Skip to content

Add require_personal_access_token_expiry application setting

Stan Hu requested to merge sh-add-require-pat-expiry-option-17-2 into 17-2-stable-ee

What does this MR do and why?

This backports !158186 (merged) to 17-2-stable-ee for gitlab-org/release/tasks#11510 (closed).

Adds a new admin setting, ApplicationSettings#require_personal_access_token_expiry that removes the expiration enforcement of PAT, PrAT and GrATs A SM admins can optionally enable the setting Require access tokens to have an expiry to require expiration for their tokens. This will only be applicable to net new tokens.

Related to #470192 (closed).

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

  • This MR is backporting a bug fix, documentation update, or spec fix, previously merged in the default branch.
  • The MR that fixed the bug on the default branch has been deployed to GitLab.com (not applicable for documentation or spec changes).
  • This MR has a severity label assigned (if applicable).
  • Set the milestone of the merge request to match the target backport branch version.
  • This MR has been approved by a maintainer (only one approval is required).
  • Ensure the e2e:package-and-test-ee job has either succeeded or been approved by a Software Engineer in Test.

Note to the merge request author and maintainer

If you have questions about the patch release process, please:

Edited by Stan Hu

Merge request reports

Loading