Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-10-09

# Conflicts:
#	qa/qa/page/admin/menu.rb

[ci skip]

app/assets/javascripts/pipelines/components/pipelines_table.vue

@@ -35,7 +35,7 @@ export default {
   },
   data() {
     return {
-      pipelineId: '',
+      pipelineId: 0,
       endpoint: '',
       cancelingPipeline: null,
     };

app/assets/javascripts/pipelines/components/pipelines_table_row.vue

@@ -47,7 +47,7 @@ export default {
       required: true,
     },
     cancelingPipeline: {
-      type: String,
+      type: Number,
       required: false,
       default: null,
     },

app/models/hooks/web_hook.rb

@@ -37,38 +37,4 @@ class WebHook < ActiveRecord::Base
   def allow_local_requests?
     false
   end
-
-  # In 11.4, the web_hooks table has both `token` and `encrypted_token` fields.
-  # Ensure that the encrypted version always takes precedence if present.
-  alias_method :attr_encrypted_token, :token
-  def token
-    attr_encrypted_token.presence || read_attribute(:token)
-  end
-
-  # In 11.4, the web_hooks table has both `token` and `encrypted_token` fields.
-  # Pending a background migration to encrypt all fields, we should just clear
-  # the unencrypted value whenever the new value is set.
-  alias_method :'attr_encrypted_token=', :'token='
-  def token=(value)
-    self.attr_encrypted_token = value
-
-    write_attribute(:token, nil)
-  end
-
-  # In 11.4, the web_hooks table has both `url` and `encrypted_url` fields.
-  # Ensure that the encrypted version always takes precedence if present.
-  alias_method :attr_encrypted_url, :url
-  def url
-    attr_encrypted_url.presence || read_attribute(:url)
-  end
-
-  # In 11.4, the web_hooks table has both `url` and `encrypted_url` fields.
-  # Pending a background migration to encrypt all fields, we should just clear
-  # the unencrypted value whenever the new value is set.
-  alias_method :'attr_encrypted_url=', :'url='
-  def url=(value)
-    self.attr_encrypted_url = value
-
-    write_attribute(:url, nil)
-  end
 end

app/views/projects/clusters/gcp/_form.html.haml

@@ -68,7 +68,7 @@
         .form-text.text-muted
           = s_('ClusterIntegration|Enable this setting if using role-based access control (RBAC).')
           = s_('ClusterIntegration|This option will allow you to install applications on RBAC clusters.')
-          = link_to _('More information'), help_page_path('user/project/clusters/index.md', anchor: 'role-based-access-control-rbac-experimental-support'), target: '_blank'
+          = link_to _('More information'), help_page_path('user/project/clusters/index.md', anchor: 'role-based-access-control-rbac-core-only'), target: '_blank'
 
     .form-group
       = field.submit s_('ClusterIntegration|Create Kubernetes cluster'), class: 'js-gke-cluster-creation-submit btn btn-success', disabled: true

app/views/projects/clusters/user/_form.html.haml

@@ -32,7 +32,7 @@
         .form-text.text-muted
           = s_('ClusterIntegration|Enable this setting if using role-based access control (RBAC).')
           = s_('ClusterIntegration|This option will allow you to install applications on RBAC clusters.')
-          = link_to _('More information'), help_page_path('user/project/clusters/index.md', anchor: 'role-based-access-control-rbac-experimental-support'), target: '_blank'
+          = link_to _('More information'), help_page_path('user/project/clusters/index.md', anchor: 'role-based-access-control-rbac-core-only'), target: '_blank'
 
     .form-group
       = field.submit s_('ClusterIntegration|Add Kubernetes cluster'), class: 'btn btn-success'

app/views/shared/empty_states/_wikis.html.haml

@@ -5,7 +5,7 @@
   - create_link = link_to s_('WikiEmpty|Create your first page'), create_path, class: 'btn btn-success', title: s_('WikiEmpty|Create your first page')
 
   = render layout: layout_path, locals: { image_path: 'illustrations/wiki_login_empty.svg' } do
-    %h4
+    %h4.text-left
       = s_('WikiEmpty|The wiki lets you write documentation for your project')
     %p.text-left
       = s_("WikiEmpty|A wiki is where you can store all the details about your project. This can include why you've created it, its principles, how to use it, and so on.")

changelogs/unreleased/52367-cleanup-web-hooks-columns.yml

+---
+title: Remove legacy unencrypted webhook columns from the database
+merge_request: 22199
+author:
+type: changed

changelogs/unreleased/gt-update-wiki-empty-state.yml

+---
+title: Update wiki empty state
+merge_requrst: 22218
+author: George Tsiolis
+type: other

db/post_migrate/20181008145341_steal_encrypt_columns.rb

+class StealEncryptColumns < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  disable_ddl_transaction!
+
+  def up
+    Gitlab::BackgroundMigration.steal('EncryptColumns')
+  end
+
+  def down
+    # no-op
+  end
+end

db/post_migrate/20181008145359_remove_web_hooks_token_and_url.rb

+class RemoveWebHooksTokenAndUrl < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def change
+    remove_column :web_hooks, :token, :string
+    remove_column :web_hooks, :url, :string, limit: 2000
+  end
+end

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20181002172433) do
+ActiveRecord::Schema.define(version: 20181008145359) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -3079,7 +3079,6 @@ ActiveRecord::Schema.define(version: 20181002172433) do
   add_index "web_hook_logs", ["web_hook_id"], name: "index_web_hook_logs_on_web_hook_id", using: :btree
 
   create_table "web_hooks", force: :cascade do |t|
-    t.string "url", limit: 2000
     t.integer "project_id"
     t.datetime "created_at"
     t.datetime "updated_at"
@@ -3093,7 +3092,6 @@ ActiveRecord::Schema.define(version: 20181002172433) do
     t.boolean "note_events", default: false, null: false
     t.boolean "enable_ssl_verification", default: true
     t.boolean "wiki_page_events", default: false, null: false
-    t.string "token"
     t.boolean "pipeline_events", default: false, null: false
     t.boolean "confidential_issues_events", default: false, null: false
     t.boolean "repository_update_events", default: false, null: false

doc/ci/examples/deployment/README.md

@@ -5,7 +5,7 @@ continuous deployment that's developed and used by Travis CI, but can also be
 used with GitLab CI.
 
 >**Note:**
-We recommend to use Dpl if you're deploying to any of these of these services:
+We recommend to use Dpl if you're deploying to any of these services:
 https://github.com/travis-ci/dpl#supported-providers.
 
 ## Requirements

qa/qa/page/admin/menu.rb

@@ -4,8 +4,11 @@ module QA
   module Page
     module Admin
       class Menu < Page::Base
+<<<<<<< HEAD:qa/qa/page/admin/menu.rb
         prepend EE::Page::Admin::Menu
 
+=======
+>>>>>>> upstream/master:qa/qa/page/admin/menu.rb
         view 'app/views/layouts/nav/sidebar/_admin.html.haml' do
           element :admin_sidebar
           element :admin_sidebar_submenu

scripts/trigger-build

 #!/usr/bin/env ruby
+# frozen_string_literal: true
 
 require 'gitlab'
 
@@ -6,38 +7,27 @@ require 'gitlab'
 # Configure credentials to be used with gitlab gem
 #
 Gitlab.configure do |config|
-  config.endpoint      = 'https://gitlab.com/api/v4'
-  config.private_token = ENV['GITLAB_QA_ACCESS_TOKEN'] # gitlab-qa bot access token
+  config.endpoint = 'https://gitlab.com/api/v4'
 end
 
 module Trigger
-  TOKEN = ENV['BUILD_TRIGGER_TOKEN']
-
   def self.ee?
     ENV['CI_PROJECT_NAME'] == 'gitlab-ee' || File.exist?('CHANGELOG-EE.md')
   end
 
   class Base
-    def initialize(api_token)
-      Gitlab.private_token = api_token
-    end
-
     def invoke!(post_comment: false)
       pipeline = Gitlab.run_trigger(
         downstream_project_path,
-        Trigger::TOKEN,
+        trigger_token,
         ref,
         variables)
 
-      puts "Triggered #{pipeline.web_url}"
+      puts "Triggered downstream pipeline: #{pipeline.web_url}\n"
       puts "Waiting for downstream pipeline status"
 
-      begin
-        Trigger::CommitComment.post!(downstream_project_path, pipeline) if post_comment
-      rescue Gitlab::Error::Error => error
-        puts "Ignoring the following error: #{error}"
-      end
-      Trigger::Pipeline.new(downstream_project_path, pipeline.id)
+      Trigger::CommitComment.post!(pipeline, access_token) if post_comment
+      Trigger::Pipeline.new(downstream_project_path, pipeline.id, access_token)
     end
 
     private
@@ -52,6 +42,16 @@ module Trigger
       raise NotImplementedError
     end
 
+    # Must be overriden
+    def trigger_token
+      raise NotImplementedError
+    end
+
+    # Must be overriden
+    def access_token
+      raise NotImplementedError
+    end
+
     # Can be overriden
     def extra_variables
       {}
@@ -68,7 +68,10 @@ module Trigger
 
     def base_variables
       {
-        'TRIGGERED_USER' => ENV['GITLAB_USER_NAME'],
+        'TOP_UPSTREAM_TRIGGER_PROJECT' => ENV['TOP_UPSTREAM_TRIGGER_PROJECT'] || ENV['CI_PROJECT_PATH'],
+        'UPSTREAM_TRIGGER_PROJECT' => ENV['CI_PROJECT_PATH'],
+        'UPSTREAM_TRIGGER_SOURCE' => ENV['TRIGGER_SOURCE'],
+        'TRIGGERED_USER' => ENV['TRIGGERED_USER'] || ENV['GITLAB_USER_NAME'],
         'TRIGGER_SOURCE' => ENV['CI_JOB_URL']
       }
     end
@@ -85,13 +88,21 @@ module Trigger
     private
 
     def downstream_project_path
-      'gitlab-org/omnibus-gitlab'.freeze
+      'gitlab-org/omnibus-gitlab'
     end
 
     def ref
       ENV['OMNIBUS_BRANCH'] || 'master'
     end
 
+    def trigger_token
+      ENV['BUILD_TRIGGER_TOKEN']
+    end
+
+    def access_token
+      ENV['GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN']
+    end
+
     def extra_variables
       {
         'GITLAB_VERSION' => ENV['CI_COMMIT_SHA'],
@@ -112,6 +123,14 @@ module Trigger
       ENV['CNG_BRANCH'] || 'master'
     end
 
+    def trigger_token
+      ENV['BUILD_TRIGGER_TOKEN']
+    end
+
+    def access_token
+      ENV['GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN']
+    end
+
     def extra_variables
       edition = Trigger.ee? ? 'EE' : 'CE'
 
@@ -134,11 +153,16 @@ module Trigger
   end
 
   class CommitComment
-    def self.post!(downstream_project_path, downstream_pipeline)
+    def self.post!(downstream_pipeline, access_token)
+      Gitlab.private_token = access_token
+
       Gitlab.create_commit_comment(
         ENV['CI_PROJECT_PATH'],
         ENV['CI_COMMIT_SHA'],
         "The [`#{ENV['CI_JOB_NAME']}`](#{ENV['CI_JOB_URL']}) job from pipeline #{ENV['CI_PIPELINE_URL']} triggered #{downstream_pipeline.web_url} downstream.")
+
+    rescue Gitlab::Error::Error => error
+      puts "Ignoring the following error: #{error}"
     end
   end
 
@@ -146,15 +170,16 @@ module Trigger
     INTERVAL = 60 # seconds
     MAX_DURATION = 3600 * 3 # 3 hours
 
-    attr_reader :project, :id
+    attr_reader :project, :id, :api_token
 
-    def initialize(project, id)
+    def initialize(project, id, api_token)
       @project = project
       @id = id
+      @api_token = api_token
       @start = Time.now.to_i
 
       # gitlab-bot's token "GitLab multi-project pipeline polling"
-      Gitlab.private_token = ENV['GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN']
+      Gitlab.private_token = api_token
     end
 
     def wait!
@@ -197,9 +222,9 @@ end
 
 case ARGV[0]
 when 'omnibus'
-  Trigger::Omnibus.new(ENV['GITLAB_QA_ACCESS_TOKEN']).invoke!(post_comment: true).wait!
+  Trigger::Omnibus.new.invoke!(post_comment: true).wait!
 when 'cng'
-  Trigger::CNG.new(ENV['GITLAB_QA_ACCESS_TOKEN']).invoke!.wait!
+  Trigger::CNG.new.invoke!.wait!
 else
   puts "Please provide a valid option:
   omnibus - Triggers a pipeline that builds the omnibus-gitlab package