From 073ba05d315881730de3995042cc4256c116e2c4 Mon Sep 17 00:00:00 2001 From: Jarka Kadlecova Date: Thu, 31 Aug 2017 12:38:32 +0200 Subject: Support discussion lock in the API --- lib/api/entities.rb | 2 ++ lib/api/issues.rb | 3 ++- lib/api/merge_requests.rb | 4 +++- lib/api/notes.rb | 7 +++++++ 4 files changed, 14 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 52c49e5caa9..4b2ac1cce95 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -362,6 +362,7 @@ module API end expose :due_date expose :confidential + expose :discussion_locked expose :web_url do |issue, options| Gitlab::UrlBuilder.build(issue) @@ -458,6 +459,7 @@ module API expose :diff_head_sha, as: :sha expose :merge_commit_sha expose :user_notes_count + expose :discussion_locked expose :should_remove_source_branch?, as: :should_remove_source_branch expose :force_remove_source_branch?, as: :force_remove_source_branch diff --git a/lib/api/issues.rb b/lib/api/issues.rb index 1729df2aad0..88b592083db 100644 --- a/lib/api/issues.rb +++ b/lib/api/issues.rb @@ -48,6 +48,7 @@ module API optional :labels, type: String, desc: 'Comma-separated list of label names' optional :due_date, type: String, desc: 'Date string in the format YEAR-MONTH-DAY' optional :confidential, type: Boolean, desc: 'Boolean parameter if the issue should be confidential' + optional :discussion_locked, type: Boolean, desc: "Boolean parameter if the issue's discussion should be locked" end params :issue_params do @@ -193,7 +194,7 @@ module API desc: 'Date time when the issue was updated. Available only for admins and project owners.' optional :state_event, type: String, values: %w[reopen close], desc: 'State of the issue' use :issue_params - at_least_one_of :title, :description, :assignee_ids, :assignee_id, :milestone_id, + at_least_one_of :title, :description, :assignee_ids, :assignee_id, :milestone_id, :discussion_locked, :labels, :created_at, :due_date, :confidential, :state_event end put ':id/issues/:issue_iid' do diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb index 56d72d511da..35395647fac 100644 --- a/lib/api/merge_requests.rb +++ b/lib/api/merge_requests.rb @@ -213,12 +213,14 @@ module API :remove_source_branch, :state_event, :target_branch, - :title + :title, + :discussion_locked ] optional :title, type: String, allow_blank: false, desc: 'The title of the merge request' optional :target_branch, type: String, allow_blank: false, desc: 'The target branch' optional :state_event, type: String, values: %w[close reopen], desc: 'Status of the merge request' + optional :discussion_locked, type: Boolean, desc: 'Whether the MR discussion is locked' use :optional_params at_least_one_of(*at_least_one_of_ce) diff --git a/lib/api/notes.rb b/lib/api/notes.rb index d6e7203adaf..b3db366d875 100644 --- a/lib/api/notes.rb +++ b/lib/api/notes.rb @@ -71,6 +71,8 @@ module API post ":id/#{noteables_str}/:noteable_id/notes" do noteable = find_project_noteable(noteables_str, params[:noteable_id]) + authorize! :create_note, user_project + opts = { note: params[:body], noteable_type: noteables_str.classify, @@ -82,6 +84,11 @@ module API opts[:created_at] = params[:created_at] end + noteable_type = opts[:noteable_type].to_s + noteable = Issue.find(opts[:noteable_id]) if noteable_type == 'Issue' + noteable = MergeRequest.find(opts[:noteable_id]) if noteable_type == 'MergeRequest' + authorize! :create_note, noteable if noteable + note = ::Notes::CreateService.new(user_project, current_user, opts).execute if note.valid? -- cgit v1.2.1 From 994e7d135947ca162c147c5e0992a0190de22808 Mon Sep 17 00:00:00 2001 From: Jarka Kadlecova Date: Fri, 1 Sep 2017 14:03:57 +0200 Subject: Create system notes for MR too, improve doc + clean up code --- lib/api/issues.rb | 2 +- lib/api/notes.rb | 9 ++------- 2 files changed, 3 insertions(+), 8 deletions(-) (limited to 'lib') diff --git a/lib/api/issues.rb b/lib/api/issues.rb index 88b592083db..0df41dcc903 100644 --- a/lib/api/issues.rb +++ b/lib/api/issues.rb @@ -48,7 +48,7 @@ module API optional :labels, type: String, desc: 'Comma-separated list of label names' optional :due_date, type: String, desc: 'Date string in the format YEAR-MONTH-DAY' optional :confidential, type: Boolean, desc: 'Boolean parameter if the issue should be confidential' - optional :discussion_locked, type: Boolean, desc: "Boolean parameter if the issue's discussion should be locked" + optional :discussion_locked, type: Boolean, desc: " Boolean parameter indicating if the issue's discussion is locked" end params :issue_params do diff --git a/lib/api/notes.rb b/lib/api/notes.rb index b3db366d875..0b9ab4eeb05 100644 --- a/lib/api/notes.rb +++ b/lib/api/notes.rb @@ -71,8 +71,6 @@ module API post ":id/#{noteables_str}/:noteable_id/notes" do noteable = find_project_noteable(noteables_str, params[:noteable_id]) - authorize! :create_note, user_project - opts = { note: params[:body], noteable_type: noteables_str.classify, @@ -80,15 +78,12 @@ module API } if can?(current_user, noteable_read_ability_name(noteable), noteable) + authorize! :create_note, noteable + if params[:created_at] && (current_user.admin? || user_project.owner == current_user) opts[:created_at] = params[:created_at] end - noteable_type = opts[:noteable_type].to_s - noteable = Issue.find(opts[:noteable_id]) if noteable_type == 'Issue' - noteable = MergeRequest.find(opts[:noteable_id]) if noteable_type == 'MergeRequest' - authorize! :create_note, noteable if noteable - note = ::Notes::CreateService.new(user_project, current_user, opts).execute if note.valid? -- cgit v1.2.1 From d4fa672c20657a1c7d2fcfa25e9798e7ccdbf39d Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Mon, 25 Sep 2017 16:10:25 +0900 Subject: Create Kubernetes cluster on GKE from k8s service --- lib/google_api/authentication.rb | 51 +++++++++++++++++++++++++++++++++ lib/google_api/cloud_platform/client.rb | 24 ++++++++++++++++ 2 files changed, 75 insertions(+) create mode 100644 lib/google_api/authentication.rb create mode 100644 lib/google_api/cloud_platform/client.rb (limited to 'lib') diff --git a/lib/google_api/authentication.rb b/lib/google_api/authentication.rb new file mode 100644 index 00000000000..d7b473525fb --- /dev/null +++ b/lib/google_api/authentication.rb @@ -0,0 +1,51 @@ +module GoogleApi + class Authentication + attr_reader :access_token, :redirect_uri, :state + + def initialize(access_token, redirect_uri, state: nil) + @access_token = access_token + @redirect_uri = redirect_uri + @state = state + end + + def client + return @client if defined?(@client) + + unless config + raise 'OAuth configuration for google_oauth2 missing.' + end + + @client = ::OAuth2::Client.new( + config.app_id, + config.app_secret, + site: 'https://accounts.google.com', + token_url: '/o/oauth2/token', + authorize_url: '/o/oauth2/auth' + ) + end + + def authorize_url + client.auth_code.authorize_url( + redirect_uri: redirect_uri, + scope: scope, + state: state # This is used for arbitary redirection + ) + end + + def get_token(code) + client.auth_code.get_token(code, redirect_uri: redirect_uri).token + end + + protected + + def scope + raise NotImplementedError + end + + private + + def config + Gitlab.config.omniauth.providers.find { |provider| provider.name == "google_oauth2" } + end + end +end diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb new file mode 100644 index 00000000000..2c2aefc542c --- /dev/null +++ b/lib/google_api/cloud_platform/client.rb @@ -0,0 +1,24 @@ +module GoogleApi + module CloudPlatform + class Client < GoogleApi::Authentication + # Google::Apis::ContainerV1::ContainerService.new + def scope + 'https://www.googleapis.com/auth/cloud-platform' + end + + def projects_zones_clusters_get + # TODO: + # service = Google::Apis::ContainerV1::ContainerService.new + # service.authorization = access_token + # project_id = params['project_id'] + # ... + # response = service.list_zone_clusters(project_id, zone) + response + end + + def projects_zones_clusters_create + # TODO + end + end + end +end -- cgit v1.2.1 From bdc618c289b8c2b996a3ef92b7748966c311d28a Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Tue, 26 Sep 2017 02:11:26 +0900 Subject: ok --- lib/google_api/cloud_platform/client.rb | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index 2c2aefc542c..f2305eab3b7 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -2,6 +2,13 @@ module GoogleApi module CloudPlatform class Client < GoogleApi::Authentication # Google::Apis::ContainerV1::ContainerService.new + + class << self + def token_in_session + :cloud_platform_access_token + end + end + def scope 'https://www.googleapis.com/auth/cloud-platform' end @@ -16,8 +23,16 @@ module GoogleApi response end - def projects_zones_clusters_create - # TODO + def projects_zones_clusters_create(gcp_project_id, cluster_zone, cluster_name, cluster_size) + # TODO: Google::Apis::ContainerV1::ContainerService.new + + # TODO: Debug + { + 'end_point' => '111.111.111.111', + 'ca_cert' => 'XXXXXXXXXXXXXXXXXX', + 'username' => 'AAA', + 'password' => 'BBB' + } end end end -- cgit v1.2.1 From d65cd0a68066c20250a3b7cbf5f6e3767f359c41 Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Tue, 26 Sep 2017 17:46:09 +0900 Subject: Tie KubernetesService --- lib/google_api/cloud_platform/client.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index f2305eab3b7..baaf2e0d0fb 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -28,7 +28,7 @@ module GoogleApi # TODO: Debug { - 'end_point' => '111.111.111.111', + 'end_point' => 'https://111.111.111.111', 'ca_cert' => 'XXXXXXXXXXXXXXXXXX', 'username' => 'AAA', 'password' => 'BBB' -- cgit v1.2.1 From 55ac72e56e0cdf6faf2fcd93939d0dd77048a8ee Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Tue, 26 Sep 2017 20:34:49 +0900 Subject: Create cluster --- lib/google_api/cloud_platform/client.rb | 49 ++++++++++++++++++++------------- 1 file changed, 30 insertions(+), 19 deletions(-) (limited to 'lib') diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index baaf2e0d0fb..301b4824bb0 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -1,8 +1,8 @@ +require 'google/apis/container_v1' + module GoogleApi module CloudPlatform class Client < GoogleApi::Authentication - # Google::Apis::ContainerV1::ContainerService.new - class << self def token_in_session :cloud_platform_access_token @@ -13,26 +13,37 @@ module GoogleApi 'https://www.googleapis.com/auth/cloud-platform' end - def projects_zones_clusters_get - # TODO: - # service = Google::Apis::ContainerV1::ContainerService.new - # service.authorization = access_token - # project_id = params['project_id'] - # ... - # response = service.list_zone_clusters(project_id, zone) - response + def projects_zones_clusters_get(project_id:, zone:, cluster_id:) + service = Google::Apis::ContainerV1::ContainerService.new + service.authorization = access_token + + response = service.get_zone_cluster(project_id, zone, cluster_id) + response.to_json end - def projects_zones_clusters_create(gcp_project_id, cluster_zone, cluster_name, cluster_size) - # TODO: Google::Apis::ContainerV1::ContainerService.new + # Responce exmaple + # {"name":"operation-1506424047439-0293f57c","operationType":"CREATE_CLUSTER","selfLink":"https://container.googleapis.com/v1/projects/696404988091/zones/us-central1-a/operations/operation-1506424047439-0293f57c","startTime":"2017-09-26T11:07:27.439033158Z","status":"RUNNING","targetLink":"https://container.googleapis.com/v1/projects/696404988091/zones/us-central1-a/clusters/gke-test-creation","zone":"us-central1-a"} + def projects_zones_clusters_create(project_id:, zone:, cluster_name:, cluster_size:, machine_type:) + service = Google::Apis::ContainerV1::ContainerService.new + service.authorization = access_token + + request_body = Google::Apis::ContainerV1::CreateClusterRequest.new( + { + "cluster": { + "name": cluster_name, + "initial_node_count": cluster_size + } + } + ) + + # TODO: machine_type : Defailt 3.75 GB + response = service.create_cluster(project_id, zone, request_body) + puts response.to_json + response.to_json + end - # TODO: Debug - { - 'end_point' => 'https://111.111.111.111', - 'ca_cert' => 'XXXXXXXXXXXXXXXXXX', - 'username' => 'AAA', - 'password' => 'BBB' - } + def get_status(project_id:, zone:, cluster_name:, cluster_size:, machine_type:) + # Observe end end end -- cgit v1.2.1 From e7a8a05659f8c77ef6c1f83a25bae5629513cf96 Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Tue, 26 Sep 2017 23:05:12 +0900 Subject: Improve ClustersController --- lib/google_api/cloud_platform/client.rb | 45 +++++++++++++++++++++++++-------- 1 file changed, 35 insertions(+), 10 deletions(-) (limited to 'lib') diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index 301b4824bb0..17bca090d5d 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -13,17 +13,19 @@ module GoogleApi 'https://www.googleapis.com/auth/cloud-platform' end - def projects_zones_clusters_get(project_id:, zone:, cluster_id:) + def projects_zones_clusters_get(project_id, zone, cluster_id) service = Google::Apis::ContainerV1::ContainerService.new service.authorization = access_token - response = service.get_zone_cluster(project_id, zone, cluster_id) - response.to_json + cluster = service.get_zone_cluster(project_id, zone, cluster_id) + puts "#{self.class.name} - #{__callee__}: cluster: #{cluster.inspect}" + cluster end # Responce exmaple # {"name":"operation-1506424047439-0293f57c","operationType":"CREATE_CLUSTER","selfLink":"https://container.googleapis.com/v1/projects/696404988091/zones/us-central1-a/operations/operation-1506424047439-0293f57c","startTime":"2017-09-26T11:07:27.439033158Z","status":"RUNNING","targetLink":"https://container.googleapis.com/v1/projects/696404988091/zones/us-central1-a/clusters/gke-test-creation","zone":"us-central1-a"} - def projects_zones_clusters_create(project_id:, zone:, cluster_name:, cluster_size:, machine_type:) + # TODO: machine_type : Defailt 3.75 GB + def projects_zones_clusters_create(project_id, zone, cluster_name, cluster_size:, machine_type:) service = Google::Apis::ContainerV1::ContainerService.new service.authorization = access_token @@ -36,14 +38,37 @@ module GoogleApi } ) - # TODO: machine_type : Defailt 3.75 GB - response = service.create_cluster(project_id, zone, request_body) - puts response.to_json - response.to_json + begin + operation = service.create_cluster(project_id, zone, request_body) + rescue Google::Apis::ClientError, Google::Apis::AuthorizationError => e + Rails.logger.error("#{self.class.name}: Could not create cluster #{cluster_name}: #{e}") + end + puts "#{self.class.name} - #{__callee__}: operation: #{operation.inspect}" + operation end - def get_status(project_id:, zone:, cluster_name:, cluster_size:, machine_type:) - # Observe + def projects_zones_operations(project_id, zone, operation_id) + service = Google::Apis::ContainerV1::ContainerService.new + service.authorization = access_token + + operation = service.get_zone_operation(project_id, zone, operation_id) + operation + end + + def wait_operation_done(self_link) + running = true + + ret = self_link.match(/projects\/(.*)\/zones\/(.*)\/operations\/(.*)/) + project_id = ret[1] + zone = ret[2] + operation_id = ret[3] + + while running + operation = projects_zones_operations(project_id, zone, operation_id) + if operation.status != 'RUNNING' + running = false + end + end end end end -- cgit v1.2.1 From 9900933432fc05a07b4c3e742c0ec3f295cf773c Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Wed, 27 Sep 2017 17:04:25 +0900 Subject: Remove sensitive literal data --- lib/google_api/cloud_platform/client.rb | 1 - 1 file changed, 1 deletion(-) (limited to 'lib') diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index 17bca090d5d..f0ca2c52aa7 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -23,7 +23,6 @@ module GoogleApi end # Responce exmaple - # {"name":"operation-1506424047439-0293f57c","operationType":"CREATE_CLUSTER","selfLink":"https://container.googleapis.com/v1/projects/696404988091/zones/us-central1-a/operations/operation-1506424047439-0293f57c","startTime":"2017-09-26T11:07:27.439033158Z","status":"RUNNING","targetLink":"https://container.googleapis.com/v1/projects/696404988091/zones/us-central1-a/clusters/gke-test-creation","zone":"us-central1-a"} # TODO: machine_type : Defailt 3.75 GB def projects_zones_clusters_create(project_id, zone, cluster_name, cluster_size:, machine_type:) service = Google::Apis::ContainerV1::ContainerService.new -- cgit v1.2.1 From e9d05a2cdc24b4dc771344f26e6ffdcf0240e46c Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Wed, 27 Sep 2017 21:01:08 +0900 Subject: Add login root. Remove ceration type. --- lib/google_api/authentication.rb | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) (limited to 'lib') diff --git a/lib/google_api/authentication.rb b/lib/google_api/authentication.rb index d7b473525fb..4c9016e1085 100644 --- a/lib/google_api/authentication.rb +++ b/lib/google_api/authentication.rb @@ -2,28 +2,14 @@ module GoogleApi class Authentication attr_reader :access_token, :redirect_uri, :state + ConfigMissingError = Class.new(StandardError) + def initialize(access_token, redirect_uri, state: nil) @access_token = access_token @redirect_uri = redirect_uri @state = state end - def client - return @client if defined?(@client) - - unless config - raise 'OAuth configuration for google_oauth2 missing.' - end - - @client = ::OAuth2::Client.new( - config.app_id, - config.app_secret, - site: 'https://accounts.google.com', - token_url: '/o/oauth2/token', - authorize_url: '/o/oauth2/auth' - ) - end - def authorize_url client.auth_code.authorize_url( redirect_uri: redirect_uri, @@ -47,5 +33,21 @@ module GoogleApi def config Gitlab.config.omniauth.providers.find { |provider| provider.name == "google_oauth2" } end + + def client + return @client if defined?(@client) + + unless config + raise ConfigMissingError + end + + @client = ::OAuth2::Client.new( + config.app_id, + config.app_secret, + site: 'https://accounts.google.com', + token_url: '/o/oauth2/token', + authorize_url: '/o/oauth2/auth' + ) + end end end -- cgit v1.2.1 From fabc359e77c39aea86f0eaa9f19b17b2a609dd99 Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Thu, 28 Sep 2017 18:11:17 +0900 Subject: Multithreading cluster creation is done with `reactive_cache` --- lib/google_api/cloud_platform/client.rb | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) (limited to 'lib') diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index f0ca2c52aa7..61176e39464 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -40,7 +40,8 @@ module GoogleApi begin operation = service.create_cluster(project_id, zone, request_body) rescue Google::Apis::ClientError, Google::Apis::AuthorizationError => e - Rails.logger.error("#{self.class.name}: Could not create cluster #{cluster_name}: #{e}") + puts "#{self.class.name} - #{__callee__}: Could not create cluster #{cluster_name}: #{e}" + # TODO: Error end puts "#{self.class.name} - #{__callee__}: operation: #{operation.inspect}" operation @@ -51,23 +52,14 @@ module GoogleApi service.authorization = access_token operation = service.get_zone_operation(project_id, zone, operation_id) + puts "#{self.class.name} - #{__callee__}: operation: #{operation.inspect}" operation end - def wait_operation_done(self_link) - running = true - + def parse_self_link(self_link) ret = self_link.match(/projects\/(.*)\/zones\/(.*)\/operations\/(.*)/) - project_id = ret[1] - zone = ret[2] - operation_id = ret[3] - while running - operation = projects_zones_operations(project_id, zone, operation_id) - if operation.status != 'RUNNING' - running = false - end - end + return ret[1], ret[2], ret[3] # project_id, zone, operation_id end end end -- cgit v1.2.1 From bda1b0a878205ac99bf10c0b4f0e63f2d4e3a25f Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Fri, 29 Sep 2017 00:08:11 +0900 Subject: Databse foreing key, index, encrypt password. Use short path. Improve error handling. Polish. --- lib/google_api/cloud_platform/client.rb | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) (limited to 'lib') diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index 61176e39464..0bc306a24e6 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -13,11 +13,22 @@ module GoogleApi 'https://www.googleapis.com/auth/cloud-platform' end + ## + # Exception + # Google::Apis::ClientError: + # Google::Apis::AuthorizationError: + ## + def projects_zones_clusters_get(project_id, zone, cluster_id) service = Google::Apis::ContainerV1::ContainerService.new service.authorization = access_token - cluster = service.get_zone_cluster(project_id, zone, cluster_id) + begin + cluster = service.get_zone_cluster(project_id, zone, cluster_id) + rescue Google::Apis::ClientError, Google::Apis::AuthorizationError => e + return nil + end + puts "#{self.class.name} - #{__callee__}: cluster: #{cluster.inspect}" cluster end @@ -40,9 +51,9 @@ module GoogleApi begin operation = service.create_cluster(project_id, zone, request_body) rescue Google::Apis::ClientError, Google::Apis::AuthorizationError => e - puts "#{self.class.name} - #{__callee__}: Could not create cluster #{cluster_name}: #{e}" - # TODO: Error + return nil end + puts "#{self.class.name} - #{__callee__}: operation: #{operation.inspect}" operation end @@ -51,7 +62,12 @@ module GoogleApi service = Google::Apis::ContainerV1::ContainerService.new service.authorization = access_token - operation = service.get_zone_operation(project_id, zone, operation_id) + begin + operation = service.get_zone_operation(project_id, zone, operation_id) + rescue Google::Apis::ClientError, Google::Apis::AuthorizationError => e + return nil + end + puts "#{self.class.name} - #{__callee__}: operation: #{operation.inspect}" operation end -- cgit v1.2.1 From e499c1c39dbea505858874ee47436641df3d93d4 Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Sun, 1 Oct 2017 00:54:22 +0900 Subject: Replace reactive_cache by multipel sidekiq workers --- lib/google_api/auth.rb | 53 +++++++++++++++++++++++++++++++++ lib/google_api/authentication.rb | 53 --------------------------------- lib/google_api/cloud_platform/client.rb | 28 +++++++---------- 3 files changed, 63 insertions(+), 71 deletions(-) create mode 100644 lib/google_api/auth.rb delete mode 100644 lib/google_api/authentication.rb (limited to 'lib') diff --git a/lib/google_api/auth.rb b/lib/google_api/auth.rb new file mode 100644 index 00000000000..92787b87ac6 --- /dev/null +++ b/lib/google_api/auth.rb @@ -0,0 +1,53 @@ +module GoogleApi + class Auth + attr_reader :access_token, :redirect_uri, :state + + ConfigMissingError = Class.new(StandardError) + + def initialize(access_token, redirect_uri, state: nil) + @access_token = access_token + @redirect_uri = redirect_uri + @state = state + end + + def authorize_url + client.auth_code.authorize_url( + redirect_uri: redirect_uri, + scope: scope, + state: state # This is used for arbitary redirection + ) + end + + def get_token(code) + client.auth_code.get_token(code, redirect_uri: redirect_uri).token + end + + protected + + def scope + raise NotImplementedError + end + + private + + def config + Gitlab.config.omniauth.providers.find { |provider| provider.name == "google_oauth2" } + end + + def client + return @client if defined?(@client) + + unless config + raise ConfigMissingError + end + + @client = ::OAuth2::Client.new( + config.app_id, + config.app_secret, + site: 'https://accounts.google.com', + token_url: '/o/oauth2/token', + authorize_url: '/o/oauth2/auth' + ) + end + end +end diff --git a/lib/google_api/authentication.rb b/lib/google_api/authentication.rb deleted file mode 100644 index 4c9016e1085..00000000000 --- a/lib/google_api/authentication.rb +++ /dev/null @@ -1,53 +0,0 @@ -module GoogleApi - class Authentication - attr_reader :access_token, :redirect_uri, :state - - ConfigMissingError = Class.new(StandardError) - - def initialize(access_token, redirect_uri, state: nil) - @access_token = access_token - @redirect_uri = redirect_uri - @state = state - end - - def authorize_url - client.auth_code.authorize_url( - redirect_uri: redirect_uri, - scope: scope, - state: state # This is used for arbitary redirection - ) - end - - def get_token(code) - client.auth_code.get_token(code, redirect_uri: redirect_uri).token - end - - protected - - def scope - raise NotImplementedError - end - - private - - def config - Gitlab.config.omniauth.providers.find { |provider| provider.name == "google_oauth2" } - end - - def client - return @client if defined?(@client) - - unless config - raise ConfigMissingError - end - - @client = ::OAuth2::Client.new( - config.app_id, - config.app_secret, - site: 'https://accounts.google.com', - token_url: '/o/oauth2/token', - authorize_url: '/o/oauth2/auth' - ) - end - end -end diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index 0bc306a24e6..74ae5e16ab2 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -2,9 +2,9 @@ require 'google/apis/container_v1' module GoogleApi module CloudPlatform - class Client < GoogleApi::Authentication + class Client < GoogleApi::Auth class << self - def token_in_session + def session_key_for_token :cloud_platform_access_token end end @@ -13,20 +13,14 @@ module GoogleApi 'https://www.googleapis.com/auth/cloud-platform' end - ## - # Exception - # Google::Apis::ClientError: - # Google::Apis::AuthorizationError: - ## - def projects_zones_clusters_get(project_id, zone, cluster_id) service = Google::Apis::ContainerV1::ContainerService.new service.authorization = access_token begin cluster = service.get_zone_cluster(project_id, zone, cluster_id) - rescue Google::Apis::ClientError, Google::Apis::AuthorizationError => e - return nil + rescue Google::Apis::ServerError, Google::Apis::ClientError, Google::Apis::AuthorizationError => e + return e end puts "#{self.class.name} - #{__callee__}: cluster: #{cluster.inspect}" @@ -35,7 +29,7 @@ module GoogleApi # Responce exmaple # TODO: machine_type : Defailt 3.75 GB - def projects_zones_clusters_create(project_id, zone, cluster_name, cluster_size:, machine_type:) + def projects_zones_clusters_create(project_id, zone, cluster_name, cluster_size, machine_type:) service = Google::Apis::ContainerV1::ContainerService.new service.authorization = access_token @@ -50,8 +44,8 @@ module GoogleApi begin operation = service.create_cluster(project_id, zone, request_body) - rescue Google::Apis::ClientError, Google::Apis::AuthorizationError => e - return nil + rescue Google::Apis::ServerError, Google::Apis::ClientError, Google::Apis::AuthorizationError => e + return e end puts "#{self.class.name} - #{__callee__}: operation: #{operation.inspect}" @@ -65,17 +59,15 @@ module GoogleApi begin operation = service.get_zone_operation(project_id, zone, operation_id) rescue Google::Apis::ClientError, Google::Apis::AuthorizationError => e - return nil + return e end puts "#{self.class.name} - #{__callee__}: operation: #{operation.inspect}" operation end - def parse_self_link(self_link) - ret = self_link.match(/projects\/(.*)\/zones\/(.*)\/operations\/(.*)/) - - return ret[1], ret[2], ret[3] # project_id, zone, operation_id + def parse_operation_id(self_link) + self_link.match(/projects\/.*\/zones\/.*\/operations\/(.*)/)[1] end end end -- cgit v1.2.1 From 2d1a77b8a3567cae61f73196918fe365d4fe9415 Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Sun, 1 Oct 2017 17:48:21 +0900 Subject: Revert KubernetesService. Introduce FetchKubernetesTokenService. --- lib/google_api/cloud_platform/client.rb | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index 74ae5e16ab2..a1abc5bf074 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -3,6 +3,8 @@ require 'google/apis/container_v1' module GoogleApi module CloudPlatform class Client < GoogleApi::Auth + DEFAULT_MACHINE_TYPE = 'n1-standard-1' + class << self def session_key_for_token :cloud_platform_access_token @@ -27,8 +29,6 @@ module GoogleApi cluster end - # Responce exmaple - # TODO: machine_type : Defailt 3.75 GB def projects_zones_clusters_create(project_id, zone, cluster_name, cluster_size, machine_type:) service = Google::Apis::ContainerV1::ContainerService.new service.authorization = access_token @@ -37,7 +37,10 @@ module GoogleApi { "cluster": { "name": cluster_name, - "initial_node_count": cluster_size + "initial_node_count": cluster_size, + "node_config": { + "machine_type": machine_type # Default 3.75 GB, if ommit + } } } ) -- cgit v1.2.1 From 2cb1d617d90b4a9311e3a35434bec958f266d22a Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Mon, 2 Oct 2017 17:13:46 +0900 Subject: Use expires_in for access_token validation --- lib/google_api/auth.rb | 3 ++- lib/google_api/cloud_platform/client.rb | 16 ++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/google_api/auth.rb b/lib/google_api/auth.rb index 92787b87ac6..8c962af51d7 100644 --- a/lib/google_api/auth.rb +++ b/lib/google_api/auth.rb @@ -19,7 +19,8 @@ module GoogleApi end def get_token(code) - client.auth_code.get_token(code, redirect_uri: redirect_uri).token + ret = client.auth_code.get_token(code, redirect_uri: redirect_uri) + return ret.token, ret.expires_at end protected diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index a1abc5bf074..ec77e6bdd72 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -9,12 +9,28 @@ module GoogleApi def session_key_for_token :cloud_platform_access_token end + + def session_key_for_expires_at + :cloud_platform_expires_at + end end def scope 'https://www.googleapis.com/auth/cloud-platform' end + def validate_token(expires_at) + return false unless access_token + return false unless expires_at + + # Making sure that the token will have been still alive during the cluster creation. + unless DateTime.strptime(expires_at, '%s').to_time > Time.now + 10.minutes + return false + end + + true + end + def projects_zones_clusters_get(project_id, zone, cluster_id) service = Google::Apis::ContainerV1::ContainerService.new service.authorization = access_token -- cgit v1.2.1 From 34e66c427dde2070c2c09a07ce08f991e46de92f Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Mon, 2 Oct 2017 21:58:50 +0900 Subject: PollingInterval, rename to gke_clusters, has_one :cluster --- lib/gitlab/gcp/model.rb | 13 +++++++++++++ lib/google_api/cloud_platform/client.rb | 2 +- 2 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 lib/gitlab/gcp/model.rb (limited to 'lib') diff --git a/lib/gitlab/gcp/model.rb b/lib/gitlab/gcp/model.rb new file mode 100644 index 00000000000..195391f0e3c --- /dev/null +++ b/lib/gitlab/gcp/model.rb @@ -0,0 +1,13 @@ +module Gitlab + module Gcp + module Model + def table_name_prefix + "gcp_" + end + + def model_name + @model_name ||= ActiveModel::Name.new(self, nil, self.name.split("::").last) + end + end + end +end diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index ec77e6bdd72..aa85fcdabef 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -86,7 +86,7 @@ module GoogleApi end def parse_operation_id(self_link) - self_link.match(/projects\/.*\/zones\/.*\/operations\/(.*)/)[1] + self_link.match(%r{projects/.*/zones/.*/operations/(.*)})[1] end end end -- cgit v1.2.1 From 6b7889f750c56962c0674467c3fbfd7976b9b44f Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Tue, 3 Oct 2017 23:44:06 +0900 Subject: Implement Policy. Use show instead of edit. Chnage db column. fix comments. dry up workers --- lib/google_api/cloud_platform/client.rb | 32 ++++++-------------------------- 1 file changed, 6 insertions(+), 26 deletions(-) (limited to 'lib') diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index aa85fcdabef..f50c99578bc 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -3,7 +3,8 @@ require 'google/apis/container_v1' module GoogleApi module CloudPlatform class Client < GoogleApi::Auth - DEFAULT_MACHINE_TYPE = 'n1-standard-1' + DEFAULT_MACHINE_TYPE = 'n1-standard-1'.freeze + SCOPE = 'https://www.googleapis.com/auth/cloud-platform'.freeze class << self def session_key_for_token @@ -16,7 +17,7 @@ module GoogleApi end def scope - 'https://www.googleapis.com/auth/cloud-platform' + SCOPE end def validate_token(expires_at) @@ -35,14 +36,7 @@ module GoogleApi service = Google::Apis::ContainerV1::ContainerService.new service.authorization = access_token - begin - cluster = service.get_zone_cluster(project_id, zone, cluster_id) - rescue Google::Apis::ServerError, Google::Apis::ClientError, Google::Apis::AuthorizationError => e - return e - end - - puts "#{self.class.name} - #{__callee__}: cluster: #{cluster.inspect}" - cluster + service.get_zone_cluster(project_id, zone, cluster_id) end def projects_zones_clusters_create(project_id, zone, cluster_name, cluster_size, machine_type:) @@ -61,28 +55,14 @@ module GoogleApi } ) - begin - operation = service.create_cluster(project_id, zone, request_body) - rescue Google::Apis::ServerError, Google::Apis::ClientError, Google::Apis::AuthorizationError => e - return e - end - - puts "#{self.class.name} - #{__callee__}: operation: #{operation.inspect}" - operation + service.create_cluster(project_id, zone, request_body) end def projects_zones_operations(project_id, zone, operation_id) service = Google::Apis::ContainerV1::ContainerService.new service.authorization = access_token - begin - operation = service.get_zone_operation(project_id, zone, operation_id) - rescue Google::Apis::ClientError, Google::Apis::AuthorizationError => e - return e - end - - puts "#{self.class.name} - #{__callee__}: operation: #{operation.inspect}" - operation + service.get_zone_operation(project_id, zone, operation_id) end def parse_operation_id(self_link) -- cgit v1.2.1 From 20abcbffae71f8177223f2b978c8ad56102da271 Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Wed, 4 Oct 2017 16:04:45 +0900 Subject: Add google_api to TOP_LEVEL_ROUTES. Import/Export model failure fix. Fix static analysys. --- lib/gitlab/import_export/import_export.yml | 1 + lib/gitlab/import_export/relation_factory.rb | 1 + lib/gitlab/path_regex.rb | 1 + lib/google_api/auth.rb | 2 +- lib/google_api/cloud_platform/client.rb | 15 +++++++-------- 5 files changed, 11 insertions(+), 9 deletions(-) (limited to 'lib') diff --git a/lib/gitlab/import_export/import_export.yml b/lib/gitlab/import_export/import_export.yml index 2171c6c7bbb..a99183fe669 100644 --- a/lib/gitlab/import_export/import_export.yml +++ b/lib/gitlab/import_export/import_export.yml @@ -53,6 +53,7 @@ project_tree: - :auto_devops - :triggers - :pipeline_schedules + - :clusters - :services - :hooks - protected_branches: diff --git a/lib/gitlab/import_export/relation_factory.rb b/lib/gitlab/import_export/relation_factory.rb index 380b336395d..5938b927ff0 100644 --- a/lib/gitlab/import_export/relation_factory.rb +++ b/lib/gitlab/import_export/relation_factory.rb @@ -8,6 +8,7 @@ module Gitlab triggers: 'Ci::Trigger', pipeline_schedules: 'Ci::PipelineSchedule', builds: 'Ci::Build', + clusters: 'Gcp::Cluster', hooks: 'ProjectHook', merge_access_levels: 'ProtectedBranch::MergeAccessLevel', push_access_levels: 'ProtectedBranch::PushAccessLevel', diff --git a/lib/gitlab/path_regex.rb b/lib/gitlab/path_regex.rb index 7c02c9c5c48..e68160c8faf 100644 --- a/lib/gitlab/path_regex.rb +++ b/lib/gitlab/path_regex.rb @@ -33,6 +33,7 @@ module Gitlab explore favicon.ico files + google_api groups health_check help diff --git a/lib/google_api/auth.rb b/lib/google_api/auth.rb index 8c962af51d7..99a82c849e0 100644 --- a/lib/google_api/auth.rb +++ b/lib/google_api/auth.rb @@ -46,7 +46,7 @@ module GoogleApi config.app_id, config.app_secret, site: 'https://accounts.google.com', - token_url: '/o/oauth2/token', + token_url: '/o/oauth2/token', authorize_url: '/o/oauth2/auth' ) end diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index f50c99578bc..d13e3290cf5 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -44,16 +44,15 @@ module GoogleApi service.authorization = access_token request_body = Google::Apis::ContainerV1::CreateClusterRequest.new( - { - "cluster": { - "name": cluster_name, - "initial_node_count": cluster_size, - "node_config": { - "machine_type": machine_type # Default 3.75 GB, if ommit - } + { + "cluster": { + "name": cluster_name, + "initial_node_count": cluster_size, + "node_config": { + "machine_type": machine_type } } - ) + } ) service.create_cluster(project_id, zone, request_body) end -- cgit v1.2.1 From 982c2b83ed14f72c288cfd6c719e9729a0d8818e Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Wed, 4 Oct 2017 18:21:01 +0900 Subject: Fix static anlysys. Added safe_model_attributes. --- lib/gitlab/import_export/import_export.yml | 2 +- lib/gitlab/import_export/relation_factory.rb | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/gitlab/import_export/import_export.yml b/lib/gitlab/import_export/import_export.yml index a99183fe669..dec8b4c5acd 100644 --- a/lib/gitlab/import_export/import_export.yml +++ b/lib/gitlab/import_export/import_export.yml @@ -53,7 +53,7 @@ project_tree: - :auto_devops - :triggers - :pipeline_schedules - - :clusters + - :cluster - :services - :hooks - protected_branches: diff --git a/lib/gitlab/import_export/relation_factory.rb b/lib/gitlab/import_export/relation_factory.rb index 5938b927ff0..a76cf1addc0 100644 --- a/lib/gitlab/import_export/relation_factory.rb +++ b/lib/gitlab/import_export/relation_factory.rb @@ -8,6 +8,7 @@ module Gitlab triggers: 'Ci::Trigger', pipeline_schedules: 'Ci::PipelineSchedule', builds: 'Ci::Build', + cluster: 'Gcp::Cluster', clusters: 'Gcp::Cluster', hooks: 'ProjectHook', merge_access_levels: 'ProtectedBranch::MergeAccessLevel', -- cgit v1.2.1 From f16ac0efda68cfb6819e784dbec5609b10e8de7d Mon Sep 17 00:00:00 2001 From: Kamil Trzcinski Date: Wed, 4 Oct 2017 21:09:40 +0200 Subject: Added usage ping --- lib/gitlab/usage_data.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'lib') diff --git a/lib/gitlab/usage_data.rb b/lib/gitlab/usage_data.rb index 6857038dba8..3f3ba77d47f 100644 --- a/lib/gitlab/usage_data.rb +++ b/lib/gitlab/usage_data.rb @@ -48,6 +48,7 @@ module Gitlab deploy_keys: DeployKey.count, deployments: Deployment.count, environments: ::Environment.count, + gcp_clusters: ::Gcp::Cluster.count, in_review_folder: ::Environment.in_review_folder.count, groups: Group.count, issues: Issue.count, -- cgit v1.2.1 From 31c89258821b680da18fc02439b1be4471846571 Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Thu, 5 Oct 2017 18:17:21 +0900 Subject: spec/lib/google_api/auth_spec. spec/lib/google_api/cloud_platform/client_spec --- lib/google_api/cloud_platform/client.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index d13e3290cf5..926b7402cd5 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -65,7 +65,8 @@ module GoogleApi end def parse_operation_id(self_link) - self_link.match(%r{projects/.*/zones/.*/operations/(.*)})[1] + m = self_link.match(%r{projects/.*/zones/.*/operations/(.*)}) + m[1] if m end end end -- cgit v1.2.1 From 638c616296b37b528c1b56f63a818301a502f7aa Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Fri, 6 Oct 2017 18:23:53 +0900 Subject: Use utc for time comparision --- lib/google_api/cloud_platform/client.rb | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index 926b7402cd5..5ec1fa37546 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -5,6 +5,7 @@ module GoogleApi class Client < GoogleApi::Auth DEFAULT_MACHINE_TYPE = 'n1-standard-1'.freeze SCOPE = 'https://www.googleapis.com/auth/cloud-platform'.freeze + LEAST_TOKEN_LIFE_TIME = 10.minutes class << self def session_key_for_token @@ -25,9 +26,7 @@ module GoogleApi return false unless expires_at # Making sure that the token will have been still alive during the cluster creation. - unless DateTime.strptime(expires_at, '%s').to_time > Time.now + 10.minutes - return false - end + return false if token_life_time(expires_at) < LEAST_TOKEN_LIFE_TIME true end @@ -68,6 +67,12 @@ module GoogleApi m = self_link.match(%r{projects/.*/zones/.*/operations/(.*)}) m[1] if m end + + private + + def token_life_time(expires_at) + DateTime.strptime(expires_at, '%s').to_time.utc - Time.now.utc + end end end end -- cgit v1.2.1 From f293288589f24e1928b57dcd3428b762ae9ced79 Mon Sep 17 00:00:00 2001 From: Shinya Maeda Date: Fri, 6 Oct 2017 21:28:40 +0900 Subject: Security fix: redirection in google_api/authorizations_controller --- lib/google_api/cloud_platform/client.rb | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'lib') diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index 5ec1fa37546..6d0c148b261 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -15,6 +15,11 @@ module GoogleApi def session_key_for_expires_at :cloud_platform_expires_at end + + def session_key_for_second_redirect_uri(secure: nil) + secure = SecureRandom.hex unless secure + return "cloud_platform_second_redirect_uri_#{secure}", secure + end end def scope -- cgit v1.2.1 From f9d490dbb910cdd05ca0a0fa38331708181e4b1e Mon Sep 17 00:00:00 2001 From: Kamil Trzcinski Date: Fri, 6 Oct 2017 16:14:14 +0200 Subject: Improve redirect uri state and fix all remaining tests --- lib/google_api/cloud_platform/client.rb | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb index 6d0c148b261..a440a3e3562 100644 --- a/lib/google_api/cloud_platform/client.rb +++ b/lib/google_api/cloud_platform/client.rb @@ -16,9 +16,14 @@ module GoogleApi :cloud_platform_expires_at end - def session_key_for_second_redirect_uri(secure: nil) - secure = SecureRandom.hex unless secure - return "cloud_platform_second_redirect_uri_#{secure}", secure + def new_session_key_for_redirect_uri + SecureRandom.hex.tap do |state| + yield session_key_for_redirect_uri(state) + end + end + + def session_key_for_redirect_uri(state) + "cloud_platform_second_redirect_uri_#{state}" end end -- cgit v1.2.1 From 1ba3c747f3453d9411a63c287aeaf86d2419f8fa Mon Sep 17 00:00:00 2001 From: Andrew Newdigate Date: Fri, 6 Oct 2017 17:16:20 +0000 Subject: Gitaly feature flag metadata --- lib/gitlab/gitaly_client.rb | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/gitlab/gitaly_client.rb b/lib/gitlab/gitaly_client.rb index 87b300dcf7e..cf36106e23d 100644 --- a/lib/gitlab/gitaly_client.rb +++ b/lib/gitlab/gitaly_client.rb @@ -28,6 +28,7 @@ module Gitlab SERVER_VERSION_FILE = 'GITALY_SERVER_VERSION'.freeze MAXIMUM_GITALY_CALLS = 30 + CLIENT_NAME = (Sidekiq.server? ? 'gitlab-sidekiq' : 'gitlab-web').freeze MUTEX = Mutex.new private_constant :MUTEX @@ -79,7 +80,16 @@ module Gitlab def self.request_metadata(storage) encoded_token = Base64.strict_encode64(token(storage).to_s) - { metadata: { 'authorization' => "Bearer #{encoded_token}" } } + metadata = { + 'authorization' => "Bearer #{encoded_token}", + 'client_name' => CLIENT_NAME + } + + feature_stack = Thread.current[:gitaly_feature_stack] + feature = feature_stack && feature_stack[0] + metadata['call_site'] = feature.to_s if feature + + { metadata: metadata } end def self.token(storage) @@ -137,7 +147,14 @@ module Gitlab Gitlab::Metrics.measure(metric_name) do # Some migrate calls wrap other migrate calls allow_n_plus_1_calls do - yield is_enabled + feature_stack = Thread.current[:gitaly_feature_stack] ||= [] + feature_stack.unshift(feature) + begin + yield is_enabled + ensure + feature_stack.shift + Thread.current[:gitaly_feature_stack] = nil if feature_stack.empty? + end end end end -- cgit v1.2.1