Use create_runner access token scope for registering gitlab runners

[gardar]

Summary

Now that gitlab has introduced the create_runner access token scope it would be great if it were possible to create runners using the new with "new" runner creation workflow using only that scope as currently it needs the api scope.

Issue Type

Feature Idea

Component Name

gitlab_runner

Additional Information

Code of Conduct

• I agree to follow the Ansible Code of Conduct

[ansibullbot]

Files identified in the description:

• plugins/modules/gitlab_runner.py

If these files are incorrect, please update the component name section of the description or use the !component bot command.

click here for bot help

[ansibullbot]

cc @Lunik @SamyCoenen @Shaps @lgatellier @marwatk @metanovii @nejch @scodeman @sh0shin @suukit @waheedi @zanssa
click here for bot help

[lgatellier]

Hi @gardar,

The create_runner scope allows to create a new runner, but does not allow to list and update runners, which is required for idempotency (a strong Ansible convention).

Thus, if you want to restrict the API token scope (for evident security reasons) and neither need to update your runner's details nor delete a runner, give it a try with read_api and create_runner scopes instead of api. Not 100% sure about it, but theorically, it would work. 👌