Getting access token from cli for root user

To automate all the things that need to be done after setting up a new GitLab server (which we do often for testing purposes), it would be really good if I could get an access token for the root user from the cli.

I’m fine with using the rails console for it (I have root access to the server, so I could Reset the root password which it is documented how to do, when I can do that, there is no reason I should not be able to do anything else), but it’s hard to find any sort of documentation on what you can actually do in the rails console.

Any help? (I have seen

and the referenced script, but it seems wrong to through the web interface, and that would require me to do some work to give the mentioned test instances a valid SSL certificate.)


It’s been a while since you’ve posted this but have a look here:

1 Like

Why hasn’t anybody pointed me to that page before? It seems to contain a lot of valuable information, including the solution I needed when I posted that question (I guess so at least).

I believe I’ve mentioned it before, but I’ve inherited a GitLab setup without getting too much knowledge on how it was setup. Our configuration management contained code to execute something similar to what is in that page, except that it passed the raw token, and that stopped working about a year ago (probably with the release of 11.9 on 22 march 2019). Luckily by posting a question to your support, I got in touch with a supporter, who could tell me that I just needed to hash the token, with code similar to what is on that page.

Reading the rest of that page, has risen to a top priority of mine. Thank you very much for pointing me to that.

I’m glad to have helped, I know these things can get frustrating really quickly!

1 Like

Now I needed to point someone at that trick, and checked the page: That part has been removed :disappointed: So just to make sure the informaton stays somewhat available online, here’s the code from our configuration maagement:

command ["gitlab-rails","runner",User.admins.last.personal_access_tokens.create(name: 'apitoken', token_digest: Gitlab::CryptoHelper.sha256('#{token}'), impersonation: true, scopes: [:api])"]

(That is one line, I don’t understand the line breaks inserted)