Add latest changes from gitlab-org/gitlab@master

.gitattributes

@@ -1,2 +1,3 @@
+VERSION merge=ours
 Dangerfile gitlab-language=ruby
 db/schema.rb merge=merge_db_schema

.gitlab-ci.yml

@@ -42,4 +42,3 @@ include:
   - local: .gitlab/ci/setup.gitlab-ci.yml
   - local: .gitlab/ci/test-metadata.gitlab-ci.yml
   - local: .gitlab/ci/yaml.gitlab-ci.yml
-  - local: .gitlab/ci/ee-specific-checks.gitlab-ci.yml

.gitlab/ci/ee-specific-checks.gitlab-ci.yml

@@ -1,22 +0,0 @@
-.ee-specific-check:
-  extends: .default-tags
-  dependencies: []
-  only:
-    - branches@gitlab-org/gitlab-ee
-  except:
-    - master
-    - tags
-    - /[\d-]+-stable(-ee)?/
-    - /[\d-]+-auto-deploy-\d{7}/
-    - /^security-/
-    - /\bce\-to\-ee\b/
-
-ee-files-location-check:
-  extends: .ee-specific-check
-  script:
-    - scripts/ee-files-location-check
-
-ee-specific-lines-check:
-  extends: .ee-specific-check
-  script:
-    - scripts/ee-specific-lines-check

.gitlab/ci/rails.gitlab-ci.yml

@@ -8,6 +8,11 @@
       - master@gitlab/gitlabhq
       - master@gitlab/gitlab-ee
 
+.only-gitlab-ee:
+  only:
+    - branches@gitlab-org/gitlab-ee
+    - tags@gitlab-org/gitlab-ee
+
 .rake-exec:
   extends:
     - .default-tags
@@ -231,7 +236,7 @@ db:migrate-from-v11.11.0:
   variables:
     SETUP_DB: "false"
   script:
-    - git fetch https://gitlab.com/gitlab-org/gitlab-ce.git v11.11.0
+    - git fetch https://gitlab.com/gitlab-org/gitlab-ee.git v11.11.0-ee
     - git checkout -f FETCH_HEAD
     - sed -i "s/gem 'oj', '~> 2.17.4'//" Gemfile
     - sed -i "s/gem 'bootsnap', '~> 1.0.0'/gem 'bootsnap'/" Gemfile
@@ -314,3 +319,135 @@ coverage:
       - coverage/index.html
       - coverage/assets/
       - tmp/memory_test/
+
+## EE-specific content
+.rspec-base-ee:
+  extends:
+    - .rspec-base
+    - .only-gitlab-ee
+  script:
+    - JOB_NAME=( $CI_JOB_NAME )
+    - TEST_TOOL=${JOB_NAME[0]}
+    - TEST_LEVEL=${JOB_NAME[1]}
+    - DATABASE=${JOB_NAME[2]}
+    - export KNAPSACK_REPORT_PATH=knapsack/${CI_PROJECT_NAME}/${TEST_TOOL}_${TEST_LEVEL}_${DATABASE}_ee_node_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json
+    - export KNAPSACK_GENERATE_REPORT=true KNAPSACK_LOG_LEVEL=debug KNAPSACK_TEST_DIR=spec
+    - export CACHE_CLASSES=true
+    - cp ${EE_KNAPSACK_RSPEC_SUITE_REPORT_PATH} ${KNAPSACK_REPORT_PATH}
+    - scripts/gitaly-test-spawn
+    - date
+    - 'export KNAPSACK_TEST_FILE_PATTERN=$(ruby -r./lib/quality/test_level.rb -e "puts Quality::TestLevel.new(%(ee/)).pattern(:${TEST_LEVEL})")'
+    - mkdir -p tmp/memory_test
+    - export MEMORY_TEST_PATH="tmp/memory_test/ee_${TEST_TOOL}_${TEST_LEVEL}_${DATABASE}_node_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_memory.csv"
+    - knapsack rspec "--color --format documentation --format RspecJunitFormatter --out junit_rspec.xml --tag level:${TEST_LEVEL} --tag ~geo"
+    - date
+
+.rspec-base-pg-ee:
+  extends: .rspec-base-ee
+  services:
+    - name: postgres:9.6
+      command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
+    - name: redis:alpine
+    - name: docker.elastic.co/elasticsearch/elasticsearch:5.6.12
+
+rspec unit pg ee:
+  extends: .rspec-base-pg-ee
+  parallel: 7
+
+rspec integration pg ee:
+  extends: .rspec-base-pg-ee
+  parallel: 3
+
+rspec system pg ee:
+  extends: .rspec-base-pg-ee
+  parallel: 5
+
+.rspec-base-pg-geo:
+  extends:
+    - .rspec-base
+    - .only-gitlab-ee
+  script:
+    - JOB_NAME=( $CI_JOB_NAME )
+    - TEST_TOOL=${JOB_NAME[0]}
+    - TEST_LEVEL=${JOB_NAME[1]}
+    - DATABASE=${JOB_NAME[2]}
+    - export KNAPSACK_TEST_FILE_PATTERN="ee/spec/**{,/*/**}/*_spec.rb" KNAPSACK_GENERATE_REPORT=true CACHE_CLASSES=true
+    - export KNAPSACK_REPORT_PATH=knapsack/${CI_PROJECT_NAME}/${TEST_TOOL}_node_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json
+    - cp ${EE_KNAPSACK_RSPEC_SUITE_REPORT_PATH} ${KNAPSACK_REPORT_PATH}
+    - source scripts/prepare_postgres_fdw.sh
+    - scripts/gitaly-test-spawn
+    - mkdir -p tmp/memory_test
+    - export MEMORY_TEST_PATH="tmp/memory_test/ee_${TEST_TOOL}_${TEST_LEVEL}_${DATABASE}_node_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_memory.csv"
+    - knapsack rspec "-Ispec --color --format documentation --format RspecJunitFormatter --out junit_rspec.xml --tag geo"
+
+rspec geo pg ee:
+  extends:
+    - .rspec-base-pg-geo
+    - .use-pg
+    - .except-docs-qa-geo
+  parallel: 3
+
+rspec geo pg-10 ee:
+  extends:
+    - .rspec-base-pg-geo
+    - .use-pg-10
+    - .except-docs-qa-geo
+  parallel: 3
+
+quick-rspec geo pg ee:
+  extends:
+    - .rspec-base-pg-geo
+    - .use-pg
+  stage: quick-test
+  only:
+    - /(^geo[\/-].*|.*-geo$)/
+
+quick-rspec geo pg-10 ee:
+  extends:
+    - .rspec-base-pg-geo
+    - .use-pg-10
+  stage: quick-test
+  only:
+    - /(^geo[\/-].*|.*-geo$)/
+
+rspec quarantine pg ee:
+  extends: rspec quarantine pg
+  script:
+    - export NO_KNAPSACK=1 CACHE_CLASSES=true
+    - scripts/gitaly-test-spawn
+    - bin/rspec --color --format documentation --format RspecJunitFormatter --out junit_rspec.xml --tag quarantine -- ee/spec/
+
+migration:upgrade-pg-ce-to-ee:
+  extends:
+    - .default-tags
+    - .default-retry
+    - .default-cache
+    - .default-before_script
+    - .use-pg
+    - .except-docs-qa
+  dependencies: ["setup-test-env"]
+  variables:
+    SETUP_DB: "false"
+  script:
+    - ruby -r./scripts/ee_specific_check/ee_specific_check -e'EESpecificCheck.fetch_remote_ce_branch'
+    - git checkout -f FETCH_HEAD
+    - . scripts/utils.sh
+    - . scripts/prepare_build.sh
+    - date
+    - setup_db
+    - date
+    - git checkout -f $CI_COMMIT_SHA
+    - date
+    - . scripts/prepare_build.sh
+    - date
+    - bundle exec rake db:migrate
+
+db:rollback geo:
+  extends:
+    - db:rollback
+    - .only-gitlab-ee
+  script:
+    - bundle exec rake geo:db:migrate VERSION=20170627195211
+    - bundle exec rake geo:db:migrate
+
+## END of EE-specific content

.gitlab/ci/test-metadata.gitlab-ci.yml

@@ -26,6 +26,8 @@ retrieve-tests-metadata:
     - mkdir -p rspec_profiling/
     - wget -O $FLAKY_RSPEC_SUITE_REPORT_PATH http://${TESTS_METADATA_S3_BUCKET}.s3.amazonaws.com/$FLAKY_RSPEC_SUITE_REPORT_PATH || rm $FLAKY_RSPEC_SUITE_REPORT_PATH
     - '[[ -f $FLAKY_RSPEC_SUITE_REPORT_PATH ]] || echo "{}" > ${FLAKY_RSPEC_SUITE_REPORT_PATH}'
+    - wget -O $EE_KNAPSACK_RSPEC_SUITE_REPORT_PATH http://${TESTS_METADATA_S3_BUCKET}.s3.amazonaws.com/$EE_KNAPSACK_RSPEC_SUITE_REPORT_PATH || rm $EE_KNAPSACK_RSPEC_SUITE_REPORT_PATH
+    - '[[ -f $EE_KNAPSACK_RSPEC_SUITE_REPORT_PATH ]] || echo "{}" > ${EE_KNAPSACK_RSPEC_SUITE_REPORT_PATH}'
 
 update-tests-metadata:
   extends: .tests-metadata-state
@@ -41,6 +43,9 @@ update-tests-metadata:
     - echo "{}" > ${KNAPSACK_RSPEC_SUITE_REPORT_PATH}
     - scripts/merge-reports ${KNAPSACK_RSPEC_SUITE_REPORT_PATH} knapsack/${CI_PROJECT_NAME}/rspec_*_pg_node_*.json
     - '[[ -z ${TESTS_METADATA_S3_BUCKET} ]] || scripts/sync-reports put $TESTS_METADATA_S3_BUCKET $KNAPSACK_RSPEC_SUITE_REPORT_PATH'
+    - echo "{}" > ${EE_KNAPSACK_RSPEC_SUITE_REPORT_PATH}
+    - scripts/merge-reports ${EE_KNAPSACK_RSPEC_SUITE_REPORT_PATH} knapsack/${CI_PROJECT_NAME}/rspec_*_pg_ee_*node_*.json
+    - '[[ -z ${TESTS_METADATA_S3_BUCKET} ]] || scripts/sync-reports put $TESTS_METADATA_S3_BUCKET $EE_KNAPSACK_RSPEC_SUITE_REPORT_PATH'
     - rm -f knapsack/${CI_PROJECT_NAME}/*_node_*.json
     - scripts/merge-reports ${FLAKY_RSPEC_SUITE_REPORT_PATH} rspec_flaky/all_*_*.json
     - FLAKY_RSPEC_GENERATE_REPORT=1 scripts/prune-old-flaky-specs ${FLAKY_RSPEC_SUITE_REPORT_PATH}

.gitlab/issue_templates/Feature proposal.md

@@ -43,6 +43,10 @@ If this feature requires changing permissions, this document https://docs.gitlab
 
 <!-- Define both the success metrics and acceptance criteria. Note that success metrics indicate the desired business outcomes, while acceptance criteria indicate when the solution is working correctly. If there is no way to measure success, link to an issue that will implement a way to measure this. -->
 
+### What is the type of buyer? 
+
+<!-- Which leads to: in which enterprise tier should this feature go? See https://about.gitlab.com/handbook/product/pricing/#four-tiers -->
+
 ### Links / references
 
 /label ~feature

.license_encryption_key.pub

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Hxv3MkkZbMrKtIs6np9
+ccP4OwGBkNhIvhPjcQP48hbbascv5RqsOquQGrYSD2ZrE/kbkRdkIcoHEeTZLif+
+bDKFZFI7o5x0H92o9/GSvxHJhQ8mkmvwxD7lssGShwZEm8WG+U7BZqUV/gGmCDqe
+9W8H8Fq2B0ck8IXjbQ4Zz+JlyV/NHZTZcs69plFiLKh4N6GYVftOVwSomh0bbypP
+OB9WnLC7RC9a2LRrhtf8sqa2rRFmtyMMfgFFzLMzS+w+1K4+QLnWP1gKQVzaFnzk
+pnwKPrqbGFYbRztIVEWbs8jPYlLkGb8ME4C84YVtQgbQcbyisU/VW3wUGkhT+J0k
+xwIDAQAB
+-----END PUBLIC KEY-----

.rubocop.yml

@@ -275,8 +275,15 @@ RSpec/BeSuccessMatcher:
     - 'ee/spec/support/shared_examples/controllers/**/*'
     - 'spec/support/controllers/**/*'
     - 'ee/spec/support/controllers/**/*'
+
 Scalability/FileUploads:
   Enabled: true
   Include:
     - 'lib/api/**/*.rb'
     - 'ee/lib/api/**/*.rb'
+
+Graphql/Descriptions:
+  Enabled: true
+  Include:
+    - 'app/graphql/**/*'
+    - 'ee/app/graphql/**/*'

CHANGELOG.md

@@ -28,6 +28,10 @@ entry.
 
 ## 12.2.3
 
+- No changes.
+
+## 12.2.2
+
 ### Security (22 changes)
 
 - Ensure only authorised users can create notes on Merge Requests and Issues.
@@ -54,12 +58,17 @@ entry.
 - Fix SSRF via DNS rebinding in Kubernetes Integration.
 
 
-## 12.2.2
-
-- Unreleased due to QA failure.
-
 ## 12.2.1
 
+### Fixed (2 changes)
+
+- Fix for embedded metrics undefined params. !31975
+- Fix "ERR value is not an integer or out of range" errors. !32126
+
+### Performance (1 change)
+
+- Fix Gitaly N+1 calls with listing issues/MRs via API. !31938
+
 ### Fixed (3 changes)
 
 - Fix for embedded metrics undefined params. !31975
@@ -721,16 +730,16 @@ entry.
 
 ### Security (10 changes)
 
+- Prevent bypass of restriction disabling web password sign in.
 - Hide confidential issue title on unsubscribe for anonymous users.
+- Resolve: Milestones leaked via search API.
 - Fix url redaction for issue links.
+- Add extra fields for handling basic auth on import by url page.
 - Fix confidential issue label disclosure on milestone view.
 - Filter relative links in wiki for XSS.
-- Prevent XSS injection in note imports.
-- Resolve: Milestones leaked via search API.
-- Prevent bypass of restriction disabling web password sign in.
-- Add extra fields for handling basic auth on import by url page.
-- Protect Gitlab::HTTP against DNS rebinding attack.
 - Prevent invalid branch for merge request.
+- Prevent XSS injection in note imports.
+- Protect Gitlab::HTTP against DNS rebinding attack.
 
 ### Removed (5 changes, 1 of them is from the community)
 
@@ -740,7 +749,7 @@ entry.
 - Make Kubernetes service templates readonly. !29044
 - Remove Content-Type override for Mattermost OAuth login. (Harrison Healey)
 
-### Fixed (116 changes, 28 of them are from the community)
+### Fixed (115 changes, 28 of them are from the community)
 
 - Fix col-sm-* in forms to keep layout. !24885 (Takuya Noguchi)
 - Avoid 500 when rendering users ATOM data. !25408
@@ -753,7 +762,6 @@ entry.
 - Bring secondary button styles up to design standard. !27920
 - Use FindOrCreateService to create labels and check for existing ones. !27987 (Matt Duren)
 - Fix "too many loops" error by handling gracefully cron schedules for non existent days. !28002
-- Handle errors in successful notes reply. !28082
 - Fix 500 error when accessing charts with an anonymous user. !28091 (Diego Silva)
 - Allow user to set primary email first when 2FA is required. !28097 (Kartikey Tanna)
 - Auto-DevOps: allow to disable rollout status check. !28130 (Sergej Nikolaev <kinolaev@gmail.com>)
@@ -850,14 +858,14 @@ entry.
 - Move Dropdown to Stick to MR View App Button. !29767
 - Fix IDE commit using latest ref in branch and overriding contents. !29769
 - Revert concurrent pipeline creation for pipeline schedules. !29794
-- Fix layout of group milestone header.
-- Fix remote mirrors not updating after tag push.
+- Fix border radii on diff files and repo files.
 - Fix padding of unclickable pipeline dropdown items to match links.
+- Fix pipeline schedules when owner is nil.
+- Fix remote mirrors not updating after tag push.
+- Fix layout of group milestone header.
+- Fixed show whitespace button not refetching diff content.
 - Change resolve button text to mark comment as resolved.
 - Align system note within discussion with other notes.
-- Fix border radii on diff files and repo files.
-- Fixed show whitespace button not refetching diff content.
-- Fix pipeline schedules when owner is nil.
 
 ### Changed (35 changes, 13 of them are from the community)
 
@@ -957,9 +965,9 @@ entry.
 - Link to an external dashboard from metrics dashboard. !29369
 - Add labels to note event payload. !29384 (Sujay Patel)
 - Add Join meeting button to issues with Zoom links. !29454
-- Make task completion status available via GraphQL.
 - Add backtraces to Peek performance bar for SQL calls.
 - Added diff suggestion feature discovery popover.
+- Make task completion status available via GraphQL.
 
 ### Other (62 changes, 14 of them are from the community)
 
@@ -1014,17 +1022,17 @@ entry.
 - Changed the 'Created' label to 'Last Updated' on the container registry table to more accurately reflect what the date represents. !29464
 - Update GitLab Pages to v1.6.1. !29559
 - Indent collapsible sections. !29804
-- Group download buttons into a .btn-group.
-- Change default color of award emoji button.
-- Use blue for activity stream links; use monospace font for commit sha.
-- Remove fixed height from MR diff headers.
-- Moves the table pagination shared component.
-- Add warning that gitlab-secrets isn't included in backup.
-- Update merge request tabs so they no longer scroll.
-- Reduce height of issue board input to align with buttons.
-- Increase height of move issue dropdown.
 - Use grid and correct border radius for status badge.
+- Remove fixed height from MR diff headers.
+- Use blue for activity stream links; use monospace font for commit sha.
 - Moves snowplow to CE repo.
+- Reduce height of issue board input to align with buttons.
+- Change default color of award emoji button.
+- Group download buttons into a .btn-group.
+- Add warning that gitlab-secrets isn't included in backup.
+- Increase height of move issue dropdown.
+- Update merge request tabs so they no longer scroll.
+- Moves the table pagination shared component.
 
 
 ## 11.11.8
@@ -1093,7 +1101,7 @@ entry.
 
 - Destroy project remote mirrors instead of disabling. !27087
 
-### Fixed (74 changes, 19 of them are from the community)
+### Fixed (75 changes, 19 of them are from the community)
 
 - Don't create a temp reference for branch comparisons within project. !24038
 - Fix some label links not appearing on group labels page and label title being a link on project labels page. !24060 (Tanya Pazitny)
@@ -1154,6 +1162,7 @@ entry.
 - Fix uploading of LFS tracked file through UI. !28052
 - Render Next badge only for gitlab.com. !28056
 - Fix update head pipeline process of Pipelines for merge requests. !28057
+- Handle errors in successful notes reply. !28082
 - Fix visual issues in set status modal. !28147
 - Use a path for the related merge requests endpoint. !28171
 - disable SSH key validation in key details view. !28180 (Roger Meier)
@@ -1164,10 +1173,10 @@ entry.
 - Fix project visibility level validation. !28305 (Peter Marko)
 - Fix incorrect prefix used in new uploads for personal snippets. !28337
 - Fix Rugged get_tree_entries recursive flag not working. !28494
-- Fixes next badge being always visible.
 - Next badge must visible when canary flag is true.
-- Adds arrow icons to select option in CI/CD settings.
 - Vertically aligns the play button for stages.
+- Fixes next badge being always visible.
+- Adds arrow icons to select option in CI/CD settings.
 - Allow replying to individual notes from API.
 
 ### Changed (19 changes, 3 of them are from the community)
@@ -1234,10 +1243,10 @@ entry.
 - Leave project/group from access granted email. !27892
 - Allow Sentry client-side DSN to be passed on gitlab.yml. !27967
 - GraphQL: improve evaluation of query complexity based on arguments and query limits. !28017
-- Adds badge for Canary environment and help link.
 - Support negative matches.
-- Show category icons in user popover.
 - Added Omniauth UltraAuth strategy to GitLab. (Kartikey Tanna)
+- Adds badge for Canary environment and help link.
+- Show category icons in user popover.
 
 ### Other (29 changes, 8 of them are from the community)
 
@@ -1267,9 +1276,22 @@ entry.
 - Remove the note in the docs that multi-line suggestions are not yet available. !28119 (hardysim)
 - Update gitlab-shell to v9.1.0. !28184
 - Add EE fixtures to SeedFu list. !28241
+- Add some frozen string to spec/**/*.rb. (gfyoung)
 - Replaces CSS with BS4 utility class for pipeline schedules.
 - Creates a vendors folder for external CSS.
-- Add some frozen string to spec/**/*.rb. (gfyoung)
+
+### Performance (1 change)
+
+- Add improvements to global search of issues and merge requests. !27817
+
+
+## 11.10.7 (2019-06-26)
+
+### Fixed (3 changes)
+
+- Remove a default git depth in Pipelines for merge requests. !28926
+- Fix label click scrolling to top. !29202
+- Fix scrolling to top on assignee change. !29500
 
 
 ## 11.10.8 (2019-06-27)
@@ -1309,7 +1331,6 @@ entry.
 
 - Fix input group height.
 
-
 ## 11.10.4 (2019-05-01)
 
 ### Fixed (12 changes)
@@ -1685,31 +1706,11 @@ entry.
 
 ## 11.9.3 (2019-03-27)
 
-### Security (8 changes)
-
-- Disallow guest users from accessing Releases.
-- Fix PDF.js vulnerability.
-- Hide "related branches" when user does not have permission.
-- Fix XSS in resolve conflicts form.
-- Added rake task for removing EXIF data from existing uploads.
-- Return cached languages if they've been detected before.
-- Disallow updating namespace when updating a project.
-- Use UntrustedRegexp for matching refs policy.
-
+- No changes.
 
 ## 11.9.2 (2019-03-26)
 
-### Security (8 changes)
-
-- Disallow guest users from accessing Releases.
-- Fix PDF.js vulnerability.
-- Hide "related branches" when user does not have permission.
-- Fix XSS in resolve conflicts form.
-- Added rake task for removing EXIF data from existing uploads.
-- Return cached languages if they've been detected before.
-- Disallow updating namespace when updating a project.
-- Use UntrustedRegexp for matching refs policy.
-
+- No changes.
 
 ## 11.9.1 (2019-03-25)
 
@@ -2324,16 +2325,7 @@ entry.
 
 ## 11.7.8 (2019-03-26)
 
-### Security (7 changes)
-
-- Disallow guest users from accessing Releases.
-- Fix PDF.js vulnerability.
-- Hide "related branches" when user does not have permission.
-- Fix XSS in resolve conflicts form.
-- Added rake task for removing EXIF data from existing uploads.
-- Disallow updating namespace when updating a project.
-- Use UntrustedRegexp for matching refs policy.
-
+- No changes.
 
 ## 11.7.7 (2019-03-19)
 
@@ -2343,7 +2335,7 @@ entry.
 - Fixed ability to see private groups by users not belonging to given group.
 
 
-## 11.7.5 (2019-02-06)
+## 11.7.5 (2019-02-05)
 
 ### Fixed (8 changes)
 
@@ -2582,10 +2574,9 @@ entry.
 
 ## 11.6.11 (2019-04-23)
 
-### Security (2 changes)
+### Security (1 change)
 
 - Fixed ability to see private groups by users not belonging to given group.
-- Fix XSS in resolve conflicts form.
 
 ### Fixed (2 changes)
 
@@ -2631,6 +2622,13 @@ entry.
 - Fix leaking private repository information in API.
 
 
+## 11.6.9 (2019-02-04)
+
+### Security (1 change)
+
+- Use sanitized user status message for user popover.
+
+
 ## 11.6.8 (2019-01-30)
 
 - No changes.
@@ -3155,7 +3153,6 @@ entry.
 - Fix a race condition intermittently breaking GitLab startup. !23028
 - Adds margin after a deleted branch name in the activity feed. !23038
 - Ignore environment validation failure. !23100
-- Fixes broken borders for reports section in MR widget.
 - Adds CI favicon back to jobs page.
 - Redirect to the pipeline builds page when a build is canceled. (Eva Kadlecova)
 - Fixed diff stats not showing when performance bar is enabled.
@@ -3164,12 +3161,13 @@ entry.
 - Fix bug causing not all emails to show up in commit email selectbox.
 - Remove duplicate escape in job sidebar.
 - Fixing styling issues on the scheduled pipelines page.
+- Fixes broken test in master.
 - Renders stuck block when runners are stuck.
 - Removes extra border from test reports in the merge request widget.
+- Fixes broken borders for reports section in MR widget.
 - Only render link to branch when branch still exists in pipeline page.
 - Fixed source project not filtering in merge request creation compare form.
 - Do not reload self on hooks when creating deployment.
-- Fixes broken test in master.
 
 ### Changed (38 changes, 12 of them are from the community)
 
@@ -9627,4 +9625,3 @@ entry.
 ## 8.15.8 through 0.8.0
 
 - See [changelogs/archive.md](changelogs/archive.md)
-

CONTRIBUTING.md

@@ -1,13 +1,9 @@
-## Developer Certificate of Origin + License
+## Contributor license agreement
 
-By contributing to GitLab B.V., You accept and agree to the following terms and
-conditions for Your present and future Contributions submitted to GitLab B.V.
-Except for the license granted herein to GitLab B.V. and recipients of software
-distributed by GitLab B.V., You reserve all right, title, and interest in and to
-Your Contributions. All Contributions are subject to the following DCO + License
-terms.
-
-[DCO + License](https://gitlab.com/gitlab-org/dco/blob/master/README.md)
+By submitting code as an individual you agree to the
+[individual contributor license agreement](doc/legal/individual_contributor_license_agreement.md).
+By submitting code as an entity you agree to the
+[corporate contributor license agreement](doc/legal/corporate_contributor_license_agreement.md).
 
 All Documentation content that resides under the [doc/ directory](/doc) of this
 repository is licensed under Creative Commons:

Gemfile

@@ -48,6 +48,9 @@ gem 'omniauth-salesforce', '~> 1.0.5'
 gem 'rack-oauth2', '~> 1.9.3'
 gem 'jwt', '~> 2.1.0'
 
+# Kerberos authentication. EE-only
+gem 'gssapi', group: :kerberos
+
 # Spam and anti-bot protection
 gem 'recaptcha', '~> 4.11', require: 'recaptcha/rails'
 gem 'akismet', '~> 2.0'
@@ -124,6 +127,13 @@ gem 'unf', '~> 0.1.4'
 # Seed data
 gem 'seed-fu', '~> 2.3.7'
 
+# Search
+gem 'elasticsearch-model', '~> 0.1.9'
+gem 'elasticsearch-rails', '~> 0.1.9', require: 'elasticsearch/rails/instrumentation'
+gem 'elasticsearch-api',   '5.0.3'
+gem 'aws-sdk'
+gem 'faraday_middleware-aws-signers-v4'
+
 # Markdown and HTML processing
 gem 'html-pipeline', '~> 2.8'
 gem 'deckar01-task_list', '2.2.0'
@@ -281,6 +291,8 @@ gem 'gon', '~> 6.2'
 gem 'request_store', '~> 1.3'
 gem 'base32', '~> 0.3.0'
 
+gem "gitlab-license", "~> 1.0"
+
 # Sentry integration
 gem 'sentry-raven', '~> 2.9'
 
@@ -420,6 +432,9 @@ gem 'health_check', '~> 2.6.0'
 gem 'vmstat', '~> 2.3.0'
 gem 'sys-filesystem', '~> 1.1.6'
 
+# NTP client
+gem 'net-ntp'
+
 # SSH host key support
 gem 'net-ssh', '~> 5.2'
 gem 'sshkey', '~> 2.0'
@@ -449,5 +464,8 @@ gem 'unleash', '~> 0.1.5'
 gem 'lograge', '~> 0.5'
 gem 'grape_logging', '~> 1.7'
 
+# DNS Lookup
+gem 'net-dns', '~> 0.9.0'
+
 # Countries list
 gem 'countries', '~> 3.0'

Gemfile.lock

@@ -80,6 +80,14 @@ GEM
       encryptor (~> 3.0.0)
     attr_required (1.0.1)
     awesome_print (1.8.0)
+    aws-sdk (2.9.32)
+      aws-sdk-resources (= 2.9.32)
+    aws-sdk-core (2.9.32)
+      aws-sigv4 (~> 1.0)
+      jmespath (~> 1.0)
+    aws-sdk-resources (2.9.32)
+      aws-sdk-core (= 2.9.32)
+    aws-sigv4 (1.0.0)
     axiom-types (0.1.1)
       descendants_tracker (~> 0.0.4)
       ice_nine (~> 0.11.0)
@@ -226,6 +234,19 @@ GEM
       doorkeeper (~> 4.3)
       json-jwt (~> 1.6)
     ed25519 (1.2.4)
+    elasticsearch (5.0.3)
+      elasticsearch-api (= 5.0.3)
+      elasticsearch-transport (= 5.0.3)
+    elasticsearch-api (5.0.3)
+      multi_json
+    elasticsearch-model (0.1.9)
+      activesupport (> 3)
+      elasticsearch (> 0.4)
+      hashie
+    elasticsearch-rails (0.1.9)
+    elasticsearch-transport (5.0.3)
+      faraday
+      multi_json
     email_reply_trimmer (0.1.6)
     email_spec (2.2.0)
       htmlentities (~> 4.3.3)
@@ -254,6 +275,9 @@ GEM
       faraday (~> 0.8)
     faraday_middleware (0.12.2)
       faraday (>= 0.7.4, < 1.0)
+    faraday_middleware-aws-signers-v4 (0.1.7)
+      aws-sdk-resources (~> 2)
+      faraday (~> 0.9)
     faraday_middleware-multi_json (0.0.6)
       faraday_middleware
       multi_json
@@ -344,6 +368,7 @@ GEM
       jaeger-client (~> 0.10)
       opentracing (~> 0.4)
       redis (> 3.0.0, < 5.0.0)
+    gitlab-license (1.0.0)
     gitlab-markup (1.7.0)
     gitlab-peek (0.0.1)
       railties (>= 4.0.0)
@@ -417,6 +442,8 @@ GEM
     grpc (1.19.0)
       google-protobuf (~> 3.1)
       googleapis-common-protos-types (~> 1.0.0)
+    gssapi (1.2.0)
+      ffi (>= 1.0.1)
     haml (5.0.4)
       temple (>= 0.8.0)
       tilt
@@ -480,6 +507,7 @@ GEM
       atlassian-jwt
       multipart-post
       oauth (~> 0.5, >= 0.5.0)
+    jmespath (1.3.1)
     js_regex (3.1.1)
       character_set (~> 1.1)
       regexp_parser (~> 1.1)
@@ -568,7 +596,9 @@ GEM
       mustermann (~> 1.0.0)
     nakayoshi_fork (0.0.4)
     nap (1.1.0)
+    net-dns (0.9.0)
     net-ldap (0.16.0)
+    net-ntp (2.1.3)
     net-ssh (5.2.0)
     netrc (0.11.0)
     nio4r (2.3.1)
@@ -961,7 +991,7 @@ GEM
     sys-filesystem (1.1.6)
       ffi
     sysexits (1.2.0)
-    temple (0.8.0)
+    temple (0.8.1)
     terminal-table (1.8.0)
       unicode-display_width (~> 1.1, >= 1.1.1)
     test-prof (0.2.5)
@@ -973,7 +1003,7 @@ GEM
     thor (0.19.4)
     thread_safe (0.3.6)
     thrift (0.11.0.0)
-    tilt (2.0.8)
+    tilt (2.0.9)
     timecop (0.8.1)
     timfel-krb5-auth (0.8.3)
     toml (0.2.0)
@@ -1070,6 +1100,7 @@ DEPENDENCIES
   atlassian-jwt (~> 0.2.0)
   attr_encrypted (~> 3.1.0)
   awesome_print
+  aws-sdk
   babosa (~> 1.0.2)
   base32 (~> 0.3.0)
   batch-loader (~> 1.4.0)
@@ -1107,11 +1138,15 @@ DEPENDENCIES
   doorkeeper (~> 4.3)
   doorkeeper-openid_connect (~> 1.5)
   ed25519 (~> 1.2)
+  elasticsearch-api (= 5.0.3)
+  elasticsearch-model (~> 0.1.9)
+  elasticsearch-rails (~> 0.1.9)
   email_reply_trimmer (~> 0.1)
   email_spec (~> 2.2.0)
   escape_utils (~> 1.1)
   factory_bot_rails (~> 4.8.2)
   faraday (~> 0.12)
+  faraday_middleware-aws-signers-v4
   fast_blank
   ffaker (~> 2.10)
   flipper (~> 0.13.0)
@@ -1136,6 +1171,7 @@ DEPENDENCIES
   gitaly (~> 1.58.0)
   github-markup (~> 1.7.0)
   gitlab-labkit (~> 0.5)
+  gitlab-license (~> 1.0)
   gitlab-markup (~> 1.7.0)
   gitlab-peek (~> 0.0.1)
   gitlab-sidekiq-fetcher (= 0.5.2)
@@ -1154,6 +1190,7 @@ DEPENDENCIES
   graphql (~> 1.9.11)
   graphql-docs (~> 1.6.0)
   grpc (~> 1.19.0)
+  gssapi
   haml_lint (~> 0.31.0)
   hamlit (~> 2.8.8)
   hangouts-chat (~> 0.0.5)
@@ -1185,7 +1222,9 @@ DEPENDENCIES
   mini_magick
   minitest (~> 5.11.0)
   nakayoshi_fork (~> 0.0.4)
+  net-dns (~> 0.9.0)
   net-ldap
+  net-ntp
   net-ssh (~> 5.2)
   nokogiri (~> 1.10.4)
   oauth2 (~> 1.4)

app/assets/javascripts/boards/models/list.js

@@ -3,7 +3,7 @@
 import { __ } from '~/locale';
 import ListLabel from './label';
 import ListAssignee from './assignee';
-import ListIssue from './issue';
+import ListIssue from 'ee_else_ce/boards/models/issue';
 import { urlParamsToObject } from '~/lib/utils/common_utils';
 import boardsStore from '../stores/boards_store';
 import ListMilestone from './milestone';

app/assets/javascripts/clusters/clusters_bundle.js

@@ -39,6 +39,7 @@ export default class Clusters {
       updateKnativePath,
       installPrometheusPath,
       managePrometheusPath,
+      clusterEnvironmentsPath,
       hasRbac,
       clusterType,
       clusterStatus,
@@ -79,6 +80,7 @@ export default class Clusters {
       installJupyterEndpoint: installJupyterPath,
       installKnativeEndpoint: installKnativePath,
       updateKnativeEndpoint: updateKnativePath,
+      clusterEnvironmentsEndpoint: clusterEnvironmentsPath,
     });
 
     this.installApplication = this.installApplication.bind(this);
@@ -109,6 +111,10 @@ export default class Clusters {
     this.initApplications(clusterType);
     this.initEnvironments();
 
+    if (clusterEnvironmentsPath) {
+      this.fetchEnvironments();
+    }
+
     this.updateContainer(null, this.store.state.status, this.store.state.statusReason);
 
     this.addListeners();
@@ -162,6 +168,7 @@ export default class Clusters {
       render(createElement) {
         return createElement(Environments, {
           props: {
+            isFetching: this.state.fetchingEnvironments,
             environments: this.state.environments,
             environmentsHelpPath: this.state.environmentsHelpPath,
             clustersHelpPath: this.state.clustersHelpPath,
@@ -172,6 +179,18 @@ export default class Clusters {
     });
   }
 
+  fetchEnvironments() {
+    this.store.toggleFetchEnvironments(true);
+
+    this.service
+      .fetchClusterEnvironments()
+      .then(data => {
+        this.store.toggleFetchEnvironments(false);
+        this.store.updateEnvironments(data.data);
+      })
+      .catch(() => Clusters.handleError());
+  }
+
   static initDismissableCallout() {
     const callout = document.querySelector('.js-cluster-security-warning');
     PersistentUserCallout.factory(callout);

app/assets/javascripts/clusters/services/clusters_service.js

@@ -33,6 +33,10 @@ export default class ClusterService {
     return axios.delete(this.appInstallEndpointMap[appId], params);
   }
 
+  fetchClusterEnvironments() {
+    return axios.get(this.options.clusterEnvironmentsEndpoint);
+  }
+
   static updateCluster(endpoint, data) {
     return axios.put(endpoint, data);
   }

app/assets/javascripts/clusters/stores/clusters_store.js

@@ -84,6 +84,7 @@ export default class ClusterStore {
         },
       },
       environments: [],
+      fetchingEnvironments: false,
     };
   }
 
@@ -206,6 +207,10 @@ export default class ClusterStore {
     });
   }
 
+  toggleFetchEnvironments(isFetching) {
+    this.state.fetchingEnvironments = isFetching;
+  }
+
   updateEnvironments(environments = []) {
     this.state.environments = environments.map(environment => ({
       name: environment.name,
@@ -215,7 +220,7 @@ export default class ClusterStore {
       rolloutStatus: {
         instances: environment.rollout_status ? environment.rollout_status.instances : [],
       },
-      updatedAt: environment.updatedAt,
+      updatedAt: environment.updated_at,
     }));
   }
 }

app/assets/javascripts/gl_dropdown.js

@@ -7,6 +7,7 @@ import fuzzaldrinPlus from 'fuzzaldrin-plus';
 import axios from './lib/utils/axios_utils';
 import { visitUrl } from './lib/utils/url_utility';
 import { isObject } from './lib/utils/type_utility';
+import renderItem from './gl_dropdown/render';
 
 var GitLabDropdown, GitLabDropdownFilter, GitLabDropdownRemote, GitLabDropdownInput;
 
@@ -521,8 +522,8 @@ GitLabDropdown = (function() {
           html.push(
             this.renderItem(
               {
-                header: name,
-                // Add header for each group
+                content: name,
+                type: 'header',
               },
               name,
             ),
@@ -542,16 +543,7 @@ GitLabDropdown = (function() {
   };
 
   GitLabDropdown.prototype.renderData = function(data, group) {
-    if (group == null) {
-      group = false;
-    }
-    return data.map(
-      (function(_this) {
-        return function(obj, index) {
-          return _this.renderItem(obj, group, index);
-        };
-      })(this),
-    );
+    return data.map((obj, index) => this.renderItem(obj, group || false, index));
   };
 
   GitLabDropdown.prototype.shouldPropagate = function(e) {
@@ -688,104 +680,25 @@ GitLabDropdown = (function() {
   };
 
   GitLabDropdown.prototype.renderItem = function(data, group, index) {
-    var field, html, selected, text, url, value, rowHidden;
+    let parent;
 
-    if (!this.options.renderRow) {
-      value = this.options.id ? this.options.id(data) : data.id;
-
-      if (value) {
-        value = value.toString().replace(/'/g, "\\'");
-      }
+    if (this.dropdown && this.dropdown[0]) {
+      parent = this.dropdown[0].parentNode;
     }
 
-    // Hide element
-    if (this.options.hideRow && this.options.hideRow(value)) {
-      rowHidden = true;
-    }
-    if (group == null) {
-      group = false;
-    }
-    if (index == null) {
-      // Render the row
-      index = false;
-    }
-    html = document.createElement('li');
-
-    if (rowHidden) {
-      html.style.display = 'none';
-    }
-
-    if (data === 'divider' || data === 'separator') {
-      html.className = data;
-      return html;
-    }
-    // Header
-    if (data.header != null) {
-      html.className = 'dropdown-header';
-      html.innerHTML = data.header;
-      return html;
-    }
-    if (this.options.renderRow) {
-      // Call the render function
-      html = this.options.renderRow.call(this.options, data, this);
-    } else {
-      if (!selected) {
-        const { fieldName } = this.options;
-
-        if (value) {
-          field = this.dropdown.parent().find(`input[name='${fieldName}'][value='${value}']`);
-          if (field.length) {
-            selected = true;
-          }
-        } else {
-          field = this.dropdown.parent().find(`input[name='${fieldName}']`);
-          selected = !field.length;
-        }
-      }
-      // Set URL
-      if (this.options.url != null) {
-        url = this.options.url(data);
-      } else {
-        url = data.url != null ? data.url : '#';
-      }
-      // Set Text
-      if (this.options.text != null) {
-        text = this.options.text(data);
-      } else {
-        text = data.text != null ? data.text : '';
-      }
-      if (this.highlight) {
-        text = data.template
-          ? this.highlightTemplate(text, data.template)
-          : this.highlightTextMatches(text, this.filterInput.val());
-      }
-      // Create the list item & the link
-      var link = document.createElement('a');
-
-      link.href = url;
-
-      if (this.icon) {
-        text = `<span>${text}</span>`;
-        link.classList.add('d-flex', 'align-items-center');
-        link.innerHTML = data.icon ? data.icon + text : text;
-      } else if (this.highlight) {
-        link.innerHTML = text;
-      } else {
-        link.textContent = text;
-      }
-
-      if (selected) {
-        link.classList.add('is-active');
-      }
-
-      if (group) {
-        link.dataset.group = group;
-        link.dataset.index = index;
-      }
-
-      html.appendChild(link);
-    }
-    return html;
+    return renderItem({
+      instance: this,
+      options: Object.assign({}, this.options, {
+        icon: this.icon,
+        highlight: this.highlight,
+        highlightText: text => this.highlightTextMatches(text, this.filterInput.val()),
+        highlightTemplate: this.highlightTemplate.bind(this),
+        parent,
+      }),
+      data,
+      group,
+      index,
+    });
   };
 
   GitLabDropdown.prototype.highlightTemplate = function(text, template) {
@@ -809,7 +722,6 @@ GitLabDropdown = (function() {
   };
 
   GitLabDropdown.prototype.noResults = function() {
-    var html;
     return '<li class="dropdown-menu-empty-item"><a>No matching results</a></li>';
   };
 

app/assets/javascripts/gl_dropdown/render.js

@@ -0,0 +1,158 @@
+const renderersByType = {
+  divider(element) {
+    element.classList.add('divider');
+
+    return element;
+  },
+  separator(element) {
+    element.classList.add('separator');
+
+    return element;
+  },
+  header(element, data) {
+    element.classList.add('dropdown-header');
+    element.innerHTML = data.content;
+
+    return element;
+  },
+};
+
+function getPropertyWithDefault(data, options, property, defaultValue = '') {
+  let result;
+
+  if (options[property] != null) {
+    result = options[property](data);
+  } else {
+    result = data[property] != null ? data[property] : defaultValue;
+  }
+
+  return result;
+}
+
+function getHighlightTextBuilder(text, data, options) {
+  if (options.highlight) {
+    return data.template
+      ? options.highlightTemplate(text, data.template)
+      : options.highlightText(text);
+  }
+
+  return text;
+}
+
+function getIconTextBuilder(text, data, options) {
+  if (options.icon) {
+    const wrappedText = `<span>${text}</span>`;
+    return data.icon ? `${data.icon}${wrappedText}` : wrappedText;
+  }
+
+  return text;
+}
+
+function getLinkText(data, options) {
+  const text = getPropertyWithDefault(data, options, 'text');
+
+  return [getHighlightTextBuilder, getIconTextBuilder].reduce(
+    (acc, fn) => fn(acc, data, options),
+    text,
+  );
+}
+
+function escape(text) {
+  return text ? String(text).replace(/'/g, "\\'") : text;
+}
+
+function getOptionValue(data, options) {
+  if (options.renderRow) {
+    return undefined;
+  }
+
+  return escape(options.id ? options.id(data) : data.id);
+}
+
+function shouldHide(data, { options }) {
+  const value = getOptionValue(data, options);
+
+  return options.hideRow && options.hideRow(value);
+}
+
+function hideElement(element) {
+  element.style.display = 'none';
+
+  return element;
+}
+
+function checkSelected(data, options) {
+  const value = getOptionValue(data, options);
+
+  if (!options.parent) {
+    return !data.id;
+  } else if (value) {
+    return (
+      options.parent.querySelector(`input[name='${options.fieldName}'][value='${value}']`) != null
+    );
+  }
+
+  return options.parent.querySelector(`input[name='${options.fieldName}']`) == null;
+}
+
+function createLink(url, selected, options) {
+  const link = document.createElement('a');
+
+  link.href = url;
+
+  if (options.icon) {
+    link.classList.add('d-flex', 'align-items-center');
+  }
+
+  link.classList.toggle('is-active', selected);
+
+  return link;
+}
+
+function assignTextToLink(el, data, options) {
+  const text = getLinkText(data, options);
+
+  if (options.icon || options.highlight) {
+    el.innerHTML = text;
+  } else {
+    el.textContent = text;
+  }
+
+  return el;
+}
+
+function renderLink(row, data, { options, group, index }) {
+  const selected = checkSelected(data, options);
+  const url = getPropertyWithDefault(data, options, 'url', '#');
+  const link = createLink(url, selected, options);
+
+  assignTextToLink(link, data, options);
+
+  if (group) {
+    link.dataset.group = group;
+    link.dataset.index = index;
+  }
+
+  row.appendChild(link);
+
+  return row;
+}
+
+function getOptionRenderer({ options, instance }) {
+  return options.renderRow && ((li, data) => options.renderRow(data, instance));
+}
+
+function getRenderer(data, params) {
+  return renderersByType[data.type] || getOptionRenderer(params) || renderLink;
+}
+
+export default function item({ data, ...params }) {
+  const renderer = getRenderer(data, params);
+  const li = document.createElement('li');
+
+  if (shouldHide(data, params)) {
+    hideElement(li);
+  }
+
+  return renderer(li, data, params);
+}

app/assets/javascripts/groups/transfer_dropdown.js

@@ -14,7 +14,7 @@ export default class TransferDropdown {
   }
 
   buildDropdown() {
-    const extraOptions = [{ id: '-1', text: __('No parent group') }, 'divider'];
+    const extraOptions = [{ id: '-1', text: __('No parent group') }, { type: 'divider' }];
 
     this.groupDropdown.glDropdown({
       selectable: true,

app/assets/javascripts/jobs/components/environments_block.vue

@@ -79,7 +79,9 @@ export default {
         default:
           break;
       }
-      return environmentText;
+      return environmentText && this.hasCluster
+        ? `${environmentText} ${this.clusterText}`
+        : environmentText;
     },
     environmentLink() {
       if (this.hasEnvironment) {
@@ -109,6 +111,37 @@ export default {
         ? this.lastDeployment.deployable.build_path
         : '';
     },
+    hasCluster() {
+      return this.hasLastDeployment && this.lastDeployment.cluster;
+    },
+    clusterNameOrLink() {
+      if (!this.hasCluster) {
+        return '';
+      }
+
+      const { name, path } = this.lastDeployment.cluster;
+      const escapedName = _.escape(name);
+      const escapedPath = _.escape(path);
+
+      if (!escapedPath) {
+        return escapedName;
+      }
+
+      return sprintf(
+        '%{startLink}%{name}%{endLink}',
+        {
+          startLink: `<a href="${escapedPath}" class="js-job-cluster-link">`,
+          name: escapedName,
+          endLink: '</a>',
+        },
+        false,
+      );
+    },
+    clusterText() {
+      return this.hasCluster
+        ? sprintf(__('Cluster %{cluster} was used.'), { cluster: this.clusterNameOrLink }, false)
+        : '';
+    },
   },
   methods: {
     deploymentLink(name) {

app/assets/javascripts/labels_select.js

@@ -231,7 +231,7 @@ export default class LabelsSelect {
                   });
                 }
                 if (extraData.length) {
-                  extraData.push('divider');
+                  extraData.push({ type: 'divider' });
                   data = extraData.concat(data);
                 }
               }
@@ -243,7 +243,7 @@ export default class LabelsSelect {
             })
             .catch(() => flash(__('Error fetching labels.')));
         },
-        renderRow: function(label, instance) {
+        renderRow: function(label) {
           var linkEl,
             listItemEl,
             color,

app/assets/javascripts/milestone_select.js

@@ -100,7 +100,7 @@ export default class MilestoneSelect {
               });
             }
             if (extraOptions.length) {
-              extraOptions.push('divider');
+              extraOptions.push({ type: 'divider' });
             }
 
             callback(extraOptions.concat(data));

app/assets/javascripts/namespace_select.js

@@ -34,7 +34,7 @@ export default class NamespaceSelect {
               id: null,
             };
             namespaces.unshift(anyNamespace);
-            namespaces.splice(1, 0, 'divider');
+            namespaces.splice(1, 0, { type: 'divider' });
           }
           return dataCallback(namespaces);
         });

app/assets/javascripts/pages/profiles/two_factor_auths/index.js

@@ -7,7 +7,7 @@ document.addEventListener('DOMContentLoaded', () => {
   const skippable = parseBoolean(twoFactorNode.dataset.twoFactorSkippable);
 
   if (skippable) {
-    const button = `<a class="btn btn-sm btn-warning float-right" data-method="patch" href="${twoFactorNode.dataset.two_factor_skip_url}">Configure it later</a>`;
+    const button = `<a class="btn btn-sm btn-warning float-right" data-qa-selector="configure_it_later_button" data-method="patch" href="${twoFactorNode.dataset.two_factor_skip_url}">Configure it later</a>`;
     const flashAlert = document.querySelector('.flash-alert');
     if (flashAlert) flashAlert.insertAdjacentHTML('beforeend', button);
   }

app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue

@@ -215,6 +215,7 @@ export default {
               :disabled="!canChangeVisibilityLevel"
               name="project[visibility_level]"
               class="form-control select-control"
+              data-qa-selector="project_visibility_dropdown"
             >
               <option
                 :value="visibilityOptions.PRIVATE"

app/assets/javascripts/pages/search/show/search.js

@@ -30,7 +30,7 @@ export default class Search {
           data.unshift({
             full_name: __('Any'),
           });
-          data.splice(1, 0, 'divider');
+          data.splice(1, 0, { type: 'divider' });
           return callback(data);
         });
       },
@@ -57,7 +57,7 @@ export default class Search {
             data.unshift({
               name_with_namespace: __('Any'),
             });
-            data.splice(1, 0, 'divider');
+            data.splice(1, 0, { type: 'divider' });
 
             return data;
           })

app/assets/javascripts/search_autocomplete.js

@@ -191,13 +191,14 @@ export class SearchAutocomplete {
           // Add group header before list each group
           if (lastCategory !== suggestion.category) {
             if (!firstCategory) {
-              data.push('separator');
+              data.push({ type: 'separator' });
             }
             if (firstCategory) {
               firstCategory = false;
             }
             data.push({
-              header: suggestion.category,
+              type: 'header',
+              content: suggestion.category,
             });
             lastCategory = suggestion.category;
           }
@@ -221,7 +222,7 @@ export class SearchAutocomplete {
             template = s__('SearchAutocomplete|in this group');
           }
 
-          data.unshift('separator');
+          data.unshift({ type: 'separator' });
           data.unshift({
             icon,
             text: term,
@@ -271,7 +272,8 @@ export class SearchAutocomplete {
 
     if (name) {
       baseItems.push({
-        header: `${name}`,
+        type: 'header',
+        content: `${name}`,
       });
     }
 

app/assets/javascripts/users_select.js

@@ -333,7 +333,7 @@ function UsersSelect(currentUser, els, options = {}) {
               }
 
               if (showDivider) {
-                users.splice(showDivider, 0, 'divider');
+                users.splice(showDivider, 0, { type: 'divider' });
               }
 
               if ($dropdown.hasClass('js-multiselect')) {
@@ -343,7 +343,8 @@ function UsersSelect(currentUser, els, options = {}) {
                   if ($dropdown.data('dropdownHeader')) {
                     showDivider += 1;
                     users.splice(showDivider, 0, {
-                      header: $dropdown.data('dropdownHeader'),
+                      type: 'header',
+                      content: $dropdown.data('dropdownHeader'),
                     });
                   }
 
@@ -358,7 +359,7 @@ function UsersSelect(currentUser, els, options = {}) {
                     users.splice(showDivider, 0, selectedUser);
                   });
 
-                  users.splice(showDivider + 1, 0, 'divider');
+                  users.splice(showDivider + 1, 0, { type: 'divider' });
                 }
               }
             }

app/assets/javascripts/vue_merge_request_widget/components/mr_widget_pipeline.vue

@@ -95,7 +95,6 @@ export default {
   },
 };
 </script>
-
 <template>
   <div class="ci-widget media js-ci-widget">
     <template v-if="!hasPipeline || hasCIError">
@@ -157,6 +156,7 @@ export default {
                 </div>
               </template>
             </span>
+
             <linked-pipelines-mini-list v-if="triggered.length" :triggered="triggered" />
           </span>
         </div>

app/assets/javascripts/vue_shared/components/gl_countdown.vue

@@ -9,6 +9,7 @@ export default {
   directives: {
     GlTooltip: GlTooltipDirective,
   },
+
   props: {
     endDateString: {
       type: String,

app/assets/javascripts/vue_shared/components/sidebar/collapsed_grouped_date_picker.vue

@@ -77,12 +77,11 @@ export default {
 </script>
 
 <template>
-  <div class="block sidebar-grouped-item">
+  <div class="block sidebar-grouped-item gl-cursor-pointer" role="button" @click="toggleSidebar">
     <collapsed-calendar-icon
       v-if="showMinDateBlock"
       :container-class="iconClass"
       :tooltip-text="tooltipText('min')"
-      @click="toggleSidebar"
     >
       <span class="sidebar-collapsed-value">
         <span v-if="showFromText">{{ __('From') }}</span> <span>{{ dateText('min') }}</span>
@@ -93,7 +92,6 @@ export default {
       v-if="maxDate"
       :container-class="iconClass"
       :tooltip-text="tooltipText('max')"
-      @click="toggleSidebar"
     >
       <span class="sidebar-collapsed-value">
         <span v-if="!minDate">{{ __('Until') }}</span> <span>{{ dateText('max') }}</span>

app/controllers/admin/application_controller.rb

@@ -8,3 +8,5 @@ class Admin::ApplicationController < ApplicationController
 
   layout 'admin'
 end
+
+Admin::ApplicationController.prepend_if_ee('EE::Admin::ApplicationController')

app/controllers/admin/application_settings_controller.rb

@@ -149,3 +149,5 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
     render action
   end
 end
+
+Admin::ApplicationSettingsController.prepend_if_ee('EE::Admin::ApplicationSettingsController')

app/controllers/admin/dashboard_controller.rb

@@ -14,3 +14,5 @@ class Admin::DashboardController < Admin::ApplicationController
   end
   # rubocop: enable CodeReuse/ActiveRecord
 end
+
+Admin::DashboardController.prepend_if_ee('EE::Admin::DashboardController')

app/controllers/admin/groups_controller.rb

@@ -99,3 +99,5 @@ class Admin::GroupsController < Admin::ApplicationController
     ]
   end
 end
+
+Admin::GroupsController.prepend_if_ee('EE::Admin::GroupsController')

app/controllers/admin/health_check_controller.rb

@@ -11,3 +11,5 @@ class Admin::HealthCheckController < Admin::ApplicationController
     ['standard']
   end
 end
+
+Admin::HealthCheckController.prepend_if_ee('EE::Admin::HealthCheckController')

app/controllers/admin/logs_controller.rb

@@ -20,3 +20,5 @@ class Admin::LogsController < Admin::ApplicationController
     ]
   end
 end
+
+Admin::LogsController.prepend_if_ee('EE::Admin::LogsController')

app/controllers/admin/projects_controller.rb

@@ -76,3 +76,5 @@ class Admin::ProjectsController < Admin::ApplicationController
     @group ||= @project.group
   end
 end
+
+Admin::ProjectsController.prepend_if_ee('EE::Admin::ProjectsController')

app/controllers/admin/users_controller.rb

@@ -241,3 +241,5 @@ class Admin::UsersController < Admin::ApplicationController
     Gitlab::AppLogger.info(_("User %{current_user_username} has started impersonating %{username}") % { current_user_username: current_user.username, username: user.username })
   end
 end
+
+Admin::UsersController.prepend_if_ee('EE::Admin::UsersController')

app/controllers/application_controller.rb

@@ -534,3 +534,5 @@ class ApplicationController < ActionController::Base
     end
   end
 end
+
+ApplicationController.prepend_if_ee('EE::ApplicationController')

app/controllers/autocomplete_controller.rb

@@ -46,3 +46,5 @@ class AutocompleteController < ApplicationController
     render json: target_branches.map { |target_branch| { title: target_branch } }
   end
 end
+
+AutocompleteController.prepend_if_ee('EE::AutocompleteController')

app/controllers/boards/lists_controller.rb

@@ -87,3 +87,5 @@ module Boards
     end
   end
 end
+
+Boards::ListsController.prepend_if_ee('EE::Boards::ListsController')

app/controllers/clusters/clusters_controller.rb

@@ -244,3 +244,5 @@ class Clusters::ClustersController < Clusters::BaseController
     @cluster.applications.each(&:schedule_status_update)
   end
 end
+
+Clusters::ClustersController.prepend_if_ee('EE::Clusters::ClustersController')

app/controllers/concerns/boards_actions.rb

@@ -44,3 +44,5 @@ module BoardsActions
     serializer.represent(resource, serializer: 'board', include_full_project_path: board.group_board?)
   end
 end
+
+BoardsActions.prepend_if_ee('EE::BoardsActions')

app/controllers/concerns/boards_responses.rb

@@ -86,3 +86,5 @@ module BoardsResponses
     BoardSerializer.new
   end
 end
+
+BoardsResponses.prepend_if_ee('EE::BoardsResponses')

app/controllers/concerns/cycle_analytics_params.rb

@@ -18,3 +18,5 @@ module CycleAnalyticsParams
     end
   end
 end
+
+CycleAnalyticsParams.prepend_if_ee('EE::CycleAnalyticsParams')

app/controllers/concerns/internal_redirect.rb

@@ -45,3 +45,5 @@ module InternalRedirect
     URI(request.referer).path
   end
 end
+
+InternalRedirect.prepend_if_ee('EE::InternalRedirect')

app/controllers/concerns/issuable_actions.rb

@@ -260,3 +260,5 @@ module IssuableActions
   end
   # rubocop:enable Gitlab/ModuleWithInstanceVariables
 end
+
+IssuableActions.prepend_if_ee('EE::IssuableActions')

app/controllers/concerns/issuable_collections.rb

@@ -153,3 +153,5 @@ module IssuableCollections
   end
   # rubocop:enable Gitlab/ModuleWithInstanceVariables
 end
+
+IssuableCollections.prepend_if_ee('EE::IssuableCollections')

app/controllers/concerns/lfs_request.rb

@@ -128,3 +128,5 @@ module LfsRequest
     false
   end
 end
+
+LfsRequest.prepend_if_ee('EE::LfsRequest')

app/controllers/concerns/routable_actions.rb

@@ -55,3 +55,5 @@ module RoutableActions
     end
   end
 end
+
+RoutableActions.prepend_if_ee('EE::RoutableActions')

app/controllers/concerns/service_params.rb

@@ -85,3 +85,5 @@ module ServiceParams
     ALLOWED_PARAMS_CE
   end
 end
+
+ServiceParams.prepend_if_ee('EE::ServiceParams')

app/controllers/confirmations_controller.rb

@@ -31,3 +31,5 @@ class ConfirmationsController < Devise::ConfirmationsController
     after_sign_in_path_for(resource)
   end
 end
+
+ConfirmationsController.prepend_if_ee('EE::ConfirmationsController')

app/controllers/dashboard/projects_controller.rb

@@ -100,3 +100,5 @@ class Dashboard::ProjectsController < Dashboard::ApplicationController
     Project::SORTING_PREFERENCE_FIELD
   end
 end
+
+Dashboard::ProjectsController.prepend_if_ee('EE::Dashboard::ProjectsController')

app/controllers/groups/application_controller.rb

@@ -38,3 +38,5 @@ class Groups::ApplicationController < ApplicationController
     url_for(safe_params)
   end
 end
+
+Groups::ApplicationController.prepend_if_ee('EE::Groups::ApplicationController')

app/controllers/groups/clusters_controller.rb

@@ -18,3 +18,5 @@ class Groups::ClustersController < Clusters::ClustersController
     @group ||= find_routable!(Group, params[:group_id] || params[:id])
   end
 end
+
+Groups::ClustersController.prepend_if_ee('EE::Groups::ClustersController')

app/controllers/groups/group_members_controller.rb

@@ -53,3 +53,5 @@ class Groups::GroupMembersController < Groups::ApplicationController
   # MembershipActions concern
   alias_method :membershipable, :group
 end
+
+Groups::GroupMembersController.prepend_if_ee('EE::Groups::GroupMembersController')

app/controllers/groups/milestones_controller.rb

@@ -118,3 +118,5 @@ class Groups::MilestonesController < Groups::ApplicationController
     params.permit(:state, :search_title).merge(group_ids: group.id)
   end
 end
+
+Groups::MilestonesController.prepend_if_ee('EE::Groups::MilestonesController')

app/controllers/groups_controller.rb

@@ -133,7 +133,7 @@ class GroupsController < Groups::ApplicationController
   protected
 
   def render_show_html
-    render 'groups/show'
+    render 'groups/show', locals: { trial: params[:trial] }
   end
 
   def render_details_html
@@ -229,3 +229,5 @@ class GroupsController < Groups::ApplicationController
     url_for(safe_params)
   end
 end
+
+GroupsController.prepend_if_ee('EE::GroupsController')

app/controllers/ide_controller.rb

@@ -7,3 +7,5 @@ class IdeController < ApplicationController
     Gitlab::UsageDataCounters::WebIdeCounter.increment_views_count
   end
 end
+
+IdeController.prepend_if_ee('EE::IdeController')

app/controllers/import/github_controller.rb

@@ -186,3 +186,5 @@ class Import::GithubController < Import::BaseController
     {}
   end
 end
+
+Import::GithubController.prepend_if_ee('EE::Import::GithubController')

app/controllers/ldap/omniauth_callbacks_controller.rb

@@ -31,3 +31,5 @@ class Ldap::OmniauthCallbacksController < OmniauthCallbacksController
     redirect_to new_user_session_path
   end
 end
+
+Ldap::OmniauthCallbacksController.prepend_if_ee('EE::Ldap::OmniauthCallbacksController')

app/controllers/omniauth_callbacks_controller.rb

@@ -214,3 +214,5 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
     end
   end
 end
+
+OmniauthCallbacksController.prepend_if_ee('EE::OmniauthCallbacksController')

app/controllers/passwords_controller.rb

@@ -64,3 +64,5 @@ class PasswordsController < Devise::PasswordsController
       notice: I18n.t('devise.passwords.send_paranoid_instructions')
   end
 end
+
+PasswordsController.prepend_if_ee('EE::PasswordsController')

app/controllers/profiles/accounts_controller.rb

@@ -30,3 +30,5 @@ class Profiles::AccountsController < Profiles::ApplicationController
     {}
   end
 end
+
+Profiles::AccountsController.prepend_if_ee('EE::Profiles::AccountsController')

app/controllers/profiles/preferences_controller.rb

@@ -50,3 +50,5 @@ class Profiles::PreferencesController < Profiles::ApplicationController
     ]
   end
 end
+
+Profiles::PreferencesController.prepend_if_ee('::EE::Profiles::PreferencesController')

app/controllers/projects/autocomplete_sources_controller.rb

@@ -43,3 +43,5 @@ class Projects::AutocompleteSourcesController < Projects::ApplicationController
       .execute(params[:type], params[:type_id])
   end
 end
+
+Projects::AutocompleteSourcesController.prepend_if_ee('EE::Projects::AutocompleteSourcesController')

app/controllers/projects/environments_controller.rb

@@ -260,3 +260,5 @@ class Projects::EnvironmentsController < Projects::ApplicationController
     access_denied! unless can?(current_user, :stop_environment, environment)
   end
 end
+
+Projects::EnvironmentsController.prepend_if_ee('EE::Projects::EnvironmentsController')

app/controllers/projects/git_http_client_controller.rb

@@ -119,3 +119,5 @@ class Projects::GitHttpClientController < Projects::ApplicationController
     Gitlab::ProtocolAccess.allowed?('http')
   end
 end
+
+Projects::GitHttpClientController.prepend_if_ee('EE::Projects::GitHttpClientController')

app/controllers/projects/git_http_controller.rb

@@ -110,3 +110,5 @@ class Projects::GitHttpController < Projects::GitHttpClientController
     Users::ActivityService.new(user, 'pull').execute
   end
 end
+
+Projects::GitHttpController.prepend_if_ee('EE::Projects::GitHttpController')

app/controllers/projects/group_links_controller.rb

@@ -53,3 +53,5 @@ class Projects::GroupLinksController < Projects::ApplicationController
     params.permit(:link_group_access, :expires_at)
   end
 end
+
+Projects::GroupLinksController.prepend_if_ee('EE::Projects::GroupLinksController')

app/controllers/projects/imports_controller.rb

@@ -73,3 +73,5 @@ class Projects::ImportsController < Projects::ApplicationController
       .merge(import_url_params)
   end
 end
+
+Projects::ImportsController.prepend_if_ee('EE::Projects::ImportsController')

app/controllers/projects/issues_controller.rb

@@ -280,3 +280,5 @@ class Projects::IssuesController < Projects::ApplicationController
     Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42422')
   end
 end
+
+Projects::IssuesController.prepend_if_ee('EE::Projects::IssuesController')

app/controllers/projects/jobs_controller.rb

@@ -231,3 +231,5 @@ class Projects::JobsController < Projects::ApplicationController
     'attachment'
   end
 end
+
+Projects::JobsController.prepend_if_ee('EE::Projects::JobsController')

app/controllers/projects/lfs_api_controller.rb

@@ -123,3 +123,5 @@ class Projects::LfsApiController < Projects::GitHttpClientController
     _('You cannot write to this read-only GitLab instance.')
   end
 end
+
+Projects::LfsApiController.prepend_if_ee('EE::Projects::LfsApiController')

app/controllers/projects/merge_requests/application_controller.rb

@@ -59,3 +59,5 @@ class Projects::MergeRequests::ApplicationController < Projects::ApplicationCont
     @merge_request.close
   end
 end
+
+Projects::MergeRequests::ApplicationController.prepend_if_ee('EE::Projects::MergeRequests::ApplicationController')

app/controllers/projects/merge_requests/diffs_controller.rb

@@ -117,3 +117,5 @@ class Projects::MergeRequests::DiffsController < Projects::MergeRequests::Applic
     @notes
   end
 end
+
+Projects::MergeRequests::DiffsController.prepend_if_ee('EE::Projects::MergeRequests::DiffsController')

app/controllers/projects/merge_requests_controller.rb

@@ -351,3 +351,5 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
     return render_404 unless can?(current_user, :read_build, merge_request.actual_head_pipeline)
   end
 end
+
+Projects::MergeRequestsController.prepend_if_ee('EE::Projects::MergeRequestsController')

app/controllers/projects/mirrors_controller.rb

@@ -90,3 +90,5 @@ class Projects::MirrorsController < Projects::ApplicationController
     params.require(:project).permit(mirror_params_attributes)
   end
 end
+
+Projects::MirrorsController.prepend_if_ee('EE::Projects::MirrorsController')

app/controllers/projects/pipelines_controller.rb

@@ -220,3 +220,5 @@ class Projects::PipelinesController < Projects::ApplicationController
     view_context.limited_counter_with_delimiter(finder.execute)
   end
 end
+
+Projects::PipelinesController.prepend_if_ee('EE::Projects::PipelinesController')

app/controllers/projects/project_members_controller.rb

@@ -51,3 +51,5 @@ class Projects::ProjectMembersController < Projects::ApplicationController
   # MembershipActions concern
   alias_method :membershipable, :project
 end
+
+Projects::ProjectMembersController.prepend_if_ee('EE::Projects::ProjectMembersController')

app/controllers/projects/prometheus/metrics_controller.rb

@@ -32,3 +32,5 @@ module Projects
     end
   end
 end
+
+Projects::Prometheus::MetricsController.prepend_if_ee('EE::Projects::Prometheus::MetricsController')

app/controllers/projects/protected_refs_controller.rb

@@ -65,3 +65,5 @@ class Projects::ProtectedRefsController < Projects::ApplicationController
     %i[access_level id]
   end
 end
+
+Projects::ProtectedRefsController.prepend_if_ee('EE::Projects::ProtectedRefsController')

app/controllers/projects/repositories_controller.rb

@@ -90,3 +90,5 @@ class Projects::RepositoriesController < Projects::ApplicationController
     render_404
   end
 end
+
+Projects::RepositoriesController.prepend_if_ee('EE::Projects::RepositoriesController')

app/controllers/projects/settings/ci_cd_controller.rb

@@ -122,3 +122,5 @@ module Projects
     end
   end
 end
+
+Projects::Settings::CiCdController.prepend_if_ee('EE::Projects::Settings::CiCdController')

app/controllers/projects/settings/integrations_controller.rb

@@ -25,3 +25,5 @@ module Projects
     end
   end
 end
+
+Projects::Settings::IntegrationsController.prepend_if_ee('EE::Projects::Settings::IntegrationsController')

app/controllers/projects/settings/operations_controller.rb

@@ -69,3 +69,5 @@ module Projects
     end
   end
 end
+
+Projects::Settings::OperationsController.prepend_if_ee('::EE::Projects::Settings::OperationsController')

app/controllers/projects/settings/repository_controller.rb

@@ -104,3 +104,5 @@ module Projects
     end
   end
 end
+
+Projects::Settings::RepositoryController.prepend_if_ee('EE::Projects::Settings::RepositoryController')

app/controllers/projects_controller.rb

@@ -464,3 +464,5 @@ class ProjectsController < Projects::ApplicationController
     @project = @project.present(current_user: current_user)
   end
 end
+
+ProjectsController.prepend_if_ee('EE::ProjectsController')

app/controllers/registrations_controller.rb

@@ -145,3 +145,5 @@ class RegistrationsController < Devise::RegistrationsController
     stored_location_for(user) || dashboard_projects_path
   end
 end
+
+RegistrationsController.prepend_if_ee('EE::RegistrationsController')

app/controllers/root_controller.rb

@@ -62,3 +62,5 @@ class RootController < Dashboard::ProjectsController
     root_urls.exclude?(home_page_url)
   end
 end
+
+RootController.prepend_if_ee('EE::RootController')

app/controllers/sent_notifications_controller.rb

@@ -36,3 +36,5 @@ class SentNotificationsController < ApplicationController
     end
   end
 end
+
+SentNotificationsController.prepend_if_ee('EE::SentNotificationsController')

app/controllers/sessions_controller.rb

@@ -288,3 +288,5 @@ class SessionsController < Devise::SessionsController
     end
   end
 end
+
+SessionsController.prepend_if_ee('EE::SessionsController')

app/controllers/users_controller.rb

@@ -182,3 +182,5 @@ class UsersController < ApplicationController
     access_denied! unless can?(current_user, :read_user_profile, user)
   end
 end
+
+UsersController.prepend_if_ee('EE::UsersController')

app/finders/autocomplete/users_finder.rb

@@ -93,3 +93,5 @@ module Autocomplete
     end
   end
 end
+
+Autocomplete::UsersFinder.prepend_if_ee('EE::Autocomplete::UsersFinder')

app/finders/group_members_finder.rb

@@ -34,3 +34,5 @@ class GroupMembersFinder < UnionFinder
   end
   # rubocop: enable CodeReuse/ActiveRecord
 end
+
+GroupMembersFinder.prepend_if_ee('EE::GroupMembersFinder')

app/finders/group_projects_finder.rb

@@ -100,3 +100,5 @@ class GroupProjectsFinder < ProjectsFinder
     group.shared_projects
   end
 end
+
+GroupProjectsFinder.prepend_if_ee('EE::GroupProjectsFinder')

app/finders/issues_finder.rb

@@ -145,3 +145,5 @@ class IssuesFinder < IssuableFinder
     current_user.blank?
   end
 end
+
+IssuesFinder.prepend_if_ee('EE::IssuesFinder')

app/finders/license_template_finder.rb

@@ -13,6 +13,8 @@
 class LicenseTemplateFinder
   include Gitlab::Utils::StrongMemoize
 
+  prepend_if_ee('::EE::LicenseTemplateFinder') # rubocop: disable Cop/InjectEnterpriseEditionModule
+
   attr_reader :project, :params
 
   def initialize(project, params = {})