🏡 index : ~doyle/gitlab-cargo-shim.git 

# Creates a personal access token using the GitLab UI, given only a username + password combination. This is required
# when using the spawned instance of GitLab in smoke tests, as we only get back a password from the logs, and there's
# no way for us to authenticate with the GitLab API using just a password.
#
# Adapted from https://gist.github.com/gpocentek/bd4c3fbf8a6ce226ebddc4aad6b46c0a

import re
import sys
import os
import requests
import bs4

BASE_URL = "http://127.0.0.1"
SIGN_IN_URL = BASE_URL + "/users/sign_in"
PAT_URL = BASE_URL + "/-/user_settings/personal_access_tokens"

session = requests.Session()

# fetch CSRF for sign-in page
print('Fetching CSRF token from sign in page', file=sys.stderr)
sign_in_page = session.get(SIGN_IN_URL)
root = bs4.BeautifulSoup(sign_in_page.text, "html5lib")
csrf = root.find_all("meta", attrs={'name': 'csrf-token'})[0]['content']

if not csrf:
    print('Unable to find csrf token on sign in page', file=sys.stderr)
    sys.exit(1)

# login to gitlab using the ROOT_PASSWORD env var, storing the session token in our session object
sign_in_res = session.post(SIGN_IN_URL, data={
    'user[login]': 'root',
    'user[password]': os.environ['ROOT_PASSWORD'].strip(),
    'authenticity_token': csrf,
})

if sign_in_res.status_code != 200:
    print('Failed to login to GitLab instance', file=sys.stderr)
    sys.exit(1)

print('Successfully logged into GitLab, fetching CSRF token for PAT page', file=sys.stderr)

# fetch the csrf token for PAT creation
pat_page = session.get(PAT_URL)
root = bs4.BeautifulSoup(pat_page.text, "html5lib")
csrf = root.find_all("meta", attrs={'name': 'csrf-token'})[0]['content']

if not csrf:
    print('Unable to find csrf token on PAT creation page', file=sys.stderr)
    sys.exit(1)

print('Found CSRF token, creating PAT', file=sys.stderr)

# create the personal access token
response = session.post(PAT_URL, data={
    "personal_access_token[name]": "apitoken",
    "personal_access_token[scopes][]": "api",
    "authenticity_token": csrf,
})

personal_access_token = response.json()['new_token']
if not personal_access_token:
    print('Failed to find personal access token in response', file=sys.stderr)
    sys.exit(1)

print(personal_access_token)