2.5k
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill openclaw/skills --skill glab-token- SKILL.md1.1 KB
Overview
This skill provides concise command guidance for managing glab tokens used with GitLab through the glab CLI. It covers creating, listing, revoking, and rotating personal, project, or group tokens and highlights common flags. The content is focused on practical usage examples and quick reference for developers and operations teams.
How this skill works
The skill explains the glab token subcommands and their standard flags. It describes how to create tokens by name, list existing tokens, revoke tokens by name or ID, and rotate tokens safely. It also notes repository selection via the --repo flag and points to built-in help for full flag details.
When to use it
- When you need to create a new personal, project, or group access token for automation or CI jobs.
- When auditing or listing current tokens to verify active credentials and scopes.
- When revoking compromised or unused tokens quickly from the CLI.
- When rotating tokens to maintain security without disrupting dependent services.
- When scripting or automating token lifecycle operations in deployment pipelines.
Best practices
- Use descriptive token names so you can identify purpose and owner when listing tokens.
- Rotate tokens regularly and coordinate rotations with dependent services to avoid outages.
- Revoke tokens immediately if you suspect compromise or when an integration is retired.
- Prefer scoped tokens with least privilege necessary for the job.
- Test token changes in a staging environment before applying to production.
Example use cases
- Create a CI token named ci-deploy for a specific repository before configuring a pipeline.
- List tokens to produce an inventory of active tokens during a security review.
- Revoke an old automation token by ID after migrating to a new service account.
- Rotate a deploy token regularly via a scheduled job to meet compliance requirements.
- Run glab token --help to embed exact command syntax into a script or documentation.
FAQ
Use the --repo flag with OWNER/REPO or GROUP/NAMESPACE/REPO formats; full URL or Git URL are also accepted.
Can I rotate a token without breaking running jobs?
Coordinate rotation with service owners and perform a staged rollout: create the new token, update consumers, then revoke the old token.