Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-07-10

# Conflicts: # spec/models/ci/build_spec.rb # spec/models/user_spec.rb [ci skip]

Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-07-10
# Conflicts: # spec/models/ci/build_spec.rb # spec/models/user_spec.rb [ci skip]
269ed8e3 · GitLab Bot · bf89c2a3 · 255db3d5 · 269ed8e3 · 269ed8e3
Commit 269ed8e3 authored Jul 10, 2018 by GitLab Bot
47 changed files
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -433,7 +433,7 @@ cloud-native-image:
  cache: {}
  script:
    - gem install gitlab --no-ri --no-rdoc
-    - ./trigger-build cng
+    - ./scripts/trigger-build cng
  only:
    - tags@gitlab-org/gitlab-ce
    - tags@gitlab-org/gitlab-ee

--- a/Gemfile
+++ b/Gemfile
@@ -107,7 +107,7 @@ gem 'hashie-forbidden_attributes'
 gem 'kaminari', '~> 1.0'
 # HAML
-gem 'hamlit', '~> 2.6.1'
+gem 'hamlit', '~> 2.8.8'
 # Files attachments
 gem 'carrierwave', '~> 1.2'

--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -408,8 +408,8 @@ GEM
      rake (>= 10, < 13)
      rubocop (>= 0.49.0)
      sysexits (~> 1.1)
-    hamlit (2.6.1)
+    hamlit (2.8.8)
-      temple (~> 0.7.6)
+      temple (>= 0.8.0)
      thor
      tilt
    hashdiff (0.3.4)
@@ -918,7 +918,7 @@ GEM
    sys-filesystem (1.1.6)
      ffi
    sysexits (1.2.0)
-    temple (0.7.7)
+    temple (0.8.0)
    test-prof (0.2.5)
    test_after_commit (1.1.0)
      activerecord (>= 3.2)
@@ -929,7 +929,7 @@ GEM
      rack (>= 1, < 3)
    thor (0.19.4)
    thread_safe (0.3.6)
-    tilt (2.0.6)
+    tilt (2.0.8)
    timecop (0.8.1)
    timfel-krb5-auth (0.8.3)
    toml (0.1.2)
@@ -1093,7 +1093,7 @@ DEPENDENCIES
  grpc (~> 1.11.0)
  gssapi
  haml_lint (~> 0.26.0)
-  hamlit (~> 2.6.1)
+  hamlit (~> 2.8.8)
  hashie-forbidden_attributes
  health_check (~> 2.6.0)
  hipchat (~> 1.5.0)

--- a/Gemfile.rails5.lock
+++ b/Gemfile.rails5.lock
@@ -87,7 +87,7 @@ GEM
    babosa (1.0.2)
    base32 (0.3.2)
    batch-loader (1.2.1)
-    bcrypt (3.1.11)
+    bcrypt (3.1.12)
    bcrypt_pbkdf (1.0.0)
    benchmark-ips (2.3.0)
    better_errors (2.1.1)
@@ -119,7 +119,7 @@ GEM
    capybara-screenshot (1.0.14)
      capybara (>= 1.0, < 3)
      launchy
-    carrierwave (1.2.1)
+    carrierwave (1.2.3)
      activemodel (>= 4.0.0)
      activesupport (>= 4.0.0)
      mime-types (>= 1.16)
@@ -411,8 +411,8 @@ GEM
      rake (>= 10, < 13)
      rubocop (>= 0.49.0)
      sysexits (~> 1.1)
-    hamlit (2.6.1)
+    hamlit (2.8.8)
-      temple (~> 0.7.6)
+      temple (>= 0.8.0)
      thor
      tilt
    hashdiff (0.3.4)
@@ -543,7 +543,7 @@ GEM
    net-ssh (5.0.1)
    netrc (0.11.0)
    nio4r (2.3.1)
-    nokogiri (1.8.2)
+    nokogiri (1.8.3)
      mini_portile2 (~> 2.3.0)
    nokogumbo (1.5.0)
      nokogiri
@@ -840,7 +840,7 @@ GEM
    rubyzip (1.2.1)
    rufus-scheduler (3.4.0)
      et-orbi (~> 1.0)
-    rugged (0.27.1)
+    rugged (0.27.2)
    safe_yaml (1.0.4)
    sanitize (4.6.5)
      crass (~> 1.0.2)
@@ -906,7 +906,7 @@ GEM
      activesupport (>= 4.2)
    spring-commands-rspec (1.0.4)
      spring (>= 0.9.1)
-    sprockets (3.7.1)
+    sprockets (3.7.2)
      concurrent-ruby (~> 1.0)
      rack (> 1, < 3)
    sprockets-rails (3.2.1)
@@ -927,7 +927,7 @@ GEM
    sys-filesystem (1.1.6)
      ffi
    sysexits (1.2.0)
-    temple (0.7.7)
+    temple (0.8.0)
    test-prof (0.2.5)
    text (1.3.1)
    thin (1.7.0)
@@ -1103,7 +1103,7 @@ DEPENDENCIES
  grpc (~> 1.11.0)
  gssapi
  haml_lint (~> 0.26.0)
-  hamlit (~> 2.6.1)
+  hamlit (~> 2.8.8)
  hashie-forbidden_attributes
  health_check (~> 2.6.0)
  hipchat (~> 1.5.0)

--- a/app/assets/javascripts/diffs/components/app.vue
+++ b/app/assets/javascripts/diffs/components/app.vue
@@ -63,7 +63,8 @@ export default {
      plainDiffPath: state => state.diffs.plainDiffPath,
      emailPatchPath: state => state.diffs.emailPatchPath,
    }),
-    ...mapGetters(['isParallelView', 'isNotesFetched']),
+    ...mapGetters('diffs', ['isParallelView']),
+    ...mapGetters(['isNotesFetched']),
    targetBranch() {
      return {
        branchName: this.targetBranchName,
@@ -115,7 +116,7 @@ export default {
    this.adjustView();
  },
  methods: {
-    ...mapActions(['setBaseConfig', 'fetchDiffFiles']),
+    ...mapActions('diffs', ['setBaseConfig', 'fetchDiffFiles']),
    fetchData() {
      this.fetchDiffFiles().catch(() => {
        createFlash(__('Something went wrong on our end. Please try again!'));

--- a/app/assets/javascripts/diffs/components/changed_files.vue
+++ b/app/assets/javascripts/diffs/components/changed_files.vue
@@ -31,7 +31,7 @@ export default {
    };
  },
  computed: {
-    ...mapGetters(['isInlineView', 'isParallelView', 'areAllFilesCollapsed']),
+    ...mapGetters('diffs', ['isInlineView', 'isParallelView', 'areAllFilesCollapsed']),
    sumAddedLines() {
      return this.sumValues('addedLines');
    },
@@ -66,7 +66,7 @@ export default {
    document.removeEventListener('scroll', this.handleScroll);
  },
  methods: {
-    ...mapActions(['setInlineDiffViewType', 'setParallelDiffViewType', 'expandAllFiles']),
+    ...mapActions('diffs', ['setInlineDiffViewType', 'setParallelDiffViewType', 'expandAllFiles']),
    pluralize,
    handleScroll() {
      if (!this.updating) {

--- a/app/assets/javascripts/diffs/components/diff_content.vue
+++ b/app/assets/javascripts/diffs/components/diff_content.vue
@@ -22,7 +22,7 @@ export default {
      projectPath: state => state.diffs.projectPath,
      endpoint: state => state.diffs.endpoint,
    }),
-    ...mapGetters(['isInlineView', 'isParallelView']),
+    ...mapGetters('diffs', ['isInlineView', 'isParallelView']),
    diffMode() {
      const diffModeKey = Object.keys(diffModes).find(key => this.diffFile[`${key}File`]);
      return diffModes[diffModeKey] || diffModes.replaced;

--- a/app/assets/javascripts/diffs/components/diff_file.vue
+++ b/app/assets/javascripts/diffs/components/diff_file.vue
@@ -58,7 +58,7 @@ export default {
    document.removeEventListener('scroll', this.handleScroll);
  },
  methods: {
-    ...mapActions(['loadCollapsedDiff']),
+    ...mapActions('diffs', ['loadCollapsedDiff']),
    handleToggle() {
      const { collapsed, highlightedDiffLines, parallelDiffLines } = this.file;

--- a/app/assets/javascripts/diffs/components/diff_line_gutter_content.vue
+++ b/app/assets/javascripts/diffs/components/diff_line_gutter_content.vue
@@ -108,7 +108,7 @@ export default {
    },
  },
  methods: {
-    ...mapActions(['loadMoreLines', 'showCommentForm']),
+    ...mapActions('diffs', ['loadMoreLines', 'showCommentForm']),
    handleCommentButton() {
      this.showCommentForm({ lineCode: this.lineCode });
    },

--- a/app/assets/javascripts/diffs/components/diff_line_note_form.vue
+++ b/app/assets/javascripts/diffs/components/diff_line_note_form.vue
@@ -59,7 +59,8 @@ export default {
    }
  },
  methods: {
-    ...mapActions(['cancelCommentForm', 'saveNote', 'refetchDiscussionById']),
+    ...mapActions('diffs', ['cancelCommentForm']),
+    ...mapActions(['saveNote', 'refetchDiscussionById']),
    handleCancelCommentForm() {
      this.autosave.reset();
      this.cancelCommentForm({

--- a/app/assets/javascripts/diffs/components/inline_diff_table_row.vue
+++ b/app/assets/javascripts/diffs/components/inline_diff_table_row.vue
@@ -36,7 +36,7 @@ export default {
    };
  },
  computed: {
-    ...mapGetters(['isInlineView']),
+    ...mapGetters('diffs', ['isInlineView']),
    isContextLine() {
      return this.line.type === CONTEXT_LINE_TYPE;
    },

--- a/app/assets/javascripts/diffs/components/inline_diff_view.vue
+++ b/app/assets/javascripts/diffs/components/inline_diff_view.vue
@@ -20,7 +20,8 @@ export default {
    },
  },
  computed: {
-    ...mapGetters(['commitId', 'discussionsByLineCode']),
+    ...mapGetters('diffs', ['commitId']),
+    ...mapGetters(['discussionsByLineCode']),
    ...mapState({
      diffLineCommentForms: state => state.diffs.diffLineCommentForms,
    }),

--- a/app/assets/javascripts/diffs/components/parallel_diff_table_row.vue
+++ b/app/assets/javascripts/diffs/components/parallel_diff_table_row.vue
@@ -40,7 +40,7 @@ export default {
    };
  },
  computed: {
-    ...mapGetters(['isParallelView']),
+    ...mapGetters('diffs', ['isParallelView']),
    isContextLine() {
      return this.line.left.type === CONTEXT_LINE_TYPE;
    },

--- a/app/assets/javascripts/diffs/components/parallel_diff_view.vue
+++ b/app/assets/javascripts/diffs/components/parallel_diff_view.vue
@@ -21,7 +21,8 @@ export default {
    },
  },
  computed: {
-    ...mapGetters(['commitId', 'discussionsByLineCode']),
+    ...mapGetters('diffs', ['commitId']),
+    ...mapGetters(['discussionsByLineCode']),
    ...mapState({
      diffLineCommentForms: state => state.diffs.diffLineCommentForms,
    }),

--- a/app/assets/javascripts/diffs/store/modules/index.js
+++ b/app/assets/javascripts/diffs/store/modules/index.js
@@ -4,6 +4,7 @@ import mutations from '../mutations';
 import createState from './diff_state';
 export default {
+  namespaced: true,
  state: createState(),
  getters,
  actions,

--- a/app/assets/javascripts/due_date_select.js
+++ b/app/assets/javascripts/due_date_select.js
@@ -171,6 +171,8 @@ export default class DueDateSelectors {
  initMilestoneDatePicker() {
    $('.datepicker').each(function initPikadayMilestone() {
      const $datePicker = $(this);
+      const datePickerVal = $datePicker.val();
      const calendar = new Pikaday({
        field: $datePicker.get(0),
        theme: 'gitlab-theme animate-picker',
@@ -183,7 +185,7 @@ export default class DueDateSelectors {
        },
      });
-      calendar.setDate(parsePikadayDate($datePicker.val()));
+      calendar.setDate(parsePikadayDate(datePickerVal));
      $datePicker.data('pikaday', calendar);
    });

--- a/app/assets/stylesheets/framework/filters.scss
+++ b/app/assets/stylesheets/framework/filters.scss
@@ -224,7 +224,10 @@
  .form-control {
    position: relative;
    min-width: 200px;
-    padding: 5px 25px 6px 0;
+    padding-right: 25px;
+    padding-left: 0;
+    height: $input-height;
+    line-height: inherit;
    border-color: transparent;
    &:focus,

--- a/app/views/layouts/header/_default.html.haml
+++ b/app/views/layouts/header/_default.html.haml
@@ -61,7 +61,9 @@
          - if header_link?(:sign_in)
            %li.nav-item
              %div
-                = link_to "Sign in / Register", new_session_path(:user, redirect_to_referer: 'yes'), class: 'btn btn-sign-in'
+                - sign_in_text = allow_signup? ? 'Sign in / Register' : 'Sign in'
+                = link_to sign_in_text, new_session_path(:user, redirect_to_referer: 'yes'), class: 'btn btn-sign-in'
      %button.navbar-toggler.d-block.d-sm-none{ type: 'button' }
        %span.sr-only Toggle navigation

--- a/app/views/shared/hook_logs/_content.html.haml
+++ b/app/views/shared/hook_logs/_content.html.haml
@@ -30,7 +30,7 @@
 %h5 Request body:
 %pre
-  :plain
+  :escaped
    #{JSON.pretty_generate(hook_log.request_data)}
 %h5 Response headers:
 %pre
@@ -40,5 +40,5 @@
 %h5 Response body:
 %pre
-  :plain
+  :escaped
    #{hook_log.response_body}
--- a/changelogs/unreleased/41671-fixing-milestone-date-change-when-editing.yml
+++ b/changelogs/unreleased/41671-fixing-milestone-date-change-when-editing.yml
+---
+title: "Fixing milestone date change when editing"
+merge_request: 20279
+author: Orlando Del Aguila
+type: fixed
\ No newline at end of file
--- a/changelogs/unreleased/48976-rails5-invalid-single-table-inheritance-type-group-is-not-a-subclass-of-gitlab-backgroundmigration-fixcrossprojectlabellinks-namespace.yml
+++ b/changelogs/unreleased/48976-rails5-invalid-single-table-inheritance-type-group-is-not-a-subclass-of-gitlab-backgroundmigration-fixcrossprojectlabellinks-namespace.yml
--- a/changelogs/unreleased/fix-search-bar.yml
+++ b/changelogs/unreleased/fix-search-bar.yml
+---
+title: Fix search bar text input alignment
+merge_request:
+author:
+type: fixed
--- a/changelogs/unreleased/jprovazn-upload-symlink.yml
+++ b/changelogs/unreleased/jprovazn-upload-symlink.yml
+---
+title: Add /uploads subdirectory to allowed upload paths.
+merge_request:
+author:
+type: fixed
--- a/changelogs/unreleased/rails5-fix-48977.yml
+++ b/changelogs/unreleased/rails5-fix-48977.yml
+---
+title: Rails5 fix mysql milliseconds problem in specs
+merge_request: 20464
+author: Jasper Maes
+type: fixed
--- a/changelogs/unreleased/rails5-mysql-fix-pr-importer-spec.yml
+++ b/changelogs/unreleased/rails5-mysql-fix-pr-importer-spec.yml
+---
+title: Rails5 mysql fix milliseconds problem in pull request importer spec
+merge_request: 20475
+author: Jasper Maes
+type: fixed
--- a/changelogs/unreleased/rails5-update-gemfile-lock.yml
+++ b/changelogs/unreleased/rails5-update-gemfile-lock.yml
+---
+title: Update Gemfile.rails5.lock with latest Gemfile.lock changes
+merge_request: 20466
+author: Jasper Maes
+type: fixed
--- a/changelogs/unreleased/sh-fix-issue-47797-ce.yml
+++ b/changelogs/unreleased/sh-fix-issue-47797-ce.yml
+---
+title: Fix handling of annotated tags when Gitaly is not in use
+merge_request:
+author:
+type: fixed
--- a/changelogs/unreleased/upgrade-hamlit-for-ruby25.yml
+++ b/changelogs/unreleased/upgrade-hamlit-for-ruby25.yml
+---
+title: 'Update hamlit to fix ruby 2.5 incompatibilities, fixes #42045'
+merge_request:
+author: Matthew Dawson
+type: fixed
--- a/doc/administration/pages/index.md
+++ b/doc/administration/pages/index.md
@@ -49,8 +49,8 @@ supporting custom domains a secondary IP is not needed.
 Before proceeding with the Pages configuration, you will need to:
-1. Have a separate domain under which the GitLab Pages will be served. In this
+1. Have an exclusive root domain for serving GitLab Pages. Note that you cannot
-   document we assume that to be `example.io`.
+   use a subdomain of your GitLab's instance domain.
 1. Configure a **wildcard DNS record**.
 1. (Optional) Have a **wildcard certificate** for that domain if you decide to
   serve Pages under HTTPS.

--- a/doc/development/fe_guide/development_process.md
+++ b/doc/development/fe_guide/development_process.md
 # Frontend Development Process
-You can find more about the organization of the frontend team in the [handbook](https://about.gitlab.com/handbook/frontend/).
+You can find more about the organization of the frontend team in the [handbook](https://about.gitlab.com/handbook/engineering/frontend/).
 ## Development Checklist
@@ -34,7 +34,7 @@ Please use your best judgement when to use it and please contribute new points t
    - [ ] **Cookie Mode** Think about hiding the feature behind a cookie flag if the implementation is on top of existing features
    - [ ] **New route** Are you refactoring something big then you might consider adding a new route where you implement the new feature and when finished delete the current route and rename the new one. (for example 'merge_request' and 'new_merge_request')
 - [ ] **Setup** Is there any specific setup needed for your implementation (for example a kubernetes cluster)? Then let everyone know if it is not already mentioned where they can find documentation (if it doesn't exist - create it)
- [ ] **Security** Are there any new security relevant implementations? Then please contact the security team for an app security review. If you are not sure ask our [domain expert](https://about.gitlab.com/handbook/frontend/#frontend-domain-experts)
+- [ ] **Security** Are there any new security relevant implementations? Then please contact the security team for an app security review. If you are not sure ask our [domain expert](https://about.gitlab.com/handbook/engineering/frontend/#frontend-domain-experts)
 #### During development
@@ -51,7 +51,7 @@ Please use your best judgement when to use it and please contribute new points t
 - [ ] **Performance** Have you checked performance? For example do the same thing with 500 comments instead of 1. Document the tests and possible findings in the MR so a reviewer can directly see it.
 - [ ] Have you tested with a variety of our [supported browsers](../../install/requirements.md#supported-web-browsers)? You can use [browserstack](https://www.browserstack.com/) to be able to access a wide variety of browsers and operating systems.
 - [ ] Did you check the mobile view?
- [ ] Check the built webpack bundle (For the report run `WEBPACK_REPORT=true gdk run`, then open `webpack-report/index.html`) if we have unnecessary bloat due to wrong references, including libraries multiple times, etc.. If you need help contact the webpack [domain expert](https://about.gitlab.com/handbook/frontend/#frontend-domain-experts)
+- [ ] Check the built webpack bundle (For the report run `WEBPACK_REPORT=true gdk run`, then open `webpack-report/index.html`) if we have unnecessary bloat due to wrong references, including libraries multiple times, etc.. If you need help contact the webpack [domain expert](https://about.gitlab.com/handbook/engineering/frontend/#frontend-domain-experts)
 - [ ] **Tests** Not only greenfield tests - Test also all bad cases that come to your mind.
 - [ ] If you have multiple MR's then also smoke test against the final merge.
 - [ ] Are there any big changes on how and especially how frequently we use the API then let production know about it

--- a/doc/development/i18n/proofreader.md
+++ b/doc/development/i18n/proofreader.md
@@ -11,6 +11,7 @@ are very appreciative of the work done by translators and proofreaders!
 - Chinese Traditional
  - Huang Tao - [GitLab](https://gitlab.com/htve), [Crowdin](https://crowdin.com/profile/htve)
  - Weizhe Ding - [GitLab](https://gitlab.com/d.weizhe), [Crowdin](https://crowdin.com/profile/d.weizhe)
+  - Yi-Jyun Pan - [GitLab](https://gitlab.com/pan93412), [Crowdin](https://crowdin.com/profile/pan93412)
 - Chinese Traditional, Hong Kong
  - Huang Tao - [GitLab](https://gitlab.com/htve), [Crowdin](https://crowdin.com/profile/htve)
 - Dutch

--- a/doc/development/testing_guide/frontend_testing.md
+++ b/doc/development/testing_guide/frontend_testing.md
@@ -172,6 +172,10 @@ object which can be treated like any other jasmine spy object.
 Further documentation on the babel rewire pluign API can be found on
 [its repository Readme doc](https://github.com/speedskater/babel-plugin-rewire#babel-plugin-rewire).
+#### Waiting in tests
+If you cannot avoid using [`setTimeout`](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/setTimeout) in tests, please use the [Jasmine mock clock](https://jasmine.github.io/api/2.9/Clock.html).
 ### Vue.js unit tests
 See this [section][vue-test].

--- a/doc/ssh/README.md
+++ b/doc/ssh/README.md
@@ -77,6 +77,8 @@ Note that Public SSH key may also be named as follows:
     If you want to change the password of your SSH key pair, you can use
     `ssh-keygen -p <keyname>`.
+## Adding a SSH key to your GitLab account
 1. The next step is to copy the public SSH key as we will need it afterwards.
    To copy your public SSH key to the clipboard, use the appropriate code below:

--- a/doc/user/markdown.md
+++ b/doc/user/markdown.md
@@ -9,7 +9,7 @@
 > For the best result, we encourage you to check this document out as rendered
 by GitLab: [markdown.md]
-_GitLab uses (as of 11.1) the [CommonMark Ruby Library][commonmarker] for Markdown processing of all new issues, merge requests, comments, and other Markdown content in the GitLab system.  Previous content and Markdown files `.md` in the repositories are still processed using the [Redcarpet Ruby library][redcarpet]._
+_GitLab uses (as of 11.1) the [CommonMark Ruby Library][commonmarker] for Markdown processing of all new issues, merge requests, comments, and other Markdown content in the GitLab system.  Previous content, wiki pages and Markdown files (`.md`) in the repositories are still processed using the [Redcarpet Ruby library][redcarpet]._
 _Where there are significant differences, we will try to call them out in this document._
@@ -22,7 +22,7 @@ You can use GFM in the following areas:
 - merge requests
 - milestones
 - snippets (the snippet must be named with a `.md` extension)
- wiki pages
+- wiki pages (currently only rendered by Redcarpet)
 - markdown documents inside the repository (currently only rendered by Redcarpet)
 - epics

--- a/lib/gitlab/git/repository.rb
+++ b/lib/gitlab/git/repository.rb
@@ -625,8 +625,14 @@ module Gitlab
      end
      def update_branch(branch_name, user:, newrev:, oldrev:)
+        gitaly_migrate(:operation_user_update_branch) do |is_enabled|
+          if is_enabled
+            gitaly_operations_client.user_update_branch(branch_name, user, newrev, oldrev)
+          else
            OperationService.new(user, self).update_branch(branch_name, newrev, oldrev)
          end
+        end
+      end
      def rm_branch(branch_name, user:)
        wrapped_gitaly_errors do

--- a/lib/gitlab/gitaly_client/operation_service.rb
+++ b/lib/gitlab/gitaly_client/operation_service.rb
@@ -68,6 +68,22 @@ module Gitlab
        raise Gitlab::Git::Repository::InvalidRef, ex
      end
+      def user_update_branch(branch_name, user, newrev, oldrev)
+        request = Gitaly::UserUpdateBranchRequest.new(
+          repository: @gitaly_repo,
+          branch_name: encode_binary(branch_name),
+          user: Gitlab::Git::User.from_gitlab(user).to_gitaly,
+          newrev: encode_binary(newrev),
+          oldrev: encode_binary(oldrev)
+        )
+        response = GitalyClient.call(@repository.storage, :operation_service, :user_update_branch, request)
+        if pre_receive_error = response.pre_receive_error.presence
+          raise Gitlab::Git::PreReceiveError, pre_receive_error
+        end
+      end
      def user_delete_branch(branch_name, user)
        request = Gitaly::UserDeleteBranchRequest.new(
          repository: @gitaly_repo,

--- a/lib/gitlab/middleware/multipart.rb
+++ b/lib/gitlab/middleware/multipart.rb
@@ -84,7 +84,7 @@ module Gitlab
        def open_file(params, key)
          ::UploadedFile.from_params(
            params, key,
-            Gitlab.config.uploads.storage_path)
+            [FileUploader.root, Gitlab.config.uploads.storage_path])
        end
      end

--- a/lib/uploaded_file.rb
+++ b/lib/uploaded_file.rb
@@ -28,7 +28,7 @@ class UploadedFile
    @tempfile = File.new(path, 'rb')
  end
-  def self.from_params(params, field, upload_path)
+  def self.from_params(params, field, upload_paths)
    unless params["#{field}.path"]
      raise InvalidPathError, "file is invalid" if params["#{field}.remote_id"]
@@ -37,7 +37,8 @@ class UploadedFile
    file_path = File.realpath(params["#{field}.path"])
-    unless self.allowed_path?(file_path, [upload_path, Dir.tmpdir].compact)
+    paths = Array(upload_paths) << Dir.tmpdir
+    unless self.allowed_path?(file_path, paths.compact)
      raise InvalidPathError, "insecure path used '#{file_path}'"
    end

--- a/spec/features/milestones/user_edits_milestone_spec.rb
+++ b/spec/features/milestones/user_edits_milestone_spec.rb
+require "rails_helper"
+describe "User edits milestone", :js do
+  set(:user) { create(:user) }
+  set(:project) { create(:project) }
+  set(:milestone) { create(:milestone, project: project, start_date: Date.today, due_date: 5.days.from_now) }
+  before do
+    project.add_developer(user)
+    sign_in(user)
+    visit(edit_project_milestone_path(project, milestone))
+  end
+  it "shows the right start date and due date" do
+    start_date = milestone.start_date.strftime("%F")
+    due_date = milestone.due_date.strftime("%F")
+    expect(page).to have_field(with: start_date)
+    expect(page).to have_field(with: due_date)
+  end
+end
--- a/spec/features/users/show_spec.rb
+++ b/spec/features/users/show_spec.rb
@@ -14,4 +14,28 @@ describe 'User page' do
      expect(page).to have_link('Snippets')
    end
  end
+  context 'signup disabled' do
+    it 'shows the sign in link' do
+      stub_application_setting(signup_enabled: false)
+      visit(user_path(user))
+      page.within '.navbar-nav' do
+        expect(page).to have_link('Sign in')
+      end
+    end
+  end
+  context 'signup enabled' do
+    it 'shows the sign in and register link' do
+      stub_application_setting(signup_enabled: true)
+      visit(user_path(user))
+      page.within '.navbar-nav' do
+        expect(page).to have_link('Sign in / Register')
+      end
+    end
+  end
 end
--- a/spec/javascripts/diffs/components/inline_diff_view_spec.js
+++ b/spec/javascripts/diffs/components/inline_diff_view_spec.js
@@ -13,7 +13,7 @@ describe('InlineDiffView', () => {
  beforeEach(() => {
    const diffFile = getDiffFileMock();
-    store.dispatch('setInlineDiffViewType');
+    store.dispatch('diffs/setInlineDiffViewType');
    component = createComponentWithStore(Vue.extend(InlineDiffView), store, {
      diffFile,
      diffLines: diffFile.highlightedDiffLines,

--- a/spec/lib/gitlab/gitaly_client/operation_service_spec.rb
+++ b/spec/lib/gitlab/gitaly_client/operation_service_spec.rb
@@ -53,6 +53,47 @@ describe Gitlab::GitalyClient::OperationService do
    end
  end
+  describe '#user_update_branch' do
+    let(:branch_name) { 'my-branch' }
+    let(:newrev) { '01e' }
+    let(:oldrev) { '01d' }
+    let(:request) do
+      Gitaly::UserUpdateBranchRequest.new(
+        repository: repository.gitaly_repository,
+        branch_name: branch_name,
+        newrev: newrev,
+        oldrev: oldrev,
+        user: gitaly_user
+      )
+    end
+    let(:response) { Gitaly::UserUpdateBranchResponse.new }
+    subject { client.user_update_branch(branch_name, user, newrev, oldrev) }
+    it 'sends a user_update_branch message' do
+      expect_any_instance_of(Gitaly::OperationService::Stub)
+        .to receive(:user_update_branch).with(request, kind_of(Hash))
+        .and_return(response)
+      subject
+    end
+    context "when pre_receive_error is present" do
+      let(:response) do
+        Gitaly::UserUpdateBranchResponse.new(pre_receive_error: "something failed")
+      end
+      it "throws a PreReceive exception" do
+        expect_any_instance_of(Gitaly::OperationService::Stub)
+          .to receive(:user_update_branch).with(request, kind_of(Hash))
+          .and_return(response)
+        expect { subject }.to raise_error(
+          Gitlab::Git::PreReceiveError, "something failed")
+      end
+    end
+  end
  describe '#user_delete_branch' do
    let(:branch_name) { 'my-branch' }
    let(:request) do

--- a/spec/lib/gitlab/github_import/importer/pull_requests_importer_spec.rb
+++ b/spec/lib/gitlab/github_import/importer/pull_requests_importer_spec.rb
@@ -27,9 +27,9 @@ describe Gitlab::GithubImport::Importer::PullRequestsImporter do
      milestone: double(:milestone, number: 4),
      user: double(:user, id: 4, login: 'alice'),
      assignee: double(:user, id: 4, login: 'alice'),
-      created_at: Time.zone.now,
+      created_at: 1.second.ago,
-      updated_at: Time.zone.now,
+      updated_at: 1.second.ago,
-      merged_at: Time.zone.now
+      merged_at: 1.second.ago
    )
  end

--- a/spec/lib/gitlab/middleware/multipart_spec.rb
+++ b/spec/lib/gitlab/middleware/multipart_spec.rb
@@ -75,6 +75,33 @@ describe Gitlab::Middleware::Multipart do
    it_behaves_like 'multipart upload files'
  end
+  it 'allows symlinks for uploads dir' do
+    Tempfile.open('two-levels') do |tempfile|
+      symlinked_dir = '/some/dir/uploads'
+      symlinked_path = File.join(symlinked_dir, File.basename(tempfile.path))
+      env = post_env({ 'file' => symlinked_path }, { 'file.name' => original_filename, 'file.path' => symlinked_path }, Gitlab::Workhorse.secret, 'gitlab-workhorse')
+      allow(FileUploader).to receive(:root).and_return(symlinked_dir)
+      allow(UploadedFile).to receive(:allowed_paths).and_return([symlinked_dir, Gitlab.config.uploads.storage_path])
+      allow(File).to receive(:realpath).and_call_original
+      allow(File).to receive(:realpath).with(symlinked_dir).and_return(Dir.tmpdir)
+      allow(File).to receive(:realpath).with(symlinked_path).and_return(tempfile.path)
+      allow(File).to receive(:exist?).and_call_original
+      allow(File).to receive(:exist?).with(symlinked_dir).and_return(true)
+      # override Dir.tmpdir because this dir is in the list of allowed paths
+      # and it would match FileUploader.root path (which in this test is linked
+      # to /tmp too)
+      allow(Dir).to receive(:tmpdir).and_return(File.join(Dir.tmpdir, 'tmpsubdir'))
+      expect(app).to receive(:call) do |env|
+        expect(Rack::Request.new(env).params['file']).to be_a(::UploadedFile)
+      end
+      middleware.call(env)
+    end
+  end
  def post_env(rewritten_fields, params, secret, issuer)
    token = JWT.encode({ 'iss' => issuer, 'rewritten_fields' => rewritten_fields }, secret, 'HS256')
    Rack::MockRequest.env_for(

--- a/spec/models/ci/build_spec.rb
+++ b/spec/models/ci/build_spec.rb
@@ -263,6 +263,7 @@ describe Ci::Build do
    context 'artifacts metadata does not exist' do
      before do
        build.update(legacy_artifacts_metadata: nil)
+<<<<<<< HEAD
      end
      it { is_expected.to be_falsy }
@@ -281,6 +282,8 @@ describe Ci::Build do
    context 'artifacts metadata does not exist' do
      before do
        build.update(legacy_artifacts_metadata: nil)
+=======
+>>>>>>> upstream/master
      end
      it { is_expected.to be_falsy }

--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -2564,7 +2564,13 @@ describe User do
          it 'changes the namespace (just to compare to when username is not changed)' do
            expect do
+<<<<<<< HEAD
              user.update!(username: new_username)
+=======
+              Timecop.freeze(1.second.from_now) do
+                user.update!(username: new_username)
+              end
+>>>>>>> upstream/master
            end.to change { user.namespace.updated_at }
          end

--- a/spec/services/ci/retry_build_service_spec.rb
+++ b/spec/services/ci/retry_build_service_spec.rb
@@ -100,7 +100,11 @@ describe Ci::RetryBuildService do
  end
  describe '#execute' do
-    let(:new_build) { service.execute(build) }
+    let(:new_build) do
+      Timecop.freeze(1.second.from_now) do
+        service.execute(build)
+      end
+    end
    context 'when user has ability to execute build' do
      before do
@@ -150,7 +154,11 @@ describe Ci::RetryBuildService do
  end
  describe '#reprocess' do
-    let(:new_build) { service.reprocess!(build) }
+    let(:new_build) do
+      Timecop.freeze(1.second.from_now) do
+        service.reprocess!(build)
+      end
+    end
    context 'when user has ability to execute build' do
      before do