Clone another GitLab repository in GitLab CI script











up vote
-1
down vote

favorite












I've seen this: `git clone project2` in gitlab-ci.yml? as well as a bunch of similar posts with similar answers implying that one should use Git submodules.



Without getting into arguments about whether submodules in Git work well, in my case, that just isn't an option at all (what other project to check out depends on the arguments passed to the trigger of the job, or, at least, it should).



Another requirement is that I need to be able to track the user who started the chain of triggers. I.e. hard-coding my personal token, or just any token will not do it: I need GitLab to use the permissions of the user who executed the job in order to clone other repositories.



Short of giving up GitLab and looking for a mature CI alternative, is there any way to get this done?






gitlab







share|improve this question


























    up vote
    -1
    down vote

    favorite












    I've seen this: `git clone project2` in gitlab-ci.yml? as well as a bunch of similar posts with similar answers implying that one should use Git submodules.



    Without getting into arguments about whether submodules in Git work well, in my case, that just isn't an option at all (what other project to check out depends on the arguments passed to the trigger of the job, or, at least, it should).



    Another requirement is that I need to be able to track the user who started the chain of triggers. I.e. hard-coding my personal token, or just any token will not do it: I need GitLab to use the permissions of the user who executed the job in order to clone other repositories.



    Short of giving up GitLab and looking for a mature CI alternative, is there any way to get this done?






    gitlab







    share|improve this question
























      up vote
      -1
      down vote

      favorite









      up vote
      -1
      down vote

      favorite











      I've seen this: `git clone project2` in gitlab-ci.yml? as well as a bunch of similar posts with similar answers implying that one should use Git submodules.



      Without getting into arguments about whether submodules in Git work well, in my case, that just isn't an option at all (what other project to check out depends on the arguments passed to the trigger of the job, or, at least, it should).



      Another requirement is that I need to be able to track the user who started the chain of triggers. I.e. hard-coding my personal token, or just any token will not do it: I need GitLab to use the permissions of the user who executed the job in order to clone other repositories.



      Short of giving up GitLab and looking for a mature CI alternative, is there any way to get this done?






      gitlab







      share|improve this question













      I've seen this: `git clone project2` in gitlab-ci.yml? as well as a bunch of similar posts with similar answers implying that one should use Git submodules.



      Without getting into arguments about whether submodules in Git work well, in my case, that just isn't an option at all (what other project to check out depends on the arguments passed to the trigger of the job, or, at least, it should).



      Another requirement is that I need to be able to track the user who started the chain of triggers. I.e. hard-coding my personal token, or just any token will not do it: I need GitLab to use the permissions of the user who executed the job in order to clone other repositories.



      Short of giving up GitLab and looking for a mature CI alternative, is there any way to get this done?






      gitlab




      gitlab






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 20 at 10:42









      wvxvw

      8001420




      8001420
























          1 Answer
          1






          active

          oldest

          votes

















          up vote
          0
          down vote













          This should be possible using the gitlab-ci-token variable as documented here:



          git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com/myuser/mydependentrepo



          This issue discusses the permissions of the gitlab-ci-token, and in the proposal also mentions:





          1. We will authorize access to the resource by getting from Ci::Build information about a person who run this build, it could be: pusher of
            git push, person who did retry a build, person who did merge a changes







          share|improve this answer





















          • This almost gets me there, but I also need to have push permissions on other repositories (so, read-only won't be enough). A typical scenario: user submitted pull request, it was staged, tested, and now it needs to be rebased on master, but the master isn't in the repository against which the user submitted their PR.
            – wvxvw
            Nov 20 at 16:38










          • @wvxvw didn't realise about the push permissions. This sounds like it's getting out of scope for what GitLab CI is capable of without as you said, personal tokens. Are you sure you couldn't do this the other way around? Instead of cloning said repository, trigger the repository from the one you want to clone, and so you can handle rebasing from that repository? Although this suggestion is a stab in the dark as I don't know your full requirements.
            – Rekovni
            Nov 20 at 16:55










          • Nah, not really. The repository has at least these two projects (in reality there's more), which work as a client and server, and they need to be compiled (and updated) together, otherwise they won't work, but developers can contribute to either one of them.
            – wvxvw
            Nov 20 at 18:49











          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53391229%2fclone-another-gitlab-repository-in-gitlab-ci-script%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          up vote
          0
          down vote













          This should be possible using the gitlab-ci-token variable as documented here:



          git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com/myuser/mydependentrepo



          This issue discusses the permissions of the gitlab-ci-token, and in the proposal also mentions:





          1. We will authorize access to the resource by getting from Ci::Build information about a person who run this build, it could be: pusher of
            git push, person who did retry a build, person who did merge a changes







          share|improve this answer





















          • This almost gets me there, but I also need to have push permissions on other repositories (so, read-only won't be enough). A typical scenario: user submitted pull request, it was staged, tested, and now it needs to be rebased on master, but the master isn't in the repository against which the user submitted their PR.
            – wvxvw
            Nov 20 at 16:38










          • @wvxvw didn't realise about the push permissions. This sounds like it's getting out of scope for what GitLab CI is capable of without as you said, personal tokens. Are you sure you couldn't do this the other way around? Instead of cloning said repository, trigger the repository from the one you want to clone, and so you can handle rebasing from that repository? Although this suggestion is a stab in the dark as I don't know your full requirements.
            – Rekovni
            Nov 20 at 16:55










          • Nah, not really. The repository has at least these two projects (in reality there's more), which work as a client and server, and they need to be compiled (and updated) together, otherwise they won't work, but developers can contribute to either one of them.
            – wvxvw
            Nov 20 at 18:49















          up vote
          0
          down vote













          This should be possible using the gitlab-ci-token variable as documented here:



          git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com/myuser/mydependentrepo



          This issue discusses the permissions of the gitlab-ci-token, and in the proposal also mentions:





          1. We will authorize access to the resource by getting from Ci::Build information about a person who run this build, it could be: pusher of
            git push, person who did retry a build, person who did merge a changes







          share|improve this answer





















          • This almost gets me there, but I also need to have push permissions on other repositories (so, read-only won't be enough). A typical scenario: user submitted pull request, it was staged, tested, and now it needs to be rebased on master, but the master isn't in the repository against which the user submitted their PR.
            – wvxvw
            Nov 20 at 16:38










          • @wvxvw didn't realise about the push permissions. This sounds like it's getting out of scope for what GitLab CI is capable of without as you said, personal tokens. Are you sure you couldn't do this the other way around? Instead of cloning said repository, trigger the repository from the one you want to clone, and so you can handle rebasing from that repository? Although this suggestion is a stab in the dark as I don't know your full requirements.
            – Rekovni
            Nov 20 at 16:55










          • Nah, not really. The repository has at least these two projects (in reality there's more), which work as a client and server, and they need to be compiled (and updated) together, otherwise they won't work, but developers can contribute to either one of them.
            – wvxvw
            Nov 20 at 18:49













          up vote
          0
          down vote










          up vote
          0
          down vote









          This should be possible using the gitlab-ci-token variable as documented here:



          git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com/myuser/mydependentrepo



          This issue discusses the permissions of the gitlab-ci-token, and in the proposal also mentions:





          1. We will authorize access to the resource by getting from Ci::Build information about a person who run this build, it could be: pusher of
            git push, person who did retry a build, person who did merge a changes







          share|improve this answer












          This should be possible using the gitlab-ci-token variable as documented here:



          git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com/myuser/mydependentrepo



          This issue discusses the permissions of the gitlab-ci-token, and in the proposal also mentions:





          1. We will authorize access to the resource by getting from Ci::Build information about a person who run this build, it could be: pusher of
            git push, person who did retry a build, person who did merge a changes








          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Nov 20 at 14:41









          Rekovni

          1,0481228




          1,0481228












          • This almost gets me there, but I also need to have push permissions on other repositories (so, read-only won't be enough). A typical scenario: user submitted pull request, it was staged, tested, and now it needs to be rebased on master, but the master isn't in the repository against which the user submitted their PR.
            – wvxvw
            Nov 20 at 16:38










          • @wvxvw didn't realise about the push permissions. This sounds like it's getting out of scope for what GitLab CI is capable of without as you said, personal tokens. Are you sure you couldn't do this the other way around? Instead of cloning said repository, trigger the repository from the one you want to clone, and so you can handle rebasing from that repository? Although this suggestion is a stab in the dark as I don't know your full requirements.
            – Rekovni
            Nov 20 at 16:55










          • Nah, not really. The repository has at least these two projects (in reality there's more), which work as a client and server, and they need to be compiled (and updated) together, otherwise they won't work, but developers can contribute to either one of them.
            – wvxvw
            Nov 20 at 18:49


















          • This almost gets me there, but I also need to have push permissions on other repositories (so, read-only won't be enough). A typical scenario: user submitted pull request, it was staged, tested, and now it needs to be rebased on master, but the master isn't in the repository against which the user submitted their PR.
            – wvxvw
            Nov 20 at 16:38










          • @wvxvw didn't realise about the push permissions. This sounds like it's getting out of scope for what GitLab CI is capable of without as you said, personal tokens. Are you sure you couldn't do this the other way around? Instead of cloning said repository, trigger the repository from the one you want to clone, and so you can handle rebasing from that repository? Although this suggestion is a stab in the dark as I don't know your full requirements.
            – Rekovni
            Nov 20 at 16:55










          • Nah, not really. The repository has at least these two projects (in reality there's more), which work as a client and server, and they need to be compiled (and updated) together, otherwise they won't work, but developers can contribute to either one of them.
            – wvxvw
            Nov 20 at 18:49
















          This almost gets me there, but I also need to have push permissions on other repositories (so, read-only won't be enough). A typical scenario: user submitted pull request, it was staged, tested, and now it needs to be rebased on master, but the master isn't in the repository against which the user submitted their PR.
          – wvxvw
          Nov 20 at 16:38




          This almost gets me there, but I also need to have push permissions on other repositories (so, read-only won't be enough). A typical scenario: user submitted pull request, it was staged, tested, and now it needs to be rebased on master, but the master isn't in the repository against which the user submitted their PR.
          – wvxvw
          Nov 20 at 16:38












          @wvxvw didn't realise about the push permissions. This sounds like it's getting out of scope for what GitLab CI is capable of without as you said, personal tokens. Are you sure you couldn't do this the other way around? Instead of cloning said repository, trigger the repository from the one you want to clone, and so you can handle rebasing from that repository? Although this suggestion is a stab in the dark as I don't know your full requirements.
          – Rekovni
          Nov 20 at 16:55




          @wvxvw didn't realise about the push permissions. This sounds like it's getting out of scope for what GitLab CI is capable of without as you said, personal tokens. Are you sure you couldn't do this the other way around? Instead of cloning said repository, trigger the repository from the one you want to clone, and so you can handle rebasing from that repository? Although this suggestion is a stab in the dark as I don't know your full requirements.
          – Rekovni
          Nov 20 at 16:55












          Nah, not really. The repository has at least these two projects (in reality there's more), which work as a client and server, and they need to be compiled (and updated) together, otherwise they won't work, but developers can contribute to either one of them.
          – wvxvw
          Nov 20 at 18:49




          Nah, not really. The repository has at least these two projects (in reality there's more), which work as a client and server, and they need to be compiled (and updated) together, otherwise they won't work, but developers can contribute to either one of them.
          – wvxvw
          Nov 20 at 18:49


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.





          Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


          Please pay close attention to the following guidance:


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53391229%2fclone-another-gitlab-repository-in-gitlab-ci-script%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Wiesbaden

          Image
          Wappen Deutschlandkarte 50.0825 8.24 117 Koordinaten: 50° 5′  N , 8° 14′  O Basisdaten Bundesland: Hessen Regierungsbezirk: Darmstadt Höhe: 117 m ü. NHN Fläche: 203,93 km 2 Einwohner: 278.654 (31. Dez. 2017) [1] Bevölkerungsdichte: 1366 Einwohner je km 2 Postleitzahlen: 65183–65207, 55246, 55252 Vorlage:Infobox Gemeinde in Deutschland/Wartung/PLZ enthält Text Vorwahlen: 0611, 06122, 06127, 06134 Kfz-Kennzeichen: WI Gemeindeschlüssel: 06 4 14 000 LOCODE: DE WIB NUTS: DE714 Stadtgliederung: 26 Ortsbezirke Adresse der Stadtverwaltung: Schlossplatz 6 65183 Wiesbaden Webpräsenz: www.wiesbaden.de Oberbürgermeister: Sven Gerich (SPD) Lage der Landeshauptstadt Wiesbaden in Hessen und im Regierungsbezirk Darmstadt Offizielles Logo der Landeshauptstadt Wiesbaden Flagge der Landeshauptstadt Wiesbaden Wiesbaden is
          Read more

          Marschland

          Image
          Kilometerweite Marsch in den Vier- und Marschlanden am Elbdeich Die Wedeler Marschlandschaft in Schleswig-Holstein Der Hadelner Kanal zur Entwässerung der Marsch Die tief gelegene Marsch und ein Entwässerungskanal Das Schöpfwerk Otterndorf im Land Hadeln zur Entwässerung der Medem verfügte damals bereits über die größte Kreiselpumpe Europas. Das Schöpfwerk in Neuhaus für die Aue und des Neuhaus-Bülkauer Kanals Als Marsch(land) (v. niederdt., altsächs. mersc ) – auch Masch , Mersch oder Schwemmland genannt – bezeichnet man eine nacheiszeitlich entstandene geomorphologische Landform im Gebiet der nordwestdeutschen Küsten und Flüsse sowie vergleichbare Landformen weltweit. Inhaltsverzeichnis 1 Landschaft 2 Entstehung 3 Marschböden 4 Nutzung 5 Marschgebiete in Deutschland 6 Siehe auch 7 Literatur 8 Weblinks 9 Einzelnachweise Landschaft | Marschen sind generell flache Landstriche ohne natürliche Erhebungen. Si
          Read more

          Dieringhausen

          Image
          Dieringhausen Stadt Gummersbach 50.982777777778 7.5316666666667 165 Koordinaten: 50° 58′ 58″  N , 7° 31′ 54″  O Höhe: 165  (160–245)  m Einwohner: 5055  (30. Jun. 2016) Postleitzahl: 51645 Vorwahl: 02261 Lage von Dieringhausen in Gummersbach Im Hohl ca. 1927–1930 Ansicht von Südwesten bei Bünghausen Dieringhausen (im örtlichen Dialekt Dierkesen ) ist ein Ortsteil von Gummersbach im Oberbergischen Kreis, Regierungsbezirk Köln, Nordrhein-Westfalen (Deutschland). Inhaltsverzeichnis 1 Geographie 2 Geschichte 3 Kultur 3.1 Sehenswürdigkeiten 3.2 Regelmäßige Veranstaltungen 4 Infrastruktur und Wirtschaft 4.1 Verkehr 4.1.1 Schienen- und Busverkehr 4.1.2 Straßen 4.2 Öffentliche Einrichtungen 4.2.1 Schulen und Bildungseinrichtungen 4.2.2 Kirchliche Einrichtungen 5 Persönlichkeiten 5.1 In Dieringhausen geboren 5.2 In Dieringhausen gelebt 6 Einzelnachweise 7
          Read more