CE upstream



See merge request !415

Search through the filenames



See merge request !409

Add one more ES note to 8.8 update guide



See merge request !406

Merge Rubocop changes introduced in CE

This MR merges rubocop changes introduced in EE in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4261 and also fixes offenses detected after enabling these cops.

See merge request !414

Enable multiple Rubocop cops that can be enabled

See https://gitlab.com/gitlab-org/gitlab-ce/issues/17406

This enabled following cops:

```text
Lint/CircularArgumentReference:
  Description: Default values in optional keyword arguments and optional ordinal arguments
----------------
Lint/ConditionPosition:
  Description: Checks for condition placed in a confusing position relative to the keyword.
  StyleGuide: https://github.com/bbatsov/ruby-style-guide#same-line-condition
----------------
Lint/Debugger:
  Description: Check for debugger calls.
----------------
Lint/DefEndAlignment:
  Description: Align ends corresponding to defs correctly.
----------------
Lint/DuplicateMethods:
  Description: Check for duplicate method definitions.
----------------
Lint/DuplicatedKey:
  Description: Check for duplicate keys in hash literals.
----------------
Lint/EachWithObjectArgument:
  Description: Check for immutable argument given to each_with_object.
----------------
Lint/ElseLayout:
  Description: Check for odd code arrangement in an else block.
----------------
Lint/EmptyEnsure:
  Description: Checks for empty ensure block.
----------------
Lint/EmptyInterpolation:
  Description: Checks for empty string interpolation.
----------------
Lint/EndAlignment:
  Description: Align ends correctly.
----------------
Lint/EndInMethod:
  Description: END blocks should not be placed inside method definitions.
----------------
Lint/EnsureReturn:
  Description: Do not use return in an ensure block.
  StyleGuide: https://github.com/bbatsov/ruby-style-guide#no-return-ensure
----------------
Lint/Eval:
  Description: The use of eval represents a serious security risk.
----------------
Lint/FloatOutOfRange:
  Description: Catches floating-point literals too large or small for Ruby to represent.
----------------
Lint/FormatParameterMismatch:
  Description: The number of parameters to format/sprint must match the fields.
----------------
Lint/ImplicitStringConcatenation:
  Description: Checks for adjacent string literals on the same line, which could better
    be represented as a single string literal.
----------------
Lint/InvalidCharacterLiteral:
  Description: Checks for invalid character literals with a non-escaped whitespace character.
----------------
Lint/LiteralInInterpolation:
  Description: Checks for literals used in interpolation.
----------------
Lint/NestedMethodDefinition:
  Description: Do not use nested method definitions.
  StyleGuide: https://github.com/bbatsov/ruby-style-guide#no-nested-methods
----------------
Lint/NextWithoutAccumulator:
  Description: Do not omit the accumulator when calling `next` in a `reduce`/`inject`
    block.
----------------
Lint/RandOne:
  Description: Checks for `rand(1)` calls. Such calls always return `0` and most likely
    a mistake.
----------------
Lint/RequireParentheses:
  Description: Use parentheses in the method call to avoid confusion about precedence.
----------------
Lint/UnreachableCode:
  Description: Unreachable code.
----------------
Lint/UselessComparison:
  Description: Checks for comparison of something with itself.
----------------
Lint/UselessElseWithoutRescue:
  Description: Checks for useless `else` in `begin..end` without `rescue`.
----------------
Lint/UselessSetterCall:
  Description: Checks for useless setter call to a local variable.
----------------
Lint/Void:
  Description: Possible use of operator/literal/variable in void context.
----------------
Performance/DoubleStartEndWith:
  Description: Use `str.{start,end}_with?(x, ..., y, ...)` instead of `str.{start,end}_with?(x,
    ...) || str.{start,end}_with?(y, ...)`.
----------------
Performance/RedundantSortBy:
  Description: Use `sort` instead of `sort_by { |x| x }`.
----------------
Rails/FindBy:
  Description: Prefer find_by over where.first.
  Include:
  - app/models/**/*.rb
----------------
Rails/FindEach:
  Description: Prefer all.find_each over all.find.
  Include:
  - app/models/**/*.rb
----------------
Rails/PluralizationGrammar:
  Description: Checks for incorrect grammar when using methods like `3.day.ago`.
----------------
Rails/ScopeArgs:
  Description: Checks the arguments of ActiveRecord scopes.
  Include:
  - app/models/**/*.rb
```

See merge request !4261

[ci skip]

Allow anonymous user to access pipelines

## What does this MR do?

It fixes an issue where the Pipelines is shown for the Anonymous users,
but they get 404 when clicked. Their session is then logged out.

Fixes #17717.

See merge request !4233

[ci skip]

[ci skip]

Fix MySQL compatibility in zero downtime migration helpers

## What does this MR do?

This MR fixes MySQL for zero downtime migration helpers introduced in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3860

Closes #17711

See merge request !4239

Fix the CI login to Container Registry (the gitlab-ci-token user)

## What does this MR do?

This fixes `docker login` not succeeding when trying to do CI login: `gitlab-ci-token with $CI_BUILD_TOKEN`.

cc @marin

See merge request !4236

Add health check feature documentation

for https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3888

@virtuacreative @axil 

See merge request !4199

Fix docker registry integration

See merge request !4229

[ci skip]

Geo: Single Sign Out

Implements Single Sign Out for Geo (#76).

Initial proposal was to generate a hash based on the `access_token`, but that created a O(N) cost against a desirable O(1), as a new `access_token` is generated for each new login. To overcome that cost we would need to send a "public identifier" to help retrieve the correct `access_token` and provide that during login process.

This is also how most Single Sign On implementations works (they provide some sort of session_id, that we notify every node to invalidate, during sign out process).

As I don't want to modify our OAuth table (that is managed by doorkeeper) nor change the way our login process work, the solution is to encrypt the `access_token` using a symmetric key known by both nodes, and expire the `access_token` after the logout to prevent replay attacks (otherwise we would need to send a `nounce` and store that on primary). 

The key is based on `Gitlab::Application.secrets.db_key_base` which we already use to encrypt database attributes and is synced between both nodes. We communicate sending a `state` parameter which is known terminology in OAuth protocol.

Although this is implemented with Geo only in mind, we can backport to CE (with minimal changes) and provide as a "non-standard" way of single sign off for applications that integrate with GitLab.

Fixes #522 

See merge request !380

Geo: Single Sign Out

Implements Single Sign Out for Geo (#76).

Initial proposal was to generate a hash based on the `access_token`, but that created a O(N) cost against a desirable O(1), as a new `access_token` is generated for each new login. To overcome that cost we would need to send a "public identifier" to help retrieve the correct `access_token` and provide that during login process.

This is also how most Single Sign On implementations works (they provide some sort of session_id, that we notify every node to invalidate, during sign out process).

As I don't want to modify our OAuth table (that is managed by doorkeeper) nor change the way our login process work, the solution is to encrypt the `access_token` using a symmetric key known by both nodes, and expire the `access_token` after the logout to prevent replay attacks (otherwise we would need to send a `nounce` and store that on primary). 

The key is based on `Gitlab::Application.secrets.db_key_base` which we already use to encrypt database attributes and is synced between both nodes. We communicate sending a `state` parameter which is known terminology in OAuth protocol.

Although this is implemented with Geo only in mind, we can backport to CE (with minimal changes) and provide as a "non-standard" way of single sign off for applications that integrate with GitLab.

Fixes #522 

See merge request !380

# Conflicts:
#	app/services/system_note_service.rb

Fix Error 500 when attempting to retrieve project license when HEAD points to non-existent ref

Closes #17537

See merge request !4151

Fix group visibility level migration in case all visibility levels are restricted

fixes #14632 

See merge request !4107

Let users set notification levels in projects which they are not members

Fixes #9013 

See merge request !3986

Implement special GitLab markdown reference for milestones

https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3453 by @eReGeBe, with two additions:

- Move changelog item to 8.8
- Fix cross-project milestone ref with invalid project, like https://gitlab.com/gitlab-org/gitlab-ce/commit/f7348cd348ad8f4a18d74dd668283a4e236f5790 did for labels

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/13829

See merge request !3897

current_user.confirmed_at.present? => current_user.confirmed?

fixes: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3862/diffs#4f7b76b1197d6fb073f77957b3b7b70d921ed7e7_42_41

See merge request !4225

Allows MR authors to have the source branch removed when merging the MR


closes #13191 

The location of the checkbox might not be optimal so any feedback is welcome. Any other feedback too obviously.

Screenshot:
![Screenshot_2016-02-17_21.25.24](/uploads/a9c3eaafb39c6f5b4f0949a2278af6da/Screenshot_2016-02-17_21.25.24.png)

See merge request !2801

Updated mirror repo UI

![Screen_Shot_2016-04-27_at_17.12.28](/uploads/b8277ab88ec7c23b9e48d9a2f8bb5d9c/Screen_Shot_2016-04-27_at_17.12.28.png)

![Screen_Shot_2016-04-27_at_17.12.30](/uploads/90c7150d17343ce2056d7145d0e774be/Screen_Shot_2016-04-27_at_17.12.30.png)

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/14026

See merge request !362

SAML support for admin groups

SAML now supports admin groups, very similarly to how it does external groups.

/cc @dblessing 

See merge request !408