From 56272cbf738061e7cc9716e308756779ce366a67 Mon Sep 17 00:00:00 2001 From: Adil Farrukh Date: Wed, 1 Oct 2025 14:52:00 -0400 Subject: [PATCH 1/5] FF clean up --- lib/api/admin/token.rb | 3 --- 1 file changed, 3 deletions(-) diff --git a/lib/api/admin/token.rb b/lib/api/admin/token.rb index 0f2ff0eded5ff2..42dceebb1a7ed1 100644 --- a/lib/api/admin/token.rb +++ b/lib/api/admin/token.rb @@ -71,9 +71,6 @@ def track_admin_api_usage_event hidden true end delete do - if Feature.disabled?(:api_admin_token_revoke, current_user) - render_api_error!("'api_admin_token_revoke' feature flag is disabled", :not_found) - end identified_token = identify_token(params[:token]) -- GitLab From 0649cfea6a856e938ac5bf08ced3325adfe451d1 Mon Sep 17 00:00:00 2001 From: Adil Farrukh Date: Wed, 1 Oct 2025 14:59:27 -0400 Subject: [PATCH 2/5] Edit token.md --- doc/api/admin/token.md | 1 - 1 file changed, 1 deletion(-) diff --git a/doc/api/admin/token.md b/doc/api/admin/token.md index 9e998ec2561c72..d404b7d3e9e816 100644 --- a/doc/api/admin/token.md +++ b/doc/api/admin/token.md @@ -116,7 +116,6 @@ Example response: {{< history >}} -- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/170421) in GitLab 17.7 [with a flag](../../administration/feature_flags/_index.md) named `api_admin_token_revoke`. Disabled by default. - [Cluster agent tokens added](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/178211) in GitLab 17.9. - [Runner authentication tokens added](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/179066) in GitLab 17.9. - [OAuth application secrets added](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/179035) in GitLab 17.9. -- GitLab From 5ebccdab2d42c20dfc11119c2520acb7e5e34f60 Mon Sep 17 00:00:00 2001 From: Adil Farrukh Date: Wed, 1 Oct 2025 15:00:06 -0400 Subject: [PATCH 3/5] Delete api_admin_token_revoke.yml --- config/feature_flags/beta/api_admin_token_revoke.yml | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 config/feature_flags/beta/api_admin_token_revoke.yml diff --git a/config/feature_flags/beta/api_admin_token_revoke.yml b/config/feature_flags/beta/api_admin_token_revoke.yml deleted file mode 100644 index ed59738ebb85d0..00000000000000 --- a/config/feature_flags/beta/api_admin_token_revoke.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -name: api_admin_token_revoke -feature_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/499958 -introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/170421 -rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/502413 -milestone: '17.7' -group: group::authentication -type: beta -default_enabled: true -- GitLab From 1e9c532f4da532981a7609ae964ab6db57a1ba0a Mon Sep 17 00:00:00 2001 From: Adil Farrukh Date: Wed, 1 Oct 2025 15:11:40 -0400 Subject: [PATCH 4/5] Changelog: Remove feature flag `api_admin_token_revoke`. The API endpoint for revoking admin tokens is now permanently enabled. --- lib/api/admin/token.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/api/admin/token.rb b/lib/api/admin/token.rb index 42dceebb1a7ed1..c85d9b65f4019c 100644 --- a/lib/api/admin/token.rb +++ b/lib/api/admin/token.rb @@ -71,7 +71,6 @@ def track_admin_api_usage_event hidden true end delete do - identified_token = identify_token(params[:token]) render_api_error!({ error: 'Not found' }, :not_found) if identified_token.revocable.nil? -- GitLab From 56a30d30bfee8f0763ea0b49b11a60b79e2f3b58 Mon Sep 17 00:00:00 2001 From: Adil Farrukh Date: Wed, 1 Oct 2025 15:38:06 -0400 Subject: [PATCH 5/5] Remove feature flag api_admin_token_revoke The API endpoint for revoking admin tokens is now permanently enabled. Changelog: removed --- spec/requests/api/admin/token_spec.rb | 8 -------- 1 file changed, 8 deletions(-) diff --git a/spec/requests/api/admin/token_spec.rb b/spec/requests/api/admin/token_spec.rb index 9e25ea9296aa41..1aa691bdd24057 100644 --- a/spec/requests/api/admin/token_spec.rb +++ b/spec/requests/api/admin/token_spec.rb @@ -294,14 +294,6 @@ end end - context 'when the revocation feature is disabled' do - before do - stub_feature_flags(api_admin_token_revoke: false) - end - - it_behaves_like 'returning response status', :not_found - end - it_behaves_like 'rejecting invalid requests with admin' end -- GitLab