Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
77271388
Commit
77271388
authored
Sep 21, 2016
by
Kamil Trzcinski
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update permissions table
parent
88d83e2e
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
23 additions
and
6 deletions
+23
-6
doc/user/permissions.md
doc/user/permissions.md
+23
-6
No files found.
doc/user/permissions.md
View file @
77271388
...
...
@@ -198,14 +198,20 @@ This table shows granted privileges for builds triggered by specific types of us
|---------------------------------------------|-----------------|-------------|----------|--------|
| Run CI build | | ✓ | ✓ | ✓ |
| Clone source and LFS from current project | | ✓ | ✓ | ✓ |
| Clone source and LFS from other projects | | ✓ [^1] | ✓ [^1] | ✓ [^1] |
| Push source and LFS to current project | | | | |
| Push source and LFS to other projects | | | | |
| Clone source and LFS from public projects | | ✓ | ✓ | ✓ |
| Clone source and LFS from internal projects | | ✓ [^3] | ✓ [^3] | ✓ |
| Clone source and LFS from private projects | | ✓ [^4] | ✓ [^4] | ✓ [^4] |
| Push source and LFS | | | | |
| Pull container images from current project | | ✓ | ✓ | ✓ |
| Pull container images from other projects | | ✓ [^1] | ✓ [^1] | ✓ [^1] |
| Pull container images from public projects | | ✓ | ✓ | ✓ |
| Pull container images from internal projects| | ✓ [^3] | ✓ [^3] | ✓ |
| Pull container images from private projects | | ✓ [^4] | ✓ [^4] | ✓ [^4] |
| Push container images to current project | | ✓ | ✓ | ✓ |
| Push container images to other projects | | | | |
[
^3
]:
Only
if user is not external one.
[
^4
]:
Only
if user is a member of the project.
### Build token
The above gives a question about trustability of build token.
...
...
@@ -226,8 +232,19 @@ your runners in most secure possible way, by avoiding using this configurations:
1.
Using
`shell`
executor,
By using in-secure GitLab Runner configuration you allow the rogue developers
to steal the tokens of other builds. However, this problem existed before,
but
to steal the tokens of other builds.
### Debugging problems
It can happen that some of the users will complain that CI builds do fail for them.
It is most likely that your project access other projects sources,
and the user doesn't have the permissions.
In the build log look for information about 403 or forbidden access.
You then as Administrator can verify that the user is a member of the group or project,
and you when impersonated as the user can retry a failing build
on behalf of the user to verify that everything is correct.
### Before 8.12
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment