1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
|
package main
import (
"context"
"fmt"
"log"
"os"
"strconv"
"strings"
"github.com/sirupsen/logrus"
gitalyauth "gitlab.com/gitlab-org/gitaly/v15/auth"
"gitlab.com/gitlab-org/gitaly/v15/client"
internalclient "gitlab.com/gitlab-org/gitaly/v15/internal/gitaly/client"
"gitlab.com/gitlab-org/gitaly/v15/internal/metadata/featureflag"
"gitlab.com/gitlab-org/labkit/tracing"
"google.golang.org/grpc"
)
type packFn func(context.Context, *grpc.ClientConn, *client.SidechannelRegistry, string) (int32, error)
type gitalySSHCommand struct {
// The git packer that shall be executed. One of receivePack,
// uploadPack or uploadArchive
packer packFn
// Working directory to execute the packer in
workingDir string
// Address of the server we want to post the request to
address string
// Marshalled gRPC payload to pass to the remote server
payload string
// Comma separated list of feature flags that shall be enabled on the
// remote server
featureFlags string
}
// GITALY_ADDRESS="tcp://1.2.3.4:9999" or "unix:/var/run/gitaly.sock"
// GITALY_TOKEN="foobar1234"
// GITALY_PAYLOAD="{repo...}"
// GITALY_WD="/path/to/working-directory"
// GITALY_FEATUREFLAGS="upload_pack_filter:false,hooks_rpc:true"
// GITALY_USE_SIDECHANNEL=1 if desired
// gitaly-ssh upload-pack <git-garbage-x2>
func main() {
// < 4 since git throws on 2x garbage here
if n := len(os.Args); n < 4 {
// TODO: Errors needs to be sent back some other way... pipes?
log.Fatalf("invalid number of arguments, expected at least 1, got %d", n-1)
}
command := os.Args[1]
var packer packFn
switch command {
case "upload-pack":
if useSidechannel() {
packer = uploadPackWithSidechannel
} else {
packer = uploadPack
}
case "receive-pack":
packer = receivePack
case "upload-archive":
packer = uploadArchive
default:
log.Fatalf("invalid pack command: %q", command)
}
cmd := gitalySSHCommand{
packer: packer,
workingDir: os.Getenv("GITALY_WD"),
address: os.Getenv("GITALY_ADDRESS"),
payload: os.Getenv("GITALY_PAYLOAD"),
featureFlags: os.Getenv("GITALY_FEATUREFLAGS"),
}
code, err := cmd.run()
if err != nil {
log.Printf("%s: %v", command, err)
}
os.Exit(code)
}
func (cmd gitalySSHCommand) run() (int, error) {
// Configure distributed tracing
closer := tracing.Initialize(tracing.WithServiceName("gitaly-ssh"))
defer closer.Close()
ctx, finished := tracing.ExtractFromEnv(context.Background())
defer finished()
if cmd.featureFlags != "" {
for _, flagPair := range strings.Split(cmd.featureFlags, ",") {
flagPairSplit := strings.SplitN(flagPair, ":", 2)
if len(flagPairSplit) != 2 {
continue
}
enabled, err := strconv.ParseBool(flagPairSplit[1])
if err != nil {
continue
}
ctx = featureflag.OutgoingCtxWithFeatureFlag(ctx, featureflag.FeatureFlag{Name: flagPairSplit[0]}, enabled)
}
}
if cmd.workingDir != "" {
if err := os.Chdir(cmd.workingDir); err != nil {
return 1, fmt.Errorf("unable to chdir to %v", cmd.workingDir)
}
}
registry := client.NewSidechannelRegistry(logrus.NewEntry(logrus.StandardLogger()))
conn, err := getConnection(ctx, cmd.address, registry)
if err != nil {
return 1, err
}
defer conn.Close()
code, err := cmd.packer(ctx, conn, registry, cmd.payload)
if err != nil {
return 1, err
}
return int(code), nil
}
func getConnection(ctx context.Context, url string, registry *client.SidechannelRegistry) (*grpc.ClientConn, error) {
if url == "" {
return nil, fmt.Errorf("gitaly address can not be empty")
}
if useSidechannel() {
return client.DialSidechannel(ctx, url, registry, dialOpts())
}
return client.DialContext(ctx, url, dialOpts())
}
func dialOpts() []grpc.DialOption {
connOpts := client.DefaultDialOpts
if token := os.Getenv("GITALY_TOKEN"); token != "" {
connOpts = append(connOpts, grpc.WithPerRPCCredentials(gitalyauth.RPCCredentialsV2(token)))
}
return append(connOpts, internalclient.UnaryInterceptor(), internalclient.StreamInterceptor())
}
func useSidechannel() bool { return os.Getenv("GITALY_USE_SIDECHANNEL") == "1" }
|