Update SSH key expired warning messages
requested to merge 247515-the-ssh-key-page-at-profile-keys-should-mention-that-expired-keys-only-cause-warnings-and into master
What does this MR do?
This MR updates the SSH key profile and admin views to be more descriptive with the icon tooltips depending on whether SSH key expiration enforcement is enabled.
It also adds an additional description to the expiry date form field on the SSH key creation form in the user's profile.
Screenshots (strongly suggested)
Form description
| Enforced | Not enforced | CE |
|---|---|---|
 |
 |
|
Tooltip
| Scenario | Outcome |
|---|---|
| Valid and not expired |  |
| Valid and expired and enforced |  |
| Valid and expired and not enforced |  |
| Valid and expired on CE |  |
| Not valid and not expired |  |
| Not valid and expired and enforced |  |
| Not valid and expired and not enforced |  |
| Not valid and expired on CE |  |
Does this MR meet the acceptance criteria?
Conformity
-
📋 Does this MR need a changelog?-
I have included a changelog entry. -
I have not included a changelog entry because _____.
-
-
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides - [-] Database guides
-
Separation of EE specific content
Availability and Testing
- Make sure you are using an GitLab Ultimate or greater license
- Go to
[HOST]/admin/application_settings/general#js-account-settingsand enable/disable theEnforce SSH key expirationsetting - Go to
[HOST]/-/profile/keysand make sure the description and tooltip render as expected
For forcing an invalid key, you can do this after key creation by changing which SSH key types are allowed on the instance. If you forbid your SSH keys type, it will invalidate the key!
- Go to
[HOST]/admin/application_settings/generaljs-visibility-settingsand enable/disable your SSH keys type - Go to
[HOST]/-/profile/keysand make sure the tooltip renders as expected
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers - [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec - [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team
Related to #247515 (closed)
Edited by Jiaan Louw