Merge branch 'john-mason-remove-runners-token-ff-14-6see' into '14-6-stable-ee'

Remove runners token prefix feature flags into 14-6-stable-ee

See merge request gitlab-org/gitlab!82122

app/models/concerns/runners_token_prefixable.rb

+# frozen_string_literal: true
+
+module RunnersTokenPrefixable
+  extend ActiveSupport::Concern
+
+  # Prefix for runners_token which can be used to invalidate existing tokens.
+  # The value chosen here is GR (for Gitlab Runner) combined with the rotation
+  # date (20220225) decimal to hex encoded.
+  RUNNERS_TOKEN_PREFIX = 'GR1348941'
+
+  def runners_token_prefix
+    RUNNERS_TOKEN_PREFIX
+  end
+end

app/models/group.rb

@@ -17,14 +17,10 @@ class Group < Namespace
   include GroupAPICompatibility
   include EachBatch
   include BulkMemberAccessLoad
+  include RunnersTokenPrefixable
   extend ::Gitlab::Utils::Override
-  # Prefix for runners_token which can be used to invalidate existing tokens.
-  # The value chosen here is GR (for Gitlab Runner) combined with the rotation
-  # date (20220225) decimal to hex encoded.
-  RUNNERS_TOKEN_PREFIX = 'GR1348941'
-
   def self.sti_name
     'Group'
   end
@@ -117,7 +113,7 @@ class Group < Namespace
   add_authentication_token_field :runners_token,
                                  encrypted: -> { Feature.enabled?(:groups_tokens_optional_encryption, default_enabled: true) ? :optional : :required },
-                                 prefix: ->(instance) { instance.runners_token_prefix }
+                                 prefix: RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX
   after_create :post_create_hook
   after_destroy :post_destroy_hook
@@ -661,10 +657,6 @@ class Group < Namespace
     ensure_runners_token!
   end
-  def runners_token_prefix
-    Feature.enabled?(:groups_runners_token_prefix, self, default_enabled: :yaml) ? RUNNERS_TOKEN_PREFIX : ''
-  end
-
   override :format_runners_token
   def format_runners_token(token)
     "#{runners_token_prefix}#{token}"

app/models/project.rb

@@ -37,6 +37,7 @@ class Project < ApplicationRecord
   include EachBatch
   include GitlabRoutingHelper
   include BulkMemberAccessLoad
+  include RunnersTokenPrefixable
   extend Gitlab::Cache::RequestCache
   extend Gitlab::Utils::Override
@@ -73,11 +74,6 @@ class Project < ApplicationRecord
   GL_REPOSITORY_TYPES = [Gitlab::GlRepository::PROJECT, Gitlab::GlRepository::WIKI, Gitlab::GlRepository::DESIGN].freeze
-  # Prefix for runners_token which can be used to invalidate existing tokens.
-  # The value chosen here is GR (for Gitlab Runner) combined with the rotation
-  # date (20220225) decimal to hex encoded.
-  RUNNERS_TOKEN_PREFIX = 'GR1348941'
-
   cache_markdown_field :description, pipeline: :description
   default_value_for :packages_enabled, true
@@ -100,7 +96,7 @@ class Project < ApplicationRecord
   add_authentication_token_field :runners_token,
                                  encrypted: -> { Feature.enabled?(:projects_tokens_optional_encryption, default_enabled: true) ? :optional : :required },
-                                 prefix: ->(instance) { instance.runners_token_prefix }
+                                 prefix: RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX
   before_validation :mark_remote_mirrors_for_removal, if: -> { RemoteMirror.table_exists? }
@@ -1850,10 +1846,6 @@ class Project < ApplicationRecord
     ensure_runners_token!
   end
-  def runners_token_prefix
-    Feature.enabled?(:projects_runners_token_prefix, self, default_enabled: :yaml) ? RUNNERS_TOKEN_PREFIX : ''
-  end
-
   override :format_runners_token
   def format_runners_token(token)
     "#{runners_token_prefix}#{token}"

config/feature_flags/development/groups_runners_token_prefix.yml

----
-name: groups_runners_token_prefix
-introduced_by_url: 
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/353805
-milestone: '14.9'
-type: development
-group: group::database
-default_enabled: true

config/feature_flags/development/projects_runners_token_prefix.yml

----
-name: projects_runners_token_prefix
-introduced_by_url: 
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/353805
-milestone: '14.9'
-type: development
-group: group::database
-default_enabled: true

spec/models/concerns/runners_token_prefixable_spec.rb

+# frozen_string_literal: true
+
+require 'spec_helper'
+
+RSpec.describe RunnersTokenPrefixable do
+  before do
+    stub_const('DummyModel', Class.new)
+    DummyModel.class_eval do
+      include RunnersTokenPrefixable
+    end
+  end
+
+  describe '.runners_token_prefix' do
+    subject { DummyModel.new }
+
+    it 'returns RUNNERS_TOKEN_PREFIX' do
+      expect(subject.runners_token_prefix).to eq(RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX)
+    end
+  end
+end

spec/models/concerns/token_authenticatable_spec.rb

@@ -297,7 +297,7 @@ RSpec.shared_examples 'prefixed token rotation' do
     context 'token is not set' do
       it 'generates a new token' do
-        expect(subject).to match(/^#{instance.class::RUNNERS_TOKEN_PREFIX}/)
+        expect(subject).to match(/^#{RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX}/)
         expect(instance).not_to be_persisted
       end
     end
@@ -308,26 +308,14 @@ RSpec.shared_examples 'prefixed token rotation' do
       end
       it 'generates a new token' do
-        expect(subject).to match(/^#{instance.class::RUNNERS_TOKEN_PREFIX}/)
+        expect(subject).to match(/^#{RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX}/)
         expect(instance).not_to be_persisted
       end
-
-      context 'feature flag is disabled' do
-        before do
-          flag = "#{described_class.name.downcase.pluralize}_runners_token_prefix"
-          stub_feature_flags(flag => false)
-        end
-
-        it 'leaves the token unchanged' do
-          expect { subject }.not_to change(instance, :runners_token)
-          expect(instance).not_to be_persisted
-        end
-      end
     end
     context 'token is set and matches prefix' do
       before do
-        instance.set_runners_token(instance.class::RUNNERS_TOKEN_PREFIX + '-abcdef')
+        instance.set_runners_token(RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX + '-abcdef')
       end
       it 'leaves the token unchanged' do
@@ -342,7 +330,7 @@ RSpec.shared_examples 'prefixed token rotation' do
     context 'token is not set' do
       it 'generates a new token' do
-        expect(subject).to match(/^#{instance.class::RUNNERS_TOKEN_PREFIX}/)
+        expect(subject).to match(/^#{RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX}/)
         expect(instance).to be_persisted
       end
     end
@@ -353,25 +341,14 @@ RSpec.shared_examples 'prefixed token rotation' do
       end
       it 'generates a new token' do
-        expect(subject).to match(/^#{instance.class::RUNNERS_TOKEN_PREFIX}/)
+        expect(subject).to match(/^#{RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX}/)
         expect(instance).to be_persisted
       end
-
-      context 'feature flag is disabled' do
-        before do
-          flag = "#{described_class.name.downcase.pluralize}_runners_token_prefix"
-          stub_feature_flags(flag => false)
-        end
-
-        it 'leaves the token unchanged' do
-          expect { subject }.not_to change(instance, :runners_token)
-        end
-      end
     end
     context 'token is set and matches prefix' do
       before do
-        instance.set_runners_token(instance.class::RUNNERS_TOKEN_PREFIX + '-abcdef')
+        instance.set_runners_token(RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX + '-abcdef')
         instance.save!
       end

spec/models/group_spec.rb

@@ -2781,6 +2781,6 @@ RSpec.describe Group do
     subject { group }
-    it_behaves_like 'it has a prefixable runners_token', :groups_runners_token_prefix
+    it_behaves_like 'it has a prefixable runners_token'
   end
 end

spec/models/project_spec.rb

@@ -7556,7 +7556,7 @@ RSpec.describe Project, factory_default: :keep do
     subject { project }
-    it_behaves_like 'it has a prefixable runners_token', :projects_runners_token_prefix
+    it_behaves_like 'it has a prefixable runners_token'
   end
   private

spec/support/shared_examples/models/runners_token_prefix_shared_examples.rb

 # frozen_string_literal: true
-RSpec.shared_examples 'it has a prefixable runners_token' do |feature_flag|
-  context 'feature flag enabled' do
-    before do
-      stub_feature_flags(feature_flag => [subject])
+RSpec.shared_examples 'it has a prefixable runners_token' do
+  describe '#runners_token' do
+    it 'has a runners_token_prefix' do
+      expect(subject.runners_token_prefix).not_to be_empty
     end
-    describe '#runners_token' do
-      it 'has a runners_token_prefix' do
-        expect(subject.runners_token_prefix).not_to be_empty
-      end
-
-      it 'starts with the runners_token_prefix' do
-        expect(subject.runners_token).to start_with(subject.runners_token_prefix)
-      end
-    end
-  end
-
-  context 'feature flag disabled' do
-    before do
-      stub_feature_flags(feature_flag => false)
-    end
-
-    describe '#runners_token' do
-      it 'does not have a runners_token_prefix' do
-        expect(subject.runners_token_prefix).to be_empty
-      end
-
-      it 'starts with the runners_token_prefix' do
-        expect(subject.runners_token).to start_with(subject.runners_token_prefix)
-      end
+    it 'starts with the runners_token_prefix' do
+      expect(subject.runners_token).to start_with(subject.runners_token_prefix)
     end
   end
 end