Add Delete buttons to the SSH tab of the credential inventory
Problem to solve
Currently, the credential inventory provides passive insight to administrators
and group owners
. With the introduction of credential management capabilities like optional SSH key expiration and PAT expiration (#118893 (closed) for gitlab.com), additional functionality is required to enable administrators
and group owners
to facilitate the rotation of credentials once they're expired.
GitLab would like to strike a balance between necessary policy definition and enforcement that compliance-minded organizations require and maintaining a great developer experience. Abrupt credential revocation is disruptive and frustrating, but an organization unable to rotate credentials for their users faces an increased risk of a credential's compromise.
There's no way to delete SSH credentials on behalf of users
for administrators
and group owners
, who need to enforce this action.
Further details
This was split out from #214811 (closed) per #214811 (comment 369945751).
Intended users
Solution
In the "SSH" tab of the credentials inventory, add a Delete
button that appears for each SSH credential. Clicking this button causes a confirmation modal to appear. Confirming via the modal causes the SSH credential to be deleted.
Implementation breakdown
- Add or modify the path to delete SSH keys for
admin/credentials
&groups
in the backend - Add an additional column with the
Delete
button
Follow-up
- Improve the confirmation modal #235945 (closed)