Add Trigger Tokens to Credential Inventory
Release notes
Problem to solve
The credential inventory adds necessary visibility for compliance-minded organizations to know who or what has access to their GitLab systems and resources. It is missing a number of access credentials/tokens to provide a more comprehensive and reliable view of GitLab access and control of that access.
Intended users
User experience goal
An administrator should be able to view information about every Trigger Token in use within their instance.
Proposal
Add a Trigger Tokens tab to the credential inventory and list relevant information.
| Token | Description | Project | Owner | Last used | (Actions) |
|---|---|---|---|---|---|
e0d577983a539433d4ba1 
|
Super trigger | GitLab.org / GitLab |  |
Never |  |
Empty state
| Preview |
|---|
 No triggers have been created yet. Triggers can force a specific branch or tag to get rebuilt with an API call. These tokens will impersonate their associated user including their access to projects and their project permissions. |
Out of scope
- Adding triggers
- Editing triggers
Implementation
Total combined weight of
backend to add finder and update controller
- Add a new
TriggerTokensFinderto get all the trigger tokens on the instance. - Update the controller to show trigger tokens when selected.
- Add an action to revoke a trigger token.
- Update specs.
frontend to update HAML views
- Add a new
Trigger tokenstab to the admin credentials inventory view. - When active and there are tokens, then render the trigger tokens table contents.
Empty state will be added in #351883.
Considerations for follow-ups
There is an existing Vue component to list trigger tokens ci_settings_pipeline_triggers/components/triggers_list.vue. If we converted the credentials inventory to a Vue table then we could reuse some of that component, although it would need to be refactored slightly because the layouts don't match 100%.
TriggerList.vue design
Note: We'll need to add a conditional project column and also expand the user avatar.