Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-shell
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-shell
Commits
4038ef2e
Commit
4038ef2e
authored
Apr 22, 2014
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'authorized_keys_lock' into 'master'
Authorized keys lock
parents
d8600696
19a5c54a
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
74 additions
and
14 deletions
+74
-14
.gitignore
.gitignore
+1
-0
CHANGELOG
CHANGELOG
+3
-0
lib/gitlab_keys.rb
lib/gitlab_keys.rb
+34
-14
spec/gitlab_keys_spec.rb
spec/gitlab_keys_spec.rb
+36
-0
No files found.
.gitignore
View file @
4038ef2e
...
...
@@ -2,3 +2,4 @@ config.yml
tmp/*
*.log
/*.log.*
authorized_keys.lock
CHANGELOG
View file @
4038ef2e
v1.9.4
- Use lock file when modify authorized_keys
v1.9.3
- Ignore force push detection for new branch or branch remove push
...
...
lib/gitlab_keys.rb
View file @
4038ef2e
...
...
@@ -36,13 +36,15 @@ class GitlabKeys
end
def
batch_add_keys
open
(
auth_file
,
'a'
)
do
|
file
|
stdin
.
each_line
do
|
input
|
tokens
=
input
.
strip
.
split
(
"
\t
"
)
abort
(
"
#{
$0
}
: invalid input
#{
input
.
inspect
}
"
)
unless
tokens
.
count
==
2
key_id
,
public_key
=
tokens
$logger
.
info
"Adding key
#{
key_id
}
=>
#{
public_key
.
inspect
}
"
file
.
puts
(
key_line
(
key_id
,
public_key
))
lock
do
open
(
auth_file
,
'a'
)
do
|
file
|
stdin
.
each_line
do
|
input
|
tokens
=
input
.
strip
.
split
(
"
\t
"
)
abort
(
"
#{
$0
}
: invalid input
#{
input
.
inspect
}
"
)
unless
tokens
.
count
==
2
key_id
,
public_key
=
tokens
$logger
.
info
"Adding key
#{
key_id
}
=>
#{
public_key
.
inspect
}
"
file
.
puts
(
key_line
(
key_id
,
public_key
))
end
end
end
true
...
...
@@ -57,15 +59,17 @@ class GitlabKeys
end
def
rm_key
$logger
.
info
"Removing key
#{
@key_id
}
"
Tempfile
.
open
(
'authorized_keys'
)
do
|
temp
|
open
(
auth_file
,
'r+'
)
do
|
current
|
current
.
each
do
|
line
|
temp
.
puts
(
line
)
unless
line
.
include?
(
"/bin/gitlab-shell
#{
@key_id
}
\"
"
)
lock
do
$logger
.
info
"Removing key
#{
@key_id
}
"
Tempfile
.
open
(
'authorized_keys'
)
do
|
temp
|
open
(
auth_file
,
'r+'
)
do
|
current
|
current
.
each
do
|
line
|
temp
.
puts
(
line
)
unless
line
.
include?
(
"/bin/gitlab-shell
#{
@key_id
}
\"
"
)
end
end
temp
.
close
FileUtils
.
cp
(
temp
.
path
,
auth_file
)
end
temp
.
close
FileUtils
.
cp
(
temp
.
path
,
auth_file
)
end
true
end
...
...
@@ -74,4 +78,20 @@ class GitlabKeys
open
(
auth_file
,
'w'
)
{
|
file
|
file
.
puts
'# Managed by gitlab-shell'
}
true
end
def
lock
(
timeout
=
10
)
File
.
open
(
lock_file
,
"w+"
)
do
|
f
|
begin
f
.
flock
File
::
LOCK_EX
Timeout
::
timeout
(
timeout
)
{
yield
}
ensure
f
.
flock
File
::
LOCK_UN
end
end
end
def
lock_file
@lock_file
||=
File
.
join
(
ROOT_PATH
,
"authorized_keys.lock"
)
end
end
spec/gitlab_keys_spec.rb
View file @
4038ef2e
...
...
@@ -145,6 +145,42 @@ describe GitlabKeys do
end
end
describe
:lock
do
it
"should raise exception if operation lasts more then timeout"
do
key
=
GitlabKeys
.
new
expect
do
key
.
send
:lock
,
1
do
sleep
2
end
end
.
to
raise_error
end
it
"should actually lock file"
do
$global
=
""
key
=
GitlabKeys
.
new
thr1
=
Thread
.
new
do
key
.
send
:lock
do
# Put bigger sleep here to test if main thread will
# wait for lock file released before executing code
sleep
1
$global
<<
"foo"
end
end
# make sure main thread start lock command after
# thread above
sleep
0.5
key
.
send
:lock
do
$global
<<
"bar"
end
thr1
.
join
$global
.
should
==
"foobar"
end
end
def
build_gitlab_keys
(
*
args
)
argv
(
*
args
)
GitlabKeys
.
new
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment