Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-pages.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/internal/source
diff options
context:
space:
mode:
Diffstat (limited to 'internal/source')
-rw-r--r--internal/source/gitlab/cache/cache_test.go28
-rw-r--r--internal/source/gitlab/cache/retriever.go6
-rw-r--r--internal/source/gitlab/client/client.go8
-rw-r--r--internal/source/gitlab/client/client_test.go2
-rw-r--r--internal/source/gitlab/gitlab.go10
5 files changed, 37 insertions, 17 deletions
diff --git a/internal/source/gitlab/cache/cache_test.go b/internal/source/gitlab/cache/cache_test.go
index 7ed56f5a..757adb2b 100644
--- a/internal/source/gitlab/cache/cache_test.go
+++ b/internal/source/gitlab/cache/cache_test.go
@@ -13,14 +13,14 @@ import (
"gitlab.com/gitlab-org/gitlab-pages/internal/source/gitlab/api"
)
-type client struct {
+type clientMock struct {
counter uint64
lookups chan uint64
domain chan string
failure error
}
-func (c *client) GetLookup(ctx context.Context, _ string) api.Lookup {
+func (c *clientMock) GetLookup(ctx context.Context, _ string) api.Lookup {
lookup := api.Lookup{}
if c.failure == nil {
lookup.Name = <-c.domain
@@ -33,11 +33,11 @@ func (c *client) GetLookup(ctx context.Context, _ string) api.Lookup {
return lookup
}
-func (c *client) Status() error {
+func (c *clientMock) Status() error {
return nil
}
-func withTestCache(config resolverConfig, cacheConfig *cacheConfig, block func(*Cache, *client)) {
+func withTestCache(config resolverConfig, cacheConfig *cacheConfig, block func(*Cache, *clientMock)) {
var chanSize int
if config.buffered {
@@ -46,7 +46,7 @@ func withTestCache(config resolverConfig, cacheConfig *cacheConfig, block func(*
chanSize = 0
}
- resolver := &client{
+ resolver := &clientMock{
domain: make(chan string, chanSize),
lookups: make(chan uint64, 100),
failure: config.failure,
@@ -90,7 +90,7 @@ type entryConfig struct {
func TestResolve(t *testing.T) {
t.Run("when item is not cached", func(t *testing.T) {
- withTestCache(resolverConfig{buffered: true}, nil, func(cache *Cache, resolver *client) {
+ withTestCache(resolverConfig{buffered: true}, nil, func(cache *Cache, resolver *clientMock) {
require.Equal(t, 0, len(resolver.lookups))
resolver.domain <- "my.gitlab.com"
@@ -103,7 +103,7 @@ func TestResolve(t *testing.T) {
})
t.Run("when item is not cached and accessed multiple times", func(t *testing.T) {
- withTestCache(resolverConfig{}, nil, func(cache *Cache, resolver *client) {
+ withTestCache(resolverConfig{}, nil, func(cache *Cache, resolver *clientMock) {
wg := &sync.WaitGroup{}
ctx := context.Background()
@@ -127,7 +127,7 @@ func TestResolve(t *testing.T) {
})
t.Run("when item is in short cache", func(t *testing.T) {
- withTestCache(resolverConfig{}, nil, func(cache *Cache, resolver *client) {
+ withTestCache(resolverConfig{}, nil, func(cache *Cache, resolver *clientMock) {
cache.withTestEntry(entryConfig{expired: false, retrieved: true}, func(*Entry) {
lookup := cache.Resolve(context.Background(), "my.gitlab.com")
@@ -138,7 +138,7 @@ func TestResolve(t *testing.T) {
})
t.Run("when a non-retrieved new item is in short cache", func(t *testing.T) {
- withTestCache(resolverConfig{}, nil, func(cache *Cache, resolver *client) {
+ withTestCache(resolverConfig{}, nil, func(cache *Cache, resolver *clientMock) {
cache.withTestEntry(entryConfig{expired: false, retrieved: false}, func(*Entry) {
lookup := make(chan *api.Lookup, 1)
@@ -157,7 +157,7 @@ func TestResolve(t *testing.T) {
})
t.Run("when item is in long cache only", func(t *testing.T) {
- withTestCache(resolverConfig{buffered: false}, nil, func(cache *Cache, resolver *client) {
+ withTestCache(resolverConfig{buffered: false}, nil, func(cache *Cache, resolver *clientMock) {
cache.withTestEntry(entryConfig{expired: true, retrieved: true}, func(*Entry) {
lookup := cache.Resolve(context.Background(), "my.gitlab.com")
@@ -172,7 +172,7 @@ func TestResolve(t *testing.T) {
})
t.Run("when item in long cache is requested multiple times", func(t *testing.T) {
- withTestCache(resolverConfig{}, nil, func(cache *Cache, resolver *client) {
+ withTestCache(resolverConfig{}, nil, func(cache *Cache, resolver *clientMock) {
cache.withTestEntry(entryConfig{expired: true, retrieved: true}, func(*Entry) {
cache.Resolve(context.Background(), "my.gitlab.com")
cache.Resolve(context.Background(), "my.gitlab.com")
@@ -192,7 +192,7 @@ func TestResolve(t *testing.T) {
cc.maxRetrievalInterval = 0
err := errors.New("500 error")
- withTestCache(resolverConfig{failure: err}, &cc, func(cache *Cache, resolver *client) {
+ withTestCache(resolverConfig{failure: err}, &cc, func(cache *Cache, resolver *clientMock) {
lookup := cache.Resolve(context.Background(), "my.gitlab.com")
require.Equal(t, 3, len(resolver.lookups))
@@ -204,7 +204,7 @@ func TestResolve(t *testing.T) {
cc := defaultCacheConfig
cc.retrievalTimeout = 0
- withTestCache(resolverConfig{}, &cc, func(cache *Cache, resolver *client) {
+ withTestCache(resolverConfig{}, &cc, func(cache *Cache, resolver *clientMock) {
lookup := cache.Resolve(context.Background(), "my.gitlab.com")
require.Equal(t, 0, len(resolver.lookups))
@@ -213,7 +213,7 @@ func TestResolve(t *testing.T) {
})
t.Run("when retrieval failed because of resolution context being canceled", func(t *testing.T) {
- withTestCache(resolverConfig{}, nil, func(cache *Cache, resolver *client) {
+ withTestCache(resolverConfig{}, nil, func(cache *Cache, resolver *clientMock) {
cache.withTestEntry(entryConfig{expired: false, retrieved: false}, func(entry *Entry) {
ctx, cancel := context.WithCancel(context.Background())
cancel()
diff --git a/internal/source/gitlab/cache/retriever.go b/internal/source/gitlab/cache/retriever.go
index eddb02cb..865bf88b 100644
--- a/internal/source/gitlab/cache/retriever.go
+++ b/internal/source/gitlab/cache/retriever.go
@@ -9,6 +9,7 @@ import (
"gitlab.com/gitlab-org/gitlab-pages/internal/domain"
"gitlab.com/gitlab-org/gitlab-pages/internal/source/gitlab/api"
+ "gitlab.com/gitlab-org/gitlab-pages/internal/source/gitlab/client"
)
// Retriever is an utility type that performs an HTTP request with backoff in
@@ -55,8 +56,9 @@ func (r *Retriever) resolveWithBackoff(ctx context.Context, domainName string) <
for i := 1; i <= r.maxRetrievalRetries; i++ {
lookup = r.client.GetLookup(ctx, domainName)
- if lookup.Error == nil || errors.Is(lookup.Error, domain.ErrDomainDoesNotExist) {
- // do not retry if the domain does not exist
+ if lookup.Error == nil || errors.Is(lookup.Error, domain.ErrDomainDoesNotExist) ||
+ errors.Is(lookup.Error, client.ErrUnauthorizedAPI) {
+ // do not retry if the domain does not exist or there is an auth error
break
}
diff --git a/internal/source/gitlab/client/client.go b/internal/source/gitlab/client/client.go
index 524eb8a4..98939641 100644
--- a/internal/source/gitlab/client/client.go
+++ b/internal/source/gitlab/client/client.go
@@ -24,6 +24,12 @@ import (
// or a 401 given that the credentials used are wrong
const ConnectionErrorMsg = "failed to connect to internal Pages API"
+// ErrUnauthorizedAPI is returned when resolving a domain with the GitLab API
+// returns a http.StatusUnauthorized. This happens if the common secret file
+// is not synced between gitlab-pages and gitlab-rails servers.
+// See https://gitlab.com/gitlab-org/gitlab-pages/-/issues/535 for more details.
+var ErrUnauthorizedAPI = errors.New("pages endpoint unauthorized")
+
// Client is a HTTP client to access Pages internal API
type Client struct {
secretKey []byte
@@ -161,6 +167,8 @@ func (gc *Client) get(ctx context.Context, path string, params url.Values) (*htt
// StatusNoContent means that a domain does not exist, it is not an error
if resp.StatusCode == http.StatusNoContent {
return nil, nil
+ } else if resp.StatusCode == http.StatusUnauthorized {
+ return nil, ErrUnauthorizedAPI
}
return nil, fmt.Errorf("HTTP status: %d", resp.StatusCode)
diff --git a/internal/source/gitlab/client/client_test.go b/internal/source/gitlab/client/client_test.go
index 153b9372..32fd8c18 100644
--- a/internal/source/gitlab/client/client_test.go
+++ b/internal/source/gitlab/client/client_test.go
@@ -138,7 +138,7 @@ func TestNewInvalidConfiguration(t *testing.T) {
}
func TestLookupForErrorResponses(t *testing.T) {
tests := map[int]string{
- http.StatusUnauthorized: "HTTP status: 401",
+ http.StatusUnauthorized: ErrUnauthorizedAPI.Error(),
http.StatusNotFound: "HTTP status: 404",
}
diff --git a/internal/source/gitlab/gitlab.go b/internal/source/gitlab/gitlab.go
index d164460a..1f937e5d 100644
--- a/internal/source/gitlab/gitlab.go
+++ b/internal/source/gitlab/gitlab.go
@@ -2,12 +2,14 @@ package gitlab
import (
"context"
+ "errors"
"net/http"
"path"
"strings"
"sync"
"github.com/cenkalti/backoff/v4"
+ "gitlab.com/gitlab-org/labkit/log"
"gitlab.com/gitlab-org/gitlab-pages/internal/domain"
"gitlab.com/gitlab-org/gitlab-pages/internal/request"
@@ -49,6 +51,14 @@ func (g *Gitlab) GetDomain(name string) (*domain.Domain, error) {
lookup := g.client.Resolve(context.Background(), name)
if lookup.Error != nil {
+ if errors.Is(lookup.Error, client.ErrUnauthorizedAPI) {
+ log.WithError(lookup.Error).Error("Pages cannot communicate with an instance of the GitLab API. Please sync your gitlab-secrets.json file: https://docs.gitlab.com/ee/administration/pages/#pages-cannot-communicate-with-an-instance-of-the-gitlab-api")
+
+ g.mu.Lock()
+ g.isReady = false
+ g.mu.Unlock()
+ }
+
return nil, lookup.Error
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 06:50:27 +0300