Log SSH key detailssh-log-ssh-key-details

Right now when a client such as gitlab-shell calls the
`/api/v4/internal/allowed` API, the response only tells the client what
user has been granted access, and it's impossible to tell which deploy
key/token was used in the authentication request.

This commit adds logs for the following when available:

1. `gl_key_type` (e.g. `deploy_key` or `key`)
2. `gl_key_id`

These fields make it possible for admins to identify the exact record
that was used to authenticate the user.

API changes in the `/internal/allowed` endpoint in
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37289 are needed
to support this.

Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/203

1 files changed, 3 insertions, 0 deletions

diff --git a/internal/command/uploadpack/gitalycall_test.go b/internal/command/uploadpack/gitalycall_test.go
index cf3e621..234319f 100644
--- a/internal/command/uploadpack/gitalycall_test.go
+++ b/internal/command/uploadpack/gitalycall_test.go
@@ -45,6 +45,8 @@ func TestUploadPack(t *testing.T) {
 	assert.Equal(t, 2, len(entries))
 	require.Contains(t, entries[1].Message, "executing git command")
 	require.Contains(t, entries[1].Message, "command=git-upload-pack")
+	require.Contains(t, entries[1].Message, "gl_key_type=key")
+	require.Contains(t, entries[1].Message, "gl_key_id=123")
 
 	for k, v := range map[string]string{
 		"gitaly-feature-cache_invalidator":        "true",
@@ -55,4 +57,5 @@ func TestUploadPack(t *testing.T) {
 		assert.Equal(t, v, actual[0])
 	}
 	assert.Empty(t, testServer.ReceivedMD["some-other-ff"])
+
 }