diff options
author | Michael Kozono <mkozono@gmail.com> | 2017-06-26 14:40:08 -0700 |
---|---|---|
committer | James Edwards-Jones <jedwardsjones@gitlab.com> | 2018-01-08 20:34:20 +0000 |
commit | 797fe0a6e6ce2f1241d2bd22c4b491c367e796fd (patch) | |
tree | 78438fea72a5837c81efedc7055624cb5e558588 /db | |
parent | bcffeade9df825d40a4fe9cf9c1401b326c1fa9e (diff) | |
download | gitlab-ce-797fe0a6e6ce2f1241d2bd22c4b491c367e796fd.tar.gz |
Backport authorized_keys_enabled defaults to true'
Originally from branch 'fix-authorized-keys-enabled-default-2738' via merge request https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2240
Removed background migrations which were intended to fix state after using Gitlab
without a default having been set
Squashed commits:
Locally, if Spring was not restarted, `current_application_settings` was still cached, which prevented the migration from editing the file. This will also ensure that any app server somehow hitting old cache data will properly default this setting regardless.
Retroactively fix migration
This allows us to identify customers who ran the broken migration. Their `authorized_keys_enabled` column does not have a default at this point.
We will fix the column after we fix the `authorized_keys` file.
Fix authorized_keys file if needed
Add default to authorized_keys_enabled setting
Reminder: The original migration was fixed retroactively a few commits ago, so people who did not ever run GitLab 9.3.0 already have a column that defaults to true and disallows nulls. I have tested on PostgreSQL and MySQL that it is safe to run this migration regardless.
Affected customers who did run 9.3.0 are the ones who need this migration to fix the authorized_keys_enabled column.
The reason for the retroactive fix plus this migration is that it allows us to run a migration in between to fix the authorized_keys file only for those who ran 9.3.0.
Tweaks to address feedback
Extract work into background migration
Move batch-add-logic to background migration
Do the work synchronously to avoid multiple workers attempting to add batches of keys at the same time.
Also, make the delete portion wait until after adding is done.
Do read and delete work in background migration
Fix Rubocop offenses
Add changelog entry
Inform the user of actions taken or not taken
Prevent unnecessary `select`s and `remove_key`s
Add logs for action taken
Fix optimization
Reuse `Gitlab::ShellAdapter`
Guarantee the earliest key
Fix migration spec for MySQL
Diffstat (limited to 'db')
-rw-r--r-- | db/migrate/20170531180233_add_authorized_keys_enabled_to_application_settings.rb | 12 | ||||
-rw-r--r-- | db/schema.rb | 2 |
2 files changed, 9 insertions, 5 deletions
diff --git a/db/migrate/20170531180233_add_authorized_keys_enabled_to_application_settings.rb b/db/migrate/20170531180233_add_authorized_keys_enabled_to_application_settings.rb index fdae309946c..1d86a531eb3 100644 --- a/db/migrate/20170531180233_add_authorized_keys_enabled_to_application_settings.rb +++ b/db/migrate/20170531180233_add_authorized_keys_enabled_to_application_settings.rb @@ -7,9 +7,13 @@ class AddAuthorizedKeysEnabledToApplicationSettings < ActiveRecord::Migration # Set this constant to true if this migration requires downtime. DOWNTIME = false - def change - # allow_null: true because we want to set the default based on if the - # instance is configured to use AuthorizedKeysCommand - add_column :application_settings, :authorized_keys_enabled, :boolean, allow_null: true + disable_ddl_transaction! + + def up + add_column_with_default :application_settings, :authorized_keys_enabled, :boolean, default: true, allow_null: false + end + + def down + remove_column :application_settings, :authorized_keys_enabled end end diff --git a/db/schema.rb b/db/schema.rb index 11273d2a82e..840abffd9f4 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -154,7 +154,7 @@ ActiveRecord::Schema.define(version: 20171230123729) do t.integer "gitaly_timeout_default", default: 55, null: false t.integer "gitaly_timeout_medium", default: 30, null: false t.integer "gitaly_timeout_fast", default: 10, null: false - t.boolean "authorized_keys_enabled" + t.boolean "authorized_keys_enabled", default: true, null: false end create_table "audit_events", force: :cascade do |t| |