Show group access tokens in admin cred inventory
What does this MR do and why?
- Project access tokens were added to the admin credential inventory here: !79645 (diffs)
- If any group access tokens had been created, a 500 error was occurring because the existing logic assumed that all bot-owned PATs were project access tokens. Issue for 500 here: #354489 (closed)
- This MR updates the admin credential inventory controller and view to take into account the existence of group access tokens. Group access tokens can be viewed and revoked from this page.
Screenshots or screen recordings
Screen_Recording_2022-11-03_at_8.49.38_PM
How to set up and validate locally
- Create a group access token: https://docs.gitlab.com/ee/user/group/settings/group_access_tokens.html#create-a-group-access-token-using-ui
- As an instance admin, look at the Project and Group access tokens in the Credentials Inventory and make sure that the data is correct: http://localhost:3000/admin/credentials?filter=resource_access_tokens
- Attempt to revoke the group access token.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Jessie Young