Commit e56f360d authored by Stan Hu's avatar Stan Hu

Fix CI artifacts not uploading with tracing enabled and without NGINX

`Labkit::Tracing::RackMiddleware` will attempt to sanitize the
parameters using Rails'
`ActionDispatch::Http::FilterParameters`. However, if it is run before
Rack gets a chance to read and parse a multipart message AND no
`Content-Length` is set, no multipart data will be present.

`FilterParameters` works by reading the entire HTTP request by calling
the Rack POST method. However, if a chunked transfer is used, the HTTP
`Content-Length` header will not be defined, but
`ActionDispatch::Request` will always return a content length of 0
instead of `nil`. As a result, `Rack::Multipart::Parser` will be fooled
into thinking that there is no body to parse, and uploads that depend on
multipart data will fail.

To fix this, we put `Rack::MethodOverride` before the
`Tracing::RackMiddleware` to ensure that the multipart messages are
parsed by Rack first. Unlike Rails' `ActionDispatch::Request`,
`Rack::Request` treats an undefined `Content-Length` header as a `nil`
value.

Note that if NGINX or some other reverse proxy is used, the
`Content-Length` header should be present, so the problem described
above only affects installations that don't buffer the request.

Closes
https://gitlab.com/gitlab-org/gitlab-development-kit/-/issues/1094
parent b5fc0c85
---
title: Fix CI artifacts not uploading with tracing enabled and without NGINX
merge_request: 46513
author:
type: fixed
...@@ -2,7 +2,8 @@ ...@@ -2,7 +2,8 @@
if Labkit::Tracing.enabled? if Labkit::Tracing.enabled?
Rails.application.configure do |config| Rails.application.configure do |config|
config.middleware.insert_after Labkit::Middleware::Rack, ::Labkit::Tracing::RackMiddleware # Rack needs to parse multipart messages before ActionDispatch can filter parameters
config.middleware.insert_after Rack::MethodOverride, ::Labkit::Tracing::RackMiddleware
end end
# Instrument Redis # Instrument Redis
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment