mirror of
https://github.com/woodpecker-ci/woodpecker.git
synced 2024-11-26 11:51:02 +00:00
Add security hint to secrets configuration (#574)
`'Please be careful with this option as a bad actor can submit a malicious pull request that exposes your secrets.'`
This commit is contained in:
parent
581f0ecba9
commit
db2fbc699a
3 changed files with 28 additions and 2 deletions
|
@ -4,6 +4,7 @@
|
|||
:key="option.value"
|
||||
:model-value="innerValue.includes(option.value)"
|
||||
:label="option.text"
|
||||
:description="option.description"
|
||||
class="mb-2"
|
||||
@update:model-value="clickOption(option)"
|
||||
/>
|
||||
|
|
|
@ -12,6 +12,7 @@
|
|||
"
|
||||
>
|
||||
<input
|
||||
v-if="lines === 1"
|
||||
v-model="innerValue"
|
||||
class="
|
||||
w-full
|
||||
|
@ -24,6 +25,20 @@
|
|||
:type="type"
|
||||
:placeholder="placeholder"
|
||||
/>
|
||||
<textarea
|
||||
v-else
|
||||
v-model="innerValue"
|
||||
class="
|
||||
w-full
|
||||
bg-transparent
|
||||
text-gray-600
|
||||
placeholder-gray-400
|
||||
focus:outline-none focus:border-blue-400
|
||||
dark:placeholder-gray-600 dark:text-gray-500
|
||||
"
|
||||
:placeholder="placeholder"
|
||||
:rows="lines"
|
||||
/>
|
||||
</div>
|
||||
</template>
|
||||
|
||||
|
@ -50,6 +65,11 @@ export default defineComponent({
|
|||
type: String,
|
||||
default: 'text',
|
||||
},
|
||||
|
||||
lines: {
|
||||
type: Number,
|
||||
default: 1,
|
||||
},
|
||||
},
|
||||
|
||||
emits: {
|
||||
|
|
|
@ -47,7 +47,7 @@
|
|||
</InputField>
|
||||
|
||||
<InputField label="Value">
|
||||
<TextField v-model="selectedSecret.value" placeholder="Value" required />
|
||||
<TextField v-model="selectedSecret.value" placeholder="Value" :lines="5" required />
|
||||
</InputField>
|
||||
|
||||
<InputField label="Available at following events">
|
||||
|
@ -87,7 +87,12 @@ const emptySecret = {
|
|||
const secretEventsOptions: CheckboxOption[] = [
|
||||
{ value: WebhookEvents.Push, text: 'Push' },
|
||||
{ value: WebhookEvents.Tag, text: 'Tag' },
|
||||
{ value: WebhookEvents.PullRequest, text: 'Pull Request' },
|
||||
{
|
||||
value: WebhookEvents.PullRequest,
|
||||
text: 'Pull Request',
|
||||
description:
|
||||
'Please be careful with this option as a bad actor can submit a malicious pull request that exposes your secrets.',
|
||||
},
|
||||
{ value: WebhookEvents.Deploy, text: 'Deploy' },
|
||||
];
|
||||
|
||||
|
|
Loading…
Reference in a new issue