I want to clone GitLab repository without prompt for my automation script, by using my private token from my GitLab account.
Can someone provide me a sample?
I know I can do so with user and password:
git clone https://" + user + ":" + password + "@" + gitlaburl;
and I know it is possible with ssh key
But, both options are insufficient.
This question is related to
gitlab
The answer is
Use the token instead of the password (the token needs to have "api" scope for clone to be allowed):
git clone https://username:[email protected]/user/repo.git
Tested against 11.0.0-ee.
You can use the runners token for CI/CD Pipelines of your GitLab repo.
git clone https://gitlab-ci-token:<runners token>@git.example.com/myuser/myrepo.git
Where <runners token> can be obtained from:
git.example.com/myuser/myrepo/pipelines/settings
or by clicking on the Settings icon -> CI/CD Pipeline and look for Runners Token on the page
Screenshot of the runners token location:
You can do it like this:
git clone https://gitlab-ci-token:<private token>@git.example.com/myuser/myrepo.git
These days (Oct 2020) you can use just the following
git clone $CI_REPOSITORY_URL
Which will expand to something like:
git clone https://gitlab-ci-token:[MASKED]@gitlab.com/gitlab-examples/ci-debug-trace.git
Where the "token" password is ephemeral token, it should be revoked after a build is complete.
I went SSH using the per project deploy keys setting (read only)
As of 8.12, cloning using HTTPS + runner token is not supported anymore, as mentioned here:
In 8.12 we improved build permissions. Being able to clone project using runners token it is no supported from now on (it was actually working by coincidence and was never a fully fledged feature, so we changed that in 8.12). You should use build token instead.
This is widely documented here - https://docs.gitlab.com/ce/user/project/new_ci_build_permissions_model.html.
I know this is old but this is how you do it:
git clone https://oauth2:[email protected]/vendor/package.git
Customising the URL is not needed. Just use a git configuration for gitlab tokens such as
git config --global gitlab.accesstoken {TOKEN_VALUE}
many answers above are close, but they get ~username syntax for deploy tokens incorrect. There are other types of tokens, but the deploy token is what gitlab offers (circa 2020+ at least) per repo to allow customized access, including read-only.
from a repository (or group), find the settings --> repository --> deploy tokens. Create a new one. A username and token field are created. The username is NOT a fixed value by default; it's unique to this token.
git clone https://<your_deploy_token_username>:<the_token>@gitlab.com/your/repo/path.git
tested on gitlab.com public, free account.
Currently the only way I've found is with Deploy Tokens
The gitlab has a lot of tokens:
- Private token
- Personal Access Token
- CI/CD running token
I tested only the Personal Access Token using GitLab Community Edition 10.1.2, the example:
git clone https://gitlab-ci-token:${Personal Access Tokens}@gitlab.com/username/myrepo.git
git clone https://oauth2:${Personal Access Tokens}@gitlab.com/username/myrepo.git
or using username and password:
git clone https://${username}:${password}@gitlab.com/username/myrepo.git
or by input your password:
git clone https://${username}@gitlab.com/username/myrepo.git
But the private token seems can not work.
Inside a GitLab CI pipeline the CI_JOB_TOKEN environment variable works for me:
git clone https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com/...
Source: Gitlab Docs
BTW, setting this variable in .gitlab-ci.yml helps to debug errors.
variables:
CI_DEBUG_TRACE: "true"
To make my future me happy: RTFM - don't use the gitlab-ci-token at all, but the .netrc file.
There are a couple of important points:
echo -e "machine gitlab.com\nlogin gitlab-ci-token\npassword ${CI_JOB_TOKEN}" > ~/.netrc- Don't forget to replace "gitlab.com" by your URL!
- Don't try to be smart and create the .netrc file directly - gitlab will not replace the
$CI_JOB_TOKENwithin the file! - Use
https://gitlab.com/whatever/foobar.com- notssh://git@foobar, notgit+ssh://, notgit+https://. You also don't need any CI-TOKEN stuff in the URL. - Make sure you can
git clone [url from step 4]
Background: I got
fatal: could not read Username for 'https://gitlab.mycompany.com': No such device or address
when I tried to make Ansible + Gitlab + Docker work as I imagine it. Now it works.
One possible way is using a deploy token (https://docs.gitlab.com/ee/user/project/deploy_tokens). After creating the token, use:
git clone https://<username>:<deploy_token>@gitlab.example.com/tanuki/awesome_project.git
as mentioned in the link above.
If you already has a repository and just changed the way you do authentication to MFA, u can change your remote origin HTTP URI to use your new api token as follows:
git remote set-url origin https://oauth2:TOKEN@ANY_GIT_PROVIDER_DOMAIN/YOUR_PROJECT/YOUR_REPO.git
And you wont need to re-clone the repository at all.
Source: Stackoverflow.com