Allow masking if 8 or more characters in base64
This should allow for private ssh-keys to remain private. Solves https://gitlab.com/gitlab-org/gitlab-ce/issues/60790.
This commit is contained in:
parent
e5aba4b153
commit
ff3486a92b
3 changed files with 4 additions and 3 deletions
|
@ -196,7 +196,7 @@ export default class VariableList {
|
|||
validateMaskability($row) {
|
||||
const invalidInputClass = 'gl-field-error-outline';
|
||||
|
||||
const maskableRegex = /^\w{8,}$/; // Eight or more alphanumeric characters plus underscores
|
||||
const maskableRegex = /^[a-zA-Z0-9_+=/-]{8,}$/; // Eight or more characters, from the Base64 alphabet (RFC4648)
|
||||
const variableValue = $row.find(this.inputMap.secret_value.selector).val();
|
||||
const isValueMaskable = maskableRegex.test(variableValue) || variableValue === '';
|
||||
const isMaskedChecked = $row.find(this.inputMap.masked.selector).val() === 'true';
|
||||
|
|
|
@ -7,9 +7,9 @@ module Maskable
|
|||
# * No escape characters
|
||||
# * No variables
|
||||
# * No spaces
|
||||
# * Minimal length of 8 characters
|
||||
# * Minimal length of 8 characters from the Base64 alphabets (RFC4648)
|
||||
# * Absolutely no fun is allowed
|
||||
REGEX = /\A\w{8,}\z/.freeze
|
||||
REGEX = /\A[a-zA-Z0-9_+=\/-]{8,}\z/.freeze
|
||||
|
||||
included do
|
||||
validates :masked, inclusion: { in: [true, false] }
|
||||
|
|
|
@ -95,6 +95,7 @@ though it must match certain requirements to do so:
|
|||
- The value must contain only letters, numbers, or underscores.
|
||||
- The value must be at least 8 characters long.
|
||||
- The value must not use variables.
|
||||
- The value must only consist of characters from the Base64 alphabet, defined in [RFC4648](https://tools.ietf.org/html/rfc4648).
|
||||
|
||||
If the value does not meet the requirements above, then the CI variable will fail to save.
|
||||
In order to save, either alter the value to meet the masking requirements
|
||||
|
|
Loading…
Reference in a new issue