Add container registry migration eligibility flag to all tokens

Previously this was only being added to tokens with push permissions. Now we add it to all tokens, including those with pull and/or delete permissions.

Add container registry migration eligibility flag to all tokens
Previously this was only being added to tokens with push permissions. Now we add it to all tokens, including those with pull and/or delete permissions.
4a1c142a · João Pereira · ac1d454f · 4a1c142a · 4a1c142a · 4a1c142a
Commit 4a1c142a authored Aug 10, 2021 by João Pereira
3 changed files
--- a/app/services/auth/container_registry_authentication_service.rb
+++ b/app/services/auth/container_registry_authentication_service.rb
@@ -124,7 +124,6 @@ module Auth
    end
    def migration_eligible(project, actions)
-      return unless actions.include?('push')
      return unless Feature.enabled?(:container_registry_migration_phase1)
      # The migration process will start by allowing only specific test and gitlab-org projects using the

--- a/spec/services/auth/container_registry_authentication_service_spec.rb
+++ b/spec/services/auth/container_registry_authentication_service_spec.rb
@@ -17,11 +17,6 @@ RSpec.describe Auth::ContainerRegistryAuthenticationService do
      project.add_developer(current_user)
    end
-    shared_examples 'an unmodified token' do
-      it_behaves_like 'a valid token'
-      it { expect(payload['access']).not_to include(have_key('migration_eligible')) }
-    end
    shared_examples 'a modified token with migration eligibility' do |eligible|
      it_behaves_like 'a valid token'
      it { expect(payload['access']).to include(include('migration_eligible' => eligible)) }
@@ -71,7 +66,7 @@ RSpec.describe Auth::ContainerRegistryAuthenticationService do
        { scopes: ["repository:#{project.full_path}:pull"] }
      end
-      it_behaves_like 'an unmodified token'
+      it_behaves_like 'a modified token'
    end
    context 'with push action' do
@@ -82,20 +77,12 @@ RSpec.describe Auth::ContainerRegistryAuthenticationService do
      it_behaves_like 'a modified token'
    end
-    context 'with multiple actions including push' do
+    context 'with multiple actions' do
      let(:current_params) do
        { scopes: ["repository:#{project.full_path}:pull,push,delete"] }
      end
      it_behaves_like 'a modified token'
    end
-    context 'with multiple actions excluding push' do
-      let(:current_params) do
-        { scopes: ["repository:#{project.full_path}:pull,delete"] }
-      end
-      it_behaves_like 'an unmodified token'
-    end
  end
 end
--- a/spec/support/shared_examples/services/container_registry_auth_service_shared_examples.rb
+++ b/spec/support/shared_examples/services/container_registry_auth_service_shared_examples.rb
@@ -69,6 +69,10 @@ RSpec.shared_examples 'a browsable' do
 end
 RSpec.shared_examples 'an accessible' do
+  before do
+    stub_feature_flags(container_registry_migration_phase1: false)
+  end
  let(:access) do
    [{ 'type' => 'repository',
       'name' => project.full_path,