Allow API project access with ci_job_token for internal project or public project with member only access to repository or private project
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Summary
when accessing api from a build with ci_build_token as private token, access to the api works but the user role from the build initiator are not used.
Steps to reproduce
curl to api from within the gitlab-ci runner with the CI_BUILD_TOKEN and the project set as internal project or public project with member only access to repository or private project. see test project https://gitlab.com/dgoo2308/testapi_access
What is the current bug behavior?
returns 404 project not found as in: https://gitlab.com/dgoo2308/testapi_access/builds/12372605
What is the expected correct behavior?
returns the correct data as per: https://gitlab.com/dgoo2308/testapi_access/builds/12372737
Relevant logs and/or screenshots
When the project is an internal project or public project with member only access to repository or private project:
$ curl -H "PRIVATE-TOKEN: $CI_BUILD_TOKEN" "https://gitlab.com/api/v4/projects/2828837/repository/tags"
{"message":"404 Project Not Found"}"When the project is public with everyone that has access:
$ curl -H "PRIVATE-TOKEN: $CI_BUILD_TOKEN" "https://gitlab.com/api/v4/projects/2828837/repository/tags"
[{"name":"0.0.1","message":"test release","commit":{"id":"70e9ccd9d848ee6078ec861f9e16ac498a0245be","message":"Add readme.md","parent_ids":[],"authored_date":"2017-03-04T15:07:43.000+00:00","author_name":"Danny","author_email":"danny.goossen@gioxa.com","committed_date":"2017-03-04T15:07:43.000+00:00","committer_name":"Danny","committer_email":"danny.goossen@gioxa.com"},"release":{"tag_name":"0.0.1","description":"first release\r\n"}}]"Output of checks
This bug happens on GitLab.com
Possible fixes
(If you can, link to the line of code that might be responsible for the problem)