Domain Verification MVC

What does this MR do and why?

Describe in detail what your merge request does and why.

Delivers #353030 (closed)

In the Domain Verification MVC we reuse verified Pages domains. SCIM and SAML-created users will not be required to verify their email address when the email domain matches a verified domain. We can trust the domain because the organization owners have verified ownership.

The new view queries pages domains for all projects in the group hierarchy. All domains, verified and unverified, are shown for clarity, with a respective badge identifying its status. This prevents confusion when an owner knows a Pages domain exists but doesn't see it in the list (it's unverified).

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

Create domains via Rails console

1. In Rails console, use the following command to create a verified domain:

   project = Project.find_by_full_path('group/project')
   verified_domain = PagesDomain.create!(domain: 'verified.example.com', verified_at: Time.now, project: project)

2. Use the following command to create an unverified domain:

   project = Project.find_by_full_path('group/project')
   unverified_domain = PagesDomain.create!(domain: 'unverified.example.com', verified_at: nil, project: project)

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.

changed milestone to %15.3

added devopsmanage groupauthentication and authorization [DEPRECATED] typefeature labels

assigned to @dblessing

added Deliverable GitLab.com Priority auto updated backend candidate15.3 direction quad-planningcomplete-no-action sectiondev workflowin dev + 1 deleted label

Suggested Reviewers (beta)

The individuals below may be good candidates to participate in the review based on various factors.

You can use slash commands in comments to quickly assign /assign_reviewer @user1.

Suggested Reviewers
@rspeicher, @mayra-cabrera, @dbalexandre, @dzaporozhets, @kushalpandya

If you do not believe these suggestions are useful, please apply the label Bad Suggested Reviewer. You can also provide feedback for this feature on this issue: https://gitlab.com/gitlab-org/gitlab/-/issues/357923.

Automatically generated by Suggested Reviewers Bot - an experimental ML-based recommendation engine created by ~"group::applied ml".

added frontend label

	1 Warning
	Please add a merge request subtype to this merge request.

Reviewer roulette

Changes that require review have been detected!

Please refer to the table below for assigning reviewers and maintainers suggested by Danger in the specified category:

Category	Reviewer	Maintainer
backend	Gregory Havenga (@ghavenga) (UTC+2, 7 hours ahead of @dblessing)	Nikola Milojevic (@nmilojevic1) (UTC+2, 7 hours ahead of @dblessing)
frontend	Tomas Vik (@viktomas) (UTC+2, 7 hours ahead of @dblessing)	Paul Slaughter (@pslaughter) (UTC-5, same timezone as @dblessing)
test for spec/features/*	Andrejs Cunskis (@acunskis) (UTC+3, 8 hours ahead of @dblessing)	Maintainer review is optional for test for spec/features/*
~"group::authentication and authorization"	Reviewer review is optional for ~"group::authentication and authorization"	Eduardo Sanz-Garcia (@eduardosanz) (UTC+2, 7 hours ahead of @dblessing)

To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot, based on their timezone. Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.

To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.

Once you've decided who will review this merge request, assign them as a reviewer! Danger does not automatically notify them for you.

If needed, you can retry the danger-review job that generated this comment.

Generated by Danger

@dblessing - please see the following guidance and update this merge request.

	1 Warning
	Please add a subtype label to this merge request.

If you have added a type label and do not feel the purpose of this merge request matches one of the subtypes labels, please resolve this discussion.

Allure report

allure-report-publisher generated test report!

review-qa-blocking: test report for f046c649

expand test summary

+-----------------------------------------------------------------------------------------+
|                                     suites summary                                      |
+------------------------------------+--------+--------+---------+-------+-------+--------+
|                                    | passed | failed | skipped | flaky | total | result |
+------------------------------------+--------+--------+---------+-------+-------+--------+
| Verify                             | 12     | 0      | 1       | 10    | 13    | ❗     |
| Create                             | 28     | 0      | 1       | 7     | 29    | ❗     |
| Plan                               | 47     | 0      | 1       | 25    | 48    | ❗     |
| Manage                             | 46     | 0      | 3       | 21    | 49    | ❗     |
| Secure                             | 2      | 0      | 0       | 2     | 2     | ❗     |
| Package                            | 0      | 0      | 1       | 0     | 1     | ➖     |
| Version sanity check               | 0      | 0      | 1       | 0     | 1     | ➖     |
| Protect                            | 2      | 0      | 0       | 2     | 2     | ❗     |
| Feature flag handler sanity checks | 9      | 0      | 0       | 0     | 9     | ✅     |
| Configure                          | 0      | 0      | 1       | 0     | 1     | ➖     |
+------------------------------------+--------+--------+---------+-------+-------+--------+
| Total                              | 146    | 0      | 9       | 67    | 155   | ❗     |
+------------------------------------+--------+--------+---------+-------+-------+--------+

e2e-review-qa-blocking: test report for a0ea3efc

expand test summary

+-----------------------------------------------------------------------------------------+
|                                     suites summary                                      |
+------------------------------------+--------+--------+---------+-------+-------+--------+
|                                    | passed | failed | skipped | flaky | total | result |
+------------------------------------+--------+--------+---------+-------+-------+--------+
| Manage                             | 57     | 0      | 3       | 53    | 60    | ❗     |
| Create                             | 28     | 0      | 1       | 26    | 29    | ❗     |
| Plan                               | 47     | 0      | 1       | 45    | 48    | ❗     |
| Protect                            | 2      | 0      | 0       | 2     | 2     | ❗     |
| Verify                             | 12     | 0      | 1       | 10    | 13    | ❗     |
| Feature flag handler sanity checks | 9      | 0      | 0       | 0     | 9     | ✅     |
| Secure                             | 2      | 0      | 0       | 2     | 2     | ❗     |
| Configure                          | 0      | 0      | 1       | 0     | 1     | ➖     |
| Version sanity check               | 0      | 0      | 1       | 0     | 1     | ➖     |
| Package                            | 0      | 0      | 1       | 0     | 1     | ➖     |
+------------------------------------+--------+--------+---------+-------+-------+--------+
| Total                              | 157    | 0      | 9       | 138   | 166   | ❗     |
+------------------------------------+--------+--------+---------+-------+-------+--------+

@dblessing, please can you answer the question: Should this have a feature flag? to help with code review for the Authentication and Authorization group.

This nudge was added by this triage-ops policy.

added 632 commits

• cd51bc91...31db66f0 - 631 commits from branch master
• 0c9b8b55 - Domain Verification

Compare with previous version

added 1 commit

• 2dc05d3c - Domain Verification MVC

Compare with previous version

added 1 commit

• aed63251 - Domain Verification MVC

Compare with previous version

changed milestone to %15.4

added missed-deliverable missed:15.3 labels

added 295 commits

• aed63251...80c6c324 - 294 commits from branch master
• 471af2ce - Domain Verification MVC

Compare with previous version

added 1 commit

• 98207440 - Domain Verification MVC

Compare with previous version

added 1 commit

• 8a693a7e - Domain Verification MVC

Compare with previous version

added 1 commit

• 85277446 - Domain Verification MVC

Compare with previous version

marked this merge request as ready

changed title from Draft: Domain Verification to Domain Verification MVC

changed the description

added 1 commit

• 9f411af8 - Domain Verification MVC

Compare with previous version

added 1 commit

• f046c649 - Domain Verification MVC

Compare with previous version

added featureaddition label

resolved all threads

marked the checklist item I have evaluated the MR acceptance checklist for this MR. as completed

requested review from @jessieay

added 375 commits

• f046c649...ec331e55 - 374 commits from branch master
• f7fe2421 - Domain Verification MVC

Compare with previous version

	2 Warnings
	This merge request is quite big (516 lines changed), please consider splitting it into multiple merge requests.
	featureaddition and featureenhancement merge requests normally have a documentation change. Consider adding a documentation update or confirming the documentation plan with the Technical Writer counterpart. For more information, see: The Handbook page on merge request types. The definition of done documentation.

Reviewer roulette

Changes that require review have been detected!

Please refer to the table below for assigning reviewers and maintainers suggested by Danger in the specified category:

Category	Reviewer	Maintainer
backend	Vladimir Shushlin (@vshushlin) (UTC+2, 7 hours ahead of @dblessing)	Rémy Coutable (@rymai) (UTC+2, 7 hours ahead of @dblessing)
frontend	Tomáš Bulva (@tbulva) (UTC+2, 7 hours ahead of @dblessing)	Jannik Lehmann (@jannik_lehmann) (UTC+2, 7 hours ahead of @dblessing)
test for spec/features/*	Andrejs Cunskis (@acunskis) (UTC+3, 8 hours ahead of @dblessing)	Maintainer review is optional for test for spec/features/*
~"group::authentication and authorization"	Reviewer review is optional for ~"group::authentication and authorization"	Michelle Gill (@m_gill)

To spread load more evenly across eligible reviewers, Danger has picked a candidate for each review slot, based on their timezone. Feel free to override these selections if you think someone else would be better-suited or use the GitLab Review Workload Dashboard to find other available reviewers.

To read more on how to use the reviewer roulette, please take a look at the Engineering workflow and code review guidelines. Please consider assigning a reviewer or maintainer who is a domain expert in the area of the merge request.

Once you've decided who will review this merge request, assign them as a reviewer! Danger does not automatically notify them for you.

If needed, you can retry the danger-review job that generated this comment.

Generated by Danger

removed workflowin dev label

added 1 commit

• d71863e8 - Domain Verification MVC

Compare with previous version

added 1 commit

• 0d529ac2 - Domain Verification MVC

Compare with previous version

requested review from @dzubova

added 1 commit

• f05898f6 - Domain Verification MVC

Compare with previous version

requested review from @eduardosanz and removed review request for @dzubova

requested review from @acunskis

added 1 commit

• 694c9c56 - Domain Verification MVC

Compare with previous version

added 1 commit

• 7b666332 - Domain Verification MVC

Compare with previous version

approved this merge request

@jessieay, thanks for approving this merge request.

This is the first time the merge request is approved. To ensure full test coverage, a new pipeline has been started.

For more info, please refer to the following links:

• rspec minimal jobs
• jest minimal jobs
• merging a merge request.

added 239 commits

• 7b666332...37fab76e - 238 commits from branch master
• 5c4acb55 - Domain Verification MVC

Compare with previous version

added 1 commit

• bd82454a - Domain Verification MVC

Compare with previous version

approved this merge request

removed review request for @acunskis

@dblessing, thanks for your great work! I have left a few questions and suggestions.

Please, could you tell me how I create one verified and one unverified domain using the Ruby console? Thanks.

changed the description

requested review from @eread

removed review request for @eread

added Technical Writing UI text labels

approved this merge request

The superb job in this MR!

added 1 commit

• 04007bf8 - Apply 4 suggestion(s) to 1 file(s)

Compare with previous version

added 124 commits

• 04007bf8...d7ab79e4 - 123 commits from branch master
• a6c0af13 - Domain Verification MVC

Compare with previous version

requested review from @nmilojevic1 and @pslaughter

removed review request for @eduardosanz and @jessieay

added pipeline:run-as-if-foss label

@dblessing, great work! Thanks for addressing my suggestions.

I am approving the MR. I have suggested a way to keep the columns closer for large viewports. I also suggested a way to simplify the markup with the link_to utility.

approved this merge request

added 1 commit

• 2e031254 - Apply 2 suggestion(s) to 1 file(s)

Compare with previous version

added 1 commit

• 4cd7ee4b - Domain Verification MVC

Compare with previous version

mentioned in issue #238461 (closed)

Thanks so much for working on this @dblessing! Sorry for my delay. This is on my radar and will get to look at this within the next 12 hours or so

Thanks for your review, @pslaughter. Fixed up as requested.

mentioned in merge request !96549 (merged)

added 1 commit

• a0ea3efc - Domain Verification MVC

Compare with previous version

todo: Let's get a UX here.

@dmoraBerlin could you please UX review and approve this new Domain Verification page? Please keep in mind the following threads:

• !95407 (comment 1087321606)
• !95407 (comment 1087321607)

Here's a screenshot after resolving the above threads

requested review from @dmoraBerlin

question (non-blocking): @dblessing following the Create domains via Rails console instructions you left in this MR, I can create verified domains easily, but they only stay verified for a couple of minutes

After creating new verified domain	2 minutes later

Is this expected?

Thanks so much @dblessing! We're almost there. I have a couple of more threads for you, then we should be good to go from frontend

Back to you!

removed review request for @pslaughter

Thanks, @dblessing. This looks great. backend LGTM!

approved this merge request

removed review request for @nmilojevic1

added 1 commit

• 178d5174 - Domain Verification MVC

Compare with previous version

requested review from @pslaughter

added 1912 commits

• 178d5174...a7042de3 - 1911 commits from branch master
• a509cafb - Domain Verification MVC

Compare with previous version

Looking at this now!

Thanks again for working on this @dblessing! Tested locally and everything LGTM

Approving...

approved this merge request

todo: We still need/want an official UX here. cc @dmoraBerlin

I'll go ahead and unassign myself here, but feel free to reassign to me for merge. Thanks!

removed review request for @pslaughter

approved this merge request

approved this merge request

added 1 commit

• d0ae41d1 - Domain Verification MVC

Compare with previous version

requested review from @nmilojevic1 and removed review request for @dmoraBerlin

mentioned in issue #322039 (closed)

added 1 commit

• 8fe5fce4 - Domain Verification MVC

Compare with previous version

added 1 commit

• b3d115c7 - Domain Verification MVC

Compare with previous version

@kerrizor Would you mind giving this a final maintainer review, please? It already had backend maintainer approval from Nikola but it looks like he's OOO. We didn't have other approvals at the time he approved.

requested review from @kerrizor and removed review request for @nmilojevic1

added 421 commits

• b3d115c7...8e7cc9ec - 420 commits from branch master
• f61af13e - Domain Verification MVC

Compare with previous version

added 1 commit

• 0a7775eb - Domain Verification MVC

Compare with previous version

resolved all threads

merged

mentioned in commit 735fc66e

added workflowstaging-canary label

added workflowcanary label and removed workflowstaging-canary label

added workflowstaging label and removed workflowcanary label

added workflowproduction label and removed workflowstaging label

mentioned in issue #353030 (closed)

added workflowpost-deploy-db-staging label and removed workflowproduction label

added workflowpost-deploy-db-production label and removed workflowpost-deploy-db-staging label

mentioned in merge request !98161 (merged)

added releasedcandidate label

mentioned in merge request kubitus-project/kubitus-installer!1453 (merged)

mentioned in merge request !109237 (merged)

mentioned in epic &9675 (closed)

mentioned in merge request !135873 (merged)