diff options
| author | Patrick Steinhardt <psteinhardt@gitlab.com> | 2021-06-11 16:20:06 +0300 |
|---|---|---|
| committer | Patrick Steinhardt <psteinhardt@gitlab.com> | 2021-06-14 12:36:24 +0300 |
| commit | deea559a231d32e1892f720882023f93a0885d20 (patch) | |
| tree | 1941f8be13ec8bff597fddaaa68485588f5e7ee8 /internal/transaction | |
| parent | 92ab0786cc926e7f76db513ed3ccead9c8bc1c02 (diff) | |
txinfo: Remove Praefect server info
Givven that all transactional voting nowadays happens via the
backchannel ID, there is no need anymore for the old Praefect server
structure. Let's delete it.
Diffstat (limited to 'internal/transaction')
| -rw-r--r-- | internal/transaction/txinfo/server.go | 247 | ||||
| -rw-r--r-- | internal/transaction/txinfo/server_test.go | 204 | ||||
| -rw-r--r-- | internal/transaction/txinfo/transaction.go | 19 |
3 files changed, 0 insertions, 470 deletions
diff --git a/internal/transaction/txinfo/server.go b/internal/transaction/txinfo/server.go deleted file mode 100644 index 8e824728d..000000000 --- a/internal/transaction/txinfo/server.go +++ /dev/null @@ -1,247 +0,0 @@ -package txinfo - -import ( - "context" - "encoding/base64" - "encoding/json" - "errors" - "fmt" - "net" - "net/url" - - "gitlab.com/gitlab-org/gitaly/v14/internal/backchannel" - "gitlab.com/gitlab-org/gitaly/v14/internal/bootstrap/starter" - "gitlab.com/gitlab-org/gitaly/v14/internal/praefect/config" - "google.golang.org/grpc/credentials" - "google.golang.org/grpc/metadata" - "google.golang.org/grpc/peer" -) - -const ( - // PraefectMetadataKey is the key used to store Praefect server - // information in the gRPC metadata. - PraefectMetadataKey = "gitaly-praefect-server" -) - -var ( - // ErrPraefectServerNotFound indicates the Praefect server metadata - // could not be found - ErrPraefectServerNotFound = errors.New("metadata for Praefect server not found") -) - -// PraefectServer stores parameters required to connect to a Praefect server -type PraefectServer struct { - // BackchannelID identifies the backchannel that corresponds to the Praefect server - // that sent the request and should receive the vote. This field is actually filled - // in by the Gitaly. - BackchannelID backchannel.ID `json:"backchannel_id,omitempty"` - // ListenAddr is the TCP listen address of the Praefect server - ListenAddr string `json:"listen_addr"` - // TLSListenAddr is the TCP listen address of the Praefect server with TLS support - TLSListenAddr string `json:"tls_listen_addr"` - // SocketPath is the Unix socket path of the Praefect server - SocketPath string `json:"socket_path"` - // Token is the token required to authenticate with the Praefect server - Token string `json:"token"` -} - -// PraefectFromConfig creates a Praefect server for a given configuration. -func PraefectFromConfig(conf config.Config) (*PraefectServer, error) { - praefectServer := PraefectServer{Token: conf.Auth.Token} - - addrBySchema := map[string]*string{ - starter.TCP: &praefectServer.ListenAddr, - starter.TLS: &praefectServer.TLSListenAddr, - starter.Unix: &praefectServer.SocketPath, - } - - for _, endpoint := range []struct { - schema string - addr string - }{ - {schema: starter.TCP, addr: conf.ListenAddr}, - {schema: starter.TLS, addr: conf.TLSListenAddr}, - {schema: starter.Unix, addr: conf.SocketPath}, - } { - if endpoint.addr == "" { - continue - } - - parsed, err := starter.ParseEndpoint(endpoint.addr) - if err != nil { - if !errors.Is(err, starter.ErrEmptySchema) { - return nil, err - } - parsed = starter.Config{Name: endpoint.schema, Addr: endpoint.addr} - } - - addr, err := parsed.Endpoint() - if err != nil { - return nil, fmt.Errorf("processing of %s: %w", endpoint.schema, err) - } - - *addrBySchema[endpoint.schema] = addr - } - - return &praefectServer, nil -} - -// Inject injects Praefect connection metadata into an incoming context -func (p *PraefectServer) Inject(ctx context.Context) (context.Context, error) { - serialized, err := p.serialize() - if err != nil { - return nil, err - } - - md, ok := metadata.FromIncomingContext(ctx) - if !ok { - md = metadata.New(map[string]string{}) - } else { - md = md.Copy() - } - md.Set(PraefectMetadataKey, serialized) - - return metadata.NewIncomingContext(ctx, md), nil -} - -// Resolve Praefect address based on its peer information. Depending on how -// Praefect reached out to us, we'll adjust the PraefectServer to contain -// either its Unix or TCP address. -func (p *PraefectServer) resolvePraefectAddress(peer *peer.Peer) error { - switch addr := peer.Addr.(type) { - case *net.UnixAddr: - if p.SocketPath == "" { - return errors.New("resolvePraefectAddress: got Unix peer but no socket path") - } - - p.ListenAddr = "" - p.TLSListenAddr = "" - - return nil - case *net.TCPAddr: - var authType string - if peer.AuthInfo != nil { - authType = peer.AuthInfo.AuthType() - } - - switch authType { - case "", backchannel.Insecure().Info().SecurityProtocol: - // no transport security being used - addr, err := substituteListeningWithIP(p.ListenAddr, addr.IP.String()) - if err != nil { - return fmt.Errorf("resolvePraefectAddress: for ListenAddr: %w", err) - } - - p.ListenAddr = addr - p.TLSListenAddr = "" - p.SocketPath = "" - - return nil - default: - authType := peer.AuthInfo.AuthType() - if authType != (credentials.TLSInfo{}).AuthType() { - return fmt.Errorf("resolvePraefectAddress: got TCP peer but with unknown transport security type %q", authType) - } - - addr, err := substituteListeningWithIP(p.TLSListenAddr, addr.IP.String()) - if err != nil { - return fmt.Errorf("resolvePraefectAddress: for TLSListenAddr: %w", err) - } - - p.TLSListenAddr = addr - p.ListenAddr = "" - p.SocketPath = "" - - return nil - } - default: - return fmt.Errorf("resolvePraefectAddress: unknown peer address scheme: %s", peer.Addr.Network()) - } -} - -func substituteListeningWithIP(listenAddr, ip string) (string, error) { - if listenAddr == "" { - return "", errors.New("listening address is empty") - } - - // We need to replace Praefect's IP address with the peer's - // address as the value we have is from Praefect's configuration, - // which may be a wildcard IP address ("0.0.0.0"). - listenURL, err := url.Parse(listenAddr) - if err != nil { - return "", fmt.Errorf("parse listening address %q: %w", listenAddr, err) - } - - listenURL.Host = net.JoinHostPort(ip, listenURL.Port()) - return listenURL.String(), nil -} - -// PraefectFromContext extracts `PraefectServer` from an incoming context. In -// case the metadata key is not set, the function will return `ErrPraefectServerNotFound`. -func PraefectFromContext(ctx context.Context) (*PraefectServer, error) { - md, ok := metadata.FromIncomingContext(ctx) - if !ok { - return nil, ErrPraefectServerNotFound - } - - serialized := md[PraefectMetadataKey] - if len(serialized) == 0 { - return nil, ErrPraefectServerNotFound - } - - praefect, err := praefectFromSerialized(serialized[0]) - if err != nil { - return nil, err - } - - peer, ok := peer.FromContext(ctx) - if !ok { - return nil, fmt.Errorf("PraefectFromContext: could not get peer") - } - - if err := praefect.resolvePraefectAddress(peer); err != nil { - return nil, err - } - - praefect.BackchannelID, err = backchannel.GetPeerID(ctx) - if err != nil && !errors.Is(err, backchannel.ErrNonMultiplexedConnection) { - return nil, fmt.Errorf("get peer id: %w", err) - } - - return praefect, nil -} - -func (p *PraefectServer) serialize() (string, error) { - marshalled, err := json.Marshal(p) - if err != nil { - return "", err - } - - return base64.StdEncoding.EncodeToString(marshalled), nil -} - -// praefectFromSerialized creates a Praefect server from a `serialize()`d string. -func praefectFromSerialized(serialized string) (*PraefectServer, error) { - decoded, err := base64.StdEncoding.DecodeString(serialized) - if err != nil { - return nil, err - } - - var server PraefectServer - if err := json.Unmarshal(decoded, &server); err != nil { - return nil, err - } - - return &server, nil -} - -// Address returns the address of the Praefect server which can be used to connect to it. -func (p *PraefectServer) Address() (string, error) { - for _, addr := range []string{p.SocketPath, p.TLSListenAddr, p.ListenAddr} { - if addr != "" { - return addr, nil - } - } - - return "", errors.New("no address configured") -} diff --git a/internal/transaction/txinfo/server_test.go b/internal/transaction/txinfo/server_test.go deleted file mode 100644 index 5b4356035..000000000 --- a/internal/transaction/txinfo/server_test.go +++ /dev/null @@ -1,204 +0,0 @@ -package txinfo - -import ( - "net" - "testing" - - "github.com/stretchr/testify/require" - "gitlab.com/gitlab-org/gitaly/v14/internal/backchannel" - "gitlab.com/gitlab-org/gitaly/v14/internal/praefect/config" - "gitlab.com/gitlab-org/gitaly/v14/internal/testhelper" - "google.golang.org/grpc/credentials" - "google.golang.org/grpc/peer" -) - -func muxedPeer(t testing.TB, p *peer.Peer) *peer.Peer { - t.Helper() - - authInfo := p.AuthInfo - if authInfo == nil { - var err error - _, authInfo, err = backchannel.Insecure().ServerHandshake(nil) - require.NoError(t, err) - } - - p.AuthInfo = backchannel.WithID(authInfo, 1) - return p -} - -func tcpPeer(t *testing.T, ip string, port int) *peer.Peer { - parsedAddress := net.ParseIP(ip) - require.NotNil(t, parsedAddress) - - return &peer.Peer{ - Addr: &net.TCPAddr{ - IP: parsedAddress, - Port: port, - }, - } -} - -func tlsPeer(t *testing.T, ip string, port int) *peer.Peer { - parsedAddress := net.ParseIP(ip) - require.NotNil(t, parsedAddress) - - return &peer.Peer{ - Addr: &net.TCPAddr{ - IP: parsedAddress, - Port: port, - }, - AuthInfo: credentials.TLSInfo{}, - } -} - -func unixPeer(t *testing.T, socket string) *peer.Peer { - return &peer.Peer{ - Addr: &net.UnixAddr{ - Name: socket, - }, - } -} - -func TestPraefect_InjectMetadata(t *testing.T) { - testcases := []struct { - desc string - listenAddress string - tlsListenAddress string - socketPath string - peer *peer.Peer - expectedAddress string - }{ - { - desc: "wildcard listen address", - listenAddress: "0.0.0.0:1234", - peer: tcpPeer(t, "1.2.3.4", 4321), - expectedAddress: "tcp://1.2.3.4:1234", - }, - { - desc: "explicit listen address", - listenAddress: "127.0.0.1:1234", - peer: tcpPeer(t, "1.2.3.4", 4321), - expectedAddress: "tcp://1.2.3.4:1234", - }, - { - desc: "explicit listen address with explicit prefix", - listenAddress: "tcp://127.0.0.1:1234", - peer: tcpPeer(t, "1.2.3.4", 4321), - expectedAddress: "tcp://1.2.3.4:1234", - }, - { - desc: "explicit TLS listen address", - tlsListenAddress: "127.0.0.1:1234", - peer: tlsPeer(t, "1.2.3.4", 4321), - expectedAddress: "tls://1.2.3.4:1234", - }, - { - desc: "explicit TLS listen address with explicit prefix", - tlsListenAddress: "tls://127.0.0.1:1234", - peer: tlsPeer(t, "1.2.3.4", 4321), - expectedAddress: "tls://1.2.3.4:1234", - }, - { - desc: "named host listen address", - listenAddress: "example.com:1234", - peer: tcpPeer(t, "1.2.3.4", 4321), - expectedAddress: "tcp://1.2.3.4:1234", - }, - { - desc: "named host listen address with IPv6 peer", - listenAddress: "example.com:1234", - peer: tcpPeer(t, "2001:1db8:ac10:fe01::", 4321), - expectedAddress: "tcp://[2001:1db8:ac10:fe01::]:1234", - }, - { - desc: "Unix socket path", - socketPath: "/tmp/socket", - peer: unixPeer(t, "@"), - expectedAddress: "unix:///tmp/socket", - }, - { - desc: "Unix socket path with explicit prefix", - socketPath: "unix:///tmp/socket", - peer: unixPeer(t, "@"), - expectedAddress: "unix:///tmp/socket", - }, - { - desc: "both addresses configured with TCP peer", - listenAddress: "0.0.0.0:1234", - socketPath: "/tmp/socket", - peer: tcpPeer(t, "1.2.3.4", 4321), - expectedAddress: "tcp://1.2.3.4:1234", - }, - { - desc: "both addresses configured with Unix peer", - listenAddress: "0.0.0.0:1234", - socketPath: "/tmp/socket", - peer: unixPeer(t, "@"), - expectedAddress: "unix:///tmp/socket", - }, - { - desc: "listen address with Unix peer", - listenAddress: "0.0.0.0:1234", - peer: unixPeer(t, "@"), - expectedAddress: "", - }, - { - desc: "socket path with TCP peer", - socketPath: "/tmp/socket", - peer: tcpPeer(t, "1.2.3.4", 4321), - expectedAddress: "", - }, - { - desc: "socket path with TLS peer", - socketPath: "/tmp/socket", - peer: tlsPeer(t, "1.2.3.4", 4321), - expectedAddress: "", - }, - } - - for _, tc := range testcases { - t.Run(tc.desc, func(t *testing.T) { - ctx, cancel := testhelper.Context() - defer cancel() - - cfg := config.Config{ - ListenAddr: tc.listenAddress, - TLSListenAddr: tc.tlsListenAddress, - SocketPath: tc.socketPath, - } - - for _, muxed := range []bool{false, true} { - desc := "unmuxed" - if muxed { - desc = "muxed" - } - - t.Run(desc, func(t *testing.T) { - p := tc.peer - if muxed { - p = muxedPeer(t, tc.peer) - } - - ctx = peer.NewContext(ctx, p) - - praefectServer, err := PraefectFromConfig(cfg) - require.NoError(t, err) - - ctx, err = praefectServer.Inject(ctx) - require.NoError(t, err) - - server, err := PraefectFromContext(ctx) - if tc.expectedAddress == "" { - require.Error(t, err) - } else { - require.NoError(t, err) - - address, err := server.Address() - require.NoError(t, err) - require.Equal(t, tc.expectedAddress, address) - } - }) - } - }) - } -} diff --git a/internal/transaction/txinfo/transaction.go b/internal/transaction/txinfo/transaction.go index 0661dfbd8..bfd0010c0 100644 --- a/internal/transaction/txinfo/transaction.go +++ b/internal/transaction/txinfo/transaction.go @@ -114,22 +114,3 @@ func TransactionFromContext(ctx context.Context) (Transaction, error) { return transaction, nil } - -// FromContext extracts transaction-related metadata from the given context. No error is returned in -// case no transaction was found. -func FromContext(ctx context.Context) (*Transaction, *PraefectServer, error) { - transaction, err := TransactionFromContext(ctx) - if err != nil { - if err != ErrTransactionNotFound { - return nil, nil, err - } - return nil, nil, nil - } - - praefect, err := PraefectFromContext(ctx) - if err != nil { - return nil, nil, err - } - - return &transaction, praefect, nil -} |