Merge remote-tracking branch 'origin/master' into eReGeBe/gitlab-ce-feature/milestone-md

Signed-off-by: Rémy Coutable <remy@rymai.me>

191 files changed, 5078 insertions, 1869 deletions

diff --git a/spec/config/mail_room_spec.rb b/spec/config/mail_room_spec.rb
index 462afb24f08..6fad7e2b9e7 100644
--- a/spec/config/mail_room_spec.rb
+++ b/spec/config/mail_room_spec.rb
@@ -43,7 +43,7 @@ describe "mail_room.yml" do
       redis_config_file = Rails.root.join('config', 'resque.yml')
 
       redis_url =
-        if File.exists?(redis_config_file)
+        if File.exist?(redis_config_file)
           YAML.load_file(redis_config_file)[Rails.env]
         else
           "redis://localhost:6379"
diff --git a/spec/controllers/admin/impersonation_controller_spec.rb b/spec/controllers/admin/impersonation_controller_spec.rb
deleted file mode 100644
index d7a7ba1c5b6..00000000000
--- a/spec/controllers/admin/impersonation_controller_spec.rb
+++ /dev/null
@@ -1,19 +0,0 @@
-require 'spec_helper'
-
-describe Admin::ImpersonationController do
-  let(:admin) { create(:admin) }
-
-  before do
-    sign_in(admin)
-  end
-
-  describe 'CREATE #impersonation when blocked' do
-    let(:blocked_user) { create(:user, state: :blocked) }
-
-    it 'does not allow impersonation' do
-      post :create, id: blocked_user.username
-
-      expect(flash[:alert]).to eq 'You cannot impersonate a blocked user'
-    end
-  end
-end
diff --git a/spec/controllers/admin/impersonations_controller_spec.rb b/spec/controllers/admin/impersonations_controller_spec.rb
new file mode 100644
index 00000000000..eb82476b179
--- /dev/null
+++ b/spec/controllers/admin/impersonations_controller_spec.rb
@@ -0,0 +1,95 @@
+require 'spec_helper'
+
+describe Admin::ImpersonationsController do
+  let(:impersonator) { create(:admin) }
+  let(:user) { create(:user) }
+
+  describe "DELETE destroy" do
+    context "when not signed in" do
+      it "redirects to the sign in page" do
+        delete :destroy
+
+        expect(response).to redirect_to(new_user_session_path)
+      end
+    end
+
+    context "when signed in" do
+      before do
+        sign_in(user)
+      end
+
+      context "when not impersonating" do
+        it "responds with status 404" do
+          delete :destroy
+
+          expect(response.status).to eq(404)
+        end
+
+        it "doesn't sign us in" do
+          delete :destroy
+
+          expect(warden.user).to eq(user)
+        end
+      end
+
+      context "when impersonating" do
+        before do
+          session[:impersonator_id] = impersonator.id
+        end
+
+        context "when the impersonator is not admin (anymore)" do
+          before do
+            impersonator.admin = false
+            impersonator.save
+          end
+
+          it "responds with status 404" do
+            delete :destroy
+
+            expect(response.status).to eq(404)
+          end
+
+          it "doesn't sign us in as the impersonator" do
+            delete :destroy
+
+            expect(warden.user).to eq(user)
+          end
+        end
+
+        context "when the impersonator is admin" do
+          context "when the impersonator is blocked" do
+            before do
+              impersonator.block!
+            end
+
+            it "responds with status 404" do
+              delete :destroy
+
+              expect(response.status).to eq(404)
+            end
+
+            it "doesn't sign us in as the impersonator" do
+              delete :destroy
+
+              expect(warden.user).to eq(user)
+            end
+          end
+
+          context "when the impersonator is not blocked" do
+            it "redirects to the impersonated user's page" do
+              delete :destroy
+
+              expect(response).to redirect_to(admin_user_path(user))
+            end
+
+            it "signs us in as the impersonator" do
+              delete :destroy
+
+              expect(warden.user).to eq(impersonator)
+            end
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/spec/controllers/admin/users_controller_spec.rb b/spec/controllers/admin/users_controller_spec.rb
index 9ef8ba1b097..6caf37ddc2c 100644
--- a/spec/controllers/admin/users_controller_spec.rb
+++ b/spec/controllers/admin/users_controller_spec.rb
@@ -2,9 +2,10 @@ require 'spec_helper'
 
 describe Admin::UsersController do
   let(:user) { create(:user) }
+  let(:admin) { create(:admin) }
 
   before do
-    sign_in(create(:admin))
+    sign_in(admin)
   end
 
   describe 'DELETE #user with projects' do
@@ -112,4 +113,126 @@ describe Admin::UsersController do
       patch :disable_two_factor, id: user.to_param
     end
   end
+
+  describe 'POST update' do
+    context 'when the password has changed' do
+      def update_password(user, password, password_confirmation = nil)
+        params = {
+          id: user.to_param,
+          user: {
+            password: password,
+            password_confirmation: password_confirmation || password
+          }
+        }
+
+        post :update, params
+      end
+
+      context 'when the new password is valid' do
+        it 'redirects to the user' do
+          update_password(user, 'AValidPassword1')
+
+          expect(response).to redirect_to(admin_user_path(user))
+        end
+
+        it 'updates the password' do
+          update_password(user, 'AValidPassword1')
+
+          expect { user.reload }.to change { user.encrypted_password }
+        end
+
+        it 'sets the new password to expire immediately' do
+          update_password(user, 'AValidPassword1')
+
+          expect { user.reload }.to change { user.password_expires_at }.to(a_value <= Time.now)
+        end
+      end
+
+      context 'when the new password is invalid' do
+        it 'shows the edit page again' do
+          update_password(user, 'invalid')
+
+          expect(response).to render_template(:edit)
+        end
+
+        it 'returns the error message' do
+          update_password(user, 'invalid')
+
+          expect(assigns[:user].errors).to contain_exactly(a_string_matching(/too short/))
+        end
+
+        it 'does not update the password' do
+          update_password(user, 'invalid')
+
+          expect { user.reload }.not_to change { user.encrypted_password }
+        end
+      end
+
+      context 'when the new password does not match the password confirmation' do
+        it 'shows the edit page again' do
+          update_password(user, 'AValidPassword1', 'AValidPassword2')
+
+          expect(response).to render_template(:edit)
+        end
+
+        it 'returns the error message' do
+          update_password(user, 'AValidPassword1', 'AValidPassword2')
+
+          expect(assigns[:user].errors).to contain_exactly(a_string_matching(/doesn't match/))
+        end
+
+        it 'does not update the password' do
+          update_password(user, 'AValidPassword1', 'AValidPassword2')
+
+          expect { user.reload }.not_to change { user.encrypted_password }
+        end
+      end
+    end
+  end
+
+  describe "POST impersonate" do
+    context "when the user is blocked" do
+      before do
+        user.block!
+      end
+
+      it "shows a notice" do
+        post :impersonate, id: user.username
+
+        expect(flash[:alert]).to eq("You cannot impersonate a blocked user")
+      end
+
+      it "doesn't sign us in as the user" do
+        post :impersonate, id: user.username
+
+        expect(warden.user).to eq(admin)
+      end
+    end
+
+    context "when the user is not blocked" do
+      it "stores the impersonator in the session" do
+        post :impersonate, id: user.username
+
+        expect(session[:impersonator_id]).to eq(admin.id)
+      end
+
+      it "signs us in as the user" do
+        post :impersonate, id: user.username
+
+        expect(warden.user).to eq(user)
+      end
+
+      it "redirects to root" do
+        post :impersonate, id: user.username
+
+        expect(response).to redirect_to(root_path)
+      end
+
+      it "shows a notice" do
+        post :impersonate, id: user.username
+
+        expect(flash[:alert]).to eq("You are now impersonating #{user.username}")
+      end
+    end
+  end
 end
diff --git a/spec/controllers/health_check_controller_spec.rb b/spec/controllers/health_check_controller_spec.rb
new file mode 100644
index 00000000000..0d8a68bb51a
--- /dev/null
+++ b/spec/controllers/health_check_controller_spec.rb
@@ -0,0 +1,105 @@
+require 'spec_helper'
+
+describe HealthCheckController do
+  let(:token) { current_application_settings.health_check_access_token }
+  let(:json_response) { JSON.parse(response.body) }
+  let(:xml_response) { Hash.from_xml(response.body)['hash'] }
+
+  describe 'GET #index' do
+    context 'when services are up but NO access token' do
+      it 'returns a not found page' do
+        get :index
+        expect(response).to be_not_found
+      end
+    end
+
+    context 'when services are up and an access token is provided' do
+      it 'supports passing the token in the header' do
+        request.headers['TOKEN'] = token
+        get :index
+        expect(response).to be_success
+        expect(response.content_type).to eq 'text/plain'
+      end
+
+      it 'supports successful plaintest response' do
+        get :index, token: token
+        expect(response).to be_success
+        expect(response.content_type).to eq 'text/plain'
+      end
+
+      it 'supports successful json response' do
+        get :index, token: token, format: :json
+        expect(response).to be_success
+        expect(response.content_type).to eq 'application/json'
+        expect(json_response['healthy']).to be true
+      end
+
+      it 'supports successful xml response' do
+        get :index, token: token, format: :xml
+        expect(response).to be_success
+        expect(response.content_type).to eq 'application/xml'
+        expect(xml_response['healthy']).to be true
+      end
+
+      it 'supports successful responses for specific checks' do
+        get :index, token: token, checks: 'email', format: :json
+        expect(response).to be_success
+        expect(response.content_type).to eq 'application/json'
+        expect(json_response['healthy']).to be true
+      end
+    end
+
+    context 'when a service is down but NO access token' do
+      it 'returns a not found page' do
+        get :index
+        expect(response).to be_not_found
+      end
+    end
+
+    context 'when a service is down and an access token is provided' do
+      before do
+        allow(HealthCheck::Utils).to receive(:process_checks).with('standard').and_return('The server is on fire')
+        allow(HealthCheck::Utils).to receive(:process_checks).with('email').and_return('Email is on fire')
+      end
+
+      it 'supports passing the token in the header' do
+        request.headers['TOKEN'] = token
+        get :index
+        expect(response.status).to eq(500)
+        expect(response.content_type).to eq 'text/plain'
+        expect(response.body).to include('The server is on fire')
+      end
+
+      it 'supports failure plaintest response' do
+        get :index, token: token
+        expect(response.status).to eq(500)
+        expect(response.content_type).to eq 'text/plain'
+        expect(response.body).to include('The server is on fire')
+      end
+
+      it 'supports failure json response' do
+        get :index, token: token, format: :json
+        expect(response.status).to eq(500)
+        expect(response.content_type).to eq 'application/json'
+        expect(json_response['healthy']).to be false
+        expect(json_response['message']).to include('The server is on fire')
+      end
+
+      it 'supports failure xml response' do
+        get :index, token: token, format: :xml
+        expect(response.status).to eq(500)
+        expect(response.content_type).to eq 'application/xml'
+        expect(xml_response['healthy']).to be false
+        expect(xml_response['message']).to include('The server is on fire')
+      end
+
+      it 'supports failure responses for specific checks' do
+        get :index, token: token, checks: 'email', format: :json
+        expect(response.status).to eq(500)
+        expect(response.content_type).to eq 'application/json'
+        expect(json_response['healthy']).to be false
+        expect(json_response['message']).to include('Email is on fire')
+      end
+    end
+  end
+end
diff --git a/spec/controllers/import/github_controller_spec.rb b/spec/controllers/import/github_controller_spec.rb
index bbf8adef534..bcc713dce2a 100644
--- a/spec/controllers/import/github_controller_spec.rb
+++ b/spec/controllers/import/github_controller_spec.rb
@@ -22,6 +22,8 @@ describe Import::GithubController do
       token = "asdasd12345"
       allow_any_instance_of(Gitlab::GithubImport::Client).
         to receive(:get_token).and_return(token)
+      allow_any_instance_of(Gitlab::GithubImport::Client).
+        to receive(:github_options).and_return({})
       stub_omniauth_provider('github')
 
       get :callback
diff --git a/spec/controllers/projects/issues_controller_spec.rb b/spec/controllers/projects/issues_controller_spec.rb
index d6e4cd71ce6..2b2ad3b9412 100644
--- a/spec/controllers/projects/issues_controller_spec.rb
+++ b/spec/controllers/projects/issues_controller_spec.rb
@@ -40,6 +40,45 @@ describe Projects::IssuesController do
     end
   end
 
+  describe 'PUT #update' do
+    context 'when moving issue to another private project' do
+      let(:another_project) { create(:project, :private) }
+
+      before do
+        sign_in(user)
+        project.team << [user, :developer]
+      end
+
+      context 'when user has access to move issue' do
+        before { another_project.team << [user, :reporter] }
+
+        it 'moves issue to another project' do
+          move_issue
+
+          expect(response).to have_http_status :found
+          expect(another_project.issues).to_not be_empty
+        end
+      end
+
+      context 'when user does not have access to move issue' do
+        it 'responds with 404' do
+          move_issue
+
+          expect(response).to have_http_status :not_found
+        end
+      end
+
+      def move_issue
+        put :update,
+          namespace_id: project.namespace.to_param,
+          project_id: project.to_param,
+          id: issue.iid,
+          issue: { title: 'New title' },
+          move_to_project_id: another_project.id
+      end
+    end
+  end
+
   describe 'Confidential Issues' do
     let(:project) { create(:project_empty_repo, :public) }
     let(:assignee) { create(:assignee) }
diff --git a/spec/controllers/projects/raw_controller_spec.rb b/spec/controllers/projects/raw_controller_spec.rb
index 1caa476d37d..fb29274c687 100644
--- a/spec/controllers/projects/raw_controller_spec.rb
+++ b/spec/controllers/projects/raw_controller_spec.rb
@@ -42,7 +42,7 @@ describe Projects::RawController do
         before do
           public_project.lfs_objects << lfs_object
           allow_any_instance_of(LfsObjectUploader).to receive(:exists?).and_return(true)
-          allow(controller).to receive(:send_file) { controller.render nothing: true }
+          allow(controller).to receive(:send_file) { controller.head :ok }
         end
 
         it 'serves the file' do
diff --git a/spec/controllers/registrations_controller_spec.rb b/spec/controllers/registrations_controller_spec.rb
new file mode 100644
index 00000000000..df70a589a89
--- /dev/null
+++ b/spec/controllers/registrations_controller_spec.rb
@@ -0,0 +1,33 @@
+require 'spec_helper'
+
+describe RegistrationsController do
+  describe '#create' do
+    around(:each) do |example|
+      perform_enqueued_jobs do
+        example.run
+      end
+    end
+
+    let(:user_params) { { user: { name: "new_user", username: "new_username", email: "new@user.com", password: "Any_password" } } }
+
+    context 'when sending email confirmation' do
+      before { allow(current_application_settings).to receive(:send_user_confirmation_email).and_return(false) }
+
+      it 'logs user in directly' do
+        post(:create, user_params)
+        expect(ActionMailer::Base.deliveries.last).to be_nil
+        expect(subject.current_user).to_not be_nil
+      end
+    end
+
+    context 'when not sending email confirmation' do
+      before { allow(current_application_settings).to receive(:send_user_confirmation_email).and_return(true) }
+
+      it 'does not authenticate user and sends confirmation email' do
+        post(:create, user_params)
+        expect(ActionMailer::Base.deliveries.last.to.first).to eq(user_params[:user][:email])
+        expect(subject.current_user).to be_nil
+      end
+    end
+  end
+end
diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb
index 8045c8b940d..c61ec174665 100644
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@@ -112,4 +112,26 @@ describe UsersController do
       expect(response).to render_template('calendar_activities')
     end
   end
+
+  describe 'GET #snippets' do
+    before do
+      sign_in(user)
+    end
+
+    context 'format html' do
+      it 'renders snippets page' do
+        get :snippets, username: user.username
+        expect(response.status).to eq(200)
+        expect(response).to render_template('show')
+      end
+    end
+
+    context 'format json' do
+      it 'response with snippets json data' do
+        get :snippets, username: user.username, format: :json
+        expect(response.status).to eq(200)
+        expect(JSON.parse(response.body)).to have_key('html')
+      end
+    end
+  end
 end
diff --git a/spec/factories/abuse_reports.rb b/spec/factories/abuse_reports.rb
index d0e8c778518..8f6422a7825 100644
--- a/spec/factories/abuse_reports.rb
+++ b/spec/factories/abuse_reports.rb
@@ -1,15 +1,3 @@
-# == Schema Information
-#
-# Table name: abuse_reports
-#
-#  id          :integer          not null, primary key
-#  reporter_id :integer
-#  user_id     :integer
-#  message     :text
-#  created_at  :datetime
-#  updated_at  :datetime
-#
-
 FactoryGirl.define do
   factory :abuse_report do
     reporter factory: :user
diff --git a/spec/factories/broadcast_messages.rb b/spec/factories/broadcast_messages.rb
index c80e7366551..efe9803b1a7 100644
--- a/spec/factories/broadcast_messages.rb
+++ b/spec/factories/broadcast_messages.rb
@@ -1,17 +1,3 @@
-# == Schema Information
-#
-# Table name: broadcast_messages
-#
-#  id         :integer          not null, primary key
-#  message    :text             not null
-#  starts_at  :datetime
-#  ends_at    :datetime
-#  created_at :datetime
-#  updated_at :datetime
-#  color      :string(255)
-#  font       :string(255)
-#
-
 FactoryGirl.define do
   factory :broadcast_message do
     message "MyText"
diff --git a/spec/factories/forked_project_links.rb b/spec/factories/forked_project_links.rb
index 19a54946fe0..b16c1272e68 100644
--- a/spec/factories/forked_project_links.rb
+++ b/spec/factories/forked_project_links.rb
@@ -1,14 +1,3 @@
-# == Schema Information
-#
-# Table name: forked_project_links
-#
-#  id                     :integer          not null, primary key
-#  forked_to_project_id   :integer          not null
-#  forked_from_project_id :integer          not null
-#  created_at             :datetime
-#  updated_at             :datetime
-#
-
 FactoryGirl.define do
   factory :forked_project_link do
     association :forked_to_project, factory: :project
diff --git a/spec/factories/label_links.rb b/spec/factories/label_links.rb
index 2939d4307c5..3580174e873 100644
--- a/spec/factories/label_links.rb
+++ b/spec/factories/label_links.rb
@@ -1,15 +1,3 @@
-# == Schema Information
-#
-# Table name: label_links
-#
-#  id          :integer          not null, primary key
-#  label_id    :integer
-#  target_id   :integer
-#  target_type :string(255)
-#  created_at  :datetime
-#  updated_at  :datetime
-#
-
 FactoryGirl.define do
   factory :label_link do
     label
diff --git a/spec/factories/labels.rb b/spec/factories/labels.rb
index ea2be8928d5..eb489099854 100644
--- a/spec/factories/labels.rb
+++ b/spec/factories/labels.rb
@@ -1,16 +1,3 @@
-# == Schema Information
-#
-# Table name: labels
-#
-#  id         :integer          not null, primary key
-#  title      :string(255)
-#  color      :string(255)
-#  project_id :integer
-#  created_at :datetime
-#  updated_at :datetime
-#  template   :boolean          default(FALSE)
-#
-
 FactoryGirl.define do
   factory :label do
     sequence(:title) { |n| "label#{n}" }
diff --git a/spec/factories/lfs_objects.rb b/spec/factories/lfs_objects.rb
index 327858ce435..a81645acd2b 100644
--- a/spec/factories/lfs_objects.rb
+++ b/spec/factories/lfs_objects.rb
@@ -1,15 +1,3 @@
-# == Schema Information
-#
-# Table name: lfs_objects
-#
-#  id         :integer          not null, primary key
-#  oid        :string(255)      not null
-#  size       :integer          not null
-#  created_at :datetime
-#  updated_at :datetime
-#  file       :string(255)
-#
-
 include ActionDispatch::TestProcess
 
 FactoryGirl.define do
diff --git a/spec/factories/lfs_objects_projects.rb b/spec/factories/lfs_objects_projects.rb
index 50b45843c99..1ed0355c8e4 100644
--- a/spec/factories/lfs_objects_projects.rb
+++ b/spec/factories/lfs_objects_projects.rb
@@ -1,14 +1,3 @@
-# == Schema Information
-#
-# Table name: lfs_objects_projects
-#
-#  id            :integer          not null, primary key
-#  lfs_object_id :integer          not null
-#  project_id    :integer          not null
-#  created_at    :datetime
-#  updated_at    :datetime
-#
-
 FactoryGirl.define do
   factory :lfs_objects_project do
     lfs_object
diff --git a/spec/factories/merge_requests.rb b/spec/factories/merge_requests.rb
index e281e2f227b..c6a08d78b78 100644
--- a/spec/factories/merge_requests.rb
+++ b/spec/factories/merge_requests.rb
@@ -1,32 +1,3 @@
-# == Schema Information
-#
-# Table name: merge_requests
-#
-#  id                        :integer          not null, primary key
-#  target_branch             :string(255)      not null
-#  source_branch             :string(255)      not null
-#  source_project_id         :integer          not null
-#  author_id                 :integer
-#  assignee_id               :integer
-#  title                     :string(255)
-#  created_at                :datetime
-#  updated_at                :datetime
-#  milestone_id              :integer
-#  state                     :string(255)
-#  merge_status              :string(255)
-#  target_project_id         :integer          not null
-#  iid                       :integer
-#  description               :text
-#  position                  :integer          default(0)
-#  locked_at                 :datetime
-#  updated_by_id             :integer
-#  merge_error               :string(255)
-#  merge_params              :text
-#  merge_when_build_succeeds :boolean          default(FALSE), not null
-#  merge_user_id             :integer
-#  merge_commit_sha          :string
-#
-
 FactoryGirl.define do
   factory :merge_request do
     title
diff --git a/spec/factories/notes.rb b/spec/factories/notes.rb
index e5dcb159014..26719f2652c 100644
--- a/spec/factories/notes.rb
+++ b/spec/factories/notes.rb
@@ -1,24 +1,3 @@
-# == Schema Information
-#
-# Table name: notes
-#
-#  id            :integer          not null, primary key
-#  note          :text
-#  noteable_type :string(255)
-#  author_id     :integer
-#  created_at    :datetime
-#  updated_at    :datetime
-#  project_id    :integer
-#  attachment    :string(255)
-#  line_code     :string(255)
-#  commit_id     :string(255)
-#  noteable_id   :integer
-#  system        :boolean          default(FALSE), not null
-#  st_diff       :text
-#  updated_by_id :integer
-#  is_award      :boolean          default(FALSE), not null
-#
-
 require_relative '../support/repo_helpers'
 
 include ActionDispatch::TestProcess
@@ -30,10 +9,10 @@ FactoryGirl.define do
     author
 
     factory :note_on_commit,             traits: [:on_commit]
-    factory :note_on_commit_diff,        traits: [:on_commit, :on_diff]
+    factory :note_on_commit_diff,        traits: [:on_commit, :on_diff], class: LegacyDiffNote
     factory :note_on_issue,              traits: [:on_issue], aliases: [:votable_note]
     factory :note_on_merge_request,      traits: [:on_merge_request]
-    factory :note_on_merge_request_diff, traits: [:on_merge_request, :on_diff]
+    factory :note_on_merge_request_diff, traits: [:on_merge_request, :on_diff], class: LegacyDiffNote
     factory :note_on_project_snippet,    traits: [:on_project_snippet]
     factory :system_note,                traits: [:system]
     factory :downvote_note,              traits: [:award, :downvote]
diff --git a/spec/factories/oauth_access_tokens.rb b/spec/factories/oauth_access_tokens.rb
index 7700b15d538..ccf02d0719b 100644
--- a/spec/factories/oauth_access_tokens.rb
+++ b/spec/factories/oauth_access_tokens.rb
@@ -1,18 +1,3 @@
-# == Schema Information
-#
-# Table name: oauth_access_tokens
-#
-#  id                :integer          not null, primary key
-#  resource_owner_id :integer
-#  application_id    :integer
-#  token             :string           not null
-#  refresh_token     :string
-#  expires_in        :integer
-#  revoked_at        :datetime
-#  created_at        :datetime         not null
-#  scopes            :string
-#
-
 FactoryGirl.define do
   factory :oauth_access_token do
     resource_owner
diff --git a/spec/factories/project_hooks.rb b/spec/factories/project_hooks.rb
index 94dd935a039..3195fb3ddcc 100644
--- a/spec/factories/project_hooks.rb
+++ b/spec/factories/project_hooks.rb
@@ -1,5 +1,9 @@
 FactoryGirl.define do
   factory :project_hook do
     url { FFaker::Internet.uri('http') }
+
+    trait :token do
+      token { SecureRandom.hex(10) }
+    end
   end
 end
diff --git a/spec/factories/projects.rb b/spec/factories/projects.rb
index c14b99606ba..da8d97c9f82 100644
--- a/spec/factories/projects.rb
+++ b/spec/factories/projects.rb
@@ -1,43 +1,3 @@
-# == Schema Information
-#
-# Table name: projects
-#
-#  id                     :integer          not null, primary key
-#  name                   :string(255)
-#  path                   :string(255)
-#  description            :text
-#  created_at             :datetime
-#  updated_at             :datetime
-#  creator_id             :integer
-#  issues_enabled         :boolean          default(TRUE), not null
-#  wall_enabled           :boolean          default(TRUE), not null
-#  merge_requests_enabled :boolean          default(TRUE), not null
-#  wiki_enabled           :boolean          default(TRUE), not null
-#  namespace_id           :integer
-#  issues_tracker         :string(255)      default("gitlab"), not null
-#  issues_tracker_id      :string(255)
-#  snippets_enabled       :boolean          default(TRUE), not null
-#  last_activity_at       :datetime
-#  import_url             :string(255)
-#  visibility_level       :integer          default(0), not null
-#  archived               :boolean          default(FALSE), not null
-#  avatar                 :string(255)
-#  import_status          :string(255)
-#  repository_size        :float            default(0.0)
-#  star_count             :integer          default(0), not null
-#  import_type            :string(255)
-#  import_source          :string(255)
-#  commit_count           :integer          default(0)
-#  import_error           :text
-#  ci_id                  :integer
-#  builds_enabled         :boolean          default(TRUE), not null
-#  shared_runners_enabled :boolean          default(TRUE), not null
-#  runners_token          :string
-#  build_coverage_regex   :string
-#  build_allow_git_fetch  :boolean          default(TRUE), not null
-#  build_timeout          :integer          default(3600), not null
-#
-
 FactoryGirl.define do
   # Project without repository
   #
@@ -61,6 +21,12 @@ FactoryGirl.define do
     trait :private do
       visibility_level Gitlab::VisibilityLevel::PRIVATE
     end
+
+    trait :empty_repo do
+      after(:create) do |project|
+        project.create_repository
+      end
+    end
   end
 
   # Project with empty repository
@@ -68,9 +34,7 @@ FactoryGirl.define do
   # This is a case when you just created a project
   # but not pushed any code there yet
   factory :project_empty_repo, parent: :empty_project do
-    after :create do |project|
-      project.create_repository
-    end
+    empty_repo
   end
 
   # Project with test repository
diff --git a/spec/factories/releases.rb b/spec/factories/releases.rb
index 7f331c37256..74497dc82c0 100644
--- a/spec/factories/releases.rb
+++ b/spec/factories/releases.rb
@@ -1,15 +1,3 @@
-# == Schema Information
-#
-# Table name: releases
-#
-#  id          :integer          not null, primary key
-#  tag         :string(255)
-#  description :text
-#  project_id  :integer
-#  created_at  :datetime
-#  updated_at  :datetime
-#
-
 FactoryGirl.define do
   factory :release do
     tag "v1.1.0"
diff --git a/spec/factories/todos.rb b/spec/factories/todos.rb
index 7ae06c27840..e3681ae93a5 100644
--- a/spec/factories/todos.rb
+++ b/spec/factories/todos.rb
@@ -1,21 +1,3 @@
-# == Schema Information
-#
-# Table name: todos
-#
-#  id          :integer          not null, primary key
-#  user_id     :integer          not null
-#  project_id  :integer          not null
-#  target_id   :integer
-#  target_type :string           not null
-#  author_id   :integer
-#  action      :integer          not null
-#  state       :string           not null
-#  created_at  :datetime
-#  updated_at  :datetime
-#  note_id     :integer
-#  commit_id   :string
-#
-
 FactoryGirl.define do
   factory :todo do
     project
diff --git a/spec/features/admin/admin_builds_spec.rb b/spec/features/admin/admin_builds_spec.rb
index 2e9851fb442..7bbe20fec43 100644
--- a/spec/features/admin/admin_builds_spec.rb
+++ b/spec/features/admin/admin_builds_spec.rb
@@ -19,6 +19,7 @@ describe 'Admin Builds' do
           visit admin_builds_path
 
           expect(page).to have_selector('.nav-links li.active', text: 'All')
+          expect(page).to have_selector('.row-content-block', text: 'All builds')
           expect(page.all('.build-link').size).to eq(4)
           expect(page).to have_link 'Cancel all'
         end
diff --git a/spec/features/admin/admin_health_check_spec.rb b/spec/features/admin/admin_health_check_spec.rb
new file mode 100644
index 00000000000..dec2dedf2b5
--- /dev/null
+++ b/spec/features/admin/admin_health_check_spec.rb
@@ -0,0 +1,55 @@
+require 'spec_helper'
+
+feature "Admin Health Check", feature: true do
+  include WaitForAjax
+
+  before do
+    login_as :admin
+  end
+
+  describe '#show' do
+    before do
+      visit admin_health_check_path
+    end
+
+    it { page.has_text? 'Health Check' }
+    it { page.has_text? 'Health information can be retrieved' }
+
+    it 'has a health check access token' do
+      token = current_application_settings.health_check_access_token
+      expect(page).to have_content("Access token is #{token}")
+      expect(page).to have_selector('#health-check-token', text: token)
+    end
+
+    describe 'reload access token', js: true do
+      it 'changes the access token' do
+        orig_token = current_application_settings.health_check_access_token
+        click_button 'Reset health check access token'
+        wait_for_ajax
+        expect(find('#health-check-token').text).not_to eq orig_token
+      end
+    end
+  end
+
+  context 'when services are up' do
+    before do
+      visit admin_health_check_path
+    end
+
+    it 'shows healthy status' do
+      expect(page).to have_content('Current Status: Healthy')
+    end
+  end
+
+  context 'when a service is down' do
+    before do
+      allow(HealthCheck::Utils).to receive(:process_checks).and_return('The server is on fire')
+      visit admin_health_check_path
+    end
+
+    it 'shows unhealthy status' do
+      expect(page).to have_content('Current Status: Unhealthy')
+      expect(page).to have_content('The server is on fire')
+    end
+  end
+end
diff --git a/spec/features/admin/admin_users_spec.rb b/spec/features/admin/admin_users_spec.rb
index 4570e409128..6dee0cd8d47 100644
--- a/spec/features/admin/admin_users_spec.rb
+++ b/spec/features/admin/admin_users_spec.rb
@@ -210,6 +210,8 @@ describe "Admin::Users", feature: true  do
       before do
         fill_in "user_name", with: "Big Bang"
         fill_in "user_email", with: "bigbang@mail.com"
+        fill_in "user_password", with: "AValidPassword1"
+        fill_in "user_password_confirmation", with: "AValidPassword1"
         check "user_admin"
         click_button "Save changes"
       end
@@ -223,6 +225,7 @@ describe "Admin::Users", feature: true  do
         @simple_user.reload
         expect(@simple_user.name).to eq('Big Bang')
         expect(@simple_user.is_admin?).to be_truthy
+        expect(@simple_user.password_expires_at).to be <= Time.now
       end
     end
   end
diff --git a/spec/features/builds_spec.rb b/spec/features/builds_spec.rb
index 090a941958f..f83a78308e3 100644
--- a/spec/features/builds_spec.rb
+++ b/spec/features/builds_spec.rb
@@ -43,6 +43,7 @@ describe "Builds" do
       end
 
       it { expect(page).to have_selector('.nav-links li.active', text: 'All') }
+      it { expect(page).to have_selector('.row-content-block', text: 'All builds from this project') }
       it { expect(page).to have_content @build.short_sha }
       it { expect(page).to have_content @build.ref }
       it { expect(page).to have_content @build.name }
diff --git a/spec/features/container_registry_spec.rb b/spec/features/container_registry_spec.rb
new file mode 100644
index 00000000000..53b4f027117
--- /dev/null
+++ b/spec/features/container_registry_spec.rb
@@ -0,0 +1,44 @@
+require 'spec_helper'
+
+describe "Container Registry" do
+  let(:project) { create(:empty_project) }
+  let(:repository) { project.container_registry_repository }
+  let(:tag_name) { 'latest' }
+  let(:tags) { [tag_name] }
+
+  before do
+    login_as(:user)
+    project.team << [@user, :developer]
+    stub_container_registry_tags(*tags)
+    stub_container_registry_config(enabled: true)
+    allow(Auth::ContainerRegistryAuthenticationService).to receive(:full_access_token).and_return('token')
+  end
+
+  describe 'GET /:project/container_registry' do
+    before do
+      visit namespace_project_container_registry_index_path(project.namespace, project)
+    end
+
+    context 'when no tags' do
+      let(:tags) { [] }
+
+      it { expect(page).to have_content('No images in Container Registry for this project') }
+    end
+
+    context 'when there are tags' do
+      it { expect(page).to have_content(tag_name)}
+    end
+  end
+
+  describe 'DELETE /:project/container_registry/tag' do
+    before do
+      visit namespace_project_container_registry_index_path(project.namespace, project)
+    end
+
+    it do
+      expect_any_instance_of(::ContainerRegistry::Tag).to receive(:delete).and_return(true)
+
+      click_on 'Remove'
+    end
+  end
+end
diff --git a/spec/features/dashboard/label_filter_spec.rb b/spec/features/dashboard/label_filter_spec.rb
new file mode 100644
index 00000000000..24e83d44010
--- /dev/null
+++ b/spec/features/dashboard/label_filter_spec.rb
@@ -0,0 +1,29 @@
+require 'spec_helper'
+
+describe 'Dashboard > label filter', feature: true, js: true do
+  let(:user) { create(:user) }
+  let(:project) { create(:project, name: 'test', namespace: user.namespace) }
+  let(:project2) { create(:project, name: 'test2', path: 'test2', namespace: user.namespace) }
+  let(:label) { create(:label, title: 'bug', color: '#ff0000') }
+  let(:label2) { create(:label, title: 'bug') }
+
+  before do
+    project.labels << label
+    project2.labels << label2
+
+    login_as(user)
+    visit issues_dashboard_path
+  end
+
+  context 'duplicate labels' do
+    it 'should remove duplicate labels' do
+      page.within('.labels-filter') do
+        click_button 'Label'
+      end
+
+      page.within('.dropdown-menu-labels') do
+        expect(page).to have_selector('.dropdown-content a', text: 'bug', count: 1)
+      end
+    end
+  end
+end
diff --git a/spec/features/issues/new_branch_button_spec.rb b/spec/features/issues/new_branch_button_spec.rb
index 9219b767547..16e188d2a8a 100644
--- a/spec/features/issues/new_branch_button_spec.rb
+++ b/spec/features/issues/new_branch_button_spec.rb
@@ -11,10 +11,10 @@ feature 'Start new branch from an issue', feature: true do
       login_as(user)
     end
 
-    it 'shown the new branch button', js: false do
+    it 'shows the new branch button', js: true do
       visit namespace_project_issue_path(project.namespace, project, issue)
 
-      expect(page).to have_link "New Branch"
+      expect(page).to have_css('#new-branch .available')
     end
 
     context "when there is a referenced merge request" do
@@ -34,16 +34,17 @@ feature 'Start new branch from an issue', feature: true do
       end
 
       it "hides the new branch button", js: true do
-        expect(page).not_to have_link "New Branch"
+        expect(page).not_to have_css('#new-branch .available')
         expect(page).to have_content /1 Related Merge Request/
       end
     end
   end
 
   context "for visiters" do
-    it 'no button is shown', js: false do
+    it 'no button is shown', js: true do
       visit namespace_project_issue_path(project.namespace, project, issue)
-      expect(page).not_to have_link "New Branch"
+
+      expect(page).not_to have_css('#new-branch')
     end
   end
 end
diff --git a/spec/features/issues_spec.rb b/spec/features/issues_spec.rb
index b57131f68d5..d5755c293c5 100644
--- a/spec/features/issues_spec.rb
+++ b/spec/features/issues_spec.rb
@@ -264,12 +264,14 @@ describe 'Issues', feature: true do
         visit namespace_project_issues_path(project.namespace, project, sort: sort_value_milestone_soon)
 
         expect(first_issue).to include('foo')
+        expect(last_issue).to include('baz')
       end
 
       it 'sorts by least recently due milestone' do
         visit namespace_project_issues_path(project.namespace, project, sort: sort_value_milestone_later)
 
         expect(first_issue).to include('bar')
+        expect(last_issue).to include('baz')
       end
     end
 
diff --git a/spec/features/login_spec.rb b/spec/features/login_spec.rb
index 4433ef2d6f1..8c38dd5b122 100644
--- a/spec/features/login_spec.rb
+++ b/spec/features/login_spec.rb
@@ -37,7 +37,7 @@ feature 'Login', feature: true do
       end
 
       def enter_code(code)
-        fill_in 'Two-factor authentication code', with: code
+        fill_in 'Two-factor Authentication code', with: code
         click_button 'Verify code'
       end
 
diff --git a/spec/features/merge_requests/create_new_mr_spec.rb b/spec/features/merge_requests/create_new_mr_spec.rb
index 00b60bd0e75..e296078bad8 100644
--- a/spec/features/merge_requests/create_new_mr_spec.rb
+++ b/spec/features/merge_requests/create_new_mr_spec.rb
@@ -30,4 +30,14 @@ feature 'Create New Merge Request', feature: true, js: true do
 
     expect(page).to have_content 'git checkout -b orphaned-branch origin/orphaned-branch'
   end
+
+  context 'when target project cannot be viewed by the current user' do
+    it 'does not leak the private project name & namespace' do
+      private_project = create(:project, :private)
+
+      visit new_namespace_project_merge_request_path(project.namespace, project, merge_request: { target_project_id: private_project.id })
+
+      expect(page).not_to have_content private_project.to_reference
+    end
+  end
 end
diff --git a/spec/features/merge_requests/toggle_whitespace_changes.rb b/spec/features/merge_requests/toggle_whitespace_changes.rb
new file mode 100644
index 00000000000..0f98737b700
--- /dev/null
+++ b/spec/features/merge_requests/toggle_whitespace_changes.rb
@@ -0,0 +1,22 @@
+require 'spec_helper'
+
+feature 'Toggle Whitespace Changes', js: true, feature: true do
+  before do
+    login_as :admin
+    merge_request = create(:merge_request)
+    project = merge_request.source_project
+    visit diffs_namespace_project_merge_request_path(project.namespace, project, merge_request)
+  end
+
+  it 'has a button to toggle whitespace changes' do
+    expect(page).to have_content 'Hide whitespace changes'
+  end
+
+  describe 'clicking "Hide whitespace changes" button' do
+    it 'toggles the "Hide whitespace changes" button' do
+      click_link 'Hide whitespace changes'
+
+      expect(page).to have_content 'Show whitespace changes'
+    end
+  end
+end
diff --git a/spec/features/merge_requests/user_lists_merge_requests_spec.rb b/spec/features/merge_requests/user_lists_merge_requests_spec.rb
new file mode 100644
index 00000000000..2c7e1c748ad
--- /dev/null
+++ b/spec/features/merge_requests/user_lists_merge_requests_spec.rb
@@ -0,0 +1,152 @@
+require 'spec_helper'
+
+describe 'Projects > Merge requests > User lists merge requests', feature: true do
+  include SortingHelper
+
+  let(:project) { create(:project, :public) }
+  let(:user) { create(:user) }
+
+  before do
+    @fix = create(:merge_request,
+                  title: 'fix',
+                  source_project: project,
+                  source_branch: 'fix',
+                  assignee: user,
+                  milestone: create(:milestone, due_date: '2013-12-11'),
+                  created_at: 1.minute.ago,
+                  updated_at: 1.minute.ago)
+    create(:merge_request,
+           title: 'markdown',
+           source_project: project,
+           source_branch: 'markdown',
+           assignee: user,
+           milestone: create(:milestone, due_date: '2013-12-12'),
+           created_at: 2.minutes.ago,
+           updated_at: 2.minutes.ago)
+    create(:merge_request,
+           title: 'lfs',
+           source_project: project,
+           source_branch: 'lfs',
+           created_at: 3.minutes.ago,
+           updated_at: 10.seconds.ago)
+  end
+
+  it 'filters on no assignee' do
+    visit_merge_requests(project, assignee_id: IssuableFinder::NONE)
+
+    expect(current_path).to eq(namespace_project_merge_requests_path(project.namespace, project))
+    expect(page).to have_content 'lfs'
+    expect(page).not_to have_content 'fix'
+    expect(page).not_to have_content 'markdown'
+    expect(count_merge_requests).to eq(1)
+  end
+
+  it 'filters on a specific assignee' do
+    visit_merge_requests(project, assignee_id: user.id)
+
+    expect(page).not_to have_content 'lfs'
+    expect(page).to have_content 'fix'
+    expect(page).to have_content 'markdown'
+    expect(count_merge_requests).to eq(2)
+  end
+
+  it 'sorts by newest' do
+    visit_merge_requests(project, sort: sort_value_recently_created)
+
+    expect(first_merge_request).to include('lfs')
+    expect(last_merge_request).to include('fix')
+    expect(count_merge_requests).to eq(3)
+  end
+
+  it 'sorts by oldest' do
+    visit_merge_requests(project, sort: sort_value_oldest_created)
+
+    expect(first_merge_request).to include('fix')
+    expect(last_merge_request).to include('lfs')
+    expect(count_merge_requests).to eq(3)
+  end
+
+  it 'sorts by last updated' do
+    visit_merge_requests(project, sort: sort_value_recently_updated)
+
+    expect(first_merge_request).to include('lfs')
+    expect(count_merge_requests).to eq(3)
+  end
+
+  it 'sorts by oldest updated' do
+    visit_merge_requests(project, sort: sort_value_oldest_updated)
+
+    expect(first_merge_request).to include('markdown')
+    expect(count_merge_requests).to eq(3)
+  end
+
+  it 'sorts by milestone due soon' do
+    visit_merge_requests(project, sort: sort_value_milestone_soon)
+
+    expect(first_merge_request).to include('fix')
+    expect(count_merge_requests).to eq(3)
+  end
+
+  it 'sorts by milestone due later' do
+    visit_merge_requests(project, sort: sort_value_milestone_later)
+
+    expect(first_merge_request).to include('markdown')
+    expect(count_merge_requests).to eq(3)
+  end
+
+  it 'filters on one label and sorts by due soon' do
+    label = create(:label, project: project)
+    create(:label_link, label: label, target: @fix)
+
+    visit_merge_requests(project, label_name: [label.name],
+                                  sort: sort_value_due_date_soon)
+
+    expect(first_merge_request).to include('fix')
+    expect(count_merge_requests).to eq(1)
+  end
+
+  context 'while filtering on two labels' do
+    let(:label) { create(:label, project: project) }
+    let(:label2) { create(:label, project: project) }
+
+    before do
+      create(:label_link, label: label, target: @fix)
+      create(:label_link, label: label2, target: @fix)
+    end
+
+    it 'sorts by due soon' do
+      visit_merge_requests(project, label_name: [label.name, label2.name],
+                                    sort: sort_value_due_date_soon)
+
+      expect(first_merge_request).to include('fix')
+      expect(count_merge_requests).to eq(1)
+    end
+
+    context 'filter on assignee and' do
+      it 'sorts by due soon' do
+        visit_merge_requests(project, label_name: [label.name, label2.name],
+                                      assignee_id: user.id,
+                                      sort: sort_value_due_date_soon)
+
+        expect(first_merge_request).to include('fix')
+        expect(count_merge_requests).to eq(1)
+      end
+    end
+  end
+
+  def visit_merge_requests(project, opts = {})
+    visit namespace_project_merge_requests_path(project.namespace, project, opts)
+  end
+
+  def first_merge_request
+    page.all('ul.mr-list > li').first.text
+  end
+
+  def last_merge_request
+    page.all('ul.mr-list > li').last.text
+  end
+
+  def count_merge_requests
+    page.all('ul.mr-list > li').count
+  end
+end
diff --git a/spec/features/milestone_spec.rb b/spec/features/milestone_spec.rb
new file mode 100644
index 00000000000..c2c7acff3e8
--- /dev/null
+++ b/spec/features/milestone_spec.rb
@@ -0,0 +1,35 @@
+require 'rails_helper'
+
+feature 'Milestone', feature: true do
+  include WaitForAjax
+
+  let(:project) { create(:project, :public) }
+  let(:user)   { create(:user) }
+  let(:milestone) { create(:milestone, project: project, title: 8.7) }
+
+  before do
+    project.team << [user, :master]
+    login_as(user)
+  end
+
+  feature 'Create a milestone' do
+    scenario 'should show an informative message for a new issue' do
+      visit new_namespace_project_milestone_path(project.namespace, project)
+      page.within '.milestone-form' do
+        fill_in "milestone_title", with: '8.7'
+      end
+      find('input[name="commit"]').click
+
+      expect(find('.alert-success')).to have_content('Assign some issues to this milestone.')
+    end
+  end
+
+  feature 'Open a milestone with closed issues' do
+    scenario 'should show an informative message' do
+      create(:issue, title: "Bugfix1", project: project, milestone: milestone, state: "closed")
+      visit namespace_project_milestone_path(project.namespace, project, milestone)
+
+      expect(find('.alert-success')).to have_content('All issues for this milestone are closed. You may close this milestone now.')
+    end
+  end
+end
diff --git a/spec/features/notes_on_merge_requests_spec.rb b/spec/features/notes_on_merge_requests_spec.rb
index 389812ff7e1..9e9fec01943 100644
--- a/spec/features/notes_on_merge_requests_spec.rb
+++ b/spec/features/notes_on_merge_requests_spec.rb
@@ -192,7 +192,7 @@ describe 'Comments', feature: true do
         end
 
         it 'should be removed when canceled' do
-          page.within(".diff-file form[id$='#{line_code}']") do
+          page.within(".diff-file form[id$='#{line_code}-true']") do
             find('.js-close-discussion-note-form').trigger('click')
           end
 
diff --git a/spec/features/project/shortcuts_spec.rb b/spec/features/project/shortcuts_spec.rb
new file mode 100644
index 00000000000..2595c4181e5
--- /dev/null
+++ b/spec/features/project/shortcuts_spec.rb
@@ -0,0 +1,21 @@
+require 'spec_helper'
+
+feature 'Project shortcuts', feature: true do
+  let(:project) { create(:project) }
+  let(:user) { create(:user) }
+
+  describe 'On a project', js: true do
+    before do
+      project.team << [user, :master]
+      login_as user
+      visit namespace_project_path(project.namespace, project)
+    end
+
+    describe 'pressing "i"' do
+      it 'redirects to new issue page' do
+        find('body').native.send_key('i')
+        expect(page).to have_content('New Issue')
+      end
+    end
+  end
+end
diff --git a/spec/features/projects/commit/builds_spec.rb b/spec/features/projects/commit/builds_spec.rb
new file mode 100644
index 00000000000..40ba0bdc115
--- /dev/null
+++ b/spec/features/projects/commit/builds_spec.rb
@@ -0,0 +1,27 @@
+require 'spec_helper'
+
+feature 'project commit builds' do
+  given(:project) { create(:project) }
+
+  background do
+    user = create(:user)
+    project.team << [user, :master]
+    login_as(user)
+  end
+
+  context 'when no builds triggered yet' do
+    background do
+      create(:ci_commit, project: project,
+                         sha: project.commit.sha,
+                         ref: 'master')
+    end
+
+    scenario 'user views commit builds page' do
+      visit builds_namespace_project_commit_path(project.namespace,
+                                                 project, project.commit.sha)
+
+
+      expect(page).to have_content('Builds')
+    end
+  end
+end
diff --git a/spec/features/projects/developer_views_empty_project_instructions_spec.rb b/spec/features/projects/developer_views_empty_project_instructions_spec.rb
new file mode 100644
index 00000000000..0c51fe72ca4
--- /dev/null
+++ b/spec/features/projects/developer_views_empty_project_instructions_spec.rb
@@ -0,0 +1,63 @@
+require 'rails_helper'
+
+feature 'Developer views empty project instructions', feature: true do
+  let(:project) { create(:empty_project, :empty_repo) }
+  let(:developer) { create(:user) }
+
+  background do
+    project.team << [developer, :developer]
+
+    login_as(developer)
+  end
+
+  context 'without an SSH key' do
+    scenario 'defaults to HTTP' do
+      visit_project
+
+      expect_instructions_for('http')
+    end
+
+    scenario 'switches to SSH', js: true do
+      visit_project
+
+      select_protocol('SSH')
+
+      expect_instructions_for('ssh')
+    end
+  end
+
+  context 'with an SSH key' do
+    background do
+      create(:personal_key, user: developer)
+    end
+
+    scenario 'defaults to SSH' do
+      visit_project
+
+      expect_instructions_for('ssh')
+    end
+
+    scenario 'switches to HTTP', js: true do
+      visit_project
+
+      select_protocol('HTTP')
+
+      expect_instructions_for('http')
+    end
+  end
+
+  def visit_project
+    visit namespace_project_path(project.namespace, project)
+  end
+
+  def select_protocol(protocol)
+    find('#clone-dropdown').click
+    find(".#{protocol.downcase}-selector").click
+  end
+
+  def expect_instructions_for(protocol)
+    msg = :"#{protocol.downcase}_url_to_repo"
+
+    expect(page).to have_content("git clone #{project.send(msg)}")
+  end
+end
diff --git a/spec/features/projects/wiki/user_creates_wiki_page_spec.rb b/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
new file mode 100644
index 00000000000..7e6eef65873
--- /dev/null
+++ b/spec/features/projects/wiki/user_creates_wiki_page_spec.rb
@@ -0,0 +1,83 @@
+require 'spec_helper'
+
+feature 'Projects > Wiki > User creates wiki page', feature: true do
+  let(:user) { create(:user) }
+
+  background do
+    project.team << [user, :master]
+    login_as(user)
+
+    visit namespace_project_path(project.namespace, project)
+    click_link 'Wiki'
+  end
+
+  context 'in the user namespace' do
+    let(:project) { create(:project, namespace: user.namespace) }
+
+    context 'when wiki is empty' do
+      scenario 'directly from the wiki home page' do
+        fill_in :wiki_content, with: 'My awesome wiki!'
+        click_button 'Create page'
+
+        expect(page).to have_content('Home')
+        expect(page).to have_content("last edited by #{user.name}")
+        expect(page).to have_content('My awesome wiki!')
+      end
+    end
+
+    context 'when wiki is not empty' do
+      before do
+        WikiPages::CreateService.new(project, user, title: 'home', content: 'Home page').execute
+      end
+
+      scenario 'via the "new wiki page" page', js: true do
+        click_link 'New Page'
+
+        fill_in :new_wiki_path, with: 'foo'
+        click_button 'Create Page'
+
+        fill_in :wiki_content, with: 'My awesome wiki!'
+        click_button 'Create page'
+
+        expect(page).to have_content('Foo')
+        expect(page).to have_content("last edited by #{user.name}")
+        expect(page).to have_content('My awesome wiki!')
+      end
+    end
+  end
+
+  context 'in a group namespace' do
+    let(:project) { create(:project, namespace: create(:group, :public)) }
+
+    context 'when wiki is empty' do
+      scenario 'directly from the wiki home page' do
+        fill_in :wiki_content, with: 'My awesome wiki!'
+        click_button 'Create page'
+
+        expect(page).to have_content('Home')
+        expect(page).to have_content("last edited by #{user.name}")
+        expect(page).to have_content('My awesome wiki!')
+      end
+    end
+
+    context 'when wiki is not empty' do
+      before do
+        WikiPages::CreateService.new(project, user, title: 'home', content: 'Home page').execute
+      end
+
+      scenario 'via the "new wiki page" page', js: true do
+        click_link 'New Page'
+
+        fill_in :new_wiki_path, with: 'foo'
+        click_button 'Create Page'
+
+        fill_in :wiki_content, with: 'My awesome wiki!'
+        click_button 'Create page'
+
+        expect(page).to have_content('Foo')
+        expect(page).to have_content("last edited by #{user.name}")
+        expect(page).to have_content('My awesome wiki!')
+      end
+    end
+  end
+end
diff --git a/spec/features/projects/wiki/user_updates_wiki_page_spec.rb b/spec/features/projects/wiki/user_updates_wiki_page_spec.rb
new file mode 100644
index 00000000000..ef82d2375dd
--- /dev/null
+++ b/spec/features/projects/wiki/user_updates_wiki_page_spec.rb
@@ -0,0 +1,44 @@
+require 'spec_helper'
+
+feature 'Projects > Wiki > User updates wiki page', feature: true do
+  let(:user) { create(:user) }
+
+  background do
+    project.team << [user, :master]
+    login_as(user)
+
+    visit namespace_project_path(project.namespace, project)
+    WikiPages::CreateService.new(project, user, title: 'home', content: 'Home page').execute
+    click_link 'Wiki'
+  end
+
+  context 'in the user namespace' do
+    let(:project) { create(:project, namespace: user.namespace) }
+
+    scenario 'the home page' do
+      click_link 'Edit'
+
+      fill_in :wiki_content, with: 'My awesome wiki!'
+      click_button 'Save changes'
+
+      expect(page).to have_content('Home')
+      expect(page).to have_content("last edited by #{user.name}")
+      expect(page).to have_content('My awesome wiki!')
+    end
+  end
+
+  context 'in a group namespace' do
+    let(:project) { create(:project, namespace: create(:group, :public)) }
+
+    scenario 'the home page' do
+      click_link 'Edit'
+
+      fill_in :wiki_content, with: 'My awesome wiki!'
+      click_button 'Save changes'
+
+      expect(page).to have_content('Home')
+      expect(page).to have_content("last edited by #{user.name}")
+      expect(page).to have_content('My awesome wiki!')
+    end
+  end
+end
diff --git a/spec/features/projects_spec.rb b/spec/features/projects_spec.rb
index 782c0bfe666..9dd0378d165 100644
--- a/spec/features/projects_spec.rb
+++ b/spec/features/projects_spec.rb
@@ -104,6 +104,33 @@ feature 'Project', feature: true do
     end
   end
 
+  describe 'project title' do
+    let(:user)    { create(:user) }
+    let(:project) { create(:project, namespace: user.namespace) }
+    let(:project2) { create(:project, namespace: user.namespace, path: 'test') }
+    let(:issue) { create(:issue, project: project) }
+
+    context 'on issues page', js: true do
+      before do
+        login_with(user)
+        project.team.add_user(user, Gitlab::Access::MASTER)
+        project2.team.add_user(user, Gitlab::Access::MASTER)
+        visit namespace_project_issue_path(project.namespace, project, issue)
+      end
+
+      it 'click toggle and show dropdown' do
+        find('.js-projects-dropdown-toggle').click
+        expect(page).to have_css('.dropdown-menu-projects .dropdown-content li', count: 2)
+
+        page.within '.dropdown-menu-projects' do
+          click_link project.name_with_namespace
+        end
+
+        expect(page).to have_content project.name
+      end
+    end
+  end
+
   def remove_with_confirm(button_text, confirm_with)
     click_button button_text
     fill_in 'confirm_name_input', with: confirm_with
diff --git a/spec/features/signup_spec.rb b/spec/features/signup_spec.rb
index 51b754ff85c..4229e82b443 100644
--- a/spec/features/signup_spec.rb
+++ b/spec/features/signup_spec.rb
@@ -2,20 +2,45 @@ require 'spec_helper'
 
 feature 'Signup', feature: true do
   describe 'signup with no errors' do
-    it 'creates the user account and sends a confirmation email' do
-      user = build(:user)
 
-      visit root_path
+    context "when sending confirmation email" do
+      before { allow_any_instance_of(ApplicationSetting).to receive(:send_user_confirmation_email).and_return(true) }
 
-      fill_in 'user_name',                with: user.name
-      fill_in 'user_username',            with: user.username
-      fill_in 'user_email',               with: user.email
-      fill_in 'user_password_sign_up',    with: user.password
-      click_button "Sign up"
+      it 'creates the user account and sends a confirmation email' do
+        user = build(:user)
+
+        visit root_path
+
+        fill_in 'new_user_name',     with: user.name
+        fill_in 'new_user_username', with: user.username
+        fill_in 'new_user_email',    with: user.email
+        fill_in 'new_user_password', with: user.password
+        click_button "Sign up"
+
+        expect(current_path).to eq users_almost_there_path
+        expect(page).to have_content("Please check your email to confirm your account")
+      end
+    end
+
+    context "when not sending confirmation email" do
+      before { allow_any_instance_of(ApplicationSetting).to receive(:send_user_confirmation_email).and_return(false) }
+
+      it 'creates the user account and goes to dashboard' do
+        user = build(:user)
 
-      expect(current_path).to eq users_almost_there_path
-      expect(page).to have_content("Please check your email to confirm your account")
+        visit root_path
+
+        fill_in 'new_user_name',     with: user.name
+        fill_in 'new_user_username', with: user.username
+        fill_in 'new_user_email',    with: user.email
+        fill_in 'new_user_password', with: user.password
+        click_button "Sign up"
+
+        expect(current_path).to eq dashboard_projects_path
+        expect(page).to have_content("Welcome! You have signed up successfully.")
+      end
     end
+
   end
 
   describe 'signup with errors' do
@@ -25,10 +50,10 @@ feature 'Signup', feature: true do
 
       visit root_path
 
-      fill_in 'user_name',                with: user.name
-      fill_in 'user_username',            with: user.username
-      fill_in 'user_email',               with: existing_user.email
-      fill_in 'user_password_sign_up',    with: user.password
+      fill_in 'new_user_name',     with: user.name
+      fill_in 'new_user_username', with: user.username
+      fill_in 'new_user_email',    with: existing_user.email
+      fill_in 'new_user_password', with: user.password
       click_button "Sign up"
 
       expect(current_path).to eq user_registration_path
@@ -42,10 +67,10 @@ feature 'Signup', feature: true do
 
       visit root_path
 
-      fill_in 'user_name',                with: user.name
-      fill_in 'user_username',            with: user.username
-      fill_in 'user_email',               with: existing_user.email
-      fill_in 'user_password_sign_up',    with: user.password
+      fill_in 'new_user_name',     with: user.name
+      fill_in 'new_user_username', with: user.username
+      fill_in 'new_user_email',    with: existing_user.email
+      fill_in 'new_user_password', with: user.password
       click_button "Sign up"
 
       expect(current_path).to eq user_registration_path
diff --git a/spec/features/tags/master_creates_tag_spec.rb b/spec/features/tags/master_creates_tag_spec.rb
new file mode 100644
index 00000000000..08a97085a9c
--- /dev/null
+++ b/spec/features/tags/master_creates_tag_spec.rb
@@ -0,0 +1,62 @@
+require 'spec_helper'
+
+feature 'Master creates tag', feature: true do
+  let(:user) { create(:user) }
+  let(:project) { create(:project, namespace: user.namespace) }
+
+  before do
+    project.team << [user, :master]
+    login_with(user)
+    visit namespace_project_tags_path(project.namespace, project)
+  end
+
+  scenario 'with an invalid name displays an error' do
+    create_tag_in_form(tag: 'v 1.0', ref: 'master')
+
+    expect(page).to have_content 'Tag name invalid'
+  end
+
+  scenario 'with an invalid reference displays an error' do
+    create_tag_in_form(tag: 'v2.0', ref: 'foo')
+
+    expect(page).to have_content 'Target foo is invalid'
+  end
+
+  scenario 'that already exists displays an error' do
+    create_tag_in_form(tag: 'v1.1.0', ref: 'master')
+
+    expect(page).to have_content 'Tag v1.1.0 already exists'
+  end
+
+  scenario 'with multiline message displays the message in a <pre> block' do
+    create_tag_in_form(tag: 'v3.0', ref: 'master', message: "Awesome tag message\n\n- hello\n- world")
+
+    expect(current_path).to eq(
+      namespace_project_tag_path(project.namespace, project, 'v3.0'))
+    expect(page).to have_content 'v3.0'
+    page.within 'pre.body' do
+      expect(page).to have_content "Awesome tag message\n\n- hello\n- world"
+    end
+  end
+
+  scenario 'with multiline release notes parses the release note as Markdown' do
+    create_tag_in_form(tag: 'v4.0', ref: 'master', desc: "Awesome release notes\n\n- hello\n- world")
+
+    expect(current_path).to eq(
+      namespace_project_tag_path(project.namespace, project, 'v4.0'))
+    expect(page).to have_content 'v4.0'
+    page.within '.description' do
+      expect(page).to have_content 'Awesome release notes'
+      expect(page).to have_selector('ul li', count: 2)
+    end
+  end
+
+  def create_tag_in_form(tag:, ref:, message: nil, desc: nil)
+    click_link 'New tag'
+    fill_in 'tag_name', with: tag
+    fill_in 'ref', with: ref
+    fill_in 'message', with: message unless message.nil?
+    fill_in 'release_description', with: desc unless desc.nil?
+    click_button 'Create tag'
+  end
+end
diff --git a/spec/features/tags/master_deletes_tag_spec.rb b/spec/features/tags/master_deletes_tag_spec.rb
new file mode 100644
index 00000000000..f0990118e3c
--- /dev/null
+++ b/spec/features/tags/master_deletes_tag_spec.rb
@@ -0,0 +1,41 @@
+require 'spec_helper'
+
+feature 'Master deletes tag', feature: true do
+  let(:user) { create(:user) }
+  let(:project) { create(:project, namespace: user.namespace) }
+
+  before do
+    project.team << [user, :master]
+    login_with(user)
+    visit namespace_project_tags_path(project.namespace, project)
+  end
+
+  context 'from the tags list page' do
+    scenario 'deletes the tag' do
+      expect(page).to have_content 'v1.1.0'
+
+      page.within('.content') do
+        first('.btn-remove').click
+      end
+
+      expect(current_path).to eq(
+        namespace_project_tags_path(project.namespace, project))
+      expect(page).not_to have_content 'v1.1.0'
+    end
+
+  end
+
+  context 'from a specific tag page' do
+    scenario 'deletes the tag' do
+      click_on 'v1.0.0'
+      expect(current_path).to eq(
+        namespace_project_tag_path(project.namespace, project, 'v1.0.0'))
+
+      click_on 'Delete tag'
+
+      expect(current_path).to eq(
+        namespace_project_tags_path(project.namespace, project))
+      expect(page).not_to have_content 'v1.0.0'
+    end
+  end
+end
diff --git a/spec/features/tags/master_updates_tag_spec.rb b/spec/features/tags/master_updates_tag_spec.rb
new file mode 100644
index 00000000000..c926e9841f3
--- /dev/null
+++ b/spec/features/tags/master_updates_tag_spec.rb
@@ -0,0 +1,42 @@
+require 'spec_helper'
+
+feature 'Master updates tag', feature: true do
+  let(:user) { create(:user) }
+  let(:project) { create(:project, namespace: user.namespace) }
+
+  before do
+    project.team << [user, :master]
+    login_with(user)
+    visit namespace_project_tags_path(project.namespace, project)
+  end
+
+  context 'from the tags list page' do
+    scenario 'updates the release notes' do
+      page.within(first('.controls')) do
+        click_link 'Edit release notes'
+      end
+
+      fill_in 'release_description', with: 'Awesome release notes'
+      click_button 'Save changes'
+
+      expect(current_path).to eq(
+        namespace_project_tag_path(project.namespace, project, 'v1.1.0'))
+      expect(page).to have_content 'v1.1.0'
+      expect(page).to have_content 'Awesome release notes'
+    end
+  end
+
+  context 'from a specific tag page' do
+    scenario 'updates the release notes' do
+      click_on 'v1.1.0'
+      click_link 'Edit release notes'
+      fill_in 'release_description', with: 'Awesome release notes'
+      click_button 'Save changes'
+
+      expect(current_path).to eq(
+        namespace_project_tag_path(project.namespace, project, 'v1.1.0'))
+      expect(page).to have_content 'v1.1.0'
+      expect(page).to have_content 'Awesome release notes'
+    end
+  end
+end
diff --git a/spec/features/tags/master_views_tags_spec.rb b/spec/features/tags/master_views_tags_spec.rb
new file mode 100644
index 00000000000..29d2c244720
--- /dev/null
+++ b/spec/features/tags/master_views_tags_spec.rb
@@ -0,0 +1,73 @@
+require 'spec_helper'
+
+feature 'Master views tags', feature: true do
+  let(:user) { create(:user) }
+
+  before do
+    project.team << [user, :master]
+    login_with(user)
+  end
+
+  context 'when project has no tags' do
+    let(:project) { create(:project_empty_repo) }
+    before do
+      visit namespace_project_path(project.namespace, project)
+      click_on 'README'
+      fill_in :commit_message, with: 'Add a README file', visible: true
+      # Remove pre-receive hook so we can push without auth
+      FileUtils.rm_f(File.join(project.repository.path, 'hooks', 'pre-receive'))
+      click_button 'Commit Changes'
+      visit namespace_project_tags_path(project.namespace, project)
+    end
+
+    scenario 'displays a specific message' do
+      expect(page).to have_content 'Repository has no tags yet.'
+    end
+  end
+
+  context 'when project has tags' do
+    let(:project) { create(:project, namespace: user.namespace) }
+    before do
+      visit namespace_project_tags_path(project.namespace, project)
+    end
+
+    scenario 'views the tags list page' do
+      expect(page).to have_content 'v1.0.0'
+    end
+
+    scenario 'views a specific tag page' do
+      click_on 'v1.0.0'
+
+      expect(current_path).to eq(
+        namespace_project_tag_path(project.namespace, project, 'v1.0.0'))
+      expect(page).to have_content 'v1.0.0'
+      expect(page).to have_content 'This tag has no release notes.'
+    end
+
+    describe 'links on the tag page' do
+      scenario 'has a button to browse files' do
+        click_on 'v1.0.0'
+
+        expect(current_path).to eq(
+          namespace_project_tag_path(project.namespace, project, 'v1.0.0'))
+
+        click_on 'Browse files'
+
+        expect(current_path).to eq(
+          namespace_project_tree_path(project.namespace, project, 'v1.0.0'))
+      end
+
+      scenario 'has a button to browse commits' do
+        click_on 'v1.0.0'
+
+        expect(current_path).to eq(
+          namespace_project_tag_path(project.namespace, project, 'v1.0.0'))
+
+        click_on 'Browse commits'
+
+        expect(current_path).to eq(
+          namespace_project_commits_path(project.namespace, project, 'v1.0.0'))
+      end
+    end
+  end
+end
diff --git a/spec/features/todos/todos_spec.rb b/spec/features/todos/todos_spec.rb
index 248e004ba6e..3354f529295 100644
--- a/spec/features/todos/todos_spec.rb
+++ b/spec/features/todos/todos_spec.rb
@@ -68,12 +68,12 @@ describe 'Dashboard Todos', feature: true do
       describe 'completing last todo from last page', js: true do
         it 'redirects to the previous page' do
           visit dashboard_todos_path(page: 2)
-          expect(page).to have_content(Todo.first.body)
+          expect(page).to have_css("#todo_#{Todo.last.id}")
 
           click_link('Done')
 
           expect(current_path).to eq dashboard_todos_path
-          expect(page).to have_content(Todo.last.body)
+          expect(page).to have_css("#todo_#{Todo.first.id}")
         end
       end
     end
diff --git a/spec/features/users_spec.rb b/spec/features/users_spec.rb
index c1248162031..cf116040394 100644
--- a/spec/features/users_spec.rb
+++ b/spec/features/users_spec.rb
@@ -5,10 +5,10 @@ feature 'Users', feature: true do
 
   scenario 'GET /users/sign_in creates a new user account' do
     visit new_user_session_path
-    fill_in 'user_name', with: 'Name Surname'
-    fill_in 'user_username', with: 'Great'
-    fill_in 'user_email', with: 'name@mail.com'
-    fill_in 'user_password_sign_up', with: 'password1234'
+    fill_in 'new_user_name',     with: 'Name Surname'
+    fill_in 'new_user_username', with: 'Great'
+    fill_in 'new_user_email',    with: 'name@mail.com'
+    fill_in 'new_user_password', with: 'password1234'
     expect { click_button 'Sign up' }.to change { User.count }.by(1)
   end
 
@@ -31,10 +31,10 @@ feature 'Users', feature: true do
 
   scenario 'Should show one error if email is already taken' do
     visit new_user_session_path
-    fill_in 'user_name', with: 'Another user name'
-    fill_in 'user_username', with: 'anotheruser'
-    fill_in 'user_email', with: user.email
-    fill_in 'user_password_sign_up', with: '12341234'
+    fill_in 'new_user_name',     with: 'Another user name'
+    fill_in 'new_user_username', with: 'anotheruser'
+    fill_in 'new_user_email',    with: user.email
+    fill_in 'new_user_password', with: '12341234'
     expect { click_button 'Sign up' }.to change { User.count }.by(0)
     expect(page).to have_text('Email has already been taken')
     expect(number_of_errors_on_page(page)).to be(1), 'errors on page:\n #{errors_on_page page}'
diff --git a/spec/finders/issues_finder_spec.rb b/spec/finders/issues_finder_spec.rb
index bc607a29751..ec8809e6926 100644
--- a/spec/finders/issues_finder_spec.rb
+++ b/spec/finders/issues_finder_spec.rb
@@ -1,10 +1,10 @@
 require 'spec_helper'
 
 describe IssuesFinder do
-  let(:user) { create :user }
-  let(:user2) { create :user }
-  let(:project1) { create(:project) }
-  let(:project2) { create(:project) }
+  let(:user) { create(:user) }
+  let(:user2) { create(:user) }
+  let(:project1) { create(:empty_project) }
+  let(:project2) { create(:empty_project) }
   let(:milestone) { create(:milestone, project: project1) }
   let(:label) { create(:label, project: project2) }
   let(:issue1) { create(:issue, author: user, assignee: user, project: project1, milestone: milestone) }
@@ -16,101 +16,147 @@ describe IssuesFinder do
     project1.team << [user, :master]
     project2.team << [user, :developer]
     project2.team << [user2, :developer]
+
+    issue1
+    issue2
+    issue3
   end
 
-  describe :execute do
-    before :each do
-      issue1
-      issue2
-      issue3
-    end
+  describe '#execute' do
+    let(:search_user) { user }
+    let(:params) { {} }
+    let(:issues) { IssuesFinder.new(search_user, params.merge(scope: scope, state: 'opened')).execute }
 
     context 'scope: all' do
-      it 'should filter by all' do
-        params = { scope: "all", state: 'opened' }
-        issues = IssuesFinder.new(user, params).execute
-        expect(issues.size).to eq(3)
+      let(:scope) { 'all' }
+
+      it 'returns all issues' do
+        expect(issues).to contain_exactly(issue1, issue2, issue3)
       end
 
-      it 'should filter by assignee id' do
-        params = { scope: "all", assignee_id: user.id, state: 'opened' }
-        issues = IssuesFinder.new(user, params).execute
-        expect(issues.size).to eq(2)
+      context 'filtering by assignee ID' do
+        let(:params) { { assignee_id: user.id } }
+
+        it 'returns issues assigned to that user' do
+          expect(issues).to contain_exactly(issue1, issue2)
+        end
       end
 
-      it 'should filter by author id' do
-        params = { scope: "all", author_id: user2.id, state: 'opened' }
-        issues = IssuesFinder.new(user, params).execute
-        expect(issues).to eq([issue3])
+      context 'filtering by author ID' do
+        let(:params) { { author_id: user2.id } }
+
+        it 'returns issues created by that user' do
+          expect(issues).to contain_exactly(issue3)
+        end
       end
 
-      it 'should filter by milestone id' do
-        params = { scope: "all", milestone_title: milestone.title, state: 'opened' }
-        issues = IssuesFinder.new(user, params).execute
-        expect(issues).to eq([issue1])
+      context 'filtering by milestone' do
+        let(:params) { { milestone_title: milestone.title } }
+
+        it 'returns issues assigned to that milestone' do
+          expect(issues).to contain_exactly(issue1)
+        end
       end
 
-      it 'should filter by no milestone id' do
-        params = { scope: "all", milestone_title: Milestone::None.title, state: 'opened' }
-        issues = IssuesFinder.new(user, params).execute
-        expect(issues).to match_array([issue2, issue3])
+      context 'filtering by no milestone' do
+        let(:params) { { milestone_title: Milestone::None.title } }
+
+        it 'returns issues with no milestone' do
+          expect(issues).to contain_exactly(issue2, issue3)
+        end
       end
 
-      it 'should filter by label name' do
-        params = { scope: "all", label_name: label.title, state: 'opened' }
-        issues = IssuesFinder.new(user, params).execute
-        expect(issues).to eq([issue2])
+      context 'filtering by upcoming milestone' do
+        let(:params) { { milestone_title: Milestone::Upcoming.name } }
+
+        let(:project_no_upcoming_milestones) { create(:empty_project, :public) }
+        let(:project_next_1_1) { create(:empty_project, :public) }
+        let(:project_next_8_8) { create(:empty_project, :public) }
+
+        let(:yesterday) { Date.today - 1.day }
+        let(:tomorrow) { Date.today + 1.day }
+        let(:two_days_from_now) { Date.today + 2.days }
+        let(:ten_days_from_now) { Date.today + 10.days }
+
+        let(:milestones) do
+          [
+            create(:milestone, :closed, project: project_no_upcoming_milestones),
+            create(:milestone, project: project_next_1_1, title: '1.1', due_date: two_days_from_now),
+            create(:milestone, project: project_next_1_1, title: '8.8', due_date: ten_days_from_now),
+            create(:milestone, project: project_next_8_8, title: '1.1', due_date: yesterday),
+            create(:milestone, project: project_next_8_8, title: '8.8', due_date: tomorrow)
+          ]
+        end
+
+        before do
+          milestones.each do |milestone|
+            create(:issue, project: milestone.project, milestone: milestone, author: user, assignee: user)
+          end
+        end
+
+        it 'returns issues in the upcoming milestone for each project' do
+          expect(issues.map { |issue| issue.milestone.title }).to contain_exactly('1.1', '8.8')
+          expect(issues.map { |issue| issue.milestone.due_date }).to contain_exactly(tomorrow, two_days_from_now)
+        end
       end
 
-      it 'returns unique issues when filtering by multiple labels' do
-        label2 = create(:label, project: project2)
+      context 'filtering by label' do
+        let(:params) { { label_name: label.title } }
 
-        create(:label_link, label: label2, target: issue2)
+        it 'returns issues with that label' do
+          expect(issues).to contain_exactly(issue2)
+        end
+      end
 
-        params = {
-          scope:      'all',
-          label_name: [label.title, label2.title].join(','),
-          state:      'opened'
-        }
+      context 'filtering by multiple labels' do
+        let(:params) { { label_name: [label.title, label2.title].join(',') } }
+        let(:label2) { create(:label, project: project2) }
 
-        issues = IssuesFinder.new(user, params).execute
+        before { create(:label_link, label: label2, target: issue2) }
 
-        expect(issues).to eq([issue2])
+        it 'returns the unique issues with any of those labels' do
+          expect(issues).to contain_exactly(issue2)
+        end
       end
 
-      it 'should filter by no label name' do
-        params = { scope: "all", label_name: Label::None.title, state: 'opened' }
-        issues = IssuesFinder.new(user, params).execute
-        expect(issues).to match_array([issue1, issue3])
+      context 'filtering by no label' do
+        let(:params) { { label_name: Label::None.title } }
+
+        it 'returns issues with no labels' do
+          expect(issues).to contain_exactly(issue1, issue3)
+        end
       end
 
-      it 'should be empty for unauthorized user' do
-        params = { scope: "all", state: 'opened' }
-        issues = IssuesFinder.new(nil, params).execute
-        expect(issues.size).to be_zero
+      context 'when the user is unauthorized' do
+        let(:search_user) { nil }
+
+        it 'returns no results' do
+          expect(issues).to be_empty
+        end
       end
 
-      it 'should not include unauthorized issues' do
-        params = { scope: "all", state: 'opened' }
-        issues = IssuesFinder.new(user2, params).execute
-        expect(issues.size).to eq(2)
-        expect(issues).not_to include(issue1)
-        expect(issues).to include(issue2)
-        expect(issues).to include(issue3)
+      context 'when the user can see some, but not all, issues' do
+        let(:search_user) { user2 }
+
+        it 'returns only issues they can see' do
+          expect(issues).to contain_exactly(issue2, issue3)
+        end
       end
     end
 
     context 'personal scope' do
-      it 'should filter by assignee' do
-        params = { scope: "assigned-to-me", state: 'opened' }
-        issues = IssuesFinder.new(user, params).execute
-        expect(issues.size).to eq(2)
+      let(:scope) { 'assigned-to-me' }
+
+      it 'returns issue assigned to the user' do
+        expect(issues).to contain_exactly(issue1, issue2)
       end
 
-      it 'should filter by project' do
-        params = { scope: "assigned-to-me", state: 'opened', project_id: project1.id }
-        issues = IssuesFinder.new(user, params).execute
-        expect(issues.size).to eq(1)
+      context 'filtering by project' do
+        let(:params) { { project_id: project1.id } }
+
+        it 'returns issues assigned to the user in that project' do
+          expect(issues).to contain_exactly(issue1)
+        end
       end
     end
   end
diff --git a/spec/fixtures/container_registry/config_blob.json b/spec/fixtures/container_registry/config_blob.json
new file mode 100644
index 00000000000..1028c994a24
--- /dev/null
+++ b/spec/fixtures/container_registry/config_blob.json
@@ -0,0 +1 @@
+{"architecture":"amd64","config":{"Hostname":"b14cd8298755","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":null,"Cmd":null,"Image":"","Volumes":null,"WorkingDir":"","Entrypoint":null,"OnBuild":null,"Labels":null},"container":"b14cd82987550b01af9a666a2f4c996280a6152e66873134fae5a0f223dc5976","container_config":{"Hostname":"b14cd8298755","Domainname":"","User":"","AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"Tty":false,"OpenStdin":false,"StdinOnce":false,"Env":null,"Cmd":["/bin/sh","-c","#(nop) ADD file:033ab063740d9ff4dcfb1c69eccf25f91d88729f57cd5a73050e014e3e094aa0 in /"],"Image":"","Volumes":null,"WorkingDir":"","Entrypoint":null,"OnBuild":null,"Labels":null},"created":"2016-04-01T20:53:00.160300546Z","docker_version":"1.9.1","history":[{"created":"2016-04-01T20:53:00.160300546Z","created_by":"/bin/sh -c #(nop) ADD file:033ab063740d9ff4dcfb1c69eccf25f91d88729f57cd5a73050e014e3e094aa0 in /"}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:c56b7dabbc7aa730eeab07668bdcbd7e3d40855047ca9a0cc1bfed23a2486111"]}}
diff --git a/spec/fixtures/container_registry/tag_manifest.json b/spec/fixtures/container_registry/tag_manifest.json
new file mode 100644
index 00000000000..1b6008e2872
--- /dev/null
+++ b/spec/fixtures/container_registry/tag_manifest.json
@@ -0,0 +1 @@
+{"schemaVersion":2,"mediaType":"application/vnd.docker.distribution.manifest.v2+json","config":{"mediaType":"application/octet-stream","size":1145,"digest":"sha256:d7a513a663c1a6dcdba9ed832ca53c02ac2af0c333322cd6ca92936d1d9917ac"},"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","size":2319870,"digest":"sha256:420890c9e918b6668faaedd9000e220190f2493b0693ee563ebd7b4cc754a57d"}]}
diff --git a/spec/fixtures/sanitized.svg b/spec/fixtures/sanitized.svg
new file mode 100644
index 00000000000..8f84b8f5e20
--- /dev/null
+++ b/spec/fixtures/sanitized.svg
@@ -0,0 +1,50 @@
+<?xml version="1.0"?>
+<svg xmlns="http://www.w3.org/2000/svg" id="Layer_1" data-name="Layer 1" viewBox="0 0 622 682">
+  
+  <defs>
+    <style>.cls-1{fill:#30353e;}.cls-2{fill:#8c929d;}.cls-3{fill:#fc6d26;}.cls-4{fill:#e24329;}.cls-5{fill:#fca326;}</style>
+  </defs>
+  <title>stacked_wm</title>
+  <path id="bg" class="cls-1" d="M622,681H0V-1H622V681h0Z"/>
+  <g id="g12">
+    <path id="path14" class="cls-2" d="M316.89,497.72h-19l0.06,141.74H375V621.93h-58l-0.06-124.22h0Z"/>
+  </g>
+  <g id="g24">
+    <path id="path26" class="cls-2" d="M448.32,614.57a32.46,32.46,0,0,1-23.59,10c-14.5,0-20.35-7.14-20.35-16.45,0-14.07,9.74-20.77,30.52-20.77a86.46,86.46,0,0,1,13.42,1.08v26.19h0Zm-19.7-85.91a63.45,63.45,0,0,0-40.5,14.53l6.73,11.66c7.79-4.54,17.32-9.09,31-9.09,15.58,0,22.51,8,22.51,21.42v6.93a81.48,81.48,0,0,0-13.2-1.08c-33.33,0-50.22,11.69-50.22,36.14,0,21.86,13.42,32.89,33.76,32.89,13.71,0,26.84-6.28,31.38-16.45l3.46,13.85h13.42V567c0-22.94-10-38.3-38.31-38.3h0Z"/>
+  </g>
+  <g id="g28">
+    <path id="path30" class="cls-2" d="M528.4,625.18c-7.14,0-13.42-.87-18.18-3V556.58c6.49-5.41,14.5-9.31,24.68-9.31,18.4,0,25.54,13,25.54,34,0,29.86-11.47,43.93-32,43.93m8-96.52a34.88,34.88,0,0,0-26.19,11.58V522l-0.06-24.24H491.54L491.6,636c9.31,3.9,22.08,6.06,35.93,6.06,35.5,0,52.6-22.72,52.6-61.89,0-30.95-15.8-51.51-43.73-51.51"/>
+  </g>
+  <g id="g32">
+    <path id="path34" class="cls-2" d="M109.84,513.08c16.88,0,27.7,5.63,34.85,11.25l8.19-14.18c-11.16-9.78-26.16-15-42.17-15-40.47,0-68.83,24.67-68.83,74.44,0,52.15,30.59,72.5,65.58,72.5a111,111,0,0,0,42.21-8.22l-0.4-55.72V560.58H97.32v17.53h33.12l0.4,42.31c-4.33,2.16-11.9,3.9-22.08,3.9-28.14,0-47-17.7-47-55,0-37.87,19.48-56.26,48.05-56.26"/>
+  </g>
+  <g id="g36">
+    <path id="path38" class="cls-2" d="M243.79,497.72H225.17l0.06,23.8v82.23c0,22.94,10,38.3,38.31,38.3A64.16,64.16,0,0,0,275,641V624.31a57,57,0,0,1-8.66.65c-15.58,0-22.51-8-22.51-21.42v-56.7H275V531.26H243.85l-0.06-33.54h0Z"/>
+  </g>
+  <path id="path40" class="cls-2" d="M177.94,639.46h18.61V531.26H177.94v108.2h0Z"/>
+  <path id="path42" class="cls-2" d="M177.94,516.33h18.61V497.72H177.94v18.61h0Z"/>
+  <g id="g44">
+    <path id="path46" class="cls-3" d="M525.05,266.23l-24-74L453.36,45.6a8.19,8.19,0,0,0-15.58,0L390.12,192.24H231.88L184.22,45.6a8.19,8.19,0,0,0-15.58,0L121,192.24l-24,74a16.38,16.38,0,0,0,6,18.31L311,435.71,519.1,284.54a16.38,16.38,0,0,0,6-18.31"/>
+  </g>
+  <g id="g48">
+    <path id="path50" class="cls-4" d="M311,435.71h0l79.12-243.47H231.88L311,435.71h0Z"/>
+  </g>
+  <g id="g56">
+    <path id="path58" class="cls-3" d="M311,435.71L231.88,192.24H121L311,435.71h0Z"/>
+  </g>
+  <g id="g64">
+    <path id="path66" class="cls-5" d="M121,192.24h0l-24,74a16.37,16.37,0,0,0,6,18.31L311,435.7,121,192.24h0Z"/>
+  </g>
+  <g id="g72">
+    <path id="path74" class="cls-4" d="M121,192.24H231.88L184.22,45.6a8.19,8.19,0,0,0-15.58,0L121,192.24h0Z"/>
+  </g>
+  <g id="g76">
+    <path id="path78" class="cls-3" d="M311,435.71l79.12-243.47H501L311,435.71h0Z"/>
+  </g>
+  <g id="g80">
+    <path id="path82" class="cls-5" d="M501,192.24h0l24,74a16.37,16.37,0,0,1-6,18.31L311,435.7,501,192.24h0Z"/>
+  </g>
+  <g id="g84">
+    <path id="path86" class="cls-4" d="M501,192.24H390.12L437.78,45.6a8.19,8.19,0,0,1,15.58,0L501,192.24h0Z"/>
+  </g>
+</svg>
diff --git a/spec/fixtures/unsanitized.svg b/spec/fixtures/unsanitized.svg
new file mode 100644
index 00000000000..3957557334b
--- /dev/null
+++ b/spec/fixtures/unsanitized.svg
@@ -0,0 +1,50 @@
+<?xml version="1.0"?>
+<svg xmlns="http://www.w3.org/2000/svg" id="Layer_1" data-name="Layer 1" viewBox="0 0 622 682" filterMe="test">
+  <iframe src="http://www.google.com"></iframe>
+  <defs>
+    <style>.cls-1{fill:#30353e;}.cls-2{fill:#8c929d;}.cls-3{fill:#fc6d26;}.cls-4{fill:#e24329;}.cls-5{fill:#fca326;}</style>
+  </defs>
+  <title>stacked_wm</title>
+  <path id="bg" class="cls-1" d="M622,681H0V-1H622V681h0Z"/>
+  <g id="g12">
+    <path id="path14" class="cls-2" d="M316.89,497.72h-19l0.06,141.74H375V621.93h-58l-0.06-124.22h0Z"/>
+  </g>
+  <g id="g24">
+    <path id="path26" class="cls-2" d="M448.32,614.57a32.46,32.46,0,0,1-23.59,10c-14.5,0-20.35-7.14-20.35-16.45,0-14.07,9.74-20.77,30.52-20.77a86.46,86.46,0,0,1,13.42,1.08v26.19h0Zm-19.7-85.91a63.45,63.45,0,0,0-40.5,14.53l6.73,11.66c7.79-4.54,17.32-9.09,31-9.09,15.58,0,22.51,8,22.51,21.42v6.93a81.48,81.48,0,0,0-13.2-1.08c-33.33,0-50.22,11.69-50.22,36.14,0,21.86,13.42,32.89,33.76,32.89,13.71,0,26.84-6.28,31.38-16.45l3.46,13.85h13.42V567c0-22.94-10-38.3-38.31-38.3h0Z"/>
+  </g>
+  <g id="g28">
+    <path id="path30" class="cls-2" d="M528.4,625.18c-7.14,0-13.42-.87-18.18-3V556.58c6.49-5.41,14.5-9.31,24.68-9.31,18.4,0,25.54,13,25.54,34,0,29.86-11.47,43.93-32,43.93m8-96.52a34.88,34.88,0,0,0-26.19,11.58V522l-0.06-24.24H491.54L491.6,636c9.31,3.9,22.08,6.06,35.93,6.06,35.5,0,52.6-22.72,52.6-61.89,0-30.95-15.8-51.51-43.73-51.51"/>
+  </g>
+  <g id="g32">
+    <path id="path34" class="cls-2" d="M109.84,513.08c16.88,0,27.7,5.63,34.85,11.25l8.19-14.18c-11.16-9.78-26.16-15-42.17-15-40.47,0-68.83,24.67-68.83,74.44,0,52.15,30.59,72.5,65.58,72.5a111,111,0,0,0,42.21-8.22l-0.4-55.72V560.58H97.32v17.53h33.12l0.4,42.31c-4.33,2.16-11.9,3.9-22.08,3.9-28.14,0-47-17.7-47-55,0-37.87,19.48-56.26,48.05-56.26"/>
+  </g>
+  <g id="g36">
+    <path id="path38" class="cls-2" d="M243.79,497.72H225.17l0.06,23.8v82.23c0,22.94,10,38.3,38.31,38.3A64.16,64.16,0,0,0,275,641V624.31a57,57,0,0,1-8.66.65c-15.58,0-22.51-8-22.51-21.42v-56.7H275V531.26H243.85l-0.06-33.54h0Z"/>
+  </g>
+  <path id="path40" class="cls-2" d="M177.94,639.46h18.61V531.26H177.94v108.2h0Z"/>
+  <path id="path42" class="cls-2" d="M177.94,516.33h18.61V497.72H177.94v18.61h0Z"/>
+  <g id="g44">
+    <path id="path46" class="cls-3" d="M525.05,266.23l-24-74L453.36,45.6a8.19,8.19,0,0,0-15.58,0L390.12,192.24H231.88L184.22,45.6a8.19,8.19,0,0,0-15.58,0L121,192.24l-24,74a16.38,16.38,0,0,0,6,18.31L311,435.71,519.1,284.54a16.38,16.38,0,0,0,6-18.31"/>
+  </g>
+  <g id="g48">
+    <path id="path50" class="cls-4" d="M311,435.71h0l79.12-243.47H231.88L311,435.71h0Z"/>
+  </g>
+  <g id="g56">
+    <path id="path58" class="cls-3" d="M311,435.71L231.88,192.24H121L311,435.71h0Z"/>
+  </g>
+  <g id="g64">
+    <path id="path66" class="cls-5" d="M121,192.24h0l-24,74a16.37,16.37,0,0,0,6,18.31L311,435.7,121,192.24h0Z"/>
+  </g>
+  <g id="g72">
+    <path id="path74" class="cls-4" d="M121,192.24H231.88L184.22,45.6a8.19,8.19,0,0,0-15.58,0L121,192.24h0Z"/>
+  </g>
+  <g id="g76">
+    <path id="path78" class="cls-3" d="M311,435.71l79.12-243.47H501L311,435.71h0Z"/>
+  </g>
+  <g id="g80">
+    <path id="path82" class="cls-5" d="M501,192.24h0l24,74a16.37,16.37,0,0,1-6,18.31L311,435.7,501,192.24h0Z"/>
+  </g>
+  <g id="g84">
+    <path id="path86" class="cls-4" d="M501,192.24H390.12L437.78,45.6a8.19,8.19,0,0,1,15.58,0L501,192.24h0Z"/>
+  </g>
+</svg>
diff --git a/spec/helpers/auth_helper_spec.rb b/spec/helpers/auth_helper_spec.rb
index e47a54fdac5..16fbb5dcecb 100644
--- a/spec/helpers/auth_helper_spec.rb
+++ b/spec/helpers/auth_helper_spec.rb
@@ -2,7 +2,7 @@ require "spec_helper"
 
 describe AuthHelper do
   describe "button_based_providers" do
-    it 'returns all enabled providers' do
+    it 'returns all enabled providers from devise' do
       allow(helper).to receive(:auth_providers) { [:twitter, :github] }
       expect(helper.button_based_providers).to include(*[:twitter, :github])
     end
@@ -17,4 +17,49 @@ describe AuthHelper do
       expect(helper.button_based_providers).to eq([])
     end
   end
+
+  describe 'enabled_button_based_providers' do
+    before do
+      allow(helper).to receive(:auth_providers) { [:twitter, :github] }
+    end
+
+    context 'all providers are enabled to sign in' do
+      it 'returns all the enabled providers from settings' do
+        expect(helper.enabled_button_based_providers).to include('twitter', 'github')
+      end
+    end
+
+    context 'GitHub OAuth sign in is disabled from application setting' do
+      it "doesn't return github as provider" do
+        stub_application_setting(
+          disabled_oauth_sign_in_sources: ['github']
+        )
+
+        expect(helper.enabled_button_based_providers).to include('twitter')
+        expect(helper.enabled_button_based_providers).to_not include('github')
+      end
+    end
+  end
+
+  describe 'button_based_providers_enabled?' do
+    before do
+      allow(helper).to receive(:auth_providers) { [:twitter, :github] }
+    end
+
+    context 'button based providers enabled' do
+      it 'returns true' do
+        expect(helper.button_based_providers_enabled?).to be true
+      end
+    end
+
+    context 'all the button based providers are disabled via application_setting' do
+      it 'returns false' do
+        stub_application_setting(
+          disabled_oauth_sign_in_sources: ['github', 'twitter']
+        )
+
+        expect(helper.button_based_providers_enabled?).to be false
+      end
+    end
+  end
 end
diff --git a/spec/helpers/blob_helper_spec.rb b/spec/helpers/blob_helper_spec.rb
index 87849230dbe..6d1c02db297 100644
--- a/spec/helpers/blob_helper_spec.rb
+++ b/spec/helpers/blob_helper_spec.rb
@@ -67,4 +67,16 @@ describe BlobHelper do
       expect(result).to eq(expected)
     end
   end
+
+  describe "#sanitize_svg" do
+    let(:input_svg_path) { File.join(Rails.root, 'spec', 'fixtures', 'unsanitized.svg') }
+    let(:data) { open(input_svg_path).read }
+    let(:expected_svg_path) { File.join(Rails.root, 'spec', 'fixtures', 'sanitized.svg') }
+    let(:expected) { open(expected_svg_path).read }
+
+    it 'should retain essential elements' do
+      blob = OpenStruct.new(data: data)
+      expect(sanitize_svg(blob).data).to eq(expected)
+    end
+  end
 end
diff --git a/spec/helpers/events_helper_spec.rb b/spec/helpers/events_helper_spec.rb
index e68a5ec29ab..c0d2be98e85 100644
--- a/spec/helpers/events_helper_spec.rb
+++ b/spec/helpers/events_helper_spec.rb
@@ -1,64 +1,65 @@
 require 'spec_helper'
 
 describe EventsHelper do
-  include ApplicationHelper
-  include GitlabMarkdownHelper
+  describe '#event_note' do
+    before do
+      allow(helper).to receive(:current_user).and_return(double)
+    end
 
-  let(:current_user) { create(:user, email: "current@email.com") }
+    it 'should display one line of plain text without alteration' do
+      input = 'A short, plain note'
+      expect(helper.event_note(input)).to match(input)
+      expect(helper.event_note(input)).not_to match(/\.\.\.\z/)
+    end
 
-  it 'should display one line of plain text without alteration' do
-    input = 'A short, plain note'
-    expect(event_note(input)).to match(input)
-    expect(event_note(input)).not_to match(/\.\.\.\z/)
-  end
+    it 'should display inline code' do
+      input = 'A note with `inline code`'
+      expected = 'A note with <code>inline code</code>'
 
-  it 'should display inline code' do
-    input = 'A note with `inline code`'
-    expected = 'A note with <code>inline code</code>'
+      expect(helper.event_note(input)).to match(expected)
+    end
 
-    expect(event_note(input)).to match(expected)
-  end
+    it 'should truncate a note with multiple paragraphs' do
+      input = "Paragraph 1\n\nParagraph 2"
+      expected = 'Paragraph 1...'
 
-  it 'should truncate a note with multiple paragraphs' do
-    input = "Paragraph 1\n\nParagraph 2"
-    expected = 'Paragraph 1...'
+      expect(helper.event_note(input)).to match(expected)
+    end
 
-    expect(event_note(input)).to match(expected)
-  end
+    it 'should display the first line of a code block' do
+      input = "```\nCode block\nwith two lines\n```"
+      expected = %r{<pre.+><code>Code block\.\.\.</code></pre>}
 
-  it 'should display the first line of a code block' do
-    input = "```\nCode block\nwith two lines\n```"
-    expected = %r{<pre.+><code>Code block\.\.\.</code></pre>}
+      expect(helper.event_note(input)).to match(expected)
+    end
 
-    expect(event_note(input)).to match(expected)
-  end
+    it 'should truncate a single long line of text' do
+      text = 'The quick brown fox jumped over the lazy dog twice' # 50 chars
+      input = text * 4
+      expected = (text * 2).sub(/.{3}/, '...')
 
-  it 'should truncate a single long line of text' do
-    text = 'The quick brown fox jumped over the lazy dog twice' # 50 chars
-    input = "#{text}#{text}#{text}#{text}" # 200 chars
-    expected = "#{text}#{text}".sub(/.{3}/, '...')
+      expect(helper.event_note(input)).to match(expected)
+    end
 
-    expect(event_note(input)).to match(expected)
-  end
-
-  it 'should preserve a link href when link text is truncated' do
-    text = 'The quick brown fox jumped over the lazy dog' # 44 chars
-    input = "#{text}#{text}#{text} " # 133 chars
-    link_url = 'http://example.com/foo/bar/baz' # 30 chars
-    input << link_url
-    expected_link_text = 'http://example...</a>'
+    it 'should preserve a link href when link text is truncated' do
+      text = 'The quick brown fox jumped over the lazy dog' # 44 chars
+      input = "#{text}#{text}#{text} " # 133 chars
+      link_url = 'http://example.com/foo/bar/baz' # 30 chars
+      input << link_url
+      expected_link_text = 'http://example...</a>'
 
-    expect(event_note(input)).to match(link_url)
-    expect(event_note(input)).to match(expected_link_text)
-  end
+      expect(helper.event_note(input)).to match(link_url)
+      expect(helper.event_note(input)).to match(expected_link_text)
+    end
 
-  it 'should preserve code color scheme' do
-    input = "```ruby\ndef test\n  'hello world'\nend\n```"
-    expected = '<pre class="code highlight js-syntax-highlight ruby">' \
-      "<code><span class=\"k\">def</span> <span class=\"nf\">test</span>\n" \
-      "  <span class=\"s1\">\'hello world\'</span>\n" \
-      "<span class=\"k\">end</span>" \
-      '</code></pre>'
-    expect(event_note(input)).to eq(expected)
+    it 'should preserve code color scheme' do
+      input = "```ruby\ndef test\n  'hello world'\nend\n```"
+      expected = '<pre class="code highlight js-syntax-highlight ruby">' \
+        "<code><span class=\"k\">def</span> <span class=\"nf\">test</span>\n" \
+        "  <span class=\"s1\">\'hello world\'</span>\n" \
+        "<span class=\"k\">end</span>" \
+        '</code></pre>'
+      expect(helper.event_note(input)).to eq(expected)
+    end
   end
 end
diff --git a/spec/helpers/issues_helper_spec.rb b/spec/helpers/issues_helper_spec.rb
index 543593cf389..bffe2c18b6f 100644
--- a/spec/helpers/issues_helper_spec.rb
+++ b/spec/helpers/issues_helper_spec.rb
@@ -30,6 +30,18 @@ describe IssuesHelper do
       expect(url_for_project_issues).to eq ""
     end
 
+    it 'returns an empty string if project_url is invalid' do
+      expect(project).to receive_message_chain('issues_tracker.project_url') { 'javascript:alert("foo");' }
+
+      expect(url_for_project_issues(project)).to eq ''
+    end
+
+    it 'returns an empty string if project_path is invalid' do
+      expect(project).to receive_message_chain('issues_tracker.project_path') { 'javascript:alert("foo");' }
+
+      expect(url_for_project_issues(project, only_path: true)).to eq ''
+    end
+
     describe "when external tracker was enabled and then config removed" do
       before do
         @project = ext_project
@@ -68,6 +80,18 @@ describe IssuesHelper do
       expect(url_for_issue(issue.iid)).to eq ""
     end
 
+    it 'returns an empty string if issue_url is invalid' do
+      expect(project).to receive_message_chain('issues_tracker.issue_url') { 'javascript:alert("foo");' }
+
+      expect(url_for_issue(issue.iid, project)).to eq ''
+    end
+
+    it 'returns an empty string if issue_path is invalid' do
+      expect(project).to receive_message_chain('issues_tracker.issue_path') { 'javascript:alert("foo");' }
+
+      expect(url_for_issue(issue.iid, project, only_path: true)).to eq ''
+    end
+
     describe "when external tracker was enabled and then config removed" do
       before do
         @project = ext_project
@@ -105,6 +129,18 @@ describe IssuesHelper do
       expect(url_for_new_issue).to eq ""
     end
 
+    it 'returns an empty string if issue_url is invalid' do
+      expect(project).to receive_message_chain('issues_tracker.new_issue_url') { 'javascript:alert("foo");' }
+
+      expect(url_for_new_issue(project)).to eq ''
+    end
+
+    it 'returns an empty string if issue_path is invalid' do
+      expect(project).to receive_message_chain('issues_tracker.new_issue_path') { 'javascript:alert("foo");' }
+
+      expect(url_for_new_issue(project, only_path: true)).to eq ''
+    end
+
     describe "when external tracker was enabled and then config removed" do
       before do
         @project = ext_project
diff --git a/spec/helpers/labels_helper_spec.rb b/spec/helpers/labels_helper_spec.rb
index 39042ff7e91..501f150cfda 100644
--- a/spec/helpers/labels_helper_spec.rb
+++ b/spec/helpers/labels_helper_spec.rb
@@ -11,13 +11,13 @@ describe LabelsHelper do
       end
 
       it 'uses the instance variable' do
-        expect(link_to_label(label)).to match %r{<a href="/#{@project.to_reference}/issues\?label_name=#{label.name}"><span class="[\w\s\-]*has-tooltip".*</span></a>}
+        expect(link_to_label(label)).to match %r{<a href="/#{@project.to_reference}/issues\?label_name%5B%5D=#{label.name}"><span class="[\w\s\-]*has-tooltip".*</span></a>}
       end
     end
 
     context 'without @project set' do
       it "uses the label's project" do
-        expect(link_to_label(label)).to match %r{<a href="/#{label.project.to_reference}/issues\?label_name=#{label.name}">.*</a>}
+        expect(link_to_label(label)).to match %r{<a href="/#{label.project.to_reference}/issues\?label_name%5B%5D=#{label.name}">.*</a>}
       end
     end
 
@@ -25,7 +25,7 @@ describe LabelsHelper do
       let(:another_project) { double('project', namespace: 'foo3', to_param: 'bar3') }
 
       it 'links to merge requests page' do
-        expect(link_to_label(label, project: another_project)).to match %r{<a href="/foo3/bar3/issues\?label_name=#{label.name}">.*</a>}
+        expect(link_to_label(label, project: another_project)).to match %r{<a href="/foo3/bar3/issues\?label_name%5B%5D=#{label.name}">.*</a>}
       end
     end
 
@@ -33,7 +33,7 @@ describe LabelsHelper do
       ['issue', :issue, 'merge_request', :merge_request].each do |type|
         context "set to #{type}" do
           it 'links to correct page' do
-            expect(link_to_label(label, type: type)).to match %r{<a href="/#{label.project.to_reference}/#{type.to_s.pluralize}\?label_name=#{label.name}">.*</a>}
+            expect(link_to_label(label, type: type)).to match %r{<a href="/#{label.project.to_reference}/#{type.to_s.pluralize}\?label_name%5B%5D=#{label.name}">.*</a>}
           end
         end
       end
diff --git a/spec/helpers/projects_helper_spec.rb b/spec/helpers/projects_helper_spec.rb
index c258cfebd73..ac5af8740dc 100644
--- a/spec/helpers/projects_helper_spec.rb
+++ b/spec/helpers/projects_helper_spec.rb
@@ -88,21 +88,56 @@ describe ProjectsHelper do
   end
 
   describe 'default_clone_protocol' do
-    describe 'using HTTP' do
+    context 'when user is not logged in and gitlab protocol is HTTP' do
       it 'returns HTTP' do
-        expect(helper).to receive(:current_user).and_return(nil)
+        allow(helper).to receive(:current_user).and_return(nil)
 
         expect(helper.send(:default_clone_protocol)).to eq('http')
       end
     end
 
-    describe 'using HTTPS' do
+    context 'when user is not logged in and gitlab protocol is HTTPS' do
       it 'returns HTTPS' do
-        allow(Gitlab.config.gitlab).to receive(:protocol).and_return('https')
-        expect(helper).to receive(:current_user).and_return(nil)
+        stub_config_setting(protocol: 'https')
+        allow(helper).to receive(:current_user).and_return(nil)
 
         expect(helper.send(:default_clone_protocol)).to eq('https')
       end
     end
   end
+
+  describe '#license_short_name' do
+    let(:project) { create(:project) }
+
+    context 'when project.repository has a license_key' do
+      it 'returns the nickname of the license if present' do
+        allow(project.repository).to receive(:license_key).and_return('agpl-3.0')
+
+        expect(helper.license_short_name(project)).to eq('GNU AGPLv3')
+      end
+
+      it 'returns the name of the license if nickname is not present' do
+        allow(project.repository).to receive(:license_key).and_return('mit')
+
+        expect(helper.license_short_name(project)).to eq('MIT License')
+      end
+    end
+
+    context 'when project.repository has no license_key but a license_blob' do
+      it 'returns LICENSE' do
+        allow(project.repository).to receive(:license_key).and_return(nil)
+
+        expect(helper.license_short_name(project)).to eq('LICENSE')
+      end
+    end
+  end
+
+  describe '#sanitized_import_error' do
+    it 'removes the repo path' do
+      repo = File.join(Gitlab.config.gitlab_shell.repos_path, '/namespace/test.git')
+      import_error = "Could not clone #{repo}\n"
+
+      expect(sanitize_repo_path(import_error)).to eq('Could not clone [REPOS PATH]/namespace/test.git')
+    end
+  end
 end
diff --git a/spec/initializers/trusted_proxies_spec.rb b/spec/initializers/trusted_proxies_spec.rb
new file mode 100644
index 00000000000..4bb149f25ff
--- /dev/null
+++ b/spec/initializers/trusted_proxies_spec.rb
@@ -0,0 +1,51 @@
+require 'spec_helper'
+
+describe 'trusted_proxies', lib: true do
+  context 'with default config' do
+    before do
+      set_trusted_proxies([])
+    end
+
+    it 'preserves private IPs as remote_ip' do
+      request = stub_request('HTTP_X_FORWARDED_FOR' => '10.1.5.89')
+      expect(request.remote_ip).to eq('10.1.5.89')
+    end
+
+    it 'filters out localhost from remote_ip' do
+      request = stub_request('HTTP_X_FORWARDED_FOR' => '1.1.1.1, 10.1.5.89, 127.0.0.1')
+      expect(request.remote_ip).to eq('10.1.5.89')
+    end
+  end
+
+  context 'with private IP ranges added' do
+    before do
+      set_trusted_proxies([ "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16" ])
+    end
+
+    it 'filters out private and local IPs from remote_ip' do
+      request = stub_request('HTTP_X_FORWARDED_FOR' => '1.2.3.6, 1.1.1.1, 10.1.5.89, 127.0.0.1')
+      expect(request.remote_ip).to eq('1.1.1.1')
+    end
+  end
+
+  context 'with proxy IP added' do
+    before do
+      set_trusted_proxies([ "60.98.25.47" ])
+    end
+
+    it 'filters out proxy IP from remote_ip' do
+      request = stub_request('HTTP_X_FORWARDED_FOR' => '1.2.3.6, 1.1.1.1, 60.98.25.47, 127.0.0.1')
+      expect(request.remote_ip).to eq('1.1.1.1')
+    end
+  end
+
+  def stub_request(headers = {})
+    ActionDispatch::RemoteIp.new(Proc.new { }, false, Rails.application.config.action_dispatch.trusted_proxies).call(headers)
+    ActionDispatch::Request.new(headers)
+  end
+
+  def set_trusted_proxies(proxies = [])
+    stub_config_setting('trusted_proxies' => proxies)
+    load File.join(__dir__, '../../config/initializers/trusted_proxies.rb')
+  end
+end
diff --git a/spec/javascripts/merge_request_widget_spec.js.coffee b/spec/javascripts/merge_request_widget_spec.js.coffee
new file mode 100644
index 00000000000..92b7eeb1116
--- /dev/null
+++ b/spec/javascripts/merge_request_widget_spec.js.coffee
@@ -0,0 +1,55 @@
+#= require merge_request_widget
+
+describe 'MergeRequestWidget', ->
+
+  beforeEach ->
+    window.notifyPermissions = () ->
+    window.notify = () ->
+    @opts = {
+      ci_status_url:"http://sampledomain.local/ci/getstatus",
+      ci_status:"",
+      ci_message: {
+        normal: "Build {{status}} for \"{{title}}\"",
+        preparing: "{{status}} build for \"{{title}}\""
+      },
+      ci_title: {
+        preparing: "{{status}} build",
+        normal: "Build {{status}}"
+      },
+      gitlab_icon:"gitlab_logo.png",
+      builds_path:"http://sampledomain.local/sampleBuildsPath"
+    }
+    @class = new MergeRequestWidget(@opts)
+    @ciStatusData = {"title":"Sample MR title","sha":"12a34bc5","status":"success","coverage":98}
+
+  describe 'getCIStatus', ->
+    beforeEach ->
+      spyOn(jQuery, 'getJSON').and.callFake (req, cb) =>
+        cb(@ciStatusData)
+
+    it 'should call showCIStatus even if a notification should not be displayed', ->
+      spy = spyOn(@class, 'showCIStatus').and.stub()
+      @class.getCIStatus(false)
+      expect(spy).toHaveBeenCalledWith(@ciStatusData.status)
+
+    it 'should call showCIStatus when a notification should be displayed', ->
+      spy = spyOn(@class, 'showCIStatus').and.stub()
+      @class.getCIStatus(true)
+      expect(spy).toHaveBeenCalledWith(@ciStatusData.status)
+
+    it 'should call showCICoverage when the coverage rate is set', ->
+      spy = spyOn(@class, 'showCICoverage').and.stub()
+      @class.getCIStatus(false)
+      expect(spy).toHaveBeenCalledWith(@ciStatusData.coverage)
+
+    it 'should not call showCICoverage when the coverage rate is not set', ->
+      @ciStatusData.coverage = null
+      spy = spyOn(@class, 'showCICoverage').and.stub()
+      @class.getCIStatus(false)
+      expect(spy).not.toHaveBeenCalled()
+
+    it 'should not display a notification on the first check after the widget has been created', ->
+      spy = spyOn(window, 'notify')
+      @class = new MergeRequestWidget(@opts)
+      @class.getCIStatus(true)
+      expect(spy).not.toHaveBeenCalled()
diff --git a/spec/lib/banzai/filter/sanitization_filter_spec.rb b/spec/lib/banzai/filter/sanitization_filter_spec.rb
index 27ce312b11c..b38e3b17e64 100644
--- a/spec/lib/banzai/filter/sanitization_filter_spec.rb
+++ b/spec/lib/banzai/filter/sanitization_filter_spec.rb
@@ -22,6 +22,12 @@ describe Banzai::Filter::SanitizationFilter, lib: true do
       expect(filter(act).to_html).to eq exp
     end
 
+    it 'sanitizes mixed-cased javascript in attributes' do
+      act = %q(<a href="javaScript:alert('foo')">Text</a>)
+      exp = '<a>Text</a>'
+      expect(filter(act).to_html).to eq exp
+    end
+
     it 'allows whitelisted HTML tags from the user' do
       exp = act = "<dl>\n<dt>Term</dt>\n<dd>Definition</dd>\n</dl>"
       expect(filter(act).to_html).to eq exp
diff --git a/spec/lib/banzai/filter/upload_link_filter_spec.rb b/spec/lib/banzai/filter/upload_link_filter_spec.rb
index 3b073a90a95..b83be54746c 100644
--- a/spec/lib/banzai/filter/upload_link_filter_spec.rb
+++ b/spec/lib/banzai/filter/upload_link_filter_spec.rb
@@ -8,6 +8,10 @@ describe Banzai::Filter::UploadLinkFilter, lib: true do
       project: project
     })
 
+    raw_filter(doc, contexts)
+  end
+
+  def raw_filter(doc, contexts = {})
     described_class.call(doc, contexts)
   end
 
@@ -70,4 +74,18 @@ describe Banzai::Filter::UploadLinkFilter, lib: true do
       expect(doc.at_css('img')['src']).to match "#{Gitlab.config.gitlab.url}/#{project.path_with_namespace}/uploads/%ED%95%9C%EA%B8%80.png"
     end
   end
+
+  context 'when project context does not exist' do
+    let(:upload_link) { link('/uploads/e90decf88d8f96fe9e1389afc2e4a91f/test.jpg') }
+
+    it 'does not raise error' do
+      expect { raw_filter(upload_link, project: nil) }.not_to raise_error
+    end
+
+    it 'does not rewrite link' do
+      doc = raw_filter(upload_link, project: nil)
+
+      expect(doc.to_html).to eq upload_link
+    end
+  end
 end
diff --git a/spec/lib/banzai/filter/wiki_link_filter_spec.rb b/spec/lib/banzai/filter/wiki_link_filter_spec.rb
new file mode 100644
index 00000000000..185abbb2108
--- /dev/null
+++ b/spec/lib/banzai/filter/wiki_link_filter_spec.rb
@@ -0,0 +1,85 @@
+require 'spec_helper'
+
+describe Banzai::Filter::WikiLinkFilter, lib: true do
+  include FilterSpecHelper
+
+  let(:namespace) { build_stubbed(:namespace, name: "wiki_link_ns") }
+  let(:project)   { build_stubbed(:empty_project, :public, name: "wiki_link_project", namespace: namespace) }
+  let(:user) { double }
+  let(:project_wiki) { ProjectWiki.new(project, user) }
+
+  describe "links within the wiki (relative)" do
+    describe "hierarchical links to the current directory" do
+      it "doesn't rewrite non-file links" do
+        link = "<a href='./page'>Link to Page</a>"
+        filtered_link = filter(link, project_wiki: project_wiki).children[0]
+
+        expect(filtered_link.attribute('href').value).to eq('./page')
+      end
+
+      it "doesn't rewrite file links" do
+        link = "<a href='./page.md'>Link to Page</a>"
+        filtered_link = filter(link, project_wiki: project_wiki).children[0]
+
+        expect(filtered_link.attribute('href').value).to eq('./page.md')
+      end
+    end
+
+    describe "hierarchical links to the parent directory" do
+      it "doesn't rewrite non-file links" do
+        link = "<a href='../page'>Link to Page</a>"
+        filtered_link = filter(link, project_wiki: project_wiki).children[0]
+
+        expect(filtered_link.attribute('href').value).to eq('../page')
+      end
+
+      it "doesn't rewrite file links" do
+        link = "<a href='../page.md'>Link to Page</a>"
+        filtered_link = filter(link, project_wiki: project_wiki).children[0]
+
+        expect(filtered_link.attribute('href').value).to eq('../page.md')
+      end
+    end
+
+    describe "hierarchical links to a sub-directory" do
+      it "doesn't rewrite non-file links" do
+        link = "<a href='./subdirectory/page'>Link to Page</a>"
+        filtered_link = filter(link, project_wiki: project_wiki).children[0]
+
+        expect(filtered_link.attribute('href').value).to eq('./subdirectory/page')
+      end
+
+      it "doesn't rewrite file links" do
+        link = "<a href='./subdirectory/page.md'>Link to Page</a>"
+        filtered_link = filter(link, project_wiki: project_wiki).children[0]
+
+        expect(filtered_link.attribute('href').value).to eq('./subdirectory/page.md')
+      end
+    end
+
+    describe "non-hierarchical links" do
+      it 'rewrites non-file links to be at the scope of the wiki root' do
+        link = "<a href='page'>Link to Page</a>"
+        filtered_link = filter(link, project_wiki: project_wiki).children[0]
+
+        expect(filtered_link.attribute('href').value).to match('/wiki_link_ns/wiki_link_project/wikis/page')
+      end
+
+      it "doesn't rewrite file links" do
+        link = "<a href='page.md'>Link to Page</a>"
+        filtered_link = filter(link, project_wiki: project_wiki).children[0]
+
+        expect(filtered_link.attribute('href').value).to eq('page.md')
+      end
+    end
+  end
+
+  describe "links outside the wiki (absolute)" do
+    it "doesn't rewrite links" do
+      link = "<a href='http://example.com/page'>Link to Page</a>"
+      filtered_link = filter(link, project_wiki: project_wiki).children[0]
+
+      expect(filtered_link.attribute('href').value).to eq('http://example.com/page')
+    end
+  end
+end
diff --git a/spec/lib/ci/ansi2html_spec.rb b/spec/lib/ci/ansi2html_spec.rb
index 3a2b568f4c7..04afbd06929 100644
--- a/spec/lib/ci/ansi2html_spec.rb
+++ b/spec/lib/ci/ansi2html_spec.rb
@@ -4,131 +4,176 @@ describe Ci::Ansi2html, lib: true do
   subject { Ci::Ansi2html }
 
   it "prints non-ansi as-is" do
-    expect(subject.convert("Hello")).to eq('Hello')
+    expect(subject.convert("Hello")[:html]).to eq('Hello')
   end
 
   it "strips non-color-changing controll sequences" do
-    expect(subject.convert("Hello \e[2Kworld")).to eq('Hello world')
+    expect(subject.convert("Hello \e[2Kworld")[:html]).to eq('Hello world')
   end
 
   it "prints simply red" do
-    expect(subject.convert("\e[31mHello\e[0m")).to eq('<span class="term-fg-red">Hello</span>')
+    expect(subject.convert("\e[31mHello\e[0m")[:html]).to eq('<span class="term-fg-red">Hello</span>')
   end
 
   it "prints simply red without trailing reset" do
-    expect(subject.convert("\e[31mHello")).to eq('<span class="term-fg-red">Hello</span>')
+    expect(subject.convert("\e[31mHello")[:html]).to eq('<span class="term-fg-red">Hello</span>')
   end
 
   it "prints simply yellow" do
-    expect(subject.convert("\e[33mHello\e[0m")).to eq('<span class="term-fg-yellow">Hello</span>')
+    expect(subject.convert("\e[33mHello\e[0m")[:html]).to eq('<span class="term-fg-yellow">Hello</span>')
   end
 
   it "prints default on blue" do
-    expect(subject.convert("\e[39;44mHello")).to eq('<span class="term-bg-blue">Hello</span>')
+    expect(subject.convert("\e[39;44mHello")[:html]).to eq('<span class="term-bg-blue">Hello</span>')
   end
 
   it "prints red on blue" do
-    expect(subject.convert("\e[31;44mHello")).to eq('<span class="term-fg-red term-bg-blue">Hello</span>')
+    expect(subject.convert("\e[31;44mHello")[:html]).to eq('<span class="term-fg-red term-bg-blue">Hello</span>')
   end
 
   it "resets colors after red on blue" do
-    expect(subject.convert("\e[31;44mHello\e[0m world")).to eq('<span class="term-fg-red term-bg-blue">Hello</span> world')
+    expect(subject.convert("\e[31;44mHello\e[0m world")[:html]).to eq('<span class="term-fg-red term-bg-blue">Hello</span> world')
   end
 
   it "performs color change from red/blue to yellow/blue" do
-    expect(subject.convert("\e[31;44mHello \e[33mworld")).to eq('<span class="term-fg-red term-bg-blue">Hello </span><span class="term-fg-yellow term-bg-blue">world</span>')
+    expect(subject.convert("\e[31;44mHello \e[33mworld")[:html]).to eq('<span class="term-fg-red term-bg-blue">Hello </span><span class="term-fg-yellow term-bg-blue">world</span>')
   end
 
   it "performs color change from red/blue to yellow/green" do
-    expect(subject.convert("\e[31;44mHello \e[33;42mworld")).to eq('<span class="term-fg-red term-bg-blue">Hello </span><span class="term-fg-yellow term-bg-green">world</span>')
+    expect(subject.convert("\e[31;44mHello \e[33;42mworld")[:html]).to eq('<span class="term-fg-red term-bg-blue">Hello </span><span class="term-fg-yellow term-bg-green">world</span>')
   end
 
   it "performs color change from red/blue to reset to yellow/green" do
-    expect(subject.convert("\e[31;44mHello\e[0m \e[33;42mworld")).to eq('<span class="term-fg-red term-bg-blue">Hello</span> <span class="term-fg-yellow term-bg-green">world</span>')
+    expect(subject.convert("\e[31;44mHello\e[0m \e[33;42mworld")[:html]).to eq('<span class="term-fg-red term-bg-blue">Hello</span> <span class="term-fg-yellow term-bg-green">world</span>')
   end
 
   it "ignores unsupported codes" do
-    expect(subject.convert("\e[51mHello\e[0m")).to eq('Hello')
+    expect(subject.convert("\e[51mHello\e[0m")[:html]).to eq('Hello')
   end
 
   it "prints light red" do
-    expect(subject.convert("\e[91mHello\e[0m")).to eq('<span class="term-fg-l-red">Hello</span>')
+    expect(subject.convert("\e[91mHello\e[0m")[:html]).to eq('<span class="term-fg-l-red">Hello</span>')
   end
 
   it "prints default on light red" do
-    expect(subject.convert("\e[101mHello\e[0m")).to eq('<span class="term-bg-l-red">Hello</span>')
+    expect(subject.convert("\e[101mHello\e[0m")[:html]).to eq('<span class="term-bg-l-red">Hello</span>')
   end
 
   it "performs color change from red/blue to default/blue" do
-    expect(subject.convert("\e[31;44mHello \e[39mworld")).to eq('<span class="term-fg-red term-bg-blue">Hello </span><span class="term-bg-blue">world</span>')
+    expect(subject.convert("\e[31;44mHello \e[39mworld")[:html]).to eq('<span class="term-fg-red term-bg-blue">Hello </span><span class="term-bg-blue">world</span>')
   end
 
   it "performs color change from light red/blue to default/blue" do
-    expect(subject.convert("\e[91;44mHello \e[39mworld")).to eq('<span class="term-fg-l-red term-bg-blue">Hello </span><span class="term-bg-blue">world</span>')
+    expect(subject.convert("\e[91;44mHello \e[39mworld")[:html]).to eq('<span class="term-fg-l-red term-bg-blue">Hello </span><span class="term-bg-blue">world</span>')
   end
 
   it "prints bold text" do
-    expect(subject.convert("\e[1mHello")).to eq('<span class="term-bold">Hello</span>')
+    expect(subject.convert("\e[1mHello")[:html]).to eq('<span class="term-bold">Hello</span>')
   end
 
   it "resets bold text" do
-    expect(subject.convert("\e[1mHello\e[21m world")).to eq('<span class="term-bold">Hello</span> world')
-    expect(subject.convert("\e[1mHello\e[22m world")).to eq('<span class="term-bold">Hello</span> world')
+    expect(subject.convert("\e[1mHello\e[21m world")[:html]).to eq('<span class="term-bold">Hello</span> world')
+    expect(subject.convert("\e[1mHello\e[22m world")[:html]).to eq('<span class="term-bold">Hello</span> world')
   end
 
   it "prints italic text" do
-    expect(subject.convert("\e[3mHello")).to eq('<span class="term-italic">Hello</span>')
+    expect(subject.convert("\e[3mHello")[:html]).to eq('<span class="term-italic">Hello</span>')
   end
 
   it "resets italic text" do
-    expect(subject.convert("\e[3mHello\e[23m world")).to eq('<span class="term-italic">Hello</span> world')
+    expect(subject.convert("\e[3mHello\e[23m world")[:html]).to eq('<span class="term-italic">Hello</span> world')
   end
 
   it "prints underlined text" do
-    expect(subject.convert("\e[4mHello")).to eq('<span class="term-underline">Hello</span>')
+    expect(subject.convert("\e[4mHello")[:html]).to eq('<span class="term-underline">Hello</span>')
   end
 
   it "resets underlined text" do
-    expect(subject.convert("\e[4mHello\e[24m world")).to eq('<span class="term-underline">Hello</span> world')
+    expect(subject.convert("\e[4mHello\e[24m world")[:html]).to eq('<span class="term-underline">Hello</span> world')
   end
 
   it "prints concealed text" do
-    expect(subject.convert("\e[8mHello")).to eq('<span class="term-conceal">Hello</span>')
+    expect(subject.convert("\e[8mHello")[:html]).to eq('<span class="term-conceal">Hello</span>')
   end
 
   it "resets concealed text" do
-    expect(subject.convert("\e[8mHello\e[28m world")).to eq('<span class="term-conceal">Hello</span> world')
+    expect(subject.convert("\e[8mHello\e[28m world")[:html]).to eq('<span class="term-conceal">Hello</span> world')
   end
 
   it "prints crossed-out text" do
-    expect(subject.convert("\e[9mHello")).to eq('<span class="term-cross">Hello</span>')
+    expect(subject.convert("\e[9mHello")[:html]).to eq('<span class="term-cross">Hello</span>')
   end
 
   it "resets crossed-out text" do
-    expect(subject.convert("\e[9mHello\e[29m world")).to eq('<span class="term-cross">Hello</span> world')
+    expect(subject.convert("\e[9mHello\e[29m world")[:html]).to eq('<span class="term-cross">Hello</span> world')
   end
 
   it "can print 256 xterm fg colors" do
-    expect(subject.convert("\e[38;5;16mHello")).to eq('<span class="xterm-fg-16">Hello</span>')
+    expect(subject.convert("\e[38;5;16mHello")[:html]).to eq('<span class="xterm-fg-16">Hello</span>')
   end
 
   it "can print 256 xterm fg colors on normal magenta background" do
-    expect(subject.convert("\e[38;5;16;45mHello")).to eq('<span class="xterm-fg-16 term-bg-magenta">Hello</span>')
+    expect(subject.convert("\e[38;5;16;45mHello")[:html]).to eq('<span class="xterm-fg-16 term-bg-magenta">Hello</span>')
   end
 
   it "can print 256 xterm bg colors" do
-    expect(subject.convert("\e[48;5;240mHello")).to eq('<span class="xterm-bg-240">Hello</span>')
+    expect(subject.convert("\e[48;5;240mHello")[:html]).to eq('<span class="xterm-bg-240">Hello</span>')
   end
 
   it "can print 256 xterm bg colors on normal magenta foreground" do
-    expect(subject.convert("\e[48;5;16;35mHello")).to eq('<span class="term-fg-magenta xterm-bg-16">Hello</span>')
+    expect(subject.convert("\e[48;5;16;35mHello")[:html]).to eq('<span class="term-fg-magenta xterm-bg-16">Hello</span>')
   end
 
   it "prints bold colored text vividly" do
-    expect(subject.convert("\e[1;31mHello\e[0m")).to eq('<span class="term-fg-l-red term-bold">Hello</span>')
+    expect(subject.convert("\e[1;31mHello\e[0m")[:html]).to eq('<span class="term-fg-l-red term-bold">Hello</span>')
   end
 
   it "prints bold light colored text correctly" do
-    expect(subject.convert("\e[1;91mHello\e[0m")).to eq('<span class="term-fg-l-red term-bold">Hello</span>')
+    expect(subject.convert("\e[1;91mHello\e[0m")[:html]).to eq('<span class="term-fg-l-red term-bold">Hello</span>')
+  end
+
+  it "prints &lt;" do
+    expect(subject.convert("<")[:html]).to eq('&lt;')
+  end
+
+  describe "incremental update" do
+    shared_examples 'stateable converter' do
+      let(:pass1) { subject.convert(pre_text) }
+      let(:pass2) { subject.convert(pre_text + text, pass1[:state]) }
+
+      it "to returns html to append" do
+        expect(pass2[:append]).to be_truthy
+        expect(pass2[:html]).to eq(html)
+        expect(pass1[:text] + pass2[:text]).to eq(pre_text + text)
+        expect(pass1[:html] + pass2[:html]).to eq(pre_html + html)
+      end
+    end
+
+    context "with split word" do
+      let(:pre_text) { "\e[1mHello" }
+      let(:pre_html) { "<span class=\"term-bold\">Hello</span>" }
+      let(:text) { "\e[1mWorld" }
+      let(:html) { "<span class=\"term-bold\"></span><span class=\"term-bold\">World</span>" }
+
+      it_behaves_like 'stateable converter'
+    end
+
+    context "with split sequence" do
+      let(:pre_text) { "\e[1m" }
+      let(:pre_html) { "<span class=\"term-bold\"></span>" }
+      let(:text) { "Hello" }
+      let(:html) { "<span class=\"term-bold\">Hello</span>" }
+
+      it_behaves_like 'stateable converter'
+    end
+
+    context "with partial sequence" do
+      let(:pre_text) { "Hello\e" }
+      let(:pre_html) { "Hello" }
+      let(:text) { "[1m World" }
+      let(:html) { "<span class=\"term-bold\"> World</span>" }
+
+      it_behaves_like 'stateable converter'
+    end
   end
 end
diff --git a/spec/lib/ci/gitlab_ci_yaml_processor_spec.rb b/spec/lib/ci/gitlab_ci_yaml_processor_spec.rb
index 643acf0303c..9eef8ea0976 100644
--- a/spec/lib/ci/gitlab_ci_yaml_processor_spec.rb
+++ b/spec/lib/ci/gitlab_ci_yaml_processor_spec.rb
@@ -443,12 +443,12 @@ module Ci
       context 'when job variables are defined' do
         context 'when syntax is correct' do
           it 'returns job variables' do
-            variables =  {
+            variables = {
               KEY1: 'value1',
               SOME_KEY_2: 'value2'
             }
 
-            config =  YAML.dump(
+            config = YAML.dump(
               { before_script: ['pwd'],
                 rspec: {
                   variables: variables,
@@ -648,70 +648,131 @@ module Ci
     end
 
     describe "Hidden jobs" do
-      let(:config) do
-        YAML.dump({
-                    '.hidden_job' => { script: 'test' },
-                    'normal_job' => { script: 'test' }
-                  })
+      let(:config_processor) { GitlabCiYamlProcessor.new(config) }
+      subject { config_processor.builds_for_stage_and_ref("test", "master") }
+
+      shared_examples 'hidden_job_handling' do
+        it "doesn't create jobs that start with dot" do
+          expect(subject.size).to eq(1)
+          expect(subject.first).to eq({
+            except: nil,
+            stage: "test",
+            stage_idx: 1,
+            name: :normal_job,
+            only: nil,
+            commands: "test",
+            tag_list: [],
+            options: {},
+            when: "on_success",
+            allow_failure: false
+          })
+        end
       end
 
-      let(:config_processor) { GitlabCiYamlProcessor.new(config) }
+      context 'when hidden job have a script definition' do
+        let(:config) do
+          YAML.dump({
+                      '.hidden_job' => { image: 'ruby:2.1', script: 'test' },
+                      'normal_job' => { script: 'test' }
+                    })
+        end
 
-      subject { config_processor.builds_for_stage_and_ref("test", "master") }
+        it_behaves_like 'hidden_job_handling'
+      end
 
-      it "doesn't create jobs that starts with dot" do
-        expect(subject.size).to eq(1)
-        expect(subject.first).to eq({
-          except: nil,
-          stage: "test",
-          stage_idx: 1,
-          name: :normal_job,
-          only: nil,
-          commands: "test",
-          tag_list: [],
-          options: {},
-          when: "on_success",
-          allow_failure: false
-        })
+      context "when hidden job doesn't have a script definition" do
+        let(:config) do
+          YAML.dump({
+                      '.hidden_job' => { image: 'ruby:2.1' },
+                      'normal_job' => { script: 'test' }
+                    })
+        end
+
+        it_behaves_like 'hidden_job_handling'
       end
     end
 
     describe "YAML Alias/Anchor" do
-      it "is correctly supported for jobs" do
-        config = <<EOT
+      let(:config_processor) { GitlabCiYamlProcessor.new(config) }
+      subject { config_processor.builds_for_stage_and_ref("build", "master") }
+
+      shared_examples 'job_templates_handling' do
+        it "is correctly supported for jobs" do
+          expect(subject.size).to eq(2)
+          expect(subject.first).to eq({
+            except: nil,
+            stage: "build",
+            stage_idx: 0,
+            name: :job1,
+            only: nil,
+            commands: "execute-script-for-job",
+            tag_list: [],
+            options: {},
+            when: "on_success",
+            allow_failure: false
+          })
+          expect(subject.second).to eq({
+            except: nil,
+            stage: "build",
+            stage_idx: 0,
+            name: :job2,
+            only: nil,
+            commands: "execute-script-for-job",
+            tag_list: [],
+            options: {},
+            when: "on_success",
+            allow_failure: false
+          })
+        end
+      end
+
+      context 'when template is a job' do
+        let(:config) do
+          <<EOT
 job1: &JOBTMPL
+  stage: build
   script: execute-script-for-job
 
 job2: *JOBTMPL
 EOT
+        end
 
-        config_processor = GitlabCiYamlProcessor.new(config)
+        it_behaves_like 'job_templates_handling'
+      end
 
-        expect(config_processor.builds_for_stage_and_ref("test", "master").size).to eq(2)
-        expect(config_processor.builds_for_stage_and_ref("test", "master").first).to eq({
-          except: nil,
-          stage: "test",
-          stage_idx: 1,
-          name: :job1,
-          only: nil,
-          commands: "execute-script-for-job",
-          tag_list: [],
-          options: {},
-          when: "on_success",
-          allow_failure: false
-        })
-        expect(config_processor.builds_for_stage_and_ref("test", "master").second).to eq({
-          except: nil,
-          stage: "test",
-          stage_idx: 1,
-          name: :job2,
-          only: nil,
-          commands: "execute-script-for-job",
-          tag_list: [],
-          options: {},
-          when: "on_success",
-          allow_failure: false
-        })
+      context 'when template is a hidden job' do
+        let(:config) do
+          <<EOT
+.template: &JOBTMPL
+  stage: build
+  script: execute-script-for-job
+
+job1: *JOBTMPL
+
+job2: *JOBTMPL
+EOT
+        end
+
+        it_behaves_like 'job_templates_handling'
+      end
+
+      context 'when job adds its own keys to a template definition' do
+        let(:config) do
+          <<EOT
+.template: &JOBTMPL
+  stage: build
+
+job1:
+  <<: *JOBTMPL
+  script: execute-script-for-job
+
+job2:
+  <<: *JOBTMPL
+  script: execute-script-for-job
+EOT
+        end
+
+        it_behaves_like 'job_templates_handling'
       end
     end
 
diff --git a/spec/lib/container_registry/blob_spec.rb b/spec/lib/container_registry/blob_spec.rb
new file mode 100644
index 00000000000..4d8cb787dde
--- /dev/null
+++ b/spec/lib/container_registry/blob_spec.rb
@@ -0,0 +1,61 @@
+require 'spec_helper'
+
+describe ContainerRegistry::Blob do
+  let(:digest) { 'sha256:0123456789012345' }
+  let(:config) do
+    {
+      'digest' => digest,
+      'mediaType' => 'binary',
+      'size' => 1000
+    }
+  end
+  
+  let(:registry) { ContainerRegistry::Registry.new('http://example.com') }
+  let(:repository) { registry.repository('group/test') }
+  let(:blob) { repository.blob(config) }
+
+  it { expect(blob).to respond_to(:repository) }
+  it { expect(blob).to delegate_method(:registry).to(:repository) }
+  it { expect(blob).to delegate_method(:client).to(:repository) }
+
+  context '#path' do
+    subject { blob.path }
+
+    it { is_expected.to eq('example.com/group/test@sha256:0123456789012345') }
+  end
+
+  context '#digest' do
+    subject { blob.digest }
+
+    it { is_expected.to eq(digest) }
+  end
+
+  context '#type' do
+    subject { blob.type }
+
+    it { is_expected.to eq('binary') }
+  end
+
+  context '#revision' do
+    subject { blob.revision }
+
+    it { is_expected.to eq('0123456789012345') }
+  end
+
+  context '#short_revision' do
+    subject { blob.short_revision }
+
+    it { is_expected.to eq('012345678') }
+  end
+
+  context '#delete' do
+    before do
+      stub_request(:delete, 'http://example.com/v2/group/test/blobs/sha256:0123456789012345').
+        to_return(status: 200)
+    end
+
+    subject { blob.delete }
+
+    it { is_expected.to be_truthy }
+  end
+end
diff --git a/spec/lib/container_registry/registry_spec.rb b/spec/lib/container_registry/registry_spec.rb
new file mode 100644
index 00000000000..2638401ae6e
--- /dev/null
+++ b/spec/lib/container_registry/registry_spec.rb
@@ -0,0 +1,28 @@
+require 'spec_helper'
+
+describe ContainerRegistry::Registry do
+  let(:path) { nil }
+  let(:registry) { described_class.new('http://example.com', path: path) }
+
+  subject { registry }
+
+  it { is_expected.to respond_to(:client) }
+  it { is_expected.to respond_to(:uri) }
+  it { is_expected.to respond_to(:path) }
+
+  it { expect(subject.repository('test')).to_not be_nil }
+
+  context '#path' do
+    subject { registry.path }
+
+    context 'path from URL' do
+      it { is_expected.to eq('example.com') }
+    end
+
+    context 'custom path' do
+      let(:path) { 'registry.example.com' }
+
+      it { is_expected.to eq(path) }
+    end
+  end
+end
diff --git a/spec/lib/container_registry/repository_spec.rb b/spec/lib/container_registry/repository_spec.rb
new file mode 100644
index 00000000000..e6d66b11e4e
--- /dev/null
+++ b/spec/lib/container_registry/repository_spec.rb
@@ -0,0 +1,65 @@
+require 'spec_helper'
+
+describe ContainerRegistry::Repository do
+  let(:registry) { ContainerRegistry::Registry.new('http://example.com') }
+  let(:repository) { registry.repository('group/test') }
+
+  it { expect(repository).to respond_to(:registry) }
+  it { expect(repository).to delegate_method(:client).to(:registry) }
+  it { expect(repository.tag('test')).to_not be_nil }
+
+  context '#path' do
+    subject { repository.path }
+
+    it { is_expected.to eq('example.com/group/test') }
+  end
+
+  context 'manifest processing' do
+    before do
+      stub_request(:get, 'http://example.com/v2/group/test/tags/list').
+        with(headers: { 'Accept' => 'application/vnd.docker.distribution.manifest.v2+json' }).
+        to_return(
+          status: 200,
+          body: JSON.dump(tags: ['test']),
+          headers: { 'Content-Type' => 'application/vnd.docker.distribution.manifest.v2+json' })
+    end
+
+    context '#manifest' do
+      subject { repository.manifest }
+
+      it { is_expected.to_not be_nil }
+    end
+
+    context '#valid?' do
+      subject { repository.valid? }
+
+      it { is_expected.to be_truthy }
+    end
+
+    context '#tags' do
+      subject { repository.tags }
+
+      it { is_expected.to_not be_empty }
+    end
+  end
+
+  context '#delete_tags' do
+    let(:tag) { ContainerRegistry::Tag.new(repository, 'tag') }
+
+    before { expect(repository).to receive(:tags).twice.and_return([tag]) }
+
+    subject { repository.delete_tags }
+
+    context 'succeeds' do
+      before { expect(tag).to receive(:delete).and_return(true) }
+
+      it { is_expected.to be_truthy }
+    end
+
+    context 'any fails' do
+      before { expect(tag).to receive(:delete).and_return(false) }
+
+      it { is_expected.to be_falsey }
+    end
+  end
+end
diff --git a/spec/lib/container_registry/tag_spec.rb b/spec/lib/container_registry/tag_spec.rb
new file mode 100644
index 00000000000..12cf91127ed
--- /dev/null
+++ b/spec/lib/container_registry/tag_spec.rb
@@ -0,0 +1,89 @@
+require 'spec_helper'
+
+describe ContainerRegistry::Tag do
+  let(:registry) { ContainerRegistry::Registry.new('http://example.com') }
+  let(:repository) { registry.repository('group/test') }
+  let(:tag) { repository.tag('tag') }
+  let(:headers) { { 'Accept' => 'application/vnd.docker.distribution.manifest.v2+json' } }
+
+  it { expect(tag).to respond_to(:repository) }
+  it { expect(tag).to delegate_method(:registry).to(:repository) }
+  it { expect(tag).to delegate_method(:client).to(:repository) }
+
+  context '#path' do
+    subject { tag.path }
+
+    it { is_expected.to eq('example.com/group/test:tag') }
+  end
+
+  context 'manifest processing' do
+    before do
+      stub_request(:get, 'http://example.com/v2/group/test/manifests/tag').
+        with(headers: headers).
+        to_return(
+          status: 200,
+          body: File.read(Rails.root + 'spec/fixtures/container_registry/tag_manifest.json'),
+          headers: { 'Content-Type' => 'application/vnd.docker.distribution.manifest.v2+json' })
+    end
+
+    context '#layers' do
+      subject { tag.layers }
+
+      it { expect(subject.length).to eq(1) }
+    end
+
+    context '#total_size' do
+      subject { tag.total_size }
+
+      it { is_expected.to eq(2319870) }
+    end
+
+    context 'config processing' do
+      before do
+        stub_request(:get, 'http://example.com/v2/group/test/blobs/sha256:d7a513a663c1a6dcdba9ed832ca53c02ac2af0c333322cd6ca92936d1d9917ac').
+          with(headers: { 'Accept' => 'application/octet-stream' }).
+          to_return(
+            status: 200,
+            body: File.read(Rails.root + 'spec/fixtures/container_registry/config_blob.json'))
+      end
+
+      context '#config' do
+        subject { tag.config }
+
+        it { is_expected.to_not be_nil }
+      end
+
+      context '#created_at' do
+        subject { tag.created_at }
+
+        it { is_expected.to_not be_nil }
+      end
+    end
+  end
+
+  context 'manifest digest' do
+    before do
+      stub_request(:head, 'http://example.com/v2/group/test/manifests/tag').
+        with(headers: headers).
+        to_return(status: 200, headers: { 'Docker-Content-Digest' => 'sha256:digest' })
+    end
+
+    context '#digest' do
+      subject { tag.digest }
+
+      it { is_expected.to eq('sha256:digest') }
+    end
+
+    context '#delete' do
+      before do
+        stub_request(:delete, 'http://example.com/v2/group/test/manifests/sha256:digest').
+          with(headers: headers).
+          to_return(status: 200)
+      end
+
+      subject { tag.delete }
+
+      it { is_expected.to be_truthy }
+    end
+  end
+end
diff --git a/spec/lib/gitlab/akismet_helper_spec.rb b/spec/lib/gitlab/akismet_helper_spec.rb
index 9858935180a..53f5d6c5c80 100644
--- a/spec/lib/gitlab/akismet_helper_spec.rb
+++ b/spec/lib/gitlab/akismet_helper_spec.rb
@@ -24,7 +24,7 @@ describe Gitlab::AkismetHelper, type: :helper do
   describe '#is_spam?' do
     it 'returns true for spam' do
       environment = {
-        'REMOTE_ADDR' => '127.0.0.1',
+        'action_dispatch.remote_ip' => '127.0.0.1',
         'HTTP_USER_AGENT' => 'Test User Agent'
       }
 
diff --git a/spec/lib/gitlab/bitbucket_import/client_spec.rb b/spec/lib/gitlab/bitbucket_import/client_spec.rb
index aa0699f2ebf..af839f42421 100644
--- a/spec/lib/gitlab/bitbucket_import/client_spec.rb
+++ b/spec/lib/gitlab/bitbucket_import/client_spec.rb
@@ -34,18 +34,32 @@ describe Gitlab::BitbucketImport::Client, lib: true do
     it 'retrieves issues over a number of pages' do
       stub_request(:get,
                    "https://bitbucket.org/api/1.0/repositories/#{project_id}/issues?limit=50&sort=utc_created_on&start=0").
-          to_return(status: 200,
-                    body: first_sample_data.to_json,
-                    headers: {})
+        to_return(status: 200,
+                  body: first_sample_data.to_json,
+                  headers: {})
 
       stub_request(:get,
                    "https://bitbucket.org/api/1.0/repositories/#{project_id}/issues?limit=50&sort=utc_created_on&start=50").
-          to_return(status: 200,
-                    body: second_sample_data.to_json,
-                    headers: {})
+        to_return(status: 200,
+                  body: second_sample_data.to_json,
+                  headers: {})
 
       issues = client.issues(project_id)
       expect(issues.count).to eq(95)
     end
   end
+
+  context 'project import' do
+    it 'calls .from_project with no errors' do
+      project = create(:empty_project)
+      project.create_or_update_import_data(credentials:
+                                             { user: "git",
+                                               password: nil,
+                                               bb_session: { bitbucket_access_token: "test",
+                                                             bitbucket_access_token_secret: "test" } })
+      project.import_url = "ssh://git@bitbucket.org/test/test.git"
+
+      expect { described_class.from_project(project) }.to_not raise_error
+    end
+  end
 end
diff --git a/spec/lib/gitlab/ci/build/artifacts/metadata/entry_spec.rb b/spec/lib/gitlab/ci/build/artifacts/metadata/entry_spec.rb
index acca0b08bab..46a5b7fce65 100644
--- a/spec/lib/gitlab/ci/build/artifacts/metadata/entry_spec.rb
+++ b/spec/lib/gitlab/ci/build/artifacts/metadata/entry_spec.rb
@@ -10,8 +10,8 @@ describe Gitlab::Ci::Build::Artifacts::Metadata::Entry do
       'path/dir_1/subdir/subfile' => { size: 10 },
       'path/second_dir' => {},
       'path/second_dir/dir_3/file_2' => { size: 10 },
-      'path/second_dir/dir_3/file_3'=> { size: 10 },
-      'another_directory/'=> {},
+      'path/second_dir/dir_3/file_3' => { size: 10 },
+      'another_directory/' => {},
       'another_file' => {},
       '/file/with/absolute_path' => {} }
   end
diff --git a/spec/lib/gitlab/email/message/repository_push_spec.rb b/spec/lib/gitlab/email/message/repository_push_spec.rb
index b2d7a799810..7d6cce6daec 100644
--- a/spec/lib/gitlab/email/message/repository_push_spec.rb
+++ b/spec/lib/gitlab/email/message/repository_push_spec.rb
@@ -8,7 +8,7 @@ describe Gitlab::Email::Message::RepositoryPush do
   let!(:author) { create(:author, name: 'Author') }
 
   let(:message) do
-    described_class.new(Notify, project.id, 'recipient@example.com', opts)
+    described_class.new(Notify, project.id, opts)
   end
 
   context 'new commits have been pushed to repository' do
diff --git a/spec/lib/gitlab/github_import/branch_formatter_spec.rb b/spec/lib/gitlab/github_import/branch_formatter_spec.rb
new file mode 100644
index 00000000000..3cb634ba010
--- /dev/null
+++ b/spec/lib/gitlab/github_import/branch_formatter_spec.rb
@@ -0,0 +1,71 @@
+require 'spec_helper'
+
+describe Gitlab::GithubImport::BranchFormatter, lib: true do
+  let(:project) { create(:project) }
+  let(:repo) { double }
+  let(:raw) do
+    {
+      ref: 'feature',
+      repo: repo,
+      sha: '2e5d3239642f9161dcbbc4b70a211a68e5e45e2b'
+    }
+  end
+
+  describe '#exists?' do
+    it 'returns true when branch exists' do
+      branch = described_class.new(project, double(raw))
+
+      expect(branch.exists?).to eq true
+    end
+
+    it 'returns false when branch does not exist' do
+      branch = described_class.new(project, double(raw.merge(ref: 'removed-branch')))
+
+      expect(branch.exists?).to eq false
+    end
+  end
+
+  describe '#name' do
+    it 'returns raw ref when branch exists' do
+      branch = described_class.new(project, double(raw))
+
+      expect(branch.name).to eq 'feature'
+    end
+
+    it 'returns formatted ref when branch does not exist' do
+      branch = described_class.new(project, double(raw.merge(ref: 'removed-branch')))
+
+      expect(branch.name).to eq 'removed-branch-2e5d3239'
+    end
+  end
+
+  describe '#repo' do
+    it 'returns raw repo' do
+      branch = described_class.new(project, double(raw))
+
+      expect(branch.repo).to eq repo
+    end
+  end
+
+  describe '#sha' do
+    it 'returns raw sha' do
+      branch = described_class.new(project, double(raw))
+
+      expect(branch.sha).to eq '2e5d3239642f9161dcbbc4b70a211a68e5e45e2b'
+    end
+  end
+
+  describe '#valid?' do
+    it 'returns true when repository exists' do
+      branch = described_class.new(project, double(raw))
+
+      expect(branch.valid?).to eq true
+    end
+
+    it 'returns false when repository does not exist' do
+      branch = described_class.new(project, double(raw.merge(repo: nil)))
+
+      expect(branch.valid?).to eq false
+    end
+  end
+end
diff --git a/spec/lib/gitlab/github_import/client_spec.rb b/spec/lib/gitlab/github_import/client_spec.rb
index 49d8cdf4314..7c21cbe96d9 100644
--- a/spec/lib/gitlab/github_import/client_spec.rb
+++ b/spec/lib/gitlab/github_import/client_spec.rb
@@ -2,15 +2,49 @@ require 'spec_helper'
 
 describe Gitlab::GithubImport::Client, lib: true do
   let(:token) { '123456' }
-  let(:client) { Gitlab::GithubImport::Client.new(token) }
+  let(:github_provider) { Settingslogic.new('app_id' => 'asd123', 'app_secret' => 'asd123', 'name' => 'github', 'args' => { 'client_options' => {} }) }
+
+  subject(:client) { described_class.new(token) }
 
   before do
-    Gitlab.config.omniauth.providers << OpenStruct.new(app_id: "asd123", app_secret: "asd123", name: "github")
+    allow(Gitlab.config.omniauth).to receive(:providers).and_return([github_provider])
   end
 
-  it 'all OAuth2 client options are symbols' do
+  it 'convert OAuth2 client options to symbols' do
     client.client.options.keys.each do |key|
       expect(key).to be_kind_of(Symbol)
     end
   end
+
+  it 'does not crash (e.g. Settingslogic::MissingSetting) when verify_ssl config is not present' do
+    expect { client.api }.not_to raise_error
+  end
+
+  context 'allow SSL verification to be configurable on API' do
+    before do
+      github_provider['verify_ssl'] = false
+    end
+
+    it 'uses supplied value' do
+      expect(client.client.options[:connection_opts][:ssl]).to eq({ verify: false })
+      expect(client.api.connection_options[:ssl]).to eq({ verify: false })
+    end
+  end
+
+  context 'when provider does not specity an API endpoint' do
+    it 'uses GitHub root API endpoint' do
+      expect(client.api.api_endpoint).to eq 'https://api.github.com/'
+    end
+  end
+
+  context 'when provider specify a custom API endpoint' do
+    before do
+      github_provider['args']['client_options']['site'] = 'https://github.company.com/'
+    end
+
+    it 'uses the custom API endpoint' do
+      expect(OmniAuth::Strategies::GitHub).not_to receive(:default_options)
+      expect(client.api.api_endpoint).to eq 'https://github.company.com/'
+    end
+  end
 end
diff --git a/spec/lib/gitlab/github_import/comment_formatter_spec.rb b/spec/lib/gitlab/github_import/comment_formatter_spec.rb
index a324a82e69f..55e86d4ceac 100644
--- a/spec/lib/gitlab/github_import/comment_formatter_spec.rb
+++ b/spec/lib/gitlab/github_import/comment_formatter_spec.rb
@@ -2,23 +2,25 @@ require 'spec_helper'
 
 describe Gitlab::GithubImport::CommentFormatter, lib: true do
   let(:project) { create(:project) }
-  let(:octocat) { OpenStruct.new(id: 123456, login: 'octocat') }
+  let(:octocat) { double(id: 123456, login: 'octocat') }
   let(:created_at) { DateTime.strptime('2013-04-10T20:09:31Z') }
   let(:updated_at) { DateTime.strptime('2014-03-03T18:58:10Z') }
-  let(:base_data) do
+  let(:base) do
     {
       body: "I'm having a problem with this.",
       user: octocat,
+      commit_id: nil,
+      diff_hunk: nil,
       created_at: created_at,
       updated_at: updated_at
     }
   end
 
-  subject(:comment) { described_class.new(project, raw_data)}
+  subject(:comment) { described_class.new(project, raw)}
 
   describe '#attributes' do
     context 'when do not reference a portion of the diff' do
-      let(:raw_data) { OpenStruct.new(base_data) }
+      let(:raw) { double(base) }
 
       it 'returns formatted attributes' do
         expected = {
@@ -36,24 +38,23 @@ describe Gitlab::GithubImport::CommentFormatter, lib: true do
     end
 
     context 'when on a portion of the diff' do
-      let(:diff_data) do
+      let(:diff) do
         {
           body: 'Great stuff',
           commit_id: '6dcb09b5b57875f334f61aebed695e2e4193db5e',
-          diff_hunk: '@@ -16,33 +16,40 @@ public class Connection : IConnection...',
-          path: 'file1.txt',
-          position: 1
+          diff_hunk: "@@ -1,5 +1,9 @@\n class User\n   def name\n-    'John Doe'\n+    'Jane Doe'",
+          path: 'file1.txt'
         }
       end
 
-      let(:raw_data) { OpenStruct.new(base_data.merge(diff_data)) }
+      let(:raw) { double(base.merge(diff)) }
 
       it 'returns formatted attributes' do
         expected = {
           project: project,
           note: "*Created by: octocat*\n\nGreat stuff",
           commit_id: '6dcb09b5b57875f334f61aebed695e2e4193db5e',
-          line_code: 'ce1be0ff4065a6e9415095c95f25f47a633cef2b_0_1',
+          line_code: 'ce1be0ff4065a6e9415095c95f25f47a633cef2b_4_3',
           author_id: project.creator_id,
           created_at: created_at,
           updated_at: updated_at
@@ -64,15 +65,10 @@ describe Gitlab::GithubImport::CommentFormatter, lib: true do
     end
 
     context 'when author is a GitLab user' do
-      let(:raw_data) { OpenStruct.new(base_data.merge(user: octocat)) }
+      let(:raw) { double(base.merge(user: octocat)) }
 
-      it 'returns project#creator_id as author_id when is not a GitLab user' do
-        expect(comment.attributes.fetch(:author_id)).to eq project.creator_id
-      end
-
-      it 'returns GitLab user id as author_id when is a GitLab user' do
+      it 'returns GitLab user id as author_id' do
         gl_user = create(:omniauth_user, extern_uid: octocat.id, provider: 'github')
-
         expect(comment.attributes.fetch(:author_id)).to eq gl_user.id
       end
     end
diff --git a/spec/lib/gitlab/github_import/pull_request_formatter_spec.rb b/spec/lib/gitlab/github_import/pull_request_formatter_spec.rb
index e59c0ca110e..120f59e6e71 100644
--- a/spec/lib/gitlab/github_import/pull_request_formatter_spec.rb
+++ b/spec/lib/gitlab/github_import/pull_request_formatter_spec.rb
@@ -4,9 +4,9 @@ describe Gitlab::GithubImport::PullRequestFormatter, lib: true do
   let(:project) { create(:project) }
   let(:repository) { double(id: 1, fork: false) }
   let(:source_repo) { repository }
-  let(:source_branch) { double(ref: 'feature', repo: source_repo) }
+  let(:source_branch) { double(ref: 'feature', repo: source_repo, sha: '2e5d3239642f9161dcbbc4b70a211a68e5e45e2b') }
   let(:target_repo) { repository }
-  let(:target_branch) { double(ref: 'master', repo: target_repo) }
+  let(:target_branch) { double(ref: 'master', repo: target_repo, sha: '8ffb3c15a5475e59ae909384297fede4badcb4c7') }
   let(:octocat) { double(id: 123456, login: 'octocat') }
   let(:created_at) { DateTime.strptime('2011-01-26T19:01:12Z') }
   let(:updated_at) { DateTime.strptime('2011-01-27T19:01:12Z') }
@@ -41,8 +41,10 @@ describe Gitlab::GithubImport::PullRequestFormatter, lib: true do
           description: "*Created by: octocat*\n\nPlease pull these awesome changes",
           source_project: project,
           source_branch: 'feature',
+          head_source_sha: '2e5d3239642f9161dcbbc4b70a211a68e5e45e2b',
           target_project: project,
           target_branch: 'master',
+          base_target_sha: '8ffb3c15a5475e59ae909384297fede4badcb4c7',
           state: 'opened',
           milestone: nil,
           author_id: project.creator_id,
@@ -66,8 +68,10 @@ describe Gitlab::GithubImport::PullRequestFormatter, lib: true do
           description: "*Created by: octocat*\n\nPlease pull these awesome changes",
           source_project: project,
           source_branch: 'feature',
+          head_source_sha: '2e5d3239642f9161dcbbc4b70a211a68e5e45e2b',
           target_project: project,
           target_branch: 'master',
+          base_target_sha: '8ffb3c15a5475e59ae909384297fede4badcb4c7',
           state: 'closed',
           milestone: nil,
           author_id: project.creator_id,
@@ -91,8 +95,10 @@ describe Gitlab::GithubImport::PullRequestFormatter, lib: true do
           description: "*Created by: octocat*\n\nPlease pull these awesome changes",
           source_project: project,
           source_branch: 'feature',
+          head_source_sha: '2e5d3239642f9161dcbbc4b70a211a68e5e45e2b',
           target_project: project,
           target_branch: 'master',
+          base_target_sha: '8ffb3c15a5475e59ae909384297fede4badcb4c7',
           state: 'merged',
           milestone: nil,
           author_id: project.creator_id,
@@ -137,11 +143,11 @@ describe Gitlab::GithubImport::PullRequestFormatter, lib: true do
       let(:milestone) { double(number: 45) }
       let(:raw_data) { double(base_data.merge(milestone: milestone)) }
 
-      it 'returns nil when milestone does not exists' do
+      it 'returns nil when milestone does not exist' do
         expect(pull_request.attributes.fetch(:milestone)).to be_nil
       end
 
-      it 'returns milestone when is exists' do
+      it 'returns milestone when it exists' do
         milestone = create(:milestone, project: project, iid: 45)
 
         expect(pull_request.attributes.fetch(:milestone)).to eq milestone
@@ -158,36 +164,16 @@ describe Gitlab::GithubImport::PullRequestFormatter, lib: true do
   end
 
   describe '#valid?' do
-    let(:invalid_branch) { double(ref: 'invalid-branch').as_null_object }
-
-    context 'when source, and target repositories are the same' do
-      context 'and source and target branches exists' do
-        let(:raw_data) { double(base_data.merge(head: source_branch, base: target_branch)) }
-
-        it 'returns true' do
-          expect(pull_request.valid?).to eq true
-        end
-      end
-
-      context 'and source branch doesn not exists' do
-        let(:raw_data) { double(base_data.merge(head: invalid_branch, base: target_branch)) }
-
-        it 'returns false' do
-          expect(pull_request.valid?).to eq false
-        end
-      end
-
-      context 'and target branch doesn not exists' do
-        let(:raw_data) { double(base_data.merge(head: source_branch, base: invalid_branch)) }
+    context 'when source, and target repos are not a fork' do
+      let(:raw_data) { double(base_data) }
 
-        it 'returns false' do
-          expect(pull_request.valid?).to eq false
-        end
+      it 'returns true' do
+        expect(pull_request.valid?).to eq true
       end
     end
 
     context 'when source repo is a fork' do
-      let(:source_repo) { double(id: 2, fork: true) }
+      let(:source_repo) { double(id: 2) }
       let(:raw_data) { double(base_data) }
 
       it 'returns false' do
@@ -196,7 +182,7 @@ describe Gitlab::GithubImport::PullRequestFormatter, lib: true do
     end
 
     context 'when target repo is a fork' do
-      let(:target_repo) { double(id: 2, fork: true) }
+      let(:target_repo) { double(id: 2) }
       let(:raw_data) { double(base_data) }
 
       it 'returns false' do
diff --git a/spec/lib/gitlab/import_url_spec.rb b/spec/lib/gitlab/import_url_spec.rb
deleted file mode 100644
index f758cb8693c..00000000000
--- a/spec/lib/gitlab/import_url_spec.rb
+++ /dev/null
@@ -1,21 +0,0 @@
-require 'spec_helper'
-
-describe Gitlab::ImportUrl do
-
-  let(:credentials) { { user: 'blah', password: 'password' } }
-  let(:import_url) do
-    Gitlab::ImportUrl.new("https://github.com/me/project.git", credentials: credentials)
-  end
-
-  describe :full_url do
-    it { expect(import_url.full_url).to eq("https://blah:password@github.com/me/project.git") }
-  end
-
-  describe :sanitized_url do
-    it { expect(import_url.sanitized_url).to eq("https://github.com/me/project.git") }
-  end
-
-  describe :credentials do
-    it { expect(import_url.credentials).to eq(credentials) }
-  end
-end
diff --git a/spec/lib/gitlab/lfs/lfs_router_spec.rb b/spec/lib/gitlab/lfs/lfs_router_spec.rb
index 5852b31ab3a..3325190789b 100644
--- a/spec/lib/gitlab/lfs/lfs_router_spec.rb
+++ b/spec/lib/gitlab/lfs/lfs_router_spec.rb
@@ -26,8 +26,8 @@ describe Gitlab::Lfs::Router, lib: true do
 
   let(:sample_oid) { "b68143e6463773b1b6c6fd009a76c32aeec041faff32ba2ed42fd7f708a17f80" }
   let(:sample_size) { 499013 }
-  let(:respond_with_deprecated) {[ 501, { "Content-Type"=>"application/json; charset=utf-8" }, ["{\"message\":\"Server supports batch API only, please update your Git LFS client to version 1.0.1 and up.\",\"documentation_url\":\"#{Gitlab.config.gitlab.url}/help\"}"]]}
-  let(:respond_with_disabled) {[ 501, { "Content-Type"=>"application/json; charset=utf-8" }, ["{\"message\":\"Git LFS is not enabled on this GitLab server, contact your admin.\",\"documentation_url\":\"#{Gitlab.config.gitlab.url}/help\"}"]]}
+  let(:respond_with_deprecated) {[ 501, { "Content-Type" => "application/json; charset=utf-8" }, ["{\"message\":\"Server supports batch API only, please update your Git LFS client to version 1.0.1 and up.\",\"documentation_url\":\"#{Gitlab.config.gitlab.url}/help\"}"]]}
+  let(:respond_with_disabled) {[ 501, { "Content-Type" => "application/json; charset=utf-8" }, ["{\"message\":\"Git LFS is not enabled on this GitLab server, contact your admin.\",\"documentation_url\":\"#{Gitlab.config.gitlab.url}/help\"}"]]}
 
   describe 'when lfs is disabled' do
     before do
diff --git a/spec/lib/gitlab/metrics/instrumentation_spec.rb b/spec/lib/gitlab/metrics/instrumentation_spec.rb
index 5c885a7a982..7b86450a223 100644
--- a/spec/lib/gitlab/metrics/instrumentation_spec.rb
+++ b/spec/lib/gitlab/metrics/instrumentation_spec.rb
@@ -56,9 +56,6 @@ describe Gitlab::Metrics::Instrumentation do
         allow(described_class).to receive(:transaction).
           and_return(transaction)
 
-        expect(transaction).to receive(:increment).
-          with(:method_duration, a_kind_of(Numeric))
-
         expect(transaction).to receive(:add_metric).
           with(described_class::SERIES, an_instance_of(Hash),
                method: 'Dummy.foo')
@@ -139,9 +136,6 @@ describe Gitlab::Metrics::Instrumentation do
         allow(described_class).to receive(:transaction).
           and_return(transaction)
 
-        expect(transaction).to receive(:increment).
-          with(:method_duration, a_kind_of(Numeric))
-
         expect(transaction).to receive(:add_metric).
           with(described_class::SERIES, an_instance_of(Hash),
                method: 'Dummy#bar')
diff --git a/spec/lib/gitlab/metrics/subscribers/rails_cache_spec.rb b/spec/lib/gitlab/metrics/subscribers/rails_cache_spec.rb
index e01b0b4bd21..d824dc54438 100644
--- a/spec/lib/gitlab/metrics/subscribers/rails_cache_spec.rb
+++ b/spec/lib/gitlab/metrics/subscribers/rails_cache_spec.rb
@@ -9,7 +9,7 @@ describe Gitlab::Metrics::Subscribers::RailsCache do
   describe '#cache_read' do
     it 'increments the cache_read duration' do
       expect(subscriber).to receive(:increment).
-        with(:cache_read_duration, event.duration)
+        with(:cache_read, event.duration)
 
       subscriber.cache_read(event)
     end
@@ -18,7 +18,7 @@ describe Gitlab::Metrics::Subscribers::RailsCache do
   describe '#cache_write' do
     it 'increments the cache_write duration' do
       expect(subscriber).to receive(:increment).
-        with(:cache_write_duration, event.duration)
+        with(:cache_write, event.duration)
 
       subscriber.cache_write(event)
     end
@@ -27,7 +27,7 @@ describe Gitlab::Metrics::Subscribers::RailsCache do
   describe '#cache_delete' do
     it 'increments the cache_delete duration' do
       expect(subscriber).to receive(:increment).
-        with(:cache_delete_duration, event.duration)
+        with(:cache_delete, event.duration)
 
       subscriber.cache_delete(event)
     end
@@ -36,7 +36,7 @@ describe Gitlab::Metrics::Subscribers::RailsCache do
   describe '#cache_exist?' do
     it 'increments the cache_exists duration' do
       expect(subscriber).to receive(:increment).
-        with(:cache_exists_duration, event.duration)
+        with(:cache_exists, event.duration)
 
       subscriber.cache_exist?(event)
     end
@@ -62,9 +62,15 @@ describe Gitlab::Metrics::Subscribers::RailsCache do
           with(:cache_duration, event.duration)
 
         expect(transaction).to receive(:increment).
+          with(:cache_count, 1)
+
+        expect(transaction).to receive(:increment).
           with(:cache_delete_duration, event.duration)
 
-        subscriber.increment(:cache_delete_duration, event.duration)
+        expect(transaction).to receive(:increment).
+          with(:cache_delete_count, 1)
+
+        subscriber.increment(:cache_delete, event.duration)
       end
     end
   end
diff --git a/spec/lib/gitlab/url_sanitizer_spec.rb b/spec/lib/gitlab/url_sanitizer_spec.rb
new file mode 100644
index 00000000000..de55334118f
--- /dev/null
+++ b/spec/lib/gitlab/url_sanitizer_spec.rb
@@ -0,0 +1,68 @@
+require 'spec_helper'
+
+describe Gitlab::UrlSanitizer, lib: true do
+  let(:credentials) { { user: 'blah', password: 'password' } }
+  let(:url_sanitizer) do
+    described_class.new("https://github.com/me/project.git", credentials: credentials)
+  end
+
+  describe '.sanitize' do
+    def sanitize_url(url)
+      # We want to try with multi-line content because is how error messages are formatted
+      described_class.sanitize(%Q{
+         remote: Not Found
+         fatal: repository '#{url}' not found
+      })
+    end
+
+    it 'mask the credentials from HTTP URLs' do
+      filtered_content = sanitize_url('http://user:pass@test.com/root/repoC.git/')
+
+      expect(filtered_content).to include("http://*****:*****@test.com/root/repoC.git/")
+    end
+
+    it 'mask the credentials from HTTPS URLs' do
+      filtered_content = sanitize_url('https://user:pass@test.com/root/repoA.git/')
+
+      expect(filtered_content).to include("https://*****:*****@test.com/root/repoA.git/")
+    end
+
+    it 'mask credentials from SSH URLs' do
+      filtered_content = sanitize_url('ssh://user@host.test/path/to/repo.git')
+
+      expect(filtered_content).to include("ssh://*****@host.test/path/to/repo.git")
+    end
+
+    it 'does not modify Git URLs' do
+      # git protocol does not support authentication
+      filtered_content = sanitize_url('git://host.test/path/to/repo.git')
+
+      expect(filtered_content).to include("git://host.test/path/to/repo.git")
+    end
+
+    it 'does not modify scp-like URLs' do
+      filtered_content = sanitize_url('user@server:project.git')
+
+      expect(filtered_content).to include("user@server:project.git")
+    end
+  end
+
+  describe '#sanitized_url' do
+    it { expect(url_sanitizer.sanitized_url).to eq("https://github.com/me/project.git") }
+  end
+
+  describe '#credentials' do
+    it { expect(url_sanitizer.credentials).to eq(credentials) }
+  end
+
+  describe '#full_url' do
+    it { expect(url_sanitizer.full_url).to eq("https://blah:password@github.com/me/project.git") }
+
+    it 'supports scp-like URLs' do
+      sanitizer = described_class.new('user@server:project.git')
+
+      expect(sanitizer.full_url).to eq('user@server:project.git')
+    end
+  end
+
+end
diff --git a/spec/lib/json_web_token/rsa_token_spec.rb b/spec/lib/json_web_token/rsa_token_spec.rb
new file mode 100644
index 00000000000..0c3d3ea7019
--- /dev/null
+++ b/spec/lib/json_web_token/rsa_token_spec.rb
@@ -0,0 +1,43 @@
+describe JSONWebToken::RSAToken do
+  let(:rsa_key) do
+    OpenSSL::PKey::RSA.new <<-eos.strip_heredoc
+      -----BEGIN RSA PRIVATE KEY-----
+      MIIBOgIBAAJBAMA5sXIBE0HwgIB40iNidN4PGWzOyLQK0bsdOBNgpEXkDlZBvnak
+      OUgAPF+rME4PB0Yl415DabUI40T5UNmlwxcCAwEAAQJAZtY2pSwIFm3JAXIh0cZZ
+      iXcAfiJ+YzuqinUOS+eW2sBCAEzjcARlU/o6sFQgtsOi4FOMczAd1Yx8UDMXMmrw
+      2QIhAPBgVhJiTF09pdmeFWutCvTJDlFFAQNbrbo2X2x/9WF9AiEAzLgqMKeStSRu
+      H9N16TuDrUoO8R+DPqriCwkKrSHaWyMCIFzMhE4inuKcSywBaLmiG4m3GQzs++Al
+      A6PRG/PSTpQtAiBxtBg6zdf+JC3GH3zt/dA0/10tL4OF2wORfYQghRzyYQIhAL2l
+      0ZQW+yLIZAGrdBFWYEAa52GZosncmzBNlsoTgwE4
+      -----END RSA PRIVATE KEY-----
+    eos
+  end
+  let(:rsa_token) { described_class.new(nil) }
+  let(:rsa_encoded) { rsa_token.encoded }
+
+  before { allow_any_instance_of(described_class).to receive(:key).and_return(rsa_key) }
+
+  context 'token' do
+    context 'for valid key to be validated' do
+      before { rsa_token['key'] = 'value' }
+
+      subject { JWT.decode(rsa_encoded, rsa_key) }
+
+      it { expect{subject}.to_not raise_error }
+      it { expect(subject.first).to include('key' => 'value') }
+      it do
+        expect(subject.second).to eq(
+          "typ" => "JWT",
+          "alg" => "RS256",
+          "kid" => "OGXY:4TR7:FAVO:WEM2:XXEW:E4FP:TKL7:7ACK:TZAF:D54P:SUIA:P3B2")
+      end
+    end
+
+    context 'for invalid key to raise an exception' do
+      let(:new_key) { OpenSSL::PKey::RSA.generate(512) }
+      subject { JWT.decode(rsa_encoded, new_key) }
+
+      it { expect{subject}.to raise_error(JWT::DecodeError) }
+    end
+  end
+end
diff --git a/spec/lib/json_web_token/token_spec.rb b/spec/lib/json_web_token/token_spec.rb
new file mode 100644
index 00000000000..3d955e4d774
--- /dev/null
+++ b/spec/lib/json_web_token/token_spec.rb
@@ -0,0 +1,18 @@
+describe JSONWebToken::Token do
+  let(:token) { described_class.new }
+
+  context 'custom parameters' do
+    let(:value) { 'value' }
+    before { token[:key] = value }
+
+    it { expect(token[:key]).to eq(value) }
+    it { expect(token.payload).to include(key: value) }
+  end
+
+  context 'embeds default payload' do
+    subject { token.payload }
+    let(:default) { token.send(:default_payload) }
+
+    it { is_expected.to include(default) }
+  end
+end
diff --git a/spec/mailers/notify_spec.rb b/spec/mailers/notify_spec.rb
index 495c5cbac00..5f7e4a526e6 100644
--- a/spec/mailers/notify_spec.rb
+++ b/spec/mailers/notify_spec.rb
@@ -593,7 +593,7 @@ describe Notify do
     let(:user) { create(:user) }
     let(:tree_path) { namespace_project_tree_path(project.namespace, project, "master") }
 
-    subject { Notify.repository_push_email(project.id, 'devs@company.name', author_id: user.id, ref: 'refs/heads/master', action: :create) }
+    subject { Notify.repository_push_email(project.id, author_id: user.id, ref: 'refs/heads/master', action: :create) }
 
     it_behaves_like 'it should not have Gmail Actions links'
     it_behaves_like "a user cannot unsubscribe through footer link"
@@ -606,10 +606,6 @@ describe Notify do
       expect(sender.address).to eq(gitlab_sender)
     end
 
-    it 'is sent to recipient' do
-      is_expected.to deliver_to 'devs@company.name'
-    end
-
     it 'has the correct subject' do
       is_expected.to have_subject /Pushed new branch master/
     end
@@ -624,7 +620,7 @@ describe Notify do
     let(:user) { create(:user) }
     let(:tree_path) { namespace_project_tree_path(project.namespace, project, "v1.0") }
 
-    subject { Notify.repository_push_email(project.id, 'devs@company.name', author_id: user.id, ref: 'refs/tags/v1.0', action: :create) }
+    subject { Notify.repository_push_email(project.id, author_id: user.id, ref: 'refs/tags/v1.0', action: :create) }
 
     it_behaves_like 'it should not have Gmail Actions links'
     it_behaves_like "a user cannot unsubscribe through footer link"
@@ -637,10 +633,6 @@ describe Notify do
       expect(sender.address).to eq(gitlab_sender)
     end
 
-    it 'is sent to recipient' do
-      is_expected.to deliver_to 'devs@company.name'
-    end
-
     it 'has the correct subject' do
       is_expected.to have_subject /Pushed new tag v1\.0/
     end
@@ -654,7 +646,7 @@ describe Notify do
     let(:example_site_path) { root_path }
     let(:user) { create(:user) }
 
-    subject { Notify.repository_push_email(project.id, 'devs@company.name', author_id: user.id, ref: 'refs/heads/master', action: :delete) }
+    subject { Notify.repository_push_email(project.id, author_id: user.id, ref: 'refs/heads/master', action: :delete) }
 
     it_behaves_like 'it should not have Gmail Actions links'
     it_behaves_like "a user cannot unsubscribe through footer link"
@@ -667,10 +659,6 @@ describe Notify do
       expect(sender.address).to eq(gitlab_sender)
     end
 
-    it 'is sent to recipient' do
-      is_expected.to deliver_to 'devs@company.name'
-    end
-
     it 'has the correct subject' do
       is_expected.to have_subject /Deleted branch master/
     end
@@ -680,7 +668,7 @@ describe Notify do
     let(:example_site_path) { root_path }
     let(:user) { create(:user) }
 
-    subject { Notify.repository_push_email(project.id, 'devs@company.name', author_id: user.id, ref: 'refs/tags/v1.0', action: :delete) }
+    subject { Notify.repository_push_email(project.id, author_id: user.id, ref: 'refs/tags/v1.0', action: :delete) }
 
     it_behaves_like 'it should not have Gmail Actions links'
     it_behaves_like "a user cannot unsubscribe through footer link"
@@ -693,10 +681,6 @@ describe Notify do
       expect(sender.address).to eq(gitlab_sender)
     end
 
-    it 'is sent to recipient' do
-      is_expected.to deliver_to 'devs@company.name'
-    end
-
     it 'has the correct subject' do
       is_expected.to have_subject /Deleted tag v1\.0/
     end
@@ -710,7 +694,7 @@ describe Notify do
     let(:diff_path) { namespace_project_compare_path(project.namespace, project, from: Commit.new(compare.base, project), to: Commit.new(compare.head, project)) }
     let(:send_from_committer_email) { false }
 
-    subject { Notify.repository_push_email(project.id, 'devs@company.name', author_id: user.id, ref: 'refs/heads/master', action: :push, compare: compare, reverse_compare: false, send_from_committer_email: send_from_committer_email) }
+    subject { Notify.repository_push_email(project.id, author_id: user.id, ref: 'refs/heads/master', action: :push, compare: compare, reverse_compare: false, send_from_committer_email: send_from_committer_email) }
 
     it_behaves_like 'it should not have Gmail Actions links'
     it_behaves_like "a user cannot unsubscribe through footer link"
@@ -723,10 +707,6 @@ describe Notify do
       expect(sender.address).to eq(gitlab_sender)
     end
 
-    it 'is sent to recipient' do
-      is_expected.to deliver_to 'devs@company.name'
-    end
-
     it 'has the correct subject' do
       is_expected.to have_subject /\[#{project.path_with_namespace}\]\[master\] #{commits.length} commits:/
     end
@@ -818,7 +798,7 @@ describe Notify do
     let(:commits) { Commit.decorate(compare.commits, nil) }
     let(:diff_path) { namespace_project_commit_path(project.namespace, project, commits.first) }
 
-    subject { Notify.repository_push_email(project.id, 'devs@company.name', author_id: user.id, ref: 'refs/heads/master', action: :push, compare: compare) }
+    subject { Notify.repository_push_email(project.id, author_id: user.id, ref: 'refs/heads/master', action: :push, compare: compare) }
 
     it_behaves_like 'it should show Gmail Actions View Commit link'
     it_behaves_like "a user cannot unsubscribe through footer link"
@@ -831,10 +811,6 @@ describe Notify do
       expect(sender.address).to eq(gitlab_sender)
     end
 
-    it 'is sent to recipient' do
-      is_expected.to deliver_to 'devs@company.name'
-    end
-
     it 'has the correct subject' do
       is_expected.to have_subject /#{commits.first.title}/
     end
diff --git a/spec/models/abuse_report_spec.rb b/spec/models/abuse_report_spec.rb
index ac12ab6c757..305f8bc88cc 100644
--- a/spec/models/abuse_report_spec.rb
+++ b/spec/models/abuse_report_spec.rb
@@ -1,15 +1,3 @@
-# == Schema Information
-#
-# Table name: abuse_reports
-#
-#  id          :integer          not null, primary key
-#  reporter_id :integer
-#  user_id     :integer
-#  message     :text
-#  created_at  :datetime
-#  updated_at  :datetime
-#
-
 require 'rails_helper'
 
 RSpec.describe AbuseReport, type: :model do
diff --git a/spec/models/application_setting_spec.rb b/spec/models/application_setting_spec.rb
index 520cf1b75de..d84f3e998f5 100644
--- a/spec/models/application_setting_spec.rb
+++ b/spec/models/application_setting_spec.rb
@@ -1,49 +1,3 @@
-# == Schema Information
-#
-# Table name: application_settings
-#
-#  id                                :integer          not null, primary key
-#  default_projects_limit            :integer
-#  signup_enabled                    :boolean
-#  signin_enabled                    :boolean
-#  gravatar_enabled                  :boolean
-#  sign_in_text                      :text
-#  created_at                        :datetime
-#  updated_at                        :datetime
-#  home_page_url                     :string(255)
-#  default_branch_protection         :integer          default(2)
-#  restricted_visibility_levels      :text
-#  version_check_enabled             :boolean          default(TRUE)
-#  max_attachment_size               :integer          default(10), not null
-#  default_project_visibility        :integer
-#  default_snippet_visibility        :integer
-#  restricted_signup_domains         :text
-#  user_oauth_applications           :boolean          default(TRUE)
-#  after_sign_out_path               :string(255)
-#  session_expire_delay              :integer          default(10080), not null
-#  import_sources                    :text
-#  help_page_text                    :text
-#  admin_notification_email          :string(255)
-#  shared_runners_enabled            :boolean          default(TRUE), not null
-#  max_artifacts_size                :integer          default(100), not null
-#  runners_registration_token        :string
-#  require_two_factor_authentication :boolean          default(FALSE)
-#  two_factor_grace_period           :integer          default(48)
-#  metrics_enabled                   :boolean          default(FALSE)
-#  metrics_host                      :string           default("localhost")
-#  metrics_username                  :string
-#  metrics_password                  :string
-#  metrics_pool_size                 :integer          default(16)
-#  metrics_timeout                   :integer          default(10)
-#  metrics_method_call_threshold     :integer          default(10)
-#  recaptcha_enabled                 :boolean          default(FALSE)
-#  recaptcha_site_key                :string
-#  recaptcha_private_key             :string
-#  metrics_port                      :integer          default(8089)
-#  sentry_enabled                    :boolean          default(FALSE)
-#  sentry_dsn                        :string
-#
-
 require 'spec_helper'
 
 describe ApplicationSetting, models: true do
@@ -66,6 +20,15 @@ describe ApplicationSetting, models: true do
     it { is_expected.to allow_value(https).for(:after_sign_out_path) }
     it { is_expected.not_to allow_value(ftp).for(:after_sign_out_path) }
 
+    describe 'disabled_oauth_sign_in_sources validations' do
+      before do
+        allow(Devise).to receive(:omniauth_providers).and_return([:github])
+      end
+
+      it { is_expected.to allow_value(['github']).for(:disabled_oauth_sign_in_sources) }
+      it { is_expected.not_to allow_value(['test']).for(:disabled_oauth_sign_in_sources) }
+    end
+
     it { is_expected.to validate_presence_of(:max_attachment_size) }
 
     it do
diff --git a/spec/models/broadcast_message_spec.rb b/spec/models/broadcast_message_spec.rb
index f6f84db57e6..6ad8bfef4f2 100644
--- a/spec/models/broadcast_message_spec.rb
+++ b/spec/models/broadcast_message_spec.rb
@@ -1,17 +1,3 @@
-# == Schema Information
-#
-# Table name: broadcast_messages
-#
-#  id         :integer          not null, primary key
-#  message    :text             not null
-#  starts_at  :datetime
-#  ends_at    :datetime
-#  created_at :datetime
-#  updated_at :datetime
-#  color      :string(255)
-#  font       :string(255)
-#
-
 require 'spec_helper'
 
 describe BroadcastMessage, models: true do
diff --git a/spec/models/ci/commit_spec.rb b/spec/models/ci/commit_spec.rb
index 82c18aaa01a..dc071ad1c90 100644
--- a/spec/models/ci/commit_spec.rb
+++ b/spec/models/ci/commit_spec.rb
@@ -1,21 +1,3 @@
-# == Schema Information
-#
-# Table name: ci_commits
-#
-#  id            :integer          not null, primary key
-#  project_id    :integer
-#  ref           :string(255)
-#  sha           :string(255)
-#  before_sha    :string(255)
-#  push_data     :text
-#  created_at    :datetime
-#  updated_at    :datetime
-#  tag           :boolean          default(FALSE)
-#  yaml_errors   :text
-#  committed_at  :datetime
-#  gl_project_id :integer
-#
-
 require 'spec_helper'
 
 describe Ci::Commit, models: true do
@@ -158,97 +140,123 @@ describe Ci::Commit, models: true do
         stub_ci_commit_yaml_file(YAML.dump(yaml))
       end
 
-      it 'properly creates builds' do
-        expect(create_builds).to be_truthy
-        expect(commit.builds.pluck(:name)).to contain_exactly('build')
-        expect(commit.builds.pluck(:status)).to contain_exactly('pending')
-        commit.builds.running_or_pending.each(&:success)
+      context 'when builds are successful' do
+        it 'properly creates builds' do
+          expect(create_builds).to be_truthy
+          expect(commit.builds.pluck(:name)).to contain_exactly('build')
+          expect(commit.builds.pluck(:status)).to contain_exactly('pending')
+          commit.builds.running_or_pending.each(&:success)
 
-        expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test')
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'pending')
-        commit.builds.running_or_pending.each(&:success)
+          expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'pending')
+          commit.builds.running_or_pending.each(&:success)
 
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'success', 'pending')
-        expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'deploy')
-        commit.builds.running_or_pending.each(&:success)
+          expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'deploy')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'success', 'pending')
+          commit.builds.running_or_pending.each(&:success)
 
-        expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'deploy', 'cleanup')
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'success', 'success', 'pending')
-        commit.builds.running_or_pending.each(&:success)
+          expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'deploy', 'cleanup')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'success', 'success', 'pending')
+          commit.builds.running_or_pending.each(&:success)
 
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'success', 'success', 'success')
-        commit.reload
-        expect(commit.status).to eq('success')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'success', 'success', 'success')
+          commit.reload
+          expect(commit.status).to eq('success')
+        end
       end
 
-      it 'properly creates builds when test fails' do
-        expect(create_builds).to be_truthy
-        expect(commit.builds.pluck(:name)).to contain_exactly('build')
-        expect(commit.builds.pluck(:status)).to contain_exactly('pending')
-        commit.builds.running_or_pending.each(&:success)
+      context 'when test job fails' do
+        it 'properly creates builds' do
+          expect(create_builds).to be_truthy
+          expect(commit.builds.pluck(:name)).to contain_exactly('build')
+          expect(commit.builds.pluck(:status)).to contain_exactly('pending')
+          commit.builds.running_or_pending.each(&:success)
 
-        expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test')
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'pending')
-        commit.builds.running_or_pending.each(&:drop)
+          expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'pending')
+          commit.builds.running_or_pending.each(&:drop)
 
-        expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'test_failure')
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'failed', 'pending')
-        commit.builds.running_or_pending.each(&:success)
+          expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'test_failure')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'failed', 'pending')
+          commit.builds.running_or_pending.each(&:success)
 
-        expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'test_failure', 'cleanup')
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'failed', 'success', 'pending')
-        commit.builds.running_or_pending.each(&:success)
+          expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'test_failure', 'cleanup')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'failed', 'success', 'pending')
+          commit.builds.running_or_pending.each(&:success)
 
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'failed', 'success', 'success')
-        commit.reload
-        expect(commit.status).to eq('failed')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'failed', 'success', 'success')
+          commit.reload
+          expect(commit.status).to eq('failed')
+        end
       end
 
-      it 'properly creates builds when test and test_failure fails' do
-        expect(create_builds).to be_truthy
-        expect(commit.builds.pluck(:name)).to contain_exactly('build')
-        expect(commit.builds.pluck(:status)).to contain_exactly('pending')
-        commit.builds.running_or_pending.each(&:success)
+      context 'when test and test_failure jobs fail' do
+        it 'properly creates builds' do
+          expect(create_builds).to be_truthy
+          expect(commit.builds.pluck(:name)).to contain_exactly('build')
+          expect(commit.builds.pluck(:status)).to contain_exactly('pending')
+          commit.builds.running_or_pending.each(&:success)
+
+          expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'pending')
+          commit.builds.running_or_pending.each(&:drop)
+
+          expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'test_failure')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'failed', 'pending')
+          commit.builds.running_or_pending.each(&:drop)
+
+          expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'test_failure', 'cleanup')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'failed', 'failed', 'pending')
+          commit.builds.running_or_pending.each(&:success)
+
+          expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'test_failure', 'cleanup')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'failed', 'failed', 'success')
+          commit.reload
+          expect(commit.status).to eq('failed')
+        end
+      end
 
-        expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test')
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'pending')
-        commit.builds.running_or_pending.each(&:drop)
+      context 'when deploy job fails' do
+        it 'properly creates builds' do
+          expect(create_builds).to be_truthy
+          expect(commit.builds.pluck(:name)).to contain_exactly('build')
+          expect(commit.builds.pluck(:status)).to contain_exactly('pending')
+          commit.builds.running_or_pending.each(&:success)
 
-        expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'test_failure')
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'failed', 'pending')
-        commit.builds.running_or_pending.each(&:drop)
+          expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'pending')
+          commit.builds.running_or_pending.each(&:success)
 
-        expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'test_failure', 'cleanup')
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'failed', 'failed', 'pending')
-        commit.builds.running_or_pending.each(&:success)
+          expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'deploy')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'success', 'pending')
+          commit.builds.running_or_pending.each(&:drop)
 
-        expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'test_failure', 'cleanup')
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'failed', 'failed', 'success')
-        commit.reload
-        expect(commit.status).to eq('failed')
-      end
+          expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'deploy', 'cleanup')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'success', 'failed', 'pending')
+          commit.builds.running_or_pending.each(&:success)
 
-      it 'properly creates builds when deploy fails' do
-        expect(create_builds).to be_truthy
-        expect(commit.builds.pluck(:name)).to contain_exactly('build')
-        expect(commit.builds.pluck(:status)).to contain_exactly('pending')
-        commit.builds.running_or_pending.each(&:success)
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'success', 'failed', 'success')
+          commit.reload
+          expect(commit.status).to eq('failed')
+        end
+      end
 
-        expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test')
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'pending')
-        commit.builds.running_or_pending.each(&:success)
+      context 'when build is canceled in the second stage' do
+        it 'does not schedule builds after build has been canceled' do
+          expect(create_builds).to be_truthy
+          expect(commit.builds.pluck(:name)).to contain_exactly('build')
+          expect(commit.builds.pluck(:status)).to contain_exactly('pending')
+          commit.builds.running_or_pending.each(&:success)
 
-        expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'deploy')
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'success', 'pending')
-        commit.builds.running_or_pending.each(&:drop)
+          expect(commit.builds.running_or_pending).to_not be_empty
 
-        expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test', 'deploy', 'cleanup')
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'success', 'failed', 'pending')
-        commit.builds.running_or_pending.each(&:success)
+          expect(commit.builds.pluck(:name)).to contain_exactly('build', 'test')
+          expect(commit.builds.pluck(:status)).to contain_exactly('success', 'pending')
+          commit.builds.running_or_pending.each(&:cancel)
 
-        expect(commit.builds.pluck(:status)).to contain_exactly('success', 'success', 'failed', 'success')
-        commit.reload
-        expect(commit.status).to eq('failed')
+          expect(commit.builds.running_or_pending).to be_empty
+          expect(commit.reload.status).to eq('canceled')
+        end
       end
     end
   end
diff --git a/spec/models/ci/runner_project_spec.rb b/spec/models/ci/runner_project_spec.rb
index 000a732db77..95fc160b238 100644
--- a/spec/models/ci/runner_project_spec.rb
+++ b/spec/models/ci/runner_project_spec.rb
@@ -1,15 +1,3 @@
-# == Schema Information
-#
-# Table name: ci_runner_projects
-#
-#  id            :integer          not null, primary key
-#  runner_id     :integer          not null
-#  project_id    :integer
-#  created_at    :datetime
-#  updated_at    :datetime
-#  gl_project_id :integer
-#
-
 require 'spec_helper'
 
 describe Ci::RunnerProject, models: true do
diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb
index 25e9e5eca48..eaa94228922 100644
--- a/spec/models/ci/runner_spec.rb
+++ b/spec/models/ci/runner_spec.rb
@@ -1,22 +1,3 @@
-# == Schema Information
-#
-# Table name: ci_runners
-#
-#  id           :integer          not null, primary key
-#  token        :string(255)
-#  created_at   :datetime
-#  updated_at   :datetime
-#  description  :string(255)
-#  contacted_at :datetime
-#  active       :boolean          default(TRUE), not null
-#  is_shared    :boolean          default(FALSE)
-#  name         :string(255)
-#  version      :string(255)
-#  revision     :string(255)
-#  platform     :string(255)
-#  architecture :string(255)
-#
-
 require 'spec_helper'
 
 describe Ci::Runner, models: true do
diff --git a/spec/models/ci/trigger_spec.rb b/spec/models/ci/trigger_spec.rb
index 159be939300..474b0b1621d 100644
--- a/spec/models/ci/trigger_spec.rb
+++ b/spec/models/ci/trigger_spec.rb
@@ -1,16 +1,3 @@
-# == Schema Information
-#
-# Table name: ci_triggers
-#
-#  id            :integer          not null, primary key
-#  token         :string(255)
-#  project_id    :integer
-#  deleted_at    :datetime
-#  created_at    :datetime
-#  updated_at    :datetime
-#  gl_project_id :integer
-#
-
 require 'spec_helper'
 
 describe Ci::Trigger, models: true do
diff --git a/spec/models/ci/variable_spec.rb b/spec/models/ci/variable_spec.rb
index 71e84091cb7..c712d211b0f 100644
--- a/spec/models/ci/variable_spec.rb
+++ b/spec/models/ci/variable_spec.rb
@@ -1,17 +1,3 @@
-# == Schema Information
-#
-# Table name: ci_variables
-#
-#  id                   :integer          not null, primary key
-#  project_id           :integer
-#  key                  :string(255)
-#  value                :text
-#  encrypted_value      :text
-#  encrypted_value_salt :string(255)
-#  encrypted_value_iv   :string(255)
-#  gl_project_id        :integer
-#
-
 require 'spec_helper'
 
 describe Ci::Variable, models: true do
diff --git a/spec/models/commit_spec.rb b/spec/models/commit_spec.rb
index ad47e338a33..ccb100cd96f 100644
--- a/spec/models/commit_spec.rb
+++ b/spec/models/commit_spec.rb
@@ -56,7 +56,7 @@ describe Commit, models: true do
     end
 
     it "does not truncates a message with a newline after 80 but less 100 characters" do
-      message =<<eos
+      message = <<eos
 Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec sodales id felis id blandit.
 Vivamus egestas lacinia lacus, sed rutrum mauris.
 eos
diff --git a/spec/models/commit_status_spec.rb b/spec/models/commit_status_spec.rb
index 971e6750375..434e58cfd06 100644
--- a/spec/models/commit_status_spec.rb
+++ b/spec/models/commit_status_spec.rb
@@ -1,37 +1,3 @@
-# == Schema Information
-#
-# Table name: ci_builds
-#
-#  id                 :integer          not null, primary key
-#  project_id         :integer
-#  status             :string(255)
-#  finished_at        :datetime
-#  trace              :text
-#  created_at         :datetime
-#  updated_at         :datetime
-#  started_at         :datetime
-#  runner_id          :integer
-#  coverage           :float
-#  commit_id          :integer
-#  commands           :text
-#  job_id             :integer
-#  name               :string(255)
-#  deploy             :boolean          default(FALSE)
-#  options            :text
-#  allow_failure      :boolean          default(FALSE), not null
-#  stage              :string(255)
-#  trigger_request_id :integer
-#  stage_idx          :integer
-#  tag                :boolean
-#  ref                :string(255)
-#  user_id            :integer
-#  type               :string(255)
-#  target_url         :string(255)
-#  description        :string(255)
-#  artifacts_file     :text
-#  gl_project_id      :integer
-#
-
 require 'spec_helper'
 
 describe CommitStatus, models: true do
diff --git a/spec/models/concerns/statuseable_spec.rb b/spec/models/concerns/statuseable_spec.rb
index dacbd3034c0..8e0a2a2cbde 100644
--- a/spec/models/concerns/statuseable_spec.rb
+++ b/spec/models/concerns/statuseable_spec.rb
@@ -61,9 +61,35 @@ describe Statuseable do
         let(:statuses) do
           [create(type, status: :success), create(type, status: :canceled)]
         end
+
+        it { is_expected.to eq 'canceled' }
+      end
+
+      context 'one failed and one canceled' do
+        let(:statuses) do
+          [create(type, status: :failed), create(type, status: :canceled)]
+        end
+
         it { is_expected.to eq 'failed' }
       end
 
+      context 'one failed but allowed to fail and one canceled' do
+        let(:statuses) do
+          [create(type, status: :failed, allow_failure: true),
+           create(type, status: :canceled)]
+        end
+
+        it { is_expected.to eq 'canceled' }
+      end
+
+      context 'one running one canceled' do
+        let(:statuses) do
+          [create(type, status: :running), create(type, status: :canceled)]
+        end
+
+        it { is_expected.to eq 'running' }
+      end
+
       context 'all canceled' do
         let(:statuses) do
           [create(type, status: :canceled), create(type, status: :canceled)]
diff --git a/spec/models/concerns/subscribable_spec.rb b/spec/models/concerns/subscribable_spec.rb
index e31fdb0bffb..b7fc5a92497 100644
--- a/spec/models/concerns/subscribable_spec.rb
+++ b/spec/models/concerns/subscribable_spec.rb
@@ -44,6 +44,16 @@ describe Subscribable, 'Subscribable' do
     end
   end
 
+  describe '#subscribe' do
+    it 'subscribes the given user' do
+      expect(resource.subscribed?(user)).to be_falsey
+
+      resource.subscribe(user)
+
+      expect(resource.subscribed?(user)).to be_truthy
+    end
+  end
+
   describe '#unsubscribe' do
     it 'unsubscribes the given current user' do
       resource.subscriptions.create(user: user, subscribed: true)
diff --git a/spec/models/deploy_key_spec.rb b/spec/models/deploy_key_spec.rb
index 64ba778afea..6a90598a629 100644
--- a/spec/models/deploy_key_spec.rb
+++ b/spec/models/deploy_key_spec.rb
@@ -1,18 +1,3 @@
-# == Schema Information
-#
-# Table name: keys
-#
-#  id          :integer          not null, primary key
-#  user_id     :integer
-#  created_at  :datetime
-#  updated_at  :datetime
-#  key         :text
-#  title       :string(255)
-#  type        :string(255)
-#  fingerprint :string(255)
-#  public      :boolean          default(FALSE), not null
-#
-
 require 'spec_helper'
 
 describe DeployKey, models: true do
diff --git a/spec/models/deploy_keys_project_spec.rb b/spec/models/deploy_keys_project_spec.rb
index 8aedbfb8636..8a1e337c1a3 100644
--- a/spec/models/deploy_keys_project_spec.rb
+++ b/spec/models/deploy_keys_project_spec.rb
@@ -1,14 +1,3 @@
-# == Schema Information
-#
-# Table name: deploy_keys_projects
-#
-#  id            :integer          not null, primary key
-#  deploy_key_id :integer          not null
-#  project_id    :integer          not null
-#  created_at    :datetime
-#  updated_at    :datetime
-#
-
 require 'spec_helper'
 
 describe DeployKeysProject, models: true do
diff --git a/spec/models/email_spec.rb b/spec/models/email_spec.rb
index a20a6149649..5d0bd31db5a 100644
--- a/spec/models/email_spec.rb
+++ b/spec/models/email_spec.rb
@@ -1,14 +1,3 @@
-# == Schema Information
-#
-# Table name: emails
-#
-#  id         :integer          not null, primary key
-#  user_id    :integer          not null
-#  email      :string(255)      not null
-#  created_at :datetime
-#  updated_at :datetime
-#
-
 require 'spec_helper'
 
 describe Email, models: true do
diff --git a/spec/models/event_spec.rb b/spec/models/event_spec.rb
index 89909c2bcd7..b0e76fec693 100644
--- a/spec/models/event_spec.rb
+++ b/spec/models/event_spec.rb
@@ -1,19 +1,3 @@
-# == Schema Information
-#
-# Table name: events
-#
-#  id          :integer          not null, primary key
-#  target_type :string(255)
-#  target_id   :integer
-#  title       :string(255)
-#  data        :text
-#  project_id  :integer
-#  created_at  :datetime
-#  updated_at  :datetime
-#  action      :integer
-#  author_id   :integer
-#
-
 require 'spec_helper'
 
 describe Event, models: true do
@@ -30,32 +14,29 @@ describe Event, models: true do
     it { is_expected.to respond_to(:commits) }
   end
 
+  describe 'Callbacks' do
+    describe 'after_create :reset_project_activity' do
+      let(:project) { create(:project) }
+
+      context "project's last activity was less than 5 minutes ago" do
+        it 'does not update project.last_activity_at if it has been touched less than 5 minutes ago' do
+          create_event(project, project.owner)
+          project.update_column(:last_activity_at, 5.minutes.ago)
+          project_last_activity_at = project.last_activity_at
+
+          create_event(project, project.owner)
+
+          expect(project.last_activity_at).to eq(project_last_activity_at)
+        end
+      end
+    end
+  end
+
   describe "Push event" do
     before do
       project = create(:project)
       @user = project.owner
-
-      data = {
-        before: Gitlab::Git::BLANK_SHA,
-        after: "0220c11b9a3e6c69dc8fd35321254ca9a7b98f7e",
-        ref: "refs/heads/master",
-        user_id: @user.id,
-        user_name: @user.name,
-        repository: {
-          name: project.name,
-          url: "localhost/rubinius",
-          description: "",
-          homepage: "localhost/rubinius",
-          private: true
-        }
-      }
-
-      @event = Event.create(
-        project: project,
-        action: Event::PUSHED,
-        data: data,
-        author_id: @user.id
-      )
+      @event = create_event(project, @user)
     end
 
     it { expect(@event.push?).to be_truthy }
@@ -143,4 +124,28 @@ describe Event, models: true do
       it { is_expected.to eq([event2]) }
     end
   end
+
+  def create_event(project, user, attrs = {})
+    data = {
+      before: Gitlab::Git::BLANK_SHA,
+      after: "0220c11b9a3e6c69dc8fd35321254ca9a7b98f7e",
+      ref: "refs/heads/master",
+      user_id: user.id,
+      user_name: user.name,
+      repository: {
+        name: project.name,
+        url: "localhost/rubinius",
+        description: "",
+        homepage: "localhost/rubinius",
+        private: true
+      }
+    }
+
+    Event.create({
+      project: project,
+      action: Event::PUSHED,
+      data: data,
+      author_id: user.id
+    }.merge(attrs))
+  end
 end
diff --git a/spec/models/forked_project_link_spec.rb b/spec/models/forked_project_link_spec.rb
index d90fbfe1ea5..3b817608ce0 100644
--- a/spec/models/forked_project_link_spec.rb
+++ b/spec/models/forked_project_link_spec.rb
@@ -1,14 +1,3 @@
-# == Schema Information
-#
-# Table name: forked_project_links
-#
-#  id                     :integer          not null, primary key
-#  forked_to_project_id   :integer          not null
-#  forked_from_project_id :integer          not null
-#  created_at             :datetime
-#  updated_at             :datetime
-#
-
 require 'spec_helper'
 
 describe ForkedProjectLink, "add link on fork" do
diff --git a/spec/models/generic_commit_status_spec.rb b/spec/models/generic_commit_status_spec.rb
index 5b0883d8702..0caf5869c24 100644
--- a/spec/models/generic_commit_status_spec.rb
+++ b/spec/models/generic_commit_status_spec.rb
@@ -1,37 +1,3 @@
-# == Schema Information
-#
-# Table name: ci_builds
-#
-#  id                 :integer          not null, primary key
-#  project_id         :integer
-#  status             :string(255)
-#  finished_at        :datetime
-#  trace              :text
-#  created_at         :datetime
-#  updated_at         :datetime
-#  started_at         :datetime
-#  runner_id          :integer
-#  coverage           :float
-#  commit_id          :integer
-#  commands           :text
-#  job_id             :integer
-#  name               :string(255)
-#  deploy             :boolean          default(FALSE)
-#  options            :text
-#  allow_failure      :boolean          default(FALSE), not null
-#  stage              :string(255)
-#  trigger_request_id :integer
-#  stage_idx          :integer
-#  tag                :boolean
-#  ref                :string(255)
-#  user_id            :integer
-#  type               :string(255)
-#  target_url         :string(255)
-#  description        :string(255)
-#  artifacts_file     :text
-#  gl_project_id      :integer
-#
-
 require 'spec_helper'
 
 describe GenericCommitStatus, models: true do
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index 7bfca1e72c3..6fa16be7f04 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -1,18 +1,3 @@
-# == Schema Information
-#
-# Table name: namespaces
-#
-#  id          :integer          not null, primary key
-#  name        :string(255)      not null
-#  path        :string(255)      not null
-#  owner_id    :integer
-#  created_at  :datetime
-#  updated_at  :datetime
-#  type        :string(255)
-#  description :string(255)      default(""), not null
-#  avatar      :string(255)
-#
-
 require 'spec_helper'
 
 describe Group, models: true do
diff --git a/spec/models/hooks/service_hook_spec.rb b/spec/models/hooks/service_hook_spec.rb
index f800f415bd2..534e1b4f128 100644
--- a/spec/models/hooks/service_hook_spec.rb
+++ b/spec/models/hooks/service_hook_spec.rb
@@ -34,14 +34,14 @@ describe ServiceHook, models: true do
     it "POSTs to the webhook URL" do
       @service_hook.execute(@data)
       expect(WebMock).to have_requested(:post, @service_hook.url).with(
-        headers: { 'Content-Type'=>'application/json', 'X-Gitlab-Event'=>'Service Hook' }
+        headers: { 'Content-Type' => 'application/json', 'X-Gitlab-Event' => 'Service Hook' }
       ).once
     end
 
     it "POSTs the data as JSON" do
       @service_hook.execute(@data)
       expect(WebMock).to have_requested(:post, @service_hook.url).with(
-        headers: { 'Content-Type'=>'application/json', 'X-Gitlab-Event'=>'Service Hook' }
+        headers: { 'Content-Type' => 'application/json', 'X-Gitlab-Event' => 'Service Hook' }
       ).once
     end
 
diff --git a/spec/models/hooks/system_hook_spec.rb b/spec/models/hooks/system_hook_spec.rb
index 56a9fbe9720..4078b9e4ff5 100644
--- a/spec/models/hooks/system_hook_spec.rb
+++ b/spec/models/hooks/system_hook_spec.rb
@@ -33,7 +33,7 @@ describe SystemHook, models: true do
       Projects::CreateService.new(user, name: 'empty').execute
       expect(WebMock).to have_requested(:post, system_hook.url).with(
         body: /project_create/,
-        headers: { 'Content-Type'=>'application/json', 'X-Gitlab-Event'=>'System Hook' }
+        headers: { 'Content-Type' => 'application/json', 'X-Gitlab-Event' => 'System Hook' }
       ).once
     end
 
@@ -42,7 +42,7 @@ describe SystemHook, models: true do
 
       expect(WebMock).to have_requested(:post, system_hook.url).with(
         body: /project_destroy/,
-        headers: { 'Content-Type'=>'application/json', 'X-Gitlab-Event'=>'System Hook' }
+        headers: { 'Content-Type' => 'application/json', 'X-Gitlab-Event' => 'System Hook' }
       ).once
     end
 
@@ -51,7 +51,7 @@ describe SystemHook, models: true do
       
       expect(WebMock).to have_requested(:post, system_hook.url).with(
         body: /user_create/,
-        headers: { 'Content-Type'=>'application/json', 'X-Gitlab-Event'=>'System Hook' }
+        headers: { 'Content-Type' => 'application/json', 'X-Gitlab-Event' => 'System Hook' }
       ).once
     end
 
@@ -60,7 +60,7 @@ describe SystemHook, models: true do
 
       expect(WebMock).to have_requested(:post, system_hook.url).with(
         body: /user_destroy/,
-        headers: { 'Content-Type'=>'application/json', 'X-Gitlab-Event'=>'System Hook' }
+        headers: { 'Content-Type' => 'application/json', 'X-Gitlab-Event' => 'System Hook' }
       ).once
     end
 
@@ -69,7 +69,7 @@ describe SystemHook, models: true do
 
       expect(WebMock).to have_requested(:post, system_hook.url).with(
         body: /user_add_to_team/,
-        headers: { 'Content-Type'=>'application/json', 'X-Gitlab-Event'=>'System Hook' }
+        headers: { 'Content-Type' => 'application/json', 'X-Gitlab-Event' => 'System Hook' }
       ).once
     end
 
@@ -79,7 +79,7 @@ describe SystemHook, models: true do
 
       expect(WebMock).to have_requested(:post, system_hook.url).with(
         body: /user_remove_from_team/,
-        headers: { 'Content-Type'=>'application/json', 'X-Gitlab-Event'=>'System Hook' }
+        headers: { 'Content-Type' => 'application/json', 'X-Gitlab-Event' => 'System Hook' }
       ).once
     end
 
@@ -88,7 +88,7 @@ describe SystemHook, models: true do
 
       expect(WebMock).to have_requested(:post, system_hook.url).with(
         body: /group_create/,
-        headers: { 'Content-Type'=>'application/json', 'X-Gitlab-Event'=>'System Hook' }
+        headers: { 'Content-Type' => 'application/json', 'X-Gitlab-Event' => 'System Hook' }
       ).once
     end
 
@@ -97,7 +97,7 @@ describe SystemHook, models: true do
 
       expect(WebMock).to have_requested(:post, system_hook.url).with(
         body: /group_destroy/,
-        headers: { 'Content-Type'=>'application/json', 'X-Gitlab-Event'=>'System Hook' }
+        headers: { 'Content-Type' => 'application/json', 'X-Gitlab-Event' => 'System Hook' }
       ).once
     end
 
@@ -106,7 +106,7 @@ describe SystemHook, models: true do
 
       expect(WebMock).to have_requested(:post, system_hook.url).with(
         body: /user_add_to_group/,
-        headers: { 'Content-Type'=>'application/json', 'X-Gitlab-Event'=>'System Hook' }
+        headers: { 'Content-Type' => 'application/json', 'X-Gitlab-Event' => 'System Hook' }
       ).once
     end
 
@@ -116,7 +116,7 @@ describe SystemHook, models: true do
 
       expect(WebMock).to have_requested(:post, system_hook.url).with(
         body: /user_remove_from_group/,
-        headers: { 'Content-Type'=>'application/json', 'X-Gitlab-Event'=>'System Hook' }
+        headers: { 'Content-Type' => 'application/json', 'X-Gitlab-Event' => 'System Hook' }
       ).once
     end
   end
diff --git a/spec/models/hooks/web_hook_spec.rb b/spec/models/hooks/web_hook_spec.rb
index 04bc2dcfb16..f9bab487b96 100644
--- a/spec/models/hooks/web_hook_spec.rb
+++ b/spec/models/hooks/web_hook_spec.rb
@@ -43,51 +43,65 @@ describe WebHook, models: true do
   end
 
   describe "execute" do
+    let(:project) { create(:project) }
+    let(:project_hook) { create(:project_hook) }
+
     before(:each) do
-      @project_hook = create(:project_hook)
-      @project = create(:project)
-      @project.hooks << [@project_hook]
+      project.hooks << [project_hook]
       @data = { before: 'oldrev', after: 'newrev', ref: 'ref' }
 
-      WebMock.stub_request(:post, @project_hook.url)
+      WebMock.stub_request(:post, project_hook.url)
+    end
+
+    context 'when token is defined' do
+      let(:project_hook) { create(:project_hook, :token) }
+
+      it 'POSTs to the webhook URL' do
+        project_hook.execute(@data, 'push_hooks')
+        expect(WebMock).to have_requested(:post, project_hook.url).with(
+          headers: { 'Content-Type' => 'application/json',
+                     'X-Gitlab-Event' => 'Push Hook',
+                     'X-Gitlab-Token' => project_hook.token }
+        ).once
+      end
     end
 
     it "POSTs to the webhook URL" do
-      @project_hook.execute(@data, 'push_hooks')
-      expect(WebMock).to have_requested(:post, @project_hook.url).with(
-        headers: { 'Content-Type'=>'application/json', 'X-Gitlab-Event'=>'Push Hook' }
+      project_hook.execute(@data, 'push_hooks')
+      expect(WebMock).to have_requested(:post, project_hook.url).with(
+        headers: { 'Content-Type' => 'application/json', 'X-Gitlab-Event' => 'Push Hook' }
       ).once
     end
 
     it "POSTs the data as JSON" do
-      @project_hook.execute(@data, 'push_hooks')
-      expect(WebMock).to have_requested(:post, @project_hook.url).with(
-        headers: { 'Content-Type'=>'application/json', 'X-Gitlab-Event'=>'Push Hook' }
+      project_hook.execute(@data, 'push_hooks')
+      expect(WebMock).to have_requested(:post, project_hook.url).with(
+        headers: { 'Content-Type' => 'application/json', 'X-Gitlab-Event' => 'Push Hook' }
       ).once
     end
 
     it "catches exceptions" do
       expect(WebHook).to receive(:post).and_raise("Some HTTP Post error")
 
-      expect { @project_hook.execute(@data, 'push_hooks') }.to raise_error(RuntimeError)
+      expect { project_hook.execute(@data, 'push_hooks') }.to raise_error(RuntimeError)
     end
 
     it "handles SSL exceptions" do
       expect(WebHook).to receive(:post).and_raise(OpenSSL::SSL::SSLError.new('SSL error'))
 
-      expect(@project_hook.execute(@data, 'push_hooks')).to eq([false, 'SSL error'])
+      expect(project_hook.execute(@data, 'push_hooks')).to eq([false, 'SSL error'])
     end
 
     it "handles 200 status code" do
-      WebMock.stub_request(:post, @project_hook.url).to_return(status: 200, body: "Success")
+      WebMock.stub_request(:post, project_hook.url).to_return(status: 200, body: "Success")
 
-      expect(@project_hook.execute(@data, 'push_hooks')).to eq([true, 'Success'])
+      expect(project_hook.execute(@data, 'push_hooks')).to eq([200, 'Success'])
     end
 
     it "handles 2xx status codes" do
-      WebMock.stub_request(:post, @project_hook.url).to_return(status: 201, body: "Success")
+      WebMock.stub_request(:post, project_hook.url).to_return(status: 201, body: "Success")
 
-      expect(@project_hook.execute(@data, 'push_hooks')).to eq([true, 'Success'])
+      expect(project_hook.execute(@data, 'push_hooks')).to eq([201, 'Success'])
     end
   end
 end
diff --git a/spec/models/identity_spec.rb b/spec/models/identity_spec.rb
index 5afe042e154..1b987588f59 100644
--- a/spec/models/identity_spec.rb
+++ b/spec/models/identity_spec.rb
@@ -1,15 +1,3 @@
-# == Schema Information
-#
-# Table name: identities
-#
-#  id         :integer          not null, primary key
-#  extern_uid :string(255)
-#  provider   :string(255)
-#  user_id    :integer
-#  created_at :datetime
-#  updated_at :datetime
-#
-
 require 'spec_helper'
 
 RSpec.describe Identity, models: true do
diff --git a/spec/models/issue_spec.rb b/spec/models/issue_spec.rb
index 060e6599104..8ab00c70f9d 100644
--- a/spec/models/issue_spec.rb
+++ b/spec/models/issue_spec.rb
@@ -1,23 +1,3 @@
-# == Schema Information
-#
-# Table name: issues
-#
-#  id            :integer          not null, primary key
-#  title         :string(255)
-#  assignee_id   :integer
-#  author_id     :integer
-#  project_id    :integer
-#  created_at    :datetime
-#  updated_at    :datetime
-#  position      :integer          default(0)
-#  branch_name   :string(255)
-#  description   :text
-#  milestone_id  :integer
-#  state         :string(255)
-#  iid           :integer
-#  updated_by_id :integer
-#
-
 require 'spec_helper'
 
 describe Issue, models: true do
diff --git a/spec/models/key_spec.rb b/spec/models/key_spec.rb
index c962b83644a..26fbedbef2f 100644
--- a/spec/models/key_spec.rb
+++ b/spec/models/key_spec.rb
@@ -1,18 +1,3 @@
-# == Schema Information
-#
-# Table name: keys
-#
-#  id          :integer          not null, primary key
-#  user_id     :integer
-#  created_at  :datetime
-#  updated_at  :datetime
-#  key         :text
-#  title       :string(255)
-#  type        :string(255)
-#  fingerprint :string(255)
-#  public      :boolean          default(FALSE), not null
-#
-
 require 'spec_helper'
 
 describe Key, models: true do
diff --git a/spec/models/label_link_spec.rb b/spec/models/label_link_spec.rb
index dc7510b1de3..5e6f8ca1528 100644
--- a/spec/models/label_link_spec.rb
+++ b/spec/models/label_link_spec.rb
@@ -1,15 +1,3 @@
-# == Schema Information
-#
-# Table name: label_links
-#
-#  id          :integer          not null, primary key
-#  label_id    :integer
-#  target_id   :integer
-#  target_type :string(255)
-#  created_at  :datetime
-#  updated_at  :datetime
-#
-
 require 'spec_helper'
 
 describe LabelLink, models: true do
diff --git a/spec/models/label_spec.rb b/spec/models/label_spec.rb
index 0614ca1e7c9..dad2628651b 100644
--- a/spec/models/label_spec.rb
+++ b/spec/models/label_spec.rb
@@ -1,16 +1,3 @@
-# == Schema Information
-#
-# Table name: labels
-#
-#  id         :integer          not null, primary key
-#  title      :string(255)
-#  color      :string(255)
-#  project_id :integer
-#  created_at :datetime
-#  updated_at :datetime
-#  template   :boolean          default(FALSE)
-#
-
 require 'spec_helper'
 
 describe Label, models: true do
@@ -55,6 +42,14 @@ describe Label, models: true do
     end
   end
 
+  describe "#title" do
+    let(:label) { create(:label, title: "<b>test</b>") }
+
+    it "sanitizes title" do
+      expect(label.title).to eq("test")
+    end
+  end
+
   describe '#to_reference' do
     context 'using id' do
       it 'returns a String reference to the object' do
diff --git a/spec/models/legacy_diff_note_spec.rb b/spec/models/legacy_diff_note_spec.rb
new file mode 100644
index 00000000000..7c29bef54e4
--- /dev/null
+++ b/spec/models/legacy_diff_note_spec.rb
@@ -0,0 +1,74 @@
+require 'spec_helper'
+
+describe LegacyDiffNote, models: true do
+  describe "Commit diff line notes" do
+    let!(:note) { create(:note_on_commit_diff, note: "+1 from me") }
+    let!(:commit) { note.noteable }
+
+    it "should save a valid note" do
+      expect(note.commit_id).to eq(commit.id)
+      expect(note.noteable.id).to eq(commit.id)
+    end
+
+    it "should be recognized by #legacy_diff_note?" do
+      expect(note).to be_legacy_diff_note
+    end
+  end
+
+  describe '#active?' do
+    it 'is always true when the note has no associated diff' do
+      note = build(:note_on_merge_request_diff)
+
+      expect(note).to receive(:diff).and_return(nil)
+
+      expect(note).to be_active
+    end
+
+    it 'is never true when the note has no noteable associated' do
+      note = build(:note_on_merge_request_diff)
+
+      expect(note).to receive(:diff).and_return(double)
+      expect(note).to receive(:noteable).and_return(nil)
+
+      expect(note).not_to be_active
+    end
+
+    it 'returns the memoized value if defined' do
+      note = build(:note_on_merge_request_diff)
+
+      note.instance_variable_set(:@active, 'foo')
+      expect(note).not_to receive(:find_noteable_diff)
+
+      expect(note.active?).to eq 'foo'
+    end
+
+    context 'for a merge request noteable' do
+      it 'is false when noteable has no matching diff' do
+        merge = build_stubbed(:merge_request, :simple)
+        note = build(:note_on_merge_request_diff, noteable: merge)
+
+        allow(note).to receive(:diff).and_return(double)
+        expect(note).to receive(:find_noteable_diff).and_return(nil)
+
+        expect(note).not_to be_active
+      end
+
+      it 'is true when noteable has a matching diff' do
+        merge = create(:merge_request, :simple)
+
+        # Generate a real line_code value so we know it will match. We use a
+        # random line from a random diff just for funsies.
+        diff = merge.diffs.to_a.sample
+        line = Gitlab::Diff::Parser.new.parse(diff.diff.each_line).to_a.sample
+        code = Gitlab::Diff::LineCode.generate(diff.new_path, line.new_pos, line.old_pos)
+
+        # We're persisting in order to trigger the set_diff callback
+        note = create(:note_on_merge_request_diff, noteable: merge, line_code: code)
+
+        # Make sure we don't get a false positive from a guard clause
+        expect(note).to receive(:find_noteable_diff).and_call_original
+        expect(note).to be_active
+      end
+    end
+  end
+end
diff --git a/spec/models/member_spec.rb b/spec/models/member_spec.rb
index 2d8f1cc1ad3..6e51730eecd 100644
--- a/spec/models/member_spec.rb
+++ b/spec/models/member_spec.rb
@@ -1,22 +1,3 @@
-# == Schema Information
-#
-# Table name: members
-#
-#  id                 :integer          not null, primary key
-#  access_level       :integer          not null
-#  source_id          :integer          not null
-#  source_type        :string(255)      not null
-#  user_id            :integer
-#  notification_level :integer          not null
-#  type               :string(255)
-#  created_at         :datetime
-#  updated_at         :datetime
-#  created_by_id      :integer
-#  invite_email       :string(255)
-#  invite_token       :string(255)
-#  invite_accepted_at :datetime
-#
-
 require 'spec_helper'
 
 describe Member, models: true do
diff --git a/spec/models/merge_request_spec.rb b/spec/models/merge_request_spec.rb
index d7884cea336..9eef08c6d00 100644
--- a/spec/models/merge_request_spec.rb
+++ b/spec/models/merge_request_spec.rb
@@ -1,32 +1,3 @@
-# == Schema Information
-#
-# Table name: merge_requests
-#
-#  id                        :integer          not null, primary key
-#  target_branch             :string(255)      not null
-#  source_branch             :string(255)      not null
-#  source_project_id         :integer          not null
-#  author_id                 :integer
-#  assignee_id               :integer
-#  title                     :string(255)
-#  created_at                :datetime
-#  updated_at                :datetime
-#  milestone_id              :integer
-#  state                     :string(255)
-#  merge_status              :string(255)
-#  target_project_id         :integer          not null
-#  iid                       :integer
-#  description               :text
-#  position                  :integer          default(0)
-#  locked_at                 :datetime
-#  updated_by_id             :integer
-#  merge_error               :string(255)
-#  merge_params              :text
-#  merge_when_build_succeeds :boolean          default(FALSE), not null
-#  merge_user_id             :integer
-#  merge_commit_sha          :string
-#
-
 require 'spec_helper'
 
 describe MergeRequest, models: true do
@@ -93,7 +64,13 @@ describe MergeRequest, models: true do
 
   describe '#target_sha' do
     context 'when the target branch does not exist anymore' do
-      subject { create(:merge_request).tap { |mr| mr.update_attribute(:target_branch, 'deleted') } }
+      let(:project) { create(:project) }
+
+      subject { create(:merge_request, source_project: project, target_project: project) }
+
+      before do
+        project.repository.raw_repository.delete_branch(subject.target_branch)
+      end
 
       it 'returns nil' do
         expect(subject.target_sha).to be_nil
@@ -318,7 +295,12 @@ describe MergeRequest, models: true do
     let(:fork_project) { create(:project, forked_from_project: project) }
 
     context 'when the target branch does not exist anymore' do
-      subject { create(:merge_request).tap { |mr| mr.update_attribute(:target_branch, 'deleted') } }
+      subject { create(:merge_request, source_project: project, target_project: project) }
+
+      before do
+        project.repository.raw_repository.delete_branch(subject.target_branch)
+        subject.reload
+      end
 
       it 'does not crash' do
         expect{ subject.diverged_commits_count }.not_to raise_error
diff --git a/spec/models/milestone_spec.rb b/spec/models/milestone_spec.rb
index 72a4ea70228..1e18c788b50 100644
--- a/spec/models/milestone_spec.rb
+++ b/spec/models/milestone_spec.rb
@@ -1,18 +1,3 @@
-# == Schema Information
-#
-# Table name: milestones
-#
-#  id          :integer          not null, primary key
-#  title       :string(255)      not null
-#  project_id  :integer          not null
-#  description :text
-#  due_date    :date
-#  created_at  :datetime
-#  updated_at  :datetime
-#  state       :string(255)
-#  iid         :integer
-#
-
 require 'spec_helper'
 
 describe Milestone, models: true do
@@ -34,6 +19,14 @@ describe Milestone, models: true do
   let(:issue) { create(:issue) }
   let(:user) { create(:user) }
 
+  describe "#title" do
+    let(:milestone) { create(:milestone, title: "<b>test</b>") }
+
+    it "sanitizes title" do
+      expect(milestone.title).to eq("test")
+    end
+  end
+
   describe "unique milestone title per project" do
     it "shouldn't accept the same title in a project twice" do
       new_milestone = Milestone.new(project: milestone.project, title: milestone.title)
@@ -211,4 +204,37 @@ describe Milestone, models: true do
         to eq([milestone])
     end
   end
+
+  describe '.upcoming_ids_by_projects' do
+    let(:project_1) { create(:empty_project) }
+    let(:project_2) { create(:empty_project) }
+    let(:project_3) { create(:empty_project) }
+    let(:projects) { [project_1, project_2, project_3] }
+
+    let!(:past_milestone_project_1) { create(:milestone, project: project_1, due_date: Time.now - 1.day) }
+    let!(:current_milestone_project_1) { create(:milestone, project: project_1, due_date: Time.now + 1.day) }
+    let!(:future_milestone_project_1) { create(:milestone, project: project_1, due_date: Time.now + 2.days) }
+
+    let!(:past_milestone_project_2) { create(:milestone, project: project_2, due_date: Time.now - 1.day) }
+    let!(:closed_milestone_project_2) { create(:milestone, :closed, project: project_2, due_date: Time.now + 1.day) }
+    let!(:current_milestone_project_2) { create(:milestone, project: project_2, due_date: Time.now + 2.days) }
+
+    let!(:past_milestone_project_3) { create(:milestone, project: project_3, due_date: Time.now - 1.day) }
+
+    # The call to `#try` is because this returns a relation with a Postgres DB,
+    # and an array of IDs with a MySQL DB.
+    let(:milestone_ids) { Milestone.upcoming_ids_by_projects(projects).map { |id| id.try(:id) || id } }
+
+    it 'returns the next upcoming open milestone ID for each project' do
+      expect(milestone_ids).to contain_exactly(current_milestone_project_1.id, current_milestone_project_2.id)
+    end
+
+    context 'when the projects have no open upcoming milestones' do
+      let(:projects) { [project_3] }
+
+      it 'returns no results' do
+        expect(milestone_ids).to be_empty
+      end
+    end
+  end
 end
diff --git a/spec/models/namespace_spec.rb b/spec/models/namespace_spec.rb
index 3c3a580942a..4e68ac5e63a 100644
--- a/spec/models/namespace_spec.rb
+++ b/spec/models/namespace_spec.rb
@@ -1,18 +1,3 @@
-# == Schema Information
-#
-# Table name: namespaces
-#
-#  id          :integer          not null, primary key
-#  name        :string(255)      not null
-#  path        :string(255)      not null
-#  owner_id    :integer
-#  created_at  :datetime
-#  updated_at  :datetime
-#  type        :string(255)
-#  description :string(255)      default(""), not null
-#  avatar      :string(255)
-#
-
 require 'spec_helper'
 
 describe Namespace, models: true do
@@ -85,6 +70,20 @@ describe Namespace, models: true do
       allow(@namespace).to receive(:path).and_return(new_path)
       expect(@namespace.move_dir).to be_truthy
     end
+
+    context "when any project has container tags" do
+      before do
+        stub_container_registry_config(enabled: true)
+        stub_container_registry_tags('tag')
+
+        create(:empty_project, namespace: @namespace)
+
+        allow(@namespace).to receive(:path_was).and_return(@namespace.path)
+        allow(@namespace).to receive(:path).and_return('new_path')
+      end
+
+      it { expect { @namespace.move_dir }.to raise_error('Namespace cannot be moved, because at least one project has tags in container registry') }
+    end
   end
 
   describe :rm_dir do
diff --git a/spec/models/note_spec.rb b/spec/models/note_spec.rb
index 6b18936edb1..5d916f0e6a6 100644
--- a/spec/models/note_spec.rb
+++ b/spec/models/note_spec.rb
@@ -1,24 +1,3 @@
-# == Schema Information
-#
-# Table name: notes
-#
-#  id            :integer          not null, primary key
-#  note          :text
-#  noteable_type :string(255)
-#  author_id     :integer
-#  created_at    :datetime
-#  updated_at    :datetime
-#  project_id    :integer
-#  attachment    :string(255)
-#  line_code     :string(255)
-#  commit_id     :string(255)
-#  noteable_id   :integer
-#  system        :boolean          default(FALSE), not null
-#  st_diff       :text
-#  updated_by_id :integer
-#  is_award      :boolean          default(FALSE), not null
-#
-
 require 'spec_helper'
 
 describe Note, models: true do
@@ -55,24 +34,6 @@ describe Note, models: true do
     end
   end
 
-  describe "Commit diff line notes" do
-    let!(:note) { create(:note_on_commit_diff, note: "+1 from me") }
-    let!(:commit) { note.noteable }
-
-    it "should save a valid note" do
-      expect(note.commit_id).to eq(commit.id)
-      expect(note.noteable.id).to eq(commit.id)
-    end
-
-    it "should be recognized by #for_diff_line?" do
-      expect(note).to be_for_diff_line
-    end
-
-    it "should be recognized by #for_commit_diff_line?" do
-      expect(note).to be_for_commit_diff_line
-    end
-  end
-
   describe 'authorization' do
     before do
       @p1 = create(:project)
@@ -169,66 +130,6 @@ describe Note, models: true do
     end
   end
 
-  describe '#active?' do
-    it 'is always true when the note has no associated diff' do
-      note = build(:note)
-
-      expect(note).to receive(:diff).and_return(nil)
-
-      expect(note).to be_active
-    end
-
-    it 'is never true when the note has no noteable associated' do
-      note = build(:note)
-
-      expect(note).to receive(:diff).and_return(double)
-      expect(note).to receive(:noteable).and_return(nil)
-
-      expect(note).not_to be_active
-    end
-
-    it 'returns the memoized value if defined' do
-      note = build(:note)
-
-      expect(note).to receive(:diff).and_return(double)
-      expect(note).to receive(:noteable).and_return(double)
-
-      note.instance_variable_set(:@active, 'foo')
-      expect(note).not_to receive(:find_noteable_diff)
-
-      expect(note.active?).to eq 'foo'
-    end
-
-    context 'for a merge request noteable' do
-      it 'is false when noteable has no matching diff' do
-        merge = build_stubbed(:merge_request, :simple)
-        note = build(:note, noteable: merge)
-
-        allow(note).to receive(:diff).and_return(double)
-        expect(note).to receive(:find_noteable_diff).and_return(nil)
-
-        expect(note).not_to be_active
-      end
-
-      it 'is true when noteable has a matching diff' do
-        merge = create(:merge_request, :simple)
-
-        # Generate a real line_code value so we know it will match. We use a
-        # random line from a random diff just for funsies.
-        diff = merge.diffs.to_a.sample
-        line = Gitlab::Diff::Parser.new.parse(diff.diff.each_line).to_a.sample
-        code = Gitlab::Diff::LineCode.generate(diff.new_path, line.new_pos, line.old_pos)
-
-        # We're persisting in order to trigger the set_diff callback
-        note = create(:note, noteable: merge, line_code: code)
-
-        # Make sure we don't get a false positive from a guard clause
-        expect(note).to receive(:find_noteable_diff).and_call_original
-        expect(note).to be_active
-      end
-    end
-  end
-
   describe "editable?" do
     it "returns true" do
       note = build(:note)
@@ -279,7 +180,7 @@ describe Note, models: true do
     end
 
     it "is not an award emoji when comment is on a diff" do
-      note = create(:note, note: ":blowfish:", noteable: merge_request, line_code: "11d5d2e667e9da4f7f610f81d86c974b146b13bd_0_2")
+      note = create(:note_on_merge_request_diff, note: ":blowfish:", noteable: merge_request, line_code: "11d5d2e667e9da4f7f610f81d86c974b146b13bd_0_2")
       note = note.reload
 
       expect(note.note).to eq(":blowfish:")
diff --git a/spec/models/project_services/bamboo_service_spec.rb b/spec/models/project_services/bamboo_service_spec.rb
index 31b2c90122d..e771f35811e 100644
--- a/spec/models/project_services/bamboo_service_spec.rb
+++ b/spec/models/project_services/bamboo_service_spec.rb
@@ -27,86 +27,51 @@ describe BambooService, models: true do
   end
 
   describe 'Validations' do
-    describe '#bamboo_url' do
-      it 'does not validate the presence of bamboo_url if service is not active' do
-        bamboo_service = service
-        bamboo_service.active = false
-
-        expect(bamboo_service).not_to validate_presence_of(:bamboo_url)
-      end
-
-      it 'validates the presence of bamboo_url if service is active' do
-        bamboo_service = service
-        bamboo_service.active = true
-
-        expect(bamboo_service).to validate_presence_of(:bamboo_url)
-      end
-    end
+    subject { service }
 
-    describe '#build_key' do
-      it 'does not validate the presence of build_key if service is not active' do
-        bamboo_service = service
-        bamboo_service.active = false
+    context 'when service is active' do
+      before { subject.active = true }
 
-        expect(bamboo_service).not_to validate_presence_of(:build_key)
-      end
+      it { is_expected.to validate_presence_of(:build_key) }
+      it { is_expected.to validate_presence_of(:bamboo_url) }
+      it_behaves_like 'issue tracker service URL attribute', :bamboo_url
 
-      it 'validates the presence of build_key if service is active' do
-        bamboo_service = service
-        bamboo_service.active = true
+      describe '#username' do
+        it 'does not validate the presence of username if password is nil' do
+          subject.password = nil
 
-        expect(bamboo_service).to validate_presence_of(:build_key)
-      end
-    end
+          expect(subject).not_to validate_presence_of(:username)
+        end
 
-    describe '#username' do
-      it 'does not validate the presence of username if service is not active' do
-        bamboo_service = service
-        bamboo_service.active = false
+        it 'validates the presence of username if password is present' do
+          subject.password = 'secret'
 
-        expect(bamboo_service).not_to validate_presence_of(:username)
+          expect(subject).to validate_presence_of(:username)
+        end
       end
 
-      it 'does not validate the presence of username if username is nil' do
-        bamboo_service = service
-        bamboo_service.active = true
-        bamboo_service.password = nil
+      describe '#password' do
+        it 'does not validate the presence of password if username is nil' do
+          subject.username = nil
 
-        expect(bamboo_service).not_to validate_presence_of(:username)
-      end
+          expect(subject).not_to validate_presence_of(:password)
+        end
 
-      it 'validates the presence of username if service is active and username is present' do
-        bamboo_service = service
-        bamboo_service.active = true
-        bamboo_service.password = 'secret'
+        it 'validates the presence of password if username is present' do
+          subject.username = 'john'
 
-        expect(bamboo_service).to validate_presence_of(:username)
+          expect(subject).to validate_presence_of(:password)
+        end
       end
     end
 
-    describe '#password' do
-      it 'does not validate the presence of password if service is not active' do
-        bamboo_service = service
-        bamboo_service.active = false
-
-        expect(bamboo_service).not_to validate_presence_of(:password)
-      end
-
-      it 'does not validate the presence of password if username is nil' do
-        bamboo_service = service
-        bamboo_service.active = true
-        bamboo_service.username = nil
-
-        expect(bamboo_service).not_to validate_presence_of(:password)
-      end
-
-      it 'validates the presence of password if service is active and username is present' do
-        bamboo_service = service
-        bamboo_service.active = true
-        bamboo_service.username = 'john'
+    context 'when service is inactive' do
+      before { subject.active = false }
 
-        expect(bamboo_service).to validate_presence_of(:password)
-      end
+      it { is_expected.not_to validate_presence_of(:build_key) }
+      it { is_expected.not_to validate_presence_of(:bamboo_url) }
+      it { is_expected.not_to validate_presence_of(:username) }
+      it { is_expected.not_to validate_presence_of(:password) }
     end
   end
 
diff --git a/spec/models/project_services/buildkite_service_spec.rb b/spec/models/project_services/buildkite_service_spec.rb
index 88cd624877a..60364df2015 100644
--- a/spec/models/project_services/buildkite_service_spec.rb
+++ b/spec/models/project_services/buildkite_service_spec.rb
@@ -26,6 +26,23 @@ describe BuildkiteService, models: true do
     it { is_expected.to have_one :service_hook }
   end
 
+  describe 'Validations' do
+    context 'when service is active' do
+      before { subject.active = true }
+
+      it { is_expected.to validate_presence_of(:project_url) }
+      it { is_expected.to validate_presence_of(:token) }
+      it_behaves_like 'issue tracker service URL attribute', :project_url
+    end
+
+    context 'when service is inactive' do
+      before { subject.active = false }
+
+      it { is_expected.not_to validate_presence_of(:project_url) }
+      it { is_expected.not_to validate_presence_of(:token) }
+    end
+  end
+
   describe 'commits methods' do
     before do
       @project = Project.new
diff --git a/spec/models/project_services/builds_email_service_spec.rb b/spec/models/project_services/builds_email_service_spec.rb
index 7c23c2efccd..236df8f047d 100644
--- a/spec/models/project_services/builds_email_service_spec.rb
+++ b/spec/models/project_services/builds_email_service_spec.rb
@@ -1,76 +1,71 @@
 require 'spec_helper'
 
 describe BuildsEmailService do
-  let(:build) { create(:ci_build) }
-  let(:data) { Gitlab::BuildDataBuilder.build(build) }
-  let!(:project) { create(:project, :public, ci_id: 1) }
-  let(:service) { described_class.new(project: project, active: true) }
+  let(:data) { Gitlab::BuildDataBuilder.build(create(:ci_build)) }
+
+  describe 'Validations' do
+    context 'when service is active' do
+      before { subject.active = true }
+
+      it { is_expected.to validate_presence_of(:recipients) }
+
+      context 'when pusher is added' do
+        before { subject.add_pusher = true }
+
+        it { is_expected.not_to validate_presence_of(:recipients) }
+      end
+    end
+
+    context 'when service is inactive' do
+      before { subject.active = false }
+
+      it { is_expected.not_to validate_presence_of(:recipients) }
+    end
+  end
 
   describe '#execute' do
     it 'sends email' do
-      service.recipients = 'test@gitlab.com'
+      subject.recipients = 'test@gitlab.com'
       data[:build_status] = 'failed'
+
       expect(BuildEmailWorker).to receive(:perform_async)
-      service.execute(data)
+
+      subject.execute(data)
     end
 
     it 'does not send email with succeeded build and notify_only_broken_builds on' do
-      expect(service).to receive(:notify_only_broken_builds).and_return(true)
+      expect(subject).to receive(:notify_only_broken_builds).and_return(true)
       data[:build_status] = 'success'
+
       expect(BuildEmailWorker).not_to receive(:perform_async)
-      service.execute(data)
+
+      subject.execute(data)
     end
 
     it 'does not send email with failed build and build_allow_failure is true' do
       data[:build_status] = 'failed'
       data[:build_allow_failure] = true
+
       expect(BuildEmailWorker).not_to receive(:perform_async)
-      service.execute(data)
+
+      subject.execute(data)
     end
 
     it 'does not send email with unknown build status' do
       data[:build_status] = 'foo'
-      expect(BuildEmailWorker).not_to receive(:perform_async)
-      service.execute(data)
-    end
 
-    it 'does not send email when recipients list is empty' do
-      service.recipients = ' ,, '
-      data[:build_status] = 'failed'
       expect(BuildEmailWorker).not_to receive(:perform_async)
-      service.execute(data)
-    end
-  end
-
-  describe 'validations' do
-
-    context 'when pusher is not added' do
-      before { service.add_pusher = false }
-
-      it 'does not allow empty recipient input' do
-        service.recipients = ''
-        expect(service.valid?).to be false
-      end
-
-      it 'does allow non-empty recipient input' do
-        service.recipients = 'test@example.com'
-        expect(service.valid?).to be true
-      end
 
+      subject.execute(data)
     end
 
-    context 'when pusher is added' do
-      before { service.add_pusher = true }
+    it 'does not send email when recipients list is empty' do
+      subject.recipients = ' ,, '
+      data[:build_status] = 'failed'
 
-      it 'does allow empty recipient input' do
-        service.recipients = ''
-        expect(service.valid?).to be true
-      end
+      expect(BuildEmailWorker).not_to receive(:perform_async)
 
-      it 'does allow non-empty recipient input' do
-        service.recipients = 'test@example.com'
-        expect(service.valid?).to be true
-      end
+      subject.execute(data)
     end
   end
 end
diff --git a/spec/models/project_services/campfire_service_spec.rb b/spec/models/project_services/campfire_service_spec.rb
new file mode 100644
index 00000000000..3e6da42803b
--- /dev/null
+++ b/spec/models/project_services/campfire_service_spec.rb
@@ -0,0 +1,42 @@
+# == Schema Information
+#
+# Table name: services
+#
+#  id                    :integer          not null, primary key
+#  type                  :string(255)
+#  title                 :string(255)
+#  project_id            :integer
+#  created_at            :datetime
+#  updated_at            :datetime
+#  active                :boolean          default(FALSE), not null
+#  properties            :text
+#  template              :boolean          default(FALSE)
+#  push_events           :boolean          default(TRUE)
+#  issues_events         :boolean          default(TRUE)
+#  merge_requests_events :boolean          default(TRUE)
+#  tag_push_events       :boolean          default(TRUE)
+#  note_events           :boolean          default(TRUE), not null
+#
+
+require 'spec_helper'
+
+describe CampfireService, models: true do
+  describe 'Associations' do
+    it { is_expected.to belong_to :project }
+    it { is_expected.to have_one :service_hook }
+  end
+
+  describe 'Validations' do
+    context 'when service is active' do
+      before { subject.active = true }
+
+      it { is_expected.to validate_presence_of(:token) }
+    end
+
+    context 'when service is inactive' do
+      before { subject.active = false }
+
+      it { is_expected.not_to validate_presence_of(:token) }
+    end
+  end
+end
diff --git a/spec/models/project_services/custom_issue_tracker_service_spec.rb b/spec/models/project_services/custom_issue_tracker_service_spec.rb
new file mode 100644
index 00000000000..ff976f8ec59
--- /dev/null
+++ b/spec/models/project_services/custom_issue_tracker_service_spec.rb
@@ -0,0 +1,49 @@
+# == Schema Information
+#
+# Table name: services
+#
+#  id                    :integer          not null, primary key
+#  type                  :string(255)
+#  title                 :string(255)
+#  project_id            :integer
+#  created_at            :datetime
+#  updated_at            :datetime
+#  active                :boolean          default(FALSE), not null
+#  properties            :text
+#  template              :boolean          default(FALSE)
+#  push_events           :boolean          default(TRUE)
+#  issues_events         :boolean          default(TRUE)
+#  merge_requests_events :boolean          default(TRUE)
+#  tag_push_events       :boolean          default(TRUE)
+#  note_events           :boolean          default(TRUE), not null
+#
+
+require 'spec_helper'
+
+describe CustomIssueTrackerService, models: true do
+  describe 'Associations' do
+    it { is_expected.to belong_to :project }
+    it { is_expected.to have_one :service_hook }
+  end
+
+  describe 'Validations' do
+    context 'when service is active' do
+      before { subject.active = true }
+
+      it { is_expected.to validate_presence_of(:project_url) }
+      it { is_expected.to validate_presence_of(:issues_url) }
+      it { is_expected.to validate_presence_of(:new_issue_url) }
+      it_behaves_like 'issue tracker service URL attribute', :project_url
+      it_behaves_like 'issue tracker service URL attribute', :issues_url
+      it_behaves_like 'issue tracker service URL attribute', :new_issue_url
+    end
+
+    context 'when service is inactive' do
+      before { subject.active = false }
+
+      it { is_expected.not_to validate_presence_of(:project_url) }
+      it { is_expected.not_to validate_presence_of(:issues_url) }
+      it { is_expected.not_to validate_presence_of(:new_issue_url) }
+    end
+  end
+end
diff --git a/spec/models/project_services/drone_ci_service_spec.rb b/spec/models/project_services/drone_ci_service_spec.rb
index a2cf68a9e38..3a8e67438fc 100644
--- a/spec/models/project_services/drone_ci_service_spec.rb
+++ b/spec/models/project_services/drone_ci_service_spec.rb
@@ -28,25 +28,18 @@ describe DroneCiService, models: true do
 
   describe 'validations' do
     context 'active' do
-      before { allow(subject).to receive(:activated?).and_return(true) }
+      before { subject.active = true }
 
       it { is_expected.to validate_presence_of(:token) }
       it { is_expected.to validate_presence_of(:drone_url) }
-      it { is_expected.to allow_value('ewf9843kdnfdfs89234n').for(:token) }
-      it { is_expected.to allow_value('http://ci.example.com').for(:drone_url) }
-      it { is_expected.not_to allow_value('this is not url').for(:drone_url) }
-      it { is_expected.not_to allow_value('http//noturl').for(:drone_url) }
-      it { is_expected.not_to allow_value('ftp://ci.example.com').for(:drone_url) }
+      it_behaves_like 'issue tracker service URL attribute', :drone_url
     end
 
     context 'inactive' do
-      before { allow(subject).to receive(:activated?).and_return(false) }
+      before { subject.active = false }
 
       it { is_expected.not_to validate_presence_of(:token) }
       it { is_expected.not_to validate_presence_of(:drone_url) }
-      it { is_expected.to allow_value('ewf9843kdnfdfs89234n').for(:token) }
-      it { is_expected.to allow_value('http://drone.example.com').for(:drone_url) }
-      it { is_expected.to allow_value('ftp://drone.example.com').for(:drone_url) }
     end
   end
 
diff --git a/spec/models/project_services/emails_on_push_service_spec.rb b/spec/models/project_services/emails_on_push_service_spec.rb
new file mode 100644
index 00000000000..e6f78898c82
--- /dev/null
+++ b/spec/models/project_services/emails_on_push_service_spec.rb
@@ -0,0 +1,17 @@
+require 'spec_helper'
+
+describe EmailsOnPushService do
+  describe 'Validations' do
+    context 'when service is active' do
+      before { subject.active = true }
+
+      it { is_expected.to validate_presence_of(:recipients) }
+    end
+
+    context 'when service is inactive' do
+      before { subject.active = false }
+
+      it { is_expected.not_to validate_presence_of(:recipients) }
+    end
+  end
+end
diff --git a/spec/models/external_wiki_service_spec.rb b/spec/models/project_services/external_wiki_service_spec.rb
index d37978720bf..5fe5ea7d2df 100644
--- a/spec/models/external_wiki_service_spec.rb
+++ b/spec/models/project_services/external_wiki_service_spec.rb
@@ -28,13 +28,18 @@ describe ExternalWikiService, models: true do
     it { should have_one :service_hook }
   end
 
-  describe "Validations" do
-    context "active" do
-      before do
-        subject.active = true
-      end
+  describe 'Validations' do
+    context 'when service is active' do
+      before { subject.active = true }
+
+      it { is_expected.to validate_presence_of(:external_wiki_url) }
+      it_behaves_like 'issue tracker service URL attribute', :external_wiki_url
+    end
+
+    context 'when service is inactive' do
+      before { subject.active = false }
 
-      it { should validate_presence_of :external_wiki_url }
+      it { is_expected.not_to validate_presence_of(:external_wiki_url) }
     end
   end
 
diff --git a/spec/models/project_services/flowdock_service_spec.rb b/spec/models/project_services/flowdock_service_spec.rb
index ff7fbcaa004..b7e627e6518 100644
--- a/spec/models/project_services/flowdock_service_spec.rb
+++ b/spec/models/project_services/flowdock_service_spec.rb
@@ -26,6 +26,20 @@ describe FlowdockService, models: true do
     it { is_expected.to have_one :service_hook }
   end
 
+  describe 'Validations' do
+    context 'when service is active' do
+      before { subject.active = true }
+
+      it { is_expected.to validate_presence_of(:token) }
+    end
+
+    context 'when service is inactive' do
+      before { subject.active = false }
+
+      it { is_expected.not_to validate_presence_of(:token) }
+    end
+  end
+
   describe "Execute" do
     let(:user)    { create(:user) }
     let(:project) { create(:project) }
diff --git a/spec/models/project_services/gemnasium_service_spec.rb b/spec/models/project_services/gemnasium_service_spec.rb
index ecb3ccb1673..a08f1ac229f 100644
--- a/spec/models/project_services/gemnasium_service_spec.rb
+++ b/spec/models/project_services/gemnasium_service_spec.rb
@@ -26,6 +26,22 @@ describe GemnasiumService, models: true do
     it { is_expected.to have_one :service_hook }
   end
 
+  describe 'Validations' do
+    context 'when service is active' do
+      before { subject.active = true }
+
+      it { is_expected.to validate_presence_of(:token) }
+      it { is_expected.to validate_presence_of(:api_key) }
+    end
+
+    context 'when service is inactive' do
+      before { subject.active = false }
+
+      it { is_expected.not_to validate_presence_of(:token) }
+      it { is_expected.not_to validate_presence_of(:api_key) }
+    end
+  end
+
   describe "Execute" do
     let(:user)    { create(:user) }
     let(:project) { create(:project) }
diff --git a/spec/models/project_services/gitlab_issue_tracker_service_spec.rb b/spec/models/project_services/gitlab_issue_tracker_service_spec.rb
index 3518dbd1728..7a1f106d6e3 100644
--- a/spec/models/project_services/gitlab_issue_tracker_service_spec.rb
+++ b/spec/models/project_services/gitlab_issue_tracker_service_spec.rb
@@ -26,6 +26,20 @@ describe GitlabIssueTrackerService, models: true do
     it { is_expected.to have_one :service_hook }
   end
 
+  describe 'Validations' do
+    context 'when service is active' do
+      subject { described_class.new(project: create(:project), active: true) }
+
+      it { is_expected.to validate_presence_of(:issues_url) }
+      it_behaves_like 'issue tracker service URL attribute', :issues_url
+    end
+
+    context 'when service is inactive' do
+      subject { described_class.new(project: create(:project), active: false) }
+
+      it { is_expected.not_to validate_presence_of(:issues_url) }
+    end
+  end
 
   describe 'project and issue urls' do
     let(:project) { create(:project) }
diff --git a/spec/models/project_services/hipchat_service_spec.rb b/spec/models/project_services/hipchat_service_spec.rb
index d878162a220..6fb5cad5011 100644
--- a/spec/models/project_services/hipchat_service_spec.rb
+++ b/spec/models/project_services/hipchat_service_spec.rb
@@ -26,6 +26,20 @@ describe HipchatService, models: true do
     it { is_expected.to have_one :service_hook }
   end
 
+  describe 'Validations' do
+    context 'when service is active' do
+      before { subject.active = true }
+
+      it { is_expected.to validate_presence_of(:token) }
+    end
+
+    context 'when service is inactive' do
+      before { subject.active = false }
+
+      it { is_expected.not_to validate_presence_of(:token) }
+    end
+  end
+
   describe "Execute" do
     let(:hipchat) { HipchatService.new }
     let(:user)    { create(:user, username: 'username') }
diff --git a/spec/models/project_services/irker_service_spec.rb b/spec/models/project_services/irker_service_spec.rb
index b783b1a576e..4ee022a5171 100644
--- a/spec/models/project_services/irker_service_spec.rb
+++ b/spec/models/project_services/irker_service_spec.rb
@@ -29,14 +29,16 @@ describe IrkerService, models: true do
   end
 
   describe 'Validations' do
-    before do
-      subject.active = true
-      subject.properties['recipients'] = _recipients
+    context 'when service is active' do
+      before { subject.active = true }
+
+      it { is_expected.to validate_presence_of(:recipients) }
     end
 
-    context 'active' do
-      let(:_recipients) { nil }
-      it { should validate_presence_of :recipients }
+    context 'when service is inactive' do
+      before { subject.active = false }
+
+      it { is_expected.not_to validate_presence_of(:recipients) }
     end
   end
 
diff --git a/spec/models/project_services/jira_service_spec.rb b/spec/models/project_services/jira_service_spec.rb
index 2f8193170ae..5309cfb99ff 100644
--- a/spec/models/project_services/jira_service_spec.rb
+++ b/spec/models/project_services/jira_service_spec.rb
@@ -26,6 +26,30 @@ describe JiraService, models: true do
     it { is_expected.to have_one :service_hook }
   end
 
+  describe 'Validations' do
+    context 'when service is active' do
+      before { subject.active = true }
+
+      it { is_expected.to validate_presence_of(:api_url) }
+      it { is_expected.to validate_presence_of(:project_url) }
+      it { is_expected.to validate_presence_of(:issues_url) }
+      it { is_expected.to validate_presence_of(:new_issue_url) }
+      it_behaves_like 'issue tracker service URL attribute', :api_url
+      it_behaves_like 'issue tracker service URL attribute', :project_url
+      it_behaves_like 'issue tracker service URL attribute', :issues_url
+      it_behaves_like 'issue tracker service URL attribute', :new_issue_url
+    end
+
+    context 'when service is inactive' do
+      before { subject.active = false }
+
+      it { is_expected.not_to validate_presence_of(:api_url) }
+      it { is_expected.not_to validate_presence_of(:project_url) }
+      it { is_expected.not_to validate_presence_of(:issues_url) }
+      it { is_expected.not_to validate_presence_of(:new_issue_url) }
+    end
+  end
+
   describe "Execute" do
     let(:user)    { create(:user) }
     let(:project) { create(:project) }
@@ -72,7 +96,7 @@ describe JiraService, models: true do
 
     context "when a password was previously set" do
       before do
-        @jira_service = JiraService.create(
+        @jira_service = JiraService.create!(
           project: create(:project),
           properties: {
             api_url: 'http://jira.example.com/rest/api/2',
diff --git a/spec/models/project_services/pivotaltracker_service_spec.rb b/spec/models/project_services/pivotaltracker_service_spec.rb
new file mode 100644
index 00000000000..f37edd4d970
--- /dev/null
+++ b/spec/models/project_services/pivotaltracker_service_spec.rb
@@ -0,0 +1,42 @@
+# == Schema Information
+#
+# Table name: services
+#
+#  id                    :integer          not null, primary key
+#  type                  :string(255)
+#  title                 :string(255)
+#  project_id            :integer
+#  created_at            :datetime
+#  updated_at            :datetime
+#  active                :boolean          default(FALSE), not null
+#  properties            :text
+#  template              :boolean          default(FALSE)
+#  push_events           :boolean          default(TRUE)
+#  issues_events         :boolean          default(TRUE)
+#  merge_requests_events :boolean          default(TRUE)
+#  tag_push_events       :boolean          default(TRUE)
+#  note_events           :boolean          default(TRUE), not null
+#
+
+require 'spec_helper'
+
+describe PivotaltrackerService, models: true do
+  describe 'Associations' do
+    it { is_expected.to belong_to :project }
+    it { is_expected.to have_one :service_hook }
+  end
+
+  describe 'Validations' do
+    context 'when service is active' do
+      before { subject.active = true }
+
+      it { is_expected.to validate_presence_of(:token) }
+    end
+
+    context 'when service is inactive' do
+      before { subject.active = false }
+
+      it { is_expected.not_to validate_presence_of(:token) }
+    end
+  end
+end
diff --git a/spec/models/project_services/pushover_service_spec.rb b/spec/models/project_services/pushover_service_spec.rb
index 96039f9491b..555d9757b47 100644
--- a/spec/models/project_services/pushover_service_spec.rb
+++ b/spec/models/project_services/pushover_service_spec.rb
@@ -27,14 +27,20 @@ describe PushoverService, models: true do
   end
 
   describe 'Validations' do
-    context 'active' do
-      before do
-        subject.active = true
-      end
+    context 'when service is active' do
+      before { subject.active = true }
 
-      it { is_expected.to validate_presence_of :api_key }
-      it { is_expected.to validate_presence_of :user_key }
-      it { is_expected.to validate_presence_of :priority }
+      it { is_expected.to validate_presence_of(:api_key) }
+      it { is_expected.to validate_presence_of(:user_key) }
+      it { is_expected.to validate_presence_of(:priority) }
+    end
+
+    context 'when service is inactive' do
+      before { subject.active = false }
+
+      it { is_expected.not_to validate_presence_of(:api_key) }
+      it { is_expected.not_to validate_presence_of(:user_key) }
+      it { is_expected.not_to validate_presence_of(:priority) }
     end
   end
 
diff --git a/spec/models/project_services/redmine_service_spec.rb b/spec/models/project_services/redmine_service_spec.rb
new file mode 100644
index 00000000000..7d14f6e8280
--- /dev/null
+++ b/spec/models/project_services/redmine_service_spec.rb
@@ -0,0 +1,49 @@
+# == Schema Information
+#
+# Table name: services
+#
+#  id                    :integer          not null, primary key
+#  type                  :string(255)
+#  title                 :string(255)
+#  project_id            :integer
+#  created_at            :datetime
+#  updated_at            :datetime
+#  active                :boolean          default(FALSE), not null
+#  properties            :text
+#  template              :boolean          default(FALSE)
+#  push_events           :boolean          default(TRUE)
+#  issues_events         :boolean          default(TRUE)
+#  merge_requests_events :boolean          default(TRUE)
+#  tag_push_events       :boolean          default(TRUE)
+#  note_events           :boolean          default(TRUE), not null
+#
+
+require 'spec_helper'
+
+describe RedmineService, models: true do
+  describe 'Associations' do
+    it { is_expected.to belong_to :project }
+    it { is_expected.to have_one :service_hook }
+  end
+
+  describe 'Validations' do
+    context 'when service is active' do
+      before { subject.active = true }
+
+      it { is_expected.to validate_presence_of(:project_url) }
+      it { is_expected.to validate_presence_of(:issues_url) }
+      it { is_expected.to validate_presence_of(:new_issue_url) }
+      it_behaves_like 'issue tracker service URL attribute', :project_url
+      it_behaves_like 'issue tracker service URL attribute', :issues_url
+      it_behaves_like 'issue tracker service URL attribute', :new_issue_url
+    end
+
+    context 'when service is inactive' do
+      before { subject.active = false }
+
+      it { is_expected.not_to validate_presence_of(:project_url) }
+      it { is_expected.not_to validate_presence_of(:issues_url) }
+      it { is_expected.not_to validate_presence_of(:new_issue_url) }
+    end
+  end
+end
diff --git a/spec/models/project_services/slack_service/issue_message_spec.rb b/spec/models/project_services/slack_service/issue_message_spec.rb
index f648cbe2dee..0f8889bdf3c 100644
--- a/spec/models/project_services/slack_service/issue_message_spec.rb
+++ b/spec/models/project_services/slack_service/issue_message_spec.rb
@@ -25,7 +25,7 @@ describe SlackService::IssueMessage, models: true do
     }
   end
 
-  let(:color) { '#345' }
+  let(:color) { '#C95823' }
 
   context '#initialize' do
     before do
@@ -40,10 +40,11 @@ describe SlackService::IssueMessage, models: true do
   context 'open' do
     it 'returns a message regarding opening of issues' do
       expect(subject.pretext).to eq(
-        'Test User opened <url|issue #100> in <somewhere.com|project_name>: '\
-        '*Issue title*')
+        '<somewhere.com|[project_name>] Issue opened by Test User')
       expect(subject.attachments).to eq([
         {
+          title: "#100 Issue title",
+          title_link: "url",
           text: "issue description",
           color: color,
         }
@@ -56,10 +57,10 @@ describe SlackService::IssueMessage, models: true do
       args[:object_attributes][:action] = 'close'
       args[:object_attributes][:state] = 'closed'
     end
+
     it 'returns a message regarding closing of issues' do
       expect(subject.pretext). to eq(
-        'Test User closed <url|issue #100> in <somewhere.com|project_name>: '\
-        '*Issue title*')
+        '<somewhere.com|[project_name>] Issue <url|#100 Issue title> closed by Test User')
       expect(subject.attachments).to be_empty
     end
   end
diff --git a/spec/models/project_services/slack_service/note_message_spec.rb b/spec/models/project_services/slack_service/note_message_spec.rb
index d37590cab75..379c3e1219c 100644
--- a/spec/models/project_services/slack_service/note_message_spec.rb
+++ b/spec/models/project_services/slack_service/note_message_spec.rb
@@ -65,7 +65,7 @@ describe SlackService::NoteMessage, models: true do
       expect(message.pretext).to eq("Test User commented on " \
       "<url|merge request !30> in <somewhere.com|project_name>: " \
       "*merge request title*")
-      expected_attachments =  [
+      expected_attachments = [
           {
               text: "comment on a merge request",
               color: color,
@@ -117,7 +117,7 @@ describe SlackService::NoteMessage, models: true do
       expect(message.pretext).to eq("Test User commented on " \
       "<url|snippet #5> in <somewhere.com|project_name>: " \
       "*snippet title*")
-      expected_attachments =  [
+      expected_attachments = [
           {
               text: "comment on a snippet",
               color: color,
diff --git a/spec/models/project_services/slack_service_spec.rb b/spec/models/project_services/slack_service_spec.rb
index 478d59be08b..a97b7560137 100644
--- a/spec/models/project_services/slack_service_spec.rb
+++ b/spec/models/project_services/slack_service_spec.rb
@@ -26,13 +26,18 @@ describe SlackService, models: true do
     it { is_expected.to have_one :service_hook }
   end
 
-  describe "Validations" do
-    context "active" do
-      before do
-        subject.active = true
-      end
+  describe 'Validations' do
+    context 'when service is active' do
+      before { subject.active = true }
 
-      it { is_expected.to validate_presence_of :webhook }
+      it { is_expected.to validate_presence_of(:webhook) }
+      it_behaves_like 'issue tracker service URL attribute', :webhook
+    end
+
+    context 'when service is inactive' do
+      before { subject.active = false }
+
+      it { is_expected.not_to validate_presence_of(:webhook) }
     end
   end
 
diff --git a/spec/models/project_services/teamcity_service_spec.rb b/spec/models/project_services/teamcity_service_spec.rb
index bc7423cee69..ad24b895170 100644
--- a/spec/models/project_services/teamcity_service_spec.rb
+++ b/spec/models/project_services/teamcity_service_spec.rb
@@ -27,86 +27,51 @@ describe TeamcityService, models: true do
   end
 
   describe 'Validations' do
-    describe '#teamcity_url' do
-      it 'does not validate the presence of teamcity_url if service is not active' do
-        teamcity_service = service
-        teamcity_service.active = false
-
-        expect(teamcity_service).not_to validate_presence_of(:teamcity_url)
-      end
-
-      it 'validates the presence of teamcity_url if service is active' do
-        teamcity_service = service
-        teamcity_service.active = true
-
-        expect(teamcity_service).to validate_presence_of(:teamcity_url)
-      end
-    end
+    subject { service }
 
-    describe '#build_type' do
-      it 'does not validate the presence of build_type if service is not active' do
-        teamcity_service = service
-        teamcity_service.active = false
+    context 'when service is active' do
+      before { subject.active = true }
 
-        expect(teamcity_service).not_to validate_presence_of(:build_type)
-      end
+      it { is_expected.to validate_presence_of(:build_type) }
+      it { is_expected.to validate_presence_of(:teamcity_url) }
+      it_behaves_like 'issue tracker service URL attribute', :teamcity_url
 
-      it 'validates the presence of build_type if service is active' do
-        teamcity_service = service
-        teamcity_service.active = true
+      describe '#username' do
+        it 'does not validate the presence of username if password is nil' do
+          subject.password = nil
 
-        expect(teamcity_service).to validate_presence_of(:build_type)
-      end
-    end
+          expect(subject).not_to validate_presence_of(:username)
+        end
 
-    describe '#username' do
-      it 'does not validate the presence of username if service is not active' do
-        teamcity_service = service
-        teamcity_service.active = false
+        it 'validates the presence of username if password is present' do
+          subject.password = 'secret'
 
-        expect(teamcity_service).not_to validate_presence_of(:username)
+          expect(subject).to validate_presence_of(:username)
+        end
       end
 
-      it 'does not validate the presence of username if username is nil' do
-        teamcity_service = service
-        teamcity_service.active = true
-        teamcity_service.password = nil
+      describe '#password' do
+        it 'does not validate the presence of password if username is nil' do
+          subject.username = nil
 
-        expect(teamcity_service).not_to validate_presence_of(:username)
-      end
+          expect(subject).not_to validate_presence_of(:password)
+        end
 
-      it 'validates the presence of username if service is active and username is present' do
-        teamcity_service = service
-        teamcity_service.active = true
-        teamcity_service.password = 'secret'
+        it 'validates the presence of password if username is present' do
+          subject.username = 'john'
 
-        expect(teamcity_service).to validate_presence_of(:username)
+          expect(subject).to validate_presence_of(:password)
+        end
       end
     end
 
-    describe '#password' do
-      it 'does not validate the presence of password if service is not active' do
-        teamcity_service = service
-        teamcity_service.active = false
-
-        expect(teamcity_service).not_to validate_presence_of(:password)
-      end
-
-      it 'does not validate the presence of password if username is nil' do
-        teamcity_service = service
-        teamcity_service.active = true
-        teamcity_service.username = nil
-
-        expect(teamcity_service).not_to validate_presence_of(:password)
-      end
-
-      it 'validates the presence of password if service is active and username is present' do
-        teamcity_service = service
-        teamcity_service.active = true
-        teamcity_service.username = 'john'
+    context 'when service is inactive' do
+      before { subject.active = false }
 
-        expect(teamcity_service).to validate_presence_of(:password)
-      end
+      it { is_expected.not_to validate_presence_of(:build_type) }
+      it { is_expected.not_to validate_presence_of(:teamcity_url) }
+      it { is_expected.not_to validate_presence_of(:username) }
+      it { is_expected.not_to validate_presence_of(:password) }
     end
   end
 
diff --git a/spec/models/project_snippet_spec.rb b/spec/models/project_snippet_spec.rb
index e0feb606f78..d9d7c0b0aaa 100644
--- a/spec/models/project_snippet_spec.rb
+++ b/spec/models/project_snippet_spec.rb
@@ -1,19 +1,3 @@
-# == Schema Information
-#
-# Table name: snippets
-#
-#  id               :integer          not null, primary key
-#  title            :string(255)
-#  content          :text
-#  author_id        :integer          not null
-#  project_id       :integer
-#  created_at       :datetime
-#  updated_at       :datetime
-#  file_name        :string(255)
-#  type             :string(255)
-#  visibility_level :integer          default(0), not null
-#
-
 require 'spec_helper'
 
 describe ProjectSnippet, models: true do
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index becc743de31..60e1ec43f2b 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -1,43 +1,3 @@
-# == Schema Information
-#
-# Table name: projects
-#
-#  id                     :integer          not null, primary key
-#  name                   :string(255)
-#  path                   :string(255)
-#  description            :text
-#  created_at             :datetime
-#  updated_at             :datetime
-#  creator_id             :integer
-#  issues_enabled         :boolean          default(TRUE), not null
-#  wall_enabled           :boolean          default(TRUE), not null
-#  merge_requests_enabled :boolean          default(TRUE), not null
-#  wiki_enabled           :boolean          default(TRUE), not null
-#  namespace_id           :integer
-#  issues_tracker         :string(255)      default("gitlab"), not null
-#  issues_tracker_id      :string(255)
-#  snippets_enabled       :boolean          default(TRUE), not null
-#  last_activity_at       :datetime
-#  import_url             :string(255)
-#  visibility_level       :integer          default(0), not null
-#  archived               :boolean          default(FALSE), not null
-#  avatar                 :string(255)
-#  import_status          :string(255)
-#  repository_size        :float            default(0.0)
-#  star_count             :integer          default(0), not null
-#  import_type            :string(255)
-#  import_source          :string(255)
-#  commit_count           :integer          default(0)
-#  import_error           :text
-#  ci_id                  :integer
-#  builds_enabled         :boolean          default(TRUE), not null
-#  shared_runners_enabled :boolean          default(TRUE), not null
-#  runners_token          :string
-#  build_coverage_regex   :string
-#  build_allow_git_fetch  :boolean          default(TRUE), not null
-#  build_timeout          :integer          default(3600), not null
-#
-
 require 'spec_helper'
 
 describe Project, models: true do
@@ -674,11 +634,11 @@ describe Project, models: true do
       # Project#gitlab_shell returns a new instance of Gitlab::Shell on every
       # call. This makes testing a bit easier.
       allow(project).to receive(:gitlab_shell).and_return(gitlab_shell)
-    end
 
-    it 'renames a repository' do
       allow(project).to receive(:previous_changes).and_return('path' => ['foo'])
+    end
 
+    it 'renames a repository' do
       ns = project.namespace_dir
 
       expect(gitlab_shell).to receive(:mv_repository).
@@ -703,6 +663,17 @@ describe Project, models: true do
 
       project.rename_repo
     end
+
+    context 'container registry with tags' do
+      before do
+        stub_container_registry_config(enabled: true)
+        stub_container_registry_tags('tag')
+      end
+
+      subject { project.rename_repo }
+
+      it { expect{subject}.to raise_error(Exception) }
+    end
   end
 
   describe '#expire_caches_before_rename' do
@@ -719,11 +690,8 @@ describe Project, models: true do
         with('foo.wiki', project).
         and_return(wiki)
 
-      expect(repo).to receive(:expire_cache)
-      expect(repo).to receive(:expire_emptiness_caches)
-
-      expect(wiki).to receive(:expire_cache)
-      expect(wiki).to receive(:expire_emptiness_caches)
+      expect(repo).to receive(:before_delete)
+      expect(wiki).to receive(:before_delete)
 
       project.expire_caches_before_rename('foo')
     end
@@ -801,4 +769,85 @@ describe Project, models: true do
       end
     end
   end
+
+  describe '#protected_branch?' do
+    let(:project) { create(:empty_project) }
+
+    it 'returns true when a branch is a protected branch' do
+      project.protected_branches.create!(name: 'foo')
+
+      expect(project.protected_branch?('foo')).to eq(true)
+    end
+
+    it 'returns false when a branch is not a protected branch' do
+      expect(project.protected_branch?('foo')).to eq(false)
+    end
+  end
+
+  describe '#container_registry_repository' do
+    let(:project) { create(:empty_project) }
+
+    before { stub_container_registry_config(enabled: true) }
+
+    subject { project.container_registry_repository }
+
+    it { is_expected.to_not be_nil }
+  end
+
+  describe '#container_registry_repository_url' do
+    let(:project) { create(:empty_project) }
+
+    subject { project.container_registry_repository_url }
+
+    before { stub_container_registry_config(**registry_settings) }
+
+    context 'for enabled registry' do
+      let(:registry_settings) do
+        {
+          enabled: true,
+          host_port: 'example.com',
+        }
+      end
+
+      it { is_expected.to_not be_nil }
+    end
+
+    context 'for disabled registry' do
+      let(:registry_settings) do
+        {
+          enabled: false
+        }
+      end
+
+      it { is_expected.to be_nil }
+    end
+  end
+
+  describe '#has_container_registry_tags?' do
+    let(:project) { create(:empty_project) }
+
+    subject { project.has_container_registry_tags? }
+
+    context 'for enabled registry' do
+      before { stub_container_registry_config(enabled: true) }
+
+      context 'with tags' do
+        before { stub_container_registry_tags('test', 'test2') }
+
+        it { is_expected.to be_truthy }
+      end
+
+      context 'when no tags' do
+        before { stub_container_registry_tags }
+
+        it { is_expected.to be_falsey }
+      end
+    end
+
+    context 'for disabled registry' do
+      before { stub_container_registry_config(enabled: false) }
+
+      it { is_expected.to be_falsey }
+    end
+  end
 end
diff --git a/spec/models/project_wiki_spec.rb b/spec/models/project_wiki_spec.rb
index 532e3f013fd..91ebb612baa 100644
--- a/spec/models/project_wiki_spec.rb
+++ b/spec/models/project_wiki_spec.rb
@@ -38,7 +38,8 @@ describe ProjectWiki, models: true do
 
   describe "#wiki_base_path" do
     it "returns the wiki base path" do
-      wiki_base_path = "/#{project.path_with_namespace}/wikis"
+      wiki_base_path = "#{Gitlab.config.gitlab.relative_url_root}/#{project.path_with_namespace}/wikis"
+
       expect(subject.wiki_base_path).to eq(wiki_base_path)
     end
   end
diff --git a/spec/models/protected_branch_spec.rb b/spec/models/protected_branch_spec.rb
index 7e956cf6779..b523834c6e9 100644
--- a/spec/models/protected_branch_spec.rb
+++ b/spec/models/protected_branch_spec.rb
@@ -1,15 +1,3 @@
-# == Schema Information
-#
-# Table name: protected_branches
-#
-#  id                  :integer          not null, primary key
-#  project_id          :integer          not null
-#  name                :string(255)      not null
-#  created_at          :datetime
-#  updated_at          :datetime
-#  developers_can_push :boolean          default(FALSE), not null
-#
-
 require 'spec_helper'
 
 describe ProtectedBranch, models: true do
diff --git a/spec/models/release_spec.rb b/spec/models/release_spec.rb
index 72ecb442a36..527005b2b69 100644
--- a/spec/models/release_spec.rb
+++ b/spec/models/release_spec.rb
@@ -1,15 +1,3 @@
-# == Schema Information
-#
-# Table name: releases
-#
-#  id          :integer          not null, primary key
-#  tag         :string(255)
-#  description :text
-#  project_id  :integer
-#  created_at  :datetime
-#  updated_at  :datetime
-#
-
 require 'rails_helper'
 
 RSpec.describe Release, type: :model do
diff --git a/spec/models/repository_spec.rb b/spec/models/repository_spec.rb
index b561aa663d1..34a13f9b5c9 100644
--- a/spec/models/repository_spec.rb
+++ b/spec/models/repository_spec.rb
@@ -132,55 +132,69 @@ describe Repository, models: true do
         it { expect(subject.basename).to eq('a/b/c') }
       end
     end
-
   end
 
-  describe '#license_blob' do
+  describe "#changelog" do
     before do
-      repository.send(:cache).expire(:license_blob)
-      repository.remove_file(user, 'LICENSE', 'Remove LICENSE', 'master')
+      repository.send(:cache).expire(:changelog)
     end
 
-    it 'looks in the root_ref only' do
-      repository.remove_file(user, 'LICENSE', 'Remove LICENSE', 'markdown')
-      repository.commit_file(user, 'LICENSE', Licensee::License.new('mit').content, 'Add LICENSE', 'markdown', false)
+    it 'accepts changelog' do
+      expect(repository.tree).to receive(:blobs).and_return([TestBlob.new('changelog')])
 
-      expect(repository.license_blob).to be_nil
+      expect(repository.changelog.name).to eq('changelog')
     end
 
-    it 'favors license file with no extension' do
-      repository.commit_file(user, 'LICENSE', Licensee::License.new('mit').content, 'Add LICENSE', 'master', false)
-      repository.commit_file(user, 'LICENSE.md', Licensee::License.new('mit').content, 'Add LICENSE.md', 'master', false)
+    it 'accepts news instead of changelog' do
+      expect(repository.tree).to receive(:blobs).and_return([TestBlob.new('news')])
 
-      expect(repository.license_blob.name).to eq('LICENSE')
+      expect(repository.changelog.name).to eq('news')
     end
 
-    it 'favors .md file to .txt' do
-      repository.commit_file(user, 'LICENSE.md', Licensee::License.new('mit').content, 'Add LICENSE.md', 'master', false)
-      repository.commit_file(user, 'LICENSE.txt', Licensee::License.new('mit').content, 'Add LICENSE.txt', 'master', false)
+    it 'accepts history instead of changelog' do
+      expect(repository.tree).to receive(:blobs).and_return([TestBlob.new('history')])
 
-      expect(repository.license_blob.name).to eq('LICENSE.md')
+      expect(repository.changelog.name).to eq('history')
     end
 
-    it 'favors LICENCE to LICENSE' do
-      repository.commit_file(user, 'LICENSE', Licensee::License.new('mit').content, 'Add LICENSE', 'master', false)
-      repository.commit_file(user, 'LICENCE', Licensee::License.new('mit').content, 'Add LICENCE', 'master', false)
+    it 'accepts changes instead of changelog' do
+      expect(repository.tree).to receive(:blobs).and_return([TestBlob.new('changes')])
 
-      expect(repository.license_blob.name).to eq('LICENCE')
+      expect(repository.changelog.name).to eq('changes')
     end
 
-    it 'favors LICENSE to COPYING' do
-      repository.commit_file(user, 'LICENSE', Licensee::License.new('mit').content, 'Add LICENSE', 'master', false)
-      repository.commit_file(user, 'COPYING', Licensee::License.new('mit').content, 'Add COPYING', 'master', false)
+    it 'is case-insensitive' do
+      expect(repository.tree).to receive(:blobs).and_return([TestBlob.new('CHANGELOG')])
+
+      expect(repository.changelog.name).to eq('CHANGELOG')
+    end
+  end
+
+  describe "#license_blob" do
+    before do
+      repository.send(:cache).expire(:license_blob)
+      repository.remove_file(user, 'LICENSE', 'Remove LICENSE', 'master')
+    end
+
+    it 'looks in the root_ref only' do
+      repository.remove_file(user, 'LICENSE', 'Remove LICENSE', 'markdown')
+      repository.commit_file(user, 'LICENSE', Licensee::License.new('mit').content, 'Add LICENSE', 'markdown', false)
+
+      expect(repository.license_blob).to be_nil
+    end
+
+    it 'detects license file with no recognizable open-source license content' do
+      repository.commit_file(user, 'LICENSE', 'Copyright!', 'Add LICENSE', 'master', false)
 
       expect(repository.license_blob.name).to eq('LICENSE')
     end
 
-    it 'favors LICENCE to COPYING' do
-      repository.commit_file(user, 'LICENCE', Licensee::License.new('mit').content, 'Add LICENCE', 'master', false)
-      repository.commit_file(user, 'COPYING', Licensee::License.new('mit').content, 'Add COPYING', 'master', false)
+    %w[LICENSE LICENCE LiCensE LICENSE.md LICENSE.foo COPYING COPYING.md].each do |filename|
+      it "detects '#{filename}'" do
+        repository.commit_file(user, filename, Licensee::License.new('mit').content, "Add #{filename}", 'master', false)
 
-      expect(repository.license_blob.name).to eq('LICENCE')
+        expect(repository.license_blob.name).to eq(filename)
+      end
     end
   end
 
@@ -190,8 +204,14 @@ describe Repository, models: true do
       repository.remove_file(user, 'LICENSE', 'Remove LICENSE', 'master')
     end
 
-    it 'returns "no-license" when no license is detected' do
-      expect(repository.license_key).to eq('no-license')
+    it 'returns nil when no license is detected' do
+      expect(repository.license_key).to be_nil
+    end
+
+    it 'detects license file with no recognizable open-source license content' do
+      repository.commit_file(user, 'LICENSE', 'Copyright!', 'Add LICENSE', 'master', false)
+
+      expect(repository.license_key).to be_nil
     end
 
     it 'returns the license key' do
@@ -541,7 +561,7 @@ describe Repository, models: true do
   end
 
   describe :skip_merged_commit do
-    subject { repository.commits(Gitlab::Git::BRANCH_REF_PREFIX + "'test'", nil, 100, 0, true).map{ |k| k.id } }
+    subject { repository.commits(Gitlab::Git::BRANCH_REF_PREFIX + "'test'", limit: 100, skip_merges: true).map{ |k| k.id } }
 
     it { is_expected.not_to include('e56497bb5f03a90a51293fc6d516788730953899') }
   end
@@ -775,6 +795,16 @@ describe Repository, models: true do
 
   end
 
+  describe "#copy_gitattributes" do
+    it 'returns true with a valid ref' do
+      expect(repository.copy_gitattributes('master')).to be_truthy
+    end
+
+    it 'returns false with an invalid ref' do
+      expect(repository.copy_gitattributes('invalid')).to be_falsey
+    end
+  end
+
   describe "#main_language" do
     it 'shows the main language of the project' do
       expect(repository.main_language).to eq("Ruby")
@@ -828,13 +858,30 @@ describe Repository, models: true do
   end
 
   describe '#add_tag' do
-    it 'adds a tag' do
-      expect(repository).to receive(:before_push_tag)
+    context 'with a valid target' do
+      let(:user) { build_stubbed(:user) }
+
+      it 'creates the tag using rugged' do
+        expect(repository.rugged.tags).to receive(:create).
+          with('8.5', repository.commit('master').id,
+            hash_including(message: 'foo',
+                           tagger: hash_including(name: user.name, email: user.email))).
+          and_call_original
+
+        repository.add_tag(user, '8.5', 'master', 'foo')
+      end
 
-      expect_any_instance_of(Gitlab::Shell).to receive(:add_tag).
-        with(repository.path_with_namespace, '8.5', 'master', 'foo')
+      it 'returns a Gitlab::Git::Tag object' do
+        tag = repository.add_tag(user, '8.5', 'master', 'foo')
 
-      repository.add_tag('8.5', 'master', 'foo')
+        expect(tag).to be_a(Gitlab::Git::Tag)
+      end
+    end
+
+    context 'with an invalid target' do
+      it 'returns false' do
+        expect(repository.add_tag(user, '8.5', 'bar', 'foo')).to be false
+      end
     end
   end
 
diff --git a/spec/models/service_spec.rb b/spec/models/service_spec.rb
index 173628c08d0..8592e112c50 100644
--- a/spec/models/service_spec.rb
+++ b/spec/models/service_spec.rb
@@ -1,24 +1,3 @@
-# == Schema Information
-#
-# Table name: services
-#
-#  id                    :integer          not null, primary key
-#  type                  :string(255)
-#  title                 :string(255)
-#  project_id            :integer
-#  created_at            :datetime
-#  updated_at            :datetime
-#  active                :boolean          default(FALSE), not null
-#  properties            :text
-#  template              :boolean          default(FALSE)
-#  push_events           :boolean          default(TRUE)
-#  issues_events         :boolean          default(TRUE)
-#  merge_requests_events :boolean          default(TRUE)
-#  tag_push_events       :boolean          default(TRUE)
-#  note_events           :boolean          default(TRUE), not null
-#  build_events          :boolean          default(FALSE), not null
-#
-
 require 'spec_helper'
 
 describe Service, models: true do
diff --git a/spec/models/snippet_spec.rb b/spec/models/snippet_spec.rb
index 5077ac7b62b..7a613e360d4 100644
--- a/spec/models/snippet_spec.rb
+++ b/spec/models/snippet_spec.rb
@@ -1,19 +1,3 @@
-# == Schema Information
-#
-# Table name: snippets
-#
-#  id               :integer          not null, primary key
-#  title            :string(255)
-#  content          :text
-#  author_id        :integer          not null
-#  project_id       :integer
-#  created_at       :datetime
-#  updated_at       :datetime
-#  file_name        :string(255)
-#  type             :string(255)
-#  visibility_level :integer          default(0), not null
-#
-
 require 'spec_helper'
 
 describe Snippet, models: true do
diff --git a/spec/models/todo_spec.rb b/spec/models/todo_spec.rb
index d9b86b9368f..623b82c01d8 100644
--- a/spec/models/todo_spec.rb
+++ b/spec/models/todo_spec.rb
@@ -1,21 +1,3 @@
-# == Schema Information
-#
-# Table name: todos
-#
-#  id          :integer          not null, primary key
-#  user_id     :integer          not null
-#  project_id  :integer          not null
-#  target_id   :integer
-#  target_type :string           not null
-#  author_id   :integer
-#  action      :integer          not null
-#  state       :string           not null
-#  created_at  :datetime
-#  updated_at  :datetime
-#  note_id     :integer
-#  commit_id   :string
-#
-
 require 'spec_helper'
 
 describe Todo, models: true do
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 8b2fb77e28e..9581990666b 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -1,66 +1,3 @@
-# == Schema Information
-#
-# Table name: users
-#
-#  id                          :integer          not null, primary key
-#  email                       :string(255)      default(""), not null
-#  encrypted_password          :string(255)      default(""), not null
-#  reset_password_token        :string(255)
-#  reset_password_sent_at      :datetime
-#  remember_created_at         :datetime
-#  sign_in_count               :integer          default(0)
-#  current_sign_in_at          :datetime
-#  last_sign_in_at             :datetime
-#  current_sign_in_ip          :string(255)
-#  last_sign_in_ip             :string(255)
-#  created_at                  :datetime
-#  updated_at                  :datetime
-#  name                        :string(255)
-#  admin                       :boolean          default(FALSE), not null
-#  projects_limit              :integer          default(10)
-#  skype                       :string(255)      default(""), not null
-#  linkedin                    :string(255)      default(""), not null
-#  twitter                     :string(255)      default(""), not null
-#  authentication_token        :string(255)
-#  theme_id                    :integer          default(1), not null
-#  bio                         :string(255)
-#  failed_attempts             :integer          default(0)
-#  locked_at                   :datetime
-#  username                    :string(255)
-#  can_create_group            :boolean          default(TRUE), not null
-#  can_create_team             :boolean          default(TRUE), not null
-#  state                       :string(255)
-#  color_scheme_id             :integer          default(1), not null
-#  notification_level          :integer          default(1), not null
-#  password_expires_at         :datetime
-#  created_by_id               :integer
-#  last_credential_check_at    :datetime
-#  avatar                      :string(255)
-#  confirmation_token          :string(255)
-#  confirmed_at                :datetime
-#  confirmation_sent_at        :datetime
-#  unconfirmed_email           :string(255)
-#  hide_no_ssh_key             :boolean          default(FALSE)
-#  website_url                 :string(255)      default(""), not null
-#  notification_email          :string(255)
-#  hide_no_password            :boolean          default(FALSE)
-#  password_automatically_set  :boolean          default(FALSE)
-#  location                    :string(255)
-#  encrypted_otp_secret        :string(255)
-#  encrypted_otp_secret_iv     :string(255)
-#  encrypted_otp_secret_salt   :string(255)
-#  otp_required_for_login      :boolean          default(FALSE), not null
-#  otp_backup_codes            :text
-#  public_email                :string(255)      default(""), not null
-#  dashboard                   :integer          default(0)
-#  project_view                :integer          default(0)
-#  consumed_timestep           :integer
-#  layout                      :integer          default(0)
-#  hide_project_limit          :boolean          default(FALSE)
-#  unlock_token                :string
-#  otp_grace_period_started_at :datetime
-#
-
 require 'spec_helper'
 
 describe User, models: true do
@@ -204,6 +141,7 @@ describe User, models: true do
   end
 
   describe '#confirm' do
+    before { allow(current_application_settings).to receive(:send_user_confirmation_email).and_return(true) }
     let(:user) { create(:user, confirmed_at: nil, unconfirmed_email: 'test@gitlab.com') }
 
     it 'returns unconfirmed' do
@@ -845,4 +783,23 @@ describe User, models: true do
 
     it { is_expected.to eq([private_project]) }
   end
+
+  describe '#viewable_starred_projects' do
+    let(:user) { create(:user) }
+    let(:public_project) { create(:empty_project, :public) }
+    let(:private_project) { create(:empty_project, :private) }
+    let(:private_viewable_project) { create(:empty_project, :private) }
+
+    before do
+      private_viewable_project.team << [user, Gitlab::Access::MASTER]
+
+      [public_project, private_project, private_viewable_project].each do |project|
+        user.toggle_star(project)
+      end
+    end
+
+    it 'returns only starred projects the user can view' do
+      expect(user.viewable_starred_projects).not_to include(private_project)
+    end
+  end
 end
diff --git a/spec/requests/api/builds_spec.rb b/spec/requests/api/builds_spec.rb
index 5ead735be48..0fbc984c061 100644
--- a/spec/requests/api/builds_spec.rb
+++ b/spec/requests/api/builds_spec.rb
@@ -106,8 +106,8 @@ describe API::API, api: true  do
 
       context 'authorized user' do
         let(:download_headers) do
-          { 'Content-Transfer-Encoding'=>'binary',
-            'Content-Disposition'=>'attachment; filename=ci_build_artifacts.zip' }
+          { 'Content-Transfer-Encoding' => 'binary',
+            'Content-Disposition' => 'attachment; filename=ci_build_artifacts.zip' }
         end
 
         it 'should return specific build artifacts' do
diff --git a/spec/requests/api/commit_status_spec.rb b/spec/requests/api/commit_statuses_spec.rb
index f3785b19362..633927c8c3e 100644
--- a/spec/requests/api/commit_status_spec.rb
+++ b/spec/requests/api/commit_statuses_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe API::CommitStatus, api: true do
+describe API::CommitStatuses, api: true do
   include ApiHelpers
 
   let!(:project) { create(:project) }
diff --git a/spec/requests/api/commits_spec.rb b/spec/requests/api/commits_spec.rb
index e28998d51b5..cb82ca7802d 100644
--- a/spec/requests/api/commits_spec.rb
+++ b/spec/requests/api/commits_spec.rb
@@ -32,6 +32,41 @@ describe API::API, api: true  do
         expect(response.status).to eq(401)
       end
     end
+
+    context "since optional parameter" do
+      it "should return project commits since provided parameter" do
+        commits = project.repository.commits("master")
+        since = commits.second.created_at
+
+        get api("/projects/#{project.id}/repository/commits?since=#{since.utc.iso8601}", user)
+
+        expect(json_response.size).to eq 2
+        expect(json_response.first["id"]).to eq(commits.first.id)
+        expect(json_response.second["id"]).to eq(commits.second.id)
+      end
+    end
+
+    context "until optional parameter" do
+      it "should return project commits until provided parameter" do
+        commits = project.repository.commits("master")
+        before = commits.second.created_at
+
+        get api("/projects/#{project.id}/repository/commits?until=#{before.utc.iso8601}", user)
+
+        expect(json_response.size).to eq(commits.size - 1)
+        expect(json_response.first["id"]).to eq(commits.second.id)
+        expect(json_response.second["id"]).to eq(commits.third.id)
+      end
+    end
+
+    context "invalid xmlschema date parameters" do
+      it "should return an invalid parameter error message" do
+        get api("/projects/#{project.id}/repository/commits?since=invalid-date", user)
+
+        expect(response.status).to eq(400)
+        expect(json_response['message']).to include "\"since\" must be a timestamp in ISO 8601 format"
+      end
+    end
   end
 
   describe "GET /projects:id/repository/commits/:sha" do
diff --git a/spec/requests/api/group_members_spec.rb b/spec/requests/api/group_members_spec.rb
index 96d89e69209..02553d0f8e2 100644
--- a/spec/requests/api/group_members_spec.rb
+++ b/spec/requests/api/group_members_spec.rb
@@ -34,11 +34,11 @@ describe API::API, api: true  do
           expect(response.status).to eq(200)
           expect(json_response).to be_an Array
           expect(json_response.size).to eq(5)
-          expect(json_response.find { |e| e['id']==owner.id }['access_level']).to eq(GroupMember::OWNER)
-          expect(json_response.find { |e| e['id']==reporter.id }['access_level']).to eq(GroupMember::REPORTER)
-          expect(json_response.find { |e| e['id']==developer.id }['access_level']).to eq(GroupMember::DEVELOPER)
-          expect(json_response.find { |e| e['id']==master.id }['access_level']).to eq(GroupMember::MASTER)
-          expect(json_response.find { |e| e['id']==guest.id }['access_level']).to eq(GroupMember::GUEST)
+          expect(json_response.find { |e| e['id'] == owner.id }['access_level']).to eq(GroupMember::OWNER)
+          expect(json_response.find { |e| e['id'] == reporter.id }['access_level']).to eq(GroupMember::REPORTER)
+          expect(json_response.find { |e| e['id'] == developer.id }['access_level']).to eq(GroupMember::DEVELOPER)
+          expect(json_response.find { |e| e['id'] == master.id }['access_level']).to eq(GroupMember::MASTER)
+          expect(json_response.find { |e| e['id'] == guest.id }['access_level']).to eq(GroupMember::GUEST)
         end
       end
 
diff --git a/spec/requests/api/issues_spec.rb b/spec/requests/api/issues_spec.rb
index f88e39cad9e..37ab9cc8cfe 100644
--- a/spec/requests/api/issues_spec.rb
+++ b/spec/requests/api/issues_spec.rb
@@ -39,6 +39,7 @@ describe API::API, api: true  do
   let!(:empty_milestone) do
     create(:milestone, title: '2.0.0', project: project)
   end
+  let!(:note) { create(:note_on_issue, author: user, project: project, noteable: issue) }
 
   before { project.team << [user, :reporter] }
 
@@ -232,8 +233,28 @@ describe API::API, api: true  do
   end
 
   describe "GET /projects/:id/issues/:issue_id" do
+    it 'exposes known attributes' do
+      get api("/projects/#{project.id}/issues/#{issue.id}", user)
+
+      expect(response.status).to eq(200)
+      expect(json_response['id']).to eq(issue.id)
+      expect(json_response['iid']).to eq(issue.iid)
+      expect(json_response['project_id']).to eq(issue.project.id)
+      expect(json_response['title']).to eq(issue.title)
+      expect(json_response['description']).to eq(issue.description)
+      expect(json_response['state']).to eq(issue.state)
+      expect(json_response['created_at']).to be_present
+      expect(json_response['updated_at']).to be_present
+      expect(json_response['labels']).to eq(issue.label_names)
+      expect(json_response['milestone']).to be_a Hash
+      expect(json_response['assignee']).to be_a Hash
+      expect(json_response['author']).to be_a Hash
+      expect(json_response['user_notes_count']).to be(1)
+    end
+
     it "should return a project issue by id" do
       get api("/projects/#{project.id}/issues/#{issue.id}", user)
+
       expect(response.status).to eq(200)
       expect(json_response['title']).to eq(issue.title)
       expect(json_response['iid']).to eq(issue.iid)
@@ -602,6 +623,12 @@ describe API::API, api: true  do
 
       expect(response.status).to eq(404)
     end
+
+    it 'returns 404 if the issue is confidential' do
+      post api("/projects/#{project.id}/issues/#{confidential_issue.id}/subscription", non_member)
+
+      expect(response.status).to eq(404)
+    end
   end
 
   describe 'DELETE :id/issues/:issue_id/subscription' do
@@ -623,5 +650,11 @@ describe API::API, api: true  do
 
       expect(response.status).to eq(404)
     end
+
+    it 'returns 404 if the issue is confidential' do
+      delete api("/projects/#{project.id}/issues/#{confidential_issue.id}/subscription", non_member)
+
+      expect(response.status).to eq(404)
+    end
   end
 end
diff --git a/spec/requests/api/labels_spec.rb b/spec/requests/api/labels_spec.rb
index 6943ff9d26c..b2c7f8d9acb 100644
--- a/spec/requests/api/labels_spec.rb
+++ b/spec/requests/api/labels_spec.rb
@@ -190,4 +190,86 @@ describe API::API, api: true  do
       expect(json_response['message']['color']).to eq(['must be a valid color code'])
     end
   end
+
+  describe "POST /projects/:id/labels/:label_id/subscription" do
+    context "when label_id is a label title" do
+      it "should subscribe to the label" do
+        post api("/projects/#{project.id}/labels/#{label1.title}/subscription", user)
+
+        expect(response.status).to eq(201)
+        expect(json_response["name"]).to eq(label1.title)
+        expect(json_response["subscribed"]).to be_truthy
+      end
+    end
+
+    context "when label_id is a label ID" do
+      it "should subscribe to the label" do
+        post api("/projects/#{project.id}/labels/#{label1.id}/subscription", user)
+
+        expect(response.status).to eq(201)
+        expect(json_response["name"]).to eq(label1.title)
+        expect(json_response["subscribed"]).to be_truthy
+      end
+    end
+
+    context "when user is already subscribed to label" do
+      before { label1.subscribe(user) }
+
+      it "should return 304" do
+        post api("/projects/#{project.id}/labels/#{label1.id}/subscription", user)
+
+        expect(response.status).to eq(304)
+      end
+    end
+
+    context "when label ID is not found" do
+      it "should a return 404 error" do
+        post api("/projects/#{project.id}/labels/1234/subscription", user)
+
+        expect(response.status).to eq(404)
+      end
+    end
+  end
+
+  describe "DELETE /projects/:id/labels/:label_id/subscription" do
+    before { label1.subscribe(user) }
+
+    context "when label_id is a label title" do
+      it "should unsubscribe from the label" do
+        delete api("/projects/#{project.id}/labels/#{label1.title}/subscription", user)
+
+        expect(response.status).to eq(200)
+        expect(json_response["name"]).to eq(label1.title)
+        expect(json_response["subscribed"]).to be_falsey
+      end
+    end
+
+    context "when label_id is a label ID" do
+      it "should unsubscribe from the label" do
+        delete api("/projects/#{project.id}/labels/#{label1.id}/subscription", user)
+
+        expect(response.status).to eq(200)
+        expect(json_response["name"]).to eq(label1.title)
+        expect(json_response["subscribed"]).to be_falsey
+      end
+    end
+
+    context "when user is already unsubscribed from label" do
+      before { label1.unsubscribe(user) }
+
+      it "should return 304" do
+        delete api("/projects/#{project.id}/labels/#{label1.id}/subscription", user)
+
+        expect(response.status).to eq(304)
+      end
+    end
+
+    context "when label ID is not found" do
+      it "should a return 404 error" do
+        delete api("/projects/#{project.id}/labels/1234/subscription", user)
+
+        expect(response.status).to eq(404)
+      end
+    end
+  end
 end
diff --git a/spec/requests/api/merge_requests_spec.rb b/spec/requests/api/merge_requests_spec.rb
index 1fa7e76894f..4b0111df149 100644
--- a/spec/requests/api/merge_requests_spec.rb
+++ b/spec/requests/api/merge_requests_spec.rb
@@ -113,6 +113,34 @@ describe API::API, api: true  do
   end
 
   describe "GET /projects/:id/merge_requests/:merge_request_id" do
+    it 'exposes known attributes' do
+      get api("/projects/#{project.id}/merge_requests/#{merge_request.id}", user)
+
+      expect(response.status).to eq(200)
+      expect(json_response['id']).to eq(merge_request.id)
+      expect(json_response['iid']).to eq(merge_request.iid)
+      expect(json_response['project_id']).to eq(merge_request.project.id)
+      expect(json_response['title']).to eq(merge_request.title)
+      expect(json_response['description']).to eq(merge_request.description)
+      expect(json_response['state']).to eq(merge_request.state)
+      expect(json_response['created_at']).to be_present
+      expect(json_response['updated_at']).to be_present
+      expect(json_response['labels']).to eq(merge_request.label_names)
+      expect(json_response['milestone']).to be_nil
+      expect(json_response['assignee']).to be_a Hash
+      expect(json_response['author']).to be_a Hash
+      expect(json_response['target_branch']).to eq(merge_request.target_branch)
+      expect(json_response['source_branch']).to eq(merge_request.source_branch)
+      expect(json_response['upvotes']).to eq(0)
+      expect(json_response['downvotes']).to eq(0)
+      expect(json_response['source_project_id']).to eq(merge_request.source_project.id)
+      expect(json_response['target_project_id']).to eq(merge_request.target_project.id)
+      expect(json_response['work_in_progress']).to be_falsy
+      expect(json_response['merge_when_build_succeeds']).to be_falsy
+      expect(json_response['merge_status']).to eq('can_be_merged')
+      expect(json_response['user_notes_count']).to be(2)
+    end
+
     it "should return merge_request" do
       get api("/projects/#{project.id}/merge_requests/#{merge_request.id}", user)
       expect(response.status).to eq(200)
diff --git a/spec/requests/api/milestones_spec.rb b/spec/requests/api/milestones_spec.rb
index 344f0fe0b7f..241995041bb 100644
--- a/spec/requests/api/milestones_spec.rb
+++ b/spec/requests/api/milestones_spec.rb
@@ -127,7 +127,7 @@ describe API::API, api: true  do
 
   describe 'GET /projects/:id/milestones/:milestone_id/issues' do
     before do
-      milestone.issues << create(:issue)
+      milestone.issues << create(:issue, project: project)
     end
     it 'should return project issues for a particular milestone' do
       get api("/projects/#{project.id}/milestones/#{milestone.id}/issues", user)
@@ -140,5 +140,34 @@ describe API::API, api: true  do
       get api("/projects/#{project.id}/milestones/#{milestone.id}/issues")
       expect(response.status).to eq(401)
     end
+
+    describe 'confidential issues' do
+      let(:public_project) { create(:project, :public) }
+      let(:milestone) { create(:milestone, project: public_project) }
+      let(:issue) { create(:issue, project: public_project) }
+      let(:confidential_issue) { create(:issue, confidential: true, project: public_project) }
+      before do
+        public_project.team << [user, :developer]
+        milestone.issues << issue << confidential_issue
+      end
+
+      it 'returns confidential issues to team members' do
+        get api("/projects/#{public_project.id}/milestones/#{milestone.id}/issues", user)
+
+        expect(response.status).to eq(200)
+        expect(json_response).to be_an Array
+        expect(json_response.size).to eq(2)
+        expect(json_response.map { |issue| issue['id'] }).to include(issue.id, confidential_issue.id)
+      end
+
+      it 'does not return confidential issues to regular users' do
+        get api("/projects/#{public_project.id}/milestones/#{milestone.id}/issues", create(:user))
+
+        expect(response.status).to eq(200)
+        expect(json_response).to be_an Array
+        expect(json_response.size).to eq(1)
+        expect(json_response.map { |issue| issue['id'] }).to include(issue.id)
+      end
+    end
   end
 end
diff --git a/spec/requests/api/notes_spec.rb b/spec/requests/api/notes_spec.rb
index ec9eda0a2ed..ed1ed5aeb95 100644
--- a/spec/requests/api/notes_spec.rb
+++ b/spec/requests/api/notes_spec.rb
@@ -3,7 +3,7 @@ require 'spec_helper'
 describe API::API, api: true  do
   include ApiHelpers
   let(:user) { create(:user) }
-  let!(:project) { create(:project, namespace: user.namespace ) }
+  let!(:project) { create(:project, :public, namespace: user.namespace) }
   let!(:issue) { create(:issue, project: project, author: user) }
   let!(:merge_request) { create(:merge_request, source_project: project, target_project: project, author: user) }
   let!(:snippet) { create(:project_snippet, project: project, author: user) }
@@ -39,27 +39,41 @@ describe API::API, api: true  do
     context "when noteable is an Issue" do
       it "should return an array of issue notes" do
         get api("/projects/#{project.id}/issues/#{issue.id}/notes", user)
+
         expect(response.status).to eq(200)
         expect(json_response).to be_an Array
         expect(json_response.first['body']).to eq(issue_note.note)
       end
 
       it "should return a 404 error when issue id not found" do
-        get api("/projects/#{project.id}/issues/123/notes", user)
+        get api("/projects/#{project.id}/issues/12345/notes", user)
+
         expect(response.status).to eq(404)
       end
 
-      context "that references a private issue" do
+      context "and current user cannot view the notes" do
         it "should return an empty array" do
           get api("/projects/#{ext_proj.id}/issues/#{ext_issue.id}/notes", user)
+
           expect(response.status).to eq(200)
           expect(json_response).to be_an Array
           expect(json_response).to be_empty
         end
 
+        context "and issue is confidential" do
+          before { ext_issue.update_attributes(confidential: true) }
+
+          it "returns 404" do
+            get api("/projects/#{ext_proj.id}/issues/#{ext_issue.id}/notes", user)
+
+            expect(response.status).to eq(404)
+          end
+        end
+
         context "and current user can view the note" do
           it "should return an empty array" do
             get api("/projects/#{ext_proj.id}/issues/#{ext_issue.id}/notes", private_user)
+
             expect(response.status).to eq(200)
             expect(json_response).to be_an Array
             expect(json_response.first['body']).to eq(cross_reference_note.note)
@@ -71,6 +85,7 @@ describe API::API, api: true  do
     context "when noteable is a Snippet" do
       it "should return an array of snippet notes" do
         get api("/projects/#{project.id}/snippets/#{snippet.id}/notes", user)
+
         expect(response.status).to eq(200)
         expect(json_response).to be_an Array
         expect(json_response.first['body']).to eq(snippet_note.note)
@@ -78,6 +93,13 @@ describe API::API, api: true  do
 
       it "should return a 404 error when snippet id not found" do
         get api("/projects/#{project.id}/snippets/42/notes", user)
+
+        expect(response.status).to eq(404)
+      end
+
+      it "returns 404 when not authorized" do
+        get api("/projects/#{project.id}/snippets/#{snippet.id}/notes", private_user)
+
         expect(response.status).to eq(404)
       end
     end
@@ -85,6 +107,7 @@ describe API::API, api: true  do
     context "when noteable is a Merge Request" do
       it "should return an array of merge_requests notes" do
         get api("/projects/#{project.id}/merge_requests/#{merge_request.id}/notes", user)
+
         expect(response.status).to eq(200)
         expect(json_response).to be_an Array
         expect(json_response.first['body']).to eq(merge_request_note.note)
@@ -92,6 +115,13 @@ describe API::API, api: true  do
 
       it "should return a 404 error if merge request id not found" do
         get api("/projects/#{project.id}/merge_requests/4444/notes", user)
+
+        expect(response.status).to eq(404)
+      end
+
+      it "returns 404 when not authorized" do
+        get api("/projects/#{project.id}/merge_requests/4444/notes", private_user)
+
         expect(response.status).to eq(404)
       end
     end
@@ -101,24 +131,39 @@ describe API::API, api: true  do
     context "when noteable is an Issue" do
       it "should return an issue note by id" do
         get api("/projects/#{project.id}/issues/#{issue.id}/notes/#{issue_note.id}", user)
+
         expect(response.status).to eq(200)
         expect(json_response['body']).to eq(issue_note.note)
       end
 
       it "should return a 404 error if issue note not found" do
-        get api("/projects/#{project.id}/issues/#{issue.id}/notes/123", user)
+        get api("/projects/#{project.id}/issues/#{issue.id}/notes/12345", user)
+
         expect(response.status).to eq(404)
       end
 
-      context "that references a private issue" do
+      context "and current user cannot view the note" do
         it "should return a 404 error" do
           get api("/projects/#{ext_proj.id}/issues/#{ext_issue.id}/notes/#{cross_reference_note.id}", user)
+
           expect(response.status).to eq(404)
         end
 
+        context "when issue is confidential" do
+          before { issue.update_attributes(confidential: true) }
+
+          it "returns 404" do
+            get api("/projects/#{project.id}/issues/#{issue.id}/notes/#{issue_note.id}", private_user)
+
+            expect(response.status).to eq(404)
+          end
+        end
+
+
         context "and current user can view the note" do
           it "should return an issue note by id" do
             get api("/projects/#{ext_proj.id}/issues/#{ext_issue.id}/notes/#{cross_reference_note.id}", private_user)
+
             expect(response.status).to eq(200)
             expect(json_response['body']).to eq(cross_reference_note.note)
           end
@@ -129,12 +174,14 @@ describe API::API, api: true  do
     context "when noteable is a Snippet" do
       it "should return a snippet note by id" do
         get api("/projects/#{project.id}/snippets/#{snippet.id}/notes/#{snippet_note.id}", user)
+
         expect(response.status).to eq(200)
         expect(json_response['body']).to eq(snippet_note.note)
       end
 
       it "should return a 404 error if snippet note not found" do
-        get api("/projects/#{project.id}/snippets/#{snippet.id}/notes/123", user)
+        get api("/projects/#{project.id}/snippets/#{snippet.id}/notes/12345", user)
+
         expect(response.status).to eq(404)
       end
     end
@@ -144,6 +191,7 @@ describe API::API, api: true  do
     context "when noteable is an Issue" do
       it "should create a new issue note" do
         post api("/projects/#{project.id}/issues/#{issue.id}/notes", user), body: 'hi!'
+
         expect(response.status).to eq(201)
         expect(json_response['body']).to eq('hi!')
         expect(json_response['author']['username']).to eq(user.username)
@@ -151,11 +199,13 @@ describe API::API, api: true  do
 
       it "should return a 400 bad request error if body not given" do
         post api("/projects/#{project.id}/issues/#{issue.id}/notes", user)
+
         expect(response.status).to eq(400)
       end
 
       it "should return a 401 unauthorized error if user not authenticated" do
         post api("/projects/#{project.id}/issues/#{issue.id}/notes"), body: 'hi!'
+
         expect(response.status).to eq(401)
       end
 
@@ -164,6 +214,7 @@ describe API::API, api: true  do
           creation_time = 2.weeks.ago
           post api("/projects/#{project.id}/issues/#{issue.id}/notes", user),
             body: 'hi!', created_at: creation_time
+
           expect(response.status).to eq(201)
           expect(json_response['body']).to eq('hi!')
           expect(json_response['author']['username']).to eq(user.username)
@@ -176,6 +227,7 @@ describe API::API, api: true  do
     context "when noteable is a Snippet" do
       it "should create a new snippet note" do
         post api("/projects/#{project.id}/snippets/#{snippet.id}/notes", user), body: 'hi!'
+
         expect(response.status).to eq(201)
         expect(json_response['body']).to eq('hi!')
         expect(json_response['author']['username']).to eq(user.username)
@@ -183,14 +235,37 @@ describe API::API, api: true  do
 
       it "should return a 400 bad request error if body not given" do
         post api("/projects/#{project.id}/snippets/#{snippet.id}/notes", user)
+
         expect(response.status).to eq(400)
       end
 
       it "should return a 401 unauthorized error if user not authenticated" do
         post api("/projects/#{project.id}/snippets/#{snippet.id}/notes"), body: 'hi!'
+
         expect(response.status).to eq(401)
       end
     end
+
+    context 'when user does not have access to create noteable' do
+      let(:private_issue) { create(:issue, project: create(:project, :private)) }
+
+      ##
+      # We are posting to project user has access to, but we use issue id
+      # from a different project, see #15577
+      #
+      before do
+        post api("/projects/#{project.id}/issues/#{private_issue.id}/notes", user),
+             body: 'Hi!'
+      end
+
+      it 'responds with 500' do
+        expect(response.status).to eq 500
+      end
+
+      it 'does not create new note' do
+        expect(private_issue.notes.reload).to be_empty
+      end
+    end
   end
 
   describe "POST /projects/:id/noteable/:noteable_id/notes to test observer on create" do
@@ -206,19 +281,22 @@ describe API::API, api: true  do
       it 'should return modified note' do
         put api("/projects/#{project.id}/issues/#{issue.id}/"\
                   "notes/#{issue_note.id}", user), body: 'Hello!'
+
         expect(response.status).to eq(200)
         expect(json_response['body']).to eq('Hello!')
       end
 
       it 'should return a 404 error when note id not found' do
-        put api("/projects/#{project.id}/issues/#{issue.id}/notes/123", user),
+        put api("/projects/#{project.id}/issues/#{issue.id}/notes/12345", user),
                 body: 'Hello!'
+
         expect(response.status).to eq(404)
       end
 
       it 'should return a 400 bad request error if body not given' do
         put api("/projects/#{project.id}/issues/#{issue.id}/"\
                   "notes/#{issue_note.id}", user)
+
         expect(response.status).to eq(400)
       end
     end
@@ -227,13 +305,15 @@ describe API::API, api: true  do
       it 'should return modified note' do
         put api("/projects/#{project.id}/snippets/#{snippet.id}/"\
                   "notes/#{snippet_note.id}", user), body: 'Hello!'
+
         expect(response.status).to eq(200)
         expect(json_response['body']).to eq('Hello!')
       end
 
       it 'should return a 404 error when note id not found' do
         put api("/projects/#{project.id}/snippets/#{snippet.id}/"\
-                  "notes/123", user), body: "Hello!"
+                  "notes/12345", user), body: "Hello!"
+
         expect(response.status).to eq(404)
       end
     end
@@ -242,13 +322,15 @@ describe API::API, api: true  do
       it 'should return modified note' do
         put api("/projects/#{project.id}/merge_requests/#{merge_request.id}/"\
                   "notes/#{merge_request_note.id}", user), body: 'Hello!'
+
         expect(response.status).to eq(200)
         expect(json_response['body']).to eq('Hello!')
       end
 
       it 'should return a 404 error when note id not found' do
         put api("/projects/#{project.id}/merge_requests/#{merge_request.id}/"\
-                  "notes/123", user), body: "Hello!"
+                  "notes/12345", user), body: "Hello!"
+
         expect(response.status).to eq(404)
       end
     end
@@ -268,7 +350,7 @@ describe API::API, api: true  do
       end
 
       it 'returns a 404 error when note id not found' do
-        delete api("/projects/#{project.id}/issues/#{issue.id}/notes/123", user)
+        delete api("/projects/#{project.id}/issues/#{issue.id}/notes/12345", user)
 
         expect(response.status).to eq(404)
       end
@@ -288,7 +370,7 @@ describe API::API, api: true  do
 
       it 'returns a 404 error when note id not found' do
         delete api("/projects/#{project.id}/snippets/#{snippet.id}/"\
-                   "notes/123", user)
+                   "notes/12345", user)
 
         expect(response.status).to eq(404)
       end
@@ -308,7 +390,7 @@ describe API::API, api: true  do
 
       it 'returns a 404 error when note id not found' do
         delete api("/projects/#{project.id}/merge_requests/"\
-                   "#{merge_request.id}/notes/123", user)
+                   "#{merge_request.id}/notes/12345", user)
 
         expect(response.status).to eq(404)
       end
diff --git a/spec/requests/api/project_hooks_spec.rb b/spec/requests/api/project_hooks_spec.rb
index 142b637d291..ffb93bbb120 100644
--- a/spec/requests/api/project_hooks_spec.rb
+++ b/spec/requests/api/project_hooks_spec.rb
@@ -148,14 +148,24 @@ describe API::API, 'ProjectHooks', api: true do
       expect(response.status).to eq(200)
     end
 
-    it "should return success when deleting non existent hook" do
+    it "should return a 404 error when deleting non existent hook" do
       delete api("/projects/#{project.id}/hooks/42", user)
-      expect(response.status).to eq(200)
+      expect(response.status).to eq(404)
     end
 
     it "should return a 405 error if hook id not given" do
       delete api("/projects/#{project.id}/hooks", user)
       expect(response.status).to eq(405)
     end
+
+    it "shold return a 404 if a user attempts to delete project hooks he/she does not own" do
+      test_user = create(:user)
+      other_project = create(:project)
+      other_project.team << [test_user, :master]
+
+      delete api("/projects/#{other_project.id}/hooks/#{hook.id}", test_user)
+      expect(response.status).to eq(404)
+      expect(WebHook.exists?(hook.id)).to be_truthy
+    end
   end
 end
diff --git a/spec/requests/api/project_snippets_spec.rb b/spec/requests/api/project_snippets_spec.rb
index 3722ddf5a33..9706d060cfa 100644
--- a/spec/requests/api/project_snippets_spec.rb
+++ b/spec/requests/api/project_snippets_spec.rb
@@ -15,4 +15,91 @@ describe API::API, api: true do
       expect(json_response['expires_at']).to be_nil
     end
   end
+
+  describe 'GET /projects/:project_id/snippets/' do
+    it 'all snippets available to team member' do
+      project = create(:project, :public)
+      user = create(:user)
+      project.team << [user, :developer]
+      public_snippet = create(:project_snippet, :public, project: project)
+      internal_snippet = create(:project_snippet, :internal, project: project)
+      private_snippet = create(:project_snippet, :private, project: project)
+
+      get api("/projects/#{project.id}/snippets/", user)
+
+      expect(response.status).to eq(200)
+      expect(json_response.size).to eq(3)
+      expect(json_response.map{ |snippet| snippet['id']} ).to include(public_snippet.id, internal_snippet.id, private_snippet.id)
+    end
+
+    it 'hides private snippets from regular user' do
+      project = create(:project, :public)
+      user = create(:user)
+      create(:project_snippet, :private, project: project)
+
+      get api("/projects/#{project.id}/snippets/", user)
+      expect(response.status).to eq(200)
+      expect(json_response.size).to eq(0)
+    end
+  end
+
+  describe 'POST /projects/:project_id/snippets/' do
+    it 'creates a new snippet' do
+      admin = create(:admin)
+      project = create(:project)
+      params = {
+        title: 'Test Title',
+        file_name: 'test.rb',
+        code: 'puts "hello world"',
+        visibility_level: Gitlab::VisibilityLevel::PUBLIC
+      }
+
+      post api("/projects/#{project.id}/snippets/", admin), params
+
+      expect(response.status).to eq(201)
+      snippet = ProjectSnippet.find(json_response['id'])
+      expect(snippet.content).to eq(params[:code])
+      expect(snippet.title).to eq(params[:title])
+      expect(snippet.file_name).to eq(params[:file_name])
+      expect(snippet.visibility_level).to eq(params[:visibility_level])
+    end
+  end
+
+  describe 'PUT /projects/:project_id/snippets/:id/' do
+    it 'updates snippet' do
+      admin = create(:admin)
+      snippet = create(:project_snippet, author: admin)
+      new_content = 'New content'
+
+      put api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/", admin), code: new_content
+
+      expect(response.status).to eq(200)
+      snippet.reload
+      expect(snippet.content).to eq(new_content)
+    end
+  end
+
+  describe 'DELETE /projects/:project_id/snippets/:id/' do
+    it 'deletes snippet' do
+      admin = create(:admin)
+      snippet = create(:project_snippet, author: admin)
+
+      delete api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/", admin)
+
+      expect(response.status).to eq(200)
+    end
+  end
+
+  describe 'GET /projects/:project_id/snippets/:id/raw' do
+    it 'returns raw text' do
+      admin = create(:admin)
+      snippet = create(:project_snippet, author: admin)
+
+      get api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/raw", admin)
+
+      expect(response.status).to eq(200)
+      expect(response.content_type).to eq 'text/plain'
+      expect(response.body).to eq(snippet.content)
+    end
+  end
 end
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index fccd08bd6da..f167813e07d 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -10,20 +10,20 @@ describe API::API, api: true  do
   let(:admin) { create(:admin) }
   let(:project) { create(:project, creator_id: user.id, namespace: user.namespace) }
   let(:project2) { create(:project, path: 'project2', creator_id: user.id, namespace: user.namespace) }
-  let(:project3) { create(:project, path: 'project3', creator_id: user.id, namespace: user.namespace) }
-  let(:snippet) { create(:project_snippet, author: user, project: project, title: 'example') }
+  let(:snippet) { create(:project_snippet, :public, author: user, project: project, title: 'example') }
   let(:project_member) { create(:project_member, :master, user: user, project: project) }
   let(:project_member2) { create(:project_member, :developer, user: user3, project: project) }
   let(:user4) { create(:user) }
   let(:project3) do
     create(:project,
+    :private,
     name: 'second_project',
     path: 'second_project',
     creator_id: user.id,
     namespace: user.namespace,
     merge_requests_enabled: false,
     issues_enabled: false, wiki_enabled: false,
-    snippets_enabled: false, visibility_level: 0)
+    snippets_enabled: false)
   end
   let(:project_member3) do
     create(:project_member,
@@ -164,21 +164,18 @@ describe API::API, api: true  do
   end
 
   describe 'GET /projects/starred' do
+    let(:public_project) { create(:project, :public) }
+
     before do
-      admin.starred_projects << project
-      admin.save!
+      project_member2
+      user3.update_attributes(starred_projects: [project, project2, project3, public_project])
     end
 
-    it 'should return the starred projects' do
-      get api('/projects/all', admin)
+    it 'should return the starred projects viewable by the user' do
+      get api('/projects/starred', user3)
       expect(response.status).to eq(200)
       expect(json_response).to be_an Array
-
-      expect(json_response).to satisfy do |response|
-        response.one? do |entry|
-          entry['name'] == project.name
-        end
-      end
+      expect(json_response.map { |project| project['id'] }).to contain_exactly(project.id, public_project.id)
     end
   end
 
diff --git a/spec/requests/api/tags_spec.rb b/spec/requests/api/tags_spec.rb
index edcb2bedbf7..12e170b232f 100644
--- a/spec/requests/api/tags_spec.rb
+++ b/spec/requests/api/tags_spec.rb
@@ -147,7 +147,7 @@ describe API::API, api: true  do
            tag_name: 'v8.0.0',
            ref: 'master'
       expect(response.status).to eq(400)
-      expect(json_response['message']).to eq('Tag already exists')
+      expect(json_response['message']).to eq('Tag v8.0.0 already exists')
     end
 
     it 'should return 400 if ref name is invalid' do
@@ -155,7 +155,7 @@ describe API::API, api: true  do
            tag_name: 'mytag',
            ref: 'foo'
       expect(response.status).to eq(400)
-      expect(json_response['message']).to eq('Invalid reference name')
+      expect(json_response['message']).to eq('Target foo is invalid')
     end
   end
 
diff --git a/spec/requests/ci/api/builds_spec.rb b/spec/requests/ci/api/builds_spec.rb
index dfd361a2cdd..cae4656010f 100644
--- a/spec/requests/ci/api/builds_spec.rb
+++ b/spec/requests/ci/api/builds_spec.rb
@@ -402,8 +402,8 @@ describe Ci::API::API do
         context 'build has artifacts' do
           let(:build) { create(:ci_build, :artifacts) }
           let(:download_headers) do
-            { 'Content-Transfer-Encoding'=>'binary',
-              'Content-Disposition'=>'attachment; filename=ci_build_artifacts.zip' }
+            { 'Content-Transfer-Encoding' => 'binary',
+              'Content-Disposition' => 'attachment; filename=ci_build_artifacts.zip' }
           end
 
           it 'should download artifact' do
diff --git a/spec/requests/jwt_controller_spec.rb b/spec/requests/jwt_controller_spec.rb
new file mode 100644
index 00000000000..7bb71365a48
--- /dev/null
+++ b/spec/requests/jwt_controller_spec.rb
@@ -0,0 +1,72 @@
+require 'spec_helper'
+
+describe JwtController do
+  let(:service) { double(execute: {}) }
+  let(:service_class) { double(new: service) }
+  let(:service_name) { 'test' }
+  let(:parameters) { { service: service_name } }
+
+  before { stub_const('JwtController::SERVICES', service_name => service_class) }
+
+  context 'existing service' do
+    subject! { get '/jwt/auth', parameters }
+
+    it { expect(response.status).to eq(200) }
+
+    context 'returning custom http code' do
+      let(:service) { double(execute: { http_status: 505 }) }
+
+      it { expect(response.status).to eq(505) }
+    end
+  end
+
+  context 'when using authorized request' do
+    context 'using CI token' do
+      let(:project) { create(:empty_project, runners_token: 'token', builds_enabled: builds_enabled) }
+      let(:headers) { { authorization: credentials('gitlab_ci_token', project.runners_token) } }
+
+      subject! { get '/jwt/auth', parameters, headers }
+
+      context 'project with enabled CI' do
+        let(:builds_enabled) { true }
+
+        it { expect(service_class).to have_received(:new).with(project, nil, parameters) }
+      end
+
+      context 'project with disabled CI' do
+        let(:builds_enabled) { false }
+
+        it { expect(response.status).to eq(403) }
+      end
+    end
+
+    context 'using User login' do
+      let(:user) { create(:user) }
+      let(:headers) { { authorization: credentials('user', 'password') } }
+
+      before { expect_any_instance_of(Gitlab::Auth).to receive(:find).with('user', 'password').and_return(user) }
+
+      subject! { get '/jwt/auth', parameters, headers }
+
+      it { expect(service_class).to have_received(:new).with(nil, user, parameters) }
+    end
+
+    context 'using invalid login' do
+      let(:headers) { { authorization: credentials('invalid', 'password') } }
+
+      subject! { get '/jwt/auth', parameters, headers }
+
+      it { expect(response.status).to eq(403) }
+    end
+  end
+
+  context 'unknown service' do
+    subject! { get '/jwt/auth', service: 'unknown' }
+
+    it { expect(response.status).to eq(404) }
+  end
+
+  def credentials(login, password)
+    ActionController::HttpAuthentication::Basic.encode_credentials(login, password)
+  end
+end
diff --git a/spec/routing/admin_routing_spec.rb b/spec/routing/admin_routing_spec.rb
index cd16a8e6322..b5ed8584c8a 100644
--- a/spec/routing/admin_routing_spec.rb
+++ b/spec/routing/admin_routing_spec.rb
@@ -118,3 +118,10 @@ describe Admin::DashboardController, "routing" do
     expect(get("/admin")).to route_to('admin/dashboard#index')
   end
 end
+
+# admin_health_check GET    /admin/health_check(.:format) admin/health_check#show
+describe Admin::HealthCheckController, "routing" do
+  it "to #show" do
+    expect(get("/admin/health_check")).to route_to('admin/health_check#show')
+  end
+end
diff --git a/spec/routing/routing_spec.rb b/spec/routing/routing_spec.rb
index 1527eddfa48..de13c0db5d1 100644
--- a/spec/routing/routing_spec.rb
+++ b/spec/routing/routing_spec.rb
@@ -1,5 +1,42 @@
 require 'spec_helper'
 
+# user                       GET    /u/:username/
+# user_groups                GET    /u/:username/groups(.:format)
+# user_projects              GET    /u/:username/projects(.:format)
+# user_contributed_projects  GET    /u/:username/contributed(.:format)
+# user_snippets              GET    /u/:username/snippets(.:format)
+# user_calendar              GET    /u/:username/calendar(.:format)
+# user_calendar_activities   GET    /u/:username/calendar_activities(.:format)
+describe UsersController, "routing" do
+  it "to #show" do
+    expect(get("/u/User")).to route_to('users#show', username: 'User')
+  end
+
+  it "to #groups" do
+    expect(get("/u/User/groups")).to route_to('users#groups', username: 'User')
+  end
+
+  it "to #projects" do
+    expect(get("/u/User/projects")).to route_to('users#projects', username: 'User')
+  end
+
+  it "to #contributed" do
+    expect(get("/u/User/contributed")).to route_to('users#contributed', username: 'User')
+  end
+
+  it "to #snippets" do
+    expect(get("/u/User/snippets")).to route_to('users#snippets', username: 'User')
+  end
+
+  it "to #calendar" do
+    expect(get("/u/User/calendar")).to route_to('users#calendar', username: 'User')
+  end
+
+  it "to #calendar_activities" do
+    expect(get("/u/User/calendar_activities")).to route_to('users#calendar_activities', username: 'User')
+  end
+end
+
 # search GET    /search(.:format) search#show
 describe SearchController, "routing" do
   it "to #show" do
@@ -27,10 +64,6 @@ end
 #          PUT    /snippets/:id(.:format)      snippets#update
 #          DELETE /snippets/:id(.:format)      snippets#destroy
 describe SnippetsController, "routing" do
-  it "to #user_index" do
-    expect(get("/s/User")).to route_to('snippets#index', username: 'User')
-  end
-
   it "to #raw" do
     expect(get("/snippets/1/raw")).to route_to('snippets#raw', id: '1')
   end
@@ -243,3 +276,13 @@ describe "Groups", "routing" do
     expect(get('/1')).to route_to('namespaces#show', id: '1')
   end
 end
+
+describe HealthCheckController, 'routing' do
+  it 'to #index' do
+    expect(get('/health_check')).to route_to('health_check#index')
+  end
+
+  it 'also supports passing checks in the url' do
+    expect(get('/health_check/email')).to route_to('health_check#index', checks: 'email')
+  end
+end
diff --git a/spec/services/auth/container_registry_authentication_service_spec.rb b/spec/services/auth/container_registry_authentication_service_spec.rb
new file mode 100644
index 00000000000..6c9f56a4fba
--- /dev/null
+++ b/spec/services/auth/container_registry_authentication_service_spec.rb
@@ -0,0 +1,228 @@
+require 'spec_helper'
+
+describe Auth::ContainerRegistryAuthenticationService, services: true do
+  let(:current_project) { nil }
+  let(:current_user) { nil }
+  let(:current_params) { {} }
+  let(:rsa_key) { OpenSSL::PKey::RSA.generate(512) }
+  let(:payload) { JWT.decode(subject[:token], rsa_key).first }
+
+  subject { described_class.new(current_project, current_user, current_params).execute }
+
+  before do
+    stub_container_registry_config(enabled: true, issuer: 'rspec', key: nil)
+    allow_any_instance_of(JSONWebToken::RSAToken).to receive(:key).and_return(rsa_key)
+  end
+
+  shared_examples 'an authenticated' do
+    it { is_expected.to include(:token) }
+    it { expect(payload).to include('access') }
+  end
+
+  shared_examples 'a accessible' do
+    let(:access) do
+      [{
+         'type' => 'repository',
+         'name' => project.path_with_namespace,
+         'actions' => actions,
+       }]
+    end
+
+    it_behaves_like 'an authenticated'
+    it { expect(payload).to include('access' => access) }
+  end
+
+  shared_examples 'a pullable' do
+    it_behaves_like 'a accessible' do
+      let(:actions) { ['pull'] }
+    end
+  end
+
+  shared_examples 'a pushable' do
+    it_behaves_like 'a accessible' do
+      let(:actions) { ['push'] }
+    end
+  end
+
+  shared_examples 'a pullable and pushable' do
+    it_behaves_like 'a accessible' do
+      let(:actions) { ['pull', 'push'] }
+    end
+  end
+
+  shared_examples 'an unauthorized' do
+    it { is_expected.to include(http_status: 401) }
+    it { is_expected.to_not include(:token) }
+  end
+
+  shared_examples 'a forbidden' do
+    it { is_expected.to include(http_status: 403) }
+    it { is_expected.to_not include(:token) }
+  end
+
+  context 'user authorization' do
+    let(:project) { create(:project) }
+    let(:current_user) { create(:user) }
+
+    context 'allow to use offline_token' do
+      let(:current_params) do
+        { offline_token: true }
+      end
+
+      it_behaves_like 'an authenticated'
+    end
+
+    context 'allow developer to push images' do
+      before { project.team << [current_user, :developer] }
+
+      let(:current_params) do
+        { scope: "repository:#{project.path_with_namespace}:push" }
+      end
+
+      it_behaves_like 'a pushable'
+    end
+
+    context 'allow reporter to pull images' do
+      before { project.team << [current_user, :reporter] }
+
+      let(:current_params) do
+        { scope: "repository:#{project.path_with_namespace}:pull" }
+      end
+
+      it_behaves_like 'a pullable'
+    end
+
+    context 'return a least of privileges' do
+      before { project.team << [current_user, :reporter] }
+
+      let(:current_params) do
+        { scope: "repository:#{project.path_with_namespace}:push,pull" }
+      end
+
+      it_behaves_like 'a pullable'
+    end
+
+    context 'disallow guest to pull or push images' do
+      before { project.team << [current_user, :guest] }
+
+      let(:current_params) do
+        { scope: "repository:#{project.path_with_namespace}:pull,push" }
+      end
+
+      it_behaves_like 'a forbidden'
+    end
+  end
+
+  context 'project authorization' do
+    let(:current_project) { create(:empty_project) }
+
+    context 'disallow to use offline_token' do
+      let(:current_params) do
+        { offline_token: true }
+      end
+
+      it_behaves_like 'an unauthorized'
+    end
+
+    context 'allow to pull and push images' do
+      let(:current_params) do
+        { scope: "repository:#{current_project.path_with_namespace}:pull,push" }
+      end
+
+      it_behaves_like 'a pullable and pushable' do
+        let(:project) { current_project }
+      end
+    end
+
+    context 'for other projects' do
+      context 'when pulling' do
+        let(:current_params) do
+          { scope: "repository:#{project.path_with_namespace}:pull" }
+        end
+
+        context 'allow for public' do
+          let(:project) { create(:empty_project, :public) }
+          it_behaves_like 'a pullable'
+        end
+
+        context 'disallow for private' do
+          let(:project) { create(:empty_project, :private) }
+          it_behaves_like 'a forbidden'
+        end
+      end
+
+      context 'when pushing' do
+        let(:current_params) do
+          { scope: "repository:#{project.path_with_namespace}:push" }
+        end
+
+        context 'disallow for all' do
+          let(:project) { create(:empty_project, :public) }
+          it_behaves_like 'a forbidden'
+        end
+      end
+    end
+
+    context 'for project without container registry' do
+      let(:project) { create(:empty_project, :public, container_registry_enabled: false) }
+
+      before { project.update(container_registry_enabled: false) }
+
+      context 'disallow when pulling' do
+        let(:current_params) do
+          { scope: "repository:#{project.path_with_namespace}:pull" }
+        end
+
+        it_behaves_like 'a forbidden'
+      end
+    end
+  end
+
+  context 'unauthorized' do
+    context 'disallow to use offline_token' do
+      let(:current_params) do
+        { offline_token: true }
+      end
+
+      it_behaves_like 'an unauthorized'
+    end
+
+    context 'for invalid scope' do
+      let(:current_params) do
+        { scope: 'invalid:aa:bb' }
+      end
+
+      it_behaves_like 'a forbidden'
+    end
+
+    context 'for private project' do
+      let(:project) { create(:empty_project, :private) }
+
+      let(:current_params) do
+        { scope: "repository:#{project.path_with_namespace}:pull" }
+      end
+
+      it_behaves_like 'a forbidden'
+    end
+
+    context 'for public project' do
+      let(:project) { create(:empty_project, :public) }
+
+      context 'when pulling and pushing' do
+        let(:current_params) do
+          { scope: "repository:#{project.path_with_namespace}:pull,push" }
+        end
+
+        it_behaves_like 'a pullable'
+      end
+
+      context 'when pushing' do
+        let(:current_params) do
+          { scope: "repository:#{project.path_with_namespace}:push" }
+        end
+
+        it_behaves_like 'a forbidden'
+      end
+    end
+  end
+end
diff --git a/spec/services/create_tag_service_spec.rb b/spec/services/create_tag_service_spec.rb
new file mode 100644
index 00000000000..91f9e663b66
--- /dev/null
+++ b/spec/services/create_tag_service_spec.rb
@@ -0,0 +1,53 @@
+require 'spec_helper'
+
+describe CreateTagService, services: true do
+  let(:project) { create(:project) }
+  let(:repository) { project.repository }
+  let(:user) { create(:user) }
+  let(:service) { described_class.new(project, user) }
+
+  describe '#execute' do
+    it 'creates the tag and returns success' do
+      response = service.execute('v42.42.42', 'master', 'Foo')
+
+      expect(response[:status]).to eq(:success)
+      expect(response[:tag]).to be_a Gitlab::Git::Tag
+      expect(response[:tag].name).to eq('v42.42.42')
+    end
+
+    context 'when target is invalid' do
+      it 'returns an error' do
+        response = service.execute('v1.1.0', 'foo', 'Foo')
+
+        expect(response).to eq(status: :error,
+                               message: 'Target foo is invalid')
+      end
+    end
+
+    context 'when tag already exists' do
+      it 'returns an error' do
+        expect(repository).to receive(:add_tag).
+          with(user, 'v1.1.0', 'master', 'Foo').
+          and_raise(Rugged::TagError)
+
+        response = service.execute('v1.1.0', 'master', 'Foo')
+
+        expect(response).to eq(status: :error,
+                               message: 'Tag v1.1.0 already exists')
+      end
+    end
+
+    context 'when pre-receive hook fails' do
+      it 'returns an error' do
+        expect(repository).to receive(:add_tag).
+          with(user, 'v1.1.0', 'master', 'Foo').
+          and_raise(GitHooksService::PreReceiveError)
+
+        response = service.execute('v1.1.0', 'master', 'Foo')
+
+        expect(response).to eq(status: :error,
+                               message: 'Tag creation was rejected by Git hook')
+      end
+    end
+  end
+end
diff --git a/spec/services/git_push_service_spec.rb b/spec/services/git_push_service_spec.rb
index b40a5c1c818..eeab540c2fd 100644
--- a/spec/services/git_push_service_spec.rb
+++ b/spec/services/git_push_service_spec.rb
@@ -201,6 +201,36 @@ describe GitPushService, services: true do
   end
 
 
+  describe "Updates git attributes" do
+    context "for default branch" do
+      it "calls the copy attributes method for the first push to the default branch" do
+        expect(project.repository).to receive(:copy_gitattributes).with('master')
+
+        execute_service(project, user, @blankrev, 'newrev', 'refs/heads/master')
+      end
+
+      it "calls the copy attributes method for changes to the default branch" do
+        expect(project.repository).to receive(:copy_gitattributes).with('refs/heads/master')
+
+        execute_service(project, user, 'oldrev', 'newrev', 'refs/heads/master')
+      end
+    end
+
+    context "for non-default branch" do
+      before do
+        # Make sure the "default" branch is different
+        allow(project).to receive(:default_branch).and_return('not-master')
+      end
+
+      it "does not call copy attributes method" do
+        expect(project.repository).not_to receive(:copy_gitattributes)
+
+        execute_service(project, user, @oldrev, @newrev, @ref)
+      end
+    end
+  end
+
+
   describe "Webhooks" do
     context "execute webhooks" do
       it "when pushing a branch for the first time" do
diff --git a/spec/services/issues/move_service_spec.rb b/spec/services/issues/move_service_spec.rb
index 2a5e4ac3ec4..c15e26189a5 100644
--- a/spec/services/issues/move_service_spec.rb
+++ b/spec/services/issues/move_service_spec.rb
@@ -7,10 +7,11 @@ describe Issues::MoveService, services: true do
   let(:description) { 'Some issue description' }
   let(:old_project) { create(:project) }
   let(:new_project) { create(:project) }
+  let(:milestone1) { create(:milestone, project_id: old_project.id, title: 'v9.0') }
 
   let(:old_issue) do
     create(:issue, title: title, description: description,
-                   project: old_project, author: author)
+                   project: old_project, author: author, milestone: milestone1)
   end
 
   let(:move_service) do
@@ -21,11 +22,24 @@ describe Issues::MoveService, services: true do
     before do
       old_project.team << [user, :reporter]
       new_project.team << [user, :reporter]
+
+      ['label1', 'label2'].each do |label|
+        old_issue.labels << create(:label,
+          project_id: old_project.id,
+          title: label)
+      end
+
+      new_project.labels << create(:label, title: 'label1')
+      new_project.labels << create(:label, title: 'label2')
     end
   end
 
   describe '#execute' do
     shared_context 'issue move executed' do
+      let!(:milestone2) do
+        create(:milestone, project_id: new_project.id, title: 'v9.0')
+      end
+
       let!(:new_issue) { move_service.execute(old_issue, new_project) }
     end
 
@@ -39,6 +53,23 @@ describe Issues::MoveService, services: true do
           expect(new_issue.project).to eq new_project
         end
 
+        it 'assigns milestone to new issue' do
+          expect(new_issue.reload.milestone.title).to eq 'v9.0'
+          expect(new_issue.reload.milestone).to eq(milestone2)
+        end
+
+        it 'assign labels to new issue' do
+          expected_label_titles = new_issue.reload.labels.map(&:title)
+          expect(expected_label_titles).to include 'label1'
+          expect(expected_label_titles).to include 'label2'
+          expect(expected_label_titles.size).to eq 2
+
+          new_issue.labels.each do |label|
+            expect(new_project.labels).to include(label)
+            expect(old_project.labels).not_to include(label)
+          end
+        end
+
         it 'rewrites issue title' do
           expect(new_issue.title).to eq title
         end
@@ -72,11 +103,6 @@ describe Issues::MoveService, services: true do
           expect(new_issue.author).to eq author
         end
 
-        it 'removes data that is invalid in new context' do
-          expect(new_issue.milestone).to be_nil
-          expect(new_issue.labels).to be_empty
-        end
-
         it 'creates a new internal id for issue' do
           expect(new_issue.iid).to be 1
         end
diff --git a/spec/services/merge_requests/build_service_spec.rb b/spec/services/merge_requests/build_service_spec.rb
new file mode 100644
index 00000000000..782d74ec5ec
--- /dev/null
+++ b/spec/services/merge_requests/build_service_spec.rb
@@ -0,0 +1,181 @@
+require 'spec_helper'
+
+describe MergeRequests::BuildService, services: true do
+  include RepoHelpers
+
+  let(:project) { create(:project) }
+  let(:user) { create(:user) }
+  let(:issue_confidential) { false }
+  let(:issue) { create(:issue, project: project, title: 'A bug', confidential: issue_confidential) }
+  let(:description) { nil }
+  let(:source_branch) { 'feature-branch' }
+  let(:target_branch) { 'master' }
+  let(:merge_request) { service.execute }
+  let(:compare) { double(:compare, commits: commits) }
+  let(:commit_1) { double(:commit_1, safe_message: "Initial commit\n\nCreate the app") }
+  let(:commit_2) { double(:commit_2, safe_message: 'This is a bad commit message!') }
+  let(:commits) { nil }
+
+  let(:service) do
+    MergeRequests::BuildService.new(project, user,
+                                    description: description,
+                                    source_branch: source_branch,
+                                    target_branch: target_branch)
+  end
+
+  before do
+    allow(CompareService).to receive_message_chain(:new, :execute).and_return(compare)
+  end
+
+  describe 'execute' do
+    context 'missing source branch' do
+      let(:source_branch) { '' }
+
+      it 'forbids the merge request from being created' do
+        expect(merge_request.can_be_created).to eq(false)
+      end
+
+      it 'adds an error message to the merge request' do
+        expect(merge_request.errors).to contain_exactly('You must select source and target branch')
+      end
+    end
+
+    context 'missing target branch' do
+      let(:target_branch) { '' }
+
+      it 'forbids the merge request from being created' do
+        expect(merge_request.can_be_created).to eq(false)
+      end
+
+      it 'adds an error message to the merge request' do
+        expect(merge_request.errors).to contain_exactly('You must select source and target branch')
+      end
+    end
+
+    context 'no commits in the diff' do
+      let(:commits) { [] }
+
+      it 'forbids the merge request from being created' do
+        expect(merge_request.can_be_created).to eq(false)
+      end
+    end
+
+    context 'one commit in the diff' do
+      let(:commits) { [commit_1] }
+
+      it 'allows the merge request to be created' do
+        expect(merge_request.can_be_created).to eq(true)
+      end
+
+      it 'uses the title of the commit as the title of the merge request' do
+        expect(merge_request.title).to eq(commit_1.safe_message.split("\n").first)
+      end
+
+      it 'uses the description of the commit as the description of the merge request' do
+        expect(merge_request.description).to eq(commit_1.safe_message.split(/\n+/, 2).last)
+      end
+
+      context 'merge request already has a description set' do
+        let(:description) { 'Merge request description' }
+
+        it 'keeps the description from the initial params' do
+          expect(merge_request.description).to eq(description)
+        end
+      end
+
+      context 'commit has no description' do
+        let(:commits) { [commit_2] }
+
+        it 'uses the title of the commit as the title of the merge request' do
+          expect(merge_request.title).to eq(commit_2.safe_message)
+        end
+
+        it 'sets the description to nil' do
+          expect(merge_request.description).to be_nil
+        end
+      end
+
+      context 'branch starts with issue IID followed by a hyphen' do
+        let(:source_branch) { "#{issue.iid}-fix-issue" }
+
+        it 'appends "Closes #$issue-iid" to the description' do
+          expect(merge_request.description).to eq("#{commit_1.safe_message.split(/\n+/, 2).last}\nCloses ##{issue.iid}")
+        end
+
+        context 'merge request already has a description set' do
+          let(:description) { 'Merge request description' }
+
+          it 'appends "Closes #$issue-iid" to the description' do
+            expect(merge_request.description).to eq("#{description}\nCloses ##{issue.iid}")
+          end
+        end
+
+        context 'commit has no description' do
+          let(:commits) { [commit_2] }
+
+          it 'sets the description to "Closes #$issue-iid"' do
+            expect(merge_request.description).to eq("Closes ##{issue.iid}")
+          end
+        end
+      end
+    end
+
+    context 'more than one commit in the diff' do
+      let(:commits) { [commit_1, commit_2] }
+
+      it 'allows the merge request to be created' do
+        expect(merge_request.can_be_created).to eq(true)
+      end
+
+      it 'uses the title of the branch as the merge request title' do
+        expect(merge_request.title).to eq('Feature branch')
+      end
+
+      it 'does not add a description' do
+        expect(merge_request.description).to be_nil
+      end
+
+      context 'merge request already has a description set' do
+        let(:description) { 'Merge request description' }
+
+        it 'keeps the description from the initial params' do
+          expect(merge_request.description).to eq(description)
+        end
+      end
+
+      context 'branch starts with GitLab issue IID followed by a hyphen' do
+        let(:source_branch) { "#{issue.iid}-fix-issue" }
+
+        it 'sets the title to: Resolves "$issue-title"' do
+          expect(merge_request.title).to eq("Resolve \"#{issue.title}\"")
+        end
+
+        context 'issue does not exist' do
+          let(:source_branch) { "#{issue.iid.succ}-fix-issue" }
+
+          it 'uses the title of the branch as the merge request title' do
+            expect(merge_request.title).to eq("#{issue.iid.succ} fix issue")
+          end
+        end
+
+        context 'issue is confidential' do
+          let(:issue_confidential) { true }
+
+          it 'uses the title of the branch as the merge request title' do
+            expect(merge_request.title).to eq("#{issue.iid} fix issue")
+          end
+        end
+      end
+
+      context 'branch starts with external issue IID followed by a hyphen' do
+        let(:source_branch) { '12345-fix-issue' }
+
+        before { allow(project).to receive(:default_issues_tracker?).and_return(false) }
+
+        it 'sets the title to: Resolves External Issue $issue-iid' do
+          expect(merge_request.title).to eq('Resolve External Issue 12345')
+        end
+      end
+    end
+  end
+end
diff --git a/spec/services/notification_service_spec.rb b/spec/services/notification_service_spec.rb
index d7c72dc0811..4bbc4ddc3ab 100644
--- a/spec/services/notification_service_spec.rb
+++ b/spec/services/notification_service_spec.rb
@@ -10,7 +10,7 @@ describe NotificationService, services: true do
   end
 
   describe 'Keys' do
-    describe :new_key do
+    describe '#new_key' do
       let!(:key) { create(:personal_key) }
 
       it { expect(notification.new_key(key)).to be_truthy }
@@ -22,7 +22,7 @@ describe NotificationService, services: true do
   end
 
   describe 'Email' do
-    describe :new_email do
+    describe '#new_email' do
       let!(:email) { create(:email) }
 
       it { expect(notification.new_email(email)).to be_truthy }
@@ -147,8 +147,8 @@ describe NotificationService, services: true do
         ActionMailer::Base.deliveries.clear
       end
 
-      describe :new_note do
-        it do
+      describe '#new_note' do
+        it 'notifies the team members' do
           notification.new_note(note)
 
           # Notify all team members
@@ -177,6 +177,39 @@ describe NotificationService, services: true do
       end
     end
 
+    context 'project snippet note' do
+      let(:project) { create(:empty_project, :public) }
+      let(:snippet) { create(:project_snippet, project: project, author: create(:user)) }
+      let(:note) { create(:note_on_project_snippet, noteable: snippet, project_id: snippet.project.id, note: '@all mentioned') }
+
+      before do
+        build_team(note.project)
+        note.project.team << [note.author, :master]
+        ActionMailer::Base.deliveries.clear
+      end
+
+      describe '#new_note' do
+        it 'notifies the team members' do
+          notification.new_note(note)
+
+          # Notify all team members
+          note.project.team.members.each do |member|
+            # User with disabled notification should not be notified
+            next if member.id == @u_disabled.id
+            # Author should not be notified
+            next if member.id == note.author.id
+            should_email(member)
+          end
+
+          should_email(note.noteable.author)
+          should_not_email(note.author)
+          should_email(@u_mentioned)
+          should_not_email(@u_disabled)
+          should_email(@u_not_mentioned)
+        end
+      end
+    end
+
     context 'commit note' do
       let(:project) { create(:project, :public) }
       let(:note) { create(:note_on_commit, project: project) }
@@ -187,7 +220,7 @@ describe NotificationService, services: true do
         allow_any_instance_of(Commit).to receive(:author).and_return(@u_committer)
       end
 
-      describe :new_note, :perform_enqueued_jobs do
+      describe '#new_note, #perform_enqueued_jobs' do
         it do
           notification.new_note(note)
 
@@ -230,7 +263,7 @@ describe NotificationService, services: true do
       ActionMailer::Base.deliveries.clear
     end
 
-    describe :new_issue do
+    describe '#new_issue' do
       it do
         notification.new_issue(issue, @u_disabled)
 
@@ -289,7 +322,7 @@ describe NotificationService, services: true do
       end
     end
 
-    describe :reassigned_issue do
+    describe '#reassigned_issue' do
       it 'emails new assignee' do
         notification.reassigned_issue(issue, @u_disabled)
 
@@ -419,7 +452,7 @@ describe NotificationService, services: true do
       end
     end
 
-    describe :close_issue do
+    describe '#close_issue' do
       it 'should sent email to issue assignee and issue author' do
         notification.close_issue(issue, @u_disabled)
 
@@ -435,7 +468,7 @@ describe NotificationService, services: true do
       end
     end
 
-    describe :reopen_issue do
+    describe '#reopen_issue' do
       it 'should send email to issue assignee and issue author' do
         notification.reopen_issue(issue, @u_disabled)
 
@@ -461,7 +494,7 @@ describe NotificationService, services: true do
       ActionMailer::Base.deliveries.clear
     end
 
-    describe :new_merge_request do
+    describe '#new_merge_request' do
       it do
         notification.new_merge_request(merge_request, @u_disabled)
 
@@ -483,7 +516,7 @@ describe NotificationService, services: true do
       end
     end
 
-    describe :reassigned_merge_request do
+    describe '#reassigned_merge_request' do
       it do
         notification.reassigned_merge_request(merge_request, merge_request.author)
 
@@ -498,7 +531,7 @@ describe NotificationService, services: true do
       end
     end
 
-    describe :relabel_merge_request do
+    describe '#relabel_merge_request' do
       let(:label) { create(:label, merge_requests: [merge_request]) }
       let(:label2) { create(:label) }
       let!(:subscriber_to_label) { create(:user).tap { |u| label.toggle_subscription(u) } }
@@ -527,7 +560,7 @@ describe NotificationService, services: true do
       end
     end
 
-    describe :closed_merge_request do
+    describe '#closed_merge_request' do
       it do
         notification.close_mr(merge_request, @u_disabled)
 
@@ -542,7 +575,7 @@ describe NotificationService, services: true do
       end
     end
 
-    describe :merged_merge_request do
+    describe '#merged_merge_request' do
       it do
         notification.merge_mr(merge_request, @u_disabled)
 
@@ -557,7 +590,7 @@ describe NotificationService, services: true do
       end
     end
 
-    describe :reopen_merge_request do
+    describe '#reopen_merge_request' do
       it do
         notification.reopen_mr(merge_request, @u_disabled)
 
@@ -581,7 +614,7 @@ describe NotificationService, services: true do
       ActionMailer::Base.deliveries.clear
     end
 
-    describe :project_was_moved do
+    describe '#project_was_moved' do
       it do
         notification.project_was_moved(project, "gitlab/gitlab")
 
diff --git a/spec/services/projects/create_service_spec.rb b/spec/services/projects/create_service_spec.rb
index e43903dbd3c..fd114359467 100644
--- a/spec/services/projects/create_service_spec.rb
+++ b/spec/services/projects/create_service_spec.rb
@@ -64,7 +64,7 @@ describe Projects::CreateService, services: true do
           @path = ProjectWiki.new(@project, @user).send(:path_to_repo)
         end
 
-        it { expect(File.exists?(@path)).to be_truthy }
+        it { expect(File.exist?(@path)).to be_truthy }
       end
 
       context 'wiki_enabled false does not create wiki repository directory' do
@@ -74,7 +74,7 @@ describe Projects::CreateService, services: true do
           @path = ProjectWiki.new(@project, @user).send(:path_to_repo)
         end
 
-        it { expect(File.exists?(@path)).to be_falsey }
+        it { expect(File.exist?(@path)).to be_falsey }
       end
     end
 
diff --git a/spec/services/projects/destroy_service_spec.rb b/spec/services/projects/destroy_service_spec.rb
index 1ec27077717..29341c5e57e 100644
--- a/spec/services/projects/destroy_service_spec.rb
+++ b/spec/services/projects/destroy_service_spec.rb
@@ -13,8 +13,8 @@ describe Projects::DestroyService, services: true do
     end
 
     it { expect(Project.all).not_to include(project) }
-    it { expect(Dir.exists?(path)).to be_falsey }
-    it { expect(Dir.exists?(remove_path)).to be_falsey }
+    it { expect(Dir.exist?(path)).to be_falsey }
+    it { expect(Dir.exist?(remove_path)).to be_falsey }
   end
 
   context 'Sidekiq fake' do
@@ -24,8 +24,31 @@ describe Projects::DestroyService, services: true do
     end
 
     it { expect(Project.all).not_to include(project) }
-    it { expect(Dir.exists?(path)).to be_falsey }
-    it { expect(Dir.exists?(remove_path)).to be_truthy }
+    it { expect(Dir.exist?(path)).to be_falsey }
+    it { expect(Dir.exist?(remove_path)).to be_truthy }
+  end
+
+  context 'container registry' do
+    before do
+      stub_container_registry_config(enabled: true)
+      stub_container_registry_tags('tag')
+    end
+
+    context 'tags deletion succeeds' do
+      it do
+        expect_any_instance_of(ContainerRegistry::Tag).to receive(:delete).and_return(true)
+
+        destroy_project(project, user, {})
+      end
+    end
+
+    context 'tags deletion fails' do
+      before { expect_any_instance_of(ContainerRegistry::Tag).to receive(:delete).and_return(false) }
+
+      subject { destroy_project(project, user, {}) }
+
+      it { expect{subject}.to raise_error(Projects::DestroyService::DestroyError) }
+    end
   end
 
   def destroy_project(project, user, params)
diff --git a/spec/services/projects/import_service_spec.rb b/spec/services/projects/import_service_spec.rb
index 32bf3acf483..7f2dcdab960 100644
--- a/spec/services/projects/import_service_spec.rb
+++ b/spec/services/projects/import_service_spec.rb
@@ -112,9 +112,16 @@ describe Projects::ImportService, services: true do
 
     def stub_github_omniauth_provider
       provider = OpenStruct.new(
-        name: 'github',
-        app_id: 'asd123',
-        app_secret: 'asd123'
+        'name' => 'github',
+        'app_id' => 'asd123',
+        'app_secret' => 'asd123',
+        'args' => {
+          'client_options' => {
+            'site' => 'https://github.com/api/v3',
+            'authorize_url' => 'https://github.com/login/oauth/authorize',
+            'token_url' => 'https://github.com/login/oauth/access_token'
+          }
+        }
       )
 
       Gitlab.config.omniauth.providers << provider
diff --git a/spec/services/projects/transfer_service_spec.rb b/spec/services/projects/transfer_service_spec.rb
index 06017317339..d5aa115a074 100644
--- a/spec/services/projects/transfer_service_spec.rb
+++ b/spec/services/projects/transfer_service_spec.rb
@@ -26,6 +26,17 @@ describe Projects::TransferService, services: true do
     it { expect(project.namespace).to eq(user.namespace) }
   end
 
+  context 'disallow transfering of project with tags' do
+    before do
+      stub_container_registry_config(enabled: true)
+      stub_container_registry_tags('tag')
+    end
+
+    subject { transfer_project(project, user, group) }
+
+    it { is_expected.to be_falsey }
+  end
+
   context 'namespace -> not allowed namespace' do
     before do
       @result = transfer_project(project, user, group)
diff --git a/spec/services/system_note_service_spec.rb b/spec/services/system_note_service_spec.rb
index 240eae10052..5fbf2ae5247 100644
--- a/spec/services/system_note_service_spec.rb
+++ b/spec/services/system_note_service_spec.rb
@@ -506,6 +506,15 @@ describe SystemNoteService, services: true do
     end
   end
 
+  describe '.new_commit_summary' do
+    it 'escapes HTML titles' do
+      commit = double(title: '<pre>This is a test</pre>', short_id: '12345678')
+      escaped = '* 12345678 - &lt;pre&gt;This is a test&lt;&#x2F;pre&gt;'
+
+      expect(described_class.new_commit_summary([commit])).to eq([escaped])
+    end
+  end
+
   include JiraServiceHelper
 
   describe 'JIRA integration' do
diff --git a/spec/services/todo_service_spec.rb b/spec/services/todo_service_spec.rb
index 82b7fbfa816..a075496ee63 100644
--- a/spec/services/todo_service_spec.rb
+++ b/spec/services/todo_service_spec.rb
@@ -55,6 +55,25 @@ describe TodoService, services: true do
         should_create_todo(user: admin, target: confidential_issue, author: john_doe, action: Todo::MENTIONED)
         should_not_create_todo(user: john_doe, target: confidential_issue, author: john_doe, action: Todo::MENTIONED)
       end
+
+      context 'when a private group is mentioned' do
+        let(:group) { create :group, :private }
+        let(:project) { create :project, :private, group: group }
+        let(:issue) { create :issue, author: author, project: project, description: group.to_reference }
+
+        before do
+          group.add_owner(author)
+          group.add_user(member, Gitlab::Access::DEVELOPER)
+          group.add_user(john_doe, Gitlab::Access::DEVELOPER)
+
+          service.new_issue(issue, author)
+        end
+
+        it 'creates a todo for group members' do
+          should_create_todo(user: member, target: issue)
+          should_create_todo(user: john_doe, target: issue)
+        end
+      end
     end
 
     describe '#update_issue' do
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 596d607f2a1..576d16e7ea3 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -51,10 +51,4 @@ FactoryGirl::SyntaxRunner.class_eval do
   include RSpec::Mocks::ExampleMethods
 end
 
-# Work around a Rails 4.2.5.1 issue
-# See https://github.com/rspec/rspec-rails/issues/1532
-RSpec::Rails::ViewRendering::EmptyTemplatePathSetDecorator.class_eval do
-  alias_method :find_all_anywhere, :find_all
-end
-
 ActiveRecord::Migration.maintain_test_schema!
diff --git a/spec/support/issue_tracker_service_shared_example.rb b/spec/support/issue_tracker_service_shared_example.rb
new file mode 100644
index 00000000000..b6d7436c360
--- /dev/null
+++ b/spec/support/issue_tracker_service_shared_example.rb
@@ -0,0 +1,7 @@
+RSpec.shared_examples 'issue tracker service URL attribute' do |url_attr|
+  it { is_expected.to allow_value('https://example.com').for(url_attr) }
+
+  it { is_expected.not_to allow_value('example.com').for(url_attr) }
+  it { is_expected.not_to allow_value('ftp://example.com').for(url_attr) }
+  it { is_expected.not_to allow_value('herp-and-derp').for(url_attr) }
+end
diff --git a/spec/support/jira_service_helper.rb b/spec/support/jira_service_helper.rb
index a3f496359b1..5ebe095743b 100644
--- a/spec/support/jira_service_helper.rb
+++ b/spec/support/jira_service_helper.rb
@@ -2,11 +2,11 @@ module JiraServiceHelper
 
   def jira_service_settings
     properties = {
-      "title"=>"JIRA tracker",
-      "project_url"=>"http://jira.example/issues/?jql=project=A",
-      "issues_url"=>"http://jira.example/browse/JIRA-1",
-      "new_issue_url"=>"http://jira.example/secure/CreateIssue.jspa",
-      "api_url"=>"http://jira.example/rest/api/2"
+      "title" => "JIRA tracker",
+      "project_url" => "http://jira.example/issues/?jql=project=A",
+      "issues_url" => "http://jira.example/browse/JIRA-1",
+      "new_issue_url" => "http://jira.example/secure/CreateIssue.jspa",
+      "api_url" => "http://jira.example/rest/api/2"
     }
 
     jira_tracker.update_attributes(properties: properties, active: true)
diff --git a/spec/support/stub_gitlab_calls.rb b/spec/support/stub_gitlab_calls.rb
index eec2e681117..f73416a3d0f 100644
--- a/spec/support/stub_gitlab_calls.rb
+++ b/spec/support/stub_gitlab_calls.rb
@@ -25,6 +25,23 @@ module StubGitlabCalls
     allow_any_instance_of(Project).to receive(:builds_enabled?).and_return(false)
   end
 
+  def stub_container_registry_config(registry_settings)
+    allow(Gitlab.config.registry).to receive_messages(registry_settings)
+    allow(Auth::ContainerRegistryAuthenticationService).to receive(:full_access_token).and_return('token')
+  end
+
+  def stub_container_registry_tags(*tags)
+    allow_any_instance_of(ContainerRegistry::Client).to receive(:repository_tags).and_return(
+      { "tags" => tags }
+    )
+    allow_any_instance_of(ContainerRegistry::Client).to receive(:repository_manifest).and_return(
+      JSON.load(File.read(Rails.root + 'spec/fixtures/container_registry/tag_manifest.json'))
+    )
+    allow_any_instance_of(ContainerRegistry::Client).to receive(:blob).and_return(
+      File.read(Rails.root + 'spec/fixtures/container_registry/config_blob.json')
+    )
+  end
+
   private
 
   def gitlab_url
@@ -36,20 +53,20 @@ module StubGitlabCalls
 
     stub_request(:post, "#{gitlab_url}api/v3/session.json").
       with(body: "{\"email\":\"test@test.com\",\"password\":\"123456\"}",
-           headers: { 'Content-Type'=>'application/json' }).
-           to_return(status: 201, body: f, headers: { 'Content-Type'=>'application/json' })
+           headers: { 'Content-Type' => 'application/json' }).
+           to_return(status: 201, body: f, headers: { 'Content-Type' => 'application/json' })
   end
 
   def stub_user
     f = File.read(Rails.root.join('spec/support/gitlab_stubs/user.json'))
 
     stub_request(:get, "#{gitlab_url}api/v3/user?private_token=Wvjy2Krpb7y8xi93owUz").
-      with(headers: { 'Content-Type'=>'application/json' }).
-      to_return(status: 200, body: f, headers: { 'Content-Type'=>'application/json' })
+      with(headers: { 'Content-Type' => 'application/json' }).
+      to_return(status: 200, body: f, headers: { 'Content-Type' => 'application/json' })
 
     stub_request(:get, "#{gitlab_url}api/v3/user?access_token=some_token").
-      with(headers: { 'Content-Type'=>'application/json' }).
-      to_return(status: 200, body: f, headers: { 'Content-Type'=>'application/json' })
+      with(headers: { 'Content-Type' => 'application/json' }).
+      to_return(status: 200, body: f, headers: { 'Content-Type' => 'application/json' })
   end
 
   def stub_project_8
@@ -66,19 +83,19 @@ module StubGitlabCalls
     f = File.read(Rails.root.join('spec/support/gitlab_stubs/projects.json'))
 
     stub_request(:get, "#{gitlab_url}api/v3/projects.json?archived=false&ci_enabled_first=true&private_token=Wvjy2Krpb7y8xi93owUz").
-      with(headers: { 'Content-Type'=>'application/json' }).
-      to_return(status: 200, body: f, headers: { 'Content-Type'=>'application/json' })
+      with(headers: { 'Content-Type' => 'application/json' }).
+      to_return(status: 200, body: f, headers: { 'Content-Type' => 'application/json' })
   end
 
   def stub_projects_owned
     stub_request(:get, "#{gitlab_url}api/v3/projects/owned.json?archived=false&ci_enabled_first=true&private_token=Wvjy2Krpb7y8xi93owUz").
-      with(headers: { 'Content-Type'=>'application/json' }).
+      with(headers: { 'Content-Type' => 'application/json' }).
       to_return(status: 200, body: "", headers: {})
   end
 
   def stub_ci_enable
     stub_request(:put, "#{gitlab_url}api/v3/projects/2/services/gitlab-ci.json?private_token=Wvjy2Krpb7y8xi93owUz").
-      with(headers: { 'Content-Type'=>'application/json' }).
+      with(headers: { 'Content-Type' => 'application/json' }).
       to_return(status: 200, body: "", headers: {})
   end
 
diff --git a/spec/tasks/gitlab/backup_rake_spec.rb b/spec/tasks/gitlab/backup_rake_spec.rb
index 05fc4c4554f..8aeb013eec6 100644
--- a/spec/tasks/gitlab/backup_rake_spec.rb
+++ b/spec/tasks/gitlab/backup_rake_spec.rb
@@ -21,7 +21,7 @@ describe 'gitlab:app namespace rake task' do
   end
 
   def reenable_backup_sub_tasks
-    %w{db repo uploads builds artifacts lfs}.each do |subtask|
+    %w{db repo uploads builds artifacts lfs registry}.each do |subtask|
       Rake::Task["gitlab:backup:#{subtask}:create"].reenable
     end
   end
@@ -65,6 +65,7 @@ describe 'gitlab:app namespace rake task' do
         expect(Rake::Task['gitlab:backup:uploads:restore']).to receive(:invoke)
         expect(Rake::Task['gitlab:backup:artifacts:restore']).to receive(:invoke)
         expect(Rake::Task['gitlab:backup:lfs:restore']).to receive(:invoke)
+        expect(Rake::Task['gitlab:backup:registry:restore']).to receive(:invoke)
         expect(Rake::Task['gitlab:shell:setup']).to receive(:invoke)
         expect { run_rake_task('gitlab:backup:restore') }.not_to raise_error
       end
@@ -122,7 +123,7 @@ describe 'gitlab:app namespace rake task' do
 
     it 'should set correct permissions on the tar contents' do
       tar_contents, exit_status = Gitlab::Popen.popen(
-        %W{tar -tvf #{@backup_tar} db uploads.tar.gz repositories builds.tar.gz artifacts.tar.gz lfs.tar.gz}
+        %W{tar -tvf #{@backup_tar} db uploads.tar.gz repositories builds.tar.gz artifacts.tar.gz lfs.tar.gz registry.tar.gz}
       )
       expect(exit_status).to eq(0)
       expect(tar_contents).to match('db/')
@@ -131,12 +132,13 @@ describe 'gitlab:app namespace rake task' do
       expect(tar_contents).to match('builds.tar.gz')
       expect(tar_contents).to match('artifacts.tar.gz')
       expect(tar_contents).to match('lfs.tar.gz')
-      expect(tar_contents).not_to match(/^.{4,9}[rwx].* (database.sql.gz|uploads.tar.gz|repositories|builds.tar.gz|artifacts.tar.gz)\/$/)
+      expect(tar_contents).to match('registry.tar.gz')
+      expect(tar_contents).not_to match(/^.{4,9}[rwx].* (database.sql.gz|uploads.tar.gz|repositories|builds.tar.gz|artifacts.tar.gz|registry.tar.gz)\/$/)
     end
 
     it 'should delete temp directories' do
       temp_dirs = Dir.glob(
-        File.join(Gitlab.config.backup.path, '{db,repositories,uploads,builds,artifacts,lfs}')
+        File.join(Gitlab.config.backup.path, '{db,repositories,uploads,builds,artifacts,lfs,registry}')
       )
 
       expect(temp_dirs).to be_empty
@@ -172,7 +174,7 @@ describe 'gitlab:app namespace rake task' do
 
     it "does not contain skipped item" do
       tar_contents, _exit_status = Gitlab::Popen.popen(
-        %W{tar -tvf #{@backup_tar} db uploads.tar.gz repositories builds.tar.gz artifacts.tar.gz lfs.tar.gz}
+        %W{tar -tvf #{@backup_tar} db uploads.tar.gz repositories builds.tar.gz artifacts.tar.gz lfs.tar.gz registry.tar.gz}
       )
 
       expect(tar_contents).to match('db/')
@@ -180,6 +182,7 @@ describe 'gitlab:app namespace rake task' do
       expect(tar_contents).to match('builds.tar.gz')
       expect(tar_contents).to match('artifacts.tar.gz')
       expect(tar_contents).to match('lfs.tar.gz')
+      expect(tar_contents).to match('registry.tar.gz')
       expect(tar_contents).not_to match('repositories/')
     end
 
@@ -195,6 +198,7 @@ describe 'gitlab:app namespace rake task' do
       expect(Rake::Task['gitlab:backup:builds:restore']).to receive :invoke
       expect(Rake::Task['gitlab:backup:artifacts:restore']).to receive :invoke
       expect(Rake::Task['gitlab:backup:lfs:restore']).to receive :invoke
+      expect(Rake::Task['gitlab:backup:registry:restore']).to receive :invoke
       expect(Rake::Task['gitlab:shell:setup']).to receive :invoke
       expect { run_rake_task('gitlab:backup:restore') }.not_to raise_error
     end
diff --git a/spec/workers/emails_on_push_worker_spec.rb b/spec/workers/emails_on_push_worker_spec.rb
index 3600c771075..439da765c2c 100644
--- a/spec/workers/emails_on_push_worker_spec.rb
+++ b/spec/workers/emails_on_push_worker_spec.rb
@@ -6,29 +6,66 @@ describe EmailsOnPushWorker do
   let(:project) { create(:project) }
   let(:user) { create(:user) }
   let(:data) { Gitlab::PushDataBuilder.build_sample(project, user) }
+  let(:recipients) { user.email }
+  let(:perform) { subject.perform(project.id, recipients, data.stringify_keys) }
 
   subject { EmailsOnPushWorker.new }
 
-  before do
-    allow(Project).to receive(:find).and_return(project)
-  end
-
   describe "#perform" do
-    it "sends mail" do
-      subject.perform(project.id, user.email, data.stringify_keys)
+    context "when there are no errors in sending" do
+      let(:email) { ActionMailer::Base.deliveries.last }
+
+      before { perform }
 
-      email = ActionMailer::Base.deliveries.last
-      expect(email.subject).to include('Change some files')
-      expect(email.to).to eq([user.email])
+      it "sends a mail with the correct subject" do
+        expect(email.subject).to include('Change some files')
+      end
+
+      it "sends the mail to the correct recipient" do
+        expect(email.to).to eq([user.email])
+      end
     end
 
-    it "gracefully handles an input SMTP error" do
-      ActionMailer::Base.deliveries.clear
-      allow(Notify).to receive(:repository_push_email).and_raise(Net::SMTPFatalError)
+    context "when there is an SMTP error" do
+      before do
+        ActionMailer::Base.deliveries.clear
+        allow(Notify).to receive(:repository_push_email).and_raise(Net::SMTPFatalError)
+        perform
+      end
+
+      it "gracefully handles an input SMTP error" do
+        expect(ActionMailer::Base.deliveries.count).to eq(0)
+      end
+    end
+
+    context "when there are multiple recipients" do
+      let(:recipients) do
+        1.upto(5).map { |i| user.email.sub('@', "+#{i}@") }.join("\n")
+      end
+
+      before do
+        # This is a hack because we modify the mail object before sending, for efficency,
+        # but the TestMailer adapter just appends the objects to an array. To clone a mail
+        # object, create a new one!
+        #   https://github.com/mikel/mail/issues/314#issuecomment-12750108
+        allow_any_instance_of(Mail::TestMailer).to receive(:deliver!).and_wrap_original do |original, mail|
+          original.call(Mail.new(mail.encoded))
+        end
+
+        ActionMailer::Base.deliveries.clear
+      end
 
-      subject.perform(project.id, user.email, data.stringify_keys)
+      it "sends the mail to each of the recipients" do
+        perform
+        expect(ActionMailer::Base.deliveries.count).to eq(5)
+        expect(ActionMailer::Base.deliveries.map(&:to).flatten).to contain_exactly(*recipients.split)
+      end
 
-      expect(ActionMailer::Base.deliveries.count).to eq(0)
+      it "only generates the mail once" do
+        expect(Notify).to receive(:repository_push_email).once.and_call_original
+        expect(Premailer::Rails::CustomizedPremailer).to receive(:new).once.and_call_original
+        perform
+      end
     end
   end
 end
diff --git a/spec/workers/repository_check/batch_worker_spec.rb b/spec/workers/repository_check/batch_worker_spec.rb
index f486e45ddad..27727d6abf9 100644
--- a/spec/workers/repository_check/batch_worker_spec.rb
+++ b/spec/workers/repository_check/batch_worker_spec.rb
@@ -4,7 +4,7 @@ describe RepositoryCheck::BatchWorker do
   subject { described_class.new }
 
   it 'prefers projects that have never been checked' do
-    projects = create_list(:project, 3)
+    projects = create_list(:project, 3, created_at: 1.week.ago)
     projects[0].update_column(:last_repository_check_at, 4.months.ago)
     projects[2].update_column(:last_repository_check_at, 3.months.ago)
 
@@ -12,7 +12,7 @@ describe RepositoryCheck::BatchWorker do
   end
 
   it 'sorts projects by last_repository_check_at' do
-    projects = create_list(:project, 3)
+    projects = create_list(:project, 3, created_at: 1.week.ago)
     projects[0].update_column(:last_repository_check_at, 2.months.ago)
     projects[1].update_column(:last_repository_check_at, 4.months.ago)
     projects[2].update_column(:last_repository_check_at, 3.months.ago)
@@ -21,7 +21,7 @@ describe RepositoryCheck::BatchWorker do
   end
 
   it 'excludes projects that were checked recently' do
-    projects = create_list(:project, 3)
+    projects = create_list(:project, 3, created_at: 1.week.ago)
     projects[0].update_column(:last_repository_check_at, 2.days.ago)
     projects[1].update_column(:last_repository_check_at, 2.months.ago)
     projects[2].update_column(:last_repository_check_at, 3.days.ago)
@@ -30,10 +30,17 @@ describe RepositoryCheck::BatchWorker do
   end
 
   it 'does nothing when repository checks are disabled' do
-    create(:empty_project)
+    create(:empty_project, created_at: 1.week.ago)
     current_settings = double('settings', repository_checks_enabled: false)
     expect(subject).to receive(:current_settings) { current_settings }
 
     expect(subject.perform).to eq(nil)
   end
+
+  it 'skips projects created less than 24 hours ago' do
+    project = create(:empty_project)
+    project.update_column(:created_at, 23.hours.ago)
+  
+    expect(subject.perform).to eq([])
+  end
 end
diff --git a/spec/workers/repository_check/single_repository_worker_spec.rb b/spec/workers/repository_check/single_repository_worker_spec.rb
index 087e4c667d8..5a03bb77ebd 100644
--- a/spec/workers/repository_check/single_repository_worker_spec.rb
+++ b/spec/workers/repository_check/single_repository_worker_spec.rb
@@ -12,7 +12,7 @@ describe RepositoryCheck::SingleRepositoryWorker do
     subject.perform(project.id)
     expect(project.reload.last_repository_check_failed).to eq(false)
 
-    destroy_wiki(project)
+    break_wiki(project)
     subject.perform(project.id)
 
     expect(project.reload.last_repository_check_failed).to eq(true)
@@ -20,15 +20,38 @@ describe RepositoryCheck::SingleRepositoryWorker do
 
   it 'skips wikis when disabled' do
     project = create(:project_empty_repo, wiki_enabled: false)
-    # Make sure the test would fail if it checked the wiki repo
-    destroy_wiki(project)
+    # Make sure the test would fail if the wiki repo was checked
+    break_wiki(project)
 
     subject.perform(project.id)
 
     expect(project.reload.last_repository_check_failed).to eq(false)
   end
 
-  def destroy_wiki(project)
-    FileUtils.rm_rf(project.wiki.repository.path_to_repo)
+  it 'creates missing wikis' do
+    project = create(:project_empty_repo, wiki_enabled: true)
+    FileUtils.rm_rf(wiki_path(project))
+
+    subject.perform(project.id)
+
+    expect(project.reload.last_repository_check_failed).to eq(false)
+  end
+
+  it 'does not create a wiki if the main repo does not exist at all' do
+    project = create(:project_empty_repo)
+    FileUtils.rm_rf(project.repository.path_to_repo)
+    FileUtils.rm_rf(wiki_path(project))
+
+    subject.perform(project.id)
+
+    expect(File.exist?(wiki_path(project))).to eq(false)
+  end
+
+  def break_wiki(project)
+    FileUtils.rm_rf(wiki_path(project) + '/objects')
+  end
+
+  def wiki_path(project)
+    project.wiki.repository.path_to_repo
   end
 end
diff --git a/spec/workers/repository_import_worker_spec.rb b/spec/workers/repository_import_worker_spec.rb
index 6739063543b..f1b1574abf4 100644
--- a/spec/workers/repository_import_worker_spec.rb
+++ b/spec/workers/repository_import_worker_spec.rb
@@ -6,14 +6,28 @@ describe RepositoryImportWorker do
   subject { described_class.new }
 
   describe '#perform' do
-    it 'imports a project' do
-      expect_any_instance_of(Projects::ImportService).to receive(:execute).
-        and_return({ status: :ok })
+    context 'when the import was successful' do
+      it 'imports a project' do
+        expect_any_instance_of(Projects::ImportService).to receive(:execute).
+          and_return({ status: :ok })
 
-      expect_any_instance_of(Repository).to receive(:expire_emptiness_caches)
-      expect_any_instance_of(Project).to receive(:import_finish)
+        expect_any_instance_of(Repository).to receive(:expire_emptiness_caches)
+        expect_any_instance_of(Project).to receive(:import_finish)
 
-      subject.perform(project.id)
+        subject.perform(project.id)
+      end
+    end
+
+    context 'when the import has failed' do
+      it 'hide the credentials that were used in the import URL' do
+        error = %Q{remote: Not Found fatal: repository 'https://user:pass@test.com/root/repoC.git/' not found }
+        expect_any_instance_of(Projects::ImportService).to receive(:execute).
+          and_return({ status: :error, message: error })
+
+        subject.perform(project.id)
+
+        expect(project.reload.import_error).to include("https://*****:*****@test.com/root/repoC.git/")
+      end
     end
   end
 end