Access Token with Developer Role & API permissions to modify their mr comments via API

Release notes

Provide Group Access Tokens given Developer Role & API permissions the ability to modify notes created by them via the API.

Problem to solve

We automate merge request comments (i.e. notes) in ci using group access tokens. An example being the status and details of the latest test or code scan. We chose a developer role for security purposes, as merge requests pipelines are usually run from unprotected branches (pushing to protected branches). Ideally, we would maintain a single note per test/scan as a merge request could have many pipelines and thus many notes, spamming the merge request comments section.

Proposal

Group Access Tokens given Developer Role & API permissions can create note and modify notes created by them via API.

Intended users

DevOps Engineers & CI Developers

Feature Usage Metrics

merge request notes already display data regarding created by and edited by.