Merge branch 'jv-always-use-sidechannel' into 'main'

Always use Gitaly sidechannel connections See merge request gitlab-org/gitlab-shell!567

Merge branch 'jv-always-use-sidechannel' into 'main'
d43b4962 · Patrick Bajao · 4828228c · b2b31cee · d43b4962 · d43b4962
Commit d43b4962 authored 2 years ago by Patrick Bajao
--- a/internal/command/receivepack/gitalycall_test.go
+++ b/internal/command/receivepack/gitalycall_test.go
@@ -57,8 +57,10 @@ func TestReceivePack(t *testing.T) {
 			args.GitlabKeyId = tc.keyId
 		}

+		cfg := &config.Config{GitlabUrl: url}
+		cfg.GitalyClient.InitSidechannelRegistry(context.Background())
 		cmd := &Command{
-			Config:     &config.Config{GitlabUrl: url},
+			Config:     cfg,
 			Args:       args,
 			ReadWriter: &readwriter.ReadWriter{ErrOut: output, Out: output, In: input},
 		}

--- a/internal/command/uploadarchive/gitalycall_test.go
+++ b/internal/command/uploadarchive/gitalycall_test.go
@@ -41,8 +41,10 @@ func TestUploadArchive(t *testing.T) {
 		Env:         env,
 	}

+	cfg := &config.Config{GitlabUrl: url}
+	cfg.GitalyClient.InitSidechannelRegistry(context.Background())
 	cmd := &Command{
-		Config:     &config.Config{GitlabUrl: url},
+		Config:     cfg,
 		Args:       args,
 		ReadWriter: &readwriter.ReadWriter{ErrOut: output, Out: output, In: input},
 	}

--- a/internal/command/uploadpack/gitalycall.go
+++ b/internal/command/uploadpack/gitalycall.go
@@ -15,24 +15,7 @@ import (
 func (c *Command) performGitalyCall(ctx context.Context, response *accessverifier.Response) error {
 	gc := handler.NewGitalyCommand(c.Config, string(commandargs.UploadPack), response)

-	if response.Gitaly.UseSidechannel {
-		request := &pb.SSHUploadPackWithSidechannelRequest{
-			Repository:       &response.Gitaly.Repo,
-			GitProtocol:      c.Args.Env.GitProtocolVersion,
-			GitConfigOptions: response.GitConfigOptions,
-		}
-
-		return gc.RunGitalyCommand(ctx, func(ctx context.Context, conn *grpc.ClientConn) (int32, error) {
-			ctx, cancel := gc.PrepareContext(ctx, request.Repository, c.Args.Env)
-			defer cancel()
-
-			registry := c.Config.GitalyClient.SidechannelRegistry
-			rw := c.ReadWriter
-			return client.UploadPackWithSidechannel(ctx, conn, registry, rw.In, rw.Out, rw.ErrOut, request)
-		})
-	}
-
-	request := &pb.SSHUploadPackRequest{
+	request := &pb.SSHUploadPackWithSidechannelRequest{
 		Repository:       &response.Gitaly.Repo,
 		GitProtocol:      c.Args.Env.GitProtocolVersion,
 		GitConfigOptions: response.GitConfigOptions,
@@ -42,7 +25,8 @@ func (c *Command) performGitalyCall(ctx context.Context, response *accessverifie
 		ctx, cancel := gc.PrepareContext(ctx, request.Repository, c.Args.Env)
 		defer cancel()

+		registry := c.Config.GitalyClient.SidechannelRegistry
 		rw := c.ReadWriter
-		return client.UploadPack(ctx, conn, rw.In, rw.Out, rw.ErrOut, request)
+		return client.UploadPackWithSidechannel(ctx, conn, registry, rw.In, rw.Out, rw.ErrOut, request)
 	})
 }
--- a/internal/command/uploadpack/gitalycall_test.go
+++ b/internal/command/uploadpack/gitalycall_test.go
@@ -41,62 +41,6 @@ func TestUploadPack(t *testing.T) {
 		Env:         env,
 	}

-	cmd := &Command{
-		Config:     &config.Config{GitlabUrl: url},
-		Args:       args,
-		ReadWriter: &readwriter.ReadWriter{ErrOut: output, Out: output, In: input},
-	}
-
-	ctx := correlation.ContextWithCorrelation(context.Background(), "a-correlation-id")
-	ctx = correlation.ContextWithClientName(ctx, "gitlab-shell-tests")
-
-	err := cmd.Execute(ctx)
-	require.NoError(t, err)
-
-	require.Equal(t, "UploadPack: "+repo, output.String())
-
-	for k, v := range map[string]string{
-		"gitaly-feature-cache_invalidator":        "true",
-		"gitaly-feature-inforef_uploadpack_cache": "false",
-		"x-gitlab-client-name":                    "gitlab-shell-tests-git-upload-pack",
-		"key_id":                                  "123",
-		"user_id":                                 "1",
-		"remote_ip":                               "127.0.0.1",
-		"key_type":                                "key",
-	} {
-		actual := testServer.ReceivedMD[k]
-		require.Len(t, actual, 1)
-		require.Equal(t, v, actual[0])
-	}
-	require.Empty(t, testServer.ReceivedMD["some-other-ff"])
-	require.Equal(t, testServer.ReceivedMD["x-gitlab-correlation-id"][0], "a-correlation-id")
-}
-
-func TestUploadPack_withSidechannel(t *testing.T) {
-	gitalyAddress, testServer := testserver.StartGitalyServer(t)
-
-	requests := requesthandlers.BuildAllowedWithGitalyHandlersWithSidechannel(t, gitalyAddress)
-	url := testserver.StartHttpServer(t, requests)
-
-	output := &bytes.Buffer{}
-	input := &bytes.Buffer{}
-
-	userId := "1"
-	repo := "group/repo"
-
-	env := sshenv.Env{
-		IsSSHConnection: true,
-		OriginalCommand: "git-upload-pack " + repo,
-		RemoteAddr:      "127.0.0.1",
-	}
-
-	args := &commandargs.Shell{
-		GitlabKeyId: userId,
-		CommandType: commandargs.UploadPack,
-		SshArgs:     []string{"git-upload-pack", repo},
-		Env:         env,
-	}
-
 	ctx := correlation.ContextWithCorrelation(context.Background(), "a-correlation-id")
 	ctx = correlation.ContextWithClientName(ctx, "gitlab-shell-tests")


--- a/internal/gitaly/gitaly.go
+++ b/internal/gitaly/gitaly.go
@@ -21,10 +21,9 @@ import (
 )

 type Command struct {
-	ServiceName     string
-	Address         string
-	Token           string
-	DialSidechannel bool
+	ServiceName string
+	Address     string
+	Token       string
 }

 type connectionsCache struct {
@@ -125,9 +124,5 @@ func (c *Client) newConnection(ctx context.Context, cmd Command) (conn *grpc.Cli
 		)
 	}

-	if cmd.DialSidechannel {
-		return client.DialSidechannel(ctx, cmd.Address, c.SidechannelRegistry, connOpts)
-	}
-
-	return client.DialContext(ctx, cmd.Address, connOpts)
+	return client.DialSidechannel(ctx, cmd.Address, c.SidechannelRegistry, connOpts)
 }
--- a/internal/gitaly/gitaly_test.go
+++ b/internal/gitaly/gitaly_test.go
@@ -13,7 +13,7 @@ import (
 func TestPrometheusMetrics(t *testing.T) {
 	metrics.GitalyConnectionsTotal.Reset()

-	c := &Client{}
+	c := newClient()

 	cmd := Command{ServiceName: "git-upload-pack", Address: "tcp://localhost:9999"}
 	c.newConnection(context.Background(), cmd)
@@ -31,7 +31,7 @@ func TestPrometheusMetrics(t *testing.T) {
 }

 func TestCachedConnections(t *testing.T) {
-	c := &Client{}
+	c := newClient()

 	require.Len(t, c.cache.connections, 0)

@@ -51,3 +51,9 @@ func TestCachedConnections(t *testing.T) {
 	require.NoError(t, err)
 	require.Len(t, c.cache.connections, 2)
 }
+
+func newClient() *Client {
+	c := &Client{}
+	c.InitSidechannelRegistry(context.Background())
+	return c
+}
--- a/internal/gitlabnet/accessverifier/client.go
+++ b/internal/gitlabnet/accessverifier/client.go
@@ -32,11 +32,10 @@ type Request struct {
 }

 type Gitaly struct {
-	Repo           pb.Repository     `json:"repository"`
-	Address        string            `json:"address"`
-	Token          string            `json:"token"`
-	Features       map[string]string `json:"features"`
-	UseSidechannel bool              `json:"use_sidechannel"`
+	Repo     pb.Repository     `json:"repository"`
+	Address  string            `json:"address"`
+	Token    string            `json:"token"`
+	Features map[string]string `json:"features"`
 }

 type CustomPayloadData struct {

--- a/internal/gitlabnet/accessverifier/client_test.go
+++ b/internal/gitlabnet/accessverifier/client_test.go
@@ -86,41 +86,6 @@ func TestSuccessfulResponses(t *testing.T) {
 	}
 }

-func TestSidechannelFlag(t *testing.T) {
-	okResponse := testResponse{body: responseBody(t, "allowed_sidechannel.json"), status: http.StatusOK}
-	client := setup(t,
-		map[string]testResponse{"first": okResponse},
-		map[string]testResponse{"1": okResponse},
-	)
-
-	testCases := []struct {
-		desc string
-		args *commandargs.Shell
-		who  string
-	}{
-		{
-			desc: "Provide key id within the request",
-			args: &commandargs.Shell{GitlabKeyId: "1"},
-			who:  "key-1",
-		}, {
-			desc: "Provide username within the request",
-			args: &commandargs.Shell{GitlabUsername: "first"},
-			who:  "user-1",
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.desc, func(t *testing.T) {
-			result, err := client.Verify(context.Background(), tc.args, uploadPackAction, repo)
-			require.NoError(t, err)
-
-			response := buildExpectedResponse(tc.who)
-			response.Gitaly.UseSidechannel = true
-			require.Equal(t, response, result)
-		})
-	}
-}
-
 func TestGeoPushGetCustomAction(t *testing.T) {
 	client := setup(t, map[string]testResponse{
 		"custom": {

--- a/internal/handler/exec.go
+++ b/internal/handler/exec.go
@@ -33,10 +33,9 @@ type GitalyCommand struct {

 func NewGitalyCommand(cfg *config.Config, serviceName string, response *accessverifier.Response) *GitalyCommand {
 	gc := gitaly.Command{
-		ServiceName:     serviceName,
-		Address:         response.Gitaly.Address,
-		Token:           response.Gitaly.Token,
-		DialSidechannel: response.Gitaly.UseSidechannel,
+		ServiceName: serviceName,
+		Address:     response.Gitaly.Address,
+		Token:       response.Gitaly.Token,
 	}

 	return &GitalyCommand{Config: cfg, Response: response, Command: gc}

--- a/internal/handler/exec_test.go
+++ b/internal/handler/exec_test.go
@@ -29,7 +29,7 @@ func makeHandler(t *testing.T, err error) func(context.Context, *grpc.ClientConn

 func TestRunGitalyCommand(t *testing.T) {
 	cmd := NewGitalyCommand(
-		&config.Config{},
+		newConfig(),
 		string(commandargs.UploadPack),
 		&accessverifier.Response{
 			Gitaly: accessverifier.Gitaly{Address: "tcp://localhost:9999"},
@@ -46,14 +46,12 @@ func TestRunGitalyCommand(t *testing.T) {

 func TestCachingOfGitalyConnections(t *testing.T) {
 	ctx := context.Background()
-	cfg := &config.Config{}
-	cfg.GitalyClient.InitSidechannelRegistry(ctx)
+	cfg := newConfig()
 	response := &accessverifier.Response{
 		Username: "user",
 		Gitaly: accessverifier.Gitaly{
-			Address:        "tcp://localhost:9999",
-			Token:          "token",
-			UseSidechannel: true,
+			Address: "tcp://localhost:9999",
+			Token:   "token",
 		},
 	}

@@ -71,7 +69,7 @@ func TestCachingOfGitalyConnections(t *testing.T) {
 }

 func TestMissingGitalyAddress(t *testing.T) {
-	cmd := GitalyCommand{Config: &config.Config{}}
+	cmd := GitalyCommand{Config: newConfig()}

 	err := cmd.RunGitalyCommand(context.Background(), makeHandler(t, nil))
 	require.EqualError(t, err, "no gitaly_address given")
@@ -79,7 +77,7 @@ func TestMissingGitalyAddress(t *testing.T) {

 func TestUnavailableGitalyErr(t *testing.T) {
 	cmd := NewGitalyCommand(
-		&config.Config{},
+		newConfig(),
 		string(commandargs.UploadPack),
 		&accessverifier.Response{
 			Gitaly: accessverifier.Gitaly{Address: "tcp://localhost:9999"},
@@ -101,7 +99,7 @@ func TestRunGitalyCommandMetadata(t *testing.T) {
 		{
 			name: "gitaly_feature_flags",
 			gc: NewGitalyCommand(
-				&config.Config{},
+				newConfig(),
 				string(commandargs.UploadPack),
 				&accessverifier.Response{
 					Gitaly: accessverifier.Gitaly{
@@ -209,3 +207,9 @@ func TestPrepareContext(t *testing.T) {
 		})
 	}
 }
+
+func newConfig() *config.Config {
+	cfg := &config.Config{}
+	cfg.GitalyClient.InitSidechannelRegistry(context.Background())
+	return cfg
+}
--- a/internal/testhelper/requesthandlers/requesthandlers.go
+++ b/internal/testhelper/requesthandlers/requesthandlers.go
@@ -29,14 +29,6 @@ func BuildDisallowedByApiHandlers(t *testing.T) []testserver.TestRequestHandler
 }

 func BuildAllowedWithGitalyHandlers(t *testing.T, gitalyAddress string) []testserver.TestRequestHandler {
-	return buildAllowedWithGitalyHandlers(t, gitalyAddress, false)
-}
-
-func BuildAllowedWithGitalyHandlersWithSidechannel(t *testing.T, gitalyAddress string) []testserver.TestRequestHandler {
-	return buildAllowedWithGitalyHandlers(t, gitalyAddress, true)
-}
-
-func buildAllowedWithGitalyHandlers(t *testing.T, gitalyAddress string, useSidechannel bool) []testserver.TestRequestHandler {
 	requests := []testserver.TestRequestHandler{
 		{
 			Path: "/api/v4/internal/allowed",
@@ -64,9 +56,6 @@ func buildAllowedWithGitalyHandlers(t *testing.T, gitalyAddress string, useSidec
 						},
 					},
 				}
-				if useSidechannel {
-					body["gitaly"].(map[string]interface{})["use_sidechannel"] = true
-				}
 				require.NoError(t, json.NewEncoder(w).Encode(body))
 			},
 		},

--- a/internal/testhelper/testdata/testroot/responses/allowed_sidechannel.json
+++ b/internal/testhelper/testdata/testroot/responses/allowed_sidechannel.json
-{
-	"status": true,
-	"gl_repository": "project-26",
-	"gl_project_path": "group/private",
-	"gl_id": "user-1",
-	"gl_username": "root",
-	"git_config_options": ["option"],
-	"gitaly": {
-		"repository": {
-			"storage_name": "default",
-			"relative_path": "@hashed/5f/9c/5f9c4ab08cac7457e9111a30e4664920607ea2c115a1433d7be98e97e64244ca.git",
-			"git_object_directory": "path/to/git_object_directory",
-			"git_alternate_object_directories": ["path/to/git_alternate_object_directory"],
-			"gl_repository": "project-26",
-			"gl_project_path": "group/private"
-		},
-		"address": "unix:gitaly.socket",
-		"token": "token",
-               "use_sidechannel": true
-	},
-	"git_protocol": "protocol",
-	"gl_console_messages": ["console", "message"]
-}