Open GavinCS opened 1 month ago
Also noted that I can't use a service account token without an expiry date, which is allowed by gitlab
2024-07-19T17:35:36.511+0100 [DEBUG] secrets.gitlab.gitlab_3d07d388.gitlab.vault-plugin-secrets-gitlab: Current token info: error=<nil> token="map[access_level: created_at:2024-07-19T16:33:24.213Z expires_at:<nil> gitlab_revokes_token:false name:GITLAB AUTO ROTATE TOKEN parent_id: path: role_name: scopes:[api] token: token_id:+07 token_type:personal user_id:+07]" timestamp="2024-07-19T17:35:36.510+0100"
2024-07-19T17:35:36.513+0100 [DEBUG] secrets.gitlab.gitlab_3d07d388.gitlab.vault-plugin-secrets-gitlab: panic: runtime error: invalid memory address or nil pointer dereference
I'll have to take a look. Currently, have limited time due to the summer holidays.
@ilijamt thank you. I am currently working on a POC fix for non entry token. Are you happy for me to submit an MR?
Hey @GavinCS should look at this in the next couple of weeks.
Thanks @ilijamt I am using the forked version for now. We have had it running in our staging environment now for a week or so, will be able to confirm stability with hosted gitlab soon
Currently service accounts are being treated as users as per self hosted. However this does not allow for managing service account tokens on gitlab.com where the path is
/groups/:id/service_accounts/:user_id/personal_access_tokens/
This results in 403's
Would it be possible to add a new token type for service accounts?