Reduce access_level requirements when using --dry-run #449

thompson-shaun · 2022-10-01T01:22:16Z

My team has a few projects where we require doing a --dry-run to obtain nextRelease information in an MR. Ideally we could use a token with reduced scope (say just read_repository and read_api).

As a test this snippet in verify.js worked well enough to pass local testing.

if(context.options.dryRun && ((projectAccess && projectAccess.access_level >= 10) || (groupAccess && groupAccess.access_level >= 10)))
{
  ...
}
else if(...existing check...)

Ultimately it would be great if #156 would get closed out by GitLab adding some functionality to adjust the CI_JOB_TOKEN scope.

The text was updated successfully, but these errors were encountered:

fgreinacher · 2022-10-04T20:35:55Z

This sounds like a very useful feature to me! PRs welcome :)

github-actions · 2022-11-03T14:05:23Z

🎉 This issue has been resolved in version 9.5.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

fgreinacher added the feature label Oct 4, 2022

thompson-shaun mentioned this issue Oct 5, 2022

feat(verify): Reduce access_level requirements when using --dry-run #452

Merged

fgreinacher closed this as completed in #452 Nov 3, 2022

github-actions bot added the released label Nov 3, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Reduce access_level requirements when using --dry-run #449

Reduce access_level requirements when using --dry-run #449

thompson-shaun commented Oct 1, 2022 •

edited

Loading

fgreinacher commented Oct 4, 2022

github-actions bot commented Nov 3, 2022

Reduce access_level requirements when using --dry-run #449

Reduce access_level requirements when using --dry-run #449

Comments

thompson-shaun commented Oct 1, 2022 • edited Loading

fgreinacher commented Oct 4, 2022

github-actions bot commented Nov 3, 2022

thompson-shaun commented Oct 1, 2022 •

edited

Loading