Automatic merge of gitlab-org/gitlab master

815559dd · GitLab Bot · f5f73f0f · 0cd021c1 · f5f73f0f · 815559dd
Commit 815559dd authored Oct 28, 2021 by GitLab Bot
9 changed files
--- a/app/finders/clusters/deployable_agents_finder.rb
+++ b/app/finders/clusters/deployable_agents_finder.rb
-# frozen_string_literal: true
-
-module Clusters
-  class DeployableAgentsFinder
-    def initialize(project)
-      @project = project
-    end
-
-    def execute
-      project.cluster_agents.ordered_by_name
-    end
-
-    private
-
-    attr_reader :project
-  end
-end
--- a/app/models/ci/pipeline.rb
+++ b/app/models/ci/pipeline.rb
@@ -1277,11 +1277,7 @@ module Ci

    def authorized_cluster_agents
      strong_memoize(:authorized_cluster_agents) do
-        if ::Feature.enabled?(:group_authorized_agents, project, default_enabled: :yaml)
-          ::Clusters::AgentAuthorizationsFinder.new(project).execute.map(&:agent)
-        else
-          ::Clusters::DeployableAgentsFinder.new(project).execute
-        end
+        ::Clusters::AgentAuthorizationsFinder.new(project).execute.map(&:agent)
      end
    end


--- a/config/feature_flags/development/group_authorized_agents.yml
+++ b/config/feature_flags/development/group_authorized_agents.yml
---
-name: group_authorized_agents
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/69047
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/340166
-milestone: '14.3'
-type: development
-group: group::configure
-default_enabled: true
--- a/doc/ci/docker/using_kaniko.md
+++ b/doc/ci/docker/using_kaniko.md
@@ -95,12 +95,12 @@ build:
    - mkdir -p /kaniko/.docker
    - |-
       KANIKOPROXYBUILDARGS=""
-       KANIKOCFG="{\"auths\":{\"${CI_REGISTRY}\":{\"auth\":\"$(printf "%s:%s" "${CI_REGISTRY_USER}" "${CI_REGISTRY_PASSWORD}" | base64 | tr -d '\n')\"}}}"
+       KANIKOCFG="\"auths\":{\"${CI_REGISTRY}\":{\"auth\":\"$(printf "%s:%s" "${CI_REGISTRY_USER}" "${CI_REGISTRY_PASSWORD}" | base64 | tr -d '\n')\"}}"
       if [ "x${http_proxy}" != "x" -o "x${https_proxy}" != "x" ]; then
         KANIKOCFG="${KANIKOCFG}, \"proxies\": { \"default\": { \"httpProxy\": \"${http_proxy}\", \"httpsProxy\": \"${https_proxy}\", \"noProxy\": \"${no_proxy}\"}}"
         KANIKOPROXYBUILDARGS="--build-arg http_proxy=${http_proxy} --build-arg https_proxy=${https_proxy} --build-arg no_proxy=${no_proxy}"
       fi
-       KANIKOCFG="${KANIKOCFG} }"
+       KANIKOCFG="{ ${KANIKOCFG} }"
       echo "${KANIKOCFG}" > /kaniko/.docker/config.json
    - >-
      /kaniko/executor

--- a/doc/user/clusters/agent/repository.md
+++ b/doc/user/clusters/agent/repository.md
@@ -153,11 +153,6 @@ gitops:

 > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/5784) in GitLab 14.3.

-FLAG:
-On self-managed GitLab, by default this feature is available. To hide the
-feature, ask an administrator to [disable the feature flag](../../../administration/feature_flags.md) named `group_authorized_agents`. On
-GitLab.com, this feature is available.
-
 If you use the same cluster across multiple projects, you can set up the CI/CD Tunnel
 to grant the Agent access to one or more groups. This way, all the projects that belong
 to the authorized groups can access the same Agent. This enables you to save resources and

--- a/lib/api/ci/jobs.rb
+++ b/lib/api/ci/jobs.rb
@@ -189,18 +189,10 @@ module API

          pipeline = current_authenticated_job.pipeline
          project = current_authenticated_job.project
-
-          allowed_agents =
-            if Feature.enabled?(:group_authorized_agents, project, default_enabled: :yaml)
-              agent_authorizations = Clusters::AgentAuthorizationsFinder.new(project).execute
-              Entities::Clusters::AgentAuthorization.represent(agent_authorizations)
-            else
-              associated_agents = Clusters::DeployableAgentsFinder.new(project).execute
-              Entities::Clusters::Agent.represent(associated_agents)
-            end
+          agent_authorizations = Clusters::AgentAuthorizationsFinder.new(project).execute

          {
-            allowed_agents: allowed_agents,
+            allowed_agents: Entities::Clusters::AgentAuthorization.represent(agent_authorizations),
            job: Entities::Ci::JobRequest::JobInfo.represent(current_authenticated_job),
            pipeline: Entities::Ci::PipelineBasic.represent(pipeline),
            project: Entities::ProjectIdentity.represent(project),

--- a/spec/finders/clusters/deployable_agents_finder_spec.rb
+++ b/spec/finders/clusters/deployable_agents_finder_spec.rb
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-RSpec.describe Clusters::DeployableAgentsFinder do
-  describe '#execute' do
-    let_it_be(:agent) { create(:cluster_agent) }
-
-    let(:project) { agent.project }
-
-    subject { described_class.new(project).execute }
-
-    it { is_expected.to contain_exactly(agent) }
-  end
-end
--- a/spec/models/ci/pipeline_spec.rb
+++ b/spec/models/ci/pipeline_spec.rb
@@ -4610,22 +4610,5 @@ RSpec.describe Ci::Pipeline, :mailer, factory_default: :keep do
      expect(pipeline.authorized_cluster_agents).to contain_exactly(agent)
      expect(pipeline.authorized_cluster_agents).to contain_exactly(agent) # cached
    end
-
-    context 'group_authorized_agents feature flag is disabled' do
-      let(:finder) { double(execute: [agent]) }
-
-      before do
-        stub_feature_flags(group_authorized_agents: false)
-      end
-
-      it 'retrieves agent records from the legacy finder and caches the result' do
-        expect(Clusters::DeployableAgentsFinder).to receive(:new).once
-          .with(pipeline.project)
-          .and_return(finder)
-
-        expect(pipeline.authorized_cluster_agents).to contain_exactly(agent)
-        expect(pipeline.authorized_cluster_agents).to contain_exactly(agent) # cached
-      end
-    end
  end
 end
--- a/spec/requests/api/ci/jobs_spec.rb
+++ b/spec/requests/api/ci/jobs_spec.rb
@@ -187,14 +187,12 @@ RSpec.describe API::Ci::Jobs do
    let(:job) { create(:ci_build, :artifacts, pipeline: pipeline, user: api_user, status: job_status) }
    let(:job_status) { 'running' }
    let(:params) { {} }
-    let(:group_authorized_agents_enabled) { true }

    subject do
      get api('/job/allowed_agents'), headers: headers, params: params
    end

    before do
-      stub_feature_flags(group_authorized_agents: group_authorized_agents_enabled)
      allow(Clusters::AgentAuthorizationsFinder).to receive(:new).with(project).and_return(authorizations_finder)

      subject
@@ -247,30 +245,6 @@ RSpec.describe API::Ci::Jobs do
          ])
        end
      end
-
-      context 'group_authorized_agents feature flag is disabled' do
-        let(:group_authorized_agents_enabled) { false }
-        let(:agents_finder) { double(execute: [associated_agent]) }
-
-        before do
-          allow(Clusters::DeployableAgentsFinder).to receive(:new).with(project).and_return(agents_finder)
-        end
-
-        it 'returns agent info', :aggregate_failures do
-          expect(response).to have_gitlab_http_status(:ok)
-
-          expect(json_response.dig('job', 'id')).to eq(job.id)
-          expect(json_response.dig('pipeline', 'id')).to eq(job.pipeline_id)
-          expect(json_response.dig('project', 'id')).to eq(job.project_id)
-          expect(json_response.dig('user', 'username')).to eq(api_user.username)
-          expect(json_response['allowed_agents']).to match_array([
-            {
-              'id' => associated_agent.id,
-              'config_project' => hash_including('id' => associated_agent.project_id)
-            }
-          ])
-        end
-      end
    end

    context 'when user is anonymous' do