Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
86021d06
Commit
86021d06
authored
Nov 24, 2020
by
Jan Beckmann
Committed by
Imre Farkas
Nov 24, 2020
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Steal MigrateU2fWebauthn background migration
parent
e67656f5
Changes
7
Show whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
105 additions
and
2 deletions
+105
-2
changelogs/unreleased/232670-steal-webauthn-background-migration.yml
...unreleased/232670-steal-webauthn-background-migration.yml
+5
-0
db/migrate/20201117075742_change_webauthn_xid_length.rb
db/migrate/20201117075742_change_webauthn_xid_length.rb
+18
-0
db/post_migrate/20201026185514_ensure_u2f_registrations_migrated.rb
...grate/20201026185514_ensure_u2f_registrations_migrated.rb
+37
-0
db/schema_migrations/20201026185514
db/schema_migrations/20201026185514
+1
-0
db/schema_migrations/20201117075742
db/schema_migrations/20201117075742
+1
-0
db/structure.sql
db/structure.sql
+2
-2
spec/migrations/ensure_u2f_registrations_migrated_spec.rb
spec/migrations/ensure_u2f_registrations_migrated_spec.rb
+41
-0
No files found.
changelogs/unreleased/232670-steal-webauthn-background-migration.yml
0 → 100644
View file @
86021d06
---
title
:
Cleanup webauthn background migration
merge_request
:
46179
author
:
Jan Beckmann
type
:
added
db/migrate/20201117075742_change_webauthn_xid_length.rb
0 → 100644
View file @
86021d06
# frozen_string_literal: true
class
ChangeWebauthnXidLength
<
ActiveRecord
::
Migration
[
6.0
]
include
Gitlab
::
Database
::
MigrationHelpers
DOWNTIME
=
false
disable_ddl_transaction!
def
up
add_text_limit
:webauthn_registrations
,
:credential_xid
,
340
,
constraint_name:
check_constraint_name
(
:webauthn_registrations
,
:credential_xid
,
'max_length_v2'
)
remove_text_limit
:webauthn_registrations
,
:credential_xid
,
constraint_name:
check_constraint_name
(
:webauthn_registrations
,
:credential_xid
,
'max_length'
)
end
def
down
# no-op: Danger of failling if there are records with length(credential_xid) > 255
end
end
db/post_migrate/20201026185514_ensure_u2f_registrations_migrated.rb
0 → 100644
View file @
86021d06
# frozen_string_literal: true
class
EnsureU2fRegistrationsMigrated
<
ActiveRecord
::
Migration
[
6.0
]
include
Gitlab
::
Database
::
MigrationHelpers
BACKGROUND_MIGRATION_CLASS
=
'MigrateU2fWebauthn'
BATCH_SIZE
=
100
DOWNTIME
=
false
disable_ddl_transaction!
class
U2fRegistration
<
ActiveRecord
::
Base
include
EachBatch
self
.
table_name
=
'u2f_registrations'
end
def
up
Gitlab
::
BackgroundMigration
.
steal
(
BACKGROUND_MIGRATION_CLASS
)
# Do a manual update in case we lost BG jobs. The expected record count should be 0 or very low.
U2fRegistration
.
joins
(
"LEFT JOIN webauthn_registrations ON webauthn_registrations.u2f_registration_id = u2f_registrations.id"
)
.
where
(
"webauthn_registrations.u2f_registration_id IS NULL"
)
.
each_batch
(
of:
BATCH_SIZE
)
do
|
batch
,
index
|
batch
.
each
do
|
record
|
Gitlab
::
BackgroundMigration
::
MigrateU2fWebauthn
.
new
.
perform
(
record
.
id
,
record
.
id
)
rescue
=>
e
Gitlab
::
ErrorTracking
.
track_exception
(
e
,
u2f_registration_id:
record
.
id
)
end
end
end
def
down
# no-op (we can't "unsteal" migrations)
end
end
db/schema_migrations/20201026185514
0 → 100644
View file @
86021d06
a9ae0161c40b9c72371d6eb992bd0da8c3698e7784357faac0821e3f513e48d2
\ No newline at end of file
db/schema_migrations/20201117075742
0 → 100644
View file @
86021d06
a39bad8b213833c84370cf64188a3ce444fd8aeeff239c29f5f2f633d94ac6bb
\ No newline at end of file
db/structure.sql
View file @
86021d06
...
...
@@ -17571,8 +17571,8 @@ CREATE TABLE webauthn_registrations (
name
text
NOT
NULL
,
public_key
text
NOT
NULL
,
u2f_registration_id
integer
,
CONSTRAINT
check_2
42f0cc65c
CHECK
((
char_length
(
credential_xid
)
<=
255
)),
CONSTRAINT
check_
2f02e74321
CHECK
((
char_length
(
name
)
<=
255
))
CONSTRAINT
check_2
f02e74321
CHECK
((
char_length
(
name
)
<=
255
)),
CONSTRAINT
check_
e54008d9ce
CHECK
((
char_length
(
credential_xid
)
<=
340
))
);
CREATE
SEQUENCE
webauthn_registrations_id_seq
...
...
spec/migrations/ensure_u2f_registrations_migrated_spec.rb
0 → 100644
View file @
86021d06
# frozen_string_literal: true
require
'spec_helper'
require
Rails
.
root
.
join
(
'db'
,
'post_migrate'
,
'20201026185514_ensure_u2f_registrations_migrated.rb'
)
RSpec
.
describe
EnsureU2fRegistrationsMigrated
,
schema:
20201022144501
do
let
(
:u2f_registrations
)
{
table
(
:u2f_registrations
)
}
let
(
:webauthn_registrations
)
{
table
(
:webauthn_registrations
)
}
let
(
:users
)
{
table
(
:users
)
}
let
(
:user
)
{
users
.
create!
(
email:
'email@email.com'
,
name:
'foo'
,
username:
'foo'
,
projects_limit:
0
)
}
before
do
create_u2f_registration
(
1
,
'reg1'
)
create_u2f_registration
(
2
,
'reg2'
)
webauthn_registrations
.
create!
({
name:
'reg1'
,
u2f_registration_id:
1
,
credential_xid:
''
,
public_key:
''
,
user_id:
user
.
id
})
end
it
'correctly migrates u2f registrations previously not migrated'
do
expect
{
migrate!
}.
to
change
{
webauthn_registrations
.
count
}.
from
(
1
).
to
(
2
)
end
it
'migrates all valid u2f registrations depite errors'
do
create_u2f_registration
(
3
,
'reg3'
,
'invalid!'
)
create_u2f_registration
(
4
,
'reg4'
)
expect
{
migrate!
}.
to
change
{
webauthn_registrations
.
count
}.
from
(
1
).
to
(
3
)
end
def
create_u2f_registration
(
id
,
name
,
public_key
=
nil
)
device
=
U2F
::
FakeU2F
.
new
(
FFaker
::
BaconIpsum
.
characters
(
5
),
{
key_handle:
SecureRandom
.
random_bytes
(
255
)
})
public_key
||=
Base64
.
strict_encode64
(
device
.
origin_public_key_raw
)
u2f_registrations
.
create!
({
id:
id
,
certificate:
Base64
.
strict_encode64
(
device
.
cert_raw
),
key_handle:
U2F
.
urlsafe_encode64
(
device
.
key_handle_raw
),
public_key:
public_key
,
counter:
5
,
name:
name
,
user_id:
user
.
id
})
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment