diff options
| author | Shinya Maeda <shinya@gitlab.com> | 2018-12-07 13:30:54 +0300 |
|---|---|---|
| committer | Shinya Maeda <shinya@gitlab.com> | 2018-12-07 13:30:54 +0300 |
| commit | 48d8a7d64cc55af2bd5012e584ba1e0c881106fd (patch) | |
| tree | fb24526199eb903e431db567da4b7657b48a3247 /doc | |
| parent | 4e87bc0c1e071a009cbf4b8e53cf278a0abb6365 (diff) | |
Small improvement for phrasing
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/ci/merge_request_pipelines/index.md | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/doc/ci/merge_request_pipelines/index.md b/doc/ci/merge_request_pipelines/index.md index 6697bf9480f..706e83abf44 100644 --- a/doc/ci/merge_request_pipelines/index.md +++ b/doc/ci/merge_request_pipelines/index.md @@ -75,10 +75,10 @@ because, technically, external contributors can disguise their pipeline results by tweaking their GitLab Runner in the forked project. There are multiple reasons about why GitLab doesn't allow those pipelines to be -created in the parent project, but one of the biggest reasons is security. +created in the parent project, but one of the biggest reasons is security concern. External users could steal secret variables from the parent project by modifying -.gitlab-ci.yml. +.gitlab-ci.yml, which could be some sort of credentials. This should not happen. -We're discussing a secure solution about how to run pipelines for merge requests +We're discussing a secure solution of running pipelines for merge requests that submitted from forked projects, see [the issue about the permission extension](https://gitlab.com/gitlab-org/gitlab-ce/issues/23902). |