Merge branch '223214-clean-up-feature-flags' into 'master'

Clean up feature flags ci_authenticate_running_job_token_for_artifacts and ci_expose_running_job_token_for_artifacts

See merge request gitlab-org/gitlab!87509

config/feature_flags/development/ci_authenticate_running_job_token_for_artifacts.yml

----
-name: ci_authenticate_running_job_token_for_artifacts
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/83713
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/357075
-milestone: '15.0'
-type: development
-group: group::pipeline insights
-default_enabled: false

config/feature_flags/development/ci_expose_running_job_token_for_artifacts.yml

----
-name: ci_expose_running_job_token_for_artifacts
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/83713
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/357075
-milestone: '15.0'
-type: development
-group: group::pipeline insights
-default_enabled: false

lib/api/ci/runner.rb

@@ -324,8 +324,7 @@ module API
           optional :direct_download, default: false, type: Boolean, desc: %q(Perform direct download from remote storage instead of proxying artifacts)
         end
         get '/:id/artifacts', feature_category: :build_artifacts do
-          if Feature.enabled?(:ci_authenticate_running_job_token_for_artifacts, current_job&.project) &&
-            request_using_running_job_token?
+          if request_using_running_job_token?
             authenticate_job_via_dependent_job!
           else
             authenticate_job!(require_running: false)

lib/api/entities/ci/job_request/dependency.rb

@@ -8,11 +8,7 @@ module API
           expose :id, :name
           expose :token do |job, options|
-            if ::Feature.enabled?(:ci_expose_running_job_token_for_artifacts, job.project)
-              options[:running_job]&.token
-            else
-              job.token
-            end
+            options[:running_job]&.token
           end
           expose :artifacts_file, using: Entities::Ci::JobArtifactFile, if: ->(job, _) { job.available_artifacts? }

spec/lib/api/entities/ci/job_request/dependency_spec.rb

@@ -21,16 +21,6 @@ RSpec.describe API::Entities::Ci::JobRequest::Dependency do
     expect(subject[:token]).to eq(running_job.token)
   end
-  context 'when ci_expose_running_job_token_for_artifacts is disabled' do
-    before do
-      stub_feature_flags(ci_expose_running_job_token_for_artifacts: false)
-    end
-
-    it 'returns the token belonging to the dependency job' do
-      expect(subject[:token]).to eq(job.token)
-    end
-  end
-
   it 'returns the dependency artifacts_file', :aggregate_failures do
     expect(subject[:artifacts_file][:filename]).to eq('ci_build_artifacts.zip')
     expect(subject[:artifacts_file][:size]).to eq(job.artifacts_size)

spec/requests/api/ci/runner/jobs_artifacts_spec.rb

@@ -895,22 +895,6 @@ RSpec.describe API::Ci::Runner, :clean_gitlab_redis_shared_state do
               it_behaves_like 'successful artifact download'
             end
-
-            context 'when feature flag is disabled' do
-              before do
-                stub_feature_flags(ci_authenticate_running_job_token_for_artifacts: false)
-              end
-
-              it_behaves_like 'successful artifact download'
-
-              context 'when the job is no longer running' do
-                before do
-                  job.success!
-                end
-
-                it_behaves_like 'successful artifact download'
-              end
-            end
           end
           context 'when using token belonging to the dependent job' do
@@ -928,14 +912,6 @@ RSpec.describe API::Ci::Runner, :clean_gitlab_redis_shared_state do
               it_behaves_like 'forbidden request'
             end
-
-            context 'when feature flag is disabled' do
-              before do
-                stub_feature_flags(ci_authenticate_running_job_token_for_artifacts: false)
-              end
-
-              it_behaves_like 'forbidden request'
-            end
           end
           context 'when using token belonging to another job created by another project member' do
@@ -952,14 +928,6 @@ RSpec.describe API::Ci::Runner, :clean_gitlab_redis_shared_state do
             end
             it_behaves_like 'successful artifact download'
-
-            context 'when feature flag is disabled' do
-              before do
-                stub_feature_flags(ci_authenticate_running_job_token_for_artifacts: false)
-              end
-
-              it_behaves_like 'forbidden request'
-            end
           end
           context 'when using token belonging to a pending dependent job' do

spec/requests/api/ci/runner/jobs_request_post_spec.rb

@@ -507,23 +507,6 @@ RSpec.describe API::Ci::Runner, :clean_gitlab_redis_shared_state do
                 { 'id' => job2.id, 'name' => job2.name, 'token' => test_job.token })
             end
-            context 'when ci_expose_running_job_token_for_artifacts is disabled' do
-              before do
-                stub_feature_flags(ci_expose_running_job_token_for_artifacts: false)
-              end
-
-              it 'returns dependent jobs with the dependency job tokens' do
-                request_job
-
-                expect(response).to have_gitlab_http_status(:created)
-                expect(json_response['id']).to eq(test_job.id)
-                expect(json_response['dependencies'].count).to eq(2)
-                expect(json_response['dependencies']).to include(
-                  { 'id' => job.id, 'name' => job.name, 'token' => job.token },
-                  { 'id' => job2.id, 'name' => job2.name, 'token' => job2.token })
-              end
-            end
-
             describe 'preloading job_artifacts_archive' do
               it 'queries the ci_job_artifacts table once only' do
                 expect { request_job }.not_to exceed_all_query_limit(1).for_model(::Ci::JobArtifact)