New REST endpoint GET allowlist of CI_JOB_TOKEN access settings (!118495) · Merge requests · GitLab.org / GitLab

Gerardo Navarro requested to merge gitlab-community/gitlab:351740-rest-api-endpoint-fetch-job-token-scope-allowlist into master Apr 24, 2023

What does this MR do and why?

This MR works towards the another task of the issue (feature) #351740 (closed)

🛠 with ❤ at Siemens

Screenshots or screen recordings

New REST endpoint for allowlist of CI_JOB_TOKEN access settings
- GET "api/v4/projects/:id/job_token_scope/allowlist/inbound"
The response is paginated
The response contains a list of projects (basic project object)

How to set up and validate locally

Create a personal access token with the respective permissions
Ensure the user of the personal access token is at least maintainer of the project
Execute the following curl commands

curl --request GET \
  --url http://127.0.0.1:3000/api/v4/projects/7/job_token_scope/allowlist/inbound?private_token=<personal_access_token_of_project_maintainer>

TODO

@gerardo-navarro Add pagination
@gerardo-navarro Add guard for respective flag ci_inbound_token_scope_enabled
Check with gitlab team regarding order of allowlist allow list
Check with gitlab team regarding the data fields in response object
@gerardo-navarro Add test to check that only the direction are not possible
Approval from technical writer
@gerardo-navarro Remove api endpoint for outbound <= see !118495 (comment 1376769595)

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #351740 (closed)

Edited May 21, 2023 by Gerardo Navarro

New REST endpoint GET allowlist of CI_JOB_TOKEN access settings

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

TODO

MR acceptance checklist

Merge request reports