diff options
author | Nick Thomas <nick@gitlab.com> | 2019-06-06 14:00:17 +0000 |
---|---|---|
committer | Nick Thomas <nick@gitlab.com> | 2019-06-06 14:00:17 +0000 |
commit | e5aba4b153d4ebaa8a6b0683f7ecae706e9c7e45 (patch) | |
tree | 046df7d2929558adae980f2c362253bf499d0f46 | |
parent | 64c6987dfdcd5cb78b4a192a4632b227eabe801f (diff) | |
parent | 10dcfac1f17cffbbc542d47bdf27b682ab453dd2 (diff) | |
download | gitlab-ce-e5aba4b153d4ebaa8a6b0683f7ecae706e9c7e45.tar.gz |
Merge branch 'revert-a05f86ce' into 'master'
Revert "Merge branch 'pages-domain_ssl-valid-period' into 'master'"
Closes #62861
See merge request gitlab-org/gitlab-ce!29273
8 files changed, 2 insertions, 155 deletions
diff --git a/app/models/pages_domain.rb b/app/models/pages_domain.rb index 8313d33f101..407d85b1520 100644 --- a/app/models/pages_domain.rb +++ b/app/models/pages_domain.rb @@ -134,14 +134,6 @@ class PagesDomain < ApplicationRecord "#{VERIFICATION_KEY}=#{verification_code}" end - def certificate=(certificate) - super(certificate) - - # set nil, if certificate is nil - self.certificate_valid_not_before = x509&.not_before - self.certificate_valid_not_after = x509&.not_after - end - private def set_verification_code @@ -194,7 +186,7 @@ class PagesDomain < ApplicationRecord end def x509 - return unless certificate.present? + return unless certificate @x509 ||= OpenSSL::X509::Certificate.new(certificate) rescue OpenSSL::X509::CertificateError diff --git a/db/migrate/20190524071727_add_ssl_valid_period_to_pages_domain.rb b/db/migrate/20190524071727_add_ssl_valid_period_to_pages_domain.rb deleted file mode 100644 index 18544dcb6d3..00000000000 --- a/db/migrate/20190524071727_add_ssl_valid_period_to_pages_domain.rb +++ /dev/null @@ -1,16 +0,0 @@ -# frozen_string_literal: true - -# See http://doc.gitlab.com/ce/development/migration_style_guide.html -# for more information on how to write migrations for GitLab. - -class AddSslValidPeriodToPagesDomain < ActiveRecord::Migration[5.1] - include Gitlab::Database::MigrationHelpers - - # Set this constant to true if this migration requires downtime. - DOWNTIME = false - - def change - add_column :pages_domains, :certificate_valid_not_before, :datetime_with_timezone - add_column :pages_domains, :certificate_valid_not_after, :datetime_with_timezone - end -end diff --git a/db/post_migrate/20190524073827_schedule_fill_valid_time_for_pages_domain_certificates.rb b/db/post_migrate/20190524073827_schedule_fill_valid_time_for_pages_domain_certificates.rb deleted file mode 100644 index 1d8510e4514..00000000000 --- a/db/post_migrate/20190524073827_schedule_fill_valid_time_for_pages_domain_certificates.rb +++ /dev/null @@ -1,34 +0,0 @@ -# frozen_string_literal: true - -# See http://doc.gitlab.com/ce/development/migration_style_guide.html -# for more information on how to write migrations for GitLab. - -class ScheduleFillValidTimeForPagesDomainCertificates < ActiveRecord::Migration[5.1] - include Gitlab::Database::MigrationHelpers - - MIGRATION = 'FillValidTimeForPagesDomainCertificate' - BATCH_SIZE = 500 - BATCH_TIME = 5.minutes - - # Set this constant to true if this migration requires downtime. - DOWNTIME = false - - disable_ddl_transaction! - - class PagesDomain < ActiveRecord::Base - include ::EachBatch - - self.table_name = 'pages_domains' - end - - def up - queue_background_migration_jobs_by_range_at_intervals( - PagesDomain.where.not(certificate: [nil, '']), - MIGRATION, - BATCH_TIME, - batch_size: BATCH_SIZE) - end - - def down - end -end diff --git a/db/schema.rb b/db/schema.rb index a144c3a97ff..fcf9e397ac1 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -1583,8 +1583,6 @@ ActiveRecord::Schema.define(version: 20190530154715) do t.datetime_with_timezone "enabled_until" t.datetime_with_timezone "remove_at" t.boolean "auto_ssl_enabled", default: false, null: false - t.datetime_with_timezone "certificate_valid_not_before" - t.datetime_with_timezone "certificate_valid_not_after" t.index ["domain"], name: "index_pages_domains_on_domain", unique: true, using: :btree t.index ["project_id", "enabled_until"], name: "index_pages_domains_on_project_id_and_enabled_until", using: :btree t.index ["project_id"], name: "index_pages_domains_on_project_id", using: :btree diff --git a/lib/gitlab/background_migration/fill_valid_time_for_pages_domain_certificate.rb b/lib/gitlab/background_migration/fill_valid_time_for_pages_domain_certificate.rb deleted file mode 100644 index 6bc39034ada..00000000000 --- a/lib/gitlab/background_migration/fill_valid_time_for_pages_domain_certificate.rb +++ /dev/null @@ -1,32 +0,0 @@ -# frozen_string_literal: true - -module Gitlab - module BackgroundMigration - # save validity time pages domain - class FillValidTimeForPagesDomainCertificate - # define PagesDomain with only needed code - class PagesDomain < ActiveRecord::Base - self.table_name = 'pages_domains' - - def x509 - return unless certificate.present? - - @x509 ||= OpenSSL::X509::Certificate.new(certificate) - rescue OpenSSL::X509::CertificateError - nil - end - end - - def perform(start_id, stop_id) - PagesDomain.where(id: start_id..stop_id).find_each do |domain| - domain.update_columns( - certificate_valid_not_before: domain.x509&.not_before&.iso8601, - certificate_valid_not_after: domain.x509&.not_after&.iso8601 - ) - rescue => e - Rails.logger.error "Failed to update pages domain certificate valid time. id: #{domain.id}, message: #{e.message}" - end - end - end - end -end diff --git a/spec/migrations/enqueue_verify_pages_domain_workers_spec.rb b/spec/migrations/enqueue_verify_pages_domain_workers_spec.rb index abf39317188..afcaefa0591 100644 --- a/spec/migrations/enqueue_verify_pages_domain_workers_spec.rb +++ b/spec/migrations/enqueue_verify_pages_domain_workers_spec.rb @@ -8,13 +8,9 @@ describe EnqueueVerifyPagesDomainWorkers, :sidekiq, :migration do end end - let(:domains_table) { table(:pages_domains) } - describe '#up' do it 'enqueues a verification worker for every domain' do - domains = Array.new(3) do |i| - domains_table.create!(domain: "my#{i}.domain.com", verification_code: "123#{i}") - end + domains = 1.upto(3).map { |i| PagesDomain.create!(domain: "my#{i}.domain.com") } expect { migrate! }.to change(PagesDomainVerificationWorker.jobs, :size).by(3) diff --git a/spec/migrations/schedule_fill_valid_time_for_pages_domain_certificates_spec.rb b/spec/migrations/schedule_fill_valid_time_for_pages_domain_certificates_spec.rb deleted file mode 100644 index 54f3e264df0..00000000000 --- a/spec/migrations/schedule_fill_valid_time_for_pages_domain_certificates_spec.rb +++ /dev/null @@ -1,46 +0,0 @@ -require 'spec_helper' -require Rails.root.join('db', 'post_migrate', '20190524073827_schedule_fill_valid_time_for_pages_domain_certificates.rb') - -describe ScheduleFillValidTimeForPagesDomainCertificates, :migration, :sidekiq do - let(:migration_class) { described_class::MIGRATION } - let(:migration_name) { migration_class.to_s.demodulize } - - let(:domains_table) { table(:pages_domains) } - - let(:certificate) do - File.read('spec/fixtures/passphrase_x509_certificate.crt') - end - - before do - domains_table.create!(domain: "domain1.example.com", verification_code: "123") - domains_table.create!(domain: "domain2.example.com", verification_code: "123", certificate: '') - domains_table.create!(domain: "domain3.example.com", verification_code: "123", certificate: certificate) - domains_table.create!(domain: "domain4.example.com", verification_code: "123", certificate: certificate) - end - - it 'correctly schedules background migrations' do - Sidekiq::Testing.fake! do - Timecop.freeze do - migrate! - - first_id = domains_table.find_by_domain("domain3.example.com").id - last_id = domains_table.find_by_domain("domain4.example.com").id - - expect(migration_name).to be_scheduled_delayed_migration(5.minutes, first_id, last_id) - expect(BackgroundMigrationWorker.jobs.size).to eq(1) - end - end - end - - it 'sets certificate valid_not_before/not_after' do - perform_enqueued_jobs do - migrate! - - domain = domains_table.find_by_domain("domain3.example.com") - expect(domain.certificate_valid_not_before) - .to eq(Time.parse("2018-03-23 14:02:08 UTC")) - expect(domain.certificate_valid_not_after) - .to eq(Time.parse("2019-03-23 14:02:08 UTC")) - end - end -end diff --git a/spec/models/pages_domain_spec.rb b/spec/models/pages_domain_spec.rb index fdc81359d34..ec4d4517f82 100644 --- a/spec/models/pages_domain_spec.rb +++ b/spec/models/pages_domain_spec.rb @@ -81,17 +81,6 @@ describe PagesDomain do end end - describe 'when certificate is specified' do - let(:domain) { build(:pages_domain) } - - it 'saves validity time' do - domain.save - - expect(domain.certificate_valid_not_before).to be_like_time(Time.parse("2016-02-12 14:32:00 UTC")) - expect(domain.certificate_valid_not_after).to be_like_time(Time.parse("2020-04-12 14:32:00 UTC")) - end - end - describe 'validate certificate' do subject { domain } |