Skip to content

Implement `AgentTokensFinder` and use in agent_tokens api

Pam Artiaga requested to merge pam/agent-tokens-finder into master

What does this MR do and why?

This implements a Clusters::AgentTokensFinder class, similar to the Clusters::AgentsFinder class.

This is the first of a set of changes to use the AgentTokensFinder in the Cluster Agent Tokens API. In this MR, the AgentTokensFinder class is used for fetching the agent_token records in the GET /projects/:id/cluster_agents/:agent_id/tokens endpoint. There is no need yet to have anything in the finder class beyond a straightforward execute method.

Changes to the AgentTokensFinder (e.g.: including FinderMethods module or having a params argument) will be added as needed by the endpoints using it.

Note that this follows the original behavior of returning all tokens of an agent regardless of status (active or revoked).

Issue: #363119 (closed)

Other MRs for the issue: !103292 (merged) !103300 (merged)

Screenshots or screen recordings


Example project (ID=27):


Project Agent -> Tokens page


Project agent and agent tokens in the database




Fetching agent tokens


When specified agent_id is not under the specified project


When specified agent does not exist


How to set up and validate locally


  1. Create a project (or use an existing one)
  2. Set up an agent in that project
    • This will register an agent and create one agent token
  3. Create more agent tokens:
    1. Go to project Infrastructure -> Kubernetes clusters page
    2. Go to the agent's page
    3. Select the Access tokens tab
    4. Click the Create token button


Use curl to test the API endpoint

  1. Set up a project or personal access token to make sure your curl request is authorized

  2. Run the following curl request:

    curl -ki -X GET \
    --header "Authorization: Bearer <your project or personal access token>" \
    "https://<local gitlab url>/api/v4/projects/<project_id>/cluster_agents/<agent_id>/tokens"


    curl -ki -X GET \
    --header "Authorization: Bearer <token>" \

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Pam Artiaga

Merge request reports