Merge tag 'debian/13.12.8+ds1-1' into buster-fasttrack
gitlab Debian release 13.12.8+ds1-1
This commit is contained in:
commit
0e116ca35e
12 changed files with 138 additions and 18 deletions
17
CHANGELOG.md
17
CHANGELOG.md
|
@ -2,6 +2,23 @@
|
||||||
documentation](doc/development/changelog.md) for instructions on adding your own
|
documentation](doc/development/changelog.md) for instructions on adding your own
|
||||||
entry.
|
entry.
|
||||||
|
|
||||||
|
## 13.12.8 (2021-07-07)
|
||||||
|
|
||||||
|
### Security (1 change)
|
||||||
|
|
||||||
|
- [Disable file and network premailer strategies](gitlab-org/security/gitlab@ee69d6d6950bb116cb31523ca805e78af431c25c) ([merge request](gitlab-org/security/gitlab!1545))
|
||||||
|
|
||||||
|
## 13.12.7 (2021-07-05)
|
||||||
|
|
||||||
|
### Fixed (2 changes)
|
||||||
|
|
||||||
|
- [Fix state value in the lfs_object_registry table](gitlab-org/gitlab@feca70558108299a9b7b499e4461b59b7c140ef7) ([merge request](gitlab-org/gitlab!65466)) **GitLab Enterprise Edition**
|
||||||
|
- [Fix pages deployment storage migration](gitlab-org/gitlab@4e806a7b5e0eef8d88bcdb68724c6b7bf3c08293) ([merge request](gitlab-org/gitlab!65366))
|
||||||
|
|
||||||
|
### Changed (1 change)
|
||||||
|
|
||||||
|
- [Move migration to a pre-deployment migration](gitlab-org/gitlab@d02fcd44b3dd797e18221e4e91ab913372bdf18a) ([merge request](gitlab-org/gitlab!65466)) **GitLab Enterprise Edition**
|
||||||
|
|
||||||
## 13.12.6 (2021-07-01)
|
## 13.12.6 (2021-07-01)
|
||||||
|
|
||||||
### Added (1 change)
|
### Added (1 change)
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
13.12.6
|
13.12.8
|
2
VERSION
2
VERSION
|
@ -1 +1 @@
|
||||||
13.12.6
|
13.12.8
|
|
@ -271,8 +271,12 @@ class Namespace < ApplicationRecord
|
||||||
# Includes projects from this namespace and projects from all subgroups
|
# Includes projects from this namespace and projects from all subgroups
|
||||||
# that belongs to this namespace
|
# that belongs to this namespace
|
||||||
def all_projects
|
def all_projects
|
||||||
|
if Feature.enabled?(:recursive_approach_for_all_projects, default_enabled: :yaml)
|
||||||
namespace = user? ? self : self_and_descendants
|
namespace = user? ? self : self_and_descendants
|
||||||
Project.where(namespace: namespace)
|
Project.where(namespace: namespace)
|
||||||
|
else
|
||||||
|
Project.inside_path(full_path)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
# Includes pipelines from this namespace and pipelines from all subgroups
|
# Includes pipelines from this namespace and pipelines from all subgroups
|
||||||
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
---
|
||||||
|
name: recursive_approach_for_all_projects
|
||||||
|
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/64632
|
||||||
|
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/334817
|
||||||
|
milestone: '14.1'
|
||||||
|
type: development
|
||||||
|
group: group::fulfillment
|
||||||
|
default_enabled: true
|
|
@ -7,5 +7,6 @@ Premailer::Rails.config.merge!(
|
||||||
remove_comments: true,
|
remove_comments: true,
|
||||||
remove_ids: false,
|
remove_ids: false,
|
||||||
remove_scripts: false,
|
remove_scripts: false,
|
||||||
output_encoding: 'US-ASCII'
|
output_encoding: 'US-ASCII',
|
||||||
|
strategies: [:asset_pipeline]
|
||||||
)
|
)
|
||||||
|
|
7
debian/changelog
vendored
7
debian/changelog
vendored
|
@ -1,3 +1,10 @@
|
||||||
|
gitlab (13.12.8+ds1-1) experimental; urgency=medium
|
||||||
|
|
||||||
|
* New upstream security release 13.12.8+ds1
|
||||||
|
Fixes: Arbitrary file read via design feature (Severity: critical)
|
||||||
|
|
||||||
|
-- Pirate Praveen <praveen@debian.org> Thu, 08 Jul 2021 21:54:12 +0530
|
||||||
|
|
||||||
gitlab (13.12.6+ds1-1~fto10+1) buster-fasttrack; urgency=medium
|
gitlab (13.12.6+ds1-1~fto10+1) buster-fasttrack; urgency=medium
|
||||||
|
|
||||||
* Rebuild for buster-fasttrack.
|
* Rebuild for buster-fasttrack.
|
||||||
|
|
|
@ -8,7 +8,7 @@ module Gitlab
|
||||||
end
|
end
|
||||||
|
|
||||||
def migrate_to_remote_storage
|
def migrate_to_remote_storage
|
||||||
logger.info('Starting transfer to remote storage')
|
logger.info('Starting transfer to object storage')
|
||||||
|
|
||||||
migrate(items_with_files_stored_locally, ObjectStorage::Store::REMOTE)
|
migrate(items_with_files_stored_locally, ObjectStorage::Store::REMOTE)
|
||||||
end
|
end
|
||||||
|
@ -38,11 +38,11 @@ module Gitlab
|
||||||
end
|
end
|
||||||
|
|
||||||
def log_success(item, store)
|
def log_success(item, store)
|
||||||
logger.info("Transferred #{item.class.name} ID #{item.id} of type #{item.file_type} with size #{item.size} to #{storage_label(store)} storage")
|
logger.info("Transferred #{item.class.name} ID #{item.id} with size #{item.size} to #{storage_label(store)} storage")
|
||||||
end
|
end
|
||||||
|
|
||||||
def log_error(err, item)
|
def log_error(err, item)
|
||||||
logger.warn("Failed to transfer #{item.class.name} of type #{item.file_type} and ID #{item.id} with error: #{err.message}")
|
logger.warn("Failed to transfer #{item.class.name} ID #{item.id} with error: #{err.message}")
|
||||||
end
|
end
|
||||||
|
|
||||||
def storage_label(store)
|
def storage_label(store)
|
||||||
|
|
|
@ -0,0 +1,14 @@
|
||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
require 'spec_helper'
|
||||||
|
require 'support/shared_examples/lib/gitlab/local_and_remote_storage_migration_shared_examples'
|
||||||
|
|
||||||
|
RSpec.describe Gitlab::LocalAndRemoteStorageMigration::ArtifactMigrater do
|
||||||
|
before do
|
||||||
|
stub_artifacts_object_storage(enabled: true)
|
||||||
|
end
|
||||||
|
|
||||||
|
let!(:item) { create(:ci_job_artifact, :archive, file_store: start_store) }
|
||||||
|
|
||||||
|
it_behaves_like 'local and remote storage migration'
|
||||||
|
end
|
|
@ -0,0 +1,14 @@
|
||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
require 'spec_helper'
|
||||||
|
require 'support/shared_examples/lib/gitlab/local_and_remote_storage_migration_shared_examples'
|
||||||
|
|
||||||
|
RSpec.describe Gitlab::LocalAndRemoteStorageMigration::PagesDeploymentMigrater do
|
||||||
|
before do
|
||||||
|
stub_pages_object_storage(::Pages::DeploymentUploader, enabled: true)
|
||||||
|
end
|
||||||
|
|
||||||
|
let!(:item) { create(:pages_deployment, file_store: start_store) }
|
||||||
|
|
||||||
|
it_behaves_like 'local and remote storage migration'
|
||||||
|
end
|
|
@ -1010,7 +1010,7 @@ RSpec.describe Namespace do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe '#all_projects' do
|
shared_examples '#all_projects' do
|
||||||
context 'when namespace is a group' do
|
context 'when namespace is a group' do
|
||||||
let(:namespace) { create(:group) }
|
let(:namespace) { create(:group) }
|
||||||
let(:child) { create(:group, parent: namespace) }
|
let(:child) { create(:group, parent: namespace) }
|
||||||
|
@ -1019,12 +1019,6 @@ RSpec.describe Namespace do
|
||||||
|
|
||||||
it { expect(namespace.all_projects.to_a).to match_array([project2, project1]) }
|
it { expect(namespace.all_projects.to_a).to match_array([project2, project1]) }
|
||||||
it { expect(child.all_projects.to_a).to match_array([project2]) }
|
it { expect(child.all_projects.to_a).to match_array([project2]) }
|
||||||
|
|
||||||
it 'queries for the namespace and its descendants' do
|
|
||||||
expect(Project).to receive(:where).with(namespace: [namespace, child])
|
|
||||||
|
|
||||||
namespace.all_projects
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'when namespace is a user namespace' do
|
context 'when namespace is a user namespace' do
|
||||||
|
@ -1033,13 +1027,21 @@ RSpec.describe Namespace do
|
||||||
let_it_be(:project) { create(:project, namespace: user_namespace) }
|
let_it_be(:project) { create(:project, namespace: user_namespace) }
|
||||||
|
|
||||||
it { expect(user_namespace.all_projects.to_a).to match_array([project]) }
|
it { expect(user_namespace.all_projects.to_a).to match_array([project]) }
|
||||||
|
|
||||||
it 'only queries for the namespace itself' do
|
|
||||||
expect(Project).to receive(:where).with(namespace: user_namespace)
|
|
||||||
|
|
||||||
user_namespace.all_projects
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe '#all_projects' do
|
||||||
|
context 'when recursive approach is enabled' do
|
||||||
|
include_examples '#all_projects'
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when recursive approach is disabled' do
|
||||||
|
before do
|
||||||
|
stub_feature_flags(recursive_approach_for_all_projects: false)
|
||||||
|
end
|
||||||
|
|
||||||
|
include_examples '#all_projects'
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe '#all_pipelines' do
|
describe '#all_pipelines' do
|
||||||
|
|
|
@ -0,0 +1,53 @@
|
||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
RSpec.shared_examples 'local and remote storage migration' do
|
||||||
|
let(:logger) { Logger.new("/dev/null") }
|
||||||
|
let(:migrater) { described_class.new(logger) }
|
||||||
|
|
||||||
|
using RSpec::Parameterized::TableSyntax
|
||||||
|
|
||||||
|
where(:start_store, :end_store, :method) do
|
||||||
|
ObjectStorage::Store::LOCAL | ObjectStorage::Store::REMOTE | :migrate_to_remote_storage
|
||||||
|
ObjectStorage::Store::REMOTE | ObjectStorage::Store::REMOTE | :migrate_to_remote_storage # rubocop:disable Lint/BinaryOperatorWithIdenticalOperands
|
||||||
|
ObjectStorage::Store::REMOTE | ObjectStorage::Store::LOCAL | :migrate_to_local_storage
|
||||||
|
ObjectStorage::Store::LOCAL | ObjectStorage::Store::LOCAL | :migrate_to_local_storage # rubocop:disable Lint/BinaryOperatorWithIdenticalOperands
|
||||||
|
end
|
||||||
|
|
||||||
|
with_them do
|
||||||
|
let(:storage_name) { end_store == ObjectStorage::Store::REMOTE ? 'object' : 'local' }
|
||||||
|
|
||||||
|
it 'successfully migrates' do
|
||||||
|
expect(logger).to receive(:info).with("Starting transfer to #{storage_name} storage")
|
||||||
|
|
||||||
|
if start_store != end_store
|
||||||
|
expect(logger).to receive(:info).with("Transferred #{item.class.name} ID #{item.id} with size #{item.size} to #{storage_name} storage")
|
||||||
|
end
|
||||||
|
|
||||||
|
expect(item.file_store).to eq(start_store)
|
||||||
|
|
||||||
|
migrater.send(method)
|
||||||
|
|
||||||
|
expect(item.reload.file_store).to eq(end_store)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when migration fails' do
|
||||||
|
let(:start_store) { ObjectStorage::Store::LOCAL }
|
||||||
|
|
||||||
|
it 'prints error' do
|
||||||
|
expect_next_instance_of(item.file.class) do |file|
|
||||||
|
expect(file).to receive(:migrate!).and_raise("error message")
|
||||||
|
end
|
||||||
|
|
||||||
|
expect(logger).to receive(:info).with("Starting transfer to object storage")
|
||||||
|
|
||||||
|
expect(logger).to receive(:warn).with("Failed to transfer #{item.class.name} ID #{item.id} with error: error message")
|
||||||
|
|
||||||
|
expect(item.file_store).to eq(start_store)
|
||||||
|
|
||||||
|
migrater.migrate_to_remote_storage
|
||||||
|
|
||||||
|
expect(item.reload.file_store).to eq(start_store)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in a new issue