Pipeline trigger syntax doesn't work on private downstream repos

Summary

Pipeline trigger syntax doesn't work on private downstream repos

Steps to reproduce

Create two new repos A and B, B is private both with .gitlab-ci.yml

A contains:

stages:
  - trigger

validate:
  stage: trigger
  trigger: myrepo/trigger4

B contains:

stages:
  - validate

validate:
  stage: validate
  script:
    - echo "validated"
  only:
    - triggers

When A tries to trigger B, A would fail and B won't be triggered.

Example Project

Only happens when downstream repo is private. No matter whether upstream is public or private in the same org. Upstream: https://gitlab.com/musedev/trigger5 Downstream: https://gitlab.com/musedev/trigger4

What is the current bug behavior?

In .gitlab-ci.yml, I am supposed to be able to use the

    trigger:
        project: private_repo/downstream
        branch: target_branch

syntax to trigger a downstream build in another project according to the documentation.

But when I do, it fails without giving any error message every time.

What is the expected correct behavior?

I did all sorts of experiments and found if the target repo is private, I can't use the new syntax even from another private repo in the same org. Because the pipeline trigger syntax doesn't have the option to use alternative trigger key.

I had to follow the API syntax . And at the same time register a new token in the target project under Settings -> CICD -> Pipeline triggers. The final working snippet looks like this:

    script:
        - "curl -X POST -F token=$IAC_TRIGGER_TOKEN -F ref=master -F 'variables[ENVIRONMENT]=staging' https://gitlab.com/api/v4/projects/XXXXX/trigger/pipeline"

This is sad because:

  1. The pipeline syntax looks so much better if it works.
  2. API call needs to spin up the runner just for one single curl and pipeline syntax executes immediately as a bridge.

Relevant logs and/or screenshots

No error messages available expect for a failure. https://gitlab.com/musedev/trigger5/pipelines

Output of checks

This bug happens on gitlab.com

Possible fixes

Either document this behavior or add downstream trigger token as a optional parameter under trigger: