Use a lower role for project token (!3795) · Merge requests · GitLab.org / GitLab Docs

Marcel Amirault requested to merge docs-api-token-role into main Apr 26, 2023

What does this MR do and why?

After rotating tokens today, we realized we were giving our token too high a role. It only needs Developer to be able to start/stop environments, create pipelines, etc.

I've already create a fresh token with this lower role and triggered a review app from gitlab-org/gitlab, which deployed successfully.

Screenshots, screen recordings, or links to review app

These are strongly recommended to assist reviewers and reduce the time to merge your change.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

Configure a local GitLab Docs environment: https://gitlab.com/gitlab-org/gitlab-docs/-/blob/main/doc/setup.md.

Merge request acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this merge request.

Edited Apr 26, 2023 by Marcel Amirault

Use a lower role for project token

What does this MR do and why?

Screenshots, screen recordings, or links to review app

How to set up and validate locally

Merge request acceptance checklist

Merge request reports