Skip to content
GitLab Next
  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • GitLab GitLab
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
    • Locked Files
  • Issues 43,792
    • Issues 43,792
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
    • Requirements
  • Merge requests 1,415
    • Merge requests 1,415
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
    • Test Cases
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages & Registries
    • Packages & Registries
    • Package Registry
    • Container Registry
    • Infrastructure Registry
  • Monitor
    • Monitor
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Code review
    • Insights
    • Issue
    • Repository
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • GitLab.org
  • GitLabGitLab
  • Issues
  • #296669
Closed
Open
Created Jan 05, 2021 by Ken McKnight@kmcknight🎻Developer0 of 6 tasks completed0/6 tasks

Support customizable timeouts for git CLI 2FA

Problem to solve

Currently, the OTP timeout for git CLI 2FA is hard-coded to 15 minutes, which doesn't allow for any customization.

Intended users

Personas are described at https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/

  • Delaney (Development Team Lead)
  • Sasha (Software Developer)
  • Devon (DevOps Engineer)
  • Rachel (Release Manager)
  • Simone (Software Engineer in Test)

User experience goal

After OTP has been validated, the user has 15 minutes to use git commands that interact with the server (e.g. clone/push/pull) w/o requiring another OTP. After 15 minutes the user must request another OTP, which can be a problem for long-running processes, like automated builds.

Proposal

The following use cases need to be covered:

  1. MVC: Provide gitlab.rb setting instead of hard-coded value so a system-wide default can be set
  2. Follow-on enhancement: Provide a UI to set system-wide default (UPDATE: We have decided to skip the MVC above and proceed directly with providing UI to set a system-wide default)
  3. Follow-on enhancement: Provide per-user customization of timeout

Further details

Permissions and Security

Documentation

Availability & Testing

What does success look like, and how can we measure that?

What is the type of buyer?

Is this a cross-stage feature?

Links / references

Edited Jan 28, 2021 by Manoj M J
Assignee
Assign to
Time tracking