Optimize AuthorizeProxyUserService with user_access authorizations (!116905) · Merge requests · GitLab.org / GitLab

Shinya Maeda requested to merge find-and-use-user-access-authorizations into master Apr 06, 2023

NOTE: This MR is built on top of Introduce Agent User Access Finder (!117817 - merged).

What does this MR do and why?

This MR optimizes AuthorizeProxyUserService with persisted user_access authorizations, which was introduced in the previous MRs (MR-1 and MR-2).

Closes Persist GitLab agent's user access configuratio... (#389430 - closed) and Fix N+1 issue in KAS user access endpoints (#393336 - closed)

A few notes:

This feature is behind kas_user_access feature flag which is disabled by default. It's not exposed to end-users yet.
See https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/kubernetes_user_access.md for the feature spec details.
Related to Show shared agents in deployment projects (#395498 - closed)
See Initial iteration of Kubernetes Dashboard in En... (&9859 - closed) for further iterations.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Apr 20, 2023 by Shinya Maeda

Optimize AuthorizeProxyUserService with user_access authorizations

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports