Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature: Retrieve the job that generated a job token from /job api call #2849

Open
warmfusion opened this issue Apr 29, 2024 · 0 comments
Open

Feature: Retrieve the job that generated a job token from /job api call #2849

warmfusion opened this issue Apr 29, 2024 · 0 comments

Comments

@warmfusion
Copy link

Description of the problem, including code/CLI snippet

I'd like to use the gitlab /job api to extract context about a running job as part of a more elaborate script.

The jobs api documentation for the /job call suggests that its possible to obtain a summary of the Job thats being executed for the current CI_JOB_TOKEN context.

Expected Behavior

gl = gitlab.Gitlab('https://gitlab.example.com', job_token=ci_job_token)        
job = gl.job() # Returns ProjectJob (or similar)
API Response

Taken from the gitlab documentation...

{
  "commit": {
    "author_email": "admin@example.com",
    "author_name": "Administrator",
    "created_at": "2015-12-24T16:51:14.000+01:00",
    "id": "0ff3ae198f8601a285adcf5c0fff204ee6fba5fd",
    "message": "Test the CI integration.",
    "short_id": "0ff3ae19",
    "title": "Test the CI integration."
  },
  "coverage": null,
  "archived": false,
  "allow_failure": false,
  "created_at": "2015-12-24T15:51:21.880Z",
  "started_at": "2015-12-24T17:54:30.733Z",
  "finished_at": "2015-12-24T17:54:31.198Z",
  "erased_at": null,
  "duration": 0.465,
  "queued_duration": 0.123,
  "artifacts_expire_at": "2016-01-23T17:54:31.198Z",
  "id": 8,
  "name": "rubocop",
  "pipeline": {
    "id": 6,
    "project_id": 1,
    "ref": "main",
    "sha": "0ff3ae198f8601a285adcf5c0fff204ee6fba5fd",
    "status": "pending"
  },
  "ref": "main",
  "artifacts": [],
  "runner": null,
  "stage": "test",
  "status": "failed",
  "failure_reason": "script_failure",
  "tag": false,
  "web_url": "https://example.com/foo/bar/-/jobs/8",
  "project": {
    "ci_job_token_scope_enabled": false
  },
  "user": {
    "id": 1,
    "name": "Administrator",
    "username": "root",
    "state": "active",
    "avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon",
    "web_url": "http://gitlab.dev/root",
    "created_at": "2015-12-21T13:14:24.077Z",
    "bio": null,
    "location": null,
    "public_email": "",
    "skype": "",
    "linkedin": "",
    "twitter": "",
    "website_url": "",
    "organization": ""
  }
}

Use Case

As a tool developer
When my tool is invoked during a Ci/Cd Session
I want to use the gitlab-api to programatical extract context about the job process
So that I cannot be tricked by malicious users abusing the predefined variables

As a gitlab web service provider
When a user makes an API call to my service
and includes their CI_JOB_TOKEN as a secure parameter
I want to callback to the gitlab api to programatical extract additional required context about the job process

Specifications

  • python-gitlab version: 4.4.0
  • API version you are using (v3/v4): v4
  • Gitlab server version (or gitlab.com): 16.10
@warmfusion warmfusion changed the title Feature: Get Job Tokens Job Feature: Retrieve the job that generated a job token from /job api call May 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@warmfusion