Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
e491df5f
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
e491df5f
编写于
11月 20, 2018
作者:
G
Grzegorz Bizon
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Encrypt runners communication token in the database
上级
478c15fa
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
23 addition
and
7 deletion
+23
-7
app/models/ci/runner.rb
app/models/ci/runner.rb
+4
-5
db/migrate/20181120151656_add_token_encrypted_to_ci_runners.rb
...grate/20181120151656_add_token_encrypted_to_ci_runners.rb
+12
-0
db/schema.rb
db/schema.rb
+2
-1
lib/gitlab/import_export/import_export.yml
lib/gitlab/import_export/import_export.yml
+3
-0
lib/gitlab/import_export/relation_factory.rb
lib/gitlab/import_export/relation_factory.rb
+2
-1
未找到文件。
app/models/ci/runner.rb
浏览文件 @
e491df5f
...
...
@@ -8,6 +8,9 @@ module Ci
include
RedisCacheable
include
ChronicDurationAttribute
include
FromUnion
include
TokenAuthenticatable
add_authentication_token_field
:token
,
encrypted:
true
,
fallback:
true
enum
access_level:
{
not_protected:
0
,
...
...
@@ -39,7 +42,7 @@ module Ci
has_one
:last_build
,
->
()
{
order
(
'id DESC'
)
},
class_name:
'Ci::Build'
before_
validation
:set_default_values
before_
save
:ensure_token
scope
:active
,
->
{
where
(
active:
true
)
}
scope
:paused
,
->
{
where
(
active:
false
)
}
...
...
@@ -145,10 +148,6 @@ module Ci
end
end
def
set_default_values
self
.
token
=
SecureRandom
.
hex
(
15
)
if
self
.
token
.
blank?
end
def
assign_to
(
project
,
current_user
=
nil
)
if
instance_type?
self
.
runner_type
=
:project_type
...
...
db/migrate/20181120151656_add_token_encrypted_to_ci_runners.rb
0 → 100644
浏览文件 @
e491df5f
# frozen_string_literal: true
class
AddTokenEncryptedToCiRunners
<
ActiveRecord
::
Migration
include
Gitlab
::
Database
::
MigrationHelpers
DOWNTIME
=
false
def
change
add_column
:ci_runners
,
:token_encrypted
,
:string
# TODO index
end
end
db/schema.rb
浏览文件 @
e491df5f
...
...
@@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord
::
Schema
.
define
(
version:
201811
16141504
)
do
ActiveRecord
::
Schema
.
define
(
version:
201811
20151656
)
do
# These are extensions that must be enabled in order to support this database
enable_extension
"plpgsql"
...
...
@@ -543,6 +543,7 @@ ActiveRecord::Schema.define(version: 20181116141504) do
t
.
string
"ip_address"
t
.
integer
"maximum_timeout"
t
.
integer
"runner_type"
,
limit:
2
,
null:
false
t
.
string
"token_encrypted"
end
add_index
"ci_runners"
,
[
"contacted_at"
],
name:
"index_ci_runners_on_contacted_at"
,
using: :btree
...
...
lib/gitlab/import_export/import_export.yml
浏览文件 @
e491df5f
...
...
@@ -158,6 +158,9 @@ excluded_attributes:
-
:encrypted_token_iv
-
:encrypted_url
-
:encrypted_url_iv
runners
:
-
:token
-
:token_encrypted
methods
:
labels
:
...
...
lib/gitlab/import_export/relation_factory.rb
浏览文件 @
e491df5f
...
...
@@ -8,6 +8,7 @@ module Gitlab
triggers:
'Ci::Trigger'
,
pipeline_schedules:
'Ci::PipelineSchedule'
,
builds:
'Ci::Build'
,
runners:
'Ci::Runner'
,
hooks:
'ProjectHook'
,
merge_access_levels:
'ProtectedBranch::MergeAccessLevel'
,
push_access_levels:
'ProtectedBranch::PushAccessLevel'
,
...
...
@@ -31,7 +32,7 @@ module Gitlab
EXISTING_OBJECT_CHECK
=
%i[milestone milestones label labels project_label project_labels group_label group_labels project_feature]
.
freeze
TOKEN_RESET_MODELS
=
%w[Project Namespace
Group Ci::Trigger Ci::Build
ProjectHook]
.
freeze
TOKEN_RESET_MODELS
=
%w[Project Namespace
Ci::Trigger Ci::Build Ci::Runner
ProjectHook]
.
freeze
def
self
.
create
(
*
args
)
new
(
*
args
).
create
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录