WolfspyreLabs KibbleBowl / 2021 / December / Group Bots - Fun for the whole family / Group Bots - Fun for the whole family Testing gitlab group bots #The documentation for This is how we make group bots, according to the Gitlab Documentation and…. This is how we make project scoped tokens: project tokens The scope can be set, here’s the docs This is no longer relevant I believe #It appears that in Gitlab Issue 214045 / Gitlab Issue 214046 They have now allowed you to create bot/tokens in the UI. Create a group access token using UI #Introduced in GitLab 14.7. To create a group access token: # On the top bar, select Menu > Groups and find your group. On the left sidebar, select Settings > Access Tokens. Enter a name. The token name is visible to any user with permissions to view the group. Optional. 4. Enter an expiry date for the token. The token will expire on that date at midnight UTC. An instance-wide maximum lifetime setting can limit the maximum allowable lifetime in self-managed instances. Select a role for the token. Select the desired scopes. Select Create group access token. A group access token is displayed. Save the group access token somewhere safe. After you leave or refresh the page, you can’t view it again. admin = User.find(1) # group admin group = Group.find(3) # H&P Group bot = Users::CreateService.new(admin, { name: 'group_token', username: "group_#{group.id}_bot", email: "gitlab_group_#{group.id}_bot@wolfspaw.com", user_type: :project_bot }).execute # create the group bot user # bot.confirm # confirm the bot group.add_user(bot, :maintainer) # add the bot to the group at the desired access level token = bot.personal_access_tokens.create(scopes:[:api, :write_repository,:write_registry], name: 'group_3_bot_token') # give it a PAT gtoken = token.token # get the token value You get to this by running gitlab-rails console root@gitlab:/# gitlab-rails console -------------------------------------------------------------------------------- Ruby: ruby 2.7.5p203 (2021-11-24 revision f69aeb8314) [x86_64-linux] GitLab: 14.5.2-ee (4511944420f) EE GitLab Shell: 13.22.1 PostgreSQL: 12.7 -------------------------------------------------------------------------------- (...this takes a bit of time...) Loading production environment (Rails 6.1.4.1) irb(main):001:0> admin = User.find(1) Loading production environment (Rails 6.1.4.1) irb(main):001:0> admin = User.find(1) => #<User id:1 @gitlabadmin> irb(main):004:0> Group.find(4) => #<Group id:4 @wolfspyrelabs> irb(main):005:0> Group.find(5) irb(main):006:0> group = Group.find(3) => #<Group id:3 @hoof-and-paw> irb(main):007:0> bot = Users::CreateService.new(admin, { name: 'group_token', username: "group_#{group.id}_bot", email: " gitlab_group_#{group.id}_bot@wolfspaw.com", user_type: :project_bot }).execute => #<User id:10 @group_3_bot> irb(main):008:0> bot.confirm => true irb(main):009:0> group.add_user(bot, :maintainer) => #<GroupMember id: 88, access_level: 40, source_id: 3, source_type: "Namespace", user_id: 10, notification_level: 3, type: "GroupMember", created_at: "2021-12-10 23:12:58.917961334 +0000", updated_at: "2021-12-10 23:12:58.917961334 +0000", created_by_id: nil, invite_email: nil, invite_token: nil, invite_accepted_at: nil, requested_at: nil, expires_at: nil, ldap: false, override: false, invite_email_success: true, state: 0> irb(main):010:0> token = bot.personal_access_tokens.create(scopes:[:api, :write_repository,:write_registry], name: 'group_3_bot_token') => #<PersonalAccessToken id: 9, user_id: 10, name: "group_3_bot_token", revoked: false, expires_at: nil, created_at:... irb(main):011:0> gtoken = token.token => "glpat-sePcTM1UtCAJhwmH52Lf" irb(main):012:0> ~/Nextcloud/Git_Repos/hoof-and-paw/lichtenberg-skeleton (main)$ docker login gitlab.wolfspyre.io -user=botnamehere -p token-here docker pull gitlab.wolfspyre.io/hoof-and-paw/dependency_proxy/containers/node:16-alpine3.14 16-alpine3.14: Pulling from hoof-and-paw/dependency_proxy/containers/node 97518928ae5f: Pull complete 16a1a5057866: Pull complete ad8b526cbb1f: Pull complete 0328e268dee9: Pull complete Digest: sha256:8569c8f07454ec42501e5e40a680e49d3f9aabab91a6c149e309bac63a3c8d54 Status: Downloaded newer image for gitlab.wolfspyre.io/hoof-and-paw/dependency_proxy/containers/node:16-alpine3.14 gitlab.wolfspyre.io/hoof-and-paw/dependency_proxy/containers/node:16-alpine3.14