我为我的团队成员提供了一个在 gitlab ci 中运行的 python 应用程序。该应用程序需要获取 ci 用户名并将其发送到我的后端存储。 现在我尝试过,
- GitLab 预定义变量 GITLAB_USER_LOGIN
但是这个环境变量可以被任何人修改。这不安全。
CI_JOB_TOKEN 的范围仅限于某些 API 端点 ( doc ),我无法访问 https://gitlab.com/api/v4/user/通过gitlab ci中的CI_JOB_TOKEN获取用户详细信息。
我不想要求用户设置个人访问 token 或任何额外信息。如何通过gitlab ci原始方式获取ci用户名?
最佳答案
您应该从相关项目中获取最后一个管道 ID:
GET /projects/:id/pipelines
示例输出:
{
"id": 48,
"iid": 13,
"project_id": 1,
"status": "pending",
"source": "web",
"ref": "new-pipeline",
"sha": "eb94b618fb5865b26e80fdd8ae531b7a63ad851a",
"web_url": "https://example.com/foo/bar/pipelines/48",
"created_at": "2016-08-12T10:06:04.561Z",
"updated_at": "2016-08-12T10:09:56.223Z"
}
示例:
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/pipelines" | jq '.[0].id
然后将其放入此 API 中:
GET /projects/:id/pipelines/:pipeline_id
示例输出:
{
"id": 46,
"iid": 11,
"project_id": 1,
"status": "success",
"ref": "main",
"sha": "a91957a858320c0e17f3a0eca7cfacbff50ea29a",
"before_sha": "a91957a858320c0e17f3a0eca7cfacbff50ea29a",
"tag": false,
"yaml_errors": null,
"user": {
"name": "Administrator",
"username": "root",
"id": 1,
"state": "active",
"avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon",
"web_url": "http://localhost:3000/root"
},
"created_at": "2016-08-11T11:28:34.085Z",
"updated_at": "2016-08-11T11:32:35.169Z",
"started_at": null,
"finished_at": "2016-08-11T11:32:35.145Z",
"committed_at": null,
"duration": 123.65,
"queued_duration": 0.010,
"coverage": "30.0",
"web_url": "https://example.com/foo/bar/pipelines/46"
}
示例:
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/pipelines/46" | jq '.user.username'
关于gitlab - 如何在GitLab CI中获取ci用户名?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/74958918/