Add package_type validation to Packages::Composer::Metadatum (!110777) · Merge requests · GitLab.org / GitLab

Radamanthus Batnag requested to merge 216910-add-package-type-validation-to-composer-metadatum into master Feb 01, 2023

What does this MR do and why?

Adds a validation to Packages::Composer::Metadatum to ensure that we do not create a packages_composer_metadata record that is associated with a non-Composer package.

All other Packages::XXX::Metadatum and Packages::XXX::FileMetadatum already have a similar validation in place.

Risks

If we introduce this validation, existing records that do not satisfy the validation will become invalid and cannot be updated from Rails.

Fortunately, there are no existing invalid records in production. https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/15114/commands/52501

How to set up and validate locally

Upload a composer package following the steps here
In rails console, confirm that the package metadatum becomes invalid if package_type is changed:

package = Packages::Package.find(<id of package in step 1>)
composer_metadatum = package.composer_metadatum
composer_metadatum.valid?
=> true

package.package_type = 1
composer_metadatum.valid?
=> false

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #216910 (closed)

Edited Feb 07, 2023 by Radamanthus Batnag

Add package_type validation to Packages::Composer::Metadatum

What does this MR do and why?

Risks

How to set up and validate locally

MR acceptance checklist

Merge request reports