Pass in ssl_cert_dir config setting

4 files changed, 36 insertions, 4 deletions

diff --git a/internal/command/authorizedkeys/authorized_keys.go b/internal/command/authorizedkeys/authorized_keys.go
index f1cab45..7554761 100644
--- a/internal/command/authorizedkeys/authorized_keys.go
+++ b/internal/command/authorizedkeys/authorized_keys.go
@@ -41,7 +41,7 @@ func (c *Command) printKeyLine() error {
 		return nil
 	}
 
-	keyLine, err := keyline.NewPublicKeyLine(strconv.FormatInt(response.Id, 10), response.Key, c.Config.RootDir)
+	keyLine, err := keyline.NewPublicKeyLine(strconv.FormatInt(response.Id, 10), response.Key, c.Config)
 	if err != nil {
 		return err
 	}
diff --git a/internal/command/authorizedkeys/authorized_keys_test.go b/internal/command/authorizedkeys/authorized_keys_test.go
index 4aa7586..e12f4fa 100644
--- a/internal/command/authorizedkeys/authorized_keys_test.go
+++ b/internal/command/authorizedkeys/authorized_keys_test.go
@@ -45,8 +45,12 @@ func TestExecute(t *testing.T) {
 	url, cleanup := testserver.StartSocketHttpServer(t, requests)
 	defer cleanup()
 
+	defaultConfig := &config.Config{RootDir: "/tmp", GitlabUrl: url}
+	configWithSslCertDir := &config.Config{RootDir: "/tmp", GitlabUrl: url, SslCertDir: "/tmp/certs"}
+
 	testCases := []struct {
 		desc           string
+		config         *config.Config
 		arguments      *commandargs.AuthorizedKeys
 		expectedOutput string
 	}{
@@ -56,6 +60,12 @@ func TestExecute(t *testing.T) {
 			expectedOutput: "command=\"/tmp/bin/gitlab-shell key-1\",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty public-key\n",
 		},
 		{
+			desc:           "With SSL cert dir",
+			config:         configWithSslCertDir,
+			arguments:      &commandargs.AuthorizedKeys{ExpectedUser: "user", ActualUser: "user", Key: "key"},
+			expectedOutput: "command=\"SSL_CERT_DIR=/tmp/certs /tmp/bin/gitlab-shell key-1\",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty public-key\n",
+		},
+		{
 			desc:           "When key doesn't match any existing key",
 			arguments:      &commandargs.AuthorizedKeys{ExpectedUser: "user", ActualUser: "user", Key: "not-found"},
 			expectedOutput: "# No key was found for not-found\n",
@@ -75,8 +85,14 @@ func TestExecute(t *testing.T) {
 	for _, tc := range testCases {
 		t.Run(tc.desc, func(t *testing.T) {
 			buffer := &bytes.Buffer{}
+
+			config := defaultConfig
+			if tc.config != nil {
+				config = tc.config
+			}
+
 			cmd := &Command{
-				Config:     &config.Config{RootDir: "/tmp", GitlabUrl: url},
+				Config:     config,
 				Args:       tc.arguments,
 				ReadWriter: &readwriter.ReadWriter{Out: buffer},
 			}
diff --git a/internal/command/authorizedprincipals/authorized_principals.go b/internal/command/authorizedprincipals/authorized_principals.go
index 10ae70e..ab5f2f8 100644
--- a/internal/command/authorizedprincipals/authorized_principals.go
+++ b/internal/command/authorizedprincipals/authorized_principals.go
@@ -36,7 +36,7 @@ func (c *Command) printPrincipalLines() error {
 }
 
 func (c *Command) printPrincipalLine(principal string) error {
-	principalKeyLine, err := keyline.NewPrincipalKeyLine(c.Args.KeyId, principal, c.Config.RootDir)
+	principalKeyLine, err := keyline.NewPrincipalKeyLine(c.Args.KeyId, principal, c.Config)
 	if err != nil {
 		return err
 	}
diff --git a/internal/command/authorizedprincipals/authorized_principals_test.go b/internal/command/authorizedprincipals/authorized_principals_test.go
index f0334e5..f11dd0f 100644
--- a/internal/command/authorizedprincipals/authorized_principals_test.go
+++ b/internal/command/authorizedprincipals/authorized_principals_test.go
@@ -12,8 +12,12 @@ import (
 )
 
 func TestExecute(t *testing.T) {
+	defaultConfig := &config.Config{RootDir: "/tmp"}
+	configWithSslCertDir := &config.Config{RootDir: "/tmp", SslCertDir: "/tmp/certs"}
+
 	testCases := []struct {
 		desc           string
+		config         *config.Config
 		arguments      *commandargs.AuthorizedPrincipals
 		expectedOutput string
 	}{
@@ -23,6 +27,12 @@ func TestExecute(t *testing.T) {
 			expectedOutput: "command=\"/tmp/bin/gitlab-shell username-key\",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty principal\n",
 		},
 		{
+			desc:           "With SSL cert dir",
+			config:         configWithSslCertDir,
+			arguments:      &commandargs.AuthorizedPrincipals{KeyId: "key", Principals: []string{"principal"}},
+			expectedOutput: "command=\"SSL_CERT_DIR=/tmp/certs /tmp/bin/gitlab-shell username-key\",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty principal\n",
+		},
+		{
 			desc:           "With multiple principals",
 			arguments:      &commandargs.AuthorizedPrincipals{KeyId: "key", Principals: []string{"principal-1", "principal-2"}},
 			expectedOutput: "command=\"/tmp/bin/gitlab-shell username-key\",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty principal-1\ncommand=\"/tmp/bin/gitlab-shell username-key\",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty principal-2\n",
@@ -32,8 +42,14 @@ func TestExecute(t *testing.T) {
 	for _, tc := range testCases {
 		t.Run(tc.desc, func(t *testing.T) {
 			buffer := &bytes.Buffer{}
+
+			config := defaultConfig
+			if tc.config != nil {
+				config = tc.config
+			}
+
 			cmd := &Command{
-				Config:     &config.Config{RootDir: "/tmp"},
+				Config:     config,
 				Args:       tc.arguments,
 				ReadWriter: &readwriter.ReadWriter{Out: buffer},
 			}