Red herring warning message with the fetch_remote gitlab-projects call
Summary
A message like this is always outputted by the SSH client when it fetches a remote using the newly-added (https://gitlab.com/gitlab-org/gitlab-ee/issues/98) known_hosts support:
Failed to add the ECDSA host key for IP address 'x.y.z.w' to the list of known hosts (/tmp/gitlab-shell-known-hostsXXXXX).
Sometimes this message is surfaced to the user (e.g., pull repository mirroring when the fetch fails for some reason). It attracts attention and makes people think it's the problem, when it's actually a harmless warning:
When the import_url contains a hostname, we generate a known_hosts file containing entries just for the hostnames. SSH's default behaviour is to add the host keys for the IP the hostname resolves to, if it's not already there. Since the temporary file is mode 0400, it can't do that, and the above warning message is shown.
Steps to reproduce
What is the current bug behavior?
Misleading error message shown
What is the expected correct behavior?
No warning message
Possible fixes
We can either find the option that turns off the IP-known-host-writing behaviour, or we can just make the known_hosts file mode 0600.