Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
d67a2497
Commit
d67a2497
authored
Aug 20, 2018
by
Ash McKenzie
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
New geo/proxy_git_push_ssh routes
parent
9decb78c
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
172 additions
and
2 deletions
+172
-2
ee/lib/api/geo.rb
ee/lib/api/geo.rb
+47
-0
ee/lib/ee/gitlab/middleware/read_only/controller.rb
ee/lib/ee/gitlab/middleware/read_only/controller.rb
+9
-1
ee/spec/requests/api/geo_spec.rb
ee/spec/requests/api/geo_spec.rb
+116
-1
No files found.
ee/lib/api/geo.rb
View file @
d67a2497
require
'base64'
module
API
module
API
class
Geo
<
Grape
::
API
class
Geo
<
Grape
::
API
resource
:geo
do
resource
:geo
do
...
@@ -40,6 +42,51 @@ module API
...
@@ -40,6 +42,51 @@ module API
render_validation_error!
(
db_status
)
render_validation_error!
(
db_status
)
end
end
end
end
# git push over SSH secondary -> primary related proxying logic
#
resource
'proxy_git_push_ssh'
do
format
:json
# Responsible for making HTTP GET /repo.git/info/refs?service=git-receive-pack
# request *from* secondary gitlab-shell to primary
#
params
do
requires
:secret_token
,
type:
String
requires
:data
,
type:
Hash
do
requires
:gl_id
,
type:
String
requires
:primary_repo
,
type:
String
end
end
post
'info_refs'
do
authenticate_by_gitlab_shell_token!
params
.
delete
(
:secret_token
)
resp
=
Gitlab
::
Geo
::
GitPushSSHProxy
.
new
(
params
[
'data'
]).
info_refs
status
(
resp
.
code
.
to_i
)
{
status:
true
,
message:
nil
,
result:
Base64
.
encode64
(
resp
.
body
.
to_s
)
}
end
# Responsible for making HTTP POST /repo.git/git-receive-pack
# request *from* secondary gitlab-shell to primary
#
params
do
requires
:secret_token
,
type:
String
requires
:data
,
type:
Hash
do
requires
:gl_id
,
type:
String
requires
:primary_repo
,
type:
String
end
requires
:output
,
type:
String
,
desc:
'Output from git-receive-pack'
end
post
'push'
do
authenticate_by_gitlab_shell_token!
params
.
delete
(
:secret_token
)
resp
=
Gitlab
::
Geo
::
GitPushSSHProxy
.
new
(
params
[
'data'
]).
push
(
Base64
.
decode64
(
params
[
'output'
]))
status
(
resp
.
code
.
to_i
)
{
status:
true
,
message:
nil
,
result:
Base64
.
encode64
(
resp
.
body
.
to_s
)
}
end
end
end
end
end
end
end
end
ee/lib/ee/gitlab/middleware/read_only/controller.rb
View file @
d67a2497
...
@@ -17,7 +17,7 @@ module EE
...
@@ -17,7 +17,7 @@ module EE
override
:whitelisted_routes
override
:whitelisted_routes
def
whitelisted_routes
def
whitelisted_routes
super
||
geo_node_update_route
super
||
geo_node_update_route
||
geo_proxy_git_push_ssh_route
end
end
def
geo_node_update_route
def
geo_node_update_route
...
@@ -33,6 +33,14 @@ module EE
...
@@ -33,6 +33,14 @@ module EE
WHITELISTED_GEO_ROUTES_TRACKING_DB
[
controller
]
&
.
include?
(
action
)
WHITELISTED_GEO_ROUTES_TRACKING_DB
[
controller
]
&
.
include?
(
action
)
end
end
end
end
def
geo_proxy_git_push_ssh_route
routes
=
::
Gitlab
::
Middleware
::
ReadOnly
::
API_VERSIONS
.
map
do
|
version
|
[
"/api/v
#{
version
}
/geo/proxy_git_push_ssh/info_refs"
,
"/api/v
#{
version
}
/geo/proxy_git_push_ssh/push"
]
end
routes
.
flatten
.
include?
(
request
.
path
)
end
end
end
end
end
end
end
...
...
ee/spec/requests/api/geo_spec.rb
View file @
d67a2497
...
@@ -25,7 +25,7 @@ describe API::Geo do
...
@@ -25,7 +25,7 @@ describe API::Geo do
end
end
end
end
describe
'/geo/transfers'
do
describe
'
GET
/geo/transfers'
do
before
do
before
do
stub_current_geo_node
(
secondary_node
)
stub_current_geo_node
(
secondary_node
)
end
end
...
@@ -287,4 +287,119 @@ describe API::Geo do
...
@@ -287,4 +287,119 @@ describe API::Geo do
it_behaves_like
'with terms enforced'
it_behaves_like
'with terms enforced'
end
end
end
end
describe
'/geo/proxy_git_push_ssh'
do
let
(
:secret_token
)
{
Gitlab
::
Shell
.
secret_token
}
let
(
:data
)
{
{
primary_repo:
'http://localhost:3001/testuser/repo.git'
,
gl_id:
'key-1'
,
gl_username:
'testuser'
}
}
before
do
stub_current_geo_node
(
secondary_node
)
end
describe
'POST /geo/proxy_git_push_ssh/info_refs'
do
context
'with all required params missing'
do
it
'responds with 400'
do
post
api
(
'/geo/proxy_git_push_ssh/info_refs'
),
nil
expect
(
response
).
to
have_gitlab_http_status
(
400
)
expect
(
json_response
[
'error'
]).
to
eql
(
'secret_token is missing, data is missing, data[gl_id] is missing, data[primary_repo] is missing'
)
end
end
context
'with all required params'
do
let
(
:git_push_ssh_proxy
)
{
double
(
Gitlab
::
Geo
::
GitPushSSHProxy
)
}
before
do
allow
(
Gitlab
::
Geo
::
GitPushSSHProxy
).
to
receive
(
:new
).
with
(
data
).
and_return
(
git_push_ssh_proxy
)
end
context
'with an invalid secret_token'
do
it
'responds with 401'
do
post
(
api
(
'/geo/proxy_git_push_ssh/info_refs'
),
{
secret_token:
'invalid'
,
data:
data
})
expect
(
response
).
to
have_gitlab_http_status
(
401
)
expect
(
json_response
[
'error'
]).
to
be_nil
end
end
context
'where an exception occurs'
do
it
'responds with 500'
do
expect
(
git_push_ssh_proxy
).
to
receive
(
:info_refs
).
and_raise
(
'deliberate exception raised'
)
post
api
(
'/geo/proxy_git_push_ssh/info_refs'
),
{
secret_token:
secret_token
,
data:
data
}
expect
(
response
).
to
have_gitlab_http_status
(
500
)
expect
(
json_response
[
'message'
]).
to
include
(
'RuntimeError (deliberate exception raised)'
)
expect
(
json_response
[
'result'
]).
to
be_nil
end
end
context
'with a valid secret token'
do
let
(
:http_response
)
{
double
(
Net
::
HTTPResponse
,
code:
200
,
body:
'something here'
)
}
it
'responds with 200'
do
expect
(
git_push_ssh_proxy
).
to
receive
(
:info_refs
).
and_return
(
http_response
)
post
api
(
'/geo/proxy_git_push_ssh/info_refs'
),
{
secret_token:
secret_token
,
data:
data
}
expect
(
response
).
to
have_gitlab_http_status
(
200
)
expect
(
json_response
[
'result'
]).
to
eql
(
'something+here'
)
end
end
end
end
describe
'POST /geo/proxy_git_push_ssh/push'
do
context
'with all required params missing'
do
it
'responds with 400'
do
post
api
(
'/geo/proxy_git_push_ssh/push'
),
nil
expect
(
response
).
to
have_gitlab_http_status
(
400
)
expect
(
json_response
[
'error'
]).
to
eql
(
'secret_token is missing, data is missing, data[gl_id] is missing, data[primary_repo] is missing, output is missing'
)
end
end
context
'with all required params'
do
let
(
:output
)
{
'output text'
}
let
(
:git_push_ssh_proxy
)
{
double
(
Gitlab
::
Geo
::
GitPushSSHProxy
)
}
before
do
allow
(
Gitlab
::
Geo
::
GitPushSSHProxy
).
to
receive
(
:new
).
with
(
data
).
and_return
(
git_push_ssh_proxy
)
end
context
'with an invalid secret_token'
do
it
'responds with 401'
do
post
(
api
(
'/geo/proxy_git_push_ssh/push'
),
{
secret_token:
'invalid'
,
data:
data
,
output:
output
})
expect
(
response
).
to
have_gitlab_http_status
(
401
)
expect
(
json_response
[
'error'
]).
to
be_nil
end
end
context
'where an exception occurs'
do
it
'responds with 500'
do
expect
(
git_push_ssh_proxy
).
to
receive
(
:push
).
and_raise
(
'deliberate exception raised'
)
post
api
(
'/geo/proxy_git_push_ssh/push'
),
{
secret_token:
secret_token
,
data:
data
,
output:
output
}
expect
(
response
).
to
have_gitlab_http_status
(
500
)
expect
(
json_response
[
'message'
]).
to
include
(
'RuntimeError (deliberate exception raised)'
)
expect
(
json_response
[
'result'
]).
to
be_nil
end
end
context
'with a valid secret token'
do
let
(
:http_response
)
{
double
(
Net
::
HTTPResponse
,
code:
201
,
body:
'something here'
)
}
it
'responds with 201'
do
expect
(
git_push_ssh_proxy
).
to
receive
(
:push
).
with
(
output
).
and_return
(
http_response
)
post
api
(
'/geo/proxy_git_push_ssh/push'
),
{
secret_token:
secret_token
,
data:
data
,
output:
output
}
expect
(
response
).
to
have_gitlab_http_status
(
201
)
expect
(
json_response
[
'result'
]).
to
eql
(
'something+here'
)
end
end
end
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment