Refactor GitLab access levels to log human-readable names

[Copilot]

GitLab access levels were logged as raw integers (e.g., accessLevel=30). This replaces them with human-readable names (e.g., accessLevel=Developer).

Changes

• pkg/gitlab/util/util.go: Added AccessLevelName(gitlab.AccessLevelValue) string helper mapping SDK constants to names (No access, Guest, Developer, Maintainer, etc.), with Unknown (N) fallback
• pkg/gitlab/enum/enum.go: Converted Int() log calls to Str() with AccessLevelName() for group and project access levels
• pkg/gitlab/renovate/privesc/privesc.go: Converted Any() log calls to Str() with AccessLevelName() across all 6 access level log sites
• pkg/gitlab/util/util_test.go: Table-driven tests for all 9 known levels + unknown fallback

Example

Before:

warn Project groupAccessLevel=30 projectAccessLevel=40

After:

warn Project groupAccessLevel=Developer projectAccessLevel=Maintainer

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• gitlab.com
  • Triggering command: /tmp/go-build1208580892/b2280/engine.test /tmp/go-build1208580892/b2280/engine.test -test.testlogfile=/tmp/go-build1208580892/b2280/testlog.txt -test.paniconexit0 -test.timeout=10m0s -test.v=true 8580892/b2017/_p-errorsas t ux-amd64/pkg/tool/linux_amd64/vet -errorsas ssSecurity/pipel-o t ux-amd64/pkg/too-trimpath -ato�� -bool t ux-amd64/pkg/tool/linux_amd64/compile -errorsas -ifaceassert t ux-amd64/pkg/too-buildtags (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Refactor Gitlab Access Levels In Logs</issue_title>
<issue_description>In some of the GitLab related commands we are logging the gitlab access levels as their respective number. For readability we should refactor all those instances into logging the access level human readable names.

Example:
0 (No access), 5 (Minimal access), 10 (Guest), 15 (Planner), 20 (Reporter), 30 (Developer), 40 (Maintainer), 50 (Owner)

Refactor all instances in the code to log the human readable access level name. Retrieve the names from the official gitlab sdk already in use, do not create theses constants yourself.</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes Refactor Gitlab Access Levels In Logs #562

---

📱 Kick off Copilot coding agent tasks wherever you are with GitHub Mobile, available on iOS and Android.

[Copilot]

Pull request overview

This PR improves GitLab-related log readability by replacing raw numeric access level values with human-readable names, making output easier to interpret during enumeration and exploit workflows.

Changes:

• Added a util.AccessLevelName(gitlab.AccessLevelValue) string helper with an unknown fallback.
• Updated GitLab enum and renovate privesc logging to emit access levels as strings instead of integers/Any().
• Added table-driven tests covering known access levels plus an unknown fallback.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File	Description
pkg/gitlab/util/util.go	Introduces AccessLevelName helper to map GitLab SDK access-level constants to readable names.
pkg/gitlab/util/util_test.go	Adds unit tests for known access levels and unknown fallback behavior.
pkg/gitlab/enum/enum.go	Updates token association logs to output access levels as readable strings.
pkg/gitlab/renovate/privesc/privesc.go	Updates privesc logs to output readable access level names across checks and fatal messages.