Ensure user provides EDITOR env variable

Rather than falling back to the `editor` binary, which is often only on debian systems if an alernative editor was installed.

Ensure user provides EDITOR env variable
Rather than falling back to the `editor` binary, which is often only on debian systems if an alernative editor was installed.
8f00408f · DJ Mountney · 1025d6ac · 8f00408f · 8f00408f
Commit 8f00408f authored Nov 23, 2020 by DJ Mountney
Hide whitespace changes
Inline Side-by-side

Showing with 22 additions and 12 deletions

lib/gitlab/encrypted_ldap_command.rb lib/gitlab/encrypted_ldap_command.rb +8 -3

spec/tasks/gitlab/ldap_rake_spec.rb spec/tasks/gitlab/ldap_rake_spec.rb +14 -9

No files found.
--- a/lib/gitlab/encrypted_ldap_command.rb
+++ b/lib/gitlab/encrypted_ldap_command.rb
@@ -22,13 +22,18 @@ module Gitlab
        encrypted = Gitlab::Auth::Ldap::Config.encrypted_secrets
        return unless validate_config(encrypted)

-        editor = ENV['EDITOR'] || 'editor'
+        if ENV["EDITOR"].to_s.empty?
+          puts 'No $EDITOR specified to open file. Please provide one when running the command:'
+          puts 'gitlab:ldap:secret:edit EDITOR=vim'
+          return
+        end
+
        temp_file = Tempfile.new(File.basename(encrypted.content_path), File.dirname(encrypted.content_path))

        encrypted.change do |contents|
          contents = encrypted_file_template unless File.exist?(encrypted.content_path)
          File.write(temp_file.path, contents)
-          system(editor, temp_file.path)
+          system(ENV['EDITOR'], temp_file.path)
          changes = File.read(temp_file.path)
          validate_contents(changes)
          changes
@@ -63,7 +68,7 @@ module Gitlab
        end

        if encrypted.key.nil?
-          puts "Missing encryption key enc_settings_key_base."
+          puts "Missing encryption key encrypted_settings_key_base."
          return false
        end


--- a/spec/tasks/gitlab/ldap_rake_spec.rb
+++ b/spec/tasks/gitlab/ldap_rake_spec.rb
@@ -23,7 +23,7 @@ RSpec.describe 'gitlab:ldap:secret rake tasks' do
    stub_warn_user_is_not_gitlab
    FileUtils.mkdir_p('tmp/tests/ldapenc/')
    allow(Gitlab.config.ldap).to receive(:secret_file).and_return(ldap_secret_file)
-    allow(Gitlab::Application.secrets).to receive(:enc_settings_key_base).and_return(SecureRandom.hex(64))
+    allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(SecureRandom.hex(64))
  end

  after do
@@ -37,13 +37,13 @@ RSpec.describe 'gitlab:ldap:secret rake tasks' do

    it 'displays error when key does not exist' do
      Settings.encrypted(ldap_secret_file).write('somevalue')
-      allow(Gitlab::Application.secrets).to receive(:enc_settings_key_base).and_return(nil)
-      expect { run_rake_task('gitlab:ldap:secret:show') }.to output(/Missing encryption key enc_settings_key_base./).to_stdout
+      allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(nil)
+      expect { run_rake_task('gitlab:ldap:secret:show') }.to output(/Missing encryption key encrypted_settings_key_base./).to_stdout
    end

    it 'displays error when key is changed' do
      Settings.encrypted(ldap_secret_file).write('somevalue')
-      allow(Gitlab::Application.secrets).to receive(:enc_settings_key_base).and_return(SecureRandom.hex(64))
+      allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(SecureRandom.hex(64))
      expect { run_rake_task('gitlab:ldap:secret:show') }.to output(/Couldn't decrypt .* Perhaps you passed the wrong key?/).to_stdout
    end

@@ -63,13 +63,13 @@ RSpec.describe 'gitlab:ldap:secret rake tasks' do
    end

    it 'displays error when key does not exist' do
-      allow(Gitlab::Application.secrets).to receive(:enc_settings_key_base).and_return(nil)
-      expect { run_rake_task('gitlab:ldap:secret:edit') }.to output(/Missing encryption key enc_settings_key_base./).to_stdout
+      allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(nil)
+      expect { run_rake_task('gitlab:ldap:secret:edit') }.to output(/Missing encryption key encrypted_settings_key_base./).to_stdout
    end

    it 'displays error when key is changed' do
      Settings.encrypted(ldap_secret_file).write('somevalue')
-      allow(Gitlab::Application.secrets).to receive(:enc_settings_key_base).and_return(SecureRandom.hex(64))
+      allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(SecureRandom.hex(64))
      expect { run_rake_task('gitlab:ldap:secret:edit') }.to output(/Couldn't decrypt .* Perhaps you passed the wrong key?/).to_stdout
    end

@@ -84,6 +84,11 @@ RSpec.describe 'gitlab:ldap:secret rake tasks' do
      value = Settings.encrypted(ldap_secret_file)
      expect(value.read).to match(/somevalue/)
    end
+
+    it 'displays error when $EDITOR is not set' do
+      stub_env('EDITOR', nil)
+      expect { run_rake_task('gitlab:ldap:secret:edit') }.to output(/No \$EDITOR specified to open file. Please provide one when running the command/).to_stdout
+    end
  end

  describe 'write' do
@@ -100,8 +105,8 @@ RSpec.describe 'gitlab:ldap:secret rake tasks' do
    end

    it 'displays error when key does not exist' do
-      allow(Gitlab::Application.secrets).to receive(:enc_settings_key_base).and_return(nil)
-      expect { run_rake_task('gitlab:ldap:secret:write') }.to output(/Missing encryption key enc_settings_key_base./).to_stdout
+      allow(Gitlab::Application.secrets).to receive(:encrypted_settings_key_base).and_return(nil)
+      expect { run_rake_task('gitlab:ldap:secret:write') }.to output(/Missing encryption key encrypted_settings_key_base./).to_stdout
    end

    it 'displays error when write directory does not exist' do