This includes a set of APIs to manipulate container registry.
This includes also an ability to delete tags based on requested
criteria, like keep-last-n, matching-name, older-than.

Signed-off-by: NRémy Coutable <remy@rymai.me>

Check if `X-Forwarded-For` is set before getting the IP of the request,
with this the real IP address of the runner is shown if it's behind a
proxy.

closes https://gitlab.com/gitlab-org/gitlab-ce/issues/53676

This is to match `git branch -D <branchname>`

Signed-off-by: NRémy Coutable <remy@rymai.me>

In https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/15475/diffs, a
significant amount of work went into eliminating N+1 queries in the
/api/groups/:id/projects endpoint. We can reuse the
`Entities::Project.prepare_relation` call on the projects.

In a group with 2,573 projects on GitLab.com, this change significantly
improves performance:

* 18019 SQL queries down to 21
* Time spent in DB: 70 s down to 384 ms

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/49845

Currently if a project is inside a nested group and a user doesn't have
specific permissions for that group but does have permissions on a
parent group the `GET /projects/:id` API call will return the following
permissions:

```json
permissions: { project_access: null, group_access: null }
```

It could also happen that the group specific permissions are of lower
level than the ones the user has in parent groups. This patch makes it
so that the permission returned for `group_access` is the highest from
amongst the hierarchy, which is (ostensibly) the information that the
API user is interested in for that field.

For features the feature gates are sometimes projects, not groups or
users. For example for git object pools:
https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/5872

This commit allows for setting feature group gates based on projects, by its
path as that seems most convenient.

We introduced releases_page feature flag.
Given this feature is deemed stable, we should remove
this flag before 19th.

Modifies authorize! method to accept a third param, and then use it in
combination with 'add_cluster' policy to appropriately restrict adding
multiple clusters

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/56110

`project.latest_successful_builds_for(ref)` is being used to find a
single job all the time. This results into us having to call `find_by`
inside of the controller which violates our CodeReuse/ActiveRecord
rubocop rule.

Refactor `project.latest_successful_builds_for(ref)` to
`project.latest_successful_build_for(job_name, ref)` which will execute
the `find_by` inside of the model.

Also create `project.latest_successful_build_for!(job_name, ref)` which
raises an exception instead of returning nil.

This adds `project:, file:, ref:` specification support.

As mentioned in
https://gitlab.com/gitlab-org/gitlab-ee/issues/9035#note_129093444,
Rails 5 switched ActionDispatch::Request so that it no longer inherits
Rack::Request directly. A middleware that uses Rack::Request to
read the environment may see stale request parameters if
another middleware modifies the environment via ActionDispatch::Request.
To be safe, we should be using ActionDispatch::Request everywhere.

Add tests for the API and add a couple of tests

Add

revert

revert

Authorize against release not project

Also changes old calls to the service

Adds the following initial CRUD endpoints for Clusters API:

- GET list of clusters
- GET specific cluster
- POST add existing cluster (mimic of "Add cluster")
- PUT update cluser
- DELETE destroy cluster

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/40473

Fix coding style

Improve coding style

Decouple UPDATE and DELETE operations of asset links

Rename links_attributes to assets:links

Rename exposed param and updated spec

- Add Releases::Links model
- Expose it in release API
- Add integration tests

This commits adds a new class that is supposed to represent Grape API
version, like `v3` or `v4`.

gitlab-org/gitlab-shell!166 added support for collecting push options
from the environment, and passing them along to the
/internal/post_receive API endpoint.

This change handles the new push_options JSON element in the payload,
and passes them on through to the GitPushService and GitTagPushService
services.

Futhermore, it adds support for the first push option, ci.skip.  With
this change, one can use 'git push -o ci.skip' to skip CI pipe
execution. Note that the pipeline is still created, but in the "skipped"
state, just like with the 'ci skip' commit message text.

Implements #18667

Add spec for all release API - GET, POST, PUT, DELETE.
Also, fixes some minior bugs.

Introduce DELETE endpoint in Release API

CreateReleaseService and UpdateReleaseService now takes all the release
attributes as constructor parameters. This will simplify attribute
expansion

This commit introduces Releases API under /api/v4/projects/:id/releases

* We are introducing release policies at project level.
* We are deprecating releases changes from tags, both api and web
interface.
* Tags::CreateService no longer create a release

This feature is controlled by :releases_page feature flag

47d4890d changed the order of pagination so that the full list of
branches would be passed to Gitaly to determine which ones had been
merged, but this operation can timeout for large repositories with
many branches. We only need to determine whether the found branches have
been merged, so limit the scan to those.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/55724