Allow GitLab sysadmins to automate tasks
Problem
It’s difficult to automate tasks and scripts because there is no way of doing so without having those things attached to a specific user. Most automations require an access token which can only be generated via a user account.
When a customer has a user that leaves their company, which has access tokens attached to them, those access tokens will no longer work and automations that the organisation may depend on will break. Customers are then creating dedicated user accounts for automations, which is expensive and strays away from the original purpose of a user account - which is for humans to access GitLab.
Proposal
@djensen and @tipyn have discussed this and have come up with this proposal:
- Create a new sysadmin only menu called
Automations
- Allow sysadmins to create, delete and manage automations via this menu
- Upon clicking
Create New Automation
:- Page shows free text field to enter a ruby script as you would in the console
- Include a
Save Automation
button - Include schedule options of run every 1 hour, 12 hours or 24 hours
- On the manage automations page, include
Enable
andDisable
buttons for automations - When you first create it, it should be enabled by default
Additional notes
These automations do not require access tokens and can only be accessed via the GUI. They are visible and managed by all GitLab System Administrators.
Future iterations
- Introduce triggers
- Introduce a UI for folks to build automations without coding knowledge
- Introduce this for Workspace admins for .com in some form - would need to consider how to restrict this/adapt it to be secure enough for Workspace admins to only be able to run automations on their own Workspace.
- Detailed reporting on CRUD (created, updated, deleted) records
- Show similar status icons to pipelines for UI polish