diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-06-16 21:25:58 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-06-16 21:25:58 +0300 |
commit | a5f4bba440d7f9ea47046a0a561d49adf0a1e6d4 (patch) | |
tree | fb69158581673816a8cd895f9d352dcb3c678b1e /lib/gitlab/kas/client.rb | |
parent | d16b2e8639e99961de6ddc93909f3bb5c1445ba1 (diff) |
Add latest changes from gitlab-org/gitlab@14-0-stable-eev14.0.0-rc42
Diffstat (limited to 'lib/gitlab/kas/client.rb')
-rw-r--r-- | lib/gitlab/kas/client.rb | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/lib/gitlab/kas/client.rb b/lib/gitlab/kas/client.rb new file mode 100644 index 00000000000..6675903e692 --- /dev/null +++ b/lib/gitlab/kas/client.rb @@ -0,0 +1,75 @@ +# frozen_string_literal: true + +module Gitlab + module Kas + class Client + TIMEOUT = 2.seconds.freeze + JWT_AUDIENCE = 'gitlab-kas' + + STUB_CLASSES = { + configuration_project: Gitlab::Agent::ConfigurationProject::Rpc::ConfigurationProject::Stub + }.freeze + + ConfigurationError = Class.new(StandardError) + + def initialize + raise ConfigurationError, 'GitLab KAS is not enabled' unless Gitlab::Kas.enabled? + raise ConfigurationError, 'KAS internal URL is not configured' unless Gitlab::Kas.internal_url.present? + end + + def list_agent_config_files(project:) + request = Gitlab::Agent::ConfigurationProject::Rpc::ListAgentConfigFilesRequest.new( + repository: repository(project), + gitaly_address: gitaly_address(project) + ) + + stub_for(:configuration_project) + .list_agent_config_files(request, metadata: metadata) + .config_files + .to_a + end + + private + + def stub_for(service) + @stubs ||= {} + @stubs[service] ||= STUB_CLASSES.fetch(service).new(kas_endpoint_url, credentials, timeout: TIMEOUT) + end + + def repository(project) + gitaly_repository = project.repository.gitaly_repository + + Gitlab::Agent::Modserver::Repository.new(gitaly_repository.to_h) + end + + def gitaly_address(project) + connection_data = Gitlab::GitalyClient.connection_data(project.repository_storage) + + Gitlab::Agent::Modserver::GitalyAddress.new(connection_data) + end + + def kas_endpoint_url + Gitlab::Kas.internal_url.delete_prefix('grpc://') + end + + def credentials + if Rails.env.test? || Rails.env.development? + :this_channel_is_insecure + else + GRPC::Core::ChannelCredentials.new + end + end + + def metadata + { 'authorization' => "bearer #{token}" } + end + + def token + JSONWebToken::HMACToken.new(Gitlab::Kas.secret).tap do |token| + token.issuer = Settings.gitlab.host + token.audience = JWT_AUDIENCE + end.encoded + end + end + end +end |