Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-07-10

# Conflicts:
#	spec/models/ci/build_spec.rb
#	spec/models/user_spec.rb

[ci skip]

.gitlab-ci.yml

@@ -433,7 +433,7 @@ cloud-native-image:
   cache: {}
   script:
     - gem install gitlab --no-ri --no-rdoc
-    - ./trigger-build cng
+    - ./scripts/trigger-build cng
   only:
     - tags@gitlab-org/gitlab-ce
     - tags@gitlab-org/gitlab-ee

Gemfile

@@ -107,7 +107,7 @@ gem 'hashie-forbidden_attributes'
 gem 'kaminari', '~> 1.0'
 
 # HAML
-gem 'hamlit', '~> 2.6.1'
+gem 'hamlit', '~> 2.8.8'
 
 # Files attachments
 gem 'carrierwave', '~> 1.2'

Gemfile.lock

@@ -408,8 +408,8 @@ GEM
       rake (>= 10, < 13)
       rubocop (>= 0.49.0)
       sysexits (~> 1.1)
-    hamlit (2.6.1)
-      temple (~> 0.7.6)
+    hamlit (2.8.8)
+      temple (>= 0.8.0)
       thor
       tilt
     hashdiff (0.3.4)
@@ -918,7 +918,7 @@ GEM
     sys-filesystem (1.1.6)
       ffi
     sysexits (1.2.0)
-    temple (0.7.7)
+    temple (0.8.0)
     test-prof (0.2.5)
     test_after_commit (1.1.0)
       activerecord (>= 3.2)
@@ -929,7 +929,7 @@ GEM
       rack (>= 1, < 3)
     thor (0.19.4)
     thread_safe (0.3.6)
-    tilt (2.0.6)
+    tilt (2.0.8)
     timecop (0.8.1)
     timfel-krb5-auth (0.8.3)
     toml (0.1.2)
@@ -1093,7 +1093,7 @@ DEPENDENCIES
   grpc (~> 1.11.0)
   gssapi
   haml_lint (~> 0.26.0)
-  hamlit (~> 2.6.1)
+  hamlit (~> 2.8.8)
   hashie-forbidden_attributes
   health_check (~> 2.6.0)
   hipchat (~> 1.5.0)

Gemfile.rails5.lock

@@ -87,7 +87,7 @@ GEM
     babosa (1.0.2)
     base32 (0.3.2)
     batch-loader (1.2.1)
-    bcrypt (3.1.11)
+    bcrypt (3.1.12)
     bcrypt_pbkdf (1.0.0)
     benchmark-ips (2.3.0)
     better_errors (2.1.1)
@@ -119,7 +119,7 @@ GEM
     capybara-screenshot (1.0.14)
       capybara (>= 1.0, < 3)
       launchy
-    carrierwave (1.2.1)
+    carrierwave (1.2.3)
       activemodel (>= 4.0.0)
       activesupport (>= 4.0.0)
       mime-types (>= 1.16)
@@ -411,8 +411,8 @@ GEM
       rake (>= 10, < 13)
       rubocop (>= 0.49.0)
       sysexits (~> 1.1)
-    hamlit (2.6.1)
-      temple (~> 0.7.6)
+    hamlit (2.8.8)
+      temple (>= 0.8.0)
       thor
       tilt
     hashdiff (0.3.4)
@@ -543,7 +543,7 @@ GEM
     net-ssh (5.0.1)
     netrc (0.11.0)
     nio4r (2.3.1)
-    nokogiri (1.8.2)
+    nokogiri (1.8.3)
       mini_portile2 (~> 2.3.0)
     nokogumbo (1.5.0)
       nokogiri
@@ -840,7 +840,7 @@ GEM
     rubyzip (1.2.1)
     rufus-scheduler (3.4.0)
       et-orbi (~> 1.0)
-    rugged (0.27.1)
+    rugged (0.27.2)
     safe_yaml (1.0.4)
     sanitize (4.6.5)
       crass (~> 1.0.2)
@@ -906,7 +906,7 @@ GEM
       activesupport (>= 4.2)
     spring-commands-rspec (1.0.4)
       spring (>= 0.9.1)
-    sprockets (3.7.1)
+    sprockets (3.7.2)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
     sprockets-rails (3.2.1)
@@ -927,7 +927,7 @@ GEM
     sys-filesystem (1.1.6)
       ffi
     sysexits (1.2.0)
-    temple (0.7.7)
+    temple (0.8.0)
     test-prof (0.2.5)
     text (1.3.1)
     thin (1.7.0)
@@ -1103,7 +1103,7 @@ DEPENDENCIES
   grpc (~> 1.11.0)
   gssapi
   haml_lint (~> 0.26.0)
-  hamlit (~> 2.6.1)
+  hamlit (~> 2.8.8)
   hashie-forbidden_attributes
   health_check (~> 2.6.0)
   hipchat (~> 1.5.0)

app/assets/javascripts/diffs/components/app.vue

@@ -63,7 +63,8 @@ export default {
       plainDiffPath: state => state.diffs.plainDiffPath,
       emailPatchPath: state => state.diffs.emailPatchPath,
     }),
-    ...mapGetters(['isParallelView', 'isNotesFetched']),
+    ...mapGetters('diffs', ['isParallelView']),
+    ...mapGetters(['isNotesFetched']),
     targetBranch() {
       return {
         branchName: this.targetBranchName,
@@ -115,7 +116,7 @@ export default {
     this.adjustView();
   },
   methods: {
-    ...mapActions(['setBaseConfig', 'fetchDiffFiles']),
+    ...mapActions('diffs', ['setBaseConfig', 'fetchDiffFiles']),
     fetchData() {
       this.fetchDiffFiles().catch(() => {
         createFlash(__('Something went wrong on our end. Please try again!'));

app/assets/javascripts/diffs/components/changed_files.vue

@@ -31,7 +31,7 @@ export default {
     };
   },
   computed: {
-    ...mapGetters(['isInlineView', 'isParallelView', 'areAllFilesCollapsed']),
+    ...mapGetters('diffs', ['isInlineView', 'isParallelView', 'areAllFilesCollapsed']),
     sumAddedLines() {
       return this.sumValues('addedLines');
     },
@@ -66,7 +66,7 @@ export default {
     document.removeEventListener('scroll', this.handleScroll);
   },
   methods: {
-    ...mapActions(['setInlineDiffViewType', 'setParallelDiffViewType', 'expandAllFiles']),
+    ...mapActions('diffs', ['setInlineDiffViewType', 'setParallelDiffViewType', 'expandAllFiles']),
     pluralize,
     handleScroll() {
       if (!this.updating) {

app/assets/javascripts/diffs/components/diff_content.vue

@@ -22,7 +22,7 @@ export default {
       projectPath: state => state.diffs.projectPath,
       endpoint: state => state.diffs.endpoint,
     }),
-    ...mapGetters(['isInlineView', 'isParallelView']),
+    ...mapGetters('diffs', ['isInlineView', 'isParallelView']),
     diffMode() {
       const diffModeKey = Object.keys(diffModes).find(key => this.diffFile[`${key}File`]);
       return diffModes[diffModeKey] || diffModes.replaced;

app/assets/javascripts/diffs/components/diff_file.vue

@@ -58,7 +58,7 @@ export default {
     document.removeEventListener('scroll', this.handleScroll);
   },
   methods: {
-    ...mapActions(['loadCollapsedDiff']),
+    ...mapActions('diffs', ['loadCollapsedDiff']),
     handleToggle() {
       const { collapsed, highlightedDiffLines, parallelDiffLines } = this.file;
 

app/assets/javascripts/diffs/components/diff_line_gutter_content.vue

@@ -108,7 +108,7 @@ export default {
     },
   },
   methods: {
-    ...mapActions(['loadMoreLines', 'showCommentForm']),
+    ...mapActions('diffs', ['loadMoreLines', 'showCommentForm']),
     handleCommentButton() {
       this.showCommentForm({ lineCode: this.lineCode });
     },

app/assets/javascripts/diffs/components/diff_line_note_form.vue

@@ -59,7 +59,8 @@ export default {
     }
   },
   methods: {
-    ...mapActions(['cancelCommentForm', 'saveNote', 'refetchDiscussionById']),
+    ...mapActions('diffs', ['cancelCommentForm']),
+    ...mapActions(['saveNote', 'refetchDiscussionById']),
     handleCancelCommentForm() {
       this.autosave.reset();
       this.cancelCommentForm({

app/assets/javascripts/diffs/components/inline_diff_table_row.vue

@@ -36,7 +36,7 @@ export default {
     };
   },
   computed: {
-    ...mapGetters(['isInlineView']),
+    ...mapGetters('diffs', ['isInlineView']),
     isContextLine() {
       return this.line.type === CONTEXT_LINE_TYPE;
     },

app/assets/javascripts/diffs/components/inline_diff_view.vue

@@ -20,7 +20,8 @@ export default {
     },
   },
   computed: {
-    ...mapGetters(['commitId', 'discussionsByLineCode']),
+    ...mapGetters('diffs', ['commitId']),
+    ...mapGetters(['discussionsByLineCode']),
     ...mapState({
       diffLineCommentForms: state => state.diffs.diffLineCommentForms,
     }),

app/assets/javascripts/diffs/components/parallel_diff_table_row.vue

@@ -40,7 +40,7 @@ export default {
     };
   },
   computed: {
-    ...mapGetters(['isParallelView']),
+    ...mapGetters('diffs', ['isParallelView']),
     isContextLine() {
       return this.line.left.type === CONTEXT_LINE_TYPE;
     },

app/assets/javascripts/diffs/components/parallel_diff_view.vue

@@ -21,7 +21,8 @@ export default {
     },
   },
   computed: {
-    ...mapGetters(['commitId', 'discussionsByLineCode']),
+    ...mapGetters('diffs', ['commitId']),
+    ...mapGetters(['discussionsByLineCode']),
     ...mapState({
       diffLineCommentForms: state => state.diffs.diffLineCommentForms,
     }),

app/assets/javascripts/diffs/store/modules/index.js

@@ -4,6 +4,7 @@ import mutations from '../mutations';
 import createState from './diff_state';
 
 export default {
+  namespaced: true,
   state: createState(),
   getters,
   actions,

app/assets/javascripts/due_date_select.js

@@ -171,6 +171,8 @@ export default class DueDateSelectors {
   initMilestoneDatePicker() {
     $('.datepicker').each(function initPikadayMilestone() {
       const $datePicker = $(this);
+      const datePickerVal = $datePicker.val();
+
       const calendar = new Pikaday({
         field: $datePicker.get(0),
         theme: 'gitlab-theme animate-picker',
@@ -183,7 +185,7 @@ export default class DueDateSelectors {
         },
       });
 
-      calendar.setDate(parsePikadayDate($datePicker.val()));
+      calendar.setDate(parsePikadayDate(datePickerVal));
 
       $datePicker.data('pikaday', calendar);
     });

app/assets/stylesheets/framework/filters.scss

@@ -224,7 +224,10 @@
   .form-control {
     position: relative;
     min-width: 200px;
-    padding: 5px 25px 6px 0;
+    padding-right: 25px;
+    padding-left: 0;
+    height: $input-height;
+    line-height: inherit;
     border-color: transparent;
 
     &:focus,

app/views/layouts/header/_default.html.haml

@@ -61,7 +61,9 @@
           - if header_link?(:sign_in)
             %li.nav-item
               %div
-                = link_to "Sign in / Register", new_session_path(:user, redirect_to_referer: 'yes'), class: 'btn btn-sign-in'
+                - sign_in_text = allow_signup? ? 'Sign in / Register' : 'Sign in'
+                = link_to sign_in_text, new_session_path(:user, redirect_to_referer: 'yes'), class: 'btn btn-sign-in'
+
 
       %button.navbar-toggler.d-block.d-sm-none{ type: 'button' }
         %span.sr-only Toggle navigation

app/views/shared/hook_logs/_content.html.haml

@@ -30,7 +30,7 @@
 
 %h5 Request body:
 %pre
-  :plain
+  :escaped
     #{JSON.pretty_generate(hook_log.request_data)}
 %h5 Response headers:
 %pre
@@ -40,5 +40,5 @@
 
 %h5 Response body:
 %pre
-  :plain
+  :escaped
     #{hook_log.response_body}

changelogs/unreleased/41671-fixing-milestone-date-change-when-editing.yml

+---
+title: "Fixing milestone date change when editing"
+merge_request: 20279
+author: Orlando Del Aguila
+type: fixed
\ No newline at end of file

changelogs/unreleased/fix-search-bar.yml

+---
+title: Fix search bar text input alignment
+merge_request:
+author:
+type: fixed

changelogs/unreleased/jprovazn-upload-symlink.yml

+---
+title: Add /uploads subdirectory to allowed upload paths.
+merge_request:
+author:
+type: fixed

changelogs/unreleased/rails5-fix-48977.yml

+---
+title: Rails5 fix mysql milliseconds problem in specs
+merge_request: 20464
+author: Jasper Maes
+type: fixed

changelogs/unreleased/rails5-mysql-fix-pr-importer-spec.yml

+---
+title: Rails5 mysql fix milliseconds problem in pull request importer spec
+merge_request: 20475
+author: Jasper Maes
+type: fixed

changelogs/unreleased/rails5-update-gemfile-lock.yml

+---
+title: Update Gemfile.rails5.lock with latest Gemfile.lock changes
+merge_request: 20466
+author: Jasper Maes
+type: fixed

changelogs/unreleased/sh-fix-issue-47797-ce.yml

+---
+title: Fix handling of annotated tags when Gitaly is not in use
+merge_request:
+author:
+type: fixed

changelogs/unreleased/upgrade-hamlit-for-ruby25.yml

+---
+title: 'Update hamlit to fix ruby 2.5 incompatibilities, fixes #42045'
+merge_request:
+author: Matthew Dawson
+type: fixed

doc/administration/pages/index.md

@@ -49,8 +49,8 @@ supporting custom domains a secondary IP is not needed.
 
 Before proceeding with the Pages configuration, you will need to:
 
-1. Have a separate domain under which the GitLab Pages will be served. In this
-   document we assume that to be `example.io`.
+1. Have an exclusive root domain for serving GitLab Pages. Note that you cannot
+   use a subdomain of your GitLab's instance domain.
 1. Configure a **wildcard DNS record**.
 1. (Optional) Have a **wildcard certificate** for that domain if you decide to
    serve Pages under HTTPS.

doc/development/fe_guide/development_process.md

 # Frontend Development Process
 
-You can find more about the organization of the frontend team in the [handbook](https://about.gitlab.com/handbook/frontend/).
+You can find more about the organization of the frontend team in the [handbook](https://about.gitlab.com/handbook/engineering/frontend/).
 
 ## Development Checklist
 
@@ -34,7 +34,7 @@ Please use your best judgement when to use it and please contribute new points t
     - [ ] **Cookie Mode** Think about hiding the feature behind a cookie flag if the implementation is on top of existing features
     - [ ] **New route** Are you refactoring something big then you might consider adding a new route where you implement the new feature and when finished delete the current route and rename the new one. (for example 'merge_request' and 'new_merge_request')
 - [ ] **Setup** Is there any specific setup needed for your implementation (for example a kubernetes cluster)? Then let everyone know if it is not already mentioned where they can find documentation (if it doesn't exist - create it)
-- [ ] **Security** Are there any new security relevant implementations? Then please contact the security team for an app security review. If you are not sure ask our [domain expert](https://about.gitlab.com/handbook/frontend/#frontend-domain-experts)
+- [ ] **Security** Are there any new security relevant implementations? Then please contact the security team for an app security review. If you are not sure ask our [domain expert](https://about.gitlab.com/handbook/engineering/frontend/#frontend-domain-experts)
 
 #### During development
 
@@ -51,7 +51,7 @@ Please use your best judgement when to use it and please contribute new points t
 - [ ] **Performance** Have you checked performance? For example do the same thing with 500 comments instead of 1. Document the tests and possible findings in the MR so a reviewer can directly see it.
 - [ ] Have you tested with a variety of our [supported browsers](../../install/requirements.md#supported-web-browsers)? You can use [browserstack](https://www.browserstack.com/) to be able to access a wide variety of browsers and operating systems.
 - [ ] Did you check the mobile view?
-- [ ] Check the built webpack bundle (For the report run `WEBPACK_REPORT=true gdk run`, then open `webpack-report/index.html`) if we have unnecessary bloat due to wrong references, including libraries multiple times, etc.. If you need help contact the webpack [domain expert](https://about.gitlab.com/handbook/frontend/#frontend-domain-experts)
+- [ ] Check the built webpack bundle (For the report run `WEBPACK_REPORT=true gdk run`, then open `webpack-report/index.html`) if we have unnecessary bloat due to wrong references, including libraries multiple times, etc.. If you need help contact the webpack [domain expert](https://about.gitlab.com/handbook/engineering/frontend/#frontend-domain-experts)
 - [ ] **Tests** Not only greenfield tests - Test also all bad cases that come to your mind.
 - [ ] If you have multiple MR's then also smoke test against the final merge.
 - [ ] Are there any big changes on how and especially how frequently we use the API then let production know about it

doc/development/i18n/proofreader.md

@@ -11,6 +11,7 @@ are very appreciative of the work done by translators and proofreaders!
 - Chinese Traditional
   - Huang Tao - [GitLab](https://gitlab.com/htve), [Crowdin](https://crowdin.com/profile/htve)
   - Weizhe Ding - [GitLab](https://gitlab.com/d.weizhe), [Crowdin](https://crowdin.com/profile/d.weizhe)
+  - Yi-Jyun Pan - [GitLab](https://gitlab.com/pan93412), [Crowdin](https://crowdin.com/profile/pan93412)
 - Chinese Traditional, Hong Kong
   - Huang Tao - [GitLab](https://gitlab.com/htve), [Crowdin](https://crowdin.com/profile/htve)
 - Dutch

doc/development/testing_guide/frontend_testing.md

@@ -172,6 +172,10 @@ object which can be treated like any other jasmine spy object.
 Further documentation on the babel rewire pluign API can be found on
 [its repository Readme doc](https://github.com/speedskater/babel-plugin-rewire#babel-plugin-rewire).
 
+#### Waiting in tests
+
+If you cannot avoid using [`setTimeout`](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/setTimeout) in tests, please use the [Jasmine mock clock](https://jasmine.github.io/api/2.9/Clock.html).
+
 ### Vue.js unit tests
 
 See this [section][vue-test].

doc/ssh/README.md

@@ -77,6 +77,8 @@ Note that Public SSH key may also be named as follows:
      If you want to change the password of your SSH key pair, you can use
      `ssh-keygen -p <keyname>`.
 
+## Adding a SSH key to your GitLab account
+
 1. The next step is to copy the public SSH key as we will need it afterwards.
 
     To copy your public SSH key to the clipboard, use the appropriate code below:

doc/user/markdown.md

@@ -9,7 +9,7 @@
 > For the best result, we encourage you to check this document out as rendered
 by GitLab: [markdown.md]
 
-_GitLab uses (as of 11.1) the [CommonMark Ruby Library][commonmarker] for Markdown processing of all new issues, merge requests, comments, and other Markdown content in the GitLab system.  Previous content and Markdown files `.md` in the repositories are still processed using the [Redcarpet Ruby library][redcarpet]._
+_GitLab uses (as of 11.1) the [CommonMark Ruby Library][commonmarker] for Markdown processing of all new issues, merge requests, comments, and other Markdown content in the GitLab system.  Previous content, wiki pages and Markdown files (`.md`) in the repositories are still processed using the [Redcarpet Ruby library][redcarpet]._
 
 _Where there are significant differences, we will try to call them out in this document._
 
@@ -22,7 +22,7 @@ You can use GFM in the following areas:
 - merge requests
 - milestones
 - snippets (the snippet must be named with a `.md` extension)
-- wiki pages
+- wiki pages (currently only rendered by Redcarpet)
 - markdown documents inside the repository (currently only rendered by Redcarpet)
 - epics
 

lib/gitlab/git/repository.rb

@@ -625,8 +625,14 @@ module Gitlab
       end
 
       def update_branch(branch_name, user:, newrev:, oldrev:)
+        gitaly_migrate(:operation_user_update_branch) do |is_enabled|
+          if is_enabled
+            gitaly_operations_client.user_update_branch(branch_name, user, newrev, oldrev)
+          else
             OperationService.new(user, self).update_branch(branch_name, newrev, oldrev)
           end
+        end
+      end
 
       def rm_branch(branch_name, user:)
         wrapped_gitaly_errors do

lib/gitlab/gitaly_client/operation_service.rb

@@ -68,6 +68,22 @@ module Gitlab
         raise Gitlab::Git::Repository::InvalidRef, ex
       end
 
+      def user_update_branch(branch_name, user, newrev, oldrev)
+        request = Gitaly::UserUpdateBranchRequest.new(
+          repository: @gitaly_repo,
+          branch_name: encode_binary(branch_name),
+          user: Gitlab::Git::User.from_gitlab(user).to_gitaly,
+          newrev: encode_binary(newrev),
+          oldrev: encode_binary(oldrev)
+        )
+
+        response = GitalyClient.call(@repository.storage, :operation_service, :user_update_branch, request)
+
+        if pre_receive_error = response.pre_receive_error.presence
+          raise Gitlab::Git::PreReceiveError, pre_receive_error
+        end
+      end
+
       def user_delete_branch(branch_name, user)
         request = Gitaly::UserDeleteBranchRequest.new(
           repository: @gitaly_repo,

lib/gitlab/middleware/multipart.rb

@@ -84,7 +84,7 @@ module Gitlab
         def open_file(params, key)
           ::UploadedFile.from_params(
             params, key,
-            Gitlab.config.uploads.storage_path)
+            [FileUploader.root, Gitlab.config.uploads.storage_path])
         end
       end
 

lib/uploaded_file.rb

@@ -28,7 +28,7 @@ class UploadedFile
     @tempfile = File.new(path, 'rb')
   end
 
-  def self.from_params(params, field, upload_path)
+  def self.from_params(params, field, upload_paths)
     unless params["#{field}.path"]
       raise InvalidPathError, "file is invalid" if params["#{field}.remote_id"]
 
@@ -37,7 +37,8 @@ class UploadedFile
 
     file_path = File.realpath(params["#{field}.path"])
 
-    unless self.allowed_path?(file_path, [upload_path, Dir.tmpdir].compact)
+    paths = Array(upload_paths) << Dir.tmpdir
+    unless self.allowed_path?(file_path, paths.compact)
       raise InvalidPathError, "insecure path used '#{file_path}'"
     end
 

spec/features/milestones/user_edits_milestone_spec.rb

+require "rails_helper"
+
+describe "User edits milestone", :js do
+  set(:user) { create(:user) }
+  set(:project) { create(:project) }
+  set(:milestone) { create(:milestone, project: project, start_date: Date.today, due_date: 5.days.from_now) }
+
+  before do
+    project.add_developer(user)
+    sign_in(user)
+
+    visit(edit_project_milestone_path(project, milestone))
+  end
+
+  it "shows the right start date and due date" do
+    start_date = milestone.start_date.strftime("%F")
+    due_date = milestone.due_date.strftime("%F")
+
+    expect(page).to have_field(with: start_date)
+    expect(page).to have_field(with: due_date)
+  end
+end

spec/features/users/show_spec.rb

@@ -14,4 +14,28 @@ describe 'User page' do
       expect(page).to have_link('Snippets')
     end
   end
+
+  context 'signup disabled' do
+    it 'shows the sign in link' do
+      stub_application_setting(signup_enabled: false)
+
+      visit(user_path(user))
+
+      page.within '.navbar-nav' do
+        expect(page).to have_link('Sign in')
+      end
+    end
+  end
+
+  context 'signup enabled' do
+    it 'shows the sign in and register link' do
+      stub_application_setting(signup_enabled: true)
+
+      visit(user_path(user))
+
+      page.within '.navbar-nav' do
+        expect(page).to have_link('Sign in / Register')
+      end
+    end
+  end
 end

spec/javascripts/diffs/components/inline_diff_view_spec.js

@@ -13,7 +13,7 @@ describe('InlineDiffView', () => {
   beforeEach(() => {
     const diffFile = getDiffFileMock();
 
-    store.dispatch('setInlineDiffViewType');
+    store.dispatch('diffs/setInlineDiffViewType');
     component = createComponentWithStore(Vue.extend(InlineDiffView), store, {
       diffFile,
       diffLines: diffFile.highlightedDiffLines,

spec/lib/gitlab/gitaly_client/operation_service_spec.rb

@@ -53,6 +53,47 @@ describe Gitlab::GitalyClient::OperationService do
     end
   end
 
+  describe '#user_update_branch' do
+    let(:branch_name) { 'my-branch' }
+    let(:newrev) { '01e' }
+    let(:oldrev) { '01d' }
+    let(:request) do
+      Gitaly::UserUpdateBranchRequest.new(
+        repository: repository.gitaly_repository,
+        branch_name: branch_name,
+        newrev: newrev,
+        oldrev: oldrev,
+        user: gitaly_user
+      )
+    end
+    let(:response) { Gitaly::UserUpdateBranchResponse.new }
+
+    subject { client.user_update_branch(branch_name, user, newrev, oldrev) }
+
+    it 'sends a user_update_branch message' do
+      expect_any_instance_of(Gitaly::OperationService::Stub)
+        .to receive(:user_update_branch).with(request, kind_of(Hash))
+        .and_return(response)
+
+      subject
+    end
+
+    context "when pre_receive_error is present" do
+      let(:response) do
+        Gitaly::UserUpdateBranchResponse.new(pre_receive_error: "something failed")
+      end
+
+      it "throws a PreReceive exception" do
+        expect_any_instance_of(Gitaly::OperationService::Stub)
+          .to receive(:user_update_branch).with(request, kind_of(Hash))
+          .and_return(response)
+
+        expect { subject }.to raise_error(
+          Gitlab::Git::PreReceiveError, "something failed")
+      end
+    end
+  end
+
   describe '#user_delete_branch' do
     let(:branch_name) { 'my-branch' }
     let(:request) do

spec/lib/gitlab/github_import/importer/pull_requests_importer_spec.rb

@@ -27,9 +27,9 @@ describe Gitlab::GithubImport::Importer::PullRequestsImporter do
       milestone: double(:milestone, number: 4),
       user: double(:user, id: 4, login: 'alice'),
       assignee: double(:user, id: 4, login: 'alice'),
-      created_at: Time.zone.now,
-      updated_at: Time.zone.now,
-      merged_at: Time.zone.now
+      created_at: 1.second.ago,
+      updated_at: 1.second.ago,
+      merged_at: 1.second.ago
     )
   end
 

spec/lib/gitlab/middleware/multipart_spec.rb

@@ -75,6 +75,33 @@ describe Gitlab::Middleware::Multipart do
     it_behaves_like 'multipart upload files'
   end
 
+  it 'allows symlinks for uploads dir' do
+    Tempfile.open('two-levels') do |tempfile|
+      symlinked_dir = '/some/dir/uploads'
+      symlinked_path = File.join(symlinked_dir, File.basename(tempfile.path))
+      env = post_env({ 'file' => symlinked_path }, { 'file.name' => original_filename, 'file.path' => symlinked_path }, Gitlab::Workhorse.secret, 'gitlab-workhorse')
+
+      allow(FileUploader).to receive(:root).and_return(symlinked_dir)
+      allow(UploadedFile).to receive(:allowed_paths).and_return([symlinked_dir, Gitlab.config.uploads.storage_path])
+      allow(File).to receive(:realpath).and_call_original
+      allow(File).to receive(:realpath).with(symlinked_dir).and_return(Dir.tmpdir)
+      allow(File).to receive(:realpath).with(symlinked_path).and_return(tempfile.path)
+      allow(File).to receive(:exist?).and_call_original
+      allow(File).to receive(:exist?).with(symlinked_dir).and_return(true)
+
+      # override Dir.tmpdir because this dir is in the list of allowed paths
+      # and it would match FileUploader.root path (which in this test is linked
+      # to /tmp too)
+      allow(Dir).to receive(:tmpdir).and_return(File.join(Dir.tmpdir, 'tmpsubdir'))
+
+      expect(app).to receive(:call) do |env|
+        expect(Rack::Request.new(env).params['file']).to be_a(::UploadedFile)
+      end
+
+      middleware.call(env)
+    end
+  end
+
   def post_env(rewritten_fields, params, secret, issuer)
     token = JWT.encode({ 'iss' => issuer, 'rewritten_fields' => rewritten_fields }, secret, 'HS256')
     Rack::MockRequest.env_for(

spec/models/ci/build_spec.rb

@@ -263,6 +263,7 @@ describe Ci::Build do
     context 'artifacts metadata does not exist' do
       before do
         build.update(legacy_artifacts_metadata: nil)
+<<<<<<< HEAD
       end
 
       it { is_expected.to be_falsy }
@@ -281,6 +282,8 @@ describe Ci::Build do
     context 'artifacts metadata does not exist' do
       before do
         build.update(legacy_artifacts_metadata: nil)
+=======
+>>>>>>> upstream/master
       end
 
       it { is_expected.to be_falsy }

spec/models/user_spec.rb

@@ -2564,7 +2564,13 @@ describe User do
 
           it 'changes the namespace (just to compare to when username is not changed)' do
             expect do
+<<<<<<< HEAD
               user.update!(username: new_username)
+=======
+              Timecop.freeze(1.second.from_now) do
+                user.update!(username: new_username)
+              end
+>>>>>>> upstream/master
             end.to change { user.namespace.updated_at }
           end
 

spec/services/ci/retry_build_service_spec.rb

@@ -100,7 +100,11 @@ describe Ci::RetryBuildService do
   end
 
   describe '#execute' do
-    let(:new_build) { service.execute(build) }
+    let(:new_build) do
+      Timecop.freeze(1.second.from_now) do
+        service.execute(build)
+      end
+    end
 
     context 'when user has ability to execute build' do
       before do
@@ -150,7 +154,11 @@ describe Ci::RetryBuildService do
   end
 
   describe '#reprocess' do
-    let(:new_build) { service.reprocess!(build) }
+    let(:new_build) do
+      Timecop.freeze(1.second.from_now) do
+        service.reprocess!(build)
+      end
+    end
 
     context 'when user has ability to execute build' do
       before do