Merge branch 'remove-enforce_pat_expiration-ff' into 'master'

Remove enforce_pat_expiration feature flag See merge request gitlab-org/gitlab!53660

Merge branch 'remove-enforce_pat_expiration-ff' into 'master'
Remove enforce_pat_expiration feature flag See merge request gitlab-org/gitlab!53660
295400e4 · David Fernandez · ee256e5a · 6c8b3ab0 · 295400e4 · 295400e4
Commit 295400e4 authored Feb 11, 2021 by David Fernandez
8 changed files
--- a/doc/user/admin_area/settings/account_and_limit_settings.md
+++ b/doc/user/admin_area/settings/account_and_limit_settings.md
@@ -194,10 +194,7 @@ To do this:
 ## Optional enforcement of Personal Access Token expiry **(ULTIMATE SELF)**

 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/214723) in GitLab Ultimate 13.1.
-> - It is deployed behind a feature flag, disabled by default.
-> - It is disabled on GitLab.com.
-> - It is not recommended for production use.
-> - To use it in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-optional-enforcement-of-personal-access-token-expiry-feature). **(FREE SELF)**
+> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/296881) in GitLab 13.9.

 GitLab administrators can choose to prevent personal access tokens from expiring
 automatically. The tokens are usable after the expiry date, unless they are revoked explicitly.
@@ -208,23 +205,6 @@ To do this:
 1. Expand the **Account and limit** section.
 1. Uncheck the **Enforce personal access token expiration** checkbox.

-### Enable or disable optional enforcement of Personal Access Token expiry Feature **(FREE SELF)**
-
-Optional Enforcement of Personal Access Token Expiry is deployed behind a feature flag and is **disabled by default**.
-[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) can enable it for your instance from the [rails console](../../../administration/feature_flags.md#start-the-gitlab-rails-console).
-
-To enable it:
-
-```ruby
-Feature.enable(:enforce_pat_expiration)
-```
-
-To disable it:
-
-```ruby
-Feature.disable(:enforce_pat_expiration)
-```
-
 ## Disabling user profile name changes **(PREMIUM SELF)**

 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/24605) in GitLab 12.7.

--- a/ee/app/models/ee/personal_access_token.rb
+++ b/ee/app/models/ee/personal_access_token.rb
@@ -47,8 +47,7 @@ module EE
      end

      def enforce_pat_expiration_feature_available?
-        License.feature_available?(:enforce_pat_expiration) &&
-          ::Feature.enabled?(:enforce_pat_expiration, type: :licensed, default_enabled: false)
+        License.feature_available?(:enforce_personal_access_token_expiration)
      end
    end


--- a/ee/app/models/license.rb
+++ b/ee/app/models/license.rb
@@ -144,7 +144,7 @@ class License < ApplicationRecord
    dast
    dependency_scanning
    devops_adoption
-    enforce_pat_expiration
+    enforce_personal_access_token_expiration
    enforce_ssh_key_expiration
    enterprise_templates
    environment_alerts

--- a/ee/changelogs/unreleased/remove-enforce_pat_expiration-ff.yml
+++ b/ee/changelogs/unreleased/remove-enforce_pat_expiration-ff.yml
+---
+title: Optional enforcement of PAT expiration (feature flag removed)
+merge_request: 53660
+author:
+type: added
--- a/ee/spec/controllers/ee/profiles/personal_access_tokens_controller_spec.rb
+++ b/ee/spec/controllers/ee/profiles/personal_access_tokens_controller_spec.rb
@@ -12,7 +12,7 @@ RSpec.describe Profiles::PersonalAccessTokensController do

      before do
        sign_in(user)
-        stub_licensed_features(enforce_pat_expiration: licensed)
+        stub_licensed_features(enforce_personal_access_token_expiration: licensed)
        stub_application_setting(enforce_pat_expiration: application_setting)
      end


--- a/ee/spec/helpers/personal_access_tokens_helper_spec.rb
+++ b/ee/spec/helpers/personal_access_tokens_helper_spec.rb
@@ -156,7 +156,7 @@ RSpec.describe PersonalAccessTokensHelper do
  describe '#enforce_pat_expiration_feature_available?' do
    subject { helper.enforce_pat_expiration_feature_available? }

-    let(:feature) { :enforce_pat_expiration }
+    let(:feature) { :enforce_personal_access_token_expiration }

    it_behaves_like 'feature availability'
  end

--- a/ee/spec/models/ee/personal_access_token_spec.rb
+++ b/ee/spec/models/ee/personal_access_token_spec.rb
@@ -220,7 +220,7 @@ RSpec.describe PersonalAccessToken do

    with_them do
      before do
-        stub_licensed_features(enforce_pat_expiration: licensed)
+        stub_licensed_features(enforce_personal_access_token_expiration: licensed)
        stub_application_setting(enforce_pat_expiration: application_setting)
      end

@@ -247,17 +247,14 @@ RSpec.describe PersonalAccessToken do

    subject { described_class.enforce_pat_expiration_feature_available? }

-    where(:feature_flag, :licensed, :result) do
-      true  | true   | true
-      true  | false  | false
-      false | true   | false
-      false | false  | false
+    where(:licensed, :result) do
+      true   | true
+      false  | false
    end

    with_them do
      before do
-        stub_feature_flags(enforce_pat_expiration: feature_flag)
-        stub_licensed_features(enforce_pat_expiration: licensed)
+        stub_licensed_features(enforce_personal_access_token_expiration: licensed)
      end

      it { expect(subject).to be result }

--- a/ee/spec/services/personal_access_tokens/revoke_invalid_tokens_spec.rb
+++ b/ee/spec/services/personal_access_tokens/revoke_invalid_tokens_spec.rb
@@ -65,7 +65,7 @@ RSpec.describe PersonalAccessTokens::RevokeInvalidTokens do

          with_them do
            before do
-              stub_licensed_features(enforce_pat_expiration: licensed)
+              stub_licensed_features(enforce_personal_access_token_expiration: licensed)
              stub_application_setting(enforce_pat_expiration: application_setting)

              it_behaves_like behavior