diff options
Diffstat (limited to 'app/models/ci/secure_file.rb')
-rw-r--r-- | app/models/ci/secure_file.rb | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/app/models/ci/secure_file.rb b/app/models/ci/secure_file.rb index 9a35f1876c9..ffff7eebbee 100644 --- a/app/models/ci/secure_file.rb +++ b/app/models/ci/secure_file.rb @@ -7,6 +7,7 @@ module Ci FILE_SIZE_LIMIT = 5.megabytes.freeze CHECKSUM_ALGORITHM = 'sha256' + PARSABLE_EXTENSIONS = %w[cer p12 mobileprovision].freeze self.limit_scope = :project self.limit_name = 'project_ci_secure_files' @@ -16,6 +17,7 @@ module Ci validates :file, presence: true, file_size: { maximum: FILE_SIZE_LIMIT } validates :checksum, :file_store, :name, :project_id, presence: true validates :name, uniqueness: { scope: :project } + validates :metadata, json_schema: { filename: "ci_secure_file_metadata" }, allow_nil: true after_initialize :generate_key_data before_validation :assign_checksum @@ -23,6 +25,8 @@ module Ci scope :order_by_created_at, -> { order(created_at: :desc) } scope :project_id_in, ->(ids) { where(project_id: ids) } + serialize :metadata, Serializers::Json # rubocop:disable Cop/ActiveRecordSerialize + default_value_for(:file_store) { Ci::SecureFileUploader.default_store } mount_file_store_uploader Ci::SecureFileUploader @@ -31,6 +35,41 @@ module Ci CHECKSUM_ALGORITHM end + def file_extension + File.extname(name).delete_prefix('.') + end + + def metadata_parsable? + PARSABLE_EXTENSIONS.include?(file_extension) + end + + def metadata_parser + return unless metadata_parsable? + + case file_extension + when 'cer' + Gitlab::Ci::SecureFiles::Cer.new(file.read) + when 'p12' + Gitlab::Ci::SecureFiles::P12.new(file.read) + when 'mobileprovision' + Gitlab::Ci::SecureFiles::MobileProvision.new(file.read) + end + end + + def update_metadata! + return unless metadata_parser + + begin + parser = metadata_parser + self.metadata = parser.metadata + self.expires_at = parser.metadata[:expires_at] + save! + rescue StandardError => err + Gitlab::AppLogger.error("Secure File Parser Failure (#{id}): #{err.message} - #{parser.error}.") + nil + end + end + private def assign_checksum |