Fix missing setting LDAP servers
What does this MR do?
Fix for #299608 (closed)
If LDAP is disabled in Omnibus, the LDAP servers
configuration
hash is not present. GitLab relies on this hash being present
even when LDAP is disabled. Now we initialize the hash on
startup.
This bug occurred due to a recent change in !51132 (merged). At that time it wasn't known that the hash syntax for SettingsLogic meant 'optional'. Regardless, the hash notation made the setting very difficult to stub in tests. Rather than go back and try to fix all the tests, it's simple and reasonable to initialize the servers
hash on startup. We do this with lots of settings and it seems like the most minimal step to solve the problem.
Settingslogic::MissingSetting (Missing setting 'servers' in 'ldap' section in /opt/gitlab/embedded/service/gitlab-rails/config/gitlab.yml):
lib/gitlab/auth/ldap/config.rb:31:in `servers'
lib/gitlab/auth/ldap/config.rb:45:in `providers'
lib/gitlab/auth/o_auth/user.rb:153:in `ldap_person'
lib/gitlab/auth/o_auth/user.rb:146:in `creating_linked_ldap_user?'
lib/gitlab/auth/o_auth/user.rb:244:in `update_profile'
lib/gitlab/auth/o_auth/user.rb:29:in `initialize'
Screenshots (strongly suggested)
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team