Provide tools for setting custom hooks in repositories
Release Notes
In previous versions of GitLab, administrators needed to directly access the file system that stored a repository to add custom hooks.
Now, administrators can set server hooks for a repository using the new the hooks set
command in the Gitaly CLI. The Gitaly CLI command targets an individual Gitaly node and applies the provided custom Git hooks to the specified repository. This tool can be leveraged to programmatically rollout Git hooks across repositories in Gitaly.
It should be noted that all existing hooks will continue to function as expected. However, moving forward, hooks set
will be the only way to configure new hooks.
This does not yet work for Gitaly Cluster, but this effort paves the way for us to automatically replicate repository hooks amongst a cluster. Please follow that effort here.
Documentation: https://docs.gitlab.com/ee/administration/server_hooks.html#create-server-hooks-for-a-repository
Description
Custom hooks are in a bad state on Gitaly Cluster. Our documentation advises installing custom hooks in repositories by navigating on the disk to the repository and plugging them in. This has number of problems:
- The hooks are not set through the API.
- Praefect would have no knowledge of the hooks being updated.
- Write-ahead logging and Raft requires every modification to go through the API so it can be logged properly.
- Hooks are not replicated to begin with: #4158 (closed).
- With Praefect-generated replica paths, the process is even more confusing for users as they have to translate from hashed storage paths to replica paths in order to find the right repository.
We can improve upon this by providing an endpoint that sets custom hooks in a repository. This allows for Praefect tracking the changes and later logging the custom hooks. This then makes replicating them possible. As this is an API, the path translation would happen transparently and users wouldn't have to manually translate paths to find repositories. This more generally supports the direction of not having any on disk modifications to the repositories without going through the API.
We already have RestoreCustomHooks
which takes in a TAR archive and unpacks it in the custom hooks directory. It might be sufficient for us to just generalize this RPC to SetCustomHooks
.
We should also provide a CLI tool that an admin can use to set hooks on a repository. It should just call the above endpoint. In the future, this endpoint could be integrated in GitLab's admin panel possibly.
/cc @andrashorvath @mjwood this is something we should pick up sooner than later due to the difficulties with the hooks.
Testing & Availability
Part of testing for this should include updating our E2E test suite to make use of this feature to add server hooks - Move creation of Server Hooks to API (gitlab-qa#702)