-
Stan Hu authored
This adds the `Gitlab-Workhorse-Multipart-Fields` HTTP header, which contains a list of signed multipart keys, for the CI artifacts upload endpoints. This is already done for multipart attachments but was not done for the the CI artifacts case. Without this header, Rails can't guarantee that the file attachments were validated by Workhorse. This is the Workhorse part of the solution for https://gitlab.com/gitlab-org/gitlab/-/issues/213139. This needs to be used by Rails: https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/403
8800a891