Merge branch 'jupyter_pre_spawn_hook_v2' into 'master'

JupyterHub Repo Integration

See merge request gitlab-org/gitlab-ce!27314

app/models/clusters/applications/jupyter.rb

 # frozen_string_literal: true
 
+require 'securerandom'
+
 module Clusters
   module Applications
     class Jupyter < ApplicationRecord
@@ -80,6 +82,9 @@ module Clusters
             "secretToken" => secret_token
           },
           "auth" => {
+            "state" => {
+              "cryptoKey" => crypto_key
+            },
             "gitlab" => {
               "clientId" => oauth_application.uid,
               "clientSecret" => oauth_application.secret,
@@ -95,6 +100,10 @@ module Clusters
         }
       end
 
+      def crypto_key
+        @crypto_key ||= SecureRandom.hex(32)
+      end
+
       def project_id
         cluster&.project&.id
       end

changelogs/unreleased/jupyter_pre_spawn_hook_v2.yml

+---
+title: Pass user's identity and token from JupyterHub to user's Jupyter environment
+merge_request: 27314
+author: Amit Rathi
+type: added

vendor/jupyter/values.yaml

@@ -8,8 +8,28 @@ hub:
   extraConfig: |
     c.KubeSpawner.cmd = ['jupyter-labhub']
 
+    async def add_auth_env(spawner):
+      '''
+      We set user's id, login and access token on single user image to
+      enable repository integration for JupyterHub.
+      See: https://gitlab.com/gitlab-org/gitlab-ce/issues/47138#note_154294790
+      '''
+      auth_state = await spawner.user.get_auth_state()
+
+      if not auth_state:
+          spawner.log.warning("No auth state for %s", spawner.user)
+          return
+
+      spawner.environment['GITLAB_ACCESS_TOKEN'] = auth_state['access_token']
+      spawner.environment['GITLAB_USER_LOGIN'] = auth_state['gitlab_user']['username']
+      spawner.environment['GITLAB_USER_ID'] = str(auth_state['gitlab_user']['id'])
+
+    c.KubeSpawner.pre_spawn_hook = add_auth_env
+
 auth:
   type: gitlab
+  state:
+    enabled: true
 
 singleuser:
   defaultUrl: "/lab"