Add host_keys parameter to remote mirrors REST API

Vasilii Iakliushinrequested to merge
588363-add-host-keys-to-remote-mirrors-api into master

What does this MR do and why?

Contributes to #517970

Problem

Users cannot set SSH host keys programmatically via the Remote Mirror API. They must use the UI to enter or detect the remote host's SSH fingerprints, making automation of push mirror creation impossible when using ssh_public_key authentication.

Solution

Add host_keys parameter to POST and PUT endpoints for remote mirrors. The parameter accepts an array of SSH host keys in either bare format (ssh-ed25519 AAAA...) or full known_hosts format (hostname ssh-ed25519 AAAA...). Bare keys automatically use the hostname extracted from the mirror URL.

Introduce RemoteMirrors::HostKeysConverter class to convert the API format to the internal ssh_known_hosts string format.

References

Screenshots or screen recordings

N/A - API change only

How to set up and validate locally

  1. Create a push mirror with SSH URL and auth_method: ssh_public_key: 
    curl --request POST \
  --header "PRIVATE-TOKEN: <token>" \
  --data "url=ssh://git@example.com/repo.git" \
  --data "auth_method=ssh_public_key" \
  --data "host_keys[]=ssh-ed25519 AAAAC3NzaC1..." \
  "https://gitlab.example.com/api/v4/projects/:id/remote_mirrors"
  2. Verify the mirror is created with the provided SSH host keys

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Vasilii Iakliushin

Merge request reports