diff options
| author | Will Chandler <wchandler@gitlab.com> | 2024-01-11 20:39:01 +0300 |
|---|---|---|
| committer | Will Chandler <wchandler@gitlab.com> | 2024-01-22 17:21:21 +0300 |
| commit | 7630f4b49669114fa8190e23f39978da902c6192 (patch) | |
| tree | 6435b98f158979c2918b5a35965fe2cf9e656d50 /proto/cleanup.proto | |
| parent | 203cf24398c04a9d955bcf979a89eaf230603974 (diff) | |
cleanup: Add RewriteHistory RPC
Historically we have advised users who need to rewrite history to do so
locally and force push their change to Gitlab. However, upcoming changes
may prevent a user from pushing in scenarios where they need to remove a
large blob from their repository's history.
To handle this scenario, we introduce a new `RewriteHistory` RPC which
will invoke git-filer-repo(1) on the target repository. filter-repo
has a large number of options, but we will support only two:
--strip-blogs-with-ids
Given a file containing a list of newline-delimited object ids,
rewrite history to remove them from all commits.
--replace-text
Given a file of literals and patterns, replace all matching
instances in history with '***REMOVED***'.
filter-repo works by fetching the repository contents via
git-fast-export(1), making the requested changes, and writing the
changes back via git-fast-import(1). As filter-repo uses the '--force'
flag[0] the repository must be made read-only before calling this RPC.
filter-repo is currently incompatible with SHA256 repositories.
[0] https://git-scm.com/docs/git-fast-import#_parallel_operation
Changelog: added
Diffstat (limited to 'proto/cleanup.proto')
| -rw-r--r-- | proto/cleanup.proto | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/proto/cleanup.proto b/proto/cleanup.proto index 511bbff46..77cf6c6a3 100644 --- a/proto/cleanup.proto +++ b/proto/cleanup.proto @@ -17,6 +17,26 @@ service CleanupService { }; } + // RewriteHistory redacts targeted strings and deletes requested blobs in a + // repository and updates all references to point to the rewritten commit + // history. This is useful for removing inadvertently pushed secrets from your + // repository and purging large blobs. This is a dangerous operation. + // + // The following known error conditions may happen: + // + // - `InvalidArgument` in the following situations: + // - The provided repository can't be validated. + // - The repository field is set on any request other than the initial one. + // - Any request, including the initial one, does not contain either blobs to + // remove or redaction patterns to redact. + // - A blob object ID is invalid. + // - A redaction pattern contains a newline character. + rpc RewriteHistory(stream RewriteHistoryRequest) returns (RewriteHistoryResponse) { + option (op_type) = { + op : MUTATOR + }; + } + } // ApplyBfgObjectMapStreamRequest ... @@ -47,3 +67,22 @@ message ApplyBfgObjectMapStreamResponse { // entries ... repeated Entry entries = 1; } + +// RewriteHistoryRequest is a request for the RewriteHistory RPC. +// Each request must contain blobs, redactions, or both. +message RewriteHistoryRequest { + // repository is the repository that shall be rewritten. + // Must be sent on the first request only. + Repository repository = 1 [(target_repository)=true]; + // blobs is the list of blob object ids that will be removed from history. + repeated string blobs = 2; + // redactions is the list of literals or patterns that will be replaced + // with "***REMOVED***". Items cannot contain newline characters. + // See https://htmlpreview.github.io/?https://github.com/newren/git-filter-repo/blob/docs/html/git-filter-repo.html + // for a full explanation of what patterns are supported. + repeated bytes redactions = 3; +} + +// RewriteHistoryResponse a response for the RewriteHistory RPC. +message RewriteHistoryResponse { +} |