Add agent project authorizations to finder (!71434) · Merge requests · GitLab.org / GitLab

Hordur Freyr Yngvason requested to merge add-agent-project-authorizations-to-finder into master Sep 29, 2021

What does this MR do and why?

Implements the last remaining bit to surface project level authorizations for the GitLab Kubernetes Agent CI/CD tunnel.

How to set up and validate locally

GDK needs a runner attached, and the gitlab-k8s-agent enabled
Enable the feature flag group_authorized_agents:
```
Feature.enable(:group_authorized_agents)
```

Add an agent with configuration project gitlab-agent-testing/config with the following configuration:

# config/.gitlab/agents/first/config.yaml
ci_access:
  projects:
    - id: gitlab-agent-testing/ci-project # <-- We will run CI/CD in here
      access_as:
        agent: {}

In a separate project, gitlab-agent-testing/ci-project, add the following .gitlab-ci.yml:

# .gitlab-ci.yml
test:
  image: registry.gitlab.com/gitlab-org/cluster-integration/helm-install-image/releases/3.6.3-kube-1.17.17-alpine-3.14
  script:
    - kubectl config get-contexts

View the job logs for the test job

Screenshots or screen recordings

The job logs should look like this (the failed jobs you see on the side were hurdles with getting my local runner working):

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Sep 30, 2021 by Hordur Freyr Yngvason

Add agent project authorizations to finder

What does this MR do and why?

How to set up and validate locally

Screenshots or screen recordings

MR acceptance checklist

Merge request reports