Add Workhorse support for HTTPS backend
What does this MR do?
I can't tell why this panic was added way back when, but it is now blocking a new Geo feature #325732 (comment 644501257)
Resolves #337794 (closed)
How to setup and validate locally (strongly suggested)
How to enable the feature on your local Geo secondary site
- Checkout this branch on your local Geo secondary site
cd <path to gdk-geo directory>
- Edit
Procfile
- Find the line that begins
gitlab-workhorse: exec /usr/bin/env PATH=
- Add
GEO_SECONDARY_PROXY=1
so the line looks likegitlab-workhorse: exec /usr/bin/env GEO_SECONDARY_PROXY=1 PATH=
make gitlab-workhorse-update && gdk restart gitlab-workhorse && gdk tail gitlab-workhorse
- In another Terminal:
cd <path to gdk directory (the primary)>/gitlab
bin/rails runner "Feature.enable(:geo_secondary_proxy)"
When you visit http://gdk.test:3001 (your Geo secondary site), it should appear as though you are visiting the primary site. You can search your Workhorse log for messages containing the string Geo Proxy
to see some related info. You can change your Workhorse log level to debug
to see a more related messages. Your primary site's Workhorse log should show requests coming from the secondary site.
How to validate the feature
The idea is that we want to change the Geo primary site's Internal URL to be an https
URL so that you can observe the Geo secondary site's Workhorse proxying to that https
URL without a problem.
- Visit http://gdk.test:3000 (your Geo primary site)
- Navigate to Admin > Geo > Nodes
- Click Edit on the Geo primary site
- Get https://ngrok.com/
- Run
./ngrok http 3000
- Copy the
https
ngrok URL, let's say it'shttps://8c921afabba4.ngrok.io
- Paste it into the
Internal URL
field - Click
Save
- Within a minute, the secondary site's workhorse log should say e.g.:
2021-08-06_22:21:18.82125 gitlab-workhorse : {"level":"info","msg":"Geo Proxy: URL changed","newGeoProxyURL":{"Scheme":"https","Opaque":"","User":null,"Host":"8c921afabba4.ngrok.io","Path":"/","RawPath":"","ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""},"oldGeoProxyURL":{"Scheme":"http","Opaque":"","User":null,"Host":"gdk.test:3000","Path":"/","RawPath":"","ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""},"time":"2021-08-06T15:21:18-07:00"}
You should be able to visit the secondary (and get proxied to the primary). Your ngrok log should show the requests as well.
Does this MR meet the acceptance criteria?
Conformity
- [-] I have included changelog trailers, or none are needed. (Does this MR need a changelog?) => not released yet
- [-] I have added/updated documentation, or it's not needed. (Is documentation required?)
-
I have properly separated EE content from FOSS, or this MR is FOSS only. (Where should EE code go?) - [-] I have added information for database reviewers in the MR description, or it's not needed. (Does this MR have database related changes?)
-
I have self-reviewed this MR per code review guidelines. -
This MR does not harm performance, or I have asked a reviewer to help assess the performance impact. (Merge request performance guidelines) -
I have followed the style guides. -
This change is backwards compatible across updates, or this does not apply.
Availability and Testing
-
I have added/updated tests following the Testing Guide, or it's not needed. (Consider all test levels. See the Test Planning Process.)