Don't rewrite non-gitea public keys #906
Conversation
models/ssh_key.go
Outdated
| if err != nil { | ||
| f.Close() |
There was a problem hiding this comment.
can we defer f.Close() instead?
There was a problem hiding this comment.
No. We have to close the file and then rename it from tmp to normal.
There was a problem hiding this comment.
you can still defer f.Close(), it will just not do anything if it's already closed :)
There was a problem hiding this comment.
So it's no need to use defer f.Close().
There was a problem hiding this comment.
defer f.Close() is good practice, if I'm not familiar with the code-base I'd assume that it defers it and then we have a bug 🙁
There was a problem hiding this comment.
👍 for defer, it's common practice to make sure the file gets always closed.
There was a problem hiding this comment.
That way you can also skip all the f.Close() calls.
|
It seems drone down? |
tboerger
added
the
lgtm/need 2
|
If I read the code correctly you're using full path to the gitea binary as the "tag", correct ? |
|
I'd like to suggest to add new config option like "KEY_PREFIX_ID". By default KEY_PREFIX_ID should be an UUID that is generated during installation. |
|
I did not consider to move the place of the Gate binary. |
|
As a contribution for the discussion, gitolite marks its section
with start and end block comments:
```
# gitolite start
...
# gitolite end
```
|
|
The prefix configuration would suffer from the same issue: if
it changes, the match would fail.
Let's say this version LGTM - can be improved later.
At least this version does not require changing existing deploys,
and should work as long as the SSH access to repos work.
|
tboerger
added
lgtm/need 1
|
I would read the file line-by-line, appending each to the list of keys we wanna write. Sort the list, step through and remove duplicates. Pseudo-code as fuck because I'm tired keys := getListsAsStringSlice()
f, _ := os.Open("authorized_keys")
for line := f.ReadLine() {
keys := append(keys, line)
}
strings.Sort(keys)
outKeys := []string{keys[0]}
for i := 1; i < len(keys) - 1; i++ {
if keys[i] != keys[i-1] {
outKeys = append(outKeys, keys[i])
}
}
f.Seek(0, io.SeekStart)
f.Write(outKeys) |
|
@bkcsoft You have to consider backup if the machine is down when it's writing keys. So |
|
@travnick do you mean on the comment? |
|
@lunny what are you asking about exactly? |
|
@lunny |
lunny
force-pushed
the
lunny/fix_publick_rewrite
branch
from
6ab5f22
to
671781e
Compare
| for scanner.Scan() { | ||
| line := scanner.Text() | ||
| if strings.HasPrefix(line, tplCommentPrefix) { | ||
| scanner.Scan() |
There was a problem hiding this comment.
This will skip every other line no?
There was a problem hiding this comment.
This will skip always the next line if the current line is the prefix
|
Isn't it easier to have a start and an end marker line gitolite? |
|
It's also easy to this one. but it seems no need to add |
|
But this implementation is harder to understand, at least that's my opinion. |
|
But it works. We can improve it in v1.2. |
| Content string | ||
| } | ||
|
|
||
| err = x.Iterate(new(PublicKey), func(idx int, bean interface{}) (err error) { |
There was a problem hiding this comment.
Is this assuming all authorized_keys belong to gitea ?
There was a problem hiding this comment.
If it's an old gitea, of course because every time you add a new public key. it will remove other non-gitea public key.
There was a problem hiding this comment.
For a new gitea, this will not be executed.
No, we'd have to change for v2.0 since that would be a breaking change |
|
Where is the breakage? |
|
The breakage is in the expected behaviour. Anyhow, this is LGTM to me 🙂 |
tboerger
added
lgtm/done
This will fix #424