Merge branch 'introduce-pipeline-triggers' into 'master'

Improve pipeline triggers API See merge request !9713

Merge branch 'introduce-pipeline-triggers' into 'master'
Improve pipeline triggers API See merge request !9713
348dff0a · Sean McGivern · 05be66df · 20feaa9e · 348dff0a · 348dff0a
25 changed file
--- a/app/helpers/triggers_helper.rb
+++ b/app/helpers/triggers_helper.rb
 module TriggersHelper
  def builds_trigger_url(project_id, ref: nil)
    if ref.nil?
-      "#{Settings.gitlab.url}/api/v3/projects/#{project_id}/trigger/builds"
+      "#{Settings.gitlab.url}/api/v4/projects/#{project_id}/trigger/pipeline"
    else
-      "#{Settings.gitlab.url}/api/v3/projects/#{project_id}/ref/#{ref}/trigger/builds"
+      "#{Settings.gitlab.url}/api/v4/projects/#{project_id}/ref/#{ref}/trigger/pipeline"
    end
  end

--- a/app/models/ci/trigger.rb
+++ b/app/models/ci/trigger.rb
@@ -5,10 +5,11 @@ module Ci
    acts_as_paranoid
    belongs_to :project, foreign_key: :gl_project_id
+    belongs_to :owner, class_name: "User"
    has_many :trigger_requests, dependent: :destroy
-    validates :token, presence: true
+    validates :token, presence: true, uniqueness: true
-    validates :token, uniqueness: true
    before_validation :set_default_values
@@ -25,7 +26,11 @@ module Ci
    end
    def short_token
-      token[0...10]
+      token[0...4]
+    end
+    def can_show_token?(user)
+      owner.blank? || owner == user
    end
  end
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -95,6 +95,7 @@ class User < ActiveRecord::Base
  has_many :todos,                    dependent: :destroy
  has_many :notification_settings,    dependent: :destroy
  has_many :award_emoji,              dependent: :destroy
+  has_many :triggers,                 dependent: :destroy, class_name: 'Ci::Trigger', foreign_key: :owner_id
  has_many :assigned_issues,          dependent: :nullify, foreign_key: :assignee_id, class_name: "Issue"
  has_many :assigned_merge_requests,  dependent: :nullify, foreign_key: :assignee_id, class_name: "MergeRequest"

--- a/app/services/ci/create_trigger_request_service.rb
+++ b/app/services/ci/create_trigger_request_service.rb
@@ -3,7 +3,7 @@ module Ci
    def execute(project, trigger, ref, variables = nil)
      trigger_request = trigger.trigger_requests.create(variables: variables)
-      pipeline = Ci::CreatePipelineService.new(project, nil, ref: ref).
+      pipeline = Ci::CreatePipelineService.new(project, trigger.owner, ref: ref).
        execute(ignore_skip_ci: true, trigger_request: trigger_request)
      if pipeline.persisted?
        trigger_request

--- a/changelogs/unreleased/introduce-pipeline-triggers.yml
+++ b/changelogs/unreleased/introduce-pipeline-triggers.yml
+---
+title: Introduce Pipeline Triggers that are user-aware
+merge_request:
+author:
--- a/db/migrate/20170217151948_add_owner_id_to_triggers.rb
+++ b/db/migrate/20170217151948_add_owner_id_to_triggers.rb
+class AddOwnerIdToTriggers < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+  DOWNTIME = false
+  def change
+    add_column :ci_triggers, :owner_id, :integer
+  end
+end
--- a/db/migrate/20170217151949_add_description_to_triggers.rb
+++ b/db/migrate/20170217151949_add_description_to_triggers.rb
+class AddDescriptionToTriggers < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+  DOWNTIME = false
+  def change
+    add_column :ci_triggers, :description, :string
+  end
+end
--- a/db/migrate/20170305203726_add_owner_id_foreign_key.rb
+++ b/db/migrate/20170305203726_add_owner_id_foreign_key.rb
+class AddOwnerIdForeignKey < ActiveRecord::Migration
+  include Gitlab::Database::MigrationHelpers
+  DOWNTIME = false
+  disable_ddl_transaction!
+  def change
+    add_concurrent_foreign_key :ci_triggers, :users, column: :owner_id, on_delete: :cascade
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 20170217151947) do
+ActiveRecord::Schema.define(version: 20170305203726) do
  # These are extensions that must be enabled in order to support this database
  enable_extension "plpgsql"
@@ -111,7 +111,7 @@ ActiveRecord::Schema.define(version: 20170217151947) do
    t.boolean "plantuml_enabled"
    t.integer "max_pages_size", default: 100, null: false
    t.integer "terminal_max_session_time", default: 0, null: false
-    t.string "default_artifacts_expire_in", default: '0', null: false
+    t.string "default_artifacts_expire_in", default: "0", null: false
  end
  create_table "audit_events", force: :cascade do |t|
@@ -377,6 +377,8 @@ ActiveRecord::Schema.define(version: 20170217151947) do
    t.datetime "created_at"
    t.datetime "updated_at"
    t.integer "gl_project_id"
+    t.integer "owner_id"
+    t.string "description"
  end
  add_index "ci_triggers", ["gl_project_id"], name: "index_ci_triggers_on_gl_project_id", using: :btree
@@ -581,9 +583,9 @@ ActiveRecord::Schema.define(version: 20170217151947) do
  end
  add_index "labels", ["group_id", "project_id", "title"], name: "index_labels_on_group_id_and_project_id_and_title", unique: true, using: :btree
-  add_index "labels", ["type", "project_id"], name: "index_labels_on_type_and_project_id", using: :btree
  add_index "labels", ["project_id"], name: "index_labels_on_project_id", using: :btree
  add_index "labels", ["title"], name: "index_labels_on_title", using: :btree
+  add_index "labels", ["type", "project_id"], name: "index_labels_on_type_and_project_id", using: :btree
  create_table "lfs_objects", force: :cascade do |t|
    t.string "oid", null: false
@@ -1333,6 +1335,7 @@ ActiveRecord::Schema.define(version: 20170217151947) do
  add_index "web_hooks", ["project_id"], name: "index_web_hooks_on_project_id", using: :btree
  add_foreign_key "boards", "projects"
+  add_foreign_key "ci_triggers", "users", column: "owner_id", name: "fk_e8e10d1964", on_delete: :cascade
  add_foreign_key "issue_metrics", "issues", on_delete: :cascade
  add_foreign_key "label_priorities", "labels", on_delete: :cascade
  add_foreign_key "label_priorities", "projects", on_delete: :cascade

--- a/doc/api/README.md
+++ b/doc/api/README.md
@@ -12,7 +12,6 @@ following locations:
 - [Branches](branches.md)
 - [Broadcast Messages](broadcast_messages.md)
 - [Builds](builds.md)
- [Build Triggers](build_triggers.md)
 - [Build Variables](build_variables.md)
 - [Commits](commits.md)
 - [Deployments](deployments.md)
@@ -33,6 +32,7 @@ following locations:
 - [Notes](notes.md) (comments)
 - [Notification settings](notification_settings.md)
 - [Pipelines](pipelines.md)
+- [Pipeline Triggers](pipeline_triggers.md)
 - [Projects](projects.md) including setting Webhooks
 - [Project Access Requests](access_requests.md)
 - [Project Members](members.md)

--- a/doc/api/build_triggers.md
+++ b/doc/api/build_triggers.md
-# Build triggers
+This document was moved to [Pipeline Triggers](pipeline_triggers.md).
-You can read more about [triggering builds through the API](../ci/triggers/README.md).
-## List project triggers
-Get a list of project's build triggers.
-```
-GET /projects/:id/triggers
-```
-| Attribute | Type    | required | Description         |
-|-----------|---------|----------|---------------------|
-| `id`      | integer | yes      | The ID of a project |
-```
-curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/triggers"
-```
-```json
-[
-    {
-        "created_at": "2015-12-23T16:24:34.716Z",
-        "deleted_at": null,
-        "last_used": "2016-01-04T15:41:21.986Z",
-        "token": "fbdb730c2fbdb095a0862dbd8ab88b",
-        "updated_at": "2015-12-23T16:24:34.716Z"
-    },
-    {
-        "created_at": "2015-12-23T16:25:56.760Z",
-        "deleted_at": null,
-        "last_used": null,
-        "token": "7b9148c158980bbd9bcea92c17522d",
-        "updated_at": "2015-12-23T16:25:56.760Z"
-    }
-]
-```
-## Get trigger details
-Get details of project's build trigger.
-```
-GET /projects/:id/triggers/:token
-```
-| Attribute | Type    | required | Description              |
-|-----------|---------|----------|--------------------------|
-| `id`      | integer | yes      | The ID of a project      |
-| `token`   | string  | yes      | The `token` of a trigger |
-```
-curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/triggers/7b9148c158980bbd9bcea92c17522d"
-```
-```json
-{
-    "created_at": "2015-12-23T16:25:56.760Z",
-    "deleted_at": null,
-    "last_used": null,
-    "token": "7b9148c158980bbd9bcea92c17522d",
-    "updated_at": "2015-12-23T16:25:56.760Z"
-}
-```
-## Create a project trigger
-Create a build trigger for a project.
-```
-POST /projects/:id/triggers
-```
-| Attribute | Type    | required | Description              |
-|-----------|---------|----------|--------------------------|
-| `id`      | integer | yes      | The ID of a project      |
-```
-curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/triggers"
-```
-```json
-{
-    "created_at": "2016-01-07T09:53:58.235Z",
-    "deleted_at": null,
-    "last_used": null,
-    "token": "6d056f63e50fe6f8c5f8f4aa10edb7",
-    "updated_at": "2016-01-07T09:53:58.235Z"
-}
-```
-## Remove a project trigger
-Remove a project's build trigger.
-```
-DELETE /projects/:id/triggers/:token
-```
-| Attribute | Type    | required | Description              |
-|-----------|---------|----------|--------------------------|
-| `id`      | integer | yes      | The ID of a project      |
-| `token`   | string  | yes      | The `token` of a trigger |
-```
-curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/triggers/7b9148c158980bbd9bcea92c17522d"
-```
--- a/doc/api/pipeline_triggers.md
+++ b/doc/api/pipeline_triggers.md
+# Pipeline triggers
+You can read more about [triggering pipelines through the API](../ci/triggers/README.md).
+## List project triggers
+Get a list of project's build triggers.
+```
+GET /projects/:id/triggers
+```
+| Attribute | Type    | required | Description         |
+|-----------|---------|----------|---------------------|
+| `id`      | integer | yes      | The ID of a project |
+```
+curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/triggers"
+```
+```json
+[
+    {
+        "id": 10,
+        "description": "my trigger",
+        "created_at": "2016-01-07T09:53:58.235Z",
+        "deleted_at": null,
+        "last_used": null,
+        "token": "6d056f63e50fe6f8c5f8f4aa10edb7",
+        "updated_at": "2016-01-07T09:53:58.235Z",
+        "owner": null
+    }
+]
+```
+## Get trigger details
+Get details of project's build trigger.
+```
+GET /projects/:id/triggers/:trigger_id
+```
+| Attribute | Type    | required | Description              |
+|-----------|---------|----------|--------------------------|
+| `id`      | integer | yes      | The ID of a project      |
+| `token`   | string  | yes      | The `token` of a trigger |
+```
+curl --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/triggers/5"
+```
+```json
+{
+    "id": 10,
+    "description": "my trigger",
+    "created_at": "2016-01-07T09:53:58.235Z",
+    "deleted_at": null,
+    "last_used": null,
+    "token": "6d056f63e50fe6f8c5f8f4aa10edb7",
+    "updated_at": "2016-01-07T09:53:58.235Z",
+    "owner": null
+}
+```
+## Create a project trigger
+Create a trigger for a project.
+```
+POST /projects/:id/triggers
+```
+| Attribute     | Type    | required | Description              |
+|---------------|---------|----------|--------------------------|
+| `id`          | integer | yes      | The ID of a project      |
+| `description` | string  | yes      | The trigger name         |
+```
+curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form description="my description" "https://gitlab.example.com/api/v4/projects/1/triggers"
+```
+```json
+{
+    "id": 10,
+    "description": "my trigger",
+    "created_at": "2016-01-07T09:53:58.235Z",
+    "deleted_at": null,
+    "last_used": null,
+    "token": "6d056f63e50fe6f8c5f8f4aa10edb7",
+    "updated_at": "2016-01-07T09:53:58.235Z",
+    "owner": null
+}
+```
+## Update a project trigger
+Update a trigger for a project.
+```
+PUT /projects/:id/triggers/:trigger_id
+```
+| Attribute     | Type    | required | Description              |
+|---------------|---------|----------|--------------------------|
+| `trigger_id`  | integer | yes      | The trigger id           |
+| `description` | string  | no       | The trigger name         |
+```
+curl --request PUT --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" --form description="my description" "https://gitlab.example.com/api/v4/projects/1/triggers/10"
+```
+```json
+{
+    "id": 10,
+    "description": "my trigger",
+    "created_at": "2016-01-07T09:53:58.235Z",
+    "deleted_at": null,
+    "last_used": null,
+    "token": "6d056f63e50fe6f8c5f8f4aa10edb7",
+    "updated_at": "2016-01-07T09:53:58.235Z",
+    "owner": null
+}
+```
+## Take ownership of a project trigger
+Update an owner of a project trigger.
+```
+POST /projects/:id/triggers/:trigger_id/take_ownership
+```
+| Attribute     | Type    | required | Description              |
+|---------------|---------|----------|--------------------------|
+| `trigger_id`  | integer | yes      | The trigger id           |
+```
+curl --request POST --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/triggers/10/take_ownership"
+```
+```json
+{
+    "id": 10,
+    "description": "my trigger",
+    "created_at": "2016-01-07T09:53:58.235Z",
+    "deleted_at": null,
+    "last_used": null,
+    "token": "6d056f63e50fe6f8c5f8f4aa10edb7",
+    "updated_at": "2016-01-07T09:53:58.235Z",
+    "owner": null
+}
+```
+## Remove a project trigger
+Remove a project's build trigger.
+```
+DELETE /projects/:id/triggers/:trigger_id
+```
+| Attribute      | Type    | required | Description              |
+|----------------|---------|----------|--------------------------|
+| `id`           | integer | yes      | The ID of a project      |
+| `trigger_id`   | integer | yes      | The trigger id           |
+```
+curl --request DELETE --header "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v4/projects/1/triggers/5"
+```
--- a/doc/api/v3_to_v4.md
+++ b/doc/api/v3_to_v4.md
@@ -59,3 +59,6 @@ changes are in V4:
 - Return 202 with JSON body on async removals on V4 API (DELETE `/projects/:id/repository/merged_branches` and DELETE `/projects/:id`) [!9449](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9449)
 - `projects/:id/milestones?iid[]=x&iid[]=y` array filter has been renamed to `iids` [!9096](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9096)
 - Return basic info about pipeline in `GET /projects/:id/pipelines` [!8875](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/8875)
+- Rename Build Triggers to be Pipeline Triggers API [!9713](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9713)
+  - `POST /projects/:id/trigger/builds` to `POST /projects/:id/trigger/pipeline`
+  - Require description when creating a new trigger `POST /projects/:id/triggers`
--- a/doc/ci/triggers/README.md
+++ b/doc/ci/triggers/README.md
@@ -36,7 +36,7 @@ it will not trigger a job.
 To trigger a job you need to send a `POST` request to GitLab's API endpoint:
 ```
-POST /projects/:id/trigger/builds
+POST /projects/:id/trigger/pipeline
 ```
 The required parameters are the trigger's `token` and the Git `ref` on which
@@ -71,7 +71,7 @@ To trigger a job from webhook of another project you need to add the following
 webhook url for Push and Tag push events:
 ```
-https://gitlab.example.com/api/v4/projects/:id/ref/:ref/trigger/builds?token=TOKEN
+https://gitlab.example.com/api/v4/projects/:id/ref/:ref/trigger/pipeline?token=TOKEN
 ```
 > **Note**:
@@ -105,7 +105,7 @@ Using cURL you can trigger a rebuild with minimal effort, for example:
 curl --request POST \
     --form token=TOKEN \
     --form ref=master \
-     https://gitlab.example.com/api/v4/projects/9/trigger/builds
+     https://gitlab.example.com/api/v4/projects/9/trigger/pipeline
 ```
 In this case, the project with ID `9` will get rebuilt on `master` branch.
@@ -114,7 +114,7 @@ Alternatively, you can pass the `token` and `ref` arguments in the query string:
 ```bash
 curl --request POST \
-    "https://gitlab.example.com/api/v4/projects/9/trigger/builds?token=TOKEN&ref=master"
+    "https://gitlab.example.com/api/v4/projects/9/trigger/pipeline?token=TOKEN&ref=master"
 ```
 ### Triggering a job within `.gitlab-ci.yml`
@@ -128,7 +128,7 @@ need to add in project's A `.gitlab-ci.yml`:
 build_docs:
  stage: deploy
  script:
-  - "curl --request POST --form token=TOKEN --form ref=master https://gitlab.example.com/api/v4/projects/9/trigger/builds"
+  - "curl --request POST --form token=TOKEN --form ref=master https://gitlab.example.com/api/v4/projects/9/trigger/pipeline"
  only:
  - tags
 ```
@@ -187,7 +187,7 @@ curl --request POST \
  --form token=TOKEN \
  --form ref=master \
  --form "variables[UPLOAD_TO_S3]=true" \
-  https://gitlab.example.com/api/v4/projects/9/trigger/builds
+  https://gitlab.example.com/api/v4/projects/9/trigger/pipeline
 ```
 ### Using webhook to trigger job
@@ -195,7 +195,7 @@ curl --request POST \
 You can add the following webhook to another project in order to trigger a job:
 ```
-https://gitlab.example.com/api/v4/projects/9/ref/master/trigger/builds?token=TOKEN&variables[UPLOAD_TO_S3]=true
+https://gitlab.example.com/api/v4/projects/9/ref/master/trigger/pipeline?token=TOKEN&variables[UPLOAD_TO_S3]=true
 ```
 ### Using cron to trigger nightly jobs
@@ -205,7 +205,7 @@ in conjunction with cron. The example below triggers a job on the `master`
 branch of project with ID `9` every night at `00:30`:
 ```bash
-30 0 * * * curl --request POST --form token=TOKEN --form ref=master https://gitlab.example.com/api/v4/projects/9/trigger/builds
+30 0 * * * curl --request POST --form token=TOKEN --form ref=master https://gitlab.example.com/api/v4/projects/9/trigger/pipeline
 ```
 [ci-229]: https://gitlab.com/gitlab-org/gitlab-ci/merge_requests/229
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -592,10 +592,6 @@ module API
      end
    end
-    class TriggerRequest < Grape::Entity
-      expose :id, :variables
-    end
    class Runner < Grape::Entity
      expose :id
      expose :description
@@ -643,7 +639,10 @@ module API
    end
    class Trigger < Grape::Entity
-      expose :token, :created_at, :updated_at, :deleted_at, :last_used
+      expose :id
+      expose :token, :description
+      expose :created_at, :updated_at, :deleted_at, :last_used
+      expose :owner, using: Entities::UserBasic
    end
    class Variable < Grape::Entity

--- a/lib/api/triggers.rb
+++ b/lib/api/triggers.rb
@@ -6,15 +6,15 @@ module API
      requires :id, type: String, desc: 'The ID of a project'
    end
    resource :projects do
-      desc 'Trigger a GitLab project build' do
+      desc 'Trigger a GitLab project pipeline' do
-        success Entities::TriggerRequest
+        success Entities::Pipeline
      end
      params do
        requires :ref, type: String, desc: 'The commit sha or name of a branch or tag'
        requires :token, type: String, desc: 'The unique token of trigger'
        optional :variables, type: Hash, desc: 'The list of variables to be injected into build'
      end
-      post ":id/(ref/:ref/)trigger/builds" do
+      post ":id/(ref/:ref/)trigger/pipeline" do
        project = find_project(params[:id])
        trigger = Ci::Trigger.find_by_token(params[:token].to_s)
        not_found! unless project && trigger
@@ -29,9 +29,9 @@ module API
        # create request and trigger builds
        trigger_request = Ci::CreateTriggerRequestService.new.execute(project, trigger, params[:ref].to_s, variables)
        if trigger_request
-          present trigger_request, with: Entities::TriggerRequest
+          present trigger_request.pipeline, with: Entities::Pipeline
        else
-          errors = 'No builds created'
+          errors = 'No pipeline created'
          render_api_error!(errors, 400)
        end
      end
@@ -55,13 +55,13 @@ module API
        success Entities::Trigger
      end
      params do
-        requires :token, type: String, desc: 'The unique token of trigger'
+        requires :trigger_id, type: Integer,  desc: 'The trigger ID'
      end
-      get ':id/triggers/:token' do
+      get ':id/triggers/:trigger_id' do
        authenticate!
        authorize! :admin_build, user_project
-        trigger = user_project.triggers.find_by(token: params[:token].to_s)
+        trigger = user_project.triggers.find(params.delete(:trigger_id))
        return not_found!('Trigger') unless trigger
        present trigger, with: Entities::Trigger
@@ -70,26 +70,76 @@ module API
      desc 'Create a trigger' do
        success Entities::Trigger
      end
+      params do
+        requires :description, type: String,  desc: 'The trigger description'
+      end
      post ':id/triggers' do
        authenticate!
        authorize! :admin_build, user_project
-        trigger = user_project.triggers.create
+        trigger = user_project.triggers.create(
+          declared_params(include_missing: false).merge(owner: current_user))
-        present trigger, with: Entities::Trigger
+        if trigger.valid?
+          present trigger, with: Entities::Trigger
+        else
+          render_validation_error!(trigger)
+        end
+      end
+      desc 'Update a trigger' do
+        success Entities::Trigger
+      end
+      params do
+        requires :trigger_id, type: Integer,  desc: 'The trigger ID'
+        optional :description, type: String,  desc: 'The trigger description'
+      end
+      put ':id/triggers/:trigger_id' do
+        authenticate!
+        authorize! :admin_build, user_project
+        trigger = user_project.triggers.find(params.delete(:trigger_id))
+        return not_found!('Trigger') unless trigger
+        if trigger.update(declared_params(include_missing: false))
+          present trigger, with: Entities::Trigger
+        else
+          render_validation_error!(trigger)
+        end
+      end
+      desc 'Take ownership of trigger' do
+        success Entities::Trigger
+      end
+      params do
+        requires :trigger_id, type: Integer,  desc: 'The trigger ID'
+      end
+      post ':id/triggers/:trigger_id/take_ownership' do
+        authenticate!
+        authorize! :admin_build, user_project
+        trigger = user_project.triggers.find(params.delete(:trigger_id))
+        return not_found!('Trigger') unless trigger
+        if trigger.update(owner: current_user)
+          status :ok
+          present trigger, with: Entities::Trigger
+        else
+          render_validation_error!(trigger)
+        end
      end
      desc 'Delete a trigger' do
        success Entities::Trigger
      end
      params do
-        requires :token, type: String, desc: 'The unique token of trigger'
+        requires :trigger_id, type: Integer,  desc: 'The trigger ID'
      end
-      delete ':id/triggers/:token' do
+      delete ':id/triggers/:trigger_id' do
        authenticate!
        authorize! :admin_build, user_project
-        trigger = user_project.triggers.find_by(token: params[:token].to_s)
+        trigger = user_project.triggers.find(params.delete(:trigger_id))
        return not_found!('Trigger') unless trigger
        trigger.destroy

--- a/lib/api/v3/entities.rb
+++ b/lib/api/v3/entities.rb
@@ -186,6 +186,15 @@ module API
      class Environment < ::API::Entities::EnvironmentBasic
        expose :project, using: Entities::Project
      end
+      class Trigger < Grape::Entity
+        expose :token, :created_at, :updated_at, :deleted_at, :last_used
+        expose :owner, using: ::API::Entities::UserBasic
+      end
+      class TriggerRequest < Grape::Entity
+        expose :id, :variables
+      end
    end
  end
 end
--- a/lib/api/v3/triggers.rb
+++ b/lib/api/v3/triggers.rb
@@ -7,8 +7,81 @@ module API
        requires :id, type: String, desc: 'The ID of a project'
      end
      resource :projects do
+        desc 'Trigger a GitLab project build' do
+          success ::API::V3::Entities::TriggerRequest
+        end
+        params do
+          requires :ref, type: String, desc: 'The commit sha or name of a branch or tag'
+          requires :token, type: String, desc: 'The unique token of trigger'
+          optional :variables, type: Hash, desc: 'The list of variables to be injected into build'
+        end
+        post ":id/(ref/:ref/)trigger/builds" do
+          project = find_project(params[:id])
+          trigger = Ci::Trigger.find_by_token(params[:token].to_s)
+          not_found! unless project && trigger
+          unauthorized! unless trigger.project == project
+          # validate variables
+          variables = params[:variables].to_h
+          unless variables.all? { |key, value| key.is_a?(String) && value.is_a?(String) }
+            render_api_error!('variables needs to be a map of key-valued strings', 400)
+          end
+          # create request and trigger builds
+          trigger_request = Ci::CreateTriggerRequestService.new.execute(project, trigger, params[:ref].to_s, variables)
+          if trigger_request
+            present trigger_request, with: ::API::V3::Entities::TriggerRequest
+          else
+            errors = 'No builds created'
+            render_api_error!(errors, 400)
+          end
+        end
+        desc 'Get triggers list' do
+          success ::API::V3::Entities::Trigger
+        end
+        params do
+          use :pagination
+        end
+        get ':id/triggers' do
+          authenticate!
+          authorize! :admin_build, user_project
+          triggers = user_project.triggers.includes(:trigger_requests)
+          present paginate(triggers), with: ::API::V3::Entities::Trigger
+        end
+        desc 'Get specific trigger of a project' do
+          success ::API::V3::Entities::Trigger
+        end
+        params do
+          requires :token, type: String, desc: 'The unique token of trigger'
+        end
+        get ':id/triggers/:token' do
+          authenticate!
+          authorize! :admin_build, user_project
+          trigger = user_project.triggers.find_by(token: params[:token].to_s)
+          return not_found!('Trigger') unless trigger
+          present trigger, with: ::API::V3::Entities::Trigger
+        end
+        desc 'Create a trigger' do
+          success ::API::V3::Entities::Trigger
+        end
+        post ':id/triggers' do
+          authenticate!
+          authorize! :admin_build, user_project
+          trigger = user_project.triggers.create
+          present trigger, with: ::API::V3::Entities::Trigger
+        end
        desc 'Delete a trigger' do
-          success ::API::Entities::Trigger
+          success ::API::V3::Entities::Trigger
        end
        params do
          requires :token, type: String, desc: 'The unique token of trigger'
@@ -22,7 +95,7 @@ module API
          trigger.destroy
-          present trigger, with: ::API::Entities::Trigger
+          present trigger, with: ::API::V3::Entities::Trigger
        end
      end
    end

--- a/spec/lib/gitlab/import_export/all_models.yml
+++ b/spec/lib/gitlab/import_export/all_models.yml
@@ -97,6 +97,7 @@ variables:
 triggers:
 - project
 - trigger_requests
+- owner
 deploy_keys:
 - user
 - deploy_keys_projects

--- a/spec/lib/gitlab/import_export/safe_model_attributes.yml
+++ b/spec/lib/gitlab/import_export/safe_model_attributes.yml
@@ -240,6 +240,8 @@ Ci::Trigger:
 - created_at
 - updated_at
 - gl_project_id
+- owner_id
+- description
 DeployKey:
 - id
 - user_id

--- a/spec/models/ci/trigger_spec.rb
+++ b/spec/models/ci/trigger_spec.rb
 require 'spec_helper'
 describe Ci::Trigger, models: true do
-  let(:project) { FactoryGirl.create :empty_project }
+  let(:project) { create :empty_project }
+  describe 'associations' do
+    it { is_expected.to belong_to(:project) }
+    it { is_expected.to belong_to(:owner) }
+    it { is_expected.to have_many(:trigger_requests) }
+  end
  describe 'before_validation' do
    it 'sets an random token if none provided' do
-      trigger = FactoryGirl.create :ci_trigger_without_token, project: project
+      trigger = create(:ci_trigger_without_token, project: project)
      expect(trigger.token).not_to be_nil
    end
    it 'does not set an random token if one provided' do
-      trigger = FactoryGirl.create :ci_trigger, project: project
+      trigger = create(:ci_trigger, project: project)
      expect(trigger.token).to eq('token')
    end
  end

--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -32,6 +32,7 @@ describe User, models: true do
    it { is_expected.to have_many(:spam_logs).dependent(:destroy) }
    it { is_expected.to have_many(:todos).dependent(:destroy) }
    it { is_expected.to have_many(:award_emoji).dependent(:destroy) }
+    it { is_expected.to have_many(:triggers).dependent(:destroy) }
    it { is_expected.to have_many(:builds).dependent(:nullify) }
    it { is_expected.to have_many(:pipelines).dependent(:nullify) }
    it { is_expected.to have_many(:chat_names).dependent(:destroy) }

--- a/spec/requests/api/triggers_spec.rb
+++ b/spec/requests/api/triggers_spec.rb
@@ -14,7 +14,7 @@ describe API::Triggers do
  let!(:trigger2) { create(:ci_trigger, project: project, token: trigger_token_2) }
  let!(:trigger_request) { create(:ci_trigger_request, trigger: trigger, created_at: '2015-01-01 12:13:14') }
-  describe 'POST /projects/:project_id/trigger' do
+  describe 'POST /projects/:project_id/trigger/pipeline' do
    let!(:project2) { create(:project) }
    let(:options) do
      {
@@ -28,17 +28,20 @@ describe API::Triggers do
    context 'Handles errors' do
      it 'returns bad request if token is missing' do
-        post api("/projects/#{project.id}/trigger/builds"), ref: 'master'
+        post api("/projects/#{project.id}/trigger/pipeline"), ref: 'master'
        expect(response).to have_http_status(400)
      end
      it 'returns not found if project is not found' do
-        post api('/projects/0/trigger/builds'), options.merge(ref: 'master')
+        post api('/projects/0/trigger/pipeline'), options.merge(ref: 'master')
        expect(response).to have_http_status(404)
      end
      it 'returns unauthorized if token is for different project' do
-        post api("/projects/#{project2.id}/trigger/builds"), options.merge(ref: 'master')
+        post api("/projects/#{project2.id}/trigger/pipeline"), options.merge(ref: 'master')
        expect(response).to have_http_status(401)
      end
    end
@@ -46,9 +49,11 @@ describe API::Triggers do
    context 'Have a commit' do
      let(:pipeline) { project.pipelines.last }
-      it 'creates builds' do
+      it 'creates pipeline' do
-        post api("/projects/#{project.id}/trigger/builds"), options.merge(ref: 'master')
+        post api("/projects/#{project.id}/trigger/pipeline"), options.merge(ref: 'master')
        expect(response).to have_http_status(201)
+        expect(json_response).to include('id' => pipeline.id)
        pipeline.builds.reload
        expect(pipeline.builds.pending.size).to eq(2)
        expect(pipeline.builds.size).to eq(5)
@@ -56,15 +61,17 @@ describe API::Triggers do
      it 'creates builds on webhook from other gitlab repository and branch' do
        expect do
-          post api("/projects/#{project.id}/ref/master/trigger/builds?token=#{trigger_token}"), { ref: 'refs/heads/other-branch' }
+          post api("/projects/#{project.id}/ref/master/trigger/pipeline?token=#{trigger_token}"), { ref: 'refs/heads/other-branch' }
        end.to change(project.builds, :count).by(5)
        expect(response).to have_http_status(201)
      end
-      it 'returns bad request with no builds created if there\'s no commit for that ref' do
+      it 'returns bad request with no pipeline created if there\'s no commit for that ref' do
-        post api("/projects/#{project.id}/trigger/builds"), options.merge(ref: 'other-branch')
+        post api("/projects/#{project.id}/trigger/pipeline"), options.merge(ref: 'other-branch')
        expect(response).to have_http_status(400)
-        expect(json_response['message']).to eq('No builds created')
+        expect(json_response['message']).to eq('No pipeline created')
      end
      context 'Validates variables' do
@@ -73,22 +80,24 @@ describe API::Triggers do
        end
        it 'validates variables to be a hash' do
-          post api("/projects/#{project.id}/trigger/builds"), options.merge(variables: 'value', ref: 'master')
+          post api("/projects/#{project.id}/trigger/pipeline"), options.merge(variables: 'value', ref: 'master')
          expect(response).to have_http_status(400)
          expect(json_response['error']).to eq('variables is invalid')
        end
        it 'validates variables needs to be a map of key-valued strings' do
-          post api("/projects/#{project.id}/trigger/builds"), options.merge(variables: { key: %w(1 2) }, ref: 'master')
+          post api("/projects/#{project.id}/trigger/pipeline"), options.merge(variables: { key: %w(1 2) }, ref: 'master')
          expect(response).to have_http_status(400)
          expect(json_response['message']).to eq('variables needs to be a map of key-valued strings')
        end
        it 'creates trigger request with variables' do
-          post api("/projects/#{project.id}/trigger/builds"), options.merge(variables: variables, ref: 'master')
+          post api("/projects/#{project.id}/trigger/pipeline"), options.merge(variables: variables, ref: 'master')
          expect(response).to have_http_status(201)
-          pipeline.builds.reload
+          expect(pipeline.builds.reload.first.trigger_request.variables).to eq(variables)
-          expect(pipeline.builds.first.trigger_request.variables).to eq(variables)
        end
      end
    end
@@ -123,17 +132,17 @@ describe API::Triggers do
    end
  end
-  describe 'GET /projects/:id/triggers/:token' do
+  describe 'GET /projects/:id/triggers/:trigger_id' do
    context 'authenticated user with valid permissions' do
      it 'returns trigger details' do
-        get api("/projects/#{project.id}/triggers/#{trigger.token}", user)
+        get api("/projects/#{project.id}/triggers/#{trigger.id}", user)
        expect(response).to have_http_status(200)
        expect(json_response).to be_a(Hash)
      end
      it 'responds with 404 Not Found if requesting non-existing trigger' do
-        get api("/projects/#{project.id}/triggers/abcdef012345", user)
+        get api("/projects/#{project.id}/triggers/-5", user)
        expect(response).to have_http_status(404)
      end
@@ -141,7 +150,7 @@ describe API::Triggers do
    context 'authenticated user with invalid permissions' do
      it 'does not return triggers list' do
-        get api("/projects/#{project.id}/triggers/#{trigger.token}", user2)
+        get api("/projects/#{project.id}/triggers/#{trigger.id}", user2)
        expect(response).to have_http_status(403)
      end
@@ -149,7 +158,7 @@ describe API::Triggers do
    context 'unauthenticated user' do
      it 'does not return triggers list' do
-        get api("/projects/#{project.id}/triggers/#{trigger.token}")
+        get api("/projects/#{project.id}/triggers/#{trigger.id}")
        expect(response).to have_http_status(401)
      end
@@ -158,19 +167,31 @@ describe API::Triggers do
  describe 'POST /projects/:id/triggers' do
    context 'authenticated user with valid permissions' do
-      it 'creates trigger' do
+      context 'with required parameters' do
-        expect do
+        it 'creates trigger' do
+          expect do
+            post api("/projects/#{project.id}/triggers", user),
+              description: 'trigger'
+          end.to change{project.triggers.count}.by(1)
+          expect(response).to have_http_status(201)
+          expect(json_response).to include('description' => 'trigger')
+        end
+      end
+      context 'without required parameters' do
+        it 'does not create trigger' do
          post api("/projects/#{project.id}/triggers", user)
-        end.to change{project.triggers.count}.by(1)
-        expect(response).to have_http_status(201)
+          expect(response).to have_http_status(:bad_request)
-        expect(json_response).to be_a(Hash)
+        end
      end
    end
    context 'authenticated user with invalid permissions' do
      it 'does not create trigger' do
-        post api("/projects/#{project.id}/triggers", user2)
+        post api("/projects/#{project.id}/triggers", user2),
+          description: 'trigger'
        expect(response).to have_http_status(403)
      end
@@ -178,25 +199,87 @@ describe API::Triggers do
    context 'unauthenticated user' do
      it 'does not create trigger' do
-        post api("/projects/#{project.id}/triggers")
+        post api("/projects/#{project.id}/triggers"),
+          description: 'trigger'
+        expect(response).to have_http_status(401)
+      end
+    end
+  end
+  describe 'PUT /projects/:id/triggers/:trigger_id' do
+    context 'authenticated user with valid permissions' do
+      let(:new_description) { 'new description' }
+      it 'updates description' do
+        put api("/projects/#{project.id}/triggers/#{trigger.id}", user),
+          description: new_description
+        expect(response).to have_http_status(200)
+        expect(json_response).to include('description' => new_description)
+        expect(trigger.reload.description).to eq(new_description)
+      end
+    end
+    context 'authenticated user with invalid permissions' do
+      it 'does not update trigger' do
+        put api("/projects/#{project.id}/triggers/#{trigger.id}", user2)
+        expect(response).to have_http_status(403)
+      end
+    end
+    context 'unauthenticated user' do
+      it 'does not update trigger' do
+        put api("/projects/#{project.id}/triggers/#{trigger.id}")
+        expect(response).to have_http_status(401)
+      end
+    end
+  end
+  describe 'POST /projects/:id/triggers/:trigger_id/take_ownership' do
+    context 'authenticated user with valid permissions' do
+      it 'updates owner' do
+        expect(trigger.owner).to be_nil
+        post api("/projects/#{project.id}/triggers/#{trigger.id}/take_ownership", user)
+        expect(response).to have_http_status(200)
+        expect(json_response).to include('owner')
+        expect(trigger.reload.owner).to eq(user)
+      end
+    end
+    context 'authenticated user with invalid permissions' do
+      it 'does not update owner' do
+        post api("/projects/#{project.id}/triggers/#{trigger.id}/take_ownership", user2)
+        expect(response).to have_http_status(403)
+      end
+    end
+    context 'unauthenticated user' do
+      it 'does not update owner' do
+        post api("/projects/#{project.id}/triggers/#{trigger.id}/take_ownership")
        expect(response).to have_http_status(401)
      end
    end
  end
-  describe 'DELETE /projects/:id/triggers/:token' do
+  describe 'DELETE /projects/:id/triggers/:trigger_id' do
    context 'authenticated user with valid permissions' do
      it 'deletes trigger' do
        expect do
-          delete api("/projects/#{project.id}/triggers/#{trigger.token}", user)
+          delete api("/projects/#{project.id}/triggers/#{trigger.id}", user)
          expect(response).to have_http_status(204)
        end.to change{project.triggers.count}.by(-1)
      end
      it 'responds with 404 Not Found if requesting non-existing trigger' do
-        delete api("/projects/#{project.id}/triggers/abcdef012345", user)
+        delete api("/projects/#{project.id}/triggers/-5", user)
        expect(response).to have_http_status(404)
      end
@@ -204,7 +287,7 @@ describe API::Triggers do
    context 'authenticated user with invalid permissions' do
      it 'does not delete trigger' do
-        delete api("/projects/#{project.id}/triggers/#{trigger.token}", user2)
+        delete api("/projects/#{project.id}/triggers/#{trigger.id}", user2)
        expect(response).to have_http_status(403)
      end
@@ -212,7 +295,7 @@ describe API::Triggers do
    context 'unauthenticated user' do
      it 'does not delete trigger' do
-        delete api("/projects/#{project.id}/triggers/#{trigger.token}")
+        delete api("/projects/#{project.id}/triggers/#{trigger.id}")
        expect(response).to have_http_status(401)
      end

--- a/spec/requests/api/v3/triggers_spec.rb
+++ b/spec/requests/api/v3/triggers_spec.rb
@@ -11,6 +11,177 @@ describe API::V3::Triggers do
  let!(:developer) { create(:project_member, :developer, user: user2, project: project) }
  let!(:trigger) { create(:ci_trigger, project: project, token: trigger_token) }
+  describe 'POST /projects/:project_id/trigger' do
+    let!(:project2) { create(:project) }
+    let(:options) do
+      {
+        token: trigger_token
+      }
+    end
+    before do
+      stub_ci_pipeline_to_return_yaml_file
+    end
+    context 'Handles errors' do
+      it 'returns bad request if token is missing' do
+        post v3_api("/projects/#{project.id}/trigger/builds"), ref: 'master'
+        expect(response).to have_http_status(400)
+      end
+      it 'returns not found if project is not found' do
+        post v3_api('/projects/0/trigger/builds'), options.merge(ref: 'master')
+        expect(response).to have_http_status(404)
+      end
+      it 'returns unauthorized if token is for different project' do
+        post v3_api("/projects/#{project2.id}/trigger/builds"), options.merge(ref: 'master')
+        expect(response).to have_http_status(401)
+      end
+    end
+    context 'Have a commit' do
+      let(:pipeline) { project.pipelines.last }
+      it 'creates builds' do
+        post v3_api("/projects/#{project.id}/trigger/builds"), options.merge(ref: 'master')
+        expect(response).to have_http_status(201)
+        pipeline.builds.reload
+        expect(pipeline.builds.pending.size).to eq(2)
+        expect(pipeline.builds.size).to eq(5)
+      end
+      it 'creates builds on webhook from other gitlab repository and branch' do
+        expect do
+          post v3_api("/projects/#{project.id}/ref/master/trigger/builds?token=#{trigger_token}"), { ref: 'refs/heads/other-branch' }
+        end.to change(project.builds, :count).by(5)
+        expect(response).to have_http_status(201)
+      end
+      it 'returns bad request with no builds created if there\'s no commit for that ref' do
+        post v3_api("/projects/#{project.id}/trigger/builds"), options.merge(ref: 'other-branch')
+        expect(response).to have_http_status(400)
+        expect(json_response['message']).to eq('No builds created')
+      end
+      context 'Validates variables' do
+        let(:variables) do
+          { 'TRIGGER_KEY' => 'TRIGGER_VALUE' }
+        end
+        it 'validates variables to be a hash' do
+          post v3_api("/projects/#{project.id}/trigger/builds"), options.merge(variables: 'value', ref: 'master')
+          expect(response).to have_http_status(400)
+          expect(json_response['error']).to eq('variables is invalid')
+        end
+        it 'validates variables needs to be a map of key-valued strings' do
+          post v3_api("/projects/#{project.id}/trigger/builds"), options.merge(variables: { key: %w(1 2) }, ref: 'master')
+          expect(response).to have_http_status(400)
+          expect(json_response['message']).to eq('variables needs to be a map of key-valued strings')
+        end
+        it 'creates trigger request with variables' do
+          post v3_api("/projects/#{project.id}/trigger/builds"), options.merge(variables: variables, ref: 'master')
+          expect(response).to have_http_status(201)
+          pipeline.builds.reload
+          expect(pipeline.builds.first.trigger_request.variables).to eq(variables)
+        end
+      end
+    end
+  end
+  describe 'GET /projects/:id/triggers' do
+    context 'authenticated user with valid permissions' do
+      it 'returns list of triggers' do
+        get v3_api("/projects/#{project.id}/triggers", user)
+        expect(response).to have_http_status(200)
+        expect(response).to include_pagination_headers
+        expect(json_response).to be_a(Array)
+        expect(json_response[0]).to have_key('token')
+      end
+    end
+    context 'authenticated user with invalid permissions' do
+      it 'does not return triggers list' do
+        get v3_api("/projects/#{project.id}/triggers", user2)
+        expect(response).to have_http_status(403)
+      end
+    end
+    context 'unauthenticated user' do
+      it 'does not return triggers list' do
+        get v3_api("/projects/#{project.id}/triggers")
+        expect(response).to have_http_status(401)
+      end
+    end
+  end
+  describe 'GET /projects/:id/triggers/:token' do
+    context 'authenticated user with valid permissions' do
+      it 'returns trigger details' do
+        get v3_api("/projects/#{project.id}/triggers/#{trigger.token}", user)
+        expect(response).to have_http_status(200)
+        expect(json_response).to be_a(Hash)
+      end
+      it 'responds with 404 Not Found if requesting non-existing trigger' do
+        get v3_api("/projects/#{project.id}/triggers/abcdef012345", user)
+        expect(response).to have_http_status(404)
+      end
+    end
+    context 'authenticated user with invalid permissions' do
+      it 'does not return triggers list' do
+        get v3_api("/projects/#{project.id}/triggers/#{trigger.token}", user2)
+        expect(response).to have_http_status(403)
+      end
+    end
+    context 'unauthenticated user' do
+      it 'does not return triggers list' do
+        get v3_api("/projects/#{project.id}/triggers/#{trigger.token}")
+        expect(response).to have_http_status(401)
+      end
+    end
+  end
+  describe 'POST /projects/:id/triggers' do
+    context 'authenticated user with valid permissions' do
+      it 'creates trigger' do
+        expect do
+          post v3_api("/projects/#{project.id}/triggers", user)
+        end.to change{project.triggers.count}.by(1)
+        expect(response).to have_http_status(201)
+        expect(json_response).to be_a(Hash)
+      end
+    end
+    context 'authenticated user with invalid permissions' do
+      it 'does not create trigger' do
+        post v3_api("/projects/#{project.id}/triggers", user2)
+        expect(response).to have_http_status(403)
+      end
+    end
+    context 'unauthenticated user' do
+      it 'does not create trigger' do
+        post v3_api("/projects/#{project.id}/triggers")
+        expect(response).to have_http_status(401)
+      end
+    end
+  end
  describe 'DELETE /projects/:id/triggers/:token' do
    context 'authenticated user with valid permissions' do
      it 'deletes trigger' do

--- a/spec/services/ci/create_trigger_request_service_spec.rb
+++ b/spec/services/ci/create_trigger_request_service_spec.rb
@@ -13,8 +13,22 @@ describe Ci::CreateTriggerRequestService, services: true do
    context 'valid params' do
      subject { service.execute(project, trigger, 'master') }
-      it { expect(subject).to be_kind_of(Ci::TriggerRequest) }
+      context 'without owner' do
-      it { expect(subject.builds.first).to be_kind_of(Ci::Build) }
+        it { expect(subject).to be_kind_of(Ci::TriggerRequest) }
+        it { expect(subject.pipeline).to be_kind_of(Ci::Pipeline) }
+        it { expect(subject.builds.first).to be_kind_of(Ci::Build) }
+      end
+      context 'with owner' do
+        let(:owner) { create(:user) }
+        let(:trigger) { create(:ci_trigger, project: project, owner: owner) }
+        it { expect(subject).to be_kind_of(Ci::TriggerRequest) }
+        it { expect(subject.pipeline).to be_kind_of(Ci::Pipeline) }
+        it { expect(subject.pipeline.user).to eq(owner) }
+        it { expect(subject.builds.first).to be_kind_of(Ci::Build) }
+        it { expect(subject.builds.first.user).to eq(owner) }
+      end
    end
    context 'no commit for ref' do