diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-19 15:44:42 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-05-19 15:44:42 +0000 |
commit | 4555e1b21c365ed8303ffb7a3325d773c9b8bf31 (patch) | |
tree | 5423a1c7516cffe36384133ade12572cf709398d /doc/development/internal_api.md | |
parent | e570267f2f6b326480d284e0164a6464ba4081bc (diff) | |
download | gitlab-ce-4555e1b21c365ed8303ffb7a3325d773c9b8bf31.tar.gz |
Add latest changes from gitlab-org/gitlab@13-12-stable-eev13.12.0-rc42
Diffstat (limited to 'doc/development/internal_api.md')
-rw-r--r-- | doc/development/internal_api.md | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/doc/development/internal_api.md b/doc/development/internal_api.md index 7c4f869d1a7..57dd1c0a65b 100644 --- a/doc/development/internal_api.md +++ b/doc/development/internal_api.md @@ -14,6 +14,22 @@ working on the GitLab codebase. This documentation does not yet include the internal API used by GitLab Pages. +## Adding new endpoints + +API endpoints should be externally accessible by default, with proper authentication and authorization. +Before adding a new internal endpoint, consider if the API would potentially be +useful to the wider GitLab community and can be made externally accessible. + +One reason we might favor internal API endpoints sometimes is when using such an endpoint requires +internal data that external actors can not have. For example, in the internal Pages API we might use +a secret token that identifies a request as internal or sign a request with a public key that is +not available to a wider community. + +Another reason to separate something into an internal API is when request to such API endpoint +should never go through an edge (public) load balancer. This way we can configure different rate +limiting rules and policies around how the endpoint is being accessed, because we know that only +internal requests can be made to that endpoint going through an internal load balancer. + ## Authentication These methods are all authenticated using a shared secret. This secret @@ -437,7 +453,8 @@ metric counters. | Attribute | Type | Required | Description | |:----------|:-------|:---------|:------------| -| `gitops_sync_count` | integer| yes | The number to increase the `gitops_sync_count` counter by | +| `gitops_sync_count` | integer| no | The number to increase the `gitops_sync_count` counter by | +| `k8s_api_proxy_request_count` | integer| no | The number to increase the `k8s_api_proxy_request_count` counter by | ```plaintext POST /internal/kubernetes/usage_metrics |