Deploy tokens

Deploy tokens allow read-only access to your repository and registry images

without having a user and a password.

Deploy tokens can be managed by maintainers only.

Deploy tokens

Reference

* v4 API:

+ :class:`gitlab.v4.objects.DeployToken`

+ :class:`gitlab.v4.objects.DeployTokenManager`

+ :attr:`gitlab.Gitlab.deploytokens`

* GitLab API: https://docs.gitlab.com/ce/api/deploy_tokens.html

Examples

Use the ``list()`` method to list all deploy tokens across the GitLab instance.

This requires admin access.

::

Project deploy tokens

Reference

* v4 API:

+ :class:`gitlab.v4.objects.ProjectDeployToken`

+ :class:`gitlab.v4.objects.ProjectDeployTokenManager`

+ :attr:`gitlab.v4.objects.Project.deploytokens`

* GitLab API: https://docs.gitlab.com/ce/api/deploy_tokens.html

Examples

List the deploy tokens for a project::

Create a new deploy token to access registry images of a project:

This method accepts the following none required parameters:

* ``name`` New deploy token’s name

* ``expires_at`` Expiration date for the deploy token. Does not expire if no value is provided.

* ``username`` Username for deploy token. Default is ``gitlab+deploy-token-{n}``

::

Revoke (delete) the deploy token::

Group deploy tokens

Reference

* v4 API:

+ :class:`gitlab.v4.objects.GroupDeployToken`

+ :class:`gitlab.v4.objects.GroupDeployTokenManager`

+ :attr:`gitlab.v4.objects.Group.deploytokens`

* GitLab API: https://docs.gitlab.com/ce/api/deploy_tokens.html

Examples

List the deploy tokens for a group::

Create a new deploy token to access all repositories of all projects in a group:

This method accepts the following none required parameters:

* ``name`` New deploy token’s name

* ``expires_at`` Expiration date for the deploy token. Does not expire if no value is provided.

* ``username`` Username for deploy token. Default is ``gitlab+deploy-token-{n}``

::

Revoke (delete) the deploy token::

self.deploytokens = objects.DeployTokenManager(self)

def test_deploy_tokens(self):

@urlmatch(

def resp_deploy_token_create(url, request):

headers = {"content-type": "application/json"}

content = """{

content = content.encode("utf-8")

return response(200, content, headers, None, 5, request)

with HTTMock(resp_deploy_token_create):

deploy_token = self.gl.projects.get(1, lazy=True).deploytokens.create(

{

"name": "test_deploy_token",

"expires_at": "2022-01-01T00:00:00.000Z",

"username": "custom-user",

"scopes": ["read_repository"],

}

)

self.assertIsInstance(deploy_token, ProjectDeployToken)

self.assertEqual(deploy_token.id, 1),

self.assertEqual(deploy_token.expires_at, "2022-01-01T00:00:00.000Z"),

self.assertEqual(deploy_token.username, "custom-user")

self.assertEqual(deploy_token.scopes, ["read_repository"])

class DeployToken(ObjectDeleteMixin, RESTObject):

pass

class DeployTokenManager(ListMixin, RESTManager):

_path = "/deploy_tokens"

_obj_cls = DeployToken

class ProjectDeployToken(ObjectDeleteMixin, RESTObject):

pass

class ProjectDeployTokenManager(ListMixin, CreateMixin, DeleteMixin, RESTManager):

_path = "/projects/%(project_id)s/deploy_tokens"

_from_parent_attrs = {"project_id": "id"}

_obj_cls = ProjectDeployToken

_create_attrs = (

("name", "expires_at", "username", "scopes",),

tuple(),

)

class GroupDeployToken(ObjectDeleteMixin, RESTObject):

pass

class GroupDeployTokenManager(ListMixin, CreateMixin, DeleteMixin, RESTManager):

_path = "/groups/%(group_id)s/deploy_tokens"

_from_parent_attrs = {"group_id": "id"}

_obj_cls = GroupDeployToken

_create_attrs = (

("name", "expires_at", "username", "scopes",),

tuple(),

)

("deploytokens", "GroupDeployTokenManager"),

("deploytokens", "ProjectDeployTokenManager"),

GITLAB_TAG="nightly"

deploy_token = admin_project.deploytokens.create(

{"name": "foo",

"username": "bar",

"expires_at": "2021-09-09",

"scopes": ["read_registry"]

}

)

assert len(admin_project.deploytokens.list()) == 1

assert gl.deploytokens.list() == admin_project.deploytokens.list()

deploy_token.delete()

assert len(admin_project.deploytokens.list()) == 0