Resolve "Reduce the scope of Geo JWT (JSON Web Tokens)"
What does this MR do?
Check token | Added scope to the token | Works | |
---|---|---|---|
API (post a node status) | * | geo_api | * |
Git | * | gl_repository (type + ID) | fetch, reclone, snaphot |
Transfer | * | lfs, file, job_artifact (+ ID) | * |
What are the relevant issue numbers?
https://gitlab.com/gitlab-org/gitlab-ee/issues/3868
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated via this MR -
Tests added for this feature/bug -
Tested in all supported browsers -
Conforms to the code review guidelines -
Conforms to the merge request performance guidelines -
Conforms to the style guides -
Conforms to the database guides - [] Link to e2e tests MR added if this MR has Requires e2e tests label. See the Test Planning Process.
-
EE specific content should be in the top level /ee
folder -
For a paid feature, have we considered GitLab.com plans, how it works for groups, and is there a design for promoting it to users who aren't on the correct plan? -
Security reports checked/validated by reviewer
Closes #3868 (closed)
Edited by Valery Sizov