Merge branch '38635-fix-gitlab-check-git-ssh-config' into 'master'

Whitelist authorized_keys.lock in the gitlab:check rake task

Closes #38635

See merge request gitlab-org/gitlab-ce!14624

3 files changed, 12 insertions, 1 deletions

diff --git a/changelogs/unreleased/38635-fix-gitlab-check-git-ssh-config.yml b/changelogs/unreleased/38635-fix-gitlab-check-git-ssh-config.yml
new file mode 100644
index 00000000000..49d0671233a
--- /dev/null
+++ b/changelogs/unreleased/38635-fix-gitlab-check-git-ssh-config.yml
@@ -0,0 +1,5 @@
+---
+title: Whitelist authorized_keys.lock in the gitlab:check rake task
+merge_request: 14624
+author:
+type: fixed
diff --git a/lib/system_check/app/git_user_default_ssh_config_check.rb b/lib/system_check/app/git_user_default_ssh_config_check.rb
index 7b486d78cf0..dfa8b8b3f5b 100644
--- a/lib/system_check/app/git_user_default_ssh_config_check.rb
+++ b/lib/system_check/app/git_user_default_ssh_config_check.rb
@@ -5,6 +5,7 @@ module SystemCheck
       # whitelisted as it may change the SSH client's behaviour dramatically.
       WHITELIST = %w[
         authorized_keys
+        authorized_keys.lock
         authorized_keys2
         known_hosts
       ].freeze
diff --git a/spec/lib/system_check/app/git_user_default_ssh_config_check_spec.rb b/spec/lib/system_check/app/git_user_default_ssh_config_check_spec.rb
index 7125bfcab59..a0fb86345f3 100644
--- a/spec/lib/system_check/app/git_user_default_ssh_config_check_spec.rb
+++ b/spec/lib/system_check/app/git_user_default_ssh_config_check_spec.rb
@@ -16,7 +16,12 @@ describe SystemCheck::App::GitUserDefaultSSHConfigCheck do
   end
 
   it 'only whitelists safe files' do
-    expect(described_class::WHITELIST).to contain_exactly('authorized_keys', 'authorized_keys2', 'known_hosts')
+    expect(described_class::WHITELIST).to contain_exactly(
+      'authorized_keys',
+      'authorized_keys2',
+      'authorized_keys.lock',
+      'known_hosts'
+    )
   end
 
   describe '#skip?' do