Hi,
I am using the CI_JOB_TOKEN with bazel to clone a second git repository within the same gitlab group. The basic setup for this to work is
git config --global url."https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com/".insteadOf "git@gitlab.com:"
which rewirtes all ssh urls of gitlab to https urls with basic authentication using the job token.
Up until a few days ago this worked without problems. I am aware, that with the 16.0 update the project (B), which is accessed needs to define a token access for the project which wants to access (A) it via the job token.
So far I’ve added the A to the token access list of B. I still get the access denied error, when running the CI job:
Error in fail: error running 'git fetch origin refs/heads/*:refs/remotes/origin/* refs/tags/*:refs/tags/*' while working with @hugo_geekdoc_theme:
remote: HTTP Basic: Access denied. The provided password or token is incorrect or your account has 2FA enabled and you must use a personal access token instead of a password. See https://gitlab.com/help/topics/git/troubleshooting_git#error-on-git-fetch-http-basic-access-denied
fatal: Authentication failed for 'https://gitlab.com/exb/documentation/hugo-geekdoc-exb.git/'
I am running this on Gitlab Saas with custom runners.
Running with gitlab-runner 15.11.0 (v15.11.0)
I did not find it in the changelog but is it necessary for the runners to also be on version 16.0 for this to work? I am asking because I have no access to the runner setup and would like to understand if this is the cause.