summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/models/concerns/runners_token_prefixable.rb14
-rw-r--r--app/models/group.rb12
-rw-r--r--app/models/project.rb10
-rw-r--r--config/feature_flags/development/groups_runners_token_prefix.yml8
-rw-r--r--config/feature_flags/development/projects_runners_token_prefix.yml8
-rw-r--r--spec/models/concerns/runners_token_prefixable_spec.rb20
-rw-r--r--spec/models/concerns/token_authenticatable_spec.rb35
-rw-r--r--spec/models/group_spec.rb2
-rw-r--r--spec/models/project_spec.rb2
-rw-r--r--spec/support/shared_examples/models/runners_token_prefix_shared_examples.rb34
10 files changed, 53 insertions, 92 deletions
diff --git a/app/models/concerns/runners_token_prefixable.rb b/app/models/concerns/runners_token_prefixable.rb
new file mode 100644
index 00000000000..1aea874337e
--- /dev/null
+++ b/app/models/concerns/runners_token_prefixable.rb
@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module RunnersTokenPrefixable
+ extend ActiveSupport::Concern
+
+ # Prefix for runners_token which can be used to invalidate existing tokens.
+ # The value chosen here is GR (for Gitlab Runner) combined with the rotation
+ # date (20220225) decimal to hex encoded.
+ RUNNERS_TOKEN_PREFIX = 'GR1348941'
+
+ def runners_token_prefix
+ RUNNERS_TOKEN_PREFIX
+ end
+end
diff --git a/app/models/group.rb b/app/models/group.rb
index a395861fbb6..1d6a3a14450 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -19,14 +19,10 @@ class Group < Namespace
include BulkMemberAccessLoad
include ChronicDurationAttribute
include RunnerTokenExpirationInterval
+ include RunnersTokenPrefixable
extend ::Gitlab::Utils::Override
- # Prefix for runners_token which can be used to invalidate existing tokens.
- # The value chosen here is GR (for Gitlab Runner) combined with the rotation
- # date (20220225) decimal to hex encoded.
- RUNNERS_TOKEN_PREFIX = 'GR1348941'
-
def self.sti_name
'Group'
end
@@ -124,7 +120,7 @@ class Group < Namespace
add_authentication_token_field :runners_token,
encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required },
- prefix: ->(instance) { instance.runners_token_prefix }
+ prefix: RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX
after_create :post_create_hook
after_destroy :post_destroy_hook
@@ -678,10 +674,6 @@ class Group < Namespace
ensure_runners_token!
end
- def runners_token_prefix
- Feature.enabled?(:groups_runners_token_prefix, self, default_enabled: :yaml) ? RUNNERS_TOKEN_PREFIX : ''
- end
-
override :format_runners_token
def format_runners_token(token)
"#{runners_token_prefix}#{token}"
diff --git a/app/models/project.rb b/app/models/project.rb
index de7dd42866f..f89e616a5ca 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -38,6 +38,7 @@ class Project < ApplicationRecord
include GitlabRoutingHelper
include BulkMemberAccessLoad
include RunnerTokenExpirationInterval
+ include RunnersTokenPrefixable
extend Gitlab::Cache::RequestCache
extend Gitlab::Utils::Override
@@ -89,11 +90,6 @@ class Project < ApplicationRecord
DEFAULT_SQUASH_COMMIT_TEMPLATE = '%{title}'
- # Prefix for runners_token which can be used to invalidate existing tokens.
- # The value chosen here is GR (for Gitlab Runner) combined with the rotation
- # date (20220225) decimal to hex encoded.
- RUNNERS_TOKEN_PREFIX = 'GR1348941'
-
cache_markdown_field :description, pipeline: :description
default_value_for :packages_enabled, true
@@ -116,7 +112,7 @@ class Project < ApplicationRecord
add_authentication_token_field :runners_token,
encrypted: -> { Feature.enabled?(:projects_tokens_optional_encryption, default_enabled: true) ? :optional : :required },
- prefix: ->(instance) { instance.runners_token_prefix }
+ prefix: RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX
before_validation :mark_remote_mirrors_for_removal, if: -> { RemoteMirror.table_exists? }
@@ -1881,7 +1877,7 @@ class Project < ApplicationRecord
end
def runners_token_prefix
- Feature.enabled?(:projects_runners_token_prefix, self, default_enabled: :yaml) ? RUNNERS_TOKEN_PREFIX : ''
+ RUNNERS_TOKEN_PREFIX
end
override :format_runners_token
diff --git a/config/feature_flags/development/groups_runners_token_prefix.yml b/config/feature_flags/development/groups_runners_token_prefix.yml
deleted file mode 100644
index 87b87266673..00000000000
--- a/config/feature_flags/development/groups_runners_token_prefix.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-name: groups_runners_token_prefix
-introduced_by_url:
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/353805
-milestone: '14.9'
-type: development
-group: group::database
-default_enabled: true
diff --git a/config/feature_flags/development/projects_runners_token_prefix.yml b/config/feature_flags/development/projects_runners_token_prefix.yml
deleted file mode 100644
index 5dd21d115f6..00000000000
--- a/config/feature_flags/development/projects_runners_token_prefix.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-name: projects_runners_token_prefix
-introduced_by_url:
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/353805
-milestone: '14.9'
-type: development
-group: group::database
-default_enabled: true
diff --git a/spec/models/concerns/runners_token_prefixable_spec.rb b/spec/models/concerns/runners_token_prefixable_spec.rb
new file mode 100644
index 00000000000..6127203987f
--- /dev/null
+++ b/spec/models/concerns/runners_token_prefixable_spec.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe RunnersTokenPrefixable do
+ before do
+ stub_const('DummyModel', Class.new)
+ DummyModel.class_eval do
+ include RunnersTokenPrefixable
+ end
+ end
+
+ describe '.runners_token_prefix' do
+ subject { DummyModel.new }
+
+ it 'returns RUNNERS_TOKEN_PREFIX' do
+ expect(subject.runners_token_prefix).to eq(RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX)
+ end
+ end
+end
diff --git a/spec/models/concerns/token_authenticatable_spec.rb b/spec/models/concerns/token_authenticatable_spec.rb
index 8a9e0248ed3..4534fd3664e 100644
--- a/spec/models/concerns/token_authenticatable_spec.rb
+++ b/spec/models/concerns/token_authenticatable_spec.rb
@@ -435,7 +435,7 @@ RSpec.shared_examples 'prefixed token rotation' do
context 'token is not set' do
it 'generates a new token' do
- expect(subject).to match(/^#{instance.class::RUNNERS_TOKEN_PREFIX}/)
+ expect(subject).to match(/^#{RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX}/)
expect(instance).not_to be_persisted
end
end
@@ -446,26 +446,14 @@ RSpec.shared_examples 'prefixed token rotation' do
end
it 'generates a new token' do
- expect(subject).to match(/^#{instance.class::RUNNERS_TOKEN_PREFIX}/)
+ expect(subject).to match(/^#{RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX}/)
expect(instance).not_to be_persisted
end
-
- context 'feature flag is disabled' do
- before do
- flag = "#{described_class.name.downcase.pluralize}_runners_token_prefix"
- stub_feature_flags(flag => false)
- end
-
- it 'leaves the token unchanged' do
- expect { subject }.not_to change(instance, :runners_token)
- expect(instance).not_to be_persisted
- end
- end
end
context 'token is set and matches prefix' do
before do
- instance.set_runners_token(instance.class::RUNNERS_TOKEN_PREFIX + '-abcdef')
+ instance.set_runners_token(RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX + '-abcdef')
end
it 'leaves the token unchanged' do
@@ -480,7 +468,7 @@ RSpec.shared_examples 'prefixed token rotation' do
context 'token is not set' do
it 'generates a new token' do
- expect(subject).to match(/^#{instance.class::RUNNERS_TOKEN_PREFIX}/)
+ expect(subject).to match(/^#{RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX}/)
expect(instance).to be_persisted
end
end
@@ -491,25 +479,14 @@ RSpec.shared_examples 'prefixed token rotation' do
end
it 'generates a new token' do
- expect(subject).to match(/^#{instance.class::RUNNERS_TOKEN_PREFIX}/)
+ expect(subject).to match(/^#{RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX}/)
expect(instance).to be_persisted
end
-
- context 'feature flag is disabled' do
- before do
- flag = "#{described_class.name.downcase.pluralize}_runners_token_prefix"
- stub_feature_flags(flag => false)
- end
-
- it 'leaves the token unchanged' do
- expect { subject }.not_to change(instance, :runners_token)
- end
- end
end
context 'token is set and matches prefix' do
before do
- instance.set_runners_token(instance.class::RUNNERS_TOKEN_PREFIX + '-abcdef')
+ instance.set_runners_token(RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX + '-abcdef')
instance.save!
end
diff --git a/spec/models/group_spec.rb b/spec/models/group_spec.rb
index db71fa4535d..b6c7d61a291 100644
--- a/spec/models/group_spec.rb
+++ b/spec/models/group_spec.rb
@@ -3155,6 +3155,6 @@ RSpec.describe Group do
subject { group }
- it_behaves_like 'it has a prefixable runners_token', :groups_runners_token_prefix
+ it_behaves_like 'it has a prefixable runners_token'
end
end
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 14cc4dbbea8..1d9b38c7aa4 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -8002,7 +8002,7 @@ RSpec.describe Project, factory_default: :keep do
subject { project }
- it_behaves_like 'it has a prefixable runners_token', :projects_runners_token_prefix
+ it_behaves_like 'it has a prefixable runners_token'
end
private
diff --git a/spec/support/shared_examples/models/runners_token_prefix_shared_examples.rb b/spec/support/shared_examples/models/runners_token_prefix_shared_examples.rb
index bbce67ae7b9..4dce445ac73 100644
--- a/spec/support/shared_examples/models/runners_token_prefix_shared_examples.rb
+++ b/spec/support/shared_examples/models/runners_token_prefix_shared_examples.rb
@@ -1,35 +1,13 @@
# frozen_string_literal: true
-RSpec.shared_examples 'it has a prefixable runners_token' do |feature_flag|
- context 'feature flag enabled' do
- before do
- stub_feature_flags(feature_flag => [subject])
+RSpec.shared_examples 'it has a prefixable runners_token' do
+ describe '#runners_token' do
+ it 'has a runners_token_prefix' do
+ expect(subject.runners_token_prefix).not_to be_empty
end
- describe '#runners_token' do
- it 'has a runners_token_prefix' do
- expect(subject.runners_token_prefix).not_to be_empty
- end
-
- it 'starts with the runners_token_prefix' do
- expect(subject.runners_token).to start_with(subject.runners_token_prefix)
- end
- end
- end
-
- context 'feature flag disabled' do
- before do
- stub_feature_flags(feature_flag => false)
- end
-
- describe '#runners_token' do
- it 'does not have a runners_token_prefix' do
- expect(subject.runners_token_prefix).to be_empty
- end
-
- it 'starts with the runners_token_prefix' do
- expect(subject.runners_token).to start_with(subject.runners_token_prefix)
- end
+ it 'starts with the runners_token_prefix' do
+ expect(subject.runners_token).to start_with(subject.runners_token_prefix)
end
end
end