'merged')
 
           expect(merge_request.reload.reopenable?).to be_falsey
         end
diff --git a/spec/models/namespace_spec.rb b/spec/models/namespace_spec.rb
index 70f1a1c8b38..c1b385aaf76 100644
--- a/spec/models/namespace_spec.rb
+++ b/spec/models/namespace_spec.rb
@@ -200,7 +200,7 @@ describe Namespace do
       end
 
       it "moves dir if path changed" do
-        namespace.update_attributes(path: namespace.full_path + '_new')
+        namespace.update(path: namespace.full_path + '_new')
 
         expect(gitlab_shell.exists?(project.repository_storage, "#{namespace.path}/#{project.path}.git")).to be_truthy
       end
@@ -279,7 +279,7 @@ describe Namespace do
 
       it "repository directory remains unchanged if path changed" do
         before_disk_path = project.disk_path
-        namespace.update_attributes(path: namespace.full_path + '_new')
+        namespace.update(path: namespace.full_path + '_new')
 
         expect(before_disk_path).to eq(project.disk_path)
         expect(gitlab_shell.exists?(project.repository_storage, "#{project.disk_path}.git")).to be_truthy
diff --git a/spec/models/notification_setting_spec.rb b/spec/models/notification_setting_spec.rb
index 12681a147b4..d7c5f26ab67 100644
--- a/spec/models/notification_setting_spec.rb
+++ b/spec/models/notification_setting_spec.rb
@@ -58,7 +58,7 @@ RSpec.describe NotificationSetting do
       1.upto(4) do |i|
         setting = create(:notification_setting, user: user)
 
-        setting.project.update_attributes(pending_delete: true) if i.even?
+        setting.project.update(pending_delete: true) if i.even?
       end
     end
 
diff --git a/spec/models/project_feature_spec.rb b/spec/models/project_feature_spec.rb
index 63c6fbda3f2..cd7f77024da 100644
--- a/spec/models/project_feature_spec.rb
+++ b/spec/models/project_feature_spec.rb
@@ -77,7 +77,7 @@ describe ProjectFeature do
 
   context 'repository related features' do
     before do
-      project.project_feature.update_attributes(
+      project.project_feature.update(
         merge_requests_access_level: ProjectFeature::DISABLED,
         builds_access_level: ProjectFeature::DISABLED,
         repository_access_level: ProjectFeature::PRIVATE
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index b9512b81678..bbf37ca59b9 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -567,15 +567,15 @@ describe Project do
       end
 
       it 'returns the most recent timestamp' do
-        project.update_attributes(updated_at: nil,
-                                  last_activity_at: timestamp,
-                                  last_repository_updated_at: timestamp - 1.hour)
+        project.update(updated_at: nil,
+                       last_activity_at: timestamp,
+                       last_repository_updated_at: timestamp - 1.hour)
 
         expect(project.last_activity_date).to be_like_time(timestamp)
 
-        project.update_attributes(updated_at: timestamp,
-                                  last_activity_at: timestamp - 1.hour,
-                                  last_repository_updated_at: nil)
+        project.update(updated_at: timestamp,
+                       last_activity_at: timestamp - 1.hour,
+                       last_repository_updated_at: nil)
 
         expect(project.last_activity_date).to be_like_time(timestamp)
       end
@@ -1768,7 +1768,7 @@ describe Project do
       it 'resets project import_error' do
         error_message = 'Some error'
         mirror = create(:project_empty_repo, :import_started)
-        mirror.import_state.update_attributes(last_error: error_message)
+        mirror.import_state.update(last_error: error_message)
 
         expect { mirror.import_finish }.to change { mirror.import_error }.from(error_message).to(nil)
       end
@@ -1929,7 +1929,7 @@ describe Project do
     end
 
     it 'returns false when remote mirror is disabled' do
-      project.remote_mirrors.first.update_attributes(enabled: false)
+      project.remote_mirrors.first.update(enabled: false)
 
       is_expected.to be_falsy
     end
@@ -1959,7 +1959,7 @@ describe Project do
     end
 
     it 'does not sync disabled remote mirrors' do
-      project.remote_mirrors.first.update_attributes(enabled: false)
+      project.remote_mirrors.first.update(enabled: false)
 
       expect_any_instance_of(RemoteMirror).not_to receive(:sync)
 
diff --git a/spec/models/remote_mirror_spec.rb b/spec/models/remote_mirror_spec.rb
index 3597b080021..c2ef0435c8e 100644
--- a/spec/models/remote_mirror_spec.rb
+++ b/spec/models/remote_mirror_spec.rb
@@ -85,7 +85,7 @@ describe RemoteMirror do
 
         expect(RepositoryRemoveRemoteWorker).to receive(:perform_async).with(mirror.project.id, mirror.remote_name).and_call_original
 
-        mirror.update_attributes(url: 'http://test.com')
+        mirror.update(url: 'http://test.com')
       end
     end
   end
@@ -167,7 +167,7 @@ describe RemoteMirror do
 
     context 'with remote mirroring disabled' do
       it 'returns nil' do
-        remote_mirror.update_attributes(enabled: false)
+        remote_mirror.update(enabled: false)
 
         expect(remote_mirror.sync).to be_nil
       end
@@ -229,7 +229,7 @@ describe RemoteMirror do
     end
 
     before do
-      remote_mirror.update_attributes(last_update_started_at: Time.now)
+      remote_mirror.update(last_update_started_at: Time.now)
     end
 
     context 'when remote mirror does not have status failed' do
@@ -244,7 +244,7 @@ describe RemoteMirror do
 
     context 'when remote mirror has status failed' do
       it 'returns false when last update started after the timestamp' do
-        remote_mirror.update_attributes(update_status: 'failed')
+        remote_mirror.update(update_status: 'failed')
 
         expect(remote_mirror.updated_since?(timestamp)).to be false
       end
diff --git a/spec/models/route_spec.rb b/spec/models/route_spec.rb
index 01238a89a81..48799781b87 100644
--- a/spec/models/route_spec.rb
+++ b/spec/models/route_spec.rb
@@ -29,12 +29,12 @@ describe Route do
     context 'after update' do
       it 'calls #create_redirect_for_old_path' do
         expect(route).to receive(:create_redirect_for_old_path)
-        route.update_attributes(path: 'foo')
+        route.update(path: 'foo')
       end
 
       it 'calls #delete_conflicting_redirects' do
         expect(route).to receive(:delete_conflicting_redirects)
-        route.update_attributes(path: 'foo')
+        route.update(path: 'foo')
       end
     end
 
@@ -70,7 +70,7 @@ describe Route do
     context 'path update' do
       context 'when route name is set' do
         before do
-          route.update_attributes(path: 'bar')
+          route.update(path: 'bar')
         end
 
         it 'updates children routes with new path' do
@@ -89,7 +89,7 @@ describe Route do
         end
 
         it "does not fail" do
-          expect(route.update_attributes(path: 'bar')).to be_truthy
+          expect(route.update(path: 'bar')).to be_truthy
         end
       end
 
@@ -100,7 +100,7 @@ describe Route do
         let!(:conflicting_redirect3) { route.create_redirect('gitlab-org') }
 
         it 'deletes the conflicting redirects' do
-          route.update_attributes(path: 'bar')
+          route.update(path: 'bar')
 
           expect(RedirectRoute.exists?(path: 'bar/test')).to be_falsey
           expect(RedirectRoute.exists?(path: 'bar/test/foo')).to be_falsey
@@ -111,7 +111,7 @@ describe Route do
 
     context 'name update' do
       it 'updates children routes with new path' do
-        route.update_attributes(name: 'bar')
+        route.update(name: 'bar')
 
         expect(described_class.exists?(name: 'bar')).to be_truthy
         expect(described_class.exists?(name: 'bar / test')).to be_truthy
@@ -123,7 +123,7 @@ describe Route do
         # Note: using `update_columns` to skip all validation and callbacks
         route.update_columns(name: nil)
 
-        expect { route.update_attributes(name: 'bar') }
+        expect { route.update(name: 'bar') }
           .to change { route.name }.from(nil).to('bar')
       end
     end
diff --git a/spec/models/service_spec.rb b/spec/models/service_spec.rb
index a849af062c5..029ad7f3e9f 100644
--- a/spec/models/service_spec.rb
+++ b/spec/models/service_spec.rb
@@ -280,7 +280,7 @@ describe Service do
         service.save!
 
         expect do
-          service.update_attributes(active: false)
+          service.update(active: false)
         end.to change { service.project.has_external_issue_tracker }.from(true).to(false)
       end
     end
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 097144d04ce..6d7b733dd4f 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -383,7 +383,7 @@ describe User do
       let(:secondary) { create(:email, :confirmed, email: 'secondary@example.com', user: user) }
 
       it 'allows a verfied secondary email to be used as the primary without needing reconfirmation' do
-        user.update_attributes!(email: secondary.email)
+        user.update!(email: secondary.email)
         user.reload
         expect(user.email).to eq secondary.email
         expect(user.unconfirmed_email).to eq nil
@@ -405,11 +405,11 @@ describe User do
       it 'gets called when email updated' do
         expect(@user).to receive(:update_emails_with_primary_email)
 
-        @user.update_attributes!(email: 'new_primary@example.com')
+        @user.update!(email: 'new_primary@example.com')
       end
 
       it 'adds old primary to secondary emails when secondary is a new email ' do
-        @user.update_attributes!(email: 'new_primary@example.com')
+        @user.update!(email: 'new_primary@example.com')
         @user.reload
 
         expect(@user.emails.count).to eq 2
@@ -417,7 +417,7 @@ describe User do
       end
 
       it 'adds old primary to secondary emails if secondary is becoming a primary' do
-        @user.update_attributes!(email: @secondary.email)
+        @user.update!(email: @secondary.email)
         @user.reload
 
         expect(@user.emails.count).to eq 1
@@ -425,7 +425,7 @@ describe User do
       end
 
       it 'transfers old confirmation values into new secondary' do
-        @user.update_attributes!(email: @secondary.email)
+        @user.update!(email: @secondary.email)
         @user.reload
 
         expect(@user.emails.count).to eq 1
@@ -494,12 +494,12 @@ describe User do
 
       it 'does nothing when the name is updated' do
         expect(user).not_to receive(:update_invalid_gpg_signatures)
-        user.update_attributes!(name: 'Bette')
+        user.update!(name: 'Bette')
       end
 
       it 'synchronizes the gpg keys when the email is updated' do
         expect(user).to receive(:update_invalid_gpg_signatures).at_most(:twice)
-        user.update_attributes!(email: 'shawnee.ritchie@denesik.com')
+        user.update!(email: 'shawnee.ritchie@denesik.com')
       end
     end
   end
@@ -617,13 +617,13 @@ describe User do
       it 'receives callback when external changes' do
         expect(user).to receive(:ensure_user_rights_and_limits)
 
-        user.update_attributes(external: false)
+        user.update(external: false)
       end
 
       it 'ensures correct rights and limits for user' do
         stub_config_setting(default_can_create_group: true)
 
-        expect { user.update_attributes(external: false) }.to change { user.can_create_group }.to(true)
+        expect { user.update(external: false) }.to change { user.can_create_group }.to(true)
           .and change { user.projects_limit }.to(Gitlab::CurrentSettings.default_projects_limit)
       end
     end
@@ -634,11 +634,11 @@ describe User do
       it 'receives callback when external changes' do
         expect(user).to receive(:ensure_user_rights_and_limits)
 
-        user.update_attributes(external: true)
+        user.update(external: true)
       end
 
       it 'ensures correct rights and limits for user' do
-        expect { user.update_attributes(external: true) }.to change { user.can_create_group }.to(false)
+        expect { user.update(external: true) }.to change { user.can_create_group }.to(false)
           .and change { user.projects_limit }.to(0)
       end
     end
@@ -2461,18 +2461,20 @@ describe User do
 
           it 'changes the namespace (just to compare to when username is not changed)' do
             expect do
-              user.update_attributes!(username: new_username)
+              Timecop.freeze(1.second.from_now) do
+                user.update!(username: new_username)
+              end
             end.to change { user.namespace.updated_at }
           end
 
           it 'updates the namespace name' do
-            user.update_attributes!(username: new_username)
+            user.update!(username: new_username)
 
             expect(user.namespace.name).to eq(new_username)
           end
 
           it 'updates the namespace path' do
-            user.update_attributes!(username: new_username)
+            user.update!(username: new_username)
 
             expect(user.namespace.path).to eq(new_username)
           end
@@ -2481,12 +2483,12 @@ describe User do
             let!(:conflicting_namespace) { create(:group, path: new_username) }
 
             it 'causes the user save to fail' do
-              expect(user.update_attributes(username: new_username)).to be_falsey
+              expect(user.update(username: new_username)).to be_falsey
               expect(user.namespace.errors.messages[:path].first).to eq('has already been taken')
             end
 
             it 'adds the namespace errors to the user' do
-              user.update_attributes(username: new_username)
+              user.update(username: new_username)
 
               expect(user.errors.full_messages.first).to eq('Username has already been taken')
             end
@@ -2496,7 +2498,7 @@ describe User do
         context 'when the username is not changed' do
           it 'does not change the namespace' do
             expect do
-              user.update_attributes!(email: 'asdf@asdf.com')
+              user.update!(email: 'asdf@asdf.com')
             end.not_to change { user.namespace.updated_at }
           end
         end
@@ -2526,7 +2528,7 @@ describe User do
           expect(system_hook_service).to receive(:execute_hooks_for).with(user, :rename)
           expect(user).to receive(:system_hook_service).and_return(system_hook_service)
 
-          user.update_attributes!(username: new_username)
+          user.update!(username: new_username)
         end
       end
 
@@ -2534,7 +2536,7 @@ describe User do
         it 'does not trigger system hook' do
           expect(user).not_to receive(:system_hook_service)
 
-          user.update_attributes!(email: 'asdf@asdf.com')
+          user.update!(email: 'asdf@asdf.com')
         end
       end
     end
diff --git a/spec/policies/environment_policy_spec.rb b/spec/policies/environment_policy_spec.rb
index de4cb5b30c5..3728218accc 100644
--- a/spec/policies/environment_policy_spec.rb
+++ b/spec/policies/environment_policy_spec.rb
@@ -1,57 +1,101 @@
 require 'spec_helper'
 
 describe EnvironmentPolicy do
-  let(:user) { create(:user) }
-  let(:project) { create(:project, :repository) }
+  using RSpec::Parameterized::TableSyntax
 
-  let(:environment) do
-    create(:environment, :with_review_app, project: project)
-  end
+  let(:user) { create(:user) }
 
   let(:policy) do
     described_class.new(user, environment)
   end
 
   describe '#rules' do
-    context 'when user does not have access to the project' do
+    shared_examples 'project permissions' do
+      context 'with stop action' do
+        let(:environment) do
+          create(:environment, :with_review_app, project: project)
+        end
+
+        where(:access_level, :allowed?) do
+          nil        | false
+          :guest     | false
+          :reporter  | false
+          :developer | true
+          :master    | true
+        end
+
+        with_them do
+          before do
+            project.add_user(user, access_level) unless access_level.nil?
+          end
+
+          it { expect(policy.allowed?(:stop_environment)).to be allowed? }
+        end
+
+        context 'when an admin user' do
+          let(:user) { create(:user, :admin) }
+
+          it { expect(policy).to be_allowed :stop_environment }
+        end
+
+        context 'with protected branch' do
+          with_them do
+            before do
+              project.add_user(user, access_level) unless access_level.nil?
+              create(:protected_branch, :no_one_can_push,
+                     name: 'master', project: project)
+            end
+
+            it { expect(policy).to be_disallowed :stop_environment }
+          end
+
+          context 'when an admin user' do
+            let(:user) { create(:user, :admin) }
+
+            it { expect(policy).to be_allowed :stop_environment }
+          end
+        end
+      end
+
+      context 'without stop action' do
+        let(:environment) do
+          create(:environment, project: project)
+        end
+
+        where(:access_level, :allowed?) do
+          nil        | false
+          :guest     | false
+          :reporter  | false
+          :developer | false
+          :master    | true
+        end
+
+        with_them do
+          before do
+            project.add_user(user, access_level) unless access_level.nil?
+          end
+
+          it { expect(policy.allowed?(:stop_environment)).to be allowed? }
+        end
+
+        context 'when an admin user' do
+          let(:user) { create(:user, :admin) }
+
+          it { expect(policy).to be_allowed :stop_environment }
+        end
+      end
+    end
+
+    context 'when project is public' do
+      let(:project) { create(:project, :public, :repository) }
+
+      include_examples 'project permissions'
+    end
+
+    context 'when project is private' do
       let(:project) { create(:project, :private, :repository) }
 
-      it 'does not include ability to stop environment' do
-        expect(policy).to be_disallowed :stop_environment
-      end
-    end
-
-    context 'when anonymous user has access to the project' do
-      let(:project) { create(:project, :public, :repository) }
-
-      it 'does not include ability to stop environment' do
-        expect(policy).to be_disallowed :stop_environment
-      end
-    end
-
-    context 'when team member has access to the project' do
-      let(:project) { create(:project, :public, :repository) }
-
-      before do
-        project.add_developer(user)
-      end
-
-      context 'when team member has ability to stop environment' do
-        it 'does includes ability to stop environment' do
-          expect(policy).to be_allowed :stop_environment
-        end
-      end
-
-      context 'when team member has no ability to stop environment' do
-        before do
-          create(:protected_branch, :no_one_can_push,
-                 name: 'master', project: project)
-        end
-
-        it 'does not include ability to stop environment' do
-          expect(policy).to be_disallowed :stop_environment
-        end
-      end
+      include_examples 'project permissions'
     end
   end
 end
diff --git a/spec/requests/api/access_requests_spec.rb b/spec/requests/api/access_requests_spec.rb
index 24389f28b21..ffca7ab8e45 100644
--- a/spec/requests/api/access_requests_spec.rb
+++ b/spec/requests/api/access_requests_spec.rb
@@ -88,7 +88,7 @@ describe API::AccessRequests do
       context 'when authenticated as a stranger' do
         context "when access request is disabled for the #{source_type}" do
           before do
-            source.update_attributes(request_access_enabled: false)
+            source.update(request_access_enabled: false)
           end
 
           it 'returns 403' do
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index da23fdd7dca..5a04e699d60 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -251,14 +251,22 @@ describe API::Groups do
       projects
     end
 
+    def response_project_ids(json_response, key)
+      json_response[key].map do |project|
+        project['id'].to_i
+      end
+    end
+
     context 'when unauthenticated' do
       it 'returns 404 for a private group' do
         get api("/groups/#{group2.id}")
+
         expect(response).to have_gitlab_http_status(404)
       end
 
       it 'returns 200 for a public group' do
         get api("/groups/#{group1.id}")
+
         expect(response).to have_gitlab_http_status(200)
       end
 
@@ -268,7 +276,7 @@ describe API::Groups do
 
         get api("/groups/#{public_group.id}")
 
-        expect(json_response['projects'].map { |p| p['id'].to_i })
+        expect(response_project_ids(json_response, 'projects'))
           .to contain_exactly(projects[:public].id)
       end
 
@@ -278,7 +286,7 @@ describe API::Groups do
 
         get api("/groups/#{group1.id}")
 
-        expect(json_response['shared_projects'].map { |p| p['id'].to_i })
+        expect(response_project_ids(json_response, 'shared_projects'))
           .to contain_exactly(projects[:public].id)
       end
     end
@@ -309,6 +317,17 @@ describe API::Groups do
         expect(json_response['shared_projects'][0]['id']).to eq(project.id)
       end
 
+      it "returns one of user1's groups without projects when with_projects option is set to false" do
+        project = create(:project, namespace: group2, path: 'Foo')
+        create(:project_group_link, project: project, group: group1)
+
+        get api("/groups/#{group1.id}", user1), with_projects: false
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(json_response['projects']).to be_nil
+        expect(json_response['shared_projects']).to be_nil
+      end
+
       it "does not return a non existing group" do
         get api("/groups/1328", user1)
 
@@ -327,7 +346,7 @@ describe API::Groups do
 
         get api("/groups/#{public_group.id}", user2)
 
-        expect(json_response['projects'].map { |p| p['id'].to_i })
+        expect(response_project_ids(json_response, 'projects'))
           .to contain_exactly(projects[:public].id, projects[:internal].id)
       end
 
@@ -337,7 +356,7 @@ describe API::Groups do
 
         get api("/groups/#{group1.id}", user2)
 
-        expect(json_response['shared_projects'].map { |p| p['id'].to_i })
+        expect(response_project_ids(json_response, 'shared_projects'))
           .to contain_exactly(projects[:public].id, projects[:internal].id)
       end
     end
diff --git a/spec/requests/api/helpers_spec.rb b/spec/requests/api/helpers_spec.rb
index d8a51f36dba..0a789d58fd8 100644
--- a/spec/requests/api/helpers_spec.rb
+++ b/spec/requests/api/helpers_spec.rb
@@ -201,7 +201,7 @@ describe API::Helpers do
       end
 
       it 'does not allow expired tokens' do
-        personal_access_token.update_attributes!(expires_at: 1.day.ago)
+        personal_access_token.update!(expires_at: 1.day.ago)
         env[Gitlab::Auth::UserAuthFinders::PRIVATE_TOKEN_HEADER] = personal_access_token.token
 
         expect { current_user }.to raise_error Gitlab::Auth::ExpiredError
diff --git a/spec/requests/api/jobs_spec.rb b/spec/requests/api/jobs_spec.rb
index 50d6f4b4d99..0609166ed90 100644
--- a/spec/requests/api/jobs_spec.rb
+++ b/spec/requests/api/jobs_spec.rb
@@ -535,12 +535,14 @@ describe API::Jobs do
     context 'authorized user' do
       context 'when trace is in ObjectStorage' do
         let!(:job) { create(:ci_build, :trace_artifact, pipeline: pipeline) }
+        let(:url) { 'http://object-storage/trace' }
+        let(:file_path) { expand_fixture_path('trace/sample_trace') }
 
         before do
-          stub_remote_trace_206
+          stub_remote_url_206(url, file_path)
           allow_any_instance_of(JobArtifactUploader).to receive(:file_storage?) { false }
-          allow_any_instance_of(JobArtifactUploader).to receive(:url) { remote_trace_url }
-          allow_any_instance_of(JobArtifactUploader).to receive(:size) { remote_trace_size }
+          allow_any_instance_of(JobArtifactUploader).to receive(:url) { url }
+          allow_any_instance_of(JobArtifactUploader).to receive(:size) { File.size(file_path) }
         end
 
         it 'returns specific job trace' do
diff --git a/spec/requests/api/notes_spec.rb b/spec/requests/api/notes_spec.rb
index dd568c24c72..f4cf5bd0530 100644
--- a/spec/requests/api/notes_spec.rb
+++ b/spec/requests/api/notes_spec.rb
@@ -71,7 +71,7 @@ describe API::Notes do
 
           context "issue is confidential" do
             before do
-              ext_issue.update_attributes(confidential: true)
+              ext_issue.update(confidential: true)
             end
 
             it "returns 404" do
@@ -104,7 +104,7 @@ describe API::Notes do
 
           context "when issue is confidential" do
             before do
-              issue.update_attributes(confidential: true)
+              issue.update(confidential: true)
             end
 
             it "returns 404" do
diff --git a/spec/requests/api/pipeline_schedules_spec.rb b/spec/requests/api/pipeline_schedules_spec.rb
index 91d4d5d3de9..173f2a0dea0 100644
--- a/spec/requests/api/pipeline_schedules_spec.rb
+++ b/spec/requests/api/pipeline_schedules_spec.rb
@@ -22,7 +22,7 @@ describe API::PipelineSchedules do
           .each do |pipeline_schedule|
           create(:user).tap do |user|
             project.add_developer(user)
-            pipeline_schedule.update_attributes(owner: user)
+            pipeline_schedule.update(owner: user)
           end
           pipeline_schedule.pipelines << build(:ci_pipeline, project: project)
         end
diff --git a/spec/requests/api/project_import_spec.rb b/spec/requests/api/project_import_spec.rb
index 97dffdc9233..24b7835abf5 100644
--- a/spec/requests/api/project_import_spec.rb
+++ b/spec/requests/api/project_import_spec.rb
@@ -157,7 +157,7 @@ describe API::ProjectImport do
     it 'returns the import status and the error if failed' do
       project = create(:project, :import_failed)
       project.add_master(user)
-      project.import_state.update_attributes(last_error: 'error')
+      project.import_state.update(last_error: 'error')
 
       get api("/projects/#{project.id}/import", user)
 
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index abf9ad738bd..15da81b57db 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -312,7 +312,7 @@ describe API::Projects do
 
         before do
           project_member
-          user3.update_attributes(starred_projects: [project, project2, project3, public_project])
+          user3.update(starred_projects: [project, project2, project3, public_project])
         end
 
         it 'returns the starred projects viewable by the user' do
@@ -333,7 +333,7 @@ describe API::Projects do
         let!(:project9) { create(:project, :public, path: 'gitlab9') }
 
         before do
-          user.update_attributes(starred_projects: [project5, project7, project8, project9])
+          user.update(starred_projects: [project5, project7, project8, project9])
         end
 
         context 'including owned filter' do
@@ -1451,7 +1451,7 @@ describe API::Projects do
       end
 
       it 'updates visibility_level from public to private' do
-        project3.update_attributes({ visibility_level: Gitlab::VisibilityLevel::PUBLIC })
+        project3.update({ visibility_level: Gitlab::VisibilityLevel::PUBLIC })
         project_param = { visibility: 'private' }
 
         put api("/projects/#{project3.id}", user), project_param
@@ -1526,6 +1526,20 @@ describe API::Projects do
 
         expect(response).to have_gitlab_http_status(400)
       end
+
+      it 'updates avatar' do
+        project_param = {
+          avatar: fixture_file_upload('spec/fixtures/banana_sample.gif',
+                                      'image/gif')
+        }
+
+        put api("/projects/#{project3.id}", user), project_param
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(json_response['avatar_url']).to eq('http://localhost/uploads/'\
+                                                  '-/system/project/avatar/'\
+                                                  "#{project3.id}/banana_sample.gif")
+      end
     end
 
     context 'when authenticated as project master' do
diff --git a/spec/requests/api/tags_spec.rb b/spec/requests/api/tags_spec.rb
index 969710d6613..8df08dd1818 100644
--- a/spec/requests/api/tags_spec.rb
+++ b/spec/requests/api/tags_spec.rb
@@ -109,7 +109,7 @@ describe API::Tags do
 
       before do
         release = project.releases.find_or_initialize_by(tag: tag_name)
-        release.update_attributes(description: description)
+        release.update(description: description)
       end
 
       it 'returns an array of project tags with release info' do
@@ -400,7 +400,7 @@ describe API::Tags do
       context 'on tag with existing release' do
         before do
           release = project.releases.find_or_initialize_by(tag: tag_name)
-          release.update_attributes(description: description)
+          release.update(description: description)
         end
 
         it 'returns 409 if there is already a release' do
@@ -422,7 +422,7 @@ describe API::Tags do
       context 'on tag with existing release' do
         before do
           release = project.releases.find_or_initialize_by(tag: tag_name)
-          release.update_attributes(description: description)
+          release.update(description: description)
         end
 
         it 'updates the release description' do
diff --git a/spec/serializers/environment_entity_spec.rb b/spec/serializers/environment_entity_spec.rb
index 8f32c5639a1..b7324a26ed2 100644
--- a/spec/serializers/environment_entity_spec.rb
+++ b/spec/serializers/environment_entity_spec.rb
@@ -1,8 +1,9 @@
 require 'spec_helper'
 
 describe EnvironmentEntity do
+  let(:request) { double('request') }
   let(:entity) do
-    described_class.new(environment, request: double)
+    described_class.new(environment, request: spy('request'))
   end
 
   let(:environment) { create(:environment) }
diff --git a/spec/serializers/environment_serializer_spec.rb b/spec/serializers/environment_serializer_spec.rb
index ca9b520fb38..0f0ab5ac796 100644
--- a/spec/serializers/environment_serializer_spec.rb
+++ b/spec/serializers/environment_serializer_spec.rb
@@ -54,7 +54,9 @@ describe EnvironmentSerializer do
 
   context 'when representing environments within folders' do
     let(:serializer) do
-      described_class.new(project: project).within_folders
+      described_class
+        .new(current_user: user, project: project)
+        .within_folders
     end
 
     let(:resource) { Environment.all }
@@ -123,7 +125,8 @@ describe EnvironmentSerializer do
     let(:pagination) { { page: 1, per_page: 2 } }
 
     let(:serializer) do
-      described_class.new(project: project)
+      described_class
+        .new(current_user: user, project: project)
         .with_pagination(request, response)
     end
 
@@ -169,7 +172,8 @@ describe EnvironmentSerializer do
 
       context 'when grouping environments within folders' do
         let(:serializer) do
-          described_class.new(project: project)
+          described_class
+            .new(current_user: user, project: project)
             .with_pagination(request, response)
             .within_folders
         end
diff --git a/spec/services/ci/retry_build_service_spec.rb b/spec/services/ci/retry_build_service_spec.rb
index decb5d22f59..ecf5d849d3f 100644
--- a/spec/services/ci/retry_build_service_spec.rb
+++ b/spec/services/ci/retry_build_service_spec.rb
@@ -49,7 +49,7 @@ describe Ci::RetryBuildService do
       # Make sure that build has both `stage_id` and `stage` because FactoryBot
       # can reset one of the fields when assigning another. We plan to deprecate
       # and remove legacy `stage` column in the future.
-      build.update_attributes(stage: 'test', stage_id: stage.id)
+      build.update(stage: 'test', stage_id: stage.id)
     end
 
     describe 'clone accessors' do
@@ -100,7 +100,11 @@ describe Ci::RetryBuildService do
   end
 
   describe '#execute' do
-    let(:new_build) { service.execute(build) }
+    let(:new_build) do
+      Timecop.freeze(1.second.from_now) do
+        service.execute(build)
+      end
+    end
 
     context 'when user has ability to execute build' do
       before do
@@ -150,7 +154,11 @@ describe Ci::RetryBuildService do
   end
 
   describe '#reprocess' do
-    let(:new_build) { service.reprocess!(build) }
+    let(:new_build) do
+      Timecop.freeze(1.second.from_now) do
+        service.reprocess!(build)
+      end
+    end
 
     context 'when user has ability to execute build' do
       before do
diff --git a/spec/services/issues/update_service_spec.rb b/spec/services/issues/update_service_spec.rb
index 158541d36e3..4cbf1a52e29 100644
--- a/spec/services/issues/update_service_spec.rb
+++ b/spec/services/issues/update_service_spec.rb
@@ -501,7 +501,7 @@ describe Issues::UpdateService, :mailer do
         let(:params) { { label_ids: [], remove_label_ids: [label.id] } }
 
         before do
-          issue.update_attributes(labels: [label, label3])
+          issue.update(labels: [label, label3])
         end
 
         it 'ignores the label_ids parameter' do
@@ -517,7 +517,7 @@ describe Issues::UpdateService, :mailer do
         let(:params) { { add_label_ids: [label3.id], remove_label_ids: [label.id] } }
 
         before do
-          issue.update_attributes(labels: [label])
+          issue.update(labels: [label])
         end
 
         it 'adds the passed labels' do
diff --git a/spec/services/members/destroy_service_spec.rb b/spec/services/members/destroy_service_spec.rb
index 36b6e5a701e..b4e9f6af43a 100644
--- a/spec/services/members/destroy_service_spec.rb
+++ b/spec/services/members/destroy_service_spec.rb
@@ -142,8 +142,8 @@ describe Members::DestroyService do
 
   context 'with an access requester' do
     before do
-      group_project.update_attributes(request_access_enabled: true)
-      group.update_attributes(request_access_enabled: true)
+      group_project.update(request_access_enabled: true)
+      group.update(request_access_enabled: true)
       group_project.request_access(member_user)
       group.request_access(member_user)
     end
diff --git a/spec/services/merge_requests/conflicts/list_service_spec.rb b/spec/services/merge_requests/conflicts/list_service_spec.rb
index 97da8a88660..a5520e7373e 100644
--- a/spec/services/merge_requests/conflicts/list_service_spec.rb
+++ b/spec/services/merge_requests/conflicts/list_service_spec.rb
@@ -34,7 +34,7 @@ describe MergeRequests::Conflicts::ListService do
 
     it 'returns a falsey value when the MR does not support new diff notes' do
       merge_request = create_merge_request('conflict-resolvable')
-      merge_request.merge_request_diff.update_attributes(start_commit_sha: nil)
+      merge_request.merge_request_diff.update(start_commit_sha: nil)
 
       expect(conflicts_service(merge_request).can_be_resolved_in_ui?).to be_falsey
     end
diff --git a/spec/services/merge_requests/merge_service_spec.rb b/spec/services/merge_requests/merge_service_spec.rb
index ef2738ef504..33eea2cf5c3 100644
--- a/spec/services/merge_requests/merge_service_spec.rb
+++ b/spec/services/merge_requests/merge_service_spec.rb
@@ -63,7 +63,7 @@ describe MergeRequests::MergeService do
         let(:commit)       { double('commit', safe_message: "Fixes #{jira_issue.to_reference}") }
 
         before do
-          project.update_attributes!(has_external_issue_tracker: true)
+          project.update!(has_external_issue_tracker: true)
           jira_service_settings
           stub_jira_urls(jira_issue.id)
           allow(merge_request).to receive(:commits).and_return([commit])
diff --git a/spec/services/notification_service_spec.rb b/spec/services/notification_service_spec.rb
index 0eadc83bfe3..ab91176737d 100644
--- a/spec/services/notification_service_spec.rb
+++ b/spec/services/notification_service_spec.rb
@@ -1314,7 +1314,7 @@ describe NotificationService, :mailer do
 
       describe 'when merge_when_pipeline_succeeds is true' do
         before do
-          merge_request.update_attributes(
+          merge_request.update(
             merge_when_pipeline_succeeds: true,
             merge_user: create(:user)
           )
diff --git a/spec/services/projects/fork_service_spec.rb b/spec/services/projects/fork_service_spec.rb
index c15f5120b8a..f89f9b54f53 100644
--- a/spec/services/projects/fork_service_spec.rb
+++ b/spec/services/projects/fork_service_spec.rb
@@ -135,7 +135,7 @@ describe Projects::ForkService do
       context "when project has restricted visibility level" do
         context "and only one visibility level is restricted" do
           before do
-            @from_project.update_attributes(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
+            @from_project.update(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
             stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::INTERNAL])
           end
 
diff --git a/spec/services/projects/update_pages_service_spec.rb b/spec/services/projects/update_pages_service_spec.rb
index 1bffeee6790..a4c103e6f30 100644
--- a/spec/services/projects/update_pages_service_spec.rb
+++ b/spec/services/projects/update_pages_service_spec.rb
@@ -24,8 +24,8 @@ describe Projects::UpdatePagesService do
     let(:extension) { 'zip' }
 
     before do
-      build.update_attributes(legacy_artifacts_file: file)
-      build.update_attributes(legacy_artifacts_metadata: metadata)
+      build.update(legacy_artifacts_file: file)
+      build.update(legacy_artifacts_metadata: metadata)
     end
 
     describe 'pages artifacts' do
@@ -62,13 +62,13 @@ describe Projects::UpdatePagesService do
     end
 
     it 'fails if sha on branch is not latest' do
-      build.update_attributes(ref: 'feature')
+      build.update(ref: 'feature')
 
       expect(execute).not_to eq(:success)
     end
 
     it 'fails for empty file fails' do
-      build.update_attributes(legacy_artifacts_file: empty_file)
+      build.update(legacy_artifacts_file: empty_file)
 
       expect { execute }
         .to raise_error(Projects::UpdatePagesService::FailedToExtractError)
@@ -118,7 +118,7 @@ describe Projects::UpdatePagesService do
       end
 
       it 'fails if sha on branch is not latest' do
-        build.update_attributes(ref: 'feature')
+        build.update(ref: 'feature')
 
         expect(execute).not_to eq(:success)
       end
@@ -188,7 +188,7 @@ describe Projects::UpdatePagesService do
   end
 
   it 'fails for invalid archive' do
-    build.update_attributes(legacy_artifacts_file: invalid_file)
+    build.update(legacy_artifacts_file: invalid_file)
     expect(execute).not_to eq(:success)
   end
 
@@ -199,8 +199,8 @@ describe Projects::UpdatePagesService do
       file = fixture_file_upload('spec/fixtures/pages.zip')
       metafile = fixture_file_upload('spec/fixtures/pages.zip.meta')
 
-      build.update_attributes(legacy_artifacts_file: file)
-      build.update_attributes(legacy_artifacts_metadata: metafile)
+      build.update(legacy_artifacts_file: file)
+      build.update(legacy_artifacts_metadata: metafile)
 
       allow(build).to receive(:artifacts_metadata_entry)
         .and_return(metadata)
diff --git a/spec/services/reset_project_cache_service_spec.rb b/spec/services/reset_project_cache_service_spec.rb
index de475d16586..1490ad5fe3b 100644
--- a/spec/services/reset_project_cache_service_spec.rb
+++ b/spec/services/reset_project_cache_service_spec.rb
@@ -18,7 +18,7 @@ describe ResetProjectCacheService do
 
   context 'when project cache_index is a numeric value' do
     before do
-      project.update_attributes(jobs_cache_index: 1)
+      project.update(jobs_cache_index: 1)
     end
 
     it 'increments project cache index' do
diff --git a/spec/services/system_hooks_service_spec.rb b/spec/services/system_hooks_service_spec.rb
index 51396d34f8f..e0335880e8e 100644
--- a/spec/services/system_hooks_service_spec.rb
+++ b/spec/services/system_hooks_service_spec.rb
@@ -75,7 +75,7 @@ describe SystemHooksService do
     end
 
     it 'handles nil datetime columns' do
-      user.update_attributes(created_at: nil, updated_at: nil)
+      user.update(created_at: nil, updated_at: nil)
       data = event_data(user, :destroy)
 
       expect(data[:created_at]).to be(nil)
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 46ec1bcef24..bd564cc60a6 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -4,7 +4,7 @@ SimpleCovEnv.start!
 ENV["RAILS_ENV"] = 'test'
 ENV["IN_MEMORY_APPLICATION_SETTINGS"] = 'true'
 
-require File.expand_path("../../config/environment", __FILE__)
+require File.expand_path('../config/environment', __dir__)
 require 'rspec/rails'
 require 'shoulda/matchers'
 require 'rspec/retry'
diff --git a/spec/support/api/repositories_shared_context.rb b/spec/support/api/repositories_shared_context.rb
index ea38fe4f5b8..f1341804e56 100644
--- a/spec/support/api/repositories_shared_context.rb
+++ b/spec/support/api/repositories_shared_context.rb
@@ -1,6 +1,6 @@
 shared_context 'disabled repository' do
   before do
-    project.project_feature.update_attributes!(
+    project.project_feature.update!(
       repository_access_level: ProjectFeature::DISABLED,
       merge_requests_access_level: ProjectFeature::DISABLED,
       builds_access_level: ProjectFeature::DISABLED
diff --git a/spec/support/api/time_tracking_shared_examples.rb b/spec/support/api/time_tracking_shared_examples.rb
index 52e1bc55191..fee464c15a3 100644
--- a/spec/support/api/time_tracking_shared_examples.rb
+++ b/spec/support/api/time_tracking_shared_examples.rb
@@ -85,7 +85,7 @@ shared_examples 'time tracking endpoints' do |issuable_name|
       it 'subtracts time of the total spent time' do
         Timecop.travel(1.minute.from_now) do
           expect do
-            issuable.update_attributes!(spend_time: { duration: 7200, user_id: user.id })
+            issuable.update!(spend_time: { duration: 7200, user_id: user.id })
           end.to change { issuable.reload.updated_at }
         end
 
@@ -99,7 +99,7 @@ shared_examples 'time tracking endpoints' do |issuable_name|
 
     context 'when time to subtract is greater than the total spent time' do
       it 'does not modify the total time spent' do
-        issuable.update_attributes!(spend_time: { duration: 7200, user_id: user.id })
+        issuable.update!(spend_time: { duration: 7200, user_id: user.id })
 
         Timecop.travel(1.minute.from_now) do
           expect do
@@ -135,8 +135,8 @@ shared_examples 'time tracking endpoints' do |issuable_name|
 
   describe "GET /projects/:id/#{issuable_collection_name}/:#{issuable_name}_id/time_stats" do
     it "returns the time stats for #{issuable_name}" do
-      issuable.update_attributes!(spend_time: { duration: 1800, user_id: user.id },
-                                  time_estimate: 3600)
+      issuable.update!(spend_time: { duration: 1800, user_id: user.id },
+                       time_estimate: 3600)
 
       get api("/projects/#{project.id}/#{issuable_collection_name}/#{issuable.iid}/time_stats", user)
 
diff --git a/spec/support/generate-seed-repo-rb b/spec/support/generate-seed-repo-rb
index 44b3de23b99..bee9d419376 100755
--- a/spec/support/generate-seed-repo-rb
+++ b/spec/support/generate-seed-repo-rb
@@ -15,7 +15,7 @@
 require 'erb'
 require 'tempfile'
 
-SOURCE = File.expand_path('../gitlab-git-test.git', __FILE__).freeze
+SOURCE = File.expand_path('gitlab-git-test.git', __dir__).freeze
 SCRIPT_NAME = 'generate-seed-repo-rb'.freeze
 REPO_NAME = 'gitlab-git-test.git'.freeze
 
diff --git a/spec/support/helpers/jira_service_helper.rb b/spec/support/helpers/jira_service_helper.rb
index 88a7aeba461..f4d5343c4ed 100644
--- a/spec/support/helpers/jira_service_helper.rb
+++ b/spec/support/helpers/jira_service_helper.rb
@@ -12,7 +12,7 @@ module JiraServiceHelper
       jira_issue_transition_id: '1'
     }
 
-    jira_tracker.update_attributes(properties: properties, active: true)
+    jira_tracker.update(properties: properties, active: true)
   end
 
   def jira_issue_comments
diff --git a/spec/support/helpers/key_generator_helper.rb b/spec/support/helpers/key_generator_helper.rb
index b1c289ffef7..d55d8312c65 100644
--- a/spec/support/helpers/key_generator_helper.rb
+++ b/spec/support/helpers/key_generator_helper.rb
@@ -24,7 +24,7 @@ module Spec
         private
 
         # Encodes an openssh-mpi-encoded integer.
-        def encode_mpi(n)
+        def encode_mpi(n) # rubocop:disable Naming/UncommunicativeMethodParamName
           chars, n = [], n.to_i
           chars << (n & 0xff) && n >>= 8 while n != 0
           chars << 0 if chars.empty? || chars.last >= 0x80
diff --git a/spec/support/http_io/http_io_helpers.rb b/spec/support/http_io/http_io_helpers.rb
index 2c68c2cd9a6..42144870eb5 100644
--- a/spec/support/http_io/http_io_helpers.rb
+++ b/spec/support/http_io/http_io_helpers.rb
@@ -1,65 +1,49 @@
 module HttpIOHelpers
-  def stub_remote_trace_206
-    WebMock.stub_request(:get, remote_trace_url)
-      .to_return { |request| remote_trace_response(request, 206) }
+  def stub_remote_url_206(url, file_path)
+    WebMock.stub_request(:get, url)
+      .to_return { |request| remote_url_response(file_path, request, 206) }
   end
 
-  def stub_remote_trace_200
-    WebMock.stub_request(:get, remote_trace_url)
-      .to_return { |request| remote_trace_response(request, 200) }
+  def stub_remote_url_200(url, file_path)
+    WebMock.stub_request(:get, url)
+      .to_return { |request| remote_url_response(file_path, request, 200) }
   end
 
-  def stub_remote_trace_500
-    WebMock.stub_request(:get, remote_trace_url)
+  def stub_remote_url_500(url)
+    WebMock.stub_request(:get, url)
       .to_return(status: [500, "Internal Server Error"])
   end
 
-  def remote_trace_url
-    "http://trace.com/trace"
-  end
-
-  def remote_trace_response(request, responce_status)
+  def remote_url_response(file_path, request, response_status)
     range = request.headers['Range'].match(/bytes=(\d+)-(\d+)/)
 
+    body = File.read(file_path).force_encoding(Encoding::BINARY)
+    size = body.bytesize
+
     {
-      status: responce_status,
-      headers: remote_trace_response_headers(responce_status, range[1].to_i, range[2].to_i),
-      body: range_trace_body(range[1].to_i, range[2].to_i)
+      status: response_status,
+      headers: remote_url_response_headers(response_status, range[1].to_i, range[2].to_i, size),
+      body: body[range[1].to_i..range[2].to_i]
     }
   end
 
-  def remote_trace_response_headers(responce_status, from, to)
-    headers = { 'Content-Type' => 'text/plain' }
-
-    if responce_status == 206
-      headers.merge('Content-Range' => "bytes #{from}-#{to}/#{remote_trace_size}")
+  def remote_url_response_headers(response_status, from, to, size)
+    { 'Content-Type' => 'text/plain' }.tap do |headers|
+      if response_status == 206
+        headers.merge('Content-Range' => "bytes #{from}-#{to}/#{size}")
+      end
     end
-
-    headers
-  end
-
-  def range_trace_body(from, to)
-    remote_trace_body[from..to]
-  end
-
-  def remote_trace_body
-    @remote_trace_body ||= File.read(expand_fixture_path('trace/sample_trace'))
-      .force_encoding(Encoding::BINARY)
-  end
-
-  def remote_trace_size
-    remote_trace_body.bytesize
   end
 
   def set_smaller_buffer_size_than(file_size)
     blocks = (file_size / 128)
     new_size = (blocks / 2) * 128
-    stub_const("Gitlab::Ci::Trace::HttpIO::BUFFER_SIZE", new_size)
+    stub_const("Gitlab::HttpIO::BUFFER_SIZE", new_size)
   end
 
   def set_larger_buffer_size_than(file_size)
     blocks = (file_size / 128)
     new_size = (blocks * 2) * 128
-    stub_const("Gitlab::Ci::Trace::HttpIO::BUFFER_SIZE", new_size)
+    stub_const("Gitlab::HttpIO::BUFFER_SIZE", new_size)
   end
 end
diff --git a/spec/support/shared_examples/slack_mattermost_notifications_shared_examples.rb b/spec/support/shared_examples/slack_mattermost_notifications_shared_examples.rb
index 7c34c7b4977..940c24c8d67 100644
--- a/spec/support/shared_examples/slack_mattermost_notifications_shared_examples.rb
+++ b/spec/support/shared_examples/slack_mattermost_notifications_shared_examples.rb
@@ -130,7 +130,7 @@ RSpec.shared_examples 'slack or mattermost notifications' do
 
     context "event channels" do
       it "uses the right channel for push event" do
-        chat_service.update_attributes(push_channel: "random")
+        chat_service.update(push_channel: "random")
 
         expect(Slack::Notifier).to receive(:new)
          .with(webhook_url, channel: "random")
@@ -142,7 +142,7 @@ RSpec.shared_examples 'slack or mattermost notifications' do
       end
 
       it "uses the right channel for merge request event" do
-        chat_service.update_attributes(merge_request_channel: "random")
+        chat_service.update(merge_request_channel: "random")
 
         expect(Slack::Notifier).to receive(:new)
          .with(webhook_url, channel: "random")
@@ -154,7 +154,7 @@ RSpec.shared_examples 'slack or mattermost notifications' do
       end
 
       it "uses the right channel for issue event" do
-        chat_service.update_attributes(issue_channel: "random")
+        chat_service.update(issue_channel: "random")
 
         expect(Slack::Notifier).to receive(:new)
          .with(webhook_url, channel: "random")
@@ -169,7 +169,7 @@ RSpec.shared_examples 'slack or mattermost notifications' do
         let(:issue_service_options) { { title: 'Secret', confidential: true } }
 
         it "uses confidential issue channel" do
-          chat_service.update_attributes(confidential_issue_channel: 'confidential')
+          chat_service.update(confidential_issue_channel: 'confidential')
 
           expect(Slack::Notifier).to execute_with_options(channel: 'confidential')
 
@@ -177,7 +177,7 @@ RSpec.shared_examples 'slack or mattermost notifications' do
         end
 
         it 'falls back to issue channel' do
-          chat_service.update_attributes(issue_channel: 'fallback_channel')
+          chat_service.update(issue_channel: 'fallback_channel')
 
           expect(Slack::Notifier).to execute_with_options(channel: 'fallback_channel')
 
@@ -186,7 +186,7 @@ RSpec.shared_examples 'slack or mattermost notifications' do
       end
 
       it "uses the right channel for wiki event" do
-        chat_service.update_attributes(wiki_page_channel: "random")
+        chat_service.update(wiki_page_channel: "random")
 
         expect(Slack::Notifier).to receive(:new)
          .with(webhook_url, channel: "random")
@@ -203,7 +203,7 @@ RSpec.shared_examples 'slack or mattermost notifications' do
         end
 
         it "uses the right channel" do
-          chat_service.update_attributes(note_channel: "random")
+          chat_service.update(note_channel: "random")
 
           note_data = Gitlab::DataBuilder::Note.build(issue_note, user)
 
@@ -222,7 +222,7 @@ RSpec.shared_examples 'slack or mattermost notifications' do
           end
 
           it "uses confidential channel" do
-            chat_service.update_attributes(confidential_note_channel: "confidential")
+            chat_service.update(confidential_note_channel: "confidential")
 
             note_data = Gitlab::DataBuilder::Note.build(issue_note, user)
 
@@ -232,7 +232,7 @@ RSpec.shared_examples 'slack or mattermost notifications' do
           end
 
           it 'falls back to note channel' do
-            chat_service.update_attributes(note_channel: "fallback_channel")
+            chat_service.update(note_channel: "fallback_channel")
 
             note_data = Gitlab::DataBuilder::Note.build(issue_note, user)
 
diff --git a/spec/uploaders/gitlab_uploader_spec.rb b/spec/uploaders/gitlab_uploader_spec.rb
index 362f89424d4..44718ed1212 100644
--- a/spec/uploaders/gitlab_uploader_spec.rb
+++ b/spec/uploaders/gitlab_uploader_spec.rb
@@ -68,4 +68,66 @@ describe GitlabUploader do
       expect(subject.file.path).to match(/#{subject.cache_dir}/)
     end
   end
+
+  describe '#open' do
+    context 'when trace is stored in File storage' do
+      context 'when file exists' do
+        let(:file) do
+          fixture_file_upload('spec/fixtures/trace/sample_trace', 'text/plain')
+        end
+
+        before do
+          subject.store!(file)
+        end
+
+        it 'returns io stream' do
+          expect(subject.open).to be_a(IO)
+        end
+
+        it 'when passing block it yields' do
+          expect { |b| subject.open(&b) }.to yield_control
+        end
+      end
+
+      context 'when file does not exist' do
+        it 'returns nil' do
+          expect(subject.open).to be_nil
+        end
+
+        it 'when passing block it does not yield' do
+          expect { |b| subject.open(&b) }.not_to yield_control
+        end
+      end
+    end
+
+    context 'when trace is stored in Object storage' do
+      before do
+        allow(subject).to receive(:file_storage?) { false }
+      end
+
+      context 'when file exists' do
+        before do
+          allow(subject).to receive(:url) { 'http://object_storage.com/trace' }
+        end
+
+        it 'returns http io stream' do
+          expect(subject.open).to be_a(Gitlab::HttpIO)
+        end
+
+        it 'when passing block it yields' do
+          expect { |b| subject.open(&b) }.to yield_control.once
+        end
+      end
+
+      context 'when file does not exist' do
+        it 'returns nil' do
+          expect(subject.open).to be_nil
+        end
+
+        it 'when passing block it does not yield' do
+          expect { |b| subject.open(&b) }.not_to yield_control
+        end
+      end
+    end
+  end
 end
diff --git a/spec/uploaders/job_artifact_uploader_spec.rb b/spec/uploaders/job_artifact_uploader_spec.rb
index 026e4356ed6..3ad5fe7e3b3 100644
--- a/spec/uploaders/job_artifact_uploader_spec.rb
+++ b/spec/uploaders/job_artifact_uploader_spec.rb
@@ -23,43 +23,6 @@ describe JobArtifactUploader do
                     store_dir: %r[\h{2}/\h{2}/\h{64}/\d{4}_\d{1,2}_\d{1,2}/\d+/\d+\z]
   end
 
-  describe '#open' do
-    subject { uploader.open }
-
-    context 'when trace is stored in File storage' do
-      context 'when file exists' do
-        let(:file) do
-          fixture_file_upload('spec/fixtures/trace/sample_trace', 'text/plain')
-        end
-
-        before do
-          uploader.store!(file)
-        end
-
-        it 'returns io stream' do
-          is_expected.to be_a(IO)
-        end
-      end
-
-      context 'when file does not exist' do
-        it 'returns nil' do
-          is_expected.to be_nil
-        end
-      end
-    end
-
-    context 'when trace is stored in Object storage' do
-      before do
-        allow(uploader).to receive(:file_storage?) { false }
-        allow(uploader).to receive(:url) { 'http://object_storage.com/trace' }
-      end
-
-      it 'returns http io stream' do
-        is_expected.to be_a(Gitlab::Ci::Trace::HttpIO)
-      end
-    end
-  end
-
   context 'file is stored in valid local_path' do
     let(:file) do
       fixture_file_upload('spec/fixtures/ci_build_artifacts.zip', 'application/zip')
diff --git a/spec/views/projects/imports/new.html.haml_spec.rb b/spec/views/projects/imports/new.html.haml_spec.rb
index 32d73d0c5ab..fc389641fcd 100644
--- a/spec/views/projects/imports/new.html.haml_spec.rb
+++ b/spec/views/projects/imports/new.html.haml_spec.rb
@@ -7,7 +7,7 @@ describe "projects/imports/new.html.haml" do
     let(:project) { create(:project_empty_repo, :import_failed, import_type: :gitlab_project, import_source: '/var/opt/gitlab/gitlab-rails/shared/tmp/project_exports/uploads/t.tar.gz', import_url: nil) }
 
     before do
-      project.import_state.update_attributes(last_error: '<a href="http://googl.com">Foo</a>')
+      project.import_state.update(last_error: '<a href="http://googl.com">Foo</a>')
       sign_in(user)
       project.add_master(user)
     end
diff --git a/spec/views/projects/merge_requests/show.html.haml_spec.rb b/spec/views/projects/merge_requests/show.html.haml_spec.rb
index 264e0ce0b40..fe6ad26a6f6 100644
--- a/spec/views/projects/merge_requests/show.html.haml_spec.rb
+++ b/spec/views/projects/merge_requests/show.html.haml_spec.rb
@@ -52,7 +52,7 @@ describe 'projects/merge_requests/show.html.haml' do
 
   context 'when the merge request is open' do
     it 'closes the merge request if the source project does not exist' do
-      closed_merge_request.update_attributes(state: 'open')
+      closed_merge_request.update(state: 'open')
       forked_project.destroy
       # Reload merge request so MergeRequest#source_project turns to `nil`
       closed_merge_request.reload
diff --git a/spec/workers/concerns/waitable_worker_spec.rb b/spec/workers/concerns/waitable_worker_spec.rb
index 199825b5097..ce38cde9208 100644
--- a/spec/workers/concerns/waitable_worker_spec.rb
+++ b/spec/workers/concerns/waitable_worker_spec.rb
@@ -18,8 +18,8 @@ describe WaitableWorker do
       def self.bulk_perform_inline(args_list)
       end
 
-      def perform(i = 0)
-        self.class.counter += i
+      def perform(count = 0)
+        self.class.counter += count
       end
     end
   end
diff --git a/spec/workers/repository_import_worker_spec.rb b/spec/workers/repository_import_worker_spec.rb
index f0884ad0aff..d07e40377d4 100644
--- a/spec/workers/repository_import_worker_spec.rb
+++ b/spec/workers/repository_import_worker_spec.rb
@@ -51,7 +51,7 @@ describe RepositoryImportWorker do
       it 'hide the credentials that were used in the import URL' do
         error = %q{remote: Not Found fatal: repository 'https://user:pass@test.com/root/repoC.git/' not found }
 
-        project.update_attributes(import_jid: '123')
+        project.update(import_jid: '123')
         expect_any_instance_of(Projects::ImportService).to receive(:execute).and_return({ status: :error, message: error })
 
         expect do
@@ -63,7 +63,7 @@ describe RepositoryImportWorker do
       it 'updates the error on Import/Export' do
         error = %q{remote: Not Found fatal: repository 'https://user:pass@test.com/root/repoC.git/' not found }
 
-        project.update_attributes(import_jid: '123', import_type: 'gitlab_project')
+        project.update(import_jid: '123', import_type: 'gitlab_project')
         expect_any_instance_of(Projects::ImportService).to receive(:execute).and_return({ status: :error, message: error })
 
         expect do
diff --git a/spec/workers/repository_update_remote_mirror_worker_spec.rb b/spec/workers/repository_update_remote_mirror_worker_spec.rb
index 152ba2509b9..4f1ad2474f5 100644
--- a/spec/workers/repository_update_remote_mirror_worker_spec.rb
+++ b/spec/workers/repository_update_remote_mirror_worker_spec.rb
@@ -13,7 +13,7 @@ describe RepositoryUpdateRemoteMirrorWorker do
   describe '#perform' do
     context 'with status none' do
       before do
-        remote_mirror.update_attributes(update_status: 'none')
+        remote_mirror.update(update_status: 'none')
       end
 
       it 'sets status as finished when update remote mirror service executes successfully' do
@@ -34,7 +34,7 @@ describe RepositoryUpdateRemoteMirrorWorker do
       end
 
       it 'does nothing if last_update_started_at is higher than the time the job was scheduled in' do
-        remote_mirror.update_attributes(last_update_started_at: Time.now)
+        remote_mirror.update(last_update_started_at: Time.now)
 
         expect_any_instance_of(RemoteMirror).to receive(:updated_since?).with(scheduled_time).and_return(true)
         expect_any_instance_of(Projects::UpdateRemoteMirrorService).not_to receive(:execute).with(remote_mirror)
@@ -56,7 +56,7 @@ describe RepositoryUpdateRemoteMirrorWorker do
 
     context 'with another worker already running' do
       before do
-        remote_mirror.update_attributes(update_status: 'started')
+        remote_mirror.update(update_status: 'started')
       end
 
       it 'raises RemoteMirrorUpdateAlreadyInProgressError' do
@@ -68,11 +68,11 @@ describe RepositoryUpdateRemoteMirrorWorker do
 
     context 'with status failed' do
       before do
-        remote_mirror.update_attributes(update_status: 'failed')
+        remote_mirror.update(update_status: 'failed')
       end
 
       it 'sets status as finished if last_update_started_at is higher than the time the job was scheduled in' do
-        remote_mirror.update_attributes(last_update_started_at: Time.now)
+        remote_mirror.update(last_update_started_at: Time.now)
 
         expect_any_instance_of(RemoteMirror).to receive(:updated_since?).with(scheduled_time).and_return(false)
         expect_any_instance_of(Projects::UpdateRemoteMirrorService).to receive(:execute).with(remote_mirror).and_return(status: :success)
diff --git a/spec/workers/stuck_import_jobs_worker_spec.rb b/spec/workers/stuck_import_jobs_worker_spec.rb
index af7675c8cab..2169c14218b 100644
--- a/spec/workers/stuck_import_jobs_worker_spec.rb
+++ b/spec/workers/stuck_import_jobs_worker_spec.rb
@@ -51,7 +51,7 @@ describe StuckImportJobsWorker do
       let(:project) { create(:project, :import_scheduled) }
 
       before do
-        project.import_state.update_attributes(jid: '123')
+        project.import_state.update(jid: '123')
       end
     end
   end
@@ -61,7 +61,7 @@ describe StuckImportJobsWorker do
       let(:project) { create(:project, :import_started) }
 
       before do
-        project.import_state.update_attributes(jid: '123')
+        project.import_state.update(jid: '123')
       end
     end
   end