Username and password should only be required for JIRA service when used

Description

We configure a plugin on the JIRA side to show commits there. We only require GitLab's JIRA service to create the full link to issues mentioned in the commits. I.e. the issue in the comment of https://code.onehippo.org/cms-community/hippo-site-toolkit/commit/ff1b56cdce3c1357fb94a5c5d14751015f85f495 links to https://issues.onehippo.com/browse/HSTTWO-4114 (sign up to see the commits)

Until 9.3 we could just configure it without specifying any user. Since 9.3 this is no longer possible as the username and password are required so we can't update any existing service configurations (which do still work, like the above example) or create new ones without configuring a user.

In https://gitlab.com/gitlab-org/gitlab-ce/issues/37124 it became apparent that this was not so much a regression as the new behaviour is according to the original design. (Pre 9.3 behaviour was a bug I guess?)

But that does mean that the current design requires us to create a user with write access, who's credentials I then need to share with all masters in my organisation, for no other reason than that the fields exist. Not because configuring that user serves any purpose..... Not very nice from either a security or maintenance perspective.

Proposal

My proposal would be to only show and make the Username and Password fields required, when either or both of the "commit" or "merge request" checkboxes are ticked.

Depending on whether the above is possible in a micro release, as a possible solution for the short term, revert to the pre 9.3 behaviour of not requiring those fields.

Additionally we feel the documentation should be updated to not list write access for the user as a requirement, but explain which options specifically need it.

See also: https://gitlab.com/gitlab-org/gitlab-ce/issues/37124 https://support.gitlab.com/hc/en-us/requests/81795

/cc @victorwu @jarka @stanhu

mentioned in issue #37124 (closed)

Setting required to false in app/models/project_services/jira_service.rb only seems to work for the Username field, not the Password field. So any suggestions to workaround this issue are appreciated.

changed the description

added CI/CD feature proposal ~26362 labels

https://gitlab.zendesk.com/agent/tickets/81795

added customer label

changed milestone to %Next 2-3 months

@boudekerk The quick workaround would be to fill in the wrong username and password and click the "Test settings and save changes" button. The test will fail but you can decide to activate the integration anyway (see https://gitlab.com/gitlab-org/gitlab-ce/issues/31511#active for more information about the workflow). That will lead to working references to Jira issues from GitLab but logically nothing will be posted to the Jira instance.

@jarka Sorry for the late reply. This indeed works as a temporary workaround until this is fixed. Thanks!