Set defaults for cleanup policy regexes
Compare changes
Files
16@@ -117,8 +117,9 @@ export default {
Container cleanup policies use a set of regexes to determine which tags to remove from a given container repository. Right now, there is no default, and blank values are allowed. The problem is, if a policy has a blank name_regex
, no tags will qualify for deletion. If this is the case, the policy should not be valid. Since the name_regex
column does allow NULL and blank values and we cannot change the existing records, we need to validate that the name_regex
has a value only when the policy is enabled.
This MR adds:
name_regex
is not blank when enabled = true
.name_regex
. The cleanup policies are created automatically when a new project is created. We don't want to continue to create policies with blank values that do nothing.enabled: true
to enabled: false
. We are disabling by default for now since adding a default regex will cause new policies to run and remove image tags. We want to be sure the user is aware tags may be deleted before enabling by default.Up migration
== 20201008144854 SetRegexDefaultsOnContainerExpirationPolicies: migrating ====
-- change_column_default(:container_expiration_policies, :name_regex, ".*")
-> 0.0045s
-- change_column_default(:container_expiration_policies, :enabled, false)
-> 0.0021s
== 20201008144854 SetRegexDefaultsOnContainerExpirationPolicies: migrated (0.0099s)
Down migration
== 20201008144854 SetRegexDefaultsOnContainerExpirationPolicies: reverting ====
-- change_column_default(:container_expiration_policies, :name_regex, nil)
-> 0.0080s
-- change_column_default(:container_expiration_policies, :enabled, true)
-> 0.0047s
== 20201008144854 SetRegexDefaultsOnContainerExpirationPolicies: reverted (0.0173s)
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
@gitlab-com/gl-security/appsec