Skip to content

improve gitlab token usage #112

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Aug 23, 2025
Merged

improve gitlab token usage #112

merged 2 commits into from
Aug 23, 2025

Conversation

dacoburn
Copy link
Collaborator

Description

Improved GitLab token authentication to support both Bearer and PRIVATE-TOKEN authentication patterns with automatic detection and fallback.

Changes Made:

  • Smart Token Detection: Automatically detects token type and chooses appropriate authentication method:
    • CI_JOB_TOKEN: Uses Bearer authentication
    • Personal Access Tokens (glpat-*): Uses Bearer authentication
    • OAuth tokens (long alphanumeric): Uses Bearer authentication
    • Other tokens: Uses PRIVATE-TOKEN authentication
  • Automatic Fallback: If authentication fails with 401 error, automatically retries with alternative method
  • Updated GitlabClient: Applied same logic to GitlabClient class for consistency
  • Comprehensive Documentation: Added detailed GitLab token configuration section to README
  • Test Coverage: Added unit tests for authentication logic and integration tests for fallback mechanism

Benefits:

  • Maximum Compatibility: Works with all GitLab token types and configurations
  • Robust Authentication: Fallback mechanism ensures authentication succeeds even if initial detection is incorrect
  • Zero Configuration: Automatically handles authentication without user intervention
  • Better User Experience: Clear documentation and error handling

Public Changelog

Enhanced GitLab integration with intelligent token authentication that automatically detects and uses the appropriate authentication method (Bearer or PRIVATE-TOKEN) with automatic fallback for maximum compatibility across different GitLab configurations.

@dacoburn dacoburn requested a review from a team as a code owner August 23, 2025 14:14
@dacoburn dacoburn requested review from alxhotel and rchatrath7 and removed request for a team August 23, 2025 14:14
@github-actions GitHub Actions
Copy link

🚀 Preview package published!

Install with:

pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple socketsecurity==2.2.2.dev1

Docker image: socketdev/cli:pr-112

@dacoburn dacoburn mentioned this pull request Aug 23, 2025
Closed
@dacoburn dacoburn mentioned this pull request Aug 23, 2025
Closed
@dacoburn dacoburn merged commit a2d97ab into main Aug 23, 2025
6 checks passed
@dacoburn dacoburn deleted the doug/improve-gitlab-token-usage branch August 23, 2025 14:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@barslev barslev barslev approved these changes

@alxhotel alxhotel Awaiting requested review from alxhotel alxhotel is a code owner automatically assigned from SocketDev/eng

@rchatrath7 rchatrath7 Awaiting requested review from rchatrath7 rchatrath7 is a code owner automatically assigned from SocketDev/eng

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dacoburn @barslev