feat: inject GitLab namespace and project IDs into CGS/CDN signed URLs
What does this MR do?
Related to https://gitlab.com/gitlab-org/container-registry/-/issues/1214+.
CI tests
Both CDN and GCS integration tests are clear.
Local tests
CDN
❯ echo "eyJraWQiOiI0NUVXOjQ2Uzc6WlZBRzpKTFpBOkNUTFY6V1Q0NzpZQkJLOkZZVEk6VURRTzpXVkFCOktRVlQ6UlhOQiIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6ImdpdGxhYi1vcmcvZ2l0bGFiLXRlc3QiLCJhY3Rpb25zIjpbInB1bGwiXSwibWV0YSI6eyJwcm9qZWN0X3BhdGgiOiJnaXRsYWItb3JnL2dpdGxhYi10ZXN0IiwicHJvamVjdF9pZCI6Miwicm9vdF9uYW1lc3BhY2VfaWQiOjI0fX1dLCJqdGkiOiI0ZGQyMTI5Yi0xNDAwLTQ3OTgtYTkxMS00ODU5NjQxZjhiODAiLCJhdWQiOiJjb250YWluZXJfcmVnaXN0cnkiLCJpc3MiOiJnaXRsYWItaXNzdWVyIiwiaWF0IjoxNzEyMTU1MTkzLCJuYmYiOjE3MTIxNTUxODgsImV4cCI6MTcxMjE1NTQ5M30.LLM525aOibhG5FMIWrtw5-y5WHIDuwBYZalloU9m9VAWRIq4Y9V1egSmEB6QuXMyiq0vkOjDVIhddvXbJOCDQMvKnlvtV_yLFSBXxtjjsrnlckMqLSVAafMTZZBZmURa45AZC26CnsPZdce7ztoegnslSoK_tZ5_5OyX-XpZ_ReJjFw-rfe235dBr-VH-l2VOR_t1H-Ewf7-WeYqKoIFuCGy1jooFJ3ZXK3IrhSRZSrm3hGkx6V11DiLADRaQR8lqI7UfCwdym0xmqkkFCFkJ2fOF0JJ0YuxMltavqtlIGyxubq0hNJ4G9GtOc-XZz0Kmc5KPvU6iW8gbkwiR-X0GA" | jwt decode -
Token header
------------
{
"typ": "JWT",
"alg": "RS256",
"kid": "45EW:46S7:ZVAG:JLZA:CTLV:WT47:YBBK:FYTI:UDQO:WVAB:KQVT:RXNB"
}
Token claims
------------
{
"access": [
{
"actions": [
"pull"
],
"meta": {
"project_id": 2,
"project_path": "gitlab-org/gitlab-test",
"root_namespace_id": 24
},
"name": "gitlab-org/gitlab-test",
"type": "repository"
}
],
"aud": "container_registry",
"exp": 1712155493,
"iat": 1712155193,
"iss": "gitlab-issuer",
"jti": "4dd2129b-1400-4798-a911-4859641f8b80",
"nbf": 1712155188
}
❯ http registry.test:5000/v2/gitlab-org/gitlab-test/blobs/sha256:8fc740d8c40e45ea330a3f324fe009148dfc1f771bc90254eaf8ff8bbcecfe02 Authorization:"Bearer eyJraWQiOiI0NUVXOjQ2Uzc6WlZBRzpKTFpBOkNUTFY6V1Q0NzpZQkJLOkZZVEk6VURRTzpXVkFCOktRVlQ6UlhOQiIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6ImdpdGxhYi1vcmcvZ2l0bGFiLXRlc3QiLCJhY3Rpb25zIjpbInB1bGwiXSwibWV0YSI6eyJwcm9qZWN0X3BhdGgiOiJnaXRsYWItb3JnL2dpdGxhYi10ZXN0IiwicHJvamVjdF9pZCI6Miwicm9vdF9uYW1lc3BhY2VfaWQiOjI0fX1dLCJqdGkiOiI0ZGQyMTI5Yi0xNDAwLTQ3OTgtYTkxMS00ODU5NjQxZjhiODAiLCJhdWQiOiJjb250YWluZXJfcmVnaXN0cnkiLCJpc3MiOiJnaXRsYWItaXNzdWVyIiwiaWF0IjoxNzEyMTU1MTkzLCJuYmYiOjE3MTIxNTUxODgsImV4cCI6MTcxMjE1NTQ5M30.LLM525aOibhG5FMIWrtw5-y5WHIDuwBYZalloU9m9VAWRIq4Y9V1egSmEB6QuXMyiq0vkOjDVIhddvXbJOCDQMvKnlvtV_yLFSBXxtjjsrnlckMqLSVAafMTZZBZmURa45AZC26CnsPZdce7ztoegnslSoK_tZ5_5OyX-XpZ_ReJjFw-rfe235dBr-VH-l2VOR_t1H-Ewf7-WeYqKoIFuCGy1jooFJ3ZXK3IrhSRZSrm3hGkx6V11DiLADRaQR8lqI7UfCwdym0xmqkkFCFkJ2fOF0JJ0YuxMltavqtlIGyxubq0hNJ4G9GtOc-XZz0Kmc5KPvU6iW8gbkwiR-X0GA"
HTTP/1.1 307 Temporary Redirect
Content-Length: 585
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Apr 2024 14:43:27 GMT
Docker-Distribution-Api-Version: registry/2.0
Location: https://container-registry-cdn.go-gitlab.com/docker/registry/v2/blobs/sha256/8f/8fc740d8c40e45ea330a3f324fe009148dfc1f771bc90254eaf8ff8bbcecfe02/data?URLPrefix=aHR0cHM6Ly9jb250YWluZXItcmVnaXN0cnktY2RuLmdvLWdpdGxhYi5jb20vZG9ja2VyL3JlZ2lzdHJ5L3YyL2Jsb2JzL3NoYTI1Ni84Zi84ZmM3NDBkOGM0MGU0NWVhMzMwYTNmMzI0ZmUwMDkxNDhkZmMxZjc3MWJjOTAyNTRlYWY4ZmY4YmJjZWNmZTAyL2RhdGE=&Expires=1712155467&KeyName=jpereira-container-registry-key2&Signature=6R_E0ZJ-YOHqNFn4c79qGF_fBsU=&gitlab-namespace-id=24&gitlab-project-id=2&gitlab-size-bytes=1472
X-Content-Type-Options: nosniff
<a href="https://container-registry-cdn.go-gitlab.com/docker/registry/v2/blobs/sha256/8f/8fc740d8c40e45ea330a3f324fe009148dfc1f771bc90254eaf8ff8bbcecfe02/data?URLPrefix=aHR0cHM6Ly9jb250YWluZXItcmVnaXN0cnktY2RuLmdvLWdpdGxhYi5jb20vZG9ja2VyL3JlZ2lzdHJ5L3YyL2Jsb2JzL3NoYTI1Ni84Zi84ZmM3NDBkOGM0MGU0NWVhMzMwYTNmMzI0ZmUwMDkxNDhkZmMxZjc3MWJjOTAyNTRlYWY4ZmY4YmJjZWNmZTAyL2RhdGE=&Expires=1712155467&KeyName=jpereira-container-registry-key2&Signature=6R_E0ZJ-YOHqNFn4c79qGF_fBsU=&gitlab-namespace-id=24&gitlab-project-id=2&gitlab-size-bytes=1472">Temporary Redirect</a>.
❯ http -F registry.test:5000/v2/gitlab-org/gitlab-test/blobs/sha256:8fc740d8c40e45ea330a3f324fe009148dfc1f771bc90254eaf8ff8bbcecfe02 Authorization:"Bearer eyJraWQiOiI0NUVXOjQ2Uzc6WlZBRzpKTFpBOkNUTFY6V1Q0NzpZQkJLOkZZVEk6VURRTzpXVkFCOktRVlQ6UlhOQiIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6ImdpdGxhYi1vcmcvZ2l0bGFiLXRlc3QiLCJhY3Rpb25zIjpbInB1bGwiXSwibWV0YSI6eyJwcm9qZWN0X3BhdGgiOiJnaXRsYWItb3JnL2dpdGxhYi10ZXN0IiwicHJvamVjdF9pZCI6Miwicm9vdF9uYW1lc3BhY2VfaWQiOjI0fX1dLCJqdGkiOiI0ZGQyMTI5Yi0xNDAwLTQ3OTgtYTkxMS00ODU5NjQxZjhiODAiLCJhdWQiOiJjb250YWluZXJfcmVnaXN0cnkiLCJpc3MiOiJnaXRsYWItaXNzdWVyIiwiaWF0IjoxNzEyMTU1MTkzLCJuYmYiOjE3MTIxNTUxODgsImV4cCI6MTcxMjE1NTQ5M30.LLM525aOibhG5FMIWrtw5-y5WHIDuwBYZalloU9m9VAWRIq4Y9V1egSmEB6QuXMyiq0vkOjDVIhddvXbJOCDQMvKnlvtV_yLFSBXxtjjsrnlckMqLSVAafMTZZBZmURa45AZC26CnsPZdce7ztoegnslSoK_tZ5_5OyX-XpZ_ReJjFw-rfe235dBr-VH-l2VOR_t1H-Ewf7-WeYqKoIFuCGy1jooFJ3ZXK3IrhSRZSrm3hGkx6V11DiLADRaQR8lqI7UfCwdym0xmqkkFCFkJ2fOF0JJ0YuxMltavqtlIGyxubq0hNJ4G9GtOc-XZz0Kmc5KPvU6iW8gbkwiR-X0GA" | sha256sum
8fc740d8c40e45ea330a3f324fe009148dfc1f771bc90254eaf8ff8bbcecfe02 -
GCS
❯ http registry.test:5000/v2/gitlab-org/gitlab-test/blobs/sha256:8fc740d8c40e45ea330a3f324fe009148dfc1f771bc90254eaf8ff8bbcecfe02 Authorization:"Bearer eyJraWQiOiI0NUVXOjQ2Uzc6WlZBRzpKTFpBOkNUTFY6V1Q0NzpZQkJLOkZZVEk6VURRTzpXVkFCOktRVlQ6UlhOQiIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6ImdpdGxhYi1vcmcvZ2l0bGFiLXRlc3QiLCJhY3Rpb25zIjpbInB1bGwiXSwibWV0YSI6eyJwcm9qZWN0X3BhdGgiOiJnaXRsYWItb3JnL2dpdGxhYi10ZXN0IiwicHJvamVjdF9pZCI6Miwicm9vdF9uYW1lc3BhY2VfaWQiOjI0fX1dLCJqdGkiOiI0ZGQyMTI5Yi0xNDAwLTQ3OTgtYTkxMS00ODU5NjQxZjhiODAiLCJhdWQiOiJjb250YWluZXJfcmVnaXN0cnkiLCJpc3MiOiJnaXRsYWItaXNzdWVyIiwiaWF0IjoxNzEyMTU1MTkzLCJuYmYiOjE3MTIxNTUxODgsImV4cCI6MTcxMjE1NTQ5M30.LLM525aOibhG5FMIWrtw5-y5WHIDuwBYZalloU9m9VAWRIq4Y9V1egSmEB6QuXMyiq0vkOjDVIhddvXbJOCDQMvKnlvtV_yLFSBXxtjjsrnlckMqLSVAafMTZZBZmURa45AZC26CnsPZdce7ztoegnslSoK_tZ5_5OyX-XpZ_ReJjFw-rfe235dBr-VH-l2VOR_t1H-Ewf7-WeYqKoIFuCGy1jooFJ3ZXK3IrhSRZSrm3hGkx6V11DiLADRaQR8lqI7UfCwdym0xmqkkFCFkJ2fOF0JJ0YuxMltavqtlIGyxubq0hNJ4G9GtOc-XZz0Kmc5KPvU6iW8gbkwiR-X0GA"
HTTP/1.1 307 Temporary Redirect
Content-Length: 1120
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Apr 2024 14:44:15 GMT
Docker-Distribution-Api-Version: registry/2.0
Location: https://storage.googleapis.com/jpereira-container-registry/docker/registry/v2/blobs/sha256/8f/8fc740d8c40e45ea330a3f324fe009148dfc1f771bc90254eaf8ff8bbcecfe02/data?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=container-registry%40jpereira-b5d4149e.iam.gserviceaccount.com%2F20240403%2Fauto%2Fstorage%2Fgoog4_request&X-Goog-Date=20240403T144415Z&X-Goog-Expires=299&X-Goog-Signature=5b2bae5a86f77396fb657eface085cdac4b5debc9333aaad3b58ed27005e3957df0db2964ba8e2432ad6a16bffaff9bcba4b4278377b224d2ccc066f93db4e9b27f0e4102efe5ffac02fda6d42bc4f3b77e824c84ecbfcad67ac0aaed89a0ae78b685d201640de4f2798aef8d24f59e348b9c94ac942ce438c2a0706946b2497a54dd8e7637e6743364b9e89c6409503c932af1929f74d1b4e27972568a3163e47a5852576d935310161b2b72bbd52924c456bc7bc7f08dd229852814a17675c6268c9309a153a1bbbcd3e2cc746137cd53a833d638c1ecd9d8f5909b516b3cb894b16e963c3d4c6b7ac6b551c9414d47e6be6ad88eade10dd3abee63a6f4d03&X-Goog-SignedHeaders=host&x-goog-custom-audit-gitlab-namespace-id=24&x-goog-custom-audit-gitlab-project-id=2&x-goog-custom-audit-gitlab-size-bytes=1472
X-Content-Type-Options: nosniff
<a href="https://storage.googleapis.com/jpereira-container-registry/docker/registry/v2/blobs/sha256/8f/8fc740d8c40e45ea330a3f324fe009148dfc1f771bc90254eaf8ff8bbcecfe02/data?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=container-registry%40jpereira-b5d4149e.iam.gserviceaccount.com%2F20240403%2Fauto%2Fstorage%2Fgoog4_request&X-Goog-Date=20240403T144415Z&X-Goog-Expires=299&X-Goog-Signature=5b2bae5a86f77396fb657eface085cdac4b5debc9333aaad3b58ed27005e3957df0db2964ba8e2432ad6a16bffaff9bcba4b4278377b224d2ccc066f93db4e9b27f0e4102efe5ffac02fda6d42bc4f3b77e824c84ecbfcad67ac0aaed89a0ae78b685d201640de4f2798aef8d24f59e348b9c94ac942ce438c2a0706946b2497a54dd8e7637e6743364b9e89c6409503c932af1929f74d1b4e27972568a3163e47a5852576d935310161b2b72bbd52924c456bc7bc7f08dd229852814a17675c6268c9309a153a1bbbcd3e2cc746137cd53a833d638c1ecd9d8f5909b516b3cb894b16e963c3d4c6b7ac6b551c9414d47e6be6ad88eade10dd3abee63a6f4d03&X-Goog-SignedHeaders=host&x-goog-custom-audit-gitlab-namespace-id=24&x-goog-custom-audit-gitlab-project-id=2&x-goog-custom-audit-gitlab-size-bytes=1472">Temporary Redirect</a>.
❯ http -F registry.test:5000/v2/gitlab-org/gitlab-test/blobs/sha256:8fc740d8c40e45ea330a3f324fe009148dfc1f771bc90254eaf8ff8bbcecfe02 Authorization:"Bearer eyJraWQiOiI0NUVXOjQ2Uzc6WlZBRzpKTFpBOkNUTFY6V1Q0NzpZQkJLOkZZVEk6VURRTzpXVkFCOktRVlQ6UlhOQiIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6ImdpdGxhYi1vcmcvZ2l0bGFiLXRlc3QiLCJhY3Rpb25zIjpbInB1bGwiXSwibWV0YSI6eyJwcm9qZWN0X3BhdGgiOiJnaXRsYWItb3JnL2dpdGxhYi10ZXN0IiwicHJvamVjdF9pZCI6Miwicm9vdF9uYW1lc3BhY2VfaWQiOjI0fX1dLCJqdGkiOiI0ZGQyMTI5Yi0xNDAwLTQ3OTgtYTkxMS00ODU5NjQxZjhiODAiLCJhdWQiOiJjb250YWluZXJfcmVnaXN0cnkiLCJpc3MiOiJnaXRsYWItaXNzdWVyIiwiaWF0IjoxNzEyMTU1MTkzLCJuYmYiOjE3MTIxNTUxODgsImV4cCI6MTcxMjE1NTQ5M30.LLM525aOibhG5FMIWrtw5-y5WHIDuwBYZalloU9m9VAWRIq4Y9V1egSmEB6QuXMyiq0vkOjDVIhddvXbJOCDQMvKnlvtV_yLFSBXxtjjsrnlckMqLSVAafMTZZBZmURa45AZC26CnsPZdce7ztoegnslSoK_tZ5_5OyX-XpZ_ReJjFw-rfe235dBr-VH-l2VOR_t1H-Ewf7-WeYqKoIFuCGy1jooFJ3ZXK3IrhSRZSrm3hGkx6V11DiLADRaQR8lqI7UfCwdym0xmqkkFCFkJ2fOF0JJ0YuxMltavqtlIGyxubq0hNJ4G9GtOc-XZz0Kmc5KPvU6iW8gbkwiR-X0GA" | sha256sum
8fc740d8c40e45ea330a3f324fe009148dfc1f771bc90254eaf8ff8bbcecfe02 -
Large IDs
Out of curiosity, also tried with a really big number (upper limit for int64
on 64 bits hosts):
❯ echo "eyJraWQiOiI0NUVXOjQ2Uzc6WlZBRzpKTFpBOkNUTFY6V1Q0NzpZQkJLOkZZVEk6VURRTzpXVkFCOktRVlQ6UlhOQiIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6ImdpdGxhYi1vcmcvZ2l0bGFiLXRlc3QiLCJhY3Rpb25zIjpbInB1bGwiXSwibWV0YSI6eyJwcm9qZWN0X3BhdGgiOiJnaXRsYWItb3JnL2dpdGxhYi10ZXN0IiwicHJvamVjdF9pZCI6OTIyMzM3MjAzNjg1NDc3NTgwNywicm9vdF9uYW1lc3BhY2VfaWQiOjI0fX1dLCJqdGkiOiJhZjlhYmNiYS0wMzBkLTRlMjgtYWQzOC1mODI5NWM5ZTg2MDYiLCJhdWQiOiJjb250YWluZXJfcmVnaXN0cnkiLCJpc3MiOiJnaXRsYWItaXNzdWVyIiwiaWF0IjoxNzEyMTU1NjI3LCJuYmYiOjE3MTIxNTU2MjIsImV4cCI6MTcxMjE1NTkyN30.CgT3nNVwTh7hymPBZE2IUD50Y70Cn0aDbNEUJ8QTi-DzRksSny978D6TFieDC0EEY6yuiXccLfaa1eNl06xq-e547MEopQtwAc9AZjsCA8EAnwKUIhmJcSebdmCQBsGmeruCaYTGvc47yojqLdd5V31qkHTROV9TPlQcoNhxRnCYxtEFqt4XZL2g8bUf97ZXGWCurj6RAfjZVDAgYkFskevQpoXcdR-LtiaMJQ3XPXaslqhff2pjr_ARhtOHsEuRDbZcx3FQwVAyKcQ6nhcVo08AMkIkdo9sm26AQhqN5DGGXXK_at85lL03jUY3kwND6jVvUTdgeQK66HJxYYNr5Q" | jwt decode -
Token header
------------
{
"typ": "JWT",
"alg": "RS256",
"kid": "45EW:46S7:ZVAG:JLZA:CTLV:WT47:YBBK:FYTI:UDQO:WVAB:KQVT:RXNB"
}
Token claims
------------
{
"access": [
{
"actions": [
"pull"
],
"meta": {
"project_id": 9223372036854775807,
"project_path": "gitlab-org/gitlab-test",
"root_namespace_id": 24
},
"name": "gitlab-org/gitlab-test",
"type": "repository"
}
],
"aud": "container_registry",
"exp": 1712155927,
"iat": 1712155627,
"iss": "gitlab-issuer",
"jti": "af9abcba-030d-4e28-ad38-f8295c9e8606",
"nbf": 1712155622
}
❯ http registry.test:5000/v2/gitlab-org/gitlab-test/blobs/sha256:8fc740d8c40e45ea330a3f324fe009148dfc1f771bc90254eaf8ff8bbcecfe02 Authorization:"Bearer eyJraWQiOiI0NUVXOjQ2Uzc6WlZBRzpKTFpBOkNUTFY6V1Q0NzpZQkJLOkZZVEk6VURRTzpXVkFCOktRVlQ6UlhOQiIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6ImdpdGxhYi1vcmcvZ2l0bGFiLXRlc3QiLCJhY3Rpb25zIjpbInB1bGwiXSwibWV0YSI6eyJwcm9qZWN0X3BhdGgiOiJnaXRsYWItb3JnL2dpdGxhYi10ZXN0IiwicHJvamVjdF9pZCI6OTIyMzM3MjAzNjg1NDc3NTgwNywicm9vdF9uYW1lc3BhY2VfaWQiOjI0fX1dLCJqdGkiOiJhZjlhYmNiYS0wMzBkLTRlMjgtYWQzOC1mODI5NWM5ZTg2MDYiLCJhdWQiOiJjb250YWluZXJfcmVnaXN0cnkiLCJpc3MiOiJnaXRsYWItaXNzdWVyIiwiaWF0IjoxNzEyMTU1NjI3LCJuYmYiOjE3MTIxNTU2MjIsImV4cCI6MTcxMjE1NTkyN30.CgT3nNVwTh7hymPBZE2IUD50Y70Cn0aDbNEUJ8QTi-DzRksSny978D6TFieDC0EEY6yuiXccLfaa1eNl06xq-e547MEopQtwAc9AZjsCA8EAnwKUIhmJcSebdmCQBsGmeruCaYTGvc47yojqLdd5V31qkHTROV9TPlQcoNhxRnCYxtEFqt4XZL2g8bUf97ZXGWCurj6RAfjZVDAgYkFskevQpoXcdR-LtiaMJQ3XPXaslqhff2pjr_ARhtOHsEuRDbZcx3FQwVAyKcQ6nhcVo08AMkIkdo9sm26AQhqN5DGGXXK_at85lL03jUY3kwND6jVvUTdgeQK66HJxYYNr5Q"
HTTP/1.1 307 Temporary Redirect
Content-Length: 1138
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Apr 2024 14:47:41 GMT
Docker-Distribution-Api-Version: registry/2.0
Location: https://storage.googleapis.com/jpereira-container-registry/docker/registry/v2/blobs/sha256/8f/8fc740d8c40e45ea330a3f324fe009148dfc1f771bc90254eaf8ff8bbcecfe02/data?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=container-registry%40jpereira-b5d4149e.iam.gserviceaccount.com%2F20240403%2Fauto%2Fstorage%2Fgoog4_request&X-Goog-Date=20240403T144741Z&X-Goog-Expires=299&X-Goog-Signature=64daa586329184e4231b04dbc54bcf5a439538c93ca0bdc8c68938d235603c453c08ecdbaf2822c4a8668c95d51b3385bcdacf5185f27197ea2c8332d7a30c226228db7c004670a646e8ff1a1ddba4a6f7da798646fc15c1ac44bfd2db74981d32d80bda6fdb3e2585e671b09d7b31478211254c550982dcca8252bc50bfe5114d4b7177cc6c182d9fbafe884e7ab99e80723c62f2cf97990014999db73454802a535bd9a21ca5d68b7f7fd043d46d7af9519107be3741c94c19d15af3d75ead4e70dff6eced6312eef460305e6f1232773b75047d0537d7f0c56d1be28368fbc524e0c02dbcafbd3dcac198c9ba31091e9295e7f5cb0b33151c5c4c4e9e79c1&X-Goog-SignedHeaders=host&x-goog-custom-audit-gitlab-namespace-id=24&x-goog-custom-audit-gitlab-project-id=9223372036854775807&x-goog-custom-audit-gitlab-size-bytes=1472
X-Content-Type-Options: nosniff
<a href="https://storage.googleapis.com/jpereira-container-registry/docker/registry/v2/blobs/sha256/8f/8fc740d8c40e45ea330a3f324fe009148dfc1f771bc90254eaf8ff8bbcecfe02/data?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=container-registry%40jpereira-b5d4149e.iam.gserviceaccount.com%2F20240403%2Fauto%2Fstorage%2Fgoog4_request&X-Goog-Date=20240403T144741Z&X-Goog-Expires=299&X-Goog-Signature=64daa586329184e4231b04dbc54bcf5a439538c93ca0bdc8c68938d235603c453c08ecdbaf2822c4a8668c95d51b3385bcdacf5185f27197ea2c8332d7a30c226228db7c004670a646e8ff1a1ddba4a6f7da798646fc15c1ac44bfd2db74981d32d80bda6fdb3e2585e671b09d7b31478211254c550982dcca8252bc50bfe5114d4b7177cc6c182d9fbafe884e7ab99e80723c62f2cf97990014999db73454802a535bd9a21ca5d68b7f7fd043d46d7af9519107be3741c94c19d15af3d75ead4e70dff6eced6312eef460305e6f1232773b75047d0537d7f0c56d1be28368fbc524e0c02dbcafbd3dcac198c9ba31091e9295e7f5cb0b33151c5c4c4e9e79c1&X-Goog-SignedHeaders=host&x-goog-custom-audit-gitlab-namespace-id=24&x-goog-custom-audit-gitlab-project-id=9223372036854775807&x-goog-custom-audit-gitlab-size-bytes=1472">Temporary Redirect</a>.
Author checklist
-
Feature flags
-
Added feature flag: -
This feature does not require a feature flag
-
-
I added unit tests or they are not required -
I added documentation (or it's not required) -
I followed code review guidelines -
I followed Go Style guidelines -
For database changes including schema migrations: -
Manually run up and down migrations in a postgres.ai production database clone and post a screenshot of the result here. -
If adding new queries, extract a query plan from postgres.ai and post the link here. If changing existing queries, also extract a query plan for the current version for comparison. -
I do not have access to postgres.ai and have made a comment on this MR asking for these to be run on my behalf.
-
-
Do not include code that depends on the schema migrations in the same commit. Split the MR into two or more.
-
-
Ensured this change is safe to deploy to individual stages in the same environment ( cny
->prod
). State-related changes can be troublesome due to having parts of the fleet processing (possibly related) requests in different ways.
Reviewer checklist
-
Ensure the commit and MR tittle are still accurate. -
If the change contains a breaking change, apply the breaking change label. -
If the change is considered high risk, apply the label high-risk-change -
Identify if the change can be rolled back safely. (note: all other reasons for not being able to rollback will be sufficiently captured by major version changes).
If the MR introduces database schema migrations:
-
Ensure the commit and MR tittle start with fix:
,feat:
, orperf:
so that the change appears on the Changelog
If the changes cannot be rolled back follow these steps:
-
If not, apply the label cannot-rollback. -
Add a section to the MR description that includes the following details: -
The reasoning behind why a release containing the presented MR can not be rolled back (e.g. schema migrations or changes to the FS structure) -
Detailed steps to revert/disable a feature introduced by the same change where a migration cannot be rolled back. (note: ideally MRs containing schema migrations should not contain feature changes.) -
Ensure this MR does not add code that depends on these changes that cannot be rolled back.
-
Edited by João Pereira