Expose ci_inbound_job_token_scope in job REST API
Problem
Customers who utilize the GitLab API for automation may want to setup the limited inbound CI_JOB_TOKEN
so projects "just work" after being created.
Proposal
-
GET projects/:id/job_token_scope
- Get settingsinbound_enabled
andoutbound_enabled
(no allowlists because it needs pagination) -
PATCH projects/:id/job_token_scope
- update params such asinbound_scope_enabled
andoutbound_scope_enabled
-
GET projects/:id/job_token_scope/allowlist/:direction
- Get the allowlist of projects (wheredirection
isinbound|outbound
) -
POST projects/:id/job_token_scope/allowlist/:direction?project_id=123
- add a project to the allowlist -
DELETE projects/:id/job_token_scope/allowlist/:direction?project_id=123
- remove project from the allowlist This does not include the projects that are allowed to access the project though.
Permissions
This should only be shown to users with a Maintainer or higher role within the project to match existing permissions for CI/CD settings.
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.