Feature: Retrieve the job that generated a job token from /job api call #2849
Description
Description of the problem, including code/CLI snippet
I'd like to use the gitlab /job api to extract context about a running job as part of a more elaborate script.
The jobs api documentation for the /job call suggests that its possible to obtain a summary of the Job thats being executed for the current CI_JOB_TOKEN context.
Expected Behavior
gl = gitlab.Gitlab('https://gitlab.example.com', job_token=ci_job_token)
job = gl.job() # Returns ProjectJob (or similar)API Response
Taken from the gitlab documentation...
{
"commit": {
"author_email": "admin@example.com",
"author_name": "Administrator",
"created_at": "2015-12-24T16:51:14.000+01:00",
"id": "0ff3ae198f8601a285adcf5c0fff204ee6fba5fd",
"message": "Test the CI integration.",
"short_id": "0ff3ae19",
"title": "Test the CI integration."
},
"coverage": null,
"archived": false,
"allow_failure": false,
"created_at": "2015-12-24T15:51:21.880Z",
"started_at": "2015-12-24T17:54:30.733Z",
"finished_at": "2015-12-24T17:54:31.198Z",
"erased_at": null,
"duration": 0.465,
"queued_duration": 0.123,
"artifacts_expire_at": "2016-01-23T17:54:31.198Z",
"id": 8,
"name": "rubocop",
"pipeline": {
"id": 6,
"project_id": 1,
"ref": "main",
"sha": "0ff3ae198f8601a285adcf5c0fff204ee6fba5fd",
"status": "pending"
},
"ref": "main",
"artifacts": [],
"runner": null,
"stage": "test",
"status": "failed",
"failure_reason": "script_failure",
"tag": false,
"web_url": "https://example.com/foo/bar/-/jobs/8",
"project": {
"ci_job_token_scope_enabled": false
},
"user": {
"id": 1,
"name": "Administrator",
"username": "root",
"state": "active",
"avatar_url": "http://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80&d=identicon",
"web_url": "http://gitlab.dev/root",
"created_at": "2015-12-21T13:14:24.077Z",
"bio": null,
"location": null,
"public_email": "",
"skype": "",
"linkedin": "",
"twitter": "",
"website_url": "",
"organization": ""
}
}Use Case
As a tool developer
When my tool is invoked during a Ci/Cd Session
I want to use the gitlab-api to programatical extract context about the job process
So that I cannot be tricked by malicious users abusing the predefined variables
As a gitlab web service provider
When a user makes an API call to my service
and includes their CI_JOB_TOKEN as a secure parameter
I want to callback to the gitlab api to programatical extract additional required context about the job process
Specifications
- python-gitlab version: 4.4.0
- API version you are using (v3/v4): v4
- Gitlab server version (or gitlab.com): 16.10