Add observability scopes for personal tokens
What does this MR do and why?
This MR adds two read_observability
and write_obsevability
) to be used by GitLab Observability exclusively only if feature flag observability_group_tab
is enabled. See the rollout issue.
These scopes do not enable any abilities within GitLab itself. Those tokens are only meant to be used by GitLab Observability itself. (See example)
The new scopes are only visible on Group > Settings > Access tokens and hidden on other Access token pages (Project, Profile, Admin).
See gitlab-org/opstrace/opstrace#2086 (closed) for more information.
Screenshots or screen recordings
Group > Settings > Access tokens | Project > Settings > Access tokens | Profile > Preferences > Access tokens | Admin > Users > Impersonation Tokens | |
---|---|---|---|---|
feature flag ENABLED globally |
|
|
|
|
feature flag ENABLED on group | On that group |
|
|
|
feature flag DISABLED |
|
|
|
|
-
✅ Visible -
❌ Hidden
Token created |
---|
How to set up and validate locally
- Start GDK
- Go to Group > Settings > Access tokens
- Go to Project > Settings > Access tokens
- Go to Profile > Preferences > Access tokens
- Go to Admin > Users > Impersonation Tokens
- Enable feature flag
observability_group_tab
on group viaFeature.enable(:observability_group_tab, Group.first)
in Rails console - go to 2.
- Enable feature flag
observability_group_tab
globally viaFeature.enable(:observability_group_tab)
in Rails console - go to 2.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Peter Leitzen