diff options
author | Grzegorz Bizon <grzegorz@gitlab.com> | 2018-04-24 11:06:49 +0300 |
---|---|---|
committer | Grzegorz Bizon <grzegorz@gitlab.com> | 2018-04-24 11:06:49 +0300 |
commit | 92cb6d63543c75ec39570699ffbe958845472da9 (patch) | |
tree | 167eb079481ecec3d6d483145d23c8f27c4b96ba /app/models | |
parent | 8a726a0842f4a8e5b86d2a44c7c16219632f4249 (diff) | |
parent | 82d66ac96d03a4caf6d4c3c86c51009e2a4fe9fb (diff) |
Merge branch '44447-expose-deploy-token-to-ci-cd' into 'master'
Expose Deploy Token info as environment variables to CI/CD jobs
Closes #44447
See merge request gitlab-org/gitlab-ce!18414
Diffstat (limited to 'app/models')
-rw-r--r-- | app/models/ci/build.rb | 11 | ||||
-rw-r--r-- | app/models/deploy_token.rb | 5 | ||||
-rw-r--r-- | app/models/project.rb | 4 |
3 files changed, 20 insertions, 0 deletions
diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb index b0c02cdeec7..9000ad860e9 100644 --- a/app/models/ci/build.rb +++ b/app/models/ci/build.rb @@ -27,6 +27,7 @@ module Ci has_one :metadata, class_name: 'Ci::BuildMetadata' delegate :timeout, to: :metadata, prefix: true, allow_nil: true + delegate :gitlab_deploy_token, to: :project ## # The "environment" field for builds is a String, and is the unexpanded name! @@ -604,6 +605,7 @@ module Ci .append(key: 'CI_REGISTRY_USER', value: CI_REGISTRY_USER) .append(key: 'CI_REGISTRY_PASSWORD', value: token, public: false) .append(key: 'CI_REPOSITORY_URL', value: repo_url, public: false) + .concat(deploy_token_variables) end end @@ -654,6 +656,15 @@ module Ci end end + def deploy_token_variables + Gitlab::Ci::Variables::Collection.new.tap do |variables| + break variables unless gitlab_deploy_token + + variables.append(key: 'CI_DEPLOY_USER', value: gitlab_deploy_token.name) + variables.append(key: 'CI_DEPLOY_PASSWORD', value: gitlab_deploy_token.token, public: false) + end + end + def environment_url options&.dig(:environment, :url) || persisted_environment&.external_url end diff --git a/app/models/deploy_token.rb b/app/models/deploy_token.rb index 979e9232fda..5082dc45368 100644 --- a/app/models/deploy_token.rb +++ b/app/models/deploy_token.rb @@ -4,6 +4,7 @@ class DeployToken < ActiveRecord::Base add_authentication_token_field :token AVAILABLE_SCOPES = %i(read_repository read_registry).freeze + GITLAB_DEPLOY_TOKEN_NAME = 'gitlab-deploy-token'.freeze default_value_for(:expires_at) { Forever.date } @@ -17,6 +18,10 @@ class DeployToken < ActiveRecord::Base scope :active, -> { where("revoked = false AND expires_at >= NOW()") } + def self.gitlab_deploy_token + active.find_by(name: GITLAB_DEPLOY_TOKEN_NAME) + end + def revoke! update!(revoked: true) end diff --git a/app/models/project.rb b/app/models/project.rb index cec1e705aa8..c293b0b8cf4 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -1879,6 +1879,10 @@ class Project < ActiveRecord::Base [] end + def gitlab_deploy_token + @gitlab_deploy_token ||= deploy_tokens.gitlab_deploy_token + end + private def storage |