Merge branch 'ce-to-ee-2018-03-26' into 'master'

CE upstream - 2018-03-26 15:28 UTC See merge request gitlab-org/gitlab-ee!5115

Merge branch 'ce-to-ee-2018-03-26' into 'master'
CE upstream - 2018-03-26 15:28 UTC See merge request gitlab-org/gitlab-ee!5115
b769f211 · Stan Hu · 1508d8db · 4a679690 · b769f211 · b769f211
Commit b769f211 authored Mar 27, 2018 by Stan Hu
25 changed files
--- a/Gemfile
+++ b/Gemfile
@@ -172,7 +172,7 @@ group :unicorn do
 end
 # State machine
-gem 'state_machines-activerecord', '~> 0.4.0'
+gem 'state_machines-activerecord', '~> 0.5.1'
 # Issue tags
 gem 'acts-as-taggable-on', '~> 5.0'

--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -927,13 +927,13 @@ GEM
    sqlite3 (1.3.13)
    sshkey (1.9.0)
    stackprof (0.2.10)
-    state_machines (0.4.0)
+    state_machines (0.5.0)
-    state_machines-activemodel (0.4.0)
+    state_machines-activemodel (0.5.1)
-      activemodel (>= 4.1, < 5.1)
+      activemodel (>= 4.1, < 6.0)
-      state_machines (>= 0.4.0)
+      state_machines (>= 0.5.0)
-    state_machines-activerecord (0.4.0)
+    state_machines-activerecord (0.5.1)
-      activerecord (>= 4.1, < 5.1)
+      activerecord (>= 4.1, < 6.0)
-      state_machines-activemodel (>= 0.3.0)
+      state_machines-activemodel (>= 0.5.0)
    stringex (2.7.1)
    sys-filesystem (1.1.6)
      ffi
@@ -1232,7 +1232,7 @@ DEPENDENCIES
  sprockets (~> 3.7.0)
  sshkey (~> 1.9.0)
  stackprof (~> 0.2.10)
-  state_machines-activerecord (~> 0.4.0)
+  state_machines-activerecord (~> 0.5.1)
  sys-filesystem (~> 1.1.6)
  test-prof (~> 0.2.5)
  test_after_commit (~> 1.1)

--- a/Gemfile.rails5.lock
+++ b/Gemfile.rails5.lock
@@ -43,8 +43,8 @@ GEM
      i18n (~> 0.7)
      minitest (~> 5.1)
      tzinfo (~> 1.1)
-    acts-as-taggable-on (4.0.0)
+    acts-as-taggable-on (5.0.0)
-      activerecord (>= 4.0)
+      activerecord (>= 4.2.8)
    adamantium (0.2.0)
      ice_nine (~> 0.11.0)
      memoizable (~> 0.4.0)
@@ -178,10 +178,10 @@ GEM
    docile (1.1.5)
    domain_name (0.5.20170404)
      unf (>= 0.0.5, < 1.0.0)
-    doorkeeper (4.2.6)
+    doorkeeper (4.3.1)
      railties (>= 4.2)
-    doorkeeper-openid_connect (1.2.0)
+    doorkeeper-openid_connect (1.3.0)
-      doorkeeper (~> 4.0)
+      doorkeeper (~> 4.3)
      json-jwt (~> 1.6)
    dropzonejs-rails (0.7.4)
      rails (> 3.1)
@@ -220,13 +220,13 @@ GEM
      path_expander (~> 1.0)
      ruby_parser (~> 3.0)
      sexp_processor (~> 4.0)
-    flipper (0.11.0)
+    flipper (0.13.0)
-    flipper-active_record (0.11.0)
+    flipper-active_record (0.13.0)
      activerecord (>= 3.2, < 6)
-      flipper (~> 0.11.0)
+      flipper (~> 0.13.0)
-    flipper-active_support_cache_store (0.11.0)
+    flipper-active_support_cache_store (0.13.0)
      activesupport (>= 3.2, < 6)
-      flipper (~> 0.11.0)
+      flipper (~> 0.13.0)
    flowdock (0.7.1)
      httparty (~> 0.7)
      multi_json
@@ -235,7 +235,7 @@ GEM
      fog-json (~> 1.0)
      ipaddress (~> 0.8)
      xml-simple (~> 1.1)
-    fog-aws (1.4.1)
+    fog-aws (2.0.1)
      fog-core (~> 1.38)
      fog-json (~> 1.0)
      fog-xml (~> 0.1)
@@ -267,7 +267,7 @@ GEM
      nokogiri (>= 1.5.11, < 2.0.0)
    font-awesome-rails (4.7.0.3)
      railties (>= 3.2, < 5.2)
-    foreman (0.78.0)
+    foreman (0.84.0)
      thor (~> 0.19.1)
    formatador (0.2.5)
    fuubar (2.2.0)
@@ -283,7 +283,7 @@ GEM
      text (>= 1.3.0)
    gettext_i18n_rails (1.8.0)
      fast_gettext (>= 0.9.0)
-    gettext_i18n_rails_js (1.2.0)
+    gettext_i18n_rails_js (1.3.0)
      gettext (>= 3.0.2)
      gettext_i18n_rails (>= 0.7.1)
      po_to_json (>= 1.0.0)
@@ -337,9 +337,9 @@ GEM
      json
      multi_json
      request_store (>= 1.0)
-    google-api-client (0.13.6)
+    google-api-client (0.19.8)
      addressable (~> 2.5, >= 2.5.1)
-      googleauth (~> 0.5)
+      googleauth (>= 0.5, < 0.7.0)
      httpclient (>= 2.8.1, < 3.0)
      mime-types (~> 3.0)
      representable (~> 3.0)
@@ -404,7 +404,7 @@ GEM
    html2text (0.2.1)
      nokogiri (~> 1.6)
    htmlentities (4.3.4)
-    http (0.9.8)
+    http (2.2.2)
      addressable (~> 2.3)
      http-cookie (~> 1.0)
      http-form_data (~> 1.0.1)
@@ -427,10 +427,6 @@ GEM
      multipart-post
      oauth (~> 0.5, >= 0.5.0)
    jquery-atwho-rails (1.3.2)
-    jquery-rails (4.3.1)
-      rails-dom-testing (>= 1, < 3)
-      railties (>= 4.2.0)
-      thor (>= 0.14, < 2.0)
    json (1.8.6)
    json-jwt (1.9.2)
      activesupport
@@ -454,13 +450,12 @@ GEM
      kaminari-core (= 1.1.1)
    kaminari-core (1.1.1)
    kgio (2.11.2)
-    knapsack (1.11.1)
+    knapsack (1.16.0)
      rake
-      timecop (>= 0.1.0)
+    kubeclient (3.0.0)
-    kubeclient (2.2.0)
+      http (~> 2.2.2)
-      http (= 0.9.8)
+      recursive-open-struct (~> 1.0.4)
-      recursive-open-struct (= 1.0.0)
+      rest-client (~> 2.0)
-      rest-client
    launchy (2.4.3)
      addressable (~> 2.3)
    letter_opener (1.6.0)
@@ -477,7 +472,7 @@ GEM
      toml (= 0.1.2)
      with_env (> 1.0)
      xml-simple
-    licensee (8.7.0)
+    licensee (8.9.2)
      rugged (~> 0.24)
    little-plugger (1.1.4)
    locale (2.1.2)
@@ -514,7 +509,7 @@ GEM
      mustermann (~> 1.0.0)
    mysql2 (0.4.10)
    net-ldap (0.16.1)
-    net-ssh (4.1.0)
+    net-ssh (4.2.0)
    netrc (0.11.0)
    nio4r (2.2.0)
    nokogiri (1.8.2)
@@ -527,11 +522,10 @@ GEM
      multi_json (~> 1.3)
      multi_xml (~> 0.5)
      rack (>= 1.2, < 3)
-    octokit (4.6.2)
+    octokit (4.8.0)
      sawyer (~> 0.8.0, >= 0.5.3)
-    oj (2.17.5)
+    omniauth (1.8.1)
-    omniauth (1.4.3)
+      hashie (>= 3.4.6, < 3.6.0)
-      hashie (>= 1.2, < 4)
      rack (>= 1.6.2, < 3)
    omniauth-auth0 (1.4.2)
      omniauth-oauth2 (~> 1.1)
@@ -570,9 +564,9 @@ GEM
      omniauth (~> 1.2)
    omniauth-oauth2-generic (0.2.4)
      omniauth-oauth2 (~> 1.0)
-    omniauth-saml (1.7.0)
+    omniauth-saml (1.10.0)
-      omniauth (~> 1.3)
+      omniauth (~> 1.3, >= 1.3.2)
-      ruby-saml (~> 1.4)
+      ruby-saml (~> 1.7)
    omniauth-shibboleth (1.2.1)
      omniauth (>= 1.0.0)
    omniauth-twitter (1.2.1)
@@ -598,8 +592,6 @@ GEM
      railties (>= 4.0.0)
    peek-gc (0.0.2)
      peek
-    peek-host (1.0.0)
-      peek
    peek-mysql2 (1.1.0)
      atomic (>= 1.0.0)
      mysql2
@@ -713,7 +705,7 @@ GEM
    re2 (1.1.1)
    recaptcha (3.4.0)
      json
-    recursive-open-struct (1.0.0)
+    recursive-open-struct (1.0.5)
    redcarpet (3.4.0)
    redis (3.3.5)
    redis-actionpack (5.0.2)
@@ -805,7 +797,7 @@ GEM
      i18n
    ruby-fogbugz (0.2.1)
      crack (~> 0.4)
-    ruby-prof (0.16.2)
+    ruby-prof (0.17.0)
    ruby-progressbar (1.9.0)
    ruby-saml (1.7.2)
      nokogiri (>= 1.5.10)
@@ -846,7 +838,7 @@ GEM
    selenium-webdriver (3.11.0)
      childprocess (~> 0.5)
      rubyzip (~> 1.2)
-    sentry-raven (2.5.3)
+    sentry-raven (2.7.2)
      faraday (>= 0.7.6, < 1.0)
    settingslogic (2.0.9)
    sexp_processor (4.10.1)
@@ -903,12 +895,12 @@ GEM
    sshkey (1.9.0)
    stackprof (0.2.11)
    state_machines (0.5.0)
-    state_machines-activemodel (0.5.0)
+    state_machines-activemodel (0.5.1)
-      activemodel (>= 4.1, < 5.2)
+      activemodel (>= 4.1, < 6.0)
      state_machines (>= 0.5.0)
-    state_machines-activerecord (0.4.1)
+    state_machines-activerecord (0.5.1)
-      activerecord (>= 4.1, < 5.2)
+      activerecord (>= 4.1, < 6.0)
-      state_machines-activemodel (>= 0.3.0)
+      state_machines-activemodel (>= 0.5.0)
    stringex (2.8.4)
    sys-filesystem (1.1.9)
      ffi
@@ -998,7 +990,7 @@ DEPENDENCIES
  RedCloth (~> 4.3.2)
  ace-rails-ap (~> 4.1.0)
  activerecord_sane_schema_dumper (= 1.0)
-  acts-as-taggable-on (~> 4.0)
+  acts-as-taggable-on (~> 5.0)
  addressable (~> 2.5.2)
  akismet (~> 2.0)
  allocations (~> 1.0)
@@ -1038,8 +1030,8 @@ DEPENDENCIES
  devise (~> 4.2)
  devise-two-factor (~> 3.0.0)
  diffy (~> 3.1.0)
-  doorkeeper (~> 4.2.0)
+  doorkeeper (~> 4.3)
-  doorkeeper-openid_connect (~> 1.2.0)
+  doorkeeper-openid_connect (~> 1.3)
  dropzonejs-rails (~> 0.7.1)
  email_reply_trimmer (~> 0.1)
  email_spec (~> 1.6.0)
@@ -1048,24 +1040,24 @@ DEPENDENCIES
  fast_blank
  ffaker (~> 2.4)
  flay (~> 2.10.0)
-  flipper (~> 0.11.0)
+  flipper (~> 0.13.0)
-  flipper-active_record (~> 0.11.0)
+  flipper-active_record (~> 0.13.0)
-  flipper-active_support_cache_store (~> 0.11.0)
+  flipper-active_support_cache_store (~> 0.13.0)
  fog-aliyun (~> 0.2.0)
-  fog-aws (~> 1.4)
+  fog-aws (~> 2.0)
  fog-core (~> 1.44)
  fog-google (~> 0.5)
  fog-local (~> 0.3)
  fog-openstack (~> 0.1)
  fog-rackspace (~> 0.1.1)
  font-awesome-rails (~> 4.7)
-  foreman (~> 0.78.0)
+  foreman (~> 0.84.0)
  fuubar (~> 2.2.0)
  gemnasium-gitlab-service (~> 0.2)
  gemojione (~> 3.3)
  gettext (~> 3.2.2)
  gettext_i18n_rails (~> 1.8.0)
-  gettext_i18n_rails_js (~> 1.2.0)
+  gettext_i18n_rails_js (~> 1.3)
  gitaly-proto (~> 0.88.0)
  github-linguist (~> 5.3.3)
  gitlab-flowdock-git-hook (~> 1.0.1)
@@ -1075,7 +1067,7 @@ DEPENDENCIES
  gollum-lib (~> 4.2)
  gollum-rugged_adapter (~> 0.4.4)
  gon (~> 6.1.0)
-  google-api-client (~> 0.13.6)
+  google-api-client (~> 0.19.8)
  google-protobuf (= 3.5.1)
  gpgme
  grape (~> 1.0)
@@ -1094,15 +1086,14 @@ DEPENDENCIES
  influxdb (~> 0.2)
  jira-ruby (~> 1.4)
  jquery-atwho-rails (~> 1.3.2)
-  jquery-rails (~> 4.3.1)
  json-schema (~> 2.8.0)
  jwt (~> 1.5.6)
  kaminari (~> 1.0)
-  knapsack (~> 1.11.0)
+  knapsack (~> 1.16)
-  kubeclient (~> 2.2.0)
+  kubeclient (~> 3.0)
  letter_opener_web (~> 1.3.0)
  license_finder (~> 3.1)
-  licensee (~> 8.7.0)
+  licensee (~> 8.9)
  lograge (~> 0.5)
  loofah (~> 2.0.3)
  mail_room (~> 0.9.1)
@@ -1111,12 +1102,11 @@ DEPENDENCIES
  mousetrap-rails (~> 1.4.6)
  mysql2 (~> 0.4.10)
  net-ldap
-  net-ssh (~> 4.1.0)
+  net-ssh (~> 4.2.0)
  nokogiri (~> 1.8.2)
  oauth2 (~> 1.4)
-  octokit (~> 4.6.2)
+  octokit (~> 4.8)
-  oj (~> 2.17.4)
+  omniauth (~> 1.8)
-  omniauth (~> 1.4.2)
  omniauth-auth0 (~> 1.4.1)
  omniauth-authentiq (~> 0.3.1)
  omniauth-azure-oauth2 (~> 0.0.9)
@@ -1127,14 +1117,13 @@ DEPENDENCIES
  omniauth-google-oauth2 (~> 0.5.2)
  omniauth-kerberos (~> 0.3.0)
  omniauth-oauth2-generic (~> 0.2.2)
-  omniauth-saml (~> 1.7.0)
+  omniauth-saml (~> 1.10)
  omniauth-shibboleth (~> 1.2.0)
  omniauth-twitter (~> 1.2.0)
  omniauth_crowd (~> 2.2.0)
  org-ruby (~> 0.9.12)
  peek (~> 1.0.1)
  peek-gc (~> 0.0.2)
-  peek-host (~> 1.0.0)
  peek-mysql2 (~> 1.1.0)
  peek-performance_bar (~> 1.3.0)
  peek-pg (~> 1.3.0)
@@ -1177,7 +1166,7 @@ DEPENDENCIES
  rubocop (~> 0.52.1)
  rubocop-rspec (~> 1.22.1)
  ruby-fogbugz (~> 0.2.1)
-  ruby-prof (~> 0.16.2)
+  ruby-prof (~> 0.17.0)
  ruby_parser (~> 3.8)
  rufus-scheduler (~> 3.4)
  rugged (~> 0.26.0)
@@ -1187,7 +1176,7 @@ DEPENDENCIES
  seed-fu (~> 2.3.7)
  select2-rails (~> 3.5.9)
  selenium-webdriver (~> 3.5)
-  sentry-raven (~> 2.5.3)
+  sentry-raven (~> 2.7)
  settingslogic (~> 2.0.9)
  sham_rack (~> 1.3.6)
  shoulda-matchers (~> 3.1.2)
@@ -1205,7 +1194,7 @@ DEPENDENCIES
  sprockets (~> 3.7.0)
  sshkey (~> 1.9.0)
  stackprof (~> 0.2.10)
-  state_machines-activerecord (~> 0.4.0)
+  state_machines-activerecord (~> 0.5.1)
  sys-filesystem (~> 1.1.6)
  test-prof (~> 0.2.5)
  test_after_commit (~> 1.1)

--- a/app/assets/javascripts/ci_variable_list/ci_variable_list.js
+++ b/app/assets/javascripts/ci_variable_list/ci_variable_list.js
@@ -33,7 +33,7 @@ export default class VariableList {
        selector: '.js-ci-variable-input-key',
        default: '',
      },
-      value: {
+      secret_value: {
        selector: '.js-ci-variable-input-value',
        default: '',
      },
@@ -105,7 +105,7 @@ export default class VariableList {
    setupToggleButtons($row[0]);
    // Reset the resizable textarea
-    $row.find(this.inputMap.value.selector).css('height', '');
+    $row.find(this.inputMap.secret_value.selector).css('height', '');
    const $environmentSelect = $row.find('.js-variable-environment-toggle');
    if ($environmentSelect.length) {

--- a/app/assets/javascripts/commons/polyfills.js
+++ b/app/assets/javascripts/commons/polyfills.js
 // ECMAScript polyfills
+import 'core-js/fn/array/fill';
 import 'core-js/fn/array/find';
 import 'core-js/fn/array/find-index';
 import 'core-js/fn/array/from';

--- a/app/assets/javascripts/ide/lib/editor.js
+++ b/app/assets/javascripts/ide/lib/editor.js
@@ -65,6 +65,10 @@ export default class Editor {
        (this.instance = this.monaco.editor.createDiffEditor(domElement, {
          ...defaultEditorOptions,
          readOnly: true,
+          quickSuggestions: false,
+          occurrencesHighlight: false,
+          renderLineHighlight: 'none',
+          hideCursorInOverviewRuler: true,
        })),
      );

--- a/app/assets/stylesheets/pages/repo.scss
+++ b/app/assets/stylesheets/pages/repo.scss
@@ -290,6 +290,10 @@
    .margin-view-overlays .delete-sign {
      opacity: 0.4;
    }
+    .cursors-layer {
+      display: none;
+    }
  }
 }

--- a/app/controllers/groups/variables_controller.rb
+++ b/app/controllers/groups/variables_controller.rb
@@ -39,7 +39,7 @@ module Groups
    end
    def variable_params_attributes
-      %i[id key value protected _destroy]
+      %i[id key secret_value protected _destroy]
    end
    def authorize_admin_build!

--- a/app/controllers/projects/pipeline_schedules_controller.rb
+++ b/app/controllers/projects/pipeline_schedules_controller.rb
@@ -92,7 +92,7 @@ class Projects::PipelineSchedulesController < Projects::ApplicationController
  def schedule_params
    params.require(:schedule)
      .permit(:description, :cron, :cron_timezone, :ref, :active,
-        variables_attributes: [:id, :key, :value, :_destroy] )
+        variables_attributes: [:id, :key, :secret_value, :_destroy] )
  end
  def authorize_play_pipeline_schedule!

--- a/app/controllers/projects/variables_controller.rb
+++ b/app/controllers/projects/variables_controller.rb
@@ -38,6 +38,6 @@ class Projects::VariablesController < Projects::ApplicationController
  end
  def variable_params_attributes
-    %i[id key value protected _destroy]
+    %i[id key secret_value protected _destroy]
  end
 end
--- a/app/models/ci/group_variable.rb
+++ b/app/models/ci/group_variable.rb
@@ -6,6 +6,8 @@ module Ci
    belongs_to :group
+    alias_attribute :secret_value, :value
    validates :key, uniqueness: {
      scope: :group_id,
      message: "(%{value}) has already been taken"

--- a/app/models/ci/pipeline_schedule_variable.rb
+++ b/app/models/ci/pipeline_schedule_variable.rb
@@ -5,6 +5,8 @@ module Ci
    belongs_to :pipeline_schedule
+    alias_attribute :secret_value, :value
    validates :key, uniqueness: { scope: :pipeline_schedule_id }
  end
 end
--- a/app/models/ci/variable.rb
+++ b/app/models/ci/variable.rb
@@ -7,6 +7,8 @@ module Ci
    belongs_to :project
+    alias_attribute :secret_value, :value
    validates :key, uniqueness: {
      scope: [:project_id, :environment_scope],
      message: "(%{value}) has already been taken"

--- a/app/models/event.rb
+++ b/app/models/event.rb
@@ -52,12 +52,12 @@ class Event < ActiveRecord::Base
  belongs_to :target, -> {
    # If the association for "target" defines an "author" association we want to
    # eager-load this so Banzai & friends don't end up performing N+1 queries to
-    # get the authors of notes, issues, etc.
+    # get the authors of notes, issues, etc. (likewise for "noteable").
-    if reflections['events'].active_record.reflect_on_association(:author)
+    incs = %i(author noteable).select do |a|
-      includes(:author)
+      reflections['events'].active_record.reflect_on_association(a)
-    else
-      self
    end
+    incs.reduce(self) { |obj, a| obj.includes(a) }
  }, polymorphic: true # rubocop:disable Cop/PolymorphicAssociations
  has_one :push_event_payload

--- a/app/views/ci/variables/_variable_row.html.haml
+++ b/app/views/ci/variables/_variable_row.html.haml
@@ -10,7 +10,7 @@
 - id_input_name = "#{form_field}[variables_attributes][][id]"
 - destroy_input_name = "#{form_field}[variables_attributes][][_destroy]"
 - key_input_name = "#{form_field}[variables_attributes][][key]"
- value_input_name = "#{form_field}[variables_attributes][][value]"
+- value_input_name = "#{form_field}[variables_attributes][][secret_value]"
 - protected_input_name = "#{form_field}[variables_attributes][][protected]"
 %li.js-row.ci-variable-row{ data: { is_persisted: "#{!id.nil?}" } }

--- a/changelogs/unreleased/43316-controller-parameters-handling-sensitive-information-should-use-a-more-specific-name.yml
+++ b/changelogs/unreleased/43316-controller-parameters-handling-sensitive-information-should-use-a-more-specific-name.yml
+---
+title: Use specific names for filtered CI variable controller parameters
+merge_request: 17796
+author:
+type: other
--- a/changelogs/unreleased/ab-43150-users-controller-show-query-limit.yml
+++ b/changelogs/unreleased/ab-43150-users-controller-show-query-limit.yml
+---
+title: Remove N+1 query for Noteable association.
+merge_request: 17956
+author:
+type: performance
--- a/changelogs/unreleased/blackst0ne-rails5-update-state_machines-activerecord-gem.yml
+++ b/changelogs/unreleased/blackst0ne-rails5-update-state_machines-activerecord-gem.yml
+---
+title: Bump `state_machines-activerecord` to 0.5.1
+merge_request: 17924
+author: blackst0ne
+type: other
--- a/doc/integration/saml.md
+++ b/doc/integration/saml.md
@@ -102,9 +102,10 @@ in your SAML IdP:
    installation to generate the correct value).
 1.  Change the values of `idp_cert_fingerprint`, `idp_sso_target_url`,
-    `name_identifier_format` to match your IdP. Check
+    `name_identifier_format` to match your IdP. If a fingerprint is used it must
+    be a SHA1 fingerprint; check
    [the omniauth-saml documentation](https://github.com/omniauth/omniauth-saml)
-    for details on these options.
+    for more details on these options.
 1.  Change the value of `issuer` to a unique name, which will identify the application
    to the IdP.
@@ -362,6 +363,7 @@ need to be validated using a fingerprint, a certificate or a validator.
 For this you need take the following into account:
+- If a fingerprint is used, it must be the SHA1 fingerprint
 - If no certificate is provided in the settings, a fingerprint or fingerprint
  validator needs to be provided and the response from the server must contain
  a certificate (`<ds:KeyInfo><ds:X509Data><ds:X509Certificate>`)

--- a/ee/spec/controllers/projects/variables_controller_spec.rb
+++ b/ee/spec/controllers/projects/variables_controller_spec.rb
@@ -19,13 +19,13 @@ describe Projects::VariablesController do
    let(:variable_attributes) do
      { id: variable.id,
        key: variable.key,
-        value: variable.value,
+        secret_value: variable.value,
        protected: variable.protected?.to_s,
        environment_scope: variable.environment_scope }
    end
    let(:new_variable_attributes) do
      { key: 'new_key',
-        value: 'dummy_value',
+        secret_value: 'dummy_value',
        protected: 'false',
        environment_scope: 'new_scope' }
    end

--- a/spec/controllers/projects/pipeline_schedules_controller_spec.rb
+++ b/spec/controllers/projects/pipeline_schedules_controller_spec.rb
@@ -80,7 +80,7 @@ describe Projects::PipelineSchedulesController do
      context 'when variables_attributes has one variable' do
        let(:schedule) do
          basic_param.merge({
-            variables_attributes: [{ key: 'AAA', value: 'AAA123' }]
+            variables_attributes: [{ key: 'AAA', secret_value: 'AAA123' }]
          })
        end
@@ -101,7 +101,8 @@ describe Projects::PipelineSchedulesController do
      context 'when variables_attributes has two variables and duplicated' do
        let(:schedule) do
          basic_param.merge({
-            variables_attributes: [{ key: 'AAA', value: 'AAA123' }, { key: 'AAA', value: 'BBB123' }]
+            variables_attributes: [{ key: 'AAA', secret_value: 'AAA123' },
+                                   { key: 'AAA', secret_value: 'BBB123' }]
          })
        end
@@ -152,7 +153,7 @@ describe Projects::PipelineSchedulesController do
        context 'when params include one variable' do
          let(:schedule) do
            basic_param.merge({
-              variables_attributes: [{ key: 'AAA', value: 'AAA123' }]
+              variables_attributes: [{ key: 'AAA', secret_value: 'AAA123' }]
            })
          end
@@ -169,7 +170,8 @@ describe Projects::PipelineSchedulesController do
        context 'when params include two duplicated variables' do
          let(:schedule) do
            basic_param.merge({
-              variables_attributes: [{ key: 'AAA', value: 'AAA123' }, { key: 'AAA', value: 'BBB123' }]
+              variables_attributes: [{ key: 'AAA', secret_value: 'AAA123' },
+                                     { key: 'AAA', secret_value: 'BBB123' }]
            })
          end
@@ -194,7 +196,7 @@ describe Projects::PipelineSchedulesController do
        context 'when adds a new variable' do
          let(:schedule) do
            basic_param.merge({
-              variables_attributes: [{ key: 'AAA', value: 'AAA123' }]
+              variables_attributes: [{ key: 'AAA', secret_value: 'AAA123' }]
            })
          end
@@ -209,7 +211,7 @@ describe Projects::PipelineSchedulesController do
        context 'when adds a new duplicated variable' do
          let(:schedule) do
            basic_param.merge({
-              variables_attributes: [{ key: 'CCC', value: 'AAA123' }]
+              variables_attributes: [{ key: 'CCC', secret_value: 'AAA123' }]
            })
          end
@@ -224,7 +226,7 @@ describe Projects::PipelineSchedulesController do
        context 'when updates a variable' do
          let(:schedule) do
            basic_param.merge({
-              variables_attributes: [{ id: pipeline_schedule_variable.id, value: 'new_value' }]
+              variables_attributes: [{ id: pipeline_schedule_variable.id, secret_value: 'new_value' }]
            })
          end
@@ -252,7 +254,7 @@ describe Projects::PipelineSchedulesController do
          let(:schedule) do
            basic_param.merge({
              variables_attributes: [{ id: pipeline_schedule_variable.id, _destroy: true },
-                                     { key: 'CCC', value: 'CCC123' }]
+                                     { key: 'CCC', secret_value: 'CCC123' }]
            })
          end

--- a/spec/features/projects/pipeline_schedules_spec.rb
+++ b/spec/features/projects/pipeline_schedules_spec.rb
@@ -160,9 +160,9 @@ feature 'Pipeline Schedules', :js do
        click_link 'New schedule'
        fill_in_schedule_form
        all('[name="schedule[variables_attributes][][key]"]')[0].set('AAA')
-        all('[name="schedule[variables_attributes][][value]"]')[0].set('AAA123')
+        all('[name="schedule[variables_attributes][][secret_value]"]')[0].set('AAA123')
        all('[name="schedule[variables_attributes][][key]"]')[1].set('BBB')
-        all('[name="schedule[variables_attributes][][value]"]')[1].set('BBB123')
+        all('[name="schedule[variables_attributes][][secret_value]"]')[1].set('BBB123')
        save_pipeline_schedule
      end

--- a/spec/javascripts/ci_variable_list/native_form_variable_list_spec.js
+++ b/spec/javascripts/ci_variable_list/native_form_variable_list_spec.js
@@ -20,7 +20,7 @@ describe('NativeFormVariableList', () => {
    it('should clear out the `name` attribute on the inputs for the last empty row on form submission (avoid BE validation)', () => {
      const $row = $wrapper.find('.js-row');
      expect($row.find('.js-ci-variable-input-key').attr('name')).toBe('schedule[variables_attributes][][key]');
-      expect($row.find('.js-ci-variable-input-value').attr('name')).toBe('schedule[variables_attributes][][value]');
+      expect($row.find('.js-ci-variable-input-value').attr('name')).toBe('schedule[variables_attributes][][secret_value]');
      $wrapper.closest('form').trigger('trigger-submit');

--- a/spec/javascripts/ide/lib/editor_spec.js
+++ b/spec/javascripts/ide/lib/editor_spec.js
@@ -74,6 +74,10 @@ describe('Multi-file editor library', () => {
          },
          readOnly: true,
          scrollBeyondLastLine: false,
+          quickSuggestions: false,
+          occurrencesHighlight: false,
+          renderLineHighlight: 'none',
+          hideCursorInOverviewRuler: true,
        },
      );
    });

--- a/spec/support/shared_examples/controllers/variables_shared_examples.rb
+++ b/spec/support/shared_examples/controllers/variables_shared_examples.rb
@@ -16,19 +16,19 @@ shared_examples 'PATCH #update updates variables' do
  let(:variable_attributes) do
    { id: variable.id,
      key: variable.key,
-      value: variable.value,
+      secret_value: variable.value,
      protected: variable.protected?.to_s }
  end
  let(:new_variable_attributes) do
    { key: 'new_key',
-      value: 'dummy_value',
+      secret_value: 'dummy_value',
      protected: 'false' }
  end
  context 'with invalid new variable parameters' do
    let(:variables_attributes) do
      [
-        variable_attributes.merge(value: 'other_value'),
+        variable_attributes.merge(secret_value: 'other_value'),
        new_variable_attributes.merge(key: '...?')
      ]
    end
@@ -52,7 +52,7 @@ shared_examples 'PATCH #update updates variables' do
    let(:variables_attributes) do
      [
        new_variable_attributes,
-        new_variable_attributes.merge(value: 'other_value')
+        new_variable_attributes.merge(secret_value: 'other_value')
      ]
    end
@@ -74,7 +74,7 @@ shared_examples 'PATCH #update updates variables' do
  context 'with valid new variable parameters' do
    let(:variables_attributes) do
      [
-        variable_attributes.merge(value: 'other_value'),
+        variable_attributes.merge(secret_value: 'other_value'),
        new_variable_attributes
      ]
    end