Associate Terraform state versions with the CI job that created them
What does this MR do?
- Adds a
ci_build_id
column toterraform_state_versions
- Set this association when new states versions are created if
CI_JOB_TOKEN
is used to authenticate to the state API.
Migration output
== 20201015231049 AddCiBuildIdToTerraformStateVersions: reverting =============
-- foreign_keys(:terraform_state_versions)
-> 0.0097s
-- remove_foreign_key(:terraform_state_versions, :ci_builds, {:column=>:ci_build_id})
-> 0.0100s
-- transaction_open?()
-> 0.0000s
-- indexes(:terraform_state_versions)
-> 0.0033s
-- execute("SET statement_timeout TO 0")
-> 0.0002s
-- remove_index(:terraform_state_versions, {:algorithm=>:concurrently, :name=>"index_terraform_state_versions_on_ci_build_id"})
-> 0.0035s
-- execute("RESET ALL")
-> 0.0002s
-- remove_column(:terraform_state_versions, :ci_build_id)
-> 0.0014s
== 20201015231049 AddCiBuildIdToTerraformStateVersions: reverted (0.0342s) ====
== 20201015231049 AddCiBuildIdToTerraformStateVersions: migrating =============
-- column_exists?(:terraform_state_versions, :ci_build_id)
-> 0.0019s
-- add_column(:terraform_state_versions, :ci_build_id, :bigint)
-> 0.0022s
-- transaction_open?()
-> 0.0000s
-- index_exists?(:terraform_state_versions, :ci_build_id, {:name=>"index_terraform_state_versions_on_ci_build_id", :algorithm=>:concurrently})
-> 0.0034s
-- execute("SET statement_timeout TO 0")
-> 0.0003s
-- add_index(:terraform_state_versions, :ci_build_id, {:name=>"index_terraform_state_versions_on_ci_build_id", :algorithm=>:concurrently})
-> 0.0054s
-- execute("RESET ALL")
-> 0.0002s
-- transaction_open?()
-> 0.0000s
-- foreign_keys(:terraform_state_versions)
-> 0.0030s
-- execute("ALTER TABLE terraform_state_versions\nADD CONSTRAINT fk_04b91e4a9f\nFOREIGN KEY (ci_build_id)\nREFERENCES ci_builds (id)\nON DELETE SET NULL\nNOT VALID;\n")
-> 0.0057s
-- execute("ALTER TABLE terraform_state_versions VALIDATE CONSTRAINT fk_04b91e4a9f;")
-> 0.0032s
== 20201015231049 AddCiBuildIdToTerraformStateVersions: migrated (0.0287s) ====
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry - [-] Documentation (if required) Not yet user facing.
-
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. - [-] Tested in all supported browsers
- [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec
- [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team
Related to #267168
Edited by Tiger Watson