diff options
author | Andrew Newdigate <andrew@gitlab.com> | 2019-02-19 13:56:29 +0300 |
---|---|---|
committer | Andrew Newdigate <andrew@gitlab.com> | 2019-05-21 11:39:24 +0300 |
commit | 83d05c0d678d550a7a60cee6333ac41fe15de166 (patch) | |
tree | 32f0e6f0441b49541724b8102806401ee12fcb4d | |
parent | 1b09f13374be5b272d40b3b089372adae2801f81 (diff) |
LabKit support
-rw-r--r-- | changelogs/unreleased/an-labkit-support.yml | 5 | ||||
-rw-r--r-- | ruby/Gemfile | 3 | ||||
-rw-r--r-- | ruby/Gemfile.lock | 54 | ||||
-rwxr-xr-x | ruby/bin/gitaly-ruby | 26 | ||||
-rw-r--r-- | ruby/lib/gitlab/git/gitaly_remote_repository.rb | 13 | ||||
-rw-r--r-- | ruby/spec/lib/gitlab/git/remote_repository_client_spec.rb | 4 |
6 files changed, 88 insertions, 17 deletions
diff --git a/changelogs/unreleased/an-labkit-support.yml b/changelogs/unreleased/an-labkit-support.yml new file mode 100644 index 000000000..d489546ab --- /dev/null +++ b/changelogs/unreleased/an-labkit-support.yml @@ -0,0 +1,5 @@ +--- +title: LabKit integration with Gitaly-Ruby +merge_request: 1083 +author: +type: other diff --git a/ruby/Gemfile b/ruby/Gemfile index 6957efab8..0b0a38bc9 100644 --- a/ruby/Gemfile +++ b/ruby/Gemfile @@ -16,6 +16,9 @@ gem 'sentry-raven', '~> 2.9.0', require: false gem 'faraday', '~> 0.12' gem 'rbtrace', require: false +# Labkit provides observability functionality +gem 'gitlab-labkit', '~> 0.3.0' + # Detects the open source license the repository includes # This version needs to be in sync with GitLab CE/EE gem 'licensee', '~> 8.9.0' diff --git a/ruby/Gemfile.lock b/ruby/Gemfile.lock index 6801dbebd..ecc711e06 100644 --- a/ruby/Gemfile.lock +++ b/ruby/Gemfile.lock @@ -2,6 +2,19 @@ GEM remote: https://rubygems.org/ specs: abstract_type (0.0.7) + actionpack (5.1.7) + actionview (= 5.1.7) + activesupport (= 5.1.7) + rack (~> 2.0) + rack-test (>= 0.6.3) + rails-dom-testing (~> 2.0) + rails-html-sanitizer (~> 1.0, >= 1.0.2) + actionview (5.1.7) + activesupport (= 5.1.7) + builder (~> 3.1) + erubi (~> 1.4) + rails-dom-testing (~> 2.0) + rails-html-sanitizer (~> 1.0, >= 1.0.3) activesupport (5.1.7) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) @@ -10,10 +23,11 @@ GEM adamantium (0.2.0) ice_nine (~> 0.11.0) memoizable (~> 0.4.0) - addressable (2.5.2) + addressable (2.6.0) public_suffix (>= 2.0.2, < 4.0) ast (2.4.0) binding_ninja (0.2.3) + builder (3.2.3) charlock_holmes (0.7.6) coderay (1.1.2) concord (0.1.5) @@ -26,10 +40,11 @@ GEM diff-lcs (1.3) docile (1.1.5) equalizer (0.0.11) + erubi (1.8.0) escape_utils (1.2.1) - factory_bot (4.11.1) - activesupport (>= 3.0.0) - faraday (0.15.3) + factory_bot (5.0.2) + activesupport (>= 4.2.0) + faraday (0.15.4) multipart-post (>= 1.2, < 3) ffi (1.10.0) gemojione (3.3.0) @@ -58,6 +73,12 @@ GEM diff-lcs (~> 1.1) mime-types (>= 1.16) posix-spawn (~> 0.3) + gitlab-labkit (0.3.0) + actionpack (~> 5) + activesupport (~> 5) + grpc (~> 1.19.0) + jaeger-client (~> 0.10) + opentracing (~> 0.4) gitlab-markup (1.7.0) gollum-grit_adapter (1.0.1) gitlab-grit (~> 2.7, >= 2.7.1) @@ -67,30 +88,37 @@ GEM grpc (1.19.0) google-protobuf (~> 3.1) googleapis-common-protos-types (~> 1.0.0) - hashdiff (0.3.8) + hashdiff (0.3.9) i18n (1.6.0) concurrent-ruby (~> 1.0) ice_nine (0.11.2) + jaeger-client (0.10.0) + opentracing (~> 0.3) + thrift jaro_winkler (1.5.2) json (2.2.0) licensee (8.9.2) rugged (~> 0.24) listen (0.5.3) + loofah (2.2.3) + crass (~> 1.0.2) + nokogiri (>= 1.5.9) memoizable (0.4.2) thread_safe (~> 0.3, >= 0.3.1) method_source (0.9.2) mime-types (3.2.2) mime-types-data (~> 3.2015) - mime-types-data (3.2018.0812) + mime-types-data (3.2019.0331) mini_portile2 (2.4.0) minitest (5.11.3) - msgpack (1.2.6) + msgpack (1.2.10) multi_json (1.13.1) multipart-post (2.0.0) nokogiri (1.10.3) mini_portile2 (~> 2.4.0) nokogumbo (1.5.0) nokogiri + opentracing (0.5.0) optimist (3.0.0) parallel (1.17.0) parser (2.6.3.0) @@ -105,6 +133,14 @@ GEM coderay (~> 1.1.0) method_source (~> 0.9.0) public_suffix (3.0.3) + rack (2.0.7) + rack-test (1.1.0) + rack (>= 1.0, < 3) + rails-dom-testing (2.0.3) + activesupport (>= 4.2.0) + nokogiri (>= 1.6) + rails-html-sanitizer (1.0.4) + loofah (~> 2.2, >= 2.2.2) rainbow (3.0.0) rbtrace (0.4.11) ffi (>= 1.0.6) @@ -140,7 +176,7 @@ GEM unicode-display_width (>= 1.4.0, < 1.7) ruby-progressbar (1.10.0) rugged (0.28.1) - safe_yaml (1.0.4) + safe_yaml (1.0.5) sanitize (4.6.6) crass (~> 1.0.2) nokogiri (>= 1.4.4) @@ -154,6 +190,7 @@ GEM simplecov-html (0.9.0) stringex (2.8.5) thread_safe (0.3.6) + thrift (0.11.0.0) timecop (0.9.1) tzinfo (1.2.5) thread_safe (~> 0.1) @@ -184,6 +221,7 @@ DEPENDENCIES github-linguist (~> 6.1) gitlab-gollum-lib (~> 4.2.7.7) gitlab-gollum-rugged_adapter (~> 0.4.4.2) + gitlab-labkit (~> 0.3.0) gitlab-markup (~> 1.7.0) google-protobuf (~> 3.7.1) grpc (~> 1.19.0) diff --git a/ruby/bin/gitaly-ruby b/ruby/bin/gitaly-ruby index 6f6a69b82..bfec5ee36 100755 --- a/ruby/bin/gitaly-ruby +++ b/ruby/bin/gitaly-ruby @@ -3,6 +3,7 @@ require 'fileutils' require 'grpc' +require 'gitlab-labkit' require_relative '../lib/gitaly_server.rb' require_relative '../lib/gitaly_server/sentry_interceptor.rb' @@ -23,15 +24,13 @@ def main FileUtils.mkdir_p(socket_dir) File.chmod(0700, socket_dir) + load_distributed_tracing + load_tracing s = GRPC::RpcServer.new( poll_period: SHUTDOWN_TIMEOUT, - interceptors: [ - GitalyServer::SentryInterceptor.new, - GitalyServer::ExceptionSanitizerInterceptor.new, - GitalyServer::RuggedInterceptor.new - ] + interceptors: build_server_interceptor_chain ) port = 'unix:' + socket_path s.add_http2_port(port, :this_port_is_insecure) @@ -60,6 +59,13 @@ def main run_thread.join end +def load_distributed_tracing + return unless Labkit::Tracing.enabled? + + tracer = Labkit::Tracing::Factory.create_tracer("gitaly-ruby", Labkit::Tracing.connection_string) + OpenTracing.global_tracer = tracer if tracer +end + def load_tracing config = Gitlab::Config::Gitaly.new @@ -91,6 +97,16 @@ def start_parent_watcher(original_ppid, signal_thread) end end +def build_server_interceptor_chain + chain = [] + chain << GitalyServer::SentryInterceptor.new + chain << Labkit::Tracing::GRPC::ServerInterceptor.new if Labkit::Tracing.enabled? + chain << GitalyServer::ExceptionSanitizerInterceptor.new + chain << GitalyServer::RuggedInterceptor.new + + chain +end + GRPC_LOGGER = Logger.new(STDOUT) GRPC_LOGGER.level = 'WARN' GRPC_LOGGER.progname = 'GRPC' diff --git a/ruby/lib/gitlab/git/gitaly_remote_repository.rb b/ruby/lib/gitlab/git/gitaly_remote_repository.rb index 237ca5472..4a446d33b 100644 --- a/ruby/lib/gitlab/git/gitaly_remote_repository.rb +++ b/ruby/lib/gitlab/git/gitaly_remote_repository.rb @@ -1,3 +1,5 @@ +require 'gitlab-labkit' + module Gitlab module Git class GitalyRemoteRepository < RemoteRepository @@ -10,6 +12,9 @@ module Gitlab @gitaly_repository = gitaly_repository @storage = gitaly_repository.storage_name @gitaly_client = GitalyServer.client(call) + + @interceptors = [] + @interceptors << Labkit::Tracing::GRPCClientInterceptor.instance if Labkit::Tracing.enabled? end def path @@ -66,13 +71,13 @@ module Gitlab def exists? request = Gitaly::RepositoryExistsRequest.new(repository: @gitaly_repository) - stub = Gitaly::RepositoryService::Stub.new(address, credentials) + stub = Gitaly::RepositoryService::Stub.new(address, credentials, interceptors: @interceptors) stub.repository_exists(request, request_kwargs).exists end def has_visible_content? request = Gitaly::HasLocalBranchesRequest.new(repository: @gitaly_repository) - stub = Gitaly::RepositoryService::Stub.new(address, credentials) + stub = Gitaly::RepositoryService::Stub.new(address, credentials, interceptors: @interceptors) stub.has_local_branches(request, request_kwargs).value end @@ -89,7 +94,7 @@ module Gitlab def request_kwargs @request_kwargs ||= begin metadata = { - 'authorization' => "Bearer #{auhtorization_token}", + 'authorization' => "Bearer #{authorization_token}", 'client_name' => CLIENT_NAME } @@ -97,7 +102,7 @@ module Gitlab end end - def auhtorization_token + def authorization_token issued_at = Time.now.to_i.to_s hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, token, issued_at) diff --git a/ruby/spec/lib/gitlab/git/remote_repository_client_spec.rb b/ruby/spec/lib/gitlab/git/remote_repository_client_spec.rb index e61acaa33..d257de7df 100644 --- a/ruby/spec/lib/gitlab/git/remote_repository_client_spec.rb +++ b/ruby/spec/lib/gitlab/git/remote_repository_client_spec.rb @@ -17,6 +17,7 @@ describe Gitlab::Git::GitalyRemoteRepository do context 'when SSL_CERT_FILE is set' do it 'Should return the correct certificate' do cert = File.join(File.dirname(__FILE__), "testdata/certs/gitalycert.pem") + allow(ENV).to receive(:[]).with('GITLAB_TRACING').and_call_original allow(ENV).to receive(:[]).with('SSL_CERT_DIR').and_return(nil) allow(ENV).to receive(:[]).with('SSL_CERT_FILE').and_return(cert) certs = client.certs @@ -27,6 +28,7 @@ describe Gitlab::Git::GitalyRemoteRepository do context 'when SSL_CERT_DIR is set' do it 'Should return concatenation of gitalycert and gitalycert2 and gitalycert3 ommiting gitalycertdup.pem' do cert_pool_dir = File.join(File.dirname(__FILE__), "testdata/certs") + allow(ENV).to receive(:[]).with('GITLAB_TRACING').and_call_original allow(ENV).to receive(:[]).with('SSL_CERT_DIR').and_return(cert_pool_dir) allow(ENV).to receive(:[]).with('SSL_CERT_FILE').and_return(nil) certs = client.certs @@ -49,6 +51,7 @@ describe Gitlab::Git::GitalyRemoteRepository do it 'Should return all certs in SSL_CERT_DIR + SSL_CERT_FILE' do cert_pool_dir = File.join(File.dirname(__FILE__), "testdata/certs") cert1_file = File.join(File.dirname(__FILE__), "testdata/gitalycert.pem") + allow(ENV).to receive(:[]).with('GITLAB_TRACING').and_call_original allow(ENV).to receive(:[]).with('SSL_CERT_DIR').and_return(cert_pool_dir) allow(ENV).to receive(:[]).with('SSL_CERT_FILE').and_return(cert1_file) expected_certs_paths = [cert1_file, File.join(cert_pool_dir, "gitalycert2.pem"), File.join(cert_pool_dir, "gitalycert3.pem")] @@ -86,6 +89,7 @@ describe Gitlab::Git::GitalyRemoteRepository do it 'Should connect over tls' do cert = File.join(File.dirname(__FILE__), "testdata/certs/gitalycert.pem") + allow(ENV).to receive(:[]).with('GITLAB_TRACING').and_call_original allow(ENV).to receive(:[]).with('SSL_CERT_DIR').and_return(nil) allow(ENV).to receive(:[]).with('SSL_CERT_FILE').and_return(cert) |