summaryrefslogtreecommitdiff
path: root/client
Commit message (Collapse)AuthorAgeFilesLines
* Exclude API errors from error rateIgor Drozdov2022-05-181-3/+11
| | | | | | When API isn't responsible or the resource is not accessible (returns 404 or 403), then we shouldn't consider it as an error on gitlab-sshd side
* Use require.WithinDuration to fix flacky testIgor Drozdov2022-05-091-2/+2
|
* Merge branch '484_remove_outdated_func' into 'main'Ash McKenzie2022-04-271-10/+0
|\ | | | | | | | | Remove deprecated function NewHTTPClient See merge request gitlab-org/gitlab-shell!603
| * Remove deprecated function NewHTTPClientVasilii Iakliushin2022-04-261-10/+0
| | | | | | | | | | | | Contributes to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/484 Changelog: removed
* | Add JWT token to GitLab Rails requestIgor Drozdov2022-04-262-9/+74
|/ | | | | It is passed as a Gitlab-Shell-Api-Request header and uses the same shared secret in order to encrypt the token
* Remove `self_signed_cert` optionVasilii Iakliushin2022-04-224-22/+16
| | | | | | Contributes to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/541 Changelog: removed
* Optionally use SSHUploadPackWithSidechannelJacob Vosmaer2022-01-251-1/+28
| | | | | | | If the GitLab API returns an allowed response with use_sidechannel set to true, gitlab-shell will establish a sidechannel connection and use SSHUploadPackWithSidechannel instead of SSHUploadPack. This is an efficiency improvement.
* Update gitaly/v14/client to 2e398afa0490ccdf5a82e1a7c7d824ae491eba16Jacob Vosmaer2022-01-251-1/+4
| | | | | | This updates the Gitaly client go.mod dependency to Gitaly commit 2e398afa0490ccdf5a82e1a7c7d824ae491eba16. This causes a grpc-go version bump, and hence a minor change in some of our test code.
* Deprecate self_signed_cert config settingid-deprecate-self-signed-certIgor Drozdov2022-01-121-1/+4
| | | | | | | | | The option isn't required to accept self-signed certs On the other hand, if the option set to true it makes machine-in-the-middle attack possible Let's clarify it in the code that the option is deprecated
* Merge branch 'fix/name-certificate' into 'main'Igor Drozdov2021-10-122-2/+0
|\ | | | | | | | | refactor: remove call to BuildNameToCertificate (deprecated) See merge request gitlab-org/gitlab-shell!515
| * refactor: remove call to BuildNameToCertificate (deprecated)feistel2021-09-082-2/+0
| |
* | Only validate SSL cert file exists if a value is suppliedStan Hu2021-09-232-12/+34
|/ | | | | | | | | This fixes a regression in https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/508. If an HTTPS internal API URL were used, gitlab-shell would not work at all. We now handle blank `caFile` properly. Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/529
* refactor: move away from ioutil (deprecated)feistel2021-08-196-19/+17
|
* Merge branch 'verify/cafile' into 'main'Ash McKenzie2021-08-182-29/+47
|\ | | | | | | | | | | | | fix: validate client cert paths exist on disk before proceeding Closes #486 See merge request gitlab-org/gitlab-shell!508
| * test: move os.stat check before the hcc creationAsh McKenzie2021-08-171-7/+7
| |
| * fix: make sure ErrCafileNotFound is returned only when the file doesn't existfeistel2021-08-111-1/+4
| |
| * fix: validate client cert paths exist on disk before proceedingfeistel2021-08-112-29/+44
| |
* | refactor: update usage of NewHTTPClient to NewHTTPClientWithOptsfeistel2021-08-112-3/+6
|/
* Remove some unreliable testsNick Thomas2021-07-301-65/+1
| | | | | | | | | | | | | Logrus buffers its output internally, which makes these tests fail intermittently. They're also not a good example to follow generally. We now have acceptance tests that exercise this functionality so I'm pretty relaxed about losing the expectations. However, we can test them by inspecting the server-received metadata too, so there's no loss of coverage here. The move from logrus to labkit for logging also makes these tests hard to justify keeping.
* Fix formatting via make fmtStan Hu2021-07-262-4/+4
|
* Switch to labkit/log for logging functionalityIgor Drozdov2021-07-222-13/+8
|
* Add tracing instrumentation to http clientIgor2021-07-201-1/+2
|
* Refactor testhelper.PrepareTestRootDir using t.CleanupIgor Drozdov2021-07-142-6/+2
|
* fix: upgrade of the gitaly dependencyPavlo Strokov2021-06-021-1/+1
| | | | | | | | | | | Gitaly project now properly respects module release flow and includes a module suffix in the package name. It requires to re-write all non-suffixed imports with suffixed of a specific version of tha module. With proper module versioning we don't need to use a 'replace' directive to point to specific commit and can use semantic versioning for the gitaly dependency. Part of: https://gitlab.com/gitlab-org/gitaly/-/issues/3177
* Replace cleanup functions with t.CleanupIgor Drozdov2021-03-175-36/+36
| | | | | In this case we don't need to propagate cleanup function. It simplifies the code.
* Update testserver.go with tls 1.2 min versionUpdating-min-TLS-version-to-12Vitor Meireles De Sousa2020-11-171-0/+1
|
* Update httpclient.go with TLS 1.2 as minimum versionVitor Meireles De Sousa2020-11-171-0/+1
|
* GitLab API Client support for client certificatesPaul Okstad2020-11-174-25/+113
|
* Log Content-Length bytes in API resposneStan Hu2020-11-022-0/+6
| | | | | This will be useful to measure bandwidth sent in response to an API request, particularly with measuring the /api/v4/internal/lfs endpoint.
* tests: Replace assert with requirezj-remove-testify-assertZeger-Jan van de Weg2020-10-153-67/+64
| | | | | | | | | Testify features sub packages `assert` and `require`. The difference is subtle, and lost on novice Golang developers that don't read the docs. To create a more consistent code base `assert` will no longer be used. This change was generated by a running a sed command on all `_test.go` files, followed by `goimports -w`.
* client: Allow User-Agent header to be overriddenzj-override-user-agentZeger-Jan van de Weg2020-10-142-2/+43
| | | | | | | | | | The user agent for requests to the internal API endpoints used the default Go provided user agent. This change updates that to always set something else, by default `GitLab-Shell`. Than for others importing the package, there's a new API to set it to something else. This has been done with new method, a setter, to maintain backwards compatibility in the API.
* Make it possible to propagate correlation ID across processesStan Hu2020-09-204-32/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, gitlab-shell did not pass a context through the application. Correlation IDs were generated down the call stack instead of passed around from the start execution. This has several potential downsides: 1. It's easier for programming mistakes to be made in future that lead to multiple correlation IDs being generated for a single request. 2. Correlation IDs cannot be passed in from upstream requests 3. Other advantages of context passing, such as distributed tracing is not possible. This commit changes the behavior: 1. Extract the correlation ID from the environment at the start of the application. 2. If no correlation ID exists, generate a random one. 3. Pass the correlation ID to the GitLabNet API requests. This change also enables other clients of GitLabNet (e.g. Gitaly) to pass along the correlation ID in the internal API requests (https://gitlab.com/gitlab-org/gitaly/-/issues/2725). Fixes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/474
* Fix gitlab-shell not handling relative URLs over UNIX socketssh-fix-unix-relative-url-accessStan Hu2020-08-204-60/+89
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/4498#note_397401883, if you specify a relative path such as: ``` external_url 'http://gitlab.example.com/gitlab' ``` gitlab-shell doesn't have a way to pass the `/gitlab` to the host. For example, let's say we have: ``` gitlab_url: "http+unix://%2Fvar%2Fopt%2Fgitlab%2Fgitlab-workhorse%2Fsocket" ``` If we have `/gitlab` as the relative path, how do we specify what is the UNIX socket path and what is the relative path? If we specify: ``` gitlab_url: "http+unix:///var/opt/gitlab/gitlab-workhorse.socket/gitlab ``` This is ambiguous. Is the socket in `/var/opt/gitlab/gitlab-workhorse.socket/gitlab` or in `/var/opt/gitlab/gitlab-workhorse.socket`? To fix this, this merge request adds an optional `gitlab_relative_url_root` config parameter: ``` gitlab_url: "http+unix://%2Fvar%2Fopt%2Fgitlab%2Fgitlab-workhorse%2Fsocket" gitlab_relative_url_root: /gitlab ``` This is only used with UNIX domain sockets to disambiguate the socket and base URL path. If `gitlab_url` uses `http://` or `https://`, then `gitlab_relative_url_root` is ignored. Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/476
* Generate and log correlation IDsStan Hu2020-07-313-10/+31
| | | | | This will make it easier to tie an SSH access request to Rails API and Gitaly requests.
* Fix race conditions with logrus testingsh-fix-logrus-raceStan Hu2020-05-111-0/+6
| | | | | | | | | logrus fires a Goroutine to write logs, so the tests could fail if they checked the event queue before the logrus have fired. Since there isn't an easy way to flush all outstanding hooks, we just retry every 100 ms for up to a second for log to arrive in the queue. Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/450
* Fix race conditions in testssh-add-http-status-codeStan Hu2020-05-081-30/+36
| | | | | | | | Calling logrus hook.LastEntry() can lead to race conditions. Use AllEntries instead: https://github.com/sirupsen/logrus/blob/60c74ad9be0d874af0ab0daef6ab07c5c5911f0d/hooks/test/test.go#L77 Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/450
* Add HTTP status code to internal API logsStan Hu2020-05-082-12/+35
| | | | This would make it easier to filter the logs by status code.
* Move gitlabnet client to client packagejc-refactor-gitlabnet-clientJohn Cai2020-05-047-0/+879
View Lorry Controller Status