Optimize AuthorizeProxyUserService with user_access authorizations
NOTE: This MR is built on top of Introduce Agent User Access Finder (!117817 - merged).
What does this MR do and why?
This MR optimizes AuthorizeProxyUserService
with persisted user_access
authorizations, which was introduced in the previous MRs (MR-1 and MR-2).
Closes Persist GitLab agent's user access configuratio... (#389430 - closed) and Fix N+1 issue in KAS user access endpoints (#393336 - closed)
A few notes:
- This feature is behind
kas_user_access
feature flag which is disabled by default. It's not exposed to end-users yet. - See https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/kubernetes_user_access.md for the feature spec details.
- Related to Show shared agents in deployment projects (#395498 - closed)
- See Initial iteration of Kubernetes Dashboard in En... (&9859 - closed) for further iterations.
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Shinya Maeda