diff options
| author | Sean McGivern <sean@gitlab.com> | 2019-04-04 15:00:56 +0000 |
|---|---|---|
| committer | Sean McGivern <sean@gitlab.com> | 2019-04-04 15:00:56 +0000 |
| commit | 7dcc3003119666c75a35c27d73ffb297c696fcc8 (patch) | |
| tree | 54b714d8a8f18f6e6f0f8f5da56fae5203f002e8 /lib/gitlab/ci | |
| parent | 7926384ff32b9ad8833dcfffc9bb87d036c4bd21 (diff) | |
| parent | 8a833c720e91c7b4d764e85c30e3be18ee5221fd (diff) | |
| download | gitlab-ce-7dcc3003119666c75a35c27d73ffb297c696fcc8.tar.gz | |
Merge branch 'allow-to-use-untrusted-ruby-syntax' into 'master'
Allow to use untrusted ruby syntax
See merge request gitlab-org/gitlab-ce!26905
Diffstat (limited to 'lib/gitlab/ci')
| -rw-r--r-- | lib/gitlab/ci/build/policy/refs.rb | 2 | ||||
| -rw-r--r-- | lib/gitlab/ci/config/entry/policy.rb | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/lib/gitlab/ci/build/policy/refs.rb b/lib/gitlab/ci/build/policy/refs.rb index 360424bec11..c3005303fd8 100644 --- a/lib/gitlab/ci/build/policy/refs.rb +++ b/lib/gitlab/ci/build/policy/refs.rb @@ -35,7 +35,7 @@ module Gitlab # patterns can be matched only when branch or tag is used # the pattern matching does not work for merge requests pipelines if pipeline.branch? || pipeline.tag? - if regexp = Gitlab::UntrustedRegexp::RubySyntax.fabricate(pattern) + if regexp = Gitlab::UntrustedRegexp::RubySyntax.fabricate(pattern, fallback: true) regexp.match?(pipeline.ref) else pattern == pipeline.ref diff --git a/lib/gitlab/ci/config/entry/policy.rb b/lib/gitlab/ci/config/entry/policy.rb index adc3660d950..7b14218d3ea 100644 --- a/lib/gitlab/ci/config/entry/policy.rb +++ b/lib/gitlab/ci/config/entry/policy.rb @@ -17,7 +17,7 @@ module Gitlab include ::Gitlab::Config::Entry::Validatable validations do - validates :config, array_of_strings_or_regexps: true + validates :config, array_of_strings_or_regexps_with_fallback: true end def value @@ -38,7 +38,7 @@ module Gitlab validate :variables_expressions_syntax with_options allow_nil: true do - validates :refs, array_of_strings_or_regexps: true + validates :refs, array_of_strings_or_regexps_with_fallback: true validates :kubernetes, allowed_values: %w[active] validates :variables, array_of_strings: true validates :changes, array_of_strings: true |