CI/CD作业令牌的细粒度权限
- 层级:Free, Premium, Ultimate
- 提供:GitLab.com, GitLab 自托管, GitLab Dedicated
- 状态:Beta
您可以使用细粒度权限来明确允许访问有限的API端点集。这些权限会应用于指定项目中的CI/CD作业令牌。
此功能处于 beta 阶段。
向作业令牌允许列表添加细粒度权限
前提条件:
- 您必须至少拥有该项目的Maintainer角色。
- 您必须为项目启用细粒度权限的使用。
您可以向作业令牌允许列表中的组和项目添加细粒度权限。这使它们能够使用作业令牌访问特定项目资源,并能更精确地控制哪些资源可供这些组和项目使用。
要向作业令牌允许列表中的组或项目添加细粒度权限:
- 在左侧边栏中,选择 搜索或前往 并找到您的项目。
- 选择 设置 > CI/CD。
- 展开 作业令牌权限。
- 在 CI/CD作业令牌允许列表 部分,选择 添加。
- 从下拉列表中选择 组或项目。
- 输入现有组或项目的路径。
- 选择 细粒度权限。
- 授予权限给 可用的API端点。
- 选择 添加。
GitLab会将组和项目添加到作业令牌允许列表中,并附带指定的权限。该组或项目现在可以访问当前项目中任何允许的资源。
可用的API端点
以下是为CI/CD作业令牌提供的可用端点。
无 表示细粒度权限无法控制对此端点的访问。
| 权限 | 权限名称 | 路径 | 描述 |
|---|---|---|---|
| 部署:读写 | ADMIN_DEPLOYMENTS |
DELETE /projects/:id/deployments/:deployment_id |
删除特定部署 |
| 部署:读写 | ADMIN_DEPLOYMENTS |
POST /projects/:id/deployments/:deployment_id/approval |
批准或拒绝被阻止的部署 |
| 部署:读写 | ADMIN_DEPLOYMENTS |
PUT /projects/:id/deployments/:deployment_id |
更新部署 |
| 部署:读写,环境:读写 | ADMIN_DEPLOYMENTS, ADMIN_ENVIRONMENTS |
POST /projects/:id/deployments |
创建部署 |
| 部署:读 | READ_DEPLOYMENTS |
GET /projects/:id/deployments/:deployment_id/merge_requests |
与部署关联的合并请求列表 |
| 部署:读 | READ_DEPLOYMENTS |
GET /projects/:id/deployments/:deployment_id |
获取特定部署 |
| 部署:读 | READ_DEPLOYMENTS |
GET /projects/:id/deployments |
列出项目部署 |
| 环境:读写 | ADMIN_ENVIRONMENTS |
DELETE /projects/:id/environments/:environment_id |
删除环境 |
| 环境:读写 | ADMIN_ENVIRONMENTS |
DELETE /projects/:id/environments/review_apps |
删除多个已停止的审核应用 |
| 环境:读写 | ADMIN_ENVIRONMENTS |
POST /projects/:id/environments/:environment_id/stop |
停止环境 |
| 环境:读写 | ADMIN_ENVIRONMENTS |
POST /projects/:id/environments/stop_stale |
停止过时的环境 |
| 环境:读写 | ADMIN_ENVIRONMENTS |
POST /projects/:id/environments |
创建新环境 |
| 环境:读写 | ADMIN_ENVIRONMENTS |
PUT /projects/:id/environments/:environment_id |
更新现有环境 |
| 环境:读 | READ_ENVIRONMENTS |
GET /projects/:id/environments/:environment_id |
获取特定环境 |
| 环境:读 | READ_ENVIRONMENTS |
GET /projects/:id/environments |
列出环境 |
| 作业:读 | READ_JOBS |
GET /jobs/:id/artifacts |
下载作业的工件文件 |
| 作业:读 | READ_JOBS |
GET /projects/:id/jobs/:job_id/artifacts/*artifact_path |
从工件归档中下载特定文件 |
| 作业:读 | READ_JOBS |
GET /projects/:id/jobs/:job_id/artifacts |
从作业中下载工件归档 |
| 作业:读 | READ_JOBS |
GET /projects/:id/jobs/artifacts/:ref_name/download |
从作业中下载工件归档 |
| 作业:读 | READ_JOBS |
GET /projects/:id/jobs/artifacts/:ref_name/raw/*artifact_path |
从引用的工件归档中下载特定文件 |
| 无 | DELETE /projects/:id/registry/repositories/:repository_id/tags/:tag_name |
删除仓库标签 | |
| 无 | DELETE /projects/:id/registry/repositories/:repository_id/tags |
批量删除仓库标签 | |
| 无 | DELETE /projects/:id/registry/repositories/:repository_id |
删除仓库 | |
| 无 | GET /group/:id/-/packages/composer/*package_name |
组级别的Composer包端点(用于包版本元数据) | |
| 无 | GET /group/:id/-/packages/composer/p/:sha |
组级别的Composer包端点(用于包列表) | |
| 无 | GET /group/:id/-/packages/composer/p2/*package_name |
组级别的Composer v2包p2端点(用于包版本元数据) | |
| 无 | GET /group/:id/-/packages/composer/packages |
组级别的Composer包端点 | |
| 无 | GET /groups/:id/-/packages/npm/*package_name |
NPM注册表元数据端点 | |
| 无 | GET /groups/:id/-/packages/pypi/files/:sha256/*file_identifier |
从组中下载包文件 | |
| 无 | GET /groups/:id/-/packages/pypi/simple/*package_name |
PyPi简单组包端点 | |
| 无 | GET /groups/:id/-/packages/pypi/simple |
PyPi简单组索引端点 | |
| 无 | GET /job/allowed_agents |
获取当前代理 | |
| 无 | GET /job |
使用作业令牌获取当前作业 | |
| 无 | GET /packages/conan/v1/conans/search |
搜索包 | |
| 无 | GET /packages/conan/v1/ping |
测试Conan API连通性 | |
| 无 | GET /packages/conan/v1/users/authenticate |
通过conan CLI验证用户身份 | |
| 无 | GET /packages/conan/v1/users/check_credentials |
根据conan CLI检查有效用户凭证 | |
| 无 | GET /packages/npm/*package_name |
NPM注册表元数据端点 | |
| 无 | GET /projects/:id/packages/conan/v1/conans/search |
搜索包 | |
| 无 | GET /projects/:id/packages/conan/v1/ping |
测试Conan API连通性 | |
| 无 | GET /projects/:id/packages/conan/v1/users/authenticate |
通过conan CLI验证用户身份 |
| None | | GET /projects/:id/packages/conan/v1/users/check_credentials | 检查 Conan CLI 的有效用户凭证 |
| None | | GET /projects/:id/packages/conan/v2/conans/search | 搜索包 |
| None | | GET /projects/:id/packages/conan/v2/users/authenticate | 针对 Conan CLI 验证用户 |
| None | | GET /projects/:id/packages/conan/v2/users/check_credentials | 检查 Conan CLI 的有效用户凭证 |
| None | | GET /projects/:id/registry/repositories/:repository_id/tags/:tag_name | 获取仓库标签的详细信息 |
| None | | GET /projects/:id/registry/repositories/:repository_id/tags | 列出仓库的标签 |
| None | | GET /projects/:id/registry/repositories | 列出项目内的容器仓库 |
| None | | POST /internal/dast/site_validations/:id/transition | 将 DAST 站点验证转换到新状态。 |
| Packages: Read and write | ADMIN_PACKAGES | DELETE /groups/:id/-/packages/npm/-/package/*package_name/dist-tags/:tag | 删除给定标签 |
| Packages: Read and write | ADMIN_PACKAGES | DELETE /packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel | 删除包 |
| Packages: Read and write | ADMIN_PACKAGES | DELETE /packages/npm/-/package/*package_name/dist-tags/:tag | 删除给定标签 |
| Packages: Read and write | ADMIN_PACKAGES | DELETE /projects/:id/packages/:package_id/package_files/:package_file_id | 删除包文件 |
| Packages: Read and write | ADMIN_PACKAGES | DELETE /projects/:id/packages/:package_id | 删除项目包 |
| Packages: Read and write | ADMIN_PACKAGES | DELETE /projects/:id/packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel | 删除包 |
| Packages: Read and write | ADMIN_PACKAGES | DELETE /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/revisions/:recipe_revision/packages/:conan_package_reference/revisions/:package_revision | 删除包修订版 |
| Packages: Read and write | ADMIN_PACKAGES | DELETE /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/revisions/:recipe_revision | 删除配方修订版 |
| Packages: Read and write | ADMIN_PACKAGES | DELETE /projects/:id/packages/npm/-/package/*package_name/dist-tags/:tag | 删除给定标签 |
| Packages: Read and write | ADMIN_PACKAGES | POST /projects/:id/packages/composer | Composer 包注册端点 |
| Packages: Read and write | ADMIN_PACKAGES | POST /projects/:id/packages/pypi/authorize | 授权来自 workhorse 的 PyPi 包上传 |
| Packages: Read and write | ADMIN_PACKAGES | POST /projects/:id/packages/pypi | PyPi 包上传端点 |
| Packages: Read and write | ADMIN_PACKAGES | PUT /groups/:id/-/packages/npm/-/package/*package_name/dist-tags/:tag | 为给定的 NPM 包和版本创建或更新标签 |
| Packages: Read and write | ADMIN_PACKAGES | PUT /packages/conan/v1/files/:package_name/:package_version/:package_username/:package_channel/:recipe_revision/export/:file_name/authorize | Workhorse 授权 conan 配方文件 |
| Packages: Read and write | ADMIN_PACKAGES | PUT /packages/conan/v1/files/:package_name/:package_version/:package_username/:package_channel/:recipe_revision/export/:file_name | 上传配方包文件 |
| Packages: Read and write | ADMIN_PACKAGES | PUT /packages/conan/v1/files/:package_name/:package_version/:package_username/:package_channel/:recipe_revision/package/:conan_package_reference/:package_revision/:file_name/authorize | Workhorse 授权 conan 包文件 |
| Packages: Read and write | ADMIN_PACKAGES | PUT /packages/conan/v1/files/:package_name/:package_version/:package_username/:package_channel/:recipe_revision/package/:conan_package_reference/:package_revision/:file_name | 上传包文件 |
| Packages: Read and write | ADMIN_PACKAGES | PUT /packages/npm/-/package/*package_name/dist-tags/:tag | 为给定的 NPM 包和版本创建或更新标签 |
| Packages: Read and write | ADMIN_PACKAGES | PUT /projects/:id/packages/conan/v1/files/:package_name/:package_version/:package_username/:package_channel/:recipe_revision/export/:file_name/authorize | Workhorse 授权 conan 配方文件 |
| Packages: Read and write | ADMIN_PACKAGES | PUT /projects/:id/packages/conan/v1/files/:package_name/:package_version/:package_username/:package_channel/:recipe_revision/export/:file_name | 上传配方包文件 |
| Packages: Read and write | ADMIN_PACKAGES | PUT /projects/:id/packages/conan/v1/files/:package_name/:package_version/:package_username/:package_channel/:recipe_revision/package/:conan_package_reference/:package_revision/:file_name/authorize | Workhorse 授权 conan 包文件 |
| 包:读取与写入 | ADMIN_PACKAGES | PUT /projects/:id/packages/conan/v1/files/:package_name/:package_version/:package_username/:package_channel/:recipe_revision/package/:conan_package_reference/:package_revision/:file_name | 上传包文件 |
| 包:读取与写入 | ADMIN_PACKAGES | PUT /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/revisions/:recipe_revision/files/:file_name/authorize | Workhorse 授权 Conan 配方文件 |
| 包:读取与写入 | ADMIN_PACKAGES | PUT /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/revisions/:recipe_revision/files/:file_name | 上传配方包文件 |
| 包:读取与写入 | ADMIN_PACKAGES | PUT /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/revisions/:recipe_revision/packages/:conan_package_reference/revisions/:package_revision/files/:file_name/authorize | Workhorse 授权 Conan 包文件 |
| 包:读取与写入 | ADMIN_PACKAGES | PUT /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/revisions/:recipe_revision/packages/:conan_package_reference/revisions/:package_revision/files/:file_name | 上传包文件 |
| 包:读取与写入 | ADMIN_PACKAGES | PUT /projects/:id/packages/generic/:package_name/*package_version/(*path/):file_name/authorize | Workhorse 授权通用包文件 |
| 包:读取与写入 | ADMIN_PACKAGES | PUT /projects/:id/packages/generic/:package_name/*package_version/(*path/):file_name | 上传包文件 |
| 包:读取与写入 | ADMIN_PACKAGES | PUT /projects/:id/packages/maven/*path/:file_name/authorize | Workhorse 授权 Maven 包文件上传 |
| 包:读取与写入 | ADMIN_PACKAGES | PUT /projects/:id/packages/maven/*path/:file_name | 上传 Maven 包文件 |
| 包:读取与写入 | ADMIN_PACKAGES | PUT /projects/:id/packages/npm/-/package/*package_name/dist-tags/:tag | 为给定的 NPM 包和版本创建或更新标签 |
| 包:读取与写入 | ADMIN_PACKAGES | PUT /projects/:id/packages/npm/:package_name | 创建或弃用 NPM 包 |
| 包:只读 | READ_PACKAGES | GET /groups/:id/-/packages/maven/*path/:file_name | 在组级别下载 Maven 包文件 |
| 包:只读 | READ_PACKAGES | GET /groups/:id/-/packages/npm/-/package/*package_name/dist-tags | 获取给定 NPM 包的所有标签 |
| 包:只读 | READ_PACKAGES | GET /packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/digest | 配方摘要 |
| 包:只读 | READ_PACKAGES | GET /packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/download_urls | 配方下载 URL |
| 包:只读 | READ_PACKAGES | GET /packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/packages/:conan_package_reference/digest | 包摘要 |
| 包:只读 | READ_PACKAGES | GET /packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/packages/:conan_package_reference/download_urls | 包下载 URL |
| 包:只读 | READ_PACKAGES | GET /packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/packages/:conan_package_reference | 包快照 |
| 包:只读 | READ_PACKAGES | GET /packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/search | 获取包引用元数据 |
| 包:只读 | READ_PACKAGES | GET /packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel | 配方快照 |
| 包:只读 | READ_PACKAGES | GET /packages/conan/v1/files/:package_name/:package_version/:package_username/:package_channel/:recipe_revision/export/:file_name | 下载配方文件 |
| 包:只读 | READ_PACKAGES | GET /packages/conan/v1/files/:package_name/:package_version/:package_username/:package_channel/:recipe_revision/package/:conan_package_reference/:package_revision/:file_name | 下载包文件 |
| 包:只读 | READ_PACKAGES | GET /packages/maven/*path/:file_name | 在实例级别下载 Maven 包文件 |
| 包:只读 | READ_PACKAGES | GET /packages/npm/-/package/*package_name/dist-tags | 获取给定 NPM 包的所有标签 |
| 包:只读 | READ_PACKAGES | GET /projects/:id/packages/:package_id/package_files | 列出包文件 |
| 包:只读 | READ_PACKAGES | GET /projects/:id/packages/:package_id | 获取单个项目包 |
| 包:只读 | READ_PACKAGES | GET /projects/:id/packages/composer/archives/*package_name | Composer 包端点用于下载包归档 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/digest | 配方摘要 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/download_urls | 配方下载链接 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/packages/:conan_package_reference/digest | 包摘要 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/packages/:conan_package_reference/download_urls | 包下载链接 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/packages/:conan_package_reference | 包快照 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/search | 获取包引用元数据 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel | 配方快照 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v1/files/:package_name/:package_version/:package_username/:package_channel/:recipe_revision/export/:file_name | 下载配方文件 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v1/files/:package_name/:package_version/:package_username/:package_channel/:recipe_revision/package/:conan_package_reference/:package_revision/:file_name | 下载包文件 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/latest | 获取最新配方版本 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/revisions/:recipe_revision/files/:file_name | 下载配方文件 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/revisions/:recipe_revision/files | 列出配方文件 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/revisions/:recipe_revision/packages/:conan_package_reference/latest | 获取最新包版本 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/revisions/:recipe_revision/packages/:conan_package_reference/revisions/:package_revision/files/:file_name | 下载包文件 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/revisions/:recipe_revision/packages/:conan_package_reference/revisions/:package_revision/files | 列出包文件 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/revisions/:recipe_revision/packages/:conan_package_reference/revisions | 获取包版本列表 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/revisions/:recipe_revision/search | 获取包引用元数据 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/revisions | 获取版本列表 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/conan/v2/conans/:package_name/:package_version/:package_username/:package_channel/search | 获取包引用元数据 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/generic/:package_name/*package_version/(*path/):file_name | 下载包文件 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/go/*module_name/@v/:module_version.info | 版本元数据 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/go/*module_name/@v/:module_version.mod | 下载模块文件 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/go/*module_name/@v/:module_version.zip | 下载模块源码 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/go/*module_name/@v/list | 列表 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/maven/*path/:file_name | 在项目级别下载 Maven 包文件 |
| Packages: Read | READ_PACKAGES | GET /projects/:id/packages/npm/*package_name/-/*file_name | 下载 NPM 归档文件 |
| 包:读取 | READ_PACKAGES | GET /projects/:id/packages/npm/*package_name | NPM注册表元数据端点 |
| 包:读取 | READ_PACKAGES | GET /projects/:id/packages/npm/-/package/*package_name/dist-tags | 获取给定NPM包的所有标签 |
| 包:读取 | READ_PACKAGES | GET /projects/:id/packages/pypi/files/:sha256/*file_identifier | PyPI包下载端点 |
| 包:读取 | READ_PACKAGES | GET /projects/:id/packages/pypi/simple/*package_name | PyPI简单项目包端点 |
| 包:读取 | READ_PACKAGES | GET /projects/:id/packages/pypi/simple | PyPI简单项目索引端点 |
| 包:读取 | READ_PACKAGES | GET /projects/:id/packages | 获取项目包列表 |
| 包:读取 | READ_PACKAGES | POST /groups/:id/-/packages/npm/-/npm/v1/security/advisories/bulk | NPM注册表批量建议端点 |
| 包:读取 | READ_PACKAGES | POST /groups/:id/-/packages/npm/-/npm/v1/security/audits/quick | NPM注册表快速审计端点 |
| 包:读取 | READ_PACKAGES | POST /packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/packages/:conan_package_reference/upload_urls | 包上传 URL |
| 包:读取 | READ_PACKAGES | POST /packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/upload_urls | 配方上传 URL |
| 包:读取 | READ_PACKAGES | POST /packages/npm/-/npm/v1/security/advisories/bulk | NPM注册表批量建议端点 |
| 包:读取 | READ_PACKAGES | POST /packages/npm/-/npm/v1/security/audits/quick | NPM注册表快速审计端点 |
| 包:读取 | READ_PACKAGES | POST /projects/:id/packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/packages/:conan_package_reference/upload_urls | 包上传 URL |
| 包:读取 | READ_PACKAGES | POST /projects/:id/packages/conan/v1/conans/:package_name/:package_version/:package_username/:package_channel/upload_urls | 配方上传 URL |
| 包:读取 | READ_PACKAGES | POST /projects/:id/packages/npm/-/npm/v1/security/advisories/bulk | NPM注册表批量建议端点 |
| 包:读取 | READ_PACKAGES | POST /projects/:id/packages/npm/-/npm/v1/security/audits/quick | NPM注册表快速审计端点 |
| 流水线:读写 | ADMIN_PIPELINES | PUT /projects/:id/pipelines/:pipeline_id/metadata | 更新流水线元数据 |
| 流水线:读取 | READ_PIPELINES | GET /projects/:id/packages/:package_id/pipelines | 获取单个项目包的流水线 |
| 发布:读写 | ADMIN_RELEASES | DELETE /projects/:id/releases/:tag_name/assets/links/:link_id | 删除发布链接 |
| 发布:读写 | ADMIN_RELEASES | DELETE /projects/:id/releases/:tag_name | 删除发布 |
| 发布:读写 | ADMIN_RELEASES | POST /projects/:id/catalog/publish | 将新的组件项目发布作为版本发布到CI/CD目录 |
| 发布:读写 | ADMIN_RELEASES | POST /projects/:id/releases/:tag_name/assets/links | 创建发布链接 |
| 发布:读写 | ADMIN_RELEASES | POST /projects/:id/releases/:tag_name/evidence | 收集发布证据 |
| 发布:读写 | ADMIN_RELEASES | POST /projects/:id/releases | 创建发布 |
| 发布:读写 | ADMIN_RELEASES | PUT /projects/:id/releases/:tag_name/assets/links/:link_id | 更新发布链接 |
| 发布:读写 | ADMIN_RELEASES | PUT /projects/:id/releases/:tag_name | 更新发布 |
| 发布:读取 | READ_RELEASES | GET /projects/:id/releases/:tag_name/assets/links/:link_id | 获取发布链接 |
| 发布:读取 | READ_RELEASES | GET /projects/:id/releases/:tag_name/assets/links | 列出发布的链接 |
| 发布:读取 | READ_RELEASES | GET /projects/:id/releases/:tag_name/downloads/*direct_asset_path | 下载项目发布资产文件 |
| 发布:读取 | READ_RELEASES | GET /projects/:id/releases/:tag_name | 通过标签名称获取发布 |
| 发布:读取 | READ_RELEASES | GET /projects/:id/releases/permalink/latest(/)(*suffix_path) | 获取最新的项目发布 |
| 发布:读取 | READ_RELEASES | GET /projects/:id/releases | 列出发布 |
| 发布:读取 | READ_RELEASES | GET /projects/:id/repository/changelog | 为发布生成变更日志部分并返回 |
| 安全文件:读写 | ADMIN_SECURE_FILES | DELETE /projects/:id/secure_files/:secure_file_id | 移除安全文件 |
| 安全文件:读写 | ADMIN_SECURE_FILES | POST /projects/:id/secure_files | 创建安全文件 |
| 安全文件:读取 | READ_SECURE_FILES | GET /projects/:id/secure_files/:secure_file_id/download | 下载安全文件 |
| 安全文件:读取 | READ_SECURE_FILES | GET /projects/:id/secure_files/:secure_file_id | 获取项目中特定安全文件的详细信息 |
| 安全文件:读取 | READ_SECURE_FILES | GET /projects/:id/secure_files | 获取项目中的安全文件列表 |
| Terraform状态:读写 | ADMIN_TERRAFORM_STATE | DELETE /projects/:id/terraform/state/:name/lock | 解锁指定名称的Terraform状态 |
| Terraform状态:读写 | ADMIN_TERRAFORM_STATE | DELETE /projects/:id/terraform/state/:name/versions/:serial | 删除一个Terraform状态版本 |
| Terraform状态:读写 | ADMIN_TERRAFORM_STATE | DELETE /projects/:id/terraform/state/:name | 删除指定名称的Terraform状态 |
| Terraform状态:读写 | ADMIN_TERRAFORM_STATE | POST /projects/:id/terraform/state/:name/lock | 锁定指定名称的Terraform状态 |
| Terraform状态:读写 | ADMIN_TERRAFORM_STATE | POST /projects/:id/terraform/state/:name | 添加新的Terraform状态或更新现有状态 |
| Terraform状态:读取 | READ_TERRAFORM_STATE | GET /projects/:id/terraform/state/:name/versions/:serial | 获取一个Terraform状态版本 |
| Terraform状态:读取 | READ_TERRAFORM_STATE | GET /projects/:id/terraform/state/:name | 通过名称获取Terraform状态 |