Collectives™ on Stack Overflow
Find centralized, trusted content and collaborate around the technologies you use most.
Learn more about Collectives
Teams
Q&A for work
Connect and share knowledge within a single location that is structured and easy to search.
Learn more about Teams
I want to clone GitLab repository without prompt for my automation script, by using my private token from my GitLab account.
Can someone provide me a sample?
I know I can do so with user and password:
git clone https://" + user + ":" + password + "@" + gitlaburl;
and I know it is possible with ssh key
But, both options are insufficient.
–
–
I tested only the Personal Access Token using GitLab Community Edition 10.1.2, the example:
git clone https://gitlab-ci-token:${Personal Access Tokens}@gitlab.com/username/myrepo.git
git clone https://oauth2:${Personal Access Tokens}@gitlab.com/username/myrepo.git
or using username and password:
git clone https://${username}:${password}@gitlab.com/username/myrepo.git
or by input your password:
git clone https://${username}@gitlab.com/username/myrepo.git
But the private token seems can not work.
–
–
–
Use the token instead of the password (the token needs to have "api" scope for clone to be allowed):
git clone https://username:token@gitlab.com/user/repo.git
Tested against 11.0.0-ee.
–
–
–
–
If you already has a repository and just changed the way you do authentication to MFA, u can change your remote origin HTTP URI to use your new api token as follows:
git remote set-url origin https://oauth2:TOKEN@ANY_GIT_PROVIDER_DOMAIN/YOUR_PROJECT/YOUR_REPO.git
And you wont need to re-clone the repository at all.
–
You can use the runners token for CI/CD Pipelines of your GitLab repo.
git clone https://gitlab-ci-token:<runners token>@git.example.com/myuser/myrepo.git
Where <runners token> can be obtained from:
git.example.com/myuser/myrepo/pipelines/settings
or by clicking on the Settings icon -> CI/CD Pipeline and look for Runners Token on the page
Screenshot of the runners token location:
–
Many answers above are close, but they get ~username syntax for deploy tokens incorrect. There are other types of tokens, but the deploy token is what gitlab offers (circa 2020+ at least) per repo to allow customized access, including read-only.
From a repository (or group), find the settings --> repository --> deploy tokens. Create a new one. A username and token field are created. The username is NOT a fixed value by default; it's unique to this token.
git clone https://<your_deploy_token_username>:<the_token>@gitlab.com/your/repo/path.git
Tested on gitlab.com public, free account.
One possible way is using a deploy token
(https://docs.gitlab.com/ee/user/project/deploy_tokens). After creating the token, use:
git clone https://<username>:<deploy_token>@gitlab.example.com/tanuki/awesome_project.git
as mentioned in the link above.
–
Inside a GitLab CI pipeline the CI_JOB_TOKEN environment variable works for me:
git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com/...
Source: Gitlab Docs
BTW, setting this variable in .gitlab-ci.yml helps to debug errors.
variables:
CI_DEBUG_TRACE: "true"
As of 8.12, cloning using HTTPS + runner token is not supported anymore, as mentioned here:
In 8.12 we improved build permissions. Being able to clone project using runners token it is no supported from now on (it was actually working by coincidence and was never a fully fledged feature, so we changed that in 8.12). You should use build token instead.
This is widely documented here - https://docs.gitlab.com/ce/user/project/new_ci_build_permissions_model.html.
–
–
–
–
Which will expand to something like:
git clone https://gitlab-ci-token:[MASKED]@gitlab.com/gitlab-examples/ci-debug-trace.git
Where the "token" password is ephemeral token (it will be automatically revoked after a build is complete).
–
In my case, I just provided the token instead the password (second input field).
I pushed a local repo for the first time from the command line.
From the scratch, these are the commands I entered (remember to move inside the repo's folder first).
$ git init
$ git status
$ git add .
$ git status
$ git commit -m 'Shinra Tensei.'
$ git push --set-upstream https://gitlab.com/userName/my-repo.git master
Then, the pop-up message you can see in the picture comes up. Provided USERNAME and TOKEN.
To make my future me happy: RTFM - don't use the gitlab-ci-token at all, but the .netrc file.
There are a couple of important points:
echo -e "machine gitlab.com\nlogin gitlab-ci-token\npassword ${CI_JOB_TOKEN}" > ~/.netrc
Don't forget to replace "gitlab.com" by your URL!
Don't try to be smart and create the .netrc file directly - gitlab will not replace the $CI_JOB_TOKEN within the file!
Use https://gitlab.com/whatever/foobar.com - not ssh://git@foobar, not git+ssh://, not git+https://. You also don't need any CI-TOKEN stuff in the URL.
Make sure you can git clone [url from step 4]
Background: I got
fatal: could not read Username for 'https://gitlab.mycompany.com': No such device or address
when I tried to make Ansible + Gitlab + Docker work as I imagine it. Now it works.
Add this on before script step
before_script:
- git config --global credential.helper store
- echo "https://gitlab-ci-token:${CI_JOB_TOKEN}@${CI_SERVER_HOST}" >> ~/.git-credentials
- chmod 600 ~/.git-credentials
Thanks
Customising the URL is not needed. Just use a git configuration for gitlab tokens such as
git config --global gitlab.accesstoken {TOKEN_VALUE}
extended description here
–
–
–
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
