diff options
author | Douwe Maan <douwe@gitlab.com> | 2017-08-02 15:20:26 +0000 |
---|---|---|
committer | Douwe Maan <douwe@gitlab.com> | 2017-08-02 15:20:26 +0000 |
commit | 980eb544646cccf4dde60825452c59b13b14aa6d (patch) | |
tree | 0896f33aa907f726b4adac7cb99e94b8ea6e77b0 | |
parent | b3ff4c3d61b63bab1d6acf19099295799ce9b6a2 (diff) | |
parent | cc62be58f8ff3eefa4879b0db4356c43e1d870ca (diff) | |
download | gitlab-shell-980eb544646cccf4dde60825452c59b13b14aa6d.tar.gz |
Merge branch '100-require-tempfile' into 'master'v5.6.1
Fix SSH key and known_hosts support
Closes #100
See merge request !156
-rw-r--r-- | CHANGELOG | 4 | ||||
-rw-r--r-- | VERSION | 2 | ||||
-rw-r--r-- | lib/gitlab_projects.rb | 14 | ||||
-rw-r--r-- | spec/gitlab_projects_spec.rb | 19 |
4 files changed, 25 insertions, 14 deletions
@@ -1,3 +1,7 @@ +v 5.6.1 + - Fix setting permissions of SSH key tempfiles + - Fix a missing constant error when using SSH authentication + v.5.6.0 - SSH authentication support @@ -1 +1 @@ -5.6.0 +5.6.1 diff --git a/lib/gitlab_projects.rb b/lib/gitlab_projects.rb index 267c679..49a1d25 100644 --- a/lib/gitlab_projects.rb +++ b/lib/gitlab_projects.rb @@ -1,4 +1,5 @@ require 'fileutils' +require 'tempfile' require 'timeout' require 'open3' @@ -432,26 +433,29 @@ class GitlabProjects options = {} if ENV.key?('GITLAB_SHELL_SSH_KEY') - key_file = Tempfile.new('gitlab-shell-key-file', mode: 0o400) + key_file = Tempfile.new('gitlab-shell-key-file') + key_file.chmod(0o400) key_file.write(ENV['GITLAB_SHELL_SSH_KEY']) key_file.close options['IdentityFile'] = key_file.path - options['IdentitiesOnly'] = true + options['IdentitiesOnly'] = 'yes' end if ENV.key?('GITLAB_SHELL_KNOWN_HOSTS') - known_hosts_file = Tempfile.new('gitlab-shell-known-hosts', mode: 0o400) + known_hosts_file = Tempfile.new('gitlab-shell-known-hosts') + known_hosts_file.chmod(0o400) known_hosts_file.write(ENV['GITLAB_SHELL_KNOWN_HOSTS']) known_hosts_file.close - options['StrictHostKeyChecking'] = true + options['StrictHostKeyChecking'] = 'yes' options['UserKnownHostsFile'] = known_hosts_file.path end return yield({}) if options.empty? - script = Tempfile.new('gitlab-shell-ssh-wrapper', mode: 0o755) + script = Tempfile.new('gitlab-shell-ssh-wrapper') + script.chmod(0o755) script.write(custom_ssh_script(options)) script.close diff --git a/spec/gitlab_projects_spec.rb b/spec/gitlab_projects_spec.rb index 626f933..2220ee4 100644 --- a/spec/gitlab_projects_spec.rb +++ b/spec/gitlab_projects_spec.rb @@ -336,12 +336,15 @@ describe GitlabProjects do ENV.replace(original) end - def stub_tempfile(name, *args) + def stub_tempfile(name, filename, opts = {}) + chmod = opts.delete(:chmod) file = StringIO.new + allow(file).to receive(:close!) allow(file).to receive(:path).and_return(name) - expect(Tempfile).to receive(:new).with(*args).and_return(file) + expect(Tempfile).to receive(:new).with(filename).and_return(file) + expect(file).to receive(:chmod).with(chmod) if chmod file end @@ -397,14 +400,14 @@ describe GitlabProjects do end it 'sets GIT_SSH to a custom script' do - script = stub_tempfile('scriptFile', 'gitlab-shell-ssh-wrapper', mode: 0755) - key = stub_tempfile('/tmp files/keyFile', 'gitlab-shell-key-file', mode: 0400) + script = stub_tempfile('scriptFile', 'gitlab-shell-ssh-wrapper', chmod: 0o755) + key = stub_tempfile('/tmp files/keyFile', 'gitlab-shell-key-file', chmod: 0o400) stub_spawn({ 'GIT_SSH' => 'scriptFile' }, *cmd) expect(gl_projects.exec).to be true - expect(script.string).to eq("#!/bin/sh\nexec ssh '-oIdentityFile=\"/tmp files/keyFile\"' '-oIdentitiesOnly=\"true\"' \"$@\"") + expect(script.string).to eq("#!/bin/sh\nexec ssh '-oIdentityFile=\"/tmp files/keyFile\"' '-oIdentitiesOnly=\"yes\"' \"$@\"") expect(key.string).to eq('SSH KEY') end end @@ -418,14 +421,14 @@ describe GitlabProjects do end it 'sets GIT_SSH to a custom script' do - script = stub_tempfile('scriptFile', 'gitlab-shell-ssh-wrapper', mode: 0755) - key = stub_tempfile('/tmp files/knownHosts', 'gitlab-shell-known-hosts', mode: 0400) + script = stub_tempfile('scriptFile', 'gitlab-shell-ssh-wrapper', chmod: 0o755) + key = stub_tempfile('/tmp files/knownHosts', 'gitlab-shell-known-hosts', chmod: 0o400) stub_spawn({ 'GIT_SSH' => 'scriptFile' }, *cmd) expect(gl_projects.exec).to be true - expect(script.string).to eq("#!/bin/sh\nexec ssh '-oStrictHostKeyChecking=\"true\"' '-oUserKnownHostsFile=\"/tmp files/knownHosts\"' \"$@\"") + expect(script.string).to eq("#!/bin/sh\nexec ssh '-oStrictHostKeyChecking=\"yes\"' '-oUserKnownHostsFile=\"/tmp files/knownHosts\"' \"$@\"") expect(key.string).to eq('KNOWN HOSTS') end end |