ArgoCD fails to add a GitLab-hosted repository using standard authentication methods (Deployment token, project token, group token, or SSH). Only a personal token from a user with GitLab system-wide Administrator role seems to work. Using such a token in ArgoCD's repository setup poses a security risk. GitLab version is GitLab Enterprise Edition v16.8.1-ee, and ArgoCD version is v2.10.1+a79e0ea, installed using the HELM chart. The error "rpc error: code = Unknown desc = error testing repository connectivity: repository not found" is received when attempting to add the repository.
To Reproduce
On the GitLab project, obtain the repository URL for HTTPS – the same URL used for cloning the repository.
Create an Access Token in the GitLab project by going to 'Settings' > 'Access Tokens'. Set the token name and assign appropriate privileges, ensuring "read_api" and "read_repository" scopes are selected.
In ArgoCD's UI, go to 'Settings' > 'Repositories' to connect the repository. Use HTTPS, input the project and repository URL as obtained before. Use the token name as the username and the generated token as the password.
Attempting to add the repository in ArgoCD fails, producing an error. Retrieve the error details from the argocd-server pod logs.
Expected behavior
The expected behavior for ArgoCD when adding a GitLab-hosted repository is to successfully connect using various authentication methods, such as Deployment tokens, project tokens, group tokens, or SSH keys, without requiring elevated permissions like a GitLab system-wide administrator role. The process should be secure, not exposing the system to unnecessary risks, and should allow for the use of least-privilege tokens that have just enough permissions to read the repository and API.
Checklist:
argocd version
.Describe the bug
ArgoCD fails to add a GitLab-hosted repository using standard authentication methods (Deployment token, project token, group token, or SSH). Only a personal token from a user with GitLab system-wide Administrator role seems to work. Using such a token in ArgoCD's repository setup poses a security risk. GitLab version is GitLab Enterprise Edition v16.8.1-ee, and ArgoCD version is v2.10.1+a79e0ea, installed using the HELM chart. The error "rpc error: code = Unknown desc = error testing repository connectivity: repository not found" is received when attempting to add the repository.
To Reproduce
Expected behavior
The expected behavior for ArgoCD when adding a GitLab-hosted repository is to successfully connect using various authentication methods, such as Deployment tokens, project tokens, group tokens, or SSH keys, without requiring elevated permissions like a GitLab system-wide administrator role. The process should be secure, not exposing the system to unnecessary risks, and should allow for the use of least-privilege tokens that have just enough permissions to read the repository and API.
Screenshots
None
Version
Logs