Adds ContainerTagsExpirationPolicy graphql type
Context
A container registry can have a schedule to cleanup projects defined.
When a user navigates to the container registry for a project they can see when the next cleanup is scheduled: e.g. https://gitlab.com/gitlab-org/gitlab/container_registry
If a user clicks on a specific image repository, they will see Cleanup disabled
rendered if they do not have MAINTAINER or above permissions. https://gitlab.com/gitlab-org/gitlab/container_registry/3728789
The expected behaviour here should be that all users should be able to see the next cleanup schedule run time irregardless of permissions when they are inside an image repository.
What does this MR do and why?
- Creates new
ContainerTagsExpirationPolicy
graphql type - This is copied from
ContainerExpirationPolicy
with updated authorization- Changed the authorization for the
ContainerExpirationPolicyType
from:admin_container_image
to:read_container_image
. - This allows users with read access to container images to view the container expiration policy details.
- Changed the authorization for the
- Deprecates
ContainerExpirationPolicy
graphql type, related issue - Adds
container_tags_expiration_policy
toproject_type
graphql type - Adds
container_tags_expiration_policy
to the update mutation
Why?
This was the original attempt Update authorization for ContainerExpirationPol... (!158703 - closed). We realised that this would need to be breaking change, so based on the decision, we want to deprecate existing fields to allow nullable fields.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
Before | After |
---|---|
How to set up and validate locally
Query:
project(fullPath: "<project-path>") {
containerTagsExpirationPolicy {
nextRunAt
cadence
enabled
}
containerExpirationPolicy {
nextRunAt
cadence
enabled
}
}
Mutation:
mutation {
updateContainerExpirationPolicy(input: { cadence: EVERY_MONTH, projectPath: "<project-path>", enabled: true}) {
containerTagsExpirationPolicy {
cadence
enabled
}
containerExpirationPolicy {
cadence
enabled
}
errors
}
}
Related to #471341 (closed)