Adds KAS properties to GraphQL (!59696) · Merge requests · GitLab.org / GitLab

João Alexandre Cunha requested to merge feature/adds-kas-metadata-to-graphql into master Apr 19, 2021

What does this MR do?

Adds KAS metadata types to GraphQL API. They'll be accessible through the instance metadata, since KAS is a service part of the GitLab infrastructure.

Here's how I've implemented it.

GraphQL query

query {
  metadata {
    version # don't need to include it necessarily
    revision # don't need to include it necessarily
    kas{
      enabled
      version
      externalUrl
    }
  }
}

GraphQL response

{
  "data": {
    "metadata": {
      "version": "13.11.0-pre",
      "revision": "7fe6ecdfea7",
      "kas": {
        "enabled": true,
        "version": "13.11.1",
        "externalUrl": "/Users/alexand/dev/gitlab-development-kit/gitlab/.gitlab_kas_secret"
      }
    }
  }
}

Considerations

Why did I not add KAS metadata simply as fields of the instance metadata? Instead I created KAS as a sub-type of it.

I thought is would be more organized this way, since KAS already has 3 readable attributes and I think there could be more in the future. So it will make more sense to have it as its own field, if we decide to make KAS attributes a field of QueryType in the future. I was also afraid to have to create deprecations quickly in the near feature, which is not the end of the world for GraphQL, but it is always an inconvenience.
I think this looks more natural for the client querying the API.
I think we might be increasing the query complexity by one or 2 extra points, since with this approach we'll also have to check for a separate policy (InstanceMetadata::KasPolicy), even though I'm applying the same policy (read_instance_metadata) that the MetadataType already requires. Although, this complexity increase seems quite small, specially considering that this endpoint is probably not used in conjunction with very complex queries. There are no joins or too many nested fields that relate to metadata.
I've decided to make all fields non-nullable with exception of kas.version and kas.externalUrl, since those don't make sense if kas.enabled? == false.

Screenshots (strongly suggested)

Does this MR meet the acceptance criteria?

Conformity

📋 Does this MR need a changelog?
- I have included a changelog entry.
- I have not included a changelog entry because _____.
Documentation (if required)
Code review guidelines
Merge request performance guidelines
Style guides
Database guides
Separation of EE specific content

Availability and Testing

Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
Tested in all supported browsers
Informed Infrastructure department of a default or new setting change, if applicable per definition of done

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

Label as security and @ mention @gitlab-com/gl-security/appsec
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
Security reports checked/validated by a reviewer from the AppSec team

Edited May 05, 2021 by Bob Van Landuyt

Adds KAS properties to GraphQL