Commit 551e84c2 authored by Douwe Maan's avatar Douwe Maan

Skip change access check for deploy keys

parent bc7a1aff
...@@ -10,7 +10,7 @@ module Gitlab ...@@ -10,7 +10,7 @@ module Gitlab
attr_reader(*ATTRIBUTES) attr_reader(*ATTRIBUTES)
def initialize( def initialize(
change, user_access:, project:, skip_authorization: false, change, user_access:, project:,
skip_lfs_integrity_check: false, protocol:, logger: skip_lfs_integrity_check: false, protocol:, logger:
) )
@oldrev, @newrev, @ref = change.values_at(:oldrev, :newrev, :ref) @oldrev, @newrev, @ref = change.values_at(:oldrev, :newrev, :ref)
...@@ -18,7 +18,6 @@ module Gitlab ...@@ -18,7 +18,6 @@ module Gitlab
@tag_name = Gitlab::Git.tag_name(@ref) @tag_name = Gitlab::Git.tag_name(@ref)
@user_access = user_access @user_access = user_access
@project = project @project = project
@skip_authorization = skip_authorization
@skip_lfs_integrity_check = skip_lfs_integrity_check @skip_lfs_integrity_check = skip_lfs_integrity_check
@protocol = protocol @protocol = protocol
...@@ -27,8 +26,6 @@ module Gitlab ...@@ -27,8 +26,6 @@ module Gitlab
end end
def exec def exec
return true if skip_authorization
ref_level_checks ref_level_checks
# Check of commits should happen as the last step # Check of commits should happen as the last step
# given they're expensive in terms of performance # given they're expensive in terms of performance
......
...@@ -266,6 +266,9 @@ module Gitlab ...@@ -266,6 +266,9 @@ module Gitlab
end end
def check_change_access! def check_change_access!
# Deploy keys with write access can push anything
return if deploy_key?
# If there are worktrees with a HEAD pointing to a non-existent object, # If there are worktrees with a HEAD pointing to a non-existent object,
# calls to `git rev-list --all` will fail in git 2.15+. This should also # calls to `git rev-list --all` will fail in git 2.15+. This should also
# clear stale lock files. # clear stale lock files.
...@@ -286,7 +289,6 @@ module Gitlab ...@@ -286,7 +289,6 @@ module Gitlab
change, change,
user_access: user_access, user_access: user_access,
project: project, project: project,
skip_authorization: deploy_key?,
skip_lfs_integrity_check: skip_lfs_integrity_check, skip_lfs_integrity_check: skip_lfs_integrity_check,
protocol: protocol, protocol: protocol,
logger: logger logger: logger
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment