Merge branch 'id-add-lsif-header-to-workhorse' into 'master'

Add Lsif header to artifacts authorise response

See merge request gitlab-org/gitlab!31602

GITLAB_WORKHORSE_VERSION

-8.31.0
+8.32.0

app/services/ci/authorize_job_artifact_service.rb

+# frozen_string_literal: true
+
+module Ci
+  class AuthorizeJobArtifactService
+    include Gitlab::Utils::StrongMemoize
+
+    # Max size of the zipped LSIF artifact
+    LSIF_ARTIFACT_MAX_SIZE = 20.megabytes
+    LSIF_ARTIFACT_TYPE = 'lsif'
+
+    def initialize(job, params, max_size:)
+      @job = job
+      @max_size = max_size
+      @size = params[:filesize]
+      @type = params[:artifact_type].to_s
+    end
+
+    def forbidden?
+      lsif? && !code_navigation_enabled?
+    end
+
+    def too_large?
+      size && max_size <= size.to_i
+    end
+
+    def headers
+      default_headers = JobArtifactUploader.workhorse_authorize(has_length: false, maximum_size: max_size)
+      default_headers.tap do |h|
+        h[:ProcessLsif] = true if lsif? && code_navigation_enabled?
+      end
+    end
+
+    private
+
+    attr_reader :job, :size, :type
+
+    def code_navigation_enabled?
+      strong_memoize(:code_navigation_enabled) do
+        Feature.enabled?(:code_navigation)
+      end
+    end
+
+    def lsif?
+      strong_memoize(:lsif) do
+        type == LSIF_ARTIFACT_TYPE
+      end
+    end
+
+    def max_size
+      lsif? ? LSIF_ARTIFACT_MAX_SIZE : @max_size.to_i
+    end
+  end
+end

lib/api/runner.rb

@@ -220,6 +220,8 @@ module API
         requires :id, type: Integer, desc: %q(Job's ID)
         optional :token, type: String, desc: %q(Job's authentication token)
         optional :filesize, type: Integer, desc: %q(Artifacts filesize)
+        optional :artifact_type, type: String, desc: %q(The type of artifact),
+                                 default: 'archive', values: Ci::JobArtifact.file_types.keys
       end
       post '/:id/artifacts/authorize' do
         not_allowed! unless Gitlab.config.artifacts.enabled
@@ -229,16 +231,14 @@ module API
         job = authenticate_job!
         forbidden!('Job is not running') unless job.running?
 
-        max_size = max_artifacts_size(job)
+        service = Ci::AuthorizeJobArtifactService.new(job, params, max_size: max_artifacts_size(job))
 
-        if params[:filesize]
-          file_size = params[:filesize].to_i
-          file_too_large! unless file_size < max_size
-        end
+        forbidden! if service.forbidden?
+        file_too_large! if service.too_large?
 
         status 200
         content_type Gitlab::Workhorse::INTERNAL_API_CONTENT_TYPE
-        JobArtifactUploader.workhorse_authorize(has_length: false, maximum_size: max_size)
+        service.headers
       end
 
       desc 'Upload artifacts for job' do

spec/requests/api/runner_spec.rb

@@ -1634,6 +1634,31 @@ describe API::Runner, :clean_gitlab_redis_shared_state do
           end
         end
 
+        context 'authorize uploading of an lsif artifact' do
+          it 'adds ProcessLsif header' do
+            authorize_artifacts_with_token_in_headers(artifact_type: :lsif)
+
+            expect(response).to have_gitlab_http_status(:ok)
+            expect(json_response['ProcessLsif']).to be_truthy
+          end
+
+          it 'fails to authorize too large artifact' do
+            authorize_artifacts_with_token_in_headers(artifact_type: :lsif, filesize: 30.megabytes)
+
+            expect(response).to have_gitlab_http_status(:payload_too_large)
+          end
+
+          context 'code_navigation feature flag is disabled' do
+            it 'does not add ProcessLsif header' do
+              stub_feature_flags(code_navigation: false)
+
+              authorize_artifacts_with_token_in_headers(artifact_type: :lsif)
+
+              expect(response).to have_gitlab_http_status(:forbidden)
+            end
+          end
+        end
+
         def authorize_artifacts(params = {}, request_headers = headers)
           post api("/jobs/#{job.id}/artifacts/authorize"), params: params, headers: request_headers
         end