Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
c08191e0
Commit
c08191e0
authored
Aug 23, 2019
by
Patrick Bajao
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Remove the fallback path from gitlab-ce
parent
42484f55
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
89 additions
and
482 deletions
+89
-482
lib/gitlab/shell.rb
lib/gitlab/shell.rb
+6
-80
spec/lib/gitlab/shell_spec.rb
spec/lib/gitlab/shell_spec.rb
+83
-402
No files found.
lib/gitlab/shell.rb
View file @
c08191e0
...
@@ -165,16 +165,7 @@ module Gitlab
...
@@ -165,16 +165,7 @@ module Gitlab
def
add_key
(
key_id
,
key_content
)
def
add_key
(
key_id
,
key_content
)
return
unless
self
.
authorized_keys_enabled?
return
unless
self
.
authorized_keys_enabled?
if
shell_out_for_gitlab_keys?
gitlab_authorized_keys
.
add_key
(
key_id
,
key_content
)
gitlab_shell_fast_execute
([
gitlab_shell_keys_path
,
'add-key'
,
key_id
,
strip_key
(
key_content
)
])
else
gitlab_authorized_keys
.
add_key
(
key_id
,
key_content
)
end
end
end
# Batch-add keys to authorized_keys
# Batch-add keys to authorized_keys
...
@@ -184,19 +175,7 @@ module Gitlab
...
@@ -184,19 +175,7 @@ module Gitlab
def
batch_add_keys
(
keys
)
def
batch_add_keys
(
keys
)
return
unless
self
.
authorized_keys_enabled?
return
unless
self
.
authorized_keys_enabled?
if
shell_out_for_gitlab_keys?
gitlab_authorized_keys
.
batch_add_keys
(
keys
)
begin
IO
.
popen
(
"
#{
gitlab_shell_keys_path
}
batch-add-keys"
,
'w'
)
do
|
io
|
add_keys_to_io
(
keys
,
io
)
end
$?
.
success?
rescue
Error
false
end
else
gitlab_authorized_keys
.
batch_add_keys
(
keys
)
end
end
end
# Remove ssh key from authorized_keys
# Remove ssh key from authorized_keys
...
@@ -207,11 +186,7 @@ module Gitlab
...
@@ -207,11 +186,7 @@ module Gitlab
def
remove_key
(
id
,
_
=
nil
)
def
remove_key
(
id
,
_
=
nil
)
return
unless
self
.
authorized_keys_enabled?
return
unless
self
.
authorized_keys_enabled?
if
shell_out_for_gitlab_keys?
gitlab_authorized_keys
.
rm_key
(
id
)
gitlab_shell_fast_execute
([
gitlab_shell_keys_path
,
'rm-key'
,
id
])
else
gitlab_authorized_keys
.
rm_key
(
id
)
end
end
end
# Remove all ssh keys from gitlab shell
# Remove all ssh keys from gitlab shell
...
@@ -222,11 +197,7 @@ module Gitlab
...
@@ -222,11 +197,7 @@ module Gitlab
def
remove_all_keys
def
remove_all_keys
return
unless
self
.
authorized_keys_enabled?
return
unless
self
.
authorized_keys_enabled?
if
shell_out_for_gitlab_keys?
gitlab_authorized_keys
.
clear
gitlab_shell_fast_execute
([
gitlab_shell_keys_path
,
'clear'
])
else
gitlab_authorized_keys
.
clear
end
end
end
# Remove ssh keys from gitlab shell that are not in the DB
# Remove ssh keys from gitlab shell that are not in the DB
...
@@ -341,14 +312,6 @@ module Gitlab
...
@@ -341,14 +312,6 @@ module Gitlab
File
.
join
(
Gitlab
.
config
.
repositories
.
storages
[
storage
].
legacy_disk_path
,
dir_name
)
File
.
join
(
Gitlab
.
config
.
repositories
.
storages
[
storage
].
legacy_disk_path
,
dir_name
)
end
end
def
gitlab_shell_projects_path
File
.
join
(
gitlab_shell_path
,
'bin'
,
'gitlab-projects'
)
end
def
gitlab_shell_keys_path
File
.
join
(
gitlab_shell_path
,
'bin'
,
'gitlab-keys'
)
end
def
authorized_keys_enabled?
def
authorized_keys_enabled?
# Return true if nil to ensure the authorized_keys methods work while
# Return true if nil to ensure the authorized_keys methods work while
# fixing the authorized_keys file during migration.
# fixing the authorized_keys file during migration.
...
@@ -359,35 +322,6 @@ module Gitlab
...
@@ -359,35 +322,6 @@ module Gitlab
private
private
def
shell_out_for_gitlab_keys?
Gitlab
.
config
.
gitlab_shell
.
authorized_keys_file
.
blank?
end
def
gitlab_shell_fast_execute
(
cmd
)
output
,
status
=
gitlab_shell_fast_execute_helper
(
cmd
)
return
true
if
status
.
zero?
Rails
.
logger
.
error
(
"gitlab-shell failed with error
#{
status
}
:
#{
output
}
"
)
# rubocop:disable Gitlab/RailsLogger
false
end
def
gitlab_shell_fast_execute_raise_error
(
cmd
,
vars
=
{})
output
,
status
=
gitlab_shell_fast_execute_helper
(
cmd
,
vars
)
raise
Error
,
output
unless
status
.
zero?
true
end
def
gitlab_shell_fast_execute_helper
(
cmd
,
vars
=
{})
vars
.
merge!
(
ENV
.
to_h
.
slice
(
*
GITLAB_SHELL_ENV_VARS
))
# Don't pass along the entire parent environment to prevent gitlab-shell
# from wasting I/O by searching through GEM_PATH
Bundler
.
with_original_env
{
Popen
.
popen
(
cmd
,
nil
,
vars
)
}
end
def
git_timeout
def
git_timeout
Gitlab
.
config
.
gitlab_shell
.
git_timeout
Gitlab
.
config
.
gitlab_shell
.
git_timeout
end
end
...
@@ -407,16 +341,8 @@ module Gitlab
...
@@ -407,16 +341,8 @@ module Gitlab
def
batch_read_key_ids
(
batch_size:
100
,
&
block
)
def
batch_read_key_ids
(
batch_size:
100
,
&
block
)
return
unless
self
.
authorized_keys_enabled?
return
unless
self
.
authorized_keys_enabled?
if
shell_out_for_gitlab_keys?
gitlab_authorized_keys
.
list_key_ids
.
lazy
.
each_slice
(
batch_size
)
do
|
key_ids
|
IO
.
popen
(
"
#{
gitlab_shell_keys_path
}
list-key-ids"
)
do
|
key_id_stream
|
yield
(
key_ids
)
key_id_stream
.
lazy
.
each_slice
(
batch_size
)
do
|
lines
|
yield
(
lines
.
map
{
|
l
|
l
.
chomp
.
to_i
})
end
end
else
gitlab_authorized_keys
.
list_key_ids
.
lazy
.
each_slice
(
batch_size
)
do
|
key_ids
|
yield
(
key_ids
)
end
end
end
end
end
...
...
spec/lib/gitlab/shell_spec.rb
View file @
c08191e0
...
@@ -52,38 +52,14 @@ describe Gitlab::Shell do
...
@@ -52,38 +52,14 @@ describe Gitlab::Shell do
describe
'#add_key'
do
describe
'#add_key'
do
context
'when authorized_keys_enabled is true'
do
context
'when authorized_keys_enabled is true'
do
context
'authorized_keys_file not set'
do
it
'calls Gitlab::AuthorizedKeys#add_key with id and key'
do
before
do
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_keys
)
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
allow
(
gitlab_shell
)
.
to
receive
(
:gitlab_shell_keys_path
)
.
and_return
(
:gitlab_shell_keys_path
)
end
it
'calls #gitlab_shell_fast_execute with add-key command'
do
expect
(
gitlab_shell
)
.
to
receive
(
:gitlab_shell_fast_execute
)
.
with
([
:gitlab_shell_keys_path
,
'add-key'
,
'key-123'
,
'ssh-rsa foobar'
])
gitlab_shell
.
add_key
(
'key-123'
,
'ssh-rsa foobar trailing garbage'
)
end
end
context
'authorized_keys_file set'
do
it
'calls Gitlab::AuthorizedKeys#add_key with id and key'
do
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_keys
)
expect
(
gitlab_authorized_keys
)
expect
(
gitlab_authorized_keys
)
.
to
receive
(
:add_key
)
.
to
receive
(
:add_key
)
.
with
(
'key-123'
,
'ssh-rsa foobar'
)
.
with
(
'key-123'
,
'ssh-rsa foobar'
)
gitlab_shell
.
add_key
(
'key-123'
,
'ssh-rsa foobar'
)
gitlab_shell
.
add_key
(
'key-123'
,
'ssh-rsa foobar'
)
end
end
end
end
end
...
@@ -92,24 +68,10 @@ describe Gitlab::Shell do
...
@@ -92,24 +68,10 @@ describe Gitlab::Shell do
stub_application_setting
(
authorized_keys_enabled:
false
)
stub_application_setting
(
authorized_keys_enabled:
false
)
end
end
context
'authorized_keys_file not set'
do
it
'does nothing'
do
before
do
expect
(
Gitlab
::
AuthorizedKeys
).
not_to
receive
(
:new
)
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
end
it
'does nothing'
do
gitlab_shell
.
add_key
(
'key-123'
,
'ssh-rsa foobar trailing garbage'
)
expect
(
gitlab_shell
).
not_to
receive
(
:gitlab_shell_fast_execute
)
gitlab_shell
.
add_key
(
'key-123'
,
'ssh-rsa foobar trailing garbage'
)
end
end
context
'authorized_keys_file set'
do
it
'does nothing'
do
expect
(
Gitlab
::
AuthorizedKeys
).
not_to
receive
(
:new
)
gitlab_shell
.
add_key
(
'key-123'
,
'ssh-rsa foobar trailing garbage'
)
end
end
end
end
end
...
@@ -118,38 +80,14 @@ describe Gitlab::Shell do
...
@@ -118,38 +80,14 @@ describe Gitlab::Shell do
stub_application_setting
(
authorized_keys_enabled:
nil
)
stub_application_setting
(
authorized_keys_enabled:
nil
)
end
end
context
'authorized_keys_file not set'
do
it
'calls Gitlab::AuthorizedKeys#add_key with id and key'
do
before
do
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_keys
)
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
allow
(
gitlab_shell
)
.
to
receive
(
:gitlab_shell_keys_path
)
.
and_return
(
:gitlab_shell_keys_path
)
end
it
'calls #gitlab_shell_fast_execute with add-key command'
do
expect
(
gitlab_shell
)
.
to
receive
(
:gitlab_shell_fast_execute
)
.
with
([
:gitlab_shell_keys_path
,
'add-key'
,
'key-123'
,
'ssh-rsa foobar'
])
gitlab_shell
.
add_key
(
'key-123'
,
'ssh-rsa foobar trailing garbage'
)
end
end
context
'authorized_keys_file set'
do
it
'calls Gitlab::AuthorizedKeys#add_key with id and key'
do
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_keys
)
expect
(
gitlab_authorized_keys
)
expect
(
gitlab_authorized_keys
)
.
to
receive
(
:add_key
)
.
to
receive
(
:add_key
)
.
with
(
'key-123'
,
'ssh-rsa foobar'
)
.
with
(
'key-123'
,
'ssh-rsa foobar'
)
gitlab_shell
.
add_key
(
'key-123'
,
'ssh-rsa foobar'
)
gitlab_shell
.
add_key
(
'key-123'
,
'ssh-rsa foobar'
)
end
end
end
end
end
end
end
...
@@ -158,50 +96,14 @@ describe Gitlab::Shell do
...
@@ -158,50 +96,14 @@ describe Gitlab::Shell do
let
(
:keys
)
{
[
double
(
shell_id:
'key-123'
,
key:
'ssh-rsa foobar'
)]
}
let
(
:keys
)
{
[
double
(
shell_id:
'key-123'
,
key:
'ssh-rsa foobar'
)]
}
context
'when authorized_keys_enabled is true'
do
context
'when authorized_keys_enabled is true'
do
context
'authorized_keys_file not set'
do
it
'calls Gitlab::AuthorizedKeys#batch_add_keys with keys to be added'
do
let
(
:io
)
{
double
}
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_keys
)
before
do
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
end
context
'valid keys'
do
before
do
allow
(
gitlab_shell
)
.
to
receive
(
:gitlab_shell_keys_path
)
.
and_return
(
:gitlab_shell_keys_path
)
end
it
'calls gitlab-keys with batch-add-keys command'
do
expect
(
IO
)
.
to
receive
(
:popen
)
.
with
(
"gitlab_shell_keys_path batch-add-keys"
,
'w'
)
.
and_yield
(
io
)
expect
(
io
).
to
receive
(
:puts
).
with
(
"key-123
\t
ssh-rsa foobar"
)
expect
(
gitlab_shell
.
batch_add_keys
(
keys
)).
to
be_truthy
end
end
context
'invalid keys'
do
let
(
:keys
)
{
[
double
(
shell_id:
'key-123'
,
key:
"ssh-rsa A
\t
SDFA
\n
SGADG"
)]
}
it
'catches failure and returns false'
do
expect
(
gitlab_shell
.
batch_add_keys
(
keys
)).
to
be_falsey
end
end
end
context
'authorized_keys_file set'
do
expect
(
gitlab_authorized_keys
)
it
'calls Gitlab::AuthorizedKeys#batch_add_keys with keys to be added'
do
.
to
receive
(
:batch_add_keys
)
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_
keys
)
.
with
(
keys
)
expect
(
gitlab_authorized_keys
)
gitlab_shell
.
batch_add_keys
(
keys
)
.
to
receive
(
:batch_add_keys
)
.
with
(
keys
)
gitlab_shell
.
batch_add_keys
(
keys
)
end
end
end
end
end
...
@@ -210,24 +112,10 @@ describe Gitlab::Shell do
...
@@ -210,24 +112,10 @@ describe Gitlab::Shell do
stub_application_setting
(
authorized_keys_enabled:
false
)
stub_application_setting
(
authorized_keys_enabled:
false
)
end
end
context
'authorized_keys_file not set'
do
it
'does nothing'
do
before
do
expect
(
Gitlab
::
AuthorizedKeys
).
not_to
receive
(
:new
)
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
end
it
'does nothing'
do
expect
(
IO
).
not_to
receive
(
:popen
)
gitlab_shell
.
batch_add_keys
(
keys
)
end
end
context
'authorized_keys_file set'
do
it
'does nothing'
do
expect
(
Gitlab
::
AuthorizedKeys
).
not_to
receive
(
:new
)
gitlab_shell
.
batch_add_keys
(
keys
)
gitlab_shell
.
batch_add_keys
(
keys
)
end
end
end
end
end
...
@@ -236,72 +124,25 @@ describe Gitlab::Shell do
...
@@ -236,72 +124,25 @@ describe Gitlab::Shell do
stub_application_setting
(
authorized_keys_enabled:
nil
)
stub_application_setting
(
authorized_keys_enabled:
nil
)
end
end
context
'authorized_keys_file not set
'
do
it
'calls Gitlab::AuthorizedKeys#batch_add_keys with keys to be added
'
do
let
(
:io
)
{
double
}
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_keys
)
before
do
expect
(
gitlab_authorized_keys
)
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
.
to
receive
(
:batch_add_keys
)
allow
(
gitlab_shell
)
.
with
(
keys
)
.
to
receive
(
:gitlab_shell_keys_path
)
.
and_return
(
:gitlab_shell_keys_path
)
end
it
'calls gitlab-keys with batch-add-keys command'
do
expect
(
IO
)
.
to
receive
(
:popen
)
.
with
(
"gitlab_shell_keys_path batch-add-keys"
,
'w'
)
.
and_yield
(
io
)
expect
(
io
).
to
receive
(
:puts
).
with
(
"key-123
\t
ssh-rsa foobar"
)
gitlab_shell
.
batch_add_keys
(
keys
)
gitlab_shell
.
batch_add_keys
(
keys
)
end
end
context
'authorized_keys_file set'
do
it
'calls Gitlab::AuthorizedKeys#batch_add_keys with keys to be added'
do
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_keys
)
expect
(
gitlab_authorized_keys
)
.
to
receive
(
:batch_add_keys
)
.
with
(
keys
)
gitlab_shell
.
batch_add_keys
(
keys
)
end
end
end
end
end
end
end
describe
'#remove_key'
do
describe
'#remove_key'
do
context
'when authorized_keys_enabled is true'
do
context
'when authorized_keys_enabled is true'
do
context
'authorized_keys_file not set'
do
it
'calls Gitlab::AuthorizedKeys#rm_key with the key to be removed'
do
before
do
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_keys
)
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
expect
(
gitlab_authorized_keys
).
to
receive
(
:rm_key
).
with
(
'key-123'
)
allow
(
gitlab_shell
)
.
to
receive
(
:gitlab_shell_keys_path
)
.
and_return
(
:gitlab_shell_keys_path
)
end
it
'calls #gitlab_shell_fast_execute with rm-key command'
do
expect
(
gitlab_shell
)
.
to
receive
(
:gitlab_shell_fast_execute
)
.
with
([
:gitlab_shell_keys_path
,
'rm-key'
,
'key-123'
])
gitlab_shell
.
remove_key
(
'key-123'
)
end
end
context
'authorized_keys_file not set'
do
gitlab_shell
.
remove_key
(
'key-123'
)
it
'calls Gitlab::AuthorizedKeys#rm_key with the key to be removed'
do
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_keys
)
expect
(
gitlab_authorized_keys
).
to
receive
(
:rm_key
).
with
(
'key-123'
)
gitlab_shell
.
remove_key
(
'key-123'
)
end
end
end
end
end
...
@@ -310,24 +151,10 @@ describe Gitlab::Shell do
...
@@ -310,24 +151,10 @@ describe Gitlab::Shell do
stub_application_setting
(
authorized_keys_enabled:
false
)
stub_application_setting
(
authorized_keys_enabled:
false
)
end
end
context
'authorized_keys_file not set'
do
it
'does nothing'
do
before
do
expect
(
Gitlab
::
AuthorizedKeys
).
not_to
receive
(
:new
)
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
end
it
'does nothing'
do
expect
(
gitlab_shell
).
not_to
receive
(
:gitlab_shell_fast_execute
)
gitlab_shell
.
remove_key
(
'key-123'
)
gitlab_shell
.
remove_key
(
'key-123'
)
end
end
context
'authorized_keys_file set'
do
it
'does nothing'
do
expect
(
Gitlab
::
AuthorizedKeys
).
not_to
receive
(
:new
)
gitlab_shell
.
remove_key
(
'key-123'
)
end
end
end
end
end
...
@@ -336,64 +163,22 @@ describe Gitlab::Shell do
...
@@ -336,64 +163,22 @@ describe Gitlab::Shell do
stub_application_setting
(
authorized_keys_enabled:
nil
)
stub_application_setting
(
authorized_keys_enabled:
nil
)
end
end
context
'authorized_keys_file not set'
do
it
'calls Gitlab::AuthorizedKeys#rm_key with the key to be removed'
do
before
do
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_keys
)
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
expect
(
gitlab_authorized_keys
).
to
receive
(
:rm_key
).
with
(
'key-123'
)
allow
(
gitlab_shell
)
.
to
receive
(
:gitlab_shell_keys_path
)
.
and_return
(
:gitlab_shell_keys_path
)
end
it
'calls #gitlab_shell_fast_execute with rm-key command'
do
expect
(
gitlab_shell
)
.
to
receive
(
:gitlab_shell_fast_execute
)
.
with
([
:gitlab_shell_keys_path
,
'rm-key'
,
'key-123'
])
gitlab_shell
.
remove_key
(
'key-123'
)
end
end
context
'authorized_keys_file not set'
do
it
'calls Gitlab::AuthorizedKeys#rm_key with the key to be removed'
do
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_keys
)
expect
(
gitlab_authorized_keys
).
to
receive
(
:rm_key
).
with
(
'key-123'
)
gitlab_shell
.
remove_key
(
'key-123'
)
gitlab_shell
.
remove_key
(
'key-123'
)
end
end
end
end
end
end
end
describe
'#remove_all_keys'
do
describe
'#remove_all_keys'
do
context
'when authorized_keys_enabled is true'
do
context
'when authorized_keys_enabled is true'
do
context
'authorized_keys_file not set'
do
it
'calls Gitlab::AuthorizedKeys#clear'
do
before
do
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_keys
)
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
expect
(
gitlab_authorized_keys
).
to
receive
(
:clear
)
allow
(
gitlab_shell
)
.
to
receive
(
:gitlab_shell_keys_path
)
.
and_return
(
:gitlab_shell_keys_path
)
end
it
'calls #gitlab_shell_fast_execute with clear command'
do
gitlab_shell
.
remove_all_keys
expect
(
gitlab_shell
)
.
to
receive
(
:gitlab_shell_fast_execute
)
.
with
([
:gitlab_shell_keys_path
,
'clear'
])
gitlab_shell
.
remove_all_keys
end
end
context
'authorized_keys_file set'
do
it
'calls Gitlab::AuthorizedKeys#clear'
do
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_keys
)
expect
(
gitlab_authorized_keys
).
to
receive
(
:clear
)
gitlab_shell
.
remove_all_keys
end
end
end
end
end
...
@@ -402,24 +187,10 @@ describe Gitlab::Shell do
...
@@ -402,24 +187,10 @@ describe Gitlab::Shell do
stub_application_setting
(
authorized_keys_enabled:
false
)
stub_application_setting
(
authorized_keys_enabled:
false
)
end
end
context
'authorized_keys_file not set'
do
it
'does nothing'
do
before
do
expect
(
Gitlab
::
AuthorizedKeys
).
not_to
receive
(
:new
)
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
end
it
'does nothing'
do
expect
(
gitlab_shell
).
not_to
receive
(
:gitlab_shell_fast_execute
)
gitlab_shell
.
remove_all_keys
gitlab_shell
.
remove_all_keys
end
end
context
'authorized_keys_file set'
do
it
'does nothing'
do
expect
(
Gitlab
::
AuthorizedKeys
).
not_to
receive
(
:new
)
gitlab_shell
.
remove_all_keys
end
end
end
end
end
...
@@ -428,163 +199,73 @@ describe Gitlab::Shell do
...
@@ -428,163 +199,73 @@ describe Gitlab::Shell do
stub_application_setting
(
authorized_keys_enabled:
nil
)
stub_application_setting
(
authorized_keys_enabled:
nil
)
end
end
context
'authorized_keys_file not set'
do
it
'calls Gitlab::AuthorizedKeys#clear'
do
before
do
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_keys
)
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
expect
(
gitlab_authorized_keys
).
to
receive
(
:clear
)
allow
(
gitlab_shell
)
.
to
receive
(
:gitlab_shell_keys_path
)
.
and_return
(
:gitlab_shell_keys_path
)
end
it
'calls #gitlab_shell_fast_execute with clear command'
do
expect
(
gitlab_shell
)
.
to
receive
(
:gitlab_shell_fast_execute
)
.
with
([
:gitlab_shell_keys_path
,
'clear'
])
gitlab_shell
.
remove_all_keys
gitlab_shell
.
remove_all_keys
end
end
context
'authorized_keys_file set'
do
it
'calls Gitlab::AuthorizedKeys#clear'
do
expect
(
Gitlab
::
AuthorizedKeys
).
to
receive
(
:new
).
and_return
(
gitlab_authorized_keys
)
expect
(
gitlab_authorized_keys
).
to
receive
(
:clear
)
gitlab_shell
.
remove_all_keys
end
end
end
end
end
end
end
describe
'#remove_keys_not_found_in_db'
do
describe
'#remove_keys_not_found_in_db'
do
context
'when keys are in the file that are not in the DB'
do
context
'when keys are in the file that are not in the DB'
do
context
'authorized_keys_file not set'
do
before
do
before
do
gitlab_shell
.
remove_all_keys
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
gitlab_shell
.
add_key
(
'key-1234'
,
'ssh-rsa ASDFASDF'
)
gitlab_shell
.
remove_all_keys
gitlab_shell
.
add_key
(
'key-9876'
,
'ssh-rsa ASDFASDF'
)
gitlab_shell
.
add_key
(
'key-1234'
,
'ssh-rsa ASDFASDF'
)
@another_key
=
create
(
:key
)
# this one IS in the DB
gitlab_shell
.
add_key
(
'key-9876'
,
'ssh-rsa ASDFASDF'
)
@another_key
=
create
(
:key
)
# this one IS in the DB
end
it
'removes the keys'
do
expect
(
gitlab_shell
).
to
receive
(
:remove_key
).
with
(
'key-1234'
)
expect
(
gitlab_shell
).
to
receive
(
:remove_key
).
with
(
'key-9876'
)
expect
(
gitlab_shell
).
not_to
receive
(
:remove_key
).
with
(
"key-
#{
@another_key
.
id
}
"
)
gitlab_shell
.
remove_keys_not_found_in_db
end
end
end
context
'authorized_keys_file set'
do
it
'removes the keys'
do
before
do
expect
(
gitlab_shell
).
to
receive
(
:remove_key
).
with
(
'key-1234'
)
gitlab_shell
.
remove_all_keys
expect
(
gitlab_shell
).
to
receive
(
:remove_key
).
with
(
'key-9876'
)
gitlab_shell
.
add_key
(
'key-1234'
,
'ssh-rsa ASDFASDF'
)
expect
(
gitlab_shell
).
not_to
receive
(
:remove_key
).
with
(
"key-
#{
@another_key
.
id
}
"
)
gitlab_shell
.
add_key
(
'key-9876'
,
'ssh-rsa ASDFASDF'
)
@another_key
=
create
(
:key
)
# this one IS in the DB
end
it
'removes the keys'
do
expect
(
gitlab_shell
).
to
receive
(
:remove_key
).
with
(
'key-1234'
)
expect
(
gitlab_shell
).
to
receive
(
:remove_key
).
with
(
'key-9876'
)
expect
(
gitlab_shell
).
not_to
receive
(
:remove_key
).
with
(
"key-
#{
@another_key
.
id
}
"
)
gitlab_shell
.
remove_keys_not_found_in_db
gitlab_shell
.
remove_keys_not_found_in_db
end
end
end
end
end
context
'when keys there are duplicate keys in the file that are not in the DB'
do
context
'when keys there are duplicate keys in the file that are not in the DB'
do
context
'authorized_keys_file not set'
do
before
do
before
do
gitlab_shell
.
remove_all_keys
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
gitlab_shell
.
add_key
(
'key-1234'
,
'ssh-rsa ASDFASDF'
)
gitlab_shell
.
remove_all_keys
gitlab_shell
.
add_key
(
'key-1234'
,
'ssh-rsa ASDFASDF'
)
gitlab_shell
.
add_key
(
'key-1234'
,
'ssh-rsa ASDFASDF'
)
gitlab_shell
.
add_key
(
'key-1234'
,
'ssh-rsa ASDFASDF'
)
end
it
'removes the keys'
do
expect
(
gitlab_shell
).
to
receive
(
:remove_key
).
with
(
'key-1234'
)
gitlab_shell
.
remove_keys_not_found_in_db
end
end
end
context
'authorized_keys_file set'
do
it
'removes the keys'
do
before
do
expect
(
gitlab_shell
).
to
receive
(
:remove_key
).
with
(
'key-1234'
)
gitlab_shell
.
remove_all_keys
gitlab_shell
.
add_key
(
'key-1234'
,
'ssh-rsa ASDFASDF'
)
gitlab_shell
.
add_key
(
'key-1234'
,
'ssh-rsa ASDFASDF'
)
end
it
'removes the keys'
do
expect
(
gitlab_shell
).
to
receive
(
:remove_key
).
with
(
'key-1234'
)
gitlab_shell
.
remove_keys_not_found_in_db
gitlab_shell
.
remove_keys_not_found_in_db
end
end
end
end
end
context
'when keys there are duplicate keys in the file that ARE in the DB'
do
context
'when keys there are duplicate keys in the file that ARE in the DB'
do
context
'authorized_keys_file not set'
do
before
do
before
do
gitlab_shell
.
remove_all_keys
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
@key
=
create
(
:key
)
gitlab_shell
.
remove_all_keys
gitlab_shell
.
add_key
(
@key
.
shell_id
,
@key
.
key
)
@key
=
create
(
:key
)
gitlab_shell
.
add_key
(
@key
.
shell_id
,
@key
.
key
)
end
it
'does not remove the key'
do
expect
(
gitlab_shell
).
not_to
receive
(
:remove_key
).
with
(
"key-
#{
@key
.
id
}
"
)
gitlab_shell
.
remove_keys_not_found_in_db
end
end
end
context
'authorized_keys_file set'
do
it
'does not remove the key'
do
before
do
expect
(
gitlab_shell
).
not_to
receive
(
:remove_key
).
with
(
"key-
#{
@key
.
id
}
"
)
gitlab_shell
.
remove_all_keys
@key
=
create
(
:key
)
gitlab_shell
.
add_key
(
@key
.
shell_id
,
@key
.
key
)
end
it
'does not remove the key'
do
expect
(
gitlab_shell
).
not_to
receive
(
:remove_key
).
with
(
"key-
#{
@key
.
id
}
"
)
gitlab_shell
.
remove_keys_not_found_in_db
gitlab_shell
.
remove_keys_not_found_in_db
end
end
end
end
end
unless
ENV
[
'CI'
]
# Skip in CI, it takes 1 minute
unless
ENV
[
'CI'
]
# Skip in CI, it takes 1 minute
context
'when the first batch can be skipped, but the next batch has keys that are not in the DB'
do
context
'when the first batch can be skipped, but the next batch has keys that are not in the DB'
do
context
'authorized_keys_file not set'
do
before
do
before
do
gitlab_shell
.
remove_all_keys
stub_gitlab_shell_setting
(
authorized_keys_file:
nil
)
100
.
times
{
|
i
|
create
(
:key
)
}
# first batch is all in the DB
gitlab_shell
.
remove_all_keys
gitlab_shell
.
add_key
(
'key-1234'
,
'ssh-rsa ASDFASDF'
)
100
.
times
{
|
i
|
create
(
:key
)
}
# first batch is all in the DB
gitlab_shell
.
add_key
(
'key-1234'
,
'ssh-rsa ASDFASDF'
)
end
it
'removes the keys not in the DB'
do
expect
(
gitlab_shell
).
to
receive
(
:remove_key
).
with
(
'key-1234'
)
gitlab_shell
.
remove_keys_not_found_in_db
end
end
end
context
'authorized_keys_file set'
do
it
'removes the keys not in the DB'
do
before
do
expect
(
gitlab_shell
).
to
receive
(
:remove_key
).
with
(
'key-1234'
)
gitlab_shell
.
remove_all_keys
100
.
times
{
|
i
|
create
(
:key
)
}
# first batch is all in the DB
gitlab_shell
.
add_key
(
'key-1234'
,
'ssh-rsa ASDFASDF'
)
end
it
'removes the keys not in the DB'
do
expect
(
gitlab_shell
).
to
receive
(
:remove_key
).
with
(
'key-1234'
)
gitlab_shell
.
remove_keys_not_found_in_db
gitlab_shell
.
remove_keys_not_found_in_db
end
end
end
end
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment