Add new endpoint to add support to proxy websocket requests to build's services
In order to implement https://gitlab.com/gitlab-org/gitlab-ee/issues/5276 we need several modifications and one of them is in Workhorse.
We need to support creating a proxy from Rails to services running inside Runner builds. This proxy needs to support websocket connections (like we already do with the terminal).
Regular HTTP requests will be handled in a later MR.
How to test this MR
Note: at the moment only the kubernetes executor allows this proxy thing to services
In order to easily test this MR I suggest checking out the different branches involved in every component.
- Rails EE branch:
fj-5276-mirror-webide-changes
- Workhorse branch:
fj-proxy-webide-services
- Runner branch:
fj-add-build-proxies
Now open a project in the Web IDE, and create the file .gitlab/.gitlab-webide.yml
, and add the following content:
terminal:
image:
name: alpine:3.9
ports:
- 80
services:
- name: tomcat
alias: tomcat
ports:
- number: 8080
protocol: http
- name: cgorka/websocketnode
alias: websocket
ports:
- 4005
In the runner, I suggest using minikube for this because it will be easier. We have to update the Kubernetes RBAC configuration. Create a file called, ie role.yml
with the following content:
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
namespace: default
name: ci
rules:
- apiGroups: [""] # "" indicates the core API group
resources: ["pods", "pods/exec", "secrets", "services/proxy"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete", "attach"]
Now, execute in the terminal: kubectl apply -f role.yml
. With this permissions update, we're allowing Kubernetes to access services using websockets connection through the API.
In Rails, we need to enable the feature flag build_service_proxy
. To enable the flag you have to run in the Rails console: Feature.enable(:build_service_proxy)
Once everything has been set we can go to the Web IDE again. Once we have the build running some quick and dirty HTML components will appear.
For the websockets connection, just click the TestWSS
button. With the inspector open you should see some messages. Besides, you can write on the text box in order to receive an echo message.
We can't access the service at present, this will be added in a later MR.
Refs https://gitlab.com/gitlab-org/gitlab-ee/issues/5276 and closes #205 (closed)