diff options
Diffstat (limited to 'app/models/group.rb')
-rw-r--r-- | app/models/group.rb | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/app/models/group.rb b/app/models/group.rb index 53da70f47e5..a395861fbb6 100644 --- a/app/models/group.rb +++ b/app/models/group.rb @@ -20,6 +20,13 @@ class Group < Namespace include ChronicDurationAttribute include RunnerTokenExpirationInterval + extend ::Gitlab::Utils::Override + + # Prefix for runners_token which can be used to invalidate existing tokens. + # The value chosen here is GR (for Gitlab Runner) combined with the rotation + # date (20220225) decimal to hex encoded. + RUNNERS_TOKEN_PREFIX = 'GR1348941' + def self.sti_name 'Group' end @@ -115,7 +122,9 @@ class Group < Namespace message: Gitlab::Regex.group_name_regex_message }, if: :name_changed? - add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required } + add_authentication_token_field :runners_token, + encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required }, + prefix: ->(instance) { instance.runners_token_prefix } after_create :post_create_hook after_destroy :post_destroy_hook @@ -669,6 +678,15 @@ class Group < Namespace ensure_runners_token! end + def runners_token_prefix + Feature.enabled?(:groups_runners_token_prefix, self, default_enabled: :yaml) ? RUNNERS_TOKEN_PREFIX : '' + end + + override :format_runners_token + def format_runners_token(token) + "#{runners_token_prefix}#{token}" + end + def project_creation_level super || ::Gitlab::CurrentSettings.default_project_creation end |