feat(auth): parse and log JWT meta project path (!1299) · Merge requests · GitLab.org / container-registry

Suleimi Ahmed requested to merge 960-extract-meta-from-jwt into master May 17, 2023

Context 🔮

This is the first of a potential 3 part MR to grant a rename lease for all repositories under a gitlab project. The granted rename lease will be used to block write access to a project's repositories when the project is undergoing a rename or has requested a rename (as discussed in #925 (closed))

See #960 (closed) for more context

What exactly is in this MR? 🌱

In this MR we are:

Adding functionality to extract the project_path received in an authorized request (from the JWT) - following from the work carried out in gitlab#406795 (closed). This will allow us to be able to grant a rename lease on a requesting repository's project in the next MRs that follow this one.
Logging the project paths extracted from the JWT (when present)

Sample log:


{"auth_project_paths":["onboarding/container-registry-onboading-issue"],"auth_user_name":"root","auth_user_type":"gitlab_or_ldap","correlation_id":"01H1PGJT0D96RGVNTSY61HV67T","go_version":"go1.18.10","level":"info","msg":"authorized request","root_repo":"onboarding","time":"2023-05-30T14:21:53.049Z","vars_name":"onboarding/container-registry-onboading-issue","vars_reference":"alpine-latest","version":"v3.73.1-gitlab-3-gfc1f275e.m"}

Edited May 30, 2023 by Suleimi Ahmed

feat(auth): parse and log JWT meta project path

Context 🔮

What exactly is in this MR? 🌱

Merge request reports