Add Gerrit user permissions syncing

[pjlast]

Closes #46773

Implements user permissions syncing using Gerrit HTTP credentials.

The Gerrit experimental feature flag is removed so that Gerrit is an officially supported code host.
Setting the authorization field on the code host settings sets all repositories synced through this connection to private, since Gerrit does not seem to have the notion of public vs private repos. Users can either access repos based on the groups they belong to, or they can't.

Loom: https://www.loom.com/share/4e8c7058a4ad4fadb723e56aa5606e91

Test plan

Unit tests added and adjusted as well as VCR tests updated.

[sg-e2e-regression-test-bob]

Bundle size report 📦

Initial size	Total size	Async size	Modules
0.00% (0.00 kb)	0.02% (+2.58 kb)	0.02% (+2.58 kb)	0.00% (0)

Look at the Statoscope report for a full comparison between the commits c6f882f and 5af62f4 or learn more.

Open explanation

• Initial size is the size of the initial bundle (the one that is loaded when you open the page)
• Total size is the size of the initial bundle + all the async loaded chunks
• Async size is the size of all the async loaded chunks
• Modules is the number of modules in the initial bundle

[sourcegraph-bot]

Codenotify: Notifying subscribers in CODENOTIFY files for diff e4c356b...c6f882f.

Notify	File(s)
@eseliger	internal/extsvc/gerrit/account.go internal/extsvc/gerrit/client.go internal/extsvc/gerrit/testdata/golden/ListProjects.json internal/extsvc/gerrit/testdata/vcr/ListProjects.yaml
@indradhanush	internal/repos/gerrit.go
@ryanslade	internal/repos/gerrit.go
@sashaostrikov	internal/repos/gerrit.go
@unknwon	enterprise/internal/authz/authz.go enterprise/internal/authz/authz_test.go enterprise/internal/authz/bitbucketcloud/authz.go enterprise/internal/authz/bitbucketcloud/authz_test.go enterprise/internal/authz/bitbucketserver/authz.go enterprise/internal/authz/gerrit/authz.go enterprise/internal/authz/gerrit/client.go enterprise/internal/authz/gerrit/gerrit.go enterprise/internal/authz/gerrit/gerrit_test.go enterprise/internal/authz/github/authz.go enterprise/internal/authz/github/authz_test.go enterprise/internal/authz/gitlab/authz.go enterprise/internal/authz/perforce/authz.go enterprise/internal/authz/types/types.go

[kopancek]

Overall, seems good to me. Added a few comments and clarifying questions.

It seems to me this PR contains some code, that is already introduced in https://github.com/sourcegraph/sourcegraph/pull/46763

Not sure why, but it makes the diff comparison bigger and a little bit harder to read.

I decided not to comment on most of the things that were already pointed out in the other PR.

[kopancek]

It seems like previously we were doing a best effort to match the account. Can you explain more to me the reason for behavior change to return nil, nil all the time instead? Just curious...

[pjlast]

Ah, yes, so FetchAccount is used in cases like Bitbucket Server or the previous attempt at implementing Gerrit user permissions, where we don't have a way of connecting to a user account. So in those cases, we take a Sourcegraph property, like the user's email or username, and fetch user accounts on the Code Host using the code host PAT, and try to match them up. And then we sync permissions for that user using Repo-based permissions syncing

But because we're adding user-based permissions syncing now with a user providing HTTP credentials, this is no longer required.

[kopancek]

IIRC, if we do not have the AuthData, it means, that we do not have credentials. Should we instead say that in the error, since that seems to be the more important error than not having the external account metadata?

Also, in what kind of scenario can this actually happen? If we add the account through addExternalAccount mutation, there should always be data, right? Otherwise the mutation itself fails, as far as I understand.

[pjlast]

Yeah I was contemplating this scenario myself, but kinda just followed the existing patterns of the other auth providers.

I almost think this is only likely to occur in unit testing, where the programmer can forget to add AuthData when providing an account to test this 🤷‍♂️

This shouldn't occur naturally in a production environment.

Similarly, the error above it where it checks for the right account type, that also shouldn't occur naturally, since the perms syncer where this is used already matches the accounts to the providers.

Feel like there is probably a balance to maintain here between overly cautious checking vs. clarity/readability

[kopancek]

@mrnugget lately commented on my PR, that using global mocks is not a good practice and we should strive to not use them anymore. Is there another, cleaner way to mock VerifyAccount? For example by injecting it into the addGerritExternalAccount function?

[mrnugget]

In that case there was a struct on which to "inject" the dependency, here it's just a free-standing function. In that case I've also resorted to using global mock vars (but don't like it). If it makes sense to create a struct (gerritAccountVerifier struct { verifyFn func(...) }) then it's better to inject the method, I think

[kopancek]

This makes me sad 😭

[pjlast]

Very much 😭

[kopancek]

It might be worth putting all of this pagination complexity into another function. The code might look cleaner afterwards, with smaller functions. But feel free to disagree.

[pjlast]

lol just read this after replying to your comment above. But yes I agree, I think I'm just going to split these two scenarios altogether