Skip to content

Add project to job token scope via GraphQL

What does this MR do?

In this MR we add a GraphQL mutation for a project maintainer to add another project to the current job token scope. The user must have:

  • maintainer permissions on the project defining the job token scope
  • at least guest access on the target project

Coming up next will be a MR that adds a RemoveProject mutation.

Screenshots (strongly suggested)

image

image

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

Does this MR contain changes to processing or storing of credentials or tokens, authorization and authentication methods or other items described in the security review guidelines? If not, then delete this Security section.

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by Alex Kalderimis

Merge request reports

Loading