2021-02-22 17:27:13 +05:30
|
|
|
package gitaly
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"strings"
|
|
|
|
"sync"
|
|
|
|
|
2021-10-27 15:23:28 +05:30
|
|
|
"github.com/golang/protobuf/jsonpb" //lint:ignore SA1019 https://gitlab.com/gitlab-org/gitlab/-/issues/324868
|
|
|
|
"github.com/golang/protobuf/proto" //lint:ignore SA1019 https://gitlab.com/gitlab-org/gitlab/-/issues/324868
|
2021-02-22 17:27:13 +05:30
|
|
|
grpc_middleware "github.com/grpc-ecosystem/go-grpc-middleware"
|
|
|
|
grpc_prometheus "github.com/grpc-ecosystem/go-grpc-prometheus"
|
|
|
|
"github.com/prometheus/client_golang/prometheus"
|
|
|
|
"github.com/prometheus/client_golang/prometheus/promauto"
|
2021-11-18 22:05:49 +05:30
|
|
|
"github.com/sirupsen/logrus"
|
2021-10-27 15:23:28 +05:30
|
|
|
"google.golang.org/grpc"
|
|
|
|
"google.golang.org/grpc/metadata"
|
|
|
|
|
2022-08-13 15:12:31 +05:30
|
|
|
gitalyauth "gitlab.com/gitlab-org/gitaly/v15/auth"
|
|
|
|
gitalyclient "gitlab.com/gitlab-org/gitaly/v15/client"
|
|
|
|
"gitlab.com/gitlab-org/gitaly/v15/proto/go/gitalypb"
|
2021-02-22 17:27:13 +05:30
|
|
|
|
2022-07-16 23:28:13 +05:30
|
|
|
"gitlab.com/gitlab-org/gitlab/workhorse/internal/api"
|
|
|
|
|
2021-02-22 17:27:13 +05:30
|
|
|
grpccorrelation "gitlab.com/gitlab-org/labkit/correlation/grpc"
|
|
|
|
grpctracing "gitlab.com/gitlab-org/labkit/tracing/grpc"
|
|
|
|
)
|
|
|
|
|
2021-11-18 22:05:49 +05:30
|
|
|
type cacheKey struct {
|
|
|
|
address, token string
|
|
|
|
}
|
2021-02-22 17:27:13 +05:30
|
|
|
|
2022-07-16 23:28:13 +05:30
|
|
|
func getCacheKey(server api.GitalyServer) cacheKey {
|
|
|
|
return cacheKey{address: server.Address, token: server.Token}
|
2021-02-22 17:27:13 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
type connectionsCache struct {
|
|
|
|
sync.RWMutex
|
|
|
|
connections map[cacheKey]*grpc.ClientConn
|
|
|
|
}
|
|
|
|
|
|
|
|
var (
|
|
|
|
jsonUnMarshaler = jsonpb.Unmarshaler{AllowUnknownFields: true}
|
2021-11-18 22:05:49 +05:30
|
|
|
// This connection cache map contains two types of connections:
|
|
|
|
// - Normal gRPC connections
|
|
|
|
// - Sidechannel connections. When client dials to the Gitaly server, the
|
|
|
|
// server multiplexes the connection using Yamux. In the future, the server
|
|
|
|
// can open another stream to transfer data without gRPC. Besides, we apply
|
|
|
|
// a framing protocol to add the half-close capability to Yamux streams.
|
|
|
|
// Hence, we cannot use those connections interchangeably.
|
|
|
|
cache = connectionsCache{
|
2021-02-22 17:27:13 +05:30
|
|
|
connections: make(map[cacheKey]*grpc.ClientConn),
|
|
|
|
}
|
2021-11-18 22:05:49 +05:30
|
|
|
sidechannelRegistry *gitalyclient.SidechannelRegistry
|
2021-02-22 17:27:13 +05:30
|
|
|
|
|
|
|
connectionsTotal = promauto.NewCounterVec(
|
|
|
|
prometheus.CounterOpts{
|
|
|
|
Name: "gitlab_workhorse_gitaly_connections_total",
|
|
|
|
Help: "Number of Gitaly connections that have been established",
|
|
|
|
},
|
|
|
|
[]string{"status"},
|
|
|
|
)
|
|
|
|
)
|
|
|
|
|
2021-11-18 22:05:49 +05:30
|
|
|
func InitializeSidechannelRegistry(logger *logrus.Logger) {
|
|
|
|
if sidechannelRegistry == nil {
|
|
|
|
sidechannelRegistry = gitalyclient.NewSidechannelRegistry(logrus.NewEntry(logger))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-03-04 22:38:38 +05:30
|
|
|
var allowedMetadataKeys = map[string]bool{
|
|
|
|
"user_id": true,
|
|
|
|
"username": true,
|
|
|
|
"remote_ip": true,
|
2022-07-16 23:28:13 +05:30
|
|
|
}
|
|
|
|
|
2023-03-04 22:38:38 +05:30
|
|
|
func withOutgoingMetadata(ctx context.Context, gs api.GitalyServer) context.Context {
|
2022-07-16 23:28:13 +05:30
|
|
|
md := metadata.New(nil)
|
2023-03-04 22:38:38 +05:30
|
|
|
for k, v := range gs.CallMetadata {
|
|
|
|
if strings.HasPrefix(k, "gitaly-feature-") || allowedMetadataKeys[k] {
|
|
|
|
md.Set(k, v)
|
|
|
|
}
|
2021-02-22 17:27:13 +05:30
|
|
|
}
|
|
|
|
return metadata.NewOutgoingContext(ctx, md)
|
|
|
|
}
|
|
|
|
|
2023-03-04 22:38:38 +05:30
|
|
|
func NewSmartHTTPClient(ctx context.Context, server api.GitalyServer) (context.Context, *SmartHTTPClient, error) {
|
2021-02-22 17:27:13 +05:30
|
|
|
conn, err := getOrCreateConnection(server)
|
|
|
|
if err != nil {
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
|
|
|
grpcClient := gitalypb.NewSmartHTTPServiceClient(conn)
|
2021-11-18 22:05:49 +05:30
|
|
|
smartHTTPClient := &SmartHTTPClient{
|
|
|
|
SmartHTTPServiceClient: grpcClient,
|
|
|
|
sidechannelRegistry: sidechannelRegistry,
|
|
|
|
}
|
2023-03-04 22:38:38 +05:30
|
|
|
return withOutgoingMetadata(ctx, server), smartHTTPClient, nil
|
2021-02-22 17:27:13 +05:30
|
|
|
}
|
|
|
|
|
2023-03-04 22:38:38 +05:30
|
|
|
func NewBlobClient(ctx context.Context, server api.GitalyServer) (context.Context, *BlobClient, error) {
|
2021-02-22 17:27:13 +05:30
|
|
|
conn, err := getOrCreateConnection(server)
|
|
|
|
if err != nil {
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
|
|
|
grpcClient := gitalypb.NewBlobServiceClient(conn)
|
2023-03-04 22:38:38 +05:30
|
|
|
return withOutgoingMetadata(ctx, server), &BlobClient{grpcClient}, nil
|
2021-02-22 17:27:13 +05:30
|
|
|
}
|
|
|
|
|
2023-03-04 22:38:38 +05:30
|
|
|
func NewRepositoryClient(ctx context.Context, server api.GitalyServer) (context.Context, *RepositoryClient, error) {
|
2021-02-22 17:27:13 +05:30
|
|
|
conn, err := getOrCreateConnection(server)
|
|
|
|
if err != nil {
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
|
|
|
grpcClient := gitalypb.NewRepositoryServiceClient(conn)
|
2023-03-04 22:38:38 +05:30
|
|
|
return withOutgoingMetadata(ctx, server), &RepositoryClient{grpcClient}, nil
|
2021-02-22 17:27:13 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
// NewNamespaceClient is only used by the Gitaly integration tests at present
|
2023-03-04 22:38:38 +05:30
|
|
|
func NewNamespaceClient(ctx context.Context, server api.GitalyServer) (context.Context, *NamespaceClient, error) {
|
2021-02-22 17:27:13 +05:30
|
|
|
conn, err := getOrCreateConnection(server)
|
|
|
|
if err != nil {
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
|
|
|
grpcClient := gitalypb.NewNamespaceServiceClient(conn)
|
2023-03-04 22:38:38 +05:30
|
|
|
return withOutgoingMetadata(ctx, server), &NamespaceClient{grpcClient}, nil
|
2021-02-22 17:27:13 +05:30
|
|
|
}
|
|
|
|
|
2023-03-04 22:38:38 +05:30
|
|
|
func NewDiffClient(ctx context.Context, server api.GitalyServer) (context.Context, *DiffClient, error) {
|
2021-02-22 17:27:13 +05:30
|
|
|
conn, err := getOrCreateConnection(server)
|
|
|
|
if err != nil {
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
|
|
|
grpcClient := gitalypb.NewDiffServiceClient(conn)
|
2023-03-04 22:38:38 +05:30
|
|
|
return withOutgoingMetadata(ctx, server), &DiffClient{grpcClient}, nil
|
2021-02-22 17:27:13 +05:30
|
|
|
}
|
|
|
|
|
2022-07-16 23:28:13 +05:30
|
|
|
func getOrCreateConnection(server api.GitalyServer) (*grpc.ClientConn, error) {
|
|
|
|
key := getCacheKey(server)
|
2021-02-22 17:27:13 +05:30
|
|
|
|
|
|
|
cache.RLock()
|
|
|
|
conn := cache.connections[key]
|
|
|
|
cache.RUnlock()
|
|
|
|
|
|
|
|
if conn != nil {
|
|
|
|
return conn, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
cache.Lock()
|
|
|
|
defer cache.Unlock()
|
|
|
|
|
|
|
|
if conn := cache.connections[key]; conn != nil {
|
|
|
|
return conn, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
conn, err := newConnection(server)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
cache.connections[key] = conn
|
|
|
|
|
|
|
|
return conn, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func CloseConnections() {
|
|
|
|
cache.Lock()
|
|
|
|
defer cache.Unlock()
|
|
|
|
|
|
|
|
for _, conn := range cache.connections {
|
|
|
|
conn.Close()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-07-16 23:28:13 +05:30
|
|
|
func newConnection(server api.GitalyServer) (*grpc.ClientConn, error) {
|
2021-02-22 17:27:13 +05:30
|
|
|
connOpts := append(gitalyclient.DefaultDialOpts,
|
|
|
|
grpc.WithPerRPCCredentials(gitalyauth.RPCCredentialsV2(server.Token)),
|
|
|
|
grpc.WithStreamInterceptor(
|
|
|
|
grpc_middleware.ChainStreamClient(
|
|
|
|
grpctracing.StreamClientTracingInterceptor(),
|
|
|
|
grpc_prometheus.StreamClientInterceptor,
|
|
|
|
grpccorrelation.StreamClientCorrelationInterceptor(
|
|
|
|
grpccorrelation.WithClientName("gitlab-workhorse"),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
|
|
|
|
grpc.WithUnaryInterceptor(
|
|
|
|
grpc_middleware.ChainUnaryClient(
|
|
|
|
grpctracing.UnaryClientTracingInterceptor(),
|
|
|
|
grpc_prometheus.UnaryClientInterceptor,
|
|
|
|
grpccorrelation.UnaryClientCorrelationInterceptor(
|
|
|
|
grpccorrelation.WithClientName("gitlab-workhorse"),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
2023-04-23 21:23:45 +05:30
|
|
|
|
|
|
|
// In https://gitlab.com/groups/gitlab-org/-/epics/8971, we added DNS discovery support to Praefect. This was
|
|
|
|
// done by making two changes:
|
|
|
|
// - Configure client-side round-robin load-balancing in client dial options. We added that as a default option
|
|
|
|
// inside gitaly client in gitaly client since v15.9.0
|
|
|
|
// - Configure DNS resolving. Due to some technical limitations, we don't use gRPC's built-in DNS resolver.
|
|
|
|
// Instead, we implement our own DNS resolver. This resolver is exposed via the following configuration.
|
|
|
|
// Afterward, workhorse can detect and handle DNS discovery automatically. The user needs to setup and set
|
|
|
|
// Gitaly address to something like "dns:gitaly.service.dc1.consul"
|
|
|
|
gitalyclient.WithGitalyDNSResolver(gitalyclient.DefaultDNSResolverBuilderConfig()),
|
2021-02-22 17:27:13 +05:30
|
|
|
)
|
|
|
|
|
2022-07-16 23:28:13 +05:30
|
|
|
conn, connErr := gitalyclient.DialSidechannel(context.Background(), server.Address, sidechannelRegistry, connOpts) // lint:allow context.Background
|
2021-02-22 17:27:13 +05:30
|
|
|
|
|
|
|
label := "ok"
|
|
|
|
if connErr != nil {
|
|
|
|
label = "fail"
|
|
|
|
}
|
|
|
|
connectionsTotal.WithLabelValues(label).Inc()
|
|
|
|
|
|
|
|
return conn, connErr
|
|
|
|
}
|
|
|
|
|
|
|
|
func UnmarshalJSON(s string, msg proto.Message) error {
|
|
|
|
return jsonUnMarshaler.Unmarshal(strings.NewReader(s), msg)
|
|
|
|
}
|