diff options
| author | Stan Hu <stanhu@gmail.com> | 2018-11-27 19:08:53 +0000 |
|---|---|---|
| committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2018-11-30 03:56:52 +0000 |
| commit | 9a6e5cd11506198309008278bb159e0d7c596cbf (patch) | |
| tree | 8aaa3990feb5d314c10c06ba8ec47309bffcfc58 /lib | |
| parent | 98ff03fbdcd42ec13a3ce492323d222b19eb9f85 (diff) | |
| download | gitlab-ce-9a6e5cd11506198309008278bb159e0d7c596cbf.tar.gz | |
Merge branch '53763-fix-encrypt-columns-data-loss' into 'master'
Correctly handle data-loss scenarios when encrypting columns
Closes #53763
See merge request gitlab-org/gitlab-ce!23306
(cherry picked from commit 1524a19302cea096ddf2c008abe1307527ae6938)
6ddefe7c Correctly handle data-loss scenarios when encrypting columns
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/gitlab/background_migration/encrypt_columns.rb | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/lib/gitlab/background_migration/encrypt_columns.rb b/lib/gitlab/background_migration/encrypt_columns.rb index 0d333e47e7b..bd5f12276ab 100644 --- a/lib/gitlab/background_migration/encrypt_columns.rb +++ b/lib/gitlab/background_migration/encrypt_columns.rb @@ -17,6 +17,12 @@ module Gitlab class EncryptColumns def perform(model, attributes, from, to) model = model.constantize if model.is_a?(String) + + # If sidekiq hasn't undergone a restart, its idea of what columns are + # present may be inaccurate, so ensure this is as fresh as possible + model.reset_column_information + model.define_attribute_methods + attributes = expand_attributes(model, Array(attributes).map(&:to_sym)) model.transaction do @@ -41,6 +47,14 @@ module Gitlab raise "Couldn't determine encrypted column for #{klass}##{attribute}" if crypt_column_name.nil? + raise "#{klass} source column: #{attribute} is missing" unless + klass.column_names.include?(attribute.to_s) + + # Running the migration without the destination column being present + # leads to data loss + raise "#{klass} destination column: #{crypt_column_name} is missing" unless + klass.column_names.include?(crypt_column_name.to_s) + [attribute, crypt_column_name] end |