gitlab-org--gitlab-foss/lib/gitlab/workhorse.rb

require 'base64'
require 'json'
require 'securerandom'
require 'uri'

module Gitlab
  class Workhorse
    SEND_DATA_HEADER = 'Gitlab-Workhorse-Send-Data'.freeze
    VERSION_FILE = 'GITLAB_WORKHORSE_VERSION'.freeze
    INTERNAL_API_CONTENT_TYPE = 'application/vnd.gitlab-workhorse+json'.freeze
    INTERNAL_API_REQUEST_HEADER = 'Gitlab-Workhorse-Api-Request'.freeze
    NOTIFICATION_CHANNEL = 'workhorse:notifications'.freeze

    # Supposedly the effective key size for HMAC-SHA256 is 256 bits, i.e. 32
    # bytes https://tools.ietf.org/html/rfc4868#section-2.6
    SECRET_LENGTH = 32

    class << self
      def git_http_ok(repository, is_wiki, user, action)
        project = repository.project
        repo_path = repository.path_to_repo
        params = {
          GL_ID: Gitlab::GlId.gl_id(user),
          GL_REPOSITORY: Gitlab::GlRepository.gl_repository(project, is_wiki),
          GL_USERNAME: user&.username,
          RepoPath: repo_path
        }
        server = {
          address: Gitlab::GitalyClient.address(project.repository_storage),
          token: Gitlab::GitalyClient.token(project.repository_storage)
        }
        params[:Repository] = repository.gitaly_repository.to_h

        feature_enabled = case action.to_s
                          when 'git_receive_pack'
                            Gitlab::GitalyClient.feature_enabled?(:post_receive_pack)
                          when 'git_upload_pack'
                            true
                          when 'info_refs'
                            true
                          else
                            raise "Unsupported action: #{action}"
                          end
        if feature_enabled
          params[:GitalyServer] = server
        end

        params
      end

      def lfs_upload_ok(oid, size)
        {
          StoreLFSPath: "#{Gitlab.config.lfs.storage_path}/tmp/upload",
          LfsOid: oid,
          LfsSize: size
        }
      end

      def artifact_upload_ok
        { TempPath: ArtifactUploader.artifacts_upload_path }
      end

      def send_git_blob(repository, blob)
        params = if Gitlab::GitalyClient.feature_enabled?(:workhorse_raw_show)
                   {
                     'GitalyServer' => gitaly_server_hash(repository),
                     'GetBlobRequest' => {
                       repository: repository.gitaly_repository.to_h,
                       oid: blob.id,
                       limit: -1
                     }
                   }
                 else
                   {
                     'RepoPath' => repository.path_to_repo,
                     'BlobId' => blob.id
                   }
                 end

        [
          SEND_DATA_HEADER,
          "git-blob:#{encode(params)}"
        ]
      end

      def send_git_archive(repository, ref:, format:)
        format ||= 'tar.gz'
        format.downcase!
        params = repository.archive_metadata(ref, Gitlab.config.gitlab.repository_downloads_path, format)
        raise "Repository or ref not found" if params.empty?

        [
          SEND_DATA_HEADER,
          "git-archive:#{encode(params)}"
        ]
      end

      def send_git_diff(repository, diff_refs)
        params = {
          'RepoPath'  => repository.path_to_repo,
          'ShaFrom'   => diff_refs.base_sha,
          'ShaTo'     => diff_refs.head_sha
        }

        [
          SEND_DATA_HEADER,
          "git-diff:#{encode(params)}"
        ]
      end

      def send_git_patch(repository, diff_refs)
        params = {
          'RepoPath'  => repository.path_to_repo,
          'ShaFrom'   => diff_refs.base_sha,
          'ShaTo'     => diff_refs.head_sha
        }

        [
          SEND_DATA_HEADER,
          "git-format-patch:#{encode(params)}"
        ]
      end

      def send_artifacts_entry(build, entry)
        params = {
          'Archive' => build.artifacts_file.path,
          'Entry' => Base64.encode64(entry.to_s)
        }

        [
          SEND_DATA_HEADER,
          "artifacts-entry:#{encode(params)}"
        ]
      end

      def terminal_websocket(terminal)
        details = {
          'Terminal' => {
            'Subprotocols' => terminal[:subprotocols],
            'Url' => terminal[:url],
            'Header' => terminal[:headers],
            'MaxSessionTime' => terminal[:max_session_time]
          }
        }
        details['Terminal']['CAPem'] = terminal[:ca_pem] if terminal.key?(:ca_pem)

        details
      end

      def version
        path = Rails.root.join(VERSION_FILE)
        path.readable? ? path.read.chomp : 'unknown'
      end

      def secret
        @secret ||= begin
          bytes = Base64.strict_decode64(File.read(secret_path).chomp)
          raise "#{secret_path} does not contain #{SECRET_LENGTH} bytes" if bytes.length != SECRET_LENGTH
          bytes
        end
      end

      def write_secret
        bytes = SecureRandom.random_bytes(SECRET_LENGTH)
        File.open(secret_path, 'w:BINARY', 0600) do |f|
          f.chmod(0600) # If the file already existed, the '0600' passed to 'open' above was a no-op.
          f.write(Base64.strict_encode64(bytes))
        end
      end

      def verify_api_request!(request_headers)
        decode_jwt(request_headers[INTERNAL_API_REQUEST_HEADER])
      end

      def decode_jwt(encoded_message)
        JWT.decode(
          encoded_message,
          secret,
          true,
          { iss: 'gitlab-workhorse', verify_iss: true, algorithm: 'HS256' }
        )
      end

      def secret_path
        Gitlab.config.workhorse.secret_file
      end

      def set_key_and_notify(key, value, expire: nil, overwrite: true)
        Gitlab::Redis::Queues.with do |redis|
          result = redis.set(key, value, ex: expire, nx: !overwrite)
          if result
            redis.publish(NOTIFICATION_CHANNEL, "#{key}=#{value}")
            value
          else
            redis.get(key)
          end
        end
      end

      protected

      def encode(hash)
        Base64.urlsafe_encode64(JSON.dump(hash))
      end

      def gitaly_server_hash(repository)
        {
          address: Gitlab::GitalyClient.address(repository.project.repository_storage),
          token: Gitlab::GitalyClient.token(repository.project.repository_storage)
        }
      end
    end
  end
end
Use only one header to send git blobs 2016-02-01 10:33:22 +00:00			`require 'base64'`
			`require 'json'`
Verify JWT messages from gitlab-workhorse 2016-08-19 17:10:41 +00:00			`require 'securerandom'`
Change socket_path to gitaly_address 2017-03-24 17:22:42 +00:00			`require 'uri'`
Use only one header to send git blobs 2016-02-01 10:33:22 +00:00
			`module Gitlab`
			`class Workhorse`
Enable Style/MutableConstant 2017-02-21 23:32:18 +00:00			`SEND_DATA_HEADER = 'Gitlab-Workhorse-Send-Data'.freeze`
			`VERSION_FILE = 'GITLAB_WORKHORSE_VERSION'.freeze`
			`INTERNAL_API_CONTENT_TYPE = 'application/vnd.gitlab-workhorse+json'.freeze`
			`INTERNAL_API_REQUEST_HEADER = 'Gitlab-Workhorse-Api-Request'.freeze`
Add support for Workhorse notifications 2017-02-28 11:07:04 +00:00			`NOTIFICATION_CHANNEL = 'workhorse:notifications'.freeze`
Verify JWT messages from gitlab-workhorse 2016-08-19 17:10:41 +00:00
			`# Supposedly the effective key size for HMAC-SHA256 is 256 bits, i.e. 32`
			`# bytes https://tools.ietf.org/html/rfc4868#section-2.6`
			`SECRET_LENGTH = 32`
First version of "git archive" headers 2016-02-02 13:09:55 +00:00
Fix API 2016-02-11 17:10:14 +00:00			`class << self`
Pass GL_REPOSITORY in Workhorse responses 2017-05-03 21:07:54 +00:00			`def git_http_ok(repository, is_wiki, user, action)`
			`project = repository.project`
Pass Gitaly Repository messages to workhorse 2017-03-30 16:48:22 +00:00			`repo_path = repository.path_to_repo`
Pass Gitaly resource path to gitlab-workhorse if Gitaly is enabled 2016-12-26 17:15:40 +00:00			`params = {`
Verify JWT messages from gitlab-workhorse 2016-08-19 17:10:41 +00:00			`GL_ID: Gitlab::GlId.gl_id(user),`
Pass GL_REPOSITORY in Workhorse responses 2017-05-03 21:07:54 +00:00			`GL_REPOSITORY: Gitlab::GlRepository.gl_repository(project, is_wiki),`
add username to authorized result, so that gitlab-shell can pass it to hooks 2017-08-03 18:38:33 +00:00			`GL_USERNAME: user&.username,`
Enable the Style/TrailingCommaInLiteral cop Use the EnforcedStyleForMultiline: no_comma option. Signed-off-by: Rémy Coutable <remy@rymai.me> 2017-05-03 11:22:03 +00:00			`RepoPath: repo_path`
Move workhorse protocol code into lib 2016-04-06 15:52:12 +00:00			`}`
Remove option to disable Gitaly completely 2017-07-06 12:45:29 +00:00			`server = {`
			`address: Gitlab::GitalyClient.address(project.repository_storage),`
			`token: Gitlab::GitalyClient.token(project.repository_storage)`
			`}`
			`params[:Repository] = repository.gitaly_repository.to_h`
Add feature flags for enabling (Upload\|Receive)Pack for Gitaly Closes gitaly#168 2017-03-30 15:24:36 +00:00
Remove option to disable Gitaly completely 2017-07-06 12:45:29 +00:00			`feature_enabled = case action.to_s`
			`when 'git_receive_pack'`
			`Gitlab::GitalyClient.feature_enabled?(:post_receive_pack)`
			`when 'git_upload_pack'`
Make Gitaly PostUploadPack mandatory 2017-09-01 08:45:19 +00:00			`true`
Remove option to disable Gitaly completely 2017-07-06 12:45:29 +00:00			`when 'info_refs'`
			`true`
			`else`
			`raise "Unsupported action: #{action}"`
			`end`
			`if feature_enabled`
			`params[:GitalyServer] = server`
Change socket_path to gitaly_address 2017-03-24 17:22:42 +00:00			`end`
Pass Gitaly resource path to gitlab-workhorse if Gitaly is enabled 2016-12-26 17:15:40 +00:00
			`params`
Move workhorse protocol code into lib 2016-04-06 15:52:12 +00:00			`end`

Verify JWT messages from gitlab-workhorse 2016-08-19 17:10:41 +00:00			`def lfs_upload_ok(oid, size)`
			`{`
			`StoreLFSPath: "#{Gitlab.config.lfs.storage_path}/tmp/upload",`
			`LfsOid: oid,`
Enable the Style/TrailingCommaInLiteral cop Use the EnforcedStyleForMultiline: no_comma option. Signed-off-by: Rémy Coutable <remy@rymai.me> 2017-05-03 11:22:03 +00:00			`LfsSize: size`
Verify JWT messages from gitlab-workhorse 2016-08-19 17:10:41 +00:00			`}`
			`end`

			`def artifact_upload_ok`
			`{ TempPath: ArtifactUploader.artifacts_upload_path }`
			`end`

Use only one header to send git blobs 2016-02-01 10:33:22 +00:00			`def send_git_blob(repository, blob)`
Use a unique feature name for Workhorse send blob migration 2017-07-24 05:07:20 +00:00			`params = if Gitlab::GitalyClient.feature_enabled?(:workhorse_raw_show)`
Migrate Workhorse SendBlob to Gitaly 2017-07-10 03:43:20 +00:00			`{`
			`'GitalyServer' => gitaly_server_hash(repository),`
			`'GetBlobRequest' => {`
			`repository: repository.gitaly_repository.to_h,`
			`oid: blob.id,`
			`limit: -1`
			`}`
			`}`
			`else`
			`{`
			`'RepoPath' => repository.path_to_repo,`
			`'BlobId' => blob.id`
			`}`
			`end`
Use only one header to send git blobs 2016-02-01 10:33:22 +00:00
			`[`
First version of "git archive" headers 2016-02-02 13:09:55 +00:00			`SEND_DATA_HEADER,`
Add send_git_diff helper 2016-06-08 12:30:15 +00:00			`"git-blob:#{encode(params)}"`
Use only one header to send git blobs 2016-02-01 10:33:22 +00:00			`]`
			`end`
First version of "git archive" headers 2016-02-02 13:09:55 +00:00
Add workhorse controller and API helpers 2016-06-06 11:16:30 +00:00			`def send_git_archive(repository, ref:, format:)`
First version of "git archive" headers 2016-02-02 13:09:55 +00:00			`format \|\|= 'tar.gz'`
			`format.downcase!`
Add workhorse controller and API helpers 2016-06-06 11:16:30 +00:00			`params = repository.archive_metadata(ref, Gitlab.config.gitlab.repository_downloads_path, format)`
First version of "git archive" headers 2016-02-02 13:09:55 +00:00			`raise "Repository or ref not found" if params.empty?`

			`[`
			`SEND_DATA_HEADER,`
Add send_git_diff helper 2016-06-08 12:30:15 +00:00			`"git-archive:#{encode(params)}"`
First version of "git archive" headers 2016-02-02 13:09:55 +00:00			`]`
			`end`
Workhorse to serve raw diffs 2016-05-12 18:50:49 +00:00
Add send_git_diff helper 2016-06-08 12:30:15 +00:00			`def send_git_diff(repository, diff_refs)`
Workhorse to serve raw diffs 2016-05-12 18:50:49 +00:00			`params = {`
Add send_git_diff helper 2016-06-08 12:30:15 +00:00			`'RepoPath' => repository.path_to_repo,`
Use base SHA for patches and diffs This commit changes the revisions used for diffs. The current behaviour is to show all changes between current tip of master and tip of the MR, rather than matching the output of the web frontend (which just shows the changes in the MR). Switching from start_sha to base_sha fixes this. 2016-09-20 16:21:52 +00:00			`'ShaFrom' => diff_refs.base_sha,`
Represent DiffRefs as proper class instead of tuple array 2016-06-20 16:51:48 +00:00			`'ShaTo' => diff_refs.head_sha`
Workhorse to serve raw diffs 2016-05-12 18:50:49 +00:00			`}`

			`[`
			`SEND_DATA_HEADER,`
			`"git-diff:#{encode(params)}"`
First version of "git archive" headers 2016-02-02 13:09:55 +00:00			`]`
			`end`
Add workhorse controller and API helpers 2016-06-06 11:16:30 +00:00
Add send_git_patch helper 2016-07-03 21:01:13 +00:00			`def send_git_patch(repository, diff_refs)`
Workhorse to serve email diffs Depends on the changes in Workhorse (gitlab-org/gitlab-workhorse!48). 2016-06-10 12:57:50 +00:00			`params = {`
Bump workhorse version 2016-06-28 12:59:25 +00:00			`'RepoPath' => repository.path_to_repo,`
Use base SHA for patches and diffs This commit changes the revisions used for diffs. The current behaviour is to show all changes between current tip of master and tip of the MR, rather than matching the output of the web frontend (which just shows the changes in the MR). Switching from start_sha to base_sha fixes this. 2016-09-20 16:21:52 +00:00			`'ShaFrom' => diff_refs.base_sha,`
Add send_git_patch helper 2016-07-03 21:01:13 +00:00			`'ShaTo' => diff_refs.head_sha`
Workhorse to serve email diffs Depends on the changes in Workhorse (gitlab-org/gitlab-workhorse!48). 2016-06-10 12:57:50 +00:00			`}`

			`[`
Bump workhorse version 2016-06-28 12:59:25 +00:00			`SEND_DATA_HEADER,`
Workhorse to serve email diffs Depends on the changes in Workhorse (gitlab-org/gitlab-workhorse!48). 2016-06-10 12:57:50 +00:00			`"git-format-patch:#{encode(params)}"`
			`]`
			`end`

Backport the EE signature of Gitlab::Workhorse#send_artifacts_entry Signed-off-by: Rémy Coutable <remy@rymai.me> 2017-09-08 12:04:44 +00:00			`def send_artifacts_entry(build, entry)`
Use Gitlab-Workhorse-Send-Data to send entry: Closes #19224, Closes #19128 Also requires this MR to work: https://gitlab.com/gitlab-org/gitlab-workhorse/merge_requests/53 2016-07-05 14:58:38 +00:00			`params = {`
			`'Archive' => build.artifacts_file.path,`
Backport the EE signature of Gitlab::Workhorse#send_artifacts_entry Signed-off-by: Rémy Coutable <remy@rymai.me> 2017-09-08 12:04:44 +00:00			`'Entry' => Base64.encode64(entry.to_s)`
Use Gitlab-Workhorse-Send-Data to send entry: Closes #19224, Closes #19128 Also requires this MR to work: https://gitlab.com/gitlab-org/gitlab-workhorse/merge_requests/53 2016-07-05 14:58:38 +00:00			`}`

			`[`
			`SEND_DATA_HEADER,`
			`"artifacts-entry:#{encode(params)}"`
			`]`
			`end`

Add terminals to the Kubernetes deployment service 2016-11-22 19:55:56 +00:00			`def terminal_websocket(terminal)`
			`details = {`
			`'Terminal' => {`
			`'Subprotocols' => terminal[:subprotocols],`
			`'Url' => terminal[:url],`
Introduce maximum session time for terminal websocket connection Store the value in application settings. Expose the value to Workhorse. 2017-01-26 18:16:50 +00:00			`'Header' => terminal[:headers],`
Enable the Style/TrailingCommaInLiteral cop Use the EnforcedStyleForMultiline: no_comma option. Signed-off-by: Rémy Coutable <remy@rymai.me> 2017-05-03 11:22:03 +00:00			`'MaxSessionTime' => terminal[:max_session_time]`
Add terminals to the Kubernetes deployment service 2016-11-22 19:55:56 +00:00			`}`
			`}`
Enable the Style/PreferredHashMethods cop Signed-off-by: Rémy Coutable <remy@rymai.me> 2017-06-02 17:11:26 +00:00			`details['Terminal']['CAPem'] = terminal[:ca_pem] if terminal.key?(:ca_pem)`
Add terminals to the Kubernetes deployment service 2016-11-22 19:55:56 +00:00
			`details`
			`end`

Add gitlab-workhorse version to admin dashboard Test for showing GitLab Workhorse version on Admin Dashboard Refactoring 2016-07-18 11:58:08 +00:00			`def version`
If version file is unavailable unknown status 2016-07-21 20:04:28 +00:00			`path = Rails.root.join(VERSION_FILE)`
			`path.readable? ? path.read.chomp : 'unknown'`
Add gitlab-workhorse version to admin dashboard Test for showing GitLab Workhorse version on Admin Dashboard Refactoring 2016-07-18 11:58:08 +00:00			`end`

Verify JWT messages from gitlab-workhorse 2016-08-19 17:10:41 +00:00			`def secret`
			`@secret \|\|= begin`
Allow trailing newline in secret base64 data 2016-09-13 17:45:02 +00:00			`bytes = Base64.strict_decode64(File.read(secret_path).chomp)`
Verify JWT messages from gitlab-workhorse 2016-08-19 17:10:41 +00:00			`raise "#{secret_path} does not contain #{SECRET_LENGTH} bytes" if bytes.length != SECRET_LENGTH`
			`bytes`
			`end`
			`end`
Use base SHA for patches and diffs This commit changes the revisions used for diffs. The current behaviour is to show all changes between current tip of master and tip of the MR, rather than matching the output of the web frontend (which just shows the changes in the MR). Switching from start_sha to base_sha fixes this. 2016-09-20 16:21:52 +00:00
Verify JWT messages from gitlab-workhorse 2016-08-19 17:10:41 +00:00			`def write_secret`
			`bytes = SecureRandom.random_bytes(SECRET_LENGTH)`
Use base SHA for patches and diffs This commit changes the revisions used for diffs. The current behaviour is to show all changes between current tip of master and tip of the MR, rather than matching the output of the web frontend (which just shows the changes in the MR). Switching from start_sha to base_sha fixes this. 2016-09-20 16:21:52 +00:00			`File.open(secret_path, 'w:BINARY', 0600) do \|f\|`
Explain the extra chmod 2016-09-26 12:21:39 +00:00			`f.chmod(0600) # If the file already existed, the '0600' passed to 'open' above was a no-op.`
Verify JWT messages from gitlab-workhorse 2016-08-19 17:10:41 +00:00			`f.write(Base64.strict_encode64(bytes))`
			`end`
			`end`
Use base SHA for patches and diffs This commit changes the revisions used for diffs. The current behaviour is to show all changes between current tip of master and tip of the MR, rather than matching the output of the web frontend (which just shows the changes in the MR). Switching from start_sha to base_sha fixes this. 2016-09-20 16:21:52 +00:00
Verify JWT messages from gitlab-workhorse 2016-08-19 17:10:41 +00:00			`def verify_api_request!(request_headers)`
Add Gitlab::Middleware::Multipart 2016-08-18 14:31:44 +00:00			`decode_jwt(request_headers[INTERNAL_API_REQUEST_HEADER])`
			`end`

			`def decode_jwt(encoded_message)`
Verify JWT messages from gitlab-workhorse 2016-08-19 17:10:41 +00:00			`JWT.decode(`
Add Gitlab::Middleware::Multipart 2016-08-18 14:31:44 +00:00			`encoded_message,`
Verify JWT messages from gitlab-workhorse 2016-08-19 17:10:41 +00:00			`secret,`
			`true,`
Enable the Style/TrailingCommaInArguments cop Use the EnforcedStyleForMultiline: no_comma option. Signed-off-by: Rémy Coutable <remy@rymai.me> 2017-05-03 11:27:17 +00:00			`{ iss: 'gitlab-workhorse', verify_iss: true, algorithm: 'HS256' }`
Verify JWT messages from gitlab-workhorse 2016-08-19 17:10:41 +00:00			`)`
			`end`

			`def secret_path`
Make location of gitlab_workhorse_secret configurable Hard-coding location of configuration files is very bad practice. This patch applies the same approach as currently used for gitlab_shell_secret file. 2017-03-31 00:37:45 +00:00			`Gitlab.config.workhorse.secret_file`
Verify JWT messages from gitlab-workhorse 2016-08-19 17:10:41 +00:00			`end`
Use base SHA for patches and diffs This commit changes the revisions used for diffs. The current behaviour is to show all changes between current tip of master and tip of the MR, rather than matching the output of the web frontend (which just shows the changes in the MR). Switching from start_sha to base_sha fixes this. 2016-09-20 16:21:52 +00:00
Update notification code 2017-03-06 10:44:45 +00:00			`def set_key_and_notify(key, value, expire: nil, overwrite: true)`
Support multiple Redis instances based on queue type 2017-07-11 03:35:47 +00:00			`Gitlab::Redis::Queues.with do \|redis\|`
Add support for Workhorse notifications 2017-02-28 11:07:04 +00:00			`result = redis.set(key, value, ex: expire, nx: !overwrite)`
			`if result`
Update notification code 2017-03-06 10:44:45 +00:00			`redis.publish(NOTIFICATION_CHANNEL, "#{key}=#{value}")`
Add support for Workhorse notifications 2017-02-28 11:07:04 +00:00			`value`
			`else`
			`redis.get(key)`
			`end`
			`end`
			`end`

First version of "git archive" headers 2016-02-02 13:09:55 +00:00			`protected`
Add workhorse controller and API helpers 2016-06-06 11:16:30 +00:00
First version of "git archive" headers 2016-02-02 13:09:55 +00:00			`def encode(hash)`
			`Base64.urlsafe_encode64(JSON.dump(hash))`
			`end`
Migrate Workhorse SendBlob to Gitaly 2017-07-10 03:43:20 +00:00
			`def gitaly_server_hash(repository)`
			`{`
			`address: Gitlab::GitalyClient.address(repository.project.repository_storage),`
			`token: Gitlab::GitalyClient.token(repository.project.repository_storage)`
			`}`
			`end`
Use only one header to send git blobs 2016-02-01 10:33:22 +00:00			`end`
			`end`
Gotta have newlines 2016-02-01 11:27:35 +00:00			`end`