Add certificate valid time to pages domain table

Save certificate validity time for pages domains on save
Fill validity time for existing pages domains in background migration

1 files changed, 32 insertions, 0 deletions

diff --git a/lib/gitlab/background_migration/fill_valid_time_for_pages_domain_certificate.rb b/lib/gitlab/background_migration/fill_valid_time_for_pages_domain_certificate.rb
new file mode 100644
index 00000000000..6bc39034ada
--- /dev/null
+++ b/lib/gitlab/background_migration/fill_valid_time_for_pages_domain_certificate.rb
@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module BackgroundMigration
+    # save validity time pages domain
+    class FillValidTimeForPagesDomainCertificate
+      # define PagesDomain with only needed code
+      class PagesDomain < ActiveRecord::Base
+        self.table_name = 'pages_domains'
+
+        def x509
+          return unless certificate.present?
+
+          @x509 ||= OpenSSL::X509::Certificate.new(certificate)
+        rescue OpenSSL::X509::CertificateError
+          nil
+        end
+      end
+
+      def perform(start_id, stop_id)
+        PagesDomain.where(id: start_id..stop_id).find_each do |domain|
+          domain.update_columns(
+            certificate_valid_not_before: domain.x509&.not_before&.iso8601,
+            certificate_valid_not_after: domain.x509&.not_after&.iso8601
+          )
+        rescue => e
+          Rails.logger.error "Failed to update pages domain certificate valid time. id: #{domain.id}, message: #{e.message}"
+        end
+      end
+    end
+  end
+end