Ability to trigger pipelines with job tokens and personal access tokens on the same API
I wasn't comfortable picking any of the existing templates because this isn't a bug or a feature. This is about technical debt and product consistency.
In the API for pipelines there is a fragmentation on what tokens can be used, e.g. personal access tokens, CI_JOB_TOKEN
, or trigger token and the form/header/query argument they are placed in.
Please see https://forum.gitlab.com/t/trigger-pipeline-through-api-with-my-personal-authentication-token/19665 for what made me create this issue.
The cross project interaction of pipelines is a key aspect to making a scalable system going forward for my enterprise and in looking to leverage that a ran across a bit of cruft in the API.
One of the original features around cross project communication I believe was the idea of triggering pipelines. In this iteration it required a user to create a token on the recipient repository that was then given to the triggering context. In later iteration this was automated a bit with the idea of pipeline job tokens (CI_JOB_TOKEN
). Later yet API(s) (artifact download) based on this job token allow usage of personal access tokens while at least one instance of previous API(s) (pipeline trigger) only allowed the trigger token or job token. The field used across these is different, the pipeline trigger uses token
but the artifact download uses job_token
parameter or JOB-TOKEN
header.
The ask here is to take a more considered approach when adding an API utilizing existing art in the API to make the exiting art and the new API more consistent.