Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-shell
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-shell
Commits
1666dfda
Commit
1666dfda
authored
Aug 14, 2018
by
Nick Thomas
Browse files
Options
Browse Files
Download
Plain Diff
Merge remote-tracking branch 'upstream/8-1-stable' into 148-merge-8-1-1-to-master
parents
02457041
5287eee6
Changes
6
Show whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
176 additions
and
3 deletions
+176
-3
CHANGELOG
CHANGELOG
+3
-0
VERSION
VERSION
+1
-1
bin/gitlab-shell
bin/gitlab-shell
+5
-1
lib/gitlab_shell.rb
lib/gitlab_shell.rb
+1
-1
spec/gitlab_shell_authorized_keys_check_spec.rb
spec/gitlab_shell_authorized_keys_check_spec.rb
+3
-0
spec/gitlab_shell_gitlab_shell_spec.rb
spec/gitlab_shell_gitlab_shell_spec.rb
+163
-0
No files found.
CHANGELOG
View file @
1666dfda
v8.1.1
- Fix two regressions in SSH certificate support (!226)
v8.1.0
v8.1.0
- Support Git v2 protocol (!217)
- Support Git v2 protocol (!217)
...
...
VERSION
View file @
1666dfda
8.1.
0
8.1.
1
bin/gitlab-shell
View file @
1666dfda
...
@@ -17,7 +17,11 @@ require_relative '../lib/gitlab_init'
...
@@ -17,7 +17,11 @@ require_relative '../lib/gitlab_init'
#
#
require
File
.
join
(
ROOT_PATH
,
'lib'
,
'gitlab_shell'
)
require
File
.
join
(
ROOT_PATH
,
'lib'
,
'gitlab_shell'
)
if
GitlabShell
.
new
(
ARGV
.
join
).
exec
(
original_cmd
)
# We must match e.g. "key-12345" anywhere on the command-line. See
# https://gitlab.com/gitlab-org/gitlab-shell/issues/145
who
=
/\b(?:(?:key|user)-[0-9]+|username-\S+)\b/
.
match
(
ARGV
.
join
(
' '
)).
to_s
if
GitlabShell
.
new
(
who
).
exec
(
original_cmd
)
exit
0
exit
0
else
else
exit
1
exit
1
...
...
lib/gitlab_shell.rb
View file @
1666dfda
...
@@ -210,7 +210,7 @@ class GitlabShell # rubocop:disable Metrics/ClassLength
...
@@ -210,7 +210,7 @@ class GitlabShell # rubocop:disable Metrics/ClassLength
begin
begin
if
defined?
(
@who
)
if
defined?
(
@who
)
@user
=
api
.
discover
(
@who
)
@user
=
api
.
discover
(
@who
)
@gl_id
=
"user-
#{
@user
[
'id'
]
}
"
@gl_id
=
"user-
#{
@user
[
'id'
]
}
"
if
@user
&&
@user
.
key?
(
'id'
)
else
else
@user
=
api
.
discover
(
@gl_id
)
@user
=
api
.
discover
(
@gl_id
)
end
end
...
...
spec/gitlab_shell_authorized_keys_check_spec.rb
View file @
1666dfda
...
@@ -5,6 +5,9 @@ describe 'bin/gitlab-shell-authorized-keys-check' do
...
@@ -5,6 +5,9 @@ describe 'bin/gitlab-shell-authorized-keys-check' do
ROOT_PATH
ROOT_PATH
end
end
# All this test boilerplate is mostly copy/pasted between
# gitlab_shell_gitlab_shell_spec.rb and
# gitlab_shell_authorized_keys_check_spec.rb
def
tmp_root_path
def
tmp_root_path
@tmp_root_path
||=
File
.
realpath
(
Dir
.
mktmpdir
)
@tmp_root_path
||=
File
.
realpath
(
Dir
.
mktmpdir
)
end
end
...
...
spec/gitlab_shell_gitlab_shell_spec.rb
0 → 100644
View file @
1666dfda
require_relative
'spec_helper'
describe
'bin/gitlab-shell'
do
def
original_root_path
ROOT_PATH
end
# All this test boilerplate is mostly copy/pasted between
# gitlab_shell_gitlab_shell_spec.rb and
# gitlab_shell_authorized_keys_check_spec.rb
def
tmp_root_path
@tmp_root_path
||=
File
.
realpath
(
Dir
.
mktmpdir
)
end
def
config_path
File
.
join
(
tmp_root_path
,
'config.yml'
)
end
def
tmp_socket_path
# This has to be a relative path shorter than 100 bytes due to
# limitations in how Unix sockets work.
'tmp/gitlab-shell-socket'
end
before
(
:all
)
do
FileUtils
.
mkdir_p
(
File
.
dirname
(
tmp_socket_path
))
FileUtils
.
touch
(
File
.
join
(
tmp_root_path
,
'.gitlab_shell_secret'
))
@server
=
HTTPUNIXServer
.
new
(
BindAddress
:
tmp_socket_path
)
@server
.
mount_proc
(
'/api/v4/internal/discover'
)
do
|
req
,
res
|
if
req
.
query
[
'key_id'
]
==
'100'
||
req
.
query
[
'user_id'
]
==
'10'
||
req
.
query
[
'username'
]
==
'someuser'
res
.
status
=
200
res
.
content_type
=
'application/json'
res
.
body
=
'{"id":1, "name": "Some User", "username": "someuser"}'
else
res
.
status
=
500
end
end
@webrick_thread
=
Thread
.
new
{
@server
.
start
}
sleep
(
0.1
)
while
@webrick_thread
.
alive?
&&
@server
.
status
!=
:Running
raise
"Couldn't start stub GitlabNet server"
unless
@server
.
status
==
:Running
File
.
open
(
config_path
,
'w'
)
do
|
f
|
f
.
write
(
"---
\n
gitlab_url: http+unix://
#{
CGI
.
escape
(
tmp_socket_path
)
}
\n
"
)
end
copy_dirs
=
[
'bin'
,
'lib'
]
FileUtils
.
rm_rf
(
copy_dirs
.
map
{
|
d
|
File
.
join
(
tmp_root_path
,
d
)
})
FileUtils
.
cp_r
(
copy_dirs
,
tmp_root_path
)
end
after
(
:all
)
do
@server
.
shutdown
if
@server
@webrick_thread
.
join
if
@webrick_thread
FileUtils
.
rm_rf
(
tmp_root_path
)
end
let
(
:gitlab_shell_path
)
{
File
.
join
(
tmp_root_path
,
'bin'
,
'gitlab-shell'
)
}
# Basic valid input
it
'succeeds and prints username when a valid known key id is given'
do
output
,
status
=
run!
([
"key-100"
])
expect
(
output
).
to
eq
(
"Welcome to GitLab, @someuser!
\n
"
)
expect
(
status
).
to
be_success
end
it
'succeeds and prints username when a valid known user id is given'
do
output
,
status
=
run!
([
"user-10"
])
expect
(
output
).
to
eq
(
"Welcome to GitLab, @someuser!
\n
"
)
expect
(
status
).
to
be_success
end
it
'succeeds and prints username when a valid known username is given'
do
output
,
status
=
run!
([
"username-someuser"
])
expect
(
output
).
to
eq
(
"Welcome to GitLab, @someuser!
\n
"
)
expect
(
status
).
to
be_success
end
# Valid but unknown input
it
'succeeds and prints Anonymous when a valid unknown key id is given'
do
output
,
status
=
run!
([
"key-12345"
])
expect
(
output
).
to
eq
(
"Welcome to GitLab, Anonymous!
\n
"
)
expect
(
status
).
to
be_success
end
it
'succeeds and prints Anonymous when a valid unknown user id is given'
do
output
,
status
=
run!
([
"user-12345"
])
expect
(
output
).
to
eq
(
"Welcome to GitLab, Anonymous!
\n
"
)
expect
(
status
).
to
be_success
end
it
'succeeds and prints Anonymous when a valid unknown username is given'
do
output
,
status
=
run!
([
"username-unknown"
])
expect
(
output
).
to
eq
(
"Welcome to GitLab, Anonymous!
\n
"
)
expect
(
status
).
to
be_success
end
# Invalid input. TODO: capture stderr & compare
it
'gets an ArgumentError on invalid input (empty)'
do
output
,
status
=
run!
([])
expect
(
output
).
to
eq
(
""
)
expect
(
status
).
not_to
be_success
end
it
'gets an ArgumentError on invalid input (unknown)'
do
output
,
status
=
run!
([
"whatever"
])
expect
(
output
).
to
eq
(
""
)
expect
(
status
).
not_to
be_success
end
it
'gets an ArgumentError on invalid input (multiple unknown)'
do
output
,
status
=
run!
([
"this"
,
"is"
,
"all"
,
"invalid"
])
expect
(
output
).
to
eq
(
""
)
expect
(
status
).
not_to
be_success
end
# Not so basic valid input
# (https://gitlab.com/gitlab-org/gitlab-shell/issues/145)
it
'succeeds and prints username when a valid known key id is given in the middle of other input'
do
output
,
status
=
run!
([
"-c/usr/share/webapps/gitlab-shell/bin/gitlab-shell"
,
"key-100"
,
"2foo"
])
expect
(
output
).
to
eq
(
"Welcome to GitLab, @someuser!
\n
"
)
expect
(
status
).
to
be_success
end
it
'succeeds and prints username when a valid known user id is given in the middle of other input'
do
output
,
status
=
run!
([
"-c/usr/share/webapps/gitlab-shell/bin/gitlab-shell"
,
"user-10"
,
"2foo"
])
expect
(
output
).
to
eq
(
"Welcome to GitLab, @someuser!
\n
"
)
expect
(
status
).
to
be_success
end
it
'succeeds and prints username when a valid known username is given in the middle of other input'
do
output
,
status
=
run!
([
"-c/usr/share/webapps/gitlab-shell/bin/gitlab-shell"
,
"username-someuser"
,
"foo"
])
expect
(
output
).
to
eq
(
"Welcome to GitLab, @someuser!
\n
"
)
expect
(
status
).
to
be_success
end
def
run!
(
args
)
cmd
=
[
gitlab_shell_path
,
args
].
flatten
.
compact
output
=
IO
.
popen
({
'SSH_CONNECTION'
=>
'fake'
},
cmd
,
&
:read
)
[
output
,
$?
]
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment