diff options
author | Grzegorz Bizon <grzegorz@gitlab.com> | 2018-12-21 12:19:23 +0000 |
---|---|---|
committer | Grzegorz Bizon <grzegorz@gitlab.com> | 2018-12-21 12:19:23 +0000 |
commit | 6749ef30b3484625de573ecf1709d34b4176421d (patch) | |
tree | 723cd57836c6d59a3ca28be189cb6567e6cec1d8 /app | |
parent | 7f334fdfafd5ea8a1c4277dcf4b1cb56e79c529b (diff) | |
parent | c111e2657df22c811191135369d599923dc89f54 (diff) | |
download | gitlab-ce-6749ef30b3484625de573ecf1709d34b4176421d.tar.gz |
Merge branch 'feature/option-to-make-variables-protected' into 'master'
Option to make variables protected by default
Closes #51822
See merge request gitlab-org/gitlab-ce!22744
Diffstat (limited to 'app')
-rw-r--r-- | app/assets/javascripts/ci_variable_list/ci_variable_list.js | 4 | ||||
-rw-r--r-- | app/helpers/application_settings_helper.rb | 3 | ||||
-rw-r--r-- | app/helpers/ci_variables_helper.rb | 15 | ||||
-rw-r--r-- | app/models/application_setting.rb | 3 | ||||
-rw-r--r-- | app/views/admin/application_settings/_ci_cd.html.haml | 7 | ||||
-rw-r--r-- | app/views/ci/variables/_content.html.haml | 2 | ||||
-rw-r--r-- | app/views/ci/variables/_header.html.haml | 11 | ||||
-rw-r--r-- | app/views/ci/variables/_index.html.haml | 5 | ||||
-rw-r--r-- | app/views/ci/variables/_variable_row.html.haml | 6 | ||||
-rw-r--r-- | app/views/groups/settings/ci_cd/show.html.haml | 8 | ||||
-rw-r--r-- | app/views/projects/settings/ci_cd/show.html.haml | 8 |
11 files changed, 52 insertions, 20 deletions
diff --git a/app/assets/javascripts/ci_variable_list/ci_variable_list.js b/app/assets/javascripts/ci_variable_list/ci_variable_list.js index ee0f7cda189..5b20fa141cd 100644 --- a/app/assets/javascripts/ci_variable_list/ci_variable_list.js +++ b/app/assets/javascripts/ci_variable_list/ci_variable_list.js @@ -36,7 +36,9 @@ export default class VariableList { }, protected: { selector: '.js-ci-variable-input-protected', - default: 'false', + // use `attr` instead of `data` as we don't want the value to be + // converted. we need the value as a string. + default: $('.js-ci-variable-input-protected').attr('data-default'), }, environment_scope: { // We can't use a `.js-` class here because diff --git a/app/helpers/application_settings_helper.rb b/app/helpers/application_settings_helper.rb index 086bb38ce9a..72731d969a2 100644 --- a/app/helpers/application_settings_helper.rb +++ b/app/helpers/application_settings_helper.rb @@ -218,7 +218,8 @@ module ApplicationSettingsHelper :version_check_enabled, :web_ide_clientside_preview_enabled, :diff_max_patch_bytes, - :commit_email_hostname + :commit_email_hostname, + :protected_ci_variables ] end diff --git a/app/helpers/ci_variables_helper.rb b/app/helpers/ci_variables_helper.rb new file mode 100644 index 00000000000..e3728804c2a --- /dev/null +++ b/app/helpers/ci_variables_helper.rb @@ -0,0 +1,15 @@ +# frozen_string_literal: true + +module CiVariablesHelper + def ci_variable_protected_by_default? + Gitlab::CurrentSettings.current_application_settings.protected_ci_variables + end + + def ci_variable_protected?(variable, only_key_value) + if variable && !only_key_value + variable.protected + else + ci_variable_protected_by_default? + end + end +end diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb index 4319db42019..73be94eade6 100644 --- a/app/models/application_setting.rb +++ b/app/models/application_setting.rb @@ -302,7 +302,8 @@ class ApplicationSetting < ActiveRecord::Base user_show_add_ssh_key_message: true, usage_stats_set_by_user_id: nil, diff_max_patch_bytes: Gitlab::Git::Diff::DEFAULT_MAX_PATCH_BYTES, - commit_email_hostname: default_commit_email_hostname + commit_email_hostname: default_commit_email_hostname, + protected_ci_variables: false } end diff --git a/app/views/admin/application_settings/_ci_cd.html.haml b/app/views/admin/application_settings/_ci_cd.html.haml index 0d42094fc89..fdaad1cf181 100644 --- a/app/views/admin/application_settings/_ci_cd.html.haml +++ b/app/views/admin/application_settings/_ci_cd.html.haml @@ -49,5 +49,12 @@ Once that time passes, the jobs will be archived and no longer able to be retried. Make it empty to never expire jobs. It has to be no less than 1 day, for example: <code>15 days</code>, <code>1 month</code>, <code>2 years</code>. + .form-group + .form-check + = f.check_box :protected_ci_variables, class: 'form-check-input' + = f.label :protected_ci_variables, class: 'form-check-label' do + = s_('AdminSettings|Environment variables are protected by default') + .form-text.text-muted + = s_('AdminSettings|When creating a new environment variable it will be protected by default.') = f.submit 'Save changes', class: "btn btn-success" diff --git a/app/views/ci/variables/_content.html.haml b/app/views/ci/variables/_content.html.haml index d355e7799df..fa82611d9c1 100644 --- a/app/views/ci/variables/_content.html.haml +++ b/app/views/ci/variables/_content.html.haml @@ -1 +1 @@ -= _('Variables are applied to environments via the runner. They can be protected by only exposing them to protected branches or tags. You can use variables for passwords, secret keys, or whatever you want.') += _('Environment variables are applied to environments via the runner. They can be protected by only exposing them to protected branches or tags. You can use environment variables for passwords, secret keys, or whatever you want.') diff --git a/app/views/ci/variables/_header.html.haml b/app/views/ci/variables/_header.html.haml new file mode 100644 index 00000000000..cb7779e2175 --- /dev/null +++ b/app/views/ci/variables/_header.html.haml @@ -0,0 +1,11 @@ +- expanded = local_assigns.fetch(:expanded) + +%h4 + = _('Environment variables') + = link_to icon('question-circle'), help_page_path('ci/variables/README', anchor: 'variables'), target: '_blank', rel: 'noopener noreferrer' + +%button.btn.btn-default.js-settings-toggle{ type: 'button' } + = expanded ? _('Collapse') : _('Expand') + +%p.append-bottom-0 + = render "ci/variables/content" diff --git a/app/views/ci/variables/_index.html.haml b/app/views/ci/variables/_index.html.haml index f34305e94fa..dc9ccb6cc39 100644 --- a/app/views/ci/variables/_index.html.haml +++ b/app/views/ci/variables/_index.html.haml @@ -1,5 +1,10 @@ - save_endpoint = local_assigns.fetch(:save_endpoint, nil) +- if ci_variable_protected_by_default? + %p.settings-message.text-center + - link_start = '<a href="%{url}">'.html_safe % { url: help_page_path('ci/variables/README', anchor: 'protected-variables') } + = s_('Environment variables are configured by your administrator to be %{link_start}protected%{link_end} by default').html_safe % { link_start: link_start, link_end: '</a>'.html_safe } + .row .col-lg-12.js-ci-variable-list-section{ data: { save_endpoint: save_endpoint } } .hide.alert.alert-danger.js-ci-variable-error-box diff --git a/app/views/ci/variables/_variable_row.html.haml b/app/views/ci/variables/_variable_row.html.haml index 6ee55836dd2..16a7527c8ce 100644 --- a/app/views/ci/variables/_variable_row.html.haml +++ b/app/views/ci/variables/_variable_row.html.haml @@ -5,7 +5,8 @@ - id = variable&.id - key = variable&.key - value = variable&.value -- is_protected = variable && !only_key_value ? variable.protected : false +- is_protected_default = ci_variable_protected_by_default? +- is_protected = ci_variable_protected?(variable, only_key_value) - id_input_name = "#{form_field}[variables_attributes][][id]" - destroy_input_name = "#{form_field}[variables_attributes][][_destroy]" @@ -39,7 +40,8 @@ %input{ type: "hidden", class: 'js-ci-variable-input-protected js-project-feature-toggle-input', name: protected_input_name, - value: is_protected } + value: is_protected, + data: { default: is_protected_default.to_s } } %span.toggle-icon = sprite_icon('status_success_borderless', size: 16, css_class: 'toggle-icon-svg toggle-status-checked') = sprite_icon('status_failed_borderless', size: 16, css_class: 'toggle-icon-svg toggle-status-unchecked') diff --git a/app/views/groups/settings/ci_cd/show.html.haml b/app/views/groups/settings/ci_cd/show.html.haml index a5e6abdba52..d9332e36ef5 100644 --- a/app/views/groups/settings/ci_cd/show.html.haml +++ b/app/views/groups/settings/ci_cd/show.html.haml @@ -5,13 +5,7 @@ %section.settings#ci-variables.no-animate{ class: ('expanded' if expanded) } .settings-header - %h4 - = _('Variables') - = link_to icon('question-circle'), help_page_path('ci/variables/README', anchor: 'variables'), target: '_blank', rel: 'noopener noreferrer' - %button.btn.btn-default.js-settings-toggle{ type: "button" } - = expanded ? _('Collapse') : _('Expand') - %p.append-bottom-0 - = render "ci/variables/content" + = render 'ci/variables/header', expanded: expanded .settings-content = render 'ci/variables/index', save_endpoint: group_variables_path diff --git a/app/views/projects/settings/ci_cd/show.html.haml b/app/views/projects/settings/ci_cd/show.html.haml index 98e2829ba43..6966bf96724 100644 --- a/app/views/projects/settings/ci_cd/show.html.haml +++ b/app/views/projects/settings/ci_cd/show.html.haml @@ -43,13 +43,7 @@ %section.qa-variables-settings.settings.no-animate{ class: ('expanded' if expanded) } .settings-header - %h4 - = _('Variables') - = link_to icon('question-circle'), help_page_path('ci/variables/README', anchor: 'variables'), target: '_blank', rel: 'noopener noreferrer' - %button.btn.js-settings-toggle{ type: 'button' } - = expanded ? _('Collapse') : _('Expand') - %p.append-bottom-0 - = render "ci/variables/content" + = render 'ci/variables/header', expanded: expanded .settings-content = render 'ci/variables/index', save_endpoint: project_variables_path(@project) |