Backend to show Group Deploy Keys at Project level
What does this MR do?
When a Group Deploy Key is enabled at the group level, it should be also enabled for all projects belonging to that group. Consequently, this key should be taken into consideration when retrieving all deploy keys for a given project. For example, they should show up in Project > Repository > Deploy Keys
section:
That said, for a given project, enabled group deploy keys should not be returned as part of project.deploy_keys
.
This MR chooses to be explicit about the addition of the enabled and eligible group deploy keys, rather than having them returned as part of project.deploy_keys
:
- even though
GroupDeployKey
is a subclass ofKey
(likeDeployKey
), it should be seen as a different entity (it's actually a different table thankeys
). - it may be preferable not to break that existing
has_many :deploy_keys
association inProject
. - there may be a scenario where we actually only want project-scoped deploy keys.
Exemple: to show group deploy keys in the Repository
view, we would have something like:
# app/presenters/projects/settings/deploy_keys_presenter.rb
def enabled_keys
strong_memoize(:enabled_keys) do
project.deploy_keys.with_projects + project.enabled_group_deploy_keys
end
end
This MR deals with the backend part of showing the group deploy keys at the project level. frontend should dealt with in as part of this issue.
Screenshots
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Closes #14729 (closed)