diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/gitlab_config.rb | 4 | ||||
| -rw-r--r-- | lib/gitlab_shell.rb | 75 |
2 files changed, 14 insertions, 65 deletions
diff --git a/lib/gitlab_config.rb b/lib/gitlab_config.rb index 7645989..85aa889 100644 --- a/lib/gitlab_config.rb +++ b/lib/gitlab_config.rb @@ -50,10 +50,6 @@ class GitlabConfig @config['audit_usernames'] ||= false end - def git_trace_log_file - @config['git_trace_log_file'] - end - def metrics_log_file @config['metrics_log_file'] ||= File.join(ROOT_PATH, 'gitlab-shell-metrics.log') end diff --git a/lib/gitlab_shell.rb b/lib/gitlab_shell.rb index 286a3d1..c7663e1 100644 --- a/lib/gitlab_shell.rb +++ b/lib/gitlab_shell.rb @@ -19,7 +19,7 @@ class GitlabShell # rubocop:disable Metrics/ClassLength GIT_COMMANDS = GITALY_COMMAND.keys + ['git-lfs-authenticate'] API_COMMANDS = %w(2fa_recovery_codes).freeze - GL_PROTOCOL = 'ssh'.freeze + GL_PROTOCOL = 'ssh' attr_accessor :gl_id, :gl_repository, :repo_name, :command, :git_access, :git_protocol @@ -139,61 +139,31 @@ class GitlabShell # rubocop:disable Metrics/ClassLength return end - # TODO happens only in testing as of right now - return unless @gitaly - - # The entire gitaly_request hash should be built in gitlab-ce and passed - # on as-is. For now we build a fake one on the spot. - gitaly_request = { + # TODO: instead of building from pieces here in gitlab-shell, build the + # entire gitaly_request in gitlab-ce and pass on as-is here. + args = JSON.dump( 'repository' => @gitaly['repository'], 'gl_repository' => @gl_repository, 'gl_id' => @gl_id, 'gl_username' => @username, 'git_config_options' => @git_config_options, 'git_protocol' => @git_protocol - } - - args = [@gitaly['address'], JSON.dump(gitaly_request)] + ) - executable = GITALY_COMMAND[@command] - args_string = [File.basename(executable), *args].join(' ') + gitaly_address = @gitaly['address'] + executable = GITALY_COMMAND.fetch(@command) + gitaly_bin = File.basename(executable) + args_string = [gitaly_bin, gitaly_address, args].join(' ') $logger.info('executing git command', command: args_string, user: log_username) - exec_cmd(executable, *args) + + exec_cmd(executable, gitaly_address: gitaly_address, token: @gitaly['token'], json_args: args) end # This method is not covered by Rspec because it ends the current Ruby process. - def exec_cmd(*args) - # If you want to call a command without arguments, use - # exec_cmd(['my_command', 'my_command']) . Otherwise use - # exec_cmd('my_command', 'my_argument', ...). - if args.count == 1 && !args.first.is_a?(Array) - raise DisallowedCommandError - end - - env = { - 'HOME' => ENV['HOME'], - 'PATH' => ENV['PATH'], - 'LD_LIBRARY_PATH' => ENV['LD_LIBRARY_PATH'], - 'LANG' => ENV['LANG'], - 'GL_ID' => @gl_id, - 'GL_PROTOCOL' => GL_PROTOCOL, - 'GL_REPOSITORY' => @gl_repository, - 'GL_USERNAME' => @username - } - - # @gitaly is a thing, unless another code path exists that doesn't go through process_cmd - if @gitaly&.include?('token') - env['GITALY_TOKEN'] = @gitaly['token'] - end - - if git_trace_available? - env.merge!( - 'GIT_TRACE' => @config.git_trace_log_file, - 'GIT_TRACE_PACKET' => @config.git_trace_log_file, - 'GIT_TRACE_PERFORMANCE' => @config.git_trace_log_file - ) - end + def exec_cmd(executable, gitaly_address:, token:, json_args:) + env = { 'GITALY_TOKEN' => token } + args = [executable, gitaly_address, json_args] # We use 'chdir: ROOT_PATH' to let the next executable know where config.yml is. Kernel.exec(env, *args, unsetenv_others: true, chdir: ROOT_PATH) end @@ -274,21 +244,4 @@ class GitlabShell # rubocop:disable Metrics/ClassLength "#{resp['message']}" end end - - def git_trace_available? - return false unless @config.git_trace_log_file - - if Pathname(@config.git_trace_log_file).relative? - $logger.warn('git trace log path must be absolute, ignoring', git_trace_log_file: @config.git_trace_log_file) - return false - end - - begin - File.open(@config.git_trace_log_file, 'a') { nil } - return true - rescue => ex - $logger.warn('Failed to open git trace log file', git_trace_log_file: @config.git_trace_log_file, error: ex.to_s) - return false - end - end end |