sidechannel: Convert to use runtime directory to store sockets (!4428) · Merge requests · GitLab.org / gitaly

Patrick Steinhardt requested to merge pks-sidechannel-migrate-to-runtime-dir into master Mar 22, 2022

The sidechannel code is used to create sidechannels that circumvent gRPC for efficiency's sake. This socket is currently created in the system's temporary directory as returned by os.MkdirTemp(). This has the very real downside that it easily leaks created files and directories in case we have a logic bug anywhere.

We have recently introduced a new runtime directory that can help us in this situation: the runtime directory is created once at a central place and will be cleaned up when shutting down Gitaly. Consequentially, even if we leaked and sidechannel files, we'd still remove them on shutdown. And even if we didn't: the runtime directory is designed so that we can check whether it's used because it has the current process's PID as part of its component. So if a runtime directory exists whose PID doesn't refer to any existing process it's safe to remove. While we don't have any such logic yet, it can easily be added at a later point and have all code which started to use the runtime directory benefit at the same time.

Migrate the sidechannel code to create sockets in a subdirectory within the runtime directory called "sidechannel.d" if the runtime directory is set via the hooks payload.

Changelog: changed

Part of gitlab#353465 (closed)

Edited Mar 22, 2022 by Patrick Steinhardt

sidechannel: Convert to use runtime directory to store sockets

Merge request reports