Review Request - Handling blocking calls to 3rd party API during authorization
Scaling Request
The feature/improvement we'd like some assistance with is: adding FortiAuthenticator push 2FA authentication.
The epic and relevant issues are: gitlab-org/gitlab!55253 (comment 519372867), gitlab-org&5203.
The reason we're asking for a scaling review on this item is: one of the 2FA providers uses blocking calls to handle verification. Too many of these calls just waiting could have a serious performance impact. We have a few ideas on how to handle this, but would love to have some expert eyes on it.
In particular, we are concerned about:
-
Memory -
Migrations -
N+1 -
Queueing -
Design implementation -
Other...
We're hoping to release this as part of milestone: 13.10.