Skip to content

E2E: Set default expiry on PAT and make it revokable

Sanad Liaquat requested to merge qa-shl-set-default-expiry-on-pat-resources into master

What does this MR do and why?

  • Fixes the api_get_path for PersonalAcessToken resource remove it from the TestResourcesHandler's IGNORED_RESOURCES so that it is cleaned up by the delete-test-resources job.

test-resources.json file will now have (example):

  "QA::Resource::PersonalAccessToken": [
    {
      "info": "with name 'api-personal-access-token-802v55kq'",
      "api_path": "/personal_access_tokens/202",
      "fabrication_method": "browser_ui",
      "fabrication_time": 23.040004,
      "http_method": "post",
      "timestamp": "2022-08-31 15:47:22 +0500"
    }
  ]
  • Sets default expiry date when a Personal Access Token (PAT) is created via the API to that it is automatically revoked in a couple of days incase it remains uncleaned for some reason.
  • Unsets GITLAB_QA_ADMIN_ACCESS_TOKEN for ee:registry-with-cdn job. This is required for registry-with-cdn jobs same as in the gitlab-qa pipelines.
  • Redefine QA_ADMIN_ACCESS_TOKEN as GITLAB_QA_ADMIN_ACCESS_TOKEN. After we moved the e2e test pipeline to the canonical GitLab project, we also created all the required QA related CI/CD pipeline variables and unified the format to be prefixed with QA_. However, the code still uses GITLAB_QA_ADMIN_ACCESS_TOKEN. This will be fixed with #372474.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Sanad Liaquat

Merge request reports

Loading