diff options
author | Ash McKenzie <ash@the-rebellion.net> | 2018-07-11 17:46:40 +1000 |
---|---|---|
committer | Ash McKenzie <ash@the-rebellion.net> | 2018-07-20 22:28:54 +1000 |
commit | 3042a7213fa9f15bd76ad3f0cd9837d6cdea7007 (patch) | |
tree | 5537f07026ebe8296d8b7f11a6717c099152b4d0 | |
parent | cc278dfff212449d29c4f7a51d7bce0f23e2d708 (diff) | |
download | gitlab-shell-3042a7213fa9f15bd76ad3f0cd9837d6cdea7007.tar.gz |
Move HTTP logic out into HTTPHelper
-rw-r--r-- | lib/gitlab_net.rb | 107 | ||||
-rw-r--r-- | lib/http_helper.rb | 108 |
2 files changed, 111 insertions, 104 deletions
diff --git a/lib/gitlab_net.rb b/lib/gitlab_net.rb index c93cf9a..dae035d 100644 --- a/lib/gitlab_net.rb +++ b/lib/gitlab_net.rb @@ -7,13 +7,15 @@ require_relative 'gitlab_logger' require_relative 'gitlab_access' require_relative 'gitlab_lfs_authentication' require_relative 'httpunix' +require_relative 'http_helper' class GitlabNet # rubocop:disable Metrics/ClassLength + include HTTPHelper + class ApiUnreachableError < StandardError; end class NotFound < StandardError; end CHECK_TIMEOUT = 5 - READ_TIMEOUT = 300 def check_access(cmd, gl_repository, repo, actor, changes, protocol, env: {}) changes = changes.join("\n") unless changes.is_a?(String) @@ -143,107 +145,4 @@ class GitlabNet # rubocop:disable Metrics/ClassLength def sanitize_path(repo) repo.delete("'") end - - def config - @config ||= GitlabConfig.new - end - - def host - "#{config.gitlab_url}/api/v4/internal" - end - - def http_client_for(uri, options = {}) - http = if uri.is_a?(URI::HTTPUNIX) - Net::HTTPUNIX.new(uri.hostname) - else - Net::HTTP.new(uri.host, uri.port) - end - - http.read_timeout = options[:read_timeout] || read_timeout - - if uri.is_a?(URI::HTTPS) - http.use_ssl = true - http.cert_store = cert_store - http.verify_mode = OpenSSL::SSL::VERIFY_NONE if config.http_settings['self_signed_cert'] - end - - http - end - - def http_request_for(method, uri, params = {}) - request_klass = method == :get ? Net::HTTP::Get : Net::HTTP::Post - request = request_klass.new(uri.request_uri) - - user = config.http_settings['user'] - password = config.http_settings['password'] - request.basic_auth(user, password) if user && password - - request.set_form_data(params.merge(secret_token: secret_token)) - - if uri.is_a?(URI::HTTPUNIX) - # The HTTPUNIX HTTP client does not set a correct Host header. This can - # lead to 400 Bad Request responses. - request['Host'] = 'localhost' - end - - request - end - - def request(method, url, params = {}, options = {}) - $logger.debug('Performing request', method: method.to_s.upcase, url: url) - - uri = URI.parse(url) - - http = http_client_for(uri, options) - request = http_request_for(method, uri, params) - - begin - start_time = Time.new - response = http.start { http.request(request) } - rescue => e - $logger.warn('Failed to connect to internal API', method: method.to_s.upcase, url: url, error: e) - raise ApiUnreachableError - ensure - $logger.info('finished HTTP request', method: method.to_s.upcase, url: url, duration: Time.new - start_time) - end - - if response.code == "200" - $logger.debug('Received response', code: response.code, body: response.body) - else - $logger.error('API call failed', method: method.to_s.upcase, url: url, code: response.code, body: response.body) - end - - response - end - - def get(url, options = {}) - request(:get, url, {}, options) - end - - def post(url, params) - request(:post, url, params) - end - - def cert_store - @cert_store ||= begin - store = OpenSSL::X509::Store.new - store.set_default_paths - - ca_file = config.http_settings['ca_file'] - store.add_file(ca_file) if ca_file - - ca_path = config.http_settings['ca_path'] - store.add_path(ca_path) if ca_path - - store - end - end - - def secret_token - @secret_token ||= File.read config.secret_file - end - - def read_timeout - config.http_settings['read_timeout'] || READ_TIMEOUT - end end diff --git a/lib/http_helper.rb b/lib/http_helper.rb new file mode 100644 index 0000000..b1a100e --- /dev/null +++ b/lib/http_helper.rb @@ -0,0 +1,108 @@ +module HTTPHelper + READ_TIMEOUT = 300 + + protected + + def config + @config ||= GitlabConfig.new + end + + def host + "#{config.gitlab_url}/api/v4/internal" + end + + def http_client_for(uri, options = {}) + http = if uri.is_a?(URI::HTTPUNIX) + Net::HTTPUNIX.new(uri.hostname) + else + Net::HTTP.new(uri.host, uri.port) + end + + http.read_timeout = options[:read_timeout] || read_timeout + + if uri.is_a?(URI::HTTPS) + http.use_ssl = true + http.cert_store = cert_store + http.verify_mode = OpenSSL::SSL::VERIFY_NONE if config.http_settings['self_signed_cert'] + end + + http + end + + def http_request_for(method, uri, params = {}) + request_klass = method == :get ? Net::HTTP::Get : Net::HTTP::Post + request = request_klass.new(uri.request_uri) + + user = config.http_settings['user'] + password = config.http_settings['password'] + request.basic_auth(user, password) if user && password + + request.set_form_data(params.merge(secret_token: secret_token)) + + if uri.is_a?(URI::HTTPUNIX) + # The HTTPUNIX HTTP client does not set a correct Host header. This can + # lead to 400 Bad Request responses. + request['Host'] = 'localhost' + end + + request + end + + def request(method, url, params = {}, options = {}) + $logger.debug('Performing request', method: method.to_s.upcase, url: url) + + uri = URI.parse(url) + + http = http_client_for(uri, options) + request = http_request_for(method, uri, params) + + begin + start_time = Time.new + response = http.start { http.request(request) } + rescue => e + $logger.warn('Failed to connect', method: method.to_s.upcase, url: url, error: e) + raise GitlabNet::ApiUnreachableError + ensure + $logger.info('finished HTTP request', method: method.to_s.upcase, url: url, duration: Time.new - start_time) + end + + if response.code == "200" + $logger.debug('Received response', code: response.code, body: response.body) + else + $logger.error('Call failed', method: method.to_s.upcase, url: url, code: response.code, body: response.body) + end + + response + end + + def get(url, options = {}) + request(:get, url, {}, options) + end + + def post(url, params) + request(:post, url, params) + end + + def cert_store + @cert_store ||= begin + store = OpenSSL::X509::Store.new + store.set_default_paths + + ca_file = config.http_settings['ca_file'] + store.add_file(ca_file) if ca_file + + ca_path = config.http_settings['ca_path'] + store.add_path(ca_path) if ca_path + + store + end + end + + def secret_token + @secret_token ||= File.read config.secret_file + end + + def read_timeout + config.http_settings['read_timeout'] || READ_TIMEOUT + end +end |