Add latest changes from gitlab-org/gitlab@master

6 files changed, 128 insertions, 7 deletions

diff --git a/app/assets/javascripts/boards/components/boards_selector.vue b/app/assets/javascripts/boards/components/boards_selector.vue
index 32491dfbcb6..5d7be0c705a 100644
--- a/app/assets/javascripts/boards/components/boards_selector.vue
+++ b/app/assets/javascripts/boards/components/boards_selector.vue
@@ -315,8 +315,7 @@ export default {
 
           <gl-dropdown-item
             v-if="showDelete"
-            class="text-danger"
-            data-qa-selector="delete_board_button"
+            class="text-danger js-delete-board"
             @click.prevent="showPage('delete')"
           >
             {{ s__('IssueBoards|Delete board') }}
diff --git a/app/finders/keys_finder.rb b/app/finders/keys_finder.rb
new file mode 100644
index 00000000000..d6ba7cb290d
--- /dev/null
+++ b/app/finders/keys_finder.rb
@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+class KeysFinder
+  InvalidFingerprint = Class.new(StandardError)
+  GitLabAccessDeniedError = Class.new(StandardError)
+
+  FINGERPRINT_ATTRIBUTES = {
+    'sha256' => 'fingerprint_sha256',
+    'md5' => 'fingerprint'
+  }.freeze
+
+  def initialize(current_user, params)
+    @current_user = current_user
+    @params = params
+  end
+
+  def execute
+    raise GitLabAccessDeniedError unless current_user.admin?
+    raise InvalidFingerprint unless valid_fingerprint_param?
+
+    Key.where(fingerprint_query).first # rubocop: disable CodeReuse/ActiveRecord
+  end
+
+  private
+
+  attr_reader :current_user, :params
+
+  def valid_fingerprint_param?
+    if fingerprint_type == "sha256"
+      Base64.decode64(fingerprint).length == 32
+    else
+      fingerprint =~ /^(\h{2}:){15}\h{2}/
+    end
+  end
+
+  def fingerprint_query
+    fingerprint_attribute = FINGERPRINT_ATTRIBUTES[fingerprint_type]
+
+    Key.arel_table[fingerprint_attribute].eq(fingerprint)
+  end
+
+  def fingerprint_type
+    if params[:fingerprint].start_with?(/sha256:|SHA256:/)
+      "sha256"
+    else
+      "md5"
+    end
+  end
+
+  def fingerprint
+    if fingerprint_type == "sha256"
+      params[:fingerprint].gsub(/sha256:|SHA256:/, "")
+    else
+      params[:fingerprint]
+    end
+  end
+end
diff --git a/app/models/concerns/sha256_attribute.rb b/app/models/concerns/sha256_attribute.rb
new file mode 100644
index 00000000000..1bd1ad177a2
--- /dev/null
+++ b/app/models/concerns/sha256_attribute.rb
@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+module Sha256Attribute
+  extend ActiveSupport::Concern
+
+  class_methods do
+    def sha256_attribute(name)
+      return if ENV['STATIC_VERIFICATION']
+
+      validate_binary_column_exists!(name) unless Rails.env.production?
+
+      attribute(name, Gitlab::Database::Sha256Attribute.new)
+    end
+
+    # This only gets executed in non-production environments as an additional check to ensure
+    # the column is the correct type.  In production it should behave like any other attribute.
+    # See https://gitlab.com/gitlab-org/gitlab/merge_requests/5502 for more discussion
+    def validate_binary_column_exists!(name)
+      return unless database_exists?
+
+      unless table_exists?
+        warn "WARNING: sha256_attribute #{name.inspect} is invalid since the table doesn't exist - you may need to run database migrations"
+        return
+      end
+
+      column = columns.find { |c| c.name == name.to_s }
+
+      unless column
+        warn "WARNING: sha256_attribute #{name.inspect} is invalid since the column doesn't exist - you may need to run database migrations"
+        return
+      end
+
+      unless column.type == :binary
+        raise ArgumentError.new("sha256_attribute #{name.inspect} is invalid since the column type is not :binary")
+      end
+    rescue => error
+      Gitlab::AppLogger.error "Sha256Attribute initialization: #{error.message}"
+      raise
+    end
+
+    def database_exists?
+      ApplicationRecord.connection
+
+      true
+    rescue
+      false
+    end
+  end
+end
diff --git a/app/models/key.rb b/app/models/key.rb
index ff601966c26..f66aa4fb329 100644
--- a/app/models/key.rb
+++ b/app/models/key.rb
@@ -5,6 +5,9 @@ require 'digest/md5'
 class Key < ApplicationRecord
   include AfterCommitQueue
   include Sortable
+  include Sha256Attribute
+
+  sha256_attribute :fingerprint_sha256
 
   belongs_to :user
 
@@ -34,6 +37,8 @@ class Key < ApplicationRecord
   after_destroy :post_destroy_hook
   after_destroy :refresh_user_cache
 
+  alias_attribute :fingerprint_md5, :fingerprint
+
   def self.regular_keys
     where(type: ['Key', nil])
   end
@@ -114,10 +119,12 @@ class Key < ApplicationRecord
 
   def generate_fingerprint
     self.fingerprint = nil
+    self.fingerprint_sha256 = nil
 
     return unless public_key.valid?
 
-    self.fingerprint = public_key.fingerprint
+    self.fingerprint_md5 = public_key.fingerprint
+    self.fingerprint_sha256 = public_key.fingerprint("SHA256").gsub("SHA256:", "")
   end
 
   def key_meets_restrictions
diff --git a/app/services/git/base_hooks_service.rb b/app/services/git/base_hooks_service.rb
index d935d9e8cdc..a49983a84fc 100644
--- a/app/services/git/base_hooks_service.rb
+++ b/app/services/git/base_hooks_service.rb
@@ -163,7 +163,7 @@ module Git
     end
 
     def logger
-      if Sidekiq.server?
+      if Gitlab::Runtime.sidekiq?
         Sidekiq.logger
       else
         # This service runs in Sidekiq, so this shouldn't ever be
diff --git a/app/views/profiles/keys/_key_details.html.haml b/app/views/profiles/keys/_key_details.html.haml
index 0ef01dec493..02f1a267044 100644
--- a/app/views/profiles/keys/_key_details.html.haml
+++ b/app/views/profiles/keys/_key_details.html.haml
@@ -17,11 +17,21 @@
 
   .col-md-8
     = form_errors(@key, type: 'key') unless @key.valid?
-    %p
-      %span.light= _('Fingerprint:')
-      %code.key-fingerprint= @key.fingerprint
     %pre.well-pre
       = @key.key
+    .card
+      .card-header
+        = _('Fingerprints')
+      %ul.content-list
+        %li
+          %span.light= 'MD5:'
+          %code.key-fingerprint= @key.fingerprint
+        - if @key.fingerprint_sha256.present?
+          %li
+            %span.light= 'SHA256:'
+            %code.key-fingerprint= @key.fingerprint_sha256
+
+
   .col-md-12
     .float-right
       - if @key.can_delete?