Add optional expiration for pipeline trigger tokens
Release Notes
You can now add an optional expiration for Pipeline Trigger Token for improved security. The feature is available in Beta.
Problem
Currently we don't enforce a default expiration on pipeline trigger tokens. These tokens never expire.
Pipeline Trigger Tokens usually get inadvertently leaked on git repos or elsewhere and the impact of such a leak can be pretty high and may cause reputation damage to GitLab.
We also don't offer a capability to programmatically revoke an existing pipeline trigger token and generate a new one like the Token Rotation API.
This issue came up in this related discussion.
Proposal
We have recently started enforcing expiration for all types of access tokens (personal, project, group). It would be great to do the same for pipeline trigger tokens as well.
This can all be customizable of course but we need to have secure and sensible defaults in place to protect users in case of an accidental token leakage.
An API like the Token Rotation API which would allow users to programmatically rotate pipeline trigger tokens will be great from a security perspective as it would train users to get into the habit of revoking and generating new tokens periodically. This would minimize the impact of an accidental trigger token disclosure.