🚀 Feature: Use user gitlab token for register existing component (catalog import)

[Yghore]

🔖 Feature description

You should add possibility of use user token for get yaml file into repository for registing existing component.

🎤 Context

• Avoid a static gitlab token
• Use user repository permission for allow/deny add a component

✌️ Possible Implementation

app-config.production.yaml

catalog:
  rules:
    - allow: ["Component", "User", "Group"]
      useUserToken: true # true = user token, false = global token
      locations:
        - type: url
          pattern: https://gitlab.example.com/**

👀 Have you spent some time to check if this feature request has been raised before?

• I checked and didn't find similar issue

🏢 Have you read the Code of Conduct?

• I have read the Code of Conduct

Are you willing to submit PR?

No, but I'm happy to collaborate on a PR with someone else

[Rugvip]

This could be nice, but it is hard to implement currently. The tricky part is that the user tokens will expire, so we really need to be storing and using the user refresh tokens for offline access, which we currently don't have any infra for.

I'm also a bit torn on whether it actually makes sense in practice. It seems like it would introduce issues for example with certain users being responsible for a lot of components, potentially leading to rate limiting issues because user tokens generally have lower rate limits than other types of integrations. It'd also be a problem to off-board users, where ingestion might suddenly start failing.

[Rugvip]

Some more info discussed as part of #24815: GitLab invalidates existing access and refresh tokens when any form of new session is created. That effectively means that this isn't possible to implement for GitLab in a clean way without requiring additional auth integrations.

[Yghore]

Okay ! Thank you for your comeback.

[freben]

Closing as responded to!