I want to clone GitLab repository without prompt for my automation script, by using my private token from my GitLab account.
Can someone provide me a sample?
I know I can do so with user and password:
git clone https://" + user + ":" + password + "@" + gitlaburl;
and I know it is possible with ssh key
But, both options are insufficient.
This is how you do it:
git clone https://oauth2:[email protected]/vendor/package.git
oauth2 portion is probably arbitrary. I put the name of the access token instead.
ssh?
read_api and write_api permissions are not enough. You have to have api.The gitlab has a lot of tokens:
I tested only the Personal Access Token using GitLab Community Edition 10.1.2, the example:
git clone https://gitlab-ci-token:${Personal Access Tokens}@gitlab.com/username/myrepo.git
git clone https://oauth2:${Personal Access Tokens}@gitlab.com/username/myrepo.git
or using username and password:
git clone https://${username}:${password}@gitlab.com/username/myrepo.git
or by input your password:
git clone https://${username}@gitlab.com/username/myrepo.git
But the private token seems can not work.
gitlab-ci-token, oauth2 and x-access-token? all of these 3 work for me.
oauth2 and x-access-tokenUse the token instead of the password (the token needs to have "api" scope for clone to be allowed):
git clone https://username:[email protected]/user/repo.git
Tested against 11.0.0-ee.
You can do it like this:
git clone https://gitlab-ci-token:<private token>@git.example.com/myuser/myrepo.git
If you already has a repository and just changed the way you do authentication to MFA, u can change your remote origin HTTP URI to use your new api token as follows:
git remote set-url origin https://oauth2:TOKEN@ANY_GIT_PROVIDER_DOMAIN/YOUR_PROJECT/YOUR_REPO.git
And you wont need to re-clone the repository at all.
git clone https://oauth2:TOKEN@ANY_GIT_PROVIDER_DOMAIN/YOUR_PROJECT/YOUR_REPO.git also worked for me, thank you!! I will Answer this thread with my correct solution.You can use the runners token for CI/CD Pipelines of your GitLab repo.
git clone https://gitlab-ci-token:<runners token>@git.example.com/myuser/myrepo.git
Where <runners token> can be obtained from:
git.example.com/myuser/myrepo/pipelines/settings
or by clicking on the Settings icon -> CI/CD Pipeline and look for Runners Token on the page
Screenshot of the runners token location:
git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com/...Inside a GitLab CI pipeline the CI_JOB_TOKEN environment variable works for me:
git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com/...
Source: Gitlab Docs
BTW, setting this variable in .gitlab-ci.yml helps to debug errors.
variables:
CI_DEBUG_TRACE: "true"
Many answers above are close, but they get ~username syntax for deploy tokens incorrect. There are other types of tokens, but the deploy token is what gitlab offers (circa 2020+ at least) per repo to allow customized access, including read-only.
From a repository (or group), find the settings --> repository --> deploy tokens. Create a new one. A username and token field are created. The username is NOT a fixed value by default; it's unique to this token.
git clone https://<your_deploy_token_username>:<the_token>@gitlab.com/your/repo/path.git
Tested on gitlab.com public, free account.
One possible way is using a deploy token (https://docs.gitlab.com/ee/user/project/deploy_tokens). After creating the token, use:
git clone https://<username>:<deploy_token>@gitlab.example.com/tanuki/awesome_project.git
as mentioned in the link above.
As of 8.12, cloning using HTTPS + runner token is not supported anymore, as mentioned here:
In 8.12 we improved build permissions. Being able to clone project using runners token it is no supported from now on (it was actually working by coincidence and was never a fully fledged feature, so we changed that in 8.12). You should use build token instead.
This is widely documented here - https://docs.gitlab.com/ce/user/project/new_ci_build_permissions_model.html.
Using PAT (Personal Access Token):
https://pat:<your-token>@gitlab.com/<org>/<proj>
These days (Oct 2020) you can use just the following
git clone $CI_REPOSITORY_URL
Which will expand to something like:
git clone https://gitlab-ci-token:[MASKED]@gitlab.com/gitlab-examples/ci-debug-trace.git
Where the "token" password is ephemeral token (it will be automatically revoked after a build is complete).
To make my future me happy: RTFM - don't use the gitlab-ci-token at all, but the .netrc file.
There are a couple of important points:
echo -e "machine gitlab.com\nlogin gitlab-ci-token\npassword ${CI_JOB_TOKEN}" > ~/.netrc$CI_JOB_TOKEN within the file!https://gitlab.com/whatever/foobar.com - not ssh://git@foobar, not git+ssh://, not git+https://. You also don't need any CI-TOKEN stuff in the URL.git clone [url from step 4]Background: I got
fatal: could not read Username for 'https://gitlab.mycompany.com': No such device or address
when I tried to make Ansible + Gitlab + Docker work as I imagine it. Now it works.
In my case, I just provided the token instead the password (second input field).
I pushed a local repo for the first time from the command line.
From the scratch, these are the commands I entered (remember to move inside the repo's folder first).
$ git init
$ git status
$ git add .
$ git status
$ git commit -m 'Shinra Tensei.'
$ git push --set-upstream https://gitlab.com/userName/my-repo.git master
Then, the pop-up message you can see in the picture comes up. Provided USERNAME and TOKEN.
One issue I had here was the Project Access Token in private repo will not work if you select "Guest" when creating the token. Using "Reporter" or any other solves the issue.
I went SSH using the per project deploy keys setting (read only)
Most answers here work, however, I'd hesitate about having the Personal Access Token visible in my remote. Besides, the remote URL will likely need to be changed when the Personal Access Token expires. My solution is to create a custom credential helper in the local repository configuration as follows:
cd <REPOSITORY_DIRECTORY>
git config --local \
credential.helper \
'!f() { echo username=gitlab-ci-token; echo "password=$GITLAB_TOKEN"; };f'
This allows me to:
I have this configuration set to --local because I only need this for a single repository but you can change it to --global too. Hope this is useful for someone
you can change your:
user:oauth2
password : <youraccesstoken>
example:
git clone https://oauth2:<token>@hahahehe.com/yourname/yourproject.git
It may help: In your gitlab-ci file: Add this on before script step
before_script:
- git config --global credential.helper store
- echo "https://gitlab-ci-token:${CI_JOB_TOKEN}@${CI_SERVER_HOST}" >> ~/.git-credentials
- chmod 600 ~/.git-credentials
Thanks
Customising the URL is not needed. Just use a git configuration for gitlab tokens such as
git config --global gitlab.accesstoken {TOKEN_VALUE}
gitlab.accesstoken does not do anything and there is no documentation anywhere on GitLab referencing it
git clone https://<token-name>:<token>@gitlaburl