Merge branch '100-require-tempfile' into 'master'v5.6.1

Fix SSH key and known_hosts support Closes #100 See merge request !156
author: Douwe Maan <douwe@gitlab.com> 2017-08-02 15:20:26 +0000
committer: Douwe Maan <douwe@gitlab.com> 2017-08-02 15:20:26 +0000
commit: 980eb544646cccf4dde60825452c59b13b14aa6d (patch)
tree: 0896f33aa907f726b4adac7cb99e94b8ea6e77b0
parent: b3ff4c3d61b63bab1d6acf19099295799ce9b6a2 (diff)
parent: cc62be58f8ff3eefa4879b0db4356c43e1d870ca (diff)
download: gitlab-shell-980eb544646cccf4dde60825452c59b13b14aa6d.tar.gz
4 files changed, 25 insertions, 14 deletions
diff --git a/CHANGELOG b/CHANGELOG
index ba593ea..786978a 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,7 @@
+v 5.6.1
+  - Fix setting permissions of SSH key tempfiles
+  - Fix a missing constant error when using SSH authentication
+
 v.5.6.0
   - SSH authentication support
 
diff --git a/VERSION b/VERSION
index 1bc788d..b7c7542 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-5.6.0
+5.6.1
diff --git a/lib/gitlab_projects.rb b/lib/gitlab_projects.rb
index 267c679..49a1d25 100644
--- a/lib/gitlab_projects.rb
+++ b/lib/gitlab_projects.rb
@@ -1,4 +1,5 @@
 require 'fileutils'
+require 'tempfile'
 require 'timeout'
 require 'open3'
 
@@ -432,26 +433,29 @@ class GitlabProjects
     options = {}
 
     if ENV.key?('GITLAB_SHELL_SSH_KEY')
-      key_file = Tempfile.new('gitlab-shell-key-file', mode: 0o400)
+      key_file = Tempfile.new('gitlab-shell-key-file')
+      key_file.chmod(0o400)
       key_file.write(ENV['GITLAB_SHELL_SSH_KEY'])
       key_file.close
 
       options['IdentityFile'] = key_file.path
-      options['IdentitiesOnly'] = true
+      options['IdentitiesOnly'] = 'yes'
     end
 
     if ENV.key?('GITLAB_SHELL_KNOWN_HOSTS')
-      known_hosts_file = Tempfile.new('gitlab-shell-known-hosts', mode: 0o400)
+      known_hosts_file = Tempfile.new('gitlab-shell-known-hosts')
+      known_hosts_file.chmod(0o400)
       known_hosts_file.write(ENV['GITLAB_SHELL_KNOWN_HOSTS'])
       known_hosts_file.close
 
-      options['StrictHostKeyChecking'] = true
+      options['StrictHostKeyChecking'] = 'yes'
       options['UserKnownHostsFile'] = known_hosts_file.path
     end
 
     return yield({}) if options.empty?
 
-    script = Tempfile.new('gitlab-shell-ssh-wrapper', mode: 0o755)
+    script = Tempfile.new('gitlab-shell-ssh-wrapper')
+    script.chmod(0o755)
     script.write(custom_ssh_script(options))
     script.close
 
diff --git a/spec/gitlab_projects_spec.rb b/spec/gitlab_projects_spec.rb
index 626f933..2220ee4 100644
--- a/spec/gitlab_projects_spec.rb
+++ b/spec/gitlab_projects_spec.rb
@@ -336,12 +336,15 @@ describe GitlabProjects do
       ENV.replace(original)
     end
 
-    def stub_tempfile(name, *args)
+    def stub_tempfile(name, filename, opts = {})
+      chmod = opts.delete(:chmod)
       file = StringIO.new
+
       allow(file).to receive(:close!)
       allow(file).to receive(:path).and_return(name)
 
-      expect(Tempfile).to receive(:new).with(*args).and_return(file)
+      expect(Tempfile).to receive(:new).with(filename).and_return(file)
+      expect(file).to receive(:chmod).with(chmod) if chmod
 
       file
     end
@@ -397,14 +400,14 @@ describe GitlabProjects do
       end
 
       it 'sets GIT_SSH to a custom script' do
-        script = stub_tempfile('scriptFile', 'gitlab-shell-ssh-wrapper', mode: 0755)
-        key = stub_tempfile('/tmp files/keyFile', 'gitlab-shell-key-file', mode: 0400)
+        script = stub_tempfile('scriptFile', 'gitlab-shell-ssh-wrapper', chmod: 0o755)
+        key = stub_tempfile('/tmp files/keyFile', 'gitlab-shell-key-file', chmod: 0o400)
 
         stub_spawn({ 'GIT_SSH' => 'scriptFile' }, *cmd)
 
         expect(gl_projects.exec).to be true
 
-        expect(script.string).to eq("#!/bin/sh\nexec ssh '-oIdentityFile=\"/tmp files/keyFile\"' '-oIdentitiesOnly=\"true\"' \"$@\"")
+        expect(script.string).to eq("#!/bin/sh\nexec ssh '-oIdentityFile=\"/tmp files/keyFile\"' '-oIdentitiesOnly=\"yes\"' \"$@\"")
         expect(key.string).to eq('SSH KEY')
       end
     end
@@ -418,14 +421,14 @@ describe GitlabProjects do
       end
 
       it 'sets GIT_SSH to a custom script' do
-        script = stub_tempfile('scriptFile', 'gitlab-shell-ssh-wrapper', mode: 0755)
-        key = stub_tempfile('/tmp files/knownHosts', 'gitlab-shell-known-hosts', mode: 0400)
+        script = stub_tempfile('scriptFile', 'gitlab-shell-ssh-wrapper', chmod: 0o755)
+        key = stub_tempfile('/tmp files/knownHosts', 'gitlab-shell-known-hosts', chmod: 0o400)
 
         stub_spawn({ 'GIT_SSH' => 'scriptFile' }, *cmd)
 
         expect(gl_projects.exec).to be true
 
-        expect(script.string).to eq("#!/bin/sh\nexec ssh '-oStrictHostKeyChecking=\"true\"' '-oUserKnownHostsFile=\"/tmp files/knownHosts\"' \"$@\"")
+        expect(script.string).to eq("#!/bin/sh\nexec ssh '-oStrictHostKeyChecking=\"yes\"' '-oUserKnownHostsFile=\"/tmp files/knownHosts\"' \"$@\"")
         expect(key.string).to eq('KNOWN HOSTS')
       end
     end
author	Douwe Maan <douwe@gitlab.com>	2017-08-02 15:20:26 +0000
committer	Douwe Maan <douwe@gitlab.com>	2017-08-02 15:20:26 +0000
commit	980eb544646cccf4dde60825452c59b13b14aa6d (patch)
tree	0896f33aa907f726b4adac7cb99e94b8ea6e77b0
parent	b3ff4c3d61b63bab1d6acf19099295799ce9b6a2 (diff)
parent	cc62be58f8ff3eefa4879b0db4356c43e1d870ca (diff)
download	gitlab-shell-980eb544646cccf4dde60825452c59b13b14aa6d.tar.gz