From 4cee52bd7c4c3bae04e143b4b2dd9f185514a4fd Mon Sep 17 00:00:00 2001 From: Patrick Bajao Date: Fri, 30 Aug 2019 07:51:06 +0800 Subject: Repurpose bin/authorized_keys script It's been replaced by `gitlab-shell-authorized-keys-check` and it's also calling the `/authorized_keys` endpoint via Ruby. Since they have the same functionality as the new binary, better to call that instead to make it SSOT for authorized keys requests. --- bin/authorized_keys | 28 ++++++---------------------- 1 file changed, 6 insertions(+), 22 deletions(-) diff --git a/bin/authorized_keys b/bin/authorized_keys index ca01646..206a17d 100755 --- a/bin/authorized_keys +++ b/bin/authorized_keys @@ -1,25 +1,9 @@ -#!/usr/bin/env ruby +#!/bin/sh +# Legacy script used for AuthorizedKeysCommand when configured without username. +# Executes gitlab-shell-authorized-keys-check with "git" as expected and actual +# username and with the passed key. # -# GitLab shell authorized_keys. Query GitLab API to get the authorized command for a given ssh key fingerprint -# -# Ex. -# /bin/authorized_keys BASE64-KEY -# -# Returns -# command="/bin/gitlab-shell key-#",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQA... -# - -key = ARGV[0] -abort "# No key provided" if key.nil? || key.empty? - -require_relative "../lib/gitlab_init" -require_relative "../lib/gitlab_net" -require_relative "../lib/gitlab_keys" +# TODO: Remove this in https://gitlab.com/gitlab-org/gitlab-shell/issues/209. -authorized_key = GitlabNet.new.authorized_key(key) -if authorized_key.nil? - puts "# No key was found for #{key}" -else - puts GitlabKeys.key_line("key-#{authorized_key['id']}", authorized_key["key"]) -end +$(dirname $0)/gitlab-shell-authorized-keys-check git git $1 -- cgit v1.2.1