The UI allows to define a token to validate payload on the target URL,
this patch adds the feature to the API.

When we updated gitlab_git to 10.4.1, `tag.target` changed from pointing
to the sha of the tag to the sha of the commit the tag points to. The
problem is that only annotated tags have `object_sha`s, lightweight tags
don't (it's nil), so (only) in their case we still need to use
`tag.target`.

  - Includes documentation and tests

This will allow the Koding app to enable the integration itself once is has authorized an admin user using the application secrets.

add pipeline ref, sha, and status to the build API response

add tests of build API (pipeline data)

change API documentation for builds API

log change to builds API in CHANGELOG

CHANGELOG: add reference to pull request and contributor's name

Signed-off-by: NDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Signed-off-by: NRémy Coutable <remy@rymai.me>

Groups can enable/disable LFS, but this setting can be overridden at the project level. Admin only

- Required on the GitLab Rails side is mostly authentication and API related.

Use NotificationSetting::EMAIL_EVENTS for params

Fixes #20456.

This allows web hooks to have a URL back to entities without having to
generate it themselves.

Signed-off-by: NDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

1. Change a few incorrect `access_level` to `access_levels.first` that
   were missed in e805a647.

2. `API::Entities` can iterate over all access levels instead of just
   the first one. This makes no difference to CE, and makes it more compatible
   with EE.

!581 has a lot of changes that would cause merge conflicts if not
properly backported to CE. This commit/MR serves as a better
foundation for gitlab-org/gitlab-ee!581.

= Changes =

1. Move from `has_one {merge,push}_access_level` to `has_many`, with the
   `length` of the association limited to `1`. This is _effectively_ a
   `has_one` association, but should cause less conflicts with EE, which
   is set to `has_many`. This has a number of related changes in the
   views, specs, and factories.

2. Make `gon` variable loading more consistent (with EE!581) in the
   `ProtectedBranchesController`. Also use `::` to prefix the
   `ProtectedBranches` services, because this is required in EE.

3. Extract a `ProtectedBranchAccess` concern from the two access level
   models. This concern only has a single `humanize` method here, but
   will have more methods in EE.

4. Add `form_errors` to the protected branches creation form. This is
   not strictly required for EE compatibility, but was an oversight
   nonetheless.

Signed-off-by: NDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

The performance was greatly improved by removing two N+1 queries issues
for each endpoint.

For comparison:

1. `GET /projects/:id/members`

With two N+1 queries issues (one was already fxed in the following
snippet):

```
  ProjectMember Load (0.2ms)  SELECT "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND "members"."requested_at" IS
NULL  ORDER BY "members"."id" DESC  [["source_type", "Project"],
["source_id", 1], ["source_type", "Project"]]
  User Load (0.5ms)  SELECT "users".* FROM "users" WHERE "users"."id" IN
(5, 22, 16, 13)  ORDER BY "users"."id" DESC
  ActiveRecord::SchemaMigration Load (0.2ms)  SELECT
"schema_migrations".* FROM "schema_migrations"
  ProjectMember Load (0.3ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND "members"."requested_at" IS
NULL AND "members"."user_id" = $4  ORDER BY "members"."id" DESC LIMIT 1
[["source_type", "Project"], ["source_id", 1], ["source_type",
"Project"], ["user_id", 5]]
  ProjectMember Load (0.3ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND "members"."requested_at" IS
NULL AND "members"."user_id" = $4  ORDER BY "members"."id" DESC LIMIT 1
[["source_type", "Project"], ["source_id", 1], ["source_type",
"Project"], ["user_id", 22]]
  ProjectMember Load (0.3ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND "members"."requested_at" IS
NULL AND "members"."user_id" = $4  ORDER BY "members"."id" DESC LIMIT 1
[["source_type", "Project"], ["source_id", 1], ["source_type",
"Project"], ["user_id", 16]]
  ProjectMember Load (0.3ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND "members"."requested_at" IS
NULL AND "members"."user_id" = $4  ORDER BY "members"."id" DESC LIMIT 1
[["source_type", "Project"], ["source_id", 1], ["source_type",
"Project"], ["user_id", 13]]
```

Without the N+1 queries issues:

```
  ProjectMember Load (0.3ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND "members"."requested_at" IS
NULL  ORDER BY "members"."id" DESC LIMIT 20 OFFSET 0  [["source_type",
"Project"], ["source_id", 1], ["source_type", "Project"]]
  User Load (0.5ms)  SELECT "users".* FROM "users" WHERE "users"."id" IN
(5, 22, 16, 13)  ORDER BY "users"."id" DESC
```

2. `GET /projects/:id/access_requests`

With two N+1 queries issues:

```
  ProjectMember Load (0.3ms)  SELECT "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND ("members"."requested_at" IS
NOT NULL)  ORDER BY "members"."id" DESC  [["source_type", "Project"],
["source_id", 8], ["source_type", "Project"]]
  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" =
$1  ORDER BY "users"."id" DESC LIMIT 1  [["id", 24]]
  User Load (0.1ms)  SELECT  "users".* FROM "users" WHERE "users"."id" =
$1  ORDER BY "users"."id" DESC LIMIT 1  [["id", 23]]
  ActiveRecord::SchemaMigration Load (0.2ms)  SELECT
"schema_migrations".* FROM "schema_migrations"
  ProjectMember Load (0.1ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND ("members"."requested_at" IS
NOT NULL) AND "members"."user_id" = $4  ORDER BY "members"."id" DESC
LIMIT 1  [["source_type", "Project"], ["source_id", 8], ["source_type",
"Project"], ["user_id", 24]]
  ProjectMember Load (0.2ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND ("members"."requested_at" IS
NOT NULL) AND "members"."user_id" = $4  ORDER BY "members"."id" DESC
LIMIT 1  [["source_type", "Project"], ["source_id", 8], ["source_type",
"Project"], ["user_id", 23]]
```

Without the N+1 queries issues:

```
  ProjectMember Load (0.3ms)  SELECT  "members".* FROM "members" WHERE
"members"."source_type" = $1 AND "members"."type" IN ('ProjectMember')
AND "members"."source_id" = $2 AND "members"."source_type" = $3 AND
"members"."type" IN ('ProjectMember') AND ("members"."requested_at" IS
NOT NULL)  ORDER BY "members"."id" DESC LIMIT 20 OFFSET 0
[["source_type", "Project"], ["source_id", 8], ["source_type",
"Project"]]
  User Load (0.5ms)  SELECT "users".* FROM "users" WHERE "users"."id" IN
(24, 23)  ORDER BY "users"."id" DESC
```
Signed-off-by: NRémy Coutable <remy@rymai.me>

Also, mutualize AccessRequests and Members endpoints for Group &
Project.
New API documentation for the AccessRequests endpoints.
Signed-off-by: NRémy Coutable <remy@rymai.me>

Signed-off-by: NDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

So we have raw_diffs too

Closes #20115