1. 08 Jan, 2018 10 commits
    • James Edwards-Jones's avatar
      Fix spec in shell_spec.rb · bd9ead68
      James Edwards-Jones authored
      The spec for "#add_key does nothing" would always have passed,
      since the expectation was on both the wrong object and message.
      bd9ead68
    • James Edwards-Jones's avatar
      40e3d9f3
    • Valery Sizov's avatar
      d9557e43
    • Sean McGivern's avatar
    • Paco Guzman's avatar
      Avoid adding index if already exists · d2f4e8f9
      Paco Guzman authored
      d2f4e8f9
    • Michael Kozono's avatar
      Backport authorized_keys_enabled defaults to true' · 797fe0a6
      Michael Kozono authored
      Originally from branch 'fix-authorized-keys-enabled-default-2738' via merge request https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2240
      
      Removed background migrations which were intended to fix state after using Gitlab
      without a default having been set
      
      Squashed commits:
      Locally, if Spring was not restarted, `current_application_settings` was still cached, which prevented the migration from editing the file. This will also ensure that any app server somehow hitting old cache data will properly default this setting regardless.
      Retroactively fix migration
        This allows us to identify customers who ran the broken migration. Their `authorized_keys_enabled` column does not have a default at this point.
        We will fix the column after we fix the `authorized_keys` file.
      Fix authorized_keys file if needed
      Add default to authorized_keys_enabled setting
        Reminder: The original migration was fixed retroactively a few commits ago, so people who did not ever run GitLab 9.3.0 already have a column that defaults to true and disallows nulls. I have tested on PostgreSQL and MySQL that it is safe to run this migration regardless.
        Affected customers who did run 9.3.0 are the ones who need this migration to fix the authorized_keys_enabled column.
        The reason for the retroactive fix plus this migration is that it allows us to run a migration in between to fix the authorized_keys file only for those who ran 9.3.0.
      Tweaks to address feedback
      Extract work into background migration
      Move batch-add-logic to background migration
        Do the work synchronously to avoid multiple workers attempting to add batches of keys at the same time.
        Also, make the delete portion wait until after adding is done.
      Do read and delete work in background migration
      Fix Rubocop offenses
      Add changelog entry
      Inform the user of actions taken or not taken
      Prevent unnecessary `select`s and `remove_key`s
      Add logs for action taken
      Fix optimization
      Reuse `Gitlab::ShellAdapter`
      Guarantee the earliest key
      Fix migration spec for MySQL
      797fe0a6
    • Rémy Coutable's avatar
      Use ApplicationSetting.current in Admin::ApplicationSettingsController · bcffeade
      Rémy Coutable authored
      See merge request gitlab-org/gitlab-ee!3323
      
      Backported as part of authorized_keys in https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/16014
      bcffeade
    • Ernst van Nierop's avatar
      Combine ssh docs and rename the doc · 07bd79cd
      Ernst van Nierop authored
      Backport to CE, originally branch 'evn-ssh-clarify-docs
      
      See merge request gitlab-org/gitlab-ee!3753
      07bd79cd
    • Michael Kozono's avatar
      Backport option to disable writing to `authorized_keys` file · 255a0f85
      Michael Kozono authored
      Originally branch 'mk-toggle-writing-to-auth-keys-1631'
      
      See merge request !2004
      
      Squashed commits:
      Add authorized_keys_enabled to Application Settings
      Ensure default settings are exposed in UI
      Without this change, `authorized_keys_enabled` is unchecked when it is nil, even if it should be checked by default.
      Add “Speed up SSH operations” documentation
      Clarify the reasons for disabling writes
      Add "How to go back" section
      Tweak copy
      Update Application Setting screenshot
      255a0f85
    • Pablo Carranza's avatar
      Backport authorized_keys branch 'find-key-by-fingerprint' · ac86b204
      Pablo Carranza authored
      Add find key by base64 key or fingerprint to the internal API
      
      See merge request !250
      
      Squashed changes:
      Add unique index to fingerprint
      Add new index to schema
      Add internal api to get ssh key by fingerprint
      Change API endpoint to authorized_keys
      Add InsecureKeyFingerprint that calculates the fingerprint without shelling out
      Add require for gitlab key fingerprint
      Remove uniqueness of fingerprint index
      Remove unique option from migration
      Fix spec style in fingerprint test
      Fix rubocop complain
      Extract insecure key fingerprint to separate file
      Change migration to support building index concurrently
      Remove those hideous tabs
      ac86b204
  2. 05 Jan, 2018 30 commits