Update "last used" date for PATs if used in git operations (!100690) · Merge requests · GitLab.org / GitLab

Fabian Schneider requested to merge fabsrc/gitlab:349507-pat-last-used-at-for-git-operations into master Oct 11, 2022

What does this MR do and why?

The last_used_at column of personal access tokens was only updated if the token was used with the REST or GraphQL API. With this change the column also gets updated if a PAT is used with a git operation like clone/pull or push.

Screenshots or screen recordings

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

Create a personal access token with a read_repository, write_repository or api scope
Check the Last Used column in the "Active personal access tokens" table, it should say "Never" for this token
Clone a random repository using the personal access token as a password
Check the Last Used column in the "Active personal access tokens" table again, it should not say "Never" anymore

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #349507 (closed)

Update "last used" date for PATs if used in git operations

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports