Validate the 'sync_ssh_keys' LDAP setting
Allowed values are: false
and strings (an LDAP attribute name like sshkeys
). The value true
is NOT allowed.
I think we should detect this when parsing the LDAP settings during application startup. We just spent a lot of time finding this problem with a customer, based only on a cryptic error message during GitLab sign-in.
Something like:
if sync_ssh_keys && !sync_ssh_keys.is_a?(String)
raise "Invalid sync_ssh_keys settings for LDAP server #{server}: #{sync_ssh_keys.inspect}"
end
cc @patricio