npm - gitlab-skill - Versions diffs - 1.0.0 - Mend

gitlab-skill 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/GITLAB_API_COMPREHENSIVE_GUIDE.md +3885 -0
package/PRACTICAL_SCRIPTS.md +1351 -0
package/QUICK_REFERENCE.md +682 -0
package/README.md +461 -0
package/SKILL.md +789 -0
package/SKILL_SETUP.md +50 -0
package/package.json +42 -0
package/scripts/install-skill.mjs +119 -0
package/skill-features/00-auth-and-bootstrap.md +81 -0
package/skill-features/01-discovery-and-projects.md +73 -0
package/skill-features/02-repository-and-code.md +101 -0
package/skill-features/03-issues-and-merge-requests.md +69 -0
package/skill-features/04-cicd-pipelines-jobs.md +86 -0
package/skill-features/05-security-and-vulnerabilities.md +125 -0
package/skill-features/06-graphql-and-glab-playbook.md +68 -0

package/SKILL_SETUP.md ADDED Viewed

@@ -0,0 +1,50 @@
+# SKILL Setup (Cursor, Claude, OpenClaw)
+## Estructura recomendada
+Fuente única en repo:
+- `SKILL.md` (índice/orquestación)
+- `skill-features/*.md` (módulos por feature)
+- `QUICK_REFERENCE.md`
+- `GITLAB_API_COMPREHENSIVE_GUIDE.md`
+- `PRACTICAL_SCRIPTS.md`
+Skill activa para Cursor en proyecto:
+- `.cursor/skills/gitlab-api-operations/SKILL.md`
+## Instalación por script (Node)
+```bash
+npm run install:cursor:project
+npm run install:cursor:user
+npm run install:claude:user
+npm run install:openclaw:user
+```
+Salida personalizada:
+```bash
+npm run install:custom
+# instala en dist/skill-custom
+```
+## Targets por defecto
+- Cursor (project): `.cursor/skills/gitlab-api-operations`
+- Cursor (user): `~/.cursor/skills/gitlab-api-operations`
+- Claude (user): `~/.claude/skills/gitlab-api-operations`
+- OpenClaw (user): `~/.openclaw/skills/gitlab-api-operations`
+## Uso recomendado en agentes
+1. Cargar `SKILL.md`.
+2. Cargar módulo de feature requerido (`skill-features/...`).
+3. Si se necesita detalle, consultar `QUICK_REFERENCE.md` o `GITLAB_API_COMPREHENSIVE_GUIDE.md`.
+4. Ejecutar flujos reproducibles desde `PRACTICAL_SCRIPTS.md`.
+## Notas
+- Si existe `openapi_v2.yaml`, usarlo como referencia local de precisión para REST.
+- Si no existe en destino, la skill funciona igual con los módulos y guías embebidas.

package/package.json ADDED Viewed

@@ -0,0 +1,42 @@
+{
+  "name": "gitlab-skill",
+  "version": "1.0.0",
+  "description": "Skill pack para operar GitLab por REST, GraphQL y CLI en Agentes de IA como Cursor/Claude/OpenClaw.",
+  "license": "MIT",
+  "type": "module",
+  "bin": {
+    "gitlab-skill-install": "scripts/install-skill.mjs"
+  },
+  "files": [
+    "SKILL.md",
+    "SKILL_SETUP.md",
+    "README.md",
+    "QUICK_REFERENCE.md",
+    "GITLAB_API_COMPREHENSIVE_GUIDE.md",
+    "PRACTICAL_SCRIPTS.md",
+    "skill-features",
+    "scripts/install-skill.mjs"
+  ],
+  "keywords": [
+    "gitlab",
+    "skill",
+    "cursor",
+    "claude",
+    "openclaw",
+    "rest-api",
+    "graphql",
+    "glab"
+  ],
+  "engines": {
+    "node": ">=18"
+  },
+  "scripts": {
+    "install:cursor:project": "node scripts/install-skill.mjs --agent cursor --scope project",
+    "install:cursor:user": "node scripts/install-skill.mjs --agent cursor --scope user",
+    "install:claude:user": "node scripts/install-skill.mjs --agent claude --scope user",
+    "install:openclaw:user": "node scripts/install-skill.mjs --agent openclaw --scope user",
+    "install:custom": "node scripts/install-skill.mjs --target-dir dist/skill-custom",
+    "pack:dry-run": "npm pack --dry-run",
+    "publish:public": "npm publish --access public"
+  }
+}

package/scripts/install-skill.mjs ADDED Viewed

@@ -0,0 +1,119 @@
+#!/usr/bin/env node
+import fs from "node:fs";
+import path from "node:path";
+import os from "node:os";
+const SKILL_NAME = "gitlab-api-operations";
+const ROOT = process.cwd();
+const FILES_TO_COPY = [
+  "SKILL.md",
+  "README.md",
+  "QUICK_REFERENCE.md",
+  "GITLAB_API_COMPREHENSIVE_GUIDE.md",
+  "PRACTICAL_SCRIPTS.md"
+];
+const DIRS_TO_COPY = [
+  "skill-features"
+];
+function parseArgs(argv) {
+  const out = {};
+  for (let i = 0; i < argv.length; i += 1) {
+    const a = argv[i];
+    if (a === "--agent") out.agent = argv[i + 1];
+    if (a === "--scope") out.scope = argv[i + 1];
+    if (a === "--target-dir") out.targetDir = argv[i + 1];
+  }
+  return out;
+}
+function resolveTarget({ agent, scope, targetDir }) {
+  if (targetDir) return path.resolve(ROOT, targetDir);
+  const home = os.homedir();
+  const sc = scope || "user";
+  if (agent === "cursor") {
+    if (sc === "project") return path.join(ROOT, ".cursor", "skills", SKILL_NAME);
+    return path.join(home, ".cursor", "skills", SKILL_NAME);
+  }
+  if (agent === "claude") {
+    return path.join(home, ".claude", "skills", SKILL_NAME);
+  }
+  if (agent === "openclaw") {
+    return path.join(home, ".openclaw", "skills", SKILL_NAME);
+  }
+  throw new Error("Agente no soportado. Usa --agent cursor|claude|openclaw o --target-dir.");
+}
+function ensureDir(dir) {
+  fs.mkdirSync(dir, { recursive: true });
+}
+function copyFile(srcRel, destRoot) {
+  const src = path.join(ROOT, srcRel);
+  const dest = path.join(destRoot, srcRel);
+  if (!fs.existsSync(src)) {
+    throw new Error(`No existe archivo requerido: ${srcRel}`);
+  }
+  ensureDir(path.dirname(dest));
+  fs.copyFileSync(src, dest);
+}
+function copyDir(srcRel, destRoot) {
+  const src = path.join(ROOT, srcRel);
+  const dest = path.join(destRoot, srcRel);
+  if (!fs.existsSync(src)) {
+    throw new Error(`No existe directorio requerido: ${srcRel}`);
+  }
+  fs.cpSync(src, dest, { recursive: true });
+}
+function writeManifest(destRoot, meta) {
+  const manifest = {
+    name: SKILL_NAME,
+    installedAt: new Date().toISOString(),
+    sourceRoot: ROOT,
+    ...meta,
+    files: FILES_TO_COPY,
+    dirs: DIRS_TO_COPY
+  };
+  fs.writeFileSync(
+    path.join(destRoot, "skill-install-manifest.json"),
+    JSON.stringify(manifest, null, 2),
+    "utf8"
+  );
+}
+function main() {
+  const args = parseArgs(process.argv.slice(2));
+  const target = resolveTarget(args);
+  ensureDir(target);
+  for (const f of FILES_TO_COPY) {
+    copyFile(f, target);
+  }
+  for (const d of DIRS_TO_COPY) {
+    copyDir(d, target);
+  }
+  writeManifest(target, {
+    agent: args.agent || "custom",
+    scope: args.scope || "n/a",
+    target
+  });
+  console.log(`[ok] Skill instalada en: ${target}`);
+  console.log("[ok] Archivos copiados: SKILL + features + referencias extendidas");
+}
+main();

package/skill-features/00-auth-and-bootstrap.md ADDED Viewed

@@ -0,0 +1,81 @@
+# Auth and Bootstrap
+## Objetivo
+Establecer un contexto reproducible para operar GitLab por REST, GraphQL y CLI sin interfaz web.
+## Variables runtime
+```bash
+export GITLAB_HOST="https://gitlab.com"
+export GITLAB_TOKEN="<personal_access_token>"
+export GITLAB_USER="<username>"
+export TARGET_PROJECT_PATH="group/project"
+export TARGET_GROUP_PATH="group"
+```
+## URL encoding de rutas namespaced
+```bash
+export PROJECT_ENC="$(python - <<'PY'
+import os, urllib.parse
+print(urllib.parse.quote(os.environ['TARGET_PROJECT_PATH'], safe=''))
+PY
+)"
+export GROUP_ENC="$(python - <<'PY'
+import os, urllib.parse
+print(urllib.parse.quote(os.environ['TARGET_GROUP_PATH'], safe=''))
+PY
+)"
+```
+## REST auth
+```bash
+curl --request GET \
+  --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/metadata"
+```
+## GraphQL auth
+```bash
+curl --request POST \
+  --url "$GITLAB_HOST/api/graphql" \
+  --header "Authorization: Bearer $GITLAB_TOKEN" \
+  --header "Content-Type: application/json" \
+  --data '{"query":"query { currentUser { id username name } }"}'
+```
+## glab auth
+```bash
+export GL_HOST="$GITLAB_HOST"
+export NO_PROMPT=true
+export GITLAB_TOKEN="$GITLAB_TOKEN"
+glab auth status || glab auth login
+```
+## Health checks minimos
+```bash
+# API metadata
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/metadata"
+# Usuario autenticado (GraphQL)
+curl --request POST --url "$GITLAB_HOST/api/graphql" \
+  --header "Authorization: Bearer $GITLAB_TOKEN" \
+  --header "Content-Type: application/json" \
+  --data '{"query":"query { currentUser { username } }"}'
+# CLI
+glab api "/user"
+```
+## Errores comunes
+- `401 Unauthorized`: token inválido, expirado o sin scope.
+- `403 Forbidden`: token válido pero sin permisos sobre recurso.
+- `404 Not Found`: path no encoded o recurso fuera de alcance.
+- `429 Too Many Requests`: aplicar backoff y reducir paralelismo.

package/skill-features/01-discovery-and-projects.md ADDED Viewed

@@ -0,0 +1,73 @@
+# Discovery and Projects
+## Objetivo
+Descubrir alcance (grupos/proyectos accesibles), resolver IDs y leer metadatos para alimentar flujos automáticos.
+## Endpoints base (REST)
+- `GET /api/v4/projects`
+- `GET /api/v4/projects/{id}`
+- `GET /api/v4/groups/{id}/projects`
+- `GET /api/v4/groups/{id}/subgroups`
+- `GET /api/v4/groups/{id}/descendant_groups`
+- `GET /api/v4/issues`
+- `GET /api/v4/merge_requests`
+## Ejemplos operativos
+### Listar proyectos visibles
+```bash
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects?membership=true&order_by=last_activity_at&sort=desc&per_page=100"
+```
+### Obtener proyecto por path o ID
+```bash
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC?statistics=true&license=true"
+```
+### Proyectos de grupo (incluyendo subgrupos)
+```bash
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/groups/$GROUP_ENC/projects?include_subgroups=true&with_security_reports=true&per_page=100"
+```
+### Jerarquía de grupos
+```bash
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/groups/$GROUP_ENC/subgroups?per_page=100"
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/groups/$GROUP_ENC/descendant_groups?per_page=100"
+```
+### Issues y MRs globales accesibles (usuario autenticado)
+```bash
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/issues?scope=all&state=opened&per_page=100"
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/merge_requests?scope=all&state=opened&per_page=100"
+```
+## Bootstrap para agentes (paso a paso)
+1. Resolver `GROUP_ENC` y/o `PROJECT_ENC`.
+2. Consultar proyecto `GET /projects/{id}`.
+3. Validar features activas (`issues_enabled`, `merge_requests_enabled`, `jobs_enabled`).
+4. Calcular alcance:
+   - proyecto único
+   - grupo completo
+   - grupo + descendientes
+5. Persistir mapa `{project_id, path_with_namespace, web_url, default_branch}`.
+## Buenas prácticas
+- Siempre usar `per_page` explícito.
+- Para conjuntos grandes, seguir header `Link` y paginar.
+- En errores, devolver request URL final sin token.

package/skill-features/02-repository-and-code.md ADDED Viewed

@@ -0,0 +1,101 @@
+# Repository and Code
+## Objetivo
+Inspeccionar y manipular contenido de repositorio: ramas, commits, archivos y comparaciones.
+## Endpoints clave
+- `GET /api/v4/projects/{id}/repository/tree`
+- `GET /api/v4/projects/{id}/repository/branches`
+- `GET /api/v4/projects/{id}/repository/branches/{branch}`
+- `POST /api/v4/projects/{id}/repository/branches/{branch}/protect`
+- `POST /api/v4/projects/{id}/repository/branches/{branch}/unprotect`
+- `GET /api/v4/projects/{id}/repository/commits`
+- `GET /api/v4/projects/{id}/repository/commits/{sha}`
+- `GET /api/v4/projects/{id}/repository/commits/{sha}/diff`
+- `GET /api/v4/projects/{id}/repository/compare`
+- `GET|HEAD|POST|PUT|DELETE /api/v4/projects/{id}/repository/files/{file_path}`
+- `GET /api/v4/projects/{id}/repository/files/{file_path}/raw`
+## Ejemplos
+### Tree recursivo
+```bash
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/repository/tree?ref=main&recursive=true&pagination=keyset&per_page=100"
+```
+### Branches
+```bash
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/repository/branches?search=release&per_page=100"
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/repository/branches/main"
+```
+### Commits y diff
+```bash
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/repository/commits?ref_name=main&per_page=100"
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/repository/commits/<sha>/diff"
+```
+### Compare
+```bash
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/repository/compare?from=main&to=feature-hardening&straight=false"
+```
+### Files API
+```bash
+export FILE_ENC="src%2Fmain.ts"
+# HEAD metadata
+curl --head --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/repository/files/$FILE_ENC?ref=main"
+# GET file object
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/repository/files/$FILE_ENC?ref=main"
+# GET raw
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/repository/files/$FILE_ENC/raw?ref=main"
+```
+### Crear/actualizar/eliminar archivo
+```bash
+# create
+curl --request POST --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --header "Content-Type: application/json" \
+  --data '{"branch":"main","commit_message":"create security note","content":"hardening checklist","encoding":"text"}' \
+  "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/repository/files/docs%2Fsecurity-checklist.md"
+# update
+curl --request PUT --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --header "Content-Type: application/json" \
+  --data '{"branch":"main","commit_message":"update security note","content":"updated checklist","encoding":"text"}' \
+  "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/repository/files/docs%2Fsecurity-checklist.md"
+# delete
+curl --request DELETE --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/repository/files/docs%2Fsecurity-checklist.md?branch=main&commit_message=remove%20note"
+```
+## Uso autónomo sugerido
+Para "revisar cambios sensibles":
+1. Obtener commits recientes.
+2. Traer diffs por commit.
+3. Filtrar paths críticos (`auth`, `payments`, `config`, `ci`).
+4. Reportar riesgos y archivos impactados.

package/skill-features/03-issues-and-merge-requests.md ADDED Viewed

@@ -0,0 +1,69 @@
+# Issues and Merge Requests
+## Objetivo
+Gestionar trabajo y code review por API: listar, crear y filtrar Issues y MRs a nivel global, grupo y proyecto.
+## Endpoints clave
+- Issues:
+  - `GET /api/v4/issues`
+  - `GET /api/v4/projects/{id}/issues`
+  - `POST /api/v4/projects/{id}/issues`
+  - `GET /api/v4/groups/{id}/issues`
+- Merge requests:
+  - `GET /api/v4/merge_requests`
+  - `GET /api/v4/projects/{id}/merge_requests`
+  - `POST /api/v4/projects/{id}/merge_requests`
+  - `GET /api/v4/groups/{id}/merge_requests`
+## Issues: ejemplos
+```bash
+# Issues globales
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/issues?scope=all&state=opened&order_by=updated_at&sort=desc&per_page=100"
+# Issues de proyecto filtrados
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/issues?state=opened&labels=bug,security&issue_type=issue&per_page=100"
+# Crear issue
+curl --request POST --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --header "Content-Type: application/json" \
+  --data '{"title":"Corregir validación JWT","description":"Se detecta bypass en middleware","labels":["security","backend"],"issue_type":"issue","confidential":true}' \
+  "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/issues"
+```
+## Merge requests: ejemplos
+```bash
+# MRs globales
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/merge_requests?scope=all&state=opened&per_page=100"
+# MRs de proyecto
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/merge_requests?state=opened&scope=all&order_by=updated_at&sort=desc&per_page=100"
+# Crear MR
+curl --request POST --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --header "Content-Type: application/json" \
+  --data '{"title":"fix: harden auth middleware","source_branch":"fix/auth-hardening","target_branch":"main","remove_source_branch":true,"squash":true,"labels":["security","hotfix"]}' \
+  "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/merge_requests"
+```
+## Filtros útiles para agentes
+- Issues:
+  - `state`, `labels`, `issue_type`, `author_id`, `assignee_id`, `created_after`, `updated_after`, `search`
+- MRs:
+  - `state`, `scope`, `author_id`, `reviewer_id`, `source_branch`, `target_branch`, `labels`, `wip`, `search`
+## Flujo autónomo recomendado
+Para "priorizar backlog de seguridad":
+1. Listar issues con label `security`.
+2. Ordenar por `updated_at` desc.
+3. Cruzar con MRs abiertos relacionados (`search` por IID/clave).
+4. Proponer plan de cierre (issue -> MR -> pipeline).

package/skill-features/04-cicd-pipelines-jobs.md ADDED Viewed

@@ -0,0 +1,86 @@
+# CI/CD Pipelines and Jobs
+## Objetivo
+Automatizar observabilidad y control de ejecución CI: pipelines, jobs, retries, cancelaciones, traces y variables.
+## Endpoints clave
+- `GET /api/v4/projects/{id}/pipelines`
+- `POST /api/v4/projects/{id}/pipeline`
+- `GET /api/v4/projects/{id}/pipelines/{pipeline_id}`
+- `GET /api/v4/projects/{id}/pipelines/{pipeline_id}/jobs`
+- `GET /api/v4/projects/{id}/pipelines/{pipeline_id}/variables`
+- `POST /api/v4/projects/{id}/pipelines/{pipeline_id}/retry`
+- `POST /api/v4/projects/{id}/pipelines/{pipeline_id}/cancel`
+- `GET /api/v4/projects/{id}/jobs`
+- `GET /api/v4/projects/{id}/jobs/{job_id}`
+- `GET /api/v4/projects/{id}/jobs/{job_id}/trace`
+- `POST /api/v4/projects/{id}/jobs/{job_id}/retry`
+- `POST /api/v4/projects/{id}/jobs/{job_id}/cancel`
+- `GET|POST /api/v4/projects/{id}/variables`
+## Ejemplos de consumo
+```bash
+# Pipelines fallidos recientes
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/pipelines?status=failed&order_by=updated_at&sort=desc&per_page=100"
+# Crear pipeline con variables
+curl --request POST --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --header "Content-Type: application/json" \
+  --data '{"ref":"main","variables":[{"key":"SECURITY_SCAN","value":"true","variable_type":"env_var"}]}' \
+  "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/pipeline"
+# Jobs de pipeline
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/pipelines/<pipeline_id>/jobs?per_page=100"
+# Jobs por scope
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/jobs?scope[]=failed&scope[]=running&per_page=100"
+# Trace de job
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/jobs/<job_id>/trace"
+```
+## Control de ejecución
+```bash
+# Retry/cancel pipeline
+curl --request POST --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/pipelines/<pipeline_id>/retry"
+curl --request POST --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/pipelines/<pipeline_id>/cancel"
+# Retry/cancel job
+curl --request POST --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/jobs/<job_id>/retry"
+curl --request POST --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/jobs/<job_id>/cancel"
+```
+## Variables de proyecto
+```bash
+# Listar
+curl --request GET --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --url "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/variables"
+# Crear
+curl --request POST --header "PRIVATE-TOKEN: $GITLAB_TOKEN" \
+  --header "Content-Type: application/json" \
+  --data '{"key":"DAST_MODE","value":"active","protected":false,"masked":false}' \
+  "$GITLAB_HOST/api/v4/projects/$PROJECT_ENC/variables"
+```
+## Flujo autónomo recomendado
+Para "diagnosticar fallos de pipeline":
+1. Listar pipelines `status=failed`.
+2. Tomar último `pipeline_id`.
+3. Listar jobs del pipeline y filtrar `status=failed`.
+4. Descargar `trace` del job fallido.
+5. Clasificar causa (test, build, auth, timeout, dependency).