Allow `$CI_JOB_TOKEN` to access the "Download a single artifact file" endpoints of the Jobs Artifacts API
What does this MR do?
While trying to use the API endpoint, @calebw pointed out to me that these two routes don't allow the use of
$CI_JOB_TOKEN the same way the other two do, so with this MR I'm suggesting we add that.
Does this MR meet the acceptance criteria?
- Changelog entry
- Documentation (if required)
- Code review guidelines
- Merge request performance guidelines
- Style guides
- Database guides
- Separation of EE specific content
Availability and Testing
Note that I'm simply piggy-backing on the work done by other people and setting these two download API endpoints to the same access level as the other two. That said, there might have been good reasons not to do this; @steveazz might know.
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
Label as security and @ mention
- The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- Security reports checked/validated by a reviewer from the AppSec team
Closes #233795 (closed)