BigW Consortium Gitlab
Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gitlab-ce
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Forest Godfrey
gitlab-ce
Commits
09f41048
Commit
09f41048
authored
Jun 01, 2018
by
Mayra Cabrera
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch '11-0-stable-prepare-rc1' into '11-0-stable'
Prepare 11.0 RC1 release See merge request gitlab-org/gitlab-ce!19321
parents
e206e328
60f8ee66
Show whitespace changes
Inline
Side-by-side
Showing
20 changed files
with
196 additions
and
56 deletions
+196
-56
.gitlab-ci.yml
.gitlab-ci.yml
+3
-3
.ruby-version
.ruby-version
+1
-1
kubernetes.rb
app/models/clusters/platforms/kubernetes.rb
+2
-2
gcp.rb
app/models/clusters/providers/gcp.rb
+1
-1
cacheable_attributes.rb
app/models/concerns/cacheable_attributes.rb
+29
-9
has_variable.rb
app/models/concerns/has_variable.rb
+1
-1
pages_domain.rb
app/models/pages_domain.rb
+1
-1
project_import_data.rb
app/models/project_import_data.rb
+1
-1
remote_mirror.rb
app/models/remote_mirror.rb
+1
-1
register_job_service.rb
app/services/ci/register_job_service.rb
+4
-1
01_secret_token.rb
config/initializers/01_secret_token.rb
+3
-0
settings.rb
config/settings.rb
+4
-0
20160302152808_remove_wrong_import_url_from_projects.rb
...e/20160302152808_remove_wrong_import_url_from_projects.rb
+1
-1
20171124104327_migrate_kubernetes_service_to_new_clusters_architectures.rb
...grate_kubernetes_service_to_new_clusters_architectures.rb
+1
-1
installation.md
doc/install/installation.md
+3
-3
feature.rb
lib/feature.rb
+8
-1
secret_token_spec.rb
spec/initializers/secret_token_spec.rb
+1
-1
feature_spec.rb
spec/lib/feature_spec.rb
+24
-0
cacheable_attributes_spec.rb
spec/models/concerns/cacheable_attributes_spec.rb
+104
-27
has_variable_spec.rb
spec/models/concerns/has_variable_spec.rb
+3
-1
No files found.
.gitlab-ci.yml
View file @
09f41048
image
:
"
dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.
3.7
-golang-1.9-git-2.17-chrome-65.0-node-8.x-yarn-1.2-postgresql-9.6"
image
:
"
dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.
4.4
-golang-1.9-git-2.17-chrome-65.0-node-8.x-yarn-1.2-postgresql-9.6"
.dedicated-runner
:
&dedicated-runner
retry
:
1
...
...
@@ -6,7 +6,7 @@ image: "dev.gitlab.org:5005/gitlab/gitlab-build-images:ruby-2.3.7-golang-1.9-git
-
gitlab-org
.default-cache
:
&default-cache
key
:
"
ruby-2.
3.7
-debian-stretch-with-yarn"
key
:
"
ruby-2.
4.4
-debian-stretch-with-yarn"
paths
:
-
vendor/ruby
-
.yarn-cache/
...
...
@@ -550,7 +550,7 @@ static-analysis:
script
:
-
scripts/static-analysis
cache
:
key
:
"
ruby-2.
3.7
-debian-stretch-with-yarn-and-rubocop"
key
:
"
ruby-2.
4.4
-debian-stretch-with-yarn-and-rubocop"
paths
:
-
vendor/ruby
-
.yarn-cache/
...
...
.ruby-version
View file @
09f41048
2.
3.7
2.
4.4
app/models/clusters/platforms/kubernetes.rb
View file @
09f41048
...
...
@@ -11,12 +11,12 @@ module Clusters
attr_encrypted
:password
,
mode: :per_attribute_iv
,
key:
Gitlab
::
Application
.
secrets
.
db_key_base
,
key:
Settings
.
attr_encrypted_
db_key_base
,
algorithm:
'aes-256-cbc'
attr_encrypted
:token
,
mode: :per_attribute_iv
,
key:
Gitlab
::
Application
.
secrets
.
db_key_base
,
key:
Settings
.
attr_encrypted_
db_key_base
,
algorithm:
'aes-256-cbc'
before_validation
:enforce_namespace_to_lower_case
...
...
app/models/clusters/providers/gcp.rb
View file @
09f41048
...
...
@@ -11,7 +11,7 @@ module Clusters
attr_encrypted
:access_token
,
mode: :per_attribute_iv
,
key:
Gitlab
::
Application
.
secrets
.
db_key_base
,
key:
Settings
.
attr_encrypted_
db_key_base
,
algorithm:
'aes-256-cbc'
validates
:gcp_project_id
,
...
...
app/models/concerns/cacheable_attributes.rb
View file @
09f41048
...
...
@@ -6,15 +6,16 @@ module CacheableAttributes
end
class_methods
do
def
cache_key
"
#{
name
}
:
#{
Gitlab
::
VERSION
}
:
#{
Gitlab
.
migrations_hash
}
:
#{
Rails
.
version
}
"
.
freeze
end
# Can be overriden
def
current_without_cache
last
end
def
cache_key
"
#{
name
}
:
#{
Gitlab
::
VERSION
}
:
#{
Gitlab
.
migrations_hash
}
:json"
.
freeze
end
# Can be overriden
def
defaults
{}
end
...
...
@@ -24,10 +25,18 @@ module CacheableAttributes
end
def
cached
json_attributes
=
Rails
.
cache
.
read
(
cache_key
)
return
nil
unless
json_attributes
.
present?
if
RequestStore
.
active?
RequestStore
[
:"
#{
name
}
_cached_attributes"
]
||=
retrieve_from_cache
else
retrieve_from_cache
end
end
build_from_defaults
(
JSON
.
parse
(
json_attributes
))
def
retrieve_from_cache
record
=
Rails
.
cache
.
read
(
cache_key
)
ensure_cache_setup
if
record
.
present?
record
end
def
current
...
...
@@ -35,7 +44,12 @@ module CacheableAttributes
return
cached_record
if
cached_record
.
present?
current_without_cache
.
tap
{
|
current_record
|
current_record
&
.
cache!
}
rescue
rescue
=>
e
if
Rails
.
env
.
production?
Rails
.
logger
.
warn
(
"Cached record for
#{
name
}
couldn't be loaded, falling back to uncached record:
#{
e
}
"
)
else
raise
e
end
# Fall back to an uncached value if there are any problems (e.g. Redis down)
current_without_cache
end
...
...
@@ -46,9 +60,15 @@ module CacheableAttributes
# Gracefully handle when Redis is not available. For example,
# omnibus may fail here during gitlab:assets:compile.
end
def
ensure_cache_setup
# This is a workaround for a Rails bug that causes attribute methods not
# to be loaded when read from cache: https://github.com/rails/rails/issues/27348
define_attribute_methods
end
end
def
cache!
Rails
.
cache
.
write
(
self
.
class
.
cache_key
,
attributes
.
to_json
)
Rails
.
cache
.
write
(
self
.
class
.
cache_key
,
self
)
end
end
app/models/concerns/has_variable.rb
View file @
09f41048
...
...
@@ -13,7 +13,7 @@ module HasVariable
attr_encrypted
:value
,
mode: :per_attribute_iv_and_salt
,
insecure_mode:
true
,
key:
Gitlab
::
Application
.
secrets
.
db_key_base
,
key:
Settings
.
attr_encrypted_
db_key_base
,
algorithm:
'aes-256-cbc'
def
key
=
(
new_key
)
...
...
app/models/pages_domain.rb
View file @
09f41048
...
...
@@ -19,7 +19,7 @@ class PagesDomain < ActiveRecord::Base
attr_encrypted
:key
,
mode: :per_attribute_iv_and_salt
,
insecure_mode:
true
,
key:
Gitlab
::
Application
.
secrets
.
db_key_base
,
key:
Settings
.
attr_encrypted_
db_key_base
,
algorithm:
'aes-256-cbc'
after_initialize
:set_verification_code
...
...
app/models/project_import_data.rb
View file @
09f41048
...
...
@@ -3,7 +3,7 @@ require 'carrierwave/orm/activerecord'
class
ProjectImportData
<
ActiveRecord
::
Base
belongs_to
:project
,
inverse_of: :import_data
attr_encrypted
:credentials
,
key:
Gitlab
::
Application
.
secrets
.
db_key_base
,
key:
Settings
.
attr_encrypted_
db_key_base
,
marshal:
true
,
encode:
true
,
mode: :per_attribute_iv_and_salt
,
...
...
app/models/remote_mirror.rb
View file @
09f41048
...
...
@@ -5,7 +5,7 @@ class RemoteMirror < ActiveRecord::Base
UNPROTECTED_BACKOFF_DELAY
=
5
.
minutes
attr_encrypted
:credentials
,
key:
Gitlab
::
Application
.
secrets
.
db_key_base
,
key:
Settings
.
attr_encrypted_
db_key_base
,
marshal:
true
,
encode:
true
,
mode: :per_attribute_iv_and_salt
,
...
...
app/services/ci/register_job_service.rb
View file @
09f41048
...
...
@@ -89,7 +89,10 @@ module Ci
end
def
builds_for_group_runner
hierarchy_groups
=
Gitlab
::
GroupHierarchy
.
new
(
runner
.
groups
).
base_and_descendants
# Workaround for weird Rails bug, that makes `runner.groups.to_sql` to return `runner_id = NULL`
groups
=
::
Group
.
joins
(
:runner_namespaces
).
merge
(
runner
.
runner_namespaces
)
hierarchy_groups
=
Gitlab
::
GroupHierarchy
.
new
(
groups
).
base_and_descendants
projects
=
Project
.
where
(
namespace_id:
hierarchy_groups
)
.
with_group_runners_enabled
.
with_builds_enabled
...
...
config/initializers/secret_token.rb
→
config/initializers/
01_
secret_token.rb
View file @
09f41048
# This file needs to be loaded BEFORE any initializers that attempt to
# prepend modules that require access to secrets (e.g. EE's 0_as_concern.rb).
#
# Be sure to restart your server when you modify this file.
require
'securerandom'
...
...
config/settings.rb
View file @
09f41048
...
...
@@ -85,6 +85,10 @@ class Settings < Settingslogic
File
.
expand_path
(
path
,
Rails
.
root
)
end
def
attr_encrypted_db_key_base
Gitlab
::
Application
.
secrets
.
db_key_base
[
0
..
31
]
end
private
def
base_url
(
config
)
...
...
db/migrate/20160302152808_remove_wrong_import_url_from_projects.rb
View file @
09f41048
...
...
@@ -8,7 +8,7 @@ class RemoveWrongImportUrlFromProjects < ActiveRecord::Migration
extend
AttrEncrypted
attr_accessor
:credentials
attr_encrypted
:credentials
,
key:
Gitlab
::
Application
.
secrets
.
db_key_base
,
key:
Settings
.
attr_encrypted_
db_key_base
,
marshal:
true
,
encode:
true
,
:mode
=>
:per_attribute_iv_and_salt
,
...
...
db/post_migrate/20171124104327_migrate_kubernetes_service_to_new_clusters_architectures.rb
View file @
09f41048
...
...
@@ -48,7 +48,7 @@ class MigrateKubernetesServiceToNewClustersArchitectures < ActiveRecord::Migrati
attr_encrypted
:token
,
mode: :per_attribute_iv
,
key:
Gitlab
::
Application
.
secrets
.
db_key_base
,
key:
Settings
.
attr_encrypted_
db_key_base
,
algorithm:
'aes-256-cbc'
end
...
...
doc/install/installation.md
View file @
09f41048
...
...
@@ -133,9 +133,9 @@ Remove the old Ruby 1.8 if present:
Download Ruby and compile it:
mkdir /tmp/ruby && cd /tmp/ruby
curl --remote-name --progress https://cache.ruby-lang.org/pub/ruby/2.
3/ruby-2.3.7
.tar.gz
echo '
540996fec64984ab6099e34d2f5820b14904f15a ruby-2.3.7.tar.gz' | shasum -c - && tar xzf ruby-2.3.7
.tar.gz
cd ruby-2.
3.7
curl --remote-name --progress https://cache.ruby-lang.org/pub/ruby/2.
4/ruby-2.4.4
.tar.gz
echo '
ec82b0d53bd0adad9b19e6b45e44d54e9ec3f10c ruby-2.4.4.tar.gz' | shasum -c - && tar xzf ruby-2.4.4
.tar.gz
cd ruby-2.
4.4
./configure --disable-install-rdoc
make
...
...
lib/feature.rb
View file @
09f41048
...
...
@@ -63,7 +63,14 @@ class Feature
end
def
flipper
Thread
.
current
[
:flipper
]
||=
if
RequestStore
.
active?
RequestStore
[
:flipper
]
||=
build_flipper_instance
else
@flipper
||=
build_flipper_instance
end
end
def
build_flipper_instance
Flipper
.
new
(
flipper_adapter
).
tap
{
|
flip
|
flip
.
memoize
=
true
}
end
...
...
spec/initializers/secret_token_spec.rb
View file @
09f41048
require
'spec_helper'
require_relative
'../../config/initializers/secret_token'
require_relative
'../../config/initializers/
01_
secret_token'
describe
'create_tokens'
do
include
StubENV
...
...
spec/lib/feature_spec.rb
View file @
09f41048
...
...
@@ -64,4 +64,28 @@ describe Feature do
expect
(
described_class
.
all
).
to
eq
(
features
.
to_a
)
end
end
describe
'.flipper'
do
shared_examples
'a memoized Flipper instance'
do
it
'memoizes the Flipper instance'
do
expect
(
Flipper
).
to
receive
(
:new
).
once
.
and_call_original
2
.
times
do
described_class
.
flipper
end
end
end
context
'when request store is inactive'
do
before
do
described_class
.
instance_variable_set
(
:@flipper
,
nil
)
end
it_behaves_like
'a memoized Flipper instance'
end
context
'when request store is inactive'
,
:request_store
do
it_behaves_like
'a memoized Flipper instance'
end
end
end
spec/models/concerns/cacheable_attributes_spec.rb
View file @
09f41048
...
...
@@ -22,7 +22,7 @@ describe CacheableAttributes do
attr_accessor
:attributes
def
initialize
(
attrs
=
{})
def
initialize
(
attrs
=
{}
,
*
)
@attributes
=
attrs
end
end
...
...
@@ -52,7 +52,7 @@ describe CacheableAttributes do
describe
'.cache_key'
do
it
'excludes cache attributes'
do
expect
(
minimal_test_class
.
cache_key
).
to
eq
(
"TestClass:
#{
Gitlab
::
VERSION
}
:
#{
Gitlab
.
migrations_hash
}
:
json
"
)
expect
(
minimal_test_class
.
cache_key
).
to
eq
(
"TestClass:
#{
Gitlab
::
VERSION
}
:
#{
Gitlab
.
migrations_hash
}
:
#{
Rails
.
version
}
"
)
end
end
...
...
@@ -75,49 +75,117 @@ describe CacheableAttributes do
context
'without any attributes given'
do
it
'intializes a new object with the defaults'
do
expect
(
minimal_test_class
.
build_from_defaults
).
not_to
be_persisted
expect
(
minimal_test_class
.
build_from_defaults
.
attributes
).
to
eq
(
minimal_test_class
.
defaults
)
end
end
context
'with
out
attributes given'
do
context
'with attributes given'
do
it
'intializes a new object with the given attributes merged into the defaults'
do
expect
(
minimal_test_class
.
build_from_defaults
(
foo:
'd'
).
attributes
[
:foo
]).
to
eq
(
'd'
)
end
end
describe
'edge cases on concrete implementations'
do
describe
'.build_from_defaults'
do
context
'without any attributes given'
do
it
'intializes all attributes even if they are nil'
do
record
=
ApplicationSetting
.
build_from_defaults
expect
(
record
).
not_to
be_persisted
expect
(
record
.
sign_in_text
).
to
be_nil
end
end
end
end
end
describe
'.current'
,
:use_clean_rails_memory_store_caching
do
context
'redis unavailable'
do
it
'returns an uncached record'
do
before
do
allow
(
minimal_test_class
).
to
receive
(
:last
).
and_return
(
:last
)
expect
(
Rails
.
cache
).
to
receive
(
:read
).
and_raise
(
Redis
::
BaseError
)
expect
(
Rails
.
cache
).
to
receive
(
:read
).
with
(
minimal_test_class
.
cache_key
).
and_raise
(
Redis
::
BaseError
)
end
context
'in production environment'
do
before
do
expect
(
Rails
.
env
).
to
receive
(
:production?
).
and_return
(
true
)
end
it
'returns an uncached record and logs a warning'
do
expect
(
Rails
.
logger
).
to
receive
(
:warn
).
with
(
"Cached record for TestClass couldn't be loaded, falling back to uncached record: Redis::BaseError"
)
expect
(
minimal_test_class
.
current
).
to
eq
(
:last
)
end
end
context
'in other environments'
do
before
do
expect
(
Rails
.
env
).
to
receive
(
:production?
).
and_return
(
false
)
end
it
'returns an uncached record and logs a warning'
do
expect
(
Rails
.
logger
).
not_to
receive
(
:warn
)
expect
{
minimal_test_class
.
current
}.
to
raise_error
(
Redis
::
BaseError
)
end
end
end
context
'when a record is not yet present'
do
it
'does not cache nil object'
do
# when missing settings a nil object is returned, but not cached
allow
(
minimal_test_class
).
to
receive
(
:last
).
twice
.
and_return
(
nil
)
allow
(
ApplicationSetting
).
to
receive
(
:current_without_cache
).
twice
.
and_return
(
nil
)
expect
(
minimal_test_class
.
current
).
to
be_nil
expect
(
Rails
.
cache
.
exist?
(
minimal_test_class
.
cache_key
)).
to
be
(
false
)
expect
(
ApplicationSetting
.
current
).
to
be_nil
expect
(
Rails
.
cache
.
exist?
(
ApplicationSetting
.
cache_key
)).
to
be
(
false
)
end
it
'cache non-nil object'
do
# when the settings are set the method returns a valid object
allow
(
minimal_test_class
).
to
receive
(
:last
).
and_call_original
it
'caches non-nil object'
do
create
(
:application_setting
)
expect
(
minimal_test_class
.
current
).
to
eq
(
minimal_test_class
.
last
)
expect
(
Rails
.
cache
.
exist?
(
minimal_test_class
.
cache_key
)).
to
be
(
true
)
expect
(
ApplicationSetting
.
current
).
to
eq
(
ApplicationSetting
.
last
)
expect
(
Rails
.
cache
.
exist?
(
ApplicationSetting
.
cache_key
)).
to
be
(
true
)
# subsequent calls retrieve the record from the cache
last_record
=
minimal_test_class
.
last
expect
(
minimal_test_class
).
not_to
receive
(
:last
)
expect
(
minimal_test_class
.
current
.
attributes
).
to
eq
(
last_record
.
attributes
)
last_record
=
ApplicationSetting
.
last
expect
(
ApplicationSetting
).
not_to
receive
(
:current_without_cache
)
expect
(
ApplicationSetting
.
current
.
attributes
).
to
eq
(
last_record
.
attributes
)
end
end
describe
'edge cases'
do
describe
'caching behavior'
,
:use_clean_rails_memory_store_caching
do
it
'retrieves upload fields properly'
do
ar_record
=
create
(
:appearance
,
:with_logo
)
ar_record
.
cache!
cache_record
=
Appearance
.
current
expect
(
cache_record
).
to
be_persisted
expect
(
cache_record
.
logo
).
to
be_an
(
AttachmentUploader
)
expect
(
cache_record
.
logo
.
url
).
to
end_with
(
'/dk.png'
)
end
it
'retrieves markdown fields properly'
do
ar_record
=
create
(
:appearance
,
description:
'**Hello**'
)
ar_record
.
cache!
cache_record
=
Appearance
.
current
expect
(
cache_record
.
description
).
to
eq
(
'**Hello**'
)
expect
(
cache_record
.
description_html
).
to
eq
(
'<p dir="auto"><strong>Hello</strong></p>'
)
end
end
end
it
'uses RequestStore in addition to Rails.cache'
,
:request_store
do
# Warm up the cache
create
(
:application_setting
).
cache!
expect
(
Rails
.
cache
).
to
receive
(
:read
).
with
(
ApplicationSetting
.
cache_key
).
once
.
and_call_original
2
.
times
{
ApplicationSetting
.
current
}
end
end
describe
'.cached'
,
:use_clean_rails_memory_store_caching
do
...
...
@@ -127,27 +195,36 @@ describe CacheableAttributes do
end
end
context
'when cached
settings do not include the latest defaults
'
do
context
'when cached
is warm
'
do
before
do
Rails
.
cache
.
write
(
minimal_test_class
.
cache_key
,
{
bar:
'b'
,
baz:
'c'
}.
to_json
)
minimal_test_class
.
define_singleton_method
(
:defaults
)
do
{
foo:
'a'
,
bar:
'b'
,
baz:
'c'
}
end
# Warm up the cache
create
(
:appearance
).
cache!
end
it
'includes attributes from defaults'
do
expect
(
minimal_test_class
.
cached
.
attributes
[
:foo
]).
to
eq
(
minimal_test_class
.
defaults
[
:foo
])
it
'retrieves the record from cache'
do
expect
(
ActiveRecord
::
QueryRecorder
.
new
{
Appearance
.
cached
}.
count
).
to
eq
(
0
)
expect
(
Appearance
.
cached
).
to
eq
(
Appearance
.
current_without_cache
)
end
end
end
describe
'#cache!'
,
:use_clean_rails_memory_store_caching
do
let
(
:
appearance_
record
)
{
create
(
:appearance
)
}
let
(
:record
)
{
create
(
:appearance
)
}
it
'caches the attributes'
do
appearance_
record
.
cache!
record
.
cache!
expect
(
Rails
.
cache
.
read
(
Appearance
.
cache_key
)).
to
eq
(
appearance_record
.
attributes
.
to_json
)
expect
(
Rails
.
cache
.
read
(
Appearance
.
cache_key
)).
to
eq
(
record
)
end
describe
'edge cases'
do
let
(
:record
)
{
create
(
:appearance
)
}
it
'caches the attributes'
do
record
.
cache!
expect
(
Rails
.
cache
.
read
(
Appearance
.
cache_key
)).
to
eq
(
record
)
end
end
end
end
spec/models/concerns/has_variable_spec.rb
View file @
09f41048
...
...
@@ -45,8 +45,10 @@ describe HasVariable do
end
it
'fails to decrypt if iv is incorrect'
do
subject
.
encrypted_value_iv
=
SecureRandom
.
hex
# attr_encrypted expects the IV to be 16 bytes and base64-encoded
subject
.
encrypted_value_iv
=
[
SecureRandom
.
hex
(
8
)].
pack
(
'm'
)
subject
.
instance_variable_set
(
:@value
,
nil
)
expect
{
subject
.
value
}
.
to
raise_error
(
OpenSSL
::
Cipher
::
CipherError
,
'bad decrypt'
)
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment