Reject Incoming API Writes on During Final Import
Context
During the migration, we lock repositories in read-only mode as described in the Gradual Migration Plan on the rails side via refusing to issue API tokens requesting write scopes for that repository.
Problem
Since tokens are valid for some time, this locking is not absolute in call cases. The worst case for this would be locking a repository directly after issuing and API token with write scopes.
Currently, there's no mechanism to enforce read-only at the repository level on the container registry and the instance-wide read-only mode is accomplished by dynamically removing write request routes of the registry API, so that cannot be adapted for this purpose.
Proposal
Cancel Imports on Write
During the migration, all requests are routed before interacting with the API handlers. If we mark detect an incoming write for a repository being migrated, we can flag that import as canceled
via the migration_status column and retry the import at a later time.
Reject Incoming API Writes on Import
During the migration, all requests are routed before interacting with the API handlers. If we mark detect an incoming write for a repository during final import, we can reject that write request to allow the final import to continue un interrupted.
There is a risk of repositories getting stuck in import_in_progress
so rails should cancel the import via (DELETE)#526 (closed)) for very long-running final imports.