Skip to content

Protected packages: GraphQL api for deleting package protection rules

What does this MR do and why?

  • This MR adds a new graphql endpoint for deleting package protection rules.
  • This MR is part of the EPIC &5574 and is planned to be included in the 1st version of this feature, see &5574 (comment 1437348728)

🛠 with at Siemens

DB queries

In this MR, package protection rule are deleted. The following database query is issued to the database:

DELETE FROM "packages_protection_rules" WHERE "packages_protection_rules"."id" = 10

Click to expand the console output related to the DB query
TRANSACTION (0.2ms)  BEGIN /*application:web,correlation_id:01HCFD7FAKD1ZX03P90C1THWQ2,endpoint_id:graphql:unknown,db_config_name:main,line:/app/services/packages/protection/delete_rule_service.rb:31:in `'execute'*/
   app/services/packages/protection/delete_rule_service.rb:31:in 'execute'
  Packages::Protection::Rule Destroy (0.2ms)  DELETE FROM "packages_protection_rules" WHERE "packages_protection_rules"."id" = 10 /*application:web,correlation_id:01HCFD7FAKD1ZX03P90C1THWQ2,endpoint_id:graphql:unknown,db_config_name:main,line:/app/services/packages/protection/delete_rule_service.rb:31:in 'execute'*/
   app/services/packages/protection/delete_rule_service.rb:31:in 'execute'
  TRANSACTION (0.1ms)  COMMIT /*application:web,correlation_id:01HCFD7FAKD1ZX03P90C1THWQ2,endpoint_id:graphql:unknown,db_config_name:main,line:/lib/gitlab/database.rb:392:in 'commit'*/
   lib/gitlab/database.rb:392:in 'commit'

Screenshots or screen recordings

With this MR, it is possible to send graphql requests in order to delete existing package protection rules.

The body of the graphql request looks like this:

mutation {
	deletePackagesProtectionRule(
		input: {
			id: "gid://gitlab/Packages::Protection::Rule/9"
		}
	) {
		clientMutationId
		packageProtectionRule {
			packageType
			packageNamePattern
		}
		errors
	}
}

image

How to set up and validate locally

  1. Enable feature flag via rails c
Feature.enable(:packages_protected_packages)
  1. Create a package protection rule that we will delete in the next step
Packages::Protection::Rule.create(
  project: Project.find(7),
  package_type: :npm,
  push_protected_up_to_access_level: Gitlab::Access::DEVELOPER,
  package_name_pattern: "@gitlab-org/npm-package-new-enum-*"
)
  1. Find the global id of the package protection rule that we want to delete
Packages::Protection::Rule.where(package_name_pattern: "@gitlab-org/npm-package-new-enum-*").first.to_global_id.to_s
# => "gid://gitlab/Packages::Protection::Rule/9"
  1. Now, you should be able to send mutation requests via the graphql api
curl --request POST \
--url http://gdk.test:3000/api/graphql \
--header 'Authorization: Bearer ypCa3Dzb23o5nvsixwPA' \
--header 'Content-Type: application/json' \
--cookie 'perf_bar_enabled=true; BetterErrors-2.10.1-CSRF-Token=0b882179-5e4a-431b-a420-2be3701cece8' \
--data '{"query":"mutation {\n\tdeletePackagesProtectionRule(\n\t\tinput: {\n\t\t\tid: \"gid://gitlab/Packages::Protection::Rule/9\"\n\t\t}\n\t) {\n\t\tclientMutationId\n\t\tpackageProtectionRule {\n\t\t\tpackageType\n\t\t\tpackageNamePattern\n\t\t}\n\t\terrors\n\t}\n}"}'

Todos

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #416381 (closed)

Edited by Gerardo Navarro

Merge request reports

Loading