Added maintenance mode configuration to application settings

Maintenance mode is a Geo feature and is under feature flag

Added maintenance mode configuration to application settings
Maintenance mode is a Geo feature and is under feature flag
786bbfeb · Gabriel Mazetto · Ash McKenzie · 41f5da1d · 786bbfeb · 786bbfeb
Commit 786bbfeb authored Jun 29, 2020 by Gabriel Mazetto Committed by Ash McKenzie Jul 16, 2020
10 changed files
--- a/db/migrate/20200628210938_add_maintenance_mode_application_to_settings.rb
+++ b/db/migrate/20200628210938_add_maintenance_mode_application_to_settings.rb
+# frozen_string_literal: true
+class AddMaintenanceModeApplicationToSettings < ActiveRecord::Migration[6.0]
+  include Gitlab::Database::MigrationHelpers
+  DOWNTIME = false
+  disable_ddl_transaction!
+  def up
+    unless column_exists?(:application_settings, :maintenance_mode)
+      change_table :application_settings do |t|
+        t.boolean :maintenance_mode, default: false, null: false
+        t.text :maintenance_mode_message
+      end
+    end
+    add_text_limit(:application_settings, :maintenance_mode_message, 255)
+  end
+  def down
+    if column_exists?(:application_settings, :maintenance_mode)
+      remove_column :application_settings, :maintenance_mode
+    end
+    if column_exists?(:application_settings, :maintenance_mode_message)
+      remove_column :application_settings, :maintenance_mode_message
+    end
+  end
+end
--- a/db/structure.sql
+++ b/db/structure.sql
@@ -9170,7 +9170,10 @@ CREATE TABLE public.application_settings (
    group_import_limit integer DEFAULT 6 NOT NULL,
    group_export_limit integer DEFAULT 6 NOT NULL,
    group_download_export_limit integer DEFAULT 1 NOT NULL,
+    maintenance_mode boolean DEFAULT false NOT NULL,
+    maintenance_mode_message text,
    CONSTRAINT check_51700b31b5 CHECK ((char_length(default_branch_name) <= 255)),
+    CONSTRAINT check_9c6c447a13 CHECK ((char_length(maintenance_mode_message) <= 255)),
    CONSTRAINT check_d03919528d CHECK ((char_length(container_registry_vendor) <= 255)),
    CONSTRAINT check_d820146492 CHECK ((char_length(spam_check_endpoint_url) <= 255)),
    CONSTRAINT check_e5aba18f02 CHECK ((char_length(container_registry_version) <= 255))
@@ -23741,6 +23744,7 @@ COPY "schema_migrations" (version) FROM STDIN;
 20200625190458
 20200626060151
 20200626130220
+20200628210938
 20200629192638
 20200630091656
 20200630110826

--- a/doc/api/settings.md
+++ b/doc/api/settings.md
@@ -291,6 +291,8 @@ are listed in the descriptions of the relevant settings.
 | `mirror_max_capacity`                    | integer          | no                                   | **(PREMIUM)** Maximum number of mirrors that can be synchronizing at the same time. |
 | `mirror_max_delay`                       | integer          | no                                   | **(PREMIUM)** Maximum time (in minutes) between updates that a mirror can have when scheduled to synchronize. |
 | `npm_package_requests_forwarding`        | boolean          | no                                   | **(PREMIUM)** Use npmjs.org as a default remote repository when the package is not found in the GitLab NPM Registry  |
+| `maintenance_mode`                       | boolean          | no                                   | **(PREMIUM)** When instance is in maintenance mode, non-admin users can sign in with read-only access and make read-only API requests |
+| `maintenance_mode_message`               | string           | no                                   | **(PREMIUM)** Message displayed when instance is in maintenance mode |
 | `outbound_local_requests_whitelist`      | array of strings | no                                   | Define a list of trusted domains or ip addresses to which local requests are allowed when local requests for hooks and services are disabled.
 | `pages_domain_verification_enabled`      | boolean          | no                                   | Require users to prove ownership of custom domains. Domain verification is an essential security measure for public GitLab sites. Users are required to demonstrate they control a domain before it is enabled. |
 | `password_authentication_enabled_for_git` | boolean         | no                                   | Enable authentication for Git over HTTP(S) via a GitLab account password. Default is `true`. |

--- a/ee/app/controllers/ee/admin/application_settings_controller.rb
+++ b/ee/app/controllers/ee/admin/application_settings_controller.rb
@@ -22,7 +22,7 @@ module EE
        define_method(action) { perform_update if submitted? }
      end
-      # rubocop:disable Metrics/CyclomaticComplexity
+      # rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
      def visible_application_setting_attributes
        attrs = super
@@ -78,9 +78,14 @@ module EE
          attrs << :group_owners_can_manage_default_branch_protection
        end
+        if License.feature_available?(:geo)
+          attrs << :maintenance_mode
+          attrs << :maintenance_mode_message
+        end
        attrs
      end
-      # rubocop:enable Metrics/CyclomaticComplexity
+      # rubocop:enable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
      def seat_link_payload
        data = ::Gitlab::SeatLinkData.new

--- a/ee/app/helpers/ee/application_settings_helper.rb
+++ b/ee/app/helpers/ee/application_settings_helper.rb
@@ -99,6 +99,8 @@ module EE
        deletion_adjourned_period
        updating_name_disabled_for_users
        npm_package_requests_forwarding
+        maintenance_mode
+        maintenance_mode_message
      ]
    end

--- a/ee/lib/ee/api/entities/application_setting.rb
+++ b/ee/lib/ee/api/entities/application_setting.rb
@@ -20,6 +20,8 @@ module EE
          expose :updating_name_disabled_for_users, if: ->(_instance, _opts) { ::License.feature_available?(:disable_name_update_for_users) }
          expose :npm_package_requests_forwarding, if: ->(_instance, _opts) { ::License.feature_available?(:packages) }
          expose :group_owners_can_manage_default_branch_protection, if: ->(_instance, _opts) { ::License.feature_available?(:default_branch_protection_restriction_in_groups) }
+          expose :maintenance_mode, if: ->(_instance, _opts) { ::License.feature_available?(:geo) }
+          expose :maintenance_mode_message, if: ->(_instance, _opts) { ::License.feature_available?(:geo) }
        end
      end
    end

--- a/ee/lib/ee/api/helpers/settings_helpers.rb
+++ b/ee/lib/ee/api/helpers/settings_helpers.rb
@@ -44,6 +44,8 @@ module EE
            optional :prevent_merge_requests_committers_approval, type: Grape::API::Boolean, desc: 'Disable Merge request committer ability to approve request.'
            optional :npm_package_requests_forwarding, type: Grape::API::Boolean, desc: 'NPM package requests are forwarded to npmjs.org if not found on GitLab.'
            optional :group_owners_can_manage_default_branch_protection, type: Grape::API::Boolean, desc: 'Allow owners to manage default branch protection in groups'
+            optional :maintenance_mode, type: Grape::API::Boolean, desc: 'When instance is in maintenance mode, non-admin users can sign in with read-only access and make read-only API requests'
+            optional :maintenance_mode_message, type: String, desc: 'Message displayed when instance is in maintenance mode'
          end
        end

--- a/ee/lib/ee/api/settings.rb
+++ b/ee/lib/ee/api/settings.rb
@@ -47,6 +47,10 @@ module EE
              attrs = attrs.except(:group_owners_can_manage_default_branch_protection)
            end
+            unless License.feature_available?(:geo)
+              attrs = attrs.except(:maintenance_mode, :maintenance_mode_message)
+            end
            attrs
          end
        end

--- a/ee/spec/controllers/admin/application_settings_controller_spec.rb
+++ b/ee/spec/controllers/admin/application_settings_controller_spec.rb
@@ -125,6 +125,18 @@ RSpec.describe Admin::ApplicationSettingsController do
      it_behaves_like 'settings for licensed features'
    end
+    context 'updating maintenance mode setting' do
+      let(:settings) do
+        {
+          maintenance_mode: true,
+          maintenance_mode_message: 'GitLab is in maintenance'
+        }
+      end
+      let(:feature) { :geo }
+      it_behaves_like 'settings for licensed features'
+    end
    context 'project deletion adjourned period' do
      let(:settings) { { deletion_adjourned_period: 6 } }
      let(:feature) { :adjourned_deletion_for_projects_and_groups }

--- a/ee/spec/requests/api/settings_spec.rb
+++ b/ee/spec/requests/api/settings_spec.rb
@@ -190,4 +190,16 @@ RSpec.describe API::Settings, 'EE Settings' do
    it_behaves_like 'settings for licensed features'
  end
+  context 'maintenance mode' do
+    let(:settings) do
+      {
+        maintenance_mode: true,
+        maintenance_mode_message: 'GitLab is in maintenance'
+      }
+    end
+    let(:feature) { :geo }
+    it_behaves_like 'settings for licensed features'
+  end
 end