LabKit support

6 files changed, 88 insertions, 17 deletions

diff --git a/changelogs/unreleased/an-labkit-support.yml b/changelogs/unreleased/an-labkit-support.yml
new file mode 100644
index 000000000..d489546ab
--- /dev/null
+++ b/changelogs/unreleased/an-labkit-support.yml
@@ -0,0 +1,5 @@
+---
+title: LabKit integration with Gitaly-Ruby
+merge_request: 1083
+author:
+type: other
diff --git a/ruby/Gemfile b/ruby/Gemfile
index 6957efab8..0b0a38bc9 100644
--- a/ruby/Gemfile
+++ b/ruby/Gemfile
@@ -16,6 +16,9 @@ gem 'sentry-raven', '~> 2.9.0', require: false
 gem 'faraday', '~> 0.12'
 gem 'rbtrace', require: false
 
+# Labkit provides observability functionality
+gem 'gitlab-labkit', '~> 0.3.0'
+
 # Detects the open source license the repository includes
 # This version needs to be in sync with GitLab CE/EE
 gem 'licensee', '~> 8.9.0'
diff --git a/ruby/Gemfile.lock b/ruby/Gemfile.lock
index 6801dbebd..ecc711e06 100644
--- a/ruby/Gemfile.lock
+++ b/ruby/Gemfile.lock
@@ -2,6 +2,19 @@ GEM
   remote: https://rubygems.org/
   specs:
     abstract_type (0.0.7)
+    actionpack (5.1.7)
+      actionview (= 5.1.7)
+      activesupport (= 5.1.7)
+      rack (~> 2.0)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (5.1.7)
+      activesupport (= 5.1.7)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
     activesupport (5.1.7)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
@@ -10,10 +23,11 @@ GEM
     adamantium (0.2.0)
       ice_nine (~> 0.11.0)
       memoizable (~> 0.4.0)
-    addressable (2.5.2)
+    addressable (2.6.0)
       public_suffix (>= 2.0.2, < 4.0)
     ast (2.4.0)
     binding_ninja (0.2.3)
+    builder (3.2.3)
     charlock_holmes (0.7.6)
     coderay (1.1.2)
     concord (0.1.5)
@@ -26,10 +40,11 @@ GEM
     diff-lcs (1.3)
     docile (1.1.5)
     equalizer (0.0.11)
+    erubi (1.8.0)
     escape_utils (1.2.1)
-    factory_bot (4.11.1)
-      activesupport (>= 3.0.0)
-    faraday (0.15.3)
+    factory_bot (5.0.2)
+      activesupport (>= 4.2.0)
+    faraday (0.15.4)
       multipart-post (>= 1.2, < 3)
     ffi (1.10.0)
     gemojione (3.3.0)
@@ -58,6 +73,12 @@ GEM
       diff-lcs (~> 1.1)
       mime-types (>= 1.16)
       posix-spawn (~> 0.3)
+    gitlab-labkit (0.3.0)
+      actionpack (~> 5)
+      activesupport (~> 5)
+      grpc (~> 1.19.0)
+      jaeger-client (~> 0.10)
+      opentracing (~> 0.4)
     gitlab-markup (1.7.0)
     gollum-grit_adapter (1.0.1)
       gitlab-grit (~> 2.7, >= 2.7.1)
@@ -67,30 +88,37 @@ GEM
     grpc (1.19.0)
       google-protobuf (~> 3.1)
       googleapis-common-protos-types (~> 1.0.0)
-    hashdiff (0.3.8)
+    hashdiff (0.3.9)
     i18n (1.6.0)
       concurrent-ruby (~> 1.0)
     ice_nine (0.11.2)
+    jaeger-client (0.10.0)
+      opentracing (~> 0.3)
+      thrift
     jaro_winkler (1.5.2)
     json (2.2.0)
     licensee (8.9.2)
       rugged (~> 0.24)
     listen (0.5.3)
+    loofah (2.2.3)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
     memoizable (0.4.2)
       thread_safe (~> 0.3, >= 0.3.1)
     method_source (0.9.2)
     mime-types (3.2.2)
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2018.0812)
+    mime-types-data (3.2019.0331)
     mini_portile2 (2.4.0)
     minitest (5.11.3)
-    msgpack (1.2.6)
+    msgpack (1.2.10)
     multi_json (1.13.1)
     multipart-post (2.0.0)
     nokogiri (1.10.3)
       mini_portile2 (~> 2.4.0)
     nokogumbo (1.5.0)
       nokogiri
+    opentracing (0.5.0)
     optimist (3.0.0)
     parallel (1.17.0)
     parser (2.6.3.0)
@@ -105,6 +133,14 @@ GEM
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)
     public_suffix (3.0.3)
+    rack (2.0.7)
+    rack-test (1.1.0)
+      rack (>= 1.0, < 3)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.0.4)
+      loofah (~> 2.2, >= 2.2.2)
     rainbow (3.0.0)
     rbtrace (0.4.11)
       ffi (>= 1.0.6)
@@ -140,7 +176,7 @@ GEM
       unicode-display_width (>= 1.4.0, < 1.7)
     ruby-progressbar (1.10.0)
     rugged (0.28.1)
-    safe_yaml (1.0.4)
+    safe_yaml (1.0.5)
     sanitize (4.6.6)
       crass (~> 1.0.2)
       nokogiri (>= 1.4.4)
@@ -154,6 +190,7 @@ GEM
     simplecov-html (0.9.0)
     stringex (2.8.5)
     thread_safe (0.3.6)
+    thrift (0.11.0.0)
     timecop (0.9.1)
     tzinfo (1.2.5)
       thread_safe (~> 0.1)
@@ -184,6 +221,7 @@ DEPENDENCIES
   github-linguist (~> 6.1)
   gitlab-gollum-lib (~> 4.2.7.7)
   gitlab-gollum-rugged_adapter (~> 0.4.4.2)
+  gitlab-labkit (~> 0.3.0)
   gitlab-markup (~> 1.7.0)
   google-protobuf (~> 3.7.1)
   grpc (~> 1.19.0)
diff --git a/ruby/bin/gitaly-ruby b/ruby/bin/gitaly-ruby
index 6f6a69b82..bfec5ee36 100755
--- a/ruby/bin/gitaly-ruby
+++ b/ruby/bin/gitaly-ruby
@@ -3,6 +3,7 @@
 require 'fileutils'
 
 require 'grpc'
+require 'gitlab-labkit'
 
 require_relative '../lib/gitaly_server.rb'
 require_relative '../lib/gitaly_server/sentry_interceptor.rb'
@@ -23,15 +24,13 @@ def main
   FileUtils.mkdir_p(socket_dir)
   File.chmod(0700, socket_dir)
 
+  load_distributed_tracing
+
   load_tracing
 
   s = GRPC::RpcServer.new(
     poll_period: SHUTDOWN_TIMEOUT,
-    interceptors: [
-      GitalyServer::SentryInterceptor.new,
-      GitalyServer::ExceptionSanitizerInterceptor.new,
-      GitalyServer::RuggedInterceptor.new
-    ]
+    interceptors: build_server_interceptor_chain
   )
   port = 'unix:' + socket_path
   s.add_http2_port(port, :this_port_is_insecure)
@@ -60,6 +59,13 @@ def main
   run_thread.join
 end
 
+def load_distributed_tracing
+  return unless Labkit::Tracing.enabled?
+
+  tracer = Labkit::Tracing::Factory.create_tracer("gitaly-ruby", Labkit::Tracing.connection_string)
+  OpenTracing.global_tracer = tracer if tracer
+end
+
 def load_tracing
   config = Gitlab::Config::Gitaly.new
 
@@ -91,6 +97,16 @@ def start_parent_watcher(original_ppid, signal_thread)
   end
 end
 
+def build_server_interceptor_chain
+  chain = []
+  chain << GitalyServer::SentryInterceptor.new
+  chain << Labkit::Tracing::GRPC::ServerInterceptor.new if Labkit::Tracing.enabled?
+  chain << GitalyServer::ExceptionSanitizerInterceptor.new
+  chain << GitalyServer::RuggedInterceptor.new
+
+  chain
+end
+
 GRPC_LOGGER = Logger.new(STDOUT)
 GRPC_LOGGER.level = 'WARN'
 GRPC_LOGGER.progname = 'GRPC'
diff --git a/ruby/lib/gitlab/git/gitaly_remote_repository.rb b/ruby/lib/gitlab/git/gitaly_remote_repository.rb
index 237ca5472..4a446d33b 100644
--- a/ruby/lib/gitlab/git/gitaly_remote_repository.rb
+++ b/ruby/lib/gitlab/git/gitaly_remote_repository.rb
@@ -1,3 +1,5 @@
+require 'gitlab-labkit'
+
 module Gitlab
   module Git
     class GitalyRemoteRepository < RemoteRepository
@@ -10,6 +12,9 @@ module Gitlab
         @gitaly_repository = gitaly_repository
         @storage = gitaly_repository.storage_name
         @gitaly_client = GitalyServer.client(call)
+
+        @interceptors = []
+        @interceptors << Labkit::Tracing::GRPCClientInterceptor.instance if Labkit::Tracing.enabled?
       end
 
       def path
@@ -66,13 +71,13 @@ module Gitlab
 
       def exists?
         request = Gitaly::RepositoryExistsRequest.new(repository: @gitaly_repository)
-        stub = Gitaly::RepositoryService::Stub.new(address, credentials)
+        stub = Gitaly::RepositoryService::Stub.new(address, credentials, interceptors: @interceptors)
         stub.repository_exists(request, request_kwargs).exists
       end
 
       def has_visible_content?
         request = Gitaly::HasLocalBranchesRequest.new(repository: @gitaly_repository)
-        stub = Gitaly::RepositoryService::Stub.new(address, credentials)
+        stub = Gitaly::RepositoryService::Stub.new(address, credentials, interceptors: @interceptors)
         stub.has_local_branches(request, request_kwargs).value
       end
 
@@ -89,7 +94,7 @@ module Gitlab
       def request_kwargs
         @request_kwargs ||= begin
           metadata = {
-            'authorization' => "Bearer #{auhtorization_token}",
+            'authorization' => "Bearer #{authorization_token}",
             'client_name' => CLIENT_NAME
           }
 
@@ -97,7 +102,7 @@ module Gitlab
         end
       end
 
-      def auhtorization_token
+      def authorization_token
         issued_at = Time.now.to_i.to_s
         hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, token, issued_at)
 
diff --git a/ruby/spec/lib/gitlab/git/remote_repository_client_spec.rb b/ruby/spec/lib/gitlab/git/remote_repository_client_spec.rb
index e61acaa33..d257de7df 100644
--- a/ruby/spec/lib/gitlab/git/remote_repository_client_spec.rb
+++ b/ruby/spec/lib/gitlab/git/remote_repository_client_spec.rb
@@ -17,6 +17,7 @@ describe Gitlab::Git::GitalyRemoteRepository do
     context 'when SSL_CERT_FILE is set' do
       it 'Should return the correct certificate' do
         cert = File.join(File.dirname(__FILE__), "testdata/certs/gitalycert.pem")
+        allow(ENV).to receive(:[]).with('GITLAB_TRACING').and_call_original
         allow(ENV).to receive(:[]).with('SSL_CERT_DIR').and_return(nil)
         allow(ENV).to receive(:[]).with('SSL_CERT_FILE').and_return(cert)
         certs = client.certs
@@ -27,6 +28,7 @@ describe Gitlab::Git::GitalyRemoteRepository do
     context 'when SSL_CERT_DIR is set' do
       it 'Should return concatenation of gitalycert and gitalycert2 and gitalycert3 ommiting gitalycertdup.pem' do
         cert_pool_dir = File.join(File.dirname(__FILE__), "testdata/certs")
+        allow(ENV).to receive(:[]).with('GITLAB_TRACING').and_call_original
         allow(ENV).to receive(:[]).with('SSL_CERT_DIR').and_return(cert_pool_dir)
         allow(ENV).to receive(:[]).with('SSL_CERT_FILE').and_return(nil)
         certs = client.certs
@@ -49,6 +51,7 @@ describe Gitlab::Git::GitalyRemoteRepository do
       it 'Should return all certs in SSL_CERT_DIR + SSL_CERT_FILE' do
         cert_pool_dir = File.join(File.dirname(__FILE__), "testdata/certs")
         cert1_file = File.join(File.dirname(__FILE__), "testdata/gitalycert.pem")
+        allow(ENV).to receive(:[]).with('GITLAB_TRACING').and_call_original
         allow(ENV).to receive(:[]).with('SSL_CERT_DIR').and_return(cert_pool_dir)
         allow(ENV).to receive(:[]).with('SSL_CERT_FILE').and_return(cert1_file)
         expected_certs_paths = [cert1_file, File.join(cert_pool_dir, "gitalycert2.pem"), File.join(cert_pool_dir, "gitalycert3.pem")]
@@ -86,6 +89,7 @@ describe Gitlab::Git::GitalyRemoteRepository do
 
       it 'Should connect over tls' do
         cert = File.join(File.dirname(__FILE__), "testdata/certs/gitalycert.pem")
+        allow(ENV).to receive(:[]).with('GITLAB_TRACING').and_call_original
         allow(ENV).to receive(:[]).with('SSL_CERT_DIR').and_return(nil)
         allow(ENV).to receive(:[]).with('SSL_CERT_FILE').and_return(cert)