Integration test fails because of invalid token errors
Summary
Gemnasium e2e tests started failing with an invalid access token error (example). This as a result of the reduction in scope for CI_JOB_TOKEN
when using the graphql api.
integration-test needs to be updated so that it can still access the relevant job's artifacts.
Steps to reproduce
Clone a test project like js-npm, when the pipeline runs, qa-gemnasium-dependency_scanning
fails with an invalid token error (see example above for more info).
Example Project
What is the current bug behavior?
qa-gemnasium-dependency_scanning
job fails.
What is the expected correct behavior?
The job should succeed.
Relevant logs and/or screenshots
https://gitlab.com/gitlab-org/security-products/tests/js-npm/-/jobs/6790870749
Possible fixes
- Use
rest
api. - Add a new token to each test project and update integration-test to use this.
- Add a new token to the group level and update integration-test.
Implementation plan
-
Update qa-gemnasium-dependency_scanning
to allow gl-dependency-scanning-reports artifacts to be picked up byintegration-test
( Expose security report from Dependency Scanning... (gitlab-org/security-products/ci-templates!383 - merged) • Igor Frenkel) -
Remove temporary fix ( qa-gemnasium-dependency_scanning
job was updated to allow the integration tests to fail. This needs to be reverted) ( Remove allow_failure from Dependency Scanning q... (gitlab-org/security-products/ci-templates!384 - merged) • Igor Frenkel)
Edited by Igor Frenkel