Deploy tokens¶
Deploy tokens allow read-only access to your repository and registry images without having a user and a password.
Deploy tokens¶
This endpoint requires admin access.
Reference¶
Examples¶
Use the list()
method to list all deploy tokens across the GitLab instance.
# List deploy tokens
deploy_tokens = gl.deploytokens.list()
Project deploy tokens¶
This endpoint requires project maintainer access or higher.
Reference¶
Examples¶
List the deploy tokens for a project:
deploy_tokens = project.deploytokens.list()
Get a deploy token for a project by id:
deploy_token = project.deploytokens.get(deploy_token_id)
Create a new deploy token to access registry images of a project:
In addition to required parameters name
and scopes
, this method accepts
the following parameters:
expires_at
Expiration date of the deploy token. Does not expire if no value is provided.username
Username for deploy token. Default isgitlab+deploy-token-{n}
deploy_token = project.deploytokens.create({'name': 'token1', 'scopes': ['read_registry'], 'username':'', 'expires_at':''})
# show its id
print(deploy_token.id)
# show the token value. Make sure you save it, you won't be able to access it again.
print(deploy_token.token)
Warning
With GitLab 12.9, even though username
and expires_at
are not required, they always have to be passed to the API.
You can set them to empty strings, see: https://gitlab.com/gitlab-org/gitlab/-/issues/211878.
Also, the username
’s value is ignored by the API and will be overridden with gitlab+deploy-token-{n}
,
see: https://gitlab.com/gitlab-org/gitlab/-/issues/211963
These issues were fixed in GitLab 12.10.
Remove a deploy token from the project:
deploy_token.delete()
# or
project.deploytokens.delete(deploy_token.id)
Group deploy tokens¶
Reference¶
Examples¶
List the deploy tokens for a group:
deploy_tokens = group.deploytokens.list()
Get a deploy token for a group by id:
deploy_token = group.deploytokens.get(deploy_token_id)
Create a new deploy token to access all repositories of all projects in a group:
In addition to required parameters name
and scopes
, this method accepts
the following parameters:
expires_at
Expiration date of the deploy token. Does not expire if no value is provided.username
Username for deploy token. Default isgitlab+deploy-token-{n}
deploy_token = group.deploytokens.create({'name': 'token1', 'scopes': ['read_repository'], 'username':'', 'expires_at':''})
# show its id
print(deploy_token.id)
Warning
With GitLab 12.9, even though username
and expires_at
are not required, they always have to be passed to the API.
You can set them to empty strings, see: https://gitlab.com/gitlab-org/gitlab/-/issues/211878.
Also, the username
’s value is ignored by the API and will be overridden with gitlab+deploy-token-{n}
,
see: https://gitlab.com/gitlab-org/gitlab/-/issues/211963
These issues were fixed in GitLab 12.10.
Remove a deploy token from the group:
deploy_token.delete()
# or
group.deploytokens.delete(deploy_token.id)