Wrong artifacts downloaded when multiple tags exist
Summary
When the same commit has multiple tags, the artifact download links from the tag page replace the artifact contents with the newest ones.
Though for the same commit, this can be an issue if the build process leverages CI_COMMIT_TAG
for insertion into the artifacts (filenames, etc.) Because of this, there's no real guarantee that the artifacts are the same even though the commit hash matches.
Steps to reproduce
- Create a tag for a commit in a repository which has CI enabled and creates an artifact for that tag.
- Browse to the tag's page and download the artifact using the link (ie.
https://example.com/group/project/-/jobs/artifacts/1.2.3/download?job=artifact-name
) - Let's say the filename upon downloading the url above becomes
artifact-1.2.3.zip
.
- Browse to the tag's page and download the artifact using the link (ie.
- Create another tag on the same commit.
- Browse to the tag's page and download the artifact using the link (ie.
https://example.com/group/project/-/jobs/artifacts/4.5.6/download?job=artifact-name
) - Let's say the filename upon downloading the url above becomes
artifact-4.5.6.zip
.
- Browse to the tag's page and download the artifact using the link (ie.
- Browse back to the original tag's page, and note that the download of
https://example.com/group/project/-/jobs/artifacts/1.2.3/download?job=artifact-name
now downloads the fileartifact-4.5.6.zip
. - If you now go to
https://example.com/group/project/-/pipelines
and filter by the1.2.3
tag, you'll find the old artifacts are indeed still there.
What is the current bug behavior?
The artifact download links on the tag page don't link to the artifacts for that tag, instead linking to the artifacts for the latest pipeline for that commit hash.
What is the expected correct behavior?
The artifact download links on the tag page should download the artifacts for that tag.
Screenshot
Results of GitLab environment info
System information
System: Ubuntu 16.04
Current User: git
Using RVM: no
Ruby Version: 2.7.2p137
Gem Version: 3.1.4
Bundler Version:2.1.4
Rake Version: 13.0.3
Redis Version: 5.0.9
Git Version: 2.29.0
Sidekiq Version:5.2.9
Go Version: unknown
GitLab information
Version: 13.8.4
Revision: 9fb9cbf50c3
Directory: /opt/gitlab/embedded/service/gitlab-rails
DB Adapter: PostgreSQL
DB Version: 12.5
URL: https://example.com
HTTP Clone URL: https://example.com/some-group/some-project.git
SSH Clone URL: git@example.com:some-group/some-project.git
Using LDAP: yes
Using Omniauth: yes
Omniauth Providers:
GitLab Shell
Version: 13.15.1
Repository storage paths:
- default: /var/opt/gitlab/git-data/repositories
GitLab Shell path: /opt/gitlab/embedded/service/gitlab-shell
Git: /opt/gitlab/embedded/bin/git
Results of GitLab application Check
Checking GitLab subtasks ...
Checking GitLab Shell ...
GitLab Shell: ... GitLab Shell version >= 13.15.1 ? ... OK (13.15.1)
Running /opt/gitlab/embedded/service/gitlab-shell/bin/check
Internal API available: OK
Redis available via internal API: OK
gitlab-shell self-check successful
Checking GitLab Shell ... Finished
Checking Gitaly ...
Gitaly: ... default ... OK
Checking Gitaly ... Finished
Checking Sidekiq ...
Sidekiq: ... Running? ... yes
Number of Sidekiq processes ... 1
Checking Sidekiq ... Finished
Checking Incoming Email ...
Incoming Email: ... Reply by email is disabled in config/gitlab.yml
Checking Incoming Email ... Finished
Checking LDAP ...
LDAP: ... Server:
LDAP authentication... Success
LDAP users with access to your GitLab server (only showing the first 100 results)
User output sanitized. Found 100 users of 100 limit.
Checking LDAP ... Finished
Checking GitLab App ...
Git configured correctly? ... yes
Database config exists? ... yes
All migrations up? ... yes
Database contains orphaned GroupMembers? ... no
GitLab config exists? ... yes
GitLab config up to date? ... yes
Log directory writable? ... yes
Tmp directory writable? ... yes
Uploads directory exists? ... yes
Uploads directory has correct permissions? ... yes
Uploads directory tmp has correct permissions? ... yes
Init script exists? ... skipped (omnibus-gitlab has no init script)
Init script up-to-date? ... skipped (omnibus-gitlab has no init script)
Projects have namespace: ...
( *** ~733 lines of `N/M ... yes` *** )
Redis version >= 4.0.0? ... yes
Ruby version >= 2.7.2 ? ... yes (2.7.2)
Git version >= 2.29.0 ? ... yes (2.29.0)
Git user has default SSH configuration? ... yes
Active users: ...
Is authorized keys file accessible? ... yes
GitLab configured to store new projects in hashed storage? ... yes
All projects are in hashed storage? ... no
Try fixing it:
Please migrate all projects to hashed storage
as legacy storage is deprecated in 13.0 and support will be removed in 14.0.
For more information see:
doc/administration/repository_storage_types.md
Checking GitLab App ... Finished
Checking GitLab subtasks ... Finished