Allow non-group Agent projects to authorize themselves
What does this MR do and why?
Fixes a typebug where a project that doesn't belong to a group (ie belongs to a personal user namespace) can't create an authorization record (and therefore fine-tune auth configuration) for itself.
Screenshots or screen recordings
These are strongly recommended to assist reviewers and reduce the time to merge your change.
How to set up and validate locally (requires a Kubernetes cluster + KAS)
- Create an Agent configuration project, ensuring that it belongs to a user namespace, not a group.
- Register an agent from the configuration project.
- Authorize the configuration project to access the Agent. This triggers a sync from KAS -> Rails
- In a Rails console, verify an authorization record has been created for the project/agent combination:
Clusters::Agents::ProjectAuthorization.find_by(agent_id: <your-agent-id>, project_id: <your-project-id>)MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Tiger Watson