Deploy Token scopes are missing from UI
Summary
The maintainer of a project tries to create a Deploy Token, but all the scopes are missing, except for the read_repository
scope.
- Intent is to use the scopes related to the package registry, i.e. NPM:
(read|write)_package_registry
- NPM packages can be added successfully using alternative methods (i.e. with a personal access token)
- Existing (and newly created) projects are affected
Steps to reproduce
-
enabledisable a project's container registry - Notice that all the scopes are missing (except for the
read_repository
one)
What is the current bug behavior?
Only read_repository
scope is avaiable:
What is the expected correct behavior?
All the scopes should be available, except for the container registry related scopes since it's disabled:
Relevant logs and/or screenshots
Workaround
Create the deploy token using the API:
curl --request POST --header "PRIVATE-TOKEN: <personal_access_token>" --header "Content-Type: application/json" --data '{"name": "My deploy token", "expires_at": "2021-01-01", "scopes": ["read_package_registry", "write_package_registry"]}' "https://gitlab.com/api/v4/projects/<project-id>/deploy_tokens/"
Output of checks
This bug happens on Gitlab.com:
- https://gitlab.com/nelbacha/npm-deploy-token/edit#js-shared-permissions
- https://gitlab.com/nelbacha/npm-deploy-token/-/settings/repository
Results of GitLab environment info
Expand for output related to GitLab environment info
System information System: Debian 10 Proxy: no Current User: git Using RVM: no Ruby Version: 2.6.6p146 Gem Version: 2.7.10 Bundler Version:1.17.3 Rake Version: 12.3.3 Redis Version: 5.0.9 Git Version: 2.26.2 Sidekiq Version:5.2.7 Go Version: unknown GitLab information Version: 13.0.0-ee Revision: ef3e35341f6 Directory: /opt/gitlab/embedded/service/gitlab-rails DB Adapter: PostgreSQL DB Version: 11.7 URL: https://gitlab.fairmat.com HTTP Clone URL: https://gitlab.fairmat.com/some-group/some-project.git SSH Clone URL: git@gitlab.fairmat.com:some-group/some-project.git Elasticsearch: no Geo: yes Geo node: Primary Using LDAP: yes Using Omniauth: yes Omniauth Providers: bitbucket GitLab Shell Version: 13.2.0 Repository storage paths: - default: /var/opt/gitlab/git-data/repositories GitLab Shell path: /opt/gitlab/embedded/service/gitlab-shell Git: /opt/gitlab/embedded/bin/git
Results of GitLab application Check
Expand for output related to the GitLab application check
Checking GitLab subtasks ...Checking GitLab Shell ...
GitLab Shell: ... GitLab Shell version >= 13.2.0 ? ... OK (13.2.0) Running /opt/gitlab/embedded/service/gitlab-shell/bin/check Internal API available: OK Redis available via internal API: OK gitlab-shell self-check successful
Checking GitLab Shell ... Finished
Checking Gitaly ...
Gitaly: ... default ... OK
Checking Gitaly ... Finished
Checking Sidekiq ...
Sidekiq: ... Running? ... yes Number of Sidekiq processes ... 1
Checking Sidekiq ... Finished
Checking Incoming Email ...
Incoming Email: ... Checking Reply by email ...
IMAP server credentials are correct? ... yes Init.d configured correctly? ... skipped MailRoom running? ... skipped
Checking Reply by email ... Finished
Checking Incoming Email ... Finished
Checking LDAP ...
LDAP: ... Server: ldapmain LDAP authentication... Success LDAP users with access to your GitLab server (only showing the first 100 results) User output sanitized. Found 89 users of 100 limit.
Checking LDAP ... Finished
Checking GitLab App ...
Git configured correctly? ... yes Database config exists? ... yes All migrations up? ... yes Database contains orphaned GroupMembers? ... no GitLab config exists? ... yes GitLab config up to date? ... yes Log directory writable? ... yes Tmp directory writable? ... yes Uploads directory exists? ... yes Uploads directory has correct permissions? ... yes Uploads directory tmp has correct permissions? ... yes Init script exists? ... skipped (omnibus-gitlab has no init script) Init script up-to-date? ... skipped (omnibus-gitlab has no init script) Projects have namespace: ... 8/2 ... yes 9/3 ... yes 8/4 ... yes 8/5 ... yes 8/6 ... yes 8/7 ... yes 8/8 ... yes 9/14 ... yes 9/15 ... yes 9/16 ... yes 9/17 ... yes 9/18 ... yes 9/19 ... yes 9/20 ... yes 8/23 ... yes 9/24 ... yes 18/25 ... yes 9/28 ... yes 9/31 ... yes 8/32 ... yes 9/33 ... yes 9/34 ... yes 9/37 ... yes 9/39 ... yes 8/42 ... yes 9/46 ... yes 8/47 ... yes 8/49 ... yes 8/50 ... yes 8/60 ... yes 8/61 ... yes 8/62 ... yes 8/63 ... yes 8/64 ... yes 8/65 ... yes 8/66 ... yes 8/67 ... yes 8/68 ... yes 8/69 ... yes 8/70 ... yes 8/71 ... yes 8/72 ... yes 8/73 ... yes 8/74 ... yes 8/75 ... yes 8/76 ... yes 8/77 ... yes 8/78 ... yes 8/79 ... yes 8/88 ... yes 8/91 ... yes 22/94 ... yes 8/98 ... yes 8/99 ... yes 9/104 ... yes 9/111 ... yes 8/112 ... yes 19/113 ... yes 9/114 ... yes 9/115 ... yes 9/116 ... yes 25/117 ... yes 3/118 ... yes 8/119 ... yes 7/121 ... yes 9/122 ... yes 9/128 ... yes 9/129 ... yes 3/131 ... yes 3/132 ... yes 3/133 ... yes 9/134 ... yes 3/135 ... yes 19/136 ... yes 8/137 ... yes 9/138 ... yes 3/139 ... yes 8/140 ... yes 9/144 ... yes 3/145 ... yes 25/146 ... yes 9/147 ... yes 8/148 ... yes 9/149 ... yes 8/150 ... yes 3/151 ... yes 3/154 ... yes 8/156 ... yes 25/158 ... yes 9/159 ... yes 9/164 ... yes 21/166 ... yes 9/167 ... yes 39/170 ... yes 31/171 ... yes 9/172 ... yes 3/173 ... yes Redis version >= 4.0.0? ... yes Ruby version >= 2.5.3 ? ... yes (2.6.6) Git version >= 2.22.0 ? ... yes (2.26.2) Git user has default SSH configuration? ... yes Active users: ... 23 Is authorized keys file accessible? ... skipped (authorized keys not enabled) GitLab configured to store new projects in hashed storage? ... yes All projects are in hashed storage? ... yes Elasticsearch version 5.6 - 6.x? ... skipped (elasticsearch is disabled)
Checking GitLab App ... Finished
Checking Geo ...
GitLab Geo is available ... yes GitLab Geo is enabled ... yes This machine's Geo node name matches a database record ... yes, found a primary node named "https://gitlab.fairmat.com/" HTTP/HTTPS repository cloning is enabled ... yes Machine clock is synchronized ... yes Git user has default SSH configuration? ... yes OpenSSH configured to use AuthorizedKeysCommand ... yes GitLab configured to disable writing to authorized_keys file ... yes GitLab configured to store new projects in hashed storage? ... yes All projects are in hashed storage? ... yes
Checking Geo ... Finished
Checking GitLab subtasks ... Finished