Skip to content
Snippets Groups Projects

Add admin_cicd_variables custom ability

Merged Alex Buijs requested to merge add-admin_cicd_variables-custom-permission into master
All threads resolved!

What does this MR do and why?

This allows admin access to CI/CD variables as a customizable ability, so that it can be added onto any base role.

This adds the policy. The policy is applied in other MR's (here and here).

Issue: #437947 (closed)

Edited by Alex Buijs

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Alex Buijs changed milestone to %16.9

    changed milestone to %16.9

  • assigned to @alexbuijs

  • Alex Buijs marked this merge request as draft

    marked this merge request as draft

  • Contributor
    2 Messages
    :book: CHANGELOG missing:

    If this merge request needs a changelog entry, add the Changelog trailer to the commit message you want to add to the changelog.

    If this merge request doesn't need a CHANGELOG entry, feel free to ignore this message.

    :book: This merge request adds or changes documentation files. A review from the Technical Writing team before you merge is recommended. Reviews can happen after you merge.

    Documentation review

    The following files require a review from a technical writer:

    The review does not need to block merging this merge request. See the:

    Reviewer roulette

    Category Reviewer Maintainer
    backend @ghinfey profile link current availability (UTC+0, 1 hour behind author) @kassio profile link current availability (UTC+0, 1 hour behind author)
    database @bala.kumar profile link current availability (UTC+5.5, 4.5 hours ahead of author) @ghavenga profile link current availability (UTC+2, 1 hour ahead of author)
    ~"Authorization" Reviewer review is optional for ~"Authorization" @jarka profile link current availability (UTC+1, same timezone as author)
    ~"Authentication" Reviewer review is optional for ~"Authentication" @sgarg_gitlab profile link current availability (UTC+5.5, 4.5 hours ahead of author)

    Please check reviewer's status!

    • available Reviewer is available!
    • unavailable Reviewer is unavailable!

    Please refer to documentation page for guidance on how you can benefit from the Reviewer Roulette, or use the GitLab Review Workload Dashboard to find other available reviewers.

    If needed, you can retry the :repeat: danger-review job that generated this comment.

    Generated by :no_entry_sign: Danger

  • Contributor

    E2E Test Result Summary

    allure-report-publisher generated test report!

    e2e-test-on-gdk: :white_check_mark: test report for 7d310e01

    expand test summary
    +------------------------------------------------------------------+
    |                          suites summary                          |
    +-------------+--------+--------+---------+-------+-------+--------+
    |             | passed | failed | skipped | flaky | total | result |
    +-------------+--------+--------+---------+-------+-------+--------+
    | Plan        | 4      | 0      | 0       | 0     | 4     | ✅     |
    | Package     | 0      | 0      | 1       | 0     | 1     | ➖     |
    | Monitor     | 4      | 0      | 0       | 0     | 4     | ✅     |
    | Govern      | 65     | 0      | 1       | 0     | 66    | ✅     |
    | Create      | 8      | 0      | 3       | 0     | 11    | ✅     |
    | Data Stores | 0      | 0      | 2       | 0     | 2     | ➖     |
    +-------------+--------+--------+---------+-------+-------+--------+
    | Total       | 81     | 0      | 7       | 0     | 88    | ✅     |
    +-------------+--------+--------+---------+-------+-------+--------+

    e2e-package-and-test: :white_check_mark: test report for 7d310e01

    expand test summary
    +------------------------------------------------------------------+
    |                          suites summary                          |
    +-------------+--------+--------+---------+-------+-------+--------+
    |             | passed | failed | skipped | flaky | total | result |
    +-------------+--------+--------+---------+-------+-------+--------+
    | Govern      | 271    | 0      | 22      | 1     | 293   | ✅     |
    | Create      | 148    | 0      | 24      | 4     | 172   | ✅     |
    | Monitor     | 8      | 0      | 0       | 0     | 8     | ✅     |
    | Package     | 0      | 0      | 2       | 0     | 2     | ➖     |
    | Data Stores | 0      | 0      | 4       | 0     | 4     | ➖     |
    | Plan        | 8      | 0      | 0       | 0     | 8     | ✅     |
    +-------------+--------+--------+---------+-------+-------+--------+
    | Total       | 435    | 0      | 52      | 5     | 487   | ✅     |
    +-------------+--------+--------+---------+-------+-------+--------+
  • Contributor

    Database migrations (on the main database)

    Migrations included in this change have been executed on gitlab.com data for testing purposes. For details, please see the migration testing pipeline (limited access).

    Migration Type Total runtime Result DB size change
    20240131123824 - AddAdminCicdVariablesToMemberRoles Regular 1.7 s :white_check_mark: +0.00 B
    Runtime Histogram for all migrations
    Query Runtime Count
    0 seconds - 0.01 seconds 0
    0.01 seconds - 0.1 seconds 4
    0.1 seconds - 1 second 0
    1 second - 5 seconds 0
    5 seconds - 15 seconds 0
    15 seconds - 5 minutes 0
    5 minutes + 0

    Migration: 20240131123824 - AddAdminCicdVariablesToMemberRoles

    • Type: Regular
    • Duration: 1.7 s
    • Database size change: +0.00 B
    Calls Total Time Max Time Mean Time Rows Query
    1 12.2 ms 12.2 ms 12.2 ms 0
    ALTER TABLE "member_roles" ADD "admin_cicd_variables" boolean DEFAULT FALSE NOT NULL
    1 0.0 ms 0.0 ms 0.0 ms 1
    SELECT $1::regtype::oid
    2 0.0 ms 0.0 ms 0.0 ms 2
    SELECT pg_backend_pid()
    Histogram for AddAdminCicdVariablesToMemberRoles
    Query Runtime Count
    0 seconds - 0.01 seconds 0
    0.01 seconds - 0.1 seconds 4
    0.1 seconds - 1 second 0
    1 second - 5 seconds 0
    5 seconds - 15 seconds 0
    15 seconds - 5 minutes 0
    5 minutes + 0

    Other information

    Other migrations pending on GitLab.com
    Migration Type Total runtime Result DB size change
    20240115185037 - CreatePackagesTerraformModuleMetadata Regular 2.2 s :warning: +40.00 KiB
    20240122155430 - RemoveZoektIndexedNamespacesForeignKeys Post deploy 2.7 s :warning: +0.00 B
    20240122155541 - DropZoektIndexedNamespacesTable Post deploy 1.7 s :white_check_mark: -112.00 KiB
    20240123102735 - UpdateNegativeStarCountsInProjects Post deploy 2.2 s :white_check_mark: +0.00 B
    20240123102745 - AddStarCountPositiveConstraintToProjects Post deploy 2.4 s :white_check_mark: +0.00 B
    20240123120413 - IndexSbomOccurrencesOnProjectIdComponentVersionIdAndInputFilePath Post deploy 377.1 s :white_check_mark: -425.12 MiB
    20240124105532 - FinalizeBackfillOwaspTopTenOfVulnerabilityReads Post deploy 1.8 s :white_check_mark: +0.00 B
    20240131000657 - PrepareAsyncIndexForPCiBuildsPart2 Post deploy 10.1 s :white_check_mark: +0.00 B
    Clone details
    Clone ID Clone Created At Clone Data Timestamp Expected Removal Time
    database-testing-2810711-12688177-main 2024-01-31T14:38:12Z 2024-01-31T10:51:51Z 2024-02-01 02:49:31 +0000
    database-testing-2810711-12688177-ci 2024-01-31T14:38:12Z 2024-01-31T12:46:43Z 2024-02-01 02:49:31 +0000

    Job artifacts

    Database migrations (on the ci database)

    Migrations included in this change have been executed on gitlab.com data for testing purposes. For details, please see the migration testing pipeline (limited access).

    Migration Type Total runtime Result DB size change
    20240131123824 - AddAdminCicdVariablesToMemberRoles Regular 2.7 s :white_check_mark: +0.00 B
    Runtime Histogram for all migrations
    Query Runtime Count
    0 seconds - 0.01 seconds 0
    0.01 seconds - 0.1 seconds 4
    0.1 seconds - 1 second 0
    1 second - 5 seconds 0
    5 seconds - 15 seconds 0
    15 seconds - 5 minutes 0
    5 minutes + 0

    Migration: 20240131123824 - AddAdminCicdVariablesToMemberRoles

    • Type: Regular
    • Duration: 2.7 s
    • Database size change: +0.00 B
    Calls Total Time Max Time Mean Time Rows Query
    1 45.7 ms 45.7 ms 45.7 ms 0
    ALTER TABLE "member_roles" ADD "admin_cicd_variables" boolean DEFAULT FALSE NOT NULL
    1 0.0 ms 0.0 ms 0.0 ms 1
    SELECT $1::regtype::oid
    2 0.0 ms 0.0 ms 0.0 ms 2
    SELECT pg_backend_pid()
    Histogram for AddAdminCicdVariablesToMemberRoles
    Query Runtime Count
    0 seconds - 0.01 seconds 0
    0.01 seconds - 0.1 seconds 4
    0.1 seconds - 1 second 0
    1 second - 5 seconds 0
    5 seconds - 15 seconds 0
    15 seconds - 5 minutes 0
    5 minutes + 0

    Other information

    Other migrations pending on GitLab.com
    Migration Type Total runtime Result DB size change
    20240115185037 - CreatePackagesTerraformModuleMetadata Regular 3.8 s :warning: +24.00 KiB
    20240131000657 - PrepareAsyncIndexForPCiBuildsPart2 Post deploy 11.1 s :white_check_mark: +0.00 B
    Clone details
    Clone ID Clone Created At Clone Data Timestamp Expected Removal Time
    database-testing-2810711-12688177-main 2024-01-31T14:38:12Z 2024-01-31T10:51:51Z 2024-02-01 02:49:31 +0000
    database-testing-2810711-12688177-ci 2024-01-31T14:38:12Z 2024-01-31T12:46:43Z 2024-02-01 02:49:31 +0000

    Job artifacts


    Brought to you by gitlab-org/database-team/gitlab-com-database-testing. Epic

  • Alex Buijs added 276 commits

    added 276 commits

    Compare with previous version

  • A deleted user added documentation frontend labels

    added documentation frontend labels

  • Contributor

    Bundle size analysis [beta]

    This compares changes in bundle size for entry points between the commits 7d99af84 and 05a64c10

    :sparkles: Special assets

    Entrypoint / Name Size before Size after Diff Diff in percent
    average 4.13 MB 4.13 MB - 0.0 %
    mainChunk 3.13 MB 3.13 MB - 0.0 %

    Note: We do not have exact data for 7d99af84. So we have used data from: 0450b001.
    The intended commit has no webpack pipeline, so we chose the last commit with one before it.

    Please look at the full report for more details


    Read more about how this report works.

    Generated by :no_entry_sign: Danger

  • Alex Buijs added 248 commits

    added 248 commits

    Compare with previous version

  • Alex Buijs added 436 commits

    added 436 commits

    Compare with previous version

  • Alex Buijs added 362 commits

    added 362 commits

    Compare with previous version

  • A deleted user added feature flag label

    added feature flag label

  • Alex Buijs mentioned in issue #440834

    mentioned in issue #440834

  • Alex Buijs added 1 commit

    added 1 commit

    • 6c41599b - Add admin_cicd_variables custom ability

    Compare with previous version

  • Alex Buijs added 191 commits

    added 191 commits

    Compare with previous version

  • Alex Buijs added 1 commit

    added 1 commit

    • bbbad383 - Add admin_cicd_variables custom ability

    Compare with previous version

  • Alex Buijs
  • Alex Buijs
  • Alex Buijs changed the description

    changed the description

  • Alex Buijs requested review from @mokhax and @bala.kumar

    requested review from @mokhax and @bala.kumar

  • Alex Buijs marked this merge request as ready

    marked this merge request as ready

  • Alex Buijs changed the description

    changed the description

  • mo khan approved this merge request

    approved this merge request

  • mo khan requested review from @jarka and removed review request for @mokhax

    requested review from @jarka and removed review request for @mokhax

  • Alex Buijs added 1 commit

    added 1 commit

    • 41ec8189 - Implement backend maintainer review feedback

    Compare with previous version

  • Alex Buijs reset approvals from @mokhax by pushing to the branch

    reset approvals from @mokhax by pushing to the branch

  • Alex Buijs requested review from @jarka

    requested review from @jarka

  • added databasereviewed label and removed databasereview pending label

  • Bala Kumar requested review from @stomlinson

    requested review from @stomlinson

  • Bala Kumar removed review request for @bala.kumar

    removed review request for @bala.kumar

  • Bala Kumar approved this merge request

    approved this merge request

  • Alex Buijs added 1 commit

    added 1 commit

    • d0717889 - Implement backend maintainer review feedback

    Compare with previous version

  • Alex Buijs reset approvals from @bala.kumar by pushing to the branch

    reset approvals from @bala.kumar by pushing to the branch

  • Simon Tomlinson approved this merge request

    approved this merge request

  • added databaseapproved label and removed databasereviewed label

  • Simon Tomlinson removed review request for @stomlinson

    removed review request for @stomlinson

  • Alex Buijs added 472 commits

    added 472 commits

    Compare with previous version

  • Alex Buijs reset approvals from @stomlinson by pushing to the branch

    reset approvals from @stomlinson by pushing to the branch

  • Jarka Košanová resolved all threads

    resolved all threads

  • Jarka Košanová approved this merge request

    approved this merge request

  • requested review from @sgarg_gitlab and @stomlinson

  • Simon Tomlinson approved this merge request

    approved this merge request

  • Simon Tomlinson removed review request for @stomlinson

    removed review request for @stomlinson

  • 🤖 GitLab Bot 🤖 changed milestone to %16.10

    changed milestone to %16.10

  • Smriti Garg approved this merge request

    approved this merge request

  • Rutger Wessels resolved all threads

    resolved all threads

  • merged

  • @rutgerwessels, did you forget to run a pipeline before you merged this work? Based on our code review process, if the latest pipeline was created more than 4 hours ago, you should:

    1. Ensure the merge request is not in Draft status.
    2. Start a pipeline (especially important for Community contribution merge requests).
    3. Set the merge request to auto-merge.

    This is a guideline, not a rule. Please consider replying to this comment for transparency.

    This message was generated automatically. You're welcome to improve it.

  • Hello @alexbuijs :wave:

    The database team is looking for ways to improve the database review process and we would love your help!

    If you'd be open to someone on the database team reaching out to you for a chat, or if you'd like to leave some feedback asynchronously, just post a reply to this comment mentioning:

    @gitlab-org/database-team

    And someone will be by shortly!

    Thanks for your help! :heart:

    This message was generated automatically. You're welcome to improve it.

  • Rutger Wessels mentioned in commit 656e2e79

    mentioned in commit 656e2e79

  • Alex Buijs mentioned in merge request !144746 (merged)

    mentioned in merge request !144746 (merged)

  • added workflowstaging label and removed workflowcanary label

  • Tetiana Chupryna mentioned in merge request !144197 (merged)

    mentioned in merge request !144197 (merged)

  • mentioned in issue #451035 (closed)

  • mo khan mentioned in merge request !152662 (merged)

    mentioned in merge request !152662 (merged)

  • Please register or sign in to reply
    Loading