Extract Workhorse <-> GitLab JWT authentication to make it reusable
What does this MR do?
This MR is extracted from https://gitlab.com/gitlab-org/gitlab-ce/issues/61927 in order to break the later in smaller chunks.
It extracts the code used for the JWT based authentication between Workhorse and GitLab so that we can reuse it for the Pages internal API.
Screenshots
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry for user-facing changes, or community contribution. Check the link for other scenarios. -
Documentation created/updated or follow-up review issue created -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Performance and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec -
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Related to #61927 (moved)
Merge request reports
Activity
changed milestone to %12.3
added Category:Pages Deliverable backstage [DEPRECATED] devopsrelease [DEPRECATED] workflowin review + 1 deleted label
removed workflowin review label
1 Warning 
4c63c631: This commit’s subject line is acceptable, but please try to reduce it to 50 characters. Reviewer roulette
Changes that require review have been detected! A merge request is normally reviewed by both a reviewer and a maintainer in its primary category (e.g. frontend or backend), and by a maintainer in all other categories.
To spread load more evenly across eligible reviewers, Danger has randomly picked a candidate for each review slot. Feel free to override this selection if you think someone else would be better-suited, or the chosen person is unavailable.
Once you've decided who will review this merge request, mention them as you normally would! Danger does not (yet?) automatically notify them for you.
Category Reviewer Maintainer backend Reuben Pereira ( @rpereira2)Rémy Coutable ( @rymai)Generated by
@ayufan Can you please review this a backend maintainer and merge? It is another piece from https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/30787 so already checked by reviewer.
assigned to @ayufan
- spec/lib/gitlab/jwt_authenticatable_spec.rb 0 → 100644
1 # frozen_string_literal: true 2 3 require 'spec_helper' 4 5 describe Gitlab::JwtAuthenticatable do 6 let(:test_class) do 7 Class.new do 8 include Gitlab::JwtAuthenticatable 9 10 def self.secret_path 11 Rails.root.join('tmp', 'tests', '.jwt_shared_secret') For future. It would be better to generate a temporary directory, that is gonna be removed with
after do.describe '#show' do let(:tmpdir) { Dir.mktmpdir('profiler-test') } ... after do FileUtils.rm_rf(tmpdir) end
marked the checklist item Documentation created/updated or follow-up review issue created as completed
marked the checklist item Documentation created/updated or follow-up review issue created as incomplete
marked the checklist item Code review guidelines as completed
marked the checklist item Merge request performance guidelines as completed
marked the checklist item Style guides as completed
mentioned in commit fd561023
mentioned in merge request !32732 (merged)
mentioned in issue gitlab#28781 (closed)
mentioned in issue gitlab#324990 (closed)
