[EE] Upgrade Rails to 5.1
What does this MR do?
Moved from https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/9386
CE-port: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/27480
Upgrades Rails to latest 5.1 version. Biggest changes:
-
bigserial
is default primary key in the schema. -
build_select
changed to select only the required fields if the model hasignored_columns
. https://github.com/rails/rails/blob/5-1-stable/activerecord/lib/active_record/relation/query_methods.rb#L1041. This is incompatiple with some migrations or background migration specs because rails keeps a statement cache in memory. So if a model withignored_columns
in a migration is used, the query withselect table.col1, table.col2
is stored in the statement cache. If a different migration is then run and one of these columns is removed in the mean time, the query is invalid. Proper solution here is to not use the model but override it, like done in most migrations, but unfortunately not in all. Also for background migration specs you can clear all statement caches inreset_column_in_all_models
. I chose for a monkey patch because it seems not feasible to rewrite all migrations where rails model is used. -
Model.new.attributes
now also returns encrypted attribute. - There are still some places where
attribute_changed?
is used, these will be addressed in the follow-up issue: #9932 (closed)
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation created/updated or follow-up review issue created -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Performance and testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Edited by Coung Ngo