-
- Downloads
There was a problem fetching the pipeline summary.
Merge branch 'gitlab-workhorse-safeties' into 'master'
Security and safety improvements for gitlab-workhorse integration Companion to https://gitlab.com/gitlab-org/gitlab-workhorse/merge_requests/60 - Use a custom content type when sending data to gitlab-workhorse - Verify (using JWT and a shared secret on disk) that internal API requests came from gitlab-workhorse This will allow us to build features in gitlab-workhorse that require more trust, and protect us against programming mistakes in the future. This is designed so that no action is required for installations from source. For omnibus-gitlab we need to add code that manages the shared secret. See merge request !5907
Showing
- .gitignore 1 addition, 0 deletions.gitignore
- GITLAB_WORKHORSE_VERSION 1 addition, 1 deletionGITLAB_WORKHORSE_VERSION
- app/controllers/projects/git_http_client_controller.rb 4 additions, 0 deletionsapp/controllers/projects/git_http_client_controller.rb
- app/controllers/projects/git_http_controller.rb 3 additions, 0 deletionsapp/controllers/projects/git_http_controller.rb
- app/controllers/projects/lfs_storage_controller.rb 3 additions, 8 deletionsapp/controllers/projects/lfs_storage_controller.rb
- app/helpers/workhorse_helper.rb 4 additions, 0 deletionsapp/helpers/workhorse_helper.rb
- config/initializers/gitlab_workhorse_secret.rb 8 additions, 0 deletionsconfig/initializers/gitlab_workhorse_secret.rb
- doc/install/installation.md 1 addition, 1 deletiondoc/install/installation.md
- doc/update/8.11-to-8.12.md 1 addition, 1 deletiondoc/update/8.11-to-8.12.md
- lib/ci/api/builds.rb 3 additions, 1 deletionlib/ci/api/builds.rb
- lib/gitlab/workhorse.rb 50 additions, 2 deletionslib/gitlab/workhorse.rb
- spec/lib/gitlab/workhorse_spec.rb 85 additions, 1 deletionspec/lib/gitlab/workhorse_spec.rb
- spec/requests/ci/api/builds_spec.rb 10 additions, 1 deletionspec/requests/ci/api/builds_spec.rb
- spec/requests/git_http_spec.rb 17 additions, 1 deletionspec/requests/git_http_spec.rb
- spec/requests/lfs_http_spec.rb 17 additions, 2 deletionsspec/requests/lfs_http_spec.rb
- spec/support/workhorse_helpers.rb 5 additions, 0 deletionsspec/support/workhorse_helpers.rb
Loading
Please register or sign in to comment