rotating access tokens #3207
Unanswered
walterrowe
asked this question in
Q&A
rotating access tokens
#3207
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
I had this idea for a utility that would search a list of projects, or all projects in a group, for access tokens and rotate them. The script would also look for CI variables that refer to the old token value and replace it with the new token value. It also would produce a nice report showing which tokens were referenced in what CI variables by what projects.
The challenge I face is that the object returned by
project.access_tokens.get()(see GitLab Project Access Tokens API) doesn't include the current token secret value (likely for security reasons?). When we rotate a token we get the new token value, but we never see the prior token value. This makes it impossible to do what I envisioned.Now that access tokens have mandatory expiration dates we are forced to rotate them periodically. It would be nice to have a utility that would aid in this tedious maintenance process.
Does anyone in the community, or the project developers, have a suggestion for working around this?
Beta Was this translation helpful? Give feedback.
All reactions