Skip to content

Disable resource access tokens for group credentials inventory

Drew Blessing requested to merge dblessing_group_cred_inv_no_rats into master

What does this MR do and why?

Related to #297441 (closed)

Fixes what should be the last remaining item in order to [Feature flag] Rollout of `group_credentials_in... (#485659). It will require some refactoring of the self-managed credential inventory to support group and project access tokens for Group Credential Inventory. In the interest of rolling out an MVC, disable it until iteration 2.

This feature is still under a feature flag for GitLab.com. There will be no visual change for self-managed.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

  1. Simulate SaaS, including setting a premium or ultimate plan for a test group.

  2. Add one or more members to the group.

  3. Use the Rails console to specify a member user as an enterprise user:

    user = User.find_by_username 'the_username'
    group = Group.find_by_full_path 'the_group_path'
    user.user_detail.enterprise_group = group
    user.user_detail.enterprise_group_associated_at = Time.zone.now
    user.save!
  4. Enable the feature

    Feature.enable(:group_credentials_inventory)
  5. Navigate to the group. Find the credentials inventory - Secure > Credentials.

  6. You will now see the enterprise user's personal access tokens, SSH Keys in each respective tab. If none are present, go create either a PAT or SSH key for the enterprise user. Notice that 'Project and group access tokens' is absent in the tabs.

  7. Navigate to Admin area -> Credentials. Note that you now see the 'Project and group access tokens' tab.

Edited by Drew Blessing

Merge request reports

Loading