Resolve "Allow personal access token in `/kubernetes/authorize_proxy_user`" (!130141) · Merge requests · GitLab.org / GitLab

Tiger Watson requested to merge 422410-support-token-auth-in-k8s-proxy into master Aug 24, 2023

What does this MR do and why?

The change set in this MR adds support to handle personal_access_token access_type in addition to the existing session_cookie type in the internal /kubernetes/authorize_proxy_user endpoint.

This endpoint is used by KAS to authenticate a user for a proxied Kubernetes API call to an agent cluster.

It implements the rails part of things for Support Personal Access Token Authentication fo... (&11235 - closed). The KAS part is implemented with Support Personal Access Tokens in Kubernetes AP... (gitlab-org/cluster-integration/gitlab-agent!1075 - merged).

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #422410 (closed)

Edited Sep 01, 2023 by Timo Furrer

Resolve "Allow personal access token in `/kubernetes/authorize_proxy_user`"

What does this MR do and why?

MR acceptance checklist

Merge request reports