Hi Compass community,
Based on the documentation, it is required to give Compass highly elevated permissions:
- do not set expiration date, leave it empty
- 🛑 set required scopes for the token to “api” and “write_repository”
- 🛑 select an owner role for the token
- have GitLab owner permissions for the group you want to connect
Why is this needed for, essentially, an IDP with DevEx/DORA Metrics BI Dashboard? Unfortunately, this requirement is currently halting the adoption of Compass. Similar tools like LinearB are fine with read-only access.
The only capability I could think of where write access would be needed is to add the `compass automatically.yml` file to repositories.
If this is the reason for owner + repo_write permissions, I think it could be a completely viable to just not use this feature.
