diff options
| author | Patrick Steinhardt <psteinhardt@gitlab.com> | 2022-05-16 08:36:09 +0300 |
|---|---|---|
| committer | Patrick Steinhardt <psteinhardt@gitlab.com> | 2022-05-17 10:38:31 +0300 |
| commit | 4350c670b8a4ec9113d60b928d25508c38e04afa (patch) | |
| tree | 66ae5cdc28a6d3ed92750abbb69c2c66073e837a | |
| parent | fefb4a28bc47c19dcbf29d70a0654ea8811a76e2 (diff) | |
ruby: Remove unused RemoteRepository class
Now that we don't fetch from remote repositories anymore there are no
callers left that use the `RemoteRepository` class. Remove it.
| -rw-r--r-- | ruby/lib/gitlab/git.rb | 2 | ||||
| -rw-r--r-- | ruby/lib/gitlab/git/gitaly_remote_repository.rb | 113 | ||||
| -rw-r--r-- | ruby/lib/gitlab/git/remote_repository.rb | 71 | ||||
| -rw-r--r-- | ruby/spec/lib/gitlab/git/remote_repository_client_spec.rb | 136 | ||||
| -rw-r--r-- | ruby/spec/lib/gitlab/git/remote_repository_spec.rb | 103 | ||||
| -rw-r--r-- | ruby/spec/support/helpers/integration_helper.rb | 12 |
6 files changed, 1 insertions, 436 deletions
diff --git a/ruby/lib/gitlab/git.rb b/ruby/lib/gitlab/git.rb index ec2c97e3e..3e8c75da3 100644 --- a/ruby/lib/gitlab/git.rb +++ b/ruby/lib/gitlab/git.rb @@ -2,6 +2,7 @@ require 'rugged' require 'linguist/blob_helper' require 'securerandom' +require 'gitlab-labkit' # Ruby on Rails mix-ins that GitLab::Git code relies on require 'active_support/core_ext/object/blank' @@ -21,7 +22,6 @@ dir = __dir__ # Some later requires are order-sensitive. Manually require whatever we need. require_relative "#{dir}/encoding_helper.rb" require_relative "#{dir}/utils/strong_memoize.rb" -require_relative "#{dir}/git/remote_repository.rb" require_relative "#{dir}/git/popen.rb" # Require all .rb files we can find in the gitlab lib directory diff --git a/ruby/lib/gitlab/git/gitaly_remote_repository.rb b/ruby/lib/gitlab/git/gitaly_remote_repository.rb deleted file mode 100644 index 9ed5b750c..000000000 --- a/ruby/lib/gitlab/git/gitaly_remote_repository.rb +++ /dev/null @@ -1,113 +0,0 @@ -require 'gitlab-labkit' - -module Gitlab - module Git - class GitalyRemoteRepository < RemoteRepository - CLIENT_NAME = 'gitaly-ruby'.freeze - PEM_REXP = /[-]+BEGIN CERTIFICATE[-]+.+?[-]+END CERTIFICATE[-]+/m.freeze - - attr_reader :gitaly_client - - def initialize(gitaly_repository, call) - @gitaly_repository = gitaly_repository - @storage = gitaly_repository.storage_name - @gitaly_client = GitalyServer.client(call) - - @interceptors = [] - @interceptors << Labkit::Tracing::GRPC::ClientInterceptor.instance if Labkit::Tracing.enabled? - end - - def path - raise 'gitaly-ruby cannot access remote repositories by path' - end - - def empty? - !exists? || !has_visible_content? - end - - def branch_exists?(branch_name) - request = Gitaly::RefExistsRequest.new(repository: @gitaly_repository, ref: "refs/heads/#{branch_name}".b) - stub = Gitaly::RefService::Stub.new(address, credentials) - stub.ref_exists(request, request_kwargs).value - end - - def commit_id(revision) - request = Gitaly::FindCommitRequest.new(repository: @gitaly_repository, revision: revision.b) - stub = Gitaly::CommitService::Stub.new(address, credentials) - stub.find_commit(request, request_kwargs)&.commit&.id.presence - end - - def certs - raise 'SSL_CERT_DIR and/or SSL_CERT_FILE environment variable must be set' unless ENV['SSL_CERT_DIR'] || ENV['SSL_CERT_FILE'] - - return @certs if @certs - - files = [] - files += Dir["#{ENV['SSL_CERT_DIR']}/*"] if ENV['SSL_CERT_DIR'] - files += [ENV['SSL_CERT_FILE']] if ENV['SSL_CERT_FILE'] - files.sort! - - @certs = files.flat_map do |cert_file| - File.read(cert_file).scan(PEM_REXP).map do |cert| - begin - OpenSSL::X509::Certificate.new(cert).to_pem - rescue OpenSSL::OpenSSLError => e - Rails.logger.error "Could not load certificate #{cert_file} #{e}" - nil - end - end.compact - end.uniq.join("\n") - end - - def credentials - if URI(gitaly_client.address(storage)).scheme == 'tls' - GRPC::Core::ChannelCredentials.new certs - else - :this_channel_is_insecure - end - end - - private - - def exists? - request = Gitaly::RepositoryExistsRequest.new(repository: @gitaly_repository) - stub = Gitaly::RepositoryService::Stub.new(address, credentials, interceptors: @interceptors) - stub.repository_exists(request, request_kwargs).exists - end - - def has_visible_content? - request = Gitaly::HasLocalBranchesRequest.new(repository: @gitaly_repository) - stub = Gitaly::RepositoryService::Stub.new(address, credentials, interceptors: @interceptors) - stub.has_local_branches(request, request_kwargs).value - end - - def address - addr = gitaly_client.address(storage) - addr = addr.sub(%r{^tcp://|^tls://}, '') if %w[tcp tls].include? URI(addr).scheme - addr - end - - def shared_secret - gitaly_client.shared_secret(storage).to_s - end - - def request_kwargs - @request_kwargs ||= begin - metadata = { - 'authorization' => "Bearer #{authorization_token}", - 'client_name' => CLIENT_NAME - } - - { metadata: metadata } - end - end - - def authorization_token - issued_at = Time.now.to_i.to_s - hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, shared_secret, issued_at) - - "v2.#{hmac}.#{issued_at}" - end - end - end -end diff --git a/ruby/lib/gitlab/git/remote_repository.rb b/ruby/lib/gitlab/git/remote_repository.rb deleted file mode 100644 index 50f07ad94..000000000 --- a/ruby/lib/gitlab/git/remote_repository.rb +++ /dev/null @@ -1,71 +0,0 @@ -module Gitlab - module Git - # - # When a Gitaly call involves two repositories instead of one we cannot - # assume that both repositories are on the same Gitaly server. In this - # case we need to make a distinction between the repository that the - # call is being made on (a Repository instance), and the "other" - # repository (a RemoteRepository instance). This is the reason why we - # have the RemoteRepository class in Gitlab::Git. - class RemoteRepository - attr_reader :relative_path, :gitaly_repository - - def initialize(repository) - @relative_path = repository.relative_path - @gitaly_repository = repository.gitaly_repository - - @repository = repository - end - - def empty? - !@repository.exists? || @repository.empty? - end - - def commit_id(revision) - @repository.commit(revision)&.sha - end - - def branch_exists?(name) - @repository.branch_exists?(name) - end - - # Compares self to a Gitlab::Git::Repository - def same_repository?(other_repository) - gitaly_repository.storage_name == other_repository.storage && - gitaly_repository.relative_path == other_repository.relative_path - end - - def fetch_env(git_config_options: []) - gitaly_ssh = File.absolute_path(File.join(Gitlab.config.gitaly.bin_dir, 'gitaly-ssh')) - gitaly_address = gitaly_client.address(storage) - shared_secret = gitaly_client.shared_secret(storage) - - request = Gitaly::SSHUploadPackRequest.new(repository: gitaly_repository, git_config_options: git_config_options) - env = { - 'GITALY_ADDRESS' => gitaly_address, - 'GITALY_PAYLOAD' => request.to_json, - 'GITALY_WD' => Dir.pwd, - 'GIT_SSH_COMMAND' => "#{gitaly_ssh} upload-pack" - } - env['GITALY_TOKEN'] = shared_secret if shared_secret.present? - - env - end - - def path - @repository.path - end - - private - - # Must return an object that responds to 'address' and 'storage'. - def gitaly_client - raise NotImplementedError.new("Can't perform remote operations on superclass") - end - - def storage - gitaly_repository.storage_name - end - end - end -end diff --git a/ruby/spec/lib/gitlab/git/remote_repository_client_spec.rb b/ruby/spec/lib/gitlab/git/remote_repository_client_spec.rb deleted file mode 100644 index 15943495e..000000000 --- a/ruby/spec/lib/gitlab/git/remote_repository_client_spec.rb +++ /dev/null @@ -1,136 +0,0 @@ -require 'spec_helper' - -describe Gitlab::Git::GitalyRemoteRepository do - include TestRepo - include IntegrationClient - - describe '#new' do - let(:gitaly_repository) { double(storage_name: 'storage') } - let(:call) do - servers = Base64.strict_encode64({ - default: { - address: 'address', - token: 'the-secret-token' - } - }.to_json) - - double(metadata: { 'gitaly-servers' => servers }) - end - - context 'Labkit::Tracing enabled' do - before do - expect(Labkit::Tracing).to receive(:enabled?).and_return(true) - end - - it 'initializes with an interceptor' do - client = described_class.new(gitaly_repository, call) - expect(client.instance_variable_get(:@interceptors).size).to eq 1 - end - end - - context 'Labkit::Tracing disabled' do - before do - expect(Labkit::Tracing).to receive(:enabled?).and_return(false) - end - - it 'initializes with no interceptors' do - client = described_class.new(gitaly_repository, call) - expect(client.instance_variable_get(:@interceptors).size).to eq 0 - end - end - end - - let(:repository) { gitlab_git_from_gitaly(new_mutable_test_repo) } - describe 'certs' do - let(:client) { get_client("tls://localhost:#{GitalyConfig.dynamic_port('tls')}") } - - context 'when neither SSL_CERT_FILE and SSL_CERT_DIR is set' do - it 'Raises an error' do - expect { client.certs }.to raise_error 'SSL_CERT_DIR and/or SSL_CERT_FILE environment variable must be set' - end - end - - context 'when SSL_CERT_FILE is set' do - it 'Should return the correct certificate' do - cert = File.join(File.dirname(__FILE__), "testdata/certs/gitalycert.pem") - allow(ENV).to receive(:[]).with('GITLAB_TRACING').and_call_original - allow(ENV).to receive(:[]).with('SSL_CERT_DIR').and_return(nil) - allow(ENV).to receive(:[]).with('SSL_CERT_FILE').and_return(cert) - certs = client.certs - expect(certs).to eq File.read(cert) - end - end - - context 'when SSL_CERT_DIR is set' do - it 'Should return concatenation of gitalycert and gitalycert2 and gitalycert3 omitting gitalycertdup.pem' do - cert_pool_dir = File.join(File.dirname(__FILE__), "testdata/certs") - allow(ENV).to receive(:[]).with('GITLAB_TRACING').and_call_original - allow(ENV).to receive(:[]).with('SSL_CERT_DIR').and_return(cert_pool_dir) - allow(ENV).to receive(:[]).with('SSL_CERT_FILE').and_return(nil) - certs = client.certs - - # gitalycertdup.pem must exist and must be a duplicate of gitalycert.pem - expect(File.exist?(File.join(cert_pool_dir, "gitalycertdup.pem"))).to be true - expect(File.read(File.join(cert_pool_dir, "gitalycertdup.pem"))) - .to eq File.read(File.join(cert_pool_dir, "gitalycert.pem")) - - # No gitalycertdup.pem because duplicates should be removed - expected_certs = [File.read(File.join(cert_pool_dir, "gitalycert.pem")), - File.read(File.join(cert_pool_dir, "gitalycert2.pem")), - File.read(File.join(cert_pool_dir, "gitalycert3.pem"))].join "\n" - - expect(certs).to eq expected_certs - end - end - - context 'when both SSL_CERT_DIR and SSL_CERT_FILE are set' do - it 'Should return all certs in SSL_CERT_DIR + SSL_CERT_FILE' do - cert_pool_dir = File.join(File.dirname(__FILE__), "testdata/certs") - cert1_file = File.join(File.dirname(__FILE__), "testdata/gitalycert.pem") - allow(ENV).to receive(:[]).with('GITLAB_TRACING').and_call_original - allow(ENV).to receive(:[]).with('SSL_CERT_DIR').and_return(cert_pool_dir) - allow(ENV).to receive(:[]).with('SSL_CERT_FILE').and_return(cert1_file) - expected_certs_paths = [cert1_file, File.join(cert_pool_dir, "gitalycert2.pem"), File.join(cert_pool_dir, "gitalycert3.pem")] - - expected_certs = expected_certs_paths.map do |cert| - File.read cert - end.join("\n") - certs = client.certs - expect(certs).to eq expected_certs - end - end - end - - describe 'Connectivity' do - context 'tcp' do - let(:client) do - get_client("tcp://localhost:#{GitalyConfig.dynamic_port('tcp')}") - end - - it 'Should connect over tcp' do - expect(client).not_to be_empty - end - end - - context 'unix' do - let(:client) { get_client("unix:#{File.join(TMP_DIR, SOCKET_PATH)}") } - - it 'Should connect over unix' do - expect(client).not_to be_empty - end - end - - context 'tls' do - let(:client) { get_client("tls://localhost:#{GitalyConfig.dynamic_port('tls')}") } - - it 'Should connect over tls' do - cert = File.join(File.dirname(__FILE__), "testdata/certs/gitalycert.pem") - allow(ENV).to receive(:[]).with('GITLAB_TRACING').and_call_original - allow(ENV).to receive(:[]).with('SSL_CERT_DIR').and_return(nil) - allow(ENV).to receive(:[]).with('SSL_CERT_FILE').and_return(cert) - - expect(client).not_to be_empty - end - end - end -end diff --git a/ruby/spec/lib/gitlab/git/remote_repository_spec.rb b/ruby/spec/lib/gitlab/git/remote_repository_spec.rb deleted file mode 100644 index 325ec5205..000000000 --- a/ruby/spec/lib/gitlab/git/remote_repository_spec.rb +++ /dev/null @@ -1,103 +0,0 @@ -require 'spec_helper' - -describe Gitlab::Git::RemoteRepository do - include TestRepo - - let(:repository) { gitlab_git_from_gitaly(git_test_repo_read_only) } - let(:non_existing_gitaly_repo) do - Gitaly::Repository.new(storage_name: DEFAULT_STORAGE_NAME, relative_path: 'does-not-exist.git') - end - - subject { described_class.new(repository) } - - describe '#empty?' do - using RSpec::Parameterized::TableSyntax - - where(:repository, :result) do - repository | false - gitlab_git_from_gitaly(non_existing_gitaly_repo) | true - end - - with_them do - it { expect(subject.empty?).to eq(result) } - end - end - - describe '#commit_id' do - it 'returns an OID if the revision exists' do - expect(subject.commit_id('v1.0.0')).to eq('6f6d7e7ed97bb5f0054f2b1df789b39ca89b6ff9') - end - - it 'is nil when the revision does not exist' do - expect(subject.commit_id('does-not-exist')).to be_nil - end - end - - describe '#branch_exists?' do - using RSpec::Parameterized::TableSyntax - - where(:branch, :result) do - 'master' | true - 'does-not-exist' | false - end - - with_them do - it { expect(subject.branch_exists?(branch)).to eq(result) } - end - end - - describe '#same_repository?' do - using RSpec::Parameterized::TableSyntax - - where(:other_repository, :result) do - repository | true - repository_from_relative_path(repository.relative_path) | true - repository_from_relative_path('wrong/relative-path.git') | false - end - - with_them do - it { expect(subject.same_repository?(other_repository)).to eq(result) } - end - end - - describe '#fetch_env' do - let(:remote_repository) { described_class.new(repository) } - - let(:gitaly_client) { double(:gitaly_client) } - let(:address) { 'fake-address' } - let(:shared_secret) { 'fake-secret' } - - subject { remote_repository.fetch_env } - - before do - allow(remote_repository).to receive(:gitaly_client).and_return(gitaly_client) - - expect(gitaly_client).to receive(:address).with(repository.storage).and_return(address) - expect(gitaly_client).to receive(:shared_secret).with(repository.storage).and_return(shared_secret) - end - - it { expect(subject).to be_a(Hash) } - it { expect(subject['GITALY_ADDRESS']).to eq(address) } - it { expect(subject['GITALY_TOKEN']).to eq(shared_secret) } - it { expect(subject['GITALY_WD']).to eq(Dir.pwd) } - - it 'creates a plausible GIT_SSH_COMMAND' do - git_ssh_command = subject['GIT_SSH_COMMAND'] - - expect(git_ssh_command).to start_with('/') - expect(git_ssh_command).to end_with('/gitaly-ssh upload-pack') - end - - it 'creates a plausible GITALY_PAYLOAD' do - req = Gitaly::SSHUploadPackRequest.decode_json(subject['GITALY_PAYLOAD']) - - expect(remote_repository.gitaly_repository).to eq(req.repository) - end - - context 'when the token is blank' do - let(:shared_secret) { '' } - - it { expect(subject.keys).not_to include('GITALY_TOKEN') } - end - end -end diff --git a/ruby/spec/support/helpers/integration_helper.rb b/ruby/spec/support/helpers/integration_helper.rb index 5d3a1ef7c..c4462e750 100644 --- a/ruby/spec/support/helpers/integration_helper.rb +++ b/ruby/spec/support/helpers/integration_helper.rb @@ -48,18 +48,6 @@ module IntegrationClient def gitaly_repo(storage, relative_path) Gitaly::Repository.new(storage_name: storage, relative_path: relative_path) end - - def get_client(addr) - servers = Base64.strict_encode64({ - default: { - address: addr, - token: 'the-secret-token' - } - }.to_json) - - call = double(metadata: { 'gitaly-servers' => servers }) - Gitlab::Git::GitalyRemoteRepository.new(repository.gitaly_repository, call) - end end def start_gitaly |