diff options
author | Nick Thomas <nick@gitlab.com> | 2018-10-08 16:03:07 +0100 |
---|---|---|
committer | Nick Thomas <nick@gitlab.com> | 2018-10-09 11:15:02 +0100 |
commit | ff9881d99193bd64d112bb03311aecd75f4270ae (patch) | |
tree | a5e336ea308e89f71c0e41cdeccedb47eef59337 | |
parent | c616327c1221dc91318a35769e01ab6932d497ea (diff) | |
download | gitlab-ce-ff9881d99193bd64d112bb03311aecd75f4270ae.tar.gz |
Remove unencrypted webhook token and URL columns
-rw-r--r-- | app/models/hooks/web_hook.rb | 34 | ||||
-rw-r--r-- | changelogs/unreleased/52367-cleanup-web-hooks-columns.yml | 5 | ||||
-rw-r--r-- | db/post_migrate/20181008145341_steal_encrypt_columns.rb | 15 | ||||
-rw-r--r-- | db/post_migrate/20181008145359_remove_web_hooks_token_and_url.rb | 10 | ||||
-rw-r--r-- | db/schema.rb | 4 |
5 files changed, 31 insertions, 37 deletions
diff --git a/app/models/hooks/web_hook.rb b/app/models/hooks/web_hook.rb index 68ba4b213b2..b2fb79bc7ed 100644 --- a/app/models/hooks/web_hook.rb +++ b/app/models/hooks/web_hook.rb @@ -37,38 +37,4 @@ class WebHook < ActiveRecord::Base def allow_local_requests? false end - - # In 11.4, the web_hooks table has both `token` and `encrypted_token` fields. - # Ensure that the encrypted version always takes precedence if present. - alias_method :attr_encrypted_token, :token - def token - attr_encrypted_token.presence || read_attribute(:token) - end - - # In 11.4, the web_hooks table has both `token` and `encrypted_token` fields. - # Pending a background migration to encrypt all fields, we should just clear - # the unencrypted value whenever the new value is set. - alias_method :'attr_encrypted_token=', :'token=' - def token=(value) - self.attr_encrypted_token = value - - write_attribute(:token, nil) - end - - # In 11.4, the web_hooks table has both `url` and `encrypted_url` fields. - # Ensure that the encrypted version always takes precedence if present. - alias_method :attr_encrypted_url, :url - def url - attr_encrypted_url.presence || read_attribute(:url) - end - - # In 11.4, the web_hooks table has both `url` and `encrypted_url` fields. - # Pending a background migration to encrypt all fields, we should just clear - # the unencrypted value whenever the new value is set. - alias_method :'attr_encrypted_url=', :'url=' - def url=(value) - self.attr_encrypted_url = value - - write_attribute(:url, nil) - end end diff --git a/changelogs/unreleased/52367-cleanup-web-hooks-columns.yml b/changelogs/unreleased/52367-cleanup-web-hooks-columns.yml new file mode 100644 index 00000000000..d1f3ca83613 --- /dev/null +++ b/changelogs/unreleased/52367-cleanup-web-hooks-columns.yml @@ -0,0 +1,5 @@ +--- +title: Remove legacy unencrypted webhook columns from the database +merge_request: 22199 +author: +type: changed diff --git a/db/post_migrate/20181008145341_steal_encrypt_columns.rb b/db/post_migrate/20181008145341_steal_encrypt_columns.rb new file mode 100644 index 00000000000..c107ac72913 --- /dev/null +++ b/db/post_migrate/20181008145341_steal_encrypt_columns.rb @@ -0,0 +1,15 @@ +class StealEncryptColumns < ActiveRecord::Migration + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + disable_ddl_transaction! + + def up + Gitlab::BackgroundMigration.steal('EncryptColumns') + end + + def down + # no-op + end +end diff --git a/db/post_migrate/20181008145359_remove_web_hooks_token_and_url.rb b/db/post_migrate/20181008145359_remove_web_hooks_token_and_url.rb new file mode 100644 index 00000000000..0c44bca5f1a --- /dev/null +++ b/db/post_migrate/20181008145359_remove_web_hooks_token_and_url.rb @@ -0,0 +1,10 @@ +class RemoveWebHooksTokenAndUrl < ActiveRecord::Migration + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + def change + remove_column :web_hooks, :token, :string + remove_column :web_hooks, :url, :string, limit: 2000 + end +end diff --git a/db/schema.rb b/db/schema.rb index 4ff0272428a..d47156c6da4 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20181002172433) do +ActiveRecord::Schema.define(version: 20181008145359) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -2256,7 +2256,6 @@ ActiveRecord::Schema.define(version: 20181002172433) do add_index "web_hook_logs", ["web_hook_id"], name: "index_web_hook_logs_on_web_hook_id", using: :btree create_table "web_hooks", force: :cascade do |t| - t.string "url", limit: 2000 t.integer "project_id" t.datetime "created_at" t.datetime "updated_at" @@ -2269,7 +2268,6 @@ ActiveRecord::Schema.define(version: 20181002172433) do t.boolean "note_events", default: false, null: false t.boolean "enable_ssl_verification", default: true t.boolean "wiki_page_events", default: false, null: false - t.string "token" t.boolean "pipeline_events", default: false, null: false t.boolean "confidential_issues_events", default: false, null: false t.boolean "repository_update_events", default: false, null: false |