From a2258bafbcdb86d2da8454745f0bff037d8b4d11 Mon Sep 17 00:00:00 2001
From: Nick Thomas <nick@gitlab.com>
Date: Wed, 2 Aug 2017 13:09:14 +0100
Subject: Fix setting permissions of SSH key tempfiles

---
 lib/gitlab_projects.rb | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

(limited to 'lib/gitlab_projects.rb')

diff --git a/lib/gitlab_projects.rb b/lib/gitlab_projects.rb
index a8f57a7..49a1d25 100644
--- a/lib/gitlab_projects.rb
+++ b/lib/gitlab_projects.rb
@@ -433,26 +433,29 @@ class GitlabProjects
     options = {}
 
     if ENV.key?('GITLAB_SHELL_SSH_KEY')
-      key_file = Tempfile.new('gitlab-shell-key-file', mode: 0o400)
+      key_file = Tempfile.new('gitlab-shell-key-file')
+      key_file.chmod(0o400)
       key_file.write(ENV['GITLAB_SHELL_SSH_KEY'])
       key_file.close
 
       options['IdentityFile'] = key_file.path
-      options['IdentitiesOnly'] = true
+      options['IdentitiesOnly'] = 'yes'
     end
 
     if ENV.key?('GITLAB_SHELL_KNOWN_HOSTS')
-      known_hosts_file = Tempfile.new('gitlab-shell-known-hosts', mode: 0o400)
+      known_hosts_file = Tempfile.new('gitlab-shell-known-hosts')
+      known_hosts_file.chmod(0o400)
       known_hosts_file.write(ENV['GITLAB_SHELL_KNOWN_HOSTS'])
       known_hosts_file.close
 
-      options['StrictHostKeyChecking'] = true
+      options['StrictHostKeyChecking'] = 'yes'
       options['UserKnownHostsFile'] = known_hosts_file.path
     end
 
     return yield({}) if options.empty?
 
-    script = Tempfile.new('gitlab-shell-ssh-wrapper', mode: 0o755)
+    script = Tempfile.new('gitlab-shell-ssh-wrapper')
+    script.chmod(0o755)
     script.write(custom_ssh_script(options))
     script.close
 
-- 
cgit v1.2.1