Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-workhorse
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-workhorse
Commits
c303f246
Commit
c303f246
authored
Jun 19, 2017
by
Jacob Vosmaer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Use tokens for per request gitaly authentication
parent
c07f03c6
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
2298 additions
and
9 deletions
+2298
-9
internal/gitaly/gitaly.go
internal/gitaly/gitaly.go
+11
-9
vendor/gitlab.com/gitlab-org/gitaly/LICENSE
vendor/gitlab.com/gitlab-org/gitaly/LICENSE
+21
-0
vendor/gitlab.com/gitlab-org/gitaly/NOTICE
vendor/gitlab.com/gitlab-org/gitaly/NOTICE
+2233
-0
vendor/gitlab.com/gitlab-org/gitaly/auth/rpccredentials.go
vendor/gitlab.com/gitlab-org/gitaly/auth/rpccredentials.go
+25
-0
vendor/vendor.json
vendor/vendor.json
+8
-0
No files found.
internal/gitaly/gitaly.go
View file @
c303f246
...
@@ -9,6 +9,7 @@ import (
...
@@ -9,6 +9,7 @@ import (
"time"
"time"
pb
"gitlab.com/gitlab-org/gitaly-proto/go"
pb
"gitlab.com/gitlab-org/gitaly-proto/go"
"gitlab.com/gitlab-org/gitaly/auth"
"google.golang.org/grpc"
"google.golang.org/grpc"
)
)
...
@@ -19,15 +20,15 @@ type Server struct {
...
@@ -19,15 +20,15 @@ type Server struct {
type
connectionsCache
struct
{
type
connectionsCache
struct
{
sync
.
RWMutex
sync
.
RWMutex
connections
map
[
string
]
*
grpc
.
ClientConn
connections
map
[
Server
]
*
grpc
.
ClientConn
}
}
var
cache
=
connectionsCache
{
var
cache
=
connectionsCache
{
connections
:
make
(
map
[
string
]
*
grpc
.
ClientConn
),
connections
:
make
(
map
[
Server
]
*
grpc
.
ClientConn
),
}
}
func
NewSmartHTTPClient
(
server
Server
)
(
*
SmartHTTPClient
,
error
)
{
func
NewSmartHTTPClient
(
server
Server
)
(
*
SmartHTTPClient
,
error
)
{
conn
,
err
:=
getOrCreateConnection
(
server
.
Address
)
conn
,
err
:=
getOrCreateConnection
(
server
)
if
err
!=
nil
{
if
err
!=
nil
{
return
nil
,
err
return
nil
,
err
}
}
...
@@ -35,20 +36,20 @@ func NewSmartHTTPClient(server Server) (*SmartHTTPClient, error) {
...
@@ -35,20 +36,20 @@ func NewSmartHTTPClient(server Server) (*SmartHTTPClient, error) {
return
&
SmartHTTPClient
{
grpcClient
},
nil
return
&
SmartHTTPClient
{
grpcClient
},
nil
}
}
func
getOrCreateConnection
(
address
string
)
(
*
grpc
.
ClientConn
,
error
)
{
func
getOrCreateConnection
(
server
Server
)
(
*
grpc
.
ClientConn
,
error
)
{
cache
.
Lock
()
cache
.
Lock
()
defer
cache
.
Unlock
()
defer
cache
.
Unlock
()
if
conn
:=
cache
.
connections
[
address
];
conn
!=
nil
{
if
conn
:=
cache
.
connections
[
server
];
conn
!=
nil
{
return
conn
,
nil
return
conn
,
nil
}
}
conn
,
err
:=
newConnection
(
address
)
conn
,
err
:=
newConnection
(
server
)
if
err
!=
nil
{
if
err
!=
nil
{
return
nil
,
err
return
nil
,
err
}
}
cache
.
connections
[
address
]
=
conn
cache
.
connections
[
server
]
=
conn
return
conn
,
nil
return
conn
,
nil
}
}
...
@@ -62,8 +63,8 @@ func CloseConnections() {
...
@@ -62,8 +63,8 @@ func CloseConnections() {
}
}
}
}
func
newConnection
(
rawAddress
string
)
(
*
grpc
.
ClientConn
,
error
)
{
func
newConnection
(
server
Server
)
(
*
grpc
.
ClientConn
,
error
)
{
network
,
addr
,
err
:=
parseAddress
(
raw
Address
)
network
,
addr
,
err
:=
parseAddress
(
server
.
Address
)
if
err
!=
nil
{
if
err
!=
nil
{
return
nil
,
err
return
nil
,
err
}
}
...
@@ -73,6 +74,7 @@ func newConnection(rawAddress string) (*grpc.ClientConn, error) {
...
@@ -73,6 +74,7 @@ func newConnection(rawAddress string) (*grpc.ClientConn, error) {
grpc
.
WithDialer
(
func
(
a
string
,
_
time
.
Duration
)
(
net
.
Conn
,
error
)
{
grpc
.
WithDialer
(
func
(
a
string
,
_
time
.
Duration
)
(
net
.
Conn
,
error
)
{
return
net
.
Dial
(
network
,
a
)
return
net
.
Dial
(
network
,
a
)
}),
}),
grpc
.
WithPerRPCCredentials
(
gitalyauth
.
RPCCredentials
(
server
.
Token
)),
}
}
conn
,
err
:=
grpc
.
Dial
(
addr
,
connOpts
...
)
conn
,
err
:=
grpc
.
Dial
(
addr
,
connOpts
...
)
if
err
!=
nil
{
if
err
!=
nil
{
...
...
vendor/gitlab.com/gitlab-org/gitaly/LICENSE
0 → 100644
View file @
c303f246
The MIT License (MIT)
Copyright (c) 2016-2017 GitLab B.V.
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
vendor/gitlab.com/gitlab-org/gitaly/NOTICE
0 → 100644
View file @
c303f246
This source diff could not be displayed because it is too large. You can
view the blob
instead.
vendor/gitlab.com/gitlab-org/gitaly/auth/rpccredentials.go
0 → 100644
View file @
c303f246
package
gitalyauth
import
(
"encoding/base64"
"golang.org/x/net/context"
"google.golang.org/grpc/credentials"
)
// RPCCredentials can be used with grpc.WithPerRPCCredentials to create a
// grpc.DialOption that inserts the supplied token for authentication
// with a Gitaly server.
func
RPCCredentials
(
token
string
)
credentials
.
PerRPCCredentials
{
return
&
rpcCredentials
{
token
:
base64
.
StdEncoding
.
EncodeToString
([]
byte
(
token
))}
}
type
rpcCredentials
struct
{
token
string
}
func
(
*
rpcCredentials
)
RequireTransportSecurity
()
bool
{
return
false
}
func
(
rc
*
rpcCredentials
)
GetRequestMetadata
(
context
.
Context
,
...
string
)
(
map
[
string
]
string
,
error
)
{
return
map
[
string
]
string
{
"authorization"
:
"Bearer "
+
rc
.
token
},
nil
}
vendor/vendor.json
View file @
c303f246
...
@@ -143,6 +143,14 @@
...
@@ -143,6 +143,14 @@
"version"
:
"v0.9.0"
,
"version"
:
"v0.9.0"
,
"versionExact"
:
"v0.9.0"
"versionExact"
:
"v0.9.0"
},
},
{
"checksumSHA1"
:
"dUHJbKas746n5fLzlwxHb6FOCxs="
,
"path"
:
"gitlab.com/gitlab-org/gitaly/auth"
,
"revision"
:
"b933e5ce4843ec6c332a0184afb8e69820cc9050"
,
"revisionTime"
:
"2017-06-22T09:36:09Z"
,
"version"
:
"v0.13.0"
,
"versionExact"
:
"v0.13.0"
},
{
{
"checksumSHA1"
:
"9jjO5GjLa0XF/nfWihF02RoH4qc="
,
"checksumSHA1"
:
"9jjO5GjLa0XF/nfWihF02RoH4qc="
,
"path"
:
"golang.org/x/net/context"
,
"path"
:
"golang.org/x/net/context"
,
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment