Disable resource access tokens for group credentials inventory
What does this MR do and why?
Related to #297441 (closed)
Fixes what should be the last remaining item in order to [Feature flag] Rollout of `group_credentials_in... (#485659). It will require some refactoring of the self-managed credential inventory to support group and project access tokens for Group Credential Inventory. In the interest of rolling out an MVC, disable it until iteration 2.
This feature is still under a feature flag for GitLab.com. There will be no visual change for self-managed.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Before | After |
---|---|
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
-
Simulate SaaS, including setting a premium or ultimate plan for a test group.
-
Add one or more members to the group.
-
Use the Rails console to specify a member user as an enterprise user:
user = User.find_by_username 'the_username' group = Group.find_by_full_path 'the_group_path' user.user_detail.enterprise_group = group user.user_detail.enterprise_group_associated_at = Time.zone.now user.save!
-
Enable the feature
Feature.enable(:group_credentials_inventory)
-
Navigate to the group. Find the credentials inventory - Secure > Credentials.
-
You will now see the enterprise user's personal access tokens, SSH Keys in each respective tab. If none are present, go create either a PAT or SSH key for the enterprise user. Notice that 'Project and group access tokens' is absent in the tabs.
-
Navigate to Admin area -> Credentials. Note that you now see the 'Project and group access tokens' tab.