diff options
| author | Kamil TrzciĆski <ayufan@ayufan.eu> | 2018-12-06 09:42:18 +0000 |
|---|---|---|
| committer | Grzegorz Bizon <grzesiek.bizon@gmail.com> | 2018-12-07 10:42:47 +0100 |
| commit | a910c09bbc8c56002db10d669e4ae1e4bdef9f4d (patch) | |
| tree | c297c90f20e68b9b7f9b2dd23e3a0b96df4147e2 /db | |
| parent | a2e06ad3034cd1e007b78514a5c1f47feef7b648 (diff) | |
| download | gitlab-ce-a910c09bbc8c56002db10d669e4ae1e4bdef9f4d.tar.gz | |
Encrypt CI/CD builds tokens
Brings back 1e8f1de0 reverted in !23644
Closes #52342
See merge request gitlab-org/gitlab-ce!23436
Diffstat (limited to 'db')
| -rw-r--r-- | db/migrate/20181129104854_add_token_encrypted_to_ci_builds.rb | 11 | ||||
| -rw-r--r-- | db/migrate/20181129104944_add_index_to_ci_builds_token_encrypted.rb | 17 | ||||
| -rw-r--r-- | db/schema.rb | 2 |
3 files changed, 30 insertions, 0 deletions
diff --git a/db/migrate/20181129104854_add_token_encrypted_to_ci_builds.rb b/db/migrate/20181129104854_add_token_encrypted_to_ci_builds.rb new file mode 100644 index 00000000000..11b98203793 --- /dev/null +++ b/db/migrate/20181129104854_add_token_encrypted_to_ci_builds.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +class AddTokenEncryptedToCiBuilds < ActiveRecord::Migration[5.0] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + def change + add_column :ci_builds, :token_encrypted, :string + end +end diff --git a/db/migrate/20181129104944_add_index_to_ci_builds_token_encrypted.rb b/db/migrate/20181129104944_add_index_to_ci_builds_token_encrypted.rb new file mode 100644 index 00000000000..f90aca008e5 --- /dev/null +++ b/db/migrate/20181129104944_add_index_to_ci_builds_token_encrypted.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +class AddIndexToCiBuildsTokenEncrypted < ActiveRecord::Migration[5.0] + include Gitlab::Database::MigrationHelpers + + DOWNTIME = false + + disable_ddl_transaction! + + def up + add_concurrent_index :ci_builds, :token_encrypted, unique: true, where: 'token_encrypted IS NOT NULL' + end + + def down + remove_concurrent_index :ci_builds, :token_encrypted + end +end diff --git a/db/schema.rb b/db/schema.rb index fc73d30fb1f..d7124100621 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -345,6 +345,7 @@ ActiveRecord::Schema.define(version: 20181203002526) do t.boolean "protected" t.integer "failure_reason" t.datetime_with_timezone "scheduled_at" + t.string "token_encrypted" t.index ["artifacts_expire_at"], name: "index_ci_builds_on_artifacts_expire_at", where: "(artifacts_file <> ''::text)", using: :btree t.index ["auto_canceled_by_id"], name: "index_ci_builds_on_auto_canceled_by_id", using: :btree t.index ["commit_id", "stage_idx", "created_at"], name: "index_ci_builds_on_commit_id_and_stage_idx_and_created_at", using: :btree @@ -361,6 +362,7 @@ ActiveRecord::Schema.define(version: 20181203002526) do t.index ["stage_id"], name: "index_ci_builds_on_stage_id", using: :btree t.index ["status", "type", "runner_id"], name: "index_ci_builds_on_status_and_type_and_runner_id", using: :btree t.index ["token"], name: "index_ci_builds_on_token", unique: true, using: :btree + t.index ["token_encrypted"], name: "index_ci_builds_on_token_encrypted", unique: true, where: "(token_encrypted IS NOT NULL)", using: :btree t.index ["updated_at"], name: "index_ci_builds_on_updated_at", using: :btree t.index ["user_id"], name: "index_ci_builds_on_user_id", using: :btree end |