Skip to content
Snippets Groups Projects
  1. Feb 19, 2025
  2. Feb 17, 2025
  3. Feb 11, 2025
  4. Feb 10, 2025
  5. Feb 07, 2025
  6. Feb 06, 2025
  7. Feb 05, 2025
  8. Feb 04, 2025
  9. Jan 27, 2025
  10. Jan 15, 2025
  11. Jan 09, 2025
  12. Jan 04, 2025
  13. Dec 18, 2024
  14. Dec 03, 2024
  15. Nov 13, 2024
  16. Oct 15, 2024
  17. Oct 10, 2024
    • Amy Qualls's avatar
      Instruct gitleaks to skip fake tokens in docs · 0d8f6e5c
      Amy Qualls authored
      These pages are _talking_ about secrets, not actually INCLUDING real
      secrets. Let's instruct gitleaks to skip these lines, or to munge
      the token strings in such a way that they're readable, but not
      actual tokens.
      Verified
      0d8f6e5c
  18. Aug 05, 2024
  19. Aug 02, 2024
  20. Jul 04, 2024
  21. Jun 26, 2024
  22. Jun 18, 2024
  23. Jun 17, 2024
  24. Jun 12, 2024
    • Michael Becker's avatar
      Create worker to store security reports by project · c96bdc59
      Michael Becker authored
      Technical context
      -----------------------
      
      `UPSERT` queries **require acquiring locks on unique index
      tuples**. This will cause lock contention if multiple processes try to
      `UPSERT` records with the same unique attributes. The lock contention
      will make each process wait for the other to complete.
      
      Historical context
      -----------------------
      
      The `StoreSecurityReportsWorker` job has the lock-contention issue
      described above. It was discovered in [this][0] production incident
      
      This Commit
      -----------------------
      
      The short-term solution resolves the lock contention by, in effect,
      making the jobs run sequentially. However, going through these jobs
      sequentially can take a long time ([somewhere][1] on the order of 3.25
      hours to 20 hours)
      
      In this change, we implement a medium-term solution that replaces the
      problematic job with a similar job that can make use of our existing
      [sidekiq deduplication][2] tooling
      
      With this change, even if a single project suddenly has many pipelines
      created for it, only one job will be scheduled and the rest will be
      de-duplicated
      
      [0]:gitlab-com/gl-infra/production#17754
      [1]:gitlab-com/gl-infra/production#17754 (comment 1831442417)
      [2]:https://docs.gitlab.com/ee/development/sidekiq/idempotent_jobs.html#deduplication
      
      related to: #452005
      
      EE: true
      Changelog: fixed
      Verified
      c96bdc59
  25. May 02, 2024
  26. May 01, 2024
  27. Apr 22, 2024
  28. Apr 20, 2024
  29. Apr 09, 2024
  30. Apr 07, 2024
  31. Mar 11, 2024
  32. Mar 04, 2024
  33. Feb 22, 2024
  34. Jan 26, 2024
Loading