Date: Wed, 5 Jun 2019 19:36:38 +0000 (UTC) From: Matthias Fechner <mfechner@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r503517 - in head/devel/gitaly: . files Message-ID: <201906051936.x55Jaco8017819@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mfechner Date: Wed Jun 5 19:36:37 2019 New Revision: 503517 URL: https://svnweb.freebsd.org/changeset/ports/503517 Log: Upgrade to 1.42.2 which is required for gitlab 11.11.1 security upgrade. Added: head/devel/gitaly/files/patch-bfb7648ed9b54d3c9c095408c117320da6f244dc.diff (contents, props changed) Modified: head/devel/gitaly/Makefile head/devel/gitaly/distinfo Modified: head/devel/gitaly/Makefile ============================================================================== --- head/devel/gitaly/Makefile Wed Jun 5 17:59:13 2019 (r503516) +++ head/devel/gitaly/Makefile Wed Jun 5 19:36:37 2019 (r503517) @@ -1,8 +1,8 @@ # $FreeBSD$ PORTNAME= gitaly -DISTVERSION= 1.42.0 -PORTREVISION= 1 +DISTVERSION= 1.42.2 +PORTREVISION= 0 CATEGORIES= devel MAINTAINER= mfechner@FreeBSD.org @@ -40,7 +40,7 @@ USE_RUBY= yes USE_GITLAB= yes GL_ACCOUNT= gitlab-org # Find this here: https://gitlab.com/gitlab-org/gitaly/tags -GL_COMMIT= 6f8f5ae53799e8275ed1f83a99cdaa96467125b2 +GL_COMMIT= f13c6c0da5d7bebe8bcaf58ffb4b3525ff590041 post-patch: ${REINPLACE_CMD} -e "s|%%PREFIX%%|${PREFIX}|" ${WRKSRC}/config.toml.example Modified: head/devel/gitaly/distinfo ============================================================================== --- head/devel/gitaly/distinfo Wed Jun 5 17:59:13 2019 (r503516) +++ head/devel/gitaly/distinfo Wed Jun 5 19:36:37 2019 (r503517) @@ -1,3 +1,3 @@ -TIMESTAMP = 1558384783 -SHA256 (gitlab-org-gitaly-6f8f5ae53799e8275ed1f83a99cdaa96467125b2_GL0.tar.gz) = 6a513f47ca530d866a26279d015faa2c49877c61f442b1d132bce122d1d1cf63 -SIZE (gitlab-org-gitaly-6f8f5ae53799e8275ed1f83a99cdaa96467125b2_GL0.tar.gz) = 8282676 +TIMESTAMP = 1559571542 +SHA256 (gitlab-org-gitaly-f13c6c0da5d7bebe8bcaf58ffb4b3525ff590041_GL0.tar.gz) = 52a3aee9af778961df40cc3134ba4322574a61e254037243ea6e3e1c1d8fe16b +SIZE (gitlab-org-gitaly-f13c6c0da5d7bebe8bcaf58ffb4b3525ff590041_GL0.tar.gz) = 8283344 Added: head/devel/gitaly/files/patch-bfb7648ed9b54d3c9c095408c117320da6f244dc.diff ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/devel/gitaly/files/patch-bfb7648ed9b54d3c9c095408c117320da6f244dc.diff Wed Jun 5 19:36:37 2019 (r503517) @@ -0,0 +1,330 @@ +diff --git changelogs/unreleased/ac-package-ps.yml changelogs/unreleased/ac-package-ps.yml +new file mode 100644 +index 0000000000000000000000000000000000000000..f493fa5c615663b0c08d39f358129602fd596df3 +--- /dev/null ++++ changelogs/unreleased/ac-package-ps.yml +@@ -0,0 +1,5 @@ ++--- ++title: Introduce ps package ++merge_request: 1258 ++author: ++type: added +diff --git cmd/gitaly-wrapper/main.go cmd/gitaly-wrapper/main.go +index 4a8ea6ae25b0c4db300ddb0c27972a49e6df02ed..79f100f6d7a9df2531e7732b912142cb36aff5bf 100644 +--- cmd/gitaly-wrapper/main.go ++++ cmd/gitaly-wrapper/main.go +@@ -13,6 +13,7 @@ import ( + + "github.com/sirupsen/logrus" + "gitlab.com/gitlab-org/gitaly/internal/config" ++ "gitlab.com/gitlab-org/gitaly/internal/ps" + ) + + const ( +@@ -43,7 +44,7 @@ func main() { + log.WithError(err).Fatal("find gitaly") + } + +- if gitaly != nil { ++ if gitaly != nil && isGitaly(gitaly, gitalyBin) { + log.Info("adopting a process") + } else { + log.Info("spawning a process") +@@ -82,10 +83,6 @@ func findGitaly() (*os.Process, error) { + } + + if isAlive(gitaly) { +- if ok, err := isGitaly(pid); !ok { +- return nil, err +- } +- + return gitaly, nil + } + +@@ -143,17 +140,17 @@ func isAlive(p *os.Process) bool { + return p.Signal(syscall.Signal(0)) == nil + } + +-func isGitaly(pid int) (bool, error) { +- command, err := procPath(pid) ++func isGitaly(p *os.Process, gitalyBin string) bool { ++ command, err := ps.Comm(p.Pid) + if err != nil { +- return false, err ++ return false + } + +- if path.Base(command) == "gitaly" { +- return true, nil ++ if path.Base(command) == path.Base(gitalyBin) { ++ return true + } + +- return false, nil ++ return false + } + + func pidFile() string { +diff --git cmd/gitaly-wrapper/main_test.go cmd/gitaly-wrapper/main_test.go +index cde68e840ad191b22cce4355606be11738da295e..f4d98a37480158d17665c698314adf004876152b 100644 +--- cmd/gitaly-wrapper/main_test.go ++++ cmd/gitaly-wrapper/main_test.go +@@ -1,11 +1,9 @@ + package main + + import ( +- "io" + "io/ioutil" + "os" + "os/exec" +- "path" + "strconv" + "testing" + +@@ -33,60 +31,16 @@ func TestStolenPid(t *testing.T) { + require.NoError(t, err) + require.NoError(t, pidFile.Close()) + +- gitaly, err := findGitaly() ++ tail, err := findGitaly() + require.NoError(t, err) +- require.Nil(t, gitaly) +-} +- +-func TestExistingGitaly(t *testing.T) { +- defer func(oldValue string) { +- os.Setenv(config.EnvPidFile, oldValue) +- }(os.Getenv(config.EnvPidFile)) +- +- tmpDir, err := ioutil.TempDir("", "gitaly-pid") +- require.NoError(t, err) +- defer os.RemoveAll(tmpDir) +- +- pidFile := path.Join(tmpDir, "gitaly.pid") +- fakeGitaly := path.Join(tmpDir, "gitaly") +- +- require.NoError(t, buildFakeGitaly(t, fakeGitaly), "Can't build a fake gitaly binary") +- +- os.Setenv(config.EnvPidFile, pidFile) +- +- cmd := exec.Command(fakeGitaly, "-f") +- require.NoError(t, cmd.Start()) +- defer cmd.Process.Kill() +- +- require.NoError(t, ioutil.WriteFile(pidFile, []byte(strconv.Itoa(cmd.Process.Pid)), 0644)) +- +- gitaly, err := findGitaly() +- require.NoError(t, err) +- require.NotNil(t, gitaly) +- require.Equal(t, cmd.Process.Pid, gitaly.Pid) +- gitaly.Kill() +-} +- +-func buildFakeGitaly(t *testing.T, path string) error { +- tail := exec.Command("tail", "-f") +- require.NoError(t, tail.Start()) +- defer tail.Process.Kill() +- +- tailPath, err := procPath(tail.Process.Pid) +- require.NoError(t, err) +- tail.Process.Kill() +- +- src, err := os.Open(tailPath) +- require.NoError(t, err) +- defer src.Close() +- +- out, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY, 0744) +- require.NoError(t, err) +- defer out.Close() ++ require.NotNil(t, tail) ++ require.Equal(t, cmd.Process.Pid, tail.Pid) + +- if _, err := io.Copy(out, src); err != nil { +- return err +- } ++ t.Run("stolen", func(t *testing.T) { ++ require.False(t, isGitaly(tail, "/path/to/gitaly")) ++ }) + +- return out.Sync() ++ t.Run("not stolen", func(t *testing.T) { ++ require.True(t, isGitaly(tail, "/path/to/tail")) ++ }) + } +diff --git cmd/gitaly-wrapper/proc_path_darwin.go cmd/gitaly-wrapper/proc_path_darwin.go +deleted file mode 100644 +index 4979cc20393c46110698f861fe8cbfd23f65fbf2..0000000000000000000000000000000000000000 +--- cmd/gitaly-wrapper/proc_path_darwin.go ++++ /dev/null +@@ -1,25 +0,0 @@ +-package main +- +-// #include <libproc.h> +-// #include <stdlib.h> +-import "C" +- +-import ( +- "fmt" +- "unsafe" +-) +- +-func procPath(pid int) (string, error) { +- // MacOS does not implement procfs, this simple function calls proc_pidpath from MacOS libproc +- // https://opensource.apple.com/source/xnu/xnu-2422.1.72/libsyscall/wrappers/libproc/libproc.h.auto.html +- // this is just for testing purpose as we do not support MacOS as a production environment +- +- buf := C.CString(string(make([]byte, C.PROC_PIDPATHINFO_MAXSIZE))) +- defer C.free(unsafe.Pointer(buf)) +- +- if ret, err := C.proc_pidpath(C.int(pid), unsafe.Pointer(buf), C.PROC_PIDPATHINFO_MAXSIZE); ret <= 0 { +- return "", fmt.Errorf("failed process path retrieval: %v", err) +- } +- +- return C.GoString(buf), nil +-} +diff --git cmd/gitaly-wrapper/proc_path_linux.go cmd/gitaly-wrapper/proc_path_linux.go +deleted file mode 100644 +index d48828a93ef454d07a7c11a71f30ca0399b740f3..0000000000000000000000000000000000000000 +--- cmd/gitaly-wrapper/proc_path_linux.go ++++ /dev/null +@@ -1,10 +0,0 @@ +-package main +- +-import ( +- "os" +- "strconv" +-) +- +-func procPath(pid int) (path string, err error) { +- return os.Readlink("/proc/" + strconv.Itoa(pid) + "/exe") +-} +diff --git internal/ps/ps.go internal/ps/ps.go +new file mode 100644 +index 0000000000000000000000000000000000000000..1115547ac9db363673a5788dbb2f3b085f35d9c6 +--- /dev/null ++++ internal/ps/ps.go +@@ -0,0 +1,32 @@ ++package ps ++ ++import ( ++ "os/exec" ++ "strconv" ++ "strings" ++) ++ ++// Exec invokes ps -o keywords -p pid and returns its output ++func Exec(pid int, keywords string) (string, error) { ++ out, err := exec.Command("ps", "-o", keywords, "-p", strconv.Itoa(pid)).Output() ++ if err != nil { ++ return "", err ++ } ++ ++ return strings.TrimSpace(string(out)), nil ++} ++ ++// RSS invokes ps -o rss= -p pid and returns its output ++func RSS(pid int) (int, error) { ++ rss, err := Exec(pid, "rss=") ++ if err != nil { ++ return 0, err ++ } ++ ++ return strconv.Atoi(rss) ++} ++ ++// Comm invokes ps -o comm= -p pid and returns its output ++func Comm(pid int) (string, error) { ++ return Exec(pid, "comm=") ++} +diff --git internal/ps/ps_test.go internal/ps/ps_test.go +new file mode 100644 +index 0000000000000000000000000000000000000000..e752d146c6b2b14133a994d7b28853ff5dbbee56 +--- /dev/null ++++ internal/ps/ps_test.go +@@ -0,0 +1,28 @@ ++package ps ++ ++import ( ++ "os" ++ "testing" ++ ++ "github.com/stretchr/testify/require" ++) ++ ++var pid = os.Getpid() ++ ++func TestFailure(t *testing.T) { ++ _, err := Exec(pid, "not-existing-keyword=") ++ require.Error(t, err) ++} ++ ++func TestComm(t *testing.T) { ++ comm, err := Comm(pid) ++ require.NoError(t, err) ++ // the name of the testing binary may vary depending on how test are invoked (make or IDE) ++ require.Contains(t, comm, "test") ++} ++ ++func TestRSS(t *testing.T) { ++ rss, err := RSS(pid) ++ require.NoError(t, err) ++ require.True(t, rss > 0, "Expected a positive RSS") ++} +diff --git internal/supervisor/monitor.go internal/supervisor/monitor.go +index 4544e259a1ecdc4f968eb7900a3e9e6d5824d1bb..fc1ddb1468fa8992037fd6e6f65b454907a073ea 100644 +--- internal/supervisor/monitor.go ++++ internal/supervisor/monitor.go +@@ -1,13 +1,11 @@ + package supervisor + + import ( +- "os/exec" +- "strconv" + "time" + + "github.com/prometheus/client_golang/prometheus" + log "github.com/sirupsen/logrus" +- "gitlab.com/gitlab-org/gitaly/internal/helper/text" ++ "gitlab.com/gitlab-org/gitaly/internal/ps" + ) + + var ( +@@ -48,7 +46,13 @@ func monitorRss(procs <-chan monitorProcess, done chan<- struct{}, events chan<- + for mp := range procs { + monitorLoop: + for { +- rss := 1024 * getRss(mp.pid) ++ rss, err := ps.RSS(mp.pid) ++ if err != nil { ++ log.WithError(err).Warn("getting RSS") ++ } ++ ++ // converts from kB to B ++ rss *= 1024 + rssGauge.WithLabelValues(name).Set(float64(rss)) + + if rss > 0 { +@@ -73,23 +77,6 @@ func monitorRss(procs <-chan monitorProcess, done chan<- struct{}, events chan<- + } + } + +-// getRss returns RSS in kilobytes. +-func getRss(pid int) int { +- // I tried adding a library to do this but it seemed like overkill +- // and YAGNI compared to doing this one 'ps' call. +- psRss, err := exec.Command("ps", "-o", "rss=", "-p", strconv.Itoa(pid)).Output() +- if err != nil { +- return 0 +- } +- +- rss, err := strconv.Atoi(text.ChompBytes(psRss)) +- if err != nil { +- return 0 +- } +- +- return rss +-} +- + func monitorHealth(f func() error, events chan<- Event, name string, shutdown <-chan struct{}) { + for { + e := Event{Error: f()}
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201906051936.x55Jaco8017819>