Class: Gitlab::Shell

Inherits:

Object

• Object
• Gitlab::Shell

Defined in:

lib/gitlab/shell.rb

Overview

This class is an artifact of a time when common repository operations were performed by calling out to scripts in the gitlab-shell project. Now, these operations are all performed by Gitaly, and are mostly accessible through the Repository class. Prefer using a Repository to functionality here.

Legacy code relating to namespaces still relies on Gitlab::Shell; it can be converted to a module once gitlab.com/groups/gitlab-org/-/epics/2320 is completed. gitlab.com/gitlab-org/gitlab/-/issues/25095 tracks it.

Constant Summary

Error =

Class.new(StandardError)

API_HEADER =

'Gitlab-Shell-Api-Request'

JWT_ISSUER =

'gitlab-shell'

Class Method Summary

• .ensure_secret_token! ⇒ Object

  Ensure gitlab shell has a secret token stored in the secret_file if that was never generated, generate a new one.

• .header_set?(headers) ⇒ Boolean
• .secret_token ⇒ String

  Retrieve GitLab Shell secret token.

• .verify_api_request(headers) ⇒ Object
• .version ⇒ String

  Return GitLab shell version.

• .version_required ⇒ String

  Returns required GitLab shell version.

Instance Method Summary

• #repository_exists?(storage, dir_name) ⇒ Boolean deprecated Deprecated.

Class Method Details

.ensure_secret_token! ⇒ Object

Ensure gitlab shell has a secret token stored in the secret_file if that was never generated, generate a new one

# File 'lib/gitlab/shell.rb', line 44

def ensure_secret_token!
  return if File.exist?(File.join(Gitlab.config.gitlab_shell.path, '.gitlab_shell_secret'))

  generate_and_link_secret_token
end

.header_set?(headers) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/shell.rb', line 31

def header_set?(headers)
  headers[API_HEADER].present?
end

.secret_token ⇒ String

Retrieve GitLab Shell secret token

Returns:

• (String) —

  secret token

# File 'lib/gitlab/shell.rb', line 38

def secret_token
  @secret_token ||= File.read(Gitlab.config.gitlab_shell.secret_file).chomp
end

.verify_api_request(headers) ⇒ Object

# File 'lib/gitlab/shell.rb', line 21

def verify_api_request(headers)
  payload, header = JSONWebToken::HMACToken.decode(headers[API_HEADER], secret_token)
  return unless payload['iss'] == JWT_ISSUER

  [payload, header]
rescue JWT::DecodeError, JWT::ExpiredSignature, JWT::ImmatureSignature => ex
  Gitlab::ErrorTracking.track_exception(ex)
  nil
end

.version ⇒ String

Return GitLab shell version

Returns:

• (String) —

  version

# File 'lib/gitlab/shell.rb', line 61

def version
  @version ||= File.read(gitlab_shell_version_file).chomp if File.readable?(gitlab_shell_version_file)
end

.version_required ⇒ String

Returns required GitLab shell version

Returns:

• (String) —

  version from the manifest file

# File 'lib/gitlab/shell.rb', line 53

def version_required
  @version_required ||= File.read(Rails.root
                                  .join('GITLAB_SHELL_VERSION')).strip
end

Instance Method Details

#repository_exists?(storage, dir_name) ⇒ Boolean

Deprecated.

Check if repository exists on disk

Examples:

Check if repository exists

repository_exists?('default', 'gitlab-org/gitlab.git')

Parameters:

• storage (String) —

  project’s storage path

• dir_name (Object) —

  repository dir name

Returns:

• (Boolean) —

  whether repository exists or not

# File 'lib/gitlab/shell.rb', line 105

def repository_exists?(storage, dir_name)
  Gitlab::Git::Repository.new(storage, dir_name, nil, nil).exists?
rescue GRPC::Internal
  false
end