delta/gitlab/gitlab-shell.git/spec, branch main gitlab.com: gitlab-org/gitlab-shell.git Configure a default ttl for personal access tokens 2023-05-11T20:38:36+00:00 Joe Woodward jwoodward@gitlab.com 2023-05-11T20:38:36+00:00 51b79bdb4ae60b1850989cca8eb4190d785408b0 Prior to this change personal access tokens without a ttl would never expire. In Gitlab 15.4 we deprecated non-expiring tokens and are scheduled for removal in 16.0. https://gitlab.com/gitlab-org/gitlab/-/issues/369122 This change alters the gitlab-shell command for creating tokens to ensure add a default limit of 30 days. Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/640 
Prior to this change personal access tokens without a ttl would never
expire. In Gitlab 15.4 we deprecated non-expiring tokens and are
scheduled for removal in 16.0.

https://gitlab.com/gitlab-org/gitlab/-/issues/369122

This change alters the gitlab-shell command for creating tokens to
ensure add a default limit of 30 days.

Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/640
feat: make retryable http default client 2023-01-30T08:54:42+00:00 Steve Azzopardi sazzopardi@gitlab.com 2023-01-30T08:21:17+00:00 80f684e48eca2bf1ef2006d84f8c49bec7104344 What --- Make the retryableHTTP client introduced in https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/703 the default HTTP client. Why --- In https://gitlab.com/gitlab-com/gl-infra/production/-/issues/7979#note_1254964426 we've seen a 99% error reduction on `git` commands from `gitlab-shell` when the retryableHTTP client is used. This has been running in production for over 2 weeks in `us-east1-b` and 5 days fleet-wide so we should be confident that this client works as expected. Reference: https://gitlab.com/gitlab-com/gl-infra/production/-/issues/7979 Signed-off-by: Steve Azzopardi <sazzopardi@gitlab.com> 
What
---
Make the retryableHTTP client introduced in
https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/703 the
default HTTP client.

Why
---
In
https://gitlab.com/gitlab-com/gl-infra/production/-/issues/7979#note_1254964426
we've seen a 99% error reduction on `git` commands from `gitlab-shell`
when the retryableHTTP client is used.

This has been running in production for over 2 weeks in `us-east1-b` and
5 days fleet-wide so we should be confident that this client works as
expected.

Reference: https://gitlab.com/gitlab-com/gl-infra/production/-/issues/7979
Signed-off-by: Steve Azzopardi <sazzopardi@gitlab.com>
feat: put retryablehttp.Client behind feature flag 2023-01-12T02:56:43+00:00 Steve Azzopardi sazzopardi@gitlab.com 2023-01-06T18:35:21+00:00 16a5c84310f6bb1790f16b6b2e4df90af493b07c What --- - Update the `client.HttpClient` fields to have `http.Client` and `retryablehttp.Client`, one of them will be `nil` depending on the feature flag toggle. - Create new method `newRetryableRequest` which will create a `retryablehttp.Request` and use that if the `FF_GITLAB_SHELL_RETRYABLE_HTTP` feature flag is turned on. - Add checks for `FF_GITLAB_SHELL_RETRYABLE_HTTP` everywhere we use the http client to use the `retryablehttp.Client` or the default `http.Client` - New job `tests-integration-retryableHttp` to run the integraiton tests with the new retryablehttp client. We didn't update go tests because some assertions are different and will break table driven tests. Why --- As discussed in https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/703#note_1229645097 we want to put the client behind a feature flag, not just the retry logic. This does bring extra risk for accessing a `nil` field but there should be checks everytime we access `RetryableHTTP` and `HTTPClient`. Reference: https://gitlab.com/gitlab-com/gl-infra/production/-/issues/7979 Signed-off-by: Steve Azzopardi <sazzopardi@gitlab.com> 
What
---
- Update the `client.HttpClient` fields to have `http.Client` and
  `retryablehttp.Client`, one of them will be `nil` depending on the
  feature flag toggle.
- Create new method `newRetryableRequest` which will create a
  `retryablehttp.Request` and use that if the
  `FF_GITLAB_SHELL_RETRYABLE_HTTP` feature flag is turned on.
- Add checks for `FF_GITLAB_SHELL_RETRYABLE_HTTP` everywhere we use the
  http client to use the `retryablehttp.Client` or the default
  `http.Client`
- New job `tests-integration-retryableHttp` to run the integraiton tests
  with the new retryablehttp client. We didn't update go tests because
  some assertions are different and will break table driven tests.

Why
---
As discussed in
https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/703#note_1229645097
we want to put the client behind a feature flag, not just the retry
logic. This does bring extra risk for accessing a `nil` field but there
should be checks everytime we access `RetryableHTTP` and `HTTPClient`.

Reference: https://gitlab.com/gitlab-com/gl-infra/production/-/issues/7979
Signed-off-by: Steve Azzopardi <sazzopardi@gitlab.com>
feat: retry on error 2023-01-12T02:56:43+00:00 Steve Azzopardi sazzopardi@gitlab.com 2023-01-02T14:50:27+00:00 a093c9d3cfc1ee18368ebbf828dc61c15b74540c What --- Change the default `HTTP.Client` to `github.com/hashicorp/go-retryablehttp.Client` to get automatic retries and exponential backoff. We retry the request 2 times resulting in 3 attempts of sending the request, the min retry wait is 1 second, and the maximum is 15 seconds. Hide the retry logic behind a temporary feature flag `FF_GITLAB_SHELL_RETRYABLE_HTTP` to easily roll this out in GitLab.com. When we verify that this works as expected we will remove `FF_GITLAB_SHELL_RETRYABLE_HTTP` and have the retry logic as the default logic. Why --- In https://gitlab.com/gitlab-com/gl-infra/production/-/issues/7979 users end up seeing the following errors when trying to `git-clone(1)` a repository locally on in CI. ```shell remote: =============================== remote: remote: ERROR: Internal API unreachable remote: remote: ================================ ``` When we look at the application logs we see the following error: ```json { "err": "http://gitlab-webservice-git.gitlab.svc:8181/api/v4/internal/allowed": dial tcp 10.69.184.120:8181: connect: connection refused", "msg": "Internal API unreachable"} ``` In https://gitlab.com/gitlab-com/gl-infra/production/-/issues/7979#note_1222670120 we've correlated these `connection refused` errors with infrastructure events that remove the git pods that are hosting `gitlab-webservice-git` service. We could try to make the underlying infrastructure more reactive to these changes as suggested in https://gitlab.com/gitlab-com/gl-infra/production/-/issues/7979#note_1225164944 but we can still end up serving bad requests. Implementing retry logic for 5xx or other errors would allow users to still be able to `git-clone(1)` reposirories, although it being slower. This is espically important during CI runs so users don't have to retry jobs themselves. Reference: https://gitlab.com/gitlab-com/gl-infra/production/-/issues/7979 Closes: https://gitlab.com/gitlab-org/gitlab-shell/-/issues/604 Signed-off-by: Steve Azzopardi <sazzopardi@gitlab.com> 
What
---
Change the default `HTTP.Client` to
`github.com/hashicorp/go-retryablehttp.Client` to get automatic retries
and exponential backoff.

We retry the request 2 times resulting in 3 attempts of sending the
request, the min retry wait is 1 second, and the maximum is 15
seconds.

Hide the retry logic behind a temporary feature flag
`FF_GITLAB_SHELL_RETRYABLE_HTTP` to easily roll this out in GitLab.com.
When we verify that this works as expected we will remove
`FF_GITLAB_SHELL_RETRYABLE_HTTP` and have the retry logic as the default
logic.

Why
---
In https://gitlab.com/gitlab-com/gl-infra/production/-/issues/7979 users
end up seeing the following errors when trying to `git-clone(1)` a
repository locally on in CI.

```shell
remote: ===============================
remote:
remote: ERROR: Internal API unreachable
remote:
remote: ================================
```

When we look at the application logs we see the following error:

```json
{ "err": "http://gitlab-webservice-git.gitlab.svc:8181/api/v4/internal/allowed":
dial tcp 10.69.184.120:8181: connect: connection refused", "msg":
"Internal API unreachable"}
```

In
https://gitlab.com/gitlab-com/gl-infra/production/-/issues/7979#note_1222670120
we've correlated these `connection refused` errors with infrastructure
events that remove the git pods that are hosting
`gitlab-webservice-git` service. We could try to make the underlying
infrastructure more reactive to these changes as suggested in
https://gitlab.com/gitlab-com/gl-infra/production/-/issues/7979#note_1225164944
but we can still end up serving bad requests.

Implementing retry logic for 5xx or other errors would allow users to
still be able to `git-clone(1)` reposirories, although it being slower.
This is espically important during CI runs so users don't have to retry
jobs themselves.

Reference: https://gitlab.com/gitlab-com/gl-infra/production/-/issues/7979
Closes: https://gitlab.com/gitlab-org/gitlab-shell/-/issues/604
Signed-off-by: Steve Azzopardi <sazzopardi@gitlab.com>
Simplify 2FA Push auth processing 2022-07-20T14:24:51+00:00 Igor Drozdov idrozdov@gitlab.com 2022-07-16T13:15:06+00:00 f6feedf9008aff0713e4ff40bba3617fc724032a Use a single channel to handle both Push Auth and OTP results 
Use a single channel to handle both Push Auth and OTP results
Implement Push Auth support for 2FA verification 2022-07-18T05:28:32+00:00 kmcknight kmcknight@gitlab.com 2021-02-26T01:17:25+00:00 fe5feeea22a639a4835724cf42b337773b54d83c When `2fa_verify` command is executed: - A user is asked to enter OTP - A blocking call for push auth is performed Then: - If the push auth request fails, the user is still able to enter OTP - If OTP is invalid, the `2fa_verify` command ends the execution - If OTP is valid or push auth request succeeded, then the user is successfully authenticated - If 30 seconds passed while no OTP or Push have been provided, then the `2fa_verify` command ends the execution 
When `2fa_verify` command is executed:

- A user is asked to enter OTP
- A blocking call for push auth is performed

Then:

- If the push auth request fails, the user is still able to enter
OTP
- If OTP is invalid, the `2fa_verify` command ends the execution
- If OTP is valid or push auth request succeeded, then the user is
successfully authenticated
- If 30 seconds passed while no OTP or Push have been provided,
then the `2fa_verify` command ends the execution
Fix the Geo SSH push proxy hanging 2021-07-01T08:57:43+00:00 Valery Sizov valery@gitlab.com 2021-06-22T20:49:12+00:00 a59ef73962120fd725527227525047f61459e1d0 Geo SSH proxy push currently impossible when the only action that happens is branch removal. This fix works in a way that it waits for flush packet from git and then checks pkt lines to determine is pack data is expected. The thing is that git doesnt send pack data when only branch removal happens. Explanation is in https://gitlab.com/gitlab-org/gitlab/-/issues/330494 
Geo SSH proxy push currently impossible when the only
action that happens is branch removal. This fix
works in a way that it waits for flush packet from git
and then checks pkt lines to determine is pack data is expected.
The thing is that git doesnt send pack data when only
branch removal happens. Explanation is in
https://gitlab.com/gitlab-org/gitlab/-/issues/330494
Fix a failing spec 2021-06-29T15:13:25+00:00 Nick Thomas nick@gitlab.com 2021-06-29T15:13:25+00:00 07ab536943e35c8a0f45b88be95ed343e71ba03c When the shell environment includes SSH_CONNECTION, one spec fails as the way we're stubbing the environment to the subprocess doesn't wipe out the pre-existing variable. This commit changes how we do it so the spec passes even in this environment. 
When the shell environment includes SSH_CONNECTION, one spec fails as
the way we're stubbing the environment to the subprocess doesn't wipe
out the pre-existing variable. This commit changes how we do it so the
spec passes even in this environment.
Remove session duration information from output of 2fa_verify command 2021-01-29T09:15:47+00:00 Manoj M J mmj@gitlab.com 2021-01-29T09:15:47+00:00 9309666f5049424954e55f162c29b0c11b512133 This change removes session duration information from output of 2fa_verify command 
This change removes session duration
information from output of 2fa_verify command
Add 2fa_verify command 2020-12-10T14:23:44+00:00 Imre Farkas ifarkas@gitlab.com 2020-12-01T13:46:27+00:00 1293a33014c9cfc82b0bc1b9525987476b2aa857