config

package
v16.7.0-rc43 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 19, 2023 License: MIT Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// GitalyDataPrefix is the top-level directory we use to store system
	// (non-user) data. We need to be careful that this path does not clash
	// with any directory name that could be provided by a user. The '+'
	// character is not allowed in GitLab namespaces or repositories.
	GitalyDataPrefix = "+gitaly"
)

Variables

This section is empty.

Functions

func GetGitalyProcessTempDir

func GetGitalyProcessTempDir(parentDir string, processID int) string

GetGitalyProcessTempDir constructs a temporary directory name for the current gitaly process. This way, we can clean up old temporary directories by inspecting the pid attached to the folder.

func NewLocator

func NewLocator(conf Cfg) storage.Locator

NewLocator returns locator based on the provided configuration struct. As it creates a shallow copy of the provided struct changes made into provided struct may affect result of methods implemented by it.

func PruneOldGitalyProcessDirectories

func PruneOldGitalyProcessDirectories(log log.Logger, directory string) error

PruneOldGitalyProcessDirectories removes leftover temporary directories that belonged to processes that no longer exist. Directories are expected to be in the form gitaly-<pid>. The removals are logged prior to being executed. Unexpected directory entries are logged but not removed.

func SetupRuntimeDirectory

func SetupRuntimeDirectory(cfg Cfg, processID int) (string, error)

SetupRuntimeDirectory creates a new runtime directory. Runtime directory contains internal runtime data generated by Gitaly such as the internal sockets. If cfg.RuntimeDir is set, it's used as the parent directory for the runtime directory. Runtime directory owner process can be identified by the suffix process ID suffixed in the directory name. If a directory already exists for this process' ID, it's removed and recreated. If cfg.RuntimeDir is not set, a temporary directory is used instead. A directory is created for the internal socket as well since it is expected to be present in the runtime directory. SetupRuntimeDirectory returns the absolute path to the created runtime directory.

Types

type AdaptiveLimiting added in v16.6.0

type AdaptiveLimiting struct {
	// CPUThrottledThreshold defines the CPU throttling ratio threshold for a backoff event. The resource watcher
	// compares the recorded total throttled time between two polls. If the throttled time exceeds this threshold of
	// the observation window, it returns a backoff event. By default, the threshold is 0.5 (50%).
	CPUThrottledThreshold float64 `toml:"cpu_throttled_threshold" json:"cpu_throttled_threshold"`
	// MemoryThreshold defines the memory threshold for a backoff event. The memory watcher compares the recorded
	// memory usage (excluding high evictable page caches) to the defined limit. If the ratio exceeds this
	// threshold, a backoff event is fired. By default, the threshold is 0.9 (90%).
	MemoryThreshold float64 `toml:"memory_threshold" json:"memory_threshold"`
}

AdaptiveLimiting defines a set of global config for the adaptive limiter. This config customizes how the resource watchers and calculator works. Specific limits for each RPC or pack-objects operation should be configured individually using the Concurrency and PackObjectsLimiting structs respectively.

func (AdaptiveLimiting) Validate added in v16.6.0

func (c AdaptiveLimiting) Validate() error

Validate runs validation on all fields and compose all found errors.

type BackupConfig added in v16.2.0

type BackupConfig struct {
	// GoCloudURL is the blob storage GoCloud URL that will be used to store
	// server-side backups.
	GoCloudURL string `toml:"go_cloud_url,omitempty" json:"go_cloud_url,omitempty"`
	// Layout determines how backup files are located.
	Layout string `toml:"layout,omitempty" json:"layout,omitempty"`
}

BackupConfig configures server-side backups.

func (BackupConfig) Validate added in v16.2.0

func (bc BackupConfig) Validate() error

Validate runs validation on all fields and returns any errors found.

type Cfg

type Cfg struct {
	// ConfigCommand specifies the path to an executable that Gitaly will run after loading the
	// initial configuration from disk. The executable is expected to write JSON-formatted
	// configuration to its standard output that we will then deserialize and merge back into
	// the initially-loaded configuration again. This is an easy mechanism to generate parts of
	// the configuration at runtime, like for example secrets.
	ConfigCommand        string            `toml:"config_command,omitempty" json:"config_command"`
	SocketPath           string            `toml:"socket_path,omitempty" json:"socket_path" split_words:"true"`
	ListenAddr           string            `toml:"listen_addr,omitempty" json:"listen_addr" split_words:"true"`
	TLSListenAddr        string            `toml:"tls_listen_addr,omitempty" json:"tls_listen_addr" split_words:"true"`
	PrometheusListenAddr string            `toml:"prometheus_listen_addr,omitempty" json:"prometheus_listen_addr" split_words:"true"`
	BinDir               string            `toml:"bin_dir,omitempty" json:"bin_dir"`
	RuntimeDir           string            `toml:"runtime_dir,omitempty" json:"runtime_dir"`
	Git                  Git               `toml:"git,omitempty" json:"git" envconfig:"git"`
	Storages             []Storage         `toml:"storage,omitempty" json:"storage" envconfig:"storage"`
	Logging              Logging           `toml:"logging,omitempty" json:"logging" envconfig:"logging"`
	Prometheus           prometheus.Config `toml:"prometheus,omitempty" json:"prometheus"`
	Auth                 auth.Config       `toml:"auth,omitempty" json:"auth"`
	TLS                  TLS               `toml:"tls,omitempty" json:"tls"`
	Gitlab               Gitlab            `toml:"gitlab,omitempty" json:"gitlab"`
	// GitlabShell contains the location of the gitlab-shell directory. This directory is expected to contain two
	// things:
	//
	// - The GitLab secret file ".gitlab_shell_secret", which is used to authenticate with GitLab. This should
	//   instead be configured via "gitlab.secret" or "gitlab.secret_file".
	//
	// - The custom hooks directory "hooks". This should instead be configured via "hooks.custom_hooks_dir".
	//
	// This setting is thus deprecated and should ideally not be used anymore.
	GitlabShell            GitlabShell         `toml:"gitlab-shell,omitempty" json:"gitlab-shell"`
	Hooks                  Hooks               `toml:"hooks,omitempty" json:"hooks"`
	Concurrency            []Concurrency       `toml:"concurrency,omitempty" json:"concurrency"`
	RateLimiting           []RateLimiting      `toml:"rate_limiting,omitempty" json:"rate_limiting"`
	GracefulRestartTimeout duration.Duration   `toml:"graceful_restart_timeout,omitempty" json:"graceful_restart_timeout"`
	DailyMaintenance       DailyJob            `toml:"daily_maintenance,omitempty" json:"daily_maintenance"`
	Cgroups                cgroups.Config      `toml:"cgroups,omitempty" json:"cgroups"`
	PackObjectsCache       StreamCacheConfig   `toml:"pack_objects_cache,omitempty" json:"pack_objects_cache"`
	PackObjectsLimiting    PackObjectsLimiting `toml:"pack_objects_limiting,omitempty" json:"pack_objects_limiting"`
	Backup                 BackupConfig        `toml:"backup,omitempty" json:"backup"`
	Timeout                TimeoutConfig       `toml:"timeout,omitempty" json:"timeout"`
	Transactions           Transactions        `toml:"transactions,omitempty" json:"transactions,omitempty"`
	AdaptiveLimiting       AdaptiveLimiting    `toml:"adaptive_limiting,omitempty" json:"adaptive_limiting,omitempty"`
}

Cfg is a container for all config derived from config.toml.

func Load

func Load(file io.Reader) (Cfg, error)

Load initializes the Config variable from file and the environment. Environment variables take precedence over the file.

func (*Cfg) BinaryPath

func (cfg *Cfg) BinaryPath(binaryName string) string

BinaryPath returns the path to a given binary. BinaryPath does not do any validation, it simply joins the binaryName with the correct base directory depending on whether the binary is a packed binary or not.

func (*Cfg) InternalSocketDir

func (cfg *Cfg) InternalSocketDir() string

InternalSocketDir returns the location of the internal socket directory.

func (*Cfg) InternalSocketPath

func (cfg *Cfg) InternalSocketPath() string

InternalSocketPath is the path to the internal Gitaly socket.

func (*Cfg) SetDefaults added in v16.5.0

func (cfg *Cfg) SetDefaults() error

SetDefaults sets the default options for Cfg.

func (*Cfg) Storage

func (cfg *Cfg) Storage(storageName string) (Storage, bool)

Storage looks up storageName.

func (*Cfg) StoragePath

func (cfg *Cfg) StoragePath(storageName string) (string, bool)

StoragePath looks up the base path for storageName. The second boolean return value indicates if anything was found.

func (*Cfg) Validate

func (cfg *Cfg) Validate() error

Validate checks the current Config for sanity.

func (*Cfg) ValidateV2

func (cfg *Cfg) ValidateV2() error

ValidateV2 is a new validation method that is a replacement for the existing Validate. It exists as a demonstration of the new validation implementation based on the usage of the cfgerror package.

type Concurrency

type Concurrency struct {
	// RPC is the name of the RPC to set concurrency limits for
	RPC string `toml:"rpc" json:"rpc"`
	// Adaptive determines the behavior of the concurrency limit. If set to true, the concurrency limit is dynamic
	// and starts at InitialLimit, then adjusts within the range [MinLimit, MaxLimit] based on current resource
	// usage. If set to false, the concurrency limit is static and is set to MaxPerRepo.
	Adaptive bool `toml:"adaptive,omitempty" json:"adaptive,omitempty"`
	// InitialLimit is the concurrency limit to start with.
	InitialLimit int `toml:"initial_limit,omitempty" json:"initial_limit,omitempty"`
	// MaxLimit is the minimum adaptive concurrency limit.
	MaxLimit int `toml:"max_limit,omitempty" json:"max_limit,omitempty"`
	// MinLimit is the mini adaptive concurrency limit.
	MinLimit int `toml:"min_limit,omitempty" json:"min_limit,omitempty"`
	// MaxPerRepo is the maximum number of concurrent calls for a given repository. This config is used only
	// if Adaptive is false.
	MaxPerRepo int `toml:"max_per_repo" json:"max_per_repo"`
	// MaxQueueSize is the maximum number of requests in the queue waiting to be picked up
	// after which subsequent requests will return with an error.
	MaxQueueSize int `toml:"max_queue_size" json:"max_queue_size"`
	// MaxQueueWait is the maximum time a request can remain in the concurrency queue
	// waiting to be picked up by Gitaly
	MaxQueueWait duration.Duration `toml:"max_queue_wait" json:"max_queue_wait"`
}

Concurrency allows endpoints to be limited to a maximum concurrency per repo. Requests that come in after the maximum number of concurrent requests are in progress will wait in a queue that is bounded by MaxQueueSize.

func (Concurrency) Validate added in v16.5.0

func (c Concurrency) Validate() error

Validate runs validation on all fields and compose all found errors.

type DailyJob

type DailyJob struct {
	Hour     uint              `toml:"start_hour,omitempty" json:"start_hour"`
	Minute   uint              `toml:"start_minute,omitempty" json:"start_minute"`
	Duration duration.Duration `toml:"duration,omitempty" json:"duration"`
	Storages []string          `toml:"storages,omitempty" json:"storages"`

	// Disabled will completely disable a daily job, even in cases where a
	// default schedule is implied
	Disabled bool `toml:"disabled,omitempty" json:"disabled"`
}

DailyJob enables a daily task to be scheduled for specific storages

func (DailyJob) Validate

func (dj DailyJob) Validate(allowedStorages []string) error

Validate runs validation on all fields and compose all found errors.

type Git

type Git struct {
	UseBundledBinaries bool        `toml:"use_bundled_binaries,omitempty" json:"use_bundled_binaries"`
	BinPath            string      `toml:"bin_path,omitempty" json:"bin_path"`
	CatfileCacheSize   int         `toml:"catfile_cache_size,omitempty" json:"catfile_cache_size"`
	Config             []GitConfig `toml:"config,omitempty" json:"config"`
	// SigningKey is the private key used for signing commits created by Gitaly
	SigningKey string `toml:"signing_key,omitempty" json:"signing_key"`
	// RotatedSigningKeys are the private keys that have used for commit signing before.
	// The keys from the SigningKey field is moved into this field for some time to rotate signing keys.
	RotatedSigningKeys []string `toml:"rotated_signing_keys,omitempty" json:"rotated_signing_keys"`
	// CommitterEmail is the committer email of the commits created by Gitaly, e.g. `noreply@gitlab.com`
	CommitterEmail string `toml:"committer_email,omitempty" json:"committer_email"`
	// CommitterName is the committer name of the commits created by Gitaly, e.g. `GitLab`
	CommitterName string `toml:"committer_name,omitempty" json:"committer_name"`
}

Git contains the settings for the Git executable

func (Git) Validate

func (g Git) Validate() error

Validate runs validation on all fields and compose all found errors.

type GitConfig

type GitConfig struct {
	// Key is the key of the config entry, e.g. `core.gc`.
	Key string `toml:"key,omitempty" json:"key"`
	// Value is the value of the config entry, e.g. `false`.
	Value string `toml:"value,omitempty" json:"value"`
}

GitConfig contains a key-value pair which is to be passed to git as configuration.

func (GitConfig) GlobalArgs

func (cfg GitConfig) GlobalArgs() ([]string, error)

GlobalArgs generates a git `-c <key>=<value>` flag. Returns an error if `Validate()` fails to validate the config key.

func (GitConfig) Validate

func (cfg GitConfig) Validate() error

Validate validates that the Git configuration conforms to a format that Git understands.

type Gitlab

type Gitlab struct {
	URL             string       `toml:"url,omitempty" json:"url"`
	RelativeURLRoot string       `toml:"relative_url_root,omitempty" json:"relative_url_root"` // For UNIX sockets only
	HTTPSettings    HTTPSettings `toml:"http-settings,omitempty" json:"http_settings"`
	SecretFile      string       `toml:"secret_file,omitempty" json:"secret_file"`
	// Secret contains the Gitlab secret directly. Should not be set if secret file is specified.
	Secret string `toml:"secret,omitempty" json:"secret"`
}

Gitlab contains settings required to connect to the Gitlab api

func (Gitlab) Validate

func (gl Gitlab) Validate() error

Validate runs validation on all fields and compose all found errors.

type GitlabShell

type GitlabShell struct {
	Dir string `toml:"dir" json:"dir"`
}

GitlabShell contains the settings required for executing `gitlab-shell`

func (GitlabShell) Validate

func (gs GitlabShell) Validate() error

Validate runs validation on all fields and compose all found errors.

type HTTPSettings

type HTTPSettings struct {
	ReadTimeout uint64 `toml:"read_timeout,omitempty" json:"read_timeout"`
	User        string `toml:"user,omitempty" json:"user"`
	Password    string `toml:"password,omitempty" json:"password"`
	CAFile      string `toml:"ca_file,omitempty" json:"ca_file"`
	CAPath      string `toml:"ca_path,omitempty" json:"ca_path"`
}

HTTPSettings contains configuration settings used to setup HTTP transport and basic HTTP authorization.

func (HTTPSettings) Validate

func (ss HTTPSettings) Validate() error

Validate runs validation on all fields and compose all found errors.

type Hooks

type Hooks struct {
	CustomHooksDir string `toml:"custom_hooks_dir,omitempty" json:"custom_hooks_dir"`
}

Hooks contains the settings required for hooks

type Logging

type Logging struct {
	log.Config
	Sentry
}

Logging contains the logging configuration for Gitaly

type PackObjectsLimiting

type PackObjectsLimiting struct {
	// Adaptive determines the behavior of the concurrency limit. If set to true, the concurrency limit is dynamic
	// and starts at InitialLimit, then adjusts within the range [MinLimit, MaxLimit] based on current resource
	// usage. If set to false, the concurrency limit is static and is set to MaxConcurrency.
	Adaptive bool `toml:"adaptive,omitempty" json:"adaptive,omitempty"`
	// InitialLimit is the concurrency limit to start with.
	InitialLimit int `toml:"initial_limit,omitempty" json:"initial_limit,omitempty"`
	// MaxLimit is the minimum adaptive concurrency limit.
	MaxLimit int `toml:"max_limit,omitempty" json:"max_limit,omitempty"`
	// MinLimit is the mini adaptive concurrency limit.
	MinLimit int `toml:"min_limit,omitempty" json:"min_limit,omitempty"`
	// MaxConcurrency is the static maximum number of concurrent pack objects processes for a given key. This config
	// is used only if Adaptive is false.
	MaxConcurrency int `toml:"max_concurrency,omitempty" json:"max_concurrency,omitempty"`
	// MaxQueueWait is the maximum time a request can remain in the concurrency queue
	// waiting to be picked up by Gitaly.
	MaxQueueWait duration.Duration `toml:"max_queue_wait,omitempty" json:"max_queue_wait,omitempty"`
	// MaxQueueLength is the maximum length of the request queue
	MaxQueueLength int `toml:"max_queue_length,omitempty" json:"max_queue_length,omitempty"`
}

PackObjectsLimiting allows the concurrency of pack objects processes to be limited Requests that come in after the maximum number of concurrent pack objects processes have been reached will wait.

func (PackObjectsLimiting) Validate

func (pol PackObjectsLimiting) Validate() error

Validate runs validation on all fields and compose all found errors.

type RateLimiting

type RateLimiting struct {
	// RPC is the full name of the RPC including the service name
	RPC string `toml:"rpc" json:"rpc"`
	// Interval sets the interval with which the token bucket will
	// be refilled to what is configured in Burst.
	Interval duration.Duration `toml:"interval" json:"interval"`
	// Burst sets the capacity of the token bucket (see above).
	Burst int `toml:"burst" json:"burst"`
}

RateLimiting allows endpoints to be limited to a maximum request rate per second. The rate limiter uses a concept of a "token bucket". In order to serve a request, a token is retrieved from the token bucket. The size of the token bucket is configured through the Burst value, while the rate at which the token bucket is refilled per second is configured through the RequestsPerSecond value.

type Sentry

type Sentry sentry.Config

Sentry is a sentry.Config. We redefine this type to a different name so we can embed both structs into Logging

type Storage

type Storage struct {
	Name string `toml:"name"`
	Path string `toml:"path"`
}

Storage contains a single storage-shard

func (Storage) Validate

func (s Storage) Validate() error

Validate runs validation on all fields and compose all found errors.

type StreamCacheConfig

type StreamCacheConfig struct {
	Enabled        bool              `toml:"enabled" json:"enabled"` // Default: false
	Dir            string            `toml:"dir" json:"dir"`         // Default: <FIRST STORAGE PATH>/+gitaly/PackObjectsCache
	MaxAge         duration.Duration `toml:"max_age" json:"max_age"` // Default: 5m
	MinOccurrences int               `toml:"min_occurrences" json:"min_occurrences"`
}

StreamCacheConfig contains settings for a streamcache instance.

func (StreamCacheConfig) Validate

func (scc StreamCacheConfig) Validate() error

Validate runs validation on all fields and compose all found errors.

type TLS

type TLS struct {
	CertPath string `toml:"certificate_path,omitempty" json:"cert_path"`
	KeyPath  string `toml:"key_path,omitempty" json:"key_path"`
	Key      string `toml:"key,omitempty" json:"key"`
}

TLS configuration

func (TLS) Certificate added in v16.4.0

func (t TLS) Certificate() (tls.Certificate, error)

Certificate gets the certificate with the certificate path and either the key path or the key.

func (TLS) Validate

func (t TLS) Validate() error

Validate runs validation on all fields and compose all found errors.

type TimeoutConfig added in v16.5.0

type TimeoutConfig struct {
	// UploadPackNegotiation configures the timeout for git-upload-pack(1) when negotiating the packfile. This does not
	// influence any potential timeouts when the packfile is being sent to the client.
	UploadPackNegotiation duration.Duration `toml:"upload_pack_negotiation,omitempty" json:"upload_pack_negotiation,omitempty"`
	// UploadArchiveNegotiation configures the timeout for git-upload-archive(1) when negotiating the archive. This does not
	// influence any potential timeouts when the archive is being sent to the client.
	UploadArchiveNegotiation duration.Duration `toml:"upload_archive_negotiation,omitempty" json:"upload_archive_negotiation,omitempty"`
}

TimeoutConfig represents negotiation timeouts for remote Git operations

type Transactions added in v16.6.0

type Transactions struct {
	// Enabled enables transaction support. This option is experimental
	// and intended for development only. Do not enable for other uses.
	Enabled bool `toml:"enabled,omitempty" json:"enabled,omitempty"`
}

Transactions configures transaction related options.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL