Strip leading & trailing whitespaces in CI/CD secret variable keys

Signed-off-by: N Rémy Coutable <remy@rymai.me>

Strip leading & trailing whitespaces in CI/CD secret variable keys
Signed-off-by: N Rémy Coutable <remy@rymai.me>
fa35ea13 · Rémy Coutable · 24fadd7c · fa35ea13 · fa35ea13 · fa35ea13
3 changed file
--- a/app/models/concerns/has_variable.rb
+++ b/app/models/concerns/has_variable.rb
@@ -16,6 +16,10 @@ module HasVariable
       key: Gitlab::Application.secrets.db_key_base,
       algorithm: 'aes-256-cbc'

+    def key=(new_key)
+      super(new_key.to_s.strip)
+    end
+
    def to_runner_variable
      { key: key, value: value, public: false }
    end

--- a/changelogs/unreleased/40561-environment-scope-value-is-not-trimmed.yml
+++ b/changelogs/unreleased/40561-environment-scope-value-is-not-trimmed.yml
+---
+title: Strip leading & trailing whitespaces in CI/CD secret variable keys
+merge_request: 15615
+author:
+type: fixed
--- a/spec/models/concerns/has_variable_spec.rb
+++ b/spec/models/concerns/has_variable_spec.rb
@@ -9,6 +9,24 @@ describe HasVariable do
  it { is_expected.not_to allow_value('foo bar').for(:key) }
  it { is_expected.not_to allow_value('foo/bar').for(:key) }

+  describe '#key=' do
+    context 'when the new key is nil' do
+      it 'strips leading and trailing whitespaces' do
+        subject.key = nil
+
+        expect(subject.key).to eq('')
+      end
+    end
+
+    context 'when the new key has leadind and trailing whitespaces' do
+      it 'strips leading and trailing whitespaces' do
+        subject.key = ' my key '
+
+        expect(subject.key).to eq('my key')
+      end
+    end
+  end
+
  describe '#value' do
    before do
      subject.value = 'secret'