From 38f1e4db09ef47758f600d1732105f969dfdb073 Mon Sep 17 00:00:00 2001 From: Igor Drozdov Date: Thu, 29 Feb 2024 11:54:14 +0100 Subject: [PATCH 1/6] Poc: Use SSH RPC exposed by Workhorse --- .../command/uploadpack/git_workhorse_call.go | 41 +++++++++++++++++++ internal/command/uploadpack/uploadpack.go | 5 +++ internal/gitlabnet/accessverifier/client.go | 3 ++ 3 files changed, 49 insertions(+) create mode 100644 internal/command/uploadpack/git_workhorse_call.go diff --git a/internal/command/uploadpack/git_workhorse_call.go b/internal/command/uploadpack/git_workhorse_call.go new file mode 100644 index 000000000..8ce3fccdf --- /dev/null +++ b/internal/command/uploadpack/git_workhorse_call.go @@ -0,0 +1,41 @@ +package uploadpack + +import ( + "context" + "crypto/tls" + "io" + "net" + "net/http" + + "golang.org/x/net/http2" + + "gitlab.com/gitlab-org/gitlab-shell/v14/internal/command/shared/accessverifier" +) + +func (c *Command) performWorkhorseCall(ctx context.Context, response *accessverifier.Response) error { + client := &http.Client{ + Transport: &http2.Transport{ + AllowHTTP: true, + DialTLSContext: func(ctx context.Context, network, addr string, cfg *tls.Config) (net.Conn, error) { + dialer := &net.Dialer{} + return dialer.DialContext(ctx, network, addr) + }, + }, + } + + req, err := http.NewRequestWithContext(ctx, http.MethodPost, response.GitRpcUrl, io.NopCloser(c.ReadWriter.In)) + if err != nil { + return err + } + req.Header.Set("Authorization", response.GitRpcAuthHeader) + + resp, err := client.Do(req) + if err != nil { + return err + } + defer resp.Body.Close() + + _, err = io.Copy(c.ReadWriter.Out, resp.Body) + + return err +} diff --git a/internal/command/uploadpack/uploadpack.go b/internal/command/uploadpack/uploadpack.go index 4ac80c481..6e973d820 100644 --- a/internal/command/uploadpack/uploadpack.go +++ b/internal/command/uploadpack/uploadpack.go @@ -65,6 +65,10 @@ func (c *Command) Execute(ctx context.Context) (context.Context, error) { return ctxWithLogData, customAction.Execute(ctx, response) } + if response.GitRpcUrl != "" { + return ctxWithLogData, c.performWorkhorseCall(ctx, response) + } + stats, err := c.performGitalyCall(ctx, response) if err != nil { return ctxWithLogData, err @@ -73,6 +77,7 @@ func (c *Command) Execute(ctx context.Context) (context.Context, error) { if response.NeedAudit { gitauditevent.Audit(ctx, c.Args.CommandType, c.Config, response, stats) } + return ctxWithLogData, nil } diff --git a/internal/gitlabnet/accessverifier/client.go b/internal/gitlabnet/accessverifier/client.go index 8ab5060a4..b9843d68e 100644 --- a/internal/gitlabnet/accessverifier/client.go +++ b/internal/gitlabnet/accessverifier/client.go @@ -84,6 +84,9 @@ type Response struct { StatusCode int // NeedAudit indicates whether git event should be audited to rails. NeedAudit bool `json:"need_audit"` + // GitRpcUrl is the url to fetch Git SSH data via HTTP + GitRpcUrl string `json:"git_rpc_url"` + GitRpcAuthHeader string `json:"git_rpc_auth_header"` } // NewClient creates a new instance of Client -- GitLab From a23773e8ed3ad11c5468b9a6a902244d6fd643be Mon Sep 17 00:00:00 2001 From: Igor Drozdov Date: Wed, 27 Mar 2024 18:13:01 +0100 Subject: [PATCH 2/6] Send HTTP/1.1 request instead of HTTP/2 With EnableFullDuplex() bidirectional communication works even for HTTP/1.1 --- internal/command/uploadpack/git_workhorse_call.go | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/internal/command/uploadpack/git_workhorse_call.go b/internal/command/uploadpack/git_workhorse_call.go index 8ce3fccdf..7fee85bd4 100644 --- a/internal/command/uploadpack/git_workhorse_call.go +++ b/internal/command/uploadpack/git_workhorse_call.go @@ -2,26 +2,14 @@ package uploadpack import ( "context" - "crypto/tls" "io" - "net" "net/http" - "golang.org/x/net/http2" - "gitlab.com/gitlab-org/gitlab-shell/v14/internal/command/shared/accessverifier" ) func (c *Command) performWorkhorseCall(ctx context.Context, response *accessverifier.Response) error { - client := &http.Client{ - Transport: &http2.Transport{ - AllowHTTP: true, - DialTLSContext: func(ctx context.Context, network, addr string, cfg *tls.Config) (net.Conn, error) { - dialer := &net.Dialer{} - return dialer.DialContext(ctx, network, addr) - }, - }, - } + client := &http.Client{} req, err := http.NewRequestWithContext(ctx, http.MethodPost, response.GitRpcUrl, io.NopCloser(c.ReadWriter.In)) if err != nil { -- GitLab From e5076c55bafddf2a4fda70ffcdd926c711c0308d Mon Sep 17 00:00:00 2001 From: Igor Drozdov Date: Thu, 28 Mar 2024 08:51:09 +0100 Subject: [PATCH 3/6] Perform gRPC Classify call before /allowed request --- client/gitlabnet.go | 25 ++++++++++--------- internal/cells/cells.go | 18 +++++++++++++ .../shared/customaction/customaction.go | 2 +- .../command/uploadpack/git_workhorse_call.go | 10 +++++--- internal/config/config.go | 15 +++++++++++ internal/gitlabnet/accessverifier/client.go | 21 ++++++++++++++-- 6 files changed, 73 insertions(+), 18 deletions(-) create mode 100644 internal/cells/cells.go diff --git a/client/gitlabnet.go b/client/gitlabnet.go index 16fc7dd1e..669f75f8b 100644 --- a/client/gitlabnet.go +++ b/client/gitlabnet.go @@ -30,11 +30,12 @@ type ErrorResponse struct { // GitlabNetClient is a client for interacting with GitLab API type GitlabNetClient struct { - httpClient *HTTPClient - user string - password string - secret string - userAgent string + HttpClient *HTTPClient + + user string + password string + secret string + userAgent string } // APIError represents an API error @@ -61,7 +62,7 @@ func NewGitlabNetClient( } return &GitlabNetClient{ - httpClient: httpClient, + HttpClient: httpClient, user: user, password: password, secret: secret, @@ -128,17 +129,17 @@ func parseError(resp *http.Response, respErr error) error { // Get makes a GET request func (c *GitlabNetClient) Get(ctx context.Context, path string) (*http.Response, error) { - return c.DoRequest(ctx, http.MethodGet, normalizePath(path), nil) + return c.DoRequest(ctx, http.MethodGet, c.HttpClient.Host, normalizePath(path), nil) } // Post makes a POST request func (c *GitlabNetClient) Post(ctx context.Context, path string, data interface{}) (*http.Response, error) { - return c.DoRequest(ctx, http.MethodPost, normalizePath(path), data) + return c.DoRequest(ctx, http.MethodPost, c.HttpClient.Host, normalizePath(path), data) } // Do executes a request func (c *GitlabNetClient) Do(request *http.Request) (*http.Response, error) { - response, respErr := c.httpClient.RetryableHTTP.HTTPClient.Do(request) + response, respErr := c.HttpClient.RetryableHTTP.HTTPClient.Do(request) if err := parseError(response, respErr); err != nil { return nil, err } @@ -147,8 +148,8 @@ func (c *GitlabNetClient) Do(request *http.Request) (*http.Response, error) { } // DoRequest executes a request with the given method, path, and data -func (c *GitlabNetClient) DoRequest(ctx context.Context, method, path string, data interface{}) (*http.Response, error) { - request, err := newRequest(ctx, method, c.httpClient.Host, path, data) +func (c *GitlabNetClient) DoRequest(ctx context.Context, method, host, path string, data interface{}) (*http.Response, error) { + request, err := newRequest(ctx, method, host, path, data) if err != nil { return nil, err } @@ -173,7 +174,7 @@ func (c *GitlabNetClient) DoRequest(ctx context.Context, method, path string, da request.Header.Add("Content-Type", "application/json") request.Header.Add("User-Agent", c.userAgent) - response, respErr := c.httpClient.RetryableHTTP.Do(request) + response, respErr := c.HttpClient.RetryableHTTP.Do(request) if err := parseError(response, respErr); err != nil { return nil, err } diff --git a/internal/cells/cells.go b/internal/cells/cells.go new file mode 100644 index 000000000..a088bc920 --- /dev/null +++ b/internal/cells/cells.go @@ -0,0 +1,18 @@ +package cells + +import ( + "google.golang.org/grpc" +) + +type Client struct { + conn *grpc.ClientConn +} + +func NewClient(url string) (*Client, error) { + conn, err := grpc.Dial(url, grpc.WithInsecure()) + if err != nil { + return nil, err + } + + return &Client{conn: conn}, nil +} diff --git a/internal/command/shared/customaction/customaction.go b/internal/command/shared/customaction/customaction.go index 6d160c281..a183e27fa 100644 --- a/internal/command/shared/customaction/customaction.go +++ b/internal/command/shared/customaction/customaction.go @@ -107,7 +107,7 @@ func (c *Command) processAPIEndpoints(ctx context.Context, response *accessverif } func (c *Command) performRequest(ctx context.Context, client *client.GitlabNetClient, endpoint string, request *Request) (*Response, error) { - response, err := client.DoRequest(ctx, http.MethodPost, endpoint, request) + response, err := client.DoRequest(ctx, http.MethodPost, client.HttpClient.Host, endpoint, request) if err != nil { return nil, err } diff --git a/internal/command/uploadpack/git_workhorse_call.go b/internal/command/uploadpack/git_workhorse_call.go index 7fee85bd4..d7efefd99 100644 --- a/internal/command/uploadpack/git_workhorse_call.go +++ b/internal/command/uploadpack/git_workhorse_call.go @@ -5,19 +5,23 @@ import ( "io" "net/http" + "gitlab.com/gitlab-org/gitlab-shell/v14/client" "gitlab.com/gitlab-org/gitlab-shell/v14/internal/command/shared/accessverifier" ) -func (c *Command) performWorkhorseCall(ctx context.Context, response *accessverifier.Response) error { - client := &http.Client{} +var httpClient = &http.Client{ + Transport: client.NewTransport(client.DefaultTransport()), +} +func (c *Command) performWorkhorseCall(ctx context.Context, response *accessverifier.Response) error { req, err := http.NewRequestWithContext(ctx, http.MethodPost, response.GitRpcUrl, io.NopCloser(c.ReadWriter.In)) if err != nil { return err } req.Header.Set("Authorization", response.GitRpcAuthHeader) + req.Header.Set("Git-Protocol", c.Args.Env.GitProtocolVersion) - resp, err := client.Do(req) + resp, err := httpClient.Do(req) if err != nil { return err } diff --git a/internal/config/config.go b/internal/config/config.go index 2c4363780..53f34694f 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -65,6 +65,12 @@ type LFSConfig struct { PureSSHProtocol bool // `yaml:"pure_ssh_protocol"` } +type CellsConfig struct { + Url string `yaml:"url"` + + Client *cells.Client +} + type Config struct { User string `yaml:"user,omitempty"` RootDir string @@ -81,6 +87,7 @@ type Config struct { HttpSettings HttpSettingsConfig `yaml:"http_settings"` Server ServerConfig `yaml:"sshd"` LFSConfig LFSConfig `yaml:"lfs"` + Cells CellsConfig `yaml:"cells"` httpClient *client.HTTPClient httpClientErr error @@ -211,6 +218,14 @@ func newFromFile(path string) (*Config, error) { cfg.LogFile = filepath.Join(cfg.RootDir, cfg.LogFile) } + if cfg.Cells.Url != "" { + client, err := cells.NewClient(cfg.Cells.Url) + if err != nil { + return nil, err + } + cfg.Cells.Client = client + } + return cfg, nil } diff --git a/internal/gitlabnet/accessverifier/client.go b/internal/gitlabnet/accessverifier/client.go index b9843d68e..fb1af0cec 100644 --- a/internal/gitlabnet/accessverifier/client.go +++ b/internal/gitlabnet/accessverifier/client.go @@ -21,6 +21,8 @@ const ( // Client is a client for accessing resources type Client struct { client *client.GitlabNetClient + config *config.Config + host string } // Request represents a request for accessing resources @@ -96,7 +98,7 @@ func NewClient(config *config.Config) (*Client, error) { return nil, fmt.Errorf("error creating http client: %v", err) } - return &Client{client: client}, nil + return &Client{client: client, config: config, host: client.HttpClient.Host}, nil } // Verify verifies access to a GitLab resource @@ -120,7 +122,8 @@ func (c *Client) Verify(ctx context.Context, args *commandargs.Shell, action com request.CheckIP = gitlabnet.ParseIP(args.Env.RemoteAddr) - response, err := c.client.Post(ctx, "/allowed", request) + host := c.getCellsAddress(ctx, repo) + response, err := c.client.DoRequest(ctx, http.MethodPost, host, "/api/v4/internal/allowed", request) if err != nil { return nil, err } @@ -150,3 +153,17 @@ func parse(hr *http.Response, args *commandargs.Shell) (*Response, error) { func (r *Response) IsCustomAction() bool { return r.StatusCode == http.StatusMultipleChoices } + +func (c *Client) getCellsAddress(ctx context.Context, repo string) string { + cellsClient := c.config.Cells.Client + if cellsClient == nil { + return c.host + } + + cell, err := cellsClient.Classify(ctx, repo) + if err != nil { + return c.host + } + + return cell.Address +} -- GitLab From 59e8b7d349521335ce9dcfa572ee6d23fcf58e67 Mon Sep 17 00:00:00 2001 From: Vasilii Iakliushin Date: Wed, 15 May 2024 15:43:05 +0200 Subject: [PATCH 4/6] Use default host --- internal/config/config.go | 1 + internal/gitlabnet/accessverifier/client.go | 12 +++++++----- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/internal/config/config.go b/internal/config/config.go index 53f34694f..91223049d 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -12,6 +12,7 @@ import ( "gopkg.in/yaml.v3" "gitlab.com/gitlab-org/gitlab-shell/v14/client" + "gitlab.com/gitlab-org/gitlab-shell/v14/internal/cells" "gitlab.com/gitlab-org/gitlab-shell/v14/internal/gitaly" "gitlab.com/gitlab-org/gitlab-shell/v14/internal/metrics" ) diff --git a/internal/gitlabnet/accessverifier/client.go b/internal/gitlabnet/accessverifier/client.go index fb1af0cec..722b34990 100644 --- a/internal/gitlabnet/accessverifier/client.go +++ b/internal/gitlabnet/accessverifier/client.go @@ -160,10 +160,12 @@ func (c *Client) getCellsAddress(ctx context.Context, repo string) string { return c.host } - cell, err := cellsClient.Classify(ctx, repo) - if err != nil { - return c.host - } + return c.host + + // cell, err := cellsClient.Classify(ctx, repo) + // if err != nil { + // return c.host + // } - return cell.Address + // return cell.Address } -- GitLab From 06e0f89d5e707c106d0dc04b75d0d72a0ef177b4 Mon Sep 17 00:00:00 2001 From: Vasilii Iakliushin Date: Fri, 17 May 2024 15:12:52 +0200 Subject: [PATCH 5/6] Remove cells code --- internal/cells/cells.go | 18 ---------------- .../command/uploadpack/git_workhorse_call.go | 21 ++++++++----------- internal/config/config.go | 16 -------------- internal/gitlabnet/accessverifier/client.go | 19 +---------------- internal/gitlabnet/git/client.go | 10 +++++++++ 5 files changed, 20 insertions(+), 64 deletions(-) delete mode 100644 internal/cells/cells.go diff --git a/internal/cells/cells.go b/internal/cells/cells.go deleted file mode 100644 index a088bc920..000000000 --- a/internal/cells/cells.go +++ /dev/null @@ -1,18 +0,0 @@ -package cells - -import ( - "google.golang.org/grpc" -) - -type Client struct { - conn *grpc.ClientConn -} - -func NewClient(url string) (*Client, error) { - conn, err := grpc.Dial(url, grpc.WithInsecure()) - if err != nil { - return nil, err - } - - return &Client{conn: conn}, nil -} diff --git a/internal/command/uploadpack/git_workhorse_call.go b/internal/command/uploadpack/git_workhorse_call.go index d7efefd99..ec96c66c2 100644 --- a/internal/command/uploadpack/git_workhorse_call.go +++ b/internal/command/uploadpack/git_workhorse_call.go @@ -3,25 +3,22 @@ package uploadpack import ( "context" "io" - "net/http" - "gitlab.com/gitlab-org/gitlab-shell/v14/client" "gitlab.com/gitlab-org/gitlab-shell/v14/internal/command/shared/accessverifier" + "gitlab.com/gitlab-org/gitlab-shell/v14/internal/gitlabnet/git" ) -var httpClient = &http.Client{ - Transport: client.NewTransport(client.DefaultTransport()), -} - func (c *Command) performWorkhorseCall(ctx context.Context, response *accessverifier.Response) error { - req, err := http.NewRequestWithContext(ctx, http.MethodPost, response.GitRpcUrl, io.NopCloser(c.ReadWriter.In)) - if err != nil { - return err + client := &git.Client{ + Url: response.GitRpcUrl, + Headers: map[string]string{ + "Gitlab-Shell-Api-Request": response.GitRpcAuthHeader, + "Git-Protocol": c.Args.Env.GitProtocolVersion, + }, } - req.Header.Set("Authorization", response.GitRpcAuthHeader) - req.Header.Set("Git-Protocol", c.Args.Env.GitProtocolVersion) - resp, err := httpClient.Do(req) + resp, err := client.SshUploadPack(ctx, io.NopCloser(c.ReadWriter.In)) + if err != nil { return err } diff --git a/internal/config/config.go b/internal/config/config.go index 91223049d..2c4363780 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -12,7 +12,6 @@ import ( "gopkg.in/yaml.v3" "gitlab.com/gitlab-org/gitlab-shell/v14/client" - "gitlab.com/gitlab-org/gitlab-shell/v14/internal/cells" "gitlab.com/gitlab-org/gitlab-shell/v14/internal/gitaly" "gitlab.com/gitlab-org/gitlab-shell/v14/internal/metrics" ) @@ -66,12 +65,6 @@ type LFSConfig struct { PureSSHProtocol bool // `yaml:"pure_ssh_protocol"` } -type CellsConfig struct { - Url string `yaml:"url"` - - Client *cells.Client -} - type Config struct { User string `yaml:"user,omitempty"` RootDir string @@ -88,7 +81,6 @@ type Config struct { HttpSettings HttpSettingsConfig `yaml:"http_settings"` Server ServerConfig `yaml:"sshd"` LFSConfig LFSConfig `yaml:"lfs"` - Cells CellsConfig `yaml:"cells"` httpClient *client.HTTPClient httpClientErr error @@ -219,14 +211,6 @@ func newFromFile(path string) (*Config, error) { cfg.LogFile = filepath.Join(cfg.RootDir, cfg.LogFile) } - if cfg.Cells.Url != "" { - client, err := cells.NewClient(cfg.Cells.Url) - if err != nil { - return nil, err - } - cfg.Cells.Client = client - } - return cfg, nil } diff --git a/internal/gitlabnet/accessverifier/client.go b/internal/gitlabnet/accessverifier/client.go index 722b34990..9aa5841b7 100644 --- a/internal/gitlabnet/accessverifier/client.go +++ b/internal/gitlabnet/accessverifier/client.go @@ -122,8 +122,7 @@ func (c *Client) Verify(ctx context.Context, args *commandargs.Shell, action com request.CheckIP = gitlabnet.ParseIP(args.Env.RemoteAddr) - host := c.getCellsAddress(ctx, repo) - response, err := c.client.DoRequest(ctx, http.MethodPost, host, "/api/v4/internal/allowed", request) + response, err := c.client.DoRequest(ctx, http.MethodPost, c.host, "/api/v4/internal/allowed", request) if err != nil { return nil, err } @@ -153,19 +152,3 @@ func parse(hr *http.Response, args *commandargs.Shell) (*Response, error) { func (r *Response) IsCustomAction() bool { return r.StatusCode == http.StatusMultipleChoices } - -func (c *Client) getCellsAddress(ctx context.Context, repo string) string { - cellsClient := c.config.Cells.Client - if cellsClient == nil { - return c.host - } - - return c.host - - // cell, err := cellsClient.Classify(ctx, repo) - // if err != nil { - // return c.host - // } - - // return cell.Address -} diff --git a/internal/gitlabnet/git/client.go b/internal/gitlabnet/git/client.go index 35d6a7401..b6123fef9 100644 --- a/internal/gitlabnet/git/client.go +++ b/internal/gitlabnet/git/client.go @@ -56,6 +56,16 @@ func (c *Client) UploadPack(ctx context.Context, body io.Reader) (*http.Response return c.do(request) } +// SshUploadPack sends a SSH over HTTPS request to the server +func (c *Client) SshUploadPack(ctx context.Context, body io.Reader) (*http.Response, error) { + request, err := http.NewRequestWithContext(ctx, http.MethodPost, c.Url, body) + if err != nil { + return nil, err + } + + return c.do(request) +} + func (c *Client) do(request *http.Request) (*http.Response, error) { for k, v := range c.Headers { request.Header.Add(k, v) -- GitLab From b0834a9ac1efd7feaacb827f73e55b0739d38843 Mon Sep 17 00:00:00 2001 From: Vasilii Iakliushin Date: Fri, 17 May 2024 15:18:54 +0200 Subject: [PATCH 6/6] Remove more code --- client/gitlabnet.go | 25 +++++++++---------- .../shared/customaction/customaction.go | 2 +- .../command/uploadpack/git_workhorse_call.go | 2 +- internal/gitlabnet/accessverifier/client.go | 6 ++--- internal/gitlabnet/git/client.go | 2 +- 5 files changed, 17 insertions(+), 20 deletions(-) diff --git a/client/gitlabnet.go b/client/gitlabnet.go index 669f75f8b..16fc7dd1e 100644 --- a/client/gitlabnet.go +++ b/client/gitlabnet.go @@ -30,12 +30,11 @@ type ErrorResponse struct { // GitlabNetClient is a client for interacting with GitLab API type GitlabNetClient struct { - HttpClient *HTTPClient - - user string - password string - secret string - userAgent string + httpClient *HTTPClient + user string + password string + secret string + userAgent string } // APIError represents an API error @@ -62,7 +61,7 @@ func NewGitlabNetClient( } return &GitlabNetClient{ - HttpClient: httpClient, + httpClient: httpClient, user: user, password: password, secret: secret, @@ -129,17 +128,17 @@ func parseError(resp *http.Response, respErr error) error { // Get makes a GET request func (c *GitlabNetClient) Get(ctx context.Context, path string) (*http.Response, error) { - return c.DoRequest(ctx, http.MethodGet, c.HttpClient.Host, normalizePath(path), nil) + return c.DoRequest(ctx, http.MethodGet, normalizePath(path), nil) } // Post makes a POST request func (c *GitlabNetClient) Post(ctx context.Context, path string, data interface{}) (*http.Response, error) { - return c.DoRequest(ctx, http.MethodPost, c.HttpClient.Host, normalizePath(path), data) + return c.DoRequest(ctx, http.MethodPost, normalizePath(path), data) } // Do executes a request func (c *GitlabNetClient) Do(request *http.Request) (*http.Response, error) { - response, respErr := c.HttpClient.RetryableHTTP.HTTPClient.Do(request) + response, respErr := c.httpClient.RetryableHTTP.HTTPClient.Do(request) if err := parseError(response, respErr); err != nil { return nil, err } @@ -148,8 +147,8 @@ func (c *GitlabNetClient) Do(request *http.Request) (*http.Response, error) { } // DoRequest executes a request with the given method, path, and data -func (c *GitlabNetClient) DoRequest(ctx context.Context, method, host, path string, data interface{}) (*http.Response, error) { - request, err := newRequest(ctx, method, host, path, data) +func (c *GitlabNetClient) DoRequest(ctx context.Context, method, path string, data interface{}) (*http.Response, error) { + request, err := newRequest(ctx, method, c.httpClient.Host, path, data) if err != nil { return nil, err } @@ -174,7 +173,7 @@ func (c *GitlabNetClient) DoRequest(ctx context.Context, method, host, path stri request.Header.Add("Content-Type", "application/json") request.Header.Add("User-Agent", c.userAgent) - response, respErr := c.HttpClient.RetryableHTTP.Do(request) + response, respErr := c.httpClient.RetryableHTTP.Do(request) if err := parseError(response, respErr); err != nil { return nil, err } diff --git a/internal/command/shared/customaction/customaction.go b/internal/command/shared/customaction/customaction.go index a183e27fa..6d160c281 100644 --- a/internal/command/shared/customaction/customaction.go +++ b/internal/command/shared/customaction/customaction.go @@ -107,7 +107,7 @@ func (c *Command) processAPIEndpoints(ctx context.Context, response *accessverif } func (c *Command) performRequest(ctx context.Context, client *client.GitlabNetClient, endpoint string, request *Request) (*Response, error) { - response, err := client.DoRequest(ctx, http.MethodPost, client.HttpClient.Host, endpoint, request) + response, err := client.DoRequest(ctx, http.MethodPost, endpoint, request) if err != nil { return nil, err } diff --git a/internal/command/uploadpack/git_workhorse_call.go b/internal/command/uploadpack/git_workhorse_call.go index ec96c66c2..fa8902f0a 100644 --- a/internal/command/uploadpack/git_workhorse_call.go +++ b/internal/command/uploadpack/git_workhorse_call.go @@ -10,7 +10,7 @@ import ( func (c *Command) performWorkhorseCall(ctx context.Context, response *accessverifier.Response) error { client := &git.Client{ - Url: response.GitRpcUrl, + URL: response.GitRpcUrl, Headers: map[string]string{ "Gitlab-Shell-Api-Request": response.GitRpcAuthHeader, "Git-Protocol": c.Args.Env.GitProtocolVersion, diff --git a/internal/gitlabnet/accessverifier/client.go b/internal/gitlabnet/accessverifier/client.go index 9aa5841b7..b9843d68e 100644 --- a/internal/gitlabnet/accessverifier/client.go +++ b/internal/gitlabnet/accessverifier/client.go @@ -21,8 +21,6 @@ const ( // Client is a client for accessing resources type Client struct { client *client.GitlabNetClient - config *config.Config - host string } // Request represents a request for accessing resources @@ -98,7 +96,7 @@ func NewClient(config *config.Config) (*Client, error) { return nil, fmt.Errorf("error creating http client: %v", err) } - return &Client{client: client, config: config, host: client.HttpClient.Host}, nil + return &Client{client: client}, nil } // Verify verifies access to a GitLab resource @@ -122,7 +120,7 @@ func (c *Client) Verify(ctx context.Context, args *commandargs.Shell, action com request.CheckIP = gitlabnet.ParseIP(args.Env.RemoteAddr) - response, err := c.client.DoRequest(ctx, http.MethodPost, c.host, "/api/v4/internal/allowed", request) + response, err := c.client.Post(ctx, "/allowed", request) if err != nil { return nil, err } diff --git a/internal/gitlabnet/git/client.go b/internal/gitlabnet/git/client.go index b6123fef9..54c5a81e1 100644 --- a/internal/gitlabnet/git/client.go +++ b/internal/gitlabnet/git/client.go @@ -58,7 +58,7 @@ func (c *Client) UploadPack(ctx context.Context, body io.Reader) (*http.Response // SshUploadPack sends a SSH over HTTPS request to the server func (c *Client) SshUploadPack(ctx context.Context, body io.Reader) (*http.Response, error) { - request, err := http.NewRequestWithContext(ctx, http.MethodPost, c.Url, body) + request, err := http.NewRequestWithContext(ctx, http.MethodPost, c.URL, body) if err != nil { return nil, err } -- GitLab