Skip to content
Snippets Groups Projects

Use restricted step context when evaluating expressions

Merged Use restricted step context when evaluating expressions
cam-pass-view-to-interpolate into main
All threads resolved!
Merged Cameron Swords requested to merge cam-pass-view-to-interpolate into main
All threads resolved!

What does this MR do?

This MR passes a view of the StepContext to expression.Expand and expression.ExpandString, guaranteeing that users cannot access internal members of the proto.StepResult from previously executed steps.

Checking for sensitivity during evaluation has been removed to make this task easier. This will be reinstated in Handling sensitive values (gitlab-org#14416).

Reference

Restrict access to internal variables in expres... (#100 - closed)

Edited by Cameron Swords

Merge request reports

Pipeline #1461992395 passed

Stage: test
Stage: build
Stage: e2e

Pipeline passed for 5d730ce6 on cam-pass-view-to-interpolate

Merged by Cameron SwordsCameron Swords 5 months ago (Sep 23, 2024 9:26am UTC)

Loading

Pipeline #1464780587 passed

Stage: test
Stage: build
Stage: e2e
Stage: deploy

Pipeline passed for f56c856c on main

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Cameron Swords requested review from @avonbertoldi

    requested review from @avonbertoldi

  • Axel von Bertoldi
  • Axel von Bertoldi
    Axel von Bertoldi @avonbertoldi ·
    Maintainer

    @cam_swords LGTM. Just one minor suggestion.

  • Cameron Swords requested review from @avonbertoldi

    requested review from @avonbertoldi

  • Cameron Swords added 1 commit

    added 1 commit

    • bf39af52 - Rename outputs to stepresultsview for clarity

    Compare with previous version

  • Cameron Swords added 6 commits

    added 6 commits

    • bf39af52...86ad19ba - 2 commits from branch main
    • 84d947dd - Step runner passes a view when interpolating expressions
    • c783e88e - Remove check for sensitivity when interpolating expressions
    • 51d3a428 - Expressions can only access previous step outputs
    • 5d730ce6 - Rename outputs to stepresultsview for clarity

    Compare with previous version

    Toggle commit list
  • Axel von Bertoldi approved this merge request

    approved this merge request

  • Axel von Bertoldi resolved all threads

    resolved all threads

  • Cameron Swords mentioned in commit f56c856c

    mentioned in commit f56c856c

  • Cameron Swords merged

    merged

    • Please register or sign in to reply