Workhorse: HTTP endpoint for bidirectional SSH git-upload-pack data
Overview
The general information can be found in Cells: SSH Routing for Git Pull (&13532)
This issue is about introducing a Workhorse endpoint for serving bidirectional SSH git-upload-pack data. It requires making the experiment performed in this MR Draft: Poc: HTTP endpoint for fetching gRPC git... (!146227 - closed) production-ready.
Prerequisites
- The MR uses https://pkg.go.dev/net/http#ResponseController.EnableFullDuplex function that has been introduced in 1.21
- We can remove support for 1.20 in 17.0 according to #446067 (comment 1830197701)
Authentication
The PoC MR authenticates requires via JWT tokens signed by GitLab Shell secret. But it has been done for demo purposes.
The blueprint describes the details of the solution for Geo and Cells. Let's focus on Geo first and introduce Geo authorization check for the endpoint similar to:
Edited by Igor Drozdov