`remotes::install_gitlab()` cannot use gitlab's `CI_JOB_TOKEN` (as opposed to personal token)

[grochmal]

install_gitlab() works fine with personal and group tokens but if one tries to use a job token it fails the authentication.

This is really a GitLab problem due to how inconsistently they use their tokens. But here in remotes we will just need to hack it ourselves - similar to what for example uv does for python with their .netrc authentication.

The problem

Gitlab personal (and group) tokens are authenticated with the "Private-Token" HTTP header (docs).

But when running a gitlab CI job a specific job token - in the CI_JOB_TOKEN environment variable, that works as a temporary personal token, is created. Unfortunately one cannot use this token with remotes::install_gitlab() because the HTTP header used for this token is "Job-Token" (docs)

And remotes's code always hardcodes the HTTP header for gitlab authentication as follows:

download(dest, src, headers = c("Private-Token" = x$auth_token))

All instances of that call to download are in R/install-gitlab.R .

Could we have a way to change the HTTP header used depending on the token type?

I am keen on figuring out a way to do this myself. Will open a PR. But would like opinions on the best way to achieve it without breaking anything else in the code. Probably should use a different env variable, e.g. GITLAB_JOB instead of GITLAB_PAT

[grochmal]

Actually i just found this PR: #608

It attempts to use the CI_JOB_TOKEN and that is the one thing missing from that PR. I may try to improve that instead.