Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
e5f50a66
Commit
e5f50a66
authored
Sep 22, 2021
by
Thong Kuah
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Allowlist various callsites for cross-database queries
Together these callsites are called about 500 times in CI
parent
f599cd82
Changes
6
Show whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
43 additions
and
20 deletions
+43
-20
app/controllers/groups/runners_controller.rb
app/controllers/groups/runners_controller.rb
+9
-5
app/controllers/groups/settings/ci_cd_controller.rb
app/controllers/groups/settings/ci_cd_controller.rb
+5
-0
app/controllers/projects/merge_requests_controller.rb
app/controllers/projects/merge_requests_controller.rb
+10
-8
app/controllers/projects/settings/ci_cd_controller.rb
app/controllers/projects/settings/ci_cd_controller.rb
+5
-0
app/models/ci/runner.rb
app/models/ci/runner.rb
+14
-6
spec/support/database/cross-join-allowlist.yml
spec/support/database/cross-join-allowlist.yml
+0
-1
No files found.
app/controllers/groups/runners_controller.rb
View file @
e5f50a66
...
@@ -10,9 +10,11 @@ class Groups::RunnersController < Groups::ApplicationController
...
@@ -10,9 +10,11 @@ class Groups::RunnersController < Groups::ApplicationController
feature_category
:runner
feature_category
:runner
def
index
def
index
::
Gitlab
::
Database
.
allow_cross_joins_across_databases
(
url:
'https://gitlab.com/gitlab-org/gitlab/-/issues/336433'
)
do
finder
=
Ci
::
RunnersFinder
.
new
(
current_user:
current_user
,
params:
{
group:
@group
})
finder
=
Ci
::
RunnersFinder
.
new
(
current_user:
current_user
,
params:
{
group:
@group
})
@group_runners_limited_count
=
finder
.
execute
.
except
(
:limit
,
:offset
).
page
.
total_count_with_limit
(
:all
,
limit:
1000
)
@group_runners_limited_count
=
finder
.
execute
.
except
(
:limit
,
:offset
).
page
.
total_count_with_limit
(
:all
,
limit:
1000
)
end
end
end
def
runner_list_group_view_vue_ui_enabled
def
runner_list_group_view_vue_ui_enabled
return
render_404
unless
Feature
.
enabled?
(
:runner_list_group_view_vue_ui
,
group
,
default_enabled: :yaml
)
return
render_404
unless
Feature
.
enabled?
(
:runner_list_group_view_vue_ui
,
group
,
default_enabled: :yaml
)
...
@@ -61,10 +63,12 @@ class Groups::RunnersController < Groups::ApplicationController
...
@@ -61,10 +63,12 @@ class Groups::RunnersController < Groups::ApplicationController
private
private
def
runner
def
runner
::
Gitlab
::
Database
.
allow_cross_joins_across_databases
(
url:
'https://gitlab.com/gitlab-org/gitlab/-/issues/336433'
)
do
@runner
||=
Ci
::
RunnersFinder
.
new
(
current_user:
current_user
,
params:
{
group:
@group
}).
execute
@runner
||=
Ci
::
RunnersFinder
.
new
(
current_user:
current_user
,
params:
{
group:
@group
}).
execute
.
except
(
:limit
,
:offset
)
.
except
(
:limit
,
:offset
)
.
find
(
params
[
:id
])
.
find
(
params
[
:id
])
end
end
end
def
runner_params
def
runner_params
params
.
require
(
:runner
).
permit
(
Ci
::
Runner
::
FORM_EDITABLE
)
params
.
require
(
:runner
).
permit
(
Ci
::
Runner
::
FORM_EDITABLE
)
...
...
app/controllers/groups/settings/ci_cd_controller.rb
View file @
e5f50a66
...
@@ -23,6 +23,11 @@ module Groups
...
@@ -23,6 +23,11 @@ module Groups
@group_runners
=
runners_finder
.
execute
.
page
(
params
[
:page
]).
per
(
NUMBER_OF_RUNNERS_PER_PAGE
)
@group_runners
=
runners_finder
.
execute
.
page
(
params
[
:page
]).
per
(
NUMBER_OF_RUNNERS_PER_PAGE
)
@sort
=
runners_finder
.
sort_key
@sort
=
runners_finder
.
sort_key
# Allow sql generated by the two relations above, @all_group_runners and @group_runners
::
Gitlab
::
Database
.
allow_cross_joins_across_databases
(
url:
'https://gitlab.com/gitlab-org/gitlab/-/issues/336433'
)
do
render
end
end
end
def
update
def
update
...
...
app/controllers/projects/merge_requests_controller.rb
View file @
e5f50a66
...
@@ -192,6 +192,7 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
...
@@ -192,6 +192,7 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
Gitlab
::
PollingInterval
.
set_header
(
response
,
interval:
10_000
)
Gitlab
::
PollingInterval
.
set_header
(
response
,
interval:
10_000
)
::
Gitlab
::
Database
.
allow_cross_joins_across_databases
(
url:
'https://gitlab.com/gitlab-org/gitlab/-/issues/336891'
)
do
render
json:
{
render
json:
{
pipelines:
PipelineSerializer
pipelines:
PipelineSerializer
.
new
(
project:
@project
,
current_user:
@current_user
)
.
new
(
project:
@project
,
current_user:
@current_user
)
...
@@ -202,6 +203,7 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
...
@@ -202,6 +203,7 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
}
}
}
}
end
end
end
def
sast_reports
def
sast_reports
reports_response
(
merge_request
.
compare_sast_reports
(
current_user
),
head_pipeline
)
reports_response
(
merge_request
.
compare_sast_reports
(
current_user
),
head_pipeline
)
...
...
app/controllers/projects/settings/ci_cd_controller.rb
View file @
e5f50a66
...
@@ -25,6 +25,11 @@ module Projects
...
@@ -25,6 +25,11 @@ module Projects
@project
.
triggers
,
current_user:
current_user
,
project:
@project
@project
.
triggers
,
current_user:
current_user
,
project:
@project
).
to_json
).
to_json
end
end
# @assignable_runners is using ci_owned_runners
::
Gitlab
::
Database
.
allow_cross_joins_across_databases
(
url:
'https://gitlab.com/gitlab-org/gitlab/-/issues/336436'
)
do
render
end
end
end
def
update
def
update
...
...
app/models/ci/runner.rb
View file @
e5f50a66
...
@@ -280,8 +280,10 @@ module Ci
...
@@ -280,8 +280,10 @@ module Ci
end
end
def
belongs_to_more_than_one_project?
def
belongs_to_more_than_one_project?
::
Gitlab
::
Database
.
allow_cross_joins_across_databases
(
url:
'https://gitlab.com/gitlab-org/gitlab/-/issues/338659'
)
do
self
.
projects
.
limit
(
2
).
count
(
:all
)
>
1
self
.
projects
.
limit
(
2
).
count
(
:all
)
>
1
end
end
end
def
assigned_to_group?
def
assigned_to_group?
runner_namespaces
.
any?
runner_namespaces
.
any?
...
@@ -309,8 +311,10 @@ module Ci
...
@@ -309,8 +311,10 @@ module Ci
end
end
def
only_for?
(
project
)
def
only_for?
(
project
)
::
Gitlab
::
Database
.
allow_cross_joins_across_databases
(
url:
'https://gitlab.com/gitlab-org/gitlab/-/issues/338659'
)
do
projects
==
[
project
]
projects
==
[
project
]
end
end
end
def
short_sha
def
short_sha
token
[
0
...
8
]
if
token
token
[
0
...
8
]
if
token
...
@@ -444,16 +448,20 @@ module Ci
...
@@ -444,16 +448,20 @@ module Ci
end
end
def
any_project
def
any_project
::
Gitlab
::
Database
.
allow_cross_joins_across_databases
(
url:
'https://gitlab.com/gitlab-org/gitlab/-/issues/338659'
)
do
unless
projects
.
any?
unless
projects
.
any?
errors
.
add
(
:runner
,
'needs to be assigned to at least one project'
)
errors
.
add
(
:runner
,
'needs to be assigned to at least one project'
)
end
end
end
end
end
def
exactly_one_group
def
exactly_one_group
::
Gitlab
::
Database
.
allow_cross_joins_across_databases
(
url:
'https://gitlab.com/gitlab-org/gitlab/-/issues/338659'
)
do
unless
groups
.
one?
unless
groups
.
one?
errors
.
add
(
:runner
,
'needs to be assigned to exactly one group'
)
errors
.
add
(
:runner
,
'needs to be assigned to exactly one group'
)
end
end
end
end
end
def
matches_build?
(
build
)
def
matches_build?
(
build
)
runner_matcher
.
matches?
(
build
.
build_matcher
)
runner_matcher
.
matches?
(
build
.
build_matcher
)
...
...
spec/support/database/cross-join-allowlist.yml
View file @
e5f50a66
...
@@ -67,7 +67,6 @@
...
@@ -67,7 +67,6 @@
-
"
./spec/features/projects/pipelines/pipeline_spec.rb"
-
"
./spec/features/projects/pipelines/pipeline_spec.rb"
-
"
./spec/features/projects/pipelines/pipelines_spec.rb"
-
"
./spec/features/projects/pipelines/pipelines_spec.rb"
-
"
./spec/features/projects/settings/pipelines_settings_spec.rb"
-
"
./spec/features/projects/settings/pipelines_settings_spec.rb"
-
"
./spec/features/runners_spec.rb"
-
"
./spec/features/security/project/internal_access_spec.rb"
-
"
./spec/features/security/project/internal_access_spec.rb"
-
"
./spec/features/security/project/private_access_spec.rb"
-
"
./spec/features/security/project/private_access_spec.rb"
-
"
./spec/features/security/project/public_access_spec.rb"
-
"
./spec/features/security/project/public_access_spec.rb"
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment