Commit 77a55ca5 authored by Mayra Cabrera's avatar Mayra Cabrera

Merge branch '270208-app-code' into 'master'

Add rails app code for revocation API access

See merge request gitlab-org/gitlab!46337
parents 48717575 b7d76560
...@@ -415,6 +415,7 @@ class ApplicationSetting < ApplicationRecord ...@@ -415,6 +415,7 @@ class ApplicationSetting < ApplicationRecord
attr_encrypted :slack_app_secret, encryption_options_base_truncated_aes_256_gcm attr_encrypted :slack_app_secret, encryption_options_base_truncated_aes_256_gcm
attr_encrypted :slack_app_verification_token, encryption_options_base_truncated_aes_256_gcm attr_encrypted :slack_app_verification_token, encryption_options_base_truncated_aes_256_gcm
attr_encrypted :ci_jwt_signing_key, encryption_options_base_truncated_aes_256_gcm attr_encrypted :ci_jwt_signing_key, encryption_options_base_truncated_aes_256_gcm
attr_encrypted :secret_detection_token_revocation_token, encryption_options_base_truncated_aes_256_gcm
before_validation :ensure_uuid! before_validation :ensure_uuid!
......
...@@ -58,6 +58,9 @@ module EE ...@@ -58,6 +58,9 @@ module EE
:pseudonymizer_enabled, :pseudonymizer_enabled,
:repository_size_limit, :repository_size_limit,
:seat_link_enabled, :seat_link_enabled,
:secret_detection_token_revocation_enabled,
:secret_detection_token_revocation_url,
:secret_detection_token_revocation_token,
:shared_runners_minutes, :shared_runners_minutes,
:slack_app_enabled, :slack_app_enabled,
:slack_app_id, :slack_app_id,
......
...@@ -147,6 +147,9 @@ module EE ...@@ -147,6 +147,9 @@ module EE
pseudonymizer_enabled: false, pseudonymizer_enabled: false,
repository_size_limit: 0, repository_size_limit: 0,
seat_link_enabled: Settings.gitlab['seat_link_enabled'], seat_link_enabled: Settings.gitlab['seat_link_enabled'],
secret_detection_token_revocation_enabled: false,
secret_detection_token_revocation_url: nil,
secret_detection_token_revocation_token: nil,
slack_app_enabled: false, slack_app_enabled: false,
slack_app_id: nil, slack_app_id: nil,
slack_app_secret: nil, slack_app_secret: nil,
......
---
title: Add app code for secret detection token revocation
merge_request: 46337
author:
type: added
...@@ -30,6 +30,11 @@ module EE ...@@ -30,6 +30,11 @@ module EE
optional :elasticsearch_project_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The project ids to index with Elasticsearch.' optional :elasticsearch_project_ids, type: Array[Integer], coerce_with: ::API::Validations::Types::CommaSeparatedToIntegerArray.coerce, desc: 'The project ids to index with Elasticsearch.'
end end
optional :secret_detection_token_revocation_enabled, type: ::Grape::API::Boolean, desc: 'Enable Secret Detection Token Revocation'
given secret_detection_token_revocation_enabled: ->(val) { val } do
requires :secret_detection_token_revocation_url, type: String, desc: 'The configured Secret Detection Token Revocation instance URL'
end
optional :email_additional_text, type: String, desc: 'Additional text added to the bottom of every email for legal/auditing/compliance reasons' optional :email_additional_text, type: String, desc: 'Additional text added to the bottom of every email for legal/auditing/compliance reasons'
optional :default_project_deletion_protection, type: Grape::API::Boolean, desc: 'Disable project owners ability to delete project' optional :default_project_deletion_protection, type: Grape::API::Boolean, desc: 'Disable project owners ability to delete project'
optional :deletion_adjourned_period, type: Integer, desc: 'Number of days between marking project as deleted and actual removal' optional :deletion_adjourned_period, type: Integer, desc: 'Number of days between marking project as deleted and actual removal'
......
...@@ -67,6 +67,31 @@ RSpec.describe API::Settings, 'EE Settings' do ...@@ -67,6 +67,31 @@ RSpec.describe API::Settings, 'EE Settings' do
expect(ElasticsearchIndexedProject.count).to eq(1) expect(ElasticsearchIndexedProject.count).to eq(1)
end end
end end
context 'secret_detection_token_revocation_enabled is true' do
context 'secret_detection_token_revocation_url value is present' do
it 'updates secret_detection_token_revocation_url' do
put api('/application/settings', admin),
params: {
secret_detection_token_revocation_enabled: true,
secret_detection_token_revocation_url: 'https://example.com/secret_detection_token_revocation'
}
expect(response).to have_gitlab_http_status(:ok)
expect(json_response['secret_detection_token_revocation_enabled']).to be(true)
expect(json_response['secret_detection_token_revocation_url']).to eq('https://example.com/secret_detection_token_revocation')
end
end
context 'missing secret_detection_token_revocation_url value' do
it 'returns a blank parameter error message' do
put api('/application/settings', admin), params: { secret_detection_token_revocation_enabled: true }
expect(response).to have_gitlab_http_status(:bad_request)
expect(json_response['error']).to include('secret_detection_token_revocation_url is missing')
end
end
end
end end
shared_examples 'settings for licensed features' do shared_examples 'settings for licensed features' do
......
...@@ -22,6 +22,7 @@ RSpec.describe API::Settings, 'Settings' do ...@@ -22,6 +22,7 @@ RSpec.describe API::Settings, 'Settings' do
expect(json_response['default_ci_config_path']).to be_nil expect(json_response['default_ci_config_path']).to be_nil
expect(json_response['sourcegraph_enabled']).to be_falsey expect(json_response['sourcegraph_enabled']).to be_falsey
expect(json_response['sourcegraph_url']).to be_nil expect(json_response['sourcegraph_url']).to be_nil
expect(json_response['secret_detection_token_revocation_url']).to be_nil
expect(json_response['sourcegraph_public_only']).to be_truthy expect(json_response['sourcegraph_public_only']).to be_truthy
expect(json_response['default_project_visibility']).to be_a String expect(json_response['default_project_visibility']).to be_a String
expect(json_response['default_snippet_visibility']).to be_a String expect(json_response['default_snippet_visibility']).to be_a String
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment