Fix gitlab-shell not handling relative URLs over UNIX socketssh-fix-unix-relative-url-access

From
https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/4498#note_397401883,
if you specify a relative path such as:

```
external_url 'http://gitlab.example.com/gitlab'
```

gitlab-shell doesn't have a way to pass the `/gitlab` to the host. For example, let's say we have:

```
gitlab_url: "http+unix://%2Fvar%2Fopt%2Fgitlab%2Fgitlab-workhorse%2Fsocket"
```

If we have `/gitlab` as the relative path, how do we specify what is the
UNIX socket path and what is the relative path? If we specify:

```
gitlab_url: "http+unix:///var/opt/gitlab/gitlab-workhorse.socket/gitlab
```

This is ambiguous. Is the socket in
`/var/opt/gitlab/gitlab-workhorse.socket/gitlab` or in
`/var/opt/gitlab/gitlab-workhorse.socket`?

To fix this, this merge request adds an optional
`gitlab_relative_url_root` config parameter:

```
gitlab_url: "http+unix://%2Fvar%2Fopt%2Fgitlab%2Fgitlab-workhorse%2Fsocket"
gitlab_relative_url_root: /gitlab
```

This is only used with UNIX domain sockets to disambiguate the socket
and base URL path. If `gitlab_url` uses `http://` or `https://`, then
`gitlab_relative_url_root` is ignored.

Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/476

1 files changed, 75 insertions, 52 deletions

diff --git a/client/client_test.go b/client/client_test.go
index d520bbb..e92093a 100644
--- a/client/client_test.go
+++ b/client/client_test.go
@@ -7,6 +7,7 @@ import (
 	"io/ioutil"
 	"net/http"
 	"path"
+	"strings"
 	"testing"
 
 	"github.com/sirupsen/logrus"
@@ -21,63 +22,27 @@ func TestClients(t *testing.T) {
 	require.NoError(t, err)
 	defer testDirCleanup()
 
-	requests := []testserver.TestRequestHandler{
-		{
-			Path: "/api/v4/internal/hello",
-			Handler: func(w http.ResponseWriter, r *http.Request) {
-				require.Equal(t, http.MethodGet, r.Method)
-
-				fmt.Fprint(w, "Hello")
-			},
-		},
-		{
-			Path: "/api/v4/internal/post_endpoint",
-			Handler: func(w http.ResponseWriter, r *http.Request) {
-				require.Equal(t, http.MethodPost, r.Method)
-
-				b, err := ioutil.ReadAll(r.Body)
-				defer r.Body.Close()
-
-				require.NoError(t, err)
-
-				fmt.Fprint(w, "Echo: "+string(b))
-			},
-		},
-		{
-			Path: "/api/v4/internal/auth",
-			Handler: func(w http.ResponseWriter, r *http.Request) {
-				fmt.Fprint(w, r.Header.Get(secretHeaderName))
-			},
-		},
-		{
-			Path: "/api/v4/internal/error",
-			Handler: func(w http.ResponseWriter, r *http.Request) {
-				w.Header().Set("Content-Type", "application/json")
-				w.WriteHeader(http.StatusBadRequest)
-				body := map[string]string{
-					"message": "Don't do that",
-				}
-				json.NewEncoder(w).Encode(body)
-			},
-		},
-		{
-			Path: "/api/v4/internal/broken",
-			Handler: func(w http.ResponseWriter, r *http.Request) {
-				panic("Broken")
-			},
-		},
-	}
-
 	testCases := []struct {
-		desc   string
-		caFile string
-		server func(*testing.T, []testserver.TestRequestHandler) (string, func())
+		desc            string
+		relativeURLRoot string
+		caFile          string
+		server          func(*testing.T, []testserver.TestRequestHandler) (string, func())
 	}{
 		{
 			desc:   "Socket client",
 			server: testserver.StartSocketHttpServer,
 		},
 		{
+			desc:            "Socket client with a relative URL at /",
+			relativeURLRoot: "/",
+			server:          testserver.StartSocketHttpServer,
+		},
+		{
+			desc:            "Socket client with relative URL at /gitlab",
+			relativeURLRoot: "/gitlab",
+			server:          testserver.StartSocketHttpServer,
+		},
+		{
 			desc:   "Http client",
 			server: testserver.StartHttpServer,
 		},
@@ -90,12 +55,12 @@ func TestClients(t *testing.T) {
 
 	for _, tc := range testCases {
 		t.Run(tc.desc, func(t *testing.T) {
-			url, cleanup := tc.server(t, requests)
+			url, cleanup := tc.server(t, buildRequests(t, tc.relativeURLRoot))
 			defer cleanup()
 
 			secret := "sssh, it's a secret"
 
-			httpClient := NewHTTPClient(url, tc.caFile, "", false, 1)
+			httpClient := NewHTTPClient(url, tc.relativeURLRoot, tc.caFile, "", false, 1)
 
 			client, err := NewGitlabNetClient("", "", secret, httpClient)
 			require.NoError(t, err)
@@ -275,3 +240,61 @@ func testAuthenticationHeader(t *testing.T, client *GitlabNetClient) {
 		assert.Equal(t, "sssh, it's a secret", string(header))
 	})
 }
+
+func buildRequests(t *testing.T, relativeURLRoot string) []testserver.TestRequestHandler {
+	requests := []testserver.TestRequestHandler{
+		{
+			Path: "/api/v4/internal/hello",
+			Handler: func(w http.ResponseWriter, r *http.Request) {
+				require.Equal(t, http.MethodGet, r.Method)
+
+				fmt.Fprint(w, "Hello")
+			},
+		},
+		{
+			Path: "/api/v4/internal/post_endpoint",
+			Handler: func(w http.ResponseWriter, r *http.Request) {
+				require.Equal(t, http.MethodPost, r.Method)
+
+				b, err := ioutil.ReadAll(r.Body)
+				defer r.Body.Close()
+
+				require.NoError(t, err)
+
+				fmt.Fprint(w, "Echo: "+string(b))
+			},
+		},
+		{
+			Path: "/api/v4/internal/auth",
+			Handler: func(w http.ResponseWriter, r *http.Request) {
+				fmt.Fprint(w, r.Header.Get(secretHeaderName))
+			},
+		},
+		{
+			Path: "/api/v4/internal/error",
+			Handler: func(w http.ResponseWriter, r *http.Request) {
+				w.Header().Set("Content-Type", "application/json")
+				w.WriteHeader(http.StatusBadRequest)
+				body := map[string]string{
+					"message": "Don't do that",
+				}
+				json.NewEncoder(w).Encode(body)
+			},
+		},
+		{
+			Path: "/api/v4/internal/broken",
+			Handler: func(w http.ResponseWriter, r *http.Request) {
+				panic("Broken")
+			},
+		},
+	}
+
+	relativeURLRoot = strings.Trim(relativeURLRoot, "/")
+	if relativeURLRoot != "" {
+		for i, r := range requests {
+			requests[i].Path = fmt.Sprintf("/%s%s", relativeURLRoot, r.Path)
+		}
+	}
+
+	return requests
+}