Skip to content

GitLab Rails Plan for "Allowing renaming projects with container repositories" on GitLab.com

Context

Following the work done in both #894 (closed) and pending in #895 (closed), we are now in a good position to hash out a plan for tackling the potential upddates to the rails backend to use the new "rename repository" API exposed by the registry to facilitate renaming a project from Gitlab rails.

Notes:

  • This feature is only applicable to .com (as it relies on both the metadata database and redis being available)
  • The registry endpoint will only allow requests of JWTs with pull scopes: {{repository-path}}/*, {{repository-path}} AND push scope: {{repository-path}}.

Consideration

  • Only GitLab rails is issued JWT pull scopes with both {{repository-path}}/* and{{repository-path}} (see https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/services/auth/container_registry_authentication_service.rb#L53) today. We will need to extend that codebase so GitLab rails will also be able to gain the push scope on {{repository-path}} in order to use the new rename endpoint.
  • Once the token has been provisioned by the container_registry_authentication_service we would then use it to call the new endpoint, following the flows highlighted in https://gitlab.com/gitlab-org/container-registry/-/blob/master/docs-gitlab/rename-base-repository-request-flow.md
    • The rename API has the option to non-stick dry_run option, allowing rails to check if a rename is even possible before attempting to start the rename
  • GitLab rails should only call the rename API on a project rename and should reference only the project path. This makes it impossible for a potential race condition when applying repository rename operations in the case where a prior lease has modified the name of a repository that a later lease was granted for as discussed here !1268 (comment 1338885850)
  • We will need a feature flag to toggle this feature off in production (if need be). But we should be confident enough after observing the feature in staging before proceeding to production.
  • UX frontend When a project rename is triggered by a user, the user should be notified first about the implications associated with doing a rename operation on a project's container repositories (see #427 (comment 1255525779) :

if you're renaming/moving a repository, keep in mind that during that process new uploads are forbidden and ongoing uploads may fail and need to be retried.

Edited by SAhmed