Composite identity should work on projects where project members cannot be added

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

There is a setting in GitLab that disables new project members from being added: https://docs.gitlab.com/user/group/access_and_permissions/#prevent-members-from-being-added-to-projects-in-a-group

Right now, this means that features which use composite identity will not work in projects that enable this setting

See bug report Slack thread

I tried several UI-based use cases including Issue-MR and the Jenkins-CI buttons and in each case, the Agent session gets opened, but never does anything at all, no logs, no nothing and eventually fails with no details.

This fails because composite identity requires that the service account being used is added to the project.

2 options:

1. Make the error for this scenario much clearer. Right now, it just silently fails.
2. Create the ability for composite identity service account users to be added to projects with this setting.