diff options
| author | Kamil Trzciński <ayufan@ayufan.eu> | 2018-12-06 09:42:18 +0000 |
|---|---|---|
| committer | Kamil Trzciński <ayufan@ayufan.eu> | 2018-12-06 09:42:18 +0000 |
| commit | 1e8f1de034aa9b6a60b640b2b091f60c4d3ba365 (patch) | |
| tree | abd80e929711138c27e065589e5285abe52ed314 /db | |
| parent | 62d971129da99936a3cdc04f3740d26f16a0c7a6 (diff) | |
| parent | 73f872448b59600eca792f9a34e2c8bfa976afde (diff) | |
| download | gitlab-ce-1e8f1de034aa9b6a60b640b2b091f60c4d3ba365.tar.gz | |
Merge branch 'fix/gb/encrypt-ci-build-token' into 'master'
Encrypt CI/CD builds tokens
Closes #52342
See merge request gitlab-org/gitlab-ce!23436
Diffstat (limited to 'db')
| -rw-r--r-- | db/migrate/20181129104854_add_token_encrypted_to_ci_builds.rb | 11 | ||||
| -rw-r--r-- | db/migrate/20181129104944_add_index_to_ci_builds_token_encrypted.rb | 17 | ||||
| -rw-r--r-- | db/schema.rb | 4 |
3 files changed, 31 insertions, 1 deletions
diff --git a/db/migrate/20181129104854_add_token_encrypted_to_ci_builds.rb b/db/migrate/20181129104854_add_token_encrypted_to_ci_builds.rb new file mode 100644 index 00000000000..11b98203793 --- /dev/null +++ b/db/migrate/20181129104854_add_token_encrypted_to_ci_builds.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +class AddTokenEncryptedToCiBuilds < ActiveRecord::Migration[5.0] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + def change + add_column :ci_builds, :token_encrypted, :string + end +end diff --git a/db/migrate/20181129104944_add_index_to_ci_builds_token_encrypted.rb b/db/migrate/20181129104944_add_index_to_ci_builds_token_encrypted.rb new file mode 100644 index 00000000000..f90aca008e5 --- /dev/null +++ b/db/migrate/20181129104944_add_index_to_ci_builds_token_encrypted.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +class AddIndexToCiBuildsTokenEncrypted < ActiveRecord::Migration[5.0] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + disable_ddl_transaction! + + def up + add_concurrent_index :ci_builds, :token_encrypted, unique: true, where: 'token_encrypted IS NOT NULL' + end + + def down + remove_concurrent_index :ci_builds, :token_encrypted + end +end diff --git a/db/schema.rb b/db/schema.rb index 65a69c2850c..c6088d3795f 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20181126153547) do +ActiveRecord::Schema.define(version: 20181129104944) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" @@ -345,6 +345,7 @@ ActiveRecord::Schema.define(version: 20181126153547) do t.boolean "protected" t.integer "failure_reason" t.datetime_with_timezone "scheduled_at" + t.string "token_encrypted" t.index ["artifacts_expire_at"], name: "index_ci_builds_on_artifacts_expire_at", where: "(artifacts_file <> ''::text)", using: :btree t.index ["auto_canceled_by_id"], name: "index_ci_builds_on_auto_canceled_by_id", using: :btree t.index ["commit_id", "stage_idx", "created_at"], name: "index_ci_builds_on_commit_id_and_stage_idx_and_created_at", using: :btree @@ -360,6 +361,7 @@ ActiveRecord::Schema.define(version: 20181126153547) do t.index ["stage_id"], name: "index_ci_builds_on_stage_id", using: :btree t.index ["status", "type", "runner_id"], name: "index_ci_builds_on_status_and_type_and_runner_id", using: :btree t.index ["token"], name: "index_ci_builds_on_token", unique: true, using: :btree + t.index ["token_encrypted"], name: "index_ci_builds_on_token_encrypted", unique: true, where: "(token_encrypted IS NOT NULL)", using: :btree t.index ["updated_at"], name: "index_ci_builds_on_updated_at", using: :btree t.index ["user_id"], name: "index_ci_builds_on_user_id", using: :btree end |