summaryrefslogtreecommitdiff
path: root/app/workers
diff options
context:
space:
mode:
Diffstat (limited to 'app/workers')
-rw-r--r--app/workers/all_queues.yml73
-rw-r--r--app/workers/authorized_project_update/project_create_worker.rb19
-rw-r--r--app/workers/authorized_project_update/user_refresh_with_low_urgency_worker.rb11
-rw-r--r--app/workers/ci/daily_build_group_report_results_worker.rb (renamed from app/workers/ci/daily_report_results_worker.rb)4
-rw-r--r--app/workers/cluster_configure_worker.rb10
-rw-r--r--app/workers/cluster_project_configure_worker.rb12
-rw-r--r--app/workers/concerns/application_worker.rb17
-rw-r--r--app/workers/concerns/chaos_queue.rb2
-rw-r--r--app/workers/concerns/reactive_cacheable_worker.rb33
-rw-r--r--app/workers/create_commit_signature_worker.rb4
-rw-r--r--app/workers/design_management/new_version_worker.rb31
-rw-r--r--app/workers/external_service_reactive_caching_worker.rb7
-rw-r--r--app/workers/gitlab/jira_import/import_issue_worker.rb28
-rw-r--r--app/workers/group_import_worker.rb11
-rw-r--r--app/workers/incident_management/process_alert_worker.rb25
-rw-r--r--app/workers/irker_worker.rb2
-rw-r--r--app/workers/merge_request_mergeability_check_worker.rb3
-rw-r--r--app/workers/new_release_worker.rb2
-rw-r--r--app/workers/pages_domain_ssl_renewal_cron_worker.rb5
-rw-r--r--app/workers/process_commit_worker.rb4
-rw-r--r--app/workers/project_update_repository_storage_worker.rb16
-rw-r--r--app/workers/reactive_caching_worker.rb32
-rw-r--r--app/workers/stage_update_worker.rb4
-rw-r--r--app/workers/update_head_pipeline_for_merge_request_worker.rb4
-rw-r--r--app/workers/x509_issuer_crl_check_worker.rb76
25 files changed, 329 insertions, 106 deletions
diff --git a/app/workers/all_queues.yml b/app/workers/all_queues.yml
index 57d41bfaec2..1f9a53d64d9 100644
--- a/app/workers/all_queues.yml
+++ b/app/workers/all_queues.yml
@@ -3,6 +3,20 @@
#
# Do not edit it manually!
---
+- :name: authorized_project_update:authorized_project_update_project_create
+ :feature_category: :authentication_and_authorization
+ :has_external_dependencies:
+ :urgency: :low
+ :resource_boundary: :unknown
+ :weight: 1
+ :idempotent: true
+- :name: authorized_project_update:authorized_project_update_user_refresh_with_low_urgency
+ :feature_category: :authentication_and_authorization
+ :has_external_dependencies:
+ :urgency: :low
+ :resource_boundary: :unknown
+ :weight: 1
+ :idempotent: true
- :name: auto_devops:auto_devops_disable
:feature_category: :auto_devops
:has_external_dependencies:
@@ -18,35 +32,35 @@
:weight: 3
:idempotent:
- :name: chaos:chaos_cpu_spin
- :feature_category: :chaos_engineering
+ :feature_category: :not_owned
:has_external_dependencies:
:urgency: :low
:resource_boundary: :unknown
:weight: 2
:idempotent:
- :name: chaos:chaos_db_spin
- :feature_category: :chaos_engineering
+ :feature_category: :not_owned
:has_external_dependencies:
:urgency: :low
:resource_boundary: :unknown
:weight: 2
:idempotent:
- :name: chaos:chaos_kill
- :feature_category: :chaos_engineering
+ :feature_category: :not_owned
:has_external_dependencies:
:urgency: :low
:resource_boundary: :unknown
:weight: 2
:idempotent:
- :name: chaos:chaos_leak_mem
- :feature_category: :chaos_engineering
+ :feature_category: :not_owned
:has_external_dependencies:
:urgency: :low
:resource_boundary: :unknown
:weight: 2
:idempotent:
- :name: chaos:chaos_sleep
- :feature_category: :chaos_engineering
+ :feature_category: :not_owned
:has_external_dependencies:
:urgency: :low
:resource_boundary: :unknown
@@ -269,6 +283,13 @@
:resource_boundary: :unknown
:weight: 1
:idempotent:
+- :name: cronjob:x509_issuer_crl_check
+ :feature_category: :source_code_management
+ :has_external_dependencies: true
+ :urgency: :low
+ :resource_boundary: :unknown
+ :weight: 1
+ :idempotent: true
- :name: deployment:deployments_finished
:feature_category: :continuous_delivery
:has_external_dependencies:
@@ -290,13 +311,6 @@
:resource_boundary: :cpu
:weight: 3
:idempotent:
-- :name: gcp_cluster:cluster_configure
- :feature_category: :kubernetes_management
- :has_external_dependencies:
- :urgency: :low
- :resource_boundary: :unknown
- :weight: 1
- :idempotent:
- :name: gcp_cluster:cluster_configure_istio
:feature_category: :kubernetes_management
:has_external_dependencies: true
@@ -318,13 +332,6 @@
:resource_boundary: :unknown
:weight: 1
:idempotent:
-- :name: gcp_cluster:cluster_project_configure
- :feature_category: :kubernetes_management
- :has_external_dependencies: true
- :urgency: :low
- :resource_boundary: :unknown
- :weight: 1
- :idempotent:
- :name: gcp_cluster:cluster_provision
:feature_category: :kubernetes_management
:has_external_dependencies: true
@@ -689,7 +696,7 @@
:resource_boundary: :unknown
:weight: 1
:idempotent:
-- :name: pipeline_background:ci_daily_report_results
+- :name: pipeline_background:ci_daily_build_group_report_results
:feature_category: :continuous_integration
:has_external_dependencies:
:urgency: :low
@@ -849,14 +856,14 @@
:urgency: :high
:resource_boundary: :unknown
:weight: 5
- :idempotent:
+ :idempotent: true
- :name: pipeline_processing:update_head_pipeline_for_merge_request
:feature_category: :continuous_integration
:has_external_dependencies:
:urgency: :high
:resource_boundary: :cpu
:weight: 5
- :idempotent:
+ :idempotent: true
- :name: repository_check:repository_check_batch
:feature_category: :source_code_management
:has_external_dependencies:
@@ -961,7 +968,7 @@
:urgency: :low
:resource_boundary: :unknown
:weight: 2
- :idempotent:
+ :idempotent: true
- :name: create_evidence
:feature_category: :release_evidence
:has_external_dependencies:
@@ -1011,6 +1018,13 @@
:resource_boundary: :unknown
:weight: 1
:idempotent:
+- :name: design_management_new_version
+ :feature_category: :design_management
+ :has_external_dependencies:
+ :urgency: :low
+ :resource_boundary: :memory
+ :weight: 1
+ :idempotent:
- :name: detect_repository_languages
:feature_category: :source_code_management
:has_external_dependencies:
@@ -1053,6 +1067,13 @@
:resource_boundary: :cpu
:weight: 1
:idempotent:
+- :name: external_service_reactive_caching
+ :feature_category: :not_owned
+ :has_external_dependencies: true
+ :urgency: :low
+ :resource_boundary: :unknown
+ :weight: 1
+ :idempotent:
- :name: file_hook
:feature_category: :integrations
:has_external_dependencies:
@@ -1143,7 +1164,7 @@
:urgency: :low
:resource_boundary: :unknown
:weight: 1
- :idempotent:
+ :idempotent: true
- :name: migrate_external_diffs
:feature_category: :source_code_management
:has_external_dependencies:
@@ -1220,7 +1241,7 @@
:urgency: :high
:resource_boundary: :unknown
:weight: 3
- :idempotent:
+ :idempotent: true
- :name: project_cache
:feature_category: :source_code_management
:has_external_dependencies:
@@ -1280,7 +1301,7 @@
- :name: reactive_caching
:feature_category: :not_owned
:has_external_dependencies:
- :urgency: :high
+ :urgency: :low
:resource_boundary: :cpu
:weight: 1
:idempotent:
diff --git a/app/workers/authorized_project_update/project_create_worker.rb b/app/workers/authorized_project_update/project_create_worker.rb
new file mode 100644
index 00000000000..651849b57ec
--- /dev/null
+++ b/app/workers/authorized_project_update/project_create_worker.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module AuthorizedProjectUpdate
+ class ProjectCreateWorker
+ include ApplicationWorker
+
+ feature_category :authentication_and_authorization
+ urgency :low
+ queue_namespace :authorized_project_update
+
+ idempotent!
+
+ def perform(project_id)
+ project = Project.find(project_id)
+
+ AuthorizedProjectUpdate::ProjectCreateService.new(project).execute
+ end
+ end
+end
diff --git a/app/workers/authorized_project_update/user_refresh_with_low_urgency_worker.rb b/app/workers/authorized_project_update/user_refresh_with_low_urgency_worker.rb
new file mode 100644
index 00000000000..19038cb8900
--- /dev/null
+++ b/app/workers/authorized_project_update/user_refresh_with_low_urgency_worker.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module AuthorizedProjectUpdate
+ class UserRefreshWithLowUrgencyWorker < ::AuthorizedProjectsWorker
+ feature_category :authentication_and_authorization
+ urgency :low
+ queue_namespace :authorized_project_update
+
+ idempotent!
+ end
+end
diff --git a/app/workers/ci/daily_report_results_worker.rb b/app/workers/ci/daily_build_group_report_results_worker.rb
index 314fd44f86c..a6d3c485e24 100644
--- a/app/workers/ci/daily_report_results_worker.rb
+++ b/app/workers/ci/daily_build_group_report_results_worker.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
module Ci
- class DailyReportResultsWorker
+ class DailyBuildGroupReportResultsWorker
include ApplicationWorker
include PipelineBackgroundQueue
@@ -9,7 +9,7 @@ module Ci
def perform(pipeline_id)
Ci::Pipeline.find_by_id(pipeline_id).try do |pipeline|
- Ci::DailyReportResultService.new.execute(pipeline)
+ Ci::DailyBuildGroupReportResultService.new.execute(pipeline)
end
end
end
diff --git a/app/workers/cluster_configure_worker.rb b/app/workers/cluster_configure_worker.rb
deleted file mode 100644
index f9364ab7144..00000000000
--- a/app/workers/cluster_configure_worker.rb
+++ /dev/null
@@ -1,10 +0,0 @@
-# frozen_string_literal: true
-
-class ClusterConfigureWorker # rubocop:disable Scalability/IdempotentWorker
- include ApplicationWorker
- include ClusterQueue
-
- def perform(cluster_id)
- # Scheduled for removal in https://gitlab.com/gitlab-org/gitlab-foss/issues/59319
- end
-end
diff --git a/app/workers/cluster_project_configure_worker.rb b/app/workers/cluster_project_configure_worker.rb
deleted file mode 100644
index b68df01dc7a..00000000000
--- a/app/workers/cluster_project_configure_worker.rb
+++ /dev/null
@@ -1,12 +0,0 @@
-# frozen_string_literal: true
-
-class ClusterProjectConfigureWorker # rubocop:disable Scalability/IdempotentWorker
- include ApplicationWorker
- include ClusterQueue
-
- worker_has_external_dependencies!
-
- def perform(project_id)
- # Scheduled for removal in https://gitlab.com/gitlab-org/gitlab-foss/issues/59319
- end
-end
diff --git a/app/workers/concerns/application_worker.rb b/app/workers/concerns/application_worker.rb
index c0062780688..7ab9a0c2a02 100644
--- a/app/workers/concerns/application_worker.rb
+++ b/app/workers/concerns/application_worker.rb
@@ -11,6 +11,8 @@ module ApplicationWorker
include WorkerAttributes
include WorkerContext
+ LOGGING_EXTRA_KEY = 'extra'
+
included do
set_queue
@@ -24,6 +26,21 @@ module ApplicationWorker
payload.stringify_keys.merge(context)
end
+
+ def log_extra_metadata_on_done(key, value)
+ @done_log_extra_metadata ||= {}
+ @done_log_extra_metadata[key] = value
+ end
+
+ def logging_extras
+ return {} unless @done_log_extra_metadata
+
+ # Prefix keys with class name to avoid conflicts in Elasticsearch types.
+ # Also prefix with "extra." so that we know to log these new fields.
+ @done_log_extra_metadata.transform_keys do |k|
+ "#{LOGGING_EXTRA_KEY}.#{self.class.name.gsub("::", "_").underscore}.#{k}"
+ end
+ end
end
class_methods do
diff --git a/app/workers/concerns/chaos_queue.rb b/app/workers/concerns/chaos_queue.rb
index c5db10491f2..a9c557f0175 100644
--- a/app/workers/concerns/chaos_queue.rb
+++ b/app/workers/concerns/chaos_queue.rb
@@ -5,6 +5,6 @@ module ChaosQueue
included do
queue_namespace :chaos
- feature_category :chaos_engineering
+ feature_category_not_owned!
end
end
diff --git a/app/workers/concerns/reactive_cacheable_worker.rb b/app/workers/concerns/reactive_cacheable_worker.rb
new file mode 100644
index 00000000000..e73707c2b43
--- /dev/null
+++ b/app/workers/concerns/reactive_cacheable_worker.rb
@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module ReactiveCacheableWorker
+ extend ActiveSupport::Concern
+
+ included do
+ include ApplicationWorker
+
+ feature_category_not_owned!
+
+ def self.context_for_arguments(arguments)
+ class_name, *_other_args = arguments
+ Gitlab::ApplicationContext.new(related_class: class_name.to_s)
+ end
+ end
+
+ def perform(class_name, id, *args)
+ klass = begin
+ class_name.constantize
+ rescue NameError
+ nil
+ end
+
+ return unless klass
+
+ klass
+ .reactive_cache_worker_finder
+ .call(id, *args)
+ .try(:exclusively_update_reactive_cache!, *args)
+ rescue ReactiveCaching::ExceededReactiveCacheLimit => e
+ Gitlab::ErrorTracking.track_exception(e)
+ end
+end
diff --git a/app/workers/create_commit_signature_worker.rb b/app/workers/create_commit_signature_worker.rb
index 9cbc75f8944..a88d2bf7d15 100644
--- a/app/workers/create_commit_signature_worker.rb
+++ b/app/workers/create_commit_signature_worker.rb
@@ -1,11 +1,13 @@
# frozen_string_literal: true
-class CreateCommitSignatureWorker # rubocop:disable Scalability/IdempotentWorker
+class CreateCommitSignatureWorker
include ApplicationWorker
feature_category :source_code_management
weight 2
+ idempotent!
+
# rubocop: disable CodeReuse/ActiveRecord
def perform(commit_shas, project_id)
# Older versions of Git::BranchPushService may push a single commit ID on
diff --git a/app/workers/design_management/new_version_worker.rb b/app/workers/design_management/new_version_worker.rb
new file mode 100644
index 00000000000..3634dcbcebd
--- /dev/null
+++ b/app/workers/design_management/new_version_worker.rb
@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module DesignManagement
+ class NewVersionWorker # rubocop:disable Scalability/IdempotentWorker
+ include ApplicationWorker
+
+ feature_category :design_management
+ # Declare this worker as memory bound due to
+ # `GenerateImageVersionsService` resizing designs
+ worker_resource_boundary :memory
+
+ def perform(version_id)
+ version = DesignManagement::Version.find(version_id)
+
+ add_system_note(version)
+ generate_image_versions(version)
+ rescue ActiveRecord::RecordNotFound => e
+ Sidekiq.logger.warn(e)
+ end
+
+ private
+
+ def add_system_note(version)
+ SystemNoteService.design_version_added(version)
+ end
+
+ def generate_image_versions(version)
+ DesignManagement::GenerateImageVersionsService.new(version).execute
+ end
+ end
+end
diff --git a/app/workers/external_service_reactive_caching_worker.rb b/app/workers/external_service_reactive_caching_worker.rb
new file mode 100644
index 00000000000..e3104b44a7f
--- /dev/null
+++ b/app/workers/external_service_reactive_caching_worker.rb
@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class ExternalServiceReactiveCachingWorker # rubocop:disable Scalability/IdempotentWorker
+ include ReactiveCacheableWorker
+
+ worker_has_external_dependencies!
+end
diff --git a/app/workers/gitlab/jira_import/import_issue_worker.rb b/app/workers/gitlab/jira_import/import_issue_worker.rb
index 7ace0a35fd9..78de5cf1307 100644
--- a/app/workers/gitlab/jira_import/import_issue_worker.rb
+++ b/app/workers/gitlab/jira_import/import_issue_worker.rb
@@ -28,19 +28,35 @@ module Gitlab
private
def create_issue(issue_attributes, project_id)
+ label_ids = issue_attributes.delete('label_ids')
+ assignee_ids = issue_attributes.delete('assignee_ids')
issue_id = insert_and_return_id(issue_attributes, Issue)
- label_issue(project_id, issue_id)
+ label_issue(project_id, issue_id, label_ids)
+ assign_issue(project_id, issue_id, assignee_ids)
issue_id
end
- def label_issue(project_id, issue_id)
- label_id = JiraImport.get_import_label_id(project_id)
- return unless label_id
+ def label_issue(project_id, issue_id, label_ids)
+ label_link_attrs = label_ids.to_a.map do |label_id|
+ build_label_attrs(issue_id, label_id.to_i)
+ end
- label_link_attrs = build_label_attrs(issue_id, label_id.to_i)
- insert_and_return_id(label_link_attrs, LabelLink)
+ import_label_id = JiraImport.get_import_label_id(project_id)
+ return unless import_label_id
+
+ label_link_attrs << build_label_attrs(issue_id, import_label_id.to_i)
+
+ Gitlab::Database.bulk_insert(LabelLink.table_name, label_link_attrs)
+ end
+
+ def assign_issue(project_id, issue_id, assignee_ids)
+ return if assignee_ids.blank?
+
+ assignee_attrs = assignee_ids.map { |user_id| { issue_id: issue_id, user_id: user_id } }
+
+ Gitlab::Database.bulk_insert(IssueAssignee.table_name, assignee_attrs)
end
def build_label_attrs(issue_id, label_id)
diff --git a/app/workers/group_import_worker.rb b/app/workers/group_import_worker.rb
index b6fc5afc28c..d8f236013bf 100644
--- a/app/workers/group_import_worker.rb
+++ b/app/workers/group_import_worker.rb
@@ -2,14 +2,23 @@
class GroupImportWorker # rubocop:disable Scalability/IdempotentWorker
include ApplicationWorker
- include ExceptionBacktrace
+ sidekiq_options retry: false
feature_category :importers
def perform(user_id, group_id)
current_user = User.find(user_id)
group = Group.find(group_id)
+ group_import = group.build_import_state(jid: self.jid)
+
+ group_import.start!
::Groups::ImportExport::ImportService.new(group: group, user: current_user).execute
+
+ group_import.finish!
+ rescue StandardError => e
+ group_import&.fail_op(e.message)
+
+ raise e
end
end
diff --git a/app/workers/incident_management/process_alert_worker.rb b/app/workers/incident_management/process_alert_worker.rb
index 8d4294cc231..2ce9fe359b5 100644
--- a/app/workers/incident_management/process_alert_worker.rb
+++ b/app/workers/incident_management/process_alert_worker.rb
@@ -7,11 +7,14 @@ module IncidentManagement
queue_namespace :incident_management
feature_category :incident_management
- def perform(project_id, alert)
+ def perform(project_id, alert_payload, am_alert_id = nil)
project = find_project(project_id)
return unless project
- create_issue(project, alert)
+ new_issue = create_issue(project, alert_payload)
+ return unless am_alert_id && new_issue.persisted?
+
+ link_issue_with_alert(am_alert_id, new_issue.id)
end
private
@@ -20,10 +23,24 @@ module IncidentManagement
Project.find_by_id(project_id)
end
- def create_issue(project, alert)
+ def create_issue(project, alert_payload)
IncidentManagement::CreateIssueService
- .new(project, alert)
+ .new(project, alert_payload)
.execute
end
+
+ def link_issue_with_alert(alert_id, issue_id)
+ alert = AlertManagement::Alert.find_by_id(alert_id)
+ return unless alert
+
+ return if alert.update(issue_id: issue_id)
+
+ Gitlab::AppLogger.warn(
+ message: 'Cannot link an Issue with Alert',
+ issue_id: issue_id,
+ alert_id: alert_id,
+ alert_errors: alert.errors.messages
+ )
+ end
end
end
diff --git a/app/workers/irker_worker.rb b/app/workers/irker_worker.rb
index 73bc050d7be..7622f40a949 100644
--- a/app/workers/irker_worker.rb
+++ b/app/workers/irker_worker.rb
@@ -53,7 +53,7 @@ class IrkerWorker # rubocop:disable Scalability/IdempotentWorker
def sendtoirker(privmsg)
to_send = { to: @channels, privmsg: privmsg }
- @socket.puts JSON.dump(to_send)
+ @socket.puts Gitlab::Json.dump(to_send)
end
def close_connection
diff --git a/app/workers/merge_request_mergeability_check_worker.rb b/app/workers/merge_request_mergeability_check_worker.rb
index a26c1a886f6..1a84efb4e52 100644
--- a/app/workers/merge_request_mergeability_check_worker.rb
+++ b/app/workers/merge_request_mergeability_check_worker.rb
@@ -1,9 +1,10 @@
# frozen_string_literal: true
-class MergeRequestMergeabilityCheckWorker # rubocop:disable Scalability/IdempotentWorker
+class MergeRequestMergeabilityCheckWorker
include ApplicationWorker
feature_category :source_code_management
+ idempotent!
def perform(merge_request_id)
merge_request = MergeRequest.find_by_id(merge_request_id)
diff --git a/app/workers/new_release_worker.rb b/app/workers/new_release_worker.rb
index 3c19e5f3d2b..fa4703d10f2 100644
--- a/app/workers/new_release_worker.rb
+++ b/app/workers/new_release_worker.rb
@@ -1,5 +1,7 @@
# frozen_string_literal: true
+# TODO: Worker can be removed in 13.2:
+# https://gitlab.com/gitlab-org/gitlab/-/issues/218231
class NewReleaseWorker # rubocop:disable Scalability/IdempotentWorker
include ApplicationWorker
diff --git a/app/workers/pages_domain_ssl_renewal_cron_worker.rb b/app/workers/pages_domain_ssl_renewal_cron_worker.rb
index 43fb35c5298..fe6d516d3cf 100644
--- a/app/workers/pages_domain_ssl_renewal_cron_worker.rb
+++ b/app/workers/pages_domain_ssl_renewal_cron_worker.rb
@@ -10,11 +10,6 @@ class PagesDomainSslRenewalCronWorker # rubocop:disable Scalability/IdempotentWo
return unless ::Gitlab::LetsEncrypt.enabled?
PagesDomain.need_auto_ssl_renewal.with_logging_info.find_each do |domain|
- # Ideally that should be handled in PagesDomain.need_auto_ssl_renewal scope
- # but it's hard to make scope work with feature flags
- # once we remove feature flag we can modify scope to implement this behaviour
- next if Feature.enabled?(:pages_letsencrypt_errors, domain.project) && domain.auto_ssl_failed
-
with_context(project: domain.project) do
PagesDomainSslRenewalWorker.perform_async(domain.id)
end
diff --git a/app/workers/process_commit_worker.rb b/app/workers/process_commit_worker.rb
index 9960e812a2f..bdfabea8938 100644
--- a/app/workers/process_commit_worker.rb
+++ b/app/workers/process_commit_worker.rb
@@ -7,13 +7,15 @@
# result of this the workload of this worker should be kept to a bare minimum.
# Consider using an extra worker if you need to add any extra (and potentially
# slow) processing of commits.
-class ProcessCommitWorker # rubocop:disable Scalability/IdempotentWorker
+class ProcessCommitWorker
include ApplicationWorker
feature_category :source_code_management
urgency :high
weight 3
+ idempotent!
+
# project_id - The ID of the project this commit belongs to.
# user_id - The ID of the user that pushed the commit.
# commit_hash - Hash containing commit details to use for constructing a
diff --git a/app/workers/project_update_repository_storage_worker.rb b/app/workers/project_update_repository_storage_worker.rb
index ecee33e6421..5c1a8062f12 100644
--- a/app/workers/project_update_repository_storage_worker.rb
+++ b/app/workers/project_update_repository_storage_worker.rb
@@ -5,9 +5,19 @@ class ProjectUpdateRepositoryStorageWorker # rubocop:disable Scalability/Idempot
feature_category :gitaly
- def perform(project_id, new_repository_storage_key)
- project = Project.find(project_id)
+ def perform(project_id, new_repository_storage_key, repository_storage_move_id = nil)
+ repository_storage_move =
+ if repository_storage_move_id
+ ProjectRepositoryStorageMove.find(repository_storage_move_id)
+ else
+ # maintain compatibility with workers queued before release
+ project = Project.find(project_id)
+ project.repository_storage_moves.create!(
+ source_storage_name: project.repository_storage,
+ destination_storage_name: new_repository_storage_key
+ )
+ end
- ::Projects::UpdateRepositoryStorageService.new(project).execute(new_repository_storage_key)
+ ::Projects::UpdateRepositoryStorageService.new(repository_storage_move).execute
end
end
diff --git a/app/workers/reactive_caching_worker.rb b/app/workers/reactive_caching_worker.rb
index 513033281e5..a0829c31280 100644
--- a/app/workers/reactive_caching_worker.rb
+++ b/app/workers/reactive_caching_worker.rb
@@ -1,36 +1,8 @@
# frozen_string_literal: true
class ReactiveCachingWorker # rubocop:disable Scalability/IdempotentWorker
- include ApplicationWorker
+ include ReactiveCacheableWorker
- feature_category_not_owned!
-
- # TODO: The reactive caching worker should be split into
- # two different workers, one for high urgency jobs without external dependencies
- # and another worker without high urgency, but with external dependencies
- # https://gitlab.com/gitlab-com/gl-infra/scalability/issues/34
- # This worker should also have `worker_has_external_dependencies!` enabled
- urgency :high
+ urgency :low
worker_resource_boundary :cpu
-
- def self.context_for_arguments(arguments)
- class_name, *_other_args = arguments
- Gitlab::ApplicationContext.new(related_class: class_name.to_s)
- end
-
- def perform(class_name, id, *args)
- klass = begin
- class_name.constantize
- rescue NameError
- nil
- end
- return unless klass
-
- klass
- .reactive_cache_worker_finder
- .call(id, *args)
- .try(:exclusively_update_reactive_cache!, *args)
- rescue ReactiveCaching::ExceededReactiveCacheLimit => e
- Gitlab::ErrorTracking.track_exception(e)
- end
end
diff --git a/app/workers/stage_update_worker.rb b/app/workers/stage_update_worker.rb
index aface8288e3..20db19536c3 100644
--- a/app/workers/stage_update_worker.rb
+++ b/app/workers/stage_update_worker.rb
@@ -1,12 +1,14 @@
# frozen_string_literal: true
-class StageUpdateWorker # rubocop:disable Scalability/IdempotentWorker
+class StageUpdateWorker
include ApplicationWorker
include PipelineQueue
queue_namespace :pipeline_processing
urgency :high
+ idempotent!
+
def perform(stage_id)
Ci::Stage.find_by_id(stage_id)&.update_legacy_status
end
diff --git a/app/workers/update_head_pipeline_for_merge_request_worker.rb b/app/workers/update_head_pipeline_for_merge_request_worker.rb
index 69698ba81bd..63d11d33283 100644
--- a/app/workers/update_head_pipeline_for_merge_request_worker.rb
+++ b/app/workers/update_head_pipeline_for_merge_request_worker.rb
@@ -1,6 +1,6 @@
# frozen_string_literal: true
-class UpdateHeadPipelineForMergeRequestWorker # rubocop:disable Scalability/IdempotentWorker
+class UpdateHeadPipelineForMergeRequestWorker
include ApplicationWorker
include PipelineQueue
@@ -9,6 +9,8 @@ class UpdateHeadPipelineForMergeRequestWorker # rubocop:disable Scalability/Idem
urgency :high
worker_resource_boundary :cpu
+ idempotent!
+
def perform(merge_request_id)
MergeRequest.find_by_id(merge_request_id).try do |merge_request|
merge_request.update_head_pipeline
diff --git a/app/workers/x509_issuer_crl_check_worker.rb b/app/workers/x509_issuer_crl_check_worker.rb
new file mode 100644
index 00000000000..5fc92da803c
--- /dev/null
+++ b/app/workers/x509_issuer_crl_check_worker.rb
@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+class X509IssuerCrlCheckWorker
+ include ApplicationWorker
+ include CronjobQueue
+
+ feature_category :source_code_management
+ urgency :low
+
+ idempotent!
+ worker_has_external_dependencies!
+
+ attr_accessor :logger
+
+ def perform
+ @logger = Gitlab::GitLogger.build
+
+ X509Issuer.all.find_each do |issuer|
+ with_context(related_class: X509IssuerCrlCheckWorker) do
+ update_certificates(issuer)
+ end
+ end
+ end
+
+ private
+
+ def update_certificates(issuer)
+ crl = download_crl(issuer)
+ return unless crl
+
+ serials = X509Certificate.serial_numbers(issuer)
+ return if serials.empty?
+
+ revoked_serials = serials & crl.revoked.map(&:serial).map(&:to_i)
+
+ revoked_serials.each_slice(1000) do |batch|
+ certs = issuer.x509_certificates.where(serial_number: batch, certificate_status: :good) # rubocop: disable CodeReuse/ActiveRecord
+
+ certs.find_each do |cert|
+ logger.info(message: "Certificate revoked",
+ id: cert.id,
+ email: cert.email,
+ subject: cert.subject,
+ serial_number: cert.serial_number,
+ issuer: cert.x509_issuer.id,
+ issuer_subject: cert.x509_issuer.subject,
+ issuer_crl_url: cert.x509_issuer.crl_url)
+ end
+
+ certs.update_all(certificate_status: :revoked)
+ end
+ end
+
+ def download_crl(issuer)
+ response = Gitlab::HTTP.try_get(issuer.crl_url)
+
+ if response&.code == 200
+ OpenSSL::X509::CRL.new(response.body)
+ else
+ logger.warn(message: "Failed to download certificate revocation list",
+ issuer: issuer.id,
+ issuer_subject: issuer.subject,
+ issuer_crl_url: issuer.crl_url)
+
+ nil
+ end
+
+ rescue OpenSSL::X509::CRLError
+ logger.warn(message: "Failed to parse certificate revocation list",
+ issuer: issuer.id,
+ issuer_subject: issuer.subject,
+ issuer_crl_url: issuer.crl_url)
+
+ nil
+ end
+end