Skip to content

Commit 5d20699

Browse files
tpetrtpetr
committed
code access allowlist items need to use a wildcard
1 parent 3571ef9 commit 5d20699

File tree

2 files changed

+6
-6
lines changed

2 files changed

+6
-6
lines changed

README.md

+3-3
Original file line numberDiff line numberDiff line change
@@ -113,7 +113,7 @@ Under the hood, this config adds these allowlist items:
113113

114114
And if `allowCodeAccess` is set, additionally:
115115

116-
- GET `https://github.example.com/api/v3/repos/:repo/contents/:filepath`
116+
- GET `https://github.example.com/api/v3/repos/:repo/contents/*`
117117
- GET `https://github.example.com/api/v3/repos/:repo/commits`
118118

119119
### GitLab
@@ -155,7 +155,7 @@ Under the hood, this config adds these allowlist items:
155155

156156
And if `allowCodeAccess` is set, additionally:
157157

158-
- GET `https://gitlab.example.com/api/v4/projects/:project/repository/files/:filepath`
158+
- GET `https://gitlab.example.com/api/v4/projects/:project/repository/files/*`
159159
- GET `https://gitlab.example.com/api/v4/projects/:project/repository/commits`
160160
- GET `https://gitlab.example.com/api/v4/projects/:project/repository/compare`
161161
- POST `https://gitlab.example.com/api/v4/projects/:project/statuses/:commit`
@@ -191,7 +191,7 @@ Under the hood, this config adds these allowlist items:
191191

192192
And if `allowCodeAccess` is set, additionally:
193193

194-
- GET `https://bitbucket.example.com/rest/api/latest/projects/:project/repos/:repo/browse/:filepath`
194+
- GET `https://bitbucket.example.com/rest/api/latest/projects/:project/repos/:repo/browse/*`
195195
- POST `https://bitbucket.example.com/rest/api/latest/projects/:project/repos/:repo/commit/:commit/builds`
196196

197197

pkg/config.go

+3-3
Original file line numberDiff line numberDiff line change
@@ -523,7 +523,7 @@ func LoadConfig(configFiles []string, deploymentId int) (*Config, error) {
523523
config.Inbound.Allowlist = append(config.Inbound.Allowlist,
524524
// get contents of file
525525
AllowlistItem{
526-
URL: gitHubBaseUrl.JoinPath("/repos/:repo/contents/:filepath").String(),
526+
URL: gitHubBaseUrl.JoinPath("/repos/:repo/contents/*").String(),
527527
Methods: ParseHttpMethods([]string{"GET"}),
528528
SetRequestHeaders: headers,
529529
},
@@ -667,7 +667,7 @@ func LoadConfig(configFiles []string, deploymentId int) (*Config, error) {
667667
config.Inbound.Allowlist = append(config.Inbound.Allowlist,
668668
// get contents of file
669669
AllowlistItem{
670-
URL: gitLabBaseUrl.JoinPath("/projects/:project/repository/files/:filepath").String(),
670+
URL: gitLabBaseUrl.JoinPath("/projects/:project/repository/files/*").String(),
671671
Methods: ParseHttpMethods([]string{"GET"}),
672672
SetRequestHeaders: headers,
673673
},
@@ -777,7 +777,7 @@ func LoadConfig(configFiles []string, deploymentId int) (*Config, error) {
777777
// get contents of file
778778
config.Inbound.Allowlist = append(config.Inbound.Allowlist,
779779
AllowlistItem{
780-
URL: bitBucketBaseUrl.JoinPath("/projects/:project/repos/:repo/browse/:filepath").String(),
780+
URL: bitBucketBaseUrl.JoinPath("/projects/:project/repos/:repo/browse/*").String(),
781781
Methods: ParseHttpMethods([]string{"GET"}),
782782
SetRequestHeaders: headers,
783783
},

0 commit comments

Comments
 (0)