Remove input validation from typed custom variables of "AWS_" keys
Thanks for a new 12.10 release of gitlab. In this release you add a new feature of so-called typed custom variables like AWS_
keys. This is a handy improvement for sure.
But there is validation a for AWS_
keys which is not necessary. 20 symbols for access_key_id
and 40 symbols for secret key
. You decided to implement this validation based on this article.
But there is no standardised format for these keys. At least I was not able to find out. Even in that article, right after example regular expressions they say:
We can’t guarantee these regular expressions will work forever (we reserve the right to change the format of access key IDs and secret access keys) but they’re a start.
Consider systems implementing S3 APIs. It may have slightly different access keys and it OK. When making an API call, client should sign it first using SHA256 HMAC. There are examples of how to do this. As you can see, there is actually no need to provide 40 symbol length secret key to send a valid request. It all maps to sha256 hash anyway. aws
sdk also does not care of key length.
Please remove this validation. Thanks!