Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/gitlab/gitaly_client.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gitlab/gitaly_client.rb')
-rw-r--r--lib/gitlab/gitaly_client.rb23
1 files changed, 22 insertions, 1 deletions
diff --git a/lib/gitlab/gitaly_client.rb b/lib/gitlab/gitaly_client.rb
index 31734abe77f..3c7fa88977e 100644
--- a/lib/gitlab/gitaly_client.rb
+++ b/lib/gitlab/gitaly_client.rb
@@ -203,7 +203,7 @@ module Gitlab
def self.authorization_token(storage)
token = token(storage).to_s
issued_at = real_time.to_i.to_s
- hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, token, issued_at)
+ hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('SHA256'), token, issued_at)
"v2.#{hmac}.#{issued_at}"
end
@@ -226,6 +226,7 @@ module Gitlab
metadata['username'] = context_data['meta.user'] if context_data&.fetch('meta.user', nil)
metadata['remote_ip'] = context_data['meta.remote_ip'] if context_data&.fetch('meta.remote_ip', nil)
metadata.merge!(Feature::Gitaly.server_feature_flags)
+ metadata.merge!(route_to_primary)
deadline_info = request_deadline(timeout)
metadata.merge!(deadline_info.slice(:deadline_type))
@@ -233,6 +234,26 @@ module Gitlab
{ metadata: metadata, deadline: deadline_info[:deadline] }
end
+ # Gitlab::Git::HookEnv will set the :gitlab_git_env variable in case we're
+ # running in the context of a Gitaly hook call, which may make use of
+ # quarantined object directories. We thus need to pass along the path of
+ # the quarantined object directory to Gitaly, otherwise it won't be able to
+ # find these quarantined objects. Given that the quarantine directory is
+ # generated with a random name, they'll have different names when multiple
+ # Gitaly nodes take part in a single transaction. As a result, we are
+ # forced to route all requests to the primary node which has injected the
+ # quarantine object directory to us.
+ def self.route_to_primary
+ return {} unless Gitlab::SafeRequestStore.active?
+
+ return {} unless Gitlab::SafeRequestStore[:gitlab_git_env]
+
+ return {} if Gitlab::SafeRequestStore[:gitlab_git_env].empty?
+
+ { 'gitaly-route-repository-accessor-policy' => 'primary-only' }
+ end
+ private_class_method :route_to_primary
+
def self.request_deadline(timeout)
# timeout being 0 means the request is allowed to run indefinitely.
# We can't allow that inside a request, but this won't count towards Gitaly
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-15 02:14:53 +0300