kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Remove the fallback path from gitlab-ce

Browse source
This commit is contained in:
Patrick Bajao 2019-08-23 13:53:40 +08:00
parent 42484f55c1
commit c08191e0d5
2 changed files with 89 additions and 482 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

86
lib/gitlab/shell.rb
View file

@ -165,16 +165,7 @@ module Gitlab
def add_key(key_id, key_content) def add_key(key_id, key_content)
return unless self.authorized_keys_enabled? return unless self.authorized_keys_enabled?
if shell_out_for_gitlab_keys? gitlab_authorized_keys.add_key(key_id, key_content)
gitlab_shell_fast_execute([
gitlab_shell_keys_path,
'add-key',
key_id,
strip_key(key_content)
])
else
gitlab_authorized_keys.add_key(key_id, key_content)
end
end end
# Batch-add keys to authorized_keys # Batch-add keys to authorized_keys
@ -184,19 +175,7 @@ module Gitlab
def batch_add_keys(keys) def batch_add_keys(keys)
return unless self.authorized_keys_enabled? return unless self.authorized_keys_enabled?
if shell_out_for_gitlab_keys? gitlab_authorized_keys.batch_add_keys(keys)
begin
IO.popen("#{gitlab_shell_keys_path} batch-add-keys", 'w') do |io|
add_keys_to_io(keys, io)
end
$?.success?
rescue Error
false
end
else
gitlab_authorized_keys.batch_add_keys(keys)
end
end end
# Remove ssh key from authorized_keys # Remove ssh key from authorized_keys
@ -207,11 +186,7 @@ module Gitlab
def remove_key(id, _ = nil) def remove_key(id, _ = nil)
return unless self.authorized_keys_enabled? return unless self.authorized_keys_enabled?
if shell_out_for_gitlab_keys? gitlab_authorized_keys.rm_key(id)
gitlab_shell_fast_execute([gitlab_shell_keys_path, 'rm-key', id])
else
gitlab_authorized_keys.rm_key(id)
end
end end
# Remove all ssh keys from gitlab shell # Remove all ssh keys from gitlab shell
@ -222,11 +197,7 @@ module Gitlab
def remove_all_keys def remove_all_keys
return unless self.authorized_keys_enabled? return unless self.authorized_keys_enabled?
if shell_out_for_gitlab_keys? gitlab_authorized_keys.clear
gitlab_shell_fast_execute([gitlab_shell_keys_path, 'clear'])
else
gitlab_authorized_keys.clear
end
end end
# Remove ssh keys from gitlab shell that are not in the DB # Remove ssh keys from gitlab shell that are not in the DB
@ -341,14 +312,6 @@ module Gitlab
File.join(Gitlab.config.repositories.storages[storage].legacy_disk_path, dir_name) File.join(Gitlab.config.repositories.storages[storage].legacy_disk_path, dir_name)
end end
def gitlab_shell_projects_path
File.join(gitlab_shell_path, 'bin', 'gitlab-projects')
end
def gitlab_shell_keys_path
File.join(gitlab_shell_path, 'bin', 'gitlab-keys')
end
def authorized_keys_enabled? def authorized_keys_enabled?
# Return true if nil to ensure the authorized_keys methods work while # Return true if nil to ensure the authorized_keys methods work while
# fixing the authorized_keys file during migration. # fixing the authorized_keys file during migration.
@ -359,35 +322,6 @@ module Gitlab
private private
def shell_out_for_gitlab_keys?
Gitlab.config.gitlab_shell.authorized_keys_file.blank?
end
def gitlab_shell_fast_execute(cmd)
output, status = gitlab_shell_fast_execute_helper(cmd)
return true if status.zero?
Rails.logger.error("gitlab-shell failed with error #{status}: #{output}") # rubocop:disable Gitlab/RailsLogger
false
end
def gitlab_shell_fast_execute_raise_error(cmd, vars = {})
output, status = gitlab_shell_fast_execute_helper(cmd, vars)
raise Error, output unless status.zero?
true
end
def gitlab_shell_fast_execute_helper(cmd, vars = {})
vars.merge!(ENV.to_h.slice(*GITLAB_SHELL_ENV_VARS))
# Don't pass along the entire parent environment to prevent gitlab-shell
# from wasting I/O by searching through GEM_PATH
Bundler.with_original_env { Popen.popen(cmd, nil, vars) }
end
def git_timeout def git_timeout
Gitlab.config.gitlab_shell.git_timeout Gitlab.config.gitlab_shell.git_timeout
end end
@ -407,16 +341,8 @@ module Gitlab
def batch_read_key_ids(batch_size: 100, &block) def batch_read_key_ids(batch_size: 100, &block)
return unless self.authorized_keys_enabled? return unless self.authorized_keys_enabled?
if shell_out_for_gitlab_keys? gitlab_authorized_keys.list_key_ids.lazy.each_slice(batch_size) do |key_ids|
IO.popen("#{gitlab_shell_keys_path} list-key-ids") do |key_id_stream| yield(key_ids)
key_id_stream.lazy.each_slice(batch_size) do |lines|
yield(lines.map { |l| l.chomp.to_i })
end
end
else
gitlab_authorized_keys.list_key_ids.lazy.each_slice(batch_size) do |key_ids|
yield(key_ids)
end
end end
end end

485
spec/lib/gitlab/shell_spec.rb
View file

@ -52,38 +52,14 @@ describe Gitlab::Shell do
describe '#add_key' do describe '#add_key' do
context 'when authorized_keys_enabled is true' do context 'when authorized_keys_enabled is true' do
context 'authorized_keys_file not set' do it 'calls Gitlab::AuthorizedKeys#add_key with id and key' do
before do expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
stub_gitlab_shell_setting(authorized_keys_file: nil)
allow(gitlab_shell)
.to receive(:gitlab_shell_keys_path)
.and_return(:gitlab_shell_keys_path)
end
it 'calls #gitlab_shell_fast_execute with add-key command' do expect(gitlab_authorized_keys)
expect(gitlab_shell) .to receive(:add_key)
.to receive(:gitlab_shell_fast_execute) .with('key-123', 'ssh-rsa foobar')
.with([
:gitlab_shell_keys_path,
'add-key',
'key-123',
'ssh-rsa foobar'
])
gitlab_shell.add_key('key-123', 'ssh-rsa foobar trailing garbage') gitlab_shell.add_key('key-123', 'ssh-rsa foobar')
end
end
context 'authorized_keys_file set' do
it 'calls Gitlab::AuthorizedKeys#add_key with id and key' do
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
expect(gitlab_authorized_keys)
.to receive(:add_key)
.with('key-123', 'ssh-rsa foobar')
gitlab_shell.add_key('key-123', 'ssh-rsa foobar')
end
end end
end end
@ -92,24 +68,10 @@ describe Gitlab::Shell do
stub_application_setting(authorized_keys_enabled: false) stub_application_setting(authorized_keys_enabled: false)
end end
context 'authorized_keys_file not set' do it 'does nothing' do
before do expect(Gitlab::AuthorizedKeys).not_to receive(:new)
stub_gitlab_shell_setting(authorized_keys_file: nil)
end
it 'does nothing' do gitlab_shell.add_key('key-123', 'ssh-rsa foobar trailing garbage')
expect(gitlab_shell).not_to receive(:gitlab_shell_fast_execute)
gitlab_shell.add_key('key-123', 'ssh-rsa foobar trailing garbage')
end
end
context 'authorized_keys_file set' do
it 'does nothing' do
expect(Gitlab::AuthorizedKeys).not_to receive(:new)
gitlab_shell.add_key('key-123', 'ssh-rsa foobar trailing garbage')
end
end end
end end
@ -118,38 +80,14 @@ describe Gitlab::Shell do
stub_application_setting(authorized_keys_enabled: nil) stub_application_setting(authorized_keys_enabled: nil)
end end
context 'authorized_keys_file not set' do it 'calls Gitlab::AuthorizedKeys#add_key with id and key' do
before do expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
stub_gitlab_shell_setting(authorized_keys_file: nil)
allow(gitlab_shell)
.to receive(:gitlab_shell_keys_path)
.and_return(:gitlab_shell_keys_path)
end
it 'calls #gitlab_shell_fast_execute with add-key command' do expect(gitlab_authorized_keys)
expect(gitlab_shell) .to receive(:add_key)
.to receive(:gitlab_shell_fast_execute) .with('key-123', 'ssh-rsa foobar')
.with([
:gitlab_shell_keys_path,
'add-key',
'key-123',
'ssh-rsa foobar'
])
gitlab_shell.add_key('key-123', 'ssh-rsa foobar trailing garbage') gitlab_shell.add_key('key-123', 'ssh-rsa foobar')
end
end
context 'authorized_keys_file set' do
it 'calls Gitlab::AuthorizedKeys#add_key with id and key' do
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
expect(gitlab_authorized_keys)
.to receive(:add_key)
.with('key-123', 'ssh-rsa foobar')
gitlab_shell.add_key('key-123', 'ssh-rsa foobar')
end
end end
end end
end end
@ -158,50 +96,14 @@ describe Gitlab::Shell do
let(:keys) { [double(shell_id: 'key-123', key: 'ssh-rsa foobar')] } let(:keys) { [double(shell_id: 'key-123', key: 'ssh-rsa foobar')] }
context 'when authorized_keys_enabled is true' do context 'when authorized_keys_enabled is true' do
context 'authorized_keys_file not set' do it 'calls Gitlab::AuthorizedKeys#batch_add_keys with keys to be added' do
let(:io) { double } expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
before do expect(gitlab_authorized_keys)
stub_gitlab_shell_setting(authorized_keys_file: nil) .to receive(:batch_add_keys)
end .with(keys)
context 'valid keys' do gitlab_shell.batch_add_keys(keys)
before do
allow(gitlab_shell)
.to receive(:gitlab_shell_keys_path)
.and_return(:gitlab_shell_keys_path)
end
it 'calls gitlab-keys with batch-add-keys command' do
expect(IO)
.to receive(:popen)
.with("gitlab_shell_keys_path batch-add-keys", 'w')
.and_yield(io)
expect(io).to receive(:puts).with("key-123\tssh-rsa foobar")
expect(gitlab_shell.batch_add_keys(keys)).to be_truthy
end
end
context 'invalid keys' do
let(:keys) { [double(shell_id: 'key-123', key: "ssh-rsa A\tSDFA\nSGADG")] }
it 'catches failure and returns false' do
expect(gitlab_shell.batch_add_keys(keys)).to be_falsey
end
end
end
context 'authorized_keys_file set' do
it 'calls Gitlab::AuthorizedKeys#batch_add_keys with keys to be added' do
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
expect(gitlab_authorized_keys)
.to receive(:batch_add_keys)
.with(keys)
gitlab_shell.batch_add_keys(keys)
end
end end
end end
@ -210,24 +112,10 @@ describe Gitlab::Shell do
stub_application_setting(authorized_keys_enabled: false) stub_application_setting(authorized_keys_enabled: false)
end end
context 'authorized_keys_file not set' do it 'does nothing' do
before do expect(Gitlab::AuthorizedKeys).not_to receive(:new)
stub_gitlab_shell_setting(authorized_keys_file: nil)
end
it 'does nothing' do gitlab_shell.batch_add_keys(keys)
expect(IO).not_to receive(:popen)
gitlab_shell.batch_add_keys(keys)
end
end
context 'authorized_keys_file set' do
it 'does nothing' do
expect(Gitlab::AuthorizedKeys).not_to receive(:new)
gitlab_shell.batch_add_keys(keys)
end
end end
end end
@ -236,72 +124,25 @@ describe Gitlab::Shell do
stub_application_setting(authorized_keys_enabled: nil) stub_application_setting(authorized_keys_enabled: nil)
end end
context 'authorized_keys_file not set' do it 'calls Gitlab::AuthorizedKeys#batch_add_keys with keys to be added' do
let(:io) { double } expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
before do expect(gitlab_authorized_keys)
stub_gitlab_shell_setting(authorized_keys_file: nil) .to receive(:batch_add_keys)
allow(gitlab_shell) .with(keys)
.to receive(:gitlab_shell_keys_path)
.and_return(:gitlab_shell_keys_path)
end
it 'calls gitlab-keys with batch-add-keys command' do gitlab_shell.batch_add_keys(keys)
expect(IO)
.to receive(:popen)
.with("gitlab_shell_keys_path batch-add-keys", 'w')
.and_yield(io)
expect(io).to receive(:puts).with("key-123\tssh-rsa foobar")
gitlab_shell.batch_add_keys(keys)
end
end
context 'authorized_keys_file set' do
it 'calls Gitlab::AuthorizedKeys#batch_add_keys with keys to be added' do
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
expect(gitlab_authorized_keys)
.to receive(:batch_add_keys)
.with(keys)
gitlab_shell.batch_add_keys(keys)
end
end end
end end
end end
describe '#remove_key' do describe '#remove_key' do
context 'when authorized_keys_enabled is true' do context 'when authorized_keys_enabled is true' do
context 'authorized_keys_file not set' do it 'calls Gitlab::AuthorizedKeys#rm_key with the key to be removed' do
before do expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
stub_gitlab_shell_setting(authorized_keys_file: nil) expect(gitlab_authorized_keys).to receive(:rm_key).with('key-123')
allow(gitlab_shell)
.to receive(:gitlab_shell_keys_path)
.and_return(:gitlab_shell_keys_path)
end
it 'calls #gitlab_shell_fast_execute with rm-key command' do gitlab_shell.remove_key('key-123')
expect(gitlab_shell)
.to receive(:gitlab_shell_fast_execute)
.with([
:gitlab_shell_keys_path,
'rm-key',
'key-123'
])
gitlab_shell.remove_key('key-123')
end
end
context 'authorized_keys_file not set' do
it 'calls Gitlab::AuthorizedKeys#rm_key with the key to be removed' do
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
expect(gitlab_authorized_keys).to receive(:rm_key).with('key-123')
gitlab_shell.remove_key('key-123')
end
end end
end end
@ -310,24 +151,10 @@ describe Gitlab::Shell do
stub_application_setting(authorized_keys_enabled: false) stub_application_setting(authorized_keys_enabled: false)
end end
context 'authorized_keys_file not set' do it 'does nothing' do
before do expect(Gitlab::AuthorizedKeys).not_to receive(:new)
stub_gitlab_shell_setting(authorized_keys_file: nil)
end
it 'does nothing' do gitlab_shell.remove_key('key-123')
expect(gitlab_shell).not_to receive(:gitlab_shell_fast_execute)
gitlab_shell.remove_key('key-123')
end
end
context 'authorized_keys_file set' do
it 'does nothing' do
expect(Gitlab::AuthorizedKeys).not_to receive(:new)
gitlab_shell.remove_key('key-123')
end
end end
end end
@ -336,64 +163,22 @@ describe Gitlab::Shell do
stub_application_setting(authorized_keys_enabled: nil) stub_application_setting(authorized_keys_enabled: nil)
end end
context 'authorized_keys_file not set' do it 'calls Gitlab::AuthorizedKeys#rm_key with the key to be removed' do
before do expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
stub_gitlab_shell_setting(authorized_keys_file: nil) expect(gitlab_authorized_keys).to receive(:rm_key).with('key-123')
allow(gitlab_shell)
.to receive(:gitlab_shell_keys_path)
.and_return(:gitlab_shell_keys_path)
end
it 'calls #gitlab_shell_fast_execute with rm-key command' do gitlab_shell.remove_key('key-123')
expect(gitlab_shell)
.to receive(:gitlab_shell_fast_execute)
.with([
:gitlab_shell_keys_path,
'rm-key',
'key-123'
])
gitlab_shell.remove_key('key-123')
end
end
context 'authorized_keys_file not set' do
it 'calls Gitlab::AuthorizedKeys#rm_key with the key to be removed' do
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
expect(gitlab_authorized_keys).to receive(:rm_key).with('key-123')
gitlab_shell.remove_key('key-123')
end
end end
end end
end end
describe '#remove_all_keys' do describe '#remove_all_keys' do
context 'when authorized_keys_enabled is true' do context 'when authorized_keys_enabled is true' do
context 'authorized_keys_file not set' do it 'calls Gitlab::AuthorizedKeys#clear' do
before do expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
stub_gitlab_shell_setting(authorized_keys_file: nil) expect(gitlab_authorized_keys).to receive(:clear)
allow(gitlab_shell)
.to receive(:gitlab_shell_keys_path)
.and_return(:gitlab_shell_keys_path)
end
it 'calls #gitlab_shell_fast_execute with clear command' do gitlab_shell.remove_all_keys
expect(gitlab_shell)
.to receive(:gitlab_shell_fast_execute)
.with([:gitlab_shell_keys_path, 'clear'])
gitlab_shell.remove_all_keys
end
end
context 'authorized_keys_file set' do
it 'calls Gitlab::AuthorizedKeys#clear' do
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
expect(gitlab_authorized_keys).to receive(:clear)
gitlab_shell.remove_all_keys
end
end end
end end
@ -402,24 +187,10 @@ describe Gitlab::Shell do
stub_application_setting(authorized_keys_enabled: false) stub_application_setting(authorized_keys_enabled: false)
end end
context 'authorized_keys_file not set' do it 'does nothing' do
before do expect(Gitlab::AuthorizedKeys).not_to receive(:new)
stub_gitlab_shell_setting(authorized_keys_file: nil)
end
it 'does nothing' do gitlab_shell.remove_all_keys
expect(gitlab_shell).not_to receive(:gitlab_shell_fast_execute)
gitlab_shell.remove_all_keys
end
end
context 'authorized_keys_file set' do
it 'does nothing' do
expect(Gitlab::AuthorizedKeys).not_to receive(:new)
gitlab_shell.remove_all_keys
end
end end
end end
@ -428,163 +199,73 @@ describe Gitlab::Shell do
stub_application_setting(authorized_keys_enabled: nil) stub_application_setting(authorized_keys_enabled: nil)
end end
context 'authorized_keys_file not set' do it 'calls Gitlab::AuthorizedKeys#clear' do
before do expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
stub_gitlab_shell_setting(authorized_keys_file: nil) expect(gitlab_authorized_keys).to receive(:clear)
allow(gitlab_shell)
.to receive(:gitlab_shell_keys_path)
.and_return(:gitlab_shell_keys_path)
end
it 'calls #gitlab_shell_fast_execute with clear command' do gitlab_shell.remove_all_keys
expect(gitlab_shell)
.to receive(:gitlab_shell_fast_execute)
.with([:gitlab_shell_keys_path, 'clear'])
gitlab_shell.remove_all_keys
end
end
context 'authorized_keys_file set' do
it 'calls Gitlab::AuthorizedKeys#clear' do
expect(Gitlab::AuthorizedKeys).to receive(:new).and_return(gitlab_authorized_keys)
expect(gitlab_authorized_keys).to receive(:clear)
gitlab_shell.remove_all_keys
end
end end
end end
end end
describe '#remove_keys_not_found_in_db' do describe '#remove_keys_not_found_in_db' do
context 'when keys are in the file that are not in the DB' do context 'when keys are in the file that are not in the DB' do
context 'authorized_keys_file not set' do before do
before do gitlab_shell.remove_all_keys
stub_gitlab_shell_setting(authorized_keys_file: nil) gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
gitlab_shell.remove_all_keys gitlab_shell.add_key('key-9876', 'ssh-rsa ASDFASDF')
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF') @another_key = create(:key) # this one IS in the DB
gitlab_shell.add_key('key-9876', 'ssh-rsa ASDFASDF')
@another_key = create(:key) # this one IS in the DB
end
it 'removes the keys' do
expect(gitlab_shell).to receive(:remove_key).with('key-1234')
expect(gitlab_shell).to receive(:remove_key).with('key-9876')
expect(gitlab_shell).not_to receive(:remove_key).with("key-#{@another_key.id}")
gitlab_shell.remove_keys_not_found_in_db
end
end end
context 'authorized_keys_file set' do it 'removes the keys' do
before do expect(gitlab_shell).to receive(:remove_key).with('key-1234')
gitlab_shell.remove_all_keys expect(gitlab_shell).to receive(:remove_key).with('key-9876')
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF') expect(gitlab_shell).not_to receive(:remove_key).with("key-#{@another_key.id}")
gitlab_shell.add_key('key-9876', 'ssh-rsa ASDFASDF')
@another_key = create(:key) # this one IS in the DB
end
it 'removes the keys' do gitlab_shell.remove_keys_not_found_in_db
expect(gitlab_shell).to receive(:remove_key).with('key-1234')
expect(gitlab_shell).to receive(:remove_key).with('key-9876')
expect(gitlab_shell).not_to receive(:remove_key).with("key-#{@another_key.id}")
gitlab_shell.remove_keys_not_found_in_db
end
end end
end end
context 'when keys there are duplicate keys in the file that are not in the DB' do context 'when keys there are duplicate keys in the file that are not in the DB' do
context 'authorized_keys_file not set' do before do
before do gitlab_shell.remove_all_keys
stub_gitlab_shell_setting(authorized_keys_file: nil) gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
gitlab_shell.remove_all_keys gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
end
it 'removes the keys' do
expect(gitlab_shell).to receive(:remove_key).with('key-1234')
gitlab_shell.remove_keys_not_found_in_db
end
end end
context 'authorized_keys_file set' do it 'removes the keys' do
before do expect(gitlab_shell).to receive(:remove_key).with('key-1234')
gitlab_shell.remove_all_keys
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
end
it 'removes the keys' do gitlab_shell.remove_keys_not_found_in_db
expect(gitlab_shell).to receive(:remove_key).with('key-1234')
gitlab_shell.remove_keys_not_found_in_db
end
end end
end end
context 'when keys there are duplicate keys in the file that ARE in the DB' do context 'when keys there are duplicate keys in the file that ARE in the DB' do
context 'authorized_keys_file not set' do before do
before do gitlab_shell.remove_all_keys
stub_gitlab_shell_setting(authorized_keys_file: nil) @key = create(:key)
gitlab_shell.remove_all_keys gitlab_shell.add_key(@key.shell_id, @key.key)
@key = create(:key)
gitlab_shell.add_key(@key.shell_id, @key.key)
end
it 'does not remove the key' do
expect(gitlab_shell).not_to receive(:remove_key).with("key-#{@key.id}")
gitlab_shell.remove_keys_not_found_in_db
end
end end
context 'authorized_keys_file set' do it 'does not remove the key' do
before do expect(gitlab_shell).not_to receive(:remove_key).with("key-#{@key.id}")
gitlab_shell.remove_all_keys
@key = create(:key)
gitlab_shell.add_key(@key.shell_id, @key.key)
end
it 'does not remove the key' do gitlab_shell.remove_keys_not_found_in_db
expect(gitlab_shell).not_to receive(:remove_key).with("key-#{@key.id}")
gitlab_shell.remove_keys_not_found_in_db
end
end end
end end
unless ENV['CI'] # Skip in CI, it takes 1 minute unless ENV['CI'] # Skip in CI, it takes 1 minute
context 'when the first batch can be skipped, but the next batch has keys that are not in the DB' do context 'when the first batch can be skipped, but the next batch has keys that are not in the DB' do
context 'authorized_keys_file not set' do before do
before do gitlab_shell.remove_all_keys
stub_gitlab_shell_setting(authorized_keys_file: nil) 100.times { |i| create(:key) } # first batch is all in the DB
gitlab_shell.remove_all_keys gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
100.times { |i| create(:key) } # first batch is all in the DB
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
end
it 'removes the keys not in the DB' do
expect(gitlab_shell).to receive(:remove_key).with('key-1234')
gitlab_shell.remove_keys_not_found_in_db
end
end end
context 'authorized_keys_file set' do it 'removes the keys not in the DB' do
before do expect(gitlab_shell).to receive(:remove_key).with('key-1234')
gitlab_shell.remove_all_keys
100.times { |i| create(:key) } # first batch is all in the DB
gitlab_shell.add_key('key-1234', 'ssh-rsa ASDFASDF')
end
it 'removes the keys not in the DB' do gitlab_shell.remove_keys_not_found_in_db
expect(gitlab_shell).to receive(:remove_key).with('key-1234')
gitlab_shell.remove_keys_not_found_in_db
end
end end
end end
end end