authorized_keys file not rebuild on Geo secondary nodes
authorized_keys file is not rebuild on secondary nodes after the database replication. Meaning only new SSH keys are added via the system web hook.
Steps to reproduce
- Set up primary node.
- Add users, including them adding their SSH key to their profile.
- Set up secondary node (syncing, etc.) according to the documentation.
- Try to clone from the secondary node with the keypair configured in the primary before setting up the secondary.
What is the current bug behavior?
Unable to clone from the secondary node using the key added to the primary node.
What is the expected correct behavior?
Able to clone from both nodes.
Relevant logs and/or screenshots
$ git clone email@example.com:root/easy-config.git Cloning into 'easy-config'... remote: Counting objects: 1057, done. remote: Compressing objects: 100% (531/531), done. remote: Total 1057 (delta 473), reused 1057 (delta 473) Receiving objects: 100% (1057/1057), 773.95 KiB | 118.00 KiB/s, done. Resolving deltas: 100% (473/473), done. Checking connectivity... done.
$ git clone firstname.lastname@example.org:root/easy-config.git Cloning into 'easy-config'... Permission denied (publickey). fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists.
The authorized_keys file is not propagated on the secondary node.
root@first-mrchris-me:~# wc -l /var/opt/gitlab/.ssh/authorized_keys 6 /var/opt/gitlab/.ssh/authorized_keys
email@example.com:~# wc -l /var/opt/gitlab/.ssh/authorized_keys 0 /var/opt/gitlab/.ssh/authorized_keys
Execute the following on the secondary node
sudo gitlab-rake gitlab:shell:setup