Insert correlation id if missing or not trusted
Currently server correlation interceptors trust passed ID and do not insert an ID if it was not present. This MR makes it possible to disable trust for situations where gRPC request is coming from an untrusted source. It also changes the behavior to inject a random ID if none was present or if it's not trusted.
I'm exporting . (replaced with !80 (merged)) In Gitaly:RandomIDWithFallback()
because it's needed outside of LabKit too
- https://gitlab.com/gitlab-org/gitaly/-/blob/master/internal/praefect/coordinator.go#L690-700. It uses a similar/copied piece of code https://gitlab.com/gitlab-org/gitaly/-/blob/master/internal/praefect/correlation.go
- https://gitlab.com/gitlab-org/gitaly/-/blob/master/internal/gitalyssh/gitalyssh.go#L81-95. This uses a local generator, but does not wrap it in a mutex. It's a data race.
In Shell:
- https://gitlab.com/gitlab-org/gitlab-shell/-/blob/master/internal/command/command.go#L52-67. Would be better to use a pseudorandom ID than nothing at all.
@andrewn, this is what we discussed. Please let me know if I misunderstood something.
Edited by Mikhail Mazurskiy