Add ability to admin_terraform_state to custom roles
What does this MR do and why?
This MR adds the ability admin_terraform_state to custom roles.
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Screenshots or screen recordings
Database
Output of db:migrate
main: == 20240101031938 AddAdminTerraformStateToMemberRoles: migrating ==============
main: -- add_column(:member_roles, :admin_terraform_state, :boolean, {:default=>false, :null=>false})
main: -> 0.0028s
main: == 20240101031938 AddAdminTerraformStateToMemberRoles: migrated (0.0059s) =====Output of db:rollback
main: == 20240101031938 AddAdminTerraformStateToMemberRoles: reverting ==============
main: -- remove_column(:member_roles, :admin_terraform_state, :boolean, {:default=>false, :null=>false})
main: -> 0.0047s
main: == 20240101031938 AddAdminTerraformStateToMemberRoles: reverted (0.0100s) =====How to set up and validate locally
- Turn on SaaS Mode
% export GITLAB_SIMULATE_SAAS=1
% gdk restart- Pick a group with at least one project, eg.
gitlab-org. Would recommend picking an existing group since terraform states are seeded already. - As an admin, navigate to the group's Settings > Roles & Permissions and create custom role with base role as
Guest&Admin terraform statecheckbox checked. - Navigate to the group's members page and assign the custom role to any member of that group.
- Log-in as that member, navigate to a project inside that group and go to Operate > Terrform states.
- The user should see be able to read & manage the terraform state.
Related to #421789 (closed)
Edited by Hinam Mehra