Skip to content

Implement `AgentTokensFinder` and use in agent_tokens api

Pam Artiaga requested to merge pam/agent-tokens-finder into master

What does this MR do and why?

This implements a Clusters::AgentTokensFinder class, similar to the Clusters::AgentsFinder class.

This is the first of a set of changes to use the AgentTokensFinder in the Cluster Agent Tokens API. In this MR, the AgentTokensFinder class is used for fetching the agent_token records in the GET /projects/:id/cluster_agents/:agent_id/tokens endpoint. There is no need yet to have anything in the finder class beyond a straightforward execute method.

Changes to the AgentTokensFinder (e.g.: including FinderMethods module or having a params argument) will be added as needed by the endpoints using it.

Note that this follows the original behavior of returning all tokens of an agent regardless of status (active or revoked).

Issue: #363119 (closed)

Other MRs for the issue: !103292 (merged) !103300 (merged)

Screenshots or screen recordings

Setup

Example project (ID=27):

test_browser_project

Project Agent -> Tokens page

test_browser_agent_tokens

Project agent and agent tokens in the database

test_psql_project_agents

test_psql_project_agent_tokens

Test

Fetching agent tokens

test_api_list-tokens

When specified agent_id is not under the specified project

test_api_list-tokens-wrong-project

When specified agent does not exist

test_api_list-tokens-wrong-agent

How to set up and validate locally

Setup

  1. Create a project (or use an existing one)
  2. Set up an agent in that project
    • This will register an agent and create one agent token
  3. Create more agent tokens:
    1. Go to project Infrastructure -> Kubernetes clusters page
    2. Go to the agent's page
    3. Select the Access tokens tab
    4. Click the Create token button

Validate

Use curl to test the API endpoint

  1. Set up a project or personal access token to make sure your curl request is authorized

  2. Run the following curl request:

    curl -ki -X GET \
    --header "Authorization: Bearer <your project or personal access token>" \
    "https://<local gitlab url>/api/v4/projects/<project_id>/cluster_agents/<agent_id>/tokens"

    Example:

    curl -ki -X GET \
    --header "Authorization: Bearer <token>" \
    "https://gdk.test:3443/api/v4/projects/28/cluster_agents/7/tokens"

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Pam Artiaga

Merge request reports