we are getting 500 errors on pushing tags from gitlab-ci
$ git push origin HEAD:$CI_COMMIT_REF_NAME --tags
error: RPC failed; HTTP 500 curl 22 The requested URL returned error: 500
fatal: the remote end hung up unexpectedly
fatal: the remote end hung up unexpectedly
$CI_JOB_TOKEN that is used inside gitlab-ci pipelines doesn’t have write permissions.
There’s a request for adding this: https://gitlab.com/gitlab-org/gitlab/-/issues/35067
The path would be creating a deploy token with write permissions and adding this to CI environment variables so the agent could use this to write tags.
Based on GitLab CI/CD job token | GitLab it appears additional permissions have been implemented:
The token has the same permissions to access the API as the user that caused the job to run. A user can cause a job to run by taking action like pushing a commit, triggering a manual job, or being the owner of a scheduled pipeline. Therefore, this user must be assigned to a role that has the required privileges.