diff --git a/app/helpers/ci_variables_helper.rb b/app/helpers/ci_variables_helper.rb index 5bfdeb9e33c..e313015c937 100644 --- a/app/helpers/ci_variables_helper.rb +++ b/app/helpers/ci_variables_helper.rb @@ -17,7 +17,7 @@ module CiVariablesHelper if variable && !only_key_value variable.masked else - true + false end end diff --git a/app/views/ci/variables/_content.html.haml b/app/views/ci/variables/_content.html.haml index d07cbe4589c..0b5c1a806b2 100644 --- a/app/views/ci/variables/_content.html.haml +++ b/app/views/ci/variables/_content.html.haml @@ -1,3 +1,3 @@ -= _('Environment variables are applied to environments via the runner. They can be protected by only exposing them to protected branches or tags. Additionally, they will be masked by default so they are hidden in job logs, though they must match certain regexp requirements to do so. You can use environment variables for passwords, secret keys, or whatever you want.') += _('Environment variables are applied to environments via the runner. They can be protected by only exposing them to protected branches or tags. Additionally, they can be masked so they are hidden in job logs, though they must match certain regexp requirements to do so. You can use environment variables for passwords, secret keys, or whatever you want.') = _('You may also add variables that are made available to the running application by prepending the variable key with K8S_SECRET_.').html_safe = link_to _('More information'), help_page_path('ci/variables/README', anchor: 'variables') diff --git a/app/views/ci/variables/_variable_row.html.haml b/app/views/ci/variables/_variable_row.html.haml index ca2521e9bc6..ed4bd5ae19e 100644 --- a/app/views/ci/variables/_variable_row.html.haml +++ b/app/views/ci/variables/_variable_row.html.haml @@ -8,7 +8,7 @@ - value = variable&.value - is_protected_default = ci_variable_protected_by_default? - is_protected = ci_variable_protected?(variable, only_key_value) -- is_masked_default = true +- is_masked_default = false - is_masked = ci_variable_masked?(variable, only_key_value) - id_input_name = "#{form_field}[variables_attributes][][id]" diff --git a/changelogs/unreleased/11204-turn-off-mask-by-default.yml b/changelogs/unreleased/11204-turn-off-mask-by-default.yml new file mode 100644 index 00000000000..5c554e04d45 --- /dev/null +++ b/changelogs/unreleased/11204-turn-off-mask-by-default.yml @@ -0,0 +1,5 @@ +--- +title: Default masked to false for new variables +merge_request: 28186 +author: +type: changed diff --git a/doc/ci/variables/README.md b/doc/ci/variables/README.md index 43fc3a1ad47..c851931e85c 100644 --- a/doc/ci/variables/README.md +++ b/doc/ci/variables/README.md @@ -87,7 +87,7 @@ Variable types can be set via the [UI](#via-the-ui) or the [API](../../api/proje > [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/13784) in GitLab 11.10 -By default, variables will be created as masked variables. +Variables can be created as masked variables. This means that the value of the variable will be hidden in job logs, though it must match certain requirements to do so: diff --git a/locale/gitlab.pot b/locale/gitlab.pot index 6338441e141..39e18147311 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -3883,7 +3883,7 @@ msgstr "" msgid "Enter the merge request title" msgstr "" -msgid "Environment variables are applied to environments via the runner. They can be protected by only exposing them to protected branches or tags. Additionally, they will be masked by default so they are hidden in job logs, though they must match certain regexp requirements to do so. You can use environment variables for passwords, secret keys, or whatever you want." +msgid "Environment variables are applied to environments via the runner. They can be protected by only exposing them to protected branches or tags. Additionally, they can be masked so they are hidden in job logs, though they must match certain regexp requirements to do so. You can use environment variables for passwords, secret keys, or whatever you want." msgstr "" msgid "Environment variables are configured by your administrator to be %{link_start}protected%{link_end} by default" diff --git a/spec/support/features/variable_list_shared_examples.rb b/spec/support/features/variable_list_shared_examples.rb index 92a19dd22a2..01531864c1f 100644 --- a/spec/support/features/variable_list_shared_examples.rb +++ b/spec/support/features/variable_list_shared_examples.rb @@ -45,12 +45,12 @@ shared_examples 'variable list' do end end - it 'defaults to masked' do + it 'defaults to unmasked' do page.within('.js-ci-variable-list-section .js-row:last-child') do find('.js-ci-variable-input-key').set('key') find('.js-ci-variable-input-value').set('key_value') - expect(find('.js-ci-variable-input-masked', visible: false).value).to eq('true') + expect(find('.js-ci-variable-input-masked', visible: false).value).to eq('false') end click_button('Save variables') @@ -62,7 +62,7 @@ shared_examples 'variable list' do page.within('.js-ci-variable-list-section .js-row:nth-child(2)') do expect(find('.js-ci-variable-input-key').value).to eq('key') expect(find('.js-ci-variable-input-value', visible: false).value).to eq('key_value') - expect(find('.js-ci-variable-input-masked', visible: false).value).to eq('true') + expect(find('.js-ci-variable-input-masked', visible: false).value).to eq('false') end end @@ -234,6 +234,21 @@ shared_examples 'variable list' do end it 'edits variable to be unmasked' do + page.within('.js-ci-variable-list-section .js-row:last-child') do + find('.js-ci-variable-input-key').set('unmasked_key') + find('.js-ci-variable-input-value').set('unmasked_value') + expect(find('.js-ci-variable-input-masked', visible: false).value).to eq('false') + + find('.ci-variable-masked-item .js-project-feature-toggle').click + + expect(find('.js-ci-variable-input-masked', visible: false).value).to eq('true') + end + + click_button('Save variables') + wait_for_requests + + visit page_path + page.within('.js-ci-variable-list-section .js-row:nth-child(2)') do expect(find('.js-ci-variable-input-masked', visible: false).value).to eq('true') @@ -253,20 +268,9 @@ shared_examples 'variable list' do end it 'edits variable to be masked' do - page.within('.js-ci-variable-list-section .js-row:nth-child(2)') do - expect(find('.js-ci-variable-input-masked', visible: false).value).to eq('true') - - find('.ci-variable-masked-item .js-project-feature-toggle').click - - expect(find('.js-ci-variable-input-masked', visible: false).value).to eq('false') - end - - click_button('Save variables') - wait_for_requests - - visit page_path - - page.within('.js-ci-variable-list-section .js-row:nth-child(2)') do + page.within('.js-ci-variable-list-section .js-row:last-child') do + find('.js-ci-variable-input-key').set('masked_key') + find('.js-ci-variable-input-value').set('masked_value') expect(find('.js-ci-variable-input-masked', visible: false).value).to eq('false') find('.ci-variable-masked-item .js-project-feature-toggle').click @@ -348,10 +352,11 @@ shared_examples 'variable list' do end end - it 'shows validation error box about empty values' do + it 'shows validation error box about masking empty values' do page.within('.js-ci-variable-list-section .js-row:last-child') do find('.js-ci-variable-input-key').set('empty_value') find('.js-ci-variable-input-value').set('') + find('.ci-variable-masked-item .js-project-feature-toggle').click end click_button('Save variables') @@ -367,6 +372,7 @@ shared_examples 'variable list' do page.within('.js-ci-variable-list-section .js-row:last-child') do find('.js-ci-variable-input-key').set('unmaskable_value') find('.js-ci-variable-input-value').set('???') + find('.ci-variable-masked-item .js-project-feature-toggle').click end click_button('Save variables')