Merge branch 'workhorse-secret-trailing-newline' into 'master'

Allow trailing newline in secret base64 data

Fixes https://gitlab.com/gitlab-org/omnibus-gitlab/issues/1575

See merge request !6327

2 files changed, 6 insertions, 1 deletions

diff --git a/lib/gitlab/workhorse.rb b/lib/gitlab/workhorse.rb
index efe4aeb399d..60aae541d46 100644
--- a/lib/gitlab/workhorse.rb
+++ b/lib/gitlab/workhorse.rb
@@ -102,7 +102,7 @@ module Gitlab
 
       def secret
         @secret ||= begin
-          bytes = Base64.strict_decode64(File.read(secret_path))
+          bytes = Base64.strict_decode64(File.read(secret_path).chomp)
           raise "#{secret_path} does not contain #{SECRET_LENGTH} bytes" if bytes.length != SECRET_LENGTH
           bytes
         end
diff --git a/spec/lib/gitlab/workhorse_spec.rb b/spec/lib/gitlab/workhorse_spec.rb
index 395192149a9..6c7fa7e7c15 100644
--- a/spec/lib/gitlab/workhorse_spec.rb
+++ b/spec/lib/gitlab/workhorse_spec.rb
@@ -30,6 +30,11 @@ describe Gitlab::Workhorse, lib: true do
       expect(subject.encoding).to eq(Encoding::ASCII_8BIT)
     end
 
+    it 'accepts a trailing newline' do
+      open(described_class.secret_path, 'a') { |f| f.write "\n" }
+      expect(subject.length).to eq(32)
+    end
+
     it 'raises an exception if the secret file cannot be read' do
       File.delete(described_class.secret_path)
       expect { subject }.to raise_exception(Errno::ENOENT)