From 9e7df846855d44302b516b6ee31b89fbb0477596 Mon Sep 17 00:00:00 2001
From: Zeger-Jan van de Weg <git@zjvandeweg.nl>
Date: Thu, 16 Aug 2018 15:22:50 +0200
Subject: Clean up cmd_exec execution environment

Given the gitaly-* now proxy the data from the client to the Gitaly
server, the environment variables aren't used. Therefor we don't have to
set them either. Only exception to the rule, is the GITALY_TOKEN.

These changes also remove the `GIT_TRACE` options, introduced by
192e2bd367494bf66746c8971896a2d9cb84fc92.

Part of: https://gitlab.com/gitlab-org/gitaly/issues/1300
---
 lib/gitlab_config.rb |  4 ---
 lib/gitlab_shell.rb  | 75 ++++++++++------------------------------------------
 2 files changed, 14 insertions(+), 65 deletions(-)

(limited to 'lib')

diff --git a/lib/gitlab_config.rb b/lib/gitlab_config.rb
index 7645989..85aa889 100644
--- a/lib/gitlab_config.rb
+++ b/lib/gitlab_config.rb
@@ -50,10 +50,6 @@ class GitlabConfig
     @config['audit_usernames'] ||= false
   end
 
-  def git_trace_log_file
-    @config['git_trace_log_file']
-  end
-
   def metrics_log_file
     @config['metrics_log_file'] ||= File.join(ROOT_PATH, 'gitlab-shell-metrics.log')
   end
diff --git a/lib/gitlab_shell.rb b/lib/gitlab_shell.rb
index 286a3d1..c7663e1 100644
--- a/lib/gitlab_shell.rb
+++ b/lib/gitlab_shell.rb
@@ -19,7 +19,7 @@ class GitlabShell # rubocop:disable Metrics/ClassLength
 
   GIT_COMMANDS = GITALY_COMMAND.keys + ['git-lfs-authenticate']
   API_COMMANDS = %w(2fa_recovery_codes).freeze
-  GL_PROTOCOL = 'ssh'.freeze
+  GL_PROTOCOL = 'ssh'
 
   attr_accessor :gl_id, :gl_repository, :repo_name, :command, :git_access, :git_protocol
 
@@ -139,61 +139,31 @@ class GitlabShell # rubocop:disable Metrics/ClassLength
       return
     end
 
-    # TODO happens only in testing as of right now
-    return unless @gitaly
-
-    # The entire gitaly_request hash should be built in gitlab-ce and passed
-    # on as-is. For now we build a fake one on the spot.
-    gitaly_request = {
+    # TODO: instead of building from pieces here in gitlab-shell, build the
+    # entire gitaly_request in gitlab-ce and pass on as-is here.
+    args = JSON.dump(
       'repository' => @gitaly['repository'],
       'gl_repository' => @gl_repository,
       'gl_id' => @gl_id,
       'gl_username' => @username,
       'git_config_options' => @git_config_options,
       'git_protocol' => @git_protocol
-    }
-
-    args = [@gitaly['address'], JSON.dump(gitaly_request)]
+    )
 
-    executable = GITALY_COMMAND[@command]
-    args_string = [File.basename(executable), *args].join(' ')
+    gitaly_address = @gitaly['address']
+    executable = GITALY_COMMAND.fetch(@command)
+    gitaly_bin = File.basename(executable)
+    args_string = [gitaly_bin, gitaly_address, args].join(' ')
     $logger.info('executing git command', command: args_string, user: log_username)
-    exec_cmd(executable, *args)
+
+    exec_cmd(executable, gitaly_address: gitaly_address, token: @gitaly['token'], json_args: args)
   end
 
   # This method is not covered by Rspec because it ends the current Ruby process.
-  def exec_cmd(*args)
-    # If you want to call a command without arguments, use
-    # exec_cmd(['my_command', 'my_command']) . Otherwise use
-    # exec_cmd('my_command', 'my_argument', ...).
-    if args.count == 1 && !args.first.is_a?(Array)
-      raise DisallowedCommandError
-    end
-
-    env = {
-      'HOME' => ENV['HOME'],
-      'PATH' => ENV['PATH'],
-      'LD_LIBRARY_PATH' => ENV['LD_LIBRARY_PATH'],
-      'LANG' => ENV['LANG'],
-      'GL_ID' => @gl_id,
-      'GL_PROTOCOL' => GL_PROTOCOL,
-      'GL_REPOSITORY' => @gl_repository,
-      'GL_USERNAME' => @username
-    }
-
-    # @gitaly is a thing, unless another code path exists that doesn't go through process_cmd
-    if @gitaly&.include?('token')
-      env['GITALY_TOKEN'] = @gitaly['token']
-    end
-
-    if git_trace_available?
-      env.merge!(
-        'GIT_TRACE' => @config.git_trace_log_file,
-        'GIT_TRACE_PACKET' => @config.git_trace_log_file,
-        'GIT_TRACE_PERFORMANCE' => @config.git_trace_log_file
-      )
-    end
+  def exec_cmd(executable, gitaly_address:, token:, json_args:)
+    env = { 'GITALY_TOKEN' => token }
 
+    args = [executable, gitaly_address, json_args]
     # We use 'chdir: ROOT_PATH' to let the next executable know where config.yml is.
     Kernel.exec(env, *args, unsetenv_others: true, chdir: ROOT_PATH)
   end
@@ -274,21 +244,4 @@ class GitlabShell # rubocop:disable Metrics/ClassLength
            "#{resp['message']}"
     end
   end
-
-  def git_trace_available?
-    return false unless @config.git_trace_log_file
-
-    if Pathname(@config.git_trace_log_file).relative?
-      $logger.warn('git trace log path must be absolute, ignoring', git_trace_log_file: @config.git_trace_log_file)
-      return false
-    end
-
-    begin
-      File.open(@config.git_trace_log_file, 'a') { nil }
-      return true
-    rescue => ex
-      $logger.warn('Failed to open git trace log file', git_trace_log_file: @config.git_trace_log_file, error: ex.to_s)
-      return false
-    end
-  end
 end
-- 
cgit v1.2.1