Commit graph

8 commits

Author SHA1 Message Date
Yorick Peterse
2039c8280d
Disable existing offenses for the CodeReuse cops
This whitelists all existing offenses for the various CodeReuse cops, of
which most are triggered by the CodeReuse/ActiveRecord cop.
2018-09-11 17:32:00 +02:00
Felipe Artur Cardozo
236ed1f2f3 Merge branch 'security-event-counters-private-data' into 'master'
[master] Don't expose project names in various counters

See merge request gitlab/gitlabhq!2418
2018-07-24 20:25:25 +00:00
gfyoung
7e87626acf Enable frozen string for app/workers/**/*.rb
Partially addresses #47424.
2018-06-27 01:12:01 -07:00
Yorick Peterse
9e29408ee6
Don't expose project names in various counters
Various counters would expose either project names, or full project
paths (e.g. "gitlab-org/gitlab-ce"). This commit changes various places
where we use "add_event" so we no longer expose (potentially) private
information.
2018-06-21 16:56:40 +02:00
Dmitriy Zaporozhets
86df5c6793
Replace deprecated path_with_namespace with full_path
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2018-03-05 15:41:54 +02:00
Douwe Maan
b1849ee2e6 Use a dedicated queue for each worker 2017-12-12 17:36:20 +01:00
Douwe Maan
0b15570e49 Add ApplicationWorker and make every worker include it 2017-12-05 11:59:39 +01:00
Yorick Peterse
4dfe26cd8b
Rewrite the GitHub importer from scratch
Prior to this MR there were two GitHub related importers:

* Github::Import: the main importer used for GitHub projects
* Gitlab::GithubImport: importer that's somewhat confusingly used for
  importing Gitea projects (apparently they have a compatible API)

This MR renames the Gitea importer to Gitlab::LegacyGithubImport and
introduces a new GitHub importer in the Gitlab::GithubImport namespace.
This new GitHub importer uses Sidekiq for importing multiple resources
in parallel, though it also has the ability to import data sequentially
should this be necessary.

The new code is spread across the following directories:

* lib/gitlab/github_import: this directory contains most of the importer
  code such as the classes used for importing resources.
* app/workers/gitlab/github_import: this directory contains the Sidekiq
  workers, most of which simply use the code from the directory above.
* app/workers/concerns/gitlab/github_import: this directory provides a
  few modules that are included in every GitHub importer worker.

== Stages

The import work is divided into separate stages, with each stage
importing a specific set of data. Stages will schedule the work that
needs to be performed, followed by scheduling a job for the
"AdvanceStageWorker" worker. This worker will periodically check if all
work is completed and schedule the next stage if this is the case. If
work is not yet completed this worker will reschedule itself.

Using this approach we don't have to block threads by calling `sleep()`,
as doing so for large projects could block the thread from doing any
work for many hours.

== Retrying Work

Workers will reschedule themselves whenever necessary. For example,
hitting the GitHub API's rate limit will result in jobs rescheduling
themselves. These jobs are not processed until the rate limit has been
reset.

== User Lookups

Part of the importing process involves looking up user details in the
GitHub API so we can map them to GitLab users. The old importer used
an in-memory cache, but this obviously doesn't work when the work is
spread across different threads.

The new importer uses a Redis cache and makes sure we only perform
API/database calls if absolutely necessary.  Frequently used keys are
refreshed, and lookup misses are also cached; removing the need for
performing API/database calls if we know we don't have the data we're
looking for.

== Performance & Models

The new importer in various places uses raw INSERT statements (as
generated by `Gitlab::Database.bulk_insert`) instead of using Rails
models. This allows us to bypass any validations and callbacks,
drastically reducing the number of SQL queries and Gitaly RPC calls
necessary to import projects.

To ensure the code produces valid data the corresponding tests check if
the produced rows are valid according to the model validation rules.
2017-11-07 23:24:59 +01:00