Add package_type validation to Packages::Composer::Metadatum
What does this MR do and why?
Adds a validation to Packages::Composer::Metadatum
to ensure that we do not create a packages_composer_metadata
record that is associated with a non-Composer package.
All other Packages::XXX::Metadatum
and Packages::XXX::FileMetadatum
already have a similar validation in place.
Risks
If we introduce this validation, existing records that do not satisfy the validation will become invalid and cannot be updated from Rails.
Fortunately, there are no existing invalid records in production. https://console.postgres.ai/gitlab/gitlab-production-tunnel-pg12/sessions/15114/commands/52501
How to set up and validate locally
-
Upload a composer package following the steps here
-
In rails console, confirm that the package metadatum becomes invalid if
package_type
is changed:
package = Packages::Package.find(<id of package in step 1>)
composer_metadatum = package.composer_metadatum
composer_metadatum.valid?
=> true
package.package_type = 1
composer_metadatum.valid?
=> false
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #216910 (closed)