Commit graph

13 commits

Author SHA1 Message Date
GitLab Bot
edb317e9fe Add latest changes from gitlab-org/gitlab@master 2022-06-07 12:08:05 +00:00
GitLab Bot
046d6f5277 Add latest changes from gitlab-org/gitlab@master 2021-10-11 15:13:01 +00:00
GitLab Bot
79f759cc14 Add latest changes from gitlab-org/gitlab@master 2021-09-21 18:11:18 +00:00
GitLab Bot
7752bfa10f Add latest changes from gitlab-org/gitlab@master 2021-07-08 09:09:33 +00:00
GitLab Bot
22e9f240ef Add latest changes from gitlab-org/gitlab@master 2021-06-16 09:10:10 +00:00
GitLab Bot
c3afdb42dd Add latest changes from gitlab-org/gitlab@master 2021-06-01 18:10:04 +00:00
GitLab Bot
4c5468b408 Add latest changes from gitlab-org/gitlab@master 2020-06-24 15:08:50 +00:00
GitLab Bot
f3e7bc8060 Add latest changes from gitlab-org/gitlab@master 2020-06-02 18:08:32 +00:00
GitLab Bot
927df95cc4 Add latest changes from gitlab-org/gitlab@master 2020-05-15 12:08:28 +00:00
Thong Kuah
85b29c1c2f Add frozen_string_literal to spec/services
Probably useful as we often move these files to "new" files.
2019-04-12 10:14:54 +12:00
Nick Thomas
8b73df0cf5 Move sidekiq-based project authorization refresh out of Projects::CreateService
If the project is in a group, the `group.refresh_members_authorized_projects`
is made non-blocking, and we call `current_user.refresh_authorized_projects`
directly.

Projects in a personal namespace are more difficult. Rather than passing the
`blocking:` parameter through the entire `add_master` chain, have the
`AuthorizedProjectsWorker` automatically inline authorizations for three IDs or
less. Since the maximum number of IDs in this path is 2, that has the same effect.
2017-08-25 16:19:32 +01:00
Grzegorz Bizon
0430b76441 Enable Style/DotPosition Rubocop 👮 2017-06-21 13:48:12 +00:00
Yorick Peterse
88e627cf14
Fix race conditions for AuthorizedProjectsWorker
There were two cases that could be problematic:

1. Because sometimes AuthorizedProjectsWorker would be scheduled in a
   transaction it was possible for a job to run/complete before a
   COMMIT; resulting in it either producing an error, or producing no
   new data.

2. When scheduling jobs the code would not wait until completion. This
   could lead to a user creating a project and then immediately trying
   to push to it. Usually this will work fine, but given enough load it
   might take a few seconds before a user has access.

The first one is problematic, the second one is mostly just annoying
(but annoying enough to warrant a solution).

This commit changes two things to deal with this:

1. Sidekiq scheduling now takes places after a COMMIT, this is ensured
   by scheduling using Rails' after_commit hook instead of doing so in
   an arbitrary method.

2. When scheduling jobs the calling thread now waits for all jobs to
   complete.

Solution 2 requires tracking of job completions. Sidekiq provides a way
to find a job by its ID, but this involves scanning over the entire
queue; something that is very in-efficient for large queues. As such a
more efficient solution is necessary. There are two main Gems that can
do this in a more efficient manner:

* sidekiq-status
* sidekiq_status

No, this is not a joke. Both Gems do a similar thing (but slightly
different), and the only difference in their name is a dash vs an
underscore. Both Gems however provide far more than just checking if a
job has been completed, and both have their problems. sidekiq-status
does not appear to be actively maintained, with the last release being
in 2015. It also has some issues during testing as API calls are not
stubbed in any way. sidekiq_status on the other hand does not appear to
be very popular, and introduces a similar amount of code.

Because of this I opted to write a simple home grown solution. After
all, all we need is storing a job ID somewhere so we can efficiently
look it up; we don't need extra web UIs (as provided by sidekiq-status)
or complex APIs to update progress, etc.

This is where Gitlab::SidekiqStatus comes in handy. This namespace
contains some code used for tracking, removing, and looking up job IDs;
all without having to scan over an entire queue. Data is removed
explicitly, but also expires automatically just in case.

Using this API we can now schedule jobs in a fork-join like manner: we
schedule the jobs in Sidekiq, process them in parallel, then wait for
completion. By using Sidekiq we can leverage all the benefits such as
being able to scale across multiple cores and hosts, retrying failed
jobs, etc.

The one downside is that we need to make sure we can deal with
unexpected increases in job processing timings. To deal with this the
class Gitlab::JobWaiter (used for waiting for jobs to complete) will
only wait a number of seconds (30 by default). Once this timeout is
reached it will simply return.

For GitLab.com almost all AuthorizedProjectWorker jobs complete in
seconds, only very rarely do we spike to job timings of around a minute.
These in turn seem to be the result of external factors (e.g. deploys),
in which case a user is most likely not able to use the system anyway.

In short, this new solution should ensure that jobs are processed
properly and that in almost all cases a user has access to their
resources whenever they need to have access.
2017-01-25 13:22:15 +01:00