Read-only acces token to the GitLab API

Problem to solve

There is no personal access token for read-only API calls.

Intended users

Use-case:

• Check with GitLab-Python if a pipline is finished.
• Simple API calls

Further details

Example:

import gitlab

token = 'xxx'

gl = gitlab.Gitlab('https://gitlab.example.org', token = token)
gl.auth()

project = gl.projects.get(<id>, lazy=True)
pipeline = project.pipelines.get(<pipeline_id>, private_token = token)
pipelines = project.pipelines.list()

print(pipelines[0].finished_at)

This example returns gitlab.exceptions.GitlabGetError: 403: insufficient_scope when the token has not full read/write access.

Proposal

Introduce a new access token for read-only API calls.

Permissions and Security

Currently it is necessary to create an access token that grants complete read/write access to the API, including all groups and projects.