delta/gitlab/gitlab-shell.git/internal/command, branch zj-remove-testify-assert gitlab.com: gitlab-org/gitlab-shell.git tests: Replace assert with require 2020-10-15T06:44:05+00:00 Zeger-Jan van de Weg git@zjvandeweg.nl 2020-10-15T06:44:05+00:00 308948b3838c88621e738762241e8d1980881a17 Testify features sub packages `assert` and `require`. The difference is subtle, and lost on novice Golang developers that don't read the docs. To create a more consistent code base `assert` will no longer be used. This change was generated by a running a sed command on all `_test.go` files, followed by `goimports -w`. 
Testify features sub packages `assert` and `require`. The difference is
subtle, and lost on novice Golang developers that don't read the docs.
To create a more consistent code base `assert` will no longer be used.

This change was generated by a running a sed command on all `_test.go`
files, followed by `goimports -w`.
Drop "generated random correlation ID" log message 2020-10-13T21:17:46+00:00 Stan Hu stanhu@gmail.com 2020-10-13T21:15:46+00:00 9fe764b25e1e860fbabbe4d89326b78e622243a9 This message happens all the time and doesn't add a lot of value. Relates to https://gitlab.com/gitlab-com/gl-infra/delivery/-/issues/1275 
This message happens all the time and doesn't add a lot of value.

Relates to https://gitlab.com/gitlab-com/gl-infra/delivery/-/issues/1275
Make it possible to propagate correlation ID across processes 2020-09-21T04:40:40+00:00 Stan Hu stanhu@gmail.com 2020-09-19T10:34:49+00:00 a487572a904cc149840488eefdfe121173d8bcb5 Previously, gitlab-shell did not pass a context through the application. Correlation IDs were generated down the call stack instead of passed around from the start execution. This has several potential downsides: 1. It's easier for programming mistakes to be made in future that lead to multiple correlation IDs being generated for a single request. 2. Correlation IDs cannot be passed in from upstream requests 3. Other advantages of context passing, such as distributed tracing is not possible. This commit changes the behavior: 1. Extract the correlation ID from the environment at the start of the application. 2. If no correlation ID exists, generate a random one. 3. Pass the correlation ID to the GitLabNet API requests. This change also enables other clients of GitLabNet (e.g. Gitaly) to pass along the correlation ID in the internal API requests (https://gitlab.com/gitlab-org/gitaly/-/issues/2725). Fixes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/474 
Previously, gitlab-shell did not pass a context through the application.
Correlation IDs were generated down the call stack instead of passed
around from the start execution.

This has several potential downsides:

1. It's easier for programming mistakes to be made in future that lead
to multiple correlation IDs being generated for a single request.
2. Correlation IDs cannot be passed in from upstream requests
3. Other advantages of context passing, such as distributed tracing is
not possible.

This commit changes the behavior:

1. Extract the correlation ID from the environment at the start of
the application.
2. If no correlation ID exists, generate a random one.
3. Pass the correlation ID to the GitLabNet API requests.

This change also enables other clients of GitLabNet (e.g. Gitaly) to
pass along the correlation ID in the internal API requests
(https://gitlab.com/gitlab-org/gitaly/-/issues/2725).

Fixes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/474
Add support obtaining personal access tokens via SSH 2020-08-17T15:16:06+00:00 Taylan Develioglu taylan.develioglu@booking.com 2020-07-06T12:09:55+00:00 b8d66d7923150402f54f13d793d3051efab3a832 Implements the feature requested in gitlab-org/gitlab#19672 This requires the internal api counterpart in gitlab-org/gitlab!36302 to be merged first. It can be used as follows: ``` censored@censored-VirtualBox:~/git/gitlab$ ssh git@gitlab-2004 personal_access_token remote: remote: ======================================================================== remote: remote: Usage: personal_access_token <name> <scope1[,scope2,...]> [ttl_days] remote: remote: ======================================================================== remote: censored@censored-VirtualBox:~/git/gitlab$ ssh git@gitlab-2004 personal_access_token newtoken read_api,read_repository 30 Token: aAY1G3YPeemECgUvxuXY Scopes: read_api,read_repository Expires: 2020-08-07 ``` 
Implements the feature requested in gitlab-org/gitlab#19672

This requires the internal api counterpart in gitlab-org/gitlab!36302 to
be merged first.

It can be used as follows:
```
censored@censored-VirtualBox:~/git/gitlab$ ssh git@gitlab-2004 personal_access_token
remote:
remote: ========================================================================
remote:
remote: Usage: personal_access_token <name> <scope1[,scope2,...]> [ttl_days]
remote:
remote: ========================================================================
remote:

censored@censored-VirtualBox:~/git/gitlab$ ssh git@gitlab-2004 personal_access_token newtoken read_api,read_repository 30
Token:   aAY1G3YPeemECgUvxuXY
Scopes:  read_api,read_repository
Expires: 2020-08-07
```
Generate and log correlation IDs 2020-07-31T12:58:42+00:00 Stan Hu stanhu@gmail.com 2020-07-31T12:58:42+00:00 87402ed127d9855b8123e5e08a4c89d373cc79e8 This will make it easier to tie an SSH access request to Rails API and Gitaly requests. 
This will make it easier to tie an SSH access request to Rails API and
Gitaly requests.
Log SSH key details 2020-07-23T06:19:57+00:00 Stan Hu stanhu@gmail.com 2020-07-23T06:19:57+00:00 6555cb81641af139aa65865c4a749a8c7d53e07e Right now when a client such as gitlab-shell calls the `/api/v4/internal/allowed` API, the response only tells the client what user has been granted access, and it's impossible to tell which deploy key/token was used in the authentication request. This commit adds logs for the following when available: 1. `gl_key_type` (e.g. `deploy_key` or `key`) 2. `gl_key_id` These fields make it possible for admins to identify the exact record that was used to authenticate the user. API changes in the `/internal/allowed` endpoint in https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37289 are needed to support this. Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/203 
Right now when a client such as gitlab-shell calls the
`/api/v4/internal/allowed` API, the response only tells the client what
user has been granted access, and it's impossible to tell which deploy
key/token was used in the authentication request.

This commit adds logs for the following when available:

1. `gl_key_type` (e.g. `deploy_key` or `key`)
2. `gl_key_id`

These fields make it possible for admins to identify the exact record
that was used to authenticate the user.

API changes in the `/internal/allowed` endpoint in
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37289 are needed
to support this.

Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/203
Log remote IP for executed commands 2020-07-20T20:15:49+00:00 Stan Hu stanhu@gmail.com 2020-07-20T06:24:32+00:00 7d62bbc3dd92f1e73b3e2a199f6b6b613d5821d9 Admins may want to know what client IP originated the request. This commit adds a `remote_ip` field to the log that extracts the IP address from the `SSH_CONNECTION` environment variable. Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/199 
Admins may want to know what client IP originated the request. This
commit adds a `remote_ip` field to the log that extracts the IP address
from the `SSH_CONNECTION` environment variable.

Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/199
Pass in ssl_cert_dir config setting 2020-07-02T07:40:22+00:00 Ash McKenzie amckenzie@gitlab.com 2020-07-01T10:02:32+00:00 fe09c395e8d64555fbc8f0f32f4606870f3c2e90 






Fix race conditions with logrus testing
2020-05-12T05:31:13+00:00

Stan Hu
stanhu@gmail.com

2020-05-12T05:02:58+00:00

0372634076cdfd7cda740cd040e16e629ea662e4

logrus fires a Goroutine to write logs, so the tests could fail if they
checked the event queue before the logrus have fired.  Since there isn't
an easy way to flush all outstanding hooks, we just retry every 100 ms
for up to a second for log to arrive in the queue.

Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/450





logrus fires a Goroutine to write logs, so the tests could fail if they
checked the event queue before the logrus have fired.  Since there isn't
an easy way to flush all outstanding hooks, we just retry every 100 ms
for up to a second for log to arrive in the queue.

Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/450







Fix race conditions in tests
2020-05-08T22:40:18+00:00

Stan Hu
stanhu@gmail.com

2020-05-08T22:40:18+00:00

c0cf314c5722a4f7ec0a1f355d23fa2511344989

Calling logrus hook.LastEntry() can lead to race conditions.  Use
AllEntries instead:
https://github.com/sirupsen/logrus/blob/60c74ad9be0d874af0ab0daef6ab07c5c5911f0d/hooks/test/test.go#L77

Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/450





Calling logrus hook.LastEntry() can lead to race conditions.  Use
AllEntries instead:
https://github.com/sirupsen/logrus/blob/60c74ad9be0d874af0ab0daef6ab07c5c5911f0d/hooks/test/test.go#L77

Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/450