Skip to content
Snippets Groups Projects
Commit 11907981 authored by Vasilli Iakliushin's avatar Vasilli Iakliushin
Browse files

Increase the string limits for regex fields in push_rules 

Contributes to https://gitlab.com/gitlab-org/gitlab/-/issues/423445

**Problem**

We have a discrepancy between GitLab database and `db/structure.sql`.
GitLab database contains 255 character limit for regex fields. But this
limit is missing for self-hosted instances and GDK.

**Solution**

Recently we added a Rails validation to prevent regex longer than 511
characters (https://gitlab.com/gitlab-org/gitlab/-/merge_requests/128153).

We can migrate existing columns to match this limit.

It's a three step migration:

1. Add NOT VALID CHECK to verify length of regex fields
2. Validate regex fields
3. Remove any char limits from regex fields

Changelog: changed
EE: true
parent f05e2ae0
Branches minac_simplify_security_training_specs
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 93 additions and 3 deletions
db/migrate/20230828153646_extend_push_rules_regex_limits.rb 0 → 100644
+ 38
0
View file @ 11907981
# frozen_string_literal: true
class ExtendPushRulesRegexLimits < Gitlab::Database::Migration[2.1]
disable_ddl_transaction!
REGEX_COLUMNS = %i[
force_push_regex
delete_branch_regex
commit_message_regex
author_email_regex
file_name_regex
branch_name_regex
].freeze
LONG_REGEX_COLUMNS = %i[commit_message_negative_regex]
def up
REGEX_COLUMNS.each do |column_name|
add_check_constraint :push_rules, "char_length(#{column_name}) <= 511", "#{column_name}_size_constraint",
validate: false
end
LONG_REGEX_COLUMNS.each do |column_name|
add_check_constraint :push_rules, "char_length(#{column_name}) <= 2047", "#{column_name}_size_constraint",
validate: false
end
end
def down
REGEX_COLUMNS.each do |column_name|
remove_check_constraint :push_rules, "#{column_name}_size_constraint"
end
LONG_REGEX_COLUMNS.each do |column_name|
remove_check_constraint :push_rules, "#{column_name}_size_constraint"
end
end
end
db/migrate/20230830084959_validate_push_rules_constraints.rb 0 → 100644
+ 25
0
View file @ 11907981
# frozen_string_literal: true
class ValidatePushRulesConstraints < Gitlab::Database::Migration[2.1]
disable_ddl_transaction!
REGEX_COLUMNS = %i[
force_push_regex
delete_branch_regex
commit_message_regex
commit_message_negative_regex
author_email_regex
file_name_regex
branch_name_regex
].freeze
def up
REGEX_COLUMNS.each do |column_name|
validate_check_constraint :push_rules, "#{column_name}_size_constraint"
end
end
def down
# No op
end
end
db/migrate/20230830085501_remove_push_rules_regex_limits.rb 0 → 100644
+ 17
0
View file @ 11907981
# frozen_string_literal: true
class RemovePushRulesRegexLimits < Gitlab::Database::Migration[2.1]
def up
change_column :push_rules, :force_push_regex, :string, limit: nil
change_column :push_rules, :delete_branch_regex, :string, limit: nil
change_column :push_rules, :commit_message_regex, :string, limit: nil
change_column :push_rules, :commit_message_negative_regex, :string, limit: nil
change_column :push_rules, :author_email_regex, :string, limit: nil
change_column :push_rules, :file_name_regex, :string, limit: nil
change_column :push_rules, :branch_name_regex, :string, limit: nil
end
def down
# No op
end
end
db/schema_migrations/20230828153646 0 → 100644
+ 1
0
View file @ 11907981
913b2384ea76d9169020253dacf14a51ccb7ebbaee9c9bc62b0e0473734ed981
\ No newline at end of file
db/schema_migrations/20230830084959 0 → 100644
+ 1
0
View file @ 11907981
3469c47c0cd4c86c7d1c9da450493a882d3a5f371fb7b78f49af64a837f989fb
\ No newline at end of file
db/schema_migrations/20230830085501 0 → 100644
+ 1
0
View file @ 11907981
5756f155e295263ea8376b9161c523f9ee39628be289d1939c220852abd4d098
\ No newline at end of file
db/structure.sql
+ 8
1
View file @ 11907981
@@ -22141,7 +22141,14 @@ CREATE TABLE push_rules (
regexp_uses_re2 boolean DEFAULT true,
commit_message_negative_regex character varying,
reject_non_dco_commits boolean,
commit_committer_name_check boolean DEFAULT false NOT NULL
commit_committer_name_check boolean DEFAULT false NOT NULL,
CONSTRAINT author_email_regex_size_constraint CHECK ((char_length((author_email_regex)::text) <= 511)),
CONSTRAINT branch_name_regex_size_constraint CHECK ((char_length((branch_name_regex)::text) <= 511)),
CONSTRAINT commit_message_negative_regex_size_constraint CHECK ((char_length((commit_message_negative_regex)::text) <= 2047)),
CONSTRAINT commit_message_regex_size_constraint CHECK ((char_length((commit_message_regex)::text) <= 511)),
CONSTRAINT delete_branch_regex_size_constraint CHECK ((char_length((delete_branch_regex)::text) <= 511)),
CONSTRAINT file_name_regex_size_constraint CHECK ((char_length((file_name_regex)::text) <= 511)),
CONSTRAINT force_push_regex_size_constraint CHECK ((char_length((force_push_regex)::text) <= 511))
);
 
CREATE SEQUENCE push_rules_id_seq
ee/spec/requests/api/project_push_rule_spec.rb
+ 2
2
View file @ 11907981
@@ -216,8 +216,8 @@
context 'when feature flag "add_validation_for_push_rules" is disabled' do
let(:add_validation_for_push_rules_ff) { false }
 
it 'is successful' do
expect(response).to have_gitlab_http_status(:created)
it 'returns a server error' do
expect(response).to have_gitlab_http_status(:server_error)
end
end
end
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment