diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-02 03:09:14 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-02 03:09:14 +0300 |
commit | d8714cf67ce4db786b26b64f0f0bef50fb6976e6 (patch) | |
tree | 9a3cc1da29cb2a16113b6b8a1a48b82f368cbb22 /db | |
parent | 3feea9b6078811d20b42548ba98272eeed5af9e4 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'db')
-rw-r--r-- | db/migrate/20201120144823_create_tokens_with_iv.rb | 18 | ||||
-rw-r--r-- | db/migrate/20210112202949_create_composer_cache_file.rb | 34 | ||||
-rw-r--r-- | db/post_migrate/20190606175050_encrypt_feature_flags_clients_tokens.rb | 2 | ||||
-rw-r--r-- | db/post_migrate/20190711201818_encrypt_deploy_tokens_tokens.rb | 2 | ||||
-rw-r--r-- | db/schema_migrations/20201120144823 | 1 | ||||
-rw-r--r-- | db/schema_migrations/20210112202949 | 1 | ||||
-rw-r--r-- | db/structure.sql | 56 |
7 files changed, 112 insertions, 2 deletions
diff --git a/db/migrate/20201120144823_create_tokens_with_iv.rb b/db/migrate/20201120144823_create_tokens_with_iv.rb new file mode 100644 index 00000000000..f8dc75513fb --- /dev/null +++ b/db/migrate/20201120144823_create_tokens_with_iv.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +class CreateTokensWithIv < ActiveRecord::Migration[6.0] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + def change + create_table :token_with_ivs do |t| + t.binary :hashed_token, null: false + t.binary :hashed_plaintext_token, null: false + t.binary :iv, null: false + + t.index :hashed_token, name: 'index_token_with_ivs_on_hashed_token', unique: true, using: :btree + t.index :hashed_plaintext_token, name: 'index_token_with_ivs_on_hashed_plaintext_token', unique: true, using: :btree + end + end +end diff --git a/db/migrate/20210112202949_create_composer_cache_file.rb b/db/migrate/20210112202949_create_composer_cache_file.rb new file mode 100644 index 00000000000..b1c2a1608dd --- /dev/null +++ b/db/migrate/20210112202949_create_composer_cache_file.rb @@ -0,0 +1,34 @@ +# frozen_string_literal: true + +class CreateComposerCacheFile < ActiveRecord::Migration[6.0] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + def up + # rubocop:disable Migration/AddLimitToTextColumns + create_table_with_constraints :packages_composer_cache_files do |t| + t.timestamps_with_timezone + + # record can be deleted after `delete_at` + t.datetime_with_timezone :delete_at + + # which namespace it belongs to + t.integer :namespace_id, null: true + + # file storage related fields + t.integer :file_store, limit: 2, null: false, default: 1 + t.text :file, null: false + t.binary :file_sha256, null: false + + t.index [:namespace_id, :file_sha256], name: "index_packages_composer_cache_namespace_and_sha", using: :btree, unique: true + t.foreign_key :namespaces, column: :namespace_id, on_delete: :nullify + + t.text_limit :file, 255 + end + end + + def down + drop_table :packages_composer_cache_files + end +end diff --git a/db/post_migrate/20190606175050_encrypt_feature_flags_clients_tokens.rb b/db/post_migrate/20190606175050_encrypt_feature_flags_clients_tokens.rb index cb7d723670f..b8df41767f0 100644 --- a/db/post_migrate/20190606175050_encrypt_feature_flags_clients_tokens.rb +++ b/db/post_migrate/20190606175050_encrypt_feature_flags_clients_tokens.rb @@ -10,7 +10,7 @@ class EncryptFeatureFlagsClientsTokens < ActiveRecord::Migration[5.1] def up say_with_time("Encrypting tokens from operations_feature_flags_clients") do FeatureFlagsClient.where('token_encrypted is NULL AND token IS NOT NULL').find_each do |feature_flags_client| - token_encrypted = Gitlab::CryptoHelper.aes256_gcm_encrypt(feature_flags_client.token) + token_encrypted = Gitlab::CryptoHelper.aes256_gcm_encrypt(feature_flags_client.token, nonce: Gitlab::CryptoHelper::AES256_GCM_IV_STATIC) feature_flags_client.update!(token_encrypted: token_encrypted) end end diff --git a/db/post_migrate/20190711201818_encrypt_deploy_tokens_tokens.rb b/db/post_migrate/20190711201818_encrypt_deploy_tokens_tokens.rb index 2eb8d1ee11c..b2de98118b7 100644 --- a/db/post_migrate/20190711201818_encrypt_deploy_tokens_tokens.rb +++ b/db/post_migrate/20190711201818_encrypt_deploy_tokens_tokens.rb @@ -10,7 +10,7 @@ class EncryptDeployTokensTokens < ActiveRecord::Migration[5.1] def up say_with_time("Encrypting tokens from deploy_tokens") do DeploymentTokens.where('token_encrypted is NULL AND token IS NOT NULL').find_each(batch_size: 10000) do |deploy_token| - token_encrypted = Gitlab::CryptoHelper.aes256_gcm_encrypt(deploy_token.token) + token_encrypted = Gitlab::CryptoHelper.aes256_gcm_encrypt(deploy_token.token, nonce: Gitlab::CryptoHelper::AES256_GCM_IV_STATIC) deploy_token.update!(token_encrypted: token_encrypted) end end diff --git a/db/schema_migrations/20201120144823 b/db/schema_migrations/20201120144823 new file mode 100644 index 00000000000..4f0c5c43978 --- /dev/null +++ b/db/schema_migrations/20201120144823 @@ -0,0 +1 @@ +dde424c434c78e22087123fa30eec75c07268a9079fea44339915747aae235e0
\ No newline at end of file diff --git a/db/schema_migrations/20210112202949 b/db/schema_migrations/20210112202949 new file mode 100644 index 00000000000..5926b701b1a --- /dev/null +++ b/db/schema_migrations/20210112202949 @@ -0,0 +1 @@ +56595e67e9e78a9558e6874d75bdcc295b89ab0096d1b37e4d9366e1574d241c
\ No newline at end of file diff --git a/db/structure.sql b/db/structure.sql index c042e83cdb6..91242ef5799 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -14786,6 +14786,27 @@ CREATE SEQUENCE packages_build_infos_id_seq ALTER SEQUENCE packages_build_infos_id_seq OWNED BY packages_build_infos.id; +CREATE TABLE packages_composer_cache_files ( + id bigint NOT NULL, + created_at timestamp with time zone NOT NULL, + updated_at timestamp with time zone NOT NULL, + delete_at timestamp with time zone, + namespace_id integer, + file_store smallint DEFAULT 1 NOT NULL, + file text NOT NULL, + file_sha256 bytea NOT NULL, + CONSTRAINT check_84f5ba81f5 CHECK ((char_length(file) <= 255)) +); + +CREATE SEQUENCE packages_composer_cache_files_id_seq + START WITH 1 + INCREMENT BY 1 + NO MINVALUE + NO MAXVALUE + CACHE 1; + +ALTER SEQUENCE packages_composer_cache_files_id_seq OWNED BY packages_composer_cache_files.id; + CREATE TABLE packages_composer_metadata ( package_id bigint NOT NULL, target_sha bytea NOT NULL, @@ -17439,6 +17460,22 @@ CREATE SEQUENCE todos_id_seq ALTER SEQUENCE todos_id_seq OWNED BY todos.id; +CREATE TABLE token_with_ivs ( + id bigint NOT NULL, + hashed_token bytea NOT NULL, + hashed_plaintext_token bytea NOT NULL, + iv bytea NOT NULL +); + +CREATE SEQUENCE token_with_ivs_id_seq + START WITH 1 + INCREMENT BY 1 + NO MINVALUE + NO MAXVALUE + CACHE 1; + +ALTER SEQUENCE token_with_ivs_id_seq OWNED BY token_with_ivs.id; + CREATE TABLE trending_projects ( id integer NOT NULL, project_id integer NOT NULL @@ -18947,6 +18984,8 @@ ALTER TABLE ONLY operations_user_lists ALTER COLUMN id SET DEFAULT nextval('oper ALTER TABLE ONLY packages_build_infos ALTER COLUMN id SET DEFAULT nextval('packages_build_infos_id_seq'::regclass); +ALTER TABLE ONLY packages_composer_cache_files ALTER COLUMN id SET DEFAULT nextval('packages_composer_cache_files_id_seq'::regclass); + ALTER TABLE ONLY packages_conan_file_metadata ALTER COLUMN id SET DEFAULT nextval('packages_conan_file_metadata_id_seq'::regclass); ALTER TABLE ONLY packages_conan_metadata ALTER COLUMN id SET DEFAULT nextval('packages_conan_metadata_id_seq'::regclass); @@ -19161,6 +19200,8 @@ ALTER TABLE ONLY timelogs ALTER COLUMN id SET DEFAULT nextval('timelogs_id_seq': ALTER TABLE ONLY todos ALTER COLUMN id SET DEFAULT nextval('todos_id_seq'::regclass); +ALTER TABLE ONLY token_with_ivs ALTER COLUMN id SET DEFAULT nextval('token_with_ivs_id_seq'::regclass); + ALTER TABLE ONLY trending_projects ALTER COLUMN id SET DEFAULT nextval('trending_projects_id_seq'::regclass); ALTER TABLE ONLY u2f_registrations ALTER COLUMN id SET DEFAULT nextval('u2f_registrations_id_seq'::regclass); @@ -20311,6 +20352,9 @@ ALTER TABLE ONLY operations_user_lists ALTER TABLE ONLY packages_build_infos ADD CONSTRAINT packages_build_infos_pkey PRIMARY KEY (id); +ALTER TABLE ONLY packages_composer_cache_files + ADD CONSTRAINT packages_composer_cache_files_pkey PRIMARY KEY (id); + ALTER TABLE ONLY packages_composer_metadata ADD CONSTRAINT packages_composer_metadata_pkey PRIMARY KEY (package_id); @@ -20689,6 +20733,9 @@ ALTER TABLE ONLY timelogs ALTER TABLE ONLY todos ADD CONSTRAINT todos_pkey PRIMARY KEY (id); +ALTER TABLE ONLY token_with_ivs + ADD CONSTRAINT token_with_ivs_pkey PRIMARY KEY (id); + ALTER TABLE ONLY trending_projects ADD CONSTRAINT trending_projects_pkey PRIMARY KEY (id); @@ -22549,6 +22596,8 @@ CREATE UNIQUE INDEX index_ops_strategies_user_lists_on_strategy_id_and_user_list CREATE INDEX index_packages_build_infos_on_pipeline_id ON packages_build_infos USING btree (pipeline_id); +CREATE UNIQUE INDEX index_packages_composer_cache_namespace_and_sha ON packages_composer_cache_files USING btree (namespace_id, file_sha256); + CREATE UNIQUE INDEX index_packages_composer_metadata_on_package_id_and_target_sha ON packages_composer_metadata USING btree (package_id, target_sha); CREATE UNIQUE INDEX index_packages_conan_file_metadata_on_package_file_id ON packages_conan_file_metadata USING btree (package_file_id); @@ -23225,6 +23274,10 @@ CREATE INDEX index_todos_on_user_id_and_id_done ON todos USING btree (user_id, i CREATE INDEX index_todos_on_user_id_and_id_pending ON todos USING btree (user_id, id) WHERE ((state)::text = 'pending'::text); +CREATE UNIQUE INDEX index_token_with_ivs_on_hashed_plaintext_token ON token_with_ivs USING btree (hashed_plaintext_token); + +CREATE UNIQUE INDEX index_token_with_ivs_on_hashed_token ON token_with_ivs USING btree (hashed_token); + CREATE UNIQUE INDEX index_trending_projects_on_project_id ON trending_projects USING btree (project_id); CREATE INDEX index_u2f_registrations_on_key_handle ON u2f_registrations USING btree (key_handle); @@ -25532,6 +25585,9 @@ ALTER TABLE ONLY namespace_aggregation_schedules ALTER TABLE ONLY approval_project_rules_protected_branches ADD CONSTRAINT fk_rails_b7567b031b FOREIGN KEY (protected_branch_id) REFERENCES protected_branches(id) ON DELETE CASCADE; +ALTER TABLE ONLY packages_composer_cache_files + ADD CONSTRAINT fk_rails_b82cea43a0 FOREIGN KEY (namespace_id) REFERENCES namespaces(id) ON DELETE SET NULL; + ALTER TABLE ONLY alerts_service_data ADD CONSTRAINT fk_rails_b93215a42c FOREIGN KEY (service_id) REFERENCES services(id) ON DELETE CASCADE; |