Allow build user to push

revof11 · July 5, 2018, 3:21am

I set up my Pipeilne to run:

DO_BUMP_VERSION
git config user.email “whatever@myproject.org”
git config user.name “Build User”
git add VERSION
git commit -m “deploy version update [skip ci]”
git push -u origin master
BUILD_VERSIONED_ARTIFACT
DO_DEPLOY

Everything runs fine up until the push where I get:

remote: You are not allowed to upload code.
fatal: unable to access ‘https://gitlab-ci-token:xxxxxxxxxxxxxxxxxxxx@gitlab.com/user/project.git/’: The requested URL returned error: 403

I have the master branch protected; however, I would like to add the build user so that the VERSION file can be changed before my deployment. How can I add permissions for the build user to be able to push to the master branch?

ariel.barria · July 5, 2018, 2:55pm

Hello,

In your repository in the “settings/repository” section, you can expand the option “Protected Branches” and there you can add the specific user who whants to give you the permissions.

Example of url to get to the section of protected branches:

“https://gitlab.com/user/project/settings/repository”

Documentation that can be supported for more detail:

Regards

revof11 · July 5, 2018, 4:11pm

There’s no option for the default GitLab build user.

Would I need to add a whole new user and add an SSH key in there?

lewisxin · April 11, 2019, 8:01am

@revof11 Hi Revo, I am facing the same issue here. Any updates for the solution? thanks

revof11 · April 12, 2019, 12:59pm

Nothing yet - but I haven’t exactly tried in a while. I found some workarounds instead.

I had to get deep into some Bash Fu to do what I needed.

Cynan · December 6, 2019, 9:23am

Has anyone else managed to get this to work? I currently have:

protected master branch (with no one allowed to push)
using mvn release plugin

scm configured in the POM as:

<scm>
 <connection>scm:git:${env.CI_REPOSITORY_URL}</connection>
 <developerConnection>scm:git:${env.CI_REPOSITORY_URL}</developerConnection>
 <url>${env.CI_PROJECT_URL}</url>
</scm>

CI pipeline:

 - 'which ssh-agent || ( apk update && apk add openssh-client git )'
 - eval $(ssh-agent -s)
 - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
 - mkdir -p ~/.ssh
 - chmod 700 ~/.ssh
 - ssh-keyscan gitlab.com >> ~/.ssh/known_hosts
 - chmod 644 ~/.ssh/known_hosts
 - git remote set-url origin $CI_REPOSITORY_URL
 - git config --global user.email "<email to match private key>"
 - git config --global user.name "<name>"
 - mvn release:prepare release:perform

This push fails with:
`[ERROR] fatal: unable to access 'https://gitlab-ci-token:[MASKED]@gitlab.com/<path>/<project>.git/': The requested URL returned error: 403`

Topic		Replies	Views
Remote: You are not allowed to upload code. 403 GitLab CI/CD	4	69944	November 24, 2022
Gitlab API - Protected branches "allow devs to push to master" How to Use GitLab	2	1347	May 2, 2016
Remote: You are not allowed to upload code How to Use GitLab	4	11015	November 17, 2022
How to Restrict Access to User branches? How to Use GitLab	5	6523	March 9, 2023
Git push from inside a gitlab-runner GitLab CI/CD ci , runner	16	138301	March 13, 2024

Allow build user to push

Related topics