Problem to solve
I want to extract group level CI/CD variables and this isn’t possible without Owner permissions on the group level. I am using a personal access token with all permissions. I would expect that this is enough to query the group level CI/CD variables, but it fails when not having the owner permission with an HTTP code 403.
In the documentation the management of group level CI/CD variables is only possible with an owner permission, but I only want to read them.
Is that behaviour expected or am I missing something?
BR,
Johannes
Steps to reproduce
Query variables via curl and a personal access token with all API permission, while having only Maintainer permissions on the group.
curl https://gitlab.REDACTED.com/api/v4/groups/GID/variables --header "Private-Token: REDACTED"
{"message":"403 Forbidden"}%
Versions
-
Self-managed
-
GitLab.com SaaS
GitLab: v16.10.0-ee
GitLab Runner, if self-hosted: gitlab-runner 16.9.0