Have a setup where argocd is deploying from gitlab and want to use third party deployment tracking.
I have everything in place allowing argocd to post the to the deployment api that is then used to co-ordinate further tasks.
The issue remaining is the scope of access.
token generated has api access and I really only need to to post to the /projects/:id/deployments endpoint
There are concerns about having a token that has full api access being used for such a limited task and I would like to continue the use of argocd notifications and satisfy the desire to minimise the impact of such a token with it’s access being compromised.
Any tips/thought most appreciated.