Skip to content

gitlab-lint: Drop since available tokens are not enough

Emanuele Aina requested to merge wip/em/drop-broken-ci-lint into apertis/v2022dev1

After the GitLab "Unauthenticated CI lint API may lead to information disclosure and SSRF" fix shipped with version 13.8.4 the ci/lint endpoints requires authentication but:

  1. $CI_JOB_TOKEN is not enough
  2. $TEST_GITLAB_AUTH_TOKEN is not enough either, some extra permissions are required

Given that the YAML will get executed in the same pipeline, let's just drop the lint CI job rather than granting more permissions than necessary.

Merge request reports

Loading