diff --git a/config.sample.yml b/config.sample.yml index a7b68e3bf72b0cfb33c3be6b80e9e903cf7335f5..14ee27cdc2d669b2a325ba211fbad95ff7d4a3cc 100644 --- a/config.sample.yml +++ b/config.sample.yml @@ -1,5 +1,6 @@ --- issue_tag: RT +token: rt: server: https://rt.example.org/ user: gl-bridge diff --git a/gl-rt-bridge.rb b/gl-rt-bridge.rb index 3141a4081e7e49f2a0f64dc0644eb90cee55bfd0..a999e97070a27c8f544e43800d75f3abefe9aff1 100755 --- a/gl-rt-bridge.rb +++ b/gl-rt-bridge.rb @@ -16,6 +16,9 @@ rt = RT_Client.new(server: settings.rt[:server], cookies: settings.rt[:cookies]) post '/' do # rubocop:disable Metrics/BlockLength + if not settings.token.nil? + halt 403 unless request.env['HTTP_X_GITLAB_TOKEN'] == settings.token + end gitlab_event = request.env['HTTP_X_GITLAB_EVENT'] case gitlab_event when 'Push Hook'