delta/gitlab/gitlab-shell.git/internal/command/receivepack, branch main gitlab.com: gitlab-org/gitlab-shell.git Perform HTTP request to primary on Geo push 2023-03-03T06:18:39+00:00 Igor Drozdov idrozdov@gitlab.com 2023-02-13T13:34:03+00:00 83a4e8e542e9f929e1c22b235b883ee67187c4c6 Currently, we perform a request to Gitlab Rails that proxies the request to primary However, it causes timeouts on big pushes and consumes large amount of memory. We can perform an HTTP request directly from Gitlab Shell instead and stream the response to the user 
Currently, we perform a request to Gitlab Rails that proxies
the request to primary

However, it causes timeouts on big pushes and consumes large
amount of memory. We can perform an HTTP request directly
from Gitlab Shell instead and stream the response to the user
Add DNS discovery support for Gitaly/Praefect 2023-02-14T09:16:13+00:00 Quang-Minh Nguyen qmnguyen@gitlab.com 2023-02-14T09:16:13+00:00 11227dd8a136f8735fc2d3d434345f2c24112f87 All the implementations of DNS discovery were done in this epic: https://gitlab.com/groups/gitlab-org/-/epics/8971. Gitaly allows clients to configure DNS discovery via dial option. This MR adds the exposed dial options to client connection creation in Gitlab-shell. Issue: https://gitlab.com/gitlab-org/gitaly/-/issues/4722 Changelog: added 
All the implementations of DNS discovery were done in this epic:
https://gitlab.com/groups/gitlab-org/-/epics/8971. Gitaly allows clients
to configure DNS discovery via dial option. This MR adds the exposed
dial options to client connection creation in Gitlab-shell.

Issue: https://gitlab.com/gitlab-org/gitaly/-/issues/4722
Changelog: added
Update Gitaly to v15 2022-08-05T15:44:56+00:00 Igor Drozdov idrozdov@gitlab.com 2022-08-05T13:51:41+00:00 2c18767176ff7bade7a2d745b0e95f1687c27b5d This commit also excludes gitlab-shell from dependencies: Gitaly specifies Gitlab Shell as a dependency as well in order to use gitlabnet client to perform API endpoints to Gitlab Rails. As a result, Gitlab Shell requires Gitaly -> Gitaly requires an older version of Gitlab Shell -> that version requires an older version of Gitlab Shell, etc. Let's use exclude to break the chain earlier 
This commit also excludes gitlab-shell from dependencies:

Gitaly specifies Gitlab Shell as a dependency as well in order
to use gitlabnet client to perform API endpoints to Gitlab Rails.
As a result, Gitlab Shell requires Gitaly -> Gitaly requires an
older version of Gitlab Shell -> that version requires an older
version of Gitlab Shell, etc. Let's use exclude to break the
chain earlier
go: Bump major version to v14 2022-07-05T06:44:14+00:00 Patrick Steinhardt psteinhardt@gitlab.com 2022-07-05T06:43:54+00:00 822e49b34afbc2092ae189091d693ae7867a8e5a While gitlab-shell currently has a major version of v14, the module path it exposes is not using that major version like it is required by the Go standard. This makes it impossible for dependents to import gitlab-shell as a dependency without using a commit as version. Fix this by changing the module path of gitlab-shell to instead be `gitlab.com/gitlab-org/gitlab-shell/v14` and adjust all imports accordingly. Changelog: fixed 
While gitlab-shell currently has a major version of v14, the module path
it exposes is not using that major version like it is required by the Go
standard. This makes it impossible for dependents to import gitlab-shell
as a dependency without using a commit as version.

Fix this by changing the module path of gitlab-shell to instead be
`gitlab.com/gitlab-org/gitlab-shell/v14` and adjust all imports
accordingly.

Changelog: fixed
Always use Gitaly sidechannel connections 2022-05-02T09:35:12+00:00 Jacob Vosmaer jacob@gitlab.com 2022-05-02T09:34:52+00:00 b2b31cee4a27cccd100a5f0aa546d5a515576ada Before this change, the GitLab internal API could use a boolean response field to indicate whether gitlab-shell should make sidechannel connections go Gitaly. We now ignore that response field and always use sidechannel connections. 
Before this change, the GitLab internal API could use a boolean
response field to indicate whether gitlab-shell should make
sidechannel connections go Gitaly. We now ignore that response field
and always use sidechannel connections.
Reuse Gitaly conns and Sidechannel 2022-03-07T13:54:15+00:00 Igor Drozdov idrozdov@gitlab.com 2022-02-18T10:10:38+00:00 e1ddbdd161a28ff53ca4d3b3f0fc4fa19687d80b When gitlab-sshd has been introduced we've started running our own SSH server. In this case we're able to cache and reuse Gitaly connections and Registry. It helps to reduce memory usage. 
When gitlab-sshd has been introduced we've started running our
own SSH server. In this case we're able to cache and reuse
Gitaly connections and Registry.

It helps to reduce memory usage.
Optionally use SSHUploadPackWithSidechannel 2022-01-25T11:32:45+00:00 Jacob Vosmaer jacob@gitlab.com 2022-01-21T11:05:19+00:00 cfd5e9f22d0b1c2b6686edf99cc9a026eb6571f2 If the GitLab API returns an allowed response with use_sidechannel set to true, gitlab-shell will establish a sidechannel connection and use SSHUploadPackWithSidechannel instead of SSHUploadPack. This is an efficiency improvement. 
If the GitLab API returns an allowed response with use_sidechannel set
to true, gitlab-shell will establish a sidechannel connection and use
SSHUploadPackWithSidechannel instead of SSHUploadPack. This is an
efficiency improvement.
Remove some unreliable tests 2021-07-30T16:11:15+00:00 Nick Thomas nick@gitlab.com 2021-07-30T15:09:07+00:00 72d70eab03d38b7c01054b7c598d17afe177212a Logrus buffers its output internally, which makes these tests fail intermittently. They're also not a good example to follow generally. We now have acceptance tests that exercise this functionality so I'm pretty relaxed about losing the expectations. However, we can test them by inspecting the server-received metadata too, so there's no loss of coverage here. The move from logrus to labkit for logging also makes these tests hard to justify keeping. 
Logrus buffers its output internally, which makes these tests fail
intermittently. They're also not a good example to follow generally.

We now have acceptance tests that exercise this functionality so I'm
pretty relaxed about losing the expectations. However, we can test
them by inspecting the server-received metadata too, so there's no loss
of coverage here.

The move from logrus to labkit for logging also makes these tests hard
to justify keeping.
fix: upgrade of the gitaly dependency 2021-06-02T08:56:45+00:00 Pavlo Strokov pstrokov@gitlab.com 2021-06-02T08:54:10+00:00 9f5a802258338483075aa440225d67e95616740f Gitaly project now properly respects module release flow and includes a module suffix in the package name. It requires to re-write all non-suffixed imports with suffixed of a specific version of tha module. With proper module versioning we don't need to use a 'replace' directive to point to specific commit and can use semantic versioning for the gitaly dependency. Part of: https://gitlab.com/gitlab-org/gitaly/-/issues/3177 
Gitaly project now properly respects module release flow
and includes a module suffix in the package name. It requires
to re-write all non-suffixed imports with suffixed of a specific
version of tha module. With proper module versioning we don't
need to use a 'replace' directive to point to specific commit
and can use semantic versioning for the gitaly dependency.

Part of: https://gitlab.com/gitlab-org/gitaly/-/issues/3177
Fix opentracing setup for gitlab-sshd 2021-05-17T14:52:55+00:00 Nick Thomas nick@gitlab.com 2021-05-14T15:47:16+00:00 de13980f3795679958a65881a813723da37894f5 Previously, opentracing (if configured) was initialized late in the gitlab-shell process's lifespan, coming just before making a gRPC call to Gitaly. By moving the opentracing initialization to be at process startup, we make it available for the whole process lifecycle, which is very useful to gitlab-sshd, as it means we'll only call tracing.Initialize() once on process startup, rather than once per SSH connection. To get this working, we need to introduce a context to gitlab-sshd. This carries the client/service name, but also carries an initial correlation ID. The main outcome of this is that all calls to the authorized_keys endpoint from a given gitlab-sshd process will now share a correlation ID. I don't have a strong opinion about this either way. Changelog: fixed 
Previously, opentracing (if configured) was initialized late in the
gitlab-shell process's lifespan, coming just before making a gRPC
call to Gitaly.

By moving the opentracing initialization to be at process startup, we
make it available for the whole process lifecycle, which is very useful
to gitlab-sshd, as it means we'll only call tracing.Initialize() once
on process startup, rather than once per SSH connection.

To get this working, we need to introduce a context to gitlab-sshd.
This carries the client/service name, but also carries an initial
correlation ID. The main outcome of this is that all calls to the
authorized_keys endpoint from a given gitlab-sshd process will now
share a correlation ID. I don't have a strong opinion about this either
way.

Changelog: fixed