debian-mirror-gitlab/app/services/projects/destroy_service.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

306 lines
11 KiB
Ruby
Raw Normal View History

2018-11-18 11:00:15 +05:30
# frozen_string_literal: true
2014-09-02 18:07:02 +05:30
module Projects
class DestroyService < BaseService
2015-09-11 14:41:01 +05:30
include Gitlab::ShellAdapter
2017-08-17 22:00:37 +05:30
DestroyError = Class.new(StandardError)
2021-11-18 22:05:49 +05:30
BATCH_SIZE = 100
2015-09-11 14:41:01 +05:30
2016-09-13 17:45:13 +05:30
def async_execute
2017-09-10 17:25:29 +05:30
project.update_attribute(:pending_delete, true)
2019-03-02 22:35:43 +05:30
2017-09-10 17:25:29 +05:30
job_id = ProjectDestroyWorker.perform_async(project.id, current_user.id, params)
2020-03-13 15:44:24 +05:30
log_info("User #{current_user.id} scheduled destruction of project #{project.full_path} with job ID #{job_id}")
2016-04-02 18:10:28 +05:30
end
2014-09-02 18:07:02 +05:30
def execute
return false unless can?(current_user, :remove_project, project)
2021-02-11 23:33:58 +05:30
project.update_attribute(:pending_delete, true)
2016-04-02 18:10:28 +05:30
# Flush the cache for both repositories. This has to be done _before_
# removing the physical repositories as some expiration code depends on
# Git data (e.g. a list of branch names).
2017-09-10 17:25:29 +05:30
flush_caches(project)
2016-04-02 18:10:28 +05:30
2022-01-26 12:08:38 +05:30
::Ci::AbortPipelinesService.new.execute(project.all_pipelines, :project_deleted)
2021-02-11 23:33:58 +05:30
2016-09-29 09:46:39 +05:30
Projects::UnlinkForkService.new(project, current_user).execute
2020-11-24 15:15:51 +05:30
attempt_destroy(project)
2014-09-02 18:07:02 +05:30
2015-09-11 14:41:01 +05:30
system_hook_service.execute_hooks_for(project, :destroy)
2020-10-24 23:57:45 +05:30
log_info("Project \"#{project.full_path}\" was deleted")
2017-09-10 17:25:29 +05:30
2022-05-07 20:08:51 +05:30
publish_project_deleted_event_for(project)
2022-04-04 11:22:00 +05:30
2023-04-23 21:23:45 +05:30
project.invalidate_personal_projects_count_of_owner
2018-05-09 12:01:36 +05:30
2015-09-11 14:41:01 +05:30
true
2021-06-08 01:23:25 +05:30
rescue StandardError => error
2022-03-02 08:16:31 +05:30
context = Gitlab::ApplicationContext.current.merge(project_id: project.id)
Gitlab::ErrorTracking.track_exception(error, **context)
2017-09-10 17:25:29 +05:30
attempt_rollback(project, error.message)
false
rescue Exception => error # rubocop:disable Lint/RescueException
# Project.transaction can raise Exception
attempt_rollback(project, error.message)
raise
2015-09-11 14:41:01 +05:30
end
private
2020-04-08 14:13:33 +05:30
def trash_project_repositories!
2020-03-13 15:44:24 +05:30
unless remove_repository(project.repository)
2019-07-31 22:56:46 +05:30
raise_error(s_('DeleteProject|Failed to remove project repository. Please try again or contact administrator.'))
2017-09-10 17:25:29 +05:30
end
2020-03-13 15:44:24 +05:30
unless remove_repository(project.wiki.repository)
2019-07-31 22:56:46 +05:30
raise_error(s_('DeleteProject|Failed to remove wiki repository. Please try again or contact administrator.'))
2017-09-10 17:25:29 +05:30
end
end
2020-04-08 14:13:33 +05:30
def trash_relation_repositories!
unless remove_snippets
raise_error(s_('DeleteProject|Failed to remove project snippets. Please try again or contact administrator.'))
end
end
def remove_snippets
2022-10-11 01:57:18 +05:30
# We're setting the skip_authorization param because we dont need to perform the access checks within the service since
2022-05-07 20:08:51 +05:30
# the user has enough access rights to remove the project and its resources.
2022-10-11 01:57:18 +05:30
response = ::Snippets::BulkDestroyService.new(current_user, project.snippets).execute(skip_authorization: true)
2022-05-07 20:08:51 +05:30
if response.error?
log_error("Snippet deletion failed on #{project.full_path} with the following message: #{response.message}")
end
2020-04-08 14:13:33 +05:30
response.success?
end
2022-01-26 12:08:38 +05:30
def destroy_events!
unless remove_events
raise_error(s_('DeleteProject|Failed to remove events. Please try again or contact administrator.'))
end
end
def remove_events
2022-03-02 08:16:31 +05:30
log_info("Attempting to destroy events from #{project.full_path} (#{project.id})")
2022-01-26 12:08:38 +05:30
response = ::Events::DestroyService.new(project).execute
2022-03-02 08:16:31 +05:30
if response.error?
log_error("Event deletion failed on #{project.full_path} with the following message: #{response.message}")
end
2022-01-26 12:08:38 +05:30
response.success?
end
2020-03-13 15:44:24 +05:30
def remove_repository(repository)
return true unless repository
2018-11-08 19:23:39 +05:30
2020-03-13 15:44:24 +05:30
result = Repositories::DestroyService.new(repository).execute
2015-09-11 14:41:01 +05:30
2020-03-13 15:44:24 +05:30
result[:status] == :success
2015-09-11 14:41:01 +05:30
end
2017-09-10 17:25:29 +05:30
def attempt_rollback(project, message)
return unless project
2018-03-27 19:54:05 +05:30
# It's possible that the project was destroyed, but some after_commit
# hook failed and caused us to end up here. A destroyed model will be a frozen hash,
# which cannot be altered.
2018-11-18 11:00:15 +05:30
project.update(delete_error: message, pending_delete: false) unless project.destroyed?
2018-03-27 19:54:05 +05:30
2017-09-10 17:25:29 +05:30
log_error("Deletion failed on #{project.full_path} with the following message: #{message}")
end
2020-11-24 15:15:51 +05:30
def attempt_destroy(project)
2018-12-05 23:21:45 +05:30
unless remove_registry_tags
2019-07-31 22:56:46 +05:30
raise_error(s_('DeleteProject|Failed to remove some tags in project container registry. Please try again or contact administrator.'))
2018-12-05 23:21:45 +05:30
end
2017-09-10 17:25:29 +05:30
2019-02-15 15:39:39 +05:30
project.leave_pool_repository
2021-04-17 20:07:23 +05:30
destroy_project_related_records(project)
2017-09-10 17:25:29 +05:30
end
2020-11-24 15:15:51 +05:30
def destroy_project_related_records(project)
log_destroy_event
trash_relation_repositories!
trash_project_repositories!
2022-01-26 12:08:38 +05:30
destroy_events!
2021-09-04 01:27:46 +05:30
destroy_web_hooks!
2021-09-30 23:02:18 +05:30
destroy_project_bots!
2022-01-26 12:08:38 +05:30
destroy_ci_records!
2022-08-13 15:12:31 +05:30
destroy_mr_diff_relations!
2021-11-18 22:05:49 +05:30
2022-11-25 23:54:43 +05:30
destroy_merge_request_diffs!
2022-10-11 01:57:18 +05:30
2020-11-24 15:15:51 +05:30
# Rails attempts to load all related records into memory before
# destroying: https://github.com/rails/rails/issues/22510
# This ensures we delete records in batches.
#
# Exclude container repositories because its before_destroy would be
# called multiple times, and it doesn't destroy any database records.
project.destroy_dependent_associations_in_batches(exclude: [:container_repositories, :snippets])
project.destroy!
end
2018-11-08 19:23:39 +05:30
def log_destroy_event
log_info("Attempting to destroy #{project.full_path} (#{project.id})")
end
2022-04-04 11:22:00 +05:30
# Projects will have at least one merge_request_diff_commit for every commit
# contained in every MR, which deleting via `project.destroy!` and
# cascading deletes may exceed statement timeouts, causing failures.
# (see https://gitlab.com/gitlab-org/gitlab/-/issues/346166)
#
2022-08-13 15:12:31 +05:30
# Removing merge_request_diff_files records may also cause timeouts, so they
# can be deleted in batches as well.
#
2022-04-04 11:22:00 +05:30
# rubocop: disable CodeReuse/ActiveRecord
2022-08-13 15:12:31 +05:30
def destroy_mr_diff_relations!
2022-04-04 11:22:00 +05:30
delete_batch_size = 1000
2022-10-11 01:57:18 +05:30
project.merge_requests.each_batch(column: :iid, of: BATCH_SIZE) do |relation_ids|
2022-08-13 15:12:31 +05:30
[MergeRequestDiffCommit, MergeRequestDiffFile].each do |model|
loop do
inner_query = model
.select(:merge_request_diff_id, :relative_order)
.where(merge_request_diff_id: MergeRequestDiff.where(merge_request_id: relation_ids).select(:id))
.limit(delete_batch_size)
deleted_rows = model
.where("(#{model.table_name}.merge_request_diff_id, #{model.table_name}.relative_order) IN (?)", inner_query) # rubocop:disable GitlabSecurity/SqlInjection
.delete_all
break if deleted_rows == 0
end
2022-04-04 11:22:00 +05:30
end
end
end
# rubocop: enable CodeReuse/ActiveRecord
2022-10-11 01:57:18 +05:30
# rubocop: disable CodeReuse/ActiveRecord
def destroy_merge_request_diffs!
delete_batch_size = 1000
project.merge_requests.each_batch(column: :iid, of: BATCH_SIZE) do |relation|
loop do
deleted_rows = MergeRequestDiff
.where(merge_request: relation)
.limit(delete_batch_size)
.delete_all
break if deleted_rows == 0
end
end
end
# rubocop: enable CodeReuse/ActiveRecord
2021-11-18 22:05:49 +05:30
def destroy_ci_records!
2022-07-23 23:45:48 +05:30
# Make sure to destroy this first just in case the project is undergoing stats refresh.
# This is to avoid logging the artifact deletion in Ci::JobArtifacts::DestroyBatchService.
project.build_artifacts_size_refresh&.destroy
2021-11-18 22:05:49 +05:30
project.all_pipelines.find_each(batch_size: BATCH_SIZE) do |pipeline| # rubocop: disable CodeReuse/ActiveRecord
# Destroy artifacts, then builds, then pipelines
# All builds have already been dropped by Ci::AbortPipelinesService,
# so no Ci::Build-instantiating cancellations happen here.
# https://gitlab.com/gitlab-org/gitlab/-/merge_requests/71342#note_691523196
::Ci::DestroyPipelineService.new(project, current_user).execute(pipeline)
end
2022-05-07 20:08:51 +05:30
project.secure_files.find_each(batch_size: BATCH_SIZE) do |secure_file| # rubocop: disable CodeReuse/ActiveRecord
::Ci::DestroySecureFileService.new(project, current_user).execute(secure_file)
end
2022-01-26 12:08:38 +05:30
deleted_count = ::CommitStatus.for_project(project).delete_all
2021-11-18 22:05:49 +05:30
2021-12-11 22:18:48 +05:30
Gitlab::AppLogger.info(
class: 'Projects::DestroyService',
project_id: project.id,
message: 'leftover commit statuses',
orphaned_commit_status_count: deleted_count
)
2021-11-18 22:05:49 +05:30
end
2021-06-08 01:23:25 +05:30
# The project can have multiple webhooks with hundreds of thousands of web_hook_logs.
# By default, they are removed with "DELETE CASCADE" option defined via foreign_key.
# But such queries can exceed the statement_timeout limit and fail to delete the project.
# (see https://gitlab.com/gitlab-org/gitlab/-/issues/26259)
#
# To prevent that we use WebHooks::DestroyService. It deletes logs in batches and
# produces smaller and faster queries to the database.
def destroy_web_hooks!
project.hooks.find_each do |web_hook|
2022-08-13 15:12:31 +05:30
result = ::WebHooks::DestroyService.new(current_user).execute(web_hook)
2021-06-08 01:23:25 +05:30
unless result[:status] == :success
raise_error(s_('DeleteProject|Failed to remove webhooks. Please try again or contact administrator.'))
end
end
end
2021-09-30 23:02:18 +05:30
# The project can have multiple project bots with personal access tokens generated.
# We need to remove them when a project is deleted
# rubocop: disable CodeReuse/ActiveRecord
def destroy_project_bots!
project.members.includes(:user).references(:user).merge(User.project_bot).each do |member|
Users::DestroyService.new(current_user).execute(member.user, skip_authorization: true)
end
end
# rubocop: enable CodeReuse/ActiveRecord
2018-12-05 23:21:45 +05:30
def remove_registry_tags
2019-10-12 21:52:04 +05:30
return true unless Gitlab.config.registry.enabled
2018-12-05 23:21:45 +05:30
return false unless remove_legacy_registry_tags
2023-04-23 21:23:45 +05:30
results = []
2018-12-05 23:21:45 +05:30
project.container_repositories.find_each do |container_repository|
2023-04-23 21:23:45 +05:30
results << destroy_repository(project, container_repository)
2018-12-05 23:21:45 +05:30
end
2023-04-23 21:23:45 +05:30
results.all?
2018-12-05 23:21:45 +05:30
end
2017-08-17 22:00:37 +05:30
##
# This method makes sure that we correctly remove registry tags
# for legacy image repository (when repository path equals project path).
#
def remove_legacy_registry_tags
2016-06-02 11:05:42 +05:30
return true unless Gitlab.config.registry.enabled
2023-04-23 21:23:45 +05:30
root_repository = ::ContainerRepository.build_root_repository(project)
root_repository.has_tags? ? destroy_repository(project, root_repository) : true
end
def destroy_repository(project, repository)
service = ContainerRepository::DestroyService.new(project, current_user, { skip_permission_check: true })
response = service.execute(repository)
response[:status] == :success
2016-06-02 11:05:42 +05:30
end
2015-09-11 14:41:01 +05:30
def raise_error(message)
2021-06-08 01:23:25 +05:30
raise DestroyError, message
2015-09-11 14:41:01 +05:30
end
2017-09-10 17:25:29 +05:30
def flush_caches(project)
Projects::ForksCountService.new(project).delete_cache
2016-04-02 18:10:28 +05:30
end
2022-04-04 11:22:00 +05:30
def publish_project_deleted_event_for(project)
2022-08-13 15:12:31 +05:30
event = Projects::ProjectDeletedEvent.new(data: {
project_id: project.id,
namespace_id: project.namespace_id,
root_namespace_id: project.root_namespace.id
})
2022-04-04 11:22:00 +05:30
Gitlab::EventStore.publish(event)
end
2014-09-02 18:07:02 +05:30
end
end
2019-12-04 20:38:33 +05:30
2021-06-08 01:23:25 +05:30
Projects::DestroyService.prepend_mod_with('Projects::DestroyService')