Add a prefix to deploy tokens
Prefixes Group & Project Deploy Tokens with `gldt-` following the guidance at https://docs.gitlab.com/ee/development/secure_coding_guidelines.html#token-prefixes. GitLab applies a prefix to some of its generated secrets. For example, a Personal Access Token begins with `glpat-`. This MR adds a prefix to Deploy Tokens. It also updates our frontend secret detection which helps prevent users from leaking tokens via Issue / MR comments. It applies to both Group & Project tokens: `GroupDeployToken` `has_one` `DeployToken`, and the latter is where the plaintext is generated. This change means both types of deploy keys will be prefixed `gldt-`. Resolves https://gitlab.com/gitlab-org/gitlab/-/issues/376752 Changelog: changed
显示
- .gitleaksignore 1 个添加, 0 个删除.gitleaksignore
- app/assets/javascripts/lib/utils/secret_detection.js 4 个添加, 0 个删除app/assets/javascripts/lib/utils/secret_detection.js
- app/models/deploy_token.rb 7 个添加, 2 个删除app/models/deploy_token.rb
- config/gitleaks.toml 1 个添加, 0 个删除config/gitleaks.toml
- doc/security/token_overview.md 1 个添加, 1 个删除doc/security/token_overview.md
- spec/frontend/lib/utils/secret_detection_spec.js 1 个添加, 0 个删除spec/frontend/lib/utils/secret_detection_spec.js
- spec/models/deploy_token_spec.rb 8 个添加, 0 个删除spec/models/deploy_token_spec.rb
- spec/requests/api/deploy_tokens_spec.rb 1 个添加, 0 个删除spec/requests/api/deploy_tokens_spec.rb
加载中
想要评论请 注册 或 登录