Merge branch 'security-fix-to-not-export-pipeline-triggers' into 'master'

Disable exporting pipeline triggers on project export See merge request gitlab-org/security/gitlab!1752

Merge branch 'security-fix-to-not-export-pipeline-triggers' into 'master'
Disable exporting pipeline triggers on project export See merge request gitlab-org/security/gitlab!1752
0469cf18 · GitLab Release Tools Bot · ff898cae · 4195b918 · 0469cf18 · 0469cf18
Commit 0469cf18 authored Sep 27, 2021 by GitLab Release Tools Bot
7 changed files
--- a/app/views/projects/_export.html.haml
+++ b/app/views/projects/_export.html.haml
@@ -16,6 +16,7 @@
      %li= _('Job logs and artifacts')
      %li= _('Container registry images')
      %li= _('CI variables')
+      %li= _('Pipeline triggers')
      %li= _('Webhooks')
      %li= _('Any encrypted tokens')
  - if project.export_status == :finished

--- a/doc/user/project/settings/import_export.md
+++ b/doc/user/project/settings/import_export.md
@@ -135,6 +135,7 @@ The following items are **not** exported:
 - Build traces and artifacts
 - Container registry images
 - CI/CD variables
+- Pipeline triggers
 - Webhooks
 - Any encrypted tokens
 - Merge Request Approvers

--- a/lib/gitlab/import_export/project/import_export.yml
+++ b/lib/gitlab/import_export/project/import_export.yml
@@ -88,7 +88,6 @@ tree:
      - :external_pull_request
      - :merge_request
    - :auto_devops
-    - :triggers
    - :pipeline_schedules
    - :container_expiration_policy
    - protected_branches:

--- a/spec/fixtures/lib/gitlab/import_export/complex/project.json
+++ b/spec/fixtures/lib/gitlab/import_export/complex/project.json
@@ -7579,23 +7579,6 @@
      }
    }
  ],
-  "triggers": [
-    {
-      "id": 123,
-      "token": "cdbfasdf44a5958c83654733449e585",
-      "project_id": 5,
-      "owner_id": 1,
-      "created_at": "2017-01-16T15:25:28.637Z",
-      "updated_at": "2017-01-16T15:25:28.637Z"
-    },
-    {
-      "id": 456,
-      "token": "33a66349b5ad01fc00174af87804e40",
-      "project_id": 5,
-      "created_at": "2017-01-16T15:25:29.637Z",
-      "updated_at": "2017-01-16T15:25:29.637Z"
-    }
-  ],
  "pipeline_schedules": [
    {
      "id": 1,

--- a/spec/fixtures/lib/gitlab/import_export/complex/tree/project/triggers.ndjson
+++ b/spec/fixtures/lib/gitlab/import_export/complex/tree/project/triggers.ndjson
 {"id":123,"token":"cdbfasdf44a5958c83654733449e585","project_id":5,"owner_id":1,"created_at":"2017-01-16T15:25:28.637Z","updated_at":"2017-01-16T15:25:28.637Z"}
 {"id":456,"token":"33a66349b5ad01fc00174af87804e40","project_id":5,"created_at":"2017-01-16T15:25:29.637Z","updated_at":"2017-01-16T15:25:29.637Z"}
\ No newline at end of file
--- a/spec/lib/gitlab/import_export/project/tree_restorer_spec.rb
+++ b/spec/lib/gitlab/import_export/project/tree_restorer_spec.rb
@@ -445,8 +445,8 @@ RSpec.describe Gitlab::ImportExport::Project::TreeRestorer do
            expect(@project.merge_requests.size).to eq(9)
          end
-          it 'only restores valid triggers' do
+          it 'does not restore triggers' do
-            expect(@project.triggers.size).to eq(1)
+            expect(@project.triggers.size).to eq(0)
          end
          it 'has the correct number of pipelines and statuses' do

--- a/spec/lib/gitlab/import_export/safe_model_attributes.yml
+++ b/spec/lib/gitlab/import_export/safe_model_attributes.yml
@@ -401,15 +401,6 @@ Ci::Variable:
 - encrypted_value
 - encrypted_value_salt
 - encrypted_value_iv
-Ci::Trigger:
- id
- token
- project_id
- created_at
- updated_at
- owner_id
- description
- ref
 Ci::PipelineSchedule:
 - id
 - description