I found a solution!
The idea is to use the gitlab rails console:
$ gitlab-rails console "
user = User.create();
user.name = '$(USERNAME)';
user.username = '$(USERNAME)';
user.password = '$(PASSWORD);
user.confirmed_at = '01/01/1961';
user.admin = true;
user.email = '$(USERNAME)@example.com';
user.save!;
puts 'User created';
token = user.personal_access_tokens.create(scopes: [:api], name: 'Automation token');
token.set_token('$(TOKEN)');
token.save!;
puts 'Token created';
"
And since I’m doing this in docker-compose:
$ docker-compose -p $MYPROJECT -f $MYCONFIG exec gitlab gitlab-rails console $THE_STRING_ABOVE
Since GitLab startup is pretty slow, this call fails for the first ~30 seconds. So far, I’m using a backoff-and-retry loop until it works. Interestingly, this works before the API becomes accessible (the API itself takes another ~30 seconds to be up and running).
With token $(TOKEN), I can now access a few APIs (possibly all, but I haven’t finished testing).