diff options
author | Patricio Cano <suprnova32@gmail.com> | 2016-08-25 17:34:34 -0500 |
---|---|---|
committer | Patricio Cano <suprnova32@gmail.com> | 2016-09-06 12:06:45 -0500 |
commit | dbf374e10ad859a02ef69af53031e245913b6e65 (patch) | |
tree | 304e387c2702db9f9685f8a951ef3d65c60ad09c /lib/gitlab_shell.rb | |
parent | c6d8af599dc797ec8ba7874380abad393b439c9e (diff) | |
download | gitlab-shell-dbf374e10ad859a02ef69af53031e245913b6e65.tar.gz |
Added LFS support to SSH
- Required changes to GitLab Shell include the actual handling of the `git-lfs-authenticate` command and the retrieval of the correct credentials.
Diffstat (limited to 'lib/gitlab_shell.rb')
-rw-r--r-- | lib/gitlab_shell.rb | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/lib/gitlab_shell.rb b/lib/gitlab_shell.rb index 1fdb9e5..ab98a6e 100644 --- a/lib/gitlab_shell.rb +++ b/lib/gitlab_shell.rb @@ -1,4 +1,6 @@ require 'shellwords' +require 'base64' +require 'json' require_relative 'gitlab_net' @@ -11,7 +13,7 @@ class GitlabShell API_COMMANDS = %w(2fa_recovery_codes) GL_PROTOCOL = 'ssh'.freeze - attr_accessor :key_id, :repo_name, :command + attr_accessor :key_id, :repo_name, :command, :git_access, :repository_http_path attr_reader :repo_path def initialize(key_id) @@ -94,6 +96,7 @@ class GitlabShell raise AccessDeniedError, status.message unless status.allowed? self.repo_path = status.repository_path + @repository_http_path = status.repository_http_path end def process_cmd(args) @@ -117,6 +120,11 @@ class GitlabShell $logger.info "gitlab-shell: executing git-annex command <#{parsed_args.join(' ')}> for #{log_username}." exec_cmd(*parsed_args) + + elsif @command == 'git-lfs-authenticate' + $logger.info "gitlab-shell: Processing LFS authentication for #{log_username}." + lfs_authenticate + else $logger.info "gitlab-shell: executing git command <#{@command} #{repo_path}> for #{log_username}." exec_cmd(@command, repo_path) @@ -184,6 +192,19 @@ class GitlabShell non_dashed[0, 2] == %w{git-annex-shell gcryptsetup} end + def lfs_authenticate + return unless user + + authorization = { + header: { + Authorization: "Basic #{Base64.strict_encode64("#{user['username']}:#{user['lfs_token']}")}" + }, + href: "#{repository_http_path}/info/lfs/" + } + + puts JSON.generate(authorization) + end + private def continue?(question) |