diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-01-19 21:07:28 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-01-19 21:07:28 +0000 |
| commit | 9bc3ee9ad4c857570b7a029345cc6fff3ed46b5f (patch) | |
| tree | 4de11c170947a73056c72b47f1036c048e7c082e /doc/security | |
| parent | dc539af30068062bd6fc2f9c6b478d4a1feb8c23 (diff) | |
| download | gitlab-ce-9bc3ee9ad4c857570b7a029345cc6fff3ed46b5f.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/security')
| -rw-r--r-- | doc/security/responding_to_security_incidents.md | 2 | ||||
| -rw-r--r-- | doc/security/token_overview.md | 9 |
2 files changed, 9 insertions, 2 deletions
diff --git a/doc/security/responding_to_security_incidents.md b/doc/security/responding_to_security_incidents.md index fb35c389583..5c00c53c5bf 100644 --- a/doc/security/responding_to_security_incidents.md +++ b/doc/security/responding_to_security_incidents.md @@ -26,7 +26,7 @@ If you suspect that a user account or bot account has been compromised, consider - Addition or modification of runners. - Addition or modification of webhooks or Git hooks. - Reset any credentials the user might have had access to. For example, users with at least the Maintainer role can view protected - [CI/CD variables](../ci/variables/index.md) and [runner registration tokens](token_overview.md#runner-registration-tokens). + [CI/CD variables](../ci/variables/index.md) and [runner registration tokens](token_overview.md#runner-registration-tokens-deprecated). - [Reset the user's password](reset_user_password.md). - Get the user to [enable two factor authentication](../user/profile/account/two_factor_authentication.md) (2FA), and consider [enforcing 2FA at the instance or group level](two_factor_authentication.md) - After completing an investigation and mitigating impacts, unblock the user. diff --git a/doc/security/token_overview.md b/doc/security/token_overview.md index fcb47b4c738..470fdba3aef 100644 --- a/doc/security/token_overview.md +++ b/doc/security/token_overview.md @@ -74,7 +74,14 @@ This is useful, for example, for cloning repositories to your Continuous Integra Project maintainers and owners can add or enable a deploy key for a project repository -## Runner registration tokens +## Runner registration tokens (deprecated) + +WARNING: +The ability to pass a runner registration token was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/380872) in GitLab 15.6 and is +planned for removal in 17.0, along with support for certain configuration arguments. This change is a breaking change. GitLab plans to introduce a new +[GitLab Runner token architecture](../architecture/blueprints/runner_tokens/index.md), which introduces +a new method for registering runners and eliminates the +runner registration token. Runner registration tokens are used to [register](https://docs.gitlab.com/runner/register/) a [runner](https://docs.gitlab.com/runner/) with GitLab. Group or project owners or instance administrators can obtain them through the GitLab user interface. The registration token is limited to runner registration and has no further scope. |