Commit be8b80be authored by Yorick Peterse's avatar Yorick Peterse

Don't expose project names in various counters

Various counters would expose either project names, or full project
paths (e.g. "gitlab-org/gitlab-ce"). This commit changes various places
where we use "add_event" so we no longer expose (potentially) private
information.
parent 98c44525
...@@ -50,13 +50,13 @@ class RemoteMirror < ActiveRecord::Base ...@@ -50,13 +50,13 @@ class RemoteMirror < ActiveRecord::Base
state :failed state :failed
after_transition any => :started do |remote_mirror, _| after_transition any => :started do |remote_mirror, _|
Gitlab::Metrics.add_event(:remote_mirrors_running, path: remote_mirror.project.full_path) Gitlab::Metrics.add_event(:remote_mirrors_running)
remote_mirror.update(last_update_started_at: Time.now) remote_mirror.update(last_update_started_at: Time.now)
end end
after_transition started: :finished do |remote_mirror, _| after_transition started: :finished do |remote_mirror, _|
Gitlab::Metrics.add_event(:remote_mirrors_finished, path: remote_mirror.project.full_path) Gitlab::Metrics.add_event(:remote_mirrors_finished)
timestamp = Time.now timestamp = Time.now
remote_mirror.update_attributes!( remote_mirror.update_attributes!(
...@@ -65,7 +65,7 @@ class RemoteMirror < ActiveRecord::Base ...@@ -65,7 +65,7 @@ class RemoteMirror < ActiveRecord::Base
end end
after_transition started: :failed do |remote_mirror, _| after_transition started: :failed do |remote_mirror, _|
Gitlab::Metrics.add_event(:remote_mirrors_failed, path: remote_mirror.project.full_path) Gitlab::Metrics.add_event(:remote_mirrors_failed)
remote_mirror.update(last_update_at: Time.now) remote_mirror.update(last_update_at: Time.now)
end end
......
...@@ -1074,7 +1074,7 @@ class Repository ...@@ -1074,7 +1074,7 @@ class Repository
end end
def repository_event(event, tags = {}) def repository_event(event, tags = {})
Gitlab::Metrics.add_event(event, { path: full_path }.merge(tags)) Gitlab::Metrics.add_event(event, tags)
end end
def initialize_raw_repository def initialize_raw_repository
......
...@@ -22,7 +22,7 @@ module Gitlab ...@@ -22,7 +22,7 @@ module Gitlab
importer_class.new(object, project, client).execute importer_class.new(object, project, client).execute
counter.increment(project: project.full_path) counter.increment
end end
def counter def counter
......
...@@ -21,9 +21,7 @@ class RepositoryForkWorker ...@@ -21,9 +21,7 @@ class RepositoryForkWorker
def fork_repository(target_project, source_repository_storage_name, source_disk_path) def fork_repository(target_project, source_repository_storage_name, source_disk_path)
return unless start_fork(target_project) return unless start_fork(target_project)
Gitlab::Metrics.add_event(:fork_repository, Gitlab::Metrics.add_event(:fork_repository)
source_path: source_disk_path,
target_path: target_project.disk_path)
result = gitlab_shell.fork_repository(source_repository_storage_name, source_disk_path, result = gitlab_shell.fork_repository(source_repository_storage_name, source_disk_path,
target_project.repository_storage, target_project.disk_path) target_project.repository_storage, target_project.disk_path)
......
...@@ -9,9 +9,7 @@ class RepositoryImportWorker ...@@ -9,9 +9,7 @@ class RepositoryImportWorker
return unless start_import(project) return unless start_import(project)
Gitlab::Metrics.add_event(:import_repository, Gitlab::Metrics.add_event(:import_repository)
import_url: project.import_url,
path: project.full_path)
service = Projects::ImportService.new(project, project.creator) service = Projects::ImportService.new(project, project.creator)
result = service.execute result = service.execute
......
---
title: Don't expose project names in various counters
merge_request:
author:
type: security
---
title: Don't expose project names in GitHub counters
merge_request:
author:
type: security
...@@ -273,7 +273,7 @@ module EE ...@@ -273,7 +273,7 @@ module EE
if import? && !repository_exists? if import? && !repository_exists?
super super
elsif mirror? elsif mirror?
::Gitlab::Metrics.add_event(:mirrors_scheduled, path: full_path) ::Gitlab::Metrics.add_event(:mirrors_scheduled)
job_id = RepositoryUpdateMirrorWorker.perform_async(self.id) job_id = RepositoryUpdateMirrorWorker.perform_async(self.id)
log_import_activity(job_id, type: :mirror) log_import_activity(job_id, type: :mirror)
......
...@@ -65,7 +65,7 @@ class RepositoryUpdateMirrorWorker ...@@ -65,7 +65,7 @@ class RepositoryUpdateMirrorWorker
project.mark_import_as_failed(message) project.mark_import_as_failed(message)
Rails.logger.error("Mirror update for #{project.full_path} failed with the following message: #{message}") Rails.logger.error("Mirror update for #{project.full_path} failed with the following message: #{message}")
Gitlab::Metrics.add_event(:mirrors_failed, path: project.full_path) Gitlab::Metrics.add_event(:mirrors_failed)
end end
def finish_mirror(project) def finish_mirror(project)
...@@ -74,8 +74,7 @@ class RepositoryUpdateMirrorWorker ...@@ -74,8 +74,7 @@ class RepositoryUpdateMirrorWorker
Rails.logger.info("Mirror update for #{project.full_path} successfully finished. Update duration: #{project.mirror_update_duration}}.") Rails.logger.info("Mirror update for #{project.full_path} successfully finished. Update duration: #{project.mirror_update_duration}}.")
Gitlab::Metrics.add_event_with_values( Gitlab::Metrics.add_event_with_values(
:mirrors_finished, :mirrors_finished,
{ duration: project.mirror_update_duration }, { duration: project.mirror_update_duration })
{ path: project.full_path })
metric_mirror_update_duration_seconds.observe({}, project.mirror_update_duration) metric_mirror_update_duration_seconds.observe({}, project.mirror_update_duration)
end end
......
---
title: Don't expose project names in EE counters
merge_request:
author:
type: security
...@@ -101,8 +101,7 @@ module API ...@@ -101,8 +101,7 @@ module API
if result.valid? if result.valid?
if result.build if result.build
Gitlab::Metrics.add_event(:build_found, Gitlab::Metrics.add_event(:build_found)
project: result.build.project.full_path)
present result.build, with: Entities::JobRequest::Response present result.build, with: Entities::JobRequest::Response
else else
Gitlab::Metrics.add_event(:build_not_found) Gitlab::Metrics.add_event(:build_not_found)
...@@ -133,8 +132,7 @@ module API ...@@ -133,8 +132,7 @@ module API
job.trace.set(params[:trace]) if params[:trace] job.trace.set(params[:trace]) if params[:trace]
Gitlab::Metrics.add_event(:update_build, Gitlab::Metrics.add_event(:update_build)
project: job.project.full_path)
case params[:state].to_s case params[:state].to_s
when 'running' when 'running'
......
...@@ -36,10 +36,6 @@ module Gitlab ...@@ -36,10 +36,6 @@ module Gitlab
@project ||= Project.find_by_full_path(project_path) @project ||= Project.find_by_full_path(project_path)
end end
def metrics_params
super.merge(project: project&.full_path)
end
private private
def create_issue def create_issue
......
...@@ -40,10 +40,6 @@ module Gitlab ...@@ -40,10 +40,6 @@ module Gitlab
@project ||= Project.find_by_full_path(project_path) @project ||= Project.find_by_full_path(project_path)
end end
def metrics_params
super.merge(project: project&.full_path)
end
private private
def create_merge_request def create_merge_request
......
...@@ -28,10 +28,6 @@ module Gitlab ...@@ -28,10 +28,6 @@ module Gitlab
record_name: 'comment') record_name: 'comment')
end end
def metrics_params
super.merge(project: project&.full_path)
end
private private
def author def author
......
...@@ -20,10 +20,6 @@ module Gitlab ...@@ -20,10 +20,6 @@ module Gitlab
noteable.unsubscribe(sent_notification.recipient) noteable.unsubscribe(sent_notification.recipient)
end end
def metrics_params
super.merge(project: project&.full_path)
end
private private
def sent_notification def sent_notification
......
...@@ -43,7 +43,7 @@ module Gitlab ...@@ -43,7 +43,7 @@ module Gitlab
Rails.logger Rails.logger
.info("GitHub importer finished updating repository for #{pname}") .info("GitHub importer finished updating repository for #{pname}")
repository_updates_counter.increment(project: pname) repository_updates_counter.increment
end end
def update_repository?(pr) def update_repository?(pr)
......
...@@ -158,7 +158,6 @@ describe Gitlab::GithubImport::Importer::PullRequestsImporter do ...@@ -158,7 +158,6 @@ describe Gitlab::GithubImport::Importer::PullRequestsImporter do
expect(importer.repository_updates_counter) expect(importer.repository_updates_counter)
.to receive(:increment) .to receive(:increment)
.with(project: project.path_with_namespace)
.and_call_original .and_call_original
Timecop.freeze do Timecop.freeze do
......
...@@ -51,7 +51,6 @@ describe Gitlab::GithubImport::ObjectImporter do ...@@ -51,7 +51,6 @@ describe Gitlab::GithubImport::ObjectImporter do
expect(worker.counter) expect(worker.counter)
.to receive(:increment) .to receive(:increment)
.with(project: 'foo/bar')
.and_call_original .and_call_original
worker.import(project, client, { 'number' => 10 }) worker.import(project, client, { 'number' => 10 })
......
...@@ -33,7 +33,6 @@ describe Gitlab::GithubImport::ImportDiffNoteWorker do ...@@ -33,7 +33,6 @@ describe Gitlab::GithubImport::ImportDiffNoteWorker do
expect(worker.counter) expect(worker.counter)
.to receive(:increment) .to receive(:increment)
.with(project: 'foo/bar')
.and_call_original .and_call_original
worker.import(project, client, hash) worker.import(project, client, hash)
......
...@@ -36,7 +36,6 @@ describe Gitlab::GithubImport::ImportIssueWorker do ...@@ -36,7 +36,6 @@ describe Gitlab::GithubImport::ImportIssueWorker do
expect(worker.counter) expect(worker.counter)
.to receive(:increment) .to receive(:increment)
.with(project: 'foo/bar')
.and_call_original .and_call_original
worker.import(project, client, hash) worker.import(project, client, hash)
......
...@@ -31,7 +31,6 @@ describe Gitlab::GithubImport::ImportNoteWorker do ...@@ -31,7 +31,6 @@ describe Gitlab::GithubImport::ImportNoteWorker do
expect(worker.counter) expect(worker.counter)
.to receive(:increment) .to receive(:increment)
.with(project: 'foo/bar')
.and_call_original .and_call_original
worker.import(project, client, hash) worker.import(project, client, hash)
......
...@@ -42,7 +42,6 @@ describe Gitlab::GithubImport::ImportPullRequestWorker do ...@@ -42,7 +42,6 @@ describe Gitlab::GithubImport::ImportPullRequestWorker do
expect(worker.counter) expect(worker.counter)
.to receive(:increment) .to receive(:increment)
.with(project: 'foo/bar')
.and_call_original .and_call_original
worker.import(project, client, hash) worker.import(project, client, hash)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment