Geo: Proxy Git push over SSH via Workhorse, not Rails
Problem
See &8819
Proposal
Make gitlab-shell call the appropriate route on the secondary Workhorse to let the "new" proxying behavior handle the proxying, instead of the
proxy_git_ssh
routes which are proxied by Rails.
Before
sequenceDiagram
participant C as Git on client
participant S as GitLab Shell
participant I as Workhorse & Rails
participant P as Workhorse & Rails
Note left of C: git fetch
Note over S,I: Secondary site
Note over P: Primary site
C->>+S: ssh git receive-pack request
S->>I: SSH key validation (api/v4/internal/authorized_keys?key=..)
I-->>S: HTTP/1.1 300 (custom action status) with {endpoint, msg, primary_repo}
S->>I: POST /api/v4/geo/proxy_git_ssh/info_refs_receive_pack
I->>P: POST $PRIMARY/foo/bar.git/info/refs/?service=git-receive-pack
P-->>I: HTTP/1.1 200 OK
I-->>S: <response>
S-->>C: return Git response from primary
C-->>S: stream Git data to push
S->>I: POST /api/v4/geo/proxy_git_ssh/receive_pack
I->>P: POST $PRIMARY/foo/bar.git/git-receive-pack
P-->>I: HTTP/1.1 200 OK
I-->>S: <response>
S-->>-C: gitlab-shell receive-pack response
After
sequenceDiagram
participant C as Git on client
participant S as GitLab Shell
participant I as Workhorse & Rails
participant P as Workhorse & Rails
Note left of C: git fetch
Note over S,I: Secondary site
Note over P: Primary site
C->>+S: ssh git receive-pack request
S->>I: SSH key validation (api/v4/internal/authorized_keys?key=..)
I-->>S: HTTP/1.1 300 (custom action status) with {endpoint, msg, primary_repo}
S->>I: POST /-/push_from_secondary/2/foo/bar.git/info/refs/?service=git-receive-pack
I->>P: Proxy to primary
P-->>I: HTTP/1.1 200 OK
I-->>S: <response>
S-->>C: return Git response from primary
C-->>S: stream Git data to push
S->>I: POST /-/push_from_secondary/2/foo/bar.git/git-receive-pack
I->>P: Proxy to primary
P-->>I: HTTP/1.1 200 OK
I-->>S: <response>
S-->>-C: gitlab-shell receive-pack response
Note that this proposal is different from a previous initial attempt to proxy via Workhorse which was abandoned:
The difference is that today, we can take advantage of Workhorse proxying pieces already in place https://docs.gitlab.com/ee/administration/geo/secondary_proxy/index.html which allow Workhorse to proxy the stream to the primary instead of copying it. Though this proposal doesn't resolve the fact that gitlab-shell already holds a copy.
Edited by Michael Kozono