Commit b7244e03 authored by Sean McGivern's avatar Sean McGivern

Merge branch 'master' into 'dm-gitlab-shell-7-1-4'

# Conflicts:
#   GITLAB_SHELL_VERSION
parents 80084428 0b4f9ff4
......@@ -54,7 +54,7 @@ export default {
placement: 'top',
content: sprintf(
__(`
The character highligher helps you keep the subject line to %{titleLength} characters
The character highlighter helps you keep the subject line to %{titleLength} characters
and wrap the body at %{bodyLength} so they are readable in git.
`),
{ titleLength: MAX_TITLE_LENGTH, bodyLength: MAX_BODY_LENGTH },
......
......@@ -11,12 +11,12 @@ module Clusters
attr_encrypted :password,
mode: :per_attribute_iv,
key: Settings.attr_encrypted_db_key_base,
key: Settings.attr_encrypted_db_key_base_truncated,
algorithm: 'aes-256-cbc'
attr_encrypted :token,
mode: :per_attribute_iv,
key: Settings.attr_encrypted_db_key_base,
key: Settings.attr_encrypted_db_key_base_truncated,
algorithm: 'aes-256-cbc'
before_validation :enforce_namespace_to_lower_case
......
......@@ -11,7 +11,7 @@ module Clusters
attr_encrypted :access_token,
mode: :per_attribute_iv,
key: Settings.attr_encrypted_db_key_base,
key: Settings.attr_encrypted_db_key_base_truncated,
algorithm: 'aes-256-cbc'
validates :gcp_project_id,
......
---
title: Include username in output when testing SSH to GitLab
merge_request: 19358
author:
type: other
---
title: Fix attr_encryption key settings
merge_request:
author:
type: fixed
---
title: Fix N+1 with source_projects in merge requests API
merge_request:
author:
type: performance
......@@ -85,17 +85,24 @@ class Settings < Settingslogic
File.expand_path(path, Rails.root)
end
# Returns a 256-bit key for attr_encrypted
def attr_encrypted_db_key_base
# Ruby 2.4+ requires passing in the exact required length for OpenSSL keys
# (https://github.com/ruby/ruby/commit/ce635262f53b760284d56bb1027baebaaec175d1).
# Previous versions quietly truncated the input.
#
# The default mode for the attr_encrypted gem is to use a 256-bit key.
# We truncate the 128-byte string to 32 bytes.
# Ruby 2.4+ requires passing in the exact required length for OpenSSL keys
# (https://github.com/ruby/ruby/commit/ce635262f53b760284d56bb1027baebaaec175d1).
# Previous versions quietly truncated the input.
#
# Use this when using :per_attribute_iv mode for attr_encrypted.
# We have to truncate the string to 32 bytes for a 256-bit cipher.
def attr_encrypted_db_key_base_truncated
Gitlab::Application.secrets.db_key_base[0..31]
end
# This should be used for :per_attribute_salt_and_iv mode. There is no
# need to truncate the key because the encryptor will use the salt to
# generate a hash of the password:
# https://github.com/attr-encrypted/encryptor/blob/c3a62c4a9e74686dd95e0548f9dc2a361fdc95d1/lib/encryptor.rb#L77
def attr_encrypted_db_key_base
Gitlab::Application.secrets.db_key_base
end
private
def base_url(config)
......
......@@ -48,7 +48,7 @@ class MigrateKubernetesServiceToNewClustersArchitectures < ActiveRecord::Migrati
attr_encrypted :token,
mode: :per_attribute_iv,
key: Settings.attr_encrypted_db_key_base,
key: Settings.attr_encrypted_db_key_base_truncated,
algorithm: 'aes-256-cbc'
end
......
......@@ -38,7 +38,7 @@ module API
merge_requests = MergeRequestsFinder.new(current_user, args).execute
.reorder(args[:order_by] => args[:sort])
merge_requests = paginate(merge_requests)
.preload(:target_project)
.preload(:source_project, :target_project)
return merge_requests if args[:view] == 'simple'
......
......@@ -3,7 +3,12 @@ require 'spec_helper'
describe Gitlab::CycleAnalytics::UsageData do
describe '#to_json' do
before do
Timecop.freeze do
# Since git commits only have second precision, round up to the
# nearest second to ensure we have accurate median and standard
# deviation calculations.
current_time = Time.at(Time.now.to_i)
Timecop.freeze(current_time) do
user = create(:user, :admin)
projects = create_list(:project, 2, :repository)
......@@ -37,13 +42,7 @@ describe Gitlab::CycleAnalytics::UsageData do
expected_values.each_pair do |op, value|
expect(stage_values).to have_key(op)
if op == :missing
expect(stage_values[op]).to eq(value)
else
# delta is used because of git timings that Timecop does not stub
expect(stage_values[op].to_i).to be_within(5).of(value.to_i)
end
expect(stage_values[op]).to eq(value)
end
end
end
......@@ -58,8 +57,8 @@ describe Gitlab::CycleAnalytics::UsageData do
missing: 0
},
plan: {
average: 2,
sd: 2,
average: 1,
sd: 0,
missing: 0
},
code: {
......
......@@ -4,12 +4,12 @@ module CycleAnalyticsHelpers
create_commit("Commit for ##{issue.iid}", issue.project, user, branch_name)
end
def create_commit(message, project, user, branch_name, count: 1)
def create_commit(message, project, user, branch_name, count: 1, commit_time: nil, skip_push_handler: false)
repository = project.repository
oldrev = repository.commit(branch_name).sha
oldrev = repository.commit(branch_name)&.sha || Gitlab::Git::BLANK_SHA
if Timecop.frozen? && Gitlab::GitalyClient.feature_enabled?(:operation_user_commit_files)
mock_gitaly_multi_action_dates(repository.raw)
mock_gitaly_multi_action_dates(repository.raw, commit_time)
end
commit_shas = Array.new(count) do |index|
......@@ -19,6 +19,8 @@ module CycleAnalyticsHelpers
commit_sha
end
return if skip_push_handler
GitPushService.new(project,
user,
oldrev: oldrev,
......@@ -44,13 +46,11 @@ module CycleAnalyticsHelpers
project.repository.add_branch(user, source_branch, 'master')
end
sha = project.repository.create_file(
user,
generate(:branch),
'content',
message: commit_message,
branch_name: source_branch)
project.repository.commit(sha)
# Cycle analytic specs often test with frozen times, which causes metrics to be
# pinned to the current time. For example, in the plan stage, we assume that an issue
# milestone has been created before any code has been written. We add a second
# to ensure that the plan time is positive.
create_commit(commit_message, project, user, source_branch, commit_time: Time.now + 1.second, skip_push_handler: true)
opts = {
title: 'Awesome merge_request',
......@@ -116,9 +116,9 @@ module CycleAnalyticsHelpers
protected: false)
end
def mock_gitaly_multi_action_dates(raw_repository)
def mock_gitaly_multi_action_dates(raw_repository, commit_time)
allow(raw_repository).to receive(:multi_action).and_wrap_original do |m, *args|
new_date = Time.now
new_date = commit_time || Time.now
branch_update = m.call(*args)
if branch_update.newrev
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment