diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-04-20 17:45:35 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-04-20 17:45:35 +0000 |
commit | 3ded1f58623471f9ef6092038974d52e564fcd2b (patch) | |
tree | 1f71c69b82db55700dd13aa4bfa1a0eebfdba686 /lib | |
parent | dfc94207fec2d84314b1a5410cface22e8b369bd (diff) | |
download | gitlab-ce-3ded1f58623471f9ef6092038974d52e564fcd2b.tar.gz |
Add latest changes from gitlab-org/gitlab@15-11-stable-ee
Diffstat (limited to 'lib')
-rw-r--r-- | lib/api/terraform/state.rb | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/lib/api/terraform/state.rb b/lib/api/terraform/state.rb index 8017a195f28..184690f9979 100644 --- a/lib/api/terraform/state.rb +++ b/lib/api/terraform/state.rb @@ -55,6 +55,17 @@ module API def remote_state_handler ::Terraform::RemoteStateHandler.new(user_project, current_user, name: params[:name], lock_id: params[:ID]) end + + def not_found_for_dots? + Feature.disabled?(:allow_dots_on_tf_state_names) && params[:name].include?(".") + end + + # Change the state name to behave like before, https://gitlab.com/gitlab-org/gitlab/-/merge_requests/105674 + # has been introduced. This behavior can be controlled via `allow_dots_on_tf_state_names` FF. + # See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106861 + def legacy_state_name! + params[:name] = params[:name].split('.').first + end end desc 'Get a Terraform state by its name' do @@ -72,6 +83,8 @@ module API end route_setting :authentication, basic_auth_personal_access_token: true, job_token_allowed: :basic_auth get do + legacy_state_name! if not_found_for_dots? + remote_state_handler.find_with_lock do |state| no_content! unless state.latest_file && state.latest_file.exists? @@ -96,6 +109,7 @@ module API route_setting :authentication, basic_auth_personal_access_token: true, job_token_allowed: :basic_auth post do authorize! :admin_terraform_state, user_project + legacy_state_name! if not_found_for_dots? data = request.body.read no_content! if data.empty? @@ -124,6 +138,7 @@ module API route_setting :authentication, basic_auth_personal_access_token: true, job_token_allowed: :basic_auth delete do authorize! :admin_terraform_state, user_project + legacy_state_name! if not_found_for_dots? remote_state_handler.find_with_lock do |state| ::Terraform::States::TriggerDestroyService.new(state, current_user: current_user).execute @@ -155,6 +170,8 @@ module API requires :Path, type: String, desc: 'Terraform path' end post '/lock' do + not_found! if not_found_for_dots? + authorize! :admin_terraform_state, user_project status_code = :ok @@ -198,6 +215,8 @@ module API optional :ID, type: String, limit: 255, desc: 'Terraform state lock ID' end delete '/lock' do + not_found! if not_found_for_dots? + authorize! :admin_terraform_state, user_project remote_state_handler.unlock! |