Skip to content

Fix missing setting LDAP servers

Drew Blessing requested to merge dblessing_fix_ldap_server_config into master

What does this MR do?

Fix for #299608 (closed)

If LDAP is disabled in Omnibus, the LDAP servers configuration hash is not present. GitLab relies on this hash being present even when LDAP is disabled. Now we initialize the hash on startup.

This bug occurred due to a recent change in !51132 (merged). At that time it wasn't known that the hash syntax for SettingsLogic meant 'optional'. Regardless, the hash notation made the setting very difficult to stub in tests. Rather than go back and try to fix all the tests, it's simple and reasonable to initialize the servers hash on startup. We do this with lots of settings and it seems like the most minimal step to solve the problem.

Settingslogic::MissingSetting (Missing setting 'servers' in 'ldap' section in /opt/gitlab/embedded/service/gitlab-rails/config/gitlab.yml):
  
lib/gitlab/auth/ldap/config.rb:31:in `servers'
lib/gitlab/auth/ldap/config.rb:45:in `providers'
lib/gitlab/auth/o_auth/user.rb:153:in `ldap_person'
lib/gitlab/auth/o_auth/user.rb:146:in `creating_linked_ldap_user?'
lib/gitlab/auth/o_auth/user.rb:244:in `update_profile'
lib/gitlab/auth/o_auth/user.rb:29:in `initialize'

Screenshots (strongly suggested)

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by Drew Blessing

Merge request reports

Loading