2012-09-07 01:16:29 -04:00
|
|
|
require 'spec_helper'
|
2016-09-16 05:43:05 -04:00
|
|
|
require 'stringio'
|
2012-09-07 01:16:29 -04:00
|
|
|
|
2017-07-10 10:24:02 -04:00
|
|
|
describe Gitlab::Shell do
|
2017-12-11 12:52:07 -05:00
|
|
|
set(:project) { create(:project, :repository) }
|
|
|
|
|
2018-01-04 21:34:31 -05:00
|
|
|
let(:repository) { project.repository }
|
2017-07-25 13:09:00 -04:00
|
|
|
let(:gitlab_shell) { described_class.new }
|
2017-07-03 14:28:29 -04:00
|
|
|
let(:popen_vars) { { 'GIT_TERMINAL_PROMPT' => ENV['GIT_TERMINAL_PROMPT'] } }
|
2017-12-11 12:52:07 -05:00
|
|
|
let(:timeout) { Gitlab.config.gitlab_shell.git_timeout }
|
2019-03-19 07:16:21 -04:00
|
|
|
let(:gitlab_authorized_keys) { double }
|
2012-09-07 01:16:29 -04:00
|
|
|
|
|
|
|
before do
|
2015-05-21 17:49:06 -04:00
|
|
|
allow(Project).to receive(:find).and_return(project)
|
2012-09-07 01:16:29 -04:00
|
|
|
end
|
|
|
|
|
2015-02-12 13:17:35 -05:00
|
|
|
it { is_expected.to respond_to :add_key }
|
|
|
|
it { is_expected.to respond_to :remove_key }
|
2018-03-14 04:56:22 -04:00
|
|
|
it { is_expected.to respond_to :create_repository }
|
2015-02-12 13:17:35 -05:00
|
|
|
it { is_expected.to respond_to :remove_repository }
|
|
|
|
it { is_expected.to respond_to :fork_repository }
|
2012-09-07 01:16:29 -04:00
|
|
|
|
2015-02-12 13:17:35 -05:00
|
|
|
it { expect(gitlab_shell.url_to_repo('diaspora')).to eq(Gitlab.config.gitlab_shell.ssh_path_prefix + "diaspora.git") }
|
2015-10-08 20:34:50 -04:00
|
|
|
|
2016-09-29 12:46:54 -04:00
|
|
|
describe 'memoized secret_token' do
|
2016-06-24 15:06:46 -04:00
|
|
|
let(:secret_file) { 'tmp/tests/.secret_shell_test' }
|
|
|
|
let(:link_file) { 'tmp/tests/shell-secret-test/.gitlab_shell_secret' }
|
|
|
|
|
|
|
|
before do
|
|
|
|
allow(Gitlab.config.gitlab_shell).to receive(:secret_file).and_return(secret_file)
|
2016-09-29 12:46:54 -04:00
|
|
|
allow(Gitlab.config.gitlab_shell).to receive(:path).and_return('tmp/tests/shell-secret-test')
|
2016-06-24 15:06:46 -04:00
|
|
|
FileUtils.mkdir('tmp/tests/shell-secret-test')
|
2017-07-25 13:09:00 -04:00
|
|
|
described_class.ensure_secret_token!
|
2016-06-24 15:06:46 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
after do
|
|
|
|
FileUtils.rm_rf('tmp/tests/shell-secret-test')
|
|
|
|
FileUtils.rm_rf(secret_file)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'creates and links the secret token file' do
|
2017-07-25 13:09:00 -04:00
|
|
|
secret_token = described_class.secret_token
|
2016-09-29 12:46:54 -04:00
|
|
|
|
2016-06-24 15:06:46 -04:00
|
|
|
expect(File.exist?(secret_file)).to be(true)
|
2016-09-29 12:46:54 -04:00
|
|
|
expect(File.read(secret_file).chomp).to eq(secret_token)
|
2016-06-24 15:06:46 -04:00
|
|
|
expect(File.symlink?(link_file)).to be(true)
|
|
|
|
expect(File.readlink(link_file)).to eq(secret_file)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-05-30 19:24:45 -04:00
|
|
|
describe '#add_key' do
|
|
|
|
context 'when authorized_keys_enabled is true' do
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
before do
|
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
|
|
|
allow(gitlab_shell)
|
|
|
|
.to receive(:gitlab_shell_keys_path)
|
|
|
|
.and_return(:gitlab_shell_keys_path)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'calls #gitlab_shell_fast_execute with add-key command' do
|
|
|
|
expect(gitlab_shell)
|
|
|
|
.to receive(:gitlab_shell_fast_execute)
|
|
|
|
.with([
|
|
|
|
:gitlab_shell_keys_path,
|
|
|
|
'add-key',
|
|
|
|
'key-123',
|
|
|
|
'ssh-rsa foobar'
|
|
|
|
])
|
|
|
|
|
|
|
|
gitlab_shell.add_key('key-123', 'ssh-rsa foobar trailing garbage')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'authorized_keys_file set' do
|
|
|
|
it 'calls Gitlab::AuthorizedKeys#add_key with id and key' do
|
|
|
|
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
|
2017-05-30 19:24:45 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
expect(gitlab_authorized_keys)
|
|
|
|
.to receive(:add_key)
|
|
|
|
.with('key-123', 'ssh-rsa foobar')
|
|
|
|
|
|
|
|
gitlab_shell.add_key('key-123', 'ssh-rsa foobar')
|
|
|
|
end
|
2017-05-30 19:24:45 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when authorized_keys_enabled is false' do
|
|
|
|
before do
|
|
|
|
stub_application_setting(authorized_keys_enabled: false)
|
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
before do
|
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does nothing' do
|
|
|
|
expect(gitlab_shell).not_to receive(:gitlab_shell_fast_execute)
|
|
|
|
|
|
|
|
gitlab_shell.add_key('key-123', 'ssh-rsa foobar trailing garbage')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'authorized_keys_file set' do
|
|
|
|
it 'does nothing' do
|
|
|
|
expect(Gitlab::AuthorizedKeys).not_to receive(:new)
|
2017-05-30 19:24:45 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.add_key('key-123', 'ssh-rsa foobar trailing garbage')
|
|
|
|
end
|
2017-05-30 19:24:45 -04:00
|
|
|
end
|
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
|
|
|
|
context 'when authorized_keys_enabled is nil' do
|
|
|
|
before do
|
|
|
|
stub_application_setting(authorized_keys_enabled: nil)
|
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
before do
|
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
|
|
|
allow(gitlab_shell)
|
|
|
|
.to receive(:gitlab_shell_keys_path)
|
|
|
|
.and_return(:gitlab_shell_keys_path)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'calls #gitlab_shell_fast_execute with add-key command' do
|
|
|
|
expect(gitlab_shell)
|
|
|
|
.to receive(:gitlab_shell_fast_execute)
|
|
|
|
.with([
|
|
|
|
:gitlab_shell_keys_path,
|
|
|
|
'add-key',
|
|
|
|
'key-123',
|
|
|
|
'ssh-rsa foobar'
|
|
|
|
])
|
|
|
|
|
|
|
|
gitlab_shell.add_key('key-123', 'ssh-rsa foobar trailing garbage')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'authorized_keys_file set' do
|
|
|
|
it 'calls Gitlab::AuthorizedKeys#add_key with id and key' do
|
|
|
|
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
|
|
|
|
|
|
|
|
expect(gitlab_authorized_keys)
|
|
|
|
.to receive(:add_key)
|
|
|
|
.with('key-123', 'ssh-rsa foobar')
|
2017-06-26 17:40:08 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.add_key('key-123', 'ssh-rsa foobar')
|
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
end
|
2017-05-30 19:24:45 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
describe '#batch_add_keys' do
|
2019-03-19 07:16:21 -04:00
|
|
|
let(:keys) { [double(shell_id: 'key-123', key: 'ssh-rsa foobar')] }
|
|
|
|
|
2017-05-30 19:24:45 -04:00
|
|
|
context 'when authorized_keys_enabled is true' do
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
let(:io) { double }
|
|
|
|
|
|
|
|
before do
|
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'valid keys' do
|
|
|
|
before do
|
|
|
|
allow(gitlab_shell)
|
|
|
|
.to receive(:gitlab_shell_keys_path)
|
|
|
|
.and_return(:gitlab_shell_keys_path)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'calls gitlab-keys with batch-add-keys command' do
|
|
|
|
expect(IO)
|
|
|
|
.to receive(:popen)
|
|
|
|
.with("gitlab_shell_keys_path batch-add-keys", 'w')
|
|
|
|
.and_yield(io)
|
|
|
|
|
|
|
|
expect(io).to receive(:puts).with("key-123\tssh-rsa foobar")
|
|
|
|
expect(gitlab_shell.batch_add_keys(keys)).to be_truthy
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'invalid keys' do
|
|
|
|
let(:keys) { [double(shell_id: 'key-123', key: "ssh-rsa A\tSDFA\nSGADG")] }
|
|
|
|
|
|
|
|
it 'catches failure and returns false' do
|
|
|
|
expect(gitlab_shell.batch_add_keys(keys)).to be_falsey
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2017-05-30 19:24:45 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file set' do
|
|
|
|
it 'calls Gitlab::AuthorizedKeys#batch_add_keys with keys to be added' do
|
|
|
|
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
|
|
|
|
|
|
|
|
expect(gitlab_authorized_keys)
|
|
|
|
.to receive(:batch_add_keys)
|
|
|
|
.with(keys)
|
|
|
|
|
|
|
|
gitlab_shell.batch_add_keys(keys)
|
2017-05-30 19:24:45 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when authorized_keys_enabled is false' do
|
|
|
|
before do
|
|
|
|
stub_application_setting(authorized_keys_enabled: false)
|
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
before do
|
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does nothing' do
|
|
|
|
expect(IO).not_to receive(:popen)
|
|
|
|
|
|
|
|
gitlab_shell.batch_add_keys(keys)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'authorized_keys_file set' do
|
|
|
|
it 'does nothing' do
|
|
|
|
expect(Gitlab::AuthorizedKeys).not_to receive(:new)
|
2017-05-30 19:24:45 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.batch_add_keys(keys)
|
2017-05-30 19:24:45 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
|
|
|
|
context 'when authorized_keys_enabled is nil' do
|
|
|
|
before do
|
|
|
|
stub_application_setting(authorized_keys_enabled: nil)
|
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
let(:io) { double }
|
2017-06-26 17:40:08 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
before do
|
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
|
|
|
allow(gitlab_shell)
|
|
|
|
.to receive(:gitlab_shell_keys_path)
|
|
|
|
.and_return(:gitlab_shell_keys_path)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'calls gitlab-keys with batch-add-keys command' do
|
|
|
|
expect(IO)
|
|
|
|
.to receive(:popen)
|
|
|
|
.with("gitlab_shell_keys_path batch-add-keys", 'w')
|
|
|
|
.and_yield(io)
|
|
|
|
|
|
|
|
expect(io).to receive(:puts).with("key-123\tssh-rsa foobar")
|
|
|
|
|
|
|
|
gitlab_shell.batch_add_keys(keys)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'authorized_keys_file set' do
|
|
|
|
it 'calls Gitlab::AuthorizedKeys#batch_add_keys with keys to be added' do
|
|
|
|
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
|
|
|
|
|
|
|
|
expect(gitlab_authorized_keys)
|
|
|
|
.to receive(:batch_add_keys)
|
|
|
|
.with(keys)
|
|
|
|
|
|
|
|
gitlab_shell.batch_add_keys(keys)
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2017-05-30 19:24:45 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
describe '#remove_key' do
|
|
|
|
context 'when authorized_keys_enabled is true' do
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
before do
|
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
|
|
|
allow(gitlab_shell)
|
|
|
|
.to receive(:gitlab_shell_keys_path)
|
|
|
|
.and_return(:gitlab_shell_keys_path)
|
|
|
|
end
|
2017-05-30 19:24:45 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
it 'calls #gitlab_shell_fast_execute with rm-key command' do
|
|
|
|
expect(gitlab_shell)
|
|
|
|
.to receive(:gitlab_shell_fast_execute)
|
|
|
|
.with([
|
|
|
|
:gitlab_shell_keys_path,
|
|
|
|
'rm-key',
|
|
|
|
'key-123'
|
|
|
|
])
|
|
|
|
|
|
|
|
gitlab_shell.remove_key('key-123')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
it 'calls Gitlab::AuthorizedKeys#rm_key with the key to be removed' do
|
|
|
|
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
|
|
|
|
expect(gitlab_authorized_keys).to receive(:rm_key).with('key-123')
|
|
|
|
|
|
|
|
gitlab_shell.remove_key('key-123')
|
|
|
|
end
|
2017-05-30 19:24:45 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when authorized_keys_enabled is false' do
|
|
|
|
before do
|
|
|
|
stub_application_setting(authorized_keys_enabled: false)
|
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
before do
|
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does nothing' do
|
|
|
|
expect(gitlab_shell).not_to receive(:gitlab_shell_fast_execute)
|
2017-05-30 19:24:45 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.remove_key('key-123')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'authorized_keys_file set' do
|
|
|
|
it 'does nothing' do
|
|
|
|
expect(Gitlab::AuthorizedKeys).not_to receive(:new)
|
|
|
|
|
|
|
|
gitlab_shell.remove_key('key-123')
|
|
|
|
end
|
2017-05-30 19:24:45 -04:00
|
|
|
end
|
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
|
|
|
|
context 'when authorized_keys_enabled is nil' do
|
|
|
|
before do
|
|
|
|
stub_application_setting(authorized_keys_enabled: nil)
|
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
before do
|
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
|
|
|
allow(gitlab_shell)
|
|
|
|
.to receive(:gitlab_shell_keys_path)
|
|
|
|
.and_return(:gitlab_shell_keys_path)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'calls #gitlab_shell_fast_execute with rm-key command' do
|
|
|
|
expect(gitlab_shell)
|
|
|
|
.to receive(:gitlab_shell_fast_execute)
|
|
|
|
.with([
|
|
|
|
:gitlab_shell_keys_path,
|
|
|
|
'rm-key',
|
|
|
|
'key-123'
|
|
|
|
])
|
2017-06-26 17:40:08 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.remove_key('key-123')
|
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
it 'calls Gitlab::AuthorizedKeys#rm_key with the key to be removed' do
|
|
|
|
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
|
|
|
|
expect(gitlab_authorized_keys).to receive(:rm_key).with('key-123')
|
2017-06-26 17:40:08 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.remove_key('key-123')
|
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
end
|
2017-05-30 19:24:45 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
describe '#remove_all_keys' do
|
|
|
|
context 'when authorized_keys_enabled is true' do
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
before do
|
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
|
|
|
allow(gitlab_shell)
|
|
|
|
.to receive(:gitlab_shell_keys_path)
|
|
|
|
.and_return(:gitlab_shell_keys_path)
|
|
|
|
end
|
2017-05-30 19:24:45 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
it 'calls #gitlab_shell_fast_execute with clear command' do
|
|
|
|
expect(gitlab_shell)
|
|
|
|
.to receive(:gitlab_shell_fast_execute)
|
|
|
|
.with([:gitlab_shell_keys_path, 'clear'])
|
2017-05-30 19:24:45 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.remove_all_keys
|
|
|
|
end
|
2017-05-30 19:24:45 -04:00
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file set' do
|
|
|
|
it 'calls Gitlab::AuthorizedKeys#clear' do
|
|
|
|
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
|
|
|
|
expect(gitlab_authorized_keys).to receive(:clear)
|
2017-05-30 19:24:45 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.remove_all_keys
|
|
|
|
end
|
2017-05-30 19:24:45 -04:00
|
|
|
end
|
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'when authorized_keys_enabled is false' do
|
2017-06-26 17:40:08 -04:00
|
|
|
before do
|
2019-03-19 07:16:21 -04:00
|
|
|
stub_application_setting(authorized_keys_enabled: false)
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
before do
|
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
it 'does nothing' do
|
|
|
|
expect(gitlab_shell).not_to receive(:gitlab_shell_fast_execute)
|
2017-06-26 17:40:08 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.remove_all_keys
|
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file set' do
|
|
|
|
it 'does nothing' do
|
|
|
|
expect(Gitlab::AuthorizedKeys).not_to receive(:new)
|
|
|
|
|
|
|
|
gitlab_shell.remove_all_keys
|
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'when authorized_keys_enabled is nil' do
|
2017-06-26 17:40:08 -04:00
|
|
|
before do
|
2019-03-19 07:16:21 -04:00
|
|
|
stub_application_setting(authorized_keys_enabled: nil)
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
before do
|
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
|
|
|
allow(gitlab_shell)
|
|
|
|
.to receive(:gitlab_shell_keys_path)
|
|
|
|
.and_return(:gitlab_shell_keys_path)
|
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
it 'calls #gitlab_shell_fast_execute with clear command' do
|
|
|
|
expect(gitlab_shell)
|
|
|
|
.to receive(:gitlab_shell_fast_execute)
|
|
|
|
.with([:gitlab_shell_keys_path, 'clear'])
|
2017-06-26 17:40:08 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.remove_all_keys
|
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file set' do
|
|
|
|
it 'calls Gitlab::AuthorizedKeys#clear' do
|
|
|
|
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
|
|
|
|
expect(gitlab_authorized_keys).to receive(:clear)
|
2017-06-26 17:40:08 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.remove_all_keys
|
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
end
|
2019-03-19 07:16:21 -04:00
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
describe '#remove_keys_not_found_in_db' do
|
|
|
|
context 'when keys are in the file that are not in the DB' do
|
|
|
|
context 'authorized_keys_file not set' do
|
2017-06-26 17:40:08 -04:00
|
|
|
before do
|
2019-03-19 07:16:21 -04:00
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
2017-06-26 17:40:08 -04:00
|
|
|
gitlab_shell.remove_all_keys
|
|
|
|
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.add_key('key-9876', 'ssh-rsa ASDFASDF')
|
|
|
|
@another_key = create(:key) # this one IS in the DB
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
it 'removes the keys' do
|
|
|
|
expect(gitlab_shell).to receive(:remove_key).with('key-1234')
|
|
|
|
expect(gitlab_shell).to receive(:remove_key).with('key-9876')
|
|
|
|
expect(gitlab_shell).not_to receive(:remove_key).with("key-#{@another_key.id}")
|
|
|
|
|
2017-06-26 17:40:08 -04:00
|
|
|
gitlab_shell.remove_keys_not_found_in_db
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file set' do
|
|
|
|
before do
|
|
|
|
gitlab_shell.remove_all_keys
|
|
|
|
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
|
|
|
|
gitlab_shell.add_key('key-9876', 'ssh-rsa ASDFASDF')
|
|
|
|
@another_key = create(:key) # this one IS in the DB
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
it 'removes the keys' do
|
|
|
|
expect(gitlab_shell).to receive(:remove_key).with('key-1234')
|
|
|
|
expect(gitlab_shell).to receive(:remove_key).with('key-9876')
|
|
|
|
expect(gitlab_shell).not_to receive(:remove_key).with("key-#{@another_key.id}")
|
2017-06-26 17:40:08 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.remove_keys_not_found_in_db
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'when keys there are duplicate keys in the file that are not in the DB' do
|
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
before do
|
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
|
|
|
gitlab_shell.remove_all_keys
|
|
|
|
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
|
|
|
|
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'removes the keys' do
|
|
|
|
expect(gitlab_shell).to receive(:remove_key).with('key-1234')
|
|
|
|
|
|
|
|
gitlab_shell.remove_keys_not_found_in_db
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file set' do
|
|
|
|
before do
|
|
|
|
gitlab_shell.remove_all_keys
|
|
|
|
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
|
|
|
|
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
it 'removes the keys' do
|
|
|
|
expect(gitlab_shell).to receive(:remove_key).with('key-1234')
|
2017-06-26 17:40:08 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.remove_keys_not_found_in_db
|
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
2019-03-19 07:16:21 -04:00
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'when keys there are duplicate keys in the file that ARE in the DB' do
|
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
before do
|
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
|
|
|
gitlab_shell.remove_all_keys
|
|
|
|
@key = create(:key)
|
|
|
|
gitlab_shell.add_key(@key.shell_id, @key.key)
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
it 'does not remove the key' do
|
|
|
|
expect(gitlab_shell).not_to receive(:remove_key).with("key-#{@key.id}")
|
|
|
|
|
|
|
|
gitlab_shell.remove_keys_not_found_in_db
|
|
|
|
end
|
2017-06-26 17:40:08 -04:00
|
|
|
end
|
2017-05-30 19:24:45 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file set' do
|
|
|
|
before do
|
|
|
|
gitlab_shell.remove_all_keys
|
|
|
|
@key = create(:key)
|
|
|
|
gitlab_shell.add_key(@key.shell_id, @key.key)
|
|
|
|
end
|
2015-10-08 20:34:50 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
it 'does not remove the key' do
|
|
|
|
expect(gitlab_shell).not_to receive(:remove_key).with("key-#{@key.id}")
|
2016-09-16 05:43:05 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.remove_keys_not_found_in_db
|
|
|
|
end
|
2016-09-16 05:43:05 -04:00
|
|
|
end
|
2019-03-19 07:16:21 -04:00
|
|
|
end
|
2016-09-16 05:43:05 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
unless ENV['CI'] # Skip in CI, it takes 1 minute
|
|
|
|
context 'when the first batch can be skipped, but the next batch has keys that are not in the DB' do
|
|
|
|
context 'authorized_keys_file not set' do
|
|
|
|
before do
|
|
|
|
stub_gitlab_shell_setting(authorized_keys_file: nil)
|
|
|
|
gitlab_shell.remove_all_keys
|
|
|
|
100.times { |i| create(:key) } # first batch is all in the DB
|
|
|
|
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
|
|
|
|
end
|
2017-04-05 02:09:04 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
it 'removes the keys not in the DB' do
|
|
|
|
expect(gitlab_shell).to receive(:remove_key).with('key-1234')
|
2017-04-05 02:09:04 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.remove_keys_not_found_in_db
|
|
|
|
end
|
|
|
|
end
|
2017-04-05 02:09:04 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
context 'authorized_keys_file set' do
|
|
|
|
before do
|
|
|
|
gitlab_shell.remove_all_keys
|
|
|
|
100.times { |i| create(:key) } # first batch is all in the DB
|
|
|
|
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'removes the keys not in the DB' do
|
|
|
|
expect(gitlab_shell).to receive(:remove_key).with('key-1234')
|
2015-10-08 20:34:50 -04:00
|
|
|
|
2019-03-19 07:16:21 -04:00
|
|
|
gitlab_shell.remove_keys_not_found_in_db
|
|
|
|
end
|
|
|
|
end
|
2015-10-08 20:34:50 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2017-04-13 21:53:30 -04:00
|
|
|
|
|
|
|
describe 'projects commands' do
|
2017-08-14 07:29:47 -04:00
|
|
|
let(:gitlab_shell_path) { File.expand_path('tmp/tests/gitlab-shell') }
|
|
|
|
let(:projects_path) { File.join(gitlab_shell_path, 'bin/gitlab-projects') }
|
|
|
|
let(:gitlab_shell_hooks_path) { File.join(gitlab_shell_path, 'hooks') }
|
2017-04-13 21:53:30 -04:00
|
|
|
|
|
|
|
before do
|
2017-08-14 07:29:47 -04:00
|
|
|
allow(Gitlab.config.gitlab_shell).to receive(:path).and_return(gitlab_shell_path)
|
2017-04-13 21:53:30 -04:00
|
|
|
allow(Gitlab.config.gitlab_shell).to receive(:git_timeout).and_return(800)
|
|
|
|
end
|
|
|
|
|
2018-03-14 04:56:22 -04:00
|
|
|
describe '#create_repository' do
|
2018-07-09 06:50:17 -04:00
|
|
|
let(:repository_storage) { 'default' }
|
|
|
|
let(:repository_storage_path) do
|
|
|
|
Gitlab::GitalyClient::StorageSettings.allow_disk_access do
|
|
|
|
Gitlab.config.repositories.storages[repository_storage].legacy_disk_path
|
2017-08-14 07:29:47 -04:00
|
|
|
end
|
2018-07-09 06:50:17 -04:00
|
|
|
end
|
|
|
|
let(:repo_name) { 'project/path' }
|
|
|
|
let(:created_path) { File.join(repository_storage_path, repo_name + '.git') }
|
2017-08-14 07:29:47 -04:00
|
|
|
|
2018-07-09 06:50:17 -04:00
|
|
|
after do
|
|
|
|
FileUtils.rm_rf(created_path)
|
|
|
|
end
|
2017-09-28 13:07:22 -04:00
|
|
|
|
2018-07-09 06:50:17 -04:00
|
|
|
it 'returns false when the command fails' do
|
|
|
|
FileUtils.mkdir_p(File.dirname(created_path))
|
|
|
|
# This file will block the creation of the repo's .git directory. That
|
|
|
|
# should cause #create_repository to fail.
|
|
|
|
FileUtils.touch(created_path)
|
2017-07-03 14:28:29 -04:00
|
|
|
|
2018-12-23 02:34:35 -05:00
|
|
|
expect(gitlab_shell.create_repository(repository_storage, repo_name, repo_name)).to be_falsy
|
2017-07-03 14:28:29 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '#remove_repository' do
|
2017-12-01 08:58:49 -05:00
|
|
|
let!(:project) { create(:project, :repository, :legacy_storage) }
|
2018-01-05 07:29:04 -05:00
|
|
|
let(:disk_path) { "#{project.disk_path}.git" }
|
2017-12-11 12:52:07 -05:00
|
|
|
|
2017-07-03 14:28:29 -04:00
|
|
|
it 'returns true when the command succeeds' do
|
2018-04-13 06:57:19 -04:00
|
|
|
expect(gitlab_shell.exists?(project.repository_storage, disk_path)).to be(true)
|
2017-07-03 14:28:29 -04:00
|
|
|
|
2018-04-13 06:57:19 -04:00
|
|
|
expect(gitlab_shell.remove_repository(project.repository_storage, project.disk_path)).to be(true)
|
2018-01-05 07:29:04 -05:00
|
|
|
|
2018-04-13 06:57:19 -04:00
|
|
|
expect(gitlab_shell.exists?(project.repository_storage, disk_path)).to be(false)
|
2017-07-03 14:28:29 -04:00
|
|
|
end
|
|
|
|
|
2018-01-05 07:29:04 -05:00
|
|
|
it 'keeps the namespace directory' do
|
2018-04-13 06:57:19 -04:00
|
|
|
gitlab_shell.remove_repository(project.repository_storage, project.disk_path)
|
2017-07-03 14:28:29 -04:00
|
|
|
|
2018-04-13 06:57:19 -04:00
|
|
|
expect(gitlab_shell.exists?(project.repository_storage, disk_path)).to be(false)
|
|
|
|
expect(gitlab_shell.exists?(project.repository_storage, project.disk_path.gsub(project.name, ''))).to be(true)
|
2017-07-03 14:28:29 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '#mv_repository' do
|
2018-01-05 07:29:04 -05:00
|
|
|
let!(:project2) { create(:project, :repository) }
|
|
|
|
|
2017-07-03 14:28:29 -04:00
|
|
|
it 'returns true when the command succeeds' do
|
2018-01-05 07:29:04 -05:00
|
|
|
old_path = project2.disk_path
|
|
|
|
new_path = "project/new_path"
|
2017-07-03 14:28:29 -04:00
|
|
|
|
2018-04-13 06:57:19 -04:00
|
|
|
expect(gitlab_shell.exists?(project2.repository_storage, "#{old_path}.git")).to be(true)
|
|
|
|
expect(gitlab_shell.exists?(project2.repository_storage, "#{new_path}.git")).to be(false)
|
2018-01-05 07:29:04 -05:00
|
|
|
|
2018-04-13 06:57:19 -04:00
|
|
|
expect(gitlab_shell.mv_repository(project2.repository_storage, old_path, new_path)).to be_truthy
|
2018-01-05 07:29:04 -05:00
|
|
|
|
2018-04-13 06:57:19 -04:00
|
|
|
expect(gitlab_shell.exists?(project2.repository_storage, "#{old_path}.git")).to be(false)
|
|
|
|
expect(gitlab_shell.exists?(project2.repository_storage, "#{new_path}.git")).to be(true)
|
2017-07-03 14:28:29 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns false when the command fails' do
|
2018-04-13 06:57:19 -04:00
|
|
|
expect(gitlab_shell.mv_repository(project2.repository_storage, project2.disk_path, '')).to be_falsy
|
|
|
|
expect(gitlab_shell.exists?(project2.repository_storage, "#{project2.disk_path}.git")).to be(true)
|
2017-07-03 14:28:29 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '#fork_repository' do
|
2019-01-17 01:40:23 -05:00
|
|
|
let(:target_project) { create(:project) }
|
|
|
|
|
2017-12-11 12:52:07 -05:00
|
|
|
subject do
|
2019-01-17 01:40:23 -05:00
|
|
|
gitlab_shell.fork_repository(project, target_project)
|
2017-12-11 12:52:07 -05:00
|
|
|
end
|
|
|
|
|
2018-06-19 06:17:54 -04:00
|
|
|
it 'returns true when the command succeeds' do
|
|
|
|
expect_any_instance_of(Gitlab::GitalyClient::RepositoryService).to receive(:fork_repository)
|
|
|
|
.with(repository.raw_repository) { :gitaly_response_object }
|
2017-07-03 14:28:29 -04:00
|
|
|
|
2018-06-19 06:17:54 -04:00
|
|
|
is_expected.to be_truthy
|
2017-07-03 14:28:29 -04:00
|
|
|
end
|
|
|
|
|
2018-06-19 06:17:54 -04:00
|
|
|
it 'return false when the command fails' do
|
|
|
|
expect_any_instance_of(Gitlab::GitalyClient::RepositoryService).to receive(:fork_repository)
|
|
|
|
.with(repository.raw_repository) { raise GRPC::BadStatus, 'bla' }
|
2018-06-05 11:58:28 -04:00
|
|
|
|
2018-06-19 06:17:54 -04:00
|
|
|
is_expected.to be_falsy
|
2017-07-03 14:28:29 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-04-13 21:53:30 -04:00
|
|
|
describe '#import_repository' do
|
2017-12-11 12:52:07 -05:00
|
|
|
let(:import_url) { 'https://gitlab.com/gitlab-org/gitlab-ce.git' }
|
|
|
|
|
2018-06-05 11:58:28 -04:00
|
|
|
context 'with gitaly' do
|
|
|
|
it 'returns true when the command succeeds' do
|
|
|
|
expect_any_instance_of(Gitlab::GitalyClient::RepositoryService).to receive(:import_repository).with(import_url)
|
2017-04-13 21:53:30 -04:00
|
|
|
|
2018-12-23 02:34:35 -05:00
|
|
|
result = gitlab_shell.import_repository(project.repository_storage, project.disk_path, import_url, project.full_path)
|
2017-12-11 12:52:07 -05:00
|
|
|
|
2018-06-05 11:58:28 -04:00
|
|
|
expect(result).to be_truthy
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'raises an exception when the command fails' do
|
|
|
|
expect_any_instance_of(Gitlab::GitalyClient::RepositoryService).to receive(:import_repository)
|
|
|
|
.with(import_url) { raise GRPC::BadStatus, 'bla' }
|
|
|
|
expect_any_instance_of(Gitlab::Shell::GitalyGitlabProjects).to receive(:output) { 'error'}
|
|
|
|
|
|
|
|
expect do
|
2018-12-23 02:34:35 -05:00
|
|
|
gitlab_shell.import_repository(project.repository_storage, project.disk_path, import_url, project.full_path)
|
2018-06-05 11:58:28 -04:00
|
|
|
end.to raise_error(Gitlab::Shell::Error, "error")
|
|
|
|
end
|
2017-04-13 21:53:30 -04:00
|
|
|
end
|
2017-12-11 12:52:07 -05:00
|
|
|
end
|
2017-04-13 21:53:30 -04:00
|
|
|
end
|
2017-09-12 06:26:59 -04:00
|
|
|
|
|
|
|
describe 'namespace actions' do
|
|
|
|
subject { described_class.new }
|
2018-04-13 06:57:19 -04:00
|
|
|
let(:storage) { Gitlab.config.repositories.storages.keys.first }
|
2017-09-12 06:26:59 -04:00
|
|
|
|
|
|
|
describe '#add_namespace' do
|
|
|
|
it 'creates a namespace' do
|
2018-04-13 06:57:19 -04:00
|
|
|
subject.add_namespace(storage, "mepmep")
|
2017-09-12 06:26:59 -04:00
|
|
|
|
2018-04-13 06:57:19 -04:00
|
|
|
expect(subject.exists?(storage, "mepmep")).to be(true)
|
2017-09-12 06:26:59 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '#exists?' do
|
|
|
|
context 'when the namespace does not exist' do
|
|
|
|
it 'returns false' do
|
2018-04-13 06:57:19 -04:00
|
|
|
expect(subject.exists?(storage, "non-existing")).to be(false)
|
2017-09-12 06:26:59 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the namespace exists' do
|
|
|
|
it 'returns true' do
|
2018-04-13 06:57:19 -04:00
|
|
|
subject.add_namespace(storage, "mepmep")
|
2017-09-12 06:26:59 -04:00
|
|
|
|
2018-04-13 06:57:19 -04:00
|
|
|
expect(subject.exists?(storage, "mepmep")).to be(true)
|
2017-09-12 06:26:59 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '#remove' do
|
|
|
|
it 'removes the namespace' do
|
2018-04-13 06:57:19 -04:00
|
|
|
subject.add_namespace(storage, "mepmep")
|
|
|
|
subject.rm_namespace(storage, "mepmep")
|
2017-09-12 06:26:59 -04:00
|
|
|
|
2018-04-13 06:57:19 -04:00
|
|
|
expect(subject.exists?(storage, "mepmep")).to be(false)
|
2017-09-12 06:26:59 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '#mv_namespace' do
|
|
|
|
it 'renames the namespace' do
|
2018-04-13 06:57:19 -04:00
|
|
|
subject.add_namespace(storage, "mepmep")
|
|
|
|
subject.mv_namespace(storage, "mepmep", "2mep")
|
2017-09-12 06:26:59 -04:00
|
|
|
|
2018-04-13 06:57:19 -04:00
|
|
|
expect(subject.exists?(storage, "mepmep")).to be(false)
|
|
|
|
expect(subject.exists?(storage, "2mep")).to be(true)
|
2017-09-12 06:26:59 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2012-09-07 01:16:29 -04:00
|
|
|
end
|