Grant access to the raw files API to CI_JOB_TOKEN
Proposal
Trying to use $CI_JOB_TOKEN
to retrieve a file through the API currently returns HTTP 404 errors, see #395643 (closed)
Since with $CI_JOB_TOKEN
it is possible to clone the whole repository via git
, granting access to the raw files API to it would not change the security profile in any way.
Granting access to the raw files API would mean that pipelines would be able to retrieve only the files they need in a simple way rather that having to clone potentially big repositories.