Cleans up authentication_logs_migration_for_allowlist feature flag

Changelog: other

app/assets/javascripts/token_access/components/inbound_token_access.vue

@@ -218,9 +218,6 @@ export default {
       const { groups, projects } = this.groupsAndProjectsWithAccess;
       return [...groups, ...projects];
     },
-    canAutopopulateAuthLog() {
-      return this.glFeatures.authenticationLogsMigrationForAllowlist;
-    },
     disclosureDropdownOptions() {
       return [
         {
@@ -492,11 +489,10 @@ export default {
     <crud-component
       :title="$options.i18n.cardHeaderTitle"
       :description="$options.i18n.cardHeaderDescription"
-      :toggle-text="!canAutopopulateAuthLog ? $options.i18n.addGroupOrProject : undefined"
       class="gl-mt-5"
       @hideForm="hideSelectedAction"
     >
-      <template v-if="canAutopopulateAuthLog" #actions="{ showForm }">
+      <template #actions="{ showForm }">
         <gl-collapsible-listbox
           v-model="selectedAction"
           :items="crudFormActions"

app/controllers/projects/settings/ci_cd_controller.rb

@@ -19,8 +19,6 @@ class CiCdController < Projects::ApplicationController
         push_frontend_feature_flag(:ci_variables_pages, current_user)
         push_frontend_feature_flag(:allow_push_repository_for_job_token, @project)
         push_frontend_feature_flag(:add_policies_to_ci_job_token, @project)
-        push_frontend_feature_flag(:authentication_logs_migration_for_allowlist, @project)
-
         push_frontend_ability(ability: :admin_project, resource: @project, user: current_user)
         push_frontend_ability(ability: :admin_protected_environments, resource: @project, user: current_user)
       end

config/feature_flags/gitlab_com_derisk/authentication_logs_migration_for_allowlist.yml

----
-name: authentication_logs_migration_for_allowlist
-feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/498125
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/178429
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/514159
-milestone: '17.9'
-group: group::pipeline security
-type: gitlab_com_derisk
-default_enabled: false

doc/ci/jobs/ci_job_token.md

@@ -140,7 +140,7 @@ You can also add a group or project to the allowlist [with the API](../../api/gr
 
 {{< history >}}
 
-- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/478540) in GitLab 17.10. [Deployed behind the `:authentication_logs_migration_for_allowlist` feature flag](../../user/feature_flags.md), disabled by default.
+- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/478540) in GitLab 17.10.
 
 {{< /history >}}
 
@@ -165,7 +165,7 @@ it [compacts the allowlist](#allowlist-compaction) to stay under the 200 entry l
 
 {{< history >}}
 
-- Introduced in [GitLab 17.10](https://gitlab.com/gitlab-org/gitlab/-/issues/498125). [Deployed behind the `:authentication_logs_migration_for_allowlist` feature flag](../../user/feature_flags.md), disabled by default.
+- Introduced in [GitLab 17.10](https://gitlab.com/gitlab-org/gitlab/-/issues/498125).
 
 {{< /history >}}
 

spec/frontend/token_access/inbound_token_access_spec.js

@@ -99,7 +99,6 @@ describe('TokenAccess component', () => {
     wrapper.findAllComponents(GlDisclosureDropdownItem).at(index).find('button');
   const findFormSelector = () => wrapper.findByTestId('form-selector');
   const findRadioGroup = () => wrapper.findComponent(GlFormRadioGroup);
-  const findToggleFormBtn = () => wrapper.findByTestId('crud-form-toggle');
   const findTokenDisabledAlert = () => wrapper.findComponent(GlAlert);
   const findNamespaceForm = () => wrapper.findComponent(NamespaceForm);
   const findSaveChangesBtn = () => wrapper.findByTestId('save-ci-job-token-scope-changes-btn');
@@ -115,7 +114,6 @@ describe('TokenAccess component', () => {
     requestHandlers,
     {
       addPoliciesToCiJobToken = false,
-      authenticationLogsMigrationForAllowlist = false,
       enforceAllowlist = false,
       projectAllowlistLimit = 2,
       stubs = {},
@@ -127,7 +125,7 @@ describe('TokenAccess component', () => {
         fullPath: projectPath,
         enforceAllowlist,
         projectAllowlistLimit,
-        glFeatures: { addPoliciesToCiJobToken, authenticationLogsMigrationForAllowlist },
+        glFeatures: { addPoliciesToCiJobToken },
       },
       apolloProvider: createMockApollo(requestHandlers),
       mocks: {
@@ -435,22 +433,29 @@ describe('TokenAccess component', () => {
     });
 
     describe('when Add group or project button is clicked', () => {
-      beforeEach(() => {
-        findToggleFormBtn().vm.$emit('click');
-      });
+      it('renders the namespace form when clicking "Add group or project option"', async () => {
+        expect(findNamespaceForm().exists()).toBe(false);
+
+        findFormSelector().vm.$emit('select', JOB_TOKEN_FORM_ADD_GROUP_OR_PROJECT);
+        await nextTick();
 
-      it('shows form', () => {
         expect(findNamespaceForm().exists()).toBe(true);
       });
 
       it('closes form when form emits close event', async () => {
+        findFormSelector().vm.$emit('select', JOB_TOKEN_FORM_ADD_GROUP_OR_PROJECT);
+        await nextTick();
+
         findNamespaceForm().vm.$emit('close');
         await nextTick();
 
         expect(findNamespaceForm().exists()).toBe(false);
       });
 
-      it('refetches groups and projects when form emits saved event', () => {
+      it('refetches groups and projects when form emits saved event', async () => {
+        findFormSelector().vm.$emit('select', JOB_TOKEN_FORM_ADD_GROUP_OR_PROJECT);
+        await nextTick();
+
         findNamespaceForm().vm.$emit('saved');
 
         expect(inboundGroupsAndProjectsWithScopeResponseHandler).toHaveBeenCalledTimes(2);
@@ -458,26 +463,7 @@ describe('TokenAccess component', () => {
     });
   });
 
-  describe('when authenticationLogsMigrationForAllowlist feature flag is disabled', () => {
-    beforeEach(() =>
-      createComponent(
-        [
-          [
-            inboundGetGroupsAndProjectsWithCIJobTokenScopeQuery,
-            inboundGroupsAndProjectsWithScopeResponseHandler,
-          ],
-        ],
-        { authenticationLogsMigrationForAllowlist: false, stubs: { CrudComponent } },
-      ),
-    );
-
-    it('renders toggle form button and hides actions dropdown', () => {
-      expect(findToggleFormBtn().exists()).toBe(true);
-      expect(findFormSelector().exists()).toBe(false);
-    });
-  });
-
-  describe('when authenticationLogsMigrationForAllowlist feature flag is enabled', () => {
+  describe('when importing entries from authorization log', () => {
     beforeEach(() =>
       createComponent(
         [
@@ -491,27 +477,12 @@ describe('TokenAccess component', () => {
           [getAuthLogCountQuery, authLogCountResponseHandler],
         ],
         {
-          authenticationLogsMigrationForAllowlist: true,
           stubs: { CrudComponent, GlDisclosureDropdown, GlDisclosureDropdownItem },
         },
       ),
     );
 
     describe('autopopulate entries', () => {
-      it('replaces toggle form button with actions dropdown', () => {
-        expect(findToggleFormBtn().exists()).toBe(false);
-        expect(findFormSelector().exists()).toBe(true);
-      });
-
-      it('renders the namespace form when clicking "Add group or project option"', async () => {
-        expect(findNamespaceForm().exists()).toBe(false);
-
-        findFormSelector().vm.$emit('select', JOB_TOKEN_FORM_ADD_GROUP_OR_PROJECT);
-        await nextTick();
-
-        expect(findNamespaceForm().exists()).toBe(true);
-      });
-
       it('renders the autopopulate allowlist modal when clicking "All projects in authentication log"', async () => {
         expect(findAutopopulateAllowlistModal().props('showModal')).toBe(false);
 
@@ -589,7 +560,6 @@ describe('TokenAccess component', () => {
             [getAuthLogCountQuery, authLogCountResponseHandler],
           ],
           {
-            authenticationLogsMigrationForAllowlist: true,
             stubs: { CrudComponent, GlDisclosureDropdown, GlDisclosureDropdownItem },
           },
         );
@@ -618,7 +588,6 @@ describe('TokenAccess component', () => {
             [getAuthLogCountQuery, authLogCountResponseHandler],
           ],
           {
-            authenticationLogsMigrationForAllowlist: true,
             stubs: { CrudComponent, GlDisclosureDropdown, GlDisclosureDropdownItem },
           },
         );
@@ -721,7 +690,6 @@ describe('TokenAccess component', () => {
             [getAuthLogCountQuery, authLogCountResponseHandler],
           ],
           {
-            authenticationLogsMigrationForAllowlist: true,
             stubs: { CrudComponent, GlDisclosureDropdown, GlDisclosureDropdownItem },
           },
         );
@@ -749,7 +717,6 @@ describe('TokenAccess component', () => {
             [getAuthLogCountQuery, authLogCountResponseHandler],
           ],
           {
-            authenticationLogsMigrationForAllowlist: true,
             stubs: { CrudComponent, GlDisclosureDropdown, GlDisclosureDropdownItem },
           },
         );
@@ -797,7 +764,6 @@ describe('TokenAccess component', () => {
             [getAuthLogCountQuery, authLogZeroCountResponseHandler],
           ],
           {
-            authenticationLogsMigrationForAllowlist: true,
             stubs: { CrudComponent, GlDisclosureDropdown, GlDisclosureDropdownItem },
           },
         );
@@ -921,8 +887,9 @@ describe('TokenAccess component', () => {
 
     describe('when allowlist query is loading', () => {
       beforeEach(async () => {
-        findToggleFormBtn().vm.$emit('click');
+        findFormSelector().vm.$emit('select', JOB_TOKEN_FORM_ADD_GROUP_OR_PROJECT);
         await nextTick();
+
         findNamespaceForm().vm.$emit('saved');
       });
 
@@ -986,7 +953,8 @@ describe('TokenAccess component', () => {
       beforeEach(() => findNamespaceForm().vm.$emit('close'));
 
       it('clears the selected namespace', async () => {
-        await findToggleFormBtn().vm.$emit('click');
+        findFormSelector().vm.$emit('select', JOB_TOKEN_FORM_ADD_GROUP_OR_PROJECT);
+        await nextTick();
 
         expect(findNamespaceForm().props('namespace')).toBe(null);
       });