GITLAB_USER_LOGIN must be read-only for pipelines
Hello team, actually I'd consider this as a security-critical proposal since it allows to impersonate users.
Proposal
Variable GITLAB_USER_LOGIN must be read only when running pipelines (and in gitlab-ci.yaml as well). For now we have next workflow - based on current user allow or deny some specific actions in our pipeline. During our tests we were able set GITLAB_USER_LOGIN when running pipeline, via UI and gitlab allowed/denied actions.
It mustn't be the case.
Version: 13.7.1 (c97c8073a0e) Type: self-hosted gitlab, core tier.
Thanks in advance, Ivan Punko
P.S. thank you for the great project! P.P.S I was thinking about it and it could be useful for admins (debugging pipeline, for example). Is it possible to do it in the next way:
- instance admin can override the variable in all project;
- project admin can override just for the project; ?
Edited by Thong Kuah