Geo Check Rake Task Fails to Recognize SSH FastKeys Configuration
Summary
Configure a node for geo and run /opt/gitlab/bin/gitlab-rake gitlab:geo:check
The regular expression inside the rake task will fail to recognize some validation configurations.
Steps to reproduce
Deploy GitLab Geo and configure ssh-fast-keys
.
Run /opt/gitlab/bin/gitlab-rake gitlab:geo:check
What is the current bug behavior?
Checking Geo ...
GitLab Geo is available ... yes
GitLab Geo is enabled ... yes
This machine's Geo node name matches a database record ... yes, found a primary node named "main"
HTTP/HTTPS repository cloning is enabled ... yes
Machine clock is synchronized ... yes
Git user has default SSH configuration? ... yes
OpenSSH configured to use AuthorizedKeysCommand ... no
Reason:
OpenSSH configuration file does not contain a AuthorizedKeysCommand
Try fixing it:
Change your OpenSSH configuration file pointing to the correct command
For more information see:
doc/administration/operations/fast_ssh_key_lookup.md
GitLab configured to disable writing to authorized_keys file ... yes
GitLab configured to store new projects in hashed storage? ... yes
All projects are in hashed storage? ... yes
Checking Geo ... Finished
What is the expected correct behavior?
Checking Geo ...
GitLab Geo is available ... yes
GitLab Geo is enabled ... yes
This machine's Geo node name matches a database record ... yes, found a primary node named "main"
HTTP/HTTPS repository cloning is enabled ... yes
Machine clock is synchronized ... yes
Git user has default SSH configuration? ... yes
OpenSSH configured to use AuthorizedKeysCommand ... yes
GitLab configured to disable writing to authorized_keys file ... yes
GitLab configured to store new projects in hashed storage? ... yes
All projects are in hashed storage? ... yes
Checking Geo ... Finished
Relevant logs and/or screenshots
Match User git
AuthorizedKeysCommand /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell-authorized-keys-check git %u %k
AuthorizedKeysCommandUser git
Match all
Possible fixes
I have a merge request prepared; just making the issue to file it against.