From b93a71aa47a0dcc4fe790f67ebcda6d11cd2da9d Mon Sep 17 00:00:00 2001
From: Utkarsh Gupta <guptautkarsh2102@gmail.com>
Date: Sun, 5 May 2019 18:10:48 +0530
Subject: [PATCH] New upstream version 11.8.9+dfsg

---
 .babelrc.js                                   |   45 +
 .codeclimate.yml                              |   40 +
 .csscomb.json                                 |   20 +
 .eslintignore                                 |   13 +
 .eslintrc.yml                                 |   36 +
 .foreman                                      |    1 +
 .gitattributes                                |    2 +
 .github/ISSUE_TEMPLATE.md                     |    3 +
 .github/PULL_REQUEST_TEMPLATE.md              |    3 +
 .gitignore                                    |   83 ++
 .gitlab-ci.yml                                | 1085 +++++++++++++++++
 .gitlab/CODEOWNERS.disabled                   |   20 +
 .gitlab/issue_templates/Acceptance_Testing.md |  100 ++
 .gitlab/issue_templates/Bug.md                |   87 ++
 .../issue_templates/Coding style proposal.md  |   16 +
 .gitlab/issue_templates/Documentation.md      |   54 +
 .gitlab/issue_templates/Feature proposal.md   |   46 +
 .gitlab/issue_templates/Security Release.md   |   69 ++
 .../Security developer workflow.md            |   69 ++
 .gitlab/issue_templates/Test plan.md          |   96 ++
 .../Change documentation location.md          |   32 +
 .../Database changes.md                       |   58 +
 .../merge_request_templates/Documentation.md  |   33 +
 .../Security Release.md                       |   31 +
 .gitlab/route-map.yml                         |    3 +
 .haml-lint.yml                                |  167 +++
 .mailmap                                      |   35 +
 .nvmrc                                        |    1 +
 .pkgr.yml                                     |   49 +
 .prettierignore                               |    9 +
 .prettierrc                                   |   13 +
 .rubocop.yml                                  |  183 +++
 .rubocop_todo.yml                             |  691 +++++++++++
 .ruby-version                                 |    1 +
 .scss-lint.yml                                |  273 +++++
 35 files changed, 3467 insertions(+)
 create mode 100644 .babelrc.js
 create mode 100644 .codeclimate.yml
 create mode 100644 .csscomb.json
 create mode 100644 .eslintignore
 create mode 100644 .eslintrc.yml
 create mode 100644 .foreman
 create mode 100644 .gitattributes
 create mode 100644 .github/ISSUE_TEMPLATE.md
 create mode 100644 .github/PULL_REQUEST_TEMPLATE.md
 create mode 100644 .gitignore
 create mode 100644 .gitlab-ci.yml
 create mode 100644 .gitlab/CODEOWNERS.disabled
 create mode 100644 .gitlab/issue_templates/Acceptance_Testing.md
 create mode 100644 .gitlab/issue_templates/Bug.md
 create mode 100644 .gitlab/issue_templates/Coding style proposal.md
 create mode 100644 .gitlab/issue_templates/Documentation.md
 create mode 100644 .gitlab/issue_templates/Feature proposal.md
 create mode 100644 .gitlab/issue_templates/Security Release.md
 create mode 100644 .gitlab/issue_templates/Security developer workflow.md
 create mode 100644 .gitlab/issue_templates/Test plan.md
 create mode 100644 .gitlab/merge_request_templates/Change documentation location.md
 create mode 100644 .gitlab/merge_request_templates/Database changes.md
 create mode 100644 .gitlab/merge_request_templates/Documentation.md
 create mode 100644 .gitlab/merge_request_templates/Security Release.md
 create mode 100644 .gitlab/route-map.yml
 create mode 100644 .haml-lint.yml
 create mode 100644 .mailmap
 create mode 100644 .nvmrc
 create mode 100644 .pkgr.yml
 create mode 100644 .prettierignore
 create mode 100644 .prettierrc
 create mode 100644 .rubocop.yml
 create mode 100644 .rubocop_todo.yml
 create mode 100644 .ruby-version
 create mode 100644 .scss-lint.yml

diff --git a/.babelrc.js b/.babelrc.js
new file mode 100644
index 0000000000..1b05a67354
--- /dev/null
+++ b/.babelrc.js
@@ -0,0 +1,45 @@
+const BABEL_ENV = process.env.BABEL_ENV || process.env.NODE_ENV || null;
+
+const presets = [
+  [
+    '@babel/preset-env',
+    {
+      modules: false,
+      targets: {
+        ie: '11',
+      },
+    },
+  ],
+];
+
+// include stage 3 proposals
+const plugins = [
+  '@babel/plugin-syntax-dynamic-import',
+  '@babel/plugin-syntax-import-meta',
+  '@babel/plugin-proposal-class-properties',
+  '@babel/plugin-proposal-json-strings',
+  '@babel/plugin-proposal-private-methods',
+];
+
+// add code coverage tooling if necessary
+if (BABEL_ENV === 'coverage') {
+  plugins.push([
+    'babel-plugin-istanbul',
+    {
+      exclude: ['spec/javascripts/**/*', 'app/assets/javascripts/locale/**/app.js'],
+    },
+  ]);
+}
+
+// add rewire support when running tests
+if (BABEL_ENV === 'karma' || BABEL_ENV === 'coverage') {
+  plugins.push('babel-plugin-rewire');
+}
+
+// Jest is running in node environment
+if (BABEL_ENV === 'jest') {
+  plugins.push('transform-es2015-modules-commonjs');
+  plugins.push('dynamic-import-node');
+}
+
+module.exports = { presets, plugins };
diff --git a/.codeclimate.yml b/.codeclimate.yml
new file mode 100644
index 0000000000..9998ddba64
--- /dev/null
+++ b/.codeclimate.yml
@@ -0,0 +1,40 @@
+---
+engines:
+  bundler-audit:
+    enabled: true
+  duplication:
+    enabled: true
+    config:
+      languages:
+      - ruby
+      - javascript
+ratings:
+  paths:
+  - Gemfile.lock
+  - "**.erb"
+  - "**.haml"
+  - "**.rb"
+  - "**.rhtml"
+  - "**.slim"
+  - "**.inc"
+  - "**.js"
+  - "**.jsx"
+  - "**.module"
+exclude_paths:
+- config/
+- db/
+- features/
+- node_modules/
+- spec/
+- vendor/
+- .yarn-cache/
+- tmp/
+- builds/
+- coverage/
+- public/
+- shared/
+- webpack-report/
+- log/
+- backups/
+- coverage-javascript/
+- plugins/
diff --git a/.csscomb.json b/.csscomb.json
new file mode 100644
index 0000000000..aa6a17f751
--- /dev/null
+++ b/.csscomb.json
@@ -0,0 +1,20 @@
+{
+  "exclude": [
+    "app/assets/stylesheets/framework/tw_bootstrap_variables.scss",
+    "app/assets/stylesheets/framework/fonts.scss"
+  ],
+  "always-semicolon": true,
+  "color-case": "lower",
+  "block-indent": "  ",
+  "color-shorthand": false,
+  "element-case": "lower",
+  "space-before-colon": "",
+  "space-after-colon": " ",
+  "space-before-combinator": " ",
+  "space-after-combinator": " ",
+  "space-between-declarations": "\n",
+  "space-before-opening-brace": " ",
+  "space-after-opening-brace": "\n",
+  "space-before-closing-brace": "\n",
+  "unitless-zero": true
+}
diff --git a/.eslintignore b/.eslintignore
new file mode 100644
index 0000000000..f78840e67b
--- /dev/null
+++ b/.eslintignore
@@ -0,0 +1,13 @@
+/app/assets/javascripts/locale/**/app.js
+/config/
+/builds/
+/coverage/
+/coverage-frontend/
+/coverage-javascript/
+/node_modules/
+/public/
+/scripts/
+/tmp/
+/vendor/
+karma.config.js
+webpack.config.js
diff --git a/.eslintrc.yml b/.eslintrc.yml
new file mode 100644
index 0000000000..b0794bb743
--- /dev/null
+++ b/.eslintrc.yml
@@ -0,0 +1,36 @@
+extends:
+  - '@gitlab'
+globals:
+  __webpack_public_path__: true
+  gl: false
+  gon: false
+  localStorage: false
+plugins:
+  - import
+  - html
+settings:
+  html/html-extensions:
+    - '.html'
+    - '.html.raw'
+  import/resolver:
+    webpack:
+      config: './config/webpack.config.js'
+rules:
+  import/no-commonjs: error
+  no-underscore-dangle:
+    - error
+    - allow:
+        - __
+        - _links
+  # Disabled for now, to make the airbnb-base 12.1.0 -> 13.1.0 update smoother
+  no-else-return:
+    - error
+    - allowElseIf: true
+  import/no-useless-path-segments: off
+  lines-between-class-members: off
+  # Disabled for now, to make the plugin-vue 4.5 -> 5.0 update smoother
+  vue/no-confusing-v-for-v-if: error
+  vue/no-unused-components: off
+  vue/no-use-v-if-with-v-for: off
+  vue/no-v-html: off
+  vue/use-v-on-exact: off
diff --git a/.foreman b/.foreman
new file mode 100644
index 0000000000..87c3f5a1c1
--- /dev/null
+++ b/.foreman
@@ -0,0 +1 @@
+port: 3000
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000000..7282c9e61b
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,2 @@
+Dangerfile gitlab-language=ruby
+db/schema.rb merge=merge_db_schema
diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md
new file mode 100644
index 0000000000..2e88b7aa0a
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE.md
@@ -0,0 +1,3 @@
+We’re closing our issue tracker on GitHub so we can focus on the GitLab.com project and respond to issues more quickly.
+
+We encourage you to open an issue on the [GitLab.com issue tracker](https://gitlab.com/gitlab-org/gitlab-ce/issues). You can log into GitLab.com using your GitHub account.
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 0000000000..c3b0402644
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,3 @@
+Thank you for taking the time to contribute back to GitLab!
+
+Please open a merge request [on GitLab.com](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests), we look forward to reviewing your contribution! You can log into GitLab.com using your GitHub account.
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000000..0696dd217a
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,83 @@
+*.log
+*.swp
+*.mo
+*.edit.po
+*.rej
+.DS_Store
+.bundle
+.chef
+.directory
+/.envrc
+eslint-report.html
+/.gitlab_shell_secret
+.idea
+/.vscode/*
+/.rbenv-version
+.rbx/
+/.ruby-gemset
+/.ruby-version
+/.rvmrc
+.sass-cache/
+/.secret
+/.vagrant
+/.yarn-cache
+/.byebug_history
+/Vagrantfile
+/app/assets/images/icons.json
+/app/assets/images/icons.svg
+/app/assets/images/illustrations/
+/app/assets/javascripts/locale/**/app.js
+/backups/*
+/config/aws.yml
+/config/database*.yml
+/config/gitlab.yml
+/config/gitlab_ci.yml
+/config/initializers/rack_attack.rb
+/config/initializers/smtp_settings.rb
+/config/initializers/relative_url.rb
+/config/resque.yml
+/config/redis.cache.yml
+/config/redis.queues.yml
+/config/redis.shared_state.yml
+/config/unicorn.rb
+/config/puma.rb
+/config/secrets.yml
+/config/sidekiq.yml
+/config/registry.key
+/coverage/*
+/coverage-javascript/
+/db/*.sqlite3
+/db/*.sqlite3-journal
+/db/data.yml
+/doc/code/*
+/dump.rdb
+/jsconfig.json
+/log/*.log*
+/node_modules/
+/nohup.out
+/public/assets/
+/public/uploads.*
+/public/uploads/
+/shared/artifacts/
+/spec/javascripts/fixtures/blob/pdf/
+/spec/javascripts/fixtures/blob/balsamiq/
+/rails_best_practices_output.html
+/tags
+/tmp/*
+/vendor/bundle/*
+/vendor/gitaly-ruby
+/builds*
+/shared/*
+/.gitlab_workhorse_secret
+/webpack-report/
+/knapsack/
+/rspec_flaky/
+/locale/**/LC_MESSAGES
+/locale/**/*.time_stamp
+/.rspec
+/plugins/*
+/.gitlab_pages_secret
+package-lock.json
+/junit_*.xml
+/coverage-frontend/
+jsdoc/
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000000..1f0e798e8a
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,1085 @@
+image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.5.3-golang-1.11-git-2.18-chrome-71.0-node-10.x-yarn-1.12-postgresql-9.6-graphicsmagick-1.3.29"
+
+.dedicated-runner: &dedicated-runner
+  retry: 1
+  tags:
+    - gitlab-org
+
+.default-cache: &default-cache
+  key: "debian-stretch-ruby-2.5.3-node-10.x"
+  paths:
+    - vendor/ruby
+    - .yarn-cache/
+    - vendor/gitaly-ruby
+
+.push-cache: &push-cache
+  cache:
+    <<: *default-cache
+    policy: push
+
+.pull-cache: &pull-cache
+  cache:
+    <<: *default-cache
+    policy: pull
+
+variables:
+  MYSQL_ALLOW_EMPTY_PASSWORD: "1"
+  RAILS_ENV: "test"
+  NODE_ENV: "test"
+  SIMPLECOV: "true"
+  GIT_DEPTH: "20"
+  GIT_SUBMODULE_STRATEGY: "none"
+  GET_SOURCES_ATTEMPTS: "3"
+  KNAPSACK_RSPEC_SUITE_REPORT_PATH: knapsack/${CI_PROJECT_NAME}/rspec_report-master.json
+  FLAKY_RSPEC_SUITE_REPORT_PATH: rspec_flaky/report-suite.json
+  BUILD_ASSETS_IMAGE: "false"
+
+before_script:
+  - bundle --version
+  - date
+  - source scripts/utils.sh
+  - date
+  - source scripts/prepare_build.sh
+  - date
+
+after_script:
+  - date
+
+stages:
+  - build
+  - prepare
+  - merge
+  - test
+  - post-test
+  - pages
+  - post-cleanup
+
+# Predefined scopes
+.tests-metadata-state: &tests-metadata-state
+  <<: *dedicated-runner
+  variables:
+    TESTS_METADATA_S3_BUCKET: "gitlab-ce-cache"
+  before_script:
+    - source scripts/utils.sh
+  artifacts:
+    expire_in: 31d
+    paths:
+      - knapsack/
+      - rspec_flaky/
+
+.use-pg: &use-pg
+  services:
+    - postgres:9.6
+    - redis:alpine
+
+.use-mysql: &use-mysql
+  services:
+    - mysql:5.7
+    - redis:alpine
+
+# Skip all jobs except the ones that begin with 'docs/'.
+# Used for commits including ONLY documentation changes.
+# https://docs.gitlab.com/ce/development/documentation/#testing
+.except-docs: &except-docs
+  except:
+    - /(^docs[\/-].*|.*-docs$)/
+
+.except-qa: &except-qa
+  except:
+    - /(^qa[\/-].*|.*-qa$)/
+
+.except-docs-and-qa: &except-docs-and-qa
+  except:
+    - /(^docs[\/-].*|.*-docs$)/
+    - /(^qa[\/-].*|.*-qa$)/
+
+# Jobs that only need to pull cache
+.dedicated-no-docs-pull-cache-job: &dedicated-no-docs-pull-cache-job
+  <<: *dedicated-runner
+  <<: *except-docs
+  <<: *pull-cache
+  dependencies:
+    - setup-test-env
+  stage: test
+
+# Jobs that do not need a DB
+.dedicated-no-docs-no-db-pull-cache-job: &dedicated-no-docs-no-db-pull-cache-job
+  <<: *dedicated-no-docs-pull-cache-job
+  variables:
+    SETUP_DB: "false"
+
+.dedicated-no-docs-and-no-qa-pull-cache-job: &dedicated-no-docs-and-no-qa-pull-cache-job
+  <<: *dedicated-no-docs-pull-cache-job
+  <<: *except-docs-and-qa
+
+.single-script-job: &single-script-job
+  image: ruby:2.5-alpine
+  stage: test
+  cache: {}
+  dependencies: []
+  variables: &single-script-job-variables
+    GIT_STRATEGY: none
+  before_script:
+    # We don't clone the repo by using GIT_STRATEGY: none and only download the
+    # single script we need here so it's much faster than cloning.
+    - export SCRIPT_NAME="${SCRIPT_NAME:-$CI_JOB_NAME}"
+    - apk add --update openssl
+    - wget $CI_PROJECT_URL/raw/$CI_COMMIT_SHA/scripts/$SCRIPT_NAME
+    - chmod 755 $(basename $SCRIPT_NAME)
+
+.rake-exec: &rake-exec
+  <<: *dedicated-no-docs-no-db-pull-cache-job
+  script:
+    - bundle exec rake $CI_JOB_NAME
+
+.rspec-metadata: &rspec-metadata
+  <<: *dedicated-runner
+  <<: *except-docs-and-qa
+  <<: *pull-cache
+  stage: test
+  script:
+    - JOB_NAME=( $CI_JOB_NAME )
+    - TEST_TOOL=${JOB_NAME[0]}
+    - export KNAPSACK_REPORT_PATH=knapsack/${CI_PROJECT_NAME}/${TEST_TOOL}_node_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json
+    - export KNAPSACK_GENERATE_REPORT=true
+    - export SUITE_FLAKY_RSPEC_REPORT_PATH=${FLAKY_RSPEC_SUITE_REPORT_PATH}
+    - export FLAKY_RSPEC_REPORT_PATH=rspec_flaky/all_${TEST_TOOL}_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json
+    - export NEW_FLAKY_RSPEC_REPORT_PATH=rspec_flaky/new_${TEST_TOOL}_${CI_NODE_INDEX}_${CI_NODE_TOTAL}_report.json
+    - export FLAKY_RSPEC_GENERATE_REPORT=true
+    - export CACHE_CLASSES=true
+    - cp ${KNAPSACK_RSPEC_SUITE_REPORT_PATH} ${KNAPSACK_REPORT_PATH}
+    - '[[ -f $FLAKY_RSPEC_REPORT_PATH ]] || echo "{}" > ${FLAKY_RSPEC_REPORT_PATH}'
+    - '[[ -f $NEW_FLAKY_RSPEC_REPORT_PATH ]] || echo "{}" > ${NEW_FLAKY_RSPEC_REPORT_PATH}'
+    - scripts/gitaly-test-spawn
+    - knapsack rspec "--color --format documentation --format RspecJunitFormatter --out junit_rspec.xml"
+  artifacts:
+    expire_in: 31d
+    when: always
+    paths:
+      - coverage/
+      - knapsack/
+      - rspec_flaky/
+      - tmp/capybara/
+    reports:
+      junit: junit_rspec.xml
+
+.rspec-metadata-pg: &rspec-metadata-pg
+  <<: *rspec-metadata
+  <<: *use-pg
+
+.rspec-metadata-mysql: &rspec-metadata-mysql
+  <<: *rspec-metadata
+  <<: *use-mysql
+
+.only-canonical-masters: &only-canonical-masters
+  only:
+    - master@gitlab-org/gitlab-ce
+    - master@gitlab-org/gitlab-ee
+    - master@gitlab/gitlabhq
+    - master@gitlab/gitlab-ee
+
+.gitlab-setup: &gitlab-setup
+  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
+  <<: *use-pg
+  variables:
+    SETUP_DB: "false"
+  script:
+    # Manually clone gitlab-test and only seed this project in
+    # db/fixtures/development/04_project.rb thanks to SIZE=1 below
+    - git clone https://gitlab.com/gitlab-org/gitlab-test.git
+       /home/git/repositories/gitlab-org/gitlab-test.git
+    - scripts/gitaly-test-spawn
+    - force=yes SIZE=1 FIXTURE_PATH="db/fixtures/development" bundle exec rake gitlab:setup
+  artifacts:
+    when: on_failure
+    expire_in: 1d
+    paths:
+      - log/development.log
+
+# DB migration, rollback, and seed jobs
+.db-migrate-reset: &db-migrate-reset
+  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
+  script:
+    - bundle exec rake db:migrate:reset
+
+.migration-paths: &migration-paths
+  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
+  variables:
+    SETUP_DB: "false"
+  script:
+    - git fetch https://gitlab.com/gitlab-org/gitlab-ce.git v9.3.0
+    - git checkout -f FETCH_HEAD
+    - sed -i "s/gem 'oj', '~> 2.17.4'//" Gemfile
+    - bundle update google-protobuf grpc
+    - bundle install $BUNDLE_INSTALL_FLAGS
+    - date
+    - cp config/gitlab.yml.example config/gitlab.yml
+    - bundle exec rake db:drop db:create db:schema:load db:seed_fu
+    - date
+    - git checkout -f $CI_COMMIT_SHA
+    - bundle install $BUNDLE_INSTALL_FLAGS
+    - date
+    - . scripts/prepare_build.sh
+    - date
+    - bundle exec rake db:migrate
+
+##
+# Trigger a package build in omnibus-gitlab repository
+#
+package-and-qa:
+  image: ruby:2.5-alpine
+  stage: test
+  before_script: []
+  dependencies: []
+  cache: {}
+  variables:
+    GIT_DEPTH: "1"
+    API_TOKEN: "${GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN}"
+  retry: 0
+  script:
+    - apk add --update openssl curl jq
+    - gem install gitlab --no-document
+    - source ./scripts/review_apps/review-apps.sh
+    - wait_for_job_to_be_done "gitlab:assets:compile"
+    - ./scripts/trigger-build omnibus
+  when: manual
+  only:
+    - //@gitlab-org/gitlab-ce
+    - //@gitlab-org/gitlab-ee
+
+# Review docs base
+.review-docs: &review-docs
+  <<: *dedicated-runner
+  <<: *single-script-job
+  variables:
+    <<: *single-script-job-variables
+    SCRIPT_NAME: trigger-build-docs
+  environment:
+    name: review-docs/$CI_COMMIT_REF_SLUG
+    # DOCS_REVIEW_APPS_DOMAIN and DOCS_GITLAB_REPO_SUFFIX are CI variables
+    # Discussion: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/14236/diffs#note_40140693
+    url: http://$CI_ENVIRONMENT_SLUG.$DOCS_REVIEW_APPS_DOMAIN/$DOCS_GITLAB_REPO_SUFFIX
+    on_stop: review-docs-cleanup
+
+# Trigger a manual docs build in gitlab-docs only on non docs-only branches.
+# Useful to preview the docs changes live.
+review-docs-deploy-manual:
+  <<: *review-docs
+  stage: build
+  script:
+    - gem install gitlab --no-document
+    - ./$SCRIPT_NAME deploy
+  when: manual
+  only:
+    - branches@gitlab-org/gitlab-ce
+    - branches@gitlab-org/gitlab-ee
+  <<: *except-docs-and-qa
+
+# Always trigger a docs build in gitlab-docs only on docs-only branches.
+# Useful to preview the docs changes live.
+review-docs-deploy:
+  <<: *review-docs
+  stage: post-test
+  script:
+    - gem install gitlab --no-document
+    - ./$SCRIPT_NAME deploy
+  only:
+    - /(^docs[\/-].*|.*-docs$)/@gitlab-org/gitlab-ce
+    - /(^docs[\/-].*|.*-docs$)/@gitlab-org/gitlab-ee
+  <<: *except-qa
+
+# Cleanup remote environment of gitlab-docs
+review-docs-cleanup:
+  <<: *review-docs
+  stage: post-cleanup
+  environment:
+    name: review-docs/$CI_COMMIT_REF_SLUG
+    action: stop
+  script:
+    - gem install gitlab --no-document
+    - ./$SCRIPT_NAME cleanup
+  when: manual
+  only:
+    - branches@gitlab-org/gitlab-ce
+    - branches@gitlab-org/gitlab-ee
+
+##
+# Trigger a docker image build in CNG (Cloud Native GitLab) repository
+#
+cloud-native-image:
+  image: ruby:2.5-alpine
+  before_script: []
+  dependencies: []
+  stage: post-test
+  allow_failure: true
+  variables:
+    GIT_DEPTH: "1"
+  cache: {}
+  when: manual
+  script:
+    - gem install gitlab --no-document
+    - CNG_PROJECT_PATH="gitlab-org/build/CNG" BUILD_TRIGGER_TOKEN=$CI_JOB_TOKEN ./scripts/trigger-build cng
+  only:
+    - tags@gitlab-org/gitlab-ce
+    - tags@gitlab-org/gitlab-ee
+
+# Retrieve knapsack and rspec_flaky reports
+retrieve-tests-metadata:
+  <<: *tests-metadata-state
+  <<: *except-docs-and-qa
+  stage: prepare
+  cache:
+    key: tests_metadata
+    policy: pull
+  script:
+    - mkdir -p knapsack/${CI_PROJECT_NAME}/
+    - wget -O $KNAPSACK_RSPEC_SUITE_REPORT_PATH http://${TESTS_METADATA_S3_BUCKET}.s3.amazonaws.com/$KNAPSACK_RSPEC_SUITE_REPORT_PATH || rm $KNAPSACK_RSPEC_SUITE_REPORT_PATH
+    - '[[ -f $KNAPSACK_RSPEC_SUITE_REPORT_PATH ]] || echo "{}" > ${KNAPSACK_RSPEC_SUITE_REPORT_PATH}'
+    - mkdir -p rspec_flaky/
+    - wget -O $FLAKY_RSPEC_SUITE_REPORT_PATH http://${TESTS_METADATA_S3_BUCKET}.s3.amazonaws.com/$FLAKY_RSPEC_SUITE_REPORT_PATH || rm $FLAKY_RSPEC_SUITE_REPORT_PATH
+    - '[[ -f $FLAKY_RSPEC_SUITE_REPORT_PATH ]] || echo "{}" > ${FLAKY_RSPEC_SUITE_REPORT_PATH}'
+
+update-tests-metadata:
+  <<: *tests-metadata-state
+  <<: *only-canonical-masters
+  stage: post-test
+  cache:
+    key: tests_metadata
+    paths:
+      - knapsack/
+      - rspec_flaky/
+    policy: push
+  script:
+    - retry gem install fog-aws mime-types activesupport --no-document
+    - scripts/merge-reports ${KNAPSACK_RSPEC_SUITE_REPORT_PATH} knapsack/${CI_PROJECT_NAME}/rspec-pg_node_*.json
+    - scripts/merge-reports ${FLAKY_RSPEC_SUITE_REPORT_PATH} rspec_flaky/all_*_*.json
+    - FLAKY_RSPEC_GENERATE_REPORT=1 scripts/prune-old-flaky-specs ${FLAKY_RSPEC_SUITE_REPORT_PATH}
+    - '[[ -z ${TESTS_METADATA_S3_BUCKET} ]] || scripts/sync-reports put $TESTS_METADATA_S3_BUCKET $KNAPSACK_RSPEC_SUITE_REPORT_PATH'
+    - '[[ -z ${TESTS_METADATA_S3_BUCKET} ]] || scripts/sync-reports put $TESTS_METADATA_S3_BUCKET $FLAKY_RSPEC_SUITE_REPORT_PATH'
+    - rm -f knapsack/${CI_PROJECT_NAME}/*_node_*.json
+    - rm -f rspec_flaky/all_*.json rspec_flaky/new_*.json
+
+flaky-examples-check:
+  <<: *dedicated-runner
+  image: ruby:2.5-alpine
+  services: []
+  before_script: []
+  variables:
+    SETUP_DB: "false"
+    USE_BUNDLE_INSTALL: "false"
+    NEW_FLAKY_SPECS_REPORT: rspec_flaky/report-new.json
+  stage: post-test
+  allow_failure: true
+  retry: 0
+  only:
+    - branches
+  except:
+    - master
+    - /(^docs[\/-].*|.*-docs$)/
+    - /(^qa[\/-].*|.*-qa$)/
+  artifacts:
+    expire_in: 30d
+    paths:
+      - rspec_flaky/
+  script:
+    - '[[ -f $NEW_FLAKY_SPECS_REPORT ]] || echo "{}" > ${NEW_FLAKY_SPECS_REPORT}'
+    - scripts/merge-reports ${NEW_FLAKY_SPECS_REPORT} rspec_flaky/new_*_*.json
+    - scripts/detect-new-flaky-examples $NEW_FLAKY_SPECS_REPORT
+
+.assets-compile-cache: &assets-compile-cache
+  cache:
+    key: "assets-compile:vendor_ruby:.yarn-cache:tmp_cache_assets_sprockets:v4"
+    paths:
+      - vendor/ruby/
+      - .yarn-cache/
+      # We have disabled caching of sprockets for now, as it fails to pick up changes in SCSS:
+      # https://gitlab.com/gitlab-org/gitlab-ce/issues/57431
+      # - tmp/cache/assets/sprockets
+
+compile-assets:
+  <<: *dedicated-runner
+  <<: *except-docs
+  <<: *use-pg
+  stage: prepare
+  script:
+    - node --version
+    - yarn install --frozen-lockfile --cache-folder .yarn-cache
+    - free -m
+    - bundle exec rake gitlab:assets:compile
+    - scripts/clean-old-cached-assets
+  variables:
+    # we override the max_old_space_size to prevent OOM errors
+    NODE_OPTIONS: --max_old_space_size=3584
+  artifacts:
+    expire_in: 7d
+    paths:
+      - node_modules
+      - public/assets
+  <<: *assets-compile-cache
+
+setup-test-env:
+  <<: *dedicated-runner
+  <<: *except-docs
+  <<: *use-pg
+  stage: prepare
+  cache:
+    <<: *default-cache
+  script:
+    - bundle exec ruby -Ispec -e 'require "spec_helper" ; TestEnv.init'
+    - scripts/gitaly-test-build # Do not use 'bundle exec' here
+  artifacts:
+    expire_in: 7d
+    paths:
+      - tmp/tests
+      - config/secrets.yml
+      - vendor/gitaly-ruby
+
+# GitLab Review apps
+.review-only: &review-only
+  only:
+    refs:
+      - branches@gitlab-org/gitlab-ce
+      - branches@gitlab-org/gitlab-ee
+    kubernetes: active
+  except:
+    refs:
+      - master
+      - /(^docs[\/-].*|.*-docs$)/
+
+.review-base: &review-base
+  <<: *dedicated-no-docs-no-db-pull-cache-job
+  <<: *review-only
+  image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
+  stage: test
+  cache: {}
+  dependencies: []
+  environment: &review-environment
+    name: review/${CI_COMMIT_REF_NAME}
+    url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}
+  before_script: []
+
+.review-docker: &review-docker
+  <<: *review-base
+  image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine
+  services:
+    - docker:stable-dind
+  tags:
+    - gitlab-org
+    - docker
+  variables: &review-docker-variables
+    GIT_DEPTH: "1"
+    DOCKER_DRIVER: overlay2
+    DOCKER_HOST: tcp://docker:2375
+    LATEST_QA_IMAGE: "gitlab/${CI_PROJECT_NAME}-qa:nightly"
+    QA_IMAGE: "${CI_REGISTRY}/${CI_PROJECT_PATH}/gitlab/${CI_PROJECT_NAME}-qa:${CI_COMMIT_REF_SLUG}"
+
+build-qa-image:
+  <<: *review-docker
+  stage: prepare
+  script:
+    - time docker build --cache-from ${LATEST_QA_IMAGE} --tag ${QA_IMAGE} ./qa/
+    - echo "${CI_JOB_TOKEN}" | docker login --username gitlab-ci-token --password-stdin ${CI_REGISTRY}
+    - time docker push ${QA_IMAGE}
+
+danger-review:
+  <<: *pull-cache
+  image: registry.gitlab.com/gitlab-org/gitlab-build-images:danger
+  stage: test
+  dependencies: []
+  before_script: []
+  only:
+    variables:
+      - $DANGER_GITLAB_API_TOKEN
+  except:
+    refs:
+      - master
+    variables:
+      - $CI_COMMIT_REF_NAME =~ /^ce-to-ee-.*/
+      - $CI_COMMIT_REF_NAME =~ /.*-stable(-ee)?-prepare-.*/
+  script:
+    - git version
+    - node --version
+    - yarn install --frozen-lockfile --cache-folder .yarn-cache
+    - danger --fail-on-errors=true
+
+rspec-pg:
+  <<: *rspec-metadata-pg
+  parallel: 50
+
+rspec-mysql:
+  <<: *rspec-metadata-mysql
+  parallel: 50
+
+.rspec-quarantine: &rspec-quarantine
+  script:
+    - export CACHE_CLASSES=true
+    - scripts/gitaly-test-spawn
+    - bin/rspec --color --format documentation --tag quarantine spec/
+
+rspec-pg-quarantine:
+  <<: *rspec-metadata-pg
+  <<: *rspec-quarantine
+  allow_failure: true
+
+rspec-mysql-quarantine:
+  <<: *rspec-metadata-mysql
+  <<: *rspec-quarantine
+  allow_failure: true
+
+static-analysis:
+  <<: *dedicated-no-docs-no-db-pull-cache-job
+  dependencies:
+    - compile-assets
+    - setup-test-env
+  script:
+    - scripts/static-analysis
+  cache:
+    key: "debian-stretch-ruby-2.5.3-node-10.x-and-rubocop"
+    paths:
+      - vendor/ruby
+      - .yarn-cache/
+      - tmp/rubocop_cache
+
+# Documentation checks:
+# - Check validity of relative links
+# - Make sure cURL examples in API docs use the full switches
+docs lint:
+  <<: *dedicated-runner
+  <<: *except-qa
+  image: "registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-docs-lint"
+  stage: test
+  cache: {}
+  dependencies: []
+  before_script: []
+  script:
+    - scripts/lint-doc.sh
+    - scripts/lint-changelog-yaml
+    - mv doc/ /tmp/gitlab-docs/content/$DOCS_GITLAB_REPO_SUFFIX
+    - cd /tmp/gitlab-docs
+    # Build HTML from Markdown
+    - bundle exec nanoc
+    # Check the internal links
+    - bundle exec nanoc check internal_links
+
+downtime_check:
+  <<: *rake-exec
+  except:
+    - master
+    - tags
+    - /^[\d-]+-stable(-ee)?$/
+    - /(^docs[\/-].*|.*-docs$)/
+    - /(^qa[\/-].*|.*-qa$)/
+
+ee_compat_check:
+  <<: *rake-exec
+  dependencies: []
+  except:
+    - master
+    - tags
+    - /[\d-]+-stable(-ee)?/
+    - /^security-/
+    - branches@gitlab-org/gitlab-ee
+    - branches@gitlab/gitlab-ee
+  retry: 0
+  artifacts:
+    name: "${CI_JOB_NAME}_${CI_COMIT_REF_NAME}_${CI_COMMIT_SHA}"
+    when: always
+    expire_in: 10d
+    paths:
+      - ee_compat_check/patches/*.patch
+
+db:migrate:reset-pg:
+  <<: *db-migrate-reset
+  <<: *use-pg
+
+db:migrate:reset-mysql:
+  <<: *db-migrate-reset
+  <<: *use-mysql
+
+db:check-schema-pg:
+  <<: *db-migrate-reset
+  <<: *use-pg
+  script:
+    - source scripts/schema_changed.sh
+
+migration:path-pg:
+  <<: *migration-paths
+  <<: *use-pg
+
+migration:path-mysql:
+  <<: *migration-paths
+  <<: *use-mysql
+
+.db-rollback: &db-rollback
+  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
+  script:
+    - bundle exec rake db:migrate VERSION=20170523121229
+    - bundle exec rake db:migrate
+
+db:rollback-pg:
+  <<: *db-rollback
+  <<: *use-pg
+
+db:rollback-mysql:
+  <<: *db-rollback
+  <<: *use-mysql
+
+gitlab:setup-pg:
+  <<: *gitlab-setup
+  <<: *use-pg
+
+gitlab:setup-mysql:
+  <<: *gitlab-setup
+  <<: *use-mysql
+
+# Frontend-related jobs
+gitlab:assets:compile:
+  <<: *dedicated-no-docs-pull-cache-job
+  image: dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.5.3-git-2.18-chrome-71.0-node-8.x-yarn-1.12-graphicsmagick-1.3.29-docker-18.06.1
+  dependencies:
+    - setup-test-env
+  services:
+    - docker:stable-dind
+  variables:
+    NODE_ENV: "production"
+    RAILS_ENV: "production"
+    SETUP_DB: "false"
+    SKIP_STORAGE_VALIDATION: "true"
+    WEBPACK_REPORT: "true"
+    # we override the max_old_space_size to prevent OOM errors
+    NODE_OPTIONS: --max_old_space_size=3584
+    DOCKER_DRIVER: overlay2
+    DOCKER_HOST: tcp://docker:2375
+  script:
+    - node --version
+    - yarn install --frozen-lockfile --production --cache-folder .yarn-cache
+    - free -m
+    - bundle exec rake gitlab:assets:compile
+    - time scripts/build_assets_image
+    - scripts/clean-old-cached-assets
+  artifacts:
+    name: webpack-report
+    expire_in: 31d
+    paths:
+      - webpack-report/
+      - public/assets/
+  <<: *assets-compile-cache
+  only:
+    - //@gitlab-org/gitlab-ce
+    - //@gitlab-org/gitlab-ee
+    - //@gitlab/gitlabhq
+    - //@gitlab/gitlab-ee
+  tags:
+    - gitlab-org-delivery
+    - high-cpu
+
+karma:
+  <<: *dedicated-no-docs-pull-cache-job
+  <<: *use-pg
+  dependencies:
+    - compile-assets
+    - setup-test-env
+  variables:
+    # we override the max_old_space_size to prevent OOM errors
+    NODE_OPTIONS: --max_old_space_size=3584
+  script:
+    - export BABEL_ENV=coverage CHROME_LOG_FILE=chrome_debug.log
+    - date
+    - scripts/gitaly-test-spawn
+    - date
+    - bundle exec rake karma
+  coverage: '/^Statements *: (\d+\.\d+%)/'
+  artifacts:
+    name: coverage-javascript
+    expire_in: 31d
+    when: always
+    paths:
+      - chrome_debug.log
+      - coverage-javascript/
+    reports:
+      junit: junit_karma.xml
+
+jest:
+  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
+  <<: *use-pg
+  dependencies:
+  - compile-assets
+  - setup-test-env
+  script:
+    - scripts/gitaly-test-spawn
+    - date
+    - bundle exec rake karma:fixtures
+    - date
+    - yarn jest --ci --coverage
+  artifacts:
+    name: coverage-frontend
+    expire_in: 31d
+    when: always
+    paths:
+    - coverage-frontend/
+    - junit_jest.xml
+    reports:
+      junit: junit_jest.xml
+  cache:
+    key: jest
+    paths:
+      - tmp/jest/jest/
+
+code_quality:
+  <<: *dedicated-no-docs-no-db-pull-cache-job
+  image: docker:stable
+  allow_failure: true
+  # gitlab-org runners set `privileged: false` but we need to have it set to true
+  # since we're using Docker in Docker
+  tags: []
+  before_script: []
+  services:
+    - docker:stable-dind
+  variables:
+    SETUP_DB: "false"
+    DOCKER_DRIVER: overlay2
+  cache: {}
+  dependencies: []
+  script:
+    # Extract "MAJOR.MINOR" from CI_SERVER_VERSION and generate "MAJOR-MINOR-stable" for Security Products
+    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - docker run
+        --env SOURCE_CODE="$PWD"
+        --volume "$PWD":/code
+        --volume /var/run/docker.sock:/var/run/docker.sock
+        "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
+  artifacts:
+    reports:
+      codequality: gl-code-quality-report.json
+    expire_in: 1 week
+
+sast:
+  <<: *dedicated-no-docs-no-db-pull-cache-job
+  image: docker:stable
+  variables:
+    SAST_CONFIDENCE_LEVEL: 2
+    DOCKER_DRIVER: overlay2
+  allow_failure: true
+  tags: []
+  before_script: []
+  cache: {}
+  dependencies: []
+  services:
+    - docker:stable-dind
+  script:
+    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - docker run
+        --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
+        --volume "$PWD:/code"
+        --volume /var/run/docker.sock:/var/run/docker.sock
+        "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
+  artifacts:
+    reports:
+      sast: gl-sast-report.json
+
+dependency_scanning:
+  <<: *dedicated-no-docs-no-db-pull-cache-job
+  image: docker:stable
+  variables:
+    DOCKER_DRIVER: overlay2
+  allow_failure: true
+  tags: []
+  before_script: []
+  cache: {}
+  dependencies: []
+  services:
+    - docker:stable-dind
+  script:
+    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
+    - docker run
+        --env DEP_SCAN_DISABLE_REMOTE_CHECKS="${DEP_SCAN_DISABLE_REMOTE_CHECKS:-false}"
+        --volume "$PWD:/code"
+        --volume /var/run/docker.sock:/var/run/docker.sock
+        "registry.gitlab.com/gitlab-org/security-products/dependency-scanning:$SP_VERSION" /code
+  artifacts:
+    reports:
+      dependency_scanning: gl-dependency-scanning-report.json
+
+qa:internal:
+  <<: *dedicated-no-docs-no-db-pull-cache-job
+  services: []
+  script:
+    - cd qa/
+    - bundle install
+    - bundle exec rspec
+
+qa:selectors:
+  <<: *dedicated-no-docs-no-db-pull-cache-job
+  services: []
+  script:
+    - cd qa/
+    - bundle install
+    - bundle exec bin/qa Test::Sanity::Selectors
+
+.qa-frontend-node: &qa-frontend-node
+  <<: *dedicated-no-docs-no-db-pull-cache-job
+  stage: test
+  variables:
+    NODE_OPTIONS: --max_old_space_size=3584
+  cache:
+    key: "$CI_JOB_NAME"
+    paths:
+      - .yarn-cache/
+  dependencies: []
+  before_script: []
+  script:
+    - date
+    - yarn install --frozen-lockfile --cache-folder .yarn-cache
+    - date
+    - yarn run webpack-prod
+
+qa-frontend-node:8:
+  <<: *qa-frontend-node
+  image: node:8-alpine
+
+qa-frontend-node:10:
+  <<: *qa-frontend-node
+  image: node:10-alpine
+
+qa-frontend-node:latest:
+  <<: *qa-frontend-node
+  image: node:alpine
+  allow_failure: true
+
+coverage:
+  # Don't include dedicated-no-docs-no-db-pull-cache-job here since we need to
+  # download artifacts from all the rspec jobs instead of from setup-test-env only
+  <<: *dedicated-runner
+  <<: *except-docs-and-qa
+  <<: *pull-cache
+  variables:
+    SETUP_DB: "false"
+  stage: post-test
+  script:
+    - bundle exec scripts/merge-simplecov
+  coverage: '/LOC \((\d+\.\d+%)\) covered.$/'
+  artifacts:
+    name: coverage
+    expire_in: 31d
+    paths:
+    - coverage/index.html
+    - coverage/assets/
+
+lint:javascript:report:
+  <<: *dedicated-no-docs-and-no-qa-pull-cache-job
+  stage: post-test
+  dependencies: []
+  before_script: []
+  script:
+    - date
+    - yarn run eslint-report || true # ignore exit code
+  artifacts:
+    name: eslint-report
+    expire_in: 31d
+    paths:
+      - eslint-report.html
+
+jsdoc:
+  <<: *dedicated-no-docs-pull-cache-job
+  stage: post-test
+  dependencies:
+    - compile-assets
+  before_script: []
+  script:
+    - date
+    - yarn run jsdoc || true # ignore exit code
+  artifacts:
+    name: jsdoc
+    expire_in: 31d
+    paths:
+      - jsdoc/
+
+pages:
+  <<: *dedicated-no-docs-no-db-pull-cache-job
+  before_script: []
+  stage: pages
+  dependencies:
+    - coverage
+    - karma
+    - gitlab:assets:compile
+    - lint:javascript:report
+    - jsdoc
+  script:
+    - mv public/ .public/
+    - mkdir public/
+    - mv coverage/ public/coverage-ruby/ || true
+    - mv coverage-javascript/ public/coverage-javascript/ || true
+    - mv eslint-report.html public/ || true
+    - mv webpack-report/ public/webpack-report/ || true
+    - cp .public/assets/application-*.css public/application.css || true
+    - cp .public/assets/application-*.css.gz public/application.css.gz || true
+    - mv jsdoc/ public/jsdoc/ || true
+  artifacts:
+    paths:
+      - public
+  only:
+    - master@gitlab-org/gitlab-ce
+    - master@gitlab-org/gitlab-ee
+
+# Insurance in case a gem needed by one of our releases gets yanked from
+# rubygems.org in the future.
+cache gems:
+  <<: *dedicated-no-docs-no-db-pull-cache-job
+  script:
+    - bundle package --all --all-platforms
+  artifacts:
+    paths:
+      - vendor/cache
+  only:
+    - master@gitlab-org/gitlab-ce
+    - master@gitlab-org/gitlab-ee
+    - tags
+
+gitlab_git_test:
+  <<: *dedicated-runner
+  <<: *except-docs-and-qa
+  variables:
+    SETUP_DB: "false"
+  before_script: []
+  dependencies: []
+  cache: {}
+  script:
+    - spec/support/prepare-gitlab-git-test-for-commit --check-for-changes
+
+no_ee_check:
+  <<: *dedicated-runner
+  <<: *except-docs-and-qa
+  variables:
+    SETUP_DB: "false"
+  before_script: []
+  dependencies: []
+  cache: {}
+  script:
+    - scripts/no-ee-check
+  only:
+    - //@gitlab-org/gitlab-ce
+
+# GitLab Review apps
+review-build-cng:
+  <<: *review-only
+  image: ruby:2.5-alpine
+  stage: test
+  before_script: []
+  dependencies: []
+  cache: {}
+  variables:
+    GIT_DEPTH: "1"
+    API_TOKEN: "${GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN}"
+  script:
+    - apk add --update openssl curl jq
+    - gem install gitlab --no-document
+    - source ./scripts/review_apps/review-apps.sh
+    - wait_for_job_to_be_done "gitlab:assets:compile"
+    - BUILD_TRIGGER_TOKEN=$REVIEW_APPS_BUILD_TRIGGER_TOKEN ./scripts/trigger-build cng
+
+review-deploy:
+  <<: *review-base
+  retry: 2
+  allow_failure: true
+  variables:
+    GIT_DEPTH: "1"
+    HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}"
+    DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}"
+    GITLAB_HELM_CHART_REF: "master"
+    API_TOKEN: "${GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN}"
+  environment:
+    <<: *review-environment
+    on_stop: review-stop
+  before_script:
+    - export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION)
+    - export GITALY_VERSION=$(<GITALY_SERVER_VERSION)
+    - export GITLAB_WORKHORSE_VERSION=$(<GITLAB_WORKHORSE_VERSION)
+    - apk update && apk add jq
+    - gem install gitlab --no-document
+    - source ./scripts/review_apps/review-apps.sh
+  script:
+    - wait_for_job_to_be_done "review-build-cng"
+    - check_kube_domain
+    - download_gitlab_chart
+    - ensure_namespace
+    - install_tiller
+    - install_external_dns
+    - time deploy
+    - add_license
+
+.review-qa-base: &review-qa-base
+  <<: *review-docker
+  allow_failure: true
+  variables:
+    <<: *review-docker-variables
+    API_TOKEN: "${GITLAB_BOT_MULTI_PROJECT_PIPELINE_POLLING_TOKEN}"
+    QA_ARTIFACTS_DIR: "${CI_PROJECT_DIR}/qa"
+    QA_CAN_TEST_GIT_PROTOCOL_V2: "false"
+    GITLAB_USERNAME: "root"
+    GITLAB_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}"
+    GITLAB_ADMIN_USERNAME: "root"
+    GITLAB_ADMIN_PASSWORD: "${REVIEW_APPS_ROOT_PASSWORD}"
+    GITHUB_ACCESS_TOKEN: "${REVIEW_APPS_QA_GITHUB_ACCESS_TOKEN}"
+    EE_LICENSE: "${REVIEW_APPS_EE_LICENSE}"
+    QA_DEBUG: "true"
+  artifacts:
+    paths:
+      - ./qa/gitlab-qa-run-*
+    expire_in: 7 days
+    when: always
+  before_script:
+    - echo "${QA_IMAGE}"
+    - echo "${CI_ENVIRONMENT_URL}"
+    - apk update && apk add curl jq
+    - source ./scripts/review_apps/review-apps.sh
+    - gem install gitlab-qa --no-document ${GITLAB_QA_VERSION:+ --version ${GITLAB_QA_VERSION}}
+    - wait_for_job_to_be_done "review-deploy"
+
+review-qa-smoke:
+  <<: *review-qa-base
+  script:
+    - gitlab-qa Test::Instance::Smoke "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}"
+
+review-qa-all:
+  <<: *review-qa-base
+  script:
+    - gitlab-qa Test::Instance::Any "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}"
+  when: manual
+
+review-stop:
+  <<: *review-base
+  <<: *single-script-job
+  image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
+  allow_failure: true
+  variables:
+    <<: *single-script-job-variables
+    SCRIPT_NAME: "review_apps/review-apps.sh"
+  when: manual
+  environment:
+    <<: *review-environment
+    action: stop
+  script:
+    - source $(basename "${SCRIPT_NAME}")
+    - delete
+    - cleanup
+
+schedule:review-cleanup:
+  <<: *review-base
+  stage: build
+  allow_failure: true
+  variables:
+    GIT_DEPTH: "1"
+  environment:
+    name: review/auto-cleanup
+  only:
+    refs:
+      - schedules@gitlab-org/gitlab-ce
+      - schedules@gitlab-org/gitlab-ee
+    kubernetes: active
+  except:
+    - tags
+    - /(^docs[\/-].*|.*-docs$)/
+  before_script:
+    - gem install gitlab --no-document
+  script:
+    - ruby -rrubygems scripts/review_apps/automated_cleanup.rb
diff --git a/.gitlab/CODEOWNERS.disabled b/.gitlab/CODEOWNERS.disabled
new file mode 100644
index 0000000000..b9f886c1d4
--- /dev/null
+++ b/.gitlab/CODEOWNERS.disabled
@@ -0,0 +1,20 @@
+# Backend Maintainers are the default for all ruby files
+*.rb @ayufan @dbalexandre @DouweM @dzaporozhets @godfat @grzesiek @nick.thomas @rspeicher @rymai @smcgivern
+*.rake @ayufan @dbalexandre @DouweM @dzaporozhets @godfat @grzesiek @nick.thomas @rspeicher @rymai @smcgivern
+
+# Technical writing team are the default reviewers for everything in `doc/`
+/doc/ @axil @marcia
+
+# Frontend maintainers should see everything in `app/assets/`
+app/assets/ @ClemMakesApps @fatihacet @filipa @iamphill @mikegreiling @timzallmann @kushalpandya
+*.scss @annabeldunstone @ClemMakesApps @fatihacet @filipa @iamphill @mikegreiling @timzallmann @kushalpandya
+
+# Someone from the database team should review changes in `db/`
+db/ @abrandl @NikolayS
+
+# Feature specific owners
+/ee/lib/gitlab/code_owners/ @reprazent
+/ee/lib/ee/gitlab/auth/ldap/ @dblessing @mkozono
+/lib/gitlab/auth/ldap/ @dblessing @mkozono
+/lib/gitlab/ci/templates/ @nolith @zj
+/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml @DylanGriffith @mayra-cabrera @tkuah
diff --git a/.gitlab/issue_templates/Acceptance_Testing.md b/.gitlab/issue_templates/Acceptance_Testing.md
new file mode 100644
index 0000000000..f1fbb96ce6
--- /dev/null
+++ b/.gitlab/issue_templates/Acceptance_Testing.md
@@ -0,0 +1,100 @@
+## Details
+- **Feature Toggle Name**: `FEATURE_NAME`
+- **Required GitLab Version**: `vX.X`
+
+--------------------------------------------------------------------------------
+
+## 1. Preparation
+
+- [ ] **Controllers and workers**:
+  1. Please link to dashboards of the workers, and the controllers and actions that can be impacted
+  2. ...
+  3. ...
+
+## 2. Development Trial
+
+#### Check Dev Server Versions
+- [ ] GitLab: https://dev.gitlab.org/help
+
+#### Enable on `dev.gitlab.org`:
+- [ ] `/chatops feature set FEATURE_NAME true --dev` in [`#dev-gitlab`](https://gitlab.slack.com/messages/C6WQ87MU3)
+
+Then leave running while monitoring and performing some testing through web, api or SSH.
+
+#### Monitor
+
+- [ ] [Monitor Using Grafana](https://dashboards.gitlab.net)
+- [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana)
+- [ ] [Check for errors in GitLab Dev Sentry](https://sentry.gitlap.com/gitlab/devgitlaborg/?query=is%3Aunresolved)
+
+## 2. Staging Trial
+
+#### Check Staging Server Versions
+- [ ] GitLab: https://staging.gitlab.com/help
+
+#### Enable on `staging.gitlab.com`
+- [ ] `/chatops run feature set FEATURE_NAME true --staging` in [`#development`](https://gitlab.slack.com/messages/C02PF508L/)
+
+Then leave running while monitoring for at least **15 minutes** while performing some testing through web, api or SSH.
+
+#### Monitor
+
+- [ ] [Monitor Using Grafana](https://dashboards.gitlab.net)
+- [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana)
+- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlap.com/gitlab/gitlabcom/?query=is%3Aunresolved)
+
+## 4. Production Server Version Check
+
+- [ ] GitLab: https://gitlab.com/help
+
+## 5. Initial Impact Check
+
+- [ ] Enable for a subset of users, when using percentage gates: 1%.
+
+Then leave running while monitoring for at least **15 minutes** while performing some testing through web, api or SSH.
+
+#### Monitor
+
+- [ ] [Monitor Using Grafana](https://dashboards.gitlab.net)
+- [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana)
+- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlap.com/gitlab/gitlabcom/?query=is%3Aunresolved)
+
+## 6. Low Impact Check
+
+- [ ] Enable for a bigger subset of users, when using percentage gates: 10%.
+
+Then leave running while monitoring for at least **30 minutes** while performing some testing through web, api or SSH.
+
+#### Monitor
+
+- [ ] [Monitor Using Grafana](https://dashboards.gitlab.net)
+- [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana)
+- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlap.com/gitlab/gitlabcom/?query=is%3Aunresolved)
+
+## 7. Mid Impact Trial
+
+- [ ] Enable for a big subset of users, when using percentage gates: 50%.
+
+Then leave running while monitoring for at least **12 hours** while performing some testing through web, api or SSH.
+
+#### Monitor
+
+- [ ] [Monitor Using Grafana](https://dashboards.gitlab.net)
+- [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana)
+- [ ] [Check for errors in GitLab Sentry](https://sentry.gitlap.com/gitlab/gitlabcom/?query=is%3Aunresolved)
+
+## 8. Full Impact Trial
+
+- [ ] Enable for all users: `/chatops run feature set FEATURE_NAME true
+
+Then leave running while monitoring for at least **1 week**.
+
+#### Monitor
+
+- [ ] [Monitor Using Grafana](https://dashboards.gitlab.net)
+- [ ] [Inspect logs in ELK](https://log.gitlab.net/app/kibana)
+- [ ] [Check for errors in GitLab Dev Sentry](https://sentry.gitlap.com/gitlab/devgitlaborg/?query=is%3Aunresolved)
+
+#### Success?
+
+- [ ] Remove the feature gate from the code, and close this issue with that MR.
diff --git a/.gitlab/issue_templates/Bug.md b/.gitlab/issue_templates/Bug.md
new file mode 100644
index 0000000000..3e58d2a867
--- /dev/null
+++ b/.gitlab/issue_templates/Bug.md
@@ -0,0 +1,87 @@
+<!---
+Please read this!
+
+Before opening a new issue, make sure to search for keywords in the issues
+filtered by the "regression" or "bug" label.
+
+For the Community Edition issue tracker:
+
+- https://gitlab.com/gitlab-org/gitlab-ce/issues?label_name%5B%5D=regression
+- https://gitlab.com/gitlab-org/gitlab-ce/issues?label_name%5B%5D=bug
+
+For the Enterprise Edition issue tracker:
+
+- https://gitlab.com/gitlab-org/gitlab-ee/issues?label_name%5B%5D=regression
+- https://gitlab.com/gitlab-org/gitlab-ee/issues?label_name%5B%5D=bug
+
+and verify the issue you're about to submit isn't a duplicate.
+--->
+
+### Summary
+
+(Summarize the bug encountered concisely)
+
+### Steps to reproduce
+
+(How one can reproduce the issue - this is very important)
+
+### Example Project
+
+(If possible, please create an example project here on GitLab.com that exhibits the problematic behaviour, and link to it here in the bug report)
+
+(If you are using an older version of GitLab, this will also determine whether the bug has been fixed in a more recent version)
+
+### What is the current *bug* behavior?
+
+(What actually happens)
+
+### What is the expected *correct* behavior?
+
+(What you should see instead)
+
+### Relevant logs and/or screenshots
+
+(Paste any relevant logs - please use code blocks (```) to format console output,
+logs, and code as it's very hard to read otherwise.)
+
+### Output of checks
+
+(If you are reporting a bug on GitLab.com, write: This bug happens on GitLab.com)
+
+#### Results of GitLab environment info
+
+<details>
+<summary>Expand for output related to GitLab environment info</summary>
+<pre>
+
+(For installations with omnibus-gitlab package run and paste the output of:
+`sudo gitlab-rake gitlab:env:info`)
+
+(For installations from source run and paste the output of:
+`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
+
+</pre>
+</details>
+
+#### Results of GitLab application Check
+
+<details>
+<summary>Expand for output related to the GitLab application check</summary>
+<pre>
+
+(For installations with omnibus-gitlab package run and paste the output of:
+`sudo gitlab-rake gitlab:check SANITIZE=true`)
+
+(For installations from source run and paste the output of:
+`sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true`)
+
+(we will only investigate if the tests are passing)
+
+</pre>
+</details>
+
+### Possible fixes
+
+(If you can, link to the line of code that might be responsible for the problem)
+
+/label ~bug
diff --git a/.gitlab/issue_templates/Coding style proposal.md b/.gitlab/issue_templates/Coding style proposal.md
new file mode 100644
index 0000000000..1a3be44bea
--- /dev/null
+++ b/.gitlab/issue_templates/Coding style proposal.md	
@@ -0,0 +1,16 @@
+## Description of the proposal
+
+<!--
+Please describe the proposal and add a link to the source (for example, http://www.betterspecs.org/).
+-->
+
+- [ ] Mention the proposal in the next backend weekly call and the #backend channel to encourage contribution
+- [ ] Proceed with the proposal once 50% of the maintainers have weighed in, and 80% of the votes are :+1:
+- [ ] Once approved, mention it again in the next backend weekly call and the #backend channel
+
+
+/label ~"development guidelines"
+/label ~"Style decision"
+/label ~Documentation
+
+/cc @gitlab-org/maintainers/rails-backend
diff --git a/.gitlab/issue_templates/Documentation.md b/.gitlab/issue_templates/Documentation.md
new file mode 100644
index 0000000000..b33ed5bcaa
--- /dev/null
+++ b/.gitlab/issue_templates/Documentation.md
@@ -0,0 +1,54 @@
+<!--See the general documentation guidelines https://docs.gitlab.com/ee/development/documentation -->
+
+<!-- Mention "documentation" or "docs" in the issue title -->
+
+<!-- Use this description template for new docs or updates to existing docs. -->
+
+<!-- Check the documentation structure guidelines for guidance: https://docs.gitlab.com/ee/development/documentation/structure.html-->
+
+- [ ] Documents Feature A <!-- feature name -->
+- [ ] Follow-up from: #XXX, !YYY <!-- Mention related issues, MRs, and epics when available -->
+
+## New doc or update?
+
+<!-- Mark either of these boxes: -->
+
+- [ ] New documentation
+- [ ] Update existing documentation
+
+## Checklists
+
+### Product Manager
+
+<!-- Reference: https://docs.gitlab.com/ee/development/documentation/workflow.html#1-product-manager-s-role-in-the-documentation-process -->
+
+- [ ] Add the correct labels
+- [ ] Add the correct milestone
+- [ ] Indicate the correct document/directory for this feature <!-- (ping the tech writers for help if you're not sure) -->
+- [ ] Fill the doc blurb below
+
+#### Documentation blurb
+
+<!-- Documentation template: https://docs.gitlab.com/ee/development/documentation/structure.html#documentation-template-for-new-docs -->
+
+- Doc **title**
+
+    <!-- write the doc title here -->
+
+- Feature **overview/description**
+
+    <!-- Write the feature overview here -->
+
+- Feature **use cases**
+
+    <!-- Write the use cases here -->
+
+### Developer
+
+<!-- Reference: https://docs.gitlab.com/ee/development/documentation/workflow.html#2-developer-s-role-in-the-documentation-process -->
+
+- [ ] Copy the doc blurb above and paste it into the doc
+- [ ] Write the tutorial - explain how to use the feature
+- [ ] Submit the MR using the appropriate MR description template
+
+/label ~Documentation
diff --git a/.gitlab/issue_templates/Feature proposal.md b/.gitlab/issue_templates/Feature proposal.md
new file mode 100644
index 0000000000..1bb8d33ff6
--- /dev/null
+++ b/.gitlab/issue_templates/Feature proposal.md	
@@ -0,0 +1,46 @@
+### Problem to solve
+
+<!--- What problem do we solve? -->
+
+### Target audience
+
+<!--- For whom are we doing this? Include a [persona](https://design.gitlab.com/research/personas)
+listed below, if applicable, along with its [label](https://gitlab.com/groups/gitlab-org/-/labels?utf8=%E2%9C%93&subscribed=&search=persona%3A),
+or define a specific company role, e.g. "Release Manager".
+
+Existing personas are: (copy relevant personas out of this comment, and delete any persona that does not apply)
+
+- Parker, Product Manager, https://design.gitlab.com/research/personas#persona-parker
+/label ~"Persona: Product Manager"
+
+- Delaney, Development Team Lead, https://design.gitlab.com/research/personas#persona-delaney
+/label ~"Persona: Development Team Lead"
+
+- Sasha, Software Developer, https://design.gitlab.com/research/personas#persona-sasha
+/label ~"Persona: Software developer"
+
+- Devon, DevOps Engineer, https://design.gitlab.com/research/personas#persona-devon
+/label ~"Persona: DevOps Engineer"
+
+- Sidney, Systems Administrator, https://design.gitlab.com/research/personas#persona-sidney
+/label ~"Persona: Systems Administrator"
+
+- Sam, Security Analyst, https://design.gitlab.com/research/personas#persona-sam
+/label ~"Persona: Security Analyst"
+-->
+
+### Further details
+
+<!--- Include use cases, benefits, and/or goals (contributes to our vision?) -->
+
+### Proposal
+
+<!--- How are we going to solve the problem? Try to include the user journey! -->
+
+### What does success look like, and how can we measure that?
+
+<!--- Define both the success metrics and acceptance criteria. Note that success metrics indicate the desired business outcomes, while acceptance criteria indicate when the solution is working correctly. If there is no way to measure success, link to an issue that will implement a way to measure this -->
+
+### Links / references
+
+/label ~feature
diff --git a/.gitlab/issue_templates/Security Release.md b/.gitlab/issue_templates/Security Release.md
new file mode 100644
index 0000000000..ae469d3b12
--- /dev/null
+++ b/.gitlab/issue_templates/Security Release.md	
@@ -0,0 +1,69 @@
+<!--
+# Read me first!
+
+Set the title to: `Security Release: 11.4.X, 11.3.X, and 11.2.X`
+-->
+
+## Releases tasks
+
+- https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/release-manager.md
+- https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md
+- https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/security-engineer.md
+
+## Version issues:
+
+* 11.4.X: {release task link}
+* 11.3.X: {release task link}
+* 11.2.X: {release task link}
+
+## Security Issues:
+
+### CE
+
+* {https://gitlab.com/gitlab-org/gitlab-ce/issues link}
+
+### EE
+
+* {https://gitlab.com/gitlab-org/gitlab-ee/issues link}
+
+## Security Issues in dev.gitlab.org:
+
+### CE
+
+- {https://dev.gitlab.org/gitlab/gitlabhq/issues link}
+
+| Version | MR |
+|---------|----|
+| 11.4 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
+| 11.3 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
+| 11.2 | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
+| master | {https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/ link} |
+
+
+
+### EE
+
+* {https://dev.gitlab.org/gitlab/gitlabhq/issues/ link}
+
+
+| Version | MR |
+|---------|----|
+| 11.4| {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
+| 11.3 | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
+| 11.2 | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
+| master | {https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/ link} |
+
+
+## QA
+{QA issue link}
+
+## Blog post
+
+Dev: {https://dev.gitlab.org/gitlab/www-gitlab-com/merge_requests/ link}<br/>
+gitlab.com: {https://gitlab.com/gitlab-com/www-gitlab-com/merge_requests/ link}
+
+## Email notification
+{https://gitlab.com/gitlab-com/marketing/general/issues/ link}
+
+/label ~security
+/confidential
diff --git a/.gitlab/issue_templates/Security developer workflow.md b/.gitlab/issue_templates/Security developer workflow.md
new file mode 100644
index 0000000000..aaa1614539
--- /dev/null
+++ b/.gitlab/issue_templates/Security developer workflow.md	
@@ -0,0 +1,69 @@
+<!--
+# Read me first!
+
+Create this issue under https://dev.gitlab.org/gitlab/gitlabhq
+
+Set the title to: `Description of the original issue`
+-->
+
+### Prior to starting the security release work
+
+- [ ] Read the [security process for developers] if you are not familiar with it.
+- [ ] Link to the original issue adding it to the [links section](#links)
+- [ ] Run `scripts/security-harness` in the CE, EE, and/or Omnibus to prevent pushing to any remote besides `dev.gitlab.org`
+- [ ] Create a new branch prefixing it with `security-`
+- [ ] Create a MR targeting `dev.gitlab.org` `master`
+- [ ] Add a link to this issue in the original security issue on `gitlab.com`.
+
+#### Backports
+
+- [ ] Once the MR is ready to be merged, create MRs targetting the last 3 releases, plus the current RC if between the 7th and 22nd of the month.
+    - [ ] At this point, it might be easy to squash the commits from the MR into one
+    - You can use the script `bin/secpick` instead of the following steps, to help you cherry-picking. See the [secpick documentation]
+    - [ ] Create each MR targetting the stable branch `X-Y-stable`, using the "Security Release" merge request template.
+    - Every merge request will have its own set of TODOs, so make sure to
+      complete those.
+- [ ] Make sure all MRs have a link in the [links section](#links)
+
+[secpick documentation]: https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md#secpick-script
+
+#### Documentation and final details
+
+- [ ] Check the topic on #security to see when the next release is going to happen and add a link to the [links section](#links)
+- [ ] Find out the versions affected (the Git history of the files affected may help you with this) and add them to the [details section](#details)
+- [ ] Fill in any upgrade notes that users may need to take into account in the [details section](#details)
+- [ ] Add Yes/No and further details if needed to the migration and settings columns in the [details section](#details)
+- [ ] Add the nickname of the external user who found the issue (and/or HackerOne profile) to the Thanks row in the [details section](#details)
+- [ ] Once your `master` MR is merged, comment on the original security issue with a link to that MR indicating the issue is fixed.
+
+### Summary
+
+#### Links
+
+| Description | Link |
+| -------- | -------- |
+| Original issue   | #TODO  |
+| Security release issue   | #TODO  |
+| `master` MR | !TODO   |
+| `master` MR (EE) | !TODO   |
+| `Backport X.Y` MR | !TODO   |
+| `Backport X.Y` MR | !TODO   |
+| `Backport X.Y` MR | !TODO   |
+| `Backport X.Y` MR (EE) | !TODO   |
+| `Backport X.Y` MR (EE) | !TODO   |
+| `Backport X.Y` MR (EE) | !TODO   |
+
+#### Details
+
+| Description | Details | Further details|
+| -------- | -------- | -------- |
+| Versions affected | X.Y  | |
+| Upgrade notes | | |
+| GitLab Settings updated | Yes/No| |
+| Migration required | Yes/No | |
+| Thanks | | |
+
+[security process for developers]: https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md
+[RM list]:  https://about.gitlab.com/release-managers/
+
+/label ~security
diff --git a/.gitlab/issue_templates/Test plan.md b/.gitlab/issue_templates/Test plan.md
new file mode 100644
index 0000000000..a3c3f4a650
--- /dev/null
+++ b/.gitlab/issue_templates/Test plan.md	
@@ -0,0 +1,96 @@
+# Test Plan
+
+<!-- This issue outlines testing activities related to a particular issue or epic.
+
+[Here is an example test plan](https://gitlab.com/gitlab-org/gitlab-ce/issues/50353)
+
+This and other comments should be removed as you write the plan -->
+
+## Introduction
+
+<!-- Briefly outline what is being tested
+
+Mention the issue(s) this test plan is related to -->
+
+## Scope
+
+<!-- State any limits on aspects of the feature being tested
+Outline the types of data to be included
+Outline the types of tests to be performed (functional, security, performance,
+database, automated, etc) -->
+
+## ACC Matrix
+
+<!-- Use the matrix below as a template to identify the Attributes, Components, and
+Capabilities relevant to the scope of this test plan. Add or remove Attributes
+and Components as required and list Capabilities in the next section
+
+Attributes (columns) are adverbs or adjectives that describe (at a high level)
+the qualities testing is meant to ensure Components have.
+
+Components (rows) are nouns that define major parts of the product being tested.
+
+Capabilities link Attributes and Components. They are what your product needs to
+do to make sure a Component fulfills an Attribute
+
+For more information see the [Google Testing Blog article about the 10 minute
+test plan](https://testing.googleblog.com/2011/09/10-minute-test-plan.html) and
+[this wiki page from an open-source tool that implements the ACC
+model](https://code.google.com/archive/p/test-analytics/wikis/AccExplained.wiki). -->
+
+|            | Secure | Responsive | Intuitive | Reliable |
+|------------|:------:|:----------:|:---------:|:--------:|
+| Admin      |        |            |           |          |
+| Groups     |        |            |           |          |
+| Project    |        |            |           |          |
+| Repository |        |            |           |          |
+| Issues     |        |            |           |          |
+| MRs        |        |            |           |          |
+| CI/CD      |        |            |           |          |
+| Ops        |        |            |           |          |
+| Registry   |        |            |           |          |
+| Wiki       |        |            |           |          |
+| Snippets   |        |            |           |          |
+| Settings   |        |            |           |          |
+| Tracking   |        |            |           |          |
+| API        |        |            |           |          |
+
+## Capabilities
+
+<!-- Use the ACC matrix above to help you identify Capabilities at each relevant
+intersection of Components and Attributes.
+
+Some features might be simple enough that they only involve one Component, while
+more complex features could involve multiple or even all.
+
+Example (from https://gitlab.com/gitlab-org/gitlab-ce/issues/50353):
+* Repository is
+  * Intuitive
+    * It's easy to select the desired file template
+    * It doesn't require unnecessary actions to save the change
+    * It's easy to undo the change after selecting a template
+  * Responsive
+    * The list of templates can be restricted to allow a user to find a specific template among many
+    * Once a template is selected the file content updates quickly and smoothly
+-->
+
+## Test Plan
+
+<!-- If the scope is small enough you may not need to write a list of tests to
+perform. It might be enough to use the Capabilities to guide your testing.
+
+If the feature is more complex, especially if it involves multiple Components,
+briefly outline a set of tests here. When identifying tests to perform be sure
+to consider risk. Note inherent/known levels of risk so that testing can focus
+on high risk areas first.
+
+New end-to-end and integration tests (Selenium and API) should be added to the
+[Test Coverage sheet](https://docs.google.com/spreadsheets/d/1RlLfXGboJmNVIPP9jgFV5sXIACGfdcFq1tKd7xnlb74/)
+
+Please note if automated tests already exist.
+
+When adding new automated tests, please keep [testing levels](https://docs.gitlab.com/ce/development/testing_guide/testing_levels.html)
+in mind.
+-->
+
+/label ~Quality ~"test plan"
diff --git a/.gitlab/merge_request_templates/Change documentation location.md b/.gitlab/merge_request_templates/Change documentation location.md
new file mode 100644
index 0000000000..b4a6d2bd3b
--- /dev/null
+++ b/.gitlab/merge_request_templates/Change documentation location.md	
@@ -0,0 +1,32 @@
+<!--See the general Documentation guidelines https://docs.gitlab.com/ee/development/documentation/ -->
+
+<!-- Use this description template for changing documentation location. For new docs or updates to existing docs, use the "Documentation" template -->
+
+## What does this MR do?
+
+<!-- Briefly describe what this MR is about -->
+
+## Related issues
+
+<!-- Mention the issue(s) this MR closes or is related to -->
+
+Closes 
+
+## Moving docs to a new location?
+
+Read the guidelines:
+https://docs.gitlab.com/ce/development/documentation/index.html#changing-document-location
+
+- [ ] Make sure the old link is not removed and has its contents replaced with
+      a link to the new location.
+- [ ] Make sure internal links pointing to the document in question are not broken.
+- [ ] Search and replace any links referring to old docs in GitLab Rails app,
+      specifically under the `app/views/` and `ee/app/views` (for GitLab EE)  directories.
+- [ ] Make sure to add [`redirect_from`](https://docs.gitlab.com/ce/development/writing_documentation.html#redirections-for-pages-with-disqus-comments)
+      to the new document if there are any Disqus comments on the old document thread.
+- [ ] Update the link in `features.yml` (if applicable)
+- [ ] If working on CE and the `ee-compat-check` jobs fails, submit an MR to EE
+      with the changes as well (https://docs.gitlab.com/ce/development/writing_documentation.html#cherry-picking-from-ce-to-ee).
+- [ ] Ping one of the technical writers for review.
+
+/label ~Documentation
diff --git a/.gitlab/merge_request_templates/Database changes.md b/.gitlab/merge_request_templates/Database changes.md
new file mode 100644
index 0000000000..354393b60e
--- /dev/null
+++ b/.gitlab/merge_request_templates/Database changes.md	
@@ -0,0 +1,58 @@
+## What does this MR do?
+
+<!--
+Describe in detail what your merge request does, why it does that, etc. Merge
+requests without an adequate description will not be reviewed until one is
+added.
+
+Please also keep this description up-to-date with any discussion that takes
+place so that reviewers can understand your intent. This is especially
+important if they didn't participate in the discussion.
+
+Make sure to remove this comment when you are done.
+-->
+
+Add a description of your merge request here.
+
+## Database checklist
+
+- [ ] Conforms to the [database guides](https://docs.gitlab.com/ee/development/README.html#databases-guides)
+
+When adding migrations:
+
+- [ ] Updated `db/schema.rb`
+- [ ] Added a `down` method so the migration can be reverted
+- [ ] Added the output of the migration(s) to the MR body
+- [ ] Added tests for the migration in `spec/migrations` if necessary (e.g. when migrating data)
+
+When adding or modifying queries to improve performance:
+
+- [ ] Included data that shows the performance improvement, preferably in the form of a benchmark
+- [ ] Included the output of `EXPLAIN (ANALYZE, BUFFERS)` of the relevant queries
+
+When adding foreign keys to existing tables:
+
+- [ ] Included a migration to remove orphaned rows in the source table before adding the foreign key
+- [ ] Removed any instances of `dependent: ...` that may no longer be necessary
+
+When adding tables:
+
+- [ ] Ordered columns based on the [Ordering Table Columns](https://docs.gitlab.com/ee/development/ordering_table_columns.html#ordering-table-columns) guidelines
+- [ ] Added foreign keys to any columns pointing to data in other tables
+- [ ] Added indexes for fields that are used in statements such as WHERE, ORDER BY, GROUP BY, and JOINs
+
+When removing columns, tables, indexes or other structures:
+
+- [ ] Removed these in a post-deployment migration
+- [ ] Made sure the application no longer uses (or ignores) these structures
+
+## General checklist
+
+- [ ] [Changelog entry](https://docs.gitlab.com/ee/development/changelog.html) added, if necessary
+- [ ] [Documentation created/updated](https://docs.gitlab.com/ee/development/documentation/index.html#contributing-to-docs)
+- [ ] [Tests added for this feature/bug](https://docs.gitlab.com/ee/development/testing_guide/index.html)
+- [ ] Conforms to the [code review guidelines](https://docs.gitlab.com/ee/development/code_review.html)
+- [ ] Conforms to the [merge request performance guidelines](https://docs.gitlab.com/ee/development/merge_request_performance_guidelines.html)
+- [ ] Conforms to the [style guides](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/CONTRIBUTING.md#style-guides)
+
+/label ~database
diff --git a/.gitlab/merge_request_templates/Documentation.md b/.gitlab/merge_request_templates/Documentation.md
new file mode 100644
index 0000000000..8b7e711979
--- /dev/null
+++ b/.gitlab/merge_request_templates/Documentation.md
@@ -0,0 +1,33 @@
+<!--See the general documentation guidelines https://docs.gitlab.com/ee/development/documentation -->
+
+<!-- Mention "documentation" or "docs" in the MR title -->
+
+<!-- Use this description template for new docs or updates to existing docs. For changing documentation location use the "Change documentation location" template -->
+
+## What does this MR do?
+
+<!-- Briefly describe what this MR is about -->
+
+## Related issues
+
+<!-- Mention the issue(s) this MR closes or is related to -->
+
+Closes 
+
+## Author's checklist
+
+- [ ] [Apply the correct labels and milestone](https://docs.gitlab.com/ee/development/documentation/workflow.html#2-developer-s-role-in-the-documentation-process)
+- [ ] Crosslink the document from the higher-level index
+- [ ] Crosslink the document from other subject-related docs
+- [ ] Feature moving tiers? Make sure the change is also reflected in [`features.yml`](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/data/features.yml)
+- [ ] Correctly apply the product [badges](https://docs.gitlab.com/ee/development/documentation/styleguide.html#product-badges) and [tiers](https://docs.gitlab.com/ee/development/documentation/styleguide.html#gitlab-versions-and-tiers)
+- [ ] [Port the MR to EE (or backport from CE)](https://docs.gitlab.com/ee/development/documentation/index.html#cherry-picking-from-ce-to-ee): _always recommended, required when the `ee-compat-check` job fails_
+
+## Review checklist
+
+- [ ] Your team's review (required)
+- [ ] PM's review (recommended, but not a blocker)
+- [ ] Technical writer's review (required)
+- [ ] Merge the EE-MR first, CE-MR afterwards
+
+/label ~Documentation
diff --git a/.gitlab/merge_request_templates/Security Release.md b/.gitlab/merge_request_templates/Security Release.md
new file mode 100644
index 0000000000..246f2dae00
--- /dev/null
+++ b/.gitlab/merge_request_templates/Security Release.md	
@@ -0,0 +1,31 @@
+<!--
+# README first!
+This MR should be created on `dev.gitlab.org`.
+
+See [the general developer security release guidelines](https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md).
+
+This merge request _must not_ close the corresponding security issue _unless_ it
+targets master.
+
+-->
+## Related issues
+
+<!-- Mention the issue(s) this MR is related to -->
+
+## Developer checklist
+
+- [ ] Link to the developer security workflow issue on `dev.gitlab.org`
+- [ ] MR targets `master`, or `X-Y-stable` for backports
+- [ ] Milestone is set for the version this MR applies to
+- [ ] Title of this MR is the same as for all backports
+- [ ] A [CHANGELOG entry](https://docs.gitlab.com/ee/development/changelog.html) is added without a `merge_request` value, with `type` set to `security`
+- [ ] Add a link to this MR in the `links` section of related issue
+- [ ] Add a link to an EE MR if required
+- [ ] Assign to a reviewer
+
+## Reviewer checklist
+
+- [ ] Correct milestone is applied and the title is matching across all backports
+- [ ] Assigned to `@gitlab-release-tools-bot` with passing CI pipelines
+
+/label ~security
diff --git a/.gitlab/route-map.yml b/.gitlab/route-map.yml
new file mode 100644
index 0000000000..0b37dc68f8
--- /dev/null
+++ b/.gitlab/route-map.yml
@@ -0,0 +1,3 @@
+# Documentation
+- source: /doc/(.+?)\.md/ # doc/administration/build_artifacts.md
+  public: '\1.html' # doc/administration/build_artifacts.html
diff --git a/.haml-lint.yml b/.haml-lint.yml
new file mode 100644
index 0000000000..bad918ef35
--- /dev/null
+++ b/.haml-lint.yml
@@ -0,0 +1,167 @@
+# Whether to ignore frontmatter at the beginning of HAML documents for
+# frameworks such as Jekyll/Middleman
+skip_frontmatter: false
+exclude:
+  - 'vendor/**/*'
+  - 'spec/**/*'
+
+linters:
+  AltText:
+    enabled: true
+
+  ClassAttributeWithStaticValue:
+    enabled: true
+
+  ClassesBeforeIds:
+    enabled: false
+
+  ConsecutiveComments:
+    enabled: false
+
+  ConsecutiveSilentScripts:
+    enabled: false
+    max_consecutive: 2
+
+  EmptyObjectReference:
+    enabled: true
+
+  EmptyScript:
+    enabled: true
+
+  FinalNewline:
+    enabled: true
+    present: true
+
+  HtmlAttributes:
+    enabled: true
+
+  IdNames:
+    enabled: false
+
+  ImplicitDiv:
+    enabled: true
+
+  InlineJavaScript:
+    enabled: true
+
+  InlineStyles:
+    enabled: false
+
+  InstanceVariables:
+    enabled: false
+
+  LeadingCommentSpace:
+    enabled: false
+
+  LineLength:
+    enabled: false
+    max: 80
+
+  MultilinePipe:
+    enabled: true
+
+  MultilineScript:
+    enabled: true
+
+  ObjectReferenceAttributes:
+    enabled: true
+
+  RepeatedId:
+    enabled: false
+
+  RuboCop:
+    enabled: true
+    # These cops are incredibly noisy when it comes to HAML templates, so we
+    # ignore them.
+    ignored_cops:
+      - Layout/BlockAlignment
+      - Layout/EndAlignment
+      - Lint/Void
+      - Metrics/LineLength
+      - Naming/FileName
+      - Style/AlignParameters
+      - Style/BlockNesting
+      - Style/ElseAlignment
+      - Style/FileName
+      - Style/FinalNewline
+      - Style/FrozenStringLiteralComment
+      - Style/IfUnlessModifier
+      - Style/IndentationWidth
+      - Style/Next
+      - Style/TrailingBlankLines
+      - Style/TrailingWhitespace
+      - Style/WhileUntilModifier
+
+      # These cops should eventually get enabled
+      - Cop/LineBreakAfterGuardClauses
+      - Cop/LineBreakAroundConditionalBlock
+      - Cop/ProjectPathHelper
+      - GitlabSecurity/PublicSend
+      - Layout/LeadingCommentSpace
+      - Layout/SpaceAfterColon
+      - Layout/SpaceAfterComma
+      - Layout/SpaceAroundOperators
+      - Layout/SpaceBeforeBlockBraces
+      - Layout/SpaceBeforeComma
+      - Layout/SpaceBeforeFirstArg
+      - Layout/SpaceInsideArrayLiteralBrackets
+      - Layout/SpaceInsideHashLiteralBraces
+      - Layout/SpaceInsideStringInterpolation
+      - Layout/TrailingBlankLines
+      - Lint/BooleanSymbol
+      - Lint/LiteralInInterpolation
+      - Lint/ParenthesesAsGroupedExpression
+      - Lint/RedundantWithIndex
+      - Lint/Syntax
+      - Metrics/BlockNesting
+      - Naming/VariableName
+      - Performance/RedundantMatch
+      - Performance/StringReplacement
+      - Rails/Presence
+      - Rails/RequestReferer
+      - Style/AndOr
+      - Style/ColonMethodCall
+      - Style/ConditionalAssignment
+      - Style/HashSyntax
+      - Style/IdenticalConditionalBranches
+      - Style/NegatedIf
+      - Style/NestedTernaryOperator
+      - Style/Not
+      - Style/ParenthesesAroundCondition
+      - Style/RedundantParentheses
+      - Style/SelfAssignment
+      - Style/Semicolon
+      - Style/TernaryParentheses
+      - Style/TrailingCommaInHashLiteral
+      - Style/UnlessElse
+      - Style/WordArray
+      - Style/ZeroLengthPredicate
+
+  RubyComments:
+    enabled: true
+
+  SpaceBeforeScript:
+    enabled: true
+
+  SpaceInsideHashAttributes:
+    enabled: true
+    style: space
+
+  Indentation:
+    enabled: true
+    character: space # or tab
+
+  TagName:
+    enabled: true
+
+  TrailingWhitespace:
+    enabled: true
+
+  UnnecessaryInterpolation:
+    enabled: true
+
+  UnnecessaryStringOutput:
+    enabled: true
+
+  ViewLength:
+    enabled: false
diff --git a/.mailmap b/.mailmap
new file mode 100644
index 0000000000..bd5ac22132
--- /dev/null
+++ b/.mailmap
@@ -0,0 +1,35 @@
+#
+# This list is used by git-shortlog to make contributions from the
+# same person appearing to be so.
+#
+
+Achilleas Pipinellis <axilleas@axilleas.me> <axilleas@archlinux.gr>
+Achilleas Pipinellis <axilleas@axilleas.me> <axilleas@users.noreply.github.com>
+Dmitriy Zaporozhets <dzaporozhets@gitlab.com> <dmitriy.zaporozhets@gmail.com>
+Dmitriy Zaporozhets <dzaporozhets@gitlab.com> <dzaporozhets@sphereconsultinginc.com>
+Douwe Maan <douwe@gitlab.com> <douwe@selenight.nl>
+Douwe Maan <douwe@gitlab.com> <me@douwe.me>
+Grzegorz Bizon <grzegorz@gitlab.com> <grzegorz.bizon@ntsn.pl>
+Grzegorz Bizon <grzegorz@gitlab.com> <grzesiek.bizon@gmail.com>
+Jacob Vosmaer <jacob@gitlab.com> <contact@jacobvosmaer.nl>
+Jacob Vosmaer <jacob@gitlab.com> Jacob Vosmaer (GitLab) <jacob@gitlab.com>
+Jacob Schatz <jschatz@gitlab.com> <jacobschatz@Jacobs-MacBook-Pro.local>
+Jacob Schatz <jschatz@gitlab.com> <jacobschatz@Jacobs-MBP.fios-router.home>
+Jacob Schatz <jschatz@gitlab.com> <jschatz1@gmail.com>
+James Lopez <james@jameslopez.es> <james@gitlab.com>
+James Lopez <james@jameslopez.es> <james.lopez@vodafone.com>
+Kamil Trzciński <kamil@gitlab.com> <ayufan@ayufan.eu>
+Marin Jankovski <maxlazio@gmail.com> <marin@gitlab.com>
+Phil Hughes <me@iamphill.com> <theephil@gmail.com>
+Rémy Coutable <remy@rymai.me> <remy@gitlab.com>
+Robert Schilling <rschilling@student.tugraz.at> <Razer6@users.noreply.github.com>
+Robert Schilling <rschilling@student.tugraz.at> <schilling.ro@gmail.com>
+Robert Speicher <robert@gitlab.com> <rspeicher@gmail.com>
+Stan Hu <stanhu@gmail.com> <stanhu@alum.mit.edu>
+Stan Hu <stanhu@gmail.com> <stanhu@packetzoom.com>
+Stan Hu <stanhu@gmail.com> <stanhu@users.noreply.github.com>
+Stan Hu <stanhu@gmail.com> stanhu <stanhu@gmail.com>
+Sytse Sijbrandij <sytse@gitlab.com> <sytse+admin@gitlab.com>
+Sytse Sijbrandij <sytse@gitlab.com> <sytse@dosire.com>
+Sytse Sijbrandij <sytse@gitlab.com> <sytses@gmail.com>
+Sytse Sijbrandij <sytse@gitlab.com> dosire <sytse@gitlab.com>
diff --git a/.nvmrc b/.nvmrc
new file mode 100644
index 0000000000..db24ab967f
--- /dev/null
+++ b/.nvmrc
@@ -0,0 +1 @@
+10.13.0
diff --git a/.pkgr.yml b/.pkgr.yml
new file mode 100644
index 0000000000..10bcd7bd4b
--- /dev/null
+++ b/.pkgr.yml
@@ -0,0 +1,49 @@
+user: git
+group: git
+services:
+  - postgres
+before_precompile: ./bin/pkgr_before_precompile.sh
+env: 
+  - SKIP_STORAGE_VALIDATION=true 
+targets:
+  debian-7: &wheezy
+    build_dependencies:
+      - libkrb5-dev
+      - libicu-dev
+      - cmake
+      - pkg-config
+    dependencies:
+      - libicu48
+      - libpcre3
+      - git
+  ubuntu-12.04: *wheezy
+  ubuntu-14.04:
+    build_dependencies:
+      - libkrb5-dev
+      - libicu-dev
+      - cmake
+      - pkg-config
+    dependencies:
+      - libicu52
+      - libpcre3
+      - git
+  ubuntu-16.04:
+    build_dependencies:
+      - libkrb5-dev
+      - libicu-dev
+      - cmake
+      - pkg-config
+    dependencies:
+      - libicu55
+      - libpcre3
+      - git
+  centos-6:
+    build_dependencies:
+      - krb5-devel
+      - libicu-devel
+      - cmake
+      - pkgconfig
+    dependencies:
+      - libicu
+      - pcre
+      - git
diff --git a/.prettierignore b/.prettierignore
new file mode 100644
index 0000000000..dc9e572ab5
--- /dev/null
+++ b/.prettierignore
@@ -0,0 +1,9 @@
+/app/assets/javascripts/locale/**/app.js
+/node_modules/
+/public/
+/vendor/
+/tmp/
+
+# ignore stylesheets for now as this clashes with our linter
+*.css
+*.scss
diff --git a/.prettierrc b/.prettierrc
new file mode 100644
index 0000000000..3384551aea
--- /dev/null
+++ b/.prettierrc
@@ -0,0 +1,13 @@
+{
+  "printWidth": 100,
+  "singleQuote": true,
+  "trailingComma": "es5",
+  "overrides": [
+    {
+      "files": ["**/app/**/*", "**/spec/**/*"],
+      "options": {
+        "trailingComma": "all"
+      }
+    }
+  ]
+}
diff --git a/.rubocop.yml b/.rubocop.yml
new file mode 100644
index 0000000000..bcff67ded8
--- /dev/null
+++ b/.rubocop.yml
@@ -0,0 +1,183 @@
+inherit_gem:
+  gitlab-styles:
+    - rubocop-default.yml
+
+inherit_from: .rubocop_todo.yml
+require:
+  - ./rubocop/rubocop
+  - rubocop-rspec
+
+AllCops:
+  TargetRailsVersion: 5.0
+  Exclude:
+    - 'vendor/**/*'
+    - 'node_modules/**/*'
+    - 'db/fixtures/**/*'
+    - 'db/schema.rb'
+    - 'ee/db/geo/schema.rb'
+    - 'tmp/**/*'
+    - 'bin/**/*'
+    - 'generator_templates/**/*'
+    - 'builds/**/*'
+    - 'plugins/**/*'
+  CacheRootDirectory: tmp
+
+# This cop checks whether some constant value isn't a
+# mutable literal (e.g. array or hash).
+Style/MutableConstant:
+  Enabled: true
+  Exclude:
+    - 'db/migrate/**/*'
+    - 'db/post_migrate/**/*'
+    - 'ee/db/migrate/**/*'
+    - 'ee/db/post_migrate/**/*'
+    - 'ee/db/geo/migrate/**/*'
+
+# TODO: Move this to gitlab-styles
+Style/SafeNavigation:
+  Enabled: false
+
+# Frozen String Literal
+Style/FrozenStringLiteralComment:
+  Enabled: true
+  Exclude:
+    - 'config.ru'
+    - 'Dangerfile'
+    - 'Gemfile'
+    - 'Rakefile'
+    - 'app/views/**/*'
+    - 'config/**/*'
+    - 'danger/**/*'
+    - 'db/**/*'
+    - 'ee/**/*'
+    - 'lib/tasks/**/*'
+    - 'qa/**/*'
+    - 'rubocop/**/*'
+    - 'scripts/**/*'
+    - 'spec/**/*'
+
+RSpec/FilePath:
+  Exclude:
+    - 'qa/**/*'
+    - 'spec/javascripts/fixtures/*'
+    - 'ee/spec/javascripts/fixtures/*'
+    - 'spec/requests/api/v3/*'
+
+Naming/FileName:
+  ExpectMatchingDefinition: true
+  Exclude:
+    - 'db/**/*'
+    - 'ee/db/**/*'
+    - 'spec/**/*'
+    - 'features/**/*'
+    - 'ee/spec/**/*'
+    - 'qa/spec/**/*'
+    - 'qa/qa/specs/**/*'
+    - 'qa/bin/*'
+    - 'config/**/*'
+    - 'ee/config/**/*'
+    - 'lib/generators/**/*'
+    - 'locale/unfound_translations.rb'
+    - 'ee/locale/unfound_translations.rb'
+    - 'ee/lib/generators/**/*'
+    - 'qa/qa/scenario/test/integration/ldap_no_tls.rb'
+    - 'qa/qa/scenario/test/integration/ldap_tls.rb'
+
+  IgnoreExecutableScripts: true
+  AllowedAcronyms:
+    - EE
+    - JSON
+    - LDAP
+    - SAML
+    - IO
+    - HMAC
+    - QA
+    - ENV
+    - STL
+    - PDF
+    - SVG
+    - CTE
+    - DN
+    - RSA
+    - CI
+    - CD
+    - OAuth
+    # default ones:
+    - CLI
+    - DSL
+    - ACL
+    - API
+    - ASCII
+    - CPU
+    - CSS
+    - DNS
+    - EOF
+    - GUID
+    - HTML
+    - HTTP
+    - HTTPS
+    - ID
+    - IP
+    - JSON
+    - LHS
+    - QPS
+    - RAM
+    - RHS
+    - RPC
+    - SLA
+    - SMTP
+    - SQL
+    - SSH
+    - TCP
+    - TLS
+    - TTL
+    - UDP
+    - UI
+    - UID
+    - UUID
+    - URI
+    - URL
+    - UTF8
+    - VM
+    - XML
+    - XMPP
+    - XSRF
+    - XSS
+    - GRPC
+
+# GitLab ###################################################################
+
+Gitlab/ModuleWithInstanceVariables:
+  Enable: true
+  Exclude:
+    # We ignore Rails helpers right now because it's hard to workaround it
+    - app/helpers/**/*_helper.rb
+    - ee/app/helpers/**/*_helper.rb
+    # We ignore Rails mailers right now because it's hard to workaround it
+    - app/mailers/emails/**/*.rb
+    - ee/**/emails/**/*.rb
+    # We ignore spec helpers because it usually doesn't matter
+    - spec/support/**/*.rb
+    - features/steps/**/*.rb
+
+Gitlab/HTTParty:
+  Enabled: true
+
+GitlabSecurity/PublicSend:
+  Enabled: true
+  Exclude:
+    - 'config/**/*'
+    - 'db/**/*'
+    - 'features/**/*'
+    - 'lib/**/*.rake'
+    - 'qa/**/*'
+    - 'spec/**/*'
+    - 'ee/db/**/*'
+    - 'ee/lib/**/*.rake'
+    - 'ee/spec/**/*'
+
+Cop/InjectEnterpriseEditionModule:
+  Enabled: true
+  Exclude:
+    - 'spec/**/*'
+    - 'ee/spec/**/*'
diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml
new file mode 100644
index 0000000000..77ad4753c8
--- /dev/null
+++ b/.rubocop_todo.yml
@@ -0,0 +1,691 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config`
+# on 2018-01-18 18:23:26 +0100 using RuboCop version 0.52.1.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.
+
+# Offense count: 181
+Capybara/CurrentPathExpectation:
+  Enabled: false
+
+# Offense count: 167
+# Cop supports --auto-correct.
+Layout/EmptyLinesAroundArguments:
+  Enabled: false
+
+# Offense count: 83
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, IndentationWidth.
+# SupportedStyles: special_inside_parentheses, consistent, align_brackets
+Layout/IndentArray:
+  Enabled: false
+
+# Offense count: 237
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, IndentationWidth.
+# SupportedStyles: special_inside_parentheses, consistent, align_braces
+Layout/IndentHash:
+  Enabled: false
+
+# Offense count: 93
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: require_no_space, require_space
+Layout/SpaceInLambdaLiteral:
+  Enabled: false
+
+# Offense count: 327
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, EnforcedStyleForEmptyBraces, SpaceBeforeBlockParameters.
+# SupportedStyles: space, no_space
+# SupportedStylesForEmptyBraces: space, no_space
+Layout/SpaceInsideBlockBraces:
+  Enabled: false
+
+# Offense count: 156
+# Cop supports --auto-correct.
+Layout/SpaceInsideParens:
+  Enabled: false
+
+# Offense count: 26
+Lint/DuplicateMethods:
+  Exclude:
+    - 'app/models/application_setting.rb'
+    - 'app/models/commit.rb'
+    - 'app/models/note.rb'
+    - 'app/services/merge_requests/merge_service.rb'
+    - 'lib/bitbucket/representation/repo.rb'
+    - 'lib/declarative_policy/base.rb'
+    - 'lib/gitlab/ci/build/artifacts/metadata/entry.rb'
+    - 'lib/gitlab/cycle_analytics/base_event_fetcher.rb'
+    - 'lib/gitlab/diff/formatters/base_formatter.rb'
+    - 'lib/gitlab/git/blob.rb'
+    - 'lib/gitlab/git/repository.rb'
+    - 'lib/gitlab/git/tree.rb'
+    - 'lib/gitlab/git/wiki_page.rb'
+    - 'lib/gitlab/auth/ldap/person.rb'
+    - 'lib/gitlab/auth/o_auth/user.rb'
+
+# Offense count: 4
+Lint/InterpolationCheck:
+  Exclude:
+    - 'spec/features/issues/filtered_search/filter_issues_spec.rb'
+    - 'spec/features/users_spec.rb'
+    - 'spec/services/quick_actions/interpret_service_spec.rb'
+
+# Offense count: 206
+# Configuration parameters: MaximumRangeSize.
+Lint/MissingCopEnableDirective:
+  Enabled: false
+
+# Offense count: 9
+Lint/UriEscapeUnescape:
+  Exclude:
+    - 'app/controllers/application_controller.rb'
+    - 'app/models/project_services/drone_ci_service.rb'
+    - 'spec/lib/google_api/auth_spec.rb'
+    - 'spec/requests/api/files_spec.rb'
+    - 'spec/requests/api/internal_spec.rb'
+    - 'spec/requests/api/issues_spec.rb'
+
+# Offense count: 1
+# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
+# URISchemes: http, https
+Metrics/LineLength:
+  Max: 1310
+
+# Offense count: 11
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: lowercase, uppercase
+Naming/HeredocDelimiterCase:
+  Exclude:
+    - 'spec/lib/gitlab/diff/parser_spec.rb'
+    - 'spec/lib/json_web_token/rsa_token_spec.rb'
+    - 'spec/models/commit_spec.rb'
+    - 'spec/support/helpers/repo_helpers.rb'
+    - 'spec/support/helpers/seed_repo.rb'
+
+# Offense count: 112
+# Configuration parameters: Blacklist.
+# Blacklist: END, (?-mix:EO[A-Z]{1})
+Naming/HeredocDelimiterNaming:
+  Enabled: false
+
+
+# Offense count: 3821
+# Configuration parameters: Prefixes.
+# Prefixes: when, with, without
+RSpec/ContextWording:
+  Enabled: false
+
+# Offense count: 293
+RSpec/EmptyLineAfterFinalLet:
+  Enabled: false
+
+# Offense count: 188
+RSpec/EmptyLineAfterSubject:
+  Enabled: false
+
+# Offense count: 258
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: method_call, block
+RSpec/ExpectChange:
+  Enabled: false
+
+# Offense count: 221
+RSpec/ExpectInHook:
+  Enabled: false
+
+# Offense count: 19
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: it_behaves_like, it_should_behave_like
+RSpec/ItBehavesLike:
+  Exclude:
+    - 'spec/lib/gitlab/git/commit_spec.rb'
+    - 'spec/lib/gitlab/git/repository_spec.rb'
+    - 'spec/lib/gitlab/shell_spec.rb'
+    - 'spec/services/notification_service_spec.rb'
+    - 'spec/workers/git_garbage_collect_worker_spec.rb'
+
+# Offense count: 5
+RSpec/IteratedExpectation:
+  Exclude:
+    - 'spec/features/admin/admin_settings_spec.rb'
+    - 'spec/features/merge_requests/diff_notes_resolve_spec.rb'
+    - 'spec/features/projects/awards/user_interacts_with_awards_in_issue_spec.rb'
+    - 'spec/lib/gitlab/gitlab_import/client_spec.rb'
+    - 'spec/lib/gitlab/legacy_github_import/client_spec.rb'
+
+# Offense count: 75
+RSpec/LetBeforeExamples:
+  Exclude:
+    - 'spec/controllers/projects/commit_controller_spec.rb'
+    - 'spec/lib/banzai/filter/issue_reference_filter_spec.rb'
+    - 'spec/lib/banzai/filter/user_reference_filter_spec.rb'
+    - 'spec/lib/gitlab/email/handler/create_issue_handler_spec.rb'
+    - 'spec/lib/gitlab/email/handler/create_merge_request_handler_spec.rb'
+    - 'spec/lib/gitlab/email/handler/create_note_handler_spec.rb'
+    - 'spec/models/commit_range_spec.rb'
+    - 'spec/models/milestone_spec.rb'
+    - 'spec/models/project_services/packagist_service_spec.rb'
+    - 'spec/models/repository_spec.rb'
+    - 'spec/rubocop/cop/migration/update_column_in_batches_spec.rb'
+    - 'spec/serializers/pipeline_details_entity_spec.rb'
+    - 'spec/views/ci/lints/show.html.haml_spec.rb'
+
+# Offense count: 1
+RSpec/MultipleSubjects:
+  Exclude:
+    - 'spec/services/merge_requests/create_from_issue_service_spec.rb'
+
+# Offense count: 4
+RSpec/OverwritingSetup:
+  Exclude:
+    - 'spec/lib/gitlab/background_migration/migrate_events_to_push_event_payloads_spec.rb'
+    - 'spec/models/email_spec.rb'
+    - 'spec/services/merge_requests/add_todo_when_build_fails_service_spec.rb'
+    - 'spec/services/notes/quick_actions_service_spec.rb'
+
+# Offense count: 965
+# Configuration parameters: Strict, EnforcedStyle.
+# SupportedStyles: inflected, explicit
+RSpec/PredicateMatcher:
+  Enabled: false
+
+# Offense count: 35
+RSpec/RepeatedExample:
+  Enabled: false
+
+# Offense count: 140
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: and_return, block
+RSpec/ReturnFromStub:
+  Enabled: false
+
+# Offense count: 112
+RSpec/ScatteredLet:
+  Enabled: false
+
+# Offense count: 22
+RSpec/ScatteredSetup:
+  Exclude:
+    - 'spec/controllers/projects/templates_controller_spec.rb'
+    - 'spec/lib/gitlab/bitbucket_import/importer_spec.rb'
+    - 'spec/lib/gitlab/git/env_spec.rb'
+    - 'spec/requests/api/jobs_spec.rb'
+    - 'spec/services/projects/create_service_spec.rb'
+
+# Offense count: 1
+RSpec/SharedContext:
+  Exclude:
+    - 'spec/features/admin/admin_groups_spec.rb'
+
+# Offense count: 5
+RSpec/VoidExpect:
+  Exclude:
+    - 'spec/features/projects/artifacts/download_spec.rb'
+    - 'spec/features/projects/services/user_activates_mattermost_slash_command_spec.rb'
+    - 'spec/models/ci/group_spec.rb'
+    - 'spec/models/ci/runner_spec.rb'
+    - 'spec/services/users/destroy_service_spec.rb'
+
+# Offense count: 41
+# Configuration parameters: Include.
+# Include: db/migrate/*.rb
+Rails/CreateTableWithTimestamps:
+  Enabled: false
+
+# Offense count: 155
+Rails/FilePath:
+  Enabled: false
+
+# Offense count: 121
+# Configuration parameters: Include.
+# Include: app/models/**/*.rb
+Rails/HasManyOrHasOneDependent:
+  Enabled: false
+
+# Offense count: 157
+# Configuration parameters: Include.
+# Include: app/models/**/*.rb
+Rails/InverseOf:
+  Enabled: false
+
+# Offense count: 48
+# Configuration parameters: Include.
+# Include: app/controllers/**/*.rb
+Rails/LexicallyScopedActionFilter:
+  Enabled: false
+
+# Offense count: 14
+# Cop supports --auto-correct.
+Rails/Presence:
+  Exclude:
+    - 'app/controllers/projects/blob_controller.rb'
+    - 'app/models/ci/pipeline.rb'
+    - 'app/models/clusters/platforms/kubernetes.rb'
+    - 'app/models/concerns/mentionable.rb'
+    - 'app/models/concerns/token_authenticatable.rb'
+    - 'app/models/project_services/hipchat_service.rb'
+    - 'app/models/project_services/irker_service.rb'
+    - 'app/models/project_services/jira_service.rb'
+    - 'app/models/project_services/kubernetes_service.rb'
+    - 'app/models/project_services/packagist_service.rb'
+    - 'app/models/wiki_page.rb'
+    - 'lib/gitlab/git/hook.rb'
+    - 'lib/gitlab/github_import/importer/releases_importer.rb'
+
+# Offense count: 2
+# Configuration parameters: Include.
+# Include: db/migrate/*.rb
+Rails/ReversibleMigration:
+  Exclude:
+    - 'db/migrate/20160824103857_drop_unused_ci_tables.rb'
+
+# Offense count: 446
+# Configuration parameters: Blacklist.
+# Blacklist: decrement!, decrement_counter, increment!, increment_counter, toggle!, touch, update_all, update_attribute, update_column, update_columns, update_counters
+Rails/SkipsModelValidations:
+  Enabled: false
+
+# Offense count: 1
+# Configuration parameters: Environments.
+# Environments: development, test, production
+Rails/UnknownEnv:
+  Exclude:
+    - 'db/migrate/20171124125748_populate_missing_merge_request_statuses.rb'
+
+# Offense count: 13
+# Cop supports --auto-correct.
+Security/YAMLLoad:
+  Exclude:
+    - 'config/initializers/carrierwave.rb'
+    - 'lib/gitlab/background_migration/deserialize_merge_request_diffs_and_commits.rb'
+    - 'lib/gitlab/redis/wrapper.rb'
+    - 'lib/system_check/incoming_email/imap_authentication_check.rb'
+    - 'spec/config/mail_room_spec.rb'
+    - 'spec/initializers/secret_token_spec.rb'
+    - 'spec/lib/gitlab/prometheus/additional_metrics_parser_spec.rb'
+    - 'spec/models/clusters/platforms/kubernetes_spec.rb'
+    - 'spec/models/project_services/kubernetes_service_spec.rb'
+
+# Offense count: 64
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: percent_q, bare_percent
+Style/BarePercentLiterals:
+  Enabled: false
+
+# Offense count: 5
+Style/CommentedKeyword:
+  Exclude:
+    - 'lib/tasks/gitlab/backup.rake'
+    - 'spec/tasks/gitlab/backup_rake_spec.rb'
+
+# Offense count: 30
+Style/DateTime:
+  Enabled: false
+
+# Offense count: 1
+# Cop supports --auto-correct.
+Style/Dir:
+  Exclude:
+    - 'qa/qa.rb'
+
+# Offense count: 9
+# Cop supports --auto-correct.
+Style/EachWithObject:
+  Exclude:
+    - 'lib/expand_variables.rb'
+    - 'lib/gitlab/ci/ansi2html.rb'
+    - 'lib/gitlab/ee_compat_check.rb'
+    - 'lib/gitlab/hook_data/issuable_builder.rb'
+    - 'lib/gitlab/i18n/po_linter.rb'
+    - 'lib/gitlab/import_export/members_mapper.rb'
+    - 'lib/gitlab/import_export/relation_factory.rb'
+    - 'scripts/static-analysis'
+
+# Offense count: 24
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: empty, nil, both
+Style/EmptyElse:
+  Enabled: false
+
+# Offense count: 14
+# Cop supports --auto-correct.
+Style/EmptyLambdaParameter:
+  Exclude:
+    - 'app/models/ci/build.rb'
+    - 'app/models/ci/runner.rb'
+
+# Offense count: 12
+# Cop supports --auto-correct.
+Style/EmptyLiteral:
+  Exclude:
+    - 'features/steps/project/commits/commits.rb'
+    - 'lib/gitlab/fogbugz_import/importer.rb'
+    - 'lib/gitlab/git/diff_collection.rb'
+    - 'lib/gitlab/gitaly_client.rb'
+    - 'scripts/trigger-build'
+    - 'spec/features/merge_requests/versions_spec.rb'
+    - 'spec/helpers/merge_requests_helper_spec.rb'
+    - 'spec/lib/gitlab/request_context_spec.rb'
+    - 'spec/lib/gitlab/workhorse_spec.rb'
+    - 'spec/requests/api/jobs_spec.rb'
+    - 'spec/support/shared_examples/chat_slash_commands_shared_examples.rb'
+
+# Offense count: 102
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: compact, expanded
+Style/EmptyMethod:
+  Enabled: false
+
+# Offense count: 23
+# Cop supports --auto-correct.
+Style/Encoding:
+  Enabled: false
+
+# Offense count: 2
+Style/EvalWithLocation:
+  Exclude:
+    - 'app/models/service.rb'
+
+# Offense count: 35
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: format, sprintf, percent
+Style/FormatString:
+  Enabled: false
+
+# Offense count: 384
+# Configuration parameters: MinBodyLength.
+Style/GuardClause:
+  Enabled: false
+
+# Offense count: 22
+Style/IfInsideElse:
+  Enabled: false
+
+# Offense count: 809
+# Cop supports --auto-correct.
+Style/IfUnlessModifier:
+  Enabled: false
+
+# Offense count: 75
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: line_count_dependent, lambda, literal
+Style/Lambda:
+  Enabled: false
+
+# Offense count: 11
+# Cop supports --auto-correct.
+Style/LineEndConcatenation:
+  Exclude:
+    - 'app/helpers/tree_helper.rb'
+    - 'spec/features/issuables/markdown_references_spec.rb'
+    - 'spec/lib/gitlab/checks/project_moved_spec.rb'
+    - 'spec/lib/gitlab/gfm/reference_rewriter_spec.rb'
+    - 'spec/lib/gitlab/incoming_email_spec.rb'
+
+# Offense count: 18
+Style/MethodMissing:
+  Enabled: false
+
+# Offense count: 7
+Style/MixinUsage:
+  Exclude:
+    - 'features/support/env.rb'
+    - 'spec/factories/ci/builds.rb'
+    - 'spec/factories/ci/job_artifacts.rb'
+    - 'spec/factories/lfs_objects.rb'
+    - 'spec/factories/notes.rb'
+    - 'spec/lib/gitlab/import_export/project_tree_restorer_spec.rb'
+    - 'spec/lib/gitlab/import_export/version_checker_spec.rb'
+
+# Offense count: 6
+# Cop supports --auto-correct.
+Style/MultilineIfModifier:
+  Exclude:
+    - 'app/helpers/snippets_helper.rb'
+    - 'app/models/project_wiki.rb'
+    - 'app/services/ci/process_pipeline_service.rb'
+    - 'app/services/create_deployment_service.rb'
+    - 'lib/api/commit_statuses.rb'
+    - 'lib/gitlab/ci/trace.rb'
+
+# Offense count: 25
+# Cop supports --auto-correct.
+# Configuration parameters: Whitelist.
+# Whitelist: be, be_a, be_an, be_between, be_falsey, be_kind_of, be_instance_of, be_truthy, be_within, eq, eql, end_with, include, match, raise_error, respond_to, start_with
+Style/NestedParenthesizedCalls:
+  Enabled: false
+
+# Offense count: 19
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, MinBodyLength.
+# SupportedStyles: skip_modifier_ifs, always
+Style/Next:
+  Enabled: false
+
+# Offense count: 61
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedOctalStyle.
+# SupportedOctalStyles: zero_with_o, zero_only
+Style/NumericLiteralPrefix:
+  Enabled: false
+
+# Offense count: 114
+# Cop supports --auto-correct.
+# Configuration parameters: AutoCorrect, EnforcedStyle.
+# SupportedStyles: predicate, comparison
+Style/NumericPredicate:
+  Enabled: false
+
+# Offense count: 4
+# Cop supports --auto-correct.
+Style/OrAssignment:
+  Exclude:
+    - 'app/models/concerns/token_authenticatable.rb'
+    - 'lib/api/commit_statuses.rb'
+    - 'lib/gitlab/project_transfer.rb'
+
+# Offense count: 50
+# Cop supports --auto-correct.
+Style/ParallelAssignment:
+  Enabled: false
+
+# Offense count: 917
+# Cop supports --auto-correct.
+# Configuration parameters: PreferredDelimiters.
+Style/PercentLiteralDelimiters:
+  Enabled: false
+
+# Offense count: 15
+# Cop supports --auto-correct.
+Style/PerlBackrefs:
+  Exclude:
+    - 'app/controllers/projects/application_controller.rb'
+    - 'app/helpers/submodule_helper.rb'
+    - 'lib/backup/manager.rb'
+    - 'lib/banzai/filter/abstract_reference_filter.rb'
+    - 'lib/banzai/filter/autolink_filter.rb'
+    - 'lib/banzai/filter/emoji_filter.rb'
+    - 'lib/banzai/filter/gollum_tags_filter.rb'
+    - 'lib/expand_variables.rb'
+    - 'lib/gitlab/diff/highlight.rb'
+    - 'lib/gitlab/search_results.rb'
+    - 'lib/gitlab/sherlock/query.rb'
+
+# Offense count: 87
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: compact, exploded
+Style/RaiseArgs:
+  Enabled: false
+
+# Offense count: 9
+# Cop supports --auto-correct.
+Style/RedundantBegin:
+  Exclude:
+    - 'app/controllers/projects/clusters/gcp_controller.rb'
+    - 'app/models/merge_request.rb'
+    - 'app/services/projects/import_service.rb'
+    - 'lib/api/branches.rb'
+    - 'lib/gitlab/current_settings.rb'
+    - 'lib/gitlab/git/commit.rb'
+    - 'lib/gitlab/health_checks/base_abstract_check.rb'
+    - 'lib/tasks/gitlab/task_helpers.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+Style/RedundantConditional:
+  Exclude:
+    - 'lib/system_check/helpers.rb'
+
+# Offense count: 57
+# Cop supports --auto-correct.
+Style/RedundantFreeze:
+  Enabled: false
+
+# Offense count: 15
+# Cop supports --auto-correct.
+# Configuration parameters: AllowMultipleReturnValues.
+Style/RedundantReturn:
+  Exclude:
+    - 'app/controllers/application_controller.rb'
+    - 'app/controllers/concerns/issuable_actions.rb'
+    - 'app/controllers/groups/application_controller.rb'
+    - 'app/controllers/omniauth_callbacks_controller.rb'
+    - 'app/controllers/profiles/keys_controller.rb'
+    - 'app/controllers/projects/application_controller.rb'
+    - 'app/services/access_token_validation_service.rb'
+    - 'lib/gitlab/utils.rb'
+    - 'lib/google_api/auth.rb'
+
+# Offense count: 460
+# Cop supports --auto-correct.
+Style/RedundantSelf:
+  Enabled: false
+
+# Offense count: 142
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, AllowInnerSlashes.
+# SupportedStyles: slashes, percent_r, mixed
+Style/RegexpLiteral:
+  Enabled: true
+  EnforcedStyle: mixed
+  AllowInnerSlashes: false
+
+# Offense count: 36
+# Cop supports --auto-correct.
+Style/RescueModifier:
+  Enabled: false
+
+# Offense count: 107
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: implicit, explicit
+Style/RescueStandardError:
+  Enabled: false
+
+# Offense count: 8
+# Cop supports --auto-correct.
+Style/SelfAssignment:
+  Exclude:
+    - 'app/models/concerns/bulk_member_access_load.rb'
+    - 'app/serializers/base_serializer.rb'
+    - 'app/services/notification_service.rb'
+    - 'lib/api/runners.rb'
+    - 'spec/features/merge_requests/diff_notes_resolve_spec.rb'
+    - 'spec/features/projects/clusters/interchangeability_spec.rb'
+    - 'spec/support/import_export/configuration_helper.rb'
+
+# Offense count: 50
+# Cop supports --auto-correct.
+# Configuration parameters: AllowIfMethodIsEmpty.
+Style/SingleLineMethods:
+  Exclude:
+    - 'lib/gitlab/ci/ansi2html.rb'
+
+# Offense count: 66
+# Cop supports --auto-correct.
+# Configuration parameters: .
+# SupportedStyles: use_perl_names, use_english_names
+Style/SpecialGlobalVars:
+  EnforcedStyle: use_perl_names
+
+# Offense count: 1
+# Cop supports --auto-correct.
+Style/StderrPuts:
+  Exclude:
+    - 'config/initializers/rspec_profiling.rb'
+
+# Offense count: 45
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: single_quotes, double_quotes
+Style/StringLiteralsInInterpolation:
+  Enabled: false
+
+# Offense count: 106
+# Cop supports --auto-correct.
+# Configuration parameters: IgnoredMethods.
+# IgnoredMethods: respond_to, define_method
+Style/SymbolProc:
+  Enabled: false
+
+# Offense count: 9
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, AllowSafeAssignment.
+# SupportedStyles: require_parentheses, require_no_parentheses, require_parentheses_when_complex
+Style/TernaryParentheses:
+  Exclude:
+    - 'app/finders/projects_finder.rb'
+    - 'app/helpers/namespaces_helper.rb'
+    - 'features/support/capybara.rb'
+    - 'lib/gitlab/ci/build/artifacts/metadata/entry.rb'
+    - 'spec/requests/api/pipeline_schedules_spec.rb'
+    - 'spec/support/capybara.rb'
+
+# Offense count: 17
+# Cop supports --auto-correct.
+# Configuration parameters: AllowNamedUnderscoreVariables.
+Style/TrailingUnderscoreVariable:
+  Exclude:
+    - 'app/controllers/admin/background_jobs_controller.rb'
+    - 'app/controllers/invites_controller.rb'
+    - 'app/helpers/tab_helper.rb'
+    - 'lib/backup/manager.rb'
+    - 'lib/gitlab/logger.rb'
+    - 'lib/gitlab/upgrader.rb'
+    - 'lib/system_check/app/migrations_are_up_check.rb'
+    - 'lib/system_check/incoming_email/mail_room_running_check.rb'
+    - 'lib/tasks/gitlab/check.rake'
+    - 'lib/tasks/gitlab/task_helpers.rb'
+    - 'spec/lib/gitlab/etag_caching/middleware_spec.rb'
+    - 'spec/services/quick_actions/interpret_service_spec.rb'
+
+# Offense count: 4
+# Cop supports --auto-correct.
+Style/UnlessElse:
+  Exclude:
+    - 'lib/backup/manager.rb'
+    - 'lib/gitlab/project_search_results.rb'
+    - 'lib/tasks/gitlab/check.rake'
+    - 'spec/features/issues/award_emoji_spec.rb'
+
+# Offense count: 31
+# Cop supports --auto-correct.
+Style/UnneededInterpolation:
+  Enabled: false
+
+# Offense count: 22840
+# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
+# URISchemes: http, https
+Metrics/LineLength:
+  Max: 1310
diff --git a/.ruby-version b/.ruby-version
new file mode 100644
index 0000000000..aedc15bb0c
--- /dev/null
+++ b/.ruby-version
@@ -0,0 +1 @@
+2.5.3
diff --git a/.scss-lint.yml b/.scss-lint.yml
new file mode 100644
index 0000000000..3df66033fa
--- /dev/null
+++ b/.scss-lint.yml
@@ -0,0 +1,273 @@
+# Linter Documentation:
+# https://github.com/brigade/scss-lint/blob/master/lib/scss_lint/linter/README.md
+
+scss_files: 'app/assets/stylesheets/**/*.scss'
+
+exclude:
+  - 'app/assets/stylesheets/pages/emojis.scss'
+
+linters:
+  # Reports when you use improper spacing around ! (the "bang") in !default,
+  # !global, !important, and !optional flags.
+  BangFormat:
+    enabled: true
+
+  # Whether or not to prefer `border: 0` over `border: none`.
+  BorderZero:
+    enabled: true
+
+  # Reports when you define a rule set using a selector with chained classes
+  # (a.k.a. adjoining classes).
+  ChainedClasses:
+    enabled: false
+
+  # Prefer hexadecimal color codes over color keywords.
+  # (e.g. `color: green` is a color keyword)
+  ColorKeyword:
+    enabled: false
+
+  # Prefer color literals (keywords or hexadecimal codes) to be used only in
+  # variable declarations. They should be referred to via variables everywhere
+  # else.
+  ColorVariable:
+    enabled: true
+
+  # Which form of comments to prefer in CSS.
+  Comment:
+    enabled: false
+
+  # Reports @debug statements (which you probably left behind accidentally).
+  DebugStatement:
+    enabled: false
+
+  # Rule sets should be ordered as follows:
+  # - @extend declarations
+  # - @include declarations without inner @content
+  # - properties
+  # - @include declarations with inner @content
+  # - nested rule sets.
+  # Disabled to minimize Bootstrap migration footprint
+  DeclarationOrder:
+    enabled: false
+
+  # `scss-lint:disable` control comments should be preceded by a comment
+  # explaining why these linters are being disabled for this file.
+  # See https://github.com/brigade/scss-lint#disabling-linters-via-source for
+  # more information.
+  DisableLinterReason:
+    enabled: true
+
+  # Reports when you define the same property twice in a single rule set.
+  DuplicateProperty:
+    enabled: true
+    ignore_consecutive:
+      - cursor
+
+  # Separate rule, function, and mixin declarations with empty lines.
+  EmptyLineBetweenBlocks:
+    enabled: true
+
+  # Reports when you have an empty rule set.
+  EmptyRule:
+    enabled: true
+
+  # Reports when you have an @extend directive.
+  ExtendDirective:
+    enabled: false
+
+  # Files should always have a final newline. This results in better diffs
+  # when adding lines to the file, since SCM systems such as git won't
+  # think that you touched the last line.
+  FinalNewline:
+    enabled: true
+
+  # HEX colors should use three-character values where possible.
+  HexLength:
+    enabled: false
+
+  # HEX color values should use lower-case colors to differentiate between
+  # letters and numbers, e.g. `#E3E3E3` vs. `#e3e3e3`.
+  HexNotation:
+    enabled: true
+
+  # Avoid using ID selectors.
+  IdSelector:
+    enabled: false
+
+  # The basenames of @imported SCSS partials should not begin with an
+  # underscore and should not include the filename extension.
+  ImportPath:
+    enabled: true
+
+  # Avoid using !important in properties. It is usually indicative of a
+  # misunderstanding of CSS specificity and can lead to brittle code.
+  ImportantRule:
+    enabled: false
+
+  # Indentation should always be done in increments of 2 spaces.
+  Indentation:
+    enabled: true
+    width: 2
+
+  # Don't write leading zeros for numeric values with a decimal point.
+  LeadingZero:
+    enabled: false
+
+  # Reports when you define the same selector twice in a single sheet.
+  MergeableSelector:
+    enabled: true
+
+  # Functions, mixins, variables, and placeholders should be declared
+  # with all lowercase letters and hyphens instead of underscores.
+  NameFormat:
+    enabled: false
+
+  # Avoid nesting selectors too deeply.
+  NestingDepth:
+    enabled: true
+    max_depth: 6
+
+  # Always use placeholder selectors in @extend.
+  PlaceholderInExtend:
+    enabled: false
+
+  # Sort properties in a strict order.
+  PropertySortOrder:
+    enabled: false
+
+  # Reports when you use an unknown or disabled CSS property
+  # (ignoring vendor-prefixed properties).
+  PropertySpelling:
+    enabled: true
+
+  # Configure which units are allowed for property values.
+  PropertyUnits:
+    enabled: false
+
+  # Pseudo-elements, like ::before, and ::first-letter, should be declared
+  # with two colons. Pseudo-classes, like :hover and :first-child, should
+  # be declared with one colon.
+  PseudoElement:
+    enabled: true
+
+  # Avoid qualifying elements in selectors (also known as "tag-qualifying").
+  QualifyingElement:
+    enabled: false
+
+  # Don't write selectors with a depth of applicability greater than 3.
+  SelectorDepth:
+    enabled: false
+
+  # Selectors should always use hyphenated-lowercase, rather than camelCase or
+  # snake_case.
+  SelectorFormat:
+    enabled: false
+    convention: hyphenated_lowercase
+
+  # Prefer the shortest shorthand form possible for properties that support it.
+  Shorthand:
+    enabled: true
+
+  # Each property should have its own line, except in the special case of
+  # single line rulesets.
+  SingleLinePerProperty:
+    enabled: true
+    allow_single_line_rule_sets: true
+
+  # Split selectors onto separate lines after each comma, and have each
+  # individual selector occupy a single line.
+  SingleLinePerSelector:
+    enabled: true
+
+  # Commas in lists should be followed by a space.
+  SpaceAfterComma:
+    enabled: true
+
+  # Comment literals should be followed by a space.
+  SpaceAfterComment:
+    enabled: false
+
+  # Properties should be formatted with a single space separating the colon
+  # from the property's value.
+  SpaceAfterPropertyColon:
+    enabled: true
+
+  # Properties should be formatted with no space between the name and the
+  # colon.
+  SpaceAfterPropertyName:
+    enabled: true
+
+  # Variables should be formatted with a single space separating the colon
+  # from the variable's value.
+  SpaceAfterVariableColon:
+    enabled: true
+
+  # Variables should be formatted with no space between the name and the
+  # colon.
+  SpaceAfterVariableName:
+    enabled: false
+
+  # Operators should be formatted with a single space on both sides of an
+  # infix operator.
+  SpaceAroundOperator:
+    enabled: true
+
+  # Opening braces should be preceded by a single space.
+  SpaceBeforeBrace:
+    enabled: true
+
+  # Parentheses should not be padded with spaces.
+  SpaceBetweenParens:
+    enabled: false
+
+  # Enforces that string literals should be written with a consistent form
+  # of quotes (single or double).
+  StringQuotes:
+    enabled: false
+
+  # Property values, @extend, @include, and @import directives, and variable
+  # declarations should always end with a semicolon.
+  TrailingSemicolon:
+    enabled: true
+
+  # Reports lines containing trailing whitespace.
+  TrailingWhitespace:
+    enabled: true
+
+  # Don't write trailing zeros for numeric values with a decimal point.
+  TrailingZero:
+    enabled: false
+
+  # Don't use the `all` keyword to specify transition properties.
+  TransitionAll:
+    enabled: false
+
+  # Numeric values should not contain unnecessary fractional portions.
+  UnnecessaryMantissa:
+    enabled: true
+
+  # Do not use parent selector references (&) when they would otherwise
+  # be unnecessary.
+  UnnecessaryParentReference:
+    enabled: true
+
+  # URLs should be valid and not contain protocols or domain names.
+  UrlFormat:
+    enabled: true
+
+  # URLs should always be enclosed within quotes.
+  UrlQuotes:
+    enabled: true
+
+  # Properties, like color and font, are easier to read and maintain
+  # when defined using variables rather than literals.
+  VariableForProperty:
+    enabled: false
+
+  # Avoid vendor prefixes. Or rather: don't write them yourself.
+  VendorPrefix:
+    enabled: false
+
+  # Omit length units on zero values, e.g. `0px` vs. `0`.
+  ZeroUnit:
+    enabled: true