Merge branch '271577-delete-feature-flag' into 'master'

Enables notifications when administrators revoke credentials See merge request gitlab-org/gitlab!46973

Merge branch '271577-delete-feature-flag' into 'master'
Enables notifications when administrators revoke credentials See merge request gitlab-org/gitlab!46973
194fcaec · Stan Hu · d99e0b64 · 1c45bc26 · 194fcaec · 194fcaec
Commit 194fcaec authored Nov 06, 2020 by Stan Hu
6 changed files
--- a/doc/user/admin_area/credentials_inventory.md
+++ b/doc/user/admin_area/credentials_inventory.md
@@ -40,39 +40,13 @@ If you see a **Revoke** button, you can revoke that user's PAT. Whether you see
 | Revoked     | Yes                    | No                 | Not applicable; token is already revoked                                   |
 | Revoked     | No                     | No                 | Not applicable; token is already revoked                                   |

+When a PAT is revoked from the credentials inventory, the instance notifies the user by email.
+
 ## Delete a user's SSH key

 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/225248) in GitLab 13.5.

 You can **Delete** a user's SSH key by navigating to the credentials inventory's SSH Keys tab.
+The instance then notifies the user.

 ![Credentials inventory page - SSH keys](img/credentials_inventory_ssh_keys_v13_5.png)
-
-## Revocation or deletion notification
-
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/250354) in GitLab 13.6.
-> - It's [deployed behind a feature flag](../../user/feature_flags.md), disabled by default.
-> - It's disabled on GitLab.com.
-> - It's not recommended for production use.
-> - To use it in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-revocation-or-deletion-notification).
-
-CAUTION: **Warning:**
-This feature might not be available to you. Check the **version history** note above for details.
-
-### Enable or disable revocation or deletion notification **(ULTIMATE ONLY)**
-
-Revocation or deletion notification is under development and not ready for production use. It is deployed behind a feature flag that is **disabled by default**.
-[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md)
-can enable it.
-
-To enable it:
-
-```ruby
-Feature.enable(:credentials_inventory_revocation_emails)
-```
-
-To disable it:
-
-```ruby
-Feature.disable(:credentials_inventory_revocation_emails)
-```
--- a/ee/app/controllers/concerns/credentials_inventory_actions.rb
+++ b/ee/app/controllers/concerns/credentials_inventory_actions.rb
@@ -55,8 +55,6 @@ module CredentialsInventoryActions
  end

  def notify_deleted_or_revoked_credential(credential)
-    return unless Feature.enabled?(:credentials_inventory_revocation_emails, credential.user)
-
    if credential.is_a?(Key)
      CredentialsInventoryMailer.ssh_key_deleted_email(
        params: {

--- a/ee/changelogs/unreleased/271577-delete-feature-flag.yml
+++ b/ee/changelogs/unreleased/271577-delete-feature-flag.yml
+---
+title: Enable credentials inventory revocation emails
+merge_request: 46973
+author:
+type: added
--- a/ee/config/feature_flags/development/credentials_inventory_revocation_emails.yml
+++ b/ee/config/feature_flags/development/credentials_inventory_revocation_emails.yml
---
-name: credentials_inventory_revocation_emails
-introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/46033
-rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/271577
-type: development
-group: group::compliance
-default_enabled: false
--- a/ee/spec/controllers/admin/credentials_controller_spec.rb
+++ b/ee/spec/controllers/admin/credentials_controller_spec.rb
@@ -170,18 +170,6 @@ RSpec.describe Admin::CredentialsController do

              put :revoke, params: { id: personal_access_token.id }
            end
-
-            context 'when credentials_inventory_revocation_emails flag is disabled' do
-              before do
-                stub_feature_flags(credentials_inventory_revocation_emails: false)
-              end
-
-              it 'does not inform the token owner' do
-                expect do
-                  put :revoke, params: { id: personal_access_token.id }
-                end.not_to change { ActionMailer::Base.deliveries.size }
-              end
-            end
          end
        end
      end

--- a/ee/spec/support/shared_examples/controllers/credentials_inventory_shared_examples.rb
+++ b/ee/spec/support/shared_examples/controllers/credentials_inventory_shared_examples.rb
@@ -39,18 +39,6 @@ RSpec.shared_examples_for 'credentials inventory controller delete SSH key' do |
              expect { subject }.to change { ActionMailer::Base.deliveries.size }.by(1)
            end
          end
-
-          context 'when credentials_inventory_revocation_emails is disabled' do
-            before do
-              stub_feature_flags(credentials_inventory_revocation_emails: false)
-            end
-
-            it 'does not notify the key owner' do
-              expect(CredentialsInventoryMailer).not_to receive(:ssh_key_deleted_email)
-
-              subject
-            end
-          end
        end

        context 'and it fails to remove the key' do