Commit 9de57bea authored by Tan Le's avatar Tan Le

Rename asset_proxy_whitelist application setting

We would like to use a more neutral tone when specifying a list of
allowed asset proxies. This change renames the `asset_proxy_whitelist`
column in `application_settings` table to `asset_proxy_allowlist`.

The ApplicationSettings API is still backward-compatible with the old
field.
parent 81628d41
...@@ -181,7 +181,7 @@ module ApplicationSettingsHelper ...@@ -181,7 +181,7 @@ module ApplicationSettingsHelper
:asset_proxy_enabled, :asset_proxy_enabled,
:asset_proxy_secret_key, :asset_proxy_secret_key,
:asset_proxy_url, :asset_proxy_url,
:asset_proxy_whitelist, :asset_proxy_allowlist,
:static_objects_external_storage_auth_token, :static_objects_external_storage_auth_token,
:static_objects_external_storage_url, :static_objects_external_storage_url,
:authorized_keys_enabled, :authorized_keys_enabled,
...@@ -355,9 +355,11 @@ module ApplicationSettingsHelper ...@@ -355,9 +355,11 @@ module ApplicationSettingsHelper
] ]
end end
# ok to remove in REST API v5
def deprecated_attributes def deprecated_attributes
[ [
:admin_notification_email # ok to remove in REST API v5 :admin_notification_email,
:asset_proxy_whitelist
] ]
end end
......
...@@ -43,7 +43,7 @@ class ApplicationSetting < ApplicationRecord ...@@ -43,7 +43,7 @@ class ApplicationSetting < ApplicationRecord
serialize :domain_allowlist, Array # rubocop:disable Cop/ActiveRecordSerialize serialize :domain_allowlist, Array # rubocop:disable Cop/ActiveRecordSerialize
serialize :domain_denylist, Array # rubocop:disable Cop/ActiveRecordSerialize serialize :domain_denylist, Array # rubocop:disable Cop/ActiveRecordSerialize
serialize :repository_storages # rubocop:disable Cop/ActiveRecordSerialize serialize :repository_storages # rubocop:disable Cop/ActiveRecordSerialize
serialize :asset_proxy_whitelist, Array # rubocop:disable Cop/ActiveRecordSerialize serialize :asset_proxy_allowlist, Array # rubocop:disable Cop/ActiveRecordSerialize
cache_markdown_field :sign_in_text cache_markdown_field :sign_in_text
cache_markdown_field :help_page_text cache_markdown_field :help_page_text
......
...@@ -269,13 +269,13 @@ module ApplicationSettingImplementation ...@@ -269,13 +269,13 @@ module ApplicationSettingImplementation
self.protected_paths = strings_to_array(values) self.protected_paths = strings_to_array(values)
end end
def asset_proxy_whitelist=(values) def asset_proxy_allowlist=(values)
values = strings_to_array(values) if values.is_a?(String) values = strings_to_array(values) if values.is_a?(String)
# make sure we always whitelist the running host # make sure we always allow the running host
values << Gitlab.config.gitlab.host unless values.include?(Gitlab.config.gitlab.host) values << Gitlab.config.gitlab.host unless values.include?(Gitlab.config.gitlab.host)
self[:asset_proxy_whitelist] = values self[:asset_proxy_allowlist] = values
end end
def repository_storages def repository_storages
......
...@@ -6,7 +6,7 @@ module ApplicationSettings ...@@ -6,7 +6,7 @@ module ApplicationSettings
attr_reader :params, :application_setting attr_reader :params, :application_setting
MARKDOWN_CACHE_INVALIDATING_PARAMS = %w(asset_proxy_enabled asset_proxy_url asset_proxy_secret_key asset_proxy_whitelist).freeze MARKDOWN_CACHE_INVALIDATING_PARAMS = %w(asset_proxy_enabled asset_proxy_url asset_proxy_secret_key asset_proxy_allowlist).freeze
def execute def execute
result = update_settings result = update_settings
......
---
title: Rename asset_proxy_whitelist column on application_settings
merge_request: 50824
author:
type: changed
# frozen_string_literal: true
class RenameAssetProxyWhitelistOnApplicationSettings < ActiveRecord::Migration[6.0]
include Gitlab::Database::MigrationHelpers::V2
DOWNTIME = false
disable_ddl_transaction!
def up
rename_column_concurrently :application_settings,
:asset_proxy_whitelist,
:asset_proxy_allowlist
end
def down
undo_rename_column_concurrently :application_settings,
:asset_proxy_whitelist,
:asset_proxy_allowlist
end
end
# frozen_string_literal: true
class CleanUpAssetProxyWhitelistRenameOnApplicationSettings < ActiveRecord::Migration[6.0]
include Gitlab::Database::MigrationHelpers::V2
DOWNTIME = false
disable_ddl_transaction!
def up
cleanup_concurrent_column_rename :application_settings,
:asset_proxy_whitelist,
:asset_proxy_allowlist
end
def down
undo_cleanup_concurrent_column_rename :application_settings,
:asset_proxy_whitelist,
:asset_proxy_allowlist
end
end
4eef64fb237f783cdb07e012356d48a4ec9afc349721de1c53cf3def95e83858
\ No newline at end of file
ef994f0c65154825906fb0952b9b3073f4cb0692f01c90280edf06a4ea2ec339
\ No newline at end of file
...@@ -9293,7 +9293,6 @@ CREATE TABLE application_settings ( ...@@ -9293,7 +9293,6 @@ CREATE TABLE application_settings (
instance_administration_project_id bigint, instance_administration_project_id bigint,
asset_proxy_enabled boolean DEFAULT false NOT NULL, asset_proxy_enabled boolean DEFAULT false NOT NULL,
asset_proxy_url character varying, asset_proxy_url character varying,
asset_proxy_whitelist text,
encrypted_asset_proxy_secret_key text, encrypted_asset_proxy_secret_key text,
encrypted_asset_proxy_secret_key_iv character varying, encrypted_asset_proxy_secret_key_iv character varying,
static_objects_external_storage_url character varying(255), static_objects_external_storage_url character varying(255),
...@@ -9412,6 +9411,7 @@ CREATE TABLE application_settings ( ...@@ -9412,6 +9411,7 @@ CREATE TABLE application_settings (
container_registry_cleanup_tags_service_max_list_size integer DEFAULT 200 NOT NULL, container_registry_cleanup_tags_service_max_list_size integer DEFAULT 200 NOT NULL,
enforce_ssh_key_expiration boolean DEFAULT false NOT NULL, enforce_ssh_key_expiration boolean DEFAULT false NOT NULL,
git_two_factor_session_expiry integer DEFAULT 15 NOT NULL, git_two_factor_session_expiry integer DEFAULT 15 NOT NULL,
asset_proxy_allowlist text,
CONSTRAINT app_settings_container_reg_cleanup_tags_max_list_size_positive CHECK ((container_registry_cleanup_tags_service_max_list_size >= 0)), CONSTRAINT app_settings_container_reg_cleanup_tags_max_list_size_positive CHECK ((container_registry_cleanup_tags_service_max_list_size >= 0)),
CONSTRAINT app_settings_registry_exp_policies_worker_capacity_positive CHECK ((container_registry_expiration_policies_worker_capacity >= 0)), CONSTRAINT app_settings_registry_exp_policies_worker_capacity_positive CHECK ((container_registry_expiration_policies_worker_capacity >= 0)),
CONSTRAINT check_17d9558205 CHECK ((char_length((kroki_url)::text) <= 1024)), CONSTRAINT check_17d9558205 CHECK ((char_length((kroki_url)::text) <= 1024)),
......
...@@ -77,6 +77,7 @@ Example response: ...@@ -77,6 +77,7 @@ Example response:
"asset_proxy_enabled": true, "asset_proxy_enabled": true,
"asset_proxy_url": "https://assets.example.com", "asset_proxy_url": "https://assets.example.com",
"asset_proxy_whitelist": ["example.com", "*.example.com", "your-instance.com"], "asset_proxy_whitelist": ["example.com", "*.example.com", "your-instance.com"],
"asset_proxy_allowlist": ["example.com", "*.example.com", "your-instance.com"],
"npm_package_requests_forwarding": true, "npm_package_requests_forwarding": true,
"snippet_size_limit": 52428800, "snippet_size_limit": 52428800,
"issues_create_limit": 300, "issues_create_limit": 300,
...@@ -166,7 +167,7 @@ Example response: ...@@ -166,7 +167,7 @@ Example response:
"local_markdown_version": 0, "local_markdown_version": 0,
"asset_proxy_enabled": true, "asset_proxy_enabled": true,
"asset_proxy_url": "https://assets.example.com", "asset_proxy_url": "https://assets.example.com",
"asset_proxy_whitelist": ["example.com", "*.example.com", "your-instance.com"], "asset_proxy_allowlist": ["example.com", "*.example.com", "your-instance.com"],
"geo_node_allowed_ips": "0.0.0.0/0, ::/0", "geo_node_allowed_ips": "0.0.0.0/0, ::/0",
"allow_local_requests_from_hooks_and_services": true, "allow_local_requests_from_hooks_and_services": true,
"allow_local_requests_from_web_hooks_and_services": true, "allow_local_requests_from_web_hooks_and_services": true,
...@@ -219,7 +220,8 @@ listed in the descriptions of the relevant settings. ...@@ -219,7 +220,8 @@ listed in the descriptions of the relevant settings.
| `asset_proxy_enabled` | boolean | no | (**If enabled, requires:** `asset_proxy_url`) Enable proxying of assets. GitLab restart is required to apply changes. | | `asset_proxy_enabled` | boolean | no | (**If enabled, requires:** `asset_proxy_url`) Enable proxying of assets. GitLab restart is required to apply changes. |
| `asset_proxy_secret_key` | string | no | Shared secret with the asset proxy server. GitLab restart is required to apply changes. | | `asset_proxy_secret_key` | string | no | Shared secret with the asset proxy server. GitLab restart is required to apply changes. |
| `asset_proxy_url` | string | no | URL of the asset proxy server. GitLab restart is required to apply changes. | | `asset_proxy_url` | string | no | URL of the asset proxy server. GitLab restart is required to apply changes. |
| `asset_proxy_whitelist` | string or array of strings | no | Assets that match these domain(s) are **not** proxied. Wildcards allowed. Your GitLab installation URL is automatically allowlisted. GitLab restart is required to apply changes. | | `asset_proxy_whitelist` | string or array of strings | no | (Deprecated: Use `asset_proxy_allowlist` instead) Assets that match these domain(s) are **not** proxied. Wildcards allowed. Your GitLab installation URL is automatically allowlisted. GitLab restart is required to apply changes. |
| `asset_proxy_allowlist` | string or array of strings | no | Assets that match these domain(s) are **not** proxied. Wildcards allowed. Your GitLab installation URL is automatically allowlisted. GitLab restart is required to apply changes. |
| `authorized_keys_enabled` | boolean | no | By default, we write to the `authorized_keys` file to support Git over SSH without additional configuration. GitLab can be optimized to authenticate SSH keys via the database file. Only disable this if you have configured your OpenSSH server to use the AuthorizedKeysCommand. | | `authorized_keys_enabled` | boolean | no | By default, we write to the `authorized_keys` file to support Git over SSH without additional configuration. GitLab can be optimized to authenticate SSH keys via the database file. Only disable this if you have configured your OpenSSH server to use the AuthorizedKeysCommand. |
| `auto_devops_domain` | string | no | Specify a domain to use by default for every project's Auto Review Apps and Auto Deploy stages. | | `auto_devops_domain` | string | no | Specify a domain to use by default for every project's Auto Review Apps and Auto Deploy stages. |
| `auto_devops_enabled` | boolean | no | Enable Auto DevOps for projects by default. It automatically builds, tests, and deploys applications based on a predefined CI/CD configuration. | | `auto_devops_enabled` | boolean | no | Enable Auto DevOps for projects by default. It automatically builds, tests, and deploys applications based on a predefined CI/CD configuration. |
......
...@@ -51,7 +51,8 @@ To install a Camo server as an asset proxy: ...@@ -51,7 +51,8 @@ To install a Camo server as an asset proxy:
| `asset_proxy_enabled` | Enable proxying of assets. If enabled, requires: `asset_proxy_url`). | | `asset_proxy_enabled` | Enable proxying of assets. If enabled, requires: `asset_proxy_url`). |
| `asset_proxy_secret_key` | Shared secret with the asset proxy server. | | `asset_proxy_secret_key` | Shared secret with the asset proxy server. |
| `asset_proxy_url` | URL of the asset proxy server. | | `asset_proxy_url` | URL of the asset proxy server. |
| `asset_proxy_whitelist` | Assets that match these domain(s) are NOT proxied. Wildcards allowed. Your GitLab installation URL is automatically whitelisted. | | `asset_proxy_whitelist` | (Deprecated: Use `asset_proxy_allowlist` instead) Assets that match these domain(s) are NOT proxied. Wildcards allowed. Your GitLab installation URL is automatically allowed. |
| `asset_proxy_allowlist` | Assets that match these domain(s) are NOT proxied. Wildcards allowed. Your GitLab installation URL is automatically allowed. |
1. Restart the server for the changes to take effect. Each time you change any values for the asset 1. Restart the server for the changes to take effect. Each time you change any values for the asset
proxy, you need to restart the server. proxy, you need to restart the server.
......
...@@ -31,6 +31,7 @@ module API ...@@ -31,6 +31,7 @@ module API
expose :password_authentication_enabled_for_web, as: :password_authentication_enabled expose :password_authentication_enabled_for_web, as: :password_authentication_enabled
expose :password_authentication_enabled_for_web, as: :signin_enabled expose :password_authentication_enabled_for_web, as: :signin_enabled
expose :allow_local_requests_from_web_hooks_and_services, as: :allow_local_requests_from_hooks_and_services expose :allow_local_requests_from_web_hooks_and_services, as: :allow_local_requests_from_hooks_and_services
expose :asset_proxy_allowlist, as: :asset_proxy_whitelist
end end
end end
end end
......
...@@ -42,7 +42,8 @@ module API ...@@ -42,7 +42,8 @@ module API
optional :asset_proxy_enabled, type: Boolean, desc: 'Enable proxying of assets' optional :asset_proxy_enabled, type: Boolean, desc: 'Enable proxying of assets'
optional :asset_proxy_url, type: String, desc: 'URL of the asset proxy server' optional :asset_proxy_url, type: String, desc: 'URL of the asset proxy server'
optional :asset_proxy_secret_key, type: String, desc: 'Shared secret with the asset proxy server' optional :asset_proxy_secret_key, type: String, desc: 'Shared secret with the asset proxy server'
optional :asset_proxy_whitelist, type: Array[String], coerce_with: Validations::Types::CommaSeparatedToArray.coerce, desc: 'Assets that match these domain(s) will NOT be proxied. Wildcards allowed. Your GitLab installation URL is automatically whitelisted.' optional :asset_proxy_whitelist, type: Array[String], coerce_with: Validations::Types::CommaSeparatedToArray.coerce, desc: 'Deprecated: Use :asset_proxy_allowlist instead. Assets that match these domain(s) will NOT be proxied. Wildcards allowed. Your GitLab installation URL is automatically whitelisted.'
optional :asset_proxy_allowlist, type: Array[String], coerce_with: Validations::Types::CommaSeparatedToArray.coerce, desc: 'Assets that match these domain(s) will NOT be proxied. Wildcards allowed. Your GitLab installation URL is automatically allowed.'
optional :container_registry_token_expire_delay, type: Integer, desc: 'Authorization token duration (minutes)' optional :container_registry_token_expire_delay, type: Integer, desc: 'Authorization token duration (minutes)'
optional :default_artifacts_expire_in, type: String, desc: "Set the default expiration time for each job's artifacts" optional :default_artifacts_expire_in, type: String, desc: "Set the default expiration time for each job's artifacts"
optional :default_ci_config_path, type: String, desc: 'The instance default CI configuration path for new projects' optional :default_ci_config_path, type: String, desc: 'The instance default CI configuration path for new projects'
...@@ -211,6 +212,11 @@ module API ...@@ -211,6 +212,11 @@ module API
attrs[:abuse_notification_email] = attrs.delete(:admin_notification_email) attrs[:abuse_notification_email] = attrs.delete(:admin_notification_email)
end end
# support legacy names, can be removed in v5
if attrs.has_key?(:asset_proxy_whitelist)
attrs[:asset_proxy_allowlist] = attrs.delete(:asset_proxy_whitelist)
end
# since 13.0 it's not possible to disable hashed storage - support can be removed in 14.0 # since 13.0 it's not possible to disable hashed storage - support can be removed in 14.0
attrs.delete(:hashed_storage_enabled) if attrs.has_key?(:hashed_storage_enabled) attrs.delete(:hashed_storage_enabled) if attrs.has_key?(:hashed_storage_enabled)
......
...@@ -59,7 +59,9 @@ module Banzai ...@@ -59,7 +59,9 @@ module Banzai
end end
def self.determine_allowlist(application_settings) def self.determine_allowlist(application_settings)
application_settings.asset_proxy_whitelist.presence || [Gitlab.config.gitlab.host] application_settings.try(:asset_proxy_allowlist).presence ||
application_settings.try(:asset_proxy_whitelist).presence ||
[Gitlab.config.gitlab.host]
end end
end end
end end
......
...@@ -28,7 +28,7 @@ RSpec.describe Banzai::Filter::AssetProxyFilter do ...@@ -28,7 +28,7 @@ RSpec.describe Banzai::Filter::AssetProxyFilter do
stub_application_setting(asset_proxy_enabled: true) stub_application_setting(asset_proxy_enabled: true)
stub_application_setting(asset_proxy_secret_key: 'shared-secret') stub_application_setting(asset_proxy_secret_key: 'shared-secret')
stub_application_setting(asset_proxy_url: 'https://assets.example.com') stub_application_setting(asset_proxy_url: 'https://assets.example.com')
stub_application_setting(asset_proxy_whitelist: %w(gitlab.com *.mydomain.com)) stub_application_setting(asset_proxy_allowlist: %w(gitlab.com *.mydomain.com))
described_class.initialize_settings described_class.initialize_settings
...@@ -39,16 +39,26 @@ RSpec.describe Banzai::Filter::AssetProxyFilter do ...@@ -39,16 +39,26 @@ RSpec.describe Banzai::Filter::AssetProxyFilter do
expect(Gitlab.config.asset_proxy.domain_regexp).to eq(/^(gitlab\.com|.*?\.mydomain\.com)$/i) expect(Gitlab.config.asset_proxy.domain_regexp).to eq(/^(gitlab\.com|.*?\.mydomain\.com)$/i)
end end
context 'when whitelist is empty' do context 'when allowlist is empty' do
it 'defaults to the install domain' do it 'defaults to the install domain' do
stub_application_setting(asset_proxy_enabled: true) stub_application_setting(asset_proxy_enabled: true)
stub_application_setting(asset_proxy_whitelist: []) stub_application_setting(asset_proxy_allowlist: [])
described_class.initialize_settings described_class.initialize_settings
expect(Gitlab.config.asset_proxy.allowlist).to eq [Gitlab.config.gitlab.host] expect(Gitlab.config.asset_proxy.allowlist).to eq [Gitlab.config.gitlab.host]
end end
end end
it 'supports deprecated whitelist settings' do
stub_application_setting(asset_proxy_enabled: true)
stub_application_setting(asset_proxy_whitelist: %w(foo.com bar.com))
stub_application_setting(asset_proxy_allowlist: [])
described_class.initialize_settings
expect(Gitlab.config.asset_proxy.allowlist).to eq %w(foo.com bar.com)
end
end end
context 'when properly configured' do context 'when properly configured' do
......
...@@ -635,28 +635,28 @@ RSpec.describe ApplicationSetting do ...@@ -635,28 +635,28 @@ RSpec.describe ApplicationSetting do
end end
end end
describe '#asset_proxy_whitelist' do describe '#asset_proxy_allowlist' do
context 'when given an Array' do context 'when given an Array' do
it 'sets the domains and adds current running host' do it 'sets the domains and adds current running host' do
setting.asset_proxy_whitelist = ['example.com', 'assets.example.com'] setting.asset_proxy_allowlist = ['example.com', 'assets.example.com']
expect(setting.asset_proxy_whitelist).to eq(['example.com', 'assets.example.com', 'localhost']) expect(setting.asset_proxy_allowlist).to eq(['example.com', 'assets.example.com', 'localhost'])
end end
end end
context 'when given a String' do context 'when given a String' do
it 'sets multiple domains with spaces' do it 'sets multiple domains with spaces' do
setting.asset_proxy_whitelist = 'example.com *.example.com' setting.asset_proxy_allowlist = 'example.com *.example.com'
expect(setting.asset_proxy_whitelist).to eq(['example.com', '*.example.com', 'localhost']) expect(setting.asset_proxy_allowlist).to eq(['example.com', '*.example.com', 'localhost'])
end end
it 'sets multiple domains with newlines and a space' do it 'sets multiple domains with newlines and a space' do
setting.asset_proxy_whitelist = "example.com\n *.example.com" setting.asset_proxy_allowlist = "example.com\n *.example.com"
expect(setting.asset_proxy_whitelist).to eq(['example.com', '*.example.com', 'localhost']) expect(setting.asset_proxy_allowlist).to eq(['example.com', '*.example.com', 'localhost'])
end end
it 'sets multiple domains with commas' do it 'sets multiple domains with commas' do
setting.asset_proxy_whitelist = "example.com, *.example.com" setting.asset_proxy_allowlist = "example.com, *.example.com"
expect(setting.asset_proxy_whitelist).to eq(['example.com', '*.example.com', 'localhost']) expect(setting.asset_proxy_allowlist).to eq(['example.com', '*.example.com', 'localhost'])
end end
end end
end end
......
...@@ -199,6 +199,14 @@ RSpec.describe API::Settings, 'Settings' do ...@@ -199,6 +199,14 @@ RSpec.describe API::Settings, 'Settings' do
expect(json_response['allow_local_requests_from_hooks_and_services']).to eq(true) expect(json_response['allow_local_requests_from_hooks_and_services']).to eq(true)
end end
it 'supports legacy asset_proxy_whitelist' do
put api("/application/settings", admin),
params: { asset_proxy_whitelist: ['example.com', '*.example.com'] }
expect(response).to have_gitlab_http_status(:ok)
expect(json_response['asset_proxy_allowlist']).to eq(['example.com', '*.example.com', 'localhost'])
end
it 'disables ability to switch to legacy storage' do it 'disables ability to switch to legacy storage' do
put api("/application/settings", admin), put api("/application/settings", admin),
params: { hashed_storage_enabled: false } params: { hashed_storage_enabled: false }
...@@ -362,24 +370,24 @@ RSpec.describe API::Settings, 'Settings' do ...@@ -362,24 +370,24 @@ RSpec.describe API::Settings, 'Settings' do
asset_proxy_enabled: true, asset_proxy_enabled: true,
asset_proxy_url: 'http://assets.example.com', asset_proxy_url: 'http://assets.example.com',
asset_proxy_secret_key: 'shared secret', asset_proxy_secret_key: 'shared secret',
asset_proxy_whitelist: ['example.com', '*.example.com'] asset_proxy_allowlist: ['example.com', '*.example.com']
} }
expect(response).to have_gitlab_http_status(:ok) expect(response).to have_gitlab_http_status(:ok)
expect(json_response['asset_proxy_enabled']).to be(true) expect(json_response['asset_proxy_enabled']).to be(true)
expect(json_response['asset_proxy_url']).to eq('http://assets.example.com') expect(json_response['asset_proxy_url']).to eq('http://assets.example.com')
expect(json_response['asset_proxy_secret_key']).to be_nil expect(json_response['asset_proxy_secret_key']).to be_nil
expect(json_response['asset_proxy_whitelist']).to eq(['example.com', '*.example.com', 'localhost']) expect(json_response['asset_proxy_allowlist']).to eq(['example.com', '*.example.com', 'localhost'])
end end
it 'allows a string for asset_proxy_whitelist' do it 'allows a string for asset_proxy_allowlist' do
put api('/application/settings', admin), put api('/application/settings', admin),
params: { params: {
asset_proxy_whitelist: 'example.com, *.example.com' asset_proxy_allowlist: 'example.com, *.example.com'
} }
expect(response).to have_gitlab_http_status(:ok) expect(response).to have_gitlab_http_status(:ok)
expect(json_response['asset_proxy_whitelist']).to eq(['example.com', '*.example.com', 'localhost']) expect(json_response['asset_proxy_allowlist']).to eq(['example.com', '*.example.com', 'localhost'])
end end
end end
......
...@@ -122,7 +122,7 @@ RSpec.describe ApplicationSettings::UpdateService do ...@@ -122,7 +122,7 @@ RSpec.describe ApplicationSettings::UpdateService do
it_behaves_like 'invalidates markdown cache', { asset_proxy_enabled: true } it_behaves_like 'invalidates markdown cache', { asset_proxy_enabled: true }
it_behaves_like 'invalidates markdown cache', { asset_proxy_url: 'http://test.com' } it_behaves_like 'invalidates markdown cache', { asset_proxy_url: 'http://test.com' }
it_behaves_like 'invalidates markdown cache', { asset_proxy_secret_key: 'another secret' } it_behaves_like 'invalidates markdown cache', { asset_proxy_secret_key: 'another secret' }
it_behaves_like 'invalidates markdown cache', { asset_proxy_whitelist: ['domain.com'] } it_behaves_like 'invalidates markdown cache', { asset_proxy_allowlist: ['domain.com'] }
context 'when also setting the local_markdown_version' do context 'when also setting the local_markdown_version' do
let(:params) { { asset_proxy_enabled: true, local_markdown_version: 12 } } let(:params) { { asset_proxy_enabled: true, local_markdown_version: 12 } }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment