Commit b7244e03 authored by Sean McGivern's avatar Sean McGivern

Merge branch 'master' into 'dm-gitlab-shell-7-1-4'

# Conflicts:
#   GITLAB_SHELL_VERSION
parents 80084428 0b4f9ff4
...@@ -54,7 +54,7 @@ export default { ...@@ -54,7 +54,7 @@ export default {
placement: 'top', placement: 'top',
content: sprintf( content: sprintf(
__(` __(`
The character highligher helps you keep the subject line to %{titleLength} characters The character highlighter helps you keep the subject line to %{titleLength} characters
and wrap the body at %{bodyLength} so they are readable in git. and wrap the body at %{bodyLength} so they are readable in git.
`), `),
{ titleLength: MAX_TITLE_LENGTH, bodyLength: MAX_BODY_LENGTH }, { titleLength: MAX_TITLE_LENGTH, bodyLength: MAX_BODY_LENGTH },
......
...@@ -11,12 +11,12 @@ module Clusters ...@@ -11,12 +11,12 @@ module Clusters
attr_encrypted :password, attr_encrypted :password,
mode: :per_attribute_iv, mode: :per_attribute_iv,
key: Settings.attr_encrypted_db_key_base, key: Settings.attr_encrypted_db_key_base_truncated,
algorithm: 'aes-256-cbc' algorithm: 'aes-256-cbc'
attr_encrypted :token, attr_encrypted :token,
mode: :per_attribute_iv, mode: :per_attribute_iv,
key: Settings.attr_encrypted_db_key_base, key: Settings.attr_encrypted_db_key_base_truncated,
algorithm: 'aes-256-cbc' algorithm: 'aes-256-cbc'
before_validation :enforce_namespace_to_lower_case before_validation :enforce_namespace_to_lower_case
......
...@@ -11,7 +11,7 @@ module Clusters ...@@ -11,7 +11,7 @@ module Clusters
attr_encrypted :access_token, attr_encrypted :access_token,
mode: :per_attribute_iv, mode: :per_attribute_iv,
key: Settings.attr_encrypted_db_key_base, key: Settings.attr_encrypted_db_key_base_truncated,
algorithm: 'aes-256-cbc' algorithm: 'aes-256-cbc'
validates :gcp_project_id, validates :gcp_project_id,
......
---
title: Include username in output when testing SSH to GitLab
merge_request: 19358
author:
type: other
---
title: Fix attr_encryption key settings
merge_request:
author:
type: fixed
---
title: Fix N+1 with source_projects in merge requests API
merge_request:
author:
type: performance
...@@ -85,17 +85,24 @@ class Settings < Settingslogic ...@@ -85,17 +85,24 @@ class Settings < Settingslogic
File.expand_path(path, Rails.root) File.expand_path(path, Rails.root)
end end
# Returns a 256-bit key for attr_encrypted # Ruby 2.4+ requires passing in the exact required length for OpenSSL keys
def attr_encrypted_db_key_base # (https://github.com/ruby/ruby/commit/ce635262f53b760284d56bb1027baebaaec175d1).
# Ruby 2.4+ requires passing in the exact required length for OpenSSL keys # Previous versions quietly truncated the input.
# (https://github.com/ruby/ruby/commit/ce635262f53b760284d56bb1027baebaaec175d1). #
# Previous versions quietly truncated the input. # Use this when using :per_attribute_iv mode for attr_encrypted.
# # We have to truncate the string to 32 bytes for a 256-bit cipher.
# The default mode for the attr_encrypted gem is to use a 256-bit key. def attr_encrypted_db_key_base_truncated
# We truncate the 128-byte string to 32 bytes.
Gitlab::Application.secrets.db_key_base[0..31] Gitlab::Application.secrets.db_key_base[0..31]
end end
# This should be used for :per_attribute_salt_and_iv mode. There is no
# need to truncate the key because the encryptor will use the salt to
# generate a hash of the password:
# https://github.com/attr-encrypted/encryptor/blob/c3a62c4a9e74686dd95e0548f9dc2a361fdc95d1/lib/encryptor.rb#L77
def attr_encrypted_db_key_base
Gitlab::Application.secrets.db_key_base
end
private private
def base_url(config) def base_url(config)
......
...@@ -48,7 +48,7 @@ class MigrateKubernetesServiceToNewClustersArchitectures < ActiveRecord::Migrati ...@@ -48,7 +48,7 @@ class MigrateKubernetesServiceToNewClustersArchitectures < ActiveRecord::Migrati
attr_encrypted :token, attr_encrypted :token,
mode: :per_attribute_iv, mode: :per_attribute_iv,
key: Settings.attr_encrypted_db_key_base, key: Settings.attr_encrypted_db_key_base_truncated,
algorithm: 'aes-256-cbc' algorithm: 'aes-256-cbc'
end end
......
...@@ -38,7 +38,7 @@ module API ...@@ -38,7 +38,7 @@ module API
merge_requests = MergeRequestsFinder.new(current_user, args).execute merge_requests = MergeRequestsFinder.new(current_user, args).execute
.reorder(args[:order_by] => args[:sort]) .reorder(args[:order_by] => args[:sort])
merge_requests = paginate(merge_requests) merge_requests = paginate(merge_requests)
.preload(:target_project) .preload(:source_project, :target_project)
return merge_requests if args[:view] == 'simple' return merge_requests if args[:view] == 'simple'
......
...@@ -3,7 +3,12 @@ require 'spec_helper' ...@@ -3,7 +3,12 @@ require 'spec_helper'
describe Gitlab::CycleAnalytics::UsageData do describe Gitlab::CycleAnalytics::UsageData do
describe '#to_json' do describe '#to_json' do
before do before do
Timecop.freeze do # Since git commits only have second precision, round up to the
# nearest second to ensure we have accurate median and standard
# deviation calculations.
current_time = Time.at(Time.now.to_i)
Timecop.freeze(current_time) do
user = create(:user, :admin) user = create(:user, :admin)
projects = create_list(:project, 2, :repository) projects = create_list(:project, 2, :repository)
...@@ -37,13 +42,7 @@ describe Gitlab::CycleAnalytics::UsageData do ...@@ -37,13 +42,7 @@ describe Gitlab::CycleAnalytics::UsageData do
expected_values.each_pair do |op, value| expected_values.each_pair do |op, value|
expect(stage_values).to have_key(op) expect(stage_values).to have_key(op)
expect(stage_values[op]).to eq(value)
if op == :missing
expect(stage_values[op]).to eq(value)
else
# delta is used because of git timings that Timecop does not stub
expect(stage_values[op].to_i).to be_within(5).of(value.to_i)
end
end end
end end
end end
...@@ -58,8 +57,8 @@ describe Gitlab::CycleAnalytics::UsageData do ...@@ -58,8 +57,8 @@ describe Gitlab::CycleAnalytics::UsageData do
missing: 0 missing: 0
}, },
plan: { plan: {
average: 2, average: 1,
sd: 2, sd: 0,
missing: 0 missing: 0
}, },
code: { code: {
......
...@@ -4,12 +4,12 @@ module CycleAnalyticsHelpers ...@@ -4,12 +4,12 @@ module CycleAnalyticsHelpers
create_commit("Commit for ##{issue.iid}", issue.project, user, branch_name) create_commit("Commit for ##{issue.iid}", issue.project, user, branch_name)
end end
def create_commit(message, project, user, branch_name, count: 1) def create_commit(message, project, user, branch_name, count: 1, commit_time: nil, skip_push_handler: false)
repository = project.repository repository = project.repository
oldrev = repository.commit(branch_name).sha oldrev = repository.commit(branch_name)&.sha || Gitlab::Git::BLANK_SHA
if Timecop.frozen? && Gitlab::GitalyClient.feature_enabled?(:operation_user_commit_files) if Timecop.frozen? && Gitlab::GitalyClient.feature_enabled?(:operation_user_commit_files)
mock_gitaly_multi_action_dates(repository.raw) mock_gitaly_multi_action_dates(repository.raw, commit_time)
end end
commit_shas = Array.new(count) do |index| commit_shas = Array.new(count) do |index|
...@@ -19,6 +19,8 @@ module CycleAnalyticsHelpers ...@@ -19,6 +19,8 @@ module CycleAnalyticsHelpers
commit_sha commit_sha
end end
return if skip_push_handler
GitPushService.new(project, GitPushService.new(project,
user, user,
oldrev: oldrev, oldrev: oldrev,
...@@ -44,13 +46,11 @@ module CycleAnalyticsHelpers ...@@ -44,13 +46,11 @@ module CycleAnalyticsHelpers
project.repository.add_branch(user, source_branch, 'master') project.repository.add_branch(user, source_branch, 'master')
end end
sha = project.repository.create_file( # Cycle analytic specs often test with frozen times, which causes metrics to be
user, # pinned to the current time. For example, in the plan stage, we assume that an issue
generate(:branch), # milestone has been created before any code has been written. We add a second
'content', # to ensure that the plan time is positive.
message: commit_message, create_commit(commit_message, project, user, source_branch, commit_time: Time.now + 1.second, skip_push_handler: true)
branch_name: source_branch)
project.repository.commit(sha)
opts = { opts = {
title: 'Awesome merge_request', title: 'Awesome merge_request',
...@@ -116,9 +116,9 @@ module CycleAnalyticsHelpers ...@@ -116,9 +116,9 @@ module CycleAnalyticsHelpers
protected: false) protected: false)
end end
def mock_gitaly_multi_action_dates(raw_repository) def mock_gitaly_multi_action_dates(raw_repository, commit_time)
allow(raw_repository).to receive(:multi_action).and_wrap_original do |m, *args| allow(raw_repository).to receive(:multi_action).and_wrap_original do |m, *args|
new_date = Time.now new_date = commit_time || Time.now
branch_update = m.call(*args) branch_update = m.call(*args)
if branch_update.newrev if branch_update.newrev
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment