개요

Workflow

git pull over SSH

graph LR
	GitPull[Git Pull] --> |via SSH| GitLabShell[gitlab-shell]
	GitLabShell --> |API call| GitLabRails[gitlab-rails\\nauthorization]
	GitLabRails --> |accept or decline| Gitaly[Gitaly session]

git push over SSH

graph LR
	subgraph "User initiates"
		GitPush[Git push] --> |via SSH| GitLabShell[gitlab-shell]
	end
	
	GitLabShell --> |establish Gitaly session| GitlabShellReceiveHook[gitlab-shell\\npre-receive hook]
	subgraph "Gitaly"
		GitlabShellReceiveHook --> |API auth call| GitLabRails[Gitlab-rails]
		GitLabRails --> AcceptOrDecline[accept or decline push]
	end

Architect

Untitled

%%{init: { "fontFamily": "GitLab Sans" }}%%
sequenceDiagram
	participant Git on client
	participant GitLab SSHD
	participant Rails
	participant Gitaly
	participant Git on server
	Note left of Git on client: git fetch
		Git on client->>+GitLab SSHD: ssh git fetch-pack request
		GitLab SSHD->>+Rails: GET /internal/api/authorized_keys?key=AAAA...
	Note right of Rails: Lookup key ID
		Rails-->>-GitLab SSHD: 200 OK, command="gitlab-shell upload-pack key_id=1"
		GitLab SSHD->>+Rails: GET /internal/api/allowed?action=upload_pack&amp
	Note right of Rails: Auth check
		Rails-->>-GitLab SSHD: 200 OK, { gitaly: ... }
		GitLab SSHD->>+Gitaly: SSHService.SSHUploadPack request
		Gitaly->>+Git on server: git upload-pack request
	Note over Git on client,Git on server: Bidirectional communication between Git client and server
		Git on server-->>-Gitaly: git upload-pack response
		Gitaly -->>-GitLab SSHD: SSHService.SSHUploadPack response
		GitLab SSHD-->>-Git on client: ssh git fetch-pack response

참조

https://docs.gitlab.com/ee/development/gitlab_shell/index.html