Skip to content

Add container expiration policy to GraphQL project

David Fernandez requested to merge 196784-add-container-expiration-policy-to-graphql-project into master

What does this MR do?

Related issue #196784 (closed)

Adds the container expiration policy type to the graphQL resource project (https://docs.gitlab.com/ee/api/graphql/reference/index.html#project)

Design choices

  • Follows the same accessibility permission as the rest API:
    • In particular, if the registry feature is disabled, the container expiration policy is still accessible and readable.
    • To get access the field, the user has to have the destroy_container_image permission
  • The container expiration policy table has several columns that can be NULL(https://gitlab.com/gitlab-org/gitlab/-/blob/master/db/structure.sql#L1967-1979). This has been followed on the graphQL type with null: false/true
  • The container expiration policy model has 3 options. An option column is a string/integer column but the values that can be set for these columns are validated = a finite set of options.
    • To help attribute discovery, the graphql type uses Enums to map to these options.
    • I had an issue with GraphQL enums: they can't start with an integer. To workaround this, I provided a mapping to have a translation model option value -> valid graphql enum value.

Screenshots

GraphiQL editor:

Screenshot_2020-05-25_at_14.59.47

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by David Fernandez

Merge request reports