[15.0] Revert "Use OS tempdir for artifact metadata"
What does this MR do and why?
The Rails multipart middleware only allows temporary uploads to be
stored in certain paths (https://gitlab.com/gitlab-org/gitlab/blob/dd1e70d3676891025534dc4a1e89ca9383178fe7/lib/gitlab/middleware/multipart.rb#L154-164). This middleware includes Ruby's Dir.tmpdir
,
but this method may not necessarily return /tmp
(https://github.com/ruby/ruby/blob/v2_7_5/lib/tmpdir.rb#L23-L30). For
example, if the permissions of /tmp
do not contain the sticky bit,
Ruby may return the current working directory.
!87255 (merged) changed
the behavior so that artifact metadata is always stored in
/tmp
. When Ruby's Dir.tmpdir
differs from that path, then artifact
uploads will be rejected with a 400 Bad Request.
To avoid this issue, we revert the changes in !87255 (merged) and always take the recommended temp path from Rails.
!90083 (merged) contains
an adapted revert for master
, while this commit is a straight revert
that targets the 15-0-stable-ee
branch.
Relates to #363701 (closed)
How to set up and validate locally
- Set up a GitLab Omnibus instance with no object storage configured.
- Run
chmod -t /tmp
. - Run a job that uploads a CI artifact. See
400 Bad Request
.
Compile this branch and overwrite /opt/gitlab/embedded/bin/gitlab-workhorse
:
sudo gitlab-ctl stop gitlab-workhorse
cp gitlab-workhorse /opt/gitlab/embedded/bin
-
sudo gitlab-ctl start gitlab-workhorse
.
Retry the job. It should succeed with the artifact upload.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.