#24889 - Feature: Fetch Gitlab users for self-hosted Gitlab based on group assignment

[hghtwr]

Hey, I just made a Pull Request!

In reference to the problem described in #24889, this PR implements a new configuration key to limit the ingested users to the group defined in the provider configuration for self-hosted and SaaS.

I have tested this positively with a self-hosted Gitlab instance. Unforunately, I don't have access to a SaaS instance even though the change on SaaS side is only a minor one that shouldn't break anything.

It also slips a small change into the .gitignore to add .envrc files used with direnv.

✔️ Checklist

• A changeset describing the change and affected packages. (more info)
• Added or updated documentation
• Tests for new functionality and regression tests for bug fixes
• Screenshots attached (for UI changes)
• All your commits have a Signed-off-by line in the message. (more info)

[backstage-goalie]

Changed Packages

Package Name	Package Path	Changeset Bump	Current Version
example-backend	packages/backend	none	v0.0.27
@backstage/plugin-catalog-backend-module-gitlab	plugins/catalog-backend-module-gitlab	patch	v0.3.18

[hghtwr]

Im gonna clean this up in the course of the day...

[github-actions]

Uffizzi Ephemeral Environment - Virtual Cluster

Your cluster pr-24936 was successfully created. Learn more about Uffizzi virtual clusters
To connect to this cluster, follow these steps:

1. Download and install the Uffizzi CLI from https://docs.uffizzi.com/install
2. Login to Uffizzi, then select the backstage account and project:

uffizzi login

Select an account: 
  ‣ backstage
    jdoe

Select a project or create a new project: 
  ‣ backstage-6783521

3. Update your kubeconfig: uffizzi cluster update-kubeconfig pr-24936 --kubeconfig=[PATH_TO_KUBECONFIG]
   After updating your kubeconfig, you can manage your cluster with kubectl, kustomize, helm, and other tools that use kubeconfig files: kubectl get namespace --kubeconfig [PATH_TO_KUBECONFIG]

Access the backstage endpoint at https://backstage-default-pr-24936-c5595.uclusters.app.uffizzi.com

[vinzscam]

Nice! Feel free to remove it from draft whenever is ready so that we get pinged :D

[hghtwr]

@vinzscam I'm pretty lost with the last two failing checks as I don't have a good understanding about yarn workspaces.
I can reproduce the issue locally by removing the yarn.lock file but I got no idea where it is coming from? The PR doesnt change any dependencies. It doesn't happen using the original lockfile...

[vinzscam]

@vinzscam I'm pretty lost with the last two failing checks as I don't have a good understanding about yarn workspaces. I can reproduce the issue locally by removing the yarn.lock file but I got no idea where it is coming from? The PR doesnt change any dependencies. It doesn't happen using the original lockfile...

try rebasing master, probably something was wrong in the base branch

[hghtwr]

@vinzscam Thanky you, that worked. The DCO job seems to be stuck before even starting, so I hope that won't be a problem.

[benjdlambert]

Thanks for this, just want to cover the additional functionality with some tests if thats possible 🙏

[benjdlambert]

Does this logic change the default behaviour which we have today or am I misreading this test change?

[hghtwr]

The full org scan returns users as well as groups (and their subgroups).
Previously, there was no testing with subgroups. I implemented this into the test data. So the comparison of returned users and the returned entities doesn't make a lot of sense anymore.

I can make the test more precise by filtering the returned entities to users, compare this to the expected users and add another line of test that filters the returned entities to groups and compares them to the expected number of groups. That would keep the original test logic in place but still would be compatible to the test data.

[benjdlambert]

OK - let's go with this 🎉 thanks!

[github-actions]

Thank you for contributing to Backstage! The changes in this pull request will be part of the 1.29.0 release, scheduled for Tue, 16 Jul 2024.