Skip to content

Create API endpoint to update a protected environment

What does this MR do and why?

This merge request adds two new endpoints to allow updating protected environments:

Documentation was also added for both endpoints.

Please note: I had to expose id attribute for the following two API entities:

  • API::Entities::ProtectedEnvironments::DeployAccessLevel
  • API::Entities::ProtectedEnvironments::ApprovalRule

To make sure API users can have the id for these objects to be able to pass them when updating a protected environment. All example responses were also updated to include id attribute for deploy_access_levels and approval_rules. Some of the examples had wrong indentation as well, so I fixed those too!

Resolves #351854 (closed).

How to set up and validate locally

The following describes how to validate this locally for project-level protected environments. Group-level should be similar, so I skipped adding instructions for that here.

  • Create a project if you don't have one already.
  • Create an environment for this project. Go to Deployments > Environments to create one. Let's call it staging.
  • Protect this environment using the UI from Settings > CI/CD > Protected Environments:
    • Allow your own user (id: 1) to deploy to this environment.
    • Set required approvals to 2.
  • Create a new user (id: 2), and add the user to the project members.
  • Ensure that you have a have an access token ready for use.
  • Send a request to get the protected environment data:
    • Replace USE_YOUR_OWN_TOKEN_HERE with your own.
    • Replace PROJECT_ID with the id of the project.
curl --header "PRIVATE-TOKEN: USE_YOUR_OWN_TOKEN_HERE" "http://gdk.test:3000/api/v4/projects/PROJECT_ID/protected_environments/staging"
  • Keep track of the id of deploy_access_levels object in the response.
  • Send the following request to update the protected environment:
    • Replace USE_YOUR_OWN_TOKEN_HERE with your own.
    • Replace DEPLOY_ACCESS_LEVEL_ID_FROM_ABOVE with the id you got above.
    • Replace PROJECT_ID with the id of the project.
curl --header 'Content-Type: application/json' --header 'PRIVATE-TOKEN: USE_YOUR_OWN_TOKEN_HERE` --request PUT --data '{"deploy_access_levels": [{ "id": DEPLOY_ACCESS_LEVEL_ID_FROM_ABOVE, "user_id": 2 }], "required_approval_count": 1}'      "http://gdk.test:3000/api/v4/projects/PROJECT_ID/protected_environments/staging"
  • Verify that:
    • deploy_access_level object had its user_id updated from 1 to 2.
    • required_approval_count was updated from 2 to 1.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Ahmed Hemdan

Merge request reports

Loading