From a1fc251ed921b02e9e98fc27e445ed56d64a6971 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Tue, 25 Jun 2019 14:47:17 -0700 Subject: [PATCH] Disable Rails SQL query cache when applying service templates When the SQL query cache is active, the SELECT query for finding projects to apply service templates returns the same values. This causes an infinite loop because even though bulk INSERT queries are made, the cached results never reflect that progress. To fix this, we call `Project.uncached` around the query to ensure new data is retrieved. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/63595 --- app/services/projects/propagate_service_template.rb | 2 +- changelogs/unreleased/security-fix-issue-59379-11-10.yml | 5 +++++ spec/services/projects/propagate_service_template_spec.rb | 2 +- spec/spec_helper.rb | 6 ++++++ 4 files changed, 13 insertions(+), 2 deletions(-) create mode 100644 changelogs/unreleased/security-fix-issue-59379-11-10.yml diff --git a/app/services/projects/propagate_service_template.rb b/app/services/projects/propagate_service_template.rb index 633a263af7b..9c753a7a910 100644 --- a/app/services/projects/propagate_service_template.rb +++ b/app/services/projects/propagate_service_template.rb @@ -24,7 +24,7 @@ module Projects def propagate_projects_with_template loop do - batch = project_ids_batch + batch = Project.uncached { project_ids_batch } bulk_create_from_template(batch) unless batch.empty? diff --git a/changelogs/unreleased/security-fix-issue-59379-11-10.yml b/changelogs/unreleased/security-fix-issue-59379-11-10.yml new file mode 100644 index 00000000000..a6c3ce14dce --- /dev/null +++ b/changelogs/unreleased/security-fix-issue-59379-11-10.yml @@ -0,0 +1,5 @@ +--- +title: Disable Rails SQL query cache when applying service templates +merge_request: +author: +type: security diff --git a/spec/services/projects/propagate_service_template_spec.rb b/spec/services/projects/propagate_service_template_spec.rb index f4c59735c43..e015374f3ae 100644 --- a/spec/services/projects/propagate_service_template_spec.rb +++ b/spec/services/projects/propagate_service_template_spec.rb @@ -70,7 +70,7 @@ describe Projects::PropagateServiceTemplate do expect(project.pushover_service.properties).to eq(service_template.properties) end - describe 'bulk update' do + describe 'bulk update', :use_sql_query_cache do let(:project_total) { 5 } before do diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 60db3e1bc46..74501ed8808 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -213,6 +213,12 @@ RSpec.configure do |config| ActionController::Base.cache_store = caching_store end + config.around(:each, :use_sql_query_cache) do |example| + ActiveRecord::Base.cache do + example.run + end + end + # The :each scope runs "inside" the example, so this hook ensures the DB is in the # correct state before any examples' before hooks are called. This prevents a # problem where `ScheduleIssuesClosedAtTypeChange` (or any migration that depends -- GitLab