config · 08dc8af7339828852ae8596aeea577f9551d399d · Forest Godfrey / gitlab-ce

Merge branch 'gitlab-workhorse-safeties' into 'master' · b7e6da5a

authored Sep 09, 2016

Security and safety improvements for gitlab-workhorse integration

Companion to https://gitlab.com/gitlab-org/gitlab-workhorse/merge_requests/60

- Use a custom content type when sending data to gitlab-workhorse
- Verify (using JWT and a shared secret on disk) that internal API requests came from gitlab-workhorse

This will allow us to build features in gitlab-workhorse that require
more trust, and protect us against programming mistakes in the future.

This is designed so that no action is required for installations from
source. For omnibus-gitlab we need to add code that manages the shared
secret.

See merge request !5907

b7e6da5a

Name	Last commit	Last update
..
environments		Loading commit data...
initializers		Loading commit data...
locales		Loading commit data...
application.rb		Loading commit data...
aws.yml.example		Loading commit data...
boot.rb		Loading commit data...
database.yml.env		Loading commit data...
database.yml.mysql		Loading commit data...
database.yml.postgresql		Loading commit data...
dependency_decisions.yml		Loading commit data...
environment.rb		Loading commit data...
gitlab.yml.example		Loading commit data...
license_finder.yml		Loading commit data...
mail_room.yml		Loading commit data...
newrelic.yml		Loading commit data...
resque.yml.example		Loading commit data...
routes.rb		Loading commit data...
secrets.yml.example		Loading commit data...
sidekiq.yml.example		Loading commit data...
unicorn.rb.example		Loading commit data...
unicorn.rb.example.development		Loading commit data...