diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb index 8a285d55aaa..04d5b85ab01 100644 --- a/app/models/ci/build.rb +++ b/app/models/ci/build.rb @@ -34,11 +34,7 @@ module Ci scope :with_expired_artifacts, ->() { with_artifacts.where('artifacts_expire_at < ?', Time.now) } scope :last_month, ->() { where('created_at > ?', Date.today - 1.month) } scope :manual_actions, ->() { where(when: :manual, status: COMPLETED_STATUSES + [:manual]) } - - scope :on_protected, ->() do - joins("LEFT JOIN ci_pipelines ON ci_builds.commit_id = ci_pipelines.id") - .where('ci_pipelines.protected IS TRUE') - end + scope :protected_, -> { where(protected: true) } mount_uploader :artifacts_file, ArtifactUploader mount_uploader :artifacts_metadata, ArtifactUploader diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb index fd96592e6db..24b62555845 100644 --- a/app/models/ci/runner.rb +++ b/app/models/ci/runner.rb @@ -5,7 +5,7 @@ module Ci RUNNER_QUEUE_EXPIRY_TIME = 60.minutes ONLINE_CONTACT_TIMEOUT = 1.hour AVAILABLE_SCOPES = %w[specific shared active paused online].freeze - FORM_EDITABLE = %i[description tag_list active run_untagged locked protected].freeze + FORM_EDITABLE = %i[description tag_list active run_untagged locked access_level].freeze has_many :builds has_many :runner_projects, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent @@ -41,8 +41,8 @@ module Ci after_destroy :cleanup_runner_queue enum access_level: { - protection_none: 0, - protection_full: 1 + unprotected: 0, + protected_: 1 } # Searches for runners matching the given query. diff --git a/app/services/ci/create_pipeline_service.rb b/app/services/ci/create_pipeline_service.rb index 4b141047bce..de2cd7e87be 100644 --- a/app/services/ci/create_pipeline_service.rb +++ b/app/services/ci/create_pipeline_service.rb @@ -12,8 +12,7 @@ module Ci tag: tag?, trigger_requests: Array(trigger_request), user: current_user, - pipeline_schedule: schedule, - protected: protected? + pipeline_schedule: schedule ) result = validate(current_user, @@ -176,10 +175,6 @@ module Ci origin_sha && origin_sha != Gitlab::Git::BLANK_SHA end - def protected? - project.protected_for?(ref) - end - def error(message, save: false) pipeline.tap do pipeline.errors.add(:base, message) diff --git a/app/services/ci/register_job_service.rb b/app/services/ci/register_job_service.rb index a51c28808dd..1f243de5761 100644 --- a/app/services/ci/register_job_service.rb +++ b/app/services/ci/register_job_service.rb @@ -78,7 +78,7 @@ module Ci def new_builds builds = Ci::Build.pending.unstarted - builds = builds.on_protected if runner.protected? + builds = builds.protected_ if runner.protected_? builds end diff --git a/app/views/projects/runners/_form.html.haml b/app/views/projects/runners/_form.html.haml index 7dae8ecbb94..2942ce541ed 100644 --- a/app/views/projects/runners/_form.html.haml +++ b/app/views/projects/runners/_form.html.haml @@ -10,7 +10,7 @@ = label :protected, "Protected", class: 'control-label' .col-sm-10 .checkbox - = f.check_box :protected + = f.check_box :access_level, 1, 0 %span.light This runner will only run on pipelines trigged on protected branches .form-group = label :run_untagged, 'Run untagged jobs', class: 'control-label' diff --git a/app/views/projects/runners/show.html.haml b/app/views/projects/runners/show.html.haml index e51bb299938..9d427d18272 100644 --- a/app/views/projects/runners/show.html.haml +++ b/app/views/projects/runners/show.html.haml @@ -21,7 +21,7 @@ %td= @runner.active? ? 'Yes' : 'No' %tr %td Protected - %td= @runner.protected? ? 'Yes' : 'No' + %td= @runner.protected_? ? 'Yes' : 'No' %tr %td Can run untagged jobs %td= @runner.run_untagged? ? 'Yes' : 'No' diff --git a/db/migrate/20170816133938_add_access_level_to_ci_runners.rb b/db/migrate/20170816133938_add_access_level_to_ci_runners.rb index 8cda0c3a717..58317d46eac 100644 --- a/db/migrate/20170816133938_add_access_level_to_ci_runners.rb +++ b/db/migrate/20170816133938_add_access_level_to_ci_runners.rb @@ -6,7 +6,7 @@ class AddAccessLevelToCiRunners < ActiveRecord::Migration disable_ddl_transaction! def up - # Ci::Runner.protection_none: 0 + # Ci::Runner.unprotected: 0 add_column_with_default(:ci_runners, :access_level, :integer, default: 0) end diff --git a/lib/gitlab/ci/stage/seed.rb b/lib/gitlab/ci/stage/seed.rb index f81f9347b4d..d9ac46908b0 100644 --- a/lib/gitlab/ci/stage/seed.rb +++ b/lib/gitlab/ci/stage/seed.rb @@ -28,10 +28,15 @@ module Gitlab attributes.merge(project: project, ref: pipeline.ref, tag: pipeline.tag, - trigger_request: trigger) + trigger_request: trigger + protected: protected?) end end + def protected? + @protected ||= project.protected_for?(pipeline.ref) + end + def create! pipeline.stages.create!(stage).tap do |stage| builds_attributes = builds.map do |attributes|