Merge "Strengthen the caution about allowed-projects"

2019-06-26 17:58:24 +00:00 · 2019-06-26 17:58:24 +00:00 · c0e0dff004
parent 9046116f66 f307b71edf
commit c0e0dff004
1 changed files with 4 additions and 2 deletions
--- a/doc/source/user/config.rst
+++ b/doc/source/user/config.rst
@ -1131,7 +1131,8 @@ Here is an example of two job definitions:
      :term:`untrusted-project`, `allowed-projects` is automatically
      set to the current project only, and can not be overridden.
      However, a :term:`config-project` may still add such a job to
-      any project's pipeline.
+      any project's pipeline.  Apply caution when doing so as other
+      projects may be able to expose the source project's secrets.

      .. warning::

@ -1531,7 +1532,8 @@ projects which can invoke that job.  If a job with secrets is defined
 in an `untrusted-project`, `allowed-projects` is automatically set to
 that project only, and can not be overridden (though a
 :term:`config-project` may still add the job to any project's pipeline
-regardless of this setting).
+regardless of this setting; do so with caution as other projects may
+expose the source project's secrets).

 Secrets, like most configuration items, are unique within a tenant,
 though a secret may be defined on multiple branches of the same