Commit 6dba62e0 authored by Mark Chao's avatar Mark Chao

Merge branch 'remove-gitlab-use-redis-sessions-store-env-variable' into 'master'

Remove GITLAB_USE_REDIS_SESSIONS_STORE env variable

See merge request gitlab-org/gitlab!78048
parents 71940ecd 83fef83d
...@@ -21,7 +21,6 @@ ...@@ -21,7 +21,6 @@
# #
class ActiveSession class ActiveSession
include ActiveModel::Model include ActiveModel::Model
include ::Gitlab::Redis::SessionsStoreHelper
SESSION_BATCH_SIZE = 200 SESSION_BATCH_SIZE = 200
ALLOWED_NUMBER_OF_ACTIVE_SESSIONS = 100 ALLOWED_NUMBER_OF_ACTIVE_SESSIONS = 100
...@@ -66,7 +65,7 @@ class ActiveSession ...@@ -66,7 +65,7 @@ class ActiveSession
end end
def self.set(user, request) def self.set(user, request)
redis_store_class.with do |redis| Gitlab::Redis::Sessions.with do |redis|
session_private_id = request.session.id.private_id session_private_id = request.session.id.private_id
client = DeviceDetector.new(request.user_agent) client = DeviceDetector.new(request.user_agent)
timestamp = Time.current timestamp = Time.current
...@@ -107,7 +106,7 @@ class ActiveSession ...@@ -107,7 +106,7 @@ class ActiveSession
end end
def self.list(user) def self.list(user)
redis_store_class.with do |redis| Gitlab::Redis::Sessions.with do |redis|
cleaned_up_lookup_entries(redis, user).map do |raw_session| cleaned_up_lookup_entries(redis, user).map do |raw_session|
load_raw_session(raw_session) load_raw_session(raw_session)
end end
...@@ -115,7 +114,7 @@ class ActiveSession ...@@ -115,7 +114,7 @@ class ActiveSession
end end
def self.cleanup(user) def self.cleanup(user)
redis_store_class.with do |redis| Gitlab::Redis::Sessions.with do |redis|
clean_up_old_sessions(redis, user) clean_up_old_sessions(redis, user)
cleaned_up_lookup_entries(redis, user) cleaned_up_lookup_entries(redis, user)
end end
...@@ -138,7 +137,7 @@ class ActiveSession ...@@ -138,7 +137,7 @@ class ActiveSession
def self.destroy_session(user, session_id) def self.destroy_session(user, session_id)
return unless session_id return unless session_id
redis_store_class.with do |redis| Gitlab::Redis::Sessions.with do |redis|
destroy_sessions(redis, user, [session_id].compact) destroy_sessions(redis, user, [session_id].compact)
end end
end end
...@@ -147,7 +146,7 @@ class ActiveSession ...@@ -147,7 +146,7 @@ class ActiveSession
sessions = not_impersonated(user) sessions = not_impersonated(user)
sessions.reject! { |session| session.current?(current_rack_session) } if current_rack_session sessions.reject! { |session| session.current?(current_rack_session) } if current_rack_session
redis_store_class.with do |redis| Gitlab::Redis::Sessions.with do |redis|
session_ids = sessions.flat_map(&:ids) session_ids = sessions.flat_map(&:ids)
destroy_sessions(redis, user, session_ids) if session_ids.any? destroy_sessions(redis, user, session_ids) if session_ids.any?
end end
...@@ -182,7 +181,7 @@ class ActiveSession ...@@ -182,7 +181,7 @@ class ActiveSession
# #
# Returns an array of strings # Returns an array of strings
def self.session_ids_for_user(user_id) def self.session_ids_for_user(user_id)
redis_store_class.with do |redis| Gitlab::Redis::Sessions.with do |redis|
redis.smembers(lookup_key_name(user_id)) redis.smembers(lookup_key_name(user_id))
end end
end end
...@@ -195,7 +194,7 @@ class ActiveSession ...@@ -195,7 +194,7 @@ class ActiveSession
def self.sessions_from_ids(session_ids) def self.sessions_from_ids(session_ids)
return [] if session_ids.empty? return [] if session_ids.empty?
redis_store_class.with do |redis| Gitlab::Redis::Sessions.with do |redis|
session_keys = rack_session_keys(session_ids) session_keys = rack_session_keys(session_ids)
session_keys.each_slice(SESSION_BATCH_SIZE).flat_map do |session_keys_batch| session_keys.each_slice(SESSION_BATCH_SIZE).flat_map do |session_keys_batch|
......
...@@ -19,15 +19,7 @@ cookie_key = if Rails.env.development? ...@@ -19,15 +19,7 @@ cookie_key = if Rails.env.development?
"_gitlab_session" "_gitlab_session"
end end
store = if Gitlab::Utils.to_boolean(ENV['GITLAB_USE_REDIS_SESSIONS_STORE'], default: true) store = Gitlab::Redis::Sessions.store(namespace: Gitlab::Redis::Sessions::SESSION_NAMESPACE)
Gitlab::Redis::Sessions.store(
namespace: Gitlab::Redis::Sessions::SESSION_NAMESPACE
)
else
Gitlab::Redis::SharedState.store(
namespace: Gitlab::Redis::Sessions::SESSION_NAMESPACE
)
end
Gitlab::Application.config.session_store( Gitlab::Application.config.session_store(
:redis_store, # Using the cookie_store would enable session replay attacks. :redis_store, # Using the cookie_store would enable session replay attacks.
......
...@@ -4,20 +4,18 @@ module Gitlab ...@@ -4,20 +4,18 @@ module Gitlab
module Auth module Auth
module Otp module Otp
class SessionEnforcer class SessionEnforcer
include ::Gitlab::Redis::SessionsStoreHelper
def initialize(key) def initialize(key)
@key = key @key = key
end end
def update_session def update_session
redis_store_class.with do |redis| Gitlab::Redis::Sessions.with do |redis|
redis.setex(key_name, session_expiry_in_seconds, true) redis.setex(key_name, session_expiry_in_seconds, true)
end end
end end
def access_restricted? def access_restricted?
redis_store_class.with do |redis| Gitlab::Redis::Sessions.with do |redis|
!redis.get(key_name) !redis.get(key_name)
end end
end end
......
...@@ -2,14 +2,12 @@ ...@@ -2,14 +2,12 @@
module Gitlab module Gitlab
class AnonymousSession class AnonymousSession
include ::Gitlab::Redis::SessionsStoreHelper
def initialize(remote_ip) def initialize(remote_ip)
@remote_ip = remote_ip @remote_ip = remote_ip
end end
def count_session_ip def count_session_ip
redis_store_class.with do |redis| Gitlab::Redis::Sessions.with do |redis|
redis.pipelined do |pipeline| redis.pipelined do |pipeline|
pipeline.incr(session_lookup_name) pipeline.incr(session_lookup_name)
pipeline.expire(session_lookup_name, 24.hours) pipeline.expire(session_lookup_name, 24.hours)
...@@ -18,13 +16,13 @@ module Gitlab ...@@ -18,13 +16,13 @@ module Gitlab
end end
def session_count def session_count
redis_store_class.with do |redis| Gitlab::Redis::Sessions.with do |redis|
redis.get(session_lookup_name).to_i redis.get(session_lookup_name).to_i
end end
end end
def cleanup_session_per_ip_count def cleanup_session_per_ip_count
redis_store_class.with do |redis| Gitlab::Redis::Sessions.with do |redis|
redis.del(session_lookup_name) redis.del(session_lookup_name)
end end
end end
......
# frozen_string_literal: true
module Gitlab
module Redis
module SessionsStoreHelper
extend ActiveSupport::Concern
module StoreMethods
def redis_store_class
use_redis_session_store? ? Gitlab::Redis::Sessions : Gitlab::Redis::SharedState
end
private
def use_redis_session_store?
Gitlab::Utils.to_boolean(ENV['GITLAB_USE_REDIS_SESSIONS_STORE'], default: true)
end
end
include StoreMethods
included do
extend StoreMethods
end
end
end
end
...@@ -100,15 +100,13 @@ namespace :gitlab do ...@@ -100,15 +100,13 @@ namespace :gitlab do
namespace :sessions do namespace :sessions do
desc "GitLab | Cleanup | Sessions | Clean ActiveSession lookup keys" desc "GitLab | Cleanup | Sessions | Clean ActiveSession lookup keys"
task active_sessions_lookup_keys: :gitlab_environment do task active_sessions_lookup_keys: :gitlab_environment do
use_redis_session_store = Gitlab::Utils.to_boolean(ENV['GITLAB_USE_REDIS_SESSIONS_STORE'], default: true)
redis_store_class = use_redis_session_store ? Gitlab::Redis::Sessions : Gitlab::Redis::SharedState
session_key_pattern = "#{Gitlab::Redis::Sessions::USER_SESSIONS_LOOKUP_NAMESPACE}:*" session_key_pattern = "#{Gitlab::Redis::Sessions::USER_SESSIONS_LOOKUP_NAMESPACE}:*"
last_save_check = Time.at(0) last_save_check = Time.at(0)
wait_time = 10.seconds wait_time = 10.seconds
cursor = 0 cursor = 0
total_users_scanned = 0 total_users_scanned = 0
redis_store_class.with do |redis| Gitlab::Redis::Sessions.with do |redis|
begin begin
cursor, keys = redis.scan(cursor, match: session_key_pattern) cursor, keys = redis.scan(cursor, match: session_key_pattern)
total_users_scanned += keys.count total_users_scanned += keys.count
......
...@@ -10,40 +10,10 @@ RSpec.describe 'Session initializer for GitLab' do ...@@ -10,40 +10,10 @@ RSpec.describe 'Session initializer for GitLab' do
end end
describe 'config#session_store' do describe 'config#session_store' do
context 'when the GITLAB_USE_REDIS_SESSIONS_STORE env is not set' do it 'initialized as a redis_store with a proper servers configuration' do
before do expect(subject).to receive(:session_store).with(:redis_store, a_hash_including(redis_store: kind_of(::Redis::Store)))
stub_env('GITLAB_USE_REDIS_SESSIONS_STORE', nil)
end
it 'initialized with Multistore as ENV var defaults to true' do load_session_store
expect(subject).to receive(:session_store).with(:redis_store, a_hash_including(redis_store: kind_of(::Redis::Store)))
load_session_store
end
end
context 'when the GITLAB_USE_REDIS_SESSIONS_STORE env is disabled' do
before do
stub_env('GITLAB_USE_REDIS_SESSIONS_STORE', false)
end
it 'initialized as a redis_store with a proper servers configuration' do
expect(subject).to receive(:session_store).with(:redis_store, a_hash_including(redis_store: kind_of(Redis::Store)))
load_session_store
end
end
context 'when the GITLAB_USE_REDIS_SESSIONS_STORE env is enabled' do
before do
stub_env('GITLAB_USE_REDIS_SESSIONS_STORE', true)
end
it 'initialized as a redis_store with a proper servers configuration' do
expect(subject).to receive(:session_store).with(:redis_store, a_hash_including(redis_store: kind_of(::Redis::Store)))
load_session_store
end
end end
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment