Commit 26634f13 authored by Matt Kasa's avatar Matt Kasa

Return gitaly info in kubernetes internal API

Closes https://gitlab.com/gitlab-org/gitlab/-/issues/229462
parent dadf02e5
---
title: Return gitaly info in kubernetes internal API
merge_request: 38654
author:
type: added
...@@ -5,52 +5,67 @@ module API ...@@ -5,52 +5,67 @@ module API
module Internal module Internal
class Kubernetes < Grape::API::Instance class Kubernetes < Grape::API::Instance
helpers do helpers do
def agent_token
@agent_token ||= cluster_agent_token_from_authorization_token
end
def agent
@agent ||= agent_token.agent
end
def repo_type def repo_type
Gitlab::GlRepository::PROJECT Gitlab::GlRepository::PROJECT
end end
def gl_repository(project) def gitaly_info(project)
repo_type.identifier_for_container(project) shard = repo_type.repository_for(project).shard
{
address: Gitlab::GitalyClient.address(shard),
token: Gitlab::GitalyClient.token(shard),
features: Feature::Gitaly.server_feature_flags
}
end end
def gl_repository_path(project) def gitaly_repository(project)
repo_type.repository_for(project).full_path {
storage_name: project.repository_storage,
relative_path: project.disk_path + '.git',
gl_repository: repo_type.identifier_for_container(project),
gl_project_path: repo_type.repository_for(project).full_path
}
end end
def check_feature_enabled def check_feature_enabled
not_found! unless Feature.enabled?(:kubernetes_agent_internal_api) not_found! unless Feature.enabled?(:kubernetes_agent_internal_api)
end end
def check_agent_token
forbidden! unless agent_token
end
end end
namespace 'internal' do namespace 'internal' do
namespace 'kubernetes' do namespace 'kubernetes' do
before do
check_feature_enabled
check_agent_token
end
desc 'Gets agent info' do desc 'Gets agent info' do
detail 'Retrieves agent info for the given token' detail 'Retrieves agent info for the given token'
end end
route_setting :authentication, cluster_agent_token_allowed: true route_setting :authentication, cluster_agent_token_allowed: true
get '/agent_info' do get '/agent_info' do
check_feature_enabled project = agent.project
agent_token = cluster_agent_token_from_authorization_token status 200
{
if agent_token project_id: project.id,
agent = agent_token.agent agent_id: agent.id,
project = agent.project agent_name: agent.name,
@gl_project_string = "project-#{project.id}" gitaly_info: gitaly_info(project),
gitaly_repository: gitaly_repository(project)
status 200 }
{
project_id: project.id,
agent_id: agent.id,
agent_name: agent.name,
storage_name: project.repository_storage,
relative_path: project.disk_path + '.git',
gl_repository: gl_repository(project),
gl_project_path: gl_repository_path(project)
}
else
status 403
end
end end
desc 'Gets project info' do desc 'Gets project info' do
...@@ -58,32 +73,20 @@ module API ...@@ -58,32 +73,20 @@ module API
end end
route_setting :authentication, cluster_agent_token_allowed: true route_setting :authentication, cluster_agent_token_allowed: true
get '/project_info' do get '/project_info' do
check_feature_enabled project = find_project(params[:id])
agent_token = cluster_agent_token_from_authorization_token
if agent_token # TODO sort out authorization for real
project = find_project(params[:id]) # https://gitlab.com/gitlab-org/gitlab/-/issues/220912
if !project || !project.public?
# TODO sort out authorization for real not_found!
# https://gitlab.com/gitlab-org/gitlab/-/issues/220912
if !project || !project.public?
not_found!
end
@gl_project_string = "project-#{project.id}"
status 200
{
project_id: project.id,
storage_name: project.repository_storage,
relative_path: project.disk_path + '.git',
gl_repository: gl_repository(project),
gl_project_path: gl_repository_path(project)
}
else
status 403
end end
status 200
{
project_id: project.id,
gitaly_info: gitaly_info(project),
gitaly_repository: gitaly_repository(project)
}
end end
end end
end end
......
...@@ -33,13 +33,24 @@ RSpec.describe API::Internal::Kubernetes do ...@@ -33,13 +33,24 @@ RSpec.describe API::Internal::Kubernetes do
expect(response).to have_gitlab_http_status(:success) expect(response).to have_gitlab_http_status(:success)
expect(json_response['project_id']).to eq(project.id) expect(json_response).to match(
expect(json_response['agent_id']).to eq(agent.id) a_hash_including(
expect(json_response['agent_name']).to eq(agent.name) 'project_id' => project.id,
expect(json_response['storage_name']).to eq(project.repository_storage) 'agent_id' => agent.id,
expect(json_response['relative_path']).to eq(project.disk_path + '.git') 'agent_name' => agent.name,
expect(json_response['gl_repository']).to eq("project-#{project.id}") 'gitaly_info' => a_hash_including(
expect(json_response['gl_project_path']).to eq(project.full_path) 'address' => match(/\.socket$/),
'token' => 'secret',
'features' => {}
),
'gitaly_repository' => a_hash_including(
'storage_name' => project.repository_storage,
'relative_path' => project.disk_path + '.git',
'gl_repository' => "project-#{project.id}",
'gl_project_path' => project.full_path
)
)
)
end end
end end
...@@ -92,11 +103,22 @@ RSpec.describe API::Internal::Kubernetes do ...@@ -92,11 +103,22 @@ RSpec.describe API::Internal::Kubernetes do
expect(response).to have_gitlab_http_status(:success) expect(response).to have_gitlab_http_status(:success)
expect(json_response['project_id']).to eq(project.id) expect(json_response).to match(
expect(json_response['storage_name']).to eq(project.repository_storage) a_hash_including(
expect(json_response['relative_path']).to eq(project.disk_path + '.git') 'project_id' => project.id,
expect(json_response['gl_repository']).to eq("project-#{project.id}") 'gitaly_info' => a_hash_including(
expect(json_response['gl_project_path']).to eq(project.full_path) 'address' => match(/\.socket$/),
'token' => 'secret',
'features' => {}
),
'gitaly_repository' => a_hash_including(
'storage_name' => project.repository_storage,
'relative_path' => project.disk_path + '.git',
'gl_repository' => "project-#{project.id}",
'gl_project_path' => project.full_path
)
)
)
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment