diff options
author | Jose <jivanvl@hotmail.com> | 2018-04-30 17:00:16 -0500 |
---|---|---|
committer | Jose <jivanvl@hotmail.com> | 2018-04-30 17:00:16 -0500 |
commit | d3327e0dfacd27d547ffdb3b7f4a1a76c76ae281 (patch) | |
tree | 82019118f22877ec9135d45620c9dcf8acd0579e /doc/ci/runners | |
parent | f48f40bf267fd0f35ba09fd3b8f30e17c0789327 (diff) | |
parent | 2f7b71df7619768220657ed47c7737f4c3e19e90 (diff) | |
download | gitlab-ce-d3327e0dfacd27d547ffdb3b7f4a1a76c76ae281.tar.gz |
Merge branch 'master' into 44059-specify-variables-when-executing-a-manual-pipeline-from-the-ui
Diffstat (limited to 'doc/ci/runners')
-rw-r--r-- | doc/ci/runners/README.md | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/doc/ci/runners/README.md b/doc/ci/runners/README.md index 60dc2ef9ac5..821413900fd 100644 --- a/doc/ci/runners/README.md +++ b/doc/ci/runners/README.md @@ -298,6 +298,28 @@ Mentioned briefly earlier, but the following things of Runners can be exploited. We're always looking for contributions that can mitigate these [Security Considerations](https://docs.gitlab.com/runner/security/). +### Resetting the registration token for a Project + +If you think that registration token for a Project was revealed, you should +reset them. It's recommended because such token can be used to register another +Runner to thi Project. It may be next used to obtain the values of secret +variables or clone the project code, that normally may be unavailable for the +attacker. + +To reset the token: + +1. Go to **Settings > CI/CD** for a specified Project +1. Expand the **General pipelines settings** section +1. Find the **Runner token** form field and click the **Reveal value** button +1. Delete the value and save the form +1. After the page is refreshed, expand the **Runners settings** section + and check the registration token - it should be changed + +From now on the old token is not valid anymore and will not allow to register +a new Runner to the project. If you are using any tools to provision and +register new Runners, you should now update the token that is used to the +new value. + ## Determining the IP address of a Runner > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/17286) in GitLab 10.6. |