Add latest changes from gitlab-org/gitlab@master

17 files changed, 406 insertions, 25 deletions

diff --git a/spec/finders/keys_finder_spec.rb b/spec/finders/keys_finder_spec.rb
new file mode 100644
index 00000000000..147e6ee3d84
--- /dev/null
+++ b/spec/finders/keys_finder_spec.rb
@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe KeysFinder do
+  subject(:keys_finder) { described_class.new(user, params) }
+
+  let(:user) { create(:user) }
+  let(:fingerprint_type) { 'md5' }
+  let(:fingerprint) { 'ba:81:59:68:d7:6c:cd:02:02:bf:6a:9b:55:4e:af:d1' }
+
+  let(:params) do
+    {
+      type: fingerprint_type,
+      fingerprint: fingerprint
+    }
+  end
+
+  let!(:key) do
+    create(:key, user: user,
+      key: 'ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAiPWx6WM4lhHNedGfBpPJNPpZ7yKu+dnn1SJejgt1016k6YjzGGphH2TUxwKzxcKDKKezwkpfnxPkSMkuEspGRt/aZZ9wa++Oi7Qkr8prgHc4soW6NUlfDzpvZK2H5E7eQaSeP3SAwGmQKUFHCddNaP0L+hM7zhFNzjFvpaMgJw0=',
+      fingerprint: 'ba:81:59:68:d7:6c:cd:02:02:bf:6a:9b:55:4e:af:d1',
+      fingerprint_sha256: 'nUhzNyftwADy8AH3wFY31tAKs7HufskYTte2aXo/lCg'
+    )
+  end
+
+  context 'with a regular user' do
+    it 'raises GitLabAccessDeniedError' do
+      expect do
+        keys_finder.execute
+      end.to raise_error(KeysFinder::GitLabAccessDeniedError)
+    end
+  end
+
+  context 'with an admin user' do
+    let(:user) {create(:admin)}
+
+    context 'with invalid MD5 fingerprint' do
+      let(:fingerprint) { '11:11:11:11' }
+
+      it 'raises InvalidFingerprint' do
+        expect { keys_finder.execute }
+          .to raise_error(KeysFinder::InvalidFingerprint)
+      end
+    end
+
+    context 'with invalid SHA fingerprint' do
+      let(:fingerprint_type) { 'sha256' }
+      let(:fingerprint) { 'nUhzNyftwAAKs7HufskYTte2g' }
+
+      it 'raises InvalidFingerprint' do
+        expect { keys_finder.execute }
+          .to raise_error(KeysFinder::InvalidFingerprint)
+      end
+    end
+
+    context 'with valid MD5 params' do
+      it 'returns key if the fingerprint is found' do
+        result = keys_finder.execute
+
+        expect(result).to eq(key)
+        expect(key.user).to eq(user)
+      end
+    end
+
+    context 'with valid SHA256 params' do
+      let(:fingerprint) { 'ba:81:59:68:d7:6c:cd:02:02:bf:6a:9b:55:4e:af:d1' }
+
+      it 'returns key if the fingerprint is found' do
+        result = keys_finder.execute
+
+        expect(result).to eq(key)
+        expect(key.user).to eq(user)
+      end
+    end
+  end
+end
diff --git a/spec/initializers/database_config_spec.rb b/spec/initializers/database_config_spec.rb
index a5a074f5884..9200a625b38 100644
--- a/spec/initializers/database_config_spec.rb
+++ b/spec/initializers/database_config_spec.rb
@@ -16,6 +16,7 @@ describe 'Database config initializer' do
     let(:puma_options) { { max_threads: 8 } }
 
     before do
+      allow(Gitlab::Runtime).to receive(:puma?).and_return(true)
       stub_const("Puma", puma)
       allow(puma).to receive_message_chain(:cli_config, :options).and_return(puma_options)
     end
diff --git a/spec/lib/gitlab/gitaly_client_spec.rb b/spec/lib/gitlab/gitaly_client_spec.rb
index 9ebd34140c1..80c1493d01b 100644
--- a/spec/lib/gitlab/gitaly_client_spec.rb
+++ b/spec/lib/gitlab/gitaly_client_spec.rb
@@ -26,7 +26,7 @@ describe Gitlab::GitalyClient do
 
     context 'running in Unicorn' do
       before do
-        stub_const('Unicorn', 1)
+        allow(Gitlab::Runtime).to receive(:unicorn?).and_return(true)
       end
 
       it { expect(subject.long_timeout).to eq(55) }
@@ -34,7 +34,7 @@ describe Gitlab::GitalyClient do
 
     context 'running in Puma' do
       before do
-        stub_const('Puma', 1)
+        allow(Gitlab::Runtime).to receive(:puma?).and_return(true)
       end
 
       it { expect(subject.long_timeout).to eq(55) }
diff --git a/spec/lib/gitlab/gpg_spec.rb b/spec/lib/gitlab/gpg_spec.rb
index cd593390821..5d43023502c 100644
--- a/spec/lib/gitlab/gpg_spec.rb
+++ b/spec/lib/gitlab/gpg_spec.rb
@@ -236,7 +236,7 @@ describe Gitlab::Gpg do
 
     context 'when running in Sidekiq' do
       before do
-        allow(Sidekiq).to receive(:server?).and_return(true)
+        allow(Gitlab::Runtime).to receive(:sidekiq?).and_return(true)
       end
 
       it_behaves_like 'multiple deletion attempts of the tmp-dir', described_class::BG_CLEANUP_RUNTIME_S
diff --git a/spec/lib/gitlab/health_checks/puma_check_spec.rb b/spec/lib/gitlab/health_checks/puma_check_spec.rb
index dd052a4dd2c..93ef81978a8 100644
--- a/spec/lib/gitlab/health_checks/puma_check_spec.rb
+++ b/spec/lib/gitlab/health_checks/puma_check_spec.rb
@@ -22,6 +22,7 @@ describe Gitlab::HealthChecks::PumaCheck do
 
   context 'when Puma is not loaded' do
     before do
+      allow(Gitlab::Runtime).to receive(:puma?).and_return(false)
       hide_const('Puma')
     end
 
@@ -33,6 +34,7 @@ describe Gitlab::HealthChecks::PumaCheck do
 
   context 'when Puma is loaded' do
     before do
+      allow(Gitlab::Runtime).to receive(:puma?).and_return(true)
       stub_const('Puma', Module.new)
     end
 
diff --git a/spec/lib/gitlab/health_checks/unicorn_check_spec.rb b/spec/lib/gitlab/health_checks/unicorn_check_spec.rb
index 931b61cb168..7c57b6f1ca5 100644
--- a/spec/lib/gitlab/health_checks/unicorn_check_spec.rb
+++ b/spec/lib/gitlab/health_checks/unicorn_check_spec.rb
@@ -26,6 +26,7 @@ describe Gitlab::HealthChecks::UnicornCheck do
 
   context 'when Unicorn is not loaded' do
     before do
+      allow(Gitlab::Runtime).to receive(:unicorn?).and_return(false)
       hide_const('Unicorn')
     end
 
@@ -39,6 +40,7 @@ describe Gitlab::HealthChecks::UnicornCheck do
     let(:http_server_class) { Struct.new(:worker_processes) }
 
     before do
+      allow(Gitlab::Runtime).to receive(:unicorn?).and_return(true)
       stub_const('Unicorn::HttpServer', http_server_class)
     end
 
diff --git a/spec/lib/gitlab/highlight_spec.rb b/spec/lib/gitlab/highlight_spec.rb
index 5a45d724b83..2140cbae488 100644
--- a/spec/lib/gitlab/highlight_spec.rb
+++ b/spec/lib/gitlab/highlight_spec.rb
@@ -111,7 +111,7 @@ describe Gitlab::Highlight do
       end
 
       it 'utilizes longer timeout for sidekiq' do
-        allow(Sidekiq).to receive(:server?).and_return(true)
+        allow(Gitlab::Runtime).to receive(:sidekiq?).and_return(true)
         expect(Timeout).to receive(:timeout).with(described_class::TIMEOUT_BACKGROUND).and_call_original
 
         subject.highlight("Content")
diff --git a/spec/lib/gitlab/insecure_key_fingerprint_spec.rb b/spec/lib/gitlab/insecure_key_fingerprint_spec.rb
index 7f20ae98b06..8d0422bae9f 100644
--- a/spec/lib/gitlab/insecure_key_fingerprint_spec.rb
+++ b/spec/lib/gitlab/insecure_key_fingerprint_spec.rb
@@ -11,10 +11,17 @@ describe Gitlab::InsecureKeyFingerprint do
   end
 
   let(:fingerprint) { "3f:a2:ee:de:b5:de:53:c3:aa:2f:9c:45:24:4c:47:7b" }
+  let(:fingerprint_sha256) { "MQHWhS9nhzUezUdD42ytxubZoBKrZLbyBZzxCkmnxXc" }
 
   describe "#fingerprint" do
     it "generates the key's fingerprint" do
-      expect(described_class.new(key.split[1]).fingerprint).to eq(fingerprint)
+      expect(described_class.new(key.split[1]).fingerprint_md5).to eq(fingerprint)
+    end
+  end
+
+  describe "#fingerprint" do
+    it "generates the key's fingerprint" do
+      expect(described_class.new(key.split[1]).fingerprint_sha256).to eq(fingerprint_sha256)
     end
   end
 end
diff --git a/spec/lib/gitlab/metrics/samplers/influx_sampler_spec.rb b/spec/lib/gitlab/metrics/samplers/influx_sampler_spec.rb
index 2d4b27a6ac1..939c057c342 100644
--- a/spec/lib/gitlab/metrics/samplers/influx_sampler_spec.rb
+++ b/spec/lib/gitlab/metrics/samplers/influx_sampler_spec.rb
@@ -63,7 +63,7 @@ describe Gitlab::Metrics::Samplers::InfluxSampler do
 
   describe '#add_metric' do
     it 'prefixes the series name for a Rails process' do
-      expect(sampler).to receive(:sidekiq?).and_return(false)
+      expect(Gitlab::Runtime).to receive(:sidekiq?).and_return(false)
 
       expect(Gitlab::Metrics::Metric).to receive(:new)
         .with('rails_cats', { value: 10 }, {})
@@ -73,7 +73,7 @@ describe Gitlab::Metrics::Samplers::InfluxSampler do
     end
 
     it 'prefixes the series name for a Sidekiq process' do
-      expect(sampler).to receive(:sidekiq?).and_return(true)
+      expect(Gitlab::Runtime).to receive(:sidekiq?).and_return(true)
 
       expect(Gitlab::Metrics::Metric).to receive(:new)
         .with('sidekiq_cats', { value: 10 }, {})
diff --git a/spec/lib/gitlab/runtime_spec.rb b/spec/lib/gitlab/runtime_spec.rb
new file mode 100644
index 00000000000..914c0fe2be7
--- /dev/null
+++ b/spec/lib/gitlab/runtime_spec.rb
@@ -0,0 +1,112 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Gitlab::Runtime do
+  REAL_PATH = $0
+
+  after(:all) do
+    $0 = REAL_PATH
+  end
+
+  context "when unknown" do
+    it "identifies as :unknown" do
+      expect(subject.name).to eq(:unknown)
+    end
+  end
+
+  context "on multiple matches" do
+    before do
+      $0 = '/data/cache/bundle-2.5/bin/puma'
+      stub_const('::Puma', double)
+      stub_const('::Rails::Console', double)
+    end
+
+    it "raises an exception when trying to identify" do
+      expect { subject.name }.to raise_error(RuntimeError, "Ambiguous process match: [:puma, :console]")
+    end
+  end
+
+  context "puma" do
+    let(:puma_type) { double('::Puma') }
+
+    before do
+      $0 = '/data/cache/bundle-2.5/bin/puma'
+      stub_const('::Puma', puma_type)
+    end
+
+    it "identifies itself" do
+      expect(subject.name).to eq(:puma)
+      expect(subject.puma?).to be(true)
+    end
+
+    it "does not identify as others" do
+      expect(subject.unicorn?).to be(false)
+      expect(subject.sidekiq?).to be(false)
+      expect(subject.console?).to be(false)
+    end
+  end
+
+  context "unicorn" do
+    let(:unicorn_type) { Module.new }
+    let(:unicorn_server_type) { Class.new }
+
+    before do
+      $0 = 'unicorn_rails master -E development -c /tmp/unicorn.rb -l 0.0.0.0:8080'
+      stub_const('::Unicorn', unicorn_type)
+      stub_const('::Unicorn::HttpServer', unicorn_server_type)
+    end
+
+    it "identifies itself" do
+      expect(subject.name).to eq(:unicorn)
+      expect(subject.unicorn?).to be(true)
+    end
+
+    it "does not identify as others" do
+      expect(subject.puma?).to be(false)
+      expect(subject.sidekiq?).to be(false)
+      expect(subject.console?).to be(false)
+    end
+  end
+
+  context "sidekiq" do
+    let(:sidekiq_type) { double('::Sidekiq') }
+
+    before do
+      $0 = '/data/cache/bundle-2.5/bin/sidekiq'
+      stub_const('::Sidekiq', sidekiq_type)
+      allow(sidekiq_type).to receive(:server?).and_return(true)
+    end
+
+    it "identifies itself" do
+      expect(subject.name).to eq(:sidekiq)
+      expect(subject.sidekiq?).to be(true)
+    end
+
+    it "does not identify as others" do
+      expect(subject.unicorn?).to be(false)
+      expect(subject.puma?).to be(false)
+      expect(subject.console?).to be(false)
+    end
+  end
+
+  context "console" do
+    let(:console_type) { double('::Rails::Console') }
+
+    before do
+      $0 = 'bin/rails'
+      stub_const('::Rails::Console', console_type)
+    end
+
+    it "identifies itself" do
+      expect(subject.name).to eq(:console)
+      expect(subject.console?).to be(true)
+    end
+
+    it "does not identify as others" do
+      expect(subject.unicorn?).to be(false)
+      expect(subject.sidekiq?).to be(false)
+      expect(subject.puma?).to be(false)
+    end
+  end
+end
diff --git a/spec/lib/gitlab/ssh_public_key_spec.rb b/spec/lib/gitlab/ssh_public_key_spec.rb
index f8becb0c796..08e008c82d9 100644
--- a/spec/lib/gitlab/ssh_public_key_spec.rb
+++ b/spec/lib/gitlab/ssh_public_key_spec.rb
@@ -183,6 +183,34 @@ describe Gitlab::SSHPublicKey, lib: true do
     end
   end
 
+  describe '#fingerprint in SHA256 format' do
+    subject { public_key.fingerprint("SHA256").gsub("SHA256:", "") if public_key.fingerprint("SHA256") }
+
+    where(:factory, :fingerprint_sha256) do
+      [
+        [:rsa_key_2048, 'GdtgO0eHbwLB+mK47zblkoXujkqKRZjgMQrHH6Kks3E'],
+        [:rsa_key_4096, 'ByDU7hQ1JB95l6p53rHrffc4eXvEtqGUtQhS+Dhyy7g'],
+        [:rsa_key_5120, 'PCCupLbFHScm4AbEufbGDvhBU27IM0MVAor715qKQK8'],
+        [:rsa_key_8192, 'CtHFQAS+9Hb8z4vrv4gVQPsHjNN0WIZhWODaB1mQLs4'],
+        [:dsa_key_2048, '+a3DQ7cU5GM+gaYOfmc0VWNnykHQSuth3VRcCpWuYNI'],
+        [:ecdsa_key_256, 'C+I5k3D+IGeM6k5iBR1ZsphqTKV+7uvL/XZ5hcrTr7g'],
+        [:ed25519_key_256, 'DCKAjzxWrdOTjaGKBBjtCW8qY5++GaiAJflrHPmp6W0']
+      ]
+    end
+
+    with_them do
+      let(:key) { attributes_for(factory)[:key] }
+
+      it { is_expected.to eq(fingerprint_sha256) }
+    end
+
+    context 'with an invalid SSH key' do
+      let(:key) { 'this is not a key' }
+
+      it { is_expected.to be_nil }
+    end
+  end
+
   describe '#key_text' do
     let(:key) { 'this is not a key' }
 
diff --git a/spec/lib/prometheus/pid_provider_spec.rb b/spec/lib/prometheus/pid_provider_spec.rb
index 6fdc11b14c4..5a17f25f144 100644
--- a/spec/lib/prometheus/pid_provider_spec.rb
+++ b/spec/lib/prometheus/pid_provider_spec.rb
@@ -6,16 +6,13 @@ describe Prometheus::PidProvider do
   describe '.worker_id' do
     subject { described_class.worker_id }
 
-    let(:sidekiq_module) { Module.new }
-
     before do
-      allow(sidekiq_module).to receive(:server?).and_return(false)
-      stub_const('Sidekiq', sidekiq_module)
+      allow(Gitlab::Runtime).to receive(:sidekiq?).and_return(false)
     end
 
     context 'when running in Sidekiq server mode' do
       before do
-        expect(Sidekiq).to receive(:server?).and_return(true)
+        allow(Gitlab::Runtime).to receive(:sidekiq?).and_return(true)
       end
 
       context 'in a clustered setup' do
@@ -33,8 +30,7 @@ describe Prometheus::PidProvider do
 
     context 'when running in Unicorn mode' do
       before do
-        stub_const('Unicorn::Worker', Class.new)
-        hide_const('Puma')
+        allow(Gitlab::Runtime).to receive(:unicorn?).and_return(true)
 
         expect(described_class).to receive(:process_name)
           .at_least(:once)
@@ -94,8 +90,7 @@ describe Prometheus::PidProvider do
 
     context 'when running in Puma mode' do
       before do
-        stub_const('Puma', Module.new)
-        hide_const('Unicorn::Worker')
+        allow(Gitlab::Runtime).to receive(:puma?).and_return(true)
 
         expect(described_class).to receive(:process_name)
           .at_least(:once)
@@ -116,11 +111,6 @@ describe Prometheus::PidProvider do
     end
 
     context 'when running in unknown mode' do
-      before do
-        hide_const('Puma')
-        hide_const('Unicorn::Worker')
-      end
-
       it { is_expected.to eq "process_#{Process.pid}" }
     end
   end
diff --git a/spec/models/concerns/sha256_attribute_spec.rb b/spec/models/concerns/sha256_attribute_spec.rb
new file mode 100644
index 00000000000..213723c2dcb
--- /dev/null
+++ b/spec/models/concerns/sha256_attribute_spec.rb
@@ -0,0 +1,91 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Sha256Attribute do
+  let(:model) { Class.new { include Sha256Attribute } }
+
+  before do
+    columns = [
+      double(:column, name: 'name', type: :text),
+      double(:column, name: 'sha256', type: :binary)
+    ]
+
+    allow(model).to receive(:columns).and_return(columns)
+  end
+
+  describe '#sha_attribute' do
+    context 'when in non-production' do
+      before do
+        stub_rails_env('development')
+      end
+
+      context 'when the table exists' do
+        before do
+          allow(model).to receive(:table_exists?).and_return(true)
+        end
+
+        it 'defines a SHA attribute for a binary column' do
+          expect(model).to receive(:attribute)
+            .with(:sha256, an_instance_of(Gitlab::Database::Sha256Attribute))
+
+          model.sha256_attribute(:sha256)
+        end
+
+        it 'raises ArgumentError when the column type is not :binary' do
+          expect { model.sha256_attribute(:name) }.to raise_error(ArgumentError)
+        end
+      end
+
+      context 'when the table does not exist' do
+        it 'allows the attribute to be added and issues a warning' do
+          allow(model).to receive(:table_exists?).and_return(false)
+
+          expect(model).not_to receive(:columns)
+          expect(model).to receive(:attribute)
+          expect(model).to receive(:warn)
+
+          model.sha256_attribute(:name)
+        end
+      end
+
+      context 'when the column does not exist' do
+        it 'allows the attribute to be added and issues a warning' do
+          allow(model).to receive(:table_exists?).and_return(true)
+
+          expect(model).to receive(:columns)
+          expect(model).to receive(:attribute)
+          expect(model).to receive(:warn)
+
+          model.sha256_attribute(:no_name)
+        end
+      end
+
+      context 'when other execeptions are raised' do
+        it 'logs and re-rasises the error' do
+          allow(model).to receive(:table_exists?).and_raise(ActiveRecord::NoDatabaseError.new('does not exist'))
+
+          expect(model).not_to receive(:columns)
+          expect(model).not_to receive(:attribute)
+          expect(Gitlab::AppLogger).to receive(:error)
+
+          expect { model.sha256_attribute(:name) }.to raise_error(ActiveRecord::NoDatabaseError)
+        end
+      end
+    end
+
+    context 'when in production' do
+      before do
+        stub_rails_env('production')
+      end
+
+      it 'defines a SHA attribute' do
+        expect(model).not_to receive(:table_exists?)
+        expect(model).not_to receive(:columns)
+        expect(model).to receive(:attribute).with(:sha256, an_instance_of(Gitlab::Database::Sha256Attribute))
+
+        model.sha256_attribute(:sha256)
+      end
+    end
+  end
+end
diff --git a/spec/models/key_spec.rb b/spec/models/key_spec.rb
index a0b6eff88d5..559dc95768a 100644
--- a/spec/models/key_spec.rb
+++ b/spec/models/key_spec.rb
@@ -92,6 +92,7 @@ describe Key, :mailer do
     with_them do
       let!(:key) { create(factory) }
       let!(:original_fingerprint) { key.fingerprint }
+      let!(:original_fingerprint_sha256) { key.fingerprint_sha256 }
 
       it 'accepts a key with blank space characters after stripping them' do
         modified_key = key.key.insert(100, chars.first).insert(40, chars.last)
@@ -104,6 +105,8 @@ describe Key, :mailer do
 
         expect(content).not_to match(/\s/)
         expect(original_fingerprint).to eq(key.fingerprint)
+        expect(original_fingerprint).to eq(key.fingerprint_md5)
+        expect(original_fingerprint_sha256).to eq(key.fingerprint_sha256)
       end
     end
   end
diff --git a/spec/requests/api/keys_spec.rb b/spec/requests/api/keys_spec.rb
index 6802a0cfdab..f7da1abcfdf 100644
--- a/spec/requests/api/keys_spec.rb
+++ b/spec/requests/api/keys_spec.rb
@@ -25,7 +25,6 @@ describe API::Keys do
 
       it 'returns single ssh key with user information' do
         user.keys << key
-        user.save
         get api("/keys/#{key.id}", admin)
         expect(response).to have_gitlab_http_status(200)
         expect(json_response['title']).to eq(key.title)
@@ -40,4 +39,73 @@ describe API::Keys do
       end
     end
   end
+
+  describe 'GET /keys?fingerprint=' do
+    it 'returns authentication error' do
+      get api("/keys?fingerprint=#{key.fingerprint}")
+
+      expect(response).to have_gitlab_http_status(401)
+    end
+
+    it 'returns authentication error when authenticated as user' do
+      get api("/keys?fingerprint=#{key.fingerprint}", user)
+
+      expect(response).to have_gitlab_http_status(403)
+    end
+
+    context 'when authenticated as admin' do
+      it 'returns 404 for non-existing SSH md5 fingerprint' do
+        get api("/keys?fingerprint=11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11", admin)
+
+        expect(response).to have_gitlab_http_status(404)
+        expect(json_response['message']).to eq('404 Key Not Found')
+      end
+
+      it 'returns 404 for non-existing SSH sha256 fingerprint' do
+        get api("/keys?fingerprint=#{URI.encode_www_form_component("SHA256:nUhzNyftwADy8AH3wFY31tAKs7HufskYTte2aXo1lCg")}", admin)
+
+        expect(response).to have_gitlab_http_status(404)
+        expect(json_response['message']).to eq('404 Key Not Found')
+      end
+
+      it 'returns user if SSH md5 fingerprint found' do
+        user.keys << key
+
+        get api("/keys?fingerprint=#{key.fingerprint}", admin)
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(json_response['title']).to eq(key.title)
+        expect(json_response['user']['id']).to eq(user.id)
+        expect(json_response['user']['username']).to eq(user.username)
+      end
+
+      it 'returns user if SSH sha256 fingerprint found' do
+        user.keys << key
+
+        get api("/keys?fingerprint=#{URI.encode_www_form_component("SHA256:" + key.fingerprint_sha256)}", admin)
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(json_response['title']).to eq(key.title)
+        expect(json_response['user']['id']).to eq(user.id)
+        expect(json_response['user']['username']).to eq(user.username)
+      end
+
+      it 'returns user if SSH sha256 fingerprint found' do
+        user.keys << key
+
+        get api("/keys?fingerprint=#{URI.encode_www_form_component("sha256:" + key.fingerprint_sha256)}", admin)
+
+        expect(response).to have_gitlab_http_status(200)
+        expect(json_response['title']).to eq(key.title)
+        expect(json_response['user']['id']).to eq(user.id)
+        expect(json_response['user']['username']).to eq(user.username)
+      end
+
+      it "does not include the user's `is_admin` flag" do
+        get api("/keys?fingerprint=#{key.fingerprint}", admin)
+
+        expect(json_response['user']['is_admin']).to be_nil
+      end
+    end
+  end
 end
diff --git a/spec/services/git/branch_push_service_spec.rb b/spec/services/git/branch_push_service_spec.rb
index 19d7b84a3ce..e7f005cff0b 100644
--- a/spec/services/git/branch_push_service_spec.rb
+++ b/spec/services/git/branch_push_service_spec.rb
@@ -108,7 +108,7 @@ describe Git::BranchPushService, services: true do
       end
 
       it 'reports an error' do
-        allow(Sidekiq).to receive(:server?).and_return(true)
+        allow(Gitlab::Runtime).to receive(:sidekiq?).and_return(true)
         expect(Sidekiq.logger).to receive(:warn)
 
         expect { subject }.not_to change { Ci::Pipeline.count }
diff --git a/spec/support/redis/redis_shared_examples.rb b/spec/support/redis/redis_shared_examples.rb
index 97a23f02b3e..e079c32d6ae 100644
--- a/spec/support/redis/redis_shared_examples.rb
+++ b/spec/support/redis/redis_shared_examples.rb
@@ -118,7 +118,7 @@ RSpec.shared_examples "redis_shared_examples" do
 
     context 'when running not on sidekiq workers' do
       before do
-        allow(Sidekiq).to receive(:server?).and_return(false)
+        allow(Gitlab::Runtime).to receive(:sidekiq?).and_return(false)
       end
 
       it 'instantiates a connection pool with size 5' do
@@ -130,7 +130,7 @@ RSpec.shared_examples "redis_shared_examples" do
 
     context 'when running on sidekiq workers' do
       before do
-        allow(Sidekiq).to receive(:server?).and_return(true)
+        allow(Gitlab::Runtime).to receive(:sidekiq?).and_return(true)
         allow(Sidekiq).to receive(:options).and_return({ concurrency: 18 })
       end