GitlabShell doesn't need to set GL_ID at all.

2 files changed, 8 insertions, 6 deletions

diff --git a/bin/gitlab-shell b/bin/gitlab-shell
index 8154029..084f0c9 100755
--- a/bin/gitlab-shell
+++ b/bin/gitlab-shell
@@ -5,6 +5,9 @@ unless ENV['SSH_CONNECTION']
   exit
 end
 
+key_id = /key-[0-9]+/.match(ARGV.join).to_s
+original_cmd = ENV['SSH_ORIGINAL_COMMAND']
+
 require_relative '../lib/gitlab_init'
 
 #
@@ -14,7 +17,7 @@ require_relative '../lib/gitlab_init'
 #
 require File.join(ROOT_PATH, 'lib', 'gitlab_shell')
 
-if GitlabShell.new.exec
+if GitlabShell.new(key_id, original_cmd).exec
   exit 0
 else
   exit 1
diff --git a/lib/gitlab_shell.rb b/lib/gitlab_shell.rb
index d075048..c26318a 100644
--- a/lib/gitlab_shell.rb
+++ b/lib/gitlab_shell.rb
@@ -9,9 +9,9 @@ class GitlabShell
 
   attr_accessor :key_id, :repo_name, :git_cmd, :repos_path, :repo_name
 
-  def initialize
-    @key_id = /key-[0-9]+/.match(ARGV.join).to_s
-    @origin_cmd = ENV['SSH_ORIGINAL_COMMAND']
+  def initialize(key_id, origin_cmd)
+    @key_id = key_id
+    @origin_cmd = origin_cmd
     @config = GitlabConfig.new
     @repos_path = @config.repos_path
   end
@@ -26,7 +26,6 @@ class GitlabShell
 
     raise DisallowedCommandError unless git_cmds.include?(@git_cmd)
 
-    ENV['GL_ID'] = @key_id
     status = api.check_access(@git_cmd, @repo_name, @key_id, '_any')
 
     raise AccessDeniedError, status.message unless status.allowed?
@@ -105,7 +104,7 @@ class GitlabShell
 
   # This method is not covered by Rspec because it ends the current Ruby process.
   def exec_cmd(*args)
-    Kernel::exec({ 'PATH' => ENV['PATH'], 'LD_LIBRARY_PATH' => ENV['LD_LIBRARY_PATH'], 'GL_ID' => ENV['GL_ID'] }, *args, unsetenv_others: true)
+    Kernel::exec({ 'PATH' => ENV['PATH'], 'LD_LIBRARY_PATH' => ENV['LD_LIBRARY_PATH'], 'GL_ID' => @key_id }, *args, unsetenv_others: true)
   end
 
   def api