From 28a5f8c60a29445e147614767a8452b3141ef868 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= Date: Fri, 16 Mar 2018 16:54:36 +0100 Subject: Use secret_key and secret_value in Variables controller --- app/controllers/groups/variables_controller.rb | 9 +++++++-- app/controllers/projects/variables_controller.rb | 9 +++++++-- .../controllers/variables_shared_examples.rb | 16 ++++++++-------- 3 files changed, 22 insertions(+), 12 deletions(-) diff --git a/app/controllers/groups/variables_controller.rb b/app/controllers/groups/variables_controller.rb index cb8771bc97e..2794d5fe6ec 100644 --- a/app/controllers/groups/variables_controller.rb +++ b/app/controllers/groups/variables_controller.rb @@ -35,11 +35,16 @@ module Groups end def group_variables_params - params.permit(variables_attributes: [*variable_params_attributes]) + filtered_params = params.permit(variables_attributes: [*variable_params_attributes]) + filtered_params["variables_attributes"].each do |variable| + variable["key"] = variable.delete("secret_key") + variable["value"] = variable.delete("secret_value") + end + filtered_params end def variable_params_attributes - %i[id key value protected _destroy] + %i[id secret_key secret_value protected _destroy] end def authorize_admin_build! diff --git a/app/controllers/projects/variables_controller.rb b/app/controllers/projects/variables_controller.rb index 7eb509e2e64..3cbfe7b3cc1 100644 --- a/app/controllers/projects/variables_controller.rb +++ b/app/controllers/projects/variables_controller.rb @@ -32,10 +32,15 @@ class Projects::VariablesController < Projects::ApplicationController end def variables_params - params.permit(variables_attributes: [*variable_params_attributes]) + filtered_params = params.permit(variables_attributes: [*variable_params_attributes]) + filtered_params["variables_attributes"].each do |variable| + variable["key"] = variable.delete("secret_key") + variable["value"] = variable.delete("secret_value") + end + filtered_params end def variable_params_attributes - %i[id key value protected _destroy] + %i[id secret_key secret_value protected _destroy] end end diff --git a/spec/support/shared_examples/controllers/variables_shared_examples.rb b/spec/support/shared_examples/controllers/variables_shared_examples.rb index d7acf8c0032..7c7e345f715 100644 --- a/spec/support/shared_examples/controllers/variables_shared_examples.rb +++ b/spec/support/shared_examples/controllers/variables_shared_examples.rb @@ -15,21 +15,21 @@ end shared_examples 'PATCH #update updates variables' do let(:variable_attributes) do { id: variable.id, - key: variable.key, - value: variable.value, + secret_key: variable.key, + secret_value: variable.value, protected: variable.protected?.to_s } end let(:new_variable_attributes) do - { key: 'new_key', - value: 'dummy_value', + { secret_key: 'new_key', + secret_value: 'dummy_value', protected: 'false' } end context 'with invalid new variable parameters' do let(:variables_attributes) do [ - variable_attributes.merge(value: 'other_value'), - new_variable_attributes.merge(key: '...?') + variable_attributes.merge(secret_value: 'other_value'), + new_variable_attributes.merge(secret_key: '...?') ] end @@ -52,7 +52,7 @@ shared_examples 'PATCH #update updates variables' do let(:variables_attributes) do [ new_variable_attributes, - new_variable_attributes.merge(value: 'other_value') + new_variable_attributes.merge(secret_value: 'other_value') ] end @@ -74,7 +74,7 @@ shared_examples 'PATCH #update updates variables' do context 'with valid new variable parameters' do let(:variables_attributes) do [ - variable_attributes.merge(value: 'other_value'), + variable_attributes.merge(secret_value: 'other_value'), new_variable_attributes ] end -- cgit v1.2.1 From 763c82f0b304362be71ca82e551381609db19bf8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= Date: Fri, 16 Mar 2018 16:59:06 +0100 Subject: Use secret_key and secret_value in variable form field names --- app/views/ci/variables/_variable_row.html.haml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/views/ci/variables/_variable_row.html.haml b/app/views/ci/variables/_variable_row.html.haml index 15201780451..e72e48385da 100644 --- a/app/views/ci/variables/_variable_row.html.haml +++ b/app/views/ci/variables/_variable_row.html.haml @@ -9,8 +9,8 @@ - id_input_name = "#{form_field}[variables_attributes][][id]" - destroy_input_name = "#{form_field}[variables_attributes][][_destroy]" -- key_input_name = "#{form_field}[variables_attributes][][key]" -- value_input_name = "#{form_field}[variables_attributes][][value]" +- key_input_name = "#{form_field}[variables_attributes][][secret_key]" +- value_input_name = "#{form_field}[variables_attributes][][secret_value]" - protected_input_name = "#{form_field}[variables_attributes][][protected]" %li.js-row.ci-variable-row{ data: { is_persisted: "#{!id.nil?}" } } -- cgit v1.2.1 From 53915c5c54c06182717b457375ae771ee01558fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= Date: Sat, 17 Mar 2018 12:17:40 +0100 Subject: Alias secret_key and secret_value to key and value --- app/controllers/groups/variables_controller.rb | 7 +------ app/controllers/projects/variables_controller.rb | 7 +------ app/models/ci/group_variable.rb | 3 +++ app/models/ci/variable.rb | 3 +++ 4 files changed, 8 insertions(+), 12 deletions(-) diff --git a/app/controllers/groups/variables_controller.rb b/app/controllers/groups/variables_controller.rb index 2794d5fe6ec..91e394c8ce8 100644 --- a/app/controllers/groups/variables_controller.rb +++ b/app/controllers/groups/variables_controller.rb @@ -35,12 +35,7 @@ module Groups end def group_variables_params - filtered_params = params.permit(variables_attributes: [*variable_params_attributes]) - filtered_params["variables_attributes"].each do |variable| - variable["key"] = variable.delete("secret_key") - variable["value"] = variable.delete("secret_value") - end - filtered_params + params.permit(variables_attributes: [*variable_params_attributes]) end def variable_params_attributes diff --git a/app/controllers/projects/variables_controller.rb b/app/controllers/projects/variables_controller.rb index 3cbfe7b3cc1..ffe93522ca6 100644 --- a/app/controllers/projects/variables_controller.rb +++ b/app/controllers/projects/variables_controller.rb @@ -32,12 +32,7 @@ class Projects::VariablesController < Projects::ApplicationController end def variables_params - filtered_params = params.permit(variables_attributes: [*variable_params_attributes]) - filtered_params["variables_attributes"].each do |variable| - variable["key"] = variable.delete("secret_key") - variable["value"] = variable.delete("secret_value") - end - filtered_params + params.permit(variables_attributes: [*variable_params_attributes]) end def variable_params_attributes diff --git a/app/models/ci/group_variable.rb b/app/models/ci/group_variable.rb index 1dd0e050ba9..65399557289 100644 --- a/app/models/ci/group_variable.rb +++ b/app/models/ci/group_variable.rb @@ -6,6 +6,9 @@ module Ci belongs_to :group + alias_attribute :secret_key, :key + alias_attribute :secret_value, :value + validates :key, uniqueness: { scope: :group_id, message: "(%{value}) has already been taken" diff --git a/app/models/ci/variable.rb b/app/models/ci/variable.rb index 7c71291de84..bcad55f115f 100644 --- a/app/models/ci/variable.rb +++ b/app/models/ci/variable.rb @@ -6,6 +6,9 @@ module Ci belongs_to :project + alias_attribute :secret_key, :key + alias_attribute :secret_value, :value + validates :key, uniqueness: { scope: [:project_id, :environment_scope], message: "(%{value}) has already been taken" -- cgit v1.2.1 From 2b4e5c938b5678592ecbbabe6dcbca0731a51fa9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= Date: Sat, 17 Mar 2018 12:37:48 +0100 Subject: Use secret_key and secret_value in CI variable frontend --- app/assets/javascripts/ci_variable_list/ci_variable_list.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/app/assets/javascripts/ci_variable_list/ci_variable_list.js b/app/assets/javascripts/ci_variable_list/ci_variable_list.js index 745f3404295..c0bfe615478 100644 --- a/app/assets/javascripts/ci_variable_list/ci_variable_list.js +++ b/app/assets/javascripts/ci_variable_list/ci_variable_list.js @@ -29,11 +29,11 @@ export default class VariableList { selector: '.js-ci-variable-input-id', default: '', }, - key: { + secret_key: { selector: '.js-ci-variable-input-key', default: '', }, - value: { + secret_value: { selector: '.js-ci-variable-input-value', default: '', }, @@ -105,7 +105,7 @@ export default class VariableList { setupToggleButtons($row[0]); // Reset the resizable textarea - $row.find(this.inputMap.value.selector).css('height', ''); + $row.find(this.inputMap.secret_value.selector).css('height', ''); const $environmentSelect = $row.find('.js-variable-environment-toggle'); if ($environmentSelect.length) { @@ -174,7 +174,7 @@ export default class VariableList { } toggleEnableRow(isEnabled = true) { - this.$container.find(this.inputMap.key.selector).attr('disabled', !isEnabled); + this.$container.find(this.inputMap.secret_key.selector).attr('disabled', !isEnabled); this.$container.find('.js-row-remove-button').attr('disabled', !isEnabled); } -- cgit v1.2.1 From ddeefbdd24119fff5bb3c770f9a285f28ca31914 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= Date: Sat, 17 Mar 2018 12:40:57 +0100 Subject: Filter secret CI variable values from logs --- config/application.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config/application.rb b/config/application.rb index 0ff95e33a9c..c14f875611c 100644 --- a/config/application.rb +++ b/config/application.rb @@ -70,6 +70,7 @@ module Gitlab # - Webhook URLs (:hook) # - Sentry DSN (:sentry_dsn) # - Deploy keys (:key) + # - Secret variable values (:secret_value) config.filter_parameters += [/token$/, /password/, /secret/] config.filter_parameters += %i( certificate @@ -81,6 +82,7 @@ module Gitlab sentry_dsn trace variables + secret_value ) # Enable escaping HTML in JSON. -- cgit v1.2.1 From 30d685b59c716fffbff4ddfbd27530f861a5f0c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= Date: Sat, 17 Mar 2018 16:12:13 +0100 Subject: Add CHANGELOG --- ...andling-sensitive-information-should-use-a-more-specific-name.yml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 changelogs/unreleased/43316-controller-parameters-handling-sensitive-information-should-use-a-more-specific-name.yml diff --git a/changelogs/unreleased/43316-controller-parameters-handling-sensitive-information-should-use-a-more-specific-name.yml b/changelogs/unreleased/43316-controller-parameters-handling-sensitive-information-should-use-a-more-specific-name.yml new file mode 100644 index 00000000000..de1cee6e436 --- /dev/null +++ b/changelogs/unreleased/43316-controller-parameters-handling-sensitive-information-should-use-a-more-specific-name.yml @@ -0,0 +1,5 @@ +--- +title: Use specific names for filtered CI variable controller parameters +merge_request: 17796 +author: +type: other -- cgit v1.2.1 From 68c6e410bd02207b621f9339edf3fc53d0bde7e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= Date: Sat, 17 Mar 2018 16:18:36 +0100 Subject: Use secret_key and secret_value in Pipeline Schedule variables --- .../projects/pipeline_schedules_controller.rb | 2 +- app/models/ci/pipeline_schedule_variable.rb | 3 +++ .../projects/pipeline_schedules_controller_spec.rb | 18 ++++++++++-------- spec/features/projects/pipeline_schedules_spec.rb | 8 ++++---- 4 files changed, 18 insertions(+), 13 deletions(-) diff --git a/app/controllers/projects/pipeline_schedules_controller.rb b/app/controllers/projects/pipeline_schedules_controller.rb index b478e7b5e05..6c087dfb71e 100644 --- a/app/controllers/projects/pipeline_schedules_controller.rb +++ b/app/controllers/projects/pipeline_schedules_controller.rb @@ -92,7 +92,7 @@ class Projects::PipelineSchedulesController < Projects::ApplicationController def schedule_params params.require(:schedule) .permit(:description, :cron, :cron_timezone, :ref, :active, - variables_attributes: [:id, :key, :value, :_destroy] ) + variables_attributes: [:id, :secret_key, :secret_value, :_destroy] ) end def authorize_play_pipeline_schedule! diff --git a/app/models/ci/pipeline_schedule_variable.rb b/app/models/ci/pipeline_schedule_variable.rb index af989fb14b4..2e30612a88e 100644 --- a/app/models/ci/pipeline_schedule_variable.rb +++ b/app/models/ci/pipeline_schedule_variable.rb @@ -5,6 +5,9 @@ module Ci belongs_to :pipeline_schedule + alias_attribute :secret_key, :key + alias_attribute :secret_value, :value + validates :key, uniqueness: { scope: :pipeline_schedule_id } end end diff --git a/spec/controllers/projects/pipeline_schedules_controller_spec.rb b/spec/controllers/projects/pipeline_schedules_controller_spec.rb index 966ffdf6996..11d0c41fe76 100644 --- a/spec/controllers/projects/pipeline_schedules_controller_spec.rb +++ b/spec/controllers/projects/pipeline_schedules_controller_spec.rb @@ -80,7 +80,7 @@ describe Projects::PipelineSchedulesController do context 'when variables_attributes has one variable' do let(:schedule) do basic_param.merge({ - variables_attributes: [{ key: 'AAA', value: 'AAA123' }] + variables_attributes: [{ secret_key: 'AAA', secret_value: 'AAA123' }] }) end @@ -101,7 +101,8 @@ describe Projects::PipelineSchedulesController do context 'when variables_attributes has two variables and duplicated' do let(:schedule) do basic_param.merge({ - variables_attributes: [{ key: 'AAA', value: 'AAA123' }, { key: 'AAA', value: 'BBB123' }] + variables_attributes: [{ secret_key: 'AAA', secret_value: 'AAA123' }, + { secret_key: 'AAA', secret_value: 'BBB123' }] }) end @@ -152,7 +153,7 @@ describe Projects::PipelineSchedulesController do context 'when params include one variable' do let(:schedule) do basic_param.merge({ - variables_attributes: [{ key: 'AAA', value: 'AAA123' }] + variables_attributes: [{ secret_key: 'AAA', secret_value: 'AAA123' }] }) end @@ -169,7 +170,8 @@ describe Projects::PipelineSchedulesController do context 'when params include two duplicated variables' do let(:schedule) do basic_param.merge({ - variables_attributes: [{ key: 'AAA', value: 'AAA123' }, { key: 'AAA', value: 'BBB123' }] + variables_attributes: [{ secret_key: 'AAA', secret_value: 'AAA123' }, + { secret_key: 'AAA', secret_value: 'BBB123' }] }) end @@ -194,7 +196,7 @@ describe Projects::PipelineSchedulesController do context 'when adds a new variable' do let(:schedule) do basic_param.merge({ - variables_attributes: [{ key: 'AAA', value: 'AAA123' }] + variables_attributes: [{ secret_key: 'AAA', secret_value: 'AAA123' }] }) end @@ -209,7 +211,7 @@ describe Projects::PipelineSchedulesController do context 'when adds a new duplicated variable' do let(:schedule) do basic_param.merge({ - variables_attributes: [{ key: 'CCC', value: 'AAA123' }] + variables_attributes: [{ secret_key: 'CCC', secret_value: 'AAA123' }] }) end @@ -224,7 +226,7 @@ describe Projects::PipelineSchedulesController do context 'when updates a variable' do let(:schedule) do basic_param.merge({ - variables_attributes: [{ id: pipeline_schedule_variable.id, value: 'new_value' }] + variables_attributes: [{ id: pipeline_schedule_variable.id, secret_value: 'new_value' }] }) end @@ -252,7 +254,7 @@ describe Projects::PipelineSchedulesController do let(:schedule) do basic_param.merge({ variables_attributes: [{ id: pipeline_schedule_variable.id, _destroy: true }, - { key: 'CCC', value: 'CCC123' }] + { secret_key: 'CCC', secret_value: 'CCC123' }] }) end diff --git a/spec/features/projects/pipeline_schedules_spec.rb b/spec/features/projects/pipeline_schedules_spec.rb index 65e24862d43..0c9aa2d1497 100644 --- a/spec/features/projects/pipeline_schedules_spec.rb +++ b/spec/features/projects/pipeline_schedules_spec.rb @@ -159,10 +159,10 @@ feature 'Pipeline Schedules', :js do visit_pipelines_schedules click_link 'New schedule' fill_in_schedule_form - all('[name="schedule[variables_attributes][][key]"]')[0].set('AAA') - all('[name="schedule[variables_attributes][][value]"]')[0].set('AAA123') - all('[name="schedule[variables_attributes][][key]"]')[1].set('BBB') - all('[name="schedule[variables_attributes][][value]"]')[1].set('BBB123') + all('[name="schedule[variables_attributes][][secret_key]"]')[0].set('AAA') + all('[name="schedule[variables_attributes][][secret_value]"]')[0].set('AAA123') + all('[name="schedule[variables_attributes][][secret_key]"]')[1].set('BBB') + all('[name="schedule[variables_attributes][][secret_value]"]')[1].set('BBB123') save_pipeline_schedule end -- cgit v1.2.1 From 67fc0a2b92f49250b14562a04539b775f0d55cc4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= Date: Sat, 17 Mar 2018 18:33:03 +0100 Subject: Check for secret_key and secret_value in CI Variable native list js spec --- spec/javascripts/ci_variable_list/native_form_variable_list_spec.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/javascripts/ci_variable_list/native_form_variable_list_spec.js b/spec/javascripts/ci_variable_list/native_form_variable_list_spec.js index 1ea8d86cb7e..d3bcbdd92c1 100644 --- a/spec/javascripts/ci_variable_list/native_form_variable_list_spec.js +++ b/spec/javascripts/ci_variable_list/native_form_variable_list_spec.js @@ -19,8 +19,8 @@ describe('NativeFormVariableList', () => { describe('onFormSubmit', () => { it('should clear out the `name` attribute on the inputs for the last empty row on form submission (avoid BE validation)', () => { const $row = $wrapper.find('.js-row'); - expect($row.find('.js-ci-variable-input-key').attr('name')).toBe('schedule[variables_attributes][][key]'); - expect($row.find('.js-ci-variable-input-value').attr('name')).toBe('schedule[variables_attributes][][value]'); + expect($row.find('.js-ci-variable-input-key').attr('name')).toBe('schedule[variables_attributes][][secret_key]'); + expect($row.find('.js-ci-variable-input-value').attr('name')).toBe('schedule[variables_attributes][][secret_value]'); $wrapper.closest('form').trigger('trigger-submit'); -- cgit v1.2.1 From ca3b2991a5b740c7b780e997fc1c2ef0ddf62840 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= Date: Mon, 19 Mar 2018 23:45:50 +0100 Subject: Revert "Filter secret CI variable values from logs" This reverts commit ddeefbdd24119fff5bb3c770f9a285f28ca31914. --- config/application.rb | 2 -- 1 file changed, 2 deletions(-) diff --git a/config/application.rb b/config/application.rb index c14f875611c..0ff95e33a9c 100644 --- a/config/application.rb +++ b/config/application.rb @@ -70,7 +70,6 @@ module Gitlab # - Webhook URLs (:hook) # - Sentry DSN (:sentry_dsn) # - Deploy keys (:key) - # - Secret variable values (:secret_value) config.filter_parameters += [/token$/, /password/, /secret/] config.filter_parameters += %i( certificate @@ -82,7 +81,6 @@ module Gitlab sentry_dsn trace variables - secret_value ) # Enable escaping HTML in JSON. -- cgit v1.2.1 From 05103f080cf0e40b8fe5e1774b8dd1f8084105e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matija=20=C4=8Cupi=C4=87?= Date: Thu, 22 Mar 2018 12:08:16 +0100 Subject: Make Variable key not secret --- .../javascripts/ci_variable_list/ci_variable_list.js | 4 ++-- app/controllers/groups/variables_controller.rb | 2 +- .../projects/pipeline_schedules_controller.rb | 2 +- app/controllers/projects/variables_controller.rb | 2 +- app/models/ci/group_variable.rb | 1 - app/models/ci/pipeline_schedule_variable.rb | 1 - app/models/ci/variable.rb | 1 - app/views/ci/variables/_variable_row.html.haml | 2 +- .../projects/pipeline_schedules_controller_spec.rb | 18 +++++++++--------- spec/features/projects/pipeline_schedules_spec.rb | 4 ++-- .../ci_variable_list/native_form_variable_list_spec.js | 2 +- .../controllers/variables_shared_examples.rb | 6 +++--- 12 files changed, 21 insertions(+), 24 deletions(-) diff --git a/app/assets/javascripts/ci_variable_list/ci_variable_list.js b/app/assets/javascripts/ci_variable_list/ci_variable_list.js index c0bfe615478..e177a3bfdc7 100644 --- a/app/assets/javascripts/ci_variable_list/ci_variable_list.js +++ b/app/assets/javascripts/ci_variable_list/ci_variable_list.js @@ -29,7 +29,7 @@ export default class VariableList { selector: '.js-ci-variable-input-id', default: '', }, - secret_key: { + key: { selector: '.js-ci-variable-input-key', default: '', }, @@ -174,7 +174,7 @@ export default class VariableList { } toggleEnableRow(isEnabled = true) { - this.$container.find(this.inputMap.secret_key.selector).attr('disabled', !isEnabled); + this.$container.find(this.inputMap.key.selector).attr('disabled', !isEnabled); this.$container.find('.js-row-remove-button').attr('disabled', !isEnabled); } diff --git a/app/controllers/groups/variables_controller.rb b/app/controllers/groups/variables_controller.rb index 91e394c8ce8..6142e75b4c1 100644 --- a/app/controllers/groups/variables_controller.rb +++ b/app/controllers/groups/variables_controller.rb @@ -39,7 +39,7 @@ module Groups end def variable_params_attributes - %i[id secret_key secret_value protected _destroy] + %i[id key secret_value protected _destroy] end def authorize_admin_build! diff --git a/app/controllers/projects/pipeline_schedules_controller.rb b/app/controllers/projects/pipeline_schedules_controller.rb index 6c087dfb71e..fa258f3d9af 100644 --- a/app/controllers/projects/pipeline_schedules_controller.rb +++ b/app/controllers/projects/pipeline_schedules_controller.rb @@ -92,7 +92,7 @@ class Projects::PipelineSchedulesController < Projects::ApplicationController def schedule_params params.require(:schedule) .permit(:description, :cron, :cron_timezone, :ref, :active, - variables_attributes: [:id, :secret_key, :secret_value, :_destroy] ) + variables_attributes: [:id, :key, :secret_value, :_destroy] ) end def authorize_play_pipeline_schedule! diff --git a/app/controllers/projects/variables_controller.rb b/app/controllers/projects/variables_controller.rb index ffe93522ca6..517d0b026c2 100644 --- a/app/controllers/projects/variables_controller.rb +++ b/app/controllers/projects/variables_controller.rb @@ -36,6 +36,6 @@ class Projects::VariablesController < Projects::ApplicationController end def variable_params_attributes - %i[id secret_key secret_value protected _destroy] + %i[id key secret_value protected _destroy] end end diff --git a/app/models/ci/group_variable.rb b/app/models/ci/group_variable.rb index 65399557289..62d768cc6cf 100644 --- a/app/models/ci/group_variable.rb +++ b/app/models/ci/group_variable.rb @@ -6,7 +6,6 @@ module Ci belongs_to :group - alias_attribute :secret_key, :key alias_attribute :secret_value, :value validates :key, uniqueness: { diff --git a/app/models/ci/pipeline_schedule_variable.rb b/app/models/ci/pipeline_schedule_variable.rb index 2e30612a88e..03df4e3e638 100644 --- a/app/models/ci/pipeline_schedule_variable.rb +++ b/app/models/ci/pipeline_schedule_variable.rb @@ -5,7 +5,6 @@ module Ci belongs_to :pipeline_schedule - alias_attribute :secret_key, :key alias_attribute :secret_value, :value validates :key, uniqueness: { scope: :pipeline_schedule_id } diff --git a/app/models/ci/variable.rb b/app/models/ci/variable.rb index bcad55f115f..452cb910bca 100644 --- a/app/models/ci/variable.rb +++ b/app/models/ci/variable.rb @@ -6,7 +6,6 @@ module Ci belongs_to :project - alias_attribute :secret_key, :key alias_attribute :secret_value, :value validates :key, uniqueness: { diff --git a/app/views/ci/variables/_variable_row.html.haml b/app/views/ci/variables/_variable_row.html.haml index e72e48385da..5d4229c80af 100644 --- a/app/views/ci/variables/_variable_row.html.haml +++ b/app/views/ci/variables/_variable_row.html.haml @@ -9,7 +9,7 @@ - id_input_name = "#{form_field}[variables_attributes][][id]" - destroy_input_name = "#{form_field}[variables_attributes][][_destroy]" -- key_input_name = "#{form_field}[variables_attributes][][secret_key]" +- key_input_name = "#{form_field}[variables_attributes][][key]" - value_input_name = "#{form_field}[variables_attributes][][secret_value]" - protected_input_name = "#{form_field}[variables_attributes][][protected]" diff --git a/spec/controllers/projects/pipeline_schedules_controller_spec.rb b/spec/controllers/projects/pipeline_schedules_controller_spec.rb index 11d0c41fe76..3506305f755 100644 --- a/spec/controllers/projects/pipeline_schedules_controller_spec.rb +++ b/spec/controllers/projects/pipeline_schedules_controller_spec.rb @@ -80,7 +80,7 @@ describe Projects::PipelineSchedulesController do context 'when variables_attributes has one variable' do let(:schedule) do basic_param.merge({ - variables_attributes: [{ secret_key: 'AAA', secret_value: 'AAA123' }] + variables_attributes: [{ key: 'AAA', secret_value: 'AAA123' }] }) end @@ -101,8 +101,8 @@ describe Projects::PipelineSchedulesController do context 'when variables_attributes has two variables and duplicated' do let(:schedule) do basic_param.merge({ - variables_attributes: [{ secret_key: 'AAA', secret_value: 'AAA123' }, - { secret_key: 'AAA', secret_value: 'BBB123' }] + variables_attributes: [{ key: 'AAA', secret_value: 'AAA123' }, + { key: 'AAA', secret_value: 'BBB123' }] }) end @@ -153,7 +153,7 @@ describe Projects::PipelineSchedulesController do context 'when params include one variable' do let(:schedule) do basic_param.merge({ - variables_attributes: [{ secret_key: 'AAA', secret_value: 'AAA123' }] + variables_attributes: [{ key: 'AAA', secret_value: 'AAA123' }] }) end @@ -170,8 +170,8 @@ describe Projects::PipelineSchedulesController do context 'when params include two duplicated variables' do let(:schedule) do basic_param.merge({ - variables_attributes: [{ secret_key: 'AAA', secret_value: 'AAA123' }, - { secret_key: 'AAA', secret_value: 'BBB123' }] + variables_attributes: [{ key: 'AAA', secret_value: 'AAA123' }, + { key: 'AAA', secret_value: 'BBB123' }] }) end @@ -196,7 +196,7 @@ describe Projects::PipelineSchedulesController do context 'when adds a new variable' do let(:schedule) do basic_param.merge({ - variables_attributes: [{ secret_key: 'AAA', secret_value: 'AAA123' }] + variables_attributes: [{ key: 'AAA', secret_value: 'AAA123' }] }) end @@ -211,7 +211,7 @@ describe Projects::PipelineSchedulesController do context 'when adds a new duplicated variable' do let(:schedule) do basic_param.merge({ - variables_attributes: [{ secret_key: 'CCC', secret_value: 'AAA123' }] + variables_attributes: [{ key: 'CCC', secret_value: 'AAA123' }] }) end @@ -254,7 +254,7 @@ describe Projects::PipelineSchedulesController do let(:schedule) do basic_param.merge({ variables_attributes: [{ id: pipeline_schedule_variable.id, _destroy: true }, - { secret_key: 'CCC', secret_value: 'CCC123' }] + { key: 'CCC', secret_value: 'CCC123' }] }) end diff --git a/spec/features/projects/pipeline_schedules_spec.rb b/spec/features/projects/pipeline_schedules_spec.rb index 0c9aa2d1497..065d00d51d4 100644 --- a/spec/features/projects/pipeline_schedules_spec.rb +++ b/spec/features/projects/pipeline_schedules_spec.rb @@ -159,9 +159,9 @@ feature 'Pipeline Schedules', :js do visit_pipelines_schedules click_link 'New schedule' fill_in_schedule_form - all('[name="schedule[variables_attributes][][secret_key]"]')[0].set('AAA') + all('[name="schedule[variables_attributes][][key]"]')[0].set('AAA') all('[name="schedule[variables_attributes][][secret_value]"]')[0].set('AAA123') - all('[name="schedule[variables_attributes][][secret_key]"]')[1].set('BBB') + all('[name="schedule[variables_attributes][][key]"]')[1].set('BBB') all('[name="schedule[variables_attributes][][secret_value]"]')[1].set('BBB123') save_pipeline_schedule end diff --git a/spec/javascripts/ci_variable_list/native_form_variable_list_spec.js b/spec/javascripts/ci_variable_list/native_form_variable_list_spec.js index d3bcbdd92c1..94a0c999d66 100644 --- a/spec/javascripts/ci_variable_list/native_form_variable_list_spec.js +++ b/spec/javascripts/ci_variable_list/native_form_variable_list_spec.js @@ -19,7 +19,7 @@ describe('NativeFormVariableList', () => { describe('onFormSubmit', () => { it('should clear out the `name` attribute on the inputs for the last empty row on form submission (avoid BE validation)', () => { const $row = $wrapper.find('.js-row'); - expect($row.find('.js-ci-variable-input-key').attr('name')).toBe('schedule[variables_attributes][][secret_key]'); + expect($row.find('.js-ci-variable-input-key').attr('name')).toBe('schedule[variables_attributes][][key]'); expect($row.find('.js-ci-variable-input-value').attr('name')).toBe('schedule[variables_attributes][][secret_value]'); $wrapper.closest('form').trigger('trigger-submit'); diff --git a/spec/support/shared_examples/controllers/variables_shared_examples.rb b/spec/support/shared_examples/controllers/variables_shared_examples.rb index 7c7e345f715..b615a8f54cf 100644 --- a/spec/support/shared_examples/controllers/variables_shared_examples.rb +++ b/spec/support/shared_examples/controllers/variables_shared_examples.rb @@ -15,12 +15,12 @@ end shared_examples 'PATCH #update updates variables' do let(:variable_attributes) do { id: variable.id, - secret_key: variable.key, + key: variable.key, secret_value: variable.value, protected: variable.protected?.to_s } end let(:new_variable_attributes) do - { secret_key: 'new_key', + { key: 'new_key', secret_value: 'dummy_value', protected: 'false' } end @@ -29,7 +29,7 @@ shared_examples 'PATCH #update updates variables' do let(:variables_attributes) do [ variable_attributes.merge(secret_value: 'other_value'), - new_variable_attributes.merge(secret_key: '...?') + new_variable_attributes.merge(key: '...?') ] end -- cgit v1.2.1