Add limits for deployments per pipeline
What does this MR do?
Adds a configurable limit on the number of deployments (jobs with environment specified) allowed in a pipeline, which we will subsequently update to a sensible value (current proposal is 500). It works at the seed stage, so that the deployments are not persisted if the pipeline goes over the limit.
See #24087 (closed)
Screenshots (strongly suggested)
In a project with the following .gitlab-ci.yml, when triggering a pipeline:
deployment_1:
environment: '1'
script: [ 'echo 1' ]
deployment_2:
environment: '2'
script: [ 'echo 2' ]we get the following results:
| With limit 1 | With limit 2 and 0 (disabled) |
|---|---|
 |
 |
Migration
plan_limits only has 6 rows (see #database-lab, internal link) by design, so we don't need to worry about timing.
Up
Command:
RAILS_ENV=test bin/rails db:migrate:up VERSION=20201030223933
== 20201030223933 AddCiPipelineDeploymentsToPlanLimits: migrating =============
-- add_column(:plan_limits, :ci_pipeline_deployments, :integer, {:default=>0, :null=>false})
-> 0.0030s
== 20201030223933 AddCiPipelineDeploymentsToPlanLimits: migrated (0.0031s) ====git diff:
diff --git a/db/structure.sql b/db/structure.sql
index 8c278442790..110cbeedd76 100644
--- a/db/structure.sql
+++ b/db/structure.sql
@@ -14666,7 +14666,8 @@ CREATE TABLE plan_limits (
golang_max_file_size bigint DEFAULT 104857600 NOT NULL,
debian_max_file_size bigint DEFAULT '3221225472'::bigint NOT NULL,
project_feature_flags integer DEFAULT 200 NOT NULL,
- ci_max_artifact_size_api_fuzzing integer DEFAULT 0 NOT NULL
+ ci_max_artifact_size_api_fuzzing integer DEFAULT 0 NOT NULL,
+ ci_pipeline_deployments integer DEFAULT 0 NOT NULL
);
CREATE SEQUENCE plan_limits_id_seqDown
Command:
$ RAILS_ENV=test bin/rails db:migrate:down VERSION=20201030223933
== 20201030223933 AddCiPipelineDeploymentsToPlanLimits: reverting =============
-- remove_column(:plan_limits, :ci_pipeline_deployments, :integer, {:default=>0, :null=>false})
-> 0.0026s
== 20201030223933 AddCiPipelineDeploymentsToPlanLimits: reverted (0.0043s) ====git diff:
diff --git a/db/schema_migrations/20201030223933 b/db/schema_migrations/20201030223933
deleted file mode 100644
index 2fb5f394989..00000000000
--- a/db/schema_migrations/20201030223933
+++ /dev/null
@@ -1 +0,0 @@
-a3aa783f2648a95e3ff8b503ef15b8153759c74ac85b30bf94e39710824e57b0
\ No newline at end of file
diff --git a/db/structure.sql b/db/structure.sql
index 110cbeedd76..8c278442790 100644
--- a/db/structure.sql
+++ b/db/structure.sql
@@ -14666,8 +14666,7 @@ CREATE TABLE plan_limits (
golang_max_file_size bigint DEFAULT 104857600 NOT NULL,
debian_max_file_size bigint DEFAULT '3221225472'::bigint NOT NULL,
project_feature_flags integer DEFAULT 200 NOT NULL,
- ci_max_artifact_size_api_fuzzing integer DEFAULT 0 NOT NULL,
- ci_pipeline_deployments integer DEFAULT 0 NOT NULL
+ ci_max_artifact_size_api_fuzzing integer DEFAULT 0 NOT NULL
);
CREATE SEQUENCE plan_limits_id_seqDoes this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. - [-] Tested in all supported browsers
-
Informed Infrastructure department of a default or new setting change, if applicable per definition of done: Created an issue for them at https://gitlab.com/gitlab-com/gl-infra/infrastructure/-/issues/11931
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec - [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by Hordur Freyr Yngvason