Command to create a short-lived auth token

[ryanprior]

Every day, I use the GitLab web UI to create a short-lived token with permissions I need for that day. The token gets sent to one or more other machines and stored temporarily so that some semi-automated tools can act using my identity.

I've got the GitLab auth tokens page bookmarked, and I've gotten pretty fast at using it, but it would be even faster and more convenient to automate this with glab. I picture a flow like:

$ export GLAB_TOKEN=$(glab auth create-token --permit write_repository --ttl P1D)
$ echo GLAB_TOKEN
6be056f7e8d26680e96684c609c1

I specify permissions for the token and time to live as an ISO 8601 duration. Or after I'm done I could revoke the token explicitly:

$ glab auth revoke --token $GLAB_TOKEN
# or
$ echo $GLAB_TOKEN | glab auth revoke

I haven't researched yet what's possible to do using the GitLab API regarding tokens. If necessary I can open an issue over there as well.

[zemzale]

Hey @ryanprior.

So GitLab doesn't support creating personal access tokens programmatically using the API, only using the rails console, which is not a thing we are gonna even try to do because that is for GitLab administration and it can mess up the whole GitLab instance if you do something wrong. See here and here

BUT we can support creating a group or project access tokens using the API which would scope the API to a specific group or project. See here and here. I don't know if this is sufficient for your needs, but this can be done.

[clemsbot]

This issue has been automatically marked as stale because it has not had recent activity. We haven't had the time to address it yet, but we want to keep it open. This message is just a reminder for us to help triage issues.