Support Workhorse config options for propagating correlation IDs
This commit adds support for two Workhorse configuration options added in gitlab!66715 (merged):
gitlab_workhorse['trusted_cidrs_for_propagation']
gitlab_workhorse['trusted_cidrs_for_x_forwarded_for']
These configuration options make it possible to trace the entire flow of the request via correlation_id
. Previously when Gitaly made a request to the internal API, Workhorse would generate a new correlation ID. As a result, we would lose the ability to trace every RPC made during a UI edit, for example.
trusted_cidrs_for_x_forwarded_for
tells Workhorse what remote IPs can
be trusted to use the X-Forwarded-For
HTTP header to resolve the
actual client IP. Note that this parameter is only used to determine
whether to propagate the correlation ID. It is not yet used for logging
the remote IP resolution, but it should be.
trusted_cidrs_for_propagation
allows Workhorse to restrict propagation
to certain IP ranges. We will want to add Gitaly servers and other
services that make HTTP internal calls (e.g. GitLab Pages) to this list.
Relates to gitlab#324836 (closed)