Get à 401 Unauthorized when trying to lint my gitlab-ci.yml (version 13.8)

Question

Since monday, I'm not able to use the lint CI API from gitlab, which is documented here https://docs.gitlab.com/ee/api/lint.html#validate-the-ci-yaml-configuration

I'm working on a self hosted gitlab, and we updated gitlab to the last version (13.8.4).

I've noticed that the documentation has changed between 13.8 and 13.9, they mentioned

Access to this endpoint requires authentication.

So I tried to generate a personal access token with full access (I'm admin), but I still get a 401.

Here is my try :

$ curl --header "Content-Type: application/json" --header "PRIVATE-TOKEN: P3r50Na1t0k3N" "https://my-domain.artips.fr/api/v4/ci/lint" --data '{"content": "{ \"image\": \"ruby:2.6\", \"services\": [\"postgres\"], \"before_script\": [\"bundle install\", \"bundle exec rake db:create\"], \"variables\": {\"DB_NAME\": \"postgres\"}, \"types\": [\"test\", \"deploy\", \"notify\"], \"rspec\": { \"script\": \"rake spec\", \"tags\": [\"ruby\", \"postgres\"], \"only\": [\"branches\"]}}"}'

# Result : {"message":"401 Unauthorized"}

# Other try

$ curl -X POST --header "Content-Type: application/json" --header "PRIVATE-TOKEN: P3r50Na1t0k3N" "https:///my-domain.artips.fr/api/v4/ci/lint" --data '{"content": "{ \"image\": \"ruby:2.6\", \"services\": [\"postgres\"], \"before_script\": [\"bundle install\", \"bundle exec rake db:create\"], \"variables\": {\"DB_NAME\": \"postgres\"}, \"types\": [\"test\", \"deploy\", \"notify\"], \"rspec\": { \"script\": \"rake spec\", \"tags\": [\"ruby\", \"postgres\"], \"only\": [\"branches\"]}}"}'

# same result: {"message":"401 Unauthorized"}

Has anyone run into the same problem ?

Thanks in advance

Takeshi

score 2 · Accepted Answer · answered Feb 21 '21 at 22:14

2

There is an ongoing issue regarding the CI Lint API endpoint. It seems that authentication for this endpoint doesn't work when "signing up" is disabled on on-premise Gitlab instance. I guess the issue will be fixed in future releases.

answered Feb 21 '21 at 22:14

Bertrand Martel

42,756
16
135
159

1

Thanks, I didn't found it. I'll wait for the fix – Tako Feb 22 '21 at 15:15

score 1 · Answer 2 · answered Feb 17 '21 at 11:47

1

The user token's scope must grant read/write permission to yout gitlab instance's API (as you may see in the picture). The user hasn't to be admin.

answered Feb 17 '21 at 11:47

Krischa Onarestlessday

487
6
16

Thanks for your response. I tried with the whole scopes checked, but still get à 401 – Tako Feb 17 '21 at 17:05

score 0 · Answer 3 · answered May 12 '22 at 02:56

import requests
import urllib.parse
from requests.auth import HTTPBasicAuth

url = 'https://gitlab.example.com/'
api = urllib.parse.urljoin(url, '/api/v4/projects')
private_token = 'xxx'
params = dict(private_token=private_token)
auth = HTTPBasicAuth('username', 'password')  # username and password, different from login account, generally provided from ops
response = requests.get(api, params, auth=auth)
print(response)
print(response.json())

Get à 401 Unauthorized when trying to lint my gitlab-ci.yml (version 13.8)

3 Answers3

Linked