Allow `CI_JOB_TOKEN` to interact with the deployments and environments API
Proposal
Currently, when using GitLab CI to deploy your code, your only option for having deployment status reflected in The environments/deployments screen of GitLab is via use of the environment
keyword in GitLab CI. You can manually call the API from inside a job, however you need to setup a PAT with full API permissions to do so, then pass that token (somehow) to your job.
In sufficiently complex deployment situations, the use of CI keywords is not enough, especially when dealing with deployments via external tools or over multiple jobs.
Likewise, a common deployment pattern is for multi project downstream pipelines, where a repository that hosts the application code triggers a pipeline in a repository that does deployment.
In all these situations, it would be nice for the CI_JOB_TOKEN
to have permissions to update the environments and deployments status within GitLab CI, so automation around this can be done in CI jobs without the use of a PAT. Likewise, in multi project setups, the CI_JOB_TOKEN security scopes could be used to allow child pipelines to update deployment status in parent pipelines.