Find compromised runner authentication token - admin view

Release notes

{placeholder for release notes text}

Problem to solve

Runner registration tokens, if compromised, can be used to register unauthorized runners to a GitLab instance. Such a runner can then potentially be used to intercept pipeline jobs. Today administrators and authorized users can reset runner registration tokens at the project, group, or instance, (shared), level. However, there is no easy way to find a runner registration token at the instance level if the administrator's goal is to quickly find the compromised token and reset it. There is also no automated mechanism to reset all runner tokens at the instance level in a situation where there is a security breach and when it may be more difficult to determine which runner tokens are compromised.

Intended users

• Sidney (Systems Administrator)
• Devon (DevOps Engineer)

Proposal for MVC

• UI: In the Runner Enterprise Management epic we are planning to add new functionality to the admin panel for Runners. This is under Admin area > Runners. Add to the admin view a column for the runner registration token.
• Enable admins to search for a specific runner token from this view.
• Add a registration reset option for a specific runner to this view.

Tasks to deliver MVC:

• UX review, analysis, design for the MVC
• Review the proposed logic with front-end and back-end engineers (asynch).
• Refine the proposed implementation plan.
• Write and merge front end code.
• Write and merge back end code.
• Testing