Merge branch 'master' into 4316-status-icon

* master:
  Fix route for Geo 'Repair authentication'
  Add docs for playing a CI pipeline schedule
  Adds logging to remove remote worker
  Update CHANGELOG.md for 10.4.0
  Update CHANGELOG-EE.md for 10.4.0-ee
  Copy k8s service integration info into clusters
  Add more info on how DAST works
  Adds ExclusiveLeaseGuard to RepositoryRemoveRemoteWorker and restores RemoteMirror#refresh_remote to after_save callback
  Moves ExclusiveLeaseGuard from EE to CE
  Moves remove_remote to a background job
  Update icon to match EE
  Merge branch 'master' into vue-mr-widget-state
  Move mr_widget_auto_merge_failed component into a vue file
  Move EE-specific image to ee/app/assets/images
  Move EE-specific stylesheets to ee/app/assets/stylesheets

CHANGELOG-EE.md

 Please view this file on the master branch, on stable branches it's out of date.
 
+## 10.4.0 (2018-01-22)
+
+### Security (2 changes)
+
+- Fix LDAP external user/group bug on first sign in.
+- Deny persisting milestones from outside project/group scope on boards.
+
+### Fixed (19 changes, 1 of them is from the community)
+
+- Issue count now refreshes quicker on geo secondary. !3639
+- Prevent adding same role multiple times on repeated clicks. !3700
+- Geo - Fix difference in FDW / non-FDW queries for Geo::FileRegistry queries. !3714
+- Fix successful rebase throwing flash error message. !3727
+- Fix Merge Rquest widget rebase action in Internet Explorer. !3732
+- Geo - Use relative path for avatar images on a secondary node. !3857
+- Add missing wiki counts to prometheus metrics. !3875
+- Adjust content width for User Settings, Pipeline quota. !3895 (George Tsiolis)
+- Fix a bug where branch could not be delete due to a push rule config. !3900
+- Fix a few doc links to fast ssh key lookup. !3937
+- Handle node details load failure gracefully on UI. !3992
+- Use the fastest available method for various Geo status counts. !4024
+- Fix neutralCount computation to prevent negative values. !4044
+- Fix reordering of items when moved to top or bottom. !4050
+- Geo - Fix repository clean up when selective replication changes with hashed storage enabled. !4059
+- Fix JavaScript bundle running on Cluster update/destroy pages. !4112
+- Record EE instances without a license correctly in usage ping.
+- Fix export to CSV if a filter with multiple labels is used.
+- Stop authorization attempts with instance profile when static credentials are provided for AWS Elasticsearch.
+
+### Changed (6 changes)
+
+- Change MR widget failed icons to warning icons. !3669
+- Show clear message when set-geo-primary-node was successful. !3768
+- More descriptive error when clocks between Geo nodes are out of sync. !3860
+- Allow sidekiq to react to becoming a Geo primary or secondary without a restart. !3878
+- Geo admin screen enhancements. !3902
+- Geo UI polish.
+
+### Added (13 changes)
+
+- Split project repository and wiki repository status in Geo node status. !3560
+- Add reset pipeline minutes button to admin overview of groups and users. !3656
+- Show results from docker image scan in the merge request widget. !3672
+- Geo: Added Authorized Keys specific checks. !3728
+- Add some extra fields to Geo API node and status. !3858
+- Show results from DAST scan in the merge request widget. !3885
+- Add Geo support for CI job artifacts. !3935
+- Make it possible to enable/disable PostgreSQL FDW for Geo. !4020
+- Add support for reordering issues in epics.
+- Check if shard configuration is same across Geo nodes.
+- Add API for epics.
+- Add group boards API endpoint.
+- Add api for epic_issue associations.
+
+### Other (6 changes)
+
+- Document GitLab Geo with Object Storage. !3760
+- Update disaster recovery documentation with detailed steps. !3845
+- Fix broken alignment of database password in geo docs. !3939
+- Remove unnecessary NTP checks now included in gitlab:geo:check. !3940
+- Move geo status check after db replication to avoid anticipated failures. !3941
+- Make scoped issue board specs more reliable.
+
+
 ## 10.3.5 (2018-01-18)
 
 - No changes.

CHANGELOG.md

@@ -2,6 +2,171 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 10.4.0 (2018-01-22)
+
+### Security (8 changes, 1 of them is from the community)
+
+- Upgrade Ruby to 2.3.6 to include security patches. !16016
+- Filter out sensitive fields from the project services API. (Robert Schilling)
+- Fix RCE via project import mechanism.
+- Prevent OAuth login POST requests when a provider has been disabled.
+- Prevent a SQL injection in the MilestonesFinder.
+- Check user authorization for source and target projects when creating a merge request.
+- Fix path traversal in gitlab-ci.yml cache:key.
+- Fix writable shared deploy keys.
+
+### Fixed (69 changes, 24 of them are from the community)
+
+- Update comment on image cursor and icons. !15760
+- Fixes the wording of headers in system info page. !15802 (Gilbert Roulot)
+- Reset todo counters when the target is deleted. !15807
+- Execute quick actions (if present) when creating MR from issue. !15810
+- fix build count in pipeline success mail. !15827 (Christiaan Van den Poel)
+- Fix error that was preventing users to change the access level of access requests for Groups or Projects. !15832
+- Last push event widget width for fixed layout. !15862 (George Tsiolis)
+- Hide link to issues/MRs from labels list if issues/MRs are disabled. !15863 (Sophie Herold)
+- Use relative URL for projects to avoid storing domains. !15876
+- Fix gitlab-rake gitlab:import:repos import schedule. !15931
+- Removed incorrect guidance stating blocked users will be removed from groups and project as members. !15947 (CesarApodaca)
+- Fix some POST/DELETE requests in IE by switching some bundles to Axios for Ajax requests. !15951
+- Fixing error 500 when member exist but not the user. !15970
+- show None when issue is in closed list and no labels assigned. !15976 (Christiaan Van den Poel)
+- Fix tags in the Activity tab not being clickable. !15996 (Mario de la Ossa)
+- Disable Vue pagination when only one page of content is available. !15999 (Mario de la Ossa)
+- disables shortcut to issue boards when issues are not enabled. !16020 (Christiaan Van den Poel)
+- Ignore lost+found folder during backup on a volume. !16036 (Julien Millau)
+- Fix abuse reports link url in admin area navbar. !16068 (megos)
+- Keep typographic hierarchy in User Settings. !16090 (George Tsiolis)
+- Adjust content width for User Settings, GPG Keys. !16093 (George Tsiolis)
+- Fix gitlab-rake gitlab:import:repos import schedule. !16115
+- Fix import project url not updating project name. !16120
+- Fix activity inline event line height on mobile. !16121 (George Tsiolis)
+- Fix slash commands dropdown description mis-alignment on Firefox. !16125 (Maurizio De Santis)
+- Remove unnecessary sidebar element realignment. !16159 (George Tsiolis)
+- User#projects_limit remove DB default and added NOT NULL constraint. !16165 (Mario de la Ossa)
+- Fix API endpoints to edit wiki pages where project belongs to a group. !16170
+- Fix breadcrumbs in User Settings. !16172 (rfwatson)
+- Move 2FA disable button. !16177 (George Tsiolis)
+- Fixing bug when wiki last version. !16197
+- Protected branch is now created for default branch on import. !16198
+- Prevent excessive DB load due to faulty DeleteConflictingRedirectRoutes background migration. !16205
+- Force Auto DevOps kubectl version to 1.8.6. !16218
+- Fix missing references to pipeline objects when restoring project with import/export feature. !16221
+- Fix inconsistent downcase of filenames in prefilled `Add` commit messages. !16232 (James Ramsay)
+- Default merge request title is set correctly again when external issue tracker is activated. !16356 (Ben305)
+- Ensure that emails contain absolute, rather than relative, links to user uploads. !16364
+- Prevent invalid Route path if path is unchanged. !16397
+- Fixing rack request mime type when using rack attack. !16427
+- Prevent RevList failing on non utf8 paths. !16440
+- Fix giant fork icons on forks page. !16474
+- Fix links to uploaded files on wiki pages. !16499
+- Fix GitHub importer using removed interface.
+- Fix when branch creation fails don't post system note. (Mateusz Bajorski)
+- Show authored date rather than committed date on the commit list.
+- Fix ANSI 256 bold colors in pipelines job output.
+- Add optional search param for Merge Requests API.
+- fix button alignment on MWPS component.
+- Clears visual token on second backspace. (Martin Wortschack)
+- Fix viewing merge request diffs where the underlying blobs are unavailable.
+- Fix 500 error when visiting a commit where the blobs do not exist.
+- Set target_branch to the ref branch when creating MR from issue.
+- Fix closed text for issues on Todos page.
+- [API] Fix creating issue when assignee_id is empty.
+- Fix false positive issue references in merge requests caused by header anchor links.
+- Fixed chanages dropdown ellipsis positioning.
+- Fix shortcut links on help page.
+- Fix onion-skin re-entering state.
+- Normalizing Identity extern_uid when saving the record.
+- Fixed typo for issue description field declaration. (Marcus Amargi)
+- Modify `LDAP::Person` to return username value based on attributes.
+- Fixed merge request status badge not updating after merging.
+- Remove related links in MR widget when empty state.
+- Gracefully handle garbled URIs in Markdown.
+- Fix hooks not being set up properly for bare import Rake task.
+- Fix Mermaid drawings not loading on some browsers.
+- Humanize the units of "Showing last X KiB of log" in job trace.
+- Avoid leaving a push event empty if payload cannot be created.
+
+### Changed (18 changes, 3 of them are from the community)
+
+- Make mail notifications of discussion notes In-Reply-To of each other. !14289
+- Migrate existing data from KubernetesService to Clusters::Platforms::Kubernetes. !15589
+- Implement checking GCP project billing status in cluster creation form. !15665
+- Present multiple clusters in a single list instead of a tabbed view. !15669
+- Remove soft removals related code. !15789
+- Only mark import and fork jobs as failed once all Sidekiq retries get exhausted. !15844
+- Translate date ranges on contributors page. !15846
+- Update issuable status icons. !15898
+- Update feature toggle design to use icons and make it i18n friendly. !15904
+- Update groups tree to use GitLab SVG icons, add last updated at information for projects. !15980
+- Allow forking a public project to a private group. !16050
+- Expose project_id on /api/v4/pages/domains. !16200 (Luc Didry)
+- Display graph values on hover within monitoring page. !16261
+- Hide markdown toolbar in preview mode.
+- Run background migrations with a minimum interval.
+- Provide additional cookies to JIRA service requests to allow Oracle WebGates Basic Auth. (Stanislaw Wozniak)
+- removed tabindexes from tag form. (Marcus Amargi)
+- Move edit button to second row on issue page (and change it to a pencil icon).
+
+### Performance (11 changes)
+
+- Improve the performance for counting diverging commits. Show 999+ if it is more than 1000 commits. !15963
+- Improve search query for merge requests.
+- Improve search query for issues.
+- Eager load event target authors whenever possible.
+- Use simple Next/Prev paging for jobs to avoid large count queries on arbitrarily large sets of historical jobs.
+- Improve performance of MR discussions on large diffs.
+- Add index on namespaces lower(name) for UsersController#exists.
+- Fix timeout when filtering issues by label.
+- Treat empty markdown and html strings as valid cached text, not missing cache that needs to be updated.
+- Cache merged and closed events data in merge_request_metrics table.
+- Speed up generation of commit stats by using Rugged native methods.
+
+### Added (26 changes, 8 of them are from the community)
+
+- Support new chat notifications parameters in Services API. !11435
+- Add online and status attribute to runner api entity. !11750
+- Adds ordering to projects contributors in API. !15469 (Jacopo Beschi @jacopo-beschi)
+- Add assets_sync gem to Gemfile. !15734
+- Add a gitlab:tcp_check rake task. !15759
+- add support for sorting in tags api. !15772 (haseebeqx)
+- Add Prometheus to available Cluster applications. !15895
+- Validate file status when commiting multiple files. !15922
+- List of avatars should never show +1. !15972 (Jacopo Beschi @jacopo-beschi)
+- Do not generate NPM links for private NPM modules in blob view. !16002 (Mario de la Ossa)
+- Backport fast database lookup of SSH authorized_keys from EE. !16014
+- Add i18n helpers to branch comparison view. !16031 (James Ramsay)
+- Add pause/resume button to project runners. !16032 (Mario de la Ossa)
+- Added option to user preferences to enable the multi file editor. !16056
+- Implement project jobs cache reset. !16067
+- Rendering of emoji's in Group-Overview. !16098 (Jacopo Beschi @jacopo-beschi)
+- Allow automatic creation of Kubernetes Integration from template. !16104
+- API: get participants from merge_requests & issues. !16187 (Brent Greeff)
+- Added option to disable commits stats in the commit endpoint. !16309
+- Disable creation of new Kubernetes Integrations unless they're active or created from template. !41054
+- Enable ordering of groups and their children by name.
+- Hide runner token in CI/CD settings page.
+- Allow user to rebase merge requests.
+- Handle GitLab hashed storage repositories using the repo import task.
+- Added badge to tree & blob views to indicate LFS tracked files.
+- Add button to run scheduled pipeline immediately.
+
+### Other (12 changes, 3 of them are from the community)
+
+- Adds the multi file editor as a new beta feature. !15430
+- Use relative URLs when linking to uploaded files. !15751
+- Add docs for why you might be signed out when using the Remember me token. !15756
+- Replace '.team << [user, role]' with 'add_role(user)' in specs. !16069 (@blackst0ne)
+- Add id to modal.vue to support data-toggle="modal". !16189
+- Update scss-lint to 0.56.0. !16278 (Takuya Noguchi)
+- Fix web ide user preferences copy and buttons. !41789
+- Update Browse file to Choose file in all occurences.
+- Import some code and functionality from gitlab-shell to improve subprocess handling.
+- Bump mysql2 gem version from 0.4.5 to 0.4.10. (asaparov)
+- Use a background migration for issues.closed_at.
+- Update redis-rack to 2.0.4.
+
+
 ## 10.3.5 (2018-01-18)
 
 - No changes.

app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_auto_merge_failed.js

-import eventHub from '../../event_hub';
-import statusIcon from '../mr_widget_status_icon';
-
-export default {
-  name: 'MRWidgetAutoMergeFailed',
-  props: {
-    mr: { type: Object, required: true },
-  },
-  data() {
-    return {
-      isRefreshing: false,
-    };
-  },
-  components: {
-    statusIcon,
-  },
-  methods: {
-    refreshWidget() {
-      this.isRefreshing = true;
-      eventHub.$emit('MRWidgetUpdateRequested', () => {
-        this.isRefreshing = false;
-      });
-    },
-  },
-  template: `
-    <div class="mr-widget-body media">
-      <status-icon status="warning" />
-      <div class="media-body space-children">
-        <span class="bold">
-          <template v-if="mr.mergeError">{{mr.mergeError}}.</template>
-          This merge request failed to be merged automatically
-        </span>
-        <button
-          @click="refreshWidget"
-          :disabled="isRefreshing"
-          type="button"
-          class="btn btn-xs btn-default">
-          <i
-            v-if="isRefreshing"
-            class="fa fa-spinner fa-spin"
-            aria-hidden="true" />
-          Refresh
-        </button>
-      </div>
-    </div>
-  `,
-};

app/assets/javascripts/vue_merge_request_widget/components/states/mr_widget_auto_merge_failed.vue

+<script>
+  import loadingIcon from '~/vue_shared/components/loading_icon.vue';
+  import eventHub from '../../event_hub';
+  import statusIcon from '../mr_widget_status_icon';
+
+  export default {
+    name: 'MRWidgetAutoMergeFailed',
+    components: {
+      statusIcon,
+      loadingIcon,
+    },
+    props: {
+      mr: {
+        type: Object,
+        required: true,
+      },
+    },
+    data() {
+      return {
+        isRefreshing: false,
+      };
+    },
+    methods: {
+      refreshWidget() {
+        this.isRefreshing = true;
+        eventHub.$emit('MRWidgetUpdateRequested', () => {
+          this.isRefreshing = false;
+        });
+      },
+    },
+  };
+</script>
+<template>
+  <div class="mr-widget-body media">
+    <status-icon status="warning" />
+    <div class="media-body space-children">
+      <span class="bold">
+        <template v-if="mr.mergeError">{{ mr.mergeError }}.</template>
+        {{ s__("mrWidget|This merge request failed to be merged automatically") }}
+      </span>
+      <button
+        @click="refreshWidget"
+        :disabled="isRefreshing"
+        type="button"
+        class="btn btn-xs btn-default"
+      >
+        <loading-icon v-if="isRefreshing" />
+        {{ s__("mrWidget|Refresh") }}
+      </button>
+    </div>
+  </div>
+</template>

app/assets/javascripts/vue_merge_request_widget/dependencies.js

@@ -33,7 +33,7 @@ export { default as PipelineBlockedState } from './components/states/mr_widget_p
 export { default as PipelineFailedState } from './components/states/mr_widget_pipeline_failed';
 export { default as MergeWhenPipelineSucceedsState } from './components/states/mr_widget_merge_when_pipeline_succeeds';
 export { default as RebaseState } from './components/states/mr_widget_rebase.vue';
-export { default as AutoMergeFailed } from './components/states/mr_widget_auto_merge_failed';
+export { default as AutoMergeFailed } from './components/states/mr_widget_auto_merge_failed.vue';
 export { default as CheckingState } from './components/states/mr_widget_checking';
 export { default as MRWidgetStore } from 'ee/vue_merge_request_widget/stores/mr_widget_store';
 export { default as MRWidgetService } from 'ee/vue_merge_request_widget/services/mr_widget_service';

app/models/repository.rb

@@ -1005,13 +1005,27 @@ class Repository
     add_remote(remote_name, url, mirror_refmap: refmap)
     fetch_remote(remote_name, forced: forced)
   ensure
-    remove_remote(remote_name) if tmp_remote_name
+    async_remove_remote(remote_name) if tmp_remote_name
   end
 
   def fetch_remote(remote, forced: false, ssh_auth: nil, no_tags: false)
     gitlab_shell.fetch_remote(raw_repository, remote, ssh_auth: ssh_auth, forced: forced, no_tags: no_tags)
   end
 
+  def async_remove_remote(remote_name)
+    return unless remote_name
+
+    job_id = RepositoryRemoveRemoteWorker.perform_async(project.id, remote_name)
+
+    if job_id
+      Rails.logger.info("Remove remote job scheduled for #{project.id} with remote name: #{remote_name} job ID #{job_id}.")
+    else
+      Rails.logger.info("Remove remote job failed to create for #{project.id} with remote name #{remote_name}.")
+    end
+
+    job_id
+  end
+
   def fetch_source_branch!(source_repository, source_branch, local_ref)
     raw_repository.fetch_source_branch!(source_repository.raw_repository, source_branch, local_ref)
   end

app/workers/all_queues.yml

@@ -93,6 +93,7 @@
 - rebase
 - repository_fork
 - repository_import
+- repository_remove_remote
 - storage_migrator
 - system_hook_push
 - update_merge_requests

app/workers/repository_remove_remote_worker.rb

+class RepositoryRemoveRemoteWorker
+  include ApplicationWorker
+  include ExclusiveLeaseGuard
+
+  LEASE_TIMEOUT = 1.hour
+
+  attr_reader :project, :remote_name
+
+  def perform(project_id, remote_name)
+    @remote_name = remote_name
+    @project = Project.find_by_id(project_id)
+
+    return unless @project
+
+    logger.info("Removing remote #{remote_name} from project #{project.id}")
+
+    try_obtain_lease do
+      remove_remote = @project.repository.remove_remote(remote_name)
+
+      if remove_remote
+        logger.info("Remote #{remote_name} was successfully removed from project #{project.id}")
+      else
+        logger.error("Could not remove remote #{remote_name} from project #{project.id}")
+      end
+    end
+  end
+
+  def lease_timeout
+    LEASE_TIMEOUT
+  end
+
+  def lease_key
+    "remove_remote_#{project.id}_#{remote_name}"
+  end
+end

changelogs/unreleased-ee/3501-fix-rebase-in-ie.yml

----
-title: Fix Merge Rquest widget rebase action in Internet Explorer
-merge_request: 3732
-author:
-type: fixed

changelogs/unreleased-ee/3841-fix-export-to-csv.yml

----
-title: Fix export to CSV if a filter with multiple labels is used
-merge_request:
-author:
-type: fixed

changelogs/unreleased-ee/3973-reset-pipeline-minutes-pipeline-quota-in-the-admin-ui.yml

----
-title: Add reset pipeline minutes button to admin overview of groups and users
-merge_request: 3656
-author:
-type: added

changelogs/unreleased-ee/39734-fix-protected-refs-roles.yml

----
-title: Prevent adding same role multiple times on repeated clicks
-merge_request: 3700
-author:
-type: fixed

changelogs/unreleased-ee/4048-sidekiq-cron-geo-2.yml

----
-title: Allow sidekiq to react to becoming a Geo primary or secondary without a restart
-merge_request: 3878
-author:
-type: changed

changelogs/unreleased-ee/4070-geo-caching-issue-count.yml

----
-title: Issue count now refreshes quicker on geo secondary
-merge_request: 3639
-author:
-type: fixed

changelogs/unreleased-ee/4078-fix-deleting-existing-branches-with-push-rule-config.yml

----
-title: Fix a bug where branch could not be delete due to a push rule config
-merge_request: 3900
-author:
-type: fixed

changelogs/unreleased-ee/4090-authorized-keys-check.yml

----
-title: 'Geo: Added Authorized Keys specific checks'
-merge_request: 3728
-author:
-type: added

changelogs/unreleased-ee/tc-geo-ux-polish.yml → changelogs/unreleased-ee/4099-remote-removal-port-to-background-job.yml

 ---
-title: Geo UI polish
+title: Ports remote removal to a background job
 merge_request:
 author:
 type: changed

changelogs/unreleased-ee/4133-icons-for-approvals-remaining-and-approvals-met.yml

----
-title: Change MR widget failed icons to warning icons
-merge_request: 3669
-author:
-type: changed

changelogs/unreleased-ee/4225-epic-api.yml

----
-title: Add API for epics
-merge_request:
-author:
-type: added

changelogs/unreleased-ee/4249-show-results-from-docker-image-scan-in-the-merge-request-widget.yml

----
-title: Show results from docker image scan in the merge request widget
-merge_request: 3672
-author:
-type: added

changelogs/unreleased-ee/4250-api-epic-issues.yml

----
-title: Add api for epic_issue associations
-merge_request:
-author:
-type: added

changelogs/unreleased-ee/4268-geo-admin-page.yml

----
-title: Geo admin screen enhancements
-merge_request: 3902
-author:
-type: changed

changelogs/unreleased-ee/4304-fix-successful-rebase.yml

----
-title: Fix successful rebase throwing flash error message
-merge_request: 3727
-author:
-type: fixed

changelogs/unreleased-ee/4348-show-dast-results-in-the-mr-widget.yml

----
-title: Show results from DAST scan in the merge request widget
-merge_request: 3885
-author:
-type: added

changelogs/unreleased-ee/4378-fix-cluster-js-not-running-on-update-page.yml

----
-title: Fix JavaScript bundle running on Cluster update/destroy pages
-merge_request: 4112
-author:
-type: fixed

changelogs/unreleased-ee/4414-add-wiki-total-synced-failed-to-prometheus-metrics.yml

----
-title: Add missing wiki counts to prometheus metrics
-merge_request: 3875
-author:
-type: fixed

changelogs/unreleased-ee/4491-geo-fdw-optimise-queries.yml

----
-title: Use the fastest available method for various Geo status counts
-merge_request: 4024
-author:
-type: fixed

changelogs/unreleased-ee/4511-handle-node-error-gracefully.yml

----
-title: Handle node details load failure gracefully on UI
-merge_request: 3992
-author:
-type: fixed

changelogs/unreleased-ee/4582-fix-incorrect-neutral-count.yml

----
-title: Fix neutralCount computation to prevent negative values
-merge_request: 4044
-author:
-type: fixed

changelogs/unreleased-ee/4587-fix-epic-issues-reordering.yml

----
-title: Fix reordering of items when moved to top or bottom
-merge_request: 4050
-author:
-type: fixed

changelogs/unreleased-ee/4596-fix-geo-repositoriescleanupworker-to-work-with-hashed-storage.yml

----
-title: Geo - Fix repository clean up when selective replication changes with hashed storage enabled
-merge_request: 4059
-author:
-type: fixed

changelogs/unreleased-ee/aws-es-connect-when-needed.yml

----
-title: Stop authorization attempts with instance profile when static credentials are
-  provided for AWS Elasticsearch
-merge_request:
-author:
-type: fixed

changelogs/unreleased-ee/da-fix-geo-file-registry-queries.yml

----
-title: Geo - Fix difference in FDW / non-FDW queries for Geo::FileRegistry queries
-merge_request: 3714
-author:
-type: fixed

changelogs/unreleased-ee/da-geo-fix-user-avatar-being-user-from-primary-node.yml

----
-title: Geo - Use relative path for avatar images on a secondary node
-merge_request: 3857
-author:
-type: fixed

changelogs/unreleased-ee/ee-issue_3413.yml

----
-title: Add group boards API endpoint
-merge_request:
-author:
-type: added

changelogs/unreleased-ee/feature-geo-split-fail-repos.yml

----
-title: Split project repository and wiki repository status in Geo node status
-merge_request: 3560
-author:
-type: added

changelogs/unreleased-ee/fix_ldap_external_on_login.yml

----
-title: Fix LDAP external user/group bug on first sign in
-merge_request:
-author:
-type: security

changelogs/unreleased-ee/jramsay-4399-clarify-dr-docs.yml

----
-title: Update disaster recovery documentation with detailed steps
-merge_request: 3845
-author:
-type: other

changelogs/unreleased-ee/jramsay-4481-move-gitlab-geo-check-after-database-replication.yml

----
-title: Move geo status check after db replication to avoid anticipated failures
-merge_request: 3941
-author:
-type: other

changelogs/unreleased-ee/jramsay-fix-alignment-geo-docs.yml

----
-title: Fix broken alignment of database password in geo docs
-merge_request: 3939
-author:
-type: other

changelogs/unreleased-ee/jramsay4480-remove-ntp-check-from-geo-docs.yml

----
-title: Remove unnecessary NTP checks now included in gitlab:geo:check
-merge_request: 3940
-author:
-type: other

changelogs/unreleased-ee/mk-add-geo-support-for-artifacts.yml

----
-title: Add Geo support for CI job artifacts
-merge_request: 3935
-author:
-type: added

changelogs/unreleased-ee/mk-fix-fast-ssh-key-lookup-links.yml

----
-title: Fix a few doc links to fast ssh key lookup
-merge_request: 3937
-author:
-type: fixed

changelogs/unreleased-ee/osw-10-3-security-milestone-data-exposure.yml

----
-title: Deny persisting milestones from outside project/group scope on boards
-merge_request:
-author:
-type: security

changelogs/unreleased-ee/osw-more-reliable-scoped-issue-board-specs.yml

----
-title: Make scoped issue board specs more reliable
-merge_request:
-author:
-type: other

changelogs/unreleased-ee/patch-5.yml

----
-title: Adjust content width for User Settings, Pipeline quota
-merge_request: 3895
-author: George Tsiolis
-type: fixed

changelogs/unreleased-ee/reorder-issues-epic.yml

----
-title: Add support for reordering issues in epics
-merge_request:
-author:
-type: added

changelogs/unreleased-ee/sh-api-shard-config.yml

----
-title: Check if shard configuration is same across Geo nodes
-merge_request:
-author:
-type: added

changelogs/unreleased-ee/show-correct-edition-for-ee-free.yml

----
-title: Record EE instances without a license correctly in usage ping
-merge_request:
-author:
-type: fixed

changelogs/unreleased-ee/tc-geo-backend-vue-admin.yml

----
-title: Add some extra fields to Geo API node and status
-merge_request: 3858
-author:
-type: added

changelogs/unreleased-ee/tc-geo-fdw-configurable.yml

----
-title: Make it possible to enable/disable PostgreSQL FDW for Geo
-merge_request: 4020
-author:
-type: added

changelogs/unreleased-ee/tc-geo-ntp-time-error.yml

----
-title: More descriptive error when clocks between Geo nodes are out of sync
-merge_request: 3860
-author:
-type: changed

changelogs/unreleased-ee/tc-geo-object-storage-docs.yml

----
-title: Document GitLab Geo with Object Storage
-merge_request: 3760
-author:
-type: other

changelogs/unreleased-ee/tc-geo-set_primary_node-success.yml

----
-title: Show clear message when set-geo-primary-node was successful
-merge_request: 3768
-author:
-type: changed

changelogs/unreleased/13695-order-contributors-in-api.yml

----
-title: Adds ordering to projects contributors in API
-merge_request: 15469
-author: Jacopo Beschi @jacopo-beschi
-type: added

changelogs/unreleased/15832-fix-access-level-update-for-requesters.yml

----
-title: Fix error that was preventing users to change the access level of access requests for Groups or Projects
-merge_request: 15832
-author:
-type: fixed

changelogs/unreleased/15922-validate-file-status-when-commiting-multiple-files.yml

----
-title: 'Validate file status when commiting multiple files'
-merge_request: 15922
-author:
-type: added

changelogs/unreleased/15955-improve-search-query.yml

----
-title: Improve search query for merge requests.
-merge_request:
-author:
-type: performance

changelogs/unreleased/16036-ignore-lost-found-folder-during-backup-on-a-volume.yml

----
-title: "Ignore lost+found folder during backup on a volume"
-merge_request: 16036
-author: Julien Millau
-type: fixed
\ No newline at end of file

changelogs/unreleased/16117-improve-search-for-issues.yml

----
-title: Improve search query for issues.
-merge_request:
-author:
-type: performance

changelogs/unreleased/20035-pause-resume-runners.yml

----
-title: Add pause/resume button to project runners
-merge_request: 16032
-author: Mario de la Ossa
-type: added

changelogs/unreleased/24347-dont-post-system-note-when-branch-creation-fails.yml

----
-title: Fix when branch creation fails don't post system note
-merge_request:
-author: Mateusz Bajorski
-type: fixed

changelogs/unreleased/25317-prioritize-author-date-over-commit.yml

----
-title: Show authored date rather than committed date on the commit list
-merge_request:
-author:
-type: fixed

changelogs/unreleased/28004-consider-refactoring-member-view-by-using-presenter.yml

----
-title: Refactor member view using a Presenter
-merge_request: 9645
-author: TM Lee

changelogs/unreleased/31995-project-limit-default-fix.yml

----
-title: User#projects_limit remove DB default and added NOT NULL constraint
-merge_request: 16165
-author: Mario de la Ossa
-type: fixed

changelogs/unreleased/32364-updating-slack-notification-not-working-by-api.yml

----
-title: Support new chat notifications parameters in Services API
-merge_request: 11435
-author:
-type: added

changelogs/unreleased/33028-event-tag-links.yml

----
-title: Fix tags in the Activity tab not being clickable
-merge_request: 15996
-author: Mario de la Ossa
-type: fixed

changelogs/unreleased/33609-hide-pagination.yml

----
-title: Disable Vue pagination when only one page of content is available
-merge_request: 15999
-author: Mario de la Ossa
-type: fixed

changelogs/unreleased/33926-update-issuable-icons.yml

----
-title: Update issuable status icons
-merge_request: 15898
-author:
-type: changed

changelogs/unreleased/34534-switch-to-axios.yml

----
-title: Fix some POST/DELETE requests in IE by switching some bundles to Axios for Ajax requests
-merge_request: 15951
-author:
-type: fixed

changelogs/unreleased/36020-private-npm-modules.yml

----
-title: Do not generate NPM links for private NPM modules in blob view
-merge_request: 16002
-author: Mario de la Ossa
-type: added

changelogs/unreleased/36669-default-mr-title-with-external-issues.yml

----
-title: Default merge request title is set correctly again when external issue tracker is activated
-merge_request: 16356
-author: Ben305
-type: fixed

changelogs/unreleased/36782-replace-team-user-role-with-add_role-user-in-specs.yml

----
-title: Replace '.team << [user, role]' with 'add_role(user)' in specs
-merge_request: 16069
-author: "@blackst0ne"
-type: other

changelogs/unreleased/36958-enable-ordering-projects-subgroups-by-name.yml

----
-title: Enable ordering of groups and their children by name
-merge_request:
-author:
-type: added

changelogs/unreleased/37843-ci-trace-ansi-colours-256-bold-have-no-css-due-wrongly-ansi2html-light-color-variant-conversion-feature.yml

----
-title: Fix ANSI 256 bold colors in pipelines job output
-merge_request:
-author:
-type: fixed

changelogs/unreleased/38019-hide-runner-token.yml

----
-title: Hide runner token in CI/CD settings page
-merge_request:
-author:
-type: added

changelogs/unreleased/38030-add-graph-value-to-hover.yml

----
-title: Display graph values on hover within monitoring page
-merge_request: 16261
-author:
-type: changed

changelogs/unreleased/38145_ux_issues_in_system_info_page.yml

----
-title: Fixes the wording of headers in system info page
-merge_request: 15802
-author: Gilbert Roulot
-type: fixed

changelogs/unreleased/38239-update-toggle-design.yml

----
-title: Update feature toggle design to use icons and make it i18n friendly
-merge_request: 15904
-author:
-type: changed

changelogs/unreleased/38318-search-merge-requests-with-api.yml

----
-title: Add optional search param for Merge Requests API
-merge_request:
-author:
-type: fixed

changelogs/unreleased/38541-cancel-alignment.yml

----
-title: fix button alignment on MWPS component
-merge_request:
-author:
-type: fixed

changelogs/unreleased/38596-fix-backspace-visual-token-clearing.yml

----
-title: Clears visual token on second backspace
-merge_request:
-author: Martin Wortschack
-type: fixed

changelogs/unreleased/38893-banzai-upload-filter-relative-urls.yml

----
-title: Use relative URLs when linking to uploaded files
-merge_request: 15751
-author:
-type: other

changelogs/unreleased/39246-fork-and-import-jobs-should-only-be-marked-as-failed-when-the-number-of-retries-was-exhausted.yml

----
-title: Only mark import and fork jobs as failed once all Sidekiq retries get exhausted
-merge_request: 15844
-author:
-type: changed

changelogs/unreleased/39298-list-of-avatars-2.yml

----
-title: List of avatars should never show +1
-merge_request: 15972
-author: Jacopo Beschi @jacopo-beschi
-type: added

changelogs/unreleased/39608-comment-on-image-discussions-tab-alignment.yml

----
-title: Update comment on image cursor and icons
-merge_request: 15760
-author:
-type: fixed

changelogs/unreleased/3968-protected-branch-is-not-set-for-default-branch-on-import.yml

----
-title: Protected branch is now created for default branch on import
-merge_request: 16198
-author:
-type: fixed

changelogs/unreleased/39957-redirect-to-gpc-page-if-users-try-to-create-a-cluster-but-the-account-is-not-enabled.yml

----
-title: Implement checking GCP project billing status in cluster creation form.
-merge_request: 15665
-author:
-type: changed

changelogs/unreleased/40031-include-assset_sync-gem.yml

----
-title: Add assets_sync gem to Gemfile
-merge_request: 15734
-author:
-type: added

changelogs/unreleased/40040-decouple-multi-file-editor-from-file-list.yml

----
-title: Adds the multi file editor as a new beta feature
-merge_request: 15430
-author: 
-type: feature

changelogs/unreleased/40063-markdown-editor-improvements.yml

----
-title: Hide markdown toolbar in preview mode
-merge_request:
-author:
-type: changed

changelogs/unreleased/40190-fix-slash-commands-dropdown-description-mis-alignement-on-firefox.yml

----
-title: "Fix slash commands dropdown description mis-alignment on Firefox"
-merge_request: 16125
-author: Maurizio De Santis
-type: fixed

changelogs/unreleased/40228-verify-integrity-of-repositories.yml

----
-title: Fix gitlab-rake gitlab:import:repos import schedule
-merge_request: 15931
-author:
-type: fixed

changelogs/unreleased/40274-user-settings-breadcrumbs.yml

----
-title: Fix breadcrumbs in User Settings
-merge_request: 16172
-author: rfwatson
-type: fixed

changelogs/unreleased/40301-rebase.yml

----
-title: Allow user to rebase merge requests.
-merge_request:
-author:
-type: added

changelogs/unreleased/40418-migrate-existing-data-from-kubernetesservice-to-clusters-platforms-kubernetes.yml

----
-title: Migrate existing data from KubernetesService to Clusters::Platforms::Kubernetes
-merge_request: 15589
-author:
-type: changed

changelogs/unreleased/40453-fix-api-endpoints-to-edit-wiki-pages-where-project-belongs-to-a-group.yml

----
-title: Fix API endpoints to edit wiki pages where project belongs to a group
-merge_request: 16170
-author:
-type: fixed

changelogs/unreleased/40509_sorting_tags_api.yml

----
-title: add support for sorting in tags api
-merge_request: 15772
-author: haseebeqx
-type: added

changelogs/unreleased/40533-groups-tree-updates.yml

----
-title: Update groups tree to use GitLab SVG icons, add last updated at information
-  for projects
-merge_request: 15980
-author:
-type: changed

changelogs/unreleased/40549-render-emoj-in-groups-overview.yml

----
-title: Rendering of emoji's in Group-Overview
-merge_request: 16098
-author: Jacopo Beschi @jacopo-beschi
-type: added

changelogs/unreleased/40622-use-left-right-and-max-count.yml

----
-title: Improve the performance for counting diverging commits. Show 999+
-  if it is more than 1000 commits
-merge_request: 15963
-author:
-type: performance

changelogs/unreleased/40780-choose-file.yml

----
-title: Update Browse file to Choose file in all occurences
-merge_request:
-author:
-type: other

changelogs/unreleased/40871-todo-notification-count-shows-notification-without-having-a-todo.yml

----
-title: Reset todo counters when the target is deleted
-merge_request: 15807
-author:
-type: fixed

changelogs/unreleased/40895-fix-frequent-projects-stale-path.yml

----
-title: Use relative URL for projects to avoid storing domains
-merge_request: 15876
-author:
-type: fixed

changelogs/unreleased/41016-import-gitlab-shell-projects.yml

----
-title: Import some code and functionality from gitlab-shell to improve subprocess
-  handling
-merge_request:
-author:
-type: other

changelogs/unreleased/41053-extend-cluster-applications-to-allow-install-to-prometheus.yml

----
-title: Add Prometheus to available Cluster applications
-merge_request: 15895
-author:
-type: added

changelogs/unreleased/41054-disable-creation-of-new-kubernetes-integrations.yml

----
-title: Disable creation of new Kubernetes Integrations unless they're active or created
-  from template
-merge_request: 41054
-author:
-type: added

changelogs/unreleased/41056-create-cluster-from-kubernetes-integration-application-template.yml

----
-title: Allow automatic creation of Kubernetes Integration from template
-merge_request: 16104
-author:
-type: added

changelogs/unreleased/41244-issue-board-shortcut-working-while-no-issues.yml

----
-title: disables shortcut to issue boards when issues are not enabled
-merge_request: 16020
-author: Christiaan Van den Poel
-type: fixed

changelogs/unreleased/41249-clearing-the-cache.yml

----
-title: Implement project jobs cache reset
-merge_request: 16067
-author:
-type: added

changelogs/unreleased/41268-bump-ruby-to-2-3-6.yml

----
-title: Upgrade Ruby to 2.3.6 to include security patches
-merge_request: 16016
-author:
-type: security

changelogs/unreleased/41424-gitlab-rake-gitlab-import-repos-schedules-an-import.yml

----
-title: Fix gitlab-rake gitlab:import:repos import schedule
-merge_request: 16115
-author:
-type: fixed

changelogs/unreleased/41468-error-500-trying-to-view-a-merge-request-json-undefined-method-binary-for-nil-nilclass.yml

----
-title: Fix viewing merge request diffs where the underlying blobs are unavailable
-merge_request:
-author:
-type: fixed

changelogs/unreleased/41491-fix-nil-blob-name-error.yml

----
-title: Fix 500 error when visiting a commit where the blobs do not exist
-merge_request:
-author:
-type: fixed

changelogs/unreleased/41727-target-branch-name.yml

----
-title: Set target_branch to the ref branch when creating MR from issue
-merge_request:
-author:
-type: fixed

changelogs/unreleased/41754-update-scss-lint-to-0-56-0.yml

----
-title: Update scss-lint to 0.56.0
-merge_request: 16278
-author: Takuya Noguchi
-type: other

changelogs/unreleased/41789-fix-up-web-ide-user-preference-copy-and-buttons.yml

----
-title: Fix web ide user preferences copy and buttons
-merge_request: 41789
-author:
-type: other

changelogs/unreleased/41874-closed-todo.yml

----
-title: Fix closed text for issues on Todos page
-merge_request:
-author:
-type: fixed

changelogs/unreleased/41882-respect-only-path-in-relative-link-filter.yml

----
-title: Ensure that emails contain absolute, rather than relative, links to user uploads
-merge_request: 16364
-author:
-type: fixed

changelogs/unreleased/42025-fix-issue-api.yml

----
-title: "[API] Fix creating issue when assignee_id is empty"
-merge_request:
-author:
-type: fixed

changelogs/unreleased/42031-fix-links-to-uploads-in-wikis.yml

----
-title: Fix links to uploaded files on wiki pages
-merge_request: 16499
-author:
-type: fixed

changelogs/unreleased/42046-fork-icon.yml

----
-title: Fix giant fork icons on forks page
-merge_request: 16474
-author:
-type: fixed

changelogs/unreleased/ac-autodevopfix-kubectl-version.yml

----
-title: Force Auto DevOps kubectl version to 1.8.6
-merge_request: 16218
-author:
-type: fixed

changelogs/unreleased/add-tcp-check-rake-task.yml

----
-title: Add a gitlab:tcp_check rake task
-merge_request: 15759
-author:
-type: added

changelogs/unreleased/anchor-issue-references.yml

----
-title: Fix false positive issue references in merge requests caused by header anchor
-  links.
-merge_request:
-author:
-type: fixed

changelogs/unreleased/api-domains-expose-project_id.yml

----
-title: Expose project_id on /api/v4/pages/domains
-merge_request: 16200
-author: Luc Didry
-type: changed

changelogs/unreleased/api-no-service-pw-output.yml

----
-title: Filter out sensitive fields from the project services API
-merge_request:
-author: Robert Schilling
-type: security

changelogs/unreleased/bump_mysql_gem.yml

----
-title: Bump mysql2 gem version from 0.4.5 to 0.4.10
-merge_request:
-author: asaparov
-type: other

changelogs/unreleased/bvl-fork-public-project-to-private-namespace.yml

----
-title: Allow forking a public project to a private group
-merge_request: 16050
-author:
-type: changed

changelogs/unreleased/change-issues-closed-at-background-migration.yml

----
-title: Use a background migration for issues.closed_at
-merge_request:
-author:
-type: other

changelogs/unreleased/changes-dropdown-ellipsis.yml

----
-title: Fixed chanages dropdown ellipsis positioning
-merge_request:
-author:
-type: fixed

changelogs/unreleased/conditionally-eager-load-event-target-authors.yml

----
-title: Eager load event target authors whenever possible
-merge_request:
-author:
-type: performance

changelogs/unreleased/da-handle-hashed-storage-repos-using-repo-import-task.yml

----
-title: Handle GitLab hashed storage repositories using the repo import task
-merge_request:
-author:
-type: added

changelogs/unreleased/delay-background-migrations.yml

----
-title: Run background migrations with a minimum interval
-merge_request:
-author:
-type: changed

changelogs/unreleased/disable-pages-on-jobs.yml

----
-title: Use simple Next/Prev paging for jobs to avoid large count queries on arbitrarily
-  large sets of historical jobs
-merge_request:
-author:
-type: performance

changelogs/unreleased/dm-diff-note-for-line-performance.yml

----
-title: Improve performance of MR discussions on large diffs
-merge_request:
-author:
-type: performance

changelogs/unreleased/docs-add-why-do-i-get-signed-out-authentication-section.yml

----
-title: Add docs for why you might be signed out when using the Remember me token
-merge_request: 15756
-author:
-type: other

changelogs/unreleased/feature-40842-provide-oracles-webgate-cookies-to-jira-requests.yml

----
-title: Provide additional cookies to JIRA service requests to allow Oracle WebGates
-  Basic Auth
-merge_request:
-author: Stanislaw Wozniak
-type: changed

changelogs/unreleased/feature-api_runners_online.yml

----
-title: Add online and status attribute to runner api entity
-merge_request: 11750
-author:
-type: added

changelogs/unreleased/fix-abuse-reports-link-url.yml

----
-title: Fix abuse reports link url in admin area navbar
-merge_request: 16068
-author: megos
-type: fixed

changelogs/unreleased/fix-activity-inline-event-line-height.yml

----
-title: Fix activity inline event line height on mobile
-merge_request: 16121
-author: George Tsiolis
-type: fixed

changelogs/unreleased/fix-create-mr-from-issue-with-template.yml

----
-title: Execute quick actions (if present) when creating MR from issue
-merge_request: 15810
-author:
-type: fixed

changelogs/unreleased/fix-docs-help-shortcut.yml

----
-title: Fix shortcut links on help page
-merge_request:
-author:
-type: fixed

changelogs/unreleased/fix-gb-fix-import-export-restoring-associations.yml

----
-title: Fix missing references to pipeline objects when restoring project with import/export
-  feature
-merge_request: 16221
-author:
-type: fixed

changelogs/unreleased/fix-import-rce.yml

----
-title: Fix RCE via project import mechanism
-merge_request:
-author:
-type: security

changelogs/unreleased/fix-last-push-event-widget-layout.yml

----
-title: Last push event widget width for fixed layout
-merge_request: 15862
-author: George Tsiolis
-type: fixed

changelogs/unreleased/fix-move-2fa-disable-button.yml

----
-title: Move 2FA disable button
-merge_request: 16177
-author: George Tsiolis
-type: fixed

changelogs/unreleased/fix-onion-skin-reenter.yml

----
-title: Fix onion-skin re-entering state
-merge_request:
-author:
-type: fixed

changelogs/unreleased/fix-profile-settings-content-width.yml

----
-title: Adjust content width for User Settings, GPG Keys
-merge_request: 16093
-author: George Tsiolis
-type: fixed

changelogs/unreleased/fix-profile-settings-sidebar-heading.yml

----
-title: Keep typographic hierarchy in User Settings
-merge_request: 16090
-author: George Tsiolis
-type: fixed

changelogs/unreleased/fix-remove-unnecessary-sidebar-element-alignment.yml

----
-title: Remove unnecessary sidebar element realignment
-merge_request: 16159
-author: George Tsiolis
-type: fixed

changelogs/unreleased/fix_build_count_in_pipeline_success_maild.yml

----
-title: fix build count in pipeline success mail
-merge_request: 15827
-author: Christiaan Van den Poel
-type: fixed

changelogs/unreleased/fj-40053-error-500-members-list.yml

----
-title: Fixing error 500 when member exist but not the user
-merge_request: 15970
-author:
-type: fixed

changelogs/unreleased/fj-40279-normalize-ldap-dn-api.yml

----
-title: Normalizing Identity extern_uid when saving the record
-merge_request:
-author:
-type: fixed

changelogs/unreleased/fj-41477-fix-bug-wiki-last-version.yml

----
-title: Fixing bug when wiki last version
-merge_request: 16197
-author:
-type: fixed

changelogs/unreleased/fj-41598-fixing-request-mime-type.yml

----
-title: Fixing rack request mime type when using rack attack
-merge_request: 16427
-author:
-type: fixed

changelogs/unreleased/fj-41681-add-param-disable-commit-stats-api.yml

----
-title: Added option to disable commits stats in the commit endpoint
-merge_request: 16309
-author:
-type: added

changelogs/unreleased/index-namespaces-lower-name.yml

----
-title: Add index on namespaces lower(name) for UsersController#exists
-merge_request:
-author:
-type: performance

changelogs/unreleased/issue-description-field-typo.yml

----
-title: Fixed typo for issue description field declaration
-merge_request:
-author: Marcus Amargi
-type: fixed

changelogs/unreleased/issue_40500.yml

----
-title: Fix timeout when filtering issues by label
-merge_request:
-author:
-type: performance

changelogs/unreleased/issues-40986-get-participants-from-issues-mr-api.yml

----
-title: 'API: get participants from merge_requests & issues'
-merge_request: 16187
-author: Brent Greeff
-type: added

changelogs/unreleased/jej-backport-authorized-keys-to-ce.yml

----
-title: Backport fast database lookup of SSH authorized_keys from EE
-merge_request: 16014
-author:
-type: added

changelogs/unreleased/jej-fix-disabled-oauth-access.yml

----
-title: Prevent OAuth login POST requests when a provider has been disabled
-merge_request:
-author:
-type: security

changelogs/unreleased/jej-lfs-rev-list-handles-non-utf-paths-41627.yml

----
-title: Prevent RevList failing on non utf8 paths
-merge_request: 16440
-author:
-type: fixed

changelogs/unreleased/jivl-activate-repo-cookie-preferences.yml

----
-title: Added option to user preferences to enable the multi file editor
-merge_request: 16056
-author:
-type: added

changelogs/unreleased/jivl-fix-import-project-url-bug.yml

----
-title: Fix import project url not updating project name
-merge_request: 16120
-author:
-type: fixed

changelogs/unreleased/jramsay-4012-i18n-compare.yml

----
-title: Add i18n helpers to branch comparison view
-merge_request: 16031
-author: James Ramsay
-type: added

changelogs/unreleased/jramsay-41590-add-readme-case.yml

----
-title: Fix inconsistent downcase of filenames in prefilled `Add` commit messages
-merge_request: 16232
-author: James Ramsay
-type: fixed

changelogs/unreleased/ldap_username_attributes.yml

----
-title: Modify `LDAP::Person` to return username value based on attributes
-merge_request:
-author:
-type: fixed

changelogs/unreleased/lfs-badge.yml

----
-title: Added badge to tree & blob views to indicate LFS tracked files
-merge_request:
-author:
-type: added

changelogs/unreleased/milestones-finder-order-fix.yml

----
-title: Prevent a SQL injection in the MilestonesFinder
-merge_request:
-author:
-type: security

changelogs/unreleased/mk-fix-permanent-redirect-validation.yml

----
-title: Prevent invalid Route path if path is unchanged
-merge_request: 16397
-author:
-type: fixed

changelogs/unreleased/mk-no-op-delete-conflicting-redirects.yml

----
-title: Prevent excessive DB load due to faulty DeleteConflictingRedirectRoutes background
-  migration
-merge_request: 16205
-author:
-type: fixed

changelogs/unreleased/mr-status-box-update.yml

----
-title: Fixed merge request status badge not updating after merging
-merge_request:
-author:
-type: fixed

changelogs/unreleased/multiple-clusters-single-list.yml

----
-title: Present multiple clusters in a single list instead of a tabbed view
-merge_request: 15669
-author:
-type: changed

changelogs/unreleased/optimize-issues-avoid-noop-empty-cache-updates2.yml

----
-title: Treat empty markdown and html strings as valid cached text, not missing cache
-  that needs to be updated
-merge_request:
-author:
-type: performance

changelogs/unreleased/osw-introduce-merge-request-statistics.yml

----
-title: Cache merged and closed events data in merge_request_metrics table
-merge_request:
-author:
-type: performance

changelogs/unreleased/projectfix.yml

----
-title: Check user authorization for source and target projects when creating a merge
-  request.
-merge_request:
-author:
-type: security

changelogs/unreleased/remove-incorrect-guidance.yml

----
-title: Removed incorrect guidance stating blocked users will be removed from groups
-  and project as members
-merge_request: 15947
-author: CesarApodaca
-type: fixed

changelogs/unreleased/remove-links-mr-empty-state.yml

----
-title: Remove related links in MR widget when empty state
-merge_request:
-author:
-type: fixed

changelogs/unreleased/remove-soft-removals.yml

----
-title: Remove soft removals related code
-merge_request: 15789
-author:
-type: changed

changelogs/unreleased/remove-tabindexes-from-tag-form.yml

----
-title: removed tabindexes from tag form
-merge_request:
-author: Marcus Amargi
-type: changed

changelogs/unreleased/security-10-3.yml

----
-title: Fix path traversal in gitlab-ci.yml cache:key
-merge_request:
-author:
-type: security

changelogs/unreleased/sh-add-schedule-pipeline-run-now.yml

----
-title: Add button to run scheduled pipeline immediately
-merge_request:
-author:
-type: added

changelogs/unreleased/sh-catch-invalid-uri-markdown.yml

----
-title: Gracefully handle garbled URIs in Markdown
-merge_request:
-author:
-type: fixed

changelogs/unreleased/sh-fix-bare-import-hooks.yml

----
-title: Fix hooks not being set up properly for bare import Rake task
-merge_request:
-author:
-type: fixed

changelogs/unreleased/sh-fix-mermaid-start-on-load-typo.yml

----
-title: Fix Mermaid drawings not loading on some browsers
-merge_request:
-author:
-type: fixed

changelogs/unreleased/sh-make-kib-human.yml

----
-title: Humanize the units of "Showing last X KiB of log" in job trace
-merge_request:
-author:
-type: fixed

changelogs/unreleased/sh-migrate-can-push-to-deploy-keys-projects.yml

----
-title: Fix writable shared deploy keys
-merge_request:
-author:
-type: security

changelogs/unreleased/sh-optimize-commit-stats.yml

----
-title: Speed up generation of commit stats by using Rugged native methods
-merge_request:
-author:
-type: performance

changelogs/unreleased/sh-validate-path-project-import.yml

----
-title: Avoid leaving a push event empty if payload cannot be created
-merge_request:
-author:
-type: fixed

changelogs/unreleased/show-inline-edit-btn.yml

----
-title: Move edit button to second row on issue page (and change it to a pencil icon)
-merge_request:
-author:
-type: changed

changelogs/unreleased/show_proper_labels_in_board_issue_sidebar_when_issue_is_closed.yml

----
-title: show None when issue is in closed list and no labels assigned
-merge_request: 15976
-author: Christiaan Van den Poel
-type: fixed

changelogs/unreleased/sophie-h-gitlab-ce-patch-15.yml

----
-title: Hide link to issues/MRs from labels list if issues/MRs are disabled.
-merge_request: 15863
-author: Sophie Herold
-type: fixed

changelogs/unreleased/tc-correct-email-in-reply-to.yml

----
-title: Make mail notifications of discussion notes In-Reply-To of each other
-merge_request: 14289
-author:
-type: changed

changelogs/unreleased/update-redis-rack.yml

----
-title: Update redis-rack to 2.0.4
-merge_request:
-author:
-type: other

changelogs/unreleased/winh-modal-target-id.yml

----
-title: Add id to modal.vue to support data-toggle="modal"
-merge_request: 16189
-author:
-type: other

changelogs/unreleased/winh-translate-contributors-page-dates.yml

----
-title: Translate date ranges on contributors page
-merge_request: 15846
-author:
-type: changed

changelogs/unreleased/zj-empty-repo-importer.yml

----
-title: Fix GitHub importer using removed interface
-merge_request:
-author:
-type: fixed

config/application.rb

@@ -118,6 +118,12 @@ module Gitlab
     # Support legacy unicode file named img emojis, `1F939.png`
     config.assets.paths << Gemojione.images_path
     config.assets.paths << "vendor/assets/fonts"
+
+    # EE specific paths.
+    config.assets.paths << "ee/app/assets/images"
+    config.assets.paths << "ee/app/assets/javascripts"
+    config.assets.paths << "ee/app/assets/stylesheets"
+
     config.assets.precompile << "*.png"
     config.assets.precompile << "print.css"
     config.assets.precompile << "notify.css"

config/sidekiq_queues.yml

@@ -40,6 +40,7 @@
   - [upload_checksum, 1]
   - [repository_fork, 1]
   - [repository_import, 1]
+  - [repository_remove_remote, 1]
   - [github_importer, 1]
   - [github_import_advance_stage, 1]
   - [project_service, 1]

db/migrate/20180109150457_add_remote_name_to_remote_mirrors.rb

+class AddRemoteNameToRemoteMirrors < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def change
+    add_column :remote_mirrors, :remote_name, :string
+  end
+end

db/schema.rb

@@ -2029,6 +2029,7 @@ ActiveRecord::Schema.define(version: 20180113220114) do
     t.datetime "updated_at", null: false
     t.datetime "last_update_started_at"
     t.boolean "only_protected_branches", default: false, null: false
+    t.string "remote_name"
   end
 
   add_index "remote_mirrors", ["last_successful_update_at"], name: "index_remote_mirrors_on_last_successful_update_at", using: :btree

doc/ci/examples/dast.md

 # Dynamic Application Security Testing with GitLab CI/CD
 
-This example shows how to run
 [Dynamic Application Security Testing (DAST)](https://en.wikipedia.org/wiki/Dynamic_program_analysis)
-on your project's source code by using GitLab CI/CD.
+is using the popular open source tool [OWASP ZAProxy](https://github.com/zaproxy/zaproxy)
+to perform an analysis on your running web application.
 
-DAST is using the popular open source tool
-[OWASP ZAProxy](https://github.com/zaproxy/zaproxy) to perform an analysis.
+It can be very useful combined with [Review Apps](../review_apps/index.md).
+
+## Example
 
 All you need is a GitLab Runner with the Docker executor (the shared Runners on
 GitLab.com will work fine). You can then add a new job to `.gitlab-ci.yml`,
@@ -14,22 +15,26 @@ called `dast`:
 ```yaml
 dast:
   image: owasp/zap2docker-stable
+  variables:
+    website: "https://example.com"
   script:
     - mkdir /zap/wrk/
-    - /zap/zap-baseline.py -J gl-dast-report.json -t https://example.com || true
+    - /zap/zap-baseline.py -J gl-dast-report.json -t $website || true
     - cp /zap/wrk/gl-dast-report.json .
   artifacts:
     paths: [gl-dast-report.json]
 ```
 
-The above example will create a `dast` job in your CI pipeline and will allow
-you to download and analyze the report artifact in JSON format.
+The above example will create a `dast` job in your CI/CD pipeline which will run
+the tests on the URL defined in the `website` variable (change it to use your
+own) and finally write the results in the `gl-dast-report.json` file. You can
+then download and analyze the report artifact in JSON format.
 
 TIP: **Tip:**
 Starting with [GitLab Enterprise Edition Ultimate][ee] 10.4, this information will
 be automatically extracted and shown right in the merge request widget. To do
 so, the CI job must be named `dast` and the artifact path must be
 `gl-dast-report.json`.
-[Learn more on dynamic application security testing results shown in merge requests](../../user/project/merge_requests/dast.md).
+[Learn more about DAST results shown in merge requests](../../user/project/merge_requests/dast.md).
 
 [ee]: https://about.gitlab.com/gitlab-ee/

doc/user/project/clusters/index.md

@@ -2,15 +2,16 @@
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/35954) in GitLab 10.1.
 
-NOTE: **Note:**
-The Cluster integration will eventually supersede the
-[Kubernetes integration](../integrations/kubernetes.md).
+Connect your project to Google Kubernetes Engine (GKE) or an existing Kubernetes
+cluster in a few steps.
 
 With a cluster associated to your project, you can use Review Apps, deploy your
 applications, run your pipelines, and much more, in an easy way.
 
-Connect your project to Google Kubernetes Engine (GKE) or an existing Kubernetes
-cluster in a few steps.
+There are two options when adding a new cluster to your project; either associate
+your account with Google Kubernetes Engine (GKE) so that you can [create new
+clusters](#adding-and-creating-a-new-gke-cluster-via-gitlab) from within GitLab,
+or provide the credentials to an [existing Kubernetes cluster](#adding-an-existing-kubernetes-cluster).
 
 ## Prerequisites
 
@@ -41,20 +42,13 @@ following prerequisites must be met.
 If all of the above requirements are met, you can proceed to add a new Kubernetes
 cluster.
 
-## Adding a Kubernetes cluster
+## Adding and creating a new GKE cluster via GitLab
 
 NOTE: **Note:**
 You need Master [permissions] and above to access the Clusters page.
 
-There are two options when adding a new cluster to your project; either associate
-your account with Google Kubernetes Engine (GKE) so that you can create new
-clusters from within GitLab, or provide the credentials to an existing
-Kubernetes cluster.
-
-Before proceeding to either method, make sure all [prerequisites](#prerequisites)
-are met.
-
-**To add a new cluster hosted on GKE to your project:**
+Before proceeding, make sure all [prerequisites](#prerequisites) are met.
+To add a new cluster hosted on GKE to your project:
 
 1. Navigate to your project's **CI/CD > Clusters** page.
 1. Click on **Add cluster**.
@@ -71,24 +65,56 @@ are met.
   - **Number of nodes** - The number of nodes you wish the cluster to have.
   - **Machine type** - The [machine type](https://cloud.google.com/compute/docs/machine-types)
     of the Virtual Machine instance that the cluster will be based on.
-  - **Project namespace** - The unique namespace for this project. By default you
-    don't have to fill it in; by leaving it blank, GitLab will create one for you.
   - **Environment scope** - The [associated environment](#setting-the-environment-scope) to this cluster.
 1. Finally, click the **Create cluster** button.
 
----
+After a few moments, your cluster should be created. If something goes wrong,
+you will be notified.
 
-**To add an existing cluster to your project:**
+You can now proceed to install some pre-defined applications and then
+enable the Cluster integration.
+
+## Adding an existing Kubernetes cluster
+
+NOTE: **Note:**
+You need Master [permissions] and above to access the Clusters page.
+
+To add an existing Kubernetes cluster to your project:
 
 1. Navigate to your project's **CI/CD > Clusters** page.
 1. Click on **Add cluster**.
-1. Click on **Add an existing cluster** and fill in the details as described
-   in the [Kubernetes integration](../integrations/kubernetes.md#configuration)
-   documentation.
-1. Select the [environment scope](#setting-the-environment-scope).
+1. Click on **Add an existing cluster** and fill in the details:
+    - **Cluster name** (required) - The name you wish to give the cluster.
+    - **Environment scope** (required)- The
+      [associated environment](#setting-the-environment-scope) to this cluster.
+    - **API URL** (required) -
+      It's the URL that GitLab uses to access the Kubernetes API. Kubernetes
+      exposes several APIs, we want the "base" URL that is common to all of them,
+      e.g., `https://kubernetes.example.com` rather than `https://kubernetes.example.com/api/v1`.
+    - **CA certificate** (optional) -
+      If the API is using a self-signed TLS certificate, you'll also need to include
+      the `ca.crt` contents here.
+    - **Token** -
+      GitLab authenticates against Kubernetes using service tokens, which are
+      scoped to a particular `namespace`. If you don't have a service token yet,
+      you can follow the
+      [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/)
+      to create one. You can also view or create service tokens in the
+      [Kubernetes dashboard](https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/#config)
+      (under **Config > Secrets**).
+    - **Project namespace** (optional) - The following apply:
+      - By default you don't have to fill it in; by leaving it blank, GitLab will
+        create one for you.
+      - Each project should have a unique namespace.
+      - The project namespace is not necessarily the namespace of the secret, if
+        you're using a secret with broader permissions, like the secret from `default`.
+      - You should **not** use `default` as the project namespace.
+      - If you or someone created a secret specifically for the project, usually
+        with limited permissions, the secret's namespace and project namespace may
+        be the same.
 1. Finally, click the **Create cluster** button.
 
----
+The Kubernetes service takes the following parameters:
 
 After a few moments, your cluster should be created. If something goes wrong,
 you will be notified.
@@ -108,45 +134,6 @@ added directly to your configured cluster. Those applications are needed for
 | [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) | 10.2+ | Ingress can provide load balancing, SSL termination, and name-based virtual hosting. It acts as a web proxy for your applications and is useful if you want to use [Auto DevOps](../../../topics/autodevops/index.md) or deploy your own web apps. |
 | [Prometheus](https://prometheus.io/docs/introduction/overview/) | 10.4+ | Prometheus is an open-source monitoring and alerting system useful to supervise your deployed applications |
 
-## Enabling or disabling the Cluster integration
-
-After you have successfully added your cluster information, you can enable the
-Cluster integration:
-
-1. Click the "Enabled/Disabled" switch
-1. Hit **Save** for the changes to take effect
-
-You can now start using your Kubernetes cluster for your deployments.
-
-To disable the Cluster integration, follow the same procedure.
-
-## Removing the Cluster integration
-
-NOTE: **Note:**
-You need Master [permissions] and above to remove a cluster integration.
-
-NOTE: **Note:**
-When you remove a cluster, you only remove its relation to GitLab, not the
-cluster itself. To remove the cluster, you can do so by visiting the GKE
-dashboard or using `kubectl`.
-
-To remove the Cluster integration from your project, simply click on the
-**Remove integration** button. You will then be able to follow the procedure
-and [add a cluster](#adding-a-cluster) again.
-
-## Multiple Kubernetes clusters
-
-> Introduced in [GitLab Enterprise Edition Premium][ee] 10.3.
-
-With GitLab EEP, you can associate more than one Kubernetes clusters to your
-project. That way you can have different clusters for different environments,
-like dev, staging, production, etc.
-
-To add another cluster, follow the same steps as described in [adding a
-Kubernetes cluster](#adding-a-kubernetes-cluster) and make sure to
-[set an environment scope](#setting-the-environment-scope) that will
-differentiate the new cluster with the rest.
-
 ## Setting the environment scope
 
 When adding more than one clusters, you need to differentiate them with an
@@ -201,5 +188,119 @@ The result will then be:
 - The staging cluster will be used for the "deploy to staging" job.
 - The production cluster will be used for the "deploy to production" job.
 
+## Multiple Kubernetes clusters
+
+> Introduced in [GitLab Enterprise Edition Premium][ee] 10.3.
+
+With GitLab EEP, you can associate more than one Kubernetes clusters to your
+project. That way you can have different clusters for different environments,
+like dev, staging, production, etc.
+
+To add another cluster, follow the same steps as described in [adding a
+Kubernetes cluster](#adding-a-kubernetes-cluster) and make sure to
+[set an environment scope](#setting-the-environment-scope) that will
+differentiate the new cluster with the rest.
+
+## Deployment variables
+
+The Kubernetes cluster integration exposes the following
+[deployment variables](../../../ci/variables/README.md#deployment-variables) in the
+GitLab CI/CD build environment:
+
+- `KUBE_URL` - Equal to the API URL.
+- `KUBE_TOKEN` - The Kubernetes token.
+- `KUBE_NAMESPACE` - The Kubernetes namespace is auto-generated if not specified.
+  The default value is `<project_name>-<project_id>`. You can overwrite it to
+  use different one if needed, otherwise the `KUBE_NAMESPACE` variable will
+  receive the default value.
+- `KUBE_CA_PEM_FILE` - Only present if a custom CA bundle was specified. Path
+  to a file containing PEM data.
+- `KUBE_CA_PEM` (deprecated) - Only if a custom CA bundle was specified. Raw PEM data.
+- `KUBECONFIG` - Path to a file containing `kubeconfig` for this deployment.
+  CA bundle would be embedded if specified.
+
+## Enabling or disabling the Cluster integration
+
+After you have successfully added your cluster information, you can enable the
+Cluster integration:
+
+1. Click the "Enabled/Disabled" switch
+1. Hit **Save** for the changes to take effect
+
+You can now start using your Kubernetes cluster for your deployments.
+
+To disable the Cluster integration, follow the same procedure.
+
+## Removing the Cluster integration
+
+NOTE: **Note:**
+You need Master [permissions] and above to remove a cluster integration.
+
+NOTE: **Note:**
+When you remove a cluster, you only remove its relation to GitLab, not the
+cluster itself. To remove the cluster, you can do so by visiting the GKE
+dashboard or using `kubectl`.
+
+To remove the Cluster integration from your project, simply click on the
+**Remove integration** button. You will then be able to follow the procedure
+and [add a cluster](#adding-a-cluster) again.
+
+## What you can get with the Kubernetes integration
+
+Here's what you can do with GitLab if you enable the Kubernetes integration.
+
+### Deploy Boards (EEP)
+
+> Available in [GitLab Enterprise Edition Premium][ee].
+
+GitLab's Deploy Boards offer a consolidated view of the current health and
+status of each CI [environment](../../../ci/environments.md) running on Kubernetes,
+displaying the status of the pods in the deployment. Developers and other
+teammates can view the progress and status of a rollout, pod by pod, in the
+workflow they already use without any need to access Kubernetes.
+
+[> Read more about Deploy Boards](../deploy_boards.md)
+
+### Canary Deployments (EEP)
+
+> Available in [GitLab Enterprise Edition Premium][ee].
+
+Leverage [Kubernetes' Canary deployments](https://kubernetes.io/docs/concepts/cluster-administration/manage-deployment/#canary-deployments)
+and visualize your canary deployments right inside the Deploy Board, without
+the need to leave GitLab.
+
+[> Read more about Canary Deployments](../canary_deployments.md)
+
+### Kubernetes monitoring
+
+Automatically detect and monitor Kubernetes metrics. Automatic monitoring of
+[NGINX ingress](../integrations/prometheus_library/nginx.md) is also supported.
+
+[> Read more about Kubernetes monitoring](../integrations/prometheus_library/kubernetes.md)
+
+### Auto DevOps
+
+Auto DevOps automatically detects, builds, tests, deploys, and monitors your
+applications.
+
+To make full use of Auto DevOps(Auto Deploy, Auto Review Apps, and Auto Monitoring)
+you will need the Kubernetes project integration enabled.
+
+[> Read more about Auto DevOps](../../../topics/autodevops/index.md)
+
+### Web terminals
+
+NOTE: **Note:**
+Introduced in GitLab 8.15. You must be the project owner or have `master` permissions
+to use terminals. Support is limited to the first container in the
+first pod of your environment.
+
+When enabled, the Kubernetes service adds [web terminal](../../../ci/environments.md#web-terminals)
+support to your [environments](../../../ci/environments.md). This is based on the `exec` functionality found in
+Docker and Kubernetes, so you get a new shell session within your existing
+containers. To use this integration, you should deploy to Kubernetes using
+the deployment variables above, ensuring any pods you create are labelled with
+`app=$CI_ENVIRONMENT_SLUG`. GitLab will do the rest!
+
 [permissions]: ../../permissions.md
 [ee]: https://about.gitlab.com/gitlab-ee/

doc/user/project/integrations/kubernetes.md

@@ -2,11 +2,15 @@
 last_updated: 2017-12-28
 ---
 
-CAUTION: **Warning:**
-Kubernetes service integration has been deprecated in GitLab 10.3. If the service is active the cluster information still be editable, however we advised to disable and reconfigure the clusters using the new [Clusters](../clusters/index.md) page. If the service is inactive the fields will be uneditable. Read [GitLab 10.3 release post](https://about.gitlab.com/2017/12/22/gitlab-10-3-released/#kubernetes-integration-service) for more information.
-
 # GitLab Kubernetes / OpenShift integration
 
+CAUTION: **Warning:**
+The Kubernetes service integration has been deprecated in GitLab 10.3. If the
+service is active, the cluster information will still be editable, however we
+advise to disable and reconfigure the clusters using the new
+[Clusters](../clusters/index.md) page. If the service is inactive, the fields
+will not be editable. Read [GitLab 10.3 release post](https://about.gitlab.com/2017/12/22/gitlab-10-3-released/#kubernetes-integration-service) for more information.
+
 GitLab can be configured to interact with Kubernetes, or other systems using the
 Kubernetes API (such as OpenShift).
 

doc/user/project/merge_requests/dast.md

@@ -2,42 +2,54 @@
 
 > [Introduced][ee-4348] in [GitLab Enterprise Edition Ultimate][ee] 10.4.
 
+If you are using [GitLab CI/CD][ci], you can analyze your running web application(s)
+for known vulnerabilities using Dynamic Application Security Testing (DAST).
+
 ## Overview
 
-If you are using [GitLab CI/CD][ci], you can analyze your web application for known
-vulnerabilities using Dynamic Application Security Testing (DAST), either by
-including the CI job in your [existing `.gitlab-ci.yml` file][cc-docs] or
-by implicitly using [Auto DAST](../../../topics/autodevops/index.md#auto-dast)
+Running [static checks](sast.md) on your code is the first step to detect
+vulnerabilities that can put the security of your code at risk. Yet, once
+deployed, your application is exposed to a new category of possible attacks,
+such as cross-site scripting or broken authentication flaws. This is where
+Dynamic Application Security Testing (DAST) comes into place.
+
+You can take advantage of DAST by either [including the CI job][cc-docs] in
+your existing `.gitlab-ci.yml` file or by implicitly using
+[Auto DAST](../../../topics/autodevops/index.md#auto-dast)
 that is provided by [Auto DevOps](../../../topics/autodevops/index.md).
 
 Going a step further, GitLab can show the vulnerability list right in the merge
 request widget area.
 
-![DAST Widget](img/dast-all.png)
+## Use cases
 
-By clicking on vulnerability you will be able to see the details and the URL(s)
-affected.
+It helps you automatically find security vulnerabilities in your running web
+applications while you are developing and testing your applications.
 
-![DAST Widget Clicked](img/dast-single.png)
+## How it works
 
-## Use cases
+First of all, you need to define a job named `dast` in your `.gitlab-ci.yml`
+file. [Check how the `dast` job should look like][cc-docs].
 
-It helps you automatically find security vulnerabilities in your web applications
-while you are developing and testing your applications.
+In order for the report to show in the merge request, there are two
+prerequisites:
 
-## How it works
+- the specified job **must** be named `dast`
+- the resulting report **must** be named `gl-dast-report.json` and uploaded as an
+  artifact. This JSON file needs to be the only artifact file for the job. If
+  you try to also include other files, it will break the vulnerability display
+  in the merge request.
+
+The `sast` job will perform an analysis on the running web application, the
+resulting JSON file will be uploaded as an artifact, and GitLab will then check
+this file and show the information inside the merge request.
 
-In order for the report to show in the merge request, you need to specify a
-`dast` job (exact name) that will analyze the running application and upload the
-resulting `gl-dast-report.json` file (exact filename) as an artifact. GitLab
-will then check this file and show the information inside the merge request.
+![DAST Widget](img/dast_all.png)
 
-This JSON file needs to be the only artifact file for the job. If you try
-to also include other files, it will break the vulnerability display in the
-merge request.
+By clicking on one of the detected linked vulnerabilities, you will be able to
+see the details and the URL(s) affected.
 
-For more information on how the `dast` job should look like, check the
-[example on analyzing a project's code for vulnerabilities][cc-docs].
+![DAST Widget Clicked](img/dast_single.png)
 
 [ee-4348]: https://gitlab.com/gitlab-org/gitlab-ee/issues/4348
 [ee]: https://about.gitlab.com/gitlab-ee/

doc/user/project/pipelines/schedules.md

@@ -31,6 +31,20 @@ is installed on.
 
 ![Schedules list](img/pipeline_schedules_list.png)
 
+### Running a scheduled pipeline manually
+
+> [Introduced][ce-15700] in GitLab 10.4.
+
+To trigger a pipeline schedule manually, click the "Play" button:
+
+![Play Pipeline Schedule](img/pipeline_schedule_play.png)
+
+This will schedule a background job to run the pipeline schedule. A flash
+message will provide a link to the CI/CD Pipeline index page.
+
+To help avoid abuse, users are rate limited to triggering a pipeline once per
+minute.
+
 ### Making use of scheduled pipeline variables
 
 > [Introduced][ce-12328] in GitLab 9.4.
@@ -90,4 +104,5 @@ don't have admin access to the server, ask your administrator.
 [ce-10533]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10533
 [ce-10853]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10853
 [ce-12328]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12328
+[ce-15700]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/15700
 [settings]: https://about.gitlab.com/gitlab-com/settings/#cron-jobs

ee/app/assets/javascripts/geo_nodes/constants.js

@@ -3,7 +3,7 @@ export const NODE_ACTION_BASE_PATH = '/admin/geo_nodes/';
 export const NODE_ACTIONS = {
   TOGGLE: '/toggle',
   EDIT: '/edit',
-  REPAIR: '/reconfigure',
+  REPAIR: '/repair',
 };
 
 export const VALUE_TYPE = {

ee/app/models/ee/project.rb

@@ -329,7 +329,7 @@ module EE
     end
 
     def remove_mirror_repository_reference
-      repository.remove_remote(::Repository::MIRROR_REMOTE)
+      repository.async_remove_remote(::Repository::MIRROR_REMOTE)
     end
 
     def import_url_availability

ee/app/models/remote_mirror.rb

@@ -21,6 +21,8 @@ class RemoteMirror < ActiveRecord::Base
   validate  :url_availability, if: -> (mirror) { mirror.url_changed? || mirror.enabled? }
   validates :url, addressable_url: true, if: :url_changed?
 
+  before_save :set_new_remote_name, if: :mirror_url_changed?
+
   after_save :set_override_remote_mirror_available, unless: -> { Gitlab::CurrentSettings.current_application_settings.mirror_available }
   after_save :refresh_remote, if: :mirror_url_changed?
   after_update :reset_fields, if: :mirror_url_changed?
@@ -69,8 +71,8 @@ class RemoteMirror < ActiveRecord::Base
     end
   end
 
-  def ref_name
-    "remote_mirror_#{id}"
+  def remote_name
+    super || fallback_remote_name
   end
 
   def update_failed?
@@ -149,7 +151,13 @@ class RemoteMirror < ActiveRecord::Base
   private
 
   def raw
-    @raw ||= Gitlab::Git::RemoteMirror.new(project.repository.raw, ref_name)
+    @raw ||= Gitlab::Git::RemoteMirror.new(project.repository.raw, remote_name)
+  end
+
+  def fallback_remote_name
+    return unless id
+
+    "remote_mirror_#{id}"
   end
 
   def recently_scheduled?
@@ -189,16 +197,27 @@ class RemoteMirror < ActiveRecord::Base
     project.update(remote_mirror_available_overridden: enabled)
   end
 
+  def set_new_remote_name
+    self.remote_name = "remote_mirror_#{SecureRandom.hex}"
+  end
+
   def refresh_remote
     return unless project
 
-    project.repository.add_remote(ref_name, url)
+    # Before adding a new remote we have to delete the data from
+    # the previous remote name
+    prev_remote_name = remote_name_was || fallback_remote_name
+    run_after_commit do
+      project.repository.async_remove_remote(prev_remote_name)
+    end
+
+    project.repository.add_remote(remote_name, url)
   end
 
   def remove_remote
-    if project # could be pending to delete so don't need to touch the git repository
-      project.repository.remove_remote(ref_name)
-    end
+    return unless project # could be pending to delete so don't need to touch the git repository
+
+    project.repository.async_remove_remote(remote_name)
   end
 
   def mirror_url_changed?

ee/app/services/projects/update_remote_mirror_service.rb

@@ -8,7 +8,7 @@ module Projects
       return success unless remote_mirror.enabled?
 
       begin
-        repository.fetch_remote(remote_mirror.ref_name, no_tags: true)
+        repository.fetch_remote(remote_mirror.remote_name, no_tags: true)
 
         opts = {}
         if remote_mirror.only_protected_branches?

spec/factories/projects.rb

@@ -177,6 +177,7 @@ FactoryBot.define do
 
     trait :remote_mirror do
       transient do
+        remote_name "remote_mirror_#{SecureRandom.hex}"
         url "http://foo.com"
         enabled true
       end

spec/javascripts/geo_nodes/components/geo_node_actions_spec.js

@@ -83,7 +83,7 @@ describe('GeoNodeActionsComponent', () => {
 
     describe('nodeRepairAuthPath', () => {
       it('returns node repair authentication path', () => {
-        expect(vm.nodeRepairAuthPath).toBe('/admin/geo_nodes/1/reconfigure');
+        expect(vm.nodeRepairAuthPath).toBe('/admin/geo_nodes/1/repair');
       });
     });
 

spec/javascripts/vue_mr_widget/components/states/mr_widget_auto_merge_failed_spec.js

 import Vue from 'vue';
-import autoMergeFailedComponent from '~/vue_merge_request_widget/components/states/mr_widget_auto_merge_failed';
-
-const mergeError = 'This is the merge error';
+import autoMergeFailedComponent from '~/vue_merge_request_widget/components/states/mr_widget_auto_merge_failed.vue';
+import eventHub from '~/vue_merge_request_widget/event_hub';
+import mountComponent from '../../../helpers/vue_mount_component_helper';
 
 describe('MRWidgetAutoMergeFailed', () => {
-  describe('props', () => {
-    it('should have props', () => {
-      const mrProp = autoMergeFailedComponent.props.mr;
+  let vm;
+  const mergeError = 'This is the merge error';
 
-      expect(mrProp.type instanceof Object).toBeTruthy();
-      expect(mrProp.required).toBeTruthy();
+  beforeEach(() => {
+    const Component = Vue.extend(autoMergeFailedComponent);
+    vm = mountComponent(Component, {
+      mr: { mergeError },
     });
   });
 
-  describe('template', () => {
-    const Component = Vue.extend(autoMergeFailedComponent);
-    const vm = new Component({
-      el: document.createElement('div'),
-      propsData: {
-        mr: { mergeError },
-      },
-    });
+  afterEach(() => {
+    vm.$destroy();
+  });
+
+  it('renders failed message', () => {
+    expect(vm.$el.textContent).toContain('This merge request failed to be merged automatically');
+  });
+
+  it('renders merge error provided', () => {
+    expect(vm.$el.innerText).toContain(mergeError);
+  });
+
+  it('render refresh button', () => {
+    expect(vm.$el.querySelector('button').textContent.trim()).toEqual('Refresh');
+  });
+
+  it('emits event and shows loading icon when button is clicked', (done) => {
+    spyOn(eventHub, '$emit');
+    vm.$el.querySelector('button').click();
+
+    expect(eventHub.$emit.calls.argsFor(0)[0]).toEqual('MRWidgetUpdateRequested');
 
-    it('should have correct elements', () => {
-      expect(vm.$el.classList.contains('mr-widget-body')).toBeTruthy();
-      expect(vm.$el.querySelector('button').getAttribute('disabled')).toBeFalsy();
-      expect(vm.$el.innerText).toContain('This merge request failed to be merged automatically');
-      expect(vm.$el.innerText).toContain(mergeError);
+    Vue.nextTick(() => {
+      expect(vm.$el.querySelector('button').getAttribute('disabled')).toEqual('disabled');
+      expect(
+        vm.$el.querySelector('button i').classList,
+      ).toContain('fa-spinner');
+      done();
     });
   });
 });

spec/models/remote_mirror_spec.rb

@@ -68,7 +68,36 @@ describe RemoteMirror do
         mirror.update_attribute(:url, 'http://foo:baz@test.com')
 
         config = repo.raw_repository.rugged.config
-        expect(config["remote.#{mirror.ref_name}.url"]).to eq('http://foo:baz@test.com')
+        expect(config["remote.#{mirror.remote_name}.url"]).to eq('http://foo:baz@test.com')
+      end
+    end
+  end
+
+  describe '#remote_name' do
+    context 'when remote name is persisted in the database' do
+      it 'returns remote name with random value' do
+        allow(SecureRandom).to receive(:hex).and_return('secret')
+
+        remote_mirror = create(:remote_mirror)
+
+        expect(remote_mirror.remote_name).to eq("remote_mirror_secret")
+      end
+    end
+
+    context 'when remote name is not persisted in the database' do
+      it 'returns remote name with remote mirror id' do
+        remote_mirror = create(:remote_mirror)
+        remote_mirror.remote_name = nil
+
+        expect(remote_mirror.remote_name).to eq("remote_mirror_#{remote_mirror.id}")
+      end
+    end
+
+    context 'when remote is not persisted in the database' do
+      it 'returns nil' do
+        remote_mirror = build(:remote_mirror, remote_name: nil)
+
+        expect(remote_mirror.remote_name).to be_nil
       end
     end
   end

spec/models/repository_spec.rb

@@ -701,6 +701,38 @@ describe Repository do
     end
   end
 
+  describe '#async_remove_remote' do
+    before do
+      masterrev = repository.find_branch('master').dereferenced_target
+      create_remote_branch('joe', 'remote_branch', masterrev)
+    end
+
+    context 'when worker is scheduled successfully' do
+      before do
+        masterrev = repository.find_branch('master').dereferenced_target
+        create_remote_branch('remote_name', 'remote_branch', masterrev)
+
+        allow(RepositoryRemoveRemoteWorker).to receive(:perform_async).and_return('1234')
+      end
+
+      it 'returns job_id' do
+        expect(repository.async_remove_remote('joe')).to eq('1234')
+      end
+    end
+
+    context 'when worker does not schedule successfully' do
+      before do
+        allow(RepositoryRemoveRemoteWorker).to receive(:perform_async).and_return(nil)
+      end
+
+      it 'returns nil' do
+        expect(Rails.logger).to receive(:info).with("Remove remote job failed to create for #{project.id} with remote name joe.")
+
+        expect(repository.async_remove_remote('joe')).to be_nil
+      end
+    end
+  end
+
   describe '#fetch_ref' do
     let(:broken_repository) { create(:project, :broken_storage).repository }
 

spec/services/projects/update_remote_mirror_service_spec.rb

@@ -27,15 +27,15 @@ describe Projects::UpdateRemoteMirrorService do
     end
 
     it "fetches the remote repository" do
-      expect(repository).to receive(:fetch_remote).with(remote_mirror.ref_name, no_tags: true) do
-        sync_remote(repository, remote_mirror.ref_name, local_branch_names)
+      expect(repository).to receive(:fetch_remote).with(remote_mirror.remote_name, no_tags: true) do
+        sync_remote(repository, remote_mirror.remote_name, local_branch_names)
       end
 
       subject.execute(remote_mirror)
     end
 
     it "succeeds" do
-      allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.ref_name, local_branch_names) }
+      allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.remote_name, local_branch_names) }
 
       result = subject.execute(remote_mirror)
 
@@ -46,13 +46,13 @@ describe Projects::UpdateRemoteMirrorService do
       it "push all the branches the first time" do
         allow(repository).to receive(:fetch_remote)
 
-        expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.ref_name, local_branch_names)
+        expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.remote_name, local_branch_names)
 
         subject.execute(remote_mirror)
       end
 
       it "does not push anything is remote is up to date" do
-        allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.ref_name, local_branch_names) }
+        allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.remote_name, local_branch_names) }
 
         expect(raw_repository).not_to receive(:push_remote_branches)
 
@@ -62,21 +62,21 @@ describe Projects::UpdateRemoteMirrorService do
       it "sync new branches" do
         # call local_branch_names early so it is not called after the new branch has been created
         current_branches = local_branch_names
-        allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.ref_name, current_branches) }
+        allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.remote_name, current_branches) }
         create_branch(repository, 'my-new-branch')
 
-        expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.ref_name, ['my-new-branch'])
+        expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.remote_name, ['my-new-branch'])
 
         subject.execute(remote_mirror)
       end
 
       it "sync updated branches" do
         allow(repository).to receive(:fetch_remote) do
-          sync_remote(repository, remote_mirror.ref_name, local_branch_names)
+          sync_remote(repository, remote_mirror.remote_name, local_branch_names)
           update_branch(repository, 'existing-branch')
         end
 
-        expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.ref_name, ['existing-branch'])
+        expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.remote_name, ['existing-branch'])
 
         subject.execute(remote_mirror)
       end
@@ -94,22 +94,22 @@ describe Projects::UpdateRemoteMirrorService do
 
         it "sync updated protected branches" do
           allow(repository).to receive(:fetch_remote) do
-            sync_remote(repository, remote_mirror.ref_name, local_branch_names)
+            sync_remote(repository, remote_mirror.remote_name, local_branch_names)
             update_branch(repository, protected_branch_name)
           end
 
-          expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.ref_name, [protected_branch_name])
+          expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.remote_name, [protected_branch_name])
 
           subject.execute(remote_mirror)
         end
 
         it 'does not sync unprotected branches' do
           allow(repository).to receive(:fetch_remote) do
-            sync_remote(repository, remote_mirror.ref_name, local_branch_names)
+            sync_remote(repository, remote_mirror.remote_name, local_branch_names)
             update_branch(repository, 'existing-branch')
           end
 
-          expect(raw_repository).not_to receive(:push_remote_branches).with(remote_mirror.ref_name, ['existing-branch'])
+          expect(raw_repository).not_to receive(:push_remote_branches).with(remote_mirror.remote_name, ['existing-branch'])
 
           subject.execute(remote_mirror)
         end
@@ -119,11 +119,11 @@ describe Projects::UpdateRemoteMirrorService do
         context 'when it has diverged' do
           it 'syncs branches' do
             allow(repository).to receive(:fetch_remote) do
-              sync_remote(repository, remote_mirror.ref_name, local_branch_names)
-              update_remote_branch(repository, remote_mirror.ref_name, 'markdown')
+              sync_remote(repository, remote_mirror.remote_name, local_branch_names)
+              update_remote_branch(repository, remote_mirror.remote_name, 'markdown')
             end
 
-            expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.ref_name, ['markdown'])
+            expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.remote_name, ['markdown'])
 
             subject.execute(remote_mirror)
           end
@@ -134,11 +134,11 @@ describe Projects::UpdateRemoteMirrorService do
         context 'when branch exists in local and remote repo' do
           it 'deletes the branch from remote repo' do
             allow(repository).to receive(:fetch_remote) do
-              sync_remote(repository, remote_mirror.ref_name, local_branch_names)
+              sync_remote(repository, remote_mirror.remote_name, local_branch_names)
               delete_branch(repository, 'existing-branch')
             end
 
-            expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.ref_name, ['existing-branch'])
+            expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.remote_name, ['existing-branch'])
 
             subject.execute(remote_mirror)
           end
@@ -159,22 +159,22 @@ describe Projects::UpdateRemoteMirrorService do
 
             it 'deletes the protected branch from remote repo' do
               allow(repository).to receive(:fetch_remote) do
-                sync_remote(repository, remote_mirror.ref_name, local_branch_names)
+                sync_remote(repository, remote_mirror.remote_name, local_branch_names)
                 delete_branch(repository, protected_branch_name)
               end
 
-              expect(raw_repository).not_to receive(:delete_remote_branches).with(remote_mirror.ref_name, [protected_branch_name])
+              expect(raw_repository).not_to receive(:delete_remote_branches).with(remote_mirror.remote_name, [protected_branch_name])
 
               subject.execute(remote_mirror)
             end
 
             it 'does not delete the unprotected branch from remote repo' do
               allow(repository).to receive(:fetch_remote) do
-                sync_remote(repository, remote_mirror.ref_name, local_branch_names)
+                sync_remote(repository, remote_mirror.remote_name, local_branch_names)
                 delete_branch(repository, 'existing-branch')
               end
 
-              expect(raw_repository).not_to receive(:delete_remote_branches).with(remote_mirror.ref_name, ['existing-branch'])
+              expect(raw_repository).not_to receive(:delete_remote_branches).with(remote_mirror.remote_name, ['existing-branch'])
 
               subject.execute(remote_mirror)
             end
@@ -190,10 +190,10 @@ describe Projects::UpdateRemoteMirrorService do
             context 'when it has diverged' do
               it 'does not delete the remote branch' do
                 allow(repository).to receive(:fetch_remote) do
-                  sync_remote(repository, remote_mirror.ref_name, local_branch_names)
+                  sync_remote(repository, remote_mirror.remote_name, local_branch_names)
 
                   rev = repository.find_branch('markdown').dereferenced_target
-                  create_remote_branch(repository, remote_mirror.ref_name, 'remote-branch', rev.id)
+                  create_remote_branch(repository, remote_mirror.remote_name, 'remote-branch', rev.id)
                 end
 
                 expect(raw_repository).not_to receive(:delete_remote_branches)
@@ -205,13 +205,13 @@ describe Projects::UpdateRemoteMirrorService do
             context 'when it has not diverged' do
               it 'deletes the remote branch' do
                 allow(repository).to receive(:fetch_remote) do
-                  sync_remote(repository, remote_mirror.ref_name, local_branch_names)
+                  sync_remote(repository, remote_mirror.remote_name, local_branch_names)
 
                   masterrev = repository.find_branch('master').dereferenced_target
-                  create_remote_branch(repository, remote_mirror.ref_name, protected_branch_name, masterrev.id)
+                  create_remote_branch(repository, remote_mirror.remote_name, protected_branch_name, masterrev.id)
                 end
 
-                expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.ref_name, [protected_branch_name])
+                expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.remote_name, [protected_branch_name])
 
                 subject.execute(remote_mirror)
               end
@@ -223,10 +223,10 @@ describe Projects::UpdateRemoteMirrorService do
           context 'when it has diverged' do
             it 'does not delete the remote branch' do
               allow(repository).to receive(:fetch_remote) do
-                sync_remote(repository, remote_mirror.ref_name, local_branch_names)
+                sync_remote(repository, remote_mirror.remote_name, local_branch_names)
 
                 rev = repository.find_branch('markdown').dereferenced_target
-                create_remote_branch(repository, remote_mirror.ref_name, 'remote-branch', rev.id)
+                create_remote_branch(repository, remote_mirror.remote_name, 'remote-branch', rev.id)
               end
 
               expect(raw_repository).not_to receive(:delete_remote_branches)
@@ -238,13 +238,13 @@ describe Projects::UpdateRemoteMirrorService do
           context 'when it has not diverged' do
             it 'deletes the remote branch' do
               allow(repository).to receive(:fetch_remote) do
-                sync_remote(repository, remote_mirror.ref_name, local_branch_names)
+                sync_remote(repository, remote_mirror.remote_name, local_branch_names)
 
                 masterrev = repository.find_branch('master').dereferenced_target
-                create_remote_branch(repository, remote_mirror.ref_name, 'remote-branch', masterrev.id)
+                create_remote_branch(repository, remote_mirror.remote_name, 'remote-branch', masterrev.id)
               end
 
-              expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.ref_name, ['remote-branch'])
+              expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.remote_name, ['remote-branch'])
 
               subject.execute(remote_mirror)
             end
@@ -255,7 +255,7 @@ describe Projects::UpdateRemoteMirrorService do
 
     describe 'Syncing tags' do
       before do
-        allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.ref_name, local_branch_names) }
+        allow(repository).to receive(:fetch_remote) { sync_remote(repository, remote_mirror.remote_name, local_branch_names) }
       end
 
       context 'when there are not tags to push' do
@@ -273,7 +273,7 @@ describe Projects::UpdateRemoteMirrorService do
         it 'pushes tags to remote' do
           allow(raw_repository).to receive(:remote_tags) { {} }
 
-          expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.ref_name, ['v1.0.0', 'v1.1.0'])
+          expect(raw_repository).to receive(:push_remote_branches).with(remote_mirror.remote_name, ['v1.0.0', 'v1.1.0'])
 
           subject.execute(remote_mirror)
         end
@@ -286,7 +286,7 @@ describe Projects::UpdateRemoteMirrorService do
 
           repository.rm_tag(create(:user), 'v1.0.0')
 
-          expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.ref_name, ['v1.0.0'])
+          expect(raw_repository).to receive(:delete_remote_branches).with(remote_mirror.remote_name, ['v1.0.0'])
 
           subject.execute(remote_mirror)
         end

spec/workers/repository_remove_remote_worker_spec.rb

+require 'rails_helper'
+
+describe RepositoryRemoveRemoteWorker do
+  subject(:worker) { described_class.new }
+
+  describe '#perform' do
+    let(:remote_name) { 'joe'}
+    let!(:project) { create(:project, :repository) }
+
+    context 'when it cannot obtain lease' do
+      it 'logs error' do
+        allow_any_instance_of(Gitlab::ExclusiveLease).to receive(:try_obtain) { nil }
+
+        expect_any_instance_of(Repository).not_to receive(:remove_remote)
+        expect(worker).to receive(:log_error).with('Cannot obtain an exclusive lease. There must be another instance already in execution.')
+
+        worker.perform(project.id, remote_name)
+      end
+    end
+
+    context 'when it gets the lease' do
+      before do
+        allow_any_instance_of(Gitlab::ExclusiveLease).to receive(:try_obtain).and_return(true)
+      end
+
+      context 'when project does not exist' do
+        it 'returns nil' do
+          expect(worker.perform(-1, 'remote_name')).to be_nil
+        end
+      end
+
+      context 'when project exists' do
+        it 'removes remote from repository' do
+          masterrev = project.repository.find_branch('master').dereferenced_target
+
+          create_remote_branch(remote_name, 'remote_branch', masterrev)
+
+          expect_any_instance_of(Repository).to receive(:remove_remote).with(remote_name).and_call_original
+
+          worker.perform(project.id, remote_name)
+        end
+      end
+    end
+  end
+
+  def create_remote_branch(remote_name, branch_name, target)
+    rugged = project.repository.rugged
+    rugged.references.create("refs/remotes/#{remote_name}/#{branch_name}", target.id)
+  end
+end