Implement REST API endpoint to create `k8s_proxy`-scoped PAT for user
What does this MR do and why?
Implement REST API endpoint to create k8s_proxy
-scoped PAT for currently auth'ed user
This change set implements a new REST API endpoint at
user/personal_access_tokens
that is able to create a new Personal
Access Token for the currently authenticated user.
It limits the scopes
to the only the k8s-proxy
scope for security
pruposes (see reference issue for more details).
The default expiration is at the end of the day the token was created
at. The maximum lifetime of the token is subject to the regular PAT
lifetime limit.
This will help to with #425171 (closed)
that requires glab
to create short-lived k8s_proxy
-scoped PATs.
Refs: Support creating a PAT with another PAT for the... (#425171 - closed)
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.