Validate token scopes in bulk_import service (!106849) · Merge requests · GitLab.org / GitLab

Carla Drago requested to merge 375057-only-validate-above-15-5 into master Dec 13, 2022

What does this MR do and why?

This change implements a token validation when creating the bulk_import service. We now validate the personal access token to ensure the 'api' scope is present if the import's source instance is GitLab version 15.5 or higher. Otherwise we skip the validation as the required endpoint will not be available on the source instance.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #375057 (closed)

Validate token scopes in bulk_import service

What does this MR do and why?

MR acceptance checklist

Merge request reports