diff options
| author | Ercan Ucan <ercan.ucan@siemens.com> | 2021-02-15 03:28:29 +0300 |
|---|---|---|
| committer | Jaime Martinez <jmartinez@gitlab.com> | 2021-02-15 03:28:29 +0300 |
| commit | b41995a13969b2926ad265bcc769f473e48166cb (patch) | |
| tree | 2d70d9c1c201a6e9a4bf73cbe06b9b9d792cd825 /internal/validateargs | |
| parent | 2eefcef73409cf7510d7ecacce76b299a8340a4c (diff) | |
fix(auth): make authentication scope for Pages configurable
This MR makes required authentication permission scope for
Pages configurable.
By default, Pages will use `api` scope to authenticate with
Pages Application registered on GitLab.
With this MR, the scope is configurable and can be set to `read_api`
by providing the `auth-scope` variable in the arguments or in
the `gitlab-pages.conf`
/label ~security
Changelog: added
Diffstat (limited to 'internal/validateargs')
| -rw-r--r-- | internal/validateargs/validateargs.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/internal/validateargs/validateargs.go b/internal/validateargs/validateargs.go index 3b75b69b..ff7484c8 100644 --- a/internal/validateargs/validateargs.go +++ b/internal/validateargs/validateargs.go @@ -11,7 +11,7 @@ const ( ) var deprecatedArgs = []string{"-sentry-dsn"} -var notAllowedArgs = []string{"-auth-client-id", "-auth-client-secret", "-auth-secret"} +var notAllowedArgs = []string{"-auth-client-id", "-auth-client-secret", "-auth-secret", "-auth-scope"} // Deprecated checks if deprecated params have been used func Deprecated(args []string) error { |