Add agent project authorizations to finder
What does this MR do and why?
Implements the last remaining bit to surface project level authorizations for the GitLab Kubernetes Agent CI/CD tunnel.
See #327850 (closed)
How to set up and validate locally
- GDK needs a runner attached, and the
gitlab-k8s-agent
enabled - Enable the feature flag
group_authorized_agents
:Feature.enable(:group_authorized_agents)
- Add an agent with configuration project
gitlab-agent-testing/config
with the following configuration:# config/.gitlab/agents/first/config.yaml ci_access: projects: - id: gitlab-agent-testing/ci-project # <-- We will run CI/CD in here access_as: agent: {}
- In a separate project,
gitlab-agent-testing/ci-project
, add the following.gitlab-ci.yml
:# .gitlab-ci.yml test: image: registry.gitlab.com/gitlab-org/cluster-integration/helm-install-image/releases/3.6.3-kube-1.17.17-alpine-3.14 script: - kubectl config get-contexts
- View the job logs for the
test
job
Screenshots or screen recordings
The job logs should look like this (the failed jobs you see on the side were hurdles with getting my local runner working):
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Hordur Freyr Yngvason