From 6f316c09b04b8acfc58a2d6dca9d54cfafdd32e1 Mon Sep 17 00:00:00 2001 From: Thomas Schneider <thomas@fsmpi.rwth-aachen.de> Date: Mon, 2 Dec 2019 22:40:24 +0100 Subject: [PATCH] Check for GitLab token --- config.sample.yml | 1 + gl-rt-bridge.rb | 3 +++ 2 files changed, 4 insertions(+) diff --git a/config.sample.yml b/config.sample.yml index a7b68e3..14ee27c 100644 --- a/config.sample.yml +++ b/config.sample.yml @@ -1,5 +1,6 @@ --- issue_tag: RT +token: rt: server: https://rt.example.org/ user: gl-bridge diff --git a/gl-rt-bridge.rb b/gl-rt-bridge.rb index 3141a40..a999e97 100755 --- a/gl-rt-bridge.rb +++ b/gl-rt-bridge.rb @@ -16,6 +16,9 @@ rt = RT_Client.new(server: settings.rt[:server], cookies: settings.rt[:cookies]) post '/' do # rubocop:disable Metrics/BlockLength + if not settings.token.nil? + halt 403 unless request.env['HTTP_X_GITLAB_TOKEN'] == settings.token + end gitlab_event = request.env['HTTP_X_GITLAB_EVENT'] case gitlab_event when 'Push Hook' -- GitLab