GitLab has this nice 'deploy keys' feature useful for CI servers to have read and pull access to a repository as they usual don't need more than that. However, I need to create and push a tag to the repository to tag each release that is built from the 'master' branch.

To be more specific, I have a Jenkins job that will build a release version from the 'master' branch every time a build is triggered. If the job is successful, I want to tag the 'master' branch HEAD with the release number for future reference.

I believe I can't do this using the 'deploy keys' feature. So how do I go about and do this? I'm not sure I can create an extra user, just for this, and give him access to the project... Cause every user with GitLab access is tied to LDAP.

Any suggestions?

Update 2017: since GitLab 8.16 (January 2017), and issue 1376, you now can add deploy keys with write-access.

Original answer (2013): It is right a deploy key don't (and won't) have write access to a project (as mentioned in issue 2134).

That leaves you with:

• creating an LDAP generic account (if those accounts are authorized in your organization)
• creating a dummy account in a separate LDAP server (but the gitlab omniauth-ldap doesn't support multiple LDAP declaration).