Protected containers: Add graphql mutation to delete protection rules (!137176) · Merge requests · GitLab.org / GitLab

What does this MR do and why?

This MR adds a new graphql endpoint for deleting container registry protection rule
This MR is part of the EPIC &9825 and is planned to be included in the 1st version of this feature, see &9825 (comment 1461465889)
This MR intends to follow the implementation the MR for the feature "protected packages", see Protected containers: Graphql mutation for crea... (!133527 - merged)

🛠 with ❤ at Siemens

DB queries

In this MR, container registry protection rule are deleted. The following database query is issued to the database:

DELETE FROM "container_registry_protection_rules" WHERE "container_registry_protection_rules"."id" = 14

Click to open console log

TRANSACTION (0.1ms)  BEGIN /*application:web,correlation_id:01HFMM8M7F795DAG3QYFBH73MV,endpoint_id:graphql:unknown,db_config_name:main,line:/app/services/container_registry/protection/delete_rule_service.rb:24:in `execute'*/
  ↳ app/services/container_registry/protection/delete_rule_service.rb:24:in `execute'
  ContainerRegistry::Protection::Rule Destroy (0.2ms)  DELETE FROM "container_registry_protection_rules" WHERE "container_registry_protection_rules"."id" = 14 /*application:web,correlation_id:01HFMM8M7F795DAG3QYFBH73MV,endpoint_id:graphql:unknown,db_config_name:main,line:/app/services/container_registry/protection/delete_rule_service.rb:24:in `execute'*/
  ↳ app/services/container_registry/protection/delete_rule_service.rb:24:in `execute'
  TRANSACTION (0.1ms)  COMMIT /*application:web,correlation_id:01HFMM8M7F795DAG3QYFBH73MV,endpoint_id:graphql:unknown,db_config_name:main,line:/lib/gitlab/database.rb:392:in `commit'*/
  ↳ lib/gitlab/database.rb:392:in `commit'

Screenshots or screen recordings

With this MR, it is possible to send graphql requests in order to delete existing container registry protection rules.

The body of the graphql request looks like this

mutation {
	deleteContainerRegistryProtectionRule(
		input: {
			id: "gid://gitlab/ContainerRegistry::Protection::Rule/13"
		}
	) {
		clientMutationId
		containerRegistryProtectionRule {
			containerPathPattern
		}
		errors
	}
}

How to set up and validate locally

Enable feature flag via rails c

Feature.enable(:container_registry_protected_containers)

Create a container registry protection rule that we will delete in the next step

container_registry_protection_rule = ContainerRegistry::Protection::Rule.create(
  project: Project.find(7),
  container_path_pattern: Project.find(7).full_path.downcase,
  push_protected_up_to_access_level: :developer,
  delete_protected_up_to_access_level: :developer
)

Find the global id of the container registry protection rule that we want to delete

container_registry_protection_rule.to_global_id.to_s
# => "gid://gitlab/ContainerRegistry::Protection::Rule/13"

Now, you should be able to send mutation requests via the graphql api

curl --request POST \
  --url http://gdk.test:3000/api/graphql \
  --header 'Authorization: Bearer ypCa3Dzb23o5nvsixwPA' \
  --header 'Content-Type: application/json' \
  --cookie 'perf_bar_enabled=true; BetterErrors-2.10.1-CSRF-Token=0b882179-5e4a-431b-a420-2be3701cece8' \
  --data '{"query":"mutation {\n\tdeleteContainerRegistryProtectionRule(\n\t\tinput: {\n\t\t\tid: \"gid://gitlab/ContainerRegistry::Protection::Rule/13\"\n\t\t}\n\t) {\n\t\tclientMutationId\n\t\tcontainerRegistryProtectionRule {\n\t\t\tcontainerPathPattern\n\t\t}\n\t\terrors\n\t}\n}"}'

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #427547 (closed)

Protected containers: Add graphql mutation to delete protection rules

What does this MR do and why?

DB queries

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports