“No permissions to trigger downstream pipeline” … for a user who has permissions
Summary
I have a project which other projects need to be able to trigger pipeline builds on. This project is internal-only in a public group. Some users can then use a normal trigger:
to trigger jobs in the target project but others will get an error “No permissions to trigger downstream pipeline” even if they have the level (Developer or Maintainer) needed to trigger pipelines on that branch and have no problem triggering pipelines directly.
Steps to reproduce
- Create a project in groupA with the downstream pipeline
- Create a project in groupB with the source pipeline which triggers the project in groupA
- Test users with different combinations of access: so far I've tried unsuccessfully granting this user Maintainer on the downstream repo or groupA.
Example Project
Not easy to do — it's a non-public self-hosted Premium instance.
What is the current bug behavior?
Triggers fail in the GitLab CI context but the user can trigger the pipeline manually with the same values
What is the expected correct behavior?
The user should have the same level of access no matter the context
Relevant logs and/or screenshots
Output of checks
Results of GitLab environment info
Premium 13.10.1-ee (b91b666b)
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:env:info`) (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
Results of GitLab application Check
Expand for output related to the GitLab application check
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true
)(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true
)(we will only investigate if the tests are passing)