Adjust project settings CI_JOB_TOKEN section wording
What does this MR do and why?
Context
This MR contains the changes from Rename "Limit access to this project" to "Allow... (!151704 - merged) (which was reverted because the language didn't match how the toggle works)...
except the toggle label will remain "Limit access _to_ this project"
to match how the feature currently works:
- toggle off: any project can use
CI_JOB_TOKEN
to authenticate with this project - toggle on: only projects on the allowlist can use
CI_JOB_TOKEN
to authenticate with this project
Description
Clarify CI Job Token wording
Reword UI text around "Limit access to this project" toggle
Add card header secondary text, wrap it responsively
On md+ viewports, wrap text before it reaches the button
On smaller viewports, make the text full width and
wrap the button below the rest of the text
Changelog: changed
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Before | After |
---|---|
how the new description text wraps with the button on smaller screens Screen_Recording_2024-06-21_at_20.25.06 |
How to set up and validate locally
- navigate to a project
- in the sidebar, choose
Settings
=>CI/CD
- expand the
Job token permissions
section (formerly known asToken Access
) - review the following text changes:
settings section
title:
- Token Access
+ Job token permissions
description:
- Control how the CI_JOB_TOKEN CI/CD variable is used for API access between projects.
+ Control whether CI/CD job tokens can be used to authenticate with this project.
toggle
help text:
- Allow access to this project from authorized groups or projects by adding them to the allowlist. It is a security risk to disable this feature, because unauthorized projects might attempt to retrieve an active token and access the API.
+ When enabled, only groups and projects in the allowlist are authorized to use a CI/CD job token to authenticate requests to this project. When disabled, any group or project can do so.
card/table header
title:
- Groups and projects with access
+ Authorized groups and projects
description (new)
+ Ensure only groups and projects with members authorized to access sensitive project data are added to the allowlist.
Related to #415519 (closed)