Add auditor access for group runners
What does this MR do and why?
Describe in detail what your merge request does and why.
Closes #357328 (closed)
Screenshots or screen recordings
These are strongly recommended to assist reviewers and reduce the time to merge your change.
auditor-enable-group-cicd-runners
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
- Switch to the
master
branch and visit GitLab in your browser. Login as an admin user and attempt to visit the runners in a grouphttps://gitlab.example.com/groups/<GROUP>/-/runners
. As an admin, you should be able to view this page. - Impersonate an auditor account and attempt to visit
https://gitlab.example.com/groups/<GROUP>/-/runners
. As an auditor, you should see a404
. This is expected. - Switch to the
auditor-enable-group-cicd-runners
branch. - In the address bar, attempt to visit
https://gitlab.example.com/groups/<GROUP>/-/runners
. As an auditor, you should now be able to view this page.
Please note:
The Group CI/CD runners page also has a Register a group runner
drop-down button that allows users to:
- See the runner installation and registration instructions.
- See the registration token.
- Reset the registration token.
As an auditor user, if you attempt to reset the registration token you will get this error message: The resource that you are attempting to access does not exist or you don't have permission to perform this action
. This is expected because we want the auditor to have read permission only.
My MR in its current form does not consider the visibility of the "Register a group runner" button and the options under it. Moving forward, I think this can be addressed separately but it would be great to get some advice on the following:
- Should this button be visible in the first place?
- If yes, should all sections be visible or only specific ones (e.g. See the registration token)?
- If not, I'll probably need help on that.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.