605 lines
17 KiB
Ruby
605 lines
17 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class Environment < ApplicationRecord
|
|
include Gitlab::Utils::StrongMemoize
|
|
include ReactiveCaching
|
|
include FastDestroyAll::Helpers
|
|
include Presentable
|
|
include NullifyIfBlank
|
|
include FromUnion
|
|
|
|
self.reactive_cache_refresh_interval = 1.minute
|
|
self.reactive_cache_lifetime = 55.seconds
|
|
self.reactive_cache_hard_limit = 10.megabytes
|
|
self.reactive_cache_work_type = :external_dependency
|
|
|
|
belongs_to :project, optional: false
|
|
belongs_to :merge_request, optional: true
|
|
|
|
use_fast_destroy :all_deployments
|
|
nullify_if_blank :external_url
|
|
|
|
has_many :all_deployments, class_name: 'Deployment'
|
|
has_many :deployments, -> { visible }
|
|
has_many :successful_deployments, -> { success }, class_name: 'Deployment'
|
|
has_many :active_deployments, -> { active }, class_name: 'Deployment'
|
|
has_many :prometheus_alerts, inverse_of: :environment
|
|
has_many :metrics_dashboard_annotations, class_name: 'Metrics::Dashboard::Annotation', inverse_of: :environment
|
|
has_many :self_managed_prometheus_alert_events, inverse_of: :environment
|
|
has_many :alert_management_alerts, class_name: 'AlertManagement::Alert', inverse_of: :environment
|
|
|
|
# NOTE:
|
|
# 1) no-op arguments is to prevent accidental legacy preloading. See: https://gitlab.com/gitlab-org/gitlab/-/issues/369240
|
|
# 2) If you preload multiple last deployments of environments, use Preloaders::Environments::DeploymentPreloader.
|
|
has_one :last_deployment, -> (_env) { success.ordered }, class_name: 'Deployment', inverse_of: :environment
|
|
has_one :last_visible_deployment, -> (_env) { visible.order(id: :desc) }, inverse_of: :environment, class_name: 'Deployment'
|
|
has_one :upcoming_deployment, -> (_env) { upcoming.order(id: :desc) }, class_name: 'Deployment', inverse_of: :environment
|
|
|
|
Deployment::FINISHED_STATUSES.each do |status|
|
|
has_one :"last_#{status}_deployment", -> (_env) { where(status: status).ordered },
|
|
class_name: 'Deployment', inverse_of: :environment
|
|
end
|
|
|
|
Deployment::UPCOMING_STATUSES.each do |status|
|
|
has_one :"last_#{status}_deployment", -> (_env) { where(status: status).ordered_as_upcoming },
|
|
class_name: 'Deployment', inverse_of: :environment
|
|
end
|
|
|
|
has_one :latest_opened_most_severe_alert, -> { order_severity_with_open_prometheus_alert }, class_name: 'AlertManagement::Alert', inverse_of: :environment
|
|
|
|
before_validation :generate_slug, if: ->(env) { env.slug.blank? }
|
|
before_validation :ensure_environment_tier
|
|
|
|
before_save :set_environment_type
|
|
after_save :clear_reactive_cache!
|
|
|
|
validates :name,
|
|
presence: true,
|
|
uniqueness: { scope: :project_id },
|
|
length: { maximum: 255 },
|
|
format: { with: Gitlab::Regex.environment_name_regex,
|
|
message: Gitlab::Regex.environment_name_regex_message }
|
|
|
|
validates :slug,
|
|
presence: true,
|
|
uniqueness: { scope: :project_id },
|
|
length: { maximum: 24 },
|
|
format: { with: Gitlab::Regex.environment_slug_regex,
|
|
message: Gitlab::Regex.environment_slug_regex_message }
|
|
|
|
validates :external_url,
|
|
length: { maximum: 255 },
|
|
allow_nil: true
|
|
|
|
# Currently, the tier presence is validaed for newly created environments.
|
|
# After the `BackfillEnvironmentTiers` background migration has been completed, we should remove `on: :create`.
|
|
# See https://gitlab.com/gitlab-org/gitlab/-/issues/385253.
|
|
validates :tier, presence: true, on: :create
|
|
validate :safe_external_url
|
|
validate :merge_request_not_changed
|
|
|
|
delegate :manual_actions, to: :last_deployment, allow_nil: true
|
|
delegate :auto_rollback_enabled?, to: :project
|
|
|
|
scope :available, -> { with_state(:available) }
|
|
scope :stopped, -> { with_state(:stopped) }
|
|
|
|
scope :order_by_last_deployed_at, -> do
|
|
order(Arel::Nodes::Grouping.new(max_deployment_id_query).asc.nulls_first)
|
|
end
|
|
scope :order_by_last_deployed_at_desc, -> do
|
|
order(Arel::Nodes::Grouping.new(max_deployment_id_query).desc.nulls_last)
|
|
end
|
|
scope :order_by_name, -> { order('environments.name ASC') }
|
|
|
|
scope :in_review_folder, -> { where(environment_type: "review") }
|
|
scope :for_name, -> (name) { where(name: name) }
|
|
scope :preload_project, -> { preload(:project) }
|
|
scope :auto_stoppable, -> (limit) { available.where('auto_stop_at < ?', Time.zone.now).limit(limit) }
|
|
scope :auto_deletable, -> (limit) { stopped.where('auto_delete_at < ?', Time.zone.now).limit(limit) }
|
|
|
|
scope :deployed_and_updated_before, -> (project_id, before) do
|
|
# this query joins deployments and filters out any environment that has recent deployments
|
|
joins = %{
|
|
LEFT JOIN "deployments" on "deployments".environment_id = "environments".id
|
|
AND "deployments".project_id = #{project_id}
|
|
AND "deployments".updated_at >= #{connection.quote(before)}
|
|
}
|
|
Environment.joins(joins)
|
|
.where(project_id: project_id, updated_at: ...before)
|
|
.group('id', 'deployments.id')
|
|
.having('deployments.id IS NULL')
|
|
end
|
|
scope :without_protected, -> (project) {} # no-op when not in EE mode
|
|
|
|
scope :without_names, -> (names) do
|
|
where.not(name: names)
|
|
end
|
|
scope :without_tiers, -> (tiers) do
|
|
where.not(tier: tiers)
|
|
end
|
|
|
|
##
|
|
# Search environments which have names like the given query.
|
|
# Do not set a large limit unless you've confirmed that it works on gitlab.com scale.
|
|
scope :for_name_like, -> (query, limit: 5) do
|
|
top_level = 'LOWER(environments.name) LIKE LOWER(?) || \'%\''
|
|
|
|
where(top_level, sanitize_sql_like(query)).limit(limit)
|
|
end
|
|
|
|
scope :for_name_like_within_folder, -> (query, limit: 5) do
|
|
within_folder = 'LOWER(ltrim(environments.name, environments.environment_type'\
|
|
' || \'/\')) LIKE LOWER(?) || \'%\''
|
|
|
|
where(within_folder, sanitize_sql_like(query)).limit(limit)
|
|
end
|
|
|
|
scope :for_project, -> (project) { where(project_id: project) }
|
|
scope :for_tier, -> (tier) { where(tier: tier).where.not(tier: nil) }
|
|
scope :for_type, -> (type) { where(environment_type: type) }
|
|
scope :unfoldered, -> { where(environment_type: nil) }
|
|
scope :with_rank, -> do
|
|
select('environments.*, rank() OVER (PARTITION BY project_id ORDER BY id DESC)')
|
|
end
|
|
|
|
scope :with_deployment, -> (sha, status: nil) do
|
|
deployments = Deployment.select(1).where('deployments.environment_id = environments.id').where(sha: sha)
|
|
deployments = deployments.where(status: status) if status
|
|
|
|
where('EXISTS (?)', deployments)
|
|
end
|
|
|
|
scope :stopped_review_apps, -> (before, limit) do
|
|
stopped
|
|
.in_review_folder
|
|
.where("created_at < ?", before)
|
|
.order("created_at ASC")
|
|
.limit(limit)
|
|
end
|
|
|
|
scope :scheduled_for_deletion, -> do
|
|
where.not(auto_delete_at: nil)
|
|
end
|
|
|
|
scope :not_scheduled_for_deletion, -> do
|
|
where(auto_delete_at: nil)
|
|
end
|
|
|
|
enum tier: {
|
|
production: 0,
|
|
staging: 1,
|
|
testing: 2,
|
|
development: 3,
|
|
other: 4
|
|
}
|
|
|
|
state_machine :state, initial: :available do
|
|
event :start do
|
|
transition stopped: :available
|
|
end
|
|
|
|
event :stop do
|
|
transition available: :stopping, if: :wait_for_stop?
|
|
transition available: :stopped, unless: :wait_for_stop?
|
|
end
|
|
|
|
event :stop_complete do
|
|
transition %i(available stopping) => :stopped
|
|
end
|
|
|
|
state :available
|
|
state :stopping
|
|
state :stopped
|
|
|
|
before_transition any => :stopped do |environment|
|
|
environment.auto_stop_at = nil
|
|
end
|
|
|
|
after_transition do |environment|
|
|
environment.expire_etag_cache
|
|
end
|
|
end
|
|
|
|
def self.for_id_and_slug(id, slug)
|
|
find_by(id: id, slug: slug)
|
|
end
|
|
|
|
def self.max_deployment_id_query
|
|
Arel.sql(
|
|
Deployment.select(Deployment.arel_table[:id].maximum)
|
|
.where(Deployment.arel_table[:environment_id].eq(arel_table[:id])).to_sql
|
|
)
|
|
end
|
|
|
|
def self.pluck_names
|
|
pluck(:name)
|
|
end
|
|
|
|
def self.pluck_unique_names
|
|
pluck('DISTINCT(environments.name)')
|
|
end
|
|
|
|
def self.find_or_create_by_name(name)
|
|
find_or_create_by(name: name)
|
|
end
|
|
|
|
def self.valid_states
|
|
self.state_machine.states.map(&:name)
|
|
end
|
|
|
|
def self.schedule_to_delete(at_time = 1.week.from_now)
|
|
update_all(auto_delete_at: at_time)
|
|
end
|
|
|
|
def self.nested
|
|
group('COALESCE(environment_type, id::text)', 'COALESCE(environment_type, name)')
|
|
.select('COALESCE(environment_type, id::text), COALESCE(environment_type, name) AS name',
|
|
'COUNT(*) AS size', 'MAX(id) AS last_id')
|
|
.order('name ASC')
|
|
end
|
|
|
|
class << self
|
|
def count_by_state
|
|
environments_count_by_state = group(:state).count
|
|
|
|
valid_states.index_with do |state|
|
|
environments_count_by_state[state.to_s] || 0
|
|
end
|
|
end
|
|
end
|
|
|
|
def last_deployable
|
|
last_deployment&.deployable
|
|
end
|
|
|
|
def last_deployment_pipeline
|
|
last_deployable&.pipeline
|
|
end
|
|
|
|
# This method returns the deployment records of the last deployment pipeline, that successfully executed to this environment.
|
|
# e.g.
|
|
# A pipeline contains
|
|
# - deploy job A => production environment
|
|
# - deploy job B => production environment
|
|
# In this case, `last_deployment_group` returns both deployments, whereas `last_deployable` returns only B.
|
|
def legacy_last_deployment_group
|
|
return Deployment.none unless last_deployment_pipeline
|
|
|
|
successful_deployments.where(
|
|
deployable_id: last_deployment_pipeline.latest_builds.pluck(:id))
|
|
end
|
|
|
|
def last_visible_deployable
|
|
last_visible_deployment&.deployable
|
|
end
|
|
|
|
def last_visible_pipeline
|
|
last_visible_deployable&.pipeline
|
|
end
|
|
|
|
def clear_prometheus_reactive_cache!(query_name)
|
|
cluster_prometheus_adapter&.clear_prometheus_reactive_cache!(query_name, self)
|
|
end
|
|
|
|
def cluster_prometheus_adapter
|
|
@cluster_prometheus_adapter ||= ::Gitlab::Prometheus::Adapter.new(project, deployment_platform&.cluster).cluster_prometheus_adapter
|
|
end
|
|
|
|
def predefined_variables
|
|
Gitlab::Ci::Variables::Collection.new
|
|
.append(key: 'CI_ENVIRONMENT_NAME', value: name)
|
|
.append(key: 'CI_ENVIRONMENT_SLUG', value: slug)
|
|
end
|
|
|
|
def recently_updated_on_branch?(ref)
|
|
ref.to_s == last_deployment.try(:ref)
|
|
end
|
|
|
|
def set_environment_type
|
|
names = name.split('/')
|
|
|
|
self.environment_type = names.many? ? names.first : nil
|
|
end
|
|
|
|
def includes_commit?(sha)
|
|
return false unless last_deployment
|
|
|
|
last_deployment.includes_commit?(sha)
|
|
end
|
|
|
|
def last_deployed_at
|
|
last_deployment.try(:created_at)
|
|
end
|
|
|
|
def ref_path
|
|
"refs/#{Repository::REF_ENVIRONMENTS}/#{slug}"
|
|
end
|
|
|
|
def formatted_external_url
|
|
return unless external_url
|
|
|
|
external_url.gsub(%r{\A.*?://}, '')
|
|
end
|
|
|
|
def stop_actions_available?
|
|
available? && stop_actions.present?
|
|
end
|
|
|
|
def cancel_deployment_jobs!
|
|
active_deployments.builds.each do |build|
|
|
Gitlab::OptimisticLocking.retry_lock(build, name: 'environment_cancel_deployment_jobs') do |build|
|
|
build.cancel! if build&.cancelable?
|
|
end
|
|
rescue StandardError => e
|
|
Gitlab::ErrorTracking.track_exception(e, environment_id: id, deployment_id: deployment.id)
|
|
end
|
|
end
|
|
|
|
def wait_for_stop?
|
|
stop_actions.present?
|
|
end
|
|
|
|
def stop_with_actions!(current_user)
|
|
return unless available?
|
|
|
|
stop!
|
|
|
|
actions = []
|
|
|
|
stop_actions.each do |stop_action|
|
|
Gitlab::OptimisticLocking.retry_lock(
|
|
stop_action,
|
|
name: 'environment_stop_with_actions'
|
|
) do |build|
|
|
actions << build.play(current_user)
|
|
end
|
|
end
|
|
|
|
actions
|
|
end
|
|
|
|
def stop_actions
|
|
strong_memoize(:stop_actions) do
|
|
last_deployment_group.map(&:stop_action).compact
|
|
end
|
|
end
|
|
|
|
def last_deployment_group
|
|
Deployment.last_deployment_group_for_environment(self)
|
|
end
|
|
|
|
def reset_auto_stop
|
|
update_column(:auto_stop_at, nil)
|
|
end
|
|
|
|
def actions_for(environment)
|
|
return [] unless manual_actions
|
|
|
|
manual_actions.select do |action|
|
|
action.expanded_environment_name == environment
|
|
end
|
|
end
|
|
|
|
def has_terminals?
|
|
available? && deployment_platform.present? && last_deployment.present?
|
|
end
|
|
|
|
def terminals
|
|
with_reactive_cache do |data|
|
|
deployment_platform.terminals(self, data)
|
|
end
|
|
end
|
|
|
|
def calculate_reactive_cache
|
|
return unless has_terminals? && !project.pending_delete?
|
|
|
|
deployment_platform.calculate_reactive_cache_for(self)
|
|
end
|
|
|
|
def deployment_namespace
|
|
strong_memoize(:kubernetes_namespace) do
|
|
deployment_platform.cluster.kubernetes_namespace_for(self) if deployment_platform
|
|
end
|
|
end
|
|
|
|
def has_metrics?
|
|
available? && (prometheus_adapter&.configured? || has_sample_metrics?)
|
|
end
|
|
|
|
def has_sample_metrics?
|
|
!!ENV['USE_SAMPLE_METRICS']
|
|
end
|
|
|
|
def has_opened_alert?
|
|
latest_opened_most_severe_alert.present?
|
|
end
|
|
|
|
def has_running_deployments?
|
|
all_deployments.running.exists?
|
|
end
|
|
|
|
def metrics
|
|
prometheus_adapter.query(:environment, self) if has_metrics_and_can_query?
|
|
end
|
|
|
|
def additional_metrics(*args)
|
|
return unless has_metrics_and_can_query?
|
|
|
|
prometheus_adapter.query(:additional_metrics_environment, self, *args.map(&:to_f))
|
|
end
|
|
|
|
def prometheus_adapter
|
|
@prometheus_adapter ||= Gitlab::Prometheus::Adapter.new(project, deployment_platform&.cluster).prometheus_adapter
|
|
end
|
|
|
|
def slug
|
|
super.presence || generate_slug
|
|
end
|
|
|
|
def external_url_for(path, commit_sha)
|
|
return unless self.external_url
|
|
|
|
public_path = project.public_path_for_source_path(path, commit_sha)
|
|
return unless public_path
|
|
|
|
[external_url.delete_suffix('/'), public_path.delete_prefix('/')].join('/')
|
|
end
|
|
|
|
def expire_etag_cache
|
|
Gitlab::EtagCaching::Store.new.tap do |store|
|
|
store.touch(etag_cache_key)
|
|
end
|
|
end
|
|
|
|
def etag_cache_key
|
|
Gitlab::Routing.url_helpers.project_environments_path(
|
|
project,
|
|
format: :json)
|
|
end
|
|
|
|
def folder_name
|
|
self.environment_type || self.name
|
|
end
|
|
|
|
def name_without_type
|
|
@name_without_type ||= name.delete_prefix("#{environment_type}/")
|
|
end
|
|
|
|
def deployment_platform
|
|
strong_memoize(:deployment_platform) do
|
|
project.deployment_platform(environment: self.name)
|
|
end
|
|
end
|
|
|
|
def knative_services_finder
|
|
if last_deployment&.cluster
|
|
Clusters::KnativeServicesFinder.new(last_deployment.cluster, self)
|
|
end
|
|
end
|
|
|
|
def auto_stop_in
|
|
auto_stop_at - Time.current if auto_stop_at
|
|
end
|
|
|
|
def auto_stop_in=(value)
|
|
if value.nil?
|
|
# Handles edge case when auto_stop_at is already set and the new value is nil.
|
|
# Possible by setting `auto_stop_in: null` in the CI configuration yml.
|
|
self.auto_stop_at = nil
|
|
|
|
return
|
|
end
|
|
|
|
parser = ::Gitlab::Ci::Build::DurationParser.new(value)
|
|
|
|
self.auto_stop_at = parser.seconds_from_now
|
|
rescue ChronicDuration::DurationParseError => ex
|
|
Gitlab::ErrorTracking.track_exception(ex, project_id: self.project_id, environment_id: self.id)
|
|
raise ex
|
|
end
|
|
|
|
def rollout_status
|
|
return unless rollout_status_available?
|
|
|
|
result = rollout_status_with_reactive_cache
|
|
|
|
result || ::Gitlab::Kubernetes::RolloutStatus.loading
|
|
end
|
|
|
|
def ingresses
|
|
return unless rollout_status_available?
|
|
|
|
deployment_platform.ingresses(deployment_namespace)
|
|
end
|
|
|
|
def patch_ingress(ingress, data)
|
|
return unless rollout_status_available?
|
|
|
|
deployment_platform.patch_ingress(deployment_namespace, ingress, data)
|
|
end
|
|
|
|
def clear_all_caches
|
|
expire_etag_cache
|
|
clear_reactive_cache!
|
|
end
|
|
|
|
def should_link_to_merge_requests?
|
|
unfoldered? || production? || staging?
|
|
end
|
|
|
|
def unfoldered?
|
|
environment_type.nil?
|
|
end
|
|
|
|
def deploy_freezes
|
|
Gitlab::SafeRequestStore.fetch("project:#{project_id}:freeze_periods_for_environments") do
|
|
project.freeze_periods
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
# We deliberately avoid using AddressableUrlValidator to allow users to update their environments even if they have
|
|
# misconfigured `environment:url` keyword. The external URL is presented as a clickable link on UI and not consumed
|
|
# in GitLab internally, thus we sanitize the URL before the persistence to make sure the rendered link is XSS safe.
|
|
# See https://gitlab.com/gitlab-org/gitlab/-/issues/337417
|
|
def safe_external_url
|
|
return unless self.external_url.present?
|
|
|
|
new_external_url = Addressable::URI.parse(self.external_url)
|
|
|
|
if Gitlab::Utils::SanitizeNodeLink::UNSAFE_PROTOCOLS.include?(new_external_url.normalized_scheme)
|
|
errors.add(:external_url, "#{new_external_url.normalized_scheme} scheme is not allowed")
|
|
end
|
|
rescue Addressable::URI::InvalidURIError
|
|
errors.add(:external_url, 'URI is invalid')
|
|
end
|
|
|
|
def rollout_status_available?
|
|
has_terminals?
|
|
end
|
|
|
|
def rollout_status_with_reactive_cache
|
|
with_reactive_cache do |data|
|
|
deployment_platform.rollout_status(self, data)
|
|
end
|
|
end
|
|
|
|
def has_metrics_and_can_query?
|
|
has_metrics? && prometheus_adapter.can_query?
|
|
end
|
|
|
|
def generate_slug
|
|
self.slug = Gitlab::Slug::Environment.new(name).generate
|
|
end
|
|
|
|
def ensure_environment_tier
|
|
self.tier ||= guess_tier
|
|
end
|
|
|
|
def merge_request_not_changed
|
|
if merge_request_id_changed? && persisted?
|
|
errors.add(:merge_request, 'merge_request cannot be changed')
|
|
end
|
|
end
|
|
|
|
# Guessing the tier of the environment if it's not explicitly specified by users.
|
|
# See https://en.wikipedia.org/wiki/Deployment_environment for industry standard deployment environments
|
|
def guess_tier
|
|
case name
|
|
when /(dev|review|trunk)/i
|
|
self.class.tiers[:development]
|
|
when /(test|tst|int|ac(ce|)pt|qa|qc|control|quality)/i
|
|
self.class.tiers[:testing]
|
|
when /(st(a|)g|mod(e|)l|pre|demo|non)/i
|
|
self.class.tiers[:staging]
|
|
when /(pr(o|)d|live)/i
|
|
self.class.tiers[:production]
|
|
else
|
|
self.class.tiers[:other]
|
|
end
|
|
end
|
|
end
|
|
|
|
Environment.prepend_mod_with('Environment')
|