Group Deploy Keys - API
Problem to solve
The Group Deploy Keys API will sit along side of the existing Deploy Keys API. It will allow all (CRUD) operations available on that existing API + the "Enabling key" operation (
Adding deploy keys to multiple projects won't be made available, as it's out of context at group level).
documentation will be created accordingly.
User experience goal
Following the created documentation, users should be able to perform CRUD operations on Group Deploy Keys vi API.
- List group deploy keys:
- Single group deploy key:
- Add group deploy key:
- Update group deploy key:
- Delete group deploy key:
- Enable group deploy key:
- For performance reasons, the
keystable could not be reused for group deploy keys. So as part of #215160 (closed), a new
group_deploy_keystable with an almost-similar structure as
- As part of the same issue, a
group_deploy_keys_groupsintermediate table between
group_deploy_keystables was created. It'll be used to save which group deploy key is enabled for a given group, and whether it has write-access to it.
- Other backend considerations (addition of a model, serializers, policies) were added as part of this MR.
With all of the above set up, the development of the Group Deploy Keys API should be ready to go. In addition to creating the endpoints listed above, the backend piece to add is to extend a group deploy key permission from a given group onto all children projects of this group.