diff options
Diffstat (limited to 'db')
10 files changed, 256 insertions, 3 deletions
diff --git a/db/migrate/20190527011309_add_required_template_name_to_application_settings.rb b/db/migrate/20190527011309_add_required_template_name_to_application_settings.rb new file mode 100644 index 00000000000..6cbac0ed507 --- /dev/null +++ b/db/migrate/20190527011309_add_required_template_name_to_application_settings.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +# See http://doc.gitlab.com/ce/development/migration_style_guide.html +# for more information on how to write migrations for GitLab. + +class AddRequiredTemplateNameToApplicationSettings < ActiveRecord::Migration[5.1] + include Gitlab::Database::MigrationHelpers + + # Set this constant to true if this migration requires downtime. + DOWNTIME = false + + def change + add_column :application_settings, :required_instance_ci_template, :string, null: true + end +end diff --git a/db/migrate/20190606054649_change_operations_feature_flags_clients_token_not_null.rb b/db/migrate/20190606054649_change_operations_feature_flags_clients_token_not_null.rb new file mode 100644 index 00000000000..c9dbb48f5bd --- /dev/null +++ b/db/migrate/20190606054649_change_operations_feature_flags_clients_token_not_null.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +class ChangeOperationsFeatureFlagsClientsTokenNotNull < ActiveRecord::Migration[5.1] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + def change + change_column_null :operations_feature_flags_clients, :token, true + end +end diff --git a/db/migrate/20190606054742_add_token_encrypted_to_operations_feature_flags_clients.rb b/db/migrate/20190606054742_add_token_encrypted_to_operations_feature_flags_clients.rb new file mode 100644 index 00000000000..024b5bd2ba5 --- /dev/null +++ b/db/migrate/20190606054742_add_token_encrypted_to_operations_feature_flags_clients.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +class AddTokenEncryptedToOperationsFeatureFlagsClients < ActiveRecord::Migration[5.1] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + def change + add_column :operations_feature_flags_clients, :token_encrypted, :string + end +end diff --git a/db/migrate/20190606054832_add_index_to_operations_feature_flags_clients_token_encrypted.rb b/db/migrate/20190606054832_add_index_to_operations_feature_flags_clients_token_encrypted.rb new file mode 100644 index 00000000000..5627457af5c --- /dev/null +++ b/db/migrate/20190606054832_add_index_to_operations_feature_flags_clients_token_encrypted.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +class AddIndexToOperationsFeatureFlagsClientsTokenEncrypted < ActiveRecord::Migration[5.1] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + disable_ddl_transaction! + + def up + add_concurrent_index :operations_feature_flags_clients, [:project_id, :token_encrypted], + unique: true, name: "index_feature_flags_clients_on_project_id_and_token_encrypted" + end + + def down + remove_concurrent_index_by_name :operations_feature_flags_clients, "index_feature_flags_clients_on_project_id_and_token_encrypted" + end +end diff --git a/db/migrate/20190610142825_add_index_to_members_invite_email.rb b/db/migrate/20190610142825_add_index_to_members_invite_email.rb new file mode 100644 index 00000000000..58157cc5313 --- /dev/null +++ b/db/migrate/20190610142825_add_index_to_members_invite_email.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +# See http://doc.gitlab.com/ce/development/migration_style_guide.html +# for more information on how to write migrations for GitLab. + +class AddIndexToMembersInviteEmail < ActiveRecord::Migration[5.1] + include Gitlab::Database::MigrationHelpers + + # Set this constant to true if this migration requires downtime. + DOWNTIME = false + + disable_ddl_transaction! + + def up + add_concurrent_index :members, [:invite_email] + end + + def down + remove_concurrent_index :members, [:invite_email] + end +end diff --git a/db/migrate/20190613030606_enable_hashed_storage_by_default.rb b/db/migrate/20190613030606_enable_hashed_storage_by_default.rb new file mode 100644 index 00000000000..8edefd1273e --- /dev/null +++ b/db/migrate/20190613030606_enable_hashed_storage_by_default.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +class EnableHashedStorageByDefault < ActiveRecord::Migration[5.1] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + def up + change_column_default :application_settings, :hashed_storage_enabled, true + end + + def down + change_column_default :application_settings, :hashed_storage_enabled, false + end +end diff --git a/db/post_migrate/20190517153211_migrate_k8s_service_integration.rb b/db/post_migrate/20190517153211_migrate_k8s_service_integration.rb new file mode 100644 index 00000000000..4bd04edb239 --- /dev/null +++ b/db/post_migrate/20190517153211_migrate_k8s_service_integration.rb @@ -0,0 +1,104 @@ +# frozen_string_literal: true + +class MigrateK8sServiceIntegration < ActiveRecord::Migration[5.1] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + class Cluster < ActiveRecord::Base + self.table_name = 'clusters' + + has_one :platform_kubernetes, class_name: 'MigrateK8sServiceIntegration::PlatformsKubernetes' + + accepts_nested_attributes_for :platform_kubernetes + + enum cluster_type: { + instance_type: 1, + group_type: 2, + project_type: 3 + } + + enum platform_type: { + kubernetes: 1 + } + + enum provider_type: { + user: 0, + gcp: 1 + } + end + + class PlatformsKubernetes < ActiveRecord::Base + self.table_name = 'cluster_platforms_kubernetes' + + belongs_to :cluster, class_name: 'MigrateK8sServiceIntegration::Cluster' + + attr_encrypted :token, + mode: :per_attribute_iv, + key: Settings.attr_encrypted_db_key_base_truncated, + algorithm: 'aes-256-cbc' + end + + class Service < ActiveRecord::Base + include EachBatch + + self.table_name = 'services' + self.inheritance_column = :_type_disabled # Disable STI, otherwise KubernetesModel will be looked up + + belongs_to :project, class_name: 'MigrateK8sServiceIntegration::Project', foreign_key: :project_id + + scope :kubernetes_service_templates, -> do + where(category: 'deployment', type: 'KubernetesService', template: true) + end + + def api_url + parsed_properties['api_url'].presence + end + + def ca_pem + parsed_properties['ca_pem'] + end + + def namespace + parsed_properties['namespace'].presence + end + + def token + parsed_properties['token'].presence + end + + private + + def parsed_properties + @parsed_properties ||= JSON.parse(self.properties) + end + end + + def up + has_instance_cluster = Cluster.instance_type.where(enabled: true).exists? + + MigrateK8sServiceIntegration::Service.kubernetes_service_templates.find_each do |service| + next unless service.api_url && service.token + + MigrateK8sServiceIntegration::Cluster.create!( + enabled: !has_instance_cluster && service.active, + managed: false, + name: 'KubernetesService', + cluster_type: 'instance_type', + provider_type: 'user', + platform_type: 'kubernetes', + platform_kubernetes_attributes: { + api_url: service.api_url, + ca_cert: service.ca_pem, + namespace: service.namespace, + token: service.token + } + ) + end + end + + def down + # It is not possible to tell which instance-level clusters were created by + # this migration. The original data is intentionally left intact. + end +end diff --git a/db/post_migrate/20190606175050_encrypt_feature_flags_clients_tokens.rb b/db/post_migrate/20190606175050_encrypt_feature_flags_clients_tokens.rb new file mode 100644 index 00000000000..cb7d723670f --- /dev/null +++ b/db/post_migrate/20190606175050_encrypt_feature_flags_clients_tokens.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +class EncryptFeatureFlagsClientsTokens < ActiveRecord::Migration[5.1] + DOWNTIME = false + + class FeatureFlagsClient < ActiveRecord::Base + self.table_name = 'operations_feature_flags_clients' + end + + def up + say_with_time("Encrypting tokens from operations_feature_flags_clients") do + FeatureFlagsClient.where('token_encrypted is NULL AND token IS NOT NULL').find_each do |feature_flags_client| + token_encrypted = Gitlab::CryptoHelper.aes256_gcm_encrypt(feature_flags_client.token) + feature_flags_client.update!(token_encrypted: token_encrypted) + end + end + end + + def down + say_with_time("Decrypting tokens from operations_feature_flags_clients") do + FeatureFlagsClient.where('token_encrypted IS NOT NULL AND token IS NULL').find_each do |feature_flags_client| + token = Gitlab::CryptoHelper.aes256_gcm_decrypt(feature_flags_client.token_encrypted) + feature_flags_client.update!(token: token) + end + end + end +end diff --git a/db/post_migrate/20190611161642_add_index_to_events_and_audit_events_created_at_author_id.rb b/db/post_migrate/20190611161642_add_index_to_events_and_audit_events_created_at_author_id.rb new file mode 100644 index 00000000000..342e83d6322 --- /dev/null +++ b/db/post_migrate/20190611161642_add_index_to_events_and_audit_events_created_at_author_id.rb @@ -0,0 +1,25 @@ +# frozen_string_literal: true + +# See http://doc.gitlab.com/ce/development/migration_style_guide.html +# for more information on how to write migrations for GitLab. + +class AddIndexToEventsAndAuditEventsCreatedAtAuthorId < ActiveRecord::Migration[5.1] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + INDEX_NAME = 'analytics_index_%s_on_created_at_and_author_id'.freeze + EVENTS_INDEX_NAME = (INDEX_NAME % 'events').freeze + AUDIT_EVENTS_INDEX_NAME = (INDEX_NAME % 'audit_events').freeze + + disable_ddl_transaction! + + def up + add_concurrent_index :events, [:created_at, :author_id], name: EVENTS_INDEX_NAME + add_concurrent_index :audit_events, [:created_at, :author_id], name: AUDIT_EVENTS_INDEX_NAME + end + + def down + remove_concurrent_index_by_name :events, EVENTS_INDEX_NAME + remove_concurrent_index_by_name :audit_events, AUDIT_EVENTS_INDEX_NAME + end +end diff --git a/db/schema.rb b/db/schema.rb index b7dd096aea7..a9643d70966 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20190611161641) do +ActiveRecord::Schema.define(version: 20190613030606) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -141,7 +141,7 @@ ActiveRecord::Schema.define(version: 20190611161641) do t.boolean "help_page_hide_commercial_content", default: false t.string "help_page_support_url" t.integer "performance_bar_allowed_group_id" - t.boolean "hashed_storage_enabled", default: false, null: false + t.boolean "hashed_storage_enabled", default: true, null: false t.boolean "project_export_enabled", default: true, null: false t.boolean "auto_devops_enabled", default: true, null: false t.boolean "throttle_unauthenticated_enabled", default: false, null: false @@ -194,6 +194,7 @@ ActiveRecord::Schema.define(version: 20190611161641) do t.integer "elasticsearch_replicas", default: 1, null: false t.text "encrypted_lets_encrypt_private_key" t.text "encrypted_lets_encrypt_private_key_iv" + t.string "required_instance_ci_template" t.boolean "dns_rebinding_protection_enabled", default: true, null: false t.boolean "default_project_deletion_protection", default: false, null: false t.boolean "lock_memberships_to_ldap", default: false, null: false @@ -336,6 +337,7 @@ ActiveRecord::Schema.define(version: 20190611161641) do t.text "details" t.datetime "created_at" t.datetime "updated_at" + t.index ["created_at", "author_id"], name: "analytics_index_audit_events_on_created_at_and_author_id", using: :btree t.index ["entity_id", "entity_type"], name: "index_audit_events_on_entity_id_and_entity_type", using: :btree end @@ -1220,6 +1222,7 @@ ActiveRecord::Schema.define(version: 20190611161641) do t.string "target_type" t.index ["action"], name: "index_events_on_action", using: :btree t.index ["author_id", "project_id"], name: "index_events_on_author_id_and_project_id", using: :btree + t.index ["created_at", "author_id"], name: "analytics_index_events_on_created_at_and_author_id", using: :btree t.index ["project_id", "created_at"], name: "index_events_on_project_id_and_created_at", using: :btree t.index ["project_id", "id"], name: "index_events_on_project_id_and_id", using: :btree t.index ["target_type", "target_id"], name: "index_events_on_target_type_and_target_id", using: :btree @@ -1849,6 +1852,7 @@ ActiveRecord::Schema.define(version: 20190611161641) do t.boolean "ldap", default: false, null: false t.boolean "override", default: false, null: false t.index ["access_level"], name: "index_members_on_access_level", using: :btree + t.index ["invite_email"], name: "index_members_on_invite_email", using: :btree t.index ["invite_token"], name: "index_members_on_invite_token", unique: true, using: :btree t.index ["requested_at"], name: "index_members_on_requested_at", using: :btree t.index ["source_id", "source_type"], name: "index_members_on_source_id_and_source_type", using: :btree @@ -2258,8 +2262,10 @@ ActiveRecord::Schema.define(version: 20190611161641) do create_table "operations_feature_flags_clients", force: :cascade do |t| t.integer "project_id", null: false - t.string "token", null: false + t.string "token" + t.string "token_encrypted" t.index ["project_id", "token"], name: "index_operations_feature_flags_clients_on_project_id_and_token", unique: true, using: :btree + t.index ["project_id", "token_encrypted"], name: "index_feature_flags_clients_on_project_id_and_token_encrypted", unique: true, using: :btree end create_table "packages_maven_metadata", force: :cascade do |t| |