Fix the CI login to Container Registry (the gitlab-ci-token user)
This commit is contained in:
parent
b4c47368bf
commit
646018a40e
|
@ -32,6 +32,7 @@ v 8.8.0 (unreleased)
|
|||
- Bump mail_room to 0.7.0 to fix stuck IDLE connections
|
||||
- Remove future dates from contribution calendar graph.
|
||||
- Support e-mail notifications for comments on project snippets
|
||||
- Fix the CI login to Container Registry (the gitlab-ci-token user)
|
||||
- Fix API leak of notes of unauthorized issues, snippets and merge requests
|
||||
- Use ActionDispatch Remote IP for Akismet checking
|
||||
- Fix error when visiting commit builds page before build was updated
|
||||
|
|
|
@ -36,7 +36,7 @@ class JwtController < ApplicationController
|
|||
end
|
||||
|
||||
def authenticate_project(login, password)
|
||||
if login == 'gitlab_ci_token'
|
||||
if login == 'gitlab-ci-token'
|
||||
Project.find_by(builds_enabled: true, runners_token: password)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -6,7 +6,7 @@ module Auth
|
|||
return error('not found', 404) unless registry.enabled
|
||||
|
||||
if params[:offline_token]
|
||||
return error('unauthorized', 401) unless current_user
|
||||
return error('unauthorized', 401) unless current_user || project
|
||||
else
|
||||
return error('forbidden', 403) unless scope
|
||||
end
|
||||
|
|
|
@ -23,7 +23,7 @@ describe JwtController do
|
|||
context 'when using authorized request' do
|
||||
context 'using CI token' do
|
||||
let(:project) { create(:empty_project, runners_token: 'token', builds_enabled: builds_enabled) }
|
||||
let(:headers) { { authorization: credentials('gitlab_ci_token', project.runners_token) } }
|
||||
let(:headers) { { authorization: credentials('gitlab-ci-token', project.runners_token) } }
|
||||
|
||||
subject! { get '/jwt/auth', parameters, headers }
|
||||
|
||||
|
|
|
@ -127,12 +127,12 @@ describe Auth::ContainerRegistryAuthenticationService, services: true do
|
|||
context 'project authorization' do
|
||||
let(:current_project) { create(:empty_project) }
|
||||
|
||||
context 'disallow to use offline_token' do
|
||||
context 'allow to use offline_token' do
|
||||
let(:current_params) do
|
||||
{ offline_token: true }
|
||||
end
|
||||
|
||||
it_behaves_like 'an unauthorized'
|
||||
it_behaves_like 'an authenticated'
|
||||
end
|
||||
|
||||
context 'allow to pull and push images' do
|
||||
|
|
Loading…
Reference in New Issue