Pipeline Triggerer Not Useful When Tied To User Account
Problem to solve
The Triggerer
field used in CI/CD Pipelines is not useful when a repository mirror is configured with a user account. The triggerer will always be the person that setup the Repository Mirror.
Intended users
All Users
Further details
We've configured Github repositories as external repos in Gitlab so that the CI process can still run against our existing repos. When importing the repo, the Triggerer
field on all future pipelines will be filled by the user account that was provided for authentication to Github. Because we set this integration up using my own user account, every pipeline has the Triggerer
marked as my own account. The Github commit comments are still valid and point to the user account that made the commit.
Proposal
The triggerer should be the user who made the commit, not the person who configured the Repository Mirror or it should be able to be disabled / hidden from view.
Within this configuration, the Triggerer
field becomes useless. We will be improving our environment's configuration by instead creating a Github/Gitlab service account and tying the keys used for authentication to this SA. Ideally, the project import process should be improved to allow for customizing the Triggerer
user value or to disable it from showing in the pipeline completely.
Permissions and Security
Unknown, you need Github repo access to import the repository to the Gitlab project. You will also need Gitlab admin access to setup the external repo mirror.
Testing
Risks unknown.
What does success look like, and how can we measure that?
Success for this configuration would be to either be able to modify the Triggerer
user that is configured with the Github repository without having to re-import the project or to choose to disable viewing the Triggerer
field.
What is the type of buyer?
All Users / Tiers
Links / references
Internal Ticket: https://support.gitlab.com/hc/en-us/requests/129191