Check for force env var when rebuilding auth_keys

65afe7ed · Cindy Pallares · 08d19660 · 65afe7ed · 65afe7ed · 65afe7ed
Commit 65afe7ed authored Sep 19, 2018 by Cindy Pallares
3 changed files
--- a/doc/raketasks/backup_restore.md
+++ b/doc/raketasks/backup_restore.md
@@ -523,7 +523,7 @@ more of the following options:
 - `BACKUP=timestamp_of_backup` - Required if more than one backup exists.
  Read what the [backup timestamp is about](#backup-timestamp).
- `force=yes` - Does not ask if the authorized_keys file should get regenerated and assumes 'yes' for warning that database tables will be removed.
+- `force=yes` - Does not ask if the authorized_keys file should get regenerated and assumes 'yes' for warning that database tables will be removed, enabling the "Write to authorized_keys file" setting, and updating LDAP providers.
 If you are restoring into directories that are mountpoints you will need to make
 sure these directories are empty before attempting a restore. Otherwise GitLab

--- a/ee/changelogs/unreleased/enable-force-write-auth-keys-restore.yml
+++ b/ee/changelogs/unreleased/enable-force-write-auth-keys-restore.yml
+---
+title: Check for force env var when rebuilding auth_keys
+merge_request: 7419
+author:
+type: fixed
--- a/lib/tasks/gitlab/shell.rake
+++ b/lib/tasks/gitlab/shell.rake
@@ -126,19 +126,16 @@ namespace :gitlab do
    puts authorized_keys_is_disabled_warning
-    answer = prompt('Do you want to permanently enable the "Write to authorized_keys file" setting now (yes/no)? '.color(:blue), %w{yes no})
+    unless ENV['force'] == 'yes'
-    if answer == 'yes'
+      puts 'Do you want to permanently enable the "Write to authorized_keys file" setting now?'
-      puts 'Enabling the "Write to authorized_keys file" setting...'
+      ask_to_continue
-      uncached_settings = ApplicationSetting.last
-      uncached_settings.authorized_keys_enabled = true
-      uncached_settings.save!
-      puts 'Successfully enabled "Write to authorized_keys file"!'
-      puts ''
-    else
-      puts 'Leaving the "Write to authorized_keys file" setting disabled.'
-      puts 'Failed to rebuild authorized_keys file...'.color(:red)
-      exit 1
    end
+    puts 'Enabling the "Write to authorized_keys file" setting...'
+    Gitlab::CurrentSettings.current_application_settings.update!(authorized_keys_enabled: true)
+    puts 'Successfully enabled "Write to authorized_keys file"!'
+    puts ''
  end
  def authorized_keys_is_disabled_warning