community.general.gitlab_group_access_token module – Manages GitLab group access tokens
Note
This module is part of the community.general collection (version 8.6.8).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.general
.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: community.general.gitlab_group_access_token
.
New in community.general 8.4.0
Synopsis
Creates and revokes group access tokens.
Requirements
The below requirements are needed on the host that executes this module.
python-gitlab >= 3.1.0
requests (Python library https://pypi.org/project/requests/)
Parameters
Parameter |
Comments |
---|---|
Access level of the access token. Choices:
|
|
GitLab CI job token for logging in. |
|
GitLab OAuth token for logging in. |
|
The password to use for authentication against the API. |
|
GitLab access token with API permissions. |
|
The resolvable endpoint for the API. |
|
The username to use for authentication against the API. |
|
The CA certificates bundle to use to verify GitLab server certificate. |
|
Expiration date of the access token in Make sure to quote this value in YAML to ensure it is kept as a string and not interpreted as a YAML date. |
|
ID or full path of group in the form of group/subgroup. |
|
Access token’s name. |
|
Whether the access token will be recreated if it already exists. When When When Choices:
|
|
Scope of the access token. Choices:
|
|
When When Choices:
|
|
Whether or not to validate SSL certs when supplying a HTTPS endpoint. Choices:
|
Attributes
Attribute |
Support |
Description |
---|---|---|
Support: full |
Can run in |
|
Support: none |
Will return details on what has changed (or possibly needs changing in |
Notes
Note
Access tokens can not be changed. If a parameter needs to be changed, an acceess token has to be recreated. Whether tokens will be recreated is controlled by the
recreate
option, which defaults tonever
.Token string is contained in the result only when access token is created or recreated. It can not be fetched afterwards.
Token matching is done by comparing
name
option.
Examples
- name: "Creating a group access token"
community.general.gitlab_group_access_token:
api_url: https://gitlab.example.com/
api_token: "somegitlabapitoken"
group: "my_group/my_subgroup"
name: "group_token"
expires_at: "2024-12-31"
access_level: developer
scopes:
- api
- read_api
- read_repository
- write_repository
state: present
- name: "Revoking a group access token"
community.general.gitlab_group_access_token:
api_url: https://gitlab.example.com/
api_token: "somegitlabapitoken"
group: "my_group/my_group"
name: "group_token"
expires_at: "2024-12-31"
scopes:
- api
- read_api
- read_repository
- write_repository
state: absent
- name: "Change (recreate) existing token if its actual state is different than desired state"
community.general.gitlab_group_access_token:
api_url: https://gitlab.example.com/
api_token: "somegitlabapitoken"
group: "my_group/my_group"
name: "group_token"
expires_at: "2024-12-31"
scopes:
- api
- read_api
- read_repository
- write_repository
recreate: state_change
state: present
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
API object. Only contains the value of the token if the token was created or recreated. Returned: success and |