Design the group side settings
The idea is that any project in a given group can access the CI tunnel of an agent authorized for that group. This authorization happens in two steps:
- in the agent config as described in the Access to Kubernetes from CI doc.
- at the group level to enable/ignore agents set up in their config
As there is not code at the group level and with this issue we will have reverse indexes, I'd recommend a UI at the group level that lists the agents configure for this group, and group maintainers can set an agent to enabled or ignored (greyed out) in the list.
(Later, we can re-use this UI at the project level too, once it will be necessary.)
Requirements
Enable the group owner/maintainer to see the agents that requested access to the group and allow them to change the access status of the agent.
Proposal
- list the agents with project name, agent name, path to configuration (depends on the reverse proxy)
- show the status of each listed agent:
- enabled
- ignored
- not decided yet
- the status can be changed to "enabled" or "ignored"
- needs an empty state describing that the process starts in the agent config repo, linking to the docs
Possible errors:
- retrieving the list of agents
- the status setting fails, the status remains the same
Questions
- Where does this page live?
- Is there a 3-state switch in Pajamas already or shall we use segmented control?
Edited by Mikhail Mazurskiy