Update application code by the db schema change

app/models/ci/build.rb

@@ -34,11 +34,7 @@ module Ci
     scope :with_expired_artifacts, ->() { with_artifacts.where('artifacts_expire_at < ?', Time.now) }
     scope :last_month, ->() { where('created_at > ?', Date.today - 1.month) }
     scope :manual_actions, ->() { where(when: :manual, status: COMPLETED_STATUSES + [:manual]) }
-
-    scope :on_protected, ->() do
-      joins("LEFT JOIN ci_pipelines ON ci_builds.commit_id = ci_pipelines.id")
-      .where('ci_pipelines.protected IS TRUE')
-    end
+    scope :protected_, -> { where(protected: true) }
 
     mount_uploader :artifacts_file, ArtifactUploader
     mount_uploader :artifacts_metadata, ArtifactUploader

app/models/ci/runner.rb

@@ -5,7 +5,7 @@ module Ci
     RUNNER_QUEUE_EXPIRY_TIME = 60.minutes
     ONLINE_CONTACT_TIMEOUT = 1.hour
     AVAILABLE_SCOPES = %w[specific shared active paused online].freeze
-    FORM_EDITABLE = %i[description tag_list active run_untagged locked protected].freeze
+    FORM_EDITABLE = %i[description tag_list active run_untagged locked access_level].freeze
 
     has_many :builds
     has_many :runner_projects, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
@@ -41,8 +41,8 @@ module Ci
     after_destroy :cleanup_runner_queue
 
     enum access_level: {
-      protection_none: 0,
-      protection_full: 1
+      unprotected: 0,
+      protected_: 1
     }
 
     # Searches for runners matching the given query.

app/services/ci/create_pipeline_service.rb

@@ -12,8 +12,7 @@ module Ci
         tag: tag?,
         trigger_requests: Array(trigger_request),
         user: current_user,
-        pipeline_schedule: schedule,
-        protected: protected?
+        pipeline_schedule: schedule
       )
 
       result = validate(current_user,
@@ -176,10 +175,6 @@ module Ci
       origin_sha && origin_sha != Gitlab::Git::BLANK_SHA
     end
 
-    def protected?
-      project.protected_for?(ref)
-    end
-
     def error(message, save: false)
       pipeline.tap do
         pipeline.errors.add(:base, message)

app/services/ci/register_job_service.rb

@@ -78,7 +78,7 @@ module Ci
 
     def new_builds
       builds = Ci::Build.pending.unstarted
-      builds = builds.on_protected if runner.protected?
+      builds = builds.protected_ if runner.protected_?
       builds
     end
 

app/views/projects/runners/_form.html.haml

@@ -10,7 +10,7 @@
     = label :protected, "Protected", class: 'control-label'
     .col-sm-10
       .checkbox
-        = f.check_box :protected
+        = f.check_box :access_level, 1, 0
         %span.light This runner will only run on pipelines trigged on protected branches
   .form-group
     = label :run_untagged, 'Run untagged jobs', class: 'control-label'

app/views/projects/runners/show.html.haml

@@ -21,7 +21,7 @@
       %td= @runner.active? ? 'Yes' : 'No'
     %tr
       %td Protected
-      %td= @runner.protected? ? 'Yes' : 'No'
+      %td= @runner.protected_? ? 'Yes' : 'No'
     %tr
       %td Can run untagged jobs
       %td= @runner.run_untagged? ? 'Yes' : 'No'

db/migrate/20170816133938_add_access_level_to_ci_runners.rb

@@ -6,7 +6,7 @@ class AddAccessLevelToCiRunners < ActiveRecord::Migration
   disable_ddl_transaction!
 
   def up
-    # Ci::Runner.protection_none: 0
+    # Ci::Runner.unprotected: 0
     add_column_with_default(:ci_runners, :access_level, :integer, default: 0)
   end
 

lib/gitlab/ci/stage/seed.rb

@@ -28,10 +28,15 @@ module Gitlab
             attributes.merge(project: project,
                              ref: pipeline.ref,
                              tag: pipeline.tag,
-                             trigger_request: trigger)
+                             trigger_request: trigger
+                             protected: protected?)
           end
         end
 
+        def protected?
+          @protected ||= project.protected_for?(pipeline.ref)
+        end
+
         def create!
           pipeline.stages.create!(stage).tap do |stage|
             builds_attributes = builds.map do |attributes|