Use AgentTokensFinder in agent_token/revoke API endpoint
What does this MR do and why?
The AgentTokensFinder
was introduced in !103170 (merged) & !104038 (merged) and used for fetching all agent tokens of an agent, and updated in !103292 (merged) to support finding a single record.
Here, the AgentTokensFinder
class is used for fetching a single agent_token record in the DELETE /projects/:id/cluster_agents/:agent_id/tokens/:token_id
endpoint.
Note that this follows the original behavior of revoking the token regardless of status (active or already revoked).
Issue: #363119 (closed)
Screenshots or screen recordings
Setup
Example project (ID=27):
Project Agent -> Tokens page
Project agent and agent tokens in the database
Test
Revoking a single agent token
Token with ID=8 has now been revoked
Revoking a single agent token that is revoked
When specified agent_id is not under the specified project
When specified agent does not exist
How to set up and validate locally
- Create a project (or use an existing one)
-
Set up an agent in that project
- This will register an agent and create one agent token
- Create more agent tokens:
- Go to project Infrastructure -> Kubernetes clusters page
- Go to the agent's page
- Select the Access tokens tab
- Click the Create token button
Validate
Use curl
to test the API endpoint
-
Set up a project or personal access token to make sure your curl request is authorized
-
Run the following
curl
request:curl -ki -X DELETE \ --header "Authorization: Bearer <your project or personal access token>" \ "https://<local gitlab url>/api/v4/projects/<project_id>/cluster_agents/<agent_id>/tokens/<token_id>"
Example:
curl -ki -X DELETE \ --header "Authorization: Bearer <token>" \ "https://gdk.test:3443/api/v4/projects/27/cluster_agents/7/tokens/6"
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.