Merge branch '199370-move-deploy_keys-to-cicd' into 'master'

Refactored deploy keys to cicd settings Closes #199370 See merge request gitlab-org/gitlab!25444

Merge branch '199370-move-deploy_keys-to-cicd' into 'master'
Refactored deploy keys to cicd settings Closes #199370 See merge request gitlab-org/gitlab!25444
0c01178c · Imre Farkas · 10def378 · 7427c140 · 0c01178c · 0c01178c
Commit 0c01178c authored Mar 02, 2020 by Imre Farkas
17 changed files
--- a/app/assets/javascripts/pages/projects/settings/ci_cd/show/index.js
+++ b/app/assets/javascripts/pages/projects/settings/ci_cd/show/index.js
@@ -4,6 +4,7 @@ import AjaxVariableList from '~/ci_variable_list/ajax_variable_list';
 import registrySettingsApp from '~/registry/settings/registry_settings_bundle';
 import initVariableList from '~/ci_variable_list';
 import DueDateSelectors from '~/due_date_select';
+import initDeployKeys from '~/deploy_keys';

 document.addEventListener('DOMContentLoaded', () => {
  // Initialize expandable settings panels
@@ -44,4 +45,5 @@ document.addEventListener('DOMContentLoaded', () => {
  new DueDateSelectors();

  registrySettingsApp();
+  initDeployKeys();
 });
--- a/app/assets/javascripts/pages/projects/settings/repository/form.js
+++ b/app/assets/javascripts/pages/projects/settings/repository/form.js
@@ -3,7 +3,6 @@
 import ProtectedTagCreate from '~/protected_tags/protected_tag_create';
 import ProtectedTagEditList from '~/protected_tags/protected_tag_edit_list';
 import initSettingsPanels from '~/settings_panels';
-import initDeployKeys from '~/deploy_keys';
 import ProtectedBranchCreate from '~/protected_branches/protected_branch_create';
 import ProtectedBranchEditList from '~/protected_branches/protected_branch_edit_list';
 import DueDateSelectors from '~/due_date_select';
@@ -12,7 +11,6 @@ import fileUpload from '~/lib/utils/file_upload';
 export default () => {
  new ProtectedTagCreate();
  new ProtectedTagEditList();
-  initDeployKeys();
  initSettingsPanels();
  new ProtectedBranchCreate();
  new ProtectedBranchEditList();

--- a/app/controllers/projects/deploy_keys_controller.rb
+++ b/app/controllers/projects/deploy_keys_controller.rb
 # frozen_string_literal: true

 class Projects::DeployKeysController < Projects::ApplicationController
-  include RepositorySettingsRedirect
  respond_to :html

  # Authorize
@@ -12,7 +11,7 @@ class Projects::DeployKeysController < Projects::ApplicationController

  def index
    respond_to do |format|
-      format.html { redirect_to_repository_settings(@project, anchor: 'js-deploy-keys-settings') }
+      format.html { redirect_to_ci_cd_settings }
      format.json do
        render json: Projects::Settings::DeployKeysPresenter.new(@project, current_user: current_user).as_json
      end
@@ -20,7 +19,7 @@ class Projects::DeployKeysController < Projects::ApplicationController
  end

  def new
-    redirect_to_repository_settings(@project, anchor: 'js-deploy-keys-settings')
+    redirect_to_ci_cd_settings
  end

  def create
@@ -30,7 +29,7 @@ class Projects::DeployKeysController < Projects::ApplicationController
      flash[:alert] = @key.errors.full_messages.join(', ').html_safe
    end

-    redirect_to_repository_settings(@project, anchor: 'js-deploy-keys-settings')
+    redirect_to_ci_cd_settings
  end

  def edit
@@ -39,7 +38,7 @@ class Projects::DeployKeysController < Projects::ApplicationController
  def update
    if deploy_key.update(update_params)
      flash[:notice] = _('Deploy key was successfully updated.')
-      redirect_to_repository_settings(@project, anchor: 'js-deploy-keys-settings')
+      redirect_to_ci_cd_settings
    else
      render 'edit'
    end
@@ -51,7 +50,7 @@ class Projects::DeployKeysController < Projects::ApplicationController
    return render_404 unless key

    respond_to do |format|
-      format.html { redirect_to_repository_settings(@project, anchor: 'js-deploy-keys-settings') }
+      format.html { redirect_to_ci_cd_settings }
      format.json { head :ok }
    end
  end
@@ -62,7 +61,7 @@ class Projects::DeployKeysController < Projects::ApplicationController
    return render_404 unless deploy_key_project

    respond_to do |format|
-      format.html { redirect_to_repository_settings(@project, anchor: 'js-deploy-keys-settings') }
+      format.html { redirect_to_ci_cd_settings }
      format.json { head :ok }
    end
  end
@@ -97,4 +96,8 @@ class Projects::DeployKeysController < Projects::ApplicationController
      access_denied!
    end
  end
+
+  def redirect_to_ci_cd_settings
+    redirect_to project_settings_ci_cd_path(@project, anchor: 'js-deploy-keys-settings')
+  end
 end
--- a/app/controllers/projects/settings/ci_cd_controller.rb
+++ b/app/controllers/projects/settings/ci_cd_controller.rb
@@ -101,6 +101,7 @@ module Projects
        define_triggers_variables
        define_badges_variables
        define_auto_devops_variables
+        define_deploy_keys
      end

      def define_runners_variables
@@ -153,6 +154,10 @@ module Projects

        @new_deploy_token = DeployToken.new
      end
+
+      def define_deploy_keys
+        @deploy_keys = DeployKeysPresenter.new(@project, current_user: current_user)
+      end
    end
  end
 end

--- a/app/controllers/projects/settings/repository_controller.rb
+++ b/app/controllers/projects/settings/repository_controller.rb
@@ -27,8 +27,6 @@ module Projects
      private

      def render_show
-        @deploy_keys = DeployKeysPresenter.new(@project, current_user: current_user)
-
        define_protected_refs
        remote_mirror


--- a/app/views/projects/settings/ci_cd/show.html.haml
+++ b/app/views/projects/settings/ci_cd/show.html.haml
@@ -54,6 +54,8 @@

 = render "shared/deploy_tokens/index", group_or_project: @project, description: deploy_token_description

+= render @deploy_keys
+
 %section.settings.no-animate#js-pipeline-triggers{ class: ('expanded' if expanded) }
  .settings-header
    %h4

--- a/app/views/projects/settings/repository/show.html.haml
+++ b/app/views/projects/settings/repository/show.html.haml
@@ -11,8 +11,6 @@
 -# Those are used throughout the actual views. These `shared` views are then
 -# reused in EE.
 = render "projects/settings/repository/protected_branches"
-
-= render @deploy_keys
 = render "projects/cleanup/show"

 = render_if_exists 'shared/promotions/promote_repository_features'
--- a/changelogs/unreleased/199370-move-deploy_keys-to-cicd.yml
+++ b/changelogs/unreleased/199370-move-deploy_keys-to-cicd.yml
+---
+title: Moved Deploy Keys from Repository to CI/CD settings.
+merge_request: 25444
+author:
+type: changed
--- a/doc/ssh/README.md
+++ b/doc/ssh/README.md
@@ -344,7 +344,7 @@ Integration (CI) server. By using deploy keys, you don't have to set up a
 dummy user account.

 If you are a project maintainer or owner, you can add a deploy key in the
-project's **Settings > Repository** page by expanding the
+project's **{settings}** **Settings > CI / CD** page by expanding the
 **Deploy Keys** section. Specify a title for the new
 deploy key and paste a public SSH key. After this, the machine that uses
 the corresponding private SSH key has read-only or read-write (if enabled)
@@ -387,7 +387,7 @@ of broader usage for something like "Anywhere you need to give read access to
 your repository".

 Once a GitLab administrator adds the Global Deployment key, project maintainers
-and owners can add it in project's **Settings > Repository** page by expanding the
+and owners can add it in project's **{settings}** **Settings > CI / CD** page by expanding the
 **Deploy Keys** section and clicking **Enable** next to the appropriate key listed
 under **Public deploy keys available to any project**.


--- a/doc/user/project/pipelines/settings.md
+++ b/doc/user/project/pipelines/settings.md
@@ -268,6 +268,14 @@ https://example.gitlab.com/<namespace>/<project>/badges/<branch>/coverage.svg?st

 [Environment variables](../../../ci/variables/README.html#gitlab-cicd-environment-variables) can be set in an environment to be available to a runner.

+## Deploy Keys
+
+With Deploy Keys, GitLab allows you to import SSH public keys. You can then have
+read only or read/write access to your project from the machines the keys were generated from.
+
+SSH keys added to your project settings will be used for continuous integration,
+staging, or production servers.
+
 <!-- ## Troubleshooting

 Include any troubleshooting steps that you can foresee. If you know beforehand what issues

--- a/ee/app/controllers/ee/projects/settings/repository_controller.rb
+++ b/ee/app/controllers/ee/projects/settings/repository_controller.rb
@@ -39,7 +39,6 @@ module EE

        # rubocop:disable Gitlab/ModuleWithInstanceVariables
        def render_show
-          @deploy_keys = ::Projects::Settings::DeployKeysPresenter.new(@project, current_user: current_user)
          @deploy_tokens = @project.deploy_tokens.active

          define_protected_refs

--- a/ee/spec/controllers/projects/deploy_keys_controller_spec.rb
+++ b/ee/spec/controllers/projects/deploy_keys_controller_spec.rb
@@ -30,7 +30,7 @@ describe Projects::DeployKeysController do
    it 'records an audit event' do
      expect { post :create, params: params }.to change { AuditEvent.count }.by(1)

-      expect(response).to redirect_to(project_settings_repository_path(project, anchor: 'js-deploy-keys-settings'))
+      expect(response).to redirect_to(project_settings_ci_cd_path(project, anchor: 'js-deploy-keys-settings'))
    end
  end


--- a/spec/controllers/projects/deploy_keys_controller_spec.rb
+++ b/spec/controllers/projects/deploy_keys_controller_spec.rb
@@ -19,10 +19,10 @@ describe Projects::DeployKeysController do
    end

    context 'when html requested' do
-      it 'redirects to project settings with the correct anchor' do
+      it 'redirects to project ci / cd settings with the correct anchor' do
        get :index, params: params

-        expect(response).to redirect_to(project_settings_repository_path(project, anchor: 'js-deploy-keys-settings'))
+        expect(response).to redirect_to(project_settings_ci_cd_path(project, anchor: 'js-deploy-keys-settings'))
      end
    end

@@ -87,13 +87,13 @@ describe Projects::DeployKeysController do
    it 'creates a new deploy key for the project' do
      expect { post :create, params: create_params }.to change(project.deploy_keys, :count).by(1)

-      expect(response).to redirect_to(project_settings_repository_path(project, anchor: 'js-deploy-keys-settings'))
+      expect(response).to redirect_to(project_settings_ci_cd_path(project, anchor: 'js-deploy-keys-settings'))
    end

    it 'redirects to project settings with the correct anchor' do
      post :create, params: create_params

-      expect(response).to redirect_to(project_settings_repository_path(project, anchor: 'js-deploy-keys-settings'))
+      expect(response).to redirect_to(project_settings_ci_cd_path(project, anchor: 'js-deploy-keys-settings'))
    end

    context 'when the deploy key is invalid' do
@@ -153,7 +153,7 @@ describe Projects::DeployKeysController do

        expect(DeployKeysProject.where(project_id: project.id, deploy_key_id: deploy_key.id).count).to eq(1)
        expect(response).to have_gitlab_http_status(:found)
-        expect(response).to redirect_to(namespace_project_settings_repository_path(anchor: 'js-deploy-keys-settings'))
+        expect(response).to redirect_to(namespace_project_settings_ci_cd_path(anchor: 'js-deploy-keys-settings'))
      end

      it 'returns 404' do
@@ -175,7 +175,7 @@ describe Projects::DeployKeysController do

        expect(DeployKeysProject.where(project_id: project.id, deploy_key_id: deploy_key.id).count).to eq(1)
        expect(response).to have_gitlab_http_status(:found)
-        expect(response).to redirect_to(namespace_project_settings_repository_path(anchor: 'js-deploy-keys-settings'))
+        expect(response).to redirect_to(namespace_project_settings_ci_cd_path(anchor: 'js-deploy-keys-settings'))
      end
    end
  end
@@ -216,7 +216,7 @@ describe Projects::DeployKeysController do
        put :disable, params: { id: deploy_key.id, namespace_id: project.namespace, project_id: project }

        expect(response).to have_gitlab_http_status(:found)
-        expect(response).to redirect_to(namespace_project_settings_repository_path(anchor: 'js-deploy-keys-settings'))
+        expect(response).to redirect_to(namespace_project_settings_ci_cd_path(anchor: 'js-deploy-keys-settings'))

        expect { DeployKey.find(deploy_key.id) }.to raise_error(ActiveRecord::RecordNotFound)
      end
@@ -239,7 +239,7 @@ describe Projects::DeployKeysController do
        end.to change { DeployKey.count }.by(-1)

        expect(response).to have_gitlab_http_status(:found)
-        expect(response).to redirect_to(namespace_project_settings_repository_path(anchor: 'js-deploy-keys-settings'))
+        expect(response).to redirect_to(namespace_project_settings_ci_cd_path(anchor: 'js-deploy-keys-settings'))

        expect { DeployKey.find(deploy_key.id) }.to raise_error(ActiveRecord::RecordNotFound)
      end

--- a/spec/features/projects/deploy_keys_spec.rb
+++ b/spec/features/projects/deploy_keys_spec.rb
@@ -17,9 +17,9 @@ describe 'Project deploy keys', :js do
    end

    it 'removes association between project and deploy key' do
-      visit project_settings_repository_path(project)
+      visit project_settings_ci_cd_path(project)

-      page.within(find('.deploy-keys')) do
+      page.within(find('.qa-deploy-keys-settings')) do
        expect(page).to have_selector('.deploy-key', count: 1)

        accept_confirm { find('.ic-remove').click }

--- a/spec/features/projects/settings/ci_cd_settings_spec.rb
+++ b/spec/features/projects/settings/ci_cd_settings_spec.rb
@@ -2,10 +2,10 @@

 require 'spec_helper'

-describe 'Projects > Settings > CI/CD settings' do
-  let(:project) { create(:project_empty_repo) }
-  let(:user) { create(:user) }
-  let(:role) { :maintainer }
+describe 'Projects > Settings > CI / CD settings' do
+  let_it_be(:project) { create(:project_empty_repo) }
+  let_it_be(:user) { create(:user) }
+  let_it_be(:role) { :maintainer }

  context 'Deploy tokens' do
    let!(:deploy_token) { create(:deploy_token, projects: [project]) }
@@ -21,4 +21,92 @@ describe 'Projects > Settings > CI/CD settings' do
      let(:entity_type) { 'project' }
    end
  end
+
+  context 'Deploy Keys', :js do
+    let_it_be(:private_deploy_key) { create(:deploy_key, title: 'private_deploy_key', public: false) }
+    let_it_be(:public_deploy_key) { create(:another_deploy_key, title: 'public_deploy_key', public: true) }
+    let(:new_ssh_key) { attributes_for(:key)[:key] }
+
+    before do
+      project.add_role(user, role)
+      sign_in(user)
+    end
+
+    it 'get list of keys' do
+      project.deploy_keys << private_deploy_key
+      project.deploy_keys << public_deploy_key
+
+      visit project_settings_ci_cd_path(project)
+
+      expect(page).to have_content('private_deploy_key')
+      expect(page).to have_content('public_deploy_key')
+    end
+
+    it 'add a new deploy key' do
+      visit project_settings_ci_cd_path(project)
+
+      fill_in 'deploy_key_title', with: 'new_deploy_key'
+      fill_in 'deploy_key_key', with: new_ssh_key
+      check 'deploy_key_deploy_keys_projects_attributes_0_can_push'
+      click_button 'Add key'
+
+      expect(page).to have_content('new_deploy_key')
+      expect(page).to have_content('Write access allowed')
+    end
+
+    it 'edit an existing deploy key' do
+      project.deploy_keys << private_deploy_key
+      visit project_settings_ci_cd_path(project)
+
+      find('.deploy-key', text: private_deploy_key.title).find('.ic-pencil').click
+
+      fill_in 'deploy_key_title', with: 'updated_deploy_key'
+      check 'deploy_key_deploy_keys_projects_attributes_0_can_push'
+      click_button 'Save changes'
+
+      expect(page).to have_content('updated_deploy_key')
+      expect(page).to have_content('Write access allowed')
+    end
+
+    it 'edit an existing public deploy key to be writable' do
+      project.deploy_keys << public_deploy_key
+      visit project_settings_ci_cd_path(project)
+
+      find('.deploy-key', text: public_deploy_key.title).find('.ic-pencil').click
+
+      check 'deploy_key_deploy_keys_projects_attributes_0_can_push'
+      click_button 'Save changes'
+
+      expect(page).to have_content('public_deploy_key')
+      expect(page).to have_content('Write access allowed')
+    end
+
+    it 'edit a deploy key from projects user has access to' do
+      project2 = create(:project_empty_repo)
+      project2.add_role(user, role)
+      project2.deploy_keys << private_deploy_key
+
+      visit project_settings_ci_cd_path(project)
+
+      find('.js-deployKeys-tab-available_project_keys').click
+
+      find('.deploy-key', text: private_deploy_key.title).find('.ic-pencil').click
+
+      fill_in 'deploy_key_title', with: 'updated_deploy_key'
+      click_button 'Save changes'
+
+      find('.js-deployKeys-tab-available_project_keys').click
+
+      expect(page).to have_content('updated_deploy_key')
+    end
+
+    it 'remove an existing deploy key' do
+      project.deploy_keys << private_deploy_key
+      visit project_settings_ci_cd_path(project)
+
+      accept_confirm { find('.deploy-key', text: private_deploy_key.title).find('.ic-remove').click }
+
+      expect(page).not_to have_content(private_deploy_key.title)
+    end
+  end
 end
--- a/spec/features/projects/settings/repository_settings_spec.rb
+++ b/spec/features/projects/settings/repository_settings_spec.rb
@@ -25,89 +25,6 @@ describe 'Projects > Settings > Repository settings' do
  context 'for maintainer' do
    let(:role) { :maintainer }

-    context 'Deploy Keys', :js do
-      let(:private_deploy_key) { create(:deploy_key, title: 'private_deploy_key', public: false) }
-      let(:public_deploy_key) { create(:another_deploy_key, title: 'public_deploy_key', public: true) }
-      let(:new_ssh_key) { attributes_for(:key)[:key] }
-
-      it 'get list of keys' do
-        project.deploy_keys << private_deploy_key
-        project.deploy_keys << public_deploy_key
-
-        visit project_settings_repository_path(project)
-
-        expect(page).to have_content('private_deploy_key')
-        expect(page).to have_content('public_deploy_key')
-      end
-
-      it 'add a new deploy key' do
-        visit project_settings_repository_path(project)
-
-        fill_in 'deploy_key_title', with: 'new_deploy_key'
-        fill_in 'deploy_key_key', with: new_ssh_key
-        check 'deploy_key_deploy_keys_projects_attributes_0_can_push'
-        click_button 'Add key'
-
-        expect(page).to have_content('new_deploy_key')
-        expect(page).to have_content('Write access allowed')
-      end
-
-      it 'edit an existing deploy key' do
-        project.deploy_keys << private_deploy_key
-        visit project_settings_repository_path(project)
-
-        find('.deploy-key', text: private_deploy_key.title).find('.ic-pencil').click
-
-        fill_in 'deploy_key_title', with: 'updated_deploy_key'
-        check 'deploy_key_deploy_keys_projects_attributes_0_can_push'
-        click_button 'Save changes'
-
-        expect(page).to have_content('updated_deploy_key')
-        expect(page).to have_content('Write access allowed')
-      end
-
-      it 'edit an existing public deploy key to be writable' do
-        project.deploy_keys << public_deploy_key
-        visit project_settings_repository_path(project)
-
-        find('.deploy-key', text: public_deploy_key.title).find('.ic-pencil').click
-
-        check 'deploy_key_deploy_keys_projects_attributes_0_can_push'
-        click_button 'Save changes'
-
-        expect(page).to have_content('public_deploy_key')
-        expect(page).to have_content('Write access allowed')
-      end
-
-      it 'edit a deploy key from projects user has access to' do
-        project2 = create(:project_empty_repo)
-        project2.add_role(user, role)
-        project2.deploy_keys << private_deploy_key
-
-        visit project_settings_repository_path(project)
-
-        find('.js-deployKeys-tab-available_project_keys').click
-
-        find('.deploy-key', text: private_deploy_key.title).find('.ic-pencil').click
-
-        fill_in 'deploy_key_title', with: 'updated_deploy_key'
-        click_button 'Save changes'
-
-        find('.js-deployKeys-tab-available_project_keys').click
-
-        expect(page).to have_content('updated_deploy_key')
-      end
-
-      it 'remove an existing deploy key' do
-        project.deploy_keys << private_deploy_key
-        visit project_settings_repository_path(project)
-
-        accept_confirm { find('.deploy-key', text: private_deploy_key.title).find('.ic-remove').click }
-
-        expect(page).not_to have_content(private_deploy_key.title)
-      end
-    end
-
    context 'remote mirror settings' do
      let(:user2) { create(:user) }


--- a/spec/features/projects/settings/user_interacts_with_deploy_keys_spec.rb
+++ b/spec/features/projects/settings/user_interacts_with_deploy_keys_spec.rb
@@ -20,7 +20,7 @@ describe "User interacts with deploy keys", :js do
        click_button("Enable")

        expect(page).not_to have_selector(".fa-spinner")
-        expect(current_path).to eq(project_settings_repository_path(project))
+        expect(current_path).to eq(project_settings_ci_cd_path(project))

        find(".js-deployKeys-tab-enabled_keys").click

@@ -96,7 +96,7 @@ describe "User interacts with deploy keys", :js do

      click_button("Add key")

-      expect(current_path).to eq(project_settings_repository_path(project))
+      expect(current_path).to eq(project_settings_ci_cd_path(project))

      page.within(".deploy-keys") do
        expect(page).to have_content(DEPLOY_KEY_TITLE)