It is not possible to get information regarding which account is associated to which deploy key

Problem to solve

As per the documentation: All deploy keys are associated to an account. Since the permissions for an account can change, this might lead to scenarios where a deploy key that was working is suddenly unable to push to a protected branch

Each deploy key is associated to an account. But after creation, the only way to know which key is associated to which account is to check directly the database. Nothing in the interface or API allows us to check that.

Moreover, if the account is removed from the project, the only way to know there is an issue with the deploy key is to actually try pushing and get an error from git. The "can_push" will still show true in the API call, and the GUI will still show Grant write permissions to this key enabled.

In this support ticket: internal link, the customer removed an account/user from the repository and the deploy key created by this user became silently read only. He would like to know how to identify which user created the remaining deploy keys.

Proposal

A first initial step could be to modify the deploy keys API so List all deploy keys, List project deploy keys and Get a single deploy key would as well display which key is own by which account.

A second step could be to have the interface showing which account created which deploy key.

And maybe later for another iteration the "can_push" can be made consistent with the real status of the key.

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.