Skip to content
Snippets Groups Projects

Add read_dependency column to member_roles table

Merged mo khan requested to merge mokhax/415255/read-dependency into master
All threads resolved!

What does this MR do and why?

This change adds a new column to the member_roles table for the read_dependency ability. This column is used to enable the read_dependencies permission when member_roles.read_dependency is enabled on a custom member role.

#415255 (closed)

Add read_dependency column to member_roles table

This change adds a new column to the member_roles table to allow custom roles to enable the read_dependency ability.

Changelog: added EE: true

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by mo khan

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • mo khan
  • mo khan added 1 commit

    added 1 commit

    • 69f847df - Ensure dependency_scanning is enabled

    Compare with previous version

    • Contributor
      Resolved by euko

      Database migrations (on the main database)

      Migrations included in this change have been executed on gitlab.com data for testing purposes. For details, please see the migration testing pipeline (limited access).

      Migration Type Total runtime Result DB size change
      20230712214613 - AddReadDependencyToMemberRoles Regular 2.1 s :white_check_mark: +0.00 B
      Runtime Histogram for all migrations
      Query Runtime Count
      0 seconds - 0.01 seconds 0
      0.01 seconds - 0.1 seconds 4
      0.1 seconds - 1 second 0
      1 second - 5 seconds 0
      5 seconds - 15 seconds 0
      15 seconds - 5 minutes 0
      5 minutes + 0

      Migration: 20230712214613 - AddReadDependencyToMemberRoles

      • Type: Regular
      • Duration: 2.1 s
      • Database size change: +0.00 B
      Calls Total Time Max Time Mean Time Rows Query
      1 9.1 ms 9.1 ms 9.1 ms 0
      ALTER TABLE "member_roles" ADD "read_dependency" boolean DEFAULT FALSE NOT NULL
      2 0.0 ms 0.0 ms 0.0 ms 2
      SELECT pg_backend_pid()
      1 0.0 ms 0.0 ms 0.0 ms 1
      SELECT $1::regtype::oid
      Histogram for AddReadDependencyToMemberRoles
      Query Runtime Count
      0 seconds - 0.01 seconds 0
      0.01 seconds - 0.1 seconds 4
      0.1 seconds - 1 second 0
      1 second - 5 seconds 0
      5 seconds - 15 seconds 0
      15 seconds - 5 minutes 0
      5 minutes + 0

      Other information

      Other migrations pending on GitLab.com
      Migration Type Total runtime Result DB size change
      20230704050739 - PrepareRemovalIndexDeploymentsOnEnvironmentIdAndIidAndProjectId Post deploy 3.1 s :white_check_mark: +0.00 B
      20230705141703 - RollbackVulnerabilityAdvisoriesForeignKeyOnVulnerableComponentVersions Post deploy 1.5 s :white_check_mark: +0.00 B
      20230705141733 - RollbackComponentVersionForeignKeyOnVulnerableComponentVersions Post deploy 2.3 s :white_check_mark: +0.00 B
      20230705142241 - DropVulnerableComponentVersions Post deploy 1.9 s :white_check_mark: -32.00 KiB
      20230705142334 - DropVulnerabilitiesAdvisories Post deploy 1.8 s :white_check_mark: -24.00 KiB
      20230707220646 - AddIndexToVulnerabilityFindingsOnUuidAgain Post deploy 2.3 s :white_check_mark: +0.00 B
      20230711093010 - DropDefaultPartitionIdValueForCiTables Post deploy 4.3 s :white_check_mark: +0.00 B
      20230712020407 - RemoveTemporaryIndexFromSystemNoteMetadata Post deploy 2.2 s :white_check_mark: -7.05 MiB
      20230712064637 - ReplaceOldFkPCiBuildsMetadataToBuildsV2 Post deploy 2.0 s :warning: +0.00 B
      20230712064655 - ReplaceOldFkPCiRunnerMachineBuildsToBuildsV2 Post deploy 1.7 s :white_check_mark: +0.00 B
      20230712145323 - DropCiJobArtifactsPartitionIdDefault Post deploy 1.8 s :white_check_mark: +0.00 B
      20230712145821 - DropCiStagesPartitionIdDefault Post deploy 1.8 s :white_check_mark: +0.00 B
      20230712145926 - DropCiBuildTraceMetadataPartitionIdDefault Post deploy 1.8 s :white_check_mark: +0.00 B
      20230713100100 - DropCiPipelineVariablePartitionIdDefault Post deploy 1.8 s :white_check_mark: +0.00 B
      Clone details
      Clone ID Clone Created At Clone Data Timestamp Expected Removal Time
      database-testing-2111817-10591323-main 2023-07-13T21:59:55Z 2023-07-13T16:39:26Z 2023-07-14 10:04:50 +0000
      database-testing-2111817-10591323-ci 2023-07-13T21:59:55Z 2023-07-13T20:45:31Z 2023-07-14 10:04:50 +0000

      Job artifacts

      Database migrations (on the ci database)

      Migrations included in this change have been executed on gitlab.com data for testing purposes. For details, please see the migration testing pipeline (limited access).

      Migration Type Total runtime Result DB size change
      20230712214613 - AddReadDependencyToMemberRoles Regular 3.5 s :white_check_mark: +0.00 B
      Runtime Histogram for all migrations
      Query Runtime Count
      0 seconds - 0.01 seconds 0
      0.01 seconds - 0.1 seconds 4
      0.1 seconds - 1 second 0
      1 second - 5 seconds 0
      5 seconds - 15 seconds 0
      15 seconds - 5 minutes 0
      5 minutes + 0

      Migration: 20230712214613 - AddReadDependencyToMemberRoles

      • Type: Regular
      • Duration: 3.5 s
      • Database size change: +0.00 B
      Calls Total Time Max Time Mean Time Rows Query
      1 12.6 ms 12.6 ms 12.6 ms 0
      ALTER TABLE "member_roles" ADD "read_dependency" boolean DEFAULT FALSE NOT NULL
      1 0.0 ms 0.0 ms 0.0 ms 1
      SELECT $1::regtype::oid
      2 0.0 ms 0.0 ms 0.0 ms 2
      SELECT pg_backend_pid()
      Histogram for AddReadDependencyToMemberRoles
      Query Runtime Count
      0 seconds - 0.01 seconds 0
      0.01 seconds - 0.1 seconds 4
      0.1 seconds - 1 second 0
      1 second - 5 seconds 0
      5 seconds - 15 seconds 0
      15 seconds - 5 minutes 0
      5 minutes + 0

      Other information

      Other migrations pending on GitLab.com
      Migration Type Total runtime Result DB size change
      20230704050739 - PrepareRemovalIndexDeploymentsOnEnvironmentIdAndIidAndProjectId Post deploy 3.8 s :white_check_mark: +0.00 B
      20230705141703 - RollbackVulnerabilityAdvisoriesForeignKeyOnVulnerableComponentVersions Post deploy 2.4 s :white_check_mark: +0.00 B
      20230705141733 - RollbackComponentVersionForeignKeyOnVulnerableComponentVersions Post deploy 2.4 s :white_check_mark: +0.00 B
      20230705142241 - DropVulnerableComponentVersions Post deploy 2.5 s :white_check_mark: -32.00 KiB
      20230705142334 - DropVulnerabilitiesAdvisories Post deploy 2.5 s :white_check_mark: -24.00 KiB
      20230707220646 - AddIndexToVulnerabilityFindingsOnUuidAgain Post deploy 2.5 s :white_check_mark: +0.00 B
      20230711093010 - DropDefaultPartitionIdValueForCiTables Post deploy 5.4 s :white_check_mark: +0.00 B
      20230712020407 - RemoveTemporaryIndexFromSystemNoteMetadata Post deploy 3.1 s :white_check_mark: -8.00 KiB
      20230712064637 - ReplaceOldFkPCiBuildsMetadataToBuildsV2 Post deploy 3.6 s :warning: +0.00 B
      20230712064655 - ReplaceOldFkPCiRunnerMachineBuildsToBuildsV2 Post deploy 3.2 s :white_check_mark: +0.00 B
      20230712145323 - DropCiJobArtifactsPartitionIdDefault Post deploy 2.7 s :white_check_mark: +0.00 B
      20230712145821 - DropCiStagesPartitionIdDefault Post deploy 2.7 s :white_check_mark: +0.00 B
      20230712145926 - DropCiBuildTraceMetadataPartitionIdDefault Post deploy 2.7 s :white_check_mark: +0.00 B
      20230713100100 - DropCiPipelineVariablePartitionIdDefault Post deploy 2.7 s :white_check_mark: +0.00 B
      Clone details
      Clone ID Clone Created At Clone Data Timestamp Expected Removal Time
      database-testing-2111817-10591323-main 2023-07-13T21:59:55Z 2023-07-13T16:39:26Z 2023-07-14 10:04:50 +0000
      database-testing-2111817-10591323-ci 2023-07-13T21:59:55Z 2023-07-13T20:45:31Z 2023-07-14 10:04:50 +0000

      Job artifacts


      Brought to you by gitlab-org/database-team/gitlab-com-database-testing. Epic

  • mo khan added 1 commit

    added 1 commit

    • 96e5bb75 - Update assertion to include read_dependency ability

    Compare with previous version

  • mo khan marked this merge request as ready

    marked this merge request as ready

  • mo khan mentioned in issue #415255 (closed)

    mentioned in issue #415255 (closed)

  • mentioned in epic &10684 (closed)

  • mo khan added 212 commits

    added 212 commits

    • 96e5bb75...e1c3acde - 208 commits from branch master
    • 8fa73e35 - Add read_dependency column to member_roles table
    • 27a9735f - Add policy to enable read_dependeny via custom roles
    • d881da38 - Ensure dependency_scanning is enabled
    • 17d74aa0 - Update assertion to include read_dependency ability

    Compare with previous version

  • mo khan added 4 commits

    added 4 commits

    • a78c1502 - Add read_dependency column to member_roles table
    • d176393c - Add policy to enable read_dependeny via custom roles
    • 22463c1f - Ensure dependency_scanning is enabled
    • be875854 - Update assertion to include read_dependency ability

    Compare with previous version

  • mo khan requested review from @aakriti.gupta and @terrichu

    requested review from @aakriti.gupta and @terrichu

  • Terri Chu approved this merge request

    approved this merge request

  • added databasereviewed label and removed databasereview pending label

  • Terri Chu requested review from @euko and removed review request for @terrichu

    requested review from @euko and removed review request for @terrichu

  • :wave: @terrichu, thanks for approving this merge request.

    This is the first time the merge request is approved. To ensure full test coverage, a new pipeline will be started shortly.

    For more info, please refer to the following links:

  • euko approved this merge request

    approved this merge request

  • euko added databaseapproved label and removed databasereviewed label

    added databaseapproved label and removed databasereviewed label

  • euko removed review request for @euko

    removed review request for @euko

  • additive schema change; no impact to data warehouse

  • Aakriti Gupta
  • Aakriti Gupta
    • Resolved by Max Woolf

      I have left suggestions.

      Please feel free to assign back to me by UTC morning tomorrow, after addressing them, otherwise, please re-assign since I am on vacation starting Wednesday, July 19th. (only available until 12pm UTC tomorrow)

  • Aakriti Gupta removed review request for @aakriti.gupta

    removed review request for @aakriti.gupta

  • mo khan added 1 commit

    added 1 commit

    • 422fd84e - Add spec for when read_dependency is false

    Compare with previous version

  • mo khan added 1 commit

    added 1 commit

    • da60e762 - Enable read_dependency for one of them members in the test fixture

    Compare with previous version

  • mo khan requested review from @aakriti.gupta

    requested review from @aakriti.gupta

  • Aakriti Gupta approved this merge request

    approved this merge request

  • Aakriti Gupta requested review from @mwoolf and removed review request for @aakriti.gupta

    requested review from @mwoolf and removed review request for @aakriti.gupta

  • Max Woolf resolved all threads

    resolved all threads

  • Max Woolf approved this merge request

    approved this merge request

  • Max Woolf enabled an automatic merge when the pipeline for e3c9f389 succeeds

    enabled an automatic merge when the pipeline for e3c9f389 succeeds

  • merged

  • @mwoolf, did you forget to run a pipeline before you merged this work? Based on our code review process, if the latest pipeline was created more than 6 hours ago OR finished more than 2 hours ago, you should:

    1. Ensure the merge request is not in Draft status.
    2. Start a pipeline (especially important for Community contribution merge requests).
    3. Set the merge request to auto-merge.

    This is a guideline, not a rule. Please consider replying to this comment for transparency.

    This message was generated automatically. You're welcome to improve it.

  • Hello @mokhax :wave:

    The database team is looking for ways to improve the database review process and we would love your help!

    If you'd be open to someone on the database team reaching out to you for a chat, or if you'd like to leave some feedback asynchronously, just post a reply to this comment mentioning:

    @gitlab-org/database-team

    And someone will be by shortly!

    Thanks for your help! :heart:

    This message was generated automatically. You're welcome to improve it.

  • Max Woolf mentioned in commit f1cfee0c

    mentioned in commit f1cfee0c

  • added workflowstaging label and removed workflowcanary label

  • mentioned in issue #451035 (closed)

  • Please register or sign in to reply
    Loading