Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
77271388
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
77271388
编写于
9月 21, 2016
作者:
K
Kamil Trzcinski
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Update permissions table
上级
88d83e2e
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
23 addition
and
6 deletion
+23
-6
doc/user/permissions.md
doc/user/permissions.md
+23
-6
未找到文件。
doc/user/permissions.md
浏览文件 @
77271388
...
...
@@ -198,14 +198,20 @@ This table shows granted privileges for builds triggered by specific types of us
|---------------------------------------------|-----------------|-------------|----------|--------|
| Run CI build | | ✓ | ✓ | ✓ |
| Clone source and LFS from current project | | ✓ | ✓ | ✓ |
| Clone source and LFS from other projects | | ✓ [^1] | ✓ [^1] | ✓ [^1] |
| Push source and LFS to current project | | | | |
| Push source and LFS to other projects | | | | |
| Clone source and LFS from public projects | | ✓ | ✓ | ✓ |
| Clone source and LFS from internal projects | | ✓ [^3] | ✓ [^3] | ✓ |
| Clone source and LFS from private projects | | ✓ [^4] | ✓ [^4] | ✓ [^4] |
| Push source and LFS | | | | |
| Pull container images from current project | | ✓ | ✓ | ✓ |
| Pull container images from other projects | | ✓ [^1] | ✓ [^1] | ✓ [^1] |
| Pull container images from public projects | | ✓ | ✓ | ✓ |
| Pull container images from internal projects| | ✓ [^3] | ✓ [^3] | ✓ |
| Pull container images from private projects | | ✓ [^4] | ✓ [^4] | ✓ [^4] |
| Push container images to current project | | ✓ | ✓ | ✓ |
| Push container images to other projects | | | | |
[
^3
]:
Only
if user is not external one.
[
^4
]:
Only
if user is a member of the project.
### Build token
The above gives a question about trustability of build token.
...
...
@@ -226,8 +232,19 @@ your runners in most secure possible way, by avoiding using this configurations:
1.
Using
`shell`
executor,
By using in-secure GitLab Runner configuration you allow the rogue developers
to steal the tokens of other builds. However, this problem existed before,
but
to steal the tokens of other builds.
### Debugging problems
It can happen that some of the users will complain that CI builds do fail for them.
It is most likely that your project access other projects sources,
and the user doesn't have the permissions.
In the build log look for information about 403 or forbidden access.
You then as Administrator can verify that the user is a member of the group or project,
and you when impersonated as the user can retry a failing build
on behalf of the user to verify that everything is correct.
### Before 8.12
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录