gitlab-ce: leave pool if public forked project changes to private/internal
Participant repositories in dedup pools cannot keep all objects private. When a public fork project gets taken private we must assume that the owner does not want Git data in the now private project to be accessible via public sibling forks. To solve this we must retract the project's repo from the dedup pool.
This is of course very easy if the repo is not in a pool to begin with. If it is, the steps would be:
- SQL: mark project as "repo transitioning to private". git pushes are blocked
- Gitaly: PoolService::PrepareLeavePool (this is slow, it is almost like creating a new clone)
- Gitaly: PoolService::UnlinkRepositoryFromPool
- SQL: unmark "repo transitioning to private". git pushes no longer blocked
This behavior must happen regardless of whether the pool dedup feature flag is enabled.
It would be very nice if we didn't have to block git pushes. It's not clear yet if this can be avoided.
Edited by John Cai