Protected containers: GraphQL query for container protection rules
requested to merge gitlab-community/gitlab:427547-protected-containers-graphql-query-container-registry-protection-rules into master
What does this MR do and why?
- Adding new graphql endpoint for querying container protection rules of a specific project
- Consider feature flag
:container_registry_protected_containers - This MR is prerequiste for Protected containers: Protection rules in proje... (!146436 - merged)
Changelog: added
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
MR Checklist (@gerardo-navarro)
-
Changelog entry added, if necessary -
Documentation created/updated via this MR -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Tested in all supported browsers -
Conforms to the code review guidelines -
Conforms to the merge request performance guidelines -
Conforms to the style guides -
Conforms to the javascript style guides -
Conforms to the database guides
Screenshots or screen recordings
With this MR, it is possible to send graphql request in order to query container protection rules. The body of the graphql request looks like this.
query {
project(fullPath: "flightjs/Flight") {
containerRegistryProtectionRules {
nodes {
repositoryPathPattern
pushProtectedUpToAccessLevel
deleteProtectedUpToAccessLevel
}
}
}
}
How to set up and validate locally
- Enable feature flag via
rails c
Feature.enable(:container_regsitry_protected_containers)- Create some container protection rules
15.times { |i| ContainerRegistry::Protection::Rule.create(project: Project.find(7), repository_path_pattern: "flightjs/flight#{i}", push_protected_up_to_access_level: :maintainer, delete_protected_up_to_access_level: :developer) }- Now, you should be able to send mutation requests via the graphql api
curl --request POST \
--url http://gdk.test:3000/api/graphql \
--header 'Authorization: Bearer ypCa3Dzb23o5nvsixwPA' \
--header 'Content-Type: application/json' \
--cookie 'perf_bar_enabled=true; BetterErrors-2.10.1-CSRF-Token=0b882179-5e4a-431b-a420-2be3701cece8; preferred_language=en' \
--data '{"query":"query {\n\tproject(fullPath: \"flightjs/Flight\") {\n\t\tcontainerRegistryProtectionRules(first: 10) {\n\t\t\tnodes {\n\t\t\t\tid\n\t\t\t\trepositoryPathPattern\n\t\t\t\tpushProtectedUpToAccessLevel\n\t\t\t\tdeleteProtectedUpToAccessLevel\n\t\t\t}\n\t\t\tpageInfo {\n\t\t\t\tstartCursor\n\t\t\t\tendCursor\n\t\t\t\thasNextPage\n\t\t\t\thasPreviousPage\n\t\t\t}\n\t\t}\n\t}\n}\n"}'Related to #427547 (closed)
Edited by Gerardo Navarro