Add routing rules for Session Prefix
We need to implement the following rules:
- If session cookie matches, it is being classified by Topology Service
- If special force-cell cookie matches, it is classified by Topology Service
- If no match is found it is doing passthrough to defined
GITLAB_PROXY_HOST
[
{
"match": {
"type": "cookie",
"regex_name": "force-cell",
"regex_value": "^(?<cell_name>cell-\\d+)"
},
"action": "classify",
"classify": {
"type": "SessionPrefix",
"value": "${cell_name}"
}
},
{
"match": {
"type": "cookie",
"regex_name": "_gitlab_session(_[0-9a-f]+)?",
"regex_value": "^(?<cell_name>cell-\\d+)-.*"
},
"action": "classify",
"classify": {
"type": "SessionPrefix",
"value": "${cell_name}"
}
},
{
"action": "proxy"
}
]Action Items
-
Add the new routing rule to the HTTP Router, see #20 (comment 2020199608) -
Validate on GDK that a logged in user on the 2nd cell have their requests routed to the correct cell. Note: As we do not have login flow yet, we may need to a implement a special rule to force requests to route to the special cell given a special cookie. So that we can get to the login page for Cell 2. -
[Optional] (useful for testing) Configure GDK to add the right session cookie prefix for each additional cell. See here gitlab-org/gitlab-development-kit#2156 (closed) and https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/lib/cell_manager.rb?ref_type=heads#L101=> gitlab-org/gitlab-development-kit#2156 (closed)
Edited by Lin Jen-Shin