Skip to content

PAT/SSH Inventory MVC

Problem to solve

We've explored this issue and now need to implement the MVC for this feature.

Proposal

A "Credentials" view in the admin panel showing all PAT and SSH credentials for a GitLab instance.

  • Columns (should be sortable and filterable)
    • Owner: User it's associated with, if any.
    • Type: Type of credential, PAT, SSH key, etc.
    • Scope: How it's scoped, if relevant (api, etc.)
    • Last used: Last time this key was used.
    • Expiration: When the credential expires, if any.
Rough Idea Prototype Draft Working Concept
Screen_Shot_2019-11-21_at_10.47.19_AM Desktop_HD working concept
Our initial concept for this inventory of credentials. The first draft of a prototype for the inventory. Concept designed by @manojmj with backend considerations taken into account.

Working Concept Breakdown

Separate out the type of credentials in the view to make this feature more performant and future proof instead of loading all kinds of credentials in one single view.

Advantages:

  1. Different types of credentials are stored in different tables in the db and hence to show all these credentials in a single view would mean that we'd have to query multiple tables at once and then sort them in memory (possibly).
  2. A homogeneous list of items is much easier to sort and filter than a heterogeneous list.
  3. The attributes in these tables also differ, eg: PAT has expiry and scopes but SSH does not. SSH has last_used_at but PAT does not and as far as I understand, it would mean a bunch of if..else statements to display this properly.
  4. Separating out the different types of credentials scales - if we have to add a third kind of credential to the view, it'd be very easy.

We use a similar approach in /admin/users already, ie, tabs for Deactivated, Blocked users etc.

Default to Most Recent to Oldest sort order based on the "Last Used" column.

Users should be able to sort and filter to see desired data subsets.

Permissions and Security

Only Administrators should be able to view this.

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.

Edited by 🤖 GitLab Bot 🤖