Add Redis settings specific to Workhorse

Instead of reusing gitlab_rails['redis_*'] settings for GitLab Workhorse
also, allow users to set Redis configuration specifically to Workhorse.
However, maintain status quo with defaults and fallbacks so that the
change is backward incompatable.

Changelog: added
Signed-off-by: Balasankar "Balu" C <[email protected]>

Author: balasankarc

files/gitlab-config-template/gitlab.rb.template

@@ -1128,6 +1128,28 @@ external_url 'GENERATED_EXTERNAL_URL'
 ##! Semantic metadata used when registering GitLab Workhorse as a Consul service
 # gitlab_workhorse['consul_service_meta'] = {}
 
+##! Redis settings specific for GitLab Workhorse
+##! To be used when Workhorse is supposed to use a different Redis instance than
+##! other components. The settings specified here should match
+##! `gitlab_rails['redis_workhorse_*']` settings, if specified. If not specified,
+##! they are inferred from the below values. `gitlab_rails['redis_workhorse_*']`
+##! settings tell the Rails app which Redis has channels to publish messages to,
+##! and `gitlab_workhorse['redis_*']` tells Workhorse which Redis has channels to
+##! subscribe to. Hence, the requirement of the settings to match.
+# gitlab_workhorse['redis_socket'] = "/var/opt/gitlab/redis/redis.socket"
+# gitlab_workhorse['redis_host'] = "127.0.0.1"
+# gitlab_workhorse['redis_port'] = nil
+# gitlab_workhorse['redis_database'] = nil
+# gitlab_workhorse['redis_username'] = nil
+# gitlab_workhorse['redis_password'] = nil
+# gitlab_workhorse['redis_ssl'] = false
+# gitlab_workhorse['redis_cluster_nodes'] = []
+# gitlab_workhorse['redis_sentinels'] = []
+# gitlab_workhorse['redis_sentinels_password'] = nil
+# gitlab_workhorse['redis_sentinel_master'] = nil
+# gitlab_workhorse['redis_sentinel_master_ip'] = nil
+# gitlab_workhorse['redis_sentinel_master_port'] = nil
+
 ################################################################################
 ## GitLab User Settings
 ##! Modify default git user.

files/gitlab-cookbooks/gitlab/attributes/default.rb

@@ -817,6 +817,20 @@
 default['gitlab']['gitlab_workhorse']['consul_service_name'] = 'workhorse'
 default['gitlab']['gitlab_workhorse']['consul_service_meta'] = nil
 
+default['gitlab']['gitlab_workhorse']['redis_socket'] = "/var/opt/gitlab/redis/redis.socket"
+default['gitlab']['gitlab_workhorse']['redis_host'] = "127.0.0.1"
+default['gitlab']['gitlab_workhorse']['redis_port'] = nil
+default['gitlab']['gitlab_workhorse']['redis_database'] = nil
+default['gitlab']['gitlab_workhorse']['redis_username'] = nil
+default['gitlab']['gitlab_workhorse']['redis_password'] = nil
+default['gitlab']['gitlab_workhorse']['redis_ssl'] = false
+default['gitlab']['gitlab_workhorse']['redis_cluster_nodes'] = []
+default['gitlab']['gitlab_workhorse']['redis_sentinels'] = []
+default['gitlab']['gitlab_workhorse']['redis_sentinels_password'] = nil
+default['gitlab']['gitlab_workhorse']['redis_sentinel_master'] = nil
+default['gitlab']['gitlab_workhorse']['redis_sentinel_master_ip'] = nil
+default['gitlab']['gitlab_workhorse']['redis_sentinel_master_port'] = nil
+
 ####
 # mailroom
 ####

files/gitlab-cookbooks/gitlab/libraries/gitlab_workhorse.rb

@@ -15,6 +15,9 @@
 # limitations under the License.
 #
 
+require_relative './redis_uri'
+require_relative '../../package/libraries/helpers/new_redis_helper'
+
 module GitlabWorkhorse
   class << self
     def parse_variables
@@ -30,13 +33,123 @@ def parse_variables
       network = user_network || default_network
 
       Gitlab['gitlab_workhorse']['listen_addr'] ||= File.join(sockets_dir, 'socket') if network == "unix"
+
+      parse_redis_settings
     end
 
     def parse_secrets
       # gitlab-workhorse expects exactly 32 bytes, encoded with base64
       Gitlab['gitlab_workhorse']['secret_token'] ||= SecureRandom.base64(32)
     end
 
+    def parse_redis_settings
+      gitlab_workhorse_redis_configured = Gitlab['gitlab_workhorse'].key?('redis_socket') ||
+        Gitlab['gitlab_workhorse'].key?('redis_host')
+
+      rails_workhorse_redis_configured =
+        Gitlab['gitlab_rails']['redis_workhorse_instance'] ||
+        (Gitlab['gitlab_rails']['redis_workhorse_sentinels'] &&
+         !Gitlab['gitlab_rails']['redis_workhorse_sentinels'].empty?)
+
+      if gitlab_workhorse_redis_configured
+        # Parse settings from `redis['master_*']` first.
+        parse_redis_master_settings
+        # If gitlab_workhorse settings are specified, populate
+        # gitlab_rails['redis_workhorse_*'] settings from it.
+        update_separate_redis_instance_settings
+      elsif rails_workhorse_redis_configured
+        # If user has specified a separate Redis host for Workhorse via
+        # `gitlab_rails['redis_workhorse_*']` settings, copy them to
+        # `gitlab_workhorse['redis_*']`.
+        parse_separate_redis_instance_settings
+        parse_redis_master_settings
+      else
+        # If user hasn't specified any separate Redis settings for Workhorse,
+        # copy the global settings from GitLab Rails
+        parse_global_rails_redis_settings
+        parse_redis_master_settings
+      end
+    end
+
+    # rubocop:disable Metrics/CyclomaticComplexity
+    # rubocop:disable Metrics/AbcSize
+    # rubocop:disable Metrics/PerceivedComplexity
+    def update_separate_redis_instance_settings
+      if Gitlab['gitlab_workhorse']['redis_host']
+        uri_from_workhorse = NewRedisHelper.build_redis_url(
+          ssl: Gitlab['gitlab_workhorse']['redis_ssl'] || Gitlab['node']['gitlab']['gitlab_workhorse']['redis_ssl'],
+          host: Gitlab['gitlab_workhorse']['redis_host'] || Gitlab['node']['gitlab']['gitlab_workhorse']['redis_host'],
+          port: Gitlab['gitlab_workhorse']['redis_port'] || Gitlab['node']['gitlab']['gitlab_workhorse']['redis_port'],
+          password: Gitlab['gitlab_workhorse']['redis_password'] || Gitlab['node']['gitlab']['gitlab_workhorse']['redis_password'],
+          path: Gitlab['gitlab_workhorse']['redis_database'] || Gitlab['node']['gitlab']['gitlab_workhorse']['redis_database']
+        ).to_s
+
+        uri_from_rails = NewRedisHelper.build_redis_url(
+          ssl: Gitlab['gitlab_rails']['redis_ssl'] || Gitlab['node']['gitlab']['gitlab_rails']['redis_ssl'],
+          host: Gitlab['gitlab_rails']['redis_host'] || Gitlab['node']['gitlab']['gitlab_rails']['redis_host'],
+          port: Gitlab['gitlab_rails']['redis_port'] || Gitlab['node']['gitlab']['gitlab_rails']['redis_port'],
+          password: Gitlab['gitlab_rails']['redis_password'] || Gitlab['node']['gitlab']['gitlab_rails']['redis_password'],
+          path: Gitlab['gitlab_rails']['redis_database'] || Gitlab['node']['gitlab']['gitlab_rails']['redis_database']
+        ).to_s
+        Gitlab['gitlab_rails']['redis_workhorse_instance'] = uri_from_workhorse if uri_from_workhorse != uri_from_rails
+
+      else
+        workhorse_redis_socket = Gitlab['gitlab_workhorse']['redis_socket'] || Gitlab['node']['gitlab']['gitlab_workhorse']['redis_socket']
+        rails_redis_socket = Gitlab['gitlab_rails']['redis_socket'] || Gitlab['node']['gitlab']['gitlab_rails']['redis_socket']
+        Gitlab['gitlab_rails']['redis_workhorse_instance'] = "unix://#{workhorse_redis_socket}" if workhorse_redis_socket != rails_redis_socket
+      end
+
+      %w[username password cluster_nodes sentinels sentinel_master sentinels_password].each do |setting|
+        Gitlab['gitlab_rails']["redis_workhorse_#{setting}"] ||= Gitlab['gitlab_workhorse']["redis_#{setting}"]
+      end
+    end
+    # rubocop:enable Metrics/CyclomaticComplexity
+    # rubocop:enable Metrics/AbcSize
+    # rubocop:enable Metrics/PerceivedComplexity
+
+    def parse_global_rails_redis_settings
+      %w[ssl host socket port password database sentinels sentinels_password].each do |setting|
+        Gitlab['gitlab_workhorse']["redis_#{setting}"] ||= Gitlab['gitlab_rails']["redis_#{setting}"]
+      end
+    end
+
+    def parse_separate_redis_instance_settings
+      # If an individual Redis instance is specified for Workhorse, figure out
+      # host, port, password, etc. from it
+      if Gitlab['gitlab_rails']['redis_workhorse_instance']
+        uri = URI(Gitlab['gitlab_rails']['redis_workhorse_instance'])
+
+        Gitlab['gitlab_workhorse']['redis_ssl'] = uri.scheme == 'rediss' unless Gitlab['gitlab_workhorse'].key?('redis_ssl')
+        if uri.scheme == 'unix'
+          Gitlab['gitlab_workhorse']['redis_socket'] = uri.path
+        else
+          Gitlab['gitlab_workhorse']['redis_host'] ||= if uri.path.start_with?('/')
+                                                         uri.host
+                                                       else
+                                                         uri.path
+                                                       end
+          Gitlab['gitlab_workhorse']['redis_port'] ||= uri.port
+          Gitlab['gitlab_workhorse']['redis_password'] ||= uri.password
+          Gitlab['gitlab_workhorse']['redis_database'] ||= uri.path.delete_prefix('/') if uri.path.start_with?('/')
+        end
+      end
+
+      %w[username password cluster_nodes sentinels sentinel_master sentinels_password].each do |setting|
+        Gitlab['gitlab_workhorse']["redis_#{setting}"] ||= Gitlab['gitlab_rails']["redis_workhorse_#{setting}"]
+      end
+    end
+
+    def parse_redis_master_settings
+      # TODO: When GitLab rails gets it's own set if `redis_sentinel_master_*`
+      # settings, update the following to use them instead of
+      # `Gitlab['redis'][*]` settings. It can be then merged with
+      # `parse_rails_redis_settings` method
+      Gitlab['gitlab_workhorse']['redis_sentinel_master'] ||= Gitlab['redis']['master_name'] || Gitlab[:node]['redis']['master_name']
+      Gitlab['gitlab_workhorse']['redis_sentinel_master_ip'] ||= Gitlab['redis']['master_ip'] || Gitlab[:node]['redis']['master_ip']
+      Gitlab['gitlab_workhorse']['redis_sentinel_master_port'] ||= Gitlab['redis']['master_port'] || Gitlab[:node]['redis']['master_port']
+      Gitlab['gitlab_workhorse']['redis_password'] ||= Gitlab['redis']['master_password'] || Gitlab[:node]['redis']['master_password']
+    end
+
     private
 
     def auth_socket_specified?

spec/chef/cookbooks/gitlab/libraries/redis_helper_spec.rb

@@ -197,15 +197,15 @@
         it 'renders parameters for workhorse redis' do
           stub_gitlab_rb(baseline_config_with_sentinel.merge({
                                                                gitlab_rails: {
-                                                                 redis_workhorse_instance: "redis://:redis.workhorse.com:8888",
+                                                                 redis_workhorse_instance: "redis://:@redis.workhorse.com:8888",
                                                                  redis_workhorse_password: "workhorse.password"
                                                                }
                                                              }))
 
           params = subject.workhorse_params
           expect(params[:password]).to eq('workhorse.password')
           expect(params[:sentinels]).to eq([])
-          expect(params[:url].to_s).to eq('redis://:redis.workhorse.com:8888')
+          expect(params[:url].to_s).to eq('redis://:@redis.workhorse.com:8888')
         end
       end