There is a system user created with ci/cd role assigned. This user also is assigned to the team which has two applications linked (customer & provider). The team also has access to relevant environments.
The ci/cd role has these settings:
Record deployments and releases (unchecked)
Record deployments and releases for your team (checked)
Which means that this system user has to be able to mark the contracts for this team as deployed.
Problem
With the system user read/write token, I try to mark the provider's OAS contract as deployed. However the access is not granted - 403 is returned with the message:
status=403 Forbidden. Either you are using a read only token for a request that requires a write token (the most likely cause), or you do not have the required permissions.
Quick solution
I go to ci/cd role and change these settings:
Record deployments and releases (checked)
Record deployments and releases for your team (unchecked)
It starts to work after that.
Question
Is this expected behaviour? I've assumed that when the ci/cd role has just this Record deployments and releases for your team setting ticked, then you are limiting the system user to be able to act only on the team projects.
The setup
There is a
system user
created withci/cd
role assigned. This user also is assigned to theteam
which has twoapplications
linked (customer
&provider
). Theteam
also has access to relevantenvironments
.The
ci/cd
role has these settings:Which means that this system user has to be able to mark the contracts for this team as deployed.
Problem
With the system user read/write token, I try to mark the provider's OAS contract as deployed. However the access is not granted - 403 is returned with the message:
Quick solution
I go to
ci/cd
role and change these settings:It starts to work after that.
Question
Is this expected behaviour? I've assumed that when the ci/cd role has just this
Record deployments and releases for your team
setting ticked, then you are limiting the system user to be able to act only on the team projects.Thanks in advance!