Support unhiding of all refs for Geo Nodes

By default, we hide certain refs (e.g. keep-around/XXX) to save user
download time. We need to preserve these references on secondary Geo
nodes to have a true copy.

5 files changed, 35 insertions, 10 deletions

diff --git a/lib/gitlab_access_status.rb b/lib/gitlab_access_status.rb
index a6a274c..494349d 100644
--- a/lib/gitlab_access_status.rb
+++ b/lib/gitlab_access_status.rb
@@ -1,19 +1,25 @@
 require 'json'
 
 class GitAccessStatus
-  attr_reader :message, :gl_repository, :repository_path, :gitaly
+  attr_reader :message, :gl_repository, :repository_path, :gitaly, :geo_node
 
-  def initialize(status, message, gl_repository, repository_path, gitaly)
+  def initialize(status, message, gl_repository, repository_path, gitaly, geo_node)
     @status = status
     @message = message
     @gl_repository = gl_repository
     @repository_path = repository_path
     @gitaly = gitaly
+    @geo_node = geo_node
   end
 
   def self.create_from_json(json)
     values = JSON.parse(json)
-    self.new(values["status"], values["message"], values["gl_repository"], values["repository_path"], values["gitaly"])
+    self.new(values["status"],
+             values["message"],
+             values["gl_repository"],
+             values["repository_path"],
+             values["gitaly"],
+             values["geo_node"])
   end
 
   def allowed?
diff --git a/lib/gitlab_net.rb b/lib/gitlab_net.rb
index 4c938b1..1a6c016 100644
--- a/lib/gitlab_net.rb
+++ b/lib/gitlab_net.rb
@@ -39,7 +39,7 @@ class GitlabNet
     if resp.code == '200'
       GitAccessStatus.create_from_json(resp.body)
     else
-      GitAccessStatus.new(false, 'API is not accessible', nil, nil)
+      GitAccessStatus.new(false, 'API is not accessible', nil, nil, nil, false)
     end
   end
 
diff --git a/lib/gitlab_shell.rb b/lib/gitlab_shell.rb
index 262f9f7..e3025ef 100644
--- a/lib/gitlab_shell.rb
+++ b/lib/gitlab_shell.rb
@@ -17,7 +17,7 @@ class GitlabShell
   API_COMMANDS = %w(2fa_recovery_codes)
   GL_PROTOCOL = 'ssh'.freeze
 
-  attr_accessor :key_id, :gl_repository, :repo_name, :command, :git_access
+  attr_accessor :key_id, :gl_repository, :repo_name, :command, :git_access, :show_all_refs
   attr_reader :repo_path
 
   def initialize(key_id)
@@ -100,6 +100,7 @@ class GitlabShell
     self.repo_path = status.repository_path
     @gl_repository = status.gl_repository
     @gitaly = status.gitaly
+    @show_all_refs = status.geo_node
   end
 
   def process_cmd(args)
@@ -159,6 +160,10 @@ class GitlabShell
       env['GITALY_TOKEN'] = @gitaly['token']
     end
 
+    # We have to use a negative transfer.hideRefs since this is the only way
+    # to undo an already set parameter: https://www.spinics.net/lists/git/msg256772.html
+    env['GIT_CONFIG_PARAMETERS'] = "'transfer.hideRefs=!refs'" if @show_all_refs
+
     if git_trace_available?
       env.merge!({
         'GIT_TRACE' => @config.git_trace_log_file,
diff --git a/spec/gitlab_access_spec.rb b/spec/gitlab_access_spec.rb
index f91a8a5..c95a3be 100644
--- a/spec/gitlab_access_spec.rb
+++ b/spec/gitlab_access_spec.rb
@@ -7,7 +7,7 @@ describe GitlabAccess do
   let(:repo_path)  { File.join(repository_path, repo_name) + ".git" }
   let(:api) do
     double(GitlabNet).tap do |api|
-      api.stub(check_access: GitAccessStatus.new(true, 'ok', 'project-1', '/home/git/repositories', nil))
+      api.stub(check_access: GitAccessStatus.new(true, 'ok', 'project-1', '/home/git/repositories', nil, false))
     end
   end
   subject do
@@ -38,7 +38,7 @@ describe GitlabAccess do
     context "access is denied" do
 
       before do
-        api.stub(check_access: GitAccessStatus.new(false, 'denied', nil, nil, nil))
+        api.stub(check_access: GitAccessStatus.new(false, 'denied', nil, nil, nil, false))
       end
 
       it "returns false" do
diff --git a/spec/gitlab_shell_spec.rb b/spec/gitlab_shell_spec.rb
index 29093ac..7908b09 100644
--- a/spec/gitlab_shell_spec.rb
+++ b/spec/gitlab_shell_spec.rb
@@ -19,12 +19,12 @@ describe GitlabShell do
     end
   end
 
-  let(:gitaly_check_access) { GitAccessStatus.new(true, 'ok', gl_repository, repo_path, { 'repository' => { 'relative_path' => repo_name, 'storage_name' => 'default'} , 'address' => 'unix:gitaly.socket' })}
+  let(:gitaly_check_access) { GitAccessStatus.new(true, 'ok', gl_repository, repo_path, { 'repository' => { 'relative_path' => repo_name, 'storage_name' => 'default'} , 'address' => 'unix:gitaly.socket' }, false) }
 
   let(:api) do
     double(GitlabNet).tap do |api|
       api.stub(discover: { 'name' => 'John Doe' })
-      api.stub(check_access: GitAccessStatus.new(true, 'ok', gl_repository, repo_path, nil))
+      api.stub(check_access: GitAccessStatus.new(true, 'ok', gl_repository, repo_path, nil, false))
       api.stub(two_factor_recovery_codes: {
         'success' => true,
         'recovery_codes' => ['f67c514de60c4953', '41278385fc00c1e0']
@@ -326,7 +326,7 @@ describe GitlabShell do
       end
 
       it "should disallow access and log the attempt if check_access returns false status" do
-        api.stub(check_access: GitAccessStatus.new(false, 'denied', nil, nil, nil))
+        api.stub(check_access: GitAccessStatus.new(false, 'denied', nil, nil, nil, false))
         message = "gitlab-shell: Access denied for git command <git-upload-pack gitlab-ci.git> "
         message << "by user with key #{key_id}."
         $logger.should_receive(:warn).with(message)
@@ -386,6 +386,20 @@ describe GitlabShell do
       shell.send :exec_cmd, [1, 2]
     end
 
+    context "when show_all_refs is enabled" do
+      before { shell.show_all_refs = true }
+
+      it 'sets local git parameters' do
+        expected_hash = hash_including(
+          'GIT_CONFIG_PARAMETERS' => "'transfer.hideRefs=!refs'"
+        )
+
+        Kernel.should_receive(:exec).with(expected_hash, [1, 2], exec_options).once
+
+        shell.send :exec_cmd, [1, 2]
+      end
+    end
+
     context "when specifying a git_tracing log file" do
       let(:git_trace_log_file) { '/tmp/git_trace_performance.log' }