Add constant as ALLOWED_INDEXED_COLUMNS

app/finders/pipelines_finder.rb

 class PipelinesFinder
   attr_reader :project, :pipelines, :params
 
+  ALLOWED_INDEXED_COLUMNS = %w[id status ref user_id].freeze
+
   def initialize(project, params = {})
     @project = project
     @pipelines = project.pipelines
@@ -95,7 +97,7 @@ class PipelinesFinder
   end
 
   def sort_items(items)
-    order_by = if %w[id status ref user_id].include?(params[:order_by]) # Allow only indexed columns
+    order_by = if ALLOWED_INDEXED_COLUMNS.include?(params[:order_by])
                  params[:order_by]
                else
                  :id

lib/api/pipelines.rb

@@ -22,7 +22,7 @@ module API
         optional :yaml_errors, type: Boolean, desc: 'If true, returns only yaml error pipelines'
         optional :name,     type: String, desc: 'The name of user who triggered pipelines'
         optional :username, type: String, desc: 'The username of user who triggered pipelines'
-        optional :order_by, type: String, values: %w[id status ref user_id], default: 'id',
+        optional :order_by, type: String, values: PipelinesFinder::ALLOWED_INDEXED_COLUMNS, default: 'id',
                             desc: 'The order_by which is combined with a sort'
         optional :sort,     type: String, values: %w[asc desc], default: 'desc',
                             desc: 'The sort method which is combined with an order_by'