Add latest changes from gitlab-org/gitlab@master

app/controllers/concerns/spammable_actions.rb

@@ -11,7 +11,7 @@ module SpammableActions
   end
 
   def mark_as_spam
-    if SpamService.new(spammable).mark_as_spam!
+    if SpamService.new(spammable: spammable).mark_as_spam!
       redirect_to spammable_path, notice: _("%{spammable_titlecase} was submitted to Akismet successfully.") % { spammable_titlecase: spammable.spammable_entity_type.titlecase }
     else
       redirect_to spammable_path, alert: _('Error with Akismet. Please check the logs for more info.')

app/graphql/mutations/snippets/mark_as_spam.rb

@@ -24,7 +24,7 @@ module Mutations
       private
 
       def mark_as_spam(snippet)
-        SpamService.new(snippet).mark_as_spam!
+        SpamService.new(spammable: snippet).mark_as_spam!
       end
 
       def authorized_resource?(snippet)

app/models/user.rb

@@ -286,6 +286,10 @@ class User < ApplicationRecord
       end
     end
 
+    before_transition do
+      !Gitlab::Database.read_only?
+    end
+
     # rubocop: disable CodeReuse/ServiceClass
     # Ideally we should not call a service object here but user.block
     # is also bcalled by Users::MigrateToGhostUserService which references

app/services/concerns/spam_check_methods.rb

@@ -24,7 +24,7 @@ module SpamCheckMethods
   # rubocop:disable Gitlab/ModuleWithInstanceVariables
   # rubocop: disable CodeReuse/ActiveRecord
   def spam_check(spammable, user)
-    spam_service = SpamService.new(spammable, @request)
+    spam_service = SpamService.new(spammable: spammable, request: @request)
 
     spam_service.when_recaptcha_verified(@recaptcha_verified, @api) do
       user.spam_logs.find_by(id: @spam_log_id)&.update!(recaptcha_verified: true)

app/services/spam_service.rb

@@ -4,7 +4,7 @@ class SpamService
   attr_accessor :spammable, :request, :options
   attr_reader :spam_log
 
-  def initialize(spammable, request = nil)
+  def initialize(spammable:, request: nil)
     @spammable = spammable
     @request = request
     @options = {}

lib/gitlab/ci/templates/Managed-Cluster-Applications.gitlab-ci.yml

@@ -7,6 +7,7 @@ apply:
     TILLER_NAMESPACE: gitlab-managed-apps
     GITLAB_MANAGED_APPS_FILE: $CI_PROJECT_DIR/.gitlab/managed-apps/config.yaml
     INGRESS_VALUES_FILE: $CI_PROJECT_DIR/.gitlab/managed-apps/ingress/values.yaml
+    CERT_MANAGER_VALUES_FILE: $CI_PROJECT_DIR/.gitlab/managed-apps/cert-manager/values.yaml
     SENTRY_VALUES_FILE: $CI_PROJECT_DIR/.gitlab/managed-apps/sentry/values.yaml
   script:
     - gitlab-managed-apps /usr/local/share/gitlab-managed-apps/helmfile.yaml

spec/models/user_spec.rb

@@ -1991,6 +1991,19 @@ describe User, :do_not_mock_admin_mode do
         expect(user.blocked?).to be_truthy
         expect(user.ldap_blocked?).to be_truthy
       end
+
+      context 'on a read-only instance' do
+        before do
+          allow(Gitlab::Database).to receive(:read_only?).and_return(true)
+        end
+
+        it 'does not block user' do
+          user.ldap_block
+
+          expect(user.blocked?).to be_falsey
+          expect(user.ldap_blocked?).to be_falsey
+        end
+      end
     end
   end
 

spec/services/spam_service_spec.rb

@@ -5,7 +5,7 @@ require 'spec_helper'
 describe SpamService do
   describe '#when_recaptcha_verified' do
     def check_spam(issue, request, recaptcha_verified)
-      described_class.new(issue, request).when_recaptcha_verified(recaptcha_verified) do
+      described_class.new(spammable: issue, request: request).when_recaptcha_verified(recaptcha_verified) do
         'yielded'
       end
     end