Skip to content

Update `AgentTokensFinder` to expect `agent` argument

Pam Artiaga requested to merge pam/agent-tokens-finder-agent-arg into master

What does this MR do and why?

In MR !103170 (merged), the AgentTokensFinder was introduced and used in the "list agent tokens" REST API for fetching all agent tokens of an agent, given an agent_id.

The AgentTokensFinder will also need to be used in the AgentTokensResolver, which already holds an agent object. In this case, we want to avoid the AgentTokensFinder having to query the agent again.

This MR updates the AgentTokensFinder so that:

  • it expects an agent argument instead of an agent_id argument
  • the REST API endpoint that calls it will first find the agent using AgentsFinder
    • this means that scenarios involving the agent will be handled by the AgentsFinder, e.g.: if there is no existing record for the given agent_id

Alternative implementations are discussed here: !103897 (comment 1170436850), but ultimately we landed on this one.

This change is submitted as its own MR because 3 other MRs are dependent on it: !103897 (merged), !103292 (merged), & !103300 (merged)

Issue: #363119 (closed)

Screenshots or screen recordings

Setup

Example project (ID=27):

test_browser_project

Project Agent -> Tokens page

test_browser_agent_tokens

Project agent and agent tokens in the database

test_psql_project_agents

test_psql_project_agent_tokens

Test

Fetching agent tokens

test_api_list-tokens

When specified agent_id is not under the specified project

test_api_list-tokens-wrong-project

When specified agent does not exist

test_api_list-tokens-wrong-agent

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

Setup

  1. Create a project (or use an existing one)
  2. Set up an agent in that project
    • This will register an agent and create one agent token
  3. Create more agent tokens:
    1. Go to project Infrastructure -> Kubernetes clusters page
    2. Go to the agent's page
    3. Select the Access tokens tab
    4. Click the Create token button

Validate

Use curl to test the API endpoint

  1. Set up a project or personal access token to make sure your curl request is authorized

  2. Run the following curl request:

    curl -ki -X GET \
--header "Authorization: Bearer <your project or personal access token>" \
"https://<local gitlab url>/api/v4/projects/<project_id>/cluster_agents/<agent_id>/tokens"

    Example:

    curl -ki -X GET \
--header "Authorization: Bearer <token>" \
"https://gdk.test:3443/api/v4/projects/27/cluster_agents/7/tokens"

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Pam Artiaga

Merge request reports