Removal of allowlist autopopulation migration tooling for CI job token

Summary

To support the migration of the default scope behavior for the CI job token allowlist, GitLab will be enabling automatic population of the allowlist as part of this effort. When the automation has occurred and the allowlist is enforced in %18.0, we will be removing the code that provides this automation.

Migration tooling was introduced in 17.7; planned removal is now planned for 18.6.

According to issue #478540 (closed), the following merge requests introduced the allowlist autopopulation migration tooling and would need to be reverted:

Core Backend Infrastructure (in order of introduction):

  1. !172152 - Ci::JobToken::AuthorizationsCompactor
    • Merged: December 10, 2024 (17.7)
    • Adds the compaction process to fit authorizations within allowlist limits
  2. !174901 - Adds autopopulated column to scope links tables
    • Merged: December 9, 2024 (17.7)
    • Adds autopopulated boolean column to ci_job_token_project_scope_links and ci_job_token_group_scope_links
  3. !175457 - Adding services to autopopulate and clear autopopulated allowlist entries
    • Merged: January 14, 2025 (17.9)
    • Adds services to create and delete autopopulated allowlist entries
  4. !177172 - Exclude projects or groups from CI Job Token authorizations compaction
    • Merged: January 17, 2025 (17.9)
    • Adds excluded_namespace_paths parameter to the compactor

GraphQL Mutations:

  1. !177465 - Adding GraphQL mutations to trigger Allowlist Autopopulation processes
    • Merged: January 28, 2025 (17.9)
    • Adds ciJobTokenScopeAutopopulateAllowlist and ciJobTokenScopeClearAllowlistAutopopulations mutations

Rake Task:

  1. !179579 - CI Job Token Allowlist migration rake task
    • Merged: February 12, 2025 (17.9)
    • Adds rake task ci:job_tokens:allowlist:autopopulate_and_enforce

UI Components:

  1. !177785 - Add "Added from log" icon in job token allowlist UI
    • Merged: January 31, 2025 (17.9)
    • Adds UI indicator for autopopulated entries

These MRs collectively implement the complete autopopulation migration tooling that was introduced in 17.7-17.9 and is now planned for removal in 18.6 according to issue #498305.

Edited by Dmytro Biryukov