Allow push to the own repo using CI_JOB_TOKEN API
Related to issue: #389060 (closed)
First iteration MR: !152096 (merged)
What does this MR do and why?
push_repository_for_job_token_allowed
The second iteration to introduce API for - Introduce a REST API to update
ci_push_repository_for_job_token_allowed
- Introduce a GraphQL mutation to update
pushRepositoryForJobTokenAllowed
- Add documentation around
ci_push_repository_for_job_token_allowed
- Update a documentation around
ci_pipeline_variables_minimum_override_role
MR acceptance checklist
Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
How to set up and validate locally
- REST API
curl --request PUT --header "PRIVATE-TOKEN: PAT_token" "http://gdk.test:3000/api/v4/projects/59" --form "ci_push_repository_for_job_token_allowed=true"
- GraphQL update mutation
mutation ProjectCiCdSettingsUpdate {
projectCiCdSettingsUpdate(
input:{
fullPath: "test_repository/push_to_own_repo",
pushRepositoryForJobTokenAllowed: true
}
)
{
errors
}
}
- GraphQL expose query:
query {
project(fullPath: "test_repository/push_to_own_repo") {
name,
ciCdSettings {
pushRepositoryForJobTokenAllowed
},
}
}
answer:
{
"data": {
"project": {
"name": "push_to_own_repo",
"ciCdSettings": {
"pushRepositoryForJobTokenAllowed": false
}
}
}
}
Edited by Dmytro Biryukov