debian-mirror-gitlab/lib/gitlab/ci/config/external/file/project.rb
2023-07-09 08:55:56 +05:30

208 lines
7.4 KiB
Ruby

# frozen_string_literal: true
module Gitlab
module Ci
class Config
module External
module File
class Project < Base
extend ::Gitlab::Utils::Override
include Gitlab::Utils::StrongMemoize
attr_reader :project_name, :ref_name
def initialize(params, context)
# `Repository#blobs_at` does not support files with the `/` prefix.
@location = Gitlab::Utils.remove_leading_slashes(params[:file])
# We are using the same downcase in the `project` method.
@project_name = get_project_name(params[:project]).to_s.downcase
@ref_name = params[:ref] || 'HEAD'
super
end
def matching?
super && project_name.present?
end
def content
strong_memoize(:content) { fetch_local_content }
end
def metadata
super.merge(
type: :file,
location: masked_location,
blob: masked_blob,
raw: masked_raw,
extra: { project: masked_project_name, ref: masked_ref_name }
)
end
def preload_context
#
# calling these methods lazily loads them via BatchLoader
#
project
can_access_local_content?
sha
end
def validate_context!
if !can_access_local_content?
errors.push("Project `#{masked_project_name}` not found or access denied! Make sure any includes in the pipeline configuration are correctly defined.")
elsif sha.nil?
errors.push("Project `#{masked_project_name}` reference `#{masked_ref_name}` does not exist!")
end
end
def validate_content!
if content.nil?
errors.push("Project `#{masked_project_name}` file `#{masked_location}` does not exist!")
elsif content.blank?
errors.push("Project `#{masked_project_name}` file `#{masked_location}` is empty!")
end
end
private
def project
return legacy_project if ::Feature.disabled?(:ci_batch_project_includes_context, context.project)
# Although we use `where_full_path_in`, this BatchLoader does not reduce the number of queries to 1.
# That's because we use it in the `can_access_local_content?` and `sha` BatchLoaders
# as the `for` parameter. And this loads the project immediately.
BatchLoader.for(project_name)
.batch do |project_names, loader|
::Project.where_full_path_in(project_names.uniq).each do |project|
# We are using the same downcase in the `initialize` method.
loader.call(project.full_path.downcase, project)
end
end
end
def can_access_local_content?
if ::Feature.disabled?(:ci_batch_project_includes_context, context.project)
return legacy_can_access_local_content?
end
return if project.nil?
# We are force-loading the project with the `itself` method
# because the `project` variable can be a `BatchLoader` object and we should not
# pass a `BatchLoader` object in the `for` method to prevent unwanted behaviors.
BatchLoader.for(project.itself)
.batch(key: context.user) do |projects, loader, args|
projects.uniq.each do |project|
context.logger.instrument(:config_file_project_validate_access) do
loader.call(project, Ability.allowed?(args[:key], :download_code, project))
end
end
end
end
def sha
return legacy_sha if ::Feature.disabled?(:ci_batch_project_includes_context, context.project)
return if project.nil?
# with `itself`, we are force-loading the project
BatchLoader.for([project.itself, ref_name])
.batch do |project_ref_pairs, loader|
project_ref_pairs.uniq.each do |project, ref_name|
loader.call([project, ref_name], project.commit(ref_name).try(:sha))
end
end
end
def fetch_local_content
BatchLoader.for([sha.to_s, location])
.batch(key: project) do |locations, loader, args|
context.logger.instrument(:config_file_fetch_project_content) do
args[:key].repository.blobs_at(locations).each do |blob|
loader.call([blob.commit_id, blob.path], blob.data)
end
end
rescue GRPC::NotFound, GRPC::Internal
# no-op
end
end
def legacy_project
strong_memoize(:legacy_project) do
::Project.find_by_full_path(project_name)
end
end
def legacy_can_access_local_content?
strong_memoize(:legacy_can_access_local_content) do
context.logger.instrument(:config_file_project_validate_access) do
Ability.allowed?(context.user, :download_code, project)
end
end
end
def legacy_sha
strong_memoize(:legacy_sha) do
project.commit(ref_name).try(:sha)
end
end
override :expand_context_attrs
def expand_context_attrs
{
project: project,
sha: sha.to_s, # we need to use `.to_s` to load the value from the BatchLoader
user: context.user,
parent_pipeline: context.parent_pipeline,
variables: context.variables
}
end
def masked_project_name
strong_memoize(:masked_project_name) do
context.mask_variables_from(project_name)
end
end
def masked_ref_name
strong_memoize(:masked_ref_name) do
context.mask_variables_from(ref_name)
end
end
def masked_blob
return unless valid?
strong_memoize(:masked_blob) do
context.mask_variables_from(
Gitlab::Routing.url_helpers.project_blob_url(project, ::File.join(sha, location))
)
end
end
def masked_raw
return unless valid?
strong_memoize(:masked_raw) do
context.mask_variables_from(
Gitlab::Routing.url_helpers.project_raw_url(project, ::File.join(sha, location))
)
end
end
# TODO: To be removed after we deprecate usage of array in `project` keyword.
# https://gitlab.com/gitlab-org/gitlab/-/issues/365975
def get_project_name(project_name)
if project_name.is_a?(Array)
project_name.first
else
project_name
end
end
end
end
end
end
end
end